{"id":100795,"date":"2019-01-24T23:00:00","date_gmt":"2019-01-25T14:00:00","guid":{"rendered":"https:\/\/blogs.msdn.microsoft.com\/oldnewthing\/?p=100795"},"modified":"2019-03-18T11:10:34","modified_gmt":"2019-03-18T18:10:34","slug":"20190125-00","status":"publish","type":"post","link":"https:\/\/devblogs.microsoft.com\/oldnewthing\/20190124-00\/?p=100795","title":{"rendered":"The Intel 80386, part 5: Logical operations"},"content":{"rendered":"

The next group of instructions we’ll look are the bitwise logical operation. <\/p>\n

\n    AND     r\/m, r\/m\/i  ; d &= s, set flags\n    OR      r\/m, r\/m\/i  ; d |= s, set flags\n    XOR     r\/m, r\/m\/i  ; d ^= s, set flags\n\n    TEST    r\/m, r\/m\/i  ; calculate d & s, set flags\n\n    NOT     r\/m         ; d = ~d, do not<\/u> set flags\n<\/pre>\n
The AND<\/code>, OR<\/code>, and XOR<\/code> instructions set flags based on the numeric value of the result; carry and overflow are always clear. <\/p>\n
The TEST<\/code> instruction is the same as AND<\/code>, except that the result is thrown away rather than being stored back into the destination. You can say that AND<\/code> is to TEST<\/code> as SUB<\/code> is to CMP<\/code>. <\/p>\n
A quirk of the TEST<\/code> instruction is that it does not support an 8-bit immediate with sign extension. The immediate must be the same size as the other operand. This means that you can save instruction encoding space by using a smaller data size: <\/p>\n
\n    TEST    DWORD PTR [rax+10h], 40000000h  ; 7-byte instruction\n    TEST    BYTE PTR [rax+13h], 40h         ; 4-byte instruction\n<\/pre>\n
If you do this, you will run afoul of the store-to-load forwarder<\/a>. Fortunately, the 80386 doesn’t have one. <\/p>\n
We will learn later that moving constants into registers requires a large instruction encoding. To avoid this, you may see two idioms for setting a register to zero: You can subtract it from itself, or you can exclusive-or it with itself. <\/p>\n
\n    SUB     eax, eax        ; set eax = 0, set flags\n    XOR     eax, eax        ; set eax = 0, set flags\n<\/pre>\n
The 80386 doesn’t really care either way, but later versions of the processor recognize the “XOR<\/code> a register with itself” idiom and special-case it to avoid the dependency on the previous value of the register. Therefore, you’ll see the XOR<\/code> version in compiler-generated code. <\/p>\n
The next group of instructions is the bit-testing group. <\/p>\n
\n    BT      r\/m, r\/i        ; copy bit s of d to CF\n    BTS     r\/m, r\/i        ; copy bit s of d to CF and set\n    BTR     r\/m, r\/i        ; copy bit s of d to CF and reset\n    BTC     r\/m, r\/i        ; copy bit s of d to CF and complement\n<\/pre>\n
The BT<\/code> instruction tests a bit (lowest-order bit is bit zero) of the destination operand to the carry flag. If the destination is a register, then the bit number is taken mod n<\/var>, where n<\/var> is the register size. If the destination is memory, then the memory is considered a packed bit array, and bit s<\/var> % 8 of byte m<\/var> + (s<\/var> \/ 8) is copied.¹ For example, <\/p>\n
\n    BT      eax, 17     ; copy bit 17 of eax to carry\n    SBB     ecx, -1     ; ecx -= -1 + CF\n<\/pre>\n
The effect of this sequence of operations is to increment the ecx<\/var> register if bit 17 of eax<\/var> is clear: If the bit is not set, then the BT<\/code> results in carry clear, so the SBB<\/code> instruction subtracts −1 from ecx<\/var>, which has the effect of adding 1. If the bit is set, then the BT<\/code> results in carry set, so the SBB<\/code> instruction subtracts −1 from ecx<\/var>, and then subtracts one more. Some algebra shows that ecx<\/var> − (−1) −1 = ecx<\/var> + 1 −1 = ecx<\/var>, so there is no net change to the ecx<\/var> register. <\/p>\n
The BTS<\/code>, BTR<\/code>, and BTC<\/code> instructions copy the bit to the carry flag, and then set, reset, or toggle the bit that was tested. I haven’t seen the compiler generate these instructions, so you probably don’t need to know them. <\/p>\n
Next are the shift instructions. <\/p>\n
\n    SHL     r\/m, CL\/i       ; d = d << s,             set flags\n    SHR     r\/m, CL\/i       ; d = d >> s (zero-fill), set flags\n    SAR     r\/m, CL\/i       ; d = d >> s (sign-fill), set flags\n<\/pre>\n
The SHL<\/code> instructions shifts left, The SHR<\/code> instructions shifts right with zero fill (unsigned shift), and the The SAR<\/code> instructions shifts right with sign fill (signed shift). <\/p>\n
The shift amount can be a constant (the encoding with 1 is more compact than the encoding with other constants), or it can be a variable in the cl<\/var> register. No other register can be used to specify the shift amount. The shift amount is taken mod 32. <\/p>\n
The last bit shifted out is placed in the carry flag. If the shift amount is the immediate 1, then the overflow flag is set if the sign bit changed. (If the shift amount is not the immediate 1, then the overflow flag is undefined.) The zero, sign, and parity flags are set based on the result. <\/p>\n
Next come the double shift instructions. <\/p>\n
\n    SHLD    r\/m, r, CL\/i       ; d = d << t, fill from s, set flags\n                               ; n = 16, 32\n    SHRD    r\/m, r, CL\/i       ; d = d >> t, fill from s, set flags\n                               ; n = 16, 32\n<\/pre>\n
The shift left double and shift right double instruction shift the destination by the amount specified by the third operand (which must be a constant or the cl<\/var> register) and fills in the bits from the second operand. The SHLD<\/code> instruction fills with the high-order bits of s<\/var>, and the SHRD<\/code> instruction fills with the low-order bits of s<\/var>. The last bit shifted out is copied to the carry flag. The shift amount is taken mod 32. <\/p>\n
Although n<\/var> can be 16, you won’t see it in practice, so there’s no point mentioning that the behavior is undefined if the shift amount (mod 32) is greater than 16. <\/p>\n
Okay, so those were the logical operations. Next time<\/a>, we’ll look at data transfer instructions. <\/p>\n
¹ Technically, it is bit s<\/var> % n<\/var> of n<\/var>-bit unit m<\/var> + (s<\/var> \/ n<\/var>). This means that <\/p>\n
\n    MOV     ecx, 32\n    BT      DWORD PTR [eax], ecx\n<\/pre>\n
will read four bytes from [eax+4]<\/code> to [eax+7]<\/code> and then test bit 0 of the value. Note that the bytes from [eax+5]<\/code> to [eax+7]<\/code> do not participate in the bit test, but they must still be accessible, or you will take an access violation. <\/p>\n","protected":false},"excerpt":{"rendered":"
Fiddling with bits.<\/p>\n","protected":false},"author":1069,"featured_media":111744,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[1],"tags":[2],"class_list":["post-100795","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-oldnewthing","tag-history"],"acf":[],"blog_post_summary":"
Fiddling with bits.<\/p>\n","_links":{"self":[{"href":"https:\/\/devblogs.microsoft.com\/oldnewthing\/wp-json\/wp\/v2\/posts\/100795","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/devblogs.microsoft.com\/oldnewthing\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/devblogs.microsoft.com\/oldnewthing\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/oldnewthing\/wp-json\/wp\/v2\/users\/1069"}],"replies":[{"embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/oldnewthing\/wp-json\/wp\/v2\/comments?post=100795"}],"version-history":[{"count":0,"href":"https:\/\/devblogs.microsoft.com\/oldnewthing\/wp-json\/wp\/v2\/posts\/100795\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/oldnewthing\/wp-json\/wp\/v2\/media\/111744"}],"wp:attachment":[{"href":"https:\/\/devblogs.microsoft.com\/oldnewthing\/wp-json\/wp\/v2\/media?parent=100795"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/oldnewthing\/wp-json\/wp\/v2\/categories?post=100795"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/oldnewthing\/wp-json\/wp\/v2\/tags?post=100795"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}