CN1312588C

CN1312588C - Realizing method of cross regulator based on EJTAG components of targeting machine

Info

Publication number: CN1312588C
Application number: CNB2004100090019A
Authority: CN
Inventors: 田金兰; 苏宏谋; 王生原
Original assignee: Tsinghua University
Current assignee: Tsinghua University
Priority date: 2004-04-02
Filing date: 2004-04-02
Publication date: 2007-04-25
Anticipated expiration: 2024-04-02
Also published as: CN1564136A

Abstract

The present invention provides a scheme for using software to effectively control and use EJTAG components on an object machine. According to the scheme, the design and the realization of a cross debugger based on EJTAG are thereafter completed. The scheme is characterized in that all the processing procedures of the commands of the debugger operate on a host machine, only 4 to 5 signal wires are needed between the host machine and the object machine, and no extra hardware equipment is needed. The debugger with high performance price ratio realizes the debugging functions of an assemble level and a source code level which operates on the host machine, and has excellent adaptability and transferability.

Description

The intersection debugger implementation method of the EJTAG parts on the based target machine

Technical field

The intersection debugger implementation method of the EJTAG parts on the based target machine belongs to computer system debugging acid field.

Background technology

When developing and producing new electronics, computer product, often can face the problem of the following aspects: the device layout of (1) circuit is complicated day by day; (2) components and parts miniaturization, complicated encapsulation, intensive pin; (3) circuit board miniaturization, use surface-welding technology etc.This brings very big trouble for line test, trouble shooting and the eliminating of product.Be difficult to traditional wireline inspection equipment, even can't use.It is BST (Boundary Scan Technology) that a method that addresses this problem is to use boundary scan technique.This technology is formulated (industrial standard IEEE1149.1) by the connection testing action group (JTAG, JointTest Action Group) of IEEE technical committee, and can be used on the testing circuit board: whether the logic of (1) each device itself is correct; (2) the connection situation between each device; Whether the device that (3) combines has finished intended function etc.Expansion JTAG is that EJTAG (Enhanced JTAG) standard is the expansion of carrying out on the JTAG normative foundation.The operand of EJTAG is that the MIPS microprocessor of MIPS company or the SOC (system on a chip) that comprises MIPS nuclear are SOC (System-on-a-Chip) chip assembly.EJTAG provides the application interface of application program and core code software debugging.It has following functions:

1) Hardware Breakpoint (Hardware Breakpoint) is set;

2) (Single Step Excution) carried out in single step;

3) support that test access port is that TAP (Test Access Port) interface: EJTAG uses the TAP interface that test data is imported into or spreads out of core cpu.Except the jtag instruction of supporting standard, EJTAG also has the instruction of own redetermination.

4) support software break-poing instruction: SDBBP (Software Debug Breakpoint).

Debugger based on EJTAG can be used for debugging monitor, operating system, and can analyze the fault of determining CPU and mainboard by the debugging diagnostic routine, is the important tool that CPU development work is carried out smoothly.We have proposed a kind of scheme of utilizing software effectively to control and use the EJTAG parts on the target machine, design and realization have been finished in view of the above based on the intersection debugger of EJTAG, greatly reduce cost, and have good portability (supporting different microprocessors only need revise a spot of code).

Summary of the invention

The objective of the invention is to effectively control and use EJTAG parts on the target machine, realize operating in the assembly level on the host and the debug function of source code level with convenient mode.

The intersection debugger implementation method of the EJTAG parts on the based target machine is characterized in that: the processing procedure of debug command is all to move on host's PC, and this processing procedure comprises following steps:

(1) be called for short the IEEEE1149.1 industrial standard that JTAG formulates according to the Joint Test Action Group of combined testing action group of IEEE technical committee, making test access port among the target machine MIPS CPU that has expanded the EJTAG parts is that following 5 EJTAG/JTAG signals that Test Access Port is called for short the TAP interface link to each other with parallel I/O port of host PC by signal wire:

TCK is a test clock signals, direction from host's PC to target machine MIPS CPU;

TMS is that test mode is selected signal, direction from host's PC to target machine MIPS CPU;

TDI is an input signal of test data, direction from host's PC to target machine MIPS CPU;

TDO is a test data output signal, direction from target machine MIPS CPU to host's PC;

TRST ^*Be test reset signal, this signal is optional signal;

(2) on the storer of host's PC, set up with lower module:

For the assembly level debugger that operates under the Windows system, it has with lower module:

A. human-computer interface module adopts the graphical user interface gui interface, and the display format of debugged object code uses the dis-assembling code, and it is by providing operation interface with minor function:

OnOpenDocument (): the code of dis-assembling display format is read in internal memory, and set the value of following variable:

Store the length of every line code,

Storage code,

Current line Q-character flag, 1 is expressed as current line, the non-current line of 0 expression,

Breakpoint table, store breakpoint information, the no breakpoint of 0 expression, it is the breakpoint type that non-0 expression has breakpoint, respective digital,

Code line Q-character flag, 1 is expressed as code line, the non-code line of 0 expression;

OnDownload (): the storage area that the code that downloading collects obtains begins to the target machine assigned address;

OnDraw (): with the different colours reveal codes;

OnEditBrk (): add breakpoint, send break-poing instruction to interface;

OnEditMem (): the content that obtains and show the assigned address internal memory;

OnEditReg (): the value that obtains and show all registers;

OnRestart (): send instruction of restarting, restart CPU;

OnSingleStep (): send the single-step operation order, and obtain the value of single-step operation late register;

OnRemoveBreakPoint (): remove breakpoint;

Pack (): according to the RSP agreement, acquire packet header bag tail for the content of bag, described RSP is the abbreviation of Remote SerialProtocol;

B. debug request processing module, it is human-computer interface module and the EJTAG/JTAG conversion of signals of lower floor and the application A PI of processing module on upper strata, it is converted into the debugging request of man-machine interface the packet that meets Remote Serial Protocol agreement, send to EJTAG/JTAG conversion of signals and processing module, receive its response again, this EJTAG/JTAG conversion of signals and processing module are provided with following 9 class debug commands:

The g order: read all registers,

The G order: write all registers,

The m order: memory read,

The M order: memory write, the R order: reset, send the start address of having no progeny among the CPU and carrying out,

C order: continue, send to remove and continue the start address carried out behind the single step sign,

The s order: single-step operation, send the start address that the beginning single step is carried out,

The z order: insert breakpoint, setting a certain address realm is breakpoint,

The Z order: remove breakpoint, cancel the breakpoint of a certain address realm,

Correspondingly, the debugging request processing module is set the used function of following each debugging request:

CallAPI (): according to the debug command of transmitting from man-machine interface, call the CallR () that EJTAG/JTAG conversion of signals and processing module provide respectively, Callg (), CallG (), Callm (), CallM (), Callc (), Calls (), Callz (), CallZ () function returns debug results again

VerifyCommand (): whether checking instruction bag is legal, and therefrom extracts useful part,

GetFirstChar (): extract first character of instruction,

StrFreeCpy (): copy a string;

C.EJTAG/JTAG conversion of signals and processing module, it is converted to the JTAG signal to the debug command request of RSP form, and feasible processing procedure with target machine CPU is synchronous, and returns response message, corresponding to above-mentioned 9 class debug commands, it is provided with following interface function accordingly:

CallR (): carry out the R order, return results,

Callg (): carry out the g order, return results,

CallG (): carry out the G order, return results,

Callm (): carry out the m order, return results,

CallM (): carry out the M order, return results,

Callc (): carry out the c order, return results,

Calls (): carry out the s order, return results,

Callz (): carry out the z order, return results,

CallZ (): carry out the Z order, return results;

The realization of these interface functions has been used as minor function:

Pack (): according to the RSP agreement, for the content of bag is acquired packet header bag tail,

SetWord (): by EJTAG TAP the value of 32 EJTAG registers is set, rreturn value is 0;

GetWord (): obtain the value of 32 EJTAG registers by EJTAG TAP interface, the value of return register,

IsDigit (): judging whether a character represents a hexadecimal digit, is rreturn value 1 then, non-then rreturn value,

SendSignal (): send signal to EJTAG TAP interface and accept feedback by parallel I/O port;

For the higher level lanquage level debugger that operates under the linux system, man-machine interface realizes that by a kind of debugged program GDB commonly used debug command passes to above-mentioned EJTAG/JTAG conversion of signals and processing module by following EJTAG driver module;

The d.EJTAG driver module has been realized beginning debugging, has finished debugging, has sent the debugging request, has been read four functions of debugging response; The exchange of the debug command of carrying out between it and above-mentioned EJTAG/JTAG conversion of signals and the processing module is the RSP protocol format that adopts GDB, so assembly level debugger and higher level lanquage level debugger sharing E JTAG/JTAG conversion of signals and processing module; This EJTAG driver adopts the mode of the kernel module that can load: order this module of packing into insmod, with this module of rmmod order unloading; After the EJTAG module is packed linux system into, set up device file/dev/ejtag that an AccessPort that meets GDB requires;

(3) run on the implementation of the assembly level debugger under the Windows system:

A. pass through the debugged object code graftabl of function OnOpenDocument () with the dis-assembling form,

B. pass through function OnDraw () with the different colours reveal codes,

C. if need, download code to target machine by function OnDownload (),

D. as required, by function OnEditBrk (), OnEditMem (), OnEditReg (), OnRestart (), OnSingleStep (), OnRemoveBreakPoint () realize adding breakpoint, obtain and show the content of assigned address internal memory, obtain and show the value of all registers, restart CPU, send the single-step operation order and obtain the value of single-step operation late register, remove the operation of breakpoint

E. select to carry out debug command for many times and call, withdraw from debugger after executing debug command with superior function;

(4) run on the implementation of the higher level lanquage level debugger under the linux system:

A. order the EJTAG driver module of packing into insmod,

B. realize the debugging operations that need finish by GDB order,

C. withdraw from GDB after executing debugging operations,

D. with rmmod order unloading EJTAG driver module;

(5) for the assembly level debugger that runs under the Windows system, the principal function CallAPI () of debugging request processing module, utilize function VerifyCommand () and GetFirstChar () that verification and legitimacy check are carried out in debug command, and then call the CallR () that EJTAG/JTAG conversion of signals and processing module provide respectively according to debug command, Callg (), CallG (), Callm (), CallM (), Callc (), Calls (), Callz (), CallZ () function returns debug results again;

(6) similar with the assembly level debugger, for the higher level lanquage level debugger that runs under the linux system, connect debug command that the EJTAG driver module of GDB sends GDB and call the CallR () that EJTAG/JTAG conversion of signals and processing module provide, Callg () respectively, CallG (), Callm (), CallM (), Callc (), Calls (), Callz (), CallZ functions such as () returns debug results again;

(7) for running on the assembly level debugger under the Windows system and running on higher level lanquage level debugger under the linux system, EJTAG/JTAG conversion of signals and processing module that the two is shared provide following CallR (), Callg (), CallG (), Callm (), CallM (), Callc (), Calls (), Callz (), the realization of CallZ () function:

(8) processing procedure of function C allR ():

A. check whether order format is correct, then return as if incorrect, and put error flag;

B. be that reseting mark position Rocc in the ECR register puts 0 with the EJTAG control register, and EJTAG interrupt request position EjtabBrk, virtual memory section dseg, promptly debug segment significance bit ProbEn and debugging exception vector address control bit ProbTrap all put 1;

C., it is the value of DEPC that debugging exception procedure counter DEBUG Exception Program Counter is set;

D. as b, the c implementation is made mistakes, and promptly Rocc is changed to 1, and processor is not in the halted state of expection and then returns, and puts error flag;

E. return;

(9) processing procedure of function C allg ():

B. obtain the numerical value of 32 general-purpose registers by MIPS Store instruction;

C. obtain the numerical value of 27 cp0 registers by MIPS MFC0 and Store instruction;

E. return the content of general-purpose register and cp0 register;

(10) processing procedure of function C allG ():

B., the numerical value of 27 cp0 registers is set by MIPS Load and MTC0 instruction;

C., the numerical value of 32 general-purpose registers is set by MIPS Load instruction;

E. return " OK ";

(11) processing procedure of function C allm ():

B. memory content is encased in general-purpose register;

C. obtain the numerical value of general-purpose register by MIPS Store instruction;

E. return memory content;

(12) processing procedure of function C allM ():

B. obtain the numerical value of general-purpose register by MIPS Load instruction;

C. general-purpose register numerical value is deposited in the internal memory and goes;

E. return " OK ";

(13) processing procedure of function C allc ():

B. remove the SSt position in the Debug register;

C., the value of debugging exception procedure counter DEPC is set;

D. MIPS DERET instruction is inserted the DATA register of TAP;

E. call Callg () and obtain content of registers;

F. as b, c, d, the e implementation is made mistakes, and promptly Rocc is changed to 1, and processor is not in the halted state of expection and then returns, and puts error flag;

G. return results;

(14) processing procedure of function C alls ():

B. remove the SSt position in the Debug register;

C., the value of debugging exception procedure counter DEPC is set;

D. MIPS DERET instruction is inserted the data register of TAP;

E. call Callg () and obtain content of registers;

G. return results;

(15) processing procedure of function C allz ():

B. the zone bit ASIDuse in the IBC territory in the instruction breakpoint status register of breakpoint correspondence is changed to 0, and BE is changed to 1, if data breakpoint, the zone bit BAL that also need be provided with in the data breakpoint status register DBC territory is changed to 0, and BLM is changed to 1;

C., IBA territory in the instruction breakpoint status register of breakpoint correspondence is set;

D., IBM territory in the instruction breakpoint status register of breakpoint correspondence is set;

E. as b, c, the d implementation is made mistakes, and promptly Rocc is changed to 1, and processor is not in the halted state of expection and then returns, and puts error flag;

F. return " OK ";

(16) processing procedure of function C allZ ():

B. the zone bit BE in the IBC territory in the instruction breakpoint status register of breakpoint correspondence is changed to 0;

C. make mistakes as the b implementation, promptly Rocc is changed to 1, and processor is not in the halted state of expection, then returns, and puts error flag;

D. return " OK ";

(17) above-mentioned (8) to (16) described EJTAG/JTAG conversion of signals and processing procedure are converted into the sequence of a machine instruction to debug command, give CPU item by item by the TAP interface then and carry out, and fetch resultant content, return after packing; Control flow according to TAP, in debugger process of commands process, the read-write of TAP register is carried out in data register shift or order register displaced condition, serially test data is shifted out at the test clock signals negative edge, serially test data is moved at rising edge; When writing the TAP register, move into new data; The data that preservation is shifted out when reading the TAP register move into new data simultaneously for returning;

(18) finishing of debug command need cooperate with target machine CPU, and its groundwork process is:

A. the PrAcc position of debugger cycle detection ECR register, if 0, continue to detect; If 1, the expression processor is finished requested operation and is suspended, and changes following steps b;

B. debugger determines next step action according to the state of operation:

If waiting for CPU is interrupted, expression CPU has entered the debugging exception and has handled, and waits for the code that exception is handled; So specific instruction is put into the data register of TAP;

Pack into or storage instruction if just allowed CPU carry out, and operand address is positioned at the dseg section, needs to provide operand so, the instruction of promptly packing into is write toward the data register of TAP, perhaps sense data, promptly storage instruction is read from the data register of TAP);

C. debugger is the PrAcc position of EJTAG control register ECR 0, and the expression debugger is ready, and CPU can continue;

D. change a;

(19) above-mentioned (8) finally can be reflected to user interface to (16) return results, and the operational process of debugger is as described in (3), (4) afterwards.

The thinking of the intersection debugger of the EJTAG parts on the based target machine of realizing according to the present invention is:

(1) the suitable target machine of this debugger is the CPU of MIPS series architecture, and it has expanded the parts of supporting the EJTAG standard; Referring to Fig. 1, the part of nontransparent filling background is the part that EJTAG increases; Only needing CPU can carry out basic instruction set (comprising MTC0/MFC0/LUI/LW/SW/LB/SB/DERET/ADD etc.) just can use.

(2) 5 of test access port TAP interface JTAG signal TCK (test clock Test Clock signal), TMS (test mode is selected Test Mode Select signal), TDI (test data input Test Data Input signal), TDO (test data output Test Data Output signal) and TRST ^*(test reset Test Reset Input ^*Signal) links to each other with the parallel port of host by simple circuit; Table 1 is the corresponding relation of the I/O port data on JTAG signal and the host.

The table 1 JTAG signal and the I/O port data signal table of comparisons

The JTAG signal	The I/O port	Direction	Bit	The DB25 LPT
				The DB25 LPT		Pin PinNo	Signal
				?TMS	?BASE	Pin PinNo	Signal	Out	2	?4	?Data2
?TCK	?BASE	Out	1	?TMS	?BASE	?3	?Data1	Out	2	?4	?Data2
?TCK	?BASE	Out	1	?TDI	?BASE	?3	?Data1	Out	0	?2	?Data0
?TDO	?BASE+1	In	4	?TDI	?BASE	?13	?Select	Out	0	?2	?Data0

Wherein BASE represents the base address of used parallel port, and its default value is 0x378 on PC.BASE+1 represents the status port of parallel port.Sense in the table is to see from the angle of host (PC).Reset signal TRST ^*Be optional signal, unlisted its corresponding relation in the table.

(3) the assembly level debug function runs on the Windows system, and the display format of debugged object code uses the dis-assembling code; Source code level debug function runs on linux system; What download to that the form of target machine adopts is that the S-record of Motorola is the S-Record form.

(4) basic function of debugger relates to breakpoint management (increasing, delete, list breakpoint), information inquiry (checking/revise the content of register, the data of checking/revising assigned address), carries out control (single step, continuation, suspend, reset) and code administration (object code of packing into is used for locally showing, object code downloads to target machine, show source code) etc.

(5) work of debugger is the process of a cooperative work of software and hardware.When debugger starts, with the EJTAG control register is that reseting mark position Rocc in the ECR register puts 0, and EJTAG interrupt request position EjtabBrk, virtual memory section dseg (debug segment) significance bit ProbEn, ProbTrap all puts 1 with debugging exception vector address control bit, make CPU interrupt the program of carrying out, enter debugging mode.After CPU entered debugging mode, it carried out the instruction that debugger sends over successively, and exchanged related content with debugger, thereby finished debugging work.

(6) the long-range serial protocol of GDB of the Interchange Format of debug command employing GNU tissue is RSP (Remote SerialProtocol,) form, the higher level lanquage level debugging that runs on the assembly level debugging of Windows system like this and run on linux system can be shared the code that is used to change with processing procedure.

(7) front end of higher level lanquage level debugger adopts the GDB of GNU tissue, and the rear end is by driver and EJTAG/JTAG conversion of signals and processing procedure interface.The EJTAG driver adopts the mode of the kernel module (loadable kernelmodule) that can load.

The groundwork process based on the intersection debugger of EJTAG that realizes according to the present invention is:

(1) the PrAcc position of debugger cycle detection ECR register (pause flag position, Process Access Pending), if 0, continue to detect; If 1, the expression processor is finished requested operation and is suspended, and changes (2);

(2) debugger determines next step action according to the state of operation:

If waiting for CPU is interrupted, expression CPU has entered the debugging exception and has handled, and waits for the code that exception is handled; So specific instruction is put into the DATA register (data register) of TAP;

If just allowed CPU carry out the load/store instruction, and operand address is positioned at the dseg section, needs to provide operand (the load instruction is write toward the DATA register of TAP) so, perhaps sense data (the store instruction is from the DATA register read of TAP);

(3) debugger is the PrAcc position of ECR 0, and the expression debugger is ready, and CPU can continue; (4) change (1).

What the present invention proposed utilizes the effective control of software and uses the scheme of the EJTAG parts on the target machine to be embodied in the debugger process of commands process.The processing procedure of each basic debugger command is similar substantially, is that example is illustrated with " checking the value of register " below:

(1) user asks by graphic user interface GUI or order line input debugging: check the content of register reg, its command format is assumed to print $reg;

(2) the debugging request command (print$reg) of analysis user;

Get the serial number no.of $reg of reg register;

Packing order: (request=ReadReg, index=no.of$reg, length=sizeof (int));

Call (3);

Change (4);

(3) analyze debugging request (ReadReg);

This processing of request is converted into the machine instruction of a sequence; Its major part is as follows:

MTC0 $t1, DESAVE; Preserve the $t1 register

LW $t1, HIGH (dseg); Dseg is exactly 0xFF200000

SW no.of$reg, 0 ($t1); Content is sent into the DATA register of TAP

MFC0 $t1, DESAVE; Recover the $t1 register

Give CPU the information concerning order sequence by the TAP interface item by item and carry out, and fetch content of registers;

Packing response: (response=success, length=sizeof (int), value=value of$reg);

Return response;

(4) obtain response (response=success, length=sizeof (int), value=value of$reg);

Response converts user-friendly mode: $reg=0x12345678 (supposing value=0x12345678) to;

Display result is to GUI or order line.

Read-write TAP register is one of core procedure of finishing above process.According to the EJTAG standard, the TAP controller is a finite state machine, and referring to Fig. 3, its state is determined by TCK and TMS.The TAP controller is changed according to state transition graph then at TCK rising edge sampling tms signal.The TAP state transition graph has 16 states, shown in Fig. 2-5.Numeral among the figure on the arrow limit when the TCK rising edge, tms signal be in high level or low level.The state implication that is identified among Fig. 3 is as follows:

The Test-Logic-Reset state: the test logic reset mode, it is an original state, under this state, the boundary scan testing logic is forbidden; The Run-Test/Idle state: control register enters this state between two scan operations, and remains on this state when TMS is input as ' 0 ' always, and under this state, all order registers and test data register content remain unchanged; The Select-DR-Scan state: determine the scan-data buffer status, under this state, all test data register remain unchanged; The Select-IR-Scan state: determine the scan instruction buffer status, under this state, all test data register remain unchanged; Capture-DR state: order register is deciphered, determined the data register that will scan; The Shift-DR state: be connected between TDI and the TDO in test data register under this state, each clock period data serial is moved to the TDO direction; The Exit1-DR state: be temporary transient intermediateness, data remain unchanged under this state; Pause-DR state: under this state, temporarily stop test data moving between TDI and TDO; Exit2-DR state: under this state, refresh data register in the displacement of Shift-DR state; Update-DR state: under this state, in the data that the Shift-DR state moves into deposit register by the order register appointment in; The Capture-IR state: under this state, the order register fixed vector (000012) of packing into automatically; The Shift-IR state: be connected between TDI and the TDO at this state register that gives an order, each clock period data serial is moved to the TDO direction; The Exit1-IR state: be temporary transient intermediateness, data remain unchanged under this state; Pause-IR state: under this state, temporarily stop test data moving between TDI and TDO; Exit2-IR state: under this state, refresh order register in the displacement of Shift-IR state; The Update-DR state: under this state, the instruction that moves at the Shift-IR state comes into force.

The read-write of TAP register is carried out at Shift-DR or Shift-IR state, and data shift out from TDO in the serial of tck clock negative edge, move into from TDI in the rising edge serial.Ignore the data that shift out from TDO when writing the TAP register, new data moves into from TDI; Preserve the data that shift out from TDO when reading the TAP register and supply to return, simultaneously it is moved into from TDI again, to avoid destroying the content of register.Its main flow process is:

Driving TAP makes it transfer to the Shift-IR state

The selection instruction of register is write the order register IR of TAP

Driving TAP makes it transfer to the Shift-DR state

For (cycle index=0; The figure place of cycle index＜data register; Cycle index ++)

Shift out data (to local variable) from TDO

If (being read operation)

Preserve these data (to local variable)

The data of TDI (immigration data)=shift out from TDO // avoid the destroying content of register

Else//be write operation

TDI (immigration data)=write the data of register

Move into data (to the most significant digit of the register of choosing) from TDI

endfor

Driving TAP makes it transfer to the Update-DR state

If (being read operation)

Return the content of registers of reading

Finishing of basic debugger command need cooperate with target machine CPU.In the scheme of utilizing the EJTAG parts on effective control of software and the use target machine that the present invention proposes, need the debugging exception response process of target machine CPU as follows:

When the debugging exception took place, CPU judged the ProbTrap position (debugging exception vector address control bit) among the ECR (EJTAG control register).If this position is 0, just jump to 0xBFC00480.This place is the debugging exception procedure that is provided by watchdog routine or operating system.Carry out DERET at last, CPU returns normal mode, continues to carry out; If this position is 1, just jump to 0xFF200200.Under debugging mode, 0xFF200200 is arranged in actual non-existent virtual memory section dseg (debugsegment).At this time, CPU is the address register that PC deposits TAP in the ADDRESS register, is equipped with the mode bit of pass then, waits for that bringing instruction from TAP carries out then.Detailed process is:

(1) processor is programmable counter the ADDRESS register that PC delivers to TAP;

(2) processor is write the zone bit of the ECR register in the TAP module: PrAcc=1; PRnW (suspend kind: 0 expression is read, and 1 expression is write)=0 etc.;

(3) the processor detection PrAcc position of not stopping is 1 and continues to wait for; If 0 enters (4);

(4) instruction in the Data register of TAP is put in the IR register, processor is carried out successively by following several situations:

If the DERET instruction is then changeed (6);

If not the load/store instruction, directly carry out, change then (5);

If the load/store instruction, but operand address is directly carried out commentaries on classics (5) then not within dseg (0xFF000000-0xFF3F0000);

If the load instruction, treatment scheme is:

Operand address is put into the ADDRESS register of TAP;

CPU suspends (putting the PrAcc=1 of ECR, PRnW=0 etc.), waits for that debugger provides operand;

The PrAcc of CPU cycle detection ECR is until be 0 to enter next step;

From the DATA register read operation number of TAP, carry out this instruction;

Change (5);

If the store instruction, treatment scheme is:

Operand address and content of registers are put into ADDRESS, the DATA register of TAP respectively;

CPU suspends (putting the PrAcc=1 of ECR, PRnW=1 etc.), and the wait debugger is taken data away;

The PrAcc of CPU cycle detection ECR is until be 0 to enter commentaries on classics (5);

(5) processor adds 4 to the PC value, changes (1);

(6) withdraw from debugging mode, continue to carry out original code.

The invention is characterized in: the processing procedure of debug command is all to move on host's PC, and it comprises following steps:

(1) making test access port among the target machine MIPS CPU that has expanded the EJTAG parts is that following 5 the JTAG signals that are called for short in the IEEEE1149.1 industrial standard that JTAG formulates by the Joint Test Action Group of combined testing action group of IEEE technical committee that Test Access Port is called for short the TAP interface link to each other with parallel I/O port of host PC by signal wire:

TCK is a test clock Test Clock signal, direction from host's PC to target machine MIPS CPU;

TMS is that test mode is selected Test Mode Select signal, direction from host's PC to target machine MIPS CPU;

TDI is a test data input Test Data Input signal, direction from host's PC to target machine MIPS CPU;

TDO is a test data output Test Data Output signal, direction from target machine MIPS CPU to host's PC;

TRST ^*Be test reset Test Reset Input ^*Signal, it is optional signal.

(2) on the storer of host's PC, set up with lower module:

Store the length of every line code,

Storage code,

Breakpoint table, store breakpoint information, the no breakpoint of 0 expression, it is the breakpoint type that non-0 expression has breakpoint, respective digital

Code line Q-character flag, 1 is expressed as code line, 0 expression non-code line (note etc.)

OnDownload (): the S-record of downloading Motorola is the storage area that the code of S-Record form begins to the target machine assigned address;

OnDraw (): with the different colours reveal codes;

OnEditBrk (): add breakpoint, send break-poing instruction to interface;

OnEditMem (); Obtain and show the content of assigned address internal memory;

OnEditReg (); Obtain and show the value of all registers;

OnRestart (); Send instruction of restarting, restart CPU;

OnSingleStep (); Send the single-step operation order, and obtain the value of single-step operation late register;

OnRemoveBreakPoint (); Remove breakpoint;

B. debug request processing module, it is human-computer interface module and the EJTAG/JTAG conversion of signals of lower floor and the application A PI of processing module on upper strata, it is converted into the debugging request of man-machine interface the packet that meets Remote Serial Protocol agreement, send to EJTAG/JTAG conversion of signals and processing module, receive its response again, the latter is provided with following 9 class debug commands:

Callg (): read all registers, be called for short g,

CallG (): write all registers, be called for short G,

Callm (): memory read, be called for short m,

CallM (): memory write, be called for short M,

CallR (): reset, send the start address of having no progeny among the CPU and carrying out, be called for short R,

Callc (): continue, send to remove and continue the start address carried out behind the single step sign, be called for short c,

Calls (): single-step operation, send the start address that the beginning single step is carried out, be called for short s,

Callz (): insert breakpoint, setting a certain address realm is breakpoint, is called for short z,

CallZ (): remove breakpoint, cancel the breakpoint of a certain address realm, be called for short Z;

CallAPI (): carry out the debug command of transmitting from man-machine interface by EJTAG TAP interface, the above 9 class debug commands that EJTAG/JTAG conversion of signals and processing module by lower floor provide are called in debug command respectively in view of the above, return debug results again,

GetFirstChar (): extract first character of instruction,

StrFreeCpy (): copy a string;

C.EJTAG conversion of signals and processing module, it is converted to the JTAG signal to the debug command request of RSP form, and feasible processing procedure with target machine CPU is synchronous, and returns response message, corresponding to the above-mentioned debug command that needs processing, it is provided with following interface function accordingly:

CallR (): carry out the R instruction, return results,

Callg (): carry out the g instruction, return results,

CallG (): carry out the G instruction, return results,

Callm (): carry out the m instruction, return results,

CallM (): carry out the M instruction, return results,

Callc (): carry out the c instruction, return results,

Calls (): carry out the s instruction, return results,

Callz (): carry out the z instruction, return results,

CallZ (): carry out the Z instruction, return results.

The realization of these interface functions has been used as minor function:

SendSignal (): send signal to EJTAG TAP interface and accept feedback by the parallel port;

For the higher level lanquage level that operates under the linux system is true form level debugger, and its front end adopts GDB, and the rear end is by following EJTAG driver module and above-mentioned EJTAG/JTAG conversion of signals and processing module interface:

The d.EJTAG driver module has been realized beginning debugging, has finished debugging, has sent the debugging request, has been read four functions of debugging response; It and above-mentioned EJTAG/JTAG conversion of signals and the exchange of handling the debug command of carrying out between the mould also are the RSP protocol format that adopts GDB naturally, and this makes assembly level debugger and true form level debugger sharing E JTAG/JTAG conversion of signals and processing module; This EJTAG driver adopts the mode of the kernel module that can load: order this module of packing into insmod, with this module of rmmod order unloading; After the EJTAG module is packed linux system into, set up an equipment/dev/ejtag, with the requirement of the AccessPort that meets GDB;

B. pass through function OnDraw () with the different colours reveal codes,

C. if need, download code to target machine by function OnDownload (),

D. as required, by function OnEditBrk (), OnEditMem (), OnEditReg (), OnRestart (), OnSingleStep (), OnRemoveBreakPoint () realize to add breakpoint, obtain and show assigned address

The content of internal memory obtains and shows the value of all registers, restarts CPU, sends the single-step operation order and obtains the value of single-step operation late register, removes the operation of breakpoint,

E. repeat above process by GUI, or withdraw from debugger;

A. order the EJTAG driver module of packing into insmod,

B. realize the debugging operations that need finish by GDB order,

C. repeating step b, or withdraw from GDB,

D. with rmmod order unloading EJTAG driver module;

(5) for the assembly level debugger that runs under the Windows system, the packet that the principal function CallAPI () of debugging request processing module constitutes the parameter and the debugging operations of the debug command that runs in the step (3), utilize function VerifyCommand () and GetFirstChar () that bag is carried out verification and legitimacy check, and then call the EJTAG/JTAG conversion of signals of Callxxx () representative and the CallR () that processing module provides respectively according to the rreturn value of GetFirstChar (), Callg (), CallG (), Callm (), CallM (), Callc (), Calls (), Callz (), CallZ functions such as () returns debug results again;

(6) similarly, for the higher level lanquage level debugger that runs under the linux system, connect debug command that the EJTAG driver module of GDB sends GDB and call the CallR () that EJTAG/JTAG conversion of signals and processing module provide, Callg () respectively, CallG (), Callm (), CallM (), Callc (), Calls (), Callz (), CallZ functions such as () returns debug results again;

(7) for running on the assembly level debugger under the Windows system and running on higher level lanquage level debugger under the linux system, EJTAG/JTAG conversion of signals and processing module that the two is shared provide CallR (), Callg (), CallG (), Callm (), CallM (), Callc (), Calls (), Callz (), the realization of CallZ functions such as (), implementation procedure is used the above-mentioned Pack of comprising (), SetWord (), GetWord (), IsDigit (), the function of SendSignal ();

(8) processing procedure of function C allR ():

B. be that reseting mark position Rocc in the ECR register puts 0 with the EJTAG control register, and EJTAG

Interrupt request position EjtabBrk, virtual memory section dseg (debug segment) significance bit ProbEn and debugging exception vector address control bit ProbTrap all put 1;

C., the value of debugging exception procedure counter (DEBUG Exception Program Counter) DEPC is set;

D. as b, the c implementation is made mistakes (Rocc is changed to 1, and processor is not in the halted state of expection), then returns, and puts error flag;

E. return " ";

(9) processing procedure of function C allg ():

B. obtain the numerical value of 32 general-purpose registers by the Store instruction;

C. by MFC0, the Store instruction obtains the numerical value of 27 cp0 registers;

E. return the content of general-purpose register and cp0 register;

(10) processing procedure of function C allG ():

B. by Load, the MTC0 instruction is provided with the numerical value of 27 cp0 registers;

C., the numerical value of 32 general-purpose registers is set by the Load instruction;

E. return " OK ";

(11) processing procedure of function C allm ():

B. with memory content Load to general-purpose register;

C. obtain the numerical value of general-purpose register by the Store instruction;

E. return memory content;

(12) processing procedure of function C allM ():

B. obtain the numerical value of general-purpose register by the Load instruction;

C. with general-purpose register numerical value Store in internal memory;

D. as b, the c implementation is made mistakes (Rocc is changed to l, and processor is not in the halted state of expection), then returns, and puts error flag;

E. return " OK ";

(13) processing procedure of function C allc ():

B. remove the SSt position in the Debug register;

C., the value of debugging exception procedure counter DEPC is set;

D. insert the DERET instruction;

E. call Callg () and obtain content of registers;

F. as b, c, d, the e implementation is made mistakes (Rocc is changed to 1, and processor is not in the halted state of expection), then returns, and puts error flag;

G. return results;

(14) processing procedure of function C alls ():

B. remove the SSt position in the Debug register;

C., the value of debugging exception procedure counter DEPC is set;

D. insert the DERET instruction;

E. call Callg () and obtain content of registers;

G. return results;

(15) processing procedure of function C allz ():

E. as b, c, the d implementation is made mistakes (Rocc is changed to 1, and processor is not in the halted state of expection), then returns, and puts error flag;

F. return " OK ";

(16) processing procedure of function C allZ ():

C. make mistakes (Rocc is changed to 1, and processor is not in the halted state of expection) as the b implementation, then return, and put error flag;

D. return " OK ";

(17) above-mentioned (8) to (16) described EJTAG/JTAG conversion of signals and processing procedure are converted into corresponding debugging request the sequence of a machine instruction, giving CPU item by item by the TAP interface then carries out, and fetch resultant content, return after packing; According to the control flow of TAP, in debugger process of commands process, the read-write of TAP register is carried out at the Shift-DR/Shift-IR state, and data shift out from TDO in the serial of tck clock negative edge, move into from TDI in the rising edge serial; When writing the TAP register, ignore the data that shift out from TDO, new data moves into from TDI; Preserve the data that shift out from TDO when reading the TAP register,, simultaneously it is moved into from TDI again for returning;

A. the PrAcc position of debugger cycle detection ECR register, if 0, continue to detect; If 1, the expression processor is finished requested operation and is suspended, and changes b;

B. debugger determines next step action according to the state of operation:

C. debugger is the PrAcc position of ECR 0, and the expression debugger is ready, and CPU can continue;

D. change a;

Characteristics of the present invention and effect

(1) the domestic report of not seeing relevant based on the design effort of EJTAG/JTAG debugger

The realization of debugging technique on the sheet (mainly containing JTAG and BDM two class standards) and the design of CPU or other processor chips are indivisible, and the molded tablet debugging device is operated in domestic not appearing in the newspapers voluntarily.Further, only be applicable to the microprocessor of MIPS series architecture based on debugging technique on the sheet of EJTAG, yet the microprocessor research work of carrying out this type of architecture at home has only the THUMP series of Tsing-Hua University and the Godson series of the Computer Department of the Chinese Academy of Science, intersecting debugger based on EJTAG and aiming at that the former is supporting to finish of our development brought into play great role in the debugging of CPU, development board and system software.

(2) processing of debug command and the mutual conversion portion of EJTAG signal run on host

What the present invention proposed utilizes the effective control of software and use the scheme of the EJTAG parts on the target machine to be embodied in: debugger process of commands process all runs on host.

External existing product based on the EJTAG debugger need increase a hard-wired emulator between CPU and host.Figure 17 is the BDI series EJTAG debugger synoptic diagram of Abatron company.Wherein the processing of debug command and the mutual conversion portion of EJTAG signal are hard-wired emulator BDI2000, it is between host debugger and target machine, the function that realizes is the conversion of debugging agreement, just the debugging request of host is converted to the BDM/EJTAG form, send to target machine; The corresponding information of receiving target machine then, the form that converts the requirement of host debugger to returns to the debugger of host.Its price at home of this product is a Renminbi more than 30,000.Compare, in the EJTAG debugger of our design, the processing of debug command and the mutual conversion portion of EJTAG signal are also finished at host, this compares at P/C for the user, adaptability and portable aspect be diverse selection.

(3) good adaptability

According to this scheme, link by the parallel port between host and the target machine, only need 4～5 signal wires.On development board, only need lead receptacle, need not to realize any additional logic, therefore have good adaptability, reduced cost simultaneously.

Compare, in the scheme of Abatron company, increased equipment B DI2000 between host and the target machine.Host is connected to BDI2000 by serial ports or Ethernet; And it is when being connected to target machine, except realizing specific EJTAG lead-in wire logic, also need provide the support that power supply is supplied with for the requirement of development board.

(4) good portability

According to this scheme, the conversion work of debugging agreement is all finished at the host end, supports different target machine systems only need revise a spot of code, obviously is better than existing method based on hardware emulator aspect portable.

Compare, the BDI2000 of Abatron company needs to upgrade firmware when different goal systems is transplanted, and driver and configuration file are also bound simultaneously can change, portable not ideal enough.When this product of investigation, find its CPU that will satisfy us development, need the close fit of Abatron company home office just possible, it is acted on behalf of at home and can't accomplish this step.Just because of this, we just make a decision and have carried out the work of independent research based on the EJTAG debugger.

Description of drawings

Fig. 1. have the CPU of EJTAG function.

Fig. 2. the architecture of debugger.

Fig. 3 .TAP state transition graph.

Fig. 4. assembly level test case figure.

Fig. 5. debugging request processing flow figure.

Fig. 6 .EJTAG/JTAG conversion of signals and processing.

The processing of Fig. 7 .R instruction.

The processing of Fig. 8 .g instruction.

The processing of Fig. 9 .G instruction.

The processing of Figure 10 .m instruction.

The processing of Figure 11 .M instruction.

The processing of Figure 12 .c instruction.

The processing of Figure 13 .s instruction.

The processing of Figure 14 .z instruction.

The processing of Figure 15 .Z instruction.

Figure 16. the driver architecture of source code level debugger.

The BDI series EJTAG debugger synoptic diagram of Figure 17 .Abatron company.

Call relation between each main modular of Figure 18 scheme of the present invention (left side is an assembly level debug process under the Windows environment, and the right side is source class debugging under the Linux environment).

Figure 19. the program circuit of human-computer interface module among Figure 18.

Figure 20. the treatment scheme of OnOpenDocument () function among Figure 19.

Figure 21. the treatment scheme of OnDownload () function among Figure 19.

Figure 22. the treatment scheme of OnDraw () function among Figure 19.

Figure 23. the treatment scheme of OnEditBrk () function among Figure 19.

Figure 24. the treatment scheme of OnEditMem () function among Figure 19.

Figure 25. the treatment scheme of OnEditReg () function among Figure 19.

Figure 26. the treatment scheme of OnRestart () function among Figure 19.

Figure 27. the treatment scheme of OnSingleStep () function among Figure 19.

Figure 28. the treatment scheme of OnRemoveBreakPoint () function among Figure 19.

Figure 29 debugs the call relation between the module of using in the request processing module (function).

The treatment scheme of CallAPI () function among Figure 30 Figure 29.

The treatment scheme of VerifyCommand () function among Figure 31 Figure 29.

The loading and unloading process flow diagram of Figure 32 EJTAG module: a. loads the b. unloading.

Embodiment

Realize according to the present invention based on the architecture of the intersection debugger of EJTAG as shown in Figure 2, wherein solid line boxes is partly represented the main functional modules that realizes voluntarily: the assembly level debugger comprises three: human-computer interface module, debugging request processing module and EJTAG/JTAG conversion of signals and processing module; Higher level lanquage level debugger comprises two: the EJTAG driver module and EJTAG/JTAG conversion of signals and the processing module that connect GDB; Wherein, EJTAG/JTAG conversion of signals and processing module are that the two is shared.

Call relation between each module as shown in figure 18.

Each module functions, principle of work and process are described below respectively:

(1) assembly level debugger human-computer interface module.

The assembly level debugging realizes at the Windows environment, adopts gui interface, processing ease, directly perceived.It provides following operation interface (menu or quick botton): begin to debug/CPU that resets, download code is to target machine, the source code of packing into; Breakpoint is set, deletes breakpoint, checks breakpoint; Single step is carried out, is continued to carry out; Check register, revise register; Check internal memory, revise internal memory etc.It with illustration as shown in Figure 4.

Therefore the address that instruction is arranged in the dis-assembling code can be presented at it on interface according to instruction counter PC (Program Counter) value location current line.This also is the cause that we use dis-assembling code rather than assembly source code to debug, because the assembly source code the inside does not have address information.

(2) debugging request processing module.

The function of debugging request processing module provides application programming interfaces api functions such as breakpoint management, register and internal memory query modification by calling the EJTAG/JTAG conversion of signals and the processing module of lower floor to man-machine interface.It is converted into the packet that meets Remote Serial Protocol agreement to the debugging request of man-machine interface, sends to EJTAG/JTAG conversion of signals and processing module, receives its response then, thereby finishes function corresponding.The treatment scheme of its each function is all similar, as shown in Figure 5.

(3) EJTAG/JTAG conversion of signals and processing module.

With shown in the lower part, this module functions comprises as the dotted line of Fig. 6: read-write CPU register, read-write target machine internal memory and read-write TAP register.

Man-machine interface and debug function processing module are as shown in table 2 to the debug command form of EJATAG conversion of signals and processing module transmission.Utilize EJTAG TAP interface realize 9 orders of debugger (R, g, G, m, M, c, s, z, treatment scheme Z) is seen Fig. 7, Fig. 8, Fig. 9, Figure 10, Figure 11, Figure 12, Figure 13, Figure 14, Figure 15 respectively; Respectively corresponding 9 function module CallR, Callg, CallG, Callm, CallM, Callc, Calls, Callz and CallZ; The code name E02 that makes mistakes represents to make mistakes in the implementation, and the format error of code name E03 presentation directives makes mistakes.

(4) the EJTAG driver module of connection GDB.The front end of higher level lanquage level debugger adopts GDB, and the rear end is by driver and EJTAG/JTAG conversion of signals and processing module interface.The EJTAG driver adopts the mode of the kernel module (loadable kernel module) that can load.When needs EJTAG debugs, order this module of packing into insmod, after not needing, available this module of rmmod order unloading, conserve system resources.The EJTAG module is packed into after the linux system, sets up an equipment/dev/ejtag, and it meets the requirement of the AccessPort of GDB.

The groundwork that achieves a butt joint comprises: the interface of (1) driver and operating system; (2) meet the interface of GDB remote debugging requirement.The architecture of its driver as shown in figure 16.

Table 2 is to the debug command form of EJATAG conversion of signals and processing module transmission

Function	Command
Function	Command	Read All regs	G
Write all regs	(xx represents all general-purpose register contents to Gxx, presses the register number incremental order and arranges.Each 32 bit register accounts for 4 bytes, presses from a high position to the low level series arrangement.Attention: xx altogether 4 ^*Num byte.)	Read All regs	G
Write all regs		Read Memory	Maddr, length (addr represents start address, and length represents length, is unit with the byte, and these two values all should be 4 integral multiples)
Write Memory	Maddr, (addr represents start address to length:xx, and length represents length, is unit with the byte, and these two values all should be 4 integral multiples, and xx altogether 4 ^*Length byte)	Read Memory
Write Memory		Restart	Raddr (addr represents the start address of having no progeny among the CPU and carrying out, and should be 4 integral multiple)
Continue continues	Caddr (continue the start address of execution behind the addr representative removing single step sign, should be 4 integral multiple, also can default to sky, expression continues execution from the current address)	Restart
Continue continues		The Step single step	Saddr (start address that addr representative beginning single step is carried out should be 4 integral multiple, also can default to sky, and expression begins single step and carries out from the current address)
Insert breakpoint	Ztype, addr, length (type:0-〉instruction breakpoint #1 1-〉instruction breakpoint #2 2-〉data breakpoint writes internal memory 3-〉data breakpoint rdma read 4-〉to establish a certain address realm be breakpoint to this instruction expression of data breakpoint read/write memory, addr represents start address, length represents scope length, and both all should be 4 integral multiple)	The Step single step
Insert breakpoint		Remove breakpoint	Ztype, addr, length (type:0-〉instruction breakpoint #1 1-〉instruction breakpoint #2 2-〉data breakpoint writes internal memory 3-〉data breakpoint rdma read 4-〉breakpoint of a certain address realm of this instruction expression cancellation of data breakpoint read/write memory, addr represents start address, length represents scope length, and both all should be 4 integral multiple)

The structure and the detailed design of each module are as follows:

(1) assembly level debugger man-machine interface

Described program execution flow among Figure 19, at first read the compilation source code, again by void CDebuggerView ∷ OnDraw (CDC by BOOL CdebuggerDoc ∷ OnOpenDocument (LPCTSTR lpszPathName) ^*PDC) source code is shown by certain format, realize various debug functioies by other functions then.Each module (function) is respectively described below:

Module (function) illustrates: BOOL CDebuggerDoc ∷ OnOpenDocument (LPCTSTR lpszPathName)

Functional description: the source code that will collect reads in internal memory, does certain processing, and sets the value of following variable:

Int m_LineCount; The length of the every line code of // storage

Char ^*M_charbuffer[MAXLINE]; // storage code

Int m_currentLine[MAXLINE]; // current line flag, 1 be expressed as current

// OK, the non-current line of 0 expression

Int m_breakPoint[MAXLINE]; // breakpoint table, store breakpoint information, 0 table

// show no breakpoint, non-0 expression has breakpoint, respective digital to be the breakpoint type

int?m_codeLine[MAXLINE]；。// code line flag, 1 is expressed as code line,

// 0 expression non-code line (note etc.)

Parameter list: LPCTSTR lpszPathName: the pointer that points to assembling file

Rreturn value: return true during normal termination, otherwise return false

Treatment scheme: see Figure 20

Error message: TRUE---reads file success FALSE----and reads the file failure

Module (function) name: void CDebuggerView ∷ OnDownload ()

Functional description: obtain the content of assigned address internal memory, and with its demonstration

Treatment scheme: see Figure 21

Module (function) illustrates: void CDebuggerView ∷ OnDraw (CDC ^*PDC)

Functional description: reveal codes, and according to whether current line, note whether, condition such as breakpoint shows different colors

Parameter list: CDC ^*PDC: the pointer that points to current view class

Treatment scheme: see Figure 22

Module (function) illustrates: void CDebuggerView ∷ OnEditBrk ()

Functional description: add breakpoint, send break-poing instruction to interface

Treatment scheme: see Figure 23

Module (function) name: void CDebuggerView ∷ OnEditMem ()

Treatment scheme: see Figure 24

Module (function) name: void CDebuggerView ∷ OnEditReg ()

Functional description: obtain the value of all registers, and with its demonstration

Treatment scheme: see Figure 25

Module (function) name: void CDebuggerView ∷ OnRestart ()

Functional description: send instruction of restarting, restart CPU

Treatment scheme: see Figure 26

Module (function) name: void CDebuggerView ∷ OnSingleStep ()

Functional description: single-step operation sends the single step order, and obtains the value of single-step operation late register.

Treatment scheme: see Figure 27

Remarks: this function flow process more complicated is that the ardware feature by target machine is caused.In the EJTAG standard

In, if current line has breakpoint, under the condition that breakpoint is not removed, all continue the finger of program

Make (comprising single step, continue etc.) all can't move, so before carrying out single step, increase

Remove the step of breakpoint.And in the custom of normal service routine, should be still after breakpoint moved

The right existence, rather than disappear, so after single step, in the original place breakpoint is added again, to meet people

Use habit.

Module (function) name: void CDebuggerView ∷ OnRemoveBreakPoint ()

Functional description: remove breakpoint

Treatment scheme: see Figure 28

(2) debugging request processing module.

Figure 29 is the call relation between the module of using in the debugging request processing module (function).Wherein: Callxxx () represents CallR (), Callg (), CallG (), Callm (), CallM (), Callc (), Calls (), Callz (), 9 functions of CallZ (), roughly similar because of its implementation, call function identical (referring to EJTAG/JTAG conversion of signals and processing module) is so writing Callxxx () is convenient to express.The treatment scheme of Callxxx () illustrates in EJTAG/JTAG conversion of signals and processing module.Other module (function) comprises that the module (function) that Callxxx () uses is respectively described below:

Module (C function) name: char ^*CallAPI (char ^*Command)

Functional description: carry out the debug command of transmitting from man-machine interface by EJTAG TAP interface,

Execution result is returned to man-machine interface

Parameter list: command: from the debug command of man-machine interface acceptance

Rreturn value: the debug results that returns to man-machine interface

Treatment scheme: see Figure 30

The instruction that the damaged E01----of error message: E00----instruction bag can't discern

Module (C function) name: int VerifyCommand (char ^*﹠amp; Command)

Functional description: whether checking instruction bag is legal, and extracts useful part from the instruction bag

Parameter list: command: instruction bag, after VerifyCommand () finished, packet header bag tail was removed (as, instruction bag

$Rbfc00000#? behind VerifyCommand (), become Rbfc00000)

Rreturn value: 0

Treatment scheme: see Figure 31

Treatment scheme:

Error message :-1 presentation directives bag is illegal

Module (C function) name: char GetFirstChar (char ^*﹠amp; Command)

Functional description: first character that takes out instruction

Parameter list: command: instruction, after GetFirstChar () finished, first character was removed (as, instruction

Rbfc00000 becomes bfc00000 behind GetFirstChar ())

First character of rreturn value: command

Module (C function) name: char ^*StrFreeCpy (char ^*S, int first, int length)

Functional description: duplicate string s and begin the substring that length is length, and return from first

Parameter list: s: character string, first: integer, length: integer

Rreturn value: string s begins the substring that length is length from first

Module (C function) name: int IsDigit (char c)

Functional description: judge whether a character represents a hexadecimal digit

Parameter list: c: character to be judged

Rreturn value: 1

Hexadecimal digit do not represented in this character of error message: 0----

Module (C function) name: char ^*Pack (char ^*Content)

Functional description: the packing function, acquire packet header bag tail for the content of bag, the form of bag is deferred to Remote Serial Protocol;

(when the generation Command of CdebuggerView class function, also using)

Parameter list: content: the content of bag

Rreturn value: the content after the packing

Module (C function) name: int GetWord (int IR)

Functional description: the value that obtains 32 EJTAG registers by EJTAG TAP interface

Parameter list: the IR of IR:EJTAG register correspondence

Rreturn value: the value of register

Treatment scheme: the signalization form is deposited in the character array, sends to EJTAG TAP from the parallel port by SendSignal () function

Interface

Module (C function) name: int SetWord (int IR)

Functional description: the value that obtains 32 EJTAG registers by the EJTAGTAP interface

Parameter list: the IR of IR:EJTAG register correspondence

Rreturn value: 0

Interface

Module (C function) name: int SendSignal (int lenOfSignal, char ^*Signal)

Functional description: send signal to EJTAG TAP interface and accept feedback by the parallel port

Parameter list: the IR of IR:EJTAG register correspondence

Rreturn value: 0

Treatment scheme: EJTAG TAP interface value of feedback

Annotate: the rreturn value of instruction execution result and error message is all packed through pack () function before returning man-machine interface

(3) EJTAG/JTAG conversion of signals and processing module.

9 orders need handling (R, g, G, m, M, c, s, z, treatment scheme Z) is seen Fig. 7, Fig. 8, Fig. 9, Figure 10, Figure 11, Figure 12, Figure 13, Figure 14, Figure 15 respectively; Respectively corresponding 9 function module CallR, Callg, CallG, Callm, CallM, Callc, Calls, Callz and CallZ; Corresponding function interface definition is respectively:

Module (C function) name: char ^*CallR (char ^*Command)

Functional description: carry out the R instruction, return results

Parameter list: command: instruction (not comprising first character)

Rreturn value: run succeeded----is returned " "

Treatment scheme: see Fig. 7

Error message: the E03----order format of makeing mistakes in E02----implementation mistake

Module (C function) name: char ^*Callg (char ^*Command)

Functional description: carry out the g instruction, return results

Parameter list: command: instruction (not comprising first character)

Rreturn value: content of registers (general-purpose register and cp0)

Treatment scheme: see Fig. 8

Module (C function) name: char ^*CallG (char ^*Command)

Functional description: carry out the G instruction, return results

Parameter list: command: instruction (not comprising first character)

Rreturn value: OK

Treatment scheme: see Fig. 9

Module (C function) name: char ^*Callm (char ^*Command)

Functional description: carry out the m instruction, return results

Parameter list: command: instruction (not comprising first character)

Rreturn value: OK

Treatment scheme: see Figure 10

Module (C function) name: char ^*CallM (char ^*Command)

Functional description: carry out the M instruction, return results

Parameter list: command: instruction (not comprising first character)

Rreturn value: OK

Treatment scheme: see Figure 11

Module (C function) name: char ^*Callc (char ^*Command)

Functional description: carry out the c instruction, return results

Parameter list: command: instruction (not comprising first character)

Rreturn value: referring to table 2

Treatment scheme: see Figure 12

Module (C function) name: char ^*Calls (char ^*Command)

Functional description: carry out the s instruction, return results

Parameter list: command: instruction (not comprising first character)

Rreturn value: referring to table 2

Treatment scheme: see Figure 13

Module (C function) name: char ^*Callz (char ^*Command)

Functional description: carry out the z instruction, return results

Parameter list: command: instruction (not comprising first character)

Rreturn value: OK

Treatment scheme: see Figure 14

Module (C function) name: char ^*CallZ (char ^*Command)

Functional description: carry out the Z instruction, return results

Parameter list: command: instruction (not comprising first character)

Rreturn value: OK

Treatment scheme: see Figure 15

(4) the EJTAG driver module of connection GDB.

Driver has been realized beginning debugging, has finished debugging, has sent the debugging request, has been read four functions of debugging response, and its processing procedure is as follows:

(a) begin debugging:

To Linux Kernel application I/O address scope

The reset object machine

Read Hardware Breakpoint, software breakpoint quantity that CPU realizes

(b) finish debugging:

Discharge the I/O address scope

(c) send the debugging request:

Verification, analysis debugging request

Handle the debugging request

The result who handles puts into result buffer

(d) read the debugging response:

Whether loop test has the result

If (existing result)

Read result from result buffer

The interface of driver and operating system is exactly the loading and unloading of EJTAG module, shown in figure 32.

Claims

1. the intersection debugger implementation method of the EJTAG parts on the based target machine, it is characterized in that: the processing procedure of debug command is all to move on host's PC, and this processing procedure comprises following steps:

TRST ^*Be test reset signal, this signal is optional signal;

(2) on the storer of host's PC, set up with lower module:

Store the length of every line code,

Storage code,

OnDraw (): with the different colours reveal codes;

OnEditBrk (): add breakpoint, send break-poing instruction to interface;

OnEditReg (): the value that obtains and show all registers;

OnRestart (): send instruction of restarting, restart CPU;

OnRemoveBreakPoint (): remove breakpoint;

The g order: read all registers,

The G order: write all registers,

The m order: memory read,

The z order: insert breakpoint, setting a certain address realm is breakpoint,

GetFirstChar (): extract first character of instruction,

StrFreeCpy (): copy a string;

CallR (): carry out the R order, return results,

Callg (): carry out the g order, return results,

CallG (): carry out the G order, return results,

Callm (): carry out the m order, return results,

CallM (): carry out the M order, return results,

Callc (): carry out the c order, return results,

Calls (): carry out the s order, return results,

Callz (): carry out the z order, return results,

CallZ (): carry out the Z order, return results;

The realization of these interface functions has been used as minor function:

The d.EJTAG driver module has been realized beginning debugging, has finished debugging, has sent the debugging request, has been read four functions of debugging response; The exchange of the debug command of carrying out between it and above-mentioned EJTAG/JTAG conversion of signals and the processing module is the RSP protocol format that adopts GDB, so assembly level debugger and higher level lanquage level debugger sharing E JTAG/JTAG conversion of signals and processing module; This EJTAG driver adopts the mode of the kernel module that can load: order this module of packing into insmod, with this module of rmmod order unloading; After the EJTAG module is packed linux system into, set up device file/dev/eitag that an AccessPort that meets GDB requires;

B. pass through function OnDraw () with the different colours reveal codes,

C. if need, download code to target machine by function OnDownload (),

A. order the EJTAG driver module of packing into insmod,

B. realize the debugging operations that need finish by GDB order,

C. withdraw from GDB after executing debugging operations,

D. with rmmod order unloading EJTAG driver module;

(8) processing procedure of function C allR ():

E. return;

(9) processing procedure of function C allg ():

E. return the content of general-purpose register and cp0 register;

(10) processing procedure of function C allG ():

E. return " OK ";

(11) processing procedure of function C allm ():

B. memory content is encased in general-purpose register;

E. return memory content;

(12) processing procedure of function C allM ():

E. return " OK ";

(13) processing procedure of function C allc ():

B. remove the SSt position in the Debug register;

C., the value of debugging exception procedure counter DEPC is set;

D. MIPS DERET instruction is inserted the DATA register of TAP;

E. call Callg () and obtain content of registers;

G. return results;

(14) processing procedure of function C alls ():

B. remove the SSt position in the Debug register;

C., the value of debugging exception procedure counter DEPC is set;

D. MIPS DERET instruction is inserted the data register of TAP;

E. call Callg () and obtain content of registers;

G. return results;

(15) processing procedure of function C allz ():

F. return " OK ";

(16) processing procedure of function C allZ ():

D. return " OK ";

B. debugger determines next step action according to the state of operation:

D. change a;