search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
block: Fix typo in comment
[qemu/ar7.git] / target-arm / translate.c
blob940ec8d981d1cf19682df0871696ec47f708334e
1 /*
2 * ARM translation
3 *
4 * Copyright (c) 2003 Fabrice Bellard
5 * Copyright (c) 2005-2007 CodeSourcery
6 * Copyright (c) 2007 OpenedHand, Ltd.
7 *
8 * This library is free software; you can redistribute it and/or
9 * modify it under the terms of the GNU Lesser General Public
10 * License as published by the Free Software Foundation; either
11 * version 2 of the License, or (at your option) any later version.
12 *
13 * This library is distributed in the hope that it will be useful,
14 * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 * Lesser General Public License for more details.
17 *
18 * You should have received a copy of the GNU Lesser General Public
19 * License along with this library; if not, see <http://www.gnu.org/licenses/>.
20 */
21 #include "qemu/osdep.h"
22
23 #include "cpu.h"
24 #include "internals.h"
25 #include "disas/disas.h"
26 #include "tcg-op.h"
27 #include "qemu/log.h"
28 #include "qemu/bitops.h"
29 #include "arm_ldst.h"
30
31 #include "exec/helper-proto.h"
32 #include "exec/helper-gen.h"
33
34 #include "trace-tcg.h"
35 #include "exec/log.h"
36
37
38 #define ENABLE_ARCH_4T arm_dc_feature(s, ARM_FEATURE_V4T)
39 #define ENABLE_ARCH_5 arm_dc_feature(s, ARM_FEATURE_V5)
40 /* currently all emulated v5 cores are also v5TE, so don't bother */
41 #define ENABLE_ARCH_5TE arm_dc_feature(s, ARM_FEATURE_V5)
42 #define ENABLE_ARCH_5J 0
43 #define ENABLE_ARCH_6 arm_dc_feature(s, ARM_FEATURE_V6)
44 #define ENABLE_ARCH_6K arm_dc_feature(s, ARM_FEATURE_V6K)
45 #define ENABLE_ARCH_6T2 arm_dc_feature(s, ARM_FEATURE_THUMB2)
46 #define ENABLE_ARCH_7 arm_dc_feature(s, ARM_FEATURE_V7)
47 #define ENABLE_ARCH_8 arm_dc_feature(s, ARM_FEATURE_V8)
48
49 #define ARCH(x) do { if (!ENABLE_ARCH_##x) goto illegal_op; } while(0)
50
51 #include "translate.h"
52
53 #if defined(CONFIG_USER_ONLY)
54 #define IS_USER(s) 1
55 #else
56 #define IS_USER(s) (s->user)
57 #endif
58
59 TCGv_env cpu_env;
60 /* We reuse the same 64-bit temporaries for efficiency. */
61 static TCGv_i64 cpu_V0, cpu_V1, cpu_M0;
62 static TCGv_i32 cpu_R[16];
63 TCGv_i32 cpu_CF, cpu_NF, cpu_VF, cpu_ZF;
64 TCGv_i64 cpu_exclusive_addr;
65 TCGv_i64 cpu_exclusive_val;
66 #ifdef CONFIG_USER_ONLY
67 TCGv_i64 cpu_exclusive_test;
68 TCGv_i32 cpu_exclusive_info;
69 #endif
70
71 /* FIXME: These should be removed. */
72 static TCGv_i32 cpu_F0s, cpu_F1s;
73 static TCGv_i64 cpu_F0d, cpu_F1d;
74
75 #include "exec/gen-icount.h"
76
77 static const char *regnames[] =
78 { "r0", "r1", "r2", "r3", "r4", "r5", "r6", "r7",
79 "r8", "r9", "r10", "r11", "r12", "r13", "r14", "pc" };
80
81 /* initialize TCG globals. */
82 void arm_translate_init(void)
83 {
84 int i;
85
86 cpu_env = tcg_global_reg_new_ptr(TCG_AREG0, "env");
87
88 for (i = 0; i < 16; i++) {
89 cpu_R[i] = tcg_global_mem_new_i32(cpu_env,
90 offsetof(CPUARMState, regs[i]),
91 regnames[i]);
92 }
93 cpu_CF = tcg_global_mem_new_i32(cpu_env, offsetof(CPUARMState, CF), "CF");
94 cpu_NF = tcg_global_mem_new_i32(cpu_env, offsetof(CPUARMState, NF), "NF");
95 cpu_VF = tcg_global_mem_new_i32(cpu_env, offsetof(CPUARMState, VF), "VF");
96 cpu_ZF = tcg_global_mem_new_i32(cpu_env, offsetof(CPUARMState, ZF), "ZF");
97
98 cpu_exclusive_addr = tcg_global_mem_new_i64(cpu_env,
99 offsetof(CPUARMState, exclusive_addr), "exclusive_addr");
100 cpu_exclusive_val = tcg_global_mem_new_i64(cpu_env,
101 offsetof(CPUARMState, exclusive_val), "exclusive_val");
102 #ifdef CONFIG_USER_ONLY
103 cpu_exclusive_test = tcg_global_mem_new_i64(cpu_env,
104 offsetof(CPUARMState, exclusive_test), "exclusive_test");
105 cpu_exclusive_info = tcg_global_mem_new_i32(cpu_env,
106 offsetof(CPUARMState, exclusive_info), "exclusive_info");
107 #endif
108
109 a64_translate_init();
110 }
111
112 static inline ARMMMUIdx get_a32_user_mem_index(DisasContext *s)
113 {
114 /* Return the mmu_idx to use for A32/T32 "unprivileged load/store"
115 * insns:
116 * if PL2, UNPREDICTABLE (we choose to implement as if PL0)
117 * otherwise, access as if at PL0.
118 */
119 switch (s->mmu_idx) {
120 case ARMMMUIdx_S1E2: /* this one is UNPREDICTABLE */
121 case ARMMMUIdx_S12NSE0:
122 case ARMMMUIdx_S12NSE1:
123 return ARMMMUIdx_S12NSE0;
124 case ARMMMUIdx_S1E3:
125 case ARMMMUIdx_S1SE0:
126 case ARMMMUIdx_S1SE1:
127 return ARMMMUIdx_S1SE0;
128 case ARMMMUIdx_S2NS:
129 default:
130 g_assert_not_reached();
131 }
132 }
133
134 static inline TCGv_i32 load_cpu_offset(int offset)
135 {
136 TCGv_i32 tmp = tcg_temp_new_i32();
137 tcg_gen_ld_i32(tmp, cpu_env, offset);
138 return tmp;
139 }
140
141 #define load_cpu_field(name) load_cpu_offset(offsetof(CPUARMState, name))
142
143 static inline void store_cpu_offset(TCGv_i32 var, int offset)
144 {
145 tcg_gen_st_i32(var, cpu_env, offset);
146 tcg_temp_free_i32(var);
147 }
148
149 #define store_cpu_field(var, name) \
150 store_cpu_offset(var, offsetof(CPUARMState, name))
151
152 /* Set a variable to the value of a CPU register. */
153 static void load_reg_var(DisasContext *s, TCGv_i32 var, int reg)
154 {
155 if (reg == 15) {
156 uint32_t addr;
157 /* normally, since we updated PC, we need only to add one insn */
158 if (s->thumb)
159 addr = (long)s->pc + 2;
160 else
161 addr = (long)s->pc + 4;
162 tcg_gen_movi_i32(var, addr);
163 } else {
164 tcg_gen_mov_i32(var, cpu_R[reg]);
165 }
166 }
167
168 /* Create a new temporary and set it to the value of a CPU register. */
169 static inline TCGv_i32 load_reg(DisasContext *s, int reg)
170 {
171 TCGv_i32 tmp = tcg_temp_new_i32();
172 load_reg_var(s, tmp, reg);
173 return tmp;
174 }
175
176 /* Set a CPU register. The source must be a temporary and will be
177 marked as dead. */
178 static void store_reg(DisasContext *s, int reg, TCGv_i32 var)
179 {
180 if (reg == 15) {
181 tcg_gen_andi_i32(var, var, ~1);
182 s->is_jmp = DISAS_JUMP;
183 }
184 tcg_gen_mov_i32(cpu_R[reg], var);
185 tcg_temp_free_i32(var);
186 }
187
188 /* Value extensions. */
189 #define gen_uxtb(var) tcg_gen_ext8u_i32(var, var)
190 #define gen_uxth(var) tcg_gen_ext16u_i32(var, var)
191 #define gen_sxtb(var) tcg_gen_ext8s_i32(var, var)
192 #define gen_sxth(var) tcg_gen_ext16s_i32(var, var)
193
194 #define gen_sxtb16(var) gen_helper_sxtb16(var, var)
195 #define gen_uxtb16(var) gen_helper_uxtb16(var, var)
196
197
198 static inline void gen_set_cpsr(TCGv_i32 var, uint32_t mask)
199 {
200 TCGv_i32 tmp_mask = tcg_const_i32(mask);
201 gen_helper_cpsr_write(cpu_env, var, tmp_mask);
202 tcg_temp_free_i32(tmp_mask);
203 }
204 /* Set NZCV flags from the high 4 bits of var. */
205 #define gen_set_nzcv(var) gen_set_cpsr(var, CPSR_NZCV)
206
207 static void gen_exception_internal(int excp)
208 {
209 TCGv_i32 tcg_excp = tcg_const_i32(excp);
210
211 assert(excp_is_internal(excp));
212 gen_helper_exception_internal(cpu_env, tcg_excp);
213 tcg_temp_free_i32(tcg_excp);
214 }
215
216 static void gen_exception(int excp, uint32_t syndrome, uint32_t target_el)
217 {
218 TCGv_i32 tcg_excp = tcg_const_i32(excp);
219 TCGv_i32 tcg_syn = tcg_const_i32(syndrome);
220 TCGv_i32 tcg_el = tcg_const_i32(target_el);
221
222 gen_helper_exception_with_syndrome(cpu_env, tcg_excp,
223 tcg_syn, tcg_el);
224
225 tcg_temp_free_i32(tcg_el);
226 tcg_temp_free_i32(tcg_syn);
227 tcg_temp_free_i32(tcg_excp);
228 }
229
230 static void gen_ss_advance(DisasContext *s)
231 {
232 /* If the singlestep state is Active-not-pending, advance to
233 * Active-pending.
234 */
235 if (s->ss_active) {
236 s->pstate_ss = 0;
237 gen_helper_clear_pstate_ss(cpu_env);
238 }
239 }
240
241 static void gen_step_complete_exception(DisasContext *s)
242 {
243 /* We just completed step of an insn. Move from Active-not-pending
244 * to Active-pending, and then also take the swstep exception.
245 * This corresponds to making the (IMPDEF) choice to prioritize
246 * swstep exceptions over asynchronous exceptions taken to an exception
247 * level where debug is disabled. This choice has the advantage that
248 * we do not need to maintain internal state corresponding to the
249 * ISV/EX syndrome bits between completion of the step and generation
250 * of the exception, and our syndrome information is always correct.
251 */
252 gen_ss_advance(s);
253 gen_exception(EXCP_UDEF, syn_swstep(s->ss_same_el, 1, s->is_ldex),
254 default_exception_el(s));
255 s->is_jmp = DISAS_EXC;
256 }
257
258 static void gen_smul_dual(TCGv_i32 a, TCGv_i32 b)
259 {
260 TCGv_i32 tmp1 = tcg_temp_new_i32();
261 TCGv_i32 tmp2 = tcg_temp_new_i32();
262 tcg_gen_ext16s_i32(tmp1, a);
263 tcg_gen_ext16s_i32(tmp2, b);
264 tcg_gen_mul_i32(tmp1, tmp1, tmp2);
265 tcg_temp_free_i32(tmp2);
266 tcg_gen_sari_i32(a, a, 16);
267 tcg_gen_sari_i32(b, b, 16);
268 tcg_gen_mul_i32(b, b, a);
269 tcg_gen_mov_i32(a, tmp1);
270 tcg_temp_free_i32(tmp1);
271 }
272
273 /* Byteswap each halfword. */
274 static void gen_rev16(TCGv_i32 var)
275 {
276 TCGv_i32 tmp = tcg_temp_new_i32();
277 tcg_gen_shri_i32(tmp, var, 8);
278 tcg_gen_andi_i32(tmp, tmp, 0x00ff00ff);
279 tcg_gen_shli_i32(var, var, 8);
280 tcg_gen_andi_i32(var, var, 0xff00ff00);
281 tcg_gen_or_i32(var, var, tmp);
282 tcg_temp_free_i32(tmp);
283 }
284
285 /* Byteswap low halfword and sign extend. */
286 static void gen_revsh(TCGv_i32 var)
287 {
288 tcg_gen_ext16u_i32(var, var);
289 tcg_gen_bswap16_i32(var, var);
290 tcg_gen_ext16s_i32(var, var);
291 }
292
293 /* Unsigned bitfield extract. */
294 static void gen_ubfx(TCGv_i32 var, int shift, uint32_t mask)
295 {
296 if (shift)
297 tcg_gen_shri_i32(var, var, shift);
298 tcg_gen_andi_i32(var, var, mask);
299 }
300
301 /* Signed bitfield extract. */
302 static void gen_sbfx(TCGv_i32 var, int shift, int width)
303 {
304 uint32_t signbit;
305
306 if (shift)
307 tcg_gen_sari_i32(var, var, shift);
308 if (shift + width < 32) {
309 signbit = 1u << (width - 1);
310 tcg_gen_andi_i32(var, var, (1u << width) - 1);
311 tcg_gen_xori_i32(var, var, signbit);
312 tcg_gen_subi_i32(var, var, signbit);
313 }
314 }
315
316 /* Return (b << 32) + a. Mark inputs as dead */
317 static TCGv_i64 gen_addq_msw(TCGv_i64 a, TCGv_i32 b)
318 {
319 TCGv_i64 tmp64 = tcg_temp_new_i64();
320
321 tcg_gen_extu_i32_i64(tmp64, b);
322 tcg_temp_free_i32(b);
323 tcg_gen_shli_i64(tmp64, tmp64, 32);
324 tcg_gen_add_i64(a, tmp64, a);
325
326 tcg_temp_free_i64(tmp64);
327 return a;
328 }
329
330 /* Return (b << 32) - a. Mark inputs as dead. */
331 static TCGv_i64 gen_subq_msw(TCGv_i64 a, TCGv_i32 b)
332 {
333 TCGv_i64 tmp64 = tcg_temp_new_i64();
334
335 tcg_gen_extu_i32_i64(tmp64, b);
336 tcg_temp_free_i32(b);
337 tcg_gen_shli_i64(tmp64, tmp64, 32);
338 tcg_gen_sub_i64(a, tmp64, a);
339
340 tcg_temp_free_i64(tmp64);
341 return a;
342 }
343
344 /* 32x32->64 multiply. Marks inputs as dead. */
345 static TCGv_i64 gen_mulu_i64_i32(TCGv_i32 a, TCGv_i32 b)
346 {
347 TCGv_i32 lo = tcg_temp_new_i32();
348 TCGv_i32 hi = tcg_temp_new_i32();
349 TCGv_i64 ret;
350
351 tcg_gen_mulu2_i32(lo, hi, a, b);
352 tcg_temp_free_i32(a);
353 tcg_temp_free_i32(b);
354
355 ret = tcg_temp_new_i64();
356 tcg_gen_concat_i32_i64(ret, lo, hi);
357 tcg_temp_free_i32(lo);
358 tcg_temp_free_i32(hi);
359
360 return ret;
361 }
362
363 static TCGv_i64 gen_muls_i64_i32(TCGv_i32 a, TCGv_i32 b)
364 {
365 TCGv_i32 lo = tcg_temp_new_i32();
366 TCGv_i32 hi = tcg_temp_new_i32();
367 TCGv_i64 ret;
368
369 tcg_gen_muls2_i32(lo, hi, a, b);
370 tcg_temp_free_i32(a);
371 tcg_temp_free_i32(b);
372
373 ret = tcg_temp_new_i64();
374 tcg_gen_concat_i32_i64(ret, lo, hi);
375 tcg_temp_free_i32(lo);
376 tcg_temp_free_i32(hi);
377
378 return ret;
379 }
380
381 /* Swap low and high halfwords. */
382 static void gen_swap_half(TCGv_i32 var)
383 {
384 TCGv_i32 tmp = tcg_temp_new_i32();
385 tcg_gen_shri_i32(tmp, var, 16);
386 tcg_gen_shli_i32(var, var, 16);
387 tcg_gen_or_i32(var, var, tmp);
388 tcg_temp_free_i32(tmp);
389 }
390
391 /* Dual 16-bit add. Result placed in t0 and t1 is marked as dead.
392 tmp = (t0 ^ t1) & 0x8000;
393 t0 &= ~0x8000;
394 t1 &= ~0x8000;
395 t0 = (t0 + t1) ^ tmp;
396 */
397
398 static void gen_add16(TCGv_i32 t0, TCGv_i32 t1)
399 {
400 TCGv_i32 tmp = tcg_temp_new_i32();
401 tcg_gen_xor_i32(tmp, t0, t1);
402 tcg_gen_andi_i32(tmp, tmp, 0x8000);
403 tcg_gen_andi_i32(t0, t0, ~0x8000);
404 tcg_gen_andi_i32(t1, t1, ~0x8000);
405 tcg_gen_add_i32(t0, t0, t1);
406 tcg_gen_xor_i32(t0, t0, tmp);
407 tcg_temp_free_i32(tmp);
408 tcg_temp_free_i32(t1);
409 }
410
411 /* Set CF to the top bit of var. */
412 static void gen_set_CF_bit31(TCGv_i32 var)
413 {
414 tcg_gen_shri_i32(cpu_CF, var, 31);
415 }
416
417 /* Set N and Z flags from var. */
418 static inline void gen_logic_CC(TCGv_i32 var)
419 {
420 tcg_gen_mov_i32(cpu_NF, var);
421 tcg_gen_mov_i32(cpu_ZF, var);
422 }
423
424 /* T0 += T1 + CF. */
425 static void gen_adc(TCGv_i32 t0, TCGv_i32 t1)
426 {
427 tcg_gen_add_i32(t0, t0, t1);
428 tcg_gen_add_i32(t0, t0, cpu_CF);
429 }
430
431 /* dest = T0 + T1 + CF. */
432 static void gen_add_carry(TCGv_i32 dest, TCGv_i32 t0, TCGv_i32 t1)
433 {
434 tcg_gen_add_i32(dest, t0, t1);
435 tcg_gen_add_i32(dest, dest, cpu_CF);
436 }
437
438 /* dest = T0 - T1 + CF - 1. */
439 static void gen_sub_carry(TCGv_i32 dest, TCGv_i32 t0, TCGv_i32 t1)
440 {
441 tcg_gen_sub_i32(dest, t0, t1);
442 tcg_gen_add_i32(dest, dest, cpu_CF);
443 tcg_gen_subi_i32(dest, dest, 1);
444 }
445
446 /* dest = T0 + T1. Compute C, N, V and Z flags */
447 static void gen_add_CC(TCGv_i32 dest, TCGv_i32 t0, TCGv_i32 t1)
448 {
449 TCGv_i32 tmp = tcg_temp_new_i32();
450 tcg_gen_movi_i32(tmp, 0);
451 tcg_gen_add2_i32(cpu_NF, cpu_CF, t0, tmp, t1, tmp);
452 tcg_gen_mov_i32(cpu_ZF, cpu_NF);
453 tcg_gen_xor_i32(cpu_VF, cpu_NF, t0);
454 tcg_gen_xor_i32(tmp, t0, t1);
455 tcg_gen_andc_i32(cpu_VF, cpu_VF, tmp);
456 tcg_temp_free_i32(tmp);
457 tcg_gen_mov_i32(dest, cpu_NF);
458 }
459
460 /* dest = T0 + T1 + CF. Compute C, N, V and Z flags */
461 static void gen_adc_CC(TCGv_i32 dest, TCGv_i32 t0, TCGv_i32 t1)
462 {
463 TCGv_i32 tmp = tcg_temp_new_i32();
464 if (TCG_TARGET_HAS_add2_i32) {
465 tcg_gen_movi_i32(tmp, 0);
466 tcg_gen_add2_i32(cpu_NF, cpu_CF, t0, tmp, cpu_CF, tmp);
467 tcg_gen_add2_i32(cpu_NF, cpu_CF, cpu_NF, cpu_CF, t1, tmp);
468 } else {
469 TCGv_i64 q0 = tcg_temp_new_i64();
470 TCGv_i64 q1 = tcg_temp_new_i64();
471 tcg_gen_extu_i32_i64(q0, t0);
472 tcg_gen_extu_i32_i64(q1, t1);
473 tcg_gen_add_i64(q0, q0, q1);
474 tcg_gen_extu_i32_i64(q1, cpu_CF);
475 tcg_gen_add_i64(q0, q0, q1);
476 tcg_gen_extr_i64_i32(cpu_NF, cpu_CF, q0);
477 tcg_temp_free_i64(q0);
478 tcg_temp_free_i64(q1);
479 }
480 tcg_gen_mov_i32(cpu_ZF, cpu_NF);
481 tcg_gen_xor_i32(cpu_VF, cpu_NF, t0);
482 tcg_gen_xor_i32(tmp, t0, t1);
483 tcg_gen_andc_i32(cpu_VF, cpu_VF, tmp);
484 tcg_temp_free_i32(tmp);
485 tcg_gen_mov_i32(dest, cpu_NF);
486 }
487
488 /* dest = T0 - T1. Compute C, N, V and Z flags */
489 static void gen_sub_CC(TCGv_i32 dest, TCGv_i32 t0, TCGv_i32 t1)
490 {
491 TCGv_i32 tmp;
492 tcg_gen_sub_i32(cpu_NF, t0, t1);
493 tcg_gen_mov_i32(cpu_ZF, cpu_NF);
494 tcg_gen_setcond_i32(TCG_COND_GEU, cpu_CF, t0, t1);
495 tcg_gen_xor_i32(cpu_VF, cpu_NF, t0);
496 tmp = tcg_temp_new_i32();
497 tcg_gen_xor_i32(tmp, t0, t1);
498 tcg_gen_and_i32(cpu_VF, cpu_VF, tmp);
499 tcg_temp_free_i32(tmp);
500 tcg_gen_mov_i32(dest, cpu_NF);
501 }
502
503 /* dest = T0 + ~T1 + CF. Compute C, N, V and Z flags */
504 static void gen_sbc_CC(TCGv_i32 dest, TCGv_i32 t0, TCGv_i32 t1)
505 {
506 TCGv_i32 tmp = tcg_temp_new_i32();
507 tcg_gen_not_i32(tmp, t1);
508 gen_adc_CC(dest, t0, tmp);
509 tcg_temp_free_i32(tmp);
510 }
511
512 #define GEN_SHIFT(name) \
513 static void gen_##name(TCGv_i32 dest, TCGv_i32 t0, TCGv_i32 t1) \
514 { \
515 TCGv_i32 tmp1, tmp2, tmp3; \
516 tmp1 = tcg_temp_new_i32(); \
517 tcg_gen_andi_i32(tmp1, t1, 0xff); \
518 tmp2 = tcg_const_i32(0); \
519 tmp3 = tcg_const_i32(0x1f); \
520 tcg_gen_movcond_i32(TCG_COND_GTU, tmp2, tmp1, tmp3, tmp2, t0); \
521 tcg_temp_free_i32(tmp3); \
522 tcg_gen_andi_i32(tmp1, tmp1, 0x1f); \
523 tcg_gen_##name##_i32(dest, tmp2, tmp1); \
524 tcg_temp_free_i32(tmp2); \
525 tcg_temp_free_i32(tmp1); \
526 }
527 GEN_SHIFT(shl)
528 GEN_SHIFT(shr)
529 #undef GEN_SHIFT
530
531 static void gen_sar(TCGv_i32 dest, TCGv_i32 t0, TCGv_i32 t1)
532 {
533 TCGv_i32 tmp1, tmp2;
534 tmp1 = tcg_temp_new_i32();
535 tcg_gen_andi_i32(tmp1, t1, 0xff);
536 tmp2 = tcg_const_i32(0x1f);
537 tcg_gen_movcond_i32(TCG_COND_GTU, tmp1, tmp1, tmp2, tmp2, tmp1);
538 tcg_temp_free_i32(tmp2);
539 tcg_gen_sar_i32(dest, t0, tmp1);
540 tcg_temp_free_i32(tmp1);
541 }
542
543 static void tcg_gen_abs_i32(TCGv_i32 dest, TCGv_i32 src)
544 {
545 TCGv_i32 c0 = tcg_const_i32(0);
546 TCGv_i32 tmp = tcg_temp_new_i32();
547 tcg_gen_neg_i32(tmp, src);
548 tcg_gen_movcond_i32(TCG_COND_GT, dest, src, c0, src, tmp);
549 tcg_temp_free_i32(c0);
550 tcg_temp_free_i32(tmp);
551 }
552
553 static void shifter_out_im(TCGv_i32 var, int shift)
554 {
555 if (shift == 0) {
556 tcg_gen_andi_i32(cpu_CF, var, 1);
557 } else {
558 tcg_gen_shri_i32(cpu_CF, var, shift);
559 if (shift != 31) {
560 tcg_gen_andi_i32(cpu_CF, cpu_CF, 1);
561 }
562 }
563 }
564
565 /* Shift by immediate. Includes special handling for shift == 0. */
566 static inline void gen_arm_shift_im(TCGv_i32 var, int shiftop,
567 int shift, int flags)
568 {
569 switch (shiftop) {
570 case 0: /* LSL */
571 if (shift != 0) {
572 if (flags)
573 shifter_out_im(var, 32 - shift);
574 tcg_gen_shli_i32(var, var, shift);
575 }
576 break;
577 case 1: /* LSR */
578 if (shift == 0) {
579 if (flags) {
580 tcg_gen_shri_i32(cpu_CF, var, 31);
581 }
582 tcg_gen_movi_i32(var, 0);
583 } else {
584 if (flags)
585 shifter_out_im(var, shift - 1);
586 tcg_gen_shri_i32(var, var, shift);
587 }
588 break;
589 case 2: /* ASR */
590 if (shift == 0)
591 shift = 32;
592 if (flags)
593 shifter_out_im(var, shift - 1);
594 if (shift == 32)
595 shift = 31;
596 tcg_gen_sari_i32(var, var, shift);
597 break;
598 case 3: /* ROR/RRX */
599 if (shift != 0) {
600 if (flags)
601 shifter_out_im(var, shift - 1);
602 tcg_gen_rotri_i32(var, var, shift); break;
603 } else {
604 TCGv_i32 tmp = tcg_temp_new_i32();
605 tcg_gen_shli_i32(tmp, cpu_CF, 31);
606 if (flags)
607 shifter_out_im(var, 0);
608 tcg_gen_shri_i32(var, var, 1);
609 tcg_gen_or_i32(var, var, tmp);
610 tcg_temp_free_i32(tmp);
611 }
612 }
613 };
614
615 static inline void gen_arm_shift_reg(TCGv_i32 var, int shiftop,
616 TCGv_i32 shift, int flags)
617 {
618 if (flags) {
619 switch (shiftop) {
620 case 0: gen_helper_shl_cc(var, cpu_env, var, shift); break;
621 case 1: gen_helper_shr_cc(var, cpu_env, var, shift); break;
622 case 2: gen_helper_sar_cc(var, cpu_env, var, shift); break;
623 case 3: gen_helper_ror_cc(var, cpu_env, var, shift); break;
624 }
625 } else {
626 switch (shiftop) {
627 case 0:
628 gen_shl(var, var, shift);
629 break;
630 case 1:
631 gen_shr(var, var, shift);
632 break;
633 case 2:
634 gen_sar(var, var, shift);
635 break;
636 case 3: tcg_gen_andi_i32(shift, shift, 0x1f);
637 tcg_gen_rotr_i32(var, var, shift); break;
638 }
639 }
640 tcg_temp_free_i32(shift);
641 }
642
643 #define PAS_OP(pfx) \
644 switch (op2) { \
645 case 0: gen_pas_helper(glue(pfx,add16)); break; \
646 case 1: gen_pas_helper(glue(pfx,addsubx)); break; \
647 case 2: gen_pas_helper(glue(pfx,subaddx)); break; \
648 case 3: gen_pas_helper(glue(pfx,sub16)); break; \
649 case 4: gen_pas_helper(glue(pfx,add8)); break; \
650 case 7: gen_pas_helper(glue(pfx,sub8)); break; \
651 }
652 static void gen_arm_parallel_addsub(int op1, int op2, TCGv_i32 a, TCGv_i32 b)
653 {
654 TCGv_ptr tmp;
655
656 switch (op1) {
657 #define gen_pas_helper(name) glue(gen_helper_,name)(a, a, b, tmp)
658 case 1:
659 tmp = tcg_temp_new_ptr();
660 tcg_gen_addi_ptr(tmp, cpu_env, offsetof(CPUARMState, GE));
661 PAS_OP(s)
662 tcg_temp_free_ptr(tmp);
663 break;
664 case 5:
665 tmp = tcg_temp_new_ptr();
666 tcg_gen_addi_ptr(tmp, cpu_env, offsetof(CPUARMState, GE));
667 PAS_OP(u)
668 tcg_temp_free_ptr(tmp);
669 break;
670 #undef gen_pas_helper
671 #define gen_pas_helper(name) glue(gen_helper_,name)(a, a, b)
672 case 2:
673 PAS_OP(q);
674 break;
675 case 3:
676 PAS_OP(sh);
677 break;
678 case 6:
679 PAS_OP(uq);
680 break;
681 case 7:
682 PAS_OP(uh);
683 break;
684 #undef gen_pas_helper
685 }
686 }
687 #undef PAS_OP
688
689 /* For unknown reasons Arm and Thumb-2 use arbitrarily different encodings. */
690 #define PAS_OP(pfx) \
691 switch (op1) { \
692 case 0: gen_pas_helper(glue(pfx,add8)); break; \
693 case 1: gen_pas_helper(glue(pfx,add16)); break; \
694 case 2: gen_pas_helper(glue(pfx,addsubx)); break; \
695 case 4: gen_pas_helper(glue(pfx,sub8)); break; \
696 case 5: gen_pas_helper(glue(pfx,sub16)); break; \
697 case 6: gen_pas_helper(glue(pfx,subaddx)); break; \
698 }
699 static void gen_thumb2_parallel_addsub(int op1, int op2, TCGv_i32 a, TCGv_i32 b)
700 {
701 TCGv_ptr tmp;
702
703 switch (op2) {
704 #define gen_pas_helper(name) glue(gen_helper_,name)(a, a, b, tmp)
705 case 0:
706 tmp = tcg_temp_new_ptr();
707 tcg_gen_addi_ptr(tmp, cpu_env, offsetof(CPUARMState, GE));
708 PAS_OP(s)
709 tcg_temp_free_ptr(tmp);
710 break;
711 case 4:
712 tmp = tcg_temp_new_ptr();
713 tcg_gen_addi_ptr(tmp, cpu_env, offsetof(CPUARMState, GE));
714 PAS_OP(u)
715 tcg_temp_free_ptr(tmp);
716 break;
717 #undef gen_pas_helper
718 #define gen_pas_helper(name) glue(gen_helper_,name)(a, a, b)
719 case 1:
720 PAS_OP(q);
721 break;
722 case 2:
723 PAS_OP(sh);
724 break;
725 case 5:
726 PAS_OP(uq);
727 break;
728 case 6:
729 PAS_OP(uh);
730 break;
731 #undef gen_pas_helper
732 }
733 }
734 #undef PAS_OP
735
736 /*
737 * Generate a conditional based on ARM condition code cc.
738 * This is common between ARM and Aarch64 targets.
739 */
740 void arm_test_cc(DisasCompare *cmp, int cc)
741 {
742 TCGv_i32 value;
743 TCGCond cond;
744 bool global = true;
745
746 switch (cc) {
747 case 0: /* eq: Z */
748 case 1: /* ne: !Z */
749 cond = TCG_COND_EQ;
750 value = cpu_ZF;
751 break;
752
753 case 2: /* cs: C */
754 case 3: /* cc: !C */
755 cond = TCG_COND_NE;
756 value = cpu_CF;
757 break;
758
759 case 4: /* mi: N */
760 case 5: /* pl: !N */
761 cond = TCG_COND_LT;
762 value = cpu_NF;
763 break;
764
765 case 6: /* vs: V */
766 case 7: /* vc: !V */
767 cond = TCG_COND_LT;
768 value = cpu_VF;
769 break;
770
771 case 8: /* hi: C && !Z */
772 case 9: /* ls: !C || Z -> !(C && !Z) */
773 cond = TCG_COND_NE;
774 value = tcg_temp_new_i32();
775 global = false;
776 /* CF is 1 for C, so -CF is an all-bits-set mask for C;
777 ZF is non-zero for !Z; so AND the two subexpressions. */
778 tcg_gen_neg_i32(value, cpu_CF);
779 tcg_gen_and_i32(value, value, cpu_ZF);
780 break;
781
782 case 10: /* ge: N == V -> N ^ V == 0 */
783 case 11: /* lt: N != V -> N ^ V != 0 */
784 /* Since we're only interested in the sign bit, == 0 is >= 0. */
785 cond = TCG_COND_GE;
786 value = tcg_temp_new_i32();
787 global = false;
788 tcg_gen_xor_i32(value, cpu_VF, cpu_NF);
789 break;
790
791 case 12: /* gt: !Z && N == V */
792 case 13: /* le: Z || N != V */
793 cond = TCG_COND_NE;
794 value = tcg_temp_new_i32();
795 global = false;
796 /* (N == V) is equal to the sign bit of ~(NF ^ VF). Propagate
797 * the sign bit then AND with ZF to yield the result. */
798 tcg_gen_xor_i32(value, cpu_VF, cpu_NF);
799 tcg_gen_sari_i32(value, value, 31);
800 tcg_gen_andc_i32(value, cpu_ZF, value);
801 break;
802
803 case 14: /* always */
804 case 15: /* always */
805 /* Use the ALWAYS condition, which will fold early.
806 * It doesn't matter what we use for the value. */
807 cond = TCG_COND_ALWAYS;
808 value = cpu_ZF;
809 goto no_invert;
810
811 default:
812 fprintf(stderr, "Bad condition code 0x%x\n", cc);
813 abort();
814 }
815
816 if (cc & 1) {
817 cond = tcg_invert_cond(cond);
818 }
819
820 no_invert:
821 cmp->cond = cond;
822 cmp->value = value;
823 cmp->value_global = global;
824 }
825
826 void arm_free_cc(DisasCompare *cmp)
827 {
828 if (!cmp->value_global) {
829 tcg_temp_free_i32(cmp->value);
830 }
831 }
832
833 void arm_jump_cc(DisasCompare *cmp, TCGLabel *label)
834 {
835 tcg_gen_brcondi_i32(cmp->cond, cmp->value, 0, label);
836 }
837
838 void arm_gen_test_cc(int cc, TCGLabel *label)
839 {
840 DisasCompare cmp;
841 arm_test_cc(&cmp, cc);
842 arm_jump_cc(&cmp, label);
843 arm_free_cc(&cmp);
844 }
845
846 static const uint8_t table_logic_cc[16] = {
847 1, /* and */
848 1, /* xor */
849 0, /* sub */
850 0, /* rsb */
851 0, /* add */
852 0, /* adc */
853 0, /* sbc */
854 0, /* rsc */
855 1, /* andl */
856 1, /* xorl */
857 0, /* cmp */
858 0, /* cmn */
859 1, /* orr */
860 1, /* mov */
861 1, /* bic */
862 1, /* mvn */
863 };
864
865 /* Set PC and Thumb state from an immediate address. */
866 static inline void gen_bx_im(DisasContext *s, uint32_t addr)
867 {
868 TCGv_i32 tmp;
869
870 s->is_jmp = DISAS_JUMP;
871 if (s->thumb != (addr & 1)) {
872 tmp = tcg_temp_new_i32();
873 tcg_gen_movi_i32(tmp, addr & 1);
874 tcg_gen_st_i32(tmp, cpu_env, offsetof(CPUARMState, thumb));
875 tcg_temp_free_i32(tmp);
876 }
877 tcg_gen_movi_i32(cpu_R[15], addr & ~1);
878 }
879
880 /* Set PC and Thumb state from var. var is marked as dead. */
881 static inline void gen_bx(DisasContext *s, TCGv_i32 var)
882 {
883 s->is_jmp = DISAS_JUMP;
884 tcg_gen_andi_i32(cpu_R[15], var, ~1);
885 tcg_gen_andi_i32(var, var, 1);
886 store_cpu_field(var, thumb);
887 }
888
889 /* Variant of store_reg which uses branch&exchange logic when storing
890 to r15 in ARM architecture v7 and above. The source must be a temporary
891 and will be marked as dead. */
892 static inline void store_reg_bx(DisasContext *s, int reg, TCGv_i32 var)
893 {
894 if (reg == 15 && ENABLE_ARCH_7) {
895 gen_bx(s, var);
896 } else {
897 store_reg(s, reg, var);
898 }
899 }
900
901 /* Variant of store_reg which uses branch&exchange logic when storing
902 * to r15 in ARM architecture v5T and above. This is used for storing
903 * the results of a LDR/LDM/POP into r15, and corresponds to the cases
904 * in the ARM ARM which use the LoadWritePC() pseudocode function. */
905 static inline void store_reg_from_load(DisasContext *s, int reg, TCGv_i32 var)
906 {
907 if (reg == 15 && ENABLE_ARCH_5) {
908 gen_bx(s, var);
909 } else {
910 store_reg(s, reg, var);
911 }
912 }
913
914 #ifdef CONFIG_USER_ONLY
915 #define IS_USER_ONLY 1
916 #else
917 #define IS_USER_ONLY 0
918 #endif
919
920 /* Abstractions of "generate code to do a guest load/store for
921 * AArch32", where a vaddr is always 32 bits (and is zero
922 * extended if we're a 64 bit core) and data is also
923 * 32 bits unless specifically doing a 64 bit access.
924 * These functions work like tcg_gen_qemu_{ld,st}* except
925 * that the address argument is TCGv_i32 rather than TCGv.
926 */
927 #if TARGET_LONG_BITS == 32
928
929 #define DO_GEN_LD(SUFF, OPC, BE32_XOR) \
930 static inline void gen_aa32_ld##SUFF(DisasContext *s, TCGv_i32 val, \
931 TCGv_i32 addr, int index) \
932 { \
933 TCGMemOp opc = (OPC) | s->be_data; \
934 /* Not needed for user-mode BE32, where we use MO_BE instead. */ \
935 if (!IS_USER_ONLY && s->sctlr_b && BE32_XOR) { \
936 TCGv addr_be = tcg_temp_new(); \
937 tcg_gen_xori_i32(addr_be, addr, BE32_XOR); \
938 tcg_gen_qemu_ld_i32(val, addr_be, index, opc); \
939 tcg_temp_free(addr_be); \
940 return; \
941 } \
942 tcg_gen_qemu_ld_i32(val, addr, index, opc); \
943 }
944
945 #define DO_GEN_ST(SUFF, OPC, BE32_XOR) \
946 static inline void gen_aa32_st##SUFF(DisasContext *s, TCGv_i32 val, \
947 TCGv_i32 addr, int index) \
948 { \
949 TCGMemOp opc = (OPC) | s->be_data; \
950 /* Not needed for user-mode BE32, where we use MO_BE instead. */ \
951 if (!IS_USER_ONLY && s->sctlr_b && BE32_XOR) { \
952 TCGv addr_be = tcg_temp_new(); \
953 tcg_gen_xori_i32(addr_be, addr, BE32_XOR); \
954 tcg_gen_qemu_st_i32(val, addr_be, index, opc); \
955 tcg_temp_free(addr_be); \
956 return; \
957 } \
958 tcg_gen_qemu_st_i32(val, addr, index, opc); \
959 }
960
961 static inline void gen_aa32_ld64(DisasContext *s, TCGv_i64 val,
962 TCGv_i32 addr, int index)
963 {
964 TCGMemOp opc = MO_Q | s->be_data;
965 tcg_gen_qemu_ld_i64(val, addr, index, opc);
966 /* Not needed for user-mode BE32, where we use MO_BE instead. */
967 if (!IS_USER_ONLY && s->sctlr_b) {
968 tcg_gen_rotri_i64(val, val, 32);
969 }
970 }
971
972 static inline void gen_aa32_st64(DisasContext *s, TCGv_i64 val,
973 TCGv_i32 addr, int index)
974 {
975 TCGMemOp opc = MO_Q | s->be_data;
976 /* Not needed for user-mode BE32, where we use MO_BE instead. */
977 if (!IS_USER_ONLY && s->sctlr_b) {
978 TCGv_i64 tmp = tcg_temp_new_i64();
979 tcg_gen_rotri_i64(tmp, val, 32);
980 tcg_gen_qemu_st_i64(tmp, addr, index, opc);
981 tcg_temp_free_i64(tmp);
982 return;
983 }
984 tcg_gen_qemu_st_i64(val, addr, index, opc);
985 }
986
987 #else
988
989 #define DO_GEN_LD(SUFF, OPC, BE32_XOR) \
990 static inline void gen_aa32_ld##SUFF(DisasContext *s, TCGv_i32 val, \
991 TCGv_i32 addr, int index) \
992 { \
993 TCGMemOp opc = (OPC) | s->be_data; \
994 TCGv addr64 = tcg_temp_new(); \
995 tcg_gen_extu_i32_i64(addr64, addr); \
996 /* Not needed for user-mode BE32, where we use MO_BE instead. */ \
997 if (!IS_USER_ONLY && s->sctlr_b && BE32_XOR) { \
998 tcg_gen_xori_i64(addr64, addr64, BE32_XOR); \
999 } \
1000 tcg_gen_qemu_ld_i32(val, addr64, index, opc); \
1001 tcg_temp_free(addr64); \
1002 }
1003
1004 #define DO_GEN_ST(SUFF, OPC, BE32_XOR) \
1005 static inline void gen_aa32_st##SUFF(DisasContext *s, TCGv_i32 val, \
1006 TCGv_i32 addr, int index) \
1007 { \
1008 TCGMemOp opc = (OPC) | s->be_data; \
1009 TCGv addr64 = tcg_temp_new(); \
1010 tcg_gen_extu_i32_i64(addr64, addr); \
1011 /* Not needed for user-mode BE32, where we use MO_BE instead. */ \
1012 if (!IS_USER_ONLY && s->sctlr_b && BE32_XOR) { \
1013 tcg_gen_xori_i64(addr64, addr64, BE32_XOR); \
1014 } \
1015 tcg_gen_qemu_st_i32(val, addr64, index, opc); \
1016 tcg_temp_free(addr64); \
1017 }
1018
1019 static inline void gen_aa32_ld64(DisasContext *s, TCGv_i64 val,
1020 TCGv_i32 addr, int index)
1021 {
1022 TCGMemOp opc = MO_Q | s->be_data;
1023 TCGv addr64 = tcg_temp_new();
1024 tcg_gen_extu_i32_i64(addr64, addr);
1025 tcg_gen_qemu_ld_i64(val, addr64, index, opc);
1026
1027 /* Not needed for user-mode BE32, where we use MO_BE instead. */
1028 if (!IS_USER_ONLY && s->sctlr_b) {
1029 tcg_gen_rotri_i64(val, val, 32);
1030 }
1031 tcg_temp_free(addr64);
1032 }
1033
1034 static inline void gen_aa32_st64(DisasContext *s, TCGv_i64 val,
1035 TCGv_i32 addr, int index)
1036 {
1037 TCGMemOp opc = MO_Q | s->be_data;
1038 TCGv addr64 = tcg_temp_new();
1039 tcg_gen_extu_i32_i64(addr64, addr);
1040
1041 /* Not needed for user-mode BE32, where we use MO_BE instead. */
1042 if (!IS_USER_ONLY && s->sctlr_b) {
1043 TCGv tmp = tcg_temp_new();
1044 tcg_gen_rotri_i64(tmp, val, 32);
1045 tcg_gen_qemu_st_i64(tmp, addr64, index, opc);
1046 tcg_temp_free(tmp);
1047 } else {
1048 tcg_gen_qemu_st_i64(val, addr64, index, opc);
1049 }
1050 tcg_temp_free(addr64);
1051 }
1052
1053 #endif
1054
1055 DO_GEN_LD(8s, MO_SB, 3)
1056 DO_GEN_LD(8u, MO_UB, 3)
1057 DO_GEN_LD(16s, MO_SW, 2)
1058 DO_GEN_LD(16u, MO_UW, 2)
1059 DO_GEN_LD(32u, MO_UL, 0)
1060 /* 'a' variants include an alignment check */
1061 DO_GEN_LD(16ua, MO_UW | MO_ALIGN, 2)
1062 DO_GEN_LD(32ua, MO_UL | MO_ALIGN, 0)
1063 DO_GEN_ST(8, MO_UB, 3)
1064 DO_GEN_ST(16, MO_UW, 2)
1065 DO_GEN_ST(32, MO_UL, 0)
1066
1067 static inline void gen_set_pc_im(DisasContext *s, target_ulong val)
1068 {
1069 tcg_gen_movi_i32(cpu_R[15], val);
1070 }
1071
1072 static inline void gen_hvc(DisasContext *s, int imm16)
1073 {
1074 /* The pre HVC helper handles cases when HVC gets trapped
1075 * as an undefined insn by runtime configuration (ie before
1076 * the insn really executes).
1077 */
1078 gen_set_pc_im(s, s->pc - 4);
1079 gen_helper_pre_hvc(cpu_env);
1080 /* Otherwise we will treat this as a real exception which
1081 * happens after execution of the insn. (The distinction matters
1082 * for the PC value reported to the exception handler and also
1083 * for single stepping.)
1084 */
1085 s->svc_imm = imm16;
1086 gen_set_pc_im(s, s->pc);
1087 s->is_jmp = DISAS_HVC;
1088 }
1089
1090 static inline void gen_smc(DisasContext *s)
1091 {
1092 /* As with HVC, we may take an exception either before or after
1093 * the insn executes.
1094 */
1095 TCGv_i32 tmp;
1096
1097 gen_set_pc_im(s, s->pc - 4);
1098 tmp = tcg_const_i32(syn_aa32_smc());
1099 gen_helper_pre_smc(cpu_env, tmp);
1100 tcg_temp_free_i32(tmp);
1101 gen_set_pc_im(s, s->pc);
1102 s->is_jmp = DISAS_SMC;
1103 }
1104
1105 static inline void
1106 gen_set_condexec (DisasContext *s)
1107 {
1108 if (s->condexec_mask) {
1109 uint32_t val = (s->condexec_cond << 4) | (s->condexec_mask >> 1);
1110 TCGv_i32 tmp = tcg_temp_new_i32();
1111 tcg_gen_movi_i32(tmp, val);
1112 store_cpu_field(tmp, condexec_bits);
1113 }
1114 }
1115
1116 static void gen_exception_internal_insn(DisasContext *s, int offset, int excp)
1117 {
1118 gen_set_condexec(s);
1119 gen_set_pc_im(s, s->pc - offset);
1120 gen_exception_internal(excp);
1121 s->is_jmp = DISAS_JUMP;
1122 }
1123
1124 static void gen_exception_insn(DisasContext *s, int offset, int excp,
1125 int syn, uint32_t target_el)
1126 {
1127 gen_set_condexec(s);
1128 gen_set_pc_im(s, s->pc - offset);
1129 gen_exception(excp, syn, target_el);
1130 s->is_jmp = DISAS_JUMP;
1131 }
1132
1133 /* Force a TB lookup after an instruction that changes the CPU state. */
1134 static inline void gen_lookup_tb(DisasContext *s)
1135 {
1136 tcg_gen_movi_i32(cpu_R[15], s->pc & ~1);
1137 s->is_jmp = DISAS_JUMP;
1138 }
1139
1140 static inline void gen_add_data_offset(DisasContext *s, unsigned int insn,
1141 TCGv_i32 var)
1142 {
1143 int val, rm, shift, shiftop;
1144 TCGv_i32 offset;
1145
1146 if (!(insn & (1 << 25))) {
1147 /* immediate */
1148 val = insn & 0xfff;
1149 if (!(insn & (1 << 23)))
1150 val = -val;
1151 if (val != 0)
1152 tcg_gen_addi_i32(var, var, val);
1153 } else {
1154 /* shift/register */
1155 rm = (insn) & 0xf;
1156 shift = (insn >> 7) & 0x1f;
1157 shiftop = (insn >> 5) & 3;
1158 offset = load_reg(s, rm);
1159 gen_arm_shift_im(offset, shiftop, shift, 0);
1160 if (!(insn & (1 << 23)))
1161 tcg_gen_sub_i32(var, var, offset);
1162 else
1163 tcg_gen_add_i32(var, var, offset);
1164 tcg_temp_free_i32(offset);
1165 }
1166 }
1167
1168 static inline void gen_add_datah_offset(DisasContext *s, unsigned int insn,
1169 int extra, TCGv_i32 var)
1170 {
1171 int val, rm;
1172 TCGv_i32 offset;
1173
1174 if (insn & (1 << 22)) {
1175 /* immediate */
1176 val = (insn & 0xf) | ((insn >> 4) & 0xf0);
1177 if (!(insn & (1 << 23)))
1178 val = -val;
1179 val += extra;
1180 if (val != 0)
1181 tcg_gen_addi_i32(var, var, val);
1182 } else {
1183 /* register */
1184 if (extra)
1185 tcg_gen_addi_i32(var, var, extra);
1186 rm = (insn) & 0xf;
1187 offset = load_reg(s, rm);
1188 if (!(insn & (1 << 23)))
1189 tcg_gen_sub_i32(var, var, offset);
1190 else
1191 tcg_gen_add_i32(var, var, offset);
1192 tcg_temp_free_i32(offset);
1193 }
1194 }
1195
1196 static TCGv_ptr get_fpstatus_ptr(int neon)
1197 {
1198 TCGv_ptr statusptr = tcg_temp_new_ptr();
1199 int offset;
1200 if (neon) {
1201 offset = offsetof(CPUARMState, vfp.standard_fp_status);
1202 } else {
1203 offset = offsetof(CPUARMState, vfp.fp_status);
1204 }
1205 tcg_gen_addi_ptr(statusptr, cpu_env, offset);
1206 return statusptr;
1207 }
1208
1209 #define VFP_OP2(name) \
1210 static inline void gen_vfp_##name(int dp) \
1211 { \
1212 TCGv_ptr fpst = get_fpstatus_ptr(0); \
1213 if (dp) { \
1214 gen_helper_vfp_##name##d(cpu_F0d, cpu_F0d, cpu_F1d, fpst); \
1215 } else { \
1216 gen_helper_vfp_##name##s(cpu_F0s, cpu_F0s, cpu_F1s, fpst); \
1217 } \
1218 tcg_temp_free_ptr(fpst); \
1219 }
1220
1221 VFP_OP2(add)
1222 VFP_OP2(sub)
1223 VFP_OP2(mul)
1224 VFP_OP2(div)
1225
1226 #undef VFP_OP2
1227
1228 static inline void gen_vfp_F1_mul(int dp)
1229 {
1230 /* Like gen_vfp_mul() but put result in F1 */
1231 TCGv_ptr fpst = get_fpstatus_ptr(0);
1232 if (dp) {
1233 gen_helper_vfp_muld(cpu_F1d, cpu_F0d, cpu_F1d, fpst);
1234 } else {
1235 gen_helper_vfp_muls(cpu_F1s, cpu_F0s, cpu_F1s, fpst);
1236 }
1237 tcg_temp_free_ptr(fpst);
1238 }
1239
1240 static inline void gen_vfp_F1_neg(int dp)
1241 {
1242 /* Like gen_vfp_neg() but put result in F1 */
1243 if (dp) {
1244 gen_helper_vfp_negd(cpu_F1d, cpu_F0d);
1245 } else {
1246 gen_helper_vfp_negs(cpu_F1s, cpu_F0s);
1247 }
1248 }
1249
1250 static inline void gen_vfp_abs(int dp)
1251 {
1252 if (dp)
1253 gen_helper_vfp_absd(cpu_F0d, cpu_F0d);
1254 else
1255 gen_helper_vfp_abss(cpu_F0s, cpu_F0s);
1256 }
1257
1258 static inline void gen_vfp_neg(int dp)
1259 {
1260 if (dp)
1261 gen_helper_vfp_negd(cpu_F0d, cpu_F0d);
1262 else
1263 gen_helper_vfp_negs(cpu_F0s, cpu_F0s);
1264 }
1265
1266 static inline void gen_vfp_sqrt(int dp)
1267 {
1268 if (dp)
1269 gen_helper_vfp_sqrtd(cpu_F0d, cpu_F0d, cpu_env);
1270 else
1271 gen_helper_vfp_sqrts(cpu_F0s, cpu_F0s, cpu_env);
1272 }
1273
1274 static inline void gen_vfp_cmp(int dp)
1275 {
1276 if (dp)
1277 gen_helper_vfp_cmpd(cpu_F0d, cpu_F1d, cpu_env);
1278 else
1279 gen_helper_vfp_cmps(cpu_F0s, cpu_F1s, cpu_env);
1280 }
1281
1282 static inline void gen_vfp_cmpe(int dp)
1283 {
1284 if (dp)
1285 gen_helper_vfp_cmped(cpu_F0d, cpu_F1d, cpu_env);
1286 else
1287 gen_helper_vfp_cmpes(cpu_F0s, cpu_F1s, cpu_env);
1288 }
1289
1290 static inline void gen_vfp_F1_ld0(int dp)
1291 {
1292 if (dp)
1293 tcg_gen_movi_i64(cpu_F1d, 0);
1294 else
1295 tcg_gen_movi_i32(cpu_F1s, 0);
1296 }
1297
1298 #define VFP_GEN_ITOF(name) \
1299 static inline void gen_vfp_##name(int dp, int neon) \
1300 { \
1301 TCGv_ptr statusptr = get_fpstatus_ptr(neon); \
1302 if (dp) { \
1303 gen_helper_vfp_##name##d(cpu_F0d, cpu_F0s, statusptr); \
1304 } else { \
1305 gen_helper_vfp_##name##s(cpu_F0s, cpu_F0s, statusptr); \
1306 } \
1307 tcg_temp_free_ptr(statusptr); \
1308 }
1309
1310 VFP_GEN_ITOF(uito)
1311 VFP_GEN_ITOF(sito)
1312 #undef VFP_GEN_ITOF
1313
1314 #define VFP_GEN_FTOI(name) \
1315 static inline void gen_vfp_##name(int dp, int neon) \
1316 { \
1317 TCGv_ptr statusptr = get_fpstatus_ptr(neon); \
1318 if (dp) { \
1319 gen_helper_vfp_##name##d(cpu_F0s, cpu_F0d, statusptr); \
1320 } else { \
1321 gen_helper_vfp_##name##s(cpu_F0s, cpu_F0s, statusptr); \
1322 } \
1323 tcg_temp_free_ptr(statusptr); \
1324 }
1325
1326 VFP_GEN_FTOI(toui)
1327 VFP_GEN_FTOI(touiz)
1328 VFP_GEN_FTOI(tosi)
1329 VFP_GEN_FTOI(tosiz)
1330 #undef VFP_GEN_FTOI
1331
1332 #define VFP_GEN_FIX(name, round) \
1333 static inline void gen_vfp_##name(int dp, int shift, int neon) \
1334 { \
1335 TCGv_i32 tmp_shift = tcg_const_i32(shift); \
1336 TCGv_ptr statusptr = get_fpstatus_ptr(neon); \
1337 if (dp) { \
1338 gen_helper_vfp_##name##d##round(cpu_F0d, cpu_F0d, tmp_shift, \
1339 statusptr); \
1340 } else { \
1341 gen_helper_vfp_##name##s##round(cpu_F0s, cpu_F0s, tmp_shift, \
1342 statusptr); \
1343 } \
1344 tcg_temp_free_i32(tmp_shift); \
1345 tcg_temp_free_ptr(statusptr); \
1346 }
1347 VFP_GEN_FIX(tosh, _round_to_zero)
1348 VFP_GEN_FIX(tosl, _round_to_zero)
1349 VFP_GEN_FIX(touh, _round_to_zero)
1350 VFP_GEN_FIX(toul, _round_to_zero)
1351 VFP_GEN_FIX(shto, )
1352 VFP_GEN_FIX(slto, )
1353 VFP_GEN_FIX(uhto, )
1354 VFP_GEN_FIX(ulto, )
1355 #undef VFP_GEN_FIX
1356
1357 static inline void gen_vfp_ld(DisasContext *s, int dp, TCGv_i32 addr)
1358 {
1359 if (dp) {
1360 gen_aa32_ld64(s, cpu_F0d, addr, get_mem_index(s));
1361 } else {
1362 gen_aa32_ld32u(s, cpu_F0s, addr, get_mem_index(s));
1363 }
1364 }
1365
1366 static inline void gen_vfp_st(DisasContext *s, int dp, TCGv_i32 addr)
1367 {
1368 if (dp) {
1369 gen_aa32_st64(s, cpu_F0d, addr, get_mem_index(s));
1370 } else {
1371 gen_aa32_st32(s, cpu_F0s, addr, get_mem_index(s));
1372 }
1373 }
1374
1375 static inline long
1376 vfp_reg_offset (int dp, int reg)
1377 {
1378 if (dp)
1379 return offsetof(CPUARMState, vfp.regs[reg]);
1380 else if (reg & 1) {
1381 return offsetof(CPUARMState, vfp.regs[reg >> 1])
1382 + offsetof(CPU_DoubleU, l.upper);
1383 } else {
1384 return offsetof(CPUARMState, vfp.regs[reg >> 1])
1385 + offsetof(CPU_DoubleU, l.lower);
1386 }
1387 }
1388
1389 /* Return the offset of a 32-bit piece of a NEON register.
1390 zero is the least significant end of the register. */
1391 static inline long
1392 neon_reg_offset (int reg, int n)
1393 {
1394 int sreg;
1395 sreg = reg * 2 + n;
1396 return vfp_reg_offset(0, sreg);
1397 }
1398
1399 static TCGv_i32 neon_load_reg(int reg, int pass)
1400 {
1401 TCGv_i32 tmp = tcg_temp_new_i32();
1402 tcg_gen_ld_i32(tmp, cpu_env, neon_reg_offset(reg, pass));
1403 return tmp;
1404 }
1405
1406 static void neon_store_reg(int reg, int pass, TCGv_i32 var)
1407 {
1408 tcg_gen_st_i32(var, cpu_env, neon_reg_offset(reg, pass));
1409 tcg_temp_free_i32(var);
1410 }
1411
1412 static inline void neon_load_reg64(TCGv_i64 var, int reg)
1413 {
1414 tcg_gen_ld_i64(var, cpu_env, vfp_reg_offset(1, reg));
1415 }
1416
1417 static inline void neon_store_reg64(TCGv_i64 var, int reg)
1418 {
1419 tcg_gen_st_i64(var, cpu_env, vfp_reg_offset(1, reg));
1420 }
1421
1422 #define tcg_gen_ld_f32 tcg_gen_ld_i32
1423 #define tcg_gen_ld_f64 tcg_gen_ld_i64
1424 #define tcg_gen_st_f32 tcg_gen_st_i32
1425 #define tcg_gen_st_f64 tcg_gen_st_i64
1426
1427 static inline void gen_mov_F0_vreg(int dp, int reg)
1428 {
1429 if (dp)
1430 tcg_gen_ld_f64(cpu_F0d, cpu_env, vfp_reg_offset(dp, reg));
1431 else
1432 tcg_gen_ld_f32(cpu_F0s, cpu_env, vfp_reg_offset(dp, reg));
1433 }
1434
1435 static inline void gen_mov_F1_vreg(int dp, int reg)
1436 {
1437 if (dp)
1438 tcg_gen_ld_f64(cpu_F1d, cpu_env, vfp_reg_offset(dp, reg));
1439 else
1440 tcg_gen_ld_f32(cpu_F1s, cpu_env, vfp_reg_offset(dp, reg));
1441 }
1442
1443 static inline void gen_mov_vreg_F0(int dp, int reg)
1444 {
1445 if (dp)
1446 tcg_gen_st_f64(cpu_F0d, cpu_env, vfp_reg_offset(dp, reg));
1447 else
1448 tcg_gen_st_f32(cpu_F0s, cpu_env, vfp_reg_offset(dp, reg));
1449 }
1450
1451 #define ARM_CP_RW_BIT (1 << 20)
1452
1453 static inline void iwmmxt_load_reg(TCGv_i64 var, int reg)
1454 {
1455 tcg_gen_ld_i64(var, cpu_env, offsetof(CPUARMState, iwmmxt.regs[reg]));
1456 }
1457
1458 static inline void iwmmxt_store_reg(TCGv_i64 var, int reg)
1459 {
1460 tcg_gen_st_i64(var, cpu_env, offsetof(CPUARMState, iwmmxt.regs[reg]));
1461 }
1462
1463 static inline TCGv_i32 iwmmxt_load_creg(int reg)
1464 {
1465 TCGv_i32 var = tcg_temp_new_i32();
1466 tcg_gen_ld_i32(var, cpu_env, offsetof(CPUARMState, iwmmxt.cregs[reg]));
1467 return var;
1468 }
1469
1470 static inline void iwmmxt_store_creg(int reg, TCGv_i32 var)
1471 {
1472 tcg_gen_st_i32(var, cpu_env, offsetof(CPUARMState, iwmmxt.cregs[reg]));
1473 tcg_temp_free_i32(var);
1474 }
1475
1476 static inline void gen_op_iwmmxt_movq_wRn_M0(int rn)
1477 {
1478 iwmmxt_store_reg(cpu_M0, rn);
1479 }
1480
1481 static inline void gen_op_iwmmxt_movq_M0_wRn(int rn)
1482 {
1483 iwmmxt_load_reg(cpu_M0, rn);
1484 }
1485
1486 static inline void gen_op_iwmmxt_orq_M0_wRn(int rn)
1487 {
1488 iwmmxt_load_reg(cpu_V1, rn);
1489 tcg_gen_or_i64(cpu_M0, cpu_M0, cpu_V1);
1490 }
1491
1492 static inline void gen_op_iwmmxt_andq_M0_wRn(int rn)
1493 {
1494 iwmmxt_load_reg(cpu_V1, rn);
1495 tcg_gen_and_i64(cpu_M0, cpu_M0, cpu_V1);
1496 }
1497
1498 static inline void gen_op_iwmmxt_xorq_M0_wRn(int rn)
1499 {
1500 iwmmxt_load_reg(cpu_V1, rn);
1501 tcg_gen_xor_i64(cpu_M0, cpu_M0, cpu_V1);
1502 }
1503
1504 #define IWMMXT_OP(name) \
1505 static inline void gen_op_iwmmxt_##name##_M0_wRn(int rn) \
1506 { \
1507 iwmmxt_load_reg(cpu_V1, rn); \
1508 gen_helper_iwmmxt_##name(cpu_M0, cpu_M0, cpu_V1); \
1509 }
1510
1511 #define IWMMXT_OP_ENV(name) \
1512 static inline void gen_op_iwmmxt_##name##_M0_wRn(int rn) \
1513 { \
1514 iwmmxt_load_reg(cpu_V1, rn); \
1515 gen_helper_iwmmxt_##name(cpu_M0, cpu_env, cpu_M0, cpu_V1); \
1516 }
1517
1518 #define IWMMXT_OP_ENV_SIZE(name) \
1519 IWMMXT_OP_ENV(name##b) \
1520 IWMMXT_OP_ENV(name##w) \
1521 IWMMXT_OP_ENV(name##l)
1522
1523 #define IWMMXT_OP_ENV1(name) \
1524 static inline void gen_op_iwmmxt_##name##_M0(void) \
1525 { \
1526 gen_helper_iwmmxt_##name(cpu_M0, cpu_env, cpu_M0); \
1527 }
1528
1529 IWMMXT_OP(maddsq)
1530 IWMMXT_OP(madduq)
1531 IWMMXT_OP(sadb)
1532 IWMMXT_OP(sadw)
1533 IWMMXT_OP(mulslw)
1534 IWMMXT_OP(mulshw)
1535 IWMMXT_OP(mululw)
1536 IWMMXT_OP(muluhw)
1537 IWMMXT_OP(macsw)
1538 IWMMXT_OP(macuw)
1539
1540 IWMMXT_OP_ENV_SIZE(unpackl)
1541 IWMMXT_OP_ENV_SIZE(unpackh)
1542
1543 IWMMXT_OP_ENV1(unpacklub)
1544 IWMMXT_OP_ENV1(unpackluw)
1545 IWMMXT_OP_ENV1(unpacklul)
1546 IWMMXT_OP_ENV1(unpackhub)
1547 IWMMXT_OP_ENV1(unpackhuw)
1548 IWMMXT_OP_ENV1(unpackhul)
1549 IWMMXT_OP_ENV1(unpacklsb)
1550 IWMMXT_OP_ENV1(unpacklsw)
1551 IWMMXT_OP_ENV1(unpacklsl)
1552 IWMMXT_OP_ENV1(unpackhsb)
1553 IWMMXT_OP_ENV1(unpackhsw)
1554 IWMMXT_OP_ENV1(unpackhsl)
1555
1556 IWMMXT_OP_ENV_SIZE(cmpeq)
1557 IWMMXT_OP_ENV_SIZE(cmpgtu)
1558 IWMMXT_OP_ENV_SIZE(cmpgts)
1559
1560 IWMMXT_OP_ENV_SIZE(mins)
1561 IWMMXT_OP_ENV_SIZE(minu)
1562 IWMMXT_OP_ENV_SIZE(maxs)
1563 IWMMXT_OP_ENV_SIZE(maxu)
1564
1565 IWMMXT_OP_ENV_SIZE(subn)
1566 IWMMXT_OP_ENV_SIZE(addn)
1567 IWMMXT_OP_ENV_SIZE(subu)
1568 IWMMXT_OP_ENV_SIZE(addu)
1569 IWMMXT_OP_ENV_SIZE(subs)
1570 IWMMXT_OP_ENV_SIZE(adds)
1571
1572 IWMMXT_OP_ENV(avgb0)
1573 IWMMXT_OP_ENV(avgb1)
1574 IWMMXT_OP_ENV(avgw0)
1575 IWMMXT_OP_ENV(avgw1)
1576
1577 IWMMXT_OP_ENV(packuw)
1578 IWMMXT_OP_ENV(packul)
1579 IWMMXT_OP_ENV(packuq)
1580 IWMMXT_OP_ENV(packsw)
1581 IWMMXT_OP_ENV(packsl)
1582 IWMMXT_OP_ENV(packsq)
1583
1584 static void gen_op_iwmmxt_set_mup(void)
1585 {
1586 TCGv_i32 tmp;
1587 tmp = load_cpu_field(iwmmxt.cregs[ARM_IWMMXT_wCon]);
1588 tcg_gen_ori_i32(tmp, tmp, 2);
1589 store_cpu_field(tmp, iwmmxt.cregs[ARM_IWMMXT_wCon]);
1590 }
1591
1592 static void gen_op_iwmmxt_set_cup(void)
1593 {
1594 TCGv_i32 tmp;
1595 tmp = load_cpu_field(iwmmxt.cregs[ARM_IWMMXT_wCon]);
1596 tcg_gen_ori_i32(tmp, tmp, 1);
1597 store_cpu_field(tmp, iwmmxt.cregs[ARM_IWMMXT_wCon]);
1598 }
1599
1600 static void gen_op_iwmmxt_setpsr_nz(void)
1601 {
1602 TCGv_i32 tmp = tcg_temp_new_i32();
1603 gen_helper_iwmmxt_setpsr_nz(tmp, cpu_M0);
1604 store_cpu_field(tmp, iwmmxt.cregs[ARM_IWMMXT_wCASF]);
1605 }
1606
1607 static inline void gen_op_iwmmxt_addl_M0_wRn(int rn)
1608 {
1609 iwmmxt_load_reg(cpu_V1, rn);
1610 tcg_gen_ext32u_i64(cpu_V1, cpu_V1);
1611 tcg_gen_add_i64(cpu_M0, cpu_M0, cpu_V1);
1612 }
1613
1614 static inline int gen_iwmmxt_address(DisasContext *s, uint32_t insn,
1615 TCGv_i32 dest)
1616 {
1617 int rd;
1618 uint32_t offset;
1619 TCGv_i32 tmp;
1620
1621 rd = (insn >> 16) & 0xf;
1622 tmp = load_reg(s, rd);
1623
1624 offset = (insn & 0xff) << ((insn >> 7) & 2);
1625 if (insn & (1 << 24)) {
1626 /* Pre indexed */
1627 if (insn & (1 << 23))
1628 tcg_gen_addi_i32(tmp, tmp, offset);
1629 else
1630 tcg_gen_addi_i32(tmp, tmp, -offset);
1631 tcg_gen_mov_i32(dest, tmp);
1632 if (insn & (1 << 21))
1633 store_reg(s, rd, tmp);
1634 else
1635 tcg_temp_free_i32(tmp);
1636 } else if (insn & (1 << 21)) {
1637 /* Post indexed */
1638 tcg_gen_mov_i32(dest, tmp);
1639 if (insn & (1 << 23))
1640 tcg_gen_addi_i32(tmp, tmp, offset);
1641 else
1642 tcg_gen_addi_i32(tmp, tmp, -offset);
1643 store_reg(s, rd, tmp);
1644 } else if (!(insn & (1 << 23)))
1645 return 1;
1646 return 0;
1647 }
1648
1649 static inline int gen_iwmmxt_shift(uint32_t insn, uint32_t mask, TCGv_i32 dest)
1650 {
1651 int rd = (insn >> 0) & 0xf;
1652 TCGv_i32 tmp;
1653
1654 if (insn & (1 << 8)) {
1655 if (rd < ARM_IWMMXT_wCGR0 || rd > ARM_IWMMXT_wCGR3) {
1656 return 1;
1657 } else {
1658 tmp = iwmmxt_load_creg(rd);
1659 }
1660 } else {
1661 tmp = tcg_temp_new_i32();
1662 iwmmxt_load_reg(cpu_V0, rd);
1663 tcg_gen_extrl_i64_i32(tmp, cpu_V0);
1664 }
1665 tcg_gen_andi_i32(tmp, tmp, mask);
1666 tcg_gen_mov_i32(dest, tmp);
1667 tcg_temp_free_i32(tmp);
1668 return 0;
1669 }
1670
1671 /* Disassemble an iwMMXt instruction. Returns nonzero if an error occurred
1672 (ie. an undefined instruction). */
1673 static int disas_iwmmxt_insn(DisasContext *s, uint32_t insn)
1674 {
1675 int rd, wrd;
1676 int rdhi, rdlo, rd0, rd1, i;
1677 TCGv_i32 addr;
1678 TCGv_i32 tmp, tmp2, tmp3;
1679
1680 if ((insn & 0x0e000e00) == 0x0c000000) {
1681 if ((insn & 0x0fe00ff0) == 0x0c400000) {
1682 wrd = insn & 0xf;
1683 rdlo = (insn >> 12) & 0xf;
1684 rdhi = (insn >> 16) & 0xf;
1685 if (insn & ARM_CP_RW_BIT) { /* TMRRC */
1686 iwmmxt_load_reg(cpu_V0, wrd);
1687 tcg_gen_extrl_i64_i32(cpu_R[rdlo], cpu_V0);
1688 tcg_gen_shri_i64(cpu_V0, cpu_V0, 32);
1689 tcg_gen_extrl_i64_i32(cpu_R[rdhi], cpu_V0);
1690 } else { /* TMCRR */
1691 tcg_gen_concat_i32_i64(cpu_V0, cpu_R[rdlo], cpu_R[rdhi]);
1692 iwmmxt_store_reg(cpu_V0, wrd);
1693 gen_op_iwmmxt_set_mup();
1694 }
1695 return 0;
1696 }
1697
1698 wrd = (insn >> 12) & 0xf;
1699 addr = tcg_temp_new_i32();
1700 if (gen_iwmmxt_address(s, insn, addr)) {
1701 tcg_temp_free_i32(addr);
1702 return 1;
1703 }
1704 if (insn & ARM_CP_RW_BIT) {
1705 if ((insn >> 28) == 0xf) { /* WLDRW wCx */
1706 tmp = tcg_temp_new_i32();
1707 gen_aa32_ld32u(s, tmp, addr, get_mem_index(s));
1708 iwmmxt_store_creg(wrd, tmp);
1709 } else {
1710 i = 1;
1711 if (insn & (1 << 8)) {
1712 if (insn & (1 << 22)) { /* WLDRD */
1713 gen_aa32_ld64(s, cpu_M0, addr, get_mem_index(s));
1714 i = 0;
1715 } else { /* WLDRW wRd */
1716 tmp = tcg_temp_new_i32();
1717 gen_aa32_ld32u(s, tmp, addr, get_mem_index(s));
1718 }
1719 } else {
1720 tmp = tcg_temp_new_i32();
1721 if (insn & (1 << 22)) { /* WLDRH */
1722 gen_aa32_ld16u(s, tmp, addr, get_mem_index(s));
1723 } else { /* WLDRB */
1724 gen_aa32_ld8u(s, tmp, addr, get_mem_index(s));
1725 }
1726 }
1727 if (i) {
1728 tcg_gen_extu_i32_i64(cpu_M0, tmp);
1729 tcg_temp_free_i32(tmp);
1730 }
1731 gen_op_iwmmxt_movq_wRn_M0(wrd);
1732 }
1733 } else {
1734 if ((insn >> 28) == 0xf) { /* WSTRW wCx */
1735 tmp = iwmmxt_load_creg(wrd);
1736 gen_aa32_st32(s, tmp, addr, get_mem_index(s));
1737 } else {
1738 gen_op_iwmmxt_movq_M0_wRn(wrd);
1739 tmp = tcg_temp_new_i32();
1740 if (insn & (1 << 8)) {
1741 if (insn & (1 << 22)) { /* WSTRD */
1742 gen_aa32_st64(s, cpu_M0, addr, get_mem_index(s));
1743 } else { /* WSTRW wRd */
1744 tcg_gen_extrl_i64_i32(tmp, cpu_M0);
1745 gen_aa32_st32(s, tmp, addr, get_mem_index(s));
1746 }
1747 } else {
1748 if (insn & (1 << 22)) { /* WSTRH */
1749 tcg_gen_extrl_i64_i32(tmp, cpu_M0);
1750 gen_aa32_st16(s, tmp, addr, get_mem_index(s));
1751 } else { /* WSTRB */
1752 tcg_gen_extrl_i64_i32(tmp, cpu_M0);
1753 gen_aa32_st8(s, tmp, addr, get_mem_index(s));
1754 }
1755 }
1756 }
1757 tcg_temp_free_i32(tmp);
1758 }
1759 tcg_temp_free_i32(addr);
1760 return 0;
1761 }
1762
1763 if ((insn & 0x0f000000) != 0x0e000000)
1764 return 1;
1765
1766 switch (((insn >> 12) & 0xf00) | ((insn >> 4) & 0xff)) {
1767 case 0x000: /* WOR */
1768 wrd = (insn >> 12) & 0xf;
1769 rd0 = (insn >> 0) & 0xf;
1770 rd1 = (insn >> 16) & 0xf;
1771 gen_op_iwmmxt_movq_M0_wRn(rd0);
1772 gen_op_iwmmxt_orq_M0_wRn(rd1);
1773 gen_op_iwmmxt_setpsr_nz();
1774 gen_op_iwmmxt_movq_wRn_M0(wrd);
1775 gen_op_iwmmxt_set_mup();
1776 gen_op_iwmmxt_set_cup();
1777 break;
1778 case 0x011: /* TMCR */
1779 if (insn & 0xf)
1780 return 1;
1781 rd = (insn >> 12) & 0xf;
1782 wrd = (insn >> 16) & 0xf;
1783 switch (wrd) {
1784 case ARM_IWMMXT_wCID:
1785 case ARM_IWMMXT_wCASF:
1786 break;
1787 case ARM_IWMMXT_wCon:
1788 gen_op_iwmmxt_set_cup();
1789 /* Fall through. */
1790 case ARM_IWMMXT_wCSSF:
1791 tmp = iwmmxt_load_creg(wrd);
1792 tmp2 = load_reg(s, rd);
1793 tcg_gen_andc_i32(tmp, tmp, tmp2);
1794 tcg_temp_free_i32(tmp2);
1795 iwmmxt_store_creg(wrd, tmp);
1796 break;
1797 case ARM_IWMMXT_wCGR0:
1798 case ARM_IWMMXT_wCGR1:
1799 case ARM_IWMMXT_wCGR2:
1800 case ARM_IWMMXT_wCGR3:
1801 gen_op_iwmmxt_set_cup();
1802 tmp = load_reg(s, rd);
1803 iwmmxt_store_creg(wrd, tmp);
1804 break;
1805 default:
1806 return 1;
1807 }
1808 break;
1809 case 0x100: /* WXOR */
1810 wrd = (insn >> 12) & 0xf;
1811 rd0 = (insn >> 0) & 0xf;
1812 rd1 = (insn >> 16) & 0xf;
1813 gen_op_iwmmxt_movq_M0_wRn(rd0);
1814 gen_op_iwmmxt_xorq_M0_wRn(rd1);
1815 gen_op_iwmmxt_setpsr_nz();
1816 gen_op_iwmmxt_movq_wRn_M0(wrd);
1817 gen_op_iwmmxt_set_mup();
1818 gen_op_iwmmxt_set_cup();
1819 break;
1820 case 0x111: /* TMRC */
1821 if (insn & 0xf)
1822 return 1;
1823 rd = (insn >> 12) & 0xf;
1824 wrd = (insn >> 16) & 0xf;
1825 tmp = iwmmxt_load_creg(wrd);
1826 store_reg(s, rd, tmp);
1827 break;
1828 case 0x300: /* WANDN */
1829 wrd = (insn >> 12) & 0xf;
1830 rd0 = (insn >> 0) & 0xf;
1831 rd1 = (insn >> 16) & 0xf;
1832 gen_op_iwmmxt_movq_M0_wRn(rd0);
1833 tcg_gen_neg_i64(cpu_M0, cpu_M0);
1834 gen_op_iwmmxt_andq_M0_wRn(rd1);
1835 gen_op_iwmmxt_setpsr_nz();
1836 gen_op_iwmmxt_movq_wRn_M0(wrd);
1837 gen_op_iwmmxt_set_mup();
1838 gen_op_iwmmxt_set_cup();
1839 break;
1840 case 0x200: /* WAND */
1841 wrd = (insn >> 12) & 0xf;
1842 rd0 = (insn >> 0) & 0xf;
1843 rd1 = (insn >> 16) & 0xf;
1844 gen_op_iwmmxt_movq_M0_wRn(rd0);
1845 gen_op_iwmmxt_andq_M0_wRn(rd1);
1846 gen_op_iwmmxt_setpsr_nz();
1847 gen_op_iwmmxt_movq_wRn_M0(wrd);
1848 gen_op_iwmmxt_set_mup();
1849 gen_op_iwmmxt_set_cup();
1850 break;
1851 case 0x810: case 0xa10: /* WMADD */
1852 wrd = (insn >> 12) & 0xf;
1853 rd0 = (insn >> 0) & 0xf;
1854 rd1 = (insn >> 16) & 0xf;
1855 gen_op_iwmmxt_movq_M0_wRn(rd0);
1856 if (insn & (1 << 21))
1857 gen_op_iwmmxt_maddsq_M0_wRn(rd1);
1858 else
1859 gen_op_iwmmxt_madduq_M0_wRn(rd1);
1860 gen_op_iwmmxt_movq_wRn_M0(wrd);
1861 gen_op_iwmmxt_set_mup();
1862 break;
1863 case 0x10e: case 0x50e: case 0x90e: case 0xd0e: /* WUNPCKIL */
1864 wrd = (insn >> 12) & 0xf;
1865 rd0 = (insn >> 16) & 0xf;
1866 rd1 = (insn >> 0) & 0xf;
1867 gen_op_iwmmxt_movq_M0_wRn(rd0);
1868 switch ((insn >> 22) & 3) {
1869 case 0:
1870 gen_op_iwmmxt_unpacklb_M0_wRn(rd1);
1871 break;
1872 case 1:
1873 gen_op_iwmmxt_unpacklw_M0_wRn(rd1);
1874 break;
1875 case 2:
1876 gen_op_iwmmxt_unpackll_M0_wRn(rd1);
1877 break;
1878 case 3:
1879 return 1;
1880 }
1881 gen_op_iwmmxt_movq_wRn_M0(wrd);
1882 gen_op_iwmmxt_set_mup();
1883 gen_op_iwmmxt_set_cup();
1884 break;
1885 case 0x10c: case 0x50c: case 0x90c: case 0xd0c: /* WUNPCKIH */
1886 wrd = (insn >> 12) & 0xf;
1887 rd0 = (insn >> 16) & 0xf;
1888 rd1 = (insn >> 0) & 0xf;
1889 gen_op_iwmmxt_movq_M0_wRn(rd0);
1890 switch ((insn >> 22) & 3) {
1891 case 0:
1892 gen_op_iwmmxt_unpackhb_M0_wRn(rd1);
1893 break;
1894 case 1:
1895 gen_op_iwmmxt_unpackhw_M0_wRn(rd1);
1896 break;
1897 case 2:
1898 gen_op_iwmmxt_unpackhl_M0_wRn(rd1);
1899 break;
1900 case 3:
1901 return 1;
1902 }
1903 gen_op_iwmmxt_movq_wRn_M0(wrd);
1904 gen_op_iwmmxt_set_mup();
1905 gen_op_iwmmxt_set_cup();
1906 break;
1907 case 0x012: case 0x112: case 0x412: case 0x512: /* WSAD */
1908 wrd = (insn >> 12) & 0xf;
1909 rd0 = (insn >> 16) & 0xf;
1910 rd1 = (insn >> 0) & 0xf;
1911 gen_op_iwmmxt_movq_M0_wRn(rd0);
1912 if (insn & (1 << 22))
1913 gen_op_iwmmxt_sadw_M0_wRn(rd1);
1914 else
1915 gen_op_iwmmxt_sadb_M0_wRn(rd1);
1916 if (!(insn & (1 << 20)))
1917 gen_op_iwmmxt_addl_M0_wRn(wrd);
1918 gen_op_iwmmxt_movq_wRn_M0(wrd);
1919 gen_op_iwmmxt_set_mup();
1920 break;
1921 case 0x010: case 0x110: case 0x210: case 0x310: /* WMUL */
1922 wrd = (insn >> 12) & 0xf;
1923 rd0 = (insn >> 16) & 0xf;
1924 rd1 = (insn >> 0) & 0xf;
1925 gen_op_iwmmxt_movq_M0_wRn(rd0);
1926 if (insn & (1 << 21)) {
1927 if (insn & (1 << 20))
1928 gen_op_iwmmxt_mulshw_M0_wRn(rd1);
1929 else
1930 gen_op_iwmmxt_mulslw_M0_wRn(rd1);
1931 } else {
1932 if (insn & (1 << 20))
1933 gen_op_iwmmxt_muluhw_M0_wRn(rd1);
1934 else
1935 gen_op_iwmmxt_mululw_M0_wRn(rd1);
1936 }
1937 gen_op_iwmmxt_movq_wRn_M0(wrd);
1938 gen_op_iwmmxt_set_mup();
1939 break;
1940 case 0x410: case 0x510: case 0x610: case 0x710: /* WMAC */
1941 wrd = (insn >> 12) & 0xf;
1942 rd0 = (insn >> 16) & 0xf;
1943 rd1 = (insn >> 0) & 0xf;
1944 gen_op_iwmmxt_movq_M0_wRn(rd0);
1945 if (insn & (1 << 21))
1946 gen_op_iwmmxt_macsw_M0_wRn(rd1);
1947 else
1948 gen_op_iwmmxt_macuw_M0_wRn(rd1);
1949 if (!(insn & (1 << 20))) {
1950 iwmmxt_load_reg(cpu_V1, wrd);
1951 tcg_gen_add_i64(cpu_M0, cpu_M0, cpu_V1);
1952 }
1953 gen_op_iwmmxt_movq_wRn_M0(wrd);
1954 gen_op_iwmmxt_set_mup();
1955 break;
1956 case 0x006: case 0x406: case 0x806: case 0xc06: /* WCMPEQ */
1957 wrd = (insn >> 12) & 0xf;
1958 rd0 = (insn >> 16) & 0xf;
1959 rd1 = (insn >> 0) & 0xf;
1960 gen_op_iwmmxt_movq_M0_wRn(rd0);
1961 switch ((insn >> 22) & 3) {
1962 case 0:
1963 gen_op_iwmmxt_cmpeqb_M0_wRn(rd1);
1964 break;
1965 case 1:
1966 gen_op_iwmmxt_cmpeqw_M0_wRn(rd1);
1967 break;
1968 case 2:
1969 gen_op_iwmmxt_cmpeql_M0_wRn(rd1);
1970 break;
1971 case 3:
1972 return 1;
1973 }
1974 gen_op_iwmmxt_movq_wRn_M0(wrd);
1975 gen_op_iwmmxt_set_mup();
1976 gen_op_iwmmxt_set_cup();
1977 break;
1978 case 0x800: case 0x900: case 0xc00: case 0xd00: /* WAVG2 */
1979 wrd = (insn >> 12) & 0xf;
1980 rd0 = (insn >> 16) & 0xf;
1981 rd1 = (insn >> 0) & 0xf;
1982 gen_op_iwmmxt_movq_M0_wRn(rd0);
1983 if (insn & (1 << 22)) {
1984 if (insn & (1 << 20))
1985 gen_op_iwmmxt_avgw1_M0_wRn(rd1);
1986 else
1987 gen_op_iwmmxt_avgw0_M0_wRn(rd1);
1988 } else {
1989 if (insn & (1 << 20))
1990 gen_op_iwmmxt_avgb1_M0_wRn(rd1);
1991 else
1992 gen_op_iwmmxt_avgb0_M0_wRn(rd1);
1993 }
1994 gen_op_iwmmxt_movq_wRn_M0(wrd);
1995 gen_op_iwmmxt_set_mup();
1996 gen_op_iwmmxt_set_cup();
1997 break;
1998 case 0x802: case 0x902: case 0xa02: case 0xb02: /* WALIGNR */
1999 wrd = (insn >> 12) & 0xf;
2000 rd0 = (insn >> 16) & 0xf;
2001 rd1 = (insn >> 0) & 0xf;
2002 gen_op_iwmmxt_movq_M0_wRn(rd0);
2003 tmp = iwmmxt_load_creg(ARM_IWMMXT_wCGR0 + ((insn >> 20) & 3));
2004 tcg_gen_andi_i32(tmp, tmp, 7);
2005 iwmmxt_load_reg(cpu_V1, rd1);
2006 gen_helper_iwmmxt_align(cpu_M0, cpu_M0, cpu_V1, tmp);
2007 tcg_temp_free_i32(tmp);
2008 gen_op_iwmmxt_movq_wRn_M0(wrd);
2009 gen_op_iwmmxt_set_mup();
2010 break;
2011 case 0x601: case 0x605: case 0x609: case 0x60d: /* TINSR */
2012 if (((insn >> 6) & 3) == 3)
2013 return 1;
2014 rd = (insn >> 12) & 0xf;
2015 wrd = (insn >> 16) & 0xf;
2016 tmp = load_reg(s, rd);
2017 gen_op_iwmmxt_movq_M0_wRn(wrd);
2018 switch ((insn >> 6) & 3) {
2019 case 0:
2020 tmp2 = tcg_const_i32(0xff);
2021 tmp3 = tcg_const_i32((insn & 7) << 3);
2022 break;
2023 case 1:
2024 tmp2 = tcg_const_i32(0xffff);
2025 tmp3 = tcg_const_i32((insn & 3) << 4);
2026 break;
2027 case 2:
2028 tmp2 = tcg_const_i32(0xffffffff);
2029 tmp3 = tcg_const_i32((insn & 1) << 5);
2030 break;
2031 default:
2032 TCGV_UNUSED_I32(tmp2);
2033 TCGV_UNUSED_I32(tmp3);
2034 }
2035 gen_helper_iwmmxt_insr(cpu_M0, cpu_M0, tmp, tmp2, tmp3);
2036 tcg_temp_free_i32(tmp3);
2037 tcg_temp_free_i32(tmp2);
2038 tcg_temp_free_i32(tmp);
2039 gen_op_iwmmxt_movq_wRn_M0(wrd);
2040 gen_op_iwmmxt_set_mup();
2041 break;
2042 case 0x107: case 0x507: case 0x907: case 0xd07: /* TEXTRM */
2043 rd = (insn >> 12) & 0xf;
2044 wrd = (insn >> 16) & 0xf;
2045 if (rd == 15 || ((insn >> 22) & 3) == 3)
2046 return 1;
2047 gen_op_iwmmxt_movq_M0_wRn(wrd);
2048 tmp = tcg_temp_new_i32();
2049 switch ((insn >> 22) & 3) {
2050 case 0:
2051 tcg_gen_shri_i64(cpu_M0, cpu_M0, (insn & 7) << 3);
2052 tcg_gen_extrl_i64_i32(tmp, cpu_M0);
2053 if (insn & 8) {
2054 tcg_gen_ext8s_i32(tmp, tmp);
2055 } else {
2056 tcg_gen_andi_i32(tmp, tmp, 0xff);
2057 }
2058 break;
2059 case 1:
2060 tcg_gen_shri_i64(cpu_M0, cpu_M0, (insn & 3) << 4);
2061 tcg_gen_extrl_i64_i32(tmp, cpu_M0);
2062 if (insn & 8) {
2063 tcg_gen_ext16s_i32(tmp, tmp);
2064 } else {
2065 tcg_gen_andi_i32(tmp, tmp, 0xffff);
2066 }
2067 break;
2068 case 2:
2069 tcg_gen_shri_i64(cpu_M0, cpu_M0, (insn & 1) << 5);
2070 tcg_gen_extrl_i64_i32(tmp, cpu_M0);
2071 break;
2072 }
2073 store_reg(s, rd, tmp);
2074 break;
2075 case 0x117: case 0x517: case 0x917: case 0xd17: /* TEXTRC */
2076 if ((insn & 0x000ff008) != 0x0003f000 || ((insn >> 22) & 3) == 3)
2077 return 1;
2078 tmp = iwmmxt_load_creg(ARM_IWMMXT_wCASF);
2079 switch ((insn >> 22) & 3) {
2080 case 0:
2081 tcg_gen_shri_i32(tmp, tmp, ((insn & 7) << 2) + 0);
2082 break;
2083 case 1:
2084 tcg_gen_shri_i32(tmp, tmp, ((insn & 3) << 3) + 4);
2085 break;
2086 case 2:
2087 tcg_gen_shri_i32(tmp, tmp, ((insn & 1) << 4) + 12);
2088 break;
2089 }
2090 tcg_gen_shli_i32(tmp, tmp, 28);
2091 gen_set_nzcv(tmp);
2092 tcg_temp_free_i32(tmp);
2093 break;
2094 case 0x401: case 0x405: case 0x409: case 0x40d: /* TBCST */
2095 if (((insn >> 6) & 3) == 3)
2096 return 1;
2097 rd = (insn >> 12) & 0xf;
2098 wrd = (insn >> 16) & 0xf;
2099 tmp = load_reg(s, rd);
2100 switch ((insn >> 6) & 3) {
2101 case 0:
2102 gen_helper_iwmmxt_bcstb(cpu_M0, tmp);
2103 break;
2104 case 1:
2105 gen_helper_iwmmxt_bcstw(cpu_M0, tmp);
2106 break;
2107 case 2:
2108 gen_helper_iwmmxt_bcstl(cpu_M0, tmp);
2109 break;
2110 }
2111 tcg_temp_free_i32(tmp);
2112 gen_op_iwmmxt_movq_wRn_M0(wrd);
2113 gen_op_iwmmxt_set_mup();
2114 break;
2115 case 0x113: case 0x513: case 0x913: case 0xd13: /* TANDC */
2116 if ((insn & 0x000ff00f) != 0x0003f000 || ((insn >> 22) & 3) == 3)
2117 return 1;
2118 tmp = iwmmxt_load_creg(ARM_IWMMXT_wCASF);
2119 tmp2 = tcg_temp_new_i32();
2120 tcg_gen_mov_i32(tmp2, tmp);
2121 switch ((insn >> 22) & 3) {
2122 case 0:
2123 for (i = 0; i < 7; i ++) {
2124 tcg_gen_shli_i32(tmp2, tmp2, 4);
2125 tcg_gen_and_i32(tmp, tmp, tmp2);
2126 }
2127 break;
2128 case 1:
2129 for (i = 0; i < 3; i ++) {
2130 tcg_gen_shli_i32(tmp2, tmp2, 8);
2131 tcg_gen_and_i32(tmp, tmp, tmp2);
2132 }
2133 break;
2134 case 2:
2135 tcg_gen_shli_i32(tmp2, tmp2, 16);
2136 tcg_gen_and_i32(tmp, tmp, tmp2);
2137 break;
2138 }
2139 gen_set_nzcv(tmp);
2140 tcg_temp_free_i32(tmp2);
2141 tcg_temp_free_i32(tmp);
2142 break;
2143 case 0x01c: case 0x41c: case 0x81c: case 0xc1c: /* WACC */
2144 wrd = (insn >> 12) & 0xf;
2145 rd0 = (insn >> 16) & 0xf;
2146 gen_op_iwmmxt_movq_M0_wRn(rd0);
2147 switch ((insn >> 22) & 3) {
2148 case 0:
2149 gen_helper_iwmmxt_addcb(cpu_M0, cpu_M0);
2150 break;
2151 case 1:
2152 gen_helper_iwmmxt_addcw(cpu_M0, cpu_M0);
2153 break;
2154 case 2:
2155 gen_helper_iwmmxt_addcl(cpu_M0, cpu_M0);
2156 break;
2157 case 3:
2158 return 1;
2159 }
2160 gen_op_iwmmxt_movq_wRn_M0(wrd);
2161 gen_op_iwmmxt_set_mup();
2162 break;
2163 case 0x115: case 0x515: case 0x915: case 0xd15: /* TORC */
2164 if ((insn & 0x000ff00f) != 0x0003f000 || ((insn >> 22) & 3) == 3)
2165 return 1;
2166 tmp = iwmmxt_load_creg(ARM_IWMMXT_wCASF);
2167 tmp2 = tcg_temp_new_i32();
2168 tcg_gen_mov_i32(tmp2, tmp);
2169 switch ((insn >> 22) & 3) {
2170 case 0:
2171 for (i = 0; i < 7; i ++) {
2172 tcg_gen_shli_i32(tmp2, tmp2, 4);
2173 tcg_gen_or_i32(tmp, tmp, tmp2);
2174 }
2175 break;
2176 case 1:
2177 for (i = 0; i < 3; i ++) {
2178 tcg_gen_shli_i32(tmp2, tmp2, 8);
2179 tcg_gen_or_i32(tmp, tmp, tmp2);
2180 }
2181 break;
2182 case 2:
2183 tcg_gen_shli_i32(tmp2, tmp2, 16);
2184 tcg_gen_or_i32(tmp, tmp, tmp2);
2185 break;
2186 }
2187 gen_set_nzcv(tmp);
2188 tcg_temp_free_i32(tmp2);
2189 tcg_temp_free_i32(tmp);
2190 break;
2191 case 0x103: case 0x503: case 0x903: case 0xd03: /* TMOVMSK */
2192 rd = (insn >> 12) & 0xf;
2193 rd0 = (insn >> 16) & 0xf;
2194 if ((insn & 0xf) != 0 || ((insn >> 22) & 3) == 3)
2195 return 1;
2196 gen_op_iwmmxt_movq_M0_wRn(rd0);
2197 tmp = tcg_temp_new_i32();
2198 switch ((insn >> 22) & 3) {
2199 case 0:
2200 gen_helper_iwmmxt_msbb(tmp, cpu_M0);
2201 break;
2202 case 1:
2203 gen_helper_iwmmxt_msbw(tmp, cpu_M0);
2204 break;
2205 case 2:
2206 gen_helper_iwmmxt_msbl(tmp, cpu_M0);
2207 break;
2208 }
2209 store_reg(s, rd, tmp);
2210 break;
2211 case 0x106: case 0x306: case 0x506: case 0x706: /* WCMPGT */
2212 case 0x906: case 0xb06: case 0xd06: case 0xf06:
2213 wrd = (insn >> 12) & 0xf;
2214 rd0 = (insn >> 16) & 0xf;
2215 rd1 = (insn >> 0) & 0xf;
2216 gen_op_iwmmxt_movq_M0_wRn(rd0);
2217 switch ((insn >> 22) & 3) {
2218 case 0:
2219 if (insn & (1 << 21))
2220 gen_op_iwmmxt_cmpgtsb_M0_wRn(rd1);
2221 else
2222 gen_op_iwmmxt_cmpgtub_M0_wRn(rd1);
2223 break;
2224 case 1:
2225 if (insn & (1 << 21))
2226 gen_op_iwmmxt_cmpgtsw_M0_wRn(rd1);
2227 else
2228 gen_op_iwmmxt_cmpgtuw_M0_wRn(rd1);
2229 break;
2230 case 2:
2231 if (insn & (1 << 21))
2232 gen_op_iwmmxt_cmpgtsl_M0_wRn(rd1);
2233 else
2234 gen_op_iwmmxt_cmpgtul_M0_wRn(rd1);
2235 break;
2236 case 3:
2237 return 1;
2238 }
2239 gen_op_iwmmxt_movq_wRn_M0(wrd);
2240 gen_op_iwmmxt_set_mup();
2241 gen_op_iwmmxt_set_cup();
2242 break;
2243 case 0x00e: case 0x20e: case 0x40e: case 0x60e: /* WUNPCKEL */
2244 case 0x80e: case 0xa0e: case 0xc0e: case 0xe0e:
2245 wrd = (insn >> 12) & 0xf;
2246 rd0 = (insn >> 16) & 0xf;
2247 gen_op_iwmmxt_movq_M0_wRn(rd0);
2248 switch ((insn >> 22) & 3) {
2249 case 0:
2250 if (insn & (1 << 21))
2251 gen_op_iwmmxt_unpacklsb_M0();
2252 else
2253 gen_op_iwmmxt_unpacklub_M0();
2254 break;
2255 case 1:
2256 if (insn & (1 << 21))
2257 gen_op_iwmmxt_unpacklsw_M0();
2258 else
2259 gen_op_iwmmxt_unpackluw_M0();
2260 break;
2261 case 2:
2262 if (insn & (1 << 21))
2263 gen_op_iwmmxt_unpacklsl_M0();
2264 else
2265 gen_op_iwmmxt_unpacklul_M0();
2266 break;
2267 case 3:
2268 return 1;
2269 }
2270 gen_op_iwmmxt_movq_wRn_M0(wrd);
2271 gen_op_iwmmxt_set_mup();
2272 gen_op_iwmmxt_set_cup();
2273 break;
2274 case 0x00c: case 0x20c: case 0x40c: case 0x60c: /* WUNPCKEH */
2275 case 0x80c: case 0xa0c: case 0xc0c: case 0xe0c:
2276 wrd = (insn >> 12) & 0xf;
2277 rd0 = (insn >> 16) & 0xf;
2278 gen_op_iwmmxt_movq_M0_wRn(rd0);
2279 switch ((insn >> 22) & 3) {
2280 case 0:
2281 if (insn & (1 << 21))
2282 gen_op_iwmmxt_unpackhsb_M0();
2283 else
2284 gen_op_iwmmxt_unpackhub_M0();
2285 break;
2286 case 1:
2287 if (insn & (1 << 21))
2288 gen_op_iwmmxt_unpackhsw_M0();
2289 else
2290 gen_op_iwmmxt_unpackhuw_M0();
2291 break;
2292 case 2:
2293 if (insn & (1 << 21))
2294 gen_op_iwmmxt_unpackhsl_M0();
2295 else
2296 gen_op_iwmmxt_unpackhul_M0();
2297 break;
2298 case 3:
2299 return 1;
2300 }
2301 gen_op_iwmmxt_movq_wRn_M0(wrd);
2302 gen_op_iwmmxt_set_mup();
2303 gen_op_iwmmxt_set_cup();
2304 break;
2305 case 0x204: case 0x604: case 0xa04: case 0xe04: /* WSRL */
2306 case 0x214: case 0x614: case 0xa14: case 0xe14:
2307 if (((insn >> 22) & 3) == 0)
2308 return 1;
2309 wrd = (insn >> 12) & 0xf;
2310 rd0 = (insn >> 16) & 0xf;
2311 gen_op_iwmmxt_movq_M0_wRn(rd0);
2312 tmp = tcg_temp_new_i32();
2313 if (gen_iwmmxt_shift(insn, 0xff, tmp)) {
2314 tcg_temp_free_i32(tmp);
2315 return 1;
2316 }
2317 switch ((insn >> 22) & 3) {
2318 case 1:
2319 gen_helper_iwmmxt_srlw(cpu_M0, cpu_env, cpu_M0, tmp);
2320 break;
2321 case 2:
2322 gen_helper_iwmmxt_srll(cpu_M0, cpu_env, cpu_M0, tmp);
2323 break;
2324 case 3:
2325 gen_helper_iwmmxt_srlq(cpu_M0, cpu_env, cpu_M0, tmp);
2326 break;
2327 }
2328 tcg_temp_free_i32(tmp);
2329 gen_op_iwmmxt_movq_wRn_M0(wrd);
2330 gen_op_iwmmxt_set_mup();
2331 gen_op_iwmmxt_set_cup();
2332 break;
2333 case 0x004: case 0x404: case 0x804: case 0xc04: /* WSRA */
2334 case 0x014: case 0x414: case 0x814: case 0xc14:
2335 if (((insn >> 22) & 3) == 0)
2336 return 1;
2337 wrd = (insn >> 12) & 0xf;
2338 rd0 = (insn >> 16) & 0xf;
2339 gen_op_iwmmxt_movq_M0_wRn(rd0);
2340 tmp = tcg_temp_new_i32();
2341 if (gen_iwmmxt_shift(insn, 0xff, tmp)) {
2342 tcg_temp_free_i32(tmp);
2343 return 1;
2344 }
2345 switch ((insn >> 22) & 3) {
2346 case 1:
2347 gen_helper_iwmmxt_sraw(cpu_M0, cpu_env, cpu_M0, tmp);
2348 break;
2349 case 2:
2350 gen_helper_iwmmxt_sral(cpu_M0, cpu_env, cpu_M0, tmp);
2351 break;
2352 case 3:
2353 gen_helper_iwmmxt_sraq(cpu_M0, cpu_env, cpu_M0, tmp);
2354 break;
2355 }
2356 tcg_temp_free_i32(tmp);
2357 gen_op_iwmmxt_movq_wRn_M0(wrd);
2358 gen_op_iwmmxt_set_mup();
2359 gen_op_iwmmxt_set_cup();
2360 break;
2361 case 0x104: case 0x504: case 0x904: case 0xd04: /* WSLL */
2362 case 0x114: case 0x514: case 0x914: case 0xd14:
2363 if (((insn >> 22) & 3) == 0)
2364 return 1;
2365 wrd = (insn >> 12) & 0xf;
2366 rd0 = (insn >> 16) & 0xf;
2367 gen_op_iwmmxt_movq_M0_wRn(rd0);
2368 tmp = tcg_temp_new_i32();
2369 if (gen_iwmmxt_shift(insn, 0xff, tmp)) {
2370 tcg_temp_free_i32(tmp);
2371 return 1;
2372 }
2373 switch ((insn >> 22) & 3) {
2374 case 1:
2375 gen_helper_iwmmxt_sllw(cpu_M0, cpu_env, cpu_M0, tmp);
2376 break;
2377 case 2:
2378 gen_helper_iwmmxt_slll(cpu_M0, cpu_env, cpu_M0, tmp);
2379 break;
2380 case 3:
2381 gen_helper_iwmmxt_sllq(cpu_M0, cpu_env, cpu_M0, tmp);
2382 break;
2383 }
2384 tcg_temp_free_i32(tmp);
2385 gen_op_iwmmxt_movq_wRn_M0(wrd);
2386 gen_op_iwmmxt_set_mup();
2387 gen_op_iwmmxt_set_cup();
2388 break;
2389 case 0x304: case 0x704: case 0xb04: case 0xf04: /* WROR */
2390 case 0x314: case 0x714: case 0xb14: case 0xf14:
2391 if (((insn >> 22) & 3) == 0)
2392 return 1;
2393 wrd = (insn >> 12) & 0xf;
2394 rd0 = (insn >> 16) & 0xf;
2395 gen_op_iwmmxt_movq_M0_wRn(rd0);
2396 tmp = tcg_temp_new_i32();
2397 switch ((insn >> 22) & 3) {
2398 case 1:
2399 if (gen_iwmmxt_shift(insn, 0xf, tmp)) {
2400 tcg_temp_free_i32(tmp);
2401 return 1;
2402 }
2403 gen_helper_iwmmxt_rorw(cpu_M0, cpu_env, cpu_M0, tmp);
2404 break;
2405 case 2:
2406 if (gen_iwmmxt_shift(insn, 0x1f, tmp)) {
2407 tcg_temp_free_i32(tmp);
2408 return 1;
2409 }
2410 gen_helper_iwmmxt_rorl(cpu_M0, cpu_env, cpu_M0, tmp);
2411 break;
2412 case 3:
2413 if (gen_iwmmxt_shift(insn, 0x3f, tmp)) {
2414 tcg_temp_free_i32(tmp);
2415 return 1;
2416 }
2417 gen_helper_iwmmxt_rorq(cpu_M0, cpu_env, cpu_M0, tmp);
2418 break;
2419 }
2420 tcg_temp_free_i32(tmp);
2421 gen_op_iwmmxt_movq_wRn_M0(wrd);
2422 gen_op_iwmmxt_set_mup();
2423 gen_op_iwmmxt_set_cup();
2424 break;
2425 case 0x116: case 0x316: case 0x516: case 0x716: /* WMIN */
2426 case 0x916: case 0xb16: case 0xd16: case 0xf16:
2427 wrd = (insn >> 12) & 0xf;
2428 rd0 = (insn >> 16) & 0xf;
2429 rd1 = (insn >> 0) & 0xf;
2430 gen_op_iwmmxt_movq_M0_wRn(rd0);
2431 switch ((insn >> 22) & 3) {
2432 case 0:
2433 if (insn & (1 << 21))
2434 gen_op_iwmmxt_minsb_M0_wRn(rd1);
2435 else
2436 gen_op_iwmmxt_minub_M0_wRn(rd1);
2437 break;
2438 case 1:
2439 if (insn & (1 << 21))
2440 gen_op_iwmmxt_minsw_M0_wRn(rd1);
2441 else
2442 gen_op_iwmmxt_minuw_M0_wRn(rd1);
2443 break;
2444 case 2:
2445 if (insn & (1 << 21))
2446 gen_op_iwmmxt_minsl_M0_wRn(rd1);
2447 else
2448 gen_op_iwmmxt_minul_M0_wRn(rd1);
2449 break;
2450 case 3:
2451 return 1;
2452 }
2453 gen_op_iwmmxt_movq_wRn_M0(wrd);
2454 gen_op_iwmmxt_set_mup();
2455 break;
2456 case 0x016: case 0x216: case 0x416: case 0x616: /* WMAX */
2457 case 0x816: case 0xa16: case 0xc16: case 0xe16:
2458 wrd = (insn >> 12) & 0xf;
2459 rd0 = (insn >> 16) & 0xf;
2460 rd1 = (insn >> 0) & 0xf;
2461 gen_op_iwmmxt_movq_M0_wRn(rd0);
2462 switch ((insn >> 22) & 3) {
2463 case 0:
2464 if (insn & (1 << 21))
2465 gen_op_iwmmxt_maxsb_M0_wRn(rd1);
2466 else
2467 gen_op_iwmmxt_maxub_M0_wRn(rd1);
2468 break;
2469 case 1:
2470 if (insn & (1 << 21))
2471 gen_op_iwmmxt_maxsw_M0_wRn(rd1);
2472 else
2473 gen_op_iwmmxt_maxuw_M0_wRn(rd1);
2474 break;
2475 case 2:
2476 if (insn & (1 << 21))
2477 gen_op_iwmmxt_maxsl_M0_wRn(rd1);
2478 else
2479 gen_op_iwmmxt_maxul_M0_wRn(rd1);
2480 break;
2481 case 3:
2482 return 1;
2483 }
2484 gen_op_iwmmxt_movq_wRn_M0(wrd);
2485 gen_op_iwmmxt_set_mup();
2486 break;
2487 case 0x002: case 0x102: case 0x202: case 0x302: /* WALIGNI */
2488 case 0x402: case 0x502: case 0x602: case 0x702:
2489 wrd = (insn >> 12) & 0xf;
2490 rd0 = (insn >> 16) & 0xf;
2491 rd1 = (insn >> 0) & 0xf;
2492 gen_op_iwmmxt_movq_M0_wRn(rd0);
2493 tmp = tcg_const_i32((insn >> 20) & 3);
2494 iwmmxt_load_reg(cpu_V1, rd1);
2495 gen_helper_iwmmxt_align(cpu_M0, cpu_M0, cpu_V1, tmp);
2496 tcg_temp_free_i32(tmp);
2497 gen_op_iwmmxt_movq_wRn_M0(wrd);
2498 gen_op_iwmmxt_set_mup();
2499 break;
2500 case 0x01a: case 0x11a: case 0x21a: case 0x31a: /* WSUB */
2501 case 0x41a: case 0x51a: case 0x61a: case 0x71a:
2502 case 0x81a: case 0x91a: case 0xa1a: case 0xb1a:
2503 case 0xc1a: case 0xd1a: case 0xe1a: case 0xf1a:
2504 wrd = (insn >> 12) & 0xf;
2505 rd0 = (insn >> 16) & 0xf;
2506 rd1 = (insn >> 0) & 0xf;
2507 gen_op_iwmmxt_movq_M0_wRn(rd0);
2508 switch ((insn >> 20) & 0xf) {
2509 case 0x0:
2510 gen_op_iwmmxt_subnb_M0_wRn(rd1);
2511 break;
2512 case 0x1:
2513 gen_op_iwmmxt_subub_M0_wRn(rd1);
2514 break;
2515 case 0x3:
2516 gen_op_iwmmxt_subsb_M0_wRn(rd1);
2517 break;
2518 case 0x4:
2519 gen_op_iwmmxt_subnw_M0_wRn(rd1);
2520 break;
2521 case 0x5:
2522 gen_op_iwmmxt_subuw_M0_wRn(rd1);
2523 break;
2524 case 0x7:
2525 gen_op_iwmmxt_subsw_M0_wRn(rd1);
2526 break;
2527 case 0x8:
2528 gen_op_iwmmxt_subnl_M0_wRn(rd1);
2529 break;
2530 case 0x9:
2531 gen_op_iwmmxt_subul_M0_wRn(rd1);
2532 break;
2533 case 0xb:
2534 gen_op_iwmmxt_subsl_M0_wRn(rd1);
2535 break;
2536 default:
2537 return 1;
2538 }
2539 gen_op_iwmmxt_movq_wRn_M0(wrd);
2540 gen_op_iwmmxt_set_mup();
2541 gen_op_iwmmxt_set_cup();
2542 break;
2543 case 0x01e: case 0x11e: case 0x21e: case 0x31e: /* WSHUFH */
2544 case 0x41e: case 0x51e: case 0x61e: case 0x71e:
2545 case 0x81e: case 0x91e: case 0xa1e: case 0xb1e:
2546 case 0xc1e: case 0xd1e: case 0xe1e: case 0xf1e:
2547 wrd = (insn >> 12) & 0xf;
2548 rd0 = (insn >> 16) & 0xf;
2549 gen_op_iwmmxt_movq_M0_wRn(rd0);
2550 tmp = tcg_const_i32(((insn >> 16) & 0xf0) | (insn & 0x0f));
2551 gen_helper_iwmmxt_shufh(cpu_M0, cpu_env, cpu_M0, tmp);
2552 tcg_temp_free_i32(tmp);
2553 gen_op_iwmmxt_movq_wRn_M0(wrd);
2554 gen_op_iwmmxt_set_mup();
2555 gen_op_iwmmxt_set_cup();
2556 break;
2557 case 0x018: case 0x118: case 0x218: case 0x318: /* WADD */
2558 case 0x418: case 0x518: case 0x618: case 0x718:
2559 case 0x818: case 0x918: case 0xa18: case 0xb18:
2560 case 0xc18: case 0xd18: case 0xe18: case 0xf18:
2561 wrd = (insn >> 12) & 0xf;
2562 rd0 = (insn >> 16) & 0xf;
2563 rd1 = (insn >> 0) & 0xf;
2564 gen_op_iwmmxt_movq_M0_wRn(rd0);
2565 switch ((insn >> 20) & 0xf) {
2566 case 0x0:
2567 gen_op_iwmmxt_addnb_M0_wRn(rd1);
2568 break;
2569 case 0x1:
2570 gen_op_iwmmxt_addub_M0_wRn(rd1);
2571 break;
2572 case 0x3:
2573 gen_op_iwmmxt_addsb_M0_wRn(rd1);
2574 break;
2575 case 0x4:
2576 gen_op_iwmmxt_addnw_M0_wRn(rd1);
2577 break;
2578 case 0x5:
2579 gen_op_iwmmxt_adduw_M0_wRn(rd1);
2580 break;
2581 case 0x7:
2582 gen_op_iwmmxt_addsw_M0_wRn(rd1);
2583 break;
2584 case 0x8:
2585 gen_op_iwmmxt_addnl_M0_wRn(rd1);
2586 break;
2587 case 0x9:
2588 gen_op_iwmmxt_addul_M0_wRn(rd1);
2589 break;
2590 case 0xb:
2591 gen_op_iwmmxt_addsl_M0_wRn(rd1);
2592 break;
2593 default:
2594 return 1;
2595 }
2596 gen_op_iwmmxt_movq_wRn_M0(wrd);
2597 gen_op_iwmmxt_set_mup();
2598 gen_op_iwmmxt_set_cup();
2599 break;
2600 case 0x008: case 0x108: case 0x208: case 0x308: /* WPACK */
2601 case 0x408: case 0x508: case 0x608: case 0x708:
2602 case 0x808: case 0x908: case 0xa08: case 0xb08:
2603 case 0xc08: case 0xd08: case 0xe08: case 0xf08:
2604 if (!(insn & (1 << 20)) || ((insn >> 22) & 3) == 0)
2605 return 1;
2606 wrd = (insn >> 12) & 0xf;
2607 rd0 = (insn >> 16) & 0xf;
2608 rd1 = (insn >> 0) & 0xf;
2609 gen_op_iwmmxt_movq_M0_wRn(rd0);
2610 switch ((insn >> 22) & 3) {
2611 case 1:
2612 if (insn & (1 << 21))
2613 gen_op_iwmmxt_packsw_M0_wRn(rd1);
2614 else
2615 gen_op_iwmmxt_packuw_M0_wRn(rd1);
2616 break;
2617 case 2:
2618 if (insn & (1 << 21))
2619 gen_op_iwmmxt_packsl_M0_wRn(rd1);
2620 else
2621 gen_op_iwmmxt_packul_M0_wRn(rd1);
2622 break;
2623 case 3:
2624 if (insn & (1 << 21))
2625 gen_op_iwmmxt_packsq_M0_wRn(rd1);
2626 else
2627 gen_op_iwmmxt_packuq_M0_wRn(rd1);
2628 break;
2629 }
2630 gen_op_iwmmxt_movq_wRn_M0(wrd);
2631 gen_op_iwmmxt_set_mup();
2632 gen_op_iwmmxt_set_cup();
2633 break;
2634 case 0x201: case 0x203: case 0x205: case 0x207:
2635 case 0x209: case 0x20b: case 0x20d: case 0x20f:
2636 case 0x211: case 0x213: case 0x215: case 0x217:
2637 case 0x219: case 0x21b: case 0x21d: case 0x21f:
2638 wrd = (insn >> 5) & 0xf;
2639 rd0 = (insn >> 12) & 0xf;
2640 rd1 = (insn >> 0) & 0xf;
2641 if (rd0 == 0xf || rd1 == 0xf)
2642 return 1;
2643 gen_op_iwmmxt_movq_M0_wRn(wrd);
2644 tmp = load_reg(s, rd0);
2645 tmp2 = load_reg(s, rd1);
2646 switch ((insn >> 16) & 0xf) {
2647 case 0x0: /* TMIA */
2648 gen_helper_iwmmxt_muladdsl(cpu_M0, cpu_M0, tmp, tmp2);
2649 break;
2650 case 0x8: /* TMIAPH */
2651 gen_helper_iwmmxt_muladdsw(cpu_M0, cpu_M0, tmp, tmp2);
2652 break;
2653 case 0xc: case 0xd: case 0xe: case 0xf: /* TMIAxy */
2654 if (insn & (1 << 16))
2655 tcg_gen_shri_i32(tmp, tmp, 16);
2656 if (insn & (1 << 17))
2657 tcg_gen_shri_i32(tmp2, tmp2, 16);
2658 gen_helper_iwmmxt_muladdswl(cpu_M0, cpu_M0, tmp, tmp2);
2659 break;
2660 default:
2661 tcg_temp_free_i32(tmp2);
2662 tcg_temp_free_i32(tmp);
2663 return 1;
2664 }
2665 tcg_temp_free_i32(tmp2);
2666 tcg_temp_free_i32(tmp);
2667 gen_op_iwmmxt_movq_wRn_M0(wrd);
2668 gen_op_iwmmxt_set_mup();
2669 break;
2670 default:
2671 return 1;
2672 }
2673
2674 return 0;
2675 }
2676
2677 /* Disassemble an XScale DSP instruction. Returns nonzero if an error occurred
2678 (ie. an undefined instruction). */
2679 static int disas_dsp_insn(DisasContext *s, uint32_t insn)
2680 {
2681 int acc, rd0, rd1, rdhi, rdlo;
2682 TCGv_i32 tmp, tmp2;
2683
2684 if ((insn & 0x0ff00f10) == 0x0e200010) {
2685 /* Multiply with Internal Accumulate Format */
2686 rd0 = (insn >> 12) & 0xf;
2687 rd1 = insn & 0xf;
2688 acc = (insn >> 5) & 7;
2689
2690 if (acc != 0)
2691 return 1;
2692
2693 tmp = load_reg(s, rd0);
2694 tmp2 = load_reg(s, rd1);
2695 switch ((insn >> 16) & 0xf) {
2696 case 0x0: /* MIA */
2697 gen_helper_iwmmxt_muladdsl(cpu_M0, cpu_M0, tmp, tmp2);
2698 break;
2699 case 0x8: /* MIAPH */
2700 gen_helper_iwmmxt_muladdsw(cpu_M0, cpu_M0, tmp, tmp2);
2701 break;
2702 case 0xc: /* MIABB */
2703 case 0xd: /* MIABT */
2704 case 0xe: /* MIATB */
2705 case 0xf: /* MIATT */
2706 if (insn & (1 << 16))
2707 tcg_gen_shri_i32(tmp, tmp, 16);
2708 if (insn & (1 << 17))
2709 tcg_gen_shri_i32(tmp2, tmp2, 16);
2710 gen_helper_iwmmxt_muladdswl(cpu_M0, cpu_M0, tmp, tmp2);
2711 break;
2712 default:
2713 return 1;
2714 }
2715 tcg_temp_free_i32(tmp2);
2716 tcg_temp_free_i32(tmp);
2717
2718 gen_op_iwmmxt_movq_wRn_M0(acc);
2719 return 0;
2720 }
2721
2722 if ((insn & 0x0fe00ff8) == 0x0c400000) {
2723 /* Internal Accumulator Access Format */
2724 rdhi = (insn >> 16) & 0xf;
2725 rdlo = (insn >> 12) & 0xf;
2726 acc = insn & 7;
2727
2728 if (acc != 0)
2729 return 1;
2730
2731 if (insn & ARM_CP_RW_BIT) { /* MRA */
2732 iwmmxt_load_reg(cpu_V0, acc);
2733 tcg_gen_extrl_i64_i32(cpu_R[rdlo], cpu_V0);
2734 tcg_gen_shri_i64(cpu_V0, cpu_V0, 32);
2735 tcg_gen_extrl_i64_i32(cpu_R[rdhi], cpu_V0);
2736 tcg_gen_andi_i32(cpu_R[rdhi], cpu_R[rdhi], (1 << (40 - 32)) - 1);
2737 } else { /* MAR */
2738 tcg_gen_concat_i32_i64(cpu_V0, cpu_R[rdlo], cpu_R[rdhi]);
2739 iwmmxt_store_reg(cpu_V0, acc);
2740 }
2741 return 0;
2742 }
2743
2744 return 1;
2745 }
2746
2747 #define VFP_REG_SHR(x, n) (((n) > 0) ? (x) >> (n) : (x) << -(n))
2748 #define VFP_SREG(insn, bigbit, smallbit) \
2749 ((VFP_REG_SHR(insn, bigbit - 1) & 0x1e) | (((insn) >> (smallbit)) & 1))
2750 #define VFP_DREG(reg, insn, bigbit, smallbit) do { \
2751 if (arm_dc_feature(s, ARM_FEATURE_VFP3)) { \
2752 reg = (((insn) >> (bigbit)) & 0x0f) \
2753 | (((insn) >> ((smallbit) - 4)) & 0x10); \
2754 } else { \
2755 if (insn & (1 << (smallbit))) \
2756 return 1; \
2757 reg = ((insn) >> (bigbit)) & 0x0f; \
2758 }} while (0)
2759
2760 #define VFP_SREG_D(insn) VFP_SREG(insn, 12, 22)
2761 #define VFP_DREG_D(reg, insn) VFP_DREG(reg, insn, 12, 22)
2762 #define VFP_SREG_N(insn) VFP_SREG(insn, 16, 7)
2763 #define VFP_DREG_N(reg, insn) VFP_DREG(reg, insn, 16, 7)
2764 #define VFP_SREG_M(insn) VFP_SREG(insn, 0, 5)
2765 #define VFP_DREG_M(reg, insn) VFP_DREG(reg, insn, 0, 5)
2766
2767 /* Move between integer and VFP cores. */
2768 static TCGv_i32 gen_vfp_mrs(void)
2769 {
2770 TCGv_i32 tmp = tcg_temp_new_i32();
2771 tcg_gen_mov_i32(tmp, cpu_F0s);
2772 return tmp;
2773 }
2774
2775 static void gen_vfp_msr(TCGv_i32 tmp)
2776 {
2777 tcg_gen_mov_i32(cpu_F0s, tmp);
2778 tcg_temp_free_i32(tmp);
2779 }
2780
2781 static void gen_neon_dup_u8(TCGv_i32 var, int shift)
2782 {
2783 TCGv_i32 tmp = tcg_temp_new_i32();
2784 if (shift)
2785 tcg_gen_shri_i32(var, var, shift);
2786 tcg_gen_ext8u_i32(var, var);
2787 tcg_gen_shli_i32(tmp, var, 8);
2788 tcg_gen_or_i32(var, var, tmp);
2789 tcg_gen_shli_i32(tmp, var, 16);
2790 tcg_gen_or_i32(var, var, tmp);
2791 tcg_temp_free_i32(tmp);
2792 }
2793
2794 static void gen_neon_dup_low16(TCGv_i32 var)
2795 {
2796 TCGv_i32 tmp = tcg_temp_new_i32();
2797 tcg_gen_ext16u_i32(var, var);
2798 tcg_gen_shli_i32(tmp, var, 16);
2799 tcg_gen_or_i32(var, var, tmp);
2800 tcg_temp_free_i32(tmp);
2801 }
2802
2803 static void gen_neon_dup_high16(TCGv_i32 var)
2804 {
2805 TCGv_i32 tmp = tcg_temp_new_i32();
2806 tcg_gen_andi_i32(var, var, 0xffff0000);
2807 tcg_gen_shri_i32(tmp, var, 16);
2808 tcg_gen_or_i32(var, var, tmp);
2809 tcg_temp_free_i32(tmp);
2810 }
2811
2812 static TCGv_i32 gen_load_and_replicate(DisasContext *s, TCGv_i32 addr, int size)
2813 {
2814 /* Load a single Neon element and replicate into a 32 bit TCG reg */
2815 TCGv_i32 tmp = tcg_temp_new_i32();
2816 switch (size) {
2817 case 0:
2818 gen_aa32_ld8u(s, tmp, addr, get_mem_index(s));
2819 gen_neon_dup_u8(tmp, 0);
2820 break;
2821 case 1:
2822 gen_aa32_ld16u(s, tmp, addr, get_mem_index(s));
2823 gen_neon_dup_low16(tmp);
2824 break;
2825 case 2:
2826 gen_aa32_ld32u(s, tmp, addr, get_mem_index(s));
2827 break;
2828 default: /* Avoid compiler warnings. */
2829 abort();
2830 }
2831 return tmp;
2832 }
2833
2834 static int handle_vsel(uint32_t insn, uint32_t rd, uint32_t rn, uint32_t rm,
2835 uint32_t dp)
2836 {
2837 uint32_t cc = extract32(insn, 20, 2);
2838
2839 if (dp) {
2840 TCGv_i64 frn, frm, dest;
2841 TCGv_i64 tmp, zero, zf, nf, vf;
2842
2843 zero = tcg_const_i64(0);
2844
2845 frn = tcg_temp_new_i64();
2846 frm = tcg_temp_new_i64();
2847 dest = tcg_temp_new_i64();
2848
2849 zf = tcg_temp_new_i64();
2850 nf = tcg_temp_new_i64();
2851 vf = tcg_temp_new_i64();
2852
2853 tcg_gen_extu_i32_i64(zf, cpu_ZF);
2854 tcg_gen_ext_i32_i64(nf, cpu_NF);
2855 tcg_gen_ext_i32_i64(vf, cpu_VF);
2856
2857 tcg_gen_ld_f64(frn, cpu_env, vfp_reg_offset(dp, rn));
2858 tcg_gen_ld_f64(frm, cpu_env, vfp_reg_offset(dp, rm));
2859 switch (cc) {
2860 case 0: /* eq: Z */
2861 tcg_gen_movcond_i64(TCG_COND_EQ, dest, zf, zero,
2862 frn, frm);
2863 break;
2864 case 1: /* vs: V */
2865 tcg_gen_movcond_i64(TCG_COND_LT, dest, vf, zero,
2866 frn, frm);
2867 break;
2868 case 2: /* ge: N == V -> N ^ V == 0 */
2869 tmp = tcg_temp_new_i64();
2870 tcg_gen_xor_i64(tmp, vf, nf);
2871 tcg_gen_movcond_i64(TCG_COND_GE, dest, tmp, zero,
2872 frn, frm);
2873 tcg_temp_free_i64(tmp);
2874 break;
2875 case 3: /* gt: !Z && N == V */
2876 tcg_gen_movcond_i64(TCG_COND_NE, dest, zf, zero,
2877 frn, frm);
2878 tmp = tcg_temp_new_i64();
2879 tcg_gen_xor_i64(tmp, vf, nf);
2880 tcg_gen_movcond_i64(TCG_COND_GE, dest, tmp, zero,
2881 dest, frm);
2882 tcg_temp_free_i64(tmp);
2883 break;
2884 }
2885 tcg_gen_st_f64(dest, cpu_env, vfp_reg_offset(dp, rd));
2886 tcg_temp_free_i64(frn);
2887 tcg_temp_free_i64(frm);
2888 tcg_temp_free_i64(dest);
2889
2890 tcg_temp_free_i64(zf);
2891 tcg_temp_free_i64(nf);
2892 tcg_temp_free_i64(vf);
2893
2894 tcg_temp_free_i64(zero);
2895 } else {
2896 TCGv_i32 frn, frm, dest;
2897 TCGv_i32 tmp, zero;
2898
2899 zero = tcg_const_i32(0);
2900
2901 frn = tcg_temp_new_i32();
2902 frm = tcg_temp_new_i32();
2903 dest = tcg_temp_new_i32();
2904 tcg_gen_ld_f32(frn, cpu_env, vfp_reg_offset(dp, rn));
2905 tcg_gen_ld_f32(frm, cpu_env, vfp_reg_offset(dp, rm));
2906 switch (cc) {
2907 case 0: /* eq: Z */
2908 tcg_gen_movcond_i32(TCG_COND_EQ, dest, cpu_ZF, zero,
2909 frn, frm);
2910 break;
2911 case 1: /* vs: V */
2912 tcg_gen_movcond_i32(TCG_COND_LT, dest, cpu_VF, zero,
2913 frn, frm);
2914 break;
2915 case 2: /* ge: N == V -> N ^ V == 0 */
2916 tmp = tcg_temp_new_i32();
2917 tcg_gen_xor_i32(tmp, cpu_VF, cpu_NF);
2918 tcg_gen_movcond_i32(TCG_COND_GE, dest, tmp, zero,
2919 frn, frm);
2920 tcg_temp_free_i32(tmp);
2921 break;
2922 case 3: /* gt: !Z && N == V */
2923 tcg_gen_movcond_i32(TCG_COND_NE, dest, cpu_ZF, zero,
2924 frn, frm);
2925 tmp = tcg_temp_new_i32();
2926 tcg_gen_xor_i32(tmp, cpu_VF, cpu_NF);
2927 tcg_gen_movcond_i32(TCG_COND_GE, dest, tmp, zero,
2928 dest, frm);
2929 tcg_temp_free_i32(tmp);
2930 break;
2931 }
2932 tcg_gen_st_f32(dest, cpu_env, vfp_reg_offset(dp, rd));
2933 tcg_temp_free_i32(frn);
2934 tcg_temp_free_i32(frm);
2935 tcg_temp_free_i32(dest);
2936
2937 tcg_temp_free_i32(zero);
2938 }
2939
2940 return 0;
2941 }
2942
2943 static int handle_vminmaxnm(uint32_t insn, uint32_t rd, uint32_t rn,
2944 uint32_t rm, uint32_t dp)
2945 {
2946 uint32_t vmin = extract32(insn, 6, 1);
2947 TCGv_ptr fpst = get_fpstatus_ptr(0);
2948
2949 if (dp) {
2950 TCGv_i64 frn, frm, dest;
2951
2952 frn = tcg_temp_new_i64();
2953 frm = tcg_temp_new_i64();
2954 dest = tcg_temp_new_i64();
2955
2956 tcg_gen_ld_f64(frn, cpu_env, vfp_reg_offset(dp, rn));
2957 tcg_gen_ld_f64(frm, cpu_env, vfp_reg_offset(dp, rm));
2958 if (vmin) {
2959 gen_helper_vfp_minnumd(dest, frn, frm, fpst);
2960 } else {
2961 gen_helper_vfp_maxnumd(dest, frn, frm, fpst);
2962 }
2963 tcg_gen_st_f64(dest, cpu_env, vfp_reg_offset(dp, rd));
2964 tcg_temp_free_i64(frn);
2965 tcg_temp_free_i64(frm);
2966 tcg_temp_free_i64(dest);
2967 } else {
2968 TCGv_i32 frn, frm, dest;
2969
2970 frn = tcg_temp_new_i32();
2971 frm = tcg_temp_new_i32();
2972 dest = tcg_temp_new_i32();
2973
2974 tcg_gen_ld_f32(frn, cpu_env, vfp_reg_offset(dp, rn));
2975 tcg_gen_ld_f32(frm, cpu_env, vfp_reg_offset(dp, rm));
2976 if (vmin) {
2977 gen_helper_vfp_minnums(dest, frn, frm, fpst);
2978 } else {
2979 gen_helper_vfp_maxnums(dest, frn, frm, fpst);
2980 }
2981 tcg_gen_st_f32(dest, cpu_env, vfp_reg_offset(dp, rd));
2982 tcg_temp_free_i32(frn);
2983 tcg_temp_free_i32(frm);
2984 tcg_temp_free_i32(dest);
2985 }
2986
2987 tcg_temp_free_ptr(fpst);
2988 return 0;
2989 }
2990
2991 static int handle_vrint(uint32_t insn, uint32_t rd, uint32_t rm, uint32_t dp,
2992 int rounding)
2993 {
2994 TCGv_ptr fpst = get_fpstatus_ptr(0);
2995 TCGv_i32 tcg_rmode;
2996
2997 tcg_rmode = tcg_const_i32(arm_rmode_to_sf(rounding));
2998 gen_helper_set_rmode(tcg_rmode, tcg_rmode, cpu_env);
2999
3000 if (dp) {
3001 TCGv_i64 tcg_op;
3002 TCGv_i64 tcg_res;
3003 tcg_op = tcg_temp_new_i64();
3004 tcg_res = tcg_temp_new_i64();
3005 tcg_gen_ld_f64(tcg_op, cpu_env, vfp_reg_offset(dp, rm));
3006 gen_helper_rintd(tcg_res, tcg_op, fpst);
3007 tcg_gen_st_f64(tcg_res, cpu_env, vfp_reg_offset(dp, rd));
3008 tcg_temp_free_i64(tcg_op);
3009 tcg_temp_free_i64(tcg_res);
3010 } else {
3011 TCGv_i32 tcg_op;
3012 TCGv_i32 tcg_res;
3013 tcg_op = tcg_temp_new_i32();
3014 tcg_res = tcg_temp_new_i32();
3015 tcg_gen_ld_f32(tcg_op, cpu_env, vfp_reg_offset(dp, rm));
3016 gen_helper_rints(tcg_res, tcg_op, fpst);
3017 tcg_gen_st_f32(tcg_res, cpu_env, vfp_reg_offset(dp, rd));
3018 tcg_temp_free_i32(tcg_op);
3019 tcg_temp_free_i32(tcg_res);
3020 }
3021
3022 gen_helper_set_rmode(tcg_rmode, tcg_rmode, cpu_env);
3023 tcg_temp_free_i32(tcg_rmode);
3024
3025 tcg_temp_free_ptr(fpst);
3026 return 0;
3027 }
3028
3029 static int handle_vcvt(uint32_t insn, uint32_t rd, uint32_t rm, uint32_t dp,
3030 int rounding)
3031 {
3032 bool is_signed = extract32(insn, 7, 1);
3033 TCGv_ptr fpst = get_fpstatus_ptr(0);
3034 TCGv_i32 tcg_rmode, tcg_shift;
3035
3036 tcg_shift = tcg_const_i32(0);
3037
3038 tcg_rmode = tcg_const_i32(arm_rmode_to_sf(rounding));
3039 gen_helper_set_rmode(tcg_rmode, tcg_rmode, cpu_env);
3040
3041 if (dp) {
3042 TCGv_i64 tcg_double, tcg_res;
3043 TCGv_i32 tcg_tmp;
3044 /* Rd is encoded as a single precision register even when the source
3045 * is double precision.
3046 */
3047 rd = ((rd << 1) & 0x1e) | ((rd >> 4) & 0x1);
3048 tcg_double = tcg_temp_new_i64();
3049 tcg_res = tcg_temp_new_i64();
3050 tcg_tmp = tcg_temp_new_i32();
3051 tcg_gen_ld_f64(tcg_double, cpu_env, vfp_reg_offset(1, rm));
3052 if (is_signed) {
3053 gen_helper_vfp_tosld(tcg_res, tcg_double, tcg_shift, fpst);
3054 } else {
3055 gen_helper_vfp_tould(tcg_res, tcg_double, tcg_shift, fpst);
3056 }
3057 tcg_gen_extrl_i64_i32(tcg_tmp, tcg_res);
3058 tcg_gen_st_f32(tcg_tmp, cpu_env, vfp_reg_offset(0, rd));
3059 tcg_temp_free_i32(tcg_tmp);
3060 tcg_temp_free_i64(tcg_res);
3061 tcg_temp_free_i64(tcg_double);
3062 } else {
3063 TCGv_i32 tcg_single, tcg_res;
3064 tcg_single = tcg_temp_new_i32();
3065 tcg_res = tcg_temp_new_i32();
3066 tcg_gen_ld_f32(tcg_single, cpu_env, vfp_reg_offset(0, rm));
3067 if (is_signed) {
3068 gen_helper_vfp_tosls(tcg_res, tcg_single, tcg_shift, fpst);
3069 } else {
3070 gen_helper_vfp_touls(tcg_res, tcg_single, tcg_shift, fpst);
3071 }
3072 tcg_gen_st_f32(tcg_res, cpu_env, vfp_reg_offset(0, rd));
3073 tcg_temp_free_i32(tcg_res);
3074 tcg_temp_free_i32(tcg_single);
3075 }
3076
3077 gen_helper_set_rmode(tcg_rmode, tcg_rmode, cpu_env);
3078 tcg_temp_free_i32(tcg_rmode);
3079
3080 tcg_temp_free_i32(tcg_shift);
3081
3082 tcg_temp_free_ptr(fpst);
3083
3084 return 0;
3085 }
3086
3087 /* Table for converting the most common AArch32 encoding of
3088 * rounding mode to arm_fprounding order (which matches the
3089 * common AArch64 order); see ARM ARM pseudocode FPDecodeRM().
