Volume 3A System Programming Guide_ Part 1 (794103), страница 57
Текст из файла (страница 57)
This causes the stack frame andsucceeding pushes done by an interrupt handler to be at arbitrary alignments. InIA-32e mode, the RSP is aligned to a 16-byte boundary before pushing the stackframe. The stack frame itself is aligned on a 16-byte boundary when the interrupthandler is called. The processor can arbitrarily realign the new RSP on interruptsbecause the previous (possibly unaligned) RSP is unconditionally saved on the newlyaligned stack.
The previous RSP will be automatically restored by a subsequent IRET.Aligning the stack permits exception and interrupt frames to be aligned on a 16-byteboundary before interrupts are re-enabled. This allows the stack to be formatted foroptimal storage of 16-byte XMM registers, which enables the interrupt handler to usefaster 16-byte aligned loads and stores (MOVAPS rather than MOVUPS) to save andrestore XMM registers.Although the RSP alignment is always performed when LMA = 1, it is only of consequence for the kernel-mode case where there is no stack switch or IST used. For astack switch or IST, the OS would have presumably put suitably aligned RSP values inthe TSS.5-24 Vol. 3INTERRUPT AND EXCEPTION HANDLING5.14.3IRET in IA-32e ModeIn IA-32e mode, IRET executes with an 8-byte operand size.
There is nothing thatforces this requirement. The stack is formatted in such a way that for actions whereIRET is required, the 8-byte IRET operand size works correctly.Because interrupt stack-frame pushes are always eight bytes in IA-32e mode, anIRET must pop eight byte items off the stack. This is accomplished by preceding theIRET with a 64-bit operand-size prefix.
The size of the pop is determined by theaddress size of the instruction. The SS/ESP/RSP size adjustment is determined bythe stack size.IRET pops SS:RSP unconditionally off the interrupt stack frame only when it isexecuted in 64-bit mode. In compatibility mode, IRET pops SS:RSP off the stack onlyif there is a CPL change. This allows legacy applications to execute properly incompatibility mode when using the IRET instruction. 64-bit interrupt service routinesthat exit with an IRET unconditionally pop SS:RSP off of the interrupt stack frame,even if the target code segment is running in 64-bit mode or at CPL = 0.
This isbecause the original interrupt always pushes SS:RSP.In IA-32e mode, IRET is allowed to load a NULL SS under certain conditions. If thetarget mode is 64-bit mode and the target CPL <> 3, IRET allows SS to be loadedwith a NULL selector. As part of the stack switch mechanism, an interrupt or exception sets the new SS to NULL, instead of fetching a new SS selector from the TSS andloading the corresponding descriptor from the GDT or LDT.
The new SS selector is setto NULL in order to properly handle returns from subsequent nested far transfers. Ifthe called procedure itself is interrupted, the NULL SS is pushed on the stack frame.On the subsequent IRET, the NULL SS on the stack acts as a flag to tell the processornot to load a new SS descriptor.5.14.4Stack Switching in IA-32e ModeThe IA-32 architecture provides a mechanism to automatically switch stack frames inresponse to an interrupt. The 64-bit extensions of Intel 64 architecture implement amodified version of the legacy stack-switching mechanism and an alternative stackswitching mechanism called the interrupt stack table (IST).In IA-32 modes, the legacy IA-32 stack-switch mechanism is unchanged.
In IA-32emode, the legacy stack-switch mechanism is modified. When stacks are switched aspart of a 64-bit mode privilege-level change (resulting from an interrupt), a new SSdescriptor is not loaded. IA-32e mode loads only an inner-level RSP from the TSS.The new SS selector is forced to NULL and the SS selector’s RPL field is set to the newCPL. The new SS is set to NULL in order to handle nested far transfers (CALLF, INT,interrupts and exceptions).
The old SS and RSP are saved on the new stack(Figure 5-8). On the subsequent IRET, the old SS is popped from the stack andloaded into the SS register.Vol. 3 5-25INTERRUPT AND EXCEPTION HANDLINGIn summary, a stack switch in IA-32e mode works like the legacy stack switch,except that a new SS selector is not loaded from the TSS. Instead, the new SS isforced to NULL.Legacy Mode+20+16+12+8+40Stack Usage withPrivilege-Level ChangeIA-32e ModeHandler’s StackHandler’s StackSSESPEFLAGSCSEIPError CodeSSESPEFLAGSCSEIPError CodeStack Pointer AfterTransfer to Handler+40+32+24+16+80Figure 5-8.
IA-32e Mode Stack Usage After Privilege Level Change5.14.5Interrupt Stack TableIn IA-32e mode, a new interrupt stack table (IST) mechanism is available as an alternative to the modified legacy stack-switching mechanism described above. Thismechanism unconditionally switches stacks when it is enabled. It can be enabled onan individual interrupt-vector basis using a field in the IDT entry. This means thatsome interrupt vectors can use the modified legacy mechanism and others can usethe IST mechanism.The IST mechanism is only available in IA-32e mode.
