From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from casper.infradead.org (casper.infradead.org [90.155.50.34]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id E68122D9797 for ; Tue, 30 Jun 2026 20:24:31 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=90.155.50.34 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1782851080; cv=none; b=Kh2RDSJ5Pf0Hz9Onrb3gPpU6CanMIeSQ2w57UcwtsvMtyEK+k2gnUnQ6JTyQSVu+0sszIrDyi8aKMk6i6TAITU70qH6YDAmv0iMO87YQOGHPULeClbfbdvFONQiOnlFCom2LnxgK20y/MpdRO5rC+bSlQ4pY5C4hnMGXKRKAxno= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1782851080; c=relaxed/simple; bh=yP2yPL4R/C8QqA3ldtwunLXjysyx49YbjoBtdRQn3Hc=; h=Date:From:To:Cc:Subject:Message-ID:References:MIME-Version: Content-Type:Content-Disposition:In-Reply-To; b=NvzTpYXPEIlOwkYCdFMp95uy7M86Pv66SB7H0Kx9I/ukGUKbs48BDl7qvf5AptZc/nHLo3ud6nVB2g73itx2zO86ADX50LktqtpNrVYCt4qypKMkHsuZwCR1vk2If/7AlwYoMGXBIcCvRk90iQCiZKyhX7W8LEiLZpHxayYZDTQ= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=infradead.org; spf=pass smtp.mailfrom=infradead.org; dkim=pass (2048-bit key) header.d=infradead.org header.i=@infradead.org header.b=qibvi/Sb; arc=none smtp.client-ip=90.155.50.34 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=infradead.org Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=infradead.org Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=infradead.org header.i=@infradead.org header.b="qibvi/Sb" DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=infradead.org; s=casper.20170209; h=In-Reply-To:Content-Type:MIME-Version: References:Message-ID:Subject:Cc:To:From:Date:Sender:Reply-To: Content-Transfer-Encoding:Content-ID:Content-Description; bh=YAq/li/PHhB9OShUrYC8nSbM2+TwEVXjypRPy13s5J0=; b=qibvi/Sb56J7MGkTTdX46ZVecu +oycaRNq3uGcGqzlV0vVOyAzZr5tUaKAwNKVAgO89Jj/PVEMWFpdUvViGPJMY6RoL9uFs5EJSkO/v UG0gI9MKYg9Ee7nz3LGhaLesbNEsOjTqVM+CjAryOm+tAZc9Ioy+d1foHUb3xk/vmn0qQDnCKPJ3r t5eLXH7kRaetszw2KtNAOzzD0mExYxVQ+OTvjD4JoZ4jZDhYx/ZvIGnhHVx6+7xwaVtt8grzimNei QVzc24H6OgyrBXcc/6hYytszcRUiLqfpoNYRcpb9GXC8441gD1dcRjbj7ni/MbwWgzt7XiE62bHZ0 0CqUtnVw==; Received: from 77-249-17-252.cable.dynamic.v4.ziggo.nl ([77.249.17.252] helo=noisy.programming.kicks-ass.net) by casper.infradead.org with esmtpsa (Exim 4.99.1 #2 (Red Hat Linux)) id 1wef0O-00000005UGa-3eDS; Tue, 30 Jun 2026 20:24:29 +0000 Received: by noisy.programming.kicks-ass.net (Postfix, from userid 1000) id 47DA43004F8; Tue, 30 Jun 2026 22:24:27 +0200 (CEST) Date: Tue, 30 Jun 2026 22:24:27 +0200 From: Peter Zijlstra To: Alexander Potapenko Cc: Dmitry Antipov , elver@google.com, dvyukov@google.com, Josh Poimboeuf , Thomas Gleixner , linux-kernel@vger.kernel.org, nathan@kernel.org, nick.desaulniers+lkml@gmail.com, morbo@google.com, justinstitt@google.com Subject: Re: objtool: undefined stack state in folio_zero_user() Message-ID: <20260630202427.GH49529@noisy.programming.kicks-ass.net> References: <35822cf3c35fc6621621f858e94a2b0ce19abf88.camel@yandex.ru> <20260630104434.GC751831@noisy.programming.kicks-ass.net> <20260630135450.GA921102@noisy.programming.kicks-ass.net> <20260630174157.GE48970@noisy.programming.kicks-ass.net> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20260630174157.GE48970@noisy.programming.kicks-ass.net> On Tue, Jun 30, 2026 at 07:41:57PM +0200, Peter Zijlstra wrote: > Also, there is always a 'free' register to store RSP, it is called: RSP > :-) > > Now, clearly I don't actually know much of LLVM internals, but this is > all quite insane. I had Gemini talk me though trying to do this, and while I got the modified llvm to build, I could not actually get it to 'work'. It builds a kernel fine, but it still does the same stupid. The idea was to explicitly allow rematerialization of RSP 'loads'. But like said, it isn't actually helping. FWIW... --- diff --git a/llvm/lib/Target/X86/X86InstrInfo.cpp b/llvm/lib/Target/X86/X86InstrInfo.cpp index 86a5a631ce73..ebec3a7563ca 100644 --- a/llvm/lib/Target/X86/X86InstrInfo.cpp +++ b/llvm/lib/Target/X86/X86InstrInfo.cpp @@ -816,6 +816,13 @@ bool X86InstrInfo::isReMaterializableImpl( case X86::PTILEZEROV: return true; + case X86::MOV64rr: { + const MachineOperand &SrcOp = MI.getOperand(1); + if (SrcOp.isReg() && SrcOp.getReg() == X86::RSP) + return true; + break; + } + case X86::MOV8rm: case X86::MOV8rm_NOREX: case X86::MOV16rm: @@ -964,6 +971,15 @@ void X86InstrInfo::reMaterialize(MachineBasicBlock &MBB, Register DestReg, unsigned SubIdx, const MachineInstr &Orig, LaneBitmask UsedLanes) const { + const DebugLoc &DL = Orig.getDebugLoc(); + if (Orig.getOpcode() == X86::MOV64rr && + Orig.getOperand(1).isReg() && + Orig.getOperand(1).getReg() == X86::RSP) { + BuildMI(MBB, I, DL, get(X86::MOV64rr), DestReg) + .addReg(X86::RSP); + return; + } + bool ClobbersEFLAGS = Orig.modifiesRegister(X86::EFLAGS, &TRI); if (ClobbersEFLAGS && MBB.computeRegisterLiveness(&TRI, X86::EFLAGS, I) != MachineBasicBlock::LQR_Dead) { @@ -984,7 +1000,6 @@ void X86InstrInfo::reMaterialize(MachineBasicBlock &MBB, llvm_unreachable("Unexpected instruction!"); } - const DebugLoc &DL = Orig.getDebugLoc(); BuildMI(MBB, I, DL, get(X86::MOV32ri)) .add(Orig.getOperand(0)) .addImm(Value); diff --git a/llvm/lib/Target/X86/X86RegisterInfo.cpp b/llvm/lib/Target/X86/X86RegisterInfo.cpp index c84e0f441a45..913c28740eef 100644 --- a/llvm/lib/Target/X86/X86RegisterInfo.cpp +++ b/llvm/lib/Target/X86/X86RegisterInfo.cpp @@ -19,6 +19,7 @@ #include "llvm/ADT/BitVector.h" #include "llvm/ADT/STLExtras.h" #include "llvm/ADT/SmallSet.h" +#include "llvm/ADT/StringRef.h" #include "llvm/CodeGen/LiveRegMatrix.h" #include "llvm/CodeGen/MachineFrameInfo.h" #include "llvm/CodeGen/MachineRegisterInfo.h" @@ -1167,6 +1168,32 @@ bool X86RegisterInfo::getRegAllocationHints(Register VirtReg, if (!VRM) return BaseImplRetVal; + if (MachineInstr *DefMI = MRI->getVRegDef(VirtReg)) { + if (DefMI->getOpcode() == X86::MOV64rr && + DefMI->getOperand(1).isReg() && + DefMI->getOperand(1).getReg() == X86::RSP) { + bool IsKMSANTrackingBlock = false; + const MachineBasicBlock *MBB = DefMI->getParent(); + + for (const MachineInstr &MI : *MBB) { + if (MI.isCall() && MI.getOperand(0).isSymbol()) { + StringRef SymName(MI.getOperand(0).getSymbolName()); + if (SymName == "__msan_chain_origin") { + IsKMSANTrackingBlock = true; + break; + } + } + } + + if (IsKMSANTrackingBlock) { + if (llvm::is_contained(Order, X86::RSP)) { + Hints.insert(Hints.begin(), X86::RSP); + return true; + } + } + } + } + if (ID != X86::TILERegClassID) { if (DisableRegAllocNDDHints || !ST.hasNDD() || !TRI.isGeneralPurposeRegisterClass(&RC))