On Tue, Jun 09, 2020 at 04:05:25PM +0200, Otto Moerbeek wrote:
> On Tue, Jun 09, 2020 at 04:59:17PM +1000, Jonathan Gray wrote:
>
> > On Tue, Jun 09, 2020 at 08:12:17AM +0200, Otto Moerbeek wrote:
> > > On Tue, Jun 09, 2020 at 08:01:12AM +0200, Otto Moerbeek wrote:
> > >
> > > > On Mon, Jun 08, 2020 at 09:46:23PM +0200, Mark Kettenis wrote:
> > > >
> > > > > > Date: Mon, 8 Jun 2020 20:27:22 +0200
> > > > > > From: Otto Moerbeek <[email protected]>
> > > > > >
> > > > > > Hi.
> > > > > >
> > > > > > a page fault trap happens if I boot my Thnkpad X1 6th generation in
> > > > > > the dock
> > > > > > or put it in the dock afterwards. The dock has two DP monitors
> > > > > > connected.
> > > > > >
> > > > > > If I change connector_bad_edid() to return immediately things seems
> > > > > > to
> > > > > > work ok.
> > > > > >
> > > > > > -Otto
> > > > > >
> > > > > > summary of trace:
> > > > > >
> > > > > > connector_bad_edid+0x4d
> > > > > > drm_do_get_edid+0x382
> > > > > > drm_get_edid+0x6b
> > > > > > intel_hmi_set_edid+0xad
> > > > > > intel_hdmi_detect+0xb1
> > > > > > drm_helper_probe_detect+0x108
> > > > > > intel_encoder_hotplug+0x7f
> > > > > > intel_ddi_hotplug+0x54
> > > > > > i915_hotplug_work_func+0x245
> > > > > > tasq_thread+0x8d
> > > > > >
> > > > > > full trace:
> > > > > >
> > > > > > https://www.drijf.net/openbsd/IMG_20200608_154513.jpg
> > > > >
> > > > > Not sure what kernel you're using. But the instruction in that image
> > > > > doesn't eist in connector_bad_edid in the kernel I just built.
> > > > >
> > > >
> > > > Strange, I do have it. /usr/src/sys/dev/pci/drm/drm_edid.c contains
> > > > no version marker, but it's md5 is 3d889f9e1cb3c66cdb4eb49e9319d947
> > > >
> > > > objdump -d snippet:
> > > >
> > > >
> > > > 0000000000003830 <connector_bad_edid>:
> > > > 3830: 4c 8b 1d 00 00 00 00 mov 0(%rip),%r11 #
> > > > 3837 <connector_bad_edid+0x7>
> > > > 3837: 4c 33 1c 24 xor (%rsp),%r11
> > > > 383b: 55 push %rbp
> > > > 383c: 48 89 e5 mov %rsp,%rbp
> > > > 383f: 57 push %rdi
> > > > 3840: 56 push %rsi
> > > > 3841: 52 push %rdx
> > > > 3842: 57 push %rdi
> > > > 3843: 41 53 push %r11
> > > > 3845: 41 57 push %r15
> > > > 3847: 41 56 push %r14
> > > > 3849: 41 55 push %r13
> > > > 384b: 41 54 push %r12
> > > > 384d: 53 push %rbx
> > > > 384e: 48 83 ec 20 sub $0x20,%rsp
> > > > 3852: 41 89 d7 mov %edx,%r15d
> > > > 3855: 0f b6 46 7e movzbl 0x7e(%rsi),%eax
> > > > 3859: 48 c1 e0 07 shl $0x7,%rax
> > > > 385d: 48 89 75 a8 mov
> > > > %rsi,0xffffffffffffffa8(%rbp)
> > > > 3861: 48 01 f0 add %rsi,%rax
> > > > 3864: 31 d2 xor %edx,%edx
> > > > 3866: b9 03 00 00 00 mov $0x3,%ecx
> > > > 386b: eb 10 jmp 387d
> > > > <connector_bad_edid+0x4d>
> > > > 386d: cc int3
> > > > 386e: cc int3
> > > > 386f: cc int3
> > > > 3870: 0f b6 34 08 movzbl (%rax,%rcx,1),%esi
> > > > 3874: 01 f2 add %esi,%edx
> > > > 3876: 0f b6 d2 movzbl %dl,%edx
> > > > 3879: 48 83 c1 04 add $0x4,%rcx
> > > > 387d: 0f b6 74 08 fd movzbl
> > > > 0xfffffffffffffffd(%rax,%rcx,1),%esi
> > > > 3882: 01 d6 add %edx,%esi
> > > > 3884: 0f b6 54 08 fe movzbl
> > > > 0xfffffffffffffffe(%rax,%rcx,1),%edx
> > > > 3889: 01 f2 add %esi,%edx
> > > > 388b: 0f b6 f2 movzbl %dl,%esi
> > > > 388e: 0f b6 54 08 ff movzbl
> > > > 0xffffffffffffffff(%rax,%rcx,1),%edx
> > > > 3893: 01 f2 add %esi,%edx
> > > > 3895: 48 83 f9 7f cmp $0x7f,%rcx
> > > > 3899: 75 d5 jne 3870
> > > > <connector_bad_edid+0x40>
> > > > ...
> > > >
> > >
> > > This looks like an inlined unrolled version of drm_edid_block_checksum()
> >
> > gdb points to drm_edid_block_checksum() as well
> >
> > 0xffffffff819966ed <+77>: movzbl -0x3(%rax,%rcx,1),%esi
> >
> > (gdb) info line *0xffffffff819966ed
> > Line 1597 of "/sys/dev/pci/drm/drm_edid.c"
> > starts at address 0xffffffff819966ed <connector_bad_edid+77>
> > and ends at 0xffffffff819966fb <connector_bad_edid+91>.
> >
> > >
> > > My guess is num_of_ext > num_blocks, will verify later when I'm at the
> > > machine.
> > >
> > > -Otto
> >
>
> Indeed. the diff below works for me,
>
> -Otto
>
> Index: drm_edid.c
> ===================================================================
> RCS file: /cvs/src/sys/dev/pci/drm/drm_edid.c,v
> retrieving revision 1.27
> diff -u -p -r1.27 drm_edid.c
> --- drm_edid.c 8 Jun 2020 04:47:58 -0000 1.27
> +++ drm_edid.c 9 Jun 2020 14:04:21 -0000
> @@ -1807,6 +1807,9 @@ static void connector_bad_edid(struct dr
> int i;
> u8 num_of_ext = edid[0x7e];
>
> + if (num_of_ext > num_blocks)
> + num_of_ext = num_blocks;
> +
> /* Calculate real checksum for the last edid extension block data */
> connector->real_edid_checksum =
> drm_edid_block_checksum(edid + num_of_ext * EDID_LENGTH);
>
Output: (first line is some debug code I added):
num_of_ext = ff; num_blocks = 1
drm:pid0:connector_bad_edid *WARNING* HDMI-A-1: EDID is invalid:
[00] BAD 00 ff ff ff ff ff ff 00 ff ff ff ff ff ff ff ff
[00] BAD ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[00] BAD ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[00] BAD ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[00] BAD ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[00] BAD ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[00] BAD ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[00] BAD ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
