| @c Copyright (C) 1991-2016 Free Software Foundation, Inc. |
| @c This is part of the GAS manual. |
| @c For copying conditions, see the file as.texinfo. |
| @c man end |
| |
| @ifset GENERIC |
| @page |
| @node i386-Dependent |
| @chapter 80386 Dependent Features |
| @end ifset |
| @ifclear GENERIC |
| @node Machine Dependencies |
| @chapter 80386 Dependent Features |
| @end ifclear |
| |
| @cindex i386 support |
| @cindex i80386 support |
| @cindex x86-64 support |
| |
| The i386 version @code{@value{AS}} supports both the original Intel 386 |
| architecture in both 16 and 32-bit mode as well as AMD x86-64 architecture |
| extending the Intel architecture to 64-bits. |
| |
| @menu |
| * i386-Options:: Options |
| * i386-Directives:: X86 specific directives |
| * i386-Syntax:: Syntactical considerations |
| * i386-Mnemonics:: Instruction Naming |
| * i386-Regs:: Register Naming |
| * i386-Prefixes:: Instruction Prefixes |
| * i386-Memory:: Memory References |
| * i386-Jumps:: Handling of Jump Instructions |
| * i386-Float:: Floating Point |
| * i386-SIMD:: Intel's MMX and AMD's 3DNow! SIMD Operations |
| * i386-LWP:: AMD's Lightweight Profiling Instructions |
| * i386-BMI:: Bit Manipulation Instruction |
| * i386-TBM:: AMD's Trailing Bit Manipulation Instructions |
| * i386-16bit:: Writing 16-bit Code |
| * i386-Arch:: Specifying an x86 CPU architecture |
| * i386-Bugs:: AT&T Syntax bugs |
| * i386-Notes:: Notes |
| @end menu |
| |
| @node i386-Options |
| @section Options |
| |
| @cindex options for i386 |
| @cindex options for x86-64 |
| @cindex i386 options |
| @cindex x86-64 options |
| |
| The i386 version of @code{@value{AS}} has a few machine |
| dependent options: |
| |
| @c man begin OPTIONS |
| @table @gcctabopt |
| @cindex @samp{--32} option, i386 |
| @cindex @samp{--32} option, x86-64 |
| @cindex @samp{--x32} option, i386 |
| @cindex @samp{--x32} option, x86-64 |
| @cindex @samp{--64} option, i386 |
| @cindex @samp{--64} option, x86-64 |
| @item --32 | --x32 | --64 |
| Select the word size, either 32 bits or 64 bits. @samp{--32} |
| implies Intel i386 architecture, while @samp{--x32} and @samp{--64} |
| imply AMD x86-64 architecture with 32-bit or 64-bit word-size |
| respectively. |
| |
| These options are only available with the ELF object file format, and |
| require that the necessary BFD support has been included (on a 32-bit |
| platform you have to add --enable-64-bit-bfd to configure enable 64-bit |
| usage and use x86-64 as target platform). |
| |
| @item -n |
| By default, x86 GAS replaces multiple nop instructions used for |
| alignment within code sections with multi-byte nop instructions such |
| as leal 0(%esi,1),%esi. This switch disables the optimization. |
| |
| @cindex @samp{--divide} option, i386 |
| @item --divide |
| On SVR4-derived platforms, the character @samp{/} is treated as a comment |
| character, which means that it cannot be used in expressions. The |
| @samp{--divide} option turns @samp{/} into a normal character. This does |
| not disable @samp{/} at the beginning of a line starting a comment, or |
| affect using @samp{#} for starting a comment. |
| |
| @cindex @samp{-march=} option, i386 |
| @cindex @samp{-march=} option, x86-64 |
| @item -march=@var{CPU}[+@var{EXTENSION}@dots{}] |
| This option specifies the target processor. The assembler will |
| issue an error message if an attempt is made to assemble an instruction |
| which will not execute on the target processor. The following |
| processor names are recognized: |
| @code{i8086}, |
| @code{i186}, |
| @code{i286}, |
| @code{i386}, |
| @code{i486}, |
| @code{i586}, |
| @code{i686}, |
| @code{pentium}, |
| @code{pentiumpro}, |
| @code{pentiumii}, |
| @code{pentiumiii}, |
| @code{pentium4}, |
| @code{prescott}, |
| @code{nocona}, |
| @code{core}, |
| @code{core2}, |
| @code{corei7}, |
| @code{l1om}, |
| @code{k1om}, |
| @code{iamcu}, |
| @code{k6}, |
| @code{k6_2}, |
| @code{athlon}, |
| @code{opteron}, |
| @code{k8}, |
| @code{amdfam10}, |
| @code{bdver1}, |
| @code{bdver2}, |
| @code{bdver3}, |
| @code{bdver4}, |
| @code{znver1}, |
| @code{btver1}, |
| @code{btver2}, |
| @code{generic32} and |
| @code{generic64}. |
| |
| In addition to the basic instruction set, the assembler can be told to |
| accept various extension mnemonics. For example, |
| @code{-march=i686+sse4+vmx} extends @var{i686} with @var{sse4} and |
| @var{vmx}. The following extensions are currently supported: |
| @code{8087}, |
| @code{287}, |
| @code{387}, |
| @code{687}, |
| @code{no87}, |
| @code{no287}, |
| @code{no387}, |
| @code{no687}, |
| @code{mmx}, |
| @code{nommx}, |
| @code{sse}, |
| @code{sse2}, |
| @code{sse3}, |
| @code{ssse3}, |
| @code{sse4.1}, |
| @code{sse4.2}, |
| @code{sse4}, |
| @code{nosse}, |
| @code{nosse2}, |
| @code{nosse3}, |
| @code{nossse3}, |
| @code{nosse4.1}, |
| @code{nosse4.2}, |
| @code{nosse4}, |
| @code{avx}, |
| @code{avx2}, |
| @code{noavx}, |
| @code{noavx2}, |
| @code{adx}, |
| @code{rdseed}, |
| @code{prfchw}, |
| @code{smap}, |
| @code{mpx}, |
| @code{sha}, |
| @code{rdpid}, |
| @code{prefetchwt1}, |
| @code{clflushopt}, |
| @code{se1}, |
| @code{clwb}, |
| @code{pcommit}, |
| @code{avx512f}, |
| @code{avx512cd}, |
| @code{avx512er}, |
| @code{avx512pf}, |
| @code{avx512vl}, |
| @code{avx512bw}, |
| @code{avx512dq}, |
| @code{avx512ifma}, |
| @code{avx512vbmi}, |
| @code{noavx512f}, |
| @code{noavx512cd}, |
| @code{noavx512er}, |
| @code{noavx512pf}, |
| @code{noavx512vl}, |
| @code{noavx512bw}, |
| @code{noavx512dq}, |
| @code{noavx512ifma}, |
| @code{noavx512vbmi}, |
| @code{vmx}, |
| @code{vmfunc}, |
| @code{smx}, |
| @code{xsave}, |
| @code{xsaveopt}, |
| @code{xsavec}, |
| @code{xsaves}, |
| @code{aes}, |
| @code{pclmul}, |
| @code{fsgsbase}, |
| @code{rdrnd}, |
| @code{f16c}, |
| @code{bmi2}, |
| @code{fma}, |
| @code{movbe}, |
| @code{ept}, |
| @code{lzcnt}, |
| @code{hle}, |
| @code{rtm}, |
| @code{invpcid}, |
| @code{clflush}, |
| @code{mwaitx}, |
| @code{clzero}, |
| @code{lwp}, |
| @code{fma4}, |
| @code{xop}, |
| @code{cx16}, |
| @code{syscall}, |
| @code{rdtscp}, |
| @code{3dnow}, |
| @code{3dnowa}, |
| @code{sse4a}, |
| @code{sse5}, |
| @code{svme}, |
| @code{abm} and |
| @code{padlock}. |
| Note that rather than extending a basic instruction set, the extension |
| mnemonics starting with @code{no} revoke the respective functionality. |
| |
| When the @code{.arch} directive is used with @option{-march}, the |
| @code{.arch} directive will take precedent. |