3090 */
3091 static const uint8_t fp_decode_rm[] = {
3092 FPROUNDING_TIEAWAY,
3093 FPROUNDING_TIEEVEN,
3094 FPROUNDING_POSINF,
3095 FPROUNDING_NEGINF,
3096 };
3097
3098 static int disas_vfp_v8_insn(DisasContext *s, uint32_t insn)
3099 {
3100 uint32_t rd, rn, rm, dp = extract32(insn, 8, 1);
3101
3102 if (!arm_dc_feature(s, ARM_FEATURE_V8)) {
3103 return 1;
3104 }
3105
3106 if (dp) {
3107 VFP_DREG_D(rd, insn);
3108 VFP_DREG_N(rn, insn);
3109 VFP_DREG_M(rm, insn);
3110 } else {
3111 rd = VFP_SREG_D(insn);
3112 rn = VFP_SREG_N(insn);
3113 rm = VFP_SREG_M(insn);
3114 }
3115
3116 if ((insn & 0x0f800e50) == 0x0e000a00) {
3117 return handle_vsel(insn, rd, rn, rm, dp);
3118 } else if ((insn & 0x0fb00e10) == 0x0e800a00) {
3119 return handle_vminmaxnm(insn, rd, rn, rm, dp);
3120 } else if ((insn & 0x0fbc0ed0) == 0x0eb80a40) {
3121 /* VRINTA, VRINTN, VRINTP, VRINTM */
3122 int rounding = fp_decode_rm[extract32(insn, 16, 2)];
3123 return handle_vrint(insn, rd, rm, dp, rounding);
3124 } else if ((insn & 0x0fbc0e50) == 0x0ebc0a40) {
3125 /* VCVTA, VCVTN, VCVTP, VCVTM */
3126 int rounding = fp_decode_rm[extract32(insn, 16, 2)];
3127 return handle_vcvt(insn, rd, rm, dp, rounding);
3128 }
3129 return 1;
3130 }
3131
3132 /* Disassemble a VFP instruction. Returns nonzero if an error occurred
3133 (ie. an undefined instruction). */
3134 static int disas_vfp_insn(DisasContext *s, uint32_t insn)
3135 {
3136 uint32_t rd, rn, rm, op, i, n, offset, delta_d, delta_m, bank_mask;
3137 int dp, veclen;
3138 TCGv_i32 addr;
3139 TCGv_i32 tmp;
3140 TCGv_i32 tmp2;
3141
3142 if (!arm_dc_feature(s, ARM_FEATURE_VFP)) {
3143 return 1;
3144 }
3145
3146 /* FIXME: this access check should not take precedence over UNDEF
3147 * for invalid encodings; we will generate incorrect syndrome information
3148 * for attempts to execute invalid vfp/neon encodings with FP disabled.
3149 */
3150 if (s->fp_excp_el) {
3151 gen_exception_insn(s, 4, EXCP_UDEF,
3152 syn_fp_access_trap(1, 0xe, false), s->fp_excp_el);
3153 return 0;
3154 }
3155
3156 if (!s->vfp_enabled) {
3157 /* VFP disabled. Only allow fmxr/fmrx to/from some control regs. */
3158 if ((insn & 0x0fe00fff) != 0x0ee00a10)
3159 return 1;
3160 rn = (insn >> 16) & 0xf;
3161 if (rn != ARM_VFP_FPSID && rn != ARM_VFP_FPEXC && rn != ARM_VFP_MVFR2
3162 && rn != ARM_VFP_MVFR1 && rn != ARM_VFP_MVFR0) {
3163 return 1;
3164 }
3165 }
3166
3167 if (extract32(insn, 28, 4) == 0xf) {
3168 /* Encodings with T=1 (Thumb) or unconditional (ARM):
3169 * only used in v8 and above.
3170 */
3171 return disas_vfp_v8_insn(s, insn);
3172 }
3173
3174 dp = ((insn & 0xf00) == 0xb00);
3175 switch ((insn >> 24) & 0xf) {
3176 case 0xe:
3177 if (insn & (1 << 4)) {
3178 /* single register transfer */
3179 rd = (insn >> 12) & 0xf;
3180 if (dp) {
3181 int size;
3182 int pass;
3183
3184 VFP_DREG_N(rn, insn);
3185 if (insn & 0xf)
3186 return 1;
3187 if (insn & 0x00c00060
3188 && !arm_dc_feature(s, ARM_FEATURE_NEON)) {
3189 return 1;
3190 }
3191
3192 pass = (insn >> 21) & 1;
3193 if (insn & (1 << 22)) {
3194 size = 0;
3195 offset = ((insn >> 5) & 3) * 8;
3196 } else if (insn & (1 << 5)) {
3197 size = 1;
3198 offset = (insn & (1 << 6)) ? 16 : 0;
3199 } else {
3200 size = 2;
3201 offset = 0;
3202 }
3203 if (insn & ARM_CP_RW_BIT) {
3204 /* vfp->arm */
3205 tmp = neon_load_reg(rn, pass);
3206 switch (size) {
3207 case 0:
3208 if (offset)
3209 tcg_gen_shri_i32(tmp, tmp, offset);
3210 if (insn & (1 << 23))
3211 gen_uxtb(tmp);
3212 else
3213 gen_sxtb(tmp);
3214 break;
3215 case 1:
3216 if (insn & (1 << 23)) {
3217 if (offset) {
3218 tcg_gen_shri_i32(tmp, tmp, 16);
3219 } else {
3220 gen_uxth(tmp);
3221 }
3222 } else {
3223 if (offset) {
3224 tcg_gen_sari_i32(tmp, tmp, 16);
3225 } else {
3226 gen_sxth(tmp);
3227 }
3228 }
3229 break;
3230 case 2:
3231 break;
3232 }
3233 store_reg(s, rd, tmp);
3234 } else {
3235 /* arm->vfp */
3236 tmp = load_reg(s, rd);
3237 if (insn & (1 << 23)) {
3238 /* VDUP */
3239 if (size == 0) {
3240 gen_neon_dup_u8(tmp, 0);
3241 } else if (size == 1) {
3242 gen_neon_dup_low16(tmp);
3243 }
3244 for (n = 0; n <= pass * 2; n++) {
3245 tmp2 = tcg_temp_new_i32();
3246 tcg_gen_mov_i32(tmp2, tmp);
3247 neon_store_reg(rn, n, tmp2);
3248 }
3249 neon_store_reg(rn, n, tmp);
3250 } else {
3251 /* VMOV */
3252 switch (size) {
3253 case 0:
3254 tmp2 = neon_load_reg(rn, pass);
3255 tcg_gen_deposit_i32(tmp, tmp2, tmp, offset, 8);
3256 tcg_temp_free_i32(tmp2);
3257 break;
3258 case 1:
3259 tmp2 = neon_load_reg(rn, pass);
3260 tcg_gen_deposit_i32(tmp, tmp2, tmp, offset, 16);
3261 tcg_temp_free_i32(tmp2);
3262 break;
3263 case 2:
3264 break;
3265 }
3266 neon_store_reg(rn, pass, tmp);
3267 }
3268 }
3269 } else { /* !dp */
3270 if ((insn & 0x6f) != 0x00)
3271 return 1;
3272 rn = VFP_SREG_N(insn);
3273 if (insn & ARM_CP_RW_BIT) {
3274 /* vfp->arm */
3275 if (insn & (1 << 21)) {
3276 /* system register */
3277 rn >>= 1;
3278
3279 switch (rn) {
3280 case ARM_VFP_FPSID:
3281 /* VFP2 allows access to FSID from userspace.
3282 VFP3 restricts all id registers to privileged
3283 accesses. */
3284 if (IS_USER(s)
3285 && arm_dc_feature(s, ARM_FEATURE_VFP3)) {
3286 return 1;
3287 }
3288 tmp = load_cpu_field(vfp.xregs[rn]);
3289 break;
3290 case ARM_VFP_FPEXC:
3291 if (IS_USER(s))
3292 return 1;
3293 tmp = load_cpu_field(vfp.xregs[rn]);
3294 break;
3295 case ARM_VFP_FPINST:
3296 case ARM_VFP_FPINST2:
3297 /* Not present in VFP3. */
3298 if (IS_USER(s)
3299 || arm_dc_feature(s, ARM_FEATURE_VFP3)) {
3300 return 1;
3301 }
3302 tmp = load_cpu_field(vfp.xregs[rn]);
3303 break;
3304 case ARM_VFP_FPSCR:
3305 if (rd == 15) {
3306 tmp = load_cpu_field(vfp.xregs[ARM_VFP_FPSCR]);
3307 tcg_gen_andi_i32(tmp, tmp, 0xf0000000);
3308 } else {
3309 tmp = tcg_temp_new_i32();
3310 gen_helper_vfp_get_fpscr(tmp, cpu_env);
3311 }
3312 break;
3313 case ARM_VFP_MVFR2:
3314 if (!arm_dc_feature(s, ARM_FEATURE_V8)) {
3315 return 1;
3316 }
3317 /* fall through */
3318 case ARM_VFP_MVFR0:
3319 case ARM_VFP_MVFR1:
3320 if (IS_USER(s)
3321 || !arm_dc_feature(s, ARM_FEATURE_MVFR)) {
3322 return 1;
3323 }
3324 tmp = load_cpu_field(vfp.xregs[rn]);
3325 break;
3326 default:
3327 return 1;
3328 }
3329 } else {
3330 gen_mov_F0_vreg(0, rn);
3331 tmp = gen_vfp_mrs();
3332 }
3333 if (rd == 15) {
3334 /* Set the 4 flag bits in the CPSR. */
3335 gen_set_nzcv(tmp);
3336 tcg_temp_free_i32(tmp);
3337 } else {
3338 store_reg(s, rd, tmp);
3339 }
3340 } else {
3341 /* arm->vfp */
3342 if (insn & (1 << 21)) {
3343 rn >>= 1;
3344 /* system register */
3345 switch (rn) {
3346 case ARM_VFP_FPSID:
3347 case ARM_VFP_MVFR0:
3348 case ARM_VFP_MVFR1:
3349 /* Writes are ignored. */
3350 break;
3351 case ARM_VFP_FPSCR:
3352 tmp = load_reg(s, rd);
3353 gen_helper_vfp_set_fpscr(cpu_env, tmp);
3354 tcg_temp_free_i32(tmp);
3355 gen_lookup_tb(s);
3356 break;
3357 case ARM_VFP_FPEXC:
3358 if (IS_USER(s))
3359 return 1;
3360 /* TODO: VFP subarchitecture support.
3361 * For now, keep the EN bit only */
3362 tmp = load_reg(s, rd);
3363 tcg_gen_andi_i32(tmp, tmp, 1 << 30);
3364 store_cpu_field(tmp, vfp.xregs[rn]);
3365 gen_lookup_tb(s);
3366 break;
3367 case ARM_VFP_FPINST:
3368 case ARM_VFP_FPINST2:
3369 if (IS_USER(s)) {
3370 return 1;
3371 }
3372 tmp = load_reg(s, rd);
3373 store_cpu_field(tmp, vfp.xregs[rn]);
3374 break;
3375 default:
3376 return 1;
3377 }
3378 } else {
3379 tmp = load_reg(s, rd);
3380 gen_vfp_msr(tmp);
3381 gen_mov_vreg_F0(0, rn);
3382 }
3383 }
3384 }
3385 } else {
3386 /* data processing */
3387 /* The opcode is in bits 23, 21, 20 and 6. */
3388 op = ((insn >> 20) & 8) | ((insn >> 19) & 6) | ((insn >> 6) & 1);
3389 if (dp) {
3390 if (op == 15) {
3391 /* rn is opcode */
3392 rn = ((insn >> 15) & 0x1e) | ((insn >> 7) & 1);
3393 } else {
3394 /* rn is register number */
3395 VFP_DREG_N(rn, insn);
3396 }
3397
3398 if (op == 15 && (rn == 15 || ((rn & 0x1c) == 0x18) ||
3399 ((rn & 0x1e) == 0x6))) {
3400 /* Integer or single/half precision destination. */
3401 rd = VFP_SREG_D(insn);
3402 } else {
3403 VFP_DREG_D(rd, insn);
3404 }
3405 if (op == 15 &&
3406 (((rn & 0x1c) == 0x10) || ((rn & 0x14) == 0x14) ||
3407 ((rn & 0x1e) == 0x4))) {
3408 /* VCVT from int or half precision is always from S reg
3409 * regardless of dp bit. VCVT with immediate frac_bits
3410 * has same format as SREG_M.
3411 */
3412 rm = VFP_SREG_M(insn);
3413 } else {
3414 VFP_DREG_M(rm, insn);
3415 }
3416 } else {
3417 rn = VFP_SREG_N(insn);
3418 if (op == 15 && rn == 15) {
3419 /* Double precision destination. */
3420 VFP_DREG_D(rd, insn);
3421 } else {
3422 rd = VFP_SREG_D(insn);
3423 }
3424 /* NB that we implicitly rely on the encoding for the frac_bits
3425 * in VCVT of fixed to float being the same as that of an SREG_M
3426 */
3427 rm = VFP_SREG_M(insn);
3428 }
3429
3430 veclen = s->vec_len;
3431 if (op == 15 && rn > 3)
3432 veclen = 0;
3433
3434 /* Shut up compiler warnings. */
3435 delta_m = 0;
3436 delta_d = 0;
3437 bank_mask = 0;
3438
3439 if (veclen > 0) {
3440 if (dp)
3441 bank_mask = 0xc;
3442 else
3443 bank_mask = 0x18;
3444
3445 /* Figure out what type of vector operation this is. */
3446 if ((rd & bank_mask) == 0) {
3447 /* scalar */
3448 veclen = 0;
3449 } else {
3450 if (dp)
3451 delta_d = (s->vec_stride >> 1) + 1;
3452 else
3453 delta_d = s->vec_stride + 1;
3454
3455 if ((rm & bank_mask) == 0) {
3456 /* mixed scalar/vector */
3457 delta_m = 0;
3458 } else {
3459 /* vector */
3460 delta_m = delta_d;
3461 }
3462 }
3463 }
3464
3465 /* Load the initial operands. */
3466 if (op == 15) {
3467 switch (rn) {
3468 case 16:
3469 case 17:
3470 /* Integer source */
3471 gen_mov_F0_vreg(0, rm);
3472 break;
3473 case 8:
3474 case 9:
3475 /* Compare */
3476 gen_mov_F0_vreg(dp, rd);
3477 gen_mov_F1_vreg(dp, rm);
3478 break;
3479 case 10:
3480 case 11:
3481 /* Compare with zero */
3482 gen_mov_F0_vreg(dp, rd);
3483 gen_vfp_F1_ld0(dp);
3484 break;
3485 case 20:
3486 case 21:
3487 case 22:
3488 case 23:
3489 case 28:
3490 case 29:
3491 case 30:
3492 case 31:
3493 /* Source and destination the same. */
3494 gen_mov_F0_vreg(dp, rd);
3495 break;
3496 case 4:
3497 case 5:
3498 case 6:
3499 case 7:
3500 /* VCVTB, VCVTT: only present with the halfprec extension
3501 * UNPREDICTABLE if bit 8 is set prior to ARMv8
3502 * (we choose to UNDEF)
3503 */
3504 if ((dp && !arm_dc_feature(s, ARM_FEATURE_V8)) ||
3505 !arm_dc_feature(s, ARM_FEATURE_VFP_FP16)) {
3506 return 1;
3507 }
3508 if (!extract32(rn, 1, 1)) {
3509 /* Half precision source. */
3510 gen_mov_F0_vreg(0, rm);
3511 break;
3512 }
3513 /* Otherwise fall through */
3514 default:
3515 /* One source operand. */
3516 gen_mov_F0_vreg(dp, rm);
3517 break;
3518 }
3519 } else {
3520 /* Two source operands. */
3521 gen_mov_F0_vreg(dp, rn);
3522 gen_mov_F1_vreg(dp, rm);
3523 }
3524
3525 for (;;) {
3526 /* Perform the calculation. */
3527 switch (op) {
3528 case 0: /* VMLA: fd + (fn * fm) */
3529 /* Note that order of inputs to the add matters for NaNs */
3530 gen_vfp_F1_mul(dp);
3531 gen_mov_F0_vreg(dp, rd);
3532 gen_vfp_add(dp);
3533 break;
3534 case 1: /* VMLS: fd + -(fn * fm) */
3535 gen_vfp_mul(dp);
3536 gen_vfp_F1_neg(dp);
3537 gen_mov_F0_vreg(dp, rd);
3538 gen_vfp_add(dp);
3539 break;
3540 case 2: /* VNMLS: -fd + (fn * fm) */
3541 /* Note that it isn't valid to replace (-A + B) with (B - A)
3542 * or similar plausible looking simplifications
3543 * because this will give wrong results for NaNs.
3544 */
3545 gen_vfp_F1_mul(dp);
3546 gen_mov_F0_vreg(dp, rd);
3547 gen_vfp_neg(dp);
3548 gen_vfp_add(dp);
3549 break;
3550 case 3: /* VNMLA: -fd + -(fn * fm) */
3551 gen_vfp_mul(dp);
3552 gen_vfp_F1_neg(dp);
3553 gen_mov_F0_vreg(dp, rd);
3554 gen_vfp_neg(dp);
3555 gen_vfp_add(dp);
3556 break;
3557 case 4: /* mul: fn * fm */
3558 gen_vfp_mul(dp);
3559 break;
3560 case 5: /* nmul: -(fn * fm) */
3561 gen_vfp_mul(dp);
3562 gen_vfp_neg(dp);
3563 break;
3564 case 6: /* add: fn + fm */
3565 gen_vfp_add(dp);
3566 break;
3567 case 7: /* sub: fn - fm */
3568 gen_vfp_sub(dp);
3569 break;
3570 case 8: /* div: fn / fm */
3571 gen_vfp_div(dp);
3572 break;
3573 case 10: /* VFNMA : fd = muladd(-fd, fn, fm) */
3574 case 11: /* VFNMS : fd = muladd(-fd, -fn, fm) */
3575 case 12: /* VFMA : fd = muladd( fd, fn, fm) */
3576 case 13: /* VFMS : fd = muladd( fd, -fn, fm) */
3577 /* These are fused multiply-add, and must be done as one
3578 * floating point operation with no rounding between the
3579 * multiplication and addition steps.
3580 * NB that doing the negations here as separate steps is
3581 * correct : an input NaN should come out with its sign bit
3582 * flipped if it is a negated-input.
3583 */
3584 if (!arm_dc_feature(s, ARM_FEATURE_VFP4)) {
3585 return 1;
3586 }
3587 if (dp) {
3588 TCGv_ptr fpst;
3589 TCGv_i64 frd;
3590 if (op & 1) {
3591 /* VFNMS, VFMS */
3592 gen_helper_vfp_negd(cpu_F0d, cpu_F0d);
3593 }
3594 frd = tcg_temp_new_i64();
3595 tcg_gen_ld_f64(frd, cpu_env, vfp_reg_offset(dp, rd));
3596 if (op & 2) {
3597 /* VFNMA, VFNMS */
3598 gen_helper_vfp_negd(frd, frd);
3599 }
3600 fpst = get_fpstatus_ptr(0);
3601 gen_helper_vfp_muladdd(cpu_F0d, cpu_F0d,
3602 cpu_F1d, frd, fpst);
3603 tcg_temp_free_ptr(fpst);
3604 tcg_temp_free_i64(frd);
3605 } else {
3606 TCGv_ptr fpst;
3607 TCGv_i32 frd;
3608 if (op & 1) {
3609 /* VFNMS, VFMS */
3610 gen_helper_vfp_negs(cpu_F0s, cpu_F0s);
3611 }
3612 frd = tcg_temp_new_i32();
3613 tcg_gen_ld_f32(frd, cpu_env, vfp_reg_offset(dp, rd));
3614 if (op & 2) {
3615 gen_helper_vfp_negs(frd, frd);
3616 }
3617 fpst = get_fpstatus_ptr(0);
3618 gen_helper_vfp_muladds(cpu_F0s, cpu_F0s,
3619 cpu_F1s, frd, fpst);
3620 tcg_temp_free_ptr(fpst);
3621 tcg_temp_free_i32(frd);
3622 }
3623 break;
3624 case 14: /* fconst */
3625 if (!arm_dc_feature(s, ARM_FEATURE_VFP3)) {
3626 return 1;
3627 }
3628
3629 n = (insn << 12) & 0x80000000;
3630 i = ((insn >> 12) & 0x70) | (insn & 0xf);
3631 if (dp) {
3632 if (i & 0x40)
3633 i |= 0x3f80;
3634 else
3635 i |= 0x4000;
3636 n |= i << 16;
3637 tcg_gen_movi_i64(cpu_F0d, ((uint64_t)n) << 32);
3638 } else {
3639 if (i & 0x40)
3640 i |= 0x780;
3641 else
3642 i |= 0x800;
3643 n |= i << 19;
3644 tcg_gen_movi_i32(cpu_F0s, n);
3645 }
3646 break;
3647 case 15: /* extension space */
3648 switch (rn) {
3649 case 0: /* cpy */
3650 /* no-op */
3651 break;
3652 case 1: /* abs */
3653 gen_vfp_abs(dp);
3654 break;
3655 case 2: /* neg */
3656 gen_vfp_neg(dp);
3657 break;
3658 case 3: /* sqrt */
3659 gen_vfp_sqrt(dp);
3660 break;
3661 case 4: /* vcvtb.f32.f16, vcvtb.f64.f16 */
3662 tmp = gen_vfp_mrs();
3663 tcg_gen_ext16u_i32(tmp, tmp);
3664 if (dp) {
3665 gen_helper_vfp_fcvt_f16_to_f64(cpu_F0d, tmp,
3666 cpu_env);
3667 } else {
3668 gen_helper_vfp_fcvt_f16_to_f32(cpu_F0s, tmp,
3669 cpu_env);
3670 }
3671 tcg_temp_free_i32(tmp);
3672 break;
3673 case 5: /* vcvtt.f32.f16, vcvtt.f64.f16 */
3674 tmp = gen_vfp_mrs();
3675 tcg_gen_shri_i32(tmp, tmp, 16);
3676 if (dp) {
3677 gen_helper_vfp_fcvt_f16_to_f64(cpu_F0d, tmp,
3678 cpu_env);
3679 } else {
3680 gen_helper_vfp_fcvt_f16_to_f32(cpu_F0s, tmp,
3681 cpu_env);
3682 }
3683 tcg_temp_free_i32(tmp);
3684 break;
3685 case 6: /* vcvtb.f16.f32, vcvtb.f16.f64 */
3686 tmp = tcg_temp_new_i32();
3687 if (dp) {
3688 gen_helper_vfp_fcvt_f64_to_f16(tmp, cpu_F0d,
3689 cpu_env);
3690 } else {
3691 gen_helper_vfp_fcvt_f32_to_f16(tmp, cpu_F0s,
3692 cpu_env);
3693 }
3694 gen_mov_F0_vreg(0, rd);
3695 tmp2 = gen_vfp_mrs();
3696 tcg_gen_andi_i32(tmp2, tmp2, 0xffff0000);
3697 tcg_gen_or_i32(tmp, tmp, tmp2);
3698 tcg_temp_free_i32(tmp2);
3699 gen_vfp_msr(tmp);
3700 break;
3701 case 7: /* vcvtt.f16.f32, vcvtt.f16.f64 */
3702 tmp = tcg_temp_new_i32();
3703 if (dp) {
3704 gen_helper_vfp_fcvt_f64_to_f16(tmp, cpu_F0d,
3705 cpu_env);
3706 } else {
3707 gen_helper_vfp_fcvt_f32_to_f16(tmp, cpu_F0s,
3708 cpu_env);
3709 }
3710 tcg_gen_shli_i32(tmp, tmp, 16);
3711 gen_mov_F0_vreg(0, rd);
3712 tmp2 = gen_vfp_mrs();
3713 tcg_gen_ext16u_i32(tmp2, tmp2);
3714 tcg_gen_or_i32(tmp, tmp, tmp2);
3715 tcg_temp_free_i32(tmp2);
3716 gen_vfp_msr(tmp);
3717 break;
3718 case 8: /* cmp */
3719 gen_vfp_cmp(dp);
3720 break;
3721 case 9: /* cmpe */
3722 gen_vfp_cmpe(dp);
3723 break;
3724 case 10: /* cmpz */
3725 gen_vfp_cmp(dp);
3726 break;
3727 case 11: /* cmpez */
3728 gen_vfp_F1_ld0(dp);
3729 gen_vfp_cmpe(dp);
3730 break;
3731 case 12: /* vrintr */
3732 {
3733 TCGv_ptr fpst = get_fpstatus_ptr(0);
3734 if (dp) {
3735 gen_helper_rintd(cpu_F0d, cpu_F0d, fpst);
3736 } else {
3737 gen_helper_rints(cpu_F0s, cpu_F0s, fpst);
3738 }
3739 tcg_temp_free_ptr(fpst);
3740 break;
3741 }
3742 case 13: /* vrintz */
3743 {
3744 TCGv_ptr fpst = get_fpstatus_ptr(0);
3745 TCGv_i32 tcg_rmode;
3746 tcg_rmode = tcg_const_i32(float_round_to_zero);
3747 gen_helper_set_rmode(tcg_rmode, tcg_rmode, cpu_env);
3748 if (dp) {
3749 gen_helper_rintd(cpu_F0d, cpu_F0d, fpst);
3750 } else {
3751 gen_helper_rints(cpu_F0s, cpu_F0s, fpst);
3752 }
3753 gen_helper_set_rmode(tcg_rmode, tcg_rmode, cpu_env);
3754 tcg_temp_free_i32(tcg_rmode);
3755 tcg_temp_free_ptr(fpst);
3756 break;
3757 }
3758 case 14: /* vrintx */
3759 {
3760 TCGv_ptr fpst = get_fpstatus_ptr(0);
3761 if (dp) {
3762 gen_helper_rintd_exact(cpu_F0d, cpu_F0d, fpst);
3763 } else {
3764 gen_helper_rints_exact(cpu_F0s, cpu_F0s, fpst);
3765 }
3766 tcg_temp_free_ptr(fpst);
3767 break;
3768 }
3769 case 15: /* single<->double conversion */
3770 if (dp)
3771 gen_helper_vfp_fcvtsd(cpu_F0s, cpu_F0d, cpu_env);
3772 else
3773 gen_helper_vfp_fcvtds(cpu_F0d, cpu_F0s, cpu_env);
3774 break;
3775 case 16: /* fuito */
3776 gen_vfp_uito(dp, 0);
3777 break;
3778 case 17: /* fsito */
3779 gen_vfp_sito(dp, 0);
3780 break;
3781 case 20: /* fshto */
3782 if (!arm_dc_feature(s, ARM_FEATURE_VFP3)) {
3783 return 1;
3784 }
3785 gen_vfp_shto(dp, 16 - rm, 0);
3786 break;
3787 case 21: /* fslto */
3788 if (!arm_dc_feature(s, ARM_FEATURE_VFP3)) {
3789 return 1;
3790 }
3791 gen_vfp_slto(dp, 32 - rm, 0);
3792 break;
3793 case 22: /* fuhto */
3794 if (!arm_dc_feature(s, ARM_FEATURE_VFP3)) {
3795 return 1;
3796 }
3797 gen_vfp_uhto(dp, 16 - rm, 0);
3798 break;
3799 case 23: /* fulto */
3800 if (!arm_dc_feature(s, ARM_FEATURE_VFP3)) {
3801 return 1;
3802 }
3803 gen_vfp_ulto(dp, 32 - rm, 0);
3804 break;
3805 case 24: /* ftoui */
3806 gen_vfp_toui(dp, 0);
3807 break;
3808 case 25: /* ftouiz */
3809 gen_vfp_touiz(dp, 0);
3810 break;
3811 case 26: /* ftosi */
3812 gen_vfp_tosi(dp, 0);
3813 break;
3814 case 27: /* ftosiz */
3815 gen_vfp_tosiz(dp, 0);
3816 break;
3817 case 28: /* ftosh */
3818 if (!arm_dc_feature(s, ARM_FEATURE_VFP3)) {
3819 return 1;
3820 }
3821 gen_vfp_tosh(dp, 16 - rm, 0);
3822 break;
3823 case 29: /* ftosl */
3824 if (!arm_dc_feature(s, ARM_FEATURE_VFP3)) {
3825 return 1;
3826 }
3827 gen_vfp_tosl(dp, 32 - rm, 0);
3828 break;
3829 case 30: /* ftouh */
3830 if (!arm_dc_feature(s, ARM_FEATURE_VFP3)) {
3831 return 1;
3832 }
3833 gen_vfp_touh(dp, 16 - rm, 0);
3834 break;
3835 case 31: /* ftoul */
3836 if (!arm_dc_feature(s, ARM_FEATURE_VFP3)) {
3837 return 1;
3838 }
3839 gen_vfp_toul(dp, 32 - rm, 0);
3840 break;
3841 default: /* undefined */
3842 return 1;
3843 }
3844 break;
3845 default: /* undefined */
3846 return 1;
3847 }
3848
3849 /* Write back the result. */
3850 if (op == 15 && (rn >= 8 && rn <= 11)) {
3851 /* Comparison, do nothing. */
3852 } else if (op == 15 && dp && ((rn & 0x1c) == 0x18 ||
3853 (rn & 0x1e) == 0x6)) {
3854 /* VCVT double to int: always integer result.
3855 * VCVT double to half precision is always a single
3856 * precision result.
3857 */
3858 gen_mov_vreg_F0(0, rd);
3859 } else if (op == 15 && rn == 15) {
3860 /* conversion */
3861 gen_mov_vreg_F0(!dp, rd);
3862 } else {
3863 gen_mov_vreg_F0(dp, rd);
3864 }
3865
3866 /* break out of the loop if we have finished */
3867 if (veclen == 0)
3868 break;
3869
3870 if (op == 15 && delta_m == 0) {
3871 /* single source one-many */
3872 while (veclen--) {
3873 rd = ((rd + delta_d) & (bank_mask - 1))
3874 | (rd & bank_mask);
3875 gen_mov_vreg_F0(dp, rd);
3876 }
3877 break;
3878 }
3879 /* Setup the next operands. */
3880 veclen--;
3881 rd = ((rd + delta_d) & (bank_mask - 1))
3882 | (rd & bank_mask);
3883
3884 if (op == 15) {
3885 /* One source operand. */
3886 rm = ((rm + delta_m) & (bank_mask - 1))
3887 | (rm & bank_mask);
3888 gen_mov_F0_vreg(dp, rm);
3889 } else {
3890 /* Two source operands. */
3891 rn = ((rn + delta_d) & (bank_mask - 1))
3892 | (rn & bank_mask);
3893 gen_mov_F0_vreg(dp, rn);
3894 if (delta_m) {
3895 rm = ((rm + delta_m) & (bank_mask - 1))
3896 | (rm & bank_mask);
3897 gen_mov_F1_vreg(dp, rm);
3898 }
3899 }
3900 }
3901 }
3902 break;
3903 case 0xc:
3904 case 0xd:
3905 if ((insn & 0x03e00000) == 0x00400000) {
3906 /* two-register transfer */
3907 rn = (insn >> 16) & 0xf;
3908 rd = (insn >> 12) & 0xf;
3909 if (dp) {
3910 VFP_DREG_M(rm, insn);
3911 } else {
3912 rm = VFP_SREG_M(insn);
3913 }
3914
3915 if (insn & ARM_CP_RW_BIT) {
3916 /* vfp->arm */
3917 if (dp) {
3918 gen_mov_F0_vreg(0, rm * 2);
3919 tmp = gen_vfp_mrs();
3920 store_reg(s, rd, tmp);
3921 gen_mov_F0_vreg(0, rm * 2 + 1);
3922 tmp = gen_vfp_mrs();
3923 store_reg(s, rn, tmp);
3924 } else {
3925 gen_mov_F0_vreg(0, rm);
3926 tmp = gen_vfp_mrs();
3927 store_reg(s, rd, tmp);
3928 gen_mov_F0_vreg(0, rm + 1);
3929 tmp = gen_vfp_mrs();
3930 store_reg(s, rn, tmp);
3931 }
3932 } else {
3933 /* arm->vfp */
3934 if (dp) {
3935 tmp = load_reg(s, rd);
3936 gen_vfp_msr(tmp);
3937 gen_mov_vreg_F0(0, rm * 2);
3938 tmp = load_reg(s, rn);
3939 gen_vfp_msr(tmp);
3940 gen_mov_vreg_F0(0, rm * 2 + 1);
3941 } else {
3942 tmp = load_reg(s, rd);
3943 gen_vfp_msr(tmp);
3944 gen_mov_vreg_F0(0, rm);
3945 tmp = load_reg(s, rn);
3946 gen_vfp_msr(tmp);
3947 gen_mov_vreg_F0(0, rm + 1);
3948 }
3949 }
3950 } else {
3951 /* Load/store */
3952 rn = (insn >> 16) & 0xf;
3953 if (dp)
3954 VFP_DREG_D(rd, insn);
3955 else
3956 rd = VFP_SREG_D(insn);
3957 if ((insn & 0x01200000) == 0x01000000) {
3958 /* Single load/store */
3959 offset = (insn & 0xff) << 2;
3960 if ((insn & (1 << 23)) == 0)
3961 offset = -offset;
3962 if (s->thumb && rn == 15) {
3963 /* This is actually UNPREDICTABLE */
3964 addr = tcg_temp_new_i32();
3965 tcg_gen_movi_i32(addr, s->pc & ~2);
3966 } else {
3967 addr = load_reg(s, rn);
3968 }
3969 tcg_gen_addi_i32(addr, addr, offset);
3970 if (insn & (1 << 20)) {
3971 gen_vfp_ld(s, dp, addr);
3972 gen_mov_vreg_F0(dp, rd);
3973 } else {
3974 gen_mov_F0_vreg(dp, rd);
3975 gen_vfp_st(s, dp, addr);
3976 }
3977 tcg_temp_free_i32(addr);
3978 } else {
3979 /* load/store multiple */
3980 int w = insn & (1 << 21);
3981 if (dp)
3982 n = (insn >> 1) & 0x7f;
3983 else
3984 n = insn & 0xff;
3985
3986 if (w && !(((insn >> 23) ^ (insn >> 24)) & 1)) {
3987 /* P == U , W == 1 => UNDEF */
3988 return 1;
3989 }
3990 if (n == 0 || (rd + n) > 32 || (dp && n > 16)) {
3991 /* UNPREDICTABLE cases for bad immediates: we choose to
3992 * UNDEF to avoid generating huge numbers of TCG ops
3993 */
3994 return 1;
3995 }
3996 if (rn == 15 && w) {
3997 /* writeback to PC is UNPREDICTABLE, we choose to UNDEF */
3998 return 1;
3999 }
4000
4001 if (s->thumb && rn == 15) {
4002 /* This is actually UNPREDICTABLE */
4003 addr = tcg_temp_new_i32();
4004 tcg_gen_movi_i32(addr, s->pc & ~2);
4005 } else {
4006 addr = load_reg(s, rn);
4007 }
4008 if (insn & (1 << 24)) /* pre-decrement */
4009 tcg_gen_addi_i32(addr, addr, -((insn & 0xff) << 2));
4010
4011 if (dp)
4012 offset = 8;
4013 else
4014 offset = 4;
4015 for (i = 0; i < n; i++) {
4016 if (insn & ARM_CP_RW_BIT) {
4017 /* load */
4018 gen_vfp_ld(s, dp, addr);
4019 gen_mov_vreg_F0(dp, rd + i);
4020 } else {
4021 /* store */
4022 gen_mov_F0_vreg(dp, rd + i);
4023 gen_vfp_st(s, dp, addr);
4024 }
4025 tcg_gen_addi_i32(addr, addr, offset);
4026 }
4027 if (w) {
4028 /* writeback */
4029 if (insn & (1 << 24))
4030 offset = -offset * n;
4031 else if (dp && (insn & 1))
4032 offset = 4;
4033 else
4034 offset = 0;
4035
4036 if (offset != 0)
4037 tcg_gen_addi_i32(addr, addr, offset);
4038 store_reg(s, rn, addr);
4039 } else {
4040 tcg_temp_free_i32(addr);
4041 }
4042 }
4043 }
4044 break;
4045 default:
4046 /* Should never happen. */
4047 return 1;
4048 }
4049 return 0;
4050 }
4051
4052 static inline void gen_goto_tb(DisasContext *s, int n, target_ulong dest)
4053 {
4054 TranslationBlock *tb;
4055
4056 tb = s->tb;
4057 if ((tb->pc & TARGET_PAGE_MASK) == (dest & TARGET_PAGE_MASK)) {
4058 tcg_gen_goto_tb(n);
4059 gen_set_pc_im(s, dest);
4060 tcg_gen_exit_tb((uintptr_t)tb + n);
4061 } else {
4062 gen_set_pc_im(s, dest);
4063 tcg_gen_exit_tb(0);
4064 }
4065 }
4066
4067 static inline void gen_jmp (DisasContext *s, uint32_t dest)
4068 {
4069 if (unlikely(s->singlestep_enabled || s->ss_active)) {
4070 /* An indirect jump so that we still trigger the debug exception. */
4071 if (s->thumb)
4072 dest |= 1;
4073 gen_bx_im(s, dest);
4074 } else {
4075 gen_goto_tb(s, 0, dest);
4076 s->is_jmp = DISAS_TB_JUMP;
4077 }
4078 }
4079
4080 static inline void gen_mulxy(TCGv_i32 t0, TCGv_i32 t1, int x, int y)
4081 {
4082 if (x)
4083 tcg_gen_sari_i32(t0, t0, 16);
4084 else
4085 gen_sxth(t0);
4086 if (y)
4087 tcg_gen_sari_i32(t1, t1, 16);
4088 else
4089 gen_sxth(t1);
4090 tcg_gen_mul_i32(t0, t0, t1);
4091 }
4092
4093 /* Return the mask of PSR bits set by a MSR instruction. */
4094 static uint32_t msr_mask(DisasContext *s, int flags, int spsr)
4095 {
4096 uint32_t mask;
4097
4098 mask = 0;
4099 if (flags & (1 << 0))
4100 mask |= 0xff;
4101 if (flags & (1 << 1))
4102 mask |= 0xff00;
4103 if (flags & (1 << 2))
4104 mask |= 0xff0000;
4105 if (flags & (1 << 3))
4106 mask |= 0xff000000;
4107
4108 /* Mask out undefined bits. */
4109 mask &= ~CPSR_RESERVED;
4110 if (!arm_dc_feature(s, ARM_FEATURE_V4T)) {
4111 mask &= ~CPSR_T;
4112 }
4113 if (!arm_dc_feature(s, ARM_FEATURE_V5)) {
4114 mask &= ~CPSR_Q; /* V5TE in reality*/
4115 }
4116 if (!arm_dc_feature(s, ARM_FEATURE_V6)) {
4117 mask &= ~(CPSR_E | CPSR_GE);
4118 }
4119 if (!arm_dc_feature(s, ARM_FEATURE_THUMB2)) {
4120 mask &= ~CPSR_IT;
4121 }
4122 /* Mask out execution state and reserved bits. */
4123 if (!spsr) {
4124 mask &= ~(CPSR_EXEC | CPSR_RESERVED);
4125 }
4126 /* Mask out privileged bits. */
4127 if (IS_USER(s))
4128 mask &= CPSR_USER;
4129 return mask;
4130 }
4131
4132 /* Returns nonzero if access to the PSR is not permitted. Marks t0 as dead. */
4133 static int gen_set_psr(DisasContext *s, uint32_t mask, int spsr, TCGv_i32 t0)
4134 {
4135 TCGv_i32 tmp;
4136 if (spsr) {
4137 /* ??? This is also undefined in system mode. */
4138 if (IS_USER(s))
4139 return 1;
4140
4141 tmp = load_cpu_field(spsr);
4142 tcg_gen_andi_i32(tmp, tmp, ~mask);
4143 tcg_gen_andi_i32(t0, t0, mask);
4144 tcg_gen_or_i32(tmp, tmp, t0);
4145 store_cpu_field(tmp, spsr);
4146 } else {
4147 gen_set_cpsr(t0, mask);
4148 }
4149 tcg_temp_free_i32(t0);
4150 gen_lookup_tb(s);
4151 return 0;
4152 }
4153
4154 /* Returns nonzero if access to the PSR is not permitted. */
4155 static int gen_set_psr_im(DisasContext *s, uint32_t mask, int spsr, uint32_t val)
4156 {
4157 TCGv_i32 tmp;
4158 tmp = tcg_temp_new_i32();
4159 tcg_gen_movi_i32(tmp, val);
4160 return gen_set_psr(s, mask, spsr, tmp);
4161 }
4162
4163 static bool msr_banked_access_decode(DisasContext *s, int r, int sysm, int rn,
4164 int *tgtmode, int *regno)
4165 {
4166 /* Decode the r and sysm fields of MSR/MRS banked accesses into
4167 * the target mode and register number, and identify the various
4168 * unpredictable cases.
4169 * MSR (banked) and MRS (banked) are CONSTRAINED UNPREDICTABLE if:
4170 * + executed in user mode
4171 * + using R15 as the src/dest register
4172 * + accessing an unimplemented register
4173 * + accessing a register that's inaccessible at current PL/security state*
4174 * + accessing a register that you could access with a different insn
4175 * We choose to UNDEF in all these cases.
4176 * Since we don't know which of the various AArch32 modes we are in
4177 * we have to defer some checks to runtime.
4178 * Accesses to Monitor mode registers from Secure EL1 (which implies
4179 * that EL3 is AArch64) must trap to EL3.
4180 *
4181 * If the access checks fail this function will emit code to take
4182 * an exception and return false. Otherwise it will return true,
4183 * and set *tgtmode and *regno appropriately.
4184 */
4185 int exc_target = default_exception_el(s);
4186
4187 /* These instructions are present only in ARMv8, or in ARMv7 with the
4188 * Virtualization Extensions.
4189 */
4190 if (!arm_dc_feature(s, ARM_FEATURE_V8) &&
4191 !arm_dc_feature(s, ARM_FEATURE_EL2)) {
4192 goto undef;
4193 }
4194
4195 if (IS_USER(s) || rn == 15) {
4196 goto undef;
4197 }
4198
4199 /* The table in the v8 ARM ARM section F5.2.3 describes the encoding
4200 * of registers into (r, sysm).
4201 */
4202 if (r) {
4203 /* SPSRs for other modes */
4204 switch (sysm) {
4205 case 0xe: /* SPSR_fiq */
4206 *tgtmode = ARM_CPU_MODE_FIQ;
4207 break;
4208 case 0x10: /* SPSR_irq */
4209 *tgtmode = ARM_CPU_MODE_IRQ;
4210 break;
4211 case 0x12: /* SPSR_svc */
4212 *tgtmode = ARM_CPU_MODE_SVC;
4213 break;
4214 case 0x14: /* SPSR_abt */
4215 *tgtmode = ARM_CPU_MODE_ABT;
4216 break;
4217 case 0x16: /* SPSR_und */
4218 *tgtmode = ARM_CPU_MODE_UND;
4219 break;
4220 case 0x1c: /* SPSR_mon */
4221 *tgtmode = ARM_CPU_MODE_MON;
4222 break;
4223 case 0x1e: /* SPSR_hyp */
4224 *tgtmode = ARM_CPU_MODE_HYP;
4225 break;
4226 default: /* unallocated */
4227 goto undef;
4228 }
4229 /* We arbitrarily assign SPSR a register number of 16. */
4230 *regno = 16;
4231 } else {
4232 /* general purpose registers for other modes */
4233 switch (sysm) {
4234 case 0x0 ... 0x6: /* 0b00xxx : r8_usr ... r14_usr */
4235 *tgtmode = ARM_CPU_MODE_USR;
4236 *regno = sysm + 8;
4237 break;
4238 case 0x8 ... 0xe: /* 0b01xxx : r8_fiq ... r14_fiq */
4239 *tgtmode = ARM_CPU_MODE_FIQ;
4240 *regno = sysm;
4241 break;
4242 case 0x10 ... 0x11: /* 0b1000x : r14_irq, r13_irq */
4243 *tgtmode = ARM_CPU_MODE_IRQ;
4244 *regno = sysm & 1 ? 13 : 14;
4245 break;
4246 case 0x12 ... 0x13: /* 0b1001x : r14_svc, r13_svc */
4247 *tgtmode = ARM_CPU_MODE_SVC;
4248 *regno = sysm & 1 ? 13 : 14;
4249 break;
4250 case 0x14 ... 0x15: /* 0b1010x : r14_abt, r13_abt */
4251 *tgtmode = ARM_CPU_MODE_ABT;
4252 *regno = sysm & 1 ? 13 : 14;
4253 break;
4254 case 0x16 ... 0x17: /* 0b1011x : r14_und, r13_und */
4255 *tgtmode = ARM_CPU_MODE_UND;
4256 *regno = sysm & 1 ? 13 : 14;
4257 break;
4258 case 0x1c ... 0x1d: /* 0b1110x : r14_mon, r13_mon */
4259 *tgtmode = ARM_CPU_MODE_MON;
4260 *regno = sysm & 1 ? 13 : 14;
4261 break;
4262 case 0x1e ... 0x1f: /* 0b1111x : elr_hyp, r13_hyp */
4263 *tgtmode = ARM_CPU_MODE_HYP;
4264 /* Arbitrarily pick 17 for ELR_Hyp (which is not a banked LR!) */
4265 *regno = sysm & 1 ? 13 : 17;
4266 break;
4267 default: /* unallocated */
4268 goto undef;
4269 }
4270 }
4271
4272 /* Catch the 'accessing inaccessible register' cases we can detect
4273 * at translate time.
