Re: [Qemu-devel] [PATCH] SerialICE - Qemu based (x86) firmware debugger

[JonY <jon_y@users.sourceforge.net>]

On 11/22/2009 01:15, Stefan Reinauer wrote:
> Dear x86 hardware and low-level software developers and enthusiasts!
>
> coresystems GmbH is glad to finally release SerialICE 1.5, our
> "Integrated Circuit Emulator over Serial".
>
> SerialICE (http://www.serialice.com) is a BIOS/Firmware debugging tool.
> It allows you to run and observe BIOS images (such as coreboot®:
> http://www.coreboot.org/) written for real hardware in Qemu
> (http://www.qemu.org) for debugging purposes. Thanks to Qemu's
> compelling feature set, it's also possible to debug this BIOS code with
> GNU GDB.
>
> Among the new features of SerialICE version 1.5:
>
> - Rework memory and IO filters to provide more control
> - Improved PCI, PCIe and memory access logging
> - Windows (MINGW and Cygwin) support
> - New mainboard supported: ASUS P2B
> - SerialICE connection now survives target resets
> - CPUID now honors ECX values
> - RDMSR/WRMSR now honor EDI unlock keys
> - Add LUA patch to correctly operate on 32bit hosts
> - Drop SerialICE specific machine type in Qemu
>
>
> SerialICE consists of three parts:
>
> - a serial console "rom shell" compiled with romcc, with minimal footprint.
> - a patch to Qemu 0.11.0, which adds a new "SerialICE" machine.
> - a LUA script that contains filters, loggers and other SerialICE
> specific configuration and adaption.
>
> SerialICE can be downloaded from http://www.serialice.com/. The patch
> against Qemu 0.11.0 is attached to this mail for review. Dear Qemu developers:
> Please let us know what needs to be changed so this patch can be merged!
>
> With "qemu -m serialice -serialice /dev/ttyS0 -L
> path-to-your-bios.bin-dir -hda /dev/zero" you can run an arbitrary BIOS
> binary written for your target hardware in Qemu, thus logging all IO and
> memory accesses. Those operations will additionally be transmitted to
> the target system's shell and are executed there, while their results
> are submitted back to Qemu.
>
> Operations sent to the target:
> - memory reads/writes (some of them)
> - IO reads/writes
> - MSR reads/writes
> - CPUID calls (the bios code path might rely on this)
>
> Note: The code is still quite experimental and only supports a few
> number of mainboard out of the box, but it was already useful in some
> debugging scenarios we had and was able to reveil information that would
> normally only be available with a hardware debugger of the price of a
> new car. Don't expect SerialICE to completely replace a ICE/JTAG/ITP
> device, but it might just work for your case, as it did for us.
>
> The ROM code needs minimal board/chipset specific setup in order to
> establish serial communication with Qemu. See mainboard/* for a few
> examples.  This release contains setup code for 7 mainboards.
> Also, some hardware accesses have to be caught in the LUA code
> (scripts/serialice.lua) in order to prevent the system from locking up
> (ie. when the BIOS is disabling the serial console).
>
> Special thanks go to Patrick Georgi and Mark Marshall for their bug fixes and contributions to
> this release.
>
> See http://www.serialice.com/ for more information.
>
> Comments and patches are of course very welcome!
>

Hi,

This patch looks very interesting, anybody going to review this?