;=============================================================================== STOS - Store String (Byte, Word or Doubleword) Usage: STOS dest STOSB STOSW STOSD Modifies flags: None Stores value in accumulator to location at ES:(E)DI (even if operand is given). (E)DI is incremented/decremented based on the size of the operand (or instruction format) and the state of the Direction Flag. Use with REP prefixes. Clocks Size Operands 808x 286 386 486 Bytes dest 11 3 4 5 1 (W88=15) AA STOS m8 Store AL at address ES:(E)DI AB STOS m16 Store AX at address ES:(E)DI AB STOS m32 Store EAX at address ES:(E)DI AA STOSB Store AL at address ES:(E)DI AB STOSW Store AX at address ES:(E)DI AB STOSD Store EAX at address ES:(E)DI ;======================================================================= SMSW - Store Machine Status Word (286+ privileged) Usage: SMSW dest Modifies flags: none Store Machine Status Word (MSW) into "dest". Clocks Size Operands 808x 286 386 486 Bytes reg16 - 2 10 2 3 mem16 - 3 3 3 5 0F 01 /4 SMSW r/m16 Store machine status word to r/m16 0F 01 /4 SMSW r32/m16 Store machine status word in low-order 16 bits of r32/m16; ;======================================================================= SLDT - Store Local Descriptor Table (286+ privileged) Usage: SLDT dest Modifies flags: none Stores the Local Descriptor Table (LDT) Register into the specified operand. Clocks Size Operands 808x 286 386 486 Bytes reg16 - 2 2 2 3 mem16 - 2 2 3 5 0F 00 /0 SLDT r/m16 Stores segment selector from LDTR in r/m16 0F 00 /0 SLDT r/m32 Store segment selector from LDTR in low-order 16 bits of ;======================================================================= SIDT - Store Interrupt Descriptor Table (286+ privileged) Usage: SIDT dest Modifies flags: none Stores the Interrupt Descriptor Table (IDT) Register into the specified operand. Clocks Size Operands 808x 286 386 486 Bytes mem64 - 12 9 10 5 0F 01 /1 SIDT m Store IDTR to m ;======================================================================= LMSW - Load Machine Status Word (286+ privileged) Usage: LMSW src Modifies flags: None Loads the Machine Status Word (MSW) from data found at "src" Clocks Size Operands 808x 286 386 486 Bytes reg16 - 3 10 13 3 mem16 - 6 13 13 5 0F 01 /6 LMSW r/m16 Loads r/m16 in machine status word of CR0 ;======================================================================= LOCK - Lock Bus Usage: LOCK LOCK: (386+ prefix) Modifies flags: None This instruction is a prefix that causes the CPU assert bus lock signal during the execution of the next instruction. Used to avoid two processors from updating the same data location. The 286 always asserts lock during an XCHG with memory operands. This should only be used to lock the bus prior to XCHG, MOV, IN and OUT instructions. Clocks Size Operands 808x 286 386 486 Bytes none 2 0 0 1 1 F0 LOCK Asserts LOCK# signal ;======================================================================= LODS - Load String (Byte, Word or Double) Usage: LODS src LODSB LODSW LODSD (386+) Modifies flags: None Transfers string element addressed by DS:SI (even if an operand is supplied) to the accumulator. SI is incremented based on the size of the operand or based on the instruction used. If the Direction Flag is set SI is decremented, if the Direction Flag is clear SI is incremented. Use with REP prefixes. Clocks Size Operands 808x 286 386 486 Bytes src 12/16 5 5 5 1 AC LODS m8 Load byte at address DS:(E)SI into AL AD LODS m16 Load word at address DS:(E)SI into AX AD LODS m32 Load doubleword at address DS:(E)SI into EAX AC LODSB Load byte at address DS:(E)SI into AL AD LODSW Load word at address DS:(E)SI into AX AD LODSD Load doubleword at address DS:(E)SI into EAX ;======================================================================= LGDT - Load Global Descriptor Table (286+ privileged) Usage: LGDT src Modifies flags: None Loads a value from an operand into the Global Descriptor Table (GDT) register. Clocks Size Operands 808x 286 386 486 Bytes mem64 - 11 11 11 5 0F 01 /2 LGDT m16&32 Load m into GDTR ;======================================================================= SGDT - Store Global Descriptor Table (286+ privileged) Usage: SGDT dest Modifies flags: none Stores the Global Descriptor Table (GDT) Register into the specified operand. Clocks Size Operands 808x 286 386 486 Bytes mem64 - 11 9 10 5 0F 01 /0 SGDT m Store GDTR to m ;======================================================================= LGS - Load Pointer Using GS (386+) Usage: LGS dest,src Modifies flags: None Loads 32-bit pointer from memory source to destination register and GS. The offset is placed in the destination register and the segment is placed in GS. To use this instruction the word at the lower memory address must contain the offset and the word at the higher address must contain the segment. This simplifies the loading of far pointers from the stack and the interrupt vector table. Clocks Size Operands 808x 286 386 486 Bytes reg,mem - - 7 6 5-7 reg,mem (PM) - - 22 12 5-7 0F B5 / r LGS r16,m16:16 Load GS: r16 with far pointer from memory 0F B5 / r LGS r32,m16:32 Load GS: r32 with far pointer from memory ;======================================================================= SIDT - Store Interrupt Descriptor Table (286+ privileged) Usage: SIDT dest Modifies flags: none Stores the Interrupt Descriptor Table (IDT) Register into the specified operand. Clocks Size Operands 808x 286 386 486 Bytes mem64 - 12 9 10 5 0F 01 /1 SIDT m Store IDTR to m ;======================================================================= SMSW - Store Machine Status Word (286+ privileged) Usage: SMSW dest Modifies flags: none Store Machine Status Word (MSW) into "dest". Clocks Size Operands 808x 286 386 486 Bytes reg16 - 2 10 2 3 mem16 - 3 3 3 5 0F 01 /4 SMSW r/m16 Store machine status word to r/m16 0F 01 /4 SMSW r32/m16 Store machine status word in low-order 16 bits of r32/m16; ;======================================================================= STI - Set Interrupt Flag (Enable Interrupts) Usage: STI Modifies flags: IF Sets the Interrupt Flag to 1, which enables recognition of all hardware interrupts. If an interrupt is generated by a hardware device, an End of Interrupt (EOI) must also be issued to enable other hardware interrupts of the same or lower priority. Clocks Size Operands 808x 286 386 486 Bytes none 2 2 2 5 1 FB STI Set interrupt flag; external, maskable interrupts enabled at the end of the next instruction ;======================================================================= CLI - Clear Interrupt Flag (disable) Usage: CLI Modifies flags: IF Disables the maskable hardware interrupts by clearing the Interrupt flag. NMI's and software interrupts are not inhibited. Clocks Size Operands 808x 286 386 486 Bytes none 2 2 3 5 1 FA CLI Clear interrupt flag; interrupts disabled when interrupt ;======================================================================= ESC - Escape Usage: ESC immed,src Modifies flags: None Provides access to the data bus for other resident processors. The CPU treats it as a NOP but places memory operand on bus. Clocks Size Operands 808x 286 386 486 Bytes immed,reg 2 9-20 ? 2 immed,mem 2 9-20 ? 2-4 D8h xxh ESC 0 D9h xxh ESC 1 DAh xxh ESC 2 DBh xxh ESC 3 DCh xxh ESC 4 DDh xxh ESC 5 DEh xxh ESC 6 DFh xxh ESC 7 ;======================================================================= HLT - Halt CPU Usage: HLT Modifies flags: None Halts CPU until RESET line is activated, NMI or maskable interrupt received. The CPU becomes dormant but retains the current CS:IP for later restart. Clocks Size Operands 808x 286 386 486 Bytes none 2 2 5 4 1 F4 HLT Halt ;======================================================================= INVD - Invalidate Cache (486+) Usage: INVD Modifies flags: none Flushes CPU internal cache. Issues special function bus cycle which indicates to flush external caches. Data in write-back external caches is lost. Clocks Size Operands 808x 286 386 486 Bytes none - - - 4 2 0F 08 INVD Flush internal caches; initiate flushing of external caches. ;======================================================================= /IRETD IRET/IRETD - Interrupt Return Usage: IRET IRETD (386+) Modifies flags: AF CF DF IF PF SF TF ZF Returns control to point of interruption by popping IP, CS and then the Flags from the stack and continues execution at this location. CPU exception interrupts will return to the instruction that cause the exception because the CS:IP placed on the stack during the interrupt is the address of the offending instruction. Clocks Size Operands 808x 286 386 486 Bytes iret 32/44 17+m 22 15 1 iret (prot. mode) - 31+m 38 15 1 iret (to less privilege) - 55+m 82 36 1 iret (different task, NT=1) - 169+m TS TS+32 1 iretd - - 22/38 15 1 iretd (to less privilege) - - 82 36 1 iretd (to VM86 mode) - - 60 15 1 iretd (different task, NT=1) - - TS TS+32 1 - 386 timings are listed as real-mode/protected-mode CF IRET Interrupt return (16-bit operand size) CF IRETD Interrupt return (32-bit operand size) ;=========================================================================== Intel 8086 Family Architecture General Purpose Registers Segment Registers AH/AL AX (EAX) Accumulator CS Code Segment BH/BL BX (EBX) Base DS Data Segment CH/CL CX (ECX) Counter SS Stack Segment DH/DL DX (EDX) Data ES Extra Segment (FS) 386 and newer (Exx) indicates 386+ 32 bit register (GS) 386 and newer Pointer Registers Stack Registers SI (ESI) Source Index SP (ESP) Stack Pointer DI (EDI) Destination Index BP (EBP) Base Pointer IP Instruction Pointer Status Registers FLAGS Status Flags (see FLAGS) Special Registers (386+ only) CR0 Control Register 0 DR0 Debug Register 0 CR2 Control Register 2 DR1 Debug Register 1 CR3 Control Register 3 DR2 Debug Register 2 DR3 Debug Register 3 TR4 Test Register 4 DR6 Debug Register 6 TR5 Test Register 5 DR7 Debug Register 7 TR6 Test Register 6 TR7 Test Register 7 Register Default Segment Valid Overrides BP SS DS, ES, CS SI or DI DS ES, SS, CS DI strings ES None SI strings DS ES, SS, CS - see CPU DETECTING Instruction Timing ;=========================================================================== LDS - Load Pointer Using DS Usage: LDS dest,src Modifies flags: None Loads 32-bit pointer from memory source to destination register and DS. The offset is placed in the destination register and the segment is placed in DS. To use this instruction the word at the lower memory address must contain the offset and the word at the higher address must contain the segment. This simplifies the loading of far pointers from the stack and the interrupt vector table. Clocks Size Operands 808x 286 386 486 Bytes reg16,mem32 16+EA 7 7 6 2-4 reg,mem (PM) - - 22 12 5-7 C5 / r LDS r16,m16:16 Load DS: r16 with far pointer from memory C5 / r LDS r32,m16:32 Load DS: r32 with far pointer from memory ;======================================================================= LGS - Load Pointer Using GS (386+) Usage: LGS dest,src Modifies flags: None Loads 32-bit pointer from memory source to destination register and GS. The offset is placed in the destination register and the segment is placed in GS. To use this instruction the word at the lower memory address must contain the offset and the word at the higher address must contain the segment. This simplifies the loading of far pointers from the stack and the interrupt vector table. Clocks Size Operands 808x 286 386 486 Bytes reg,mem - - 7 6 5-7 reg,mem (PM) - - 22 12 5-7 0F B5 / r LGS r16,m16:16 Load GS: r16 with far pointer from memory 0F B5 / r LGS r32,m16:32 Load GS: r32 with far pointer from memory ;======================================================================= LSL - Load Segment Limit (286+ protected) Usage: LSL dest,src Modifies flags: ZF Loads the segment limit of a selector into the destination register if the selector is valid and visible at the current privilege level. If loading is successful the Zero Flag is set, otherwise it is cleared. Clocks Size Operands 808x 286 386 486 Bytes reg16,reg16 - 14 20/25 10 3 reg32,reg32 - - 20/25 10 3 reg16,mem16 - 16 21/26 10 5 reg32,mem32 - - 21/26 10 5 - 386 times are listed "byte granular" / "page granular" 0F 03 / r LSL r16,r/m16 Load: r16 ¬ segment limit, selector r/m16 0F 03 / r LSL r32,r/m32 Load: r32 ¬ segment limit, selector r/m32) ;=======================================================================