Instruction Set 8086


Platforms for writing 8086 assembly programs.

Assembly level language program for the 8086 processors can be written in the following platforms.

  1. Directly as hex codes fed into the RAM and executed on a trainer kit
  2. DOS debug utility of windows
  3. Writing the text file in notepad or gedit and then assembling using the MASM, TASM, NASM assemblers etc.
  4. We can also write and run the program in the IDE of C or C++

Classification of instructions

8086 instructions may be classified as:

  1. Classification based on size of the instruction: As discussed in topic on instruction format 8086 instruction can be from 1 to 6 byte long. The first two bytes indicate the OPCODE and the addressing
  2. Classification based on the addressing modes: The addressing mode affect the size of the instruction. addressing mode specify how the data byte is to be accessed. The addressing mode bits are specified in the 2nd byte (bit7-6) of the instruction format.
  3. Classification based on the function performed by the instructions: This form of classification is based on the function performed by the instruction. This is described in the following paragraph.

Instruction Set of 8086 based on the function performed

In the beginning era microprocessors were programmed using a language of 0’s and 1’s by manually putting certain switches ON and OFF. This language of 0’s and 1’s was called the machine language. Soon engineers came up with the symbolic language in which the binary operation codes were assigned symbols called mnemonic. The set of different mnemonics used for programming the microprocessor are called the instruction set, and the language using the mnemonics is called assembly language. The instruction set of the 8086 fall under the following groups according to their functionality.

Data Transfer Instructions:

Instruction

Description

OPCODE

lENGTH

Flags Effected

No. of T States

Remarks

MOV

Moves data from register to register, register to memory, memory to register, memory to accumulator, accumulator to memory, etc.

MOV AL, reg/mem byte

A0 d0 d1

3

none

10

MOV AX, reg/mem word

A1 d0 d1

3

none

10

MOV AL, imm byte

B0 i0

2

none

4

MOV Ah, imm byte

B4 i0

2

none

4

MOV AX, imm word

B8 i0 i1

3

none

4

MOV CL, imm byte

B1 i0

2

none

4

MOV CH, imm byte

B5 i0

2

none

4

MOV CX, imm word

B9 i0 i1

3

none

4

MOV DL, imm byte

B2 i0

2

none

4

MOV DH, imm byte

B6 i0

2

none

4

MOV DX, imm word

BA i0 i1

3

none

4

MOV BL, imm byte

B3 i0

2

none

4

MOV BH, imm byte

B7 i0

2

none

4

MOV BX, imm word

BB i0 i1

3

none

4

MOV SP, imm word

BC i0 i1

3

none

4

MOV BP, imm word

BD i0 i1

3

none

4

MOV SI, imm word

BE i0 i1

3

none

4

MOV DI, imm word

BF i0 i1

3

none

4

MOV regByte, reg/mem byte

8A mr d0 d1

2~4

none

8+EA (R-to-R)

9+EA (M-to-R)

MOV reg/mem byte, regByte

88 mr d0 d1

2~4

none

8+EA (R-to-R)

9+EA (M-to-R)

MOV reg/mem byte, AL

A2 d0 d1

3

none

2 (Acc-to-reg)

10 (Acc-to-mem)

MOV reg/mem word, AX

A3 d0 d1

3

none

2 (Acc-to-reg)

10 (Acc-to-mem)

MOV reg/mem byte, im byte

C6 mr d0 d1 i0

3~5

none

4 (imm-to-reg)

10 (imm-to-mem)

MOV reg/mem byte, imm word

mr d0 d1 i0 i1

4~6

none

4 (imm-to-reg)

10 (imm-to-mem)

MOV reg/mem byte, rw(16-bit reg)

89 mr d0 d1

2~4

none

2 (r-to-r)

9+EA(r-to-m)

MOV rw(16-bit reg), reg/mem word

8B mr d0 d1

2~4

none

8+EA (m-to-r)

2 (r-to-r)

MOV reg/mem byte, SR

8C mr d0 d1

2~4

none

2 (sr-to-r)

9+EA(sr-to-mem)

MOV segReg, reg/mem word

8E mr d0 d1

2~4

none

2(r-to-sr)

8+EA(mem-to-sr)

LDS

Loads a word from the specified memory locations into specified register. It also loads a word from the next two memory locations into DS register.

LDS rw, memDirect

C5 mr d0 d1

2~4

none

16+EA

LES

Loads a word from the specified memory locations into the specified register. It also loads a word from next two memory locations into ES register.

LES rw, memDirect

C4 mr d0 d1

2~4

none

16+EA

LEA

Loads offset address into the specified register.

LEA rw, memWord/ref

8D mr d0 d1

2~4

none

2+EA

LAHF

Loads low order 8-bits of the flag register into AH register.

LAHF

9F

1

none

4

SAHF

Stores the content of AH register into low order bits of the flags register.

Transfers bits 0-7 of AH into the Flags Register. Flags affected includes AF, CF, PF, SF and ZF

SAHF

9E

1

AF, CF, PF, SF and ZF

4

XLAT/XLATB

Reads a byte from the lookup table.

XLAT

D7

1

none

11

XCHG

Exchanges the contents of the 16-bit or 8-bit specified register with the contents of AX register, specified register or memory locations.

XCHG AX, CX

91

1

none

3

XCHG AX, DX

92

1

none

3

XCHG AX, BX

93

1

none

3

XCHG AX, SP

94

1

none

3

XCHG AX, BP

95

1

none

3

XCHG AX, SI

96

1

none

3

XCHG AX, DI

97

1

none

3

XCHG regByte, reg/memByte

86 mr d0 d1

2~4

none

4(r-to-r)

17+EA(r-to-mem)

XCHG reg/memByte, regByte

86 mr d0 d1

2~4

none

4(r-to-r)

17+EA(r-to-mem)

XCHG reg/memWord, regWord

87 mr d0 d1

2~4

none

4(r-to-r)

17+EA(r-to-mem)

XCHG regWord, reg/memWord

87 mr d0 d1

2~4

none

4(r-to-r)

17+EA(r-to-mem)

PUSH

Pushes (sends, writes or moves) the content of a specified register or memory location(s) onto the top of the stack.

PUSH AX

50

1

none

11

PUSH CX

51

1

none

11

PUSH DX

52

1

none

11

PUSH BX

53

1

none

11

PUSH SP

54

1

none

11

PUSH BP

55

1

none

11

PUSH SI

56

1

none

11

PUSH DI

57

1

none

11

PUSH ES

06

1

none

10

PUSH CS

0E

1

none

10

PUSH SS

16

1

none

10

PUSH DS

1E

1

none

10

PUSH memWord

0F A0

2~4

none

16+EA

POP

Pops (reads) two bytes from the top of the stack and keeps them in a specified register, or memory location(s).

POP AX

58

1

none

8

POP CX

59

1

none

8

POP DX

5A

1

none

8

POP BX

5B

1

none

8

POP SP

5C

1

none

8

POP BP

5D

1

none

8

POP SI

5E

1

none

8

POP DI

5F

1

none

8

POP ES

07

1

none

8

POP SS

17

1

none

8

POP DS

1F

1

none

8

POP memWord

8F mr d0 d1

2~4

none

17+EA

PUSHF

Transfers the Flags Register onto the stack. PUSHF saves a 16 bit value while PUSHFD (386 mp) saves a 32 bit value

PUSHF

9C

1

none

10

POPF

Pops word/doubleword from stack into the Flags Register and then increments SP by 2 (for POPF) or 4 (for POPFD).

POPF

9D

1

All Flags

8

IN

Transfers data from a port to the accumulator or AX, DX or AL register.

IN

IN AL, imm byte Port

E4 i0

2

none

10

IN AL, DX

EC

1

none

8

IN AX, imm byte Port

E5 i0

2

none

10

IN AX, DX

1

none

8

OUT

Transfers byte in AL,word in AX or dword in EAX to the specified hardware port address. If the port number is in the range of 0-255 it can be specified as an immediate.

If greater than 255 then the port number must be specified in DX.

Since the PC only decodes 10 bits of the port address, values over 1023 can only be decoded by third party vendor equipment and also map to the port range 0-1023

OUT DX, AL

EE

1

none

8

OUT DX, AX

EF

1

none

8

OUT immByte, AL

E6 i0

2

none

10

OUT imm byte Port, AX

E7 i0

2

none

10

Arithmetic Instructions

Instructions of this group perform addition, subtraction, multiplication, division, increment, decrement, comparison, ASCII and decimal adjustment etc.

The following instructions come under this category:

Instruction

Description

OPCODE

OP xx xx xx xx xx

Length

Flags Effected

Remarks

T States

ADD

Adds data to the accumulator i.e. AL or AX register or memory locations.

ADD AL, Imm byte

04 i0

2

AF CF OF SF PF ZF

I0 Immediate word value
4

ADD AX, Imm Word

05 i0 i1

3

AF CF OF SF PF ZF

i0 i1
Immediate word value
4

ADD rd, reg/mem

02 mr d0 d1

2~4

AF CF OF SF PF ZF

mr
Addressing mode Byte = MODRM(mod-reg-r/m)
d0 d1
Displacement [Low-byte High-byte]
3(r-to-r)
9+EA(mem-toreg)

ADD rd16, reg/mem

03 mr d0 d1

2~4

AF CF OF SF PF ZF

mr
Addressing mode Byte = MODRM(mod-reg-r/m)
d0 d1
Displacement [Low-byte High-byte]
3(r-to-r)
9+EA(mem-toreg)

ADD reg/mem, 8-bit imm byte

80 /0 d0 d1 i0

3~5

AF CF OF SF PF ZF

d0 d1
Displacement [Low-byte High-byte]
i0 Immediate word value
4(imm-to-reg)
17+EA(imm-to-mem)

ADD rmw,16-bit imm word

81 /0 d0 d1 i0 i1

4~6

AF CF OF SF PF ZF

d0 d1
Displacement [Low-byte High-byte]
i0 i1
Immediate word value
4(imm-to-reg)
17+EA(imm-to-mem)

ADD reg/mem,ib

83 /0 d0 d1 i0

3~5

AF CF OF SF PF ZF

d0 d1
Displacement [Low-byte High-byte]
i0
Immediate word value
4(imm-to-reg)
17+EA(imm-to-mem)

ADD reg/mem, rs

00 mr d0 d1

2~4

AF CF OF SF PF ZF

mr
Addressing mode Byte = MODRM(mod-reg-r/m)
d0 d1
Displacement [Low-byte High-byte]
3(reg-to-reg)
16+EA(reg-to-mem)

ADD reg/mem, rs 16-bit

01 mr d0 d1

2~4

AF CF OF SF PF ZF

mr
Addressing mode Byte = MODRM(mod-reg-r/m)
d0 d1
Displacement [Low-byte High-byte]
3(reg-to-reg)
16+EA(reg-to-mem)

ADC

Adds specified operands and the carry status (i.e. carry of the previous stage).

ADC AL, Imm. Byte

14 i0

2

AF CF OF SF PF ZF

I0 Immediate word value
4

ADC AX, Imm Word

15 i0 i1

3

AF CF OF SF PF ZF

i0 i1
Immediate word value
4

ADC rd, reg/mem

12 mr d0 d1

2~4

AF CF OF SF PF ZF

mr
Addressing mode Byte = MODRM(mod-reg-r/m)
d0 d1
Displacement [Low-byte High-byte]
9+EA(mem-to-reg)
3(reg-to-reg)

ADC rd16, reg/mem

13 mr d0 d1

2~4

AF CF OF SF PF ZF

mr
Addressing mode Byte = MODRM(mod-reg-r/m)
d0 d1
Displacement [Low-byte High-byte]
9+EA(mem-to-reg)
3(reg-to-reg)

ADC reg/mem, 8-bit imm byte

80 /2 d0 d1 i0

3~5

AF CF OF SF PF ZF

d0 d1
Displacement [Low-byte High-byte]
i0 Immediate word value
4(imm-to-reg)
17+EA(imm-to-mem)

ADC rmw,16-bit imm word

81 /2 d0 d1 i0 i1

4~6

AF CF OF SF PF ZF

d0 d1
Displacement [Low-byte High-byte]
i0 i1
Immediate word value
4(imm-to-reg)
17+EA(imm-to-mem)

ADC reg/mem,ib

83 /2 d0 d1 i0

3~5

AF CF OF SF PF ZF

d0 d1
Displacement [Low-byte High-byte]
i0
Immediate word value
4(imm-to-reg)
17+EA(imm-to-mem)

ADC reg/mem, rs

10 mr d0 d1

2~4

AF CF OF SF PF ZF

mr
Addressing mode Byte = MODRM(mod-reg-r/m)
d0 d1
Displacement [Low-byte High-byte]
9+EA(mem-to-reg)
3(reg-to-reg)

ADC reg/mem, rs 16-bit

11 mr d0 d1

2~4

AF CF OF SF PF ZF

mr
Addressing mode Byte = MODRM(mod-reg-r/m)
d0 d1
Displacement [Low-byte High-byte]
9+EA(mem-to-reg)
3(reg-to-reg)

SUB

Subtract immediate data from accumulator, memory or register.

SUB AL, immByte

2C i0

2

AF CF OF SF PF ZF

i0
Immediate word value
4

SUB AX, Imm Word

2D i0 i1

3

AF CF OF SF PF ZF

i0 i1
Immediate word value
4

SUB regByte, reg/memByte

2A mr d0 d1

2~4

AF CF OF SF PF ZF

mr
Addressing mode Byte = MODRM(mod-reg-r/m)
d0 d1
Displacement [Low-byte High-byte]
3(reg-to-reg)
9+EA(mem-from-reg)

SUB regWord, reg/memWord

2B mr d0 d1

2~4

AF CF OF SF PF ZF

mr
Addressing mode Byte = MODRM(mod-reg-r/m)
d0 d1
Displacement [Low-byte High-byte]
3(reg-to-reg)
9+EA(mem-from-reg)

SUB reg/memByte, imm byte

80 /5 d0 d1 i0

3~5

AF CF OF SF PF ZF

d0 d1
Displacement [Low-byte High-byte]
i0 Immediate word value
4(imm-from-reg)
17+EA(imm-from-mem)

SUB reg/memWord,imm word

81 /5 d0 d1 i0 i1

4~6

AF CF OF SF PF ZF

d0 d1
Displacement [Low-byte High-byte]
i0 i1
Immediate word value
4(imm-from-reg)
17+EA(imm-from-mem)

SUB reg/memWord,ib

83 /5 d0 d1 i0

3~5

AF CF OF SF PF ZF

d0 d1
Displacement [Low-byte High-byte]
i0
Immediate word value
4(imm-from-reg)
17+EA(imm-from-mem)

SUB reg/memByte, regByte

28 mr d0 d1

2~4

AF CF OF SF PF ZF

mr
Addressing mode Byte = MODRM(mod-reg-r/m)
d0 d1
Displacement [Low-byte High-byte]
4(reg-from-reg)
16+EA(reg-from-mem)

SUB reg/memWord, regWord

29 mr d0 d1

2~4

AF CF OF SF PF ZF

mr
Addressing mode Byte = MODRM(mod-reg-r/m)
d0 d1
Displacement [Low-byte High-byte]
4(reg-from-reg)
16+EA(reg-from-mem)

SBB

Subtract immediate data with borrow from accumulator, memory or register.

SBB AL, Imm byte

1C i0

2

AF CF OF SF PF ZF

I0 Immediate word value
4

SBB AX, Imm Word

1D i0 i1

3

AF CF OF SF PF ZF

i0 i1
Immediate word value
4

SBB regByte, reg/memByte

1A mr d0 d1

2~4

AF CF OF SF PF ZF

mr
Addressing mode Byte = MODRM(mod-reg-r/m)
d0 d1
Displacement [Low-byte High-byte]
3(reg-from-reg)
9+EA(mem-from-reg)

SBB regWord, reg/memWord

1B mr d0 d1

2~4

AF CF OF SF PF ZF

mr
Addressing mode Byte = MODRM(mod-reg-r/m)
d0 d1
Displacement [Low-byte High-byte]
3(reg-from-reg)
9+EA(mem-from-reg)

SBB reg/memByte, imm byte

80 /3 d0 d1 i0

3~5

AF CF OF SF PF ZF

d0 d1
Displacement [Low-byte High-byte]
i0 Immediate word value
4(imm-from-reg)
17+EA(imm-from mem)

SBB reg/memWord,imm word

81 /3 d0 d1 i0 i1

4~6

AF CF OF SF PF ZF

d0 d1
Displacement [Low-byte High-byte]
i0 i1
Immediate word value
4(imm-from-reg)
17+EA(imm-from mem)

SBB reg/memWord,ib

83 /3 d0 d1 i0

3~5

AF CF OF SF PF ZF

d0 d1
Displacement [Low-byte High-byte]
i0
Immediate word value
4(imm-from-reg)
17+EA(imm-from mem)

SBB reg/memByte, regByte

18 mr d0 d1

2~4

AF CF OF SF PF ZF

mr
Addressing mode Byte = MODRM(mod-reg-r/m)
d0 d1
Displacement [Low-byte High-byte]
3(reg-from-reg)
16+EA(reg-from-mem)

SBB reg/memWord, regWord

19 mr d0 d1

2~4

3(reg-from-reg)
16+EA(reg-from-mem)

MUL

ADD reg/mem, rs 16-bit

MUL reg/memByte

F6 /4 d0 d1

2~4

CF OF (AF,PF,SF,ZF undefined)

70-77 (8-bit reg)

(76-83) +EA) ( 8bit memory)

MUL reg/ memWord

F7 /4 d0 d1

2~4

118-133 (16-bit reg)

(124-139) +EA) ( 16-bit memory)

IMUL

Signed 8-bit or 16-bit multiplication. Signed multiplication of accumulator by “src” with result placed
in the accumulator. If the source operand is a byte value, it is multiplied by AL and the result stored in AX. If the source operand is a word value it is multiplied by AX and the result is stored in DX:AX. Other variations of this instruction allow specification of source and destination registers as well as a third immediate factor

IMUL reg /mem byte

F6 /5 d0 d1

2~4

CF OF (AF,PF,SF,ZF undefined)

.

80-98 (8-bit reg)

(86-104)+EA (8-bit memory)

IMUL reg /mem word

F7 /5 d0 d1

2~4

128-154(16-bit reg)

(134-160)+EA(16-bit mem)

DIV

Unsigned 8-bit or 16-bit division. If the source divisor is a byte value then AX is divided by “src” and the quotient is placed in AL and the remainder in AH. If source operand is a word value, then DX:AX is divided by “src” and the quotient is stored in AX and the remainder in DX.

DIV reg/mem byte

F6 /6 d0 d1

2~4

(AF,CF,OF,PF,SF,ZF undefined)

80-90 (8-bit Reg)

(86-96)+EA(8-bit mem)

DIV reg/mem word

F7 /6 d0 d1

2~4

(AF,CF,OF,PF,SF,ZF undefined)

144-162(16-bit reg)

(150-168)+EA(16-bit mem)

IDIV

Signed 8-bit or 16-bit division. Signed binary division of accumulator by source. If source is a
byte value, AX is divided by “src” and the quotient is stored in AL and the emainder in AH. If source is a word value, DX:AX is divided by “src”, and the quotient is stored in AL and the remainder in DX.

IDIV reg/mem byte

F6 /7 d0 d1

2~4

(AF,CF,OF,PF,SF,ZF undefined)

r

101-112(8-bit reg)

(107-118)+EA (8-bit mem)

IDIV reg/mem word

F7 /7 d0 d1

2~4

165-184(16-bit reg)

(171-190)+EA (16-bit mem)

INC

Increment Register or memory by 1.

INC AX

40

1

AF OF PF SF ZF

2

INC CX

41

1

AF OF PF SF ZF

2

INC DX

42

1

AF OF PF SF ZF

2

INC BX

43

1

AF OF PF SF ZF

2

INC SP

44

1

AF OF PF SF ZF

2

INC BP

45

1

AF OF PF SF ZF

2

INC SI

46

1

AF OF PF SF ZF

2

INC DI

47

1

AF OF PF SF ZF

2

INC reg/mem byte

FE /1 d0 d1

2~4

AF OF PF SF ZF

3

INC reg/mem word

FF /1 d0 d1

2~4

AF OF PF SF ZF

2

DEC

Decrement register or memory by 1.

DEC AX

48

1

AF OF PF SF ZF

2

DEC CX

49

2

DEC DX

41

2

DEC BX

4B

2

DEC SP

4C

1

AF OF PF SF ZF

2

DEC BP

4D

1

AF OF PF SF ZF

2

DEC SI

4E

1

AF OF PF SF ZF

2

DEC DI

4F

1

AF OF PF SF ZF

2

DEC reg/mem byte

FE /1 d0 d1

2~4

AF OF PF SF ZF

3

DEC reg/mem word

FF /1 d0 d1

2~4

AF OF PF SF ZF

2

DAA

Decimal Adjust after BCD Addition: When two BCD numbers are added, the DAA is used after ADD or ADC instruction to get correct answer in BCD.

DAA

27

1

AF CF PF SF ZF (OF undefined)

 

4

DAS

Decimal Adjust after BCD Subtraction: When two BCD numbers are added, the DAS is used after SUB or SBB instruction to get correct answer in BCD.

DAS

2F

1

AF CF PF SF ZF (OF undefined)

4

AAA

ASCII Adjust for Addition: When ASCII codes of two decimal digits are added, the AAA is used after addition to get correct answer in unpacked BCD.

AAA

37

1

——a-

4

AAD

Adjust AX Register for Division: It converts two unpacked BCD digits in AX to the equivalent binary number. This adjustment is done before dividing two unpacked BCD digits in AX by an unpacked BCD byte.

AAD

D5 0A

02

—-sz-p

60

AAM

Adjust result of BCD Multiplication: This instruction is used after the multiplication of two unpacked BCD.

Useage: AAM

AAM

D4 0A

2

—-sz-p

83

AAS

ASCII Adjust for Subtraction: This instruction is used to get the correct result in unpacked BCD after the subtraction of the ASCII code of a number from ASCII code another number.

Useage : AAS

AAS

3F

1

——a-c

4

CBW

Convert signed Byte to signed Word. Useage : CBW

CBW

98

1

none

2

CWD

Convert signed Word to signed Doubleword. Useage : CWD

CWD

99

1

none

5

NEG

Obtains 2’s complement (i.e. negative) of the content of an 8-bit or 16-bit specified register or memory location(s). Subtracts the destination from 0 and saves the 2s complement of “dest” back into “dest”.

NEG reg/memByte

F6 /3 d0 d1

2~4

AF CF OF PF SF ZF

3 (reg)

16+EA(mem)

NEG reg/memWord

F7 /3 d0 d1

2~4

3 (reg)

16+EA(mem)

CMP

Compare Immediate data, register or memory with accumulator, register or memory location(s).

CMP AL, Imm byte

3C i0

2

AF CF OF SF PF ZF

I0 Immediate word value
4

CMP AX, Imm Word

3D i0 i1

3

AF CF OF SF PF ZF

i0 i1
Immediate word value
4

CMP rd, reg/mem

3A mr d0 d1

2~4

AF CF OF SF PF ZF

mr
Addressing mode Byte = MODRM(mod-reg-r/m)
d0 d1
Displacement [Low-byte High-byte]
4 (reg-to-reg)
9+EA(mem-to-reg)

CMP rd16, reg/mem

3B mr d0 d1

2~4

AF CF OF SF PF ZF

mr
Addressing mode Byte = MODRM(mod-reg-r/m)
d0 d1
Displacement [Low-byte High-byte]
4 (reg-to-reg)
9+EA(mem-to-reg)

CMP reg/mem, 8-bit imm byte

80 /7 d0 d1 i0

3~5

AF CF OF SF PF ZF

d0 d1
Displacement [Low-byte High-byte]
i0 Immediate word value
4(imm-to-reg)
10+EA(imm-to-mem)

CMP rmw,16-bit imm word

81 /7 d0 d1 i0 i1

4~6

AF CF OF SF PF ZF

d0 d1
Displacement [Low-byte High-byte]
i0 i1
Immediate word value
4(imm-to-reg)
10+EA(imm-to-mem)

CMP reg/mem,ib

83 /7 d0 d1 i0

3~5

AF CF OF SF PF ZF

d0 d1
Displacement [Low-byte High-byte]
i0
Immediate word value
4(imm-to-reg)
10+EA(imm-to-mem)

CMP reg/mem, rs

38 mr d0 d1

2~4

AF CF OF SF PF ZF

mr
Addressing mode Byte = MODRM(mod-reg-r/m)
d0 d1
Displacement [Low-byte High-byte]
3(reg-to-reg)
9+EA(reg-to-mem)

CMP reg/mem, rs 16-bit

39 mr d0 d1

2~4

AF CF OF SF PF ZF

mr
Addressing mode Byte = MODRM(mod-reg-r/m)
d0 d1
Displacement [Low-byte High-byte]
3(reg-to-reg)
9+EA(reg-to-mem)

Logical Instructions

Instruction

Description

AND

Performs bit by bit logical AND operation of two operands and places the result in the specified destination.

AND AL, imm byte

24 i0

2

CF OF SF PF ZF

i0
Immediate word value
4

AND AX, Imm Word

25 i0 i1

3

CF OF SF PF ZF

i0 i1
Immediate word value
4

AND rd, reg/memByte

22 mr d0 d1

2~4

CF OF SF PF ZF

mr
Addressing mode Byte = MODRM(mod-reg-r/m)
d0 d1
Displacement [Low-byte High-byte]
3 (reg-to-reg)
9+EA(reg-to-mem)

AND rd16, reg/memWord

23 mr d0 d1

2~4

CF OF SF PF ZF

mr
Addressing mode Byte = MODRM(mod-reg-r/m)
d0 d1
Displacement [Low-byte High-byte]
3 (reg-to-reg)
9+EA(reg-to-mem)

AND reg/mem, 8-bit imm byte

80 /4 d0 d1 i0

3~5

CF OF SF PF ZF

d0 d1
Displacement [Low-byte High-byte]
i0 Immediate word value
4 (reg-to-imm)
17+EA (mem-to-imm)

AND rmw,16-bit imm word

81 /4 d0 d1 i0 i1

4~6

AF CF OF SF PF ZF

d0 d1
Displacement [Low-byte High-byte]
i0 i1
Immediate word value
4 (reg-to-imm)
17+EA (mem-to-imm)

AND reg/mem,ib

83 /4 d0 d1 i0

3~5

CF OF SF PF ZF

d0 d1
Displacement [Low-byte High-byte]
i0 i1
Immediate word value
4 (reg-to-imm)
17+EA (mem-to-imm)

AND reg/memByte, rs

20 mr d0 d1

2~4

CF OF SF PF ZF

mr
Addressing mode Byte = MODRM(mod-reg-r/m)
d0 d1
Displacement [Low-byte High-byte]
3(REG-TO-REG)
16+ea (MEM-TO-REG)

AND reg/memWord, rs 16-bit

21 mr d0 d1

2~4

CF OF SF PF ZF

mr
Addressing mode Byte = MODRM(mod-reg-r/m)
d0 d1
Displacement [Low-byte High-byte]
3(REG-TO-REG)
16+ea (MEM-TO-REG)

OR

Logical inclusive OR of the two operands returning the result in the destination. Any bit set in either operand will be set in the destination

OR AL, immByte

0C i0

2

CF OF PF SF ZF (AF undefined)

4

OR AX, immWord

0D i0

3

4

OR regByte, reg/memByte

0A mr d0 d1

2~4

3 (reg-to-reg)
9+EA(reg-to-mem)

OR regWord, reg/memWord

0B mr d0 d1

2~4

3 (reg-to-reg)
9+EA(reg-to-mem)

OR reg/memByte, immByte

80 /1 d0 d1 i0

3~5

4 (reg-to-imm)
17+EA (mem-to-imm)

OR reg/memWord, immWord

81 /1 d0 d1 i0 i1

4~6

4 (reg-to-imm)
17+EA (mem-to-imm)

OR reg/memWord, immByte

83 /1 d0 d1 i0

3~5

4 (reg-to-imm)
17+EA (mem-to-imm)

OR reg/memWord, regByte

08 mr d0 d1

2~4

3(REG-TO-REG)
16+ea (MEM-TO-REG)

OR reg/memWord, regWord

09 mr d0 d1

2~4

3(REG-TO-REG)
16+ea (MEM-TO-REG)

XOR

Performs a bitwise exclusive OR of the operands and returns the result in the destination.

XOR AL, immByte

34 i0

2

CF OF PF SF ZF (AF undefined)

4

XOR AX, immWord

35 i0

3

4

XOR regByte, reg/memByte

32 mr d0 d1

2~4

3 (reg-to-reg)
9+EA(reg-to-mem)

XOR regWord, reg/memWord

33 mr d0 d1

2~4

3 (reg-to-reg)
9+EA(reg-to-mem)

XOR reg/memByte, immByte

80 /6 d0 d1 i0

3~5

4 (reg-to-imm)
17+EA (mem-to-imm)

XOR reg/memWord, immWord

81 /6 d0 d1 i0 i1

4~6

4 (reg-to-imm)
17+EA (mem-to-imm)

XOR reg/memWord, immByte

83 /6 d0 d1 i0

3~5

4 (reg-to-imm)
17+EA (mem-to-imm)

XOR reg/memWord, regByte

30 mr d0 d1

2~4

3(REG-TO-REG)
16+EA (MEM-TO-REG)

XOR reg/memWord, regWord

31 mr d0 d1

2~4

3(REG-TO-REG)
16+EA (MEM-TO-REG)

NOT

One’s Compliment Negation (Logical NOT). nverts the bits of the “dest” operand forming the 1s complement.

NOT reg / memByte

F6 /2 d0 d1

2~4

none

3(reg)
16+EA(memory)

NOT reg / memWord

F7 /2 d0 d1

2~4

none

3(reg)
16+EA(memory)

TEST

Test for Bit pattern. Performs a logical AND of the two operands updating the flags register without saving the result.

TEST AL, immByte

A8 i0

2

CF OF PF SF ZF (AF undefined)

4

TEST AX, immWord

A9 i0 i1

3

4

TEST reg/memByte, immByte

F6 /0 d0 d1 i0

3~5

5(imm-to-reg)

11+EA(imm-to-mem)

TEST reg/memWord, immWord

F7 /0 d0 d1 i0 i1

4~6

5(imm-to-reg)

11+EA(imm-to-mem)

TEST reg/memByte, reg/memByte

84 mr d0 d1

2~4

3(reg-to-reg)

9+EA (mem-to-reg)

TEST reg/memWord, reg/memWord

85 mr d0 d1

2~4

3(reg-to-reg)

9+EA (mem-to-reg)

Rotate Instruction

Instruction

Description

OPCODE

Flags Effected

No. of T States

RCL

Rotate all bits of the operand left by specified number of bits through carry flag, with
all data pushed out the left side re-entering on the right. The Carry Flag holds the last bit rotated out.

RCL reg/memByte, 1

D0 /2 d0 d1

2~4

CF OF

2(reg-with-single shift)

15+EA(mem-with-single shift)

RCL reg/memByte, CL

D2 /2 d0 d1

2~4

CF OF

8+4/bit(reg-with var shift)

20+EA+4/bit(mem-with var shift)

RCL reg/memWord, 1

D1 /2 d0 d1

2~4

CF OF

2 (reg-with-single shift)

15+EA(mem-with-single shift)

RCL reg/memWord, CL

D3 /2 d0 d1

2~4

CF OF

8+4/bit(reg-with var shift)

20+EA+4/bit(mem-with var shift)

RCR

Rotate all bits of the operand right by specified number of bits through carry flag.

Rotates the bits in the destination to the right “count” times with
all data pushed out the right side re-entering on the left. The
Carry Flag holds the last bit rotated out

RCR reg/memByte, 1

D0 /3 d0 d1

2~4

CF OF

2(reg-with-single shift)

15+EA(mem-with-single shift)

RCR reg/memByte, CL

D2 /3 d0 d1

2~4

CF OF

8+4/bit(reg-with var shift)

20+EA+4/bit(mem-with var shift)

RCR reg/memWord, 1

D1 /3 d0 d1

2~4

CF OF

2 (reg-with-single shift)

15+EA(mem-with-single shift)

RCR reg/memWord, CL

D3 /3 d0 d1

2~4

CF OF

8+4/bit(reg-with var shift)

20+EA+4/bit(mem-with var shift)

ROL

Rotate all bits of the operand left by specified number of bits, with all data pushed out the left side re-entering on the right. The Carry Flag will contain the value of the last bit rotated out.

ROL reg/memByte, 1

D0 /0 d0 d1

2~4

CF OF

2(reg-with-single shift)

15+EA(mem-with-single shift)

ROL reg/memByte, CL

D2 /0 d0 d1

2~4

CF OF

8+4/bit(reg-with var shift)

20+EA+4/bit(mem-with var shift)

ROL reg/memWord, 1

D1 /0 d0 d1

2~4

CF OF

2 (reg-with-single shift)

15+EA(mem-with-single shift)

ROL reg/memWord, CL

D3 /0 d0 d1

2~4

CF OF

8+4/bit(reg-with var shift)

20+EA+4/bit(mem-with var shift)

ROR

Rotate all bits of the operand right by specified number of bits, with all data pushed out the right side re-entering on the left. The Carry Flag will contain the value of the last bit rotated out.

ROR reg/memByte, 1

D0 /1 d0 d1

2~4

CF OF

2(reg-with-single shift)

15+EA(mem-with-single shift)

ROR reg/memByte, CL

D2 /1 d0 d1

2~4

CF OF

8+4/bit(reg-with var shift)

20+EA+4/bit(mem-with var shift)

ROR reg/memWord, 1

D1 /1 d0 d1

2~4

CF OF

2 (reg-with-single shift)

15+EA(mem-with-single shift)

ROR reg/memWord, CL

D3 /1 d0 d1

2~4

CF OF

8+4/bit(reg-with var shift)

20+EA+4/bit(mem-with var shift)

Shift Instructions

Instruction

Description

OPCODE

Flags Effected

No. of T States

SAL or SHL

Shifts each bit of operand left by specified number of bits and put zero in LSB position. The Carry Flag contains the last bit shifted out

SAL reg/memByte, 1

D0 /4 d0 d1

2~4

CF OF PF SF ZF (AF undefined)

2(reg-with-single shift)

15+EA(mem-with-single shift)

SAL reg/memByte, CL

D2 /4 d0 d1

2~4

CF OF PF SF ZF (AF undefined)

8+4/bit(reg-with var shift)

20+EA+4/bit(mem-with var shift)

SAL reg/memWord, 1

D1 /4 d0 d1

2~4

CF OF PF SF ZF (AF undefined)

2 (reg-with-single shift)

15+EA(mem-with-single shift)

SAL reg/memWord, CL

D3 /4 d0 d1

2~4

CF OF PF SF ZF (AF undefined)

8+4/bit(reg-with var shift)

20+EA+4/bit(mem-with var shift)

SHL reg/memByte, 1

D0 /4 d0 d1

2~4

CF OF PF SF ZF (AF undefined)

2(reg-with-single shift)

15+EA(mem-with-single shift)

SHL reg/memByte, CL

D2 /4 d0 d1

2~4

CF OF PF SF ZF (AF undefined)

8+4/bit(reg-with var shift)

20+EA+4/bit(mem-with var shift)

SHL reg/memWord, 1

D1 /4 d0 d1

2~4

CF OF PF SF ZF (AF undefined)

2 (reg-with-single shift)

15+EA(mem-with-single shift)

SHL reg/memWord, CL

D3 /4 d0 d1

2~4

CF OF PF SF ZF (AF undefined)

8+4/bit(reg-with var shift)

20+EA+4/bit(mem-with var shift)

SAR

Shift each bit of any operand right by specified number of bits. Copy old MSB into new MSB. The Carry Flag contains the
last bit shifted out.

SAR reg/memByte, 1

D0 /7 d0 d1

2~4

CF OF PF SF ZF (AF undefined)

2(reg-with-single shift)

15+EA(mem-with-single shift)

SAR reg/memByte, CL

D2 /7 d0 d1

2~4

CF OF PF SF ZF (AF undefined)

8+4/bit(reg-with var shift)

20+EA+4/bit(mem-with var shift)

SAR reg/memWord, 1

D1 /7 d0 d1

2~4

CF OF PF SF ZF (AF undefined)

2 (reg-with-single shift)

15+EA(mem-with-single shift)

SAR reg/memWord, CL

D3 /7 d0 d1

2~4

CF OF PF SF ZF (AF undefined)

8+4/bit(reg-with var shift)

20+EA+4/bit(mem-with var shift)

SHR

8+4/bit(reg-with var shift)

20+EA+4/bit(mem-with var shift)

SHR reg/memByte, 1

D0 /5 d0 d1

2~4

CF OF PF SF ZF (AF undefined)

2(reg-with-single shift)

15+EA(mem-with-single shift)

SHR reg/memByte, cl

D2 /5 d0 d1

2~4

CF OF PF SF ZF (AF undefined)

8+4/bit(reg-with var shift)

20+EA+4/bit(mem-with var shift)

SHR reg/memWord, 1

D1 /5 d0 d1

2~4

CF OF PF SF ZF (AF undefined)

2 (reg-with-single shift)

15+EA(mem-with-single shift)

SHR reg/memWord, CL

D3 /5 d0 d1

2~4

CF OF PF SF ZF (AF undefined)

8+4/bit(reg-with var shift)

20+EA+4/bit(mem-with var shift)

Branch Instructions

These are condictional and unconditioneal branch instructions and are given below:

Instruction

Description

OPCODE

Length

Flags Effected

No. of T States

JA or JNBE

Jump if above, not below, or equal i.e. when CF and ZF = 0. Take short

77 r0(relative +127/-128)

2

none

16/4

JAE/JNB/JNC

Jump if above, not below, equal or no carry i.e. when CF = 0

73 r0(relative +127/-128)

2

none

16/4

JB/JNAE/JC

Jump if below, not above, equal or carry i.e. when CF = 0

72 r0(relative +127/-128)

2

none

16/4

JBE/JNA

Jump if below, not above, or equal i.e. when CF and ZF = 1

76 r0((relative +127/-128)

2

none

16/4

JE/JZ

Jump if zero or equal i.e. when ZF = 1

74 r0 (relative +127/-128)

2

none

16/4

JG/JNLE

Jump if greater, not less or equal i.e. when ZF = 0 and CF = OF

7F r0(relative +127/-128)

2

none

16/4

JGE/JNL

Jump if greater, not less or equal i.e. when SF = OF

7D r0(relative +127/-128)

2

none

16/4

JL/JNGE

Jump if less, not greater than or equal i.e. when SF ≠ OF

7C r0(relative +127/-128)

2

none

16/4

JLE/JNG

Jump if less, equal or not greater i.e. when ZF = 1 and SF ≠ OF

7E r0(relative +127/-128)

2

none

16/4

JNO

Jump on no Overflow

JNO shortLabel

71 r0(relative +127 / -128)

2

none

16/4

JNS

Jump if not signed

JNS shortLabel

79 r0(relative +127 / -128)

2

16/4

JNP/JPO

JNP shortLabel

7B r0(relative +127 / -128)

2

JO

Jump on Overflow

JO shortLabel

70 r0(relative +127 / -128)

2

16/4

JP/JPE

Jump on Parity / Jump on parity Even

JP shortLabel

7A r0(relative +127 / -128)

2

none

16/4

JS

Jup if Signed

JS shortlabel

78 r0(relative +127 / -128)

2

none

16/4

JMP

Causes the program execution to jump unconditionally to the memory address or label given in the instruction.

JMP SHORT shortLabel

EB r0(relative +127 / -128)

2

none

15

JMP neaPointer

Intra segment direct short branch

E9 o0 o1

3

none

15

JMP memory word

Intra segment indirect (far) branch

FF /4 d0 d1

2~4

none

ip<–(EA) where EA is determined by memory word value

18+EA

JMP DWORD PTR [real mem word]

Inter segment indirect branch

FF /5 d0 d1

2~4

none

24+EA

JMP FAR PTR farPtr

Inter segment direct (far) branch

EA o0 o1 s0 s1

5

none

15

CALL

Calls a procedure whose address is given in the instruction and saves their return address to the stack.

CALL np

Intra-segment direct call

E8 o0 o1

3

none

19

CALL rw

Intra-segment indirect call

FF /2 d0 d1

2~4

none

21+EA

CALL DWORD PTR[rw]

Intra-segment indirect call through reg

Ff /3 d0 d1

2~4

none

16

CALL Indirect mem

Inter segment direct

28

CALL FAR PTR fp

Inter-segment direct call

9A o0 o1 sl sh

5

none

37+EA

RET/RETF

Returns program execution from a procedure (subroutine) to the next instruction or main program.

Transfers control from a procedure back to the instruction address saved on the stack. “n bytes” is an optional number of bytes to release. Far returns pop the IP followed by the CS, while near returns pop only the IP register.

RET

Intra-segment return

C3

1

none

8

RET immWord

Intra-segment return with Immediate data

C2 i0 i1

3

none

12

RETF

intra segment return with immediate data

CB

1

none

18

RETF immWord

inter segment return with immediate data

CA i0 i1

3

none

17

IRET

Returns program execution from an interrupt service procedure (subroutine) to the main program. Returns control to point of interruption by popping IP, CS and then the Flags from the stack and continues execution at this location. CPU exception interrupts will return to the instruction that cause the exception because the CS:IP placed on the stack during the interrupt is the address of the offending instruction.

IRET

CF

1

AF CF DF IF PF SF TF ZF

24

INT

Used to generate software interrupt at the desired point in a program. Initiates a software interrupt by pushing the flags, clearing the
Trap and Interrupt Flags, pushing CS followed by IP and loading CS:IP with the value found in the interrupt vector table. Execution
then begins at the location addressed by the new CS:IP

INT 3

CC

1

TF IF

52
51

INT imm byte

CD i0

2

TF IF

INTO

Software interrupts to indicate overflow after arithmetic operation. if the Overflow Flag is set this instruction generates an INT 4 which causes the code addressed by 0000:0010 to be executed

INTO

CE

1

IF TF


53/5

LOOP

Decrement CX, Jump to defined label until CX = 0. The “label” operand must be within -128 or 127 bytes of the instruction following the loop instruction

LOOP shortLabel

E2 r0

2

none

17/5

LOOPZ/LOOPE

Decrement CX register and jump if CX ≠ 0 and ZF = 1. The “label” operand must be within -128 or 127 bytes of the instruction following the loop instruction

LOOPZ/LOOPE shortLabel

E1 r0

2

none

18/6

LOOPNZ/LOOPNE

Decrement CX register and jump if CX ≠ 0 and ZF = 0. The “label” operand must be within -128 or 127 bytes of the instruction following the loop instruction

LOOPNZ/LOOPNE shortLabel

E0 r0

2

none

19/5

Flag Manipulation and Processor Control Instructions

Instructions of this instruction set are related to flag manipulation and machine control. The following instructions come under this category:

Instruction

Description

OPCODE

Flags Effected

No. of T States

CLC

Clear Carry Flag: This instruction resets the carry flag CF to 0.

F8

1

CF

2

CLD

Clear Direction Flag: This instruction resets the direction flag DF to 0.

FC

1

DF

2

CLI

Clear Interrupt Flag: This instruction resets the interrupt flag IF to 0.

FA

1

IF

2

CMC

This instruction take complement of carry flag CF.

F5

1

CF

2

STC

Set carry flag CF to 1.

F9

1

CF

2

STD

Set direction flag to 1.

FD

1

DF

2

STI

Set interrupt flag IF to 1.

FB

1

IF

2

HLT

Halt processing. It stops program execution. Halts CPU until RESET line is activated, NMI or maskable interrupt received. The CPU becomes dormant but retains the current CS:IP for later restart.

HLT

f4

1

none

2

NOP

Performs no operation. It results in occupation of both
space and time and is most useful for patching 🙂 code [segments].

NOP

90

1

none

3

ESC

Escape: makes bus free for external master like a coprocessor or peripheral device. The CPU treats it as a NOP but places memory operand on bus.

ESC

?

2

2(register)

8+EA(memory)

WAIT

When WAIT instruction is executed, the processor enters an idle state in which the processor does no processing. i.e CPU enters wait state until the coprocessor signals it has finished
it’s operation. This instruction is used to prevent the CPU from accessing memory that may be temporarily in use by the coprocessor. WAIT and FWAIT are identical. Wait while pin WAIT is not asserted

WAIT

9B

1

none

3+5n

LOCK

It is a prefix instruction. It makes the LOCK pin low till the execution of the next instruction.

LOCK

F0

1

none

2

String Instructions

String is series of bytes or series of words stored in sequential memory locations. The 8086 provides some instructions which handle string operations such as string movement, comparison, scan, load and store.

These instructions are explained  here:

Instruction

Description

OPCODE

Length

Flags Effected

No. of T States

MOVS/MOVSB/MOVSW

Moves 8-bit or 16-bit data from the memory location(s) addressed by ds:SI register to the memory location addressed by ES:DI register. SI and DI are incremented when the Direction Flag is cleared and decremented when the Direction Flag is Set. Use with REP prefixes.

movsb

A4

1

none

18 non-repetitive

9+17/rep

movsw

A5

1

none

CMPS/

CMPSB/CMPSW

Compares the content of memory location addressed by DI register with the content of memory location addressed by SI register. The REP prefixes can be used to process entire data items.

CMPSB

A6

1

AF CF OF PF SF ZF

22 non-repetitive

9+22/rep

CMPSW

A7

1

SCAS/SCASB/SCASW

Compares the content of accumulator with the content of memory location addressed by ES: DI register in the extra segment ES.

DI is incremented/decremented based on the instruction format (or operand size) and the state of the Direction Flag. Use with REP prefixes.

SCASB

AE

1

AF CF OF PF SF ZF

15 non-repetitive

9+15/repetition

SCASW

AF

1

AF CF OF PF SF ZF

LODS/LODSB/LODSW

Loads 8-bit or 16-bit data from memory location addressed by SI register into AL or AX register.

LODSB

AC

1

none

12 non-repetitive

9+10/repetition for repetetive

LODSW

AD

1

none

STOS/STOSB/STOSW

Stores 8-bit or 16-bit data from AL or AX register in the memory location addressed by ES: DI register. (E)DI is incremented/decremented based on the size of the operand (or instruction format) and the state of the Direction Flag. Use with REP prefixes.

STOS dest

STOSB

AA

1

none

11 not-repeated

9+10/repition FOR repetitive

STOSW

AB

1

none

REP

Repeats the given instruction until CX ≠ 0. After each string operation, CX is decremented and the Zero Flag is tested. The combination of a repeat prefix and a segment override on CPU’s before the 386 may result in errors if an interrupt occursbefore CX=0. The following code shows code that is susceptible to
this and how to avoid it:
again: rep movs byte ptr ES:[DI],ES:[SI] ; vulnerable instr.
jcxz next ; continue if REP successful
loop again ; interrupt goofed count
next:

REP :

STRING INSTRUCTION

F3

1

None

2

REPE/ REPZ

Repeats the given instruction till CX ≠ 0 and ZF = 1.

CX is decremented and the Zero Flag tested after each string operation. The combination of a repeat prefix and a segment override on processors other than the 386 may result in errors if an interrupt occurs before CX=0.

REPE:

F3

1

none

2

REPNE/REPNZ

Repeats the given instruction till CX ≠ 0 and ZF = 0.

CX is decremented and the Zero Flag tested after each string operation. The combination of a repeat prefix and a
segment override on processors other than the 386 may result in errors if an interrupt occurs before CX=0.

REPNE/REPNZ

F2

1

none

2

 

error: Content is protected !!