Bug#1060061: closed by Julian Andres Klode (Re: Bug#1060061: grub-efi-amd64-bin: out of memory when loading initial ramdisk)

[Morten Hein Tiljeset]

> I'm afraid touching the memory management system in the 2.06 grub in
> stable releases is out of the question. The fixes involve a ton of
> patches and it's not really possible to cherry-pick them and the risk
> of regression is significant and out of scope for (only) a stable
> release.
>
> The only way we managed to in Ubuntu was to cherry-pick all the loader
> changes from rhboot, and then also cherry-pick the entire 2.12 memory
> management changes on top of it, and that caused plenty of regressions
> at each point we picked more changes...
>
> In my opinion, this is not a release critical bug breaking _existing_
> systems, but a request to enable additional hardware currently
> unsupported in debian.
>
> We will eventually backport the 2.12 grub to stable releases in
> the upcoming months. We may want to issue it via -backports at first,
> but if a security vulnerability comes in, this will eventually land
> in a point release.

Thanks for the detailed explanation.

A debian-maintained backport of grub-2.12 (through -backports or
otherwise) would be very helpful. Is there any chance you would
consider doing this for bullseye as well as for bookworm?

Bug#1060061: grub-efi-amd64-bin: out of memory when loading initial ramdisk

[Morten Hein Tiljeset]

Package: grub-efi-amd64-bin
Version: 2.06-3~deb11u6
Severity: critical
Tags: upstream
Justification: breaks the whole system
X-Debbugs-Cc: mtilje...@uber.com

Dear Maintainer,

On certain system, in this case an Ice Lake based server running an AMI
bios (version 3219BS01.021), GRUB will sporadically fail to boot with
the following:
>> Booting `Debian GNU/Linux, with Linux 5.10.113-1'Booting `Debian 
>> GNU/Linux, with Linux 5.10.113-1'
>> 
>> 
>> 
>> Loading Linux 5.10.113-1 ...Loading Linux 5.10.113-1 ...
>> 
>> Loading initial ramdisk ...Loading initial ramdisk ...
>> 
>> error: out of memory.
>> error: out of memory.

This error is sporadic and appears maybe 90% of the time, so I can
barely get the system up and running for testing purposes.

I believe this is related to memory management in GRUB and similar to
https://bugs.launchpad.net/oem-priority/+bug/1842320
which is apparently caused by an upstream bug
https://savannah.gnu.org/bugs/?61058

>From digging around it appears this has been fixed in Redhat/Fedora with
https://src.fedoraproject.org/rpms/grub2/c/098a8a9e99d4b32576e7af518e8e195059f985b9?branch=f33
but apparently this patch applies to previous memory subsystem patches,
so I haven't been able to backport these patches.

I've successfully backported grub 2.12~rc1-12 from sid by changing the
compiler back to gcc-10 and building from source. This version works and
boots every time without issue.

I've also tried to backport grub 2.06-13+deb12u1 from bookworm, but this
does not help. I hence believe this problem affects both Debian
bullseye and bookworm.

Best,
Morten Hein Tiljeset

-- Package-specific info:

*** BEGIN /proc/mounts
/dev/nvme0n1p1 / ext4 rw,noatime,errors=panic 0 0
/dev/nvme1n1p1 /opt ext4 rw,noatime,errors=panic,stripe=64 0 0
/dev/nvme1n1p1 /var/log ext4 rw,noatime,errors=panic,stripe=64 0 0
/dev/nvme0n1p12 /boot/efi vfat 
rw,relatime,fmask=0022,dmask=0022,codepage=437,iocharset=ascii,shortname=mixed,utf8,errors=remount-ro
 0 0
/dev/nvme1n1p1 /var/lib/systemd/coredump ext4 rw,noatime,errors=panic,stripe=64 
0 0
/dev/nvme1n1p1 /var/log/containers ext4 rw,noatime,errors=panic,stripe=64 0 0
/dev/nvme1n1p1 /opt/system/log/containers ext4 
rw,noatime,errors=panic,stripe=64 0 0
/dev/nvme1n1p1 /var/log/pods ext4 rw,noatime,errors=panic,stripe=64 0 0
/dev/nvme1n1p1 /opt/system/log/pods ext4 rw,noatime,errors=panic,stripe=64 0 0
*** END /proc/mounts

*** BEGIN /boot/grub/grub.cfg
#
# DO NOT EDIT THIS FILE
#
# It is automatically generated by grub-mkconfig using templates
# from /etc/grub.d and settings from /etc/default/grub
#

### BEGIN /etc/grub.d/00_header ###
if [ -s $prefix/grubenv ]; then
  set have_grubenv=true
  load_env
fi
if [ "${next_entry}" ] ; then
   set default="${next_entry}"
   set next_entry=
   save_env next_entry
   set boot_once=true
else
   set 
default="gnulinux-5.10.113-1-advanced-5a78d20e-e0e5-44b7-b2a6-363a3b536fc9"
fi

if [ x"${feature_menuentry_id}" = xy ]; then
  menuentry_id_option="--id"
else
  menuentry_id_option=""
fi

export menuentry_id_option

if [ "${prev_saved_entry}" ]; then
  set saved_entry="${prev_saved_entry}"
  save_env saved_entry
  set prev_saved_entry=
  save_env prev_saved_entry
  set boot_once=true
fi

function savedefault {
  if [ -z "${boot_once}" ]; then
saved_entry="${chosen}"
save_env saved_entry
  fi
}
function load_video {
  if [ x$feature_all_video_module = xy ]; then
insmod all_video
  else
insmod efi_gop
insmod efi_uga
insmod ieee1275_fb
insmod vbe
insmod vga
insmod video_bochs
insmod video_cirrus
  fi
}

serial --speed=115200
terminal_input console serial
terminal_output console serial
if [ "${recordfail}" = 1 ] ; then
  set timeout=30
else
  if [ x$feature_timeout_style = xy ] ; then
set timeout_style=menu
set timeout=0
  # Fallback normal timeout code in case the timeout_style feature is
  # unavailable.
  else
set timeout=0
  fi
fi
### END /etc/grub.d/00_header ###

### BEGIN /etc/grub.d/04_unrestricted ###
menuentry_id_option="--unrestricted $menuentry_id_option"
### END /etc/grub.d/04_unrestricted ###

### BEGIN /etc/grub.d/05_debian_theme ###
set menu_color_normal=cyan/blue
set menu_color_highlight=white/blue
### END /etc/grub.d/05_debian_theme ###

### BEGIN /etc/grub.d/05_header ###
### END /etc/grub.d/05_header ###

### BEGIN /etc/grub.d/10_linux ###
function gfxmode {
set gfxpayload="${1}"
}
set linux_gfx_mode=
export linux_gfx_mode
menuentry 'Debian GNU/Linux, with Linux 6.1.53-1' --class debian --class 
gnu-linux --class gnu --class os $menuentry_id_option 
'gnulinux-6.1.53-1-advanced-5a78d20e-e0e5-44b7-b2a6-363a3b536fc9' {
load_video
insmod gzio
if [ x$grub_platform = xxen ]; then insmod xzio; insmod lzopio; fi
insmod part_gpt
insmod ext2
search --no-floppy --fs-uuid --set=root 
5a78d20e-e0e5-44b7-b2a6-363a3b536fc9
echo'Loading Linux