[email protected] +91 9175287066
This website is always under updation with new contents
Unit – 4 Architecture of 80286
Unit I
Unit II
Unit III
Unit IV
Unit V
1. It is 16 bit processor.
2. It has 24 bit address lines.
3. It can access 16 MB of physical memory.
4. It is available in various versions that run on 12.5 MHz, 10 MHz and 8 MHz clock frequencies.
5. 80286 is upwardly compatible with 8086 in terms of instruction set.
6. Memory management and concepts of virtual memory is introduced in 80286.
7. Intel’s 80286 is the first CPU to incorporate the integrated memory management unit.
8. The 80286 works in two operating modes, viz. real address mode and protected virtual address mode. In real address mode, the 80286 just acts as a fast 8086. All the memory management and protection mechanisms are disabled in this mode.
9. In the protected virtual address mode, the 80286 works with all of its memory management and protection capabilities with the advanced instruction in both the modes.
The 80286 CPU contains almost the same set of registers, as in 8086, viz.
(a) Eight 16-bit general purpose registers
(b) Four 16-bit segment registers
(c) Status and control register
(d) Instruction pointer.
The register set of 80286 is shown in Fig.
Status and control register: -
The flag register reflects the results of logical and arithmetic instructions. The flag register bits D0, D2, D4, D6, D7 and D11 are modified according to the result of the execution of logical and arithmetic instructions. These are called as status flag bits.The bits D8 and D9 namely, Trap Flag (TF) and Interrupt Flag (IF) bits, are used for controlling machine operation and thus they are called control flags. All the above discussed flags are also available in 8086. Figure 9.2 shows the flag register of 80286 with the bit definitions, and the additional field definitions.The additional fields available in 80286 flag register are, IOPL-I/O Privilege Field (bits D12, and D13), NT-Nested Task flag (bit D14).
Machine Status Word (MSW)|: --
The machine status word consists of four flags. These are—PE, MP, EM and TS of the four lower order bits D19 to D16 of the upper word of the flag register. The LMSW and SMSW instructions are available in the instruction set of 80286 to write and read the MSW in real address mode. PE-Protection Enable (bit D16), MP-Monitor Processor Extension (bit D17), Processor Extension Emulator (bit D18) and TS-Task Switch (bit D19). All these fields are described briefly in Table given below.
The internal block diagram showing the overall architecture of 80286 is presented in Fig. The CPU may he viewed to contain four functional parts, viz.
(i) Address Unit (AU)
(ii) Bus Unit (BU)
(iii) Instruction Unit (IU)
(iv) Execution Unit (EU).
Address Unit (AU):
It is responsible for calculating the physical addresses of instructions and data that the CPU wants to access. Also the address lines derived by this unit may he used to address different peripherals.This physical address computed by the address unit is handed over to the Bus Unit (BU) of the CPU.
Bus Unit (BU): -
It consists of address latches and drivers. The address latches and drivers transmit the physical address thus formed over the address bus A0-A23. One major function of the bus unit is to fetch instruction bytes from the memory. Another major module in the bus unit is the processor extension interface module which takes care of communication between the CPU and a coprocessor. Instructions are fetched in advance and stored in a queue to enable faster execution of the instructions. This concept is known as instruction pipelining. Thus for fetching the next instruction, the CPU need not wait till the completion of execution of the previous instruction. Rather, when one instruction is getting executed, the subsequent instruction is being prefetched, decoded and kept ready for execution. The prefetcher module in the bus unit performs this task of prefetching. The bus unit also contains a bus control module that controls the prefetcher module. These fetched instructions are arranged in a 6 byte prefetch queue. Thus usually the CPU prefetches the instructions, to enhance the speed of execution. However, one interesting situation very often arises, when there are branch instructions. In case of an unconditional branch, the CPU will have to flush out the prefetched instructions immediately following the branch instruction, since the control will he transferred to the branch destination address. In case of a conditional branch, depending upon the success of the condition, the prefetched instructions will be flushed out of the queue and further prefetching may be carried out, if required. The 6-byte prefetch queue forwards the instructions arranged in it to the Instruction Unit (IU).
(iii) Instruction Unit (IU)
The instruction unit accepts instructions from the prefetch queue and an instruction decoder decodes them one by one. The decoded instructions are latched onto a decoded instruction queue. The data transreceivers interface and control the internal data bus with the system bus. The output of the decoding circuit drives a control circuit in the Execution Unit (EU).
