Vol. 3C 27-13
VM EXITS
— For fault-like VM exits due to attempts to execute one of the following instructions that cause VM exits
unconditionally (see Section 25.1.2) or based on the settings of VM-execution controls (see Section
25.1.3): CLTS, CPUID, ENCLS, GETSEC, HLT, IN, INS, INVD, INVEPT, INVLPG, INVPCID, INVVPID, LGDT,
LIDT, LLDT, LMSW, LTR, MONITOR, MOV CR, MOV DR, MWAIT, OUT, OUTS, PAUSE, RDMSR, RDPMC,
RDRAND, RDSEED, RDTSC, RDTSCP, RSM, SGDT, SIDT, SLDT, STR, VMCALL, VMCLEAR, VMLAUNCH,
VMPTRLD, VMPTRST, VMREAD, VMRESUME, VMWRITE, VMXOFF, VMXON, WBINVD, WRMSR, XRSTORS,
XSETBV, and XSAVES.
1
— For VM exits due to software exceptions (those generated by executions of INT3 or INTO).
— For VM exits due to faults encountered during delivery of a software interrupt, privileged software
exception, or software exception.
— For VM exits due to attempts to effect a task switch via instruction execution. These are VM exits that
produce an exit reason indicating task switch and either of the following:
•
An exit qualification indicating execution of CALL, IRET, or JMP instruction.
•
An exit qualification indicating a task gate in the IDT and an IDT-vectoring information field indicating
that the task gate was encountered during delivery of a software interrupt, privileged software
exception, or software exception.
— For APIC-access VM exits resulting from accesses (see Section 29.4) during delivery of a software
interrupt, privileged software exception, or software exception.
2
— For VM exits due executions of VMFUNC that fail because one of the following is true:
•
EAX indicates a VM function that is not enabled (the bit at position EAX is 0 in the VM-function controls;
see Section 25.5.5.2).
•
EAX = 0 and either ECX ≥ 512 or the value of ECX selects an invalid tentative EPTP value (see Section
In all the above cases, this field receives the length in bytes (1–15) of the instruction (including any instruction
prefixes) whose execution led to the VM exit (see the next paragraph for one exception).
The cases of VM exits encountered during delivery of a software interrupt, privileged software exception, or
software exception include those encountered during delivery of events injected as part of VM entry (see
Section 26.5.1.2). If the original event was injected as part of VM entry, this field receives the value of the VM-
entry instruction length.
All VM exits other than those listed in the above items leave this field undefined.
If the VM exit occurred in enclave mode, this field is cleared (none of the previous items apply).
1. This item applies only to fault-like VM exits. It does not apply to trap-like VM exits following executions of the MOV to CR8 instruc-
tion when the “use TPR shadow” VM-execution control is 1 or to those following executions of the WRMSR instruction when the
“virtualize x2APIC mode” VM-execution control is 1.
2. The VM-exit instruction-length field is not defined following APIC-access VM exits resulting from physical accesses (see Section
29.4.6) even if encountered during delivery of a software interrupt, privileged software exception, or software exception.
Table 27-8. Format of the VM-Exit Instruction-Information Field as Used for INS and OUTS
Bit Position(s) Content
6:0
Undefined.
9:7
Address size:
0: 16-bit
1: 32-bit
2: 64-bit (used only on processors that support Intel 64 architecture)
Other values not used.
14:10
Undefined.