Topics/Reading SYSC3601 Microprocessor Systems 1. Registers and internal architecture (Ch 2) 2. Address generation (Ch 2) 3. Addressing modes (Ch 3) 4. Assembly and Machine Language (Ch 4-7 Unit 2: The Intel 8086 Architecture and Programming Model and Appendix B) SYSC3601 8086 Registers and Internal Architecture • 2 Microprocessor Systems 8086 Registers and Internal Architecture There are two main functional logic blocks in the 8086/88 processors: – EU Execution Unit - execution of program instructions – BIU Bus Interface Unit - provides interface to memory and I/O 1. controls the address, data, and control busses. 2. handles instruction fetch and data read/write functions SYSC3601 3 Microprocessor Systems SYSC3601 4 Microprocessor Systems 1 The Bus Interface Unit (BIU) Intel x86 cores • The BIU can operate in parallel with the EU • The instruction queue – One task of the BIU is instruction “pre-fetch” • Whenever the external busses are idle, the BIU fetches the next instruction and places it in the instruction queue. • The instruction queue is now replaced by L1/L2 cache. – The 8086 can have up to 6 bytes of information in the instruction queue, the 8088 is limited to 4. – The instruction queue must be flushed for some instructions (change of program flow, e.g., JMP) • We will be spending more time later in the course on bus control. • The Instruction Pointer (IP) is updated by the BIU. – IP contains the offset of the next instruction to be fetched from the beginning of the code segment. – Whenever the instruction pointer is saved on the stack, it is automatically adjusted to point to the next instruction to be executed (as opposed to fetched). • BIU computes the Physical Address (explained later) SYSC3601 5 Microprocessor Systems Execution Unit – Multipurpose Registers CPU1 CPU2 CPU3 Copro 16K L1 Cache 256K L2 Cache Pentium II, III, 4 same as Pentium Pro with increased L1 & L2 cache sizes. Pentium Pro SYSC3601 6 Microprocessor Systems Execution Unit – Multipurpose Registers • EAX Accumulator: used for arithmetic and logic operations. Destination for MUL and DIV. • EBX Base Index: Typically used to hold offset addresses. • ECX Count: Typically used to hold a count value for various instructions (repeated strings, LOOP/LOOPD, Shift/rotate). MOV CX,080H HERE ... LOOP HERE ; ; Decrement CX, JNZ HERE • EDX Data: temporary data storage for part of a result from a multiplication (Most significant result) or division (dividend, remainder). SYSC3601 7 Microprocessor Systems SYSC3601 8 Microprocessor Systems 2 Execution Unit – Multipurpose Registers • ESP Stack Pointer: Used to offset into the stack segment to address the stack. PUSH/POP, JSR • EBP Base Pointer: Used to store a base memory location for data transfers. • EDI Destination Index: Typically used as an offset for the destination memory location for string/byte transfers. • ESI Source Index: Typically used as an offset for the source memory location for string/byte transfers. • The use of the base and offset registers EBX, ESP, EFP, EDI and ESI will become clearer when addressing modes are covered. SYSC3601 9 Microprocessor Systems Execution Unit – Flag Register Execution Unit – Flag Register • Note: O,Z,A,P & C are changed by most arithmetic and logic instructions but are unchanged by data transfers. • C Carry: Holds the carry after addition, or the borrow after subtraction. • P Parity: ‘0’ - odd parity. ‘1’ - even parity. • A Auxiliary carry: Holds the “half-carry/borrow” after addition/subtraction. (BCD operations on nibbles). • Z Zero: ‘1’ if the result of an arithmetic or logic operation is zero. SYSC3601 10 Microprocessor Systems Execution Unit – Extended Flag Register • S Sign: holds the sign of the result after a arithmetic or logical operation. This is the value of the sign bit of the result of the operation. • T Trap: enables trapping if ‘1’. Program flow is interrupted based on the values of the control and debug registers. • I Interrupt: Controls the operation of the INTR (interrupt request) pin. If ‘1’, interrupts from INTR are enabled. • D Direction: Selects either increment or decrement for the SI and/or DI registers during string and loop functions. If ‘1’, the registers are decremented. • O Overflow: Indicates that a result has exceeded the capacity of a register during signed operations. • IOP (80286) I/O Privilege level: Two bits correspond to privilege level for I/O operation. 00 is the highest, 11 is the lowest. • NT (80286) Nested task: Set when a task is nested within another task. • RF (80386) Resume Flag: Used during debugging. • VM (80386) Virtual Mode: Virtual mode execution (multiple 8086s running in protected mode). • AC (80486SX) Alignment Check: Non-aligned address (for co-processor). • VIF (Pentium) Virtual Interrupt Flag: A copy of the interrupt flag. • VIP (Pentium) Virtual Interrupt Pending: • ID (Pentium) ID: The CPUID instruction is supported. SYSC3601 SYSC3601 11 Microprocessor Systems 12 Microprocessor Systems 3 Execution Unit – Instruction Pointer • Addresses the next instruction in the code segment which is to be fetched. Execution Unit – Segment Registers • Segment registers are combined with other registers to generate 20-bit addresses. 15 • Can be modified with a JMP or CALL instruction. • EIP (32 bits) in 80386 and up. • Used with CS (see next few slides…) – Physical address of next instruction = CS:IP SYSC3601 13 Microprocessor Systems SYSC3601 Execution Unit – Segment Registers • SYSC3601 SYSC3601 Microprocessor Systems Microprocessor Systems Address Generation • CS Code Segment: Used to compute the starting address of the section of memory holding code (restricted to 64K in REAL mode). • DS Data Segment: Used to compute the starting address of the section of memory holding data (restricted to 64K in REAL mode). • SS Stack Segment: Used to compute the starting address of the section of memory holding the stack (restricted to 64K in REAL mode). • ES Extra Segment: Additional data segment used by some string instructions. • FS&GS Additional segment registers in the 80386 (and up) for program use. 15 14 Two types of address generation: 1. Real Mode (the 8086/8088/186 can only operate in this mode) • • Allows the P to address the first 1Mbyte of memory only. The first Meg or memory is called real or conventional memory. 2. Protected mode (80286...) • • This mode uses the segment register contents (called a selector) to access a descriptor from a descriptor table. The descriptor describes the memory segment’s location, length and access rights. 16 Microprocessor Systems 4 Real Mode Address Generation • Real Mode Address Generation Memory addresses consist of a segment address plus and offset address. – The segment address defines the start of a 64K block of memory. – The offset address selects a location within the 64K memory segment. – Memory locations are often written as: Ex. If IP=1200H and CS=1400H then next instruction will be fetched from: 1400:1200 Or 14000H +1200H -----15200H segment:offset C000:04BA SYSC3601 17 Microprocessor Systems SYSC3601 Real Mode Address Generation – Funky Rules… • The µP has a set of rules that apply whenever memory is addressed, which define the segment and offset register combination used by certain addressing modes. Segment Offset Special Purpose CS IP Instruction address SS SP or BP Stack address DS BX,DI,SI, 8bit # or 16bit # Data address ES SYSC3601 18 Microprocessor Systems Real Mode Address Generation • Notes: 1. Memory segments (i.e. the 64K blocks) may overlap if full 64K are not needed. 2. The segment-offset scheme allows programs to be relocated in memory (on 16 byte boundaries). – Move the existing contents to the new physical location, then update the segment register. DI (for string instruction) String destination 19 Microprocessor Systems SYSC3601 20 Microprocessor Systems 5 Segment Resolution FE010H ← FE00:0010 Real Mode Address Generation - Examples ≡ FE01:0000 . . . FE005H ← FE00:0005 . . . FE000H ← . . . MOV DL,[BP] Uses an absolute (i.e. physical) source address of: SS x 16 + BP • Ex 2 (overlap): FE00:0005 FE000H +0005H -----FE005H 16 bytes resolution FDFF0H SYSC3601 FE00:0000 • Ex 1: ← FDFF:0000 21 Microprocessor Systems FDFF:0015 FDFF0H +0015H -----FE005H Same location in memory! SYSC3601 22 Stack Operation Microprocessor Systems Stack Operation Example • The stack is a Last-In, First Out (LIFO) queue. MOV • The stack grows down in memory (i.e., towards 0). PUSH BX POP AX • Only words (8086-80286) and double words (80386...) can be pushed/popped on/off the stack. BX,1234H ; BX SS x 10H + SP - 1 ← ← 1234H Appears to be BIG endian during PUSH 12H High order 34H Low order • POP CS is NOT allowed. • Typically, initialize SP to 0H. Will decrement to FFFFH on first PUSH to point to top of segment. SS x 10H + SP - 2 SP AL AH SP SYSC3601 23 Microprocessor Systems SYSC3601 ← SP - 2 ← SS x 10H + SP ← (34H) SS x 10H + SP + 1 (12H) ← SP + 2 ← 24 Appears to be LITTLE endian during PULL Microprocessor Systems 6 Addressing Modes • We will use the MOV instruction to discuss the various addressing modes. • MOV Dst,Src (i.e. Dst=Src after MOV) opcode operands • MOV transfers bytes or words of data between registers or between registers and memory. • MOV is a copy of data (i.e., it does not alter the source) and it does NOT set the flags. SYSC3601 25 Microprocessor Systems Addressing Modes - Effective Address (EA) • • Addressing Modes • MOV rules: 1. Source and destination must be the same size. 2. Segment to segment register move is not allowed (segment value would be overwritten and lost). 3. CS register may not be changed by a MOV (MOV CS would clobber program flow). 4. Memory to memory moves are not allowed, except as strings, eg MOVS [BI],[DX] SYSC3601 26 Microprocessor Systems Addressing Modes - Effective Address (EA) The execution unit is responsible for computing the EA and passes the results to the BIU which combines it with the segment register. The EA is the offset that the execution unit calculates for a memory operand. – – – it is an unsigned 16 bit number that expresses the operand’s distance (in bytes) from the beginning of the segment in which it resides. the EA is the sum of a displacement, contents of a base register, and contents of an index register. The addressing mode determines the registers needed to compute the EA. SYSC3601 27 Microprocessor Systems 16 bit Segment shifted to create 20 bit address Effective Address (16 bit offset relative to segment) Final Physical Address (full 20 bit address) SYSC3601 28 Microprocessor Systems 7 Addressing Modes - Effective Address (EA) Segment:EA ← Addressing Modes • Register addressing – Data is in the registers specified in the instructions. – eg: MOV AX,BX 8 or 16 bit Displacement (optional) . . . 16 bit Index (DI, SI) (optional) Effective Address • Immediate addressing – Data is a constant and is part of the instruction. – eg: MOV AX,3AH 16 bit Base address (BX, BP) (optional) Segment:0000 ← SYSC3601 29 Microprocessor Systems SYSC3601 Addressing Modes • • Direct addressing (DS*10H)+1234H • Memory . . . . . . ← (DS*10H)+1001H AL → (DS*10H)+1000H → Register indirect addressing (based addressing) (can think of this as ‘base OR index only’) – – – ex2: MOV BX,[1000H] Memory BH BL the effective address is held in BP, BX, DI or SI. eg: MOV AX,[BX] ; MOV [BP],DL Recall: DS is used by default for BX, DI or SI; SS is used for BP Example: MOV BX,1000H MOV AX,[BX] 8 bits AL 8 bits AH SYSC3601 31 Microprocessor Systems Addressing Modes – The 16 bit effective address is part of the instruction. (can think of this as ‘displacement only’) ex1: MOV DS:1234H,AL 30 Microprocessor Systems SYSC3601 ← ← DS x 10H + 1000H DS x 10H + 1001H 32 Microprocessor Systems 8 Addressing Modes • Register relative addressing (base + displacement) – – • formed by the sum of a base or index register plus a displacement. eg: MOV AX,[BX+4H] or: MOV AX,4H[BX] Addressing Modes • base relative plus index addressing (base + displacement + index) – effective address is the sum of base + index + displacement. – e.g.: MOV [BX+DI+8AH],CL – e.g.: MOV AX,[BP+SI+ABCDH] Base plus index addressing (base + index) – – effective address is formed as the sum of a base register (BP or BX) and an index register (DI or SI) eg: MOV [BX+DI],CL SYSC3601 33 Microprocessor Systems SYSC3601 34 Microprocessor Systems Assembly and Machine Language • Machine language is the native binary code that the µP understands, i.e., 1’s and 0’s only. • All software, no matter what the original language was used is eventually translated to machine language for execution. • The 8086-80286 use 16-bit mode instructions while the 80386 and up have 32-bit mode instructions (AMD has a 64 bit mode now too). • We will focus on the 16-bit mode instructions. – Extensions to 32-bit mode are left as an exercise. SYSC3601 35 Microprocessor Systems SYSC3601 36 Microprocessor Systems 9 Assembly and Machine Language • 16 bit mode instructions take the form: Opcode++ 1-2 bytes MOD-REG-R/M 0-1 byte Displacement 0-2 bytes Assembly and Machine Language • Single bit fields of opcode: Immediate 0-2 bytes D Direction • OPCODE++ W Word S Sign 1 Word data 0 No sign extend 1 Sign extend 8 bit immediate to 16 bits • Note on W & S fields: W 0 0 1 1 SYSC3601 37 Microprocessor Systems 1 Destination is specified by REG 0 Byte data – Typically 1 byte, but not always! – Selects the operation (MOV, ADD, JMP) 0 Source is specified by REG S 0 1 0 1 SYSC3601 Assembly and Machine Language Register Data 8-bits 8-bits ? Sign extend to 1 byte? 16-bits 16-bits 16-bits 8-bits 38 Microprocessor Systems Assembly and Machine Language • MOD field: • MOD-REG-RM Code Mode Meaning • MOD: Specifies addressing mode. 00 Memory No displacement (unless R/M=110) • REG: Identifies a register which is one of the instruction operands. 01 Memory 8-bit displacement 10 Memory 16-bit displacement 11 Register • R/M: Register/Memory coding – Depends on the MOD field • If MOD indicates a register-to-register instruction, then R/M identifies the second register operand. • If MOD indicates a register-to-memory instruction, then R/M indicates how the effective address of the operand is calculated. SYSC3601 39 Microprocessor Systems SYSC3601 40 Microprocessor Systems 10 Assembly and Machine Language • R/M field: Assembly and Machine Language • Displacement field R/M when MOD=11 R/M when MOD≠11 REG W=0 W=1 R/M MOD=00 MOD=01 MOD=10 000 AL AX 000 BX+SI BX+SI+D8 BX+SI+D16 001 CL CX 001 BX+DI BX+DI+D8 BX+DI+D16 010 DL DX 010 BP+SI BP+SI+D8 BP+SI+D16 011 BL BX 011 BP+DI BP+DI+D8 BP+DI+D16 100 AH SP 100 SI SI+D8 SI+D16 101 CH BP 101 DI DI+D8 DI+D16 110 DH SI 110 direct BP+D8 BP+D16 111 BH DI 111 BX BX+D8 BX+D16 SYSC3601 41 Microprocessor Systems – may be one or two bytes (language translators will generate one byte whenever possible). – MOD field indicates how many bytes. – if displacement is two bytes, the most significant byte is stored second (LITTLE endian!) – if displacement is one byte, the P will sign-extend to 16 bits (sometimes depending on S-bit). • Immediate field – may be one or two bytes (specified by the W-bit). – Little endian. SYSC3601 Assembly and Machine Language • Example: Register to register addressing MOV AX,BX Machine instruction is: SYSC3601 1000 1011 1100 0011 8 B C 3 43 Microprocessor Systems Microprocessor Systems Assembly and Machine Language • Example: Register to register addressing2 ADD AX,BX 100010 D W MOD REG R/M Opcode: 100010 Dest. Specified by REG D: 1 16 bit transfer W: 1 Register in R/M MOD: 11 AX 000 REG: BX R/M: 011 42 100000 D W MOD REG R/M Opcode: 100000 Dest. Specified by REG D: 1 16 bit transfer W: 1 Register in R/M MOD: 11 AX 000 REG: BX R/M: 011 Machine instruction is: SYSC3601 0000 0011 1100 0011 0 3 C 3 44 Microprocessor Systems 11 Assembly and Machine Language • Example: Base + index (memory) to register MOV AX,[BX+DI] 100010 D W MOD REG R/M Opcode: 100010 Must be 1, dest AX specified by REG D: 1 16 bit transfer W: 1 No displacement MOD: 00 AX REG: 000 R/M: 001 Assembly and Machine Language • Example: Base relative + index (memory) to register MOV AX,[BX+DI+2H] 100010 D W MOD REG R/M Displacement Opcode: 100010 Must be 1, dest AX specified by REG D: 1 16 bit transfer W: 1 8-bit displacement MOD: 01 AX REG: 000 R/M: 001 1000 1011 0000 0001 Machine instruction is: SYSC3601 8 B 45 0 1 Microprocessor Systems 1000 1011 0100 0001 0000 0010 Machine instruction is: SYSC3601 Assembly and Machine Language • Example: Base relative + index (memory) to register MOV AX,[BX+DI+1234H] 100010 D W MOD REG R/M Displacement Opcode: 100010 Must be 1, dest AX specified by REG D: 1 16 bit transfer W: 1 16-bit displacement MOD: 10 AX 000 REG: R/M: 001 Machine instruction is: 1000 1011 1000 0001 0011 0100 0001 0010 8 B 8 1 3 4 1 2 SYSC3601 47 Microprocessor Systems 8 B 46 4 1 0 2 Microprocessor Systems Assembly and Machine Language • Special addressing mode – To reference memory by displacement only (i.e. direct addressing mode), we use: MOV [1000H],DL MOD=00, R/M=110 – From the tables (slide 41), this corresponds to [BP] with no displacement. – Since [BP] cannot be used without a displacement, the assembler translates MOV [BP],AL to… MOV [BP+0H],AL MOD=01, R/M=110, 8-bit offset of 0H SYSC3601 48 Microprocessor Systems 12 Assembly and Machine Language • Example: Immediate operand to mem/register MOV AX,1234H If W=1 1100011 W MOD 000 R/M data low data high Opcode: 1100011 MOV (imm,reg/mem) W: 1 MOD: 11 R/M: 000 Data Low: 34H Data High: 12H Register in R/M AX 00110100 00010010 1100 0111 1100 0000 0011 0100 0001 0010 C 7 C 0 3 4 1 2 49 Microprocessor Systems Assembly and Machine Language • Example: Immediate operand to register2 ADD AX,1234H If SW=01 100000 S W MOD 000 R/M Opcode: 100000 S: 0 W: 1 MOD: 11 R/M: 011 Data Low: 34H Data High: 12H data low data high ADD (imm,reg/mem) Optional sign extension 16 bit transfer Register in R/M BX data low data high MOV (imm,reg) 16 bit transfer AX 00110100 00010010 Op WREG DataLow DataHigh Machine instruction is: 1011 1000 0011 0100 0001 0010 B 8 3 4 1 2 Note that could use general MOV imm,reg/mem but this way saves a byte SYSC3601 50 Microprocessor Systems Assembly and Machine Language • Example: Immediate to accumulator ADD AX,1234H 0000010 W data low data high Opcode: 0000010 ADD (imm,accum) 16 bit transfer W: 1 00110100 Data Low: 34H 00010010 Data High: 12H 00110100 00010010 Machine instruction is: Machine instruction is: 1000 0001 1100 0011 0011 0100 0001 0010 8 1 C 3 3 4 1 2 SYSC3601 If W=1 1011 W REG Opcode: 1011 W: 1 REG: 000 Data Low: 34H Data High: 12H 16 bit transfer Machine instruction is: SYSC3601 Assembly and Machine Language • Example: Immediate operand to register (not mem) MOV AX,1234H 51 Microprocessor Systems 0000 0101 0011 0100 0001 0010 0 5 3 4 1 2 Note that we could have used same form as previous example, but we save a byte this way SYSC3601 52 Microprocessor Systems 13 Assembly and Machine Language • Example: Immediate to register3 ADD BX,-7H If SW=01 100000 S W MOD 000 R/M data low Opcode: 100000 ADD (imm,mem/reg) S: 1 Optional sign extension data high Segment Override Prefix • Recall that MOV AL,[BX] uses DS:BX by default for EA calculation • A segment override may be given: MOV AL,ES:[BX] which uses ES instead of DS for EA calc 16 bit transfer W: 1 Register in R/M MOD: 11 R/M: 011 Data Low: F9H BX 2’s comp of 7 is 9, sign extend to F9: 1111 1001 • The machine instruction in this case includes an extra byte at the START of the instruction (i.e. lower memory): Prefix Byte Segment 1000 0011 1100 0011 1111 1001 8 1 C 3 F 9 Machine instruction is: S=1: Sign extend F9 byte to FFF9 word; S=0: Opcode becomes 81C3F9FF SYSC3601 53 Microprocessor Systems SYSC3601 Program Timing – Note: the times provided assume that the instructions have already been fetched and are waiting in the queue. • Max 8086 clock: – 5MHz (200ns or 0.2µs per cycle) – 2.5MHz (400ns or 0.4µs per cycle) • instruction times are given in clock cycles. • Ex: Estimate the time for a 5MHz, zero wait state, 8086 to execute the following code segment: Can you calculate JNZ Displacement? SYSC3601 55 ES CS 36H SS 3EH DS 54 Microprocessor Systems Program Timing • See Text Appendix B (or handout) for timing MOV AGAIN: ADD DEC JNZ 26H 2EH DI,00FFH [1234H+DI],AL DI AGAIN Microprocessor Systems • Note: Loop is executed 254 times with a jump to again, and once with no jump. Instruction Add.Mode T-states Times Total MOV DI,00FFH (reg,imm) 4 1 4 ADD [1234H+DI],AL (mem,reg) EA=9 16+EA=25 255 6375 (reg 16) 3 255 765 T 16 254 4064 F 4 1 DEC DI JNZ AGAIN TOTAL 3 11212 Total time is: 11212 x 200ns = 2.24ms Note: Timing is complicated by 1) Wait States and 2) Unaligned Transfers. These topics will be discussed later. SYSC3601 56 Microprocessor Systems 14 Reading and Problems • Read: – Chapter 1 (skim protected mode) – Chapter 2 – Chapter 3 – Chapter 4, sections 1&2, skim remainder – Skim chapters 5-7 • Problems: see website SYSC3601 57 Microprocessor Systems 15
© Copyright 2026 Paperzz