Assembly Arithmetic & Logic Examples
Assembly Arithmetic & Logic Examples
Instructions
1
EXAMPLE: ADD / ADC (ver. 1)
Write a program to calculate the total sum of 5 bytes of data.
Each byte represents the daily wages of a worker.
This person does not make more than $255 (FFH) a day.
The decimal data is as follows: 125, 235, 197, 91, and 48
COUNT EQU 05
DATA DB 125, 235, 197, 91, 48
SUM DB ?
… … … … … …
MOV CX,COUNT
MOV SI, OFFSET DATA
MOV AL,00
BACK: ADD AL,[SI]
INC SI
DEC CX
JNZ BACK
MOV SUM,AL
MOV AH, 4CH
INT 21H
2
EXAMPLE: ADD / ADC (ver. 2)
COUNT EQU 05
DATA DB 125, 235, 197, 91, 48
SUM DW ?
… … … … … …
MOV CX,COUNT
MOV SI, OFFSET DATA
MOV AX,00
BACK: ADD AL,[SI]
JNC OVER
INC AH
OVER: INC SI
DEC CX
JNZ BACK
MOV SUM,AX
MOV AH, 4CH
INT 21H
3
EXAMPLE: ADD / ADC (ver. 3)
COUNT EQU 05
DATA DB 125, 235, 197, 91, 48
SUM DW ?
… … … … … …
MOV CX,COUNT
MOV SI, OFFSET DATA
MOV AX,00
CLC Why?
BACK: ADD AL,[SI]
ADC AH,00
INC SI
DEC CX
JNZ BACK
MOV SUM,AX
MOV AH, 4CH
INT 21H
4
EXAMPLE: ADD / ADC (ver. 4)
COUNT EQU 05
DATA DB 125, 235, 197, 91, 48
SUM DW ?
… … … … … …
MOV CX,COUNT
MOV SI, OFFSET DATA
MOV AX,00
MOV DX,00
BACK: MOV DL,[SI]
ADD AX,DX
INC SI
LOOP BACK
MOV SUM,AX
MOV AH, 4CH
INT 21H
5
EXAMPLE: Addition of words
Write a program to calculate the total sum of five words of data.
Each data value represents the yearly wages of a worker.
This person does not make more than $65,555 (FFFFH) a year.
The decimal data: 27345, 28521, 29533, 30105, and 32375.
COUNT EQU 05
DATA DW 27345, 28521, 29533, 30105, 32375
SUM DW 2 DUP(?)
… … … … … …
MOV CX, COUNT
MOV SI, OFFSET DATA
MOV AX,00
MOV BX,AX
BACK: ADD AX,[SI]
ADC BX,00
INC SI
INC SI ADD SI,2
DEC CX
JNZ BACK
MOV SUM,AX
MOV SUM+2,BX
MOV AH,4CH
INT 21H 6
EXAMPLE: Addition of multiword Numbers
Write a program that adds the following two multiword numbers and saves the
result: DATA1 = 548FB9963CE7H and DATA2 = 3FCD4FA23B8DH.
DATA1 DQ 548FB9963CE7H
DATA1 DQ 3FCD4FA23B8D
SUM DQ ?
… … … … … …
MOV SI, OFFSET DATA1 548F B996 3CE7
MOV DI, OFFSET DATA2 3FCD 4FA2 3B8D
MOV BX, OFFSET SUM
MOV CX,4
CLC
BACK: MOV AX,[SI]
ADC AX,[DI]
MOV [BX],AX
INC SI
INC SI
INC DI ADD SI,2
INC DI
INC BX
INC BX
LOOP BACK
MOV AH,4CH
INT 21H 7
Subtraction of Unsigned Numbers
SUB destination, source ; destination = destination - source
2's complement is used in subtraction.
The 80x86 uses internal adder circuitry to perform the subtraction command.
The steps of the hardware in executing the SUB instruction for unsigned numbers,
as follows.
1. Take the 2's complement of the source operand.
2. Add it to the destination operand.
3. Invert the carry.
Example: Show the steps involved in the following:
MOV AL,3FH ; AL = 3FH = 0011 1111
MOV BH,23H ; BH = 23H = 00100011
SUB AL,BH ;AL = 0011 1111 – 00100011 = 0011 1111 +
1101 1101
1 0001 1100
CF = 0, ZF = 0, AF = 0, PF = 0, and SF = 0.
The programmer must look at the carry flag (not the sign flag) to determine if the
result is positive (CF = 0) or negative (CF = 1) .
8
Example: Analyze the following program
;From the data segment:
DATA1 DB 4CH
DATA2 DB 6EH
DATA3 DB ?
;From the code segment:
MOV DH,DATA1
SUB DH,DATA2
JNC NEXT
NOT DH
INC DH
NEXT: MOV DATA3,DH
Solution:
DH = 4C 01001100 0100 1100
-6E -01101110 +1001 0010
DH = -22 1101 1110 00100010 -22
CF=1 the result is negative
9
SBB (Subtract with Borrow)
SBB destination, source ; destination = destination - source - CF
11
Example: Byte Byte Multiplication
; From the data segment
DATA1 DB 25H
DATA2 DB 65H
RESULT DW ?
; From the code segment
MOV AL,DATA1
MOV BL,DATA2
MUL BL ; register addressing mode
MOV RESULT,AX
OR
MOV AL,DATA1
MUL DATA2 ; direct memory addressing mode
RESULT,AX
OR
MOV AL,DATA1
MOV SI,OFFSET DATA2
MUL BYTE PTR [SI] ; register indirect addressing mode
MOV RESULT,AX
12
Multiplication of unsigned numbers
word x word
One operand must be in AX
The second operand can be in a register or memory
After the multiplication, registers DX and AX will contain the result.
AX will hold the lower word and
DX the higher word.
Example:
Multiply 2378H by 2F79H and store the result in memory
13
Multiplication of unsigned numbers
word x byte
AL contain the byte
AH must be zero
The second operand can be in a register or memory.
After the multiplication, registers DX and AX will contain the result.
AX will hold the lower word and DX the higher word.
Example:
Multiply 2378H by 79H and store the result in memory
; From the data segment:
DATA3 DW 2378H
DATA4 DB 79H
RESULT DW 2 DUP(?)
; From the code segment:
MOV AL,DATA3
MOV AH,0
MUL DATA4
MOV BX, OFFSET RESULT
MOV [BX],AX
MOV [BX]+2,DX
14
Unsigned Multiplication Summary
15
Division of unsigned numbers
Byte over byte
32
5
The numerator must be in the AL register (AL 32)
AH must be set to zero (AH 0)
The denominator cannot be immediate but can be in a register or memory.
(DL 5)
After the DIV instruction is performed (DIV DL),
the quotient is in AL (AL 6)
the remainder is in AH (AH 2)
16
DIV & Addressing Modes
DATA1 DB 95
DATA2 DB 10
QUOT DB ?
REM DB ?
; using immediate addressing mode will give an error
MOV AL,DATA1 ;move data into AL
SUB AH,AH ;clear AH
DIV 10 ;immediate mode not allowed!!
;using direct mode
MOV AL,DATA1 ;AL holds numerator
SUB AH,AH ;AH must be cleared
DIV DATA2 ;divide AX by DATA8
MOV QUOT,AL ;quotient = AL = 09
MOV REM,AH ;remainder = AH = 05
17
DIV & Addressing Modes (Cont.)
;using register addressing mode
MOV AL,DATA1
SUB AH,AH
MOV BH,DATA2
DIV BH
MOV QUOT,AL
MOVREM,AH
18
Word/Word
The numerator is in AX
DX must be cleared
The denominator can be in a register or memory.
After the DIV, AX will have the quotient and the remainder will be in DX.
19
Word/Byte
The numerator is in AX
The denominator can be in a register or memory.
After the DIV instruction, AL will contain the quotient, and AH will contain
the remainder.
The following program divides AX = 2055 by CL= 100.
Then AL = 14H (20 decimal) is the quotient and AH = 37H (55 decimal) is
the remainder.
MOV AX,2055 ;AX holds numerator
MOV CL,100 ;CL used for denominator
DIV CL
MOV QUOT,AL ;AL holds quotient
MOV REM,AH ;AH holds remainder
20
Doubleword / Word
21
Unsigned Division Summary
22
LOGIC INSTRUCTIONS
AND
AND destination,source
This instruction will perform a bitwise logical AND on the operands and
place the result in the destination.
The destination operand can be a register or in memory.
The source operand can be a register, in memory, or immediate.
AND will automatically change the CF and OF to zero
Show the results of the following:
MOV BL,35H
AND BL,0FH
Solution:
35H 0011 0101
0FH 0000 1111
05H 0000 0101
Flag settings will be: SF = 0, ZF = 0, PF = 1, CF = 0, OF = 0
23
The Usage of AND
24
LOGIC INSTRUCTIONS
OR
OR destination,source
The destination and source operands are ORed and the result is placed in
the destination.
The destination operand can be a register or in memory.
The source operand can be a register, in memory, or immediate.
OR can be used to set certain bits of an operand to 1.
OR DH,00000011B
CF and OF will be reset to zero
SF, ZF, and PF will be set according to the result.
All other flags are not affected.
The OR instruction can also be used to test for a zero operand.
OR DH,0H
OR DH,DH
JZ XXX
XXX: ...
25
LOGIC INSTRUCTIONS
XOR
XOR destination,source
The XOR instruction will eXclusive-OR the operands and place the result
in the destination.
XOR sets the result bits to 1 if they are not equal; otherwise, they are
reset to 0.
CF = 0 and OF = 0 are set internally
The rest are changed according to the result of the operation.
Show the results of the following:
MOV DH,54H
XOR DH,78H
54H 01010100
78H 01111000
2CH 00101100
Flag settings will be: SF = 0, ZF = 0, PF = 0, CF = OF = 0.
26
SHIFT
27
Logical Shift Right
0 CF
The operand is shifted right bit by bit, and for every shift
the LSB will go to the carry flag (CF) and
the MSB is filled with 0
MOV AL,9AH
MOV CL,3
SHR AL,CL
Solution:
9AH 10011010
01001101 CF = 0
00100110 CF = 1
00010011 CF = 0
28
Logical Shift Right (Cont.)
Although SHR does affect the OF, SF, PF, and ZF flags, they are not
important in this case.
The operand to be shifted can be in a register or in memory, but
immediate addressing mode is not allowed for shift instructions.
SHR 25,CL ; this instruction will cause an error.
Show the results of SHR in the following:
;from the data segment:
DATA1 DW 7777H
;from the code segment:
TIMES EQU 4
MOV CL,TIMES
SHR DATA1,CL
Solution
0111011101110111 0011101110111011 0001110111011101
0000111011101110 0000011101110111
29
Logical Shift Lift
CF 0
After every shift, the LSB is filled with 0 and the MSB goes to CF.
Show the effects of SHL in the following:
MOV DH,6
MOV CL,4
SHL DH,CL
Solution:
Initially CF 00000110
CF=0 00011000
CF=0 00110000
CF=0 01100000
CF=0 11000000
After the four shifts left, the DH register has 60H and CF = 0.
30
COMPARE of unsigned numbers
CMP destination,source
The CMP instruction compares two operands and changes the flags
according to the result of the comparison.
The operands themselves remain unchanged.
The destination operand can be in a register or in memory
The source operand can be in a register, in memory, or immediate.
Although all the CF, AF, SF, PF, ZF, and OF flags reflect the result of the
comparison, only the CF and ZF are used
Compare operands CF ZF
31
Unsigned J instructions
32
ROTATE INSTRUCTIONS
The rotation instructions ROR, ROL and RCR, RCL are designed
specifically to perform a bitwise rotation of an operand.
They allow a program to rotate an operand right or left.
The operand can be in a register or memory.
If the number of times an operand is to be rotated is more than 1, this is
indicated by CL. (This is similar to the shift instructions.)
33
ROR rotate right
CF
In rotate right, as bits are shifted from left to right they exit from the right
end (LSB) and enter the left end (MSB).
In ROR the LSB is moved to the MSB and is also copied to CF
If the operand is to be rotated once, the 1 is coded
If it is to be rotated more than once, register CL is used to hold the
number of times it is to be rotated.
MOV AL,36H ; AL = 00110110
ROR AL,1 ; AL = 00011011 CF=0
ROR AL,1 ; AL = 10001101 CF=1
ROR AL,1 ; AL = 11000110 CF=1
MOV CL,3
ROR AL,CL
34
ROL rotate left
In rotate left, bits are shifted from right to left they exit the left end (MSB)
and enter the right end (LSB).
In ROL the MSB is moved to the LSB and is also copied to CF
If the operand is to be rotated once, the 1 is coded.
Otherwise, the number of times it is to be rotated is in CL.
35
RCL
RCR
STC CLC
36
BCD, ASCII, and Control
Instructions
37
BCD AND ASCII OPERANDS AND
INSTRUCTIONS
BCD (binary coded decimal) is needed because human beings use the
digits 0 to 9 for numbers.
Binary representation of 0 to 9 is called BCD
Unpacked BCD: one BCD/byte Digit ASCII ASCII
BCD
Packed BCD: two BCD/byte
(Hex) (Binary)
0 0000 30 0011 0000
Examples
1 0001 31 0011 0001
(94)unoacked BCD
00001001 00000100 2 0010 32 0011 0010
(94)oacked BCD 3 0011 33 0011 0011
10010100 4 0100 34 0011 0100
5 0101 35 0011 0101
6 0110 36 0011 0110
7 0111 37 0011 0111
8 1000 38 0011 1000
9 1001 39 0011 1001
38
ASCII to Unpacked BCD
41
ASCII to Packed BCD
42
Packed BCD to ASCII conversion
To convert packed BCD to ASCII
it must first be converted to unpacked and then
the unpacked BCD is tagged with 011 0000 (30H).
43
BCD addition and correction
MOV AL,17H
ADD AL,28H
Adding 17H and 28H gives 0011 1111B (3FH), which is not BCD!
A BCD number can only have digits from 0000 to 1001 (or 0 to 9).
The result above should have been 17 + 28 = 45 (0100 0101).
To correct this problem, the programmer must add 6 (0110) to the low
digit: 3F + 06 = 45H.
44
DAA (Decimal Adjust for Addition) Instruction
DATA1 DB 47H
DATA2 DB 25H
DATA3 DB ?
MOV AL,DATA1 ;AL holds first BCD operand
MOV BL,DATA2 ;BL holds second BCD operand
ADD AL,BL ;BCD addition
DAA ;adjust for BCD addition (AL=72H)
MOV DATA3,AL ;store result in correct BCD form
DAA works only on AL
If after an ADD or ADC instruction the lower nibble (4 bits) is greater than
9, or if AF = 1, add 0110 to the lower 4 bits.
If the upper nibble is greater than 9, or if CF = 1, add 0110to the upper
nibble.
In reality there is no other use for the AF except for BCD addition and
correction.
45
BCD subtraction and correction
46
Example
Assume that the following operands represent the budget, the expenses, and
the balance, which is the budget minus the expenses.
BUDGET DT 87965141012
EXPENSES DT 31610640392
BALANCE DT ?
MOV CX,10
MOV BX,00
CLC
BACK: MOV AL,BYTE PTR BUDGET[BX]
SBB AL,BYTE PTR EXPENSES[BX]
DAS
MOV BYTE PTR BALANCE[BX],AL
INC BX
LOOP BACK
47
ASCII addition
The data added can be unpacked BCD rather than ASCII, and AAA and
AAS will work fine.
49
Unpacked BCD multiplication
AAM: ASCII adjust multiplication
The Intel manual says that this mnemonic stands for "ASCII adjust
multiplication," but it really is unpacked multiplication correction.
If two unpacked BCD numbers are multiplied, the result can be converted
back to BCD by AAM
50
Unpacked BCD division
AAD: ASCII adjust for division
Before dividing the unpacked BCD by another unpacked BCD, AAD is
used to convert it to HEX.
By doing that the quotient and remainder are both in unpacked BCD.
51
Note that
52
Control Transfer
Instructions
53
NEAR and FAR
SHORT: the address of the target must be within -128 to 127 bytes of the IP
The short jump is two byte instruction.
54
Conditional Jumps
All conditional jumps are short jumps
56
Conditional Jumps and Conditional
Sets
Always short jumps in 8086 - 80286.
limits range to within +127 and –128 bytes from the location following the
conditional jump
In 80386 and above, conditional jumps are either short or near jumps (±32K).
in 64-bit mode of the Pentium 4, the near jump distance is ±2G for the
conditional jumps
Allows a conditional jump to any location within the current code segment.
57
Figure 6–1 The three main forms of the JMP instruction. Note that Disp is either
an 8- or 16-bit signed displacement or distance.
58
Example
0000 DTSEG SEGMENT
0000 2512 15 1F 2B DATA_IN DB 25H,12H,15H,1FH,2BH
0005 00 SUM DB ?
0006 DTSEG ENDS
60
LOOP
A combination of a decrement CX and the JNZ
conditional jump.
In 8086 - 80286 LOOP decrements CX.
if CX != 0, it jumps to the address indicated
by the label
If CX becomes 0, the next sequential instruction
executes
In 80386 and above, LOOP decrements either CX or ECX,
depending upon instruction mode.
61
In 16-bit instruction mode, LOOP uses CX; in the 32-bit
mode, LOOP uses ECX.
default is changed by the LOOPW (using CX) and
LOOPD (using ECX) instructions 80386 - Core2
In 64-bit mode, the loop counter is in RCX.
and is 64 bits wide
There is no direct move from segment register to
segment register instruction.
62
Conditional LOOPs
LOOP instruction also has conditional forms: LOOPE
and LOOPNE
LOOPE (loop while equal) instruction jumps if CX != 0 while
an equal condition exists.
will exit loop if the condition is not equal or the
CX register decrements to 0
LOOPNE (loop while not equal) jumps if CX != 0 while a not-
equal condition exists.
will exit loop if the condition is equal or the CX register
decrements to 0
63
In 80386 - Core2 processors, conditional LOOP can use CX
or ECX as the counter.
LOOPEW/LOOPED or LOOPNEW/LOOPNED override
the instruction mode if needed
Under 64-bit operation, the loop counter uses RCX and is 64
bits in width
Alternates exist for LOOPE and LOOPNE.
LOOPE same as LOOPZ
LOOPNE instruction is the same as LOOPNZ
In most programs, only the LOOPE and LOOPNE apply.
64
Call Statements
65
Examples
CALL sum
:
sum PROC NEAR
RET
sum ENDP
CALL prod
:
prod PROC FAR
RETF
prod ENDP
66
.CODE
MAIN PROC FAR
MOV AX, @DATA
MOV DS,AX
CALL SUBR1
CALL SUBR2
CALL SUBR3
MOV AH,4CH
INT 21H
MAIN ENDP
SUBR1 PROC
...
RET
SUBR1 ENDP
SUBR2 PROC
..
RET
SUBR2 ENDP
SUBR3 PROC
...
RET
SUBR3 ENDP
END MAIN
67
INTRO TO INTERRUPTS
An interrupt is a hardware-generated CALL
externally derived from a hardware signal
Or a software-generated CALL
internally derived from the execution of an instruction or by some other internal
event
at times an internal interrupt is called an exception
Either type interrupts the program by calling
an interrupt service procedure (ISP) or interrupt handler.
68
Interrupt Vectors
A 4-byte number stored in the first 1024 bytes of memory (00000H–003FFH) in
real mode.
in protected mode, the vector table is replaced by an interrupt descriptor table
that uses 8-byte descriptors to describe each of the interrupts
256 different interrupt vectors.
each vector contains the address of an interrupt service procedure
69
Each vector contains a value for IP and CS that forms the address of the interrupt
service procedure.
the first 2 bytes contain IP; the last 2 bytes CS
Intel reserves the first 32 interrupt vectors for the present and future products.
interrupt vectors (32–255) are available to users
Some reserved vectors are for errors that occur during the execution of software
such as the divide error interrupt
70
Some vectors are reserved for the coprocessor.
others occur for normal events in the system
In a personal computer, reserved vectors are used for system functions
Vectors 1–6, 7, 9, 16, and 17 function in the real mode and protected mode.
the remaining vectors function only in the protected mode
71
Interrupt Instructions
Three different interrupt instructions available:
INT, INTO, and INT 3
In real mode, each fetches a vector from the vector table, and then calls the
procedure stored at the location addressed by the vector.
In protected mode, each fetches an interrupt descriptor from the interrupt
descriptor table.
Similar to a far CALL instruction because it places the return address (IP/EIP and
CS)
on the stack.
72
INTs
256 different software interrupt instructions (INTs) available to the programmer.
each INT instruction has a numeric operand whose range is 0 to 255 (00H–
FFH)
For example, INT 100 uses interrupt vector 100, which appears at memory
address 190H–193H.
address of the interrupt vector is determined by multiplying the interrupt type
number by 4
73
Address of the interrupt vector is determined by multiplying the interrupt type
number by 4.
INT 10H instruction calls the interrupt service procedure whose address is
stored beginning at memory location 40H (10H 4) in the mode
In protected mode, the interrupt descriptor is located by multiplying the type
number by 8
because each descriptor is 8 bytes long
Each INT instruction is 2 bytes long.
the first byte contains the opcode
the second byte contains the vector type number
74
When a software interrupt executes, it:
pushes the flags onto the stack
clears the T and I flag bits
pushes CS onto the stack
fetches the new value for CS from the
interrupt vector
pushes IP/EIP onto the stack
fetches the new value for IP/EIP from
the vector
jumps to the new location addressed by
CS and IP/EIP
75
INT performs as a far CALL
not only pushes CS & IP onto the stack, also pushes the flags onto the stack
The INT instruction performs the operation of a PUSHF, followed by a far CALL
instruction.
Software interrupts are most commonly used to call system procedures because
the address of the function need not be known.
The interrupts often control printers, video displays, and disk drives.
76
INT replaces a far CALL that would otherwise be used to call a system function.
INT instruction is 2 bytes long, whereas the far CALL is 5 bytes long
Each time that the INT instruction replaces a far CALL, it saves 3 bytes of
memory.
This can amount to a sizable saving if INT often appears in a program, as it does
for system calls.
77
IRET/IRETD
Used only with software or hardware interrupt service procedures.
IRET instruction will
pop stack data back into the IP
pop stack data back into CS
pop stack data back into the flag register
Accomplishes the same tasks as the POPF followed by a far RET instruction.
78
When IRET executes, it restores the contents of I and T from the stack.
preserves the state of these flag bits
If interrupts were enabled before an interrupt service procedure, they are
automatically re-enabled by the IRET instruction.
because it restores the flag register
IRET is used in real mode and IRETD in the protected mode.
79
INT 3
A special software interrupt designed to function as a breakpoint.
a 1-byte instruction, while others are 2-byte
Common to insert an INT 3 in software to interrupt or break the flow of the
software.
function is called a breakpoint
breakpoints help to debug faulty software
A breakpoint occurs for any software interrupt, but because INT 3 is 1 byte long, it
is easier to use for this function.
80
INTO
Interrupt on overflow (INTO) is a conditional software interrupt that tests overflow
flag (O).
If O = 0, INTO performs no operation
if O = 1 and an INTO executes, an interrupt
occurs via vector type number 4
The INTO instruction appears in software that adds or subtracts signed binary
numbers.
eith these operations, it is possible to have an overflow
JO or INTO instructions detect the overflow.
81
An Interrupt Service Procedure
Interrupts are usually reserved for system events.
Suppose a procedure is required to add the contents of DI, SI, BP, and BX and
save the sum in AX.
as a common task, it may be worthwhile to develop the task as a software
interrupt
It is also important to save all registers are changed by the procedure using USES.
82
Interrupt Control
Two instructions control the INTR pin.
The set interrupt flag instruction (STI) places 1 in the I flag bit.
which enables the INTR pin
The clear interrupt flag instruction (CLI) places a 0 into the I flag bit.
which disables the INTR pin
The STI instruction enables INTR and the CLI instruction disables INTR.
83