hngopher.com

       [HN Gopher] Two interesting XOR circuits inside the Intel 386 pr...
       ___________________________________________________________________
        
       Two interesting XOR circuits inside the Intel 386 processor
        
       Author : _Microft
       Score  : 77 points
       Date   : 2023-12-16 17:26 UTC (1 days ago)
        
 (HTM) web link (www.righto.com)
 (TXT) w3m dump (www.righto.com)
        
       | kens wrote:
       | Author here for any questions. Hopefully you're not tired of the
       | 386 yet!
        
         | h2odragon wrote:
         | Not at all tired of the 386; an unrelated question comes up
         | tho.
         | 
         | Have you done much on "high power" semiconductors yet?
         | 
         | It occurs to me that we're throwing around amps on ICs now that
         | would've been well past "magic smoke" territory not all that
         | long ago; perhaps you might find some ESC chips or something
         | that demonstrate how this progress is being made?
        
           | kens wrote:
           | I've looked at a few higher-power chips, such as the
           | venerable 7805 voltage regulator, but I don't know if that's
           | high-power enough for you :-) There's no high-power secret
           | inside that chip except it uses large transistors.
           | 
           | https://www.righto.com/2014/09/reverse-engineering-
           | counterfe...
        
             | rzzzt wrote:
             | Parent might be thinking of those Gallium-Nitride FETs that
             | enable manufacturers to build suspiciously small power
             | bricks.
        
               | ace2358 wrote:
               | I thought that was due to the higher switching frequency
               | of the power transistors, perhaps unrelated to higher
               | current draw in the transistor?
        
         | ksaj wrote:
         | If you do a writeup on the prefetch queue and want some
         | original code for tampering with it, let me know. I did some
         | deep experimentation with it in the 90's, and still have the
         | code archived.
         | 
         | The prefetch queue could be (ab)used in some very interesting
         | and sometimes baffling ways. One of the creations causes a
         | divide by zero if you try to debug it, even if viewing the code
         | doesn't look like it should.
         | 
         | Also, I did some experimenting with shrinking code by replacing
         | INT3h with INT21h (one byte, versus two), which similarly lent
         | itself to anti-debugger effects.
        
           | kens wrote:
           | It sounds like you did some very interesting experimentation
           | with the prefetch queue. Realistically, I'm unlikely to
           | investigate the 386 prefetch queue to that level of detail,
           | but if I do, your tests would be useful.
        
         | mmastrac wrote:
         | Is the self-test exposed in any interesting ways? Any
         | interesting JTAG-like interfaces that could be explored?
        
           | kens wrote:
           | I was thinking of writing about the self-test circuitry. It
           | doesn't expose things in a JTAG-like way, which came later.
           | The main self-test is that if you boot the chip with the BUSY
           | pin set, it goes through a self-test of all the PLA and
           | microcode entries, accumulating a signature using linear-
           | feedback shift registers. It then XORs with the correct value
           | and writes the result to a register. So the visible result is
           | you see 0 in a register, not too exciting.
           | 
           | There are also self-test instructions to do things such as
           | write entries to the TLB and read entries, to make sure it is
           | operating correctly.
           | 
           | For details, there's a paper on "Design and Test of the
           | 80386" by Pat Gelsinger, who is now CEO of Intel.
           | https://ieeexplore.ieee.org/document/4069991 (paywalled).
        
       | freshbob wrote:
       | I'm always amazed at how people can make out anything without
       | having the individual metal layers present as well to show
       | vertical and horizontal connections in these die photographs.
        
         | kens wrote:
         | The 386 has two layers of metal, which makes it an order of
         | magnitude more difficult to reverse engineer. I don't have a
         | good process for removing one layer of metal at a time, so I
         | end up having to puzzle over faint patterns in the metal to
         | determine what is going on.
         | 
         | The two layers of metal also make it much harder to make
         | diagrams that show what is going on in the circuit without
         | turning into a tangle of lines. In this article, I decided not
         | to try, and went straight to schematics.
        
       | boringuser2 wrote:
       | The sisyphean efforts of chip designers kind of amaze me in the
       | sense that all of this is lurking just beneath the surface of the
       | computing revolution, and will one day be outdated or simply lost
       | for good.
        
       ___________________________________________________________________
       (page generated 2023-12-17 23:00 UTC)