It is part of the 64-bit modeTSS. The motivation for the IST mechanism is to provide a method for specific interrupts (such as NMI, double-fault, and machine-check) to always execute on a knowngood stack. In legacy mode, interrupts can use the task-switch mechanism to set upa known-good stack by accessing the interrupt service routine through a task gatelocated in the IDT. However, the legacy task-switch mechanism is not supported inIA-32e mode.The IST mechanism provides up to seven IST pointers in the TSS. The pointers arereferenced by an interrupt-gate descriptor in the interrupt-descriptor table (IDT);see Figure 5-7.
The gate descriptor contains a 3-bit IST index field that provides anoffset into the IST section of the TSS. Using the IST mechanism, the processor loadsthe value pointed by an IST pointer into the RSP.When an interrupt occurs, the new SS selector is forced to NULL and the SS selector’sRPL field is set to the new CPL. The old SS, RSP, RFLAGS, CS, and RIP are pushedonto the new stack. Interrupt processing then proceeds as normal. If the IST index iszero, the modified legacy stack-switching mechanism described above is used.5-26 Vol. 3INTERRUPT AND EXCEPTION HANDLING5.15EXCEPTION AND INTERRUPT REFERENCEThe following sections describe conditions which generate exceptions and interrupts.They are arranged in the order of vector numbers.
The information contained inthese sections are as follows:•Exception Class — Indicates whether the exception class is a fault, trap, orabort type. Some exceptions can be either a fault or trap type, depending onwhen the error condition is detected. (This section is not applicable to interrupts.)•Description — Gives a general description of the purpose of the exception orinterrupt type. It also describes how the processor handles the exception orinterrupt.•Exception Error Code — Indicates whether an error code is saved for theexception. If one is saved, the contents of the error code are described.
(Thissection is not applicable to interrupts.)•Saved Instruction Pointer — Describes which instruction the saved (or return)instruction pointer points to. It also indicates whether the pointer can be used torestart a faulting instruction.•Program State Change — Describes the effects of the exception or interrupt onthe state of the currently running program or task and the possibilities ofrestarting the program or task without loss of continuity.Vol. 3 5-27INTERRUPT AND EXCEPTION HANDLINGInterrupt 0—Divide Error Exception (#DE)Exception ClassFault.DescriptionIndicates the divisor operand for a DIV or IDIV instruction is 0 or that the resultcannot be represented in the number of bits specified for the destination operand.Exception Error CodeNone.Saved Instruction PointerSaved contents of CS and EIP registers point to the instruction that generated theexception.Program State ChangeA program-state change does not accompany the divide error, because the exceptionoccurs before the faulting instruction is executed.5-28 Vol.
3INTERRUPT AND EXCEPTION HANDLINGInterrupt 1—Debug Exception (#DB)Exception ClassTrap or Fault. The exception handler can distinguishbetween traps or faults by examining the contents of DR6and the other debug registers.DescriptionIndicates that one or more of several debug-exception conditions has been detected.Whether the exception is a fault or a trap depends on the condition (see Table 5-3).See Chapter 18, “Debugging and Performance Monitoring,” for detailed informationabout the debug exceptions.Table 5-3. Debug Exception Conditions and Corresponding Exception ClassesException ConditionException ClassInstruction fetch breakpointFaultData read or write breakpointTrapI/O read or write breakpointTrapGeneral detect condition (in conjunction with in-circuit emulation)FaultSingle-stepTrapTask-switchTrapException Error CodeNone.
An exception handler can examine the debug registers to determine whichcondition caused the exception.Saved Instruction PointerFault — Saved contents of CS and EIP registers point to the instruction that generated the exception.Trap — Saved contents of CS and EIP registers point to the instruction following theinstruction that generated the exception.Program State ChangeFault — A program-state change does not accompany the debug exception, becausethe exception occurs before the faulting instruction is executed.
The program canresume normal execution upon returning from the debug exception handler.Trap — A program-state change does accompany the debug exception, because theinstruction or task switch being executed is allowed to complete before the exceptionis generated. However, the new state of the program is not corrupted and executionof the program can continue reliably.Vol.
3 5-29INTERRUPT AND EXCEPTION HANDLINGInterrupt 2—NMI InterruptException ClassNot applicable.DescriptionThe nonmaskable interrupt (NMI) is generated externally by asserting theprocessor’s NMI pin or through an NMI request set by the I/O APIC to the local APIC.This interrupt causes the NMI interrupt handler to be called.Exception Error CodeNot applicable.Saved Instruction PointerThe processor always takes an NMI interrupt on an instruction boundary.
![](https://s.studizba.com/z.php?f=/templates/si/i/noavatar.png&w=100&h=100&t=1"){kind=avatar}
