Add 0xFFFFFFFF in x86 assembly

Question

Add 0xFFFFFFFF in x86 assembly

I'm currently reversing disassembly and stumbled upon a chain of instructions I don't understand:

Given an object pointer in esi.

.text:00C20263                 cmp     dword ptr [esi+80h], 0
.text:00C2026A                 jnz     short loc_C2027D

As you can see if the member +0x80 is not 0 (the member is an integer) the code jumps to 00C2027D:

.text:00C2027D                 add     dword ptr [esi+80h], 0FFFFFFFFh
.text:00C20284                 jnz     short loc_C20291

These two instructions are those I don't really understand. First of all, the member is incremented by 0xFFFFFFFF; but since the member is not 0, wouldn't this exceeds the max value of an 32-bit integer? And when does the jnz instruction jumps?

Could one maybe point out what the purpose of these two instructions is?

assembly

x86

asked on Stack Overflow Jul 9, 2012 by

Sebastian Hoffmann • edited Sep 27, 2020 by

phuclv

1 Answer

For a signed variable, 0FFFFFFFFh is the same as -1, so this is subtracting one from the value and checking if that made it zero. Compilers will often emit "add negative value" rather than a sub instruction, presumably because it allows for reuse of compiler logic for both addition and subtraction.

answered on Stack Overflow Jul 9, 2012 by

500 - Internal Server Error • edited May 20, 2015 by

500 - Internal Server Error

User contributions licensed under CC BY-SA 3.0