144
`
`4.2 The VAX Architecture
`
`as a general-purpose register, and using R14 is very difficult because it interferes
`with instructions that manipulate the stack frame. Condition codes are used for
`branching and are set by all arithmetic and logical operations and by the move
`instruction. The move instruction transfers data between any two addressable
`locations and subsumes load, store, register-register moves, and memory(cid:173)
`memory moves as special cases.
`
`VAX Addressing Modes
`
`The addressing modes include most of those we discussed in Chapter 3: literal,
`register (operand is in a register), register deferred (register indirect), autodecre(cid:173)
`ment, autoincrement, autoincrement deferred, byte/word/long displacement,
`byte/word/long displacement deferred, and scaled (called "indexed" in the VAX
`architecture). Scaled addressing mode may be applied to any general addressing
`mode except register or literal. Register is an addressing mode no different from
`any other in the VAX. Thus, a 3-operand VAX instruction may include from
`zero to three operand memory references, each of which may be any of the
`memory addressing modes. Since the memory indirect modes require an
`additional memory access, up to 6 memory accesses may be required for a 3-
`operand instruction. When the addressing modes are used with R15 (the PC),
`only a few are defined, and their meaning is special. The defined addressing
`modes with R15 are as follows:
`
`• Immediate-an immediate value is in the instruction stream; this mode is
`encoded as autoincrement on PC.
`
`• Absolute-a 32-bit absolute address is in the instruction stream; this mode is
`encoded as autoincrement deferred with PC as the register.
`
`• Byte/word/long displacement-the same as the general mode, but the base is
`the PC, giving PC-relative addressing.
`
`• Byte/word/ long displacement deferred-the same as the general mode, but
`the base is the PC, giving addressing that is indirect· through a memory
`location that is PC-relative.
`
`A VAX instruction consists of an opcode followed by zero or more operand
`specifiers. The opcode is almost always a single byte that specifies the operation,
`the data type, and the operand count. Almost all operations are fully orthogonal
`with respect to addressing modes-any combination of addressing modes works
`with nearly every opcode, and many operations are supported for all possible
`data types.
`Operand specifiers may vary in length from one byte to many, depending on
`the information to be conveyed. The first byte of each operand specifier consists
`of two 4-bit fields: the type of address specifier and a register that is part of the
`addressing mode. If the operand specifier requires additional bytes to specify a
`
`Ex.1035.176
`
`DELL
`
`

`

`lnstnJction Set Examples and Measurements of Use
`
`145
`
`displacement, additional registers, or an immediate value, it is extended in 1-
`byte increments. The name, assembler syntax, and number of bytes for each
`operand specifier are shown in Figure 4.3. The total instruction length and
`format are easy to state: Simply add up the sizes of the operand specifiers and
`include one byte (or rarely two) for the opcode.
`
`Example
`
`How long is the following instruction?
`
`ADDL3 Rl,737(R2),#456
`
`Answer
`
`The opcode length is 1 byte, as is the first operand specifier (Rl). The second
`operand specifier has two parts: the first part is a byte that specifies the
`addressing mode and base register; the second part is the 2-byte long
`displacement. The third operand specifier also has two parts: the first byte
`specifies immediate mode, and the second part contains the immediate. Because
`the data type is long (ADDL3), the immediate value takes 4 bytes.
`Thus, the total length of the instruction is 1 + 1 + (1+2) + (1 +4) = 10 bytes.
`
`Addressing mode
`
`Syntax
`
`Length in bytes
`
`Literal
`Immediate
`Register
`Register deferred
`Byte/word/long
`displacement
`Byte/word/long
`displacement deferred
`Scaled (Indexed)
`
`#value
`#value
`Rn
`(Rn)
`Displacement (Rn)
`
`1 (6-bit signed value)
`1 + length of the immediate
`1
`1
`1 + length of the displacement
`
`@displacement (Rn)
`
`1 + length of the displacement
`
`Base mode [Rx]
`
`1 + length of base addressing
`mode
`1
`1
`1
`
`Autoincrement
`Autodecrement
`Autoincrement deferred
`
`(Rn)+
`-(Rn)
`@(Rn)+
`
`FIGURE 4.3 Length of the VAX operand specifiers. The length of each addressing
`mode is 1 byte plus the length of any displacement or immediate field that is in the mode.
`Literal mode uses a special 2-bit tag and the remaining 6 bits encode the constant value.
`The data we examined in Chapter 3 on constants showed the heavy use of small
`constants; the same observation motivated this optimization. The length of an immediate is
`dictated by the data type indicated in the opcode, not the value of the immediate.
`
`Ex.1035.177
`
`DELL
`
`

`

`146
`
`4.2 The VAX Architecture
`
`Type
`
`Example
`
`Instruction meaning
`
`Data transfers
`
`Arithmetic,
`logical
`
`Control
`
`MOV*
`MOVZB*
`
`MOVA*
`PUSH*
`
`ADD*
`-
`CMP*
`TST*
`ASH*
`CLR*
`CVTB*
`
`BEQL,BNEQ
`BCS, BCC
`BRB,BRW
`JMP
`AOBLEQ
`CASE
`
`Procedure
`
`CALLS
`CALLG
`JSB
`RET
`Bit-field character
`decimal
`
`EXTV
`MOVC3
`CMPC3
`MOVCS
`ADDP4
`CVTPT
`
`ADDD
`-
`SUBD
`-
`MULF
`-
`POLYF
`
`CHMK,CHME
`REI
`
`CRC
`INSQUE
`
`Floating point
`
`System
`
`Other
`
`Move data between byte, halfword, word, or
`doubleword operands; * is the data type
`Move between two operands
`Move a byte to a halfword or word, extending it with
`zeroes
`Move address of operand; data type is last
`Push operand onto stack
`Operations on integer or logical bytes, halfwords (16
`bits), words (32 bits); *is the data type
`Add with 2 or 3 operands
`Compare and set condition codes
`Compare to zero and set condition codes
`Arithmetic shift
`Clear
`Sign extend byte to size of data type
`Conditional and unconditional branches
`Branch equal/not equal
`Branch carry set, branch carry clear
`Unconditional branch with an 8-bit or 16-bit offset
`Jump using any addressing mode to specify target
`Add one to operand; branch if result ::; second operand
`Jump based on case selector
`Call/return from procedure
`Call procedure with arguments on stack (see Section 3.9)
`Call procedure with FORTRAN-style parameter list
`Jump to subroutine, saving return address
`Return from procedure call
`Operate on variable-length bit fields, character
`strings, and decimal strings, both in character and
`BCD format
`Extracts a variable-length bit field into a 32-bit word
`Move a string of characters for given length
`Compare two strings of characters for given length
`Move string of characters with truncation or filling
`Add decimal string of the indicated length
`Convert packed-decimal strin_g to character strin_g
`Floating-point operations on D, F, G, and H formats
`Add double-precision D-format floating numbers
`Subtract double-precision D-format floating numbers
`Multiply single-precision F-format floating point
`Evaluate a polynomial using table of coefficients in F
`format
`Change to system mode, modify protected registers
`· Change mode to kernel/executive
`Return from exception or interrupt
`Special operations
`Calculate cyclic redundancy check
`Insert a queue entry into a queue
`
`Ex.1035.178
`
`DELL
`
`

`

`Instruction Set Examples and Measurements of Use
`
`147
`
`FIGURE 4.4 (Adjoining page) Classes of VAX instructions with examples. The
`asterisk stands for multiple data types-B, W, L, and usually D, F, G, H, and Q; remember
`how these VAX data types relate to the names used in the text (see Figure 4.2 on page
`143). For example, a MOVW moves the VAX data-type word, which is 16 bits and is called a
`halfword in this text. The underline, as in ADDO_, means there are 2-operand (ADDD2) and 3-
`operand (ADDD3) forms of this instruction. The operand count is explicit in the opcode.
`
`Operations on the VAX
`
`What types of operators does the VAX provide? VAX operations can be divided
`into classes, as shown in Figure 4.4. (Detailed lists of the VAX instructions are
`included in Appendix B.) Figure 4.5 gives examples of typical VAX instructions
`and their meanings. Most instructions set the VAX condition codes according to
`their result; instructions without results, such as branches, do not. The condition
`codes are N (Negative), Z (Zero), V (oVerflow), and C (Carry).
`
`Example assembly instruction
`
`Length Meaning
`
`MOVL @40(R4),30(R2)
`
`MOVAW R2, (R3) [R4]
`
`ADDL3 RS, (R6)+, (R6)+
`CMPL -(R6),#100
`
`CVTBW RlO, (RB)
`
`BEQL name
`
`BRW
`
`name
`
`EXTZV (R8),R5,R6,-564(R7)
`
`MOVC3 @36 (R9), (RlO), 35 (Rll)
`
`ADDD3 R0,R2,R4
`
`5
`4
`
`4
`7
`
`3
`2
`
`3
`
`7
`
`6
`
`4
`
`M[M[40+R4] Jf-32 M[30+R2]
`
`R2~ 32 R3+ (R4*2)
`
`i~M[R6];R6~R6+4; R5~i+M[R6]; R6~R6+4
`R6~R6-4; Set the condition code using: M [ R 6 J -' 1 O O
`8
`Rl016 .. 3lf--16 (M[R8) o)
`## M[R8)
`i f equal(CC) {PC~name}
`PC-128 :::; name < PC+l28
`
`PC~name
`PC-32768 :::; name < PC+32768
`
`t~40 M[R7-564+(R5>>3)];
`i~R5 & 7; j~if R6>=32 then 32 else i f
`R6<0 then 0 else R6;
`32-.
`J ## t39-i--i+l. .39-ii
`M[R8]~32
`0
`Rl~35+Rll; R3~M[36+R9);
`for (RO~M[RlO];RO!=O;RO--)
`{M[R3J~aM[Rl); Rl++; R3++}
`R2=0; R4=0; R5=0
`
`(RO##Rl) ~64 (R2##R3) + (R4##R5)
`register contents are type D floating point.
`
`FIGURE: 4.5 Some examples of typical VAX instructions. VAX assembly language syntax puts the result operand
`last; we have put it first for consistency with other machines. Instruction length is given in bytes. The condition equal (cc)
`is true if the condition-code setting reflects equality after a compare. Remember that most instructions set the condition
`code; the only function of compare instructions is to set the condition code. The names t, i, j are used as a temporaries
`in the instruction descriptions; tis 40 bits in length, while i and j are 32 bits. The EXTZV instruction may appear mysterious.
`Its purpose is to extract a variable-length field (Oto 32 bits) and zero extend it to 32 bits. The source operands to the
`EXTZV are the starting bit position (which may be any distance from the starting byte address), the length of the field, and
`the starting address of the bit string to extract the field from. The VAX numbers its bits from low order to high order, but we
`number bits in the reverse order. Thus, the subscripts adjust the bit offsets accordingly (which makes EXTV look more
`mysterious!). Although the result of the variable bit string operations are always 32 bits, the MOVC3 changes the values of
`registers RO through RS as shown (although any of RO, R2, R4, and RS could be used to hold the count). A discussion of
`why Movc3 uses the GPRs as working registers appears in Section S.6 of the next chapter.
`
`Ex.1035.179
`
`DELL
`
`

`

`148
`
`4.3 The 360/370 Architecture
`
`4.3 I The 360/370 Architecture
`
`The IBM 360 was introduced in 1964. Its official goals included the following:
`1. Exploit storage-large main storage, storage hierarchies (ROM used for
`microcode).
`2. Support concurrent 1/0-up to 5 MB/second with a standard interface on all
`·machines.
`3. Create a general-purpose machine with new OS facilities and many data
`types.
`4. Maintain strict upward and downward machine-language compatibility.
`
`.
`
`.
`
`The System/370, first introduced in 1970, was a successor to System/360.
`System/370 is fully upward compatible with System/360, even in system mode.
`The major extensions over the 360 included
`• Virtual memory and dynamic address translation (see Chapter 8, Section 8.5)
`• A few new instructions: synchronization support, long string instructions
`(long move and long compare), additional instructions for manipulating bytes
`in registers, and some additional decimal instructions
`• Removal of data alignment requirements
`
`In addition, several important implementation differences were introduced in the
`370 implementations, including MOS main memory rather than core, and
`writeable control store (see Chapter 5).
`In 1983, IBM introduced 370-XA, the eXtended Architecture. Until this
`extension, first used in the 3080 series, the 360/370 architecture had a 24-bit
`address space. Additional bits were added to the program status word so that the
`program counter could be extended. Unfortunately, it was common program(cid:173)
`ming practice on the 360 to use the high-order byte of an address for status.
`Thus, old 24-bit programs cannot be run in 32-bit mode (actually a 31-bit
`address), while new and recompiled programs can take advantage of the larger
`address space. The I/0 structure was also changed to permit higher levels of
`multiprocessing.
`The latest extension to the architecture was ESA/370, introduced with the
`3090 model in 1986. ESA/370 added additional instructiqn formats, called the
`Extended formats, with 16-bit opcodes. ESA/370 includes support for a Vector
`Facility (including a set of vector registers) and an extended (128-bit) floating(cid:173)
`point format. The address space was extended by adding segments on top of the
`31-bit address space (see Chapter 8, Sections 8.5 and 8.6); a new and more
`powerful protection model was added as well.
`The remainder of this section surveys the IBM 360 architecture and presents
`measurements for the workload. First, let's examine the basics of the 360
`architecture, then look at the instruction set formats and some sample
`instructions.
`
`Ex.1035.180
`
`DELL
`
`

`

`Instruction Set Examples and Measurements of Use
`
`149
`
`The 360/370 Instruction Set Architecture
`
`The IBM System/360 is a 32-bit machine with byte addressability and support
`for a variety of data types: byte, halfword (16 bits), word (32 bits), doubleword
`(double-precision real), packed decimal, and unpacked character strings. The
`System/360 had alignment restrictions, which were removed in the System/370
`architecture.
`The internal state of the 360 has the following components:
`
`• Sixteen 32-bit, general-purpose registers; register 0 is special when used in an
`addressing mode, where a zero is always substituted.
`
`• Four double-precision (64-bit) floating-point registers.
`
`• Program status word (PSW) holds the PC, some control flags, and the
`condition codes.
`
`Later versions of the architecture extended this state with additional control
`registers.
`
`Addressing Modes and Instruction Formats
`
`The 360/370 has five instruction formats. Each format is associated with a single
`addressing mode and has a set of operations defined for that format. While some
`operations are defined in multiple formats, most are not. The instruction formats
`are shown in Figure 4.6 (page 150). While many instructions follow the
`paradigm of operating on sources and putting the result in a destination, other
`instructions (such as the control instructions BAL, BALR, BC) do not follow
`this paradigm, but use the same fields for other purposes. The associated
`addressing modes are a~ follows.
`
`RR (register-register )-Both operands are simply contents of registers. The
`first source operand is also the destination.
`
`RX (register~indexed)-The first operand and destination are a register. The
`second operand is the contents of the memory location given by the sum of a 12-
`bit displacement field D2, the contents of the register B2, and the contents of the
`register X2. This format is used when an index register is needed (and for most
`loads and stores).
`
`RS (register-storage)-The first operand is a register that is the destination.
`The third operand is a register that is used as the second source. The second
`operand is the contents of the memory location given by the sum of the 12-bit
`displacement field D2 and the contents of the register B2. RS mode differs from
`RX in that a 3-operand form is supported, but the index register is eliminated.
`This instruction format is used for only a small number of instructions.
`
`Ex.1035.181
`
`DELL
`
`

`

`

`

`Instruction Set Examples and Measurements of Use
`
`151
`
`Operations on the 360/370
`
`Just as on the VAX, the instructions on the 360 can be divided into classes. Four
`basic types of operations on data are supported:
`
`1. Logical operations on bits, character strings, and fixed words. These are
`mostly RR and RX formats with a few RS instructions.
`
`2. Decimal or character operations on strings of characters or decimal digits.
`These are SS format instructions.
`
`3. Fixed-point binary arithmetic. This is supported in both RR and RX formats.
`
`4. Floating-point arithmetic. This is supported primarily with RR and RX in(cid:173)
`structions.
`
`Branches use the RX instruction format with the effective address specifying
`the branch target. Since branches are not PC-relative, a base register may need to
`be loaded to specify the branch target. This has a rather substantial impact: in
`general, it means that there must be registers that point to every region contain(cid:173)
`ing a branch target. The condition codes are set by all arithmetic and logical
`operations. Conditional branches test the condition codes under a mask to deter(cid:173)
`mine whether or not to branch.
`Some example instructions and their formats are shown in Figure 4.7. When
`an operation is defined for more than one format, separate opcodes are used to
`specify the instruction format. For example, the opcode AR (add register) says
`that the instruction type is RR; thus, the operands are in registers. The opcode A
`(add) says the format is RX; thus, one operand is in memory, accessed with the
`RX addressing mode. Figure 4.8 (page 152) has a longer listing of 0perations,
`including all the most common ones; a full table of instructions appears in
`Appendix B.
`
`Type
`
`Instruction example
`
`AR R4,RS '
`
`Meaning
`
`R4~ R4+RS
`
`RR
`RX
`RX
`RS
`
`SI
`SS
`
`A
`
`R4,10(RS,R6)
`
`R4~ R4+M[RS+R6+10]
`
`BC Mask, 20 (RS, R6)
`
`i f (CC & Mask) ! =0 {PC~ 20+RS+R6}
`
`STM 20(Rl4),R2,R8
`
`for(i=2;i<=8;i++)
`{M[Rl4+20+ (i-2) *4] ~ 32 Ri}
`
`MVI 20 (RS), #40 .
`
`M[RS+20]~8 40
`
`MVC 10(R2),Len,20(R6)
`
`for{i=O;i<Len+l;i++)
`{M[R2+10+i]~8 M[R6+20+i]}
`
`FIGURE 4.7 Typical IBM 360 instructions with their meanings. The MVC instruction is
`shown with the length as the second operand. The length field is a constant in the
`instruction; standard 360 assembly language syntax includes the length with the first
`operand. The variable i used in the MVC and STM is a temporary.
`
`Ex.1035.183
`
`DELL
`
`

`

`152
`
`4.3 The 360/370 Architecture
`
`Format
`
`Instruction meaning
`
`Change the PC
`Test the condition and conditionally branch
`Branch and link (address of next instruction is placed in
`R15)
`Arithmetic and logical operations
`Add
`Subtract
`Shift left logical; shifts a register by an immediate
`amount
`Load address-put effective address into destination
`Compare storage byte against immediate
`AND immediate into storage byte
`Compare and set condition codes
`Test under mask-perform a logical AND of the
`operand and an immediate field; set condition codes
`based on the result
`Multiply halfword
`Moves between registers or register and memory
`Load a register from memory or another register
`Store an immediate byte in memory
`Store a register
`Load a double-precision floating-point register
`Store a double-precision floating-point register
`Move a double-precision floating-point register to
`another
`Load a halfword from memory into a register
`Insert a memory byte into low-order byte of a register
`Load a register and set condition codes
`Floating-point operations
`Double-precision floating-point add
`Double-precision FP multiply
`Operations on decimal and character strings
`Move characters
`Add packed-decimal strings, replacing first with sum
`Zero and add packed-replace destination with source
`Convert a binary word to decimal doubleword
`Multiply two packed-decimal strings
`Compare two character strings
`Compare two packed-decimal strings
`Edit--convert packed-decimal to character string
`
`Class or
`instruction
`
`Control
`BC
`-
`BAL
`-
`
`RX,RR
`RX,RR
`
`Arithmetic, logical
`RX,RR
`A
`-s
`RX,RR
`-
`RS
`SLL
`
`LA
`CLI
`NI
`c
`-
`TM
`
`MH
`Data transfer
`L -
`MVI
`ST
`LD
`STD
`LPDR
`
`LH
`IC
`LTR
`Floating point
`AD -
`MD -
`Decimal, string
`MVC
`AP
`ZAP
`CVD
`MP
`CLC
`CP
`ED
`
`RX
`SI
`SI
`RX,RR
`RS
`
`RX
`
`RX,RR
`SI
`RX
`RX
`RX
`RR
`
`RX
`RX
`RR
`
`RX,RR
`RX,RR
`
`SS
`SS
`SS
`RX
`SS
`SS
`SS
`SS
`
`FIGURE 4.8 Most frequently used IBM 360 instructions. The underline means that the
`opcode is two distinct opcodes with an RX format and an RR format. For example A_
`stands for AR and A. The full instruction set is shown in Appendix B.
`
`Ex.1035.184
`
`DELL
`
`

`

`Instruction Set Examples and Measurements of Use
`
`153
`
`4.4 I The 8086 Architecture
`
`The Intel 8086 architecture was announced in 1978 as an upward-compatible
`extension of the then-successful 8080. Whereas th~ 8080 was a straightforward
`accumulator machine, the 8086 extended the architecture with additional
`registers. The 8086 fails to be a truly general-purpose register machine,
`however, because nearly every register has a dedicated use. Thus, its architecture
`falls somewhere between an accumulator machine and a general-purpose
`register machine. The 8086 is a 16-bit architecture; all internal registers are 16
`bits. To obtain addressability greater than 16 bits the designers added segments
`to the architecture. This allowed a 20-bit address space, broken into 64-KB
`fragments. Chapter 8 discusses segmentation in detail, while this chapter will
`focus only on the implications for a compiler.
`The 80186, 80286, 80386, and 80486 are "compatible" extensions of the
`8086 architecture and are collectively referred to as the 80x86 processors. They
`are compatible in the sense that they all belong to the same architectural family.
`There are more instances of this architectural family than of any other in the
`world. The 80186 added a small number of extensions (about 16) to the 8086
`architecture in 1981. The 80286, introduced in 1982, extended the 80186
`architecture by creating an elaborate memory-mapping and protection model and
`by extending the address space to 24 bits (see Chapter 8, Section 8.6). Because
`8086 programs needed to be binary compatible, the 80286 offered a real
`addressing mode to make the machine look just like an 8086.
`The 80386 was introduced in 1985. It is a true 32-bit machine when running
`in native mode. Like the 80286, a real addressing mode is provided for 8086
`compatibility. There is also a virtual 8086 mode that provides for multiple 20-bit
`8086 address partitions within the 80386's memory. In addition to a 32-bit
`architecture with 32-bit registers and a 32-bit address space, the 80386 has a new
`set of addressing modes and additional operations. The added instructions make
`the 80386 nearly a general-purpose register machine-. for most operations any
`register can be used as an operand. The 80386 also provides paging support (see
`Chapter 8). The 80486 was introduced in 1989 and added only a few new
`instructions, while substantially increasing performance.
`Since 8086 compatibility mode is the dominant use of all 80x86 processors,
`we will take a detailed look in this section at the 8086 architecture. We will
`begin by summarizing the architecture and then discuss its usage by typical
`programs.
`
`8086 Instruction Set Summary
`
`The 8086 provides support for both 8-bit (byte) and 16-bit (called word) data
`types. The data type distinctions apply to register operations as well as memory
`accesses.
`
`Ex.1035.185
`
`DELL
`
`

`

`154
`
`4.4 The 8086 Architecture
`
`The address space on the 8086 is a total of 20 bits; however, it is broken into
`64-KB segments addressable with 16-bit offsets. A 20-bit address is formed by
`taking a 16-bit effective address-as an offset within a segment-and adding it
`to a 16-bit segment base address. The segment base address is obtained by
`shifting the contents of a 16-bit segment register 4 bits to the left.
`
`Class
`
`Data
`
`Address
`
`Segment
`
`Control
`
`Register
`
`Purposes of class or register
`
`AX
`
`BX
`ex
`
`DX
`
`SP
`BP
`SI
`DI
`
`cs
`SS
`
`DS
`
`ES
`
`IP
`
`FLAGS
`
`"\
`
`Used to hold and operate on data
`Used for multiply, divide, and l/0; sometimes an implicit
`operand; AH and AL also have dedicated uses in byte
`multiply, divide, decimal arithmetic
`Can also be used as address-base register
`Used for string operations and loop instructions; CL is the
`dynamic shift count
`Used for multiply, divide, and I/0
`Used to form 16-bit effective memory addresses
`(within segment)
`Stack pointer
`Base register-used in based-addressing mode
`Index register, and also used as string source base register
`Index register, and also used as string destination base
`register
`Used to form 20-bit real memory addresses
`Code segment-used with instruction access
`Stack segment-used for stack references (SP) or when
`BP is base register
`Data segment-used when a reference is not for code (CS
`used), to the stack (SS used), or a string destination (ES
`used)
`Extra segment-used when operand is string destination
`Used for status and program control
`Instruction pointer-provides the offset of the currently
`executing instruction (this is the lower 16-bits of the
`effective PC)
`Contains six condition code bits-carry, zero, sign,
`borrow, parity, and overflow-and three status control
`bits
`
`FIGURE 4.9 The 14 registers on the 8086. The table divides them into four classes that
`have restricted uses. In addition, many of the individual registers are required for certain
`instructions. The data registers have an upper and lower half: xL refers to lower byte and
`xH to upper byte of register x.
`
`Ex.1035.186
`
`DELL
`
`

