非常感谢，顶

花了两个早晨在看,都是记的内容,很实用,谢谢总结

我看到比这全
补充：
七、寄存器

1. Register usage in 32 bit Windows
Function parameters are passed on the stack according to the calling conventions

listed on
page 13. Parameters of 32 bits size or less use one DWORD of stack space.

Parameters
bigger than 32 bits are stored in little-endian form, i.e. with the least

significant DWORD at the
lowest address, and DWORD aligned.
Function return values are passed in registers in most cases. 8-bit integers are

returned in
AL, 16-bit integers in AX, 32-bit integers, pointers, and Booleans in EAX, 64-

bit integers in
EDX:EAX, and floating-point values in ST(0). Structures and class objects not

exceeding
64 bits size are returned in the same way as integers, even if the structure

contains floating
point values. Structures and class objects bigger than 64 bits are returned

through a pointer
passed to the function as the first parameter and returned in EAX. Compilers

that don\'t
support 64-bit integers may return structures bigger than 32 bits through a

pointer. The
Borland compiler also returns structures through a pointer if the size is not a

power of 2.
Registers EAX, ECX and EDX may be changed by a procedure. All other general-

purpose
registers (EBX, ESI, EDI, EBP) must be saved and restored if they are used. The

value of
ESP must be divisible by 4 at all times, so don\'t push 16-bit data on the

stack. Segment
registers cannot be changed, not even temporarily. CS, DS, ES, and SS all point

to the flat
segment group. FS is used for a thread environment block. GS is unused, but

reserved.
Flags may be changed by a procedure with the following restrictions: The

direction flag is 0
by default. The direction flag may be set temporarily, but must be cleared

before any call or
return. The interrupt flag cannot be cleared. The floating-point register stack

is empty at the
entry of a procedure and must be empty at return, except for ST(0) if it is used

for return
value. MMX registers may be changed by the procedure and if so cleared by EMMS

before
returning and before calling any other procedure that may use floating-point

registers. All
XMM registers can be modified by procedures. Rules for passing parameters and

return
values in XMM registers are described in Intel\'s application note AP 589

"Software
Conventions for Streaming SIMD Extensions". A procedure can rely on EBX, ESI,

EDI, EBP
and all segment registers being unchanged across a call to another procedure.
2. Register usage in Linux
The rules for register usage in Linux appear to be almost the same as for 32-bit

windows.
Registers EAX, ECX, and EDX may be changed by a procedure. All other general-

purpose
registers must be saved. There appears to be no rule for the direction flag.

Function return
values are transferred in the same way as under Windows. Calling conventions are

the
same, except for the fact that no underscore is prefixed to public names. I have

no
information about the use of FS and GS in Linux. It is not difficult to make an

assembly
function that works under both Windows and Linux, if only you take these minor

differences
into account.

八、位操作指令，处理器控制指令
1.位操作指令，8086新增的一组指令，包括位测试，位扫描。BT,BTC,BTR,BTS,BSF,BSR
1.1 BT(Bit Test)，位测试指令，指令格式:
BT OPRD1,OPRD2,规则：操作作OPRD1可以是16位或32位的通用寄存器或者存储单元。操

作数OPRD2必须是8位立即数或者是与OPRD1操作数长度相等的通用寄存器。如果用OPRD2除以

OPRD1，假设商存放在Divd中，余数存放在Mod中，那么对OPRD1操作数要进行测试的位号就

是Mod,它的主要功能就是把要测试位的值送往CF，看几个简单的例子：
1.2 BTC(Bit Test And Complement)，测试并取反用法和规则与BT是一样，但在功能有些

不同，它不但将要测试位的值送往CF，并且还将该位取反。
1.3 BTR(Bit Test And Reset)，测试并复位，用法和规则与BT是一样，但在功能有些不同

，它不但将要测试位的值送往CF，并且还将该位复位(即清0)。
1.4 BTS(Bit Test And Set)，测试并置位，用法和规则与BT是一样，但在功能有些不同，

它不但将要测试位的值送往CF，并且还将该位置位(即置1)。
1.5 BSF(Bit Scan Forward)，顺向位扫描，指令格式:BSF OPRD1,OPRD2，功能：将从右向

左(从最低位到最高位）对OPRD2操作数进行扫描，并将第一个为1的位号送给操作数OPRD1。

操作数OPRD1，OPRD2可以是16位或32位通用寄存器或者存储单元，但OPRD1和OPRD2操作数的

长度必须相等。
1.6 BSR(Bit Scan Reverse)，逆向位扫描，指令格式:BSR OPRD1,OPRD2，功能：将从左向

右(从最高位到最低位）对OPRD2操作数进行扫描，并将第一个为1的位号送给操作数OPRD1。

操作数OPRD1，OPRD2可以是16位或32位通用寄存器或存储单元，但OPRD1和OPRD2操作数的长

度必须相等。
1.7 举个简单的例子来说明这6条指令:

AA DW 1234H,5678H
BB DW 9999H,7777H
MOV EAX,12345678H
MOV BX,9999H
BT EAX,8;CF=0,EAX保持不变
BTC EAX,8;CF=0,EAX=12345778H
BTR EAX,8;CF=0,EAX=12345678H
BTS EAX,8;CF=0,EAX=12345778H
BSF AX,BX;AX=0
BSR AX,BX;AX=15

BT WORD PTR [AA],4;CF=1，[AA]的内容不变
BTC WORD PTR [AA],4;CF=1，[AA]=1223H
BTR WORD PTR [AA],4;CF=1，[AA]=1223H
BTS WORD PTR [AA],4;CF=1，[AA]=1234H
BSF WORD PTR [AA],BX;[AA]=0;
BSR WORD PTR [AA],BX;[AA]=15(十进制)

BT DWORD PTR [BB],12;CF=1,[BB]的内容保持不变
BTC DWORD PTR [BB],12;CF=1,[BB]=76779999H
BTR DWORD PTR [BB],12;CF=1,[BB]=76779999H
BTS DWORD PTR [BB],12;CF=1,[BB]=77779999H
BSF DWORD PTR [BB],12;[BB]=0
BSR DWORD PTR [BB],12;[BB]=31(十进制)

2.处理器控制指令
处理器控制指令主要是用来设置/清除标志，空操作以及与外部事件同步等。
2.1 CLC，将CF标志位清0。
2.2 STC，将CF标志位置1。
2.3 CLI，关中断。
2.4 STI，开中断。
2.5 CLD，清DF=0。
2.6 STD，置DF=1。
2.7 NOP，空操作，填补程序中的空白区，空操作本身不执行任何操作，主要是为了保持程

序的连续性。
2.8 WAIT，等待BUSY引脚为高。
2.9 LOCK，封锁前缀可以锁定其后指令的操作数的存储单元，该指令在指令执行期间一直

有效。在多任务环境中，可以用它来保证独占其享内存，只有以下指令才可以用LOCK前缀:
XCHG,ADD,ADC,INC,SUB,SBB,DEC,NEG,OR,AND,XOR,NOT,BT,BTS,BTR,BTC
3.0 说明处理器类型的伪指令
.8086，只支持对8086指令的汇编
.186，只支持对80186指令的汇编
.286，支持对非特权的80286指令的汇编
.286C，支持对非特权的80286指令的汇编
.286P，支持对80286所有指令的汇编
.386，支持对80386非特权指令的汇编
.386C，支持对80386非特权指令的汇编
.386P，支持对80386所有指令的汇编
只有用伪指令说明了处理器类型，汇编程序才知道如何更好去编译，连接程序，更好地去检错。