I found a fun bug in the Shell today. Looks like we have been getting lucky?

public inbox for devel@edk2.groups.io
 help / color / mirror / Atom feed

* I found a fun bug in the Shell today. Looks like we have been getting lucky?
@ 2016-08-25  0:59 Andrew Fish
  2016-08-25  1:26 ` Andrew Fish
  0 siblings, 1 reply; 6+ messages in thread
From: Andrew Fish @ 2016-08-25  0:59 UTC (permalink / raw)
  To: edk2-devel

I was tracking down a data corruption issue when paging was enabled on an edk2 shell command. The crash was in a custom ConSpliter over writing a DXE Core data structure. The buffer overflow seemed to be caused by the Console getting confused on the location of the end of the screen. I set a watchpoint on gST->ConOut->Mode->CursorRow and found the shell was the one corrupting the Mode data. 

UEFI Spec: The following data values in the SIMPLE_TEXT_OUTPUT_MODE interface are read-only and are changed by using the appropriate interface functions:

(master)>git grep "OurConOut.Mode"
Application/Shell/ConsoleLogger.c:72:  (*ConsoleInfo)->OurConOut.Mode              = gST->ConOut->Mode;
Application/Shell/ConsoleLogger.c:647://    ShellInfoObject.ConsoleInfo->OurConOut.Mode->CursorRow    = 0;
Application/Shell/ConsoleLogger.c:648://    ShellInfoObject.ConsoleInfo->OurConOut.Mode->CursorColumn = 0;
Application/Shell/ConsoleLogger.c:704:      if (ConsoleInfo->OurConOut.Mode->CursorColumn > 0) {
Application/Shell/ConsoleLogger.c:705:        ConsoleInfo->OurConOut.Mode->CursorColumn--;
Application/Shell/ConsoleLogger.c:734:      ConsoleInfo->OurConOut.Mode->CursorRow++;
Application/Shell/ConsoleLogger.c:741:      ConsoleInfo->OurConOut.Mode->CursorColumn = 0;
Application/Shell/ConsoleLogger.c:747:      ConsoleInfo->OurConOut.Mode->CursorColumn++;
Application/Shell/ConsoleLogger.c:751:      if ((INTN)ConsoleInfo->ColsPerScreen == ConsoleInfo->OurConOut.Mode->CursorColumn + 1) {
Application/Shell/ConsoleLogger.c:781:        ConsoleInfo->OurConOut.Mode->CursorRow++;
Application/Shell/ConsoleLogger.c:782:        ConsoleInfo->OurConOut.Mode->CursorColumn = 0;
Application/Shell/ConsoleLogger.c:976:    ConsoleInfo->OurConOut.Mode = ConsoleInfo->OldConOut->Mode;

I'm not exactly sure what this code is trying to do as the console should update Mode structure directly? Maybe the intent was to have a copy of gST->ConOut->Mode and keep it in sync? It seems like this should cause more issues, but maybe the edk2 ConSplitter is not broken by this behavior and we are getting lucky? 

Thanks,

Andrew Fish

https://tianocore.acgmultimedia.com/show_bug.cgi?id=105

^ permalink raw reply	[flat|nested] 6+ messages in thread

* Re: I found a fun bug in the Shell today. Looks like we have been getting lucky?
  2016-08-25  0:59 I found a fun bug in the Shell today. Looks like we have been getting lucky? Andrew Fish
@ 2016-08-25  1:26 ` Andrew Fish
  2016-08-25 16:05   ` Carsey, Jaben
  0 siblings, 1 reply; 6+ messages in thread
From: Andrew Fish @ 2016-08-25  1:26 UTC (permalink / raw)
  To: edk2-devel


> On Aug 24, 2016, at 5:59 PM, Andrew Fish <afish@apple.com> wrote:
> 
> I was tracking down a data corruption issue when paging was enabled on an edk2 shell command. The crash was in a custom ConSpliter over writing a DXE Core data structure. The buffer overflow seemed to be caused by the Console getting confused on the location of the end of the screen. I set a watchpoint on gST->ConOut->Mode->CursorRow and found the shell was the one corrupting the Mode data. 
> 
> UEFI Spec: The following data values in the SIMPLE_TEXT_OUTPUT_MODE interface are read-only and are changed by using the appropriate interface functions:
> 
> (master)>git grep "OurConOut.Mode"
> Application/Shell/ConsoleLogger.c:72:  (*ConsoleInfo)->OurConOut.Mode              = gST->ConOut->Mode;
> Application/Shell/ConsoleLogger.c:647://    ShellInfoObject.ConsoleInfo->OurConOut.Mode->CursorRow    = 0;
> Application/Shell/ConsoleLogger.c:648://    ShellInfoObject.ConsoleInfo->OurConOut.Mode->CursorColumn = 0;
> Application/Shell/ConsoleLogger.c:704:      if (ConsoleInfo->OurConOut.Mode->CursorColumn > 0) {
> Application/Shell/ConsoleLogger.c:705:        ConsoleInfo->OurConOut.Mode->CursorColumn--;
> Application/Shell/ConsoleLogger.c:734:      ConsoleInfo->OurConOut.Mode->CursorRow++;
> Application/Shell/ConsoleLogger.c:741:      ConsoleInfo->OurConOut.Mode->CursorColumn = 0;
> Application/Shell/ConsoleLogger.c:747:      ConsoleInfo->OurConOut.Mode->CursorColumn++;
> Application/Shell/ConsoleLogger.c:751:      if ((INTN)ConsoleInfo->ColsPerScreen == ConsoleInfo->OurConOut.Mode->CursorColumn + 1) {
> Application/Shell/ConsoleLogger.c:781:        ConsoleInfo->OurConOut.Mode->CursorRow++;
> Application/Shell/ConsoleLogger.c:782:        ConsoleInfo->OurConOut.Mode->CursorColumn = 0;
> Application/Shell/ConsoleLogger.c:976:    ConsoleInfo->OurConOut.Mode = ConsoleInfo->OldConOut->Mode;
> 
> 
> I'm not exactly sure what this code is trying to do as the console should update Mode structure directly? Maybe the intent was to have a copy of gST->ConOut->Mode and keep it in sync? It seems like this should cause more issues, but maybe the edk2 ConSplitter is not broken by this behavior and we are getting lucky? 
> 

I forgot to mention that setting the Mode->CursorRow in the console code back to the last row if was larger looks like it hides this bug in the shell. 

Thanks,

Andrew Fish


> Thanks,
> 
> Andrew Fish
> 
> https://tianocore.acgmultimedia.com/show_bug.cgi?id=105
> _______________________________________________
> edk2-devel mailing list
> edk2-devel@lists.01.org
> https://lists.01.org/mailman/listinfo/edk2-devel



^ permalink raw reply	[flat|nested] 6+ messages in thread

* Re: I found a fun bug in the Shell today. Looks like we have been getting lucky?
  2016-08-25  1:26 ` Andrew Fish
@ 2016-08-25 16:05   ` Carsey, Jaben
  2016-08-25 16:08     ` Andrew Fish
  0 siblings, 1 reply; 6+ messages in thread
From: Carsey, Jaben @ 2016-08-25 16:05 UTC (permalink / raw)
  To: Andrew Fish, edk2-devel; +Cc: Ni, Ruiyu, Carsey, Jaben

Andrew,

Can you file a Bugzilla issue so we can track this issue properly?

-Jaben

> -----Original Message-----
> From: edk2-devel [mailto:edk2-devel-bounces@lists.01.org] On Behalf Of
> Andrew Fish
> Sent: Wednesday, August 24, 2016 6:26 PM
> To: edk2-devel <edk2-devel@lists.01.org>
> Subject: Re: [edk2] I found a fun bug in the Shell today. Looks like we have
> been getting lucky?
> Importance: High
> 
> 
> > On Aug 24, 2016, at 5:59 PM, Andrew Fish <afish@apple.com> wrote:
> >
> > I was tracking down a data corruption issue when paging was enabled on an
> edk2 shell command. The crash was in a custom ConSpliter over writing a DXE
> Core data structure. The buffer overflow seemed to be caused by the
> Console getting confused on the location of the end of the screen. I set a
> watchpoint on gST->ConOut->Mode->CursorRow and found the shell was
> the one corrupting the Mode data.
> >
> > UEFI Spec: The following data values in the SIMPLE_TEXT_OUTPUT_MODE
> interface are read-only and are changed by using the appropriate interface
> functions:
> >
> > (master)>git grep "OurConOut.Mode"
> > Application/Shell/ConsoleLogger.c:72:  (*ConsoleInfo)->OurConOut.Mode
> = gST->ConOut->Mode;
> > Application/Shell/ConsoleLogger.c:647://    ShellInfoObject.ConsoleInfo-
> >OurConOut.Mode->CursorRow    = 0;
> > Application/Shell/ConsoleLogger.c:648://    ShellInfoObject.ConsoleInfo-
> >OurConOut.Mode->CursorColumn = 0;
> > Application/Shell/ConsoleLogger.c:704:      if (ConsoleInfo-
> >OurConOut.Mode->CursorColumn > 0) {
> > Application/Shell/ConsoleLogger.c:705:        ConsoleInfo-
> >OurConOut.Mode->CursorColumn--;
> > Application/Shell/ConsoleLogger.c:734:      ConsoleInfo->OurConOut.Mode-
> >CursorRow++;
> > Application/Shell/ConsoleLogger.c:741:      ConsoleInfo->OurConOut.Mode-
> >CursorColumn = 0;
> > Application/Shell/ConsoleLogger.c:747:      ConsoleInfo->OurConOut.Mode-
> >CursorColumn++;
> > Application/Shell/ConsoleLogger.c:751:      if ((INTN)ConsoleInfo-
> >ColsPerScreen == ConsoleInfo->OurConOut.Mode->CursorColumn + 1) {
> > Application/Shell/ConsoleLogger.c:781:        ConsoleInfo-
> >OurConOut.Mode->CursorRow++;
> > Application/Shell/ConsoleLogger.c:782:        ConsoleInfo-
> >OurConOut.Mode->CursorColumn = 0;
> > Application/Shell/ConsoleLogger.c:976:    ConsoleInfo->OurConOut.Mode =
> ConsoleInfo->OldConOut->Mode;
> >
> >
> > I'm not exactly sure what this code is trying to do as the console should
> update Mode structure directly? Maybe the intent was to have a copy of
> gST->ConOut->Mode and keep it in sync? It seems like this should cause
> more issues, but maybe the edk2 ConSplitter is not broken by this behavior
> and we are getting lucky?
> >
> 
> I forgot to mention that setting the Mode->CursorRow in the console code
> back to the last row if was larger looks like it hides this bug in the shell.
> 
> Thanks,
> 
> Andrew Fish
> 
> 
> > Thanks,
> >
> > Andrew Fish
> >
> > https://tianocore.acgmultimedia.com/show_bug.cgi?id=105
> > _______________________________________________
> > edk2-devel mailing list
> > edk2-devel@lists.01.org
> > https://lists.01.org/mailman/listinfo/edk2-devel
> 
> _______________________________________________
> edk2-devel mailing list
> edk2-devel@lists.01.org
> https://lists.01.org/mailman/listinfo/edk2-devel


^ permalink raw reply	[flat|nested] 6+ messages in thread

* Re: I found a fun bug in the Shell today. Looks like we have been getting lucky?
  2016-08-25 16:05   ` Carsey, Jaben
@ 2016-08-25 16:08     ` Andrew Fish
  2016-08-25 16:17       ` Carsey, Jaben
  0 siblings, 1 reply; 6+ messages in thread
From: Andrew Fish @ 2016-08-25 16:08 UTC (permalink / raw)
  To: Carsey, Jaben; +Cc: edk2-devel, Ni, Ruiyu


> On Aug 25, 2016, at 9:05 AM, Carsey, Jaben <jaben.carsey@intel.com> wrote:
> 
> Andrew,
> 
> Can you file a Bugzilla issue so we can track this issue properly?
> 

Jaben,

I attached the URL at the end of the original mail: https://tianocore.acgmultimedia.com/show_bug.cgi?id=105

Thanks,

Andrew Fish

> -Jaben
> 
>> -----Original Message-----
>> From: edk2-devel [mailto:edk2-devel-bounces@lists.01.org] On Behalf Of
>> Andrew Fish
>> Sent: Wednesday, August 24, 2016 6:26 PM
>> To: edk2-devel <edk2-devel@lists.01.org>
>> Subject: Re: [edk2] I found a fun bug in the Shell today. Looks like we have
>> been getting lucky?
>> Importance: High
>> 
>> 
>>> On Aug 24, 2016, at 5:59 PM, Andrew Fish <afish@apple.com> wrote:
>>> 
>>> I was tracking down a data corruption issue when paging was enabled on an
>> edk2 shell command. The crash was in a custom ConSpliter over writing a DXE
>> Core data structure. The buffer overflow seemed to be caused by the
>> Console getting confused on the location of the end of the screen. I set a
>> watchpoint on gST->ConOut->Mode->CursorRow and found the shell was
>> the one corrupting the Mode data.
>>> 
>>> UEFI Spec: The following data values in the SIMPLE_TEXT_OUTPUT_MODE
>> interface are read-only and are changed by using the appropriate interface
>> functions:
>>> 
>>> (master)>git grep "OurConOut.Mode"
>>> Application/Shell/ConsoleLogger.c:72:  (*ConsoleInfo)->OurConOut.Mode
>> = gST->ConOut->Mode;
>>> Application/Shell/ConsoleLogger.c:647://    ShellInfoObject.ConsoleInfo-
>>> OurConOut.Mode->CursorRow    = 0;
>>> Application/Shell/ConsoleLogger.c:648://    ShellInfoObject.ConsoleInfo-
>>> OurConOut.Mode->CursorColumn = 0;
>>> Application/Shell/ConsoleLogger.c:704:      if (ConsoleInfo-
>>> OurConOut.Mode->CursorColumn > 0) {
>>> Application/Shell/ConsoleLogger.c:705:        ConsoleInfo-
>>> OurConOut.Mode->CursorColumn--;
>>> Application/Shell/ConsoleLogger.c:734:      ConsoleInfo->OurConOut.Mode-
>>> CursorRow++;
>>> Application/Shell/ConsoleLogger.c:741:      ConsoleInfo->OurConOut.Mode-
>>> CursorColumn = 0;
>>> Application/Shell/ConsoleLogger.c:747:      ConsoleInfo->OurConOut.Mode-
>>> CursorColumn++;
>>> Application/Shell/ConsoleLogger.c:751:      if ((INTN)ConsoleInfo-
>>> ColsPerScreen == ConsoleInfo->OurConOut.Mode->CursorColumn + 1) {
>>> Application/Shell/ConsoleLogger.c:781:        ConsoleInfo-
>>> OurConOut.Mode->CursorRow++;
>>> Application/Shell/ConsoleLogger.c:782:        ConsoleInfo-
>>> OurConOut.Mode->CursorColumn = 0;
>>> Application/Shell/ConsoleLogger.c:976:    ConsoleInfo->OurConOut.Mode =
>> ConsoleInfo->OldConOut->Mode;
>>> 
>>> 
>>> I'm not exactly sure what this code is trying to do as the console should
>> update Mode structure directly? Maybe the intent was to have a copy of
>> gST->ConOut->Mode and keep it in sync? It seems like this should cause
>> more issues, but maybe the edk2 ConSplitter is not broken by this behavior
>> and we are getting lucky?
>>> 
>> 
>> I forgot to mention that setting the Mode->CursorRow in the console code
>> back to the last row if was larger looks like it hides this bug in the shell.
>> 
>> Thanks,
>> 
>> Andrew Fish
>> 
>> 
>>> Thanks,
>>> 
>>> Andrew Fish
>>> 
>>> https://tianocore.acgmultimedia.com/show_bug.cgi?id=105
>>> _______________________________________________
>>> edk2-devel mailing list
>>> edk2-devel@lists.01.org
>>> https://lists.01.org/mailman/listinfo/edk2-devel
>> 
>> _______________________________________________
>> edk2-devel mailing list
>> edk2-devel@lists.01.org
>> https://lists.01.org/mailman/listinfo/edk2-devel



^ permalink raw reply	[flat|nested] 6+ messages in thread

* Re: I found a fun bug in the Shell today. Looks like we have been getting lucky?
  2016-08-25 16:08     ` Andrew Fish
@ 2016-08-25 16:17       ` Carsey, Jaben
  2016-08-25 16:20         ` Andrew Fish
  0 siblings, 1 reply; 6+ messages in thread
From: Carsey, Jaben @ 2016-08-25 16:17 UTC (permalink / raw)
  To: afish@apple.com; +Cc: edk2-devel, Ni, Ruiyu, Carsey, Jaben

Doh!  Thanks!  I didn't realize that was the bug.  I will have to finally learn that servers name one of these days...

> -----Original Message-----
> From: afish@apple.com [mailto:afish@apple.com]
> Sent: Thursday, August 25, 2016 9:08 AM
> To: Carsey, Jaben <jaben.carsey@intel.com>
> Cc: edk2-devel <edk2-devel@lists.01.org>; Ni, Ruiyu <ruiyu.ni@intel.com>
> Subject: Re: [edk2] I found a fun bug in the Shell today. Looks like we have
> been getting lucky?
> Importance: High
> 
> 
> > On Aug 25, 2016, at 9:05 AM, Carsey, Jaben <jaben.carsey@intel.com>
> wrote:
> >
> > Andrew,
> >
> > Can you file a Bugzilla issue so we can track this issue properly?
> >
> 
> Jaben,
> 
> I attached the URL at the end of the original mail:
> https://tianocore.acgmultimedia.com/show_bug.cgi?id=105
> 
> Thanks,
> 
> Andrew Fish
> 
> > -Jaben
> >
> >> -----Original Message-----
> >> From: edk2-devel [mailto:edk2-devel-bounces@lists.01.org] On Behalf Of
> >> Andrew Fish
> >> Sent: Wednesday, August 24, 2016 6:26 PM
> >> To: edk2-devel <edk2-devel@lists.01.org>
> >> Subject: Re: [edk2] I found a fun bug in the Shell today. Looks like we
> have
> >> been getting lucky?
> >> Importance: High
> >>
> >>
> >>> On Aug 24, 2016, at 5:59 PM, Andrew Fish <afish@apple.com> wrote:
> >>>
> >>> I was tracking down a data corruption issue when paging was enabled on
> an
> >> edk2 shell command. The crash was in a custom ConSpliter over writing a
> DXE
> >> Core data structure. The buffer overflow seemed to be caused by the
> >> Console getting confused on the location of the end of the screen. I set a
> >> watchpoint on gST->ConOut->Mode->CursorRow and found the shell was
> >> the one corrupting the Mode data.
> >>>
> >>> UEFI Spec: The following data values in the
> SIMPLE_TEXT_OUTPUT_MODE
> >> interface are read-only and are changed by using the appropriate
> interface
> >> functions:
> >>>
> >>> (master)>git grep "OurConOut.Mode"
> >>> Application/Shell/ConsoleLogger.c:72:  (*ConsoleInfo)-
> >OurConOut.Mode
> >> = gST->ConOut->Mode;
> >>> Application/Shell/ConsoleLogger.c:647://    ShellInfoObject.ConsoleInfo-
> >>> OurConOut.Mode->CursorRow    = 0;
> >>> Application/Shell/ConsoleLogger.c:648://    ShellInfoObject.ConsoleInfo-
> >>> OurConOut.Mode->CursorColumn = 0;
> >>> Application/Shell/ConsoleLogger.c:704:      if (ConsoleInfo-
> >>> OurConOut.Mode->CursorColumn > 0) {
> >>> Application/Shell/ConsoleLogger.c:705:        ConsoleInfo-
> >>> OurConOut.Mode->CursorColumn--;
> >>> Application/Shell/ConsoleLogger.c:734:      ConsoleInfo-
> >OurConOut.Mode-
> >>> CursorRow++;
> >>> Application/Shell/ConsoleLogger.c:741:      ConsoleInfo-
> >OurConOut.Mode-
> >>> CursorColumn = 0;
> >>> Application/Shell/ConsoleLogger.c:747:      ConsoleInfo-
> >OurConOut.Mode-
> >>> CursorColumn++;
> >>> Application/Shell/ConsoleLogger.c:751:      if ((INTN)ConsoleInfo-
> >>> ColsPerScreen == ConsoleInfo->OurConOut.Mode->CursorColumn + 1) {
> >>> Application/Shell/ConsoleLogger.c:781:        ConsoleInfo-
> >>> OurConOut.Mode->CursorRow++;
> >>> Application/Shell/ConsoleLogger.c:782:        ConsoleInfo-
> >>> OurConOut.Mode->CursorColumn = 0;
> >>> Application/Shell/ConsoleLogger.c:976:    ConsoleInfo-
> >OurConOut.Mode =
> >> ConsoleInfo->OldConOut->Mode;
> >>>
> >>>
> >>> I'm not exactly sure what this code is trying to do as the console should
> >> update Mode structure directly? Maybe the intent was to have a copy of
> >> gST->ConOut->Mode and keep it in sync? It seems like this should cause
> >> more issues, but maybe the edk2 ConSplitter is not broken by this
> behavior
> >> and we are getting lucky?
> >>>
> >>
> >> I forgot to mention that setting the Mode->CursorRow in the console
> code
> >> back to the last row if was larger looks like it hides this bug in the shell.
> >>
> >> Thanks,
> >>
> >> Andrew Fish
> >>
> >>
> >>> Thanks,
> >>>
> >>> Andrew Fish
> >>>
> >>> https://tianocore.acgmultimedia.com/show_bug.cgi?id=105
> >>> _______________________________________________
> >>> edk2-devel mailing list
> >>> edk2-devel@lists.01.org
> >>> https://lists.01.org/mailman/listinfo/edk2-devel
> >>
> >> _______________________________________________
> >> edk2-devel mailing list
> >> edk2-devel@lists.01.org
> >> https://lists.01.org/mailman/listinfo/edk2-devel



^ permalink raw reply	[flat|nested] 6+ messages in thread

* Re: I found a fun bug in the Shell today. Looks like we have been getting lucky?
  2016-08-25 16:17       ` Carsey, Jaben
@ 2016-08-25 16:20         ` Andrew Fish
  0 siblings, 0 replies; 6+ messages in thread
From: Andrew Fish @ 2016-08-25 16:20 UTC (permalink / raw)
  To: Carsey, Jaben; +Cc: edk2-devel, Ni, Ruiyu


> On Aug 25, 2016, at 9:17 AM, Carsey, Jaben <jaben.carsey@intel.com> wrote:
> 
> Doh!  Thanks!  I didn't realize that was the bug.  I will have to finally learn that servers name one of these days...
> 

No worries I thought the URL would be more obvious, I should have labeled it.

Thanks,

Andrew Fish

>> -----Original Message-----
>> From: afish@apple.com [mailto:afish@apple.com]
>> Sent: Thursday, August 25, 2016 9:08 AM
>> To: Carsey, Jaben <jaben.carsey@intel.com>
>> Cc: edk2-devel <edk2-devel@lists.01.org>; Ni, Ruiyu <ruiyu.ni@intel.com>
>> Subject: Re: [edk2] I found a fun bug in the Shell today. Looks like we have
>> been getting lucky?
>> Importance: High
>> 
>> 
>>> On Aug 25, 2016, at 9:05 AM, Carsey, Jaben <jaben.carsey@intel.com>
>> wrote:
>>> 
>>> Andrew,
>>> 
>>> Can you file a Bugzilla issue so we can track this issue properly?
>>> 
>> 
>> Jaben,
>> 
>> I attached the URL at the end of the original mail:
>> https://tianocore.acgmultimedia.com/show_bug.cgi?id=105
>> 
>> Thanks,
>> 
>> Andrew Fish
>> 
>>> -Jaben
>>> 
>>>> -----Original Message-----
>>>> From: edk2-devel [mailto:edk2-devel-bounces@lists.01.org] On Behalf Of
>>>> Andrew Fish
>>>> Sent: Wednesday, August 24, 2016 6:26 PM
>>>> To: edk2-devel <edk2-devel@lists.01.org>
>>>> Subject: Re: [edk2] I found a fun bug in the Shell today. Looks like we
>> have
>>>> been getting lucky?
>>>> Importance: High
>>>> 
>>>> 
>>>>> On Aug 24, 2016, at 5:59 PM, Andrew Fish <afish@apple.com> wrote:
>>>>> 
>>>>> I was tracking down a data corruption issue when paging was enabled on
>> an
>>>> edk2 shell command. The crash was in a custom ConSpliter over writing a
>> DXE
>>>> Core data structure. The buffer overflow seemed to be caused by the
>>>> Console getting confused on the location of the end of the screen. I set a
>>>> watchpoint on gST->ConOut->Mode->CursorRow and found the shell was
>>>> the one corrupting the Mode data.
>>>>> 
>>>>> UEFI Spec: The following data values in the
>> SIMPLE_TEXT_OUTPUT_MODE
>>>> interface are read-only and are changed by using the appropriate
>> interface
>>>> functions:
>>>>> 
>>>>> (master)>git grep "OurConOut.Mode"
>>>>> Application/Shell/ConsoleLogger.c:72:  (*ConsoleInfo)-
>>> OurConOut.Mode
>>>> = gST->ConOut->Mode;
>>>>> Application/Shell/ConsoleLogger.c:647://    ShellInfoObject.ConsoleInfo-
