tech-kern archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
EFI memory map
Hello
I am tracking a startup crash with qemu + EFI + HEAD of NetBSD/amd64.
[ 1.0000030] cpu0 at mainbus0 apid 0
[ 1.0000030] cpu0: QEMU Virtual CPU version 2.5+, id 0x663
[ 1.0000030] cpu0: package 0, core 0, smt 0
[ 1.0000030] uvm_fault(0xffffffff81991680, 0xffff954fe7200000, 2) -> e
gdb tells me that it happens in cpu_svs_init/uvm_pagealloc_strat/pagezero
but the problem is not specific to SVS. If I disable it, I gate the same
kind of crash in another pagezero() later.
I disovered that the problem is tied to the EFI memory map provided by
the boot loader. If I patch the kernel so that BTINFO_EFIMEMMAP is ignored,
the crash disaprear. In this case x86_fake_clusters() is called to replace
the memory map.
DEBUG_MEMMAP shows the diffrence:
BIOS boot (no crash)
[ 1.0000000] loading freelist 5 0x8000-0x9f000 (0x8-0x9f)
[ 1.0000000] loading freelist 5 0x100000-0x200000 (0x100-0x200)
[ 1.0000000] loading default 0x1d3d000-0xffe0000 (0x1d3d-0xffe0)
EFI boot with BTINFO_EFIMEMMAP disabled
[ 1.0000000] loading freelist 5 0x8000-0xa0000 (0x8-0xa0)
[ 1.0000000] loading freelist 5 0x100000-0x200000 (0x100-0x200)
[ 1.0000000] loading default 0x1d3d000-0xf80f000 (0x1d3d-0xf80f)
EFI boot (crash happens)
[ 1.0000000] loading freelist 5 0x8000-0xa0000 (0x8-0xa0)
[ 1.0000000] loading freelist 5 0x100000-0x800000 (0x100-0x800)
[ 1.0000000] loading freelist 5 0x808000-0x810000 (0x808-0x810)
[ 1.0000000] loading freelist 5 0x900000-0x1000000 (0x900-0x1000)
[ 1.0000000] loading default 0x1000000-0xe7f6000 (0x1000-0xe7f6)
[ 1.0000000] loading default 0xe832000-0xea52000 (0xe832-0xea52)
[ 1.0000000] loading default 0xeb1b000-0xfb9b000 (0xeb1b-0xfb9b)
[ 1.0000000] loading default 0xfbff000-0xfef4000 (0xfbff-0xfef4)
And indeed, studying the crash in ddb shows it happens when
accessing a physical address that is excluded by x86_fake_clusters()
but included by EFI memory map.
db{0}> x/i $rip
netbsd:kmem_intr_alloc+0x64: movq %r12,0(%rax)
db{0}> print $rax
ffff920578600008
db{0}> call vtophys(ffff920578600008)
1000008
Why and how does x86_fake_clusters() avoids 0x1000000 - 0x1d3d000 ?
Should I add some code to blacklist it?
Here is the UEFI memory map. It shows 0x0900000-0xe7f5fff as
ConventionalMemory.
[ 1.0000000] MEMMAP: p0x0000000000000000-0x000000000009ffff
[ 1.0000000] v0x0000000000000000-0x000000000009ffff
[ 1.0000000] size=0x00000000000a0000, attr=0x000000000000000f
[ 1.0000000] type=7(ConventionalMemory)
[ 1.0000000] MEMMAP: p0x0000000000100000-0x00000000007fffff
[ 1.0000000] v0x0000000000000000-0x00000000006fffff
[ 1.0000000] size=0x0000000000700000, attr=0x000000000000000f
[ 1.0000000] type=7(ConventionalMemory)
[ 1.0000000] MEMMAP: p0x0000000000800000-0x0000000000807fff
[ 1.0000000] v0x0000000000000000-0x0000000000007fff
[ 1.0000000] size=0x0000000000008000, attr=0x000000000000000f
[ 1.0000000] type=10(ACPIMemoryNVS)
[ 1.0000000] MEMMAP: p0x0000000000808000-0x000000000080ffff
[ 1.0000000] v0x0000000000000000-0x0000000000007fff
[ 1.0000000] size=0x0000000000008000, attr=0x000000000000000f
[ 1.0000000] type=7(ConventionalMemory)
[ 1.0000000] MEMMAP: p0x0000000000810000-0x00000000008fffff
[ 1.0000000] v0x0000000000000000-0x00000000000effff
[ 1.0000000] size=0x00000000000f0000, attr=0x000000000000000f
[ 1.0000000] type=10(ACPIMemoryNVS)
[ 1.0000000] MEMMAP: p0x0000000000900000-0x000000000e7f5fff
[ 1.0000000] v0x0000000000000000-0x000000000def5fff
[ 1.0000000] size=0x000000000def6000, attr=0x000000000000000f
[ 1.0000000] type=7(ConventionalMemory)
[ 1.0000000] MEMMAP: p0x000000000e7f6000-0x000000000e80efff
[ 1.0000000] v0x0000000000000000-0x0000000000018fff
[ 1.0000000] size=0x0000000000019000, attr=0x000000000000000f
[ 1.0000000] type=10(ACPIMemoryNVS)
[ 1.0000000] MEMMAP: p0x000000000e80f000-0x000000000e831fff
[ 1.0000000] v0x0000000000000000-0x0000000000022fff
[ 1.0000000] size=0x0000000000023000, attr=0x000000000000000f
[ 1.0000000] type=0(Reserved)
[ 1.0000000] MEMMAP: p0x000000000e832000-0x000000000ea51fff
[ 1.0000000] v0x0000000000000000-0x000000000021ffff
[ 1.0000000] size=0x0000000000220000, attr=0x000000000000000f
[ 1.0000000] type=7(ConventionalMemory)
[ 1.0000000] MEMMAP: p0x000000000ea52000-0x000000000ea56fff
[ 1.0000000] v0x0000000000000000-0x0000000000004fff
[ 1.0000000] size=0x0000000000005000, attr=0x800000000000000f
[ 1.0000000] type=6(RuntimeServicesData)
[ 1.0000000] MEMMAP: p0x000000000ea57000-0x000000000ea5efff
[ 1.0000000] v0x0000000000000000-0x0000000000007fff
[ 1.0000000] size=0x0000000000008000, attr=0x800000000000000f
[ 1.0000000] type=5(RuntimeServicesCode)
[ 1.0000000] MEMMAP: p0x000000000ea5f000-0x000000000ea63fff
[ 1.0000000] v0x0000000000000000-0x0000000000004fff
[ 1.0000000] size=0x0000000000005000, attr=0x800000000000000f
[ 1.0000000] type=6(RuntimeServicesData)
[ 1.0000000] MEMMAP: p0x000000000ea64000-0x000000000ea6afff
[ 1.0000000] v0x0000000000000000-0x0000000000006fff
[ 1.0000000] size=0x0000000000007000, attr=0x800000000000000f
[ 1.0000000] type=5(RuntimeServicesCode)
[ 1.0000000] MEMMAP: p0x000000000ea6b000-0x000000000ea6ffff
[ 1.0000000] v0x0000000000000000-0x0000000000004fff
[ 1.0000000] size=0x0000000000005000, attr=0x800000000000000f
[ 1.0000000] type=6(RuntimeServicesData)
[ 1.0000000] MEMMAP: p0x000000000ea70000-0x000000000ea79fff
[ 1.0000000] v0x0000000000000000-0x0000000000009fff
[ 1.0000000] size=0x000000000000a000, attr=0x800000000000000f
[ 1.0000000] type=5(RuntimeServicesCode)
[ 1.0000000] MEMMAP: p0x000000000ea7a000-0x000000000eb08fff
[ 1.0000000] v0x0000000000000000-0x000000000008efff
[ 1.0000000] size=0x000000000008f000, attr=0x800000000000000f
[ 1.0000000] type=6(RuntimeServicesData)
[ 1.0000000] MEMMAP: p0x000000000eb09000-0x000000000eb1afff
[ 1.0000000] v0x0000000000000000-0x0000000000011fff
[ 1.0000000] size=0x0000000000012000, attr=0x800000000000000f
[ 1.0000000] type=5(RuntimeServicesCode)
[ 1.0000000] MEMMAP: p0x000000000eb1b000-0x000000000fb9afff
[ 1.0000000] v0x0000000000000000-0x000000000107ffff
[ 1.0000000] size=0x0000000001080000, attr=0x000000000000000f
[ 1.0000000] type=7(ConventionalMemory)
[ 1.0000000] MEMMAP: p0x000000000fb9b000-0x000000000fbcafff
[ 1.0000000] v0x0000000000000000-0x000000000002ffff
[ 1.0000000] size=0x0000000000030000, attr=0x800000000000000f
[ 1.0000000] type=5(RuntimeServicesCode)
[ 1.0000000] MEMMAP: p0x000000000fbcb000-0x000000000fbeefff
[ 1.0000000] v0x0000000000000000-0x0000000000023fff
[ 1.0000000] size=0x0000000000024000, attr=0x800000000000000f
[ 1.0000000] type=6(RuntimeServicesData)
[ 1.0000000] MEMMAP: p0x000000000fbef000-0x000000000fbf2fff
[ 1.0000000] v0x0000000000000000-0x0000000000003fff
[ 1.0000000] size=0x0000000000004000, attr=0x000000000000000f
[ 1.0000000] type=0(Reserved)
[ 1.0000000] MEMMAP: p0x000000000fbf3000-0x000000000fbfafff
[ 1.0000000] v0x0000000000000000-0x0000000000007fff
[ 1.0000000] size=0x0000000000008000, attr=0x000000000000000f
[ 1.0000000] type=9(ACPIReclaimMemory)
[ 1.0000000] MEMMAP: p0x000000000fbfb000-0x000000000fbfefff
[ 1.0000000] v0x0000000000000000-0x0000000000003fff
[ 1.0000000] size=0x0000000000004000, attr=0x000000000000000f
[ 1.0000000] type=10(ACPIMemoryNVS)
[ 1.0000000] MEMMAP: p0x000000000fbff000-0x000000000fef3fff
[ 1.0000000] v0x0000000000000000-0x00000000002f4fff
[ 1.0000000] size=0x00000000002f5000, attr=0x000000000000000f
[ 1.0000000] type=7(ConventionalMemory)
[ 1.0000000] MEMMAP: p0x000000000fef4000-0x000000000ff77fff
[ 1.0000000] v0x0000000000000000-0x0000000000083fff
[ 1.0000000] size=0x0000000000084000, attr=0x800000000000000f
[ 1.0000000] type=6(RuntimeServicesData)
[ 1.0000000] MEMMAP: p0x000000000ff78000-0x000000000fffffff
[ 1.0000000] v0x0000000000000000-0x0000000000087fff
[ 1.0000000] size=0x0000000000088000, attr=0x000000000000000f
[ 1.0000000] type=10(ACPIMemoryNVS)
--
Emmanuel Dreyfus
manu%netbsd.org@localhost
Home |
Main Index |
Thread Index |
Old Index