On 03/11/16 05:26, Gary Lin wrote:
> On Thu, Mar 10, 2016 at 12:31:18PM +0100, Laszlo Ersek wrote:
>> On 03/10/16 11:02, Gary Lin wrote:
>>> On Thu, Mar 10, 2016 at 10:20:12AM +0100, Laszlo Ersek wrote:
>>>> On 03/10/16 08:49, Gary Lin wrote:
>>
>>>>> I found that it's related to iPXE. If I disable iPXE with
>>>>>
>>>>> "-netdev user,id=hostnet0 -device virtio-net-pci,romfile=,netdev=hostnet0"
>>>>>
>>>>> then everything works as expected. I'll try to dig deeper to find more
>>>>> information.
>>>>
>>>> How fresh is your ipxe? And did you build it with CONFIG=qemu?
>>>>
>>> It comes from the qemu 2.5.0 tarball and I just installed it from
>>> openSUSE Virtualization repo.
>>> https://build.opensuse.org/package/show/Virtualization/qemu
>>
>> QEMU 2.5 bundles iPXE binaries built with CONFIG=qemu, but that
>> configuration doesn't enable IPv6 for the moment.
>>
>> Apparently, combining iPXE (CONFIG=qemu) with NETWORK_IP6_ENABLE (set in
>> OVMF) causes problems. I don't understand how this causes side effects,
>> because CONFIG=qemu instructs iPXE to provide SNP drivers only. SNP is
>> independent of IP version.
>>
>> With this combination, IPv6 PXE should work (not be absent), and IPv6
>> HTTP Boot should work too (not blow up).
>>
>> Can you perhaps remove grub2 from the equation? What if you play with
>> disconnect / reconnect / connect in the UEFI shell?
>>
> hmmm I found another way to crash the system with a different assert.
>
> Just disconnect/reconnect the handle providing HttpServiceBinding, and
> OVMF crashed with/without iPXE:
>
> ASSERT /home/gary/git/edk2/NetworkPkg/HttpBootDxe/HttpBootDxe.c(796): CR has
> Bad Signature
>
> Here is the function that issues the assert.
>
> EFIAPI HttpBootIp6DxeDriverBindingStart ()
> ...
> if (!EFI_ERROR (Status)) {
> Private = HTTP_BOOT_PRIVATE_DATA_FROM_ID(Id); <---- CRASH
> } else {
> ...
>
> This also only happens after fa848a4048943251fc057fe8d6c5a82e01d2ffb6.
Here's a stack dump:
#0 0x000000007e86cd8c in CpuDeadLoop () at
MdePkg/Library/BaseLib/CpuDeadLoop.c:37
#1 0x000000007e86756c in DebugAssert (FileName=0x7e86d7c8
"NetworkPkg/HttpBootDxe/HttpBootDxe.c", LineNumber=796, Description=0x7e86d823
"CR has Bad Signature")
at OvmfPkg/Library/PlatformDebugLibIoPort/DebugLib.c:153
#2 0x000000007e85a8bf in HttpBootIp6DxeDriverBindingStart (This=0x7e871e60,
ControllerHandle=0x7f040d98, RemainingDevicePath=0x0) at
NetworkPkg/HttpBootDxe/HttpBootDxe.c:796
#3 0x000000007ff6afc0 in CoreConnectSingleController
(ControllerHandle=0x7f040d98, ContextDriverImageHandles=0x0,
RemainingDevicePath=0x0) at MdeModulePkg/Core/Dxe/Hand/DriverSupport.c:646
#4 0x000000007ff6a2cf in CoreConnectController (ControllerHandle=0x7f040d98,
DriverImageHandle=0x0, RemainingDevicePath=0x0, Recursive=1 '\001') at
MdeModulePkg/Core/Dxe/Hand/DriverSupport.c:137
#5 0x000000007ff6d887 in CoreDisconnectControllersUsingProtocolInterface
(UserHandle=0x7f040d98, Prot=0x7eecfb98) at
MdeModulePkg/Core/Dxe/Hand/Handle.c:687
#6 0x000000007ff6d955 in CoreUninstallProtocolInterface
(UserHandle=0x7f040d98, Protocol=0x7e885f60
<gEfiHttpServiceBindingProtocolGuid>, Interface=0x7eecfce0) at
MdeModulePkg/Core/Dxe/Hand/Handle.c:754
#7 0x000000007e87536b in HttpDxeStop (This=0x7e8860e0,
ControllerHandle=0x7eed3cd8, NumberOfChildren=0, ChildHandleBuffer=0x0,
IpVersion=6 '\006') at NetworkPkg/HttpDxe/HttpDriver.c:576
#8 0x000000007e875509 in HttpDxeIp6DriverBindingStop (This=0x7e8860e0,
ControllerHandle=0x7eed3cd8, NumberOfChildren=0, ChildHandleBuffer=0x0) at
NetworkPkg/HttpDxe/HttpDriver.c:891
#9 0x000000007ff6b987 in CoreDisconnectController
(ControllerHandle=0x7eed3cd8, DriverImageHandle=0x7f17ebd8, ChildHandle=0x0) at
MdeModulePkg/Core/Dxe/Hand/DriverSupport.c:938
#10 0x000000007ff6d6fc in CoreDisconnectControllersUsingProtocolInterface
(UserHandle=0x7eed3cd8, Prot=0x7eed3c58) at
MdeModulePkg/Core/Dxe/Hand/Handle.c:651
#11 0x000000007ff6d955 in CoreUninstallProtocolInterface
(UserHandle=0x7eed3cd8, Protocol=0x7e948f10 <gEfiTcp6ProtocolGuid>,
Interface=0x7eed3a38) at MdeModulePkg/Core/Dxe/Hand/Handle.c:754
#12 0x000000007ff6dafd in CoreUninstallMultipleProtocolInterfaces
(Handle=0x7eed3cd8) at MdeModulePkg/Core/Dxe/Hand/Handle.c:854
#13 0x000000007e935f6c in SockDestroy (Sock=0x7eed3918) at
NetworkPkg/TcpDxe/SockImpl.c:849
#14 0x000000007e92af15 in SockDestroyChild (Sock=0x7eed3918) at
NetworkPkg/TcpDxe/SockInterface.c:195
#15 0x000000007e92aaf6 in TcpServiceBindingDestroyChild (This=0x7e78dd00,
ChildHandle=0x7eed3cd8) at NetworkPkg/TcpDxe/TcpDriver.c:1002
#16 0x000000007e92a018 in TcpDestroyChildEntryInHandleBuffer (Entry=0x7eed3940,
Context=0x7ff5dc20) at NetworkPkg/TcpDxe/TcpDriver.c:401
#17 0x000000007e93fd63 in NetDestroyLinkList (List=0x7e78dd10,
CallBack=0x7e929f2d <TcpDestroyChildEntryInHandleBuffer>, Context=0x7ff5dc20,
ListLength=0x0) at MdeModulePkg/Library/DxeNetLib/DxeNetLib.c:1117
#18 0x000000007e92a1ee in TcpDestroyService (Controller=0x7ee18d18,
ImageHandle=0x7f1852d8, NumberOfChildren=2, ChildHandleBuffer=0x7ee52d98,
IpVersion=6 '\006') at NetworkPkg/TcpDxe/TcpDriver.c:472
#19 0x000000007e92a57d in Tcp6DriverBindingStop (This=0x7e949100,
ControllerHandle=0x7ee18d18, NumberOfChildren=2, ChildHandleBuffer=0x7ee52d98)
at NetworkPkg/TcpDxe/TcpDriver.c:736
#20 0x000000007ff6b943 in CoreDisconnectController
(ControllerHandle=0x7ee18d18, DriverImageHandle=0x7f1852d8, ChildHandle=0x0) at
MdeModulePkg/Core/Dxe/Hand/DriverSupport.c:934
#21 0x000000007ff6d6fc in CoreDisconnectControllersUsingProtocolInterface
(UserHandle=0x7ee18d18, Prot=0x7ee18a98) at
MdeModulePkg/Core/Dxe/Hand/Handle.c:651
#22 0x000000007ff6d955 in CoreUninstallProtocolInterface
(UserHandle=0x7ee18d18, Protocol=0x7e97a870 <gEfiIp6ProtocolGuid>,
Interface=0x7ee188a0) at MdeModulePkg/Core/Dxe/Hand/Handle.c:754
#23 0x000000007e94d225 in Ip6ServiceBindingDestroyChild (This=0x7e775020,
ChildHandle=0x7ee18d18) at NetworkPkg/Ip6Dxe/Ip6Driver.c:992
#24 0x000000007e94ca19 in Ip6DestroyChildEntryInHandleBuffer (Entry=0x7ee18900,
Context=0x7ff5df80) at NetworkPkg/Ip6Dxe/Ip6Driver.c:684