| |
| @cindex @samp{-mtune=} option, i386 |
| @cindex @samp{-mtune=} option, x86-64 |
| @item -mtune=@var{CPU} |
| This option specifies a processor to optimize for. When used in |
| conjunction with the @option{-march} option, only instructions |
| of the processor specified by the @option{-march} option will be |
| generated. |
| |
| Valid @var{CPU} values are identical to the processor list of |
| @option{-march=@var{CPU}}. |
| |
| @cindex @samp{-msse2avx} option, i386 |
| @cindex @samp{-msse2avx} option, x86-64 |
| @item -msse2avx |
| This option specifies that the assembler should encode SSE instructions |
| with VEX prefix. |
| |
| @cindex @samp{-msse-check=} option, i386 |
| @cindex @samp{-msse-check=} option, x86-64 |
| @item -msse-check=@var{none} |
| @itemx -msse-check=@var{warning} |
| @itemx -msse-check=@var{error} |
| These options control if the assembler should check SSE instructions. |
| @option{-msse-check=@var{none}} will make the assembler not to check SSE |
| instructions, which is the default. @option{-msse-check=@var{warning}} |
| will make the assembler issue a warning for any SSE instruction. |
| @option{-msse-check=@var{error}} will make the assembler issue an error |
| for any SSE instruction. |
| |
| @cindex @samp{-mavxscalar=} option, i386 |
| @cindex @samp{-mavxscalar=} option, x86-64 |
| @item -mavxscalar=@var{128} |
| @itemx -mavxscalar=@var{256} |
| These options control how the assembler should encode scalar AVX |
| instructions. @option{-mavxscalar=@var{128}} will encode scalar |
| AVX instructions with 128bit vector length, which is the default. |
| @option{-mavxscalar=@var{256}} will encode scalar AVX instructions |
| with 256bit vector length. |
| |
| @cindex @samp{-mevexlig=} option, i386 |
| @cindex @samp{-mevexlig=} option, x86-64 |
| @item -mevexlig=@var{128} |
| @itemx -mevexlig=@var{256} |
| @itemx -mevexlig=@var{512} |
| These options control how the assembler should encode length-ignored |
| (LIG) EVEX instructions. @option{-mevexlig=@var{128}} will encode LIG |
| EVEX instructions with 128bit vector length, which is the default. |
| @option{-mevexlig=@var{256}} and @option{-mevexlig=@var{512}} will |
| encode LIG EVEX instructions with 256bit and 512bit vector length, |
| respectively. |
| |
| @cindex @samp{-mevexwig=} option, i386 |
| @cindex @samp{-mevexwig=} option, x86-64 |
| @item -mevexwig=@var{0} |
| @itemx -mevexwig=@var{1} |
| These options control how the assembler should encode w-ignored (WIG) |
| EVEX instructions. @option{-mevexwig=@var{0}} will encode WIG |
| EVEX instructions with evex.w = 0, which is the default. |
| @option{-mevexwig=@var{1}} will encode WIG EVEX instructions with |
| evex.w = 1. |
| |
| @cindex @samp{-mmnemonic=} option, i386 |
| @cindex @samp{-mmnemonic=} option, x86-64 |
| @item -mmnemonic=@var{att} |
| @itemx -mmnemonic=@var{intel} |
| This option specifies instruction mnemonic for matching instructions. |
| The @code{.att_mnemonic} and @code{.intel_mnemonic} directives will |
| take precedent. |
| |
| @cindex @samp{-msyntax=} option, i386 |
| @cindex @samp{-msyntax=} option, x86-64 |
| @item -msyntax=@var{att} |
| @itemx -msyntax=@var{intel} |
| This option specifies instruction syntax when processing instructions. |
| The @code{.att_syntax} and @code{.intel_syntax} directives will |
| take precedent. |
| |
| @cindex @samp{-mnaked-reg} option, i386 |
| @cindex @samp{-mnaked-reg} option, x86-64 |
| @item -mnaked-reg |
| This opetion specifies that registers don't require a @samp{%} prefix. |
| The @code{.att_syntax} and @code{.intel_syntax} directives will take precedent. |
| |
| @cindex @samp{-madd-bnd-prefix} option, i386 |
| @cindex @samp{-madd-bnd-prefix} option, x86-64 |
| @item -madd-bnd-prefix |
| This option forces the assembler to add BND prefix to all branches, even |
| if such prefix was not explicitly specified in the source code. |
| |
| @cindex @samp{-mshared} option, i386 |
| @cindex @samp{-mshared} option, x86-64 |
| @item -mno-shared |
| On ELF target, the assembler normally optimizes out non-PLT relocations |
| against defined non-weak global branch targets with default visibility. |
| The @samp{-mshared} option tells the assembler to generate code which |
| may go into a shared library where all non-weak global branch targets |
| with default visibility can be preempted. The resulting code is |
| slightly bigger. This option only affects the handling of branch |
| instructions. |
| |
| @cindex @samp{-mbig-obj} option, x86-64 |
| @item -mbig-obj |
| On x86-64 PE/COFF target this option forces the use of big object file |
| format, which allows more than 32768 sections. |
| |
| @cindex @samp{-momit-lock-prefix=} option, i386 |
| @cindex @samp{-momit-lock-prefix=} option, x86-64 |
| @item -momit-lock-prefix=@var{no} |
| @itemx -momit-lock-prefix=@var{yes} |
| These options control how the assembler should encode lock prefix. |
| This option is intended as a workaround for processors, that fail on |
| lock prefix. This option can only be safely used with single-core, |
| single-thread computers |
| @option{-momit-lock-prefix=@var{yes}} will omit all lock prefixes. |
| @option{-momit-lock-prefix=@var{no}} will encode lock prefix as usual, |
| which is the default. |
| |
| @cindex @samp{-mfence-as-lock-add=} option, i386 |
| @cindex @samp{-mfence-as-lock-add=} option, x86-64 |
| @item -mfence-as-lock-add=@var{no} |
| @itemx -mfence-as-lock-add=@var{yes} |
| These options control how the assembler should encode lfence, mfence and |
| sfence. |
| @option{-mfence-as-lock-add=@var{yes}} will encode lfence, mfence and |
| sfence as @samp{lock addl $0x0, (%rsp)} in 64-bit mode and |
| @samp{lock addl $0x0, (%esp)} in 32-bit mode. |
| @option{-mfence-as-lock-add=@var{no}} will encode lfence, mfence and |
| sfence as usual, which is the default. |
| |
| @cindex @samp{-mrelax-relocations=} option, i386 |
| @cindex @samp{-mrelax-relocations=} option, x86-64 |
| @item -mrelax-relocations=@var{no} |
| @itemx -mrelax-relocations=@var{yes} |
| These options control whether the assembler should generate relax |
| relocations, R_386_GOT32X, in 32-bit mode, or R_X86_64_GOTPCRELX and |
| R_X86_64_REX_GOTPCRELX, in 64-bit mode. |
| @option{-mrelax-relocations=@var{yes}} will generate relax relocations. |
| @option{-mrelax-relocations=@var{no}} will not generate relax |
| relocations. The default can be controlled by a configure option |
| @option{--enable-x86-relax-relocations}. |
| |
| @cindex @samp{-mevexrcig=} option, i386 |
| @cindex @samp{-mevexrcig=} option, x86-64 |
| @item -mevexrcig=@var{rne} |
| @itemx -mevexrcig=@var{rd} |
| @itemx -mevexrcig=@var{ru} |
| @itemx -mevexrcig=@var{rz} |
| These options control how the assembler should encode SAE-only |
| EVEX instructions. @option{-mevexrcig=@var{rne}} will encode RC bits |
| of EVEX instruction with 00, which is the default. |
| @option{-mevexrcig=@var{rd}}, @option{-mevexrcig=@var{ru}} |
| and @option{-mevexrcig=@var{rz}} will encode SAE-only EVEX instructions |
| with 01, 10 and 11 RC bits, respectively. |
| |
| @cindex @samp{-mamd64} option, x86-64 |
| @cindex @samp{-mintel64} option, x86-64 |
| @item -mamd64 |
| @itemx -mintel64 |
| This option specifies that the assembler should accept only AMD64 or |
| Intel64 ISA in 64-bit mode. The default is to accept both. |
| |
| @end table |
| @c man end |
| |
| @node i386-Directives |
| @section x86 specific Directives |
| |
| @cindex machine directives, x86 |
| @cindex x86 machine directives |
| @table @code |
| |
| @cindex @code{lcomm} directive, COFF |
| @item .lcomm @var{symbol} , @var{length}[, @var{alignment}] |
| Reserve @var{length} (an absolute expression) bytes for a local common |
| denoted by @var{symbol}. The section and value of @var{symbol} are |
| those of the new local common. The addresses are allocated in the bss |
| section, so that at run-time the bytes start off zeroed. Since |
| @var{symbol} is not declared global, it is normally not visible to |
| @code{@value{LD}}. The optional third parameter, @var{alignment}, |
| specifies the desired alignment of the symbol in the bss section. |
| |
| This directive is only available for COFF based x86 targets. |
| |
| @c FIXME: Document other x86 specific directives ? Eg: .code16gcc, |
| @c .largecomm |
| |
| @end table |
| |
| @node i386-Syntax |
| @section i386 Syntactical Considerations |
| @menu |
| * i386-Variations:: AT&T Syntax versus Intel Syntax |
| * i386-Chars:: Special Characters |
| @end menu |
| |
| @node i386-Variations |
| @subsection AT&T Syntax versus Intel Syntax |
| |
| @cindex i386 intel_syntax pseudo op |
| @cindex intel_syntax pseudo op, i386 |
| @cindex i386 att_syntax pseudo op |
| @cindex att_syntax pseudo op, i386 |
| @cindex i386 syntax compatibility |
| @cindex syntax compatibility, i386 |
| @cindex x86-64 intel_syntax pseudo op |
| @cindex intel_syntax pseudo op, x86-64 |
| @cindex x86-64 att_syntax pseudo op |
| @cindex att_syntax pseudo op, x86-64 |
| @cindex x86-64 syntax compatibility |
| @cindex syntax compatibility, x86-64 |
| |
| @code{@value{AS}} now supports assembly using Intel assembler syntax. |
| @code{.intel_syntax} selects Intel mode, and @code{.att_syntax} switches |
| back to the usual AT&T mode for compatibility with the output of |
| @code{@value{GCC}}. Either of these directives may have an optional |
| argument, @code{prefix}, or @code{noprefix} specifying whether registers |
| require a @samp{%} prefix. AT&T System V/386 assembler syntax is quite |
| different from Intel syntax. We mention these differences because |
| almost all 80386 documents use Intel syntax. Notable differences |
| between the two syntaxes are: |
| |
| @cindex immediate operands, i386 |
| @cindex i386 immediate operands |
| @cindex register operands, i386 |
| @cindex i386 register operands |
| @cindex jump/call operands, i386 |
| @cindex i386 jump/call operands |
| @cindex operand delimiters, i386 |
| |
| @cindex immediate operands, x86-64 |
| @cindex x86-64 immediate operands |
| @cindex register operands, x86-64 |
| @cindex x86-64 register operands |
| @cindex jump/call operands, x86-64 |
| @cindex x86-64 jump/call operands |
| @cindex operand delimiters, x86-64 |
| @itemize @bullet |
| @item |
| AT&T immediate operands are preceded by @samp{$}; Intel immediate |
| operands are undelimited (Intel @samp{push 4} is AT&T @samp{pushl $4}). |
| AT&T register operands are preceded by @samp{%}; Intel register operands |
| are undelimited. AT&T absolute (as opposed to PC relative) jump/call |
| operands are prefixed by @samp{*}; they are undelimited in Intel syntax. |
| |
| @cindex i386 source, destination operands |
| @cindex source, destination operands; i386 |
| @cindex x86-64 source, destination operands |
| @cindex source, destination operands; x86-64 |
| @item |
| AT&T and Intel syntax use the opposite order for source and destination |
| operands. Intel @samp{add eax, 4} is @samp{addl $4, %eax}. The |
| @samp{source, dest} convention is maintained for compatibility with |
| previous Unix assemblers. Note that @samp{bound}, @samp{invlpga}, and |
| instructions with 2 immediate operands, such as the @samp{enter} |
| instruction, do @emph{not} have reversed order. @ref{i386-Bugs}. |
| |
| @cindex mnemonic suffixes, i386 |
| @cindex sizes operands, i386 |
| @cindex i386 size suffixes |
| @cindex mnemonic suffixes, x86-64 |
| @cindex sizes operands, x86-64 |
| @cindex x86-64 size suffixes |
| @item |
| In AT&T syntax the size of memory operands is determined from the last |
| character of the instruction mnemonic. Mnemonic suffixes of @samp{b}, |
| @samp{w}, @samp{l} and @samp{q} specify byte (8-bit), word (16-bit), long |
| (32-bit) and quadruple word (64-bit) memory references. Intel syntax accomplishes |
| this by prefixing memory operands (@emph{not} the instruction mnemonics) with |
| @samp{byte ptr}, @samp{word ptr}, @samp{dword ptr} and @samp{qword ptr}. Thus, |
| Intel @samp{mov al, byte ptr @var{foo}} is @samp{movb @var{foo}, %al} in AT&T |
| syntax. |
| |
| In 64-bit code, @samp{movabs} can be used to encode the @samp{mov} |
| instruction with the 64-bit displacement or immediate operand. |
| |
| @cindex return instructions, i386 |
| @cindex i386 jump, call, return |
| @cindex return instructions, x86-64 |
| @cindex x86-64 jump, call, return |
| @item |
| Immediate form long jumps and calls are |
| @samp{lcall/ljmp $@var{section}, $@var{offset}} in AT&T syntax; the |
| Intel syntax is |
| @samp{call/jmp far @var{section}:@var{offset}}. Also, the far return |
| instruction |
| is @samp{lret $@var{stack-adjust}} in AT&T syntax; Intel syntax is |
| @samp{ret far @var{stack-adjust}}. |
| |
| @cindex sections, i386 |
| @cindex i386 sections |
| @cindex sections, x86-64 |
| @cindex x86-64 sections |
| @item |
| The AT&T assembler does not provide support for multiple section |
| programs. Unix style systems expect all programs to be single sections. |
| @end itemize |
| |
| @node i386-Chars |
| @subsection Special Characters |
| |
| @cindex line comment character, i386 |
| @cindex i386 line comment character |
| The presence of a @samp{#} appearing anywhere on a line indicates the |
| start of a comment that extends to the end of that line. |
| |
| If a @samp{#} appears as the first character of a line then the whole |
| line is treated as a comment, but in this case the line can also be a |
| logical line number directive (@pxref{Comments}) or a preprocessor |
| control command (@pxref{Preprocessing}). |
| |
| If the @option{--divide} command line option has not been specified |
| then the @samp{/} character appearing anywhere on a line also |
| introduces a line comment. |
| |
| @cindex line separator, i386 |
| @cindex statement separator, i386 |
| @cindex i386 line separator |
| The @samp{;} character can be used to separate statements on the same |
| line. |
| |
| @node i386-Mnemonics |
| @section i386-Mnemonics |
| @subsection Instruction Naming |
| |
| @cindex i386 instruction naming |
| @cindex instruction naming, i386 |
| @cindex x86-64 instruction naming |
| @cindex instruction naming, x86-64 |
| |
| Instruction mnemonics are suffixed with one character modifiers which |
| specify the size of operands. The letters @samp{b}, @samp{w}, @samp{l} |
| and @samp{q} specify byte, word, long and quadruple word operands. If |
| no suffix is specified by an instruction then @code{@value{AS}} tries to |
| fill in the missing suffix based on the destination register operand |
| (the last one by convention). Thus, @samp{mov %ax, %bx} is equivalent |
| to @samp{movw %ax, %bx}; also, @samp{mov $1, %bx} is equivalent to |
| @samp{movw $1, bx}. Note that this is incompatible with the AT&T Unix |
| assembler which assumes that a missing mnemonic suffix implies long |
| operand size. (This incompatibility does not affect compiler output |
| since compilers always explicitly specify the mnemonic suffix.) |
| |
| Almost all instructions have the same names in AT&T and Intel format. |
| There are a few exceptions. The sign extend and zero extend |
| instructions need two sizes to specify them. They need a size to |
| sign/zero extend @emph{from} and a size to zero extend @emph{to}. This |
| is accomplished by using two instruction mnemonic suffixes in AT&T |
| syntax. Base names for sign extend and zero extend are |
| @samp{movs@dots{}} and @samp{movz@dots{}} in AT&T syntax (@samp{movsx} |
| and @samp{movzx} in Intel syntax). The instruction mnemonic suffixes |
| are tacked on to this base name, the @emph{from} suffix before the |
| @emph{to} suffix. Thus, @samp{movsbl %al, %edx} is AT&T syntax for |
| ``move sign extend @emph{from} %al @emph{to} %edx.'' Possible suffixes, |
| thus, are @samp{bl} (from byte to long), @samp{bw} (from byte to word), |
| @samp{wl} (from word to long), @samp{bq} (from byte to quadruple word), |
| @samp{wq} (from word to quadruple word), and @samp{lq} (from long to |
| quadruple word). |
| |
| @cindex encoding options, i386 |
| @cindex encoding options, x86-64 |
| |
| Different encoding options can be specified via optional mnemonic |
| suffix. @samp{.s} suffix swaps 2 register operands in encoding when |
| moving from one register to another. @samp{.d8} or @samp{.d32} suffix |
| prefers 8bit or 32bit displacement in encoding. |
| |
| @cindex conversion instructions, i386 |
| @cindex i386 conversion instructions |
| @cindex conversion instructions, x86-64 |
| @cindex x86-64 conversion instructions |
| The Intel-syntax conversion instructions |
| |
| @itemize @bullet |
| @item |
| @samp{cbw} --- sign-extend byte in @samp{%al} to word in @samp{%ax}, |
| |
| @item |
| @samp{cwde} --- sign-extend word in @samp{%ax} to long in @samp{%eax}, |
| |
| @item |
| @samp{cwd} --- sign-extend word in @samp{%ax} to long in @samp{%dx:%ax}, |
| |
| @item |
| @samp{cdq} --- sign-extend dword in @samp{%eax} to quad in @samp{%edx:%eax}, |
| |
| @item |
| @samp{cdqe} --- sign-extend dword in @samp{%eax} to quad in @samp{%rax} |
| (x86-64 only), |
| |
| @item |
| @samp{cqo} --- sign-extend quad in @samp{%rax} to octuple in |
| @samp{%rdx:%rax} (x86-64 only), |
| @end itemize |
| |
| @noindent |
| are called @samp{cbtw}, @samp{cwtl}, @samp{cwtd}, @samp{cltd}, @samp{cltq}, and |
| @samp{cqto} in AT&T naming. @code{@value{AS}} accepts either naming for these |
| instructions. |
| |
| @cindex jump instructions, i386 |
| @cindex call instructions, i386 |
| @cindex jump instructions, x86-64 |
| @cindex call instructions, x86-64 |
| Far call/jump instructions are @samp{lcall} and @samp{ljmp} in |
| AT&T syntax, but are @samp{call far} and @samp{jump far} in Intel |
| convention. |
| |
| @subsection AT&T Mnemonic versus Intel Mnemonic |
| |
| @cindex i386 mnemonic compatibility |
| @cindex mnemonic compatibility, i386 |
| |
| @code{@value{AS}} supports assembly using Intel mnemonic. |
| @code{.intel_mnemonic} selects Intel mnemonic with Intel syntax, and |
| @code{.att_mnemonic} switches back to the usual AT&T mnemonic with AT&T |
| syntax for compatibility with the output of @code{@value{GCC}}. |
| Several x87 instructions, @samp{fadd}, @samp{fdiv}, @samp{fdivp}, |
| @samp{fdivr}, @samp{fdivrp}, @samp{fmul}, @samp{fsub}, @samp{fsubp}, |
| @samp{fsubr} and @samp{fsubrp}, are implemented in AT&T System V/386 |
| assembler with different mnemonics from those in Intel IA32 specification. |
| @code{@value{GCC}} generates those instructions with AT&T mnemonic. |
| |
| @node i386-Regs |
| @section Register Naming |
| |
| @cindex i386 registers |
| @cindex registers, i386 |
| @cindex x86-64 registers |
| @cindex registers, x86-64 |
| Register operands are always prefixed with @samp{%}. The 80386 registers |
| consist of |
| |
| @itemize @bullet |
| @item |
| the 8 32-bit registers @samp{%eax} (the accumulator), @samp{%ebx}, |
| @samp{%ecx}, @samp{%edx}, @samp{%edi}, @samp{%esi}, @samp{%ebp} (the |
| frame pointer), and @samp{%esp} (the stack pointer). |
| |
| @item |
| the 8 16-bit low-ends of these: @samp{%ax}, @samp{%bx}, @samp{%cx}, |
| @samp{%dx}, @samp{%di}, @samp{%si}, @samp{%bp}, and @samp{%sp}. |
| |
| @item |
| the 8 8-bit registers: @samp{%ah}, @samp{%al}, @samp{%bh}, |
| @samp{%bl}, @samp{%ch}, @samp{%cl}, @samp{%dh}, and @samp{%dl} (These |
| are the high-bytes and low-bytes of @samp{%ax}, @samp{%bx}, |
| @samp{%cx}, and @samp{%dx}) |
| |
| @item |
| the 6 section registers @samp{%cs} (code section), @samp{%ds} |
| (data section), @samp{%ss} (stack section), @samp{%es}, @samp{%fs}, |
| and @samp{%gs}. |
| |
| @item |
| the 5 processor control registers @samp{%cr0}, @samp{%cr2}, |
| @samp{%cr3}, @samp{%cr4}, and @samp{%cr8}. |
| |
| @item |
| the 6 debug registers @samp{%db0}, @samp{%db1}, @samp{%db2}, |
| @samp{%db3}, @samp{%db6}, and @samp{%db7}. |
| |
| @item |
| the 2 test registers @samp{%tr6} and @samp{%tr7}. |
| |
| @item |
| the 8 floating point register stack @samp{%st} or equivalently |
| @samp{%st(0)}, @samp{%st(1)}, @samp{%st(2)}, @samp{%st(3)}, |
| @samp{%st(4)}, @samp{%st(5)}, @samp{%st(6)}, and @samp{%st(7)}. |
| These registers are overloaded by 8 MMX registers @samp{%mm0}, |
| @samp{%mm1}, @samp{%mm2}, @samp{%mm3}, @samp{%mm4}, @samp{%mm5}, |
| @samp{%mm6} and @samp{%mm7}. |
| |
| @item |
| the 8 128-bit SSE registers registers @samp{%xmm0}, @samp{%xmm1}, @samp{%xmm2}, |
| @samp{%xmm3}, @samp{%xmm4}, @samp{%xmm5}, @samp{%xmm6} and @samp{%xmm7}. |
| @end itemize |
| |
| The AMD x86-64 architecture extends the register set by: |
| |
| @itemize @bullet |
| @item |
| enhancing the 8 32-bit registers to 64-bit: @samp{%rax} (the |
| accumulator), @samp{%rbx}, @samp{%rcx}, @samp{%rdx}, @samp{%rdi}, |
| @samp{%rsi}, @samp{%rbp} (the frame pointer), @samp{%rsp} (the stack |
| pointer) |
| |
| @item |
| the 8 extended registers @samp{%r8}--@samp{%r15}. |
| |
| @item |
| the 8 32-bit low ends of the extended registers: @samp{%r8d}--@samp{%r15d}. |
| |
| @item |
| the 8 16-bit low ends of the extended registers: @samp{%r8w}--@samp{%r15w}. |
| |
| @item |
| the 8 8-bit low ends of the extended registers: @samp{%r8b}--@samp{%r15b}. |
| |
| @item |
| the 4 8-bit registers: @samp{%sil}, @samp{%dil}, @samp{%bpl}, @samp{%spl}. |
| |
| @item |
| the 8 debug registers: @samp{%db8}--@samp{%db15}. |
| |
| @item |
| the 8 128-bit SSE registers: @samp{%xmm8}--@samp{%xmm15}. |
| @end itemize |
| |
| With the AVX extensions more registers were made available: |
| |
| @itemize @bullet |
| |
| @item |
| the 16 256-bit SSE @samp{%ymm0}--@samp{%ymm15} (only the first 8 |
| available in 32-bit mode). The bottom 128 bits are overlaid with the |
| @samp{xmm0}--@samp{xmm15} registers. |
| |
| @end itemize |
| |
| The AVX2 extensions made in 64-bit mode more registers available: |
| |
| @itemize @bullet |
| |
| @item |
| the 16 128-bit registers @samp{%xmm16}--@samp{%xmm31} and the 16 256-bit |
| registers @samp{%ymm16}--@samp{%ymm31}. |
| |
| @end itemize |
| |
| The AVX512 extensions added the following registers: |
| |
| @itemize @bullet |
| |
| @item |
| the 32 512-bit registers @samp{%zmm0}--@samp{%zmm31} (only the first 8 |
| available in 32-bit mode). The bottom 128 bits are overlaid with the |
| @samp{%xmm0}--@samp{%xmm31} registers and the first 256 bits are |
| overlaid with the @samp{%ymm0}--@samp{%ymm31} registers. |
| |
| @item |
| the 8 mask registers @samp{%k0}--@samp{%k7}. |
| |
| @end itemize |
| |
| @node i386-Prefixes |
| @section Instruction Prefixes |
| |
| @cindex i386 instruction prefixes |
| @cindex instruction prefixes, i386 |
| @cindex prefixes, i386 |
| Instruction prefixes are used to modify the following instruction. They |
| are used to repeat string instructions, to provide section overrides, to |
| perform bus lock operations, and to change operand and address sizes. |
| (Most instructions that normally operate on 32-bit operands will use |
| 16-bit operands if the instruction has an ``operand size'' prefix.) |
| Instruction prefixes are best written on the same line as the instruction |
| they act upon. For example, the @samp{scas} (scan string) instruction is |
| repeated with: |
| |
| @smallexample |
| repne scas %es:(%edi),%al |
| @end smallexample |
| |
| You may also place prefixes on the lines immediately preceding the |
| instruction, but this circumvents checks that @code{@value{AS}} does |
| with prefixes, and will not work with all prefixes. |
| |
| Here is a list of instruction prefixes: |
| |
| @cindex section override prefixes, i386 |
| @itemize @bullet |
| @item |
| Section override prefixes @samp{cs}, @samp{ds}, @samp{ss}, @samp{es}, |
| @samp{fs}, @samp{gs}. These are automatically added by specifying |
| using the @var{section}:@var{memory-operand} form for memory references. |
| |
| @cindex size prefixes, i386 |
| @item |
| Operand/Address size prefixes @samp{data16} and @samp{addr16} |
| change 32-bit operands/addresses into 16-bit operands/addresses, |
| while @samp{data32} and @samp{addr32} change 16-bit ones (in a |
| @code{.code16} section) into 32-bit operands/addresses. These prefixes |
| @emph{must} appear on the same line of code as the instruction they |
| modify. For example, in a 16-bit @code{.code16} section, you might |
| write: |
| |
| @smallexample |
| addr32 jmpl *(%ebx) |
| @end smallexample |
| |
| @cindex bus lock prefixes, i386 |
| @cindex inhibiting interrupts, i386 |
| @item |
| The bus lock prefix @samp{lock} inhibits interrupts during execution of |
| the instruction it precedes. (This is only valid with certain |
| instructions; see a 80386 manual for details). |
| |
| @cindex coprocessor wait, i386 |
| @item |
| The wait for coprocessor prefix @samp{wait} waits for the coprocessor to |
| complete the current instruction. This should never be needed for the |
| 80386/80387 combination. |
| |
| @cindex repeat prefixes, i386 |
| @item |
| The @samp{rep}, @samp{repe}, and @samp{repne} prefixes are added |
| to string instructions to make them repeat @samp{%ecx} times (@samp{%cx} |
| times if the current address size is 16-bits). |
| @cindex REX prefixes, i386 |
| @item |
| The @samp{rex} family of prefixes is used by x86-64 to encode |
| extensions to i386 instruction set. The @samp{rex} prefix has four |
| bits --- an operand size overwrite (@code{64}) used to change operand size |
| from 32-bit to 64-bit and X, Y and Z extensions bits used to extend the |
| register set. |
| |
| You may write the @samp{rex} prefixes directly. The @samp{rex64xyz} |
| instruction emits @samp{rex} prefix with all the bits set. By omitting |
| the @code{64}, @code{x}, @code{y} or @code{z} you may write other |
| prefixes as well. Normally, there is no need to write the prefixes |
| explicitly, since gas will automatically generate them based on the |
| instruction operands. |
| @end itemize |
| |
| @node i386-Memory |
| @section Memory References |
| |
| @cindex i386 memory references |
| @cindex memory references, i386 |
| @cindex x86-64 memory references |
| @cindex memory references, x86-64 |
| An Intel syntax indirect memory reference of the form |
| |
| @smallexample |
| @var{section}:[@var{base} + @var{index}*@var{scale} + @var{disp}] |
| @end smallexample |
| |
| @noindent |
| is translated into the AT&T syntax |
| |
| @smallexample |
| @var{section}:@var{disp}(@var{base}, @var{index}, @var{scale}) |
| @end smallexample |
| |
| @noindent |
| where @var{base} and @var{index} are the optional 32-bit base and |
| index registers, @var{disp} is the optional displacement, and |
| @var{scale}, taking the values 1, 2, 4, and 8, multiplies @var{index} |
| to calculate the address of the operand. If no @var{scale} is |
| specified, @var{scale} is taken to be 1. @var{section} specifies the |
| optional section register for the memory operand, and may override the |
| default section register (see a 80386 manual for section register |
| defaults). Note that section overrides in AT&T syntax @emph{must} |
| be preceded by a @samp{%}. If you specify a section override which |
| coincides with the default section register, @code{@value{AS}} does @emph{not} |
| output any section register override prefixes to assemble the given |
| instruction. Thus, section overrides can be specified to emphasize which |
| section register is used for a given memory operand. |
| |
| Here are some examples of Intel and AT&T style memory references: |
| |
| @table @asis |
| @item AT&T: @samp{-4(%ebp)}, Intel: @samp{[ebp - 4]} |
| @var{base} is @samp{%ebp}; @var{disp} is @samp{-4}. @var{section} is |
| missing, and the default section is used (@samp{%ss} for addressing with |
| @samp{%ebp} as the base register). @var{index}, @var{scale} are both missing. |
| |
| @item AT&T: @samp{foo(,%eax,4)}, Intel: @samp{[foo + eax*4]} |
| @var{index} is @samp{%eax} (scaled by a @var{scale} 4); @var{disp} is |
| @samp{foo}. All other fields are missing. The section register here |
| defaults to @samp{%ds}. |
| |
| @item AT&T: @samp{foo(,1)}; Intel @samp{[foo]} |
| This uses the value pointed to by @samp{foo} as a memory operand. |
| Note that @var{base} and @var{index} are both missing, but there is only |
| @emph{one} @samp{,}. This is a syntactic exception. |
| |
| @item AT&T: @samp{%gs:foo}; Intel @samp{gs:foo} |
| This selects the contents of the variable @samp{foo} with section |
| register @var{section} being @samp{%gs}. |
| @end table |
| |
| Absolute (as opposed to PC relative) call and jump operands must be |
| prefixed with @samp{*}. If no @samp{*} is specified, @code{@value{AS}} |
| always chooses PC relative addressing for jump/call labels. |
| |
| Any instruction that has a memory operand, but no register operand, |
| @emph{must} specify its size (byte, word, long, or quadruple) with an |
| instruction mnemonic suffix (@samp{b}, @samp{w}, @samp{l} or @samp{q}, |
| respectively). |
| |
| The x86-64 architecture adds an RIP (instruction pointer relative) |
| addressing. This addressing mode is specified by using @samp{rip} as a |
| base register. Only constant offsets are valid. For example: |
| |
| @table @asis |
| @item AT&T: @samp{1234(%rip)}, Intel: @samp{[rip + 1234]} |
| Points to the address 1234 bytes past the end of the current |
| instruction. |
| |
| @item AT&T: @samp{symbol(%rip)}, Intel: @samp{[rip + symbol]} |
| Points to the @code{symbol} in RIP relative way, this is shorter than |
| the default absolute addressing. |
| @end table |
| |
| Other addressing modes remain unchanged in x86-64 architecture, except |
| registers used are 64-bit instead of 32-bit. |
| |
| @node i386-Jumps |
| @section Handling of Jump Instructions |
| |
| @cindex jump optimization, i386 |
| @cindex i386 jump optimization |
| @cindex jump optimization, x86-64 |
| @cindex x86-64 jump optimization |
| Jump instructions are always optimized to use the smallest possible |
| displacements. This is accomplished by using byte (8-bit) displacement |
| jumps whenever the target is sufficiently close. If a byte displacement |
| is insufficient a long displacement is used. We do not support |
| word (16-bit) displacement jumps in 32-bit mode (i.e. prefixing the jump |
| instruction with the @samp{data16} instruction prefix), since the 80386 |
| insists upon masking @samp{%eip} to 16 bits after the word displacement |
| is added. (See also @pxref{i386-Arch}) |
| |
| Note that the @samp{jcxz}, @samp{jecxz}, @samp{loop}, @samp{loopz}, |
| @samp{loope}, @samp{loopnz} and @samp{loopne} instructions only come in byte |
| displacements, so that if you use these instructions (@code{@value{GCC}} does |
| not use them) you may get an error message (and incorrect code). The AT&T |
| 80386 assembler tries to get around this problem by expanding @samp{jcxz foo} |
| to |
| |
| @smallexample |
| jcxz cx_zero |
| jmp cx_nonzero |
| cx_zero: jmp foo |
| cx_nonzero: |
| @end smallexample |
| |
| @node i386-Float |
| @section Floating Point |
| |
| @cindex i386 floating point |
| @cindex floating point, i386 |
| @cindex x86-64 floating point |
| @cindex floating point, x86-64 |
| All 80387 floating point types except packed BCD are supported. |
| (BCD support may be added without much difficulty). These data |
| types are 16-, 32-, and 64- bit integers, and single (32-bit), |
| double (64-bit), and extended (80-bit) precision floating point. |
| Each supported type has an instruction mnemonic suffix and a constructor |
| associated with it. Instruction mnemonic suffixes specify the operand's |
| data type. Constructors build these data types into memory. |
| |
| @cindex @code{float} directive, i386 |
| @cindex @code{single} directive, i386 |
| @cindex @code{double} directive, i386 |
| @cindex @code{tfloat} directive, i386 |
| @cindex @code{float} directive, x86-64 |
| @cindex @code{single} directive, x86-64 |
| @cindex @code{double} directive, x86-64 |
| @cindex @code{tfloat} directive, x86-64 |
| @itemize @bullet |
| @item |
| Floating point constructors are @samp{.float} or @samp{.single}, |
| @samp{.double}, and @samp{.tfloat} for 32-, 64-, and 80-bit formats. |
| These correspond to instruction mnemonic suffixes @samp{s}, @samp{l}, |
| and @samp{t}. @samp{t} stands for 80-bit (ten byte) real. The 80387 |
| only supports this format via the @samp{fldt} (load 80-bit real to stack |
| top) and @samp{fstpt} (store 80-bit real and pop stack) instructions. |
| |
| @cindex @code{word} directive, i386 |
| @cindex @code{long} directive, i386 |
| @cindex @code{int} directive, i386 |
| @cindex @code{quad} directive, i386 |
| @cindex @code{word} directive, x86-64 |
| @cindex @code{long} directive, x86-64 |
| @cindex @code{int} directive, x86-64 |
| @cindex @code{quad} directive, x86-64 |
| @item |
| Integer constructors are @samp{.word}, @samp{.long} or @samp{.int}, and |
| @samp{.quad} for the 16-, 32-, and 64-bit integer formats. The |
| corresponding instruction mnemonic suffixes are @samp{s} (single), |
| @samp{l} (long), and @samp{q} (quad). As with the 80-bit real format, |
| the 64-bit @samp{q} format is only present in the @samp{fildq} (load |
| quad integer to stack top) and @samp{fistpq} (store quad integer and pop |
| stack) instructions. |
| @end itemize |
| |
| Register to register operations should not use instruction mnemonic suffixes. |
| @samp{fstl %st, %st(1)} will give a warning, and be assembled as if you |
| wrote @samp{fst %st, %st(1)}, since all register to register operations |
| use 80-bit floating point operands. (Contrast this with @samp{fstl %st, mem}, |
| which converts @samp{%st} from 80-bit to 64-bit floating point format, |
| then stores the result in the 4 byte location @samp{mem}) |
| |
| @node i386-SIMD |
| @section Intel's MMX and AMD's 3DNow! SIMD Operations |
| |
| @cindex MMX, i386 |
| @cindex 3DNow!, i386 |
| @cindex SIMD, i386 |
| @cindex MMX, x86-64 |
| @cindex 3DNow!, x86-64 |
| @cindex SIMD, x86-64 |
| |
| @code{@value{AS}} supports Intel's MMX instruction set (SIMD |
| instructions for integer data), available on Intel's Pentium MMX |
| processors and Pentium II processors, AMD's K6 and K6-2 processors, |
| Cyrix' M2 processor, and probably others. It also supports AMD's 3DNow!@: |
| instruction set (SIMD instructions for 32-bit floating point data) |
| available on AMD's K6-2 processor and possibly others in the future. |
| |
| Currently, @code{@value{AS}} does not support Intel's floating point |
| SIMD, Katmai (KNI). |
| |
| The eight 64-bit MMX operands, also used by 3DNow!, are called @samp{%mm0}, |
| @samp{%mm1}, ... @samp{%mm7}. They contain eight 8-bit integers, four |
| 16-bit integers, two 32-bit integers, one 64-bit integer, or two 32-bit |
| floating point values. The MMX registers cannot be used at the same time |
| as the floating point stack. |
| |
| See Intel and AMD documentation, keeping in mind that the operand order in |
| instructions is reversed from the Intel syntax. |
| |
| @node i386-LWP |
| @section AMD's Lightweight Profiling Instructions |
| |
| @cindex LWP, i386 |
| @cindex LWP, x86-64 |
| |
| @code{@value{AS}} supports AMD's Lightweight Profiling (LWP) |
| instruction set, available on AMD's Family 15h (Orochi) processors. |
| |
| LWP enables applications to collect and manage performance data, and |
| react to performance events. The collection of performance data |
| requires no context switches. LWP runs in the context of a thread and |
| so several counters can be used independently across multiple threads. |
| LWP can be used in both 64-bit and legacy 32-bit modes. |
| |
| For detailed information on the LWP instruction set, see the |
| @cite{AMD Lightweight Profiling Specification} available at |
| @uref{http://developer.amd.com/cpu/LWP,Lightweight Profiling Specification}. |
| |
| @node i386-BMI |
| @section Bit Manipulation Instructions |
| |
| @cindex BMI, i386 |
| @cindex BMI, x86-64 |
| |
| @code{@value{AS}} supports the Bit Manipulation (BMI) instruction set. |
| |
| BMI instructions provide several instructions implementing individual |
| bit manipulation operations such as isolation, masking, setting, or |
| resetting. |
| |
| @c Need to add a specification citation here when available. |
| |
| @node i386-TBM |
| @section AMD's Trailing Bit Manipulation Instructions |
| |
| @cindex TBM, i386 |
| @cindex TBM, x86-64 |
| |
| @code{@value{AS}} supports AMD's Trailing Bit Manipulation (TBM) |
| instruction set, available on AMD's BDVER2 processors (Trinity and |
| Viperfish). |
| |
| TBM instructions provide instructions implementing individual bit |
| manipulation operations such as isolating, masking, setting, resetting, |
| complementing, and operations on trailing zeros and ones. |
| |
| @c Need to add a specification citation here when available. |
| |
| @node i386-16bit |
| @section Writing 16-bit Code |
| |
| @cindex i386 16-bit code |
| @cindex 16-bit code, i386 |
| @cindex real-mode code, i386 |
| @cindex @code{code16gcc} directive, i386 |
| @cindex @code{code16} directive, i386 |
| @cindex @code{code32} directive, i386 |
| @cindex @code{code64} directive, i386 |
| @cindex @code{code64} directive, x86-64 |
| While @code{@value{AS}} normally writes only ``pure'' 32-bit i386 code |
| or 64-bit x86-64 code depending on the default configuration, |
| it also supports writing code to run in real mode or in 16-bit protected |
| mode code segments. To do this, put a @samp{.code16} or |
| @samp{.code16gcc} directive before the assembly language instructions to |
| be run in 16-bit mode. You can switch @code{@value{AS}} to writing |
| 32-bit code with the @samp{.code32} directive or 64-bit code with the |
| @samp{.code64} directive. |
| |
| @samp{.code16gcc} provides experimental support for generating 16-bit |
| code from gcc, and differs from @samp{.code16} in that @samp{call}, |
| @samp{ret}, @samp{enter}, @samp{leave}, @samp{push}, @samp{pop}, |
| @samp{pusha}, @samp{popa}, @samp{pushf}, and @samp{popf} instructions |
| default to 32-bit size. This is so that the stack pointer is |
| manipulated in the same way over function calls, allowing access to |
| function parameters at the same stack offsets as in 32-bit mode. |
| @samp{.code16gcc} also automatically adds address size prefixes where |
| necessary to use the 32-bit addressing modes that gcc generates. |
| |
| The code which @code{@value{AS}} generates in 16-bit mode will not |
| necessarily run on a 16-bit pre-80386 processor. To write code that |
| runs on such a processor, you must refrain from using @emph{any} 32-bit |
| constructs which require @code{@value{AS}} to output address or operand |
| size prefixes. |
| |
| Note that writing 16-bit code instructions by explicitly specifying a |
| prefix or an instruction mnemonic suffix within a 32-bit code section |
| generates different machine instructions than those generated for a |
| 16-bit code segment. In a 32-bit code section, the following code |
| generates the machine opcode bytes @samp{66 6a 04}, which pushes the |
| value @samp{4} onto the stack, decrementing @samp{%esp} by 2. |
| |
| @smallexample |
| pushw $4 |
| @end smallexample |
| |
| The same code in a 16-bit code section would generate the machine |
| opcode bytes @samp{6a 04} (i.e., without the operand size prefix), which |
| is correct since the processor default operand size is assumed to be 16 |
| bits in a 16-bit code section. |
| |
| @node i386-Arch |
| @section Specifying CPU Architecture |
| |
| @cindex arch directive, i386 |
| @cindex i386 arch directive |
| @cindex arch directive, x86-64 |
| @cindex x86-64 arch directive |
| |
| @code{@value{AS}} may be told to assemble for a particular CPU |
| (sub-)architecture with the @code{.arch @var{cpu_type}} directive. This |
| directive enables a warning when gas detects an instruction that is not |
| supported on the CPU specified. The choices for @var{cpu_type} are: |
| |
| @multitable @columnfractions .20 .20 .20 .20 |
| @item @samp{i8086} @tab @samp{i186} @tab @samp{i286} @tab @samp{i386} |
| @item @samp{i486} @tab @samp{i586} @tab @samp{i686} @tab @samp{pentium} |
| @item @samp{pentiumpro} @tab @samp{pentiumii} @tab @samp{pentiumiii} @tab @samp{pentium4} |
| @item @samp{prescott} @tab @samp{nocona} @tab @samp{core} @tab @samp{core2} |
| @item @samp{corei7} @tab @samp{l1om} @tab @samp{k1om} @samp{iamcu} |
| @item @samp{k6} @tab @samp{k6_2} @tab @samp{athlon} @tab @samp{k8} |
| @item @samp{amdfam10} @tab @samp{bdver1} @tab @samp{bdver2} @tab @samp{bdver3} |
| @item @samp{bdver4} @tab @samp{znver1} @tab @samp{btver1} @tab @samp{btver2} |
| @item @samp{generic32} @tab @samp{generic64} |
| @item @samp{.mmx} @tab @samp{.sse} @tab @samp{.sse2} @tab @samp{.sse3} |
| @item @samp{.ssse3} @tab @samp{.sse4.1} @tab @samp{.sse4.2} @tab @samp{.sse4} |
| @item @samp{.avx} @tab @samp{.vmx} @tab @samp{.smx} @tab @samp{.ept} |
| @item @samp{.clflush} @tab @samp{.movbe} @tab @samp{.xsave} @tab @samp{.xsaveopt} |
| @item @samp{.aes} @tab @samp{.pclmul} @tab @samp{.fma} @tab @samp{.fsgsbase} |
| @item @samp{.rdrnd} @tab @samp{.f16c} @tab @samp{.avx2} @tab @samp{.bmi2} |
| @item @samp{.lzcnt} @tab @samp{.invpcid} @tab @samp{.vmfunc} @tab @samp{.hle} |
| @item @samp{.rtm} @tab @samp{.adx} @tab @samp{.rdseed} @tab @samp{.prfchw} |
| @item @samp{.smap} @tab @samp{.mpx} @tab @samp{.sha} @tab @samp{.prefetchwt1} |
| @item @samp{.clflushopt} @tab @samp{.xsavec} @tab @samp{.xsaves} @tab @samp{.se1} |
| @item @samp{.avx512f} @tab @samp{.avx512cd} @tab @samp{.avx512er} @tab @samp{.avx512pf} |
| @item @samp{.avx512vl} @tab @samp{.avx512bw} @tab @samp{.avx512dq} @tab @samp{.avx512ifma} |
| @item @samp{.avx512vbmi} @tab @samp{.clwb} @tab @samp{.pcommit} |
| @item @samp{.3dnow} @tab @samp{.3dnowa} @tab @samp{.sse4a} @tab @samp{.sse5} |
| @item @samp{.syscall} @tab @samp{.rdtscp} @tab @samp{.svme} @tab @samp{.abm} |
| @item @samp{.lwp} @tab @samp{.fma4} @tab @samp{.xop} @tab @samp{.cx16} |
| @item @samp{.padlock} @tab @samp{.clzero} @tab @samp{.mwaitx} @tab @samp{.rdpid} |
| @end multitable |
| |
| Apart from the warning, there are only two other effects on |
| @code{@value{AS}} operation; Firstly, if you specify a CPU other than |
| @samp{i486}, then shift by one instructions such as @samp{sarl $1, %eax} |
| will automatically use a two byte opcode sequence. The larger three |
| byte opcode sequence is used on the 486 (and when no architecture is |
| specified) because it executes faster on the 486. Note that you can |
| explicitly request the two byte opcode by writing @samp{sarl %eax}. |
| Secondly, if you specify @samp{i8086}, @samp{i186}, or @samp{i286}, |
| @emph{and} @samp{.code16} or @samp{.code16gcc} then byte offset |
| conditional jumps will be promoted when necessary to a two instruction |
| sequence consisting of a conditional jump of the opposite sense around |
| an unconditional jump to the target. |
| |
| Following the CPU architecture (but not a sub-architecture, which are those |
| starting with a dot), you may specify @samp{jumps} or @samp{nojumps} to |
| control automatic promotion of conditional jumps. @samp{jumps} is the |
| default, and enables jump promotion; All external jumps will be of the long |
| variety, and file-local jumps will be promoted as necessary. |
| (@pxref{i386-Jumps}) @samp{nojumps} leaves external conditional jumps as |
| byte offset jumps, and warns about file-local conditional jumps that |
| @code{@value{AS}} promotes. |
| Unconditional jumps are treated as for @samp{jumps}. |
| |
| For example |
| |
| @smallexample |
| .arch i8086,nojumps |
| @end smallexample |
| |
| @node i386-Bugs |
| @section AT&T Syntax bugs |
| |
| The UnixWare assembler, and probably other AT&T derived ix86 Unix |
| assemblers, generate floating point instructions with reversed source |
| and destination registers in certain cases. Unfortunately, gcc and |
| possibly many other programs use this reversed syntax, so we're stuck |
| with it. |
| |
| For example |
| |
| @smallexample |
| fsub %st,%st(3) |
| @end smallexample |
| @noindent |
| results in @samp{%st(3)} being updated to @samp{%st - %st(3)} rather |
| than the expected @samp{%st(3) - %st}. This happens with all the |
| non-commutative arithmetic floating point operations with two register |
| operands where the source register is @samp{%st} and the destination |
| register is @samp{%st(i)}. |
| |
| @node i386-Notes |
| @section Notes |
| |
| @cindex i386 @code{mul}, @code{imul} instructions |
| @cindex @code{mul} instruction, i386 |
| @cindex @code{imul} instruction, i386 |
| @cindex @code{mul} instruction, x86-64 |
| @cindex @code{imul} instruction, x86-64 |
| There is some trickery concerning the @samp{mul} and @samp{imul} |
| instructions that deserves mention. The 16-, 32-, 64- and 128-bit expanding |
| multiplies (base opcode @samp{0xf6}; extension 4 for @samp{mul} and 5 |
| for @samp{imul}) can be output only in the one operand form. Thus, |
| @samp{imul %ebx, %eax} does @emph{not} select the expanding multiply; |
| the expanding multiply would clobber the @samp{%edx} register, and this |
| would confuse @code{@value{GCC}} output. Use @samp{imul %ebx} to get the |
| 64-bit product in @samp{%edx:%eax}. |
| |
| We have added a two operand form of @samp{imul} when the first operand |
| is an immediate mode expression and the second operand is a register. |
| This is just a shorthand, so that, multiplying @samp{%eax} by 69, for |
| example, can be done with @samp{imul $69, %eax} rather than @samp{imul |
| $69, %eax, %eax}. |
| |