Assembly Language Msc. Ivan A. Escobar Broitman Enero Mayo 2012

Assembly Language

http://iescobar.comMsc. Ivan A. Escobar Broitman

Enero Mayo 2012

CHAPTER 1

Introduction

Microprocessor

Silicon chip that contains a central processing unit (CPU).

The “Brain” of all personal computers, most workstations, and a great number of digital devices.

In charge of program execution. It can be RISC or CISC.

Bus Connections

CPU Memory I/O

Address Bus

Data Bus

Control Bus

Bus Connections (continued)

A processor communicates with the system’s memory and I/O circuits by means of signals that travel through a set of cables or connections known as buses. Address Bus: Holds the memory address that will be

accessed. Data Bus: Holds the piece of data to read or write. Control Bus: Indicates the operation to be done

(read or write).

CPU Instructions

Each instruction has: an opcode (operation code), that

indicates which operation to perform. zero o more operands, which may be

registers, constants or memory locations.

Fetch-Execute Cycle

Fetch:1. Fetch an instruction from memory.

2. Decode the instruction to determine theoperation.

3. Fetch data from memory if necessary.

Execute:4. Perform the operation on the data.

5. Store the result in memory if needed.

RISC: Reduced Instruction Set Computer

Microprocessor that uses a relatively small number of fast but simple instructions.

Cheaper to design and produce because they require less transistors.

Mainly used in workstations.

CISC: Complex Instruction Set Computer

Microprocessor that uses a significantly large amount of complex (specialized) instructions.

Mainly used for Intel’s x86 architecture.

Programming Languages

Hardware

Machine Code

Assembly Language

High Level Language

Machine Code

Lowest level programming language.

Each CPU instruction is represented as an opcode, which is an unsigned integer number.

Only language that the computer really understands.

Difficult to understand by human beings.

Machine Code Example

The opcode for adding one to the accumulator in the Intel x86 is:

01000000b

Assembly Language

Same instruction set as machine code.

Each opcode is replaced by a symbolic name.

Less cryptic for human beings.

Assembly Language Example

The Intel x86 assembly language instruction that adds one to the accumulator is:

inc eax

Assembler

In order to execute a program written in assembly language, it first has to be translated to machine code using a special program called an assembler.

Assembler

inc eax

High Level Language

Has less primitive instructions than assembly language and machine code.

Program text is much more like natural language.

Easier to understand by human beings.

Examples: FORTRAN, LISP, COBOL, BASIC and C.

Compiler

A program written in a high level language may be translated to machine code using a compiler.

Compiler

cmp esi,0 jne .L1 add esi,5.L1

if(x == 0) x = x + 5;

Assembler

0x81FE000000000x75060x81C605000000

Interpreter

An interpreter translates a high level language program to an intermediate form that is subsequently executed by a virtual machine.

Interpreter

Intermediate Form

IF X = 0 THEN X = X + 5

Virtual Machine

Translator

Assembly Language Advantages

Program execution speed. Executable code size. “Bare bones” programming:

special instructions (FPU, MMX) I/O ports special CPU modes of operation

Assembly Language Disadvantages

Error prone. Long and tedious to write. Difficult to understand and modify. Strongly tied to a specific computer

architecture.

Commonly Used Assembly Language Applications

Operating Systems Device Drivers Communication Software Real Time Systems Embedded Systems Graphics

Reasons for Studying Assembly Language

To understand some of the low level details of how a real computer operates.

To get to know some technologies that can only be adequately understood using assembly language.

To obtain a better appreciation of the inner-workings of a compiler.

ComputerScience(ISC) Computer

Engineering(ISE)

ProgrammingLanguages

Course

What’s next?

MicroprocessorsCourse

Assembly LanguageCourse

CHAPTER 2

The Intel x86 Architecture

Moore’s Law

In 1965, Intel’s co-founder Gordon Moore, made the following observation:

Approximately every 18 monthsmicrochipsduplicate theirpower, while their coststays roughly the same.

1970 1975 1980 1985 1990 1995 2000

sIntel Processors

40048080

Moore’s Law

4004 (1971)

First microprocessor. Built by Intel for Busicom

calculators. 4-bit registers. 108 kHz. 2,300 transistors. 640 bytes of memory.

4004 (1971)

8080 (1974)

Used in the MITS Altair 8800, the first commercial personal computer.

8-bit registers. 16-bit address bus. 2 MHz. 6,000 transistors. 64Kbytes of memory

8080 (1974)

8086/8088 (1978)

Used in the original IBM PC. First 16-bit microprocessor. 20-bit address bus. 16-bit (8086) and 8-bit (8088) data bus. 4.77+ MHz. 29,000 transistors. Addressable memory 1Mb.

8086/8088 (1978)

80286 (1982)

Used in the original IBM PC/AT. 24-bit address bus. 16-bit data bus. 6+ MHz. 134,000 transistors. Multitasking, protected mode and virtual

memory. Addressable memory 16Mb.

80286 (1982)

80386 (1985)

32-bit registers. 32-bit address bus. 32-bit data bus. Pipelining. 16+ MHz. 275,000 transistors. Addressable memory 4Gb.

80386 (1985)

P4: 80486 (1989)

Better execution speed. Integrated floating point unit (FPU). 8 KB L1 cache. 25+ MHz. 1’200,000 transistors. Addressable memory 4Gb.

P4: 80486 (1989)

P5: Pentium (1993)

64-bit data bus. 8 KB L1 cache for data and 8 KB for code. Dual pipeline for integer operations. 60+ MHz. 3’100,000 transistors. Addressable Memory 4Gb.

P5: Pentium (1993)

P6: Pentium Pro (1995)

36-bit address bus. 256 KB L2 cache. Superpipelining. Speculative and out of

order execution. 150+ MHz. 5’500,000 transistors. Addressable Memory

P6: Pentium Pro (1995)

P55C: Pentium MMX (1997)

Classic Pentium with MMX technology: 64-bit SIMD multimedia and communication extensions.

16 KB L1 cache for data and 16 KB for code.

166+ MHz. 4’500,000 transistors. Addressable memory 4Gb.

Klamath: Pentium II (1997)

Pentium Pro with MMX technology.

16 KB L1 cache for data and 16 KB for code.

512 KB L2 cache. 233+ MHz. 7’500,000 transistors. Addressable Memory

Klamath: Pentium II (1997)

New P6 processors

Pentium II Xeon (“Pentium II on steroids”) L2 cache runs at full processor speed. Designed for the computer server market.

Celeron (“the Castrated One”) Pentium II with no L2 cache. Designed for the sub-$1,000 PC market.

New PII XEON

CELERON

Katmai: Pentium III (1999)

Pentium II with 128-bit SIMD floating point oriented extension to the MMX technology.

Processor serial number in order to “enhance security”.

450+ MHz. Addressable Memory 64Gb.

Katmai: Pentium III (1999)

Pentium IV (2000)

0.18-micron 42 million transistors on a single chip. 1.4 3.0 Ghz. Bus Speed 400 Mhz.

Pentium IV (2000)

Merced: Itanium (2000)

Intel Architecture-64 (IA-64). Developed jointly by Intel and Hewlett-

Packard. Hardware x86 emulation. Not RISC or CISC, but EPIC (Explicitly

Parallel Instruction Computing). 600 MHz and 1,000 MHz. Tens of millions of transistors.

x86 Basic Structure

Code Cache

Data Cache

Registers

Execution Unit

Decode & Prefetch Unit

BranchPredictor

FloatingPointUnit

Bus Interface

To RAMInteger ALU

x86 Basic Structure (continued)

Execution unit: two parallel integer pipelines enable the CPU to read, interpret, execute and dispatch two instructions simultaneously.

Branch Predictor: The branch prediction unit tries to guess which sequence will be executed each time the program contains a conditional jump, so that the Prefetch and Decode Unit can get the instructions ready in advance.

x86 Basic Structure (continued)

Floating Point Unit: Third execution unit, where non-integer calculations are performed.

Primary Cache: Two on-chip caches, one for code and one for data, are far quicker than the external memory.

Bus Interface: This brings a mixture of code and data into the CPU, separates the two ready for use, and then recombines them and sends them back out.

x86 Modes of Operation The operating mode determines

which instructions and architectural features are accessible.

The Intel Architecture supports three operating modes: Real Mode Protected Mode Virtual-8086 Mode

Real Mode

Mode in which all x86 processors boot. The CPU works like a very fast 8086. Can only access up to 1 MB of memory. Only one task is executed at a time.

Real Mode

In Real address mode, the IA-32 processor can access 1MB of memory using 20 bit address in the range 0 to FFFFF hex. The basic problem that Intel engineers had to solve was that the original 8086 processor had only 16 bit registers, so it was impossible to directly represent a 20 bit address.

They came up with a scheme known as segmented memory. All memory is divided into 64kb units called segments, as shown in the figure:

Real Mode

An analogy might be a large building Segments= floors. Offset = a room in that floor. EX; 8000:0250 represents an offset of 250 in

the segment 8000, the last zero can be dropped of the segments.

To calculate linear address: Segment x 10 + offset 8000x10 +250 == 80250

Real Mode

A typical program has three segments: Code (CS) Data (DS) Stack (SS)

Protected Mode

Allows multitasking. Each program has its own memory

protected from other programs. Extended memory: more than 1 MB of

memory available. Supports virtual memory.

Protected Mode

When a processor is running in protected mode, each program can address up to 4GB of memory.

It uses the flat memory model. It only requires a 32 bit integer to hold the

address of any instruction or variable.

Protected Mode

A typical program has three segments: Code (CS) Data (DS) Stack (SS)

Virtual-8086 Mode

Allows simultaneous execution of two or more programs designed to work in real mode, each program having up to 1 MB of independent memory.

Registers

A register is a special high-speed storage area within the CPU.

The x86 processors have several registers available for the application programmer, grouped as follows: General-purpose data registers. Segment registers. Status and control registers (EIP and

EFLAGS registers).

General-Purpose Data Registers

These eight 32-bit registers are available for holding the following data items: Integer operands for logical and arithmetic

operations. Pointers (memory addresses).

ah alAccumulator

bh blBase

ch clCount

dh dlData

081631

General-Purpose Data Registers (continued)

espsp Stack Pointer

ebpbp Base Pointer

esisi Source Index

edidi Destination Index

General-Purpose Data Registers (continued)

Segment Registers

The six segment registers hold 16-bit segment selectors.

A segment selector points to a special structure in memory called a segment descriptor. Several segment descriptors are grouped together into a descriptor table.

A segment descriptor contains addressing and control information which is used to control how a 32-bit linear address is generated.

cs Code Segment

ds Data Segment

es Extra Segment

fs Extra Segment

gs Extra Segment

ss Stack Segment

Segment Registers (continued)

Segment Selector

Memory

SegmentRegister

SegmentDescriptor

DescriptorTable

Segment Information:

• Base address• Size• Privilege Level:

- private OS function- OS service- device driver- application program

• Type:- read-only- read/write- execute-only- execute/read

Instruction Pointer Register

The instruction pointer (EIP) is a 32-bit register that contains the offset in the current code segment for the next instruction to be executed.

eip Instruction Pointer

Instruction Pointer Register (continued)

It is advanced from one instruction boundary to the next in straight-line code or it is moved ahead or backwards by a number of instructions when executing flow control instructions such as jumps or subroutine calls.

It cannot be accessed directly by software.

Flags Register

This 32-bit register is a collection of individual status and control bits called flags.

Each flag is usually manipulated independently and not as a set.

Flags Register (continued)

CF carry flag PF parity flag AF auxiliary flag ZF Zero Flag

SF sign flag DF direction flag OF overflow flag

eflags

Carry Flag Is set if the result of an arithmetic operation involving unsigned numbers overflows.

Overflow Flag Is set if the result of an arithmetic operation involving signed numbers overflows.

Sign Flag Is set if the result of an arithmetic or logical operation is negative.

Zero Flag Is set if the result of an arithmetic or logical operation is zero.

Parity Flag Is set if the result of an arithmetic or logical operation has an even number of 1 bits in its 8 least significant bits.

Auxiliary Flag Is set if the result of an arithmetic operation has a carry out from the low-order nibble. Used in binary-coded decimal (BCD) operations.

Direction Flag Is explicitly set or cleared by the programmer in order to modify the behavior of some special string operations.

Memory Organization

The memory that the processor addresses on its bus is called physical memory.

Physical memory is organized as a sequence of 8-bit bytes. Each byte is assigned a unique address, called a physical address.

Memory Organization (continued)

The physical address space ranges from zero to a maximum of 232 – 1 (4 GB).

When employing the processor’s memory management facilities, programs DO NOT directly address physical memory. Instead, they access memory using a memory model.

Flat Memory Model

Memory appears to a program as a single, continuous address space, called a linear address space. All code and data are contained in this address space.

0xFFFFFFFF

0x00000000

Linear Address

Flat Memory Model (continued)

The linear address space is byte addressable, with addresses running contiguously from 0 to 232 - 1.

Paging

The x86 supports translation of linear (virtual) addresses into physical addresses through paging.

Special tables map portions of the virtual addresses into physical memory locations.

Physical memory is divided into page frames, each 4 KB in size.

The operating system copies a certain number of pages from your storage device to main memory.

Physical Memory

Address Space

Virtual Memory

Disk Drive

Paging (continued)

When a program needs a page that is not in main memory, the operating system copies the required page into memory and copies another page back to the disk.

Each time a page is needed that is not currently in memory, a page fault occurs.

Generating a Physical Address

16-bit selector 32-bit offset

Logical Address

Segment Descriptor

+ 32-bit linear address

PagingPaging

32-bit physical address

32-bit Offset

32-bit base register

32-bit index register

scale factor

eax, ebx, ecx, edx, esi, edi, ebp, esp

eax, ebx, ecx, edx, esi, edi, ebp

1, 2, 4, 8+

displacement+ 8-bit, 32-bit

32-bit offset

32-bit Offset Example

MOV EAX, [ESI + ECX * 4 + 12]

base register

indexregister

scalefactor

displacement

Byte Order

When a value is stored in memory in multiple bytes, two distinct byte orders may be used:Big-EndianLittle-Endian

Big End Little end

Byte Order (continued)

In big-endian architectures, the leftmost bytes (those with a lower address) are most significant. In little-endian architectures, the rightmost bytes are most significant.

The terms big-endian and little-endian are derived from the Lilliputians of Jonathan Swift's

Gulliver's Travels, whose major political issue was whether soft-boiled eggs should be opened on the big side or the little side.

Byte Order (continued)

Intel x86 and DEC VAX systems store multibyte values in little-endian order.

HP, IBM and Motorola 68K systems store multibyte values in big-endian order.

The Power PC is a bi-endian processor: it supports both big and little-endian byte ordering.

00000001b

00000100b

00000000b

00000100b

00000001b

little-endian big-endian

Byte Order Example

The byte ordering for the number 1025 stored in 4 bytes is:

Address

1025 = 00000000 00000000 00000100 00000001b

CHAPTER 3

The Linux Operating System

Operating System

Software that makes hardware usable.

Manages such things as: memory, screen display, keyboard input, disk files and printer output.

UserUser

Application Programs

OperatingSystem

HardwareHardware

Operating system developed at Bell Labs in the early 1970s by Ken Thompson and Dennis Ritchie.

First operating system to be written in a high-level programming language, namely C.

UNIX (continued)

The name UNIX was intended as a pun on a previous OS called MULTICS (and was written UNICS at first: UNiplexed Information and Computing System).

Leading operating system for workstations

Free UNIX-type operating system originally created by Linus Torvalds at the University of Helsinki in Finland.

Developed under the GNU General Public License, the source code for Linux is freely available to everyone.

Linux (continued)

Linux is an independent POSIX (Portable

Operating System Interface for UNIX) implementation and includes: multitasking, multi-user, multiprocessing, virtual memory, shared libraries and TCP/IP networking.

Currently implemented in a wide range of platforms, including: x86, Alpha, SPARC, 68K and PowerPC.

Short for GNU's Not UNIX. A UNIX-compatible software

system developed by the Free Software Foundation (FSF).

The philosophy behind GNU is to produce software that is non-proprietary. Anyone can download, modify and redistribute GNU software. The only restriction is that they cannot limit further redistribution.

The GNU project was started in 1983 by Richard Stallman at the MIT.

GNU Project

Acronym for Portable Operating System Interface for UNIX.

Set of IEEE and ISO standards that define an interface between programs and operating systems.

Supported by most UNIX systems and Windows NT.

Multitasking

The ability to execute more than one task (program) at the same time.

The CPU switches from one program to another so quickly that it gives the appearance of executing all of the programs at the same time.

Multitasking (continued)

There are two basic types of multitasking: Preemptive multitasking: the operating

system assigns CPU time slices to each program.

Cooperative multitasking: each program can control the CPU for as long as it needs it. If a program is not using the CPU, however, it can allow another program to use it temporarily.

Linux supports preemptive multitasking.

Multi-user

Computer systems that support two or more simultaneous users.

All mainframes and minicomputers and most workstations are multi-user systems.

Multiprocessing

Since version 2.0, Linux has the ability to run in multiprocessor architectures.

The OS can distribute several applications in true parallel fashion across several CPUs.

Virtual Memory

If it’s there and you can see it it’s real

If it’s not there and you can see it it’s virtual

If it’s there and you can’t see it it’s transparent

If it’s not there and you can’t see it you erased it!

IBM poster explaining virtual memory, circa 1978.

Virtual Memory (continued)

Technique that allows to increases the amount of apparent memory available on a system.

A swap space is an area on disk in which the OS stores images of running programs when memory is tight.

The Linux virtual memory system uses a swap space to implement paging.

Shared Libraries A library is a collection of

precompiled routines that a program can use.

In a static library, all library functions that a program requires are made part of an executable, which can make it rather large.

In a shared library, function code is not directly included in an executable file. Instead, the OS dynamically links a running program to the required routines contained in the shared library.

Shared Libraries (continued)

Shared libraries have two important advantages: Small executable files. Several programs running at the same time

can share a single copy of the library code.

TCP/IP Networking

Acronym for Transmission Control Protocol/Internet Protocol.

Consists of a suite of communications protocols used to connect hosts on the Internet.

Allows services such as: e-mail, telnet, ftp and http.

CHAPTER 4

The Netwide Assembly Language

nasm: The Netwide Assembler

Free and portable x86 assembler originally developed by Simon Tatham and Julian Hall.

It supports a range of object file formats, including Linux ELF, NetBSD/FreeBSD, COFF, Microsoft 16-bit OBJ and Win32.

Development Cycle

editor

assembly language

file*.asm

objectfile*.o

ELFexecutable

ld (linker)

ld: The Linker

An object file isn’t directly executable; it first needs to be fed into a linker (also known as link-loader or link-editor).

The linker does the following tasks: identifies the initial program entry point (_start label) binds symbolic references to memory addresses unites all the object and library files produces an executable ELF file

ELF File

The Executable and Linkable Format was designed by the UNIX System Laboratories.

Used by contemporary Linux implementations as its standard executable file format.

Supports shared libraries (dynamic linking).

a.out File

a.out is the default file name given to executable files by UNIX linkers.

It means “assembly output”, in spite of being linker output!

On the PDP-7 computer, there was no linker. Executable programs were created directly by the assembler. The name stuck, even when the linkers started to appear in newer machines.

$ vi test.asm$ lstest.asm$ nasm -f elf test.asm$ lstest.asm test.o$ ld -s -o test test.o$ lstest test.asm test.o$ test

assemblyassembly

linkagelinkage

executionexecution

Building a Program

editionedition

Linux-NASM Program Skeleton

bits 32 ; -- 32 bit programsection .data ; -- Start data segment ; put initialized data heresection .bss ; -- Start bss segment ; put non-initialized data here section .text ; -- Start code segment global _start ; -- Export “_start” label_start ; -- Define “_start” label ; put program code here mov eax, 1 ; -- Exit system call mov ebx, 0 ; exit code #0 int 0x80

Segments

A segment on UNIX is asection of related stuff in a binary.

ELF files have three segments: TEXT for storing code DATA for storing initialized data BSS for non-initialized data

NASM Source Code

Every NASM program source line has the following four fields:

label: instruction operands ; comment

Every field is optional. The number of operands depend of the

instruction.

Instructions

Mnemonics that represent x86 opcodes.

Generate code that produce actions at run time.

Not real x86 instructions (they don’t produce any actions at run time).

Are used in the instruction field because that’s the most convenient place to put them.

Pseudo-Instructions

Directives

Statements that allow us to control how a program is assembled.

They only work at assembly time (they don’t directly produce any machine code).

bits Directive

Specifies if NASM must produce code that will run in 16 or 32-bit mode.

ELF files only support 32-bit mode:

bits 32 May be omitted for ELF files.

section .data Directive

States the beginning of the initialized data segment.

An image of this segment’s data is physically stored in the executable file.

This segment contains read/write data.

Pseudo-Instructions for the Data Segment

Pseudo-Instruction

Meaning Size (bits)

db Define byte 8dw Define word 16dd Define double word 32dq Define quadword 64dt Define ten bytes 80

section .bss Directive

States the beginning of the non-initialized data segment.

Only the size of the data is stored in the executable file. Once the program is loaded into memory, all the data in this section is set to zero.

This segment contains read/write data. BSS means “Block Started by Symbol”, a

pseudo-instruction from the old IBM 704 assembler, carried over into UNIX.

Pseudo-Instruction

Meaning Size (bits)

resb Reserve byte 8resw Reserve word 16resd Reserve double word 32resq Reserve quadword 64rest Reserve ten bytes 80

Pseudo-Instructions for the BSS Segment

section .text Directive

States the beginning of the segment that contains the program’s executable instructions.

This segment is read-only.

System Calls

Processes access kernel facilities via the system call interface.

System calls are the only way a program con communicate to the outside world.

In assembly language, interrupt 0x80 is used to make system calls.

System calls (continued)

Process

Linux Kernel

I/O Devices(display, keyboard, mouse,

disks, printer, etc.)

system calls: INT 0x80

sys_exit

Terminate current process, return exit code to caller.

EAX 1EBX exit code

sys_read

Read a number of bytes from a given input device.

EAX 3EBX file descriptor (0 = stdin)ECX buffer addressEDX number of bytes to readINT 0x80

sys_write

Write a number of bytes to a given output device.

EAX 4EBX file descriptor (1 = stdout)ECX buffer addressEDX number of bytes to writeINT 0x80

CHAPTER 5

x86 Integer Instructions

Condition Codes

Sufix Meaning FlagsO Overflow OF=1

NO No Overflow OF=0C CarryB Below CF=1

NAE Not Above nor EqualNC No CarryNB Not Below CF=0AE Above or Equal

Condition Codes (continued)

Sufix Meaning FlagsZ Zero ZF=1E Equal

NZ Not Zero ZF=0NE Not EqualBE Below or Equal CF=1 OR ZF=1NA Not AboveA Above CF=0 AND ZF=0

NBE Not Below nor Equal

Sufix Meaning FlagsS Sign SF=1

NS Not Sign SF=0P Parity PF=1

PE Parity EvenNP Not Parity PF=0PO Parity Odd

Sufix Meaning FlagsL Less SF<>OF

NGE Not Greater nor EqualGE Greater or Equal SF=OFNL Not LessLE Less or Equal ZF=1 OR SF<>OFNG Not GreaterG Greater ZF=0 AND SF=OF

NLE Not Less nor Equal

Above and Below are used for unsigned integer comparisons.

