80386DX Basic Programming Model 1.1 _ Introduction Intel began with developing the first microprocessor of 4-bt Le. 4004, The specialties of some of the processors of Intel in order of their evolution are listed below in Table 1.1.1 Table 1.1.1 Processor | Prefetch Features Queue Size CLK speed Bus width Some special features Data | Address 4004 : 740 kee, 4bits | 4bits _|World’s first microprocessor 4040 : 4bits | 4bits [Interrupts were introduced 8008 : abits | Bbits 8080 - 2 MHz Bbits | 16bits 8085 : 3 MHz, 5 MHz Bbits | bits [Serial Communication was introduced 8086 6 5 MHz, tebits | 2obits |1- Multibus compatible (multiprocessor configuration 8MHz, aaa 2, Introduction of pipelining 10. MHz 3.__ Concept of Memory Segmentation. 8088 4 S MHz spits | 20bits 80186 6 5 MHz It has two on-chip Timers, DMA Controller and Interrupt Controller 80286 6 6MHz 16bits | 24bits |Memory protection to support multi-tasking 80386 16 16,20,25,33MH2z | 32bits | 32bits_|Conceptof Virtual Mode 80486 32 25, 33,50 Miz Level 1 cache on-chip8 _Microprocessor (SPU) 42 1.1.1 Introduction to 80386DX ~The 80386Dx Is a true 32 bit microprocessor, It is @ logical extension of the Intel 80286. The 80386 is software compatible with Intel 8086, 80186 and £80286. It consists of separate 32 bit internal registers, a 32 bit address and data bus, 1 has a 32 bit physical address and can access upto (2 bytes) Le. 4 GB of main memory and (2* bytes) ie. 64 Tetrabytes of virtual memory. It can be operated from a 12.5 MHz, 16 MHz, 20 Miz, 25 MHz or 33 MHz clock. ~ _ Itgives us the following facilities, (@) Multitasking support, (2) Memory management, (3) Pipelined architecture, (4) Address translation cache, (5) High-speed bus interface. (6) Expanded instruction set. (7) Page Translation. (8) _ Interrupts and Exceptions _It-can operate in three different modes. These modes are in the order oftheir increased complexity. They are () Real Address mode. (W) Virtual 8086 mode, (il) Protected Virtual Address mode, ~ The Real address mode is also referred to as real mode. 1 function is to Initialize the 80386Dx for protected mode operation. ~The protected virtual address mode Is referred as the Protected mode. It provides paging, virtual a multilevel protection, capabilities. iddressing, ‘multitasking and debugging ~The virtual mode allows the execution of 096 application, taking an advantage of 80386 protection mechanism. ~ The 80386 has an 8086/0088 compaubllty in which half of the processor shuts down and the other hat becomes an embedded 8086, This allows us to run a fast 8086. 809860X Basic Programming Moy 1.1.2 80386DX Features | University Question} Q. Write features of 80386, Features of 80386 1. Flexible 32-bit microprocessor i. 8, 16 or 32 bit dat types 2. 8 general purpose 32-bit registers available 3. Large memory space (@) 44GB Physical Memory and (©) 647 Virtual Memory. 4. Integrated Memory Management Unit (@) Virtual Memory support (b) Optional on-chip paging (©) 4levels of protection Virtual 8086 mode allows running of 8086 software in protected mode 6. Object code compatible with 8086 7. Hardware debugging support 8. Optimized system performance (@)__ Pipelined instruction execution (©) On chip Translational caches ie, Translational Look-aside Buffers (TLB) (16 to 20 Mita operation. A 16 MHz 80386Dx Provides almost 10 times higher performance than that ofa standard 5 Mitz 806 processor. 9. High speed Numeric support using 80387 coprocessor 10, 132 pin grid array package 1.2. Memory Organization and Segmentation Q. Explain Memory Bank of 80386 processor. Explain memory Organization in 80386DX. Explain sogmentation in 80386DX. BESET asssor (SPPU) 13 {80386 can access 8 bt, 16 bit or 32 bit data, The word or 16-bit data Is stored In two consecutive byte locations with lower byte at the lower address and higher byte at the higheraddress. ‘The double word or 32-bit data fs stored In four consecutive bytes locations in memory with byte 0 at the lowest address and byte 3 at the highest address. The entire memory can be divided Into multiple segments of variable length segments, Maximum addressing capability 80386 has a address bus size of 32 bits. Hence the total memory it can access can be 4 gigabytes (2 bytes). ‘Thisis the maximum size of the main memory. ‘80386 has a special method of addressing memory (will be seen later), wherein 14 bits of selector and 32 bits of offset Le. a total of 46 (32+14) address lines are available for virtual memory access. Hence @ maximum of 64 gigabytes (2 bytes), is possible to be interfaced ‘with 80386 Fig. 1.2.1 shows the organization of 80386DX physical memory system. Fig. 1.2.1: Memory organization of 80386 DX ‘803860X Basle Programming Modo Its divided into four 8-bit wide memory banks such that each memory bank contain upto 1 Gbytes of memory. It allows bytes, words or double words of memory data to be accessed directly, ‘The bytes are numbered from location 00000000 11 + FFFFFFFFHL 1.2.1 The "Flat" Modo! In a "Flat" Model of memory organization, the applications programmer sees a single array of up to 2" bytes (4 gigabytes). While the physical memory can contain up to 4 slgabytes, It Is usually much smaller; the processor maps the 4 gigabyte flat space onto the physical address space by the address translation mechanisms. Applications programmers do not need to know the details of the mapping. A pointer into this flat address space is a 32-bit ordinal number that may range from 0 t0292—1, Relocation of separately-compiled modules in this space must be performed by systems software (eg, linkers, locators, binders, loaders). Linear address Seas eee 3 gmonted models used | ‘|WE_Microprocessor (SPPU) = 1.2.2 The Segmented Model In a segmented model of memory organization, the address space as viewed by an applications program (called the logical address space) isa much larger space of up to 2 bytes (64 terabytes) The processor maps the 64 terabyte logical address space onto the physical address space (up to 4 Sigabytes) by the address translation, Applications Drogrammers do not need to know the details of this mapping. Applications programmers view the logical address space of the 80386 as a collection of up to 16;383 one- dimensional subspaces, each with a specified length Each ofthese linear subspaces is called a segment. A segment is @ unit of contiguous address space. Segment sizes may range from one byte up to a maximum of 2% bytes (4 gigabytes). A complete pointer in this address space consists of two parts: 1. A segment selector, which is a 16-bit field that identifies segment. 2. Amoffset, which is a 32-bit ordinal that addresses to the byte level within a segment, During execution of a program, the processor ‘associates with a segment selector the physical address of the beginning of the segment. Separately compiled modules can be relocated at run time by changing the base address of thelr segments. ‘The size of a segment Is variable; therefore, a segment canbe exactly the size of the module ft contains. 809860 Basi Progamming Yoo = Segmentation is implemented differently in ater odes of operation. We will See the same whe, studying those modes 1.2.3 Architecture of 80386DX TEES With the help of @ block diagram explain the basic a. architecture of 80386 processor. SEE aPSO Draw and explain in short block diagram of 60386 SPPU=Novi12:10 Marks Draw the functional architectural. diagram ef. the processor. '80386 DX processor and explain the function of each BESET ‘The 80386 as shown in Fig. 1.2.3 consists of a central block. Processing unit (CPU), memory management uat (MU) and a bus interface unit (BIU), The CPU consists of execution unit and instruction decoding unit. The execution unit consists of 8, 32-bit seneral purpose registers for both address and data It also consists ofa barrel shifter used to speed the shift Totate, multiply and divide operations The MMU consists ofa segmentation unit and a paging unt Segmentation unt allows the conversion of logical address to linear address. Paging mechanism allows conversion from linear address to physical address if Paging Is enabled. The segmentation unit provides four level of protection to protect applications, aperating system, system drivers and kernel from each other. The BIL handles all external accesses by providing the address and generating the respective control signals RF att80386DX Basic Programming Model Microprocessor (SPPU) vawe13s34 Asne woul ‘WHTELNTONOH somuoud ysonbou oneoeui, oN +f peaueo eas iz frvecredd a 5 on scone wasangaiy may eniog ypu ob sopoy yeauoo sna Fig. 1.2.3 : Block diagram of 80386DX ‘The block diagram of 80386DX Includes the following units as shown In Fig. 1.2.3.16 80386DX Basic Programming Model W¥_Microprocessor (SPPU) 1 7 Bus Interface Unit (BIU) ‘This unit includes the address drivers, transceivers for data bus and bus control signals as seen in the block diagram, Prefetcher and the prefetch queue ‘The prefetcher fetches the Instructions from the external memory and stores them in the prefetch queue to be executed further. The prefetch queue Is 16- byte in size, Instruction decoder and decoded instruction queue ‘The Instruction decoder takes the instruction from the prefetch queue and after decoding it, stores them in the decoded Instruction queue. The decoded instruction ueue can store upto three decoded instructions, Control ROM and the sequencing logic ‘The control ROM provides the control signals to be Issued for the corresponding instruction, which are then sequenced by the sequencing logic Execution unit ‘The execution unit-includes.a multiply unit, adder, barrel shifter and divide unit. It also includes the registers which are explained in detail in the next section Le. programmer's model of 80386/Pentium Protection unit This unit is responsible for protected mode operation of 80386 which supports multi-tasking. This will be explained in detail in the subsequent sections of this chapter. ‘Segmentation unit ‘This unit is responsible for segmentation mechanism, It {salso an important feature that supports multi-tasking {n protected mode. This unit will be discussed in detail with the different modes of operation of 80386DX in this chapter. Paging unit This unit converts the linear address to physical address, This unit 1s also described In the further sections of this chapter, 1.2.4 Bus Interface Unit (BIU) What is BIU 7 BIU asthe name statess the interface ofthe processor with the outside world, It is responsible forall memory and 1/0 read and write operations, Todo ths task, ithas 32-bit data bus, address bus as well as 32: ‘The tasks/functions of the BIU are: ~ It fetches the instruction from the memory into the prefetch queue, ~ It generates address for accessing instructions using the Code Segment register (CS) and the Extended Instruction Pointer (EIP), = It also accesses memory for data ie. manages the memory read as well as write operation. ~ _ Italso performs the read and write operations with the 1/0 devices, ~ Ithas data transceivers to manage the data in both directions Le. read as wellas write on the data bus, It also has address drivers to drive the current requirements on the address pins. Itcontrols the interaction with external bus masters as wellas co-processors, 1.2.5 Prefetcher and Prefetched Queue Q. ‘What is the necessity of prefetch queue 2 SER As the name states, the prefetch queue fetches the instructions and stores in FIFO manner in advance Le. before itis to be executed, ‘The operation of refetching instructions is performed by the BIU (Bus Interface Unit, Need of prefetch queue ~The ALU of the processor normally Performs the Srteution of the instruction at a very high speed Compared to the instructions being fetched,W__Microprocessor (SPPU) 17 80386DX Basic Programming Model pus to this, the execution ofthe processor halts when the instruction is fetched and hence decreasing the speed of the execution of instructions by the processor wherein there is linear execution te. fetch followed by execute and again fetch If the instruction is prefetched or fetched before Its execution in advance then, the processor execution doesn't stalls and hence gives good throughput or fast execution. 1.3 Registers EULER Q. Draw real mode register sot of 80386 and explain their function, Q._ With the help of diagram explain 80386 applications register set. EERE ‘The intel x86 architecture register set has six, 16-bit registers and twenty four,32-bit registers as shown in Fig, 13.1 and is subdivided into the following groups 4. Base architecture register (a) General purpose registers (b) Instruction Pointer (© Flags register (2) Segment registers 2. System registers (@)_ Memory management registers (b) Control registers 3, Debug and test registers 32 it names s6bit names: exh [AAR SALT] Accumulator eax[ [HBX BL] Base pointer eox(Fa loa ex nL] Counter Ex | DH DX DL] Data Register esp SP. ‘Stack Pointor BP, {aso Pointer of Destination index z ‘St N) Source Index ——_ a6 |¢——16 brs —>| are TF Instron Pointor ertacs’ [ral FLAGS. Flags Register a ‘Code Segment TDS a] Data Sogmont a ES Extra Segment TBS] Stack Segment i Fig. 1.9.1 : Base architecture registers809860% asic Programming Mode, 1.3.1 Goneral Purpose Roglaters: 1 AX (Accumulator) {usually accumulates the result of any ALU but can also be used as General » purpose, (In 36 and above FAX may also hold an address to access a memory location.) It also works as a via register for 1/0 andl string tnstenietions, EBX box Ba bitregister, aX 16 bit register Biland DL | Obit registers le works as Base Index. (In 386 and above EDX may also hold a address to access a memory location) ECX (Countor) BCX 32 bit register Cx) | ne bitregtater CHand CL} Gbitregisters |e Its used for repeated string Instructions, shift, rotate and Loop Instructions. (In 386 and above ECX may also hold an address to access a memory location) EDX (Data Register) EDX 32 bitregister Dx. 16 bit register Diliand DL | Gbitregisters Wt holds result after multiplication or for division it holds the dividend. (In 386 and above EDX may also hold a address to access a memory location) EBP (Base Pointer) Teoh | Gabi aan pol aébueregister Itworks as random pointer for stack segment, £01 (Destination Index) Itholds the destination data for string Instructions, Por ‘thor instructions it 1s used to select a focation in data regiment 7, C61 (Source index) Bt | 42 bit register St} 16 bitregister Wt holds the source for string Instructions, For other Instruction It Is used to select a location in data segment, 0, ESP (Stack Pointer) Used to address the memory location In the stack segment in assoclation with stack segment register, 1.3.2 Instruction Pointer 1. ‘The instruction pointer 1s a 32-bit register called EIP, 2, Wholds the offset address within a segment of the next Instruction to be executed. The offset Is always relative to the base pointed by the code segment register, 3. The lower 16-bits of the FIP contain the 16-bit Instruction pointer named IP, which Is used for 16-bit offset addressing. EIP > 80206 and above In Protected Mode, IP > 8086/0006, Real Mode of 80286 and above, 1.3.3 Segment Registers @ How "Cs, 8s, Ds, ES dite furtionally 2 8 from real mode She, 16-bit segment r sters CS, SS, DS, ES, FS, and GS hold segment selector values kentiying the currently addressable memory segments for the protected mode Cperation. While for the real or virtual modes (iscussed In later sections of this chapter), when multiplied by 1011, provide the starting address of the corresponding segments, 2. {he selector In CS indicates the current code segment the selector in $5 indicates the current stack segment, and the selectors In DS, ES, FS, and GS indice the Current four data segments, TecateW__Microprocessor (SPPU) 19 809860X Basle Programming Model 4.3.4. Systems Flag Register (EFLAGs) i Q.__ Give significance of VM. (©. Explain the FLAGs of 80386 processor. 0. Explain and draw bit pattern for lag register of 803860X with significance of each bit Q. Whatis the use of Direction Flag? EEE @._Draw and explain the flag register of 80386. Q. Describe following different flags defined in 80386 processor : (a) DF (b) VM (c) NT (d) AF Eee Q._Drawand explain EFLAGs register of 80386. SE = Flag register isa part of the EU. @. What is the use of interrupt flag? Pea ~Itconsisting of 32 lip flops. ~ Aflagisa flip lop. This register indicates some condition produced by the execution of an instruction. = eg::lfzero flag (ZF) is set, Ifthe result of execution of an instruction is zero. = Aflag can control certain operations of the CPU. — Fig. 13.2 shows the 32 bit extended flag register of the 80386DX. ToEyeEuE Bes eT ese SST WD [vsfre fi [wr] ome Jor] or] [re] se] ze] far] fre for Viral 2066 Mode (va) System Flag Resume Fag (RF) Systm Fag Nested Task (NT) system Fag Vo Pavtege Level OPL)_ System Flag Overow Fag (OF) suave Fg Direction Fag (OF) Control Flag Interrupt Enable Flag (IF) Control Flag Trap Flag (TF) ‘Control Flag 1 sing 8 status Fag : Zero Flag (2F) Status Flag Airy Cary (AF) status Fag Party Flag (PF) satus Fag ? Carry Flag (CF) Status Flag ‘Shaded portion : Reserved 10386 EFlags register Fig. 1.9.2:03860% 0 Brogesenering Mery Microprocessor (SPPU) 1086 4.5.1 Comparison of real modo or virtunl modo of 80306 and actual 6 EDEL a ih, HO, HOLE, and 8006, Jesigned for the In general, the 00306 in realaddress mode will correctly execute software designed for th 80199. Table 1.5.1 some of the minor differences between 1086 execution on the H036 and on a Table 1.6.1 : Comparison of Real made or Virlual mode of 60386 and actual 046 | Parameter | 006 Real/Virtual mode of 10386 Instruction | 096 takes more clock pulses to | The 80306 takes fewer clocks for most Instructions than the #6, clock counts | execute the same instructions as | 008, The area's most likely tobe affected are: 90306 (a) Delays required by 1/0 devices between 1/0 operations. (b) Delays with 8006/2000 operating in parallel with an 80% Divide On the 8086/8088, the CS:IP | Divide exceptions on the 80386 always leave the saved CSAP value exceptions | value points to the next | pointing to the Instruction that faled, point to the | instruction, piv Instruction LOCK ts] The LOCK prefix and Its | The 60306 always asserts the LOCK signal during an XCHG Instruction with memory (even if the LOCK prefix Is not used). LOCK may only be used with the following 80386 instructions when they update memory: BTS, BTR, BTC, XCHG, ADD, ADC, XUB, SBB, INC, Interrupting a memory data | DEC, AND, OR, XOR, NOT, and NEG. An undefined - opcode except movement operation. In 8086, LOCK prefix can be used for all restricted to | corresponding output signal certain | should only be used to prevent Instructions | other bus masters _ from (Interrupt 6) results from using LOCK before any other instruction. Instructions Single 8006 prevents an external | The priority of the 80386 single-step exception is different from that Stepping | Interrupt handler from being | of the 8086/8080. The 60306 will still single -step through an | external | singlestepped if the Interrupt | interrupt handler invoked by the INT instructions or by an exception. Interrupt | occurs while a program Is being handlers _| single-stepped. Iv The 8086/8088 causes exception | The 00366 can generate the largest negative number asa quotient for | xceptions | zero In case of negative number | the IDIV instruction when dividing a negative number by zero. for divide by zero, | quotients of | 80H or [sooo| 80386DX Basic Programming Model W__MicroprocessorSPPU) 413 The memory is subdivided into parts called as segments. Segments can start at any base address (multiple of 10H) in memory, and storage overlapping between segments allowed. A virtual (logical) address in x86 is formed using two components: 1. A.16-bit segment register, used to determine the linear base adres fet reitrinsidethe segment oa] [xo] ie © Fig. 1.5.1 : Addressing In real mode Parameter 8086 Real/Virtual mode of 80386 NM In 8086, NMI could be | After an NMIis recognized on the 80386, the NMI interrupt is masked Interrupting | interrupted by another NMI | untilan IRET instruction is executed Mt signal handlers one The 8086, which can form | The 80386 does not wrap addresses at 1 megabyte in real ~ address megabyte | addresses only up to 20 bits long, | mode. On members of the 8086 family, it possible to specify wraparound | truncates the high - order bit, | addresses greater than one megabyte, For example, with a selector thereby “wrapping” this address. | value OFFFFH and an offset of OFFFFH, the effective address would be AOFFEFH (1 Mbytes + 65535 - 16). Ta 1.5.2 Addressing in Real Mode oacaoceH Teor cove Q. Explain Memory Segmentation of 60386 RE ora Microprocessor in Real mode. EE ePe DATA ©. Wie diference between real and protected mode aan ‘of 80386 with respect to: Memnory segmentation Titre] 8:0 BREE Segment sorent Qi Explain how physical address is formed in lene) £80386 DX microprocessor. SITES @. Draw and explain the system address and system FRrFTEPH segment register. MEMORY SETA Fig. 152 Although 80386 has 32 address lines, the addressing mechanism explained above, allows 80386 to access only 1 MB + 64KB- 1 Bin real mode. This is because the maximum value a segment register can have Is FFFFH. ‘The offset added to it can be again of a maximum value of FFFFH, ‘Thus the lastaccessible location is, FFFFOH+FFFFH = OOO1FFEFH. ‘This is 1 MB + 64 KB ~ 16 B starting from 00000000H. ‘Although when switched on 80386 keeps the 12 MSBs (of the 32 bit address) at logic ‘1’, allowing the processor to access the lower segment of the memory. But the first branching instruction it executes, makes the processor to access the top locations (00000000H to 0001FFEFH.Microprocessor (SPPU) uta 3. 80386 can access only 4 segments of this at a time Le. code segment, data segment, stack segment and extra segment in real or virtual mode. To access 4 segments 80386 has four 16-bit segment register CS, DS, S$ and ES to hold the base address of the segments and 16-bit offset registers to hold the offset address for each of the segments. Code segment ‘The programs are stored in this segment. Instruction fetch operation is performed from code segment. CS register holds the 16-bit base address for this Segment and IP register (Instruction pointer) holds the 16-bits offset address. Data segment This segment is used to store data. This segment also holds the source operands during string operations, DS register holds the 16-bit base address for this Segment and BX register is used to hold the 16-bit offset. SI register (Source Index) holds the 16-bit offset ‘address during string operation. Stack segment This segment holds the stack, which operates in LIFO manner, ‘SS holds Its base address and SP (stack pointer) holds the 16-bit offset address of the top of the stack, BP (base pointer) is used as offset regh random access of stack Extra segment ister during This segment mainly stores destin ation operands during string operations. ES holds the base address and DI holds the offset address during string operations. Address calculation ‘The 20-bit phystcal address is calcul bit base address and the 16-bit follows : lated using the 16- offset address as Physicaladdress = Segment address x10 H + offset address 809860X Baste Programing Wy on sno os [am] 1p [ose oe CSIP = o409¢ ‘oct ana Monon cxarent mises [a0 To ow + [ome i mae al rereeeren FE Sone LSet Fig. 1.5.3 The offset is the distance in bytes from the start ofthe segment. ~The offset is given by the IP for the code segment. Instructions are always fetched with using the cs register ‘The physical address is also called the absolute address, ‘Advantages of segmentation Segmentation is very useful for” multi-user environment, wherein sharing of data and protection of data Is possible by restricting use of certain segments tothe users, 2. Itallows the programmer to access more memory using only smaller registers. 3 Multiple segments for code allows separate programs to be written in different segments and hence can be Stored in modular structure, Similarly data can also be stored in modular structure, 4+ It divides the memory logically to store instructions data and stack separately, Disadvantages of segmentation 1 Atany given time the entire memory is not accessible. 2. To access any memory location 2 registers (Base and Offset) need to be initialized, 1.6 _ Protection Mode This mode is mainly meant for multi tasking cberations. Multiple tasks running stmultaneous! Separate code, data and sta care of proper authenticat segment. sy using ick Segment. Besides it also takes lon of a task to access a particulat ea80386DX Basic Programming Model Microprocessor (SPPU) 1-15 1.6.1 Protection Mechanism (a) Data stored in a segment with PL = p can be 41, Most processors have only two protection levels (user accessed only by code executing at a Pl, numerically, at least as privileged as p. and supervisor), but x86 architecture features four levels of protection, called privilege levels (PL). (b) Acode segment (a procedure) with PL=p can be 2. They are designed to support the needs of multitasking called only by a task executing at, numerically, 05 to isolate and protect user programs from each the same or lower PL than p. other and the OS from unauthorized access, (0 Astack segment with PL = p can be used only by a task executing at the same PL. ‘The following PLs are used to maintain privilege level ‘APPLICATION check: (@) Requestor PL, RPL, the PL of the original task that supplies the selector. RPL is determined by the two LSBs of the selector. (b) Descriptor PL, DPL, the PL (according to the above rules) at which a task may access that descriptor and the segment associated with that descriptor. Bits 6 and § of the access rights byte (ARB) of a descriptor determine the DPL. Current PL, CPL, the PL at which a task is currently executing, Le, at which the code segment is being executed. CPL Is stored in the processor, but not accessible to the programmer. (@) Effective PL, EPL, the least privileged of the RPL and the CPL. Since smaller PL. values indicate greater privilege, EPL is the numerical maximum ‘of RPL and CPL, Le. EPL = max (RPL, CPL). EPL is not stored anywhere, but is immediately copied into CPL. System segments describe information about tasks, Interrupts, subroutines etc. The different types (the lower four bits of ARB for a system descriptor) of KERNEL PL=0 MOST PREVILEDGED) © Privilege levels of the tasks In x86 architecture Fig. 1.6.1 3. The privilege levels control the use of privileged Instructions, 1/0 instructions, and access to segments and segment descriptors. The x86 architecture offers ‘an additional type of protection on a page basis, when | 7, Paging is enabled, Requested PL => RPL Descriptor PL => DPL system descriptor are as listed below: Current = PL => CPL ‘TYPE 2 - Itrefers to LDT descriptor. It is located in the Effectiva’ PL so! EPL GDT and points to the base of the LDT. EPL = max (RPL, CPL) TYPE 4, 