Fix invalid MXCSR restore on Linux i386 after SIGFPE

Floating-point exception handling calls restoreControlRegs() from the
SIGFPE handler before throwing a C++ MathExc. On Linux i386, when the
kernel _fpstate magic field was non-zero, the code passed 0 to
LDMXCSR. An all-zero MXCSR is not a valid control register value on
x86 and leaves SSE in a corrupt state, which showed up as crashes
inside libstdc++ (for example std::ostream::sentry) on i686 CI runs.

Read MXCSR from the live CPU when the saved frame does not use the
expected layout (magic != 0), and never load zero: substitute the
usual hardware default 0x1f80 before setMxcsr applies the
clearExceptions mask.

Made-with: Cursor
Signed-off-by: Cary Phillips <cary@ilm.com>

Author: cary-ilm

src/lib/Iex/IexMathFpu.cpp

@@ -252,7 +252,17 @@ restoreControlRegs (const ucontext_t& ucon, bool clearExceptions)
 
     _fpstate* kfp = reinterpret_cast<_fpstate*> (ucon.uc_mcontext.fpregs);
 #        if defined(__linux__) && defined(__i386__)
-    setMxcsr (kfp->magic == 0 ? kfp->mxcsr : 0, clearExceptions);
+    //
+    // Choose MXCSR from the signal-frame _fpstate when magic == 0 (kernel
+    // layout matches this struct); otherwise read it from the CPU because
+    // the saved mxcsr offset may not apply. LDMXCSR must not be given 0,
+    // which is not a valid control value on x86—substitute 0x1f80 (typical
+    // default) before setMxcsr clears sticky exception bits per
+    // clearExceptions.
+    //
+    uint32_t mxcsr = (kfp->magic == 0) ? kfp->mxcsr : getMxcsr ();
+    if (mxcsr == 0) mxcsr = 0x1f80;
+    setMxcsr (mxcsr, clearExceptions);
 #        else
     setMxcsr (kfp->mxcsr, clearExceptions);
 #        endif