diff options
Diffstat (limited to 'gas/doc/c-i386.texi')
| -rw-r--r-- | gas/doc/c-i386.texi | 518 |
1 files changed, 518 insertions, 0 deletions
diff --git a/gas/doc/c-i386.texi b/gas/doc/c-i386.texi new file mode 100644 index 0000000..e27893b --- /dev/null +++ b/gas/doc/c-i386.texi @@ -0,0 +1,518 @@ +@c Copyright (C) 1991, 92, 93, 94, 95, 97, 1998 Free Software Foundation, Inc. +@c This is part of the GAS manual. +@c For copying conditions, see the file as.texinfo. +@ifset GENERIC +@page +@node i386-Dependent +@chapter 80386 Dependent Features +@end ifset +@ifclear GENERIC +@node Machine Dependencies +@chapter 80386 Dependent Features +@end ifclear + +@cindex i386 support +@cindex i80306 support +@menu +* i386-Options:: Options +* i386-Syntax:: AT&T Syntax versus Intel Syntax +* i386-Mnemonics:: Instruction Naming +* i386-Regs:: Register Naming +* i386-Prefixes:: Instruction Prefixes +* i386-Memory:: Memory References +* i386-jumps:: Handling of Jump Instructions +* i386-Float:: Floating Point +* i386-SIMD:: Intel's MMX and AMD's 3DNow! SIMD Operations +* i386-16bit:: Writing 16-bit Code +* i386-Bugs:: AT&T Syntax bugs +* i386-Notes:: Notes +@end menu + +@node i386-Options +@section Options + +@cindex options for i386 (none) +@cindex i386 options (none) +The 80386 has no machine dependent options. + +@node i386-Syntax +@section AT&T Syntax versus Intel Syntax + +@cindex i386 syntax compatibility +@cindex syntax compatibility, i386 +In order to maintain compatibility with the output of @code{@value{GCC}}, +@code{@value{AS}} supports AT&T System V/386 assembler syntax. This is quite +different from Intel syntax. We mention these differences because +almost all 80386 documents use Intel syntax. Notable differences +between the two syntaxes are: + +@cindex immediate operands, i386 +@cindex i386 immediate operands +@cindex register operands, i386 +@cindex i386 register operands +@cindex jump/call operands, i386 +@cindex i386 jump/call operands +@cindex operand delimiters, i386 +@itemize @bullet +@item +AT&T immediate operands are preceded by @samp{$}; Intel immediate +operands are undelimited (Intel @samp{push 4} is AT&T @samp{pushl $4}). +AT&T register operands are preceded by @samp{%}; Intel register operands +are undelimited. AT&T absolute (as opposed to PC relative) jump/call +operands are prefixed by @samp{*}; they are undelimited in Intel syntax. + +@cindex i386 source, destination operands +@cindex source, destination operands; i386 +@item +AT&T and Intel syntax use the opposite order for source and destination +operands. Intel @samp{add eax, 4} is @samp{addl $4, %eax}. The +@samp{source, dest} convention is maintained for compatibility with +previous Unix assemblers. Note that instructions with more than one +source operand, such as the @samp{enter} instruction, do @emph{not} have +reversed order. @ref{i386-Bugs}. + +@cindex mnemonic suffixes, i386 +@cindex sizes operands, i386 +@cindex i386 size suffixes +@item +In AT&T syntax the size of memory operands is determined from the last +character of the instruction mnemonic. Mnemonic suffixes of @samp{b}, +@samp{w}, and @samp{l} specify byte (8-bit), word (16-bit), and long +(32-bit) memory references. Intel syntax accomplishes this by prefixing +memory operands (@emph{not} the instruction mnemonics) with @samp{byte +ptr}, @samp{word ptr}, and @samp{dword ptr}. Thus, Intel @samp{mov al, +byte ptr @var{foo}} is @samp{movb @var{foo}, %al} in AT&T syntax. + +@cindex return instructions, i386 +@cindex i386 jump, call, return +@item +Immediate form long jumps and calls are +@samp{lcall/ljmp $@var{section}, $@var{offset}} in AT&T syntax; the +Intel syntax is +@samp{call/jmp far @var{section}:@var{offset}}. Also, the far return +instruction +is @samp{lret $@var{stack-adjust}} in AT&T syntax; Intel syntax is +@samp{ret far @var{stack-adjust}}. + +@cindex sections, i386 +@cindex i386 sections +@item +The AT&T assembler does not provide support for multiple section +programs. Unix style systems expect all programs to be single sections. +@end itemize + +@node i386-Mnemonics +@section Instruction Naming + +@cindex i386 instruction naming +@cindex instruction naming, i386 +Instruction mnemonics are suffixed with one character modifiers which +specify the size of operands. The letters @samp{b}, @samp{w}, and +@samp{l} specify byte, word, and long operands. If no suffix is +specified by an instruction then @code{@value{AS}} tries to fill in the +missing suffix based on the destination register operand (the last one +by convention). Thus, @samp{mov %ax, %bx} is equivalent to @samp{movw +%ax, %bx}; also, @samp{mov $1, %bx} is equivalent to @samp{movw $1, +%bx}. Note that this is incompatible with the AT&T Unix assembler which +assumes that a missing mnemonic suffix implies long operand size. (This +incompatibility does not affect compiler output since compilers always +explicitly specify the mnemonic suffix.) + +Almost all instructions have the same names in AT&T and Intel format. +There are a few exceptions. The sign extend and zero extend +instructions need two sizes to specify them. They need a size to +sign/zero extend @emph{from} and a size to zero extend @emph{to}. This +is accomplished by using two instruction mnemonic suffixes in AT&T +syntax. Base names for sign extend and zero extend are +@samp{movs@dots{}} and @samp{movz@dots{}} in AT&T syntax (@samp{movsx} +and @samp{movzx} in Intel syntax). The instruction mnemonic suffixes +are tacked on to this base name, the @emph{from} suffix before the +@emph{to} suffix. Thus, @samp{movsbl %al, %edx} is AT&T syntax for +``move sign extend @emph{from} %al @emph{to} %edx.'' Possible suffixes, +thus, are @samp{bl} (from byte to long), @samp{bw} (from byte to word), +and @samp{wl} (from word to long). + +@cindex conversion instructions, i386 +@cindex i386 conversion instructions +The Intel-syntax conversion instructions + +@itemize @bullet +@item +@samp{cbw} --- sign-extend byte in @samp{%al} to word in @samp{%ax}, + +@item +@samp{cwde} --- sign-extend word in @samp{%ax} to long in @samp{%eax}, + +@item +@samp{cwd} --- sign-extend word in @samp{%ax} to long in @samp{%dx:%ax}, + +@item +@samp{cdq} --- sign-extend dword in @samp{%eax} to quad in @samp{%edx:%eax}, +@end itemize + +@noindent +are called @samp{cbtw}, @samp{cwtl}, @samp{cwtd}, and @samp{cltd} in +AT&T naming. @code{@value{AS}} accepts either naming for these instructions. + +@cindex jump instructions, i386 +@cindex call instructions, i386 +Far call/jump instructions are @samp{lcall} and @samp{ljmp} in +AT&T syntax, but are @samp{call far} and @samp{jump far} in Intel +convention. + +@node i386-Regs +@section Register Naming + +@cindex i386 registers +@cindex registers, i386 +Register operands are always prefixed with @samp{%}. The 80386 registers +consist of + +@itemize @bullet +@item +the 8 32-bit registers @samp{%eax} (the accumulator), @samp{%ebx}, +@samp{%ecx}, @samp{%edx}, @samp{%edi}, @samp{%esi}, @samp{%ebp} (the +frame pointer), and @samp{%esp} (the stack pointer). + +@item +the 8 16-bit low-ends of these: @samp{%ax}, @samp{%bx}, @samp{%cx}, +@samp{%dx}, @samp{%di}, @samp{%si}, @samp{%bp}, and @samp{%sp}. + +@item +the 8 8-bit registers: @samp{%ah}, @samp{%al}, @samp{%bh}, +@samp{%bl}, @samp{%ch}, @samp{%cl}, @samp{%dh}, and @samp{%dl} (These +are the high-bytes and low-bytes of @samp{%ax}, @samp{%bx}, +@samp{%cx}, and @samp{%dx}) + +@item +the 6 section registers @samp{%cs} (code section), @samp{%ds} +(data section), @samp{%ss} (stack section), @samp{%es}, @samp{%fs}, +and @samp{%gs}. + +@item +the 3 processor control registers @samp{%cr0}, @samp{%cr2}, and +@samp{%cr3}. + +@item +the 6 debug registers @samp{%db0}, @samp{%db1}, @samp{%db2}, +@samp{%db3}, @samp{%db6}, and @samp{%db7}. + +@item +the 2 test registers @samp{%tr6} and @samp{%tr7}. + +@item +the 8 floating point register stack @samp{%st} or equivalently +@samp{%st(0)}, @samp{%st(1)}, @samp{%st(2)}, @samp{%st(3)}, +@samp{%st(4)}, @samp{%st(5)}, @samp{%st(6)}, and @samp{%st(7)}. +@end itemize + +@node i386-Prefixes +@section Instruction Prefixes + +@cindex i386 instruction prefixes +@cindex instruction prefixes, i386 +@cindex prefixes, i386 +Instruction prefixes are used to modify the following instruction. They +are used to repeat string instructions, to provide section overrides, to +perform bus lock operations, and to change operand and address