Volume 2 System Programming (794096), страница 62
Текст из файла (страница 62)
Table 8-4on page 214 lists the conditions under which a #TS occurs and the error code returned by the exceptionmechanism.#TS cannot be disabled.Error Code Returned. See Table 8-4 on page 214 for a list of error codes returned by the #TSexception.Program Restart. #TS is a fault-type exception. If the exception occurs before loading the segmentselectors from the TSS, the saved instruction pointer points to the instruction that caused the #TS.However, most #TS conditions occur due to errors with the loaded segment selectors.
When an error isfound with a segment selector, the hardware task-switch mechanism completes loading the new taskstate from the TSS, and then triggers the #TS exception mechanism. In this case, the saved instructionpointer points to the first instruction in the new task.In long mode, a #TS cannot be caused by a task switch, because the hardware task-switch mechanismis disabled. A #TS occurs only as a result of a control transfer through a gate descriptor that results inan invalid stack-segment reference using an SS selector in the TSS.
In this case, the saved instructionpointer always points to the control-transfer instruction that caused the #TS.Table 8-4. Invalid-TSS Exception ConditionsSelectorReferenceTask-StateSegmentError ConditionTSS limit check on a task switchTSS limit check on an inner-level stack pointerError CodeTSS Selector IndexLDT does not point to GDTLDT SegmentLDT reference outside GDTGDT entry is not an LDT descriptorLDT Selector IndexLDT descriptor is not presentCS reference outside GDT or LDTCode SegmentPrivilege check (conforming DPL > CPL)Privilege check (non-conforming DPL ≠ CPL)CS Selector IndexType check (CS not executable)Data Segment214Data segment reference outside GDT or LDTType check (data segment not readable)DS, ES, FS or GS Selector IndexExceptions and Interrupts24593—Rev.
3.13—July 2007AMD64 TechnologyTable 8-4. Invalid-TSS Exception Conditions (continued)SelectorReferenceError ConditionError CodeSS reference outside GDT or LDTStack SegmentPrivilege check (stack segment descriptor DPL ≠ CPL)Privilege check (stack segment selector RPL ≠ CPL)SS Selector IndexType check (stack segment not writable)8.2.12 #NP—Segment-Not-Present Exception (Vector 11)An #NP occurs when an attempt is made to load a segment or gate with a clear present bit, as describedin the following situations:••••••Using the MOV, POP, LDS, LES, LFS, or LGS instructions to load a segment selector (DS, ES, FS,and GS) that references a segment descriptor containing a clear present bit (descriptor.P=0).Far transfer to a CS that is not present.Referencing a gate descriptor containing a clear present bit.Referencing a TSS descriptor containing a clear present bit.
This includes attempts to load the TSSdescriptor using the LTR instruction.Attempting to load a descriptor containing a clear present bit into the LDTR using the LLDTinstruction.Loading a segment selector (CS, DS, ES, FS, or GS) as part of a task switch, with the segmentdescriptor referenced by the segment selector having a clear present bit.
In long mode, an #NPcannot be caused by a task switch, because the hardware task-switch mechanism is disabled.When loading a stack-segment selector (SS) that references a descriptor with a clear present bit, astack exception (#SS) occurs. For information on the #SS exception, see the next section, “#SS—StackException (Vector 12).”#NP cannot be disabled.Error Code Returned. The segment-selector index of the segment descriptor causing the #NPexception.Program Restart. #NP is a fault-type exception. In most cases, the saved instruction pointer points tothe instruction that loaded the segment selector resulting in the #NP. See “Exceptions During a TaskSwitch” on page 222 for a description of the consequences when this exception occurs during a taskswitch.Exceptions and Interrupts215AMD64 Technology24593—Rev.
3.13—July 20078.2.13 #SS—Stack Exception (Vector 12)An #SS exception can occur in the following situations:•••Implied stack references in which the stack address is not in canonical form. Implied stackreferences include all push and pop instructions, and any instruction using RSP or RBP as a baseregister.Attempting to load a stack-segment selector that references a segment descriptor containing a clearpresent bit (descriptor.P=0).Any stack access that fails the stack-limit check.#SS cannot be disabled.Error Code Returned. The error code depends on the cause of the #SS, as shown in Table 8-5 onpage 216:Table 8-5.Stack Exception Error CodesStack Exception CauseStack-segment descriptor present bit is clearError CodeSS Selector IndexStack-limit violation0Stack reference using a non-canonical address0Program Restart.
#SS is a fault-type exception. In most cases, the saved instruction pointer points tothe instruction that caused the #SS. See “Exceptions During a Task Switch” on page 222 for adescription of the consequences when this exception occurs during a task switch.8.2.14 #GP—General-Protection Exception (Vector 13)Table 8-6 on page 217 describes the general situations that can cause a #GP exception. The table is notan exhaustive, detailed list of #GP conditions, but rather a guide to the situations that can cause a #GP.If an invalid use of an AMD64 architectural feature results in a #GP, the specific cause of the exceptionis described in detail in the section describing the architectural feature.#GP cannot be disabled.Error Code Returned. As shown in Table 8-6, a selector index is reported as the error code if the#GP is due to a segment-descriptor access.
