Index: trunk/i386/libsaio/console.c
===================================================================
--- trunk/i386/libsaio/console.c	(revision 2806)
+++ trunk/i386/libsaio/console.c	(revision 2807)
@@ -266,6 +266,7 @@
 			vprf(fmt, ap);
 		}
 	}
+	va_end(ap);
 
 	{
 		// Kabyl: BooterLog
@@ -280,11 +281,12 @@
 		}
 		pi.str = cursor;
 		pi.last_str = 0;
+		va_start(ap, fmt);
 		prf(fmt, ap, sputc, &pi);
+		va_end(ap);
 		cursor +=  strlen((char *)cursor);
 	}
 
-	va_end(ap);
 	return(0);
 }
 
@@ -301,6 +303,7 @@
 	{
 		vprf(fmt, ap);
 	}
+	va_end(ap);
 
 	// Kabyl: BooterLog
 	struct putc_info pi;
@@ -317,10 +320,11 @@
 
 	pi.str = cursor;
 	pi.last_str = 0;
+	va_start(ap, fmt);
 	prf(fmt, ap, sputc, &pi);
+	va_end(ap);
 	cursor +=  strlen((char *)cursor);
 
-	va_end(ap);
 	return(0);
 }
 
Index: trunk/i386/libsaio/fake_efi.c
===================================================================
--- trunk/i386/libsaio/fake_efi.c	(revision 2806)
+++ trunk/i386/libsaio/fake_efi.c	(revision 2807)
@@ -87,6 +87,9 @@
 EFI_UINT32 getCPUTick(void)
 {
 	uint32_t out;
+	/*
+	 * Note: shl $32, %edx leaves 0 in %edx, and or to %eax does nothing - zenith432
+	 */
 	__asm__ volatile (
 		"rdtsc\n"
 		"shl $32,%%edx\n"
@@ -772,10 +775,16 @@
 				// shr		$0x8,	%rcx
 				rdx = (cpuTick >> 0x10);					// mov		%rax,	%rdx
 				// shr		$0x10,	%rdx
-				rdi = rsi;							// mov		%rsi,	%rdi
+				/*
+				 * Note: In x86 assembly, rXX is upper part of eXX register.
+				 *   In C they're different variables.
+				 *   The code is identical with or without RANDOMSEED. - zenith432
+				 */
+				rdi = rsi = esi;						// mov		%rsi,	%rdi
 				rdi = (rdi ^ cpuTick);						// xor		%rax,	%rdi
 				rdi = (rdi ^ rcx);						// xor		%rcx,	%rdi
 				rdi = (rdi ^ rdx);						// xor		%rdx,	%rdi
+				edi = (EFI_UINT32) rdi;
 
 				seedBuffer[index] = (rdi & 0xff);				// mov		%dil,	(%r15,%r12,1)
 #endif
Index: trunk/i386/boot2/boot.c
===================================================================
--- trunk/i386/boot2/boot.c	(revision 2806)
+++ trunk/i386/boot2/boot.c	(revision 2807)
@@ -495,9 +495,11 @@
 // own things, and then calls common_boot.
 void boot(int biosdev)
 {
-	initialize_runtime();
 	// Enable A20 gate before accessing memory above 1Mb.
+	// Note: malloc_init(), called via initialize_runtime() writes
+	//   memory >= 1Mb, so A20 must be enabled before calling it. - zenith432
 	enableA20();
+	initialize_runtime();
 	common_boot(biosdev);
 }
 
Index: trunk/i386/config/confdata.c
===================================================================
--- trunk/i386/config/confdata.c	(revision 2806)
+++ trunk/i386/config/confdata.c	(revision 2807)
@@ -81,6 +81,7 @@
 	va_start(ap, fmt);
 	if (conf_message_callback)
 		conf_message_callback(fmt, ap);
+	va_end(ap);
 }
 
 const char *conf_get_configname(void)
Index: trunk/i386/libsa/zalloc.c
===================================================================
--- trunk/i386/libsa/zalloc.c	(revision 2806)
+++ trunk/i386/libsa/zalloc.c	(revision 2807)
@@ -75,7 +75,7 @@
 	zalloc_base         = start ? start : (char *)ZALLOC_ADDR;
 	totalNodes          = nodes ? nodes : ZALLOC_NODES;
 	zalloced            = (zmem *) zalloc_base;
-	zavailable          = (zmem *) zalloc_base + sizeof(zmem) * totalNodes;
+	zavailable          = (zmem *) (zalloc_base + sizeof(zmem) * totalNodes);
 	zavailable[0].start = (char *)zavailable + sizeof(zmem) * totalNodes;
 
 	if (size == 0)
Index: branches/zenith432/i386/libsaio/console.c
===================================================================
--- branches/zenith432/i386/libsaio/console.c	(revision 2806)
+++ branches/zenith432/i386/libsaio/console.c	(revision 2807)
@@ -266,6 +266,7 @@
 			vprf(fmt, ap);
 		}
 	}
+	va_end(ap);
 
 	{
 		// Kabyl: BooterLog
@@ -280,11 +281,12 @@
 		}
 		pi.str = cursor;
 		pi.last_str = 0;
+		va_start(ap, fmt);
 		prf(fmt, ap, sputc, &pi);
+		va_end(ap);
 		cursor +=  strlen((char *)cursor);
 	}
 
-	va_end(ap);
 	return(0);
 }
 
@@ -301,6 +303,7 @@
 	{
 		vprf(fmt, ap);
 	}
+	va_end(ap);
 
 	// Kabyl: BooterLog
 	struct putc_info pi;
@@ -317,10 +320,11 @@
 
 	pi.str = cursor;
 	pi.last_str = 0;
+	va_start(ap, fmt);
 	prf(fmt, ap, sputc, &pi);
+	va_end(ap);
 	cursor +=  strlen((char *)cursor);
 
-	va_end(ap);
 	return(0);
 }
 
Index: branches/zenith432/i386/libsaio/fake_efi.c
===================================================================
--- branches/zenith432/i386/libsaio/fake_efi.c	(revision 2806)
+++ branches/zenith432/i386/libsaio/fake_efi.c	(revision 2807)
@@ -87,6 +87,9 @@
 EFI_UINT32 getCPUTick(void)
 {
 	uint32_t out;
+	/*
+	 * Note: shl $32, %edx leaves 0 in %edx, and or to %eax does nothing - zenith432
+	 */
 	__asm__ volatile (
 		"rdtsc\n"
 		"shl $32,%%edx\n"
@@ -768,16 +771,22 @@
 
 				seedBuffer[index] = (edi & 0xff);
 #else
-				ecx = (cpuTick >> 8);						// mov		%rax,	%rcx
+				rcx = (cpuTick >> 8);						// mov		%rax,	%rcx
 				// shr		$0x8,	%rcx
-				edx = (cpuTick >> 0x10);					// mov		%rax,	%rdx
+				rdx = (cpuTick >> 0x10);					// mov		%rax,	%rdx
 				// shr		$0x10,	%rdx
-				edi = esi;							// mov		%rsi,	%rdi
-				edi = (edi ^ cpuTick);						// xor		%rax,	%rdi
-				edi = (edi ^ ecx);						// xor		%rcx,	%rdi
-				edi = (edi ^ edx);						// xor		%rdx,	%rdi
+				/*
+				 * Note: In x86 assembly, rXX is upper part of eXX register.
+				 *   In C they're different variables.
+				 *   The code is identical with or without RANDOMSEED. - zenith432
+				 */
+				rdi = rsi = esi;						// mov		%rsi,	%rdi
+				rdi = (rdi ^ cpuTick);						// xor		%rax,	%rdi
+				rdi = (rdi ^ rcx);						// xor		%rcx,	%rdi
+				rdi = (rdi ^ rdx);						// xor		%rdx,	%rdi
+				edi = (EFI_UINT32) rdi;
 
-				seedBuffer[index] = (edi & 0xff);				// mov		%dil,	(%r15,%r12,1)
+				seedBuffer[index] = (rdi & 0xff);				// mov		%dil,	(%r15,%r12,1)
 #endif
 				edi = (edi & 0x2f);						// and		$0x2f,	%edi
 				edi = (edi + esi);						// add		%esi,	%edi
Index: branches/zenith432/i386/boot2/boot.c
===================================================================
--- branches/zenith432/i386/boot2/boot.c	(revision 2806)
+++ branches/zenith432/i386/boot2/boot.c	(revision 2807)
@@ -495,9 +495,11 @@
 // own things, and then calls common_boot.
 void boot(int biosdev)
 {
-	initialize_runtime();
 	// Enable A20 gate before accessing memory above 1Mb.
+	// Note: malloc_init(), called via initialize_runtime() writes
+	//   memory >= 1Mb, so A20 must be enabled before calling it. - zenith432
 	enableA20();
+	initialize_runtime();
 	common_boot(biosdev);
 }
 
Index: branches/zenith432/i386/config/confdata.c
===================================================================
--- branches/zenith432/i386/config/confdata.c	(revision 2806)
+++ branches/zenith432/i386/config/confdata.c	(revision 2807)
@@ -81,6 +81,7 @@
 	va_start(ap, fmt);
 	if (conf_message_callback)
 		conf_message_callback(fmt, ap);
+	va_end(ap);
 }
 
 const char *conf_get_configname(void)
Index: branches/zenith432/i386/libsa/zalloc.c
===================================================================
--- branches/zenith432/i386/libsa/zalloc.c	(revision 2806)
+++ branches/zenith432/i386/libsa/zalloc.c	(revision 2807)
@@ -75,7 +75,7 @@
 	zalloc_base         = start ? start : (char *)ZALLOC_ADDR;
 	totalNodes          = nodes ? nodes : ZALLOC_NODES;
 	zalloced            = (zmem *) zalloc_base;
-	zavailable          = (zmem *) zalloc_base + sizeof(zmem) * totalNodes;
+	zavailable          = (zmem *) (zalloc_base + sizeof(zmem) * totalNodes);
 	zavailable[0].start = (char *)zavailable + sizeof(zmem) * totalNodes;
 
 	if (size == 0)