Example

 Update the flags, when E952 is subtracted from

B765?

1
Dr. Qurban Ali, EE Department
Example of Generating a Physical Address

The lowest address byte in a segment has an offset of

000016 and the highest address byte in a segment has an
offset of FFFF16 (why?)

2
Dr. Qurban Ali, EE Department
Segment and Offset values Illustration
There are many possible combinations of segment base
address and offset that yield the same physical address
(how?)
Example: 12B0:0025 = 12B25
12AF:0035 = 12B25

Segment 12B0 Segment 12AF

+ +
Offset 0025 Offset 0035

Physical address 1 2 B 2 5 Physical address 12B25

3
Dr. Qurban Ali, EE Department
Example
 What is the data word shown in the figure below? Express the
result in hexadecimal form. Is it stored at an even- or odd-address
word boundary? Is it aligned or misaligned word of data?
Address Memory
(binary)

0072B16 0111 1101

0072A16 0000 1010

 Solution:
◼ Most significant byte at 0072B is 7D16
◼ Least significant byte at 0072A is 0A16
◼ Together the two bytes give the word 7D0A16
◼ Since least significant byte is stored at address 0072A which is
in binary 0000 0000 0111 0010 1010. Hence it is stored at an
even boundary
◼ Therefore it is aligned.
4
Dr. Qurban Ali, EE Department
 Memory Address Space : 4-byte word
❑ For double words (4 bytes), the least significant byte at the
lowest byte address, while the most significant byte at the highest
byte address.
❑ Aligned: A double word starting at address a multiple of 4
❑ Misaligned: A double word starting at address not a multiple of 4

❑ Example:
Address Memory Memory
(binary) (hexadecimal)
(0072E)16 0000 0101 05
(0072D)16 0001 1010 1A
(0072C)16 0010 0111 27
(0072B)16 0011 1011 3B
at memory address (0072B) is given by
051A273BH. Aligned or misaligned?
5
Dr. Qurban Ali, EE Department
 Examples of Paging Mechanism
(a) Linear address=00400023, directory=?, page table =?
(b) Linear address=50000000, CR3=00004, paging directory address=?
(c) Linear address=07026112, Physical address=30014002, CR3=00004;
Find all missing information.

015602
Immediate Operand Addressing Mode

 If an operand that is part of an instruction, it is called an

immediate operand
 Ex: MOV AL, 15H Immediate data
 Another Example

 Immediate data represents a constant

mov AX, 1000H ; moves 1000H into AX
mov AL, 9H ; moves 09 into AL
mov AL, 2CFH ; INCORRECT
7
Dr. Qurban Ali, EE Department
Execution of an Immediate Addressing Mode Instruction

Address Memory Instruction

Content
IP 01000 B0 MOV AL, 15H
0000 01001 15
01002 XX Next instruction
CS
01003 XX
0100

AX
15

The following is an incorrect instruction: MOV 1234H, AX

8
Dr. Qurban Ali, EE Department
Another Direct Addressing Example
 MOV CX, [1234H]

Address Memory Instruction

IP Content
0000 01000 8B MOV CX, [1234H]
CS 01001 0E
01002 34
0100
01003 12
DS 01004 XX Next instruction
0200 . .
. .
CX 03234 AB Source operand
CD AB 03235 CD
9
Dr. Qurban Ali, EE Department
Register Indirect Addressing Mode Example

 MOV AX, [SI]

IP Address Memory Instruction

Content
0000 01000 8B MOV AX, [SI]
CS 01001 04
0100 01002 XX MOV DL, [SI]
XX
01003 Next instruction
DS XX
01004 .
0200 .
03234 AB .
SI 03235 CD
12 34
AX DX
CD AB AB 10
Dr. Qurban Ali, EE Department
Based Addressing Mode Example:
MOV [BX] +1234H, AL
 Uses one of the base registers (BX or BP) to point to the
desired memory location.
IP Address Memory Instruction
0000 Content
01000 88 MOV [BX]+1234, AL
CS 01001 87
0100 01002 34
01003 12
DS 01004 XX Next instruction
0200 . .
BX
04234 AB Destination operand
1000
04235
AX
CD AB

11
Dr. Qurban Ali, EE Department
Indexed Addressing Mode Example:
MOV AL, [SI]+2000H
 Similar to base addressing, it allows the use of a signed
displacement.

IP Address Memory Instruction

0000 Content
01000 8A MOV AL, [SI]+2000H
CS 01001 84
0100 01002 00
01003 20
DS 01004 XX Next instruction
0200 . .
SI 06000 DE Source operand
2000 06001 XX
AX
DE
12
Dr. Qurban Ali, EE Department
Based Indexed Addressing Mode Example

 MOV AH, [BX][SI] + 1234H

IP
Address Memory Instruction
0000 Content
CS 01000 8A MOV AH, [BX][SI]+1234H
0100 01001 A0
01002 34
DS 12
01003
0200 XX
01004 Next instruction
BX . .
1000 . .
SI 06234 AB Source operand
06235 XX
2000

AX
AB
Note: Also, mov [BX][SI], AH
Dr. Qurban Ali, EE Department mov [BX+SI], AH 13
 Review Example

Address Memory Instruction

Content
IP
01000 B0 MOV AL, 15H
0000 01001 15
CS 01002 88 MOV [BX]+1234H, AL
01003 87
0100
01004 34
AX 01005 12
FD 15 01006 XX
DS
0200
BX 04234 15
04235
1000
14
Dr. Qurban Ali, EE Department
Bottom and End of Stack

 The bottom of the stack is at address SS:FFFEH

 The end of the stack is at address SS:0000

 Example:
If SS = 010516 and SP = 000816 then,
Address of bottom of stack = 105016 + FFFE16
= 1104E16
Address of top of stack = 105016 + 000816
= 105816
Address of end of stack = 105016 + 000016
= 105016

15
Dr. Qurban Ali, EE Department
 Example of Pushing onto the Stack

Before pushing After Push AX Another Example

where AX = ABCD

105C 105C
TOS 105A TOS 105A
1058 1058
1056 1056 CD AB
1054 1054
1052 1052
1050 1050

01 05 SS 01 05 SS

00 08 SP 00 06 SP
16
Dr. Qurban Ali, EE Department
 Example of Popping of the Stack

Before popping After Pop AX Another Example

AX = 1234

105C TOS 105C

TOS 105A 105A
1058 34 12 1058 34 12
1056 1056
1054 1054
1052 1052
1050 1050

01 05 SS 01 05 SS

0008 SP 00 0A SP 17
Dr. Qurban Ali, EE Department
 Exercise

 (a) Consider bottom and end of the stack as FFFEH, and 0000H
respectively. If SS = 012216 and SP = 001216, what is the
address of bottom, top and end of the stack? Show the status of
stack, and AX register after following instructions are executed:
(b) How much data is in stack, and how much is it empty?
 PUSH FF21
 PUSH DC32
 POP AX
 PUSH 2A20
 PUSH 3F12
 PUSH 8DC1
 PUSH 0098
 POP BX
 POP DX
 PUSH 3512
 PUSH 6236
 PUSH AX
18
Dr. Qurban Ali, EE Department
Examples of using LEA, LDS and LES

 LEA SI, [DI+BX+10]

if DI = 3000H,
BX = 200H → SI = 3210H
Memory
 LDS SI, [200] 12204 F2
if DS=1200H 12203 13
Note: PA=12000+200=12200 12202 00
SI=0020 and DS=1300 12201 00
12200 20
121FF 4c

 LES is similar to LDS except that ES is changed instead of

DS
19
Dr. Qurban Ali, EE Department
Figure 4–17 The LDS BX,[DI] instruction loads register BX from
addresses 11000H and 11001H and register DS from locations 11002H
and 11003H

20
Dr. Qurban Ali, EE Department
 Review Example

0621 SS Address Memory Instruction

0512 SP Content
01000 B0 MOV AL, 39
IP 01001 39
0000 01002 88 MOV [BX]+1234H, AH
CS 01003 87
01004 34
0100
01005 12
AX 01006 XX XCHG AX, BX
FD 39 01007 XX Push AX
DS
04234 FD
0200
BX 04235
1000
Dr. Qurban Ali, EE Department
06720 00 21

06721 10
Figure 4–19 The operation of XLAT instruction at the
point just before 6DH is loaded into AL

22
 OUTS
 Transfers a byte, word, or double word of data from
the data segment memory location addressed by SI to
an I/O device - OUTSB; OUTSW; OUTSD
◼ I/O device is addressed by the DX register
 Example: Write instructions to output string of 200
bytes to an I/O device at address 3AC from memory
address starting at ‘array’, using word at a time.

 Note: In the 64-bit mode for Pentium 4 and Core2,

there is no 64-bit output
 Review Example

Address Memory Instruction

IP Content
0000 01000 XLAT
CS 01001
0100 01002 BSWAP BX
AX 01003
39
C5 6E34
FD 01004
DS
01005
0300
01006 MOV AX, ES:[DI]
ES
01007
0200
DI 04034 39
2035 04035 6E
BX 04036 C5
1000
00 10
24
Dr. Qurban Ali, EE Department
Example - 1
MOV BL, AL

 stands for “move the byte contents from source register AL to

destination register BL”

 opcode ‘MOV’ = 100010 (from table in the textbook)

 Let’s encode AL in the REG field of byte 2
therefore, D = 0 (source)
 Since it’s a byte operation, W = 0
 Hence, byte 1 = 100010002 = 8816

 In byte 2, the source specified by the REG field is AL therefore,

REG = 0002
 Since, second operand is also a register, MOD = 112
 The R/M field specifies the destination, R/M = 0112
 Hence, byte 2 = 110000112 = C316

 Therefore Mov BL, AL is in machine code 88C3H 25

Dr. Qurban Ali, EE Department
Example - 2
ADD AX, [SI]

 Stands for “add the 16 bit contents of the memory location

indirectly specified by SI to the contents of AX”
 The opcode for add is 0000002
 To indicate that AX is the destination, D=1
 To indicate 16 bits, W = 1
 Therefore, byte 1 = 000000112 = 0316

 Since AX is the register, REG = 0002

 The other operand comes from memory
◼ Mod = 002
◼ R/M = 1002
◼ this makes byte 2 = 000001002 = 0416

 Hence, ADD AX, [SI] in machine code is 0304H

26
Dr. Qurban Ali, EE Department
Example - 3

XOR CL, [1234H]

 The instruction performs XOR operation of register contents
with contents of memory location, the result is stored in CL
 The opcode is 001100
 To denote CL as the destination, D = 1
 To denote 8 bits, W = 0
 Hence, byte 1 = 001100102 = 3216

 The REG field has to specify CL, REG = 0012

 Since, a direct address has been specified for operand 2
◼ MOD = 002
◼ R/M = 1102
◼ Therefore byte 2 = 000011102 = 0E16
 To specify the address 123416, we must use byte 3 and byte 4
(the least significant comes first, then the most significant)
 Byte 3 = 3416 and byte 4 = 1216

 Hence, XOR CL,1234H in machine code is 320E3412H 27

Dr. Qurban Ali, EE Department
 Example - 4

ADD [BX][SI]+1234H, AX

 Means “add the word content of AX to the contents of memory

location specified by based-indexed addressing mode”
 The opcode for add is 0000002
 To specify REG as source, D = 0,
 To specify word data, W = 1
 Therefore, byte 1 = 000000012 = 0116

 To specify AX as source, REG = 0002

 Since, there is a 16 bit displacement, MOD = 10
 To specify (BX)+(SI)+ displacement, R/M = 000
 Therefore, byte 2 = 100000002 = 8016
 The displacement is encoded in the next two bytes
 Therefore, byte 3 = 3416 byte 4 = 1216

 Hence, ADD [BX][DI]+1234H, AX in machine code is 01803412H

28
Dr. Qurban Ali, EE Department
 Example - 5

MOV AX, 0010 MOV BX, 0010

 Means “move immediate value to a register”

 MOV AX, 0010 → 1011 W Reg 1000 = 1011 1 000 1000

 MOV BX, 0010 → 1011 W Reg 1000 = 1011 1 011 1000

 To specify word data, W = 1

 There is a 16 bit immediate value

 Hence, MOV AX, 0010 in machine code is B88H

 And, MOV BX, 0010 in machine code is BB8H

29
Dr. Qurban Ali, EE Department
 Other Examples

Push BX
 Means “write the word content of BX to the contents of
memory location specified by based-indexed addressing
mode”

Push BX → 01010 reg = 01010 011

 Hence, Push BX in machine code is 53H

Pop DX
 Means “read the word content from top of the stack
segment of memory to register DX”

Pop DX → 01011 reg = 01011 010

 Hence, Pop DX in machine code is 5AH

30
Dr. Qurban Ali, EE Department
Other Examples Continued
INC SI
 This has the form: 01000 reg
 0100 0110 = 4616

JNZ NXTPT
 This has the form: 01110101 (IP-INC8)
 01110101 (?)
 0111 0101 ? ? = 75??16

NOP
 This has the form:
 10010000
 9 0 = 9016
31
Dr. Qurban Ali, EE Department.
 Example

Encode the following program and show how it would be stored in

memory starting at address 20516.

MOV DS, AX
ADD AX, [SI]
MOV AX, 10
MOV BX, 0010
There: XOR CL, [1234H]
ADD [BX][SI]+1234H, AX
PUSH BX
INC SI
DEC BX
JNZ There
NOP
32
Dr. Qurban Ali, EE Department.
Example of Add Instruction

Address Memory Instruction

IP Content
01000
0000 03 ADD AX, BX
01001
C3
CS 01002 Next instruction
0100 XX
01003
XX
AX AX
1234 After execution 3234
BX
2000 1234 + 2000 = 3234
CF = 0

33
Dr. Qurban Ali, EE Department
Example of ADC

Address Memory Instruction

Content
IP 01000 03 ADD AX, CX
0000 01001 C3
01002 11 ADC BX,DX
CS
01003 D1
0100 Next instruction
XX
XX
1
BX AX
0023 F231 BX AX
DX CX 0069 2FB3
0045 3D82
CF = 0
006 9 2 FB 3
34
Dr. Qurban Ali, EE Department
Example of DAA

Address Memory Instruction

Content
IP 01000 00 ADD AL, BL
0000 01001 D8
01002 27 DAA
CS
01003 XX Next instruction
0100
XX
After executing After executing DAA
ADD AL, BL
AX AX AX
67 8A 90
BX
23
35
Dr. Qurban Ali, EE Department
Exercise
 Add BCD values in BX and DX, and store the result
in CX
 Assume BX = 3125; DX=1352

 MOV AL, DL
 ADD AL, BL
 DAA
 MOV DL, AL
 MOV AL, DH
 ADD AL, BH
 DAA
 MOV DH, AL
 MOV CX, DX

36
Dr. Qurban Ali, EE Department
Example of SUB

Address Memory Instruction

Content
IP 01000 29 SUB AX, BX
0000 01001 D8
01002 XX Next instruction
CS
01003 XX
0100
AX AX
1234 After execution 1111
BX 1234 - 0123 = 1111
0123 What if BX = 2000 ?

37
Dr. Qurban Ali, EE Department
Example of SBB

Address Memory Instruction

Content
IP 01000 29 SUB AX, BX
0000 01001 D8
01002 19 SBB CX, DX
CS
01003 D8
0100 Next instruction
XX
XX
CX AX
0065 1231
CX AX
DX BX 001F D4AF
0045 3D82
1 D4AF
001 F 38
Dr. Qurban Ali, EE Department
NEG Instruction
Address Memory Instruction
Content
IP 01000 F7 NEG AX
0000 01001 D8
01002 XX Next instruction
CS
01003 XX
0100
After executing NEG AX
AX
0041 AX CF
FFBF 1

39
Dr. Qurban Ali, EE Department
Example of AAS

Address Memory Instruction

Content
IP 01000 28 SUB AL, BL
0000 01001 D8
01002 3F AAS
CS
01003 XX Next instruction
0100
XX
After executing After executing
AX SUB AL, BL AAS
34 AX AX
BX 02 32
32 What if AX = 432 and BX = 34?
AX AX
03FE 04FE
40
Dr. Qurban Ali, EE Department
SF=1
 Exercise
 Write sequence of instructions that subtract 12345678
from 87654321 using real and protected mode. Update
flags in real mode.
 Solution:
 Real mode
◼ MOV AX, 4321; 87654321
◼ MOV BX, 8765; 87654321
◼ MOV CX, 5678; 12345678
◼ MOV DX, 1234; 12345678
◼ Sub AX, CX
OF SF ZF AF PF CF
◼ Sbb BX, DX
 Protected mode
◼ MOV EAX, 87654321
◼ MOV EBX, 12345678
◼ Sub EAX, EBX 41
Dr. Qurban Ali, EE Department
Another Example of MUL Instruction

 Another Example: Multiply 320 with 42

 Procedure: MOV AX, 320
MOV BX, 42
MUL BX
 Now, let’s say CL contains the 2’s complement of -1
and AL contains the 2’s complement for -2, then what
is the result of MUL CL
MOV AL, FE
MOV CL, FF
MUL CL ; AX = FD02

 In the above example, why isn’t the result equal to 2?

42
Dr. Qurban Ali, EE Department
Example of IMUL Instruction
 If we used IMUL instead of MUL in previous example,
AL = FE and CL = FF, then the result of IMUL CL
MOV AL, FE
MOV CL, FF
IMUL CL ; AX = 0002

 In this case we get what we expect for the result

 Keep in mind that computer does not know whether

you want to multiply a signed number or unsigned
number. You have to simply use the correct instruction

43
Dr. Qurban Ali, EE Department
32-Bit and 64-bit Multiplication

 In 80386 and above, 32-bit multiplication is allowed

because these microprocessors contain 32-bit registers.
 Example: MOV EAX, 123450FC
MOV EBX, 32BCA
MUL EBX

 The 64 bit product is found in EDX–EAX, where EAX

contains the least significant 32 bits of the product.
 The result of a 64-bit multiplication in the Pentium 4
appears in the RDX:RAX register pair as a 128-bit
product.
 Examples: MUL RCX
MUL RDI
44
Dr. Qurban Ali, EE Department
Example of DIV

❑ Let’s say BL = 04 and AX = 0200, Then, after executing

DIV BL
AL = 80 and AH = 00

 What happens if BL = 02 and AX = 0200 and you

perform the instruction DIV BL?

 Is it possible to divide an 8 bit number by an 8 bit

number using DIV and IDIV?
 Remember that DIV BL will divide AX by BL and not AL
by BL

45
Dr. Qurban Ali, EE Department
IDIV

Negative Numbers
 IDIV performs signed division in 2’s complement,
its operation is similar to DIV

 Example:
 Let’s say you want to divide -2 by 2. Obviously, the result
should be -1.
 So, if AL = -1 = FF and BL = 2, then
◼ DIV BL will give the result 7F with a remainder of 1.
What to do?
◼ Use IDIV

46
Dr. Qurban Ali, EE Department
Example of IDIV
 How 8-bit number by an 8-bit number?
◼ In order to get the correct result we need to first sign
extend the 8 bit number and then use IDIV
 To sign extend a byte to a word, use CBW
 To sign extend a word to double word, use CWD
 So, if AL = FF, CBW will cause AX = FFFF (which is -1 in
16 bits). Now, you can use IDIV BL

 Example: Divide 4F by 2C
 Procedure: MOV AL, 4F
CBW
MOV BL, 2C
DIV BL
 Note: CBW causes AL to be extended into (AX) and CWD
cause AX to be extended into (DX)(AX) 47
Dr. Qurban Ali, EE Department
Another Example of IDIV
 Example: Divide -2 by -1

 Procedure: Convert numbers to 2’s complement

MOV AL, FE
CBW
MOV BL, FF
IDIV BL

48
Dr. Qurban Ali, EE Department
Exercise
 Multiple 12 by 258, and then divide the answer by
2985.

49
Dr. Qurban Ali, EE Department
Exercise - 2

 Find the result of instructions:

 MOV AL, A1H
 CBW
 CWD

50
Dr. Qurban Ali, EE Department
Examples
 AND AX, BX
◼ Let’s say AX = F324, BX = E122
◼ In binary we have: 1111 0011 0010 0100
AND 1110 0001 0010 0010
Result:1110 0001 0010 0000
AX = E120

 AND uses any mode except memory-to-memory and segment

register addressing.

51
Dr. Qurban Ali, EE Department
SAL/SHL Instructions

 SAL AX, CL  (AX) shifted to the left (CL) number of

times. Zeros inserted from right

 SAL AX, 1  (AX) shifted to the left by 1

 Let AX = 0210 and CL = 3

◼ SAL AX, CL
AX in binary is 0000 0010 0001 0000
AX shifted by 3 is 0001 0000 1000 0000

3 zeros shifted in

52
Dr. Qurban Ali, EE Department
 SHR and SAR Instructions

 SHR AX, CL  (AX) shifted to right “CL” number of times. Zeros

are inserted from left

 SAR AX, CL  (AX) shifted to right “CL” number of times. The

original most significant bit is shifted from left

 Let AX = F000, CL = 3
◼ SAR AX, CL
◼ AX in binary is 1111 0000 0000 0000
◼ AX shifted by 3 1111 1110 0000 0000
AX = FE00
3 ones shifted in
 Shift for multiplication
 Example:

53
Dr. Qurban Ali, EE Department
Bit Scan Instructions

 Scan through a number searching for a 1-bit.

◼ available in 80386–Pentium 4

 BSF scans the number from the leftmost bit toward the
right; BSR scans the number from the rightmost bit
toward the left.
◼ if a 1-bit is encountered, the zero flag is set and the bit
position number of the 1-bit is placed into the
destination operand
◼ if no 1-bit is encountered the zero flag is cleared

 Example: BSF EBX, EAX; EAX = 60000000;

 Answer: EBX=0011110
Figure 5–10 The rotate instructions showing the
direction and operation of each rotate.

Examples:
For AX = 2F3D; CL = 02; CF = 1;
 ROL AX, 1
 RCR AX, CL
Exercise - 1

 Find the result of instruction and status of CF:

 SAR AX, CL
Assume AX = 019A16; CL contains 0216

56
Dr. Qurban Ali, EE Department
Exercise - 2

 Find the result of instruction:

 RCR BX, CL
Assume BX = 123416; CF = 0; CL = 0416

57
Dr. Qurban Ali, EE Department
Exercise - 3
 What is the result of executing following instructions?
MOV AL, A2H ; Initialize CF = 0;
CBW
CWD
XOR DX, AX
SAR DX, 3
RCR AX, 5

58
Dr. Qurban Ali, EE Department
Exercise - 4

 Implement the following operation using shift and

arithmetic instructions. (MUL and DIV not permitted!)
5(AX) + 3(BX) – BX/2 → AX

59
Dr. Qurban Ali, EE Department