Intel 253668-032US , 5.9 PRIVILEGED INSTRUCTIONS

Vol. 3 5-33

PROTECTION

When SYSRET transfers control to 32-bit mode user code using a 32-bit operand size,

the processor gets the privilege level 3 target instruction and stack pointer from:

•Target code segment — Reads a non-NULL selector from IA32_STAR[63:48].

•Target instruction — Copies the value in ECX into EIP.

•Stack segment — IA32_STAR[63:48] + 8.

•EFLAGS — Loaded from R11.

It is the responsibility of the OS to ensure the descriptors in the GDT/LDT correspond

to the selectors loaded by SYSCALL/SYSRET (consistent with the base, limit, and

attribute values forced by the instructions).

Any address written to IA32_LSTAR is first checked by WRMSR to ensure canonical

form. If an address is not canonical, an exception is generated (#GP).

See Figure 5-14 for the layout of IA32_STAR, IA32_LSTAR and IA32_FMASK.

5.9 PRIVILEGED INSTRUCTIONS

Some of the system instructions (called “privileged instructions”) are protected from

use by application programs. The privileged instructions control system functions

(such as the loading of system registers). They can be executed only when the CPL is

0 (most privileged). If one of these instructions is executed when the CPL is not 0, a

Figure 5-14. MSRs Used by SYSCALL and SYSRET

63 3231 0

63 0

Target RIP for 64-bit Mode Calling Program

SYSRET CS and SS SYSCALL CS and SS

4847

IA32_STAR

IA32_LSTAR

IA32_FMASK

3231

SYSCALL EFLAGS Mask

Reserved

Contents

Main ii CHAPTER 1 ABOUT THIS MANUAL CHAPTER 2 SYSTEM ARCHITECTURE OVERVIEW CHAPTER 3 PROTECTED-MODE MEMORY MANAGEMENT CHAPTER 4 PAGING CHAPTER 5 PROTECTION CHAPTER 6 INTERRUPT AND EXCEPTION HANDLING CHAPTER 7 TASK MANAGEMENT CHAPTER 8 MULTIPLE-PROCESSOR MANAGEMENT CHAPTER 9 PROCESSOR MANAGEMENT AND INITIALIZATION Page CHAPTER 10 ADVANCED PROGRAMMABLE INTERRUPT CONTROLLER (APIC) CHAPTER 11 MEMORY CACHE CONTROL CHAPTER 12 INTEL MMX TECHNOLOGY SYSTEM PROGRAMMING CHAPTER 13 SYSTEM PROGRAMMING FOR INSTRUCTION SET EXTENSIONS AND PROCESSOR EXTENDED STATES CHAPTER 14 POWER AND THERMAL MANAGEMENT CHAPTER 15 MACHINE-CHECK ARCHITECTURE Page CHAPTER 16 DEBUGGING, PROFILING BRANCHES AND TIME-STAMP COUNTER CHAPTER 17 8086 EMULATION CHAPTER 18 MIXING 16-BIT AND 32-BIT CODE CHAPTER 19 ARCHITECTURE COMPATIBILITY Page CHAPTER 20 INTRODUCTION TO VIRTUAL-MACHINE EXTENSIONS CHAPTER 21 VIRTUAL-MACHINE CONTROL STRUCTURES CHAPTER 22 VMX NON-ROOT OPERATION CHAPTER 23 VM ENTRIES CHAPTER 24 VM EXITS CHAPTER 25 VMX SUPPORT FOR ADDRESS TRANSLATION CHAPTER 26 SYSTEM MANAGEMENT MODE CHAPTER 27 VIRTUAL-MACHINE MONITOR PROGRAMMING CONSIDERATIONS CHAPTER 28 VIRTUALIZATION OF SYSTEM RESOURCES CHAPTER 29 HANDLING BOUNDARY CONDITIONS IN A VIRTUAL MACHINE MONITOR CHAPTER 30 PERFORMANCE MONITORING Page APPENDIX A PERFORMANCE-MONITORING EVENTS APPENDIX B MODEL-SPECIFIC REGISTERS (MSRS) APPENDIX C MP INITIALIZATION FOR P6 FAMILY PROCESSORS APPENDIX D PROGRAMMING THE LINT0 AND LINT1 INPUTS APPENDIX E INTERPRETING MACHINE-CHECK ERROR CODES APPENDIX F APIC BUS MESSAGE FORMATS APPENDIX G VMX CAPABILITY REPORTING FACILITY APPENDIX H FIELD ENCODING IN VMCS Page FIGURES Page Page Page Page TABLES Page Page Page Page Page Page CHAPTER 1 ABOUT THIS MANUAL 1.2 OVERVIEW OF THE SYSTEM PROGRAMMING GUIDE Page Page 1.3 NOTATIONAL CONVENTIONS 1.3.1 Bit and Byte Order 1.3.2 Reserved Bits and Software Compatibility Figure 1-1. Bit and Byte Order 1.3.6 Syntax for CPUID, CR, and MSR Values 1.3.7 Exceptions Figure 1-2. Syntax for CPUID, CR, and MSR Data Presentation Page Page CHAPTER 2 SYSTEM ARCHITECTURE OVERVIEW 2.1 OVERVIEW OF THE SYSTEM-LEVEL ARCHITECTURE Figure 2-1. IA-32 System-Level Registers and Data Structures Figure 2-2. System-Level Registers and Data Structures in IA-32e Mode 2.1.1 Global and Local Descriptor Tables 2.1.1.1 Global and Local Descriptor Tables in IA-32e Mode 2.1.2 System Segments, Segment Descriptors, and Gates 2.1.2.1 Gates in IA-32e Mode 2.1.3 Task-State Segments and Task Gates 2.1.3.1 Task-State Segments in IA-32e Mode 2.1.4 Interrupt and Exception Handling 2.1.4.1 Interrupt and Exception Handling IA-32e Mode 2.1.5 Memory Management 2.1.5.1 Memory Management in IA-32e Mode Page Figure 2-3. Transitions Among the Processors Operating Modes System Management Mode 2.3 SYSTEM FLAGS AND FIELDS IN THE EFLAGS REGISTER Figure 2-4. System Flags in the EFLAGS Register Page 2.3.1 System Flags and Fields in IA-32e Mode 2.4 MEMORY-MANAGEMENT REGISTERS 2.4.1 Global Descriptor Table Register (GDTR) Figure 2-5. Memory Management Registers 2.4.2 Local Descriptor Table Register (LDTR) 2.4.3 IDTR Interrupt Descriptor Table Register 2.4.4 Task Register (TR) 2.5 CONTROL REGISTERS Figure 2-6. Control Registers Page-Directory Base (PDBR) CR0 Vol. 3 2-19 Page Page Table 2-1. Action Taken By x87 FPU Instructions for Different Combinations of EM, MP, and TS Page Page Page 2.5.1 CPUID Qualification of Control Register Flags 2.6 EXTENDED CONTROL REGISTERS (INCLUDING THE XFEATURE_ENABLED_MASK REGISTER) Figure 2-7. XFEATURE_ENABLED_MASK Register (XCR0) 2.7 SYSTEM INSTRUCTION SUMMARY Table 2-2. Summary of System Instructions Table 2-2. Summary of System Instructions (Contd.) 2.7.1 Loading and Storing System Registers Table 2-2. Summary of System Instructions (Contd.) 2.7.2 Verifying of Access Privileges Instructions), for a detailed explanation of the function and use of this instruction. 2.7.3 Loading and Storing Debug Registers 2.7.4 Invalidating Caches and TLBs 2.7.5 Controlling the Processor 2.7.6 Reading Performance-Monitoring and Time-Stamp Counters 2.7.6.1 Reading Counters in 64-Bit Mode 2.7.7 Reading and Writing Model-Specific Registers Page CHAPTER 3 PROTECTED-MODE MEMORY MANAGEMENT 3.1 MEMORY MANAGEMENT OVERVIEW Figure 3-1. Segmentation and Paging 3.2 USING SEGMENTS 3.2.1 Basic Flat Model 3.2.2 Protected Flat Model Figure 3-3. Protected Flat Model Figure 3-2. Flat Model 3.2.3 Multi-Segment Model 3.2.4 Segmentation in IA-32e Mode Figure 3-4. Multi-Segment Model 3.2.5 Paging and Segmentation 3.3 PHYSICAL ADDRESS SPACE 3.3.1 Intel 64 Processors and Physical Address Space 3.4 LOGICAL AND LINEAR ADDRESSES 3.4.1 Logical Address Translation in IA-32e Mode Figure 3-5. Logical Address to Linear Address Translation 3.4.2 Segment Selectors + 3.4.3 Segment Registers Figure 3-6. Segment Selector Figure 3-7. Segment Registers 3.4.4 Segment Loading Instructions in IA-32e Mode 3.4.5 Segment Descriptors Figure 3-8. Segment Descriptor Page Figure 3-9. Segment Descriptor When Segment-Present Flag Is Clear 3.4.5.1 Code- and Data-Segment Descriptor Types Table 3-1. Code- and Data-Segment Types 3.5 SYSTEM DESCRIPTOR TYPES Table 3-2. System-Segment and Gate-Descriptor Types 3.5.1 Segment Descriptor Tables Figure 3-10. Global and Local Descriptor Tables Page 3.5.2 Segment Descriptor Tables in IA-32e Mode Figure 3-11. Pseudo-Descriptor Formats CHAPTER 4 PAGING 4.1 PAGING MODES AND CONTROL BITS 4.1.1 Three Paging Modes 4.1.3 Paging-Mode Modifiers Page 4.2 HIERARCHICAL PAGING STRUCTURES: AN OVERVIEW 4.3 32-BIT PAGING Table 4-2. Paging Structures in the Different Paging Modes Table 4-3. Use of CR3 with 32-Bit Paging Figure 4-2. Linear-Address Translation to a 4-KByte Page using 32-Bit Paging Table 4-3. Use of CR3 with 32-Bit Paging (Contd.) Figure 4-3. Linear-Address Translation to a 4-MByte Page using 32-Bit Paging Table 4-4. Format of a 32-Bit Page-Directory Entry that Maps a 4-MByte Page Table 4-5. Format of a 32-Bit Page-Directory Entry that References a Page Table Table 4-6. Format of a 32-Bit Page-Table Entry that Maps a 4-KByte Page 4.4 PAE PAGING Figure 4-4. Formats of CR3 and Paging-Structure Entries with 32-Bit Paging 4.4.1 PDPTE Registers Table 4-7. Use of CR3 with PAE Paging 4.4.2 Linear-Address Translation with PAE Paging Table 4-9. Format of a PAE Page-Directory Entry that Maps a 2-MByte Page Table 4-10. Format of a PAE Page-Directory Entry that References a Page Table Table 4-11. Format of a PAE Page-Table Entry that Maps a 4-KByte Page 1. M is an abbreviation for MAXPHYADDR. 3. Reserved fields must be 0. 4.5 IA-32E PAGING Address of page-directory-pointer table Figure 4-7. Formats of CR3 and Paging-Structure Entries with PAE Paging Table 4-12. Use of CR3 with IA-32e Paging Figure 4-8. Linear-Address Translation to a 4-KByte Page using IA-32e Paging Figure 4-9. Linear-Address Translation to a 2-MByte Page using IA-32e Paging Table 4-13. Format of an IA-32e PML4 Entry (PML4E) that References a Page- Directory-Pointer Table Table 4-15. Format of an IA-32e Page-Directory Entry that Maps a 2-MByte Page Table 4-15. Format of an IA-32e Page-Directory Entry that Maps a 2-MByte Page Table 4-16. Format of an IA-32e Page-Directory Entry that References a Page Table Table 4-17. Format of an IA-32e Page-Table Entry that Maps a 4-KByte Page 4.6 ACCESS RIGHTS Figure 4-10. Formats of CR3 and Paging-Structure Entries with IA-32e Paging 1. M is an abbreviation for MAXPHYADDR. 2. Reserved fields must be 0. 4.7 PAGE-FAULT EXCEPTIONS Figure 4-11. Page-Fault Error Code 4.8 ACCESSED AND DIRTY FLAGS 4.9 PAGING AND MEMORY TYPING 4.9.3 Caching Paging-Related Information about Memory Typing 4.10 CACHING TRANSLATION INFORMATION 4.10.1 Translation Lookaside Buffers (TLBs) 4.10.1.3 Details of TLB Use 4.10.1.4 Global Pages 4.10.2 Paging-Structure Caches 4.10.2.1 Caches for Paging Structures Page Page 4.10.2.2 Using the Paging-Structure Caches to Translate Linear Addresses 4.10.2.3 Multiple Cached Entries for a Single Paging-Structure Entry 4.10.3 Invalidation of TLBs and Paging-Structure Caches 4.10.3.1 Operations that Invalidate TLBs and Paging-Structure Caches 4.10.3.2 Recommended Invalidation 4.10.3.3 Optional Invalidation 4.10.4 Propagation of Paging-Structure Changes to Multiple Page 4.11 INTERACTIONS WITH VIRTUAL-MACHINE EXTENSIONS (VMX) 4.11.1 VMX Transitions 4.11.2 VMX Support for Address Translation 4.12 USING PAGING FOR VIRTUAL MEMORY 4.13 MAPPING SEGMENTS TO PAGES Figure 4-12. Memory Management Convention That Assigns a Page Table to Each Segment Page CHAPTER 5 PROTECTION Page Page PROTECTION Figure 5-1. Descriptor Fields Used for Protection 5.2.1 Code Segment Descriptor in 64-bit Mode 5.3 LIMIT CHECKING Figure 5-2. Descriptor Fields with Flags used in IA-32e Mode 5.3.1 Limit Checking in 64-bit Mode 5.4 TYPE CHECKING Page 5.4.1 Null Segment Selector Checking 5.4.1.1 NULL Segment Checking in 64-bit Mode 5.5 PRIVILEGE LEVELS Figure 5-3. Protection Rings 5.6 PRIVILEGE LEVEL CHECKING WHEN ACCESSING DATA SEGMENTS Figure 5-4. Privilege Check for Data Access 5.6.1 Accessing Data in Code Segments Figure 5-5. Examples of Accessing Data Segments From Various Privilege Levels Page Figure 5-6. Privilege Check for Control Transfer Without Using a Gate 5.8.1 Direct Calls or Jumps to Code Segments Page 5.8.1.2 Accessing Conforming Code Segments 5.8.2 Gate Descriptors 5.8.3 Call Gates Figure 5-8. Call-Gate Descriptor 5.8.3.1 IA-32e Mode Call Gates Figure 5-9. Call-Gate Descriptor in IA-32e Mode 5.8.4 Accessing a Code Segment Through a Call Gate Figure 5-10. Call-Gate Mechanism Page Page 5.8.5 Stack Switching Figure 5-12. Example of Accessing Call Gates At Various Privilege Levels Figure 5-13. Stack Switching During an Interprivilege-Level Call 5.8.5.1 Stack Switching in 64-bit Mode 5.8.6 Returning from a Called Procedure Table 5-2. 64-Bit-Mode Stack Layout After CALLF with CPL Change Page 5.8.7 Performing Fast Calls to System Procedures with the SYSENTER and SYSEXIT Instructions Page Page Figure 5-14. MSRs Used by SYSCALL and SYSRET 5.9 PRIVILEGED INSTRUCTIONS Page 5.10.1 Checking Access Rights (LAR Instruction) 5.10.2 Checking Read/Write Rights (VERR and VERW Instructions) 5.10.3 Checking That the Pointer Offset Is Within Limits (LSL Instruction) 5.10.4 Checking Caller Access Privileges (ARPL Instruction) Figure 5-15. Use of RPL to Weaken Privilege Level of Called Procedure 5.10.5 Checking Alignment 5.11 PAGE-LEVEL PROTECTION 5.11.1 Page-Protection Flags 5.11.2 Restricting Addressable Domain 5.11.3 Page Type 5.12 COMBINING PAGE AND SEGMENT PROTECTION Table 5-3. Combined Page-Directory and Page-Table Protection 5.13 PAGE-LEVEL PROTECTION AND EXECUTE-DISABLE BIT 5.13.1 Detecting and Enabling the Execute-Disable Capability Table 5-4. Extended Feature Enable MSR (IA32_EFER) 5.13.2 Execute-Disable Page Protection Table 5-5. IA-32e Mode Page Level Protection Matrix with Execute-Disable Bit Capability 5.13.3 Reserved Bit Checking Table 5-7. Legacy PAE-Enabled 2-MByte Page Level Protection Table 5-8. IA-32e Mode Page Level Protection Matrix with Execute-Disable Bit Capability Enabled 5.13.4 Exception Handling Table 5-9. Reserved Bit Checking WIth Execute-Disable Bit Capability Not Enabled Page CHAPTER 6 INTERRUPT AND EXCEPTION HANDLING 6.1 INTERRUPT AND EXCEPTION OVERVIEW 6.2 EXCEPTION AND INTERRUPT VECTORS 6.3 SOURCES OF INTERRUPTS 6.3.1 External Interrupts Table 6-1. Protected-Mode Exceptions and Interrupts 6.3.2 Maskable Hardware Interrupts Table 6-1. Protected-Mode Exceptions and Interrupts (Contd.) 6.3.3 Software-Generated Interrupts 6.4 SOURCES OF EXCEPTIONS 6.4.1 Program-Error Exceptions 6.4.2 Software-Generated Exceptions 6.4.3 Machine-Check Exceptions 6.5 EXCEPTION CLASSIFICATIONS 6.6 PROGRAM OR TASK RES TART 6.7 NONMASKABLE INTERRUPT (NMI) 6.7.1 Handling Multiple NMIs 6.8 ENABLING AND DISABLING INTERRUPTS 6.8.1 Masking Maskable Hardware Interrupts 6.8.2 Masking Instruction Breakpoints 6.8.3 Masking Exceptions and Interrupts When Switching Stacks 6.9 PRIORITY AMONG SIMULTANEOUS EXCEPTIONS AND INTERRUPTS Table 6-2. Priority Among Simultaneous Exceptions and Interrupts 6.10 INTERRUPT DESCRIPTOR TABLE (IDT) Table 6-2. Priority Among Simultaneous Exceptions and Interrupts (Contd.) Page + 6.11 IDT DESCRIPTORS Figure 6-1. Relationship of the IDTR and IDT INTERRUPT AND EXCEPTION HANDLING 6.12 EXCEPTION AND INTERRUPT HANDLING Figure 6-2. IDT Gate Descriptors 6.12.1 Exception- or Interrupt-Handler Procedures Figure 6-3. Interrupt Procedure Call Page 6.12.1.1 Protection of Exception- and Interrupt-Handler Procedures Figure 6-4. Stack Usage on Transfers to Interrupt and Exception-Handling Routines 6.12.1.2 Flag Usage By Exception- or Interrupt-Handler Procedure 6.12.2 Interrupt Tasks 6.13 ERROR CODE Figure 6-5. Interrupt Task Switch 6.14 EXCEPTION AND INTERRUPT HANDLING IN 64-BIT MODE Figure 6-6. Error Code Figure 6-7. 64-Bit IDT Gate Descriptors 6.14.1 64-Bit Mode IDT 6.14.2 64-Bit Mode Stack Frame 6.14.3 IRET in IA-32e Mode 6.14.4 Stack Switching in IA-32e Mode 6.14.5 Interrupt Stack Table Figure 6-8. IA-32e Mode Stack Usage After Privilege Level Change Page Interrupt 0Divide Error Exception (#DE) Exception Class Interrupt 1Debug Exception (#DB) Exception Class Trap or Fault. The exception handler can distinguish between traps or faults by examining the contents of DR6 and the other debug registers. Table 6-3. Debug Exception Conditions and Corresponding Exception Classes Interrupt 2NMI Interrupt Interrupt 3Breakp oint Exception (#BP) Exception Class Trap. Interrupt 4Overflow Exception (#OF) Interrupt 5BOUND Range Exceeded Exception (#BR) Page Page Interrupt 7Device Not Available Exception (#NM) Page Interrupt 8Double Fault Exception (#DF) Exception Class Abort. Table 6-4. Interrupt and Exception Classes Table 6-5. Conditions for Generating a Double Fault Page Interrupt 9Coprocessor Segment Overrun do not generate this exception.) Interrupt 10Invalid TSS Exception (#TS) Table 6-6. Invalid TSS Conditions Page Table 6-6. Invalid TSS Conditions (Contd.) Page Interrupt 11Segment Not Present (#NP) Page Interrupt 12Stack Fault Exception (#SS) Page Page Page Page Page Interrupt 14Page-Fault Exception (#PF) Figure 6-9. Page-Fault Error Code Additional Exception-Handling Information Interrupt 16x87 FPU Floating-Point Error (#MF) Page Interrupt 17Alignment Check Exception (#AC) Table 6-7. Alignment Requirements by Data Type Interrupt 18Machine-Check Exception (#MC) Exception Class Abort. Page Interrupt 19SIMD Floating-Point Exception (#XM) Table 6-8. SIMD Floating-Point Exceptions Priority Page Interrupts 32 to 255User Defined Interrupts Page CHAPTER 7 TASK MANAG EMENT 7.1 TASK MANAGEMENT OVERVIEW 7.1.1 Task Structure Page 7.1.3 Executing a Task Page Figure 7-2. 32-Bit Task-State Segment (TSS) ESI, and EDI registers prior to the task switch. and GS registers prior to the task switch. Page 7.2.2 TSS Descriptor Figure 7-3. TSS Descriptor 7.2.3 TSS Descriptor in 64-bit mode 7.2.4 Task Register Figure 7-4. Format of TSS and LDT Descriptors in 64-bit Mode Figure 7-5. Task Register 7.2.5 Task-Gate Descriptor Figure 7-6. Task-Gate Descriptor 7.3 TASK SWITCHING Figure 7-7. Task Gates Referencing the Same Task Page Table 7-1. Exception Conditions Checked During a Task Switch 7.4 TAS K LI NK IN G Table 7-1. Exception Conditions Checked During a Task Switch (Contd.) Figure 7-8. Nested Tasks Table 7-2. Effect of a Task Switch on Busy Flag, NT Flag, Previous Task Link Field, and TS Flag 7.4.1 Use of Busy Flag To Prevent Recursive Task Switching 7.4.2 Modifying Task Linkages 7.5 TASK ADDRESS SPACE 7.5.1 Mapping Tasks to the Linear and Physical Address Spaces 7.5.2 Task Logical Address Space Figure 7-9. Overlapping Linear-to-Physical Mappings Page 7.7 TASK MANAGEMENT IN 64-BIT MODE Figure 7-10. 16-Bit TSS Format Page Figure 7-11. 64-Bit TSS Format CHAPTER 8 MULTIPLE-PROCESSOR MANAGEMENT 8.1 LOCKED ATOMIC OPERATIONS 8.1.1 Guaranteed Atomic Operations 8.1.2 Bus Locking 8.1.2.1 Automatic Locking 8.1.2.2 Software Controlled Bus Locking 8.1.3 Handling Self- and Cross-Modifying Code 8.1.4 Effects of a LOCK Operation on Internal Processor Caches 8.2 MEMORY ORDERING 8.2.1 Memory Ordering in the Intel Pentium and Intel486 Page Figure 8-1. Example of Write Ordering in Multiple-Processor Systems 8.2.3 Examples Illustrating the Memory-Ordering Principles 8.2.3.1 Assumptions, Terminology, and Notation 8.2.3.2 Neither Loads Nor Stores Are Reordered with Like Operations 8.2.3.3 Stores Are Not Reordered With Earlier Loads 8.2.3.5 Intra-Processor Forwarding Is Allowed 8.2.3.6 Stores Are Transitively Visible 8.2.3.7 Stores Are Seen in a Consistent Order by Other Processors 8.2.3.8 Locked Instructions Have a Total Order 8.2.3.9 Loads and Stores Are Not Reordered with Locked Instructions Page 8.2.4 Out-of-Order Stores For String Operations 8.2.4.1 Memory-Ordering Model for String Operations on Write-back (WB) Memory 8.2.4.2 Examples Illustrating Memory-Ordering Principles for String Operations Page Page 8.2.5 Strengthening or Weakening the Memory-Ordering Model Page 8.3 SERIALIZING INSTRUCTIONS Page Page 8.4.1 BSP and AP Processors 8.4.2 MP Initialization Protocol Requirements and Restrictions 8.4.3 MP Initialization Protocol Algorithm for Intel Xeon Processors 8.4.4 MP Initialization Example 8.4.4.1 Typical BSP Initialization Sequence Page 8.4.4.2 Typical AP Initialization Sequence 8.4.5 Identifying Logical Processors in an MP System Figure 8-2. Interpretation of APIC ID in Early MP Systems 8.5 INTEL HYPER-THREADING TECHNOLOGY AND INTEL MULTI-CORE TECHNOLOGY 8.6 DETECTING HARDWARE MULTI-THREADING SUPPORT AND TOPOLOGY 8.6.1 Initializing Processors Supporting Hyper-Threading Techn olog y 8.6.2 Initializing Multi-Core Processors 8.6.4 Handling Interrupts on an IA-32 Processor Supporting Hardware Multi-Threading MULTIPLE-PROCESSOR MANAGEMENT 8.7 INTEL HYPER-THREADING TECHNOLOGY ARCHITECTURE Figure 8-3. Local APICs and I/O APIC in MP System Supporting Intel HT Technology Page Page 8.7.4 Page Attribute Table (PAT) 8.7.5 Machine Check Architecture 8.7.6 Debug Registers and Extensions 8.7.7 Performance Monitoring Counters 8.7.8 IA32_MISC_ENABLE MSR 8.7.9 Memory Ordering 8.7.10 Serializing Instructions 8.7.11 MICROCODE UPDATE Resources 8.7.13.1 Processor Caches 8.7.13.2 Processor Translation Lookaside Buffers (TLBs) 8.7.13.3 Thermal Monitor 8.7.13.4 External Signal Compatibility 8.8 MULTI-CORE ARCHITECTURE 8.8.1 Logical Processor Support 8.8.2 Memory Type Range Registers (MTRR) 8.8.3 Performance Monitoring Counters 8.8.4 IA32_MISC_ENABLE MSR 8.9 PROGRAMMING CONSIDERATIONS FOR HARDWARE MULTI-THREADING CAPABLE PROCESSORS 8.9.1 Hierarchical Mapping of Shared Resources Figure 8-5. Generalized Four level Interpretation of the APIC ID Figure 8-6. Conceptual Five-level Topology and 32-bit APIC ID Composition 8.9.2 Hierarchical Mapping of CPUID Extended Topology Leaf 8.9.3 Hierarchical ID of Logical Processors in an MP System Page 8.9.3.1 Hierarchical ID of Logical Processors with x2APIC ID 8.9.4 Algorithm for Three-Level Mappings of APIC_ID Page Page Page Page Page 8.9.5 Identifying Topological Relationships in a MP System Page Page Page 8.10 MANAGEMENT OF IDLE AND BLOCKED CONDITIONS 8.10.1 HLT Instruction 8.10.2 PAUSE Instruction 8.10.3 Detecting Support MONITOR/MWAIT Instruction 8.10.4 MONITOR/MWAIT Instruction 8.10.5 Monitor/Mwait Address Range Determination 8.10.6 Required Operating System Support 8.10.6.1 Use the PAUSE Instruction in Spin-Wait Loops 8.10.6.2 Potential Usage of MONITOR/MWAIT in C0 Idle Loops Page 8.10.6.3 Halt Idle Logical Processors 8.10.6.4 Potential Usage of MONITOR/MWAIT in C1 Idle Loops 8.10.6.5 Guidelines for Scheduling Threads on Logical Processors Sharing Execution Resources 8.10.6.6 Eliminate Execution-Based Timing Loops 8.10.6.7 Place Locks and Semaphores in Aligned, 128-Byte Blocks of Memory Page CHAPTER 9 PROCESSOR MANAGEMENT AND INITIALIZATION 9.1 INITIALIZATION OVERVIEW 9.1.1 Processor State After Reset 9.1.2 Processor Built-In Self-Test (BIST) Table 9-1. IA-32 Processor States Following Power-up, Reset, or INIT Table 9-1. IA-32 Processor States Following Power-up, Reset, or INIT (Contd.) P6 Family Processor Pentium Processor Register Pentium 4 and Intel Xeon Processor Table 9-1. IA-32 Processor States Following Power-up, Reset, or INIT (Contd.) P6 Family Processor Pentium Processor Register Pentium 4 and Intel Xeon Processor 9.1.3 Model and Stepping Information Figure 9-2. Version Information in the EDX Register after Reset Figure 9-1. Contents of CR0 Register after Reset 9.1.4 First Instruction Executed 9.2 X87 FPU INITIALIZATION 9.2.1 Configuring the x87 FPU Environment 9.2.2 Setting the Processor for x87 FPU Software Emulation Table 9-2. Recommended Settings of EM and MP Flags on IA-32 Processors 9.3 CACHE ENABLING Table 9-3. Software Emulation Settings of EM, MP, and NE Flags Page 9.6 INITIALIZING SSE/SSE2/SSE3/SSSE3 EXTENSIONS 9.7 SOFTWARE INITIALIZATION FOR REAL-ADDRESS MODE OPERATION 9.7.1 Real-Address Mode IDT 9.7.2 NMI Interrupt Handling 9.8 SOFTWARE INITIALIZATION FOR PROTECTED-MODE OPERATION Page 9.8.2 Initializing Protected-Mode Exceptions and Interrupts 9.8.3 Initializing Paging 9.8.4 Initializing Multitasking 9.8.5 Initializing IA-32e Mode 9.8.5.1 IA-32e Mode System Data Structures 9.8.5.2 IA-32e Mode Interrupts and Exceptions 9.8.5.3 64-bit Mode and Compatibility Mode Operation 9.9 MODE SWITCHING 9.9.1 Switching to Protected Mode 9.9.2 Switching Back to Real-Address Mode 9.10 INITIALIZATION AND MODE SWITCHING EXAMPLE Page Page 9.10.1 Assembler Usage Table 9-4. Main Initialization Steps in STARTUP.ASM Source Listing (Contd.) 9.10.2 STARTUP.ASM Listing Page Page Page Page Page Page Page Page Figure 9-5. Moving the GDT, IDT, and TSS from ROM to RAM (Lines 196-261 of List File) 9.10.3 MAIN.ASM Source Code Figure 9-6. Task Switching (Lines 282-296 of List File) 9.10.4 Supporting Files Table 9-5. Relationship Between BLD Item and ASM Source File 9.11 MICROCODE UPDATE FACILITIES Table 9-5. Relationship Between BLD Item and ASM Source File (Contd.) 9.11.1 Microcode Update Figure 9-7. Applying Microcode Updates Table 9-6. Microcode Update Field Definitions Field Name Offset Length Description Table 9-6. Microcode Update Field Definitions (Contd.) Description Field Name Offset Length Table 9-7. Microcode Update Format 9.11.2 Optional Extended Signature Table 9.11.3 Processor Identification Table 9-8. Extended Processor Signature Table Header Structure Table 9-9. Processor Signature Structure 9.11.4 Platform Identification Table 9-10. Processor Flags 9.11.5 Microcode Update Checksum 9.11.6 Microcode Update Loader 9.11.6.1 Hard Resets in Update Loading 9.11.6.2 Update in a Multiprocessor System 9.11.6.3 Update in a System Supporting Intel Hyper-Threading Technology 9.11.7.1 Determining the Signature 9.11.7.2 Authenticating the Update Table 9-11. Microcode Update Signature 9.11.8 Pentium 4, Intel Xeon, and P6 Family Processor Microcode Update Specifications 9.11.8.1 Responsibilities of the BIOS Page 9.11.8.2 Responsibilities of the Calling Program Page Page 9.11.8.3 Microcode Update Functions 9.11.8.4 INT 15H-based Interface Table 9-12. Microcode Update Functions 9.11.8.5 Function 00HPresence Test Table 9-13. Parameters for the Presence Test 9.11.8.6 Function 01HWrite Microcode Update Data Table 9-14. Parameters for the Write Update Data Function Table 9-14. Parameters for the Write Update Data Function (Contd.) Page Figure 9-8. Microcode Update Write Operation Flow [1] 9-60 Vol. 3 Figure 9-9. Microcode Update Write Operation Flow [2] Vol. 3 9-61 9.11.8.7 Function 02HMicrocode Update Control Table 9-15. Parameters for the Control Update Sub-function 9.11.8.8 Function 03HRead Microcode Update Data Table 9-16. Mnemonic Values Table 9-17. Parameters for the Read Microcode Update Data Function 9.11.8.9 Return Codes Table 9-17. Parameters for the Read Microcode Update Data Function (Contd.) Table 9-18. Return Code Definitions Page CHAPTER 10 ADVANCED PROGRAMMABLE INTERRUPT CONTROLLER (APIC) 10.1 LOCAL AND I/O APIC OVERVIEW Page Figure 10-1. Relationship of Local APIC and I/O APIC In Single-Processor Systems Page 10.2 SYSTEM BUS VS. APIC BUS 10.3 THE INTEL 82489DX EXTERNAL APIC, THE APIC, THE XAPIC, AND THE X2APIC 10.4 LOCAL APIC 10.4.1 The Local APIC Block Diagram Figure 10-4. Local APIC Structure Table 10-1 Local APIC Register Address Map Table 10-1 Local APIC Register Address Map (Contd.) 10.4.2 Presence of the Local APIC 10.4.3 Enabling or Disabling the Local APIC Table 10-1 L ocal APIC Regi ster Address Map (Contd.) 10.4.4 Local APIC Status and Location Figure 10-5. IA32_APIC_BASE MSR (APIC_BASE_MSR in P6 Family) 10.4.5 Relocating the Local APIC Registers 10.4.6 Local APIC ID 10.4.7 Local APIC State Figure 10-6. Local APIC ID Register Page 10.4.7.3 Local APIC State After an INIT Reset (Wait-for-SIPI State) 10.4.7.4 Local APIC State After It Receives an INIT-Deassert IPI 10.4.8 Local APIC Version Register 10.5 EXTENDED XAPIC (X2APIC) Figure 10-7. Local APIC Version Register 10.5.1 DETECTING AND ENABLING x2APIC 10.5.1.1 Instructions to Access APIC Registers Figure 10-8. IA32_APIC_BASE MSR Supporting x2APIC Table 10-2. x2APIC Operating Mode Configurations 10.5.1.2 APIC Register Address Space Table 10-3. Local APIC Register Address Map Supported by x2APIC Page Page 10.5.1.3 Reserved Bit Checking 10.5.2 x2APIC Register Availability 10.5.3 MSR Access in x2APIC Mode 10.5.4 VM-exit Controls for MSRs and x2APIC Registers Table 10-4. MSR/MMIO Interface of a Local x2APIC in Different Modes of Operation 10.5.5 Directed EOI with x2APIC Mode Page x2APIC After RESET Figure 10-11. Local x2APIC State Transitions with IA32_APIC_BASE, INIT, and RESET x2APIC Transitions From x2APIC Mode x2APIC Transitions From Disabled Mode 10.5.8 CPUID Extensions And Topology Enumeration 10.5.8.1 Consistency of APIC IDs and CPUID 10.6 HANDLING LOCAL INTERRUPTS 10.6.1 Local Vector Table Figure 10-12. Local Vector Table (LVT) Page 10.6.2 Valid Interrupt Vectors 10.6.3 Error Handling Figure 10-13. Error Status Register (ESR) 10.6.3.1 x2APIC Differences in Error Handling Table 10-5. ESR Flags 10.6.4 APIC Timer Figure 10-14. Error Status Register (ESR) in x2APIC Mode Figure 10-15. Divide Configuration Register Figure 10-16. Initial Count and Current Count Registers 10.6.5 Local Interrupt Acceptance 10.7 ISSUING INTERPROCESSOR INTERRUPTS 10.7.1 Interrupt Command Register (ICR) Figure 10-17. Interrupt Command Register (ICR) Page Page Page Table 10-7 Valid Combinations for the P6 Family Processors Local APIC Interrupt Command Register 10.7.1.1 ICR Operation in x2APIC Mode Figure 10-18. Interrupt Command Register (ICR) in x2APIC Mode 10.7.2 Determining IPI Destination 10.7.2.1 Physical Destination Mode 10.7.2.2 Logical Destination Mode Figure 10-19. Logical Destination Register (LDR) Figure 10-20. Destination Format Register (DFR) 10.7.2.3 Logical Destination Mode in x2APIC Mode Figure 10-21. Logical Destination Register in x2APIC Mode 10.7.2.4 Deriving Logical x2APIC ID from the Local x2APIC ID 10.7.2.5 Broadcast/Self Delivery Mode 10.7.2.6 Lowest Priority Delivery Mode Figure 10-22. Arbitration Priority Register (APR) 10.7.3 IPI Delivery and Acceptance 10.7.4 SELF IPI Register 10.8 SYSTEM AND APIC BUS ARBITRATION Figure 10-23. SELF IPI register 10.9 HANDLING INTERRUPTS 10.9.1 Interrupt Handling with the Pentium 4 and Intel Xeon 10.9.2 Interrupt Handling with the P6 Family and Pentium 10-56 Vol. 3 10.9.3 Interrupt, Task, and Processor Priority 10.9.3.1 Task and Processor Priorities Figure 10-26. Task Priority Register (TPR) 10.9.4 Interrupt Acceptance for Fixed Interrupts Figure 10-27. Processor Priority Register (PPR) Figure 10-28. IRR, ISR and TMR Registers 10.9.5 Signaling Interrupt Servicing Completion Figure 10-29. EOI Register 10.9.5.1 Signaling Interrupt Servicing Completion in x2APIC Mode 10.9.6 Task Priority in IA-32e Mode 10.10 SPURIOUS INTERRUPT 10.11 APIC BUS MESSAGE PASSING MECHANISM AND PROTOCOL (P6 FAMILY, PENTIUM PROCESSORS) Figure 10-31. Spurious-Interrupt Vector Register (SVR) 10.11.1 Bus Message Formats 10.12 MESSAGE SIGNALLED INTERRUPTS 10.12.1 Message Address Register Format Figure 10-32. Layout of the MSI Message Address Register 10.12.2 Message Data Register Format Figure 10-33. Layout of the MSI Message Data Register Page CHAPTER 11 MEMORY CACHE CONTROL 11.1 INTERNAL CACHES, TLBS, AND BUFFERS Figure 11-1. Cache Structure of the Pentium 4 and Intel Xeon Processors Page Page Page Page Page 11.2 CACHING TERMINOLOGY 11.3 METHODS OF CACHING AVAILABLE Table 11-2. Memory Types and Their Properties Page 11.3.1 Buffering of Write Combining Memory Locations 11.3.2 Choosing a Memory Type 11.3.3 Code Fetches in Uncacheable Memory 11.4 CACHE CONTROL PROTOCOL 11.5 CACHE CONTROL Table 11-4. MESI Cache Line States 11.5.1 Cache Control Registers and Bits MEMORY CACHE CONTROL Figure 11-3. Cache-Control Registers and Bits Available in Intel 64 and IA-32 Processors Table 11-5. Cache Operating Modes Table 1 1-5. Cache Operating Modes Page 11.5.2 Precedence of Cache Controls 11.5.2.1 Selecting Memory Types for Pentium Pro and Pentium II Processors Table 11-6. Effective Page-Level Memory Type for Pentium Pro and Pentium II Processors 11.5.2.2 Selecting Memory Types for Pentium III and More Recent Processor Families Table 11-7. Effective Page-Level Memory Types for Pentium III and More Recent Processor Families 11.5.2.3 Writing Values Across Pages with Different Memory Types 11.5.3 Preventing Caching 11.5.4 Disabling and Enabling the L3 Cache 11.5.5 Cache Management Instructions 11.5.6 L1 Data Cache Context Mode 11.5.6.1 Adaptive Mode 11.5.6.2 Shared Mode 11.6 SELF-MODIFYING CODE 11.7 IMPLICIT CACHING (PENTIUM 4, INTEL XEON, AND P6 FAMILY PROCESSORS) 11.8 EXPLICIT CACHING Page 11.11 MEMORY TYPE RANGE REGISTERS (MTRRS) Table 11-8. Memory Types That Can Be Encoded in MTRRs Figure 11-4. Mapping Physical Memory With MTRRs Table 11-8. Memory Types That Can Be Encoded in MTRRs (Contd.) 11.11.1 MTRR Feature Identification Figure 11-5. IA32_MTRRCAP Register 11.11.2 Setting Memory Ranges with MTRRs 11.11.2.4 System-Management Range Register Interface Figure 11-8. IA32_SMRR_PHYSBASE and IA32_SMRR_PHYSMASK SMRR Pair 11.11.3 Example Base and Mask Calculations Page 11.11.3.1 Base and Mask Calculations for Greater-Than 36-bit Physical Address Support 11.11.4 Range Size and Alignment Requirement 11.11.4.1 MTRR Precedences 11.11.5 MTRR Initialization 11.11.6 Remapping Memory Types 11.11.7 MTRR Maintenance Programming Interface 11.11.7.1 MemTypeGet() Function Page 11.11.7.2 MemTypeSet() Function Page 11.11.8 MTRR Considerations in MP Systems 11.11.9 Large Page Size Considerations 11.12 PAGE ATTRIBUTE TABLE (PAT) 11.12.1 Detecting Support for the PAT Feature 11.12.2 IA32_PAT MSR Figure 11-9. IA32_PAT MSR Table 11-10. Memory Types That Can Be Encoded With PAT 11.12.3 Selecting a Memory Type from the PAT 11.12.4 Programming the PAT Table 11-11. Selection of PAT Entries with PAT, PCD, and PWT Flags Table 11-12. Memory Type Setting of PAT Entries Following a Power-up or Reset Page 11.12.5 PAT Compatibility with Earlier IA-32 Processors CHAPTER 12 INTEL MMX TECHNOLOGY SYSTEM PROGRAMMING 12.1 EMULATION OF THE MMX INSTRUCTION SET 12.2 THE MMX STATE AND MMX REGISTER ALIASING Table 1 2-1. Acti on Take n By MMX Instructions for Different Combinations of EM, MP and TS Figure 12-1. Mapping of MMX Registers to Floating-Point Registers 12.3 SAVING AND RESTORING THE MMX STATE AND REGISTERS Table 12-3. Effect of the MMX, x87 FPU, and FXSAVE/FXRSTOR Instructions on the x87 FPU Tag Word 12.4 SAVING MMX STATE ON TASK OR CONTEXT SWITCHES 12.5 EXCEPTIONS THAT CAN OCCUR WHEN EXECUTING MMX INSTRUCTIONS 12.5.1 Effect of MMX Instructions on Pending x87 Floating-Point Exceptions Figure 12-2. Mapping of MMX Registers to x87 FPU Data Register Stack Page CHAPTER 13 SYSTEM PROGRAMMING FOR INSTRUCTION SET EXTENSIONS AND PROCESSOR EXTENDED STATES 13.1 PROVIDING OPERATING SYSTEM SUPPORT FOR SSE/SSE2/SSE3/SSSE3/SSE4 EXTENSIONS 13.1.1 Adding Support to an Operating System for SSE/SSE2/SSE3/SSSE3/SSE4 Extensions 13.1.2 Checking for SSE/SSE2/SSE3/SSSE3/SSE4 Extension Support 13.1.3 Checking for Support for the FXSAVE and FXRSTOR Instructions 13.1.4 Initialization of the SSE/SSE2/SSE3/SSSE3/SSE4 Extensions Table 13-1. Action Taken for Combinations of OSFXSR, OSXMMEXCPT, SSE, SSE2, SSE3, EM, MP, and TS Table 13-2. Action Taken for Combinations of OSFXSR, SSSE3, SSE4, EM, and TS 13.1.6 Providing an Handler for the SIMD Floating-Point Exception (#XM) Page Page Page Page 13.6 XSAVE/XRSTOR AND PROCESSOR EXTENDED STATE MANAGEMENT 13.6.1 XSAVE Header Table 13-3. XSAVE Header Format 13.7 INTEROPERA BILITY OF XSAVE/XR STOR AND FXSAVE/FXRSTOR Table 13-4. XRSTOR Action on MXCSR, x87 FPU, XMM Register Table 13-5. XSAVE Action on MXCSR, x87 FPU, XMM Register 13.8 DETECTION, ENUMERATION, ENABLING PROCESSOR EXTENDED STATE SUPPORT Figure 13-3. OS Enabling of Processor Extended State Support 13.8.1 Application Programming Model and Processor Extended States Figure 13-4. Application Detection of New Instruction Extensions and Processor Extended State Page CHAPTER 14 POWER AND THERMAL MANAGEMENT 14.1 ENHANCED INTEL SPEEDSTEP TECHNOLOGY 14.1.1 Software Interface For Initiating Performance State Transiti ons 14.2 P-STATE HARDWARE COORDINATION Figure 14-1. IA32_MPERF MSR and IA32_APERF MSR for P-state Coordination Page 14.3 SYSTEM SOFTWARE CONSIDERATIONS AND OPPORTUNISTIC PROCESSOR PERFORMANCE OPERATION 14.3.1 Intel Dynamic Acceleration 14.3.2 System Software Interfaces for Opportunistic Processor Performance Operation 14.3.2.1 Discover Hardware Support and Enabling of Opportunistic Processor Operation 14.3.2.2 OS Control of Opportunistic Processor Performance Operation 14.3.2.4 Application Awareness of Opportunistic Processor Operation (Optional) Figure 14-3. Periodic Query of Activity Ratio of Opportunistic Processor Operation 14.3.3 Intel Turbo Boost Technology 14.3.4 Performance and Energy Bias Hint support 14.4 MWAIT EXTENSIONS FOR ADVANCED POWER MANAGEMENT Figure 14-4. IA32_ENERGY_PERF_BIAS Regist er 14.5 THERMAL MONITORING AND PROTECTION Figure 14-5. Processor Modulation Through Stop-Clock Mechanism 14.5.1 Catastrophic Shutdown Detector 14.5.2 Thermal Monitor 14.5.2.1 Thermal Monitor 1 14.5.2.2 Thermal Monitor 2 14.5.2.3 Two Methods for Enabling TM2 14.5.2.4 Performance State Transitions and Thermal Monitoring Figure 14-7. MSR_THERM2_CTL Register for Supporting TM2 14.5.2.5 Thermal Status Information Figure 14-8. IA32_THERM_STATUS MSR 14.5.3 Software Controlled Clock Modulation Figure 14-10. IA32_CLOCK_MODULATION MSR Table 14-1. On-Demand Clock Modulation Duty Cycle Field Encoding 14.5.4 Detection of Thermal Monitor and Software Controlled Clock Modulation Facilities 14.5.5 On Die Digital Thermal Sensors 14.5.5.1 Digital Thermal Sensor Enumeration 14.5.5.2 Reading the Digital Sensor Figure 14-11. IA32_THERM_STATUS Register Page Figure 14-12. IA32_THERM_INTERRUPT Register Page CHAPTER 15 MACHINE-CHECK ARCHITECTURE 15.1 MACHINE-CHECK ARCHITECTURE 15.2 COMPATIBILITY WITH PENTIUM PROCESSOR 15.3 MACHINE-CHECK MSRS 15.3.1 Machine-Check Global Control MSRs 15.3.1.1 IA32_MCG_CAP MSR Figure 15-2. IA32_MCG_CAP Register The effect of writing to the IA32_MCG_CAP MSR is undefined. 15.3.1.2 IA32_MCG_STATUS MSR 15.3.2 Error-Reporting Register Banks 15.3.2.1 IA32_MCi_CTL MSRs 15.3.2.2 IA32_MCi_STATUS MSRS Figure 15-5. IA32_MCi_STATUS Register Page Page 15.3.2.3 IA32_MCi_ADDR MSRs 15.3.2.4 IA32_MCi_MISC MSRs 15.3.2.5 IA32_MCi_CTL2 MSRs Page 15.3.2.6 IA32_MCG Extended Machine Check State MSRs Page 15.3.3 Mapping of the Pentium Processor Machine-Check Errors to the Machine-Check Architecture 15.4 ENHANCED CACHE ERROR REPORTING 15.5 CORRECTED MACHINE CHECK ERROR INTERRUPT 15.5.1 CMCI Local APIC Interface Page 15.5.2 System Software Recommendation for Managing CMCI and Machine Check Resources 15.5.2.1 CMCI Initialization 15.5.2.2 CMCI Threshold Management IA32_MCi_CTL2[15:0]. This will cause overflow 15.6.3 UCR Error Classification With the S and AR flag encoding in the IA32_MCi_STATUS register, UCR errors can be classified as: Page 15.6.4 UCR Error Overwrite Rules 15.7 MACHINE-CHECK AVAILABILITY 15.8 MACHINE-CHECK INITIALIZATION 15.9 INTERPRETING THE MCA ERROR CODES 15.9.1 Simple Error Codes 15.9.2 Compound Error Codes 15.9.2.1 Correction Report Filtering (F) Bit 15.9.2.2 Transaction Type (TT) Sub-Field 15.9.2.3 Level (LL) Sub-Field 15.9.2.4 Request (RRRR) Sub-Field 15.9.2.5 Bus and Interconnect Errors 15.9.2.6 Memory Controller Errors 15.9.3 Architecturally Defined UCR Errors 15.9.3.1 Architecturally Defined SRAO Errors Page 15.9.3.2 Architecturally Defined SRAR Errors Page 15.9.4 Multiple MCA Errors 15.9.5 Machine-Check Error Codes Interpretation 15.10 GUIDELINES FOR WRITING MACHINE-CHECK SOFTWARE 15.10.1 Machine-Check Exception Handler Example 15-2 gives typical steps carried out by a machine-check exception handler. 15.10.2 Pentium Processor Machine-Check Exception Handling 15.10.3 Logging Correctable Machine-Check Errors Page 15.10.4 Machine-Check Software Handler Guidelines for Error Recovery 15.10.4.1 Machine-Check Exception Handler for Error Recovery Page Page Example 15-4 gives pseudocode for an MC exception handler that supports recovery of UCR. Page Page 15.10.4.2 Corrected Machine-Check Handler for Error Recovery Example 15-5 gives pseudocode for a CMCI handler with UCR support. Example 15-5. Corrected Error Handler Pseudocode with UCR Support Page CHAPTER 16 DEBUGGING, PROFILING BRANCHES AND TIME- STAMP COUNTER Page Vol. 3 16-3 DR0 DR1 DR3 16.2.4 Debug Control Register (DR7) 16.2.5 Breakpoint Field Recognition Table 16-1. Breakpoint Examples 16.2.6 Debug Registers and Intel 64 Processors Table 16-1. Breakpoint Examples (Contd.) Vol. 3 16-9 16.3 DEBUG EXCEPTIONS Figure 16-2. DR6/DR7 Layout on Processors Supporting Intel 64 Technology 16.3.1 Debug Exception (#DB)Interrupt Vector 1 16.3.1.1 Instruction-Breakpoint Exception Condition Table 16-2. Debug Exception Conditions Page 16.3.1.2 Data Memory and I/O Breakpoint Exception Conditions 16.3.1.3 General-Detect Exception Condition 16.3.1.4 Single-Step Exception Condition 16.3.1.5 Task-Switch Exception Condition 16.3.2 Breakpoint Exception (#BP)Interrupt Vector 3 16.4 LAST BRANCH, INTERRUPT, AND EXCEPTION RECORDING OVERVIEW 16.4.1 IA32_DEBUGCTL MSR Figure 16-3. IA32_DEBUGCTL MSR for Processors based on Intel Core microarchitecture 16.4.2 Monitoring Branches, Exceptions, and Interrupts 16.4.3 Single-Stepping on Branches, Exceptions, and Interrupts 16.4.4 Branch Trace Messages 16.4.5 Branch Trace Store (BTS) 16.4.6 CPL-Qualified Branch Trace Mechanism 16.4.7 Freezing LBR and Performance Counters on PMI 16.4.8.1 LBR Stack and Intel 64 Processors Figure 16-4. 64-bit Address Layout of LBR MSR 16.4.8.2 LBR Stack and IA-32 Processors 16.4.8.3 Last Exception Records and Intel 64 Architecture 16.4.9 BTS and DS Save Area Page Figure 16-5. DS Save Area Figure 16-6. 32-bit Branch Trace Record Format 16.4.9.1 DS Save Area and IA-32e Mode Operation Figure 16-7. PEBS Record Format Figure 16-8. IA-32e Mode DS Save Area 16-26 Vol. 3 Figure 16-9. 64-bit Branch Trace Record Format Figure 16-10. 64-bit PEBS Record Format 16.4.9.2 Setting Up the DS Save Area 16.4.9.3 Setting Up the BTS Buffer Table 16-4. IA32_DEBUGCTL Flag Encodings 16.4.9.4 Setting Up CPL-Qualified BTS Table 16-5. CPL-Qualified Branch Trace Store Encodings 16.4.9.5 Writing the DS Interrupt Service Routine Table 16-5. CPL-Qualified Branch Trace Store Encodings (Contd.) Page Page 16.6.1 LBR Stack Figure 16-11. IA32_DEBUGCTL MSR for Processors based on Intel microarchitecture (Nehalem) Table 16-8. LBR Stack Size and TOS Pointer Range 16.6.2 Filtering of Last Branch Records Table 16-6. IA32_LASTBRACH_x_FROM_IP Table 16-7. IA32_LASTBRACH_x_TO_IP Table 16-9. MSR_LBR_SELECT Page 16.7.1 MSR_DEBUGCTLA MSR Figure 16-12. MSR_DEBUGCTLA MSR for Pentium4 and Intel Xeon Processors 16.7.2 LBR Stack for Processors Based on Intel NetBurst Microarchitecture Page 16.7.3 Last Exception Records Figure 16-13. LBR MSR Branch Record Layout for the Pentium 4 and Intel Xeon Processor Family Page Figure 16-14. IA32_DEBUGCTL MSR for Intel Core Solo and Intel Core Duo Processors 16.9 LAST BRANCH, INTERRUPT, AND EXCEPTION RECORDING (PENTIUM M PROCESSORS) Figure 16-15. LBR Branch Record Layout for the Intel Core Solo and Intel Core Duo Processor Figure 16-16. MSR_DEBUGCTLB MSR for Pentium M Processors 16.10 LAST BRANCH, INTERRUPT, AND EXCEPTION RECORDING (P6 FAMILY PROCESSORS) Figure 16-17. LBR Branch Record Layout for the Pentium M Processor 16.10.1 DEBUGCTLMSR Register Figure 16-18. DEBUGCTLMSR Register (P6 Family Processors) 16.10.2 Last Branch and Last Exception MSRs 16.10.3 Monitoring Branches, Exceptions, and Interrupts 16.11 TIME-STAMP COUNTER 16.11.1 Invariant TSC 16.11.2 IA32_TSC_AUX Register and RDTSCP Support CHAPTER 17 8086 EMULATION 17.1 REAL-ADDRESS MODE Page 17.1.1 Address Translation in Real-Address Mode 17.1.2 Registers Supported in Real-Address Mode Figure 17-1. Real-Address Mode Address Translation 17.1.3 Instructions