From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <afish@apple.com>
Received: from mail-in5.apple.com (mail-out5.apple.com [17.151.62.27])
 (using TLSv1 with cipher AES256-SHA (256/256 bits))
 (No client certificate requested)
 by ml01.01.org (Postfix) with ESMTPS id 41AAE1A1E0B
 for <edk2-devel@lists.01.org>; Mon,  8 Aug 2016 16:07:41 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; d=apple.com; s=mailout2048s;
 c=relaxed/simple; 
 q=dns/txt; i=@apple.com; t=1470697660; x=2334611260;
 h=From:Sender:Reply-To:Subject:Date:Message-id:To:Cc:MIME-version:Content-type:
 Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date:Resent-From:
 Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:References:List-Id:
 List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive;
 bh=J1/oUyfwCU4Kf2M5DNP0PfGyW5zqOG/LN+6DP/YJFeI=;
 b=lrEkjYmfKINnBcVucsTKw7bKsL+9FtKTV3ORnTvmCE3nj5v2dtnt/2p48CoooCnd
 njG9EWWrpCRM4OuWQ9X+vUO1HLBlTe/1EyDX9Dw4qIWTtKfjqqNxClKj933iSTeF
 GU5avic8k5RImH0dF/e9ymVpiFoqDB1UyLkAMTVhh1+w5riY1a4jtX8/pzht8rZu
 Fxba3NmJ3otaEIritdaUmtcFzC9re8TCS9t47AdUt01XIbW2yUCZPRSpLemn2KgJ
 LDars6XZ5rE7dQl82hx3WSv6qNeKzgGPvQk5PDPLbAmi2s7zBIzLqTR60oUIX/bX
 w5w/e3uUcW3t77LPb30mrA==;
Received: from relay5.apple.com (relay5.apple.com [17.128.113.88])
 by mail-in5.apple.com (Apple Secure Mail Relay) with SMTP id
 17.D9.07273.AB019A75; Mon,  8 Aug 2016 16:07:40 -0700 (PDT)
X-AuditID: 11973e13-f794a6d000001c69-e9-57a910bca822
Received: from nwk-mmpp-sz09.apple.com (nwk-mmpp-sz09.apple.com
 [17.128.115.80])
 by relay5.apple.com (Apple SCV relay) with SMTP id 0A.40.30701.9B019A75;
 Mon,  8 Aug 2016 16:07:38 -0700 (PDT)
MIME-version: 1.0
Received: from [17.153.49.132] by nwk-mmpp-sz09.apple.com
 (Oracle Communications Messaging Server 8.0.1.1.0 64bit (built Jun 15 2016))
 with ESMTPSA id <0OBM00E275KOQB30@nwk-mmpp-sz09.apple.com> for
 edk2-devel@lists.01.org; Mon, 08 Aug 2016 16:07:37 -0700 (PDT)
Sender: afish@apple.com
From: Andrew Fish <afish@apple.com>
Message-id: <776695E1-E864-42F4-A633-B86FB913A510@apple.com>
Date: Mon, 08 Aug 2016 16:07:45 -0700
To: edk2-devel <edk2-devel@lists.01.org>
X-Mailer: Apple Mail (2.3112)
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFtrKLMWRmVeSWpSXmKPExsUi2FAYobtHYGW4wY+7ChZ7Dh1ldmD06J79
 jyWAMYrLJiU1J7MstUjfLoEro+VoE0vBjv+MFbtOXmNsYPx+n7GLkZNDQsBE4tebD0wQtpjE
 hXvr2boYuTiEBPYySnw88pUdpuj/9bfMEImDjBIth4+xgSR4BQQlfky+xwJiMwuESXxePJ8d
 oqiLSeL+vZdgK4QFxCXendnEDGKzCShLrJj/AaxIWKCfUaLzfy8rxCQbiQ0/b4LdwSKgKnHn
 wGKwqSICGhJbu1uZIc6Qldi3YQHYfRICC9gkvh3tYZzAKDALySWzkFwCYWtJfH/UChTnALLl
 JQ6el4UIa0o8u/cJqkRb4sm7C6wLGNlWMQrlJmbm6GbmmeolFhTkpOol5+duYgSF83Q74R2M
 p1dZHWIU4GBU4uG9sHxFuBBrYllxZe4hRmkOFiVxXotlQCGB9MSS1OzU1ILUovii0pzU4kOM
 TBycUg2Mss94H332eppm5HKht7pI+X3RPDXTIzlyTx8YFS6YzLL3qQGHWeZX9webpS0VGxrf
 vtzKUHPtaK+kyOYy37wp+h+aDSr+BzCozK4J/Gnye+kq4T/75GW1CxPT1kTyH9oacu33Dt/n
 /n/qV/Amltp9c1r+4lvoj4lbnqhuE1Hb0/H+J8PCZ14MSizFGYmGWsxFxYkAtmWGqEgCAAA=
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFprPIsWRmVeSWpSXmKPExsUi2FAcoLtLYGW4waTJTBZ7Dh1ldmD06J79
 jyWAMYrLJiU1J7MstUjfLoEro+VoE0vBjv+MFbtOXmNsYPx+n7GLkZNDQsBE4v/1t8wQtpjE
 hXvr2boYuTiEBA4ySrQcPsYGkuAVEJT4MfkeC4jNLBAm8XnxfHaIoi4mifv3XoJNEhYQl3h3
 ZhPYJDYBZYkV8z+AFQkL9DNKdP7vZYWYZCOx4edNJhCbRUBV4s6BxWBTRQQ0JLZ2t0KdISux
 b8MCtgmMvLOQLJ+FZDmErSXx/VErUJwDyJaXOHheFiKsKfHs3ieoEm2JJ+8usC5gZFvFKFCU
 mpNYaaqXWFCQk6qXnJ+7iREcfoUROxj/L7M6xCjAwajEw3th+YpwIdbEsuLK3EOMEhzMSiK8
 9pwrw4V4UxIrq1KL8uOLSnNSiw8xTmQEemAis5Rocj4wOvJK4g1NTAxMjI3NjI3NTcxpKawk
 zvtIfmm4kEB6YklqdmpqQWoRzFFMHJxSDYwHr2n4fXm3uHrz7Zy/ufvY3zAxKt6NemVn0z0j
 2+9EisSpVT8vhGr90c1muXomwa1qa22buvbVYGXOoADhcPZc530q+utebcjP1mLi5jrK5tF6
 xPRo5pTrx6alrREKnTLJ9xrz1X7m6zYcOubsSi2C+722JE55nZjP91dxTs5GpqW2Ah9vRSmx
 FGckGmoxFxUnAgBs6XpIsgIAAA==
X-Content-Filtered-By: Mailman/MimeDel 2.1.21
Subject: [MdeModulePkg] SetVirtualAddressMap() crashed due to DxeReportStatusCodeLib assuming the state of the BootService Memory at runtime.
X-BeenThere: edk2-devel@lists.01.org
X-Mailman-Version: 2.1.21
Precedence: list
List-Id: EDK II Development  <edk2-devel.lists.01.org>
List-Unsubscribe: <https://lists.01.org/mailman/options/edk2-devel>,
 <mailto:edk2-devel-request@lists.01.org?subject=unsubscribe>
List-Archive: <http://lists.01.org/pipermail/edk2-devel/>
List-Post: <mailto:edk2-devel@lists.01.org>
List-Help: <mailto:edk2-devel-request@lists.01.org?subject=help>
List-Subscribe: <https://lists.01.org/mailman/listinfo/edk2-devel>,
 <mailto:edk2-devel-request@lists.01.org?subject=subscribe>
X-List-Received-Date: Mon, 08 Aug 2016 23:07:41 -0000
Content-Type: text/plain; CHARSET=US-ASCII
Content-Transfer-Encoding: 7BIT

I was messing about with an ExitBootServices test that fills boot services memory with 0xAFAFAFAFAFAFAFAF (It was Vincent's idea to use my Initials but it has the handy property of being a non-cononical address and causes on GP fault on X64) and SetVirtualAddressMap() started crashing. 

It looks like this code is assuming the 1st call to ReportStatus code will not happen at runtime. This is not the case for the RuntimeDxe driver. 
https://github.com/tianocore/edk2/blob/master/MdeModulePkg/Library/DxeReportStatusCodeLib/ReportStatusCodeLib.c#L43
VOID
InternalGetReportStatusCode (
  VOID
  )
{
  EFI_STATUS  Status;

  if (mReportStatusCodeLibStatusCodeProtocol != NULL) {
    return;
  }

  //
  // Check gBS just in case ReportStatusCode is called before gBS is initialized.
  //
  if (gBS != NULL && gBS->LocateProtocol != NULL) {
    Status = gBS->LocateProtocol (&gEfiStatusCodeRuntimeProtocolGuid, NULL, (VOID**) &mReportStatusCodeLibStatusCodeProtocol);
    if (EFI_ERROR (Status)) {
      mReportStatusCodeLibStatusCodeProtocol = NULL;
    }
  }
}

I'm guessing this seems to work due to:https://github.com/tianocore/edk2/blob/master/MdeModulePkg/Core/Dxe/DxeMain/DxeMain.c#L803

  //
  // Zero out the Boot Service Table
  //
  ZeroMem (gBS, sizeof (EFI_BOOT_SERVICES));


Thus if I'm looking at this code correctly it only looks like it works at Runtime since it is depending on the value of a boot services memory buffer not changing. This is not a valid assumption as that code is owned by the caller of ExitBootServices, so it should be legal for my test to change the value. 

I wanted to get a few more eyes on this prior to filling a bug?

Thanks,

Andrew Fish