x86 asm: address modes, LKMC_ASSET_EQ_32 and intel manuals

2026-01-23 02:05:57 +01:00 · 2019-06-06 00:00:00 +00:00
parent 47b39a84c9
commit 82129820ca
3 changed files with 230 additions and 54 deletions
--- a/README.adoc
+++ b/README.adoc
@@ -11737,34 +11737,34 @@ Like other userland programs, these programs can be run as explained at: <<userl
 As a quick reminder, the fastest setups to get started are:
-* <<userland-setup-getting-started-natively>> if your host can run the examples, e.g. x86 example on an x86 host
+* <<userland-setup-getting-started-natively>> if your host can run the examples, e.g. x86 example on an x86 host:
 * <<userland-setup-getting-started-with-prebuilt-toolchain-and-qemu-user-mode>> otherwise
 However, as usual, it is saner to build your toolchain as explained at: <<qemu-user-mode-getting-started>>.
-The first examples that you want to run for each arch are:
+The first examples you should look into are:
-* how to move data between registers and memory
+* add
 * how to add two numbers!
 These examples are located at:
 * x86
 ** link:userland/arch/x86_64/add.S[]
 ** link:userland/arch/x86_64/mov.S[]
 * arm
 ** <<arm-mov-instruction>>
 ** link:userland/arch/arm/add.S[]
 ** link:userland/arch/aarch64/add.S[]
 * mov between register and memory
 ** link:userland/arch/x86_64/mov.S[]
 ** <<arm-mov-instruction>>
 ** <<arm-load-and-store-instructions>>
 * addressing modes
 ** <<x86-addressing-modes>>
 ** <<arm-addressing-modes>>
 * registers: <<assembly-registers>>
-These examples use the venerable ADD instruction to:
+The add examples in particular:
 * introduce the basics of how a given assembly works: how many inputs / outputs, who is input and output, can it use memory or just registers, etc.
 +
 It is then a big copy paste for most other data instructions.
 * verify that the venerable `add` instruction and our assertions are working
-Then, modify that program to make the assertion fail:
+Now try to modify modify the x86_64 add program to see the assertion fail:
 ....
 LKMC_ASSERT_EQ(%rax, $4)
@@ -11969,6 +11969,47 @@ Examples under `arch/<arch>/c/` directories show to how use inline assembly from
 ** link:userland/arch/aarch64/inline_asm/inc.c[]
 ** link:userland/arch/aarch64/inline_asm/multiline.cpp[]
 ==== GCC inline assembly register variables
 Used notably in some of the <<linux-system-calls>> setups:
 * link:userland/arch/arm/inline_asm/reg_var.c[]
 * link:userland/arch/aarch64/inline_asm/reg_var.c[]
 * link:userland/arch/aarch64/inline_asm/reg_var_float.c[]
 In x86, makes it possible to access variables not exposed with the one letter register constraints.
 In arm, it is the only way to achieve this effect: https://stackoverflow.com/questions/10831792/how-to-use-specific-register-in-arm-inline-assembler
 This feature notably useful for making system calls from C, see: <<linux-system-calls>>.
 Documentation: https://gcc.gnu.org/onlinedocs/gcc-4.4.2/gcc/Explicit-Reg-Vars.html
 ==== GCC inline assembly scratch registers
 How to use temporary registers in inline assembly:
 * x86_64
 ** link:userland/arch/x86_64/inline_asm/scratch.c[]
 ** link:userland/arch/x86_64/inline_asm/scratch_hardcode.c[]
 Bibliography: https://stackoverflow.com/questions/6682733/gcc-prohibit-use-of-some-registers/54963829#54963829
 ==== GCC inline assembly early-clobbers
 An example of using the `&` early-clobber modifier: link:userland/arch/aarch64/earlyclobber.c
 More details at: https://stackoverflow.com/questions/15819794/when-to-use-earlyclobber-constraint-in-extended-gcc-inline-assembly/54853663#54853663
 The assertion may fail without it. It actually does fail in GCC 8.2.0.
 ==== GCC inline assembly floating point ARM
 Not documented as of GCC 8.2, but possible: https://stackoverflow.com/questions/53960240/armv8-floating-point-output-inline-assembly
 * link:userland/arch/arm/inline_asm/inc_float.c[]
 * link:userland/arch/aarch64/inline_asm/inc_float.c[]
 ==== GCC intrinsics
 Pre-existing C wrappers using inline assembly, this is what production programs should use instead of inline assembly for SIMD:
@@ -12034,47 +12075,6 @@ Bibliography:
 * https://www.cs.virginia.edu/~cr4bd/3330/S2018/simdref.html
 * https://software.intel.com/en-us/articles/how-to-use-intrinsics
 ==== GCC inline assembly register variables
 Used notably in some of the <<linux-system-calls>> setups:
 * link:userland/arch/arm/inline_asm/reg_var.c[]
 * link:userland/arch/aarch64/inline_asm/reg_var.c[]
 * link:userland/arch/aarch64/inline_asm/reg_var_float.c[]
 In x86, makes it possible to access variables not exposed with the one letter register constraints.
 In arm, it is the only way to achieve this effect: https://stackoverflow.com/questions/10831792/how-to-use-specific-register-in-arm-inline-assembler
 This feature notably useful for making system calls from C, see: <<linux-system-calls>>.
 Documentation: https://gcc.gnu.org/onlinedocs/gcc-4.4.2/gcc/Explicit-Reg-Vars.html
 ==== GCC inline assembly scratch registers
 How to use temporary registers in inline assembly:
 * x86_64
 ** link:userland/arch/x86_64/inline_asm/scratch.c[]
 ** link:userland/arch/x86_64/inline_asm/scratch_hardcode.c[]
 Bibliography: https://stackoverflow.com/questions/6682733/gcc-prohibit-use-of-some-registers/54963829#54963829
 ==== GCC inline assembly early-clobbers
 An example of using the `&` early-clobber modifier: link:userland/arch/aarch64/earlyclobber.c
 More details at: https://stackoverflow.com/questions/15819794/when-to-use-earlyclobber-constraint-in-extended-gcc-inline-assembly/54853663#54853663
 The assertion may fail without it. It actually does fail in GCC 8.2.0.
 ==== GCC inline assembly floating point ARM
 Not documented as of GCC 8.2, but possible: https://stackoverflow.com/questions/53960240/armv8-floating-point-output-inline-assembly
 * link:userland/arch/arm/inline_asm/inc_float.c[]
 * link:userland/arch/aarch64/inline_asm/inc_float.c[]
 === Linux system calls
 The following <<userland-setup>> programs illustrate how to make system calls:
@@ -12285,6 +12285,41 @@ Bibliography: https://stackoverflow.com/questions/27147043/n-suffix-to-branch-in
 Arch agnostic infrastructure getting started at: <<userland-assembly>>.
 === x86 addressing modes
 Example: link:userland/arch/x86_64/address_modes.S[]
 Several x86 instructions can calculate addresses of a complex form:
 ....
 s:a(b, c, d)
 ....
 which expands to:
 ....
 a + b + c * d
 ....
 Where the instruction encoding allows for:
 * `a`: any 8 or 32-bit general purpose register
 * `b`: any 32-bit general purpose register except ESP
 * `c`: 1, 2, 4 or 8 (encoded in 2 SIB bits)
 * `d`: immediate constant
 * `s`: a segment register. Cannot be tested simply from userland, so we won't talk about them here. See: https://github.com/cirosantilli/x86-bare-metal-examples/blob/6606a2647d44bc14e6fd695c0ea2b6b7a5f04ca3/segment_registers_real_mode.S
 The common compiler usage is:
 * `a`: base pointer
 * `b`: array offset
 * `c` and `d`: struct offset
 Bibliography:
 * <<intel-manual-1>> 3.7.5 "Specifying an Offset"
 * https://sourceware.org/binutils/docs-2.18/as/i386_002dMemory.html
 === x86 SIMD
 History:
@@ -12348,6 +12383,43 @@ TODO We didn't manage to find a working ARM analogue to <<x86-rdtsc-instruction>
 * https://stackoverflow.com/questions/31620375/arm-cortex-a7-returning-pmccntr-0-in-kernel-mode-and-illegal-instruction-in-u/31649809#31649809
 * https://blog.regehr.org/archives/794
 === x86 assembly bibliography
 ==== x86 official bibliography
 [[intel-manual]]
 ===== Intel 64 and IA-32 Architectures Software Developer's Manuals
 We are using the May 2019 version unless otherwise noted.
 There are a few download forms at: https://software.intel.com/en-us/articles/intel-sdm
 The single PDF one is useless however because it does not have a unified ToC nor inter Volume links, so I just download the 4-part one.
 The Volumes are well split, so it is usually easy to guess where you should look into.
 Also I can't find older versions on the website easily, so I just web archive everything.
 [[intel-manual-1]]
 ====== Intel 64 and IA-32 Architectures Software Developer's Manuals Volume 1
 Userland basics: http://web.archive.org/web/20190606075544/https://software.intel.com/sites/default/files/managed/a4/60/253665-sdm-vol-1.pdf
 [[intel-manual-2]]
 ====== Intel 64 and IA-32 Architectures Software Developer's Manuals Volume 2
 Instruction list: http://web.archive.org/web/20190606075330/https://software.intel.com/sites/default/files/managed/a4/60/325383-sdm-vol-2abcd.pdf
 [[intel-manual-3]]
 ====== Intel 64 and IA-32 Architectures Software Developer's Manuals Volume 2
 Kernel land: http://web.archive.org/web/20190606075534/https://software.intel.com/sites/default/files/managed/a4/60/325384-sdm-vol-3abcd.pdf
 [[intel-manual-4]]
 ====== Intel 64 and IA-32 Architectures Software Developer's Manuals Volume 2
 Model specific extensions: http://web.archive.org/web/20190606075325/https://software.intel.com/sites/default/files/managed/22/0d/335592-sdm-vol-4.pdf
 == ARM userland assembly
 Arch general getting started at: <<userland-assembly>>.
--- a/lkmc/x86_64.h
+++ b/lkmc/x86_64.h
@@ -12,6 +12,15 @@
    call lkmc_assert_eq_64; \
 ;
 #define LKMC_ASSERT_EQ_32(general1, general2) \
    mov general2, %edi; \
    push %rdi; \
    mov general1, %edi; \
    pop %rsi; \
    mov $__LINE__, %edx; \
    call lkmc_assert_eq_32; \
 ;
 #define LKMC_ASSERT_FAIL \
    mov $__LINE__, %edi; \
    call lkmc_assert_fail; \
--- a/userland/arch/x86_64/address_modes.S
+++ b/userland/arch/x86_64/address_modes.S
@@ -0,0 +1,95 @@
 /* https://github.com/cirosantilli/linux-kernel-module-cheat#x86-addressing-modes */
 #include <lkmc.h>
 LKMC_PROLOGUE
    /* First we play around with lea which is easier to assert. */
    /* Full form with immediates:
     *
     * rbx + rcx * 2 + 4 =
     * 3   + 4   * 2 + 4 =
     * 3   +       8 + 4 =
     * 3   +       8 + 4 =
     * 15
     */
    mov $0, %rax
    mov $3, %rbx
    mov $4, %rcx
    /* GAS 2.24 Warning: segment override on `lea' is ineffectual. */
    /*lea %ds:4(%rbx, %rcx, 2), %rax*/
    lea 4(%rbx, %rcx, 2), %rax
    LKMC_ASSERT_EQ(%rax, $15)
    /* Omit the mulitplicator d.
     * a(b,c) == a(b,c,1)
     */
    mov $0, %rax
    mov $3, %rbx
    mov $4, %rcx
    lea 2(%rbx, %rcx), %rax
    LKMC_ASSERT_EQ(%rax, $9)
    /* Omit c and d. */
    mov $0, %rax
    mov $1, %rbx
    lea 2(%rbx), %rax
    LKMC_ASSERT_EQ(%rax, $3)
    /* Register only address. We can omit commas. */
    mov $0, %rax
    mov $1, %rbx
    lea (%rbx), %rax
    LKMC_ASSERT_EQ(%rax, $1)
    /* TODO What is this syntax for? Compare to the next example. */
    mov $0, %rax
    lea 2(,1), %rax
    LKMC_ASSERT_EQ(%rax, $2)
    mov $0, %rax
    lea 2, %rax
    LKMC_ASSERT_EQ(%rax, $2)
    /* TODO What is this syntax for? Compare to the previous example. */
    mov $0, %rax
    lea (2), %rax
    LKMC_ASSERT_EQ(%rax, $2)
    mov $0, %rax
    mov $3, %rbx
    lea 2(,%rbx,4), %rax
    LKMC_ASSERT_EQ(%rax, $14)
    /* Expressions like (1 + 1) or more commonly (label + 1)
     * can be used like anywhere else: the assembler / linker resolve
     * them for us.
     */
    mov $1, %rax
    lea (1 + 1)(%rax), %rax
    LKMC_ASSERT_EQ(%rax, $3)
    /* Now some examples with the label and actual memory movs just for concreteness. */
 .data
   myint: .long 0x12345678
 .text
    /* Pointer dereference: To get the actual address instead of the data, use `$`: */
    mov $myint, %rbx
    mov (%rbx), %eax
    LKMC_ASSERT_EQ_32(%eax, myint)
    /* Regular memory IO is just a subcase of the full addressing mode syntax! */
    mov $0, %rax
    movl $0x9ABCDEF0, myint
    mov myint, %rax
    LKMC_ASSERT_EQ_32(%eax, $0x9ABCDEF0)
    /* Other instructions like add can also use the addressing. */
    movl $1, myint
    mov $myint, %rbx
    addl $2, (%rbx)
    LKMC_ASSERT_EQ_32(myint, $3)
 LKMC_EPILOGUE