Microcontroller Instruction Set

Max Mauro Dias Santos [email protected] Ponta Grossa, Paraná - Brazil February 12, 2021 Agenda

. Introduction . Instruction System Architecture . 8051 Microcontroller Instruction Set . 8051 Addressing Modes . 8051 Instruction Set . RISC Instruction Set . CISC Instruction Set . ULA Operations . Math & Load/Store Instructions . Control Flow Instructions . Branch . The Concept and Implementation of Stack . Subroutine Introduction

. Source code . High level language (C; Java) . Variables and equations . One-to-many mapping with . assembly language . Assembly language . Different for each CPU . architecture . Registers and operations . Usually one-to-one mapping . to machine language . Machine language . Hex/binary bits . Hardware interprets to . execute program

February 12, 3 2021 Instruction Set Architecture (ISA) Instruction set

. The instruction set, also called ISA (instruction set architecture), is part of a computer that pertains to programming, which is more or less machine language. The instruction set provides commands to the processor, to tell it what it needs to do. The instruction set consists of addressing modes, instructions, native data types, registers, memory architecture, interrupt, and exception handling, and external I/O.

. An example of an instruction set is the x86 instruction set, which is common to find on computers today. Different computer processors can use almost the same instruction set while still having very different internal design. Both the Intel Pentium and AMD Athlon processors use nearly the same x86 instruction set. An instruction set can be built into the hardware of the processor, or it can be emulated in software, using an interpreter. The hardware design is more efficient and faster for running programs than the emulated software version.

February 12, 5 2021 Examples of Instruction Set

. ADD - Add two numbers together. . COMPARE - Compare numbers. . IN - Input information from a device, e.g., keyboard. . JUMP - Jump to designated RAM address. . JUMP IF - Conditional statement that jumps to a designated RAM address. . LOAD - Load information from RAM to the CPU. . OUT - Output information to device, e.g., monitor. . STORE - Store information to RAM.

February 12, 6 2021 Introduction to 8051 Microcontroller Instruction Set

. Writing a Program for any Microcontroller consists of giving commands to the Microcontroller in a particular order in which they must be executed in order to perform a specific task. The commands to the Microcontroller are known as a Microcontroller’s Instruction Set.

February 12, 7 2021 A Brief Look at 8051 Microcontroller Instructions and Groups

. The 8051 Microcontroller Instruction Set has types of Instructions and the Addressing Mode, let us take a brief look at the instructions and the instruction groups of the 8051 Microcontroller Instruction Set (the MCS-51 Instruction Set).

The following table shows the 8051 Instruction Groups and Instructions in each group. There are 49 Instruction Mnemonics in the 8051 Microcontroller Instruction Set and these 49 Mnemonics are divided into five groups.

February 12, 8 2021 8051 Addressing Modes

. An Addressing Mode is a way to locate a target Data, which is also called as Operand. The 8051 Family of Microcontrollers allows five types of Addressing Modes for addressing the Operands. They are: . Immediate addressing mode . Direct addressing mode . Register direct addressing mode . Register indirect addressing mode . Indexed addressing mode

February 12, 9 2021 8051 Addressing Modes

. Immediate addressing mode . In Immediate Addressing mode, the operand, which follows the Opcode, is a constant data of either 8 or 16 bits. The name Immediate Addressing came from the fact that the constant data to be stored in the memory immediately follows the Opcode.

Let's begin with an example.

MOV A, #6AH In general, we can write,

MOV A, #data It is termed as immediate because 8-bit data is transferred immediately to the accumulator (destination operand).

February 12, 10 2021 8051 Addressing Modes

. Direct addressing mode . In Direct Addressing Mode, the address of the data is specified as the Operand in the instruction. Using Direct Addressing Mode, we can access any register or on-chip variable. This includes general purpose RAM, SFRs, I/O Ports, Control registers.

This is another way of addressing an operand. Here, the address of the data (source data) is given as an operand. Let’s take an example.

MOV A, 04H The register bank#0 (4th register) has the address 04H. When the MOV instruction is executed, the data stored in register 04H is moved to the accumulator. As the register 04H holds the data 1FH, 1FH is moved to the accumulator.

February 12, 11 2021 8051 Addressing Modes

. Register Direct addressing mode . In the 8051 Microcontroller Memory Organization Tutorial, we have seen the organization of RAM and four banks of Working Registers with eight Registers in each bank. . In Register Addressing mode, one of the eight registers (R0 – R7) is specified as Operand in the Instruction.

In this addressing mode, we use the register name directly (as source operand). Let us try to understand with the help of an example.

MOV A, R4 At a time, the registers can take values from R0 to R7. There are 32 such registers. In order to use 32 registers with just 8 variables to address registers, register banks are used. There are 4 register banks named from 0 to 3. Each bank comprises of 8 registers named from R0 to R7.

February 12, 12 2021 8051 Addressing Modes

. Register Indirect addressing mode . In the Indirect Addressing Mode or Register Indirect Addressing Mode, the address of the Operand is specified as the content of a Register.

In this addressing mode, the address of the data is stored in the register as operand.

MOV A, @R0 Here the value inside R0 is considered as an address, which holds the data to be transferred to the accumulator. Example: If R0 has the value 20H, and data 2FH is stored at the address 20H, then the value 2FH will get transferred to the accumulator after executing this instruction. See the following illustration.

February 12, 13 2021 8051 Addressing Modes

. Indexed addressing mode . With Indexed Addressing Mode, the effective address of the Operand is the sum of a base register and an offset register. The Base Register can be either Data Pointer (DPTR) or Program Counter (PC) while the Offset register is the Accumulator (A). . In Indexed Addressing Mode, only MOVC and JMP instructions can be used. Indexed Addressing Mode is useful when retrieving data from look-up tables.

We will take two examples to understand the concept of indexed addressing mode. Take a look at the following instructions −

MOVC A, @A+DPTR and MOVC A, @A+PC where DPTR is the data pointer and PC is the program counter (both are 16-bit registers). Consider the first example. MOVC A, @A+DPTR February 12, 14 2021 Data Transfer Instructions

. The Data Transfer Instructions are associated with transfer with data between registers or external program memory or external data memory. The Mnemonics associated with Data Transfer are given below. . MOV . MOVC . MOVX . PUSH . POP . XCH . XCHD

February 12, 15 2021 Data Transfer Instructions

February 12, 16 2021 Arithmetic Instructions

. Using Arithmetic Instructions, you can perform addition, subtraction, multiplication and division. The arithmetic instructions also include increment by one, decrement by one and a special instruction called Decimal Adjust Accumulator. . The Mnemonics associated with the Arithmetic Instructions of the 8051 Microcontroller Instruction Set are: . ADD . ADDC . SUBB . INC . DEC . MUL . DIV . DA A . The arithmetic instructions has no knowledge about the data format i.e. signed, unsigned, ASCII, BCD, etc. Also, the operations performed by the arithmetic instructions affect flags like carry, overflow, zero, etc. in the PSW Register.

February 12, 17 2021 Arithmetic Instructions

February 12, 18 2021 Logical Instructions

. The next group of instructions are the Logical Instructions, which perform logical operations like AND, OR, XOR, NOT, Rotate, Clear and Swap. Logical Instruction are performed on Bytes of data on a bit-by- bit basis. . Mnemonics associated with Logical Instructions are as follows: . ANL . ORL . XRL . CLR . CPL . RL . RLC . RR . RRC . SWAP

February 12, 19 2021 Logical Instructions

February 12, 20 2021 Boolean or Bit Manipulation Instructions . As the name suggests, Boolean or Bit Manipulation Instructions will deal with bit variables. We know that there is a special bit-addressable area in the RAM and some of the Special Function Registers (SFRs) are also bit addressable. . The Mnemonics corresponding to the Boolean or Bit Manipulation instructions are: . CLR . SETB . MOV . JC . JNC . JB . JNB . JBC . ANL . ORL . CPL

February 12, 21 2021 Boolean or Bit Manipulation Instructions

February 12, 22 2021 Program Branching Instructions . The last group of instructions in the 8051 Microcontroller Instruction Set are the Program Branching Instructions. These instructions control the flow of program logic. The mnemonics of the Program Branching Instructions are as follows. . LJMP . AJMP . SJMP . JZ . JNZ . CJNE . DJNZ . NOP . LCALL . ACALL . RET . RETI . JMP . All these instructions, except the NOP (No Operation) affect the Program Counter (PC) in one way or other. Some of these instructions has decision making capability before transferring control to other part

February of12, the program. 23 2021 Program Branching Instructions

February 12, 24 2021 Assembly Language Development Process

. The assembler to ROM process

February 12, 25 2021 RISC Instruction Set

. Typically simple encoding format to make hardware simpler/faster . Classical Example: MIPS R2000 . R7 <= R27 + 0x1234

February 12, 26 2021 CISC Instruction Set

. Complex encoding for small programs . Classical Example: VAX; Intel 8088 . REP MOVSB (8088 String move) . Up to 64K bytes moved; source in SI reg; dest in DI reg; count in CX

February 12, 27 2021 Accumulator-based Microcontroller

. Usually one or two “main” registers – “accumulators” . Historically called register “A” or “Acc” or registers “A” and “B” . This is where the Pentium architecture gets “AX, BX, CX, DX” from . Usually one or more “index” registers for addressing modes . Historically called register “X” or registers “X” and “Y” . In the Pentium architecture these correspond to SI and DI registers . A typical “H = J + K” operation is usually accomplished via: . Load “J” into accumulator . Add “K” to “J”, putting result into accumulator . Store “H” into memory . Reuse the accumulator for the next operation (no large register file) . Usually microcontrollers are resource-poor . E.g., No cache memory for most 16-bit micros!

https://www.cpsc.ucalgary.ca/custom/321_challenge/05%20Register%20transfer%20logic.html February 12, 28 2021 “CPU12” Programming Model – (MC9S12C128)

February 12, 29 2021 The CPU12 Reference Guide

. Summarizes assembly language programming info . Lots of info there …. This lecture is an intro to that material

February 12, 30 2021 ALU Operations – Addition as an Example

. “Inherent” address modes: . ABA (B) + (A) => A Add accumulator B to A . Encoding: 18 06 . ABX (B) + (X) => X Add accumulator B to X . Encoding: 1A E5 . Immediate Operand: . DDD #value (D) + jj:kk => D Add to D . Add constant value to D (example: D <= D + 1234) . Encoding: C3 jj kk . Example: ADDD #$534 Adds hex 534 (0x534) to D reg . “Extended” operand – location in memory at 16-bit address: . ADDD address (D) + [HH:LL] => D Add to D . Fetch a memory location and add to D . Encoding: F3 HH LL . Example: ADDD $5910 Adds 16-bit value at $5910 to D . NOTE: “[xyz]” notation means “Fetch from address xyz”

February 12, 31 2021 ALU Address Modes

. “Inherent” address modes:

February 12, 32 2021 Instruction Description Notation

February 12, 33 2021 Notation for Encoding of Instruction Bytes

February 12, 34 2021 ALU Operations – Addition Example Revisited

. “Inherent” address modes: . ABA (B) + (A) => A Add accumulator B to A . Encoding: 18 06 . ABX (B) + (X) => X Add accumulator B to X . Encoding: 1A E5 . Immediate Operand: . ADDD #opr16i (D) + jj:kk => D Add to D . Add constant value to D (example: D <= D + 1234) . Encoding: C3 jj kk . Example: ADDD #$534 Adds hex 534 (0x534) to D reg . “Extended” operand – location in memory at 16-bit address: . ADDD opr16a (D) + [HH:LL] => D Add to D . Fetch a memory location and add to D . Encoding: F3 HH LL . Example: ADDD $5910 Adds 16-bit value at $5910 to D

February 12, 35 2021 ALU Operations – Addition 2

. Immediate Operand: . ADDD #opr16i (D) + jj:kk => D Add to D . Add constant value to D (example: D <= D + 1234) . Encoding: C3 jj kk . Example: ADDD #$534 Adds hex 534 (0x534) to D reg . What C code would result in this instruction? register int16 T; // assume that X is kept in machine register D T = T + 0x534;

. “Extended” operand – location in memory at 16-bit address: . ADDD opr16a (D) + [HH:LL] => D Add to D . Fetch a memory location and add to D . Encoding: F3 HH LL . Example: ADDD $5910 Adds 16-bit value at $5910 to D . What C code would result in this instruction? static int16 B; // B is a variable that happens to be at address $5910 T = T + B;

February 12, 36 2021 ALU Operations – Addition 2

. “Direct” operand – location in memory at 8-bit address: . ADDD opr8a (D) + [00:LL] => D Add to D – Fetch a memory location and add to D; address is 0..FF (“page zero” of memory) – Encoding: D3 LL – Example: ADDD $0038 . Special optimized mode for smaller code size and faster execution – Especially for earlier 8-bit processors, but still can be useful – Gives you 256 bytes of memory halfway between “memory” and “register” in terms of ease & speed of access – Assembler knows to use this mode automatically based on address being $00xx . Result – programs often optimized to store variables in first 256 bytes of RAM – If you have very limited RAM, this is worth doing to save time & space! – But it also promotes use of shared RAM for variables, which is bug prone

. What C code would result in this instruction? static int16 B; // B is a variable that happens to be at address $0038 T = T + B;

February 12, 37 2021 ALU Operations – Addition - 3

. “Indexed” operand – memory indexed; pre/post increment/decrement . ADDD oprx,xysp (D) + [EE:FF+XYSP] => D – Add oprx to X, Y, SP or PC; use address to fetch from memory; add value into D – Encoding: E3 xb // E3 xb ff // E3 xb ee ff (Signed offset value; encoding varies – 5 bits, 9 bits; 16 bits) – Example: ADDD $FFF0, X add value at (X-1610) to D Encoding: E3 10 (5 bit signed constant … “$10”) (see Table 1 of CPU12 reference guide for xb byte encoding) . Special optimized mode for smaller code size and faster execution – “xb” can do many tricks, including support for post/pre-increment/decrement to access arrays

. What C code would result in this instruction? static int16 B[100]; register int16 *p = &B[50]; // assume “p” is stored in register X T = T + *(p-8); // adds B[42] to T

February 12, 38 2021 Indexed Examples

February 12, 39 2021 ALU Operations – Addition - 4

. “Indexed Indirect” operand – use memory value as address, with offset . ADDD [oprx16,xysp] (D) + [ [EE:FF+XYSP] ] => D – Add oprx to X, Y, SP or PC; use address to fetch from memory; use the value fetched from memory to fetch from a different memory location; add value into D – Encoding: E3 xb ee ff Example: ADDD [$8, X] add value at [(X+8)] to D Encoding: E3 E3 00 08 16-bit constant offset (see Table 1 of CPU12 reference guide for xb byte encoding)

. What C code would result in this instruction? static int16 vart; register int16 *p; static int16 *B[100]; // B is a variable that happens to be at address $38

B[4] = &vart; p = &B[0]; // assume “p” is stored in register X T = T + *(*(p+4)); // adds vart to T

February 12, 40 2021 Indexed Indirect Example

. LDAA #$56 . LDY #$2345 . STAA [-4,Y] ; Fetch 16-bit address from $2341, store A at $1234

February 12, 41 2021 Math & Load/Store Instructions

. Math . ADD – integer addition (2’s complement) . SBD – integer subtraction (2’s complement) . CMP – compare (do a subtraction to set flags but don’t store result) . Logic . AND – logical bit-wise and . ORA – logical bit-wise or . EOR – bit-wise exclusive or (xor) . ASL, ASR – arithmetic shift left and right (shift right sign-extends) . LSR – logical shift right . Data movement . LDA, LDX, … – load from memory to a register . STA, STX, … – store from register to memory . MOV – memory to memory movement . Bit operations and other instructions . Later…

