Re: kern/59721: qemu VM's blackscreen over VNC wth -machine q35

To: Roy Marples <roy%marples.name@localhost>, Michael van Elst <mlelstv%serpens.de@localhost>, Martin Husemann <martin%duskware.de@localhost>
Subject: Re: kern/59721: qemu VM's blackscreen over VNC wth -machine q35
From: Taylor R Campbell <riastradh%NetBSD.org@localhost>
Date: Sun, 26 Oct 2025 21:56:17 +0000

Following https://www.seabios.org/Debugging.html I tried building my
own SeaBIOS with extra debugging output, and diffed the output of

qemu-system-x86_64 \
  -machine q35 \
  -chardev stdio,id=seabios \
  -device isa-debugcon,iobase=0x402,chardev=seabios

with and without `-accel nvmm'.  Here are the main differences
(skipping a profusion of probably-insignificant hypervisor-section
cpuid queries), with - bad (-accel nvmm) and + good (no -accel nvmm):

 No Xen hypervisor found.
 enabling shadow ram
 Running on QEMU (q35)
-physbits: signature="GenuineIntel", pae=yes, lm=yes, phys-bits=39, valid=yes
-cpuid 0x40000000: eax 40000000, signature '___ NVMM ___'
+physbits: signature="AuthenticAMD", pae=yes, lm=yes, phys-bits=40, valid=yes
+cpuid 0x40000000: eax 40000001, signature 'TCGTCGTCGTCG'
 Found QEMU fw_cfg
 QEMU fw_cfg DMA interface supported
+Add to e820 map: fd00000000 300000000 2
+qemu/e820: addr 0x000000fd00000000 len 0x0000000300000000 [reserved]
 Add to e820 map: 00000000 08000000 1
 qemu/e820: addr 0x0000000000000000 len 0x0000000008000000 [RAM]
 qemu/e820: RamSize: 0x08000000
@@ -297,7 +298,7 @@
 phys_alloc zone=0x06fffe78 size=148 align=10 ret=6fea500 (detail=0x06fea4d0)
 Add romfile: etc/boot-fail-wait (size=4)
 phys_alloc zone=0x06fffe78 size=148 align=10 ret=6fea430 (detail=0x06fea400)
-Add romfile: etc/e820 (size=20)
+Add romfile: etc/e820 (size=40)
 phys_alloc zone=0x06fffe78 size=148 align=10 ret=6fea360 (detail=0x06fea330)
 Add romfile: etc/smbios/smbios-anchor (size=31)
 phys_alloc zone=0x06fffe78 size=148 align=10 ret=6fea290 (detail=0x06fea260)
@@ -398,6 +399,7 @@
 phys_free 6fe9aa0 (detail=0x06fe9a70)
 PCI: Using 00:01.0 for primary VGA
 init smm
+handle_smi cmd=0 smbase=0x00030000
 init mtrr
 Found 1 cpu(s) max supported 1 cpu(s)
 init PIR table
@@ -787,9 +789,13 @@
    a=00000008  b=0000ffff  c=00000000  d=0000ffff ds=0000 es=f000 ss=0000
   si=00000000 di=00004c00 bp=00000000 sp=00006d52 cs=f000 ip=c7eb  f=0000
 Attempting to allocate 512 bytes lowmem via pmm call to f000:c89f
+call32_smm 0x06ffee31 6cf8
+handle_smi cmd=b5 smbase=0x000a0000
 pmm call arg1=0
 pmm00: length=20 handle=ffffffff flags=9
 phys_alloc zone=0x06fffe88 size=512 align=10 ret=e6120 (detail=0x06fe8cd0)
+handle_smi cmd=b5 smbase=0x000a0000
+call32_smm done 0x06ffee31 e6120
 VGA stack allocated at e6120
 Turning on vga text mode console

I also inserted a sleep in enable_vga_console, and confirmed that the
first difference happens immediately after the first INT 10h(ax=0003)
call: in the good case, there's a blinking cursor after that; in the
bad case, there's none.

The missing handle_smi and call32_smm lines look suspicious.

Follow-Ups:
- Re: kern/59721: qemu VM's blackscreen over VNC wth -machine q35
  - From: Taylor R Campbell

References:
- Re: kern/59721: qemu VM's blackscreen over VNC wth -machine q35
  - From: Taylor R Campbell

Prev by Date: Re: pkg/57145: gmake: *** INTERNAL: readdir: Operation not supported. Stop.
Next by Date: Re: kern/59721: qemu VM's blackscreen over VNC wth -machine q35
Previous by Thread: Re: kern/59721: qemu VM's blackscreen over VNC wth -machine q35
Next by Thread: Re: kern/59721: qemu VM's blackscreen over VNC wth -machine q35
Indexes:

Home | Main Index | Thread Index | Old Index