#25 0x000000007e96fb66 in NetDestroyLinkList (List=0x7e775040,
CallBack=0x7e94c92e <Ip6DestroyChildEntryInHandleBuffer>, Context=0x7ff5df80,
ListLength=0x0) at MdeModulePkg/Library/DxeNetLib/DxeNetLib.c:1117
#26 0x000000007e94cbfb in Ip6DriverBindingStop (This=0x7e97b960,
ControllerHandle=0x7e774f18, NumberOfChildren=11, ChildHandleBuffer=0x7ee18ed8)
at NetworkPkg/Ip6Dxe/Ip6Driver.c:756
#27 0x000000007ff6b943 in CoreDisconnectController
(ControllerHandle=0x7e774f18, DriverImageHandle=0x7f186718, ChildHandle=0x0) at
MdeModulePkg/Core/Dxe/Hand/DriverSupport.c:934
#28 0x000000007ff6d6fc in CoreDisconnectControllersUsingProtocolInterface
(UserHandle=0x7e774f18, Prot=0x7ee1af18) at
MdeModulePkg/Core/Dxe/Hand/Handle.c:651
#29 0x000000007ff6d955 in CoreUninstallProtocolInterface
(UserHandle=0x7e774f18, Protocol=0x7ea0d750 <gEfiManagedNetworkProtocolGuid>,
Interface=0x7ee1ae00) at MdeModulePkg/Core/Dxe/Hand/Handle.c:754
#30 0x000000007ff6dafd in CoreUninstallMultipleProtocolInterfaces
(Handle=0x7e774f18) at MdeModulePkg/Core/Dxe/Hand/Handle.c:854
#31 0x000000007e9fb64e in MnpServiceBindingDestroyChild (This=0x7ee40b40,
ChildHandle=0x7e774f18) at MdeModulePkg/Universal/Network/MnpDxe/MnpDriver.c:616
#32 0x000000007e9fd0f1 in MnpDestoryChildEntry (Entry=0x7ee1adf0,
Context=0x7ee40b40) at MdeModulePkg/Universal/Network/MnpDxe/MnpConfig.c:900
#33 0x000000007ea068f1 in NetDestroyLinkList (List=0x7ee40b58,
CallBack=0x7e9fd06b <MnpDestoryChildEntry>, Context=0x7ee40b40,
ListLength=0x7ff5e328) at MdeModulePkg/Library/DxeNetLib/DxeNetLib.c:1117
#34 0x000000007e9fd13a in MnpDestroyServiceChild (MnpServiceData=0x7ee40b18) at
MdeModulePkg/Universal/Network/MnpDxe/MnpConfig.c:923
#35 0x000000007e9fa92c in MnpDestroyServiceChildEntry (Entry=0x7ee40b20,
Context=0x0) at MdeModulePkg/Universal/Network/MnpDxe/MnpDriver.c:72
#36 0x000000007ea068f1 in NetDestroyLinkList (List=0x7f057060,
CallBack=0x7e9fa8af <MnpDestroyServiceChildEntry>, Context=0x0,
ListLength=0x7ff5e438) at MdeModulePkg/Library/DxeNetLib/DxeNetLib.c:1117
#37 0x000000007e9fb178 in MnpDriverBindingStop (This=0x7ea0d7e0,
ControllerHandle=0x7f040d98, NumberOfChildren=3, ChildHandleBuffer=0x7ef69b18)
at MdeModulePkg/Universal/Network/MnpDxe/MnpDriver.c:406
#38 0x000000007ff6b943 in CoreDisconnectController
(ControllerHandle=0x7f040d98, DriverImageHandle=0x7f18a318, ChildHandle=0x0) at
MdeModulePkg/Core/Dxe/Hand/DriverSupport.c:934
#39 0x000000007d998945 in ShellCommandRunDisconnect (ImageHandle=0x0,
SystemTable=0x7feeb018) at
ShellPkg/Library/UefiShellDriver1CommandsLib/Disconnect.c:173
#40 0x000000007d9710b9 in ShellCommandRunCommandHandler
(CommandString=0x7ef48b98, RetVal=0x7ff5e6b4, CanAffectLE=0x7ff5e6b3 "\001") at
ShellPkg/Library/UefiShellCommandLib/UefiShellCommandLib.c:683
#41 0x000000007d94799e in RunInternalCommand (CmdLine=0x7ef42b98,
FirstParameter=0x7ef48b98, ParamProtocol=0x7ef39b98, CommandStatus=0x0) at
ShellPkg/Application/Shell/Shell.c:2241
#42 0x000000007d947b50 in RunCommandOrFile (Type=Internal_Command,
CmdLine=0x7ef42b98, FirstParameter=0x7ef48b98, ParamProtocol=0x7ef39b98,
CommandStatus=0x0) at ShellPkg/Application/Shell/Shell.c:2341
#43 0x000000007d947e9d in SetupAndRunCommandOrFile (Type=Internal_Command,
CmdLine=0x7ef42b98, FirstParameter=0x7ef48b98, ParamProtocol=0x7ef39b98,
CommandStatus=0x0)
at ShellPkg/Application/Shell/Shell.c:2475
#44 0x000000007d94826a in RunShellCommand (CmdLine=0x7dbe2018,
CommandStatus=0x0) at ShellPkg/Application/Shell/Shell.c:2594
#45 0x000000007d948386 in RunCommand (CmdLine=0x7dbe2018) at
ShellPkg/Application/Shell/Shell.c:2632
#46 0x000000007d94578f in DoShellPrompt () at
ShellPkg/Application/Shell/Shell.c:1246
#47 0x000000007d943d75 in UefiMain (ImageHandle=0x7ef24b18,
SystemTable=0x7feeb018) at ShellPkg/Application/Shell/Shell.c:605
#48 0x000000007d9425d2 in ProcessModuleEntryPointList (ImageHandle=0x7ef24b18,
SystemTable=0x7feeb018) at
Build/OvmfX64/DEBUG_GCC48/X64/ShellPkg/Application/Shell/Shell/DEBUG/AutoGen.c:866
#49 0x000000007d9412b1 in _ModuleEntryPoint (ImageHandle=0x7ef24b18,
SystemTable=0x7feeb018) at
MdePkg/Library/UefiApplicationEntryPoint/ApplicationEntryPoint.c:65
#50 0x000000007ff65784 in CoreStartImage (ImageHandle=0x7ef24b18,
ExitDataSize=0x7ff5ebd8, ExitData=0x7ff5ebe0) at
MdeModulePkg/Core/Dxe/Image/Image.c:1661
#51 0x000000007ebe1f2c in BdsLibBootViaBootOption (Option=0x7ef25b98,
DevicePath=0x7ef25918, ExitDataSize=0x7ff5ebd8, ExitData=0x7ff5ebe0) at
IntelFrameworkModulePkg/Library/GenericBdsLib/BdsBoot.c:2436
#52 0x000000007ebbd8df in CallBootManager () at
IntelFrameworkModulePkg/Universal/BdsDxe/BootMngr/BootManager.c:385
#53 0x000000007ebb7fde in PlatformBdsEnterFrontPage (TimeoutDefault=1,
ConnectAllHappened=1 '\001') at
IntelFrameworkModulePkg/Universal/BdsDxe/FrontPage.c:1214
#54 0x000000007ebe770e in PlatformBdsPolicyBehavior
(DriverOptionList=0x7ff5ede0, BootOptionList=0x7ff5edd0,
ProcessCapsules=0x7ebb4f06 <BdsProcessCapsules>, BaseMemoryTest=0x7ebb462e
<BdsMemoryTest>)
at OvmfPkg/Library/PlatformBdsLib/BdsPlatform.c:1356
#55 0x000000007ebb2bd3 in BdsEntry (This=0x7ebfee60) at
IntelFrameworkModulePkg/Universal/BdsDxe/BdsEntry.c:653
#56 0x000000007ff6096a in DxeMain (HobStart=0x7fd14018) at
MdeModulePkg/Core/Dxe/DxeMain/DxeMain.c:517
#57 0x000000007ff5f71d in ProcessModuleEntryPointList (HobStart=0x7bfde000) at
Build/OvmfX64/DEBUG_GCC48/X64/MdeModulePkg/Core/Dxe/DxeMain/DEBUG/AutoGen.c:423
#58 0x000000007ff5f26d in _ModuleEntryPoint (HobStart=0x7bfde000) at
MdePkg/Library/DxeCoreEntryPoint/DxeCoreEntryPoint.c:54
You can see the CoreDisconnectControllersUsingProtocolInterface() function
recurses, but its last invocation fails internally. It takes the error path,
tries to reconnect stuff -- hence CoreConnectController() -- and that blows up.
There are two problems here: (a) I guess this reconnect-on-failure should work,
but (b) more importantly, why is the error path taken at all? Why does
CoreDisconnectControllersUsingProtocolInterface() fail internally?
Thanks
Laszlo
_______________________________________________
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel
