On 06/24/16 06:39, Gary Lin wrote: > On Fri, Jun 24, 2016 at 10:19:30AM +0800, Gary Lin wrote: >> On Thu, Jun 23, 2016 at 02:57:49PM +0200, Laszlo Ersek wrote: >>> On 06/23/16 06:43, Gary Lin wrote: >>>> On Wed, Jun 22, 2016 at 07:24:32PM +0200, Laszlo Ersek wrote: >>>>> Gary, >>>>> >>>>> On 06/22/16 17:33, Laszlo Ersek wrote: >>>>> >>>>> can you please retest with a fresh build of the current iPXE master (at >>>>> 04186319181298083ef28695a8309028b26fe83c presently)? I can no longer >>>>> reproduce the ASSERT -- the iPXE form can be entered just fine. >>>>> >>>>> I don't know what changed. o_O >>>>> >>>> I still got the crash all the time with 0418631918. However, Switching >>>> to cc8824ad (plus the size fix) lowers the chance of crash largerly >>>> (around 1 from 10). cc8824ad is the commit that is right before this: >>>> >>>> 5238c85b623200fa0f44a46db93965080053f745 >>>> [efi] Work around broken EFI HII specification >>>> >>>> The iPXE option started to crash all the time after I switched to >>>> 5238c85b6. However, reverting 5238c85b6 on git master didn't moderate >>>> the crash. The root cause is still hiding somewhere... >>> >>> If it reproduces non-deterministically, that's quite bad. If we don't >>> have a reliable reproducer, I'm not sure how it can be analyzed. >>> >> In my case: >> >> ipxe git 04186319 -> always crash >> ipxe git cc8824ad -> 10% crash >> >> I had some findings by comparing the crash and non-crash log with cc8824ad. >> >> 1. For the non-crash case, all the Statement->ParentStatement of the iPXE >> options were NULL in InitializeDisplayStatement(). >> >> 2. For the crash case, one of the Scope of the iPXE Statement became >> non-zero, so >> MdeModulePkg/Universal/SetupBrowserDxe/IfrParse.c:ParseOpCodes() >> assigned CurrentStatement to ParentStatement. When this happened, >> it's always the statement for "TFTP server". >> > > It seems that iPXE didn't initialize Scope, so the value was assigned > randomly (sort of). > > diff --git a/src/interface/efi/efi_hii.c b/src/interface/efi/efi_hii.c > index 0ea970e..4b5aa9a 100644 > --- a/src/interface/efi/efi_hii.c > +++ b/src/interface/efi/efi_hii.c > @@ -119,6 +119,7 @@ static void * efi_ifr_op ( struct efi_ifr_builder *ifr, > unsigned int opcode, > /* Fill in opcode header */ > op->OpCode = opcode; > op->Length = len; > + op->Scope = 0; > > return op; > } > > After applying this patch, the crash never happened again.
Awesome! Can you please send this patch to ipxe-devel? (Although I can see Michael is on the address list anyway -- good!) Thanks! Laszlo _______________________________________________ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel
