Location via proxy:   [ UP ]  
[Report a bug]   [Manage cookies]                

Unit 2 - 2

Download as pptx, pdf, or txt
Download as pptx, pdf, or txt
You are on page 1of 44

Unit 2

Section 1.2
System Instructions
System Instructions

Systems instructions deal with such functions as:


• Verification of pointer parameters
▫ ARPL -- Adjust RPL
▫ LAR -- Load Access Rights
▫ LSL -- Load Segment Limit
▫ VERR -- Verify for Reading
▫ VERW -- Verify for Writing
• Addressing descriptor tables
▫ LLDT -- Load LDT Register
▫ SLDT -- Store LDT Register
▫ LGDT -- Load GDT Register
▫ SGDT -- Store GDT Register
System Instructions
• Multitasking
▫ LTR -- Load Task Register
▫ STR -- Store Task Register
• Coprocessing and Multiprocessing
▫ CLTS -- Clear Task-Switched Flag
▫ ESC -- Escape instructions
▫ WAIT -- Wait until Coprocessor not Busy
▫ LOCK -- Assert Bus-Lock Signal
• Input and Output
▫ IN -- Input
▫ OUT -- Output
▫ INS -- Input String
▫ OUTS -- Output String
System Instructions
• Interrupt control
▫ CLI -- Clear Interrupt-Enable Flag
▫ STI -- Set Interrupt-Enable Flag
▫ LIDT -- Load IDT Register
▫ SIDT -- Store IDT Register
• Debugging
▫ MOV -- Move to and from debug registers
• TLB testing
▫ MOV -- Move to and from test registers
• System Control:
▫ SMSW -- Set MSW
▫ LMSW -- Load MSW
▫ HLT -- Halt Processor
▫ MOV -- Move to and from control registers
System Instructions

• The instructions SMSW and LMSW are provided for


compatibility with the 80286 processor. 80386 programs
access the MSW in CR0 via variants of the MOV instruction.
HLT stops the processor until receipt of an INTR or RESET
signal.
Pointer parameter verification

• ARPL -- Adjust RPL Field of Selector


Opcode Instruction Clocks Description
63 /r ARPL r/m16,r16 pm=20/21 Adjust RPL of r/m16 to
not less than RPL of r16
Operation
IF RPL bits(0,1) of DEST < RPL bits(0,1) of SRC
THEN
ZF := 1; RPL bits(0,1) of DEST := RPL bits(0,1) of SRC;
ELSE
ZF := 0;
FI;
Pointer parameter verification

• The ARPL instruction has two operands.


• The first operand is a 16-bit memory variable or word register that contains
the value of a selector. The second operand is a word register.
• If the RPL field ("requested privilege level"--bottom two bits) of the first
operand is less than the RPL field of the second operand, the zero flag is set to
1 and the RPL field of the first operand is increased to match the second
operand. Otherwise, the zero flag is set to 0 and no change is made to the first
operand.
• ARPL appears in operating system software, not in application
programs. It is used to guarantee that a selector parameter to a
subroutine does not request more privilege than the caller is allowed.
The second operand of ARPL is normally a register that contains the CS
selector value of the caller.
Pointer parameter verification

• LAR -- Load Access Rights Byte


Opcode Instruction Clocks Description
0F 02 /r LAR r16,r/m16 pm=15/16 r16 := r/m16 masked by
FF00
0F 02 /r LAR r32,r/m32 pm=15/16 r32 := r/m32 masked by
00FxFF00
Description
The LAR instruction stores a marked form of the second doubleword
of the descriptor for the source selector if the selector is visible at
the CPL (modified by the selector's RPL) and is a valid descriptor
type. The destination register is loaded with the high-order
doubleword of the descriptor masked by 00FxFF00, and ZF is set to
1. The x indicates that the four bits corresponding to the upper four
bits of the limit are undefined in the value loaded by LAR. If the
selector is invisible or of the wrong type, ZF is cleared.
Pointer parameter verification

If the 32-bit operand size is specified, the entire 32-bit value is loaded into
the 32-bit destination register. If the 16-bit operand size is specified, the
lower 16-bits of this value are stored in the 16-bit destination register.
All code and data segment descriptors are valid for LAR.
Pointer parameter verification

• LSL -- Load Segment Limit


Opcode Instruction Clocks Description
0F 03 /r LSL r16,r/m16 pm=20/21 Load: r16 := segment
limit, selector r/m16 (byte
granular)
0F 03 /r LSL r32,r/m32 pm=20/21 Load: r32 := segment
limit, selector r/m32 (byte
granular)
0F 03 /r LSL r16,r/m16 pm=25/26 Load: r16 := segment
limit, selector r/m16 (page
granular)
0F 03 /r LSL r32,r/m32 pm=25/26 Load: r32 :=
segment limit, selector
r/m32 (page granular)
Pointer parameter verification

The LSL instruction loads a register with an unscrambled segment limit, and
sets ZF to 1, provided that the source selector is visible at the CPL
weakened by RPL, and that the descriptor is a type accepted by LSL.
Otherwise, ZF is cleared to 0, and the destination register is unchanged.
The segment limit is loaded as a byte granular value.
If the descriptor has a page granular segment limit, LSL will translate it to a
byte limit before loading it in the destination register (shift left 12 the 20-
bit "raw" limit from descriptor, then OR with 00000FFFH).
The 32-bit forms of this instruction store the 32-bit byte granular limit in the
16-bit destination register.
Code and data segment descriptors are valid for LSL.
Pointer parameter verification

• VERR, VERW -- Verify a Segment for Reading or Writing


Opcode Instruction Clocks Description
0F 00 /4 VERR r/m16 pm=10/11 Set ZF=1 if segment
can be read, selector in r/m16
0F 00 /5 VERW r/m16 pm=15/16 Set ZF=1 if segment
can be written, selector in r/m16
Operation
IF segment with selector at (r/m) is accessible with current protection
level AND ((segment is readable for VERR) OR (segment is writable
for VERW))
THEN ZF := 0;
ELSE ZF := 1;
FI;
Pointer parameter verification
The two-byte register or memory operand of VERR and VERW contains the
value of a selector. VERR and VERW determine whether the segment
denoted by the selector is reachable from the current privilege level and
whether the segment is readable (VERR) or writable (VERW). If the
segment is accessible, the zero flag is set to 1; if the segment is not
accessible, the zero flag is set to 0. To set ZF, the following conditions
must be met: The selector must denote a descriptor within the bounds of
the table (GDT or LDT); the selector must be "defined."
The selector must denote the descriptor of a code or data segment (not that of
a task state segment, LDT, or a gate).
For VERR, the segment must be readable. For VERW, the segment must be a
writable data segment.
If the code segment is readable and conforming, the descriptor privilege level
(DPL) can be any value for VERR. Otherwise, the DPL must be greater
than or equal to (have less or the same privilege as) both the current
privilege level and the selector's RPL.
Addressing Descriptor tables
• LLDT -- Load Local Descriptor Table Register
Opcode Instruction Clocks Description
0F 00 /2 LLDT r/m16 20 Load selector r/m16
into LDTR
Operation
LDTR := SRC;
LLDT loads the Local Descriptor Table register (LDTR). The word
operand (memory or register) to LLDT should contain a selector to
the Global Descriptor Table (GDT).
The GDT entry should be a Local Descriptor Table. If so, then the
LDTR is loaded from the entry. The descriptor registers DS, ES, SS,
FS, GS, and CS are not affected. The LDT field in the task state
segment does not change.
The selector operand can be 0; if so, the LDTR is marked invalid. All
descriptor references (except by the LAR, VERR, VERW or LSL
instructions) cause a #GP fault.
Addressing Descriptor tables
• SLDT -- Store Local Descriptor Table Register
Opcode Instruction Clocks Description
0F 00 /0 SLDT r/m16 pm=2/2 Store LDTR to EA
word
Operation
r/m16 := LDTR;

SLDT stores the Local Descriptor Table Register (LDTR) in the two-
byte register or memory location indicated by the effective address
operand. This register is
• Protected Mode Exceptions : #GP(0) if the result is in a nonwritable
segment; #GP(0) for an illegal memory operand effective address in
the CS, DS, ES, FS, or GS segments; #SS(0) for an illegal address in
the SS segment; #PF(fault-code) for a page fault a selector that
points into the Global Descriptor Table.
Addressing Descriptor tables
• LGDT/LIDT -- Load Global/Interrupt Descriptor Table
Register
Opcode Instruction Clocks Description
0F 01 /2 LGDT m16&32 11 Load m into GDTR
0F 01 /3 LIDT m16&32 11 Load m into IDTR
Operation
IF instruction = LIDT
THEN
IF OperandSize = 16
THEN IDTR.Limit:Base := m16:24 (* 24 bits of base loaded *)
ELSE IDTR.Limit:Base := m16:32
FI;
ELSE (* instruction = LGDT *)
IF OperandSize = 16
THEN GDTR.Limit:Base := m16:24 (* 24 bits of base loaded *)
ELSE GDTR.Limit:Base := m16:32;
FI;
FI;
Addressing Descriptor tables

• The LGDT and LIDT instructions load a linear base address and limit value
from a six-byte data operand in memory into the GDTR or IDTR, respectively.
If a 16-bit operand is used with LGDT or LIDT, the register is loaded with a
16-bit limit and a 24-bit base, and the high-order eight bits of the six-byte data
operand are not used.
• If a 32-bit operand is used, a 16-bit limit and a 32-bit base is loaded; the
high-order eight bits of the six-byte operand are used as high-order base
address bits.
• The SGDT and SIDT instructions always store into all 48 bits of the six-byte
data operand. With the 80286, the upper eight bits are undefined after SGDT
or SIDT is executed.
• With the 80386, the upper eight bits are written with the high-order eight
address bits, for both a 16-bit operand and a 32-bit operand. If LGDT or LIDT
is used with a 16-bit operand to load the register stored by SGDT or SIDT, the
upper eight bits are stored as zeros.
Addressing Descriptor tables
• SGDT/SIDT -- Store Global/Interrupt Descriptor Table
Register
Opcode Instruction Clocks Description
0F 01 /0 SGDT m 9 Store GDTR to
m 0F 01 /1 SIDT m 9 Store IDTR
to m
Operation
DEST := 48-bit BASE/LIMIT register contents;

SGDT/SIDT copies the contents of the descriptor table register the six
bytes of memory indicated by the operand. The LIMIT field of the
register is assigned to the first word at the effective address. If the
operand-size attribute is 32 bits, the next three bytes are assigned the
BASE field of the register, and the fourth byte is written with zero. The
last byte is undefined. Otherwise, if the operand-size attribute is 16 bits,
the next four bytes are assigned the 32-bit BASE field of the register.
Multitasking

• LTR -- Load Task Register


Opcode Instruction Clocks Description
0F 00 /3 LTR r/m16 pm=23/27 Load EA word into
task register

Description
LTR loads the task register from the source register or memory
location specified by the operand. The loaded task state segment is
marked busy. A task switch does not occur.
Multitasking

• STR -- Store Task Register


Opcode Instruction Clocks Description
0F 00 /1 STR r/m16 pm=23/27 Load EA word into
task register

Operation
r/m := task register;

Description
The contents of the task register are copied to the two-byte register or
memory location indicated by the effective address operand. STR is
used only in operating system software. It is not used in application
programs.
Coprocessing and Multiprocessing
• CLTS -- Clear Task-Switched Flag in CR0
Opcode Instruction Clocks Description
OF 06 CLTS 5 Clear task-switched flag
Operation
TS Flag in CR0 := 0;

CLTS clears the task-switched (TS) flag in register CR0. This flag is set by
the 80386 every time a task switch occurs. The TS flag is used to
manage processor extensions as follows: Every execution of an ESC
instruction is trapped if the TS flag is set.
Execution of a WAIT instruction is trapped if the MP flag and the TS flag
are both set.
Thus, if a task switch was made after an ESC instruction was begun, the
processor extension's context may need to be saved before a new ESC
instruction can be issued. The fault handler saves the context and resets
the TS flag.
Coprocessing and Multiprocessing

• WAIT -- Wait until BUSY# Pin is Inactive (HIGH)


Opcode Instruction Clocks Description
9B WAIT 6 min. Wait until BUSY pin is
inactive (HIGH)

Description
WAIT suspends execution of 80386 instructions until the BUSY# pin
is inactive (high). The BUSY# pin is driven by the 80287 numeric
processor extension.

Flags Affected
None
Coprocessing and Multiprocessing

• LOCK -- Assert LOCK# Signal Prefix


Opcode Instruction Clocks Description
F0 LOCK 0 Assert LOCK# signal
for the next instruction

Description
The LOCK prefix causes the LOCK# signal of the 80386 to be asserted
during execution of the instruction that follows it. In a
multiprocessor environment, this signal can be used to ensure that
the 80386 has exclusive use of any shared memory while LOCK# is
asserted. The read-modify-write sequence typically used to
implement test-and-set on the 80386 is the BTS instruction.
Coprocessing and Multiprocessing
• The LOCK prefix functions only with the following instructions:
BT, BTS, BTR, BTC mem, reg/imm
XCHG reg, mem
XCHG mem, reg
ADD, OR, ADC, SBB, AND, SUB, XOR mem, reg/imm
NOT, NEG, INC, DEC mem

An undefined opcode trap will be generated if a LOCK prefix is used with any instruction not
listed above. XCHG always asserts LOCK# regardless of the presence or absence of the
LOCK prefix. The integrity of the LOCK is not affected by the alignment of the memory
field. Memory locking is observed for arbitrarily misaligned fields.
Locked access is not assured if another 80386 processor is executing an instruction concurrently
that has one of the following characteristics:
• Is not preceded by a LOCK prefix
• Is not one of the instructions in the preceding list
• Specifies a memory operand that does not exactly overlap the destination operand. Locking is
not guaranteed for partial overlap, even if one memory operand is wholly contained within
another.
Input and Output
• IN -- Input from Port
Opcode Instruction Clocks Description
E4 ib IN AL,imm8 12,pm=6*/26** Input byte from
immediate port into AL
E5 ib IN AX,imm8 12,pm=6*/26** Input word from immediate port
into AX
E5 ib IN EAX,imm8 12,pm=6*/26** Input dword from immediate port
into EAX
EC IN AL,DX 13,pm=7*/27** Input byte
from port DX into AL
ED IN AX,DX 13,pm=7*/27** Input word from port
DX into AX
ED IN EAX,DX 13,pm=7*/27** Input dword from port
DX into EAX
Notes
*If CPL <= IOPL
**If CPL > IOPL or if in virtual 8086 mode
Input and Output
Operation
IF (PE = 1) AND ((VM = 1) OR (CPL > IOPL))
THEN (* Virtual 8086 mode, or protected mode with CPL > IOPL *)
IF NOT I-O-Permission (SRC, width(SRC))
THEN #GP(0);
FI;
FI;
DEST := [SRC]; (* Reads from I/O address space *)

IN transfers a data byte or data word from the port numbered by the
second operand into the register (AL, AX, or EAX) specified by the first
operand. Access any port from 0 to 65535 by placing the port number in
the DX register and using an IN instruction with DX as the second
parameter. These I/O instructions can be shortened by using an 8-bit
port I/O in the instruction. The upper eight bits of the port address will
be 0 when 8-bit port I/O is used.
Input and Output
• OUT -- Output to Port
Opcode Instruction Clocks Description
E6 ib OUT imm8,AL 10,pm=4*/24** Output byte AL to immediate port
number
E7 ib OUT imm8,AX 10,pm=4*/24** Output word AL to immediate port
number
E7 ib OUT imm8,EAX 10,pm=4*/24** Output dword AL to immediate port
number
EE OUT DX,AL 11,pm=5*/25** Output byte AL to port
number in DX
EF OUT DX,AX 11,pm=5*/25** Output word AL to port
number in DX
EF OUT DX,EAX 11,pm=5*/25** Output dword AL to port
number in DX
Notes
*If CPL <= IOPL
**If CPL > IOPL or if in virtual 8086 mode
Input and Output
Operation
IF (PE = 1) AND ((VM = 1) OR (CPL > IOPL))
THEN (* Virtual 8086 mode, or protected mode with CPL > IOPL *)
IF NOT I-O-Permission (DEST, width(DEST))
THEN #GP(0);
FI;
FI;
[DEST] := SRC; (* I/O address space used *)

OUT transfers a data byte or data word from the register (AL, AX, or EAX)
given as the second operand to the output port numbered by the first
operand. Output to any port from 0 to 65535 is performed by placing the
port number in the DX register and then using an OUT instruction with DX
as the first operand. If the instruction contains an eight-bit port ID, that
value is zero-extended to 16 bits.
Input and Output
• INS/INSB/INSW/INSD -- Input from Port to String
Opcode Instruction Clocks Description
6C INS r/m8,DX 15,pm=9*/29** Input byte from port DX
into ES:(E)DI
6D INS r/m16,DX 15,pm=9*/29** Input word from port DX
into ES:(E)DI
6D INS r/m32,DX 15,pm=9*/29** Input dword from port DX
into ES:(E)DI
6C INSB 15,pm=9*/29** Input byte from port DX
into ES:(E)DI
6D INSW 15,pm=9*/29** Input word from port DX
into ES:(E)DI
6D INSD 15,pm=9*/29** Input dword from port DX
into ES:(E)DI

Notes
*If CPL <= IOPL
**If CPL > IOPL or if in virtual 8086 mode
Input and Output
IF AddressSize = 16
THEN use DI for dest-index; IF OperandSize = 16
ELSE (* AddressSize = 32 *) THEN
use EDI for dest-index; ES:[dest-index] := [DX]; (* Reads
FI; word at DX from I/O address space *)
IF (PE = 1) AND ((VM = 1) OR (CPL > IOPL)) IF DF = 0 THEN IncDec := 2 ELSE
THEN (* Virtual 8086 mode, or protected mode IncDec := -2;
with CPL > IOPL *) FI;
IF NOT I-O-Permission (SRC, FI;
width(SRC)) IF OperandSize = 32
THEN #GP(0); THEN
FI; ES:[dest-index] := [DX]; (* Reads
FI; dword at DX from I/O address space *)
IF byte type of instruction IF DF = 0 THEN IncDec := 4 ELSE
THEN IncDec := -4;
ES:[dest-index] := [DX]; (* Reads FI;
byte at DX from I/O address space *) FI;
IF DF = 0 THEN IncDec := 1 ELSE dest-index := dest-index + IncDec;
IncDec := -1;
FI;
FI;
Input and Output
• INS transfers data from the input port numbered by the DX register to
the memory byte or word at ES:dest-index. The memory operand must
be addressable from ES; no segment override is possible. The
destination register is DI if the address-size attribute of the instruction
is 16 bits, or EDI if the address-size attribute is 32 bits. INS does not
allow the specification of the port number as an immediate value. The
port must be addressed through the DX register value. Load the correct
value into DX before executing the INS instruction.
• The destination address is determined by the contents of the
destination index register. Load the correct index into the destination
index register before executing INS.
• After the transfer is made, DI or EDI advances automatically. If the
direction flag is 0 (CLD was executed), DI or EDI increments; if the
direction flag is 1 (STD was executed), DI or EDI decrements. DI
increments or decrements by 1 if a byte is input, by 2 if a word is input,
or by 4 if a doubleword is input.
• INSB, INSW and INSD are synonyms of the byte, word, and
doubleword INS instructions. INS can be preceded by the REP prefix
for block input of CX bytes or words. Refer to the REP instruction for
details of this operation.
Input and Output
• OUTS/OUTSB/OUTSW/OUTSD -- Output String to Port
Opcode Instruction Clocks Description
6E OUTS DX,r/m8 14,pm=8*/28** Output byte [(E)SI] to
port in DX
6F OUTS DX,r/m16 14,pm=8*/28** Output word [(E)SI] to port in DX
6F OUTS DX,r/m32 14,pm=8*/28** Output dword [(E)SI] to port in DX
6E OUTSB 14,pm=8*/28** Output byte DS:[(E)SI] to
port in DX
6F OUTSW 14,pm=8*/28** Output word DS:[(E)SI] to port in
DX
6F OUTSD 14,pm=8*/28** Output dword DS:[(E)SI] to port in
DX

Notes
*If CPL <= IOPL
**If CPL > IOPL or if in virtual 8086 mode
Input and Output
• Operation
IF AddressSize = 16
THEN use SI for source-index;
ELSE (* AddressSize = 32 *)
use ESI for source-index; IF OperandSize = 16
FI; THEN
IF (PE = 1) AND ((VM = 1) OR (CPL > [DX] := [source-index]; (* Write word at
IOPL)) DX I/O address *)
THEN (* Virtual 8086 mode, or protected IF DF = 0 THEN IncDec := 2 ELSE
mode with CPL > IOPL *) IncDec := -2; FI;
IF NOT I-O-Permission (DEST, FI;
width(DEST)) IF OperandSize = 32
THEN #GP(0); THEN
FI; [DX] := [source-index]; (* Write dword
FI; at DX I/O address *)
IF byte type of instruction IF DF = 0 THEN IncDec := 4 ELSE
THEN IncDec := -4;FI;
[DX] := [source-index]; (* Write byte at FI;
DX I/O address *) FI;
IF DF = 0 THEN IncDec := 1 ELSE source-index := source-index + IncDec;
IncDec := -1; FI;
FI;
Input and Output
• OUTS transfers data from the memory byte, word, or doubleword at the source-
index register to the output port addressed by the DX register. If the address-size
attribute for this instruction is 16 bits, SI is used for the source-index register;
otherwise, the address-size attribute is 32 bits, and ESI is used for the source-index
register. OUTS does not allow specification of the port number as an immediate
value. The port must be addressed through the DX register value. Load the correct
value into DX before executing the OUTS instruction.
• The address of the source data is determined by the contents of source-index
register. Load the correct index value into SI or ESI before executing the OUTS
instruction.
• After the transfer, source-index register is advanced automatically. If the direction
flag is 0 (CLD was executed), the source-index register is incremented; if the
direction flag is 1 (STD was executed), it is decremented. The amount of the
increment or decrement is 1 if a byte is output, 2 if a word is output, or 4 if a
doubleword is output.
• OUTSB, OUTSW, and OUTSD are synonyms for the byte, word, and doubleword
OUTS instructions. OUTS can be preceded by the REP prefix for block output of
CX bytes or words. Refer to the REP instruction for details on this operation.
Interrupt control

• CLI -- Clear Interrupt Flag


Opcode Instruction Clocks Description
FA CLI 3 Clear interrupt flag;
interrupts disabled
Operation
IF := 0;

Description
CLI clears the interrupt flag if the current privilege level is at least as
privileged as IOPL. No other flags are affected. External interrupts
are not recognized at the end of the CLI instruction or from that
point on until the interrupt flag is set.
Flags Affected
IF := 0
Interrupt control
• STI -- Set Interrupt Flag
Opcode Instruction Clocks Description
F13 STI 3 Set interrupt flag; interrupts enabled at
the end of the next instruction
Operation
IF := 1
Description
STI sets the interrupt flag to 1.
The 80386 then responds to external interrupts after executing the next
instruction if the next instruction allows the interrupt flag to remain
enabled. If external interrupts are disabled and you code STI, RET (such as
at the end of a subroutine), the RET is allowed to execute before external
interrupts are recognized. Also, if external interrupts are disabled and you
code STI, CLI, then external interrupts are not recognized because the CLI
instruction clears the interrupt flag during its execution.
Interrupt control
• LGDT/LIDT -- Load Global/Interrupt Descriptor Table
Register
Opcode Instruction Clocks Description
0F 01 /2 LGDT m16&32 11 Load m into GDTR
0F 01 /3 LIDT m16&32 11 Load m into IDTR
Operation
IF instruction = LIDT
THEN
IF OperandSize = 16
THEN IDTR.Limit:Base := m16:24 (* 24 bits of base loaded *)
ELSE IDTR.Limit:Base := m16:32
FI;
ELSE (* instruction = LGDT *)
IF OperandSize = 16
THEN GDTR.Limit:Base := m16:24 (* 24 bits of base loaded *)
ELSE GDTR.Limit:Base := m16:32;
FI;
FI;
Interrupt control
• The LGDT and LIDT instructions load a linear base address and limit value
from a six-byte data operand in memory into the GDTR or IDTR, respectively.
If a 16-bit operand is used with LGDT or LIDT, the register is loaded with a
16-bit limit and a 24-bit base, and the high-order eight bits of the six-byte data
operand are not used.
• If a 32-bit operand is used, a 16-bit limit and a 32-bit base is loaded; the
high-order eight bits of the six-byte operand are used as high-order base
address bits.
• The SGDT and SIDT instructions always store into all 48 bits of the six-byte
data operand. With the 80286, the upper eight bits are undefined after SGDT
or SIDT is executed.
• With the 80386, the upper eight bits are written with the high-order eight
address bits, for both a 16-bit operand and a 32-bit operand. If LGDT or LIDT
is used with a 16-bit operand to load the register stored by SGDT or SIDT, the
upper eight bits are stored as zeros.
Interrupt control
• SGDT/SIDT -- Store Global/Interrupt Descriptor Table
Register
Opcode Instruction Clocks Description
0F 01 /0 SGDT m 9 Store GDTR to
m 0F 01 /1 SIDT m 9 Store IDTR
to m
Operation
DEST := 48-bit BASE/LIMIT register contents;

SGDT/SIDT copies the contents of the descriptor table register the six
bytes of memory indicated by the operand. The LIMIT field of the
register is assigned to the first word at the effective address. If the
operand-size attribute is 32 bits, the next three bytes are assigned the
BASE field of the register, and the fourth byte is written with zero. The
last byte is undefined. Otherwise, if the operand-size attribute is 16 bits,
the next four bytes are assigned the 32-bit BASE field of the register.
System Control

• SMSW -- Store Machine Status Word


Opcode Instruction Clocks Description
0F 01 /4 SMSW r/m16 2/3,pm=2/2 Store machine
status word to EA word
Operation
r/m16 := MSW;

Description
SMSW stores the machine status word (part of CR0) in the two-byte
register or memory location indicated by the effective address
operand.

Flags Affected
None
System Control
• LMSW -- Load Machine Status Word
Opcode Instruction Clocks Description
0F 01 /6 LMSW r/m16 10/13 Load r/m16 in machine status
word

Operation
MSW := r/m16; (* 16 bits is stored in the machine status word *)

Description
LMSW loads the machine status word (part of CR0) from the source
operand. This instruction can be used to switch to Protected Mode; if
so, it must be followed by an intrasegment jump to flush the instruction
queue. LMSW will not switch back to Real Address Mode. LMSW is
used only in operating system software. It is not used in application
programs.

Flags Affected
None
System Control
• HLT -- Halt
Opcode Instruction Clocks Description
F4 HLT 5 Halt

Operation
Enter Halt state;

Description
HALT stops instruction execution and places the 80386 in a HALT
state. An enabled interrupt, NMI, or a reset will resume execution. If
an interrupt (including NMI) is used to resume execution after HLT,
the saved CS:IP (or CS:EIP) value points to the instruction following
HLT.

Flags Affected
None
System Control
• MOV -- Move to/from Special Registers
Opcode Instruction Clocks Description
0F 20 /r MOV r32,CR0/CR2/CR3 6 Move (control register) to (register)
0F 22 /r MOV CR0/CR2/CR3,r32 10/4/5 Move (register) to (control register)
0F 21 /r MOV r32,DR0 – 3 22 Move (debug register) to (register)
0F 21 /r MOV r32,DR6/DR7 14 Move (debug register) to (register)
0F 23 /r MOV DR0 -- 3,r32 22 Move (register) to (debug register)
0F 23 /r MOV DR6/DR7,r32 16 Move (register) to (debug register)
0F 24 /r MOV r32,TR6/TR7 12 Move (test register) to (register)
0F 26 /r MOV TR6/TR7,r32 12 Move (register) to (test register)

Operation
• DEST := SRC;
System Control
• The above forms of MOV store or load the following special registers in or from a
general purpose register:
Control registers CR0, CR2, and CR3
Debug Registers DR0, DR1, DR2, DR3, DR6, and DR7
Test Registers TR6 and TR7

32-bit operands are always used with these instructions, regardless of the operand-size
attribute.

Flags Affected
OF, SF, ZF, AF, PF, and CF are undefined

You might also like