On Thu, Apr 10, 2025, Ross Philipson wrote:
> + /*
> + * Get a pointer to the monitor location on this APs stack to test below
> + * after mwait returns. Currently %esp points to just past the pushed
> APIC
> + * ID value.
> + */
> + movl %esp, %eax
> + subl $(TXT_BOOT_STACK_SIZE - 4), %eax
> + movl $0, (%eax)
> +
> + /* Clear ecx/edx so no invalid extensions or hints are passed to
> monitor */
> + xorl %ecx, %ecx
> + xorl %edx, %edx
> +
> + /*
> + * Arm the monitor and wait for it to be poked by he SMP bringup code.
> The mwait
s/he/the
> + * instruction can return for a number of reasons. Test to see if it
> returned
> + * because the monitor was written to.
> + */
> + monitor
> +
> +1:
> + mfence
> + mwait
> + movl (%eax), %edx
Why load the value into EDX? At a glance, the value is never consumed.
> + testl %edx, %edx
> + jz 1b
This usage of MONITOR/MWAIT is flawed. The monitor needs to be re-armed in each
loop, otherwise mwait will be a glorified nop.
More importantly, the exit condition needs to be checked before monitor, even on
the first iteration. In the (probably extremely unlikely) scenario that the
write
to wake the CPU arrives before MONITOR is executed, this CPU may get stuck
waiting
indefinitely.
E.g. something like:
1:
monitor
cmpl (%eax), 0
jnz 2f
mwait
jmp 1b
2:
