Commit 5dfaf90f authored by Ingo Molnar's avatar Ingo Molnar
Browse files

x86: mm: Read cr2 before prefetching the mmap_lock

Prefetch instructions can generate spurious faults on certain
models of older CPUs. The faults themselves cannot be stopped
and they can occur pretty much anywhere - so the way we solve
them is that we detect certain patterns and ignore the fault.

There is one small path of code where we must not take faults
though: the #PF handler execution leading up to the reading
of the CR2 (the faulting address). If we take a fault there
then we destroy the CR2 value (with that of the prefetching
instruction's) and possibly mishandle user-space or
kernel-space pagefaults.

It turns out that in current upstream we do exactly that:


	/* Get the faulting address: */
	address = read_cr2();

This is not good.

So turn around the order: first read the cr2 then prefetch
the lock address. Reading cr2 is plenty fast (2 cycles) so
delaying the prefetch by this amount shouldnt be a big issue

[ And this might explain a mystery fault.c warning that sometimes
  occurs on one an old AMD/Semptron based test-system i have -
  which does have such prefetch problems. ]

Cc: Mathieu Desnoyers <>
Cc: Linus Torvalds <>
Cc: Peter Zijlstra <>
Cc: Nick Piggin <>
Cc: Pekka Enberg <>
Cc: Vegard Nossum <>
Cc: Jeremy Fitzhardinge <>
Cc: Hugh Dickins <>
LKML-Reference: <20090616030522.GA22162@Krystal>
Signed-off-by: default avatarIngo Molnar <>
parent 507fa3a3
......@@ -951,11 +951,11 @@ do_page_fault(struct pt_regs *regs, unsigned long error_code)
tsk = current;
mm = tsk->mm;
/* Get the faulting address: */
address = read_cr2();
if (unlikely(kmmio_fault(regs, address)))
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment