17-8 Vol. 3B
DEBUG, BRANCH PROFILE, TSC, AND RESOURCE MONITORING FEATURES
17.3.1.1 Instruction-Breakpoint Exception Condition
The processor reports an instruction breakpoint when it attempts to execute an instruction at an address specified
in a breakpoint-address register (DR0 through DR3) that has been set up to detect instruction execution (R/W flag
is set to 0). Upon reporting the instruction breakpoint, the processor generates a fault-class, debug exception
(#DB) before it executes the target instruction for the breakpoint.
Instruction breakpoints are the highest priority debug exceptions. They are serviced before any other exceptions
detected during the decoding or execution of an instruction. However, if a code instruction breakpoint is placed on
an instruction located immediately after a POP SS/MOV SS instruction, the breakpoint may not be triggered. In
most situations, POP SS/MOV SS will inhibit such interrupts (see “MOV—Move” and “POP—Pop a Value from the
Stack” in Chapter 4 of the Intel® 64 and IA-32 Architectures Software Developer’s Manual, Volume 2B).
Because the debug exception for an instruction breakpoint is generated before the instruction is executed, if the
instruction breakpoint is not removed by the exception handler; the processor will detect the instruction breakpoint
again when the instruction is restarted and generate another debug exception. To prevent looping on an instruction
breakpoint, the Intel 64 and IA-32 architectures provide the RF flag (resume flag) in the EFLAGS register (see
Section 2.3, “System Flags and Fields in the EFLAGS Register,” in the Intel® 64 and IA-32 Architectures Software
Developer’s Manual, Volume 3A). When the RF flag is set, the processor ignores instruction breakpoints.
All Intel 64 and IA-32 processors manage the RF flag as follows. The RF Flag is cleared at the start of the instruction
after the check for code breakpoint, CS limit violation and FP exceptions. Task Switches and IRETD/IRETQ instruc-
tions transfer the RF image from the TSS/stack to the EFLAGS register.
When calling an event handler, Intel 64 and IA-32 processors establish the value of the RF flag in the EFLAGS image
pushed on the stack:
•
For any fault-class exception except a debug exception generated in response to an instruction breakpoint, the
value pushed for RF is 1.
•
For any interrupt arriving after any iteration of a repeated string instruction but the last iteration, the value
pushed for RF is 1.
•
For any trap-class exception generated by any iteration of a repeated string instruction but the last iteration,
the value pushed for RF is 1.
•
For other cases, the value pushed for RF is the value that was in EFLAG.RF at the time the event handler was
called. This includes:
— Debug exceptions generated in response to instruction breakpoints
— Hardware-generated interrupts arriving between instructions (including those arriving after the last
iteration of a repeated string instruction)
— Trap-class exceptions generated after an instruction completes (including those generated after the last
iteration of a repeated string instruction)
— Software-generated interrupts (RF is pushed as 0, since it was cleared at the start of the software interrupt)
As noted above, the processor does not set the RF flag prior to calling the debug exception handler for debug
exceptions resulting from instruction breakpoints. The debug exception handler can prevent recurrence of the
instruction breakpoint by setting the RF flag in the EFLAGS image on the stack. If the RF flag in the EFLAGS image
I/O read or write breakpoint, at addresses defined by DRn
and LENn
Bn = 1 and
(Gn or Ln = 1)
R/Wn = 2
Trap
Data read or write (but not instruction fetches), at
addresses defined by DRn and LENn
Bn = 1 and
(Gn or Ln = 1)
R/Wn = 3
Trap
General detect fault, resulting from an attempt to modify
debug registers (usually in conjunction with in-circuit
emulation)
BD = 1
Fault
Task switch
BT = 1
Trap
Table 17-2. Debug Exception Conditions
Debug or Breakpoint Condition
DR6 Flags Tested
DR7 Flags Tested
Exception Class