Intel X86 architecture
The Pentium i-386 is a 32-bit CISC (Complex Instruction computer) processor, but the aplha is based on Risc (short instruction computer ).CodeBut the principles are similar.
The processor has many General registers. Registers are storage locations that are of special use in the microprocessor itself. Access registers are much faster than accessing other types of memory. Some registers are common, while others are of special use.
General registers are used to store the values used for calculation and internal calculation results. In general, the registers manipulate byte, word, or DWORD.
The flag register is only used to manipulate the bit. Any instruction affects the flag register based on the calculation result. For example, after a subtraction operation, if the result is 0, zero flag will be set. If it is not 0, its value will be cleared.
An assembly instruction can have 0, 1, and 2 operands. The operand can be an immediate number, a value in the register, or a pointer to an address in the memory. Generally, the Intel assembly language syntax is as follows:
Prefix instruction [operand 1], [operand 2]; Comment
Where
Prefix |
-An address label or instruction Modifier |
Prefix. ID address or operation Modifier |
Instruction |
-Instruction being executed |
Command name |
Operand 1 |
-Typically the destination operand, but it can be the source operand (one argument instruction), or it can be both the source and destination operands (INC instruction) |
Operand 1. In general, this operand is the destination operand. |
Operand 2 |
-Source operand for two argument instructions |
Operand 2 |
Therefore, for the mov eax, [12345678] command, the source operand is in address 12345678, And the destination operand is the eax register. This command will drop the value stored in 12345678 and copy it to the eax register.
Intel CPU registers
The intel386 and later processors contain a series of 32-bit registers. The i386 Family of processors are considered non-orthogonal, meaning that registers and instruction sets cannot be completely exchanged. That is to say, some commands can only be used in specific registers. For example, the in and out commands are hardware-fixed and can only be used in the eax registers. ECx is used for cyclic counters, and EDI and ESI are used for index commands and string commands. The addressing mode can only be used in specific registers.
The i-386 family has six General registers, eax, EBX, ECx, EDX, EDI, ESI. each register starts with the letter E, indicating extended, which means to extend to 32 bits, not sixteen bits.
Usage
Al |
Lower 8 bits of the eax register |
Eax's eight-bit low |
Ah |
High Order byte of lower order word of the eax register |
Eax's 8-bit high |
Ax |
Lower 16 bits of the eax register |
The lowest 16 bits of eax |
Eax |
The full 32 bits of the Register |
Entire eax register |
EBX and ECx are the same as edX.
Note that ESI and EDI cannot be used at the byte level.
Register Type
General registers
1. eax is used as a accumulator. It is the most used in registers and is used to save the results of many commands. Generally, compiled code only uses the eax register to store the return value.
2. ECx is used as a counter.
3. EBX and EDX are General registers and are generally used as pointers for memory addressing, arithmetic operations, logical operation operations, and operation results of commands. Eax and ECx can also be used like EBX and EDX.
Index register
EDI and ESI are General registers dedicated for indexing. String operations use EDI as the destination pointer and ESI as the source pointer. Therefore, if you want to copy a piece of memory from one place to another, ESI should be used as the source block and EDI as the target block. ECx should load the number of bytes to be copied. The direction flag will be set to increase or decrease, and then the rep movs command will copy the bytes.
Stack register
ESP and EBP are mainly used to manipulate the control station. ESP is the top pointer of the stack and is used to point to the top position of the current stack. The EBP register is used to point to the stack frame, that is, the bottom of the stack, for a given routine (function. At the routine (function) entry, the EBP register is usually first stored on the stack (the EBP is pressed to the stack), and then set EBP to the top pointer (ESP) of the current stack ). EBP is used to reference parameters or local variables. Local variables can be referenced by EBP, [EBP-4], [EBP-8] and so on. Parameters can also be obtained through EBP, for example, [EBP + 8]. Generally, local variables are in the Negative displacement of EBP, while function parameters are in the positive displacement of EBP.
Note that ESP points to the address with a value in the stack, that is, esp points to the valid byte at the top of the stack. Let's explain it in combination with the stack operation. The operations in the following table are equivalent.
Push 0x1234 h; ESP <-ESP-4; reduces the position of the stack pointer
SS: [esp] <-0x1234 h; copy the operand to the top of the stack.
The following code is of reference value.
Void someprocedure (INT anargument) {int avariable; avariable = anargument;} someprocedure: Push EBP; save original value of EBP on Stack mov EBP, esp; store top of stack address in EBP sub ESP, 4; Allocate space for avariable on Stack mov eax, [EBP + 8]; fetch anargument into eax, Which is; 8 bytes below the stored top of stack mov [EBP-4], eax; store eax into avariable, Which is; 4 bytes abve the stored top of stack mov ESP, EBP; free space allocated for avariable pop EBP; restore original value of EBP ret; return to the caller
Flag register
It consists of a series of individual BIT. Many Commands modify these binary bits to describe the results of the command. These flags can be used by conditional jump JMP statements.
For more information, see the table below.
| Intel x86 flags register | |||
|---|---|---|---|
| Bit # | Abbreviation | Description | Category[1] |
| Flags | |||
| 0 | Cf | Carry flag | S |
| 1 | 1 | Reserved | |
| 2 | PF | Parity flag | S |
| 3 | 0 | Reserved | |
| 4 | AF | Adjust flag | S |
| 5 | 0 | Reserved | |
| 6 | ZF | Zero flag | S |
| 7 | SF | Sign flag | S |
| 8 | TF | Trap flag (single step) | X |
| 9 | If | Interrupt enable flag | X |
| 10 | DF | Direction Flag | C |
| 11 | Of | Overflow flag | S |
| 12, 13 | Iopl | I/O privilege level (286 + only) | X |
| 14 | NT | Nested task flag (286 + only) | X |
| 15 | 0 | Reserved | |
| Eflags | |||
| 16 | RF | Resume flag (386 + only) | X |
| 17 | VM | Virtual 8086 mode flag (386 + only) | X |
| 18 | AC | Alignment check (486sx + only) | X |
| 19 | VIF | Virtual interrupt flag (Pentium +) | X |
| 20 | VIP | Virtual interrupt pending (Pentium +) | X |
| 21 | ID | Identification (Pentium +) | X |
| 22 | 0 | Reserved | |
| 23 | 0 | Reserved | |
| 24 | 0 | Reserved | |
| 25 | 0 | Reserved | |
| 26 | 0 | Reserved | |
| 27 | 0 | Reserved | |
| 28 | 0 | Reserved | |
| 29 | 0 | Reserved | |
| 30 | 0 | Reserved | |
| 31 | 0 | Reserved | |
| Rflags | |||
| 32-63 | 0 | Reserved | |
Table note:
S: Status flag
C: Control flag
X: System flag
Special destination register
The EIP is the instruction pointer that points to the next instruction to be executed. The EIP is changed by the command ret, reti, JMP, call, and Int. This register may be the most important register in the CPU, because it guides the CPU to execute the next instruction.
Segment register
In 32-bit systems, segment registers are generally not modified or explicitly used. Win32 uses the flat memory addressing mode. For this reason, seeArticleThe description in "memory arrangement for Windows" in "one of Windows backgrounds.
Additional registers
There are some other registers in the Intel family, but they are not suitable for user-state debugging. A simple list of them is as follows:
Protected Mode registers
Control registers
Debug and test registers
Floating Point Unit register set
MMX registers
SIMD floating point registers
Exercise:
1. What are the main functions of the eax register?
A: eax is used as a accumulator. It is the most used in registers and is used to save the results of many commands. Generally, compiled code only uses the eax register to store the return value.
2. What are the main functions of ECx registers?
A: Counter
Tips for helping with memory
| Register | Full name | Description |
| Eax | Extended accumulator x | Accumulate registers. A Indicates Accumulator |
| ECX | Extended counting x | Count register. C stands for counting |
| EDI | Extended destination Indexing | The destination index register. D Indicates destnation, And I indicates indexing. |
| ESI | Extended source Indexing | Source index register. S stands for source, and I stands for indexing. |
| ESP | Extended Stack pointer | Stack pointer register. S stands for Stack |
| EBP | Extended (stack) base pointer | Stack base pointer register. B stands for base |
| EIP | Extended instructions pointer | Command register. I stands for instruction |
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
