Re: [tip:x86/core 16/17] vmlinux.o: warning: objtool: do_jit+0x276: relocation to !ENDBR: .noinstr.text+0x6a60

[Peter Zijlstra]

On Mon, Mar 03, 2025 at 09:11:54AM -0800, Kees Cook wrote:
> On Mon, Mar 03, 2025 at 10:24:59AM +0100, Peter Zijlstra wrote:

> > > >> vmlinux.o: warning: objtool: do_jit+0x276: relocation to !ENDBR: .noinstr.text+0x6a60

> Just for my own curiosity, how did you track this down? (The
> relationship between cfi_bhi and do_jit is not immediately obvious to
> me. Or rather, what was needing DCE?)

If you build dfebe7362f6f461d771cdb9ac2c5172a4721f064 (tip/x86/core^2 so
as to not have the fix) and build a FINEIBT=y kernel with clang-19 (so
as not to have support for kcfi-ariry) then:

$ ./scripts/objdump-func tmp-build/vmlinux.o do_jit
...
0267    6a2a7:  48 c1 e9 20             shr    $0x20,%rcx
026b    6a2ab:  0f 85 16 39 00 00       jne    6dbc7 <do_jit+0x3b87>
0271    6a2b1:  48 8b 44 24 20          mov    0x20(%rsp),%rax
0276    6a2b6:  48 c7 c1 00 00 00 00    mov    $0x0,%rcx        6a2b9: R_X86_64_32S     __bhi_args+0x20
027d    6a2bd:  c6 43 0b e8             movb   $0xe8,0xb(%rbx)
0281    6a2c1:  48 83 c0 10             add    $0x10,%rax
0285    6a2c5:  29 c1                   sub    %eax,%ecx
0287    6a2c7:  89 4b 0c                mov    %ecx,0xc(%rbx)
...


So the reference is to __bhi_args[1], this is the result of
emit_fineibt(.arity=1).

Anyway, the point is that for FINEIBT_BHI=n the __bhi_args[]
array is 'empty' and the +0x20 thing points into random.

What needs DCE is the whole if (cfi_bhi) branch in emit_fineibt(),
making that whole __bhi_args[] reference go away.