Opened 11 years ago
Closed 11 years ago
#9930 closed bug (fixed)
KDL in pci_mechpcie_read_config at the system start
Reported by: | siarzhuk | Owned by: | korli |
---|---|---|---|
Priority: | normal | Milestone: | R1 |
Component: | System/Kernel | Version: | R1/Development |
Keywords: | pci_mechpcie_read_config | Cc: | |
Blocked By: | Blocking: | ||
Platform: | All |
Description
After upgrading to hrev45966 system goes into KDL on early stage of the boot sequence:
Function pci_mechpcie_read_config(void*, unsigned char, unsigned char, unsigned char, unsigned short, unsigned char, unsigned long*) 00032320: 55 push %ebp 00032321: 31d2 xor %edx,%edx 00032323: 89e5 mov %esp,%ebp 00032325: 53 push %ebx Reference to function "__x86.get_pc_thunk.bx" 00032326: e8dca1ffff call 2c507 0003232b: 81c3bd400600 add $0x640bd,%ebx 00032331: 8a4510 mov 0x10(%ebp),%al ; param 3 ( unsigned char) 00032334: 8a550c mov 0xc(%ebp),%dl ; param 2 ( unsigned char) 00032337: 83e01f and $0x1f,%eax 0003233a: 8a4d1c mov 0x1c(%ebp),%cl 0003233d: c1e214 shl $0x14,%edx 00032340: c1e00f shl $0xf,%eax 00032343: 09d0 or %edx,%eax 00032345: 8a5514 mov 0x14(%ebp),%dl ; param 4 ( unsigned char) 00032348: 83e207 and $0x7,%edx 0003234b: c1e20c shl $0xc,%edx 0003234e: 09d0 or %edx,%eax 00032350: 8b5518 mov 0x18(%ebp),%edx 00032353: 81e2ff0f0000 and $0xfff,%edx 00032359: 09d0 or %edx,%eax 0003235b: 8b93b0010000 mov 0x1b0(%ebx),%edx 00032361: 0302 add (%edx),%eax 00032363: 80f902 cmp $0x2,%cl 00032366: 742c je 32394 00032368: 80f904 cmp $0x4,%cl 0003236b: 741b je 32388 0003236d: fec9 dec %cl 0003236f: 7406 je 32377 00032371: 83c8ff or $0xffffffff,%eax 00032374: 5b pop %ebx 00032375: 5d pop %ebp 00032376: c3 ret Referenced by (conditionnal) jump(s) at Address(es): 0003236F 00032377: 8a00 mov (%eax),%al 00032379: 8b5520 mov 0x20(%ebp),%edx 0003237c: 25ff000000 and $0xff,%eax 00032381: 8902 mov %eax,(%edx) 00032383: 31c0 xor %eax,%eax 00032385: 5b pop %ebx 00032386: 5d pop %ebp 00032387: c3 ret Referenced by (conditionnal) jump(s) at Address(es): 0003236B 00032388: 8b5520 mov 0x20(%ebp),%edx 0003238b: 8b00 mov (%eax),%eax 0003238d: 8902 mov %eax,(%edx) 0003238f: 31c0 xor %eax,%eax 00032391: 5b pop %ebx 00032392: 5d pop %ebp 00032393: c3 ret Referenced by (conditionnal) jump(s) at Address(es): 00032366 00032394: 668b00 mov (%eax),%ax <<<<< FAULT <<<<< 00032397: 8b5520 mov 0x20(%ebp),%edx 0003239a: 25ffff0000 and $0xffff,%eax 0003239f: 8902 mov %eax,(%edx) 000323a1: 31c0 xor %eax,%eax 000323a3: 5b pop %ebx 000323a4: 5d pop %ebp 000323a5: c3 ret
System is GCC4 Hybrid. Corresponding KDL screenshot is attached.
Attachments (5)
Change History (13)
by , 11 years ago
Attachment: | kdl-pci_mechpcie_read_config_x74.jpg added |
---|
comment:1 by , 11 years ago
The same information for GCC2 Hybrid:
Function pci_mechpcie_read_config(void *, unsigned char, unsigned char, unsigned char, unsigned short, unsigned char, unsigned long *) 0003285c: 55 push %ebp 0003285d: 89e5 mov %esp,%ebp 0003285f: 57 push %edi 00032860: 56 push %esi 00032861: 53 push %ebx 00032862: e800000000 call 32867 00032867: 5b pop %ebx 00032868: 81c305890700 add $0x78905,%ebx 0003286e: 8b7520 mov 0x20(%ebp),%esi 00032871: 8b93a0000000 mov 0xa0(%ebx),%edx 00032877: 31c9 xor %ecx,%ecx 00032879: 8a4d0c mov 0xc(%ebp),%cl ; param 2 ( unsigned char) 0003287c: c1e114 shl $0x14,%ecx 0003287f: 8a4510 mov 0x10(%ebp),%al ; param 3 ( unsigned char) 00032882: 241f and $0x1f,%al 00032884: 25ff000000 and $0xff,%eax 00032889: c1e00f shl $0xf,%eax 0003288c: 09c1 or %eax,%ecx 0003288e: 8a4514 mov 0x14(%ebp),%al ; param 4 ( unsigned char) 00032891: 2407 and $0x7,%al 00032893: 25ff000000 and $0xff,%eax 00032898: c1e00c shl $0xc,%eax 0003289b: 09c1 or %eax,%ecx 0003289d: 8b4518 mov 0x18(%ebp),%eax 000328a0: 31ff xor %edi,%edi 000328a2: 80e40f and $0xf,%ah 000328a5: 25ffff0000 and $0xffff,%eax 000328aa: 09c1 or %eax,%ecx 000328ac: 31c0 xor %eax,%eax 000328ae: 8a451c mov 0x1c(%ebp),%al 000328b1: 030a add (%edx),%ecx 000328b3: 83f802 cmp $0x2,%eax 000328b6: 741c je 328d4 000328b8: 7f0a jg 328c4 000328ba: 83f801 cmp $0x1,%eax 000328bd: 740d je 328cc 000328bf: eb27 jmp 328e8 000328c1: 8d7600 lea 0x0(%esi),%esi Referenced by (conditionnal) jump(s) at Address(es): 000328B8 000328c4: 83f804 cmp $0x4,%eax 000328c7: 7417 je 328e0 000328c9: eb1d jmp 328e8 000328cb: 90 nop Referenced by (conditionnal) jump(s) at Address(es): 000328BD 000328cc: 31c0 xor %eax,%eax 000328ce: 8a01 mov (%ecx),%al 000328d0: 8906 mov %eax,(%esi) 000328d2: eb19 jmp 328ed Referenced by (conditionnal) jump(s) at Address(es): 000328B6 000328d4: 31c0 xor %eax,%eax 000328d6: 668b01 mov (%ecx),%ax <<<<< FAULT HERE <<<<<< 000328d9: 8906 mov %eax,(%esi) 000328db: eb10 jmp 328ed 000328dd: 8d7600 lea 0x0(%esi),%esi Referenced by (conditionnal) jump(s) at Address(es): 000328C7 000328e0: 8b01 mov (%ecx),%eax 000328e2: 8906 mov %eax,(%esi) 000328e4: eb07 jmp 328ed 000328e6: 89f6 mov %esi,%esi Referenced by (conditionnal) jump(s) at Address(es): 000328BF 000328C9 000328e8: bfffffffff mov $0xffffffff,%edi Referenced by (conditionnal) jump(s) at Address(es): 000328D2 000328DB 000328E4 000328ed: 89f8 mov %edi,%eax 000328ef: 5b pop %ebx 000328f0: 5e pop %esi 000328f1: 5f pop %edi 000328f2: 89ec mov %ebp,%esp 000328f4: 5d pop %ebp 000328f5: c3 ret
by , 11 years ago
Attachment: | kdl-pci_mechpcie_read_config_x74-gcc2.jpg added |
---|
KDL in pci_mechpci_read_config (GCC2 build)
comment:2 by , 11 years ago
The call that has crashed was performed with following parameters:
bus: 2; device: 0; function: 0; offset: 0;
Value of sPCIeBase is 0x8116c000 and adding (2 << 20) produces address 0x8136c000 accesing which fails.
The trace line just before the crash was:
PCI: FixupDevices: checking bus 2 behind 1039:000a
More info about PCI devices on this laptop you can find in attached listdev.out and syslog.ok acquired on Haiku hrev45718.
follow-up: 4 comment:3 by , 11 years ago
Siarzhuk, the mapping of the physical memory is done here . "alloc->Address" is the physical base address, "(alloc->EndBusNumber + 1) << 20" is the size of the mapped memory area.
Could you check why it seems the bus number 2 isn't covered by alloc->BusEnd()?
Also a dprintf normally prints out the ACPI config used. Could you add this log to the ticket?
Thanks!
comment:4 by , 11 years ago
Replying to korli:
Siarzhuk, the mapping of the physical memory is done here . "alloc->Address" is the physical base address, "(alloc->EndBusNumber + 1) << 20" is the size of the mapped memory area.
Could you check why it seems the bus number 2 isn't covered by alloc->BusEnd()?
Frankly speaking, I'm not familiar with this stuff. But looks like BusEnd returns 1 so mapped area size is for bus 0 and bus 1. Attempt to access bus 2 fails. I have hacked s/+1/+2/ here and have workarounded the issue for some time but have failed much later in other place - look into newly attached screenshot.
Also a dprintf normally prints out the ACPI config used. Could you add this log to the ticket?
KERN: PCI: mechanism addr: e0000000, seg: 0, start: 0, end: 1
by , 11 years ago
Attachment: | kdl-pci_mechpcie_read_config_xd4.jpg added |
---|
KDL with workarounded BusEnd area mapping.
comment:5 by , 11 years ago
It seems we should simply fallback to mechanism 1 when the bus number isn't in the MCFG table ranges.
KDL in pci_mechpci_read_config