Intel E6600 Specification Update - Page 44

Errata Implication: With debug-register protection enabled (i.e., the GD bit set), when attempting to execute a MOV on debug registers in V86 mode, a debug exception will be generated instead of the expected general-protection fault. Workaround: In general, operating systems do not set the GD bit when they are in V86 mode. The GD bit is generally set and used by debuggers. The debug exception handler should check that the exception did not occur in V86 mode before continuing. If the exception did occur in V86 mode, the exception may be directed to the general-protection exception handler. Status: For the steppings affected, see the Summary Tables of Changes. AI61. Debug Register May Contain Incorrect Information on a MOVSS or POPSS Instruction Followed by SYSRET Problem: In IA-32e mode, if a MOVSS or POPSS instruction with a debug breakpoint is followed by the SYSRET instruction; incorrect information may exist in the Debug Status Register (DR6). Implication: When debugging or when developing debuggers, this behavior should be noted. This erratum will not occur under normal usage of the MOVSS or POPSS instructions (i.e., following them with a MOV ESP instruction). Workaround: Do not attempt to put a breakpoint on MOVSS and POPSS instructions that are followed by a SYSRET. Status: For the steppings affected, see the Summary Tables of Changes. AI62. EFLAGS Discrepancy on a Page Fault After a Multiprocessor TLB Shootdown Problem: This erratum may occur when the processor executes one of the following read-modify-write arithmetic instructions and a page fault occurs during the store of the memory operand: ADD, AND, BTC, BTR, BTS, CMPXCHG, DEC, INC, NEG, NOT, OR, ROL/ROR, SAL/SAR/SHL/SHR, SHLD, SHRD, SUB, XOR, and XADD. In this case, the EFLAGS value pushed onto the stack of the page fault handler may reflect the status of the register after the instruction would have completed execution rather than before it. The following conditions are required for the store to generate a page fault and call the operating system page fault handler: • The store address entry must be evicted from the DTLB by speculative loads from other instructions that hit the same way of the DTLB before the store has completed. DTLB eviction requires at least three-load operations that have linear address bits 15:12 equal to each other and address bits 31:16 different from each other in close physical proximity to the arithmetic operation. • The page table entry for the store address must have its permissions tightened during the very small window of time between the DTLB eviction and execution of the store. Examples of page permission tightening include from Present to Not Present or from Read/Write to Read Only, etc. • Another processor, without corresponding synchronization and TLB flush, must cause the permission change. 44 Intel® Core™2 Extreme Processor X6800 and Intel® Core™2 Duo Desktop Processor E6000 and E4000 Sequence Specification Update