sizes. +(Most instructions that normally operate on 32-bit operands will use +16-bit operands if the instruction has an ``operand size'' prefix.) +Instruction prefixes are best written on the same line as the instruction +they act upon. For example, the @samp{scas} (scan string) instruction is +repeated with: + +@smallexample + repne scas %es:(%edi),%al +@end smallexample + +You may also place prefixes on the lines immediately preceding the +instruction, but this circumvents checks that @code{@value{AS}} does +with prefixes, and will not work with all prefixes. + +Here is a list of instruction prefixes: + +@cindex section override prefixes, i386 +@itemize @bullet +@item +Section override prefixes @samp{cs}, @samp{ds}, @samp{ss}, @samp{es}, +@samp{fs}, @samp{gs}. These are automatically added by specifying +using the @var{section}:@var{memory-operand} form for memory references. + +@cindex size prefixes, i386 +@item +Operand/Address size prefixes @samp{data16} and @samp{addr16} +change 32-bit operands/addresses into 16-bit operands/addresses, +while @samp{data32} and @samp{addr32} change 16-bit ones (in a +@code{.code16} section) into 32-bit operands/addresses. These prefixes +@emph{must} appear on the same line of code as the instruction they +modify. For example, in a 16-bit @code{.code16} section, you might +write: + +@smallexample + addr32 jmpl *(%ebx) +@end smallexample + +@cindex bus lock prefixes, i386 +@cindex inhibiting interrupts, i386 +@item +The bus lock prefix @samp{lock} inhibits interrupts during execution of +the instruction it precedes. (This is only valid with certain +instructions; see a 80386 manual for details). + +@cindex coprocessor wait, i386 +@item +The wait for coprocessor prefix @samp{wait} waits for the coprocessor to +complete the current instruction. This should never be needed for the +80386/80387 combination. + +@cindex repeat prefixes, i386 +@item +The @samp{rep}, @samp{repe}, and @samp{repne} prefixes are added +to string instructions to make them repeat @samp{%ecx} times (@samp{%cx} +times if the current address size is 16-bits). +@end itemize + +@node i386-Memory +@section Memory References + +@cindex i386 memory references +@cindex memory references, i386 +An Intel syntax indirect memory reference of the form + +@smallexample +@var{section}:[@var{base} + @var{index}*@var{scale} + @var{disp}] +@end smallexample + +@noindent +is translated into the AT&T syntax + +@smallexample +@var{section}:@var{disp}(@var{base}, @var{index}, @var{scale}) +@end smallexample + +@noindent +where @var{base} and @var{index} are the optional 32-bit base and +index registers, @var{disp} is the optional displacement, and +@var{scale}, taking the values 1, 2, 4, and 8, multiplies @var{index} +to calculate the address of the operand. If no @var{scale} is +specified, @var{scale} is taken to be 1. @var{section} specifies the +optional section register for the memory operand, and may override the +default section register (see a 80386 manual for section register +defaults). Note that section overrides in AT&T syntax @emph{must} +be preceded by a @samp{%}. If you specify a section override which +coincides with the default section register, @code{@value{AS}} does @emph{not} +output any section register override prefixes to assemble the given +instruction. Thus, section overrides can be specified to emphasize which +section register is used for a given memory operand. + +Here are some examples of Intel and AT&T style memory references: + +@table @asis +@item AT&T: @samp{-4(%ebp)}, Intel: @samp{[ebp - 4]} +@var{base} is @samp{%ebp}; @var{disp} is @samp{-4}. @var{section} is +missing, and the default section is used (@samp{%ss} for addressing with +@samp{%ebp} as the base register). @var{index}, @var{scale} are both missing. + +@item AT&T: @samp{foo(,%eax,4)}, Intel: @samp{[foo + eax*4]} +@var{index} is @samp{%eax} (scaled by a @var{scale} 4); @var{disp} is +@samp{foo}. All other fields are missing. The section register here +defaults to @samp{%ds}. + +@item AT&T: @samp{foo(,1)}; Intel @samp{[foo]} +This uses the value pointed to by @samp{foo} as a memory operand. +Note that @var{base} and @var{index} are both missing, but there is only +@emph{one} @samp{,}. This is a syntactic exception. + +@item AT&T: @samp{%gs:foo}; Intel @samp{gs:foo} +This selects the contents of the variable @samp{foo} with section +register @var{section} being @samp{%gs}. +@end table + +Absolute (as opposed to PC relative) call and jump operands must be +prefixed with @samp{*}. If no @samp{*} is specified, @code{@value{AS}} +always chooses PC relative addressing for jump/call labels. + +Any instruction that has a memory operand, but no register operand, +@emph{must} specify its size (byte, word, or long) with an instruction +mnemonic suffix (@samp{b}, @samp{w}, or @samp{l}, respectively). + +@node i386-jumps +@section Handling of Jump Instructions + +@cindex jump optimization, i386 +@cindex i386 jump optimization +Jump instructions are always optimized to use the smallest possible +displacements. This is accomplished by using byte (8-bit) displacement +jumps whenever the target is sufficiently close. If a byte displacement +is insufficient a long (32-bit) displacement is used. We do not support +word (16-bit) displacement jumps in 32-bit mode (i.e. prefixing the jump +instruction with the @samp{data16} instruction prefix), since the 80386 +insists upon masking @samp{%eip} to 16 bits after the word displacement +is added. + +Note that the @samp{jcxz}, @samp{jecxz}, @samp{loop}, @samp{loopz}, +@samp{loope}, @samp{loopnz} and @samp{loopne} instructions only come in byte +displacements, so that if you use these instructions (@code{@value{GCC}} does +not use them) you may get an error message (and incorrect code). The AT&T +80386 assembler tries to get around this problem by expanding @samp{jcxz foo} +to + +@smallexample + jcxz cx_zero + jmp cx_nonzero +cx_zero: jmp foo +cx_nonzero: +@end smallexample + +@node i386-Float +@section Floating Point + +@cindex i386 floating point +@cindex floating point, i386 +All 80387 floating point types except packed BCD are supported. +(BCD support may be added without much difficulty). These data +types are 16-, 32-, and 64- bit integers, and single (32-bit), +double (64-bit), and extended (80-bit) precision floating point. +Each supported type has an instruction mnemonic suffix and a constructor +associated with it. Instruction mnemonic suffixes specify the operand's +data type. Constructors build these data types into memory. + +@cindex @code{float} directive, i386 +@cindex @code{single} directive, i386 +@cindex @code{double} directive, i386 +@cindex @code{tfloat} directive, i386 +@itemize @bullet +@item +Floating point constructors are @samp{.float} or @samp{.single}, +@samp{.double}, and @samp{.tfloat} for 32-, 64-, and 80-bit formats. +These correspond to instruction mnemonic suffixes @samp{s}, @samp{l}, +and @samp{t}. @samp{t} stands for 80-bit (ten byte) real. The 80387 +only supports this format via the @samp{fldt} (load 80-bit real to stack +top) and @samp{fstpt} (store 80-bit real and pop stack) instructions. + +@cindex @code{word} directive, i386 +@cindex @code{long} directive, i386 +@cindex @code{int} directive, i386 +@cindex @code{quad} directive, i386 +@item +Integer constructors are @samp{.word}, @samp{.long} or @samp{.int}, and +@samp{.quad} for the 16-, 32-, and 64-bit integer formats. The +corresponding instruction mnemonic suffixes are @samp{s} (single), +@samp{l} (long), and @samp{q} (quad). As with the 80-bit real format, +the 64-bit @samp{q} format is only present in the @samp{fildq} (load +quad integer to stack top) and @samp{fistpq} (store quad integer and pop +stack) instructions. +@end itemize + +Register to register operations should not use instruction mnemonic suffixes. +@samp{fstl %st, %st(1)} will give a warning, and be assembled as if you +wrote @samp{fst %st, %st(1)}, since all register to register operations +use 80-bit floating point operands. (Contrast this with @samp{fstl %st, mem}, +which converts @samp{%st} from 80-bit to 64-bit floating point format, +then stores the result in the 4 byte location @samp{mem}) + +@node i386-SIMD +@section Intel's MMX and AMD's 3DNow! SIMD Operations + +@cindex MMX, i386 +@cindex 3DNow!, i386 +@cindex SIMD, i386 + +@code{@value{AS}} supports Intel's MMX instruction set (SIMD +instructions