Programmer Archeology

Last Saturday, I decided to hold a “subbotnik” and finally put things in order on the shelves and in the closets.

In the old boxes, among all sorts of different equipment, different boards, the developer of whales and packs of old disks discovered several interesting instances of devices, just real artifacts of antiquity. A whole story is connected with these artifacts, which I would like to tell.
')
Here is how it was. In the far-distant year, we received an order for the development of firmware for the Cypress CY7C63723 microcircuit. It was such a PS / 2-USB microcontroller. Task: write the firmware for this chip. But there was one nuance. The chip is designed to convert the protocol from PS / 2 to USB, and it was necessary to connect two PS / 2 devices, that is, you need to connect a PS / 2 mouse and a PS / 2 keyboard using one such USB chip converter. The chip would have to be installed on the Jetway motherboard (if memory serves).

More precisely, it was even the case: this task was already done by some developer, but something didn’t work for him. We gave him the source and said that we need to urgently fix and redo, but that worked. In addition to the source code of our unfortunate predecessor, then we got this ...



This is a prototype of the Two-PS / 2-to-USB converter, which you had to program. In fact, this is only a mockup, the chip was then installed directly on the motherboard to give an extra mouse and keyboard. It was assumed that this would be a motherboard for two users at the same time, a multi-user computer.



Cypress CY7C63723 Chip Emulator! Such a small microcircuit and such a large emulator. Such are the technologies. Since the chip was disposable, with a one-time firmware (OTP - One Time Programmable), it is impossible to simply and develop the firmware. You can not immediately sew and try - it is too long and wasteful. Therefore, the company Cypress supplied the developers with such strange devices - chip emulators. I compiled the program, loaded it into the emulator of the microcircuit, the simulator of the microcircuit is inserted through the cable into the socket on the board of the future device - you watch how it works. Now I'm not sure, but it seems there was even an in-circuit debugger of the processor.



Here is such a universal programmer. To him were still a couple of dozens of clean Cypress chips, but where are they now?

When I found these glands in old boxes, curiosity appeared. Can I find the source of those programs? How long has it been?

It's all simple now. I now have every new laptop has a hard drive substantially larger than the previous one. It turns out that you buy a laptop and copy an entire old small disk onto its large disk. The first laptop had 90 GB, the second 320 GB, and the last laptop 1 TB. Again - now there are “clouds” and GIT. And then the archives were stored on CDs. Sometimes they recorded several discs just in case, for sure.



Finding old programs on old disks is a real challenge. But - found! Dated 2003 - it was about 13 years ago. Well, on occasion, my advice of the day: "Never sign discs with the phrase Current Versions."

So ... We were in the team for this task were 2 people, we took with all the zeal, although we had no idea about USB or Cypress chips.

To describe the essence of what is happening, I will tell you a little about the CY7C63723 chip. In this microcontroller, there were:

• 14-bit pointer to the executable command PC (Program Counter);
• 8-bit battery, A;
• 8-bit index register, X;
• 8th instruction stack pointer, PSP (Program Stack Pointer);
• 8th data stack pointer, DSP (Data Stack Pointer);

And this is almost all ... well, of course, different ways of addressing - this is understandable. You need to write, of course, in assembler. Of course, inside the microcontroller there is still any peripheral that is traditional for microcontrollers: a timer, GPIO and interrupts from them, a USB function, and so on.

This is me now, considering the old documentation for this chip (I found it on disks), I remember this project and am surprised at this miracle. So that you fully feel the full power of the microcontroller, I will give a fragment of the list of commands:

NOP - 4 bars
INC A - 4 bars
INC X - 4 bars
INC [EXPR] - 7 cycles
INC [X + EXPR] - 8 cycles
ADD A, EXPR - 4 bars
ADD A, [EXPR] - 6 cycles
ADD A, [X + EXPR] - 7 cycles
...

Despite the microcontroller's clock frequency of 12 MHz, in fact, it turned out to be far from fast - all the megahertz ate the clock-to-command.

The most interesting thing is that we were able to quickly figure out how it should work, quickly fixed everything, flashed the first chips, tested it, and the keyboard and mouse work, the LEDs on the CAPS, NUM, LOCK keyboard work. Hooray, everything is fine, everyone is happy and happy!

But no. After a week or two, the customer says it does not work. We are trying to find out - nothing really can be understood. There is an intermediary between us and the end customer. That is, the German company orders us, and the Taiwan company orders them. It is almost impossible to read emails from Taiwan. They are written in “Chinglish” - this is when a person thinks in Chinese, and writes in English - it is difficult to decipher. In the end, we agreed that they will send us a program in which our PS / 2-USB converter does not work. They say that in all programs it works, and specifically in this program it does not.

Well, okay - trying to deflate their test program. The year 2003, we still use a dial-up modem, the connection breaks all the time, the program is very hard to deflate. With some kind of N-th attempt, we extort ... (drum roll) Doom2. But what? Why? How so?

It turns out everything is very simple: you need to often press the keyboard keys to go, run and jump, and simultaneously rotate and shoot with the mouse. And we never did. After all, we tried like all normal people: we tried the keyboard keys - the characters in the editor are typed, then we try the mouse - it drives. Here is the same ...

I had to completely revise the program of the microcontroller. Now, with a detailed analysis, it became clear that with simultaneously flying symbols from both PS / 2 devices, it is extremely difficult to process the DATA and CLK signals on the two ports. I will not give oscillograms of signals here, they can be easily found on the Internet, at least here marsohod.org/11-blog/56-ps2 . The frequency of the CLK signal in PS / 2 can be up to 18KHz. It seems to be a very low frequency, but if you count, it turns out not fun at all. The ratio of PS / 2 CLK frequencies and the frequency of the microcontroller processor: 12000000/18000 = 666 (oh, horror). With an average command length of 5 clocks, it turns out that no more than 130 microcontroller commands can be executed between two PS / 2 fronts of the clock. And we have interrupts tuned to four signals of two PS / 2 ports: from DATA0, from CLK0, from DATA1, and from CLK1. The worst case is when the fronts of some signals coincide randomly - the ports are asynchronous. If two interrupts from different ports in a row, then it turns out that there are generally 60 cycles per interrupt ...

In general, I had to literally take into account the duration of each team. Let me give you a fragment of the assembler code of the interrupt handler; on many lines it costs how many clock cycles the command will take:

org 0d00h snd_recv_tabl0: jmp recv_startbit0 jmp recv_bit0 jmp recv_bit1 jmp recv_bit2 jmp recv_bit3 jmp recv_bit4 jmp recv_bit5 jmp recv_bit6 jmp recv_bit7 jmp recv_parity0 jmp recv_stop0 jmp send_startbit0 jmp send_bit0 jmp send_bit1 jmp send_bit2 jmp send_bit3 jmp send_bit4 jmp send_bit5 jmp send_bit6 jmp send_bit7 jmp send_parity0 jmp send_stop0 jmp send_stop1 rise1: rise0: pop a reti capture_a_isr: ;here we service interrupts from ps2 port 0 ;we must make it as short as possible... push a ;[5] iord port0 ;[5] iord port0 ;[5] rrc ;[4] jc rise0 ;[4] mov a,[status0] ;[5] asl ;[4] jacc snd_recv_tabl0 ;[7+5] - 44 ticks ;------------------------------------------------------------------------------- recv_startbit0_: inc [status1] mov a,PS2_WD_TIMEOUT mov [ps2_wd_b],a pop a reti recv_bit0_: recv_bit1_: recv_bit2_: recv_bit3_: recv_bit4_: recv_bit5_: recv_bit6_: recv_bit7_: iord port1 rrc rrc ;now our strobed bit in flag C mov a,[sh_in_lo_reg_p1] rrc mov [sh_in_lo_reg_p1],a inc [status1] pop a reti recv_parity0_: inc [status1] pop a reti recv_stop0_: mov a,[flag_wait_fa_1] cmp a,1 jz filter_fa1 mov a,[sh_in_lo_reg_p1] ;[5] push x ;[5] mov x,[fifo_head_p1] ;[5] mov [x+fifo_p1],a ;[6] store our byte to fifo inc x ;[4] increment fifo head mov a,x ;[4] pop x ;[4] and a,00fh ;[4] fifo size is 16 byte? mov [fifo_head_p1],a ;[5] save new fifo ptr for future filter_fa1: mov a,0 ;[4] mov [status1],a ;[5] mov [flag_wait_fa_1],a mov [ps2_wd_b],a pop a ;[4] reti ;[8] - 63+44=107 ticks nop 

Of course, many details disappear from memory, I don’t just remember many details. I only know that the deeply reworked program has worked successfully even in Doom2. This is what life-giving tallying does.

And you know what? Even now I was able to compile this old program of mine, just running the BAT file:



Interestingly, this story also had a sequel. PS / 2 codes were converted to HID codes (the PS / 2 protocol itself was rather complicated, see marsohod.org/11-blog/57-ps2proto ). And when the customer is from a Southeast country, some of the keys there are not exactly like ours.



During the archaeological excavations in our office, I found a typical keyboard from those times - they sent it to us for testing. There were other exotic options, but not all survived. I remember there was a keyboard with additional keys katakana and hiragana - and what would it mean? And the customer needs to do so that they work. And how should they work? What should happen when they are pressed?

They did this: they took two identical computers and installed parallel on one PC - English windows 2000, and on the second PC - pure Japanese Windows 2000, all OSs were taken from MSDN subscriptions. Two computers are needed to correctly answer questions in dialogs when installing Windows - we cannot read it and cannot translate as well. Here is a parallel installation on two PCs somehow saved. Later, the keyboard was connected to a PC with installed Japanese Windows and pressed these controversial keys trying to figure out what should happen when they were pressed. That somehow solved the problem. How long has it been ...

So what happened: as a result, it was not possible to disassemble the shelves and put them in order. On the contrary, I stirred up all the boxes and boxes in search of other artifacts that were valuable and interesting for an archaeologist ... So much interesting was found ...