Clever Geek Handbook

MMX and x87 FPU Tag Word Instructions

section .data
    qVar1: dq 1


section .bss
    var28: resb  28


section .text
    _main:

        ; Use an MMX instruction

            movq mm0, [qVar1] ; Move quadword from r/m64 to mm.

        ; Read Tag Word

            fstenv [var28]
            mov    ax, [var28 + 8] ; move the Tag Word to ax

At this moment ax

there is0101 0101 0101 0110

But from Intel manual, section 9.5.1 MMX Instructions and x87 FPU Tag Word, I quote:

After each MMX command, the entire x87 FPU word tag is set to (00B).

So why are ax

n't all zeros?

+3


source to share


1 answer


The section you are citing says:

Chapter 12, Intelยฎ MMX โ„ข System Programming, in the Intelยฎ 64 and IA-32 Software Developer's Guide, Volume 3A, provides additional information on the implications of the x87 FPU and MMX instructions on the x87 FPU tag word .

In fact, section 12.2 of the third manual explains:

When the MMX instruction writes a value to the MMX register, at the same time, bits 64 to 79 of the corresponding floating point register are set to all 1s.

The command then movq mm0, [qVar1]

sets the register R0

to 0xffff_00000000_00000000, which is not a valid double extended precision floating point value starting at 80387 (previously positive infinity).
This will be important later.

The command fstenv

does not store the actual tag word, instead interprets the registers and the actual tag word to calculate the tag word to be stored in memory.
The tag word case is then reset to empty for all registers.

Effect fstenv

for x87 FPU tag word:

Tags and register values โ€‹โ€‹are read and interpreted; then all tags are set to 11B.



and the word image of the x87 FPU tag stored in memory is:

Tags are set according to actual values โ€‹โ€‹in floating point registers; that is, empty registers are marked with 11B and valid registers are marked with 00B (nonzero), 01B (zero), or 10B (special).

MMX and x87 command effects for x87 FPU tag word

If you used emms

before any XMM code, all tags will be 11b (Empty).
Once movq mm0, [qVar1]

executed, all tags are set to 00b (Valid).
When executed fstenv

, the registers are marked as not empty, and their contents are analyzed: all registers R1-R7 turn out to be equal to zero, and R0, as noted earlier, contains a special value and its tag in the image stored in memory in this way 10b (special) ...

The entry for fstenv

in the second manual is admittedly cheating with its pseudocode written as

Operation
DEST [FPUControlWord] โ† FPUControlWord,
DEST [FPUStatusWord] โ† FPUStatusWord,
DEST [FPUTagWord] โ† FPUTagWord,
DEST [FPUDataPointer] โ† FPUDataPointer,
DEST [FPUInstructionPointer] โ†
FPUInstructionPoinstruction] โ† FPUInstructionPoinstruction

which is simply not true.

+5


source






More articles:


All Articles