Received: by 2002:a25:4158:0:0:0:0:0 with SMTP id o85csp668937yba; Thu, 16 May 2019 07:10:21 -0700 (PDT) X-Google-Smtp-Source: APXvYqwYtMI8JGkFAEvyUs3OWRu8fSiNFEJKpXQIrPSjoN3uUrxKwPt6YRF7L2j7xo6uUEYCrpEz X-Received: by 2002:a17:902:bc85:: with SMTP id bb5mr50664246plb.310.1558015821513; Thu, 16 May 2019 07:10:21 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1558015821; cv=none; d=google.com; s=arc-20160816; b=KUN6xeXZP1y/RVx7Lttjy7JTj8lV61EYRxxATcrvYcoojVhvXGvWqSkX5TjU8tWDTR xrDGuUApbhUTzb4OQoBIAJl13SBgkPvqHv2GpcN5HHziypk8dLmsHQBpAceN1RL12zRa 7PxO8TZS80k/Cw2l9B0+nGtKru4DHK4fo1TgY7cAYjMkBHOac5mSoYnif6T8uU8unhnO 6KmxMWy/kgUpV3UAptYWxWOx7ORfP5XPw60MyUeOVzCTlQMIPkPwijw8Aewv+m5jZtst 3Kg+irhLf4EWVSTSs/jQpOFpgWBo0Lzm1LHK4knXVfVMbVURLKSfQ/gimRIgiA/hG3u1 yjHA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding :content-language:in-reply-to:mime-version:user-agent:date :message-id:from:references:cc:to:subject; bh=HsW8KNkFVCIsq1S5QLzQ6t9ocV3DGAPtxqR/232Qnok=; b=llXe4ZzyjI2cLti2JeBYqRAazr/9ClTTv7Xf/phTmmkUlfzbTx4jmZ32FtiAQNtCHk a/AsuaxW6EficuVZATVJbZUL/wb1okkWz3BD7EVKFZckYyeGOYus7KCzF3SonPJVlTad UrxPakgTkiwTrUOwoo1GPbjNAyUsEyXR13KRuG6zVrlLrzScGnn9ToyP1bZhWoKpFUtI /KljgTAWtNhPkncPVW6ML+EvKfBwFJk1fEBaZ9a2ubEKcmxjkAEzb+5Hy4o75swEL9bL /NoS6cmsf0POiBeqzivIx6m/kOzBU9wCeM0pBEMYZ+ltejhetikj0Tw8ZH0FYtzK9C6Y ctEQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id b74si5574633pfj.121.2019.05.16.07.09.39; Thu, 16 May 2019 07:10:21 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727723AbfEPOFe (ORCPT + 99 others); Thu, 16 May 2019 10:05:34 -0400 Received: from usa-sjc-mx-foss1.foss.arm.com ([217.140.101.70]:46916 "EHLO foss.arm.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727570AbfEPOFe (ORCPT ); Thu, 16 May 2019 10:05:34 -0400 Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.72.51.249]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id EEDAF1715; Thu, 16 May 2019 07:05:33 -0700 (PDT) Received: from [10.1.196.69] (e112269-lin.cambridge.arm.com [10.1.196.69]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPSA id B71163F5AF; Thu, 16 May 2019 07:05:32 -0700 (PDT) Subject: Re: Bad virt_to_phys since commit 54c7a8916a887f35 To: Mark Rutland , Christoph Hellwig Cc: linux-kernel@vger.kernel.org, Mike Rapoport , Andrew Morton , Will Deacon , Catalin Marinas References: <20190516133820.GA43059@lakrids.cambridge.arm.com> <20190516134105.GB43059@lakrids.cambridge.arm.com> From: Steven Price Message-ID: Date: Thu, 16 May 2019 15:05:31 +0100 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.6.1 MIME-Version: 1.0 In-Reply-To: <20190516134105.GB43059@lakrids.cambridge.arm.com> Content-Type: text/plain; charset=utf-8 Content-Language: en-GB Content-Transfer-Encoding: 7bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 16/05/2019 14:41, Mark Rutland wrote: > On Thu, May 16, 2019 at 02:38:20PM +0100, Mark Rutland wrote: >> Hi, >> >> Since commit: >> >> 54c7a8916a887f35 ("initramfs: free initrd memory if opening /initrd.image fails") > > Ugh, I dropped a paragarph here. > > Since that commit, I'm seeing a boot-time splat on arm64 when using > CONFIG_DEBUG_VIRTUAL. I'm running an arm64 syzkaller instance, and this > kills the VM, preventing further testing, which is unfortunate. > > Mark. > >> IIUC prior to that commit, we'd only attempt to free an intird if we had >> one, whereas now we do so unconditionally. AFAICT, in this case >> initrd_start has not been initialized (I'm not using an initrd or >> initramfs on my system), so we end up trying virt_to_phys() on a bogus >> VA in free_initrd_mem(). >> >> Any ideas on the right way to fix this? Your analysis looks right to me. In my review I'd managed to spot the change in behaviour when CONFIG_INITRAMFS_FORCE is set (the initrd is freed), but I'd overlooked what happens if initrd_start == 0 (the non-existent initrd is attempted to be freed). I suspect the following is sufficient to fix the problem: ----8<----- diff --git a/init/initramfs.c b/init/initramfs.c index 435a428c2af1..178130fd61c2 100644 --- a/init/initramfs.c +++ b/init/initramfs.c @@ -669,7 +669,7 @@ static int __init populate_rootfs(void) * If the initrd region is overlapped with crashkernel reserved region, * free only memory that is not part of crashkernel region. */ - if (!do_retain_initrd && !kexec_free_initrd()) + if (!do_retain_initrd && initrd_start && !kexec_free_initrd()) free_initrd_mem(initrd_start, initrd_end); initrd_start = 0; initrd_end = 0;