`

`Instruction Set Examples and Measurements of Use
`
`155
`
`The 8086 provides a total of 14 registers broken into four groups-data
`registers, address registers, segment registers, and control registers-as shown in
`Figure 4.9. The segment register for a memory access is usually implied by_ the
`base register used to form the effective address within the segment.
`The addressing modes for data on the 8086 use the segment registers implied
`by the addressing mode or specified in the instruction with an override of the
`default mode. We will discuss how branches and jumps deal with segmentation
`in the section on operations.
`
`Addressing Modes
`
`Most of the addressing modes for forming the effective address of a data
`operand are among those discussed in Chapter 3. The arithmetic, logical, and
`data-transfer instructions are two-operand instructions that allow the com(cid:173)
`binations shown in Figure 4.10. ·
`
`Source/destination operand type
`
`Second source operand
`
`Register
`
`Register
`
`Register
`
`Memory
`
`Memory
`
`Register
`
`Immediate
`
`Memory
`
`Register
`
`Immediate
`
`Instruction types for the arithmetic, logical, and data-transfer
`FIGURE 4.10
`instructions. The 8086 allows the combinations shown. lmmediates may be 8 or 16 bits in
`length; a register is any one of the 12 major registers in Figure 4.9 (not one of the control
`registers). The only restriction is the absence of memory-memory mode.
`
`The memory addressing modes supported are absolute (16-bit absolute
`address), register indirect, based, indexed, and based indexed with displacement
`(not mentioned in Chapter 3). Although a memory operand can use any
`addressing mode, there are restrictions on wh.at registers can be used in a mode.
`The registers usable in specifying the effective address are as follows:
`
`• Register indirect-BX, SI, DI.
`
`• Based mode with 8-bit or 16-bi.t displacement-BP, BX, SI, DI. (Intel gives
`two names to this addressing mode, Based and Indexed, but they are
`essentially identical and we combine them.)
`
`• Indexed-address is sum of two registers. The allowable combinations are
`BX+SI, BX+DI, BP+SI, and BP+DI. This mode is called Based Indexed on
`the 8086.
`
`Ex.1035.187
`
`DELL
`
`

`

`156
`
`4.4 The 8086 Architecture
`
`• Based indexed with 8-bit or 16-bit displacement-the address is sum of
`displacement and contents of two registers. The same restrictions on registers
`apply as in indexed mode.
`
`Operations on the 8086
`
`The 8086 operations can be divided into four major classes:
`
`I. Data movement instructions, including move, push, and pop
`
`2. Arithmetic and logic instructions, including logical operations, test, shifts,
`and integer and decimal arithmetic operations
`
`3. Control flow, including conditional and unconditional branches, calls, and
`returns
`
`4. String instructions, including string move and string compare
`
`Instruction
`
`JE name
`
`JMP name
`
`CALLF name,seg
`
`Function
`
`if equal(CC) { I Pf-name } ;
`IP-128 ~ name < IP+l28
`
`I Pf-name
`
`SPf-SP-2; M[SS:SP]f-CS; SPf-SP-2;
`M[SS:SP]f-IP+5; IPf-name; CSf-seg;
`
`MOVW BX, [DI+45]
`
`BXf-15M [DS: DI+45]
`
`PUSH SI
`
`POP DI
`
`SPf-SP-2; M[SS: SP] f-SI
`
`Dif-M[SS:SP]; SPf-SP+2
`
`ADD AX,#6765
`
`AXf-AX+ 67 6 5
`
`SHL BX, 1
`
`TEST DX,#42
`
`MOVSB
`
`BXf-BXi. .15 ## 0
`Set CC flags with DX & 42
`
`M[ES:DI]f-9M[DS:SI];
`Dif-DI+l; Sif-SI+l
`
`FIGURE 4.11 Some typical 8086 instructions and their functions. A list of the most
`frequent operations appears in Figure 4.12 (page 158). We use the abbreviation SR:X to
`indicate the formation of an address with segment register SR and offset X. This effective
`address corresponding to SR:X is (SR«4)+X. The CALLF saves the IP of the next
`instruction and the current CS on the stack.
`
`Ex.1035.188
`
`DELL
`
`

`

`Instruction Set Examples and Measurements of Use
`
`157
`
`In addition, there is a repeat prefix that may precede any string instruction,
`which says that the instruction should be repeated using the value in the ex
`register for the number of repetitions. Figure 4.11 shows some typical 8086
`instructions and their functions.
`Control-flow instructions must be able to address destinations in another
`segment. This is handled by having two types of control-flow instructions:
`"near" for intrasegment (within a segment) and "far" for intersegment (between
`segments) transfers. In far jumps, which must be unconditional, two 16-bit
`quantities follow the opcode. One of these is used as the instruction pointer,
`while the other is loaded into CS and becomes the new code segment. Calls and
`returns work similarly-a far call pushes the return instruction pointer and return
`segment on the stack and loads both the instruction pointer and code segment. A
`far return pops both the instruction pointer and the code segment from the stack.
`Programmers or compiler writers must be sure to always use the same type of
`call and return for a procedure-a near return does not work with a far call, and
`vice versa.
`Figure 4.12 (page 158) summarizes the most popular 8086 instructions. Many
`of the instructions are available in both byte and word formats. A full listing of
`instructions appears in Appendix B.
`The encoding of instructions in the 8086 is complex, and there are many
`different instruction formats. Instructions may vary from one byte, when there
`are no operands, up to six bytes, when the instruction contains a 16-bit imme(cid:173)
`diate and uses 16-bit displacement addressing. Figure 4.13 (page 159) shows the
`instruction format for several of the example instructions in Figure 4.11 (page
`156). The opcode byte usually contains a bit saying whether the instruction is a
`word or byte instruction. For some instructions the opcode may include the
`addressing mode and the register; this is true in many instructions that have the
`form "registerf-register op immediate." For other instructions a "postbyte" or
`extra opcode byte contains the addressing mode information. This postbyte is
`used for many of the instructions that address memory. The encoding of the
`postbyte is shown in Figure 4.14 (page 160). Finally, there is a byte prefix that is
`used for three diffen:mt purposes. It can override the default-segment usage of
`instructions, and it can be used to repeat a string instruction by a count provided
`in CX. (This latter function is useful for string instructions that operate on a
`single byte or word at a time and use autoincrement addressing.) Third, it can be
`used to generate an atomic memory access for use in implementing
`synchronization.
`
`Ex.1035.189
`
`DELL
`
`

`

`158
`
`4.4 The 8086 Architecture
`
`Instruction
`
`Meaning
`
`Control
`
`JNZ, JZ
`
`JMP, JMPF
`
`Conditional and unconditional branches
`
`Jump if condition to IP+ 8-bit offset; JNE (for JNZ), JE (for JZ) are alternative names
`
`Unconditional jump-8-bit or 16-bit offset intrasegment (near), and intersegment (far)
`versions
`
`CALL, CALLF
`
`Subroutine call-16-bit offset; return address pushed; near and far versions
`
`RET, RETF
`
`Pops return address from stack and jumps to it; near and far versions
`
`LOOP
`
`Loop branch-decrement CX; jump to IP + 8-bit displacement if CX :;t:O
`
`Data transfer
`
`Move data between registers or between register and memory
`
`MOV
`
`PUSH
`
`POP
`
`LES
`
`Arithmetic,
`logical
`
`ADD
`
`SUB
`
`CMP
`
`SH