From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by spool.mail.gandi.net (Postfix) with ESMTPS id 158BAD80860 for ; Tue, 23 Jan 2024 01:54:00 +0000 (UTC) DKIM-Signature: a=rsa-sha256; bh=JZHC/G4/YQmE5iok7ddtG7fKbhQMQDKXy9xwUO663NA=; c=relaxed/simple; d=groups.io; h=DKIM-Filter:Message-ID:Date:MIME-Version:User-Agent:Subject:To:Cc:References:From:In-Reply-To:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Language:Content-Type:Content-Transfer-Encoding; s=20140610; t=1705974839; v=1; b=uq4L0mrH7N/08aiyNdvH9GQvIvxRIp6d94sVvrpEGjnCxhgXXZVN/yTINfzaa2LSKN1V6gse s1KjxPaYg+xOCK+pboS6Ug4wR0rY5d5Jd56jLI7ST93B66grLtAZfo27ibeWV7r+GgynZX8KN0x yrU9hGraMf8c2M0bgB8l4sXk= X-Received: by 127.0.0.2 with SMTP id dA8bYY7687511x5ixMwQH23b; Mon, 22 Jan 2024 17:53:59 -0800 X-Received: from linux.microsoft.com (linux.microsoft.com [13.77.154.182]) by mx.groups.io with SMTP id smtpd.web10.1681.1705974838957512245 for ; Mon, 22 Jan 2024 17:53:59 -0800 X-Received: from [10.137.194.171] (unknown [131.107.160.171]) by linux.microsoft.com (Postfix) with ESMTPSA id 7D30120E2C1E; Mon, 22 Jan 2024 17:53:58 -0800 (PST) DKIM-Filter: OpenDKIM Filter v2.11.0 linux.microsoft.com 7D30120E2C1E Message-ID: Date: Mon, 22 Jan 2024 17:53:58 -0800 MIME-Version: 1.0 User-Agent: Mozilla Thunderbird Subject: Re: [edk2-devel] AArch64 with HeapGuard: page allocations wrongly aligned To: devel@edk2.groups.io, rebecca@os.amperecomputing.com Cc: Leif Lindholm , Ard Biesheuvel , Jian J Wang , Liming Gao , Dandan Bi References: <05f6388b-155e-427d-8e34-0ac571e97fb8@os.amperecomputing.com> <24affef7-eb96-4a82-b9d4-b616eb90024d@os.amperecomputing.com> <17AB84FD31479E00.28523@groups.io> <0a589fed-02f1-4598-bbbc-98bad0e8b04f@linux.microsoft.com> <14dac152-dfea-4ad3-bd52-300990bd1be8@os.amperecomputing.com> <09a8622e-be60-46e2-8e96-447dacb8c12f@linux.microsoft.com> <9696df58-283c-447d-b801-c3bb57b3787d@os.amperecomputing.com> From: "Oliver Smith-Denny" In-Reply-To: <9696df58-283c-447d-b801-c3bb57b3787d@os.amperecomputing.com> Precedence: Bulk List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,osde@linux.microsoft.com List-Unsubscribe-Post: List-Unsubscribe=One-Click List-Unsubscribe: X-Gm-Message-State: ZGV5HXw0UYZrHujqLhGksGzAx7686176AA= Content-Language: en-US Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: quoted-printable X-GND-Status: LEGIT Authentication-Results: spool.mail.gandi.net; dkim=pass header.d=groups.io header.s=20140610 header.b=uq4L0mrH; spf=pass (spool.mail.gandi.net: domain of bounce@groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce@groups.io; dmarc=fail reason="SPF not aligned (relaxed), DKIM not aligned (relaxed)" header.from=linux.microsoft.com (policy=none) On 1/22/2024 2:06 PM, Rebecca Cran via groups.io wrote: > On 1/19/2024 1:03 PM, Oliver Smith-Denny wrote: >=20 >> Thanks for trying. In lieu of being able to test myself, all I can offer >> is adding some more prints, when the memory gets allocated, making sure >> it is 64k aligned then. I'd be curious to see what the address is that >> is attempting to be freed. >> >> My guess (as it was earlier) is that it is going to be aligned to >> 64k but + 4k. I.e the guard page at the front is throwing it off. There >> may have just been an error in my attempt to fix the check for that. >> >> If however that address is not 64k + 4k aligned, then something else is >> afoot. >> >> Happy to look at some more data if you get it or can engineer an example >> on an open source system (can you force the system to call this function >> twice even without the extra SMBIOS entries, etc.). >=20 > These are the addresses it's allocating with and without HeapGuard (with= =20 > the original, upstream Page.c code). >=20 >=20 > Without HeapGuard: >=20 > SmbiosCreate64BitTable() re-allocate SMBIOS 64-bit table > Allocated 0x00000000EF110000 with gBS->AllocatePages (AllocateAnyPages,= =20 > EfiRuntimeServicesData, EFI_SIZE_TO_PAGES (55), 0x00000000FB7C0000) > ... > SmbiosCreate64BitTable() re-allocate SMBIOS 64-bit table > SmbiosCreate64BitTable: calling FreePages (0x00000000EF110000, 1) > Allocated 0x00000000EF110000 with gBS->AllocatePages (AllocateAnyPages,= =20 > EfiRuntimeServicesData, EFI_SIZE_TO_PAGES (4153), 0x00000000FB8AEC8E) >=20 > ------------------------------------------------------ >=20 > WITH HeapGuard: >=20 > SmbiosCreate64BitTable() re-allocate SMBIOS 64-bit table > Allocated 0x00000000ED36F000 with gBS->AllocatePages (AllocateAnyPages,= =20 > EfiRuntimeServicesData, EFI_SIZE_TO_PAGES (55), 0x00000000ED38F000) > ... > SmbiosCreate64BitTable() re-allocate SMBIOS 64-bit table > SmbiosCreate64BitTable: calling FreePages (0x00000000ED36F000, 1) > >=20 I was able to repro your bug (by just turning on page guards on ArmVirtQemu, allocating runtime mem and freeing it). I think you are the first person to free runtime mem on ARM64 with page guards enabled (and to care when it failed :). The heap guard code is not written with ARM64 in mind (nor is much of the codebase, of course). Specifically in this case the heap guard code only wishes to preserve 4 KB alignment, it knows nothing of ARM64's runtime page granularity required. Let me take a look at this, I'm working on a solution here, but I want to test this out further. I'll try to send a patch later this week or next. Oliver -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#114162): https://edk2.groups.io/g/devel/message/114162 Mute This Topic: https://groups.io/mt/103810212/7686176 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-