Re: [PATCH] KVM: x86: Fix incorrect memory constraint for FXSAVE in emulator

Next message: Konrad Dybcio: "Re: [PATCH 1/1] arm64: dts: qcom: monaco-evk: Add Mezzanine"
Previous message: Andy Shevchenko: "Re: [PATCH 0/2] Add support for Microchip MCP48FxBy1/2/4/8 DAC with an SPI Interface"
In reply to: Paolo Bonzini: "Re: [PATCH] KVM: x86: Fix incorrect memory constraint for FXSAVE in emulator"
Next in thread: Sean Christopherson: "Re: [PATCH] KVM: x86: Fix incorrect memory constraint for FXSAVE in emulator"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Uros Bizjak

Date: Thu Feb 12 2026 - 08:40:07 EST

On Thu, Feb 12, 2026 at 2:05 PM Paolo Bonzini <pbonzini@xxxxxxxxxx> wrote:
>
> On 2/12/26 11:27, Uros Bizjak wrote:
> > The inline asm used to invoke FXSAVE in em_fxsave() and fxregs_fixup()
> > incorrectly specifies the memory operand as read-write ("+m"). FXSAVE
> > does not read from the destination operand; it only writes the current
> > FPU state to memory.
> >
> > Using a read-write constraint is incorrect and misleading, as it tells
> > the compiler that the previous contents of the buffer are consumed by
> > the instruction. In both cases, the buffer passed to FXSAVE is
> > uninitialized, and marking it as read-write can therefore create a
> > false dependency on uninitialized memory.
> >
> > Fix the constraint to write-only ("=m") to accurately describe the
> > instruction’s behavior and avoid implying that the buffer is read.
>
> IIRC FXSAVE/FXRSTOR may (at least on some microarchitectures?) leave
> reserved fields untouched.
>
> Intel suggests writing zeros first, and then the "+m" constraint would
> be the right one because "=m" would cause the memset to be dead.

Please note that the struct is not initialized before fxsave, so if
"+m" is required, the struct should be initialized.

Uros.