In all other cases, an error code of 0 is returned.Program Restart. #GP is a fault-type exception. In most cases, the saved instruction pointer points tothe instruction that caused the #GP. See “Exceptions During a Task Switch” on page 222 for adescription of the consequences when this exception occurs during a task switch.216Exceptions and Interrupts24593—Rev. 3.13—July 2007Table 8-6.AMD64 TechnologyGeneral-Protection Exception ConditionsError ConditionError CodeAny segment privilege-check violation, while loading a segment register.Any segment type-check violation, while loading a segment register.Loading a null selector into the CS, SS, or TR register.Accessing a gate-descriptor containing a null segment selector.Referencing an LDT descriptor or TSS descriptor located in the LDT.Attempting a control transfer to a busy TSS (except IRET).In 64-bit mode, loading a non-canonical base address into the GDTR or IDTR.Selector IndexIn long mode, accessing a system or call-gate descriptor whose extended type field is not 0.In long mode, accessing a system descriptor containing a non-canonical base address.In long mode, accessing a gate descriptor containing a non-canonical offset.In long mode, accessing a gate descriptor that does not point to a 64-bit code segment.In long mode, accessing a 16-bit gate descriptor.In long mode, attempting a control transfer to a TSS or task gate.Any segment limit-check or non-canonical address violation (except when using the SSregister).Accessing memory using a null segment register.Writing memory using a read-only segment register.Using a 128-bit media instruction requiring 16-byte alignment with a memory operand notaligned on a 16-byte boundary.Attempting to execute code that is past the CS segment limit or at a non-canonical RIP.0Executing a privileged instruction while CPL > 0.Executing an instruction that is more than 15 bytes long.Writing a 1 into any register field that is reserved, must be zero (MBZ).Using WRMSR to write a read-only MSR.Using WRMSR to write a non-canonical value into an MSR that must be canonical.Using WRMSR to set an invalid type encoding in an MTRR or the PAT MSR.Enabling paging while protected mode is disabled.Setting CR0.NW=1 while CR0.CD=0.0Any long-mode consistency-check violation.8.2.15 #PF—Page-Fault Exception (Vector 14)A #PF exception can occur during a memory access in any of the following situations:•A page-translation-table entry or physical page involved in translating the memory access is notpresent in physical memory.
This is indicated by a cleared present bit (P=0) in the translation-tableentry.Exceptions and Interrupts217AMD64 Technology•••24593—Rev. 3.13—July 2007An attempt is made by the processor to load the instruction TLB with a translation for a nonexecutable page.The memory access fails the paging-protection checks (user/supervisor, read/write, or both).A reserved bit in one of the page-translation-table entries is set to 1. A #PF occurs for this reasononly when CR4.PSE=1 or CR4.PAE=1.#PF cannot be disabled.CR2 Register. The virtual (linear) address that caused the #PF is stored in the CR2 register. Thelegacy CR2 register is 32 bits long.
The CR2 register in the AMD64 architecture is 64 bits long, asshown in Figure 8-1 on page 218. In AMD64 implementations, when either software or a page faultcauses a write to the CR2 register, only the low-order 32 bits of CR2 are used in legacy mode; theprocessor clears the high-order 32 bits.630Page-Fault Virtual AddressFigure 8-1.Control Register 2 (CR2)Error Code Returned.
The page-fault error code is pushed onto the page-fault exception-handlerstack. See “Page-Fault Error Code” on page 223 for a description of this error code.Program Restart. #PF is a fault-type exception. In most cases, the saved instruction pointer points tothe instruction that caused the #PF. See “Exceptions During a Task Switch” on page 222 for adescription of what can happen if this exception occurs during a task switch.8.2.16 #MF—x87 Floating-Point Exception-Pending (Vector 16)The #MF exception is used to handle unmasked x87 floating-point exceptions. An #MF occurs whenall of the following conditions are true:••••CR0.NE=1.An unmasked x87 floating-point exception is pending. This is indicated by an exception bit in thex87 floating-point status-word register being set to 1The corresponding mask bit in the x87 floating-point control-word register is cleared to 0.The FWAIT/WAIT instruction or any waiting floating-point instruction is executed.If there is an exception mask bit (in the FPU control word) set, the exception is not reported.
Instead,the x87-instruction unit responds in a default manner and execution proceeds normally.The x87 floating-point exceptions reported by the #MF exception are (including mnemonics):•IE—Invalid-operation exception (also called #I), which is either:- IE alone—Invalid arithmetic-operand exception (also called #IA), or218Exceptions and Interrupts24593—Rev. 3.13—July 2007•••••AMD64 Technology- SF and IE together—x87 Stack-fault exception (also called #IS).DE—Denormalized-operand exception (also called #D).ZE—Zero-divide exception (also called #Z).OE—Overflow exception (also called #O).UE—Underflow exception (also called #U).PE—Precision exception (also called #P or inexact-result exception).Error Code Returned.
![](https://s.studizba.com/z.php?f=/templates/si/i/noavatar.png&w=100&h=100&t=1"){kind=avatar}
