From: Ulrich Hecht <uli@suse.de>
To: qemu-devel@nongnu.org
Subject: [Qemu-devel] [PATCH] ARM7TDMI emulation
Date: Mon, 2 Jul 2007 15:27:54 +0200 [thread overview]
Message-ID: <200707021527.54435.uli@suse.de> (raw)
[-- Attachment #1: Type: text/plain, Size: 204 bytes --]
Hi!
This patch adds ARM7TDMI emulation with Thumb v1 (no BLX, no BKPT, ignore
bit 0 on POP PC) and without CP15.
CU
Uli
--
SUSE LINUX Products GmbH, GF: Markus Rex, HRB 16746 (AG Nürnberg)
[-- Attachment #2: qemu-arm7tdmi.patch --]
[-- Type: text/x-diff, Size: 4341 bytes --]
Index: cpu.h
===================================================================
RCS file: /sources/qemu/qemu/target-arm/cpu.h,v
retrieving revision 1.28
diff -u -r1.28 cpu.h
--- cpu.h 24 Jun 2007 12:09:48 -0000 1.28
+++ cpu.h 2 Jul 2007 13:16:12 -0000
@@ -247,7 +247,9 @@
ARM_FEATURE_AUXCR, /* ARM1026 Auxiliary control register. */
ARM_FEATURE_XSCALE, /* Intel XScale extensions. */
ARM_FEATURE_IWMMXT, /* Intel iwMMXt extension. */
- ARM_FEATURE_MPU /* Only has Memory Protection Unit, not full MMU. */
+ ARM_FEATURE_MPU, /* Only has Memory Protection Unit, not full MMU. */
+ ARM_FEATURE_THUMB1, /* Thumb v1 (ARM v4 with Thumb) */
+ ARM_FEATURE_NO_CP15 /* ARM7TDMI, ARM7TDMI-S, ARM7EJ-S, and ARM9TDMI cores do not have a CP15 */
};
static inline int arm_feature(CPUARMState *env, int feature)
@@ -262,6 +264,7 @@
ARMReadCPFunc *cp_read, ARMWriteCPFunc *cp_write,
void *opaque);
+#define ARM_CPUID_ARM7TDMI 0x41807000 /* guess; no CP15 on ARM7TDMI */
#define ARM_CPUID_ARM1026 0x4106a262
#define ARM_CPUID_ARM926 0x41069265
#define ARM_CPUID_ARM946 0x41059461
Index: helper.c
===================================================================
RCS file: /sources/qemu/qemu/target-arm/helper.c,v
retrieving revision 1.17
diff -u -r1.17 helper.c
--- helper.c 24 Jun 2007 12:09:48 -0000 1.17
+++ helper.c 2 Jul 2007 13:16:12 -0000
@@ -14,6 +14,11 @@
{
env->cp15.c0_cpuid = id;
switch (id) {
+ case ARM_CPUID_ARM7TDMI:
+ set_feature(env, ARM_FEATURE_THUMB1);
+ set_feature(env, ARM_FEATURE_NO_CP15);
+ /* no CP15 here */
+ break;
case ARM_CPUID_ARM926:
set_feature(env, ARM_FEATURE_VFP);
env->vfp.xregs[ARM_VFP_FPSID] = 0x41011090;
@@ -98,6 +103,7 @@
};
static const struct arm_cpu_t arm_cpu_names[] = {
+ { ARM_CPUID_ARM7TDMI, "arm7tdmi"},
{ ARM_CPUID_ARM926, "arm926"},
{ ARM_CPUID_ARM946, "arm946"},
{ ARM_CPUID_ARM1026, "arm1026"},
Index: translate.c
===================================================================
RCS file: /sources/qemu/qemu/target-arm/translate.c,v
retrieving revision 1.53
diff -u -r1.53 translate.c
--- translate.c 11 Jun 2007 18:59:35 -0000 1.53
+++ translate.c 2 Jul 2007 13:16:13 -0000
@@ -1589,7 +1589,7 @@
uint32_t rd;
/* ??? Some cp15 registers are accessible from userspace. */
- if (IS_USER(s)) {
+ if (IS_USER(s) || arm_feature(env, ARM_FEATURE_NO_CP15)) {
return 1;
}
if ((insn & 0x0fff0fff) == 0x0e070f90
@@ -2958,7 +2958,7 @@
}
}
-static void disas_thumb_insn(DisasContext *s)
+static void disas_thumb_insn(CPUState *env, DisasContext *s)
{
uint32_t val, insn, op, rm, rn, rd, shift, cond;
int32_t offset;
@@ -3058,6 +3058,7 @@
break;
case 3:/* branch [and link] exchange thumb register */
if (insn & (1 << 7)) {
+ if(arm_feature(env, ARM_FEATURE_THUMB1)) goto undef;
val = (uint32_t)s->pc | 1;
gen_op_movl_T1_im(val);
gen_movl_reg_T1(s, 14);
@@ -3367,11 +3368,16 @@
/* write back the new stack pointer */
gen_movl_reg_T1(s, 13);
/* set the new PC value */
- if ((insn & 0x0900) == 0x0900)
- gen_bx(s);
+ if ((insn & 0x0900) == 0x0900) {
+ if(arm_feature(env, ARM_FEATURE_THUMB1))
+ gen_movl_reg_T0(s, 15);
+ else
+ gen_bx(s);
+ }
break;
case 0xe: /* bkpt */
+ if(arm_feature(env, ARM_FEATURE_THUMB1)) goto undef;
gen_op_movl_T0_im((long)s->pc - 2);
gen_op_movl_reg_TN[0][15]();
gen_op_bkpt();
@@ -3442,6 +3448,7 @@
/* unconditional branch */
if (insn & (1 << 11)) {
/* Second half of blx. */
+ if(arm_feature(env, ARM_FEATURE_THUMB1)) goto undef;
offset = ((insn & 0x7ff) << 1);
gen_movl_T0_reg(s, 14);
gen_op_movl_T1_im(offset);
@@ -3571,7 +3578,7 @@
}
if (env->thumb)
- disas_thumb_insn(dc);
+ disas_thumb_insn(env, dc);
else
disas_arm_insn(env, dc);
next reply other threads:[~2007-07-02 13:27 UTC|newest]
Thread overview: 13+ messages / expand[flat|nested] mbox.gz Atom feed top
2007-07-02 13:27 Ulrich Hecht [this message]
2007-07-02 13:40 ` [Qemu-devel] [PATCH] ARM7TDMI emulation Paul Brook
2007-07-02 16:14 ` Ulrich Hecht
2007-07-03 14:45 ` Ulrich Hecht
2009-06-15 19:11 ` Filip Navara
2009-06-16 17:25 ` Paul Brook
2009-06-16 19:02 ` Jamie Lokier
2009-06-16 19:05 ` Paul Brook
2009-06-16 20:49 ` Filip Navara
2009-06-16 21:47 ` Filip Navara
2009-06-17 9:55 ` Filip Navara
2009-06-17 10:24 ` Filip Navara
-- strict thread matches above, loose matches on Subject: below --
2009-07-15 12:08 Filip Navara
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=200707021527.54435.uli@suse.de \
--to=uli@suse.de \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).