Skip to content
Permalink

Comparing changes

Choose two branches to see what’s changed or to start a new pull request. If you need to, you can also or learn more about diff comparisons.

Open a pull request

Create a new pull request by comparing changes across two branches. If you need to, you can also . Learn more about diff comparisons here.
base repository: Vector35/binaryninja-api
Failed to load repositories. Confirm that selected base ref is valid, then try again.
Loading
base: dev
Choose a base ref
...
head repository: Vector35/binaryninja-api
Failed to load repositories. Confirm that selected head ref is valid, then try again.
Loading
compare: test_linux_bug_table_reloc
Choose a head ref
Checking mergeability… Don’t worry, you can still create the pull request.
  • 2 commits
  • 2 files changed
  • 2 contributors

Commits on Jun 25, 2026

  1. linux kernel: parse __bug_table and NOP-patch WARN_ON sites via reloc…

    …ation
    
    Add ElfView::ParseLinuxKernelBugTable() called at the end of Init(). For
    every WARN_ON brk/ud2 entry in the Linux kernel __bug_table ELF section a
    synthetic LINUX_BUG_TABLE_WARN_NOP_RELOC relocation is registered at the
    instruction address via DefineRelocation().
    
    The arch ELF relocation handlers now handle this synthetic nativeType in
    their ApplyRelocation() overrides:
      - Arm64ElfRelocationHandler: writes arm64 NOP (1F 20 03 D5)
      - x64ElfRelocationHandler:   writes data16 nop (66 90)
    
    When the segment cache is first built, ApplyRelocation patches those 4/2
    bytes in-cache (original file bytes are preserved in the parent view).
    GetInstructionInfo and GetInstructionLowLevelIL then see a NOP and
    naturally produce fallthrough CFG edges and Nop LLIL — no ArchitectureHook
    is required.
    
    BUG() sites (flags == 0) are left as-is so brk/ud2 continues to terminate.
    
    Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
    Weitao-Sun and claude committed Jun 25, 2026
    Configuration menu
    Copy the full SHA
    dffd467 View commit details
    Browse the repository at this point in the history

Commits on Jun 29, 2026

  1. linux kernel: patch WARN_ON sites via direct parent-view write, not r…

    …elocation
    
    Replace the synthetic LINUX_BUG_TABLE_WARN_NOP_RELOC relocation approach with
    a direct write of NOP bytes to the parent view at the corresponding file offset
    during ElfView::Init().
    
    Using DefineRelocation() created a code reference at every WARN_ON brk/ud2
    address, causing BN to recognise a spurious function start there and split the
    containing function into incorrectly-classified tail calls. Writing directly to
    the parent view before the segment cache is built avoids any code reference and
    ensures analysis never sees the original trap instruction.
    
    Remove linux_bug_table_reloc.h and the LINUX_BUG_TABLE_WARN_NOP_RELOC case from
    both the arm64 and x86 relocation handlers.
    
    Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
    Weitao-Sun and claude committed Jun 29, 2026
    Configuration menu
    Copy the full SHA
    a3c4b31 View commit details
    Browse the repository at this point in the history
Loading