[Request]How to fix "Some BIOS strings exceeds the maximum length(0x400)" error to enable AMIBCP working?

Hi guys,With @Lost_N_BIOS 's great help unlocking CPU multiplier , I’m still working around my Precision M6700 and trying to get manual voltage control and so on.
When i tried to open my BIOS dump with AMIBCP, this error “Some BIOS strings exceeds the maximum length(0x400). Setup tab and BIOS strings tab will not be shown.” has occurred.

0x400.PNG


Searching around,I found no one actually pointed out the root of this problem. There was a Ins15R N5110 owner encountered same problem when tweaking his BIOS dump and someone kindly made a “fixed” version for him,but it seems impossible to find the person who made this fix works. So I’m stuck.
I wonder if anyone could help me figure out what’s wrong with it and patch it up? Thanks in advance.
N5110’s Original dump and Fixed dump for reference is here.
My BIOS dump is here.

@Blossomcrown - There is this thread, we tried to find, but it probably differs in all BIOS, I remember another thread here too but can’t find it right now.
Error: AMIBCP 5.02.0023 language name present exceeds 0x08 in lenght

Removing modules tediously one by one was the only way I’ve ever seen this resolved, until the exact issue was found
What do you need to change? I checked your BIOS, and most any settings change can be made via grub, or by editing BIOS setup module using IFR/Hex.

Hi @Lost_N_BIOS , thanks for your reply.
I’m trying to get hidden settings visible and adjustable,the more options showing the better.
For example , there is a “Debug” menu exists in IFR , but i cant see it in my BIOS.

1
2
3
4
 
0x584E2 		Suppress If {0A 82}
0x584E4 QuestionId: 0x3F2 equals value 0x0 {12 06 F2 03 00 00}
0x584EA Ref: Debug, VarStoreInfo (VarOffset/VarName): 0xFFFF, VarStore: 0x0, QuestionId: 0xD, FormId: 0x800C {0F 0F 7B 00 7C 00 0D 00 00 00 FF FF 00 0C 80}
0x584F9 End If {29 02}
 

Obviously this debug menu was "suppressed" right? I tried some HEX edit but no luck so far,maybe i did something wrong.
I dont want to occupy too much of your time , so could you please explain the right method how to make hidden settings shown , and then i could apply this skill to other settings on my own ? Thank you again :D

Yes, I see it’s suppressed, how did you try to unsuppress? It could be tried two ways
#1
Suppress If {0A 82}
QuestionId: 0x3F4 equals value 0x0 {12 06 F4 03 00 00} <<< Put FF there instead of 00
Ref: Debug, VarStoreInfo (VarOffset/VarName): 0xFFFF, VarStore: 0x0, QuestionId: 0xD, FormId: 0x800C {0F 0F 7B 00 7C 00 0D 00 00 00 FF FF 00 0C 80}
End If {29 02}

#2
Suppress If {0A 82}
QuestionId: 0x3F4 equals value 0x0 {12 06 F4 03 00 00} << Directly following this, move the >> 29 02
Ref: Debug, VarStoreInfo (VarOffset/VarName): 0xFFFF, VarStore: 0x0, QuestionId: 0xD, FormId: 0x800C {0F 0F 7B 00 7C 00 0D 00 00 00 FF FF 00 0C 80}
End If {29 02} << Move/cut this ^^ To above Debug

If both those fail, AMITSE edit may be required. I didn’t look too deep into BIOS before, because I wasn’t sure your goal.
Hopefully one of the above will get it visible for you, because if not, there is 80x instances of 0C 80 in the AMITSE via assembly view, will be tedious trying to figure out which is the main one
If you just need to change a few settings in there, probably much easier to edit the 97E409E6-4CC1-11D9-81F6-000000000000/Setup module via Hex/IFR to whatever you want the setting to be instead of default.

I see magic string is present in your BIOS setup PE32 module at 000179DC (Nothing to do with the debug submenu, just mentioning, for the general unlock purposes)
Magic String shown/explained a little bit (Magic string often before > ee 2e 20 71 53 5f d9 40 ab 3d 9e 0c 26 d9 66 57)
[Request] How to Access Locked/Hidden BIOS Menu Settings (16)
Also here, shorter - [Request] How to Access Locked/Hidden BIOS Menu Settings (12)

Sitrep : neither of two method works.
Imo Dell use a uncommon way writing their interface. Judging from the IFR, there is only a “universal Main tab” with all sub tab and settings under it, no Chipset tab, no Advanced tab (or maybe i should say they were made to be a sub tab under “Main”), etc. Due to this special interface structure, I’m afraid the Magic String wont help either.
Maybe some secret hides in AMITSE as you mentioned.
I’m also worrying about if there is a chance that Dell actually deleted Debug related code and just left a interface there?

Yes, I know how Dell BIOS is configured, so I know what you mean about the structure. Magic string may not work, I was only letting you know I spotted it in your BIOS.
Yes, for sure could be revealed with AMITSE edits, but that would take a lot of testing and possible bricks/re-testing, only ideal if you have a flash programmer and SOIC8 test clip in hand
There is literally 80 instances where the debug menu is references, surely it can be narrowed down much less than that by further inspection and looking at the flow/progress of the code in IDA, I just haven’t had time to dig to deep into that yet.

Please send me your two edited setup modules where you tried to unsuppress the Debug menu, so I can see if it’s done OK.
It looked to me like all stuff was contained within the debug menu, it’s a Dell created debug menu not the usual one with 100’s of settings, so I think they added it and wouldn’t remove something they added.

Due to the layout, once unsuppressed, it may also need “Access Level” enabled via AMIBCP, since you can’t do that you need to edit AMITSE/SetupModule at QuestionId: 0xD, I’ll have to get the file out later and show you where/how that is done.
You can learn by taking a BIOS you can edit with AMIBCP, find a setting in IFR, look at it’s QuestionId: and then change it’s access level in AMIBCP, save, then extract AMITSE/SetupData and compare with the stock AMITSE/SetupData, you will see the single change near the items QuestionID (backwards)
But, since this is Aptio 4 BIOS, I will need to look and refresh my mind to be able to tell you how to get this location without AMIBCP on this BIOS, since FormID and QuestionID are much shorter in these BIOS vs Aptio V which is much easier to spot what you want to edit in SetupData.

my edited modules are here
AMITSE hack is a little bit beyond my knowledge, but I’ll try to learn about it under your guide. CH341A is ready for use.
I’m also going to try to find a proper way to set “Access Level” unlocked as you mentioned.
Will report back asap once i have some breakthrough
Thanks for your patient guidance and explaining :smiley:

Since you have CH341A, make a backup now and make sure it’s valid, before you dig in deeper, that way you know you can always recover. Also, it would be good to check this too and see if same issue persists in your dumped BIOS as well.
Send me some images of your BIOS, just a few, so I can mainly see what main sections are visible on the left side menu (I assume it’s like that)

AMITSE stuff like my guide, is for Aptio 5 mainly, this is APTIO 4 BIOS, so doesn’t really apply unless maybe you can add a missing menu entry.
APTIO 4 AMITSE does hold some secrets, but I’ve not messed with that a lot lately, usually not needed so much since AMIBCP or setup can control most in APTIO 4

I checked your edits on setup suppression of debug, looks good both ways, so if neither work then this is not the key or something else needed first/along with.

Did you try to narrow down the offending module causing the AMIBCP issue yet? It’s a pain, but can be done, and once you find which module you can often find the error
I tried checking out the differences between the N5110’s BIOS files, but the BIOS has been edited/updated aside from whatever fixed it, so tough to compare (different microcodes and many other changes too)
I see differences at CoreDXE and AMITSE, stopped looking after that because I know these are unrelated changes to the cause of the issue (BIOS String file), so knew it would be too many differences to dig through

This machine have two BIOS chips, 8MB+4MB. When i tried to open 8MB part, AMIBCP 4.55 crashed instantly without any error message. And the 4MB part, there is no settings inside it.
BIOS interface looks like this.

IMG_20190508_230226.jpg


Glad to know i made HEX stuff right :smiley:
Haven’t figured out the problematic module yet, I’ll keep trying.

Thanks, that may be part of the issue why we can’t open in AMIBCP, please dump both BIOS chips with programmer if you have one, then append the BIOS together - and send me a copy of both too, thanks.

dumped file from programmer is here.
please be advised this is NOT from exact same machine (but same model M6700) with earlier FPT dumped bin, so maybe there will be some difference between them.

@Blossomcrown - I need both of your BIOS dumped with programmer, if you want anything edited. I already have Dell M6700 dumps here, maybe you should have said this is a Dell M6700 at first post
I did not check your files above, since I already have many complete user dumps from this same model, and same AMIBCP issue on those too, so it’s no help.

Best thing we can do is just edit the BIOS for whatever, outside of AMIBCP, and then no need to mess around further. What do you need changed to what in the debug folder, I can change it for you?

Dear @Lost_N_BIOS , sorry i didn’t actually understand what do you mean “both of BIOS dumped with programmer”?
my goal is to make “debug” menu (and maybe more hidden settings) visible and adjustable in BIOS, the AMIBCP way is just first thought to achieve this goal.
I agree with you that fix AMIBCP problem is not priority and need lots of test work to do, we can pass on this for now.
So the question becomes how to make debug menu visible :smiley:
will that 6MB bios region dump from fpt (in the first post) enough for you to research? tell me if you need anything else.

@Blossomcrown - I meant, dump both BIOS chips with your flash programmer, then zip and send me those files. We may not be able to make debug visible, so I asked what settings do you want changed in there, to what?
Do you not have a flash programmer? If not, it’s OK, then don’t worry about the BIOS dumps I requested from your system. I can just edit the BIOS region file you sent early on.

If you have flash programmer, in case recovery is needed, I can make some blind edits in AMITSE/SetupData and try to get the correct one to try and set debug to User or Super for Access Level (Like we would in AMIBCP)
But even if that works and I find the correct one, or even if we could do in AMIBCP it may not make it visible still.

Otherwise, the only other way to try and make it visible, which would eventually work, is to identify which is the debug menu in assembly out of the 80+ instances I mentioned (Will need some time to dig into that and see if I can narrow it down, will look again as time permits)
But, as mentioned, if you just want to make some changes in debug settings we can do that anytime and it’s quick and easy

@Lost_N_BIOS Thanks for your patient explaining :smiley:
As I said before,I have a programmer standing by. To be honest, I only want to use it when my machine totally bricked or something like that, due to the complexity of tear my gear down. That’s the reason why I asked you if you could do the mod in FPT dumped bin.
With this brick recovery capability (that I dont really want to use when we have FPT in opeartional), please feel free to try AMITSE/SetupData blind mod. I’m ready to start a test and report back.
I understand detailed assembly analysing with literally 80+ presents is very difficult to be done, that’s why we should take it as a last resort right?
Thanks for you time and help again.

sorry to dig this thread out.
just wondering if there is any progress has been made. :smiley:

For AMIBCP v5.02.0031 , it’s easy to find the same version.
I use OllyDbg to trace the error message box, find this check.

0041D42E |> \817D E8 28230>|| cmp dword ptr [ebp-18], 2328
0041D435 |. 0F8D 04040000 |||jge 0041D83F

I changed 2328 to FFFF and succeeded. For hex edit , jump to offset 0x1D431 , you can see 28 23 , change them to FF FF and save.
But when I open BIOS file, it still can not show every option, many Undefined showed up.

@Blossomcrown @Lost_N_BIOS

@dsanke @Blossomcrown - This “in general” how to make changes manually when AMIBCP wont display menu properly, I need to make a guide on this - See near bottom of that post #4 where it says “Now, to edit AMITSE/SetupData”
[Request]Maximus XI Hero - Unlock AMIBCP

Blossomcrown - Sorry I missed your last two replies, if you need BIOS edit still, can the above is too confusing for you, I can edit a BIOS for you anytime.
This issue, random where problem is, how to solve etc, we need to wait for better/newer AMIBCP and maybe next leak wont have these issues.
I know some BIOS not OK in 5.02.0023 due to this issue are fine in 0031, so maybe next leak will have strings allowed set much larger than 0031 and all problems will be resolved.

dsanke - some BIOS just can’t be edited in AMIBCP (funky language items, blank items, undefined as you mentioned, even if this issue doesn’t happen, due to our leaked version still is old compared to what would work for some BIOS.
Best to edit as I linked above and or setup module.

I just started modding bios from AMI and faced the same problem.
So, the solution:

Some BIOS strings exceeds the maximum.jpg