Comment # 26 on bug 1190434 from David Mair 
(In reply to Fabian Vogt from comment #25)
> Still broken:
> https://openqa.opensuse.org/tests/3388914#step/kdump_and_crash/60
> 
> Any news?

I'm working on that for other reasons to this bug:

> WARNING: invalid linux_banner pointer: 65762078756e694c
> crash: /var/tmp/vmlinux.xz_kZfkHM and /var/crash/2023-06-28-05-53/vmcore do
> not match!

The second item can be ignored, whether or not the vmlinux and vmcore do not
match is actually unknown because the real problem is the invalid linux_banner
which is demonstrably actually valid.

The linux_banner is the a string variable beginning with the text "Linux
version". If you sort the hex value 65762078756e694c into byte order it is
actually the ASCII value "Linux ve", the first 8 bytes of the banner text.

It happens in initializing crash from the coredump when it attempts to do the
following:

* Get the address in the coredump of the linux_banner variable
* De-reference the linux_banner variable to get the address of the banner text
* Compare the banner text with "Linux version"

i.e. it expects to perform two memory de-references, the location of the
variable and de-reference the variable to get the address of the banner text.
However, after the first de-reference the data in linux_banner as a named
object in the coredump is already the banner text.

The problem is that the read from the coredump of the linux_banner variable
reads from the linux_banner text, not from the linux_banner variable so the
second de-reference is of an invalid kernel address because it is ASCII text.

I have hacked a workarounds to it but when I do on the coredump I have I find
it is unusable for other reasons (excluded pages), so I need to investigate
with another coredump (of which I have several).

crash can be started in this scenario with limited functionality using:

> crash --minimal <coredump> <kernel> <...>

However, the limited set of functionality --minimal provides probably makes it
worthless, e.g. memory read and disassemble are usable but gdb commands like bt
and switch process/CPU are not usable.

You are receiving this mail because: