From nobody@FreeBSD.org  Thu Mar 11 12:50:51 2010
Return-Path: <nobody@FreeBSD.org>
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 11E04106564A
	for <freebsd-gnats-submit@FreeBSD.org>; Thu, 11 Mar 2010 12:50:51 +0000 (UTC)
	(envelope-from nobody@FreeBSD.org)
Received: from www.freebsd.org (www.freebsd.org [IPv6:2001:4f8:fff6::21])
	by mx1.freebsd.org (Postfix) with ESMTP id E80848FC12
	for <freebsd-gnats-submit@FreeBSD.org>; Thu, 11 Mar 2010 12:50:50 +0000 (UTC)
Received: from www.freebsd.org (localhost [127.0.0.1])
	by www.freebsd.org (8.14.3/8.14.3) with ESMTP id o2BCooV9078438
	for <freebsd-gnats-submit@FreeBSD.org>; Thu, 11 Mar 2010 12:50:50 GMT
	(envelope-from nobody@www.freebsd.org)
Received: (from nobody@localhost)
	by www.freebsd.org (8.14.3/8.14.3/Submit) id o2BCooUU078437;
	Thu, 11 Mar 2010 12:50:50 GMT
	(envelope-from nobody)
Message-Id: <201003111250.o2BCooUU078437@www.freebsd.org>
Date: Thu, 11 Mar 2010 12:50:50 GMT
From: val <dummy@smtp.ru>
To: freebsd-gnats-submit@FreeBSD.org
Subject: VESA support broken on FreeBSD 8.0 Stable
X-Send-Pr-Version: www-3.1
X-GNATS-Notify:

>Number:         144654
>Category:       kern
>Synopsis:       [vesa] VESA support broken on FreeBSD 8.0 Stable [regression]
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    jkim
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Thu Mar 11 13:00:06 UTC 2010
>Closed-Date:    Mon Mar 29 16:04:40 UTC 2010
>Last-Modified:  Mon Mar 29 16:10:03 UTC 2010
>Originator:     val
>Release:        8.0
>Organization:
>Environment:
FreeBSD sigma 8.0-STABLE FreeBSD 8.0-STABLE #96: Thu Mar 11 14:54:14 MSK 2010     root@sigma:/usr/obj/usr/src/sys/GENESIS  i386

>Description:
It seems support for VESA mode broken. After updating world to latest
8.0 stable cannot switch console to MODE_279. Screen just blank and freezed.

Some output from vidcontrol:

    mode#     flags   type    size       font      window      linear buffer
------------------------------------------------------------------------------
  0 (0x000) 0x00000001 T 40x25           8x8   0xb8000 32k 32k 0x00000000 32k
  1 (0x001) 0x00000001 T 40x25           8x8   0xb8000 32k 32k 0x00000000 32k
  2 (0x002) 0x00000001 T 80x25           8x8   0xb8000 32k 32k 0x00000000 32k
  3 (0x003) 0x00000001 T 80x25           8x8   0xb8000 32k 32k 0x00000000 32k
  4 (0x004) 0x00000003 G 320x200x2 1     8x8   0xb8000 32k 32k 0x00000000 32k
  5 (0x005) 0x00000003 G 320x200x2 1     8x8   0xb8000 32k 32k 0x00000000 32k
  6 (0x006) 0x00000003 G 640x200x1 1     8x8   0xb8000 32k 32k 0x00000000 32k
 13 (0x00d) 0x00000003 G 320x200x4 4     8x8   0xa0000 64k 64k 0x00000000 256k
 14 (0x00e) 0x00000003 G 640x200x4 4     8x8   0xa0000 64k 64k 0x00000000 256k
 16 (0x010) 0x00000003 G 640x350x2 2     8x14  0xa0000 64k 64k 0x00000000 128k
 18 (0x012) 0x00000003 G 640x350x4 4     8x14  0xa0000 64k 64k 0x00000000 256k
 19 (0x013) 0x00000001 T 40x25           8x14  0xb8000 32k 32k 0x00000000 32k
..
275 (0x113) 0x0000000f G 800x600x15 1    8x16  0xa0000 64k 64k 0xe0000000 937k
276 (0x114) 0x0000000f G 800x600x16 1    8x16  0xa0000 64k 64k 0xe0000000 937k
277 (0x115) 0x0000000f G 800x600x32 1    8x16  0xa0000 64k 64k 0xe0000000 1875k
278 (0x116) 0x0000000f G 1024x768x15 1   8x16  0xa0000 64k 64k 0xe0000000 1536k
279 (0x117) 0x0000000f G 1024x768x16 1   8x16  0xa0000 64k 64k 0xe0000000 1536k
280 (0x118) 0x0000000f G 1024x768x32 1   8x16  0xa0000 64k 64k 0xe0000000 3072k
281 (0x119) 0x0000000f G 1280x1024x15 1  8x16  0xa0000 64k 64k 0xe0000000 2560k
282 (0x11a) 0x0000000f G 1280x1024x16 1  8x16  0xa0000 64k 64k 0xe0000000 2560k
283 (0x11b) 0x0000000f G 1280x1024x32 1  8x16  0xa0000 64k 64k 0xe0000000 5120k
293 (0x125) 0x0000000f G 1600x1200x8 1   8x16  0xa0000 64k 64k 0xe0000000 1875k
294 (0x126) 0x0000000f G 1600x1200x16 1  8x16  0xa0000 64k 64k 0xe0000000 3750k
295 (0x127) 0x0000000f G 320x240x8 1     8x8   0xa0000 64k 64k 0xe0000000 75k
296 (0x128) 0x0000000f G 400x300x8 1     8x8   0xa0000 64k 64k 0xe0000000 117k
297 (0x129) 0x0000000f G 512x384x8 1     8x8   0xa0000 64k 64k 0xe0000000 192k
298 (0x12a) 0x0000000f G 320x240x16 1    8x8   0xa0000 64k 64k 0xe0000000 150k
299 (0x12b) 0x0000000f G 400x300x16 1    8x8   0xa0000 64k 64k 0xe0000000 234k
300 (0x12c) 0x0000000f G 512x384x16 1    8x8   0xa0000 64k 64k 0xe0000000 384k
301 (0x12d) 0x0000000f G 320x200x8 1     8x8   0xa0000 64k 64k 0xe0000000 62k
305 (0x131) 0x0000000f G 640x400x16 1    8x16  0xa0000 64k 64k 0xe0000000 500k
306 (0x132) 0x0000000f G 1600x1200x32 1  8x16  0xa0000 64k 64k 0xe0000000 7500k


>How-To-Repeat:
Just update system to latest 8.0 stable and try to switch to vesa/graphic
mode(s).
>Fix:


>Release-Note:
>Audit-Trail:
Responsible-Changed-From-To: freebsd-bugs->jkim 
Responsible-Changed-By: jkim 
Responsible-Changed-When: Mon Mar 15 18:24:30 UTC 2010 
Responsible-Changed-Why:  
Grab. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=144654 

From: jane <dummy@smtp.ru>
To: bug-followup@freebsd.org, dummy@smtp.ru
Cc:  
Subject: Re: kern/144654: [vesa] VESA support broken on FreeBSD 8.0 Stable
 [regression]
Date: Wed, 24 Mar 2010 11:11:59 +0300

 In my case debug vesa give following output (during switch to MODE_279):
 
 
 Mar 24 11:00:58 sigma kernel: Calling int 0x10 (ax=0x4f02 bx=0x4117  
 cx=0x0000 dx=0x0000 es=0x0000 di=0x0000)
 Mar 24 11:00:58 sigma kernel: Exiting int 0x10 (ax=0x004a bx=0x0117  
 cx=0x0014 dx=0x0000 es=0x0000 di=0x0000)

From: Jung-uk Kim <jkim@FreeBSD.org>
To: bug-followup@freebsd.org
Cc: jane <dummy@smtp.ru>
Subject: Re: kern/144654: [vesa] VESA support broken on FreeBSD 8.0 Stable [regression]
Date: Wed, 24 Mar 2010 13:54:12 -0400

 --Boundary-00=_GHlqL4FvzfRB5fT
 Content-Type: text/plain;
   charset="iso-8859-1"
 Content-Transfer-Encoding: 7bit
 Content-Disposition: inline
 
 Can you please try the attached patches and send me the same debug 
 output?
 
 Thanks,
 
 Jung-uk Kim
 
 --Boundary-00=_GHlqL4FvzfRB5fT
 Content-Type: text/plain;
   charset="iso-8859-1";
   name="stable8.fb.diff"
 Content-Transfer-Encoding: 7bit
 Content-Disposition: attachment;
 	filename="stable8.fb.diff"
 
 MFC:	r205557, r205558, r205564, r205566, r205604
 
 r205557:
 Map entire video memory again.  This is a partial backout of r203535.
 Although we do not use them all directly, it seems VGA render may access
 unmapped memory region and cause kernel panic.
 
 r205558:
 Fall back to VGA palette functions if VESA function failed and DAC is still
 in 6-bit mode.  Although we have to check non-VGA compatibility bit here,
 it seems there are too many broken VESA BIOSes out to rely on it.
 
 r205564:
 Be extremely careful when we determine bytes per scan line information.
 First, we compare mode table data against minimum value.  If the mode table
 does not make sense, we set the minimum in the mode info.  When we actually
 set the mode, we try VESA BIOS function and compare it against the previous
 value.  If it makes more sense, update the information.
 
 r205566:
 Add my copyright here.
 
 r205604:
 Teach VGA framebuffer about 8-bit palette format for VESA.
 
 Index: sys/dev/fb/vesa.c
 ===================================================================
 --- sys/dev/fb/vesa.c	(revision 205608)
 +++ sys/dev/fb/vesa.c	(working copy)
 @@ -1,5 +1,6 @@
  /*-
   * Copyright (c) 1998 Kazutaka YOKOTA and Michael Smith
 + * Copyright (c) 2009-2010 Jung-uk Kim <jkim@FreeBSD.org>
   * All rights reserved.
   *
   * Redistribution and use in source and binary forms, with or without
 @@ -188,9 +189,7 @@ static int vesa_bios_load_palette2(int start, int
  #define STATE_ALL	(STATE_HW | STATE_DATA | STATE_DAC | STATE_REG)
  static ssize_t vesa_bios_state_buf_size(void);
  static int vesa_bios_save_restore(int code, void *p, size_t size);
 -#if 0
  static int vesa_bios_get_line_length(void);
 -#endif
  static int vesa_bios_set_line_length(int pixel, int *bytes, int *lines);
  #if 0
  static int vesa_bios_get_start(int *x, int *y);
 @@ -199,6 +198,7 @@ static int vesa_bios_set_start(int x, int y);
  static int vesa_map_gen_mode_num(int type, int color, int mode);
  static int vesa_translate_flags(u_int16_t vflags);
  static int vesa_translate_mmodel(u_int8_t vmodel);
 +static int vesa_get_bpscanline(struct vesa_mode *vmode);
  static int vesa_bios_init(void);
  static void vesa_clear_modes(video_info_t *info, int color);
  
 @@ -558,7 +558,6 @@ vesa_bios_save_restore(int code, void *p, size_t s
  	return (regs.R_AX != 0x004f);
  }
  
 -#if 0
  static int
  vesa_bios_get_line_length(void)
  {
 @@ -575,7 +574,6 @@ vesa_bios_get_line_length(void)
  
  	return (regs.R_BX);
  }
 -#endif
  
  static int
  vesa_bios_set_line_length(int pixel, int *bytes, int *lines)
 @@ -709,6 +707,43 @@ vesa_translate_mmodel(u_int8_t vmodel)
  	return (V_INFO_MM_OTHER);
  }
  
 +static int
 +vesa_get_bpscanline(struct vesa_mode *vmode)
 +{
 +	int bpsl;
 +
 +	if ((vmode->v_modeattr & V_MODEGRAPHICS) != 0) {
 +		/* Find the minimum length. */
 +		switch (vmode->v_bpp / vmode->v_planes) {
 +		case 1:
 +			bpsl = vmode->v_width / 8;
 +			break;
 +		case 2:
 +			bpsl = vmode->v_width / 4;
 +			break;
 +		case 4:
 +			bpsl = vmode->v_width / 2;
 +			break;
 +		default:
 +			bpsl = vmode->v_width * ((vmode->v_bpp + 7) / 8);
 +			bpsl /= vmode->v_planes;
 +			break;
 +		}
 +
 +		/* Use VBE 3.0 information if it looks sane. */
 +		if ((vmode->v_modeattr & V_MODELFB) != 0 &&
 +		    vesa_adp_info->v_version >= 0x0300 &&
 +		    vmode->v_linbpscanline > bpsl)
 +			return (vmode->v_linbpscanline);
 +
 +		/* Return the minimum if the mode table looks absurd. */
 +		if (vmode->v_bpscanline < bpsl)
 +			return (bpsl);
 +	}
 +
 +	return (vmode->v_bpscanline);
 +}
 +
  #define	VESA_MAXSTR		256
  
  #define	VESA_STRCPY(dst, src)	do {				\
 @@ -733,7 +768,6 @@ vesa_bios_init(void)
  	void *vmbuf;
  	uint32_t offs;
  	uint16_t vers;
 -	int bpsl;
  	int is_via_cle266;
  	int modes;
  	int i;
 @@ -858,9 +892,7 @@ vesa_bios_init(void)
  		}
  #endif
  
 -		bpsl = (vmode.v_modeattr & V_MODELFB) != 0 && vers >= 0x0300 ?
 -		    vmode.v_linbpscanline : vmode.v_bpscanline;
 -		bsize = bpsl * vmode.v_height;
 +		bsize = vesa_get_bpscanline(&vmode) * vmode.v_height;
  		if ((vmode.v_modeattr & V_MODEGRAPHICS) != 0)
  			bsize *= vmode.v_planes;
  
