Vous êtes sur la page 1sur 120

3/3/11

Microprocessor 1
Dr. Sufyan Samara Computer Engineering Department An Najah Na>onal University
1

Objec>ves and notes


Provide an understanding of microprocessors, their structure, and the assembly language. Three exams and some home works. Textbook:
The intel microprocessors by Barry B. Brey

3/3/11

History
500 B.C. Babylonians invented the abacus In 1642 mathema>cian Blaise Pascal invented a calculator constructed of gears and wheels. First prac>cal geared mechanical machines to compute informa>on date to early 1800s handheld electronic calculator.
rst appeared in early 1970s

In 1889, Herman Hollerith developed the punched card for storing data. German inventor Konrad Zuse, invented the rst modern electromechanical computer. His Z3 calcula>ng computer probably invented for aircra\ and missile design.
during World War II for the German war eort

Z3 a relay logic machine clocked at 5.33 Hz.

far slower than latest mul>ple GHz microprocessors

History cont.
Electronic Numerical Integrator and Calculator (ENIAC), a huge machine.
over 17,000 vacuum tubes; 500 miles of wires weighed over 30 tons about 100,000 opera>ons per second

Programmed by rewiring its circuits.

Required frequent maintenance.

process took many workers several days workers changed electrical connec>ons on plug-boards like early telephone switchboards vacuum tube service life a problem

First microprocessor developed at Intel Corpora>on in 1971 The rst, machine language, was constructed of ones and zeros using binary codes.
stored in the computer memory system as groups of instruc>ons called a program

3/3/11

Mathema>cian John von Neumann rst modern person to develop a system to accept instruc>ons and store them in memory. Computers are o\en called von Neumann machines in his honor. Assembler allows programmer to use mnemonic codes
such as ADD for addi>on In place of a binary number.
such as 0100 0111

History cont.

Assembly language an aid to programming. 1957 Grace Hopper developed rst high-level programming language called FLOWMATIC.
computers became easier to program

In same year, IBM developed FORTRAN FORmula TRANslator) for its systems.

FORTRAN is s>ll used by some scien>sts for computer programming.

Allowed programmers to develop programs that used formulas to solve mathema>cal problems.

Similar language, ALGOL (ALGOrithmic Language) introduced about a year later


5

History cont.
First successful, widespread programming language for business applica>ons was COBOL (COmputer Business Oriented Language). Some common modern programming languages are BASIC, C#, C/C++, Java, PASCAL, and ADA. Assembly language s>ll plays important role. Assembly also interspersed with C/C++ to perform machine control func>ons eciently.
some newer parallel instruc>ons found on Pen>um and Core2 microprocessors only programmable in assembly language many video games wrilen almost exclusively in assembly language

3/3/11

World s rst microprocessor the Intel 4004. A 4-bit microprocessor-programmable controller on a chip. Addressed 4096, 4-bit-wide memory loca>ons.
a bit is a binary digit with a value of one or zero 4-bit-wide memory loca>on o\en called a nibble

The Microprocessor Age

The 4004 instruc>on set contained 45 instruc>ons. Fabricated with then-current state-of-the-art P-channel MOSFET technology. Executed instruc>ons at 50 KIPs (kilo-instrucFons per second).

Dierence was that 4004 weighed less than an ounce. 4-bit microprocessor debuted in early game systems and small control systems.
early shueboard game produced by Bailey

slow compared to 100,000 instruc>ons per second by 30-ton ENIAC computer in 1946

Main problems with early microprocessor were speed, word width, and memory size. Texas Instruments and others also produced 4-bit microprocessors.
s>ll survives in low-end applica>ons such as microwave ovens and small control systems Calculators s>ll based on 4-bit BCD (binary-coded decimal) codes

The Microprocessor Age cont.


Intel released 8008 in 1971.
extended 8-bit version of 4004 microprocessor

Addressed expanded memory of 16K bytes.


A byte is generally an 8-bit-wide binary number and a K is 1024. memory size o\en specied in K bytes

Contained addi>onal instruc>ons, 48 total. Provided opportunity for applica>on in more advanced systems.
engineers developed demanding uses for 8008
8

3/3/11

The Microprocessor Age cont.


Intel introduced 8080 microprocessor in 1973. Motorola Corpora>on introduced MC6800 microprocessor about six months later. 8080and, to a lesser degree, the MC6800were a breakthrough in the age of the microprocessor. 8080 addressed four >mes more memory.
64K bytes vs l6K bytes for 8008 other companies soon introduced their own versions of the 8-bit microprocessor rst of the modem 8-bit microprocessors

Executed addi>onal instruc>ons; 10x faster. TTL (transistor-transistor logic) compa>ble.


the 8008 was not directly compa>ble

addi>on taking 20 s on an 8008-based system required only 2.0 s on an 8080-based system

Interfacing made easier and less expensive.


9

The 8085 Microprocessor


In 1977 Intel Corpora>on introduced an updated version of the 8080the 8085. Last 8-bit, general-purpose microprocessor developed by Intel. Slightly more advanced than 8080; executed so\ware at an even higher speed.
769,230 instruc>ons per second vs 500,000 per second on the 8080).
10

3/3/11

The Modern Microprocessor


In 1978 Intel released the 8086; a year or so later, it released the 8088. Both devices are 16-bit microprocessors.
executed instruc>ons in as lille as 400 ns (2.5 millions of instrucFons per second) major improvement over execu>on speed of 8085

8086 & 8088 addressed 1M byte of memory.


16 >mes more memory than the 8085 1M-byte memory contains 1024K byte-sized memory loca>ons or 1,048,576 bytes
11

The Modern Microprocessor cont.


Higher speed and larger memory size allowed 8086 & 8088 to replace smaller minicomputers in many applica>ons. Another feature was a 4- or 6-byte instruc>on cache or queue that prefetched instruc>ons before they were executed.
queue sped opera>on of many sequences of instruc>on basis for the much larger instruc>on caches found in modem microprocessors.

These microprocessors are called CISC (complex instrucFon set computers). 16-bit microprocessor also provided more internal register storage space.
addi>onal registers allowed so\ware to be wrilen more eciently evolved to meet need for larger memory systems addi>onal instruc>ons eased task of developing ecient and sophis>cated applica>ons

12

3/3/11

The Modern Microprocessor cont.


Popularity of Intel ensured in 1981 when IBM chose the 8088 in its personal computer. Spreadsheets, word processors, spelling checkers, and computer-based thesauruses were memory-intensive .
required more than 64K bytes of memory found in 8-bit microprocessors to execute eciently The 16-bit 8086 and 8088 provided 1M byte of memory for these applica>ons
13

Even the 1M-byte memory system proved limi>ng for databases and other applica>ons. Almost iden>cal to the 8086/8088.
Intel introduced the 80286 in 1983 an updated 8086

The 80286 Microprocessor

Instruc>on set almost iden>cal except for a few addi>onal instruc>ons. 80286 clock speed increased in 8.0 Mhz version.
managed the extra 15M bytes of memory executed some instruc>ons in as lille as 250 ns (4.0 MIPs)

addressed 16M-byte memory system instead of a 1M-byte system

Some changes to internal execu>on of instruc>ons led to eighrold increase in speed for many instruc>ons
14

3/3/11

The 32-Bit Microprocessor


Applica>ons demanded faster microprocessor speeds, more memory, and wider data paths. Led to the 80386 in 1986 by Intel. Intel s rst prac>cal microprocessor to contain a 32-bit data bus and 32-bit memory address. Through 32-bit buses, 80386 addressed up to 4G bytes of memory.
major overhaul of 16-bit 808680286 architecture

Intel produced an earlier, unsuccessful 32-bit microprocessor called iapx-432 1G memory = 1024M, or 1,073,741,824 loca>ons 1,000,000 typewrilen, double-spaced pages of ASCII text data

80386SX addressed 16M bytes of memory through a 16-bit data and 24-bit address bus. 80386SL/80386SLC addressed 32M bytes memory via 16-bit data, 25-bit address bus. 80386SLC contained an internal cache to process data at even higher rates.
15

The 32-Bit Microprocessor cont.


32-bit microprocessor needed due to size of its data bus. To process 32-bit real numbers, the microprocessor must eciently pass them between itself and memory. Signicantly increases speed of any program that manipulates real numbers. High-level languages, spreadsheets, and database management systems use real numbers for data storage.
with 8-bit data bus, takes four read or write cycles only one read or write cycle is required for 32 bit transfers real (single-precision oa>ng-point) numbers that require 32-bit-wide memory

80386 had higher clocking speeds and included a memory management unit.
allowed memory resources to be allocated and managed by the opera>ng system

also used in graphical design packages that use vectors to plot images on the video screen CAD (computer-aided draMing/design) systems as AUTOCAD, ORCAD

16

3/3/11

The 80486 Microprocessor


In 1989 Intel released the 8048. Highly integrated package. 80386-like microprocessor. 80387-like numeric coprocessor. 8K-byte cache memory system. Internal structure of 80486 modied so about half of its instruc>ons executed in one clock instead of two clocks.

Double-clocked 80486DX2 executed instruc>ons at 66 MHz, with memory transfers at 33 MHz.


called a double-clocked microprocessor

in a 50 MHz version, about half of instruc>ons executed in 25 ns (50 MIPs) 50% over 80386 operated at same clock speed

17

The Pen8um Microprocessor


Introduced 1993, Pen>um was similar to 80386 and 80486 microprocessors. Originally labeled the P5 or 80586.
Intel decided not to use a number because it appeared to be impossible to copyright a number

Introductory versions operated with a clocking frequency of 60 MHz & 66 MHz, and a speed of 110 MIPs. Double-clocked Pen>um at 120 MHz and 133 MHz, also available. Cache size was increased to 16K bytes from the 8K cache found in 80486. 8K-byte instruc>on cache and data cache. Memory system up to 4G bytes. Data bus width increased to a full 64 bits. Data bus transfer speed 60 MHz or 66 MHz.
depending on the version of the Pen>um fastest version produced 233 MHz Pen>um a three and one-half clocked version

18

3/3/11

The Intel iCOMP-ra>ng index


To compare speeds of microprocessors, Intel devised the iCOMP- ra>ng index.
composite of SPEC92, ZD Bench, Power Meter

The iCOMP1 ra>ng index is used to rate the speed of all Intel microprocessors through the Pen>um. Figure 12 shows rela>ve speeds of the 80386DX 25 MHz version through the Pen>um 233 MHz version.
19

20

10

3/3/11

The Intel iCOMP2-ra>ng index.

A\er Pen>um II Switched to


iCOMP2-ra>ng

21

Memory structure of all Intel-based personal computers similar

The Memory and I/O System

22

11

3/3/11

Main memory system divided into three parts:


TPA (transient program area) system area XMS (extended memory system)

First 1M byte of memory o\en called the real or conven>onal memory system. 80286 through the Core2 contain the TPA (640K bytes) and system area (384K bytes).
also contain extended memory o\en called AT class machines Intel microprocessors designed to func>on in this area using real mode opera>on

23

The TPA
The transient program area (TPA) holds the DOS (disk operaFng system) opera>ng system; other programs that control the computer system. Interrupt vectors access DOS, BIOS (basic I/O system), and applica>ons. Areas contain transient data to access I/O devices and internal features of the system.
these are stored in the TPA so they can be changed as DOS operates
24

12

3/3/11

The System Area


The system area contains programs on read- only (ROM) or ash memory, and areas of read/write (RAM) memory for data storage. contains ROM/RAM data from devices such as the video display RAM, the video control programs on ROM or ash memory, and the System BIOS ROM.

25

I/O Space
I/O devices allow the microprocessor to communicate with the outside world. I/O (input/output) space in a computer system extends from I/O port 0000H to port FFFFH
I/O port address is similar to a memory address instead of memory, it addresses an I/O device

26

13

3/3/11

The Microprocessor
Called the CPU (central processing unit) Microprocessor performs three main tasks:
Controls memory and I/O through connec>ons called buses. data transfer between itself and the memory or I/O systems simple arithme>c and logic opera>ons program ow via simple decisions A common group of wires that interconnect components in a computer system. Transfer address, data, & control informa>on between microprocessor, memory and I/O. Three buses exist for this transfer of informa>on: address, data, and control.

Buses

27

The block diagram of a computer system

28

14

3/3/11

Buses
The address bus requests a memory loca>on from the memory or an I/O loca>on from the I/O devices. The data bus transfers informa>on between the microprocessor and its memory and I/O address space

29

Buses
Control bus lines select and cause memory or I/O to perform a read or write opera>on. In most computer systems, there are four control bus connec>ons: MRDC (memory read control) MWTC (memory write control) IORC (I/O read control) IOWC (I/O write control). overbar indicates the control signal is ac>ve-low; (ac>ve when logic zero appears on control line)
30

15

3/3/11

opera>on
The microprocessor reads a memory loca>on by sending the memory an address through the address bus. Next, it sends a memory read control signal to cause the memory to read data. Data read from memory are passed to the microprocessor through the data bus. Whenever a memory write, I/O write, or I/O read occurs, the same sequence is carried out.
31

NUMBER SYSTEMS
Use of a microprocessor requires working knowledge of numbering systems.
binary, decimal, and hexadecimal

Conversions are described.


decimal and binary decimal and hexadecimal binary and hexadecimal

32

16

3/3/11

The Number system


Decimal 0 -9 Hexadecimal 0 F Octal 0 - 7 Binary 0,1

33

To convert from any number base to decimal, determine the weights or values of each posi>on of the number. Sum the weights to form the decimal equivalent.

Conversion to Decimal

34

17

3/3/11

Conversions from decimal to other number systems more dicult to accomplish. To convert the whole number por>on of a number to decimal, divide by 1 radix.

Conversion from Decimal

35

Whole Number Conversion from Decimal


To convert a decimal whole number to another number system, divide by the radix and save remainders as signicant digits of the result. An algorithm for this conversion:
divide the decimal number by the radix (number base) save the remainder (rst remainder is the least signicant digit) repeat steps 1 and 2 un>l the quo>ent is zero
36

18

3/3/11

To convert 10 decimal to binary, divide it by 2.


the result is 5, with a remainder of 0

First remainder is units posi>on of the result.


in this example, a 0

Next, divide the 5 by 2; result is 2, with a remainder of 1.


the 1 is the value of the twos (21) posi>on

Con>nue division un>l the quo>ent is a zero. The result is wrilen as 10102 from the bolom to the top.
37

Conversion is accomplished with mul>plica>on by the radix. Whole number por>on of result is saved as a signicant digit of the result.
frac>onal remainder again mul>plied by the radix when the frac>on remainder is zero, mul>plica>on ends

Conver8ng from a Decimal Frac8on

Some numbers are never-ending (repetend).


a zero is never a remainder
38

19

3/3/11

Algorithm for conversion from a decimal frac>on:


mul>ply the decimal frac>on by the radix (number base). save the whole number por>on of the result (even if zero) as a digit; rst result is wrilen immediately to the right of the radix point repeat steps 1 and 2, using the frac>onal part of step 2 un>l the frac>onal part of step 2 is zero

Same technique converts a decimal frac>on into any number base.

39

Binary-coded hexadecimal (BCH) is a hexadecimal number wrilen each digit is represented by a 4- bit binary number. BCH code allows a binary version of a hexadecimal number to be wrilen in a form easily converted between BCH and hexadecimal. Hexadecimal represented by conver>ng digits to BCH code with a space between each digit.

Binary-Coded Hexadecimal

40

20

3/3/11

At >mes, data are stored in complement form to represent nega>ve numbers. Two systems used to represent nega>ve data:
radix radix - 1 complement (earliest)

Complements

41

Successful programming requires a precise understanding of data formats. Commonly, data appear as ASCII, Unicode, BCD, signed and unsigned integers, and oa>ng-point numbers (real numbers). Other forms are available but are not commonly found.

14 COMPUTER DATA FORMATS

42

21

3/3/11

ASCII (American Standard Code for InformaFon Interchange) data represent alphanumeric characters in computer memory. Standard ASCII code is a 7-bit code.
eighth and most signicant bit used to hold parity

ASCII and Unicode Data

If used with a printer, most signicant bits are 0 for alphanumeric prin>ng; 1 for graphics. In PC, an extended ASCII character set is selected by placing 1 in the le\most bit.
43

Many Windows-based applica>ons use the Unicode system to store alphanumeric data.
stores each character as 16-bit data

Codes 0000H00FFH are the same as standard ASCII code. Remaining codes, 0100HFFFFH, store all special characters from many character sets. Allows so\ware for Windows to be used in many countries around the world. For complete informa>on on Unicode, visit: h+p://www.unicode.org
44

22

3/3/11

The range of a BCD digit extends from 00002 to 10012, or 09 decimal, stored in two forms: Stored in packed form:
packed BCD data stored as two digits per byte; used for BCD addi>on and subtrac>on in the instruc>on set of the microprocessor

BCD (Binary-Coded Decimal) Data

Stored in unpacked form:


unpacked BCD data stored as one digit per byte returned from a keypad or keyboard
45

Stored as unsigned and signed integers. Dierence in these forms is the weight of the le\most bit posi>on.
value 128 for the unsigned integer minus 128 for the signed integer

Byte-Sized Data

In signed integer format, the le\most bit represents the sign bit of the number.
also a weight of minus 128

46

23

3/3/11

Figure 114 The unsigned and signed bytes illustra>ng the weights of each binary-bit posi>on.

47

Unsigned integers range 00H to FFH (0255) Signed integers from -128 to 0 to + 127. Nega>ve signed numbers represented in this way are stored in the two s complement form. Evalua>ng a signed number by using weights of each bit posi>on is much easier than the act of two s complemen>ng a number to nd its value.
especially true in the world of calculators designed for programmers

48

24

3/3/11

A word (16-bits) is formed with two bytes of data. The least signicant byte always stored in the lowest-numbered memory loca>on. Most signicant byte is stored in the highest. This method of storing a number is called the liYle endian format.

Word-Sized Data

49

50

25

3/3/11

Alternate method is called the big endian format. Numbers are stored with the lowest loca>on containing the most signicant data. Not used with Intel microprocessors. The big endian format is used with the Motorola family of microprocessors.

51

Doubleword-sized data requires four bytes of memory because it is a 32-bit number.


appears as a product a\er a mul>plica>on also as a dividend before a division

Doubleword-Sized Data

Dene using the assembler direc>ve dene doubleword(s), or DD.


also use the DWORD direc>ve in place of DD

52

26

3/3/11

Since many high-level languages use Intel microprocessors, real numbers are o\en encountered. A real, or a oaFng-point number contains two parts:
a man>ssa, signicand, or frac>on an exponent.

Real Numbers

A 4-byte number is called single-precision. The 8-byte form is called double-precision.

53

54

27

3/3/11

The assembler can be used to dene real numbers in single- & double-precision forms:
use the DD direc>ve for single-precision 32-bit numbers use dene quadword(s), or DQ to dene 64-bit double-precision real numbers

Op>onal direc>ves are REAL4, REAL8, and REAL10.


for dening single-, double-, and extended precision real numbers

55

21 INTERNAL MICROPROCESSOR ARCHITECTURE


Before a program is wrilen or instruc>on inves>gated, internal congura>on of the microprocessor must be known. 8086 through Core2 considered program visible.
registers are used during programming and are specied by the instruc>ons

Other registers considered to be program invisible.


not addressable directly during applica>ons programming

56

28

3/3/11

57

RAX - a 64-bit register (RAX), a 32-bit register (accumulator) (EAX), a 16-bit register (AX), or as either of two 8-bit registers (AH and AL). The accumulator is used for instruc>ons such as mul>plica>on, division, and some of the adjustment instruc>ons. Intel plans to expand the address bus to 52 bits to address 4P (peta) bytes of memory.

MulFpurpose Registers

58

29

3/3/11

RBX, addressable as RBX, EBX, BX, BH, BL.


BX register (base index) some>mes holds oset address of a loca>on in the memory system in all versions of the microprocessor

RCX, as RCX, ECX, CX, CH, or CL.


a (count) general-purpose register that also holds the count for various instruc>ons

RDX, as RDX, EDX, DX, DH, or DL.


a (data) general-purpose register holds a part of the result from a mul>plica>on or part of dividend before a division
59

RBP, as RBP, EBP, or BP.


points to a memory (base pointer) loca>on for memory data transfers

RDI addressable as RDI, EDI, or DI.


o\en addresses (desFnaFon index) string des>na>on data for the string instruc>ons

RSI used as RSI, ESI, or SI.


the (source index) register addresses source string data for the string instruc>ons like RDI, RSI also func>ons as a general- purpose register
60

30

3/3/11

R8 - R15 found in the Pen>um 4 and Core2 if 64- bit extensions are enabled.
data are addressed as 64-, 32-, 16-, or 8-bit sizes and are of general purpose

Most applica>ons will not use these registers un>l 64-bit processors are common.
the 8-bit por>on is the rightmost 8-bit only bits 8 to 15 are not directly addressable as a byte

61

Include RIP, RSP, and RFLAGS

Special-Purpose Registers

segment registers include CS, DS, ES, SS, FS, and GS


RIP addresses the next instruc>on in a sec>on of memory.


dened as (instrucFon pointer) a code segment

RSP addresses an area of memory called the stack.


the (stack pointer) stores data through this pointer

62

31

3/3/11

RFLAGS indicate the condi>on of the microprocessor and control its opera>on. Figure 22 shows the ag registers of all versions of the microprocessor. Flags are upward-compa>ble from the 8086/8088 through Core2 . The rightmost ve and the overow ag are changed by most arithme>c and logic opera>ons.
although data transfers do not aect them

63

Figure 22 The EFLAG and FLAG register counts for the en>re 8086 and Pen>um microprocessor family.

Flags never change for any data transfer or program control opera>on. Some of the ags are also used to control features found in the microprocessor.
64

32

3/3/11

Flag bits, with a brief descrip>on of func>on. C (carry) holds the carry a\er addi>on or borrow a\er subtrac>on.
also indicates error condi>ons

P (parity) is the count of ones in a number expressed as even or odd. Logic 0 for odd parity; logic 1 for even parity.
if a number contains three binary one bits, it has odd parity if a number contains no one bits, it has even parity

65

List of Each Flag bit, with a brief descrip>on of func>on.


C (carry) holds the carry a\er addi>on or borrow a\er subtrac>on.
also indicates error condi>ons

P (parity) is the count of ones in a number expressed as even or odd. Logic 0 for odd parity; logic 1 for even parity.
if a number contains three binary one bits, it has odd parity; If a number contains no one bits, it has even parity
66

33

3/3/11

A (auxiliary carry) holds the carry (half-carry) a\er addi>on or the borrow a\er subtrac>on between bit posi>ons 3 and 4 of the result. Z (zero) shows that the result of an arithme>c or logic opera>on is zero. S (sign) ag holds the arithme>c sign of the result a\er an arithme>c or logic instruc>on executes. T (trap) The trap ag enables trapping through an on-chip debugging feature.

67

I (interrupt) controls opera>on of the INTR (interrupt request) input pin. D (direcFon) selects increment or decrement mode for the DI and/or SI registers. O (overow) occurs when signed numbers are added or subtracted.
an overow indicates the result has exceeded the capacity of the machine

68

34

3/3/11

IOPL used in protected mode opera>on to select the privilege level for I/O devices. NT (nested task) ag indicates the current task is nested within another task in protected mode opera>on. RF (resume) used with debugging to control resump>on of execu>on a\er the next instruc>on. VM (virtual mode) ag bit selects virtual mode opera>on in a protected mode system.
69

AC, (alignment check) ag bit ac>vates if a word or doubleword is addressed on a non-word or non-doubleword boundary. VIF is a copy of the interrupt ag bit available to the Pen>um 4(virtual interrupt) VIP (virtual) provides informa>on about a virtual mode interrupt for (interrupt pending) Pen>um.
used in mul>tasking environments to provide virtual interrupt ags

70

35

3/3/11

ID (idenFcaFon) ag indicates that the Pen>um microprocessors support the CPUID instruc>on.
CPUID instruc>on provides the system with informa>on about the Pen>um microprocessor

71

Generate memory addresses when combined with other registers in the microprocessor. Four or six segment registers in various versions of the microprocessor. A segment register func>ons dierently in real mode than in protected mode. Following is a list of each segment register, along with its func>on in the system.

Segment Registers

72

36

3/3/11

CS (code) segment holds code (programs and procedures) used by the microprocessor. DS (data) contains most data used by a program.
Data are accessed by an oset address or contents of other registers that hold the oset address

ES (extra) an addi>onal data segment used by some instruc>ons to hold des>na>on data.

73

22 REAL MODE MEMORY ADDRESSING


80286 and above operate in either the real or protected mode. Real mode operaFon allows addressing of only the rst 1M byte of memory spaceeven in Pen>um 4 or Core2 microprocessor.
the rst 1M byte of memory is called the real memory, convenFonal memory, or DOS memory system

37

3/3/11

All real mode memory addresses must consist of a segment address plus an oset address.
segment address denes the beginning address of any 64K-byte memory segment oset address selects any loca>on within the 64K byte memory segment

Segments and Osets

Figure 23 shows how the segment plus oset addressing scheme selects a memory loca>on.

Figure 23 The real mode memory-addressing scheme, using a segment address plus an oset.

this shows a memory segment beginning at 10000H, ending at loca>on 1FFFFH


64K bytes in length

also shows how an oset address, called a displacement, of F000H selects loca>on 1F000H in the memory

38

3/3/11

Once the beginning address is known, the ending address is found by adding FFFFH.
because a real mode segment of memory is64K in length

The oset address is always added to the segment star>ng address to locate the data. Segment and oset address is some>mes wrilen as 1000:2000.
a segment address of 1000H; an oset of 2000H

Default Segment and Oset Registers


The microprocessor has rules that apply to segments whenever memory is addressed.
these dene the segment and oset register combina>on

The code segment register denes the start of the code segment. The instrucFon pointer locates the next instruc>on within the code segment.

39

3/3/11

Another of the default combina>ons is the stack.


stack data are referenced through the stack segment at the memory loca>on addressed by either the stack pointer (SP/ESP) or the pointer (BP/EBP)

Figure 24 shows a system that contains four memory segments.


a memory segment can touch or overlap if 64K bytes of memory are not required for a segment

Figure 24 A memory system showing the placement of four memory segments.

think of segments as windows that can be moved over any area of memory to access data or code a program can have more than four or six segments,
but only access four or six segments at a >me

40

3/3/11

Figure 25 An applica>on program containing a code, data, and stack segment loaded into a DOS system memory.

a program placed in memory by DOS is loaded in the TPA at the rst available area of memory above drivers and other TPA programs area is indicated by a free- pointer maintained by DOS program loading is handled automa>cally by the program loader within DOS

Segment and Oset Addressing Scheme Allows RelocaFon


Segment plus oset addressing allows DOS programs to be relocated in memory. A relocatable program is one that can be placed into any area of memory and executed without change. Relocatable data are data that can be placed in any area of memory and used without any change to the program.

41

3/3/11

Because memory is addressed within a segment by an oset address, the memory segment can be moved to any place in the memory system without changing any of the oset addresses. Only the contents of the segment register must be changed to address the program in the new area of memory. Windows programs are wrilen assuming that the rst 2G of memory are available for code and data.

24 MEMORY PAGING
The memory paging mechanism allows any physical memory loca>on to be assigned to any linear address. Iinear address is dened as the address generated by a program. Physical address is the actual memory loca>on accessed by a program. With memory paging, the linear address is invisibly translated to any physical address.

42

3/3/11

The paging unit is controlled by the contents of the microprocessor s control registers. Beginning with Pen>um, an addi>onal control register labeled CR4 controls extensions to the basic architecture. See Figure 211 for the contents of control registers CR0 through CR4.

Paging Registers

Figure 211 The control register structure of the microprocessor.

43

3/3/11

The linear address, as generated by so\ware, is broken into three sec>ons that are used to access the page directory entry, page table entry, and memory page oset address. Figure 212 shows the linear address and its makeup for paging. When the program accesses a loca>on between 00000000H and 00000FFFH, the microprocessor physically addresses loca>on 00100000H 00100FFFH.

Figure 212 The format for the linear address (a) and a page directory or page table entry (b). #

44

3/3/11

Intel has incorporated a special type of cache called TLB (translaFon look-aside buer).
because repaging a 4K-byte sec>on of memory requires access to the page directory and a page table, both located in memory

The 80486 cache holds the 32 most recent page transla>on addresses.
if the same area of memory is accessed, the address is already present in the TLB This speeds program execu>on

Pen>um contains separate TLBs for each of their instruc>on and data caches.

Only one page directory in the system. The page directory contains 1024 doubleword addresses that locate up to 1024 page tables. Page directory and each page table are 4K bytes in length. Figure 213 shows the page directory, a few page tables, and some memory pages.

The Page Directory and Page Table

45

3/3/11

Figure 213 The paging mechanism in the 80386 through Core2 microprocessors. #

A at mode memory system is one in which there is no segmenta>on.


does not use a segment register to address a loca>on in the memory

25 Flat Mode Memory

First byte address is at 00 0000 0000H; the last loca>on is at FF FFFF FFFFH.
address is 40-bits

The segment register s>ll selects the privilege level of the so\ware.

46

3/3/11

Figure 215 The 64-bit at mode memory model.

31 DATA ADDRESSING MODES


MOV instruc>on is a common and exible instruc>on.
provides a basis for explana>on of data-addressing modes

Figure 31 illustrates the MOV instruc>on and denes the direc>on of data ow. Source is to the right and desFnaFon the le\, next to the opcode MOV.
an opcode, or opera>on code, tells the microprocessor which opera>on to perform

47

3/3/11

Figure 31 The MOV instruc>on showing the source, des>na>on, and direc>on of data ow.

Figure 32 shows all possible varia>ons of the data-addressing modes using MOV. These data-addressing modes are found with all versions of the Intel microprocessor.
except for the scaled-index-addressing mode, found only in 80386 through Core2

RIP rela>ve addressing mode is not illustrated.


only available on the Pen>um 4 and Core2 in the 64-bit mode

48

3/3/11

Figure 32 8086Core2 data-addressing modes.

The most common form of data addressing.


once register names learned, easiest to apply.

Register Addressing

The microprocessor contains these 8-bit register names used with register addressing: AH, AL, BH, BL, CH, CL, DH, and DL. 16-bit register names: AX, BX, CX, DX, SP, BP, SI, and DI.

49

3/3/11

In 80386 & above, extended 32-bit register names are: EAX, EBX, ECX, EDX, ESP, EBP, EDI, and ESI. 64-bit mode register names are: RAX, RBX, RCX, RDX, RSP, RBP, RDI, RSI, and R8 through R15. Important for instruc>ons to use registers that are the same size.
never mix an 8-bit \with a 16-bit register, an 8- or a 16-bit register with a 32-bit register this is not allowed by the microprocessor and results in an error when assembled

Figure 33 The eect of execu>ng the MOV BX, CX instruc>on at the point just before the BX register changes. Note that only the rightmost 16 bits of register EBX change.

50

3/3/11

Figure 33 shows the opera>on of the MOV BX, CX instruc>on. The source register s contents do not change.
the des>na>on register s contents do change

The contents of the des>na>on register or des>na>on memory loca>on change for all instruc>ons except the CMP and TEST instruc>ons. The MOV BX, CX instruc>on does not aect the le\most 16 bits of register EBX.

Term immediate implies that data immediately follow the hexadecimal opcode in the memory.
immediate data are constant data data transferred from a register or memory loca>on are variable data

Immediate Addressing

Immediate addressing operates upon a byte or word of data. Figure 34 shows the opera>on of a MOV EAX, 13456H instruc>on.

51

3/3/11

Figure 34 The opera>on of the MOV EAX,3456H instruc>on. This instruc>on copies the immediate data (13456H) into EAX.

As with the MOV instruc>on illustrated in Figure 33, the source data overwrites the des>na>on data.

In symbolic assembly language, the symbol # precedes immediate data in some assemblers.
MOV AX,#3456H instruc>on is an example

Most assemblers do not use the # symbol, but represent immediate data as in the MOV AX, 3456H instruc>on.
an older assembler used with some Hewlel-Packard logic development does, as may others in this text, the # is not used for immediate data

52

3/3/11

The symbolic assembler portrays immediate data in many ways. The leler H appends hexadecimal data. If hexadecimal data begin with a leler, the assembler requires the data start with a 0.
to represent a hexadecimal F2, 0F2H is used in assembly language

Decimal data are represented as is and require no special codes or adjustments.


an example is the 100 decimal in the MOV AL,100 instruc>on

An ASCII-coded character or characters may be depicted in the immediate form if the ASCII data are enclosed in apostrophes.
be careful to use the apostrophe ( ) for ASCII data Binary data are represented if the binary number is followed by the leler B. in some assemblers, the leler Y

53

3/3/11

Each statement in an assembly language program consists of four parts or elds. The le\most eld is called the label.
used to store a symbolic name for the memory loca>on it represents

All labels must begin with a leler or one of the following special characters: @, $, -, or ?.
a label may any length from 1 to 35 characters

The label appears in a program to iden>fy the name of a memory loca>on for storing data and for other purposes.

The next eld to the right is the opcode eld.


designed to hold the instruc>on, or opcode the MOV part of the move data instruc>on is an example of an opcode

Right of the opcode eld is the operand eld.


contains informa>on used by the opcode the MOV AL,BL instruc>on has the opcode MOV and operands AL and BL

The comment eld, the nal eld, contains a comment about the instruc>on(s).
comments always begin with a semicolon (;)

54

3/3/11

Applied to many instruc>ons in a typical program. Two basic forms of direct data addressing:
direct addressing, which applies to a MOV between a memory loca>on and AL, AX, or EAX displacement addressing, which applies to almost any instruc>on in the instruc>on set

Direct Data Addressing

Address is formed by adding the displacement to the default data segment address or an alternate segment address.

Direct addressing with a MOV instruc>on transfers data between a memory loca>on, located within the data segment, and the AL (8-bit), AX (16-bit), or EAX (32-bit) register.
usually a 3-byte long instruc>on

Direct Addressing

MOV AL,DATA loads AL from the data segment memory loca>on DATA (1234H).
DATA is a symbolic memory loca>on, while 1234H is the actual hexadecimal loca>on

55

3/3/11

Figure 35 The opera>on of the MOV AL,[1234H] instruc>on when DS=1000H .

This instruc>on transfers a copy contents of memory loca>on 11234H into AL.
the eec>ve address is formed by adding 1234H (the oset address) and 10000H (the data segment address of 1000H >mes 10H) in a system opera>ng in the real mode

Almost iden>cal to direct addressing, except the instruc>on is 4 bytes wide instead of 3. In 80386 through Pen>um 4, this instruc>on can be up to 7 bytes wide if a 32-bit register and a 32- bit displacement are specied. This type of direct data addressing is much more exible because most instruc>ons use it.

Displacement Addressing

56

3/3/11

Allows data to be addressed at any memory loca>on through an oset address held in any of the following registers: BP, BX, DI, and SI. In addi>on, 80386 and above allow register indirect addressing with any extended register except ESP. In the 64-bit mode, the segment registers serve no purpose in addressing a loca>on in the at model.

Register Indirect Addressing

Figure 36 The opera>on of the MOV AX,[BX] instruc>on when BX = 1000H and DS = 0100H. Note that this instruc>on is shown a\er the contents of memory are transferred to AX. #

57

3/3/11

The data segment is used by default with register indirect addressing or any other mode that uses BX, DI, or SI to address memory. If the BP register addresses memory, the stack segment is used by default.
these sengs are considered the default for these four index and base registers

For the 80386 and above, EBP addresses memory in the stack segment by default. EAX, EBX, ECX, EDX, EDI, and ESI address memory in the data segment by fault.

When using a 32-bit register to address memory in the real mode, contents of the register must never exceed 0000FFFFH. In the 64-bit mode, segment registers are not used in address calcula>on; the register contains the actual linear memory address.

58

3/3/11

In some cases, indirect addressing requires specifying the size of the data by the special assembler direcFve BYTE PTR, WORD PTR, DWORD PTR, or QWORD PTR.
these direc>ves indicate the size of the memory data addressed by the memory pointer (PTR)

The direc>ves are with instruc>ons that address a memory loca>on through a pointer or index register with immediate data. With SIMD instruc>ons, the octal OWORD PTR, represents a 128-bit-wide number.

Indirect addressing o\en allows a program to refer to tabular data located in memory. Figure 37 shows the table and the BX register used to sequen>ally address each loca>on in the table. To accomplish this task, load the star>ng loca>on of the table into the BX register with a MOV immediate instruc>on. A\er ini>alizing the star>ng address of the table, use register indirect addressing to store the 50 samples sequen>ally.

59

3/3/11

Figure 37 An array (TABLE) containing 50 bytes that are indirectly addressed through register BX.

Similar to indirect addressing because it indirectly addresses memory data. The base register o\en holds the beginning loca>on of a memory array.
the index register holds the rela>ve posi>on of an element in the array whenever BP addresses memory data, both the stack segment register and BP generate the eec>ve address

Base-Plus-Index Addressing

60

3/3/11

Loca8ng Data with Base-Plus-Index Addressing


Figure 38 shows how data are addressed by the MOV DX,[BX + DI] instruc>on when the microprocessor operates in the real mode. The Intel assembler requires this addressing mode appear as [BX][DI] instead of [BX + DI]. The MOV DX,[BX + DI] instruc>on is MOV DX,[BX] [DI] for a program wrilen for the Intel ASM assembler.

Figure 38 An example showing how the base-plus-index addressing mode func>ons for the MOV DX,[BX + DI] instruc>on. No>ce that memory address 02010H is accessed because DS=0100H, BX=100H and DI=0010H. #

61

3/3/11

Loca8ng Array Data Using Base-Plus-Index Addressing


A major use is to address elements in a memory array. To accomplish this, load the BX register (base) with the beginning address of the array and the DI register (index) with the element number to be accessed.

An example of the base-plus-index addressing mode. Here an element (DI) of an ARRAY (BX) is addressed.

62

3/3/11

Similar to base-plus-index addressing and displacement addressing.

Register RelaFve Addressing

data in a segment of memory are addressed by adding the displacement to the contents of a base or an index register (BP, BX, DI, or SI)

Figure 310 shows the opera>on of the MOV AX, [BX+1000H] instruc>on. A real mode segment is 64K bytes long.

Figure 310 The opera>on of the MOV AX, [BX+1000H] instructon, when BX=1000H and DS=0200H . #

63

3/3/11

Addressing Array Data with Register Rela8ve


It is possible to address array data with register rela>ve addressing.
such as with base-plus-index addressing

In Figure 311, register rela>ve addressing is illustrated with the same example as for base- plus-index addressing.
this shows how the displacement ARRAY adds to index register DI to generate a reference to an array element

Figure 311 Register rela>ve addressing used to address an element of ARRAY. The displacement addresses the start of ARRAY, and DI accesses an element.

64

3/3/11

Base RelaFve-Plus-Index Addressing


Similar to base-plus-index addressing.
adds a displacement uses a base register and an index register to form the memory address

This type of addressing mode o\en addresses a two-dimensional array of memory data.

Addressing Data with Base Rela8ve-Plus- Index


Least-used addressing mode. Figure 312 shows how data are referenced if the instruc>on executed by the microprocessor is MOV AX,[BX + SI + 100H].
displacement of 100H adds to BX and SI to form the oset address within the data segment

This addressing mode is too complex for frequent use in programming.

65

3/3/11

Figure 312 An example of base rela>ve-plus-index addressing using a MOV AX,[BX+SI +1000H] instruc>on. Note: DS=1000H #

Addressing Arrays with Base Rela8ve-Plus- Index


Suppose a le of many records exists in memory, each record with many elements.
displacement addresses the le, base register addresses a record, the index register addresses an element of a record

Figure 313 illustrates this very complex form of addressing.

66

3/3/11

Figure 313 Base rela>ve-plus-index addressing used to access a FILE that contains mul>ple records (REC).

Used to specify how informa>on is stored in a memory array.


a template for data

Data Structures

The start of a structure is iden>ed with the STRUC assembly language direc>ve and the end with the ENDS statement.

67

3/3/11

32 PROGRAM MEMORY-ADDRESSING MODES


Used with the JMP (jump) and CALL instruc>ons. Consist of three dis>nct forms:
direct, rela>ve, and indirect

Used for all jumps and calls by early microprocessor; also used in high-level languages, such as BASIC.
GOTO and GOSUB instruc>ons

Direct Program Memory Addressing

The microprocessor uses this form, but not as o\en as rela>ve and indirect program memory addressing. The instruc>ons for direct program memory addressing store the address with the opcode.

68

3/3/11

Figure 314 The 5-byte machine language version of a JMP [10000H] instruc>on.

This JMP instruc>on loads CS with 1000H and IP with 0000H to jump to memory loca>on 10000H for the next instruc>on.
an intersegment jump is a jump to any memory loca>on within the en>re memory system

O\en called a far jump because it can jump to any memory loca>on for the next instruc>on.
in real mode, any loca>on within the rst 1M byte In protected mode opera>on, the far jump can jump to any loca>on in the 4G-byte address range in the 80386 - Core2 microprocessors

69

3/3/11

The only other instruc>on using direct program addressing is the intersegment or far CALL instruc>on. Usually, the name of a memory address, called a label, refers to the loca>on that is called or jumped to instead of the actual numeric address. When using a label with the CALL or JMP instruc>on, most assemblers select the best form of program addressing.

RelaFve Program Memory Addressing


Not available in all early microprocessors, but it is available to this family of microprocessors. The term relaGve means rela>ve to the instruc>on pointer (IP) . The JMP instruc>on is a 1-byte instruc>on, with a 1-byte or a 2-byte displacement that adds to the instruc>on pointer. An example is shown in Figure 315.

70

3/3/11

Figure 315 A JMP [2] instruc>on. This instruc>on skips over the 2 bytes of memory that follow the JMP instruc>on.

Indirect Program Memory Addressing


The microprocessor allows several forms of program indirect memory addressing for the JMP and CALL instruc>ons. In 80386 and above, an extended register can be used to hold the address or indirect address of a rela>ve JMP or CALL.
for example, the JMP EAX jumps to the loca>on address by register EAX

71

3/3/11

If a rela>ve register holds the address, the jump is considered to be an indirect jump. For example, JMP [BX] refers to the memory loca>on within the data segment at the oset address contained in BX.
at this oset address is a 16-bit number used as the oset address in the intrasegment jump this type of jump is some>mes called an indirect- indirect or double-indirect jump

Figure 316 shows a jump table that is stored, beginning at memory loca>on TABLE.

Figure 316 A jump table that stores addresses of various programs. The exact address chosen from the TABLE is determined by an index stored with the jump instruc>on.

72

3/3/11

33 STACK MEMORY-ADDRESSING MODES


The stack plays an important role in all microprocessors.
holds data temporarily and stores return addresses used by procedures

Stack memory is LIFO (last-in, rst-out) memory


describes the way data are stored and removed from the stack

Data are placed on the stack with a PUSH instrucFon; removed with a POP instrucFon. Stack memory is maintained by two registers:
the stack pointer (SP or ESP) the stack segment register (SS)

Whenever a word of data is pushed onto the stack, the high-order 8 bits are placed in the loca>on addressed by SP 1.
low-order 8 bits are placed in the loca>on addressed by SP 2

73

3/3/11

The SP is decremented by 2 so the next word is stored in the next available stack loca>on.
the SP/ESP register always points to an area of memory located within the stack segment.

In protected mode opera>on, the SS register holds a selector that accesses a descriptor for the base address of the stack segment. When data are popped from the stack, the low- order 8 bits are removed from the loca>on addressed by SP.
high-order 8 bits are removed; the SP register is incremented by 2

Figure 317 The PUSH and POP instruc>ons: (a) PUSH BX places the contents of BX onto the stack; (b) POP CX removes data from the stack and places them into CX. Both instruc>ons are shown a\er execu>on.

74

3/3/11

Note that PUSH and POP store or retrieve words of datanever bytesin 8086 - 80286. 80386 and above allow words or double words to be transferred to and from the stack. Data may be pushed onto the stack from any 16- bit register or segment register.
in 80386 and above, from any 32-bit extended register

Data may be popped o the stack into any register or any segment register except CS.

