INTEL
®
CELERON® PROCESSOR SPECIFICATION UPDATE
43
C37.
SYSENTER/SYSEXIT Instructions Can Implicitly Load “Null
Segment Selector” to SS and CS Registers
Problem:
According to the processor specification, attempting to load a null segment selector into the CS
and SS segment registers should generate a General Protection Fault (#GP). Although loading a null segment
selector to the other segment registers is allowed, the processor will generate an exception when the segment
register holding a null selector is used to access memory.
However, the SYSENTER instruction can implicitly load a null value to the SS segment selector. This can
occur if the value in SYSENTER_CS_MSR is between FFF8h and FFFBh when the SYSENTER instruction is
executed. This behavior is part of the SYSENTER/SYSEXIT instruction definition; the content of the
SYSTEM_CS_MSR is always incremented by 8 before it is loaded into the SS. This operation will set the null
bit in the segment selector if a null result is generated, but it does not generate a #GP on the SYSENTER
instruction itself. An exception will be generated as expected when the SS register is used to access memory,
however.
The SYSEXIT instruction will also exhibit this behavior for both CS and SS when executed with the value in
SYSENTER_CS_MSR between FFF0h and FFF3h, or between FFE8h and FFEBh.
Implication:
These instructions are intended for operating system use. If this erratum occurs (and the OS
does not ensure that the processor never has a null segment selector in the SS or CS segment registers), the
processor’s behavior may become unpredictable, possibly resulting in system failure.
Workaround:
Do not initialize the SYSTEM_CS_MSR with the values between FFF8h and FFFBh, FFF0h
and FFF3h, or FFE8h and FFEBh before executing SYSENTER or SYSEXIT.
Status:
For the steppings affected see the
Summary of Changes
at the beginning of this section.
C38.
PRELOAD Followed by EXTEST Does Not Load Boundary
Scan Data
Problem:
According to the IEEE 1149.1 Standard, the EXTEST instruction would use data “typically loaded
onto the latched parallel outputs of boundary-scan shift-register stages using the SAMPLE/PRELOAD
instruction prior to the selection of the EXTEST instruction.” As a result of this erratum, this method cannot be
used to load the data onto the outputs.
Implication:
Using the PRELOAD instruction prior to the EXTEST instruction will not produce expected data
after the completion of EXTEST.
Workaround:
None identified
Status:
For the steppings affected see the
Summary of Changes
at the beginning of this section.