for integer data), available on Intel's Pentium MMX +processors and Pentium II processors, AMD's K6 and K6-2 processors, +Cyrix' M2 processor, and probably others. It also supports AMD's 3DNow! +instruction set (SIMD instructions for 32-bit floating point data) +available on AMD's K6-2 processor and possibly others in the future. + +Currently, @code{@value{AS}} does not support Intel's floating point +SIMD, Katmai (KNI). + +The eight 64-bit MMX operands, also used by 3DNow!, are called @samp{%mm0}, +@samp{%mm1}, ... @samp{%mm7}. They contain eight 8-bit integers, four +16-bit integers, two 32-bit integers, one 64-bit integer, or two 32-bit +floating point values. The MMX registers cannot be used at the same time +as the floating point stack. + +See Intel and AMD documentation, keeping in mind that the operand order in +instructions is reversed from the Intel syntax. + +@node i386-16bit +@section Writing 16-bit Code + +@cindex i386 16-bit code +@cindex 16-bit code, i386 +@cindex real-mode code, i386 +@cindex @code{code16} directive, i386 +@cindex @code{code32} directive, i386 +While @code{@value{AS}} normally writes only ``pure'' 32-bit i386 code, +it also supports writing code to run in real mode or in 16-bit protected +mode code segments. To do this, put a @samp{.code16} directive before +the assembly language instructions to be run in 16-bit mode. You can +switch @code{@value{AS}} back to writing normal 32-bit code with the +@samp{.code32} directive. + +The code which @code{@value{AS}} generates in 16-bit mode will not +necessarily run on a 16-bit pre-80386 processor. To write code that +runs on such a processor, you must refrain from using @emph{any} 32-bit +constructs which require @code{@value{AS}} to output address or operand +size prefixes. + +Note that writing 16-bit code instructions by explicitly specifying a +prefix or an instruction mnemonic suffix within a 32-bit code section +generates different machine instructions than those generated for a +16-bit code segment. In a 32-bit code section, the following code +generates the machine opcode bytes @samp{66 6a 04}, which pushes the +value @samp{4} onto the stack, decrementing @samp{%esp} by 2. + +@smallexample + pushw $4 +@end smallexample + +The same code in a 16-bit code section would generate the machine +opcode bytes @samp{6a 04} (ie. without the operand size prefix), which +is correct since the processor default operand size is assumed to be 16 +bits in a 16-bit code section. + +@node i386-Bugs +@section AT&T Syntax bugs + +The UnixWare assembler, and probably other AT&T derived ix86 Unix +assemblers, generate floating point instructions with reversed source +and destination registers in certain cases. Unfortunately, gcc and +possibly many other programs use this reversed syntax, so we're stuck +with it. + +For example + +@smallexample + fsub %st,%st(3) +@end smallexample +@noindent +results in @samp{%st(3)} being updated to @samp{%st - %st(3)} rather +than the expected @samp{%st(3) - %st}. This happens with all the +non-commutative arithmetic floating point operations with two register +operands where the source register is @samp{%st} and the destination +register is @samp{%st(i)}. + +@node i386-Notes +@section Notes + +@cindex i386 @code{mul}, @code{imul} instructions +@cindex @code{mul} instruction, i386 +@cindex @code{imul} instruction, i386 +There is some trickery concerning the @samp{mul} and @samp{imul} +instructions that deserves mention. The 16-, 32-, and 64-bit expanding +multiplies (base opcode @samp{0xf6}; extension 4 for @samp{mul} and 5 +for @samp{imul}) can be output only in the one operand form. Thus, +@samp{imul %ebx, %eax} does @emph{not} select the expanding multiply; +the expanding multiply would clobber the @samp{%edx} register, and this +would confuse @code{@value{GCC}} output. Use @samp{imul %ebx} to get the +64-bit product in @samp{%edx:%eax}. + +We have added a two operand form of @samp{imul} when the first operand +is an immediate mode expression and the second operand is a register. +This is just a shorthand, so that, multiplying @samp{%eax} by 69, for +example, can be done with @samp{imul $69, %eax} rather than @samp{imul +$69, %eax, %eax}. + |