February 12, 42 2021 Control Flow Instructions

. Used to go somewhere other than the next sequential instruction . Unconditional branch – always changes flow (“goto instruction x”) . Conditional branch – change flow sometimes, depending on some condition

. Addressing modes . REL: Relative to PC – “go forward or backward N bytes” – Uses an 8-bit offset rr for the branch target – Most branches are short, so only need a few bits for the offset – Works the same even if segment of code is moved in memory

. EXT: Extended hh:ll – “go to 16-bit address hh:ll” – Takes more bits to specify – No limit on how far away the branch can be

February 12, 43 2021 Relative Addressing

. Relative address computed as: . Address of next in-line instruction after the branch instruction – Because the PC already points to the next in-line instruction at execution time . Plus relative byte rr treated as a signed value – rr of 0..$7F is a forward relative branch – rr of $80..$FF is a backward relative branch

. Example: BCC cy_dr . Next instruction is at $0009; rr = $03 . $0009 + $03 = $000C (cy_clr)

. Example: BRA asm_loop . Next instruction is at $000F; rr=$F7 . $000F + $F7 = $000F + $FFF7 = $000F - $0009 = $0006 (asm_loop)

February 12, 44 2021 Unconditional Branch

. JMP instruction – Jump . JMP $1256 -- jump to address $1256 JMP Target_Name

. JMP also supports indexed addressing modes – why are they useful?

. BRA $12 -- jump to $12 past current instruction -- Relative addressing (“rr”) to save a byte and make code relocatable

. JSR instruction – Jump to Subroutine . JSR $7614 -- jump to address $7614, saving return address . JSR Subr_Name

. Supports DIRect (8 bit offset to page 0) and EXTended, as well as indexed addressing . More about how this instruction works in the next lecture

February 12, 45 2021 Conditional Branch

. Branch on some condition . Always with RELative (rr 8-bit offset) addressing – Look at detailed instruction set description for specifics of exactly what address the offset is added to . Condition determines instruction name . BCC $08 – branch 8 bytes ahead if carry bit clear . BCS Loop – branch to label “Loop” if carry bit set . BEQ / BNE – branch based on Z bit (“Equal” after compare instruction) . BMI / BPL – branch based on N bit (sign bit)

. Other complex conditions that can be used after a CMP instruction . BGT – branch if greater than . BLE – branch if less than or equal . …

February 12, 46 2021 Condition Codes

. Status bits inside CPU that indicate results of operations . C = carry-out bit . Z = whether last result was zero . N = whether last result was “negative” (highest bit set) . V = whether last result resulted in an arithmetic overflow

. Set by some (but not all instructions) . CMP – subtracts but doesn’t store result; sets CC bits for later “BGE, BGT” etc . ADD and most arithmetic operations – sets CC bits . MOV instructions – generally do NOT set CC bits on this CPU – But, on a few other CPUs they do – so be careful of this!

February 12, 47 2021 C & V Flags

. Carry: did the previous operation result in a carry out bit? . $FFFF + 1 = $0000 + Carry out . $7FFF + $8000 = $FFFF + No Carry out . Carry-in bit, if set, adds 1 to sum for ADC – we’ll do multi-precision arithmetic later . Carry bit is set if there is an unsigned add or subtract overflow – Result is on other side of $0000/$FFFF boundary

. Overflow (V): did the previous operation result in a signed overflow? . $FFFF + 1 = $0000 no signed overflow (-1 + 1 = 0) . $7FFF + 1 = $8000 has signed overflow (32767 + 1 -32768) . This is overflow in the normal signed arithmetic sense that you are used to – Result is on other side of $8000/$7FFF boundary

. Note that the idea of “overflow” depends on signed vs. unsigned . Hardware itself is sign agnostic – software has to keep track of data types . Carry flag indicates unsigned overflow . V flag indicates signed overflow

February 12, 48 2021 Assembler to Hex

. Sometimes (less often these days, but sometimes) you have to write your own assembler!

. In this course, we want you to do just a little by hand to get a feel . LDAB #254

. Addressing mode is:______. Opcode is:______. Operand is:______. Full encoding is:______

February 12, 49 2021 Hex to Assembler (Dis-Assembly)

. If all you have is an image of a program in memory, what does it do? . Important for debugging . Important for reverse engineering (competitive analysis; legacy components)

. Start with Hex, and figure out what instruction is . AA E2 23 CC

. ORAA – one of the indexed versions . Need to look up XB value => ______

February 12, 50 2021 The Concept and Implementation of Stack

. Concept:

. Implementation: . Uses a pointer to memory . The pointer moves up and down as top of stack, not the memory contents! . Points to top of stack

[Valvano]

February 12, 51 2021 Pushing To The Stack

. “PSH” instructions – pushes a register onto the stack . PSHA, PSHB, PSHD, PSHX, PSHY . PSHC – condition codes (will get to that in a moment)

. Example: . LDAA #1 . LDAB #2 . PSHA . PSHB . LDAA #3 . PSHA

. At end, A=3, B=2 . PSH doesn’t change register values

. (On 6812, SP always points to top-most element in use)

February 12, 52 2021 Pushing To The Stack

February 12, 53 2021 Pulling (“Popping”) From The Stack

. “PUL” instructions – pulls a register value from the stack . PULA, PULB, PULD, PULX, PULY . PULC – condition codes (will get to that in a moment)

. Example: . PULA . PULB . PULB

. At end, A=3, B=1 . PUL doesn’t erase memory values BUT unsafe to access them after PUL due to interrupts!!!

. (On HC12, SP always points to top-most element in use)

February 12, 54 2021 Pulling (“Popping”) From The Stack

February 12, 55 2021 Stack Implementation

. Implementation of stack grows from top of memory down

February 12, 56 2021 Hardware Support For Subroutines

. Allows use of a procedure (or method in Object Oriented terminology) . … . x = a + b; . c = dosomething(x,a); int dosomething(int a, int b) . y = c + d; { …. . … return(k); . z = dosomething(w,k); }

. What has to happen to make this work? . Prepare parameters for use – It isn’t always the same variables passed to the subroutine . Unconditional branch to subroutine . Execute subroutine . Prepare return value – The result doesn’t always go in the same output variable . Return to calling point to resume caller execution – How do we know where that is?

February 12, 57 2021 Subroutine Calls

. “Hardware support: JSR, BSR . JSR – full, 16-bit address mode subroutine call . BSR – REL mode branch (8-bit PC-relative address), otherwise same as JSR . They pretty much do the same thing – BSR saves a byte of memory for instruction… … but still uses 2 bytes of stack space for return address

. JSR (and BSR) operations: . PUSH current program counter onto stack (2-byte value) . Put address of subroutine into the PC . Start executing code at new PC value (the subroutine)

. This takes care of saving return address and the actual jump . But, doesn’t help with parameter values

February 12, 58 2021 Subroutine Calls

February 12, 59 2021 Subroutine Returns

. Hardware support: RTS . RTS – INH address mode (how do you know the return address?)

. RTS operations: . POP top of stack and put it into PC . Start executing program at that new PC value (back to calling program)

. This takes care of jumping back to calling program . But, doesn’t help with parameter values

February 12, 60 2021 Subroutine Returns

February 12, 61 2021 How do We Pass Parameters?

. Multiple methods, all of which can be useful . Put values in particular registers . Example: sqrt(D) => D D register used as both input and output . Fast, but very limited by number of registers! . In the C language, it is very common to put the single return value in a register

. Hard-code addresses into subroutine . Easy to do . But, makes subroutine less flexible – need a different version for each data structure . Can make sense when you are just saving space by avoiding duplicated code

. Pass parameters on stack . Pass pointers to data structures . Pass values of variables . Flexible, usual method of passing parameters

. (Note: we’ll do stack frames and C variables in a later lecture …)

February 12, 62 2021 Passing by Registers

LDAA #47 LDAB #63 BSR COMPUTE_AVERAGE STAA Average_result ….

. ; note – the below code only works on unsigned numbers! . COMPUTE_AVERAGE: ABA ; sum to A, assume both are non-negative ; top bit of A contains carry-out of add LSRA ; divide by two for unsigned number sum RTS ; result is in register A

February 12, 63 2021 Passing Parameters To A Subroutine (simple version)

1. PUSH parameters onto stack 2. CALL subroutine 3. Subroutine reads parameters from stack and does computations 4. RTS 5. Calling program deletes parameters from stack . Why done here? (look at next slide to understand reason)

February 12, 64 2021 Example: Passing Via Stack (simple version)

; Assume SP value is $4FA at this point LDAA #47 PSHA LDAA #63 PSHA JSR COMPUTE_AVERAGE PULB ; discard second parameter (could also use INS, but that is 2 bytes) PULB ; discard first parameter (could also use INS, but that is 2 bytes) STAA Average_result ; SP is back to $4FA at this point

; only works on unsigned numbers! COMPUTE_AVERAGE: LDAA +2,SP ; second parameter ADDA +3,SP ; first parameter LSRA ; divide by two for non-negative RTS ; result is in register A February 12, 65 2021 Passing Parameters To A Subroutine (complete)

1. PUSH parameters onto stack 2. CALL subroutine 3. Save registers that are going to be modified by subroutine Avoids unexpected corruption of registers used by the calling program 4. Subroutine reads parameters from stack and does computations 5. Subroutine writes results back to parameters on stack 6. Restore registers modified by subroutine 7. RTS 8. Calling program PULLs parameters from stack

February 12, 66 2021 Passing Via Stack Example (complete version)

; Assume SP value is $4FA at this point LDAA #47 PSHA LDAA #63 PSHA PSHA ; dummy push to make room for result; could also use DES JSR COMPUTE_AVERAGE PULA; result stored in third parameter STAA Average_result PULB ; discard second parameter PULB ; discard first parameter ; SP is back to $4FA at this point

; only works on non-negative numbers! COMPUTE_AVERAGE: PSHA ; make sure A isn’t trashed LDAA +4,SP ; second parameter ADDA +5,SP ; first parameter LSRA ; divide by two for non-negative number sum STAA +3,SP ; store result in third parameter position PULA ; restore register A RTS ; result is on stack February 12, 67 2021 Rules For Safe Stack Use

. PULL as many times as you PUSH . Stack overflow will trash RAM . Stack underflow will give invalid PULL values – Very often it will also trash RAM . Mismatched number results in invalid subroutine return address

. Don’t access stack memory after that value has been PULLed . Interrupts can change the memory values at random times . – We’ll talk about interrupts later in course . The program will still work most of the time – very nasty bug to track down

. Beware of “stack smashing” attacks . Frequent security vulnerability is someone intentionally over-running data structure to modify return address

February 12, 68 2021 RISC Organization

. Hard-wired instruction decode logic . CISC processor used large microcode ROMs to decode their instructions . Pipelined execution . CISC processors allowed little, if any, overlap between consecutive instructions (though they do now) . Single-cycle execution . CISC processors typically took many clock cycles to completes a single instruction

→ Simple is beauty Compiler plays an important role

February 12, 69 2021 References

• https://www.electronicshub.org/8051-microcontroller-instruction- set/#:~:text=Introduction%20to%208051%20Microcontroller%20Instruction%20Set&text=The%20comma nds%20to%20the%20Microcontroller%20are%20known%20as%20a%20Microcontroller's%20Instruction %20Set.&text=As%20a%20typical%208%2Dbit,to%2028%20%3D%20256%20Instructions. • http://oregonstate.edu/instruction/ece573/ • https://katie.mtech.edu/classes/archive/f11/csci255/slides/ • https://www.electronicshub.org/basics-of-embedded-c-program/ • https://www.electronicshub.org/8051-microcontroller-instruction- set/#Introduction_to_8051_Microcontroller_Instruction_Set • https://www.tutorialspoint.com/embedded_systems/es_addressing_modes.htm

All this material has the contente based on these source files. All copyright are of these authors. I did this material with the purpose for teaching. Thanks for the authors to available this rich material.

February 12, 70 2021