PUSHA and POPA instruc>ons push or pop all except segment registers, on the stack. Not available on early 8086/8088 processors. 80386 and above allow extended registers to be pushed or popped.
64-bit mode for Pen>um and Core2 does not contain a PUSHA or POPA instruc>on

75

3/3/11

This chapter concentrates on the data movement instruc>ons. The data movement instruc>ons include MOV, MOVSX, MOVZX, PUSH, POP, BSWAP, XCHG, XLAT, IN, OUT, LEA, LDS, LES, LFS, LGS, LSS, LAHF, SAHF. String instruc>ons: MOVS, LODS, STOS, INS, and OUTS.

IntroducFon

Upon compleFon of this chapter, you will be able to:

Chapter ObjecFves

Explain the opera>on of each data movement instruc>on with applicable addressing modes. Explain the purposes of the assembly language pseudo-opera>ons and key words such as ALIGN, ASSUME, DB, DD, DW, END, ENDS, ENDP, EQU, .MODEL, OFFSET, ORG, PROC, PTR, SEGMENT, USEI6, USE32, and USES.

76

3/3/11

Upon compleFon of this chapter, you will be able to:

Chapter ObjecFves

(cont.)

Select the appropriate assembly language instruc>on to accomplish a specic data movement task. Determine the symbolic opcode, source, des>na>on, and addressing mode for a hexadecimal machine language instruc>on. Use the assembler to set up a data segment, stack segment, and code segment.

Upon compleFon of this chapter, you will be able to:

Chapter ObjecFves

(cont.)

Show how to set up a procedure using PROC and ENDP. Explain the dierence between memory models and full-segment deni>ons for the MASM assembler. Use the Visual online assembler to perform data movement tasks.

77

3/3/11

In this chapter, the MOV instruc>on introduces machine language instruc>ons available with various addressing modes and instruc>ons. It may be necessary to interpret machine language programs generated by an assembler. Occasionally, machine language patches are made by using the DEBUG program available with DOS and Visual for Windows.

41 MOV Revisited

Na>ve binary code microprocessor uses as its instruc>ons to control its opera>on.
instruc>ons vary in length from 1 to 13 bytes

Machine Language

Over 100,000 varia>ons of machine language instruc>ons.


there is no complete list of these varia>ons

Some bits in a machine language instruc>on are given; remaining bits are determined for each varia>on of the instruc>on.

78

3/3/11

Figure 41 The formats of the 8086Core2 instruc>ons. (a) The 16-bit form and (b) the 32-bit form.

80386 and above assume all instruc>ons are 16-bit mode instruc>ons when the machine is operated in the real mode (DOS). in protected mode (Windows), the upper byte of the descriptor contains the D-bit that selects either the 16- or 32-bit instruc>on mode

Selects the opera>on (addi>on, subtrac>on, etc.,) performed by the microprocessor.


either 1 or 2 bytes long for most instruc>ons

The Opcode

Figure 42 illustrates the general form of the rst opcode byte of many instruc>ons.
rst 6 bits of the rst byte are the binary opcode remaining 2 bits indicate the direcFon (D) of the data ow, and indicate whether the data are a byte or a word (W)

79

3/3/11

Figure 42 Byte 1 of many machine language instruc>ons, showing the posi>on of the D- and W-bits. #

Figure 43 Byte 2 of many machine language instruc>ons, showing the posi>on of the MOD, REG, and R/M elds.

80

3/3/11

Species addressing mode (MOD) and whether a displacement is present with the selected type.
If MOD eld contains an 11, it selects the register- addressing mode Register addressing species a register instead of a memory loca>on, using the R/M eld

MOD Field

If the MOD eld contains a 00, 01, or 10, the R/M eld selects one of the data memory-addressing modes.

All 8-bit displacements are sign-extended into 16- bit displacements when the processor executes the instruc>on.
if the 8-bit displacement is 00H7FH (posi>ve), it is sign-extended to 0000H007FH before adding to the oset address if the 8-bit displacement is 80HFFH (nega>ve), it is sign-extended to FF80HFFFFH

Some assembler programs do not use the 8-bit displacements and in place default to all 16-bit displacements.

81

3/3/11

Suppose a 2-byte instruc>on, 8BECH, appears in a machine language program.


neither a 67H (operand address-size override prex) nor a 66H (register-size override prex) appears as the rst byte, thus the rst byte is the opcode

Register Assignments

In 16-bit mode, this instruc>on is converted to binary and placed in the instruc>on format of bytes 1 and 2, as illustrated in Figure 44.

Figure 44 The 8BEC instruc>on placed into bytes 1 and 2 formats from Figures 42 and 43. This instruc>on is a MOV BP,SP.

the opcode is 100010, a MOV instruc>on D and W bits are a logic 1, so a word moves into the des>na>on register specied in the REG eld REG eld contains 101, indica>ng register BP, so the MOV instruc>on moves data into register BP

82

3/3/11

If the MOD eld contains a 00, 01, or 10, the R/M eld takes on a new meaning. Figure 45 illustrates the machine language version of the 16-bit instruc>on MOV DL,[DI] or instruc>on (8AI5H). This instruc>on is 2 bytes long and has an opcode 100010, D=1 (to REG from R/M), W=0 (byte), MOD=00 (no displacement), REG=010 (DL), and R/ M=101 ([DI]).

R/M Memory Addressing

Figure 45 A MOV DL,[DI] instruc>on converted to its machine language form.

If the instruc>on changes to MOV DL, [DI+1], the MOD eld changes to 01 for 8-bit displacement rst 2 bytes of the instruc>on remain the same instruc>on now becomes 8A5501H instead of 8A15H

83

3/3/11

Because the MOD eld contains a 11, the R/M eld also indicates a register. R/M = 100(SP); therefore, this instruc>on moves data from SP into BP.
wrilen in symbolic form as a MOV BP,SP instruc>on

The assembler program keeps track of the register- and address-size prexes and the mode of opera>on.

A special addressing mode occurs when memory data are referenced by only the displacement mode of addressing for 16-bit instruc>ons. Examples are the MOV [1000H],DL and MOV NUMB,DL instruc>ons.
rst instruc>on moves contents of register DL into data segment memory loca>on 1000H second moves register DL into symbolic data segment memory loca>on NUMB

Special Addressing Mode

84

3/3/11

When an instruc>on has only a displacement, MOD eld is always 00; R/M eld always 110.
You cannot actually use addressing mode [BP] without a displacement in machine language

If the individual transla>ng this symbolic instruc>on into machine language does not know about the special addressing mode, the instruc>on would incorrectly translate to a MOV [BP],DL instruc>on.

Figure 46 The MOV [1000H],DI instruc>on uses the special addressing mode. #

bit palern required to encode the MOV [1000H],DL instruc>on in machine language

85

3/3/11

Figure 47 The MOV [BP],DL instruc>on converted to binary machine language.

actual form of the MOV [BP],DL instruc>on a 3-byte instruc>on with a displacement of 00H

Found in 80386 and above.

32-Bit Addressing Modes

by running in 32-bit instruc>on mode or In 16-bit mode by using address-size prex 67H

A scaled-index byte indicates addi>onal forms of scaled-index addressing.


mainly used when two registers are added to specify the memory address in an instruc>on

A scaled-index instruc>on has 215 (32K) possible combina>ons.

86

3/3/11

Over 32,000 varia>ons of the MOV instruc>on alone in the 80386 - Core2 microprocessors.
Figure 48 shows the format of the scaled-index byte as selected by a value of 100 in the R/M eld of an instruc>on when the 80386 and above use a 32-bit address. The le\most 2 bits select a scaling factor (mul>plier) of 1x, 2x, 4x, 8x. Scaled-index addressing can also use a single register mul>plied by a scaling factor.

Figure 48 The scaled-index byte.

the index and base elds both contain register numbers

87

3/3/11

An example of a 16-bit instruc>on using immediate addressing.

An Immediate Instruc8on

MOV WORD PTR [BX+1000H] ,1234H moves a 1234H into a word-sized memory loca>on addressed by sum of 1000H, BX, and DS x 10H

6-byte instruc>on
2 bytes for the opcode; 2 bytes are the data of 1234H; 2 bytes are the displacement of 1000H

Figure 49 shows the binary bit palern for each byte of this instruc>on.

Figure 49 A MOV WORD PTR, [BX=1000H] 1234H instruc>on converted to binary machine language.

88

3/3/11

This instruc>on, in symbolic form, includes WORD PTR.


direc>ve indicates to the assembler that the instruc>on uses a word-sized memory pointer

If the instruc>on moves a byte of immediate data, BYTE PTR replaces WORD PTR.
if a doubleword of immediate data, the DWORD PTR direc>ve replaces BYTE PTR

Instruc>ons referring to memory through a pointer do not need the BYTE PTR, WORD PTR, or DWORD PTR direc>ves.

If contents of a segment register are moved by MOV, PUSH, or POP instruc>ons, a special bits (REG eld) select the segment register.
the opcode for this type of MOV instruc>on is dierent for the prior MOV instruc>ons an immediate segment register MOV is not available in the instruc>on set

Segment MOV Instruc8ons

To load a segment register with immediate data, rst load another register with the data and move it to a segment register.

89

3/3/11

Figure 410 A MOV BX,CS instruc>on converted to binary machine language.

Figure 410 shows a MOV BX,CS instruc>on converted to binary. Segment registers can be moved between any 16- bit register or 16-bit memory loca>on.

