Updated drivers for Windows XP SP3 and Windows 2003 SP2 (x32/x64) for modern hardware

**reboot12** · February 27

12 minutes ago, Dietmar said:

If you want to make your driver work or just for to understand what is going on, lets continue

OK, but how is it supposed to work when I see v1k_16x16_meguard: LinkState -> UP 100Mb FD message in WinDbg and the WinXP connection properties show 1.0 Gbps ??? In your versions drivers before you back to ring - speed is 100 Mbps

i219v1k 2 - https://pastebin.com/U55u2N16

Edited February 27 by reboot12

**reboot12** · February 27

@Dietmar

From version i219bind speed is detected as 100 Mbps:

https://msfn.org/board/topic/183464-compiling-acpi-v20-driver-for-windows-xp-sp3-and-windows-2003-sp2-x32x64/page/161/#findComment-1285588

After you back to version ring speed is back to 1.0 Gbps

Edited February 27 by reboot12

**Dietmar** · February 27

@reboot12

Yes, I go back to my very first working driver v1.

Yes — this is the best log so far.
It gives you a direct code-level culprit.

The biggest advantage

We now see that I219PhyEnsureAutonegAll() is the function that is crippling the PHY advertisement.

From the MDIC writes:

It reads reg 4 (ANAR) and gets 0x0d01

Then it writes reg 4 back as 0x0d01

It reads reg 9 (GBCR) and gets 0x0000

Then it writes reg 9 back as 0x0000

It reads reg 0 (BMCR) and gets 0x3100

Then it writes reg 0 as 0x3300 (basically “restart autoneg” on top of the old state)

That means:

ANAR = 0x0d01 = not “all”; it is effectively a crippled 10/100 advertisement, and in practice you are landing on 100 Mb FD

GBCR = 0x0000 = no 1000BASE-T advertisement at all

Then autoneg is restarted with that crippled advertisement

So the function named EnsureAutonegAll is not actually enabling all modes on this machine.

That exactly matches the observed link:

LinkState -> UP 100Mb FD

Second big result

TXRX_OUT proves the ring programming is correct:

RCTL = 04008012 → RX enabled

RDBAL = 0x0aa9b100 → matches allocated RX desc physical address

RDLEN = 0x00000100 → 16 descriptors × 16 bytes = correct

RDH = 0

RDT = 0x0f → tail posted correctly

RXDCTL = 03040420 → queue enabled/configured

TDBAL = 0x0aa9b000 → matches TX desc physical address

TDLEN = 0x00000100 → correct

So:

RX/TX setup code is fine

Descriptor base/length/tail are fine

the failure is not in ring initialization

What this means now

You now have two separate facts:

PHY advertisement is wrong by code
Your driver is explicitly leaving:

no gigabit advertisement

reduced 10/100 advertisement

Even after correct ring setup, RDH stays 0
So frames still are not being DMA’d into RX descriptors

The first one is now a clear, concrete bug I can patch immediately.

The most likely next fix

The first place to patch is I219PhyEnsureAutonegAll().

For a test build, it should force proper autoneg advertisement, not preserve the broken values.

What it should roughly do:

ANAR: advertise normal 10/100 capabilities, not just the current crippled set
A good test value is 0x0DE1 (10/100 half/full + pause/selector)

GBCR: advertise 1000 Full
A good test value is at least 0x0200

BMCR: restart autoneg in a clean way
Better to use a clean autoneg state than preserve the old forced bits

So the current logic:

“read current ANAR/GBCR”

“write them back unchanged”

“restart autoneg”

is very likely wrong on this LM/15BB board.

One more useful clue

CTRLKICK_OUT changes:

CTRL from 00180240 to 00100240

register at 0x0018 from 815a1027 to 915a1027

So the ME-guard / ctrlkick path is doing something real, not nothing.
That is good: the handoff path is active.

The main problem is now much more likely the PHY programming values, means Power Saving.

I make a new driver and send to you

Dietmar

**reboot12** · February 27

OK, who else but me should help solve the problem, I guess I'm a good tester

**Dietmar** · February 27

@reboot12

Here is the next driver, version v1l. And make use of this new KD block, good luck Dietmar

https://www.upload.ee/files/19114850/i219v1l.zip.html

sxd ud
bc *
bu i219!I219MiniportInitialize ".echo INIT; gc"
bu i219!I219DoCtrlKickLate "r $t0=poi(@esp+4); r $t1=poi($t0+0xDC); r $t2=poi(@esp); .echo CTRLKICK_IN; .printf \"regs=%p ret=%p\n\", $t1, $t2; dd $t1+0x0000 L1; dd $t1+0x0008 L1; dd $t1+0x0018 L1; bp /1 @$t2 \".echo CTRLKICK_OUT; dd @$t1+0x0000 L1; dd @$t1+0x0008 L1; dd @$t1+0x0018 L1; gc\"; gc"
bu i219!I219TxRxStart "r $t0=poi(@esp+4); r $t1=poi($t0+0xDC); r $t2=poi(@esp); .echo TXRX_IN; .printf \"regs=%p ret=%p\n\", $t1, $t2; dd $t1+0x0100 L1; dd $t1+0x0400 L1; dd $t1+0x2800 L3; dd $t1+0x2810 L1; dd $t1+0x2818 L1; dd $t1+0x2828 L1; dd $t1+0x3800 L3; dd $t1+0x3810 L1; dd $t1+0x3818 L1; dd $t1+0x3828 L1; bp /1 @$t2 \".echo TXRX_OUT; dd @$t1+0x0100 L1; dd @$t1+0x0400 L1; dd @$t1+0x2800 L3; dd @$t1+0x2810 L1; dd @$t1+0x2818 L1; dd @$t1+0x2828 L1; dd @$t1+0x3800 L3; dd @$t1+0x3810 L1; dd @$t1+0x3818 L1; dd @$t1+0x3828 L1; gc\"; gc"
bu i219!I219MiniportHandleInterrupt ".echo HINT; gc"
bu i219!I219MiniportSendPackets "r $t0=poi(@esp+4); r $t1=poi($t0+0xDC); .printf \"SEND CNT=%u regs=%p\n\", poi(@esp+0x0c), $t1; dd $t1+0x3808 L1; dd $t1+0x3810 L1; dd $t1+0x3818 L1; dd $t1+0x3828 L1; gc"
bu i219!I219RxPoll "r $t0=poi(@esp+4); r $t1=poi($t0+0xDC); .printf \"RXPOLL regs=%p\n\", $t1; dd $t1+0x0100 L1; dd $t1+0x2800 L3; dd $t1+0x2810 L1; dd $t1+0x2818 L1; dd $t1+0x2828 L1; gc"
bu ndis!EthFilterDprIndicateReceive ".echo NDIS_RX; gc"
bu ndis!EthFilterDprIndicateReceiveComplete ".echo NDIS_RXC; gc"
g

**reboot12** · February 27

i219v1l - https://pastebin.com/nXvAem01

In normal boot mode WinXP still detect 1.0 Gbps

Edited February 27 by reboot12

**Dietmar** · February 27

@reboot12

Let the compi, where not Windbg runs,

go until to the desktop. For this you need the full KD block, last time you cancelled the first line.

Very funny, your router makes now 100 MB, but my falls back to 10MB.

Anyway, ping from your compi, where Windbg NOT runs your router.

And ping also from the compi, where Windbg runs, your debugged compi

Dietmar

sxd ud
bc *
bu i219!I219MiniportHandleInterrupt ".echo HINT; gc"
bu i219!I219MiniportSendPackets "r $t0=poi(@esp+4); r $t1=poi($t0+0xDC); .printf \"SEND CNT=%u regs=%p\n\", poi(@esp+0x0c), $t1; dd $t1+0x0008 L1; dd $t1+0x3808 L1; dd $t1+0x3810 L1; dd $t1+0x3818 L1; dd $t1+0x3828 L1; gc"
bu i219!I219RxPoll "r $t0=poi(@esp+4); r $t1=poi($t0+0xDC); .printf \"RXPOLL regs=%p\n\", $t1; dd $t1+0x0008 L1; dd $t1+0x0100 L1; dd $t1+0x2800 L3; dd $t1+0x2810 L1; dd $t1+0x2818 L1; dd $t1+0x2828 L1; gc"
bu ndis!EthFilterDprIndicateReceive ".echo NDIS_RX; gc"
bu ndis!EthFilterDprIndicateReceiveComplete ".echo NDIS_RXC; gc"
g

**reboot12** · February 27

20 minutes ago, Dietmar said:

last time you cancelled the first line.

But I always do it before run your code:

sxe ld:i219
sxe ud:i219
g
.reload /f i219.sys
lm m i219

So I need make one more time execute sxe ud command ???

OK, this is with sxe ud log - https://pastebin.com/aytXfWDY

I can't ping when WinDbg is running because I don't have a desktop, only a black screen - in WinDbg I get endless messages:

RXPOLL regs=b9785000 b9785008  00080643
b9785100  0400801a
b9787800  0a863100 00000000 00000100
b9787810  00000000
b9787818  0000000f
b9787828  03040420

Edited February 27 by reboot12

**Dietmar** · February 27

@reboot12

Ok, Tx (means sending) is now up.

But Rx (receive) still down.

Here is next KD block for to check registers.

Ping both compis each other and to router

Dietmar

sxd ud
bc *
bu i219!I219TxRxStart "r @$t7=poi(poi(@esp+4)+0xDC); .printf \"REGS=%p\n\", @$t7; gc"
bu i219!I219MiniportHandleInterrupt ".echo HINT; dd @$t7+0x0008 L1; dd @$t7+0x2810 L1; dd @$t7+0x2818 L1; dd @$t7+0x3810 L1; dd @$t7+0x3818 L1; gc"
bu i219!I219MiniportSendPackets "r $t0=poi(@esp+4); r $t1=poi($t0+0xDC); r $t2=poi(@esp); .printf \"SEND_IN CNT=%u regs=%p\n\", poi(@esp+0x0c), $t1; bp /1 @$t2 \".echo SEND_OUT; dd @$t7+0x0008 L1; dd @$t7+0x2810 L1; dd @$t7+0x2818 L1; dd @$t7+0x3810 L1; dd @$t7+0x3818 L1; gc\"; gc"
bu ndis!EthFilterDprIndicateReceive ".echo NDIS_RX; gc"
bu ndis!EthFilterDprIndicateReceiveComplete ".echo NDIS_RXC; gc"
g

Edited February 27 by Dietmar

**reboot12** · February 27

@Dietmar

Now WinXP boot into desktop in WinDbg mode.

i219v1l log - https://pastebin.com/4V5GDJt3

If ping to router then nothing happens (0 sent packets) - Request timed out

If ping from router to i219 (I use laptop to access router Web interface) - Request timed out

**Dietmar** · February 27

@reboot12

I send you a new driver in 5 min. Use also the new KD Block

Dietmar

**Dietmar** · February 27

@reboot12

Here it is:

https://www.upload.ee/files/19115066/i219v1m.zip.html

sxd ud
bc *
bu i219!I219TxRxStart "r $t0=poi(@esp+4); r $t1=poi($t0+0xDC); r $t2=poi(@esp); .printf \"TXRX_IN regs=%p ret=%p\n\", $t1, $t2; bp /1 @$t2 \".echo TXRX_OUT; dd @$t1+0x0008 L1; dd @$t1+0x2800 L4; dd @$t1+0x2810 L1; dd @$t1+0x2818 L1; dd @$t1+0x2828 L1; dd @$t1+0x3000 L1; dd @$t1+0x3590 L1; dd @$t1+0x3800 L3; dd @$t1+0x3810 L1; dd @$t1+0x3818 L1; dd @$t1+0x3828 L1; gc\"; gc"
bu i219!I219MiniportSendPackets "r $t0=poi(@esp+4); r $t1=poi($t0+0xDC); .printf \"SEND CNT=%u regs=%p\n\", poi(@esp+0x0c), $t1; dd $t1+0x3000 L1; dd $t1+0x3590 L1; dd $t1+0x2810 L1; dd $t1+0x2818 L1; dd $t1+0x3810 L1; dd $t1+0x3818 L1; gc"
bu i219!I219RxPoll "r $t0=poi(@esp+4); r $t1=poi($t0+0xDC); .printf \"RXPOLL regs=%p\n\", $t1; dd $t1+0x0008 L1; dd $t1+0x280c L1; dd $t1+0x3000 L1; dd $t1+0x2810 L1; dd $t1+0x2818 L1; dd $t1+0x2828 L1; dd $t1+0x3590 L1; dd $t1+0x3810 L1; dd $t1+0x3818 L1; gc"
bu ndis!EthFilterDprIndicateReceive ".echo NDIS_RX; gc"
bu ndis!EthFilterDprIndicateReceiveComplete ".echo NDIS_RXC; gc"
g

**reboot12** · February 27

@Dietmar

i219v1m - https://pastebin.com/6MLivi4L

I Break because endless data:

RXPOLL regs=b9785000 b9785008  00080643
b978780c  00000000
b9788000  00000000
b9787810  00000000
b9787818  0000000f
b9787828  03040420
b9788590  00000000
b9788810  00000000
b9788818  00000003

I can't ping because I don't have a desktop, only a black screen.

Edited February 27 by reboot12

**Dietmar** · February 27

@reboot12

May be, that the bit for DMA is not set.

Here comes new driver and KD code for to check this

Dietmar

https://www.upload.ee/files/19115130/i219v1n.zip.html

sxd ud
bc *
bu i219!I219TxRxStart "r $t0=poi(@esp+4); r $t1=poi($t0+0xDC); r $t2=poi(@esp); .printf \"TXRX_IN regs=%p ret=%p\n\", $t1, $t2; bp /1 @$t2 \".echo TXRX_OUT; dd @$t1+0x0008 L1; dd @$t1+0x0400 L1; dd @$t1+0x2800 L3; dd @$t1+0x2810 L1; dd @$t1+0x2818 L1; dd @$t1+0x2828 L1; dd @$t1+0x3800 L3; dd @$t1+0x3810 L1; dd @$t1+0x3818 L1; dd @$t1+0x3828 L1; gc\"; gc"
bu i219!I219MiniportSendPackets "r $t0=poi(@esp+4); r $t1=poi($t0+0xDC); .printf \"SEND CNT=%u regs=%p\n\", poi(@esp+0x0c), $t1; dd $t1+0x0008 L1; dd $t1+0x0400 L1; dd $t1+0x2810 L1; dd $t1+0x2818 L1; dd $t1+0x3810 L1; dd $t1+0x3818 L1; dd $t1+0x3828 L1; gc"
bu i219!I219RxPoll "r $t0=poi(@esp+4); r $t1=poi($t0+0xDC); .printf \"RXPOLL regs=%p\n\", $t1; dd $t1+0x0008 L1; dd $t1+0x0400 L1; dd $t1+0x2810 L1; dd $t1+0x2818 L1; dd $t1+0x2828 L1; dd $t1+0x3810 L1; dd $t1+0x3818 L1; dd $t1+0x3828 L1; gc"
bu ndis!EthFilterDprIndicateReceive ".echo NDIS_RX; gc"
bu ndis!EthFilterDprIndicateReceiveComplete ".echo NDIS_RXC; gc"
g

**reboot12** · February 27

@Dietmar

i219v1n - https://pastebin.com/DpusuAen

Sign In

Updated drivers for Windows XP SP3 and Windows 2003 SP2 (x32/x64) for modern hardware

Recommended Posts

reboot12

reboot12

Dietmar

reboot12

Dietmar

reboot12

Dietmar

reboot12

Dietmar

reboot12

Dietmar

Dietmar

reboot12

Dietmar

reboot12

Create an account or sign in to comment

Create an account

Sign in

Recently Browsing 1 member

Activity

Browse