Pentium memcpy patch reissued

Robert L Krawitz (
Tue, 2 Apr 1996 19:55:59 -0500

Gerhard Koerting <>
reported memory corruption with my fast memcpy routine when it was
used in both the kernel and a user program. He has since tracked down
the cause and given me a patch. In addition to fixing the problem, he
also fixed the warnings about uninitialized variables. The
description of the problem and solution follows:

From: Gerhard Koerting <>
To: (Robert L Krawitz)

My problems with your memcpy seem to be related to the way Linux saves
the 387 state during task switches: it does the fsave on the exception
coming from a 387 instruction with TS and MP set in cr0-register.
This will happen sometimes at the first fp-instruction of your memcpy.

If I clear TS before memcpy and restore it afterwards I don't get those
changed bytes anymore. Calling math_state_restore() before memcpy corrects
it too.

I include a patch for your memcpy which clears/resets TS in this way
(and optimizes the constraints, but with fewest changes to your original

The patch may be found on my Linux page
( The patch is against
1.3.82, but it will probably work without too much difficulty against
other 1.3.[78]x kernels. I strongly suggest that everyone take the
patch. At worst, just patch copy.c.

Thanks, Gerhard!

Robert Krawitz <>

Member of the League for Programming Freedom -- mail Tall Clubs International -- or 1-800-521-2512