lostecho/oldlinux-files
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
master
oldlinux-files/study/Ref-docs/manual Intel386/I386Manual/S03_05.HTM
gohigh f3774e2f8c add directory study
2024-02-19 00:25:23 -05:00

103 lines
18 KiB
HTML
Raw Permalink Blame History

<html><!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html>
<head>
<title>80386 Programmer's Reference Manual -- Section 3.5</title>
</head>
<body>
<b>up:</b> <a href="C03.HTM" tppabs="http://webster.cs.ucr.edu/Page_TechDocs/Doc386/C03.HTM">Chapter 3 -- Applications Instruction Set</a><br>
<b>prev:</b> <a href="S03_04.HTM" tppabs="http://webster.cs.ucr.edu/Page_TechDocs/Doc386/S03_04.HTM">3.4 Logical Instructions</a><br>
<b>next:</b> <a href="S03_06.HTM" tppabs="http://webster.cs.ucr.edu/Page_TechDocs/Doc386/S03_06.HTM">3.6 String and Character Translation Instructions</a>
<p>
<hr>
<p>
<h1>3.5 Control Transfer Instructions</h1>
The 80386 provides both conditional and unconditional control transfer instructions to direct the flow of execution. Conditional control transfers depend on the results of operations that affect the flag register. Unconditional control transfers are always executed.
<h2>3.5.1 Unconditional Transfer Instructions</h2>
<a href="JMP.HTM" tppabs="http://webster.cs.ucr.edu/Page_TechDocs/Doc386/JMP.HTM">JMP</a>, <a href="CALL.HTM" tppabs="http://webster.cs.ucr.edu/Page_TechDocs/Doc386/CALL.HTM">CALL</a>, <a href="RET.HTM" tppabs="http://webster.cs.ucr.edu/Page_TechDocs/Doc386/RET.HTM">RET</a>, <a href="INT.HTM" tppabs="http://webster.cs.ucr.edu/Page_TechDocs/Doc386/INT.HTM">INT</a> and <a href="IRET.HTM" tppabs="http://webster.cs.ucr.edu/Page_TechDocs/Doc386/IRET.HTM">IRET</a> instructions transfer control from one code segment location to another. These locations can be within the same code segment (near control transfers) or in different code segments (far control transfers). The variants of these instructions that transfer control to other segments are discussed in a later section of this chapter. If the model of memory organization used in a particular 80386 application does not make segments visible to applications programmers, intersegment control transfers will not be used.
<h3>3.5.1.1 Jump Instruction</h3>
<a href="JMP.HTM" tppabs="http://webster.cs.ucr.edu/Page_TechDocs/Doc386/JMP.HTM">JMP</a> (Jump) unconditionally transfers control to the target location. <a href="JMP.HTM" tppabs="http://webster.cs.ucr.edu/Page_TechDocs/Doc386/JMP.HTM">JMP</a> is a one-way transfer of execution; it does not save a return address on the stack.
<p>The <a href="JMP.HTM" tppabs="http://webster.cs.ucr.edu/Page_TechDocs/Doc386/JMP.HTM">JMP</a> instruction always performs the same basic function of transferring control from the current location to a new location. Its implementation varies depending on whether the address is specified directly within the instruction or indirectly through a register or memory.
<p>A direct <a href="JMP.HTM" tppabs="http://webster.cs.ucr.edu/Page_TechDocs/Doc386/JMP.HTM">JMP</a> instruction includes the destination address as part of the instruction. An indirect <a href="JMP.HTM" tppabs="http://webster.cs.ucr.edu/Page_TechDocs/Doc386/JMP.HTM">JMP</a> instruction obtains the destination address indirectly through a register or a pointer variable.
<p>Direct near <a href="JMP.HTM" tppabs="http://webster.cs.ucr.edu/Page_TechDocs/Doc386/JMP.HTM">JMP</a>. A direct <a href="JMP.HTM" tppabs="http://webster.cs.ucr.edu/Page_TechDocs/Doc386/JMP.HTM">JMP</a> uses a relative displacement value contained in the instruction. The displacement is signed and the size of the displacement may be a byte, word, or doubleword. The processor forms an effective address by adding this relative displacement to the address contained in EIP. When the additions have been performed, EIP refers to the next instruction to be executed.
<p>Indirect near <a href="JMP.HTM" tppabs="http://webster.cs.ucr.edu/Page_TechDocs/Doc386/JMP.HTM">JMP</a>. Indirect <a href="JMP.HTM" tppabs="http://webster.cs.ucr.edu/Page_TechDocs/Doc386/JMP.HTM">JMP</a> instructions specify an absolute address in one of several ways:
<ol>
<li>The program can <a href="JMP.HTM" tppabs="http://webster.cs.ucr.edu/Page_TechDocs/Doc386/JMP.HTM">JMP</a> to a location specified by a general register (any of EAX, EDX, ECX, EBX, EBP, ESI, or EDI). The processor moves this 32-bit value into EIP and resumes execution.
<li>The processor can obtain the destination address from a memory operand specified in the instruction.
<li>A register can modify the address of the memory pointer to select a destination address.
</ol>
<h3>3.5.1.2 Call Instruction</h3>
<a href="CALL.HTM" tppabs="http://webster.cs.ucr.edu/Page_TechDocs/Doc386/CALL.HTM">CALL</a> (Call Procedure) activates an out-of-line procedure, saving on the stack the address of the instruction following the <a href="CALL.HTM" tppabs="http://webster.cs.ucr.edu/Page_TechDocs/Doc386/CALL.HTM">CALL</a> for later use by a <a href="RET.HTM" tppabs="http://webster.cs.ucr.edu/Page_TechDocs/Doc386/RET.HTM">RET</a> (Return) instruction. <a href="CALL.HTM" tppabs="http://webster.cs.ucr.edu/Page_TechDocs/Doc386/CALL.HTM">CALL</a> places the current value of EIP on the stack. The <a href="RET.HTM" tppabs="http://webster.cs.ucr.edu/Page_TechDocs/Doc386/RET.HTM">RET</a> instruction in the called procedure uses this address to transfer control back to the calling program.
<p><a href="CALL.HTM" tppabs="http://webster.cs.ucr.edu/Page_TechDocs/Doc386/CALL.HTM">CALL</a> instructions, like <a href="JMP.HTM" tppabs="http://webster.cs.ucr.edu/Page_TechDocs/Doc386/JMP.HTM">JMP</a> instructions have relative, direct, and indirect versions.
<p>Indirect <a href="CALL.HTM" tppabs="http://webster.cs.ucr.edu/Page_TechDocs/Doc386/CALL.HTM">CALL</a> instructions specify an absolute address in one of these ways:
<ol>
<li>The program can <a href="CALL.HTM" tppabs="http://webster.cs.ucr.edu/Page_TechDocs/Doc386/CALL.HTM">CALL</a> a location specified by a general register (any of EAX, EDX, ECX, EBX, EBP, ESI, or EDI). The processor moves this 32-bit value into EIP.
<li>The processor can obtain the destination address from a memory operand specified in the instruction.
</ol>
<h3>3.5.1.3 Return and Return-From-Interrupt Instruction</h3>
<a href="RET.HTM" tppabs="http://webster.cs.ucr.edu/Page_TechDocs/Doc386/RET.HTM">RET</a> (Return From Procedure) terminates the execution of a procedure and transfers control through a back-link on the stack to the program that originally invoked the procedure. <a href="RET.HTM" tppabs="http://webster.cs.ucr.edu/Page_TechDocs/Doc386/RET.HTM">RET</a> restores the value of EIP that was saved on the stack by the previous <a href="CALL.HTM" tppabs="http://webster.cs.ucr.edu/Page_TechDocs/Doc386/CALL.HTM">CALL</a> instruction.
<p><a href="RET.HTM" tppabs="http://webster.cs.ucr.edu/Page_TechDocs/Doc386/RET.HTM">RET</a> instructions may optionally specify an immediate operand. By adding this constant to the new top-of-stack pointer, <a href="RET.HTM" tppabs="http://webster.cs.ucr.edu/Page_TechDocs/Doc386/RET.HTM">RET</a> effectively removes any arguments that the calling program pushed on the stack before the execution of the <a href="CALL.HTM" tppabs="http://webster.cs.ucr.edu/Page_TechDocs/Doc386/CALL.HTM">CALL</a> instruction.
<p><a href="IRET.HTM" tppabs="http://webster.cs.ucr.edu/Page_TechDocs/Doc386/IRET.HTM">IRET</a> (Return From Interrupt) returns control to an interrupted procedure. <a href="IRET.HTM" tppabs="http://webster.cs.ucr.edu/Page_TechDocs/Doc386/IRET.HTM">IRET</a> differs from <a href="RET.HTM" tppabs="http://webster.cs.ucr.edu/Page_TechDocs/Doc386/RET.HTM">RET</a> in that it also pops the flags from the stack into the flags register. The flags are stored on the stack by the interrupt mechanism.
<h2>3.5.2 Conditional Transfer Instructions</h2>
The conditional transfer instructions are jumps that may or may not transfer control, depending on the state of the CPU flags when the instruction executes.
<h3>3.5.2.1 Conditional Jump Instructions</h3>
Table 3-2 shows the conditional transfer mnemonics and their interpretations. The conditional jumps that are listed as pairs are actually the same instruction. The assembler provides the alternate mnemonics for greater clarity within a program listing.
<p>Conditional jump instructions contain a displacement which is added to the EIP register if the condition is true. The displacement may be a byte, a word, or a doubleword. The displacement is signed; therefore, it can be used to jump forward or backward.
<pre>
Table 3-2. Interpretation of Conditional Transfers
Unsigned Conditional Transfers
Mnemonic Condition Tested &quot;Jump If...&quot;
JA/JNBE (CF or ZF) = 0 above/not below nor equal
JAE/JNB CF = 0 above or equal/not below
JB/JNAE CF = 1 below/not above nor equal
JBE/JNA (CF or ZF) = 1 below or equal/not above
JC CF = 1 carry
JE/JZ ZF = 1 equal/zero
JNC CF = 0 not carry
JNE/JNZ ZF = 0 not equal/not zero
JNP/JPO PF = 0 not parity/parity odd
JP/JPE PF = 1 parity/parity even
Signed Conditional Transfers
Mnemonic Condition Tested &quot;Jump If...&quot;
JG/JNLE ((SF xor OF) or ZF) = 0 greater/not less nor equal
JGE/JNL (SF xor OF) = 0 greater or equal/not less
JL/JNGE (SF xor OF) = 1 less/not greater nor equal
JLE/JNG ((SF xor OF) or ZF) = 1 less or equal/not greater
JNO OF = 0 not overflow
JNS SF = 0 not sign (positive, including 0)
JO OF = 1 overflow
JS SF = 1 sign (negative)
</pre>
<h3>3.5.2.2 Loop Instructions</h3>
The loop instructions are conditional jumps that use a value placed in ECX to specify the number of repetitions of a software loop. All loop instructions automatically decrement ECX and terminate the loop when ECX=0. Four of the five loop instructions specify a condition involving ZF that terminates the loop before ECX reaches zero.
<p><a href="LOOP.HTM" tppabs="http://webster.cs.ucr.edu/Page_TechDocs/Doc386/LOOP.HTM">LOOP</a> (Loop While ECX Not Zero) is a conditional transfer that automatically decrements the ECX register before testing ECX for the branch condition. If ECX is non-zero, the program branches to the target label specified in the instruction. The <a href="LOOP.HTM" tppabs="http://webster.cs.ucr.edu/Page_TechDocs/Doc386/LOOP.HTM">LOOP</a> instruction causes the repetition of a code section until the operation of the <a href="LOOP.HTM" tppabs="http://webster.cs.ucr.edu/Page_TechDocs/Doc386/LOOP.HTM">LOOP</a> instruction decrements ECX to a value of zero. If <a href="LOOP.HTM" tppabs="http://webster.cs.ucr.edu/Page_TechDocs/Doc386/LOOP.HTM">LOOP</a> finds ECX=0, control transfers to the instruction immediately following the <a href="LOOP.HTM" tppabs="http://webster.cs.ucr.edu/Page_TechDocs/Doc386/LOOP.HTM">LOOP</a> instruction. If the value of ECX is initially zero, then the <a href="LOOP.HTM" tppabs="http://webster.cs.ucr.edu/Page_TechDocs/Doc386/LOOP.HTM">LOOP</a> executes 2^(32) times.
<p><a href="LOOP.HTM" tppabs="http://webster.cs.ucr.edu/Page_TechDocs/Doc386/LOOP.HTM">LOOPE</a> (Loop While Equal) and <a href="LOOP.HTM" tppabs="http://webster.cs.ucr.edu/Page_TechDocs/Doc386/LOOP.HTM">LOOPZ</a> (Loop While Zero) are synonyms for the same instruction. These instructions automatically decrement the ECX register before testing ECX and ZF for the branch conditions. If ECX is non-zero and ZF=1, the program branches to the target label specified in the instruction. If <a href="LOOP.HTM" tppabs="http://webster.cs.ucr.edu/Page_TechDocs/Doc386/LOOP.HTM">LOOPE</a> or <a href="LOOP.HTM" tppabs="http://webster.cs.ucr.edu/Page_TechDocs/Doc386/LOOP.HTM">LOOPZ</a> finds that ECX=0 or ZF=0, control transfers to the instruction immediately following the <a href="LOOP.HTM" tppabs="http://webster.cs.ucr.edu/Page_TechDocs/Doc386/LOOP.HTM">LOOPE</a> or <a href="LOOP.HTM" tppabs="http://webster.cs.ucr.edu/Page_TechDocs/Doc386/LOOP.HTM">LOOPZ</a> instruction.
<p><a href="LOOP.HTM" tppabs="http://webster.cs.ucr.edu/Page_TechDocs/Doc386/LOOP.HTM">LOOPNE</a> (Loop While Not Equal) and <a href="LOOP.HTM" tppabs="http://webster.cs.ucr.edu/Page_TechDocs/Doc386/LOOP.HTM">LOOPNZ</a> (Loop While Not Zero) are synonyms for the same instruction. These instructions automatically decrement the ECX register before testing ECX and ZF for the branch conditions. If ECX is non-zero and ZF=0, the program branches to the target label specified in the instruction. If <a href="LOOP.HTM" tppabs="http://webster.cs.ucr.edu/Page_TechDocs/Doc386/LOOP.HTM">LOOPNE</a> or <a href="LOOP.HTM" tppabs="http://webster.cs.ucr.edu/Page_TechDocs/Doc386/LOOP.HTM">LOOPNZ</a> finds that ECX=0 or ZF=1, control transfers to the instruction immediately following the <a href="LOOP.HTM" tppabs="http://webster.cs.ucr.edu/Page_TechDocs/Doc386/LOOP.HTM">LOOPNE</a> or <a href="LOOP.HTM" tppabs="http://webster.cs.ucr.edu/Page_TechDocs/Doc386/LOOP.HTM">LOOPNZ</a> instruction.
<h3>3.5.2.3 Executing a Loop or Repeat Zero Times</h3>
<a href="JCC.HTM" tppabs="http://webster.cs.ucr.edu/Page_TechDocs/Doc386/JCC.HTM">JCXZ</a> (Jump if ECX Zero) branches to the label specified in the instruction if it finds a value of zero in ECX. <a href="JCC.HTM" tppabs="http://webster.cs.ucr.edu/Page_TechDocs/Doc386/JCC.HTM">JCXZ</a> is useful in combination with the <a href="LOOP.HTM" tppabs="http://webster.cs.ucr.edu/Page_TechDocs/Doc386/LOOP.HTM">LOOP</a> instruction and with the string scan and compare instructions, all of which decrement ECX. Sometimes, it is desirable to design a loop that executes zero times if the count variable in ECX is initialized to zero. Because the <a href="LOOP.HTM" tppabs="http://webster.cs.ucr.edu/Page_TechDocs/Doc386/LOOP.HTM">LOOP</a> instructions (and repeat prefixes) decrement ECX before they test it, a loop will execute 2^(32) times if the program enters the loop with a zero value in ECX. A programmer may conveniently overcome this problem with <a href="JCC.HTM" tppabs="http://webster.cs.ucr.edu/Page_TechDocs/Doc386/JCC.HTM">JCXZ</a>, which enables the program to branch around the code within the loop if ECX is zero when <a href="JCC.HTM" tppabs="http://webster.cs.ucr.edu/Page_TechDocs/Doc386/JCC.HTM">JCXZ</a> executes. When used with repeated string scan and compare instructions, <a href="JCC.HTM" tppabs="http://webster.cs.ucr.edu/Page_TechDocs/Doc386/JCC.HTM">JCXZ</a> can determine whether the repetitions terminated due to zero in ECX or due to satisfaction of the scan or compare conditions.
<h2>3.5.3 Software-Generated Interrupts</h2>
The <a href="INT.HTM" tppabs="http://webster.cs.ucr.edu/Page_TechDocs/Doc386/INT.HTM">INT n</a>, <a href="INT.HTM" tppabs="http://webster.cs.ucr.edu/Page_TechDocs/Doc386/INT.HTM" into<></a>, and <a href="BOUND.HTM" tppabs="http://webster.cs.ucr.edu/Page_TechDocs/Doc386/BOUND.HTM">BOUND</a> instructions allow the programmer to specify a transfer to an interrupt service routine from within a program.
<p><a href="INT.HTM" tppabs="http://webster.cs.ucr.edu/Page_TechDocs/Doc386/INT.HTM">INT n</a> (Software Interrupt) activates the interrupt service routine that corresponds to the number coded within the instruction. The <a href="INT.HTM" tppabs="http://webster.cs.ucr.edu/Page_TechDocs/Doc386/INT.HTM">INT</a> instruction may specify any interrupt type. Programmers may use this flexibility to implement multiple types of internal interrupts or to test the operation of interrupt service routines. (Interrupts 0-31 are reserved by Intel.) The interrupt service routine terminates with an <a href="IRET.HTM" tppabs="http://webster.cs.ucr.edu/Page_TechDocs/Doc386/IRET.HTM">IRET</a> instruction that returns control to the instruction that follows <a href="INT.HTM" tppabs="http://webster.cs.ucr.edu/Page_TechDocs/Doc386/INT.HTM">INT n</a>.
<p><a href="INT.HTM" tppabs="http://webster.cs.ucr.edu/Page_TechDocs/Doc386/INT.HTM">INTO</a> (Interrupt on Overflow) invokes interrupt 4 if OF is set. Interrupt 4 is reserved for this purpose. OF is set by several arithmetic, logical, and string instructions.
<p><a href="BOUND.HTM" tppabs="http://webster.cs.ucr.edu/Page_TechDocs/Doc386/BOUND.HTM">BOUND</a> (Detect Value Out of Range) verifies that the signed value contained in the specified register lies within specified limits. An interrupt (<a href="INT.HTM" tppabs="http://webster.cs.ucr.edu/Page_TechDocs/Doc386/INT.HTM">INT</a> 5) occurs if the value contained in the register is less than the lower bound or greater than the upper bound.
<p>The <a href="BOUND.HTM" tppabs="http://webster.cs.ucr.edu/Page_TechDocs/Doc386/BOUND.HTM">BOUND</a> instruction includes two operands. The first operand specifies the register being tested. The second operand contains the effective relative address of the two signed <a href="BOUND.HTM" tppabs="http://webster.cs.ucr.edu/Page_TechDocs/Doc386/BOUND.HTM">BOUND</a> limit values. The <a href="BOUND.HTM" tppabs="http://webster.cs.ucr.edu/Page_TechDocs/Doc386/BOUND.HTM">BOUND</a> instruction assumes that the upper limit and lower limit are in adjacent memory locations. These limit values cannot be register operands; if they are, an invalid opcode exception occurs.
<p><a href="BOUND.HTM" tppabs="http://webster.cs.ucr.edu/Page_TechDocs/Doc386/BOUND.HTM">BOUND</a> is useful for checking array bounds before using a new index value to access an element within the array. <a href="BOUND.HTM" tppabs="http://webster.cs.ucr.edu/Page_TechDocs/Doc386/BOUND.HTM">BOUND</a> provides a simple way to check the value of an index register before the program overwrites information in a location beyond the limit of the array.
<p>The block of memory that specifies the lower and upper limits of an array might typically reside just before the array itself. This makes the array bounds accessible at a constant offset from the beginning of the array. Because the address of the array will already be present in a register, this practice avoids extra calculations to obtain the effective address of the array bounds.
<p>The upper and lower limit values may each be a word or a doubleword.
<p>
<hr>
<p><b>up:</b> <a href="C03.HTM" tppabs="http://webster.cs.ucr.edu/Page_TechDocs/Doc386/C03.HTM">Chapter 3 -- Applications Instruction Set</a><br>
<b>prev:</b> <a href="S03_04.HTM" tppabs="http://webster.cs.ucr.edu/Page_TechDocs/Doc386/S03_04.HTM">3.4 Logical Instructions</a><br>
<b>next:</b> <a href="S03_06.HTM" tppabs="http://webster.cs.ucr.edu/Page_TechDocs/Doc386/S03_06.HTM">3.6 String and Character Translation Instructions</a>
</body>
Reference in New Issue View Git Blame Copy Permalink