17-12 Vol. 3B

DEBUG, BRANCH PROFILE, TSC, AND RESOURCE MONITORING FEATURES

•

BTS_OFF_OS (branch trace off in privileged code) flag (bit 9) — When set, BTS or BTM is skipped if CPL 
is 0. See Section 17.11.2.

•

BTS_OFF_USR (branch trace off in user code) flag (bit 10) — When set, BTS or BTM is skipped if CPL is 
greater than 0. See Section 17.11.2.

•

FREEZE_LBRS_ON_PMI flag (bit 11) — When set, the LBR stack is frozen on a hardware PMI request (e.g. 
when a counter overflows and is configured to trigger PMI). See Section 17.4.7 for details.

•

FREEZE_PERFMON_ON_PMI flag (bit 12) — When set, the performance counters (IA32_PMCx and 
IA32_FIXED_CTRx) are frozen on a PMI request. See Section 17.4.7 for details. 

•

FREEZE_WHILE_SMM_EN (bit 14) — If this bit is set, upon the delivery of an SMI, the processor will clear all 
the enable bits of IA32_PERF_GLOBAL_CTRL, save a copy of the content of IA32_DEBUGCTL and disable LBR, 
BTF, TR, and BTS fields of IA32_DEBUGCTL before transferring control to the SMI handler. Subsequently, the 
enable bits of IA32_PERF_GLOBAL_CTRL will be set to 1, the saved copy of IA32_DEBUGCTL prior to SMI 
delivery will be restored, after the SMI handler issues RSM to complete its service. Note that system software 
must check if the processor supports the IA32_DEBUGCTL.FREEZE_WHILE_SMM_EN control bit. 
IA32_DEBUGCTL.FREEZE_WHILE_SMM_EN is supported if 
IA32_PERF_CAPABILITIES.FREEZE_WHILE_SMM[Bit 12] is reporting 1. See Section 18.18 for details of 
detecting the presence of IA32_PERF_CAPABILITIES MSR.

•

RTM (bit 15) — If this bit is set, advanced debugging of RTM transactional regions is enabled if DR7.RTM is 
also set. See Section 17.3.3.

17.4.2 

Monitoring Branches, Exceptions, and Interrupts

When the LBR flag (bit 0) in the IA32_DEBUGCTL MSR is set, the processor automatically begins recording branch 
records for taken branches, interrupts, and exceptions (except for debug exceptions) in the LBR stack MSRs.
When the processor generates a debug exception (#DB), it automatically clears the LBR flag before executing the 
exception handler. This action does not clear previously stored LBR stack MSRs.
A debugger can use the linear addresses in the LBR stack to re-set breakpoints in the breakpoint address registers 
(DR0 through DR3). This allows a backward trace from the manifestation of a particular bug toward its source.
On some processors, if the LBR flag is cleared and TR flag in the IA32_DEBUGCTL MSR remains set, the processor 
will continue to update LBR stack MSRs. This is because those processors use the entries in the LBR stack in the 
process of generating BTM/BTS records. A #DB does not automatically clear the TR flag.

Figure 17-3.  IA32_DEBUGCTL MSR for Processors based 

on Intel Core

 

microarchitecture

31

TR — Trace messages enable

BTINT — Branch trace interrupt

BTF — Single-step on branches
LBR — Last branch/interrupt/exception

Reserved

8 7 6 5 4 3 2 1   0

BTS — Branch trace store

Reserved

9

10

BTS_OFF_OS — BTS off in OS

BTS_OFF_USR — BTS off in user code

FREEZE_LBRS_ON_PMI

FREEZE_PERFMON_ON_PMI

11

12

14

FREEZE_WHILE_SMM_EN

15

RTM