From: Ingo Molnar <mingo@kernel.org>
Date: Mon, 1 Dec 2025 09:42:27 +0000 (+0100)
Subject: objtool: Fix segfault on unknown alternatives
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=6ec33db1aaf06a76fb063610e668f8e12f32ebbf;p=thirdparty%2Flinux.git

objtool: Fix segfault on unknown alternatives

So 'objtool --link -d vmlinux.o' gets surprised by this endbr64+endbr64 pattern
in ___bpf_prog_run():

	___bpf_prog_run:
	1e7680:  ___bpf_prog_run+0x0                                                     push   %r12
	1e7682:  ___bpf_prog_run+0x2                                                     mov    %rdi,%r12
	1e7685:  ___bpf_prog_run+0x5                                                     push   %rbp
	1e7686:  ___bpf_prog_run+0x6                                                     xor    %ebp,%ebp
	1e7688:  ___bpf_prog_run+0x8                                                     push   %rbx
	1e7689:  ___bpf_prog_run+0x9                                                     mov    %rsi,%rbx
	1e768c:  ___bpf_prog_run+0xc                                                     movzbl (%rbx),%esi
	1e768f:  ___bpf_prog_run+0xf                                                     movzbl %sil,%edx
	1e7693:  ___bpf_prog_run+0x13                                                    mov    %esi,%eax
	1e7695:  ___bpf_prog_run+0x15                                                    mov    0x0(,%rdx,8),%rdx
	1e769d:  ___bpf_prog_run+0x1d                                                    jmp    0x1e76a2 <__x86_indirect_thunk_rdx>
	1e76a2:  ___bpf_prog_run+0x22                                                    endbr64
	1e76a6:  ___bpf_prog_run+0x26                                                    endbr64
	1e76aa:  ___bpf_prog_run+0x2a                                                    mov    0x4(%rbx),%edx

And crashes due to blindly dereferencing alt->insn->alt_group.

Bail out on NULL ->alt_group, which produces this warning and continues
with the disassembly, instead of a segfault:

  .git/O/vmlinux.o: warning: objtool: <alternative.1e769d>: failed to disassemble alternative

Cc: Alexandre Chartre <alexandre.chartre@oracle.com>
Cc: Peter Zijlstra (Intel) <peterz@infradead.org>
Cc: Josh Poimboeuf <jpoimboe@kernel.org>
Cc: linux-kernel@vger.kernel.org
Signed-off-by: Ingo Molnar <mingo@kernel.org>
---

diff --git a/tools/objtool/disas.c b/tools/objtool/disas.c
index 441b9306eafcc..2b5059f55e400 100644
--- a/tools/objtool/disas.c
+++ b/tools/objtool/disas.c
@@ -684,6 +684,9 @@ char *disas_alt_name(struct alternative *alt)
 		 *   '?'  unknown flag
 		 */
 
+		if (!alt->insn->alt_group)
+			return NULL;
+
 		feature = alt->insn->alt_group->feature;
 		num = alt_feature(feature);
 		flags = alt_flags(feature);