分类: LINUX
2007-10-12 16:02:48
Intel 8086 Family Architecture
Instruction Clock Cycle Calculation
8088/8086 Effective Address (EA) Calculation
Task State Calculation
FLAGS - Intel 8086 Family Flags Register
MSW - Machine Status Word (286+ only)
8086/80186/80286/80386/80486 Instruction Set
AAA - Ascii Adjust for Addition
AAD - Ascii Adjust for Division
AAM - Ascii Adjust for Multiplication
AAS - Ascii Adjust for Subtraction
ADC - Add With Carry
ADD - Arithmetic Addition
AND - Logical And
ARPL - Adjusted Requested Privilege Level of Selector (286+ PM)
BOUND - Array Index Bound Check (80188+)
BSF - Bit Scan Forward (386+)
BSR - Bit Scan Reverse (386+)
BSWAP - Byte Swap (486+)
BT - Bit Test (386+)
BTC - Bit Test with Compliment (386+)
BTR - Bit Test with Reset (386+)
BTS - Bit Test and Set (386+)
CALL - Procedure Call
CBW - Convert Byte to Word
CDQ - Convert Double to Quad (386+)
CLC - Clear Carry
CLD - Clear Direction Flag
CLI - Clear Interrupt Flag (disable)
CLTS - Clear Task Switched Flag (286+ privileged)
CMC - Complement Carry Flag
CMP - Compare
CMPS - Compare String (Byte, Word or Doubleword)
CMPXCHG - Compare and Exchange
CWD - Convert Word to Doubleword
CWDE - Convert Word to Extended Doubleword (386+)
DAA - Decimal Adjust for Addition
DAS - Decimal Adjust for Subtraction
DEC - Decrement
DIV - Divide
ENTER - Make Stack Frame (80188+)
ESC - Escape
HLT - Halt CPU
IDIV - Signed Integer Division
IMUL - Signed Multiply
IN - Input Byte or Word From Port
INC - Increment
INS - Input String from Port (80188+)
INT - Interrupt
INTO - Interrupt on Overflow
INVD - Invalidate Cache (486+)
INVLPG - Invalidate Translation Look-Aside Buffer Entry (486+)
IRET/IRETD - Interrupt Return
Jxx - Jump Instructions Table
JCXZ/JECXZ - Jump if Register (E)CX is Zero
JMP - Unconditional Jump
LAHF - Load Register AH From Flags
LAR - Load Access Rights (286+ protected)
LDS - Load Pointer Using DS
LEA - Load Effective Address
LEAVE - Restore Stack for Procedure Exit (80188+)
LES - Load Pointer Using ES
LFS - Load Pointer Using FS (386+)
LGDT - Load Global Descriptor Table (286+ privileged)
LIDT - Load Interrupt Descriptor Table (286+ privileged)
LGS - Load Pointer Using GS (386+)
LLDT - Load Local Descriptor Table (286+ privileged)
LMSW - Load Machine Status Word (286+ privileged)
LOCK - Lock Bus
LODS - Load String (Byte, Word or Double)
LOOP - Decrement CX and Loop if CX Not Zero
LOOPE/LOOPZ - Loop While Equal / Loop While Zero
LOOPNZ/LOOPNE - Loop While Not Zero / Loop While Not Equal
LSL - Load Segment Limit (286+ protected)
LSS - Load Pointer Using SS (386+)
LTR - Load Task Register (286+ privileged)
MOV - Move Byte or Word
MOVS - Move String (Byte or Word)
MOVSX - Move with Sign Extend (386+)
MOVZX - Move with Zero Extend (386+)
MUL - Unsigned Multiply
NEG - Two's Complement Negation
NOP - No Operation (90h)
NOT - One's Compliment Negation (Logical NOT)
OR - Inclusive Logical OR
OUT - Output Data to Port
OUTS - Output String to Port (80188+)
POP - Pop Word off Stack
POPA/POPAD - Pop All Registers onto Stack (80188+)
POPF/POPFD - Pop Flags off Stack
PUSH - Push Word onto Stack
PUSHA/PUSHAD - Push All Registers onto Stack (80188+)
PUSHF/PUSHFD - Push Flags onto Stack
RCL - Rotate Through Carry Left
RCR - Rotate Through Carry Right
REP - Repeat String Operation
REPE/REPZ - Repeat Equal / Repeat Zero
REPNE/REPNZ - Repeat Not Equal / Repeat Not Zero
RET/RETF - Return From Procedure
ROL - Rotate Left
ROR - Rotate Right
SAHF - Store AH Register into FLAGS
SAL/SHL - Shift Arithmetic Left / Shift Logical Left
SAR - Shift Arithmetic Right
SBB - Subtract with Borrow/Carry
SCAS - Scan String (Byte, Word or Doubleword)
SETAE/SETNB - Set if Above or Equal / Set if Not Below (386+)
SETB/SETNAE - Set if Below / Set if Not Above or Equal (386+)
SETBE/SETNA - Set if Below or Equal / Set if Not Above (386+)
SETE/SETZ - Set if Equal / Set if Zero (386+)
SETNE/SETNZ - Set if Not Equal / Set if Not Zero (386+)
SETL/SETNGE - Set if Less / Set if Not Greater or Equal (386+)
SETGE/SETNL - Set if Greater or Equal / Set if Not Less (386+)
SETLE/SETNG - Set if Less or Equal / Set if Not greater or Equal (386+)
SETG/SETNLE - Set if Greater / Set if Not Less or Equal (386+)
SETS - Set if Signed (386+)
SETNS - Set if Not Signed (386+)
SETC - Set if Carry (386+)
SETNC - Set if Not Carry (386+)
SETO - Set if Overflow (386+)
SETNO - Set if Not Overflow (386+)
SETP/SETPE - Set if Parity / Set if Parity Even (386+)
SETNP/SETPO - Set if No Parity / Set if Parity Odd (386+)
SGDT - Store Global Descriptor Table (286+ privileged)
SIDT - Store Interrupt Descriptor Table (286+ privileged)
SHL - Shift Logical Left
SHR - Shift Logical Right
SHLD/SHRD - Double Precision Shift (386+)
SLDT - Store Local Descriptor Table (286+ privileged)
SMSW - Store Machine Status Word (286+ privileged)
STC - Set Carry
STD - Set Direction Flag
STI - Set Interrupt Flag (Enable Interrupts)
STOS - Store String (Byte, Word or Doubleword)
STR - Store Task Register (286+ privileged)
SUB - Subtract
TEST - Test For Bit Pattern
VERR - Verify Read (286+ protected)
VERW - Verify Write (286+ protected)
WAIT/FWAIT - Event Wait
WBINVD - Write-Back and Invalidate Cache (486+)
XCHG - Exchange
XLAT/XLATB - Translate
XOR - Exclusive OR
General Purpose Registers Segment Registers
AH/AL AX (EAX) Accumulator CS Code Segment
BH/BL BX (EBX) Base DS Data Segment
CH/CL CX (ECX) Counter SS Stack Segment
DH/DL DX (EDX) Data ES Extra Segment
(FS) 386 and newer
(Exx) indicates 386+ 32 bit register (GS) 386 and newer
Pointer Registers Stack Registers
SI (ESI) Source Index SP (ESP) Stack Pointer
DI (EDI) Destination Index BP (EBP) Base Pointer
IP Instruction Pointer
Status Registers
FLAGS Status Flags (see FLAGS)
Special Registers (386+ only)
CR0 Control Register 0 DR0 Debug Register 0
CR2 Control Register 2 DR1 Debug Register 1
CR3 Control Register 3 DR2 Debug Register 2
DR3 Debug Register 3
TR4 Test Register 4 DR6 Debug Register 6
TR5 Test Register 5 DR7 Debug Register 7
TR6 Test Register 6
TR7 Test Register 7
Register Default Segment Valid Overrides
BP SS DS, ES, CS
SI or DI DS ES, SS, CS
DI strings ES None
SI strings DS ES, SS, CS
- see CPU DETECTING Instruction Timing
Instruction Clock Cycle Calculation
Some instructions require additional clock cycles due to a "Next
Instruction Component" identified by a "+m" in the instruction
clock cycle listings. This is due to the prefetch queue being
purge on a control transfers. Below is the general rule for
calculating "m":
88/86 not applicable
286 "m" is the number of bytes in the next instruction
386 "m" is the number of components in the next instruction
(the instruction coding (each byte), plus the data and
the displacement are all considered components)
8088/8086 Effective Address (EA) Calculation
Description Clock Cycles
Displacement 6
Base or Index (BX,BP,SI,DI) 5
Displacement+(Base or Index) 9
Base+Index (BP+DI,BX+SI) 7
Base+Index (BP+SI,BX+DI) 8
Base+Index+Displacement (BP+DI,BX+SI) 11
Base+Index+Displacement (BP+SI+disp,BX+DI+disp) 12
- add 4 cycles for word operands at odd addresses
- add 2 cycles for segment override
- 80188/80186 timings differ from those of the 8088/8086/80286
Task State Calculation
"TS" is defined as switching from VM/486 or 80286 TSS to one of
the following:
+---------------------------------------+
| New Task |
+-------+-------+-------+-------+-------+
+---------------+486 TSS|486 TSS|386 TSS|386 TSS|286 TSS|
| Old Task | (VM=0)| (VM=1)| (VM=0)| (VM=1)| |
+---------------+-------+-------+-------+-------+-------+
386 TSS (VM=0) | | | 309 | 226 | 282 |
+-------+-------+-------+-------+-------+
386 TSS (VM=1) | | | 314 | 231 | 287 |
+-------+-------+-------+-------+-------+
386 CPU/286 TSS | | | 307 | 224 | 280 |
+-------+-------+-------+-------+-------+
486 CPU/286 TSS | 199 | 177 | | | 180 |
+---------------------------------------+
Miscellaneous
- all timings are for best case and do not take into account wait
states, instruction alignment, the state of the prefetch queue,
DMA refresh cycles, cache hits/misses or exception processing.
- to convert clocks to nanoseconds divide one microsecond by the
processor speed in MegaHertz:
(1000MHz/(n MHz)) = X nanoseconds
- see 8086 Architecture
|11|10|F|E|D|C|B|A|9|8|7|6|5|4|3|2|1|0|
| | | | | | | | | | | | | | | | | +--- CF Carry Flag
| | | | | | | | | | | | | | | | +--- 1
| | | | | | | | | | | | | | | +--- PF Parity Flag
| | | | | | | | | | | | | | +--- 0
| | | | | | | | | | | | | +--- AF Auxiliary Flag
| | | | | | | | | | | | +--- 0
| | | | | | | | | | | +--- ZF Zero Flag
| | | | | | | | | | +--- SF Sign Flag
| | | | | | | | | +--- TF Trap Flag (Single Step)
| | | | | | | | +--- IF Interrupt Flag
| | | | | | | +--- DF Direction Flag
| | | | | | +--- OF Overflow flag
| | | | +----- IOPL I/O Privilege Level (286+ only)
| | | +----- NT Nested Task Flag (286+ only)
| | +----- 0
| +----- RF Resume Flag (386+ only)
+------ VM Virtual Mode Flag (386+ only)
- see PUSHF POPF STI CLI STD CLD
|31|30-5|4|3|2|1|0| Machine Status Word
| | | | | | +---- Protection Enable (PE)
| | | | | +----- Math Present (MP)
| | | | +------ Emulation (EM)
| | | +------- Task Switched (TS)
| | +-------- Extension Type (ET)
| +---------- Reserved
+------------- Paging (PG)
Bit 0 PE Protection Enable, switches processor between
protected and real mode
Bit 1 MP Math Present, controls function of the WAIT
instruction
Bit 2 EM Emulation, indicates whether coprocessor functions
are to be emulated
Bit 3 TS Task Switched, set and interrogated by coprocessor
on task switches and when interpretting coprocessor
instructions
Bit 4 ET Extension Type, indicates type of coprocessor in
system
Bits 5-30 Reserved
bit 31 PG Paging, indicates whether the processor uses page
tables to translate linear addresses to physical
addresses
- see SMSW LMSW
Usage: AAA
Modifies flags: AF CF (OF,PF,SF,ZF undefined)
Changes contents of AL to valid unpacked decimal. The high order
nibble is zeroed.
Clocks Size
Operands 808x 286 386 486 Bytes
none 8 3 4 3 1
Usage: AAD
Modifies flags: SF ZF PF (AF,CF,OF undefined)
Used before dividing unpacked decimal numbers. Multiplies AH by
10 and the adds result into AL. Sets AH to zero. This instruction
is also known to have an undocumented behavior.
AL := 10*AH+AL
AH := 0
Clocks Size
Operands 808x 286 386 486 Bytes
none 60 14 19 14 2
Usage: AAM
Modifies flags: PF SF ZF (AF,CF,OF undefined)
AH := AL / 10
AL := AL mod 10
Used after multiplication of two unpacked decimal numbers, this
instruction adjusts an unpacked decimal number. The high order
nibble of each byte must be zeroed before using this instruction.
This instruction is also known to have an undocumented behavior.
Clocks Size
Operands 808x 286 386 486 Bytes
none 83 16 17 15 2
Usage: AAS
Modifies flags: AF CF (OF,PF,SF,ZF undefined)
Corrects result of a previous unpacked decimal subtraction in AL.
High order nibble is zeroed.
Clocks Size
Operands 808x 286 386 486 Bytes
none 8 3 4 3 1
Usage: ADC dest,src
Modifies flags: AF CF OF SF PF ZF
Sums two binary operands placing the result in the destination.
If CF is set, a 1 is added to the destination.
Clocks Size
Operands 808x 286 386 486 Bytes
reg,reg 3 2 2 1 2
mem,reg 16+EA 7 7 3 2-4 (W88=24+EA)
reg,mem 9+EA 7 6 2 2-4 (W88=13+EA)
reg,immed 4 3 2 1 3-4
mem,immed 17+EA 7 7 3 3-6 (W88=23+EA)
accum,immed 4 3 2 1 2-3
Usage: ADD dest,src
Modifies flags: AF CF OF PF SF ZF
Adds "src" to "dest" and replacing the original contents of "dest".
Both operands are binary.
Clocks Size
Operands 808x 286 386 486 Bytes
reg,reg 3 2 2 1 2
mem,reg 16+EA 7 7 3 2-4 (W88=24+EA)
reg,mem 9+EA 7 6 2 2-4 (W88=13+EA)
reg,immed 4 3 2 1 3-4
mem,immed 17+EA 7 7 3 3-6 (W88=23+EA)
accum,immed 4 3 2 1 2-3
Usage: AND dest,src
Modifies flags: CF OF PF SF ZF (AF undefined)
Performs a logical AND of the two operands replacing the destination
with the result.
Clocks Size
Operands 808x 286 386 486 Bytes
reg,reg 3 2 2 1 2
mem,reg 16+EA 7 7 3 2-4 (W88=24+EA)
reg,mem 9+EA 7 6 1 2-4 (W88=13+EA)
reg,immed 4 3 2 1 3-4
mem,immed 17+EA 7 7 3 3-6 (W88=23+EA)
accum,immed 4 3 2 1 2-3
Usage: ARPL dest,src
(286+ protected mode)
Modifies flags: ZF
Compares the RPL bits of "dest" against "src". If the RPL bits
of "dest" are less than "src", the destination RPL bits are set
equal to the source RPL bits and the Zero Flag is set. Otherwise
the Zero Flag is cleared.
Clocks Size
Operands 808x 286 386 486 Bytes
reg,reg - 10 20 9 2
mem,reg - 11 21 9 4
Usage: BOUND src,limit
Modifies flags: None
Array index in source register is checked against upper and lower
bounds in memory source. The first word located at "limit" is
the lower boundary and the word at "limit+2" is the upper array bound.
Interrupt 5 occurs if the source value is less than or higher than
the source.
Clocks Size
Operands 808x 286 386 486 Bytes
reg16,mem32 - nj=13 nj=10 7 2
reg32,mem64 - nj=13 nj=10 7 2
- nj = no jump taken
Usage: BSF dest,src
Modifies flags: ZF
Scans source operand for first bit set. Sets ZF if a bit is found
set and loads the destination with an index to first set bit. Clears
ZF is no bits are found set. BSF scans forward across bit pattern
(0-n) while BSR scans in reverse (n-0).
Clocks Size
Operands 808x 286 386 486 Bytes
reg,reg - - 10+3n 6-42 3
reg,mem - - 10+3n 7-43 3-7
reg32,reg32 - - 10+3n 6-42 3-7
reg32,mem32 - - 10+3n 7-43 3-7
Usage: BSR dest,src
Modifies flags: ZF
Scans source operand for first bit set. Sets ZF if a bit is found
set and loads the destination with an index to first set bit. Clears
ZF is no bits are found set. BSF scans forward across bit pattern
(0-n) while BSR scans in reverse (n-0).
Clocks Size
Operands 808x 286 386 486 Bytes
reg,reg - - 10+3n 6-103 3
reg,mem - - 10+3n 7-104 3-7
reg32,reg32 - - 10+3n 6-103 3-7
reg32,mem32 - - 10+3n 7-104 3-7
Usage: BSWAP reg32
Modifies flags: none
Changes the byte order of a 32 bit register from big endian to
little endian or vice versa. Result left in destination register
is undefined if the operand is a 16 bit register.
Clocks Size
Operands 808x 286 386 486 Bytes
reg32 - - - 1 2
Usage: BT dest,src
Modifies flags: CF
The destination bit indexed by the source value is copied into the
Carry Flag.
Clocks Size
Operands 808x 286 386 486 Bytes
reg16,immed8 - - 3 3 4-8
mem16,immed8 - - 6 6 4-8
reg16,reg16 - - 3 3 3-7
mem16,reg16 - - 12 12 3-7
Usage: BTC dest,src
Modifies flags: CF
The destination bit indexed by the source value is copied into the
Carry Flag after being complimented (inverted).
Clocks Size
Operands 808x 286 386 486 Bytes
reg16,immed8 - - 6 6 4-8
mem16,immed8 - - 8 8 4-8
reg16,reg16 - - 6 6 3-7
mem16,reg16 - - 13 13 3-7
Usage: BTR dest,src
Modifies flags: CF
The destination bit indexed by the source value is copied into the
Carry Flag and then cleared in the destination.
Clocks Size
Operands 808x 286 386 486 Bytes
reg16,immed8 - - 6 6 4-8
mem16,immed8 - - 8 8 4-8
reg16,reg16 - - 6 6 3-7
mem16,reg16 - - 13 13 3-7
Usage: BTS dest,src
Modifies flags: CF
The destination bit indexed by the source value is copied into the
Carry Flag and then set in the destination.
Clocks Size
Operands 808x 286 386 486 Bytes
reg16,immed8 - - 6 6 4-8
mem16,immed8 - - 8 8 4-8
reg16,reg16 - - 6 6 3-7
mem16,reg16 - - 13 13 3-7
Usage: CALL destination
Modifies flags: None
Pushes Instruction Pointer (and Code Segment for far calls) onto
stack and loads Instruction Pointer with the address of proc-name.
Code continues with execution at CS:IP.
Clocks
Operands 808x 286 386 486
rel16 (near, IP relative) 19 7 7+m 3
rel32 (near, IP relative) - - 7+m 3
reg16 (near, register indirect) 16 7 7+m 5
reg32 (near, register indirect) - - 7+m 5
mem16 (near, memory indirect) 21+EA 11 10+m 5
mem32 (near, memory indirect) - - 10+m 5
ptr16:16 (far, full ptr supplied) 28 13 17+m 18
ptr16:32 (far, full ptr supplied) - - 17+m 18
ptr16:16 (far, ptr supplied, prot. mode) - 26 34+m 20
ptr16:32 (far, ptr supplied, prot. mode) - - 34+m 20
m16:16 (far, indirect) 37+EA 16 22+m 17
m16:32 (far, indirect) - - 22+m 17
m16:16 (far, indirect, prot. mode) - 29 38+m 20
m16:32 (far, indirect, prot. mode) - - 38+m 20
ptr16:16 (task, via TSS or task gate) - 177 TS 37+TS
m16:16 (task, via TSS or task gate) - 180/185 5+TS 37+TS
m16:32 (task) - - TS 37+TS
m16:32 (task) - - 5+TS 37+TS
ptr16:16 (gate, same privilege) - 41 52+m 35
ptr16:32 (gate, same privilege) - - 52+m 35
m16:16 (gate, same privilege) - 44 56+m 35
m16:32 (gate, same privilege) - - 56+m 35
ptr16:16 (gate, more priv, no parm) - 82 86+m 69
ptr16:32 (gate, more priv, no parm) - - 86+m 69
m16:16 (gate, more priv, no parm) - 83 90+m 69
m16:32 (gate, more priv, no parm) - - 90+m 69
ptr16:16 (gate, more priv, x parms) - 86+4x 94+4x+m 77+4x
ptr16:32 (gate, more priv, x parms) - - 94+4x+m 77+4x
m16:16 (gate, more priv, x parms) - 90+4x 98+4x+m 77+4x
m16:32 (gate, more priv, x parms) - - 98+4x+m 77+4x
Usage: CBW
Modifies flags: None
Converts byte in AL to word Value in AX by extending sign of AL
throughout register AH.
Clocks Size
Operands 808x 286 386 486 Bytes
none 2 2 3 3 1
Usage: CDQ
Modifies flags: None
Converts signed DWORD in EAX to a signed quad word in EDX:EAX by
extending the high order bit of EAX throughout EDX
Clocks Size
Operands 808x 286 386 486 Bytes
none - - 2 3 1
Usage: CLC
Modifies flags: CF
Clears the Carry Flag.
Clocks Size
Operands 808x 286 386 486 Bytes
none 2 2 2 2 1
Usage: CLD
Modifies flags: DF
Clears the Direction Flag causing string instructions to increment
the SI and DI index registers.
Clocks Size
Operands 808x 286 386 486 Bytes
none 2 2 2 2 1
Usage: CLI
Modifies flags: IF
Disables the maskable hardware interrupts by clearing the Interrupt
flag. NMI's and software interrupts are not inhibited.
Clocks Size
Operands 808x 286 386 486 Bytes
none 2 2 3 5 1
Usage: CLTS
Modifies flags: None
Clears the Task Switched Flag in the Machine Status Register. This
is a privileged operation and is generally used only by operating
system code.
Clocks Size
Operands 808x 286 386 486 Bytes
none - 2 5 7 2
Usage: CMC
Modifies flags: CF
Toggles (inverts) the Carry Flag
Clocks Size
Operands 808x 286 386 486 Bytes
none 2 2 2 2 1
Usage: CMP dest,src
Modifies flags: AF CF OF PF SF ZF
Subtracts source from destination and updates the flags but does
not save result. Flags can subsequently be checked for conditions.
Clocks Size
Operands 808x 286 386 486 Bytes
reg,reg 3 2 2 1 2
mem,reg 9+EA 7 5 2 2-4 (W88=13+EA)
reg,mem 9+EA 6 6 2 2-4 (W88=13+EA)
reg,immed 4 3 2 1 3-4
mem,immed 10+EA 6 5 2 3-6 (W88=14+EA)
accum,immed 4 3 2 1 2-3
Usage: CMPS dest,src
CMPSB
CMPSW
CMPSD (386+)
Modifies flags: AF CF OF PF SF ZF
Subtracts destination value from source without saving results.
Updates flags based on the subtraction and the index registers
(E)SI and (E)DI are incremented or decremented depending on the
state of the Direction Flag. CMPSB inc/decrements the index
registers by 1, CMPSW inc/decrements by 2, while CMPSD increments
or decrements by 4. The REP prefixes can be used to process
entire data items.
Clocks Size
Operands 808x 286 386 486 Bytes
dest,src 22 8 10 8 1 (W88=30)
Usage: CMPXCHG dest,src (486+)
Modifies flags: AF CF OF PF SF ZF
Compares the accumulator (8-32 bits) with "dest". If equal the
"dest" is loaded with "src", otherwise the accumulator is loaded
with "dest".
Clocks Size
Operands 808x 286 386 486 Bytes
reg,reg - - - 6 2
mem,reg - - - 7 2
- add 3 clocks if the "mem,reg" comparison fails
Usage: CWD
Modifies flags: None
Extends sign of word in register AX throughout register DX forming
a doubleword quantity in DX:AX.
Clocks Size
Operands 808x 286 386 486 Bytes
none 5 2 2 3 1
Usage: CWDE
Modifies flags: None
Converts a signed word in AX to a signed doubleword in EAX by
extending the sign bit of AX throughout EAX.
Clocks Size
Operands 808x 286 386 486 Bytes
none - - 3 3 1
Usage: DAA
Modifies flags: AF CF PF SF ZF (OF undefined)
Corrects result (in AL) of a previous BCD addition operation.
Contents of AL are changed to a pair of packed decimal digits.
Clocks Size
Operands 808x 286 386 486 Bytes
none 4 3 4 2 1
Usage: DAS
Modifies flags: AF CF PF SF ZF (OF undefined)
Corrects result (in AL) of a previous BCD subtraction operation.
Contents of AL are changed to a pair of packed decimal digits.
Clocks Size
Operands 808x 286 386 486 Bytes
none 4 3 4 2 1
Usage: DEC dest
Modifies flags: AF OF PF SF ZF
Unsigned binary subtraction of one from the destination.
Clocks Size
Operands 808x 286 386 486 Bytes
reg8 3 2 2 1 2
mem 15+EA 7 6 3 2-4
reg16/32 3 2 2 1 1
Usage: DIV src
Modifies flags: (AF,CF,OF,PF,SF,ZF undefined)
Unsigned binary division of accumulator by source. If the source
divisor is a byte value then AX is divided by "src" and the quotient
is placed in AL and the remainder in AH. If source operand is a word
value, then DX:AX is divided by "src" and the quotient is stored in AX
and the remainder in DX.
Clocks Size
Operands 808x 286 386 486 Bytes
reg8 80-90 14 14 16 2
reg16 144-162 22 22 24 2
reg32 - - 38 40 2
mem8 (86-96)+EA 17 17 16 2-4
mem16 (150-168)+EA 25 25 24 2-4 (W88=158-176+EA)
mem32 - - 41 40 2-4
Usage: ENTER locals,level
Modifies flags: None
Modifies stack for entry to procedure for high level language.
Operand "locals" specifies the amount of storage to be allocated
on the stack. "Level" specifies the nesting level of the routine.
Paired with the LEAVE instruction, this is an efficient method of
entry and exit to procedures.
Clocks Size
Operands 808x 286 386 486 Bytes
immed16,0 - 11 10 14 4
immed16,1 - 15 12 17 4
immed16,immed8 - 12+4(n-1) 15+4(n-1) 17+3n 4
Usage: ESC immed,src
Modifies flags: None
Provides access to the data bus for other resident processors.
The CPU treats it as a NOP but places memory operand on bus.
Clocks Size
Operands 808x 286 386 486 Bytes
immed,reg 2 9-20 ? 2
immed,mem 2 9-20 ? 2-4
Usage: HLT
Modifies flags: None
Halts CPU until RESET line is activated, NMI or maskable interrupt
received. The CPU becomes dormant but retains the current CS:IP
for later restart.
Clocks Size
Operands 808x 286 386 486 Bytes
none 2 2 5 4 1
Usage: IDIV src
Modifies flags: (AF,CF,OF,PF,SF,ZF undefined)
Signed binary division of accumulator by source. If source is a
byte value, AX is divided by "src" and the quotient is stored in
AL and the remainder in AH. If source is a word value, DX:AX is
divided by "src", and the quotient is stored in AL and the
remainder in DX.
Clocks Size
Operands 808x 286 386 486 Bytes
reg8 101-112 17 19 19 2
reg16 165-184 25 27 27 2
reg32 - - 43 43 2
mem8 (107-118)+EA 20 22 20 2-4
mem16 (171-190)+EA 38 30 28 2-4 (W88=175-194)
mem32 - - 46 44 2-4
Usage: IMUL src
IMUL src,immed (286+)
IMUL dest,src,immed8 (286+)
IMUL dest,src (386+)
Modifies flags: CF OF (AF,PF,SF,ZF undefined)
Signed multiplication of accumulator by "src" with result placed
in the accumulator. If the source operand is a byte value, it
is multiplied by AL and the result stored in AX. If the source
operand is a word value it is multiplied by AX and the result is
stored in DX:AX. Other variations of this instruction allow
specification of source and destination registers as well as a
third immediate factor.
Clocks Size
Operands 808x 286 386 486 Bytes
reg8 80-98 13 9-14 13-18 2
reg16 128-154 21 9-22 13-26 2
reg32 - - 9-38 12-42 2
mem8 86-104 16 12-17 13-18 2-4
mem16 134-160 24 12-25 13-26 2-4
mem32 - - 12-41 13-42 2-4
reg16,reg16 - - 9-22 13-26 3-5
reg32,reg32 - - 9-38 13-42 3-5
reg16,mem16 - - 12-25 13-26 3-5
reg32,mem32 - - 12-41 13-42 3-5
reg16,immed - 21 9-22 13-26 3
reg32,immed - 21 9-38 13-42 3-6
reg16,reg16,immed - 2 9-22 13-26 3-6
reg32,reg32,immed - 21 9-38 13-42 3-6
reg16,mem16,immed - 24 12-25 13-26 3-6
reg32,mem32,immed - 24 12-41 13-42 3-6
Usage: IN accum,port
Modifies flags: None
A byte, word or dword is read from "port" and placed in AL, AX or
EAX respectively. If the port number is in the range of 0-255
it can be specified as an immediate, otherwise the port number
must be specified in DX. Valid port ranges on the PC are 0-1024,
though values through 65535 may be specified and recognized by
third party vendors and PS/2's.
Clocks Size
Operands 808x 286 386 486 Bytes
accum,immed8 10/14 5 12 14 2
accum,immed8 (PM) 6/26 8/28/27 2
accum,DX 8/12 5 13 14 1
accum,DX (PM) 7/27 8/28/27 1
- 386+ protected mode timings depend on privilege levels.
first number is the timing if: CPL ?IOPL
second number is the timing if: CPL > IOPL or in VM 86 mode (386)
CPL ?IOPL (486)
third number is the timing when: virtual mode on 486 processor
- 486 virtual mode always requires 27 cycles
Usage: INC dest
Modifies flags: AF OF PF SF ZF
Adds one to destination unsigned binary operand.
Clocks Size
Operands 808x 286 386 486 Bytes
reg8 3 2 2 1 2
reg16 3 2 2 1 1
reg32 3 2 2 1 1
mem 15+EA 7 6 3 2-4 (W88=23+EA)
Usage: INS dest,port
INSB
INSW
INSD (386+)
Modifies flags: None
Loads data from port to the destination ES:(E)DI (even if a
destination operand is supplied). (E)DI is adjusted by the size
of the operand and increased if the Direction Flag is cleared and
decreased if the Direction Flag is set. For INSB, INSW, INSD no
operands are allowed and the size is determined by the mnemonic.
Clocks Size
Operands 808x 286 386 486 Bytes
dest,port - 5 15 17 1
dest,port (PM) - 5 9/29 10/32/30 1
none - 5 15 17 1
none (PM) - 5 9/29 10/32/30 1
- 386+ protected mode timings depend on privilege levels.
first number is the timing if: CPL ?IOPL
second number is the timing if: CPL > IOPL
third number is the timing if: virtual mode on 486 processor
Usage: INT num
Modifies flags: TF IF
Initiates a software interrupt by pushing the flags, clearing the
Trap and Interrupt Flags, pushing CS followed by IP and loading
CS:IP with the value found in the interrupt vector table. Execution
then begins at the location addressed by the new CS:IP
Clocks Size
Operands 808x 286 386 486 Bytes
3 (constant) 52/72 23+m 33 26 2
3 (prot. mode, same priv.) - 40+m 59 44 2
3 (prot. mode, more priv.) - 78+m 99 71 2
3 (from VM86 to PL 0) - - 119 82 2
3 (prot. mode via task gate) - 167+m TS 37+TS 2
immed8 51/71 23+m 37 30 1
immed8 (prot. mode, same priv.) - 40+m 59 44 1
immed8 (prot. mode, more priv.) - 78+m 99 71 1
immed8 (from VM86 to PL 0) - - 119 86 1
immed8 (prot. mode, via task gate) - 167+m TS 37+TS 1
Usage: INTO
Modifies flags: IF TF
If the Overflow Flag is set this instruction generates an INT 4
which causes the code addressed by 0000:0010 to be executed.
Clocks Size
Operands 808x 286 386 486 Bytes
none: jump 53/73 24+m 35 28 1
no jump 4 3 3 3
(prot. mode, same priv.) - - 59 46 1
(prot. mode, more priv.) - - 99 73 1
(from VM86 to PL 0) - - 119 84 1
(prot. mode, via task gate) - TS 39+TS 1
Usage: INVD
Modifies flags: none
Flushes CPU internal cache. Issues special function bus cycle
which indicates to flush external caches. Data in write-back
external caches is lost.
Clocks Size
Operands 808x 286 386 486 Bytes
none - - - 4 2
Usage: INVLPG
Modifies flags: none
Invalidates a single page table entry in the Translation
Look-Aside Buffer. Intel warns that this instruction may be
implemented differently on future processors.
Clocks Size
Operands 808x 286 386 486 Bytes
none - - - 12 2
- timing is for TLB entry hit only.
Usage: IRET
IRETD (386+)
Modifies flags: AF CF DF IF PF SF TF ZF
Returns control to point of interruption by popping IP, CS
and then the Flags from the stack and continues execution at
this location. CPU exception interrupts will return to the
instruction that cause the exception because the CS:IP placed
on the stack during the interrupt is the address of the offending
instruction.
Clocks Size
Operands 808x 286 386 486 Bytes
iret 32/44 17+m 22 15 1
iret (prot. mode) - 31+m 38 15 1
iret (to less privilege) - 55+m 82 36 1
iret (different task, NT=1) - 169+m TS TS+32 1
iretd - - 22/38 15 1
iretd (to less privilege) - - 82 36 1
iretd (to VM86 mode) - - 60 15 1
iretd (different task, NT=1) - - TS TS+32 1
- 386 timings are listed as real-mode/protected-mode
Mnemonic Meaning Jump Condition
JA Jump if Above CF=0 and ZF=0
JAE Jump if Above or Equal CF=0
JB Jump if Below CF=1
JBE Jump if Below or Equal CF=1 or ZF=1
JC Jump if Carry CF=1
JCXZ Jump if CX Zero CX=0
JE Jump if Equal ZF=1
JG Jump if Greater (signed) ZF=0 and SF=OF
JGE Jump if Greater or Equal (signed) SF=OF
JL Jump if Less (signed) SF != OF
JLE Jump if Less or Equal (signed) ZF=1 or SF != OF
JMP Unconditional Jump unconditional
JNA Jump if Not Above CF=1 or ZF=1
JNAE Jump if Not Above or Equal CF=1
JNB Jump if Not Below CF=0
JNBE Jump if Not Below or Equal CF=0 and ZF=0
JNC Jump if Not Carry CF=0
JNE Jump if Not Equal ZF=0
JNG Jump if Not Greater (signed) ZF=1 or SF != OF
JNGE Jump if Not Greater or Equal (signed) SF != OF
JNL Jump if Not Less (signed) SF=OF
JNLE Jump if Not Less or Equal (signed) ZF=0 and SF=OF
JNO Jump if Not Overflow (signed) OF=0
JNP Jump if No Parity PF=0
JNS Jump if Not Signed (signed) SF=0
JNZ Jump if Not Zero ZF=0
JO Jump if Overflow (signed) OF=1
JP Jump if Parity PF=1
JPE Jump if Parity Even PF=1
JPO Jump if Parity Odd PF=0
JS Jump if Signed (signed) SF=1
JZ Jump if Zero ZF=1
Clocks Size
Operands 808x 286 386 486 Bytes
Jx: jump 16 7+m 7+m 3 2
no jump 4 3 3 1
Jx near-label - - 7+m 3 4
no jump - - 3 1
- It's a good programming practice to organize code so the
expected case is executed without a jump since the actual
jump takes longer to execute than falling through the test.
- see JCXZ and JMP for their respective timings
Usage: JCXZ label
JECXZ label (386+)
Modifies flags: None
Causes execution to branch to "label" if register CX is zero. Uses
unsigned comparision.
Clocks Size
Operands 808x 286 386 486 Bytes
label: jump 18 8+m 9+m 8 2
no jump 6 4 5 5
Usage: JMP target
Modifies flags: None
Unconditionally transfers control to "label". Jumps by default
are within -32768 to 32767 bytes from the instruction following
the jump. NEAR and SHORT jumps cause the IP to be updated while FAR
jumps cause CS and IP to be updated.
Clocks
Operands 808x 286 386 486
rel8 (relative) 15 7+m 7+m 3
rel16 (relative) 15 7+m 7+m 3
rel32 (relative) - - 7+m 3
reg16 (near, register indirect) 11 7+m 7+m 5
reg32 (near, register indirect) - - 7+m 5
mem16 (near, mem indirect) 18+EA 11+m 10+m 5
mem32 (near, mem indirect) 24+EA 15+m 10+m 5
ptr16:16 (far, dword immed) - - 12+m 17
ptr16:16 (far, PM dword immed) - - 27+m 19
ptr16:16 (call gate, same priv.) - 38+m 45+m 32
ptr16:16 (via TSS) - 175+m TS 42+TS
ptr16:16 (via task gate) - 180+m TS 43+TS
mem16:16 (far, indirect) - - 43+m 13
mem16:16 (far, PM indirect) - - 31+m 18
mem16:16 (call gate, same priv.) - 41+m 49+m 31
mem16:16 (via TSS) - 178+m 5+TS 41+TS
mem16:16 (via task gate) - 183+m 5+TS 42+TS
ptr16:32 (far, 6 byte immed) - - 12+m 13
ptr16:32 (far, PM 6 byte immed) - - 27+m 18
ptr16:32 (call gate, same priv.) - - 45+m 31
ptr16:32 (via TSS) - - TS 42+TS
ptr16:32 (via task state) - - TS 43+TS
m16:32 (far, address at dword) - - 43+m 13
m16:32 (far, address at dword) - - 31+m 18
m16:32 (call gate, same priv.) - - 49+m 31
m16:32 (via TSS) - - 5+TS 41+TS
m16:32 (via task state) - - 5+TS 42+TS
