On Tue, Jun 09, 2020 at 08:12:17AM +0200, Otto Moerbeek wrote: > On Tue, Jun 09, 2020 at 08:01:12AM +0200, Otto Moerbeek wrote: > > > On Mon, Jun 08, 2020 at 09:46:23PM +0200, Mark Kettenis wrote: > > > > > > Date: Mon, 8 Jun 2020 20:27:22 +0200 > > > > From: Otto Moerbeek <[email protected]> > > > > > > > > Hi. > > > > > > > > a page fault trap happens if I boot my Thnkpad X1 6th generation in the > > > > dock > > > > or put it in the dock afterwards. The dock has two DP monitors > > > > connected. > > > > > > > > If I change connector_bad_edid() to return immediately things seems to > > > > work ok. > > > > > > > > -Otto > > > > > > > > summary of trace: > > > > > > > > connector_bad_edid+0x4d > > > > drm_do_get_edid+0x382 > > > > drm_get_edid+0x6b > > > > intel_hmi_set_edid+0xad > > > > intel_hdmi_detect+0xb1 > > > > drm_helper_probe_detect+0x108 > > > > intel_encoder_hotplug+0x7f > > > > intel_ddi_hotplug+0x54 > > > > i915_hotplug_work_func+0x245 > > > > tasq_thread+0x8d > > > > > > > > full trace: > > > > > > > > https://www.drijf.net/openbsd/IMG_20200608_154513.jpg > > > > > > Not sure what kernel you're using. But the instruction in that image > > > doesn't eist in connector_bad_edid in the kernel I just built. > > > > > > > Strange, I do have it. /usr/src/sys/dev/pci/drm/drm_edid.c contains > > no version marker, but it's md5 is 3d889f9e1cb3c66cdb4eb49e9319d947 > > > > objdump -d snippet: > > > > > > 0000000000003830 <connector_bad_edid>: > > 3830: 4c 8b 1d 00 00 00 00 mov 0(%rip),%r11 # > > 3837 <connector_bad_edid+0x7> > > 3837: 4c 33 1c 24 xor (%rsp),%r11 > > 383b: 55 push %rbp > > 383c: 48 89 e5 mov %rsp,%rbp > > 383f: 57 push %rdi > > 3840: 56 push %rsi > > 3841: 52 push %rdx > > 3842: 57 push %rdi > > 3843: 41 53 push %r11 > > 3845: 41 57 push %r15 > > 3847: 41 56 push %r14 > > 3849: 41 55 push %r13 > > 384b: 41 54 push %r12 > > 384d: 53 push %rbx > > 384e: 48 83 ec 20 sub $0x20,%rsp > > 3852: 41 89 d7 mov %edx,%r15d > > 3855: 0f b6 46 7e movzbl 0x7e(%rsi),%eax > > 3859: 48 c1 e0 07 shl $0x7,%rax > > 385d: 48 89 75 a8 mov %rsi,0xffffffffffffffa8(%rbp) > > 3861: 48 01 f0 add %rsi,%rax > > 3864: 31 d2 xor %edx,%edx > > 3866: b9 03 00 00 00 mov $0x3,%ecx > > 386b: eb 10 jmp 387d > > <connector_bad_edid+0x4d> > > 386d: cc int3 > > 386e: cc int3 > > 386f: cc int3 > > 3870: 0f b6 34 08 movzbl (%rax,%rcx,1),%esi > > 3874: 01 f2 add %esi,%edx > > 3876: 0f b6 d2 movzbl %dl,%edx > > 3879: 48 83 c1 04 add $0x4,%rcx > > 387d: 0f b6 74 08 fd movzbl > > 0xfffffffffffffffd(%rax,%rcx,1),%esi > > 3882: 01 d6 add %edx,%esi > > 3884: 0f b6 54 08 fe movzbl > > 0xfffffffffffffffe(%rax,%rcx,1),%edx > > 3889: 01 f2 add %esi,%edx > > 388b: 0f b6 f2 movzbl %dl,%esi > > 388e: 0f b6 54 08 ff movzbl > > 0xffffffffffffffff(%rax,%rcx,1),%edx > > 3893: 01 f2 add %esi,%edx > > 3895: 48 83 f9 7f cmp $0x7f,%rcx > > 3899: 75 d5 jne 3870 > > <connector_bad_edid+0x40> > > ... > > > > This looks like an inlined unrolled version of drm_edid_block_checksum()
gdb points to drm_edid_block_checksum() as well 0xffffffff819966ed <+77>: movzbl -0x3(%rax,%rcx,1),%esi (gdb) info line *0xffffffff819966ed Line 1597 of "/sys/dev/pci/drm/drm_edid.c" starts at address 0xffffffff819966ed <connector_bad_edid+77> and ends at 0xffffffff819966fb <connector_bad_edid+91>. > > My guess is num_of_ext > num_blocks, will verify later when I'm at the > machine. > > -Otto
