X86 Assembly

X86 Assembly
From Wikibooks, the open-content textbooks collection
Contents
1 Introduction 1.1 Why Learn Assembly? 1.2 Who is This Book For? 1.3 Ho is This Book !r"ani#ed? 2 Basic FA$ 2.1 Ho %oes the &om'uter (ead)*nderstand Assembly? 2.2 Is it the +ame !n Windo s)%!+)Linu,? 2.3 Which Assembler is Best? 2.- %o I .eed to /no Assembly? 2.0 Ho +hould I Format my &ode? 3 123 Family 3.1 Intel ,23 4icro'rocessors 3.2 A4% ,23 &om'atible 4icro'rocessors - 123 Architecture -.1 ,23 Architecture -.1.1 5eneral 6ur'ose (e"isters 756(8 -.1.2 +e"ment (e"isters -.1.3 9FLA5+ (e"ister -.1.- Instruction 6ointer -.1.0 4emory -.1.3 T o:s com'lement re'resentation -.1.; Addressin" modes -.2 +tack -.3 &6* !'eration 4odes -.3.1 (eal 4ode -.3.2 6rotected 4ode -.3.2.1 Flat 4emory 4odel -.3.2.2 4ulti<+e"mented 4emory 4odel 0 &omments 0.1 &omments 0.2 HLA &omments 3 13 32 and 3- Bits 3.1 The 2=23 (e"isters 3.1.1 9,am'le 3.2 The A2= 5ate +a"a 3.3 32<Bit Addressin" ; 123 Instructions ;.1 &on>entions 2 %ata Trans?er 2.1 %ata trans?er instructions 2.1.1 4o>e 2.1.2 %ata + a' 2.1.3 4o>e and 9,tend 2.1.- 4o>e by %ata +i#e
The Wikibook o?
,23 Assembly Lan"ua"e Introduction
x86 Assembly
Why Learn Assembly

Assembly is the most 'rimiti>e tool in the 'ro"rammers toolbo,. 9ntire so?t are 'ro@ects can be ritten ithout e>er once lookin" at a sin"le line o? assembly code. +o the Auestion arisesB hy learn assembly? Assembly lan"ua"e is the closest ?orm o? communication that humans can en"a"e in ith a com'uter. *sin" assemblyC the 'ro"rammer can 'recisely track the ?lo o? data and e,ecution in a 'ro"ram. AlsoC another bene?it to learnin" assemblyC is that once a 'ro"ram has been com'iledC it is di??icult<<i? not im'ossible<<to decom'ile the code. That means that i? you ant to e,amine a 'ro"ram that is already com'iledC you ill need to e,amine it in assembly lan"ua"e. %ebu""ers also ill ?reAuently only sho the 'ro"ram code in assembly lan"ua"e. I? nothin" elseC it can be bene?icial to learn to read assembly lan"ua"eC i? not rite it. Assembly lan"ua"e is also the 're?erred toolC i? not the only tool a>ailable ?or im'lementin" some lo <le>el tasksC such as bootloadersC and lo <le>el kernel com'onents. &ode ritten in assembly has less o>erhead than code ritten in hi"h<le>el lan"ua"esC so assembly code ?reAuently ill run much ?aster than 'ro"rams ritten in other lan"ua"es. &ode that is ritten in a hi"h<le>el lan"ua"e can be com'iled into assemblyC and Dhand o'timi#edD to sAuee#e e>ery last bit o? s'eed out o? a section o? code. As hard are manu?acturers such as Intel and A4% add ne ?eatures and ne instructions to their 'rocessorsC o?ten times the only ay to access those ?eatures is to use assembly routines. That isC at least until the ma@or com'iler >endors add su''ort ?or those ?eatures. %e>elo'in" a 'ro"ram in assembly can be a >ery time consumin" 'rocessC ho e>er. While it mi"ht not be a "ood idea to rite ne 'ro@ects in assembly lan"ua"eC it is certainly >aluable to kno a little bit about assembly lan"ua"e any ay.
Who is !his "ook For

This book ill ser>e as an introduction to assembly lan"ua"eC but it ill also ser>e as a "ood resource ?or 'eo'le ho already kno the to'icC but need some more in?ormation on ,23 system architectureC and ad>anced uses o? ,23 assembly lan"ua"e. All readers are encoura"ed to read 7and contribute to8 this bookC althou"h a 'rior kno led"e o? 'ro"rammin" ?undamentals ould be a de?inite bene?it.
#o$ is !his "ook %r&ani'ed

The ?irst section ill talk about the ,23 ?amily o? chi'sC and ill introduce the basic
instruction set. The second section ill talk about the di??erences bet een the synta, o? di??erent assemblers. The third section ill talk about some o? the additional instruction sets a>ailableC includin" the Floatin"<6oint o'erationsC the 441 o'erationsC and the ++9 o'erations. The ?ourth section ill talk about some ad>anced to'ics in ,23 assemblyC includin" some lo <le>el 'ro"rammin" tasks such as ritin" bootloaders. There are many tasks that cannot be easily im'lemented in a hi"her<le>el lan"ua"e such as & or &EE. For e,am'leC tasks such as enablin" and disablin" interru'tsC enablin" 'rotected modeC accessin" the &ontrol (e"istersC creatin" a 5lobal %escri'tor TableC etc. all need to be handled in assembly. The ?ourth section ill also talk about ho to inter?ace assembly lan"ua"e ith & and other hi"h<le>el lan"ua"es. !nce a ?unction is ritten in Assembly 7a ?unction to enable 'rotected modeC ?or instance8C e can inter?ace that ?unction to a lar"erC &<based 7or e>en &EE based8 kernel. The Fi?th section ill deal ith the standard ,23 chi'setC ill talk about the basic ,23 com'uter architectureC and ill "enerally deal ith the hard are side o? thin"s. The current layout o? the book is desi"ned to "i>e readers as much in?ormation as they needC ithout "oin" o>erboard. (eaders ho ant to learn assembly lan"ua"e on a "i>en assembler only need to read the ?irst section and the cha'ter in the second section that directly relates to their assembler. 6ro"rammers lookin" to im'lement the 441 or ++9 instructions ?or di??erent al"orithms only really need to read section 3. 6ro"rammers lookin" to im'lement bootloaders and kernelsC or other lo <le>el tasksC can read section -. 6eo'le ho really ant to "et to the nitty<"ritty o? the ,23 hard are desi"n can continue readin" on throu"h section 0.
"asic FA(
x86 Assembly
This 'a"e is "oin" to ser>e as a basic FA$ ?or 'eo'le ho are ne to assembly lan"ua"e 'ro"rammin".
#o$ )oes the Computer *ead+,nderstand Assembly

The com'uter doesn:t really DreadD or DunderstandD anythin" per seC but that:s beside the 'oint. The ?act is that the com'uter cannot read the assembly lan"ua"e that you rite. Four assembler ill con>ert the assembly lan"ua"e into a ?orm o? binary in?ormation called Dmachine codeD that your com'uter uses to 'er?orm its o'erations. I? you don:t assemble the codeC it:s com'lete "ibberish to the com'uter. That saidC assembly is noted because each assembly instruction usually relates to @ust a sin"le machine codeC and it is 'ossible ?or Dmere mortalsD to do this task directly ith nothin" but a blank sheet o? 'a'erC a 'encilC and an assembly instruction re?erence book. Indeed in the early days o? com'uters this as a common task and e>en reAuired in some instances to Dhand assembleD machine instructions ?or some basic com'uter 'ro"rams. A classical e,am'le o? this as done by +te>e Wo#niakC hen he hand assembled the entire Inte"er BA+I& inter'reter into the 30=2 machine code ?or use on his initial A''le I com'uter. It should be notedC ho e>erC that such tasks ?or commercially distributed so?t are are such rarities that they deser>e s'ecial mention ?rom that ?act alone. GeryC >ery ?e 'ro"rammers ha>e actually done this ?or more than a ?e instructionsC and e>en then @ust ?or a classroom assi"nment.
Is it the -ame %n Windo$s+)%-+Linux

The ans ers to this Auestion are yes and no. The basic ,23 machine code is de'endent only on the 'rocessor. The ,23 >ersions o? Windo s and Linu, are ob>iously built on the ,23 machine code. There are a ?e di??erences bet een Linu, and Windo s 'ro"rammin" in ,23 AssemblyB 1. !n a Linu, com'uterC the most 'o'ular assembler is the 5A+ assemblerC hich uses the ATHT synta, ?or ritin" codeC or .et ide Assembler hich is also kno n as .A+4 hich uses a synta, similar to 4A+4. 2. !n a Windo s com'uterC the most 'o'ular assembler is 4A+4C hich uses the Intel synta,. 3. The list o? a>ailable so?t are interru'tsC and their ?unctionsC is di??erent on Windo s and Linu,. -. The list o? a>ailable code libraries is di??erent on Windo s and Linu,. *sin" the same assemblerC the basic assembly code ritten on each !'eratin" +ystem is basically the sameC e,ce't you interact ith Windo s di??erently than you interact ith Linu,C etc.
Which Assembler is "est

The short ans er is that none o? the assemblers are better than the othersC it:s a matter o? 'ersonal 're?erence. The lon" ans er is that di??erent assemblers ha>e di??erent ca'abilitiesC dra backsC etc. I? you only kno 5A+ synta,C then you ill 'robably ant to use 5A+. I? you kno Intel synta, and are orkin" on a indo s machineC you mi"ht ant to use 4A+4. I? you don:t like some o? the Auirks or com'le,ities o? 4A+4 and 5A+C you mi"ht ant to try FA+4 and .A+4. We ill co>er the di??erences bet een the di??erent assemblers in section 2.
)o I .eed to /no$ Assembly

Fou don:t need to kno assembly ?or most com'uter tasksC but it certainly is nice. Learnin" assembly is not about learnin" a ne 'ro"rammin" lan"ua"e. I? you are "oin" to start a ne 'ro"rammin" 'ro@ect 7unless that 'ro@ect is a bootloader or a de>ice dri>er or a kernel8C then you ill 'robably ant to a>oid assembly like the 'la"ue. An e,ce'tion to this could be i? you absolutely need to sAuee#e the last bits o? 'er?ormance out o? a con"ested inner loo' and your com'iler is 'roducin" subo'timal code. /ee' in mindC thou"hC that 'remature o'timi#ation is the root o? all e>ilC althou"h some com'utin"< intense realtime tasks can only easily be o'timi#ed su??iciently i? o'timi#ation techniAues are understood and 'lanned ?or ?rom the start. Ho e>erC learnin" assembly "i>es a 'articular insi"ht into ho your com'uter orks on the inside. When you 'ro"ram in a hi"her<le>el lan"ua"e like &C or AdaC or e>en Ia>a and 6erlC all your code ill e>entually need to be con>erted into terms o? machine code instructionsC so your com'uter can e,ecute them. *nderstandin" the limits o? e,actly hat the 'rocessor can doC at the most basic le>elC ill also hel' hen 'ro"rammin" a hi"her<le>el lan"ua"e.
#o$ -hould I Format my Code

4ost assemblers reAuire that assembly code instructions each a''ear on their o n lineC and are se'arated by a carria"e return. 4ost assemblers also allo ?or hites'ace to a''ear bet een instructionsC o'erandsC etc. 9,actly ho you ?ormat code is u' to youC althou"h there are some common aysB !ne ay kee's e>erythin" lined u'B
Label1: mov ax, bx add ax, bx jmp Label3 Label2:
mov ax, cx ...
Another ay kee's all the labels in one columnC and all the instructions in another columnB
Label1: mov add jmp Label2: mov ... ax, bx ax, bx Label3 ax, cx
Another ay 'uts labels on their o n linesC and indents instructions sli"htlyB

Label1: mov ax, bx add ax, bx jmp Label3 Label2: mov ax, cx ...
Fet another ay ill se'arate labels and instructions into se'arate columnsC A.% kee' labels on their o n linesB
Label1: mov ax, bx add ax, bx jmp Label3 mov ax, cx
Label2: ...
+o there are a million di??erent ays to do itC but there are some "eneral rules that assembly 'ro"rammers "enerally ?ollo B 1. make your labels ob>iousC so other 'ro"rammers can see here they are 2. more structure 7indents8 ill make your code easier to read 3. use commentsC to e,'lain hat you are doin".
X86 Family
x86 Assembly
The ,23 ?amily o? micro'rocessors is a >ery lar"e ?amily o? chi's ith a lon" history. This 'a"e ill talk about the s'eci?ics o? each di??erent 'rocessor in this ?amily. ,23 micro'rocessors are also called JIA<32K 'rocessors.
Intel x86 0icroprocessors

Wiki'edia has related in?ormation at List of Intel microprocessors. 2=23)2=2; 71L;28 The 2=23 as the ori"inal Intel 4icro'rocessorC ith the 2=2; as its ?loatin"<'oint co'rocessor. The 2=23 as Intel:s ?irst 13<bit micro'rocessor. 2=22 71L;L8 A?ter the de>elo'ment o? the 2=23C Intel also created the lo er<cost 2=22. The 2=22 as similar to the 2=23C but ith an 2<bit data bus instead o? a 13<bit bus. 2=123)2=12; 71L228 The 123 as the second Intel chi' in the ?amilyM the 2=12; as its ?loatin" 'oint co'rocessor. 9,ce't ?or the addition o? some ne instructionsC o'timi#ation o? some old onesC and an increase in the clock s'eedC this 'rocessor as identical to the 2=23. 2=223)2=22; 71L228 The 223 as the third model in the ?amilyM the 2=22; as its ?loatin" 'oint co'rocessor. The 223 introduced the J6rotected 4odeK mode o? o'erationC as o''osed to the J(eal 4odeK that the earlier models used. All ,23 chi's can be made to run in real mode or in 'rotected mode. 2=323 71L208 The 323 as the ?ourth model in the ?amily. It as the ?irst Intel micro'rocessor ith a 32<bit ord. The 323%1 model as the ori"inal 323 chi'C and the 323+1 model as an economy model that used the same instruction setC but hich only had a 13<bit bus. The 32391 model is still used today in embedded systems. 2=-23 71L2L8 The -23 as the ?i?th model in the ?amily. It had an inte"rated ?loatin" 'oint unit ?or the ?irst time in ,23 history. 9arly model 2=-23 %1 chi's ?ound to ha>e de?ecti>e F6*:s ere 'hysically modi?ied to disconnect the F6* 'ortion o? the chi' and sold as the -23+1 7-23<+110C -23<+12=C and -23<+1208. A -2; Dmath co'rocessorD as a>ailable to -23+1 users and as essentially a -23%1 ith a orkin" F6* and an e,tra 'in added. The arri>al o? the -23%1<0= 'rocessor sa the ides'read introduction o? ?anless heat<sinks bein" used to kee' the 'rocessors ?rom o>erheatin". 6entium 71LL38 Intel called it the J6entiumK because they couldn:t trademark the code number J2=023K. The ori"inal 6entium as a ?aster chi' than the -23 ith a ?e other enhancementsM later models also inte"rated the 441 instruction set.
6entium 6ro 71LL08 The 6entium 6ro as the si,th<"eneration architecture micro'rocessorC ori"inally intended to re'lace the ori"inal 6entium in a ?ull ran"e o? a''licationsC but later reduced to a more narro role as a ser>er and hi"h<end deskto' chi'. 6entium II 71LL;8 The 6entium II as based on a modi?ed >ersion o? the 63 core ?irst used ?or the 6entium 6roC but ith im'ro>ed 13<bit 'er?ormance and the addition o? the 441 +I4% instruction setC hich had already been introduced on the 6entium 441. 6entium III 71LLL8 Initial >ersions o? the 6entium III ere >ery similar to the earlier 6entium IIC the most notable di??erence bein" the addition o? ++9 instructions. 6entium - 72===8 The 6entium - had a ne ;th "eneration D.etBurstD architecture. It is currently the ?astest ,23 chi' on the market ith res'ect to clock s'eedC ca'able o? u' to 3.2 5H#. 6entium - chi's also introduced the notions JHy'er Threadin"KC and J4ulti< &oreK chi's. &ore 72==38 The architecture o? the &ore 'rocessors as actually an e>en more ad>anced >ersion o? the 3th "eneration architecture datin" back to the 1LL0 6entium 6ro. The limitations o? the .etBurst architectureC es'ecially in mobile a''licationsC ere too "reat to @usti?y creation o? more .etBurst 'rocessors. The &ore 'rocessors ere desi"ned to o'erate more e??iciently ith a lo er clock s'eed. All &ore branded 'rocessors had t o 'rocessin" coresM the &ore +olos had one core disabledC hile the &ore %uos used both 'rocessors. &ore 2 72==38 An u'"radedC 3-<bit >ersion o? the &ore architecture. All deskto' >ersions are multi<core. &eleron 7?irst model 1LL28 The &eleron chi' is actually a lar"e number o? di??erent chi' desi"nsC de'endin" on 'rice. &eleron chi's are the economy line o? chi'sC and are ?reAuently chea'er than the 6entium chi'sNe>en i? the &eleron model in Auestion is based o?? a 6entium architecture. 1eon 7?irst model 1LL28 The 1eon 'rocessors are modern Intel 'rocessors made ?or ser>ersC hich ha>e a much lar"er cache 7measured in me"abytes in com'arison to other chi's kilobyte si#e cache8 than the 6entium micro'rocessors.
A0) x86 Compatible 0icroprocessors

Wiki'edia has related in?ormation at List of AMD microprocessors. Athlon Athlon is the brand name a''lied to a series o? di??erent ,23 'rocessors desi"ned and manu?actured by A4%. The ori"inal AthlonC or Athlon &lassicC as the ?irst
se>enth<"eneration ,23 'rocessor andC in a ?irstC retained the initial 'er?ormance lead it had o>er Intel:s com'etin" 'rocessors ?or a si"ni?icant 'eriod o? time. Turion Turion 3- is the brand name A4% a''lies to its 3-<bit lo <'o er 7mobile8 'rocessors. Turion 3- 'rocessors 7but not Turion 3- 12 'rocessors8 are com'atible ith A4%:s +ocket ;0- and are eAui''ed ith 012 or 1=2- /iB o? L2 cacheC a 3-< bit sin"le channel on<die memory controllerC and an 2==4H# Hy'erTrans'ort bus. %uron The A4% %uron as an ,23<com'atible com'uter 'rocessor manu?actured by A4%. It as released as a lo <cost alternati>e to A4%:s o n Athlon 'rocessor and the 6entium III and &eleron 'rocessor lines ?rom ri>al Intel. +em'ron +em'ron isC as o? 2==3C A4%:s entry<le>el deskto' &6*C re'lacin" the %uron 'rocessor and com'etin" a"ainst Intel:s &eleron % 'rocessor. !'teron The A4% !'teron is the ?irst ei"hth<"eneration ,23 'rocessor 7/2 core8C and the ?irst o? A4%:s A4%3- 7,23<3-8 'rocessors. It is intended to com'ete in the ser>er marketC 'articularly in the same se"ment as the Intel 1eon 'rocessor.
X86 Architecture
x86 Assembly
x86 Architecture
The ,23 architecture has 2 5eneral<6ur'ose (e"isters 756(8C 3 +e"ment (e"istersC 1 Fla"s (e"ister and an Instruction 6ointer. Wiki'edia has related in?ormation at Processor register.
1eneral 2urpose *e&isters 312*4

The 2 56(s are B 1. 2. 3. -. 0. 3. ;. 2. 9A1 B Accumulator re"ister. *sed in arithmetic o'erations. 9&1 B &ounter re"ister. *sed in shi?t)rotate instructions. 9%1 B %ata re"ister. *sed in arithmetic o'erations and I)! o'erations. 9B1 B Base re"ister. *sed as a 'ointer to data 7located in %+ in se"mented mode8. 9+6 B +tack 6ointer re"ister. 6ointer to the to' o? the stack. 9B6 B +tack Base 6ointer re"ister. *sed to 'oint to the base o? the stack. 9+I B +ource re"ister. *sed as a 'ointer to a source in stream o'erations. 9%I B %estination re"ister. *sed as a 'ointer to a destination in stream o'erations.
9ach o? the 56( are 32 bits ide and are said to be 9,tended (e"isters 7thus their 9,, name8. Their 13 Least +i"ni?icant Bits 7L+Bs8 can be accessed usin" their une,tended 'artsC namely A1C &1C %1C B1C +6C B6C +IC and %I. The e,tended re"isters can be se'arated into Dhi"hD 7the 13 4ost +i"ni?icant Bits8 and Dlo D 7the 13 Least +i"ni?icant Bits8 'ortions. Thus an e,tended re"ister has the ?ormB OHHHHHHHHHHHHHHHHLLLLLLLLLLLLLLLLP 7HereC an H or an L denotes a sin"le bit.8 hich can also be e,'ressed asB OHWQLWP Where HW and LW denote DHi"h WordD and DLo WordD res'ecti>ely. For the - ?irst re"isters 7A1C &1C %1C B18C the 2 4ost +i"ni?icant Bits 74+Bs8 and the 2 L+Bs o? their lo ord can also be accessed >ia AHC &HC %HC BH and ALC &LC %LC BL res'ecti>ely.
AH is an abbre>iation ?or DA1 Hi"hD. This term ori"inates ?rom the ?act that the lo ord o? the re"ister can be decom'osed into its hi"h and lo bytes. The &HC %HC and BH mnemonics are to be inter'reted in a similar ?ashion. Like iseC AL is an abbre>iation ?or DA1 Lo D. &LC %LC and BL are similiarily named.
-e&ment *e&isters
The 3 +e"ment (e"isters areB

++ B +tack +e"ment. 6ointer to the stack. &+ B &ode +e"ment. 6ointer to the code. %+ B %ata +e"ment. 6ointer to the data. 9+ B 9,tra +e"ment. 6ointer to e,tra data. 7:9: stands ?or D9,traD8 F+ B F +e"ment. 6ointer to more e,tra data. 7:F: comes a?ter :9:8 5+ B 5 +e"ment. 6ointer to still more e,tra data. 7:5: comes a?ter :F:8
4ost a''lications on most modern o'eratin" systems 7like Linu, or 4icroso?t Windo s8 use a memory model that 'oints nearly all se"ment re"isters to the same 'lace 7and uses 'a"in" instead8C e??ecti>ely disablin" their use. Ty'ically F+ or 5+ is an e,ce'tion to this ruleC to be used to 'oint at thread<s'eci?ic data.
5FLA1- *e&ister
The 9FLA5+ is a 32 bits re"ister used as a >ector to store and control the results o? o'erations and the state o? the 'rocessor. The names o? these bits areB 31 = 3= = 2L 22 2; = = = 23 = 20 2= = 23 = 22 = 21 2= I% GI6 1L GIF 12 A& 1; G4 13 (F
10 =
1.T
13 12 11 I%2L !F
1=
AF
3 =
2 6F
1 1
= &F
%F IF
TF +F RF =
The bits named = and 1 are reser>ed bits and shouldn:t be modi?ied. !he di66erent use o6 these 6la&s are7
&F B &arry Fla". +et i? the last arithmetic o'eration carried 7addition8 or borro ed 7subtraction8 a bit beyond the si#e o? the re"ister. This is then checked hen the =. o'eration is ?ollo ed ith an add< ith<carry or subtract< ith<borro to deal ith >alues too lar"e ?or @ust one re"ister to contain. 2. 6F B 6arity Fla". +et i? the number o? set bits in the least si"ni?icant byte is a multi'le o? 2. AF B Ad@ust Fla". &arry o? Binary &ode %ecimal 7B&%8 numbers arithmetic o'erations.
-.
3. RF B Rero Fla". +et i? the result o? an o'eration is Rero 7=8. ;. +F B +i"n Fla". +et i? the result o? an o'eration is ne"ati>e. 2. TF B Tra' Fla". +et i? ste' by ste' debu""in". L. IF B Interru'tion Fla". +et i? interru'ts are enabled. 1=. %F B %irection Fla". +tream direction. I? setC strin" o'erations ill decrement their 'ointer rather than incrementin" itC readin" memory back ards. !F B !>er?lo Fla". +et i? si"ned arithmetic o'erations result in a >alue too lar"e ?or the re"ister to contain.
11.
12<1 I!6L B I)! 6ri>ile"e Le>el ?ield 72 bits8. I)! 6ri>ile"e Le>el o? the current 'rocess. 3. 1-. .T B .ested Task ?la". &ontrols chainin" o? interru'ts. +et i? the current 'rocess is linked to the ne,t 'rocess.
13. (F B (esume Fla". (es'onse to debu" e,ce'tions. 1;. G4 B Girtual<2=23 4ode. +et i? in 2=23 com'atibility mode. 12. A& B Ali"nment &heck. +et i? ali"nment checkin" in o? memory re?erences are done.
1L. GIF B Girtual Interru't Fla". Girtual ima"e o? IF. 2=. GI6 B Girtual Interru't 6endin" ?la". +et i? an interru't is 'endin".
21. I% B Identi?ication Fla". +u''ort ?or &6*I% instruction i? can be set.
Instruction 2ointer
The 9I6 re"ister contains the address o? the next instruction to be e,ecuted i? no branchin" is done. 9I6 can only be read throu"h the stack a?ter a call instruction.
0emory
The ,23 architecture is Little 9ndianC meanin" that multi<byte >alues are ritten least si"ni?icant byte ?irst. This re?ers to the orderin" o? the bytesC not bits. +o the 32 bit >alue B3B2B1B= on an ,23 ould be re'resented in memory asB Little endian representation Byte = Byte 1 Byte 2 Byte 3 For e,am'leC the 32 bits ord =,1BA023%- 7the 8x denotes he,adecimal8 ould be ritten in memory asB Little endian example %- 23 A0 1B Thus seen as =,%- =,23 =,A0 =,1B hen doin" a memory dum'.
!$o9s complement representation

T o:s com'lement is the standard ay o? re'resentin" ne"ati>e inte"ers in binary. A number:s si"n is chan"ed by in>ertin" all o? the bits and addin" one.
0001
is in>erted toB addin" one netsB
1110
1111
===1 re'resent decimal 1 1111 re'resent decimal <1
Addressin& modes
Addressin" modesB indicates the manner in hich the o'erand is accessed (e"ister Addressin" 7o'erand address ( is in the address ?ield8
mov ax, bx ; moves contents of register bx into ax
Immediate 7actual >alue is in the ?ield8

mov ax, 1 ; moves value of 1 into register ax
or
mov ax, 0x010C ; moves value of 0x10C into register ax
%irect memory addressin" 7o'erand address is in the address ?ield8

mov ax, 102!" #ctual address is $%:0 & 102!
%irect o??set addressin" 7uses arithmetics to modi?y address8

b'te(tbl db 12,1),1*,22,..... ;+able of b'tes mov al,b'te(tbl&2 mov al,b'te(tbl 2" ; same as t!e former
(e"ister Indirect 7?ield 'oints to a re"ister that contains the o'erand address8
mov ax, di"
The re"isters used ?or indirect addressin" are B1C B6C +IC %I Base %is'lacement
mov ax, arr bx" ,!ere bx is t!e displacement inside t!at arra'
Base<inde,
mov ax, bx & di"
For e,am'leC i? e are talkin" about an arrayC b, is the base o? the addressC and di is the inde, o? the array. Base<inde, ith dis'lacement
mov ax, bx & di & 10"
-tack
The stack is a Last In First !ut 7LIF!8 stackM data is 'ushed onto it and 'o''ed o?? o? it in the re>erse order.
mov ax, 00*#! mov bx, -./#! mov cx, 1120! pus! ax
Fou 'ush the >alue in A1 onto the to' o? the stackC hich no holds the >alue S==3A
pus! bx
Fou do the same thin" to the >alue in B1M the stack no has S==3A and SF;LA
pus! cx
.o the stack has S==3AC SF;LAC and S112call do(stuff
%o some stu??. The ?unction is not ?orced to sa>e the re"isters it usesC hence us sa>in" them.
pop cx
6o' the last element 'ushed onto the stack into &1C S112-M the stack no has S==3A and SF;LA
pop bx
6o' the last element 'ushed onto the stack into B1C SF;LAM the stack no has @ust S==3A
pop ax
6o' the last element 'ushed onto the stack into A1C S==3AM the stack is em'ty The +tack is usually used to 'ass ar"uments to ?unctions or 'rocedures and also to kee' track o? control ?lo hen the call instruction is used. The other common use o? the +tack is tem'orarily sa>in" re"isters.
C2, %peration 0odes

*eal 0ode
(eal 4ode is a holdo>er ?rom the ori"inal Intel 2=23. Fou "enerally on:t need to kno anythin" about it 7unless you are 'ro"rammin" ?or a %!+<based system orC most likelyC ritin" a boot loader that is directly called by the BI!+8. The Intel 2=23 accessed memory usin" 2=<bit addresses. ButC as the 'rocessor itsel? as 13<bitC Intel in>ented an addressin" scheme that 'ro>ided a ay o? ma''in" a 2=<bit addressin" s'ace into 13<bit ords. Today:s ,23 'rocessors start in the so<called (eal 4odeC hich is an o'eratin" mode that mimics the beha>iour o? the 2=23C ith some >ery tiny di??erencesC ?or back ards com'atibility. In (eal 4odeC a se"ment and an o??set re"ister are used to"ether to yield a ?inal memory address. The >alue in the se"ment re"ister is multi'lied by 13 7or shi?ted - bits to the le?t8 and the o??set is added to the result. This 'ro>ides a usable s'ace o? 1 4B. Ho e>erC a Auirk o? the addressin" scheme allo s access 'ast the 1 4B limit i? a se"ment address o? =,FFFF 7the hi"hest 'ossible8 is usedM on the 2=23 and 2=22C all accesses to this area ra''ed around to the lo end o? memoryC but on the 2=223 and laterC u' to 3002= bytes 'ast the 14B mark can be addressed this ay i? the A2= address line is enabled. See: The A20 Gate Saga !ne bene?it shared by (eal 4ode se"mentation and by 6rotected 4ode 4ulti<+e"ment 4emory 4odel is that all addresses must be "i>en relati>e to another address 7this isC the se"ment base address8. A 'ro"ram can ha>e its o n address s'ace and com'letely i"nore the se"ment re"istersC and thus no 'ointers ha>e to be relocated to run the 'ro"ram. 6ro"rams can 'er?orm near calls and @um's ithin the same se"mentC and data is al ays relati>e to se"ment base addresses 7 hich in the (eal 4ode addressin" scheme are com'uted ?rom the >alues loaded in the +e"ment (e"isters8. This is hat the %!+ T.&!4 ?ormat doesM the contents o? the ?ile are loaded into memory and blindly run. Ho e>erC due to the ?act that (eal 4ode se"ments are al ays 3-/B lon"C &!4 ?iles could not be lar"er than that 7in ?actC they had to ?it into 3022= bytesC since %!+ used the ?irst 203 o? a se"ment ?or housekee'in" data8M ?or many years this asn:t a 'roblem.
2rotected 0ode
Flat 0emory 0odel I? 'ro"rammin" in a modern o'eratin" system 7such as Linu,C Windo s8C you are basically 'ro"rammin" in ?lat 32<bit mode. Any re"ister can be used in addressin"C and it
is "enerally more e??icient to use a ?ull 32<bit re"ister instead o? a 13<bit re"ister 'art. AdditionallyC se"ment re"isters are "enerally unused in ?lat modeC and it is "enerally a bad idea to touch them. 0ulti--e&mented 0emory 0odel
Comments
x86 Assembly
Comments
When ritin" codeC it is >ery hel'?ul to use some comments to e,'lain hat is "oin" on. A comment is a section o? re"ular te,t that the assembler i"nores hen turnin" the assembly code into the machine code. In assemblyC comments are usually denoted ith a semicolon DMD. Here is an e,am'leB
Label1: mov ax, bx add ax, bx ... ;,e move bx into ax ;add t!e contents of bx into ax
9>erythin" a?ter the semicolonC on the same lineC is i"nored. Let:s sho another e,am'leB
Label1: mov ax, bx ;mov cx, ax ...
HereC the assembler ne>er sees the second instruction Dmo> c,C a,DC because it i"nores e>erythin" a?ter the semicolon.
#LA Comments
The HLA assembler also has the ability to rite comments in & or &EE styleC but e can:t use the semicolons. This is because in HLAC the semicolons are used at the end o? e>ery instructionB
mov1ax, bx2; 33+!is is a C&& comment. 34mov1cx, ax2; ever't!ing bet,een t!e slas!5stars is commented out. +!is is a C comment43
&EE comments "o all the ay to the end o? the lineC but & comments "o on ?or many lines ?rom the D)TD all the ay until the DT)D. For a better understandin" o? & and &EE comments in HLAC see 6ro"rammin"B& or the &EE Wikibooks.
:6 ;< and 6= "its
x86 Assembly
,23 assembly has a number o? di??erences bet een architectures that are 13 bitsC 32 bitsC and 3- bits. This 'a"e ill talk about some o? the basic di??erences bet een architectures ith di??erent bit idths.
!he 8886 *e&isters

All the 2=23 re"isters ere 13<bit ide. The 2=23 re"isters are the ?ollo in"B A1C B1C &1C %1C B6C +6C %IC +IC &+C ++C 9+C %+C I6. Also on any Windo s<based systemC by enterin" into %!+ shell you can run a >ery handy 'ro"ram called Ddebu".e,eDC >ery use?ul ?or learnin" about 2=23 and is shi''ed alon" ith all Windo s >ersions. A1C B1C &1C %1 These re"isters can also be addressed as 2<bit re"isters. +o A1 U AH 7hi"h 2<bit8 and AL 7lo 2<bit8. +o the 'roblem as thisB ho can a 2=<bit address s'ace be re?erred to by the 13<bit re"isters? To sol>e this 'roblemC they came u' ith se"ment re"isters &+ 7&ode +e"ment8C %+ 7%ata +e"ment8C 9+ 79,tra +e"ment8C and ++ 7+tack +e"ment8. To con>ert a 2=<bit addressC one ould ?irst di>ide it by 13 and 'lace the Auotient in the se"ment re"ister and remainder in the o??set re"ister. This as re'resented as &+BI6 7this meansC &+ is the se"ment and I6 is the o??set8. Like iseC hen an address is ritten ++B+6 it means ++ is the se"ment and +6 is the o??set.
5xample
I? &+ U =,202& and I6 U =,==12 7the D=,D 're?i, denotes he,adecimal notation8C then &+BI6 ill 'oint to a 2= bit address eAui>alent to D&+ T 13 E I6D hich ill be U =,202& T =,1= E =,==12 7(ememberB 13 decimal U =,1=8 +o &+BI6 U &+,13 E I6 U =,202&T=,1= E =,==12 U =,202%2. The 2=<bit address is kno n as an Absolute address and the +e"mentB!??set re'resentation 7&+BI68 is kno n as a +e"mented Address. It is im'ortant to note that there is not a one<to<one ma''in" o? 'hysical addresses to se"mented addressesM ?or any 'hysical addressC there is more than one 'ossible se"mented address. For e,am'leB consider the se"mented re'resentations B===B2=== and B2==B3===. 9>aluatedC they both ma' to 'hysical address B2===. 7B===B2=== U B===,1=E2=== U B====E2=== U B2=== and B2==B3=== U B2==,1=E3=== U B2===E3=== U B2===8 Ho e>erC usin" an a''ro'riate ma''in" scheme a>oids this 'roblemB such a ma' a''lies a linear trans?ormation to the 'hysical addresses to create
'recisely one se"mented address ?or each. To re>erse the translationC the ma' O?7,8P is sim'ly in>erted. For e,am'leC i? the se"ment 'ortion is eAual to the 'hysical address di>ided by =,1= and the o??set is eAual to the remainderC only one se"mented address ill be "enerated. 7.o o??set ill be "reater than =,=?.8 6hysical address B2=== ma's to 7B2===)1=8B 7B2===V1=8 or B2==B=. This +e"mented re'resentation is "i>en a s'ecial nameB such addresses are said to be D.ormali#ed AddressesD. &+BI6 7&ode +e"mentB Instruction 6ointer8 re'resents the 2= bit address o? the 'hysical memory ?rom here the ne,t instruction ?or e,ecution ill be 'icked u'. Like iseC ++B+6 7+tack +e"mentB +tack 6ointer8 'oints to a 2= bit absolute address hich ill be treated as +tack To' 72=23 uses this ?or 'ushin")'o''in" >alues8
!he A<8 1ate -a&a

Like said earlier alsoC the 2=23 'rocessor had 2= address lines 7?rom A= to A1L8C so the total memory addressable by it as 14B 7or D2 to the 'o er 2=D8. But since it had only 13 bit re"istersC they came u' ith se"mentBo??set scheme or else usin" a sin"le 13<bit re"ister they couldn:t ha>e 'ossibly accessed more than 3-/b 7or 2 to the 'o er 138 o? memory. +o this made it 'ossible ?or a 'ro"ram to access the hole o? 14B o? memory. But ith se"mentation scheme also came a side e??ect. .ot only could your code re?er to the hole o? 14B ith this schemeC but actually a little more than that. Let:s see ho ... Let:s kee' in mindC ho bit re'resentation. The &on>ersionB<
%egment:6ffset 7 %egment x 1* & 6ffset
e con>ert ?rom a +e"mentB!??set re'resentation to Linear 2=
.o to see the ma,imum amount o? memory that can be addressedC let:s ?ill in both +e"ment and !??set to their ma,imum >alues and then con>ert that >alue to its 2=<bit absolute 'hysical address. +oC 4a, >alue ?or se"ment U FFFF H 4a, >alue ?or !??set U FFFF .o C lets con>ertC FFFFBFFFF into its 2=<bit linear addressC bearin" in mind 13 is re'resented as 1= in he,adecimal B< +o e "etC FFFFBFFFF U FFFF , 1=h E FFFF U FFFF= E FFFF U FFFF= E 7FFF= E F8 U FFFFF E FFF= U 14B E FFF=
.oteB FFFFF 3is hexadecimal4 and is e>ual to :0" 7one me"abyte8 and
FFF0 is equal to 64Kb minus 16 bytes.
0oral o6 the story7 From (eal mode a 'ro"ram can actually re?er to 714B E 3-/B < 138 bytes o? memory. .otice the use o? the ord Dre?erD and not DaccessD. 6ro"ram can re?er to this much memory but hether it can access it or not is de'endent on the number o? address lines actually 'resent. +o ith the 2=23 this as de?initely not 'ossible because hen 'ro"rams made re?erences to 14B 'lus memoryC the address that as 'ut on the address lines as actually more than 2=<bitsC and this resulted in ra''in" around o? the addresses. For e,am'leC i? a code is re?errin" to 14b E 1C this ill "et ra''ed around and 'oint to Reroth location in memoryC like ise 14BE2 ill ra' around to address 1 7or ====B===18. .o there ere some su'er ?unky 'ro"rammers around that time ho mani'ulated this ?eature in their codeC that the addresses "et ra''ed around and made their code a little ?aster and a ?e er bytes shorter. *sin" this techniAue it as 'ossible ?or them to access 32kb o? to' memory area 7that is 32kb touchin" 14B boundary8 and 32kb memory o? the bottom memory areaC ithout actually reloadin" their se"ment re"istersW +im'le maths you seeC i? in +e"mentB!??set re'resentation you make +e"ment constantC then since !??set is a 13<bit >alue there?ore you can roam around in a 3-/b 7or 2 to the 'o er 138 area o? memory. .o i? you make your se"ment re"ister 'oint to 32kb belo 14B mark you can access 32/B u' ards to touch 14B boundary and then 32kB ?urther hich ill ultimately "et ra''ed to the bottom most 32kb. .o these su'er ?unky 'ro"rammers o>erlooked the ?act that 'rocessors ith more address lines ould be created. 7.oteB Bill 5ates has been attributed ith sayin"C DWho ould need more than 3-=/B memory?DC these 'ro"rammers ere 'robably thinkin" similarly8. In 1L22C @ust 2 years a?ter 2=23C Intel released the 2=223 'rocessor ith 2address lines. Thou"h it as theoretically back ard com'atible ith le"acy 2=23 'ro"ramsC since it also su''orted (eal 4odeC many 2=23 'ro"rams did not ?unction correctly because they de'ended on out<o?<bounds addresses "ettin" ra''ed around to lo er memory se"ments. +o ?or the sake o? com'atibility IB4 en"ineers routed the A2= address line 72=23 had lines A= < A1L8 throu"h the /eyboard controller and 'ro>ided a mechanism to enable)disable the A2= com'atibility mode. .o i? you are onderin" hy the keyboard controllerC the ans er is that it had an unused 'in. +ince the 2=223 ould ha>e been marketed as ha>in" com'lete com'atibility ith the 2=23 7that asn:t e>en yet out >ery lon"8C u'"raded customers ould be ?urious i? the 2=223 as not bu"< ?or<bu" com'atible such that code desi"ned ?or the 2=23 ould o'erate @ust as ell on the 2=223C but ?aster.
;<-"it Addressin&
32<bit addresses can co>er memory u' to -5b in si#e. This means that e don:t need to use o??set addresses in 32<bit 'rocessors. InsteadC e use hat is called the DFlat addressin"D schemeC here the address in the re"ister directly 'oints to a 'hysical memory location. The se"ment re"isters are used to de?ine di??erent se"mentsC so that 'ro"rams don:t try to e,ecute the stack sectionC and they don:t try to 'er?orm stack o'erations on the data section accidentally.
X86 Instructions
x86 Assembly
Wiki'edia has related in?ormation at X86 instruction listings.
These 'a"es are "oin" to discussC in detailC the di??erent instructions a>ailable in the basic ,23 instruction set. For easeC and to decrease the 'a"e si#eC the di??erent instructions ill be broken u' into "rou'sC and discussed indi>idually. Wiki'edia has related in?ormation at X86 assembly language.
%ata Trans?er Instructions &ontrol Flo Instructions Arithmetic Instructions Lo"ic Instructions +hi?t and (otate Instructions !ther Instructions ,23 Interru'ts
I? you need more in?oC "o to O1P.
Con?entions
The ?ollo in" tem'late ill be used ?or instructions that take no o'erandsB
Instr
The ?ollo in" tem'late ill be used ?or instructions that take 1 o'erandB
Instr ar"
The ?ollo in" tem'late ill be used ?or instructions that take 2 o'erands. .otice ho the ?ormat o? the instruction is di??erent ?or di??erent com'ilers.
Instr srcC dest Instr destC src
1A- -yntax Intel syntax
)ata !rans6er
x86 Assembly
)ata trans6er instructions

0o?e mo? srcC dest mo? destC src
4o>e The mov instruction co'ies the src o'erand in the dest o'erand. %perands src

Immediate (e"ister 4emory
dest

(e"ister 4emory
0odi6ied 6la&s
.o FLA5+ are modi?ied by this instruction
5xample
.data value: .text .global (start (start: movl 8*, 9eax : 9eax is no, * mov, 9eax, value : value is no, * movl 0, 9ebx .long 2
: 9ebx is no, 0 movb 9al, 9bl : 9ebx is no, * movl value, 9ebx : 9ebx is no, 2 movl 8value, 9esi : 9esi is no, t!e address of value mov, value1, 9ebx, 12, 9bx : 9ebx is no, 0 : Linux s's(exit mov 81, 9eax xorl 9ebx, 9ebx int 80x;0
)ata -$ap xch& srcC dest xch& destC src

9,chan"e The xc!g instruction s a's the src o'erand ith the dest o'erand. %perands src

(e"ister 4emory
dest

(e"ister 4emory
0odi6ied 6la&s
5xample
.data value: .text .long 2
.global (start (start: movl 8)0, 9ebx
xc!gl value, 9ebx : 9ebx is no, 2 : value is no, )0 xc!g, 9ax, value : <alue is no, 0 : 9eax is no, )0 xc!gb 9al, 9bl : 9ebx is no, )0 : 9eax is no, 2 xc!g, value19eax2, 9a, : value is no, 0x00020000 7 1310.2 : 9eax is no, 0 : Linux s's(exit mov 81, 9eax xorl 9ebx, 9ebx int 80x;0
0o?e and 5xtend mo?' srcC dest mo?' destC src

4o>e #ero e,tend The mov= instruction co'ies the src o'erand in the dest o'erand and 'ads the remainin" bits not 'ro>ided by src ith #eros 7=8. This instruction is use?ul ?or co'yin" an unsi"ned small >alue to a bi""er re"ister. %perands src

dest

(e"ister 4emory
0odi6ied 6la&s
5xample
.data value: .long b'teval: .b'te .text .global (start (start: mov=b, b'teval, 9ax : 9eax is no, 200 mov=,l 9ax, value : value is no, 200 mov=bl b'teval, 9esi : 9esi is no, 200 : Linux s's(exit mov 81, 9eax xorl 9ebx, 9ebx int 80x;0 30000 200
mo?s srcC dest mo?s destC src

4o>e si"n e,tend.
The movs instruction co'ies the src o'erand in the dest o'erand and 'ads the remainin" bits not 'ro>ided by src the si"n o? src. This instruction is use?ul ?or co'yin" a si"ned small >alue to a bi""er re"ister. %perands src

dest

(e"ister 4emory
0odi6ied 6la&s
5xample
.data value: .long b'teval: .b'te .text .global (start (start: movsb, b'teval, 9ax : 9eax is no, 5200 movs,l 9ax, value : value is no, 5200 movsbl b'teval, 9esi : 9esi is no, 5200 : Linux s's(exit mov 81, 9eax xorl 9ebx, 9ebx int 80x;0 30000 5200
0o?e by )ata -i'e mo?sb

4o>e byte The movsb instruction co'ies one byte ?rom the location s'eci?ied in esi to the location s'eci?ied in edi. %perands .one. 0odi6ied 6la&s
5xample
section .code ; cop' m'str into m'str2 mov esi, m'str mov edi, m'str2 cld rep movsb section .bss
m'str2: resb * section .data m'str db >?ello>, 0x0
mo?s$
4o>e ord The movs, instruction co'ies one ord 7t o bytes8 ?rom the location s'eci?ied in esi to the location s'eci?ied in edi. %perands .one. 0odi6ied 6la&s
5xample
section .code ; cop' m'str into m'str2 mov esi, m'str mov edi, m'str2 cld rep movs, ; due to endianess, t!e resulting m'str2 ,ould be a#b@cCA0a section .bss m'str2: resb ; section .data m'str db >#a@bCca>, 0x0
Control Flo$
x86 Assembly
Comparison Instructions
test ar"1C ar"2 test ar"1C ar"2
'er?orms a bit< ise A.% on the t o o'erands and sets the ?la"sC but does not store a result.
cmp ar"1C ar"2 cmp ar"1C ar"2
'er?orms a subtraction bet een the t o o'erands and sets the ?la"sC but does not store a result.
@ump Instructions
,nconditional @umps Amp loc
loads 9I6 ith the s'eci?ied address 7i.e. the ne,t instruction e,ecuted ill be the one s'eci?ied by @m'8.
@ump on 5>uality Ae loc

Loads 9I6 ith the s'eci?ied addressC i? o'erands o? 're>ious &46 instruction are eAual. For e,am'leB
mov ecx, ) mov edx, ) cmp ecx, edx je eBual ; if it did not jump to t!e label eBual, t!en t!is means ) and ) are not eBual. eBual: ; if it jumped !ere, t!en t!is means ) and ) are eBual
Ane loc
Loads 9I6 ith the s'eci?ied addressC i? o'erands o? 're>ious &46 instruction are not eAual.
@ump i6 1reater A& loc

Loads 9I6 ith the s'eci?ied addressC i? ?irst o'erand o? 're>ious &46 instruction is "reater than the second 7'er?orms si"ned com'arison8.
A&e loc
Loads 9I6 ith the s'eci?ied addressC i? ?irst o'erand o? 're>ious &46 instruction is "reater than or eAual to the second 7'er?orms si"ned com'arison8.
Aa loc
Loads 9I6 ith the s'eci?ied addressC i? ?irst o'erand o? 're>ious &46 instruction is "reater than the second. ja is the same as jgC e,ce't that it 'er?orms an unsi"ned com'arison.
Aae loc
Loads 9I6 ith the s'eci?ied addressC i? ?irst o'erand o? 're>ious &46 instruction is "reater than or eAual to the second. jae is the same as jgeC e,ce't that it 'er?orms an unsi"ned com'arison.
@ump i6 Less Al loc

Loads 9I6 ith the s'eci?ied addressC i? ?irst o'erand o? 're>ious &46 instruction is less than the second 7'er?orms si"ned com'arison8.
Ale loc
Loads 9I6 ith the s'eci?ied addressC i? ?irst o'erand o? 're>ious &46 instruction is less than or eAual to the second 7'er?orms si"ned com'arison8.
Ab loc
Loads 9I6 ith the s'eci?ied addressC i? ?irst o'erand o? 're>ious &46 instruction is less than the second. jb is the same as jlC e,ce't that is 'er?orms an unsi"ned com'arison.
Abe loc
Loads 9I6 ith the s'eci?ied addressC i? ?irst o'erand o? 're>ious &46 instruction is less than or eAual to the second. jbe is the same as jleC e,ce't that is 'er?orms an unsi"ned com'arison.
@ump on %?er6lo$ Ao loc

Loads 9I6 ith the s'eci?ied addressC i? the o>er?lo bit is set on a 're>ious arithmetic e,'ression.
@ump on Bero An' loc

Loads 9I6 ith the s'eci?ied addressC i? the #ero bit is not set ?rom a 're>ious arithmetic e,'ression. jn= is identical to jne.
A' loc
Loads 9I6 ith the s'eci?ied addressC i? the #ero bit is set ?rom a 're>ious arithmetic e,'ression. j= is identical to je.
Function Calls
call 'roc
'ushes the >alue 9I6E- onto the to' o? the stackC and @um's to the s'eci?ied location. This is used mostly ?or subroutines.
ret O>alP
Loads the ne,t >alue on the stack into 9I6C and then 'o's the stack the s'eci?ied number o? times. I? val is not su''liedC the instruction ill not 'o' any >alues o?? the stack a?ter
returnin".
Loop Instructions
loop ar"
The loop instruction decrements 9&1 and @um's to the address s'eci?ied by arg unless decrementin" 9&1 caused its >alue to become #ero. For e,am'leB
mov ecx, ) start(loop: ; t!e code !ere ,ould be executed ) times loop start(loop
loop does not set any ?la"s.
loopx ar"
These loo' instructions decrement 9&1 and @um' to the address s'eci?ied by arg i? their condition is satis?iedC unless decrementin" 9&1 caused its >alue to become #ero.

loo'e loo'ne loo'n# loo'#
5nter and Lea?e

enter ar"
&reates a stack ?rame ith the s'eci?ied amount o? s'ace allocated on the stack.
lea?e
destroys the current stack ?rameC and restores the 're>ious ?rame
%ther Control Instructions

hlt
Halts the 'rocessor
nop
D.o !'erationD. This instruction doesnt do anythin"C but astes an instruction cycle in the 'rocessor. This instruction is o?ten translated to an XC#1 o'eration ith the o'erands 5AX and 5AX.
lock
asserts XL!&/
$ait
aits ?or the &6* to ?inish its last calculation
Arithmetic
x86 Assembly
Arithmetic instructions
Arithmetic instructions take t o o'erandsB a destination and a source. The destination must be a re"ister or a memory location. The source may be either a memory locationC a re"isterC or a constant >alue. .ote that at least one o? the t o must be a re"isterC because o'erations may not use a memory location as both a source and a destination.
add srcC dest add destC src
This adds src to dest. I? you are usin" the .A+4 synta,C then the result is stored in the ?irst ar"umentC i? you are usin" the 5A+ synta,C it is stored in the second ar"ument.
sub srcC dest sub destC src
Like A%%C only it subtracts source ?rom tar"et instead.
mul ar"
This multi'lies Dar"D by the >alue o? corres'ondin" byte<len"th in the A re"isterC see table belo . o'erand si#e other o'erand 1 byte 2 bytes - bytes AL A1 %1 9A1 9%1
hi"her 'art o? result stored AH inB lo er 'art o? result stored inB AL
A1
9A1
In the second caseC the tar"et is not 9A1 ?or back ard com'atibility ith code ritten ?or older 'rocessors.
imul ar"
As 4*LC only si"ned.
di? ar"
This di>ides the >alue in the di>idend re"ister7s8 by Dar"DC see table belo . di>isor si#e di>idend remainder stored inB 1 byte 2 bytes - bytes A1 %1BA 9%1B9A1 1 %1 A1 9%1 9A1
AH
Auotient stored inB AL
I? Auotient does not ?it into Auotient re"isterC arithmetic o>er?lo interru't occurs. All ?la"s are in unde?ined state a?ter the o'eration.
idi? ar"
As %IGC only si"ned.
ne& ar"
Arithmetically ne"ates the ar"ument 7i.e. t o:s com'lement ne"ation8.
Carry Arithmetic Instructions

adc srcC dest adc destC src
Add ith carry. Adds src E carr' flag to destC storin" result in dest. *sually ?ollo s a normal add instruction to deal ith >alues t ice as lar"e as the si#e o? the re"ister.
sbb srcC dest sbb destC src
+ubtract ith borro . +ubtracts src E carr' flag ?rom destC storin" result in
dest. *sually ?ollo s a normal sub instruction to deal ith >alues t ice as lar"e as the si#e o? the re"ister.
Increment and )ecrement

inc ar"
Increments the re"ister >alue in the ar"ument by 1. 6er?orms much ?aster than A)) ar&, :.
dec ar"
%ecrements the re"ister >alue in the ar"ument by 1.
Lo&ic
x86 Assembly
Lo&ical instructions
The instructions on this 'a"e deal ith bit< ise lo"ical instructions. For more in?ormation about bit< ise lo"icC see %i"ital &ircuits)Lo"ic !'erations.
and srcC dest and destC src
'er?orms a bit< ise A.% o? the t o o'erandsC and stores the result in dest. For e,am'leB
movl 80x1, movl 80x0, andl 9edx, ; !ere ecx 9edx 9ecx 9ecx ,ould be 0 because 1 #C$ 0 7 0
or srcC dest or destC src
'er?orms a bit< ise !( o? the t o o'erandsC and stores the result in dest. For e,am'leB
movl 80x1, movl 80x0, orl 9edx, ; !ere ecx 9edx 9ecx 9ecx ,ould be 1 because 1 6D 0 7 1
xor srcC dest xor destC src
'er?orms a bit< ise 1!( o? the t o o'erandsC and stores the result in dest. For e,am'leB
movl 80x1, movl 80x0, xorl 9edx, ; !ere ecx 9edx 9ecx 9ecx ,ould be 1 because 1 E6D 0 7 1
not ar"
'er?orms a bit< ise in>ersion o? ar". For e,am'leB
movl 80x1, 9edx notl 9edx ; !ere edx ,ould be 0x-------F because a bit,ise C6+ 0x00000001 7 0x-------F
-hi6t and *otate
x86 Assembly
Lo&ical -hi6t Instructions

In a lo"ical shi?t instructionC the bits that slide o?? the end disa''earC and the s'aces are al ays ?illed ith #eros. Lo"ical shi?t is best used ith unsi"ned numbers.
shr ar"
Lo"ical shi?ts ar" to the ri"ht
shl ar"
Lo"ical shi?t ar" to the le?t
Arithmetic -hi6t Instructions

In an arithmetic shi?tC the bits that Dslide o?? the endD disa''ear. The s'aces are ?illed in such a ay to 'reser>e the si"n o? the number bein" slid. For this reasonC Arithmetic +hi?ts are better suited ?or si"ned numbers in t o:s com'lement ?ormat.
sar ar"
arithmetic shi?t to the ri"ht. s'aces are ?illed ith si"n bit 7to maintain si"n o? ori"inal >alue8.
sal ar"
arithmetic shi?t to the le?t. s'aces are ?illed ith #eros
-hi6t With Carry Instructions

A Lo"ical +hi?tC and the bit that slides o?? the end "oes into the carry ?la".
scr ar"
shi?t ith carry to the ri"ht
scl ar"
shi?t ith carry to the le?t
*otate Instructions
In a rotate instructionC the bits that slide o?? the end o? the re"ister are ?ed back into the s'aces.
ror ar"
rotate to the ri"ht
rol ar"
rotate to the le?t
%ther Instructions
x86 Assembly
-tack Instructions
push ar"
This instruction decrements the stack 'ointer and loads the data s'eci?ied as the ar"ument into the location 'ointed to by the stack 'ointer.
pop ar"
This instruction loads the data stored in the location 'ointed to by the stack 'ointer into the ar"ument s'eci?ied and then increments the stack 'ointer. For e,am'leB
mov eax, ) mov ebx, *
pus! eax
the stack ould beB O0P the stack ould beB O3P O0P the to'most item 7 hich is 38 ould be stored in ea,. the stack ould beB O0P eb, ould be eAual to 0. the stack ould no be em'ty.
pus! ebx
pop eax
pop ebx
push6
This instruction decrements the stack 'ointer and then loads the location 'ointed to by the stack 'ointer ith the contents o? the ?la" re"ister.
pop6
This intruction loads the ?la" re"ister ith the contents o? the memory location 'ointed to by the stack 'ointer and then increments the contents o? the stack 'ointer.
Fla&s instructions
Interrupt Fla& sti
+ets the interru't ?la". 6rocessor can acce't interru'ts ?rom 'eri'heral hard are. This ?la" should be ke't set under normal e,ecution.
cli
&lears the interru't ?la". Hard are interru'ts cannot interru't e,ecution. 6ro"rams can still "enerate interru'tsC called so?t are interru'tsC and chan"e the ?lo o? e,ecution. .on<maskable interru'ts 7.4I8 cannot be blocked usin" this instruction.
)irection Fla& std

+ets the direction ?la". .ormallyC hen usin" strin" instructions the data 'ointer "ets incremented ith each iteration. When the direction ?la" is setC the data 'ointer is decremented instead.
cld
clears the direction ?la"
Carry Fla& stc

sets the carry ?la"
clc
clears the carry ?la"
cmc
&om'lement the carry ?la"
%ther sah6
+tores the content o? AH re"ister into the lo er byte o? the ?la" re"ister.
lah6
Loads the AH re"ister ith the contents o? the lo er byte o? the ?la" re"ister.
I+% Instructions
in srcC dest in destC src
The I. instruction almost al ays has the o'erands A1 and %1 7or 9A1 and 9%18 associated ith it. %1 7src8 ?reAuently holds the 'ort address to readC and A1 7dest8 recei>es the data ?rom the 'ort. In 6rotected 4ode o'eratin" systemsC the I. instruction is ?reAuently lockedC and normal users can:t use it in their 'ro"rams.
out srcC dest out destC src
The %,! instruction is >ery similar to the I. instruction. !*T out'uts data ?rom a "i>en re"ister 7src8 to a "i>en out'ut 'ort 7dest8. In 'rotected modeC the !*T instruction is ?reAuently locked so normal users can:t use it.
-ystem Instructions
These instructions ere added ith the 6entium II.
sysenter
This instruction causes the 'rocessor to enter 'rotected system mode.
sysexit
This instruction causes the 'rocessor to lea>e 'rotected system modeC and enter user mode.
X86 Interrupts
x86 Assembly
Interru'ts are s'ecial routines that are de?ined on a 'er<system basis. This means that the interru'ts on one system mi"ht be di??erent ?rom the interru'ts on another system. There?oreC it is usually a bad idea to rely hea>ily on interru'ts hen you are ritin" code that needs to be 'ortable.
What is an Interrupt
Interru'ts do e,actly hat the name su""estsB they interru't the control ?lo o? the ,23 'rocessor. When an interru't is tri""eredC the current 'ro"ram sto'sC and the 'rocessor @um's to a s'ecial 'ro"ram called an DInterru't +er>ice (outineD 7I+(8. 9ach I+( is a 'ro"ram in memory that handles a 'articular interru't. When the I+( is ?inishedC the micro'rocessor normally @um's ri"ht back to here it as in the ori"inal 'ro"ram 7ho e>erC there are interru'ts that don:t do this8. In the case o? hard are interru'tsC the 'ro"ram doesn:t e>en ha>e to kno that it "ot interru'tedB the chan"e is seamless. In modern o'eratin" systemsC the 'ro"rammer doesn:t o?ten need to use interru'ts. In Windo sC ?or e,am'leC the 'ro"rammer conducts business ith the Win32 A6I. Ho e>erC these A6I calls ill inter?ace ith the kernelC and o?ten times the kernel ill tri""er interru'ts to 'er?orm di??erent tasks. Ho e>erC in older o'eratin" systems 7s'eci?ically %!+8C the 'ro"rammer didn:t ha>e an A6I to useC and so they had to do all their ork throu"h interru'ts.
Interrupt Instruction
int ar"
This instruction calls the s'eci?ied interru't. ?or instanceB
int 80x0#
Will call interru't 1= 7=,=A 7he,8 U 1= 7decimal88
!ypes o6 Interrupts
There are 3 ty'es o? interru'tsB Hard are Interru'tsC +o?t are Interru'ts and 9,ce'tions.
#ard$are Interrupts
Hard are interru'ts are tri""ered by hard are de>ices. For instanceC hen you ty'e on
your keyboardC the keyboard tri""ers a hard are interru't. The 'rocessor sto's hat it is doin"C and e,ecutes the code that handles keyboard in'ut 7ty'ically readin" the key you 'ressed into a bu??er in memory8. Hard are interru'ts are ty'ically asynchronous < their occurrance is unrelated to the instructions bein" e,ecuted at the time they are raised.
-o6t$are Interrupts
There are also a series o? so?t are interru'ts that are usually used to trans?er control to a ?unction in the o'eratin" system kernel. +o?t are interru'ts are tri""ered by the instruction int. For e,am'leC the instruction Dint 1-hD tri""ers interru't =,1-. The 'rocessor then sto's the current 'ro"ramC and @um's to the code to handle interru't 1-. When interru't handlin" is com'leteC the 'rocessor returns ?lo to the ori"inal 'ro"ram.
5xceptions
9,ce'tions are caused by e,ce'tional conditions in the code hich is e,ecutin"C ?or e,am'le an attem't to di>ide by #ero or access a 'rotected memory area. The 'rocessor ill detect this 'roblemC and trans?er control to a handler to ser>ice the e,ce'tion. This handler may re<e,ecute the o??endin" code a?ter chan"in" some >alue 7?or e,am'leC the #ero di>idend8 orC i? this cannot be doneC may terminate the 'ro"ram causin" the e,ce'tion.
Further *eadin&
A "reat list o? interru'ts 6or )%- and related systems is at (al'h Bro n:s Interru't List.
x86 Assemblers
x86 Assembly
Wiki'edia has related in?ormation at Assembler. There are a number o? di??erent assemblers a>ailable ?or ,23 architectures. This 'a"e ill list some o? themC and ill discuss here to "et the assemblersC hat they are "ood ?orC and here they are used the most.
1., Assembler 31A-4

Wiki'edia has related in?ormation at GNU Assembler. The 5.* assembler is most common as the assembly back<end to the 5&& com'iler. !ne o? the most com'ellin" reasons to learn to 'ro"ram 5A+ 7as it is ?reAuently abbre>iated8 is because inline assembly instructions in the 5&& com'iler need to be in 5A+ synta,. 5A+ uses the ATHT synta, ?or ritin" the assembly lan"ua"eC hich some 'eo'le claim is more com'licatedC but other 'eo'le say it is more in?ormati>e.
0icroso6t 0acro Assembler 30A-04

Wiki'edia has related in?ormation at Microsoft Macro Assembler. 4icroso?t:s 4acro AssemblerC 4A+4C has been in constant 'roduction ?or many many years. 4any 'eo'le claim that 4A+4 isn:t bein" su''orted or im'ro>ed anymoreC but 4icroso?t denies thisB 4A+4 is maintainedC but is currently in a bu"<?i,in" mode. .o ne ?eatures are currently bein" added. Ho e>erC 4icroso?t is shi''in" a 3-<bit >ersion o? 4A+4 ith ne 3-<bit com'iler suites. 4A+4 can still be obtained ?rom microso?t as either a do nload ?rom 4+%.C or as 'art o? the 4icroso?t %%/. The currently a>ailable >ersion o? 4A+4 is >ersion 2.,. 4A+4 uses the Intel synta, ?or its instructionsC hich stands in stark contrast to the ATHT synta, used by the 5A+ assembler. 4ost notablyC 4A+4 instructions take their o'erands in re>erse order ?rom 5A+. This one ?act is 'erha's the bi""est stumblin" block ?or 'eo'le tryin" to transition bet een the t o assemblers. 4A+4 also has a >ery 'o er?ul macro en"ineC hich many 'ro"rammers use to im'lement a hi"h<le>el ?eel in 4A+4 'ro"rams.
5xternal Links

htt'B)) htt'B))
.masm?orum.com .mo>sd.com
.et$ide Assembler 3.A-04

Wiki'edia has related in?ormation at NASM. The .et ide AssemblerC .A+4C as started as an o'en<source initiati>e to create a ?reeC retar"etable assembler ?or 2=,23 'lat?orms. When the .A+4 'ro@ect as startedC 4A+4 as still bein" sold by microso?t 74A+4 is currently ?ree8C and 5A+ contained >ery little error checkin" ca'ability. 5A+ asC a?ter allC the backend to 5&&C and 5&& al ays ?eeds 5A+ synta,<correct code. For this reasonC 5A+ didn:t need to inter?ace ith the user muchC and there?ore ritin" code ?or 5A+ as >ery tou"h. .A+4 uses a synta, hich is Dsimilar to Intel:s but less com'le,D. The .A+4 users manual is ?ound at htt'B))nasm.source?or"e.net)doc)html)nasmdoc1.html . FeaturesB
&ross 'lat?ormB Like 5asC this assembler runs on nearly e>ery 'lat?ormC su''osedly e>en on 6o er6& 4acs 7thou"h the code "enerated ill only run on an ,23 'lat?orm8 !'en +ource 4acro lan"ua"e 7code that rites code8
Flat Assembler 3FA-04

Wiki'edia has related in?ormation at ASM. Althou"h it as ritten in assemblyC it runs on se>eral o'eratin" systemsC includin" %!+C %e,!+C Linu,C Windo sC and B+%. Its synta, is similar to TA+4:s Dideal modeD and .A+4:s but the macros in this assembler are done di??erently. FeaturesB
Written in itsel?M and there?ore its source code is an e,am'le o? ho to rite in
this assembler &lean .A+4<like synta, Gery >ery ?ast Has 4acro lan"ua"e 7code that rites code8 Built<in I%9 ?or %!+ and Windo s &reates binaryC 4RC 69C 9LFC &!FF < no linker needed
5xternal Links
htt'B))?latassembler.net)
CA-0 Assembler
FA+4 is a "round<u' re rite o? .A+4 under the ne B+% licence. FA+4 is desi"ned to understand multi'le synta,es nati>ely 7.A+4 and 5A+C currently8. The 'rimary ?ocus o? FA+4 is to 'roduce DlibyasmDC a reusable library that can ork ith code at a lo le>elC and can be easily inte"rated into other so?t are 'ro@ects.
5xternal Links
htt'B))
.tortall.net)'ro@ects)yasm)
1A- -yntax
x86 Assembly
1eneral In6ormation
9,am'les in this article are created usin" the ATHT assembly synta, used in 5.* A+. The main ad>anta"e o? usin" this synta, is its com'atibility ith the 5&& inline assembly synta,. Ho e>erC this is not the only synta, that is used to re'resent ,23 o'erations. For e,am'leC .A+4 uses a di??erent synta, to re'resent assembly mnemonicsC o'erands and addressin" modesC as do some Hi"h<Le>el Assemblers. The ATHT synta, is the standard on *ni,<like systems but some assemblers use the Intel synta,C or can acce't both. 5A+ instructions "enerally ha>e the ?orm mnemonic sourceC destination. For instanceC the ?ollo in" mo? instructionB
movb 80x0), 9al
ill mo>e the >alue 0 into the re"ister al.
%peration -u66ixes
5A+ assembly instructions are "enerally su??i,ed ith the letters DbDC DsDC D DC DlDC DAD or DtD to determine hat si#e o'erand is bein" mani'ulated.

b U byte 72 bit8 s U short 713 bit inte"er8 or sin"le 732<bit ?loatin" 'oint8 U ord 713 bit8 l U lon" 732 bit inte"er or 3-<bit ?loatin" 'oint8 A U Auad 73- bit8 t U ten bytes 72=<bit ?loatin" 'oint8
I? the su??i, is not s'eci?iedC and there are no memory o'erands ?or the instructionC 5A+ in?ers the o'erand si#e ?rom the si#e o? the destination re"ister o'erand 7the ?inal o'erand8.
2re6ixes
When re?erencin" a re"isterC the re"ister needs to be 're?i,ed ith a DVD. &onstant numbers need to be 're?i,ed ith a DSD.
Introduction to the 1., as assembler

This section is ritten as a short introduction to 5.* as 7"as8C an assembler that can assemble the ,23 assembly lan"ua"e. "as is 'art o? the 5.* 6ro@ectC hich "i>es it the ?ollo in" nice 'ro'ertiesB

It is ?reely a>ailable. It is a>ailable on many o'eratin" systems. It inter?aces nicely ith the other 5.* 'ro"rammin" toolsC includin" the 5.* & com'iler 7"cc8 and 5.* linker 7ld8.
I? you are usin" a com'uter ith the Linu, o'eratin" systemC chances are you already ha>e "as installed on your system. I? you are usin" a com'uter ith the Windo s o'eratin" systemC you can install "as and other use?ul 'ro"rammin" utilities by installin" &y" in or 4in" . The remainder o? this introduction assumes you ha>e installed "as and kno ho to o'en a command<line inter?ace and edit ?iles.
1eneratin& assembly 6rom C code

+ince assembly lan"ua"e corres'onds directly to the o'erations a &6* 'er?ormsC a care?ully ritten assembly routine may be able to run much ?aster than the same routine ritten in a hi"her<le>el lan"ua"eC such as &. !n the other handC assembly routines ty'ically take more e??ort to rite than the eAui>alent routine in &. ThusC a ty'ical method ?or Auickly ritin" a 'ro"ram that 'er?orms ell is to ?irst rite the 'ro"ram in a hi"h<le>el lan"ua"e 7 hich is easier to rite and debu"8C then re rite selected routines in assembly lan"ua"e 7 hich 'er?orms better8. A "ood ?irst ste' to re ritin" a & routine in assembly lan"ua"e is to use the & com'iler to automatically "enerate the assembly lan"ua"e. .ot only does this "i>e you an assembly ?ile that com'iles correctlyC but it also ensures that the assembly routine does e,actly hat you intended it to. We ill no use the 5.* & com'iler to "enerate assembly codeC ?or the 'ur'oses o? e,aminin" the "as assembly lan"ua"e synta,. Here is the classic DHelloC orldD 'ro"ramC ritten in &B
:include Gstdio.!H int main1void2 I printf1>?ello, ,orldJAn>2; return 0; K
+a>e that in a ?ile called Dhello.cDC then ty'e at the 'rom'tB

gcc 5o !ello(c.exe !ello.c
This should com'ile the & ?ile and create an e,ecutable ?ile called DhelloYc.e,eD. I? you
"et an errorC make sure that the contents o? Dhello.cD are correct. .o you should be able to ty'e at the 'rom'tB
.3!ello(c.exe
and the 'ro"ram should 'rint DHelloC orldWD to the console. .o that e kno that Dhello.cD is ty'ed in correctly and does hat e antC let:s "enerate the eAui>alent ,23 assembly lan"ua"e. Ty'e the ?ollo in" at the 'rom'tB
gcc 5% !ello.c
This should create a ?ile called Dhello.sD 7D.sD is the ?ile e,tension that the 5.* system "i>es to assembly ?iles8. To com'ile the assembly ?ile into an e,ecutableC ty'eB
gcc 5o !ello(asm.exe !ello.s
7.ote that "cc calls the assembler 7as8 and the linker 7ld8 ?or us.8 .o C i? you ty'e the ?ollo in" at the 'rom'tB
.3!ello(asm.exe
this 'ro"ram should also 'rint DHelloC orldWD to the console. .ot sur'risin"lyC it does the same thin" as the com'iled & ?ile. Let:s take a look at hat is inside Dhello.sDB
.file .def .text >!ello.c> (((main; .scl 2; .t'pe 32; .endef
LC0:
.ascii >?ello, ,orldJA12A0> .globl (main .def (main; .scl 2; (main: pus!l 9ebp movl 9esp, 9ebp subl 8;, 9esp andl 851*, 9esp movl 80, 9eax movl 9eax, 5019ebp2 movl 5019ebp2, 9eax call ((alloca call (((main movl 8LC0, 19esp2 call (printf movl 80, 9eax leave ret .def (printf; .scl
.t'pe
32;
.endef
2;
.t'pe
32;
.endef
The contents o? Dhello.sD may >ary de'endin" on the >ersion o? the 5.* tools that are installedM this >ersion as "enerated ith &y" inC usin" "cc >ersion 3.3.1.
The lines be"innin" ith 'eriodsC like D.?ileDC D.de?DC or D.asciiD are assembler directi>es << commands that tell the assembler ho to assemble the ?ile. The lines be"innin" ith some te,t ?ollo ed by a colonC like DYmainBDC are labelsC or named locations in the code. The other lines are assembly instructions. The D.?ileD and D.de?D directi>es are ?or debu""in". We can lea>e them outB
LC0: .text
.ascii >?ello, ,orldJA12A0> .globl (main (main: pus!l 9ebp movl 9esp, 9ebp subl 8;, 9esp andl 851*, 9esp movl 80, 9eax movl 9eax, 5019ebp2 movl 5019ebp2, 9eax call ((alloca call (((main movl 8LC0, 19esp2 call (printf movl 80, 9eax leave ret
DhelloEsD line-by-line
.text
This line declares the start o? a section o? code. Fou can name sections usin" this directi>eC hich "i>es you ?ine<"rained control o>er here in the e,ecutable the resultin" machine code "oesC hich is use?ul in some casesC like ?or 'ro"rammin" embedded systems. *sin" D.te,tD by itsel? tells the assembler that the ?ollo in" code "oes in the de?ault sectionC hich is su??icient ?or most 'ur'oses.
LC0: .ascii >?ello, ,orldJA12A0>
This code declares a labelC then 'laces some ra A+&II te,t into the 'ro"ramC startin" at the label:s location. The DZ12D s'eci?ies a line<?eed characterC hile the DZ=D s'eci?ies a null character at the end o? the strin"M & routines mark the end o? strin"s ith null charactersC and since e are "oin" to call a & strin" routineC e need this character here.
.globl (main
This line tells the assembler that the label DYmainD is a "lobal labelC hich allo s other 'arts o? the 'ro"ram to see it. In this caseC the linker needs to be able to see the DYmainD labelC since the startu' code ith hich the 'ro"ram is linked calls DYmainD as a subroutine.
(main:
This line declares the DYmainD labelC markin" the 'lace that is called ?rom the startu' code.
pus!l movl subl 9ebp 9esp, 9ebp 8;, 9esp
These lines sa>e the >alue o? 9B6 on the stackC then mo>e the >alue o? 9+6 into 9B6C then subtract 2 ?rom 9+6. The DlD on the end o? each o'code indicates that e ant to use the >ersion o? the o'code that orks ith Dlon"D 732<bit8 o'erandsM usually the assembler is able to ork out the correct o'code >ersion ?rom the o'erandsC but @ust to be sa?eC it:s a "ood idea to include the DlDC D DC DbDC or other su??i,. The 'ercent si"ns desi"nate re"ister namesC and the dollar si"n desi"nates a literal >alue. This seAuence o? instructions is ty'ical at the start o? a subroutine to sa>e s'ace on the stack ?or local >ariablesM 9B6 is used as the base re"ister to re?erence the local >ariablesC and a >alue is subtracted ?rom 9+6 to reser>e s'ace on the stack 7since the Intel stack "ro s ?rom hi"her memory locations to lo er ones8. In this caseC ei"ht bytes ha>e been reser>ed on the stack. We shall see hy this s'ace is needed later.
andl 851*, 9esp
This code DandDs 9+6 ith =,FFFFFFF=C ali"nin" the stack ith the ne,t lo est 13<byte boundary. An e,amination o? 4in" :s source code re>eals that this may be ?or +I4% instructions a''earin" in the DYmainD routineC hich o'erate only on ali"ned addresses. +ince our routine doesn:t contain +I4% instructionsC this line is unnecessary.
movl movl movl 80, 9eax 9eax, 5019ebp2 5019ebp2, 9eax
This code mo>es #ero into 9A1C then mo>es 9A1 into the memory location 9B6<-C hich is in the tem'orary s'ace e reser>ed on the stack at the be"innin" o? the 'rocedure. Then it mo>es the memory location 9B6<- back into 9A1M clearlyC this is not o'timi#ed code. .ote that the 'arentheses indicate a memory locationC hile the number in ?ront o? the 'arentheses indicates an o??set ?rom that memory location.
call call ((alloca (((main
These ?unctions are 'art o? the & library setu'. +ince e are callin" ?unctions in the & libraryC e 'robably need these. The e,act o'erations they 'er?orm >ary de'endin" on the 'lat?orm and the >ersion o? the 5.* tools that are installed.
movl call 8LC0, 19esp2 (printf
This code 7?inallyW8 'rints our messa"e. FirstC it mo>es the location o? the A+&II strin" to the to' o? the stack. It seems that the & com'iler has o'timi#ed a seAuence o? D'o'l Vea,M 'ushl SL&=D into a sin"le mo>e to the to' o? the stack. ThenC it calls the Y'rint? subroutine in the & library to 'rint the messa"e to the console.
movl
80, 9eax
This line stores #eroC our return >alueC in 9A1. The & callin" con>ention is to store return >alues in 9A1 hen e,itin" a routine.
leave
This lineC ty'ically ?ound at the end o? subroutinesC ?rees the s'ace sa>ed on the stack by co'yin" 9B6 into 9+6C then 'o''in" the sa>ed >alue o? 9B6 back to 9B6.
ret
This line returns control to the callin" 'rocedure by 'o''in" the sa>ed instruction 'ointer ?rom the stack.
Communicatin& directly $ith the operatin& system

.ote that e only ha>e to call the & library setu' routines i? e need to call ?unctions in the & libraryC like D'rint?D. We could a>oid callin" these routines i? e instead communicate directly ith the o'eratin" system. The disad>anta"e o? communicatin" directly ith the o'eratin" system is that e lose 'ortabilityM our code ill be locked to a s'eci?ic o'eratin" system. For instructional 'ur'osesC thou"hC let:s look at ho one mi"ht do this under Windo s. Here is the & source codeC com'ilable under 4in" or &y" inB
:include G,indo,s.!H int main1void2 I LL%+D text 7 >?ello, ,orldJAn>; $M6D$ c!arsMritten; ?#C$LF !%tdout; !%tdout 7 Net%td?andle1%+$(6O+LO+(?#C$LF2; Mrite-ile1!%tdout, text, 10, Pc!arsMritten, COLL2; return 0;
IdeallyC you:d ant check the return codes o? D5et+tdHandleD and DWriteFileD to make sure they are orkin" correctlyC but this is su??icient ?or our 'ur'oses. Here is hat the "enerated assembly looks likeB
.file .def .text >!ello2.c> (((main; .scl 2; .t'pe 32; .endef
LC0:
.ascii >?ello, ,orldJA12A0> .globl (main .def (main; .scl 2; (main: pus!l 9ebp movl 9esp, 9ebp subl 800, 9esp andl 851*, 9esp movl 80, 9eax movl 9eax, 51*19ebp2 movl 51*19ebp2, 9eax
.t'pe
32;
.endef
call call movl movl call subl movl movl leal movl movl movl movl movl movl call subl movl leave ret
((alloca (((main 8LC0, 5019ebp2 8511, 19esp2 (Net%td?andleQ0 80, 9esp 9eax, 51219ebp2 80, 1*19esp2 5;19ebp2, 9eax 9eax, 1219esp2 810, ;19esp2 5019ebp2, 9eax 9eax, 019esp2 51219ebp2, 9eax 9eax, 19esp2 (Mrite-ileQ20 820, 9esp 80, 9eax
9>en thou"h e ne>er use the & standard libraryC the "enerated code initiali#es it ?or us. AlsoC there is a lot o? unnecessary stack mani'ulation. We can sim'li?yB
LC0: .text
.ascii >?ello, ,orldJA12> .globl (main (main: pus!l 9ebp movl 9esp, 9ebp subl 80, 9esp pus!l 8511 call (Net%td?andleQ0 pus!l 80 leal 5019ebp2, 9ebx pus!l 9ebx pus!l 810 pus!l 8LC0 pus!l 9eax call (Mrite-ileQ20 movl 80, 9eax leave ret
Analy#in" line<by<lineB
pus!l movl subl 9ebp 9esp, 9ebp 80, 9esp
We sa>e the old 9B6 and reser>e ?our bytes on the stackC since the call to WriteFile needs some here to store the number o? characters rittenC hich is a -<byte >alue.
pus!l call 8511 (Net%td?andleQ0
We 'ush the constant >alue +T%Y!*T6*TYHA.%L9 7<118 to the stack and call 5et+tdHandle. The returned handle >alue is in 9A1.
pus!l leal 80 5019ebp2, 9ebx
pus!l pus!l pus!l pus!l call
9ebx 810 8LC0 9eax (Mrite-ileQ20
We 'ush the 'arameters to WriteFile and call it. .ote that the Windo s callin" con>ention is to 'ush the 'arameters ?rom ri"ht<to<le?t. The load<e??ecti>e<address 7DleaD8 instruction adds <- to the >alue o? 9B6C "i>in" the location e sa>ed on the stack ?or the number o? characters 'rintedC hich e store in 9B1 and then 'ush onto the stack. Also note that 9A1 still holds the return >alue ?rom the 5et+tdHandle callC so e @ust 'ush it directly.
movl leave 80, 9eax
Here e set our 'ro"ram:s return >alue and restore the >alues o? 9B6 and 9+6 usin" the Dlea>eD instruction.
Ca?eats
From The 5A+ manual:s ATHT +ynta, Bu"s sectionB The *ni,Ware assemblerC and 'robably other ATHT deri>ed i,23 *ni, assemblersC "enerate ?loatin" 'oint instructions ith re>ersed source and destination re"isters in certain cases. *n?ortunatelyC "cc and 'ossibly many other 'ro"rams use this re>ersed synta,C so e:re stuck ith it. For e,am'le
fsub 9st,9st132
results in 9st132 bein" u'dated to 9st 5 9st132 rather than the e,'ected 9st132 5 9st. This ha''ens ith all the non<commutati>e arithmetic ?loatin" 'oint o'erations ith t o re"ister o'erands here the source re"ister is 9st and the destination re"ister is 9st1i2. .ote that e>en ob@dum' <d <4 intel still uses re>ersed o'codesC so use a di??erent disassembler to check this. +ee htt'B))bu"s.debian.or")3;2022 ?or more in?o.
Additional &as readin&

Fou can read more about "as at the 5.* "as documentation 'a"eB htt'B))source are.or")binutils)docs<2.1;)as)inde,.html
(e>erse 9n"ineerin")&allin" &on>entions
0A-0 -yntax
x86 Assembly
This 'a"e ill e,'lain ,23 6ro"rammin" usin" 4A+4 synta,C and ill also discuss ho to use the macro ca'abilities o? 4A+4. !ther assemblersC such as .A+4 and FA+4C use synta, di??erent ?rom 4A+4C similar only in usa"e o? o'erands order and instruction su??i,es.
Instruction %rder
4A+4 instructions ty'ically ha>e o'erands re>ersed ?rom 5A+ instructions. ?or instanceC instructions are ty'ically ritten as Instruction )estination, -ource. The mo? instructionC ritten as ?ollo sB
mov al, 0x0)
ill mo>e the >alue 0 into the al re"ister.
Instruction -u66ixes
4A+4 does not use instruction su??i,es to di??erentiate bet een si#es 7byteC ordC d ordC etc8.
0acros
4A+4 is kno n as either the D4acro AssemblerDC or the D4icroso?t AssemblerDC de'endin" on ho you talk to. But no matter here your ans ers are comin" ?romC the ?act is that 4A+4 has a 'o er?ul macro en"ineC and a number o? built<in macros a>ailable immediately.
0A-0 directi?es
4A+4 has a lar"e number o? directi>es that can control certain settin"s and beha>iorsC it has more o? them com'ared to .A+4 or FA+4 ?or e,am'le.
#LA -yntax
x86 Assembly
#LA -yntax
HLA is an assembler ?ront<end created by (andall Hyde. HLA acce'ts assembly ritten usin" a hi"h<le>el ?ormatC and con>erts the code into another ?ormat 74A+4 or 5A+C usually8. Another assembler 74A+4 or 5A+8 ill then assemble the instructions into machine code. In 4A+4C ?or instanceC e could rite the ?ollo in" codeB
mov F#E, 0x0)
In HLAC this code ould becomeB

mov10x0), F#E2;
HLA uses the same order<o?<o'erations as 5A+ synta,C but doesnt reAuire any o? the name decoration o? 5A+. AlsoC HLA uses the 'arenthesis notation to call an instruction. HLA terminates its lines ith a semicolonC similar to & or 6ascal.
#i&h-Le?el Constructs
+ome 'eo'le critici#e HLA because it Disn:t lo <le>el enou"hD. This is ?alseC because HLA can be as lo <le>el as 4A+4 or 5A+C but it also o??ers the o'tions to use some hi"her<le>el abstractions. For instanceC HLA can use the ?ollo in" synta, to 'ass ea, as an ar"ument to the Function1 ?unctionB
pus!1eax2; call1-unction12;
But HLA also allo s the 'ro"rammer to sim'li?y the 'rocessC i? they antB
-unction11eax2;
This is called the D'arenthesis notationD ?or callin" ?unctions. HLA also contains a number o? di??erent loo's 7do< hileC ?orC untilC etc..8 and control structures 7i?<then<elseC s itch<case8 that the 'ro"rammer can use. Ho e>erC these hi"h< le>el constructs come ith a ca>eatB *sin" them may be sim'leC but they translate into 4A+4 code instructions. It is usually ?aster to im'lement the loo's by hand.
!he Art o6 Assembly

HLA as ?irst 'o'ulari#ed in the book by (andal HydeC named DThe Art o? AssemblyD. That book is a>ailable at most bookstores.
FA-0 -yntax
x86 Assembly
!his book or module has been nominated 6or cleanup because7 'a"e needs "eneral ork
6lease edit this module to im'ro>e it. +ee this module:s talk 'a"e ?or discussion.
FA-0 is an assembler ?or the IA<32 architecture. The name stands ?or D?lat assemblerD. FA+4 itsel? is ritten in assembly lan"ua"e and is also a>ailable on %!+C %e,!+C Linu,C Windo sC and 4enuet!+ systems. It shatters the Dassembly is not 'ortable at allD myth. FA+4 has some ?eatures that are ad>anced ?or assembly lan"ua"esC such as macrosC structuresC and D>irtual dataD. FA+4 contains bindin"s to the 4+Windo s 5*I and !'en5L.
FFFFF 8x6666 6666h

FA+4 su''orts all 'o'ular synta,es o? he, numbers.
GG G6 Gb
Anonymous labels are su''orted. 9,am'leB
QQ: inc eax pus! eax jmp Qb
; +!is ,ill result in a stacR fault sooner or later
F
S describes current location. *se?ul ?or determinin" the si#e o? a block o? code or data. 9,am'le o? useB
m'string m'string.lengt! db eBu >+!is is m' string>, 0 85m'string
Local Labels
Local LabelsC hich be"in ith a . 7a 'eriod8
globallabel: .locallabelone: .locallabelt,o: globallabel2: .locallabelone:
.locallabelt,o:
Fou can re?erence local labels ?rom their "lobal label. For e,am'leB
globallabel.locallabelone
0acros
4acros in FA+4 are described in a &<like manner and are created like thisB
macro 1name2 1parameters2 I macro code. K
For e,am'leC the ?ollo in" could be used to o>erload the mov instruction to acce't three 'arameters in FA+4B
macro mov op1,op2,op3 I if op3 eB mov op1,op2 else mov op1,op2 mov op2,op3 end if K
i? o'3 eA means DI? the 3rd 'arameter 7o'38 eAuals nothin"C or blankD then do a normal mo> o'eration. 9lseC do the 3 ay mo>e o'eration.
5xternal links

FA+4 ebsite FA+4 o??icial manual
.A-0 -yntax
x86 Assembly
This section of the x86 Assembly book is a st b! "o can help by expanding this section!
.A-0 -yntax
Wiki'edia has related in?ormation at NASM.
.A+4 synta, looks likeB

mov ax, /
This loads the number L into re"ister a,. .otice that the instruction ?ormat is DdestC srcD. This ?ollo s the Intel style ,23 instruction ?ormattin"C as o''osed to the ATHT style used by the 5.* Assembler. .ote ?or 'eo'le usin" "db ith nasmC you can set "db to use Intel<style disassembly by issuin" the commandB
set disassembl'5flavor intel
.A-0 Comments
A sin"le semi<colon is used ?or commentsC and can be used like a double slash in &)&EE.
5xample I+% 3Linux4

To 'ass the kernel a sim'le in'ut command on Linu,C you ould 'ass >alues to the ?ollo in" re"isters and then send the kernel an interru't si"nal. To read in a sin"le character ?rom standard in'ut 7such as ?rom a user at their keyboard8C do the ?ollo in"B
; read a b'te from stdin mov eax, 3 ; mov edx, 1 ; mov ecx, variable ; mov ebx, 1 ; int 0x;0 ; 3 is recogni=ed b' t!e s'stem as meaning >input> input lengt! 1one b'te2 address to pass to read from standard input call t!e Rernel
!ut'uttin" ?ollo s a similar con>entionB
mov eax, mov ecx, mov ebx, mov edx, int 0x;0
0 variable 1 0
; ; ; ;
t!e s'stem interprets 0 as >output> pointer to t!e value being passed standard output 1print to terminal2 lengt! of output 1in b'tes2
6assin" >alues to the re"isters in di??erent orders on:t a??ect the e,ecution hen the kernel is calledC but decidin" on a methodolo"y can make it drastically easier to read.
Floatin& 2oint
x86 Assembly
x8H Coprocessor
The ori"inal ,23 ?amily members had a se'arate math co'rocessor that ould handle the ?loatin" 'oint arithmetic. The ori"inal co'rocessor as the 2=2;C and all F6*s since ha>e been dubbed D,2;D chi's. Later >ariants inte"rated the ?loatin" 'oint unit 7F6*8 into the micro'rocessor itsel?. Ha>in" the ca'ability to mana"e ?loatin" 'oint numbers means a ?e thin"sB 1. The micro'rocessor must ha>e s'ace to store ?loatin" 'oint numbers 2. The micro'rocessor must ha>e instructions to mani'ulate ?loatin" 'oint numbers This 'a"e ill talk about these 2 'oints in detail. The F6*C e>en hen it is inte"rated into an ,23 chi' is still called the D,2;D sectionC e>en thou"h it is 'art o? the ,23 chi'. For instanceC literature on the sub@ect ill ?reAuently call the F6* (e"ister +tack the D,2; +tackDC and the F6* o'erations ill ?reAuently be called the D,2; instruction setD.
F2, *e&ister -tack

The F6* has 2 re"istersC ?ormed into a stack. .umbers are 'ushed onto the stack ?rom memoryC and are 'o''ed o?? the stack back to memory. F6* instructions "enerally ill 'o' the ?irst t o items o?? the stackC act on themC and 'ush the ans er back on to the to' o? the stack. ?loatin" 'oint numbers may "enerally be either 32 bits lon" 7& D?loatD ty'e8C or 3- bits lon" 7& DdoubleD ty'e8. Ho e>erC in order to reduce round<o?? errorsC the F6* stack re"isters are all 2= bits ide.
Floatin&-2oint Instruction -et

%ri&inal 888H instructions
F2141C FAB+C FA%%C FA%%6C FBL%C FB+T6C F&H+C F&L91C F&!4C F&!46C F&!466C F%9&+T6C F%I+IC F%IGC F%IG6C F%IG(C F%IG(6C F9.IC FF(99C FIA%%C FI&!4C FI&!46C FI%IGC FI%IG(C FIL%C FI4*LC FI.&+T6C FI.ITC FI+TC FI+T6C FI+*BC FI+*B(C FL%C FL%1C FL%&WC FL%9.GC FL%9.GWC FL%L29C FL%L2TC FL%L52C FL%L.2C FL%6IC FL%RC F4*LC F4*L6C F.&L91C F.%I+IC F.9.IC F.I.ITC F.!6C F.+AG9C F.+AG9WC F.+T&WC F.+T9.GC F.+T9.GWC F.+T+WC F6ATA.C F6(94C F6TA.C F(.%I.TC F(+T!(C F(+T!(WC F+AG9C F+AG9WC F+&AL9C F+$(TC F+TC F+T&WC F+T9.GC F+T9.GWC F+T6C F+T+WC
F+*BC F+*B6C F+*B(C F+*B(6C FT+TC FWAITC F1A4C F1&HC F1T(A&TC FFL21C FFL2161
Added in speci6ic processors

