Instructions
Usage: INT num
Modifies flags: TF IF
Initiates a software interrupt by pushing the flags, clearing the
Trap and Interrupt Flags, pushing CS followed by IP and loading
CS:IP with the value found in the interrupt vector table. Execution
then begins at the location addressed by the new CS:IP
Clocks Size
Operands 808x 286 386 486 Bytes
3 (constant) 52/72 23+m 33 26 2
3 (prot. mode, same priv.) - 40+m 59 44 2
3 (prot. mode, more priv.) - 78+m 99 71 2
3 (from VM86 to PL 0) - - 119 82 2
3 (prot. mode via task gate) - 167+m TS 37+TS 2
immed8 51/71 23+m 37 30 1
immed8 (prot. mode, same priv.) - 40+m 59 44 1
immed8 (prot. mode, more priv.) - 78+m 99 71 1
immed8 (from VM86 to PL 0) - - 119 86 1
immed8 (prot. mode, via task gate) - 167+m TS 37+TS 1
LGDT - Load Global Descriptor Table (286+ privileged)
Usage: LGDT src
Modifies flags: None
Loads a value from an operand into the Global Descriptor Table
(GDT) register.
Clocks Size
Operands 808x 286 386 486 Bytes
mem64 - 11 11 11 5
LLDT - Load Local Descriptor Table (286+ privileged)
Usage: LLDT src
Modifies flags: None
Loads a value from an operand into the Local Descriptor Table
Register (LDTR).
Clocks Size
Operands 808x 286 386 486 Bytes
reg16 - 17 20 11 3
mem16 - 19 24 11 5
STI - Set Interrupt Flag (Enable Interrupts)
Usage: STI
Modifies flags: IF
Sets the Interrupt Flag to 1, which enables recognition of all
hardware interrupts. If an interrupt is generated by a hardware
device, an End of Interrupt (EOI) must also be issued to enable
other hardware interrupts of the same or lower priority.
Clocks Size
Operands 808x 286 386 486 Bytes
none 2 2 2 5 1
RET/RETF - Return From Procedure
Usage: RET nBytes
RETF nBytes
RETN nBytes
Modifies flags: None
Transfers control from a procedure back to the instruction address
saved on the stack. n bytes is an optional number of bytes to
release. Far returns pop the IP followed by the CS, while near
returns pop only the IP register.
Clocks Size
Operands 808x 286 386 486 Bytes
retn 16/20 11+m 10+m 5 1
retn immed 20/24 11+m 10+m 5 3
retf 26/34 15+m 18+m 13 1
retf (PM, same priv.) - 32+m 18 1
retf (PM, lesser priv.) - 68 33 1
retf immed 25/33 15+m 18+m 14 3
retf immed (PM, same priv.) 32+m 17 1
retf immed (PM, lesser priv.) 68 33 1
IN - Input Byte or Word From Port
Usage: IN accum,port
Modifies flags: None
A byte, word or dword is read from port and placed in AL, AX or
EAX respectively. If the port number is in the range of 0-255
it can be specified as an immediate, otherwise the port number
must be specified in DX. Valid port ranges on the PC are 0-1024,
though values through 65535 may be specified and recognized by
third party vendors and PS/2's.
Clocks Size
Operands 808x 286 386 486 Bytes
accum,immed8 10/14 5 12 14 2
accum,immed8 (PM) 6/26 8/28/27 2
accum,DX 8/12 5 13 14 1
accum,DX (PM) 7/27 8/28/27 1
- 386+ protected mode timings depend on privilege levels.
first number is the timing if: CPL ó IOPL
second number is the timing if: CPL > IOPL or in VM 86 mode (386)
CPL ò IOPL (486)
third number is the timing when: virtual mode on 486 processor
- 486 virtual mode always requires 27 cycles
OUT - Output Data to Port
Usage: OUT port,accum
Modifies flags: None
Transfers byte in AL,word in AX or dword in EAX to the specified
hardware port address. If the port number is in the range of 0-255
it can be specified as an immediate. If greater than 255 then the
port number must be specified in DX. Since the PC only decodes 10
bits of the port address, values over 1023 can only be decoded by
third party vendor equipment and also map to the port range 0-1023.
Clocks Size
Operands 808x 286 386 486 Bytes
immed8,accum 10/14 3 10 16 2
immed8,accum (PM) - - 4/24 11/31/29 2
DX,accum 8/12 3 11 16 1
DX,accum (PM) - - 5/25 10/30/29 1
- 386+ protected mode timings depend on privilege levels.
first number is the timing when: CPL ó IOPL
second number is the timing when: CPL > IOPL
third number is the timing when: virtual mode on 486 processor
MOVZX -- Move with Zero-Extend
MOVZX -- Move with Zero-Extend Opcode Instruction Clocks Description 0F B6 /r MOVZX r16,r/m8 3/6 Move byte to word with zero-extend 0F B6 /r MOVZX r32,r/m8 3/6 Move byte to dword, zero-extend 0F B7 /r MOVZX r32,r/m16 3/6 Move word to dword, zero-extend Operation DEST = ZeroExtend(SRC); Description MOVZX reads the contents of the effective address or register as a byte or a word, zero extends the value to the operand-size attribute of the instruction (16 or 32 bits), and stores the result in the destination register. Flags Affected None Protected Mode Exceptions #GP(0) for an illegal memory operand effective address in the CS, DS, ES, FS, or GS segments; #SS(0) for an illegal address in the SS segment; #PF(fault-code) for a page fault Real Address Mode Exceptions Interrupt 13 if any part of the operand would lie outside of the effective address space from 0 to 0FFFFH Virtual 8086 Mode Exceptions Same exceptions as in Real Address Mode; #PF(fault-code) for a page fault
CLD - Clear Direction Flag
Usage: CLD
Modifies flags: DF
Clears the Direction Flag causing string instructions to increment
the SI and DI index registers.
Clocks Size
Operands 808x 286 386 486 Bytes
none 2 2 2 2 1
TEST - Test For Bit Pattern
Usage: TEST dest,src
Modifies flags: CF OF PF SF ZF (AF undefined)
Performs a logical AND of the two operands updating the flags
register without saving the result.
Clocks Size
Operands 808x 286 386 486 Bytes
reg,reg 3 2 1 1 2
reg,mem 9+EA 6 5 1 2-4 (W88=13+EA)
mem,reg 9+EA 6 5 2 2-4 (W88=13+EA)
reg,immed 5 3 2 1 3-4
mem,immed 11+EA 6 5 2 3-6
accum,immed 4 3 2 1 2-3
LODS/LODSB/LODSW/LODSD--Load String
Opcode |
Instruction |
Description |
|---|---|---|
|
AC |
LODS m8 |
Load byte at address DS:(E)SI into AL |
|
AD |
LODS m16 |
Load word at address DS:(E)SI into AX |
|
AD |
LODS m32 |
Load doubleword at address DS:(E)SI into EAX |
|
AC |
LODSB |
Load byte at address DS:(E)SI into AL |
|
AD |
LODSW |
Load word at address DS:(E)SI into AX |
|
AD |
LODSD |
Load doubleword at address DS:(E)SI into EAX |
Description
Loads a byte, word, or doubleword from the source operand into the AL, AX, or EAX register, respectively. The source operand is a memory location, the address of which is read from the DS:EDI or the DS:SI registers (depending on the address-size attribute of the instruction, 32 or 16, respectively). The DS segment may be overridden with a segment override prefix.
At the assembly-code level, two forms of this instruction are allowed: the "explicit-operands" form and the "no-operands" form. The explicit-operands form (specified with the LODS mnemonic) allows the source operand to be specified explicitly. Here, the source operand should be a symbol that indicates the size and location of the source value. The destination operand is then automatically selected to match the size of the source operand (the AL register for byte operands, AX for word operands, and EAX for doubleword operands). This explicit-operands form is provided to allow documentation; however, note that the documentation provided by this form can be misleading. That is, the source operand symbol must specify the correct type (size) of the operand (byte, word, or doubleword), but it does not have to specify the correct location. The location is always specified by the DS:(E)SI registers, which must be loaded correctly before the load string instruction is executed.
The no-operands form provides "short forms" of the byte, word, and doubleword versions of the LODS instructions. Here also DS:(E)SI is assumed to be the source operand and the AL, AX, or EAX register is assumed to be the destination operand. The size of the source and destination operands is selected with the mnemonic: LODSB (byte loaded into register AL), LODSW (word loaded into AX), or LODSD (doubleword loaded into EAX).
After the byte, word, or doubleword is transferred from the memory location into the AL, AX, or EAX register, the (E)SI register is incremented or decremented automatically according to the setting of the DF flag in the EFLAGS register. (If the DF flag is 0, the (E)SI register is incremented; if the DF flag is 1, the ESI register is decremented.) The (E)SI register is incremented or decremented by 1 for byte operations, by 2 for word operations, or by 4 for doubleword operations.
The LODS, LODSB, LODSW, and LODSD instructions can be preceded by the REP prefix for block loads of ECX bytes, words, or doublewords. More often, however, these instructions are used within a LOOP construct because further processing of the data moved into the register is usually necessary before the next transfer can be made. See REP/REPE/REPZ/REPNE /REPNZ--Repeat String Operation Prefix in this chapter for a description of the REP prefix.
Operation
IF (byte load)
THEN
AL
SRC; (* byte load *)
THEN IF DF
0
THEN (E)SI
(E)SI + 1;
ELSE (E)SI
(E)SI - 1;
FI;
ELSE IF (word load)
THEN
AX
SRC; (* word load *)
THEN IF DF
0
THEN (E)SI
(E)SI + 2;
ELSE (E)SI
(E)SI - 2;
FI;
ELSE (* doubleword transfer *)
EAX
SRC; (* doubleword load *)
THEN IF DF
0
THEN (E)SI
(E)SI + 4;
ELSE (E)SI
(E)SI - 4;
FI;
FI;
FI;
Flags Affected
None.
Protected Mode Exceptions
#GP(0) - If a memory operand effective address is outside the CS, DS, ES, FS, or GS segment limit. If the DS, ES, FS, or GS register contains a null segment selector.
#SS(0) - If a memory operand effective address is outside the SS segment limit.
#PF(fault-code) - If a page fault occurs.
#AC(0) - If alignment checking is enabled and an unaligned memory reference is made while the current privilege level is 3.
Real-Address Mode Exceptions
#GP - If a memory operand effective address is outside the CS, DS, ES, FS, or GS segment limit.
#SS - If a memory operand effective address is outside the SS segment limit.
Virtual-8086 Mode Exceptions
#GP(0) - If a memory operand effective address is outside the CS, DS, ES, FS, or GS segment limit.
#SS(0) - If a memory operand effective address is outside the SS segment limit.
#PF(fault-code) - If a page fault occurs.
#AC(0) - If alignment checking is enabled and an unaligned memory reference is made.
