[Prism54-devel] Firmware built-in debugger ?

Jean-Baptiste Note jean-baptiste.note at wanadoo.fr
Sun Apr 17 20:31:26 UTC 2005 

Hello Sebastien, dear list,

> I've just noticed another thing. The firmwares all contain the string 
> "LMAC > " surrounded by ANSI escape characters coding for "highlight" (this 
> string is sometimes a bit messed up by the firmware compression). This is 
> very similar to the "rom > " prompt of the GW3887. The format, and the escape 
> characters are exactly the same. Probably, the protocol will then be 
> text-based (like that of the GW3887 ROM), and that's what strings like 
> "normal0", "disabling", "possible" "stop timeout", "tx_active",.... are for 
> (there are longer and more explicit ones, but they are made almost unreadable 
> by the compression), since they are never part of the USB nor 802.11 protocol 
> as far as I know.

I call bingo ! this would be _grand_.

Now have a look at the XH driver. Can you see those IRQ lines regarding
PCIUART ? How much do you bet that we can hook up into the debugger for
pci devices too with a standard serial protocol ?

Those guys at prism rocks as far as engeneering is concerned. Too bad
they close the specs.

Ah, yes, given the habits of embedded development, i'd recommend having
a look at gdb stubs for the ARM arcitecture. I'd guess that they had a
"directly use gdb through the serial line" mode, hopefully in a very
standard way. Which would be cool. And i think this mode is triggered by
bogus data.

> So I'll try to deliberately send bogus data to the device, and then look what 
> there is in those oversized frames. The LMAC debugger is certainly 
> interesting :)

Not too hard, just send an approximately formatted thing, and it'll put
you right into what i guess is "segfault mode", and i guess you can send
the received data quasi-directly to an arm gdb.

> To know what to send, we'll probably need to uncompress the firmware and look 
> at strings... I think the easiest way to do this is to run the firmware in a 
> ARM emulator and then stop it and examine the memory once it has 
> self-extracted. Unless someone guesses what the compression algorithm is...

zlib for compression ?

> PS: firmware 2.13.1.0 is that of the new Gigaset 54 driver, download from the 
> Siemens website.

Okay, one day i'll implement firmware parsing, so that we can sort out
first generation usb / second generation usb / softmac pci / fullmac pci
firmwares easily. Version numbers are starting not to be enough.

JB

-- 
Jean-Baptiste Note
+33 (0)6 83 03 42 38
jean-baptiste.note at wanadoo.fr

More information about the Prism54-devel mailing list