From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from mailman by lists.gnu.org with tmda-scanned (Exim 4.43)
	id 1MfLxF-0006yM-V0
	for qemu-devel@nongnu.org; Sun, 23 Aug 2009 18:54:29 -0400
Received: from exim by lists.gnu.org with spam-scanned (Exim 4.43)
	id 1MfLxB-0006qx-0z
	for qemu-devel@nongnu.org; Sun, 23 Aug 2009 18:54:29 -0400
Received: from [199.232.76.173] (port=39912 helo=monty-python.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.43) id 1MfLxA-0006qV-O4
	for qemu-devel@nongnu.org; Sun, 23 Aug 2009 18:54:24 -0400
Received: from mail-fx0-f211.google.com ([209.85.220.211]:51876)
	by monty-python.gnu.org with esmtp (Exim 4.60)
	(envelope-from <stefanrin@gmail.com>) id 1MfLxA-0000wZ-19
	for qemu-devel@nongnu.org; Sun, 23 Aug 2009 18:54:24 -0400
Received: by fxm7 with SMTP id 7so1386258fxm.34
	for <qemu-devel@nongnu.org>; Sun, 23 Aug 2009 15:54:22 -0700 (PDT)
MIME-Version: 1.0
In-Reply-To: <20090823215558.GA9093@shareable.org>
References: <patchbomb.1251024893@macbook-3.chello.at>
	<20090823124410.GA30789@shareable.org>
	<53e878390908231020s32575288jf2dd1450bae241c9@mail.gmail.com>
	<20090823215558.GA9093@shareable.org>
Date: Mon, 24 Aug 2009 00:54:22 +0200
Message-ID: <53e878390908231554o39fb1700n8b495e6c1089fc6@mail.gmail.com>
Subject: Re: [Qemu-devel] [PATCH 0 of 1] Fix for DOS keyboard problems
From: Stefan Ring <stefanrin@gmail.com>
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
List-Id: qemu-devel.nongnu.org
List-Unsubscribe: <http://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/pipermail/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <http://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: Jamie Lokier <jamie@shareable.org>
Cc: qemu-devel@nongnu.org

On Sun, Aug 23, 2009 at 11:55 PM, Jamie Lokier<jamie@shareable.org> wrote:
> Let's see if I understand your explanation.
>
> =C2=A0 1. Cursor key is pressed. =C2=A0The key press is represented as tw=
o scan codes.
> =C2=A0 2. IRQ 1 is entered.
> =C2=A0 3. Borland's code reads port 60h - gets the first scan code.
> =C2=A0 4. BIOS's code reads port 60h - gets the second scan code.
> =C2=A0 5. Return from IRQ 1.
>
> =C2=A0 6. Cursor key is released. =C2=A0The key release is represented as=
 two
> =C2=A0 =C2=A0 =C2=A0scan codes.
> =C2=A0 7. IRQ 1 is entered.
> =C2=A0 8. Borland's code reads port 60h - gets the first scan code.
> =C2=A0 9. BIOS's code reads port 60h - gets the second scan code.
> =C2=A010. Return from IRQ 1.
>
> So both Borland's code and the BIOS are *missing* scan codes.
>
> How does that result in Borland seeing *multiple* cursor key
> press/release sequences?

Actually I wondered about the same thing while I wrote my previous
answer... I'm not exactly sure, but it seems to happen like this: the
cursor keys generate two scan codes - E0h and the real scan code in
this order. Somehow the second IRQ seems to happen although its value
has already been consumed by the first interrupt handler activation,
and during the second invocation the handler will just get repetitions
of the last value read. Apparently the scan code for the cursor keys
is interpreted as cursor movement regardless if E0h appeared earlier
or not.

Another symptom is that when typing text inside Turbo Pascal, about
1/3 - 1/4 of the characters typed are doubled randomly.

> But detecting the particular sequence used by Borland code and the
> BIOS together is a hack.

Yes, it is a hack. But it's not only Borland - there are some reports
about some other software in various places as well. The VirtualBox
cases [1] and [2] mention some more, and then there is a post in a
german discussion board[3] (the linked post is written in english)
about this strange "OS"[4]. The german one is interesting, although
I'm not sure if his observations are correct. There is another one a
few posts further down which states that the problem had already been
discussed on the FreeDOS mailing list and is known to "the QEMU
developers". Well, it must have been known to Fabrice Bellard when he
first created it.

> I'm not surprised that, as you say, other
> DOS keyboard drivers remain broken after the patch.

Apparently, DOS keyboard drivers don't normally lock and unlock the
keyboard like the Bochs BIOS does.

> If it goes in, the patch should include a very clear comment that the
> "held" value and detecting the disable/read/enable sequence is only a
> workaround for what Borland does and also depends on the BIOS
> sequence, and is not a correct emulation in general.

I agree, and there's already an "XXX" in that file stating that there
should be a timer[5], although I don't completely understand that
comment - I don't see how that would help because this function gets
called every time the keyboard is re-enabled by the BIOS handler.
Bochs does the timer thing correctly. I don't know how complicated it
would be to add the timer to QEMU, but I expect it would have been
done already if it were easy.The hack at least improves matters a bit.

[1] http://www.virtualbox.org/ticket/58
[2] http://www.virtualbox.org/ticket/1599
[3] http://dwforum.wcx-network.com/viewtopic.php?p=3D2266#2266
[4] http://www.deskwork.de/FOTOS/
[5] http://git.savannah.gnu.org/cgit/qemu.git/tree/hw/pckbd.c?id=3D2a1704a7=
1d851624175509a2b15a000dcc7c0386#n132