Volume 2A Instruction Set Reference A-M (794101), страница 91
Текст из файла (страница 91)
The terms “less” and “greater” are used for comparisons of signed integers and the terms “above” and “below” are used for unsignedintegers.Because a particular state of the status flags can sometimes be interpreted in twoways, two mnemonics are defined for some opcodes. For example, the JA (jump ifabove) instruction and the JNBE (jump if not below or equal) instruction are alternatemnemonics for the opcode 77H.The Jcc instruction does not support far jumps (jumps to other code segments).When the target for the conditional jump is in a different segment, use the oppositecondition from the condition being tested for the Jcc instruction, and then access thetarget with an unconditional far jump (JMP instruction) to the other segment.
Forexample, the following conditional far jump is illegal:JZ FARLABEL;To accomplish this far jump, use the following two instructions:JNZ BEYOND;JMP FARLABEL;BEYOND:The JRCXZ, JECXZ and JCXZ instructions differ from other Jcc instructions becausethey do not check status flags. Instead, they check RCX, ECX or CX for 0. The registerchecked is determined by the address-size attribute. These instructions are usefulwhen used at the beginning of a loop that terminates with a conditional loop instruction (such as LOOPNE). They can be used to prevent an instruction sequence fromentering a loop when RCX, ECX or CX is 0.
This would cause the loop to execute 264,232 or 64K times (not zero times).All conditional jumps are converted to code fetches of one or two cache lines, regardless of jump address or cacheability.In 64-bit mode, operand size is fixed at 64 bits. JMP Short is RIP = RIP + 8-bit offsetsign extended to 64 bits.
JMP Near is RIP = RIP + 32-bit offset sign extended to64-bits.OperationIF conditionTHENtempEIP ← EIP + SignExtend(DEST);IF OperandSize = 16THEN tempEIP ← tempEIP AND 0000FFFFH;FI;IF tempEIP is not within code segment limitTHEN #GP(0);Jcc—Jump if Condition Is MetVol. 2A 3-569INSTRUCTION SET REFERENCE, A-MELSE EIP ← tempEIPFI;FI;Protected Mode Exceptions#GP(0)If the offset being jumped to is beyond the limits of the CSsegment.#UDIf the LOCK prefix is used.Real-Address Mode Exceptions#GPIf the offset being jumped to is beyond the limits of the CSsegment or is outside of the effective address space from 0 toFFFFH.
This condition can occur if a 32-bit address size overrideprefix is used.#UDIf the LOCK prefix is used.Virtual-8086 Mode ExceptionsSame exceptions as in real address mode.Compatibility Mode ExceptionsSame exceptions as in protected mode.64-Bit Mode Exceptions#GP(0)If the memory address is in a non-canonical form.#UDIf the LOCK prefix is used.3-570 Vol. 2AJcc—Jump if Condition Is MetINSTRUCTION SET REFERENCE, A-MJMP—JumpOpcodeInstructionOp/En64-BitModeCompat/ DescriptionLeg ModeEB cbJMP rel8AValidValidJump short, RIP = RIP + 8-bitdisplacement sign extendedto 64-bitsE9 cwJMP rel16AN.S.ValidJump near, relative,displacement relative tonext instruction.
Notsupported in 64-bit mode.E9 cdJMP rel32AValidValidJump near, relative, RIP =RIP + 32-bit displacementsign extended to 64-bitsFF /4JMP r/m16BN.S.ValidJump near, absolute indirect,address = zero-extendedr/m16. Not supported in 64bit mode.FF /4JMP r/m32BN.S.ValidJump near, absolute indirect,address given in r/m32.
Notsupported in 64-bit mode.FF /4JMP r/m64BValidN.E.Jump near, absolute indirect,RIP = 64-Bit offset fromregister or memoryEA cdJMP ptr16:16AInv.ValidJump far, absolute, addressgiven in operandEA cpJMP ptr16:32AInv.ValidJump far, absolute, addressgiven in operandFF /5JMP m16:16AValidValidJump far, absolute indirect,address given in m16:16FF /5JMP m16:32AValidValidJump far, absolute indirect,address given in m16:32.REX.W + FF /5JMP m16:64AValidN.E.Jump far, absolute indirect,address given in m16:64.Instruction Operand EncodingOp/EnOperand 1Operand 2Operand 3Operand 4AOffsetNANANABModRM:r/m (r)NANANADescriptionJMP—JumpVol. 2A 3-571INSTRUCTION SET REFERENCE, A-MTransfers program control to a different point in the instruction stream withoutrecording return information. The destination (target) operand specifies the addressof the instruction being jumped to.
This operand can be an immediate value, ageneral-purpose register, or a memory location.This instruction can be used to execute four different types of jumps:•Near jump—A jump to an instruction within the current code segment (thesegment currently pointed to by the CS register), sometimes referred to as anintrasegment jump.•Short jump—A near jump where the jump range is limited to –128 to +127 fromthe current EIP value.•Far jump—A jump to an instruction located in a different segment than thecurrent code segment but at the same privilege level, sometimes referred to asan intersegment jump.•Task switch—A jump to an instruction located in a different task.A task switch can only be executed in protected mode (see Chapter 7, in the Intel®64 and IA-32 Architectures Software Developer’s Manual, Volume 3A, for informationon performing task switches with the JMP instruction).Near and Short Jumps.
When executing a near jump, the processor jumps to theaddress (within the current code segment) that is specified with the target operand.The target operand specifies either an absolute offset (that is an offset from the baseof the code segment) or a relative offset (a signed displacement relative to thecurrent value of the instruction pointer in the EIP register). A near jump to a relativeoffset of 8-bits (rel8) is referred to as a short jump.
The CS register is not changed onnear and short jumps.An absolute offset is specified indirectly in a general-purpose register or a memorylocation (r/m16 or r/m32). The operand-size attribute determines the size of thetarget operand (16 or 32 bits). Absolute offsets are loaded directly into the EIPregister. If the operand-size attribute is 16, the upper two bytes of the EIP registerare cleared, resulting in a maximum instruction pointer size of 16 bits.A relative offset (rel8, rel16, or rel32) is generally specified as a label in assemblycode, but at the machine code level, it is encoded as a signed 8-, 16-, or 32-bitimmediate value. This value is added to the value in the EIP register.
(Here, the EIPregister contains the address of the instruction following the JMP instruction). Whenusing relative offsets, the opcode (for short vs. near jumps) and the operand-sizeattribute (for near relative jumps) determines the size of the target operand (8, 16,or 32 bits).Far Jumps in Real-Address or Virtual-8086 Mode. When executing a far jump in realaddress or virtual-8086 mode, the processor jumps to the code segment and offsetspecified with the target operand.
Here the target operand specifies an absolute faraddress either directly with a pointer (ptr16:16 or ptr16:32) or indirectly with amemory location (m16:16 or m16:32). With the pointer method, the segment andaddress of the called procedure is encoded in the instruction, using a 4-byte (16-bitoperand size) or 6-byte (32-bit operand size) far address immediate. With the indi-3-572 Vol. 2AJMP—JumpINSTRUCTION SET REFERENCE, A-Mrect method, the target operand specifies a memory location that contains a 4-byte(16-bit operand size) or 6-byte (32-bit operand size) far address.
The far address isloaded directly into the CS and EIP registers. If the operand-size attribute is 16, theupper two bytes of the EIP register are cleared.Far Jumps in Protected Mode. When the processor is operating in protected mode, theJMP instruction can be used to perform the following three types of far jumps:•••A far jump to a conforming or non-conforming code segment.A far jump through a call gate.A task switch.(The JMP instruction cannot be used to perform inter-privilege-level far jumps.)In protected mode, the processor always uses the segment selector part of the faraddress to access the corresponding descriptor in the GDT or LDT.
The descriptortype (code segment, call gate, task gate, or TSS) and access rights determine thetype of jump to be performed.If the selected descriptor is for a code segment, a far jump to a code segment at thesame privilege level is performed. (If the selected code segment is at a different privilege level and the code segment is non-conforming, a general-protection exceptionis generated.) A far jump to the same privilege level in protected mode is very similarto one carried out in real-address or virtual-8086 mode. The target operand specifiesan absolute far address either directly with a pointer (ptr16:16 or ptr16:32) or indirectly with a memory location (m16:16 or m16:32). The operand-size attributedetermines the size of the offset (16 or 32 bits) in the far address.
![](https://s.studizba.com/z.php?f=/templates/si/i/noavatar.png&w=100&h=100&t=1"){kind=avatar}
