From: Matt Fleming <matt-HNK1S37rvNbeXh+fF434Mdi2O/JbrIOy@public.gmane.org>
To: Michael Brown <mbrown-OViyBiuKJBuK421+ScFKDQ@public.gmane.org>
Cc: "Mantas Mikulėnas"
<grawity-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org>,
"Yinghai Lu" <yinghai-DgEjT+Ai2ygdnm+yROfE0A@public.gmane.org>,
"Matt Fleming"
<matt.fleming-ral2JQCrhuEAvxtiuMwx3w@public.gmane.org>,
"Linux Kernel Mailing List"
<linux-kernel-u79uwXL29TY76Z2rM5mHXA@public.gmane.org>,
linux-efi-u79uwXL29TY76Z2rM5mHXA@public.gmane.org,
edk2-devel-5NWGOfrQmneRv+LV9MX5uipxlwaOVQ5f@public.gmane.org
Subject: Re: Loading initrd above 4G causes freeze on boot
Date: Wed, 20 Aug 2014 21:30:11 +0100 [thread overview]
Message-ID: <20140820203011.GH29733@console-pimps.org> (raw)
In-Reply-To: <53F4FCC9.1030405-OViyBiuKJBuK421+ScFKDQ@public.gmane.org>
[ Pulling in EDK2 folks for help ]
On Wed, 20 Aug, at 08:53:45PM, Michael Brown wrote:
> On 20/08/14 20:05, Mantas Mikulėnas wrote:
> >
> >I experimented with some things (like setting chunk size to a few kB
> >to see if it hangs earlier or only at the very end; etc.), and finally
> >found out that it stops freezing if I pad the initrd file to a
> >multiple of 512 bytes :/ That is, 5684268 bytes will freeze, 5684736
> >bytes will not.
> >
> >...In other words, seems like it cannot read chunks that aren't
> >multiples of 512 into a location above 4 GB. Or something like that...
>
> I haven't been following this thread closely, but that immediately
> sounds like a problem within the EFI_DISK_IO_PROTOCOL implementation
> (which is responsible for handling smaller-than-block-sized reads).
> Looking at the EDK2 implementation in
> MdeModulePkg/Universal/Disk/DiskIoDxe/DiskIo.c, the memory
> management does appear to be somewhat inventive. In particular,
> there's a frequent pattern in DiskIoCreateSubtaskList() equivalent
> to:
>
> if ( blocking_io ) {
> buffer = some_static_buffer;
> } else {
> buffer = malloc ( len );
> if ( ! buffer )
> goto single_shared_error_label;
> }
> ... do not record whether or not buffer was dynamically allocated ...
> ... use buffer as part of an asynchronous I/O operation ...
> ... eventually choose whether or not to free buffer, and hope the
> choice is correct ...
>
> It's not at all obvious that memory is freed correctly, especially
> under some of the error paths within that code.
>
> I can't immediately see anything that should fail with a pointer
> above 4G, but I wouldn't be surprised to find a path that causes a
> double free or similar error.
Guys, the original thread starts here,
http://article.gmane.org/gmane.linux.kernel.efi/4424
Basically, reading into a buffer above 0xffffffff using
EFI_FILE_PROTOCOL causes Mantas' machine to crash, irrespective of the
size of the read.
Is this a known issue? Perhaps here be dragons?
Halp?
--
Matt Fleming, Intel Open Source Technology Center
next prev parent reply other threads:[~2014-08-20 20:30 UTC|newest]
Thread overview: 21+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-08-09 14:23 Loading initrd above 4G causes freeze on boot Mantas Mikulėnas
[not found] ` <53E62EEF.9040801-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org>
2014-08-09 16:44 ` Yinghai Lu
[not found] ` <CAE9FiQVXkojPnTr4EQE7h2YhWqa5VBYRSCadB0B1qDL+eGY8jg-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2014-08-09 19:23 ` Matt Fleming
[not found] ` <20140809192302.GJ15082-HNK1S37rvNbeXh+fF434Mdi2O/JbrIOy@public.gmane.org>
2014-08-09 22:45 ` Mantas Mikulėnas
[not found] ` <CAPWNY8X+pRf4GuYAzKj-co0fkLMY0KNw+wB4KA8eaJ0QbE4MnA-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2014-08-10 5:55 ` Yinghai Lu
[not found] ` <CAE9FiQVDURMvgVd55-onMDejCZT+OZ2vrr92wx8FJMKRNSX_GA-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2014-08-10 18:43 ` Mantas Mikulėnas
2014-08-13 14:02 ` Matt Fleming
2014-08-13 16:38 ` Mantas Mikulėnas
2014-08-13 18:44 ` Matt Fleming
[not found] ` <20140813184449.GV15082-HNK1S37rvNbeXh+fF434Mdi2O/JbrIOy@public.gmane.org>
2014-08-20 17:05 ` Matt Fleming
[not found] ` <20140820170520.GF29733-HNK1S37rvNbeXh+fF434Mdi2O/JbrIOy@public.gmane.org>
2014-08-20 19:05 ` Mantas Mikulėnas
[not found] ` <CAPWNY8V_gFutOcow5rBUSz2updGzf4hkQ98qBZ9WRGkb_sA2jA-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2014-08-20 19:53 ` Michael Brown
[not found] ` <53F4FCC9.1030405-OViyBiuKJBuK421+ScFKDQ@public.gmane.org>
2014-08-20 20:30 ` Matt Fleming [this message]
[not found] ` <20140820203011.GH29733-HNK1S37rvNbeXh+fF434Mdi2O/JbrIOy@public.gmane.org>
2014-08-21 20:23 ` [edk2] " Laszlo Ersek
2014-08-22 14:24 ` Harald Hoyer
[not found] ` <53F752A2.7080604-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>
2014-08-22 14:43 ` Mantas Mikulėnas
2014-08-24 19:19 ` Mantas Mikulėnas
[not found] ` <CAPWNY8V=T=Y5uPX9J_qjdkTJRnctDs-PoTQP7LEX_cKQEn0_Zg-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2014-08-25 10:55 ` Matt Fleming
2014-08-25 11:08 ` Mantas Mikulėnas
2014-08-25 12:53 ` Matt Fleming
[not found] ` <20140825125306.GS29733-HNK1S37rvNbeXh+fF434Mdi2O/JbrIOy@public.gmane.org>
2014-08-25 18:22 ` Yinghai Lu
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20140820203011.GH29733@console-pimps.org \
--to=matt-hnk1s37rvnbexh+ff434mdi2o/jbrioy@public.gmane.org \
--cc=edk2-devel-5NWGOfrQmneRv+LV9MX5uipxlwaOVQ5f@public.gmane.org \
--cc=grawity-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org \
--cc=linux-efi-u79uwXL29TY76Z2rM5mHXA@public.gmane.org \
--cc=linux-kernel-u79uwXL29TY76Z2rM5mHXA@public.gmane.org \
--cc=matt.fleming-ral2JQCrhuEAvxtiuMwx3w@public.gmane.org \
--cc=mbrown-OViyBiuKJBuK421+ScFKDQ@public.gmane.org \
--cc=yinghai-DgEjT+Ai2ygdnm+yROfE0A@public.gmane.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).