[HN Gopher] Reverse-engineering the 8086's Arithmetic/Logic Unit...
___________________________________________________________________
Reverse-engineering the 8086's Arithmetic/Logic Unit from die
photos
Author : abbeyj
Score : 32 points
Date : 2020-08-22 20:06 UTC (2 hours ago)
(HTM) web link (www.righto.com)
(TXT) w3m dump (www.righto.com)
| SilasX wrote:
| That title looked familiar, so I checked, and it looks like we've
| had recent submissions from the same site for reverse engineering
| of different parts of the 8086:
|
| https://news.ycombinator.com/item?id=24092605
|
| https://news.ycombinator.com/item?id=24021415
| kens wrote:
| Yes, I've been working through different parts of the 8086
| lately. My goal is to understand the microcode. I hope people
| aren't getting tired of the 8086 :-)
| tyingq wrote:
| Maybe the NEC V33 would be interesting to compare. 8086
| compatible, but all done with regular logic, no microcode.
| justin66 wrote:
| That's pretty interesting. How does the transistor count
| compare?
| kens wrote:
| I'm surprised that NEC would do away with the microcode,
| since there is a lot of microcode in the 8086. It would be
| interesting to see how much circuitry it took to replace
| the microcode.
| tyingq wrote:
| Supposedly that made it twice as fast at the same clock
| speed.
| jasonzemos wrote:
| From note #13:
|
| > The silicon implementation of the lower eight bits of the ALU /
| registers is flipped compared to the upper eight bits. The
| motivation is to put the ALU signals next to the flag circuitry
| that needs these signals.
|
| This caught me out because I was expecting some more obvious
| rotation or discernible mirroring of the upper half and lower
| half. Is the layout of bits 15:8 entirely different yet logically
| equivalent? Looking closely though I do see some similarities in
| the outer circuits at the very top and very bottom, yet there is
| a large gap across the lower bank.
| kens wrote:
| The top and bottom have almost identical circuitry, even though
| the layouts look entirely different. The layout of the ALU is
| highly optimized; since everything is repeated 16 times,
| squeezing out a bit of space makes a big difference.
|
| I assume the layouts are different due to the surroundings: The
| top stages have two bus wires next to them, while the bottom
| stage just has one bus wire, so there is a bit more room. Some
| of the horizontal metal wiring is different (like the wiring in
| the gap you saw), and power and ground may be offset slightly.
| The top stage needs to fit with the register interface
| circuitry just above it. My suspicion is that these relatively
| small changes resulted in the layouts being visibly fairly
| different. Maybe I'll do a gate-by-gate comparison at some
| point to check.
| kens wrote:
| Author here if anyone wants to discuss the internals of the 8086.
| McGlockenshire wrote:
| Thank you very much for this series of articles. Please
| continue with them!
|
| One thing that I would love to see eventually is a series of
| comparisons with the 8088.
| kens wrote:
| I've looked briefly at the 8088. As you know, the 8088 is a
| modification of the 8086 with an 8-bit bus instead of the
| 16-bit bus. Here's a quick summary of the differences:
|
| Looking at the dies, the 8086 and 8088 are completely
| identical over most of the die. For the most part, I can look
| at the 8088 die if something is unclear in my 8086 photo.
|
| The biggest difference is the bus control logic, which is
| entirely different (as you'd expect). This is in the upper-
| right corner.
|
| The 8088 has a 4-byte instruction queue instead of a 6-byte
| instruction queue, so there's a bit of wasted space in the
| register file there. The queue registers and control
| circuitry are slightly different because the 8088 needs to
| access half of the word at a time.
|
| I saw a couple of microcode differences, but I don't know if
| they are related to 8086 vs 8088 or are bug fixes.
|
| Some of the pin driving circuitry is different, as you'd
| expect, since only 8 pins are used for data.
|
| To summarize: is the 8088 a completely redone chip? No. Are
| they the same chip with a jumper? No. Most parts of the 8086
| and the 8088 are the same, but some parts were completely
| redesigned.
| abbeyj wrote:
| Do you know if NOP is really executed as `XCHG AX, AX` (as
| would be implied from its position in the opcode map and its
| cycle count) or if it is special-cased in some way?
|
| I've always been curious about the XLAT instruction. It
| performs an operation like `MOV AL, [BX + AL]` (if that were a
| valid instruction). I assume this instruction was designed to
| do EBCDIC <-> ASCII conversions using a simple loop consisting
| of `LODSB / XLAT / STOSB` which would explain why the input and
| output are both hardcoded to AL. But it seems like it would
| have been fairly easy to allow the programmer to specify
| different register(s) and the instruction probably would have
| been a lot more useful generally if that was allowed.
|
| It is the only place in the ISA that I know of where an 8-bit
| value is zero-extended to 16 bits before being added to another
| value. Short jumps use a sign-extended 8-bit value (and are a
| special case anyway since they deal with the instruction
| pointer). Other additions are always 8+8 or 16+16. Is there
| some special case in the processor to allow just AL to be zero-
| extended in this way? If so, that would go some way toward
| explaining why this instruction isn't more flexible. I realize
| this may be very difficult to determine working from a die
| photo, at least without completely reverse engineering the
| entire microcode ROM.
| kens wrote:
| Yes, NOP is just an XCHG AX, AX. For instructions such as
| XCHG, the microcode doesn't know anything about the specific
| registers; hardcoded circuitry substitutes the registers from
| the instruction. This saves on microcode size. Microcode also
| doesn't know about 8-bit vs 16-bit instructions; that is also
| done in circuitry.
|
| As far as XLAT, I haven't seen anything yet to answer your
| question. I hope to figure out the microcode, which should
| provide more details.
___________________________________________________________________
(page generated 2020-08-22 23:00 UTC)