Title: Tables
Title: Tables
Tab.2-1 Default Segment Register Selection Rules
Table 2-1. Default Segment Register Selection Rules
Memory Reference Needed Segment Implicit Segment Selection Rule
Register
Used
Instructions Code (CS) Automatic with instruction prefetch
Stack Stack (SS) All stack pushes and pops. Any
memory reference that uses ESP or
EBP as a base register.
Local Data Data (DS) All data references except when
relative to stack or string
destination.
Destination Strings Extra (ES) Destination of string instructions.
Tab.2-2 80386 Reserved Exceptions and Interrupts
Table 2-2. 80386 Reserved Exceptions and Interrupts
Vector Number Description
0 Divide Error
1 Debug Exceptions
2 NMI Interrupt
3 Breakpoint
4 INTO Detected Overflow
5 BOUND Range Exceeded
6 Invalid Opcode
7 Coprocessor Not Available
8 Double Exception
9 Coprocessor Segment Overrun
10 Invalid Task State Segment
11 Segment Not Present
12 Stack Fault
13 General Protection
14 Page Fault
15 (reserved)
16 Coprocessor Error
17-32 (reserved)
See Also: 9.8
Tab.3-1 Bit Test and Modify Instructions
Table 3-1. Bit Test and Modify Instructions
Instruction Effect on CF Effect on
Selected Bit
Bit (Bit Test) CF = BIT (none)
BTS (Bit Test and Set) CF = BIT BIT = 1
BTR (Bit Test and Reset) CF = BIT BIT = 0
BTC (Bit Test and Complement) CF = BIT BIT = NOT(BIT)
See Also: 3.4.2
Tab.3-2 Interpretation of Conditional Transfers
Table 3-2. Interpretation of Conditional Transfers
Unsigned Conditional Transfers
Mnemonic Condition Tested "Jump If..."
JA/JNBE (CF or ZF) = 0 above/not below nor equal
JAE/JNB CF = 0 above or equal/not below
JB/JNAE CF = 1 below/not above nor equal
JBE/JNA (CF or ZF) = 1 below or equal/not above
JC CF = 1 carry
JE/JZ ZF = 1 equal/zero
JNC CF = 0 not carry
JNE/JNZ ZF = 0 not equal/not zero
JNP/JPO PF = 0 not parity/parity odd
JP/JPE PF = 1 parity/parity even
Signed Conditional Transfers
Mnemonic Condition Tested "Jump If..."
JG/JNLE ((SF xor OF) or ZF) = 0 greater/not less nor equal
JGE/JNL (SF xor OF) = 0 greater or equal/not less
JL/JNGE (SF xor OF) = 1 less/not greater nor equal
JLE/JNG ((SF xor OF) or ZF) = 1 less or equal/not greater
JNO OF = 0 not overflow
JNS SF = 0 not sign (positive, including 0)
JO OF = 1 overflow
JS SF = 1 sign (negative)
See Also: 3.5.2.1
Tab.6-1 System and Gate Descriptor Types
Table 6-1. System and Gate Descriptor Types
Code Type of Segment or Gate
0 -reserved
1 Available 286 TSS
2 LDT
3 Busy 286 TSS
4 Call Gate
5 Task Gate
6 286 Interrupt Gate
7 286 Trap Gate
8 -reserved
9 Available 386 TSS
A -reserved
B Busy 386 TSS
C 386 Call Gate
D -reserved
E 386 Interrupt Gate
F 386 Trap Gate
See Also: 6.3.1.1
Tab.6-2 Useful Combinations of E, G, and B Bits
Table 6-2. Useful Combinations of E, G, and B Bits
Case: 1 2 3 4
Expansion Direction U U D D
G-bit 0 1 0 1
B-bit X X 0 1
Lower bound is:
0 X X
LIMIT+1 X
shl(LIMIT,12,1)+1 X
Upper bound is:
LIMIT X
shl(LIMIT,12,1) X
64K-1 X
4G-1 X
Max seg size is:
64K X
64K-1 X
4G-4K X
4G X
Min seg size is:
0 X X
4K X X
shl (X, 12, 1) = shift X left by 12 bits inserting one-bits on the right
See Also: 6.3.1.2
Tab.6-3 Interievel Return Checks
Table 6-3. Interlevel Return Checks
SF = Stack Fault
GP = General Protection Exception
NP = Segment-Not-Present Exception
Type of Check Exception Error Code
ESP is within current SS segment SF 0
ESP + 7 is within current SS segment SF 0
RPL of return CS is greater than CPL GP Return CS
Return CS selector is not null GP Return CS
Return CS segment is within descriptor
table limit GP Return CS
Return CS descriptor is a code segment GP Return CS
Return CS segment is present NP Return CS
DPL of return nonconforming code
segment = RPL of return CS, or DPL of
return conforming code segment <= RPL
of return CS GP Return CS
ESP + N + 15 is within SS segment SF Return SS
N = Immediate Operand of RET N Instruction
SS selector at ESP + N + 12 is not null GP Return SS
SS selector at ESP + N + 12 is within
descriptor table limit GP Return SS
SS descriptor is writable data segment GP Return SS
SS segment is present SF Return SS
Saved SS segment DPL = RPL of saved
CS GP Return SS
Saved SS selector RPL = Saved SS
segment DPL GP Return SS
See Also: 6.3.4.2 6.3.5
Tab.6-4 Valid Descriptor Types for LSL
Table 6-4. Valid Descriptor Types for LSL
Type Descriptor Type Valid?
Code
0 (invalid) NO
1 Available 286 TSS YES
2 LDT YES
3 Busy 286 TSS YES
4 286 Call Gate NO
5 Task Gate NO
6 286 Trap Gate NO
7 286 Interrupt Gate NO
8 (invalid) NO
9 Available 386 TSS YES
A (invalid) NO
B Busy 386 TSS YES
C 386 Call Gate NO
D (invalid) NO
E 386 Trap Gate NO
F 386 Interrupt Gate NO
See Also: 6.3.6
Tab.6-5 Combining Directory and Page Protection
Table 6-5. Combining Directory and Page Protection
Page Directory Entry Page Table Entry Combined Protection
U/S R/W U/S R/W U/S R/W
S-0 R-0 S-0 R-0 S x
S-0 R-0 S-0 W-1 S x
S-0 R-0 U-1 R-0 S x
S-0 R-0 U-1 W-1 S x
S-0 W-1 S-0 R-0 S x
S-0 W-1 S-0 W-1 S x
S-0 W-1 U-1 R-0 S x
S-0 W-1 U-1 W-1 S x
U-1 R-0 S-0 R-0 S x
U-1 R-0 S-0 W-1 S x
U-1 R-0 U-1 R-0 U R
U-1 R-0 U-1 W-1 U R
U-1 W-1 S-0 R-0 S x
U-1 W-1 S-0 W-1 S x
U-1 W-1 U-1 R-0 U R
U-1 W-1 U-1 W-1 U W
---------------------------------------------------------------------------
NOTE
S -- Supervisor
R -- Read only
U -- User
W -- Read and Write
x indicates that when the combined U/S attribute is S, the R/W attribute
is not checked.
---------------------------------------------------------------------------
See Also: 6.5 6.4.2
Tab.7-1 Checks Made during a Task Switch
Table 7-1. Checks Made during a Task Switch
NP = Segment-not-present exception,
GP = General protection fault,
TS = Invalid TSS,
SF = Stack fault
Test Test Description Exception Error Code Selects
1 Incoming TSS descriptor is NP Incoming TSS
present
2 Incoming TSS descriptor is GP Incoming TSS
marked not-busy
3 Limit of incoming TSS is TS Incoming TSS
greater than or equal to 103
-- All register and selector values are loaded --
4 LDT selector of incoming TS Incoming TSS
task is valid *
5 LDT of incoming task is TS Incoming TSS
present
6 CS selector is valid * TS Code segment
7 Code segment is present NP Code segment
8 Code segment DPL matches TS Code segment
CS RPL
9 Stack segment is valid * GP Stack segment
10 Stack segment is present SF Stack segment
11 Stack segment DPL = CPL SF Stack segment
12 Stack-selector RPL = CPL GP Stack segment
13 DS, ES, FS, GS selectors are GP Segment
valid
14 DS, ES, FS, GS segments GP Segment
are readable
15 DS, ES, FS, GS segments NP Segment
are present
16 DS, ES, FS, GS segment DPL >= CPL GP Segment
(unless these are conforming segments)
------------------------------------------------------------------------------
NOTE
Validity tests of a selector check that the selector is in the proper
table (eg., the LDT selector refers to the GDT), lies within the bounds of
the table, and refers to the proper type of descriptor (e.g., the LDT
selector refers to an LDT descriptor).
------------------------------------------------------------------------------
See Also: 7.5
Tab.7-2 Effect of Task Switch on BUSY, NT, and Back-Link
Table 7-2. Effect of Task Switch on BUSY, NT, and Back-Link
Affected Field Effect of JMP Effect of Effect of
Instruction CALL Instruction IRET Instruction
Busy bit of Set, must be Set, must be 0 Unchanged,
incoming task 0 before before must be set
Busy bit of Cleared Unchanged Cleared
outgoing task (already set)
NT bit of Cleared Set Unchanged
incoming task
NT bit of Unchanged Unchanged Cleared
outgoing task
Back-link of Unchanged Set to outgoing Unchanged
incoming task TSS selector
Back-link of Unchanged Unchanged Unchanged
outgoing task
See Also: 7.6
Tab.9-1 Interrupt and Exception ID Assignments
Table 9-1. Interrupt and Exception ID Assignments
Identifier Description
0 Divide error
1 Debug exceptions
2 Nonmaskable interrupt
3 Breakpoint (one-byte INT 3 instruction)
4 Overflow (INTO instruction)
5 Bounds check (BOUND instruction)
6 Invalid opcode
7 Coprocessor not available
8 Double fault
9 (reserved)
10 Invalid TSS
11 Segment not present
12 Stack exception
13 General protection
14 Page fault
15 (reserved)
16 Coprecessor error
17-31 (reserved)
32-255 Available for external interrupts via INTR pin
See Also: 9.1
Tab.9-2 Priority Among Simultaneous Interrupts and Exceptions
Table 9-2. Priority Among Simultaneous Interrupts and Exceptions
Priority Class of Interrupt or Exception
HIGHEST Faults except debug faults
Trap instructions INTO, INT n, INT 3
Debug traps for this instruction
Debug faults for next instruction
NMI interrupt
LOWEST INTR interrupt
See Also: 9.3 9.4
Tab.9-3 Double-Fault Detection Classes
Table 9-3. Double-Fault Detection Classes
Class ID Description
1 Debug exceptions
2 NMI
3 Breakpoint
Benign 4 Overflow
Exceptions 5 Bounds check
6 Invalid opcode
7 Coprocessor not available
16 Coprocessor error
0 Divide error
9 Coprocessor Segment Overrun
Contributory 10 Invalid TSS
Exceptions 11 Segment not present
12 Stack exception
13 General protection
Page Faults 14 Page fault
See Also: 9.8.8
Tab.9-4 Double-Fault Definition
Table 9-4. Double-Fault Definition
SECOND EXCEPTION
Benign Contributory Page
Exception Exception Fault
Benign OK OK OK
Exception
FIRST Contributory OK DOUBLE OK
EXCEPTION Exception
Page
Fault OK DOUBLE DOUBLE
See Also: 9.8
Tab.9-5 Conditions That Invalidate the TSS
Table 9-5. Conditions That Invalidate the TSS
Error Code Condition
TSS id + EXT The limit in the TSS descriptor is less than 103
LTD id + EXT Invalid LDT selector or LDT not present
SS id + EXT Stack segment selector is outside table limit
SS id + EXT Stack segment is not a writable segment
SS id + EXT Stack segment DPL does not match new CPL
SS id + EXT Stack segment selector RPL < > CPL
CS id + EXT Code segment selector is outside table limit
CS id + EXT Code segment selector does not refer to code
segment
CS id + EXT DPL of non-conforming code segment < > new CPL
CS id + EXT DPL of conforming code segment > new CPL
DS/ES/FS/GS id + EXT DS, ES, FS, or GS segment selector is outside
table limits
DS/ES/FS/GS id + EXT DS, ES, FS, or GS is not readable segment
See Also: 9.8.10
Tab.9-6 Exception Summary
Table 9-6. Exception Summary
Description Int|IRET |Excep- |Function That
No |Points| tion |Can Generate
|Fault | Type |the Exception
|Instr | |
-----------------------------+------+-------+---------------------------------
Divide error 0 |YES | FAULT |DIV, IDIV
-----------------------------+------+-------+---------------------------------
Debug exceptions 1 | | |
| | |
Some debug exceptions | | |
are traps and some are | | |
faults. The exception | | |Any instruction
handler can determine | | |
which has occurred by | | |
examining DR6. | | |
(Refer to Chapter 12.) | | |
-----------------------------+------+-------+---------------------------------
Breakpoint 3 |NO | TRAP |One-byte INT 3
-----------------------------+------+-------+---------------------------------
Overflow 4 |NO | TRAP |INTO
-----------------------------+------+-------+---------------------------------
Bounds check 5 |YES | FAULT |BOUND
-----------------------------+------+-------+---------------------------------
Invalid opcode 6 |YES | FAULT |Any illegal instruction
-----------------------------+------+-------+---------------------------------
Coprocessor not available 7 |YES | FAULT |ESC, WAIT
-----------------------------+------+-------+---------------------------------
Double fault 8 |YES | ABORT |Any instruction that can
| | |generate an exception
-----------------------------+------+-------+---------------------------------
Coprocessor Segment | | |
Overrun 9 |NO | ABORT |Any operand of an ESC
| | |instruction that wraps around
| | |the end of a segment.
-----------------------------+------+-------+---------------------------------
Invalid TSS 10 |YES | FAULT |
| | |
An invalid-TSS fault | | |JMP, CALL, IRET, any interrupt
is not restartable if | | |
it occurs during the | | |
processing of an | | |
external interrupt. | | |
-----------------------------+------+-------+---------------------------------
Segment not present 11 |YES | FAULT |Any segment-register modifier
-----------------------------+------+-------+---------------------------------
Stack exception 12 |YES | FAULT |Any memory reference thru SS
-----------------------------+------+-------+---------------------------------
General Protection 13 |YES | FAULT/|
| | ABORT |
All GP faults are | | |Any memory reference or code
restartable. If the | | |fetch
fault occurs while | | |
attempting to vector | | |
to the handler for an | | |
external interrupt, | | |
the interrupted program | | |
is restartable, but the | | |
interrupt may be lost. | | |
| | |
-----------------------------+------+-------+---------------------------------
Page fault 14 |YES | FAULT |Any memory reference or code
| | |fetch
-----------------------------+------+-------+---------------------------------
Coprocessor error 16 |YES | FAULT |
| | |
Coprocessor errors are | | |ESC, WAIT
reported as a fault on | | |
the first ESC or WAIT | | |
instruction executed | | |
after the ESC | | |
instruction that caused | | |
the error. | | |
| | |
-----------------------------+------+-------+---------------------------------
Two-byte SoftWare 0-255|NO | TRAP |INT n
Interrupt | | |
------------------------------------------------------------------------------
See Also: 9.8
Tab.9-7 Error-Code Summary
Table 9-7. Error-Code Summary
Description Interrupt Error Code
Number
Divide error 0 No
Debug exceptions 1 No
Breakpoint 3 No
Overflow 4 No
Bounds check 5 No
Invalid opcode 6 No
Coprocessor not available 7 No
System error 8 Yes (always 0)
Coprocessor Segment Overrun 9 No
Invalid TSS 10 Yes
Segment not present 11 Yes
Stack exception 12 Yes
General protection fault 13 Yes
Page fault 14 Yes
Coprocessor error 16 No
Two-byte SW interrupt 0-255 No
See Also: 9.7
Tab.10-1 Meaning of D, U, and W Bit Pairs in TLB Test Regiters
Table 10-1. Meaning of D, U, and W Bit Pairs in TLB Test Regiters
X X# Effect during Value of bit X
TLB Lookup after TLB Write
0 0 (undefined) (undefined)
0 1 Match if X=0 Bit X becomes 0
1 0 Match if X=1 Bit X becomes 1
1 1 (undefined) (undefined)
See Also: 10.6.2
Tab.12-1 Breakpeint Field Recognition Examples
Table 12-1. Breakpoint Field Recognition Examples
| Address (hex) | Length
----------------------------------+-----------------+----------------
DR0 | 0A0001 | 1 (LEN0 = 00)
Register Contents DR1 | 0A0002 | 1 (LEN1 = 00)
DR2 | 0B0002 | 2 (LEN2 = 01)
DR3 | 0C0000 | 4 (LEN3 = 11)
----------------------------------+-----------------+----------------
Some Examples of Memory | 0A0001 | 1
References That Cause Traps | 0A0002 | 1
| 0A0001 | 2
| 0A0002 | 2
| 0B0002 | 2
| 0B0001 | 4
| 0C0000 | 4
| 0C0001 | 2
| 0C0003 | 1
----------------------------------+-----------------+---------------
Some Examples of Memory | 0A0000 | 1
References That Don't Cause Traps | 0A0003 | 4
| 0B0000 | 2
| 0C0004 | 4
See Also: 12.2.4
Tab.12-2 Debug Exception Conditions
Table 12-2. Debug Exception Conditions
Flags to Test Condition
BS=1 Single-step trap
B0=1 AND (GE0=1 OR LE0=1) Breakpoint DR0, LEN0, R/W0
B1=1 AND (GE1=1 OR LE1=1) Breakpoint DR1, LEN1, R/W1
B2=1 AND (GE2=1 OR LE2=1) Breakpoint DR2, LEN2, R/W2
B3=1 AND (GE3=1 OR LE3=1) Breakpoint DR3, LEN3, R/W3
BD=1 Debug registers not available; in use by ICE-386.
BT=1 Task switch
See Also: 12.3.1
Tab.14-1 80386 Real-Address Mode Exceptions
Table 14-1. 80386 Real-Address Mode Exceptions
|Interrupt| Function that Can Return Address
Description | Number | Generate the Exception Points to Faulting
| | Instruction
--------------------+---------+------------------------------------------------
Divide error | 0 | DIV, IDIV |YES
--------------------+---------+------------------------------------+---
Debug exceptions | 1 | Any |
| | Some debug exceptions point to the |
| | faulting instruction, others to the|
| | next instruction. The exception |
| | handler can determine which has |
| | occurred by examining DR6. |
--------------------+---------+------------------------------------+---
Breakpoint | 3 | INT |NO
--------------------+---------+------------------------------------+---
Overflow | 4 | INTO |NO
--------------------+---------+------------------------------------+---
Bounds check | 5 | BOUND |YES
--------------------+---------+------------------------------------+---
Invalid opcode | 6 | Any undefined opcode or LOCK |YES
| | used with wrong instruction |
--------------------+---------+------------------------------------+---
Coprocessor | 7 | ESC or WAIT |YES
not available | | |
--------------------+---------+------------------------------------+---
Interrupt table | 8 | INT vector is not within IDTR |YES
limit too small | | limit |
--------------------+---------+------------------------------------+---
Reserved | 9-11 | NoOne |
--------------------+---------+------------------------------------+---
Stack fault | 12 | Memory operand crosses offset |YES
| (0ch) | 0 or 0FFFFH |
--------------------+---------+------------------------------------+---
Pseudo-protection | 13 | Memory operand crosses offset |YES
exception | | 0FFFFH or attempt to execute |
| (0dh) | past offset 0FFFFH or |
| | instruction longer than 15 |
| | bytes |
--------------------+---------+------------------------------------+---
Reserved | 14,15 | NoOne |
--------------------+---------+------------------------------------+---
Coprocessor error | 16 | ESC or WAIT |YES
| | Coprocessor errors are reported on |
| (10h) | the first ESC or WAIT instruction |
| | after the ESC instruction that |
| | caused the error. |
--------------------+---------+------------------------------------+---
Two-byte Software | 0-255 | INT n |NO
interrupt | | |
-----------------------------------------------------------------------
See Also: 14.6 14.7
Tab.14-2 New 80386 Exceptions
Table 14-2. New 80386 Exceptions
Interrupt Function
Identifier
5 A BOUND instruction was executed with a register value outside
the limit values.
6 An undefined opcode was encountered or LOCK was used improperly
before an instruction to which it does not apply.
7 The EM bit in the MSW is set when an ESC instruction was
encountered. This exception also occurs on a WAIT instruction
if TS is set.
8 An exception or interrupt has vectored to an interrupt table
entry beyond the interrupt table limit in IDTR. This can occur
only if the LIDT instruction has changed the limit from the
default value of 3FFH, which is enough for all 256 interrupt
IDs.
12 Operand crosses extremes of stack segment, e.g., MOV operation
at offset 0FFFFH or push with SP=1 during PUSH, CALL, or INT.
13 Operand crosses extremes of a segment other than a stack
segment; or sequential instruction execution attempts to
proceed beyond offset 0FFFFH; or an instruction is longer than
15 bytes (including prefixes).
See Also: 14.7
Tab.17-1 Effective Size Attributes
Table 17-1. Effective Size Attributes
Segment Default D = ... 0 0 0 0 1 1 1 1
Operand-Size Prefix 66H N N Y Y N N Y Y
Address-Size Prefix 67H N Y N Y N Y N Y
Effective Operand Size 16 16 32 32 32 32 16 16
Effective Address Size 16 32 16 32 32 16 32 16
Y = Yes, this instruction prefix is present
N = No, this instruction prefix is not present
See Also: 17.1.3 17.1.2
Tab.17-2 16-Bit Addressing Forms with the ModR/M Byte
Table 17-2. 16-Bit Addressing Forms with the ModR/M Byte
r8(/r) AL CL DL BL AH CH DH BH
r16(/r) AX CX DX BX SP BP SI DI
r32(/r) EAX ECX EDX EBX ESP EBP ESI EDI
/digit (Opcode) 0 1 2 3 4 5 6 7
REG = 000 001 010 011 100 101 110 111
Effective
+--- Address --++Mod R/M+ +--------ModR/M Values in Hexadecimal--------+
[BX + SI] 000 00 08 10 18 20 28 30 38
[BX + DI] 001 01 09 11 19 21 29 31 39
[BP + SI] 010 02 0A 12 1A 22 2A 32 3A
[BP + DI] 011 03 0B 13 1B 23 2B 33 3B
[SI] 00 100 04 0C 14 1C 24 2C 34 3C
[DI] 101 05 0D 15 1D 25 2D 35 3D
disp16 110 06 0E 16 1E 26 2E 36 3E
[BX] 111 07 0F 17 1F 27 2F 37 3F
[BX+SI]+disp8 000 40 48 50 58 60 68 70 78
[BX+DI]+disp8 001 41 49 51 59 61 69 71 79
[BP+SI]+disp8 010 42 4A 52 5A 62 6A 72 7A
[BP+DI]+disp8 011 43 4B 53 5B 63 6B 73 7B
[SI]+disp8 01 100 44 4C 54 5C 64 6C 74 7C
[DI]+disp8 101 45 4D 55 5D 65 6D 75 7D
[BP]+disp8 110 46 4E 56 5E 66 6E 76 7E
[BX]+disp8 111 47 4F 57 5F 67 6F 77 7F
[BX+SI]+disp16 000 80 88 90 98 A0 A8 B0 B8
[BX+DI]+disp16 001 81 89 91 99 A1 A9 B1 B9
[BX+SI]+disp16 010 82 8A 92 9A A2 AA B2 BA
[BX+DI]+disp16 011 83 8B 93 9B A3 AB B3 BB
[SI]+disp16 10 100 84 8C 94 9C A4 AC B4 BC
[DI]+disp16 101 85 8D 95 9D A5 AD B5 BD
[BP]+disp16 110 86 8E 96 9E A6 AE B6 BE
[BX]+disp16 111 87 8F 97 9F A7 AF B7 BF
EAX/AX/AL 000 C0 C8 D0 D8 E0 E8 F0 F8
ECX/CX/CL 001 C1 C9 D1 D9 E1 E9 F1 F9
EDX/DX/DL 010 C2 CA D2 DA E2 EA F2 FA
EBX/BX/BL 011 C3 CB D3 DB E3 EB F3 FB
ESP/SP/AH 11 100 C4 CC D4 DC E4 EC F4 FC
EBP/BP/CH 101 C5 CD D5 DD E5 ED F5 FD
ESI/SI/DH 110 C6 CE D6 DE E6 EE F6 FE
EDI/DI/BH 111 C7 CF D7 DF E7 EF F7 FF
---------------------------------------------------------------------------
NOTES:
disp8 denotes an 8-bit displacement following the ModR/M byte, to be
sign-extended and added to the index. disp16 denotes a 16-bit displacement
following the ModR/M byte, to be added to the index. Default segment
register is SS for the effective addresses containing a BP index, DS for
other effective addresses.
---------------------------------------------------------------------------
See Also: 17.2.1
Tab.17-3 32-Bit Addressing Forms with the ModR/M Byte
Table 17-3. 32-Bit Addressing Forms with the ModR/M Byte
r8(/r) AL CL DL BL AH CH DH BH
r16(/r) AX CX DX BX SP BP SI DI
r32(/r) EAX ECX EDX EBX ESP EBP ESI EDI
/digit (Opcode) 0 1 2 3 4 5 6 7
REG = 000 001 010 011 100 101 110 111
Effective
+--- Address --++Mod R/M+ +---------ModR/M Values in Hexadecimal-------+
[EAX] 000 00 08 10 18 20 28 30 38
[ECX] 001 01 09 11 19 21 29 31 39
[EDX] 010 02 0A 12 1A 22 2A 32 3A
[EBX] 011 03 0B 13 1B 23 2B 33 3B
[--] [--] 00 100 04 0C 14 1C 24 2C 34 3C
disp32 101 05 0D 15 1D 25 2D 35 3D
[ESI] 110 06 0E 16 1E 26 2E 36 3E
[EDI] 111 07 0F 17 1F 27 2F 37 3F
disp8[EAX] 000 40 48 50 58 60 68 70 78
disp8[ECX] 001 41 49 51 59 61 69 71 79
disp8[EDX] 010 42 4A 52 5A 62 6A 72 7A
disp8[EPX]; 011 43 4B 53 5B 63 6B 73 7B
disp8[--] [--] 01 100 44 4C 54 5C 64 6C 74 7C
disp8[ebp] 101 45 4D 55 5D 65 6D 75 7D
disp8[ESI] 110 46 4E 56 5E 66 6E 76 7E
disp8[EDI] 111 47 4F 57 5F 67 6F 77 7F
disp32[EAX] 000 80 88 90 98 A0 A8 B0 B8
disp32[ECX] 001 81 89 91 99 A1 A9 B1 B9
disp32[EDX] 010 82 8A 92 9A A2 AA B2 BA
disp32[EBX] 011 83 8B 93 9B A3 AB B3 BB
disp32[--] [--] 10 100 84 8C 94 9C A4 AC B4 BC
disp32[EBP] 101 85 8D 95 9D A5 AD B5 BD
disp32[ESI] 110 86 8E 96 9E A6 AE B6 BE
disp32[EDI] 111 87 8F 97 9F A7 AF B7 BF
EAX/AX/AL 000 C0 C8 D0 D8 E0 E8 F0 F8
ECX/CX/CL 001 C1 C9 D1 D9 E1 E9 F1 F9
EDX/DX/DL 010 C2 CA D2 DA E2 EA F2 FA
EBX/BX/BL 011 C3 CB D3 DB E3 EB F3 FB
ESP/SP/AH 11 100 C4 CC D4 DC E4 EC F4 FC
EBP/BP/CH 101 C5 CD D5 DD E5 ED F5 FD
ESI/SI/DH 110 C6 CE D6 DE E6 EE F6 FE
EDI/DI/BH 111 C7 CF D7 DF E7 EF F7 FF
---------------------------------------------------------------------------
NOTES:
[--] [--] means a SIB follows the ModR/M byte. disp8 denotes an 8-bit
displacement following the SIB byte, to be sign-extended and added to the
index. disp32 denotes a 32-bit displacement following the ModR/M byte, to
be added to the index.
---------------------------------------------------------------------------
See Also: 17.2.1
Tab.17-4 32-Bit Addressing Forms with the SIB Byte
Table 17-4. 32-Bit Addressing Forms with the SIB Byte
r32 EAX ECX EDX EBX ESP [*] ESI EDI
Base = 0 1 2 3 4 5 6 7
Base = 000 001 010 011 100 101 110 111
+Scaled Index+ +SS Index+ +--------ModR/M Values in Hexadecimal--------+
[EAX] 000 00 01 02 03 04 05 06 07
[ECX] 001 08 09 0A 0B 0C 0D 0E 0F
[EDX] 010 10 11 12 13 14 15 16 17
[EBX] 011 18 19 1A 1B 1C 1D 1E 1F
none 00 100 20 21 22 23 24 25 26 27
[EBP] 101 28 29 2A 2B 2C 2D 2E 2F
[ESI] 110 30 31 32 33 34 35 36 37
[EDI] 111 38 39 3A 3B 3C 3D 3E 3F
[EAX*2] 000 40 41 42 43 44 45 46 47
[ECX*2] 001 48 49 4A 4B 4C 4D 4E 4F
[ECX*2] 010 50 51 52 53 54 55 56 57
[EBX*2] 011 58 59 5A 5B 5C 5D 5E 5F
none 01 100 60 61 62 63 64 65 66 67
[EBP*2] 101 68 69 6A 6B 6C 6D 6E 6F
[ESI*2] 110 70 71 72 73 74 75 76 77
[EDI*2] 111 78 79 7A 7B 7C 7D 7E 7F
[EAX*4] 000 80 81 82 83 84 85 86 87
[ECX*4] 001 88 89 8A 8B 8C 8D 8E 8F
[EDX*4] 010 90 91 92 93 94 95 96 97
[EBX*4] 011 98 89 9A 9B 9C 9D 9E 9F
none 10 100 A0 A1 A2 A3 A4 A5 A6 A7
[EBP*4] 101 A8 A9 AA AB AC AD AE AF
[ESI*4] 110 B0 B1 B2 B3 B4 B5 B6 B7
[EDI*4] 111 B8 B9 BA BB BC BD BE BF
[EAX*8] 000 C0 C1 C2 C3 C4 C5 C6 C7
[ECX*8] 001 C8 C9 CA CB CC CD CE CF
[EDX*8] 010 D0 D1 D2 D3 D4 D5 D6 D7
[EBX*8] 011 D8 D9 DA DB DC DD DE DF
none 11 100 E0 E1 E2 E3 E4 E5 E6 E7
[EBP*8] 101 E8 E9 EA EB EC ED EE EF
[ESI*8] 110 F0 F1 F2 F3 F4 F5 F6 F7
[EDI*8] 111 F8 F9 FA FB FC FD FE FF
---------------------------------------------------------------------------
NOTES:
[*] means a disp32 with no base if MOD is 00, [ESP] otherwise. This
provides the following addressing modes:
disp32[index] (MOD=00)
disp8[EBP][index] (MOD=01)
disp32[EBP][index] (MOD=10)
---------------------------------------------------------------------------
See Also: 17.2.1
Tab.17-5 Task Switch Times for Exceptions
Table 17-5. Task Switch Times for Exceptions
New Task
Old 386 TSS 286 TSS
Task VM = 0
386 VM = 0 309 282
TSS
386 VM = 1 314 231
TSS
286 307 282
TSS
See Also: 17.2.2.3
Tab.17-6 80386 Exceptions
Table 17-6. 80386 Exceptions
Mnemonic Interrupt Description
#UD 6 Invalid opcode
#NM 7 Coprocessor not available
#DF 8 Double fault
#TS 10 Invalid TSS
#NP 11 Segment or gate not present
#SS 12 Stack fault
#GP 13 General protection fault
#PF 14 Page fault
#MF 16 Math (coprocessor) fault
See Also: 17.2.2.8
Complete Flag Cross-Reference (Appendix B)
Status Flag Summary (Appendix C)
Condition Codes (Appendix D)