smallsolar/u-boot
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

sandbox: Abort if a partition memory map is detected

Browse Source 
This can indicate that something is horribly wrong. It seems better to
abort, rather than just print a message which might not be noticed.

If the mapping does not map exactly, abort.

Series-to: concept
Cover-letter:
sandbox: Fix memory corruption around 1MB
After many hours of debugging, it turns out that the PCI EA driver is
mapping itself into RAM at 1MB. This happens to be where the kernel
ends up, with the vbe_abrec_os bootmeth. Since measurement is enabled,
bootm_measure() calls map_sysmem() on the kernel in order to measure it.

easurement takes place, although of course using the wrong data. Then,
through a strange sequence of events, which I have found very hard to
narrow down, the malloc() heap is corrupted.

This series provides a fix.

To repeat this problem:

  NO_LTO=1 ./test/py/test.py --bd sandbox --build -k
     "(ut or vbe) and not efi and not slow and not dm"

which dies when running vbe_test_abrec_oem_norun:

   ...
   => echo $?
   0
   => host bind 0 [...]/build-sandbox/persistent-data/vbe1.img
   => ut -f bootstd vbe_test_abrec_oem_norun
   Test: bootstd_setup_for_tests: bootstd_common.c
   common/dlmalloc.c:793: do_check_free_chunk:
      Assertion `next->prev_size == sz' failed.
   resetting ...

With this series, the above now passes.
END
Signed-off-by: Simon Glass <sjg@chromium.org>
This commit is contained in:
Simon Glass
2025-08-17 14:03:07 -06:00
parent 5ef5e6a8cc
commit 0d523d8d55
1 changed files with 10 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
arch/sandbox/cpu/mem.c
View File

@@ -138,8 +138,17 @@ void *map_physmem(phys_addr_t paddr, unsigned long len, unsigned long flags)
map_dev = NULL;
if (enable_pci_map && !pci_map_physmem(paddr, &len, &map_dev, &ptr)) {
if (plen != len) {
printf("%s: Warning: partial map at %x, wanted %lx, got %lx\n",
/*
* This may actually be harmless, but since this feature
* is only used in tests, it is better to fix the text
* to request the correct size. Aborting here enables
* use of gdb to figure out what went wrong. It may mask
* a very hard-to-debug problem, if sandbox's RAM is
* inadvertently mapped in.
*/
printf("%s: Fatal: partial map at %x, wanted %lx, got %lx\n",
__func__, (uint)paddr, plen, len);
os_abort();
}
map_len = len;
log_debug("pci map %lx -> %p\n", (ulong)paddr, ptr);