Assembly Language - Flag Register

                 

Assembly Language - Flag Register

                 Hello guys I hope that you are not angry at me thinking that this guy promised to post blog at 1-2 days of time interval and now just running away from his promise

                 First of all I apologize for all this because from past few days we are experiencing some electricity and internet issue in our area due to construction. So I am again saying sorry and this will never happen again.


So now lets continue our discussion from last blog post and as I said we are going to see the flag register in this post,

• If you are new to this then obviously you are thinking like "What the heck is this flag register?".

• Don't worry i'll explain it you in simple language without going into much detail (i mean unimportant detail).

This is the diagram i used in previous post,

I am not going to explain all these flags but just only few of them which are important to us while learning assembly language and reverse engineering some stuff.

Its not like I am running from it but i will go into detail when the time comes.

So lets start,

Flags:-

This diagram is just a brief overview of the EFLAG register (The whole 32 bits of EFLAG register).

[You can right click on the image and open it in new tab for much better view]

Remember the flag determines the status of any operation.

The only flags which are important to us are carry, sign, zero, trap, parity and auxiliary carry.

Note:- setting the flag simply means it is 1 and unset means it is zero because flag is just a single bit from those 32 bit so it can either be 1 or 0.

1) Carry Flag:- 

• Carry flag or CF is set when there is carry generated from most significant bit of result.

• In the example below I am going to use a 8 bit value also I know we are learning 32 bit assembly but showing 32 bit example is complex and takes more space.

• But don't worry it is same as 32 bit.

• It doesn't matter whether system is 8 bit / 16 bit / 32 bit / 64 bit the working of carry flag is same in all scenario.

Example:-

    

        suppose i have two numbers for better understanding lets take two highest 8 bit numbers which are 255 and 255 as it is the highest number you can represent with 8 bit

The binary representation of 255 is 11111111.

so  11111111 + 11111111 = 111111110

the result is 510 in binary 111111110 which require 9 bits to represent. so as you can see the carry is generated from MSB (Most significant bit) which result in setting the carry flag i.e CF=1 if carry was generated then CF=0.

2) Sign Flag:-

• Sign Flag or SF is set when MSB of result is 1 and unset when it is 0.

Example:-

        Suppose i have two numbers hmmmmm lets take 3 and 5 and if i subtract those numbers then result would be -2 thus SF=1.

3) Zero Flag:-

• This is the most important flag to us.

• This flag will help us more than you thought in the reverse engineering section.

• So what this flag basically does is, it is set when the result of any arithmetic or logical operation is zero.

Example:-

       

       ZF=1 if i have two numbers 5 and 5 and if i subtract those i get answer 0 hence zero flag will be set.

4) Trap Flag:-

• Trap flag or TF is set when you execute the program instructions step by step.

• An Example below will much more simple to understand.

Example:-

     Remember when we were/are in the college they used to teach us the 8086 (16 bit) assembly language. 

    

     And if you remember correctly they use MASM or TASM to teach us and after linking all the stuff we use debug command to execute the program in single step mode and use "-t" to executes the instruction.

    And this is where you are setting the TRAP flag and after executing single instruction the TRAP  will unset.

5) Parity Flag:-

• After any arithmetic or logical operation if the result contains even number of 1 then PF will be set or unset if result contain odd number of 1.

Example:-

          Suppose I add two numbers 2 and 3 and result will be 5

  

           The binary representation of 5 is 0000 0101 as you can see it has even number of 1  so PF=0

6) Auxiliary Carry Flag:-

• It is same as carry flag but is set when there is carry generated form lower nibble to higher nibble

Example:-

  

           Lets take two numbers 8 and 8 and add those the result will be 16 right.

   

           The binary representation of 16 is 0001 0000 as you can there is carry from 4th bit to 5th bit so AF=1

If some of you guys think "why i didn't used assembly instruction in the examples for more clarification" its because we haven't learnt assembly yet so what if some of the guys are not familiar with the assembly.

This is all about the flag register and the flags I hope this will clear the answer.

If you heard weird things such as MSB, nibble etc. don't worry in next blog post  I am going to cover all these.

So thank you and till next post keep smiling :)