第三章 80x86 的指令系统和寻址方式

[ []]IBM PC

3.1 80X86:: I/O

12 CPU I/O

8086 MOV d,s1d2ssd

MOV AX , 3069H MOV AL , BH MOV AX , [ 2000H ] MOV AX , [ BX ] MOV AX , COUNT [ SI ] MOV AX , [ BP ] [ DI ] MOV AX , MASK [ BX ] [ SI ]

3.1.11 Immediate Addressing816386832 3.1 MOV AL5 (AX)=05H3.2 MOV AX,3064H (AX)=3064H3.3 MOV EAX12345678H (EAX)=12345678H

2.Register Addressing CPU16AXBXCXDXSIDISPBP8ALAHBLBHCLCHDLDH3.4(a) MOV AXBX (AX)=3064H,(BX)=1234H; (AX)=1234H(BX)3.4(b) MOV ECX,EDX (ECX)=01237541H, (EDX)=12345678H; (ECX)=12345678H,(EDX)

1.2.:3.EA: (EA)4.: (displacement)81632 (index): (index)

(scale factor)3861248248 EA=+*+ 5.:

8086/80286168038632163.1

3.1 16/323.2

163208160832BXBP32ESPSIDIESP321248

CS SSESPEBP DS ES

3Direct AddressingEA=16d (DS)+EA1) 2)

3.5 MOV AX,[2000H] (DS)=3000H(AX)=3050H 3.3 MOV AX,VALUE VALUE MOV AX[VALUE]VALUE: (ES) MOV AXES VALUE MOV AXES [VALUE]

OP

00

20

. . .

50

30

AX

30000

32000

3.6 MOV EAXDATA DATA3232

MOV BXDS[1000H] MOV BXES[1000H]MOV BXVAR MOV BXDSVARMOV DA_BYTE0FH MOV DS:DA_BYTE0FHMOV CLDA+3 MOV CLDSDA+31MOV CLESDA+3 2MOV CXDA+3

MOV BXDS[1000H]

MOV BXES[1000H] ES1000HFFH00H00000HFFFFFH00FFHBX

MOV BXVARDS34H12H00000HFFFFFHVAR1234HBX

MOV DA_BYTE0FHDS0FH00000HFFFFFHDA_BYTE0FH

MOV CLDA+3DS0FH00000HFFFFFHDA0FHCLDA+3

1MOV CLESDA+3ES2FH00000HFFFFFHDA2FHCLDA+3

2MOV CXDA+3DS0FH00000HFFFFFHDA120FHCXDA+312H

3.1.1.4( Register Indirect Addressing) EABXBPSIDIBXSIDIDS=16d*(DS)+(BX) =16d*(DS)+(SI) =16d*(DS)+(DI)

3.7 MOV AX[BX] (DS)=2000H, (BX)=1000H, =20000+1000=21000H (AX)=50A0H MOV AX ES[BX]

3.8 MOV ECX[EDX] EDX32ECX

MOV CH[SI] MOV CHDS[SI] MOV CX[BP] MOV CXSS[BP]3.2BPESPEBPSS

MOV CH[SI]DS=SI0FH00000HFFFFFH0FHCH

MOV CX[BP] SS=BP11H00000HFFFFFH0AF11HCXAFH

3.1.1.5(register relative addressing)816

BXSIDIDSBPSS =16d*(DS)+(BX/SI/DI)+8/16 = 16d*(SS)+(BP)+8/16

3.9 MOV AX COUNT[SI] MOV AX[COUNT+SI] COUNT16 (DS)=3000H , (SI)=2000H, COUNT=3000H =30000+2000+3000=35000H (35000H)=1234H(AX)=1234HCOUNTMOV DL, ES:STRING[SI]:MOV AX10H[SI] MOV TABLE[DI]12H MOV TAB1[BP]CL

MOV AX10H[SI] DSEA=SI+10H11H00000HFFFFFH0AF11HAXAFH

MOV TABLE[DI]12H DSEA=TABLE+(DI)12H00000HFFFFFHTABLE12H(DI)

MOV TAB1[BP]CLSSEA=TAB1+BP62H00000HFFFFFHTAB162HCLBP

ARYMOV AHARY[SI]ARYMOVAXARY[SI]

ARYMOV AHARY[SI]DSARY[0]00000HFFFFFHARYARY[1]ARY[2]ARY[3]3HSIEA=ARY+SIA

ARYMOV AXARY[SI]DSARY[0]00000HFFFFFHARYARY[0]ARY[0]ARY[1]ARY[0]ARY[2]4HSIEA=ARY+SIAX

3.1.1.6 Based Indexed AddressingEABXBPSIDIBXDSBPSS =16d*(DS)+(BX)+(SI/DI) =16d*(SS)+(BP)+(SI/DI)

3.10 MOV AX[BX][DI] MOV AX[BX+DI] (DS)=2100H, (BX)=0158H, (DI)=10A5H EA=0158+10A5=11FDH =21000+11FD=221FDH (221FDH)=1234H(AX)=1234H32 MOV EDX[EBX][ESI] MOV AXES[BX][SI]

3.1.1.7Relative Based Indexed AddressingEABXBPSIDIBXDSBPSS =16d*(DS)+(BX)+(SI/DI)+8/16 =16d*(SS)+(BP)+(SI/DI)+8/16

3.11 MOV AXMASK[BX][SI]MOV AXMASK[BX+SI]MOV AX[MASK+BX+SI] (DS)=3000H,(BX)=2000H,(SI)=1000H,MASK=0250H=16d*(DS)+(BX)+(SI)+MASK =30000+2000+1000+0250 =33250H (33250H)=1234H(AX)=1234H32 MOV EAXARRAY[EBX][ECX](BP). MOV AX200H[BX][SI]. MOV TABLE[BX][DI]0FFH. MOV AXARRAY[BP][SI]. MOV TAB1[BP][DI]DL

MOV AX200H[BX][SI] DSEA=BX+SI+200H11H00000HFFFFFH0AF11HAXAFH

MOV TABLE[BX][DI]0FFHDSEA=TABLE+ (BX)+(DI)FFH00000HFFFFFHTABLEFFH(BX)+(DI)

. MOV AXARRAY[BP][SI]SSEA=ARRAY+(BP)+(SI)11H00000HFFFFFH0AF11HAXAFHARRAY(BP)+(SI)

.MOV TAB1[BP][DI]DLSSEA=TAB1+(BP)+(DI)62H00000HFFFFFHTAB162HDL(BP)+(DI)

ARRAY1010ARRAY0ARRAY00ARRAY09101 ARRAY10ARRAY1910.ARRAYijMOVALARRAY[BP][SI]ARRAYmn ARRAYijMOVALARRAY[BP][SI]

SIDIBPBXEA20BPBXDISI0000CS0000DS0000SS0000ES+++

OROROROROROROROREUBIU

80x868.(scaled indexed addressing)EA=() + 2483.12MOV EAX, COUNT [ ESI 4 ]COUNT3EAXESI344

9.(based scaled indexed addressing) EA= () + () 3.13 MOV ECX[EAX][EDX*8]10.(relative based scaled indexed addressing) EA= () + () + 2483.14 MOV EAXTABLE[EBP][EDI*4]

3.1.2CALL3.1.2.1(intrasegment direct addressing)IP816IPIP88 JMP NEAR PTR PROGIA JMP SHORT QUESTPROGIAQUEST16NEAR PTR8SHORT

3.1.2.2(intrasegment indirect addressing)IP8JMPCALL JMP BX JMP WORD PTR[BP+TABLE] WORD PTRIP =16d*(CS)+EA EA

(DS)=2000H, (BX)=1256H, (SI)=528FH, =20A1H (232F7H)=3280H, (264E5H)=2450H 3.15 JMP BX (IP)=1256H3.16 JMP TABLE[BX] (IP)=(16d*(DS)+(BX)+) =(20000+1256+20A1) =(232F7) =3280H3.17 JMP [BX][SI] (IP)=(16d*(DS)+(BX)+(SI)) =(20000+1256+528F) =(264E5) =2450H

3.1.2.3IPCS JMP FAR PTR NEXTROUTINT NEXTROUTINT FAR PTR

3.1.2.4IPCS JMP DWORD PTR[INTERS+BX][INTERS+BX]DWORD PTR

IBM PC 1.IBM PC 1~7

1OP 83

OPdw

2dBit11) d=1REGMODR/M2) d=0MODR/MREG3W/Bit0 1) W=1. 2) W=0S 816S1SW=0016SW=01816SW=11

2.IBM PC

regregW1Modr/mMod=11r/m2

modregr/m

1 reg

Sheet1

REGW=0W=1

0ALAX

1CLCX

10DLDX

11BLBX

100AHSP

101CHBP

110DHSI

111BHDI

Sheet2

Sheet3

Sheet1

2

R/M MOD

EAw=0w=1

00011011

000 DS(BX)+(SI)(BX)+(SI)+disp8(BX)+(SI)+disp16ALAX

001 DS(BX)+(DI)(BX)+(DI)+disp8(BX)+(DI)+disp16CLCX

010 SS(BP)+(SI)(BP)+(SI)+disp8(BP)+(SI)+disp16DLDX

011 SS(BP)+(DI)(BP)+(DI)+disp8(BP)+(DI)+disp16BLBX

100 DS(SI)(SI)+disp8(SI)+disp16AHSP

101 DS(DI)(DI)+disp8(DI)+disp16CHBP

110disp16 DS(BP)+disp8 SS(BP)+disp16 SSDHSI

111 DS(BX)(BX)+disp8(BX)+disp16BHDI

Sheet2

Sheet3

2Mod=00r/m=11016D16Mod=01

D8816

01 Reg r/m

D8

Mod=10

D16162

001110SEG3.3

01 Reg r/m

D16

D16

001SEG110

3 SEG

SEG00ES01CS10SS11DS

IBM PC1PUSHCALLSPSS2SIDSDIESSIDIES

3.ADD DESTSRCOFSFZFAF PFCFDESTDEST+SRCADD mem/reg1,mem/reg2mem/reg1mem/reg2816

A)B)C)

000000W=0w=1D=0modr/mmem/reg1regmem/reg2d=1modr/mmem/reg2,regmem/reg1,

0 0 0 0 0 0 d w

mod reg r/m

2. ADD mem/reg,data

100000000W=0w=1w=0Sw=1S=016S=1816

1 0 0 0 0 0 s w

mod 0 0 0 r/m

3. ADD ac,dataALW=0AXW=1ALAX

000001S0W=0ALW=1AXW=1data

0 0 0 0 0 1 0 w

ADD CL,BH

: (CL)=29H, (BH)=4DH,CL=76HBH

REGRegCLR/mBH

ADD BHCL

CL=29HBH=4DHBH=76HCLRegRegBHR/mCL

ADD DISP[BX][DI]DX

BX=0892HDI=59A3HDS=2000HDX=04EDH2857A=0029H =20000+0892+59A3+2345 =2857AH2857AH=0029+04ED=0516HDXRegRegDXEA=BX+DI+D16

ADD DISP[BX][DI]-105D

2857A=0029H0FF97H2857A=0029+0FF97=0FFC0HEA=(BX)+(DI)+D16

ADD AX0123H

AX=4567HAX=4567+0123=468AH23

16R/mAX16

3.2 80X86161~73214

3.3 80X8680X866

3.3.11.

MOVMOVSXMOVZXPUSHPOPPUSHA/PUSHADPOPA/POPADXCHG

(1) Mov MOV MOV DESTSRC 1MOV 2 3 4 5

MOV71) MOV mem/reg1,mem/reg2 2)MOV reg,data 3)MOV ac, mem4)MOV mem,ac5)MOV segreg,mem/reg CS6)MOV mem/reg,segreg7)MOV mem/reg,data mem: regi:reg:data: ac: segreg:

MOVMOVAL1FHMOVAX2345HMOV DA_BYTE0FEH MOV ARY[BX]1234HMOV AHBLMOVDSAXMOV CLDA_BYTE MOVTAB[BX][DI]AX

3.20 MOV AX, DATA_SEG MOV DS, AXAXDS3.21 MOV AL, E EASCIIAL3.22 MOV BX, OFFSET TABLE TABLEBXOFFSET3.23 MOV AX, Y[BP][SI] BP+SI+YAX3.24 MOV EAX, [EBX+ECX*4]38632DSEBX+ECX*432EAX

1DA_WORD1DA_WORD2MOV AX DA_WORD1MOV DA_WORD2 AX

2ESDSMOV AX ESMOV DS AX

310A0HDSESMOV AX 10A0H MOV DS AXMOV ES AX

MOV AX BH MOV 1234HAX MOV DATA1DATA2MOV DS1234H MOV DSES MOV CSAX 5CSMOV CSDATA2

(2)MOVSX386 MOVSX DST, SRC (DST) (SRC) MOVSX reg1,reg2 MOVSX reg,mem8161632816321632MOVSX3.25 MOVSX EAXCL CL832EAX3.26 MOVSX EDX,[EDI] DSEDI1632EDX

(3)MOVZX386 MOVZX DST, SRC (DST) (SRC) MOVSX reg1,reg2 MOVSX reg,memMOVSXMOVSXMOVZXMOVSXMOVZX3.27 MOVZX DXAL AL816DX3.28 MOVZX EAXDATA DATA1632EAX

(4)PUSH PUSH SRC 16 (SP) (SP) 2 ((SP)+1, (SP)) (SRC) 32 (ESP) (ESP) 4 ((ESP)+3, (ESP)+2 ,(ESP)+1,(ESP))(SRC)(5)POP POP DST 16(DST) ( (SP)+1, (SP) ) (SP) (SP) + 2 32(DST) ((ESP)+3,(ESP)+2 ,(ESP)+1,(ESP)) (ESP) (ESP) + 4SS SPSP

PUSH PUSH reg PUSH mem PUSH data PUSH segregPOP POP reg POP mem POP segreg: * * * 8086 PUSH 1234H * DSTCS POP CS

3.29 (AX) = 2107 H , PUSH AX(SP) (SP) 2 ((SP)+1, (SP)) (SRC)

3.30 POP BX(DST) ((SP)+1, (SP)) (SP) (SP) 2

PUSH DS SUB AX, AX PUSH AX RET PUSH AX PUSH BX PUSH CX ;AXBXCX POP CX ; POP BX POP AX

(6)PUSHA/PUSHAD (7)POPA/POPAD P51(8)XCHG XCHG OPR1, OPR2 (OPR1) (OPR2) 1OPR 2 3386 4 5

3.34XCHG BX, [BP+SI] (BX)=6F30H,(BP)=0200H,(SI)=0046H, (SS)=2F00H,(2F246H)=4154H OPR2=2F000+0200+0046=2F246 : (BX)=4154H (2F246H)=6F30H3.35 XCHG EAXEBX EAXEBX

2. IN(input) OUT(output) XLAT(translate) EAXAXAL(1)IN IN I/O CPU IN AL, PORT IN AX, PORT IN EAX,PORT (AL) ( PORT ) (AX) ( PORT+1, PORT ) (EAX)(PORT+3,PORT+2,PORT+1,PORT ) IN AL, DX IN AX, DX IN EAX, DX (AL) ( (DX) ) (AX) ( (DX)+1, (DX) ) (EAX) ((DX)+3,(DX)+2,(DX)+1,(DX) )

(2)OUT OUT CPU I/O OUT PORT, AL OUT PORT, AX OUT PORT, EAX ( PORT ) (AL) ( PORT+1, PORT ) (AX) (PORT+3, PORT+2, PORT+1, PORT )(AX) OUT DX, AL OUT DX, AX OUT DX, EAX ((DX)) (AL) ((DX)+1,(DX)) (AX) ((DX)+3,(DX)+2,(DX)+1,(DX))(AX)

180X86I/OCPUINOUTINI/OCPUOUTCPUI/O2CPUALAXEAX365536I/O0000~FFFFH256(0~FFH)PORT22564 256DXIN OUT5DXDX6)87

3.36 IN AX, 28H MOV DATA_WORD, AX 28AXDATA_WORD

3.37MOV DX, 3FCH IN EAX, DX 03FCHEAX

3.38OUT 5, AL AL5

(3)XLAT XLAT XLAT OPR 16(AL) ( (BX) + (AL) ) 32(AL) ( (EBX) + (AL) )1ASCII0~972BXEBXALAL3BXEBX45AL8256

MOV BX, OFFSET TABLE; (BX)=0040H MOV AL, 3 XLAT TABLE (AL)=33HAL1632(AL)=33H,AL333HTABLE()BXOFFSET

3.

LEALDSDSLESESLFSFSLGSGSLSSSS

(1)LEA LEA REG, SRC (REG) SRC16323.43.4 LEA

1616161616323216163216163232323232

3.40 LEA BX[BX+SI+0F62H] (BX)=0400H, (SI)=003CH, (BX)=0400+003C+0F62=139EH.BX MOV BX[BX+SI+0F62H]BX139EH3.41 LEA BX,LIST MOVE BX,OFFSET LISTBXLISTMOVLEAOFFSETLIST[SI][SI]LEA

(2)LDSLESLFSLGSLSS LDSLDS REG, SRC (REG) (SRC) (SREG) (SRC+2) (SREG) (SRC+4)16/32((SRC))(REG)(SRC+2/ SRC+4)16123LFSLGSLSS3864LLDSDS

3.42 LES DI[BX] (DS)=BOOOH, (BX)=080AH, (0B080AH)=05AEH,(0B080CH)=4000H, (DI)=05AEH,(ES)=4000H

3.43 LSS ESPMEM MEM48ESPSS

4.

LAHFAHSAHFAHPUSHF/PUSHFDPOPF/POPFD

1(Load register AH from flag) LAHF LAHFFR8AH(AH) (FLAGS) 7 6 5 4 3 2 1 0AHFR8

SFZFAFPFCF

1(Store register AH into flag) SAHF SAHFAHFR8SFZFAFPFCF OFDFIFTF(FLAGS) (AH)

SFZF1AFPFCF0 MOVAH11000000B SAHF 7 6 5 4 3 2 1 0AHFR8

3Push flag PUSHF/PUSHFD PUSHF/PUSHFDFR PUSHF (SP) (SP) 2 ((SP)+1,(SP)) (FLAGS) PUSHFD(ESP) (ESP) 4 ((ESP)+3,(ESP)+2,(ESP)+1,(ESP))(EFLAGS AND 0FCFFFFH) (VMRF)

4(Pop flag) POPF/POPFD POPF/POPFDFR POPF(FLAGS) ( (SP)+1, (SP) ) (SP) (SP) + 2 POPFD(EFLAGS)((ESP)+3,(ESP)+3,(ESP)+1,(ESP)) (ESP) (ESP) + 4 POPFDVMRFIOPLVIFVIP

ZF LAHF8AHAH6SAHF TF PUSHFPOPFPUSHFPOP AXAX8PUSH AXAXPOPF8

5.

CBWCWDCDQ4BSWAP

1)CBW CBW AL AX (AL)0(AH)= 00H (AL)1(AH)= FFH2)CWD/CWDE CWD AX (DX,AX) (AX)0(DX)= 0000H (AX)1(DX)= FFFFH CWDE AX EAX (AX)0(EAX)= 0000H (AX)1(EAX)= FFFFH

3)CDQ 4 CDQ EAXEDXEDXEAX44BSWAP BSWAP r32 486R3232 3214233.44 BSWAP EAX (EAX)=11223344H,(EAX)=44332211,

3.3.2 8086/8088

4

4ADD ADC INC XADD

ADD DESTSRCOFSFZFAF PFCFDESTDEST+SRCADD BXSIADD DLTAB[BX]ADDDH12H

: n=8 bit (-128~127) , (0~255) 0 0 0 0 0 1 0 0 + 0 0 0 0 1 0 1 1 0 0 0 0 1 1 1 1(+4)+(+11)=+15 OF=04+11=15 CF=0 0 0 0 0 1 0 0 1 + 0 1 1 1 1 1 0 0 1 0 0 0 0 1 0 1 : (+9)+(+124)=-123 OF=1 : 9+124=133 CF=0 0 0 0 0 0 1 1 1 + 1 1 1 1 1 0 1 1 1 0 0 0 0 0 0 1 0(+7)+(-5)=+2 OF=07+251=2 CF=1 1 0 0 0 0 1 1 1 + 1 1 1 1 0 1 0 1 1 0 1 1 1 1 1 0 0(-121)+(-11)=+124 OF=1135+245=124 CF=12OFCF

DL=E5HDAB=A4H ADDDL DAB DL= DAB =DABCF=11SF=1AF=00ZF=0OF=0 1PF=0

ADC DESTSRCCFOFSFZFAF PFCF DESTDEST+SRC+CF

32DX16AX163276F1A23HADDAX1A23HADC DX76FHDXAX32 76FH1A23HDXAX+1616CF++

3.46808680286DXAXDXBXCXBX (DX) = 0002H (AX) = 0F365H (BX) = 0005H (CX) = 0E024H

ADD AX, CX ; (1) ADC DX, BX ; (2) 1110 0000 0010 0100 0010+ 1111 0011 0110 0101 0101 11101 0011 1000 1001 + 1 1000 (1) (AX) = 0D389H CF=1 OF=0 SF=1 ZF=0 (2) (DX) = 0008H CF=0 OF=0 SF=0 ZF=012

11INC DEST1OFSFZFAF PFCF DESTDEST+1

XADD DST SRC TEMP SRC+DST SRC DST DST TEMP4863.47 XADD BLDL (BL)=12H, (DL)=02H, (BL)=14H, (DL)=12H

2.

SUB DESTSRCOFSFZFAF PFCFDESTDESTSRCSUB BXSISUB DLTAB[BX]SUB DH12H87

CF/OF/ZF/SF

CF OF

3.48 SUB [SI+14H], 0136H (DS)=3000H, (SI)=0040H, (30054H)=4336H, 4336 0100 0011 0011 0110 -0136 -0000 0001 0011 0110

0100 0011 0011 0110 +1111 1110 1100 1010 0100 0010 0000 0000 1(30054H)=4200H,SF=0,ZF=0,CF=0,OF=0CF=0

3.49 SUB DH[BP+4](DH)=41H, (SS)=0000H, (BP)=00E4H, (00E8)=5AH 41 0100 0001 0100 0001 -5A -0101 1010 +1010 0110 1110 0111(DH)=0E7H, SF=1, ZF=0, CF=1, OF=0CF=1

SBB DESTSRCCFOFSFZFAF PFCF DESTDESTSRCCF16

32DX16AX163276F1A23HSUB AX1A23HSBB DX76FHDXAX32 76FH1A23HDXAX1616CF

11DEC DEST1OFSFZFAF PFCF DESTDEST1

NEG DEST 1OFSFZFAF PFCF DESTDEST+1 : (DEST)=0FFFFH-(DEST)+10CF=0112832768OF=10CMP DESTSRCOFSFZFAF PFCFCMP DESTSRC

3.50xyz X, X+2 Y, Y+2Z, Z+2 w x + y + 24 - z W, W+2wMOV AX, XMOV DX, X+2ADD AX, YADC DX, Y+2 ; x+yADD AX, 24ADC DX, 0 ; x+y+24SUB AX, ZSBB DX, Z+2 ; x+y+24-zMOV W, AXMOV W+2, DX ; W, W+2

3. MUL SRC IMUL SRC1)MUL (AX) (AL) * (SRC) (DX, AX) (AX) * (SRC) (EDX, EAX) (EAX) * (SRC): * AL ()/ AX () * AX (16)/DX,AX(32) * SRC* CFOF

2IMULMUL IMUL REGSRC (REG16) (REG16) * (SRC) (REG32) (REG32) * (SRC) 1632IMUL REGSRCIMM (REG16) IMM * (SRC) (REG32) IMM * (SRC)1632IMM81632

IMUL:OF=11616( 3232)OF=CF=0OF=CF=1

CF/OF

(AX) = 16A5H(BX) = 0611H (1) IMUL BL ; (AX) (AL) * (BL) ; A5*11 5B*11=060B F9F5 ; (AX) = 0F9F5H CF=OF=1

(2) MUL BX ; (DX, AX) (AX) * (BX) ; 16A5*0611=0089 5EF5 ; (DX)=0089H (AX)=5EF5H CF=OF=1A5

3.52 (AL)=0B4H, (BL)=11H, IMUL BL MUL BL (AL)=0B4H180D,-76D,(BL)=11H17D,17D,IMUL BL(AX)=0FAF4H=-1292D, CF=OF=1MUL BL (AX)=0BF4H=3060D, CF=OF=1

4. DIV SRC IDIV SRC (AL) (AX) / (SRC) (AH) (AX) / (SRC)

(AX) (DX, AX) / (SRC) (DX) (DX, AX) / (SRC)

: * AX (DX,AX) * AL (AX) * AH (DX) * SRC *

3.55 (AX)=0400H,(BL)=0B4H (AX)1024D+1024D (BL)180D-76D DIV BL (AH)=7CH=124D (AL)=05H=5D IDIV BL (AH)=24H=36D (AL)=0f3h=-13D B44C400H4CD24HDOF3H

3.56x , y , z , v 16 ( v - ( x*y + z 540 ) ) / xMOV AX, X IMUL Y ; x*y DX,AXMOV CX, AXMOV BX, DXMOV AX, ZCWD Z DXAXADD CX, AXADC BX, DX ; x*y+z BXCXSUB CX, 540 SBB BX, 0 ; x*y+z-540MOV AX, VCWD V DXAXSUB AX, CXSBB DX, BX ; v-(x*y+z-540)IDIV X ; (v-(x*y+z-540))/xAX DX

5.BCD--BCD 4 1 ( 59 )10 ( 0101 1001 )BCDBCD 8 1 ( 59 )10 ( 0000 0101 0000 1001 )BCD

ASCII BCD DIGIT ASCII BCD030H0011 0000131H0011 0001232H0011 0010 939H0011 1001

1BCD DAA DAS 2BCD AAA ASCII AAS ASCII AAM ASCII AAD ASCII

3..3 3NOT OPR * OPR (OPR) (OPR) *

AND DST, SRC (DST) (DST) (SRC)

OR DST, SRC (DST) (DST) (SRC)

XOR DST, SRC (DST) (DST) (SRC)

TEST OPR1, OPR2 (OPR1) (OPR2)

3.57AL01AND0FCH AND AL, 0FCH

3.58AL51 OR AL, 20H

3.5901 TEST AL, 1 JZ EVEN 3.61AL01 XOR AL, 3

* * * * * * * * OR 0 0 1 0 0 0 0 0 * * 1 * * * * * * * * * * * 0 1 XOR 0 0 0 0 0 0 1 1 * * * * * * 1 0 * * * * * * * * AND 1 1 1 1 1 1 0 0 * * * * * * 0 0 * * * * * * * * AND 0 0 0 0 0 0 0 1

0 0 0 0 0 0 0 *

3.2.3 TEST DESTSRCOFSFPF CF ZF0 AFDESTSRC4AL3TEST AL8H

AL300ZF=1ZF=00 0 0 0 1 0 0 0

2.3.

P70

4.10OPR DESTCOUNTCOUNTCOUNT1COUNTCLCL

1. :2SALSARSAL DESTCOUNTSAR DESTCOUNTOFSFZFPFCFAF

: * OPR * CNT=1SAL OPR, 1 CNT>1MOV CL, CNT SAL OPR, CL ; SAL* CF = 1 CNT=1 0 CNT=1 SFZFPF AF SFZFPFAF

1 SAL DESTCOUNTDESTCOUNTCF0

2 SALOF=1

1AL=11000001B63SAL AL1OF=0 2AL=10000010B 126CF01 1 0 0 0 0 0 1 11 0 0 0 0 0 1 0

2BL=10111111B 65SAL BL1OF=12BL=01111110B +126CF01 0 1 1 1 1 1 1 10 1 1 1 1 1 1 0

2 SAR DESTCOUNTDESTCOUNTCFCF SAR()

1AL=10000000B128MOV CL2SAR ALCLCF1 0 0 0 0 0 0 0 01 1 0 0 0 0 0 001 1 1 0 0 0 0 0

2. 2SHLSHRSHL DESTCOUNTSHR DESTCOUNTOFSFZFPFCFAF

:OF=11OF

1SHL DESTCOUNTDESTCOUNTCF0CF0SHL

1AL=11000001B63SHL AL1OF=0 2AL=10000010B 126CF01 1 0 0 0 0 0 1 11 0 0 0 0 0 1 0

2 SHRDESTCOUNTDESTCOUNTCF0CFSHR0

1AL=10000010BMOV CL2SHR ALCLCF1 0 0 0 0 0 1 0 00 1 0 0 0 0 0 110 0 1 0 0 0 0 0000

3 4ROLRORRCLRCRROL DESTCOUNTROR DESTCOUNTRCL DESTCOUNTRCR DESTCOUNTOFCFOF=11OF

1ROL DESTCOUNTDESTCOUNTCFCFROL

1AL=11000001B63ROL AL1OF=0AL=10000011BCF1 1 0 0 0 0 0 1 11 0 0 0 0 0 1 1

2ROR DESTCOUNTDESTCOUNTCFCFSHR

1AL=10000010BMOV CL2ROR ALCLCF1 0 0 0 0 0 1 0 00 1 0 0 0 0 0 111 0 1 0 0 0 0 0

4 2RCLRCRRCL DESTCOUNTRCR DESTCOUNTOFCF:,OF=11OF

1RCL DESTCOUNTDESTCOUNT CFCFCFRCL

1AL=11000001B63RCL AL1OF=0

2RCR DESTCOUNTDESTCOUNT

1AL=10000010BMOV CL2RCR ALCL

3.3.4 CLDSTD MOVS REP STOS REPE /REPZ / LODS REPNE/REPNZ / CMPS SCAS INS OUTS 386

1. REP MOVS STOS LODSINSOUTS 1REPCX0 REP string primitive string primitiveMOVS STOS LODSINSOUTS (1) (CX)=0 REP(2)(2) (CX) (CX) -1(3) (4) (1) ~ (3)

2) MOVS MOVS DST, SRCMOVSB MOVSW MOVSD 386MOVS ES: BYTE PTR [DI], DS: [SI] (1) ((DI)) ((SI)) (2) (SI)(SI)1, (DI)(DI)1 (3) (SI)(SI)2, (DI)(DI)2 (4) (SI)(SI)4, (DI)(DI)4 DF=0 + DF=1 -

REP MOVS MOVSREP

REP MOVS (1) SI(2) DI (3) CX1 CLD DF=02 STD DF=1

3.7017 P78data segment mess1 db personal_computerdata ends

extra segment mess2 db 17 dup (?)extra ends

code segment mov ax, data movds,ax movax, extra mov es, ax lea si, mess1 lea di, mess2 mov cx, 17 cld rep movsb code ends

data segment mess1 db personal_computer mess2 db 17 dup (?)data ends

code segment mov ax, data movds, ax mov es, ax

lea si, mess1 lea di, mess2 mov cx, 17 cld rep movsb code ends

3STOS STOS DSTSTOSB STOSW STOSD ((DI))(AL), (DI)(DI)1 ((DI))(AX), (DI)(DI)2 ((DI))(EAX), (DI)(DI)4ALAXEAXDF 10 20H lea di, mess2 mov al, 20H mov cx, 10 cld rep stosb

4)LODS LODS SRC LODSB LODSW LODSD 386 (AL)((SI)), (SI)(SI)1 (AX)((SI)), (SI)(SI)2 (EAX)((SI)), (SI)(SI)4ALAXEAX: * LODS REP *

INSOUTSP80

2. REPE/REPZREPNE/REPNZCMPS SCAS1REPE / REPZ / REPE / REPZ String Primitive String PrimitiveCMPSSCAS (1) (CX)=0 ZF=0 () (2) (2) (CX)(CX) -1 (3) CMPS / SCAS (4) (1) ~ (3)Count RegREP(CX)=0ZF=0

2 REPNE / REPNZ/ REPNE / REPNZ String Primitive String PrimitiveCMPSSCAS (CX)=0ZF=1REPE(CX)=0

3CMPS CMPS SRC, DST CMPSB CMPSW CMPSD 386 (1) ((SI)) - ((DI)) ZF=1 ZF=0 (2) (SI)(SI)1, (DI)(DI)1 (SI)(SI)2, (DI)(DI)2 (SI)(SI)4, (DI)(DI)4MOVS

4SCAS SCAS DST SCASB SCASW SCASD 386 (AL) - ((DI)), (DI)(DI)1 (AX) - ((DI)), (DI)(DI)2 (EAX) - ((DI)), (DI)(DI)4ALAXEAXMOVS34REPE/REPZREPNE/REPNZ

3.72

mess db COMPUTER lea di, mess mov al, T mov cx, 8 cld repne scasb

ZF=1DI

(di) (cx)(DI) (CX)

3.73lea si, mess1lea di, mess2mov cx, 8cldrepe cmpsbZF=0(DI)(CX)P84

lea si, mess1+7lea di, mess2+7mov cx, 8STdrep movsb

3.3.5 JMP JZ / JNZ JE / JNE JS / JNS JO / JNOJP / JNP JB / JNB JL / JNL JBE / JNBEJLE / JNLE JCXZ LOOPLOOPZ / LOOPELOOPNZ / LOOPNE CALLRET INTINTOIRET

1.1IPEIPIPEIP2IPEIPCS1)JMP SHORT OPR (IP) (IP) + 8 386 (EIP) (EIP) + 8 16(EIP) (EIP) AND 0000FFFFH

-128~+127

2)JMP NEAR PTR OPR (IP) (IP) + 16 386(EIP)(EIP)+32 16(EIP)(EIP) AND 0000FFFFH3) JMP WORD PTR OPR (IP) (EA) 386 (EIP) (EA) 16(EIP)(EIP) AND 0000FFFFH4JMP FAR PTR OPR (IP) OPR (CS) OPR 5 JMP DWORD PTR OPR (IP) (EA) (CS) (EA+2)

2. (1) JZ(JE) OPR ZF = 1 JNZ(JNE) OPR ZF = 0 JS OPR SF = 1 JNS OPR SF = 0 JO OPR OF = 1 JNO OPR OF = 0 JP OPR PF = 1 1JNP OPR PF = 0 0JB(JC) OPR CF = 1 1JNB( JNC) OPR CF = 0 0

3.74 0213.22 ADD AX,TEMP JZ ACTION2 ACTIONG1 ACTIONG2: ADD AXTEMP JNZ ACTION1 ACTION2 ACTION1

(2) * JB (JNAE,JC) OPR CF = 1 JNB (JAE,JNC) OPR CF = 0 JBE (JNA) OPR CFZF = 1 JNBE (JA) OPR CFZF = 0

* CFZF

(3) *

JL (JNGE) OPR SFOF = 1 JNL (JGE) OPR SFOF = 0 JLE (JNG) OPR (SFOF)ZF = 1 JNLE (JG) OPR (SFOF)ZF = 0

*

(4) CXECX 0 JCXZ OPR (CX)=0 JECXZ OPR (ECX)=0SFZFOF

3.76XYXY16 X>50TOO_HIGHX-Y OVERFLOW |X-Y| RESULT, MOV AX, XCMP AX, 50 TOO_HIGHSUB AX, Y OVERFLOW NONNEGNEG AX NONNEG: MOV RESULT, AX TOO_HIGH: OVERFLOW: JGJOJNS

3.77 DX,AX BX,CX > XYCMP DX, BX JG X ; JL Y CMP AX, CX JA X ;Y: X:

3. (1) 1 SETZ / SETE SETNZ / SETNE SETS / SETNS SETO / SETNO SETP / SETPE SETNP / SETPO SETC / SETB / SETNAE SETNC / SETNB / SETAE(2) 1 SETB / SETNAE / SETC SETNB / SETAE / SETNC SETBE / SETNA SETNBE / SETA(3) 1 SETL / SETNGE SETNL / SETGE SETLE / SETNG SETNLE / SETG

4.

* CX * 8

LOOPLOOPZ / LOOPELOOPNZ / LOOPNE (1) (CX) (CX) - 1 (2) (IP) (IP) + 8 IP (COUNT) (COUNT) (COUNT) -1(COUNT)=0?NY3.24

LOOP OPR(CX) 0

LOOPZ(LOOPE) OPRZF=1 (CX) 0

LOOPNZ(LOOPNE) OPRZF=0 (CX) 0

3.80 ARRAY M TOTAL

MOV CX, MMOV AX, 0MOV SI, AXAGAIN: ADD AX, ARRAY[SI]ADD SI, 2LOOP AGAINMOV TOTAL, AX

LOOPLOOPZLOOPNZLOOPZLOOPNZ

5.(subroutine)80X86 1CALL 2RET

1CALL 1CALL DST Push(IP) (SP)(SP)2 ( (SP)+1,(SP) )(IP) (IP) (IP) + D161CALL2DSTD162CALL DST Push(IP)(SP)(SP) 2((SP)+1,(SP)) (IP) (IP) (EA)DST

3CALL DST Push(CS) (SP) (SP) 2( (SP)+1,(SP) ) (CS) Push(IP) (SP) (SP) 2 ( (SP)+1,(SP) ) (IP) (IP) DST (CS) DSTDST

4CALL DST Push(CS) (SP) (SP) 2 ( (SP)+1,(SP) ) (CS) Push(IP) (SP) (SP) 2( (SP)+1,(SP) ) (IP) (IP) (EA) (CS) (EA+2)EADSTEA

2 RET RETRETIPEIPCS1RET (IP) Pop( )(IP) ( (SP)+1,(SP) ) (SP) (SP) + 2

2RET EXP1RET(SPESP) (SPESP) + D16EXPD16

3RET(IP)Pop() (IP)( (SP)+1,(SP))(SP) (SP) + 2 (CS)Pop() (CS)((SP)+1,(SP)) (SP) (SP) + 2

4RET EXP3RET(SPESP) (SPESP) + D16EXP

CALLRET

code segmentmain proc far push ax push bx push cx call sub retmain endp

sub proc near ret 6sub endpcode ends

6. 1CPU(IP)(EIP)(CS) 2(FLAGS)(EFLAGS)(IP)(EIP)(CS)(FLAGS)(EFLAGS)

10242564

INT INTO IRET/IRETD 1INT INT TYPE INT : (SP) (SP) - 2 ( (SP)+1,(SP) ) (FLAGS) IF 0 TF 0 AC 0 (SP) (SP) - 2 ( (SP)+1,(SP) ) (CS) (SP) (SP) - 2 ( (SP)+1,(SP) ) (IP) (IP) (TYPE*4) (CS) (TYPE*4+2)TYPE0~255INT3INTIFTFAC

2INTO OF=1 (SP) (SP) - 2 ( (SP)+1,(SP) ) (FLAGS) IF 0 TF 0 AC 0 (SP) (SP) - 2 ( (SP)+1,(SP) ) (CS) (SP) (SP) - 2 ( (SP)+1,(SP) ) (IP) (IP) (10H) (CS) (12H)

3IRET (IP) ( (SP)+1,(SP) ) (SP) (SP) + 2 (CS) ( (SP)+1,(SP) ) (SP) (SP) + 2 (FLAGS) ( (SP)+1,(SP) ) (SP) (SP) + 24IRETDIPEIPFLAGSEFLAGS

IRET16IRETD32IRETIRETD

3.3.6

3

1CLCCF=0 2STC CF=1 3CMC CF 4CLD DF=0 5STDDF=1 6CLI IF=0 7STIIF=1

2. NOP ()HLT ()WAIT ()ESC LOCK ( ) BOUND ENTER LEAVE : *

80x86 (1) 32 * 16 32 MOV EAX, 1 * 32 MOV EAX, [EDX]

(2) * IMUL / IMUL REG, SRC * PUSH PUSH 36H * 8 (1~31)

(3) MOVSX MOVZX PUSHA / PUSHAD POPA / POPAD LFS / LGS / LSS FS / GS / SS PUSHFD POPFD CWDE EAX CDQ 4 EDX EAX BSWAP 32 XADD CMPXCHG (486) CMPXCHG8B 8 (Pentium)A

BT BTS 1BTR 0BTC

BSF BSR

SHLD SHRD

INSB / INSW / INSD OUTSB / OUTSW / OUTSD

第三章 80x86 的指令系统和寻址方式

Documents