From: Andrew Fish <afish@apple.com>
To: Leif Lindholm <leif.lindholm@linaro.org>
Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>,
ruiyu.ni@intel.com, edk2-devel@lists.01.org,
liming.gao@intel.com, Mike Kinney <michael.d.kinney@intel.com>,
lersek@redhat.com, star.zeng@intel.com
Subject: Re: [PATCH 1/3] MdePkg: introduce DxeRuntimeDebugLibSerialPort
Date: Tue, 20 Feb 2018 08:20:48 -0800 [thread overview]
Message-ID: <CD2B4213-01FF-44FA-BE11-725F1E4E7431@apple.com> (raw)
In-Reply-To: <20180220141641.p47czk4yb74xutyu@bivouac.eciton.net>
> On Feb 20, 2018, at 6:16 AM, Leif Lindholm <leif.lindholm@linaro.org> wrote:
>
> On Tue, Feb 20, 2018 at 11:05:22AM +0000, Ard Biesheuvel wrote:
>> +/**
>> + Prints an assert message containing a filename, line number, and description.
>> + This may be followed by a breakpoint or a dead loop.
>> +
>> + Print a message of the form "ASSERT <FileName>(<LineNumber>): <Description>\n"
>> + to the debug output device. If DEBUG_PROPERTY_ASSERT_BREAKPOINT_ENABLED bit
>> + of PcdDebugProperyMask is set then CpuBreakpoint() is called. Otherwise, if
>> + DEBUG_PROPERTY_ASSERT_DEADLOOP_ENABLED bit of PcdDebugProperyMask is set then
>> + CpuDeadLoop() is called. If neither of these bits are set, then this function
>> + returns immediately after the message is printed to the debug output device.
>> + DebugAssert() must actively prevent recursion. If DebugAssert() is called
>> + while processing another DebugAssert(), then DebugAssert() must return
>> + immediately.
>> +
>> + If FileName is NULL, then a <FileName> string of "(NULL) Filename" is printed.
>> + If Description is NULL, then a <Description> string of "(NULL) Description" is
>> + printed.
>> +
>> + @param FileName The pointer to the name of the source file that generated
>> + the assert condition.
>> + @param LineNumber The line number in the source file that generated the
>> + assert condition
>> + @param Description The pointer to the description of the assert condition.
>> +
>> +**/
>> +VOID
>> +EFIAPI
>> +DebugAssert (
>> + IN CONST CHAR8 *FileName,
>> + IN UINTN LineNumber,
>> + IN CONST CHAR8 *Description
>> + )
>> +{
>> + CHAR8 Buffer[MAX_DEBUG_MESSAGE_LENGTH];
>> +
>> + if (!mEfiAtRuntime) {
>> + //
>> + // Generate the ASSERT() message in Ascii format
>> + //
>> + AsciiSPrint (Buffer, sizeof (Buffer), "ASSERT [%a] %a(%d): %a\n",
>> + gEfiCallerBaseName, FileName, LineNumber, Description);
>> +
>> + //
>> + // Send the print string to the Console Output device
>> + //
>> + SerialPortWrite ((UINT8 *)Buffer, AsciiStrLen (Buffer));
>> + }
>> +
>> + //
>> + // Generate a Breakpoint, DeadLoop, or NOP based on PCD settings
>> + //
>> + if ((FixedPcdGet8 (PcdDebugPropertyMask) &
>> + DEBUG_PROPERTY_ASSERT_BREAKPOINT_ENABLED) != 0) {
>> + CpuBreakpoint ();
>> + } else if ((FixedPcdGet8 (PcdDebugPropertyMask) &
>> + DEBUG_PROPERTY_ASSERT_DEADLOOP_ENABLED) != 0) {
>> + CpuDeadLoop ();
>> + }
>
> Hmm ... I know this does not fundamentally change the behaviour of the
> existing implementation, but if we're looking to improve runtime
> behaviour, we've just gone from generating a runtime fault to silently
> freezing (if BREAKPOINT_ENABLED or DEADLOOP_ENABLED).
>
> What do breakpoint/deadloop mean in a runtime context anyway - do we
> not need to halt _all_ running cores?
>
> I don't see an obvious "right way" solution here, and this only
> affects DEBUG builds.
Leif,
It is not related to DEBUG builds, it is related to PCD configuration.
> Possible ways of handling this that I can think
> of include:
> - Don't respect BREAKPOINT/DEADLOOP if at runtime.
> - Respect BREAKPOINT/DEADLOOP and disable all cores.
> - Take ownership back of the system and re-enable 1:1 mapping so
> messages can be printed.
>
There is not much risk of losing user data if you "panic" EFI, that is not true if you are going to "panic" the OS. I've seen more bugs at runtime from confusion about what is legal to do at runtime, vs. actual bugs. You can always just return device error on failure, and if the RT Services hangs you can core dump the OS. Given the OS provided the virtual mapping it is likely the stuck EFI could would be in the stack trace of the panic.
Thanks,
Andrew Fish
> /
> Leif
> _______________________________________________
> edk2-devel mailing list
> edk2-devel@lists.01.org
> https://lists.01.org/mailman/listinfo/edk2-devel
next prev parent reply other threads:[~2018-02-20 16:14 UTC|newest]
Thread overview: 15+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-02-20 11:05 [PATCH 0/3] Create UART DebugLib implementation for runtime drivers Ard Biesheuvel
2018-02-20 11:05 ` [PATCH 1/3] MdePkg: introduce DxeRuntimeDebugLibSerialPort Ard Biesheuvel
2018-02-20 14:16 ` Leif Lindholm
2018-02-20 16:20 ` Andrew Fish [this message]
2018-02-20 17:08 ` Leif Lindholm
2018-02-20 16:35 ` Laszlo Ersek
2018-02-20 19:22 ` Kinney, Michael D
2018-02-22 15:21 ` Ard Biesheuvel
2018-02-20 11:05 ` [PATCH 2/3] ArmVirtPkg: switch to DXE runtime version of DebugLib where appropriate Ard Biesheuvel
2018-02-20 16:44 ` Laszlo Ersek
2018-02-20 11:05 ` [PATCH 3/3] MdePkg/BaseDebugLibSerialPort: blacklist for use by DXE runtime drivers Ard Biesheuvel
2018-02-20 14:22 ` Leif Lindholm
2018-02-20 16:59 ` Laszlo Ersek
2018-02-20 18:02 ` Kinney, Michael D
2018-02-21 10:27 ` Laszlo Ersek
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-list from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=CD2B4213-01FF-44FA-BE11-725F1E4E7431@apple.com \
--to=devel@edk2.groups.io \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox