Chapter 3 Basic Instructions

3.1 Copying Data

mov Instructions
mov (move) instructions are really copy instructions, like simple assignment statements in a high-level language Format: mov destination, source
register or memory register, memory or immediate

Operand Restrictions
Operands must be same size Cant move from memory to memory
mov nbr1, nbr2 illegal if nbr1 and nbr2 reference doublewords in memory Instead use a register mov eax, nbr2 mov nbr1, eax

Can only move one byte, word or doubleword at a time

Effect on Flags
In general, an instruction may have one of three effects:
no flags are altered specific flags are given values depending on the results of the instruction some flags may be altered, but their settings cannot be predicted

No mov instruction changes any flag

Machine Code
Depends on operand type(s), with several different opcodes used for mov instructions Word-size and doubleword-size instructions use same opcodes, but wordsize instructions have 66 prefix byte Object and source code from listing file B0 9B mov al, 155 66| B8 009B mov ax, 155 B8 0000009B mov eax, 155

mod-reg-r/m Byte
Part of the object code for many instructions Used to encode specific registers Used to distinguish between instructions that share the same opcode Used to specify memory modes

mod-reg-r/m Fields
mod (mode), 2 bits reg (register), 3 bits r/m (register/memory), 3 bits Examples of encodings
mod = 00 and r/m = 101 combined always means direct memory addressing reg = 011 means the EBX register in a 32-bit instruction

xchg Instruction
Swaps the values referenced by its two operands
Cant have both operands in memory

Does not alter any flag

3.2 Integer Addition and Subtraction Instructions

add Instruction
Format: add destination, source The integer at source is added to the integer at destination and the sum replaces the old value at destination SF, ZF, OF, CF, PF and AF flags are set according to the value of the result of the operation
Example: CF = 1 if there is a carry out of the sum

Addition Example
Before EAX: 00000075 ECX: 000001A2 Instruction add eax, ecx After EAX: 00000217 ECX: 000001A2 SF=0 ZF=0 CF=0 OF=0

sub Instruction
Format: sub destination, source The integer at source is subtracted from the integer at destination and the difference replaces the old value at destination SF, ZF, OF, CF, PF and AF flags are set according to the value of the result of the operation
Example: ZF = 1 if the difference is zero

Subtraction Example
Before doubleword at Dbl: 00000100 Instruction sub Dbl, 2 After Dbl: 000000FE SF=0 ZF=0 CF=0 OF=0

Instruction Encoding
Opcode depends on operand types The mod-reg-r/m byte distinguishes
Between operand types Between add, sub and other operations for certain operand types

An small immediate operand is sometimes encoded as a byte even in a 32-bit instruction

Increment and Decrement Instructions

inc dec destination destination
Adds 1 to destination Subtracts 1 from destination

Each sets same flags as add or sub except for CF which isnt changed

neg Instruction
neg destination Negates (takes the 2's complement of) its operand
A positive value gives a negative result A negative value will become positive Zero remains 0

Affects same flags as add and sub

Programming in Assembly Language

Start with a design Plan register usage
Decide what registers will be used for what variables in the design There are only a few available registers

Plan memory usage

3.3 Multiplication Instructions

Multiplication Instruction Mnemonics

mul for unsigned multiplication
Operands treated as unsigned numbers

imul for signed multiplication

Operands treated as signed numbers and result is positive or negative depending on the signs of the operands

mul Instruction Format

mul source Single operand may be byte, word or doubleword in register or memory (not immediate) and specifies one factor Location of other factor is implied
AL for byte-size source AX for word source EAX for doubleword source

mul Instruction Operation

When a byte source is multiplied by the value in AL, the product is put in AX When a word source is multiplied by the value in AX, the product is put in DX:AX
The high-order 16 bits in DX and the loworder 16 bits in AX

When a doubleword source is multiplied by the value in EAX, the product is put in EDX:EAX

Double-Length Product
The double-length product ensures that the result will always fit in the destination location If significant bits of the product actually spill over into the high-order half (AH, DX or EDX), then CF and OF are both set to 1 If the high-order half is zero, then CF and OF are both cleared to 0

mul Instruction Example

Before EAX: 00000005 EBX: 00000002 EDX: ???????? Instruction mul ebx After EAX: 0000000A EBX: 00000002 EDX: 00000000 CF=OF=0

imul Instruction Formats

imul source imul register, source imul register, source, immediate

imul source
Similar to mul source except for signed operands CF=OF=0 if each bit in the high-order half is the same as the sign bit in the low-order half CF=OF=1 otherwise (the bits in the highorder half are significant)

imul Example 1
Before AX: ??05 byte at Factor: FF Instruction imul Factor After AX: FFFB CF=OF=0

imul register,source
Source operand can be in a register, in memory, or immediate Register contains other factor, and also specifies the destination Both operands must be word-size or doubleword-size, not byte-size Product must fit in destination register
CF and OF are cleared to 0 if result fits CF and OF are set to 1 if it doesnt fit

imul Example 2
Before EBX: 0000000A Instruction imul ebx, 10 After EBX: 00000064 CF=OF=0

imul register,source,immediate
The two factors are given by the immediate value and source (in register or memory) The first operand, a register, specifies the destination for the product Operands register and source are the same size, both 16-bit or both 32-bit (not 8-bit) If the product will fit in the destination register, then CF and OF are cleared to 0; if not, they are set to 1

imul Example 3
Before word at Value: 08F2 BX: ???? Instruction imul bx, Value, 1000 After BX: F150 CF=OF=1

3.4 Division Instructions

Division Instruction Formats

idiv source for signed operands div source for unsigned operands
source identifies the divisor
Byte, word or doubleword In memory or register, but not immediate

Implicit Dividend for div and idiv

Byte source divided into word in AX Word source divided into doubleword in DX:AX Doubleword source divided into quadword in EDX:EAX

Results of div and idiv

Byte-size divisor: quotient in AL and remainder in AH Word-size divisor: quotient in AX and remainder in DX Doubleword-size divisor: quotient in EAX and remainder in EDX dividend = quotient*divisor + remainder
For signed division remainder will have same sign as dividend

Flag Settings
Division instructions do not set flags to any meaningful values They may change previously set values of AF, CF, OF, PF, SF or ZF

Unsigned Division Example

Before EDX: 00 00 00 00 EAX: 00 00 00 64 EBX: 00 00 00 0D Instruction div ebx ; 100/13 After EDX: 00000009 EAX: 00000007
100 = 7 * 13 + 9

Signed Division Example

Before EDX: FF FF FF FF EAX: FF FF FF 9C ECX: 00 00 00 0D Instruction idiv ecx ; -100/13 After EDX: FFFFFFF7 100 = (7) * 13 + (9) EAX: FFFFFFF9

Errors in Division
Caused by
Dividing by 0, or Quotient too large to fit in destination

Triggers an exception
The interrupt handler routine that services this exception may vary from system to system When a division error occurs for a program running under Windbg, the program hangs

Preparing for Division

Dividend must be extended to double length Example
Copy a doubleword dividend to EAX Extend dividend to EDX:EAX
For unsigned division, use mov edx, 0 For signed division, use cdq instruction

Finally use div or idiv instruction

Convert Instructions
No operand cbw sign extends the byte in AL to the word in AX cwd sign extends the word in AX to the doubleword in DX:AX cdq sign extends the doubleword in EAX to the quadword in EDX:EAX