Title: The Netwide Assembler: NASM
1The Netwide Assembler NASM
- . 80x86 assembler
- . Supports Linux file formats
2Byte structure byte has
8 bits
1
6
3
5
4
0
7
2
msb (most significant bit)
3 Data storage in memory
NASM stores data using little endian
order. Little endian means that the low-order
byte of the number is stored in memory at the
lowest address, and the high-order byte at the
highest address.
Example You want to store 0x1AB3 (hex number)
in the memory.This number has two bytes 1A and
B3.It would be stored this way
B3
0
1A
1
bytes of memory
2
memory block
Note when read a stored data from the memory, it
comes in the source order.
4 Registers
CPU contains a unit called Register file. This
unit contains the registers of the following
types1. 8-bit general registers AL, CL, DL,
BL, AH, CH, DH, BH 2. 16- bit general registers
AX, CX, DX, BX, SP, BP, SI, Dl 3. 32-bit general
registers EAX, ECX, EDX, EBX, ESP, EBP, ESI, EDI
4. Segment registers ES, CS ,SS, DS, FS, GS 5.
Floating-point registers ST0, ST1, ST2, ST3,
ST4, ST5, ST6, ST7 6. instruction pointer IP
Note the registers above are the basic. There
exist more registers.
5Lets zoom in
. IP - instruction pointer contains offset
(address) of the next instruction that is going
to be executed.Exists only in run time. Cant
be reached. . AX - 16-bit general register
contains two 8-bit registers . EAX - 32-bit
general register you can use it for any
purpose. . segment registers we use flat memory
model 32-bit 4Gb address space, without
segments. So for this course you can ignore
segment registers. . ST0 - floating-point
registers we use it to do calculations on
floating point numbers. . ESP - stack pointer
contains the next free address on a stack.
high byte
low byte
AH
AL
6Lets zoom in (2)
. Some instructions use only specific
registers. Examples 1. For DIV r/m8
instruction, AX is divided by the given
operandthe quotient is stored in AL and the
remainder in AH. 2. LOOP imm,CX instruction
uses CX register as a counter register. 3. LAHF
instruction sets the AH register according to the
contents of the low byte of the flags word. . We
use ESP and EBP registers to work with stack.
7Example for using registers
instruction mov ax, 0 mov ah, 0x13 mov ax,
0x13
content of the register AX after the instruction
execution
AH
AL
0 0 0 0 0 0 0 0
0 0 0 0 0 0 0 0
AH
AL
0 0 0 1 0 0 1 1
0 0 0 0 0 0 0 0
AH
AL
0 0 0 0 0 0 0 0
0 0 0 1 0 0 1 1
8Status Flags
. Flag is a bit (of the Flags Register). . The
status flags provide some information about the
result of the last (usually arithmetic)
instruction that was executed. This information
can be used by conditional instructions (such a
JUPMcc and CMOVcc) as well as by some of the
other instructions (such as ADC). There are 6
status flags CF - Carry flag set if an
arithmetic operation generates a carry or a
borrow out of the most-significant bit of the
result cleared otherwise. This flag indicates an
overflow condition for unsigned-integer
arithmetic. PF - Parity flag set if the
least-significant byte of the result contains an
even number of 1 bits cleared otherwise.
9Status Flags (2)
AF - Adjust flag set if an arithmetic operation
generates a carry or a borrow out of bit 3 of the
result cleared otherwise. This flag is used in
binary-coded decimal (BCD) arithmetic. ZF - Zero
flag set if the result is zero cleared
otherwise. SF - Sign flag set equal to the
most-significant bit of the result, which is the
sign bit of a signed integer. (0 indicates a
positive value and 1 indicates a negative
value). OF - Overflow flag set if the integer
result is too large a positive number or too
small a negative number (excluding the sign-bit)
to fit in the destination operand cleared
otherwise. This flag indicates an overflow
condition for signed-integer (two's complement)
arithmetic.
10Instructions on Flags Register
We cant reach Flags Register but there are few
instructions that let us get and set its value
1. LAHF set the AH register according to the
contents of the low byte of the flags word 2.
SAHF set the low byte of the flags word
according to the contents of the AH register. 3.
SALC set AL to zero if the carry flag is clear,
or to 0xFF if it is set. 4. STC sets the carry
flag. 5. CLC clears the carry flag.
1
6
3
5
4
0
7
2
SF
CF
0
AF
PF
1
ZF
0
AH
Note this is not a complete set of the flag
instructions. You can find more in the NASM
tutorial.
11Basic assembly instructions
Each NASM standard source line contains a
combination of the 4 fields label
(pseudo) instruction operands
comment
Either required or forbidden by an instruction
optional fields
Notes 1. backslash (\) uses as the line
continuation character if a line ends with
backslash, the next line is considered to be a
part of the backslash-ended line.2. no
restrictions on white space within a line.3. a
colon after a label is optional.
Examples 1. mov ax, 2 moves
constant 2 to the register ax2. buffer resb 64
reserves 64 bytes
12Move instructions
B.4.156 MOV move data mov r/m8,reg8 (copies
content of 8-bit register (source) to 8-bit
register or 8-bit memory unit (destination) )mov
reg32,imm32 (copies content of 32-bit immediate
(constant) to 32-bit register) for all the
possible variants of operands look at NASM
manual, B.4.156 - In all forms of the MOV
instruction, the two operands are the same
size Examplesmov EAX, 0x2334AAFFmov word
buffer, ax Note NASM dont remember the
types of variables you declare. Whereas MASM
will remember, on seeing var dw 0, that you
declared var as a word-size variable, and will
then be able to fill in the ambiguity in the size
of the instruction mov var,2, NASM will
deliberately remember nothing about the symbol
var except where it begins, and so you must
explicitly code mov word var,2.
13Move instructions (2)
B.4.181 MOVSX, MOVZX move data with sign or zero
extend movsx reg16,r/m8 (sign-extends its source
(second) operand to the length of its destination
(first) operand, and copies the result into the
destination operand) movzx reg32,r/m8 (does the
same, but zero-extends rather than
sign-extending) for all the possible variants
of operands look at NASM manual,
B.4.181 Examplesmovsx EAX, AX (if AX has 100b
value, EAX would have
value) movzx EAX, BL (if AX has 100b
value, EAX would have
value)
1111
1000
0000
1000
14Basic arithmetical instructions
B.4.3 ADD add integers add r/m16,imm16 (adds
its two operands together, and leaves the result
in its destination (first) operand) for all the
possible variants of operands look at NASM
manual, B.4.3 Examplesadd AX, BX
- B.4.2 ADC add with carry
- adc r/m16,imm8(adds its two operands together,
plus the value of the carry flag, and leaves the
result in its destination (first) operand) - for all the possible variants of operands look
at NASM manual, B.4.2 - Examplesadd AX, BX (AX gets a value of AXBXCF)
15Basic arithmetical instructions (2)
B.4.305 SUB subtract integers sub reg16,r/m16
(subtracts its second operand from its first,
and leaves the result in its destination (first)
operand) for all the possible variants of
operands look at NASM manual, B.4.305 Examplessu
b AX, BX
B.4.285 SBB subtract with borrow sbb r/m16,imm8
(subtracts its second operand, plus the value of
the carry flag, from its first, and leaves the
result in its destination (first) operand) for
all the possible variants of operands look at
NASM manual, B.4.285 Examplessbb AX, BX (AX
gets a value of AX-BX-CF)
16Basic arithmetical instructions (3)
B.4.120 INC increment integer inc r/m16 (adds 1
to its operand) does not affect the carry
flag affects all the other flags according to
the result for all the possible variants of
operands look at NASM manual, B.4.120 Examplesin
c AX
B.4.58 DEC decrement integer dec reg16
(subtracts 1 from its operand) does not
affect the carry flag affects all the other
flags according to the result for all the
possible variants of operands look at NASM
manual, B.4.58 Examplesdec byte buffer
17Basic logical instructions
B.4.189 NEG, NOT two's and one's complement neg
r/m16 (replaces the contents of its operand by
the two's complement negation - invert all the
bits, and then add one)not r/m16 (performs
one's complement negation- inverts all the
bits) for all the possible variants of operands
look at NASM manual, B.4.189 Examplesneg AL (if
AL (11111110), it becomes (00000010)) not AL
(if AL (11111110), it becomes (00000001))
18Basic logical instructions (2)
B.4.191 OR bitwise or or r/m32,imm32 (each bit
of the result is 1 if and only if at least one of
the corresponding bits of the two inputs was 1
stores the result in the destination (first)
operand) for all the possible variants of
operands look at NASM manual, B.4.191 Exampleor
AL, BL (if AL (11111100), BL (00000010) gt AL
would be (11111110))
B.4.8 AND bitwise and and r/m32,imm32 (each bit
of the result is 1 if and only if the
corresponding bits of the two inputs were both 1
stores the result in the destination (first)
operand) for all the possible variants of
operands look at NASM manual, B.4.8 Exampleand
AL, BL (if AL (11111100), BL (00000010) gt AL
would be (11111100))
19Compare instruction
B.4.24 CMP compare integers cmp r/m32,imm8
(performs a mental subtraction of its second
operand from its first operand, and affects the
flags as if the subtraction had taken place, but
does not store the result of the subtraction
anywhere) for all the possible variants of
operands look at NASM manual, B.4.24 Examplecmp
AL, BL (if AL (11111100), BL (00000010) gt ZF
would be 1) (if AL
(11111100), BL (11111100) gt ZF would be 0)
20Labels definition (basic)
. Each instruction of the code has its offset
(address from the beginning of the address
space). . If we want to refer to the specific
instruction in the code, we should mark it with a
label my_loop1 add ax,
ax . - label can be with or
without colon- an instruction that follows it
can be at the same or the next line- a code
cant contain two different non-local (as above)
labels with the same name
21Loop definition
B.4.142 LOOP, LOOPE, LOOPZ, LOOPNE, LOOPNZ loop
with counter for all the possible variants of
operands look at NASM manual, B.4.142 Example
mov ax, 1 mov cx, 3 my_ loop
add ax, ax loop my_ loop,
cx
1. decrements its counter register (in this case
it is CX register)
2. if the counter does not become zero as a
result of this operation, it jumps to the given
label
Note counter register can be either CX or ECX -
if one is not specified explicitly, the BITS
setting dictates which is used.
LOOPE (or its synonym LOOPZ) adds the additional
condition that it only jumps if the counter is
nonzero and the zero flag is set. Similarly,
LOOPNE (and LOOPNZ) jumps only if the counter is
nonzero and the zero flag is clear.