1. Data transmission instructions
They transfer data between memory and registers, registers and input and output ports.
1. General data transfer instructions.
MOV Transfer words or bytes.
MOVSX Signal expansion first, then teleport.
MOVZX First zero expansion, then teleport.
PUSH Press the words onto the stack.
POP Pop words out of the stack.
PUSHA Push AX, CX, DX, BX, SP, BP, SI, and DI into the stack in turn.
POPA Pop up the stack in turn DI, SI, BP, SP, BX, DX, CX, and AX.
PUSHAD Push EAX, ECX, EDX, EBX, ESP, EBP, ESI, and EDI into the stack in turn.
POPAD Popup EDI, ESI, EBP, ESP, EBX, EDX, ECX, and EAX in turn.
BSWAP Switch the order of bytes in 32-bit registers
XCHG Switch words or bytes. (At least one operand is a register, and segment registers cannot be used as operands)
CMPXCHG Compare and exchange operands. (The second operand must be the accumulator AL/AX/EAX)
XADD Exchange first and then accumulate. (The result is in the first operand)
XLAT Byte table lookup conversion.----BX points to the starting point of a 256-byte table, AL is the index value of the table (0-255, that is, 0-FFH); Return AL is the result of the table lookup.([BX+AL]->AL)
2. Transfer commands from the input and output ports.
IN I/O port input. (Syntax: IN accumulator, {port number│DX})
OUT I/O port output. (Syntax: OUT {port number│DX}, accumulator) When the input and output port is specified by the immediate mode, its range is 0-255; when specified by the register DX, its range is 0-65535.
3. Destination address transmission instruction.
LEA Load valid address. Example: LEA DX, string; save the offset address to DX.
LDS transmits the target pointer and loads the pointer content into DS. Example: LDS SI, string; saves the segment address: offset address to DS:SI.
LES transmits the target pointer and loads the pointer content into ES. Example: LES DI, string; saves the segment address: offset address to ES:DI.
LFS transmits the target pointer and loads the pointer content into FS. Example: LFS DI, string; saves the segment address: offset address to FS:DI.
LGS transmits the target pointer and loads the pointer content into GS. Example: LGS DI, string; saves the segment address: offset address to GS:DI.
LSS transmits the target pointer and loads the pointer content into SS. Example: LSS DI, string; saves the segment address: offset address to SS:DI.
4. Flag transfer command.
The LAHF flag register is transmitted and the flag is loaded into AH.
The SAHF flag register is transmitted and the AH content is loaded into the flag register.
PUSHF flag is put into the stack.
POPF flag is out of the stack.
PUSHD 32-bit flag is put into the stack.
POPD 32-bit flag is out of the stack.
2. Arithmetic operation instructions
ADD Addition.
ADC Bring carry addition.
INC Add 1.
AAA AsCII code adjustment for addition.
DAA Decimal adjustment of addition.
SUB Subtraction.
SBB
DEC �
NEG Find the inverse (subtract it by 0).
CMP Comparison. (Two operands are subtracted, only the flag bit is modified, and the result is not returned).
AAS ASCII code adjustment for subtraction.
DAS Decimal adjustment of subtraction.
MUL Unsigned multiplication. The result is looped back to AH and AL (byte operation), or DX and AX (word operation),
IMUL Integer multiplication. The result is looped back to AH and AL (byte operation), or DX and AX (word operation),
AAM ASCII code adjustment of multiplication.
DIV Unsigned division. Result loopback: quotient returns AL, remainder returns AH, (byte operation); or quotient returns AX, remainder returns DX, (word operation).
IDIV Integer division. Result loopback: quotient returns AL, remainder returns AH, (byte operation); or quotient returns AX, remainder returns DX, (word operation).
AAD ASCII code adjustment for division.
CBW
CWD Convert the word into double words. (Extend the symbols of the word in AX to DX)
CWDE Convert words to double words. (Extend characters in AX to EAX)
CDQ Double word extension. (Extend the symbols of words in EAX to EDX)
3. Logical operation instructions
AND �
OR Or operation.
XOR XOR operation.
NOT Inverse.
TEST Test. (Two operands are used to perform operations, only the flag bit is modified, and the result is not returned).
SHL Logical left shift.
SAL Arithmetic left shift.(=SHL)
SHR Logical shift right.
SAR Arithmetic right shift.(=SHR)
ROL Loop left.
ROR �
RCL The left shift through the carry.
RCR The right shift through the cycle of carry.
The number of shifting times of the above eight shift instructions can reach 255 times.
When shifting once, the opcode can be used directly. For example, SHL AX, 1.
When shifting>1 time, the number of shifts will be given by the register CL.
Such as MOV CL,04 SHL AX,CL
4. String commands
DS:SI Source String Segment Register: Source String Index.
ES:DI Target String Segment Register: Target String Index.
CX repeat count counter.
AL/AX scan value.
D flag 0 means that SI and DI should automatically increment during repeated operations; 1 means that SI should automatically decrease.
Z flag is used to control the end of scanning or comparison operations.
MOVS String transmission. (MOVSB transmits characters. MOVSW transmits words. MOVSD transmits double words. )
CMPS String comparison. (CMPSB comparison characters. CMPSW comparison words.)
SCAS String scan. Compare the content of AL or AX with the target string, and the comparison result is reflected in the flag bit.
LODS Load the string. Load the elements (words or bytes) in the source string into AL or AX one by one. (LODSB transmits characters. LODSW transmits words. LODSD transmits double words. )
STOS Save string. It is the reverse process of LODS.
REP Repeat when CX/ECX<>0.
REPE/REPZ Repeat when ZF=1 or comparison results are equal and CX/ECX<>0.
REPNE/REPNZ Repeat when ZF=0 or comparison results are not equal and CX/ECX<>0.
REPC Repeat when CF=1 and CX/ECX<>0.
REPNC Repeat when CF=0 and CX/ECX<>0.
5. Program transfer instructions
1. Unconditional transfer instruction (long transfer)
JMP �
CALL Process Call
RET/RETF Process return.
2. Conditional transfer instruction (short transfer, within the distance between -128 and '127) (if and only if (SF XOR OF)=1, OP1<OP2)
JA/JNBE Transfer when not less than or not.
JAE/JNB
JB/JANE Less than escape.
JBE/JNA �
The above four items test the results of unsigned integer operations (flags C and Z).
JG/JNLE Greater than transfer.
JGE/JNL Greater than or equal to transfer.
JL/JNGE �
JLE/JNG Less than or equal to transfer.
The above four items test the results of signed integer operations (marks S, O and Z).
JE/JZ
JNE/JNZ �
JC Transfer when there is a carry.
JNC Transfer when there is no carry.
JNO Transfer when it does not overflow.
JNP/JPO Transfer when odd numbers are odd.
JNS Transfer when the symbol bit is "0".
JO �
JP/JPE Transfer when parity is even.
JS �
3. Cycle control command (short transfer)
LOOP Loop when CX is not zero.
LOOPE/LOOPZ Loops when CX is not zero and the flag Z=1 is marked.
LOOPNE/LOOPNZ Loops when CX is not zero and the flag Z=0.
JCXZ �
JECXZ �
4. Interrupt command
INT �
INTO
IRET
5. Processor control instructions
HLT
WAIT When the chip lead TEST is high, the CPU enters a waiting state.
ESC �
LOCK Block the bus.
NOP �
STC �
CLC �
CMC �
STD Set the direction flag.
CLD Clear the direction mark.
STI Set the interrupt enable bit.
CLI Clear the interrupt allow bit.
6. Pseudo-instructions
DW Definition word (2 bytes).
PROC Definition process.
ENDP The process ends.
SEGMENT Definition segment.
ASSUME Establish segment register addressing.
ENDS End of the paragraph.
END The program ends.
7. Processor control command: flag processing command
CLC Carry position0instruction CMC 进位位求反instruction STC Carry position为1instruction CLD Direction marking1instruction STD Direction mark position1instruction CLI Interrupt flag setting0instruction STI Interrupt flag setting1instruction NOP No operation HLT Shutdown WAIT wait ESC Change code LOCK blockade
Floating point operation instruction set
1. Control commands
(When the control instruction prefix F with 9B becomes FN, the floating point will not be checked, and the machine code will be removed from 9B)
FINIT Initialize floating point components Machine code 9B DB E3 FCLEX Clear exception Machine code 9B DB E2 FDISI Floating point check prohibits interrupts Machine code 9B DB E1 FENI Floating point check prohibits interrupts二 Machine code 9B DB E0 WAIT synchronousCPUandFPU Machine code 9B FWAIT synchronousCPUandFPU Machine code D9 D0 FNOP No operation Machine code DA E9 FXCH exchangeST(0)andST(1) Machine code D9 C9 FXCH ST(i) exchangeST(0)andST(i) Machine code D9 C1iii FSTSW ax Status word toax Machine code 9B DF E0 FSTSW word ptr mem Status word tomem Machine code 9B DD mm111mmm FLDCW word ptr mem memTo status word Machine code D9 mm101mmm FSTCW word ptr mem Control word tomem Machine code 9B D9 mm111mmm FLDENV word ptr mem memGo to the entire environment Machine code D9 mm100mmm FSTENV word ptr mem The whole environment ismem Machine code 9B D9 mm110mmm FRSTOR word ptr mem memarriveFPUstate Machine code DD mm100mmm FSAVE word ptr mem FPUstatearrivemem Machine code 9B DD mm110mmm FFREE ST(i) LogoST(i)Not used Machine code DD C0iii FDECSTP Reduce stack pointers1-&gt;0 2-&gt;1 Machine code D9 F6 FINCSTP Add stack pointer0-&gt;1 1-&gt;2 Machine code D9 F7 FSETPM Floating point settings protection Machine code DB E4
2. Data transfer instructions
FLDZ Will0.0loadST(0) Machine code D9 EE FLD1 Will1.0loadST(0) Machine code D9 E8 FLDPI WillπloadST(0) Machine code D9 EB FLDL2T Willln10/ln2loadST(0) Machine code D9 E9 FLDL2E Will1/ln2loadST(0) Machine code D9 EA FLDLG2 Willln2/ln10loadST(0) Machine code D9 EC FLDLN2 Willln2loadST(0) Machine code D9 ED FLD real4 ptr mem loadmemSingle precision floating point number Machine code D9 mm000mmm FLD real8 ptr mem loadmemDouble precision floating point number Machine code DD mm000mmm FLD real10 ptr mem loadmemCross-byte floating point number Machine code DB mm101mmm FILD word ptr mem loadmemtwo-byte integer Machine code DF mm000mmm FILD dword ptr mem loadmemfour-byte integer Machine code DB mm000mmm FILD qword ptr mem loadmemoctet integer Machine code DF mm101mmm FBLD tbyte ptr mem loadmemCrossBCDnumber Machine code DF mm100mmm FST real4 ptr mem 保存单精度浮点number到mem Machine code D9 mm010mmm FST real8 ptr mem 保存双精度浮点number到mem Machine code DD mm010mmm FIST word ptr mem 保存二字节整number到mem Machine code DF mm010mmm FIST dword ptr mem 保存四字节整number到mem Machine code DB mm010mmm FSTP real4 ptr mem 保存单精度浮点number到memAnd put out the stack Machine code D9 mm011mmm FSTP real8 ptr mem 保存双精度浮点number到memAnd put out the stack Machine code DD mm011mmm FSTP real10 ptr mem Save the cross浮点number到memAnd put out the stack Machine code DB mm111mmm FISTP word ptr mem 保存二字节整number到memAnd put out the stack Machine code DF mm011mmm FISTP dword ptr mem 保存四字节整number到memAnd put out the stack Machine code DB mm011mmm FISTP qword ptr mem 保存八字节整number到memAnd put out the stack Machine code DF mm111mmm FBSTP tbyte ptr mem Save the crossBCDnumber到memAnd put out the stack Machine code DF mm110mmm FCMOVB ST(0),ST(i) &lt;Time delivery Machine code DA C0iii FCMOVBE ST(0),ST(i) &lt;&4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 �FCMOVE ST(0),ST(i) &4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 �FCMOVNB ST(0),ST(i) &gt;&61: Transfer machine code DB C0iiiFCMOVNBE ST(0),ST(i) &gt;Time delivery Machine code DB D0iii FCMOVNE ST(0),ST(i) !&61: Transfer machine code DB C1iiiFCMOVNU ST(0),ST(i) 有序Time delivery Machine code DB D1iii FCMOVU ST(0),ST(i) 无序Time delivery Machine code DA D1iii
3. Comparison instructions
FCOM ST(0)-ST(1) Machine code D8 D1 FCOMI ST(0),ST(i) ST(0)-ST(1) Machine code DB F0iii FCOMIP ST(0),ST(i) ST(0)-ST(1)And put out the stack Machine code DF F0iii FCOM real4 ptr mem ST(0)-Real numbersmem Machine code D8 mm010mmm FCOM real8 ptr mem ST(0)-Real numbersmem Machine code DC mm010mmm FICOM word ptr mem ST(0)-Integermem Machine code DE mm010mmm FICOM dword ptr mem ST(0)-Integermem Machine code DA mm010mmm FICOMP word ptr mem ST(0)-IntegermemAnd put out the stack Machine code DE mm011mmm FICOMP dword ptr mem ST(0)-IntegermemAnd put out the stack Machine code DA mm011mmm FTST ST(0)-0 Machine code D9 E4 FUCOM ST(i) ST(0)-ST(i) Machine code DD E0iii FUCOMP ST(i) ST(0)-ST(i)And put out the stack Machine code DD E1iii FUCOMPP ST(0)-ST(1)And put it out twice Machine code DA E9 FXAM ST(0)Specification type Machine code D9 E5
4. Operation instructions
FADD Set the target operand (Variable or stack buffer directly connected to the instruction) with source operand (Variable or stack buffer connected to the destination operand) Add up&#xff0c; and store the result in the destination operandFADDP ST(i),ST This instruction adds the target operand ST Buffer&#xff0c; and pops up the ST buffer, and the target operand must be one of the stack buffers. Finally, regardless of the target operand, the target operand will become the previous stack buffer after popping it once.FIADD FIADD Yes ST Add source operand&#xff0c; and then stored in the ST buffer, source operand must be variables in word group integer or short integer form
FSUB reduce
FSUBP
FSUBR reduce数与被reduce数互换
FSUBRP
FISUB
FISUBR
FMUL take
FMULP
FIMUL
FDIV remove
FDIVP
FDIVR
FDIVRP
FIDIV
FIDIVR
FCHS Change ST plus or negative value of
FABS Bundle ST Take out the value&#xff0c; Take its absolute value and save it back.
FSQRT Will ST Take out the value&#xff0c; open the root number and save it back.
FSCALE This instruction is calculated ST*2^ST(1)Value&#xff0c; Then save the result in ST and the value of ST(1) remains unchanged. ST(1) must be an integer between -32768 and 32768 (-215 to 215). If the calculation result exceeds this range, it cannot be determined. If it is not an integer, ST(1) will first round to zero and then calculate. Therefore, for security reasons, it is best to load the word group integer into ST(1).
FRNDINT 这个指令Yes ST The value of the value is rounded into an integer&#xff0c;FPU provides four rounding methods, determined by the two RC bits in the FPU's control word group (control word) RC Rounding control
00 rounding
01 Round toward negative infinite
10 Rounding towards the infinite size
11 Go to the lings
other
1. Mechanical code, also known as machine code.
When you open ultraedit, you will see
Many numbers consist of 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, A, B, C, D, E, F, these numbers
It's machine code.
When modifying the program, the exe file must be modified by modifying the machine code.
2. All the compilation knowledge that needs to be mastered (that is only so much)
It's not easy to understand, but I can force myself to hold it in my arms first, and then I will understand it slowly later.
cmmp a,b compare a to b
mov a,b sends the value of b to a
ret return to the main program
nop, the abbreviation of "no operation" in English, means "do nothing" (machine code 90)*** The meaning of machine code is above
(Explanation: When ultraedit opens the edit exe file, you see 90, which is equivalent to the assembly statement nop)
call subroutine
je or jz will jump if equal (machine code 74 or 0F84)
jne or jnz If not equal, jump (machine code 75 or 0F85)
jmp unconditional jump (machine code EB)
jb If it is less than
ja If it is greater than it will jump
jg If it is greater than it will jump
jge If it is greater than or equal to it, jump
jl If less than
jle If it is less than or equal to or jump
pop
push
3. Common modifications (machine code)
74=>75 74=>90 74=>EB
75=>74 75=>90 75=>EB
jnz->nop
75->90 (response machine code modification)
jnz -> jmp
75 -> EB (relevant machine code modification)
jnz -> jz
75->74 (normal) 0F 85 -> 0F 84 (In special cases, sometimes, the corresponding machine code is modified)
4. Different modification methods in two different situations
1. Modify to jmp
je(jne,jz,jnz) =>jmp corresponding machine code EB (the first jump found upward) The function of jmp is to jump absolutely and unconditionally, thereby skipping the following error information
xxxxxxxxxxxxxxxxx error message, such as: the registration code is wrong, sorry, the unregistered version cannot..., "Function Not Avaible in Demo" or "Command Not Avaible" or "Can't save in Shareware/Demo" etc. (We hope to skip it and prevent it from appearing)
。。。
。。。
xxxxxxxxxxxxxxxxxxx
2. Modify to nop
je(jne,jz,jnz) =>nop corresponding machine code 90 (the first jump found in the correct information) The function of nop is to erase this jump, invalidate this jump and lose its effect, so that the program can smoothly come to the correct information immediately following it
xxxxxxxxxxxxxxxx Correct information, such as: registration is successful, thank you for your support, etc. (We hope it will not be skipped, let it appear, the program must come here smoothly)
。。。
。。。
xxxxxxxxxxxxxxx error message (we hope not to jump here and not let it appear) They transfer data between memory and registers, registers and input and output ports.
This is the article about assembly language instructions. The X86 and X87 assembly instructions (with comments) is introduced here. For more contents of the related assembly language instructions, please search for my previous articles or continue browsing the related articles below. I hope everyone will support me in the future!