 @@ -1181,6 +1213,7 @@ static int
  vesa_set_mode(video_adapter_t *adp, int mode)
  {
  	video_info_t info;
 +	int bpsl;
  
  	if (adp != vesa_adp)
  		return ((*prevvidsw->set_mode)(adp, mode));
 @@ -1209,7 +1242,7 @@ vesa_set_mode(video_adapter_t *adp, int mode)
  			int10_set_mode(adp->va_initial_bios_mode);
  			if (adp->va_info.vi_flags & V_INFO_LINEAR)
  				pmap_unmapdev(adp->va_buffer,
 -				    adp->va_buffer_size);
 +				    vesa_adp_info->v_memsize * 64 * 1024);
  			/* 
  			 * Once (*prevvidsw->get_info)() succeeded, 
  			 * (*prevvidsw->set_mode)() below won't fail...
 @@ -1241,12 +1274,12 @@ vesa_set_mode(video_adapter_t *adp, int mode)
  
  	if ((vesa_adp_info->v_flags & V_DAC8) != 0 &&
  	    (info.vi_flags & V_INFO_GRAPHICS) != 0 &&
 -	    (info.vi_flags & V_INFO_NONVGA) != 0 &&
  	    vesa_bios_set_dac(8) > 6)
  		adp->va_flags |= V_ADP_DAC8;
  
  	if (adp->va_info.vi_flags & V_INFO_LINEAR)
 -		pmap_unmapdev(adp->va_buffer, adp->va_buffer_size);
 +		pmap_unmapdev(adp->va_buffer,
 +		    vesa_adp_info->v_memsize * 64 * 1024);
  
  #if VESA_DEBUG > 0
  	printf("VESA: mode set!\n");
 @@ -1257,13 +1290,27 @@ vesa_set_mode(video_adapter_t *adp, int mode)
  		(info.vi_flags & V_INFO_COLOR) ? V_ADP_COLOR : 0;
  	vesa_adp->va_crtc_addr =
  		(vesa_adp->va_flags & V_ADP_COLOR) ? COLOR_CRTC : MONO_CRTC;
 +
 +	vesa_adp->va_line_width = info.vi_buffer_size / info.vi_height;
 +	if ((info.vi_flags & V_INFO_GRAPHICS) != 0)
 +		vesa_adp->va_line_width /= info.vi_planes;
 +
 +	/* If VBE function returns bigger bytes per scan line, use it. */
 +	bpsl = vesa_bios_get_line_length();
 +	if (bpsl > vesa_adp->va_line_width) {
 +		vesa_adp->va_line_width = bpsl;
 +		info.vi_buffer_size = bpsl * info.vi_height;
 +		if ((info.vi_flags & V_INFO_GRAPHICS) != 0)
 +			info.vi_buffer_size *= info.vi_planes;
 +	}
 +
  	if (info.vi_flags & V_INFO_LINEAR) {
  #if VESA_DEBUG > 1
  		printf("VESA: setting up LFB\n");
  #endif
  		vesa_adp->va_buffer =
  		    (vm_offset_t)pmap_mapdev_attr(info.vi_buffer,
 -		    info.vi_buffer_size, PAT_WRITE_COMBINING);
 +		    vesa_adp_info->v_memsize * 64 * 1024, PAT_WRITE_COMBINING);
  		vesa_adp->va_window = vesa_adp->va_buffer;
  		vesa_adp->va_window_size = info.vi_buffer_size / info.vi_planes;
  		vesa_adp->va_window_gran = info.vi_buffer_size / info.vi_planes;
 @@ -1275,9 +1322,6 @@ vesa_set_mode(video_adapter_t *adp, int mode)
  	}
  	vesa_adp->va_buffer_size = info.vi_buffer_size;
  	vesa_adp->va_window_orig = 0;
 -	vesa_adp->va_line_width = info.vi_buffer_size / info.vi_height;
 -	if ((info.vi_flags & V_INFO_GRAPHICS) != 0)
 -		vesa_adp->va_line_width /= info.vi_planes;
  	vesa_adp->va_disp_start.x = 0;
  	vesa_adp->va_disp_start.y = 0;
  #if VESA_DEBUG > 0
 @@ -1322,10 +1366,10 @@ vesa_save_palette(video_adapter_t *adp, u_char *pa
  {
  	int bits;
  
 -	if (adp == vesa_adp && VESA_MODE(adp->va_mode) &&
 -	    (adp->va_info.vi_flags & V_INFO_NONVGA) != 0) {
 +	if (adp == vesa_adp && VESA_MODE(adp->va_mode)) {
  		bits = (adp->va_flags & V_ADP_DAC8) != 0 ? 8 : 6;
 -		return (vesa_bios_save_palette(0, 256, palette, bits));
 +		if (vesa_bios_save_palette(0, 256, palette, bits) == 0)
 +			return (0);
  	}
  
  	return ((*prevvidsw->save_palette)(adp, palette));
 @@ -1336,10 +1380,10 @@ vesa_load_palette(video_adapter_t *adp, u_char *pa
  {
  	int bits;
  
 -	if (adp == vesa_adp && VESA_MODE(adp->va_mode) &&
 -	    (adp->va_info.vi_flags & V_INFO_NONVGA) != 0) {
 +	if (adp == vesa_adp && VESA_MODE(adp->va_mode)) {
  		bits = (adp->va_flags & V_ADP_DAC8) != 0 ? 8 : 6;
 -		return (vesa_bios_load_palette(0, 256, palette, bits));
 +		if (vesa_bios_load_palette(0, 256, palette, bits) == 0)
 +			return (0);
  	}
  
  	return ((*prevvidsw->load_palette)(adp, palette));
 @@ -1544,8 +1588,6 @@ get_palette(video_adapter_t *adp, int base, int co
  		return (1);
  	if (!VESA_MODE(adp->va_mode))
  		return (1);
 -	if ((adp->va_info.vi_flags & V_INFO_NONVGA) == 0)
 -		return (1);
  
  	bits = (adp->va_flags & V_ADP_DAC8) != 0 ? 8 : 6;
  	r = malloc(count * 3, M_DEVBUF, M_WAITOK);
 @@ -1582,8 +1624,6 @@ set_palette(video_adapter_t *adp, int base, int co
  		return (1);
  	if (!VESA_MODE(adp->va_mode))
  		return (1);
 -	if ((adp->va_info.vi_flags & V_INFO_NONVGA) == 0)
 -		return (1);
  
  	bits = (adp->va_flags & V_ADP_DAC8) != 0 ? 8 : 6;
  	r = malloc(count * 3, M_DEVBUF, M_WAITOK);
 Index: sys/dev/fb/vga.c
 ===================================================================
 --- sys/dev/fb/vga.c	(revision 205608)
 +++ sys/dev/fb/vga.c	(working copy)
 @@ -1979,6 +1979,7 @@ vga_show_font(video_adapter_t *adp, int page)
  static int
  vga_save_palette(video_adapter_t *adp, u_char *palette)
  {
 +    int bits;
      int i;
  
      prologue(adp, V_ADP_PALETTE, ENODEV);
 @@ -1988,8 +1989,9 @@ vga_save_palette(video_adapter_t *adp, u_char *pal
       * VGA has 6 bit DAC .
       */
      outb(PALRADR, 0x00);
 +    bits = (adp->va_flags & V_ADP_DAC8) != 0 ? 0 : 2;
      for (i = 0; i < 256*3; ++i)
 -	palette[i] = inb(PALDATA) << 2; 
 +	palette[i] = inb(PALDATA) << bits; 
      inb(adp->va_crtc_addr + 6);	/* reset flip/flop */
      return 0;
  }
 @@ -1998,15 +2000,17 @@ static int
  vga_save_palette2(video_adapter_t *adp, int base, int count,
  		  u_char *r, u_char *g, u_char *b)
  {
 +    int bits;
      int i;
  
      prologue(adp, V_ADP_PALETTE, ENODEV);
  
      outb(PALRADR, base);
 +    bits = (adp->va_flags & V_ADP_DAC8) != 0 ? 0 : 2;
      for (i = 0; i < count; ++i) {
 -	r[i] = inb(PALDATA) << 2; 
 -	g[i] = inb(PALDATA) << 2; 
 -	b[i] = inb(PALDATA) << 2; 
 +	r[i] = inb(PALDATA) << bits; 
 +	g[i] = inb(PALDATA) << bits; 
 +	b[i] = inb(PALDATA) << bits;
      }
      inb(adp->va_crtc_addr + 6);		/* reset flip/flop */
      return 0;
 @@ -2021,14 +2025,16 @@ vga_save_palette2(video_adapter_t *adp, int base,
  static int
  vga_load_palette(video_adapter_t *adp, u_char *palette)
  {
 +    int bits;
      int i;
  
      prologue(adp, V_ADP_PALETTE, ENODEV);
  
      outb(PIXMASK, 0xff);		/* no pixelmask */
      outb(PALWADR, 0x00);
 +    bits = (adp->va_flags & V_ADP_DAC8) != 0 ? 0 : 2;
      for (i = 0; i < 256*3; ++i)
 -	outb(PALDATA, palette[i] >> 2);
 +	outb(PALDATA, palette[i] >> bits);
      inb(adp->va_crtc_addr + 6);	/* reset flip/flop */
      outb(ATC, 0x20);			/* enable palette */
      return 0;
 @@ -2038,16 +2044,18 @@ static int
  vga_load_palette2(video_adapter_t *adp, int base, int count,
  		  u_char *r, u_char *g, u_char *b)
  {
 +    int bits;
      int i;
  
      prologue(adp, V_ADP_PALETTE, ENODEV);
  
      outb(PIXMASK, 0xff);		/* no pixelmask */
      outb(PALWADR, base);
 +    bits = (adp->va_flags & V_ADP_DAC8) != 0 ? 0 : 2;
      for (i = 0; i < count; ++i) {
 -	outb(PALDATA, r[i] >> 2);
 -	outb(PALDATA, g[i] >> 2);
 -	outb(PALDATA, b[i] >> 2);
 +	outb(PALDATA, r[i] >> bits);
 +	outb(PALDATA, g[i] >> bits);
 +	outb(PALDATA, b[i] >> bits);
      }
      inb(adp->va_crtc_addr + 6);		/* reset flip/flop */
      outb(ATC, 0x20);			/* enable palette */
 
 --Boundary-00=_GHlqL4FvzfRB5fT
 Content-Type: text/plain;
   charset="iso-8859-1";
   name="stable8.syscons.diff"
 Content-Transfer-Encoding: 7bit
 Content-Disposition: attachment;
 	filename="stable8.syscons.diff"
 
 MFC:	r205550, r205605
 
 Separate 24-bit pixel draw from 32-bit case.  Although it is slower, we do
 not want to write a useless zero to inaccessible memory region.
 
 Index: sys/dev/syscons/scvgarndr.c
 ===================================================================
 --- sys/dev/syscons/scvgarndr.c	(revision 205608)
 +++ sys/dev/syscons/scvgarndr.c	(working copy)
 @@ -181,9 +181,17 @@ static u_short mouse_or_mask[16] = {
  #define	vga_drawpxl(pos, color)						\
  	switch (scp->sc->adp->va_info.vi_depth) {			\
  		case 32:						\
 -		case 24:						\
  			writel(pos, vga_palette32[color]);		\
  			break;						\
 +		case 24:						\
 +			if (((pos) & 1) == 0) {				\
 +				writew(pos, vga_palette32[color]);	\
 +				writeb(pos + 2, vga_palette32[color] >> 16);\
 +			} else {					\
 +				writeb(pos, vga_palette32[color]);	\
 +				writew(pos + 1, vga_palette32[color] >> 8);\
 +			}						\
 +			break;						\
  		case 16:						\
  			if (scp->sc->adp->va_info.vi_pixel_fsizes[1] == 5)\
  				writew(pos, vga_palette15[color]);	\
 
 --Boundary-00=_GHlqL4FvzfRB5fT
 Content-Type: text/plain;
   charset="iso-8859-1";
   name="stable8.x86bios.diff"
 Content-Transfer-Encoding: 7bit
 Content-Disposition: attachment;
 	filename="stable8.x86bios.diff"
 
 MFC:	r205297, r205347, r205452, r205455
 
 - Detect illegal access to unmapped memory within real mode emulator.
 - Map EBDA if available and support memory wraparound above 1MB as VM86 does.
 - Print the initial memory map when bootverbose is set.
 - Add strictly aligned memory access for distant future.
 - Update copyright date.
 
 Index: sys/compat/x86bios/x86bios.c
 ===================================================================
 --- sys/compat/x86bios/x86bios.c	(revision 205608)
 +++ sys/compat/x86bios/x86bios.c	(working copy)
 @@ -1,6 +1,6 @@
  /*-
   * Copyright (c) 2009 Alex Keda <admin@lissyara.su>
 - * Copyright (c) 2009 Jung-uk Kim <jkim@FreeBSD.org>
 + * Copyright (c) 2009-2010 Jung-uk Kim <jkim@FreeBSD.org>
   * All rights reserved.
   *
   * Redistribution and use in source and binary forms, with or without
 @@ -60,14 +60,15 @@ __FBSDID("$FreeBSD$");
  
  #define	X86BIOS_IVT_BASE	0x00000000
  #define	X86BIOS_RAM_BASE	0x00001000
 -#define	X86BIOS_ROM_BASE	0x000a0000	/* XXX EBDA? */
 +#define	X86BIOS_ROM_BASE	0x000a0000
  
 -#define	X86BIOS_ROM_SIZE	(X86BIOS_MEM_SIZE - X86BIOS_ROM_BASE)
 +#define	X86BIOS_ROM_SIZE	(X86BIOS_MEM_SIZE - (uint32_t)x86bios_rom_phys)
  
  #define	X86BIOS_PAGES		(X86BIOS_MEM_SIZE / X86BIOS_PAGE_SIZE)
  
  #define	X86BIOS_R_DS		_pad1
  #define	X86BIOS_R_SS		_pad2
 +#define	X86BIOS_R_SP		_pad3.I16_reg.x_reg
  
  static struct x86emu x86bios_emu;
  
 @@ -79,8 +80,14 @@ static void *x86bios_seg;
  
  static vm_offset_t *x86bios_map;
  
 +static vm_paddr_t x86bios_rom_phys;
  static vm_paddr_t x86bios_seg_phys;
  
 +static int x86bios_fault;
 +static uint32_t x86bios_fault_addr;
 +static uint16_t x86bios_fault_cs;
 +static uint16_t x86bios_fault_ip;
 +
  SYSCTL_NODE(_debug, OID_AUTO, x86bios, CTLFLAG_RD, NULL, "x86bios debugging");
  static int x86bios_trace_call;
  TUNABLE_INT("debug.x86bios.call", &x86bios_trace_call);
 @@ -91,14 +98,27 @@ TUNABLE_INT("debug.x86bios.int", &x86bios_trace_in
  SYSCTL_INT(_debug_x86bios, OID_AUTO, int, CTLFLAG_RW, &x86bios_trace_int, 0,
      "Trace software interrupt handlers");
  
 +static void
 +x86bios_set_fault(struct x86emu *emu, uint32_t addr)
 +{
 +
 +	x86bios_fault = 1;
 +	x86bios_fault_addr = addr;
 +	x86bios_fault_cs = emu->x86.R_CS;
 +	x86bios_fault_ip = emu->x86.R_IP;
 +	x86emu_halt_sys(emu);
 +}
 +
  static void *
  x86bios_get_pages(uint32_t offset, size_t size)
  {
  	int i;
  
 -	if (offset + size > X86BIOS_MEM_SIZE)
 +	if (offset + size > X86BIOS_MEM_SIZE + X86BIOS_IVT_SIZE)
  		return (NULL);
  
 +	if (offset >= X86BIOS_MEM_SIZE)
 +		offset -= X86BIOS_MEM_SIZE;
  	i = offset / X86BIOS_PAGE_SIZE;
  	if (x86bios_map[i] != 0)
  		return ((void *)(x86bios_map[i] + offset -
 @@ -124,7 +144,7 @@ x86bios_emu_rdb(struct x86emu *emu, uint32_t addr)
  
  	va = x86bios_get_pages(addr, sizeof(*va));
  	if (va == NULL)
 -		x86emu_halt_sys(emu);
 +		x86bios_set_fault(emu, addr);
  
  	return (*va);
  }
 @@ -136,8 +156,13 @@ x86bios_emu_rdw(struct x86emu *emu, uint32_t addr)
  
  	va = x86bios_get_pages(addr, sizeof(*va));
  	if (va == NULL)
 -		x86emu_halt_sys(emu);
 +		x86bios_set_fault(emu, addr);
  
 +#ifndef __NO_STRICT_ALIGNMENT
 +	if ((addr & 1) != 0)
 +		return (le16dec(va));
 +	else
 +#endif
  	return (le16toh(*va));
  }
  
 @@ -148,8 +173,13 @@ x86bios_emu_rdl(struct x86emu *emu, uint32_t addr)
  
  	va = x86bios_get_pages(addr, sizeof(*va));
  	if (va == NULL)
 -		x86emu_halt_sys(emu);
 +		x86bios_set_fault(emu, addr);
  
 +#ifndef __NO_STRICT_ALIGNMENT
 +	if ((addr & 3) != 0)
 +		return (le32dec(va));
 +	else
 +#endif
  	return (le32toh(*va));
  }
  
 @@ -160,7 +190,7 @@ x86bios_emu_wrb(struct x86emu *emu, uint32_t addr,
  
  	va = x86bios_get_pages(addr, sizeof(*va));
  	if (va == NULL)
 -		x86emu_halt_sys(emu);
 +		x86bios_set_fault(emu, addr);
  
  	*va = val;
  }
 @@ -172,8 +202,13 @@ x86bios_emu_wrw(struct x86emu *emu, uint32_t addr,
  
  	va = x86bios_get_pages(addr, sizeof(*va));
  	if (va == NULL)
 -		x86emu_halt_sys(emu);
 +		x86bios_set_fault(emu, addr);
  
 +#ifndef __NO_STRICT_ALIGNMENT
 +	if ((addr & 1) != 0)
 +		le16enc(va, val);
 +	else
 +#endif
  	*va = htole16(val);
  }
  
 @@ -184,8 +219,13 @@ x86bios_emu_wrl(struct x86emu *emu, uint32_t addr,
  
  	va = x86bios_get_pages(addr, sizeof(*va));
  	if (va == NULL)
 -		x86emu_halt_sys(emu);
 +		x86bios_set_fault(emu, addr);
  
 +#ifndef __NO_STRICT_ALIGNMENT
 +	if ((addr & 3) != 0)
 +		le32enc(va, val);
 +	else
 +#endif
  	*va = htole32(val);
  }
  
 @@ -281,7 +321,7 @@ x86bios_alloc(uint32_t *offset, size_t size)
  		return (NULL);
  
  	vaddr = contigmalloc(size, M_DEVBUF, M_NOWAIT, X86BIOS_RAM_BASE,
 -	    X86BIOS_ROM_BASE, X86BIOS_PAGE_SIZE, 0);
 +	    x86bios_rom_phys, X86BIOS_PAGE_SIZE, 0);
  	if (vaddr != NULL) {
  		*offset = vtophys(vaddr);
  		x86bios_set_pages((vm_offset_t)vaddr, *offset, size);
 @@ -299,7 +339,7 @@ x86bios_free(void *addr, size_t size)
  		return;
  
  	paddr = vtophys(addr);
 -	if (paddr < X86BIOS_RAM_BASE || paddr >= X86BIOS_ROM_BASE ||
 +	if (paddr < X86BIOS_RAM_BASE || paddr >= x86bios_rom_phys ||
  	    paddr % X86BIOS_PAGE_SIZE != 0)
  		return;
  
 @@ -313,7 +353,9 @@ x86bios_init_regs(struct x86regs *regs)
  {
  
  	bzero(regs, sizeof(*regs));
 -	regs->X86BIOS_R_DS = regs->X86BIOS_R_SS = x86bios_seg_phys >> 4;
 +	regs->X86BIOS_R_DS = 0x40;
 +	regs->X86BIOS_R_SS = x86bios_seg_phys >> 4;
 +	regs->X86BIOS_R_SP = 0xfffe;
  }
  
  void
 @@ -331,15 +373,21 @@ x86bios_call(struct x86regs *regs, uint16_t seg, u
  
  	mtx_lock_spin(&x86bios_lock);
  	memcpy(&x86bios_emu.x86, regs, sizeof(*regs));
 +	x86bios_fault = 0;
  	x86emu_exec_call(&x86bios_emu, seg, off);
  	memcpy(regs, &x86bios_emu.x86, sizeof(*regs));
  	mtx_unlock_spin(&x86bios_lock);
  
 -	if (x86bios_trace_call)
 +	if (x86bios_trace_call) {
  		printf("Exiting 0x%05x (ax=0x%04x bx=0x%04x "
  		    "cx=0x%04x dx=0x%04x es=0x%04x di=0x%04x)\n",
  		    (seg << 4) + off, regs->R_AX, regs->R_BX, regs->R_CX,
  		    regs->R_DX, regs->R_ES, regs->R_DI);
 +		if (x86bios_fault)
 +			printf("Page fault at 0x%05x from 0x%04x:0x%04x.\n",
 +			    x86bios_fault_addr, x86bios_fault_cs,
 +			    x86bios_fault_ip);
 +	}
  }
  
  uint32_t
 @@ -370,15 +418,21 @@ x86bios_intr(struct x86regs *regs, int intno)
  
  	mtx_lock_spin(&x86bios_lock);
  	memcpy(&x86bios_emu.x86, regs, sizeof(*regs));
 +	x86bios_fault = 0;
  	x86emu_exec_intr(&x86bios_emu, intno);
  	memcpy(regs, &x86bios_emu.x86, sizeof(*regs));
  	mtx_unlock_spin(&x86bios_lock);
  
 -	if (x86bios_trace_int)
 +	if (x86bios_trace_int) {
  		printf("Exiting int 0x%x (ax=0x%04x bx=0x%04x "
  		    "cx=0x%04x dx=0x%04x es=0x%04x di=0x%04x)\n",
  		    intno, regs->R_AX, regs->R_BX, regs->R_CX,
  		    regs->R_DX, regs->R_ES, regs->R_DI);
 +		if (x86bios_fault)
 +			printf("Page fault at 0x%05x from 0x%04x:0x%04x.\n",
 +			    x86bios_fault_addr, x86bios_fault_cs,
 +			    x86bios_fault_ip);
 +	}
  }
  
  void *
 @@ -433,6 +487,12 @@ x86bios_match_device(uint32_t offset, device_t dev
  	return (1);
  }
  
 +#if defined(__amd64__) || (defined(__i386__) && !defined(PC98))
 +#define	PROBE_EBDA	1
 +#else
 +#define	PROBE_EBDA	0
 +#endif
 +
  static __inline int
  x86bios_map_mem(void)
  {
 @@ -440,18 +500,63 @@ x86bios_map_mem(void)
  	x86bios_ivt = pmap_mapbios(X86BIOS_IVT_BASE, X86BIOS_IVT_SIZE);
  	if (x86bios_ivt == NULL)
  		return (1);
 -	x86bios_rom = pmap_mapdev(X86BIOS_ROM_BASE, X86BIOS_ROM_SIZE);
 +
 +#if PROBE_EBDA
 +	/* Probe EBDA via BDA. */
 +	x86bios_rom_phys = *(uint16_t *)((vm_offset_t)x86bios_ivt + 0x40e);
 +	x86bios_rom_phys = le16toh(x86bios_rom_phys) << 4;
 +	if (x86bios_rom_phys != 0 && x86bios_rom_phys < X86BIOS_ROM_BASE &&
 +	    X86BIOS_ROM_BASE - x86bios_rom_phys <= 128 * 1024)
 +		x86bios_rom_phys =
 +		    rounddown(x86bios_rom_phys, X86BIOS_PAGE_SIZE);
 +	else
 +#endif
 +	x86bios_rom_phys = X86BIOS_ROM_BASE;
 +	x86bios_rom = pmap_mapdev(x86bios_rom_phys, X86BIOS_ROM_SIZE);
  	if (x86bios_rom == NULL) {
  		pmap_unmapdev((vm_offset_t)x86bios_ivt, X86BIOS_IVT_SIZE);
  		return (1);
  	}
 +#if PROBE_EBDA
 +	/* Change attribute for EBDA. */
 +	if (x86bios_rom_phys < X86BIOS_ROM_BASE &&
 +	    pmap_change_attr((vm_offset_t)x86bios_rom,
 +	    X86BIOS_ROM_BASE - x86bios_rom_phys, PAT_WRITE_BACK) != 0) {
 +		pmap_unmapdev((vm_offset_t)x86bios_ivt, X86BIOS_IVT_SIZE);
 +		pmap_unmapdev((vm_offset_t)x86bios_rom, X86BIOS_ROM_SIZE);
 +		return (1);
 +	}
 +#endif
 +
  	x86bios_seg = contigmalloc(X86BIOS_SEG_SIZE, M_DEVBUF, M_WAITOK,
 -	    X86BIOS_RAM_BASE, X86BIOS_ROM_BASE, X86BIOS_PAGE_SIZE, 0);
 +	    X86BIOS_RAM_BASE, x86bios_rom_phys, X86BIOS_PAGE_SIZE, 0);
  	x86bios_seg_phys = vtophys(x86bios_seg);
  
 +	if (bootverbose) {
 +		printf("x86bios:   IVT 0x%06x-0x%06x at %p\n",
 +		    X86BIOS_IVT_BASE, X86BIOS_IVT_SIZE + X86BIOS_IVT_BASE - 1,
 +		    x86bios_ivt);
 +		printf("x86bios:  SSEG 0x%06x-0x%06x at %p\n",
 +		    (uint32_t)x86bios_seg_phys,
 +		    X86BIOS_SEG_SIZE + (uint32_t)x86bios_seg_phys - 1,
 +		    x86bios_seg);
 +#if PROBE_EBDA
 +		if (x86bios_rom_phys < X86BIOS_ROM_BASE)
 +			printf("x86bios:  EBDA 0x%06x-0x%06x at %p\n",
 +			    (uint32_t)x86bios_rom_phys, X86BIOS_ROM_BASE - 1,
 +			    x86bios_rom);
 +#endif
 +		printf("x86bios:   ROM 0x%06x-0x%06x at %p\n",
 +		    X86BIOS_ROM_BASE, X86BIOS_MEM_SIZE - X86BIOS_SEG_SIZE - 1,
 +		    (void *)((vm_offset_t)x86bios_rom + X86BIOS_ROM_BASE -
 +		    (vm_offset_t)x86bios_rom_phys));
 +	}
 +
  	return (0);
  }
  
 +#undef PROBE_EBDA
 +
  static __inline void
  x86bios_unmap_mem(void)
  {
 @@ -475,7 +580,7 @@ x86bios_init(void *arg __unused)
  	    M_WAITOK | M_ZERO);
  	x86bios_set_pages((vm_offset_t)x86bios_ivt, X86BIOS_IVT_BASE,
  	    X86BIOS_IVT_SIZE);
 -	x86bios_set_pages((vm_offset_t)x86bios_rom, X86BIOS_ROM_BASE,
 +	x86bios_set_pages((vm_offset_t)x86bios_rom, x86bios_rom_phys,
  	    X86BIOS_ROM_SIZE);
  	x86bios_set_pages((vm_offset_t)x86bios_seg, x86bios_seg_phys,
  	    X86BIOS_SEG_SIZE);
 
 --Boundary-00=_GHlqL4FvzfRB5fT--

From: Jung-uk Kim <jkim@FreeBSD.org>
To: bug-followup@freebsd.org
Cc: jane <dummy@smtp.ru>,
 "barbara" <barbara.xxx1975@libero.it>,
 "Kevin Oberman" <oberman@es.net>,
 delphij@FreeBSD.org
Subject: Re: kern/144654: [vesa] VESA support broken on FreeBSD 8.0 Stable [regression]
Date: Wed, 24 Mar 2010 19:23:09 -0400

 --Boundary-00=_m7pqLnolPaUTnLN
 Content-Type: text/plain;
   charset="iso-8859-1"
 Content-Transfer-Encoding: 7bit
 Content-Disposition: inline
 
 I think I know what's going on, really.  Some VESA BIOSes directly 
 call another interrupt handler from the interrupt handler.  This 
 special case is handled by x86bios but it was completely broken.  
 Sorry, I don't know what I was thinking. :-(
 
 Please try the attached patch and let me know if it fixes your 
 problem.
 
 Thanks!
 
 Jung-uk Kim
 
 --Boundary-00=_m7pqLnolPaUTnLN
 Content-Type: text/plain;
   charset="iso-8859-1";
   name="x86bios.diff"
 Content-Transfer-Encoding: 7bit
 Content-Disposition: attachment;
 	filename="x86bios.diff"
 
 Index: x86bios.c
 ===================================================================
 --- x86bios.c	(revision 205603)
 +++ x86bios.c	(working copy)
 @@ -307,8 +307,8 @@ x86bios_emu_get_intr(struct x86emu *emu, int intno
  	sp[2] = htole16(emu->x86.R_FLG);
  
  	iv = x86bios_get_intr(intno);
 -	emu->x86.R_IP = iv & 0x000f;
 -	emu->x86.R_CS = (iv >> 12) & 0xffff;
 +	emu->x86.R_IP = iv & 0xffff;
 +	emu->x86.R_CS = (iv >> 16) & 0xffff;
  	emu->x86.R_FLG &= ~(F_IF | F_TF);
  }
  
 
 --Boundary-00=_m7pqLnolPaUTnLN--

From: jane <dummy@smtp.ru>
To: bug-followup@freebsd.org, "Jung-uk Kim" <jkim@freebsd.org>
Cc:  
Subject: Re: kern/144654: [vesa] VESA support broken on FreeBSD 8.0 Stable
 [regression]
Date: Thu, 25 Mar 2010 14:48:05 +0300

 After applying first series patches:
 
 Mar 25 14:41:14 sigma kernel: Calling int 0x10 (ax=0x4f02 bx=0x4117
 cx=0x0000 dx=0x0000 es=0x0000 di=0x0000)
 Mar 25 14:41:14 sigma kernel: Exiting int 0x10 (ax=0x004a bx=0x0117
 cx=0x0014 dx=0x0000 es=0x0000 di=0x0000)
 Mar 25 14:41:14 sigma kernel: Page fault at 0x02e43 from 0x0000:0x2e43.

From: jane <dummy@smtp.ru>
To: bug-followup@freebsd.org, "Jung-uk Kim" <jkim@freebsd.org>
Cc:  
Subject: Re: kern/144654: [vesa] VESA support broken on FreeBSD 8.0 Stable
 [regression]
Date: Thu, 25 Mar 2010 16:05:41 +0300

 Thanks!
 After applying secondary patch (on x86bios.c) I can switch to MODE_279.  
 Output from debug:
 
 Mar 25 16:01:15 sigma kernel: Calling int 0x10 (ax=0x4f02 bx=0x4117  
 cx=0x0000 dx=0x0000 es=0x0000 di=0x0000)
 Mar 25 16:01:15 sigma kernel: Exiting int 0x10 (ax=0x004f bx=0x4117  
 cx=0x0000 dx=0x0000 es=0x0000 di=0x0000)
 Mar 25 16:01:15 sigma kernel: Calling int 0x10 (ax=0x4f06 bx=0x0001  
 cx=0x0000 dx=0x0000 es=0x0000 di=0x0000)
 Mar 25 16:01:15 sigma kernel: Exiting int 0x10 (ax=0x004f bx=0x0800  
 cx=0x0400 dx=0x1000 es=0x0000 di=0x0000)
 
 BTW It's need to be tested on adm64 arch.

From: dfilter@FreeBSD.ORG (dfilter service)
To: bug-followup@FreeBSD.org
Cc:  
Subject: Re: kern/144654: commit references a PR
Date: Thu, 25 Mar 2010 15:56:19 +0000 (UTC)

 Author: jkim
 Date: Thu Mar 25 15:56:04 2010
 New Revision: 205647
 URL: http://svn.freebsd.org/changeset/base/205647
 
 Log:
   Fix stupid typos.  Some VESA BIOSes directly call BIOS interrupt handlers
   within the VBE interrupt handler.  Unfortunately it was causing real mode
   page faults because we were fetching instructions from bogus addresses.
   Pass me the pointyhat, please.
   
   PR:		kern/144654
   MFC after:	3 days
 
 Modified:
   head/sys/compat/x86bios/x86bios.c
 
 Modified: head/sys/compat/x86bios/x86bios.c
 ==============================================================================
 --- head/sys/compat/x86bios/x86bios.c	Thu Mar 25 15:53:02 2010	(r205646)
 +++ head/sys/compat/x86bios/x86bios.c	Thu Mar 25 15:56:04 2010	(r205647)
 @@ -307,8 +307,8 @@ x86bios_emu_get_intr(struct x86emu *emu,
  	sp[2] = htole16(emu->x86.R_FLG);
  
  	iv = x86bios_get_intr(intno);
 -	emu->x86.R_IP = iv & 0x000f;
 -	emu->x86.R_CS = (iv >> 12) & 0xffff;
 +	emu->x86.R_IP = iv & 0xffff;
 +	emu->x86.R_CS = (iv >> 16) & 0xffff;
  	emu->x86.R_FLG &= ~(F_IF | F_TF);
  }
  
 _______________________________________________
 svn-src-all@freebsd.org mailing list
 http://lists.freebsd.org/mailman/listinfo/svn-src-all
 To unsubscribe, send any mail to "svn-src-all-unsubscribe@freebsd.org"
 
State-Changed-From-To: open->patched 
State-Changed-By: remko 
State-Changed-When: Thu Mar 25 17:48:36 UTC 2010 
State-Changed-Why:  
Reassign to jkim 

http://www.freebsd.org/cgi/query-pr.cgi?pr=144654 

From: "Kevin Oberman" <oberman@es.net>
To: Jung-uk Kim <jkim@FreeBSD.org>
Cc: bug-followup@freebsd.org, jane <dummy@smtp.ru>,
        "barbara" <barbara.xxx1975@libero.it>, delphij@FreeBSD.org
Subject: Re: kern/144654: [vesa] VESA support broken on FreeBSD 8.0 Stable [regression] 
Date: Thu, 25 Mar 2010 17:24:45 -0700

 Jung-uk,
 
 You caught me while on travel, so I just tried this and it works! With
 this latest patch, my system is not only back to normal, but better
 since, for the first time I am aware of, the saver beastie works!
 
 Thanks so much. I hope you can commit these fixes and MFC fairly quickly
 as I usually rebuild this system weekly and it will be nice not to have
 to patch or pull it in from HEAD.
 -- 
 R. Kevin Oberman, Network Engineer
 Energy Sciences Network (ESnet)
 Ernest O. Lawrence Berkeley National Laboratory (Berkeley Lab)
 E-mail: oberman@es.net			Phone: +1 510 486-8634
 Key fingerprint:059B 2DDF 031C 9BA3 14A4  EADA 927D EBB3 987B 3751
 
 > From: Jung-uk Kim <jkim@FreeBSD.org>
 > Date: Wed, 24 Mar 2010 19:23:09 -0400
 > 
 > I think I know what's going on, really.  Some VESA BIOSes directly 
 > call another interrupt handler from the interrupt handler.  This 
 > special case is handled by x86bios but it was completely broken.  
 > Sorry, I don't know what I was thinking. :-(
 > 
 > Please try the attached patch and let me know if it fixes your 
 > problem.
 > 
 > Thanks!
 > 
 > Jung-uk Kim
 > 

Date: Fri, 26 Mar 2010 01:42:39 +0100
From: "barbara" <barbara.xxx1975@libero.it>
Subject: =?iso-8859-1?b?UmU6IGtlcm4vMTQ0NjU0OiBbdmVzYV0gVkVTQSBzdXBwb3J0IGJy?=

 > Please try the attached patch and let me know if it fixes your 
 > problem.
  
 I've rebuilt world+kernel on FreeBSD 8.0-STABLE i386 after applying patch
 #1 and #2.  I had a *great* improvement in term of stability: no problem
 at boot, no more kernel panic or locks using vidcontrol, fast switch
 between all modes.
 
 Anyway none of the modes of type "G" is working, now not even 640x800 or 
 320x200.  I'm still seeing the monitor going black with "no signal".
 
 Thanks
 Barbara

From: val <dummy@smtp.ru>
To: bug-followup@freebsd.org, dummy@smtp.ru
Cc:  
Subject: Re: kern/144654: [vesa] VESA support broken on FreeBSD 8.0 Stable
 [regression]
Date: Mon, 29 Mar 2010 11:57:47 +0500

 Here debug output from x64 system (switching to same MODE 279):
 
 
 Mar 29 11:51:05 lian-zb kernel: Calling int 0x10 (ax=0x4f02 bx=0x4117  
 cx=0x0000 dx=0x0000 es=0x0000 di=0x0000)
 Mar 29 11:51:05 lian-zb kernel: Exiting int 0x10 (ax=0x3c00 bx=0x0000  
 cx=0x56b5 dx=0x0000 es=0xc000 di=0x0000)
 Mar 29 11:51:44 lian-zb kernel: Calling int 0x10 (ax=0x4f02 bx=0x4117  
 cx=0x0000 dx=0x0000 es=0x0000 di=0x0000)
 Mar 29 11:51:44 lian-zb kernel: Exiting int 0x10 (ax=0x3c00 bx=0x0000  
 cx=0x56b5 dx=0x0000 es=0xc000 di=0x0000)
 
 This output produced on non-patched version of x86bios.c, after applying  
 patch system hung.

From: val <dummy@smtp.ru>
To: bug-followup@freebsd.org, dummy@smtp.ru
Cc:  
Subject: Re: kern/144654: [vesa] VESA support broken on FreeBSD 8.0 Stable
 [regression]
Date: Mon, 29 Mar 2010 12:22:57 +0500

 Get debug output based on patched version of x86bios.c for x64 system:
 
 Mar 29 12:17:24 lian-zb kernel: Calling int 0x10 (ax=0x4f02 bx=0x4117  
 cx=0x0000 dx=0x0000 es=0x0000 di=0x0000)
 Mar 29 12:17:24 lian-zb kernel: Exiting int 0x10 (ax=0x004f bx=0x4117  
 cx=0x0000 dx=0x0000 es=0x0000 di=0x0000)
 Mar 29 12:17:24 lian-zb kernel: Calling int 0x10 (ax=0x4f08 bx=0x0800  
 cx=0x0000 dx=0x0000 es=0x0000 di=0x0000)
 Mar 29 12:17:24 lian-zb kernel: Exiting int 0x10 (ax=0x034f bx=0x0800  
 cx=0x0000 dx=0x0000 es=0x0000 di=0x0000)

From: dfilter@FreeBSD.ORG (dfilter service)
To: bug-followup@FreeBSD.org
Cc:  
Subject: Re: kern/144654: commit references a PR
Date: Mon, 29 Mar 2010 15:59:56 +0000 (UTC)

 Author: jkim
 Date: Mon Mar 29 15:59:37 2010
 New Revision: 205837
 URL: http://svn.freebsd.org/changeset/base/205837
 
 Log:
   MFC:	r205647
   
   Fix stupid typos.  Some VESA BIOSes directly call BIOS interrupt handlers
   within the VBE interrupt handler.  Unfortunately it was causing real mode
   page faults because we were fetching instructions from bogus addresses.
   
   PR:		kern/144654
 
 Modified:
   stable/8/sys/compat/x86bios/x86bios.c
 Directory Properties:
   stable/8/sys/   (props changed)
   stable/8/sys/amd64/include/xen/   (props changed)
   stable/8/sys/cddl/contrib/opensolaris/   (props changed)
   stable/8/sys/contrib/dev/acpica/   (props changed)
   stable/8/sys/contrib/pf/   (props changed)
   stable/8/sys/dev/xen/xenpci/   (props changed)
 
 Modified: stable/8/sys/compat/x86bios/x86bios.c
 ==============================================================================
 --- stable/8/sys/compat/x86bios/x86bios.c	Mon Mar 29 15:39:17 2010	(r205836)
 +++ stable/8/sys/compat/x86bios/x86bios.c	Mon Mar 29 15:59:37 2010	(r205837)
 @@ -267,8 +267,8 @@ x86bios_emu_get_intr(struct x86emu *emu,
  	sp[2] = htole16(emu->x86.R_FLG);
  
  	iv = x86bios_get_intr(intno);
 -	emu->x86.R_IP = iv & 0x000f;
 -	emu->x86.R_CS = (iv >> 12) & 0xffff;
 +	emu->x86.R_IP = iv & 0xffff;
 +	emu->x86.R_CS = (iv >> 16) & 0xffff;
  	emu->x86.R_FLG &= ~(F_IF | F_TF);
  }
  
 _______________________________________________
 svn-src-all@freebsd.org mailing list
 http://lists.freebsd.org/mailman/listinfo/svn-src-all
 To unsubscribe, send any mail to "svn-src-all-unsubscribe@freebsd.org"
 
State-Changed-From-To: patched->closed 
State-Changed-By: jkim 
State-Changed-When: Mon Mar 29 16:02:00 UTC 2010 
State-Changed-Why:  
The fix was MFC'ed to stable/8.  I will deal with a remaining problem 
independently from this PR because it seems to be a different issue. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=144654 

From: Jung-uk Kim <jkim@FreeBSD.org>
To: val <dummy@smtp.ru>
Cc: bug-followup@freebsd.org
Subject: Re: kern/144654: [vesa] VESA support broken on FreeBSD 8.0 Stable [regression]
Date: Mon, 29 Mar 2010 12:06:12 -0400

 The fix was MFC'ed to stable/8.
 
 Thanks!
 
 Jung-uk Kim
>Unformatted:
