Dear MdeModulePkg maintainers,
I see the Partition driver doing the following in its Stop() function:
BlockIo2->FlushBlocksEx (BlockIo2, NULL);
I don't see in the UEFI spec where Token being set to NULL is defined? What
does Token == NULL mean?
In the AtaBusDriver FlushBlocksEx() seems to just signal the Token? So this
implies the caller can then free Token, and the Buffer used for the
transaction. It seems like Token and Buffer are queued by the AtaBusDriver, so
would not this cause AtaBusDriver to overwrite freed memory? Also If do a large
ReadBlocksEx(), do work, and then do a FlushBlocksEx(), it seems like my event
will be signaled that the read buffer is valid. It looks like the caller gets
signaled that the read is complete, when it may not be complete?
EFI_STATUS
EFIAPI
AtaBlockIoFlushBlocksEx (
IN EFI_BLOCK_IO2_PROTOCOL *This,
IN OUT EFI_BLOCK_IO2_TOKEN *Token
)
{
//
// Signal event and return directly.
//
if (Token != NULL && Token->Event != NULL) {
Token->TransactionStatus = EFI_SUCCESS;
gBS->SignalEvent (Token->Event);
}
return EFI_SUCCESS;
}
Andrew Fish
PS I'm doing some research for USWG on surprise hot removal and I'm trying to
figure out what the Stop() function of the consumer of BlockIo2 should do if
Async I/O is in flight. It seems like the two options are to call
FlushBlocksEx() on all pending transactions, or fail the Stop() until
transactions complete.
------------------------------------------------------------------------------
How fast is your code?
3 out of 4 devs don\\\'t know how their code performs in production.
Find out how slow your code is with AppDynamics Lite.
http://ad.doubleclick.net/clk;262219672;13503038;z?
http://info.appdynamics.com/FreeJavaPerformanceDownload.html
_______________________________________________
edk2-devel mailing list
edk2-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/edk2-devel
