[ipxe-devel] memory corruption with embedded script as initrd

Till Straumann strauman at slac.stanford.edu
Wed Feb 8 01:24:09 UTC 2012


Thanks for iPXE.

I built a lkrn image of ipxe-f6840ba (head as of 2/1/2012)
which I boot via grub-legacy.

When I used a script ('embedded' via the initrd method)
then I observed hangs or crashes.

I tracked this down to memory corruption due to the following:


allocates and registers an image for the embedded script
from 'inird_init()' which is a 'init_fn'.
Since the data area for this image is allocated via
umalloc() the heap 'lazy-init' kicks in at this point.

However, this seems too early since now the entire (bios-reported)
memory which includes everything used/occupied by ipxe itself
is used by the heap.

It seems to me that using umalloc() can only safely
be called after 'hide_etherboot()' (arch/i386/firmware/pcbios/hidemem.c)
has constrained the reported memory to exclude the areas
used by iPXE. Note that 'hide_etherboot()' is a 'startup_fn'
and as such is only called *after* all 'init_fn's (and thus 

Once I converted 'initrd_init()' from a 'init_fn' to a
__startup_fn( STARTUP_NORMAL ) everything worked fine.

However, I'm not sure if my fix is the recommended solution
since I'm not acquainted well enough with the code.

Please CC me on any replies - I'm obviously not subscribed.

- Till
-------------- next part --------------
A non-text attachment was scrubbed...
Name: runtime.c.diff
Type: text/x-patch
Size: 1483 bytes
Desc: not available
URL: <http://lists.ipxe.org/pipermail/ipxe-devel/attachments/20120207/726e0bbe/attachment.bin>

More information about the ipxe-devel mailing list