drginfo/ia32-64
1
0
Fork 0
forked from NRZCode/ia32-64
Code Pull requests Activity
ia32-64/x86/xrstor.html
NRZ Code 92622c37d6 Initial commit
2025-07-08 02:23:29 -03:00

299 lines
16 KiB
HTML
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

<!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:svg="http://www.w3.org/2000/svg" xmlns:x86="http://www.felixcloutier.com/x86"><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"><link rel="stylesheet" type="text/css" href="style.css"></link><title>XRSTOR
— Restore Processor Extended States</title></head><body><header><nav><ul><li><a href='index.html'>Index</a></li><li>December 2023</li></ul></nav></header><h1>XRSTOR
— Restore Processor Extended States</h1>
<table>
<tr>
<th>Opcode / Instruction</th>
<th>Op/En</th>
<th>64/32 bit Mode Support</th>
<th>CPUID Feature Flag</th>
<th>Description</th></tr>
<tr>
<td>NP 0F AE /5 XRSTOR mem</td>
<td>M</td>
<td>V/V</td>
<td>XSAVE</td>
<td>Restore state components specified by EDX:EAX from mem.</td></tr>
<tr>
<td>NP REX.W + 0F AE /5 XRSTOR64 mem</td>
<td>M</td>
<td>V/N.E.</td>
<td>XSAVE</td>
<td>Restore state components specified by EDX:EAX from mem.</td></tr></table>
<h2 id="instruction-operand-encoding">Instruction Operand Encoding<a class="anchor" href="#instruction-operand-encoding">
</a></h2>
<table>
<tr>
<th>Op/En</th>
<th>Operand 1</th>
<th>Operand 2</th>
<th>Operand 3</th>
<th>Operand 4</th></tr>
<tr>
<td>M</td>
<td>ModRM:r/m (r)</td>
<td>N/A</td>
<td>N/A</td>
<td>N/A</td></tr></table>
<h2 id="description">Description<a class="anchor" href="#description">
</a></h2>
<p>Performs a full or partial restore of processor state components from the XSAVE area located at the memory address specified by the source operand. The implicit EDX:EAX register pair specifies a 64-bit instruction mask. The specific state components restored correspond to the bits set in the requested-feature bitmap (RFBM), which is the logical-AND of EDX:EAX and XCR0.</p>
<p>The format of the XSAVE area is detailed in Section 13.4, “XSAVE Area,” of Intel<sup>®</sup> 64 and IA-32 Architectures Software Developers Manual, Volume 1. Like FXRSTOR and FXSAVE, the memory format used for x87 state depends on a REX.W prefix; see Section 13.5.1, “x87 State” of Intel<sup>®</sup> 64 and IA-32 Architectures Software Developers Manual, Volume 1.</p>
<p>Section 13.8, “Operation of XRSTOR,” of Intel<sup>®</sup> 64 and IA-32 Architectures Software Developers Manual, Volume 1 provides a detailed description of the operation of the XRSTOR instruction. The following items provide a highlevel outline:</p>
<ul>
<li>Execution of XRSTOR may take one of two forms: standard and compacted. Bit 63 of the XCOMP_BV field in the XSAVE header determines which form is used: value 0 specifies the standard form, while value 1 specifies the compacted form.</li>
<li>If RFBM[<em>i</em>] = 0, XRSTOR does not update state component <em>i</em>.<sup>1</sup></li>
<li>If RFBM[<em>i</em>] = 1 and bit <em>i </em>is clear in the XSTATE_BV field in the XSAVE header, XRSTOR initializes state component <em>i</em>.</li>
<li>If RFBM[<em>i</em>] = 1 and XSTATE_BV[<em>i</em>] = 1, XRSTOR loads state component <em>i </em>from the XSAVE area.</li>
<li>The standard form of XRSTOR treats MXCSR (which is part of state component 1 — SSE) differently from the XMM registers. If either form attempts to load MXCSR with an illegal value, a general-protection exception (#GP) occurs.</li>
<li>XRSTOR loads the internal value XRSTOR_INFO, which may be used to optimize a subsequent execution of XSAVEOPT or XSAVES.</li>
<li>Immediately following an execution of XRSTOR, the processor tracks as in-use (not in initial configuration) any state component <em>i </em>for which RFBM[<em>i</em>] = 1 and XSTATE_BV[<em>i</em>] = 1; it tracks as modified any state component <em>i </em>for which RFBM[<em>i</em>] = 0.</li></ul>
<p>Use of a source operand not aligned to 64-byte boundary (for 64-bit and 32-bit modes) results in a general-protection (#GP) exception. In 64-bit mode, the upper 32 bits of RDX and RAX are ignored.</p>
<p>See Section 13.6, “Processor Tracking of XSAVE-Managed State,” of Intel<sup>®</sup> 64 and IA-32 Architectures Software Developers Manual, Volume 1 for discussion of the bitmaps XINUSE and XMODIFIED and of the quantity XRSTOR_INFO.</p>
<blockquote>
<p>1. There is an exception if RFBM[1] = 0 and RFBM[2] = 1. In this case, the standard form of XRSTOR will load MXCSR from memory, even though MXCSR is part of state component 1 — SSE. The compacted form of XRSTOR does not make this exception.</p></blockquote>
<h2 id="operation">Operation<a class="anchor" href="#operation">
</a></h2>
<pre>RFBM := XCR0 AND EDX:EAX; /* bitwise logical AND */
COMPMASK := XCOMP_BV field from XSAVE header;
RSTORMASK := XSTATE_BV field from XSAVE header;
IF COMPMASK[63] = 0
THEN
/* Standard form of XRSTOR */
TO_BE_RESTORED := RFBM AND RSTORMASK;
TO_BE_INITIALIZED := RFBM AND NOT RSTORMASK;
IF TO_BE_RESTORED[0] = 1
THEN
XINUSE[0] := 1;
load x87 state from legacy region of XSAVE area;
ELSIF TO_BE_INITIALIZED[0] = 1
THEN
XINUSE[0] := 0;
initialize x87 state;
FI;
IF RFBM[1] = 1 OR RFBM[2] = 1
THEN load MXCSR from legacy region of XSAVE area;
FI;
IF TO_BE_RESTORED[1] = 1
THEN
XINUSE[1] := 1;
load XMM registers from legacy region of XSAVE area; // this step does not load MXCSR
ELSIF TO_BE_INITIALIZED[1] = 1
THEN
XINUSE[1] := 0;
set all XMM registers to 0; // this step does not initialize MXCSR
FI;
FOR i := 2 TO 62
IF TO_BE_RESTORED[i] = 1
THEN
XINUSE[i] := 1;
load XSAVE state component i at offset n from base of XSAVE area;
// n enumerated by CPUID(EAX=0DH,ECX=i):EBX)
ELSIF TO_BE_INITIALIZED[i] = 1
THEN
XINUSE[i] := 0;
initialize XSAVE state component i;
FI;
ENDFOR;
ELSE
/* Compacted form of XRSTOR */
IF CPUID.(EAX=0DH,ECX=1):EAX.XSAVEC[bit 1] = 0
THEN /* compacted form not supported */
#GP(0);
FI;
FORMAT = COMPMASK AND 7FFFFFFF_FFFFFFFFH;
RESTORE_FEATURES = FORMAT AND RFBM;
TO_BE_RESTORED := RESTORE_FEATURES AND RSTORMASK;
FORCE_INIT := RFBM AND NOT FORMAT;
TO_BE_INITIALIZED = (RFBM AND NOT RSTORMASK) OR FORCE_INIT;
IF TO_BE_RESTORED[0] = 1
THEN
XINUSE[0] := 1;
load x87 state from legacy region of XSAVE area;
ELSIF TO_BE_INITIALIZED[0] = 1
THEN
XINUSE[0] := 0;
initialize x87 state;
FI;
IF TO_BE_RESTORED[1] = 1
THEN
XINUSE[1] := 1;
load SSE state from legacy region of XSAVE area; // this step loads the XMM registers and MXCSR
ELSIF TO_BE_INITIALIZED[1] = 1
THEN
set all XMM registers to 0;
XINUSE[1] := 0;
MXCSR := 1F80H;
FI;
NEXT_FEATURE_OFFSET = 576;
// Legacy area and XSAVE header consume 576 bytes
FOR i := 2 TO 62
IF FORMAT[i] = 1
THEN
IF TO_BE_RESTORED[i] = 1
THEN
XINUSE[i] := 1;
load XSAVE state component i at offset NEXT_FEATURE_OFFSET from base of XSAVE area;
FI;
NEXT_FEATURE_OFFSET = NEXT_FEATURE_OFFSET + n (n enumerated by CPUID(EAX=0DH,ECX=i):EAX);
FI;
IF TO_BE_INITIALIZED[i] = 1
THEN
XINUSE[i] := 0;
initialize XSAVE state component i;
FI;
ENDFOR;
FI;
XMODIFIED := NOT RFBM;
IF in VMX non-root operation
THEN VMXNR := 1;
ELSE VMXNR := 0;
FI;
LAXA := linear address of XSAVE area;
XRSTOR_INFO := CPL,VMXNR,LAXA,COMPMASK;
</pre>
<h2 id="flags-affected">Flags Affected<a class="anchor" href="#flags-affected">
</a></h2>
<p>None.</p>
<h2 id="intel-c-c++-compiler-intrinsic-equivalent">Intel C/C++ Compiler Intrinsic Equivalent<a class="anchor" href="#intel-c-c++-compiler-intrinsic-equivalent">
</a></h2>
<pre>XRSTOR void _xrstor( void * , unsigned __int64);
</pre>
<pre>XRSTOR void _xrstor64( void * , unsigned __int64);
</pre>
<h2 class="exceptions" id="protected-mode-exceptions">Protected Mode Exceptions<a class="anchor" href="#protected-mode-exceptions">
</a></h2>
<table>
<tr>
<td rowspan="9">#GP(0)</td>
<td>If a memory operand effective address is outside the CS, DS, ES, FS, or GS segment limit.</td></tr>
<tr>
<td>If a memory operand is not aligned on a 64-byte boundary, regardless of segment.</td></tr>
<tr>
<td>If bit 63 of the XCOMP_BV field of the XSAVE header is 1 and CPUID.(EAX=0DH,ECX=1):EAX.XSAVEC[bit 1] = 0.</td></tr>
<tr>
<td>If the standard form is executed and a bit in XCR0 is 0 and the corresponding bit in the XSTATE_BV field of the XSAVE header is 1.</td></tr>
<tr>
<td>If the standard form is executed and bytes 23:8 of the XSAVE header are not all zero.</td></tr>
<tr>
<td>If the compacted form is executed and a bit in XCR0 is 0 and the corresponding bit in the XCOMP_BV field of the XSAVE header is 1.</td></tr>
<tr>
<td>If the compacted form is executed and a bit in the XCOMP_BV field in the XSAVE header is 0 and the corresponding bit in the XSTATE_BV field is 1.</td></tr>
<tr>
<td>If the compacted form is executed and bytes 63:16 of the XSAVE header are not all zero.</td></tr>
<tr>
<td>If attempting to write any reserved bits of the MXCSR register with 1.</td></tr>
<tr>
<td>#SS(0)</td>
<td>If a memory operand effective address is outside the SS segment limit.</td></tr>
<tr>
<td>#PF(fault-code)</td>
<td>If a page fault occurs.</td></tr>
<tr>
<td>#NM</td>
<td>If CR0.TS[bit 3] = 1.</td></tr>
<tr>
<td rowspan="3">#UD</td>
<td>If CPUID.01H:ECX.XSAVE[bit 26] = 0.</td></tr>
<tr>
<td>If CR4.OSXSAVE[bit 18] = 0.</td></tr>
<tr>
<td>If the LOCK prefix is used.</td></tr>
<tr>
<td>#AC</td>
<td>If this exception is disabled a general protection exception (#GP) is signaled if the memory operand is not aligned on a 64-byte boundary, as described above. If the alignment check exception (#AC) is enabled (and the CPL is 3), signaling of #AC is not guaranteed and may vary with implementation, as follows. In all implementations where #AC is not signaled, a general protection exception is signaled in its place. In addition, the width of the alignment check may also vary with implementation. For instance, for a given implementation, an alignment check exception might be signaled for a 2-byte misalignment, whereas a general protection exception might be signaled for all other misalignments (4-, 8-, or 16-byte misalignments).</td></tr></table>
<h2 class="exceptions" id="real-address-mode-exceptions">Real-Address Mode Exceptions<a class="anchor" href="#real-address-mode-exceptions">
</a></h2>
<table>
<tr>
<td rowspan="9">#GP</td>
<td>If a memory operand is not aligned on a 64-byte boundary, regardless of segment.</td></tr>
<tr>
<td>If any part of the operand lies outside the effective address space from 0 to FFFFH.</td></tr>
<tr>
<td>If bit 63 of the XCOMP_BV field of the XSAVE header is 1 and CPUID.(EAX=0DH,ECX=1):EAX.XSAVEC[bit 1] = 0.</td></tr>
<tr>
<td>If the standard form is executed and a bit in XCR0 is 0 and the corresponding bit in the XSTATE_BV field of the XSAVE header is 1.</td></tr>
<tr>
<td>If the standard form is executed and bytes 23:8 of the XSAVE header are not all zero.</td></tr>
<tr>
<td>If the compacted form is executed and a bit in XCR0 is 0 and the corresponding bit in the XCOMP_BV field of the XSAVE header is 1.</td></tr>
<tr>
<td>If the compacted form is executed and a bit in the XCOMP_BV field in the XSAVE header is 0 and the corresponding bit in the XSTATE_BV field is 1.</td></tr>
<tr>
<td>If the compacted form is executed and bytes 63:16 of the XSAVE header are not all zero.</td></tr>
<tr>
<td>If attempting to write any reserved bits of the MXCSR register with 1.</td></tr>
<tr>
<td>#NM</td>
<td>If CR0.TS[bit 3] = 1.</td></tr>
<tr>
<td rowspan="3">#UD</td>
<td>If CPUID.01H:ECX.XSAVE[bit 26] = 0.</td></tr>
<tr>
<td>If CR4.OSXSAVE[bit 18] = 0.</td></tr>
<tr>
<td>If the LOCK prefix is used.</td></tr></table>
<h2 class="exceptions" id="virtual-8086-mode-exceptions">Virtual-8086 Mode Exceptions<a class="anchor" href="#virtual-8086-mode-exceptions">
</a></h2>
<p>Same exceptions as in protected mode.</p>
<h2 class="exceptions" id="compatibility-mode-exceptions">Compatibility Mode Exceptions<a class="anchor" href="#compatibility-mode-exceptions">
</a></h2>
<p>Same exceptions as in protected mode.</p>
<h2 class="exceptions" id="64-bit-mode-exceptions">64-Bit Mode Exceptions<a class="anchor" href="#64-bit-mode-exceptions">
</a></h2>
<table>
<tr>
<td rowspan="9">#GP(0)</td>
<td>If a memory address is in a non-canonical form.</td></tr>
<tr>
<td>If a memory operand is not aligned on a 64-byte boundary, regardless of segment.</td></tr>
<tr>
<td>If bit 63 of the XCOMP_BV field of the XSAVE header is 1 and CPUID.(EAX=0DH,ECX=1):EAX.XSAVEC[bit 1] = 0.</td></tr>
<tr>
<td>If the standard form is executed and a bit in XCR0 is 0 and the corresponding bit in the XSTATE_BV field of the XSAVE header is 1.</td></tr>
<tr>
<td>If the standard form is executed and bytes 23:8 of the XSAVE header are not all zero.</td></tr>
<tr>
<td>If the compacted form is executed and a bit in XCR0 is 0 and the corresponding bit in the XCOMP_BV field of the XSAVE header is 1.</td></tr>
<tr>
<td>If the compacted form is executed and a bit in the XCOMP_BV field in the XSAVE header is 0 and the corresponding bit in the XSTATE_BV field is 1.</td></tr>
<tr>
<td>If the compacted form is executed and bytes 63:16 of the XSAVE header are not all zero.</td></tr>
<tr>
<td>If attempting to write any reserved bits of the MXCSR register with 1.</td></tr>
<tr>
<td>#SS(0)</td>
<td>If a memory address referencing the SS segment is in a non-canonical form.</td></tr>
<tr>
<td>#PF(fault-code)</td>
<td>If a page fault occurs.</td></tr>
<tr>
<td>#NM</td>
<td>If CR0.TS[bit 3] = 1.</td></tr>
<tr>
<td rowspan="3">#UD</td>
<td>If CPUID.01H:ECX.XSAVE[bit 26] = 0.</td></tr>
<tr>
<td>If CR4.OSXSAVE[bit 18] = 0.</td></tr>
<tr>
<td>If the LOCK prefix is used.</td></tr>
<tr>
<td>#AC</td>
<td>If this exception is disabled a general protection exception (#GP) is signaled if the memory operand is not aligned on a 64-byte boundary, as described above. If the alignment check exception (#AC) is enabled (and the CPL is 3), signaling of #AC is not guaranteed and may vary with implementation, as follows. In all implementations where #AC is not signaled, a general protection exception is signaled in its place. In addition, the width of the alignment check may also vary with implementation. For instance, for a given implementation, an alignment check exception might be signaled for a 2-byte misalignment, whereas a general protection exception might be signaled for all other misalignments (4-, 8-, or 16-byte misalignments).</td></tr></table><footer><p>
This UNOFFICIAL, mechanically-separated, non-verified reference is provided for convenience, but it may be
inc<span style="opacity: 0.2">omp</span>lete or b<sub>r</sub>oke<sub>n</sub> in various obvious or non-obvious
ways. Refer to <a href="https://software.intel.com/en-us/download/intel-64-and-ia-32-architectures-sdm-combined-volumes-1-2a-2b-2c-2d-3a-3b-3c-3d-and-4">Intel® 64 and IA-32 Architectures Software Developers Manual</a> for anything serious.
</p></footer></body></html>
View git blame Copy permalink