A program wrilen in symbolic assembly language (assembly language) is rarely assembled by hand into binary machine language. An assembler program converts symbolic assembly language into machine language.

90

3/3/11

The 64-Bit Mode for the PenFum 4 and Core2


In 64-bit mode, a prex called REX (register extension) is added.
encoded as a 40H4FH, follows other prexes; placed immediately before the opcode

Purpose is to modify reg and r/m elds in the second byte of the instruc>on.
REX is needed to be able to address registers R8 through R15

Figure 411 illustrates the structure and applica>on of REX to the second byte of the opcode.
The reg eld can only contain register assignments as in other modes of opera>on The r/m eld contains either a register or memory assignment. Figure 412 shows the scaled-index byte with the REX prex for more complex addressing modes and also for using a scaling factor in the 64-bit mode of opera>on.

91

3/3/11

Figure 411 The applica>on of REX without scaled index. #

Figure 412 The scaled-index byte and REX prex for 64-bit opera>ons.

92

3/3/11

Important instruc>ons that store and retrieve data from the LIFO (last-in, rst-out) stack memory. Six forms of the PUSH and POP instruc>ons:
register, memory, immediate segment register, ags, all registers

42 PUSH/POP

The PUSH and POP immediate & PUSHA and POPA (all registers) available 80286 - Core2.

Register addressing allows contents of any 16-bit register to transfer to & from the stack. Memory-addressing PUSH and POP instruc>ons store contents of a 16- or 32 bit memory loca>on on the stack or stack data into a memory loca>on. Immediate addressing allows immediate data to be pushed onto the stack, but not popped o the stack.

93

3/3/11

Segment register addressing allows contents of any segment register to be pushed onto the stack or removed from the stack.
ES may be pushed, but data from the stack may never be popped into ES

The ags may be pushed or popped from that stack.


contents of all registers may be pushed or popped

Always transfers 2 bytes of data to the stack;


80386 and above transfer 2 or 4 bytes

PUSH

PUSHA instruc>on copies contents of the internal register set, except the segment registers, to the stack. PUSHA (push all) instruc>on copies the registers to the stack in the following order: AX, CX, DX, BX, SP, BP, SI, and DI.

94

3/3/11

PUSHF (push ags) instruc>on copies the contents of the ag register to the stack. PUSHAD and POPAD instruc>ons push and pop the contents of the 32-bit register set in 80386 - Pen>um 4.
PUSHA and POPA instruc>ons do not func>on in the 64-bit mode of opera>on for the Pen>um 4

Figure 413 The eect of the PUSH AX instruc>on on ESP and stack memory loca>ons 37FFH and 37FEH. This instruc>on is shown at the point a\er execu>on. #

95

3/3/11

PUSHA instruc>on pushes all the internal 16-bit registers onto the stack, illustrated in 414.
requires 16 bytes of stack memory space to store all eight 16-bit registers

A\er all registers are pushed, the contents of the SP register are decremented by 16. PUSHA is very useful when the en>re register set of 80286 and above must be saved. PUSHAD instruc>on places 32-bit register set on the stack in 80386 - Core2.
PUSHAD requires 32 bytes of stack storage

Figure 414 The opera>on of the PUSHA instruc>on, showing the loca>on and order of stack data.

96

3/3/11

Performs the inverse opera>on of PUSH. POP removes data from the stack and places it in a target 16-bit register, segment register, or a 16-bit memory loca>on.
not available as an immediate POP

POP

POPF (pop ags) removes a 16-bit number from the stack and places it in the ag register;
POPFD removes a 32-bit number from the stack and places it into the extended ag register

POPA (pop all) removes 16 bytes of data from the stack and places them into the following registers, in the order shown: DI, SI, BP, SP, BX, DX, CX, and AX.
reverse order from placement on the stack by PUSHA instruc>on, causing the same data to return to the same registers

Figure 415 shows how the POP BX instruc>on removes data from the stack and places them into register BX.

97

3/3/11

Figure 415 The POP BX instruc>on, showing how data are removed from the stack. This instruc>on is shown a\er execu>on. #

When the stack area is ini>alized, load both the stack segment (SS) register and the stack pointer (SP) register. Figure 416 shows how this value causes data to be pushed onto the top of the stack segment with a PUSH CX instruc>on. All segments are cyclic in nature
the top loca>on of a segment is con>guous with the bolom loca>on of the segment

IniFalizing the Stack

98

3/3/11

Figure 416 The PUSH CX instruc>on, showing the cyclical nature of the stack segment. This instruc>on is shown just before execu>on, to illustrate that the stack bolom is con>guous to the top.

Assembly language stack segment setup:


rst statement iden>es start of the segment last statement iden>es end of the stack segment

Assembler and linker programs place correct stack segment address in SS and the length of the segment (top of the stack) into SP. There is no need to load these registers in your program.
unless you wish to change the ini>al values for some reason

99

3/3/11

If the stack is not specied, a warning will appear when the program is linked. Memory sec>on is located in the program segment prex (PSP), appended to the beginning of each program le. If you use more memory for the stack, you will erase informa>on in the PSP.
informa>on cri>cal to the opera>on of your program and the computer

Error o\en causes the program to crash.

Loads a 16- or 32-bit register with the oset address of the data specied by the operand. Earlier examples presented by using the OFFSET direc>ve.
OFFSET performs same func>on as LEA instruc>on if the operand is a displacement

LEA

LEA and MOV with OFFSET instruc>ons are both the same length (3 bytes).

100

3/3/11

Why is LEA instruc>on available if OFFSET accomplishes the same task?


OFFSET func>ons with, and is more ecient than LEA instruc>on, for simple operands such as LIST Microprocessor takes longer to execute the LEA BX,LIST instruc>on the MOV BX,OFFSET LIST

The MOV BX,OFFSET LIST instruc>on is actually assembled as a move immediate instruc>on and is more ecient.

LEA instruc>on loads any 16-bit register with the oset address
determined by the addressing mode selected

43 LOAD EFFECTIVE ADDRESS

LDS and LES load a 16-bit register with oset address retrieved from a memory loca>on
then load either DS or ES with a segment address retrieved from memory

In 80386 and above, LFS, LGS, and LSS are added to the instruc>on set.

101

3/3/11

Load any 16- or 32-bit register with an oset address, and the DS, ES, FS, GS, or SS segment register with a segment address.
instruc>ons use any memory-addressing modes to access a 32-bit or 48-bit memory sec>on that contain both segment and oset address

LDS, LES, LFS, LGS, and LSS

Figure 417 illustrates an example LDS BX,[DI] instruc>on.

Figure 417 The LDS BX,[DI] instruc>on loads register BX from addresses 11000H and 11001H and register DS from loca>ons 11002H and 11003H. This instruc>on is shown at the point just before DS changes to 3000H and BX changes to 127AH.

102

3/3/11

This instruc>on transfers the 32-bit number, addressed by DI in the data segment, into the BX and DS registers. LDS, LES, LFS, LGS, and LSS instruc>ons obtain a new far address from memory.
oset address appears rst, followed by the segment address

This format is used for storing all 32-bit memory addresses.

A far address can be stored in memory by the assembler. The most useful of the load instruc>ons is the LSS instruc>on.
a\er execu>ng some dummy instruc>ons, the old stack area is reac>vated by loading both SS and SP with the LSS instruc>on

CLI (disable interrupt) and STI (enable interrupt) instruc>ons must be included to disable interrupts.

103

3/3/11

Five string data transfer instruc>ons: LODS, STOS, MOVS, INS, and OUTS. Each allows data transfers as a single byte, word, or doubleword. Before the string instruc>ons are presented, the opera>on of the D ag-bit (direc>on), DI, and SI must be understood as they apply to the string instruc>ons.

44 STRING DATA TRANSFERS

The direc>on ag (D, located in the ag register) selects the auto-increment or the auto- decrement opera>on for the DI and SI registers during string opera>ons.
used only with the string instruc>ons

The DirecFon Flag

The CLD instruc>on clears the D ag and the STD instruc>on sets it .
CLD instruc>on selects the auto-increment mode and STD selects the auto-decrement mode

104

3/3/11

During execu>on of string instruc>on, memory accesses occur through DI and SI registers.
DI oset address accesses data in the extra segment for all string instruc>ons that use it SI oset address accesses data by default in the data segment

DI and SI

Opera>ng in 32-bit mode EDI and ESI registers are used in place of DI and SI.
this allows string using any memory loca>on in the en>re 4G-byte protected mode address space

Loads AL, AX, or EAX with data at segment oset address indexed by the SI register. A 1 is added to or subtracted from SI for a byte- sized LODS A 2 is added or subtracted for a word-sized LODS. A 4 is added or subtracted for a doubleword-sized LODS. Figure 418 shows the LODSW instruc>on.

LODS

105

3/3/11

Figure 418 The opera>on of the LODSW instruc>on if DS=1000H, D=0,11000H, 11001H = A0. This instruc>on is shown a\er AX is loaded from memory, but before SI increments by 2. #

Stores AL, AX, or EAX at the extra segment memory loca>on addressed by the DI register. STOSB (stores a byte) stores the byte in AL at the extra segment memory loca>on addressed by DI. STOSW (stores a word) stores AX in the memory loca>on addressed by DI. A\er the byte (AL), word (AX), or doubleword (EAX) is stored, contents of DI increment or decrement.

STOS

106

3/3/11

The repeat prex (REP) is added to any string data transfer instruc>on except LODS.
REP prex causes CX to decrement by 1 each >me the string instruc>on executes; a\er CX decrements, the string instruc>on repeats

STOS with a REP

If CX reaches a value of 0, the instruc>on terminates and the program con>nues. If CX is loaded with 100 and a REP STOSB instruc>on executes, the microprocessor automa>cally repeats the STOSB 100 >mes.

Transfers a byte, word, or doubleword a data segment addressed by SI to extra segment loca>on addressed by SI.
pointers are incremented or decremented, as dictated by the direc>on ag

MOVS

Only the source operand (SI), located in the data segment may be overridden so another segment may be used. The des>na>on operand (DI) must always be located in the extra segment.

107

3/3/11

Transfers a byte, word, or doubleword of data from an I/O device into the extra segment memory loca>on addressed by the DI register.
I/O address is contained in the DX register

INS

Useful for inpung a block of data from an external I/O device directly into the memory. One applica>on transfers data from a disk drive to memory.
disk drives are o\en considered and interfaced as I/O devices in a computer system

Three basic forms of the INS. INSB inputs data from an 8-bit I/O device and stores it in a memory loca>on indexed by SI. INSW instruc>on inputs 16-bit I/O data and stores it in a word-sized memory loca>on. INSD instruc>on inputs a doubleword. These instruc>ons can be repeated using the REP prex
allows an en>re block of input data to be stored in the memory from an I/O device

108

3/3/11

Transfers a byte, word, or doubleword of data from the data segment memory loca>on address by SI to an I/O device.
I/O device addressed by the DX register as with the INS instruc>on

OUTS

In the 64-bit mode for Pen>um 4 and Core2, there is no 64-bit output
but the address in RSI is 64 bits wide

45 MISCELLANEOUS DATA TRANSFER INSTRUCTIONS


Used in programs, data transfer instruc>ons detailed in this sec>on are XCHG, LAHF, SAHF, XLAT, IN, OUT, BSWAP, MOVSX, MOVZX, and CMOV.

109

3/3/11

Exchanges contents of a register with any other register or memory loca>on.


cannot exchange segment registers or memory-to-memory data

XCHG

Exchanges are byte-, word-, or doubleword and use any addressing mode except immediate addressing. XCHG using the 16-bit AX register with another 16- bit register, is most ecient exchange.

Seldom used bridge instruc>ons. LAHF instruc>on transfers the rightmost 8 bits of the ag register into the AH register. SAHF instruc>on transfers the AH register into the rightmost 8 bits of the ag register.
SAHF instruc>on may nd some applica>on with the numeric coprocessor. As legacy instruc>ons, they do not func>on in the 64-bit mode and are invalid instruc>ons.

LAHF and SAHF

110

3/3/11

Converts the contents of the AL register into a number stored in a memory table.
performs the direct table lookup technique o\en used to convert one code to another

XLAT

An XLAT instruc>on rst adds the contents of AL to BX to form a memory address within the data segment.
copies the contents of this address into AL only instruc>on adding an 8-bit to a 16-bit number

Figure 419 The opera>on of the XLAT instruc>on at the point just before 6DH is loaded into AL.

111

3/3/11

IN & OUT instruc>ons perform I/O opera>ons. Contents of AL, AX, or EAX are transferred only between I/O device and microprocessor.
an IN instruc>on transfers data from an external I/O device into AL, AX, or EAX an OUT transfers data from AL, AX, or EAX to an external I/O device

IN and OUT

Only the 80386 and above contain EAX


O\en, instruc>ons are stored in ROM.


a xed-port instruc>on stored in ROM has its port number permanently xed because of the nature of read-only memory

A xed-port address stored in RAM can be modied, but such a modica>on does not conform to good programming prac>ces. The port address appears on the address bus during an I/O opera>on.

112

3/3/11

Two forms of I/O device (port) addressing: Fixed-port addressing allows data transfer between AL, AX, or EAX using an 8-bit I/O port address.
port number follows the instruc>on s opcode

Variable-port addressing allows data transfers between AL, AX, or EAX and a 16-bit port address.
the I/O port number is stored in register DX, which can be changed (varied) during the execu>on of a program.

Figure 420 The signals found in the microprocessor-based system for an OUT 19H,AX instruc>on.

113

3/3/11

Takes the contents of any 32-bit register and swaps the rst byte with the fourth, and the second with the third.
BSWAP (byte swap) is available only in 80486Pen>um 4 microprocessors

BSWAP

This instruc>on is used to convert data between the big and lille endian forms. In 64-bit opera>on for the Pen>um 4, all 8 bytes in the selected operand are swapped.

Many varia>ons of the CMOV instruc>on.


these move the data only if the condi>on is true

CMOV

CMOVZ instruc>on moves data only if the result from some prior instruc>on was a zero.
des>na>on is limited to only a 16- or 32-bit register, but the source can be a 16- or 32-bit register or memory loca>on

Because this is a new instruc>on, you cannot use it with the assembler unless the .686 switch is added to the program

114

3/3/11

May be added to almost any instruc>on in any memory-addressing mode


allows the programmer to deviate from the default segment only instruc>ons that cannot be prexed are jump and call instruc>ons using the code segment register for address genera>on Addi>onal byte appended to the front of an instruc>on to select alternate segment register

46 SEGMENT OVERRIDE PREFIX

The assembler can be used two ways:

47 ASSEMBLER DETAIL

with models unique to a par>cular assembler with full-segment deni>ons that allow complete control over the assembly process and are universal to all assemblers

In most cases, the inline assembler found in Visual is used for developing assembly code for use in a program
occasions require separate assembly modules using the assembler

115

3/3/11

Indicate how an operand or sec>on of a program is to be processed by the assembler.


some generate and store informa>on in the memory; others do not

DirecFves

The DB (dene byte) direc>ve stores bytes of data in the memory. BYTE PTR indicates the size of the data referenced by a pointer or index register. Complex sec>ons of assembly code are s>ll wrilen using MASM.

DB (dene byte), DW (dene word), and DD (dene doubleword) are most o\en used with MASM to dene and store memory data. If a numeric coprocessor executes so\ware in the system, the DQ (dene quadword) and DT (dene ten bytes) direc>ves are also common. These direc>ves label a memory loca>on with a symbolic name and indicate its size.

Storing Data in a Memory Segment

116

3/3/11

Memory is reserved for use in the future by using a ques>on mark (?) as an operand for a DB, DW, or DD direc>ve.
when ? is used in place of a numeric or ASCII value, the assembler sets aside a loca>on and does not ini>alize it to any specic value

It is important that word-sized data are placed at word boundaries and doubleword-sized data are placed at doubleword boundaries.
if not, the microprocessor spends addi>onal >me accessing these data types

Equate direc>ve (EQU) equates a numeric, ASCII, or label to another label.


equates make a program clearer and simplify debugging

ASSUME, EQU, and ORG

The THIS direc>ve always appears as THIS BYTE, THIS WORD, THIS DWORD, or THIS QWORD. The assembler can only assign either a byte, word, or doubleword address to a label.

117

3/3/11

The ORG (origin) statement changes the star>ng oset address of the data in the data segment to loca>on 300H. At >mes, the origin of data or the code must be assigned to an absolute oset address with the ORG statement. ASSUME tells the assembler what names have been chosen for the code, data, extra, and stack segments.

Indicate start and end of a procedure (subrou>ne).


they force structure because the procedure is clearly dened

PROC and ENDP

If structure is to be violated for whatever reason, use the CALLF, CALLN, RETF, and RETN instruc>ons. Both the PROC and ENDP direc>ves require a label to indicate the name of the procedure.

118

3/3/11

The PROC direc>ve, which indicates the start of a procedure, must also be followed with a NEAR or FAR.
A NEAR procedure is one that resides in the same code segment as the program, o\en considered to be local A FAR procedure may reside at any loca>on in the memory system, considered global

The term global denotes a procedure that can be used by any program. Local denes a procedure that is only used by the current program.

The assembler uses two basic formats for developing so\ware:


one method uses models; the other uses full-segment deni>ons

Memory OrganizaFon

Memory models are unique to MASM. The models are easier to use for simple tasks. The full-segment deni>ons oer beler control over the assembly language task and are recommended for complex programs.

119

3/3/11

There are many models available to the MASM assembler, ranging from >ny to huge. Special direc>ves such as @DATA are used to iden>fy various segments. Models are important with both Microso\ Visual and Borland development systems if assembly language is included with programs.

Models

Full-segment deni>ons are also used with the Borland and Microso\ environments for procedures developed in assembly language. The names of the segments in this program can be changed to any name. Always include the group name DATA , so the Microso\ program CodeView can be used to symbolically debug this so\ware.

Full-Segment Deni8ons

120