Re: [PATCH 1/1] LoongArch: kexec: avoid overwriting QEMU's machine FDT at 0x100000

[Bibo Mao]

On 2026/5/29 下午12:25, Huacai Chen wrote:
> Hi, George,
>
> On Thu, May 28, 2026 at 9:58 PM George Guo <dongtai.guo@xxxxxxxxx> wrote:
> > From: George Guo <guodongtai@xxxxxxxxxx>
> >
> > QEMU places its machine FDT at physical address 0x100000 when booting
> > with '-kernel'.  KEXEC_CONTROL_CODE was defined at the same address, so
> > machine_kexec_prepare() overwrites the FDT with the relocation trampoline
> > before jumping to the new kernel.
> >
> > The kexec'd kernel's fdt_setup() reads the FDT pointer from the EFI
> > config table (FDTPTR = 0x100000) and finds trampoline code instead of a
> > valid FDT, so earlycon auto-detection fails and the second kernel boots
> > silently with no console output.
> >
> > Move KEXEC_CONTROL_CODE to 0x180000, which is still within the first 2MB
> > reserved by memblock_init() and does not conflict with the QEMU FDT.
> Modify QEMU seems better.
>
> For kernel, the kexec code is introduced by
> 4a03b2ac06a5bcae29371866d9d11f5bfd4c9188 ("LoongArch: Add kexec
> support") at Oct, 12, 2022.
>
> For QEMU, current FDT is introduced by
> 6042385149a0fb3f4a51d264fc3dc42775819c79 ("hw/loongarch: Init efi_fdt
> table") at April, 26, 2024.
> And earlier history is 46b21de238c643ea098f2dcffe493abd135f7d89
> ("hw/loongarch: Fix loongarch fdt addr confict") which move FDT from
> 2MB (0x200000) to 1MB(0x100000).
> And the earliest QEMU FDT  address is 0x1c400000....
>
> QEMU FDT has changed many times while kexec keep the same always, and
> the current FDT address is later than kernel (which means QEMU
> conflict with kexec, not kexec conflict with QEMU). So I suggest to
> move QEMU FDT to 0x180000.
what is method on other architectures for kexec control page?

Regards
Bibo Mao
> Huacai
>
> > Signed-off-by: George Guo <guodongtai@xxxxxxxxxx>
> > ---
> >   arch/loongarch/kernel/machine_kexec.c | 9 +++++++--
> >   1 file changed, 7 insertions(+), 2 deletions(-)
> >
> > diff --git a/arch/loongarch/kernel/machine_kexec.c b/arch/loongarch/kernel/machine_kexec.c
> > index d7fafda1d541..44df7dbd3de5 100644
> > --- a/arch/loongarch/kernel/machine_kexec.c
> > +++ b/arch/loongarch/kernel/machine_kexec.c
> > @@ -21,8 +21,13 @@
> >   #include <asm/cacheflush.h>
> >   #include <asm/page.h>
> >
> > -/* 0x100000 ~ 0x200000 is safe */
> > -#define KEXEC_CONTROL_CODE     TO_CACHE(0x100000UL)
> > +/*
> > + * Both addresses are within the first 2MB which is always reserved by
> > + * memblock_init().  Avoid 0x100000 because QEMU places its machine FDT
> > + * there when using '-kernel'; overwriting it silences earlycon in the
> > + * kexec'd kernel.
> > + */
> > +#define KEXEC_CONTROL_CODE     TO_CACHE(0x180000UL)
> >   #define KEXEC_CMDLINE_ADDR     TO_CACHE(0x108000UL)
> >
> >   static unsigned long reboot_code_buffer;
> > --
> > 2.25.1