Microprocessor

Indira College of Engineering Management, Pune

 Teaching/Examination Scheme

3/23/2023 2
 Microprocessor

3/23/2023 3
 Microprocessor

 Unit 1: Introduction to 80386

3/23/2023 4
3/23/2023
Indira College of Engineering Management, Pune 5
 Brief History of Intel Processors

3/23/2023
Indira College of Engineering Management, Pune 6
 Intel
 1971 - 4004
• First microprocessor
• All CPU components on a single chip
• 4 bit, Single Core
• Clock speed 740 KHz
• It had 2300 transistors
• Could execute 60,000 instructions per second

 Followed in 1972 by 8008

• 8 bit, Single Core
• It uses PMOS technology
• It had 3500 transistors
• Clock speed 500KHz
• Could execute 50,000 instructions per second
• Very slow Microprocessor and Not compatible with TTL Logic
• Both designed for specific applications

3/23/2023 7
 Intel
 1974 - 8080
• Intel’s first general purpose microprocessor (8 bit)
• It is faster with NMOS technology
• Clock speed was 2MHz
• It had 6,000 Transistors
• 10 times faster than 8008
• But it requires 3 Power Supplies
• Could execute 5,00,000 instructions per second

 1975 – Intel 8085

• Improved Version
• Clock speed was 3 MHz
• It had 6,500 Transistor
• Could execute 7,39,230 instructions per second
• It could acess 64 KB memory
• Over 100 Million Copies were sold
-

23 March 2023 Indira College of Engineering Management, Pune 8

 x86 Evolution
• 8086
– Introduced in 1978
– 16 Bit Microprocessor
– much more powerful
– Clock speed is 4.77 MHz,8MHz,10MHz depending on version
– It had 29000 transistor
– It had 22,000 Instructions
– Could execute 2.5 million instruction per second
– It had multiply and divide instruction

3/23/2023 9
 x86 Evolution
• 8088
– Introduced in 1979
– 16 Bit Microprocessor
– It was created as cheaper version of 8086
– It could execute 2.5 million instructions in one second
– This chip became most popular when it was used in first IBM PC

• 80186 and 80188

- Introduced in 1982
- It is 16 bit Microprocessor
- Clock speed 6MHz
- 80188 is cheaper version on 80186

3/23/2023 10
 x86 Evolution
• 80286
– Introduced in 1982
– 16 bit
– Clock speed 8 MHz
– It could address 16MB memory
– It had 1,34,000 Transistors
– It could execute 4 Million instructions per second.

• 80386

– Introduced in 1986
– 32 bit
– It could address 4 GB of memory
– It had 1,75,000 transistors.
– Support for multitasking
– Clock speed varied from 16MHz, to 33 MHz depending on version
– It is best selling microprocessor in history

3/23/2023 11
 x86 Evolution
• 80486

– Introduced in 1989
– sophisticated powerful cache and instruction pipelining
– built in maths co-processor
– It had 1.2 million transistors
– Clock speed is 16 MHz to 100 MHz
– 8KB Cache memory was introduced

23 March 2023 Indira College of Engineering Management, Pune 12

 x86 Evolution
• Pentium III
• Pentium • Additional floating point instructions for 3D
• Superscalar graphics
• Multiple instructions executed in parallel
• Pentium 4
• Pentium Pro • Note Arabic rather than Roman numerals
• Increased superscalar organization • Further floating point and multimedia
• Aggressive register renaming enhancements
• branch prediction • Core
• data flow analysis • First x86 with dual core
• speculative execution
• Core 2
• Pentium II • 64 bit architecture
• MMX technology
• graphics, video & audio processing
• Core 2 Quad – 3GHz – 820 million transistors
• Four processors on chip
Refer Intel web pages for detailed information on processors

3/23/2023 13
 Family tree of 80386
Addres s
Chip Introduction Data bus Memory
Bus
4004 1971 4 8 256 Byte
256 Byte
8008 1972 8 8

8080 1974 8 16 64 KB
1M
8086/88 1978 16/8 20

1M
80186/188 1982 16/8 20

16M:Clock speed is
80286 1983 16 24
high
DX(1986:not
DX:4G (275,000
compatibility) SX(1988: mostly DX:32+132 pin 32
80386 transistor)
used, Not Co-Processor) SX:16+100 pin 24
SX:16MB

Memory Size:4G
80486 32 32
+16K cache

14
Difference between 80386 SX/DX

•Both have the same internal architecture.

•Lower cost package and the ease of interfacing to 8-bit and 16-bit
memory and peripherals make ,
•SX suitable for use in low cost systems.

15
 80386 DX Features and Architecture, Programmers
Model

3/23/2023
Indira College of Engineering Management, Pune 16
 Features of 80386DX
• Flexible 32-bit Microprocessor
– 8, 16, 32-Bit Data Types • Hardware Debugging Support
– 8 General Purpose 32-Bit Registers
– 32 bit ALU • 3 stage Pipeline
– 32 bit Data Bus(4 memory Bank)
– 32 bit Address Bus( 4 GB Memory) • Multitasking

• Very Large Address Space • Operating Speed-16,20,25,33 MHz

– 4 Gigabyte Physical
– 64 Terabyte Virtual
– 4 Gigabyte Maximum Segment Size
• SX (16 bit Data Bus)
DX(32 bit Data Bus)
• Integrated Memory Management Unit
– Segmentation and Paging
– 4 Levels of Protection
– Fully Compatible with 80286

3/23/2023 17
 80386DX Architecture

Memory Management Unit

Bus Control Unit

Central Processing Unit

3/23/2023 18
 80386DX Architecture
The Intel386DX consists of
• A central processing unit,
• Execution unit
• Instruction unit

• A memory management unit and

• Segmentation unit
• Paging unit

• A bus interface.
• offers address pipelining, dynamic data bus sizing, and direct Byte Enable signals for
each byte of the data bus

3/23/2023 19
Central Processing Unit
 Central processing unit is further divided into Execution unit and
Instruction unit.

• Execution unit has 8 General purpose and 8 Special purpose registers

which are either used for handling data or calculating offset addresses.

 The Instruction unit decodes the opcode bytes received from the 16-
byte instruction code queue and arranges them in a 3- instruction
decoded instruction queue.

20
 After decoding them pass it to the control section for deriving
the necessary control signals. The barrel shifter increases
the speed of all shift and rotate operations.

• The multiply / divide logic implements the bit-shift-rotate

algorithms to complete the operations in minimum time.

• Even 32- bit multiplications can be executed within one

microsecond by the multiply / divide logic.

21
Memory Management Unit
 The Memory management unit consists of a Segmentation unit
and a Paging unit.

 Segmentation unit allows the use of two address components,

viz. segment and offset for relocability and sharing of code and
data.

 Segmentation unit allows segments of size 4Gbytes at max.

22
 The Paging unit organizes the physical memory in terms of
pages of 4 kbytes size each.

 Paging unit works under the control of the segmentation unit,

i.e. each segment is further divided into pages.

 The virtual memory is also organizes in terms of segments

and pages by the memory management unit.

23
 The Segmentation unit provides a 4 level protection mechanism for
protecting and isolating the system code and data from those of the
application program.

 Paging unit converts linear addresses into physical addresses.

 The control and attribute PLA checks the privileges at the page level.
Each of the pages maintains the paging information of the task.

 The limit and attribute PLA checks segment limits and attributes at
segment level to avoid invalid accesses to code and data in the memory
segments.

24
Bus Interface Unit
 The Bus control unit has a prioritizer to resolve the priority of the
various bus requests.

 This controls the access of the bus. The address driver drives the bus
enable and address signal A0– A31.

 The pipeline and dynamic bus sizing unit handle the related control
signals.

 The data buffers interface the internal data bus with the system bus.

25
 MEMORY ORGANIZATIONAND
SEGMENTATION
 The physical memory of an 80386 system is organized as a sequence of 8-bit
bytes.
 Each byte is assigned a unique address that ranges from
0 to a maximum of 232 -1.(4 Gigabytes).
 The model of memory organization determined by systems-software
designers.

 Two model of memory

 1. Flat model:single array of up to 4 GB.
 A pointer into this flat address space is a 32-bit ordinal number that may
range from 0 to 232 -1.

26
 MEMORY ORGANIZATIONAND
SEGMENTATION
 Segmented model: collection of up to 16,383 address spaces. linear

 Viewed by an applications program (called the logical

address space)
 The processor maps the 64 terabyte logical address space onto the physical
address space (4 GB) by the address translation mechanisms.
 Each of these linear subspaces is called a segment.
 A segment is a unit of contiguous address space
 Segment sizes may range from 1 byte up to a maximum of

232 bytes (4 gigabytes).

27
 Programmers Model
• Intel386 DX base architecture registers:

 General data and address registers

 Segment selector registers

 Instruction pointer

 Flags register

3/23/2023 28
 Register Organization of 80386

3/23/2023 29
 SEGMENT REGISTERS
o Six segments of memory may be immediately accessible to an executing 80386
program.
o The segment registers CS, DS, SS, ES, FS, and GS are used to identify these six
current segments.
o Each of these registers specifies a particular kind of segment, as characterized by the
associated mnemonics ("code," "data," or "stack").

23 March 2023 Indira College of Engineering Management, Pune 30

 Segment Registers- Code Segment

 CS: The segment containing the currently executing sequence of

instructions is known as the current code segment.
 The 80386 fetches all instructions from this code segment, using as
an offset the contents of the instruction pointer.

23 March 2023 Indira College of Engineering Management, Pune 31

 Segment Registers- SS,DS,ES,FS,GS

 SS:Subroutine calls, parameters, and procedure activation records

usually require to allocate memory as a stack.
 All stack operations use the SS register to locate the
stack.
 Data Registers: TheDS, ES, FS, and GS registers
allow the specification of four data segments.
 Access different types of data structures;
 Types of data structures:
 Current module, Exported data, Dynamically created data structure
and data Shared with another task.

23 March 2023 Indira College of Engineering Management, Pune 32

 Flags Register

 The Flag register of 80386 is a 32 bit register.

 Out of the 32 bits,Intel has reserved bits D18 to D31,D5 and D3 and
• set to 0
 While D1 is always set at 1.
 Two extra new flags are added to the 80286 flag to derive the flag
register of 80386.
 They are VM and RF flags.

23 March 2023 Indira College of Engineering Management, Pune 33

 Flags Register

3/23/2023 34
 VM Bit - Virtual Mode Flag

• If this flag is set toVM=1, the 80386 enters the virtual

8086 mode within the protection mode.
 WhenVM bit is 0, 386 operates in protected mode
 This is to be set only when the 80386 is in protected mode.
 This bit can be set using IRET instruction or any task
switch operation only in the protected mode.

23 March 2023 Indira College of Engineering Management, Pune 35

 RF-Bit Resume Flag
• The RF flag is used with the debug register breakpoints.
• A breakpoint is a special marker that tells the debugger to stop
execution of the program at the breakpoint when running in debug
mode.
• It is checked at the starting of every instruction cycle. By setting RF to
1, a potential breakpoint on the next instruction will be ignored.
• The RF is automatically reset after successful execution of every
instruction The RF is automatically reset after successful execution of
every instruction, except for IRET and POPF instructions
• Also, it is not automatically cleared after the successful execution
ofJMP, CALL and INT instruction causing a task switch.

23 March 2023 Indira College of Engineering Management, Pune 36

 NT Bit

 NT (Nested Task):This flag applies to Protected Mode.

 NT is set to indicate that the execution of this task is nested within
another task
 The value of NT in EFLAGS is tested by the IRET instruction to
determine whether to do an inter-task return or an intra-task
return

23 March 2023 Indira College of Engineering Management, Pune 37

 IOPL Bit
 This two-bit field applies to Protected Mode. IOPL indicates the
numerically maximum
• CPL(current privilege level) value permitted to execute I/O
instructions without generating an Exception
 It also indicates the maximum CPL value allowing alteration of the IF
(INTR Enable Flag) bit when new values are popped into the EFLAG
register

23 March 2023 Indira College of Engineering Management, Pune 38

 IF (INTR Enable Flag): The IF flag, when set, allows recognition of
external interrupts signaled on the INTR pin.

 TF (Trap Enable Flag): When TF is set, the Intel386 DX generates an

exception 1 trap after the next instruction is executed.
 When TF is reset, exception 1 traps occur only as a function of the
breakpoint addresses loaded into debug registers DR0-DR3

23 March 2023 Indira College of Engineering Management, Pune 39

• OF (Overflow Flag) : It is set if the operation
resulted in a signed overflow. Signed overflow occurs when the
operation resulted in carry/borrow into the sign bit (high-order bit) of
the result.

 DF (Direction Flag) : DF defines whether ESI and/or EDI registers

post-decrement or post-increment during the string instructions.
Post-decrement occurs if DF is set
The control flag DF controls “STRING” instruction
Clearing DF flag causes string instructions to auto increment or to
process string from low to high address
• The arithmetic instructions use CF,SF,ZF, AF,PF,CF

23 March 2023 Indira College of Engineering Management, Pune 40

 Operating modes, Addressing modes
and data types

3/23/2023
Indira College of Engineering Management, Pune 41
 Processing Modes
• The Intel386 DX modes of operation:
– Real Address Mode (Real Mode), and
– Protected Virtual Address Mode
(Protected Mode).
– Virtual 8086 mode (V86 Mode).
• Real-address mode (Real mode):
– Power on default mode :mode of the
processor immediately after RESET.
– Upward Compatibility.
– Faster 8086: In this mode the Intel386
DX operates as a very fast 8086,
– but with 32-bit extensions if desired.
3/23/2023
• Protected mode:
– Natural 32-bit environment, in which all
instructions and features are available.
– It provides access to the sophisticated
memory management, paging and privilege
capabilities of the processor
• Virtual 8086 mode (V86 Mode):
– It is a dynamic mode within protected mode.
– processor can repeatedly and rapidly switch
between V86 mode and protected mode.
– CPU enters V86 mode from protected mode
to execute an 8086 program, then leaves
V86 mode and enters protected mode to
continue executing a native 80386 program
42
 Instruction Format
 The information encoded in an 80386 instruction includes a
specification of ;
 Operation to be performed (Opcode).
 Type of the operands to be manipulated,
 Location of these operands.
Opcode Source(M/ Reg) Destination(M/ Reg)

43
Operand Selection
 In the instruction itself(immediate operand)
 In a register
 In memory
 At an I/O port

 Implicit operand
 Explicit operand
 Implicit and Explicit Operand

44
 INSTRUCTION FORMAT

 Two-operand instructions of the 80386 permit operations of the

following kinds:
 • Register-to-register
 • Register-to-memory
 • Memory-to-register
 • Immediate-to-register
 • Immediate-to-memory
 Certain string instructions and stack manipulation instructions
transfer data from memory to memory.
 Push and pop stack operations allow transfer between
memory operands and the memory-based stack.

45
 Immediate Operands
 Register Operands
 Memory Operands
 Segment Selection

46
Effective Address Computation

47
Effective Address Computation…
 Displacement: Indicates the offset of the operand . Used to
directly address a statically allocated scalar operand.
 Base: Offset is specified indirectly in one of the general
registers, as for based variables.
 Base+displacement:
 To index into static array when element size is not 2,4,8 bytes.
 Access item of record. Displacement component locates an item
within record.
 (Index*scale) + displacement: Provides efficient indexing into a static
array when element size is 2,4,8 bytes.

48
Effective Address Computation…
 Base + Index + Displacement: Two registers used together
support either a two dimensional array (where displacement
determine beginning of array) or one of several instances of an
array of records (where displacement indicates an item in the
record.)
 Base + (Index * Scale) + displacement: This combination
provides efficient indexing of a two-dimensional array when
element of the array are 2,4,8 bytes wide.

49
 80386 Addressing Modes
 Addressing modes indicate a way of locating data or operands.
 Describes the type of operands and the way they are accessed for executing an instruction.
 The method by which address of source data and destination address of result is given in the
instruction is called as “ Addressing Modes”.
 The 80386 Microprocessor Provide 11 addressing modes

• Register addressing Mode • Scaled Index addressing Mode

• Immediate addressing Mode • Based Index addressing Mode

• Direct addressing Mode • Based Scaled Index addressing Mode

• Register Indirect addressing Mode • Based Index addressing Mode with Displacement

• Based addressing Mode • Based Scaled Index addressing Mode with

Displacement
• Index addressing Mode
3/23/2023

50
 Register Addressing Modes
• The data is stored in a register and it is referred using a particular register.

• All register accept IP used in this addressing mode.

• The 8/16/32 bit data required to execute an instruction is present in 8/16/32 bit register is
given along with the instruction is called “Register addressing mode.”

 Example : ADD EAX,EBX

3/23/2023 51
 Immediate addressing mode
• In this addressing mode, immediate data is part of instruction.

• The 8/16/32 bit data required to execute an instruction is given directly along with the
instruction is called “Immediate addressing mode”.

 Example: Mov AX,0020H

3/23/2023 52
 Direct and Register Indirect addressing
mode
• Direct addressing mode
The operand's offset is contained as part of the instruction as an 8-, 16- or 32-bit
displacement.
In Direct addressing mode the effective address of memory location where the operand
is present is written directly in the instruction.
 Example: MOV AX, [5000H]

• Register Indirect Mode:

A BASE register contains the address of the operand.

 Example: MOV EAX, [EBX]

3/23/2023 53
 Based and Index addressing mode

• Based addressing mode

Based Mode: In this addressing mode, the offset address of the operand is given by the
sum of the contents of Base Register and Displacement.
 Example: MOV ECX, [EAX+24]

• Index addressing Mode:

An INDEX register's contents is added to a DISPLACEMENT to form the operands offset.

 Example: ADD EAX, TABLE[ESI]

3/23/2023 54
 Scaled Index & Based Index addressing mode

• Scaled Index addressing mode

An INDEX register's contents is multiplied by a scaling factor which is added to a
DISPLACEMENT to form the operands offset.

 Example: IMUL EBX, TABLE[ESI*4],7

• Based Index addressing Mode:

The contents of a BASE register is added to the contents of an INDEX register to form the
effective address of an operand.

 Example: MOV EAX, [ESI] [EBX]

3/23/2023 55
 Other addressing mode
• Based Scaled Index addressing mode: The contents of an INDEX register is multiplied by a
SCALING factor and the result is added to the contents of a BASE register to obtain the
operands offset.

 Example: MOV ECX, [EDX*8] [EAX]

• Based Index addressing Mode with Displacement: The contents of a BASE register is added
to the contents of an INDEX register to form the effective address of an operand.

 Example: ADD EDX, [ESI] [EBP+00FFFFF0H]

• Based Scaled Index addressing Mode with Displacement: The contents of an INDEX register
are multiplied by a SCALING factor, the result is added to the contents of a BASE register and a
DISPLACEMENT to form the operand's offset.

 Example: MOV EAX, LOCALTABLE[EDI*4] [EBP+80]

3/23/2023 56
 Data Types
Fundamental Data Types:
• Byte
• Word
• Doubleword

3/23/2023 57
 Byte, word and doubleword in memory

3/23/2023 58
 80386 Data Types

3/23/2023 59
 80386 Instruction Set

3/23/2023
Indira College of Engineering Management, Pune 60
 Agenda
• Data Movement Instructions
• Binary Arithmetic Instructions
• Decimal Arithmetic Instructions
• Logical Instructions
• Control Transfer Instructions
• String and Character translation Instructions
• Instructions for Block-Structured Languages
• Flag Control Instructions
• Coprocessor Interface Instructions
• Segment Register Instructions
• Miscellaneous Instructions

3/23/2023 61
 Data Movement Instructions
• Provides convenient methods for moving bytes, words or
doublewords of data between memory and the register.

• Various Classes
o General purpose data movement instructions
o Stack manipulation instructions
o Type-conversion instructions

3/23/2023 62
 General Purpose data movement instructions
• MOV (Move): Transfers a byte, word or doubleword from the source operand
to the destination operand

• Operand options
– To a register from memory
– To memory from a register
– Between general registers
– Immediate data to a register
– Immediate data to a memory

• Memory to Memory and Segment register to segment register, not allowed

• MOVS: string manipulation instruction for memory to memory moves
 Example: MOV EAX, EBX ; Moves contents of EBX to EAX

3/23/2023 63
 General Purpose data movement instructions
• XCHG (Exchange): Swaps the contents of
two operands.

• Operands may be two registers or a register

with memory
 Example: XCHG EAX, EBX
(it exchanges the contents of register with an
another register or the content of register
with content on memory location and vice-
versa.)

• Does not require temporary location to save

the contents of one operand while the other
is being loaded

3/23/2023 64
 Stack manipulation Instructions
• PUSH

• PUSHA

• POP

• POPA

3/23/2023 65
 Stack Manipulation Instructions

• PUSH (Push)
• decrements the stack pointer (ESP), then transfers the source operand to the top
of stack indicated by ESP.
• PUSH is often used to place parameters on the stack before calling a procedure;
• It is also the basic means of storing temporary variables on the stack.
• The PUSH instruction operates on memory operands, immediate operands, and
register operands (including segment registers).
• PUSHA (Push All Registers) saves the contents of the eight
general registers on the stack.
•
• This instruction simplifies procedure calls by reducing the
number of instructions required to retain the contents of the
general registers for use in a procedure

• . The processor pushes the general registers on the stack in the

following order: EAX, ECX,EDX, EBX, the initial value of
ESP before EAX was pushed, EBP, ESI, and EDI.

• PUSHA is complemented by the POPA instruction.

• POP (Pop) transfers the word or doubleword at the current top
of stack (indicated by ESP) to the destination operand, and then
increments ESP to point to the new top of stack.
• POP moves information from the stack to a general register, or
to memory
• There are also a variant of POP that operates on segment
registers.

• POPA (Pop All Registers) restores the registers saved on the

stack by
• PUSHA, except that it ignores the saved value of ESP
 Type Conversion Instructions
• Converts bytes to words, words to
doublewords and doublewords to 64-bit
items
• Specially useful for converting signed
integers
• Two classes:
 The forms CBW, CWD, CDQ and CWDE
(Operates on EAX)
 MOVSX and MOVZX (One register
operand and other may be register or
memory)
•CBW: (Convert byte to word)
AL  AX
•CWD: (Convert word to doubleword)
AX  DX:AX
•CDQ: (Convert doubleword to quadword)
EAX  EDX:EAX
•CWDE: (Convert word to doubleword extended)
AX  EAX
•MOVSX: (Move with sign extension) sign-extends
an 8-bit to 16-bits and 8- or 16- bit value to 32- bit
value
•MOVZX: (Move with zero extension) zero-
extended

3/23/2023 72
There are two classes of type conversion instructions:

1. The forms CWD, CDQ, CBW, and CWDE which

operate only on data in the EAX register.

2. The forms MOVSX and MOVZX, which permit one

operand to be in any general register while permitting
the other operand to be in memory or in a register.
• The cbw (convert byte to word) instruction sign extends the
eight bit value in al to ax.

• That is, it copies bit seven of AL throughout bits 8-15 of ax.

• This instruction is especially important before executing an

eight bit

• This instruction requires no operands

• The cwd (convert word to double word)
• instruction sign extends the 16 bit value in ax to 32
bits and places the result in dx:ax.
• It copies bit 15 of ax throughout the bits in dx.
• It is available on all 80x86 processors which explains
why it doesn’t sign extend the value into eax.
• Like the cbw instruction, this instruction is very
important for division operations.
• Cwd requires no operands
• The cwde instruction sign extends the 16 bit value in ax to 32 bits and
places the result in eax by copying bit 15 of ax throughout bits 16..31
of eax.
• This instruction is available only on the 80386 and later processors.
• As with cbw and cwd the instruction has no operands
• The cdq instruction sign extends the 32 bit value in
eax to 64 bits and places the result in edx:eax by
copying bit 31 of eax throughout bits 0..31 of edx.
• This instruction is available only on the 80386 and
later.
• You would normally use this instruction before a long
division operation.
• As with cbw, cwd, and cwde the instruction has no
operands
• The movsx instruction is a generalized form of the cbw, cwd,
and cwde instructions.
• It will sign extend an eight bit value to a sixteen or thirty-two
bits, or sign extend a sixteen bit value to a thirty-two bits.
• This instruction uses a mod-reg-r/m byte to specify the two
operands.
• The allowable forms for this instruction are
• movsx reg16, mem8
• movsx reg16, reg8
• movsx reg32, mem8
• movsx reg32, reg8
• movsx reg32, mem16
• movsx reg32, reg16
• Note that anything you can do with the cbw and cwde
instructions, you can do with a movsx instruction:
• movsx ax, al ;CBW
• movsx eax, ax ;CWDE
• movsx eax, al ;CBW followed by CWDE

• E.g. movsx EAX,BL

•
This copies the contents of BL register to EAX register. 7th
Bit of BL is copied to the MSB of the EAX register as well
as the AH register
• The movzx instruction works just like the movsx instruction,
except it extends unsigned values via zero extension rather than
signed values through sign extension.

• The syntax is the same as for the movsx instructions except, of

course, you use the movzx mnemonic rather than movsx.

• MOVZX EAX,BL
• This copies the contents of BL register to EAX register. Zero is
copied to the MSB of the EAX register as well as the AH
register.
 Binary Arithmetic Instructions
• Addition and subtraction instructions
– ADD (Add integers)
– ADC (Add integers with carry)
– INC (Increment)
– SUB (Subtract integers)
– SBB (Subtract integers with borrow)
– DEC (Decrement)

• Comparison and Sign change

– CMP (Compare)
– NEG (Negate) subtract from zero

3/23/2023 81
 Binary Arithmetic Instructions

• Comparison : CMP (Compare)-CMP Destination, source

Destination- Source
Result is not stored in either of the dest or source only flags are
updated.
Both source and dest operands must be of same type

• Sign Change: NEG (Negate) subtract from zero

Perform 2’s complement negation of the destination

3/23/2023 82
 Binary Arithmetic Instructions
• Multiplication Instructions: • Division Instructions:
• MUL (Unsigned Integer multiply) • DIV (Unsigned Integer division)

Source Accumulator Result Size of Source Dividen Result Result

(Multiplier (Multiplicand (Product) operand d (Quotien (Remainder)
) ) [Double-length] (Divisor) t)
8-bit AL AX 8-bit AX AL AH
16-bit AX DX:AX 16-bit DX:AX AX DX
32-bit EAX EDX:EAX 32-bit EDX:EAX EAX EDX

• IDIV (Signed Integer division)

• IMUL (Signed Integer multiply) Same register combinations
Three variations: One-, two- and three-
operand form
3/23/2023 83
 Decimal Arithmetic Instructions
 Decimal arithmetic is performed in
 Packed BCD Adjustment instructions
combination with binary arithmetic
• DAA (Decimal adjust after addition)
instructions.
• DAS (Decimal adjust after subtraction)

• To adjust the results of a previous binary

arithmetic operation to produce a valid
packed or unpacked decimal result
• To adjust the input to a subsequent binary
arithmetic operation so that the operation
will produce a valid packed or unpacked
decimal result
 Unpacked BCD Adjustment instructions
• AAA (ASCII Adjust after Addition)
• AAS (ASCII Adjust after Subtraction)
• AAM (ASCII Adjust after Multiplication)
• AAD (ASCII Adjust before division)

3/23/2023 84
 Logical Instructions
 The Boolean operation instructions

Bit test and modify instructions

Bit scan instructions

Rotate and shift instructions

Byte set on condition

3/23/2023 85
 Logical Instructions (Cont…)
 The Boolean operation instructions Boolean operation instructions:

• NOT: not dest ; dest := not dest

Bit test and modify instructions

• AND: and dest, source ;dest := dest and source

Bit scan instructions

• OR: or dest, source ;dest := dest or source

Rotate and shift instructions

• XOR: xor dest, source ;dest := dest xor source

Byte set on condition

3/23/2023 86
 Logical Instructions (Cont…)
 The Boolean operation instructions

Bit test and modify instructions

Bit scan instructions

Rotate and shift instructions

Byte set on condition

3/23/2023 87
 Logical Instructions (Cont…)
Bit test and modify instructions:
• Operates on single bit within the
operand (Register or Memory)
• Bit location is specified as an offset
from low-order end of the operand
Instruction Effect on CF
Bit Scan Instructions:
• Scan a word or doubleword for a one-bit and
store the index of the first set bit into a register
• ZF is set if entire operand is zero
 BSF (Bit Scan Forward)-Bsr locates the first
Effect on
set bit searching from the L.O. bit down to
Selected
Bit the H.O. bit.

BT (Bit test)- BT source, CF  BIT (none)

 BSR (Bit Scan Reverse)-Bsr locates the first
index set bit searching from the H.O. bit down to
BTS (Bit test and Set) CF  BIT BIT  1 the L.O. bit.
BTR (Bit test and Reset) CF  BIT BIT  0
 If these instructions locate a one, they clear
BTC (Bit test and Complement) CF  BIT BIT  NOT the zero flag and store the bit index (0..31)
(BIT)
into the destination operand.
3/23/2023 88
 Logical Instructions (Cont…)
 The Boolean operation instructions

Bit test and modify instructions

Bit scan instructions

Rotate and shift instructions

Byte set on condition

3/23/2023 89
 Logical Instructions (Cont…)
• Shift and Rotate Instructions: Byte set on Condition instructions:
– Shift instructions
• SAL (Shift Arithmetic Left) • Sets a byte to Zero or One depending on any
• SHL (Shift Logical Left) of the 16 conditions defined by the status
• SHR (Shift Logical Right) flags
• SAR (Shift Arithmetic Right)
SETcc (Set byte on condition cc)
– Double shift instructions
• SHLD (Shift Left Double) • Test Instructions:
• SHRD (Shift Right Double)
TEST (Test) performs the logical “and”
– Rotate instructions
• ROL, ROR, RCL, RCR

3/23/2023 90
 SHL/SAL(Shift logical/arithmetic left byte or word or double
word)
• SAL/SHL destination , count
• Shifts all bits left , the bit that goes off is set to CF.
• Zero bit is inserted in the right most position
• Flags affected: OF,CF,AF,PF,SF
• Shr ( Shift logical right byte or word or double word)
SHR destination,count
Shifts all bits right the bit that goes off is set to CF.
Zero bit is inserted to the left most Position.
All Flags affected.
• shr ax, 1 ;Equivalent to AX/2
• shr ax, 2 ;Equivalent to AX/4
• shr ax, 3 ;Equivalent to AX/8
• shr ax, 4 ;Equivalent to AX/16
• shr ax, 5 ;Equivlaent to AX/32
• shr ax, 6 ;Equivalent to AX/64
• shr ax, 7 ;Equivalent to AX/128
• shr ax, 8 ;Equivalent to AX/256
• SAR ( Arithmetic Right Byte or Word or DD)
SAR destination, count
Shifts all bits right the bit that goes off is set to CF. The sign bit
that is inserted to the leftmost position has the same value as
before shift.

• The sar instruction’s main purpose is to perform a signed

division by some power of two.
• sar ax, 1 ;Signed division by 2
• sar ax, 2 ;Signed division by 4
• sar ax, 3 ;Signed division by 8
• sar ax, 4 ;Signed division by 16
• sar ax, 5 ;Signed division by 32
• sar ax, 6 ;Signed division by 64
• sar ax, 7 ;Signed division by 128
• sar ax, 8 ;Signed division by 256
• SHLD( Shift left double precision)
SHLD destination,source,count
shld operand1, operand2, immediate
• The shld instruction shifts bits in operand1 to the left.
• The H.O. bit shifts into the carry flag and the H.O. bit
of operand2 shifts into the L.O. bit of operand1.
• This instruction does not modify the value of
operand2,
• SHRD ( Shift right double precision)
 Rotates
ROL(Rotate left)
ROR( Rotate right)
RCL ( Rotate through carry left)
RCR ( Rotate through carry right)
• ROL(Rotate left)
ROL destination,source
Shifts all bits left the bit goes off is set to CF and the
same bit is inserted to the right most position
• ROR( Rotate right)
• RCL ( Rotate through carry left)

• RCL destination, count

• RCR ( Rotate through carry right)
• RCR destination, count
Byte-Set-On-Condition Instructions
• This group of instructions sets a byte to zero or one depending on any of the
16 conditions defined by the status flags.

• The byte may be in memory or may be a one-byte general register. These

instructions are especially useful for implementing Boolean expressions in
high-level languages such as Pascal.

• SETcc (Set Byte on Condition cc) set a byte to one if condition cc is

true; sets the byte to zero otherwise.
• SET cc destination
If condition is true byte= FF
Else Byte =00H
Conditions
•O Overflow
• NO No overflow
•B Below
• NAE Neither above nor equal
• NB Not below
• AE Above or equal CF = 0
•E Equal
•Z Zero ZF = 1
• NE Not equal
• NZ Not zero ZF = 0
• BE Below or equal
• NA Not above (CF or ZF) = 1
• NBE Neither below nor equal
• NA Above (CF or ZF) = 0
•S Sign SF = 1
• NS No sign SF = 0
•P Parity
• PE Parity even PF = 1
• NP No parity
• PO Parity odd PF = 0
•L Less
• NGE Neither greater nor equal (SF xor OF) = 1
• NL Not less
• GE Greater or equal (SF xor OF) = 0
• LE Less or equal
• NG Not greater ((SF xor OF) or ZF) = 1
• NLE not less equal
Test Instruction
• TEST (Test) performs the logical "and" of the two operands, clears OF
and CF, leaves AF undefined, and updates SF, ZF, and PF.
• The flags can be tested by conditional control transfer instructions or
by the byte-set
• TEST destination, source

• Difference between Test and AND is that TEST does not alter the
destination operand
• Difference between Test an Bit Test is
• BT tests a single bit and
• TEST tests multiple bits in one operation.
 Control Transfer Instructions

Control Transfer Instructions  Unconditional transfer Instructions

(Near and Far)

Unconditional Transfer
• JMP (Jump)- one way transfer of execution
Instructions

• CALL (Call procedure)

Conditional Transfer
Instructions
• RET (Return from procedure)

• IRET (Return from interrupt)

3/23/2023 109
 Control Transfer Instructions
 Conditional transfer instructions
• Conditional jump instructions

3/23/2023 110
 Control Transfer Instructions

 Loop Instructions: (before testing the Software generated interrupts

condition/s it decrements ECX) • INT n (Software interrupt)
• LOOP (Loop while ECX not zero)
• LOOPE (Loop while equal) and • INTO (Interrupt on Overflow)
LOOPZ (Loop while zero)
• LOOPNE (Loop while not equal)
and LOOPNZ (Loop while not • BOUND (Detect value out of range. BOUND
ensures that a signed array index is within
zero) the limits specified by a block of memory
consisting of an upper and a lower bound.)
 Executing a Loop or Repeat zero
times
• JCXZ (Jump if ECX zero)

3/23/2023 111
Loop Instructions
• The loop instructions are conditional jumps that use a value placed in
ECX to specify the number of repetitions of a software loop.

• All loop instructions automatically decrement ECX and terminate the

loop when ECX=0.

• Four of the five loop instructions specify a condition involving ZF that

terminates the loop before ECX reaches zero.
• LOOP (Loop While ECX Not Zero) is a conditional transfer that
automatically decrements the ECX register before testing ECX for the
branch condition.
• If ECX is non-zero, the program branches to the target label specified
in the instruction.
• The LOOP instruction causes the repetition of a code section
• LOOP short_label
• If LOOP finds ECX=0, control transfers to the instruction immediately
following the LOOP instruction.

• If the value of ECX is initially zero, then the LOOP executes 232
times.
• LOOPE (Loop While Equal) and LOOPZ (Loop While
Zero) are synonyms for the same instruction.

• These instructions automatically decrement the ECX register before

testing ECX and ZF for the branch conditions.

• If ECX is non-zero and ZF=1, the program branches to the target label
specified in the instruction.

• If LOOPE or LOOPZ finds that ECX=0 or ZF=0, control transfers to

the instruction immediately following the LOOPE or LOOPZ
instruction.
• LOOPNE (Loop While Not Equal) and LOOPNZ (Loop While
Not Zero) are synonyms for the same instruction.

• These instructions automatically decrement the ECX register before

testing ECX and ZF for the branch conditions.

• If ECX is non-zero and ZF=0, the program branches to the target label
specified in the instruction.

• If LOOPNE or LOOPNZ finds that ECX=0 or ZF=1, control transfers

to the instruction immediately following the LOOPNE or LOOPNZ
instruction.
Executing a Loop or Repeat Zero Times

• JCXZ- (Jump if ECX Zero) JCXZ is useful in combination with the LOOP
instruction and with the string scan and compare instructions, all of which
decrement ECX.
• Sometimes, it is desirable to design a loop that executes zero times if the count
variable in ECX is initialized to zero.
• Because the LOOP instructions (and repeat prefixes) decrement ECX before they
test it, a loop will execute 232 times if the program enters the loop with a zero
value in ECX.
• A programmer may conveniently overcome this problem with JCXZ, which
enables the program to branch around the code within the loop if ECX is zero
when JCXZ executes.
Software-Generated Interrupts
• The INT n, INTO, and BOUND instructions allow the programmer to
specify a transfer to an interrupt service routine from within a
program.
• INT n (Software Interrupt 0-255) activates the interrupt service
routine that corresponds to the number coded within the instruction.
• The INT instruction may specify any interrupt type .
• Programmers may use this flexibility to implement multiple types of
internal interrupts or to test the operation of interrupt service routines.
(Interrupts 0-31 are reserved by Intel.)
• The interrupt service routine terminates with an IRET instruction that
returns control to the instruction that follows INT.
INTO (Interrupt on Overflow) invokes interrupt 4 if OF is set.
• Interrupt 4 is reserved for this purpose.
• OF is set by several arithmetic, logical, and string instructions.

BOUND (Detect Value Out of Range) verifies that the signed value
contained in the specified register lies within specified limits.
An interrupt (INT 5) occurs if the value contained in the register is less
than the lower bound or greater than the upper bound.
BOUND index,Range
Test the value of index register against predefined range of index if it is
out of range then INT 5 is generated.
 String and Character translation instructions

• Set of primitive string instructions Repeat prefixes

(Operand B/W/D) • REP: repeat while ECX not zero
–MOVS: Move string • REPE / REPX: repeat while equal or zero
–CMPS: Compare string • REPNE / REPNZ: repeat while not equal or
–SCAS: Scan string not zero
–LODS: Load string
–STOS: Store string

• Indirect, indexed addressing with auto-

incrementing/decrementing index
–Indexes: ESI & EDI
–Control flag: DF
–Control flag instruction: CLD and STD

3/23/2023 119
 Instructions for Block-Structured Languages

To provide machine-language support for functions normally

found in high-level languages

– ENTER (Enter Procedure): ENTER creates the stack frame

required by most block-structured high-level languages.

– Leave (Leave procedure): LEAVE reverses the actions of

the ENTER instruction. By copying the frame pointer to the
stack pointer, LEAVE releases the stack space used by a
procedure for its local variables.

3/23/2023 120
 Flag Control Instructions
Carry and Direction Flag control instructions
 Flag transfer instructions

• LAHF (Load AH from Flags)

• SAHF (Store AH into Flags)

• PUSHF (Push flags)

• POPF (Pop flags)

3/23/2023 121
• Segment-register transfer instructions • Data pointer instructions
–MOV –LDS (Load pointer using DS)
–POP –LES (Load pointer using ES)
–PUSH –LFS (Load pointer using FS)
–LGS (Load pointer using GS)
–LSS (Load pointer using SS)
•Far control transfer instructions
–Direct far JMP
–Indirect far JMP
–Far CALL
–Far RET

3/23/2023 122
 Miscellaneous Instructions
 Address calculation instruction
• LEA (Load effective address)

 No-operation instruction
• NOP (No operation)

 Translate instruction
• XLAT

3/23/2023 123
 Miscellaneous Instructions
• Address Calculation Instruction
LEA (Load Effective Address) LEA register,source

transfers the offset of the source operand (rather than its value) to the destination
operand.
• The source operand must be a memory operand, and the destination operand must be
a general register.
• This instruction is especially useful for initializing registers before the execution of
the string primitives (ESI, EDI) or the XLAT instruction (EBX).
• The LEA can perform any indexing or scaling that may be needed.
• Example: LEA EBX, EBCDIC_TABLE
Causes the processor to place the address of the starting location of the table labeled
EBCDIC_TABLE into EBX.
• No-Operation Instruction
• NOP (No Operation) occupies a byte of storage but affects nothing but
the instruction pointer, EIP.
• This instruction uses three clock cycles and increments the instruction
pointer (EIP) to point to the next instruction.
• It can be used to increase the delay of a delay loop.
• Translate Instruction
• XLAT (Translate) replaced a byte in the AL register with a byte from a
user-coded translation table.
• When XLAT is executed, AL should have the unsigned index to the table
addressed by EBX.
• XLAT changes the contents of AL from table index to table entry. EBX is
unchanged.
• The XLAT instruction is useful for translating from one coding system to
another such as from ASCII to EBCDIC.
• The translate table may be up to 256 bytes long.
• The value placed in the AL register serves as an index to the location of
the corresponding translation value.