Received: by 2002:ac0:a594:0:0:0:0:0 with SMTP id m20-v6csp1944555imm; Sat, 12 May 2018 03:11:55 -0700 (PDT) X-Google-Smtp-Source: AB8JxZqBf+7A90AtX430ZA5hbi0/OOIa7f494fnY+uQvvHhRyYf0iYPtvUZf2T5hQtYhBYcZbhO3 X-Received: by 2002:a62:dc4e:: with SMTP id t75-v6mr2496649pfg.139.1526119915476; Sat, 12 May 2018 03:11:55 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1526119915; cv=none; d=google.com; s=arc-20160816; b=gP+54ravRCsXQpISKrntiZcf2U1r9d1qadTHJ0AGmsR9CLoa6Q4UySPa9pVuL1A/IN Kzgu3a+y4H2DngapcI0nsj/Tmq6VwemuBWWoz7xlo6XywydczkhPPtg8QZ2tbAiATUvD wS/EIR0NIiyl3PoHb8MvVzJ2X8SHSDfgcHzDDDSFZ5frgCgZOHf69y7zbSsIZxTNUY2K kMqa6Bb4CZmxxWzmcTDZdVAZE0tUMchig3IquTzj/aOEr86Nvs9RgvAAazZWNpVUbYSI 8TXiJ6WMQK/SiBSXDUG/dfnOL3rlHlNWrdZf2yv4AMcXYBMp5uipw2GeUbYae3L6ha/P aJEA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :references:in-reply-to:mime-version:dkim-signature :arc-authentication-results; bh=z/i63dEpEbsc6AvANj3WpH62WtXRiyx5ibtgbDejQS4=; b=KAZtZbGVF/WXlcKpP+j+8uR+R7g3bn4d7IbjjToLXFmVb9oDAeLiLFH8DNwn9t1r4l 6ppRYtTB6HLhyZL1yBWOXE1YHxmMTQIcdlQOmcyQza18EHzTbbl2RxMj3QpAT+99+G+F k7FGrvOmV26iSib0N7+iU93BlJgtT16CTlArBlFfQcaw8TLoehGE5rN4Sq4R6jWSChx8 MOi7J+snTgI8zdxbltPtXUr/3AbnwamD2bp0SUz4Sgkf3tjLDD73bkAJ+nBe3URUBLqM t+STY6od7XMQYWAJ2gsUdCpOHWlgjIf7R1kLTn//8/8et/5CHVJDnh8FTW6ki+tF3nqP qz2Q== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=QO7tPwfw; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id x11-v6si4793226pln.163.2018.05.12.03.11.40; Sat, 12 May 2018 03:11:55 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=QO7tPwfw; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1751228AbeELKLV (ORCPT + 99 others); Sat, 12 May 2018 06:11:21 -0400 Received: from mail-it0-f65.google.com ([209.85.214.65]:40416 "EHLO mail-it0-f65.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1750854AbeELKLT (ORCPT ); Sat, 12 May 2018 06:11:19 -0400 Received: by mail-it0-f65.google.com with SMTP id j186-v6so5167161ita.5 for ; Sat, 12 May 2018 03:11:18 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=z/i63dEpEbsc6AvANj3WpH62WtXRiyx5ibtgbDejQS4=; b=QO7tPwfwbb2qHERRiLD8qLBpunEbyWq8jhSfJpP53eSjGmSEPItPcxWuGweksEhd0u eLlIc+XkN6qKwudERNEHYBwyn0q+P4uzErAiA6jBlt54LkQyAo6Hbm1gN7hH6xwygs6b I1KyXr6ey/s5UNvGNC/drOVMv8T6QMgu5ctTg= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=z/i63dEpEbsc6AvANj3WpH62WtXRiyx5ibtgbDejQS4=; b=oR1fr1luhO8TWrYSNEpw1CBzwHB/JsZfA7X0dAt+v+3CFqloHWWtRg0eVx2r2FNWW/ xG0zmYM8wjfWMiBqdWVTqbHK5NxJR8EQgSftWdk/kMwNLiabyvD26C4JCmQiQpNwA2aU o8uT1vHh4iaPIoeC+weXNimiGowGOjwcbUyj85lSApsdNV4gjFcDv9TBRswGhStx9TXs 1LlvqDIYl88dohD6d8VzqaOaMlO25b/SNWz7SfhNuLy2WKqhUyAxFD+ZaxHsqVtymuVG pr/ilUqpTuVfokCgdxXO2zkpIqpM6xwpKeV7zAkjYts+TwVc+knB/0MIN2aLnz9t3MZY 13Lw== X-Gm-Message-State: ALKqPwdWoXFC7U0g4zMu/374xC9SBqUDA/cLc08Dg2zVqNWurenYyujk ChxrajUlg+W9XP13CkksbVGfjBazMSnVeRQ+hfhwsw== X-Received: by 2002:a24:5091:: with SMTP id m139-v6mr1505595itb.50.1526119878451; Sat, 12 May 2018 03:11:18 -0700 (PDT) MIME-Version: 1.0 Received: by 10.107.187.134 with HTTP; Sat, 12 May 2018 03:11:17 -0700 (PDT) In-Reply-To: References: <001a11449aa2faf11805643af581@google.com> <20180202221829.tdiji2332t7orcxj@gmail.com> From: Ard Biesheuvel Date: Sat, 12 May 2018 12:11:17 +0200 Message-ID: Subject: Re: WARNING: kernel stack regs has bad 'bp' value (3) To: Dmitry Vyukov Cc: Arnd Bergmann , Eric Biggers , syzbot , Herbert Xu , David Miller , "open list:HARDWARE RANDOM NUMBER GENERATOR CORE" , LKML , Josh Poimboeuf , syzkaller-bugs Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 12 May 2018 at 11:50, Dmitry Vyukov wrote: > On Sat, May 12, 2018 at 11:09 AM, Ard Biesheuvel > wrote: >> (+ Arnd) >> >> On 12 May 2018 at 10:43, Dmitry Vyukov wrote: >>> On Fri, Feb 2, 2018 at 11:18 PM, Eric Biggers wrote: >>>> On Fri, Feb 02, 2018 at 02:57:32PM +0100, Dmitry Vyukov wrote: >>>>> On Fri, Feb 2, 2018 at 2:48 PM, syzbot >>>>> wrote: >>>>> > Hello, >>>>> > >>>>> > syzbot hit the following crash on upstream commit >>>>> > 7109a04eae81c41ed529da9f3c48c3655ccea741 (Thu Feb 1 17:37:30 2018 +0000) >>>>> > Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/ide >>>>> > >>>>> > So far this crash happened 4 times on net-next, upstream. >>>>> > C reproducer is attached. >>>>> > syzkaller reproducer is attached. >>>>> > Raw console output is attached. >>>>> > compiler: gcc (GCC) 7.1.1 20170620 >>>>> > .config is attached. >>>>> >>>>> >>>>> From suspicious frames I see salsa20_asm_crypt there, so +crypto maintainers. >>>>> >>>> >>>> Looks like the x86 implementations of Salsa20 (both i586 and x86_64) need to be >>>> updated to not use %ebp/%rbp. >>> >>> Ard, >>> >>> This was bisected as introduced by: >>> >>> commit 83dee2ce1ae791c3dc0c9d4d3a8d42cb109613f6 >>> Author: Ard Biesheuvel >>> Date: Fri Jan 19 12:04:34 2018 +0000 >>> >>> crypto: sha3-generic - rewrite KECCAK transform to help the >>> compiler optimize >>> >>> https://gist.githubusercontent.com/dvyukov/47f93f5a0679170dddf93bc019b42f6d/raw/65beac8ddd30003bbd4e9729236dc8572094abf7/gistfile1.txt >> >> Ouch. >> >> I'm not an expert in x86 assembly. Could someone please check the >> generated code to see what's going on? The C code changes are not that >> intricate, they basically unroll a loop, replacing accesses to >> 'array[indirect_index[i]]' with 'array[constant]'. >> >> As mentioned in the commit log, the speedup is more than significant >> for architectures with lots of GPRs so I'd prefer fixing the patch >> over reverting it (if there is anything wrong with the code in the >> first place) > > I suspect the problem is with __attribute__((__optimize__("O3"))). It > makes compiler use rbp register, which must not be used. IIRC, the additional speedup from adding that was significant but not huge. Given that we don't use O3 anywhere else, I guess we should just remove it. Could you please check whether that makes the issue go away? If so, Acked-by: Ard Biesheuvel for any patch that removes the O3 attribute override from keccakf() Thanks, Ard.