>>>>> OurConOut.Mode->CursorRow    = 0;
>>>>> Application/Shell/ConsoleLogger.c:648://    ShellInfoObject.ConsoleInfo-
>>>>> OurConOut.Mode->CursorColumn = 0;
>>>>> Application/Shell/ConsoleLogger.c:704:      if (ConsoleInfo-
>>>>> OurConOut.Mode->CursorColumn > 0) {
>>>>> Application/Shell/ConsoleLogger.c:705:        ConsoleInfo-
>>>>> OurConOut.Mode->CursorColumn--;
>>>>> Application/Shell/ConsoleLogger.c:734:      ConsoleInfo-
>>> OurConOut.Mode-
>>>>> CursorRow++;
>>>>> Application/Shell/ConsoleLogger.c:741:      ConsoleInfo-
>>> OurConOut.Mode-
>>>>> CursorColumn = 0;
>>>>> Application/Shell/ConsoleLogger.c:747:      ConsoleInfo-
>>> OurConOut.Mode-
>>>>> CursorColumn++;
>>>>> Application/Shell/ConsoleLogger.c:751:      if ((INTN)ConsoleInfo-
>>>>> ColsPerScreen == ConsoleInfo->OurConOut.Mode->CursorColumn + 1) {
>>>>> Application/Shell/ConsoleLogger.c:781:        ConsoleInfo-
>>>>> OurConOut.Mode->CursorRow++;
>>>>> Application/Shell/ConsoleLogger.c:782:        ConsoleInfo-
>>>>> OurConOut.Mode->CursorColumn = 0;
>>>>> Application/Shell/ConsoleLogger.c:976:    ConsoleInfo-
>>> OurConOut.Mode =
>>>> ConsoleInfo->OldConOut->Mode;
>>>>> 
>>>>> 
>>>>> I'm not exactly sure what this code is trying to do as the console should
>>>> update Mode structure directly? Maybe the intent was to have a copy of
>>>> gST->ConOut->Mode and keep it in sync? It seems like this should cause
>>>> more issues, but maybe the edk2 ConSplitter is not broken by this
>> behavior
>>>> and we are getting lucky?
>>>>> 
>>>> 
>>>> I forgot to mention that setting the Mode->CursorRow in the console
>> code
>>>> back to the last row if was larger looks like it hides this bug in the shell.
>>>> 
>>>> Thanks,
>>>> 
>>>> Andrew Fish
>>>> 
>>>> 
>>>>> Thanks,
>>>>> 
>>>>> Andrew Fish
>>>>> 
>>>>> https://tianocore.acgmultimedia.com/show_bug.cgi?id=105
>>>>> _______________________________________________
>>>>> edk2-devel mailing list
>>>>> edk2-devel@lists.01.org
>>>>> https://lists.01.org/mailman/listinfo/edk2-devel
>>>> 
>>>> _______________________________________________
>>>> edk2-devel mailing list
>>>> edk2-devel@lists.01.org
>>>> https://lists.01.org/mailman/listinfo/edk2-devel
> 



^ permalink raw reply	[flat|nested] 6+ messages in thread

end of thread, other threads:[~2016-08-25 16:20 UTC | newest]

Thread overview: 6+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2016-08-25  0:59 I found a fun bug in the Shell today. Looks like we have been getting lucky? Andrew Fish
2016-08-25  1:26 ` Andrew Fish
2016-08-25 16:05   ` Carsey, Jaben
2016-08-25 16:08     ` Andrew Fish
2016-08-25 16:17       ` Carsey, Jaben
2016-08-25 16:20         ` Andrew Fish

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox