What are registers?

phiral.net
Home

What are (x86) registers?

Registers are temporary storage locations used to hold data, instructions, or the 
results of calculations. They are actually memory areas stored on the cpu itself, 
used for extermely fast access to the values within them, this is because the cpu
dosent have to access a location outside of itself.

General Purpose Registers
-------------------------
There are eight general purpose registers. The registers eax, ebx, ecx and edx are 
fully backwards compatable as they are built on the register before them eg 
eax (four bytes) can be broken up as follows:

	 76543210765432107654321076543210 
	[XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX] 32 bit
	^
	eax (e added to ax to mean ax extended from 16 bit to 32 bit)

         7654321076543210  7654321076543210    
	[XXXXXXXXXXXXXXXX][XXXXXXXXXXXXXXXX] 16 bit (unused upper half)
	                  ^
			  ax

                           76543210  76543210
	                  [XXXXXXXX][XXXXXXXX] 8 bit
			  ^         ^                        
			  ah (high) al (low)    

While edi, esi, esp and ebp can be broken into their 16 bit counterpart.
 
The general purpose can generally be used for anything, but they do have uses for 
which they are specialized.

Register	Description
eax		accumulator register, accumulate results of operations
ebx		base pointer to data section
ecx		counter register
edx		data register
edi		destination index register, for string operations
esi 		source index register, for string operations
esp		stack pointer
ebp		base pointer to stack data

Extended Instruction Pointer
----------------------------
The extended instruction pointer (eip) keeps track of the next instruction to execute.
You cannot alter this register directly, you must use normal program control 
instructions to alert the next instruction to be read.

Segment Registers
-----------------

/**********
(Linux)
The segment registers are all loaded with a segment selector, which is an offset 
into either the GDT (Global descriptor table) or the current LDT (Local descriptor 
table). A segment selector is 16 bits long and looks like this:

	[XXXXXXXXXXXXX][X][XX]
        ^              ^  ^
        index	       ti rpl

ti or table indicator bit indicates to the processor where to look for the 
specified selector. If this bit is set, the processor checks the ldt if clear, 
the processor looks in the gdt. The privilege level set in cs is the privilege level 
of the running program, called the cpl, or current privilege level. The rpl or
requested privilege level selector is checked when it is loaded into a segment 
register. The cpl must be at least as privileged as the rpl. This gets much more
complex and a book such as "Understanding the Linux Kernel" would do you good.
**********/

Most cpus are now 32 bit and use a flat memory model which does not segment memory, 
instead it presents it as one long contigous address space, and is accessed by 
its linear address. If your coding 16 bit programs you will be using these alot 
more then 32bit (16 bit is easier and more fun to learn on in my opinion, any of Peter 
Nortons books are still the best to learn with). The segmented memory model divides 
memory into independant segments and used pointers to refer to these location.

Register	Description
cs		code segment
ds		data segment
ss		stack segment
es		extra segment pointer
fs		extra segment pointer
gs		extra segment pointer

eflags Register
---------------
The eflags register is used for status of operations. Its a 32 bits of information 
mapped to represent specific flags of information. Its divided into status flags, 
control flags and system flags. 

Status flags are used to represnt results of mathematical operations.

Flag	Bit	Name / Description
cf	0	carry flag - unsgined int generates carry or borrow
pf	2	parity flag - check for corrupt data, even or odd number of 1's
af	4	adjust flag - binary coded decimal, for borrows of bit three
zf	6	zero flag - operation results in zero
sf 	7	sign flag - most significant bit is on or off
of 	11	overflow flag - signed int when value is to large for the register

Control flags are used to control behavior of the processor, only one is defined the 
direction flag or df, which controls which way string operations happen.

System flags control system level operations.

Flag	Bit	Name / Description
tf	8	trap flag - single step when active
if	9	interrupt enable
iopl	12-13	i/o privilage level
nt	14	nested task
rf	16	resume flag - single step once per instruction
vm	17	virtual 8086 mode flag - operate in pseudo real mode
ac	18	alignment check flag
vif	19 	virtual interrupt flag
vip	20	virtual interrup pending flag
id	21	identification flag - modifiable if cpu supports cpuid instruction

Control Registers
-----------------	
Five control registers are used to determine the operating mode of the processor and 
also of the characteristics of the currently executing task.

Name	Description
cr0 	system flags that control the operating mode and states of the processor.
cr1	not currently used
cr2 	memory page fault information
cr3	memory page directory information
cr4	flags that enable processor features

cr0:

Flag	Bit	Name / Description
pe	0	protection enable
mp	1	math present 
em	2	emulate numeric extension 
ts	3	task switched 
et	4	extension eype
ne	5	numeric error enable 
wp	16	write protect 
am	18	alignment mask
nw	29	not write-through 	
cd	30	cache disable	
pg	31 	paging enable