Test and CMP are a very basic topic.

After reading the cracking tutorial, we all know that "test" and "CMP" are the key, but I have never been clear about how they are compared. Finally, I made up my mind to find a lot of information and work with everyone to figure them out.

First, let's look at the status register (that is, the sign register)

Psw (Program flag) is a 16-bit register consisting of a flag and a control flag,
As follows:

15 14 13 12 11 10 9 8 7 6 5 4 3 2 1 0
Of DF if tf sf zf af pf cf

Condition code:
① Of (overflow flag) overflow flag. If the overflow is 1, 0 is set; otherwise, an overflow computation is indicated. For example, the structure and target do not match.
② SF (sign flag) symbol. If the result is negative, set 1; otherwise, set 0.
③ ZF (zero flag) indicates zero. If the calculation result is 0, set 1. Otherwise, set 0.
④ CF (carry flag) carry flag. If the carry value is set to 1, otherwise it is set to 0. Note: The carry flag stores the rightmost digit after computation.
⑤ AF (Auxiliary carry flag) indicates the secondary carry mark, which records the 3rd-bit (half-byte) hexadecimal position generated during computation.
1 when there is a bid; otherwise, 0 is set.
⑥ PF (parity flag) Parity mark. If the number of 1 in the result operand is an even number, set it to 1; otherwise, set it to 0.

Control flag:
7. The direction sign of DF (Direction Flag) controls the direction of information in the string processing command.
Interrupt if (Interrupt flag) interrupt flag.
Trap TF (trap flag) trap sign.

For example, jnz and JZ
Test conditions
Jz zf = 1
Jnz ZF = 0
That is, JZ = jump if zero (if the result is 0, set the ZF zero flag to 1, jump)
Jnz = jump if not zero

Okay. Let's take a look at test and CMP.

**************************************** ***************************************
Test is a logical operation command.

Function: Performs logical operations between bit and bit.
Test (the operation of two operands only modifies the flag and does not return the result ).
Test performs and logical operations on two parameters (target, source) and sets the mark register based on the result. The result is not saved. Est ax, BX, and ax, BX commands have the same effect

Syntax: Test R/m, R/M/Data
Impact indicator: C, O, P, Z, S (where C and O are set to 0)

Example:
1. test is used to test a single bit, such as a register:

Test eax, 100b; B suffix indicates binary
Jnz *****; if the third digit of the right number of eax is 1, jnz will jump

In my opinion, the condition for jnz jump is ZF = 0. ZF = 0 means that ZF (zero sign) is not set, that is, the logic and result are 1.

2. A common usage of test is to test whether one side register is empty:

Test ECx, ECx
JZ somewhere

If ECx is zero, set ZF 0 flag to 1 and JZ jump

**************************************** ***************************************
CMP is an arithmetic operation instruction.

Function: Compares two values (register, memory, and direct value)
Syntax: cmp r/m, R/M/Data
Flag: C, P, A, Z, O

CMP comparison. (two operands are used as subtraction. Only the flag bit is modified and the result is not returned ).
CMP only sets the subtraction of the flag without saving the structure, and sets the Z-flag (zero flag ).
The zero sign is similar to carry and is also a bit of the internal sign register.

For example:
CMP eax, 2; If eax-2 = 0 that is, eax = 2, set the zero sign to 1
JZ ***; jump if the zero sign is set

**************************************** ***************************************
My conclusion
If the test logic and calculation result are zero, ZF (zero sign) is set to 1;
If the result of CMP arithmetic Subtraction is zero, ZF (zero sign) is set to 1.

The conclusion is very simple. Why can't I tell you before? It's really stupid.