Instructions for modifying CS and IP addresses

In the CPU, programmers can read and write commands only by using registers. programmers can control the CPU by changing the content in the registers.Where the CPU executes commands is determined by the content in Cs and IP addresses. programmers can control the CPU to execute the target commands by changing the content in Cs and IP addresses.

How can we change the value of CS and IP addresses? Obviously, the 8086cpu must provide corresponding commands. How do we modify the value in ax? You can use mov commands, such as mov ax and 123, to set the value in ax to 123. Obviously, we can also set the value of other registers in the same way, such as mov BX, 123, moV CX, 123, mov dx, 123, etc. In fact, the mov command can be used to change the value of most registers of the 8086cpu. The mov command is called a transfer command.

However, the mov command cannot be used to set the Cs and IP values, because 8086cpu does not provide such a function. 8086cpu provides additional commands for CS and IP addresses to change their values. Commands that can change the content of CS and IP addresses are collectively referred to as transfer commands (We will conduct further research later ). Now we will introduce the simplest command to modify CS and IP addresses:JMP refers to the order.

If you want to modify the Cs and IP content at the same time, the command can be completed in the form of "JMP segment address: Offset address", as shown in figure

JMP 2ae3: 3, after execution: cs = 2ae3h, IP = 0003 H, the CPU will read the command from 2ae33h.

JMP 3: 0f8, after execution: cs = 0003 H, IP = 0b16h, the CPU will read the command from 00b46h.

The "JMP segment address: Offset address" command can be used to modify CS segments and IP addresses.

If you want to modify only the content of the IP address, the command can be completed in the form of "JMP a valid register", as shown in figure

JMP ax, before command execution: AX = 1000 h, cs = 2000 h, IP = 0003 H After the command is executed: AX = 1000 h, cs = 2000 h, IP = 1000 h Jmp bx, before command execution: BX = 0b16h, cs = 2000 h, IP = 0003 H After the command is executed: BX = 0b16h, cs = 2000 h, IP = 0b16h

The function of the "JMP a valid register" command is to modify the IP address with the value in the register.

The meaning of JMP ax is as follows: mov IP, ax.

Note: When appropriate, we will use the known assembly instruction syntax to describe the functions of the newly learned assembly instruction. This method is used to enable readers to better understand the functions of Assembly commands. This helps readers to integrate their knowledge. It should be emphasized that we use the "known assembly instruction Syntax" to describe, rather than the "known assembly instruction". For example, we use mov IP, to describe JMP ax, ax does not mean that there are commands such as mov IP and ax. Instead, it uses the mov command syntax to describe the functions of JMP commands. We can describe the JMP 3: 01b6 function in the same way: JMP 3: 01b6 in terms of meaning as mov CS, 3 mov IP, 01b6.

The machine code stored in the memory and the corresponding assembly instructions are as follows: 2.27. Set the initial CPU status: cs = 2000 h, IP = 0000 h. Write the instruction execution sequence. After thinking, let's look at the analysis.

Figure 2.27 machine codes stored in memory and corresponding Assembly commands

Analysis:

The CPU executes the commands shown in Figure 2.27 as follows.

(1) If the current CS is 2000 h and the IP address is 0000 h, the CPU reads the command from the memory of 2000h × 16 + 0 = 20000h. The READ command is: b8 22 66 (mov ax, 6622 H), after reading, IP = IP + 3 = 0003 h;

(2) After the command is executed, if CS is 2000 h and IP is 0003 H, the CPU reads the command from the memory of 0003 H × 16 + H = H. The READ command is: EA 03 00 00 10 (JMP 1000:0003), after reading, IP = IP + 5 = 0008 h;

(3) After the command is executed, if CS is 1000 h and IP is 0003 H, the CPU reads the command from the memory of 0003 H × 16 + H = H. The READ command is: b8 00 00 (mov ax, 0000), IP address = IP + 3 = 0006 h after reading;

(4) After the command is executed, if CS is 1000 h and IP is 0006 H, the CPU reads the command from the memory of 0006 H × 16 + H = H. The READ command is: 8b D8 (mov BX, ax), after reading, IP = IP + 2 = 0008 h;

(5) After the command is executed, if CS is 1000 h and IP is 0008 H, the CPU reads the command from the memory of 0008 H × 16 + H = H. The READ command is: FF E3 (jmp bx), IP address = IP + 2 = 000ah after reading;

(6) After the command is executed, the cs = 1000 h, IP = 0000 h, and the CPU reads the command from Memory swap h ......

After analysis, we can see that the command execution sequence is:

(1) mov ax, 6622 H

(2) JMP 1000:3

(3) mov ax, 0000

(4) mov BX, ax

(5) JMP BX

(6) movax, 0123 H

(7) Go to Step 1 for execution