Greater and Less are used for signed integer comparisons.

Flow Control Instructions

JMP Jcc CALL RET

JMP: jump

Syntax: JMP dest

Operation (absolute jump):EIP dest

Operation (relative jump):EIP EIP + dest

Unconditional Jumps

Jmp statement label

We have two types of jumps, Intersegment Intrasegment

Address can be in a register, variable or label.

Unconditional Jumps

Example:

Start: Mov Ax, 0

Inc Ax,

Jmp Start

Jcc: short jump conditional

Syntax: Jcc dest

Operation:if(cc) EIP EIP + destendif

Notes: cc is any of the condition codes. dest must be within a signed 8-bit range (-128 to 127). -

Jcc: near jump conditional

Syntax: Jcc NEAR dest

Notes: cc is any of the condition codes. dest must be within a signed 32-bit range.

Conditional Jumps

Dependent on condition codes. Example:

JZ jump if zero flag is set.

Conditional Codes

Examples: Code the following C routine using aseembly

language instructions. Add a value to x;

If x < 0Then… (body for negative condition)Else if x = 0… (body for zero condition)Else… (body for positive condition) End if

Conditional Codes

SolutionAdd x, eax ;add a value to x

Jns elseIf Zero ;jump if x is not negatve

… ; code for negative condition

Jmp endCheck

elseifZero:

jnz elsePos ; jump if x is not zero

… ; code for zero condition

jmp endCheck

elsePos: … ; code for positive balance

endCheck:

Comparing Instructions

CMP op1, op2 This instructions executes by calculating a

like a sub instruction op1 –op2 but it does not modify the operands it only modifies the flag register.

We use the flag register values. We have to analyse if we care or not of

the sign of the operation.

Compare Examples

OP1= 3B OP2= 3B CF=OF=SF=0 ZF=1 OP1==OP2 signed and unsigned

Compare Examples

OP1= 3B OP2= 15 OP1-OP2= 26 CF=OF=SF=ZF=0 OP1>OP2 signed and unsigned

Compare Examples

OP1=15 OP2= F6 OP1-OP2=1F CF=1 – borrow SF=OF=ZF=0 Signed operation = op1>op2 Unsigned operation =op1 < op2

Compare Examples

Legal Examples

Cmp eax, 356

cmp value, 03dh

Cmp bh, ‘$’

Illegal examples

Cmp 1000, total

Compare Programming Ex.

Code the following routine in assembly language.

If val < 10

add 1 to xcount;

add 1 to ycount;

End if;

Compare Programming Ex

Solution:

Cmp ebx, 10 ;value < 10

Jnl Elsey

Inc xcount ;add 1 to xcount

Jmp endVal

Elsey:

Inc ycount ;add 1 to ycount

endVal:

Programming Ex #2

Code the following routine in assembly language:

If (total mayor o igual 100) or (count=10)

add value to total;

End if

Programming Ex2 Solution

Cmp total, 100

Jge addValue

Cmp cx, 10

Jne endAddCheck

addValue:

Mov ebx, value

Add total, ebx

endAddCheck:

While Loops

While continuation condition loop

…{ body}

end while;

The continuation condition is a boolean expression.

While loop excercise

Design an assembly language module to implement the following high level language instructions.

While (sum < 1000) loop

…{body increment sum}

End while;

While Loops Exercise 2

Design an assembly language module to implement the following high level language instructions.

X:=1twoTox:=1;While twoTox</number

multiply twoTox by 2;End while;Substract 1 from x;

Homework

CALL: call subroutine

Syntax: CALL dest

Operation (absolute call):ESP ESP - 4[ESP] EIPEIP dest

Operation (relative call):ESP ESP - 4[ESP] EIPEIP EIP + dest

RET: return from subroutine

Syntax: RET

Operation:EIP [ESP]ESP ESP + 4

Data Transfer Instructions

MOV CMOVcc SETcc XCHG XLATB

PUSH POP PUSHF POPF PUSHA POPA

MOV: move data

Syntax: MOV dest, orig

Operation:dest orig

CMOVcc: conditional move

Syntax: CMOVcc dest, orig

Operation:if(cc) dest origendif

Notes: cc is any of the condition codes.

SETcc: set conditional

Syntax: SETcc dest

Operation:if(cc) dest 1else dest 0endif

Notes: cc is any of the condition codes.

XCHG: exchange data

Syntax: XCHG op1, op2

Operation:temp op1op1 op2op2 temp

XLATB: translate byte

Syntax: XLATB

Operation:AL [EBX + AL]

Notes: AL is treated as an unsigned byte.

PUSH: push data on stack

Syntax: PUSH op

Operation:ESP ESP - 4[ESP] op

POP: pop data from stack

Syntax: POP dest

Operation:dest [ESP]ESP ESP + 4

PUSHF: push flags register

Syntax: PUSHF

Operation:ESP ESP - 4[ESP] EFLAGS

POPF: pop flags register

Syntax: POPF

Operation:EFLAGS [ESP]ESP ESP + 4

PUSHA: push all registers

Syntax: PUSHA

Operation:temp ESPESP ESP - 0x20[ESP + 0x1C] EAX [ESP + 0x18] ECX[ESP + 0x14] EDX[ESP + 0x10] EBX[ESP + 0x0C] temp[ESP + 0x08] EBP[ESP + 0x04] ESI[ESP + 0x00] EDI

POPA: pop all registers

Syntax: POPA

Operation:EDI [ESP + 0x00]ESI [ESP + 0x04]EBP [ESP + 0x08]EBX [ESP + 0x10]EDX [ESP + 0x14]ECX [ESP + 0x18]EAX [ESP + 0x1C]ESP ESP + 0x20

Flow Control Instructions

JMP Jcc CALL RET

JMP: jump

Syntax: JMP dest

Operation (absolute jump):EIP dest

Operation (relative jump):EIP EIP + dest

Jcc: short jump conditional

Syntax: Jcc dest

Notes: cc is any of the condition codes. dest must be within a signed 8-bit range (-128 to 127). -

Jcc: near jump conditional

Syntax: Jcc NEAR dest

Notes: cc is any of the condition codes. dest must be within a signed 32-bit range.

CALL: call subroutine

Syntax: CALL dest

Operation (absolute call):ESP ESP - 4[ESP] EIPEIP dest

Operation (relative call):ESP ESP - 4[ESP] EIPEIP EIP + dest

RET: return from subroutine

Syntax: RET

Operation:EIP [ESP]ESP ESP + 4

Arithmetic Instructions

CLC STC CMC ADD ADC INC SUB SBB DEC NEG

CMP MUL IMUL DIV IDIV CBW CWD CDQ CWDE MOVSX MOVZX

CLC: clear carry flag

Syntax: CLC

Operation:CF 0

STC: set carry flag

Syntax: STC

Operation:CF 1

CMC: complement carry flag

Syntax: CMC

Operation:CF ~CF

ADD: add integers

Syntax: ADD dest, orig

Operation:dest dest + orig

ADD examples

AX: 0075 CX: 01A2

Add ax,cx

Results: AX: 0217 CX: 01A2 SF=ZF=CF=OF=0

ADD examples

AX: 77AC CX: 4B35

add ax, cx Results:

AX: C2E1 CX: 4B35 SF=OF=1; ZF=CF=0

ADC: add with carry

Syntax: ADC dest, orig

Operation:dest dest + orig + CF

INC: increment integer

Syntax: INC dest

Operation:dest dest + 1

INC examples

ECX: 00 00 01 A2

inc ecx Results: ECX= 00 00 01 A3 SF=ZF=OF=0

INC examples

EDX: 7F FF FF FF

inc edx Results: EDS: 80 00 00 00 SF=OF=1; ZF=0

SUB: subtract integers

Syntax: SUB dest, orig

Operation:dest dest - orig

SUB examples

EAX: 00 00 00 75 ECX: 00 00 01 A2

sub eax, ecx Results: EAX: FF FF FE D3 ECX: 00 00 01 A2 SF=1, ZF=CF=OF=0

SUB examples

DX: FF 20 Word at value FF 20

sub dx, Value Results: DX:00 00 Value: FF 20 ZF=1PF=1, the rest are zero.

SBB: subtract with borrow

Syntax: SBB dest, orig

Operation:dest dest - orig - CF

DEC: decrement integer

Syntax: DEC dest

Operation:dest dest - 1

DEC examples

BX: 00 01

dec bx Results: BX: 00 00 ZF=1; SF=OF=0

DEC examples

AL: F5

dec al Results: AL: F4 SF=1; OF=ZF=0

NEG: negate

Syntax: NEG dest

Operation:dest - dest

Notes: Sets CF, unless dest is zero, y which case CF is cleared.

NEG examples

BX: 01 A2

neg bx Results: BX: FE 5E SF=1; ZF=0

NEG examples

DH: F5

neg dh Results: DH:0B SF=ZF=0

NEG examples

EAX: 00 00 00 00

neg eax Results: EAX: 00 00 00 00 SF=0; ZF=1

CMP: compare integers

Syntax: CMP op1, op2

Operation:NULL op1 - op2

MUL: unsigned integer multiply Syntax:

MUL orig Operation:

case(size(orig)) 8: AX AL * orig 16: DX:AX AX * orig 32: EDX:EAX EAX * origendcase

Notes: CF and OF are cleared ifthe high order of the result is zero.

Orig cannot be immediateX

MUL examples

AX: 00 05 BX: 00 02 DX: ?? ??

mul bx Results: DX: 00 00 AX: 00 0A CF=OF=0

MUL examples

AL: 05 Byte at Factor: FF

mul Factor Results: AX: 04 FB CF=OF=1

IMUL: signed integer multiply Syntax #1:

IMUL orig

Operation:case(size(orig)) 8: AX AL * orig 16: DX:AX AX * orig 32: EDX:EAX EAX * origendcase

IMUL examples

AX: 00 05 BX: 00 02 DX: ?? ??

imul bx DX: 00 00 AX: 00 0A CF=OF=0

IMUL examples

AL: 05 Byte at Factor: FF

imul Factor Results: AX: 04 FB CF=OF=1

IMUL: signed integer multiply (continued) Syntax #2:

IMUL dest, orig

Operation:dest dest * orig

IMUL examples

EBX: 00 00 00 0A

imul ebx, 10 *Note source may be immediate

Results: EBX: 00 00 00 64 CF=OF=0

IMUL: signed integer multiply (continued) Syntax #3:

IMUL dest, orig, const

Operation:dest orig * const

Notes: CF and OF are cleared if the result is the same size as the multiplicand.

IMUL examples

Word at Value: 08F2 BX: ?? ??

imul bx, Value, 1000 Results: BX: F1 50 CF=OF=1

DIV: unsigned integer divide

Syntax: DIV orig

Operation:case(size(orig)) 8: AL AX / orig AH AX % orig 16: AX DX:AX / orig DX DX:AX % orig 32: EAX EDX:EAX / orig EDX EDX:EAX % origendcase

source (divisor) other(dividend) Quotient Remainder

byte AX AL AHword DX:AX AX DX

double word EDX:EAX EAX EDX

DIV examples

EDX: 00 00 00 00 (100/13) EAX: 00 00 00 64 EBX: 00 00 00 0D

div ebx Results: EDX: 00 00 00 09 EAX: 00 00 00 07

IDIV: signed integer divide

Syntax: IDIV orig

Operation:case(size(orig)) 8: AL AX / orig AH AX % orig 16: AX DX:AX / orig DX DX:AX % orig 32: EAX EDX:EAX / orig EDX EDX:EAX % origendcase

CBW: convert byte to word

Syntax: CBW

Operation:AX SignExtend(AL)

CBW examples

AL: 53

cbw Results: AX: 0053

CBW examples

AL: C6

cbw Results: AX: FF C6

CWD: convert word to dword

Syntax: CWD

Operation:DX:AX SignExtend(AX)

CWD example

AX: 07 0D DX: ?? ??

Results: DX: 00 00 AX: 07 0D

CDQ: convert dword to qword Syntax:

Operation:EDX:EAX SignExtend(EAX)

CDQ example

EAX: FF FF FA 13 EDX: ?? ?? ?? ??

cdq Results: EDX: FF FF FF FF EAX: FF FF FA 13

CWDE: convert word to dword extended Syntax:

Operation:EAX SignExtend(AX)

CWDE example

AX: FF 2A

Results: EAX: FF FF FF 2A

MOVSX: move data with sign extend Syntax:

MOVSX dest, orig

Operation:dest SignExtend(orig)

Notes: orig must be smaller than dest.

MOVSX examples

Word at value: 07 0D

movsx ecx, value Results: ECX: 00 00 07 0D

MOVSX examples

Word at value: F7 0D

movsx ecx, value

Results: ECX: FF FF F7 0D

MOVZX: move data with zero extend Syntax:

MOVZX dest, orig

Operation:dest ZeroExtend(orig)

Notes: orig must be smaller than dest.

MOVZX examples

Word at value: 07 0D

movzx ecx, value Results: ECX: 00 00 07 0D

MOVZX examples

Word at value: F7 0D

movzx ecx, value

Results: ECX: 00 00 F7 0D

Logical and Bitwise Instructions

AND OR XOR NOT TEST

SHL SHR SAR ROL ROR RCL RCR

AND: bitwise and

Syntax: AND dest, orig

Operation:dest dest & orig

Notes: 0 & 0 = 00 & 1 = 01 & 0 = 01 & 1 = 1 0

OR: bitwise or

Syntax: OR dest, orig

Operation:dest dest | orig

Notes: 0 | 0 = 00 | 1 = 11 | 0 = 11 | 1 = 1 0

XOR: bitwise xor

Syntax: XOR dest, orig

Operation:dest dest ^ orig

Notes: 0 ^ 0 = 00 ^ 1 = 11 ^ 0 = 11 ^ 1 = 0 0

NOT: bitwise not

Syntax: NOT dest

Operation:dest ~dest

Notes: ~0 = 1~1 = 0

TEST: test bits

Syntax: TEST op1, op2

Operation:NULL op1 & op2

SHL: shift left

Syntax: SHL dest, count

Operation:

cf ...

msb lsb

SHR: shift right

Syntax: SHR dest, count

Operation:

msb lsb

SAR: shift arithmetic right

Syntax: SHR dest, count

Operation:

msb lsb

ROL: rotate left

Syntax: ROL dest, count

Operation:

cf ...

msb lsb

ROR: rotate right

Syntax: ROR dest, count

Operation:

msb lsb

RCL: rotate through carry left Syntax:

RCL dest, count

Operation:

cf ...

msb lsb

RCR: rotate through carry right Syntax:

RCR dest, count

Operation:

msb lsb

String Instructions

CLD STD REP STOSB REP STOSW REP STOSD

REP MOVSB REP MOVSW REP MOVSD

CLD: clear direction flag

Syntax: CLD

Operation:DF 0

STD: set direction flag

Syntax: STD

Operation:DF 1

REP STOSB: repeat store string byte Syntax:

REP STOSB

Operation:while(ECX <> 0) [EDI] AL if(DF = 0) EDI EDI + 1 else

EDI EDI - 1 endif ECX ECX - 1endwhile -

REP STOSW: repeat store string word Syntax:

REP STOSW

Operation:while(ECX <> 0) [EDI] AX if(DF = 0) EDI EDI + 2 else

REP STOSD: repeat store string dword Syntax:

REP STOSD

Operation:while(ECX <> 0) [EDI] EAX if(DF = 0) EDI EDI + 4 else

REP MOVSB: repeat move string byte Syntax:

REP MOVSB

Operation:while(ECX <> 0) BYTE [EDI] BYTE [ESI] if(DF = 0) ESI ESI + 1 EDI EDI + 1 else ESI ESI - 1

REP MOVSW: repeat move string word Syntax:

REP MOVSW

Operation:while(ECX <> 0) WORD [EDI] WORD [ESI] if(DF = 0) ESI ESI + 2 EDI EDI + 2 else ESI ESI - 2

REP MOVSD: repeat move string dword Syntax:

REP MOVSD

Operation:while(ECX <> 0) DWORD [EDI] DWORD [ESI] if(DF = 0) ESI ESI + 4 EDI EDI + 4 else ESI ESI - 4

CHAPTER 6

Mixing C and Assembly Language

Modularization

Most programs consist of a number of seperate parts, called modules.

Source modules are seperately edited and compiled or assembled in order to produce the corresponding object modules.

All the object modules are linked together to produce an executable program.

ELFexecutable

ld (linker)standard C

library

startfile

crt0.o

source module*.asm

source module*.o

source module*.c

source module*.o

Modularization(continued)

Exporting & Importing Names in Assembly Language

Any assembly language label may be exported to other modules using the global directive.

Exporting & Importing Names in Assembly Language (continued)

The global directive must appear before the definition of the corresponding symbol.

If a module exports a certain label, any other module may import it.

To import a label, the extern directive must be used.

A label can not be defined and declared extern in the same module.

Assembly Export/Import Examplebits 32section .data global alpha extern beta alfa dd 500section .text global _start extern func_start inc dword [alpha] inc byte [beta] call func mov eax, 1 mov ebx, 0 int 0x80

bits 32section .data global beta extern alpha beta db 10section .text global funcfunc xor eax, eax mov al, [beta] add [alpha], eax ret

module1.asm

module2.asm

Assembly Export/Import Example (continued)

Building the program:

$ nasm -f elf module1.asm$ nasm -f elf module2.asm$ ld -s module1.o module2.o -o program$ lsmodule1.asm module2.asmmodule1.o module2.oprogram

Exporting & Importing Names in ANSI C

By default, al function names and global variables are exportable to other modules.

If a name is prefered to be kept local to a module, it must be declared static.

Exporting & Importing Names in ANSI C (continued)

To indicate that a name is probably declared in some other module, the extern modifier must be used in the variable or function prototype declaration.

The extern modifier is optional in function prototype declarations.

It is not an error to declare a name extern and to have it defined as well in the same module.

ANSI C Export/Import Example

int x; /* defines an exportable variable */static int y; /* defines a local module variable */

/* import x if not defined in this module */extern int x;

/* import h if not defined in this module */extern int h(int, int);

int f(int a, int b) /* defines an exportable function */ { return a + b; }

static int g(int c) /* defines a local module function */ { return c + c; }

x86 and GCC Data types

GCC Data Type Size in bytes Assembly Language Equivalent

char 1 byteshort 2 wordint 4 dwordlong 4 dwordlong long 8 qwordfloat 4 dworddouble 8 qwordlong double 10 twordvoid * 4 dword

Register Usage

Function return their values in the following registers:AL for charAX for shortEAX for int, long and void *EDX:EAX for long longST0 for floating point

Register Usage (continued)

Registers EAX, ECX, EDX (not EBX) may be changed by the function; all other registers must be saved and restored.

Flags may be changed by the procedure with the following restriction: The direction flag is 0 by default. The direction flag may be set temporarily, but must be cleared before any call or return.

Passing Parameters

The parameters received by a C function, or a C-callable assembly language subroutine, are passed through the stack.

Parameters are pushed into the stack in reverse order, that is, from right to left. This means that the first paramater is always the nearest to the top of the stack.

Passing Parameters (continued)

After the parameters are pushed into the stack, a CALL instruction to the desired function or subroutine is executed.

When the function or subroutine returns, the parameters are still in the stack and must be removed by the caller. This may be done using POP instructions or by adjusting directly the ESP register through an ADD instruction.

Subroutine Prologue

The first two instructions in a C-callable subroutine that receives arguments should be:

push ebp

mov ebp, esp

This saves the EBP value, so that it can now point to the current top of stack.

Subroutine Prologue (continued)

After this prologue, the stack has the following layout:

EBPESP

Original value of EBP

CALL return address

Subroutineparameters

Subroutine Epilogue

In order to undo the subroutine prologue, the following intructions must be the last in a C-callable subroutine:

pop ebp

CHAPTER 8

Floating Point Instructions

FPU: Floating Point Unit

The FPU (Intel x87) is used for mathematical computations that require floating point numbers.

Uses IEEE 754 standard for floating point numbers.

Works in parallel together with the other x86 units.

FPU Registers

CPU and FPU have a separate set of registers, mutually inaccessible.

FPU has a stack of eight 80-bit registers. The register at the top of the stack is called ST0,

the one bellow is ST1 and so on. All values in the FPU registers are stored as real

extended numbers (80-bit). All computations take place using this precision.

FPU Registers (continued)

79 63 0

exponent

mantissa

x87 Data Types

x87 Data TypeNumber of Bytes

NASM Type ANSI C Type

word integer 2 word shortshort integer 4 dword int

long integer 8 qword long long

packed BCD integer 10 tword not availablesingle precision real 4 dword floatdouble precision real 8 qword doubleextended precision real 10 tword long double

The values contained in the FPU registers may be converted to and from the following data types:

The long long type is a GCC extension to ANSI C.

FPU Operations

Most FPU operations involve pushing and popping values to and from the register stack.

When a value is pushed to the stack, register ST0 becomes ST1, ST1 becomes ST2 and so on, thus making space in ST0 for the pushed value.

FPU Operations (continued)

The opposite occurs when the stack is popped: ST1 becomes ST0, ST2 becomes ST1 and son on.

Instructions that refer to memory usually require a size prefix: word, dword, qword or tword.

Using FPU Instructions

1. Reset FPU (FINIT).

2. Copy data from memory into FPU registers.

3. Process data.

4. Copy data from FPU registers back into memory.

Types of FPU Operations

Real Transfers Integer Transfers Packed BCD

Transfers Loading Constants Addition Normal Subtraction Reversed Subtraction

Multiplication Normal Division Reversed Division Transcendental

Instructions Comparisons Miscellaneous

Operations

Types of FPU Operations (continued)

Description of most FPU operations can be consulted in the FPU Operation Tables.

CHAPTER 9

SIMD Instructions

Data Transfer Instructions

MOVD MOVQ

MOVD: move dword

Syntax: MOVD dest, orig

Operation:dest orig

Notes: dest and orig may be MMX registers, memory locations or 32-bit integer registers. When the destination operand is an MMX register, the 32-bit source value is written to the low-order 32 bits of the 64-bit MMX register and zero-extended to 64 bits. When the source operand is an MMX register, the low-order 32 bits of the MMX register are written to the 32-bit integer register or 32-bit memory location selected with the destination operand.

MOVQ: move qword

Syntax: MOVQ dest, orig

Operation:dest orig

Notes: orig and dest can be either an MMX register or a memory location; however, data cannot be transferred from one memory location to another memory location.

Arithmetic Instructions

PADDB PADDW PADDD PADDSB PADDSW PADDUSB PADDUSW

PSUBB PSUBW PSUBD PSUBSB PSUBSW PSUBUSB PSUBUSW

Arithmetic Instructions (continued)

PMULLW PMULHW PMADDWD

Data Range Limits for Saturation

Decimal Hexadecimal Decimal Hexadecimal

Signed Byte -128 0x80 127 0x7FSigned Word -32,768 0x8000 32,767 0x7FFFUnsigned Byte 0 0x00 255 0xFFUnsigned Word 0 0x0000 65,535 0xFFFF

Lower Limit Upper LimitData Type

PADDB: packed truncated byte addition Syntax:

PADDB dest, orig

Operation:

PADDW: packed truncated word addition Syntax:

PADDW dest, orig

Operation:

PADDD: packed truncated dword addition Syntax:

PADDD dest, orig

Operation:

PADDSB: packed signed saturated byte addition Syntax:

PADDSB dest, orig

Operation:

PADDSW: packed signed saturated word addition Syntax:

PADDSW dest, orig

Operation:

PADDUSB: packed unsigned saturated byte addition Syntax:

PADDUSB dest, orig

Operation:

PADDUSW: packed unsigned saturated word addition Syntax:

PADDUSW dest, orig

Operation:

PSUBB: packed truncated byte subtraction Syntax:

PSUBB dest, orig

Operation:

PSUBW: packed truncated word subtraction Syntax:

PSUBW dest, orig

Operation:

PSUBD: packed truncated dword subtraction Syntax:

PSUBD dest, orig

Operation:

PSUBSB: packed signed saturated byte subtraction Syntax:

PSUBSB dest, orig

Operation:

PSUBSW: packed signed saturated word subtraction Syntax:

PSUBSW dest, orig

Operation:

PSUBUSB: packed unsigned saturated byte subtraction Syntax:

PSUBUSB dest, orig

Operation:

PSUBUSW: packed unsigned saturated word subtraction Syntax:

PSUBUSW dest, orig

Operation:

PMULLW: packed multiply low word (signed) Syntax:

PMULLW dest, orig

Operation:

Low Order

Low Order =

PMULHW: packed multiply high word (signed) Syntax:

PMULHW dest, orig

Operation:

High Order

High Order =

PMADDWD: packed multiply and add (signed) Syntax:

PMADDWD dest, orig

Operation:

* * * *dest

Logical Instructions

PAND POR PXOR PANDN

PAND: bitwise qword and

Syntax: PAND dest, orig

Operation:

POR: bitwise qword or

Syntax: POR dest, orig

Operation:

PXOR: bitwise qword xor

Syntax: PXOR dest, orig

Operation:

PANDN: bitwise qword and/not Syntax:

PANDN dest, orig

Operation:

Shift Instructions

PSLLW PSLLD PSLLQ PSRLW PSRLD PSRLQ PSRAW PSRAD

PSLLW: packed word logical shift left Syntax:

PSLLW dest, orig

Operation:

PSLLD: packed dword logical shift left Syntax:

PSLLD dest, orig

Operation:

PSLLQ: packed qword logical shift left Syntax:

PSLLQ dest, orig

Operation:

PSRLW: packed word logical (unsigned) shift right Syntax:

PSRLW dest, orig

Operation:

PSRLD: packed dword logical (unsigned) shift right Syntax:

PSRLD dest, orig

Operation:

PSRLQ: packed qword logical (unsigned) shift right Syntax:

PSRLQ dest, orig

Operation:

PSRAW: packed word arithmetic (signed) shift right Syntax:

PSRAW dest, orig

Operation:

PSRAD: packed dword arithmetic (signed) shift right Syntax:

PSRAD dest, orig

Operation:

Comparison Instructions

PCMPEQB PCMPEQW PCMPEQD PCMPGTB PCMPGTW PCMPGTD

PCMPEQB: packed compare for equal bytes Syntax:

PCMPEQB dest, orig

Operation:

All ones if true, all zeros if false.

PCMPEQW: packed compare for equal words Syntax:

PCMPEQW dest, orig

Operation:

PCMPEQD: packed compare for equal dwords Syntax:

PCMPEQD dest, orig

Operation:

PCMPGTB: packed compare for greater than bytes (signed) Syntax:

PCMPGTB dest, orig

Operation:

PCMPGTW: packed compare for greater than words (signed) Syntax:

PCMPGTW dest, orig

Operation:

PCMPGTD: packed compare for greater that dwords (signed) Syntax:

PCMPGTD dest, orig

Operation:

Conversion Instructions

PACKSSWB PACKSSDW PACKUSWB PUNPCKLBW PUNPCKLWD PUNPCKLDQ

PUNPCKHBW PUNPCKHWD PUNPCKHDQ

PACKSSWB: pack words into bytes with signed saturation Syntax:

PACKSSWB dest, orig

Operation:

PACKSSDW: pack dwords into words with signed saturation Syntax:

PACKSSDW dest, orig

Operation:

PACKUSWB: pack words into bytes with unsigned saturation Syntax:

PACKUSWB dest, orig

Operation:

PUNPCKLBW: unpack low packed bytes Syntax:

PUNPCKLBW dest, orig

Operation:

PUNPCKLWD: unpack low packed words Syntax:

PUNPCKLWD dest, orig

Operation:

PUNPCKLDQ: unpack low packed dwords Syntax:

PUNPCKLDQ dest, orig

Operation:

PUNPCKHBW: unpack high packed bytes Syntax:

PUNPCKHBW dest, orig

Operation:

PUNPCKHWD: unpack high packed words Syntax:

PUNPCKHWD dest, orig

Operation:

PUNPCKHDQ: unpack high packed dwords Syntax:

PUNPCKHDQ dest, orig

Operation:

Empty MMX State Instruction

EMMS: empty MMX state

Syntax: EMMS

Notes: Should be used at the end of a sequence of MMX instructions in order to allow subsequent FPU instructions.

CHAPTER 10

Interrupt Handling

Interrupting Program Execution An interrupt is an

asynchronous event that is typically triggered by hardware (I/O device).

An exception is a synchronous event that is generated when the processor detects one or more predefined conditions while executing an instruction.

Interrupting Program Execution (continued)

When an interrupt or exception is signaled, the processor halts execution of the current task and switches to a handler procedure that has been written specifically to handle the interrupt or exception condition.

Interrupting Program Execution (continued)

The processor accesses the handler procedure through an entry in the interrupt descriptor table (IDT).

When the handler has completed handling the interrupt or exception, program control is returned to the interrupted task.

Interrupt Descriptor Table

The IDT comprises up to 256 8-byte gate descriptors.

A gate is the mechanism that allows a task to execute code in a different privilege level.

Each gate descriptor contains the segment selector, offset and privilege level of its corresponding handler procedure.

The address and size of the IDT is stored in the 48-bit Interrupt Descriptor Table Register. (IDTR).

Gate for Interrupt n

Interrupt Descriptor Table Register

IDT base address (32 bits) IDT Limit

0151647

Gate for Interrupt 1

Gate for Interrupt 0IDT may begin at

any address inphysical memory

8-byte descriptors

handler procedure code for

interrupt 0

interrupt 1

interrupt n

SIDT: store IDTR

Syntax: SIDT dest

Operation:dest IDTR

Hardware Interrupts

The x86 processor has two pins that can be attached to external interrupt-generating devices. These pins, or input lines, are: INTR Maskable interrupts NMI Nonmaskable interrupts

Interrupt Flag

The interrupt flag IF is contained in the EFLAGS register.

The INTR input line may be enabled or disabled through software (running in the correct privileged level) with the use of the STI (set IF) and CLI (clear IF) instructions. This means that INTR may be masked (disabled).

The NMI input line is nonmaskable, which means it may not be disabled.

The PIC 8259

The 8259 Programmable Interrupt Controller (PIC) chip accepts interrupts from up to eight different devices. If any one of the devices requests service, the 8259 will toggle the CPU’s INTR input line and pass an interrupt vector number to the CPU’s data bus.

Several PICs may be cascaded in order to support up to different 64 devices.

The PIC 8259 (continued)

A typical PC uses two PICs to provide 15 interrupt inputs (seven on the master PIC with its eighth input coming from the slave PIC to process its eight inputs).

In modern motherboards, the 8259 is usually incorporated into a larger chip as part of the chipset.

PIC and CPU Connections

CPUx86

data bus

D0 D1 D2 D3 D4 D5 D6 D7

PIC8259

master

PIC8259slave

PIC Inputs for a PC (Real Mode)8259 Pin Vector Number Device

IRQ 0 0x08 Timer chip IRQ 1 0x09 Keyboard IRQ 2 0x0A Cascade for slave controller (IRQ 8-15) IRQ 3 0x0B Serial port 2 IRQ 4 0x0C Serial port 1 IRQ 5 0x0D Parallel port 2 in AT, reserved in PS/2 systems IRQ 6 0x0E Diskette drive IRQ 7 0x0F Parallel port 1 IRQ 8/0 0x70 Real-time clock IRQ 9/1 0x71 CGA vertical retrace (and other IRQ 2 devices) IRQ 10/2 0x72 Reserved IRQ 11/3 0x73 Reserved IRQ 12/4 0x74 Reserved in AT, auxiliary device on PS/2 systems IRQ 13/5 0x75 FPU interrupt IRQ 14/6 0x76 Hard disk controller IRQ 15/7 0x77 Reserved

Interrupts and Exceptions (Protected Mode)

Vector Number Description Source0 Divide error DIV and IDIV instructions1 Debug Any code or data reference2 NMI interrupt Nonmaskable external interrupt3 Breakpoint INT 3 instruction4 Overflow INTO instruction5 Bound range exceeded BOUND instruction6 Invalid opcode UD2 instruction or reserved opcode7 Device not available No math coprocessor

8 Double faultAny instruction that can generate an exception, an NMI, or an INTR.

9 Reserved10 Invalid TSS Task switch or TSS access.

Interrupts and Exceptions (continued)Vector Number Description Source

11 Segment Not PresentLoading segment registers or accessing system segments.

12 Stack Segment FaultStack operations and SS register loads.

13 General ProtectionAny memory reference and other protection checks.

14 Page Fault Any memory reference.15 Reserved

16 Floating-Point ErrorFloating-point or WAIT/FWAIT instruction.

17 Alignment Check Any data reference in memory.18 Machine Check Model dependent.

19-31 Reserved

32-255 Maskable InterruptsExternal interrupt from INTR pin or INT n instruction.

Signals

Linux traps all interrupts and exceptions that are generated by the system.

Under some circumstances, the operating system will send a signal to a running process informing it that an exceptional situation has occurred.

Signals (continued)

Some signals report errors such as references to invalid memory addresses; others report asynchronous events, such as disconnection of a phone line.

Hardware Interrupts & Signals

CPUx86

PIC8259

OSkernel

Process

1. A device generates a hardware interrupt

2. CPU calls the handler procedure provided by the OS kernel

3. If required, the OS kernel sends a signal to a process

Software Exceptions & Signals

CPUx86

OSkernel

Process

1. Process generatesa software exception

2. CPU calls the handler procedure provided by the OS kernel

3. OS kernel sends a signal to the offending process

Signal Handling

A programmer may arrange for a particular signal to be ignored or to be processed by a special piece of code called a signal handler.

Signal Handling (continued)

In the latter case, the process that receives the signal suspends its current flow of control, executes the signal handler, and the resumes the original flow of control when the signal handler finishes.

Predefined Signals

There are 31 different signals defined for UNIX.

A programmer may choose one of the following actions for a particular signal: Trigger a user-supplied signal handler

Trigger the default kernel-supplied handler

Ignore it

Default Signal Handlers

DUMP: terminate the process and generate a core (memory) image file

QUIT: terminate the process without generating a core image file

IGNORE: ignore and discard the signal SUSPEND: suspends the process

List of Signals

MacroSignal

NumberDefault Action

Description

SIGHUP 1 quit HangupSIGINT 2 quit InterruptSIGQUIT 3 dump QuitSIGILL 4 dump Illegal instructionSIGTRAP 5 dump Trace trap (for debugging)SIGIOT 6 dump IO Trap instructionSIGBUS 7 dump Bus errorSIGFPE 8 dump Floating Point ExceptionSIGKILL 9 quit Kill (cannot be caught, blocked or

ignored)SIGUSR1 10 quit User defined signal 1

List of Signals (continued)

MacroSignal

Description

SIGSEGV 11 dump Segmentation violationSIGUSR2 12 quit User defined signal 2SIGPIPE 13 quit Write on a pipe with no one to read

itSIGALRM 14 quit Alarm clockSIGTERM 15 quit Software termination signalSIGCHLD 17 ignore Child status has changedSIGCONT 18 ignore Continue after stopSIGSTOP 19 suspend Stop (cannot be caught, blocked or

ignored)SIGTSTP 20 suspend Stop signal generated from

keyboard

List of Signals (continued)

MacroSignal

Description

SIGTTIN 21 suspend Background read attempted from control terminal

SIGTTOU 22 suspend Background write attempted to control terminal

SIGURG 23 ignore Urgent condition present on socketSIGXCPU 24 quit CPU time limit exceededSIGXFSZ 25 quit File size limit exceededSIGVTALRM 26 quit Virtual time alarmSIGPROF 27 quit Profiling timer alarmSIGWINCH 28 ignore Window size changedSIGLOST 29 quit Resource lost

Setting a SignalHandler

The signal system call allows a process to specify the action that it will take when a particular signal is received.

Setting a Signal Handler (continued)

It takes two parameters (from left to right):1. The code number of the signal to be

reprogrammed.2. The address of a user defined function,

which will be executed when thespecified signal arrives, or zero(SIG_DFL) to use the default handler,or one (SIG_IGN) to ignore the signal.

Assembly Language Msc. Ivan A. Escobar Broitman Enero Mayo 2012

Documents

AUTORIDADES - abc.gob.ar · Claudia Broitman y Horacio Itzcovich (coordinadores) Mónica Escobar, Verónica Grimaldi e Inés Sancha Ciencias Sociales Diana González y Analía Segal

Escobar portfolio

Alejandra Escobar

Escobar 2011

Examen 1 carla escobar

Angie escobar.#44

Odontologia pediatrica escobar

GENEALOGIA DE LOS GUTIERREZ - …files.genealogiarava.webnode.es/200000054-2ad042bbcc/Escobar... · genealogia ―escobar‖ diciembre 31 de 2011 . ramon arturo velez arango escobar

escobar cantina

Lisa Escobar Portfolio

Ximena escobar

Escobar Whose Nature

MATEMÁTICA CIENCIAS NATURALES CIENCIAS SOCIALES · MATEMÁTICA CIENCIAS NATURALES CIENCIAS SOCIALES Matemática: Claudia Broitman, Horacio Itzcovich y Andrea Novembre Mónica Escobar,

Escobar culture sits_in_places

Poland alejandro escobar 6ºc

NICOLÁS ESCOBAR TRIVIÑO

David Escobar mayoristas

Pablo Escobar(updated)

Micros 1 - Homepage of Professor Ivan A. Escobar Broitman interfacing.pdf · Micros 1 Hardware Interfacing. ... • Seven Segment LEDs – Common Anode/ Cathode ... Microsoft PowerPoint

Capítulo 1 Broitman