On Fri, Jun 24, 2016 at 10:19:30AM +0800, Gary Lin wrote:
> On Thu, Jun 23, 2016 at 02:57:49PM +0200, Laszlo Ersek wrote:
> > On 06/23/16 06:43, Gary Lin wrote:
> > > On Wed, Jun 22, 2016 at 07:24:32PM +0200, Laszlo Ersek wrote:
> > >> Gary,
> > >>
> > >> On 06/22/16 17:33, Laszlo Ersek wrote:
> > >>
> > >> can you please retest with a fresh build of the current iPXE master (at
> > >> 04186319181298083ef28695a8309028b26fe83c presently)? I can no longer
> > >> reproduce the ASSERT -- the iPXE form can be entered just fine.
> > >>
> > >> I don't know what changed. o_O
> > >>
> > > I still got the crash all the time with 0418631918. However, Switching
> > > to cc8824ad (plus the size fix) lowers the chance of crash largerly
> > > (around 1 from 10). cc8824ad is the commit that is right before this:
> > >
> > > 5238c85b623200fa0f44a46db93965080053f745
> > > [efi] Work around broken EFI HII specification
> > >
> > > The iPXE option started to crash all the time after I switched to
> > > 5238c85b6. However, reverting 5238c85b6 on git master didn't moderate
> > > the crash. The root cause is still hiding somewhere...
> >
> > If it reproduces non-deterministically, that's quite bad. If we don't
> > have a reliable reproducer, I'm not sure how it can be analyzed.
> >
> In my case:
>
> ipxe git 04186319 -> always crash
> ipxe git cc8824ad -> 10% crash
>
> I had some findings by comparing the crash and non-crash log with cc8824ad.
>
> 1. For the non-crash case, all the Statement->ParentStatement of the iPXE
> options were NULL in InitializeDisplayStatement().
>
> 2. For the crash case, one of the Scope of the iPXE Statement became
> non-zero, so
> MdeModulePkg/Universal/SetupBrowserDxe/IfrParse.c:ParseOpCodes()
> assigned CurrentStatement to ParentStatement. When this happened,
> it's always the statement for "TFTP server".
>
It seems that iPXE didn't initialize Scope, so the value was assigned
randomly (sort of).
diff --git a/src/interface/efi/efi_hii.c b/src/interface/efi/efi_hii.c
index 0ea970e..4b5aa9a 100644
--- a/src/interface/efi/efi_hii.c
+++ b/src/interface/efi/efi_hii.c
@@ -119,6 +119,7 @@ static void * efi_ifr_op ( struct efi_ifr_builder *ifr,
unsigned int opcode,
/* Fill in opcode header */
op->OpCode = opcode;
op->Length = len;
+ op->Scope = 0;
return op;
}
After applying this patch, the crash never happened again.
Cheers,
Gary Lin
> > Can you perhaps correlate the crash with network traffic (tcpdump)? I'm
> > just grasping at straws here. Also, what exactly is your OVMF build
> > command line? Maybe it correlates somehow with the set of modules built
> > into OVMF.
> >
> I built OVMF with this command:
> ./build.sh -D SECURE_BOOT_ENABLE -D NETWORK_IP6_ENABLE -D HTTP_BOOT_ENABLE
>
> Hope this helps.
>
> Thanks,
>
> Gary Lin
> _______________________________________________
> edk2-devel mailing list
> edk2-devel@lists.01.org
> https://lists.01.org/mailman/listinfo/edk2-devel
_______________________________________________
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel
