Merge x86 tips into architecture topic doc

Signed-off-by: Malfurious <m@lfurio.us>

1 files changed, 45 insertions, 0 deletions

diff --git a/docs/re/arch_x86.txt b/docs/re/arch_x86.txt
index 5d526b2..f1f2a03 100644
--- a/docs/re/arch_x86.txt
+++ b/docs/re/arch_x86.txt
@@ -105,3 +105,48 @@ The function return value is stored in the a register.
     Stack pointer register: rsp
     Base pointer register:  rbp
     Return value in:        rax
+
+
+
+Specific Callouts
+============================================================
+
+TEST vs. CMP
+------------
+CMP subtracts operands and sets internal flags.  Among these, it sets the
+zero flag if the difference is zero (operands are equal).
+
+TEST sets the zero flag (ZF) when the result of the AND operation is zero.  If
+the two operands are equal, their bitwise AND is zero only when the operands
+themselves are zero.  TEST also sets the sign flag (SF) when the most
+significant bit is set in the result, and the parity flag (PF) when the number
+of set bits is even.
+
+JE (alias of JZ) tests the zero flag and jumps if it is set.  This creates the
+following equivalencies:
+
+test eax, eax
+je <somewhere>          ---->           if (eax == 0) {}
+
+cmp eax, ebx
+je <somewhere>          ---->           if (eax == ebx) {}
+
+
+REP prefix
+----------
+The "rep" prefix on a string instruction repeats that string instruction for CX
+block loads.
+
+e.g.  STOS is "Store String"
+It will store the value in AX at the address in RDI
+(technically, STOSB, STOSW, STOD, and STOSQ use AL, AX, EAX, and RAX respectively)
+If RCX = 0x20, RDI = some buffer, and RAX = 0,
+
+`rep stosq` is equivalent to:
+
+```
+buf_ptr = buf
+for(i = 0x20; i != 0; i--)
+    *buf_ptr = 0;
+    buf_ptr++;
+```