https://gcc.gnu.org/bugzilla/show_bug.cgi?id=85230
--- Comment #16 from Dmitry Vyukov <dvyukov at google dot com> --- Here is disasm of the function with the patch: https://gist.githubusercontent.com/dvyukov/e9dca961ceb436049cf5881b3307b104/raw/05ed3daff60d00eb71ca7a85be707d6d5eca3c47/gistfile1.txt And the epilogue: ffffffff8305fe5f: 48 8d 75 d8 lea -0x28(%rbp),%rsi ffffffff8305fe63: 48 89 e7 mov %rsp,%rdi ffffffff8305fe66: e8 35 a9 ac fe callq ffffffff81b2a7a0 <__asan_allocas_unpoison> ffffffff8305fe6b: 44 89 f0 mov %r14d,%eax ffffffff8305fe6e: 48 8b 4d d0 mov -0x30(%rbp),%rcx ffffffff8305fe72: 65 48 33 0c 25 28 00 xor %gs:0x28,%rcx ffffffff8305fe79: 00 00 ffffffff8305fe7b: 0f 85 5f 01 00 00 jne ffffffff8305ffe0 <crypto_shash_update+0x280> ffffffff8305fe81: 48 8d 65 d8 lea -0x28(%rbp),%rsp ffffffff8305fe85: 5b pop %rbx ffffffff8305fe86: 41 5c pop %r12 ffffffff8305fe88: 41 5d pop %r13 ffffffff8305fe8a: 41 5e pop %r14 ffffffff8305fe8c: 41 5f pop %r15 ffffffff8305fe8e: 5d pop %rbp ffffffff8305fe8f: c3 retq Kernel boots. So far I don't see these alloca-related false positives. If I see something suspicious I will post here, but otherwise consider that everything is good. Thanks!