The magiskboot split command will corrupt the kernel image #9607
Description
Device: Any
Android version: Any
Magisk version name: v30.6
Magisk version code: 30600
First, this issue does not affect traditional files that append DTB to the kernel image (such as Image.gz-dtb).
When attempting to call magiskboot split on a GKI, it will return a 0-byte kernel file and a 0-byte kernel_dtb file.
pzqqt@LAPTOP-XXXXXXXX:/mnt/f/tmp/img_pandora-OS3.0.9.0.WBLCNXM/boot$ magiskboot_x86_64 unpack -h ./boot.img
Parsing boot image: [./boot.img]
HEADER_VER [4]
KERNEL_SZ [39963136]
RAMDISK_SZ [0]
PAGESIZE [4096]
CMDLINE []
KERNEL_FMT [raw]
VBMETA
pzqqt@LAPTOP-XXXXXXXX:/mnt/f/tmp/img_pandora-OS3.0.9.0.WBLCNXM/boot$ ls -l
total 137332
-rwxrwxrwx 1 pzqqt pzqqt 100663296 Sep 30 23:38 boot.img
-rwxrwxrwx 1 pzqqt pzqqt 9 Dec 26 21:57 header
-rwxrwxrwx 1 pzqqt pzqqt 39963136 Dec 26 21:57 kernel
pzqqt@LAPTOP-XXXXXXXX:/mnt/f/tmp/img_pandora-OS3.0.9.0.WBLCNXM/boot$ magiskboot_x86_64 split ./kernel
Bad address (os error 14)
Bad address (os error 14)
pzqqt@LAPTOP-XXXXXXXX:/mnt/f/tmp/img_pandora-OS3.0.9.0.WBLCNXM/boot$ echo $?
0
pzqqt@LAPTOP-XXXXXXXX:/mnt/f/tmp/img_pandora-OS3.0.9.0.WBLCNXM/boot$ ls -l
total 98304
-rwxrwxrwx 1 pzqqt pzqqt 100663296 Sep 30 23:38 boot.img
-rwxrwxrwx 1 pzqqt pzqqt 9 Dec 26 21:57 header
-rwxrwxrwx 1 pzqqt pzqqt 0 Dec 26 21:58 kernel
-rwxrwxrwx 1 pzqqt pzqqt 0 Dec 26 21:58 kernel_dtb
In the example above, the kernel is android16-6.12, and the same result applies to the GKI for android12-5.10.
For reference, if using magiskboot version 27000:
For android12-5.10, everything works fine:
pzqqt@LAPTOP-XXXXXXXX:/mnt/f/tmp/img_marble-OS2.0.213.0.VMRCNXM/boot$ magiskboot_x86_64-27000 unpack -h ./boot.img
Parsing boot image: [./boot.img]
HEADER_VER [4]
KERNEL_SZ [46852092]
RAMDISK_SZ [1380091]
OS_VERSION [12.0.0]
OS_PATCH_LEVEL [2025-02]
PAGESIZE [4096]
CMDLINE []
KERNEL_FMT [raw]
RAMDISK_FMT [lz4_legacy]
unexpected ASN.1 DER tag: expected SEQUENCE, got APPLICATION [1] (primitive)
VBMETA
pzqqt@LAPTOP-XXXXXXXX:/mnt/f/tmp/img_marble-OS2.0.213.0.VMRCNXM/boot$ ls -l
total 244836
-rwxrwxrwx 1 pzqqt pzqqt 201326592 Jan 1 2008 boot.img
-rwxrwxrwx 1 pzqqt pzqqt 50 Dec 26 22:38 header
-rwxrwxrwx 1 pzqqt pzqqt 46852092 Dec 26 22:38 kernel
-rwxrwxrwx 1 pzqqt pzqqt 2527744 Dec 26 22:38 ramdisk.cpio
pzqqt@LAPTOP-XXXXXXXX:/mnt/f/tmp/img_marble-OS2.0.213.0.VMRCNXM/boot$ magiskboot_x86_64-27000 split ./kernel
Cannot find DTB in ./kernel
pzqqt@LAPTOP-XXXXXXXX:/mnt/f/tmp/img_marble-OS2.0.213.0.VMRCNXM/boot$ echo $?
1
pzqqt@LAPTOP-XXXXXXXX:/mnt/f/tmp/img_marble-OS2.0.213.0.VMRCNXM/boot$ ls -l
total 244836
-rwxrwxrwx 1 pzqqt pzqqt 201326592 Jan 1 2008 boot.img
-rwxrwxrwx 1 pzqqt pzqqt 50 Dec 26 22:38 header
-rwxrwxrwx 1 pzqqt pzqqt 46852092 Dec 26 22:38 kernel
-rwxrwxrwx 1 pzqqt pzqqt 2527744 Dec 26 22:38 ramdisk.cpio
For android16-6.12, due to the impact of this issue, the same problem as with magiskboot version 30600 will occur:
pzqqt@LAPTOP-XXXXXXXX:/mnt/f/tmp/img_pandora-OS3.0.9.0.WBLCNXM/boot$ magiskboot_x86_64 unpack -h ./boot.img
Parsing boot image: [./boot.img]
HEADER_VER [4]
KERNEL_SZ [39963136]
RAMDISK_SZ [0]
PAGESIZE [4096]
CMDLINE []
KERNEL_FMT [raw]
VBMETA
pzqqt@LAPTOP-XXXXXXXX:/mnt/f/tmp/img_pandora-OS3.0.9.0.WBLCNXM/boot$ ls -l
total 137332
-rwxrwxrwx 1 pzqqt pzqqt 100663296 Sep 30 23:38 boot.img
-rwxrwxrwx 1 pzqqt pzqqt 9 Dec 26 22:43 header
-rwxrwxrwx 1 pzqqt pzqqt 39963136 Dec 26 22:43 kernel
pzqqt@LAPTOP-XXXXXXXX:/mnt/f/tmp/img_pandora-OS3.0.9.0.WBLCNXM/boot$ magiskboot_x86_64-27000 split ./kernel
write failed with 14: Bad address
pzqqt@LAPTOP-XXXXXXXX:/mnt/f/tmp/img_pandora-OS3.0.9.0.WBLCNXM/boot$ echo $?
1
pzqqt@LAPTOP-XXXXXXXX:/mnt/f/tmp/img_pandora-OS3.0.9.0.WBLCNXM/boot$ ls -l
total 98304
-rwxrwxrwx 1 pzqqt pzqqt 100663296 Sep 30 23:38 boot.img
-rwxrwxrwx 1 pzqqt pzqqt 9 Dec 26 22:43 header
-rwxrwxrwx 1 pzqqt pzqqt 0 Dec 26 22:44 kernel