Specification Update
23
BJ10.
EFLAGS Discrepancy on Page Faults and on EPT-Induced VM Exits
after a Translation Change
Problem:
This erratum is regarding the case where paging structures are modified to change a
linear address from writable to non-writable without software performing an
appropriate TLB invalidation. When a subsequent access to that address by a specific
instruction (ADD, AND, BTC, BTR, BTS, CMPXCHG, DEC, INC, NEG, NOT, OR, ROL/ROR,
SAL/SAR/SHL/SHR, SHLD, SHRD, SUB, XOR, and XADD) causes a page fault or an EPT-
induced VM exit, the value saved for EFLAGS may incorrectly contain the arithmetic flag
values that the EFLAGS register would have held had the instruction completed without
fault or VM exit. For page faults, this can occur even if the fault causes a VM exit or if
its delivery causes a nested fault.
Implication:
None identified. Although the EFLAGS value saved by an affected event (a page fault or
an EPT-induced VM exit) may contain incorrect arithmetic flag values, Intel has not
identified software that is affected by this erratum. This erratum will have no further
effects once the original instruction is restarted because the instruction will produce the
same results as if it had initially completed without fault or VM exit.
Workaround:
If the handler of the affected events inspects the arithmetic portion of the saved
EFLAGS value, then system software should perform a synchronized paging structure
modification and TLB invalidation.
Status:
For the steppings affected, see the Summary Tables of Changes.
BJ11.
Fault on ENTER Instruction May Result in Unexpected Values on Stack
Frame
Problem:
The ENTER instruction is used to create a procedure stack frame. Due to this erratum,
if execution of the ENTER instruction results in a fault, the dynamic storage area of the
resultant stack frame may contain unexpected values (i.e. residual stack data as a
result of processing the fault).
Implication:
Data in the created stack frame may be altered following a fault on the ENTER
instruction. Please refer to “Procedure Calls For Block-Structured Languages” in IA-32
Intel
®
Architecture Software Developer's Manual, Vol. 1, Basic Architecture, for
information on the usage of the ENTER instructions. This erratum is not expected to
occur in ring 3. Faults are usually processed in ring 0 and stack switch occurs when
transferring to ring 0. Intel has not observed this erratum on any commercially
available software.
Workaround:
None identified.
Status:
For the steppings affected, see the Summary Tables of Changes.
Summary of Contents for BX80623G530
Page 4: ...4 Specification Update ...
Page 64: ...64 Specification Update ...