Re: [PATCH] x86/fpu: Delay instruction pointer fixup until after after warning
From: Dave Hansen
Date: Wed Jun 18 2025 - 15:58:26 EST
On 6/18/25 12:51, Alison Schofield wrote:
>> Do not fix up RIP until after printing the warning.
> How was this found and how is the change verified?
Good questions.
I found it from an Intel-internal bug report. It's not clear what's
causing the underlying XRSTOR #GP. But I spent some time scratching my
head about how RIP got pointing to the wrong place. I was blaming the
simulator at first.
I validated the fix using the attached patch. It waits until there's a
program named "dave" running, then corrupts the XSAVE buffer in a way
that will cause XRSTOR to #GP, triggering the warning that was off by an
instruction.
---
b/arch/x86/kernel/fpu/core.c | 3 +++
1 file changed, 3 insertions(+)
diff -puN arch/x86/kernel/fpu/core.c~os_rstor_fun arch/x86/kernel/fpu/core.c
--- a/arch/x86/kernel/fpu/core.c~os_rstor_fun 2025-06-18 11:22:58.583510842 -0700
+++ b/arch/x86/kernel/fpu/core.c 2025-06-18 11:23:46.626730032 -0700
@@ -202,6 +202,9 @@ void restore_fpregs_from_fpstate(struct
*/
mask = fpu_kernel_cfg.max_features & mask;
+ if (!strncmp(current->comm, "dave", 4))
+ fpstate->regs.xsave.header.xcomp_bv = 0;
+
os_xrstor(fpstate, mask);
} else {
if (use_fxsr())
_