On Mon, Oct 15, 2018 at 12:51:38PM +0800, Dave Young wrote:
> On 09/30/18 at 05:27pm, Dave Young wrote:
> > On 09/30/18 at 05:21pm, Dave Young wrote:
> > > On 09/27/18 at 09:21am, Bjorn Helgaas wrote:
> > > > From: Bjorn Helgaas <bhelgaas@xxxxxxxxxx>
> > > >
> > > > The only use of KEXEC_BACKUP_SRC_END is as an argument to
> > > > walk_system_ram_res():
> > > >
> > > > int crash_load_segments(struct kimage *image)
> > > > {
> > > > ...
> > > > walk_system_ram_res(KEXEC_BACKUP_SRC_START, KEXEC_BACKUP_SRC_END,
> > > > image, determine_backup_region);
> > > >
> > > > walk_system_ram_res() expects "start, end" arguments that are inclusive,
> > > > i.e., the range to be walked includes both the start and end addresses.
> > >
> > > Looking at the function comment of find_next_iomem_res, the res->end
> > > should be exclusive, am I missing something?
> >
> > Oops, you fix it in 2nd patch, I apparently miss that.
> >
> > Since the fix of checking the end is in another patch, probably merge
> > these two patches so that they are in one patch to avoid break bisect.
>
> Not sure if above comment was missed, Boris, would you mind to fold the
> patch 1 and 2?
Sorry, I did miss this comment.
Patch 2 was for the very specific case of a single-byte resource at
the end address, which we probably never see in practice.
For patch 1, the find_next_iomem_res() function comment had
"[res->start.res->end)", but I think the code actually treated it as
"[res->start.res->end]", so the comment was inaccurate.
Before my patches we had:
#define KEXEC_BACKUP_SRC_START (0UL)
#define KEXEC_BACKUP_SRC_END (640 * 1024UL) # 0xa0000
The intention is to search for system RAM resources that intersect
this region:
[mem 0x0-0x9ffff]
The call is:
walk_system_ram_res(KEXEC_BACKUP_SRC_START, KEXEC_BACKUP_SRC_END,
..., determine_backup_region);
walk_system_ram_res(0, 0xa0000, ..., determine_backup_region);
Assume iomem_resource contains this system RAM resource:
[mem 0x90000-0xaffff]
In find_next_iomem_res(), the "res" input parameter is the region to
search:
res->start = 0; # KEXEC_BACKUP_SRC_START
res->end = 0xa0000; # KEXEC_BACKUP_SRC_END
In one of the loop iterations we find the [mem 0x90000-0xaffff]
resource (p):
p->start = 0x90000;
p->end = 0xaffff;
if (p->start > end) # 0x90000 > 0xa0000? false
if (p->end >= start && p->start < end) # 0xaffff >= 0 ? true
# 0x90000 < 0xa0000 ? true
break; # so we'll return part of "p"
if (res->start < p->start) # 0x0 < 0x90000 ? true
res->start = 0x90000; # trim beginning to p->start
if (res->end > p->end) # 0xa0000 > 0xaffff ? false
So find_next_iomem_res() returns with this:
res->start = 0x90000; # trimmed to p->start
res->end = 0xa0000; # unchanged from input
[mem 0x90000-0xa0000] # returned resource (res)
and we call determine_backup_region(res), which sets:
image->arch.backup_src_start = 0x90000;
image->arch.backup_src_sz = resource_size(res) # 0xa0000 - 0x90000 + 1
# (0x10001)
This is incorrect. What we wanted was the part of [mem 0x90000-0xaffff]
that intersects the first 640K, i.e., [mem 0x90000-0x9ffff], but what
we got was [mem 0x90000-0xa0000], which is one byte too long.
The resource returned find_next_iomem_res() always ends at the
"res->end" supplied as an input parameter *unless* the input res->end
is strictly greater than the p->end, when it is truncated to p->end.
Bottom line, I don't think patches 1 and 2 need to be folded together
because they fix different problems.
Bjorn
_______________________________________________
kexec mailing list
kexec@xxxxxxxxxxxxxxxxxxx
http://lists.infradead.org/mailman/listinfo/kexec