Added $ith 88<8H F+9T64 Added $ith 88;8H F&!+C FL%9.G%C F.+AG9%C F.+T9.G%C F6(941C F(+T!(%C F+AG9%C F+I.C F+I.&!+C F+T9.G%C F*&!4C F*&!46C F*&!466 Added $ith 2entium 2ro F&4!GBC F&4!GB9C F&4!G9C F&4!G.BC F&4!G.B9C F&4!G.9C F&4!G.*C F&4!G*C F&!4IC F&!4I6C F*&!4IC F*&!4I6C F1(+T!(C F1+AG9 Added $ith 2entium = supportin& --5; as part of the SS#$ branding FI+TT6 7,2; to inte"er con>ersion8
Further *eadin&

(e>erse 9n"ineerin")Floatin" 6oint .umbers Floatin" 6oint
00X
x86 Assembly
-aturation Arithmetic
Wiki'edia has related in?ormation at MMX. In an 2<bit "rayscale 'ictureC 200 is the >alue ?or 'ure hiteC and = is the >alue ?or 'ure black. In a re"ular re"ister 7A1C B1C &1 ...8 i? e add one to hiteC e "et blackW This is because the re"ular re"isters Droll<o>erD to the ne,t >alue. 441 re"isters "et around this by a techniAue called D+aturation ArithmeticD. In saturation arithmeticC the >alue o? the re"ister ne>er rolls o>er to = a"ain. This means that in the 441 orldC e ha>e the ?ollo in" eAuationsB
2)) & 100 7 2)) 200 & 100 7 2)) 0 5 100 7 0; // 5 100 7 0;
This may seem counter<intuiti>e at ?irst to 'eo'le ho are used to their re"isters rollin" o>erC but it makes "ood senseB i? e make hite bri"hterC it shouldnt become black.
-in&le Instruction 0ultiple )ata 3-I0)4 Instructions

441 re"isters are 3- bits ideC but they can be broken do n as ?ollo sB
2 32 bit values 0 1* bit values ; ; bit values
The 441 re"isters cannot easily be used ?or 3- bit arithmeticC so it:s a aste o? time to e>en try. Let:s say that e ha>e - Bytes loaded in an 441 re"isterB 1=C 20C 122C 200. We ha>e them arran"ed as suchB
SS0: T 10 T 2) T 12; T 2)) T
And e do the ?ollo in" 'seudo code o'erationB

SS0 & 10
We ould "et the ?ollo in" resultB

SS0: T10&10T2)&10T12;&10T2))&10T 7 T 20 T 3) T 13; T 2)) T
(emember that in the last bo,C our arithmetic DsaturatesDC and doesn:t "o o>er 200. *sin" 441C e are essentially 'er?ormin" - additionsC in the time it takes to 'er?orm 1
addition usin" the re"ular re"isters. The 'roblem is that the 441 instructions run sli"htly slo er then the re"ular arithmetic instructionsC the F6* can:t be used hen the 441 re"ister is runnin"C and 441 re"isters use saturation arithmetic.
00X *e&isters
There are 2 3-<bit 441 re"isters. These re"isters o>erlay the F6* stack re"ister. !he 00X instructions and the F2, instructions cannot be used simultaneously. 441 re"isters are addressed directlyC and do not need to be accessed by 'ushin" and 'o''in" in the same ay as the F6* re"isters. 44; 443 440 44- 443 442 441 44= These re"isters corres'ond to to same numbered F6* re"isters on the F6* stack. *sually hen you initiate an assembly block in your code that contains 441 instructionsC the &6* automatically ill disallo ?loatin" 'oint instructions. To re<allo F6* o'erations you must end all 441 code ith emms here is an e,am'le o? a & routine callin" assembly lan"ua"e ith 441 code 7.!T9B Borland com'atible &EE 9,am'le8....
33555555555555555555555555555555555555555555555555555 33 # simple example using SSE to cop' ; b'tes of data 33 -rom source s2 to destination s1 33555555555555555555555555555555555555555555555555555 void ((fastcall Cop'Semor';1c!ar 4s1, const c!ar 4s22 I ((asm I pus! edx mov ecx, s2 mov edx, s1 movB mm0, ecx " movB edx ", mm0 pop edx emms K K
--5
x86 Assembly
This section of the x86 Assembly book is a st b! "o can help by expanding this section!
Wiki'edia has related in?ormation at Streaming SIMD !"tensions.
++9 stands ?or -treamin& -I0) 5xtensions. ++9 is essentially the ?loatin"<'oint eAui>alent o? the 441 instructions. ++9 re"isters are 122 bitsC and can be used to 'er?orm o'erations on either t o 3- bit ?loatin" 'oint numbers 7& double8C or - 32<bit ?loatin" 'oint numbers 7& ?loat8.
--5
122<bit re"isters 144= 1441 1442 1443 144- 1440 1443 144;
--5<
+ame as 441 and ++9
--5;
+ame as 441 and ++9
;) .o$
x86 Assembly
This section of the x86 Assembly book is a st b! "o can help by expanding this section! Wiki'edia has related in?ormation at #DNo$ %&'. ;d .o$I is A4%:s e,tension o? the 441 instruction set 7/3<2 and more recent8 ?or ith ?loatin"<'oint instruction. This 'a"e ill talk about the 3% .o W instruction setC and ho it is used.
Ad?anced x86
x86 Assembly
The cha'ters in the ,23 Assembly ikibook labled DAd>anced ,23D cha'ters are all s'eciali#ed to'ics that mi"ht not be o? interest to the a>era"e assembly 'ro"rammer. Ho e>erC these cha'ters ill be o? some interest to 'eo'le ho ould like to ork on lo <le>el 'ro"rammin" tasksC such as bootloadersC de>ice dri>ersC and !'eratin" +ystem kernels. A reader does not need to read the ?ollo in" cha'ters to say they Dkno assemblyDC althou"h they certainly are interestin".
#i&h-Le?el Lan&ua&es
x86 Assembly
Compilers
The ?irst com'ilers ere sim'ly te,t translators that con>erted a hi"h<le>el lan"ua"e into assembly lan"ua"e. The assembly lan"ua"e code as then ?ed into an assemblerC to create the ?inal machine code out'ut. The 5&& com'iler still 'er?orms this seAuence 7code is com'iled into assemblyC and ?ed to the A+ assembler8. Ho e>erC many modern com'ilers ill ski' the assembly lan"ua"e and create the machine code directly. Assembly lan"ua"e code has the bene?it that it has a one<to<one correlation ith the underlyin" machine code. 9ach machine instruction is ma''ed directly to a sin"le Assembly instruction. Because o? thisC e>en hen a com'iler directly creates the machine codeC it is still 'ossible to inter?ace that code ith an assembly lan"ua"e 'ro"ram. The im'ortant 'art is kno in" e,actly ho the lan"ua"e im'lements its data structuresC control structuresC and ?unctions. The method in hich ?unction calls are im'lemented by a hi"h<le>el lan"ua"e com'iler is called a callin& con?ention.
C Callin& Con?entions
C)5CL
In most & com'ilersC the &%9&L callin" con>ention is the de ?acto standard. Ho e>erC the 'ro"rammer can s'eci?y that a ?unction be im'lemented usin" &%9&L by 're'endin" the ?unction declaration ith the key ord JJcdecl. +ometimes a com'iler can be instructed to o>erride cdecl as the de?ault callin" con>entionC and this declaration ill ?orce the com'iler not to o>erride the de?ault settin". &%9&L callin" con>ention s'eci?ies a number o? di??erent reAuirementsB 1. Function ar"uments are 'assed on the stackC in ri&ht-to-le6t order. 2. Function result is stored in 9A1)A1)AL 3. The ?unction name is 're'ended ith an underscore. &%9&L ?unctions are ca'able o? acce'tin" >ariable ar"ument lists.
-!)CALL
+T%&ALL is the callin" con>ention that is used hen inter?acin" ith the Win32 A6I on 4icroso?t Windo s systems. +T%&ALL as created by 4icroso?tC and there?ore isn:t al ays su''orted by non<microso?t com'ilers. +T%&ALL ?unctions can be declared usin" the JJstdcall key ord on many com'ilers. +T%&ALL has the ?ollo in"
reAuirementsB 1. 2. 3. -. Function ar"uments are 'assed on the stack in ri"ht<to<le?t order. Function result is stored in 9A1)A1)AL Function name is 're'ended ith an underscore Function name is su??i,ed ith an D[D si"nC ?ollo ed by the number o? bytes o? ar"uments bein" 'assed to it.
+T%&ALL ?unctions are not ca'able o? acce'tin" >ariable ar"ument lists. For e,am'leC the ?ollo in" ?unction declaration in &B
(stdcall void S'-unction1int, int, s!ort2;
ould be accessed in assembly usin" the ?ollo in" ?unction labelB

(S'-unctionQ12
(ememberC on a 32 bit machineC 'assin" a 13 bit ar"ument on the stack 7& DshortD8 takes u' a ?ull 32 bits o? s'ace.
FA-!CALL
FA+T&ALL ?unctions can ?reAuently be s'eci?ied ith the JJ6astcall key ord in many com'ilers. FA+T&ALL ?unctions 'ass the ?irst t o ar"uments to the ?unction in re"istersC so that the time<consumin" stack o'erations can be a>oided. FA+T&ALL has the ?ollo in" reAuirementsB 1. The ?irst 32<bit 7or smaller8 ar"ument is 'assed in 9A1)A1)AL 2. The second 32<bit 7or smaller8 ar"ument is 'assed in 9%1)%1)%L 3. The remainin" ?unction ar"uments 7i? any8 are 'assed on the stack in ri"ht<to<le?t order -. The ?unction result is returned in 9A1)A1)AL 0. The ?unction name is a''ended ith an D[D symbol 3. The ?unction name is su??i,ed ith an D[D symbolC ?ollo ed by the si#e o? 'assed ar"umentsC in bytes.
CKK Callin& Con?entions 3!#I-CALL4

The &EE THI+&ALL callin" con>ention is the standard callin" con>ention ?or &EE. In THI+&ALLC the ?unction is called almost identically to the &%9&L con>entionC but the this 'ointer 7the 'ointer to the current class8 must be 'assed. The ay that the this 'ointer is 'assed is com'iler<de'endent. 4icroso?t Gisual &EE
'asses it in 9&1. 5&& 'asses it as i? it ere the ?irst 'arameter o? the ?unction. 7i.e. bet een the return address and the ?irst ?ormal 'arameter.8
Ada Callin& Con?entions 2ascal Callin& Con?entions

Th 6ascal con>ention is essentially identical to cdeclC di??erin" only in thatB 1. The 'arameters are 'ushed le?t to ri"ht 7lo"ical estern< orld readin" order8 2. The routine bein" called must clean the stack be?ore returnin" AdditionallyC each 'arameter on the 32<bit stack must use all ?our bytes o? the %W!(%C re"ardless o? the actual si#e o? the datum. This is the main callin" method used by Windo s A6I routinesC as it is sli"htly more e??icient ith re"ard to memory usa"eC stack access and callin" s'eed. .oteB the 6ascal con>ention is .!T the same as the Borland 6ascal con>entionC hich is a ?orm o? ?astcallC usin" re"isters 7ea,C ed,C ec,8 to 'ass the ?irst three 'arametersC and also kno n as (e"ister &on>ention.
Fortran Callin& Con?entions Inline Assembly

C+CKK
Further *eadin&
For an in de'th discussion as to ho hi"h<le>el 'ro"rammin" constructs are translated into assembly lan"ua"eC see (e>erse 9n"ineerin".

& 6ro"rammin" &EE (e>erse 9n"ineerin")&allin" &on>entions (e>erse 9n"ineerin")9,am'les)&allin" &on>entions
0achine Lan&ua&e Con?ersion
x86 Assembly
*elationship to 0achine Code

,23 assembly instructions ha>e a one<to<one relationshi' ith the underlyin" machine instructions. This means that essentially e can con>ert assembly instructions into machine instructions ith a look<u' table. This 'a"e ill talk about some o? the con>ersions ?rom assembly lan"ua"e to machine lan"ua"e.
CI-C and *I-C

The ,23 architecture is a complex instruction set computer 7&I+&8 architecture. Amon"st other thin"sC this means that the instructions ?or the ,23 architecture are o? >aryin" len"ths. This can make the 'rocesses o? assemblyC disassembly and instruction decodin" more com'licatedC because the instruction len"th needs to be calculated ?or each instruction. ,23 instructions can be any here bet een 1 and 10 bytes lon". The len"th is de?ined se'arately ?or each instructionC de'endin" on the a>ailable modes o? o'eration o? the instructionC the number o? reAuired o'erands and more.
8886 instruction 6ormat 3:6 bit4

This is the "eneral instruction ?orm ?or the 2=23B 6re?i,es 7o'tional8 !'code % W 4!% (e" ()4 %is'lacement or data 7o'tional8 6re?i,es !'tional 're?i,es hich chan"e the o'eration o? the instruction W 71 bit8 !'eration si#e. 1 U WordC = U byte. %
71 bit8 %irection. 1 U (e"ister is %estinationC = U (e"ister is source. !'code the o'code is a 3 bit Auantity that determines hat instruction ?amily the code is 4!% 72 bits8 (e"ister mode. (e" 73 bits8 (e"ister. 9ach re"ister has an identi?ier. ()4 73 bits8 (e"ister)4emory o'erand .ot all instructions ha>e W or % bitsM in some casesC the idth o? the o'eration is either irrele>ant or im'licitC and ?or other o'erations the data direction is irrele>ant. .otice that Intel instruction ?ormat is little<endianC hich means that the lo est< si"ni?icance bytes are closest to absolute address =. ThusC ords are stored lo <byte ?irstM the >alue 123-H is stored in memory as 3-H 12H. By con>entionC most<si"ni?icant bits are al ays sho n to the le?t ithin the byteC so 3-H ould be ==11=1==B. A?ter the initial 2 bytesC each instruction can ha>e many additional addressin")immediate data bytes.
0od + *e& + *+0 tables

4od %is'lacement == =1 1= 11 I? r)m is 11=C %is'lacement 713 bits8 is addressM other iseC no dis'lacement 9i"ht<bit dis'lacementC si"n<e,tended to 13 bits 13<bit dis'lacement r)m is treated as a second Dre"D ?ield
(e" W U = W U 1 === AL ==1 &L =1= %L A1 &1 %1
=11 BL 1== AH 1=1 &H 11= %H 111 BH
B1 +6 B6 +I %I
r)m !'erand address === 7B18 E 7+I8 E dis'lacement ==1 7B18 E 7%I8 E dis'lacement =1= 7B68 E 7+I8 E dis'lacement =11 7B68 E 7%I8 E dis'lacement 1== 7+I8 E dis'lacement 1=1 7%I8 E dis'lacement 11= 7B68 E dis'lacement unless mod U == 7see mod table8
111 7B18 E dis'lacement .ote the s'ecial meanin" o? 4!% ==C r)m 11=. .ormallyC this ould be e,'ected to be the o'erand OB6P. Ho e>erC instead the 13<bit dis'lacement is treated as the absolute address. To encode the >alue OB6PC you ould use mod U =1C r)m U 11=C 2<bit dis'lacement U =.
5xample7 Absolute addressin&

Let:s translate the ?ollo in" instruction into bytecodeB
E6D CL,
12?"
.ote that this is 1!(in" &L ith the contents o? address 12H \ the sAuare brackets are a common indirection indicator. The o'code ?or 1!( is D==11==d D. % is 1 because the &L re"ister is the destination. W is = because e ha>e a byte o? data. !ur ?irst byte there?ore is D==11==1=D. .o C e kno that the code ?or &L is ==1. (e" thus has the >alue ==1. The address is s'eci?ied as a sim'le dis'lacementC so the 4!% >alue is == and the ()4 is 11=. Byte 2 is thus 7== ==1 11=b8. Byte 3 and - contain the e??ecti>e addressC lo <order byte ?irstC ==12H as 12H ==HC or 7===1==1=b8 7========b8 All to"etherC
E6D CL, 12?" 7 00110010 00001110 00010010 00000000 7 32? 0F? 12? 00?
5xample7 Immediate operand

.o C i? e ere to ant to use an immediate o'erandC as ?ollo sB
E6D CL, 12?
In this caseC because there are no sAuare bracketsC 12H is immediateB it is the number e are "oin" to 1!( a"ainst. The o'code ?or an immediate 1!( is 1====== M in this caseC e are usin" a byteC so is =. +o our ?irst byte is 71=======b8. The second byteC ?or an immediate o'erationC takes the ?orm Dmod 11= r)mD. +ince the destination is a re"isterC mod is 11C makin" the r)m ?ield a re"ister >alue. We already kno that the re"ister >alue ?or &L is ==1C so our second byte is 711 11= ==1b8. The third byte 7and ?ourth byteC i? this ere a ord o'eration8 are the immediate data. As it is a byteC there is only one byte o? dataC 12H U 7===1==1=b8. All to"etherC thenB
E6D CL, 12? 7 10000000 11110001 00010010 7 ;0? -1? 12?
x86-;< Instructions 3;< bit4

The 32<bit instructions are encoded in a >ery similar ay to the 13<bit instructionsC e,ce't 7by de?ault8 they act u'on d ord Auantities rather than ords. AlsoC they su''ort a much more ?le,ible memory addressin" ?ormatC hich is made 'ossible by the addition o? an +IB Dscale<inde,<baseD byteC hich ?ollo s the 4od()4 byte.
x86-6= Instructions 36= bit4
2rotected 0ode
x86 Assembly
This 'a"e is "oin" to discuss the di??erences bet een real mode and 'rotected mode o'erations in the ,23 'rocessors. This 'a"e ill also discuss ho to enter 'rotected modeC and ho to e,it 'rotected mode. 4odern !'eratin" +ystems 7Windo sC *ni,C Linu,C B+%C etc...8 all o'erate in 'rotected modeC so most assembly lan"ua"e 'ro"rammers on:t need this in?ormation. Ho e>erC this in?ormation ill be 'articularly use?ul to 'eo'le ho are tryin" to 'ro"ram kernels or bootloaders.
*eal 0ode %peration

Wiki'edia has related in?ormation at X86 assembly programming in real mo(e. When an ,23 'rocessor is 'o ered u' or resetC it is in real mode. In real modeC the ,23 'rocessor essentially acts like a >ery ?ast 2=23. !nly the base instruction set o? the 'rocessor can be used. (eal mode memory address s'ace is limited to 14iB o? addressable memoryC and each memory se"ment is limited to 3-/iB. (eal 4ode is 'ro>ided essentially to 'ro>ide back ards<com'atability ith 2=23 and 2=123 'ro"rams.
2rotected 0ode %peration

Wiki'edia has related in?ormation at X86 assembly programming in protecte( mo(e. In 'rotected mode o'erationC the ,23 can address 13 4b or - 5B o? address s'ace. This may ma' directly onto the 'hysical (A4 7in hich caseC i? there is less than - 5B o? (A4C some address s'ace is unused8C or 'a"in" may be used to arbitrarily translate bet een >irtual addresses and 'hysical addresses. In 6rotected modeC the se"ments in memory can be assi"ned 'rotectionC and attem'ts to >iolate this 'rotection cause a D5eneral 6rotectionD e,ce'tion. 6rotected mode in the 323C amon"st other thin"sC is controlled by the Control *e&istersC hich are labelled &(=C &(2C &(3C and &(-. 6rotected mode in the 223 is controlled by the 0achine -tatus Word.
Lon& 0ode
Wiki'edia has related in?ormation at X86 assembly programming in long
mo(e . Lon" mode as introduced by A4% ith the ad>ent o? the Athlon3- 'rocessor. Lon" mode allo s the micro'rocessor to access 3-<bit memory s'aceC and access 3-<bit lon" re"isters. 4any 13 and 32<bit instructions do not ork 7or ork correctly8 in Lon" 4ode. ,23<3- 'rocessors in (eal mode act e,actly the like 13 bit chi'sC and ,23<3- chi's in 'rotected mode act e,actly like 32<bit 'rocessors. To unlock the 3-<bit ca'abilities o? the chi'C the chi' must be s itched into Lon" 4ode.
5nterin& 2rotected 0ode

The lo est 0 bits o? the control re"ister &(= contain 0 ?la"s that determine ho the system is "oin" to ?unction. This status re"ister has 1 ?la" that e are 'articularly interested inB the D6rotected 4ode 9nableD ?la" 7698. Here are the "eneral ste's to enterin" 'rotected modeB 1. 2. 3. -. 0. 3. ;. &reate a Galid 5%T 75lobal %escri'tor Table8 &reate a 3 byte 'seudo<descri'tor to 'oint to the 5%T I? 'a"in" is "oin" to be usedC load &(3 ith a >alid 'a"e tableC 6%6(C or 64L-. I? 6A9 76hysical Address 9,tension8 is "oin" to be usedC set &(-.6A9 U 1. I? s itchin" to lon" modeC set IA32Y9F9(.L49 U 1. %isable Interru'ts 7&LI8. Load an I%T 'seudo<descri'tor that has a null limit 7this 're>ents the real mode I%T ?rom bein" used in 'rotected mode8 2. +et the 69 bit 7and the 65 bit i? 'a"in" is "oin" to be enabled8 o? the 4+W or &(= re"ister L. 9,ecute a ?ar @um' 7in case o? s itchin" to lon" modeC e>en i? the destination code se"ment is a 3-<bit code se"mentC the o??set must not e,ceed 32<bit since the ?ar @um' instruction is e,ecuted in com'atibility mode8 1=.Load data se"ment re"isters ith >alid selector7s8 to 're>ent 56 e,ce'tions hen interru'ts ha''en 11.Load ++B798+6 ith a >alid stack 12.Load an I%T 'seudo<descri'tor that 'oints to the I%T 13.9nable Interru'ts. Follo in" cha'ters ill talk more about these ste's.
5nterin& Lon& 0ode

To enter Lon" 4ode on an 3-<bit ,23 'rocessor 7,23<3-8B 1. I? 'a"in" is enabledC disable 'a"in". 2. I? &(-.6A9 is not already setC set it.
3. -. 0. 3.
+et IA32Y9F9(.L49 U 1. Load &(3 ith a >alid 64L- table. 9nable 'a"in". At this 'oint you ill be in com'atiblity mode. A ?ar @um' may be e,ecuted to s itch to lon" mode. Ho e>erC the o??set must not e,ceed 32<bit.
,sin& the C* *e&isters

The &( re"isters may only be accessed in 'rotected mode. For this reasonC 'a"in" and task<s itchin" can only be 'er?ormed by the 'rocessor hen in 'rotected mode.
C*8
The &(= (e"ister has 3 bits that are o? interest to us. The lo 0 bits o? the &(= re"isterC and the hi"hest bit. Here is a re'resentation o? &(=B
CD0: TLNT5555DF%FD<F$5555TF+T+%TFSTSLTLFT
We reco"ni#e the 69 ?la" as bein" the ?la" that 'uts the system into 'rotected mode. 65 The 65 ?la" turns on memory 'a"in". We ill talk more about that in a second. 46 The D4onitor &o'rocessorD ?la". This ?la" controls the o'eration o? the DWAITD instruction. 9T The 9,tension Ty'e Fla". 9T 7also called D(D8 tells us hich ty'e o? co'rocessor is installed. I? 9T U =C an 2=22; is installed. i? 9T U 1C an 2=32; is installed. 94 The 9mulate Fla". When this ?la" is setC co'rocessor instructions ill "enerate an e,ce'tion. T+ The Task + itched ?la". This ?la" is set automatically hen the 'rocessor s itches to a ne task.
C*<
&(2 contains a >alue called the 2a&e Fault Linear Address 76FLA8. When a 'a"e ?ault occursC the address accessed is stored in &(2.
C*;
The u''er 2= bits o? &(3 are called the 2a&e )irectory "ase *e&ister 76%B(8. The 6%B( holds the 'hysical address o? the 'a"e directory.
C*=
&(- contains se>eral ?la"s controllin" ad>anced ?eatures o? the 'rocessor.
2a&in&
6a"in" is a s'ecial @ob that the micro'rocessor ill 'er?ormC in order to make the a>ailable amount o? memory in a system a''ear lar"er than it actually isC and be more dynamic than it actually is. In a 'a"in" systemC a certain amount o? s'ace is laid aside on the harddri>e 7or on any secondary stora"e8 called the pa&in& 6ile 7or s$ap partition8. The 'hysical (A4C combined ith this 'a"in" ?ile are called the ?irtual memory o? the system. The total >irtual memory is broken do n into chunks or pa&es o? memoryC each usually bein" -=L3 bytes 7althou"h this number can be di??erent on di??erent systems8. These 'a"es can then be mo>ed around throu"hout the >irtual memoryC and all 'ointers inside those 'a"es ill be automatically u'dated to 'oint to the ne locations by re?erencin" them to a "lobal 'a"in" directoryC that the micro'rocessor maintains. The 'ointer to the current 'a"in" directory is stored in the &(3 re"ister. 'a"es that aren:t in ?reAuent use may be mo>ed to the 'a"in" ?ile on the harddisk dri>eC to ?ree u' s'ace in the 'hysical (A4 ?or 'a"es that need to be accessed more ?reAuentlyC or that reAuire ?aster access. (eadin" and ritin" 'a"es to the harddri>e is a slo o'erationC and ?reAuent 'a"in" may increase the strain on the diskC so in some systems ith older dri>esC it may be a "ood 'recaution to turn the 'a"in" ca'abilities o? the 'rocessor o??. This is accom'lished by to""lein" the 65 ?la" in the &(= re"ister. A pa&e 6ault occurs hen the system attem'ts to read ?rom a 'a"e that is marked as Dnot 'resentD in the 'a"in" directory)tableC hen the system attem'ts to rite data beyond the boundaries o? a currently a>ailable 'a"eC or hen any number o? other errors occur in the 'a"in" system. When a 'a"e ?ault occursC the accessed memory address is stored in the &(2 re"ister.
%ther 0odes
In addition to realC 'rotectedC and lon" modesC there are other modes that ,23 'rocessors can enterC ?or di??erent uses B
< Girtual 4odeB This is a mode in hich a''lication so?t are that as ritten to run in real mode is e,ecuted under the su'er>ision o? a 'rotected<modeC multi<taskin" !+. < +ystem 4ana"ement 4odeB This mode enables the 'rocessor to 'er?orm system tasksC ?or instance 'o er mana"ement relatedC ithout disru'tin" the o'eratin" system or other so?t are.
1lobal )escriptor !able
x86 Assembly
The 5lobal %escri'tor Table 75%T8 is a table in memory that de?ines the actions o? the 'rocessor se"ment re"isters. The 5%T ill de?ine the characteristics o? the di??erent se"ment re"istersC it ill de?ine the characteristics o? "lobal memoryC and it hel's to ensure that the 'rotected mode o'erates smoothly.
1)!*
The 5%T is 'ointed to by a s'ecial re"ister in the ,23 chi'C the 1)! *e&isterC or sim'ly the 5%T(. The 5%T( is -2 bits lon". The lo er 13 bits tell the si#e o? the 5%TC and the u''er 32 bits tell the location o? the 5%T in memory. Here is a layout o? the 5%T(B
TLUSU+T5555@#%F5555T
LI4IT is the si#e o? the 5%TC and BA+9 is the startin" address. LI4IT is 1 less than the len"th o? the tableC so i? LI4IT has the >alue 10C then the 5%T is 13 bytes lon". To load the 5%T(C the instruction L1)! is usedB
lgdt gdtr"
.ote that to com'lete the 'rocess o? loadin" a ne 5%TC the se"ment re"isters need to be reloaded. The C- re"ister must be loaded usin" a ?ar @um'B
flus!(gdt: lgdt gdtr" jmp 0x0;:complete(flus! complete(flus!: mov ax, 0x10 mov ds, ax mov es, ax mov fs, ax mov gs, ax mov ss, ax ret
1)!
The 5%T table contains a number o? entries called -e&ment )escriptors. 9ach is 2 bytes lon" and contains in?ormation on the startin" 'oint o? the se"mentC the len"th o? the se"mentC and the access ri"hts o? the se"ment. The ?ollo in" .A+4<synta, code re'resents a sin"le 5%T entryB
struc gdt(entr'(struct limit(lo,: base(lo,: resb 2 resb 2
base(middle: access: granularit': base(!ig!: endstruc
resb resb resb resb
1 1 1 1
L)!
9ach se'arate 'ro"ram ill recei>eC ?rom the o'eratin" systemC a number o? di??erent memory se"ments ?or use. The characteristics o? each local memory se"ment are stored in a data structure called the Local )escriptor !able 7L%T8. The 5%T contains 'ointers to each L%T.
Ad?anced Interrupts
x86 Assembly
In the cha'ter on Interru'tsC e mentioned the ?act that there are such a thin" as so?t are interru'tsC and they can be installed by the system. This 'a"e ill "o more in<de'th about that 'rocessC and ill talk about ho I+(s are installedC ho the system ?inds the I+(C and ho the 'rocessor actually 'er?orms an interru't. Wiki'edia has related in?ormation at Interrupt.
Interrupt -er?ice *outines

The actual code that is in>oked hen an interru't occurs is called the Interrupt -er?ice *outine 7I+(8. When an e,ce'tion occursC or a 'ro"ram in>okes an interru'tC or the hard are raises an interru'tC the 'rocessor ill use one o? se>eral methods 7to be discussed8 to trans?er control to the I+(C hilst allo in" the I+( to sa?ely return control to hate>er it interru'ted. At leastC FLA5+ and &+BI6 ill be sa>edC and the I+(:s &+BI6 ill be loadedC ho e>er some mechanisms cause a ?ull task s itch to occur be?ore the I+( be"ins 7and another task s itch hen it ends8.
!he Interrupt Lector !able

In the ori"inal 2=23 'rocessor 7the same holds ?or all ,23 'rocessors in (eal 4ode8C the Interrupt Lector !able controlled the ?lo into an I+(. The IGT started at memory address =,==C and could "o as hi"h as =,3FFC ?or a ma,imum number o? 203 I+(s 7ran"in" ?rom interru't = to 2008. 9ach entry in the IGT contained 2 ords o? dataB A >alue ?or I6C and a >alue ?or &+ 7in that order8. For e,am'leC let:s say that e ha>e the ?ollo in" interru'tB
int 10!
When e tri""er the interru'tC the 'rocessor "oes to the 2=th location in the IGT 71-h U 2=8. +ince each table entry is - bytes 72 bytes I6C 2 bytes &+8C the micro'rocessor ould "o to location O-T1-HPUO0=HP. At location 0=H ould be the ne I6 >alueC and at location 02H ould be the ne &+ >alue. Hard are and so?t are interru'ts ould all be stored in the IGTC so installin" a ne I+( is as easy as ritin" a ?unction 'ointer into the IGT. In ne er ,23 modelsC the IGT as re'laced ith the Interru't %escri'tor Table. When interru'ts occur in real modeC the FLA5+ re"ister is 'ushed onto the stackC ?ollo ed by &+C then I6. The iret instruction restores &+BI6 and FLA5+C allo in" the interru'ted 'ro"ram to continue una??ected. For hard are interru'tsC all other re"isters 7includin" the "eneral<'ur'ose re"isters8 m st be e,'licitly 'reser>ed 7e.". i? an interru't
routine makes use o? A1C it should 'ush A1 hen it be"ins and 'o' A1 hen it ends8. It is "ood 'ractice ?or so?t are interru'ts to 'reser>e all re"isters e,ce't those containin" return >alues. 4ore im'ortantlyC any re"isters that are modi?ed must be documented.
!he Interrupt )escriptor !able

+ince the 223 but e,tended on the 323C interru'ts may be mana"ed by a table in memory called the Interrupt )escriptor !able 7I%T8. The I%T only comes into 'lay hen the 'rocessor is in 'rotected mode. 4uch like the IGTC the I%T contains a listin" o? 'ointers to the I+( routinesC ho e>erC there are no three ays to in>oke I+(sB
Task 5atesB These cause a task s itchC allo in" the I+( to run in its o n conte,t 7 ith its o n L%TC etc.8. .ote that I(9T may still be used to return ?rom the I+(C since the 'rocessor sets a bit in the I+(:s task se"ment that causes I(9T to 'er?orm a task s itch to return to the 're>ious task. Interru't 5atesB These are similar to the ori"inal interru't mechanismC 'lacin" 9FLA5+C &+ and 9I6 on the stack. The I+( may be located in a se"ment o? eAual or hi"her 'ri>ile"e to the currently e,ecutin" se"mentC but not o? lo er 'ri>ile"e 7hi"her 'ri>ile"es are n merically lo%erC ith le>el = bein" the hi"hest 'ri>ile"e8. Tra' 5atesB These are identical to interru't "atesC e,ce't do not clear the interru't ?la".
The ?ollo in" .A+4 structure re'resents an I%T entryB

struc idt(entr'(struct base(lo,: sel: al,a's0: flags: base(!ig!: endstruc resb resb resb resb resb 2 2 1 1 2
Field baseJlo Lo $ sel
Interrupt 1ate
!rap 1ate
!ask 1ate
ord o? entry address o? I+(
*nused
+e"ment selector o? I+( Bits 0C 3C and ; should be =. Bits =<- are unused and can be le?t as #ero.
T++ descri'tor *nusedC can be le?t as #ero.
al$ays8
6la&s
Lo 0 bits are 74+B ?irst8B =111=C bits 0 and 3 ?orm the %6LC bit ; is the 6resent bit.
Lo 0 bits are 74+B ?irst8B =1111C bits 0 and 3 ?orm the %6LC bit ; is the 6resent bit.
Lo 0 bits are 74+B ?irst8B ==1=1C bits 0 and 3 ?orm the %6LC bit ; is the 6resent bit.
baseJhi Hi"h ord o? entry address o? I+( &h hereB

*nused
%6L is the %escri'tor 6ri>ile"e Le>el 7= to 3C ith = bein" hi"hest 'ri>ile"e8 The 6resent bit indicates hether the se"ment is 'resent in (A4. I? this bit is =C a -e&ment .ot 2resent ?ault 79,ce'tion 118 ill ensue i? the interru't is tri""ered.
These I+(s are usually installed and mana"ed by the o'eratin" system. !nly tasks ith su??icient 'ri>ile"e to modi?y the I%T:s contents may directly install I+(s. The I+( itsel? must be 'laced in a''ro'riate se"ments 7andC i? usin" task "atesC the a''ro'riate T++ must be set u'8C 'articularly so that the 'ri>ile"e is ne>er lo er than that o? e,ecutin" code. I+(s ?or un'redictable interru'ts 7such as hard are interru'ts8 should be 'laced in 'ri>ile"e le>el = 7 hich is the hi"hest 'ri>ile"e8C so that this rule is not >iolated hile a 'ri>ile"e<= task is runnin". .ote that I+(sC 'articularly hard are<tri""ered onesC should al%ays be 'resent in memory unless there is a "ood reason ?or them not to be. 4ost hard are interru'ts need to be dealt ith 'rom'tlyC and s a''in" causes si"ni?icant delay. AlsoC some hard are I+(s 7such as the hard disk I+(8 mi"ht be re& ired durin" the s a''in" 'rocess. +ince hard are<tri""ered I+(s interru't 'rocesses at un'redictable timesC de>ice dri>er 'ro"rammers are encoura"ed to kee' I+(s >ery short. !?ten an I+( sim'ly or"anises ?or a kernel task to do the necessary orkM this kernel task ill be run at the ne,t suitable o''ortunity. As a result o? thisC hard are<tri""ered I+(s are "enerally >ery small and little is "ained by s a''in" them to the disk. Ho e>erC it may be desirable to set the 'resent bit to =C e>en thou"h the I+( actually is 'resent in (A4. The !+ can use the +e"ment .ot 6resent handler ?or some other ?unctionC ?or instance to monitor interru't calls.
I)! *e&ister
The ,23 contains a re"ister hose @ob is to kee' track o? the I%T. This re"ister is called the I)! *e&isterC or sim'ly DI%T(D. the I%T re"ister is -2 bits lon". The lo er 13 bits are called the LI4IT section o? the I%T(C and the u''er 32 bits are called the BA+9 section o? the I%T(B
TLUSU+T5555@#%F5555T
The BA+9 is the base address o? the I%T in memory. The I%T can be located any here in memoryC so the BA+9 needs to 'oint to it. The LI4IT ?ield contains the current len"th o? the I%T. To load the I%T(C the instruction LI)! is usedB
lidt idtr"
Interrupt Instructions
int ar"
calls the s'eci?ied interru't
into 8x8=
calls interru't - i? the o>er?lo ?la" is set
iret
returns ?rom an interru't ser>ice routine 7I+(8.
)e6ault I-*
A "ood 'ro"rammin" 'ractice is to 'ro>ide a de?ault I+( that can be used as 'laceholder ?or unused interru'ts. This is to 're>ent e,ecution o? random code i? an unreco"ni#ed interru't is raised. The de?ault I+( can be as sim'le as a sin"le iret instruction. .ote ho e>er that under %!+ 7 hich is in real mode8C certain IGT entries contain 'ointers to im'ortantC but not necessarily e,ecutableC locations. For instanceC entry =,1% is a ?ar 'ointer to a >ideo initialisation 'arameter table ?or >ideo controllersC entry =,1F is a 'ointer to the "ra'hical character bitma' table.
)isablin& Interrupts
In ,23C interru'ts can be disabled usin" the cli command. This command takes no ar"uments. To enable interru'tsC the 'ro"rammer can use the sti command. Interru'ts need to be disabled hen 'er?ormin" im'ortant system tasksC because you don:t ant the 'rocessor to o'erate in an unkno n state. For instanceC hen enterin" 'rotected modeC e ant to disable interru'tsC because e ant the 'rocessor to s itch to 'rotected mode
be?ore anythin" else ha''ens. Another thin" you may ant to do is load an I%T 'seudo< descri'tor ith a null limit i? ?or e,am'leC you are s itchin" to real<mode to 'rotected mode because the I%T ?ormat is di??erent bet een the t o modes.
"ootloaders
x86 Assembly
Wiki'edia has related in?ormation at )ootloa(er. When a com'uter is turned onC there is some bee'in"C and some ?lashin" li"htsC and then a loadin" screen a''ears. And then ma"icallyC the o'eratin" system loads into memory. The Auestion is then raisedC ho does the o'eratin" system load u'? What "ets the ball rollin"? The ans er is DBootloadersD.
What is a "ootloader
Bootloaders are small 'ieces o? so?t are that 'lay a role in "ettin" an o'eratin" system loaded and ready ?or e,ecution hen a com'uter is turned on. The ay this ha''ens >aries bet een di??erent com'uter desi"ns 7early com'uters o?ten reAuired a 'erson to manually set the com'uter u' hene>er it as turned on8C and o?ten there are se>eral sta"es in the 'rocess o? boot loadin". !n IB4 6& com'atiblesC the ?irst 'ro"ram to load is the Basic In'ut)!ut'ut +ystem 7BI!+8. The BI!+ 'er?orms many tests and initialisationsC then the BI!+ boot loader be"ins. Its 'ur'ose is to load another boot loaderW It selects a disk 7or some other stora"e media8 ?rom hich it loads a secondary boot loader. This boot loader ill either load yet another boot loader some here elseC or load enou"h o? an !'eratin" +ystem to start runnin" it. The main ?ocus o? this article ill be the ?inal sta"e be?ore the !+ is loaded. +ome tasks that this last boot loader may 'er?ormB

Allocate more stack s'ace 9stablish a 5%T 9nter 6rotected 4ode Load the /ernel
Bootloaders are almost e,clusi>ely ritten in assembly lan"ua"e 7or e>en machine code8C because they need to be com'actC they don:t ha>e access to !+ routines 7such as memory allocation8 that other lan"ua"es mi"ht reAuireC they need to ?ollo some unusual reAuirementsC and they bene?it ?rom 7or reAuire8 access to some lo <le>el ?eatures. 4any bootloaders ill be >ery sim'leC and ill only load the kernel into memoryC lea>in" the kernel:s initialisation 'rocedure to create a 5%T and enter 'rotected mode. I? the 5%T is >ery lar"e or com'licatedC the bootloader may not be 'hysically lar"e enou"h to create it. +ome boot loaders are hi"hly !+<s'eci?icC hile others are less so < certainly the BI!+ boot loader is not !+<s'eci?ic. The 4+<%!+ boot loader 7 hich as 'laced on all 4+< %!+ ?ormatted ?lo''y disks8 sim'ly checks i? the ?iles I%E-C- and 0-)%-E-C- e,istM
i? they are not 'resent it dis'lays the error D.on<+ystem disk or disk errorD other ise it loads and be"ins e,ecution o? I%E-C-.
!he "ootsector
The ?irst 012 bytes o? a disk are kno n as the bootsector or 0aster "oot *ecord. The boot sector is an area o? the disk reser>ed ?or bootin" 'ur'oses. I? the bootsector o? a disk contains a >alid boot sector 7the last ord o? the sector must contain the si"nature =,AA008C then the disk is treated by the BI!+ as bootable.
!he "oot 2rocess

When s itched on or resetC an ,23 'rocessor be"ins e,ecutin" the instructions it ?inds at address F===BFFF= 7at this sta"e it is o'eratin" in *eal 0ode8. In IB4 6& com'atiblesC this address is ma''ed to a (!4 chi' that contains the com'uter:s Basic In'ut)!ut'ut +ystem 7BI!+8 code. The BI!+ is res'onsible ?or many tests and initialisationsM ?or instance the BI!+ may 'er?orm a memory testC initialise the 6I& and system timerC and test that these de>ices are orkin". 9>entually the actual boot loadin" be"ins < ?irst the BI!+ searches ?or and initialises a>ailable stora"e media 7such as ?lo''y dri>esC hard disksC &% dri>es8C then it decides hich o? these it ill attem't to boot ?rom. It checks each de>ice ?or a>ailability 7e.". ensurin" a ?lo''y dri>e contains a disk8C then the =,AA00 si"natureC in some 'rede?ined order 7o?ten the order is con?i"urable usin" the BI!+ setu' tool8. It loads the ?irst sector o? the ?irst bootable de>ice it comes across into (A4C and initiates e,ecution. IdeallyC this ill be another boot loaderC and it ill continue the @obC makin" a ?e 're'arationsC then 'assin" control to somethin" else. While BI!+es remains com'atible ith 2= year old so?t areC they ha>e also become more so'histicated o>er time. 9arly BI!+es could not boot ?rom &% dri>esC but no &% and e>en %G% bootin" are becomin" standard BI!+ ?eatures. Bootin" ?rom *+B stora"e de>ices is also 'ossibleC and some systems can boot ?rom o>er the net ork. To achie>e such ad>anced ?unctionin"C BI!+es sometimes enter 'rotected mode and the likeM but then return to real mode in order to be com'atible ith le"acy boot loaders. This creates a chicken<and<e"" 'roblemB bootloaders are ritten to ork ith the ubiAuitous BI!+C and BI!+es are ritten to su''ort all those bootloadersC 're>entin" much in the ay o? ne ?eatures in the ay o? boot loadin". Ho e>erC a ne bootstra' technolo"yC the 9FIC is be"innin" to "ain momentum. It is much more so'histicated and ill not be discussed in this article. .ote also that other com'uter systems < e>en some that use ,23 'rocessors < may boot in
di??erent ays. IndeedC some embedded systems hose so?t are is com'act enou"h to be stored on (!4 chi's may not need bootloaders at all.
-peci6ications
A bootloader runs under certain conditions that the 'ro"rammer must a''reciate in order to make a success?ul bootloader. The ?ollo in" 'ertains to bootloaders initiated by the 6& BI!+B 1. The ?irst sector o? a dri>e contains its boot loader. 2. !ne sector is 012 bytes < the last t o bytes m st be =,AA00 7i.e. =,00 ?ollo ed by =,AA8C or else the BI!+ ill treat the dri>e as unbootable. 3. I? e>erythin" is in orderC said ?irst sector ill be 'laced at (A4 address ====B;&==C and the BI!+:s role is o>er as it trans?ers control to ====B;&==. 7I.e. it I46s to that address8 -. &+C %+ and 9+ ill be set to ====. 0. There are some con>entions that need to be res'ected i? the disk is to be readable under certain o'eratin" systems. For instance you may ish to include a BI!+ 6arameter Block on a ?lo''y disk to render the disk readable under most 6& o'eratin" systems 7thou"h you must also ensure the rest o? the disk holds a >alid FAT12 ?ile system as ell8. 3. While standard routines installed by the BI!+ are a>ailable to the bootloaderC the o'eratin" system has not been loaded yetC and you cannot rely on loaders or !+ memory mana"ement. Any data the boot loader needs must either be included in the ?irst sector 7be care?ul not to e,ecute itW8 or manually loaded ?rom another sector o? the diskC to some here in (A4. Because the !+ is not runnin" yetC most o? the (A4 ill be unusedC ho e>er you must take care not to inter?ere ith (A4 that may be reAuired by interru'ts. ;. The !+ code itsel? 7or the ne,t bootloader8 ill need to loaded some here into (A4 as ell. 2. The 012<byte stack allocated by the BI!+ may be too small ?or some 'ur'oses 7remember that unless interru'ts are disabledC they can ha''en at any time8. It may be necessary to create a lar"er stack. 4ost assemblers ill ha>e a command or directi>e similar to !(5 ;&==h that in?orms the assembler that the code ill be loaded startin" at o??set ;&==h. The assembler ill take this into account hen calculatin" instruction and data addresses. *sin" this ill make it easier to use 'rocedures and data ithin the bootloader 7you ill not need to add ;&== to all the addresses8. Another o'tion is to set some se"ment re"isters to =;&=hC so that the o??sets actually start at = relati>e to those se"ment. AlsoC some bootloaders co'y themsel>es to other locations in (A4. *suallyC the bootloader ill load the kernel into memoryC and then @um' to the kernel. The kernel ill then be able to reclaim the memory used by the bootloader 7because it has already 'er?ormed its @ob8. Ho e>er it is not im'ossible to include !+ code ithin the
boot sector and kee' it resident a?ter the !+ be"ins. Here is a sim'le boot sector demo desi"ned ?or .A+4B
6DN .C00! VSL s!ort %+#D+ ;Vump over t!e data 1t!e Ws!ortW Re',ord maRes t!e VSL code smaller2 S%N: $@ >?ello MorldJ > FC$S%N: %+#D+: S6< CE, 1 S6< @E, 000-! E6D $E, $E ;Mrite 1 c!aracter ;Colour attribute 1) 1,!ite2 ;%tart at top left corner
L1: S6< %U, S%N ;Loads t!e address of t!e first b'te of t!e message 1Un t!is case, .C02!2 L2: S6< #?, 02 UC+ 10! ;%et cursor position L6$%@ ;Load a b'te of t!e message into #L. ;Demember t!at $% is 0 and %U !olds t!e ;offset of one of t!e b'tes of t!e message. S6< #?, / UC+ 10! ;Mrite c!aracter UCC $L ;#dvance cursor CSL $L, ;0 ;Mrap around edge of screen VCF %XUL E6D $L, $L UCC $? CSL $?, 2) ;Mrap around bottom of screen VCF %XUL E6D $?, $? %XUL: ;Uf ,eWre not at end of message, continue ;loading c!aracters ot!er,ise return %U ;to t!e start of t!e message CSL %U, FC$S%N VCF L2 VSL L1 +USF% 0200! 5 2 5 18 5 882 $@ 0 ;Yerofill up to )10 b'tes $M 0##))! ;@oot %ector signature ;6L+U6C#L: ;+o Yerofill up to t!e si=e of a standard 1.00S@, 3.)> flopp' disR ;+USF% 10.0)*0 5 18 5 882 $@ 0
To com'ile the abo>e ?ileC su''ose it is called :?lo''y.asm:C you can use ?ollo in" commandB
nasm 5f bin 5o flopp'.img flopp'.asm
While strictly s'eakin" this is not a bootloaderC it is bootableC and demonstrates se>eral thin"sB

Ho to include and access data in the boot sector Ho to ski' o>er included data 7this is reAuired ?or a BI!+ 6arameter Block8 Ho to 'lace the =,AA00 si"nature at the end o? the sector 7also .A+4 ill
issue an error i? there is too much code to ?it in a sector8 The use o? BI!+ interru'ts
!n Linu,C you can issue a command like

cat flopp'.img H 3dev3fd0
to rite the ima"e to the ?lo''y disk 7the ima"e may be smaller than the si#e o? the disk in hich case only as much in?ormation as is in the ima"e ill be ritten to the disk8. *nder Windo s you can use so?t are such as (AW(IT9.
#ard disks
Hard disks usually add an e,tra layer to this 'rocessC since they may be 'artitioned. The ?irst sector o? a hard disk is kno n as the 4aster Boot (ecord 74B(8. &on>entionallyC the 'artition in?ormation ?or a hard disk is included at the end o? the 4B(C @ust be?ore the =,AA00 si"nature. The role o? the BI!+ is no di??erent to be?oreB to read the ?irst sector o? the disk 7that isC the 4B(8 into (A4C and trans?er e,ecution to the ?irst byte o? this sector. The BI!+ is obli>ious to 'artitionin" schemes < all it checks ?or is the 'resence o? the =,AA00 si"nature. While this means that one can use the 4B( in any ay one ould like 7?or instanceC omit or e,tend the 'artition table8 this is seldom done. %es'ite the ?act that the 'artition table desi"n is >ery old and limited < it is limited to ?our 'artitions < >irtually all o'eratin" systems ?or IB4 6& com'atibles assume that the 4B( ill be ?ormatted like this. There?ore to break ith con>ention is to render your disk ino'erable e,ce't to o'eratin" systems s'eci?ically desi"ned to use it. In 'racticeC the 4B( usually contains a boot loader hose 'ur'ose is to load another boot loader < to be ?ound at the start o? one o? the 'artitions. This is o?ten a >ery sim'le 'ro"ram hich ?inds the ?irst 'artition marked ActiveC loads its ?irst sector into (A4C and commences its e,ecution. +ince by con>ention the ne boot loader is also loaded to adress ;&==hC the old loader may need to relocate all or 'art o? itsel? to a di??erent location be?ore doin" this. AlsoC 9+B+I is e,'ected to contain the address in (A4 o? the 'artition tableC and %L the boot dri>e number. Breakin" such con>entions may render a bootloader incom'atible ith other bootloaders. Ho e>erC many boot mana"ers Oso?t are that enables the user to select a 'artitionC and sometimes e>en kernelC to boot ?romP use custom 4B( code hich loads the remainder o? the boot mana"er code ?rom some here on diskC then 'ro>ides the user ith o'tions on ho to continue the bootstra' 'rocess. It is also 'ossible ?or the boot mana"er to reside ithin a 'artitionC in hich case it must ?irst be loaded by another boot loader.
4ost boot mana"ers su''ort chain loadin" 7that isC startin" another boot loader >ia the usual ?irst<sector<o?<'artition<to<address<;&== 'rocess8 and this is o?ten used ?or systems such as %!+ and Windo s. Ho e>erC some boot mana"ers 7notably 5(*B8 su''ort the loadin" o? a user<selected kernel ima"e. This can be used ith systems such as 5.*)Linu, and +olarisC allo in" more ?le,ibility in startin" the system. The mechanism may di??er some hat ?rom that o? chain loadin". &learlyC the 'artition table 'resents a chicken<and<e"" 'roblem that is 'lacin" unreasonable limitations on 'artitionin" schemes. !ne solution "ainin" momentum is the 5*I% 6artition TableM it uses a dummy 4B( 'artition table so that le"acy o'eratin" systems ill not inter?ere ith the 56TC hile ne er o'eratin" systems can take ad>anta"e o? the many im'ro>ements o??ered by the system.
5xample o6 a "oot Loader -- Linux /ernel ?8E8:

T T T T T T T T T T T T T T T T T T T T T T T T T T T T T T T boot.s boot.s is loaded at 0x.c00 b' t!e bios5startup routines, and moves itself out of t!e ,a' to address 0x/0000, and jumps t!ere. Ut t!en loads t!e s'stem at 0x10000, using @U6% interrupts. +!ereafter it disables all interrupts, moves t!e s'stem do,n to 0x0000, c!anges to protected mode, and calls t!e start of s'stem. %'stem t!en must DF5initiali=e t!e protected mode in itWs o,n tables, and enable interrupts as needed. C6+FJ currentl' s'stem is at most ;4*))3* b'tes long. +!is s!ould be no problem, even in t!e future. U ,ant to Reep it simple. +!is )12 R@ Rernel si=e s!ould be enoug! 5 in fact more ,ould mean ,eWd !ave to move not just t!ese start5up routines, but also do somet!ing about t!e cac!e5 memor' 1blocR U6 devices2. +!e area left over in t!e lo,er *00 R@ is meant for t!ese. Co ot!er memor' is assumed to be >p!'sical>, ie all memor' over 1Sb is demand5paging. #ll addresses under 1Sb are guaranteed to matc! t!eir p!'sical addresses. C6+F1 abouve is no longer valid in itWs entiret'. cac!e5memor' is allocated above t!e 1Sb marR as ,ell as belo,. 6t!er,ise it is mainl' correct. C6+F 2J +!e boot disR t'pe must be set at compile5time, b' setting t!e follo,ing eBu. ?aving t!e boot5up procedure !unt for t!e rig!t disR t'pe is severe brain5damage. +!e loader !as been made as simple as possible 1!ad to, to get it in )12 b'tes ,it! t!e code to move to protected mode2, and continuos read errors ,ill result in a unbreaRable loop. Deboot b' !and. Ut loads prett' fast b' getting ,!ole sectors at a time ,!enever possible.
T 1.00Sb disRs: sectors 7 1; T 1.2Sb disRs: T sectors 7 1) T .20R@ disRs: T sectors 7 / .globl begtext, begdata, begbss, endtext, enddata, endbss .text
begtext: .data begdata: .bss begbss: .text @66+%FN UCU+%FN %Z%%FN FC$%FN 7 7 7 7 0x0.c0 0x/000 0x1000 %Z%%FN & %Z%%UYF
T s'stem loaded at 0x10000 1*))3*2.
entr' start start: mov mov mov mov mov sub sub rep mov, jmpi go: mov mov mov mov mov mov xor int mov mov mov mov int
ax,:@66+%FN ds,ax ax,:UCU+%FN es,ax cx,:2)* si,si di,di go,UCU+%FN ax,cs ds,ax es,ax ss,ax sp,:0x000 a!,:0x03 b!,b! 0x10 cx,:20 bx,:0x000. bp,:msg1 ax,:0x1301 0x10
T arbitrar' value HH)12 T read cursor pos
T page 0, attribute . 1normal2 T ,rite string, move cursor
T oR, ,eWve ,ritten t!e message, no, T ,e ,ant to load t!e s'stem 1at 0x100002 mov mov call call ax,:%Z%%FN es,ax read(it Rill(motor T segment of 0x010000
T if t!e read ,ent ,ell ,e get current cursor position ans save it for T posterit'. mov xor int mov a!,:0x03 b!,b! 0x10 )10",dx T read cursor pos T save it in Rno,n place, con(init fetc!es T it from 0x/0)10.
T no, ,e ,ant to move to protected mode ... cli T no interrupts allo,ed J
T first ,e move t!e s'stem to itWs rig!tful place mov cld do(move: mov add cmp j= mov sub ax,:0x0000 es,ax ax,:0x1000 ax,:0x/000 end(move ds,ax di,di T WdirectionW70, movs moves for,ard T destination segment
T source segment
sub mov rep movs, j
si,si cx,:0x;000 do(move
T t!en ,e load t!e segment descriptors end(move: mov mov lidt lgdt ax,cs ds,ax idt(0; gdt(0; T rig!t, forgot t!is at first. didnWt ,orR :52 T load idt ,it! 0,0 T load gdt ,it! ,!atever appropriate
T t!at ,as painless, no, ,e enable #20 call mov out call mov out call T T T T T T T empt'(;002 al,:0x$1 :0x*0,al empt'(;002 al,:0x$:0x*0,al empt'(;002 T command ,rite T #20 on
,ell, t!at ,ent oR, U !ope. Co, ,e !ave to reprogram t!e interrupts :51 ,e put t!em rig!t after t!e intel5reserved !ard,are interrupts, at int 0x2050x2-. +!ere t!e' ,onWt mess up an't!ing. %adl' U@S reall' messed t!is up ,it! t!e original LC, and t!e' !avenWt been able to rectif' it after,ards. +!us t!e bios puts interrupts at 0x0;50x0f, ,!ic! is used for t!e internal !ard,are interrupts as ,ell. Me just !ave to reprogram t!e ;2)/Ws, and it isnWt fun. mov out .,ord out .,ord mov out .,ord mov out .,ord mov out .,ord mov out .,ord mov out .,ord out .,ord mov out .,ord out al,:0x11 :0x20,al 0x00eb,0x00eb :0x#0,al 0x00eb,0x00eb al,:0x20 :0x21,al 0x00eb,0x00eb al,:0x2; :0x#1,al 0x00eb,0x00eb al,:0x00 :0x21,al 0x00eb,0x00eb al,:0x02 :0x#1,al 0x00eb,0x00eb al,:0x01 :0x21,al 0x00eb,0x00eb :0x#1,al 0x00eb,0x00eb al,:0x-:0x21,al 0x00eb,0x00eb :0x#1,al T T T T initiali=ation seBuence send it to ;2)/#51 jmp 8&2, jmp 8&2 and to ;2)/#52
T start of !ard,are intWs 10x202 T start of !ard,are intWs 2 10x2;2 T ;2)/51 is master T ;2)/52 is slave T ;0;* mode for bot!
T masR off all interrupts for no,
T T T T T T T T T
,ell, t!at certainl' ,asnWt fun :51. ?opefull' it ,orRs, and ,e donWt need no steenRing @U6% an',a' 1except for t!e initial loading :52. +!e @U6%5routine ,ants lots of unnecessar' data, and itWs less >interesting> an',a'. +!is is !o, DF#L programmers do it. Mell, no,Ws t!e time to actuall' move into protected mode. +o maRe t!ings as simple as possible, ,e do no register set5up or an't!ing, ,e let t!e gnu5compiled 325bit programs do t!at. Me just jump to absolute address 0x00000, in 325bit protected mode. mov ax,:0x0001 T protected mode 1LF2 bit
lms, jmpi
ax 0,;
T +!is is itJ T jmp offset 0 of segment ; 1cs2
T +!is routine c!ecRs t!at t!e Re'board command Bueue is empt' T Co timeout is used 5 if t!is !angs t!ere is somet!ing ,rong ,it! T t!e mac!ine, and ,e probabl' couldnWt proceed an',a'. empt'(;002: .,ord 0x00eb,0x00eb in al,:0x*0 T ;002 status port test al,:2 T is input buffer full[ jn= empt'(;002 T 'es 5 loop ret T +!is routine loads t!e s'stem at address 0x10000, maRing sure T no *0R@ boundaries are crossed. Me tr' to load it as fast as T possible, loading ,!ole tracRs ,!enever ,e can. T T in: es 5 starting address segment 1normall' 0x10002 T T +!is routine !as to be recompiled to fit anot!er drive t'pe, T just c!ange t!e >sectors> variable at t!e start of t!e file T 1originall' 1;, for a 1.00Sb drive2 T sread: .,ord 1 T sectors read of current tracR !ead: .,ord 0 T current !ead tracR: .,ord 0 T current tracR read(it: mov ax,es test ax,:0x0fff die: jne die T es must be at *0R@ boundar' xor bx,bx T bx is starting address ,it!in segment rp(read: mov ax,es cmp ax,:FC$%FN T !ave ,e loaded all 'et[ jb oR1(read ret oR1(read: mov ax,:sectors sub ax,sread mov cx,ax s!l cx,:/ add cx,bx jnc oR2(read je oR2(read xor ax,ax sub ax,bx s!r ax,:/ oR2(read: call read(tracR mov cx,ax add ax,sread cmp ax,:sectors jne oR3(read mov ax,:1 sub ax,!ead jne oR0(read inc tracR oR0(read: mov !ead,ax xor ax,ax oR3(read: mov sread,ax s!l cx,:/ add bx,cx jnc rp(read mov ax,es add ax,:0x1000 mov es,ax xor bx,bx jmp rp(read
read(tracR: pus! ax pus! bx pus! cx pus! dx mov dx,tracR mov cx,sread inc cx mov c!,dl mov dx,!ead mov d!,dl mov dl,:0 and dx,:0x0100 mov a!,:2 int 0x13 jc bad(rt pop dx pop cx pop bx pop ax ret bad(rt: mov ax,:0 mov dx,:0 int 0x13 pop dx pop cx pop bx pop ax jmp read(tracR 34 4 +!is procedure turns off t!e flopp' drive motor, so 4 t!at ,e enter t!e Rernel in a Rno,n state, and 4 donWt !ave to ,orr' about it later. 43 Rill(motor: pus! dx mov dx,:0x3f2 mov al,:0 outb pop dx ret gdt: .,ord .,ord .,ord .,ord .,ord .,ord .,ord .,ord .,ord idt(0;: .,ord .,ord .,ord .,ord 0,0,0,0 0x0.-0x0000 0x/#00 0x00C0 0x0.-0x0000 0x/200 0x00C0 0 0,0 0x;00 gdt,0x/ T dumm' T T T T T T T T ;Sb 5 limit7200. 1200;400/*7;Sb2 base address70 code read3exec granularit'700/*, 3;* ;Sb 5 limit7200. 1200;400/*7;Sb2 base address70 data read3,rite granularit'700/*, 3;* T idt limit70 T idt base70L T gdt limit7200;, 2)* N$+ entries T gdt base 7 0E/xxxx
gdt(0;:
msg1:
.b'te 13,10 .ascii >Loading s'stem ...> .b'te 13,10,13,10
.text endtext:
.data enddata: .bss endbss:
6urther readin&
9mbedded +ystems)Bootloaders and Bootsectors describes bootloaders ?or a >ariety o? embedded systems. 74ost embedded systems do not ha>e a ,23 'rocessor8.
x86 Chipset
x86 Assembly
Chipset
The ori"inal IB4 com'uter as based around the 2=22 micro'rocessorC althou"h the 2=22 alone as not enou"h to handle all the com'le, tasks reAuired by the system. A number o? other chi's ere de>elo'ed to su''ort the micro'rocessor unit 746*8C and many o? these other chi's<<in one ay or another<<sur>i>e to this day. The cha'ters in this section ill talk about some o? the additional chi's in the standard ,23 chi'setC includin" the %4A chi'C the interru't controllerC and the Timer. This section currently only contains 'a"es about the 'ro"rammable 'eri'heral chi'sC althou"h e>entually it could also contain 'a"es about the non<'ro"rammable com'onents o? the ,23 architectureC such as the (A4C the .orthbrid"eC etc. 4any o? the com'onents discussed in these cha'ters ha>e been inte"rated onto lar"er die throu"h the years. The %4A and 6I& controllersC ?or instanceC are both usually inte"rated into the +outhbrid"e A+I&. I? the 6&I 9,'ress standard becomes ides'readC many o? these same ?unctions could be inte"rated into the 6&I 9,'ress controllerC instead o? into the traditional .orthbrid"e)+outhbrid"e chi's.
)irect 0emory Access
x86 Assembly
)irect 0emory Access

The )irect 0emory Access chi' 7%4A8 as an im'ortant 'art o? the ori"inal IB4 6&C and it has become an essential com'onent o? modern com'uter systems. %4A allo s other com'uter com'onents to access the main memory directlyC ithout ha>in" to mana"e the data ?lo throu"h the 'rocessor. This is an im'ortant ?unctionalityC because in many systemsC the 'rocessor is a data<?lo bottleneckC and it ould slo do n the system considerably to ha>e the 46* ha>e to handle e>ery memory transaction. The ori"inal %4A chi' as kno n as the 223;<A chi'C althou"h modern >ariants may be one o? many di??erent models.
)0A %peration
The %4A chi' can be used to mo>e lar"e blocks o? data bet een t o memory locationsC or it can be used to mo>e blocks o? data ?rom a 'eri'heral de>ice to memory. For instanceC %4A is used ?reAuently to mo>e data bet een the 6&I bus to the e,'ansion cardsC and it is also used to mana"e data transmissions bet een 'rimary memory 7(A48 and the secondary memory 7H%%8. While the %4A is o'erationalC it has control o>er the memory busC and the 46* may not access the bus ?or any reason. The 46* may continue o'eratin" on the instructions that are stored in it:s cachesC but once the caches are em'tyC or once a memory access instruction is encounteredC the 46* must ait ?or the %4A o'eration to com'lete. The %4A can mana"e memory o'erations much more Auickly than the 46* canC so the ait times are usually not a lar"e s'eed 'roblem.
)0A Channels
The %4A chi' has u' to 2 %4A channelsC and one o? these channels can be used to cascade a second %4A chi' ?or a total o? 1- channels a>ailable. 9ach channel can be 'ro"rammed to read ?rom a s'eci?ic sourceC to rite to a s'eci?ic sourceC etc. Because o? thisC the %4A has a number o? dedicated I)! addresses a>ailableC ?or ritin" to the necessary control re"isters. The %4A uses addresses =,====<=,===F ?or standard control re"istersC and =,==2=<=,==23 ?or 'a"e re"isters.
2ro&rammable Interrupt Controller
x86 Assembly
This section of the x86 Assembly book is a st b! "o can help by expanding this section! The ori"inal IB4 6& contained a chi' kno n as the 2ro&rammable Interrupt Controller to handle the incomin" interru't reAuests ?rom the systemC and to send them in an orderly ?ashion to the 46* ?or 'rocessin". The ori"inal interru't controller as the 220L<A chi'C althou"h modern com'uters ill ha>e a more modern >ariant. The most common re'lacement is the A6I&OO2PP 7Ad>anced 6ro"rammale Inerru't &ontroller8 hich is essentially an e,tended >ersion o? the old 6I& chi' to maintain back ards com'atibility.
2ro&rammable Interrupt !imer
x86 Assembly
This section of the x86 Assembly book is a st b! "o can help by expanding this section! The 2ro&rammable Interrupt !imer 76IT8 is an essential com'onent o? modern com'utersC and is an essential 'art o? a multi<taskin" en>ironment. The 6IT chi' can be made<<by settin" >arious re"ister >alues<<to count u' or do nC at certain ratesC and to tri""er interru'ts at certain times. The timer can be set into a cyclic modeC so that hen it tri""ers it automatically starts countin" a"ainC or it can be set into a one<time<only countdo n mode.
2ro&rammable 2arallel Inter6ace
x86 Assembly
This section of the x86 Assembly book is a st b! "o can help by expanding this section! The !ri"inal ,23 6& had another 'eri'heral chi' onboard kno n as the 2200A 2ro&rammable 2eripheral Inter6ace 766I8. The 2200AC and >ariants 722&00AC 22B00AC etc.8 controlled the communications tasks ith the outside orld. The 66I chi's can be 'ro"rammed to o'erate in di??erent I)! modes.
*esources
x86 Assembly
Wikimedia -ources
Wiki'edia has related in?ormation at Assembly language. Wiki'edia has related in?ormation at "86.

Wiki'edia Assembler Article & 6ro"rammin" &EE 6ro"rammin" !'eratin" +ystem %esi"n 9mbedded +ystems ,23 %isassembly Floatin" 6oint
"ooks

&arterC 6aulC D6& Assembly TutorialD. !nline book. htt'B)) .dr'aulcarter.com) 'casm)inde,.'h' HydeC (andallC DThe Art o? Assembly Lan"ua"eDC .o +tarch 6ressC 2==3. I+B. 1223-11L;2. htt'B)) .arto?assembly.com Triebel and +i"nhC DThe 2=22 and 2=23 4icro'rocessorsB 6ro"rammin"C Inter?acin"C +o?t areC Hard areC and A''licationsDC -th 9ditionC 6rentice HallC 2==3. I+B. =13=L3=21Ionathan BartlettC D6ro"rammin" ?rom the 5round *'DC Bartlett 6ublishin"C Iuly 31C 2==-. I+B. =L;02232-;. A>ailable online at htt'B))do nload.sa>annah."nu.or")releases)'"ubook) TambeC 6ratikC D6rimiti>easmB Learn Assembly Lan"ua"e in 10 daysWWWDC 1st 9dition. 6resently ?ree cha'ters A>ailable online. 9book in 'ro"ressC htt'B))'ratik.tambe.ebooksu''ort."oo"le'a"es.com)
Web *esources

htt'B))de>elo'er.intel.com)desi"n)'entiumii)manuals)2-31L1.htm A4%:s A4%3- documentation on &%<(!4 7*.+. and &anada only8 and do nloadable 6%F ?ormat < maybe not inde'endent but com'lete descri'tion o? A4%3- throu"h Assembly. htt'B)) .amd.com)us< en)6rocessors)6roductIn?ormation)=CC3=Y112Y-3LLY;L2=V092;0V09-322C==.ht ml
%ther Assembly Lan&ua&es

Assembly Lan&ua&e ,23 Assembly the 323C -23C and 6entium Family. 4I6+ Assembly 32=== Assembly 6o er6& Assembly +6A(& Assembly 30=2 Assembly TI 23 6lus Assembly
The Assembly Lan"ua"e used by 32<bit Intel 4achines includin"
A &ommon (I+& assembly set that is both 'o er?ulC and relati>ely easy to learn The Assembly lan"ua"e used by the 4otorola 32=== series o? micro'rocessors The Assembly lan"ua"e used by the IB4 6o er6& architecture
The Assembly lan"ua"e used by +6A(& +ystems and main?rames The 30=2 is a 'o'ular 2<bit microcontroller that is chea' and easy to use. This is the instruction set used ith the TI 23 6lus brand o? 'ro"rammable "ra'hin" calculators. This is the instruction set used ith the IB4 33= ) 3;= ) L3,, and #)
33= Assembly +ystem brand o? 4ain?rame com'uters. A(4
This is the instruction set used ith most 32<bit embedded &6*sC includin" most 6%AsC 463 'layersC and handheld "amin" units.
7edit tem'late8
Licensin&
x86 Assembly
6ermission is "ranted to co'yC distribute and)or modi?y this document under the terms o? the 1., Free )ocumentation LicenseC Gersion 1.2 or any later >ersion 'ublished by the Free +o?t are FoundationM ith no In>ariant +ectionsC no Front<&o>er Te,tsC and no Back<&o>er Te,ts. A co'y o? the license is included in the section entitled D5.* Free %ocumentation License.D
1., Free )ocumentation License

Gersion 1.2C .o>ember 2==2
Cop'rig!t 1C2 2000,2001,2002 -ree %oft,are -oundation, Unc. )1 -ranRlin %t, -ift! -loor, @oston, S# 0211051301 O%# Fver'one is permitted to cop' and distribute verbatim copies of t!is license document, but c!anging it is not allo,ed.
8E 2*5A0"L5
The 'ur'ose o? this License is to make a manualC te,tbookC or other ?unctional and use?ul document D?reeD in the sense o? ?reedomB to assure e>eryone the e??ecti>e ?reedom to co'y and redistribute itC ith or ithout modi?yin" itC either commercially or noncommercially. +econdarilyC this License 'reser>es ?or the author and 'ublisher a ay to "et credit ?or their orkC hile not bein" considered res'onsible ?or modi?ications made by others. This License is a kind o? Dco'yle?tDC hich means that deri>ati>e orks o? the document must themsel>es be ?ree in the same sense. It com'lements the 5.* 5eneral 6ublic LicenseC hich is a co'yle?t license desi"ned ?or ?ree so?t are. We ha>e desi"ned this License in order to use it ?or manuals ?or ?ree so?t areC because ?ree so?t are needs ?ree documentationB a ?ree 'ro"ram should come ith manuals 'ro>idin" the same ?reedoms that the so?t are does. But this License is not limited to so?t are manualsM it can be used ?or any te,tual orkC re"ardless o? sub@ect matter or hether it is 'ublished as a 'rinted book. We recommend this License 'rinci'ally ?or orks hose 'ur'ose is instruction or re?erence.
:E A22LICA"ILI!C A.) )5FI.I!I%.This License a''lies to any manual or other orkC in any mediumC that contains a notice 'laced by the co'yri"ht holder sayin" it can be distributed under the terms o? this License. +uch a notice "rants a orld< ideC royalty<?ree licenseC unlimited in durationC to use that ork under the conditions stated herein. The D%ocumentDC belo C re?ers to any such manual or ork. Any member o? the 'ublic is a licenseeC and is addressed as DyouD. Fou acce't the license i? you co'yC modi?y or distribute the ork in a ay reAuirin" 'ermission under co'yri"ht la . A D4odi?ied GersionD o? the %ocument means any ork containin" the %ocument or a 'ortion o? itC either co'ied >erbatimC or ith modi?ications and)or translated into another lan"ua"e. A D+econdary +ectionD is a named a''endi, or a ?ront<matter section o? the %ocument that deals e,clusi>ely ith the relationshi' o? the 'ublishers or authors o? the %ocument to the %ocument:s o>erall sub@ect 7or to related matters8 and contains nothin" that could ?all directly ithin that o>erall sub@ect. 7ThusC i? the %ocument is in 'art a te,tbook o? mathematicsC a +econdary +ection may not e,'lain any mathematics.8 The relationshi' could be a matter o? historical connection ith the sub@ect or ith related mattersC or o? le"alC commercialC 'hiloso'hicalC ethical or 'olitical 'osition re"ardin" them. The DIn>ariant +ectionsD are certain +econdary +ections hose titles are desi"natedC as bein" those o? In>ariant +ectionsC in the notice that says that the %ocument is released under this License. I? a section does not ?it the abo>e de?inition o? +econdary then it is not allo ed to be desi"nated as In>ariant. The %ocument may contain #ero In>ariant +ections. I? the %ocument does not identi?y any In>ariant +ections then there are none. The D&o>er Te,tsD are certain short 'assa"es o? te,t that are listedC as Front<&o>er Te,ts or Back<&o>er Te,tsC in the notice that says that the %ocument is released under this License. A Front<&o>er Te,t may be at most 0 ordsC and a Back<&o>er Te,t may be at most 20 ords. A DTrans'arentD co'y o? the %ocument means a machine<readable co'yC re'resented in a ?ormat hose s'eci?ication is a>ailable to the "eneral 'ublicC that is suitable ?or re>isin" the document strai"ht?or ardly ith "eneric te,t editors or 7?or ima"es com'osed o? 'i,els8 "eneric 'aint 'ro"rams or 7?or dra in"s8 some idely a>ailable dra in" editorC and that is suitable ?or in'ut to te,t ?ormatters or ?or automatic translation to a >ariety o? ?ormats suitable ?or in'ut to te,t ?ormatters. A co'y made in an other ise Trans'arent ?ile ?ormat hose marku'C or absence o? marku'C has been arran"ed to th art or discoura"e subseAuent modi?ication by readers is not Trans'arent. An ima"e ?ormat is not Trans'arent i? used ?or any substantial amount o? te,t. A co'y that is not DTrans'arentD is called D!'aAueD. 9,am'les o? suitable ?ormats ?or Trans'arent co'ies include 'lain A+&II ithout marku'C Te,in?o in'ut ?ormatC LaTe1 in'ut ?ormatC +54L or 14L usin" a 'ublicly
a>ailable %T%C and standard<con?ormin" sim'le HT4LC 6ost+cri't or 6%F desi"ned ?or human modi?ication. 9,am'les o? trans'arent ima"e ?ormats include 6.5C 1&F and I65. !'aAue ?ormats include 'ro'rietary ?ormats that can be read and edited only by 'ro'rietary ord 'rocessorsC +54L or 14L ?or hich the %T% and)or 'rocessin" tools are not "enerally a>ailableC and the machine<"enerated HT4LC 6ost+cri't or 6%F 'roduced by some ord 'rocessors ?or out'ut 'ur'oses only. The DTitle 6a"eD meansC ?or a 'rinted bookC the title 'a"e itsel?C 'lus such ?ollo in" 'a"es as are needed to holdC le"iblyC the material this License reAuires to a''ear in the title 'a"e. For orks in ?ormats hich do not ha>e any title 'a"e as suchC DTitle 6a"eD means the te,t near the most 'rominent a''earance o? the ork:s titleC 'recedin" the be"innin" o? the body o? the te,t. A section D9ntitled 1FRD means a named subunit o? the %ocument hose title either is 'recisely 1FR or contains 1FR in 'arentheses ?ollo in" te,t that translates 1FR in another lan"ua"e. 7Here 1FR stands ?or a s'eci?ic section name mentioned belo C such as DAckno led"ementsDC D%edicationsDC D9ndorsementsDC or DHistoryD.8 To D6reser>e the TitleD o? such a section hen you modi?y the %ocument means that it remains a section D9ntitled 1FRD accordin" to this de?inition. The %ocument may include Warranty %isclaimers ne,t to the notice hich states that this License a''lies to the %ocument. These Warranty %isclaimers are considered to be included by re?erence in this LicenseC but only as re"ards disclaimin" arrantiesB any other im'lication that these Warranty %isclaimers may ha>e is >oid and has no e??ect on the meanin" o? this License.
<E L5*"A!I0 C%2CI.1

Fou may co'y and distribute the %ocument in any mediumC either commercially or noncommerciallyC 'ro>ided that this LicenseC the co'yri"ht noticesC and the license notice sayin" this License a''lies to the %ocument are re'roduced in all co'iesC and that you add no other conditions hatsoe>er to those o? this License. Fou may not use technical measures to obstruct or control the readin" or ?urther co'yin" o? the co'ies you make or distribute. Ho e>erC you may acce't com'ensation in e,chan"e ?or co'ies. I? you distribute a lar"e enou"h number o? co'ies you must also ?ollo the conditions in section 3. Fou may also lend co'iesC under the same conditions stated abo>eC and you may 'ublicly dis'lay co'ies.
;E C%2CI.1 I. (,A.!I!C
I? you 'ublish 'rinted co'ies 7or co'ies in media that commonly ha>e 'rinted co>ers8 o? the %ocumentC numberin" more than 1==C and the %ocument:s license notice reAuires
&o>er Te,tsC you must enclose the co'ies in co>ers that carryC clearly and le"iblyC all these &o>er Te,tsB Front<&o>er Te,ts on the ?ront co>erC and Back<&o>er Te,ts on the back co>er. Both co>ers must also clearly and le"ibly identi?y you as the 'ublisher o? these co'ies. The ?ront co>er must 'resent the ?ull title ith all ords o? the title eAually 'rominent and >isible. Fou may add other material on the co>ers in addition. &o'yin" ith chan"es limited to the co>ersC as lon" as they 'reser>e the title o? the %ocument and satis?y these conditionsC can be treated as >erbatim co'yin" in other res'ects. I? the reAuired te,ts ?or either co>er are too >oluminous to ?it le"iblyC you should 'ut the ?irst ones listed 7as many as ?it reasonably8 on the actual co>erC and continue the rest onto ad@acent 'a"es. I? you 'ublish or distribute !'aAue co'ies o? the %ocument numberin" more than 1==C you must either include a machine<readable Trans'arent co'y alon" ith each !'aAue co'yC or state in or ith each !'aAue co'y a com'uter<net ork location ?rom hich the "eneral net ork<usin" 'ublic has access to do nload usin" 'ublic<standard net ork 'rotocols a com'lete Trans'arent co'y o? the %ocumentC ?ree o? added material. I? you use the latter o'tionC you must take reasonably 'rudent ste'sC hen you be"in distribution o? !'aAue co'ies in AuantityC to ensure that this Trans'arent co'y ill remain thus accessible at the stated location until at least one year a?ter the last time you distribute an !'aAue co'y 7directly or throu"h your a"ents or retailers8 o? that edition to the 'ublic. It is reAuestedC but not reAuiredC that you contact the authors o? the %ocument ell be?ore redistributin" any lar"e number o? co'iesC to "i>e them a chance to 'ro>ide you ith an u'dated >ersion o? the %ocument.
=E 0%)IFICA!I%.Fou may co'y and distribute a 4odi?ied Gersion o? the %ocument under the conditions o? sections 2 and 3 abo>eC 'ro>ided that you release the 4odi?ied Gersion under 'recisely this LicenseC ith the 4odi?ied Gersion ?illin" the role o? the %ocumentC thus licensin" distribution and modi?ication o? the 4odi?ied Gersion to hoe>er 'ossesses a co'y o? it. In additionC you must do these thin"s in the 4odi?ied GersionB AE *se in the Title 6a"e 7and on the co>ersC i? any8 a title distinct ?rom that o? the %ocumentC and ?rom those o? 're>ious >ersions 7 hich shouldC i? there ere anyC be listed in the History section o? the %ocument8. Fou may use the same title as a 're>ious >ersion i? the ori"inal 'ublisher o? that >ersion "i>es 'ermission. "E List on the Title 6a"eC as authorsC one or more 'ersons or entities res'onsible ?or authorshi' o? the modi?ications in the 4odi?ied GersionC to"ether ith at least ?i>e o? the 'rinci'al authors o? the %ocument 7all o? its 'rinci'al authorsC i? it has ?e er than ?i>e8C unless they release you ?rom this reAuirement. CE +tate on the Title 'a"e the name o? the 'ublisher o? the 4odi?ied GersionC as the 'ublisher. )E 6reser>e all the co'yri"ht notices o? the %ocument.
5E Add an a''ro'riate co'yri"ht notice ?or your modi?ications ad@acent to the other co'yri"ht notices. FE IncludeC immediately a?ter the co'yri"ht noticesC a license notice "i>in" the 'ublic 'ermission to use the 4odi?ied Gersion under the terms o? this LicenseC in the ?orm sho n in the Addendum belo . 1E 6reser>e in that license notice the ?ull lists o? In>ariant +ections and reAuired &o>er Te,ts "i>en in the %ocument:s license notice. #E Include an unaltered co'y o? this License. IE 6reser>e the section 9ntitled DHistoryDC 6reser>e its TitleC and add to it an item statin" at least the titleC yearC ne authorsC and 'ublisher o? the 4odi?ied Gersion as "i>en on the Title 6a"e. I? there is no section 9ntitled DHistoryD in the %ocumentC create one statin" the titleC yearC authorsC and 'ublisher o? the %ocument as "i>en on its Title 6a"eC then add an item describin" the 4odi?ied Gersion as stated in the 're>ious sentence. @E 6reser>e the net ork locationC i? anyC "i>en in the %ocument ?or 'ublic access to a Trans'arent co'y o? the %ocumentC and like ise the net ork locations "i>en in the %ocument ?or 're>ious >ersions it as based on. These may be 'laced in the DHistoryD section. Fou may omit a net ork location ?or a ork that as 'ublished at least ?our years be?ore the %ocument itsel?C or i? the ori"inal 'ublisher o? the >ersion it re?ers to "i>es 'ermission. /E For any section 9ntitled DAckno led"ementsD or D%edicationsDC 6reser>e the Title o? the sectionC and 'reser>e in the section all the substance and tone o? each o? the contributor ackno led"ements and)or dedications "i>en therein. LE 6reser>e all the In>ariant +ections o? the %ocumentC unaltered in their te,t and in their titles. +ection numbers or the eAui>alent are not considered 'art o? the section titles. 0E %elete any section 9ntitled D9ndorsementsD. +uch a section may not be included in the 4odi?ied Gersion. .E %o not retitle any e,istin" section to be 9ntitled D9ndorsementsD or to con?lict in title ith any In>ariant +ection. %E 6reser>e any Warranty %isclaimers. I? the 4odi?ied Gersion includes ne ?ront<matter sections or a''endices that Auali?y as +econdary +ections and contain no material co'ied ?rom the %ocumentC you may at your o'tion desi"nate some or all o? these sections as in>ariant. To do thisC add their titles to the list o? In>ariant +ections in the 4odi?ied Gersion:s license notice. These titles must be distinct ?rom any other section titles. Fou may add a section 9ntitled D9ndorsementsDC 'ro>ided it contains nothin" but endorsements o? your 4odi?ied Gersion by >arious 'arties<<?or e,am'leC statements o? 'eer re>ie or that the te,t has been a''ro>ed by an or"ani#ation as the authoritati>e de?inition o? a standard. Fou may add a 'assa"e o? u' to ?i>e ords as a Front<&o>er Te,tC and a 'assa"e o? u' to 20 ords as a Back<&o>er Te,tC to the end o? the list o? &o>er Te,ts in the 4odi?ied Gersion. !nly one 'assa"e o? Front<&o>er Te,t and one o? Back<&o>er Te,t may be
added by 7or throu"h arran"ements made by8 any one entity. I? the %ocument already includes a co>er te,t ?or the same co>erC 're>iously added by you or by arran"ement made by the same entity you are actin" on behal? o?C you may not add anotherM but you may re'lace the old oneC on e,'licit 'ermission ?rom the 're>ious 'ublisher that added the old one. The author7s8 and 'ublisher7s8 o? the %ocument do not by this License "i>e 'ermission to use their names ?or 'ublicity ?or or to assert or im'ly endorsement o? any 4odi?ied Gersion.
ME C%0"I.I.1 )%C,05.!Fou may combine the %ocument ith other documents released under this LicenseC under the terms de?ined in section - abo>e ?or modi?ied >ersionsC 'ro>ided that you include in the combination all o? the In>ariant +ections o? all o? the ori"inal documentsC unmodi?iedC and list them all as In>ariant +ections o? your combined ork in its license noticeC and that you 'reser>e all their Warranty %isclaimers. The combined ork need only contain one co'y o? this LicenseC and multi'le identical In>ariant +ections may be re'laced ith a sin"le co'y. I? there are multi'le In>ariant +ections ith the same name but di??erent contentsC make the title o? each such section uniAue by addin" at the end o? itC in 'arenthesesC the name o? the ori"inal author or 'ublisher o? that section i? kno nC or else a uniAue number. 4ake the same ad@ustment to the section titles in the list o? In>ariant +ections in the license notice o? the combined ork. In the combinationC you must combine any sections 9ntitled DHistoryD in the >arious ori"inal documentsC ?ormin" one section 9ntitled DHistoryDM like ise combine any sections 9ntitled DAckno led"ementsDC and any sections 9ntitled D%edicationsD. Fou must delete all sections 9ntitled D9ndorsements.D
6E C%LL5C!I%.- %F )%C,05.!Fou may make a collection consistin" o? the %ocument and other documents released under this LicenseC and re'lace the indi>idual co'ies o? this License in the >arious documents ith a sin"le co'y that is included in the collectionC 'ro>ided that you ?ollo the rules o? this License ?or >erbatim co'yin" o? each o? the documents in all other res'ects. Fou may e,tract a sin"le document ?rom such a collectionC and distribute it indi>idually under this LicenseC 'ro>ided you insert a co'y o? this License into the e,tracted documentC and ?ollo this License in all other res'ects re"ardin" >erbatim co'yin" o? that document.
HE A11*51A!I%. WI!# I.)525.)5.! W%*/A com'ilation o? the %ocument or its deri>ati>es ith other se'arate and inde'endent documents or orksC in or on a >olume o? a stora"e or distribution mediumC is called an Da""re"ateD i? the co'yri"ht resultin" ?rom the com'ilation is not used to limit the le"al ri"hts o? the com'ilation:s users beyond hat the indi>idual orks 'ermit. When the %ocument is included in an a""re"ateC this License does not a''ly to the other orks in the a""re"ate hich are not themsel>es deri>ati>e orks o? the %ocument. I? the &o>er Te,t reAuirement o? section 3 is a''licable to these co'ies o? the %ocumentC then i? the %ocument is less than one hal? o? the entire a""re"ateC the %ocument:s &o>er Te,ts may be 'laced on co>ers that bracket the %ocument ithin the a""re"ateC or the electronic eAui>alent o? co>ers i? the %ocument is in electronic ?orm. !ther ise they must a''ear on 'rinted co>ers that bracket the hole a""re"ate.
8E !*A.-LA!I%.
Translation is considered a kind o? modi?icationC so you may distribute translations o? the %ocument under the terms o? section -. (e'lacin" In>ariant +ections ith translations reAuires s'ecial 'ermission ?rom their co'yri"ht holdersC but you may include translations o? some or all In>ariant +ections in addition to the ori"inal >ersions o? these In>ariant +ections. Fou may include a translation o? this LicenseC and all the license notices in the %ocumentC and any Warranty %isclaimersC 'ro>ided that you also include the ori"inal 9n"lish >ersion o? this License and the ori"inal >ersions o? those notices and disclaimers. In case o? a disa"reement bet een the translation and the ori"inal >ersion o? this License or a notice or disclaimerC the ori"inal >ersion ill 're>ail. I? a section in the %ocument is 9ntitled DAckno led"ementsDC D%edicationsDC or DHistoryDC the reAuirement 7section -8 to 6reser>e its Title 7section 18 ill ty'ically reAuire chan"in" the actual title.
NE !5*0I.A!I%.
Fou may not co'yC modi?yC sublicenseC or distribute the %ocument e,ce't as e,'ressly 'ro>ided ?or under this License. Any other attem't to co'yC modi?yC sublicense or distribute the %ocument is >oidC and ill automatically terminate your ri"hts under this License. Ho e>erC 'arties ho ha>e recei>ed co'iesC or ri"htsC ?rom you under this License ill not ha>e their licenses terminated so lon" as such 'arties remain in ?ull com'liance.
:8E F,!,*5 *5LI-I%.- %F !#I- LIC5.-5

The Free +o?t are Foundation may 'ublish ne C re>ised >ersions o? the 5.* Free %ocumentation License ?rom time to time. +uch ne >ersions ill be similar in s'irit to the 'resent >ersionC but may di??er in detail to address ne 'roblems or concerns. +ee htt'B)) ."nu.or")co'yle?t). 9ach >ersion o? the License is "i>en a distin"uishin" >ersion number. I? the %ocument s'eci?ies that a 'articular numbered >ersion o? this License Dor any later >ersionD a''lies to itC you ha>e the o'tion o? ?ollo in" the terms and conditions either o? that s'eci?ied >ersion or o? any later >ersion that has been 'ublished 7not as a dra?t8 by the Free +o?t are Foundation. I? the %ocument does not s'eci?y a >ersion number o? this LicenseC you may choose any >ersion e>er 'ublished 7not as a dra?t8 by the Free +o?t are Foundation. (etrie>ed ?rom Dhtt'B))en. ikibooks.or") iki)123YAssembly)6rintYGersionD. Last modi?ied on 2; Iune 2==;C at 12B=0.

X86 Assembly

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

X86 Assembly

Uploaded by

Copyright:

Available Formats

X86 Assembly

From Wikibooks, the open-content textbooks collection

,23 Assembly Lan"ua"e Introduction

Why Learn Assembly

Who is !his "ook For

#o$ is !his "ook %r&ani'ed

#o$ )oes the Computer *ead+,nderstand Assembly

Is it the -ame %n Windo$s+)%-+Linux

Which Assembler is "est

)o I .eed to /no$ Assembly

#o$ -hould I Format my Code

mov ax, cx ...

Another ay 'uts labels on their o n linesC and indents instructions sli"htlyB

Intel x86 0icroprocessors

A0) x86 Compatible 0icroprocessors

1eneral 2urpose *e&isters 312*4

21. I% B Identi?ication Fla". +u''ort ?or &6*I% instruction i? can be set.

!$o9s complement representation

is in>erted toB addin" one netsB

===1 re'resent decimal 1 1111 re'resent decimal <1

Immediate 7actual >alue is in the ?ield8

%irect memory addressin" 7o'erand address is in the address ?ield8

%irect o??set addressin" 7uses arithmetics to modi?y address8

.o the stack has S==3AC SF;LAC and S112call do(stuff

C2, %peration 0odes

:6 ;< and 6= "its

!he 8886 *e&isters

!he A<8 1ate -a&a

e con>ert ?rom a +e"mentB!??set re'resentation to Linear 2=

FFF0 is equal to 64Kb minus 16 bytes.

I? you need more in?oC "o to O1P.

Instr srcC dest Instr destC src

1A- -yntax Intel syntax

)ata trans6er instructions

1A- -yntax Intel syntax

Immediate (e"ister 4emory

.o FLA5+ are modi?ied by this instruction

)ata -$ap xch& srcC dest xch& destC src

1A- -yntax Intel syntax

.o FLA5+ are modi?ied by this instruction

.global (start (start: movl 8)0, 9ebx

0o?e and 5xtend mo?' srcC dest mo?' destC src

1A- -yntax Intel syntax

Immediate (e"ister 4emory

.o FLA5+ are modi?ied by this instruction

mo?s srcC dest mo?s destC src

1A- -yntax Intel syntax

Immediate (e"ister 4emory

.o FLA5+ are modi?ied by this instruction

0o?e by )ata -i'e mo?sb

.o FLA5+ are modi?ied by this instruction

m'str2: resb * section .data m'str db >?ello>, 0x0

.o FLA5+ are modi?ied by this instruction

cmp ar"1C ar"2 cmp ar"1C ar"2

1A- -yntax Intel syntax

@ump on 5>uality Ae loc

@ump i6 1reater A& loc

@ump i6 Less Al loc

@ump on %?er6lo$ Ao loc

@ump on Bero An' loc

loop does not set any ?la"s.

loo'e loo'ne loo'n# loo'#

5nter and Lea?e

%ther Control Instructions

1eneral 2urpose e&isters 3124

0od + e& + +0 tables