
 OPCODE TABLES
 -------------------------------------------------------------------------


 H uz ! Here I present to the comunity result of my work. Basically, this
 tablez are based of opcodez.lst from Ralph's list. All i did is just their
 transcription to this form. As it takes quite long time, I hope you 'll use it
 and enjoy it.
                                MGL.


                            Ŀ
                                          
                              MAIN TABLE  
                                          
                            

                      XT COMPATIBLE OPCODES PART I

ͻ
CODE   x0      x1      x2      x3      x4      x5      x6      x7   
͹
                                                                    
 0x   ADD     ADD     ADD     ADD     ADD     ADD     PUSH    POP   
     m8,r8    m,r    r8,m8    r,m    AL,im8  AX,im     ES      ES   
͹
                                                                    
 1x   ADC     ADC     ADC     ADC     ADC     ADC     PUSH    POP   
     m8,r8    m,r    r8,m8    r,m    AL,im8  AX,im     SS      SS   
͹
                                                                    
 2x   AND     AND     AND     AND     AND     AND      ES:    DAA   
     m8,r8    m,r    r8,m8    r,m    AL,im8  AX,im   prefix         
͹
                                                                    
 3x   XOR     XOR     XOR     XOR     XOR     XOR      SS:    AAA   
     m8,r8    m,r    r8,m8    r,m    AL,im8  AX,im   prefix         
͹
                                                                    
 4x  INC AX  INC CX  INC DX  INC BX  INC SP  INC BP  INC SI  INC DI 
                                                                    
͹
                                                                    
 5x   PUSH    PUSH    PUSH    PUSH    PUSH    PUSH    PUSH    PUSH  
       AX      CX      DX      BX      SP      BP      SI      DI   
͹
          N1      N1      N1      2P       3       3 memory3operand3
 6x  PUSHA    POPA   BOUND    ARPL     FS:     GS:   access   size  
                      r,m     r,m    prefix  prefix  prefix  prefix 
͹
                                                                    
 7x    JO      JNO     JC      JNC     JZ      JNZ     JA      JNA  
      rel8    rel8    rel8    rel8    rel8    rel8    rel8    rel8  
͹
     xtens   xtens   xtens   xtens                                  
 8x  TABLE 1 TABLE 2 TABLE 3 TABLE 4  TEST    TEST    XCHG    XCHG  
      r8,m8   r,m   m8,sim8  m,sim8           m8,r8   m,r     m8.r8 
͹
                                                                    
 9x   NOP     XCHG    XCHG    XCHG    XCHG    XCHG    XCHG    XCHG  
             AX,CX   AX,DX   AX,BX   AX,SP   AX,BP   AX,SI   AX,DI  
͹
                                                                    
 Ax   MOV     MOV     MOV     MOV    MOVSB    MOVS   CMPSB    CMPS  
    AL,[im8] AX,[im][im8],AL [im],AX                                
͹
                                                                    
 Bx   MOV     MOV     MOV     MOV     MOV     MOV     MOV     MOV   
     AL,im8  CL,im8  DL,im8  BL,im8  AH,im8  CH,im8  DH,im8  BH,im8 
͹
     xtens   xtens                                   xtens   xtens  
 Cx  TABLE 8 TABLE 9RET NEARRET NEAR  LES     LDS   TABLE 10TABLE 11
     m8,im8   m,im8    im             r,r     r,r    m8,im8   m,im  
͹
     xtens   xtens   xtens   xtens  !Nec    !Nec           2        
 Dx TABLE 12TABLE 13TABLE 14TABLE 15  AAM     AAD    SETALC   XLAT  
      m8,1    m,1    m8,CL    m,CL    im8     im8                   
͹
                            JCXZ rl8                                
 Ex  LOOPNZ   LOOPZ   LOOP  JECXZ rl   IN      IN     OUT     OUT   
       rl8     rl8     rl8  66:E3  3 AL,im8  AX,im8  im8,AL  im8,AX 
͹
                   @                                 xtens   xtens  
 Fx   LOCK     SMI   REPNZ  REP/REPZ  HLT     CMC   TABLE 16TABLE 17
     prefix          prefix  prefix                 m8(,im8) m(,im) 
ͼ


                            Ŀ
                                          
                              MAIN TABLE  
                                          
                            


                     XT COMPATIBLE OPCODES PART II

ͻ
CODE   x8      x9      xA      xB      xC      xD      xE      xF   
͹
                                                                  * 
 0x    OR      OR      OR      OR      OR      OR     PUSH    POP   
     m8,r8    m,r    r8,m8    r,m    AL,im8  AX,im     CS      CS   
͹
                                                                    
 1x   SBB     SBB     SBB     SBB     SBB     SBB     PUSH    POP   
     m8,r8    m,r    r8,m8    r,m    AL,im8  AX,im     DS      DS   
͹
                                                                    
 2x   SUB     SUB     SUB     SUB     SUB     SUB      CS:    DAS   
     m8,r8    m,r    r8,m8    r,m    AL,im8  AX,im   prefix         
͹
                                                                    
 3x   CMP     CMP     CMP     CMP     CMP     CMP      DS:    AAS   
     m8,r8    m,r    r8,m8    r,m    AL,im8  AX,im   prefix         
͹
                                                                    
 4x  DEC AX  DEC CX  DEC DX  DEC BX  DEC SP  DEC BP  DEC SI  DEC DI 
                                                                    
͹
                                                                    
 5x  POP AX  POP CX  POP DX  POP BX  POP SP  POP BP  POP SI  POP DI 
                                                                    
͹
          N1      N1      N1      N1       1       1       1       1
 6x  PUSH im  IMUL  PUSH im8  IMUL    INSB    INS    OUTSB    OUTS  
             r,i,m           r,i8,m                                 
͹
                                                                    
 7x    JS      JNS     JP      JNP     JL      JNL     JNG     JG   
       rl8     rl8     rl8     rl8     rl8     rl8     rl8     rl8  
͹
                                     xtens           xtens   xtens  
 8x   MOV     MOV     MOV     MOV    TABLE 5  LEA    TABLE 6 TABLE 7
     m8,r8    r,m    r8,m8    r,m     m,sr    r,m     sr,m     m    
͹
      CBW     CWD                    PUSHF    POPF                  
 9x  CWDE  3  CDQ  3  CALL    WAIT  PUSHFD 3 POPFD 3  SAHF    LAHF  
     66:98   66:99    far            66:9C   66:9D                  
͹
                             STOSW           LODSW           SCASW  
 Ax   TEST    TEST   STOSB   STOSD   LODSB   LODSD   SCASB   SCASD  
     AL,im8  AX,im                                                  
͹
                                                                    
 Bx   MOV     MOV     MOV     MOV     MOV     MOV     MOV     MOV   
     AX,im   CX,im   DX,im   BX,im   SP,im   BP,im   SI,im   DI,im  
͹
          N1      N1                                                
 Cx  ENTER   LEAVE   RET FAR RET FAR INT 3   INT im8  INTO    IRET  
     im,im8            im                                           
͹
           !       !       !       !       !       !       !       !
 Dx   ESC 0   ESC 1   ESC 2   ESC 3   ESC 4   ESC 5   ESC 6   ESC 7 
     im6b,m  im6b,m  im6b,m  im6b,m  im6b,m  im6b,m  im6b,m  im6b,m 
͹
      CALL    JMP     JMP     JMP                                   
 Ex   NEAR    NEAR    FAR    SHORT     IN      IN     OUT     OUT   
                                      AL,DX   AX,DX  DX,AL   DX,AX  
͹
                                                     xtens   xtens  
 Fx   CLC     STC     CLI     STI     CLD     STD   TABLE 18TABLE 19
                                                       m8     m     
ͼ
-------------------------------------------------------------------------------
                          ͻ
                           EXTENDED OPCODEZ 
                           1ST BYTE = 0F    
                                PART I      
                          ͼ
ͻ
 0F    x0      x1      x2      x3      x4      x5      x6      x7   
͹
           2       2       2       2 altern                2     3-4
 0x  xtens   xtens    LAR     LSL   LOADALL LOADALL   CLTS  LOADALL 
    TABLE 20TABLE 21  r,m     r,m   only 286only 286        RES3  Az
       m       m                                            RET4  Ad
                                                            ICERET i
͹
     UMOV  $ UMOV  $ UMOV  $ UMOV  $      N2      N2      N2      N2
 1x  m8,r8    m,r    r8,m8    r,m                                   
          N2      N2      N2      N2  SET1    SET1    NOT1    NOT1  
     TEST1   TEST1   CLEAR1  CLEAR1  m8,CL    m,CL   m8,CL    m,CL  
     m8,CL    m,CL   m8,CL    m,CL                                  
͹
     MOV   3       3 MOV   3       3     3-4         MOV 3-4        
 2x  r32,CRn  MOV    CRn,r32  MOV     MOV            TRn,r32        
          N2 CRn,r32      N2 DRn,r32 r32,TRn              N2reserved
     ADD4S           SUB4S                           CMPS4S         
͹
         P5iRDTSC P5     P5iRDMPC P6                                
 3x   WRMSR  INS  N2  RDMSR  EXT  N2                                
             r8,r8           r8,r8                                  
͹
          P6      P6      P6      P6      P6      P6      P6      P6
 4x  CMOVO   CMOVNO  CMOVC   CMOVNC  CMOVZ   CMOVNZ  CMOVA   CMOVNA 
      r,m     r,m     r,m     r,m     r,m     r,m     r,m     r,m   
͹
 5x                                                                 
͹
     PUNPC-  PUNPC-  PUNPC-                                         
 6x   KLBW    KLWD    KLDQ  PACKSSWB PCMPGTB PCMPGTW PCMPGTDPACKUSWB
MMX  m,m/m64 m,m/m64 m,m/m64 m,m/m64 m,m/m64 m,m/m64 m,m/m64 m,m/m64
͹
             xtens   xtens   xtens                                  
 7x         TABLE 24TABLE 25TABLE 26 PCMPEQB PCMPEQW PCMPEQD  EMMS  
MMX                                  m,m/m64 m,m/m64 m,m/m64        
͹
           3       3       3       3       3       3       3       3
 8x    JO     JNO      JC     JNC      JZ     JNZ     JNA      JA   
      rl16    rl16    rl16    rl16    rl16    rl16    rl16    rl16  
͹
           3       3       3       3       3       3       3       3
 9x   SETO    SETNO   SETC    SETNC   SETZ    SETNZ   SETNA   SATA  
       m8      m8      m8      m8      m8      m8      m8      m8   
͹
           3       3     4SL       3       3       3XBTS !!!IBTS !!!
 Ax  PUSH FS POP FS  CPUID     BT     SHLD    SHLD   r,m,AX,  m,AX, 
                              m,r    m,r,im  m,r,CL   CL       CL   
                                                    CMPXCHG CMPXCHG 
                                                     m8,r8    m,r   
͹
    B1+    4B1+    4       3       3       3       3       3       3
 Bx CMPXCHG CMPXCHG   LSS     BTR     LFS     LSG     MOVZX   MOVZX 
     m8,r8    r,m     r,m     m,r     r,m     r,m     r,m8    r32,m 
͹
           4       4                                         xtens  
 Cx   XADD    XADD  reservedreservedreservedreservedreservedTABLE 23
     m8,r8    m,r                                                   
͹
         MMX     MMX     MMX             MMX                        
 Dx  PSRLW   PSRLD   PSRLQ  reserved PMULLW reservedreservedreserved
     m,m/m64 m,m/m64 m,m/m64         m,m/m64                        
͹
         MMX     MMX                     MMX                        
 Ex  PSRAW   PSRAD  reservedreserved PMULHW reservedreservedreserved
     m,m/m64 m,m/m64                 m,m/m64                        
͹
         MMX     MMX     MMX        PMU- MMX                        
 Fx   PSLLW  PSLLD   PSLLQ  reserved LADDWD reservedreservedreserved
     m,m/m64 m,m/m64 m,m/m64         m,m/m64                        
ͼ

                          ͻ
                           EXTENDED OPCODEZ 
                            1ST BYTE = 0F   
                               PART II      
                          ͼ

ͻ
 0F    x8      x9      xA      xB      xC      xD      xE      xF   
͹
           4      4                #                                
 0x   INVD   WBINVD reserved   UD2  reservedreservedreservedreserved
                                                                    
͹
          N2      N2      N2      N2      N2      N2      N2      N2
 1x  TEST1   TEST1   CLEAR1  CLEAR1   SET1    SET1    NOT1    NOT1  
     m8,im8  m,im8   m8,im8  m,im8   m8,im8   m,im8  m8,im8   m,im8 
͹
          N2              N2                                        
 2x   ROL4  reserved  ROL4  reservedreservedreservedreservedreserved
       m8              m8                                           
͹
 3x                                                                 
͹
          P6      P6      P6      P6      P6      P6      P6      P6
 4x  CMOVS   CMOVNS  CMOVP   CMOVNP  CMOVL   CMOVNL  CMOVNG  CMOVG  
      r,m     r,m     r,m     r,m     r,m     r,m     r,m     r,m   
͹
 5x                                                                 
͹
     PUNPC-  PUNPC-  PUNPC-                                         
 6x   KHBW    KHWD    KHDQ  PACKSSDW                  MOVD    MOVD  
MMX  m,m/m64 m,m/m64 m,m/m64 m,m/m64                 m,r/m32 m,m/m64
͹
          M5      M5      M5      M5      M5      M5SMINT M6     MMX
 7x   SVDC    RSDC   SVLDT    RSLDT   SVTS    RSTS       MMX  MOVD  
      m,sr    sr,m    m        m       m       m      MOVD          
                                                     r/m32,m m/m64,m
͹
           3       3       3       3       3       3       3       3
 8x    JS      JNS     JP      JNP     JL      JNL     JNG     JG   
      rl16    rl16    rl16    rl16    rl16    rl16    rl16    rl16  
͹
           3       3       3       3       3       3       3       3
 9x   SETS    SETNS   SETP    SETNP   SETL    SETNL   SETNG   SETG  
       m8      m8      m8      m8      m8      m8      m8      m8   
͹
           3       3    i486       3       3       3               3
 Ax  PUSH GS POP GS   RSM     BTS     SHRD    SHRD            IMUL  
                              m,r    m,r,im  m,r,CL           r/m   
͹
                     xtens 3       3       3       3       3       3
 Bx                 TABLE 22  BTC     BSF     BSR     MOVSX   MOVSX 
                              m,r     r,m     r,m     r,m8    r32,m 
͹
           4       4       4       4       4       4       4       4
 Cx  BSWAP    BSWAP   BSWAP   BSWAP   BSWAP   BSWAP   BSWAP   BSWAP 
͹
 Dx reservedreservedreservedreservedreservedreservedreservedreserved
͹
 Ex reservedreservedreservedreservedreservedreservedreservedreserved
͹
                                                            UD    K5
 Fx reservedreservedreservedreservedreservedreservedreservedOIO  Cx6
                                                              BRKEM 
                                                            N2 im8  
ͼ
-------------------------------------------------------------------------------
                       ͻ
                        CODE EXTENTIONS TABLE 
                       ͼ

First look at main table or extended opcodez table. If you find entry like

                        xtens
                       TABLE XX
look in the line #XX in this table.

Next byte have format
      MMOOOMMM  :  MM is memory mode (see postbyte)
                OOO select operation in this extention code field
                MMM is memory field (see Postbyte)
        
        
        VVV
ͻ
EXT   000     001     010     011     100     101     110     111   
͹
 80                                                                 
      ADD      OR     ADC     SBB     AND     SUB     XOR     CMP   
#1   m8,i8   m8,i8   m8,i8   m8,i8   m8,i8   m8,i8   m8,i8   m8,i8  
͹
 81                                                                 
      ADD      OR     ADC     SBB     AND     SUB     XOR     CMP   
#2    m,i     m,i     m,i     m,i     m,i     m,i     m,i     m,i   
͹
 82                                                                 
      ADD             ADC     SBB             SUB             CMP   
#3   m8,sim8         m8,im8  m8,sim8         m8,sim8         m8,sim8
͹
 83                3                       3               3        
      ADD      OR     ADC     SBB     AND     SUB     XOR     CMP   
#4   m,sim8  m,sim8  m,sim8  m,sim8  m,sim8  m,sim8  m,sim8  m,sim8 
͹
 8C                                        3       3                
      MOV     MOV     MOV     MOV     MOV     MOV                   
#5    m,ES    m,CS    m,SS    m,DS    m,FS    m,GS                  
͹
 8E               **                       3       3                
      MOV     MOV     MOV     MOV     MOV     MOV                   
#6    ES,m    CS,m    SS,m    DS,m    FS,m    GS,m                  
͹
 8F                                                                 
      POP                                                           
#7    mem                                                           
͹
 C0        1       1       1       1       1       1       1       1
      ROL     ROR     RCL     RCR     SHL     SHR     SAL     SAR   
#8   m8,i8   m8,i8   m8,i8   m8,i8   m8,i8   m8,i8   m8,i8   m8,i8  
͹
 C1        1       1       1       1       1       1       1       1
      ROL     ROR     RCL     RCR     SHL     SHR     SAL     SAR   
#9    m,i8    m,i8    m,i8    m,i8    m,i8    m,i8    m,i8    m,i8  
͹
 C6                                                                 
      MOV                                                           
#10  m8,i8                                                          
͹
 C7                                                                 
      MOV                                                           
#11   M,i16                                                         
͹
 D0                                                                 
      ROL     ROR     RCL     RCR     SHL     SHR     SAL     SAR   
#12  m8,1    m8,1    m8,1    m8,1    m8,1    m8,1    m8,1    m8,1   
͹
 D1                                                                 
      ROL     ROR     RCL     RCR     SHL     SHR     SAL     SAR   
#13   m,1     m,1     m,1     m,1     m,1     m,1     m,1     m,1   
͹
 D2                                                                 
      ROL     ROR     RCL     RCR     SHL     SHR     SAL     SAR   
#14  m8,CL   m8,CL   m8,CL   m8,CL   m8,CL   m8,CL   m8,CL   m8,CL  
͹
 D1                                                                 
      ROL     ROR     RCL     RCR     SHL     SHR     SAL     SAR   
#15   m,CL    m,CL    m,CL    m,CL    m,CL    m,CL    m,CL    m,CL  
͹
 F6                                                                 
      TEST            NOT     NEG     MUL     IMUL    DIV     IDIV  
#16  m8,i8            m8      m8      m8      m8      m8      m8    
͹
 F7                                                                 
      TEST            NOT     NEG     MUL     IMUL    DIV     IDIV  
#17   m,i16            m       m       m       m       m       m    
͹
 FE                                                                 
      INC     DEC                                                   
#18   m8      m8                                                    
͹
 FF                   CALL    CALL    JMP     JMP                   
      INC     DEC     NEAR    FAR     NEAR    FAR     PUSH          
#19    m       m      mem     mem     mem     mem     mem           
͹
0F00       2       2       2       2       2       2                
      SLDT    STR     LLDT    LTR     VERR    VERW                  
#20   mem     mem     mem     mem     mem     mem                   
͹
0F01       2       2       2       2       2               2       4
      SGDT    SIDT    LGDT    LIDT    SMSW            LMSW   INVLPG 
#21   mem     mem     mem     mem     mem             mem     mem   
͹
0FBA                                       3       3       3       3
                                       BT     BTS     BTR     BTC   
#22                                   m,i8    m,i8    m,i8    m,i8  
͹
0FC7         CMP- P5                                                
             XCHG8B                                                 
#23           mem                                                   
ͼ
!!!.... Intel (!!!) 80386 steps A0-B0
        Intel (!!!) 80486 steps A0-B0
!...... Refer to future part
        Coprocessor commands.
!Nec... only D4 0A and D5 0A on NECs w/o
#...... all, but documented on Pentium Pro only
$...... really different op. space  ; 386-486,Never Pentium
        on AMD Amz86zXLV, never P6, Cx5x86+
*...... POP CS; 8088 non CMOS versions
        >>>  TABLE 01 ; NECs & 286+
        Invalid Opcode; 186/188
**..... 8088 non CMOS versions
1...... 186+
2...... 286+
2P..... 286+ PM
3-4.... only 386 and 486
3...... 386+
4...... 486+
4SL.... 486 SL enhanced,Pentium,UMC,i386CX,P6,M1,K5
@...... AMD Am386/486DXLV
Ad..... AMD Am486DXLV
Az..... AMD Am386zXLV
B1+.... Intel B1+ step only
Cx6.... Cyrix Cx6x86+ and all other CPUs
i...... IBM 386SLC,486SLC,486SLC2
i486... i486 SL Enhanced, i386CX, Pentium etc
K5..... AMD Am5k86+  and all other CPUs
M5..... Cyrix M5+
M6..... Cyrix M6+
MMX.... MMX
N1..... NECs & 186+
N2..... NEC V20+
P5..... Pentium
P5i.... Pentium, IBM 386SLC,486SLC/SLC2


Disclaimer: the stuff above should be correct, but I can't give you
            ** none ** warranty it is. Remember, you use these tablez
            on your own risk.

-----------------------------------------------------------------------------

                            Machine Code Opcodes
                                on the x86
                                  -TI #1-
                            Compiled by: Cyclone


[Disclaimer]
     I am NOT responsible for whatever you decide to do with this
     information.  I am also not responsible for the correctness of
     the information provided, although I did my best to see to it
     that it is correct (the book I used had a ton of errors, so
     one or two might have survived.  If that's the case sorry).

[Introduction]

        This text assumes you already have a working knowledge of the workings
of the x86 assembly language.  I have, therefore, decided against typing up the
function of each of the instructions, as I didn't feel like doing that much
typing, and the x86 instruction set is fairly well documented anyway.  For full
use of this text, I recommend you have a list of the various instructions and
their function.  So without further adieu...


The structure of a typical assembly instruction is as follows:
----------      ----------      ----------      ------------    ------------
 Prefix          Opcode          Address        Displacement     Data
 1-byte          1/2-byte        1/2-byte        1/2/4-byte      1/2/4-byte
(optional)                      (optional)       (optional)      (optional)
----------      ----------      ----------      ------------    ------------



[Prefixes]

There are 5 types of prefixes:
        Operand Size
        Address Size
        Segment Override        - cs,ds,es,ss,fs,gs
        Bus LOCK                - lock
        Repeat                  - repz, repnz/rep

        More than one prefix can be uses for one instruction.  The order of the
prefixes does not matter as long as the prefixes are of different types.  If
the prefixes are of the same type than the last one takes effect.

For example:
        cs:
        es:
        mov     [si],5
is equivalent to:
        es:
        mov     [si],5

Note:
        use32           \
        repnz             = rep movsd (in real mode)
        movsw           /
is equivalent to:
        repnz           \
        use32             = rep movsd (in real mode)
        movsw           /

It is worth while to point out that the REP/REPNZ instruction can only precede:
LODS, STOS, MOVS, INS, OUTS, CMPS, SCAS.  The REPZ instruction can only
precede CMPS and SCAS.  Putting these repeat instructions with other
instructions will have no effect.

Also, The LOCK instruction can only precede certain instructions.  These are:
XCHG    mem,
ADD     mem,
ADC     mem,
SUB     mem,
SBB     mem,
NEG     mem
OR      mem,
AND     mem,
XOR     mem,
NOT     mem
BTC     mem
BTR     mem
BTS     mem
if a lock precedes an instruction other than one listed above the CPU will not
be a happy camper and issue an exception 6 (invalid opcode)

Other prefixes like the address, operand, and segment prefixes are much more
forgiving.  When they are paired with something silly (like NOP), they are
just ignored.

One final note about prefixes:
        There is an upper limit to the size of an instruction.  For example,
the 386's largest instruction is 15 bytes.  This can only be achieved ny excess
prefixing.  If the instruction becomes too large for the processor to handle,
the CPU screams (issues an exception 13).



[Opcodes]

        Opcodes tell the computer which instructions are to be executed.  These
can be one to two bytes long.  Originally, way back on the 8086, all the
opcode bytes were a single byte.  Well, eventually, this proved to be too
little for our friends at Intel, and the size was expanded to up to two bytes.
To do this one opcode was scrapped from the "POP segreg" family.  The
Instruction "POP CS" was removed and now its bit pattern basically means:
"more opcodes coming".

Pop Seg. Reg.   -       000xx111
Pop CS          -       00001111

Thus POP CS doesn't work on an 286 or higher.

The Opcode does contain some useful info.  Let's look at the SUB opcode.
The byte to subtract a register from another register is:
-----------------
|0|0|1|0|1|0|d|w|
-----------------
What the heck is a "w" and a "d" bit you might ask?  Fair enough.

A "w" bit decides whether the operand is a byte size, or bigger.  How big?
Well, that depends on the mode of the processor.  If the CPU is in protected
mode or 32-bit mode, then it's 32-bits.  If, on the other hand, the CPU is
running real or virtual mode, then it's 16-bit.

The "d" bit decides which operand comes first.  A value of '0' means the
"mod R/M" is the first operand while "reg" is operand 2 (for more info on what
the "mod R/M" and "reg" fields are, see the next section).  If the bit was '1',
then the "reg" field is operand 1, while "mod R/M" is operand 2.
For example:
  (001010dw = sub,  "mod R/M"= [bx],  "reg"= AX )
00101000 ...    - sub   [BX], AL
The opcode can also sometimes have a reg field, as in the case of "inc reg",
"dec reg", "xchg ax,reg", "push", "pop".

Also, sometimes the opcode byte alone, does not determine the entire
instruction.  This happens mainly in cases where an immediate value is involved.
In these cases, the rest of the operation is usually stored in the "reg" field.



[Addresses]

        It's time we talk about one of the ugliest things in the x86 language
- the Address byte(s).  It's not hard, but it is a wee bit messy.  Lets start
in Real mode.

        In real mode the Address byte - is just that (1 byte).  It contains a
"Mod" field, a "R/M" field, and a "Reg" field as follows:
        -----------------
        |mod| reg | R/M |
        -----------------

The "Mod" & "R/M" fields make up the first operand while the "reg" field makes
up the second.  The full table of values is in the accompanying text.  Notice
that the combination of the mod & R/M fields is 5-bits.  This allows many more
options for the first operand than the second.  If mod = 0 then the thing
specified by R/M is a pointer (ex.  mod=00, R/M=100 => [SI]).  When mod = 1,
an 8-bit displacement is added (ex. mod=01, R/M=100 => [SI+d8]).  When mod is
2, a full 16-bit displacement is added (ex mod=10, R/M=100 => [SI+d16]).
When mod = 3, the second field is a register - not a memory location.  I think
it's time for an example.
  (001010dw = sub,  reg: AX=000 CX=001 DX= 010 BX=011)
00101001 00000000       - sub   [BX+SI], AX     ; mod=00 R/M=000 => [BX+SI]
00101001 01001100       - sub   [SI+d8], CX     ; mod=01 R/M=100 => [SI+d8]
00101011 00000100       - sub   AX, [SI]        ; mod=00 R/M=100 => [SI]
00101011 11001010       - sub   CX, DX          ; mod=11 R/M=010 => DX

Hopefully that's clear enough, so I can mess with your mind some more in
protected mode.  If you don't care about Protected Mode, feel free to skip to
the next section.

Protected mode isn't so easy - what else is new?  IN Protected mode can have
upto 2 Address bytes of the following structure:
        -----------------   [ ----------------- ]
        |mod| reg | R/M |   [ |ss |index| base| ]
        -----------------   [ ----------------- ]
The second byte only appears if the R/M field is 100.

If the R/M field is not 100, then the structure is almost the same as in real
mode with one exception.  The values mean different things.  For example:
mod=00 RM=000
in real mode            = [BX+SI]
in protected mode       = [EAX]

When the R/M field does equal 000 then the second byte is added.  It contains:
        ss      - A scale factor of the index (times 1,2,4,8)
        index   - index (like in an array)
        base    - holds the info the R/M couldn't
For example:
        mov     [EAX+EBX*8],EDX         ; (mod=00)
                  |   |  |   |--- reg field
                  |   |  |------- ss (scale factor)
                  |   |---------- index
                  |-------------- base


[Displacements]

        In the last section you might have noticed I mention displacements.
They were labelled as d8 and d16 in my examples.  There's noting hard about
displacements.  Displacements are a constant number added to a memory location.
Example:
        mov     [SI],ax         ; just [si] - no displacement
        mov     [SI+2],ax       ; 2 - usually a byte (8-bit) displacement
        mov     [SI+1000],ax    ; 1000 - 16-bit displacement.
Displacements are signed numbers.  That means they do represent negative
numbers (FFh = -1, FEh= -2, etc).  This allows things like:
        mov     [SI-2],ax
The size (if any) of the displacement field is determined by the Address byte.
And that's really all there is to know about that.


[Data]

        Some Opcodes require immediate data.  This is where that data is put
(at the end of the instruction).  Examples:
        mov     ax,1234h        ; data = 1234h
        int     21h             ; data = 21h
        shl     ax,4            ; data = 4
Some opcodes require more than one piece of data (like direct far jumps and
calls).  These are well labeled in the other text though.


[So Example time (again)]

So let's say you want to create:        sub     ax, es:[BX+6]
You look up SUB and you find:

-SUB-------Integer Subtract
                -----------------  -----------------
Register/Memory |0|0|1|0|1|0|d|w|  |mod| reg | R/M |
                -----------------  -----------------
Immediate to    -----------------  -----------------
Register/Memory |1|0|0|0|0|0|s|w|  |mod|1|0|1| R/M |  -Data-
                -----------------  -----------------
Immediate to    -----------------
AL/AX/EAX Reg.  |0|0|1|0|1|1|0|w|  -Data-
                -----------------

Well, we have no immediate data so we're concerned only with the first one.
-----------------  -----------------
|0|0|1|0|1|0|d|w|  |mod| reg | R/M |
-----------------  -----------------

The first thing the instruction needs is a prefix.  The prefix is es:.  So
we look up ES: and find:
-----------------
|0|0|1|0|0|1|1|0|
-----------------

This is the first byte of the instruction.  (26h)

The instruction "sub ax,es:[bx+6]" is word sized (we're dealing with ax).
Thus the "w" bit is set to 1.
The more "complex" instruction which can be represented only by the mod R/M
part of the address is operand 2, thus the "d" bit is set.  Thus the opcode
looks like:
00101011b       = 2Bh

Now we need reg= 000 => AX,
and mod=01 & reg=110 => [BX+d8]
Thus slapping these values into the address byte we get:
        01 000 110      = 46h

The displacement is 6 and it's a byte => 06h
And we have no immediate data.

Thus sub ax,es:[bx+6] =
26h,    2Bh,    46h,    06h
prefix  opcode  addr.   disp.


[Final Example]

        cs:0100h        jb      1009h   (numbers are memory locations)

No prefixes to worry about.
The instruction we need has Full 16-displacement.  It follows:
                -----------------  -----------------
Full Displ. -   |0|0|0|0|1|1|1|1|  |1|0|0|0| cond. |  Full displacement
                -----------------  -----------------
the condition we need (b = below) = 0010.
Thus our opcode is:     0Fh, 82h

Displacements are calculated by, finding out the ending address of the
current instruction and subtracting it from the destination instruction.
Thus we have:
1009h [dest] - (0100h (start of instruction) + 4 (length of instruction))
= 1005h
Thus our displacement is: 1005h
However intel stores it's numbers backward, so in memory 1005h looks like:
05h, 01h

Our instruction thus is:
        0Fh, 82h, 05h, 01h

Please note:  only numbers are flipped.  Opcode are not.

------------------------------------------------------------------------------

So, here are the opcodes:

-AAA-------ASCII Adjust after Addition
-----------------
|0|0|1|1|0|1|1|1|
-----------------

-AAD-------ASCII Adjust before Division
-----------------  -----------------
|1|1|0|1|0|1|0|1|  |0|0|0|0|1|0|1|0|
-----------------  -----------------

-AAM-------ASCII Adjust after Multiplication
-----------------  -----------------
|1|1|0|1|0|1|0|0|  |0|0|0|0|1|0|1|0|
-----------------  -----------------

-AAS-------ASCII Adjust after Subtraction
-----------------
|0|0|1|1|1|1|1|1|
-----------------

-ADC-------Add with Carry
                -----------------  -----------------
Register/Memory |0|0|0|1|0|0|d|w|  |mod| reg | R/M |
                -----------------  -----------------
Immediate to    -----------------  -----------------
Register/Memory |1|0|0|0|0|0|s|w|  |mod|0|1|0| R/M |  -Data-
                -----------------  -----------------
Immediate to    -----------------
AL/AX/EAX Reg.  |0|0|0|1|0|1|0|w|  -Data-
                -----------------

-ADD-------Integer Add
                -----------------  -----------------
Register/Memory |0|0|0|0|0|0|d|w|  |mod| reg | R/M |
                -----------------  -----------------
Immediate to    -----------------  -----------------
Register/Memory |1|0|0|0|0|0|s|w|  |mod|0|0|0| R/M |  -Data-
                -----------------  -----------------
Immediate to    -----------------
AL/AX/EAX Reg.  |0|0|0|0|0|1|0|w|  -Data-
                -----------------

-AND-------Logical AND
                -----------------  -----------------
Register/Memory |0|0|1|0|0|0|d|w|  |mod| reg | R/M |
                -----------------  -----------------
Immediate to    -----------------  -----------------
Register/Memory |1|0|0|0|0|0|s|w|  |mod|1|0|0| R/M |  -Data-
                -----------------  -----------------
Immediate to    -----------------
AL/AX/EAX Reg.  |0|0|1|0|0|1|0|w|  -Data-
                -----------------

-ARPL------Adjust RPL field of selector
-----------------  -----------------
|0|1|1|0|0|0|1|1|  |mod| Reg | R/M |
-----------------  -----------------

-BOUND-----Check Array Index Against Bounds
Available: 186+
-----------------  -----------------
|0|1|1|0|0|0|1|0|  |mod| Reg | R/M |
-----------------  -----------------

-BSF-------Bit Scan Forward
Available: 386+
-----------------  -----------------  -----------------
|0|0|0|0|1|1|1|1|  |1|0|1|1|1|1|0|0|  |mod| Reg | R/M |
-----------------  -----------------  -----------------

-BSR-------Bit Scan Reverse
Available: 386+
-----------------  -----------------  -----------------
|0|0|0|0|1|1|1|1|  |1|0|1|1|1|1|0|1|  |mod| Reg | R/M |
-----------------  -----------------  -----------------

-BT--------Bit Test
Available: 386+
                -----------------  -----------------  -----------------
R/M, # -        |0|0|0|0|1|1|1|1|  |1|0|1|1|1|0|1|0|  |mod|1|0|0| R/M |  8-bit#
                -----------------  -----------------  -----------------
                -----------------  -----------------  -----------------
R/M, R -        |0|0|0|0|1|1|1|1|  |1|0|1|0|0|0|1|1|  |mod| Reg | R/M |
                -----------------  -----------------  -----------------

-BTC-------Bit Test, then Complement bit
Available: 386+
                -----------------  -----------------  -----------------
R/M, # -        |0|0|0|0|1|1|1|1|  |1|0|1|1|1|0|1|0|  |mod|1|1|1| R/M |  8-bit#
                -----------------  -----------------  -----------------
                -----------------  -----------------  -----------------
R/M, R -        |0|0|0|0|1|1|1|1|  |1|0|1|1|1|0|1|1|  |mod| Reg | R/M |
                -----------------  -----------------  -----------------

-BTR-------Bit Test, then Reset bit
Available: 386+
                -----------------  -----------------  -----------------
R/M, # -        |0|0|0|0|1|1|1|1|  |1|0|1|1|1|0|1|0|  |mod|1|1|0| R/M |  8-bit#
                -----------------  -----------------  -----------------
                -----------------  -----------------  -----------------
R/M, R -        |0|0|0|0|1|1|1|1|  |1|0|1|1|0|0|1|1|  |mod| Reg | R/M |
                -----------------  -----------------  -----------------

-BTS-------Bit Test, then Set bit
Available: 386+
                -----------------  -----------------  -----------------
R/M, # -        |0|0|0|0|1|1|1|1|  |1|0|1|1|1|0|1|0|  |mod|1|0|1| R/M |  8-bit#
                -----------------  -----------------  -----------------
                -----------------  -----------------  -----------------
R/M, R -        |0|0|0|0|1|1|1|1|  |1|0|1|0|1|0|1|1|  |mod| Reg | R/M |
                -----------------  -----------------  -----------------

-CALL------Call procedure
                -----------------
Near,Direct     |1|1|1|0|1|0|0|0|  16-bit displacement
                -----------------
                -----------------  -----------------
Near,Indirect   |1|1|1|1|1|1|1|1|  |mod|0|1|0| R/M |
                -----------------  -----------------
                -----------------
Far,Direct      |1|0|0|1|1|0|1|0|  Absolute Offset, Segment
                -----------------
                -----------------  -----------------
Far,Indirect    |1|1|1|1|1|1|1|1|  |mod|0|1|1| R/M |
                -----------------  -----------------

-CBW/CWDE--Convert Byte to Word / Convert Word to Doubleword
-----------------
|1|0|0|1|1|0|0|0|
-----------------

-CLC-------Clear Carry flag
-----------------
|1|1|1|1|1|0|0|0|
-----------------

-CLD-------Clear Direction flag
-----------------
|1|1|1|1|1|1|0|0|
-----------------

-CLI-------Clear Interrupt flag (disable Interrupts)
-----------------
|1|1|1|1|1|0|1|0|
-----------------

-CLTS------Clear Task-Switched flag in CR0
Available: 386+ (L0 protected)
-----------------  -----------------
|0|0|0|0|1|1|1|1|  |0|0|0|0|0|1|1|0|
-----------------  -----------------

-CMC-------Complement Carry flag
-----------------
|1|1|1|1|0|1|0|1|
-----------------

-CMP-------Compare
                -----------------  -----------------
Register/Memory |0|0|1|1|1|0|d|w|  |mod| reg | R/M |
                -----------------  -----------------
Immediate to    -----------------  -----------------
Register/Memory |1|0|0|0|0|0|s|w|  |mod|1|1|1| R/M |  -Data-
                -----------------  -----------------
Immediate to    -----------------
AL/AX/EAX Reg.  |0|0|1|1|1|1|0|w|  -Data-
                -----------------

-CMPS_-----Compare String data (CMPSB, CMPSW, CMPSD)
-----------------
|1|0|1|0|0|1|1|w|
-----------------

-CWD/CDQ---Convert Word to Doubleword/Convert Doubleword to Quadword
-----------------
|1|0|0|1|1|0|0|1|
-----------------

-DAA-------Decimal Adjust after Addition
-----------------
|0|0|1|0|0|1|1|1|
-----------------

-DAS-------Decimal Adjust after Subtraction
-----------------
|0|0|1|0|1|1|1|1|
-----------------

-DEC-------Decrement
                -----------------  -----------------
Register/Memory |1|1|1|1|1|1|1|w|  |mod|0|0|1| R/M |
                -----------------  -----------------
                -----------------
Register        |0|1|0|0|1| Reg |
                -----------------

-DIV-------Unsigned Divide
-----------------  -----------------
|1|1|1|1|0|1|1|w|  |mod|1|1|0| R/M |
-----------------  -----------------

-ENTER-----Make Stack Frame For Procedure Parameters
-----------------
|1|1|0|0|1|0|0|0|  16-bit displacement, 8-bit level
-----------------

-HLT-------Halt until interrupt
-----------------
|1|1|1|1|0|1|0|0|
-----------------

-IDIV------Integer (signed) Divide
-----------------  -----------------
|1|1|1|1|0|1|1|w|  |mod|1|1|1| R/M |
-----------------  -----------------

-IMUL------Integer (signed) Multiply
                -----------------  -----------------  -----------------
R, R/M -        |0|0|0|0|1|1|1|1|  |1|0|1|0|1|1|1|1|  |mod| reg | R/M |
                -----------------  -----------------  -----------------
AL/AX/EAX,      -----------------  -----------------
Reg/Mem -       |1|1|1|1|0|1|1|w|  |mod|1|0|1| R/M |
                -----------------  -----------------
                -----------------  -----------------
R/M, # -        |0|1|1|0|1|0|s|1|  |mod| reg | R/M |  -data-
                -----------------  -----------------

-IN--------Input from IO port
                -----------------
from Immediate- |1|1|1|0|0|1|0|w|  8-bit Port Num.
                -----------------
                -----------------
from DX-        |1|1|1|0|1|1|0|w|
                -----------------

-INC-------Increment
                -----------------  -----------------
Register/Memory |1|1|1|1|1|1|1|w|  |mod|0|0|0| R/M |
                -----------------  -----------------
                -----------------
Register        |0|1|0|0|0| Reg |
                -----------------

-INS_------Input String data (INSB, INSW, INSD)
-----------------
|0|1|1|0|1|1|0|w|
-----------------

-INT 3-----Interrupt 3 (Breakpoint)
-----------------
|1|1|0|0|1|1|0|0|
-----------------

-INTO------Interrupt 4 if Overflow
-----------------
|1|1|0|0|1|1|1|0|
-----------------

-INT-------Interrupt
-----------------
|1|1|0|0|1|1|0|1|  8-bit Interrupt #
-----------------

-IRET------Return from Interrupt (also IRETD)
-----------------
|1|1|0|0|1|1|1|1|
-----------------

-J__-------Conditional Jump
                -----------------
8-Bit Displ. -  |0|1|1|1| cond. |  8-bit Displacement
                -----------------
                -----------------  -----------------
Full Displ. -   |0|0|0|0|1|1|1|1|  |1|0|0|0| cond. |  Full displacement
                -----------------  -----------------

-JCXZ------Jump if CX = 0  (also JECXZ)
-----------------
|1|1|1|0|0|0|1|1|  8-bit Displacement
-----------------

-JMP-------Jump
                -----------------
Near,8-bit      |1|1|1|0|1|0|1|1|  8-bit Displacement
                -----------------
                -----------------
Near,Direct     |1|1|1|0|1|0|0|1|  Full Displacement
                -----------------
                -----------------  -----------------
Near,Indirect   |1|1|1|1|1|1|1|1|  |mod|1|0|0| R/M |
                -----------------  -----------------
                -----------------
Far,Direct      |1|1|1|0|1|0|1|0|  Absolute Offset, Segment
                -----------------
                -----------------  -----------------
Far,Indirect    |1|1|1|1|1|1|1|1|  |mod|1|0|1| R/M |
                -----------------  -----------------

-LAHF------Load AH from flags
-----------------
|1|0|0|1|1|1|1|1|
-----------------

-LAR-------Load Access Rights
-----------------  -----------------  -----------------
|0|0|0|0|1|1|1|1|  |0|0|0|0|0|0|1|0|  |mod| reg | R/M |
-----------------  -----------------  -----------------

-LEA-------Load Effective Address
-----------------  -----------------
|1|0|0|0|1|1|0|1|  |mod| reg | R/M |
-----------------  -----------------

-LEAVE-----High Level Procedure Exit
-----------------
|1|1|0|0|1|0|0|1|
-----------------

-LGDT------Load Global Descriptor Table Register
-----------------  -----------------  -----------------
|0|0|0|0|1|1|1|1|  |0|0|0|0|0|0|0|1|  |mod|0|1|0| R/M |
-----------------  -----------------  -----------------

-LIDT------Load Interrupt Descriptor Table Register
-----------------  -----------------  -----------------
|0|0|0|0|1|1|1|1|  |0|0|0|0|0|0|0|1|  |mod|0|1|1| R/M |
-----------------  -----------------  -----------------

-LDS-------Load DS
-----------------  -----------------
|1|1|0|0|0|1|0|1|  |mod| reg | R/M |
-----------------  -----------------

-LES-------Load ES
-----------------  -----------------
|1|1|0|0|0|1|0|0|  |mod| reg | R/M |
-----------------  -----------------

-LFS-------Load FS
-----------------  -----------------  -----------------
|0|0|0|0|1|1|1|1|  |1|0|1|1|0|1|0|0|  |mod| reg | R/M |
-----------------  -----------------  -----------------

-LGS-------Load GS
-----------------  -----------------  -----------------
|0|0|0|0|1|1|1|1|  |1|0|1|1|0|1|0|1|  |mod| reg | R/M |
-----------------  -----------------  -----------------

-LSS-------Load SS
-----------------  -----------------  -----------------
|0|0|0|0|1|1|1|1|  |1|0|1|1|0|0|1|0|  |mod| reg | R/M |
-----------------  -----------------  -----------------

-LLDT------Load Local Descriptor Table Register
-----------------  -----------------  -----------------
|0|0|0|0|1|1|1|1|  |0|0|0|0|0|0|0|0|  |mod|0|1|0| R/M |
-----------------  -----------------  -----------------

-LMSW------Load Machine Status Word Register
-----------------  -----------------  -----------------
|0|0|0|0|1|1|1|1|  |0|0|0|0|0|0|0|1|  |mod|1|1|0| R/M |
-----------------  -----------------  -----------------

-LODS_-----Load String Data (LODSB, LODSW, LODSD)
-----------------
|1|0|1|0|1|1|0|w|
-----------------

-LOOP------Loop
-----------------
|1|1|1|0|0|0|1|0|  8-bit displacement
-----------------

-LOOPE-----Loop while Equal/Zero (LOOPZ)
-----------------
|1|1|1|0|0|0|0|1|  8-bit displacement
-----------------

-LOOPNE----Loop while Not Equal/Zero (LOOPNZ)
-----------------
|1|1|1|0|0|0|0|0|  8-bit displacement
-----------------

-LSL-------Load Segment Limit into register
-----------------  -----------------  -----------------
|0|0|0|0|1|1|1|1|  |0|0|0|0|0|0|1|1|  |mod| reg | R/M |
-----------------  -----------------  -----------------

-LTR-------Load Task Register
-----------------  -----------------  -----------------
|0|0|0|0|1|1|1|1|  |0|0|0|0|0|0|0|0|  |mod|0|1|1| R/M |
-----------------  -----------------  -----------------

-MOV-------Move
                -----------------  -----------------
R, R/M -        |1|0|0|0|1|0|d|w|  |mod| reg | R/M |
                -----------------  -----------------
AL/AX/EAX,      -----------------
Memory -        |1|0|1|0|0|0|d|w|  Full Displacement
                -----------------
                -----------------  -----------------
R/M, # -        |1|1|0|0|0|1|1|w|  |mod|0|0|0| R/M |  -Data-
                -----------------  -----------------
Register,       -----------------
Immediate -     |1|0|1|1|w| Reg |  -data-
                -----------------
                -----------------  -----------------
Segment, Reg -  |1|0|0|0|1|1|d|0|  |mod| sreg| R/M |
                -----------------  -----------------
System(CR_),    -----------------  -----------------  -----------------
register -      |0|0|0|0|1|1|1|1|  |0|0|1|0|0|0|d|0|  |1|1|CRreg| Reg |
                -----------------  -----------------  -----------------
System(DR_),    -----------------  -----------------  -----------------
register -      |0|0|0|0|1|1|1|1|  |0|0|1|0|0|0|d|1|  |1|1|DRreg| Reg |
                -----------------  -----------------  -----------------
System(TR_),    -----------------  -----------------  -----------------
register -      |0|0|0|0|1|1|1|1|  |0|0|1|0|0|1|d|0|  |1|1|TRreg| Reg |
                -----------------  -----------------  -----------------

                Value   CRreg   DRreg   TRreg
                000     CR0     DR0
                001             DR1
                010     CR2     DR2
                011     CR3     DR3
                100
                101
                110             DR6     TR6
                111             DR7     TR7

-MOVS_-----Move String data (MOVSB, MOVSW, MOVSD)
-----------------
|1|0|1|0|0|1|0|w|
-----------------

-MOVSX-----Move Sign-Extended
-----------------  -----------------  -----------------
|0|0|0|0|1|1|1|1|  |1|0|1|1|1|1|1|w|  |mod| reg | R/M |
-----------------  -----------------  -----------------

-MOVZX-----Move Zero-Extended
-----------------  -----------------  -----------------
|0|0|0|0|1|1|1|1|  |1|0|1|1|0|1|1|w|  |mod| reg | R/M |
-----------------  -----------------  -----------------

-MUL-------Multiply (unsigned)
-----------------  -----------------
|1|1|1|1|0|1|1|w|  |mod|1|0|0| R/M |
-----------------  -----------------

-NEG-------Negate
-----------------  -----------------
|1|1|1|1|0|1|1|w|  |mod|0|1|1| R/M |
-----------------  -----------------

-NOP-------No Operation
-----------------
|1|0|0|1|0|0|0|0|
-----------------

-NOT-------Logical Not
-----------------  -----------------
|1|1|1|1|0|1|1|w|  |mod|0|1|0| R/M |
-----------------  -----------------

-OR--------Logical OR
                -----------------  -----------------
Register/Memory |0|0|0|0|1|0|d|w|  |mod| reg | R/M |
                -----------------  -----------------
Immediate to    -----------------  -----------------
Register/Memory |1|0|0|0|0|0|s|w|  |mod|0|0|1| R/M |  -Data-
                -----------------  -----------------
Immediate to    -----------------
AL/AX/EAX Reg.  |0|0|0|0|1|1|0|w|  -Data-
                -----------------

-OUT-------Output to IO port
                -----------------
To Immediate-   |1|1|1|0|0|1|1|w|  8-bit Port Num.
                -----------------
                -----------------
To DX-          |1|1|1|0|1|1|1|w|
                -----------------

-OUTS_-----Output String data (OUTSB, OUTSW, OUTSD)
-----------------
|0|1|1|0|1|1|1|w|
-----------------

-POP-------Pop off stack
                -----------------
Register -      |0|1|0|1|1| reg |
                -----------------
                -----------------  -----------------
R/M -           |1|0|0|0|1|1|1|1|  |mod|0|0|0| R/M |
                -----------------  -----------------
                -----------------
Seg. Reg -      |0|0|0|srg|1|1|1|               // Pop CS invalid above 8086
                -----------------
                -----------------  -----------------
Seg. Reg -      |0|0|0|0|1|1|1|1|  |1|0|1|xrg|0|0|1|
                -----------------  -----------------

-POPA------Pop All Registers (also POPAD)
-----------------
|0|1|1|0|0|0|0|1|
-----------------

-POPF------Pop Flag Registers (also POPFD)
-----------------
|1|0|0|1|1|1|0|1|
-----------------

-PUSH------Push to stack
                -----------------
Register -      |0|1|0|1|0| reg |
                -----------------
                -----------------  -----------------
R/M -           |1|1|1|1|1|1|1|1|  |mod|1|1|0| R/M |
                -----------------  -----------------
                -----------------
Seg. Reg -      |0|0|0|srg|1|1|0|
                -----------------
                -----------------  -----------------
Seg. Reg -      |0|0|0|0|1|1|1|1|  |1|0|1|xrg|0|0|0|
                -----------------  -----------------
                -----------------
Immediate -     |0|1|1|0|1|0|s|0|  -Data-
                -----------------

-PUSHA-----Push All Registers (also PUSHAD)
-----------------
|0|1|1|0|0|0|0|0|
-----------------

-PUSHF-----Push Flag Registers (also PUSHFD)
-----------------
|1|0|0|1|1|1|0|0|
-----------------

-RCL-------Rotate through Carry Left
                -----------------  -----------------
R/M by 1 -      |1|1|0|1|0|0|0|w|  |mod|0|1|0| R/M |
                -----------------  -----------------
                -----------------  -----------------
R/M by CL -     |1|1|0|1|0|0|1|w|  |mod|0|1|0| R/M |
                -----------------  -----------------
                -----------------  -----------------
R/M by # -      |1|1|0|0|0|0|0|w|  |mod|0|1|0| R/M |  8-Bit number
                -----------------  -----------------

-RCR-------Rotate through Carry Right
                -----------------  -----------------
R/M by 1 -      |1|1|0|1|0|0|0|w|  |mod|0|1|1| R/M |
                -----------------  -----------------
                -----------------  -----------------
R/M by CL -     |1|1|0|1|0|0|1|w|  |mod|0|1|1| R/M |
                -----------------  -----------------
                -----------------  -----------------
R/M by # -      |1|1|0|0|0|0|0|w|  |mod|0|1|1| R/M |  8-Bit number
                -----------------  -----------------

-RET-------Return
                -----------------
Near -          |1|1|0|0|0|0|1|1|
                -----------------
                -----------------
Far (aka RETF)- |1|1|0|0|1|0|1|1|
                -----------------
                -----------------
Near, SP+= # -  |1|1|0|0|0|0|1|0|  16-bit displacement
                -----------------
                -----------------
Far, SP+= # -   |1|1|0|0|1|0|1|0|  16-bit displacement
                -----------------

-ROL-------Rotate Left
                -----------------  -----------------
R/M by 1 -      |1|1|0|1|0|0|0|w|  |mod|0|0|0| R/M |
                -----------------  -----------------
                -----------------  -----------------
R/M by CL -     |1|1|0|1|0|0|1|w|  |mod|0|0|0| R/M |
                -----------------  -----------------
                -----------------  -----------------
R/M by # -      |1|1|0|0|0|0|0|w|  |mod|0|0|0| R/M |  8-Bit number
                -----------------  -----------------

-ROR-------Rotate Right
                -----------------  -----------------
R/M by 1 -      |1|1|0|1|0|0|0|w|  |mod|0|0|1| R/M |
                -----------------  -----------------
                -----------------  -----------------
R/M by CL -     |1|1|0|1|0|0|1|w|  |mod|0|0|1| R/M |
                -----------------  -----------------
                -----------------  -----------------
R/M by # -      |1|1|0|0|0|0|0|w|  |mod|0|0|1| R/M |  8-Bit number
                -----------------  -----------------

-SAHF------Store AH to flags
-----------------
|1|0|0|1|1|1|1|0|
-----------------

-SAL-------Arithmetic Shift Left (same as SHL [thus not highly used])
                -----------------  -----------------
R/M by 1 -      |1|1|0|1|0|0|0|w|  |mod|1|0|0| R/M |
                -----------------  -----------------
                -----------------  -----------------
R/M by CL -     |1|1|0|1|0|0|1|w|  |mod|1|0|0| R/M |
                -----------------  -----------------
                -----------------  -----------------
R/M by # -      |1|1|0|0|0|0|0|w|  |mod|1|0|0| R/M |  8-Bit number
                -----------------  -----------------

-SAR-------Arithmetic Shift Right
                -----------------  -----------------
R/M by 1 -      |1|1|0|1|0|0|0|w|  |mod|1|1|1| R/M |
                -----------------  -----------------
                -----------------  -----------------
R/M by CL -     |1|1|0|1|0|0|1|w|  |mod|1|1|1| R/M |
                -----------------  -----------------
                -----------------  -----------------
R/M by # -      |1|1|0|0|0|0|0|w|  |mod|1|1|1| R/M |  8-Bit number
                -----------------  -----------------

-SBB-------Integer Subtract with Borrow
                -----------------  -----------------
Register/Memory |0|0|0|1|1|0|d|w|  |mod| reg | R/M |
                -----------------  -----------------
Immediate from  -----------------  -----------------
Register/Memory |1|0|0|0|0|0|s|w|  |mod|0|1|1| R/M |  -Data-
                -----------------  -----------------
Immediate from  -----------------
AL/AX/EAX Reg.  |0|0|0|1|1|1|0|w|  -Data-
                -----------------

-SCAS_-----Scan String data (SCASB, SCASW, SCASD)
-----------------
|1|0|1|0|1|1|1|w|
-----------------

-SET__-----Set byte on condition true
-----------------  -----------------  -----------------
|0|0|0|0|1|1|1|1|  |1|0|0|1| cond. |  |mod|0|0|0| R/M |
-----------------  -----------------  -----------------

-SGDT------Store Global Descriptor register
-----------------  -----------------  -----------------
|0|0|0|0|1|1|1|1|  |0|0|0|0|0|0|0|1|  |mod|0|0|0| R/M |
-----------------  -----------------  -----------------

-SHL-------Logical Shift Left
                -----------------  -----------------
R/M by 1 -      |1|1|0|1|0|0|0|w|  |mod|1|0|0| R/M |
                -----------------  -----------------
                -----------------  -----------------
R/M by CL -     |1|1|0|1|0|0|1|w|  |mod|1|0|0| R/M |
                -----------------  -----------------
                -----------------  -----------------
R/M by # -      |1|1|0|0|0|0|0|w|  |mod|1|0|0| R/M |  8-Bit number
                -----------------  -----------------

-SHR-------Logical Shift Right
                -----------------  -----------------
R/M by 1 -      |1|1|0|1|0|0|0|w|  |mod|1|0|1| R/M |
                -----------------  -----------------
                -----------------  -----------------
R/M by CL -     |1|1|0|1|0|0|1|w|  |mod|1|0|1| R/M |
                -----------------  -----------------
                -----------------  -----------------
R/M by # -      |1|1|0|0|0|0|0|w|  |mod|1|0|1| R/M |  8-Bit number
                -----------------  -----------------

-SHLD------Double precision Shift Left
                -----------------  -----------------  -----------------
R/M, # -        |0|0|0|0|1|1|1|1|  |1|0|1|0|0|1|0|0|  |mod| reg | R/M |  8-bit #
                -----------------  -----------------  -----------------
                -----------------  -----------------  -----------------
R/M, CL -       |0|0|0|0|1|1|1|1|  |1|0|1|0|0|1|0|1|  |mod| reg | R/M |
                -----------------  -----------------  -----------------

-SHRD------Double precision Shift Right
                -----------------  -----------------  -----------------
R/M, # -        |0|0|0|0|1|1|1|1|  |1|0|1|0|1|1|0|0|  |mod| reg | R/M |  8-bit #
                -----------------  -----------------  -----------------
                -----------------  -----------------  -----------------
R/M, CL -       |0|0|0|0|1|1|1|1|  |1|0|1|0|1|1|0|1|  |mod| reg | R/M |
                -----------------  -----------------  -----------------

-SIDT------Store Interrupt Descriptor Table register
-----------------  -----------------  -----------------
|0|0|0|0|1|1|1|1|  |0|0|0|0|0|0|0|1|  |mod|0|0|1| R/M |
-----------------  -----------------  -----------------

-SLDT------Store Local Descriptor Table register
-----------------  -----------------  -----------------
|0|0|0|0|1|1|1|1|  |0|0|0|0|0|0|0|0|  |mod|0|0|0| R/M |
-----------------  -----------------  -----------------

-SMSW------Store Machine Status Word register
-----------------  -----------------  -----------------
|0|0|0|0|1|1|1|1|  |0|0|0|0|0|0|0|1|  |mod|1|0|0| R/M |
-----------------  -----------------  -----------------

-STC-------Set Carry flag
-----------------
|1|1|1|1|1|0|0|1|
-----------------

-STD-------Set Direction flag
-----------------
|1|1|1|1|1|1|0|1|
-----------------

-STI-------Set Interrupt flag (enable interrupts)
-----------------
|1|1|1|1|1|0|1|1|
-----------------

-STOS_-----Store String Data (STOSB, STOSW, STOSD)
-----------------
|1|0|1|0|1|0|1|w|
-----------------

-STR-------Store Task register
-----------------  -----------------  -----------------
|0|0|0|0|1|1|1|1|  |0|0|0|0|0|0|0|0|  |mod|0|0|1| R/M |
-----------------  -----------------  -----------------

-SUB-------Integer Subtract
                -----------------  -----------------
Register/Memory |0|0|1|0|1|0|d|w|  |mod| reg | R/M |
                -----------------  -----------------
Immediate to    -----------------  -----------------
Register/Memory |1|0|0|0|0|0|s|w|  |mod|1|0|1| R/M |  -Data-
                -----------------  -----------------
Immediate to    -----------------
AL/AX/EAX Reg.  |0|0|1|0|1|1|0|w|  -Data-
                -----------------

-TEST------Test
                -----------------  -----------------
R/M, reg -      |1|0|0|0|0|1|0|w|  |mod| reg | R/M |
                -----------------  -----------------
                -----------------  -----------------
R/M, # -        |1|1|1|1|0|1|1|w|  |mod|0|0|0| R/M |  -Data-
                -----------------  -----------------
Immediate to    -----------------
AL/AX/EAX Reg.  |1|0|1|0|1|0|0|w|  -Data-
                -----------------

-VERR------Verify a segment for Read
-----------------  -----------------  -----------------
|0|0|0|0|1|1|1|1|  |0|0|0|0|0|0|0|0|  |mod|1|0|0| R/M |
-----------------  -----------------  -----------------

-VERW------Verify a segment for Write
-----------------  -----------------  -----------------
|0|0|0|0|1|1|1|1|  |0|0|0|0|0|0|0|0|  |mod|1|0|1| R/M |
-----------------  -----------------  -----------------

-WAIT------Wait until busy pin is inactive
-----------------
|1|0|0|1|1|0|1|1|
-----------------

-XCHG------Exchange
                -----------------  -----------------
R/M, reg -      |1|0|0|0|0|1|1|w|  |mod| reg | R/M |
                -----------------  -----------------
Register with   -----------------
AX/EAX Reg.     |1|0|0|1|0| reg |
                -----------------

-XLATB-----Table look-up
-----------------
|1|1|0|1|0|1|1|1|
-----------------

-XOR-------Logical Exclusive OR
                -----------------  -----------------
Register/Memory |0|0|1|1|0|0|d|w|  |mod| reg | R/M |
                -----------------  -----------------
Immediate to    -----------------  -----------------
Register/Memory |1|0|0|0|0|0|s|w|  |mod|1|1|0| R/M |  -Data-
                -----------------  -----------------
Immediate to    -----------------
AL/AX/EAX Reg.  |0|0|1|1|0|1|0|w|  -Data-
                -----------------

---------------------------------------------------------------------
INSTRUCTION PREFIXES
~~~~~~~~~~~~~~~~~~~~

-----------Operand Size prefix
-----------------
|0|1|1|0|0|1|1|0|
-----------------
Changes 16-bit things to 32-bit in real mode
Changes 32-bit things to 16-bit in protected mode

-----------Address Size prefix
-----------------
|0|1|1|0|0|1|1|1|
-----------------
Changes 16-bit address (things in the []) to 32-bit in real mode
Changes 32-bit address (things in the []) to 16-bit in protected mode


-CS:-------CS Segment override
-----------------
|0|0|1|0|1|1|1|0|
-----------------

-DS:-------DS Segment override
-----------------
|0|0|1|1|1|1|1|0|
-----------------

-ES:-------ES Segment override
-----------------
|0|0|1|0|0|1|1|0|
-----------------

-FS:-------FS Segment override
-----------------
|0|1|1|0|0|1|0|0|
-----------------

-GS:-------GS Segment override
-----------------
|0|1|1|0|0|1|0|1|
-----------------

-SS:-------SS Segment override
-----------------
|0|0|1|1|0|1|1|0|
-----------------

-REP-------Repeat (until cx=0) (aka REPNZ)
-----------------
|1|1|1|1|0|0|1|0|
-----------------

-REPE------Repeat while Equal/Zero (REPZ)
-----------------
|1|1|1|1|0|0|1|1|
-----------------

-LOCK------assert bus Lock signal
-----------------
|1|1|1|1|0|0|0|0|
-----------------





---------------------------------------------------------------------
Bit meanings:

w - size bit.   0= byte sized operands (ah, bl, etc.)
                1= word sized operands (ax, bx, etc.) unless overrides
                   with "uses32" prefix, when they become 32-bit operands

d - direction bit.
                0= First operand(Destination) is in Mod R/M, second in Reg
                1= First operand(Destination) is in Reg, second in Mod R/M

Conditions (cond.):
        0000    Overflow (O)
        0001    Not Overflow (NO)
        0010    Below (B)/ Not Above or Equal (NAE)
        0011    Not Below (NB)/ Above or Equal (AE)
        0100    Eqaul (E)/ Zero (Z)
        0101    Not Equal (NE)/ Not Zero (NZ)
        0110    Below or Equal (BE)/ Not Above (NA)
        0111    Not Below or Equal (NBE)/ Above (A)
        1000    Sign (S)/ Negative
        1001    Not Sign (NS)/ Positive
        1010    Parity (P)/ Parity Even (PE)
        1011    Not Parity (NP)/ Parity Odd (PO)
        1100    Less (L)/ Not Greater or Equal (NGE)
        1101    Not Less (NL)/ Greater or Equal (GE)
        1110    Less or Equal (LE)/ Not Greater (NG)
        1111    Not Less or Equal (NLE)/ Greater (G)

SReg Field (also srg & xrg)
~~~~~~~~~~
        SReg  Description
        -----------------
        000 - es        -----
        001 - cs          |
        010 - ss         srg
        011 - ds        -----
        100 - fs        -----
        101 - gs          |
        110 - ?          xrg
        111 - ?         -----

Mod R/M Byte Layout - Real mode
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-------------------------
|  |  |  |  |  |  |  |  |
-------------------------
Reg/SReg | MOD |   R/M
Operand1 | Operand 2

[Reg Field (real)]

Reg   Description
-----------------
000 - EAX/AX/AL
001 - ECX/CX/CL
010 - EDX/DX/DL
011 - EBX/BX/BL
100 - ESP/SP/AH
101 - EBP/BP/CH
110 - ESI/SI/DH
111 - EDI/DI/BH

[Mod R/M Fields (real)]

Mod R/M   Description
---------------------
 00 000 - DS:[BX+SI]
 00 001 - DS:[BX+DI]
 00 010 - SS:[BP+SI]
 00 011 - SS:[BP+DI]
 00 100 - DS:[SI]
 00 101 - DS:[DI]
 00 110 - DS:d16
 00 111 - DS:[BX]

 01 000 - DS:[BX+SI+d8]
 01 001 - DS:[BX+DI+d8]
 01 010 - SS:[BP+SI+d8]
 01 011 - SS:[BP+DI+d8]
 01 100 - DS:[SI+d8]
 01 101 - DS:[DI+d8]
 01 110 - DS:[BX+d8]
 01 111 - DS:[BP+d8]

 10 000 - DS:[BX+SI+d16]
 10 001 - DS:[BX+DI+d16]
 10 010 - SS:[BP+SI+d16]
 10 011 - SS:[BP+DI+d16]
 10 100 - DS:[SI+d16]
 10 101 - DS:[DI+d16]
 10 110 - DS:[BX+d16]
 10 111 - DS:[BP+d16]

 11 000 - EAX/AX/AL
 11 001 - ECX/CX/CL
 11 010 - EDX/DX/DL
 11 011 - EBX/BX/BL
 11 100 - ESP/SP/AH
 11 101 - EBP/BP/CH
 11 110 - ESI/SI/DH
 11 111 - EDI/DI/BH

d16 = 16-bit displacement
d8  = 8-bit displacement



Mod R/M Byte Layout - Protected mode
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-------------------------       [  -------------------------  ]
|  |  |  |  |  |  |  |  |       [  |  |  |  |  |  |  |  |  |  ]
-------------------------       [  -------------------------  ]
Reg/SReg | MOD |   R/M                SS | Index  |  Base
Operand1 | Operand 2

[Reg Field (protected)]

Reg   Description
-----------------
000 - EAX/AX/AL
001 - ECX/CX/CL
010 - EDX/DX/DL
011 - EBX/BX/BL
100 - ESP/SP/AH
101 - EBP/BP/CH
110 - ESI/SI/DH
111 - EDI/DI/BH

[Mod R/M Fields (protected)]

Mod R/M   Description
---------------------
 00 000 - DS:[EAX]
 00 001 - DS:[ECX]
 00 010 - DS:[EDX]
 00 011 - DS:[EBX]
 00 101 - DS:[d32]
 00 110 - DS:[ESI]
 00 111 - DS:[EDI]

 01 000 - DS:[EAX + d8]
 01 001 - DS:[ECX + d8]
 01 010 - DS:[EDX + d8]
 01 011 - DS:[EBX + d8]
 01 101 - SS:[EBP + d8]
 01 110 - DS:[ESI + d8]
 01 111 - DS:[EDI + d8]

 10 000 - DS:[EAX + d32]
 10 001 - DS:[ECX + d32]
 10 010 - DS:[EDX + d32]
 10 011 - DS:[EBX + d32]
 10 101 - SS:[EBP + d32]
 10 110 - DS:[ESI + d32]
 10 111 - DS:[EDI + d32]

 11 000 - EAX/AX/AL
 11 001 - ECX/CX/CL
 11 010 - EDX/DX/DL
 11 011 - EBX/BX/BL
 11 101 - EBP/BP/CH
 11 110 - ESI/SI/DH
 11 111 - EDI/SI/BH

IF (R/M = 100) and (MOD != 11) then a second byte is added of the format
above (in the []).

MOD     SS      INDEX   BASE    Operand2 (Op1=reg)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
00      ss      iii     000     DS:[EAX + (ss*iii)]
00      ss      iii     001     DS:[ECX + (ss*iii)]
00      ss      iii     010     DS:[EDX + (ss*iii)]
00      ss      iii     011     DS:[EBX + (ss*iii)]
00      ss      iii     100     SS:[ESP + (ss*iii)]
00      ss      iii     101     DS:[d32 + (ss*iii)]
00      ss      iii     110     DS:[ESI + (ss*iii)]
00      ss      iii     111     DS:[EDI + (ss*iii)]

01      ss      iii     000     DS:[EAX + (ss*iii) + d8]
01      ss      iii     001     DS:[ECX + (ss*iii) + d8]
01      ss      iii     010     DS:[EDX + (ss*iii) + d8]
01      ss      iii     011     DS:[EBX + (ss*iii) + d8]
01      ss      iii     100     SS:[ESP + (ss*iii) + d8]
01      ss      iii     101     SS:[EBP + (ss*iii) + d8]
01      ss      iii     110     DS:[ESI + (ss*iii) + d8]
01      ss      iii     111     DS:[EDI + (ss*iii) + d8]

10      ss      iii     000     DS:[EAX + (ss*iii) + d32]
10      ss      iii     001     DS:[ECX + (ss*iii) + d32]
10      ss      iii     010     DS:[EDX + (ss*iii) + d32]
10      ss      iii     011     DS:[EBX + (ss*iii) + d32]
10      ss      iii     100     SS:[ESP + (ss*iii) + d32]
10      ss      iii     101     SS:[EBP + (ss*iii) + d32]
10      ss      iii     110     DS:[ESI + (ss*iii) + d32]
10      ss      iii     111     DS:[EDI + (ss*iii) + d32]

iii (index)
~~~~~~~~~~~
000 EAX
001 ECX
010 EDX
011 EBX
100 no index
101 EBP
110 ESI
111 EDI

ss (scale factor)
~~~~~~~~~~~~~~~~~
00  *1
01  *2
10  *4
11  *8


d32 = 32-bit displacement
d16 = 16-bit displacement
d8  = 8-bit displacement


Compiled by Cyclone.  mailto:imoravec@julian.uwo.ca
Questions/Comments/Corrections?  mail me.
