From: Pratyush Yadav <pratyush@kernel.org>
To: ranxiaokai627@163.com
Cc: catalin.marinas@arm.com, akpm@linux-foundation.org,
graf@amazon.com, rppt@kernel.org, pasha.tatashin@soleen.com,
pratyush@kernel.org, changyuanl@google.com,
linux-kernel@vger.kernel.org, linux-mm@kvack.org,
kexec@lists.infradead.org, ran.xiaokai@zte.com.cn
Subject: Re: [PATCH 2/2] liveupdate: Fix boot failure due to kmemleak access to unmapped pages
Date: Thu, 20 Nov 2025 17:17:28 +0100 [thread overview]
Message-ID: <mafs05xb43ch3.fsf@kernel.org> (raw)
In-Reply-To: <20251120144147.90508-3-ranxiaokai627@163.com> (ranxiaokai's message of "Thu, 20 Nov 2025 14:41:47 +0000")
On Thu, Nov 20 2025, ranxiaokai627@163.com wrote:
> From: Ran Xiaokai <ran.xiaokai@zte.com.cn>
>
> When booting with debug_pagealloc=on while having:
> CONFIG_KEXEC_HANDOVER_ENABLE_DEFAULT=y
> CONFIG_DEBUG_KMEMLEAK_DEFAULT_OFF=n
> the system fails to boot due to page faults during kmemleak scanning.
>
> This occurs because:
> With debug_pagealloc enabled, __free_pages() invokes
> debug_pagealloc_unmap_pages(), clearing the _PAGE_PRESENT bit for
> freed pages in the direct mapping.
> Commit 3dc92c311498 ("kexec: add Kexec HandOver (KHO) generation helpers")
> releases the KHO scratch region via init_cma_reserved_pageblock(),
> unmapping its physical pages. Subsequent kmemleak scanning accesses
> these unmapped pages, triggering fatal page faults.
I don't know how kmemleak works. Why does kmemleak access the unmapped
pages? If pages are not mapped, it should learn to not access them,
right?
>
> Call kmemleak_no_scan_phys() from kho_reserve_scratch() to
> exclude the reserved region from scanning before
> it is released to the buddy allocator.
kho_reserve_scratch() is called on the first boot. It allocates the
scratch areas for subsequent boots. On every KHO boot after this,
kho_reserve_scratch() is not called and kho_release_scratch() is called
instead since the scratch areas already exist from previous boot.
Eventually both paths converge to kho_init() and call
init_cma_reserved_pageblock().
So shouldn't you call kmemleak_no_scan_phys() from kho_init() instead?
This would reduce code duplication and cover both paths.
>
> Fixes: 3dc92c311498 ("kexec: add Kexec HandOver (KHO) generation helpers")
> Signed-off-by: Ran Xiaokai <ran.xiaokai@zte.com.cn>
> ---
> kernel/liveupdate/kexec_handover.c | 4 ++++
> 1 file changed, 4 insertions(+)
>
> diff --git a/kernel/liveupdate/kexec_handover.c b/kernel/liveupdate/kexec_handover.c
> index 224bdf5becb6..dd4942d1d76c 100644
> --- a/kernel/liveupdate/kexec_handover.c
> +++ b/kernel/liveupdate/kexec_handover.c
> @@ -11,6 +11,7 @@
>
> #include <linux/cleanup.h>
> #include <linux/cma.h>
> +#include <linux/kmemleak.h>
> #include <linux/count_zeros.h>
> #include <linux/kexec.h>
> #include <linux/kexec_handover.h>
> @@ -654,6 +655,7 @@ static void __init kho_reserve_scratch(void)
> if (!addr)
> goto err_free_scratch_desc;
>
> + kmemleak_no_scan_phys(addr);
> kho_scratch[i].addr = addr;
> kho_scratch[i].size = size;
> i++;
> @@ -664,6 +666,7 @@ static void __init kho_reserve_scratch(void)
> if (!addr)
> goto err_free_scratch_areas;
>
> + kmemleak_no_scan_phys(addr);
> kho_scratch[i].addr = addr;
> kho_scratch[i].size = size;
> i++;
> @@ -676,6 +679,7 @@ static void __init kho_reserve_scratch(void)
> if (!addr)
> goto err_free_scratch_areas;
>
> + kmemleak_no_scan_phys(addr);
> kho_scratch[i].addr = addr;
> kho_scratch[i].size = size;
> i++;
--
Regards,
Pratyush Yadav
next prev parent reply other threads:[~2025-11-20 16:17 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-11-20 14:41 [PATCH 0/2] liveupdate: Fix boot failure due to kmemleak access to unmapped pages ranxiaokai627
2025-11-20 14:41 ` [PATCH 1/2] mm: kmemleak: introduce kmemleak_no_scan_phys() helper ranxiaokai627
2025-11-20 14:41 ` [PATCH 2/2] liveupdate: Fix boot failure due to kmemleak access to unmapped pages ranxiaokai627
2025-11-20 16:17 ` Pratyush Yadav [this message]
2025-11-22 17:57 ` ranxiaokai627
2025-11-21 13:36 ` Mike Rapoport
2025-11-22 18:07 ` ranxiaokai627
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=mafs05xb43ch3.fsf@kernel.org \
--to=pratyush@kernel.org \
--cc=akpm@linux-foundation.org \
--cc=catalin.marinas@arm.com \
--cc=changyuanl@google.com \
--cc=graf@amazon.com \
--cc=kexec@lists.infradead.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=pasha.tatashin@soleen.com \
--cc=ran.xiaokai@zte.com.cn \
--cc=ranxiaokai627@163.com \
--cc=rppt@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.