Execution Unit (EU):: -
It is responsible for executing the instructions received from the decoded instruction queue, which sends the data part of the instruction over the data bus. The EU contains the register bank, used for storing the data as scratch pad, or used as special purpose registers. The ALU, the heart of the EU, carries out all the arithmetic and logical operations and sends the results either over the data bus or back to the register bank.
Interrupts structure of 80286
The interrupts of 80286 may be divided into three categories, viz.
(a) External or Hardware interrupts.
(b) INT instruction or software interrupts
(c) Interrupts generated internally by exceptions.
Maskable Interrupt INTR
This is a maskable interrupt input pin of which the INT type is to be provided by an external circuit like an interrupt controller. The other functional details of this interrupt pin are exactly similar to the INTR input of 8086.
Non-maskable Interrupt NMI
It has higher priority than the INTR interrupt. Whenever this interrupt is received, a vector value of 02 is supplied internally to calculate the pointer to the interrupt vector table. Once the CPU responds to a NMI request, it does not serve any other interrupt request (including NMI). Further it does not serve the processor extension (coprocessor) segment overrun interrupt, till it either executes IRET or is reset. To start with, this clears the IF flag which is set again with the execution of IRET, i.e. return from interrupt.
Single Step Interrupt
As in 8086, this is an internal interrupt that comes into action, if the trap flag (TF) of 80286 is set. The CPU stops the execution after each instruction cycle so that the register contents (including flag register), the program status word and memory, etc. may be examined at the end of each instruction execution. This interrupt is useful for troubleshooting the software. An interrupt vector type 01 is reserved for this interrupt.
Interrupt Priorities
If more than one interrupt signals occur simultaneously, they are processed according to their priorities as shown in Table
Explain the function of following pins
The 80286 is available in 68-pin PLCC (Plastic Leaded Chip Carrier), 68-pin LCC (Lead Less Chip Carrier) and 68-pin PGA (Pin Grid Array) packages. The signal descriptions of 80286 are briefly discussed below.
CLK: -
This is the system clock input pin. The clock frequency applied at this pin is divided by two internally and is used for deriving fundamental timings for basic operations of the circuit. The clock is generated using 82284 clock generator.
D15-D0: -
These are sixteen bidirectional data bus lines.
A23 - A0
These are the physical address output lines used to address memory or I/O devices. The address lines A23 — A16 are zero during I/O transfers.
This output signal, as in 8086, indicates that there is a transfer on the higher byte of the data bus (D15— D8).
S1, S0
These are the active-low status output signals which indicate initiation of a bus cycle and with M/IO and COD/ INTA, they define the type of the bus cycle as shown in Table 9.4.
M/IO: -
This output line differentiates memory operations from 110 operations. If this signal is “0”, it indicates that an I/O cycle or INTA cycle is in process and if it is “1”, it indicates that a memory or a HALT cycle is in progress.
This output signal, in combination with M1IO signal and S 1—S0 distinguishes different memory, 110 and INTA cycles.
LOCK: - This active-low output pin is used to prevent the other masters from gaining the control of the bus for the current and the following bus cycles. This pin is activated by a “LOCK” instruction prefix, or automatically by hardware during XCHG, interrupt acknowledge or descriptor table access.
This active-low input pin is used to insert wait states in a bus cycle, for interfacing low speed peripherals. This signal is neglected during HLDA cycle.
HOLD and HLDA: -
This pair of pins is used by external bus masters to request for the control of the system bus (HOLD) and to check whether the main processor has granted the control (HLDA) or not, in the same way as it was in 8086.
NTR: -
Through this active high input, an external device requests 80286 to suspend the current instruction execution and serve the interrupt request. Its function is like that of INTR pin of 8086.
NMI: -
The Non-Maskable Interrupt request is an active-high, edge-triggered input that is equivalent to an INTR signal of type 2. No acknowledge cycles are needed to be carried out.
(Processor Extension Request and Acknowledgement). These pair of pins extends the memory management and protection capabilities of 80286 to the processor extension 80287. The PEREQ input requests the 80286 to perform a data operand transfer for a processor extension. The PEACK active-low output indicates to the processor extension that the requested operand is being transferred.
Processor extension BUSY and ERROR active-low input signals indicate the operating conditions of a processor extension to 80286. The BUSY goes low, indicating 80286 to suspend the execution and wait until the BUSY becomes inactive. In this duration, the processor extension is busy with its allotted job.An active ERROR signal causes the 80286 to perform the processor extension interrupt while executing the WAIT and ESC instructions. The active ERROR signalindicates to 80286 that the processor extension has committed a mistake and hence it is reactivating the processor extension interrupt.
CAP: -
A 0.O47jif, 12V capacitor must be connected between this input pin and ground to filter the output of the internal substrate bias generator. For correct operation of 80286 the capacitor must be charged to its operating voltage. Till this capacitor charges to its full capacity, the 80286 may be kept stuck to reset to avoid any spurious activity.
Vss: -
This pin is a system ground pin of 80286.
Vcc: -
This pin is used to apply +5V power supply voltage to the internal circuit of 80286
The active-high RESET input clears the internal logic of 80286 and reinitializes it. The active-high reset input pulse width should be at least 16 clock cycles. The 80286 requires at least 38 clock cycles after the trailing edge of the RESET input signal, before it makes the first opcode fetch cycle.

Explain the Real mode operation of 80286.
The 80286 CPU can operate in two modes:
(a) Real address mode and
(b) Protected virtual address mode.
Instruction Pointer:
The Instruction Pointer or IP (also called the program counter in 8085) is a processor register that indicates where the computer is in its instruction sequence. In 8086 instruction pointer holds the address of the next instruction to be executed. In most processors, the instruction pointer is incremented automatically after fetching a program instruction, so that instructions are normally retrieved sequentially from memory, with certain instructions, such as branches, jumps and subroutine calls and returns, interrupting the sequence by placing a new value in the program counter.
In real addressing mode of operation; the 80286 acts as a fast 8086. The 80286 addresses only 1 Mbytes of physical memory using A0-A19. The lines A20-A23 are not used by the internal circuit of 80286 in this mode. In real address mode, while addressing the physical memory, the 80286 uses BHE along with A0-A19. The 20-bit physical address is again formed in the same way as that in 8086. The contents of segment registers are used as segment base addresses. The other registers, depending upon the addressing mode, contain the offset addresses. The address formation in real address mode is shown in Fig. An interesting question may be raised at this point: In the real address mode, are the speeds of 8086 and 80286 identical? Because of extra pipelining and other circuit level improvements, in real address mode also, the 80286 operates at a much faster rate than 8086, although functionally they work in an identical fashion.

As in 8086, the physical memory is organized in terms of segments of 64 Kbytes maximum size. An exception is generated, if the segment size limit is exceeded by the instruction or the data. The overlapping of physical memory segments is allowed to minimize the memory requirements for a task. The 80286 reserves two fixed areas of physical memory for system initialization and interrupt vector table. In the real mode the first 1 KB of memory starting from address 00000H to 003FFH is reserved for interrupt vector table. Also the addresses from FFFF0H to FFFFFH are reserved for system initialization. The program execution starts from FFFF0H after reset and initialization. The interrupt vector table of 80286 is organized in the same way as that of 8086. Some of the interrupt types are reserved for exceptions, single-stepping and processor extension segment overrun, etc. When the 80286 is reset, it always starts its execution in real address mode, wherein it performs the following functions: -
 It initializes the IP and other registers of 80286, initializes the peripheral, enables interrupts, sets up descriptor tables and then it prepares for entering the protected virtual address mode.
Que: - Explain protected mode memory operation of 80286 Microprocessor in brief.
The 80286 is the first processor to support the concepts of virtual memory and memory management.
Virtual memory does not exist physically it still appears to be available within the system. The concept of virtual memory is implemented using physical memory that the CPU can directly access the secondary memory that is used as storage for data and program, which are stored in secondary memory initially. The segment of the program or data, required for actual execution at that instant, is fetched from the secondary memory into physical memory. After the execution of this fetched segment, the next segment required for further execution is again fetched from the secondary memory, while the results of the executed segment are stored back into the secondary memory for further references. This continues till the complete program is executed. During the execution, the partial results of the previously executed portions are again fetched into the physical memory, if required for further execution. The procedure of fetching the chosen program segments or data from the secondary storage into the physical memory is called memory swapping. The procedure of storing back the partial results or data back on to the secondary storage is called unswapping. The 80286 is able to address 1Gbyte of virtual memory per task.
 In case of huge programs (in general greater than physical memory in size), they are divided in either smaller segments or pages which are arranged in appropriate sequence and are swapped in or out of primary memory as per the requirements, for execution of the complete program.
 These segments or pages have been associated with a data structure called as a descriptor. The descriptor contains information of the program segment or page.
 For example a school teacher may stack all the answer sheets solved by the students in a bundle and attached a small slip of paper with it containing information like name, subject, class, date and year of examination, his own name, number of students, present and absent, roll numbers of absent students etc. From this information return on the small slip of paper a third person can easily know the details of the particular bundle of papers. This information may further be used by anybody for preparing a detailed analysis of results of all subjects.
 The data structure descriptor is essentially one such identifier of a particular program segment or page. A set of such descriptors arranged in a proper sequence describes the complete program.
 This set of the descriptors may also he called the descriptor table.
 In case of multiprogramming environment many of such sets of descriptors may be available in the system at an instant of time
.  All this sets of descriptors (descriptors table) are prepared and managed by the operating system.
 Thus corresponding to different types of program segments there may be different type of descriptors.
 For example for data segments there may be data segment descriptors, for code segments there may be code segment descriptors, for system programs there are system segments descriptors, for subroutines and interrupt service routines there are gate descriptors or interrupt descriptors etc.

 In PVAM, the 80286 uses the 16-bit content of a segment register as a selector to address a descriptor table stored in physical memory.
 The descriptor is a block of contiguous memory locations containing information of a segment, like segment base address, segment limit, segment type, privilege level, segment availability in physical memory, descriptor type and segment used by another task.
 The base address, i.e. the starting location of a segment is important descriptor information.
 The segment limit indicates the maximum size of a segment.
 Thus using the base address of a segment and the segment limit, one can determine the last location in the segment.
 Similarly, each segment has a type and its privilege level, which indicate the importance of the segment.
 The privilege level indicates the privilege measure of a segment. A segment with lower privilege level will not be allowed to access another segment having higher privilege, thus offering protection to the segment from the unauthorized accesses.
 Moreover, a certain segment may or may not be present in the physical memory at a given time instant. This information is also stored in a descriptor.
 Finally, important information, i.e. whether the segment has been accessed by another task in the past, is also stored in the segment descriptor. This information helps in deciding, whether the segment should be unswapped from the physical memory or not.
 A segment which has not been accessed in the recent past may probably be unswapped from the main memory. The segment base address is a 24-bit pointer that addresses the first location in that segment. This 24-bit segment base address is added with 16-bit offset to calculate a 24-bit physical address. The maximum segment size will be of 64 KB, since the offset is only of 16 bits.
Descriptors and Their Types
• In general, descriptors carry all the relevant information regarding a segment and its access rights. Besides this information, special types of descriptors which are used to carry out additional functions like transfer of control and task switching may have additional information.
• The 80286 has segment descriptors for code, stack and data segments as basic descriptors.
• In addition to this, it has system control descriptors for special system data segments and control transfer operations

• Each descriptor is 8-bytes long.
• The information stored in the 8-bytes of a descriptor can be used by the operating system to support the implementation of memory management and protection schemes.
• For accessing any program segment or page its descriptor is first accessed and its access rights byte contents are verified with those of the requesting program.
• If the contents of accesses rights byte allow only then can the requesting program access the program segment corresponding to the descriptor.
• The base and limit fields of the descriptor contain information which is used for finding out physical address of the program segment corresponding to the descriptor at which the program segment is placed for the execution of the program.
• The Intel reserved bytes are reserved by Intel for future use and compatibility with future processors.
• Code or data segment descriptor contains 16 bit segment limit, 24 bit segment base address, 8 bit access right bye and the remaining 16 bits are reserved by Intel for upward compatibility.
• Code segment descriptors are generally used to refer code segments and data segment descriptors are used to refer data segment.

• In addition to code and data segment descriptors, the other types of descriptors with S = 0 are used by 80286 to store system data and execution state of a task (for multitasking system). These are called as system segment Descriptors.
• There are seven types of system descriptors and type 4 to type 7 is called gate descriptors. These gate descriptors are used to control the access of entry points within the code to be executed.
Local and Global Descriptor Table: -
Every descriptor required by a task is either in a Local Descriptor table (LDT) or Global Descriptor Table (GDT). A descriptor table is an array of 8 KB descriptor. This means there may 8 KB descriptors are in a descriptor table.
o A Global Descriptor table contains Global Descriptors common for all the tasks.
o A Local Descriptor table contains descriptor specific to a particular task.

Interrupt Descriptor Table: -
• Beside the local and global descriptor tables, the 80286 has a third type of descriptor table known as Interrupt Descriptor Table (IDT).
• Theses are used to store task gates, interrupt gates and trap gates.
• The IDT has a 24 bit base address and 16 bit limit register in the CPU.
• Instruction LIDT (Load Interrupt Descriptor Table) loads these internal registers with a 6 byte value in the same way as the LGDT instruction.


• The 80286 supports a four level hierarchical privilege mechanism to control the access to descriptors and hence to the corresponding segments of the task.
• The control of the access to descriptors results in the prevention of unwanted or undue access to any of the code or data segments or unintentional interference in the higher privilege level tasks.
• Level 0 is the most privilege level while level 4 is the least.
• The privilege levels provide protection within a task. The operating system, interrupt handlers and other system softwares can be protected from unauthorized accesses in virtual address space of each task using the privilege mechanism.
• Each task in the system has a separate stack for each of privilege levels.
• The privilege mechanism offers or denies access to a segment at the behest of the privilege bits of the corresponding descriptor.
• The task privilege controls the use of instructions and descriptors.
• Fig show the four level privilege mechanism. The capabilities of the privilege mechanism are explored using the privileged instructions.

Task Privilege
• Each task is assigned a privilege level, which indicates the priority or privilege of that task.
• Any one of the four privilege levels may be used to execute a task.
• The task privilege level at that instant is called the Current Privilege Level (CPL).
• The CPL defined by the lower order two bits of the CS register for an executable segment.
• The task begins execution at the selected CPL values specified by the CS within TSS.
• If it is initiated via a task switch operation; task executing at level 0.
• The most privileged level, can access all the data segments defined in GDT and the LDT of the task.
• The least privileged level will have the most limited accesses to data and other descriptors.
Descriptor Privilege
• The descriptor privilege is specified by the DPL field of the access rights byte.
• The DPL specifies the least task privilege level (CPL) that may be used to refer to the descriptor.
• Hence the task with privilege level 0 can refer to all the lower level privilege descriptors.
• However, the task with privilege level 3 can refer to only level 3 descriptors.
• This rule applies to all the descriptors except the LDT descriptors.
Selector Privilege
• This privilege is specified by the RPL field of a segment register (selector).
• A selector RPL may use a less trusted privilege than the current privilege level for further use.
• This is known as the Effective Privilege Level (EPL) of the task.
• The effective privilege level is thus the maximum of RPL and CPL (i.e. numeric maximum and privilege minimum).
• The RPL is used to ensure that the pointer parameters passed to a more privileged procedure are not given the access of data at the privilege higher than the caller routine.
• The pointer testing instructions are used for this purpose.
Descriptor Access and Privilege Check
• The task requesting an access to a descriptor is allowed access to it and to the corresponding segment only after checking
(a) Type of the descriptor
(b) Privilege level (CPL. RPL, DPL).
• The basic types of segment accesses are control transfers (in which selectors are loaded into CS) and data accesses (in which the new selectors are loaded either in ES or DS or SS).

The 80286 carries out five operations, which should be studied in details before we start with the bus cycles and instruction set. These are; -
i) Processor reset and initialization
ii) Task Switch operations
iii)Pointer Testing instructions
iv) Protected mode initialization
v) How to enter protected mode?
vi) Halt
Processor reset and initialization: -
The processor is reset by applying a high on RESEST input that terminates all the execution and internal bus activities till RESET remains high.
Task Switch operations: -
The 80286 supports multitasking, i.e. more than one task may be ready for execution at a time. A job may be divided into a number of tasks. These tasks are to be executed one by one using 80286, for completion of the job. A number of task allocation strategies like first come first serve, shortest task first, time sharing, etc have been experimented by the operating system designers.
How to enter Protected Virtual Address Mode (PVAM)?
After the reset, 80286 enter in real mode. The execution of instruction LIDT (Load Interrupt Descriptor Table Base) prepares the 80286 fro protected virtual addressing mode. This instruction loads the 24 bit interrupt table base and 16 bit limit from memory into the interrupt descriptor table register. This instruction also can set the base and limit of interrupt vector table in real mode. Then the PE flag of MSW is set to enter the protected virtual address mode, using the LMSW (Load Machine Status Word) instruction.
