Assembly_Language_Step-by-Step_Programming_with_Linux

Appendix A ■ Partial x86 Instruction Set Reference 565 The number of bit positions shifted may be specified either as an 8-bitimmediate value or by the value in CL—not CX or ECX. (The 8086 and 8088are limited to the immediate value 1.) Note that while CL may accept a valueup to 255, it is meaningless to shift by any value larger than 16, even thoughthe shifts are actually performed on the 8086 and 8088. (The 286 and later limitthe number of shift operations performed to the native word size except whenrunning in Virtual 86 mode.) The leftmost bit is copied into the Carry flag on each shift operation. OF ismodified only by the shift-by-one forms of ROL; after shift-by-CL forms, OFbecomes undefined.r8 = AL AH BL BH CL CH DL DH r16 = AX BX CX DX BP SP SI DIsr = CS DS SS ES FS GS r32 = EAX EBX ECX EDX EBP ESP ESI EDIm8 = 8-bit memory data m16 = 16-bit memory datam32 = 32-bit memory data i8 = 8-bit immediate datai16 = 16-bit immediate data i32 = 32-bit immediate datad8 = 8-bit signed displacement d16 = 16-bit signed displacementd32 = 32-bit unsigned displacement

566 Appendix A ■ Partial x86 Instruction Set ReferenceROR: Rotate RightFlags AffectedO D I T S Z A P C OF: Overflow flag TF: Trap flag AF: Aux carryF F F F F F F F F DF: Direction flag SF: Sign flag PF: Parity flag* * IF: Interrupt flag ZF: Zero flag CF: Carry flagLegal FormsROR r8,1 386+ROR m8,1 386+ROR r16,1ROR m16,1 386+ROR r32,1 386+ROR m32,1 286+ROR r8,CL 286+ROR m8,CL 286+ROR r16,CL 286+ROR m16,CL 386+ROR r32,CL 386+ROR m32,CLROR r8,i8ROR m8,i8ROR r16,i8ROR m16,i8ROR r32,i8ROR m32,i8ExamplesROR AL,1ROR WORD [BX+SI],CLROR BP,1ROR DWORD [EBX+ESI],9ROR BP,CLNotesROR rotates the bits within the destination operand to the right, where rightis toward the least significant bit (LSB). A rotate is a shift (see SHL and SHR)that wraps around: the rightmost bit of the operand is shifted into the leftmostbit, and all intermediate bits are shifted one bit to the right. Except for thedirection the shift operation takes, ROR is identical to ROL.

Appendix A ■ Partial x86 Instruction Set Reference 567 The number of bit positions shifted may be specified either as an 8-bitimmediate value or by the value in CL—not CX or ECX. (The 8086 and 8088are limited to the immediate value 1.) Note that while CL may accept a valueup to 255, it is meaningless to shift by any value larger than 16—or 32 in32-bit mode—even though the shifts are actually performed on the 8086 and 8088.(The 286 and later limit the number of shift operations performed to the nativeword size except when running in Virtual 86 mode.) The rightmost bit is copied into the Carry flag on each shift operation. OF ismodified only by the shift-by-one forms of ROR; after shift-by-CL forms, OFbecomes undefined.r8 = AL AH BL BH CL CH DL DH r16 = AX BX CX DX BP SP SI DIsr = CS DS SS ES FS GS r32 = EAX EBX ECX EDX EBP ESP ESI EDIm8 = 8-bit memory data m16 = 16-bit memory datam32 = 32-bit memory data i8 = 8-bit immediate datai16 = 16-bit immediate data i32 = 32-bit immediate datad8 = 8-bit signed displacement d16 = 16-bit signed displacementd32 = 32-bit unsigned displacement

568 Appendix A ■ Partial x86 Instruction Set ReferenceSBB: Arithmetic Subtraction with BorrowFlags Affected O D I T S Z A P C OF: Overflow flag TF: Trap flag AF: Aux carry F F F F F F F F F DF: Direction flag SF: Sign flag PF: Parity flag * * * * * * IF: Interrupt flag ZF: Zero flag CF: Carry flagLegal FormsSBB r8,r8 386+SBB m8,r8 386+SBB r8,m8 386+SBB r16,r16SBB m16,r16 386+SBB r16,m16 386+SBB r32,r32SBB m32,r32 386+SBB r32,m32 386+SBB r8,i8SBB m8,i8 386+SBB r16,i16SBB m16,i16SBB r32,i32SBB m32,i32SBB r16,i8SBB m16,i8SBB r32,i8SBB m32,i8SBB AL,i8SBB AX,i16SBB EAX,i32ExamplesSBB BX,DISBB AX,0FFFFH ;Uses single-byte opcodeSBB AL,42H ;Uses single-byte opcodeSBB BP,17HSBB WORD [BX+SI+Inset],5SBB WORD [ES:BX],0B800HNotesSBB performs a subtraction with borrow, where the source is subtracted fromthe destination, and then the Carry flag is subtracted from the result. The result

Appendix A ■ Partial x86 Instruction Set Reference 569then replaces the destination. If the result is negative, the Carry flag is set. Tosubtract without taking the Carry flag into account (i.e., without borrowing),use the SUB instruction.r8 = AL AH BL BH CL CH DL DH r16 = AX BX CX DX BP SP SI DIsr = CS DS SS ES FS GS r32 = EAX EBX ECX EDX EBP ESP ESI EDIm8 = 8-bit memory data m16 = 16-bit memory datam32 = 32-bit memory data i8 = 8-bit immediate datai16 = 16-bit immediate data i32 = 32-bit immediate datad8 = 8-bit signed displacement d16 = 16-bit signed displacementd32 = 32-bit unsigned displacement

570 Appendix A ■ Partial x86 Instruction Set ReferenceSHL: Shift LeftFlags AffectedO D I T S Z A P C OF: Overflow flag TF: Trap flag AF: Aux carryF F F F F F F F F DF: Direction flag SF: Sign flag PF: Parity flag* * * ? * * IF: Interrupt flag ZF: Zero flag CF: Carry flagLegal FormsSHL r8,1 386+SHL m8,1 386+SHL r16,1SHL m16,1 386+SHL r32,1 386+SHL m32,1 286+SHL r8,CL 286+SHL m8,CL 286+SHL r16,CL 286+SHL m16,CL 386+SHL r32,CL 386+SHL m32,CLSHL r8,i8SHL m8,i8SHL r16,i8SHL m16,i8SHL r32,i8SHL m32,i8ExamplesSHL AL,1SHL WORD [BX+SI],CLSHL BP,1SHL EAX,9SHL BP,CLNotesSHL shifts the bits within the destination operand to the left, where left istoward the most significant bit (MSB). The number of bit positions shifted maybe specified either as an 8-bit immediate value or by the value in CL—notCX or ECX. (The 8086 and 8088 are limited to the immediate value 1.) Notethat while CL may accept a value up to 255, it is meaningless to shift by any

Appendix A ■ Partial x86 Instruction Set Reference 571value larger than 16—or 32 in 32-bit mode—even though the shifts are actuallyperformed on the 8086 and 8088. (The 286 and later limit the number of shiftoperations performed to the native word size except when running in Virtual86 mode.) The leftmost bit of the operand is shifted into the Carry flag; therightmost bit is cleared to 0. The Auxiliary carry flag, AF, becomes undefinedafter this instruction. OF is modified only by the shift-by-one forms of SHL;after any of the shift-by-CL forms, OF becomes undefined. SHL is a synonym for SAL (Shift Arithmetic Left). Except for the directionof the shift operation, SHL is identical to SHR.r8 = AL AH BL BH CL CH DL DH r16 = AX BX CX DX BP SP SI DIsr = CS DS SS ES FS GS r32 = EAX EBX ECX EDX EBP ESP ESI EDIm8 = 8-bit memory data m16 = 16-bit memory datam32 = 32-bit memory data i8 = 8-bit immediate datai16 = 16-bit immediate data i32 = 32-bit immediate datad8 = 8-bit signed displacement d16 = 16-bit signed displacementd32 = 32-bit unsigned displacement

572 Appendix A ■ Partial x86 Instruction Set ReferenceSHR: Shift RightFlags AffectedO D I T S Z A P C OF: Overflow flag TF: Trap flag AF: Aux carryF F F F F F F F F DF: Direction flag SF: Sign flag PF: Parity flag* * * ? * * IF: Interrupt flag ZF: Zero flag CF: Carry flagLegal FormsSHR r8,1 386+SHR m8,1 386+SHR r16,1SHR m16,1 386+SHR r32,1 386+SHR m32,1 286+SHR r8,CL 286+SHR m8,CL 286+SHR r16,CL 286+SHR m16,CL 386+SHR r32,CL 386+SHR m32,CLSHR r8,i8SHR m8,i8SHR r16,i8SHR m16,i8SHR r32,i8SHR m32,i8ExamplesSHR AL,1SHR WORD [BX+SI],CLSHR BP,1SHR EAX,9SHR BP,CLNotesSHR shifts the bits within the destination operand to the right, where right istoward the least-significant bit (LSB). The number of bit positions shifted maybe specified either as an 8-bit immediate value or by the value in CL—notCX or ECX. (The 8086 and 8088 are limited to the immediate value 1.) Notethat while CL may accept a value up to 255, it is meaningless to shift by any

Appendix A ■ Partial x86 Instruction Set Reference 573value larger than 16—or 32 in 32-bit mode—even though the shifts are actuallyperformed on the 8086 and 8088. (The 286 and later limit the number of shiftoperations performed to the native word size except when running in Virtual86 mode.) The rightmost bit of the operand is shifted into the Carry flag; theleftmost bit is cleared to 0. The Auxiliary carry flag, AF, becomes undefinedafter this instruction. OF is modified only by the shift-by-one forms of SHL;after any of the shift-by-CL forms, OF becomes undefined. SHR is a synonym for SAR (Shift Arithmetic Right). Except for the directionof the shift operation, SHR is identical to SHL.r8 = AL AH BL BH CL CH DL DH r16 = AX BX CX DX BP SP SI DIsr = CS DS SS ES FS GS r32 = EAX EBX ECX EDX EBP ESP ESI EDIm8 = 8-bit memory data m16 = 16-bit memory datam32 = 32-bit memory data i8 = 8-bit immediate datai16 = 16-bit immediate data i32 = 32-bit immediate datad8 = 8-bit signed displacement d16 = 16-bit signed displacementd32 = 32-bit unsigned displacement

574 Appendix A ■ Partial x86 Instruction Set ReferenceSTC: Set Carry Flag (CF)Flags AffectedO D I T S Z A P C OF: Overflow flag TF: Trap flag AF: Aux carryF F F F F F F F F DF: Direction flag SF: Sign flag PF: Parity flag * IF: Interrupt flag ZF: Zero flag CF: Carry flagLegal FormsSTCExamplesSTCNotesSTC changes the Carry flag, CF, to a known set state (1). Use it prior to sometask that needs a bit in the Carry flag. It can also be used to put CF into aknown state before returning from a procedure, to indicate that the proceduresucceeded or failed, as desired.r8 = AL AH BL BH CL CH DL DH r16 = AX BX CX DX BP SP SI DIsr = CS DS SS ES FS GS r32 = EAX EBX ECX EDX EBP ESP ESI EDIm8 = 8-bit memory data m16 = 16-bit memory datam32 = 32-bit memory data i8 = 8-bit immediate datai16 = 16-bit immediate data i32 = 32-bit immediate datad8 = 8-bit signed displacement d16 = 16-bit signed displacementd32 = 32-bit unsigned displacement

Appendix A ■ Partial x86 Instruction Set Reference 575STD: Set Direction Flag (DF)Flags AffectedO D I T S Z A P C OF: Overflow flag TF: Trap flag AF: Aux carryF F F F F F F F F DF: Direction flag SF: Sign flag PF: Parity flag * IF: Interrupt flag ZF: Zero flag CF: Carry flagLegal FormsSTDExamplesSTDNotesSTD simply changes the Direction flag, DF, to the set (1) state. This affects theadjustment performed by repeated string instructions such as STOS, SCAS,and MOVS. Typically, when DF = 0, the destination pointer is increased, anddecreased when DF = 1. DF is cleared to 0 with the CLD instruction.r8 = AL AH BL BH CL CH DL DH r16 = AX BX CX DX BP SP SI DIsr = CS DS SS ES FS GS r32 = EAX EBX ECX EDX EBP ESP ESI EDIm8 = 8-bit memory data m16 = 16-bit memory datam32 = 32-bit memory data i8 = 8-bit immediate datai16 = 16-bit immediate data i32 = 32-bit immediate datad8 = 8-bit signed displacement d16 = 16-bit signed displacementd32 = 32-bit unsigned displacement

576 Appendix A ■ Partial x86 Instruction Set ReferenceSTOS: Store StringFlags AffectedO D I T S Z A P C OF: Overflow flag TF: Trap flag AF: Aux carryF F F F F F F F F DF: Direction flag SF: Sign flag PF: Parity flag<none> IF: Interrupt flag ZF: Zero flag CF: Carry flagLegal FormsSTOSB 386+STOSWSTOSDExamplesSTOSB ;Stores AL to [EDI]STOSW ;Stores AX to [EDI]STOSD ;Stores EAX to [EDI]REP STOSW ;Stores EAX to [EDI] and up, for ECX repeatsNotesSTOS stores AL (for 8-bit store operations), AX (for 16-bit operations), or EAX(for 32-bit operations) to the location at [EDI]. For 16-bit modes, ES mustcontain the segment address of the destination and cannot be overridden. For32-bit protected mode, all segments are congruent, so ES does not need to bespecified explicitly. Similarly, DI or EDI must always be the destination offset. By placing an operation repeat count (not a byte count!) in CX/ECXand preceding the mnemonic with the REP prefix, STOS can do an auto-matic ‘‘machine-gun’’ store of AL/AX/EAX into successive memory locationsbeginning at the initial [EDI]. After each store, DI/EDI is adjusted (see nextparagraph) by either by 1 (for 8-bit store operations), 2 (for 16-bit store oper-ations), or 4 (for 32-bit store operations), and CX/ECX is decremented by 1.Don’t forget that CX/ECX counts operations (the number of times a data itemis stored to memory), not bytes! Adjusting means incrementing if the Direction flag is cleared (by CLD), ordecrementing if the Direction flag has been set (STD).r8 = AL AH BL BH CL CH DL DH r16 = AX BX CX DX BP SP SI DIsr = CS DS SS ES FS GS r32 = EAX EBX ECX EDX EBP ESP ESI EDIm8 = 8-bit memory data m16 = 16-bit memory datam32 = 32-bit memory data i8 = 8-bit immediate datai16 = 16-bit immediate data i32 = 32-bit immediate datad8 = 8-bit signed displacement d16 = 16-bit signed displacementd32 = 32-bit unsigned displacement

Appendix A ■ Partial x86 Instruction Set Reference 577SUB: Arithmetic SubtractionFlags Affected O D I T S Z A P C OF: Overflow flag TF: Trap flag AF: Aux carry F F F F F F F F F DF: Direction flag SF: Sign flag PF: Parity flag * * * * * * IF: Interrupt flag ZF: Zero flag CF: Carry flagLegal Forms SUB r8,r8 386+ SUB m8,r8 386+ SUB r8,m8 386+ SUB r16,r16 SUB m16,r16 386+ SUB r16,m16 386+ SUB r32,r32 SUB m32,r32 386+ SUB r32,m32 386+ SUB r8,i8 SUB m8,i8 386+ SUB r16,i16 SUB m16,i16 SUB r32,i32 SUB m32,i32 SUB r16,i8 SUB m16,i8 SUB r32,i8 SUB m32,i8 SUB AL,i8 SUB AX,i16 SUB EAX,i32ExamplesSUB BX,DISUB AX,0FFFFH ;Uses single-byte opcodeSUB AL,42H ;Uses single-byte opcodeSUB BP,17HSUB ECX,DWORD [ESI+5]SUB EAX,17SUB WORD [BX+SI+Inset],5SUB WORD [ES:BX],0B800HNotesSUB performs a subtraction without borrow, where the source operand issubtracted from the destination operand, and the result replaces the destination

578 Appendix A ■ Partial x86 Instruction Set Referenceoperand. If the result is negative, the Carry flag, CF, is set. Multiple-precisionsubtraction can be performed by following SUB with SBB (Subtract withBorrow), which takes the Carry flag into account as an arithmetic borrow.r8 = AL AH BL BH CL CH DL DH r16 = AX BX CX DX BP SP SI DIsr = CS DS SS ES FS GS r32 = EAX EBX ECX EDX EBP ESP ESI EDIm8 = 8-bit memory data m16 = 16-bit memory datam32 = 32-bit memory data i8 = 8-bit immediate datai16 = 16-bit immediate data i32 = 32-bit immediate datad8 = 8-bit signed displacement d16 = 16-bit signed displacementd32 = 32-bit unsigned displacement

Appendix A ■ Partial x86 Instruction Set Reference 579XCHG: Exchange OperandsFlags AffectedO D I T S Z A P C OF: Overflow flag TF: Trap flag AF: Aux carryF F F F F F F F F DF: Direction flag SF: Sign flag PF: Parity flag<none> IF: Interrupt flag ZF: Zero flag CF: Carry flagLegal FormsXCHG r8,r8 386+XCHG r8,m8 386+XCHG r16,r16XCHG r16,m16XCHG r32,r32XCHG r32,m32ExamplesXCHG AL,DHXCHG BH,BYTE [SI]XCHG SP,BPXCHG DX,WORD [DI]XCHG ESI,EDIXCHG ECX,DWORD [EBP+38]XCHG AX,BX ; Uses single-byte opcodeNotesXCHG exchanges the contents of its two operands. This is why there is noform of XCHG for identical operands; that is, XCHG AX,AX is not a legal formbecause exchanging a register with itself makes no logical sense. (However, theCPU performs the internal equivalent of XCHG AX,AX as the no-operation,or NOP, instruction.) Exchanging an operand with AX may be accomplished with a single-byteopcode, saving fetch time and code space. All good assemblers recognize thesecases and optimize for them, but if you are hand-assembling inline assemblystatements for some high-level language, keep the single-byte special cases inmind.r8 = AL AH BL BH CL CH DL DH r16 = AX BX CX DX BP SP SI DIsr = CS DS SS ES FS GS r32 = EAX EBX ECX EDX EBP ESP ESI EDIm8 = 8-bit memory data m16 = 16-bit memory datam32 = 32-bit memory data i8 = 8-bit immediate datai16 = 16-bit immediate data i32 = 32-bit immediate datad8 = 8-bit signed displacement d16 = 16-bit signed displacementd32 = 32-bit unsigned displacement

580 Appendix A ■ Partial x86 Instruction Set ReferenceXLAT: Translate Byte via TableFlags AffectedO D I T S Z A P C OF: Overflow flag TF: Trap flag AF: Aux carryF F F F F F F F F DF: Direction flag SF: Sign flag PF: Parity flag<none> IF: Interrupt flag ZF: Zero flag CF: Carry flagLegal FormsXLATXLATB (synonym)ExamplesXLATNotesXLAT performs a table translation of the 8-bit value in AL. All operands areimplicit. The value in AL is treated as the index into a table in memory,located at the address contained in EBX. When XLAT is executed, the value at[EBX+AL] replaces the value previously in AL. The table located at the 32-bit address in EBX does not have to be 256 bytesin length, but a value in AL larger than the length of the table will result inan undefined value being placed in AL, with the additional possibility of asegmentation fault if the table is at the edge of the program’s memory space.r8 = AL AH BL BH CL CH DL DH r16 = AX BX CX DX BP SP SI DIsr = CS DS SS ES FS GS r32 = EAX EBX ECX EDX EBP ESP ESI EDIm8 = 8-bit memory data m16 = 16-bit memory datam32 = 32-bit memory data i8 = 8-bit immediate datai16 = 16-bit immediate data i32 = 32-bit immediate datad8 = 8-bit signed displacement d16 = 16-bit signed displacementd32 = 32-bit unsigned displacement

Appendix A ■ Partial x86 Instruction Set Reference 581XOR: Exclusive OrFlags Affected O D I T S Z A P C OF: Overflow flag TF: Trap flag AF: Aux carry F F F F F F F F F DF: Direction flag SF: Sign flag PF: Parity flag * * * ? * * IF: Interrupt flag ZF: Zero flag CF: Carry flagLegal FormsXOR r8,r8 386+XOR m8,r8 386+XOR r8,m8 386+XOR r16,r16XOR m16,r16 386+XOR r16,m16 386+XOR r32,r32XOR m32,r32 386+XOR r32,m32XOR r8,i8XOR m8,i8XOR r16,i16XOR m16,i16XOR r32,i32XOR m32,i32XOR AL,i8XOR AX,i16XOR EAX,i32ExamplesXOR BX,DIXOR AX,0FFFFH ;Uses single-byte opcodeXOR AL,42H ;Uses single-byte opcodeXOR EBX,DWORD [EDI]XOR WORD [ES:BX],0B800HXOR WORD [BP+SI],DXNotesXOR performs the exclusive OR logical operation between its two operands.Once the operation is complete, the result replaces the destination operand.XOR is performed on a bit-by-bit basis, such that bit 0 of the source is XORedwith bit 0 of the destination, bit 1 of the source is XORed with bit 1 of thedestination, and so on. The XOR operation yields a 1 if the operands are

582 Appendix A ■ Partial x86 Instruction Set Referencedifferent, and a 0 if the operands are the same. Note that XOR makes theAuxiliary carry flag, AF, undefined. CF and OF are cleared to 0, and the otheraffected flags are set according to the operation’s results.r8 = AL AH BL BH CL CH DL DH r16 = AX BX CX DX BP SP SI DIsr = CS DS SS ES FS GS r32 = EAX EBX ECX EDX EBP ESP ESI EDIm8 = 8-bit memory data m16 = 16-bit memory datam32 = 32-bit memory data i8 = 8-bit immediate datai16 = 16-bit immediate data i32 = 32-bit immediate datad8 = 8-bit signed displacement d16 = 16-bit signed displacementd32 = 32-bit unsigned displacement

APPENDIX B Character Set ChartsThis appendix contains summaries of two character sets commonly used onPC-compatible machines. The first is for the IBM-850 character set, which iscommonly available on Linux terminal utilities like Konsole and GNOMETerminal. The second is the older ‘‘Code Page 437’’ set, which is basically thecharacter set coded into the BIOS ROM of IBM-compatible PCs. There is one glyph block for each character in each set. Each glyph blockincludes the following information: The three-digit decimal form of the character number, from 000–255. These are in the upper-right corner of each block. The hexadecimal form of the character number, from 00–FF. These are in the lower-left corner of each block. The character glyph is in the center of the block. For control characters from 0–31, the name of the control character (for example, NAK, DLE, CR, etc.) is printed vertically in the lower-right corner of the block. Note that the IBM-850 character set is not loaded by default in common Linuxterminal utilities, and must be specifically selected from the options or settingsmenu before the character set will be displayed in the terminal window. Formore on this, see the section ‘‘Linux and Terminals’’ in Chapter 6. 583

584 Appendix B ■ Character Set ChartsASCII & PC Extended Characters - Code Page 437 000 016 032 048 064 080 096 112 128 144 160 176 192 208 224 240 U0 @ P ` p Ç É áN DL00 L 10 E 20 30 40 50 60 70 80 90 A0 B0 C0 D0 E0 F0 001 017 033 049 065 081 097 113 129 145 161 177 193 209 225 241 ! 1 A Q a qS Dü œ í ±01O C H 11 1 21 31 41 51 61 71 81 91 A1 B1 C1 D1 E1 F1 002 018 034 050 066 082 098 114 130 146 162 178 194 210 226 24202 \" 2 B R b r é Æ óS DTC X 12 2 22 32 42 52 62 72 82 92 A2 B2 C2 D2 E2 F2 003 019 035 051 067 083 099 115 131 147 163 179 195 211 227 243 # 3 C S c s â ô úE D03 T 13 C 33 43 53 63 73 83 93 A3 B3 C3 D3 E3 F3 X 3 23 004 020 036 052 068 084 100 116 132 148 164 180 196 212 228 244 O¶ $ 4 D T d t ä ö ñE DC04 T 14 4 24 34 44 54 64 74 84 94 A4 B4 C4 D4 E4 F4 005 021 037 053 069 085 101 117 133 149 165 181 197 213 229 245 N§ % 5 E U e u à ò ÑE NA05 Q 15 K 25 35 45 55 65 75 85 95 A5 B5 C5 D5 E5 F5 006 022 038 054 070 086 102 118 134 150 166 182 198 214 230 246 & 6 F V f v å û ª µA S÷06 C Y K 16 N 26 36 46 56 66 76 86 96 A6 B6 C6 D6 E6 F6 007 023 039 055 071 087 103 119 135 151 167 183 199 215 231 247 ' 7 G W g w ç ù ºB EET07 L 17 B 27 37 47 57 67 77 87 97 A7 B7 C7 D7 E7 F7 008 024 040 056 072 088 104 120 136 152 168 184 200 216 232 248 ( 8 H X h x ê ÿ ¿C°08 B A S 18 N 28 38 48 58 68 78 88 98 A8 B8 C8 D8 E8 F8 009 025 041 057 073 089 105 121 137 153 169 185 201 217 233 249) 9 I Y i y ë Ö09HE T 19 M 29 39 49 59 69 79 89 99 A9 B9 C9 D9 E9 F9 010 026 042 058 074 090 106 122 138 154 170 186 202 218 234 250 * : J Z j z è Ü ¬S0A L 1A U 2A 3A 4A 5A 6A 7A 8A 9A AA BA CA DA EA FA F B 011 027 043 059 075 091 107 123 139 155 171 187 203 219 235 2510B V 1B S+ ; K [ k { ï ¢ ½E DB T C 2B 3B 4B 5B 6B 7B 8B 9B AB BB CB EB FB 012 028 044 060 076 092 108 124 140 156 172 188 204 220 236 2520C F 1C F , <L \ l | î £¼ CC DC EC F S 2C 3C 4C 5C 6C 7C 8C 9C AC BC FC 013 029 045 061 077 093 109 125 141 157 173 189 205 221 237 253- = M ] m } ì ¥ ¡ Ø ²0D C 1D G 2D 3D 4D 5D 6D 7D 8D 9D AD BD CD DD ED FD R S 014 030 046 062 078 094 110 126 142 158 174 190 206 222 238 254. > N ^ n ~ Ä «0ESR O 1E S 2E 3E 4E 5E 6E 7E 8E 9E AE BE CE DE EE FE 015 031 047 063 079 095 111 127 143 159 175 191 207 223 239 255/ ? O _ o Å ƒ »0F S 1F U 2F 3F 4F 5F 6F 7F 8F 9F AF BF CF DF EF FF I S

Appendix B ■ Character Set Charts 585ASCII & PC Extended Characters - IBM-850 000 016 032 048 064 080 096 112 128 144 160 176 192 208 224 240 0 @ P ` pN DÇ É á ð Ó00U L L 10 E 20 30 40 50 60 70 80 90 A0 B0 C0 D0 E0 F0 001 017 033 049 065 081 097 113 129 145 161 177 193 209 225 241 ! 1 A Q a qS Dü æ í ß ±01O C H 11 1 21 31 41 51 61 71 81 91 A1 B1 C1 D1 E1 F1 002 018 034 050 066 082 098 114 130 146 162 178 194 210 226 242 \" 2 B R b rS Dé Æ ó Ê Ô =02TC X 12 2 22 32 42 52 62 72 82 92 A2 B2 C2 D2 E2 F2 003 019 035 051 067 083 099 115 131 147 163 179 195 211 227 243 # 3 C S c sE Dâ ô ú Ë Ò ¾03 T 13 C 33 43 53 63 73 83 93 A3 B3 C3 D3 E3 F3 X 3 23 004 020 036 052 068 084 100 116 132 148 164 180 196 212 228 24404 O¶ $ 4 D T d t ä ö ñ õ ¶E DC T 14 4 24 34 44 54 64 74 84 94 A4 B4 C4 D4 E4 F4 005 021 037 053 069 085 101 117 133 149 165 181 197 213 229 245 § % 5 E U e uE N í Õ§à ò Ñ Á05N A Q 15 K 25 35 45 55 65 75 85 95 A5 B5 C5 D5 E5 F5 006 022 038 054 070 086 102 118 134 150 166 182 198 214 230 246 & 6 F V f v å û ª  ã î µA S÷06 C Y K 16 N 26 36 46 56 66 76 86 96 A6 B6 C6 D6 E6 F6 007 023 039 055 071 087 103 119 135 151 167 183 199 215 231 247 þ¸ 'B E 7 GWg w ç ù º Àà ï07 E 17 T E7 F7 L B 27 37 47 57 67 77 87 97 A7 B7 C7 D7 008 024 040 056 072 088 104 120 136 152 168 184 200 216 232 248 ( 8 H X h x ê ÿ ¿C© Þ °08 B 18 A 38 48 58 68 78 88 98 A8 B8 C8 D8 E8 F8 S N 28 009 025 041 057 073 089 105 121 137 153 169 185 201 217 233 249) 9 I Y i y ë Ö ® Ú ¨09HE T 19 M 29 39 49 59 69 79 89 99 A9 B9 C9 D9 E9 F9 010 026 042 058 074 090 106 122 138 154 170 186 202 218 234 250 * : J Z j z è ¬SÜ Û ·0AL U F 1A B 2A 3A 4A 5A 6A 7A 8A 9A AA BA CA DA EA FA 011 027 043 059 075 091 107 123 139 155 171 187 203 219 235 2510B V 1B S+ ; K [ k { ï ø ½ Ù ¹E T C 2B 3B 4B 5B 6B 7B 8B 9B AB BB CB DB EB FB 012 028 044 060 076 092 108 124 140 156 172 188 204 220 236 2520C F 1C F , <L \ l | î £¼ ý³ F S 2C 3C 4C 5C 6C 7C 8C 9C AC BC CC DC EC FC 013 029 045 061 077 093 109 125 141 157 173 189 205 221 237 253- = M ] m } ì Ø ¡ ¢0D C 1D G 2D 3D 4D 5D 6D 7D 8D 9D AD BD CD ¦Ý² R S DD ED FD 014 030 046 062 078 094 110 126 142 158 174 190 206 222 238 254. > N ^ n ~ Ä × « ¥0ESR Ì O 1E S 2E 3E 4E 5E 6E 7E 8E 9E AE BE CE FE DE EE 015 031 047 063 079 095 111 127 143 159 175 191 207 223 239 255 / ?O_ o0F S 1F U 2F 3F 4F 5F 6F 7F Ń » ¤ ´ I S 8F 9F AF BF CF DF EF FF



IndexSymbols and Numbers 32-bit CPUs general-purpose registers and, 92: (colon), in label syntax, 241–242 registers and, 88# (pound sign), comment delimiter in AT&T 32-bit registers, 90–91 mnemonics, 474 64-bit computers$ (dollar sign) changes in CPU architecture, 67–68 deriving string location with, 246 overview of, 57 for immediate operand in AT&T 64-bit ‘‘Long Mode’’ overview of, 106–107 mnemonic, 471 possibilities vs. realities, 107–108% (percent symbol), AT&T mnemonic 64K, real flat mode and, 97 8080 CPUs, 79–80 conventions for register names, 471 8086 CPUs; (semicolons), as comment delimiters, 124 memory model for, 80–82? (question mark), for undefined flags, 510 Programmer’s Reference Pocket Guide for, 231[ ] (brackets), for effective address of data A item in memory, 210‘ (single quote) or ‘‘ (double quotes), in string A Programming Language (APL), 109, 327 AAA (Adjust AL after BCD Addition) variable syntax, 2431-bits, looking for with TEST, 304–306 adding ASCII digits to screen ruler, 411–4138-bit binary values, 292 adjusting AAA’s adjustments, 413–4148-bit computers, 57, 63 reference, 5128-bit registers, 93 Abrash, Michael, 5416-bit computers, 57 ADC (Arithmetic Addition with Carry),16-bit CPUs 513 – 514 changes in CPU architecture, 67 ADD (Arithmetic Addition) general-purpose registers and, 92–93 registers and, 88 accessing register data, 207–20916-bit registers adding source and destination operands, 20-bit addresses from, 88–90 burden of, 317–318 207 overview of, 90–91 multiplying by shifting and adding,20-bit addresses, from 16-bit register, 297 – 298 88 – 90 operands of, 22032-bit computers reference, 515–516 speed of, 229 changes in CPU architecture, 67–68 overview of, 57 587

588 Index ■ A single-column additions, 32–34 single-column subtraction, 35–37 adders, CPU gates and, 65 ASCII addition, in hex adding ASCII digits to ruler, 411–413 binary values converted into ASCII multicolumn addition, 35 single-column additions, 32–34 equivalents, 376–377 address pins character encoding in, 177–178 on CPUs, 58 character strings and, 243–244 on memory chips, 52 displaying ASCII table, 419–420 addresses. See also memory addresses displaying binary values as ASCII digits, in Assembly Language Game, 11–12 memory addresses vs. I/O addresses, 60 292 memory cells and, 52 translation tables, 348 why stack addresses are not predictable, .ASM files linking object code file to, 135–136 429 as source code files, 131 addressing data assemblers errors, 132–133 confusing data and its address, 210 function of, 121 effective addresses, 210 gas (GNU assembler). See gas (GNU immediate addresses, 205–207 register addresses, 205–207 assembler) AF (auxiliary flag) generating object code files from source DEC EBX instruction clearing, 217 in EFlags register, 214 code files, 125 flag rules, 510 NASM. See NASM INC EAX instruction and, 218 for source code files, 125–126, 131–132 AIX, 178 as translator program, 122 AMD warning messages, 134–135 dual-core CPUs, 73–74 assembly language Intel-compatible chips, 66 defined, 122–123 redesigning chip microarchitecture, 69 development process, 128–129 AND (Logical AND) translating into object code, 121 anatomy of, 283 Assembly Language Game applied to x86 instruction set, 281–282 addresses in, 11–12 masking bits with, 282 code and data in, 10–11 masking nybbles with, 292–293 overview of, 9–10 reference, 517–518 assembly language, program dissection TEST instruction performing, 304–306 accessing Linux kernel services from stack, truth table for, 281 APL (A Programming Language), 109, 327 254 architecture, CPUs, 67–68 .bss section, 240–241 arguments, macro parameters as, 385–386 .data section, 240 arithmetic deriving string length with EQU and $, addition. See ADD (Arithmetic Addition) applied mathematics and, 15–16 244 – 246 CMP (Arithmetic comparison), 301–302, designing non-trivial program, 264 initial comment blocks, 239–240 524 – 525 INT 80h access and portability myths, division. See DIV (Arithmetic division) machine instructions performing, 62 262 – 263 multiplication. See multiplication interrupts, 254–259 signed values and, 221 labels, 241–242 subtraction. See subtraction LIFO (last in, first out) stack order, 246–248 arithmetic, in hex ‘‘off by one’’ error, 273–277 multicolumn addition, 35 POP instructions, 251–253 multicolumn subtraction, 32 problem definition phase of design, overview of, 32 264 – 265 program bones, 237–239

Index ■ A 589 PUSH instructions, 249–251 AT&T mnemonic conventions returning to Linux kernel services from AT&T memory reference syntax, 474–475 examining AT&T gas source file produced stack, 259–261 by gcc, 471–474 scanning buffered I/O file, 271–273 overview of, 470–471 short-term storage, 253–254 software vs. hardware interrupts, 261–262 B stack mechanism and, 246 stacking upside down, 248–249 Babbage, Charles, 48 starting program with pseudo-code, backward compatibility 265 – 266 CPU architecture and, 67 string variables, 242–244 virtual 86 mode for, 83 successive refinement of, 266–271 base, of number systems .text section, 241 base 2. See binary numbers (base 2) tips for, 277–278 base 8. See octal numbers (base 8) variables for initialized data, 242 base 10. See decimal numbers (base 10)assembly language, programming models conversion between number systems, 24 overview of, 96–97 counting in base 4, 16 protected mode flat model, 101–104 dissecting base 4 numbers, 18–20 real mode flat model, 97–99 essence of, 20 real mode segmented model, 99–101 units column, 23assembly language, programming process Base + Displacement, protected mode assembler errors, 132–133 assembling program with NASM, 143–145 addressing, 310 assembling source code file, 131–132 Base + Index, protected mode addressing, big endian and little endian and, 117–121 binary files vs. text files, 111–112 310 – 311 comments, 123–124 base pointer. See EBP (base pointer) converting text to code, 121 BASIC debugging, 138–139 defining assembly language, 122–123 learning programming languages, 110 development process, 128–130 simple programming in, 12 editing program, 142–143 strings, 394 editing source code file, 131 Basic Input/Output System (BIOS) editors for inspecting files, 112–116 direct calls not allowed by protected mode, errors vs. bugs, 137–138 example, 139–140 106 files, 110–111 overview of, 71 fixing errors, 134 BCD (Binary Coded Values), 411–414 installing software for, 140–142 Berkeley Software Distribution (BSD), 156 interpreting raw data, 116–117 binary 0, indicating lack of voltage on linker errors, 136 linking object code file, 135–136 transistor switch, 50 linking program with ld utility, 145–146 Big Bux board game, 6–9 object code and linkers, 125–128 big endian, 117–121 overview of, 109–110 binary 1, indicating presence of voltage on relocatability, 128 running program in debugger, transistor switch, 50 binary codes, machine instructions as, 64 147 – 153 binary editors, for inspecting/working with testing .EXE file, 136–137, 146–147 warning messages, 134–135 files, 112 working directories and, 129–131 binary files. See also object code files ‘‘write-only’’ code, 124–125assembly-time calculations, 244–246 converting text to, 121 text files compared with, 111–112 binary numbers (base 2) base 10 compared with, 16 bit shifting and, 287 columns, 39–40 converting decimal to, 41–42

590 Index ■ Bbinary numbers (base 2) (continued) Boolean logic AND instruction, 281–282 converting to decimal, 40–41 NOT instruction, 285–286 hex as shortcut for, 43–44 OR instruction, 283 overview of, 38 overview of, 280–281 reason for using, 42–43 segment registers not responding to, signed and unsigned values, 221 285 – 286BIOS (Basic Input/Output System) using AND instruction for masking out bits, direct calls not allowed by protected mode, 282 XOR instruction, 284–285 106 overview of, 71 borrowsbit mapping, 279–280 multiple column subtraction in hex, 37–38bit masks, 282 single column subtraction in hex, 35–37bits chip capacity and, 50–51 BOS (bottom of stack), Linux stack, 427 converting hex numbers to hex digits, boundary values, strings not having, 394 box analogy, for computers (Nelson), 74–75 289 – 292 breakpoints, Insight Debugger, 198 defined, 50 BSD (Berkeley Software Distribution), 156 AND instruction, 281–282 .bss section looking for 1-bits with TEST, 304–306 looking for O-bits with BT (Bit Test), in assembly language program, 240–241 data in, 348 306 – 307 stack and, 248 masking, 282 BT (Bit Test) measuring memory in, 54 looking for O-bits with, 306–307 multiplying by shifting and adding, reference, 519–520 buffered I/O file, 271–273 295 – 298 buffers NOT instruction, 285–286 accessing from procedures, 343 numbering, 280 data buffers defined in .bss section, 240–241 OR instruction, 283 defining lines in display buffer, 406 overview of, 279–280 sending virtual display buffer to Linux rotating, 288–289 shifting, 286–287 console, 406–407 sign bit, 221 text video buffers, 396 XOR instruction, 284–285 bugsbitwise logical instructions accidental recursion, 341 AND instruction, 281–282 vs. errors, 137–138 NOT instruction, 285–286 flag etiquette, 341–342 OR instruction, 283 locating and identifying, 138–139 overview of, 280–281 BYTE , size specifiers, 211 segment registers not responding to, bytes counting from zero, 82–83 285 – 286 CPU reading to/writing from memory, XOR instruction, 284–285Bless Hex Editor 58 – 59 big endian vs. little endian, 117–121 illustration of 1 megabyte memory system, inspecting files with, 112–116 interpreting raw data with, 116–117 56blue cards, for jogging memory, 231 machine instructions and, 62board games measuring memory in, 54–55 assembly-language programming as, 9–10 offset address and, 89 Big Bux, 6–9 RAM chips and, 55 as metaphor for assembly-language splitting into two nybbles, 292–293 unique numeric addresses, 57 programming, 5–6boiler.asm, 447bookmarks, Kate, 169–170

Index ■ C–C 591C gathering procedures into, 494–501 overview of, 445–446C calling conventions, 446–447 puts() function for outputting characters,C language 451 AT&T mnemonic conventions, 470–475 saving/restoring registers, 447–448 boiler.asm as framework to build on, 447 setting up a stack frame, 448–450 building C code with GNU, 441–443 C preprocessor (cpp), 442 C calling conventions, 446–447 C++ compilers, 122 CALL instruction to address in registers as cache, transistor switches for, 64 calculators, hex, 28 randtest technique, 483–484 command-line arguments, 484–486 CALL converting time_t values to formatted calling procedures, 336–337 strings, 464–465 linking to C library, 445 copying tm structure with MOVSD, 466–469 local data and, 346 creating and opening files, 489–490 reference, 521–522 destroying a stack frame, 450 register address as randtest technique, examining AT&T gas source file, 471–474 fetching time_t values from system clock, 483 – 484 call gate, kernel, 255 464 calling procedures fgets() and scanf() functions for data calls within calls, 338–340 input, 456–458 LoadBuff example, 336–337 fgets() function for reading text from stack frame and, 346 carriage returns, 115 files, 490–493 case sensitivity file I/O, 487 AT&T mnemonic conventions, 471 GNU and. See GNU labels, 241 learning, 110 central processing units. See CPUs (central linking to C library, 445–446 Linux and, 439–440 processing units) localtime(), 465–466 CF (carry flag) passing parameters to printf(), 454–456 printf() function for formatting text, bumping into when shifting bits, 287 CLC (Clear Carry Flag), 522 452 – 453 in EFlags register, 215 procedures gathered into libraries, 494–501 flag rules, 510 puts() function for outputting characters, MUL instruction and, 227–228 setting know value into, 289 451 STC (Set Carry Flag), 572 rand() function for generating uses of, 301 chains of dependencies, Make utility, pseudorandom numbers, 477–482 random number generation, 475–476 189 – 191 saving/restoring registers, 447–448 character encoding, in Konsole, 177–178 scanf() function for entering numeric character sets values, 458–462 APL, 327 setting up a stack frame, 448–450 Code Page 437, 582 srand() function for getting seed value for IBM-850, 583 overview of, 581 random numbers, 476–477 character strings sscanf() function for converting strings as immediate data, 207 overview of, 243 into numbers, 487–489 character translation, 348 strings, 394 characters time and date functions, 462–464 conversion, 318 why some bits are more random than puts() for outputting in C, 451 translating with MOV or XLAT, 320–325 others, 482–483C library boiler.asm as framework to build on, 447 C calling conventions, 446–447 destroying a stack frame, 450

592 Index ■ C–Ccharacters (continued) macros. See macros translation tables, 318–320 overview of, 327–328 translation tables instead of calculations, procedures. See procedures 325 Computer Lib/Dream Machines (Nelson), 74–75 computer programs. See also assemblyChinese boxes method, 329CLC (Clear Carry Flag), 523 language, programming processCLD (Clear Direction Flag), 524 as laundry list, 1–2clocking rates, CPUs and, 68 as series of program instructions, 9CMP (Arithmetic comparison) as table of binary machine instructions, for comparing values, 301–302 63 – 64 reference, 525–526 computerscode converting text to, 121 8-bit, 16-bit, 32-bit, and 64-bit, 57, 63, 67–68 costs of dead code, 367 RAX computer in high school class, 45–46 game steps as, 11 thinking like humans, 4 procedures as boxes for, 329–336 conditional compilation, 263Code Page 437 character set, 582 conditional jumpscode reuse JNZ (Jump If Not Zero), 218 linkers and, 127 out of range, 354 procedures and, 367–368 overview of, 299–300code segment registers. See CS (code conditional string instructions, SCASB as, segment) registers 435columns console, Linux in binary system, 39–40 control cautions, 377–378 in hexadecimal system, 26 cursor control, 371–377 in number systems generally, 23–24 sending virtual display buffer to, in octal system, 23–24command-line arguments 406 – 407 C language, 484–486 console applications examining stack with, 424 setting with Insight, 429–430 Linux, 176–177comment blocks, 123 Windows OSs, 102comments Console view, Insight adding comment headers to procedures, setting command-line arguments, 370 – 371 429 – 430 critical nature of, 124 viewing EFlag values with, 216–217 initial comment block in programs, 239–240 viewing state of flags with, 228 overview of, 123 constant data, placing in procedure ‘‘write-only’’ code and, 124–125COMPARE instructions, comparing data with, definitions, 348–350 COSMAC ELF, 46–47 11 count register, 286compatibility <count> operand, for shifting bits, 286–287 CP/M operating system, 70, 79–82 CPU architecture and, 67 cpp (C preprocessor), 442 virtual 86 mode for backward CPUs (central processing units) compatibility, 83 8080, 79–80compilers 8086, 80–82 architectures, 67–68 vs. assemblers, 122 changing the course of fetch and execute, conditional compilation, 263 function of, 121 65 – 66 gcc. See gcc (GNU C compiler) data bus and, 59–60complexity, managing fetch and execute process, 63–64 breaking actions down into smaller actions, improvements to, 68 machine instructions and, 62 328 – 329 multiple CPU systems, 73–74 multitasking and, 72

Index ■ C–D 593 number of transistors switches on, scanf() function for entering numeric 64 – 65 values, 458–462 overview of, 57–58 data items, accessing from procedures, program controlling, 61 343 recognizing source strings and destination data output, in C strings, 395 printf() function for formatting text register data shored on internal registers, output, 452–453 puts() function for outputting characters, 207 – 209 451 registers, 60–61 talking to memory system, 58–59 data pins, on memory chips, 52 what it does vs. how it does it, 66–67 .data sectionCS (code segment) registers 8086/8088 CPUs, 82 in assembly language program, 240 machine instructions stored in, 95 stack and, 248 overview of, 91 data segment (DS) register, 91ctime(), in C, 464–465 DB (Define Byte) directive, 242Ctrl+F (search), 171 DD (Define Double) directive, 242, 244Ctrl+R (replace), 172 DDD (Data Display Debugger), 194current code segment, 95 dead code, costs of, 367cursor control DEBUG, 139 cautions regarding, 377–378 debuggers in Linux console, 371–377 debugging source code, 128cursor movement, Kate editing controls, Gdb. See Gdb debugger Insight Debugger. See Insight Debugger 169 installing, 140 KDbg. See KDbgD locating and identifying bugs, 138–139 running program in, 147–153data DEC (Decrement operand) addresses for, 11 altering data with, 11 definitions of data items in .data section of conditional jumps and, 299 program, 240 decrementing operand by one, 215–216 local, 346–347 ECX register and, 408–409 numeric in Assembly Language Game, as means of getting negative numbers, 11 placing constant data in procedure 221 – 222 definitions, 348–350 reference, 527 procedures and, 342–343 DEC (Digital Equipment Corporation), 20 storage in board games, 5, 10–11 decimal numbers (base 10) storing data to discontinuous strings, conversion to, 24 419 – 424 converting binary to, 40–41 converting hex to, 28–29, 31data, as operands converting to binary, 41–42 confusing data and its address, 210 converting to hex, 29–32 immediate data, 205–207 hex calculators, 28 memory data, 209–210 hex equivalents, 25–27 register data, 207–209 human numbering system based on 10data bus, CPU/device communication over, fingers (digits) of hand, 16 59 – 60 octal equivalents, 22 Registers view displaying register value as,data definition directives, 242Data Display Debugger (DDD), 194 223 – 224data input, in C Delphi fgets() and scanf() functions for, file processing in, 121 456 – 458 learning, 110 visual programming in, 12

594 Index ■ D–Edependencies DLLs (dynamic link libraries), 78 chains of, 189–191 DOS Make utility and, 187–188 calling procedures within procedures, 340destination addresses, storing data to overview of, 71 discontinuous strings, 419 real mode segmented model and, 78, 99 Unix and, 156destination operand double word immediate data and, 206 DD directive, 242, 244 machine instructions and, 205 measuring memory in, 54 sum of source and destination operands, DS (data segment) register, 91 207 Dual Inline Memory Modules (DIMMs), 56 dual-core CPUs, 73–74destination strings DumpChar procedures, 347–348 putting display buffer address into EDI, 403 DumpLin, hex dump line variable, 347–348 types of strings in x86, 395 Dunn, Jim, 329 DW (Define Word) directive, 242, 244detours, 8, 11 DWORD, size specifiers, 211development process dynamic link libraries (DLLs), 78 assembler errors, 132–133 E assembler warning messages, 134–135 assembling source code file, 131–132 EAX register, viewing in Register view, debuggers and, 138–139 206 – 207 editing source code file, 131 errors vs. bugs, 137–138 EBP (base pointer) linker errors, 136 accessing command-line arguments, 485 linking object code file, 135–136 copying ESP into, 436–438 overview of, 128–130 destroying stack frame in C, 450 testing .EXE file, 136–137 setting up stack frame in C, 448–450 working directories and, 129–131DF (direction flag) Eclipse IDE, for Linux, 157 CLD (Clear Direction Flag), 523 ECX register in EFlags register, 214 overlapping blocks moves and, 416–418 decrementing when using string STD (Set direction flag), 573 instructions, 407–408 STOSB instruction and, 405–406 uses of, 301 decrementing with loop instructions,Difference Engine (Babbage), 48 408 – 409Digital Equipment Corporation (DEC), 20Digits tables, using lookup tables, 293–295 jumping when ECX goes to O, 421DIMMs (Dual Inline Memory Modules), 56 EDI (extended destination index)directories creating and using project directories in for destination strings, 395 DF (direction flag) for Kate, 173–175 working directories in development incrementing/decrementing, 405 putting display buffer address into, 403 process, 129–131 editingdiscontinuous strings, storing data to, example program, 142–143 source code files, 131 419 – 424 editing controls, in Kate, 168–172disks, Kate file management and, 166–167 editorsdisplacements, protected mode, 309–310 gedit, 131, 140, 142–143displays. See screens; virtual text display hex editors, 112DIV (Arithmetic division) for inspecting files, 112–116 Kate. See Kate text editor as implicit operand, 226 effective address SHR (Shift Right) compared with, 209 calculations, 308–309 slowness of, 229–230 of data item in memory, 210 unsigned division with, 228–229 LEA instruction, 315–316, 537 reference, 528

Index ■ E–F 595EFlags register EXTERN. See external procedures bumping into Carry flag when shifting bits, external procedures 287 descriptions of flags in, 212, 214–215 declaring, 356–357 illustration of, 213 mechanics of, 357–361 overview of, 212 external references, object modules, 127 reference documentation for, 232 extra segment (ES) register, 91 watching with Register view, 216–218 FEIP. See IP (instruction pointer)electricity, relay switches and, 48 far jumps, 354EMACS editor, 440 fast block copiesend of line markers. See EOL (end of line) MOVSB instructions for, 414–416 markers overlapping blocks moves, 416–418EOL (end of line) markers fetch and execute process, CPUs and, 63–64 fgets(), C language comment delimiters, 124 for data input, 457–458 defining lines in display buffer, 406 for reading text from files, 490–493 table of EOL characters, 349 field-effect transistors, 49EQU (equate) directive file I/O, in C changing text display buffer, 402 creating and opening files, 489–490 deriving string length with, 244–246 fgets() for reading text from files,equal operator arithmetic tests after CMP instruction, 305 490 – 493 jumps based on, 302 overview of, 487errors sscanf() for converting strings into adding error handling to program, 270–273 assemblers, 132–133 numbers, 487–489 vs. bugs, 137–138 file management, Kate, 164–167 dividing by zero and, 229 jump out of range, 354 overview of, 164–165 linkers, 136 working with, 165–167 ‘‘off by one’’ error, 273–277 filesES (extra segment) register, 91 binary vs. text, 111–112ESC character, 375 bookmarking, 169escape sequences converting text to code, 121 Konsole, 377–378 editors for inspecting files, 112–116 Linux console controlled by, 375–376 Kate templates for, 161 terminal control with, 183–184 Make utility for checking updates, 189ESP (stack pointer) processing in programming, 110–111 anatomy of Linux stack, 427 Unix, 178–180 destroying stack frame in C, 450 Filesystem Browser, in Kate, 164–165 overview of, 247–248 filters popping the stack vs. addressing, 436–438 hexdump1.asm program as, 289–292 setting up stack frame in C, 448–450 text filters, 182–183, 278 for source strings, 395 firmware, 71.EXE (executable) files fixing errors, 134 linking libraries into programs, 366–367 flags linking object code files to, 125–128 changing program execution, 218–220 testing, 136–137, 146–147 CMP instructions for comparing values,expanding macros, 379expansion slots, 60 301 – 302exporting file, as HTML, 167 conditional jumps and, 299–300extended destination index. See EDI CPU registers, 66 descriptions of flags in EFlags register, 212, (extended destination index) 214 – 215 EFlags register. See EFlags register etiquette bug, 341–342

596 Index ■ F–H ctime(), 464–465 fgets(), 457–458, 490–493 flags (continued) fopen(), 489–490 etiquette for instructions, 215–216 fprintf(), 493–494 illustration of EFlags register, 213 gets(), 456–457 instruction flag summaries, 509–510 linking to, 446 overview of, 212 localtime(), 465–466 reference documentation for, 232 overview of, 445 register, 96 printf(), 452–456 uses of, 301 puts() , 451 watching with Register view, 216–218 rand(), 477–482 scanf(), 458–462 folders, Kate file management, 166 srand(), 476–477 fopen(), creating/opening files in C, sscanf(), 487–489 time_t values, 463–464 489 – 490 global data, 342 formatting text, in C language, 452–453 global labels FS register, 91 defined, 351–352 style syntax for, 353 G global procedures declaring, 356–357 gas (GNU assembler) mechanics of, 361–365 assembling C and, 441, 443 Gnome Application Installer, 140 examining AT&T gas source file produced GNOME Terminal, 176 by gcc, 471–474 GNU reasons for not using, 444–445 assembler. See gas (GNU assembler) gcc (GNU C compiler), 441 gates, CPU switches, 64–65 gcc applied to assembly work, 443–444 gcc (GNU C compiler) overview of, 440–441 process of building C code, 441–443 applied to assembly work, 443–444 reasons for not using gas assembler, AT&T mnemonic conventions and, 444 – 445 470 – 471 GNU Public License (GPL), 440–441 building code in C, 441–443 GPL (GNU Public License), 440–441 examining AT&T gas source file produced greater than operator, 302, 303 greater than or equal to operator, 302 by, 471–474 GS register, 91 overview of, 441 GUI apps, Linux, 185–186 Gdb debugger limitations of, 194 H local labels and, 352 overview of, 139–140 hardware interrupts, 261–262 running program in, 147–153 headers, adding comment headers to viewing Eflag values with, 216–217 gedit procedures, 370–371 editing program in, 142–143 heap, allocating variables on fly, 248 as Linux text editor, 131 hex calculators, 28 preinstalled in Ubuntu Linux, 140 hexadecimal editors, 112 general-purpose registers hexadecimal numbers (base 16) C calling conventions and, 447 CPUs and, 91–93 arithmetic in, 32 procedures using, 344 converting decimal to, 29–32 gets(), in C, 456–457 converting hex numbers to hex digits with gigabits (G), of memory, 51 gigabytes (GB), of memory, 56 hexdump1 program, 289–292 glibc converting to decimal, 28–29, 31 accessing command-line arguments, 485 C calling conventions, 446–447 copying tm structure with MOVSD, 466 – 469

Index ■ H 597 counting in, 25–26 Index x Scale + Displacement, protected decimal compared with, 16 mode addressing, 312–313 hex as shortcut for binary, 43–44 hex calculators, 28 initial comment block, in assembly language multicolumn addition, 35 program, 239–240 multicolumn subtraction, 37–38 overview of, 24–25 initialized data, variables for, 242 Registers view displaying register value as, in-line assembly, compilers and, 122 inner loop, closing, 421–422 223 – 224 Insight Debugger single-column additions, 32–34 single-column subtraction, 35–37 Console view, 216–217hexdump1.asm program, 289–292 Kill command, 204hexdump2.asm program, 329 Memory view, 199–200, 430–432HexStr, 295–298 overview of, 194–195HTML, exporting file as, 167 Registers view, 198–199 running, 195I setting command-line arguments with,IA-32, CPU architecture, 68 429 – 430IBM-850 single-stepping REP string instructions character encoding scheme, 178–179 with Insight, 418–419 character set, 583 source code window, 197IDEs (interactive development environments) viewing EAX register in Register view, Eclipse and KDevelop, 157 Kate. See Kate text editor 206 – 207 provided by Turbo Pascal, 156 watching flags with Register view, 216–218IF (interrupt flag) windows of, 195–197 DEC and INC instructions not effecting, instruction pointer. See IP (instruction 218 pointer) in EFlags register, 214 instructions flag rules, 510IF statements, in conditional compilation, comments and, 123–124 mnemonics and operands as, 123 263 INT (software interrupt)immediate addressing, 205–207 reference, 530immediate data returning from Linux kernel services from accessing, 205–207 stack, 259–261 as operand, 205 software vs. hardware interrupts, 261–262implicit operands using Linux kernel services via INT 80h, DIV, 229 MUL, 227 254 – 259 overview of, 225–226IMUL (signed integer multiplication) INT 80h MUL instruction compared with, access and portability myths, 262–263 410 – 411 accessing kernel services from stack, reference, 527–528INC (Increment operand) 254 – 259 altering data with, 11 exiting program via, 260–261 incrementing operand by one, 215–216 Intel reference, 529 dual-core CPUs, 73–74include files memory system, 54–55 macro libraries as, 388–389 redesigning chip microarchitecture, 69 macros compared to, 379 role in developing CPU, 58 x86 chips, 66 interactive development environments. See IDEs (interactive development environments) interrupt vector table, 255–256 interrupt vectors defined, 255 riding into Linux, 258

598 Index ■ I–Linterrupts K IRET (return from interrupt), 260, 531 returning from Linux kernel services from Kate text editor stack, 259–261 adding items to toolbar, 167–168 software. See INT (software interrupt) configuring, 160–162 software vs. hardware, 261–262 creating and using project directories, using Linux kernel services via INT 80h, 173 – 175 254 – 259 creating sandbox session in, 203 editing controls, 168–172invoking macros, 386–387 editing example program, 142I/O (input/output), in C file management, 164–167 installing, 157–158 data input. See data input, in C invoking Make from, 191–193 data output. See data output, in C launching, 158–160 file I/O. See file I/O, in C overview of, 157I/O (input/output), scanning buffered I/O sessions, 162–163 terminal window in, 173 file, 271–273 using while programming, 172–175I/O addresses, of peripheral devices, 60 window focus when working with,I/O redirection 175 filters and, 183 KDbg overview of, 180–182 Insight Debugger compared with, 198 printing standard input data in hex format, installing, 141–142 limitations of, 194 335 running program in debugger, 147–153IP (instruction pointer) KDevelop, 157 changing the course of fetch and execute, 66 kernel CPU register for, 63overview of, 95–96 accessing kernel services from stack,IRET (return from interrupt), 260, 531 254J call gate, 255 Linux, 73J? (Jump on condition), 532–533 returning to kernel services stack from,JA (Jump if Above), 303JCXZ (Jump if CX=0), 421, 534 259 – 261JECXZ (Jump if ECX=0), 535 kernel space, Linux, 73JG (Jump if Greater), 303 Kill command, Insight Debugger, 204JLE (Jump if Less than or Equal), 302 kilobits (K), of memory, 51JMP (Unconditional jump), 222 Konsole format for unconditional jumps, 300–301 adding key binding to, 192–193 local labels and, 353 character encoding in, 177–179 reference, 536 escape sequences, 184, 377–378 unconditional jumps, 298 overview of, 143JNG (Jump if Not Greater than), 302 KWrite editor, 159JNZ (Jump If Not Zero), 218–219, 300–301jump instructions L categories of, 302–303 conditional, 218–219, 299–300 labels greater than vs. above, 303 descriptive names of programs, 218–219 jump or don’t jump, 66 duplicating use of, 350 jumping on absence of a condition, 300–301 forcing local label access, 353 local labels and, 353 global, 351 mnemonics and synonyms for, 304 local, 350–353 short, near, and far jumps, 354–355 overview of, 241–242 unconditional, 298 representing addresses, 246JZ (Jump if Zero), 299–300 in .text section of program, 241

laundry list Index ■ L 599 computer program as, 1–2 tests in, 2–3 Linux tools adding items to Kate toolbar, 167–168ld linker chains of dependencies, 189–191 building code in C and, 443 character encoding in Konsole, 177–178 linking program with, 145–146 configuring Kate, 160–162 console applications, 176–177LEA (Load Effective Address), 315–316, 537 dependencies, 187–188lease significant byte (LSB), of BX register, file updates and, 189 GUI apps, 185–186 208 Insight Debugger, 194–195least significant bit, bit numbering, 280 installing Kate, 157–158legend, 6–7 invoking Make from Kate, 191–193length indicators, strings not having in I/O redirection, 180–182 Kate editing controls, 168–172 assembly language, 394 Kate file management, 164–167less than operator, 302 Kate sessions, 162–163less than or equal to operator, 302 Kate text editor, 157libraries launching Kate, 158–160 Make utility, 186–187 building external procedure library, 355 overview of, 156–157 C language, 439–440 running Insight Debugger, 195, 197–200 dangers of too many procedures and too standard Unix files, 178–180 terminal control with escape sequences, many libraries, 366–367 183 – 184 global data and, 342 terminals, 176 linking into programs, 365–367 text filters, 182–183 Linux C library. See glibc touch command for forcing builds, macro libraries as include files, 388–389 193 – 194line feeds, 115 using Kate while programming, 172–175lines, defining in display buffer, 406 windows of Insight Debugger, 195–197linkers. See also ld linker building code in C and, 443 LinuxAsmTools, 378 debugging information and, 128 little endian, 117–121, 206 errors, 136 local data function of, 127 linking libraries into programs, 366–367 overview of, 342 linking program, 145–146 procedures and, 346–347 object code to executable, 125–127, local labels forcing local label access, 353 135 – 136 jump lengths and, 350–353 preinstalled, 140 label reuse and, 350 relocatability and, 128 within macros, 387–388Linux style syntax for, 353 big endian vs. little endian, 120 localtime(), in, 465–466 development of, 156 logic GNU. See GNU computers and humans, 4 GUI apps for, 185 machine instructions performing logical memory model for 32-bit Linux, 78 OSs (operating systems), 73 operations, 62Linux console logical AND. See AND (Logical AND) control cautions, 377–378 logical Exclusive OR (XOR), 284–285, cursor control, 371–377 sending virtual display buffer to, 406–407 579 – 580 text console, 102 logical NOT, 285–286, 549 tools, 176–177 logical OR, 283, 550–551Linux kernel services lookup tables, 293–295 accessing from stack, 254 LOOP (Loop until CX/ECX=0) returning to stack from, 259–261

600 Index ■ L–MLOOP (Loop until CX/ECX=0) (continued) reference, 230–232 decrementing EXC register, 408–409 register data and register addressing, displaying ruler on screen, 409 reference, 538–539 207 – 209 sandbox for experimenting with, 201–202LOOPNZ/LOOPNE (Loop while CX/ECX>0 signed and unsigned values, 221 and ZF=0), 540 size of memory data, 211 slowness of MUL and DIV, 229–230LOOPNZ/LOOPNE (Loop while CX/ECX>0 source and destination operands, 205 and ZF=1), 541 watching flags with Insight’s Register view,loops 216 – 218 closing inner loop, 421–422 macros closing outer loop, 422–423 decrementing EXC register, 408–409 defining with parameters, 385–386 nested instruction loops, 420–421 invoking, 386–387 repeating instructions with, 219–220 local labels within, 387–388 scanning a buffer and, 272 macro libraries as include files, 388–389 mechanics of defining, 379–385LSB (lease significant byte), of BX register, overview of, 378–379 208 procedures compared to, 379–385,M 389 – 391 maintainability, of procedures, 367–368Mac OS/X, 156 Make utilitymachine instructions chains of dependencies, 189–191 changing the course of fetch and execute, dependencies, 187–188 65 – 66 file updates, 189 invoking from Kate, 191–193 computer programs as table of binary overview of, 186–187 machine instructions, 63–64 touch command for forcing builds, CPU controlled by, 62 193 – 194 mnemonics for, 123 makefiles overview of, 201 program translators, 121 defined, 187 as steps, 66 dependencies, 187–188 storing in CS (code segment) registers, hexdump2.asm program and, 335 for sandbox, 203 95 maskingmachine instructions (x86) bits, 282 nybbles, 292–293 confusing data and its address, 210 MASM, 386 DIV, 228–229 mass storage, as serial-access device, EFlags register, 212–215 flags changing program execution, 52 mathematics, emphasis on applied 218 – 220 flags reference, 232 mathematics in schools, 15–16 immediate data and immediate addressing, megabits (M), of memory, 51 megabytes (MB), of memory, 56, 82–83 205 – 207 memory implicit operands, 225–226 INC and DEC, 215–216 defined, 48 list of, 507–509 principle of staying out of memory memory data, 209–210 minimal NASM program for use with (Abrash), 54 switches as on/off memory device, sandbox, 202–204 MOVSX , 224–225 47 – 48 MUL, 226–228 terms for, 85 NEG , 233–236 units of measurement, 54–55 negative numbers and, 221–224 memory access time, memory chips, real mode and, 211–212 53 – 54

Index ■ M–M 601memory addresses Memory view, Insight Debugger, 199–200, 20-bit addresses, 88–90 430 – 432 8080 CPU and, 79–80 AT&T memory reference syntax, memory-mapped video, not allowed by 474 – 475 protected mode, 104–105 I/O addresses compared to, 60 as key to assembly language, 12–13 microarchitecture, CPUs, 68 in megabytes, 82–83 mnemonics memory models and, 77–79 protected mode rules for, 307–308 AT&T. See AT&T mnemonic conventions protected mode schemes for, 309 for jump instructions, 304 real mode and, 211–212 machine instructions and, 123 segment address compared with, 87 modules .asm files as, 355memory cells external, 357–359 addresses, 52 object modules. See object code files silicon chip capacity and, 51 most significant byte (MSB), of BX register, transistor switches and, 49–50 208memory chips motherboard, peripherals on, 60 access time, 53–54 MOV (Move/copy right operand into left addresses, 52 bit capacity of, 51 operand) bits per address, 55 for moving data, 204 CPU (central processing unit). See CPUs reference, 542–543 (central processing units) source and destination operands, 205 DIMMs (Dual Inline Memory Modules), 56 speed of, 229 function in computers, 46–47 translating characters with MOV or XLAT, Intel memory system, 54–55 peripherals and, 59–60 320 – 325 redesigning chip microarchitecture, 69 MOVE instructions, moving data into storage, summary of, 57 11memory data MOVS (Move string) as operand, 205 overview of, 209–210 reference, 544–545 size of, 211 sizes of, 414–415memory models MOVSB 64-bit ‘‘Long Mode’’, 106–108 8080 CPU and, 79–80 DF and overlapping block moves, 416–418 8086 CPU and, 80–82 for fast block copies, 414–416 blinders, 83–85 REP MOVSB , 418–419 nature of megabytes in real mode memory, types of MOVS instructions, 414 82 – 83 WrtLn procedure demonstrating, 415–416 overview of, 77–79 MOVSD, 415, 466–469 protected mode flat model, 101–104 MOVSW, 415 real mode flat model, 97–99 MOVSX, 224–225, 547 real mode segmented model, 99–101 MSB (most significant byte), of BX register, virtual 86 mode for backward compatibility, 83 208 MS-DOS, 99. See also DOSmemory system MUL (Unsigned integer multiplication) access methods, 57 CPU communication with, 58–59 CF (carry flag) and, 227–228 illustration of 1 megabyte memory system, as implicit operand, 226 56 IMUL compared with, 410–411 Intel, 54–55 overview of, 226–227 reference, 547–548 slowness of MUL and DIV, 229–230 multibyte values, big endian and little endian, 117–121 multicolumn arithmetic, in hex addition, 35 subtraction, 37–38