On Mon, Jul 24, 2023 at 10:29 AM HAGIO KAZUHITO(萩尾 一仁) <k-hagio-ab(a)nec.com>
wrote:
On 2023/07/24 10:17, HAGIO KAZUHITO(萩尾 一仁) wrote:
> Hi Lianbo,
>
> Thank you for the fix.
>
> On 2023/07/21 13:36, Lianbo Jiang wrote:
>> Currently, the symbol ".rodata" may not be found in some vmlinux, and
>> the strings command will still be used to get the linux banner string,
>> but this gets two strings as below:
>>
>> # strings
/usr/lib/debug/usr/lib/modules/6.5.0-0.rc2.17.fc39.x86_64/vmlinux |grep
"Linux version"
>> Linux version 6.5.0-0.rc2.17.fc39.x86_64
(mockbuild@23a79bad375e4c2c8c60f2d40df7df49) (gcc (GCC) 13.1.1 20230614
(Red Hat 13.1.1-4), GNU ld version 2.40-9.fc39) # SMP PREEMPT_DYNAMIC
>> Linux version 6.5.0-0.rc2.17.fc39.x86_64
(mockbuild@23a79bad375e4c2c8c60f2d40df7df49) (gcc (GCC) 13.1.1 20230614
(Red Hat 13.1.1-4), GNU ld version 2.40-9.fc39) #1 SMP PREEMPT_DYNAMIC Mon
Jul 17 14:57:35 UTC 2023
>>
>> In the verify_namelist(), the while-loop will only determine if the
>> above first string(linux banner) matches and break the loop. But
>> actually the above second string is correct one. Eventually, crash
>> startup with the following warning:
>>
>> # ./crash -s
/usr/lib/debug/usr/lib/modules/6.5.0-0.rc2.17.fc39.x86_64/vmlinux
/var/crash/127.0.0.1-2023-07-20-20\:50\:50/vmcore
>> WARNING: kernel version inconsistency between vmlinux and dumpfile
>>
>> # ./crash -s
>> WARNING: kernel version inconsistency between vmlinux and live
memory
>>
>> Let's always try to match the correct one, otherwise still prints a
>> warning as before.
>>
>> Signed-off-by: Lianbo Jiang <lijiang(a)redhat.com>
>> ---
>> kernel.c | 2 --
>> 1 file changed, 2 deletions(-)
>>
>> diff --git a/kernel.c b/kernel.c
>> index 546eed95eebd..9801812387bd 100644
>> --- a/kernel.c
>> +++ b/kernel.c
>> @@ -1375,8 +1375,6 @@ verify_namelist()
>> buffer3[i++] = *p1++;
>> buffer3[i] = NULLCHAR;
>> }
>> -
>> - break;
>> }
>> pclose(pipe);
>>
>
> I think you are fixing the fallback routine and that's good, but it's
> better to fix get_linux_banner_from_vmlinux() first if possible. It's
Thank you for the comments, Kazu.
They are different issues. The fallback routine(strings) also needs to be
fixed, and the get_linux_banner_from_vmlinux() failure is another issue.
much faster. Isn't it possible?
>
As I mentioned in patch log, the symbol ".rodata" was not found in some
vmlinux, and so far I haven't got any equivalent symbols to achieve the
purpose.
crash> sym .rodata
symbol not found: .rodata
possible alternatives:
(none found)
crash>
But the following change works well for this case:
diff --git a/kernel.c b/kernel.c
index 546eed9..a4ce5bf 100644
--- a/kernel.c
+++ b/kernel.c
@@ -11891,6 +11891,7 @@ check_vmcoreinfo(void)
static
int get_linux_banner_from_vmlinux(char *buf, size_t size)
{
+#if 0
struct bfd_section *sect;
long offset;
@@ -11917,4 +11918,10 @@ int get_linux_banner_from_vmlinux(char *buf,
size_t size)
return FALSE;
return TRUE;
+#else
+ if (!readmem(symbol_value("linux_banner"), KVADDR, buf, size,
"linux_banner", RETURN_ON_ERROR))
+ return FALSE;
+
+ return TRUE;
+#endif
}
How about reading out the linux_banner string to a buffer with readmem()?
> What do you see in "sections:" in "help -s"?
And probably you can
> determine the section where linux_banner is located, with the address of
> linux_banner and KASLR offset.
>
> crash> help -s
> ...
> sections:
> .text vma: ffffffff81000000 size: 14686984
> .rodata vma: ffffffff82000000 size: 5366231
> .pci_fixup vma: ffffffff8251e1e0 size: 14112
> ...
> crash> sym linux_banner
> ffffffffb5200a40 (D) linux_banner
> crash> help -D | grep KERNELOFFSET
> KERNELOFFSET=33200000
>
> crash> eval ffffffffb5200a40 - 0x33200000
> hexadecimal: ffffffff82000a40 --> linux_banner is in ".rodata"
If the vmlinux does not have only the ".rodata" symbol, is it possible
to use "__start_rodata" symbol or something? i.e. is there no symbol
that has the same address as .rodata section?
I tried the "__start_rodata" symbol, but it does not work.
Thanks.
Lianbo
crash> sym .rodata __start_rodata
ffffffffb5200000 (d) .rodata
ffffffffb5200000 (D) __start_rodata
Thanks,
Kazu