



## Class on 9/24: Online Class

- There will be NO offline class on September 24
- Instead, a recorded lecture video will be provided
  - This video will be available **ONLY** on September 24

| 09/17/2024 No Class: Chuseok                 |                                                                                 |
|----------------------------------------------|---------------------------------------------------------------------------------|
| 09/24/2024                                   | Online class (No offline class)<br>A recorded lecture video will be<br>provided |
| 09/26/2024                                   |                                                                                 |
| 10/01/2024 No Class: Armed Forces Day        |                                                                                 |
| 10/03/2024 No Class: National Foundation Day |                                                                                 |

### **Recap: Computer Abstractions**



### **Recap: Computer Abstractions**

## Abstraction layer #1: Application software

High-level language

```
#include <stdio.h>

swap(int v[], int k)

{
  int temp;
  temp = v[k];
  v[k] = v[k+1];
  v[k+1] = temp;
}
```

Abstraction layer #2: System software

#### Compiler

swap:
multi \$2, \$5, 4
add \$2, \$4, \$2
...

Assembly language

#### Assembler

OS

010001010010 001101001001

Machine language

Abstraction layer #3: Hardware

Computation results



### **Recap: Compilation**

Abstraction layer #1: Application software

#include <stdio.h>

Abstraction layer #2: System software

Machine language

Abstraction layer #3: Hardware

```
swap(int v[], int k)
           int temp;
           temp = v[k];
 Your
           v[k] = v[k+1];
           v[k+1] = temp;
program
```

High-level language

```
Compiler
                  Compilation
swap:
 multi $2, $5, 4
  add $2, $4, $2
                                        Computation
 Assembly language
                                            results
    Asse
           bler
                             intel.
                    OS
   010001010010
   001101001001
```

### Recap: The Hardware/Software Interface 6

Abstraction layer #1: Application software Abstraction layer #2: System software

Abstraction layer #3: Hardware

Detailed knowledge of HW is not necessary

High-level language

Instruction Set Architecture Interface

Program/System/OS/Compiler developer



Recap: Execution of the Program!



### Today's Topic: Instruction Set Architecture®

Abstraction layer #1: Application software

Abstraction layer #2:
System software

Abstraction layer #3
Hardware

```
Detailed knowledge of HW is not necessary
```

High-leve

Your program

```
int temp;
temp = v[k];
v[k] = v[k+1];
v[k+1] = temp;
```

swap:

```
multi $2, $5, 4
add $2, $4, $2
```

Instruction Set Architecture

Interface

Today's Topic!

010001010010 001101001001

Machine language

omputation results

results

## Instruction Set Architecture

### Instruction Set Architecture (ISA)

- 10
- An <u>abstract interface</u> between the hardware and the lowest-level software (called as **Architecture**)
- ISA includes:
  - Instruction set

#### Instruction

- \*
- A command that hardware (i.e., CPU) understands
- A group of bits that tells the computer to perform a specific operation



#### 12

#### Instruction

A command that hardware (i.e., CPU) understands

A group of bits that tells the computer to perform a specific

operation

Mapped to a group of bits

slt \$t0, \$s0, \$s1
add \$s2, \$s0, \$s1
sub \$t2, \$s1, \$zero
lw \$t0, 8(\$s3)

Assembly language



010001010100011 101010001010100 010001010101100 000101011110011

Decodes the bits to understand

and perform operations

Machine language



#### Instruction Set



The commands understood by a given architecture



ARM's instructions

```
pop {r0}
mov r0, r1
add r0, r0, r1
add r0, #16
```



Intel's Instructions

```
pop eax
mov eax, ebx
add eax, ebx
add eax, 0x10
```



MIPS's Instructions

```
slt $t0, $s0, $s1
add $s2, $s0, $s1
sub $t2, $s1, $zero
lw $t0, 8($s3)
```

#### Instruction Set



The commands understood by a given architecture



Different chips have different instruction sets

ARM's instructions

Intel's Instructions



pop {r0}
mov r0, r1
add r0, r0, r1
add r0, #16



pop eax
mov eax, ebx
add eax, ebx
add eax, 0x10



```
slt $t0, $s0, $s1
add $s2, $s0, $s1
sub $t2, $s1, $zero
lw $t0, 8($s3)
```

#### Instruction Set



The commands understood by a given architecture



We focus on the MIPS instruction set!



#### 16

### **FYI: Program**



A finite sequence of instructions that performs a specific task

### Instruction Set Architecture (ISA)

- 17
- An <u>abstract interface</u> between the hardware and the lowest-level software (called as **Architecture**)
- ISA includes:
  - Instruction set
  - Registers

- Size of each register
- Instructions that can use each register

Control (brain)

Register \$1

Register \$2

Register \$3 | Register \$*N* 

Datapath

Processor (CPU)



### Register Usage Example





Register \$1

Register \$2

Register \$3 | Register \$*N* 



addi, \$1,\$3,12

(brain)

Datapath

Processor (CPU)

Meaning:

### Register Usage Example: Initial State



Performance Bottleneck 🕾

Register Usage Example: After the Execution



### Registers



- Reside in CPU
- Temporary storage of data/instruction
- Faster than main memory
- Expensive





## Special Purpose Registers

PC (Program Counter): holds address of next instruction

 IR (Instruction Register): holds the instruction fetched from the memory

AC (Accumulator): holds the result of the computation temporarily

I will provide a detailed explanation of each one as needed

### **Size of Registers**



- MIPS registers are 32-bit
- A "word" is the natural unit of data used by as processor
  - Typically, a word size is 32 bits (4 bytes) on a 32-bit machine

Word size = 32 bit

Word size = 32 bit

Control (brain)

Register A

Register C

Register B

Register N

Load/Store the Data



Datapath

Processor (CPU)



#### Word size = 64 bit

#### 28

### Instruction Set Architecture (ISA)

- An <u>abstract interface</u> between the hardware and the lowestlevel software (called as **Architecture**)
- ISA includes:
  - Instruction set
  - Registers
  - Operand types
  - Data types (integer, floating points, ...)
  - Addressing modes
  - **I/O**
- Programmer's view of processor
  - But not the details of how it is designed and implemented

#### 29

### Architecture vs. Microarchitecture

## Abstraction layer #1: Application software

High-level language

```
#include <stdio.h>

swap(int v[], int k)
{
  int temp;
  temp = v[k];
  v[k] = v[k+1];
  v[k+1] = temp;
}
```

## Abstraction layer #2: System software

#### Compiler

```
swap:
multi $2, $5, 4
add $2, $4, $2
...
```

Assembly language

#### Assembler

OS

010001010010 001101001001

Machine language

Abstraction layer #3: Hardware

Computation results



### Architecture vs. Microarchitecture

Abstraction layer #1: Application software

Abstraction layer #2: System software

Abstraction layer #3: Hardware

Microarchitecture: detailed internal architecture of a processor

<mark>Syst</mark> Assembler

010001010010 001101001001 Interface

Computation results



#### Microarchitecture



- Organization of the machine below the ISA
  - Number/location of functional units
  - Pipeline/cache configurations
  - Programmer transparent techniques: prefetching, ...
- Hardware realization
- Logic circuits, VLSI technology, process, ...

### Architecture vs. Microarchitecture

Abstraction layer #1: Application software

```
#include <stdio.h>
swap(int v[], int k)
{
  int temp;
  temp = v[k];
  v[k] = v[k+1];
  v[k+1] = temp;
}
```

High-level language

Abstraction layer #2: System software

ayer #2: Abstraction layer #3: tware Hardware



010001010010 001101001001

Core i5-7400



# Architecture vs. Microarchitecture: ARM

Microarchitecture

Architecture features

### **Instruction Format**

Later, we will cover MIPS ISA in detail. For now, let's go over the fundamentals of instructions.

#### **Instruction Format**





addi \$1,\$3,12

#### **Instruction Format**



Operation

**Operands** 

addi) \$1,\$3,12

#### **Instruction Format**



**Operands** 





addi \$1,\$3,12

001000

0000100011000000000000001100

opcode

operands

### **Instruction Length**



- Type #1: Fixed size
  - Every instruction is represented using the same number of bytes
  - E.g., MIPS instructions are always 32 bits (4 bytes) long

- Type #2: Variable size (8 bits, 16 bits, 32 bits, 64 bits, ...)
  - Different instructions are represented using different numbers of bytes
  - E.g., Intel X86, AMD, ...

```
addi $1,$3,12
j L1
```

#### n

39

### Fixed-size vs. Variable-size Instruction

|                      | Fixed size | Variable size  |
|----------------------|------------|----------------|
| Memory<br>management |            |                |
|                      |            |                |
|                      |            | No waste space |

addi \$1,\$3,12

j L1

addi \$1,\$,12

j L1

### Fixed-size vs. Variable-size Instruction



|                      | Fixed size                                                | Variable size                                   |
|----------------------|-----------------------------------------------------------|-------------------------------------------------|
| Memory<br>management |                                                           |                                                 |
| Decode               | Easy to decode (Always 32 bits => Less hardware required) | Difficult to decode (Complex hardware required) |

addi \$1,\$3,12 j L1 addi \$1,\$3,12 j L1

### Fixed-size vs. Variable-size Instruction



|                      | Fixed size                                                | Variable size                                   |
|----------------------|-----------------------------------------------------------|-------------------------------------------------|
| Memory<br>management |                                                           |                                                 |
| Decode               | Easy to decode (Always 32 bits => Less hardware required) | Difficult to decode (Complex hardware required) |

The computer architect should decide the length of instruction, opcode, and operand

#### 42

# CPU Design Philosophy: RISC vs. CISC

- Reduced Instruction Set Computer (RISC)
  - Example: MIPS, ARM, PowerPC
  - Small and simple instruction set
  - Fixed-size instruction format

- Reduced Instruction Set Computer (CISC)
  - Example: Intel x86, AMD
  - A large number of instruction set
  - Variable-size instruction format

# **Number of Operands**

#### 44

### **Number of Operands**

\*

- Three operands
- Two operands
- One operands
- Zero operands

# Three Operands Example



Meaning: A ← B + C

### Two Operands Example



Meaning:  $A \leftarrow A + B$ 

#### 4

### **One Operand Example**



Meaning:  $AC \leftarrow AC + A$ 

### **One Operand Example**



Meaning: AC ← AC + A

### **One Operand Example**



Meaning: AC ← AC + A

### **Zero Operand Example**





Is zero operand instruction possible?



#### 5

# Zero Operand Example: Using Stack

PUSH B
PUSH B
ADD
POP C

Meaning:  $C \leftarrow A + B$ 

# Zero Operand Example: Initial State





Main memory

### **FYI: Memory Layout**







### **FYI: Memory Layout**

Word size 4 bytes (= 32 bits)

High A Stack Top of Data allocated at runtime Stack auress (local variables, functions) Dynamic memory allocation Heap Global, static Static Data variables Code Program adress instructions g., 0x0) Main memory

### **FYI: Memory Layout**

Word size 4 bytes (= 32 bits)

High address (e.g., 0xffff)

Stack grows in this direction

Low address (e.g., 0x0)

Heap Static Data Code Main memory

Stack

55

Top of

Stack

















## Zero Operand Example



\*

PUSH B
PUSH B
ADD
POP C

Meaning:  $C \leftarrow A + B$ 

# The Number of Operand Field

Goal: A ← B + C

Three operands:

add a,b,c

Two operands:

mov z,b add z,c mov a,z

# The Number of Operand Field

#### The number of instructions?

#### Three operands:

add a,b,c



#### Two operands:

mov z,b add z,c mov a,z

# of instructions ↓
⇒ Performance ↑

### **Recall: CPU Time**





# The Number of Operand Field

#### The number of instructions?

#### Three operands:

add a,b,c





#### Two operands:

mov z,b

add z,c

mov a,z



Okay, then wouldn't it be good to always design <u>instructions</u> with a lot of operands?

# The Number of Operand Field

#### The number of instructions?

#### Three operands:

add a,b,c



#### Two operands:

mov z,b add z,c mov a,z

Hardware complexity ↑

⇒ Performance ↓

#### **Recall: CPU Time**



$$CPU Time = \frac{Instructions}{Program}$$

CPU Time=  $\frac{Instructions}{Program} \times \frac{Clock cycles}{Instruction} \times \frac{Seconds}{Clock cycle}$ 

# Addressing Modes

### **Addressing Modes**





Specify how an operand is interpreted to derive an effective address<sup>1)</sup>

1) Effective address: actual address of the location containing the referenced operand

# Types of Addressing Modes

73

- Immediate mode
- Register (direct) mode
- Register indirect mode
- Direct mode
- Indirect mode
- (PC)-relative mode
- Base register mode

• . . .

# Types of Addressing Modes

- Immediate mode
- Register (direct) mode
- Register indirect mode
- Direct mode
- Indirect mode
- (PC)-relative mode
- Base register mode

•



# Addressing Mode: Immediate Mode

Operand field contains the actual operand value

**Example: MIPS instruction** 

addi \$s1,\$s2,17

Operand value

# Types of Addressing Modes

- Immediate mode
- Register (direct) mode
- Register indirect mode
- Direct mode
- Indirect mode
- (PC)-relative mode
- Base register mode

• . . .



- Immediate mode
- Register (direct) mode
- Register indirect mode
- Direct mode
- Indirect mode
- (PC)-relative mode
- Base register mode

# Addressing Mode: Register Mode

### Selected register contains the operand

- Effective address: selected register
- Operand value: selected register's value

**Example: MIPS instruction** 

add \$s1,\$s2,\$s3

10

Register \$s3

- Effective address: \$s3
- Operand value: 10

# Addressing Mode: Register Indirect Mode®

## Selected register contains the address of operands

- Effective address: selected register's value
- Operand value: memory[effective address]

Example: Motorola 68000

Do not memorize the meaning or syntax of the instructions! Focus on understanding what the register indirect mode is.



Effective address: actual address of the location containing the referenced operand

## Register Indirect Mode Example: Initial State



## Register Indirect Mode Example: After the Exe.



# Types of Addressing Modes

- Immediate mode
- Register (direct) mode
- Register indirect mode
- Direct mode
- Indirect mode
- (PC)-relative mode
- Base register mode

# Types of Addressing Modes

- Immediate mode
- Register (direct) mode
- Register indirect mode
- Direct mode
- Indirect mode
- (PC)-relative mode
- Base register mode

# Addressing Mode: Direct Mode

Effective address is equal to the address part of the instruction

- Effective address: the address part of instruction
- Operand value: memory[effective address]

Example: Motorola 68000

MOVE.W 0x100,D1

Source Destination

# Direct Mode Example: Initial State



Main memory

# Direct Mode Example: After the Execution®



# Addressing Mode: Indirect Mode

The address field give the address where the effective address is stored

- Effective address: memory[the address part of instruction]
- Operand value: memory[effective address]

Example: hypothetical machine

MOVE.W (0x100),D1

# Indirect Mode Example: Initial State





0x20 0x200

Main memory

# Indirect Mode Example: After the Execution



# Indirect Mode Example: After the Execution



# Types of Addressing Modes

- Immediate mode
- Register (direct) mode
- Register indirect mode
- Direct mode
- Indirect mode
- (PC)-relative mode
- Base register mode

# Types of Addressing Modes

- Immediate mode
- Register (direct) mode
- Register indirect mode
- Direct mode
- Indirect mode
- (PC)-relative mode
- Base register mode

• . . .

## Addressing Mode: PC-Relative Mode

The content of PC is added to the address part of instruction to obtain the *effective address* (branch type instructions)

- Effective address: PC + the address part of instruction\*4
- Operand value: memory[effective address]

**Example: MIPS instruction** 

beq \$t0,\$zero,else

Effective address
Register PC

Address
field value

Address
Field value

## Addressing Mode: PC-Relative Mode

The content of PC is added to the address part of instruction to obtain the *effective address* (branch type instructions)

- Effective address: PC + the address part of instruction\*4
- Operand value: memory[effective address]

**Example: MIPS instruction** 

beq \$t0,\$zero,els Why x4?

Effective address = 200
Register PC

Address field value 4

## PC-Relative Mode Example

```
slt $t0, $s0, $s1
beq $t0, $zero, else
add $s2, $s0, $s1
j exit
else: sub $s2, $s0, $s1
...
exit:
```

```
set less than
```

\$t0=1, if \$s0 < \$s1

```
slt $t0, $s0, $s1
beq $t0, $zero, else
add $s2, $s0, $s1
j exit
else: sub $s2, $s0, $s1
...
exit:
```



```
set less than
```

```
$t0=1, if $s0 < $s1
```

```
slt $t0, $s0, $s1
beq $t0, $zero, else
dd $s2, $s0,
```

branch if equal

Go to else if t0 == 0

exit:



```
set less than $t0=1, if $s0 < $s1

slt $t0, $s0, $s1

beq $t0, $zero, else

dd $s2, $s0,

exit

branch if equal Go to else if $t0 == 0

b
```

exit:



```
set less than $t0=1, if $s0 < $s1

slt $t0, $s0, $s1

beq $t0, $zero, else

dd $s2, $s0, 1

exit

branch if equal Go to else if $t0 == 0

b
```

Why not single blt (branch less than) instruction?





Why not single blt (branch less than) instruction?

- Hardware for <, ≥, ... slower than =</li>
- Combining with branch involves more hardware-based work per instruction

## Recall: RISC vs. CISC





- Reduced Instruction Set Computer (RISC)
  - Example: MIPS, ARM, PowerPC
  - Small and simple instruction set => Simple hardware
  - Fixed-size instruction format

Example instruction set:

slt, beq(=), bne(#)

- Reduced Instruction Set Computer (CISC)
  - Example: Intel x86, AMD
  - A large number of instruction set => Complex hardware
  - Variable-size instruction format

Example instruction set:

```
slt, beq(=), bne(≠)
bge(≥), bgt(>), ble(≤), blt(<)</pre>
```

## Recall: RISC vs. CISC





- Reduced Instruction Set Computer (RISC)
  - Example: MIPS, ARM, PowerPC
  - Small and simple instruction set => Simple hardware
  - Fixed-size instruction format

Example instruction set:

slt, beq(=), bne(≠)

We can cover all sets with the combination of the smallest set

- Reduced Instruction Set Computer (CISC)
  - Example: Intel x86, AMD
  - A large number of instruction set => Complex hardware

More hardware to realize this instruction set

→ clock cycle period ↑

Example instruction set:

slt, beq(=), bne(≠)
bge(≥), bgt(>), ble(≤), blt(<)</pre>

## PC-Relative Mode Example

```
slt $t0, $s0, $s1
beq $t0, $zero, else #if $s0<$s1
add $s2, $s0, $s1
j exit
else: sub $s2, $s0, $s1
#else
...
exit:</pre>
```





### Assembly language



## Machine language

```
slt $t0, $s0, $s1
beq $t0, $zero, else #if $s0<$s1
add $s2, $s0, $s1
j exit
else: sub $s2, $s0, $s1 #else
...
exit:</pre>
```



## Assembly language



```
slt $t0, $s0, $s1
beq $t0, $zero, else #if $s0<$s1
add $s2, $s0, $s1
j exit</pre>
```

else: sub \$s2, \$s0, \$s1 #else

• • •

exit:

## Machine language



## Assembly language



### Machine language

There is no specific machine code for labels



## Assembly language



```
slt $t0, $s0, $s1
beq $t0, $zero, else #if $s0<$s1
add $s2, $s0, $s1
j exit
else: sub $s2, $s0, $s1 #else</pre>
```

exit:

## Machine language



### Assembly language

Assembler will determine the value of the address field

### Machine language

Now, Let's Execute the Program

### **Execute The Program**





Holds address of next instruction

200

204

208

Processor (CPU)

Datapath

## Machine code is loaded into memory (Code section)

#### Main memory

```
slt $t0, $s0, $s1
beq $t0, $zero, else #if $s0<$s1
add $s2, $s0, $s1
j exit
else: sub $s2, $s0, $s1 #else</pre>
```





• PC (Program Counter): holds address of next instruction

• IR (Instruction Register): holds the instruction fetched from the memory

AC (Accumulator): holds the result of the computation temporarily







Datapath

Processor (CPU)

## Machine code is loaded into memory (Code section)



#### Main memory

```
slt $t0, $s0, $s1
beq $t0, $zero, else #if $s0≥$s1
add $s2, $s0, $s1
j exit
else: sub $s2, $s0, $s1 #else
```

### **Execute The Program: 1st Instruction**

(pointed to by the PC)



slt \$t0, \$s0, \$s1
beq \$t0, \$zero, else #if \$s0≥\$s1
add \$s2, \$s0, \$s1
j exit
else: sub \$s2, \$s0, \$s1 #else

### **Execute The Program: 1st Instruction**



In the early stage, the PC is incremented by 4 to point to the next instruction

```
slt $t0, $s0, $s1
beq $t0, $zero, else #if $s0≥$s1
add $s2, $s0, $s1
j exit
else: sub $s2, $s0, $s1 #else
```

### **Execute The Program: 1st Instruction**



#### Main memory

```
slt $t0, $s0, $s1
      beq $t0, $zero, else #if $s0≥$s1
      add $s2, $s0, $s1
      j exit
else: sub $s2, $s0, $s1
                            #else
```

### **Execute The Program: 2nd Instruction**





(pointed to by the PC)

slt \$t0, \$s0, \$s1
beq \$t0, \$zero, else #if \$s0≥\$s1
add \$s2, \$s0, \$s1
j exit
else: sub \$s2, \$s0, \$s1 #else

### **Execute The Program: 2nd Instruction**



```
slt $t0, $s0, $s1
beq $t0, $zero, else #if $s0≥$s1
add $s2, $s0, $s1
j exit
else: sub $s2, $s0, $s1 #else
```

### **Execute The Program: 2nd Instruction**



**\$t0** == **\$zero** 

We need to go the else location. Let's update the PC value according to the PC-relative mode

```
slt $t0, $s0, $s1
beq $t0, $zero, else #if $s0≥$s1
add $s2, $s0, $s1
j exit
else: sub $s2, $s0, $s1 #else
```

### **Execute The Program: 2nd Instruction**





# PC-relative mode: PC + address field of instruction\*4

slt \$t0, \$s0, \$s1
beq \$t0, \$zero, else #if \$s0≥\$s1
add \$s2, \$s0, \$s1
j exit
else: sub \$s2, \$s0, \$s1 #else

### **Execute The Program: 2nd Instruction**



## PC-relative mode:

208 + 0x2 \* 4 = 216

```
slt $t0, $s0, $s1
beq $t0, $zero, else #if $s0≥$s1
add $s2, $s0, $s1
j exit
else: sub $s2, $s0, $s1 #else
```

### **Execute The Program: 2nd Instruction**





## PC-relative mode: 208 + 0x2 \* 4 = 216

slt \$t0, \$s0, \$s1
beq \$t0, \$zero, else #if \$s0≥\$s1
add \$s2, \$s0, \$s1
j exit
else: sub \$s2, \$s0, \$s1 #else

### **Execute The Program: 3rd Instruction**





Processor (CPU)

Fetch the instruction (pointed to by the PC)

With PC-relative mode, we can successfully perform branching

|     | • • •               |           |       |          |       |             |    |
|-----|---------------------|-----------|-------|----------|-------|-------------|----|
| 200 | <mark>101010</mark> | 10 001    | 10010 | 01000000 | 00101 | <b>LO</b> : | 10 |
| 204 | <mark>000100</mark> | 01 000    | 00000 | 00000000 | 00000 | <b>30</b> : | 10 |
| 208 | • • •               |           | • • • | • • •    |       | • •         | •  |
| 212 | • • •               |           | • • • | • • •    |       | • •         | •  |
| 216 | <mark>000001</mark> | <b>00</b> | • • • |          |       |             |    |
|     | •••                 |           |       |          |       |             |    |
|     | •••                 |           |       |          |       |             |    |

#### Main memory

```
slt $t0, $s0, $s1
beq $t0, $zero, else #if $s0≥$s1
add $s2, $s0, $s1
j exit
else: sub $s2, $s0, $s1 #else
```

### le

### Addressing Mode: Base Register Mode

The content of base register is added to the address part of instruction (offset) to obtain the effective address

- Effective address: Base register + offset field of instruction
- Operand value: memory[effective address]

**Example: MIPS instruction** 

### Base Register Mode Example: Initial State®





### Base Register Mode Example: After the Exe.



### Base Register Mode is Useful to Access Arrays



int 
$$a = b[3]$$

Compiled MIPS code

lw \$s0,12(\$s1)

Index 3 requires offset of 12 bytes

Base address of b in \$s1 (0x100)



### Types of Addressing Modes

- Immediate mode
- Register (direct) mode
- Register indirect mode
- Direct mode
- Indirect mode
- (PC)-relative mode
- Base register mode

### Addressing Modes in MIPS

- Immediate mode
- Register (direct) mode
- Register indirect mod
- Direct mode
- Indirect mode
- (PC)-relative mode
- Base register mode

MIPS uses these five modes according to its RISC philosophy!

• . . .

#### Recall: RISC vs. CISC



#### Reduced Instruction Set Computer (RISC)

- Example: MIPS, ARM, PowerPC
- Small and simple instruction set => Simple hardware
- Fixed-size instruction format
- Limited addressing mode

#### Reduced Instruction Set Computer (CISC)

- Example: Intel x86, AMD
- A large number of instruction set => Complex hardware
- Variable-size instruction format
- A large variety of addressing modes

## **Operation Types**

### **Operation Types**



Opcode

**Operands** 

- Arithmetic/Logic instructions (data operations)
  - Modify data values

- Data transfer instructions
  - Copy/move data from one place to another

- Control transfer instructions (program control)
  - Jump or Branch

### Operation Types – Arithmetic/Logic

- Integer arithmetic operations
  - Addition, Subtract
  - Multiply, Divide
  - Increment, Decrement
- Logical operations
  - Bitwise AND, Bitwise OR
  - Complement (invert)
- Shift operations
  - Logic shift
  - Arithmetic shift
  - Circular shift
- Floating point arithmetic operations

### Operation Types – Data Transfer

- Memory to register
  - -E.g., lw \$s0, 12(\$s1)
- Register to memory
  - -E.g., sw \$s0, 12(\$s1)

- Register to register
  - -E.g., add \$s0, \$s1, \$s2

## Operation Types – Control Transfer

Conditional branch instructions

Unconditional branch instructions

Subroutine calls and returns instructions

Hardware interrupt instructions

#### Recall: RISC vs. CISC



#### Reduced Instruction Set Computer (RISC)

- Example: MIPS, ARM, PowerPC
- Small and simple instruction set => Simple hardware
- Fixed-size instruction format
- Limited addressing mode
- Need less opcode bits

#### Reduced Instruction Set Computer (CISC)

- Example: Intel x86, AMD
- A large number of instruction set => Complex hardware
- Variable-size instruction format
- A large variety of addressing modes
- Need more opcode bits and hardware

## Signed and Unsigned Numbers

### **Unsigned Binary Integers**

Given an n-bit number

$$x = x_{n-1}2^{n-1} + x_{n-2}2^{n-2} + \dots + x_12^1 + x_02^0$$

- Range: 0 to 2<sup>n</sup> − 1
- Example

0000 0000 0000 0000 0000 0000 10112

$$= 0 + ... + 1 \times 2^{3} + 0 \times 2^{2} + 1 \times 2^{1} + 1 \times 2^{0}$$

$$= 0 + ... + 8 + 0 + 2 + 1 = 11_{10}$$

Using 32 bits (n = 32)
 Range: 0 to +4,294,967,295



How to represent negative numbers?

## Approach #1: Sign Magnitude

$$001 = 1$$
 $101 = -1$ 

### Approach #1: Sign Magnitude

$$001 = 1$$
 $101 = -1$ 

MSB represents the sign

- 0:+
- 1: -

#### **FYI: LSB and MSB**



Most Significant Bit (MSB)



Least Significant Bit (LSB)

### Approach #1: Sign Magnitude





**Problems?** 

101 = -1

MSB represents the sign

- 0:+
- 1: -

The rest of the bits represent the magnitude

### Problems of Sign Magnitude

$$001 = 1$$
 $-100 = -2$ 
 $111 \neq -1$ 

Inconsistencies in operations

### Approach #2: One's Complement

$$\sqrt{001} = 1$$
 $\sqrt{110} = -1$ 

To represent a negative number, all the bits of the corresponding positive number <u>are inverted</u>

### Approach #2: One's Complement

$$001 = 1$$
 $101 = -2$ 
 $110 = -1$ 

Provides ease of operations in terms of computing

### Approach #2: One's Complement





110 = -1

Provides ease of operations in terms of computing

### Problems of One's Complement (+ Sign Magnitude)

#### Sign Magnitude

#### 000 = +0

$$001 = +1$$

$$010 = +2$$

$$011 = +3$$

$$100 = -0$$

$$101 = -1$$

$$110 = -2$$

$$111 = -3$$

#### One's Complement

$$000 = +0$$

$$001 = +1$$

$$010 = +2$$

$$011 = +3$$

$$100 = -3$$

$$101 = -2$$

$$110 = -1$$

$$111 = -0$$

### Problems of One's Complement (+ Sign Magnitude)

#### Sign Magnitude

#### 000 = +0

$$001 = +1$$

$$010 = +2$$

$$011 = +3$$

$$100 = -0$$

$$101 = -1$$

$$110 = -2$$

$$111 = -3$$

#### One's Complement

$$0+0=000$$

$$001 = +1$$

$$010 = +2$$

$$011 = +3$$

$$100 = -3$$

$$101 = -2$$

$$110 = -1$$

$$111 = -0$$

Two representations for zero

## Approach #3: Two's Complement

$$001 = 1$$
 $111 = -1$ 
= One's Complement + 1

### 152

## Approach #3: Two's Complement

#### Sign Magnitude

$$000 = +0$$

$$001 = +1$$

$$010 = +2$$

$$011 = +3$$

$$100 = -0$$

$$101 = -1$$

$$110 = -2$$

$$111 = -3$$

#### One's Complement

$$000 = +0$$

$$001 = +1$$

$$010 = +2$$

$$011 = +3$$

$$100 = -3$$

$$101 = -2$$

$$110 = -1$$

$$111 = -0$$

#### Two's Complement

$$000 = +0$$

$$001 = +1$$

$$010 = +2$$

$$011 = +3$$

$$100 = -4$$

$$101 = -3$$

$$110 = -2$$

$$111 = -1$$

## **Approach #3: Two's Complement**

#### Sign Magnitude

$$000 = +0$$

$$001 = +1$$

$$010 = +2$$

## Range: -3 ~ +3

$$101 = -1$$

$$110 = -2$$

$$111 = -3$$

#### One's Complement

$$000 = +0$$

$$001 = +1$$

$$010 = +2$$

## Range: -3 ~ +3

$$100 = -3$$

$$101 = -2$$

$$110 = -1$$

$$111 = -0$$

#### Two's Complement

$$000 = +0$$

$$001 = +1$$

$$010 = +2$$

### Range: $-4 \sim +3$

$$100 = -4$$

$$101 = -3$$

$$110 = -2$$

$$111 = -1$$

#### 154

## Approach #3: Two's Complement

#### Sign Magnitude

$$000 = +0$$

$$001 = +1$$

#### One's Complement

$$000 = +0$$

$$001 = +1$$

#### Two's Complement

$$000 = +0$$

$$001 = +1$$

# Provides <u>ease of operations</u> and <u>a unique representation for zero</u>

$$101 = -1 \qquad 101 = -2 \qquad 101 = -3$$

$$110 = -2$$
  $110 = -1$   $110 = -2$ 

$$111 = -3$$
  $111 = -0$   $111 = -1$ 

2's complement code is the most widely used representation of signed numbers in computer systems ©

## 2's-Complement Signed Integers

Given an n-bit number

$$x = -x_{n-1}2^{n-1} + x_{n-2}2^{n-2} + \dots + x_12^1 + x_02^0$$

- Range:  $-2^{n-1}$  to  $+2^n 1$
- Example

• Using 32 bits (n = 32) Range: -2,147,483,648 to +2,147,483,647

## 2's-Complement: Number Range

• 32-bit signed numbers:

```
0000 \ 0000 \ 0000 \ 0000 \ 0000 \ 0000 \ 0000 \ 0000 \ 0000 \ 0000 = 0_{ten}
0000\ 0000\ 0000\ 0000\ 0000\ 0000\ 0000\ 0002_{two} = + 2_{ten}
1111 1111 1111 1111 1111 1111 1111 1110_{two} = -2_{ten}
```

## 2's-Complement: Number Range

• 32-bit signed numbers:

```
maxint
0000 \ 0000 \ 0000 \ 0000 \ 0000 \ 0000 \ 0000 \ 0002_{two} = + 2_{ten}
1000 0000 0000 0000 0000 0000 0000 \frac{1}{100} = -2,147,483 647_{ten}
1111 1111 1111 1111 1111 1111 1111 1110_{two} = -2_{ten}
```

### **Integer Overflow**



### Example:

```
maxint + 1 = minint ( \implies maxint + 1 in real world)
```

maxint



## Zero-Day Alert: Google Chrome Under Active Attack, Exploiting New Vulnerability

Mov 29, 2023

Ravie Lakshmanan

Zero-Day / Web Browser

— Trending News

Google has rolled out security updates to fix seven security issues in its Chrome browser, including a zero-day that has come under active exploitation in the wild.

Tracked as CVE-2023-6345, the high-severity vulnerability has been described as an *integer overflow* bug in Skia, an open source 2D graphics library.





### Basic idea: If ...

Positive Positive Number Number

**Or...** 

Negative Negative Positive Number Number

Overflow is occurred!



### From a logic circuit perspective:

$$010 = 2$$
 $-011 = 3$ 
 $101 = -3 \ (\neq 5)$ 



## From a logic circuit

| Carry in (C <sub>in</sub> ) | Carry out (C <sub>out</sub> ) | Overflow occurred |
|-----------------------------|-------------------------------|-------------------|
| 0                           | 0                             | X                 |
| 0                           | 1                             | O                 |
| 1                           | 0                             | O                 |
| 1                           | 1                             | Х                 |

$$101 = -3 \ (\neq 5)$$



## From a logic circuit

| Carry in (C <sub>in</sub> ) | Carry out (C <sub>out</sub> ) | Overflow occurred |
|-----------------------------|-------------------------------|-------------------|
| 0                           | 0                             | X                 |
| 0                           | 1                             | O                 |
| 1                           | 0                             | O                 |
| 1                           | 1                             | X                 |



Exception:

Overflow has occurred

$$101 = -3 \ (\neq 5)$$

## 2's-Complement Signed Integers

- 31st-bit (MSB) is sign bit
  - 1 for negative numbers
  - 0 for non-negative numbers
- $-(-2^{n-1})$  can't be represented
- Non-negative numbers have the same unsigned and 2scomplement representation
- Some specific numbers
  - **-** 0: 0000 0000 ... 0000
  - --1: 1111 1111 ... 1111
  - -Most-negative: 1000 0000 ... 0000
  - -Most-positive: 0111 1111 ... 1111

## **Signed Negation**

- Complement and add 1
  - -Complement means  $1 \rightarrow 0, 0 \rightarrow 1$

$$x + \overline{x} = 11111...111_2 = -1$$

$$x + 1 = -x$$

• Example: negate +2

$$+2 = 0000 \ 0000 \ \dots \ 0010_2$$
  
 $-2 = 1111 \ 1111 \ \dots \ 1101_2 + 1$   
 $= 1111 \ 1111 \ \dots \ 1110_2$ 

### **Sign Extension**



- Representing a number using more bits
  - Preserve the numeric value

- Replicate the sign bit to the left
  - c.f. unsigned extension: extend with 0s
- Examples: 8-bit to 16-bit

```
+2: 0000 0010 => 0000 0000 0000 0010
```

-2: 1111 1110 => 1111 1111 1111 1110

## Question?