[File provided by Alex V. Potemkin ] Last Change 10/23/94 ------------------------------------------------------------ This is DOC about undocumented instructions and documented instructions of any last processors ------------------------------------------------------------ (C) (P) Potemkin's Hackers Group 1994 ------------------------------------------------------------ Revision 1. 1 September 1994 ------------------------------------------------------------ -------------------------------------------------- BSWAP - Bytes Swap --------------------------------------------------- CPU: I486 + Type of Instruction: Operation Instruction: BSWAP dwordr Description: XCHG BYTE dwordr[31:24], dwordr[7:0] XCHG BYTE dwordr[23:16], dwordr[15:8] ; Need Good Picture to Show It Notes: This instruction used for converting big-endian (Intel) format to little-endian (Motorolla etc.) format. Flags Affected: None CPU mode: RM, PM, VM, SMM Physical Form: BSWAP r32 COP (Code of Operation): 0FH 11001rrr Clocks: Cyrix Cx486SLC : 4 i486 : 1 Pentium : 1 --------------------------------------------------- CMPXCHG8B - Compare and exchange 8 bytes --------------------------------------------------- CPU: Pentium (tm) Type of Instruction: Operation Instruction: CMPXCHG8B dest Note: dest is memory operand: QWORD PTR [memory] Description: IF (QWORD (EDX:EAX) = dest) THEN { ZF <- 1; dest <- QWORD (ECX:EBX); } ELSE { ZF <- 0; EDX:EAX <- dest } END Flags Affected: ZF CPU mode: RM, PM, VM, SMM Physical Form: CMPXCHG8B mem64 COP (Code of Operation) : 0FH C7H Postbyte Clocks: Pentium : 10 Note: Postbyte MMRRRMMM: MM<>11 if (==) then INT 6 --------------------------------------------------- CMPXCHG - Compare and exchange --------------------------------------------------- CPU: i486+ Type of Instruction: Operation Instruction: CMPXCHG dest, src Description: Acc = if OperationSize (8) -> AL OperationSize (16) -> AX OperationSize (32) -> EAX IF (Acc = dest) THEN { ZF <- 1; dest <- sorc; } ELSE { ZF <- 0; Acc <- dest; } END Note: This instruction used to support semaphores Flags Affected: ZF (see description) OF, SF, AF, PF, CF (like CMP instruction) (see description) CPU mode: RM, PM, VM, SMM +++++++++++++++++++++++ Physical Form: CMPXCHG r/m8, r8 COP (Code of Operation) : 0FH A6H Postbyte ; i486 (A-B0 step) : 0FH B0H Postbyte ; i486 (B1+ step clones ; and upgrades) Clocks: Intel i486 : 6/7 if compare OK : 6/10 if compare FAIL Cyrix Cx486SLC : 5/7 Pentium (tm) : 6 Penalty if cache miss : Intel i486 : 2 Cyrix Cx486SLC : 1 +++++++++++++++++++++ Physical Form: CMPXCHG r/m16, r16 CMPXCHG r/m32, r32 COP (Code of Operation) : 0FH A7H Postbyte ; i486 (A-B0 step) : 0FH B1H Postbyte ; i486 (B1+ step clones ; and upgrades) Clocks: Intel i486 : 6/7 if compare OK : 6/10 if compare FAIL Cyrix Cx486SLC : 5/7 Pentium (tm) : 6 Penalty if cache miss : Intel i486 : 2 Cyrix Cx486SLC : 1 --------------------------------------------------- CPUID - CPU Identification --------------------------------------------------- CPU: Intel 486DX/SX/DX2 SL Enhanced and all later Intel processors include (IntelDX4, IntelSX2, Pentium etc.) Note: i.e. 1993+ years processors produced by Intel Note: To know if your CPU support CPUID instruction try to set ID flag (bit 21 of EFLAGS) to 1, and if it sets this mean that CPUID support. Type of Instruction: Operation Instruction: CPUID Description: IF (EAX=0) THEN { EAX <- Maximum value of EAX to CALL CPUID instruction 1 for all processors (date 1 September 1994) may be >1 in future microprocessors EBX <- 756E6547H i.e. 'Genu' EDX <- 49656E69H i.e. 'ineI' ECX <- 6C65746EH i.e. 'ntel' ;; EBX, EDX and ECX contain a OEM name string ;; for Intel this string is 'GenuineIntel' } ELSEIF (EAX=1) THEN { EAX[3:0] <- Stepping ID EAX[7:4] <- Model EAX[11:8] <- Family ; 4 - i486 family ; 5 - Pentium family EAX[15:12] <- Reserved ; set to 0 now ; but I'm sure that for Pentium OverDrive for P54C ;this field will be set to 1 EAX[31:16] <- Reserved and set to 0s now EDX <- Compability flags ;; below all info if bit flag =1 EDX[0] <- FPU on Chip EDX[1] <- Virtual Mode Extention present EDX[2] ?? EDX[3] ?? EDX[4] ?? somethere here TSC support EDX[5] ?? EDX[6] ?? EDX[7] <- Machine Check exception present EDX[8] <- CMPXCHG8B instruction present EDX[9] <- APIC on Chip EDX[31:10] <- Reserved and set to 0s now } ELSEIF (EAX > 1) THEN { EAX, EBX, ECX, EDX <- Undefined } END. Global Note: This file contain open i.e nonconfiderential information about CPUID information. If you want MORE try to contact Intel, may be (but I'm sure that not) Intelers give you "Yellow Pages" (i.e Supplement to Pentium (tm) Processor User's Manual) to read inside office if you not a designer of compiler or operation system. Flags Affected: None CPU mode: RM, PM, VM, SMM Physical Form: CPUID COP (Code of Operation): 0FH A2H Clocks: 486s & Pentium (EAX=1) : 14 486s & Pentium (EAX=0 or EAX>1) : 9 --------------------------------------------------- F4X4 - FPU: Multiplicate vector on Matrix 4x4 --------------------------------------------------- FPU: IIT FPUs. Type of Instruction: FPU instruction Instruction: F4X4 Description: ; This Instruction Multiplicate vector on ; Matrix 4X4 _ _ _ _ _ _ | | | | | | | Xn | | A00 A01 A02 A03 | | X0 | | Yn | = | A10 A11 A12 A13 | X | Y0 | | Zn | | A20 A21 A22 A23 | | Z0 | | Wn | | A30 A31 A31 A33 | | W0 | |_ _| |_ _| |_ _| ; Data fetches/stores from/to FPU registers: # of F E T C H E S STORE Register Bank0 Bank1 Bank2 Bank0 ST X0 A33 A31 Xn ST (1) Y0 A23 A21 Yn ST (2) Z0 A13 A11 Zn ST (3) W0 A03 A01 Wn ST (4) A32 A30 ST (5) A22 A20 ST (6) A12 A10 ST (7) A02 A00 Note: See FSBP0, FSBP1, FSBP2 for more information FPU Flags Affected: S FPU mode: Any Physical Form: F4X4 COP (Code of Operation): DBH F1H Clocks: IIT 2c87 : 242 IIT 3c87 : 242 IIT 3c87SX : 242 --------------------------------------------------- FNSTDW - FPU Not wait Store Device Word register --------------------------------------------------- FPU: i387SL Mobile Type of Instruction: FPU instruction Instruction: FNSTDW dest Description: dest <- Device Word Format of Device word: bit (s) Description 0-7 Reserved 8 S - Status bit: if S=1 then FP device is a static design and OS or APM Bios may set CLK slow to 0 Mhz without lost any data. 9-15 Reserved Note: Device word register valid only after FNINIT FPU Flags Affected: None CPU mode: Any Physical Form: FNSTDW AX COP (Code of Operation): DFH E1H Clocks: i387SL Mobile: 13 --------------------------------------------------- FNSTSG - FPU Not wait Store Signature Word register --------------------------------------------------- FPU: i387SL Mobile Type of Instruction: FPU instruction Instruction: FNSTSG dest Description: dest <- Signature Word Format of Signature word: bit (s) Description 3-0 Revision 7-4 Steppin 11-8 Family 15-12 Version Note: For i387 (tm) SL Mobile Signature is: Version = 2 Family = 3 ; 387 Stepping = 1 ; Ax step Revision = 0 ; x0 step i.e i387 (tm) SL is A0 step Note: This FPU is out of life Note: Signature word register valid only after FNINIT FPU Flags Affected: None CPU mode: Any Physical Form: FNSTSG AX COP (Code of Operation): DFH E2H Clocks: i387SL Mobile: 13 --------------------------------------------------- FRICHOP - FPU: Round to Integer chop method --------------------------------------------------- FPU: Cyrix FPUs and 486s with FPU on chip Type of Instruction: FPU instruction Instruction: FRICHOP Description: ST <- ROUND (ST, CHOP) Note: This instruction calculate rounding ST toward zero i.e. ignoring part righter that decimal . Examples: 1.2 -> 1.0 -1.2 -> -1.0 3.0 -> 3.0 0.0 -> 0.0 1.5 -> 1.0 -2.0 -> -2.0 FPU Flags Affected: S, P, D, I, C1 FPU mode: Any Physical Form: FRICHOP COP (Code of Operation): DDH FCH Clocks: Cx83D87 : 15 Cx83S87 : 15 CxEMC87 : 15 Cx487DLC : --------------------------------------------------- FRINEAR - FPU: Round to Integer Nearest method --------------------------------------------------- FPU: Cyrix FPUs and 486s with FPU on chip Type of Instruction: FPU instruction Instruction: FRINEAR Description: ST <- ROUND (ST, NEAREST) Note: This instruction calculate rounding ST toward nearest Examples: 1.2 -> 1.0 -1.2 -> -1.0 3.0 -> 3.0 0.0 -> 0.0 1.5 -> 1.0 1.8 -> 2.0 -2.0 -> -2.0 FPU Flags Affected: S, P, D, I, C1 FPU mode: Any Physical Form: FRINEAR COP (Code of Operation): DFH FCH Clocks: Cx83D87 : 15 Cx83S87 : 15 CxEMC87 : 15 Cx487DLC : --------------------------------------------------- FRINT2 - FPU: Round to Integer --------------------------------------------------- FPU: Cyrix FPUs and 486s with FPU on chip Type of Instruction: FPU instruction Instruction: FRINT2 Description: IF (exact half) THEN { ST <- SIGN (ST) * ROUND (ABS (ST)+0.5, NEAREST) } ELSE { ST <- ROUND (ST, NEAREST) } END Note: This instruction calculate rounding ST toward nearest, but if number is exact half then this instruction round it toward signed infinity. Sign of this infinity is same with sign of number. Examples: 1.2 -> 1.0 -1.2 -> -1.0 3.0 -> 3.0 0.0 -> 0.0 1.5 -> 2.0 1.8 -> 2.0 -2.0 -> -2.0 -1.5 -> -2.0 FPU Flags Affected: S, P, D, I, C1 FPU mode: Any Physical Form: FRINT2 COP (Code of Operation): DBH FCH Clocks: Cx83D87 : 15 Cx83S87 : 15 CxEMC87 : 15 Cx487DLC : --------------------------------------------------- FRSTPM - FPU Reset Protected Mode --------------------------------------------------- FPU: i287XL i287XLT Type of Instruction: FPU instruction Instruction: FRSTPM Description: Reset Cooprocessor from Protected Mode to Real Address mode. FPU Flags Affected: None CPU mode:Any ??? Physical Form: FRSTPM COP (Code of Operation): DBH E5H Clocks: i287XL : 12 i287XLT : 12 --------------------------------------------------- FSBP0 - FPU: Set Bank pointer to Bank # 0 --------------------------------------------------- FPU: IIT FPUs. Type of Instruction: FPU instruction Instruction: FSBP0 Description: ; This Instruction set current bank pointer to ; Bank # 0. ; Each bank contain eight 80bit registers ; There are 3 banks (0, 1, 2) in Chip ; After initialization FPU select bank # 0. FPU Flags Affected: None FPU mode: Any Physical Form: FSBP0 COP (Code of Operation): DBH E8H Clocks: IIT 2c87 : 6 IIT 3c87 : 6 IIT 3c87SX : 6 --------------------------------------------------- FSBP1 - FPU: Set Bank pointer to Bank # 1 --------------------------------------------------- FPU: IIT FPUs. Type of Instruction: FPU instruction Instruction: FSBP1 Description: ; This Instruction set current bank pointer to ; Bank # 1. ; Each bank contain eight 80bit registers ; There are 3 banks (0, 1, 2) in Chip ; After initialization FPU select bank # 0. FPU Flags Affected: None FPU mode: Any Physical Form: FSBP1 COP (Code of Operation): DBH EBH Clocks: IIT 2c87 : 6 IIT 3c87 : 6 IIT 3c87SX : 6 --------------------------------------------------- FSBP2 - FPU: Set Bank pointer to Bank # 2 --------------------------------------------------- FPU: IIT FPUs. Type of Instruction: FPU instruction Instruction: FSBP2 Description: ; This Instruction set current bank pointer to ; Bank # 2. ; Each bank contain eight 80bit registers ; There are 3 banks (0, 1, 2) in Chip ; After initialization FPU select bank # 0. FPU Flags Affected: None FPU mode: Any Physical Form: FSBP2 COP (Code of Operation): DBH EAH Clocks: IIT 2c87 : 6 IIT 3c87 : 6 IIT 3c87SX : 6 --------------------------------------------------- INVD - Invalidate Cache Buffer --------------------------------------------------- CPU: I486 + Type of Instruction: System Instruction: INVD Description: FLUSH INTERNAL CACHE (It means that all lines of internal caches sets as invalid) SIGNAL EXTERNAL CACHE TO FLUSH Notes: This instruction not work in Real Mode and in Protected mode work only in ring 0 ; Flags Affected: None CPU mode: PM0, SMM? Physical Form: INVD COP (Code of Operation): 0FH 08H Clocks: Cyrix Cx486SLC : 4 i486 : 4 Pentium : 15 --------------------------------------------------- INVLPG - Invalidate Page Entry In TLB --------------------------------------------------- CPU: I486 + Type of Instruction: System Instruction: INVLPG mem Description: IF found in data or code (if both) (or common if single) TLB entry with linear address (page part) same as memory operand then mark this entry as Invalid; Notes: This instruction not work in Real Mode and in Protected mode work only in ring 0 ; Flags Affected: None CPU mode: RM, PM, VM, SMM Physical Form: INVLPG mem COP (Code of Operation): 0FH 01H mm111mmm Clocks: Cyrix Cx486SLC : 4 i486 : 12 if hit : 11 if not hit Pentium : 25 --------------------------------------------------- LOADALL - Load All Registers --------------------------------------------------- CPU: Intel 386+ +all clones Type of Instruction: System Operation (Work only then CPL=0) Instruction: LOADALL Description: Load All Registers (Include Shadow Registers) from Table Which Begin on place pointed ES:EDI Format of LOADALL Table: Offset Len Description 0H 4 CR0 4H 4 EFLAGS 8H 4 EIP CH 4 EDI 10H 4 ESI 14H 4 EBP 18H 4 ESP 1CH 4 EBX 20H 4 EDX 24H 4 ESX 28H 4 EAX 2CH 4 DR6 30H 4 DR7 34H 4 TR (16 bit, zero filled up) 38H 4 LDT --------- 3CH 4 GS --------- 40H 4 FS --------- 44H 4 DS --------- 48H 4 SS --------- 4CH 4 CS --------- 50H 4 ES --------- 54H 4 TSS.attrib 58H 4 TSS.base 5CH 4 TSS.limit 60H 4 0s 64H 4 IDT.base 68H 4 IDT.limit 6CH 4 0s 70H 4 GDT.base 74H 4 GDT.limit 78H 4 LDT.attrib 7CH 4 LDT.base 80H 4 LDT.limit 84H 4 GS.attrib 88H 4 GS.base 8CH 4 GS.limit 90H 4 FS.attrib 94H 4 FS.base 98H 4 FS.limit 9CH 4 DS.attrib A0H 4 DS.base A4H 4 DS.limit A8H 4 SS.attrib ACH 4 SS.base B0H 4 SS.limit B4H 4 CS.attrib B8H 4 CS.base BCH 4 CS.limit C0H 4 ES.attrib C4H 4 ES.base C8H 4 ES.limit Format of Attrib field: Byte Description 0 0s 1 AR (Access Right) byte in the Descriptor format Note: P bit is a valid bit if valid bit=0 then Shadow Register is invalid and INT 0DH - General Protection Fault call DPL of SS, CS det. CPL 2-3 0s Flags Affected: All (FLAGS Register Reload) CPU mode: RM, PM0 Physical Form: LOADALL COP (Code of Operation): 0FH 07H Clocks: i386XX : n/a i486XX : n/a Note: This operation used 102 data transfer cycles on 32bit bus Typical clocks: i386SX: ~350 i386DX: ~290 i486XX: ~220 --------------------------------------------------- LOADALL - Load All Registers From Table --------------------------------------------------- CPU: Intel 80286 and all its clones Type of Instruction: System Operation (Work only then CPL=0) Instruction: LOADALL Description: Load All Registers (Include Shadow Registers) from Table Which Begin on 000800H Address, Len of this table is 66H Format of LOADALL Table: Address Len Description 800H 6 None 806H 2 MSW 808H 14 None 816H 2 TR 818H 2 FLAGS 81AH 2 IP 81CH 2 LDTR 81EH 2 DS 820H 2 SS 822H 2 CS 824H 2 ES 826H 2 DI 828H 2 SI 82AH 2 BP 82CH 2 SP 82EH 2 BX 830H 2 DX 832H 2 CX 834H 2 AX 836H 6 ES Shadow Descriptor 83CH 6 CS Shadow Descriptor 842H 6 SS Shadow Descriptor 848H 6 DS Shadow Descriptor 84EH 6 GDTR 854H 6 LDT Shadow Descriptor 85AH 6 IDTR 860H 6 TSS Shadow Descriptor Format of Shadow Descriptor: Byte Description 0-2 24bit Phisical Address 3 AR (Access Right) byte 4-5 16bit Segment Limit Format of GDTR and IDTR: Byte Description 0-2 24bit Phisical Address 3 0s 4-5 16bit Segment Limit Flags Affected: All (FLAGS Register Reload) CPU mode: RM, PM0 Physical Form: LOADALL COP (Code of Operation): 0FH 05H Clocks: 80286 : 195 --------------------------------------------------- RDMSR - Read From Model Specified Register --------------------------------------------------- CPU: Pentium (tm) Type of Instruction: Operation Instruction: RDMSR Description: IF (ECX is valid number of MSR) and (CPL=0) THEN { EDX:EAX <- MSR [ECX]; } ELSE { General Protection Fault INT 0DH (0) } END Flags Affected: None CPU mode: RM, PM0, SMM Physical Form: RDMSR COP (Code of Operation): 0FH 32H Clocks: Pentium : 20-24 --------------------------------------------------- RDTSC - Read From Time Stamp Counter --------------------------------------------------- CPU: Pentium (tm) Type of Instruction: Operation Instruction: RDTSC Description: IF (CR4.TSD=0) or ( (CR4.TSD=1) and (CPL=0)) THEN { EDX:EAX <- TSC; } ELSE { General Protection Fault INT 0DH (0) } END Note: TSC is one of MSR and after global hardware reset (not SRESET , but RESET) it clear to 0000000000000000H. (But what about frequency ???) Flags Affected: None CPU mode: RM, PM0, SMM ; PM, VM if enable Physical Form: RDTSC COP (Code of Operation): 0FH 31H Clocks: Pentium : n/a [20-24] --------------------------------------------------- REPC - Repeat While Carry Flag --------------------------------------------------- CPU: NEC V20, NEC V30, etc [ Vxx seria ] Sony V20, Sony V30 Type of Instruction: Prefix Instruction: REPC Description: DO CX=CX-1; SERVICE_PENDING_INTERRUPT; STRING_INSTRUCTION; LOOPWHILE ( (CX<>0) AND (CF==1)); Flags Affected: None CPU Mode: RM 8086 Physical Form: REPC COP (Code of Operation): 65H Clocks: NEC V20 : 2 NEC V30 : 2 --------------------------------------------------- REPNC - Repeat While Not Carry Flag --------------------------------------------------- CPU: NEC V20, NEC V30, etc [ Vxx seria ] Sony V20, Sony V30 Type of Instruction: Prefix Instruction: REPNC Description: DO CX=CX-1; SERVICE_PENDING_INTERRUPT; STRING_INSTRUCTION; LOOPWHILE ( (CX<>0) AND (CF<>1)); Flags Affected: None CPU mode: RM 8086 Physical Form: REPNC COP (Code of Operation): 64H Clocks: NEC V20 : 2 NEC V30 : 2 --------------------------------------------------- RES3 - Restore All CPU Registers --------------------------------------------------- CPU: AMD Am386SXLV, Am386DXLV also all AMD's 486 which support SMM Type of Instruction: System Operation (Work only then CPL=0) Instruction: RES3 Description: Load All Registers (Include Shadow Registers) from Table Which Begin on place pointed ES:EDI Note: This instruction is AMD analog Intel's LOADALL instruction but it's more i.c. return from SMM used this instruction. Then in SMM table is in SMRAM, then non SMM then table is in main memory. Format of RES3 Table: Offset Len Description 0H 4 CR0 4H 4 EFLAGS 8H 4 EIP CH 4 EDI 10H 4 ESI 14H 4 EBP 18H 4 ESP 1CH 4 EBX 20H 4 EDX 24H 4 ESX 28H 4 EAX 2CH 4 DR6 30H 4 DR7 34H 4 TR (16 bit, zero filled up) 38H 4 LDT --------- 3CH 4 GS --------- 40H 4 FS --------- 44H 4 DS --------- 48H 4 SS --------- 4CH 4 CS --------- 50H 4 ES --------- 54H 4 TSS.attrib 58H 4 TSS.base 5CH 4 TSS.limit 60H 4 Reserved 64H 4 IDT.base 68H 4 IDT.limit 6CH 4 REP OUTS overrun flag 70H 4 GDT.base 74H 4 GDT.limit 78H 4 LDT.attrib 7CH 4 LDT.base 80H 4 LDT.limit 84H 4 GS.attrib 88H 4 GS.base 8CH 4 GS.limit 90H 4 FS.attrib 94H 4 FS.base 98H 4 FS.limit 9CH 4 DS.attrib A0H 4 DS.base A4H 4 DS.limit A8H 4 SS.attrib ACH 4 SS.base B0H 4 SS.limit B4H 4 CS.attrib B8H 4 CS.base BCH 4 CS.limit C0H 4 ES.attrib C4H 4 ES.base C8H 4 ES.limit Unknown Unusable area 100H 4 Temporary register 104H 4 ------------- 108H 4 ------------- 10CH 4 ------------- 110H 4 ------------- 114H 4 ------------- 118H 4 ------------- 11CH 4 ------------- 120H 4 ------------- 124H 4 Last EIP (Last instruction EIP for Restart) Format of Attrib field: Byte Description 0 0s 1 AR (Access Right) byte in the Descriptor format Note: P bit is a valid bit if valid bit=0 then Shadow Register is invalid and INT 0DH - General Protection Fault call DPL of SS, CS det. CPL 2-3 0s Flags Affected: All (FLAGS Register Reload) CPU mode: RM, PM0, SMM Physical Form: RES3 COP (Code of Operation): 0FH 07H Note: Code is same with Intel's LOADALL Clocks: Am386SXLV : 366 Am386DXLV : 291 --------------------------------------------------- RSM - Resume from System Managment Mode --------------------------------------------------- CPU: I486 SL Enhanced+, i486SL, i386CX, i386EX Type of Instruction: System Instruction: RSM Description: Restore execution state from SMRAM and return to previous CPU mode CPU mode: SMM only (INT 6 - Undefined Opcode in all other mode) Flags Affected: All Note: CPU state restored from dump created entrance to SMM. The CPU leave SMM and return to previous mode. If CPU detect any invalid state it enters shutdown. This invalid states is: * The value stored in State Dump Base field is not 32K aligned address * Any Reserved bit of CR4 is set to 1 (Pentium only) * Any illegal Combination of CR0: ** (PG=1 and PE=0) ** (NW=1 and CD=0) Physical Form: RSM COP (Code of Operation) : 0FH AAH Clocks: i386CX : 338 i486 SL Enhanced : ??? IntelDX4 : 452 ; SMBASE relocation : 456 ; AutoHALT restart : 465 ; I/O Trap restart Pentium : 83 --------------------------------------------------- SETALC - Set AL to Carry Flag --------------------------------------------------- CPU: Intel 80286 and all its clones and upward compatibility chips Type of Instruction: Operation Instruction: SETALC Description: IF (CF=0) THEN AL:=0 ELSE AL:=FFH; Flags Affected: None CPU mode: RM, PM, VM, SMM Physical Form: SETALC COP (Code of Operation): D6H Clocks: 80286 : n/a [3] 80386 : n/a [3] Cx486SLC : n/a [2] i486 : n/a [3] Pentium : n/a [3] --------------------------------------------------- SMI - System Managment Interrupt --------------------------------------------------- CPU: AMD Am386SXLV, Am386DXLV AMD 486s Type of Instruction: System Instruction: SMI Description: IF (SMIE=1) THEN { SAVE STATUS OF EXECUTION TO SMRAM; ENTER SMM; SMMS <- 1; } ELSE { INT 1; } END Notes: SMIE is (DR7.bit12) =1 Enable soft SMI =0 Disable soft SMI SMMS is (DR6.bit12) =1 SMM was entered =0 SMM status cleared Flags Affected: None CPU mode: RM?, PM0 Physical Form: SMI COP (Code of Operation): F1H Clocks: Am386SXLV : 357 Am386DXLV : 325 Am486xxxx : Don't know, do you? --------------------------------------------------- UMOV - Mov Data to Main (User) Memory --------------------------------------------------- CPU: AMD Am386SXLV, Am386DXLV AMD 486s Type of Instruction: Operation Instruction: UMOV dest, sorc Description: dest <- sorc; Note!!!!!: But all memory operands placed in Main memory only ! (i.e. not in SMRAM then in SMM) Flags Affected: None CPU mode: RM?, PM?, VM?, SMM +++++++++++++++++++++++ Physical Form: UMOV r/m8, r8 COP (Code of Operation) : 0FH 10H Postbyte Clocks: Am386SXLV or AM386DXLV: 2/2 +++++++++++++++++++++ Physical Form: UMOV r/m16, r16 UMOV r/m32, r32 COP (Code of Operation) : 0FH 11H Postbyte Clocks: Am386SXLV or AM386DXLV: 2/2 +++++++++++++++++++++++ Physical Form: UMOV r8, r/m8 COP (Code of Operation) : 0FH 12H Postbyte Clocks: Am386SXLV or AM386DXLV: 2/4 +++++++++++++++++++++ Physical Form: UMOV r16, r/m16 UMOV r32, r/m32 COP (Code of Operation) : 0FH 13H Postbyte Clocks: Am386SXLV or AM386DXLV: 2/4 --------------------------------------------------- WBINVD - Write Back and Invalidate Cache --------------------------------------------------- CPU: I486 + Type of Instruction: System Instruction: WBINVD Description: IF (internal cache is WB) THEN { Write Back Internal Cache; } Flush internal cache; Signal external cache to Write Back; Signal external cache to Flush; Notes: This instruction not work in Real Mode and in Protected mode work only in ring 0 ; Flags Affected: None CPU mode: PM0, SMM Physical Form: INVD COP (Code of Operation): 0FH 09H Clocks: Cyrix Cx486SLC : 4 i486 : 5 Pentium : 2000+ --------------------------------------------------- WRMSR - Write to From Model Specified Register --------------------------------------------------- CPU: Pentium (tm) Type of Instruction: Operation Instruction: WRMSR Description: IF (ECX is valid number of MSR) and (CPL=0) THEN { MSR [ECX] <- EDX:EAX; } ELSE { General Protection Fault INT 0DH (0) } END Flags Affected: None CPU mode: RM, PM0, SMM Physical Form: WRMSR COP (Code of Operation): 0FH 30H Clocks: Pentium : 30-45 --------------------------------------------------- XADD - Exchange and addition --------------------------------------------------- CPU: i486+ Type of Instruction: Operation Instruction: XADD dest, sorc Description: Temporary <- dest; dest <- dest + sorc; sorc <- Temporary; Flags Affected: ZF, OF, SF, AF, PF, CF (like ADD instruction) (see description) CPU mode: RM, PM, VM, SMM +++++++++++++++++++++++ Physical Form: XADD r/m8, r8 COP (Code of Operation) : 0FH C0H Postbyte Clocks: Intel i486 : 3/4 Cyrix Cx486SLC : 3/6 Pentium (tm) : 3/4 Penalty if cache miss : Intel i486 : 6/2 ; Unlocked/Locked Cyrix Cx486SLC : 0 ; N/A +++++++++++++++++++++ Physical Form: XADD r/m16, r16 XADD r/m32, r32 COP (Code of Operation) : 0FH C1H Postbyte Clocks: Intel i486 : 3/4 Cyrix Cx486SLC : 3/6 Pentium (tm) : 3/4 Penalty if cache miss : Intel i486 : 6/2 ; Unlocked/Locked Cyrix Cx486SLC : 1 ; N/A ---end of file---end of file---