190 likes | 337 Views
Practical Session 2. A flag is a single bit of information whose meaning is independent from any other bit. Flags Register (Status Register). Each flag has a two-letter symbol. CF - Carry Flag
E N D
A flagis a single bit of information whose meaning is independent from any other bit Flags Register (Status Register) • Each flag has a two-letter symbol
CF - Carry Flag • If the result of an arithmetic or shift operation "carries out" a bit from the operand, CF becomes set11111111 + 00000001 = 100000000 CF = 1 • The carry (borrow) flag is also set if the subtraction of two numbers requires a borrow into MSB subtracted00000000 - 00000001 = 11111111 CF = 1 • In unsigned arithmetic, watch the carry flag to detect errors. • In signed arithmetic, the carry flag tells you nothing interesting. • 00000000 - 00000001 = 11111111 • unsigned arithmetic => 11111111 = 255 (decimal) => got the wrong answer • signed arithmetic => 11111111 = -1 (decimal) => got right answer, do not care about value of CF
OF – Overflow Flag • If the sum of two numbers with the sign bits off yields a result number with the sign bit on, the "overflow" flag is turned on. 0100 + 0100 = 1000 OF = 1 • If the sum of two numbers with the sign bits on yields a result number with the sign bit off, the "overflow" flag is turned on. 1000 + 1000 = 0000 OF = 1 • Otherwise, the overflow flag is turned off. 0100 + 0001 = 0101 OF = 0 • 0110 + 1001 = 1111 OF = 0 • 1000 + 0001 = 1001 OF = 0 • 1100 + 1100 = 1000 OF = 0 • In signed arithmetic, overflow flag on means the answer is wrong - you added two positive numbers and got a negative, or you added two negative numbers and got a positive. • In unsigned arithmetic, the overflow flag tells you nothing interesting.
ZF, SF, PF, and AF Flags • ZF – Zero Flag - set if result is zero; cleared otherwise • add 0, 0 ZF = 1 • SF – Sign Flag becomes set when the result of an operation is negative (i.e. MSB of the result is 1) • all arithmetic operations except multiplication and division • compare instructions - CMP • logical instructions - XOR, AND, OR • TEST instructions (equivalent to AND instructions without storing the result) • sub00000000, 00000001 11111111 SF = 1 • PF – Parity Flag - set if low-order eight bits of result contain an even number of "1" bits; cleared otherwiseadd 11010, 1 (result is 11011 4 bits are ‘1’ PF = 1) • add 11000, 1 (result is 11001 3 bits are ‘1’ PF = 0) • AF–Auxiliary Carry Flag (or Adjust Flag) is set if there is a carry from low nibble (4 bits) to high nibble or a borrow from a high nibble to low nibble • 1111 + 0001 = 10000 AF = 1 first nibble second nibble
Sections • Every process consists of sections that are accessible to the process when it is running • Each sections holds the bulk of object file information Data .bss - holds uninitialized data; occupies no file space .data and .data1 - hold initialized data .rodata and .rodata1 - hold read-only data Text .text - holds the ‘‘text’’ (executable instructions) of a program Stack - is used for local variables, information that is saved each time a function is called Heap - contains the dynamically allocated memory Example int a,b,c = 1; ----> .data char *str; ----> .bss const int i = 10; ----> .rodata main() { int ii,a=1,b=2,c; ----> local variables on Stack char * ptr = malloc(4); ----> allocated memory in Heap c= a+b+i; ----> .text }
Memory layout for Linux USER Space Virtual Addresses • program(.exe file) creates its own memory space in the RAM process • 4GB of virtual address space on 32-bit architecture • 3GB is accessible to the user space • 1GB is accessible to the kernel space (kernel code, data, heap and stack) .bss .data loaded from .exe file Read-only Data Segment .text .rodata
Examples: 1. buffer: resb 64 ; reserve 64 bytes 2. wordVar: resw 1 ; reserve a word 3. realArray: resq 10 ; array of ten real numbers Note: you can not make any assumption about values of a storage space cells. Pseudo-instructionsRESB, RESW, RESD, RESQ and rest:declaring uninitialized storage space
Pseudo-instructionsTIMES:Repeating Instructions or Data • TIMES prefix causes the instruction to be assembled multiple times zeroBuf: times 64 db 0 ; 64 bytes initialized to 0 • TIMES can be applied to ordinary instructions, so you can code trivial loopsmov EAX, 0times 100 inc EAX ; EAX =100 => loop • the argument to TIMES is not just a numeric constant, but a numeric expression buffer: db ‘go’ times 64-$+buffer db ‘!’ ; (64 - $ + buffer = 64 – 35 + 33 = 64 – 2 = 62) RAM buffer + 64 $ (current position in section) buffer $$ (start of the current section) - start of section .data
Pseudo-instructionsEQU: defining constants • EQU defines a symbol to a given constant value • when EQU is used, the source line must contain a label • this definition cannot changed later. Example: Foo: EQU 1 ; Foo = 1
Byte Order - Little Endian • If the hardware is built so that the lowest, least significant byte of a multi-byte scalar is stored "first", at the lowest memory address, then the hardware is said to be "little-endian. • numeric into memory reversed order • dd 0x12345678 ; 0x78 0x56 0x34 0x12 • numeric into register source ordermov EAX, 0x12345678 ; 0x12 0x34 0x56 0x78 • characters into memory source order • dw ‘ab’ ; 0x61 0x62 • dw ‘abc’ ; 0x61 0x62 0x63 0x00 • characters into register reversed order • mov eax, ‘abc’ ; 0x00 0x63 0x62 0x61 • register into memory reversed order • mov [buffer], eax ; 0x61 0x62 0x63 0x00 • memory into register reversed order • mov eax, [buffer] ; 0x00 0x63 0x62 0x61
Effective Addresses • Effective address is any operand to an instruction which references memory. • Effective address syntax: consists of an expression evaluating to the desired address, enclosed in square brackets. Example wordvar: dw 0x5A, 0x39 ; a request for two words 0x005A and 0x0039 mov ax, [wordvar] ; ax = 0x005A (in little-endian format) mov ax, [wordvar+1] ; ax = 0x3900 In memory we get the following: [wordvar] [wordvar+1] [wordvar+2] [wordvar+3]
Advanced Instructions MUL r/m - unsigned integer multiplication IMUL r/m - signed integer multiplication MUL r/m8 mov bl,5 ; multipliermov al,9 ; multiplicandmul bl ; => ax = 2Dh MUL r/m16 mov bx, 8000h mov ax, 2000h mul bx ; => dx:ax = 1000:0000h MUL r/m32 mov ebx, 80008000h mov eax, 20002000h mul ebx ; => edx:eax = 10002000:10000000h
Advanced Instructions SHL, SHR – Bitwise Logical Shifts on the first operand • number of bits to shift by is given by the second operand • vacated bits are filled with zero • shifted bit enters the Carry Flag SHL r/m8/m16/m32 1/CL/imm8 SHR r/m8/m16/m32 1/CL/imm8 Example: mov CL , 3 mov AL ,10110111b ; AL = 10110111 shr AL, 1 ; shift right 1 AL = 01011011, CF = 1 shr AL, CL ; shift right 3 AL = 00001011, CF = 0 Note: that shift indeed performs division/multiplication by 2
Advanced Instructions SAL, SAR – Bitwise Arithmetic Shifts on the first operand • vacated bits are filled with zero for SAL • vacated bits are filledwith copies of the original high bit of the source operand for SAR SAL r/m8/m16/m32 1/CL/imm8 SAR r/m8/m16/m32 1/CL/imm8 Example: mov CL , 3 mov AL ,10110111b ; AL = 10110111 sar AL, 1 ; shift right 1 AL = 11011011 sar AL, CL ; shift right 3 AL = 11111011
Advanced Instructions ROL, ROR – Bitwise Rotate (i.e. moves round) on the first operand ROL r/m8/m16/m32 1/CL/imm8 ROR r/m8/m16/m32 1/CL/imm8 Example: mov CL, 3 mov BH ,10110111b ; BH = 10110111 rol BH, 01 ; rotate left 1 bit BH = 01101111 rol BH, CL ; rotate left 3 bits BH = 01111011
Advanced Instructions RCL, RCR – Bitwise Rotate through Carry Bit on the first operand and Carry Flag RCL r/m8/m16/m32 1/CL/imm8 RCR r/m8/m16/m32 1/CL/imm8 Example: mov BH ,10110111b ; BH = 10110111 , CF = 0 rcl BH, 01 ; rotate left 1 bit BH = 01101110 , CF = 1
Advanced Instructions LOOP, LOOPE, LOOPZ, LOOPNE, LOOPNZ – loop with counter (CX or ECX*) Example:mov ax, 1 mov cx, 3 my_ loop: add ax, ax loop my_ loop, cx 1. decrements its counter register (in this case it is CX register) 2. if the counter does not become zero as a result of this operation, it jumps to the given label LOOPE ≡ LOOPZ: jumps if the counter is nonzero andZero Flag = 1 LOOPNE ≡ LOOPNZ: jumps if the counter is nonzero and Zero Flag = 0 Note: if a counter is not specified explicitly, the BITS** setting dictates which is used.** The BITS directive specifies whether NASM should generate code designed to run on a processor operating in 16-bit mode, or code designed to run on a processor operating in 32-bit mode. The syntax is BITS 16 or BITS 32.