XRSTOR—Restore Processor Extended States

Opcode /Instruction Op/En 64/32 bit Mode Support CPUID Feature Flag Description

NP 0F AE /5

XRSTOR mem

M V/V XSAVE Restore state components specified by EDX:EAX from mem.

NP REX.W + 0F AE /5

XRSTOR64 mem

M V/N.E. XSAVE Restore state components specified by EDX:EAX from mem.

Instruction Operand Encoding

Op/En Operand 1 Operand 2 Operand 3 Operand 4
M ModRM:r/m (r) NA NA NA

Description

Performs a full or partial restore of processor state components from the XSAVE area located at the memory address specified by the source operand. The implicit EDX:EAX register pair specifies a 64-bit instruction mask. The specific state components restored correspond to the bits set in the requested-feature bitmap (RFBM), which is the logical-AND of EDX:EAX and XCR0.

The format of the XSAVE area is detailed in Section 13.4, “XSAVE Area,” of Intel® 64 and IA-32 Architectures Soft-ware Developer’s Manual, Volume 1. Like FXRSTOR and FXSAVE, the memory format used for x87 state depends on a REX.W prefix; see Section 13.5.1, “x87 State” of Intel® 64 and IA-32 Architectures Software Developer’s Manual, Volume 1.

Section 13.8, “Operation of XRSTOR,” of Intel® 64 and IA-32 Architectures Software Developer’s Manual, Volume 1 provides a detailed description of the operation of the XRSTOR instruction. The following items provide a high-level outline:

for which RFBM[i] = 0.

Use of a source operand not aligned to 64-byte boundary (for 64-bit and 32-bit modes) results in a general-protec-tion (#GP) exception. In 64-bit mode, the upper 32 bits of RDX and RAX are ignored.

See Section 13.6, “Processor Tracking of XSAVE-Managed State,” of Intel® 64 and IA-32 Architectures Software Developer’s Manual, Volume 1 for discussion of the bitmaps XINUSE and XMODIFIED and of the quantity XRSTOR_INFO.

1.

There is an exception if RFBM[1] = 0 and RFBM[2] = 1. In this case, the standard form of XRSTOR will load MXCSR from memory, even though MXCSR is part of state component 1 — SSE. The compacted form of XRSTOR does not make this exception.

Operation

RFBM := XCR0 AND EDX:EAX;
                                    /* bitwise logical AND */
COMPMASK := XCOMP_BV field from XSAVE header;
RSTORMASK := XSTATE_BV field from XSAVE header;
IF COMPMASK[63] = 0
    THEN
         /* Standard form of XRSTOR */
         TO_BE_RESTORED := RFBM AND RSTORMASK;
         TO_BE_INITIALIZED := RFBM AND NOT RSTORMASK;
         IF TO_BE_RESTORED[0] = 1
              THEN
                    XINUSE[0] := 1;
                    load x87 state from legacy region of XSAVE area;
         ELSIF TO_BE_INITIALIZED[0] = 1
              THEN
                    XINUSE[0] := 0;
                    initialize x87 state;
         FI;
         IF RFBM[1] = 1 OR RFBM[2] = 1
              THEN load MXCSR from legacy region of XSAVE area;
         FI;
         IF TO_BE_RESTORED[1] = 1
              THEN
                    XINUSE[1] := 1;
                    load XMM registers from legacy region of XSAVE area; // this step does not load MXCSR
         ELSIF TO_BE_INITIALIZED[1] = 1
              THEN
                    XINUSE[1] := 0;
                    set all XMM registers to 0; // this step does not initialize MXCSR
         FI;
         FOR i := 2 TO 62
              IF TO_BE_RESTORED[i] = 1
                    THEN
                         XINUSE[i] := 1;
                         load XSAVE state component i at offset n from base of XSAVE area;
                              // n enumerated by CPUID(EAX=0DH,ECX=i):EBX)
              ELSIF TO_BE_INITIALIZED[i] = 1
                    THEN
                         XINUSE[i] := 0;
                         initialize XSAVE state component i;
              FI;
         ENDFOR;
    ELSE
         /* Compacted form of XRSTOR */
         IF CPUID.(EAX=0DH,ECX=1):EAX.XSAVEC[bit 1] = 0
              THEN
                         /* compacted form not supported */
                    #GP(0);
         FI;
         FORMAT = COMPMASK AND 7FFFFFFF_FFFFFFFFH;
         RESTORE_FEATURES = FORMAT AND RFBM;
         TO_BE_RESTORED := RESTORE_FEATURES AND RSTORMASK;
         FORCE_INIT := RFBM AND NOT FORMAT;
         TO_BE_INITIALIZED = (RFBM AND NOT RSTORMASK) OR FORCE_INIT;
         IF TO_BE_RESTORED[0] = 1
              THEN
                    XINUSE[0] := 1;
                    load x87 state from legacy region of XSAVE area;
         ELSIF TO_BE_INITIALIZED[0] = 1
              THEN
                    XINUSE[0] := 0;
                    initialize x87 state;
         FI;
         IF TO_BE_RESTORED[1] = 1
              THEN
                    XINUSE[1] := 1;
                    load SSE state from legacy region of XSAVE area; // this step loads the XMM registers and MXCSR
         ELSIF TO_BE_INITIALIZED[1] = 1
              THEN
                    set all XMM registers to 0;
                    XINUSE[1] := 0;
                    MXCSR := 1F80H;
         FI;
         NEXT_FEATURE_OFFSET = 576;
                                                         // Legacy area and XSAVE header consume 576 bytes
         FOR i := 2 TO 62
              IF FORMAT[i] = 1
                    THEN
                         IF TO_BE_RESTORED[i] = 1
                              THEN
                                    XINUSE[i] := 1;
                                    load XSAVE state component i at offset NEXT_FEATURE_OFFSET from base of XSAVE area;
                         FI;
                         NEXT_FEATURE_OFFSET = NEXT_FEATURE_OFFSET + n (n enumerated by CPUID(EAX=0DH,ECX=i):EAX);
              FI;
              IF TO_BE_INITIALIZED[i] = 1
                    THEN
                         XINUSE[i] := 0;
                         initialize XSAVE state component i;
              FI;
         ENDFOR;
FI;
XMODIFIED := NOT RFBM;
IF in VMX non-root operation
    THEN VMXNR := 1;
    ELSE VMXNR := 0;
FI;
LAXA := linear address of XSAVE area;
XRSTOR_INFO := CPL,VMXNR,LAXA,COMPMASK;

Flags Affected

None.

Intel C/C++ Compiler Intrinsic Equivalent

XRSTOR:

void _xrstor( void * , unsigned __int64);

XRSTOR:

void _xrstor64( void * , unsigned __int64);

Protected Mode Exceptions

#GP(0)

If a memory operand effective address is outside the CS, DS, ES, FS, or GS segment limit.

If a memory operand is not aligned on a 64-byte boundary, regardless of segment.

If bit 63 of the XCOMP_BV field of the XSAVE header is 1 and CPUID.(EAX=0DH,ECX=1):EAX.XSAVEC[bit 1] = 0.

If the standard form is executed and a bit in XCR0 is 0 and the corresponding bit in the XSTATE_BV field of the XSAVE header is 1.

If the standard form is executed and bytes 23:8 of the XSAVE header are not all zero.

If the compacted form is executed and a bit in XCR0 is 0 and the corresponding bit in the XCOMP_BV field of the XSAVE header is 1.

If the compacted form is executed and a bit in the XCOMP_BV field in the XSAVE header is 0 and the corresponding bit in the XSTATE_BV field is 1.

If the compacted form is executed and bytes 63:16 of the XSAVE header are not all zero.

If attempting to write any reserved bits of the MXCSR register with 1.

#SS(0) If a memory operand effective address is outside the SS segment limit.
#PF(fault-code) If a page fault occurs.
#NM If CR0.TS[bit 3] = 1.
#UD

If CPUID.01H:ECX.XSAVE[bit 26] = 0.

If CR4.OSXSAVE[bit 18] = 0.

If the LOCK prefix is used.

#AC If this exception is disabled a general protection exception (#GP) is signaled if the memory operand is not aligned on a 64-byte boundary, as described above. If the alignment check exception (#AC) is enabled (and the CPL is 3), signaling of #AC is not guaranteed and may vary with implementation, as follows. In all implementations where #AC is not signaled, a general protection exception is signaled in its place. In addition, the width of the alignment check may also vary with implementation. For instance, for a given implementation, an align-ment check exception might be signaled for a 2-byte misalignment, whereas a general protec-tion exception might be signaled for all other misalignments (4-, 8-, or 16-byte misalignments).

Real-Address Mode Exceptions

#GP

If a memory operand is not aligned on a 64-byte boundary, regardless of segment.

If any part of the operand lies outside the effective address space from 0 to FFFFH.

If bit 63 of the XCOMP_BV field of the XSAVE header is 1 and CPUID.(EAX=0DH,ECX=1):EAX.XSAVEC[bit 1] = 0.

If the standard form is executed and a bit in XCR0 is 0 and the corresponding bit in the XSTATE_BV field of the XSAVE header is 1.

If the standard form is executed and bytes 23:8 of the XSAVE header are not all zero.

If the compacted form is executed and a bit in XCR0 is 0 and the corresponding bit in the XCOMP_BV field of the XSAVE header is 1.

If the compacted form is executed and a bit in the XCOMP_BV field in the XSAVE header is 0 and the corresponding bit in the XSTATE_BV field is 1.

If the compacted form is executed and bytes 63:16 of the XSAVE header are not all zero.

If attempting to write any reserved bits of the MXCSR register with 1.

#NM If CR0.TS[bit 3] = 1.
#UD

If CPUID.01H:ECX.XSAVE[bit 26] = 0.

If CR4.OSXSAVE[bit 18] = 0.

If the LOCK prefix is used.

Virtual-8086 Mode Exceptions

Same exceptions as in protected mode

Compatibility Mode Exceptions

Same exceptions as in protected mode.

64-Bit Mode Exceptions

#GP(0)

If a memory address is in a non-canonical form.

If a memory operand is not aligned on a 64-byte boundary, regardless of segment.

If bit 63 of the XCOMP_BV field of the XSAVE header is 1 and CPUID.(EAX=0DH,ECX=1):EAX.XSAVEC[bit 1] = 0.

If the standard form is executed and a bit in XCR0 is 0 and the corresponding bit in the XSTATE_BV field of the XSAVE header is 1.

If the standard form is executed and bytes 23:8 of the XSAVE header are not all zero.

If the compacted form is executed and a bit in XCR0 is 0 and the corresponding bit in the XCOMP_BV field of the XSAVE header is 1.

If the compacted form is executed and a bit in the XCOMP_BV field in the XSAVE header is 0 and the corresponding bit in the XSTATE_BV field is 1.

If the compacted form is executed and bytes 63:16 of the XSAVE header are not all zero.

If attempting to write any reserved bits of the MXCSR register with 1.

#SS(0) If a memory address referencing the SS segment is in a non-canonical form.
#PF(fault-code) If a page fault occurs.
#NM If CR0.TS[bit 3] = 1.
#UD

If CPUID.01H:ECX.XSAVE[bit 26] = 0.

If CR4.OSXSAVE[bit 18] = 0.

If the LOCK prefix is used.

#AC If this exception is disabled a general protection exception (#GP) is signaled if the memory operand is not aligned on a 64-byte boundary, as described above. If the alignment check exception (#AC) is enabled (and the CPL is 3), signaling of #AC is not guaranteed and may vary with implementation, as follows. In all implementations where #AC is not signaled, a general protection exception is signaled in its place. In addition, the width of the alignment check may also vary with implementation. For instance, for a given implementation, an align-ment check exception might be signaled for a 2-byte misalignment, whereas a general protec-tion exception might be signaled for all other misalignments (4-, 8-, or 16-byte misalignments).