Supported in Real-Address Mode + = Page 17.1.4 Interrupt and Exception Handling Figure 17-2. Interrupt Vector Table in Real-Address Mode 17.2 VIRTUAL-8086 MODE Table 17-1. Real-Address Mode Exceptions and Interrupts 17.2.1 Enabling Virtual-8086 Mode 17.2.2 Structure of a Virtual-8086 Task Page 8086 EMULATION Figure 17-3. Entering and Leaving Virtual-8086 Mode 17.2.6 Leaving Virtual-8086 Mode 17.2.7 Sensitive Instructions 17.2.8 Virtual-8086 Mode I/O 17.2.8.1 I/O-Port-Mapped I/O 17.2.8.2 Memory-Mapped I/O 17.2.8.3 Special I/O Buffers 17.3 INTERRUPT AND EXCEPTION HANDLING IN VIRTUAL-8086 MODE Page 17.3.1 Class 1Hardware Interrupt and Exception Handling in Virtual-8086 Mode 17.3.1.1 Handling an Interrupt or Exception Through a Protected-Mode Trap or Interrupt Gate Figure 17-4. Privilege Level 0 Stack After Interrupt or Exception in Virtual-8086 Mode 17.3.1.2 Handling an Interrupt or Exception With an 8086 Program Interrupt or Exception Handler 17.3.1.3 Handling an Interrupt or Exception Through a Task Gate Page 17.3.3 Class 3Software Interrupt Handling in Virtual-8086 Mode Page Table 17-2. Software Interrupt Handling Methods While in Virtual-8086 Mode 17.3.3.1 Method 1: Software Interrupt Handling Figure 17-5. Software Interrupt Redirection Bit Map in TSS 17.3.3.2 Methods 2 and 3: Software Interrupt Handling 17.3.3.3 Method 4: Software Interrupt Handling 17.3.3.4 Method 5: Software Interrupt Handling 17.3.3.5 Method 6: Software Interrupt Handling 17.4 PROTECTED-MODE VIRTUAL INTERRUPTS Page Page CHAPTER 18 MIXING 16-BIT AND 32-BIT CODE Table 18-1. Characteristics of 16-Bit and 32-Bit Program Modules Page Page Page Page Figure 18-1. Stack after Far 16- and 32-Bit Calls 18.4.2.1 Controlling the Operand-Size Attribute For a Call 18.4.2.2 Passing Parameters With a Gate 18.4.3 Interrupt Control Transfers 18.4.4 Parameter Translation 18.4.5 Writing Interface Procedures Page CHAPTER 19 ARCHITECTURE COMPATIBILITY Page 19.4 DETECTING THE PRESENCE OF NEW FEATURES THROUGH SOFTWARE 19.5 INTEL MMX TECHNOLOGY 19.6 STREAMING SIMD EXTENSIONS (SSE) 19.7 STREAMING SIMD EXTENSIONS 2 (SSE2) 19.8 STREAMING SIMD EXTENSIONS 3 (SSE3) 19.9 ADDITIONAL STREAMING SIMD EXTENSIONS Page 19.13.1 Instructions Added Prior to the Pentium Processor Table 19-1. New Instruction in the Pentium Processor and Later IA-32 Processors Page 19.16.1 Using EFLAGS Flags to Distinguish Between 32-Bit IA-32 19.17 STACK OPERATIONS 19.17.1 PUSH SP 19.17.2 EFLAGS Pushed on the Stack 19.18 X87 FPU 19.18.1 Control Register CR0 Flags 19.18.2 x87 FPU Status Word 19.18.2.1 Condition Code Flags (C0 through C3) 19.18.2.2 Stack Fault Flag 19.18.3 x87 FPU Control Word 19.18.4 x87 FPU Tag Word 19.18.5 Data Types 19.18.5.1 NaNs 19.18.5.2 Pseudo-zero, Pseudo-NaN, Pseudo-infinity, and Unnormal Formats 19.18.6 Floating-Point Exceptions 19.18.6.1 Denormal Operand Exception (#D) 19.18.6.2 Numeric Overflow Exception (#O) 19.18.6.3 Numeric Underflow Exception (#U) 19.18.6.4 Exception Precedence 19.18.6.5 CS and EIP For FPU Exceptions 19.18.6.6 FPU Error Signals 19.18.6.7 Assertion of the FERR# Pin 19.18.6.8 Invalid Operation Exception On Denormals 19.18.6.9 Alignment Check Exceptions (#AC) 19.18.6.10 Segment Not Present Exception During FLDENV 19.18.6.11 Device Not Available Exception (#NM) 19.18.6.12 Coprocessor Segment Overrun Exception 19.18.6.13 General Protection Exception (#GP) 19.18.7 Changes to Floating-Point Instructions 19.18.7.1 FDIV, FPREM, and FSQRT Instructions 19.18.7.2 FSCALE Instruction 19.18.7.3 FPREM1 Instruction 19.18.7.4 FPREM Instruction 19.18.7.6 FPTAN Instruction 19.18.7.7 Stack Overflow 19.18.7.8 FSIN, FCOS, and FSINCOS Instructions 19.18.7.9 FPATAN Instruction 19.18.7.10 F2XM1 Instruction 19.18.7.12 FXTRACT Instruction 19.18.7.13 Load Constant Instructions 19.18.7.14 FSETPM Instruction 19.18.7.15 FXAM Instruction 19.18.7.16 FSAVE and FSTENV Instructions 19.18.8 Transcendental Instructions 19.18.9 Obsolete Instructions 19.18.10 WAIT/FWAIT Prefix Differences 19.18.11 Operands Split Across Segments and/or Pages 19.18.12 FPU Instruction Synchronization 19.19 SERIALIZING INSTRUCTIONS 19.20 FPU AND MATH COPROCESSOR INITIALIZATION 19.20.1 Intel 387 and Intel 287 Math Coprocessor Initialization 19.20.2 Intel486 SX Processor and Intel 487 SX Math Coprocessor Initialization Table 19-3. EM and MP Flag Interpretation Page Page 19.22.1.2 Global Pages 19.22.1.3 Larger Page Sizes 19.22.2 CD and NW Cache Control Flags 19.22.3 Descriptor Types and Contents 19.22.4 Changes in Segment Descriptor Loads 19.23 DEBUG FACILITIES 19.23.1 Differences in Debug Register DR6 19.23.2 Differences in Debug Register DR7 19.23.3 Debug Registers DR4 and DR5 19.24 RECOGNITION OF BREAKPOINTS 19.25 EXCEPTIONS AND/OR EXCEPTION CONDITIONS Page 19.25.1 Machine-Check Architecture 19.25.2 Priority OF Exceptions 19.26 INTERRUPTS 19.26.1 Interrupt Propagation Delay 19.26.2 NMI Interrupts 19.26.3 IDT Limit 19.27 ADVANCED PROGRAMMABLE INTERRUPT CONTROLLER (APIC) 19.27.1 Software Visible Differences Between the Local APIC and the 82489DX Page 19.28.1 P6 Family and Pentium Processor TSS 19.28.2 TSS Selector Writes 19.28.3 Order of Reads/Writes to the TSS 19.28.4 Using A 16-Bit TSS with 32-Bit Constructs 19.28.5 Differences in I/O Map Base Addresses 19.29 CACHE MANAGEMENT Figure 19-1. I/O Map Base Address Differences 19.29.1 Self-Modifying Code with Cache Enabled 19.29.2 Disabling the L3 Cache 19.30 PAGING 19.30.1 Large Pages 19.30.2 PCD and PWT Flags 19.30.3 Enabling and Disabling Paging 19.31 STACK OPERATIONS 19.31.1 Selector Pushes and Pops 19.31.2 Error Code Pushes 19.31.3 Fault Handling Effects on the Stack 19.32 MIXING 16- AND 32-BIT SEGMENTS 19.33 SEGMENT AND ADDRESS WRAPAROUND 19.33.1 Segment Wraparound 19.34 STORE BUFFERS AND MEMORY ORDERING Page 19.35 BUS LOCKING 19.36 BUS HOLD 19.37 MODEL-SPECIFIC EXTENSIONS TO THE IA-32 19.37.1 Model-Specific Registers 19.37.2 RDMSR and WRMSR Instructions 19.37.3 Memory Type Range Registers 19.37.4 Machine-Check Exception and Architecture 19.37.5 Performance-Monitoring Counters 19.38 TWO WAYS TO RUN INTEL 286 PROCESSOR TASKS