background image

20-8 Vol. 3B

8086 EMULATION

When running multiple virtual-8086-mode tasks. Here, paging allows the lower 1 MByte of the linear address 
space for each virtual-8086-mode task to be mapped to a different physical address location.

When emulating the 8086 address-wraparound that occurs at 1 MByte. When using 8086-style address trans-
lation, it is possible to specify addresses larger than 1 MByte. These addresses automatically wraparound in the 
Intel 8086 processor (see Section 20.1.1, “Address Translation in Real-Address Mode”). If any 8086 programs 
depend on address wraparound, the same effect can be achieved in a virtual-8086-mode task by mapping the 
linear addresses between 100000H and 110000H and linear addresses between 0 and 10000H to the same 
physical addresses.

When sharing the 8086 operating-system services or ROM code that is common to several 8086 programs 
running as different 8086-mode tasks.

When redirecting or trapping references to memory-mapped I/O devices.

20.2.4 

Protection within a Virtual-8086 Task

Protection is not enforced between the segments of an 8086 program. Either of the following techniques can be 
used to protect the system software running in a virtual-8086-mode task from the 8086 program:

Reserve the first 1 MByte plus 64 KBytes of each task’s linear address space for the 8086 program. An 8086 
processor task cannot generate addresses outside this range.

Use the U/S flag of page-table entries to protect the virtual-8086 monitor and other system software in the 
virtual-8086 mode task space. When the processor is in virtual-8086 mode, the CPL is 3. Therefore, an 8086 
processor program has only user privileges. If the pages of the virtual-8086 monitor have supervisor privilege, 
they cannot be accessed by the 8086 program.

20.2.5 

Entering Virtual-8086 Mode

Figure 20-3 summarizes the methods of entering and leaving virtual-8086 mode. The processor switches to 
virtual-8086 mode in either of the following situations:

Task switch when the VM flag is set to 1 in the EFLAGS register image stored in the TSS for the task. Here the 
task switch can be initiated in either of two ways:
— A CALL or JMP instruction.
— An IRET instruction, where the NT flag in the EFLAGS image is set to 1.

Return from a protected-mode interrupt or exception handler when the VM flag is set to 1 in the EFLAGS 
register image on the stack.

When a task switch is used to enter virtual-8086 mode, the TSS for the virtual-8086-mode task must be a 32-bit 
TSS. (If the new TSS is a 16-bit TSS, the upper word of the EFLAGS register is not in the TSS, causing the processor 
to clear the VM flag when it loads the EFLAGS register.) The processor updates the VM flag prior to loading the 
segment registers from their images in the new TSS. The new setting of the VM flag determines whether the 
processor interprets the contents of the segment registers as 8086-style segment selectors or protected-mode 
segment selectors. When the VM flag is set, the segment registers are loaded from the TSS, using 8086-style 
address translation to form base addresses. 
See Section 20.3, “Interrupt and Exception Handling in Virtual-8086 Mode”, for information on entering virtual-
8086 mode on a return from an interrupt or exception handler.