Comment # 27 on bug 1190434 from David Mair 
The following error:

> WARNING: invalid linux_banner pointer: 65762078756e694c
> crash: /var/tmp/vmlinux.xz_CSsIpp and /var/crash/2023-05-02-00:13/vmcore
> do not match!

Occurs due to this:

>     if (!(sp = symbol_search("linux_banner")))
>         error(FATAL, "linux_banner symbol does not exist?\n");
>     else
>         if ((sp->type == 'R') || (sp->type == 'r') ||
>                 (THIS_KERNEL_VERSION >= LINUX(2,6,11) &&
>                 (sp->type == 'D' || sp->type == 'd')) ||
>                 (machine_type("ARM") && sp->type == 'T') ||
>                 (machine_type("ARM64")))
>             linux_banner = symbol_value("linux_banner");
>         else
>             get_symbol_data("linux_banner", sizeof(ulong),

I've re-arranged that slightly to separate the two conditionals, it appears in
crash as a triplet conditional but should operate as above. It is followed by:

>     if (!IS_KVADDR(linux_banner))
>         error(WARNING, "invalid linux_banner pointer: %lx\n",
>             linux_banner);
> 
>     if (!accessible(linux_banner))
>         goto bad_match;

The test for a valid banner is after this but we take the goto bad_match above
because 0x65762078756e694c is ASCII text and is not a KV_ADDR (causing the
WARNING "invalid linux_banner pointer". It is not an accessible memory address
so we goto bad_match even though we are looking at the value of a correct
linux_banner.

You can see the two de-references I described in the code above.
symbol_search() gets a structure with a value member that is the address in the
coredump of the "linux_banner" symbol. We load that successfully from the
coredump and take the else path in the first conditional where the "type"
member of the structure has the value 'R' (character) in the coredump I'm
looking at so we take the true path of the second conditional in the top piece
of code and should use the symbol_value() function to set linux_banner from the
value member of an instance of the same structure as sp. That value is NOT
0x65762078756e694c and if I hack a patch for the above code to force:

> linux_banner = sp->value

rather than use symbol_value("linux_banner") then I DO NOT get the failure at
the top of this message...though with the coredump I have I still can't load it
due to pages excluded from it for per-CPU tasks.

You are receiving this mail because: