From: "Michael Brown" <mcb30@ipxe.org>
To: Gerd Hoffmann <kraxel@redhat.com>, devel@edk2.groups.io
Cc: Oliver Steffen <osteffen@redhat.com>,
Jiewen Yao <jiewen.yao@intel.com>,
Ard Biesheuvel <ardb+tianocore@kernel.org>,
Pawel Polawski <ppolawsk@redhat.com>,
Jordan Justen <jordan.l.justen@intel.com>,
Laszlo Ersek <lersek@redhat.com>
Subject: Re: [PATCH 1/1] OvmfPkg/NestedInterruptTplLib: replace ASSERT() with a warning logged.
Date: Fri, 28 Apr 2023 11:26:32 +0000 [thread overview]
Message-ID: <01020187c79d5eef-190d7d28-3c30-442a-913b-4dae66b71839-000000@eu-west-1.amazonses.com> (raw)
In-Reply-To: <20230428091019.1506923-1-kraxel@redhat.com>
On 28/04/2023 10:10, Gerd Hoffmann wrote:
> OVMF can't guarantee that the ASSERT() doesn't happen. Misbehaving
> EFI applications can trigger this. So log a warning instead and try
> to continue.
>
> Reproducer: Fetch windows 11 22H2 iso image, boot it in qemu with OVMF.
>
> Traced to BootServices->Stall() being called with IPL=TPL_HIGH_LEVEL
> and Interrupts /enabled/ while windows is booting.
Do we know how the system ended up in a state of being at TPL_HIGH_LEVEL
with interrupts enabled? This ought not to be possible: the code in
EDK2 will (as far as I can tell) always maintain the invariant that
interrupts are disabled while at TPL_HIGH_LEVEL.
> --- a/OvmfPkg/Library/NestedInterruptTplLib/Tpl.c
> +++ b/OvmfPkg/Library/NestedInterruptTplLib/Tpl.c
> @@ -39,7 +39,15 @@ NestedInterruptRaiseTPL (
> //
> ASSERT (GetInterruptState () == FALSE);
> InterruptedTPL = gBS->RaiseTPL (TPL_HIGH_LEVEL);
> - ASSERT (InterruptedTPL < TPL_HIGH_LEVEL);
> + if (InterruptedTPL >= TPL_HIGH_LEVEL) {
> + DEBUG ((
> + DEBUG_WARN,
> + "%a: Called at IPL %d, trying to fixup and continue...\n",
> + __func__,
> + InterruptedTPL
> + ));
> + InterruptedTPL = TPL_HIGH_LEVEL - 1;
> + }
This workaround looks wrong to me: it will cause the subsequent call to
NestedInterruptRestoreTPL() to drop the TPL back down to
TPL_HIGH_LEVEL-1, which is lower than it would have been when the
interrupt occurred. The completed hardware interrupt would then result
in an overall change of TPL, which cannot be correct.
Thanks,
Michael
next prev parent reply other threads:[~2023-04-28 11:26 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-04-28 9:10 [PATCH 1/1] OvmfPkg/NestedInterruptTplLib: replace ASSERT() with a warning logged Gerd Hoffmann
2023-04-28 11:26 ` Michael Brown [this message]
2023-04-28 13:38 ` Gerd Hoffmann
2023-04-28 14:50 ` [edk2-devel] " Michael Brown
2023-05-03 6:27 ` Gerd Hoffmann
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-list from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=01020187c79d5eef-190d7d28-3c30-442a-913b-4dae66b71839-000000@eu-west-1.amazonses.com \
--to=devel@edk2.groups.io \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox