First understand the bitwise instructions. The technology used here can also be used to manipulate the control bits of hardware devices to implement communication protocols and encrypt data.
| operating | Description |
|---|---|
| AND | The source operand and the destination operand perform a logical AND operation |
| OR | The source operand and the destination operand perform a logical OR operation |
| XOR | The source operand and the destination operand perform a logical exclusive OR operation |
| NOT | Perform logical NOT operation on target operand |
| TEST | The source operand and the destination operand perform a logical AND operation, and set the CPU flag appropriately |
Boolean instructions affect the zero flag, carry flag, sign flag, overflow flag, and parity flag. Here is a brief review of the meaning of these flags:
- When the operation result is equal to 0, the zero flag is set to 1.
- When the operation causes the highest bit of the target operand to have a carry, the carry flag is set to 1.
- The sign flag bit is a copy of the high bit of the target operand. If the flag bit is set to 1, it means a negative number; the flag bit is cleared to 0, which means a positive number. (Assume 0 is positive.)
- When the result of the instruction exceeds the scope of the signed destination operand, the overflow flag bit is 1.
- The parity flag is set to 1 when the instruction causes an even number of 1s in the lower byte of the target operand.
The CMP (compare) instruction performs an implicit subtraction operation that subtracts the source operand from the destination operand, and does not modify any operands:
CMP destination,source
When the actual subtraction occurs, the CMP instruction modifies the overflow, sign, zero, carry, auxiliary carry, and parity flag according to the calculation result. ,
If two unsigned numbers are being compared, the relationship between the two operands represented by the zero flag and the carry flag is shown in the right table:
| CMP results | ZF | CF |
|---|---|---|
| Destination operand <source operand | 0 | 1 |
| Destination operand> source operand | 0 | 0 |
| Destination operand = source operand | 1 |
If two signed numbers are being compared, the relationship between the two operands represented by the sign flag, zero flag and overflow flag is shown in the right table:
| CMP results | Flag bit |
|---|---|
| Destination operand <source operand | SF ≠ OF |
| Destination operand> source operand | SF=OF |
| Destination operand = source operand | ZF=1 |
There are several ways to set and clear the zero flag, sign flag, carry flag, and overflow flag: (1) To set the zero flag to 1, perform a TEST or AND operation between the operand and 0; to perform a zero flag If the bit is cleared, the operand and 1 are ORed. The TEST instruction does not modify the destination operand, while the AND instruction modifies the destination operand. If the sign flag bit is 1, perform an OR operation on the highest bit of the operand and 1; if you want to clear the sign flag bit, perform an AND operation on the highest bit of the operand and 0. (2) If you want the carry flag bit to be 1, use the STC instruction; to clear the carry flag bit, use the CLC command. If you want the overflow flag bit to be 1, add two positive numbers to produce a negative sum; if you want to clear the overflow Flag bit, the operand and 0 are ORed.
When the status flag condition is true, the conditional jump instruction branches to the target label. Otherwise, when the condition of the flag bit is false, the instruction following the conditional jump is executed immediately. The syntax is as follows:
Jcond destination
cond refers to the flag condition that determines the state of one or more flag bits. The most common setting methods for CPU status flags are through arithmetic operations, comparisons, and Boolean operations instructions. The conditional jump instruction evaluates the status of the flag bits and uses them to determine whether a jump occurs. The following is an example based on the carry and zero flags:
| JC |
Carry jump (carry flag position 1) |
| JNC |
Jump without carry (clear the carry flag) |
| SW |
Jump to zero (zero flag position 1) |
| JNZ |
Non-zero jump (zero flag is cleared) |
The x86 instruction set contains a large number of conditional jump instructions. They can compare signed and unsigned integers and perform operations based on the value of a single CPU flag. Conditional jump instructions can be divided into four types:
- Jump based on the value of a specific flag
- Jump based on whether the two numbers are equal or equal to the value of (E)CX
- Comparison jump based on unsigned operand
- Comparison jump based on signed operand
The LOOPZ (jump to zero) instruction works the same as the LOOP instruction, except that there is an additional condition: the zero flag bit must be set to the destination label for zero control. The command syntax is as follows:
LOOPZ destination
The LOOPE (Equal Jump) instruction is equivalent to LOOPZ. They have the same opcode. These two instructions perform the following tasks:
ECX = ECX - 1
if ECX > 0 and ZF = 1, jump to destination
Otherwise, no jump occurs and control is passed to the next instruction. LOOPZ and LOOPE do not affect any status flags. In 32-bit mode, ECX is a loop counter; in 64-bit mode, RCX is a loop counter.
The LOOPNZ (Non-Zero Jump) instruction corresponds to LOOPZ. When the unsigned value in ECX is greater than zero (after minus 1 operation) and the zero flag is equal to zero, the loop continues. The command syntax is as follows:
LOOPNZ destination
The LOOPNE instruction is equivalent to LOOPNZ. They have the same opcode. These two instructions perform the following tasks:
ECX = ECX - 1
if ECX > 0 and ZF = 0, jump to destination
Otherwise, no jump occurs and control is passed to the next instruction.
Table-driven selection is a method of replacing multiple selection structures with look-up tables. Using this method, you need to create a new table, the table contains the query value and label or process offset, and then you must use a loop to retrieve this table. This method is most effective when there are a large number of comparison operations.
A finite state machine (FSM) is a machine or program that changes state based on input. It is quite simple to represent FSM with a graph. The rectangles (or circles) in the figure below are called nodes, and the line segments with arrows between nodes are called edges (or arcs). The figure above shows a simple example. Each node represents a program state, and each edge represents a transition from one state to another. A node is designated as the initial state, indicated by an input arrow in the figure. The remaining states can be marked with numbers or letters. One or more states can be designated as terminal states, represented by a thick rectangle. The termination state represents the end state of the program without errors. FSM is a special case of a more general structure called a directed graph.
The .IF, .ELSE, .ELSEIF, and .ENDIF pseudo-instructions make it easy for programmers to code multi-branch logic. They let the assembler generate CMP and conditional jump instructions in the background. ELSEIF and .ELSE are optional, while .IF and .ENDIF are required.
In addition to using CMP and conditional jump instructions, the .REPEAT and .WHILE pseudo-instructions also provide another way to write loops. The .REPEAT directive executes the body of the loop, and the .WHILE directive displays values from 1 to 10. Before the loop, the counter register (EAX) is initialized to 0. After that, the first statement in the loop adds 1 to EAX. When EAX is equal to 10, the .WHILE pseudo-instruction will branch out of the loop.