Bug 11842

Summary: lockup and illegal extended x86 opcode
Product: xorg Reporter: Brice Goglin <brice.goglin>
Component: Server/GeneralAssignee: Xorg Project Team <xorg-team>
Status: RESOLVED FIXED QA Contact: Xorg Project Team <xorg-team>
Severity: normal    
Priority: medium    
Version: 7.2 (2007.02)   
Hardware: Other   
OS: All   
URL: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=404885
Whiteboard:
i915 platform: i915 features:

Description Brice Goglin 2007-08-04 01:45:02 UTC 
Bug reported by Robert de Bath on the Debian BTS 8 months ago. His server locks up saying:

  f000:5054: 01 ILLEGAL EXTENDED X86 OPCODE!
  XIO:  fatal IO error 104 (Connection reset by peer) on X server ":0.0"
  after 0 requests (0 known processed) with 0 events remaining.

He's using the vesa driver with xserver 1.3 (it did not with 1.1). The full log is available at http://bugs.debian.org/cgi-bin/bugreport.cgi?msg=20;filename=Xorg.0.log;att=1;bug=404885

The same problem (maybe better reported) is also at http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=433144
and also with the i810 driver in
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=428796
which seems to prove that's the bug in the server (in the int10 code) and not vesa-specific.

Robert looked at the code in hw/xfree86/int10/xf86int10.c, in function
int1A_handler. For AX values 0xb108, 0xb109, 0xb10a, 0xb10b, 0xb10c and 0xb10d, the entire contents of EDI is used as a pci register number, only DI should be used. He fixed the problem (for his specific BIOS) by changing the following in the 0xb10a case:
< X86_ECX = pciReadLong(tag, X86_EDI);
--
> X86_ECX = pciReadLong(tag, X86_DI);

Brice
Comment 1 Adam Jackson 2008-06-24 11:15:01 UTC 
Nice find.  Fixed in master and 1.5 branch, thanks!

Use of freedesktop.org services, including Bugzilla, is subject to our Code of Conduct. How we collect and use information is described in our Privacy Policy.