Intel 80386 manual Task Switches TO/FROM Virtual 8086 Mode

essor is executing in Protected Mode. That is, one way to enter Virtual 8086 mode is to switch to a task with a 386 TSS that has a 1 in the VM bit in the EFLAGS image. The other way is to execute a 32-bit IRET instruction at privilege level 0, where the stack has a 1 in the VM bit in the EFLAGS image. POPF does not affect the VM bit, even if the processor is in Protected Mode or level 0, and so cannot be used to enter Virtual 8086 Mode. PUSHF always pushes a 0 in the VM bit, even if the processor is in Virtual 8086 Mode, so that a program cannot tell if it is executing in REAL mode, or in Virtual 8086 mode.

The VM bit can be set by executing an IRET instruc- tion only at privilege level 0, or by any instruction or Interrupt which causes a task switch in Protected Mode (with VM = 1 in the new FLAGS image), and can be cleared only by an interrupt or exception in Virtual 8086 Mode. IRET and POPF instructions exe- cuted in REAL mode or Virtual 8086 mode will not change the value in the VM bit.

The transition out of virtual 8086 mode to 386 pro- tected mode occurs only on receipt of an interrupt or exception (such as due to a sensitive instruction). In Virtual 8086 mode, all interrupts and exceptions vec- tor through the protected mode lOT, and enter an interrupt handler in protected 386 mode. That is, as part of interrupt processing, the VM bit is cleared.

Because the matching IRET must occur from level 0, if an Interrupt or Trap Gate is used to field an inter- rupt or exception out of Virtual 8086 mode, the Gate must perform an inter-level interrupt only to level O. Interrupt or Trap Gates through conforming seg- ments, or through segments with OPL> 0, will raise a GP fault with the CS selector as the error code.

4.6.6.1TASK SWITCHES TO/FROM VIRTUAL 8086 MODE

Tasks which can execute in virtual 8086 mode must be described by a TSS with the new 386 format (TYPE 9 or 11 descriptor).

A task switch out of virtual 8086 mode will operate exactly the same as any other task switch out of a task with a 386 TSS. All of the programmer visible state, including the FLAGS register with the VM bit set to 1, is stored in the TSS. The segment registers in the TSS will contain 8086 segment base values rather than selectors.

A task switch into a task described by a 386 TSS will have an additional check to determine if the incom- ing task should be resumed in virtual 8086 mode. Tasks described by 286 format TSSs cannot be re- sumed in virtual 8086 mode, so no check is required there (the FLAGS image in 286 format TSS has only the low order 16 FLAGS bits). Before loading the segment register images from a 386 TSS, the FLAGS image is loaded, so that the segment

registers are loaded from the TSS image as 8086 segment base values. The task is now ready to re- sume in virtual 8086 execution mode.

4.6.6.2TRANSITIONS THROUGH TRAP AND INTERRUPT GATES, AND IRET

A task switch is one way to enter or exit virtual 8086 mode. The other method is to exit through a Trap or Interrupt gate, as part of handling an interrupt, and to enter as part of executing an IRET instruction. The transition out must use a 386 Trap Gate (Type 14), or 386 Interrupt Gate (Type 15), which must point to a non-conforming level 0 segment (OPL = 0) in order to permit the trap handler to IRET back to the Virtual 8086 program. The Gate must point to a non-conforming level 0 segment to perform a level switch to level 0 so that the matching IRET can change the VM bit. 386 gates must be used, since 286 gates save only the low 16 bits of the FLAGS register, so that the VM bit will not be saved on tran- sitions through the 286 gates. Also, the 16-bit IRET (presumably) used to terminate the 286 interrupt handler will pop only the lower 16 bits from FLAGS, and will not affect the VM bit. The action taken for a 386 Trap or Interrupt gate if an interrupt occurs while the task is executing in virtual 8086 mode is given by the following sequence.

(1)Save the FLAGS register in a temp to push later. Turn off the VM and TF bits, and if the interrupt is serviced by an Interrupt Gate, turn off IF also.

(2)Interrupt and Trap gates must perform a level switch from 3 (where the VM86 program exe- cutes) to level 0 (so IRET can return). This proc- ess involves a stack switch to the stack given in the TSS for privilege level O. Save the Virtual 8086 Mode SS and ESP registers to push in a later step. The segment register load of SS will be done as a Protected Mode segment load, since the VM bit was turned off above.

(3)Push the 8086 segment register values onto the new stack, in the order: GS, FS, OS, ES. These are pushed as 32-bit quantities, with undefined values in the upper 16 bits. Then load these 4 registers with null selectors (0).

(4)Push the old 8086 stack pointer onto the new stack by pushing the SS register (as 32-bits, high bits undefined), then pushing the 32-bit ESP reg· ister saved above.

(5)Push the 32-bit FLAGS register saved in step 1.

(6)Push the old 8086 instruction pointer onto the new stack by pushing the CS register (as 32-bits, high bits undefined), then pushing the 32-bit EIP register.

(7)Load up the new CS:EIP value from the interrupt gate, and begin execution of the interrupt routine in protected 386 mode.

The transition out of virtual 8086 mode performs a level change and stack switch, in addition to chang-