Enthusiasts were able to successfully extract and disassemble the microcode of the Intel 80386 processor, which was considered a “black box” due to the lack of documentation. The binary image of the microcode was recreated using AI using high-resolution photographs of the crystal, and the operating logic was analyzed through tracing connections on the crystal. Gradually, the microinstruction structure (μ-ops), fields, execution order, and end of instruction markers were defined. The developments of the project published on GitHub as a public domain.
It was revealed that in the CPU 80386 each instruction is completely executed through microcode, while in the 8086 and modern processors some instructions are processed directly. In addition, unlike the 8086 processors, the 80386 microcode does not implement the algorithms directly, but mainly configures the hardware accelerators (multiplier, divider, fast shift, PTU (Protection Test Unit)).
The study also discovered a possible security issue when processing the permissions bitmap to input/output (IO permission bitmap): when accessing 4-byte ports, access rights bits were checked only for the first 3 bytes, and access to the 4th byte was not checked, which theoretically allowed access to hardware registers, access to which should have been prohibited.