I have reported this before and it also gave a lot of responses, but nothing has been done about, unfortunately :-( The problem is the prefetches in the memcpy function in the kernel. There is spread a number of PREF instructions in the memcpy function, but there is no check if we are prefetching out-side the areas we are copying to/from. This is extremely dangerous because we might prefetch out-side the physical memory area, causing e.g. a bus error or something even more nasty. I recently found something even nastier, it could also hit a DMA buffer region, and thereby break the PCI DMA flushing scheme. For example if the kernel is doing a memcpy from an area that's next to a DMA buffer area, we could end up in a situation where, we are prefetching data into the cache from a memory location that is used for DMA transfer and owned by the device, but the DMA transfer has not yet completed. We then end up in a situation, where the memory and cache is out of sync and the cache is containing some old data. So we definitely need to do something about the prefetches in the memcpy function. We can either get rid of all the prefetches or make sure we don't prefetch out side the "memcpy" area. /Carsten -- _ _ ____ ___ Carsten Langgaard Mailto:carstenl@mips.com |\ /|||___)(___ MIPS Denmark Direct: +45 4486 5527 | \/ ||| ____) Lautrupvang 4B Switch: +45 4486 5555 TECHNOLOGIES 2750 Ballerup Fax...: +45 4486 5556 Denmark http://www.mips.com
