SetStatusFlags(temp);

While writing the previous post, I came up with a curious obstacle I would like to share. I had to analyze the instruction scasb and, since I didn’t know exactly how it worked, I ended up checking the Intel manual, where I read the following:

Opcode Instruction Description
AE     SCAS m8     Compare AL with byte at ES:(E)DI and set status flags
AF     SCAS m16    Compare AX with word at ES:(E)DI and set status flags
AF     SCAS m32    Compare EAX with doubleword at ES(E)DI and set status flags
AE     SCASB       Compare AL with byte at ES:(E)DI and set status flags
AF     SCASW       Compare AX with word at ES:(E)DI and set status flags
AF     SCASD       Compare EAX with doubleword at ES:(E)DI and set status flags

Yep, it compares something and, then, set status flags. I kept on reading the explanation and there was only a reference to a flag (DF), which had nothing to do with the “set status flags”. So I went to the pseudo-code of the instruction:

IF (byte cmparison)
    THEN
        temp <- AL - SRC;
        SetStatusFlags(temp);
            THEN IF DF = 0
                THEN (E)DI <- (E)DI + 1;
                ELSE (E)DI <- (E)DI -1;
            FI;
    ELSE IF (word comparison)
        THEN
            temp <- AX - SRC;
            SetStatusFlags(temp)
                THEN IF DF = 0
                    THEN (E)DI <- (E)DI + 2;
                    ELSE (E)DI <- (E)DI - 2;
                FI;
        ELSE (* doubleword comparison *)
            temp <- EAX - SRC;
            SetStatusFlags(temp)
                THEN IF DF = 0
                    THEN (E)DI <- (E)DI + 4;
                    ELSE (E)DI <- (E)DI - 4;
                FI;
    FI;
FI;

Again, SetStatusFlag(). WTF does that mean!?

I googled it, searched for it on the manual and, after about 5 minutes, I decided that it was better if I just checked it myself. So, since I am not very skilled at writing in Asm, I just took the code used in this post to execute the function from the exercise and debugged it checking what was going on with the flags.

47          repne scasb

(gdb) info reg eflags
eflags         0x286    [ PF SF IF ]
 
(gdb) si
47          repne scasb

(gdb) info reg eflags
eflags         0x10286  [ PF SF IF RF ]

[...]

(gdb) s
49          add ecx, 2

(gdb) info reg eflags
eflags         0x246    [ PF ZF IF ]

If we check the flags before ([ PF SF IF ]), during ([ PF SF IF RF ]), and after ([ PF ZF IF ]) the execution of repne scasb, we can see that, as suspected in the previous post, it is setting ZF to 1. It also uses RF during the execution, but this registry is just used when debugging.

0 comments