From: Robert Hancock <hancockr@shaw.ca>
To: Paul Jackson <pj@engr.sgi.com>
Cc: linux-kernel@vger.kernel.org
Subject: Re: AMD64 Machine hardlocks when using memset
Date: Fri, 01 Apr 2005 22:50:45 -0600 [thread overview]
Message-ID: <424E24A5.4040102@shaw.ca> (raw)
In-Reply-To: <20050401201105.4a03bda1.pj@engr.sgi.com>
Paul Jackson wrote:
> The x86_64 memset(), both in user space and the kernel, for whatever gcc
> I have, and for a current kernel, uses the "repz stos" or "rep stosq"
> prefixed instruction for the bulk of the copy. This combination is a
> long running, interruptible Intel string instruction that loops on
> itself until the CX register decrements to zero.
>
> Was your windows app using "stos"?
>
> I'll wager a nickel that the actual crash you see comes when the
> processor has to handle an interrupt while in the middle of this
> instruction.
>
> I'll wager a dime it's hardware, though interrupt activity may be
> required to provoke it.
I ended up making a test program which essentially did the same thing
except not using memset (just moving an int* up repeatedly and setting
the value there to 0). That worked fine on both Windows and Linux. I
then tried such a program using a long* compiled as 64-bit on Linux,
that also worked fine. It seems like I can only reproduce it when memset
is actually used..
I don't remember exactly what the Windows memset was using, that was on
my work machine - it was inline assembly though, and I do know that it
had only one instruction for the whole set, so it was likely "repz stos"
or something similar to that.
As it turns out, the memset in my version of glibc x86_64 is not using
such a string instruction though - it seems to be using two different
sets of instructions depending on the size of the memset (not sure
exactly how they're calculating the threshold between these..) For sizes
below the treshold, this is the inner loop - it's using normal mov
instructions:
3: /* Copy 64 bytes. */
mov %r8,(%rcx)
mov %r8,0x8(%rcx)
mov %r8,0x10(%rcx)
mov %r8,0x18(%rcx)
mov %r8,0x20(%rcx)
mov %r8,0x28(%rcx)
mov %r8,0x30(%rcx)
mov %r8,0x38(%rcx)
add $0x40,%rcx
dec %rax
jne 3b
For sizes above the threshold though, this is the inner loop. It's using
movnti which is an SSE cache-bypasssing store:
11: /* Copy 64 bytes without polluting the cache. */
/* We could use movntdq %xmm0,(%rcx) here to further
speed up for large cases but let's not use XMM registers. */
movnti %r8,(%rcx)
movnti %r8,0x8(%rcx)
movnti %r8,0x10(%rcx)
movnti %r8,0x18(%rcx)
movnti %r8,0x20(%rcx)
movnti %r8,0x28(%rcx)
movnti %r8,0x30(%rcx)
movnti %r8,0x38(%rcx)
add $0x40,%rcx
dec %rax
jne 11b
I'm wondering if one does a ton of these cache-bypassing stores whether
something gets hosed because of that. Not sure what that could be
though. I don't imagine the chipset is involved with any of that on the
Athlon 64 - either the CPU or RAM seems the most likely suspect to me
--
Robert Hancock Saskatoon, SK, Canada
To email, remove "nospam" from hancockr@nospamshaw.ca
Home Page: http://www.roberthancock.com/
next prev parent reply other threads:[~2005-04-02 4:51 UTC|newest]
Thread overview: 28+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <3NZDp-4yY-7@gated-at.bofh.it>
[not found] ` <3NZN4-4EZ-1@gated-at.bofh.it>
[not found] ` <3O2rK-6MU-19@gated-at.bofh.it>
[not found] ` <3O34n-7oN-19@gated-at.bofh.it>
[not found] ` <3O4tp-8tL-3@gated-at.bofh.it>
2005-04-01 1:33 ` AMD64 Machine hardlocks when using memset Robert Hancock
[not found] ` <3OmgF-6HV-17@gated-at.bofh.it>
[not found] ` <3OmgF-6HV-15@gated-at.bofh.it>
[not found] ` <3Oy8m-74-15@gated-at.bofh.it>
2005-04-02 2:32 ` Robert Hancock
2005-04-02 4:11 ` Paul Jackson
2005-04-02 4:50 ` Robert Hancock [this message]
2005-04-04 10:45 ` Alan Cox
2005-04-06 8:47 ` Denis Vlasenko
[not found] <3Ojst-4kX-19@gated-at.bofh.it>
[not found] ` <3OGIo-7oY-13@gated-at.bofh.it>
[not found] ` <3OGIo-7oY-15@gated-at.bofh.it>
[not found] ` <3OGIo-7oY-17@gated-at.bofh.it>
[not found] ` <3OGIo-7oY-11@gated-at.bofh.it>
[not found] ` <3OIh7-cc-1@gated-at.bofh.it>
[not found] ` <3OITV-AR-3@gated-at.bofh.it>
[not found] ` <3PxjH-812-3@gated-at.bofh.it>
2005-04-06 4:05 ` Robert Hancock
2005-04-06 7:02 ` Rafael J. Wysocki
2005-04-06 9:31 ` Philip Lawatsch
2005-04-06 10:59 ` Philip Lawatsch
2005-04-06 11:15 ` Arjan van de Ven
2005-04-06 11:22 ` Philip Lawatsch
[not found] <3NTHD-8ih-1@gated-at.bofh.it>
[not found] ` <3NVqb-1iK-33@gated-at.bofh.it>
2005-03-31 4:32 ` Robert Hancock
2005-03-31 4:38 ` Robert Hancock
2005-03-31 7:25 ` Denis Vlasenko
2005-03-31 8:15 ` Paul Jackson
2005-03-31 9:37 ` Philip Lawatsch
2005-03-31 10:15 ` Paul Jackson
2005-03-31 7:41 ` Paul Jackson
2005-03-31 11:40 ` Mikael Pettersson
2005-03-31 18:47 ` Paul Jackson
[not found] ` <3O99L-40N-9@gated-at.bofh.it>
2005-04-01 4:37 ` Robert Hancock
2005-04-01 10:41 ` Denis Vlasenko
2005-04-01 17:27 ` Ray Lee
2005-04-01 19:14 ` Philip Lawatsch
2005-03-30 22:04 Philip Lawatsch
2005-03-31 0:05 ` Matthias-Christian Ott
2005-03-31 14:45 ` Stelian Pop
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=424E24A5.4040102@shaw.ca \
--to=hancockr@shaw.ca \
--cc=linux-kernel@vger.kernel.org \
--cc=pj@engr.sgi.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox