IA32 (Pentium) Processor Architecture

Processor modes:

1. Protected (mode we will study)– 32-bit mode– 32-bit (4GB) address space

2. Virtual 8086 modes3. Real mode– 1MB address space

4. System management mode

Registers

• 32-bit GPR’s (“general” purpose registers):

eax ebpebx especx esiedx edieflags eip

Registers

e[a,b,c,d]x:

32 bits

16 bits

8 bits

Note: eax is one register that can be viewed four different ways. (It is not four different registers. Schizophrenic?)

31 eax 0

15 ax 0

7 ah 0 7 al 0

Registers

• Not really GPR’s.– eax - accumulator; multiplication and division– ecx - loop counter– esp - stack pointers; don’t use– esi, edi - for memory-to-memory transfer– ebp - used by HLL for local vars on stack

Registers

• Additional registers:– 16-bit segment registers• cs, es, ss, fs, ds, gs• don’t use

– eip• instruction pointer / program counter (PC)• don‘t use

Registers

• Additional registers:– eflags• contains results of operations• 32 individual bits

– control flags– status flags:

» C = carry (unsigned)» O = overflow (signed); also called V» S = sign; also called N for negative» Z = zero

Registers

• Additional registers:– floating point registers:• ST(0) … ST(7)

– MMX has 8 64-bit regs

– XMM has 8 128-bit regs

Fundamental instructions

1. mov - move

2. add - addition

3. sub - subtraction

4. call - call a function

5. ret - return from a function to caller

Fundamental instructions

• In all of the following examples, let:K equ 12 a constant (doesn’t use

memory)

a dword 52 a variable (uses memory)

MOV (MOVE)Fundamental instructions

Fundamental instructions

• mov - move– destination = source

mov dst, src

From IA-32 Intel Architecture Software Developer’s Manual, Volume 2A: Instruction Set Reference A-M

mov

mov r32, r/m32Ex. mov ebx, ecxEx. mov ebx, a

mov r/m32, r32Ex. mov ecx, ebxEx. mov a, ebx

mov r32, imm32Ex. mov ebx, K

mov r/m32, imm32Ex. mov eax, KEx. mov a, K

mov notes

mov r32, r/m32Ex. mov ebx, ecxEx. mov ebx, a

mov r/m32, r32Ex. mov ecx, ebxEx. mov a, ebx

mov r32, imm32Ex. mov ebx, K

mov r/m32, imm32Ex. mov eax, KEx. mov a, K

• Note the duplication:mov eax, ebx appear 2xmov eax, K appears 2x.

• Note: No mov m32, m32.• Note: No imm32, imm32.

Why not?• Flags affected: None.

– Will mov eax, 0 affect the Z flag?

Problem: swap

• Swap the contents of memory location A with the contents of memory location B (and vice versa).– Assume that A and B are dwords that are already

defined for you.

ADDFundamental instructions

Fundamental instructions

• add – addition– Two add instructions (add and add w/ carry):• add dst, src

dst = dst + src

• adc dst, srcdst = dst + src + CF

• We will only use add.

From IA-32 Intel Architecture Software Developer’s Manual, Volume 2A: Instruction Set Reference A-M

(advanced)

add

add eax, imm32Ex. add eax, K

add r/m32, imm32Ex. add ebx, KEx. add a, K

add r/m32, r32Ex. add ebx, ecxEx. add a, ecx

add r32, r/m32Ex. add ebx, ecxEx. add ebx, a

add notes

add eax, imm32Ex. add eax, K

add r/m32, imm32Ex. add ebx, KEx. add a, K

add r/m32, r32Ex. add ebx, ecxEx. add a, ecx

add r32, r/m32Ex. add ebx, ecxEx. add ebx, a

• Remember: eax is the accumulator.

• Note the duplication.• Note: No add m32,

m32.• Flags affected: O, S, Z, C• Would you call this a

load/store architecture?

Problem: add ‘em up

• You are given 3 dwords, A, B, and C that have been previously assigned values.

• Add them up and save the result in a dword called SUM.

SUBFundamental instructions

Fundamental instructions

• sub – subtraction– Like add, there are two subtract instructions, sub,

and subtract w/ borrow:• sub dst, src

dst = dst - src

• sbb dst, srcdst = dst – (src + CF)

• We will only use sub.

From IA-32 Intel Architecture Software Developer’s Manual, Volume 2B: Instruction Set Reference N-Z

(advanced)

sub

sub eax, imm32Ex. sub eax, K

sub r/m32, imm32Ex. sub ebx, KEx. sub a, K

sub r/m32, r32Ex. sub ebx, ecxEx. sub a, ecx

sub r32, r/m32Ex. sub ebx, ecxEx. sub ebx, a

sub notes

sub eax, imm32Ex. sub eax, K

sub r/m32, imm32Ex. sub ebx, KEx. sub a, K

sub r/m32, r32Ex. sub ebx, ecxEx. sub a, ecx

sub r32, r/m32Ex. sub ebx, ecxEx. sub ebx, a

• Remember: eax is the accumulator.

• Note the duplication.

• Note: No sub m32, m32.

• Flags affected: O, S, Z, C

• Would you call this a load/store architecture?

Problem: subtract ‘em

• You are given 3 dwords, A, B, and C that have been previously assigned values.

• Subtract one from the first, two from the second, and ten from the third.

• Would your solution still work if this were a load/store architecture?

CALLFundamental instructions

Fundamental instructions

• call - call a function (AKA subroutine, routine, procedure)– Use registers or stack to pass arguments to function.– Use registers to return value from function.– Ex.

mov eax, 0 ;input param to function f is 0 in eax

call f ;call our functionmov ebx, eax ;save value returned for

future use

Fundamental instructions

• Windows calling conventions:

1. Always assume that all flags are affected.

2. 32-bit Windows calling conventions:a) EBX, ESI, and EDI are always preserved by called

function.b) EAX, ECX, and EDX can be freely modified (by called

function).

From IA-32 Intel Architecture Software Developer’s Manual, Volume 2A: Instruction Set Reference A-M

Call example

• The dump function can be called at any time by your program to display the contents of registers (including the EFLAGS register).

• Unlike other Windows functions, it preserves all of the caller’s registers.

Call example;----------------------------------------------------------------------

align 4.code ;insert executable instructions below

main PROC ;program execution begins heremov eax, 1 ;set regs valuesmov ebx, 2mov ecx, 3mov edx, 4mov esi, 5mov edi, 6call dump ;show contents of regsmov eax, input(prompt) ;prompt the userexit ;end of program

main ENDP

;----------------------------------------------------------------------align 4.code ;insert executable instructions below

main PROC ;program execution begins heremov eax, 1 ;set regs valuesmov ebx, 2mov ecx, 3mov edx, 4mov esi, 5mov edi, 6call dump ;show contents of regsmov eax, input(prompt) ;prompt the userexit ;end of program

main ENDP

Call example

ret

• Return from procedure (AKA function, method, routine, or subroutine).

• Flags affected: none.

Problems:

• One way to pass (and return) arguments to functions is to use registers.

1. Write a function that doubles a number.• The number to be doubled is in eax.• The result should also be in eax.

2. Write a function that adds three numbers together.