From nobody Thu Apr 9 16:34:59 2026 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 62CA93EBF37 for ; Fri, 6 Mar 2026 18:28:19 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1772821699; cv=none; b=CpxJgxU/waCx4RocmHMdOmMPy3+hktxo4b6Ny1u4Tlt9BOXxZALAvqu6PdGnXAxwkC+4dm4EXUvkGfTGwyY/g+SGFNG30fZ8NyQQCdt16KCztu57I5+woqEj5UYMYd9nfQs10d12Lm8YzfujQkdbp5dNYsOd8Ipc8fUc8+F91Ag= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1772821699; c=relaxed/simple; bh=GP8kGSLMGHK5Vu7i82PJy/StPaigjcXy04NUyjMQxOw=; h=From:To:Cc:Subject:Date:Message-ID:MIME-Version; b=ZL31L9bMht5iogaM2guyaMXg0voBgKYX9juR5sZk+COVU7PqKxtpdEsXye1R2wGYjxFvXcAiE6dGqhiEXBLQqt4TjnW0wOSPTTdTuUJREImEdPTj7EwTdMT3foVV+OqxANuoOrmY+f8b8p3f3NraG28+w+wGoN2kvF15TRWcYOU= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=EGIZFIIk; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="EGIZFIIk" Received: by smtp.kernel.org (Postfix) with ESMTPSA id D08B2C2BC86; Fri, 6 Mar 2026 18:28:18 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1772821699; bh=GP8kGSLMGHK5Vu7i82PJy/StPaigjcXy04NUyjMQxOw=; h=From:To:Cc:Subject:Date:From; b=EGIZFIIkBSvssY7SdIK5NSVE4j0LExTMT0DykNVim2emEaHdKbIRtK6mTyXpcANw3 tBVMt7rJVcXY+iJxnRs2Zygn47TRn/2fO49o1UCX3RKObuPIEZuO1nq+d7/SsjNM08 nsEsi+z9eeUXXp7dnlFvXgf97rszXEqOG2NfoW6MG9lRws1p5AnLsjQQIA32TudOZi D0UPSMStPQzNQ4PDsurFgC9rO9dgL5Mja0sB/bxRbsAnk0jfVQh28mbCdUYNnbvx1L Q+s5smXDEBFSGtAUXJ+7uJJs0RNilJ2kTUROCp9TIUpcy3ooQOuegl3zYdXTJAPn/Q aXsBQqTT/m2ZQ== From: Josh Poimboeuf To: x86@kernel.org Cc: linux-kernel@vger.kernel.org, Peter Zijlstra , Arnd Bergmann Subject: [PATCH] objtool: Fix another stack overflow in validate_branch() Date: Fri, 6 Mar 2026 10:28:14 -0800 Message-ID: <8b97f62d083457f3b0a29a424275f7957dd3372f.1772821683.git.jpoimboe@kernel.org> X-Mailer: git-send-email 2.53.0 Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" The insn state is getting saved on the stack twice for each recursive iteration. No need for that, once is enough. Fixes the following reported stack overflow: drivers/scsi/qla2xxx/qla_dbg.o: error: SIGSEGV: objtool stack overflow! Segmentation fault Fixes: 70589843b36f ("objtool: Add option to trace function validation") Reported-by: Arnd Bergmann Closes: https://lore.kernel.org/90956545-2066-46e3-b547-10c884582eb0@app.fa= stmail.com Signed-off-by: Josh Poimboeuf --- tools/objtool/check.c | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/tools/objtool/check.c b/tools/objtool/check.c index 786b2f2adbab..91b3ff4803cf 100644 --- a/tools/objtool/check.c +++ b/tools/objtool/check.c @@ -3748,7 +3748,7 @@ static void checksum_update_insn(struct objtool_file = *file, struct symbol *func, static int validate_branch(struct objtool_file *file, struct symbol *func, struct instruction *insn, struct insn_state state); static int do_validate_branch(struct objtool_file *file, struct symbol *fu= nc, - struct instruction *insn, struct insn_state state); + struct instruction *insn, struct insn_state *state); =20 static int validate_insn(struct objtool_file *file, struct symbol *func, struct instruction *insn, struct insn_state *statep, @@ -4013,7 +4013,7 @@ static int validate_insn(struct objtool_file *file, s= truct symbol *func, * tools/objtool/Documentation/objtool.txt. */ static int do_validate_branch(struct objtool_file *file, struct symbol *fu= nc, - struct instruction *insn, struct insn_state state) + struct instruction *insn, struct insn_state *state) { struct instruction *next_insn, *prev_insn =3D NULL; bool dead_end; @@ -4044,7 +4044,7 @@ static int do_validate_branch(struct objtool_file *fi= le, struct symbol *func, return 1; } =20 - ret =3D validate_insn(file, func, insn, &state, prev_insn, next_insn, + ret =3D validate_insn(file, func, insn, state, prev_insn, next_insn, &dead_end); =20 if (!insn->trace) { @@ -4055,7 +4055,7 @@ static int do_validate_branch(struct objtool_file *fi= le, struct symbol *func, } =20 if (!dead_end && !next_insn) { - if (state.cfi.cfa.base =3D=3D CFI_UNDEFINED) + if (state->cfi.cfa.base =3D=3D CFI_UNDEFINED) return 0; if (file->ignore_unreachables) return 0; @@ -4080,7 +4080,7 @@ static int validate_branch(struct objtool_file *file,= struct symbol *func, int ret; =20 trace_depth_inc(); - ret =3D do_validate_branch(file, func, insn, state); + ret =3D do_validate_branch(file, func, insn, &state); trace_depth_dec(); =20 return ret; --=20 2.53.0