Assembly language
Download as PPT, PDF0 likes582 views
The document summarizes the general purpose registers on the x86 architecture. It describes the common uses of registers like EAX, EBX, ECX, EDX, ESI, EDI, and EBP. It also covers special purpose registers like EIP and flags. Additionally, it provides an overview of the stack and how it is used to store function parameters, local variables, and return addresses. Finally, it discusses some simple instructions for math, logic, jumping, strings, and manipulating the stack.
![Simple Instructions
• Pointers and Dereferencing
– eax -- is the value stored in eax
– [eax] -- is the value pointed to by eax
• Doing Nothing
– nop is short for "no operation" and it does nothing.
• Moving Data Around
– mov can move data between a register and memory, two registers, or a
constant to a register. movsx and movzx are special versions of mov
which are designed to be used between signed (movsx) and unsigned
(movzx) registers of different sizes.](https://image.slidesharecdn.com/assemblylanguage-180226103324/85/Assembly-language-7-320.jpg)
![Simple Instructions
• lea (load effective address)
– lea is very similar to mov, except that math can be done on the original
value before it is used. The "[" and "]" characters always surround the
second parameter, but in this case they do not indicate dereferencing.
– lea is generally used for calculating array offsets, since the address of
an element of the array can be found with [arraystart + offset*datasize].](https://image.slidesharecdn.com/assemblylanguage-180226103324/85/Assembly-language-8-320.jpg)
![String Instructions
• Scan String:
• Instruction: SCAS <String>
– SCAS(/B/W) compares a byte in AL or a word in AX with a byte or word
pointed to by DI in ES.
• load String:
• Instruction: LODS <String>
– This instruction copies a byte (word) of string from the location pointed to by
SI.
• Store String:
• Instruction: STOS <String>
– The STOS instruction copies a byte (word) from AL (AX) to a memory
location stored in [ES:DI].](https://image.slidesharecdn.com/assemblylanguage-180226103324/85/Assembly-language-21-320.jpg)
Assembly language
- 2. General purpose registers on the x86 architecture • eax is a 32-bit general-purpose register with two common uses: to store the return value of a function and as a special register for certain calculations. It is technically a volatile register, since the value isn't preserved. Instead, its value is set to the return value of a function before a function returns. eax is also used specifically in certain calculations, such as multiplication and division, as a special register. • ebx is a non-volatile general-purpose register. It has no specific uses, but is often set to a commonly used value (such as 0) throughout a function to speed up calculations. • ecx is a volatile general-purpose register that is occasionally used as a function parameter or as a loop counter. • edx is a volatile general-purpose register that is occasionally used as a function parameter. It is generally used for storing short-term variables within a function.
- 3. General purpose registers on the x86 architecture • esi is a non-volatile general-purpose register that is often used as a pointer. esi often stores data that is used throughout a function because it doesn't change. • edi is a non-volatile general-purpose register that is often used as a pointer. It is similar to esi, except that it is generally used as a destination for data. • ebp is a non-volatile general-purpose register that has two distinct uses depending on compile settings: it is either the base pointer or a general purpose register. • esp is a special register that stores a pointer to the top of the stack. The value of esp must be the same at the beginning and the end of each function.
- 5. Special Purpose Registers • eip, or the instruction pointer, is a special-purpose register which stores a pointer to the address of the instruction that is currently executing. • The flags register, where each bit has a specific meaning and they are used to store meta-information about the results of previous operations.
- 6. The Stack • The stack register, esp, is basically a register that points to an arbitrary location in memory called "the stack". The stack is just a really big section of memory where temporary data can be stored and retrieved. When a function is called, some stack space is allocated to the function, and when a function returns the stack should be in the same state it started in. • The stack always grows downwards, towards lower values. The esp register always points to the lowest value on the stack. Anything below esp is considered free memory that can be overwritten. • The stack stores function parameters, local variables, and the return address of every function.
- 7. Simple Instructions • Pointers and Dereferencing – eax -- is the value stored in eax – [eax] -- is the value pointed to by eax • Doing Nothing – nop is short for "no operation" and it does nothing. • Moving Data Around – mov can move data between a register and memory, two registers, or a constant to a register. movsx and movzx are special versions of mov which are designed to be used between signed (movsx) and unsigned (movzx) registers of different sizes.
- 8. Simple Instructions • lea (load effective address) – lea is very similar to mov, except that math can be done on the original value before it is used. The "[" and "]" characters always surround the second parameter, but in this case they do not indicate dereferencing. – lea is generally used for calculating array offsets, since the address of an element of the array can be found with [arraystart + offset*datasize].
- 9. Simple Instructions: Math and Logic • add, sub: – A register can have either another register, a constant value, or a pointer added to or subtracted from it. • inc, dec: – These instructions simply increment and decrement a register.
- 10. Simple Instructions: Math and Logic • and, or, xor, neg: – All logical instructions are bitwise. – Bitwise operation: Each bit in the two operands has the operation done between them, and the result is stored in the first one.
- 11. Simple Instructions: Math and Logic • mul, imul, div, idiv: – Both multiplication and division make use of the 64-bit register edx:eax. • div divides the 64-bit value in edx:eax by the operand, and stores the quotient in eax. The remainder (modulus) is stored in edx. div does both division and modular division, at the same time.
- 12. Simple Instructions: Math and Logic • cdq: – cdq is generally used immediately before idiv. It stands for "convert double to quad." In other words, convert the 32-bit value in eax to the 64-bit value in edx:eax.
- 13. Simple Instructions: Math and Logic • shl, shr, sal, sar: shl - shift left, shr - shift right, sal - shift arithmetic left, sar - shift arithmetic right. – These are used to do a binary shift, equivalent to the C operations << and >>. They each take two operations: the register to use, and the number of places to shift the value in the register.
- 14. Jumping Around • jmp: – jmp, or jump, sends the program execution to the specified address no matter what. • call, ret: – call is similar to jump, except that in addition to sending the program to the specified address, it also saves ("pushes") the address of the executable instruction onto the stack. – ret removes ("pops") the first value off of the stack, and jumps to it. In almost all cases, this value was placed onto the stack by the call instruction. If the stack pointer is at the wrong location, or the saved address was overwritten, ret attempts to jump to an invalid address which usually crashes the program.
- 15. Jumping Around – ret can also have a parameter. This parameter is added to the stack immediately after ret executes its jump. – The combination of call and ret are used to implement functions.
- 16. Jumping Around • cmp, test: – cmp, or compare, compares two operands and sets or unsets flags in the flags register based on the result. – Specialized jump commands can check these flags to jump on certain conditions. – test is very similar to cmp, except that it performs a bitwise 'and' operation between the two operands. test is most commonly used to compare a variable to itself to check if it's zero. • jz/je, jnz/jne, jl/jb, jg, jle, jge: – jz and je (which are synonyms) will jump to the address specified if and only if the 'zero' flag is set, which indicates that the two values were equal. In other words, "jump if equal". – jnz and jne (which are also synonyms) will jump to the address specified if and only if the 'zero' flag is not set, which indicates that the two values were not equal. In other words, "jump if different". – jl and jb (which are synonyms) jumps if the first parameter is less than the second. – jg jumps if the first parameter is greater than the second. – jle jumps if the 'less than' or the 'zero' flag is set, so "less than or equal to". – jge jumps if the first is "greater than or equal to" the second.
- 18. Manipulating the Stack • push, pop: – push decrements the stack pointer by the size of the operand, then saves the operand to the new address. – pop sets the operand to the value on the stack, then increments the stack pointer by the size of the operand.
- 19. String Instructions • String - a byte or word array: – Operations that can be performed with string instructions: • copy a string into another string • search a string for a particular byte or word • store characters in a string • compare strings of characters alphanumerically • Direction Flag (DF): • one of 8086 processor control flags. • controls the direction of string operations: • DF = 0 => forward (left to right) processing • DF = 1 => backward (right to left) processing • CLD - clears the DF; sets DF = 0 • STD - sets DF = 1
- 20. String Instructions • Moving (Copying) Strings: • Instruction: MOVS( /B/W/D) dest, src – MOVSB - copies contents of BYTE given by DS:SI into ES:DI – MOVSW - copies contents of WORD given by DS:SI into ES:DI – MOVSD - copies contenst of DOUBLE WORD given by DS:SI into ES:DI • Comparing Strings: • Instruction: CMPS src, dest – The CMPSB(W) instruction can be used to compare a byte(word) in one string (DS:offset in SI) with a byte (word) in another string (ES:offset in DI).
- 21. String Instructions • Scan String: • Instruction: SCAS <String> – SCAS(/B/W) compares a byte in AL or a word in AX with a byte or word pointed to by DI in ES. • load String: • Instruction: LODS <String> – This instruction copies a byte (word) of string from the location pointed to by SI. • Store String: • Instruction: STOS <String> – The STOS instruction copies a byte (word) from AL (AX) to a memory location stored in [ES:DI].
- 22. Repetition Prefixes • REP: – REP is a prefix written before one of the string instructions. It is used for repeating an instruction count number of times, where count is stored in the CX register. After every operation the CX register is decremented and the zero flag is tested; the process continues till CX = 0. • REP/REPE/REPNE/REPZ/REPNZ: The REP prefix also has the following variations: – REP: It is the unconditional repeat. It repeats the operation until CX is zero. – REPE or REPZ: It is conditional repeat. It repeats the operation while the zero flag indicates equal/zero. It stops when the ZF indicates not equal/zero or when CX is zero. – REPNE or REPNZ: It is also conditional repeat. It repeats the operation while the zero flag indicates not equal/zero. It stops when the ZF indicates equal/zero or when CX is decremented to zero.
- 23. DOS Interrupts • Input a character: – MOV AH, 01h – INT 21h • Input a string: – MOV DX, Buffer – MOV AH, 0Ah – INT 21h Load the desired character into DL & DX, then call the interrupt with function code in AH. • Output a character: – MOV DL, ... – MOV AH, 02h – INT 21h • Output a string: – MOV DX, ... – MOV AH, 09h – INT 21h
- 24. Thank You