From: Peter Zijlstra <peterz@infradead.org>
To: Alexander Potapenko <glider@google.com>
Cc: Dmitry Antipov <dmantipov@yandex.ru>,
elver@google.com, dvyukov@google.com,
Josh Poimboeuf <jpoimboe@kernel.org>,
Thomas Gleixner <tglx@kernel.org>,
linux-kernel@vger.kernel.org, nathan@kernel.org,
nick.desaulniers+lkml@gmail.com, morbo@google.com,
justinstitt@google.com
Subject: Re: objtool: undefined stack state in folio_zero_user()
Date: Tue, 30 Jun 2026 22:24:27 +0200 [thread overview]
Message-ID: <20260630202427.GH49529@noisy.programming.kicks-ass.net> (raw)
In-Reply-To: <20260630174157.GE48970@noisy.programming.kicks-ass.net>
On Tue, Jun 30, 2026 at 07:41:57PM +0200, Peter Zijlstra wrote:
> Also, there is always a 'free' register to store RSP, it is called: RSP
> :-)
>
> Now, clearly I don't actually know much of LLVM internals, but this is
> all quite insane.
I had Gemini talk me though trying to do this, and while I got the
modified llvm to build, I could not actually get it to 'work'. It builds
a kernel fine, but it still does the same stupid.
The idea was to explicitly allow rematerialization of RSP 'loads'. But
like said, it isn't actually helping.
FWIW...
---
diff --git a/llvm/lib/Target/X86/X86InstrInfo.cpp b/llvm/lib/Target/X86/X86InstrInfo.cpp
index 86a5a631ce73..ebec3a7563ca 100644
--- a/llvm/lib/Target/X86/X86InstrInfo.cpp
+++ b/llvm/lib/Target/X86/X86InstrInfo.cpp
@@ -816,6 +816,13 @@ bool X86InstrInfo::isReMaterializableImpl(
case X86::PTILEZEROV:
return true;
+ case X86::MOV64rr: {
+ const MachineOperand &SrcOp = MI.getOperand(1);
+ if (SrcOp.isReg() && SrcOp.getReg() == X86::RSP)
+ return true;
+ break;
+ }
+
case X86::MOV8rm:
case X86::MOV8rm_NOREX:
case X86::MOV16rm:
@@ -964,6 +971,15 @@ void X86InstrInfo::reMaterialize(MachineBasicBlock &MBB,
Register DestReg, unsigned SubIdx,
const MachineInstr &Orig,
LaneBitmask UsedLanes) const {
+ const DebugLoc &DL = Orig.getDebugLoc();
+ if (Orig.getOpcode() == X86::MOV64rr &&
+ Orig.getOperand(1).isReg() &&
+ Orig.getOperand(1).getReg() == X86::RSP) {
+ BuildMI(MBB, I, DL, get(X86::MOV64rr), DestReg)
+ .addReg(X86::RSP);
+ return;
+ }
+
bool ClobbersEFLAGS = Orig.modifiesRegister(X86::EFLAGS, &TRI);
if (ClobbersEFLAGS && MBB.computeRegisterLiveness(&TRI, X86::EFLAGS, I) !=
MachineBasicBlock::LQR_Dead) {
@@ -984,7 +1000,6 @@ void X86InstrInfo::reMaterialize(MachineBasicBlock &MBB,
llvm_unreachable("Unexpected instruction!");
}
- const DebugLoc &DL = Orig.getDebugLoc();
BuildMI(MBB, I, DL, get(X86::MOV32ri))
.add(Orig.getOperand(0))
.addImm(Value);
diff --git a/llvm/lib/Target/X86/X86RegisterInfo.cpp b/llvm/lib/Target/X86/X86RegisterInfo.cpp
index c84e0f441a45..913c28740eef 100644
--- a/llvm/lib/Target/X86/X86RegisterInfo.cpp
+++ b/llvm/lib/Target/X86/X86RegisterInfo.cpp
@@ -19,6 +19,7 @@
#include "llvm/ADT/BitVector.h"
#include "llvm/ADT/STLExtras.h"
#include "llvm/ADT/SmallSet.h"
+#include "llvm/ADT/StringRef.h"
#include "llvm/CodeGen/LiveRegMatrix.h"
#include "llvm/CodeGen/MachineFrameInfo.h"
#include "llvm/CodeGen/MachineRegisterInfo.h"
@@ -1167,6 +1168,32 @@ bool X86RegisterInfo::getRegAllocationHints(Register VirtReg,
if (!VRM)
return BaseImplRetVal;
+ if (MachineInstr *DefMI = MRI->getVRegDef(VirtReg)) {
+ if (DefMI->getOpcode() == X86::MOV64rr &&
+ DefMI->getOperand(1).isReg() &&
+ DefMI->getOperand(1).getReg() == X86::RSP) {
+ bool IsKMSANTrackingBlock = false;
+ const MachineBasicBlock *MBB = DefMI->getParent();
+
+ for (const MachineInstr &MI : *MBB) {
+ if (MI.isCall() && MI.getOperand(0).isSymbol()) {
+ StringRef SymName(MI.getOperand(0).getSymbolName());
+ if (SymName == "__msan_chain_origin") {
+ IsKMSANTrackingBlock = true;
+ break;
+ }
+ }
+ }
+
+ if (IsKMSANTrackingBlock) {
+ if (llvm::is_contained(Order, X86::RSP)) {
+ Hints.insert(Hints.begin(), X86::RSP);
+ return true;
+ }
+ }
+ }
+ }
+
if (ID != X86::TILERegClassID) {
if (DisableRegAllocNDDHints || !ST.hasNDD() ||
!TRI.isGeneralPurposeRegisterClass(&RC))
next prev parent reply other threads:[~2026-06-30 20:24 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <35822cf3c35fc6621621f858e94a2b0ce19abf88.camel@yandex.ru>
2026-06-30 10:44 ` objtool: undefined stack state in folio_zero_user() Peter Zijlstra
2026-06-30 12:31 ` Dmitry Antipov
2026-06-30 13:54 ` Peter Zijlstra
2026-06-30 14:14 ` Alexander Potapenko
2026-06-30 17:41 ` Peter Zijlstra
2026-06-30 20:24 ` Peter Zijlstra [this message]
2026-06-30 18:36 ` Thomas Gleixner
2026-07-01 15:18 ` Alexander Potapenko
2026-07-01 16:23 ` Alexander Potapenko
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20260630202427.GH49529@noisy.programming.kicks-ass.net \
--to=peterz@infradead.org \
--cc=dmantipov@yandex.ru \
--cc=dvyukov@google.com \
--cc=elver@google.com \
--cc=glider@google.com \
--cc=jpoimboe@kernel.org \
--cc=justinstitt@google.com \
--cc=linux-kernel@vger.kernel.org \
--cc=morbo@google.com \
--cc=nathan@kernel.org \
--cc=nick.desaulniers+lkml@gmail.com \
--cc=tglx@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox