This is an AVR emulator. It is a work in progress, but it tries to faithfully emulate some basic AVR-like machines. Most instructions are implemented.
Notably absent are SPM
— store to program memory and the debugging or
interrupt-reliant SLEEP
, WDR
and BREAK
. No off-CPU hardware is supported
at all yet — no external interrupts, no AES module, etc.
avr-emu has 2 knobs at this time. One may select a 16-bit or 22-bit Program
Counter, and one may limit the addressable memory to 64 kiB or 256 bytes. They
are not exposed in any meaningful way to users at this time; just the C
variables pc22
, pc_mem_max_64k
, and pc_mem_max_256b
.
Several AVR emulators exist. The ones I discovered are IMAVR, GNU AVR, SimulAVR, and simavr. IMAVR has unclear licensing and poor code quality. GNU AVR is fairly old GUI simulator. It's not clear it would work well for my purposes. simavr is a much newer project, started in 2009-2010; unfortunately it is GPLv3 and seems to have constant bugs (evidenced by the Github issues list). Simulavr is an older project, but has also seen recent work (as recently as 2014). Simulavr is GPLv2+ and does not seem to support larger (>16-bit addressing) AVR devices.
You will need glib
and its development files (specifically, package config
.pc
files) installed. On Fedora, you can install these with yum install glib2 glib2-devel
. On Ubuntu, use apt-get install libglib2.0-0 libglib2.0-dev
. You will also need OpenSSL for DES instruction support.
make
will build the emulator, avr-emu
.
This is not packaged for installation at this time. Patches welcome.
Invoke avr-emu <romfile>
.
Use the -t=TRACE_FILE
option to avr-emu
to log a binary trace of all
instructions executed to TRACE_FILE
. Use the -x
flag to dump in hex format
instead of binary.
avr-gdb is gdb
targetted at remote debugging AVR binaries.
On Fedora Linux or FreeBSD, simply install avr-gdb
.
Invoke avr-emu -g <romfile>
to wait for GDB on startup. The emulator binds
TCP port 3713 and waits for the first client to connect. Use avr-gdb
from
another terminal to connect with:
avr-gdb -ex 'target remote localhost:3713'
Supported commands are:
- reading/writing registers
- reading/writing memory (WIP)
- (instruction) stepping, reverse-stepping
- breakpoints, continue (WIP)
TODO:
- Memory watchpoints
- reverse-continue
In gdb, you can use reverse-stepi
(or rsi
for short) to step backwards.
See https://github.com/cemeyer/msp430-emu-uctf#gdb-reverse-debugging for a short example of the mechanism.
cemeyer/avr-emu is released under the terms of the MIT license. See LICENSE. Basically, do what you will with it.
Try it out! Let me know what you don't like; send me patches, or file issues. I can't promise I'll fix anything quickly, but I'd rather know what's wrong.
Style: The C sources attempt to follow BSD's style(9). Style fix patches are welcome.
Most of the emulator lives in main.c
; instruction implementations are in
instr.c
. Most of the GDB remote stub lives in gdbstub.c
. There are
instruction emulation unit tests in check_instr.c
.
If you submit a patch, please add new check tests to an appropriate check_*.c
file and ensure existing tests pass (make checkrun
). Building and running the
check unit tests requires the check
(Fedora) or libcheck
(FreeBSD) package.