Page 2 of 2

Re: PCI BIOS32 SET_PCI_IRQ call fails

Posted: Thu Jun 08, 2023 6:24 am
by korneliuszo
I've replaced value at addres 0xFD7B1 to 0xCC and it doesn't trigger INT3

dump of PCI bus:

Code: Select all

{'supported': True, 'mode1': True, 'mode2': False, 'maxbus': 3}
? !!python/tuple
- 0
- 0
- 0
: bar0:
    address: 0
    addresshex: '0x00000000'
    prefechable: false
    type: memory
    typemem: 0
  bar1:
    address: 0
    addresshex: '0x00000000'
    prefechable: false
    type: memory
    typemem: 0
  bar2:
    address: 0
    addresshex: '0x00000000'
    prefechable: false
    type: memory
    typemem: 0
  bar3:
    address: 0
    addresshex: '0x00000000'
    prefechable: false
    type: memory
    typemem: 0
  bar4:
    address: 0
    addresshex: '0x00000000'
    prefechable: false
    type: memory
    typemem: 0
  bar5:
    address: 0
    addresshex: '0x00000000'
    prefechable: false
    type: memory
    typemem: 0
  bist: 0
  cacheline: 0
  capsptr: 0
  cisptr: 0
  cisptrhex: '0x00000000'
  class: 6
  command: 7
  exprom: 0
  expromhex: '0x00000000'
  headertype: 0
  intline: 0
  intpin: 0
  latency: 0
  maxlatency: 0
  mingrant: 0
  pid: '0xc701'
  progif: 0
  revid: 50
  status: 640
  subclass: 0
  subid: 1
  subvid: 5017
  vid: '0x1045'
? !!python/tuple
- 0
- 1
- 0
: bar0:
    address: 0
    addresshex: '0x00000000'
    prefechable: false
    type: memory
    typemem: 0
  bar1:
    address: 0
    addresshex: '0x00000000'
    prefechable: false
    type: memory
    typemem: 0
  bar2:
    address: 0
    addresshex: '0x00000000'
    prefechable: false
    type: memory
    typemem: 0
  bar3:
    address: 0
    addresshex: '0x00000000'
    prefechable: false
    type: memory
    typemem: 0
  bar4:
    address: 0
    addresshex: '0x00000000'
    prefechable: false
    type: memory
    typemem: 0
  bar5:
    address: 0
    addresshex: '0x00000000'
    prefechable: false
    type: memory
    typemem: 0
  bist: 0
  cacheline: 0
  capsptr: 0
  cisptr: 0
  cisptrhex: '0x00000000'
  class: 6
  command: 7
  exprom: 0
  expromhex: '0x00000000'
  headertype: 0
  intline: 0
  intpin: 0
  latency: 0
  maxlatency: 0
  mingrant: 0
  pid: '0xc700'
  progif: 0
  revid: 49
  status: 640
  subclass: 1
  subid: 1
  subvid: 5017
  vid: '0x1045'
? !!python/tuple
- 0
- 2
- 0
: bist: 0
  brctlr: 1920
  cacheline: 0
  cbbusn: 1
  cblat: 32
  cbsockbaseaddr: 167772160
  class: 6
  command: 7
  headertype: 130
  intline: 255
  intpin: 1
  iobaseaddr0: 0
  iobaseaddr0hex: '0x00000000'
  iobaseaddr1: 0
  iobaseaddr1hex: '0x00000000'
  iolimaddr0: 0
  iolimaddr0hex: '0x00000000'
  iolimaddr1: 0
  iolimaddr1hex: '0x00000000'
  latency: 32
  legacy16bitpcbaseaddr: 993
  membaseaddr0: 0
  membaseaddr0hex: '0x00000000'
  membaseaddr1: 0
  membaseaddr1hex: '0x00000000'
  memlimaddr0: 0
  memlimaddr0hex: '0x00000000'
  memlimaddr1: 0
  memlimaddr1hex: '0x00000000'
  offsetcapslist: 220
  pcibusn: 0
  pid: '0x0476'
  progif: 0
  revid: 2
  secstat: 512
  status: 528
  subbus: 1
  subclass: 7
  subid: 1
  subvid: 5017
  vid: '0x1180'
? !!python/tuple
- 0
- 2
- 1
: bist: 0
  brctlr: 1920
  cacheline: 0
  cbbusn: 2
  cblat: 32
  cbsockbaseaddr: 167776256
  class: 6
  command: 7
  headertype: 130
  intline: 255
  intpin: 2
  iobaseaddr0: 0
  iobaseaddr0hex: '0x00000000'
  iobaseaddr1: 0
  iobaseaddr1hex: '0x00000000'
  iolimaddr0: 0
  iolimaddr0hex: '0x00000000'
  iolimaddr1: 0
  iolimaddr1hex: '0x00000000'
  latency: 32
  legacy16bitpcbaseaddr: 993
  membaseaddr0: 0
  membaseaddr0hex: '0x00000000'
  membaseaddr1: 0
  membaseaddr1hex: '0x00000000'
  memlimaddr0: 0
  memlimaddr0hex: '0x00000000'
  memlimaddr1: 0
  memlimaddr1hex: '0x00000000'
  offsetcapslist: 220
  pcibusn: 0
  pid: '0x0476'
  progif: 0
  revid: 2
  secstat: 512
  status: 528
  subbus: 2
  subclass: 7
  subid: 1
  subvid: 5017
  vid: '0x1180'
? !!python/tuple
- 0
- 3
- 0
: bar0:
    address: 536870912
    addresshex: '0x20000000'
    prefechable: false
    type: memory
    typemem: 0
  bar1:
    address: 0
    addresshex: '0x00000000'
    prefechable: false
    type: memory
    typemem: 0
  bar2:
    address: 0
    addresshex: '0x00000000'
    prefechable: false
    type: memory
    typemem: 0
  bar3:
    address: 0
    addresshex: '0x00000000'
    prefechable: false
    type: memory
    typemem: 0
  bar4:
    address: 0
    addresshex: '0x00000000'
    prefechable: false
    type: memory
    typemem: 0
  bar5:
    address: 0
    addresshex: '0x00000000'
    prefechable: false
    type: memory
    typemem: 0
  bist: 0
  cacheline: 0
  capsptr: 0
  cisptr: 0
  cisptrhex: '0x00000000'
  class: 3
  command: 131
  exprom: 536870912
  expromhex: '0x20000000'
  headertype: 0
  intline: 0
  intpin: 0
  latency: 0
  maxlatency: 0
  mingrant: 0
  pid: '0x00e5'
  progif: 0
  revid: 198
  status: 640
  subclass: 0
  subid: 1
  subvid: 5017
  vid: '0x102c'
? !!python/tuple
- 0
- 4
- 0
: bist: 0
  brctlr: 1920
  cacheline: 0
  cbbusn: 3
  cblat: 32
  cbsockbaseaddr: 0
  class: 6
  command: 7
  headertype: 2
  intline: 255
  intpin: 1
  iobaseaddr0: 0
  iobaseaddr0hex: '0x00000000'
  iobaseaddr1: 0
  iobaseaddr1hex: '0x00000000'
  iolimaddr0: 0
  iolimaddr0hex: '0x00000000'
  iolimaddr1: 0
  iolimaddr1hex: '0x00000000'
  latency: 32
  legacy16bitpcbaseaddr: 993
  membaseaddr0: 0
  membaseaddr0hex: '0x00000000'
  membaseaddr1: 0
  membaseaddr1hex: '0x00000000'
  memlimaddr0: 0
  memlimaddr0hex: '0x00000000'
  memlimaddr1: 0
  memlimaddr1hex: '0x00000000'
  offsetcapslist: 220
  pcibusn: 0
  pid: '0x0475'
  progif: 0
  revid: 0
  secstat: 512
  status: 528
  subbus: 3
  subclass: 7
  subid: 1
  subvid: 5017
  vid: '0x1180'
? !!python/tuple
- 0
- 5
- 0
: bar0:
    address: 0
    addresshex: '0x00000000'
    prefechable: false
    type: memory
    typemem: 0
  bar1:
    address: 0
    addresshex: '0x00000000'
    prefechable: false
    type: memory
    typemem: 0
  bar2:
    address: 0
    addresshex: '0x00000000'
    prefechable: false
    type: memory
    typemem: 0
  bar3:
    address: 0
    addresshex: '0x00000000'
    prefechable: false
    type: memory
    typemem: 0
  bar4:
    address: 0
    addresshex: '0x00000000'
    prefechable: false
    type: memory
    typemem: 0
  bar5:
    address: 0
    addresshex: '0x00000000'
    prefechable: false
    type: memory
    typemem: 0
  bist: 0
  cacheline: 0
  capsptr: 0
  cisptr: 0
  cisptrhex: '0x00000000'
  class: 12
  command: 0
  exprom: 0
  expromhex: '0x00000000'
  headertype: 0
  intline: 255
  intpin: 1
  latency: 0
  maxlatency: 0
  mingrant: 0
  pid: '0xc861'
  progif: 16
  revid: 16
  status: 640
  subclass: 3
  subid: 1
  subvid: 5017
  vid: '0x1045'
? !!python/tuple
- 0
- 20
- 0
: bar0:
    address: 0
    addresshex: '0x00000000'
    prefechable: false
    type: memory
    typemem: 0
  bar1:
    address: 0
    addresshex: '0x00000000'
    prefechable: false
    type: memory
    typemem: 0
  bar2:
    address: 0
    addresshex: '0x00000000'
    prefechable: false
    type: memory
    typemem: 0
  bar3:
    address: 0
    addresshex: '0x00000000'
    prefechable: false
    type: memory
    typemem: 0
  bar4:
    address: 4096
    addresshex: '0x00001000'
    type: io
  bar5:
    address: 0
    addresshex: '0x00000000'
    prefechable: false
    type: memory
    typemem: 0
  bist: 0
  cacheline: 0
  capsptr: 0
  cisptr: 0
  cisptrhex: '0x00000000'
  class: 1
  command: 5
  exprom: 0
  expromhex: '0x00000000'
  headertype: 0
  intline: 0
  intpin: 0
  latency: 0
  maxlatency: 0
  mingrant: 0
  pid: '0xd568'
  progif: 130
  revid: 48
  status: 640
  subclass: 1
  subid: 1
  subvid: 5017
  vid: '0x1045'

Re: PCI BIOS32 SET_PCI_IRQ call fails

Posted: Thu Jun 08, 2023 10:20 pm
by Octocontrabass
korneliuszo wrote:I've replaced value at addres 0xFD7B1 to 0xCC and it doesn't trigger INT3
How did you do that? The BIOS is read-only. Writes will be ignored by the chipset. Writes might not be ignored by the cache, so the BIOS might appear to be writable if you don't flush the cache between writing and reading.
korneliuszo wrote:dump of PCI bus:
Hmm, no bridges. I really don't understand why it doesn't work.

Can you set execution breakpoints at 0xDC22, 0xDCC4, and 0xDCD0? The BIOS will hit one of those breakpoints according to the cause of the problem (0xDC22 if your parameters are out of range, 0xDCC4 if your parameters are not allowed by $PIR, or 0xDCD0 for any other reason).

Re: PCI BIOS32 SET_PCI_IRQ call fails

Posted: Fri Jun 09, 2023 6:50 am
by korneliuszo
it only breakpoints on 0xfdcc4

Code: Select all

b'DBG!!!'
b'DR6: 0xFFFF0FF1'
b'EIP: 0x000FDCC4'
b'CS: 0x00000008'
b'EFLAGS: 0x00000046'
b'EAX: 0x00000000'
b'EBX: 0x00005EB8'
b'ECX: 0x000FDF12'
b'EDX: 0x00140010'
b'ESI: 0x000F4050'
b'EDI: 0x001478E8'
b'EBP: 0x00147910'
b'DS: 0x00000010'
b'ES: 0x00000010'
b'FS: 0x00000010'
b'GS: 0x00000010'

Re: PCI BIOS32 SET_PCI_IRQ call fails

Posted: Fri Jun 09, 2023 11:57 am
by Octocontrabass
Thanks for that information. I found a bug in the BIOS code. It overwrites one of the parameters with an invalid value, so IRQ routing always fails.

The same bug doesn't seem to be present in the 16-bit version of this function, so you may be able to use that instead.

Windows probably used ACPI or a chipset driver. The link field in the $PIR table would tell the chipset driver which pin is connected to that PCI interrupt line. (A datasheet for this chipset is available, if you're interested...)

Re: PCI BIOS32 SET_PCI_IRQ call fails

Posted: Fri Jun 09, 2023 1:17 pm
by korneliuszo
It works with win98 setup to use BIOS calls.

I will rewrite to use 16bit call in V86 mode - it should be easy as I already have enviroment for such calls ready.