๐ Assembly Instruction Structure
A language that represents machine instructions in a human-readable form. Each instruction is directly translated to machine code that the CPU understands.
Basic structure of an instruction:
INSTRUCTION DEST, SRC ; INSTRUCTION = command name (MOV, ADD, SUB...) ; DEST = destination (where to put result) ; SRC = source (where to get value from)
MOV EAX, 5 ; EAX = 5 ADD EBX, ECX ; EBX = EBX + ECX
There are 2 writing styles. Intel (common in Windows): DEST, SRC.
AT&T (common in Linux): SRC, DEST with additional symbols.
We'll use Intel Syntax!
๐ฆ Operand Types
The parameter of an instruction - can be a register, constant value, or memory address.
| Type | Example | Explanation |
|---|---|---|
| Register | EAX |
A CPU register |
| Immediate | 5, 0x10 |
Constant value |
| Memory | [EAX] |
Address stored in EAX (like a pointer) |
| Memory + Offset | [EBP-4] |
Address with offset |
EAX = the value inside the register
[EAX] = the value at the address stored in EAX (dereference)
๐ค Data Movement Instructions
Copies value from src to dest. The most common instruction!
MOV EAX, 10 ; EAX = 10 MOV EBX, EAX ; EBX = EAX (both are 10 now) MOV ECX, [EBP-4] ; ECX = value from memory at address EBP-4 MOV [EBP-8], EDX ; Store EDX in memory at address EBP-8
Load Effective Address - calculates an address and puts it in dest (not the value at that address!).
MOV EAX, [EBP-8] ; EAX = VALUE at address EBP-8 LEA EAX, [EBP-8] ; EAX = ADDRESS itself (EBP minus 8)
Put/take a value from the Stack.
PUSH EAX ; Put EAX on Stack, ESP decreases by 4 POP EBX ; Take value from Stack to EBX, ESP increases by 4
Swaps two values.
XCHG EAX, EBX ; Swap values of EAX and EBX
โ Arithmetic Instructions
dest = dest + src
ADD EAX, 5 ; EAX = EAX + 5 ADD EBX, ECX ; EBX = EBX + ECX
dest = dest - src
SUB EAX, 3 ; EAX = EAX - 3
Add/subtract 1.
INC EAX ; EAX = EAX + 1 (like EAX++ in C) DEC EBX ; EBX = EBX - 1 (like EBX-- in C)
Multiplication. MUL = unsigned, IMUL = signed.
Result is in EDX:EAX (64 bits).
MUL EBX ; EDX:EAX = EAX * EBX (result is 64-bit) IMUL EAX, EBX, 10 ; EAX = EBX * 10 (convenient 3-operand form)
Division. EDX:EAX divided by src.
Quotient โ EAX, Remainder โ EDX.
XOR EDX, EDX ; Zero EDX (REQUIRED before DIV!) DIV ECX ; EAX = quotient, EDX = remainder
Negates (flip sign). op = -op
NEG EAX ; Negate: EAX = -EAX
๐ฃ Logical Instructions (Bitwise)
Operations that work on each bit separately. AND, OR, XOR, NOT.
| Operation | 0 op 0 | 0 op 1 | 1 op 0 | 1 op 1 |
|---|---|---|---|---|
| AND | 0 | 0 | 0 | 1 |
| OR | 0 | 1 | 1 | 1 |
| XOR | 0 | 1 | 1 | 0 |
AND EAX, 0xFF ; Keep only lower byte (mask) OR EBX, 0x80 ; Set bit 7 to 1 XOR ECX, ECX ; Zero ECX (fast trick!) NOT EDX ; Flip all bits (0 to 1, 1 to 0)
XOR EAX, EAX - fast way to zero a register
AND EAX, 0 - also zeros, but less common
TEST EAX, EAX - checks if EAX equals 0
โ๏ธ Shift Instructions
Shift Left / Shift Right - shifts bits left/right.
SHL ร 2 multiplies by 2. SHR รท 2 divides by 2.
SHL EAX, 1 ; EAX = EAX * 2 (shift left by 1) SHL EAX, 3 ; EAX = EAX * 8 (shift left by 3, because 2^3=8) SHR EBX, 2 ; EBX = EBX / 4 (shift right by 2, because 2^2=4)
๐ Example - Reading Code
Let's read a simple Assembly snippet:
; PROLOGUE - create stack frame, allocate 8 bytes push ebp mov ebp, esp sub esp, 8 ; LOCAL VARIABLES mov dword [ebp-4], 5 ; local_var_1 = 5 mov dword [ebp-8], 10 ; local_var_2 = 10 ; CALCULATION mov eax, [ebp-4] ; EAX = 5 add eax, [ebp-8] ; EAX = 5 + 10 = 15 ; EPILOGUE - cleanup and return mov esp, ebp pop ebp ret ; Return value is in EAX (15)
This code is equivalent to C:
int function() {
int a = 5;
int b = 10;
return a + b; // returns 15
}
๐ Chapter Summary
- MOV - copy data
- LEA - load address (not value)
- PUSH/POP - work with Stack
- ADD/SUB - addition/subtraction
- AND/OR/XOR - bitwise operations
- SHL/SHR - bit shifting (multiply/divide by 2)
[reg]- memory access at address in register