7,6 BF These refer to gate descriptors. he 4. the Ps a a gates are used to control access to entry points within ire numbered 0, 1,2, and 3. Level 0 Is the mos CP eiek cide samen tee, cmt jrmsker Instructions. This also allows processor to perform Privileged level. Level 3 Is the least privileged. As protection checks automatically, There are four types shown In Fig. 1.6.1, level 3 Is used for user application, level 2 Is used for 0S extensions, level 1 for system | or pates: services, and the most privilege is used for ferries and the mort prveged level 0 ts uss (a) Call gates that serve as an intermediary between a. code segments at different PLs. Call gates are The x86 architecture controls access to both data and ie evanes ine Fis Code between levels of task, according to the following ules of privilege: pis2 Microprocessor (SPU) 14 (HA (avattabte) bit mechantan ‘Tho Avallable bitin the Descriptor indicates whether this descriptor is available or already used by some Other ate, that two task should not the same seyment (WW) Type check mechaniam ™) = Non L 6 User / Supervisor check mechanism = U/S bitin the page table entry, “ei LOOK Bal regio ig, A system segment access 1s possible only by a system selector (LVF, TH and all yates) "Executable Segment can be accessed only hy code segment register as w selector. Non-executable stack segment can he accessed hy stack segment register as selector, executable data seyment can be accessed hy data segment register as a selector, 4 9 ‘This bitindlcates whether the poe isa supervisory paye ora general user page, an 12 ob 70543524 o 1.6.3 Task Managomont 1 2 A task ts an Instance of the execution of a program, ‘A very Important feature of any multtasking system Is the ability to switch rapidly between tasks ‘The task switch operation saves the entire state of the machine {all registers, the memory varlables and a link to the previous task, loads a new execution state, Performs protection checks, and begins the execution of new task, This context fs stored In or retrleved from the assoclated Task State Segment (TSS). ‘The current TSS {s {dentified by a speclal CPU register called Task Register (TR), The task switch operation proceeds according to the following steps: (a) The entire task sate, as discussed above,ts saved Inits TSS pointed to by TR. (b) The TRis loaded with a selector for the new TSS, and the user-Invistble registers are loaded with the contents of the new TSS descriptor from the GDT. The CPU registers are loaded from this new 88. ()__ Protection checks are performed, (4) The execution of the new task begins from the entry point. A task gate descriptor acts a1 an Interface point between the task register and the T55. ‘The task gate descriptor contains a selector that points tothe TSS and an access right byte ‘The current program In execution should have fts CPL ‘and RPL privileged enough to invoke the task gate, ‘There must be a valid task state segment (TSS) for the called task. The stack pointers in the TSS for privilege levels numerically less than or equal to the initial CPL, ‘must also point to valid stack segments, ‘The task register also must point to an area In which to save the current task state, After the first task switch, the Information dumped in this area Is not needed, and the area can be used for other purposes, 1.7_ Mode Switchin: When switching from one mode to another there are {ot of initialization to be done. These tasks are discussed the following sub-sections, 9Microprocessor (SPPU) 1.7.1 Switching to Protected Mode = Setting the PE bit of the MSW in CRO begins execution of 80386 In protected mode (for compatibility with £00286, the LMSW instruction may also be used to set the PE bit) = The Current Privilege Level (CPL) starts at zero, Le. highest privilege = The segment registers continue to point to the same Jinear addresses as in real address mode. In real address mode, linear addresses are the sanie physical addresses since there is no paging. Immediately after setting the PE fag, the Initialization code must flush the processor’s instruction prefetch queue by executing a MP instruction = The 80386 fetches and decodes instructions and addresses before they are used; however, after a change Into protected mode, the prefetched instruction Information (which pertains to real-address mode) is no longer valid and hence should be flushed. A JMP does this by forcing the processor to discard the invalid information. Software Initialization for Protected Mode Most of the initialization required for protected mode can be done either before or after switching to protected mode. If done in protected mode the initialization procedures must not use protected-mode features that are not yet initialized. The following things need to be Snitialized: 14) Interrupt Descriptor Table = The IDTR may be loaded in either real or protected mode. The format of the interrupt table for protected ‘mode Is different than that for real-address mode. = It Is not possible to change to protected mode and ‘change interrupt table formats at the same time; Hence, ft ls possible that, If IDTR selects an interrupt table, it may have the wrong format. = Hence if an interrupt or exception that occurs, it will have unpredictable results, To avoid this ‘unpredictability, interrupts should remain disabled ‘until Interrupt handlers are in place, a valld IDT has been created and IDTR initialized In protected mode. 80386DX Basic Programming Model Stack ‘The SS register may be loaded in either real mode or protected mode. If loaded in real-address mode, SS continues to point to the same linear base-address after it switches to protected mode. Global Descriptor Table Before any segment register is changed in protected ‘mode, the GDTR must point to a valid GDT. Initialization of the GDT and GDTR may be done in real mode, The GDT (as well as LDTs) should reside in RAM as the processor modifies the accessed bit of deseri Page Tables Page tables and the PDBR in CR3 can be initialized in either real mode or in protected mode; however, the paging enabled (PG) bit of CRO cannot be set until the processor is in protected mode. PG may be set simultaneously with PE. When PG Is set, the PDBR in CR3 should already be initialized to a physical address that points to a valid page directory. ‘The initialization procedure should adopt one of the following strategies to ensure consistent addressing before and after paging is enabled: ‘The page that is currently being executed should map to the same physical addresses both before and after the PG bit is set. {A JMP instruction should be immediately followed by setting of PG bit. ‘Then the first task can be executed, ‘The initialization procedure can run while in protected mode without initializing the task register, but, before the first task switch, the following conditions must prevail (a) Value in EAX after self-test indicates. if the particular 80386 unit is faulty. If the self-test is not requested, the contents of EAX after RESET remain undefined. (b) | DX holds a component identifier and revision number after the RESET, DH contains 3, which indicates It is an 80386 component. DL contains a unique identifier of revision level,ee Microprocessor (SPPU) 4:20 (©The remaining registers and flags are set as follows after RESET: EFLAGS = 00000000H 1B = 000000001 CSselector = FFFFH DSselector = 000K ESselector = 0000 SSselector = 0000H FSselector = O000H GSselector = 00001 IDTR:base = 0000H limit = O3FFH All registers not mentioned above remain undefined, 5. Interrupt Table = The Initial state of the 80386 leaves. interrupts Aisabled; however, the processor will attempt to Access the interrupt table if an exception or non- > maskable interrupt (NMI) occurs. S “After this the First Instruction begins its execution, ‘After RESET, address lines Ay.-Azg are automatically asserted for Instruction fetches. This fact, together with the initial values of CSP, causes Instruction execution to being at reset physical address Le, FFFFFFFOH. 1.7.2 Switching Back to Real-Address Mode ‘The processor re-enters real-address mode if software clears the PE bit in CRO using a MOV to CRO instruction. A. Procedure that attempts to do this should proceed as follows: 1, Ifpaging is enabled, perform the following sequence: ‘Transfer control to such alinear addresses that have an {Identity mapping: Le, linear addresses equal physical addresses, Disable paging by clearing the PG bit in CRO Move zeros to CR3 so as to clear out the paging cache. ‘Transfer control to a segment that has a limit of 64K (FFFFH) only. This also loads the CS register with the limit teneeds to have in real mode, Load segment register SS, DS, ES, FS, and GS with a selector that polnts to a descriptor contalning the following values that are appropriate to real mode. oY 803800X Basle Programing Moy ) Limit = 64K (FFF Granular bit, = 0 Expand up bit, E= 0 Writable bit, W= 1 Present bit, P= 1 Base canbe any value Disable interrupts by a CLI Instruction to disable TR and NMI by external circultry, Clear the PE bit in CRO. Jump to the real mode program location using a far Jump instruction that Mushes the instruction quewe and puts appropriate values in the access rights of the CS register. Use the LIDT instruction to load the base and limit of the real-mode interrupt vector table (IVT) Enable interrupts by STI Instruction for INTR and by external hardware for NMI. Load the segment register as required by the real-mode code, After a signal on the RESET pin, registers of the 80306 are set to predefined values. These values are adequate to enable execution of a bootstrap program, but some additional initialization must be performed by software before all the features of the processor can be utilized, ‘This fact, together with the initial values of causes Instruction execution to begin. at physica address FFFFFFFOH, also called as reset address of 80386. Near (Le. intra-segment) jump or «all {Instructions may be used to pass control to other addresses in the upper 64 K bytes of the address space The first far (Intersegment) JMP or CALL instruction ‘causes Ayy-Az to drop low, and the 80386 continue executing Instructions in the lower one megabyte of Physical memory, This automatic assertion of address lines Ayy ll systems designers to use a ROM at the high end oft address space to initialize the system, also maintalait compatibility with 8086,Aticroprocessor (SPPU) MINIT ‘©, Explain the various data types supported by 80386, EEA Q._Ust fundamontat data types of 80386, ‘The 80386 supports fallowing data types: 1 Bit 2, Bit field - a group of data of maximum 32 bits (4 bytes). 3. Bit string =a string of contiguous bits of maximum AG bytes in length. 4. Signed byte signed byte data, 5, Unsigned byte ~ unsigned byte data, 6. Integer word ~signed 16-bit data 7. Long integer ~ 32 bit signed data represented in 2's ‘complement form, 8 Unsigned Integer word ~ unsigned 16 bit data. 9, Unsigned long integer = unsigned 32 bit data, 10, Offset -a 16 or 32 bit displacement that references a memory location using any of the addressing modes. 11, Pointer = it consists of pair of 16 bit selector and 16 / 32 bit offset. 12, Character - An ASCII equivalent to any of the alphanumeric or control characters, 13, Strings = There are the sequences of bytes, words or © double words. A string may contain minimum one byte and maximum 4 Gigabytes. 14, BCD ~ Decimal digits from 0 - 9 represented by ‘unpacked bytes. 15, Packed BCD ~ It represents two packed BCD digits using a byte Le. from 00 to 99. The 80386 architecture has capability of performing ‘operations on different data types. = The different data types that t supports are: 1.8.1 je Programming Model 1. Fundamental Data Types 2. Numeric Data Types (a) Data Types Unsigned integer| oe Fig. 1.8.1 : Data Types. Fundamental Data Types | ‘The fundamental data types are most commonly used data types. Generally 8 bit data Is called as “bytes”. The registers that are 8 bit are AL, AH, BL, BH, CL, CH, Dl, Di. at ie 7 ° ete 15 87 ° Fignet |p Lower _ bye byte [Wort 15 ° Upper -- oe Lower ramps |h ay Dovteword Fig. 1.8.2 : Fundamental data types ‘The bit data is referred by “words”, The 16 bit registers are AX, BX, CX, DX, SP, SI, DI, BP, IP. Some Instructions operate on 32 bit data. The 32;bit data {s called as “double word”, The 32 bit registers are EAX, EBX, ECX, EDX, ESI, EDI, ESP and EBP. ra¥ Microprocessor (SPPU) 4-22 80386DX Basle Programming Hogg Thus, bytes, words, doubleword are the fundamental data types. Fig, 1.8.2 shows these fundamental data types, 1.8.2 Numeric Data Types For supporting diferent arithmetic operations in addition to the fundamental data types the numeric data types were introduced. They comprise signed and unsigned integers. 1.8.2(A) Data Types Unsigned Integer = The unsigned Integers comprise of binary number, beginning from 0 upto maximum possible positye number in the operand size that is selected, — Fora unsigned byte Integer the range of values Is 0. 255, for a unsigned word integer the range of valuesis 0 to 65535, for a unsigned doubleword integer the range of values is 0to 2”? ~1. = The unsigned integers can also be called as ordinals. = Fig. 1.83 shows the unsigned integer types. 1.8.2(B) Signed Integers ~The signed integers are used for representing the p 2's complement binary value. e as well as negative values of integers, Signed integer is the = Fora double word integer the sign bit is located in bit 31. The range of values is ~ 2" to 2-1, ~ Fora word integer the sign bit is located in bit 15. The range of values Is - 32, 768 to + 32,767. — Fora byte integer the sign bit is located in bit 7. The range = Thesign bitis clear (Le. 0) for positive integers as well as 1 — Fig 18.3 shows the signed integer types. of values are - 128to +127. ero, whereas for negative numbers the sign bitis set. Byte unsigned integer Word unsigned integer Doubleword unsigned integer| ‘ a 3] Bre signod intager Word signod intogor 130 5 onto st ge Fig. 1.8.3 : Numeric data types c© Microprocessor (SPPU) 1-23 80386DX Basic Programming Model 4.8.3. Bit Fleld Data Type Fig. 1.84 shows a bit fleld data type. This data type consists of a continuous sequence of bits that can start at any position in the memory. = The bit field data type can comprise upto 32 bits. Bit fold ied length LSB (Least significant bit) Fig. 1.8.4 : Bit field data type 1.8.4 Bit String Data Type = This data type consists of a continuous sequence of bits that can start at any position in the memory. The bit string data type can comprise upto 2-1 bits. = The pointers indicate the addresses of the memory locations. = _There are two types of pointers that are supported. They are : (0 Nearpointer (i) Farpointer (© Near Pointer ‘The near pointer is a 16 bit or 32 bit offset or effective address in a segment. These pointers are used in memory segmented model for references. The segment that is accessed is implied. The near pointers can also be used for references in a flat memory model. (ii) Far Pointer | 1.8.5 Pointer Data Types | I | =... The far pointer comprises of a 16 bit segment selector and 16 or 32 bit offset. They are used in segmented model for {) memory references in cases where the identity ofthe segment that s being accessed should be explicitly specified. Fig 1.85 shows the pointer data types. at Noaroffct ° [GE Offeot aaa] Near pointer 32.91 o a7 [Ie Segment soloctar Ran [ANNE Ofsot SN] Far pontor Fig. 1.8.8 : Pointer data types , Wires¥E_Microprocossor (SPPU) 1.8.6 String Data Types ‘Strings are generally long sequences consisting of bits, words or double words, It can start at any location. The string can be of bytes, words or double words ranging from 0102" (4 Ghytes), 1.8.7 BCD and Packed BCD Integers ~The BCD (binary coded decimal) integers have values from 0 to 9, They are unsigned 4-bit integers. ~ _ Fig. 1.8.6 shows the BCD and packed BCD integers. — When used in general purpose registers the values can be packed (two BCD digits (0 - 3, 7 ~ 4) per byte (0 ~ 99)) value or unpacked (one BCD digit (0 3) per byte) (0-9) value. 743 0 x [aco | BCD integers 7 30 Packed BCD integer’ Bco | BCD. Fig. 1.8.6 : BCD and packed BCD integers 1.9 Instruction Format = The information encoded In an 80386 instruction {includes a specification of the operation to be performed, the type of the operands to be manipulated, and the location ofthese operands. If an operand is located In memory, the instruction must also select, explicitly or implicitly, which of the currently addressable segments contains the operand. 80386 instructions are composed of various elements and have various formats. The elements of instructions are described below. OF these instruction elements, only one, the opcode, Is always present. ‘The other elements may or may not be present, depending on the particular operation involved and on the location and type of the operands, 609060X Basi Programing, = The elements of an instruction, in order of occur, areas shown in Fig. 1.9.1: mete Senge Fig. 1.9.4 = Prefixes: one or more bytes preceding an instruct that modify the operation of the instruction. Tk following types of prefixes can be used by appliain programs: 4k Segment override + explicitly specifies whit segment reglster an instruction should ws thereby overriding the default segment-regise selection used by the 60386 for that instruction 2. Address size : switches between 32-bit and If bitaddress generation 3. Operand size: switches between 32-bit and 14 bit operands. 4. Repeat : used witha string instruction to caus the instruction to act on each element of & string = Opcode : specifies the operation performed by & instruction. Some ‘operations have several differ opcodes, each specifying a different variant of operation. ~ Register specifier: an instruction may speciy on? two register operands, Register specifiers may 0! elther in the same byte as the opcode or in the 87 byte asthe addressing-mode specifier. - _ Addressing-mode specifier : when present, spec!” ‘whether an operand is a register or memory locati™™ In memory, specifies whether a displacement, ™ register, an index register, and scaling re tobe wsWE Meroprocossor (SPPU 1.25 £80380X Basle Programming Modal “= SID (scale, Index, base) byte when the address Je specifier indicates that an Index register will be id, an SID byte mod used to compute the address of an ope luded in the Instruction to encode the base fs incl register, the index register, and a scaling factor. Displacement : when the addressing-mode specifier indicates that a displacement will be used to compute the address of an operand, the displacement Is encoded in the instruction, A displacement Is a signed integer of 32, 16, or elght bits. The eight-bit form Is used in the common case when the displacement Is sulfictently small. The processor extends an elght-bit displacement to 16 07 32 bits, taking into account the sign. hhen present, directly provides = Immediate operan the value of an operand of the instruction. Immediate ‘operands may be 8, 16, or 32 bits wide. n eases where an eight-bit immediate operand 1s comblned In some way with a 16> or 32-bit operand, the processor automatically extends the size of the eight-bit operand, taking Into account the sign 0 Segment Override Prefix = Normally for each offset, segment Is fixed. But using segment override prefix one can change segment registers. = Foraddressing modes DS may be overridden by CS, SS, or ES; and when BP [s used, SS may be overridden by €S, DS, or ES, Specific cases that cannot Involve overrides are as follow: 1. The CS register Is always used as the segment register when computing the address of the next Instruction to be executed. 2. For stack pointer SP, SS Is THE SEGMENT REGISTER. 3. For string operation ES is by default segment register for destination operand. 1.11 Operand Selection (Addressing Modes) [Een GQ! Withexampies explain’ tho! different addressing ‘modes of 80386 processor. : ui on SOT n Instruction, It performs When 80306 executes speelfic function on data, The data Is normally referred rands may be contalned In registers, as operands. Opt within the Instruction itself, In memory or In 1/0 ports. = The source operand can be one of the following : 1. aregister 2, the Instruction Itself (an immediate operand) 3. anI/0 port 4, amemory location = The destination operand can be one of the following : 1, aregister 2 ant/0 port 3, amemory location 1.11.1 Immediate Operands In some instructions the programmers use the data that Is encoded In the Instruction Itself. These operands are called Immediate operands or Immediates). — Foreg.a MOV instruction transfers an immediate value ‘0f 20 to the contents of the EAX register: = MOVEAX, 2011 = Inall the arithmetic Instructions (except the DIV and wwiv immediate number. instructions) the source operand can be 1.11.2 Register Operands In 80386 = In 80386, the valid source and destination operands can be any of the following registers : ce and Destination | Registers bean eat: ‘32-bit general-purpose | EAX, EBX, ECX, EDX, ESI, registers DLLESP, oF EDP Tobit general-purpose | AX, BX, CX, DX, Sl, DL SP, registers or bP B-bit general-purpose | All, BIL, CH, DH, AL, BL, registers CL, or DL segment reglsters CS, DS, 55,8, Wy estesBE_Microprocessor (SPPU) 4.26 803860X Basie Programming yoy Se seoing Source and Destination | Registers = The, instructions like, MUL DIV. use quadyg, Operands eps : operands. Flag register EFLAGS register ~The register pairs are represented as : EDX : EAX, pp ins the high order bits and EAX contains X87 FPU registers STO through ST7, status Fapeatng the ia tela der bits of a quadword operand. word, control word, tag. aed s i word,’ data operand || 1.11.3 Memory Operands pointer, and instruction = _ Inthe memory the source and the destination operang pointer (ecresgtederaen mice can be addressed by using an offset and a segmer control registers RO, CR2, CR3, and CRE selector as shown in Fig, 1.1.1, system table pointer | GDTR, LDTR, IDTR, and ee a 2 ‘| ‘Segment registers task register selector ] ote debug registers g regi DRO, DR1, DR2, DR3, DR6, Fig: 141.1: Memory operand size and DR7 ‘dressing modes Register addressing Immediate Memory mode addressing addressing mode mode Direct... Register -..., Based ‘addressing indirect addressing ‘mode addressing. mode ‘mode ‘Scaled index Based f Index mode scaled addressing Index mode mode ith displacement Fig. 1.11.2 : Addressing modes of 80386. ‘The Offsets indicate the linear or effective address of the operand. They can be of 16 bits (represented by the notatio, 1m16:16) or 32 bits (represented by the notation m16:32). it selectors point to the segment consisting the operand, ese different types of operands, 80386 has to address memory or 1/0 device. The address of memory 32) .d in several different ways, normally referred as “Addressing modes.” These addressing mod? ty and convenience of the instruction set. = The Segment = Toaccess th 1/0s can be calculate greatly extend flexibili “The addressing modes ofthe 60386.can be cateorized shown nig 1.123, oat i wien1 Rogistor Addressing Modo 2. Immodiato Addressing Modo (a)Diroct Adrossing Modo (b)Rogister Indirect Addrossing Modo ] (6)Based Modo (diindox Mode (0}Scalod Indox Modo (Based indoxed Modo (g)Based Sealed Indox Mode (h)Based Index Mode with Displacement ()Based Sealed Indox Mode With Displacement 4 String Addressing Mode ‘implied Addressing Mode of 80386 Fig. 1.11.9: Addressing mod 80386 has 32 Blt Addressing Modes and 16-Bit Addressing Modes, 432-Bit Addressing allows full scale memory access with 32 Bit physical addresses are generated. This mode is default in Protected Virtual Address Mode (PVAM) of the 80386 Processor. In this mode - ‘Valid Base Registers are : EAX, EBX, ECX, EDX, ESI, EDI, ESP, ‘EBP Valld Index Registers are : EAX, EBX, ECX, EDX, ESI, EDI, EBP (Le. All except ESP) Valid Sealing Factors are 1,2, 4,6 Displacement s part of Instruction and can be elther 8-bit (d8) or 32-bit (432) "{ebie Addressing allows fll compatibility with 8086/8086/80286 processors generating 20 bit physical addresses. This mode Is default in Real mode of the 80386 Processor. In this mode - _., Walld Base Registers are : BX, BP Valid index Registers are : S1, DI Valid Scaling Factors are: 1 (Le. No scaling allowed) Displacements part of Instruction and can be elther 8-bit (d8) or 16-bit (416) aes Wintme80386DX Basic Prog: Microprocessor (SPPU) 8 Table 1.1141 se Rei dade eae Mode | Example St. [Addressing Mode | Mechanism a No. e : _ | M EB 1. [Register Register > Data 16,32 | MOV EAX, EBX 2, [Immediate Instruction > Data 16,32 | MOV EAX. 12345678, 3._{Direct Instruction > Address > Memory Data 16,32 [MOV EAX, (1234567) 4. | Register Indirect Register > Address } Memory Data 16,32 | MOV EAX, [EBX] 5 [Indexed Index Register + displacement 16,32 [MOV EAX, > address > Memory Data [ESI + 2345678h] 6. | Base Addressing > address > Memory Data Base Register + displacement 16,32 |MOV EAX, [EBX + 2345678h] 7. |Base Indexed Base Register + Index Register 16,32 | MOV EAX, > address > Memory Data [EBX + ESI] 8 [Base Indexed —_with| Base Register + Index Register 16,32 | MOV EAX, Displacement + displacement > address > Memory Data [EBX + ESI + 12345678h] 9. |Scaled indexed (Index Register * Scaling) 32 |MOVEAX, + displacement > address only | 4resi + 12345678h] > Memory Data 10. |Base Scaled Indexed Base Register + (Index Register * Scaling) > 32 [MOV EAX, address > Memory Data only | [eBx+ 8*ESI] 11, [Base Scaled Indexed with| Base Register + (Index Register * Scaling) + 32 [MOV EAX. [EBX + 2*ES1 Displacement displacement > address > Memory Data jonly _|12345678h) 1.11.4 Reglster Addressing Mode {University Question} Q! “Explain ‘register addressing mode with an examples, _ EE ~ _ Inthis mode of addressing, data is in the registers and the Instruction specifies the particular registers as shown In Fig. 1.11.4, This addressing mode is normally preferred because the instructions are compact and fastest executing ofall Instruction forms. The reason why it Is fastest executing Is Just because, all the registers reside on chip, therefore data transfer is within the chip and external bus is notatall required, Fig. 1.11.4 : Register addressing Registers may be used as source operands, destinati? operands or both, The registers may be 8 bit, 16 bit or 32 bit, ©8: MOV EAX, EDX. This instruction will copyW_Microprocessor (SPPU) 4.11.5 Immediate Addressing Mode Explain ‘examples, Bee _ Immediate operand is nothing but constant data contained in an instruction. = Ifthe source operand is a part of the instruction instead of register or memory, it is referred as immediate addressing mode. = Fig. 1.115 shows the format of instruction encoded with immediate operand. ‘OPCODE, Immediate operand Fig. 1.11.5 : Instruction encoded with an immediate operand = The immediate data may be 8 bits, 16 bits or 32 bits in length. = Immediate operand can be accessed quickly because they are available directly in the instruction queue like a register and hence there is no need of external bus and bus cycles to obtain the data = The immediate operands only serve as source operands. = Theyhave constant values. eg + MOV. ECK, 20305060H. This Instruction copies 20305060H in the EAX register. 1.11.6 Memory Addressing Modes In this addressing, memory operands must be transferred to and from the CPU over the bus. Effective address = The offset calculated for a memory operand is called as the operand's effective address or EA. = It Is an unsigned 32 bit number that expresses the operand's distance in bytes from the beginning of the segment in which it resides. = The effective address 1s computed by adding any ‘combination of the following four components. = Displacement : 8 or 32 bit immediate data following the instruction. 16 bit displacements can be used by Inserting an address prefix before instruction. 1.29 80386DX Basic Programming Modo! = Base: The contents of any general purpose register can, be used as base. = index : The contents of any general purpose register can be used an index register Note: ESP cannot be 19 an Indax re ‘The elements of an array or a string of characters can be accessed via the index register. = Scale : The index register’s contents can be multiplied {scaled) by a factor of 1,2, 4 or 8, Scaled index mode ts efficient for accessing arrays or structures. Thus, EA= Base register + (Index Register x Scaling factor) + Displacement Physical address generation Once, we get EA, we can calculate the PA (physical address) as, PA = segment: Offset u uv PA = Segment register: EA PA = :+X-+(8,160r32 bit displacement} ‘The different memory addressing modes available are : Direct addressing mode Register indirect addressing mode Based mode Index mode Scaled index mode Based index mode Based scaled index mode Based index mode with displacement Based scaled mode with displacement. 1.11.6(A) Direct Addressing Mode @. Explain ‘the addressing mode of 80386 showing physical address generation with example : Direct. STEEPwy Microprocessor (SPPU) 1-90 4 In this mode, the effective address is taken from the displacement field of the instruction. The effective address 's used as 8, 16 or 32 bit displacement from the current value of the data segment register. 80386DX Basic Lesa 1.11.6(C) Based Mode In this mode the contents ofa base register are adie, to displacement, n order to obtaln the operand’s effec, Instruction address, ; [i Address. peode | i Address A Memory EA = {base register} + (8, 16 or 32 bit displacement) Registers PA =: +(8,160r32bit displacement} . Tnstrction ————_| 2 cot ada SeorentRediar [+10 nome ([[icpode [bese eon [on 7 E Momory | Rogistors as) ee Fig. 1.11.6 : Direct addressing ee [—o— Operand MOV Ax, [1897 Hi] Here EA = 1897 H PA=DS+1897H 1.11.6(B) Register Indirect Addressing Mode GQ. Explain the addressing mode of 80386 showing Physical address generation with example : Register indirect. In this mode a base or index register contains the operands effective address, EA = (base register}/{index register} (Physical Address) PA = segment: offset PA = segment :EA PA = or] eg. MOV EBX, [ECX] EA=ECX PA=DS+ECX Inston +10 ‘Segment rogistor Fig. 1.11.8: Based addressing mode MOV ESI, [EAX + 2311] EA=EAX+23H PA=DS+EAK 4234 1.11.6(D) Index Mode In this addressing mode, an index register’s contents are added to a displacement to obtain the operands effective address, Note ;_ ESP cannot act as index pointer, PA=:+ (8, 16 or 32 bit displacement) Instruction Speode TT ior registe [Ott aaarany Memory 7 Pevior operand | © Oren Beomont regina} Fig, 1.11.9: Indexed addressing modeMicroprocessor (SPPU) 1 eg: SUB COUNT [EDI], EAX EA=EDI + Offset of COUNT PA=DS + EDI + Offset of count 4.11.6(E) Scaled Index Mode Ce @. Explain the addrossing modo of 80386. showing physical address gonoration with examplo : Scaled indexed with displacement LITT J In this mode the contents of an index register are ‘multiplied by a scaling factor of (1, 2, 4 or 8) which is then added to the displacement to obtain the operand’s effective address. EA. = (Index register x Scaling factor) + (8,16 or 32 bit displacement} : X+ (8, 16 or 32 bit displacement} PAs eg, MOV [ESI * 8], ECK EA=ESI*8 PA=DS+(ESI*8) 1.11.6(F) Based Indexed Mode Q/ Explain the addressing mode, of 80386,, showing physical address generation with example ;. Based In this mode the contents of a base register are added to the contents of an index register to compute the operand's effective address. EA = {base register) + {index register) PA = segment: EA PA = i+ Instruction Registers Memory BOOK. Basle Prograrrerig Merl MOV ESI, [BOX] [EBX EN = CK + BIDK PA» DS + CK + EBX 1.11.6(G) Based Scaled Index Mode emt In this mode, the contents of an index register are multiplied by a scaling, factor and the result 16 added to base register to compute the operand's effective address, FA = (base replster} + (Index register Scaling factor) Paix eg: MOVECK,(EDI* 4] (ES?) EA (EDI 4) + ESP PA= DS + ESP + (EDI*4) 1.11.6(H) Based Index Mode with Displacement In this mode the operands effective address ts obtained by adding the contents of base register and Index replster with a displacement. EA = {base replster) + {Index register} + (8,160r 32 bit displacement} PA a i+ + (6, 160° 32 bit displacement) MOV (EBX) [EP + 12345676 H], EDI EA EBX + ERP + 12345678 H PA=DS-+ BOX + BBP + 12345670 1H 1.11.6(I) Based Scaled Index Mode With Displacement ep: In this mode, the operands effective address is computed by multiplying the index register with a scaling factor and result Is added to base register and also a displacement Is added, EA = {base register} + (index register * scaling factor} + (8, 16 or 32 bit displacement} ix + (8, 16 or 32 bit displacement) MOV [EBX + 6) [ECX + 5678 H], ECX EAs (EDK+ 8) + ECK + 5670 H PAs DS + (EBX + 6) + ECX +5678 1.11.7 String Addressing Mode PA= eae = For accessing the operands the String instructions do not use the commonly used memory addressing modes.W_Microprocessor (SPPU) 1.92 |09860X Basie Programming Mage For string instructions, SI will point to the first byte or word of the source string with DS as the segment register and DI points to the first byte or word of the destination string with ES as the segment register. - For repeated string instructions, the processor automatically adjusts the SI and DI in-order to get the required data bytes or word. The automatic adjustment is done with the help of DF (Direction Flag) in flag register, and achieved by MOD and R/M bits in instruction format. 1.11.8 Implied Addressing Mode The Instructions which do not have operands come under implied addressing mode, eg XLAT cma, sTC sTD These instructions do not have operands. Ex. 1.11.1 : IF (BX) = 0158H Displacement = 1857H (Ol) = 10ASH (DS) = 2100H and DS is used as segment register, then calculate EA and PA produced for all various addressing modes. Soln.: 1. Register addressing mode : No EA (data specified in register) 2, Immediate addressing mod: {in instruction). 0 EA (data specified Direct addressing mode: EA = Displacement =1B57H + PA = Segment: offset = DA:EA=DS: displacement = 2100H :1BS7H = 21000H + 1B57H 22B57H 4. Register indirect, assuming BX: EA = (BX)=0158H 2 PA = Segment: offset = PA: EA = DS: (BX) 2100H :0158H = 21000H + 0158H = 21158H 5. Register indirect, assuming DI: EA = (DI)=10ASH PA = Segment: offset = PA: EA= DS: (DI) 1000H + 10ASH 2100H : 105: 220ASH 6. Register relative, assuming BX: EA = (BX) + displacement = 0158H+1B57H = 1CAFH PA = Segment :offset=PA:EA DS: ((BX) + displacement) 2100H : 1CAFH = 21000H + 1CAFH = 22CAFH 7. Register relative, assuming DI: EA = (DI) + displacement = 10ASH+1B57H = 2BFCH. < PA = Segment: offset = PA: EA ES: ((DI) + displacement) 2100H : 2BFCH = 21000H + 2BFCH 23BFCH 8. Based indexed, assuming register BX and D1: EA PA (D1) + (8X) = 10ASH + 0158H = 11FDH Segment:: offset = PA: EA Ds: {(D1) + (BX)] 2100H : 11FDH = 21000H + 11FDH = 221FDH. 9. Relative based indexed addressing, assuming BX and DI: EA (D1) + (BX) + displacement = 10ASH + 0158H + 1B57H = 2D54H PA = Segment: offset = PA: EA = DS: ((DI) + (BX) + displacement] = 2100H: 2D54H 21000H + 2D54H = 23D54H Ex, Obtain effective address for diferent address! ‘modes with the contents of registers as given below : offset = 1000, | AH I = 5000H, [BX] = 2000 H, [SI] = 3000H, [DS] = 7000H, (BP) = 5000H, [Dl] = 4000H, [BP] = 6000H Soin, : 1. Register addressing mode : No EA (data specified register) 2 Immediate addressing mode : No EA (data specif {s instruction) ¥ reaneetMicroprocessor (SPP) 7 8 9. 1-33 £80986DX Basic Programming Model Direct addressing mode offset = 1000 H segment: offset = DS : EA = 2000 : 1000 EA PA = 20000+1000=21000 H Register indirect, assuming BX EA = (BX) = 2000H PA =. segment: offset = PA: EA= DS: BX 2000: 2000 = 20000 + 2000 22000H. Register indirect, assuming DI EA = DI=4000H PA = segment: offset = PA: BA=DS: (DI) PA = 200011:4000H = 20000 + 4000 PA = 24000H Register relative, assuming BX EA = (BX)+ displacement 2000 H + 1000 H= 3000H PA = segment: offset PA: EA=DS : (BX) + displacement) PA = 2000: 3000= 20000 + 3000 =23000H Register relative, assuming DI EA = (DI)+displacement = 4000+ 1000 = 5000 H PA = segment: offset = PA:EA=DS: (D1 + displacement) PA = 2000:5000=20000 +5000 = 25000 H Based indexed, assuming register BXand DI EA = (Dl) +(BX)=4000 + 2000 = 6000 H PA = segment: offset = PA:EA = DS:((DI) + (BX) “PA. =. 2000: 6000 = 20000 + 6000 = 26000 H ~ Relative based indexed addressing assuming BX and DI. EA = (BX) + (DI) + displacement = 2000+ 4000 + 1000 FA = 7000H PA = segment : offset = PA:EA=DS:( (DI) + (BX) + offset) PA = 2000:7000 = 20000 + 7000 = 27000 H. 4.12 Interrupts and Exceptions Tr ‘Q. | What do you mean by Exception ? The 80386 has two mechanisms for interrupting program execution: 1. Exceptions are synchronous events that are the responses of the CPU to certain conditions detected during the execution of an instruction, 2, _ Interrupts are asynchronous events typically triggered by external devices needing attention. Interrupts and exceptions are alike in that both cause the processor to temporarily suspend its present program execution in order to execute a program of higher priority. The major distinction between these two kinds of interrupts is thelr ‘An exception is always reproducible by re-executing with the program and data that caused the exception, whereas an interrupt is generally independent of the currently executing program. Application programmers are not normally concerned with servicing interrupts. Certain exceptions, however, are of interest to applications programmers, and many operating systems give applications programs the opportunity to service these exceptions. However, the operating system itself defines the Interface between the applications programs and the exception mechanism of the 0386, Table 2-2 highlights the exceptions that may be of interest to applications programmers. A divide error exception results when the instruction DIV or IDIV is executed with a zero denominator or when the quotient is too large for the destination operand. ‘The debug exception may be reflected back to an applications program if it results from the trap flag (TF). A breakpoint exception results when the instruction INT 3 is executed. This instruction Is used by some debuggers to stop program execution at specific points.Microprocessor (SPPU) ‘An overflow exception results when the INTO {instruction is executed and the OF (overflow) flag is set (after an arithmetic operation that set the OF fag. A bounds check exception results when the BOUND Instruction is executed and the array index it checks falls outside the bounds of the array. Invalid opcodes may be used by some applications to extend the instruction set. In such a case, the invalid ‘opcode exception presents an opportunity to emulate the opcode, ‘The “coprocessor not available” exception occurs ifthe rogram contains instructions for a coprocessor, but no coprocessor is presentiin the system. A coprocessor error is generated when a coprocessor detects an illegal operation. ‘The instruction INT generates an interrupt whenever it {is executed; the processor treats this Interrupt as an exception, ‘The effects of this interrupt (and the effects of all other exceptions) are determined by exception handler routines provided by the application program or as part of the systems software (provided by systems programmers). Table 1.12.1 : 80386 interrupts and exceptions Interrupt | Function Number |). 0 Divider error. 1 Debug Exception. 2 NMI interrupt. 3 Break point, one byte int 4 Interrupt on overflow. 5 ‘Array Bounds check. 6 Invalid opcode. 7 Co-processor Notavallable. 8 Double exception 9 Corprocessor segment overrun, 10 Invalid TSS. uw Segment not present Interrupt Number [a2 Stack fault | Tas Gepecsl protection, = nT B General protection Page fault. Intel reserved, {a4 15 16 Co-processor error. 17-31__| Intelreserved. 32.255 _| External interrupton pin INT 1.13 Exam Pack (Review and University Questions) @.1 Explain the evolution of microprocessors, (Section 1.1) Explain in briof about 80386DX. (Section 1.1.1) What is BIU in 80386 processor 7 What are t functions of BIU ? (Section 1.2.4) 0.2 a3 Q.4 What is the ditforence between Real and Protecty ‘mode of £0386 ? (Section 1.5.1) How to convert Logical address to Physical addres: Jn Real mode of 80386 ? Explain with example, (Section 15.2) Explain Immediate addressing mode, Indicate you ‘answer with examples of instruction using th addressing mode. (Section 1.8.1) What are the possible register operands in 803867 (Section 1.82) What are the possitle memory operands inf £80986 ? (Section 1.8.3) Stale memory addressing modes of 0S! (ection 1.8.3) Write a short note on tho instruction format of 60 « (Section 1.9) ‘What is segment over pref? With an exaré? explain the implementation of segment over Prefix, (Section 1.10) What are the addressing modes supported 20386 2 (Section 1.11) ‘What do you mean by immediate operands ? (Section 1.11.1) a6 a7 as ars ars an att at a2 0.224 eax Introduction to Instruction Set of 80386 ‘The instruction set of 80386 is divided into number of ‘groups, of functionally related instructions. Different groups are: Instruetion set of 80386 1. Data movement instructions. 2. Binary arithmetic instructions, 2. Decimal arithmetic instructions, “11 Miscellaneous instructions. Fig. 2.1.1 : Instruction set of 80386 2.2 Data Movement Instructions ‘The data movement or the data transfer instructions copy single bytes or words or double- between registers and memory and also between register AL or AX or EAK and: I/O ports. The data movement Instructions also. include. the..stack manipulation ‘nstructions Le. PUSH, POP. The different types of data movement instructions are shown in Fig. 2.2.1 Applications Instruction Set Data Movement Instructions 1.General purpose data transter group. , 2.Stack manipulaton instructions. B.Type conversion instructions Types of data movement instructions Fig. 2.2.1. General Purpose Data Transfer Group “General Purpose Data Transfer Group (@) MOW (Copy a Word ora Byte to/from Register Memory) {@) MOV GRin (Load/ Store in Control Registen) {@) MOV Dn (Load Store in Debug Register) (@ MOV Thin (Load / Store Test Register) {@) XCHG (Exchange Resister/ Memory wih Register) Fig. 2.2.2 : General purpose data transfer group 2.2.1(A) MOV MOV (Move) transfers a byte, word, or double word from the source operand to the destination operand, The MOV instruction is useful for transferring data along any of these paths. There are also variants of MOV that operate on segment registers. Toa register from memory ‘To memory from a register Between general registers Immediate data to a register Immediate data to a memory ‘The MOV Instruction cannot move data from memory to memory or from segment register to segment register. Memory-to-mmemory moves can be performed, however, by the string move Instruction Movs.& Applications Inst B_ Microprocessor (SPU) 22 sont ction gy Description |Copy a byte/word from source to the| Table 2.2.1 contains valid source and destinayy destination, operands. Instruction | MOV destination, source Table 2.2.1 : Valid source and destination opereng MOV operandi, operand2 z eS i Source ample Destination «— Source ios Deen { 1, [Memory _[Accumulator| MOV M_B, AL Operand1 __ <—~_Operand2 2. lAccumulator| Memory _ [MOV AX, [BX] Algorithm [Destination = Source or 3. [Register [Register _ [MOV CX, SI Operand 1 = Operand 2 4, (Register |Memory MOV AX, [SI] Operation | The MOV instruction copiesa word or abyte|||5, [Memory [Register _|MOV [DI], CX of data from a fixed/specified source to a| fixed/specified destination. The destination|||6 _[Register_|Immediate_|MOV EAX, 1254567611 can be a register or memory location. The|||7. [Memory Immediate |MOV — BYTE.PTR(BK source can be a memory location, a register 15H lor an immediate value. fa. _|Seg-Reg [Register | MOVDS,AX [The source and destination must be of same type Le. both:must be byte, word or double|||2_|Se@-Ree__|Mem-16 __|MOV DS, [DI] word. 10. |[Reg-16 _|Seg-Reg__[MOVBX, DS [The contents of the source are unchanged. _||[11. [Memory |Seg—Reg _ [MOV [BX], DS Flags No flags are affected. Following eases are not allowed “The Soe & Dost tnoorer —-- MOV (1100), [1200] ‘an Instruction both CANNOT be. t t Memory Locations = Memory Memory \weaton' L2eaton 2 MOV 592FH, BX “The Dastoton in aninstcbon CANNOT bs tncorect t Immediate Number = Inmodiato rumor “Ta Destination n Zninstueton CANNOT be breogeet MOV CS, BX Sada Segment Roger C8 => tneonoet “The Source & Dectaton must boh be ot 2 ype BYTE. or hy must bol type WORD pa Le ‘Such adatairansor ls nt poesite because BL ia 8 Bt tt => sent obi ora (re MOV DS, ¢S LCANNOT copy valu of ono segment ; Regesr' aha ymert Rega ogee 1 t 4 {Gee eu copy fon epee fe) => bit cate Seq, Seg MOV CS, S487 ICANN oopy media a fo Inaorect t regront Regia. => ede tmmeiat Seq. ‘rumber IRGANNOT 0 the vale of CS. P Raglan, Fig. 2.2.3