This instruction stops program execution and prevents the CPU from restarting, till it is interrupted or RESET is asserted. If the CPU is interrupted in the halt state, the execution starts from the next the instruction after HLT. On the other hand, if the CPU is RESET, the execution starts from the physical address FFFFF0H. The CPU status lines reflect the status.
List and explain various addressing modes of 80286 Microprocessor.
Addressing Modes
The 80286 supports eight addressing modes to access the operands stored in memory. These are briefly discussed as follows:
Register Operand Mode: -
The operand, in this mode, is located in one of the 8-bit or 16-bit general purpose registers.
Immediate Operand Mode: -
In this mode, the immediate operand is included in the instruction itself. In the remaining six addressing modes, the operand is located in a memory segment. A memory operand address, in these modes may be computed using two 16-bit components: segment selector and offset. The different combinations of immediate displacement, base register, pointers and index registers result in the following six operating modes.
Direct Mode: -
The offset is a part of instruction either as 8-bit or 16-bit immediate operand (displacement).
Register Mode: -
The operand is stored either in any of the general purpose registers or in SI, DI, BX or BP.
Based Mode: -
The offset is obtained by adding a displacement and the contents of one of the base registers, either BX or BP.
Indexed Mode: -
The offset is obtained by adding a displacement with the contents of an index register, either SI or DI.
Based Indexed Mode: -
The operand is stored at a location whose address is calculated by adding the contents of any of the base registers with the contents of any of the index registers.
Based Indexed Mode with Displacement: -
In this mode, the offset of the operand is calculated by adding an 8-bit orl6-bit immediate displacement with contents of a base register and an index register. Besides these, a few instructions handle implicit data operands, for example LAHF. A few others may not need any data at all, for example, machine control instructions like HLT, WAIT, LOCK, etc. The 80286 supports all the 8086 supported addressing modes for branching instructions. 80286 Supported Data Types
The 80286 supports the following seven data types:
(i) Integer: - 8-bit or 16-bit signed binary operands using 2’s complement representation.
(ii) Ordinal (unsigned): - 8-bit or 16-bit unsigned numeric value in binary.
(iii) Pointer: - 32-bit pointers consisting of two 16-bit parts for segment selector and offset.
(iv) String: - A data string of maximum 64 Kbytes or 32 K words
(v) ASCII: - Different characters in ASCII standard.
(vi) BCD: - representations and operations on decimal digits 0-9.
(vii) Packed BCD: - Two digit decimal number represented by using BCD symbols.
Additional Instructions in 80286
The 80286 instruction set is upwardly compatible with that of 8086. Most of the instructions of 80286 are the same as the corresponding instructions of 8086. Hence, in this section, we will consider only these instructions which are not available with 8086.
PUSH Immediate
This instruction pushes a 16-bit immediate data to the stack after decrementing SP by 2. If the new value of SP is outside the stack segment limit, a stack fault exception is generated. If the new segment reference is illegal (protected or privileged segment), a general protection exception is generated for a push operation on such addresses. None of the flags are affected.
This instruction pushes AX, CX, DX, BX, and also SP, BP, SI, DI onto the stack. The stack pointer is hence decremented by 16 (eight 2-byte registers). All these registers are pushed in the same order as stated previously. Due to the LIFO structure of the stack, the last pushed register contents appear first, in the stack memory segment. This does not require any operand. A stack fault exception is generated, if the stack segment limit is overrun. This does not affect any flag. When the memory operand overruns the segment limit, exception 13 is generated.
The POPA, i.e. pop all instruction, pops all the contents of the registers DI, SI, BP, SP, BX, DX, CX and AX from the stack in this sequence that is exactly opposite to that of pushing. No operands are required for this instruction. No flags are affected. Exceptions, possibly generated during the execution of this instruction, are exactly the same as PUSH A instruction.
IMUL lmd-Oper
The IMUL instruction multiplies the content of AL with a signed immediate operand and the signed 16-bit result is stored in AX. The CF and OF are cleared, if the AH is a sign extension of AL, else CF and OF are set. If the Imd-oper is a signed 16-bit data, then it is multiplied by signed contents of AX and the signed result is stored in DX: AX combination, with DX as MSB. CF and OF are cleared, if DX is the sign extension of AX, else they are set. All the other flags are undefined. An invalid reference to a memory operand may generate a general protection exception. If a word operand is at the last segment address, exception 13 is generated.
Rotate Source, Count
Actually, this is a group of four instructions containing RCL, RCR, ROL, and ROR. Though these instructions work exactly the same way as in 8086, an additional mode of count is allowed. In 8086, it used to be either I or CL but in 80286 it can be an immediate count up to 31 (decimal). Even if it is above 31, only the lower order five bits are used as the count. Only the OF and CF flags are affected. If the CF is equal to MSB of the operand (source), the overflow flag is cleared, otherwise, it is set to I. If the result is to be written in a write protected segment, a general protection error exception is generated. The same is generated, if an illegal memory reference is tried. If SS Contains an illegal address, a stack fault exception is generated. In the real mode, the exception 13 is generated for the other usual reasons.
This instruction reads a string of byte data or word from a variable port address specified only in DX. The fixed port address can be of 16-bits. No flags are affected by this instruction. The data string read by this instruction is automatically stored in memory at the address pointed by ES:DI, in the same sequence (at the behest of DF) in which they were read in from the addressed port. After execution, the DI is automatically advanced depending upon the direction flag DF, in the same way as the other string instructions. When the value of CPL is greater than that of [OPL, a general protection exception is generated. Also, if the ES:DI is in a write protected segment, the general protection exception is generated. Any reference to stack segment generates a stack fault exception. e.g. INSB ES: DI, DX.
This instruction writes a byte or a word string from the memory location pointed to by DS:S1 to a port pointed to by DX. All other parameters (including significance of DF) of this instruction are similar to the INS instruction. The SI is automatically incremented by 1 for byte and 2 for word operations. e.g.
ENTER (Enter Procedure): -
This instruction prepares a stack structure for parameters of a procedure to be executed further. This instruction which is used by most of the structured high level languages requires two operands. The first operand specifies how many bytes of dynamic stack will be required for the procedure to be executed. The second operand specifies the nesting level of the routine within the program. The format of this instruction is given as follows. ENTER Operand 1, Operand 2. No flags are affected by this instruction. The ENTER instruction determines the number of bytes to be copied into the new stack frame from the previous stack. If the operand 2 is zero, ENTER pushes BR sets BP to SP and then subtracts the operand 1 from SR A stack fault exception is generated, if stack segment limit overrun occurs, operand 1 may be a 16-bit data, while operand 2 may be upto 8-bits depending upon the nesting level.
LEAVE (Leave the Procedure)
This instruction is generally used with high level languages to exit a procedure. This performs exactly the opposite operation to that of ENTER. This liberates all the procedure variables and sets BP to SR returning all the registers to their original values before calling the procedure. The stack memory area used by the procedure is released. The old stack frame is popped back into BP. thus retrieving the original calling program stack. The RET instruction executed after LEAVE, returns the control to the calling program. This does not require any operand. If BP points to a location within the
BOUND (Check Index Against Bound)
This instruction is used to check whether a signed array offset is within the limit defined for it by the starting and ending index. The operand 1 must be greater than or equal to the first operand (starting index) and less than or equal to the second operand (ending index). If these conditions are not met, an exception 5 is generated. The stack fault exception and general protection failure exception are generated for the obvious reasons. In the real address mode, if the second operand is a register, INT 6 is generated. If the second operand is at offset OFFFDH or higher, INT13 is generated. Example
BLOCK is a memory block starting address containing four bytes, two bytes for the starting index and the other two for ending index.
CLTS (Clear Task Switch Flag): -
This instruction clears the task switched flag of the status flag word. This instruction is a privileged instruction to be executed at the level 0 by the operating system software. This instruction records every execution of WAIT and ESC and is trapped. if the MP flag and task switched flag are set. If the privilege level check fails, a general protection error exception is generated, in protected mode. Instructions for Protection Control
LGDT/LIDT: - (Load Global Descriptor/Interrupt Descriptor Table Register).
These instructions respectively load 6 bytes from a memory block pointed to by the effective address of the operand into the global or interrupt descriptor table register. The first word is loaded into the LIMIT field of the descriptor table register. The next three bytes are loaded into the BASE field of the register and the remaining byte is ignored. These instructions are used by operating systems, to prepare the 80286 for protected mode. Example
LGDT Operand
The general protection exception is generated, if the privilege level is not equal to 0. If operand is a register, invalid opcode exception is generated. Any invalid reference to the operand generates general protection error. Also stack fault exception may be generated for the usual reason.
LLDT (Load Local Descriptor Table Register)
The LLDT instruction loads a local descriptor table register from a word operand that contains a selector (14-bit) pointing to a valid global descriptor table. If the global descriptor table has this local descriptor entry, the LDTR is loaded from the entry. This instruction is used by operating systems. No flags are affected. If the privilege level is not 0, a general protection error exception occurs. Also, if the GDT entry is not pointed to by the selector or if the GDT entry does not point to a valid LDT, a general protection error exception is generated. If the LDT descriptor is not present, a descriptor not present exception is generated. The general protection exception and stack fault exceptions are also generated for the usual reasons. Current stack segment, a stack fault e.g. LLDT BP
LMSW/SMSW (Load/Store Machine Status Word)
This loads/stores the MSW from to the effective address of the operand. If the operand points to a write protected segment or if invalid memory reference is tried, a general protection error exception is generated. The stack fault exception is generated for unauthorized stack data accesses or stack segment limit overrun.
LMSW BP ; Load MSW from address DS: BP
SMSW BP ; Store MSW to address ES: BP
SGDT/SIDT (Store Global/ Interrupt Descriptor Table Register): -
The instructions store either global interrupt descriptor table register contents to a 6 byte memory block pointed to by the effective address of the operand, in the same sequence as LGTD/ LIDT instructions do. No flags are affected. The exceptions generated are also the same as that for LGDT/LIDT instructions. If the operand is a register, undefined opcode exception is generated. If the word operand is at OFFFFH, exception 13 is generated. Example
SGDT Operand 1
SIDT Operand 2
LTR/STR (Load/Store Task Register from/to Memory or Register): -
These instructions load) store the contents of the task register from/to a 16-bit register or memory pointed to by the operand. A general protection exception is generated, if there is an attempt of a write operation in a write protected segment or if an invalid memory reference is tried. A stack fault exception is generated for usual reasons. Example
STR [500011]
LTR [3000H]
VERR/VERW (Verify Read/Write Accesses)
The VERR/VERW instructions determine whether the segment pointed to by a 16-bit register or a memory operand can be accessed from the current privilege level. This also determines whether the segment can be read or written to. If the segment is accessible, ZF is set to 1; else it is set to zero. The general protection error exception is generated for an invalid memory reference while the stack fault LSL (Load Segment Limit) This instruction loads the destination operand 2’ that must be a register with a word that specifies the limit of the descriptor pointed to by the selector, i.e. operand 2, if it is accessible. The ZF is set to 1, if the operation is carried out successfully, else. ZF is cleared. A general protection exception and stack fault exceptions are generated for the usual reasons. If tried in the real mode, this instruction generates INT6. Example
LSL Reg, selector
LSL Ax, Selector
LAR (Load Access Rights Byte)
With this instruction, the access rights byte of the descriptor associated with the operand 2 as a selector is loaded into the higher byte of the operand I and the lower byte of the operand 1 is set to 00. All the exceptions generated for this instruction, are similar to those for LSL instruction. Example
LAR Operandi, Operand2
LAR Ax, 5000
is set to 1, it the operation is successful, and otherwise it is cleared. The loading takes place only if the current privilege level and the requested privilege level of the selector support to access the descriptor.
ARPL (Adjust Requested Privilege Level of the Selector): -
The ARPL instruction enables the lower privileged routines to access higher privileged routines or data. Operand 1 of ARPL is a 16-bit memory variable or register that contains a selector value. The operand 2 is a 16-bit register. If the RPL of operand I is less than the RPL field of operand 2, the ZF is set to I and the RPL of operand I is updated to match that of operand 2. Otherwise, ZF is reset to 0 without making any change to RPL of operand 1. If a write protected segment is tried with a write operation or if an invalid memory reference is tried, a general protection exception is generated. Any invalid reference to stack generates a stack fault exception. INT 6 is generated in real address mode, if the execution is tried. Example
ARPL Operand1, Operand2
All the instructions of 80286, which were not available in 8086, were discussed in this section in significant details. With this, we conclude the topic on 80286. We proceed further with a discussion on 80287 that is an 80286 compatible math coprocessor.