4274 */
4275 switch (*tgtmode) {
4276 case ARM_CPU_MODE_MON:
4277 if (!arm_dc_feature(s, ARM_FEATURE_EL3) || s->ns) {
4278 goto undef;
4279 }
4280 if (s->current_el == 1) {
4281 /* If we're in Secure EL1 (which implies that EL3 is AArch64)
4282 * then accesses to Mon registers trap to EL3
4283 */
4284 exc_target = 3;
4285 goto undef;
4286 }
4287 break;
4288 case ARM_CPU_MODE_HYP:
4289 /* Note that we can forbid accesses from EL2 here because they
4290 * must be from Hyp mode itself
4291 */
4292 if (!arm_dc_feature(s, ARM_FEATURE_EL2) || s->current_el < 3) {
4293 goto undef;
4294 }
4295 break;
4296 default:
4297 break;
4298 }
4299
4300 return true;
4301
4302 undef:
4303 /* If we get here then some access check did not pass */
4304 gen_exception_insn(s, 4, EXCP_UDEF, syn_uncategorized(), exc_target);
4305 return false;
4306 }
4307
4308 static void gen_msr_banked(DisasContext *s, int r, int sysm, int rn)
4309 {
4310 TCGv_i32 tcg_reg, tcg_tgtmode, tcg_regno;
4311 int tgtmode = 0, regno = 0;
4312
4313 if (!msr_banked_access_decode(s, r, sysm, rn, &tgtmode, &regno)) {
4314 return;
4315 }
4316
4317 /* Sync state because msr_banked() can raise exceptions */
4318 gen_set_condexec(s);
4319 gen_set_pc_im(s, s->pc - 4);
4320 tcg_reg = load_reg(s, rn);
4321 tcg_tgtmode = tcg_const_i32(tgtmode);
4322 tcg_regno = tcg_const_i32(regno);
4323 gen_helper_msr_banked(cpu_env, tcg_reg, tcg_tgtmode, tcg_regno);
4324 tcg_temp_free_i32(tcg_tgtmode);
4325 tcg_temp_free_i32(tcg_regno);
4326 tcg_temp_free_i32(tcg_reg);
4327 s->is_jmp = DISAS_UPDATE;
4328 }
4329
4330 static void gen_mrs_banked(DisasContext *s, int r, int sysm, int rn)
4331 {
4332 TCGv_i32 tcg_reg, tcg_tgtmode, tcg_regno;
4333 int tgtmode = 0, regno = 0;
4334
4335 if (!msr_banked_access_decode(s, r, sysm, rn, &tgtmode, &regno)) {
4336 return;
4337 }
4338
4339 /* Sync state because mrs_banked() can raise exceptions */
4340 gen_set_condexec(s);
4341 gen_set_pc_im(s, s->pc - 4);
4342 tcg_reg = tcg_temp_new_i32();
4343 tcg_tgtmode = tcg_const_i32(tgtmode);
4344 tcg_regno = tcg_const_i32(regno);
4345 gen_helper_mrs_banked(tcg_reg, cpu_env, tcg_tgtmode, tcg_regno);
4346 tcg_temp_free_i32(tcg_tgtmode);
4347 tcg_temp_free_i32(tcg_regno);
4348 store_reg(s, rn, tcg_reg);
4349 s->is_jmp = DISAS_UPDATE;
4350 }
4351
4352 /* Generate an old-style exception return. Marks pc as dead. */
4353 static void gen_exception_return(DisasContext *s, TCGv_i32 pc)
4354 {
4355 TCGv_i32 tmp;
4356 store_reg(s, 15, pc);
4357 tmp = load_cpu_field(spsr);
4358 gen_helper_cpsr_write_eret(cpu_env, tmp);
4359 tcg_temp_free_i32(tmp);
4360 s->is_jmp = DISAS_JUMP;
4361 }
4362
4363 /* Generate a v6 exception return. Marks both values as dead. */
4364 static void gen_rfe(DisasContext *s, TCGv_i32 pc, TCGv_i32 cpsr)
4365 {
4366 gen_helper_cpsr_write_eret(cpu_env, cpsr);
4367 tcg_temp_free_i32(cpsr);
4368 store_reg(s, 15, pc);
4369 s->is_jmp = DISAS_JUMP;
4370 }
4371
4372 static void gen_nop_hint(DisasContext *s, int val)
4373 {
4374 switch (val) {
4375 case 1: /* yield */
4376 gen_set_pc_im(s, s->pc);
4377 s->is_jmp = DISAS_YIELD;
4378 break;
4379 case 3: /* wfi */
4380 gen_set_pc_im(s, s->pc);
4381 s->is_jmp = DISAS_WFI;
4382 break;
4383 case 2: /* wfe */
4384 gen_set_pc_im(s, s->pc);
4385 s->is_jmp = DISAS_WFE;
4386 break;
4387 case 4: /* sev */
4388 case 5: /* sevl */
4389 /* TODO: Implement SEV, SEVL and WFE. May help SMP performance. */
4390 default: /* nop */
4391 break;
4392 }
4393 }
4394
4395 #define CPU_V001 cpu_V0, cpu_V0, cpu_V1
4396
4397 static inline void gen_neon_add(int size, TCGv_i32 t0, TCGv_i32 t1)
4398 {
4399 switch (size) {
4400 case 0: gen_helper_neon_add_u8(t0, t0, t1); break;
4401 case 1: gen_helper_neon_add_u16(t0, t0, t1); break;
4402 case 2: tcg_gen_add_i32(t0, t0, t1); break;
4403 default: abort();
4404 }
4405 }
4406
4407 static inline void gen_neon_rsb(int size, TCGv_i32 t0, TCGv_i32 t1)
4408 {
4409 switch (size) {
4410 case 0: gen_helper_neon_sub_u8(t0, t1, t0); break;
4411 case 1: gen_helper_neon_sub_u16(t0, t1, t0); break;
4412 case 2: tcg_gen_sub_i32(t0, t1, t0); break;
4413 default: return;
4414 }
4415 }
4416
4417 /* 32-bit pairwise ops end up the same as the elementwise versions. */
4418 #define gen_helper_neon_pmax_s32 gen_helper_neon_max_s32
4419 #define gen_helper_neon_pmax_u32 gen_helper_neon_max_u32
4420 #define gen_helper_neon_pmin_s32 gen_helper_neon_min_s32
4421 #define gen_helper_neon_pmin_u32 gen_helper_neon_min_u32
4422
4423 #define GEN_NEON_INTEGER_OP_ENV(name) do { \
4424 switch ((size << 1) | u) { \
4425 case 0: \
4426 gen_helper_neon_##name##_s8(tmp, cpu_env, tmp, tmp2); \
4427 break; \
4428 case 1: \
4429 gen_helper_neon_##name##_u8(tmp, cpu_env, tmp, tmp2); \
4430 break; \
4431 case 2: \
4432 gen_helper_neon_##name##_s16(tmp, cpu_env, tmp, tmp2); \
4433 break; \
4434 case 3: \
4435 gen_helper_neon_##name##_u16(tmp, cpu_env, tmp, tmp2); \
4436 break; \
4437 case 4: \
4438 gen_helper_neon_##name##_s32(tmp, cpu_env, tmp, tmp2); \
4439 break; \
4440 case 5: \
4441 gen_helper_neon_##name##_u32(tmp, cpu_env, tmp, tmp2); \
4442 break; \
4443 default: return 1; \
4444 }} while (0)
4445
4446 #define GEN_NEON_INTEGER_OP(name) do { \
4447 switch ((size << 1) | u) { \
4448 case 0: \
4449 gen_helper_neon_##name##_s8(tmp, tmp, tmp2); \
4450 break; \
4451 case 1: \
4452 gen_helper_neon_##name##_u8(tmp, tmp, tmp2); \
4453 break; \
4454 case 2: \
4455 gen_helper_neon_##name##_s16(tmp, tmp, tmp2); \
4456 break; \
4457 case 3: \
4458 gen_helper_neon_##name##_u16(tmp, tmp, tmp2); \
4459 break; \
4460 case 4: \
4461 gen_helper_neon_##name##_s32(tmp, tmp, tmp2); \
4462 break; \
4463 case 5: \
4464 gen_helper_neon_##name##_u32(tmp, tmp, tmp2); \
4465 break; \
4466 default: return 1; \
4467 }} while (0)
4468
4469 static TCGv_i32 neon_load_scratch(int scratch)
4470 {
4471 TCGv_i32 tmp = tcg_temp_new_i32();
4472 tcg_gen_ld_i32(tmp, cpu_env, offsetof(CPUARMState, vfp.scratch[scratch]));
4473 return tmp;
4474 }
4475
4476 static void neon_store_scratch(int scratch, TCGv_i32 var)
4477 {
4478 tcg_gen_st_i32(var, cpu_env, offsetof(CPUARMState, vfp.scratch[scratch]));
4479 tcg_temp_free_i32(var);
4480 }
4481
4482 static inline TCGv_i32 neon_get_scalar(int size, int reg)
4483 {
4484 TCGv_i32 tmp;
4485 if (size == 1) {
4486 tmp = neon_load_reg(reg & 7, reg >> 4);
4487 if (reg & 8) {
4488 gen_neon_dup_high16(tmp);
4489 } else {
4490 gen_neon_dup_low16(tmp);
4491 }
4492 } else {
4493 tmp = neon_load_reg(reg & 15, reg >> 4);
4494 }
4495 return tmp;
4496 }
4497
4498 static int gen_neon_unzip(int rd, int rm, int size, int q)
4499 {
4500 TCGv_i32 tmp, tmp2;
4501 if (!q && size == 2) {
4502 return 1;
4503 }
4504 tmp = tcg_const_i32(rd);
4505 tmp2 = tcg_const_i32(rm);
4506 if (q) {
4507 switch (size) {
4508 case 0:
4509 gen_helper_neon_qunzip8(cpu_env, tmp, tmp2);
4510 break;
4511 case 1:
4512 gen_helper_neon_qunzip16(cpu_env, tmp, tmp2);
4513 break;
4514 case 2:
4515 gen_helper_neon_qunzip32(cpu_env, tmp, tmp2);
4516 break;
4517 default:
4518 abort();
4519 }
4520 } else {
4521 switch (size) {
4522 case 0:
4523 gen_helper_neon_unzip8(cpu_env, tmp, tmp2);
4524 break;
4525 case 1:
4526 gen_helper_neon_unzip16(cpu_env, tmp, tmp2);
4527 break;
4528 default:
4529 abort();
4530 }
4531 }
4532 tcg_temp_free_i32(tmp);
4533 tcg_temp_free_i32(tmp2);
4534 return 0;
4535 }
4536
4537 static int gen_neon_zip(int rd, int rm, int size, int q)
4538 {
4539 TCGv_i32 tmp, tmp2;
4540 if (!q && size == 2) {
4541 return 1;
4542 }
4543 tmp = tcg_const_i32(rd);
4544 tmp2 = tcg_const_i32(rm);
4545 if (q) {
4546 switch (size) {
4547 case 0:
4548 gen_helper_neon_qzip8(cpu_env, tmp, tmp2);
4549 break;
4550 case 1:
4551 gen_helper_neon_qzip16(cpu_env, tmp, tmp2);
4552 break;
4553 case 2:
4554 gen_helper_neon_qzip32(cpu_env, tmp, tmp2);
4555 break;
4556 default:
4557 abort();
4558 }
4559 } else {
4560 switch (size) {
4561 case 0:
4562 gen_helper_neon_zip8(cpu_env, tmp, tmp2);
4563 break;
4564 case 1:
4565 gen_helper_neon_zip16(cpu_env, tmp, tmp2);
4566 break;
4567 default:
4568 abort();
4569 }
4570 }
4571 tcg_temp_free_i32(tmp);
4572 tcg_temp_free_i32(tmp2);
4573 return 0;
4574 }
4575
4576 static void gen_neon_trn_u8(TCGv_i32 t0, TCGv_i32 t1)
4577 {
4578 TCGv_i32 rd, tmp;
4579
4580 rd = tcg_temp_new_i32();
4581 tmp = tcg_temp_new_i32();
4582
4583 tcg_gen_shli_i32(rd, t0, 8);
4584 tcg_gen_andi_i32(rd, rd, 0xff00ff00);
4585 tcg_gen_andi_i32(tmp, t1, 0x00ff00ff);
4586 tcg_gen_or_i32(rd, rd, tmp);
4587
4588 tcg_gen_shri_i32(t1, t1, 8);
4589 tcg_gen_andi_i32(t1, t1, 0x00ff00ff);
4590 tcg_gen_andi_i32(tmp, t0, 0xff00ff00);
4591 tcg_gen_or_i32(t1, t1, tmp);
4592 tcg_gen_mov_i32(t0, rd);
4593
4594 tcg_temp_free_i32(tmp);
4595 tcg_temp_free_i32(rd);
4596 }
4597
4598 static void gen_neon_trn_u16(TCGv_i32 t0, TCGv_i32 t1)
4599 {
4600 TCGv_i32 rd, tmp;
4601
4602 rd = tcg_temp_new_i32();
4603 tmp = tcg_temp_new_i32();
4604
4605 tcg_gen_shli_i32(rd, t0, 16);
4606 tcg_gen_andi_i32(tmp, t1, 0xffff);
4607 tcg_gen_or_i32(rd, rd, tmp);
4608 tcg_gen_shri_i32(t1, t1, 16);
4609 tcg_gen_andi_i32(tmp, t0, 0xffff0000);
4610 tcg_gen_or_i32(t1, t1, tmp);
4611 tcg_gen_mov_i32(t0, rd);
4612
4613 tcg_temp_free_i32(tmp);
4614 tcg_temp_free_i32(rd);
4615 }
4616
4617
4618 static struct {
4619 int nregs;
4620 int interleave;
4621 int spacing;
4622 } neon_ls_element_type[11] = {
4623 {4, 4, 1},
4624 {4, 4, 2},
4625 {4, 1, 1},
4626 {4, 2, 1},
4627 {3, 3, 1},
4628 {3, 3, 2},
4629 {3, 1, 1},
4630 {1, 1, 1},
4631 {2, 2, 1},
4632 {2, 2, 2},
4633 {2, 1, 1}
4634 };
4635
4636 /* Translate a NEON load/store element instruction. Return nonzero if the
4637 instruction is invalid. */
4638 static int disas_neon_ls_insn(DisasContext *s, uint32_t insn)
4639 {
4640 int rd, rn, rm;
4641 int op;
4642 int nregs;
4643 int interleave;
4644 int spacing;
4645 int stride;
4646 int size;
4647 int reg;
4648 int pass;
4649 int load;
4650 int shift;
4651 int n;
4652 TCGv_i32 addr;
4653 TCGv_i32 tmp;
4654 TCGv_i32 tmp2;
4655 TCGv_i64 tmp64;
4656
4657 /* FIXME: this access check should not take precedence over UNDEF
4658 * for invalid encodings; we will generate incorrect syndrome information
4659 * for attempts to execute invalid vfp/neon encodings with FP disabled.
4660 */
4661 if (s->fp_excp_el) {
4662 gen_exception_insn(s, 4, EXCP_UDEF,
4663 syn_fp_access_trap(1, 0xe, false), s->fp_excp_el);
4664 return 0;
4665 }
4666
4667 if (!s->vfp_enabled)
4668 return 1;
4669 VFP_DREG_D(rd, insn);
4670 rn = (insn >> 16) & 0xf;
4671 rm = insn & 0xf;
4672 load = (insn & (1 << 21)) != 0;
4673 if ((insn & (1 << 23)) == 0) {
4674 /* Load store all elements. */
4675 op = (insn >> 8) & 0xf;
4676 size = (insn >> 6) & 3;
4677 if (op > 10)
4678 return 1;
4679 /* Catch UNDEF cases for bad values of align field */
4680 switch (op & 0xc) {
4681 case 4:
4682 if (((insn >> 5) & 1) == 1) {
4683 return 1;
4684 }
4685 break;
4686 case 8:
4687 if (((insn >> 4) & 3) == 3) {
4688 return 1;
4689 }
4690 break;
4691 default:
4692 break;
4693 }
4694 nregs = neon_ls_element_type[op].nregs;
4695 interleave = neon_ls_element_type[op].interleave;
4696 spacing = neon_ls_element_type[op].spacing;
4697 if (size == 3 && (interleave | spacing) != 1)
4698 return 1;
4699 addr = tcg_temp_new_i32();
4700 load_reg_var(s, addr, rn);
4701 stride = (1 << size) * interleave;
4702 for (reg = 0; reg < nregs; reg++) {
4703 if (interleave > 2 || (interleave == 2 && nregs == 2)) {
4704 load_reg_var(s, addr, rn);
4705 tcg_gen_addi_i32(addr, addr, (1 << size) * reg);
4706 } else if (interleave == 2 && nregs == 4 && reg == 2) {
4707 load_reg_var(s, addr, rn);
4708 tcg_gen_addi_i32(addr, addr, 1 << size);
4709 }
4710 if (size == 3) {
4711 tmp64 = tcg_temp_new_i64();
4712 if (load) {
4713 gen_aa32_ld64(s, tmp64, addr, get_mem_index(s));
4714 neon_store_reg64(tmp64, rd);
4715 } else {
4716 neon_load_reg64(tmp64, rd);
4717 gen_aa32_st64(s, tmp64, addr, get_mem_index(s));
4718 }
4719 tcg_temp_free_i64(tmp64);
4720 tcg_gen_addi_i32(addr, addr, stride);
4721 } else {
4722 for (pass = 0; pass < 2; pass++) {
4723 if (size == 2) {
4724 if (load) {
4725 tmp = tcg_temp_new_i32();
4726 gen_aa32_ld32u(s, tmp, addr, get_mem_index(s));
4727 neon_store_reg(rd, pass, tmp);
4728 } else {
4729 tmp = neon_load_reg(rd, pass);
4730 gen_aa32_st32(s, tmp, addr, get_mem_index(s));
4731 tcg_temp_free_i32(tmp);
4732 }
4733 tcg_gen_addi_i32(addr, addr, stride);
4734 } else if (size == 1) {
4735 if (load) {
4736 tmp = tcg_temp_new_i32();
4737 gen_aa32_ld16u(s, tmp, addr, get_mem_index(s));
4738 tcg_gen_addi_i32(addr, addr, stride);
4739 tmp2 = tcg_temp_new_i32();
4740 gen_aa32_ld16u(s, tmp2, addr, get_mem_index(s));
4741 tcg_gen_addi_i32(addr, addr, stride);
4742 tcg_gen_shli_i32(tmp2, tmp2, 16);
4743 tcg_gen_or_i32(tmp, tmp, tmp2);
4744 tcg_temp_free_i32(tmp2);
4745 neon_store_reg(rd, pass, tmp);
4746 } else {
4747 tmp = neon_load_reg(rd, pass);
4748 tmp2 = tcg_temp_new_i32();
4749 tcg_gen_shri_i32(tmp2, tmp, 16);
4750 gen_aa32_st16(s, tmp, addr, get_mem_index(s));
4751 tcg_temp_free_i32(tmp);
4752 tcg_gen_addi_i32(addr, addr, stride);
4753 gen_aa32_st16(s, tmp2, addr, get_mem_index(s));
4754 tcg_temp_free_i32(tmp2);
4755 tcg_gen_addi_i32(addr, addr, stride);
4756 }
4757 } else /* size == 0 */ {
4758 if (load) {
4759 TCGV_UNUSED_I32(tmp2);
4760 for (n = 0; n < 4; n++) {
4761 tmp = tcg_temp_new_i32();
4762 gen_aa32_ld8u(s, tmp, addr, get_mem_index(s));
4763 tcg_gen_addi_i32(addr, addr, stride);
4764 if (n == 0) {
4765 tmp2 = tmp;
4766 } else {
4767 tcg_gen_shli_i32(tmp, tmp, n * 8);
4768 tcg_gen_or_i32(tmp2, tmp2, tmp);
4769 tcg_temp_free_i32(tmp);
4770 }
4771 }
4772 neon_store_reg(rd, pass, tmp2);
4773 } else {
4774 tmp2 = neon_load_reg(rd, pass);
4775 for (n = 0; n < 4; n++) {
4776 tmp = tcg_temp_new_i32();
4777 if (n == 0) {
4778 tcg_gen_mov_i32(tmp, tmp2);
4779 } else {
4780 tcg_gen_shri_i32(tmp, tmp2, n * 8);
4781 }
4782 gen_aa32_st8(s, tmp, addr, get_mem_index(s));
4783 tcg_temp_free_i32(tmp);
4784 tcg_gen_addi_i32(addr, addr, stride);
4785 }
4786 tcg_temp_free_i32(tmp2);
4787 }
4788 }
4789 }
4790 }
4791 rd += spacing;
4792 }
4793 tcg_temp_free_i32(addr);
4794 stride = nregs * 8;
4795 } else {
4796 size = (insn >> 10) & 3;
4797 if (size == 3) {
4798 /* Load single element to all lanes. */
4799 int a = (insn >> 4) & 1;
4800 if (!load) {
4801 return 1;
4802 }
4803 size = (insn >> 6) & 3;
4804 nregs = ((insn >> 8) & 3) + 1;
4805
4806 if (size == 3) {
4807 if (nregs != 4 || a == 0) {
4808 return 1;
4809 }
4810 /* For VLD4 size==3 a == 1 means 32 bits at 16 byte alignment */
4811 size = 2;
4812 }
4813 if (nregs == 1 && a == 1 && size == 0) {
4814 return 1;
4815 }
4816 if (nregs == 3 && a == 1) {
4817 return 1;
4818 }
4819 addr = tcg_temp_new_i32();
4820 load_reg_var(s, addr, rn);
4821 if (nregs == 1) {
4822 /* VLD1 to all lanes: bit 5 indicates how many Dregs to write */
4823 tmp = gen_load_and_replicate(s, addr, size);
4824 tcg_gen_st_i32(tmp, cpu_env, neon_reg_offset(rd, 0));
4825 tcg_gen_st_i32(tmp, cpu_env, neon_reg_offset(rd, 1));
4826 if (insn & (1 << 5)) {
4827 tcg_gen_st_i32(tmp, cpu_env, neon_reg_offset(rd + 1, 0));
4828 tcg_gen_st_i32(tmp, cpu_env, neon_reg_offset(rd + 1, 1));
4829 }
4830 tcg_temp_free_i32(tmp);
4831 } else {
4832 /* VLD2/3/4 to all lanes: bit 5 indicates register stride */
4833 stride = (insn & (1 << 5)) ? 2 : 1;
4834 for (reg = 0; reg < nregs; reg++) {
4835 tmp = gen_load_and_replicate(s, addr, size);
4836 tcg_gen_st_i32(tmp, cpu_env, neon_reg_offset(rd, 0));
4837 tcg_gen_st_i32(tmp, cpu_env, neon_reg_offset(rd, 1));
4838 tcg_temp_free_i32(tmp);
4839 tcg_gen_addi_i32(addr, addr, 1 << size);
4840 rd += stride;
4841 }
4842 }
4843 tcg_temp_free_i32(addr);
4844 stride = (1 << size) * nregs;
4845 } else {
4846 /* Single element. */
4847 int idx = (insn >> 4) & 0xf;
4848 pass = (insn >> 7) & 1;
4849 switch (size) {
4850 case 0:
4851 shift = ((insn >> 5) & 3) * 8;
4852 stride = 1;
4853 break;
4854 case 1:
4855 shift = ((insn >> 6) & 1) * 16;
4856 stride = (insn & (1 << 5)) ? 2 : 1;
4857 break;
4858 case 2:
4859 shift = 0;
4860 stride = (insn & (1 << 6)) ? 2 : 1;
4861 break;
4862 default:
4863 abort();
4864 }
4865 nregs = ((insn >> 8) & 3) + 1;
4866 /* Catch the UNDEF cases. This is unavoidably a bit messy. */
4867 switch (nregs) {
4868 case 1:
4869 if (((idx & (1 << size)) != 0) ||
4870 (size == 2 && ((idx & 3) == 1 || (idx & 3) == 2))) {
4871 return 1;
4872 }
4873 break;
4874 case 3:
4875 if ((idx & 1) != 0) {
4876 return 1;
4877 }
4878 /* fall through */
4879 case 2:
4880 if (size == 2 && (idx & 2) != 0) {
4881 return 1;
4882 }
4883 break;
4884 case 4:
4885 if ((size == 2) && ((idx & 3) == 3)) {
4886 return 1;
4887 }
4888 break;
4889 default:
4890 abort();
4891 }
4892 if ((rd + stride * (nregs - 1)) > 31) {
4893 /* Attempts to write off the end of the register file
4894 * are UNPREDICTABLE; we choose to UNDEF because otherwise
4895 * the neon_load_reg() would write off the end of the array.
4896 */
4897 return 1;
4898 }
4899 addr = tcg_temp_new_i32();
4900 load_reg_var(s, addr, rn);
4901 for (reg = 0; reg < nregs; reg++) {
4902 if (load) {
4903 tmp = tcg_temp_new_i32();
4904 switch (size) {
4905 case 0:
4906 gen_aa32_ld8u(s, tmp, addr, get_mem_index(s));
4907 break;
4908 case 1:
4909 gen_aa32_ld16u(s, tmp, addr, get_mem_index(s));
4910 break;
4911 case 2:
4912 gen_aa32_ld32u(s, tmp, addr, get_mem_index(s));
4913 break;
4914 default: /* Avoid compiler warnings. */
4915 abort();
4916 }
4917 if (size != 2) {
4918 tmp2 = neon_load_reg(rd, pass);
4919 tcg_gen_deposit_i32(tmp, tmp2, tmp,
4920 shift, size ? 16 : 8);
4921 tcg_temp_free_i32(tmp2);
4922 }
4923 neon_store_reg(rd, pass, tmp);
4924 } else { /* Store */
4925 tmp = neon_load_reg(rd, pass);
4926 if (shift)
4927 tcg_gen_shri_i32(tmp, tmp, shift);
4928 switch (size) {
4929 case 0:
4930 gen_aa32_st8(s, tmp, addr, get_mem_index(s));
4931 break;
4932 case 1:
4933 gen_aa32_st16(s, tmp, addr, get_mem_index(s));
4934 break;
4935 case 2:
4936 gen_aa32_st32(s, tmp, addr, get_mem_index(s));
4937 break;
4938 }
4939 tcg_temp_free_i32(tmp);
4940 }
4941 rd += stride;
4942 tcg_gen_addi_i32(addr, addr, 1 << size);
4943 }
4944 tcg_temp_free_i32(addr);
4945 stride = nregs * (1 << size);
4946 }
4947 }
4948 if (rm != 15) {
4949 TCGv_i32 base;
4950
4951 base = load_reg(s, rn);
4952 if (rm == 13) {
4953 tcg_gen_addi_i32(base, base, stride);
4954 } else {
4955 TCGv_i32 index;
4956 index = load_reg(s, rm);
4957 tcg_gen_add_i32(base, base, index);
4958 tcg_temp_free_i32(index);
4959 }
4960 store_reg(s, rn, base);
4961 }
4962 return 0;
4963 }
4964
4965 /* Bitwise select. dest = c ? t : f. Clobbers T and F. */
4966 static void gen_neon_bsl(TCGv_i32 dest, TCGv_i32 t, TCGv_i32 f, TCGv_i32 c)
4967 {
4968 tcg_gen_and_i32(t, t, c);
4969 tcg_gen_andc_i32(f, f, c);
4970 tcg_gen_or_i32(dest, t, f);
4971 }
4972
4973 static inline void gen_neon_narrow(int size, TCGv_i32 dest, TCGv_i64 src)
4974 {
4975 switch (size) {
4976 case 0: gen_helper_neon_narrow_u8(dest, src); break;
4977 case 1: gen_helper_neon_narrow_u16(dest, src); break;
4978 case 2: tcg_gen_extrl_i64_i32(dest, src); break;
4979 default: abort();
4980 }
4981 }
4982
4983 static inline void gen_neon_narrow_sats(int size, TCGv_i32 dest, TCGv_i64 src)
4984 {
4985 switch (size) {
4986 case 0: gen_helper_neon_narrow_sat_s8(dest, cpu_env, src); break;
4987 case 1: gen_helper_neon_narrow_sat_s16(dest, cpu_env, src); break;
4988 case 2: gen_helper_neon_narrow_sat_s32(dest, cpu_env, src); break;
4989 default: abort();
4990 }
4991 }
4992
4993 static inline void gen_neon_narrow_satu(int size, TCGv_i32 dest, TCGv_i64 src)
4994 {
4995 switch (size) {
4996 case 0: gen_helper_neon_narrow_sat_u8(dest, cpu_env, src); break;
4997 case 1: gen_helper_neon_narrow_sat_u16(dest, cpu_env, src); break;
4998 case 2: gen_helper_neon_narrow_sat_u32(dest, cpu_env, src); break;
4999 default: abort();
5000 }
5001 }
5002
5003 static inline void gen_neon_unarrow_sats(int size, TCGv_i32 dest, TCGv_i64 src)
5004 {
5005 switch (size) {
5006 case 0: gen_helper_neon_unarrow_sat8(dest, cpu_env, src); break;
5007 case 1: gen_helper_neon_unarrow_sat16(dest, cpu_env, src); break;
5008 case 2: gen_helper_neon_unarrow_sat32(dest, cpu_env, src); break;
5009 default: abort();
5010 }
5011 }
5012
5013 static inline void gen_neon_shift_narrow(int size, TCGv_i32 var, TCGv_i32 shift,
5014 int q, int u)
5015 {
5016 if (q) {
5017 if (u) {
5018 switch (size) {
5019 case 1: gen_helper_neon_rshl_u16(var, var, shift); break;
5020 case 2: gen_helper_neon_rshl_u32(var, var, shift); break;
5021 default: abort();
5022 }
5023 } else {
5024 switch (size) {
5025 case 1: gen_helper_neon_rshl_s16(var, var, shift); break;
5026 case 2: gen_helper_neon_rshl_s32(var, var, shift); break;
5027 default: abort();
5028 }
5029 }
5030 } else {
5031 if (u) {
5032 switch (size) {
5033 case 1: gen_helper_neon_shl_u16(var, var, shift); break;
5034 case 2: gen_helper_neon_shl_u32(var, var, shift); break;
5035 default: abort();
5036 }
5037 } else {
5038 switch (size) {
5039 case 1: gen_helper_neon_shl_s16(var, var, shift); break;
5040 case 2: gen_helper_neon_shl_s32(var, var, shift); break;
5041 default: abort();
5042 }
5043 }
5044 }
5045 }
5046
5047 static inline void gen_neon_widen(TCGv_i64 dest, TCGv_i32 src, int size, int u)
5048 {
5049 if (u) {
5050 switch (size) {
5051 case 0: gen_helper_neon_widen_u8(dest, src); break;
5052 case 1: gen_helper_neon_widen_u16(dest, src); break;
5053 case 2: tcg_gen_extu_i32_i64(dest, src); break;
5054 default: abort();
5055 }
5056 } else {
5057 switch (size) {
5058 case 0: gen_helper_neon_widen_s8(dest, src); break;
5059 case 1: gen_helper_neon_widen_s16(dest, src); break;
5060 case 2: tcg_gen_ext_i32_i64(dest, src); break;
5061 default: abort();
5062 }
5063 }
5064 tcg_temp_free_i32(src);
5065 }
5066
5067 static inline void gen_neon_addl(int size)
5068 {
5069 switch (size) {
5070 case 0: gen_helper_neon_addl_u16(CPU_V001); break;
5071 case 1: gen_helper_neon_addl_u32(CPU_V001); break;
5072 case 2: tcg_gen_add_i64(CPU_V001); break;
5073 default: abort();
5074 }
5075 }
5076
5077 static inline void gen_neon_subl(int size)
5078 {
5079 switch (size) {
5080 case 0: gen_helper_neon_subl_u16(CPU_V001); break;
5081 case 1: gen_helper_neon_subl_u32(CPU_V001); break;
5082 case 2: tcg_gen_sub_i64(CPU_V001); break;
5083 default: abort();
5084 }
5085 }
5086
5087 static inline void gen_neon_negl(TCGv_i64 var, int size)
5088 {
5089 switch (size) {
5090 case 0: gen_helper_neon_negl_u16(var, var); break;
5091 case 1: gen_helper_neon_negl_u32(var, var); break;
5092 case 2:
5093 tcg_gen_neg_i64(var, var);
5094 break;
5095 default: abort();
5096 }
5097 }
5098
5099 static inline void gen_neon_addl_saturate(TCGv_i64 op0, TCGv_i64 op1, int size)
5100 {
5101 switch (size) {
5102 case 1: gen_helper_neon_addl_saturate_s32(op0, cpu_env, op0, op1); break;
5103 case 2: gen_helper_neon_addl_saturate_s64(op0, cpu_env, op0, op1); break;
5104 default: abort();
5105 }
5106 }
5107
5108 static inline void gen_neon_mull(TCGv_i64 dest, TCGv_i32 a, TCGv_i32 b,
5109 int size, int u)
5110 {
5111 TCGv_i64 tmp;
5112
5113 switch ((size << 1) | u) {
5114 case 0: gen_helper_neon_mull_s8(dest, a, b); break;
5115 case 1: gen_helper_neon_mull_u8(dest, a, b); break;
5116 case 2: gen_helper_neon_mull_s16(dest, a, b); break;
5117 case 3: gen_helper_neon_mull_u16(dest, a, b); break;
5118 case 4:
5119 tmp = gen_muls_i64_i32(a, b);
5120 tcg_gen_mov_i64(dest, tmp);
5121 tcg_temp_free_i64(tmp);
5122 break;
5123 case 5:
5124 tmp = gen_mulu_i64_i32(a, b);
5125 tcg_gen_mov_i64(dest, tmp);
5126 tcg_temp_free_i64(tmp);
5127 break;
5128 default: abort();
5129 }
5130
5131 /* gen_helper_neon_mull_[su]{8|16} do not free their parameters.
5132 Don't forget to clean them now. */
5133 if (size < 2) {
5134 tcg_temp_free_i32(a);
5135 tcg_temp_free_i32(b);
5136 }
5137 }
5138
5139 static void gen_neon_narrow_op(int op, int u, int size,
5140 TCGv_i32 dest, TCGv_i64 src)
5141 {
5142 if (op) {
5143 if (u) {
5144 gen_neon_unarrow_sats(size, dest, src);
5145 } else {
5146 gen_neon_narrow(size, dest, src);
5147 }
5148 } else {
5149 if (u) {
5150 gen_neon_narrow_satu(size, dest, src);
5151 } else {
5152 gen_neon_narrow_sats(size, dest, src);
5153 }
5154 }
5155 }
5156
5157 /* Symbolic constants for op fields for Neon 3-register same-length.
5158 * The values correspond to bits [11:8,4]; see the ARM ARM DDI0406B
5159 * table A7-9.
5160 */
5161 #define NEON_3R_VHADD 0
5162 #define NEON_3R_VQADD 1
5163 #define NEON_3R_VRHADD 2
5164 #define NEON_3R_LOGIC 3 /* VAND,VBIC,VORR,VMOV,VORN,VEOR,VBIF,VBIT,VBSL */
5165 #define NEON_3R_VHSUB 4
5166 #define NEON_3R_VQSUB 5
5167 #define NEON_3R_VCGT 6
5168 #define NEON_3R_VCGE 7
5169 #define NEON_3R_VSHL 8
5170 #define NEON_3R_VQSHL 9
5171 #define NEON_3R_VRSHL 10
5172 #define NEON_3R_VQRSHL 11
5173 #define NEON_3R_VMAX 12
5174 #define NEON_3R_VMIN 13
5175 #define NEON_3R_VABD 14
5176 #define NEON_3R_VABA 15
5177 #define NEON_3R_VADD_VSUB 16
5178 #define NEON_3R_VTST_VCEQ 17
5179 #define NEON_3R_VML 18 /* VMLA, VMLAL, VMLS, VMLSL */
5180 #define NEON_3R_VMUL 19
5181 #define NEON_3R_VPMAX 20
5182 #define NEON_3R_VPMIN 21
5183 #define NEON_3R_VQDMULH_VQRDMULH 22
5184 #define NEON_3R_VPADD 23
5185 #define NEON_3R_SHA 24 /* SHA1C,SHA1P,SHA1M,SHA1SU0,SHA256H{2},SHA256SU1 */
5186 #define NEON_3R_VFM 25 /* VFMA, VFMS : float fused multiply-add */
5187 #define NEON_3R_FLOAT_ARITH 26 /* float VADD, VSUB, VPADD, VABD */
5188 #define NEON_3R_FLOAT_MULTIPLY 27 /* float VMLA, VMLS, VMUL */
5189 #define NEON_3R_FLOAT_CMP 28 /* float VCEQ, VCGE, VCGT */
5190 #define NEON_3R_FLOAT_ACMP 29 /* float VACGE, VACGT, VACLE, VACLT */
5191 #define NEON_3R_FLOAT_MINMAX 30 /* float VMIN, VMAX */
5192 #define NEON_3R_FLOAT_MISC 31 /* float VRECPS, VRSQRTS, VMAXNM/MINNM */
5193
5194 static const uint8_t neon_3r_sizes[] = {
5195 [NEON_3R_VHADD] = 0x7,
5196 [NEON_3R_VQADD] = 0xf,
5197 [NEON_3R_VRHADD] = 0x7,
5198 [NEON_3R_LOGIC] = 0xf, /* size field encodes op type */
5199 [NEON_3R_VHSUB] = 0x7,
5200 [NEON_3R_VQSUB] = 0xf,
5201 [NEON_3R_VCGT] = 0x7,
5202 [NEON_3R_VCGE] = 0x7,
5203 [NEON_3R_VSHL] = 0xf,
5204 [NEON_3R_VQSHL] = 0xf,
5205 [NEON_3R_VRSHL] = 0xf,
5206 [NEON_3R_VQRSHL] = 0xf,
5207 [NEON_3R_VMAX] = 0x7,
5208 [NEON_3R_VMIN] = 0x7,
5209 [NEON_3R_VABD] = 0x7,
5210 [NEON_3R_VABA] = 0x7,
5211 [NEON_3R_VADD_VSUB] = 0xf,
5212 [NEON_3R_VTST_VCEQ] = 0x7,
5213 [NEON_3R_VML] = 0x7,
5214 [NEON_3R_VMUL] = 0x7,
5215 [NEON_3R_VPMAX] = 0x7,
5216 [NEON_3R_VPMIN] = 0x7,
5217 [NEON_3R_VQDMULH_VQRDMULH] = 0x6,
5218 [NEON_3R_VPADD] = 0x7,
5219 [NEON_3R_SHA] = 0xf, /* size field encodes op type */
5220 [NEON_3R_VFM] = 0x5, /* size bit 1 encodes op */
5221 [NEON_3R_FLOAT_ARITH] = 0x5, /* size bit 1 encodes op */
5222 [NEON_3R_FLOAT_MULTIPLY] = 0x5, /* size bit 1 encodes op */
5223 [NEON_3R_FLOAT_CMP] = 0x5, /* size bit 1 encodes op */
5224 [NEON_3R_FLOAT_ACMP] = 0x5, /* size bit 1 encodes op */
5225 [NEON_3R_FLOAT_MINMAX] = 0x5, /* size bit 1 encodes op */
5226 [NEON_3R_FLOAT_MISC] = 0x5, /* size bit 1 encodes op */
5227 };
5228
5229 /* Symbolic constants for op fields for Neon 2-register miscellaneous.
5230 * The values correspond to bits [17:16,10:7]; see the ARM ARM DDI0406B
5231 * table A7-13.
5232 */
5233 #define NEON_2RM_VREV64 0
5234 #define NEON_2RM_VREV32 1
5235 #define NEON_2RM_VREV16 2
5236 #define NEON_2RM_VPADDL 4
5237 #define NEON_2RM_VPADDL_U 5
5238 #define NEON_2RM_AESE 6 /* Includes AESD */
5239 #define NEON_2RM_AESMC 7 /* Includes AESIMC */
5240 #define NEON_2RM_VCLS 8
5241 #define NEON_2RM_VCLZ 9
5242 #define NEON_2RM_VCNT 10
5243 #define NEON_2RM_VMVN 11
5244 #define NEON_2RM_VPADAL 12
5245 #define NEON_2RM_VPADAL_U 13
5246 #define NEON_2RM_VQABS 14
5247 #define NEON_2RM_VQNEG 15
5248 #define NEON_2RM_VCGT0 16
5249 #define NEON_2RM_VCGE0 17
5250 #define NEON_2RM_VCEQ0 18
5251 #define NEON_2RM_VCLE0 19
5252 #define NEON_2RM_VCLT0 20
5253 #define NEON_2RM_SHA1H 21
5254 #define NEON_2RM_VABS 22
5255 #define NEON_2RM_VNEG 23
5256 #define NEON_2RM_VCGT0_F 24
5257 #define NEON_2RM_VCGE0_F 25
5258 #define NEON_2RM_VCEQ0_F 26
5259 #define NEON_2RM_VCLE0_F 27
5260 #define NEON_2RM_VCLT0_F 28
5261 #define NEON_2RM_VABS_F 30
5262 #define NEON_2RM_VNEG_F 31
5263 #define NEON_2RM_VSWP 32
5264 #define NEON_2RM_VTRN 33
5265 #define NEON_2RM_VUZP 34
5266 #define NEON_2RM_VZIP 35
5267 #define NEON_2RM_VMOVN 36 /* Includes VQMOVN, VQMOVUN */
5268 #define NEON_2RM_VQMOVN 37 /* Includes VQMOVUN */
5269 #define NEON_2RM_VSHLL 38
5270 #define NEON_2RM_SHA1SU1 39 /* Includes SHA256SU0 */
5271 #define NEON_2RM_VRINTN 40
5272 #define NEON_2RM_VRINTX 41
5273 #define NEON_2RM_VRINTA 42
5274 #define NEON_2RM_VRINTZ 43
5275 #define NEON_2RM_VCVT_F16_F32 44
5276 #define NEON_2RM_VRINTM 45
5277 #define NEON_2RM_VCVT_F32_F16 46
5278 #define NEON_2RM_VRINTP 47
5279 #define NEON_2RM_VCVTAU 48
5280 #define NEON_2RM_VCVTAS 49
5281 #define NEON_2RM_VCVTNU 50
5282 #define NEON_2RM_VCVTNS 51
5283 #define NEON_2RM_VCVTPU 52
5284 #define NEON_2RM_VCVTPS 53
5285 #define NEON_2RM_VCVTMU 54
5286 #define NEON_2RM_VCVTMS 55
5287 #define NEON_2RM_VRECPE 56
5288 #define NEON_2RM_VRSQRTE 57
5289 #define NEON_2RM_VRECPE_F 58
5290 #define NEON_2RM_VRSQRTE_F 59
5291 #define NEON_2RM_VCVT_FS 60
5292 #define NEON_2RM_VCVT_FU 61
5293 #define NEON_2RM_VCVT_SF 62
5294 #define NEON_2RM_VCVT_UF 63
5295
5296 static int neon_2rm_is_float_op(int op)
5297 {
5298 /* Return true if this neon 2reg-misc op is float-to-float */
5299 return (op == NEON_2RM_VABS_F || op == NEON_2RM_VNEG_F ||
5300 (op >= NEON_2RM_VRINTN && op <= NEON_2RM_VRINTZ) ||
5301 op == NEON_2RM_VRINTM ||
5302 (op >= NEON_2RM_VRINTP && op <= NEON_2RM_VCVTMS) ||
5303 op >= NEON_2RM_VRECPE_F);
5304 }
5305
5306 /* Each entry in this array has bit n set if the insn allows
5307 * size value n (otherwise it will UNDEF). Since unallocated
5308 * op values will have no bits set they always UNDEF.
5309 */
5310 static const uint8_t neon_2rm_sizes[] = {
5311 [NEON_2RM_VREV64] = 0x7,
5312 [NEON_2RM_VREV32] = 0x3,
5313 [NEON_2RM_VREV16] = 0x1,
5314 [NEON_2RM_VPADDL] = 0x7,
5315 [NEON_2RM_VPADDL_U] = 0x7,
5316 [NEON_2RM_AESE] = 0x1,
5317 [NEON_2RM_AESMC] = 0x1,
5318 [NEON_2RM_VCLS] = 0x7,
5319 [NEON_2RM_VCLZ] = 0x7,
5320 [NEON_2RM_VCNT] = 0x1,
5321 [NEON_2RM_VMVN] = 0x1,
5322 [NEON_2RM_VPADAL] = 0x7,
5323 [NEON_2RM_VPADAL_U] = 0x7,
5324 [NEON_2RM_VQABS] = 0x7,
5325 [NEON_2RM_VQNEG] = 0x7,
5326 [NEON_2RM_VCGT0] = 0x7,
5327 [NEON_2RM_VCGE0] = 0x7,
5328 [NEON_2RM_VCEQ0] = 0x7,
5329 [NEON_2RM_VCLE0] = 0x7,
5330 [NEON_2RM_VCLT0] = 0x7,
5331 [NEON_2RM_SHA1H] = 0x4,
5332 [NEON_2RM_VABS] = 0x7,
5333 [NEON_2RM_VNEG] = 0x7,
5334 [NEON_2RM_VCGT0_F] = 0x4,
5335 [NEON_2RM_VCGE0_F] = 0x4,
5336 [NEON_2RM_VCEQ0_F] = 0x4,
5337 [NEON_2RM_VCLE0_F] = 0x4,
5338 [NEON_2RM_VCLT0_F] = 0x4,
5339 [NEON_2RM_VABS_F] = 0x4,
5340 [NEON_2RM_VNEG_F] = 0x4,
5341 [NEON_2RM_VSWP] = 0x1,
5342 [NEON_2RM_VTRN] = 0x7,
5343 [NEON_2RM_VUZP] = 0x7,
5344 [NEON_2RM_VZIP] = 0x7,
5345 [NEON_2RM_VMOVN] = 0x7,
5346 [NEON_2RM_VQMOVN] = 0x7,
5347 [NEON_2RM_VSHLL] = 0x7,
5348 [NEON_2RM_SHA1SU1] = 0x4,
5349 [NEON_2RM_VRINTN] = 0x4,
5350 [NEON_2RM_VRINTX] = 0x4,
5351 [NEON_2RM_VRINTA] = 0x4,
5352 [NEON_2RM_VRINTZ] = 0x4,
5353 [NEON_2RM_VCVT_F16_F32] = 0x2,
5354 [NEON_2RM_VRINTM] = 0x4,
5355 [NEON_2RM_VCVT_F32_F16] = 0x2,
5356 [NEON_2RM_VRINTP] = 0x4,
5357 [NEON_2RM_VCVTAU] = 0x4,
5358 [NEON_2RM_VCVTAS] = 0x4,
5359 [NEON_2RM_VCVTNU] = 0x4,
5360 [NEON_2RM_VCVTNS] = 0x4,
5361 [NEON_2RM_VCVTPU] = 0x4,
5362 [NEON_2RM_VCVTPS] = 0x4,
5363 [NEON_2RM_VCVTMU] = 0x4,
5364 [NEON_2RM_VCVTMS] = 0x4,
5365 [NEON_2RM_VRECPE] = 0x4,
5366 [NEON_2RM_VRSQRTE] = 0x4,
5367 [NEON_2RM_VRECPE_F] = 0x4,
5368 [NEON_2RM_VRSQRTE_F] = 0x4,
5369 [NEON_2RM_VCVT_FS] = 0x4,
5370 [NEON_2RM_VCVT_FU] = 0x4,
5371 [NEON_2RM_VCVT_SF] = 0x4,
5372 [NEON_2RM_VCVT_UF] = 0x4,
5373 };
5374
5375 /* Translate a NEON data processing instruction. Return nonzero if the
5376 instruction is invalid.
5377 We process data in a mixture of 32-bit and 64-bit chunks.
5378 Mostly we use 32-bit chunks so we can use normal scalar instructions. */
5379
5380 static int disas_neon_data_insn(DisasContext *s, uint32_t insn)
5381 {
5382 int op;
5383 int q;
5384 int rd, rn, rm;
5385 int size;
5386 int shift;
5387 int pass;
5388 int count;
5389 int pairwise;
5390 int u;
5391 uint32_t imm, mask;
5392 TCGv_i32 tmp, tmp2, tmp3, tmp4, tmp5;
5393 TCGv_i64 tmp64;
5394
5395 /* FIXME: this access check should not take precedence over UNDEF
5396 * for invalid encodings; we will generate incorrect syndrome information
5397 * for attempts to execute invalid vfp/neon encodings with FP disabled.
5398 */
5399 if (s->fp_excp_el) {
5400 gen_exception_insn(s, 4, EXCP_UDEF,
5401 syn_fp_access_trap(1, 0xe, false), s->fp_excp_el);
5402 return 0;
5403 }
5404
5405 if (!s->vfp_enabled)
5406 return 1;
5407 q = (insn & (1 << 6)) != 0;
5408 u = (insn >> 24) & 1;
5409 VFP_DREG_D(rd, insn);
5410 VFP_DREG_N(rn, insn);
5411 VFP_DREG_M(rm, insn);
5412 size = (insn >> 20) & 3;
5413 if ((insn & (1 << 23)) == 0) {
5414 /* Three register same length. */
5415 op = ((insn >> 7) & 0x1e) | ((insn >> 4) & 1);
5416 /* Catch invalid op and bad size combinations: UNDEF */
5417 if ((neon_3r_sizes[op] & (1 << size)) == 0) {
5418 return 1;
5419 }
5420 /* All insns of this form UNDEF for either this condition or the
5421 * superset of cases "Q==1"; we catch the latter later.
5422 */
5423 if (q && ((rd | rn | rm) & 1)) {
5424 return 1;
5425 }
5426 /*
5427 * The SHA-1/SHA-256 3-register instructions require special treatment
5428 * here, as their size field is overloaded as an op type selector, and
5429 * they all consume their input in a single pass.
5430 */
5431 if (op == NEON_3R_SHA) {
5432 if (!q) {
5433 return 1;
5434 }
5435 if (!u) { /* SHA-1 */
5436 if (!arm_dc_feature(s, ARM_FEATURE_V8_SHA1)) {
5437 return 1;
5438 }
5439 tmp = tcg_const_i32(rd);
5440 tmp2 = tcg_const_i32(rn);
5441 tmp3 = tcg_const_i32(rm);
5442 tmp4 = tcg_const_i32(size);
5443 gen_helper_crypto_sha1_3reg(cpu_env, tmp, tmp2, tmp3, tmp4);
5444 tcg_temp_free_i32(tmp4);
5445 } else { /* SHA-256 */
5446 if (!arm_dc_feature(s, ARM_FEATURE_V8_SHA256) || size == 3) {
5447 return 1;
5448 }
5449 tmp = tcg_const_i32(rd);
5450 tmp2 = tcg_const_i32(rn);
5451 tmp3 = tcg_const_i32(rm);
5452 switch (size) {
5453 case 0:
5454 gen_helper_crypto_sha256h(cpu_env, tmp, tmp2, tmp3);
5455 break;
5456 case 1:
5457 gen_helper_crypto_sha256h2(cpu_env, tmp, tmp2, tmp3);
5458 break;
5459 case 2:
5460 gen_helper_crypto_sha256su1(cpu_env, tmp, tmp2, tmp3);
5461 break;
5462 }
5463 }
5464 tcg_temp_free_i32(tmp);
5465 tcg_temp_free_i32(tmp2);
5466 tcg_temp_free_i32(tmp3);
5467 return 0;
5468 }
5469 if (size == 3 && op != NEON_3R_LOGIC) {
5470 /* 64-bit element instructions. */
5471 for (pass = 0; pass < (q ? 2 : 1); pass++) {
5472 neon_load_reg64(cpu_V0, rn + pass);
5473 neon_load_reg64(cpu_V1, rm + pass);
5474 switch (op) {
5475 case NEON_3R_VQADD:
5476 if (u) {
5477 gen_helper_neon_qadd_u64(cpu_V0, cpu_env,
5478 cpu_V0, cpu_V1);
5479 } else {
5480 gen_helper_neon_qadd_s64(cpu_V0, cpu_env,
5481 cpu_V0, cpu_V1);
5482 }
5483 break;
5484 case NEON_3R_VQSUB:
5485 if (u) {
5486 gen_helper_neon_qsub_u64(cpu_V0, cpu_env,
5487 cpu_V0, cpu_V1);
5488 } else {
5489 gen_helper_neon_qsub_s64(cpu_V0, cpu_env,
5490 cpu_V0, cpu_V1);
5491 }
5492 break;
5493 case NEON_3R_VSHL:
5494 if (u) {
5495 gen_helper_neon_shl_u64(cpu_V0, cpu_V1, cpu_V0);
5496 } else {
5497 gen_helper_neon_shl_s64(cpu_V0, cpu_V1, cpu_V0);
5498 }
5499 break;
5500 case NEON_3R_VQSHL:
5501 if (u) {
5502 gen_helper_neon_qshl_u64(cpu_V0, cpu_env,
5503 cpu_V1, cpu_V0);
5504 } else {
5505 gen_helper_neon_qshl_s64(cpu_V0, cpu_env,
5506 cpu_V1, cpu_V0);
5507 }
5508 break;
5509 case NEON_3R_VRSHL:
5510 if (u) {
5511 gen_helper_neon_rshl_u64(cpu_V0, cpu_V1, cpu_V0);
5512 } else {
5513 gen_helper_neon_rshl_s64(cpu_V0, cpu_V1, cpu_V0);
5514 }
5515 break;
5516 case NEON_3R_VQRSHL:
5517 if (u) {
5518 gen_helper_neon_qrshl_u64(cpu_V0, cpu_env,
5519 cpu_V1, cpu_V0);
5520 } else {
5521 gen_helper_neon_qrshl_s64(cpu_V0, cpu_env,
5522 cpu_V1, cpu_V0);
5523 }
5524 break;
5525 case NEON_3R_VADD_VSUB:
5526 if (u) {
5527 tcg_gen_sub_i64(CPU_V001);
5528 } else {
5529 tcg_gen_add_i64(CPU_V001);
5530 }
5531 break;
5532 default:
5533 abort();
5534 }
5535 neon_store_reg64(cpu_V0, rd + pass);
5536 }
5537 return 0;
5538 }
5539 pairwise = 0;
5540 switch (op) {
5541 case NEON_3R_VSHL:
5542 case NEON_3R_VQSHL:
5543 case NEON_3R_VRSHL:
5544 case NEON_3R_VQRSHL:
5545 {
5546 int rtmp;
5547 /* Shift instruction operands are reversed. */
5548 rtmp = rn;
5549 rn = rm;
5550 rm = rtmp;
5551 }
5552 break;
5553 case NEON_3R_VPADD:
5554 if (u) {
5555 return 1;
5556 }
5557 /* Fall through */
5558 case NEON_3R_VPMAX:
5559 case NEON_3R_VPMIN:
5560 pairwise = 1;
5561 break;
5562 case NEON_3R_FLOAT_ARITH:
5563 pairwise = (u && size < 2); /* if VPADD (float) */
5564 break;
5565 case NEON_3R_FLOAT_MINMAX:
5566 pairwise = u; /* if VPMIN/VPMAX (float) */
5567 break;
5568 case NEON_3R_FLOAT_CMP:
5569 if (!u && size) {
5570 /* no encoding for U=0 C=1x */
5571 return 1;
5572 }
5573 break;
5574 case NEON_3R_FLOAT_ACMP:
5575 if (!u) {
5576 return 1;
5577 }
5578 break;
5579 case NEON_3R_FLOAT_MISC:
5580 /* VMAXNM/VMINNM in ARMv8 */
5581 if (u && !arm_dc_feature(s, ARM_FEATURE_V8)) {
5582 return 1;
5583 }
5584 break;
5585 case NEON_3R_VMUL:
5586 if (u && (size != 0)) {
5587 /* UNDEF on invalid size for polynomial subcase */
5588 return 1;
5589 }
5590 break;
5591 case NEON_3R_VFM:
5592 if (!arm_dc_feature(s, ARM_FEATURE_VFP4) || u) {
5593 return 1;
5594 }
5595 break;
5596 default:
5597 break;
5598 }
5599
5600 if (pairwise && q) {
5601 /* All the pairwise insns UNDEF if Q is set */
5602 return 1;
5603 }
5604
5605 for (pass = 0; pass < (q ? 4 : 2); pass++) {
5606
5607 if (pairwise) {
5608 /* Pairwise. */
5609 if (pass < 1) {
5610 tmp = neon_load_reg(rn, 0);
5611 tmp2 = neon_load_reg(rn, 1);
5612 } else {
5613 tmp = neon_load_reg(rm, 0);
5614 tmp2 = neon_load_reg(rm, 1);
5615 }
5616 } else {
5617 /* Elementwise. */
5618 tmp = neon_load_reg(rn, pass);
5619 tmp2 = neon_load_reg(rm, pass);
5620 }
5621 switch (op) {
5622 case NEON_3R_VHADD:
5623 GEN_NEON_INTEGER_OP(hadd);
5624 break;
5625 case NEON_3R_VQADD:
5626 GEN_NEON_INTEGER_OP_ENV(qadd);
5627 break;
5628 case NEON_3R_VRHADD:
5629 GEN_NEON_INTEGER_OP(rhadd);
5630 break;
5631 case NEON_3R_LOGIC: /* Logic ops. */
5632 switch ((u << 2) | size) {
5633 case 0: /* VAND */
5634 tcg_gen_and_i32(tmp, tmp, tmp2);
5635 break;
5636 case 1: /* BIC */
5637 tcg_gen_andc_i32(tmp, tmp, tmp2);
5638 break;
5639 case 2: /* VORR */
5640 tcg_gen_or_i32(tmp, tmp, tmp2);
5641 break;
5642 case 3: /* VORN */
5643 tcg_gen_orc_i32(tmp, tmp, tmp2);
5644 break;
5645 case 4: /* VEOR */
5646 tcg_gen_xor_i32(tmp, tmp, tmp2);
5647 break;
5648 case 5: /* VBSL */
5649 tmp3 = neon_load_reg(rd, pass);
5650 gen_neon_bsl(tmp, tmp, tmp2, tmp3);
5651 tcg_temp_free_i32(tmp3);
5652 break;
5653 case 6: /* VBIT */
5654 tmp3 = neon_load_reg(rd, pass);
5655 gen_neon_bsl(tmp, tmp, tmp3, tmp2);
5656 tcg_temp_free_i32(tmp3);
5657 break;
5658 case 7: /* VBIF */
5659 tmp3 = neon_load_reg(rd, pass);
5660 gen_neon_bsl(tmp, tmp3, tmp, tmp2);
5661 tcg_temp_free_i32(tmp3);
5662 break;
5663 }
5664 break;
5665 case NEON_3R_VHSUB:
5666 GEN_NEON_INTEGER_OP(hsub);
5667 break;
5668 case NEON_3R_VQSUB:
5669 GEN_NEON_INTEGER_OP_ENV(qsub);
5670 break;
5671 case NEON_3R_VCGT:
5672 GEN_NEON_INTEGER_OP(cgt);
5673 break;
5674 case NEON_3R_VCGE:
5675 GEN_NEON_INTEGER_OP(cge);
5676 break;
5677 case NEON_3R_VSHL:
5678 GEN_NEON_INTEGER_OP(shl);
5679 break;
5680 case NEON_3R_VQSHL:
5681 GEN_NEON_INTEGER_OP_ENV(qshl);
5682 break;
5683 case NEON_3R_VRSHL:
5684 GEN_NEON_INTEGER_OP(rshl);
5685 break;
5686 case NEON_3R_VQRSHL:
5687 GEN_NEON_INTEGER_OP_ENV(qrshl);
5688 break;
5689 case NEON_3R_VMAX:
5690 GEN_NEON_INTEGER_OP(max);
5691 break;
5692 case NEON_3R_VMIN:
5693 GEN_NEON_INTEGER_OP(min);
5694 break;
5695 case NEON_3R_VABD:
5696 GEN_NEON_INTEGER_OP(abd);
5697 break;
5698 case NEON_3R_VABA:
5699 GEN_NEON_INTEGER_OP(abd);
5700 tcg_temp_free_i32(tmp2);
5701 tmp2 = neon_load_reg(rd, pass);
5702 gen_neon_add(size, tmp, tmp2);
5703 break;
5704 case NEON_3R_VADD_VSUB:
5705 if (!u) { /* VADD */
5706 gen_neon_add(size, tmp, tmp2);
5707 } else { /* VSUB */
5708 switch (size) {
5709 case 0: gen_helper_neon_sub_u8(tmp, tmp, tmp2); break;
5710 case 1: gen_helper_neon_sub_u16(tmp, tmp, tmp2); break;
5711 case 2: tcg_gen_sub_i32(tmp, tmp, tmp2); break;
5712 default: abort();
5713 }
5714 }
5715 break;
5716 case NEON_3R_VTST_VCEQ:
5717 if (!u) { /* VTST */
5718 switch (size) {
5719 case 0: gen_helper_neon_tst_u8(tmp, tmp, tmp2); break;
5720 case 1: gen_helper_neon_tst_u16(tmp, tmp, tmp2); break;
5721 case 2: gen_helper_neon_tst_u32(tmp, tmp, tmp2); break;
5722 default: abort();
5723 }
5724 } else { /* VCEQ */
5725 switch (size) {
5726 case 0: gen_helper_neon_ceq_u8(tmp, tmp, tmp2); break;
5727 case 1: gen_helper_neon_ceq_u16(tmp, tmp, tmp2); break;
5728 case 2: gen_helper_neon_ceq_u32(tmp, tmp, tmp2); break;
5729 default: abort();
5730 }
5731 }
5732 break;
5733 case NEON_3R_VML: /* VMLA, VMLAL, VMLS,VMLSL */
5734 switch (size) {
5735 case 0: gen_helper_neon_mul_u8(tmp, tmp, tmp2); break;
5736 case 1: gen_helper_neon_mul_u16(tmp, tmp, tmp2); break;
5737 case 2: tcg_gen_mul_i32(tmp, tmp, tmp2); break;
5738 default: abort();
5739 }
5740 tcg_temp_free_i32(tmp2);
5741 tmp2 = neon_load_reg(rd, pass);
5742 if (u) { /* VMLS */
5743 gen_neon_rsb(size, tmp, tmp2);
5744 } else { /* VMLA */
5745 gen_neon_add(size, tmp, tmp2);
5746 }
5747 break;
5748 case NEON_3R_VMUL:
5749 if (u) { /* polynomial */
5750 gen_helper_neon_mul_p8(tmp, tmp, tmp2);
5751 } else { /* Integer */
5752 switch (size) {
5753 case 0: gen_helper_neon_mul_u8(tmp, tmp, tmp2); break;
5754 case 1: gen_helper_neon_mul_u16(tmp, tmp, tmp2); break;
5755 case 2: tcg_gen_mul_i32(tmp, tmp, tmp2); break;
5756 default: abort();
5757 }
5758 }
5759 break;
5760 case NEON_3R_VPMAX:
5761 GEN_NEON_INTEGER_OP(pmax);
5762 break;
5763 case NEON_3R_VPMIN:
5764 GEN_NEON_INTEGER_OP(pmin);
5765 break;
5766 case NEON_3R_VQDMULH_VQRDMULH: /* Multiply high. */
5767 if (!u) { /* VQDMULH */
5768 switch (size) {
5769 case 1:
5770 gen_helper_neon_qdmulh_s16(tmp, cpu_env, tmp, tmp2);
5771 break;
5772 case 2:
5773 gen_helper_neon_qdmulh_s32(tmp, cpu_env, tmp, tmp2);
5774 break;
5775 default: abort();
5776 }
5777 } else { /* VQRDMULH */
5778 switch (size) {
5779 case 1:
5780 gen_helper_neon_qrdmulh_s16(tmp, cpu_env, tmp, tmp2);
5781 break;
5782 case 2:
5783 gen_helper_neon_qrdmulh_s32(tmp, cpu_env, tmp, tmp2);
5784 break;
5785 default: abort();
5786 }
5787 }
5788 break;
5789 case NEON_3R_VPADD:
5790 switch (size) {
5791 case 0: gen_helper_neon_padd_u8(tmp, tmp, tmp2); break;
5792 case 1: gen_helper_neon_padd_u16(tmp, tmp, tmp2); break;
5793 case 2: tcg_gen_add_i32(tmp, tmp, tmp2); break;
5794 default: abort();
5795 }
5796 break;
5797 case NEON_3R_FLOAT_ARITH: /* Floating point arithmetic. */
5798 {
5799 TCGv_ptr fpstatus = get_fpstatus_ptr(1);
5800 switch ((u << 2) | size) {
5801 case 0: /* VADD */
5802 case 4: /* VPADD */
5803 gen_helper_vfp_adds(tmp, tmp, tmp2, fpstatus);
5804 break;
5805 case 2: /* VSUB */
5806 gen_helper_vfp_subs(tmp, tmp, tmp2, fpstatus);
5807 break;
5808 case 6: /* VABD */
5809 gen_helper_neon_abd_f32(tmp, tmp, tmp2, fpstatus);
5810 break;
5811 default:
5812 abort();
5813 }
5814 tcg_temp_free_ptr(fpstatus);
5815 break;
5816 }
5817 case NEON_3R_FLOAT_MULTIPLY:
5818 {
5819 TCGv_ptr fpstatus = get_fpstatus_ptr(1);
5820 gen_helper_vfp_muls(tmp, tmp, tmp2, fpstatus);
5821 if (!u) {
5822 tcg_temp_free_i32(tmp2);
5823 tmp2 = neon_load_reg(rd, pass);
5824 if (size == 0) {
5825 gen_helper_vfp_adds(tmp, tmp, tmp2, fpstatus);
5826 } else {
5827 gen_helper_vfp_subs(tmp, tmp2, tmp, fpstatus);
5828 }
5829 }
5830 tcg_temp_free_ptr(fpstatus);
5831 break;
5832 }
5833 case NEON_3R_FLOAT_CMP:
5834 {
5835 TCGv_ptr fpstatus = get_fpstatus_ptr(1);
5836 if (!u) {
5837 gen_helper_neon_ceq_f32(tmp, tmp, tmp2, fpstatus);
5838 } else {
5839 if (size == 0) {
5840 gen_helper_neon_cge_f32(tmp, tmp, tmp2, fpstatus);
5841 } else {
5842 gen_helper_neon_cgt_f32(tmp, tmp, tmp2, fpstatus);
5843 }
5844 }
5845 tcg_temp_free_ptr(fpstatus);
5846 break;
5847 }
5848 case NEON_3R_FLOAT_ACMP:
5849 {
5850 TCGv_ptr fpstatus = get_fpstatus_ptr(1);
5851 if (size == 0) {
5852 gen_helper_neon_acge_f32(tmp, tmp, tmp2, fpstatus);
5853 } else {
5854 gen_helper_neon_acgt_f32(tmp, tmp, tmp2, fpstatus);
5855 }
5856 tcg_temp_free_ptr(fpstatus);
5857 break;
5858 }
5859 case NEON_3R_FLOAT_MINMAX:
5860 {
5861 TCGv_ptr fpstatus = get_fpstatus_ptr(1);
5862 if (size == 0) {
5863 gen_helper_vfp_maxs(tmp, tmp, tmp2, fpstatus);
5864 } else {
5865 gen_helper_vfp_mins(tmp, tmp, tmp2, fpstatus);
5866 }
5867 tcg_temp_free_ptr(fpstatus);
5868 break;
5869 }
5870 case NEON_3R_FLOAT_MISC:
5871 if (u) {
5872 /* VMAXNM/VMINNM */
5873 TCGv_ptr fpstatus = get_fpstatus_ptr(1);
5874 if (size == 0) {
5875 gen_helper_vfp_maxnums(tmp, tmp, tmp2, fpstatus);
5876 } else {
5877 gen_helper_vfp_minnums(tmp, tmp, tmp2, fpstatus);
5878 }
5879 tcg_temp_free_ptr(fpstatus);
5880 } else {
5881 if (size == 0) {
5882 gen_helper_recps_f32(tmp, tmp, tmp2, cpu_env);
5883 } else {
5884 gen_helper_rsqrts_f32(tmp, tmp, tmp2, cpu_env);
5885 }
5886 }
5887 break;
5888 case NEON_3R_VFM:
5889 {
5890 /* VFMA, VFMS: fused multiply-add */
5891 TCGv_ptr fpstatus = get_fpstatus_ptr(1);
5892 TCGv_i32 tmp3 = neon_load_reg(rd, pass);
5893 if (size) {
5894 /* VFMS */
5895 gen_helper_vfp_negs(tmp, tmp);
5896 }
5897 gen_helper_vfp_muladds(tmp, tmp, tmp2, tmp3, fpstatus);
5898 tcg_temp_free_i32(tmp3);
5899 tcg_temp_free_ptr(fpstatus);
5900 break;
5901 }
5902 default:
5903 abort();
5904 }
5905 tcg_temp_free_i32(tmp2);
5906
5907 /* Save the result. For elementwise operations we can put it
5908 straight into the destination register. For pairwise operations
5909 we have to be careful to avoid clobbering the source operands. */
5910 if (pairwise && rd == rm) {
5911 neon_store_scratch(pass, tmp);
5912 } else {
5913 neon_store_reg(rd, pass, tmp);
5914 }
5915
5916 } /* for pass */
5917 if (pairwise && rd == rm) {
5918 for (pass = 0; pass < (q ? 4 : 2); pass++) {
5919 tmp = neon_load_scratch(pass);
5920 neon_store_reg(rd, pass, tmp);
5921 }
5922 }
5923 /* End of 3 register same size operations. */
5924 } else if (insn & (1 << 4)) {
5925 if ((insn & 0x00380080) != 0) {
5926 /* Two registers and shift. */
5927 op = (insn >> 8) & 0xf;
5928 if (insn & (1 << 7)) {
5929 /* 64-bit shift. */
5930 if (op > 7) {
5931 return 1;
5932 }
5933 size = 3;
5934 } else {
5935 size = 2;
5936 while ((insn & (1 << (size + 19))) == 0)
5937 size--;
5938 }
5939 shift = (insn >> 16) & ((1 << (3 + size)) - 1);
5940 /* To avoid excessive duplication of ops we implement shift
5941 by immediate using the variable shift operations. */
5942 if (op < 8) {
5943 /* Shift by immediate:
5944 VSHR, VSRA, VRSHR, VRSRA, VSRI, VSHL, VQSHL, VQSHLU. */
5945 if (q && ((rd | rm) & 1)) {
5946 return 1;
5947 }
5948 if (!u && (op == 4 || op == 6)) {
5949 return 1;
5950 }
5951 /* Right shifts are encoded as N - shift, where N is the
5952 element size in bits. */
5953 if (op <= 4)
5954 shift = shift - (1 << (size + 3));
5955 if (size == 3) {
5956 count = q + 1;
5957 } else {
5958 count = q ? 4: 2;
5959 }
5960 switch (size) {
5961 case 0:
5962 imm = (uint8_t) shift;
5963 imm |= imm << 8;
5964 imm |= imm << 16;
5965 break;
5966 case 1:
5967 imm = (uint16_t) shift;
5968 imm |= imm << 16;
5969 break;
5970 case 2:
5971 case 3:
5972 imm = shift;
5973 break;
5974 default:
5975 abort();
5976 }
5977
5978 for (pass = 0; pass < count; pass++) {
5979 if (size == 3) {
5980 neon_load_reg64(cpu_V0, rm + pass);
5981 tcg_gen_movi_i64(cpu_V1, imm);
5982 switch (op) {
5983 case 0: /* VSHR */
5984 case 1: /* VSRA */
5985 if (u)
5986 gen_helper_neon_shl_u64(cpu_V0, cpu_V0, cpu_V1);
5987 else
5988 gen_helper_neon_shl_s64(cpu_V0, cpu_V0, cpu_V1);
5989 break;
5990 case 2: /* VRSHR */
5991 case 3: /* VRSRA */
5992 if (u)
5993 gen_helper_neon_rshl_u64(cpu_V0, cpu_V0, cpu_V1);
5994 else
5995 gen_helper_neon_rshl_s64(cpu_V0, cpu_V0, cpu_V1);
5996 break;
5997 case 4: /* VSRI */
5998 case 5: /* VSHL, VSLI */
5999 gen_helper_neon_shl_u64(cpu_V0, cpu_V0, cpu_V1);
6000 break;
6001 case 6: /* VQSHLU */
6002 gen_helper_neon_qshlu_s64(cpu_V0, cpu_env,
6003 cpu_V0, cpu_V1);
6004 break;
6005 case 7: /* VQSHL */
6006 if (u) {
6007 gen_helper_neon_qshl_u64(cpu_V0, cpu_env,
6008 cpu_V0, cpu_V1);
6009 } else {
6010 gen_helper_neon_qshl_s64(cpu_V0, cpu_env,
6011 cpu_V0, cpu_V1);
6012 }
6013 break;
6014 }
6015 if (op == 1 || op == 3) {
6016 /* Accumulate. */
6017 neon_load_reg64(cpu_V1, rd + pass);
6018 tcg_gen_add_i64(cpu_V0, cpu_V0, cpu_V1);
6019 } else if (op == 4 || (op == 5 && u)) {
6020 /* Insert */
6021 neon_load_reg64(cpu_V1, rd + pass);
6022 uint64_t mask;
6023 if (shift < -63 || shift > 63) {
6024 mask = 0;
6025 } else {
6026 if (op == 4) {
6027 mask = 0xffffffffffffffffull >> -shift;
6028 } else {
6029 mask = 0xffffffffffffffffull << shift;
6030 }
6031 }
6032 tcg_gen_andi_i64(cpu_V1, cpu_V1, ~mask);
6033 tcg_gen_or_i64(cpu_V0, cpu_V0, cpu_V1);
6034 }
6035 neon_store_reg64(cpu_V0, rd + pass);
6036 } else { /* size < 3 */
6037 /* Operands in T0 and T1. */
6038 tmp = neon_load_reg(rm, pass);
6039 tmp2 = tcg_temp_new_i32();
6040 tcg_gen_movi_i32(tmp2, imm);
6041 switch (op) {
6042 case 0: /* VSHR */
6043 case 1: /* VSRA */
6044 GEN_NEON_INTEGER_OP(shl);
6045 break;
6046 case 2: /* VRSHR */
6047 case 3: /* VRSRA */
6048 GEN_NEON_INTEGER_OP(rshl);
6049 break;
6050 case 4: /* VSRI */
6051 case 5: /* VSHL, VSLI */
6052 switch (size) {
6053 case 0: gen_helper_neon_shl_u8(tmp, tmp, tmp2); break;
6054 case 1: gen_helper_neon_shl_u16(tmp, tmp, tmp2); break;
6055 case 2: gen_helper_neon_shl_u32(tmp, tmp, tmp2); break;
6056 default: abort();
6057 }
6058 break;
6059 case 6: /* VQSHLU */
6060 switch (size) {
6061 case 0:
6062 gen_helper_neon_qshlu_s8(tmp, cpu_env,
6063 tmp, tmp2);
6064 break;
6065 case 1:
6066 gen_helper_neon_qshlu_s16(tmp, cpu_env,
6067 tmp, tmp2);
6068 break;
6069 case 2:
6070 gen_helper_neon_qshlu_s32(tmp, cpu_env,
6071 tmp, tmp2);
6072 break;
6073 default:
6074 abort();
6075 }
6076 break;
6077 case 7: /* VQSHL */
6078 GEN_NEON_INTEGER_OP_ENV(qshl);
6079 break;
6080 }
6081 tcg_temp_free_i32(tmp2);
6082
6083 if (op == 1 || op == 3) {
6084 /* Accumulate. */
6085 tmp2 = neon_load_reg(rd, pass);
6086 gen_neon_add(size, tmp, tmp2);
6087 tcg_temp_free_i32(tmp2);
6088 } else if (op == 4 || (op == 5 && u)) {
6089 /* Insert */
6090 switch (size) {
6091 case 0:
6092 if (op == 4)
6093 mask = 0xff >> -shift;
6094 else
6095 mask = (uint8_t)(0xff << shift);
6096 mask |= mask << 8;
6097 mask |= mask << 16;
6098 break;
6099 case 1:
6100 if (op == 4)
6101 mask = 0xffff >> -shift;
6102 else
6103 mask = (uint16_t)(0xffff << shift);
6104 mask |= mask << 16;
6105 break;
6106 case 2:
6107 if (shift < -31 || shift > 31) {
6108 mask = 0;
6109 } else {
6110 if (op == 4)
6111 mask = 0xffffffffu >> -shift;
6112 else
6113 mask = 0xffffffffu << shift;
6114 }
6115 break;
6116 default:
6117 abort();
6118 }
6119 tmp2 = neon_load_reg(rd, pass);
6120 tcg_gen_andi_i32(tmp, tmp, mask);
6121 tcg_gen_andi_i32(tmp2, tmp2, ~mask);
6122 tcg_gen_or_i32(tmp, tmp, tmp2);
6123 tcg_temp_free_i32(tmp2);
6124 }
6125 neon_store_reg(rd, pass, tmp);
6126 }
6127 } /* for pass */
6128 } else if (op < 10) {
6129 /* Shift by immediate and narrow:
6130 VSHRN, VRSHRN, VQSHRN, VQRSHRN. */
6131 int input_unsigned = (op == 8) ? !u : u;
6132 if (rm & 1) {
6133 return 1;
6134 }
6135 shift = shift - (1 << (size + 3));
6136 size++;
6137 if (size == 3) {
6138 tmp64 = tcg_const_i64(shift);
6139 neon_load_reg64(cpu_V0, rm);
6140 neon_load_reg64(cpu_V1, rm + 1);
6141 for (pass = 0; pass < 2; pass++) {
6142 TCGv_i64 in;
6143 if (pass == 0) {
6144 in = cpu_V0;
6145 } else {
6146 in = cpu_V1;
6147 }
6148 if (q) {
6149 if (input_unsigned) {
6150 gen_helper_neon_rshl_u64(cpu_V0, in, tmp64);
6151 } else {
6152 gen_helper_neon_rshl_s64(cpu_V0, in, tmp64);
6153 }
6154 } else {
6155 if (input_unsigned) {
6156 gen_helper_neon_shl_u64(cpu_V0, in, tmp64);
6157 } else {
6158 gen_helper_neon_shl_s64(cpu_V0, in, tmp64);
6159 }
6160 }
6161 tmp = tcg_temp_new_i32();
6162 gen_neon_narrow_op(op == 8, u, size - 1, tmp, cpu_V0);
6163 neon_store_reg(rd, pass, tmp);
6164 } /* for pass */
6165 tcg_temp_free_i64(tmp64);
6166 } else {
6167 if (size == 1) {
6168 imm = (uint16_t)shift;
6169 imm |= imm << 16;
6170 } else {
6171 /* size == 2 */
6172 imm = (uint32_t)shift;
6173 }
6174 tmp2 = tcg_const_i32(imm);
6175 tmp4 = neon_load_reg(rm + 1, 0);
6176 tmp5 = neon_load_reg(rm + 1, 1);
6177 for (pass = 0; pass < 2; pass++) {
6178 if (pass == 0) {
6179 tmp = neon_load_reg(rm, 0);
6180 } else {
6181 tmp = tmp4;
6182 }
6183 gen_neon_shift_narrow(size, tmp, tmp2, q,
6184 input_unsigned);
6185 if (pass == 0) {
6186 tmp3 = neon_load_reg(rm, 1);
6187 } else {
6188 tmp3 = tmp5;
6189 }
6190 gen_neon_shift_narrow(size, tmp3, tmp2, q,
6191 input_unsigned);
6192 tcg_gen_concat_i32_i64(cpu_V0, tmp, tmp3);
6193 tcg_temp_free_i32(tmp);
6194 tcg_temp_free_i32(tmp3);
6195 tmp = tcg_temp_new_i32();
6196 gen_neon_narrow_op(op == 8, u, size - 1, tmp, cpu_V0);
6197 neon_store_reg(rd, pass, tmp);
6198 } /* for pass */
6199 tcg_temp_free_i32(tmp2);
6200 }
6201 } else if (op == 10) {
6202 /* VSHLL, VMOVL */
6203 if (q || (rd & 1)) {
6204 return 1;
6205 }
6206 tmp = neon_load_reg(rm, 0);
6207 tmp2 = neon_load_reg(rm, 1);
6208 for (pass = 0; pass < 2; pass++) {
6209 if (pass == 1)
6210 tmp = tmp2;
6211
6212 gen_neon_widen(cpu_V0, tmp, size, u);
6213
6214 if (shift != 0) {
6215 /* The shift is less than the width of the source
6216 type, so we can just shift the whole register. */
6217 tcg_gen_shli_i64(cpu_V0, cpu_V0, shift);
6218 /* Widen the result of shift: we need to clear
6219 * the potential overflow bits resulting from
6220 * left bits of the narrow input appearing as
6221 * right bits of left the neighbour narrow
6222 * input. */
6223 if (size < 2 || !u) {
6224 uint64_t imm64;
6225 if (size == 0) {
6226 imm = (0xffu >> (8 - shift));
6227 imm |= imm << 16;
6228 } else if (size == 1) {
6229 imm = 0xffff >> (16 - shift);
6230 } else {
6231 /* size == 2 */
6232 imm = 0xffffffff >> (32 - shift);
6233 }
6234 if (size < 2) {
6235 imm64 = imm | (((uint64_t)imm) << 32);
6236 } else {
6237 imm64 = imm;
6238 }
6239 tcg_gen_andi_i64(cpu_V0, cpu_V0, ~imm64);
6240 }
6241 }
6242 neon_store_reg64(cpu_V0, rd + pass);
6243 }
6244 } else if (op >= 14) {
6245 /* VCVT fixed-point. */
6246 if (!(insn & (1 << 21)) || (q && ((rd | rm) & 1))) {
6247 return 1;
6248 }
6249 /* We have already masked out the must-be-1 top bit of imm6,
6250 * hence this 32-shift where the ARM ARM has 64-imm6.
6251 */
6252 shift = 32 - shift;
6253 for (pass = 0; pass < (q ? 4 : 2); pass++) {
6254 tcg_gen_ld_f32(cpu_F0s, cpu_env, neon_reg_offset(rm, pass));
6255 if (!(op & 1)) {
6256 if (u)
6257 gen_vfp_ulto(0, shift, 1);
6258 else
6259 gen_vfp_slto(0, shift, 1);
6260 } else {
6261 if (u)
6262 gen_vfp_toul(0, shift, 1);
6263 else
6264 gen_vfp_tosl(0, shift, 1);
6265 }
6266 tcg_gen_st_f32(cpu_F0s, cpu_env, neon_reg_offset(rd, pass));
6267 }
6268 } else {
6269 return 1;
6270 }
6271 } else { /* (insn & 0x00380080) == 0 */
6272 int invert;
6273 if (q && (rd & 1)) {
6274 return 1;
6275 }
6276
6277 op = (insn >> 8) & 0xf;
6278 /* One register and immediate. */
6279 imm = (u << 7) | ((insn >> 12) & 0x70) | (insn & 0xf);
6280 invert = (insn & (1 << 5)) != 0;
6281 /* Note that op = 2,3,4,5,6,7,10,11,12,13 imm=0 is UNPREDICTABLE.
6282 * We choose to not special-case this and will behave as if a
6283 * valid constant encoding of 0 had been given.
6284 */
6285 switch (op) {
6286 case 0: case 1:
6287 /* no-op */
6288 break;
6289 case 2: case 3:
6290 imm <<= 8;
6291 break;
6292 case 4: case 5:
6293 imm <<= 16;
6294 break;
6295 case 6: case 7:
6296 imm <<= 24;
6297 break;
6298 case 8: case 9:
6299 imm |= imm << 16;
6300 break;
6301 case 10: case 11:
6302 imm = (imm << 8) | (imm << 24);
6303 break;
6304 case 12:
6305 imm = (imm << 8) | 0xff;
6306 break;
6307 case 13:
6308 imm = (imm << 16) | 0xffff;
6309 break;
6310 case 14:
6311 imm |= (imm << 8) | (imm << 16) | (imm << 24);
6312 if (invert)
6313 imm = ~imm;
6314 break;
6315 case 15:
6316 if (invert) {
6317 return 1;
6318 }
6319 imm = ((imm & 0x80) << 24) | ((imm & 0x3f) << 19)
6320 | ((imm & 0x40) ? (0x1f << 25) : (1 << 30));
6321 break;
6322 }
6323 if (invert)
6324 imm = ~imm;
6325
6326 for (pass = 0; pass < (q ? 4 : 2); pass++) {
6327 if (op & 1 && op < 12) {
6328 tmp = neon_load_reg(rd, pass);
6329 if (invert) {
6330 /* The immediate value has already been inverted, so
6331 BIC becomes AND. */
6332 tcg_gen_andi_i32(tmp, tmp, imm);
6333 } else {
6334 tcg_gen_ori_i32(tmp, tmp, imm);
6335 }
6336 } else {
6337 /* VMOV, VMVN. */
6338 tmp = tcg_temp_new_i32();
6339 if (op == 14 && invert) {
6340 int n;
6341 uint32_t val;
6342 val = 0;
6343 for (n = 0; n < 4; n++) {
6344 if (imm & (1 << (n + (pass & 1) * 4)))
6345 val |= 0xff << (n * 8);
6346 }
6347 tcg_gen_movi_i32(tmp, val);
6348 } else {
6349 tcg_gen_movi_i32(tmp, imm);
6350 }
6351 }
6352 neon_store_reg(rd, pass, tmp);
6353 }
6354 }
6355 } else { /* (insn & 0x00800010 == 0x00800000) */
6356 if (size != 3) {
6357 op = (insn >> 8) & 0xf;
6358 if ((insn & (1 << 6)) == 0) {
6359 /* Three registers of different lengths. */
6360 int src1_wide;
6361 int src2_wide;
6362 int prewiden;
6363 /* undefreq: bit 0 : UNDEF if size == 0
6364 * bit 1 : UNDEF if size == 1
6365 * bit 2 : UNDEF if size == 2
6366 * bit 3 : UNDEF if U == 1
6367 * Note that [2:0] set implies 'always UNDEF'
6368 */
6369 int undefreq;
6370 /* prewiden, src1_wide, src2_wide, undefreq */
6371 static const int neon_3reg_wide[16][4] = {
6372 {1, 0, 0, 0}, /* VADDL */
6373 {1, 1, 0, 0}, /* VADDW */
6374 {1, 0, 0, 0}, /* VSUBL */
6375 {1, 1, 0, 0}, /* VSUBW */
6376 {0, 1, 1, 0}, /* VADDHN */
6377 {0, 0, 0, 0}, /* VABAL */
6378 {0, 1, 1, 0}, /* VSUBHN */
6379 {0, 0, 0, 0}, /* VABDL */
6380 {0, 0, 0, 0}, /* VMLAL */
6381 {0, 0, 0, 9}, /* VQDMLAL */
6382 {0, 0, 0, 0}, /* VMLSL */
6383 {0, 0, 0, 9}, /* VQDMLSL */
6384 {0, 0, 0, 0}, /* Integer VMULL */
6385 {0, 0, 0, 1}, /* VQDMULL */
6386 {0, 0, 0, 0xa}, /* Polynomial VMULL */
6387 {0, 0, 0, 7}, /* Reserved: always UNDEF */
6388 };
6389
6390 prewiden = neon_3reg_wide[op][0];
6391 src1_wide = neon_3reg_wide[op][1];
6392 src2_wide = neon_3reg_wide[op][2];
6393 undefreq = neon_3reg_wide[op][3];
6394
6395 if ((undefreq & (1 << size)) ||
6396 ((undefreq & 8) && u)) {
6397 return 1;
6398 }
6399 if ((src1_wide && (rn & 1)) ||
6400 (src2_wide && (rm & 1)) ||
6401 (!src2_wide && (rd & 1))) {
6402 return 1;
6403 }
6404
6405 /* Handle VMULL.P64 (Polynomial 64x64 to 128 bit multiply)
6406 * outside the loop below as it only performs a single pass.
6407 */
6408 if (op == 14 && size == 2) {
6409 TCGv_i64 tcg_rn, tcg_rm, tcg_rd;
6410
6411 if (!arm_dc_feature(s, ARM_FEATURE_V8_PMULL)) {
6412 return 1;
6413 }
6414 tcg_rn = tcg_temp_new_i64();
6415 tcg_rm = tcg_temp_new_i64();
6416 tcg_rd = tcg_temp_new_i64();
6417 neon_load_reg64(tcg_rn, rn);
6418 neon_load_reg64(tcg_rm, rm);
6419 gen_helper_neon_pmull_64_lo(tcg_rd, tcg_rn, tcg_rm);
6420 neon_store_reg64(tcg_rd, rd);
6421 gen_helper_neon_pmull_64_hi(tcg_rd, tcg_rn, tcg_rm);
6422 neon_store_reg64(tcg_rd, rd + 1);
6423 tcg_temp_free_i64(tcg_rn);
6424 tcg_temp_free_i64(tcg_rm);
6425 tcg_temp_free_i64(tcg_rd);
6426 return 0;
6427 }
6428
6429 /* Avoid overlapping operands. Wide source operands are
6430 always aligned so will never overlap with wide
6431 destinations in problematic ways. */
6432 if (rd == rm && !src2_wide) {
6433 tmp = neon_load_reg(rm, 1);
6434 neon_store_scratch(2, tmp);
6435 } else if (rd == rn && !src1_wide) {
6436 tmp = neon_load_reg(rn, 1);
6437 neon_store_scratch(2, tmp);
6438 }
6439 TCGV_UNUSED_I32(tmp3);
6440 for (pass = 0; pass < 2; pass++) {
6441 if (src1_wide) {
6442 neon_load_reg64(cpu_V0, rn + pass);
6443 TCGV_UNUSED_I32(tmp);
6444 } else {
6445 if (pass == 1 && rd == rn) {
6446 tmp = neon_load_scratch(2);
6447 } else {
6448 tmp = neon_load_reg(rn, pass);
6449 }
6450 if (prewiden) {
6451 gen_neon_widen(cpu_V0, tmp, size, u);
6452 }
6453 }
6454 if (src2_wide) {
6455 neon_load_reg64(cpu_V1, rm + pass);
6456 TCGV_UNUSED_I32(tmp2);
6457 } else {
6458 if (pass == 1 && rd == rm) {
6459 tmp2 = neon_load_scratch(2);
6460 } else {
6461 tmp2 = neon_load_reg(rm, pass);
6462 }
6463 if (prewiden) {
6464 gen_neon_widen(cpu_V1, tmp2, size, u);
6465 }
6466 }
6467 switch (op) {
6468 case 0: case 1: case 4: /* VADDL, VADDW, VADDHN, VRADDHN */
6469 gen_neon_addl(size);
6470 break;
6471 case 2: case 3: case 6: /* VSUBL, VSUBW, VSUBHN, VRSUBHN */
6472 gen_neon_subl(size);
6473 break;
6474 case 5: case 7: /* VABAL, VABDL */
6475 switch ((size << 1) | u) {
6476 case 0:
6477 gen_helper_neon_abdl_s16(cpu_V0, tmp, tmp2);
6478 break;
6479 case 1:
6480 gen_helper_neon_abdl_u16(cpu_V0, tmp, tmp2);
6481 break;
6482 case 2:
6483 gen_helper_neon_abdl_s32(cpu_V0, tmp, tmp2);
6484 break;
6485 case 3:
6486 gen_helper_neon_abdl_u32(cpu_V0, tmp, tmp2);
6487 break;
6488 case 4:
6489 gen_helper_neon_abdl_s64(cpu_V0, tmp, tmp2);
6490 break;
6491 case 5:
6492 gen_helper_neon_abdl_u64(cpu_V0, tmp, tmp2);
6493 break;
6494 default: abort();
6495 }
6496 tcg_temp_free_i32(tmp2);
6497 tcg_temp_free_i32(tmp);
6498 break;
6499 case 8: case 9: case 10: case 11: case 12: case 13:
6500 /* VMLAL, VQDMLAL, VMLSL, VQDMLSL, VMULL, VQDMULL */
6501 gen_neon_mull(cpu_V0, tmp, tmp2, size, u);
6502 break;
6503 case 14: /* Polynomial VMULL */
6504 gen_helper_neon_mull_p8(cpu_V0, tmp, tmp2);
6505 tcg_temp_free_i32(tmp2);
6506 tcg_temp_free_i32(tmp);
6507 break;
6508 default: /* 15 is RESERVED: caught earlier */
6509 abort();
6510 }
6511 if (op == 13) {
6512 /* VQDMULL */
6513 gen_neon_addl_saturate(cpu_V0, cpu_V0, size);
6514 neon_store_reg64(cpu_V0, rd + pass);
6515 } else if (op == 5 || (op >= 8 && op <= 11)) {
6516 /* Accumulate. */
6517 neon_load_reg64(cpu_V1, rd + pass);
6518 switch (op) {
6519 case 10: /* VMLSL */
6520 gen_neon_negl(cpu_V0, size);
6521 /* Fall through */
6522 case 5: case 8: /* VABAL, VMLAL */
6523 gen_neon_addl(size);
6524 break;
6525 case 9: case 11: /* VQDMLAL, VQDMLSL */
6526 gen_neon_addl_saturate(cpu_V0, cpu_V0, size);
6527 if (op == 11) {
6528 gen_neon_negl(cpu_V0, size);
6529 }
6530 gen_neon_addl_saturate(cpu_V0, cpu_V1, size);
6531 break;
6532 default:
6533 abort();
6534 }
6535 neon_store_reg64(cpu_V0, rd + pass);
6536 } else if (op == 4 || op == 6) {
6537 /* Narrowing operation. */
6538 tmp = tcg_temp_new_i32();
6539 if (!u) {
6540 switch (size) {
6541 case 0:
6542 gen_helper_neon_narrow_high_u8(tmp, cpu_V0);
6543 break;
6544 case 1:
6545 gen_helper_neon_narrow_high_u16(tmp, cpu_V0);
6546 break;
6547 case 2:
6548 tcg_gen_shri_i64(cpu_V0, cpu_V0, 32);
6549 tcg_gen_extrl_i64_i32(tmp, cpu_V0);
6550 break;
6551 default: abort();
6552 }
6553 } else {
6554 switch (size) {
6555 case 0:
6556 gen_helper_neon_narrow_round_high_u8(tmp, cpu_V0);
6557 break;
6558 case 1:
6559 gen_helper_neon_narrow_round_high_u16(tmp, cpu_V0);
6560 break;
6561 case 2:
6562 tcg_gen_addi_i64(cpu_V0, cpu_V0, 1u << 31);
6563 tcg_gen_shri_i64(cpu_V0, cpu_V0, 32);
6564 tcg_gen_extrl_i64_i32(tmp, cpu_V0);
6565 break;
6566 default: abort();
6567 }
6568 }
6569 if (pass == 0) {
6570 tmp3 = tmp;
6571 } else {
6572 neon_store_reg(rd, 0, tmp3);
6573 neon_store_reg(rd, 1, tmp);
6574 }
6575 } else {
6576 /* Write back the result. */
6577 neon_store_reg64(cpu_V0, rd + pass);
6578 }
6579 }
6580 } else {
6581 /* Two registers and a scalar. NB that for ops of this form
6582 * the ARM ARM labels bit 24 as Q, but it is in our variable
6583 * 'u', not 'q'.
6584 */
6585 if (size == 0) {
6586 return 1;
6587 }
6588 switch (op) {
6589 case 1: /* Float VMLA scalar */
6590 case 5: /* Floating point VMLS scalar */
6591 case 9: /* Floating point VMUL scalar */
6592 if (size == 1) {
6593 return 1;
6594 }
6595 /* fall through */
6596 case 0: /* Integer VMLA scalar */
6597 case 4: /* Integer VMLS scalar */
6598 case 8: /* Integer VMUL scalar */
6599 case 12: /* VQDMULH scalar */
6600 case 13: /* VQRDMULH scalar */
6601 if (u && ((rd | rn) & 1)) {
6602 return 1;
6603 }
6604 tmp = neon_get_scalar(size, rm);
6605 neon_store_scratch(0, tmp);
6606 for (pass = 0; pass < (u ? 4 : 2); pass++) {
6607 tmp = neon_load_scratch(0);
6608 tmp2 = neon_load_reg(rn, pass);
6609 if (op == 12) {
6610 if (size == 1) {
6611 gen_helper_neon_qdmulh_s16(tmp, cpu_env, tmp, tmp2);
6612 } else {
6613 gen_helper_neon_qdmulh_s32(tmp, cpu_env, tmp, tmp2);
6614 }
6615 } else if (op == 13) {
6616 if (size == 1) {
6617 gen_helper_neon_qrdmulh_s16(tmp, cpu_env, tmp, tmp2);
6618 } else {
6619 gen_helper_neon_qrdmulh_s32(tmp, cpu_env, tmp, tmp2);
6620 }
6621 } else if (op & 1) {
6622 TCGv_ptr fpstatus = get_fpstatus_ptr(1);
6623 gen_helper_vfp_muls(tmp, tmp, tmp2, fpstatus);
6624 tcg_temp_free_ptr(fpstatus);
6625 } else {
6626 switch (size) {
6627 case 0: gen_helper_neon_mul_u8(tmp, tmp, tmp2); break;
6628 case 1: gen_helper_neon_mul_u16(tmp, tmp, tmp2); break;
6629 case 2: tcg_gen_mul_i32(tmp, tmp, tmp2); break;
6630 default: abort();
6631 }
6632 }
6633 tcg_temp_free_i32(tmp2);
6634 if (op < 8) {
6635 /* Accumulate. */
6636 tmp2 = neon_load_reg(rd, pass);
6637 switch (op) {
6638 case 0:
6639 gen_neon_add(size, tmp, tmp2);
6640 break;
6641 case 1:
6642 {
6643 TCGv_ptr fpstatus = get_fpstatus_ptr(1);
6644 gen_helper_vfp_adds(tmp, tmp, tmp2, fpstatus);
6645 tcg_temp_free_ptr(fpstatus);
6646 break;
6647 }
6648 case 4:
6649 gen_neon_rsb(size, tmp, tmp2);
6650 break;
6651 case 5:
6652 {
6653 TCGv_ptr fpstatus = get_fpstatus_ptr(1);
6654 gen_helper_vfp_subs(tmp, tmp2, tmp, fpstatus);
6655 tcg_temp_free_ptr(fpstatus);
6656 break;
6657 }
6658 default:
6659 abort();
6660 }
6661 tcg_temp_free_i32(tmp2);
6662 }
6663 neon_store_reg(rd, pass, tmp);
6664 }
6665 break;
6666 case 3: /* VQDMLAL scalar */
6667 case 7: /* VQDMLSL scalar */
6668 case 11: /* VQDMULL scalar */
6669 if (u == 1) {
6670 return 1;
6671 }
6672 /* fall through */
6673 case 2: /* VMLAL sclar */
6674 case 6: /* VMLSL scalar */
6675 case 10: /* VMULL scalar */
6676 if (rd & 1) {
6677 return 1;
6678 }
6679 tmp2 = neon_get_scalar(size, rm);
6680 /* We need a copy of tmp2 because gen_neon_mull
6681 * deletes it during pass 0. */
6682 tmp4 = tcg_temp_new_i32();
6683 tcg_gen_mov_i32(tmp4, tmp2);
6684 tmp3 = neon_load_reg(rn, 1);
6685
6686 for (pass = 0; pass < 2; pass++) {
6687 if (pass == 0) {
6688 tmp = neon_load_reg(rn, 0);
6689 } else {
6690 tmp = tmp3;
6691 tmp2 = tmp4;
6692 }
6693 gen_neon_mull(cpu_V0, tmp, tmp2, size, u);
6694 if (op != 11) {
6695 neon_load_reg64(cpu_V1, rd + pass);
6696 }
6697 switch (op) {
6698 case 6:
6699 gen_neon_negl(cpu_V0, size);
6700 /* Fall through */
6701 case 2:
6702 gen_neon_addl(size);
6703 break;
6704 case 3: case 7:
6705 gen_neon_addl_saturate(cpu_V0, cpu_V0, size);
6706 if (op == 7) {
6707 gen_neon_negl(cpu_V0, size);
6708 }
6709 gen_neon_addl_saturate(cpu_V0, cpu_V1, size);
6710 break;
6711 case 10:
6712 /* no-op */
6713 break;
6714 case 11:
6715 gen_neon_addl_saturate(cpu_V0, cpu_V0, size);
6716 break;
6717 default:
6718 abort();
6719 }
6720 neon_store_reg64(cpu_V0, rd + pass);
6721 }
6722
6723
6724 break;
6725 default: /* 14 and 15 are RESERVED */
6726 return 1;
6727 }
6728 }
6729 } else { /* size == 3 */
6730 if (!u) {
6731 /* Extract. */
6732 imm = (insn >> 8) & 0xf;
6733
6734 if (imm > 7 && !q)
6735 return 1;
6736
6737 if (q && ((rd | rn | rm) & 1)) {
6738 return 1;
6739 }
6740
6741 if (imm == 0) {
6742 neon_load_reg64(cpu_V0, rn);
6743 if (q) {
6744 neon_load_reg64(cpu_V1, rn + 1);
6745 }
6746 } else if (imm == 8) {
6747 neon_load_reg64(cpu_V0, rn + 1);
6748 if (q) {
6749 neon_load_reg64(cpu_V1, rm);
6750 }
6751 } else if (q) {
6752 tmp64 = tcg_temp_new_i64();
6753 if (imm < 8) {
6754 neon_load_reg64(cpu_V0, rn);
6755 neon_load_reg64(tmp64, rn + 1);
6756 } else {
6757 neon_load_reg64(cpu_V0, rn + 1);
6758 neon_load_reg64(tmp64, rm);
6759 }
6760 tcg_gen_shri_i64(cpu_V0, cpu_V0, (imm & 7) * 8);
6761 tcg_gen_shli_i64(cpu_V1, tmp64, 64 - ((imm & 7) * 8));
6762 tcg_gen_or_i64(cpu_V0, cpu_V0, cpu_V1);
6763 if (imm < 8) {
6764 neon_load_reg64(cpu_V1, rm);
6765 } else {
6766 neon_load_reg64(cpu_V1, rm + 1);
6767 imm -= 8;
6768 }
6769 tcg_gen_shli_i64(cpu_V1, cpu_V1, 64 - (imm * 8));
6770 tcg_gen_shri_i64(tmp64, tmp64, imm * 8);
6771 tcg_gen_or_i64(cpu_V1, cpu_V1, tmp64);
6772 tcg_temp_free_i64(tmp64);
6773 } else {
6774 /* BUGFIX */
6775 neon_load_reg64(cpu_V0, rn);
6776 tcg_gen_shri_i64(cpu_V0, cpu_V0, imm * 8);
6777 neon_load_reg64(cpu_V1, rm);
6778 tcg_gen_shli_i64(cpu_V1, cpu_V1, 64 - (imm * 8));
6779 tcg_gen_or_i64(cpu_V0, cpu_V0, cpu_V1);
6780 }
6781 neon_store_reg64(cpu_V0, rd);
6782 if (q) {
6783 neon_store_reg64(cpu_V1, rd + 1);
6784 }
6785 } else if ((insn & (1 << 11)) == 0) {
6786 /* Two register misc. */
6787 op = ((insn >> 12) & 0x30) | ((insn >> 7) & 0xf);
6788 size = (insn >> 18) & 3;
6789 /* UNDEF for unknown op values and bad op-size combinations */
6790 if ((neon_2rm_sizes[op] & (1 << size)) == 0) {
6791 return 1;
6792 }
6793 if ((op != NEON_2RM_VMOVN && op != NEON_2RM_VQMOVN) &&
6794 q && ((rm | rd) & 1)) {
6795 return 1;
6796 }
6797 switch (op) {
6798 case NEON_2RM_VREV64:
6799 for (pass = 0; pass < (q ? 2 : 1); pass++) {
6800 tmp = neon_load_reg(rm, pass * 2);
6801 tmp2 = neon_load_reg(rm, pass * 2 + 1);
6802 switch (size) {
6803 case 0: tcg_gen_bswap32_i32(tmp, tmp); break;
6804 case 1: gen_swap_half(tmp); break;
6805 case 2: /* no-op */ break;
6806 default: abort();
6807 }
6808 neon_store_reg(rd, pass * 2 + 1, tmp);
6809 if (size == 2) {
6810 neon_store_reg(rd, pass * 2, tmp2);
6811 } else {
6812 switch (size) {
6813 case 0: tcg_gen_bswap32_i32(tmp2, tmp2); break;
6814 case 1: gen_swap_half(tmp2); break;
6815 default: abort();
6816 }
6817 neon_store_reg(rd, pass * 2, tmp2);
6818 }
6819 }
6820 break;
6821 case NEON_2RM_VPADDL: case NEON_2RM_VPADDL_U:
6822 case NEON_2RM_VPADAL: case NEON_2RM_VPADAL_U:
6823 for (pass = 0; pass < q + 1; pass++) {
6824 tmp = neon_load_reg(rm, pass * 2);
6825 gen_neon_widen(cpu_V0, tmp, size, op & 1);
6826 tmp = neon_load_reg(rm, pass * 2 + 1);
6827 gen_neon_widen(cpu_V1, tmp, size, op & 1);
6828 switch (size) {
6829 case 0: gen_helper_neon_paddl_u16(CPU_V001); break;
6830 case 1: gen_helper_neon_paddl_u32(CPU_V001); break;
6831 case 2: tcg_gen_add_i64(CPU_V001); break;
6832 default: abort();
6833 }
6834 if (op >= NEON_2RM_VPADAL) {
6835 /* Accumulate. */
6836 neon_load_reg64(cpu_V1, rd + pass);
6837 gen_neon_addl(size);
6838 }
6839 neon_store_reg64(cpu_V0, rd + pass);
6840 }
6841 break;
6842 case NEON_2RM_VTRN:
6843 if (size == 2) {
6844 int n;
6845 for (n = 0; n < (q ? 4 : 2); n += 2) {
6846 tmp = neon_load_reg(rm, n);
6847 tmp2 = neon_load_reg(rd, n + 1);
6848 neon_store_reg(rm, n, tmp2);
6849 neon_store_reg(rd, n + 1, tmp);
6850 }
6851 } else {
6852 goto elementwise;
6853 }
6854 break;
6855 case NEON_2RM_VUZP:
6856 if (gen_neon_unzip(rd, rm, size, q)) {
6857 return 1;
6858 }
6859 break;
6860 case NEON_2RM_VZIP:
6861 if (gen_neon_zip(rd, rm, size, q)) {
6862 return 1;
6863 }
6864 break;
6865 case NEON_2RM_VMOVN: case NEON_2RM_VQMOVN:
6866 /* also VQMOVUN; op field and mnemonics don't line up */
6867 if (rm & 1) {
6868 return 1;
6869 }
6870 TCGV_UNUSED_I32(tmp2);
6871 for (pass = 0; pass < 2; pass++) {
6872 neon_load_reg64(cpu_V0, rm + pass);
6873 tmp = tcg_temp_new_i32();
6874 gen_neon_narrow_op(op == NEON_2RM_VMOVN, q, size,
6875 tmp, cpu_V0);
6876 if (pass == 0) {
6877 tmp2 = tmp;
6878 } else {
6879 neon_store_reg(rd, 0, tmp2);
6880 neon_store_reg(rd, 1, tmp);
6881 }
6882 }
6883 break;
6884 case NEON_2RM_VSHLL:
6885 if (q || (rd & 1)) {
6886 return 1;
6887 }
6888 tmp = neon_load_reg(rm, 0);
6889 tmp2 = neon_load_reg(rm, 1);
6890 for (pass = 0; pass < 2; pass++) {
6891 if (pass == 1)
6892 tmp = tmp2;
6893 gen_neon_widen(cpu_V0, tmp, size, 1);
6894 tcg_gen_shli_i64(cpu_V0, cpu_V0, 8 << size);
6895 neon_store_reg64(cpu_V0, rd + pass);
6896 }
6897 break;
6898 case NEON_2RM_VCVT_F16_F32:
6899 if (!arm_dc_feature(s, ARM_FEATURE_VFP_FP16) ||
6900 q || (rm & 1)) {
6901 return 1;
6902 }
6903 tmp = tcg_temp_new_i32();
6904 tmp2 = tcg_temp_new_i32();
6905 tcg_gen_ld_f32(cpu_F0s, cpu_env, neon_reg_offset(rm, 0));
6906 gen_helper_neon_fcvt_f32_to_f16(tmp, cpu_F0s, cpu_env);
6907 tcg_gen_ld_f32(cpu_F0s, cpu_env, neon_reg_offset(rm, 1));
6908 gen_helper_neon_fcvt_f32_to_f16(tmp2, cpu_F0s, cpu_env);
6909 tcg_gen_shli_i32(tmp2, tmp2, 16);
6910 tcg_gen_or_i32(tmp2, tmp2, tmp);
6911 tcg_gen_ld_f32(cpu_F0s, cpu_env, neon_reg_offset(rm, 2));
6912 gen_helper_neon_fcvt_f32_to_f16(tmp, cpu_F0s, cpu_env);
6913 tcg_gen_ld_f32(cpu_F0s, cpu_env, neon_reg_offset(rm, 3));
6914 neon_store_reg(rd, 0, tmp2);
6915 tmp2 = tcg_temp_new_i32();
6916 gen_helper_neon_fcvt_f32_to_f16(tmp2, cpu_F0s, cpu_env);
6917 tcg_gen_shli_i32(tmp2, tmp2, 16);
6918 tcg_gen_or_i32(tmp2, tmp2, tmp);
6919 neon_store_reg(rd, 1, tmp2);
6920 tcg_temp_free_i32(tmp);
6921 break;
6922 case NEON_2RM_VCVT_F32_F16:
6923 if (!arm_dc_feature(s, ARM_FEATURE_VFP_FP16) ||
6924 q || (rd & 1)) {
6925 return 1;
6926 }
6927 tmp3 = tcg_temp_new_i32();
6928 tmp = neon_load_reg(rm, 0);
6929 tmp2 = neon_load_reg(rm, 1);
6930 tcg_gen_ext16u_i32(tmp3, tmp);
6931 gen_helper_neon_fcvt_f16_to_f32(cpu_F0s, tmp3, cpu_env);
6932 tcg_gen_st_f32(cpu_F0s, cpu_env, neon_reg_offset(rd, 0));
6933 tcg_gen_shri_i32(tmp3, tmp, 16);
6934 gen_helper_neon_fcvt_f16_to_f32(cpu_F0s, tmp3, cpu_env);
6935 tcg_gen_st_f32(cpu_F0s, cpu_env, neon_reg_offset(rd, 1));
6936 tcg_temp_free_i32(tmp);
6937 tcg_gen_ext16u_i32(tmp3, tmp2);
6938 gen_helper_neon_fcvt_f16_to_f32(cpu_F0s, tmp3, cpu_env);
6939 tcg_gen_st_f32(cpu_F0s, cpu_env, neon_reg_offset(rd, 2));
6940 tcg_gen_shri_i32(tmp3, tmp2, 16);
6941 gen_helper_neon_fcvt_f16_to_f32(cpu_F0s, tmp3, cpu_env);
6942 tcg_gen_st_f32(cpu_F0s, cpu_env, neon_reg_offset(rd, 3));
6943 tcg_temp_free_i32(tmp2);
6944 tcg_temp_free_i32(tmp3);
6945 break;
6946 case NEON_2RM_AESE: case NEON_2RM_AESMC:
6947 if (!arm_dc_feature(s, ARM_FEATURE_V8_AES)
6948 || ((rm | rd) & 1)) {
6949 return 1;
6950 }
6951 tmp = tcg_const_i32(rd);
6952 tmp2 = tcg_const_i32(rm);
6953
6954 /* Bit 6 is the lowest opcode bit; it distinguishes between
6955 * encryption (AESE/AESMC) and decryption (AESD/AESIMC)
6956 */
6957 tmp3 = tcg_const_i32(extract32(insn, 6, 1));
6958
6959 if (op == NEON_2RM_AESE) {
6960 gen_helper_crypto_aese(cpu_env, tmp, tmp2, tmp3);
6961 } else {
6962 gen_helper_crypto_aesmc(cpu_env, tmp, tmp2, tmp3);
6963 }
6964 tcg_temp_free_i32(tmp);
6965 tcg_temp_free_i32(tmp2);
6966 tcg_temp_free_i32(tmp3);
6967 break;
6968 case NEON_2RM_SHA1H:
6969 if (!arm_dc_feature(s, ARM_FEATURE_V8_SHA1)
6970 || ((rm | rd) & 1)) {
6971 return 1;
6972 }
6973 tmp = tcg_const_i32(rd);
6974 tmp2 = tcg_const_i32(rm);
6975
6976 gen_helper_crypto_sha1h(cpu_env, tmp, tmp2);
6977
6978 tcg_temp_free_i32(tmp);
6979 tcg_temp_free_i32(tmp2);
6980 break;
6981 case NEON_2RM_SHA1SU1:
6982 if ((rm | rd) & 1) {
6983 return 1;
6984 }
6985 /* bit 6 (q): set -> SHA256SU0, cleared -> SHA1SU1 */
6986 if (q) {
6987 if (!arm_dc_feature(s, ARM_FEATURE_V8_SHA256)) {
6988 return 1;
6989 }
6990 } else if (!arm_dc_feature(s, ARM_FEATURE_V8_SHA1)) {
6991 return 1;
6992 }
6993 tmp = tcg_const_i32(rd);
6994 tmp2 = tcg_const_i32(rm);
6995 if (q) {
6996 gen_helper_crypto_sha256su0(cpu_env, tmp, tmp2);
6997 } else {
6998 gen_helper_crypto_sha1su1(cpu_env, tmp, tmp2);
6999 }
7000 tcg_temp_free_i32(tmp);
7001 tcg_temp_free_i32(tmp2);
7002 break;
7003 default:
7004 elementwise:
7005 for (pass = 0; pass < (q ? 4 : 2); pass++) {
7006 if (neon_2rm_is_float_op(op)) {
7007 tcg_gen_ld_f32(cpu_F0s, cpu_env,
7008 neon_reg_offset(rm, pass));
7009 TCGV_UNUSED_I32(tmp);
7010 } else {
7011 tmp = neon_load_reg(rm, pass);
7012 }
7013 switch (op) {
7014 case NEON_2RM_VREV32:
7015 switch (size) {
7016 case 0: tcg_gen_bswap32_i32(tmp, tmp); break;
7017 case 1: gen_swap_half(tmp); break;
7018 default: abort();
7019 }
7020 break;
7021 case NEON_2RM_VREV16:
7022 gen_rev16(tmp);
7023 break;
7024 case NEON_2RM_VCLS:
7025 switch (size) {
7026 case 0: gen_helper_neon_cls_s8(tmp, tmp); break;
7027 case 1: gen_helper_neon_cls_s16(tmp, tmp); break;
7028 case 2: gen_helper_neon_cls_s32(tmp, tmp); break;
7029 default: abort();
7030 }
7031 break;
7032 case NEON_2RM_VCLZ:
7033 switch (size) {
7034 case 0: gen_helper_neon_clz_u8(tmp, tmp); break;
7035 case 1: gen_helper_neon_clz_u16(tmp, tmp); break;
7036 case 2: gen_helper_clz(tmp, tmp); break;
7037 default: abort();
7038 }
7039 break;
7040 case NEON_2RM_VCNT:
7041 gen_helper_neon_cnt_u8(tmp, tmp);
7042 break;
7043 case NEON_2RM_VMVN:
7044 tcg_gen_not_i32(tmp, tmp);
7045 break;
7046 case NEON_2RM_VQABS:
7047 switch (size) {
7048 case 0:
7049 gen_helper_neon_qabs_s8(tmp, cpu_env, tmp);
7050 break;
7051 case 1:
7052 gen_helper_neon_qabs_s16(tmp, cpu_env, tmp);
7053 break;
7054 case 2:
7055 gen_helper_neon_qabs_s32(tmp, cpu_env, tmp);
7056 break;
7057 default: abort();
7058 }
7059 break;
7060 case NEON_2RM_VQNEG:
7061 switch (size) {
7062 case 0:
7063 gen_helper_neon_qneg_s8(tmp, cpu_env, tmp);
7064 break;
7065 case 1:
7066 gen_helper_neon_qneg_s16(tmp, cpu_env, tmp);
7067 break;
7068 case 2:
7069 gen_helper_neon_qneg_s32(tmp, cpu_env, tmp);
7070 break;
7071 default: abort();
7072 }
7073 break;
7074 case NEON_2RM_VCGT0: case NEON_2RM_VCLE0:
7075 tmp2 = tcg_const_i32(0);
7076 switch(size) {
7077 case 0: gen_helper_neon_cgt_s8(tmp, tmp, tmp2); break;
7078 case 1: gen_helper_neon_cgt_s16(tmp, tmp, tmp2); break;
7079 case 2: gen_helper_neon_cgt_s32(tmp, tmp, tmp2); break;
7080 default: abort();
7081 }
7082 tcg_temp_free_i32(tmp2);
7083 if (op == NEON_2RM_VCLE0) {
7084 tcg_gen_not_i32(tmp, tmp);
7085 }
7086 break;
7087 case NEON_2RM_VCGE0: case NEON_2RM_VCLT0:
7088 tmp2 = tcg_const_i32(0);
7089 switch(size) {
7090 case 0: gen_helper_neon_cge_s8(tmp, tmp, tmp2); break;
7091 case 1: gen_helper_neon_cge_s16(tmp, tmp, tmp2); break;
7092 case 2: gen_helper_neon_cge_s32(tmp, tmp, tmp2); break;
7093 default: abort();
7094 }
7095 tcg_temp_free_i32(tmp2);
7096 if (op == NEON_2RM_VCLT0) {
7097 tcg_gen_not_i32(tmp, tmp);
7098 }
7099 break;
7100 case NEON_2RM_VCEQ0:
7101 tmp2 = tcg_const_i32(0);
7102 switch(size) {
7103 case 0: gen_helper_neon_ceq_u8(tmp, tmp, tmp2); break;
7104 case 1: gen_helper_neon_ceq_u16(tmp, tmp, tmp2); break;
7105 case 2: gen_helper_neon_ceq_u32(tmp, tmp, tmp2); break;
7106 default: abort();
7107 }
7108 tcg_temp_free_i32(tmp2);
7109 break;
7110 case NEON_2RM_VABS:
7111 switch(size) {
7112 case 0: gen_helper_neon_abs_s8(tmp, tmp); break;
7113 case 1: gen_helper_neon_abs_s16(tmp, tmp); break;
7114 case 2: tcg_gen_abs_i32(tmp, tmp); break;
7115 default: abort();
7116 }
7117 break;
7118 case NEON_2RM_VNEG:
7119 tmp2 = tcg_const_i32(0);
7120 gen_neon_rsb(size, tmp, tmp2);
7121 tcg_temp_free_i32(tmp2);
7122 break;
7123 case NEON_2RM_VCGT0_F:
7124 {
7125 TCGv_ptr fpstatus = get_fpstatus_ptr(1);
7126 tmp2 = tcg_const_i32(0);
7127 gen_helper_neon_cgt_f32(tmp, tmp, tmp2, fpstatus);
7128 tcg_temp_free_i32(tmp2);
7129 tcg_temp_free_ptr(fpstatus);
7130 break;
7131 }
7132 case NEON_2RM_VCGE0_F:
7133 {
7134 TCGv_ptr fpstatus = get_fpstatus_ptr(1);
7135 tmp2 = tcg_const_i32(0);
7136 gen_helper_neon_cge_f32(tmp, tmp, tmp2, fpstatus);
7137 tcg_temp_free_i32(tmp2);
7138 tcg_temp_free_ptr(fpstatus);
7139 break;
7140 }
7141 case NEON_2RM_VCEQ0_F:
7142 {
7143 TCGv_ptr fpstatus = get_fpstatus_ptr(1);
7144 tmp2 = tcg_const_i32(0);
7145 gen_helper_neon_ceq_f32(tmp, tmp, tmp2, fpstatus);
7146 tcg_temp_free_i32(tmp2);
7147 tcg_temp_free_ptr(fpstatus);
7148 break;
7149 }
7150 case NEON_2RM_VCLE0_F:
7151 {
7152 TCGv_ptr fpstatus = get_fpstatus_ptr(1);
7153 tmp2 = tcg_const_i32(0);
7154 gen_helper_neon_cge_f32(tmp, tmp2, tmp, fpstatus);
7155 tcg_temp_free_i32(tmp2);
7156 tcg_temp_free_ptr(fpstatus);
7157 break;
7158 }
7159 case NEON_2RM_VCLT0_F:
7160 {
7161 TCGv_ptr fpstatus = get_fpstatus_ptr(1);
7162 tmp2 = tcg_const_i32(0);
7163 gen_helper_neon_cgt_f32(tmp, tmp2, tmp, fpstatus);
7164 tcg_temp_free_i32(tmp2);
7165 tcg_temp_free_ptr(fpstatus);
7166 break;
7167 }
7168 case NEON_2RM_VABS_F:
7169 gen_vfp_abs(0);
7170 break;
7171 case NEON_2RM_VNEG_F:
7172 gen_vfp_neg(0);
7173 break;
7174 case NEON_2RM_VSWP:
7175 tmp2 = neon_load_reg(rd, pass);
7176 neon_store_reg(rm, pass, tmp2);
7177 break;
7178 case NEON_2RM_VTRN:
7179 tmp2 = neon_load_reg(rd, pass);
7180 switch (size) {
7181 case 0: gen_neon_trn_u8(tmp, tmp2); break;
7182 case 1: gen_neon_trn_u16(tmp, tmp2); break;
7183 default: abort();
7184 }
7185 neon_store_reg(rm, pass, tmp2);
7186 break;
7187 case NEON_2RM_VRINTN:
7188 case NEON_2RM_VRINTA:
7189 case NEON_2RM_VRINTM:
7190 case NEON_2RM_VRINTP:
7191 case NEON_2RM_VRINTZ:
7192 {
7193 TCGv_i32 tcg_rmode;
7194 TCGv_ptr fpstatus = get_fpstatus_ptr(1);
7195 int rmode;
7196
7197 if (op == NEON_2RM_VRINTZ) {
7198 rmode = FPROUNDING_ZERO;
7199 } else {
7200 rmode = fp_decode_rm[((op & 0x6) >> 1) ^ 1];
7201 }
7202
7203 tcg_rmode = tcg_const_i32(arm_rmode_to_sf(rmode));
7204 gen_helper_set_neon_rmode(tcg_rmode, tcg_rmode,
7205 cpu_env);
7206 gen_helper_rints(cpu_F0s, cpu_F0s, fpstatus);
7207 gen_helper_set_neon_rmode(tcg_rmode, tcg_rmode,
7208 cpu_env);
7209 tcg_temp_free_ptr(fpstatus);
7210 tcg_temp_free_i32(tcg_rmode);
7211 break;
7212 }
7213 case NEON_2RM_VRINTX:
7214 {
7215 TCGv_ptr fpstatus = get_fpstatus_ptr(1);
7216 gen_helper_rints_exact(cpu_F0s, cpu_F0s, fpstatus);
7217 tcg_temp_free_ptr(fpstatus);
7218 break;
7219 }
7220 case NEON_2RM_VCVTAU:
7221 case NEON_2RM_VCVTAS:
7222 case NEON_2RM_VCVTNU:
7223 case NEON_2RM_VCVTNS:
7224 case NEON_2RM_VCVTPU:
7225 case NEON_2RM_VCVTPS:
7226 case NEON_2RM_VCVTMU:
7227 case NEON_2RM_VCVTMS:
7228 {
7229 bool is_signed = !extract32(insn, 7, 1);
7230 TCGv_ptr fpst = get_fpstatus_ptr(1);
7231 TCGv_i32 tcg_rmode, tcg_shift;
7232 int rmode = fp_decode_rm[extract32(insn, 8, 2)];
7233
7234 tcg_shift = tcg_const_i32(0);
7235 tcg_rmode = tcg_const_i32(arm_rmode_to_sf(rmode));
7236 gen_helper_set_neon_rmode(tcg_rmode, tcg_rmode,
7237 cpu_env);
7238
7239 if (is_signed) {
7240 gen_helper_vfp_tosls(cpu_F0s, cpu_F0s,
7241 tcg_shift, fpst);
7242 } else {
7243 gen_helper_vfp_touls(cpu_F0s, cpu_F0s,
7244 tcg_shift, fpst);
7245 }
7246
7247 gen_helper_set_neon_rmode(tcg_rmode, tcg_rmode,
7248 cpu_env);
7249 tcg_temp_free_i32(tcg_rmode);
7250 tcg_temp_free_i32(tcg_shift);
7251 tcg_temp_free_ptr(fpst);
7252 break;
7253 }
7254 case NEON_2RM_VRECPE:
7255 {
7256 TCGv_ptr fpstatus = get_fpstatus_ptr(1);
7257 gen_helper_recpe_u32(tmp, tmp, fpstatus);
7258 tcg_temp_free_ptr(fpstatus);
7259 break;
7260 }
7261 case NEON_2RM_VRSQRTE:
7262 {
7263 TCGv_ptr fpstatus = get_fpstatus_ptr(1);
7264 gen_helper_rsqrte_u32(tmp, tmp, fpstatus);
7265 tcg_temp_free_ptr(fpstatus);
7266 break;
7267 }
7268 case NEON_2RM_VRECPE_F:
7269 {
7270 TCGv_ptr fpstatus = get_fpstatus_ptr(1);
7271 gen_helper_recpe_f32(cpu_F0s, cpu_F0s, fpstatus);
7272 tcg_temp_free_ptr(fpstatus);
7273 break;
7274 }
7275 case NEON_2RM_VRSQRTE_F:
7276 {
7277 TCGv_ptr fpstatus = get_fpstatus_ptr(1);
7278 gen_helper_rsqrte_f32(cpu_F0s, cpu_F0s, fpstatus);
7279 tcg_temp_free_ptr(fpstatus);
7280 break;
7281 }
7282 case NEON_2RM_VCVT_FS: /* VCVT.F32.S32 */
7283 gen_vfp_sito(0, 1);
7284 break;
7285 case NEON_2RM_VCVT_FU: /* VCVT.F32.U32 */
7286 gen_vfp_uito(0, 1);
7287 break;
7288 case NEON_2RM_VCVT_SF: /* VCVT.S32.F32 */
7289 gen_vfp_tosiz(0, 1);
7290 break;
7291 case NEON_2RM_VCVT_UF: /* VCVT.U32.F32 */
7292 gen_vfp_touiz(0, 1);
7293 break;
7294 default:
7295 /* Reserved op values were caught by the
7296 * neon_2rm_sizes[] check earlier.
7297 */
7298 abort();
7299 }
7300 if (neon_2rm_is_float_op(op)) {
7301 tcg_gen_st_f32(cpu_F0s, cpu_env,
7302 neon_reg_offset(rd, pass));
7303 } else {
7304 neon_store_reg(rd, pass, tmp);
7305 }
7306 }
7307 break;
7308 }
7309 } else if ((insn & (1 << 10)) == 0) {
7310 /* VTBL, VTBX. */
7311 int n = ((insn >> 8) & 3) + 1;
7312 if ((rn + n) > 32) {
7313 /* This is UNPREDICTABLE; we choose to UNDEF to avoid the
7314 * helper function running off the end of the register file.
7315 */
7316 return 1;
7317 }
7318 n <<= 3;
7319 if (insn & (1 << 6)) {
7320 tmp = neon_load_reg(rd, 0);
7321 } else {
7322 tmp = tcg_temp_new_i32();
7323 tcg_gen_movi_i32(tmp, 0);
7324 }
7325 tmp2 = neon_load_reg(rm, 0);
7326 tmp4 = tcg_const_i32(rn);
7327 tmp5 = tcg_const_i32(n);
7328 gen_helper_neon_tbl(tmp2, cpu_env, tmp2, tmp, tmp4, tmp5);
7329 tcg_temp_free_i32(tmp);
7330 if (insn & (1 << 6)) {
7331 tmp = neon_load_reg(rd, 1);
7332 } else {
7333 tmp = tcg_temp_new_i32();
7334 tcg_gen_movi_i32(tmp, 0);
7335 }
7336 tmp3 = neon_load_reg(rm, 1);
7337 gen_helper_neon_tbl(tmp3, cpu_env, tmp3, tmp, tmp4, tmp5);
7338 tcg_temp_free_i32(tmp5);
7339 tcg_temp_free_i32(tmp4);
7340 neon_store_reg(rd, 0, tmp2);
7341 neon_store_reg(rd, 1, tmp3);
7342 tcg_temp_free_i32(tmp);
7343 } else if ((insn & 0x380) == 0) {
7344 /* VDUP */
7345 if ((insn & (7 << 16)) == 0 || (q && (rd & 1))) {
7346 return 1;
7347 }
7348 if (insn & (1 << 19)) {
7349 tmp = neon_load_reg(rm, 1);
7350 } else {
7351 tmp = neon_load_reg(rm, 0);
7352 }
7353 if (insn & (1 << 16)) {
7354 gen_neon_dup_u8(tmp, ((insn >> 17) & 3) * 8);
7355 } else if (insn & (1 << 17)) {
7356 if ((insn >> 18) & 1)
7357 gen_neon_dup_high16(tmp);
7358 else
7359 gen_neon_dup_low16(tmp);
7360 }
7361 for (pass = 0; pass < (q ? 4 : 2); pass++) {
7362 tmp2 = tcg_temp_new_i32();
7363 tcg_gen_mov_i32(tmp2, tmp);
7364 neon_store_reg(rd, pass, tmp2);
7365 }
7366 tcg_temp_free_i32(tmp);
7367 } else {
7368 return 1;
7369 }
7370 }
7371 }
7372 return 0;
7373 }
7374
7375 static int disas_coproc_insn(DisasContext *s, uint32_t insn)
7376 {
7377 int cpnum, is64, crn, crm, opc1, opc2, isread, rt, rt2;
7378 const ARMCPRegInfo *ri;
7379
7380 cpnum = (insn >> 8) & 0xf;
7381
7382 /* First check for coprocessor space used for XScale/iwMMXt insns */
7383 if (arm_dc_feature(s, ARM_FEATURE_XSCALE) && (cpnum < 2)) {
7384 if (extract32(s->c15_cpar, cpnum, 1) == 0) {
7385 return 1;
7386 }
7387 if (arm_dc_feature(s, ARM_FEATURE_IWMMXT)) {
7388 return disas_iwmmxt_insn(s, insn);
7389 } else if (arm_dc_feature(s, ARM_FEATURE_XSCALE)) {
7390 return disas_dsp_insn(s, insn);
7391 }
7392 return 1;
7393 }
7394
7395 /* Otherwise treat as a generic register access */
7396 is64 = (insn & (1 << 25)) == 0;
7397 if (!is64 && ((insn & (1 << 4)) == 0)) {
7398 /* cdp */
7399 return 1;
7400 }
7401
7402 crm = insn & 0xf;
7403 if (is64) {
7404 crn = 0;
7405 opc1 = (insn >> 4) & 0xf;
7406 opc2 = 0;
7407 rt2 = (insn >> 16) & 0xf;
7408 } else {
7409 crn = (insn >> 16) & 0xf;
7410 opc1 = (insn >> 21) & 7;
7411 opc2 = (insn >> 5) & 7;
7412 rt2 = 0;
7413 }
7414 isread = (insn >> 20) & 1;
7415 rt = (insn >> 12) & 0xf;
7416
7417 ri = get_arm_cp_reginfo(s->cp_regs,
7418 ENCODE_CP_REG(cpnum, is64, s->ns, crn, crm, opc1, opc2));
7419 if (ri) {
7420 /* Check access permissions */
7421 if (!cp_access_ok(s->current_el, ri, isread)) {
7422 return 1;
7423 }
7424
7425 if (ri->accessfn ||
7426 (arm_dc_feature(s, ARM_FEATURE_XSCALE) && cpnum < 14)) {
7427 /* Emit code to perform further access permissions checks at
7428 * runtime; this may result in an exception.
7429 * Note that on XScale all cp0..c13 registers do an access check
7430 * call in order to handle c15_cpar.
7431 */
7432 TCGv_ptr tmpptr;
7433 TCGv_i32 tcg_syn, tcg_isread;
7434 uint32_t syndrome;
7435
7436 /* Note that since we are an implementation which takes an
7437 * exception on a trapped conditional instruction only if the
7438 * instruction passes its condition code check, we can take
7439 * advantage of the clause in the ARM ARM that allows us to set
7440 * the COND field in the instruction to 0xE in all cases.
7441 * We could fish the actual condition out of the insn (ARM)
7442 * or the condexec bits (Thumb) but it isn't necessary.
7443 */
7444 switch (cpnum) {
7445 case 14:
7446 if (is64) {
7447 syndrome = syn_cp14_rrt_trap(1, 0xe, opc1, crm, rt, rt2,
7448 isread, false);
7449 } else {
7450 syndrome = syn_cp14_rt_trap(1, 0xe, opc1, opc2, crn, crm,
7451 rt, isread, false);
7452 }
7453 break;
7454 case 15:
7455 if (is64) {
7456 syndrome = syn_cp15_rrt_trap(1, 0xe, opc1, crm, rt, rt2,
7457 isread, false);
7458 } else {
7459 syndrome = syn_cp15_rt_trap(1, 0xe, opc1, opc2, crn, crm,
7460 rt, isread, false);
7461 }
7462 break;
7463 default:
7464 /* ARMv8 defines that only coprocessors 14 and 15 exist,
7465 * so this can only happen if this is an ARMv7 or earlier CPU,
7466 * in which case the syndrome information won't actually be
7467 * guest visible.
7468 */
7469 assert(!arm_dc_feature(s, ARM_FEATURE_V8));
7470 syndrome = syn_uncategorized();
7471 break;
7472 }
7473
7474 gen_set_condexec(s);
7475 gen_set_pc_im(s, s->pc - 4);
7476 tmpptr = tcg_const_ptr(ri);
7477 tcg_syn = tcg_const_i32(syndrome);
7478 tcg_isread = tcg_const_i32(isread);
7479 gen_helper_access_check_cp_reg(cpu_env, tmpptr, tcg_syn,
7480 tcg_isread);
7481 tcg_temp_free_ptr(tmpptr);
7482 tcg_temp_free_i32(tcg_syn);
7483 tcg_temp_free_i32(tcg_isread);
7484 }
7485
7486 /* Handle special cases first */
7487 switch (ri->type & ~(ARM_CP_FLAG_MASK & ~ARM_CP_SPECIAL)) {
7488 case ARM_CP_NOP:
7489 return 0;
7490 case ARM_CP_WFI:
7491 if (isread) {
7492 return 1;
7493 }
7494 gen_set_pc_im(s, s->pc);
7495 s->is_jmp = DISAS_WFI;
7496 return 0;
7497 default:
7498 break;
7499 }
7500
7501 if ((s->tb->cflags & CF_USE_ICOUNT) && (ri->type & ARM_CP_IO)) {
7502 gen_io_start();
7503 }
7504
7505 if (isread) {
7506 /* Read */
7507 if (is64) {
7508 TCGv_i64 tmp64;
7509 TCGv_i32 tmp;
7510 if (ri->type & ARM_CP_CONST) {
7511 tmp64 = tcg_const_i64(ri->resetvalue);
7512 } else if (ri->readfn) {
7513 TCGv_ptr tmpptr;
7514 tmp64 = tcg_temp_new_i64();
7515 tmpptr = tcg_const_ptr(ri);
7516 gen_helper_get_cp_reg64(tmp64, cpu_env, tmpptr);
7517 tcg_temp_free_ptr(tmpptr);
7518 } else {
7519 tmp64 = tcg_temp_new_i64();
7520 tcg_gen_ld_i64(tmp64, cpu_env, ri->fieldoffset);
7521 }
7522 tmp = tcg_temp_new_i32();
7523 tcg_gen_extrl_i64_i32(tmp, tmp64);
7524 store_reg(s, rt, tmp);
7525 tcg_gen_shri_i64(tmp64, tmp64, 32);
7526 tmp = tcg_temp_new_i32();
7527 tcg_gen_extrl_i64_i32(tmp, tmp64);
7528 tcg_temp_free_i64(tmp64);
7529 store_reg(s, rt2, tmp);
7530 } else {
7531 TCGv_i32 tmp;
7532 if (ri->type & ARM_CP_CONST) {
7533 tmp = tcg_const_i32(ri->resetvalue);
7534 } else if (ri->readfn) {
7535 TCGv_ptr tmpptr;
7536 tmp = tcg_temp_new_i32();
7537 tmpptr = tcg_const_ptr(ri);
7538 gen_helper_get_cp_reg(tmp, cpu_env, tmpptr);
7539 tcg_temp_free_ptr(tmpptr);
7540 } else {
7541 tmp = load_cpu_offset(ri->fieldoffset);
7542 }
7543 if (rt == 15) {
7544 /* Destination register of r15 for 32 bit loads sets
7545 * the condition codes from the high 4 bits of the value
7546 */
7547 gen_set_nzcv(tmp);
7548 tcg_temp_free_i32(tmp);
7549 } else {
7550 store_reg(s, rt, tmp);
7551 }
7552 }
7553 } else {
7554 /* Write */
7555 if (ri->type & ARM_CP_CONST) {
7556 /* If not forbidden by access permissions, treat as WI */
7557 return 0;
7558 }
7559
7560 if (is64) {
7561 TCGv_i32 tmplo, tmphi;
7562 TCGv_i64 tmp64 = tcg_temp_new_i64();
7563 tmplo = load_reg(s, rt);
7564 tmphi = load_reg(s, rt2);
7565 tcg_gen_concat_i32_i64(tmp64, tmplo, tmphi);
7566 tcg_temp_free_i32(tmplo);
7567 tcg_temp_free_i32(tmphi);
7568 if (ri->writefn) {
7569 TCGv_ptr tmpptr = tcg_const_ptr(ri);
7570 gen_helper_set_cp_reg64(cpu_env, tmpptr, tmp64);
7571 tcg_temp_free_ptr(tmpptr);
7572 } else {
7573 tcg_gen_st_i64(tmp64, cpu_env, ri->fieldoffset);
7574 }
7575 tcg_temp_free_i64(tmp64);
7576 } else {
7577 if (ri->writefn) {
7578 TCGv_i32 tmp;
7579 TCGv_ptr tmpptr;
7580 tmp = load_reg(s, rt);
7581 tmpptr = tcg_const_ptr(ri);
7582 gen_helper_set_cp_reg(cpu_env, tmpptr, tmp);
7583 tcg_temp_free_ptr(tmpptr);
7584 tcg_temp_free_i32(tmp);
7585 } else {
7586 TCGv_i32 tmp = load_reg(s, rt);
7587 store_cpu_offset(tmp, ri->fieldoffset);
7588 }
7589 }
7590 }
7591
7592 if ((s->tb->cflags & CF_USE_ICOUNT) && (ri->type & ARM_CP_IO)) {
7593 /* I/O operations must end the TB here (whether read or write) */
7594 gen_io_end();
7595 gen_lookup_tb(s);
7596 } else if (!isread && !(ri->type & ARM_CP_SUPPRESS_TB_END)) {
7597 /* We default to ending the TB on a coprocessor register write,
7598 * but allow this to be suppressed by the register definition
7599 * (usually only necessary to work around guest bugs).
7600 */
7601 gen_lookup_tb(s);
7602 }
7603
7604 return 0;
7605 }
7606
7607 /* Unknown register; this might be a guest error or a QEMU
7608 * unimplemented feature.
7609 */
7610 if (is64) {
7611 qemu_log_mask(LOG_UNIMP, "%s access to unsupported AArch32 "
7612 "64 bit system register cp:%d opc1: %d crm:%d "
7613 "(%s)\n",
7614 isread ? "read" : "write", cpnum, opc1, crm,
7615 s->ns ? "non-secure" : "secure");
7616 } else {
7617 qemu_log_mask(LOG_UNIMP, "%s access to unsupported AArch32 "
7618 "system register cp:%d opc1:%d crn:%d crm:%d opc2:%d "
7619 "(%s)\n",
7620 isread ? "read" : "write", cpnum, opc1, crn, crm, opc2,
7621 s->ns ? "non-secure" : "secure");
7622 }
7623
7624 return 1;
7625 }
7626
7627
7628 /* Store a 64-bit value to a register pair. Clobbers val. */
7629 static void gen_storeq_reg(DisasContext *s, int rlow, int rhigh, TCGv_i64 val)
7630 {
7631 TCGv_i32 tmp;
7632 tmp = tcg_temp_new_i32();
7633 tcg_gen_extrl_i64_i32(tmp, val);
7634 store_reg(s, rlow, tmp);
7635 tmp = tcg_temp_new_i32();
7636 tcg_gen_shri_i64(val, val, 32);
7637 tcg_gen_extrl_i64_i32(tmp, val);
7638 store_reg(s, rhigh, tmp);
7639 }
7640
7641 /* load a 32-bit value from a register and perform a 64-bit accumulate. */
7642 static void gen_addq_lo(DisasContext *s, TCGv_i64 val, int rlow)
7643 {
7644 TCGv_i64 tmp;
7645 TCGv_i32 tmp2;
7646
7647 /* Load value and extend to 64 bits. */
7648 tmp = tcg_temp_new_i64();
7649 tmp2 = load_reg(s, rlow);
7650 tcg_gen_extu_i32_i64(tmp, tmp2);
7651 tcg_temp_free_i32(tmp2);
7652 tcg_gen_add_i64(val, val, tmp);
7653 tcg_temp_free_i64(tmp);
7654 }
7655
7656 /* load and add a 64-bit value from a register pair. */
7657 static void gen_addq(DisasContext *s, TCGv_i64 val, int rlow, int rhigh)
7658 {
7659 TCGv_i64 tmp;
7660 TCGv_i32 tmpl;
7661 TCGv_i32 tmph;
7662
7663 /* Load 64-bit value rd:rn. */
7664 tmpl = load_reg(s, rlow);
7665 tmph = load_reg(s, rhigh);
7666 tmp = tcg_temp_new_i64();
7667 tcg_gen_concat_i32_i64(tmp, tmpl, tmph);
7668 tcg_temp_free_i32(tmpl);
7669 tcg_temp_free_i32(tmph);
7670 tcg_gen_add_i64(val, val, tmp);
7671 tcg_temp_free_i64(tmp);
7672 }
7673
7674 /* Set N and Z flags from hi|lo. */
7675 static void gen_logicq_cc(TCGv_i32 lo, TCGv_i32 hi)
7676 {
7677 tcg_gen_mov_i32(cpu_NF, hi);
7678 tcg_gen_or_i32(cpu_ZF, lo, hi);
7679 }
7680
7681 /* Load/Store exclusive instructions are implemented by remembering
7682 the value/address loaded, and seeing if these are the same
7683 when the store is performed. This should be sufficient to implement
7684 the architecturally mandated semantics, and avoids having to monitor
7685 regular stores.
7686
7687 In system emulation mode only one CPU will be running at once, so
7688 this sequence is effectively atomic. In user emulation mode we
7689 throw an exception and handle the atomic operation elsewhere. */
7690 static void gen_load_exclusive(DisasContext *s, int rt, int rt2,
7691 TCGv_i32 addr, int size)
7692 {
7693 TCGv_i32 tmp = tcg_temp_new_i32();
7694
7695 s->is_ldex = true;
7696
7697 switch (size) {
7698 case 0:
7699 gen_aa32_ld8u(s, tmp, addr, get_mem_index(s));
7700 break;
7701 case 1:
7702 gen_aa32_ld16ua(s, tmp, addr, get_mem_index(s));
7703 break;
7704 case 2:
7705 case 3:
7706 gen_aa32_ld32ua(s, tmp, addr, get_mem_index(s));
7707 break;
7708 default:
7709 abort();
7710 }
7711
7712 if (size == 3) {
7713 TCGv_i32 tmp2 = tcg_temp_new_i32();
7714 TCGv_i32 tmp3 = tcg_temp_new_i32();
7715
7716 tcg_gen_addi_i32(tmp2, addr, 4);
7717 gen_aa32_ld32u(s, tmp3, tmp2, get_mem_index(s));
7718 tcg_temp_free_i32(tmp2);
7719 tcg_gen_concat_i32_i64(cpu_exclusive_val, tmp, tmp3);
7720 store_reg(s, rt2, tmp3);
7721 } else {
7722 tcg_gen_extu_i32_i64(cpu_exclusive_val, tmp);
7723 }
7724
7725 store_reg(s, rt, tmp);
7726 tcg_gen_extu_i32_i64(cpu_exclusive_addr, addr);
7727 }
7728
7729 static void gen_clrex(DisasContext *s)
7730 {
7731 tcg_gen_movi_i64(cpu_exclusive_addr, -1);
7732 }
7733
7734 #ifdef CONFIG_USER_ONLY
7735 static void gen_store_exclusive(DisasContext *s, int rd, int rt, int rt2,
7736 TCGv_i32 addr, int size)
7737 {
7738 tcg_gen_extu_i32_i64(cpu_exclusive_test, addr);
7739 tcg_gen_movi_i32(cpu_exclusive_info,
7740 size | (rd << 4) | (rt << 8) | (rt2 << 12));
7741 gen_exception_internal_insn(s, 4, EXCP_STREX);
7742 }
7743 #else
7744 static void gen_store_exclusive(DisasContext *s, int rd, int rt, int rt2,
7745 TCGv_i32 addr, int size)
7746 {
7747 TCGv_i32 tmp;
7748 TCGv_i64 val64, extaddr;
7749 TCGLabel *done_label;
7750 TCGLabel *fail_label;
7751
7752 /* if (env->exclusive_addr == addr && env->exclusive_val == [addr]) {
7753 [addr] = {Rt};
7754 {Rd} = 0;
7755 } else {
7756 {Rd} = 1;
7757 } */
7758 fail_label = gen_new_label();
7759 done_label = gen_new_label();
7760 extaddr = tcg_temp_new_i64();
7761 tcg_gen_extu_i32_i64(extaddr, addr);
7762 tcg_gen_brcond_i64(TCG_COND_NE, extaddr, cpu_exclusive_addr, fail_label);
7763 tcg_temp_free_i64(extaddr);
7764
7765 tmp = tcg_temp_new_i32();
7766 switch (size) {
7767 case 0:
7768 gen_aa32_ld8u(s, tmp, addr, get_mem_index(s));
7769 break;
7770 case 1:
7771 gen_aa32_ld16u(s, tmp, addr, get_mem_index(s));
7772 break;
7773 case 2:
7774 case 3:
7775 gen_aa32_ld32u(s, tmp, addr, get_mem_index(s));
7776 break;
7777 default:
7778 abort();
7779 }
7780
7781 val64 = tcg_temp_new_i64();
7782 if (size == 3) {
7783 TCGv_i32 tmp2 = tcg_temp_new_i32();
7784 TCGv_i32 tmp3 = tcg_temp_new_i32();
7785 tcg_gen_addi_i32(tmp2, addr, 4);
7786 gen_aa32_ld32u(s, tmp3, tmp2, get_mem_index(s));
7787 tcg_temp_free_i32(tmp2);
7788 tcg_gen_concat_i32_i64(val64, tmp, tmp3);
7789 tcg_temp_free_i32(tmp3);
7790 } else {
7791 tcg_gen_extu_i32_i64(val64, tmp);
7792 }
7793 tcg_temp_free_i32(tmp);
7794
7795 tcg_gen_brcond_i64(TCG_COND_NE, val64, cpu_exclusive_val, fail_label);
7796 tcg_temp_free_i64(val64);
7797
7798 tmp = load_reg(s, rt);
7799 switch (size) {
7800 case 0:
7801 gen_aa32_st8(s, tmp, addr, get_mem_index(s));
7802 break;
7803 case 1:
7804 gen_aa32_st16(s, tmp, addr, get_mem_index(s));
7805 break;
7806 case 2:
7807 case 3:
7808 gen_aa32_st32(s, tmp, addr, get_mem_index(s));
7809 break;
7810 default:
7811 abort();
7812 }
7813 tcg_temp_free_i32(tmp);
7814 if (size == 3) {
7815 tcg_gen_addi_i32(addr, addr, 4);
7816 tmp = load_reg(s, rt2);
7817 gen_aa32_st32(s, tmp, addr, get_mem_index(s));
7818 tcg_temp_free_i32(tmp);
7819 }
7820 tcg_gen_movi_i32(cpu_R[rd], 0);
7821 tcg_gen_br(done_label);
7822 gen_set_label(fail_label);
7823 tcg_gen_movi_i32(cpu_R[rd], 1);
7824 gen_set_label(done_label);
7825 tcg_gen_movi_i64(cpu_exclusive_addr, -1);
7826 }
7827 #endif
7828
7829 /* gen_srs:
7830 * @env: CPUARMState
7831 * @s: DisasContext
7832 * @mode: mode field from insn (which stack to store to)
7833 * @amode: addressing mode (DA/IA/DB/IB), encoded as per P,U bits in ARM insn
7834 * @writeback: true if writeback bit set
7835 *
7836 * Generate code for the SRS (Store Return State) insn.
7837 */
7838 static void gen_srs(DisasContext *s,
7839 uint32_t mode, uint32_t amode, bool writeback)
7840 {
7841 int32_t offset;
7842 TCGv_i32 addr, tmp;
7843 bool undef = false;
7844
7845 /* SRS is:
7846 * - trapped to EL3 if EL3 is AArch64 and we are at Secure EL1
7847 * and specified mode is monitor mode
7848 * - UNDEFINED in Hyp mode
7849 * - UNPREDICTABLE in User or System mode
7850 * - UNPREDICTABLE if the specified mode is:
7851 * -- not implemented
7852 * -- not a valid mode number
7853 * -- a mode that's at a higher exception level
7854 * -- Monitor, if we are Non-secure
7855 * For the UNPREDICTABLE cases we choose to UNDEF.
7856 */
7857 if (s->current_el == 1 && !s->ns && mode == ARM_CPU_MODE_MON) {
7858 gen_exception_insn(s, 4, EXCP_UDEF, syn_uncategorized(), 3);
7859 return;
7860 }
7861
7862 if (s->current_el == 0 || s->current_el == 2) {
7863 undef = true;
7864 }
7865
7866 switch (mode) {
7867 case ARM_CPU_MODE_USR:
7868 case ARM_CPU_MODE_FIQ:
7869 case ARM_CPU_MODE_IRQ:
7870 case ARM_CPU_MODE_SVC:
7871 case ARM_CPU_MODE_ABT:
7872 case ARM_CPU_MODE_UND:
7873 case ARM_CPU_MODE_SYS:
7874 break;
7875 case ARM_CPU_MODE_HYP:
7876 if (s->current_el == 1 || !arm_dc_feature(s, ARM_FEATURE_EL2)) {
7877 undef = true;
7878 }
7879 break;
7880 case ARM_CPU_MODE_MON:
7881 /* No need to check specifically for "are we non-secure" because
7882 * we've already made EL0 UNDEF and handled the trap for S-EL1;
7883 * so if this isn't EL3 then we must be non-secure.
7884 */
7885 if (s->current_el != 3) {
7886 undef = true;
7887 }
7888 break;
7889 default:
7890 undef = true;
7891 }
7892
7893 if (undef) {
7894 gen_exception_insn(s, 4, EXCP_UDEF, syn_uncategorized(),
7895 default_exception_el(s));
7896 return;
7897 }
7898
7899 addr = tcg_temp_new_i32();
7900 tmp = tcg_const_i32(mode);
7901 /* get_r13_banked() will raise an exception if called from System mode */
7902 gen_set_condexec(s);
7903 gen_set_pc_im(s, s->pc - 4);
7904 gen_helper_get_r13_banked(addr, cpu_env, tmp);
7905 tcg_temp_free_i32(tmp);
7906 switch (amode) {
7907 case 0: /* DA */
7908 offset = -4;
7909 break;
7910 case 1: /* IA */
7911 offset = 0;
7912 break;
7913 case 2: /* DB */
7914 offset = -8;
7915 break;
7916 case 3: /* IB */
7917 offset = 4;
7918 break;
7919 default:
7920 abort();
7921 }
7922 tcg_gen_addi_i32(addr, addr, offset);
7923 tmp = load_reg(s, 14);
7924 gen_aa32_st32(s, tmp, addr, get_mem_index(s));
7925 tcg_temp_free_i32(tmp);
7926 tmp = load_cpu_field(spsr);
7927 tcg_gen_addi_i32(addr, addr, 4);
7928 gen_aa32_st32(s, tmp, addr, get_mem_index(s));
7929 tcg_temp_free_i32(tmp);
7930 if (writeback) {
7931 switch (amode) {
7932 case 0:
7933 offset = -8;
7934 break;
7935 case 1:
7936 offset = 4;
7937 break;
7938 case 2:
7939 offset = -4;
7940 break;
7941 case 3:
7942 offset = 0;
7943 break;
7944 default:
7945 abort();
7946 }
7947 tcg_gen_addi_i32(addr, addr, offset);
7948 tmp = tcg_const_i32(mode);
7949 gen_helper_set_r13_banked(cpu_env, tmp, addr);
7950 tcg_temp_free_i32(tmp);
7951 }
7952 tcg_temp_free_i32(addr);
7953 s->is_jmp = DISAS_UPDATE;
7954 }
7955
7956 static void disas_arm_insn(DisasContext *s, unsigned int insn)
7957 {
7958 unsigned int cond, val, op1, i, shift, rm, rs, rn, rd, sh;
7959 TCGv_i32 tmp;
7960 TCGv_i32 tmp2;
7961 TCGv_i32 tmp3;
7962 TCGv_i32 addr;
7963 TCGv_i64 tmp64;
7964
7965 /* M variants do not implement ARM mode. */
7966 if (arm_dc_feature(s, ARM_FEATURE_M)) {
7967 goto illegal_op;
7968 }
7969 cond = insn >> 28;
7970 if (cond == 0xf){
7971 /* In ARMv3 and v4 the NV condition is UNPREDICTABLE; we
7972 * choose to UNDEF. In ARMv5 and above the space is used
7973 * for miscellaneous unconditional instructions.
7974 */
7975 ARCH(5);
7976
7977 /* Unconditional instructions. */
7978 if (((insn >> 25) & 7) == 1) {
7979 /* NEON Data processing. */
7980 if (!arm_dc_feature(s, ARM_FEATURE_NEON)) {
7981 goto illegal_op;
7982 }
7983
7984 if (disas_neon_data_insn(s, insn)) {
7985 goto illegal_op;
7986 }
7987 return;
7988 }
7989 if ((insn & 0x0f100000) == 0x04000000) {
7990 /* NEON load/store. */
7991 if (!arm_dc_feature(s, ARM_FEATURE_NEON)) {
7992 goto illegal_op;
7993 }
7994
7995 if (disas_neon_ls_insn(s, insn)) {
7996 goto illegal_op;
7997 }
7998 return;
7999 }
8000 if ((insn & 0x0f000e10) == 0x0e000a00) {
8001 /* VFP. */
8002 if (disas_vfp_insn(s, insn)) {
8003 goto illegal_op;
8004 }
8005 return;
8006 }
8007 if (((insn & 0x0f30f000) == 0x0510f000) ||
8008 ((insn & 0x0f30f010) == 0x0710f000)) {
8009 if ((insn & (1 << 22)) == 0) {
8010 /* PLDW; v7MP */
8011 if (!arm_dc_feature(s, ARM_FEATURE_V7MP)) {
8012 goto illegal_op;
8013 }
8014 }
8015 /* Otherwise PLD; v5TE+ */
8016 ARCH(5TE);
8017 return;
8018 }
8019 if (((insn & 0x0f70f000) == 0x0450f000) ||
8020 ((insn & 0x0f70f010) == 0x0650f000)) {
8021 ARCH(7);
8022 return; /* PLI; V7 */
8023 }
8024 if (((insn & 0x0f700000) == 0x04100000) ||
8025 ((insn & 0x0f700010) == 0x06100000)) {
8026 if (!arm_dc_feature(s, ARM_FEATURE_V7MP)) {
8027 goto illegal_op;
8028 }
8029 return; /* v7MP: Unallocated memory hint: must NOP */
8030 }
8031
8032 if ((insn & 0x0ffffdff) == 0x01010000) {
8033 ARCH(6);
8034 /* setend */
8035 if (((insn >> 9) & 1) != !!(s->be_data == MO_BE)) {
8036 gen_helper_setend(cpu_env);
8037 s->is_jmp = DISAS_UPDATE;
8038 }
8039 return;
8040 } else if ((insn & 0x0fffff00) == 0x057ff000) {
8041 switch ((insn >> 4) & 0xf) {
8042 case 1: /* clrex */
8043 ARCH(6K);
8044 gen_clrex(s);
8045 return;
8046 case 4: /* dsb */
8047 case 5: /* dmb */
8048 ARCH(7);
8049 /* We don't emulate caches so these are a no-op. */
8050 return;
8051 case 6: /* isb */
8052 /* We need to break the TB after this insn to execute
8053 * self-modifying code correctly and also to take
8054 * any pending interrupts immediately.
8055 */
8056 gen_lookup_tb(s);
8057 return;
8058 default:
8059 goto illegal_op;
8060 }
8061 } else if ((insn & 0x0e5fffe0) == 0x084d0500) {
8062 /* srs */
8063 ARCH(6);
8064 gen_srs(s, (insn & 0x1f), (insn >> 23) & 3, insn & (1 << 21));
8065 return;
8066 } else if ((insn & 0x0e50ffe0) == 0x08100a00) {
8067 /* rfe */
8068 int32_t offset;
8069 if (IS_USER(s))
8070 goto illegal_op;
8071 ARCH(6);
8072 rn = (insn >> 16) & 0xf;
8073 addr = load_reg(s, rn);
8074 i = (insn >> 23) & 3;
8075 switch (i) {
8076 case 0: offset = -4; break; /* DA */
8077 case 1: offset = 0; break; /* IA */
8078 case 2: offset = -8; break; /* DB */
8079 case 3: offset = 4; break; /* IB */
8080 default: abort();
8081 }
8082 if (offset)
8083 tcg_gen_addi_i32(addr, addr, offset);
8084 /* Load PC into tmp and CPSR into tmp2. */
8085 tmp = tcg_temp_new_i32();
8086 gen_aa32_ld32u(s, tmp, addr, get_mem_index(s));
8087 tcg_gen_addi_i32(addr, addr, 4);
8088 tmp2 = tcg_temp_new_i32();
8089 gen_aa32_ld32u(s, tmp2, addr, get_mem_index(s));
8090 if (insn & (1 << 21)) {
8091 /* Base writeback. */
8092 switch (i) {
8093 case 0: offset = -8; break;
8094 case 1: offset = 4; break;
8095 case 2: offset = -4; break;
8096 case 3: offset = 0; break;
8097 default: abort();
8098 }
8099 if (offset)
8100 tcg_gen_addi_i32(addr, addr, offset);
8101 store_reg(s, rn, addr);
8102 } else {
8103 tcg_temp_free_i32(addr);
8104 }
8105 gen_rfe(s, tmp, tmp2);
8106 return;
8107 } else if ((insn & 0x0e000000) == 0x0a000000) {
8108 /* branch link and change to thumb (blx <offset>) */
8109 int32_t offset;
8110
8111 val = (uint32_t)s->pc;
8112 tmp = tcg_temp_new_i32();
8113 tcg_gen_movi_i32(tmp, val);
8114 store_reg(s, 14, tmp);
8115 /* Sign-extend the 24-bit offset */
8116 offset = (((int32_t)insn) << 8) >> 8;
8117 /* offset * 4 + bit24 * 2 + (thumb bit) */
8118 val += (offset << 2) | ((insn >> 23) & 2) | 1;
8119 /* pipeline offset */
8120 val += 4;
8121 /* protected by ARCH(5); above, near the start of uncond block */
8122 gen_bx_im(s, val);
8123 return;
8124 } else if ((insn & 0x0e000f00) == 0x0c000100) {
8125 if (arm_dc_feature(s, ARM_FEATURE_IWMMXT)) {
8126 /* iWMMXt register transfer. */
8127 if (extract32(s->c15_cpar, 1, 1)) {
8128 if (!disas_iwmmxt_insn(s, insn)) {
8129 return;
8130 }
8131 }
8132 }
8133 } else if ((insn & 0x0fe00000) == 0x0c400000) {
8134 /* Coprocessor double register transfer. */
8135 ARCH(5TE);
8136 } else if ((insn & 0x0f000010) == 0x0e000010) {
8137 /* Additional coprocessor register transfer. */
8138 } else if ((insn & 0x0ff10020) == 0x01000000) {
8139 uint32_t mask;
8140 uint32_t val;
8141 /* cps (privileged) */
8142 if (IS_USER(s))
8143 return;
8144 mask = val = 0;
8145 if (insn & (1 << 19)) {
8146 if (insn & (1 << 8))
8147 mask |= CPSR_A;
8148 if (insn & (1 << 7))
8149 mask |= CPSR_I;
8150 if (insn & (1 << 6))
8151 mask |= CPSR_F;
8152 if (insn & (1 << 18))
8153 val |= mask;
8154 }
8155 if (insn & (1 << 17)) {
8156 mask |= CPSR_M;
8157 val |= (insn & 0x1f);
8158 }
8159 if (mask) {
8160 gen_set_psr_im(s, mask, 0, val);
8161 }
8162 return;
8163 }
8164 goto illegal_op;
8165 }
8166 if (cond != 0xe) {
8167 /* if not always execute, we generate a conditional jump to
8168 next instruction */
8169 s->condlabel = gen_new_label();
8170 arm_gen_test_cc(cond ^ 1, s->condlabel);
8171 s->condjmp = 1;
8172 }
8173 if ((insn & 0x0f900000) == 0x03000000) {
8174 if ((insn & (1 << 21)) == 0) {
8175 ARCH(6T2);
8176 rd = (insn >> 12) & 0xf;
8177 val = ((insn >> 4) & 0xf000) | (insn & 0xfff);
8178 if ((insn & (1 << 22)) == 0) {
8179 /* MOVW */
8180 tmp = tcg_temp_new_i32();
8181 tcg_gen_movi_i32(tmp, val);
8182 } else {
8183 /* MOVT */
8184 tmp = load_reg(s, rd);
8185 tcg_gen_ext16u_i32(tmp, tmp);
8186 tcg_gen_ori_i32(tmp, tmp, val << 16);
8187 }
8188 store_reg(s, rd, tmp);
8189 } else {
8190 if (((insn >> 12) & 0xf) != 0xf)
8191 goto illegal_op;
8192 if (((insn >> 16) & 0xf) == 0) {
8193 gen_nop_hint(s, insn & 0xff);
8194 } else {
8195 /* CPSR = immediate */
8196 val = insn & 0xff;
8197 shift = ((insn >> 8) & 0xf) * 2;
8198 if (shift)
8199 val = (val >> shift) | (val << (32 - shift));
8200 i = ((insn & (1 << 22)) != 0);
8201 if (gen_set_psr_im(s, msr_mask(s, (insn >> 16) & 0xf, i),
8202 i, val)) {
8203 goto illegal_op;
8204 }
8205 }
8206 }
8207 } else if ((insn & 0x0f900000) == 0x01000000
8208 && (insn & 0x00000090) != 0x00000090) {
8209 /* miscellaneous instructions */
8210 op1 = (insn >> 21) & 3;
8211 sh = (insn >> 4) & 0xf;
8212 rm = insn & 0xf;
8213 switch (sh) {
8214 case 0x0: /* MSR, MRS */
8215 if (insn & (1 << 9)) {
8216 /* MSR (banked) and MRS (banked) */
8217 int sysm = extract32(insn, 16, 4) |
8218 (extract32(insn, 8, 1) << 4);
8219 int r = extract32(insn, 22, 1);
8220
8221 if (op1 & 1) {
8222 /* MSR (banked) */
8223 gen_msr_banked(s, r, sysm, rm);
8224 } else {
8225 /* MRS (banked) */
8226 int rd = extract32(insn, 12, 4);
8227
8228 gen_mrs_banked(s, r, sysm, rd);
8229 }
8230 break;
8231 }
8232
8233 /* MSR, MRS (for PSRs) */
8234 if (op1 & 1) {
8235 /* PSR = reg */
8236 tmp = load_reg(s, rm);
8237 i = ((op1 & 2) != 0);
8238 if (gen_set_psr(s, msr_mask(s, (insn >> 16) & 0xf, i), i, tmp))
8239 goto illegal_op;
8240 } else {
8241 /* reg = PSR */
8242 rd = (insn >> 12) & 0xf;
8243 if (op1 & 2) {
8244 if (IS_USER(s))
8245 goto illegal_op;
8246 tmp = load_cpu_field(spsr);
8247 } else {
8248 tmp = tcg_temp_new_i32();
8249 gen_helper_cpsr_read(tmp, cpu_env);
8250 }
8251 store_reg(s, rd, tmp);
8252 }
8253 break;
8254 case 0x1:
8255 if (op1 == 1) {
8256 /* branch/exchange thumb (bx). */
8257 ARCH(4T);
8258 tmp = load_reg(s, rm);
8259 gen_bx(s, tmp);
8260 } else if (op1 == 3) {
8261 /* clz */
8262 ARCH(5);
8263 rd = (insn >> 12) & 0xf;
8264 tmp = load_reg(s, rm);
8265 gen_helper_clz(tmp, tmp);
8266 store_reg(s, rd, tmp);
8267 } else {
8268 goto illegal_op;
8269 }
8270 break;
8271 case 0x2:
8272 if (op1 == 1) {
8273 ARCH(5J); /* bxj */
8274 /* Trivial implementation equivalent to bx. */
8275 tmp = load_reg(s, rm);
8276 gen_bx(s, tmp);
8277 } else {
8278 goto illegal_op;
8279 }
8280 break;
8281 case 0x3:
8282 if (op1 != 1)
8283 goto illegal_op;
8284
8285 ARCH(5);
8286 /* branch link/exchange thumb (blx) */
8287 tmp = load_reg(s, rm);
8288 tmp2 = tcg_temp_new_i32();
8289 tcg_gen_movi_i32(tmp2, s->pc);
8290 store_reg(s, 14, tmp2);
8291 gen_bx(s, tmp);
8292 break;
8293 case 0x4:
8294 {
8295 /* crc32/crc32c */
8296 uint32_t c = extract32(insn, 8, 4);
8297
8298 /* Check this CPU supports ARMv8 CRC instructions.
8299 * op1 == 3 is UNPREDICTABLE but handle as UNDEFINED.
8300 * Bits 8, 10 and 11 should be zero.
8301 */
8302 if (!arm_dc_feature(s, ARM_FEATURE_CRC) || op1 == 0x3 ||
8303 (c & 0xd) != 0) {
8304 goto illegal_op;
8305 }
8306
8307 rn = extract32(insn, 16, 4);
8308 rd = extract32(insn, 12, 4);
8309
8310 tmp = load_reg(s, rn);
8311 tmp2 = load_reg(s, rm);
8312 if (op1 == 0) {
8313 tcg_gen_andi_i32(tmp2, tmp2, 0xff);
8314 } else if (op1 == 1) {
8315 tcg_gen_andi_i32(tmp2, tmp2, 0xffff);
8316 }
8317 tmp3 = tcg_const_i32(1 << op1);
8318 if (c & 0x2) {
8319 gen_helper_crc32c(tmp, tmp, tmp2, tmp3);
8320 } else {
8321 gen_helper_crc32(tmp, tmp, tmp2, tmp3);
8322 }
8323 tcg_temp_free_i32(tmp2);
8324 tcg_temp_free_i32(tmp3);
8325 store_reg(s, rd, tmp);
8326 break;
8327 }
8328 case 0x5: /* saturating add/subtract */
8329 ARCH(5TE);
8330 rd = (insn >> 12) & 0xf;
8331 rn = (insn >> 16) & 0xf;
8332 tmp = load_reg(s, rm);
8333 tmp2 = load_reg(s, rn);
8334 if (op1 & 2)
8335 gen_helper_double_saturate(tmp2, cpu_env, tmp2);
8336 if (op1 & 1)
8337 gen_helper_sub_saturate(tmp, cpu_env, tmp, tmp2);
8338 else
8339 gen_helper_add_saturate(tmp, cpu_env, tmp, tmp2);
8340 tcg_temp_free_i32(tmp2);
8341 store_reg(s, rd, tmp);
8342 break;
8343 case 7:
8344 {
8345 int imm16 = extract32(insn, 0, 4) | (extract32(insn, 8, 12) << 4);
8346 switch (op1) {
8347 case 1:
8348 /* bkpt */
8349 ARCH(5);
8350 gen_exception_insn(s, 4, EXCP_BKPT,
8351 syn_aa32_bkpt(imm16, false),
8352 default_exception_el(s));
8353 break;
8354 case 2:
8355 /* Hypervisor call (v7) */
8356 ARCH(7);
8357 if (IS_USER(s)) {
8358 goto illegal_op;
8359 }
8360 gen_hvc(s, imm16);
8361 break;
8362 case 3:
8363 /* Secure monitor call (v6+) */
8364 ARCH(6K);
8365 if (IS_USER(s)) {
8366 goto illegal_op;
8367 }
8368 gen_smc(s);
8369 break;
8370 default:
8371 goto illegal_op;
8372 }
8373 break;
8374 }
8375 case 0x8: /* signed multiply */
8376 case 0xa:
8377 case 0xc:
8378 case 0xe:
8379 ARCH(5TE);
8380 rs = (insn >> 8) & 0xf;
8381 rn = (insn >> 12) & 0xf;
8382 rd = (insn >> 16) & 0xf;
8383 if (op1 == 1) {
8384 /* (32 * 16) >> 16 */
8385 tmp = load_reg(s, rm);
8386 tmp2 = load_reg(s, rs);
8387 if (sh & 4)
8388 tcg_gen_sari_i32(tmp2, tmp2, 16);
8389 else
8390 gen_sxth(tmp2);
8391 tmp64 = gen_muls_i64_i32(tmp, tmp2);
8392 tcg_gen_shri_i64(tmp64, tmp64, 16);
8393 tmp = tcg_temp_new_i32();
8394 tcg_gen_extrl_i64_i32(tmp, tmp64);
8395 tcg_temp_free_i64(tmp64);
8396 if ((sh & 2) == 0) {
8397 tmp2 = load_reg(s, rn);
8398 gen_helper_add_setq(tmp, cpu_env, tmp, tmp2);
8399 tcg_temp_free_i32(tmp2);
8400 }
8401 store_reg(s, rd, tmp);
8402 } else {
8403 /* 16 * 16 */
8404 tmp = load_reg(s, rm);
8405 tmp2 = load_reg(s, rs);
8406 gen_mulxy(tmp, tmp2, sh & 2, sh & 4);
8407 tcg_temp_free_i32(tmp2);
8408 if (op1 == 2) {
8409 tmp64 = tcg_temp_new_i64();
8410 tcg_gen_ext_i32_i64(tmp64, tmp);
8411 tcg_temp_free_i32(tmp);
8412 gen_addq(s, tmp64, rn, rd);
8413 gen_storeq_reg(s, rn, rd, tmp64);
8414 tcg_temp_free_i64(tmp64);
8415 } else {
8416 if (op1 == 0) {
8417 tmp2 = load_reg(s, rn);
8418 gen_helper_add_setq(tmp, cpu_env, tmp, tmp2);
8419 tcg_temp_free_i32(tmp2);
8420 }
8421 store_reg(s, rd, tmp);
8422 }
8423 }
8424 break;
8425 default:
8426 goto illegal_op;
8427 }
8428 } else if (((insn & 0x0e000000) == 0 &&
8429 (insn & 0x00000090) != 0x90) ||
8430 ((insn & 0x0e000000) == (1 << 25))) {
8431 int set_cc, logic_cc, shiftop;
8432
8433 op1 = (insn >> 21) & 0xf;
8434 set_cc = (insn >> 20) & 1;
8435 logic_cc = table_logic_cc[op1] & set_cc;
8436
8437 /* data processing instruction */
8438 if (insn & (1 << 25)) {
8439 /* immediate operand */
8440 val = insn & 0xff;
8441 shift = ((insn >> 8) & 0xf) * 2;
8442 if (shift) {
8443 val = (val >> shift) | (val << (32 - shift));
8444 }
8445 tmp2 = tcg_temp_new_i32();
8446 tcg_gen_movi_i32(tmp2, val);
8447 if (logic_cc && shift) {
8448 gen_set_CF_bit31(tmp2);
8449 }
8450 } else {
8451 /* register */
8452 rm = (insn) & 0xf;
8453 tmp2 = load_reg(s, rm);
8454 shiftop = (insn >> 5) & 3;
8455 if (!(insn & (1 << 4))) {
8456 shift = (insn >> 7) & 0x1f;
8457 gen_arm_shift_im(tmp2, shiftop, shift, logic_cc);
8458 } else {
8459 rs = (insn >> 8) & 0xf;
8460 tmp = load_reg(s, rs);
8461 gen_arm_shift_reg(tmp2, shiftop, tmp, logic_cc);
8462 }
8463 }
8464 if (op1 != 0x0f && op1 != 0x0d) {
8465 rn = (insn >> 16) & 0xf;
8466 tmp = load_reg(s, rn);
8467 } else {
8468 TCGV_UNUSED_I32(tmp);
8469 }
8470 rd = (insn >> 12) & 0xf;
8471 switch(op1) {
8472 case 0x00:
8473 tcg_gen_and_i32(tmp, tmp, tmp2);
8474 if (logic_cc) {
8475 gen_logic_CC(tmp);
8476 }
8477 store_reg_bx(s, rd, tmp);
8478 break;
8479 case 0x01:
8480 tcg_gen_xor_i32(tmp, tmp, tmp2);
8481 if (logic_cc) {
8482 gen_logic_CC(tmp);
8483 }
8484 store_reg_bx(s, rd, tmp);
8485 break;
8486 case 0x02:
8487 if (set_cc && rd == 15) {
8488 /* SUBS r15, ... is used for exception return. */
8489 if (IS_USER(s)) {
8490 goto illegal_op;
8491 }
8492 gen_sub_CC(tmp, tmp, tmp2);
8493 gen_exception_return(s, tmp);
8494 } else {
8495 if (set_cc) {
8496 gen_sub_CC(tmp, tmp, tmp2);
8497 } else {
8498 tcg_gen_sub_i32(tmp, tmp, tmp2);
8499 }
8500 store_reg_bx(s, rd, tmp);
8501 }
8502 break;
8503 case 0x03:
8504 if (set_cc) {
8505 gen_sub_CC(tmp, tmp2, tmp);
8506 } else {
8507 tcg_gen_sub_i32(tmp, tmp2, tmp);
8508 }
8509 store_reg_bx(s, rd, tmp);
8510 break;
8511 case 0x04:
8512 if (set_cc) {
8513 gen_add_CC(tmp, tmp, tmp2);
8514 } else {
8515 tcg_gen_add_i32(tmp, tmp, tmp2);
8516 }
8517 store_reg_bx(s, rd, tmp);
8518 break;
8519 case 0x05:
8520 if (set_cc) {
8521 gen_adc_CC(tmp, tmp, tmp2);
8522 } else {
8523 gen_add_carry(tmp, tmp, tmp2);
8524 }
8525 store_reg_bx(s, rd, tmp);
8526 break;
8527 case 0x06:
8528 if (set_cc) {
8529 gen_sbc_CC(tmp, tmp, tmp2);
8530 } else {
8531 gen_sub_carry(tmp, tmp, tmp2);
8532 }
8533 store_reg_bx(s, rd, tmp);
8534 break;
8535 case 0x07:
8536 if (set_cc) {
8537 gen_sbc_CC(tmp, tmp2, tmp);
8538 } else {
8539 gen_sub_carry(tmp, tmp2, tmp);
8540 }
8541 store_reg_bx(s, rd, tmp);
8542 break;
8543 case 0x08:
8544 if (set_cc) {
8545 tcg_gen_and_i32(tmp, tmp, tmp2);
8546 gen_logic_CC(tmp);
8547 }
8548 tcg_temp_free_i32(tmp);
8549 break;
8550 case 0x09:
8551 if (set_cc) {
8552 tcg_gen_xor_i32(tmp, tmp, tmp2);
8553 gen_logic_CC(tmp);
8554 }
8555 tcg_temp_free_i32(tmp);
8556 break;
8557 case 0x0a:
8558 if (set_cc) {
8559 gen_sub_CC(tmp, tmp, tmp2);
8560 }
8561 tcg_temp_free_i32(tmp);
8562 break;
8563 case 0x0b:
8564 if (set_cc) {
8565 gen_add_CC(tmp, tmp, tmp2);
8566 }
8567 tcg_temp_free_i32(tmp);
8568 break;
8569 case 0x0c:
8570 tcg_gen_or_i32(tmp, tmp, tmp2);
8571 if (logic_cc) {
8572 gen_logic_CC(tmp);
8573 }
8574 store_reg_bx(s, rd, tmp);
8575 break;
8576 case 0x0d:
8577 if (logic_cc && rd == 15) {
8578 /* MOVS r15, ... is used for exception return. */
8579 if (IS_USER(s)) {
8580 goto illegal_op;
8581 }
8582 gen_exception_return(s, tmp2);
8583 } else {
8584 if (logic_cc) {
8585 gen_logic_CC(tmp2);
8586 }
8587 store_reg_bx(s, rd, tmp2);
8588 }
8589 break;
8590 case 0x0e:
8591 tcg_gen_andc_i32(tmp, tmp, tmp2);
8592 if (logic_cc) {
8593 gen_logic_CC(tmp);
8594 }
8595 store_reg_bx(s, rd, tmp);
8596 break;
8597 default:
8598 case 0x0f:
8599 tcg_gen_not_i32(tmp2, tmp2);
8600 if (logic_cc) {
8601 gen_logic_CC(tmp2);
8602 }
8603 store_reg_bx(s, rd, tmp2);
8604 break;
8605 }
8606 if (op1 != 0x0f && op1 != 0x0d) {
8607 tcg_temp_free_i32(tmp2);
8608 }
8609 } else {
8610 /* other instructions */
8611 op1 = (insn >> 24) & 0xf;
8612 switch(op1) {
8613 case 0x0:
8614 case 0x1:
8615 /* multiplies, extra load/stores */
8616 sh = (insn >> 5) & 3;
8617 if (sh == 0) {
8618 if (op1 == 0x0) {
8619 rd = (insn >> 16) & 0xf;
8620 rn = (insn >> 12) & 0xf;
8621 rs = (insn >> 8) & 0xf;
8622 rm = (insn) & 0xf;
8623 op1 = (insn >> 20) & 0xf;
8624 switch (op1) {
8625 case 0: case 1: case 2: case 3: case 6:
8626 /* 32 bit mul */
8627 tmp = load_reg(s, rs);
8628 tmp2 = load_reg(s, rm);
8629 tcg_gen_mul_i32(tmp, tmp, tmp2);
8630 tcg_temp_free_i32(tmp2);
8631 if (insn & (1 << 22)) {
8632 /* Subtract (mls) */
8633 ARCH(6T2);
8634 tmp2 = load_reg(s, rn);
8635 tcg_gen_sub_i32(tmp, tmp2, tmp);
8636 tcg_temp_free_i32(tmp2);
8637 } else if (insn & (1 << 21)) {
8638 /* Add */
8639 tmp2 = load_reg(s, rn);
8640 tcg_gen_add_i32(tmp, tmp, tmp2);
8641 tcg_temp_free_i32(tmp2);
8642 }
8643 if (insn & (1 << 20))
8644 gen_logic_CC(tmp);
8645 store_reg(s, rd, tmp);
8646 break;
8647 case 4:
8648 /* 64 bit mul double accumulate (UMAAL) */
8649 ARCH(6);
8650 tmp = load_reg(s, rs);
8651 tmp2 = load_reg(s, rm);
8652 tmp64 = gen_mulu_i64_i32(tmp, tmp2);
8653 gen_addq_lo(s, tmp64, rn);
8654 gen_addq_lo(s, tmp64, rd);
8655 gen_storeq_reg(s, rn, rd, tmp64);
8656 tcg_temp_free_i64(tmp64);
8657 break;
8658 case 8: case 9: case 10: case 11:
8659 case 12: case 13: case 14: case 15:
8660 /* 64 bit mul: UMULL, UMLAL, SMULL, SMLAL. */
8661 tmp = load_reg(s, rs);
8662 tmp2 = load_reg(s, rm);
8663 if (insn & (1 << 22)) {
8664 tcg_gen_muls2_i32(tmp, tmp2, tmp, tmp2);
8665 } else {
8666 tcg_gen_mulu2_i32(tmp, tmp2, tmp, tmp2);
8667 }
8668 if (insn & (1 << 21)) { /* mult accumulate */
8669 TCGv_i32 al = load_reg(s, rn);
8670 TCGv_i32 ah = load_reg(s, rd);
8671 tcg_gen_add2_i32(tmp, tmp2, tmp, tmp2, al, ah);
8672 tcg_temp_free_i32(al);
8673 tcg_temp_free_i32(ah);
8674 }
8675 if (insn & (1 << 20)) {
8676 gen_logicq_cc(tmp, tmp2);
8677 }
8678 store_reg(s, rn, tmp);
8679 store_reg(s, rd, tmp2);
8680 break;
8681 default:
8682 goto illegal_op;
8683 }
8684 } else {
8685 rn = (insn >> 16) & 0xf;
8686 rd = (insn >> 12) & 0xf;
8687 if (insn & (1 << 23)) {
8688 /* load/store exclusive */
8689 int op2 = (insn >> 8) & 3;
8690 op1 = (insn >> 21) & 0x3;
8691
8692 switch (op2) {
8693 case 0: /* lda/stl */
8694 if (op1 == 1) {
8695 goto illegal_op;
8696 }
8697 ARCH(8);
8698 break;
8699 case 1: /* reserved */
8700 goto illegal_op;
8701 case 2: /* ldaex/stlex */
8702 ARCH(8);
8703 break;
8704 case 3: /* ldrex/strex */
8705 if (op1) {
8706 ARCH(6K);
8707 } else {
8708 ARCH(6);
8709 }
8710 break;
8711 }
8712
8713 addr = tcg_temp_local_new_i32();
8714 load_reg_var(s, addr, rn);
8715
8716 /* Since the emulation does not have barriers,
8717 the acquire/release semantics need no special
8718 handling */
8719 if (op2 == 0) {
8720 if (insn & (1 << 20)) {
8721 tmp = tcg_temp_new_i32();
8722 switch (op1) {
8723 case 0: /* lda */
8724 gen_aa32_ld32u(s, tmp, addr,
8725 get_mem_index(s));
8726 break;
8727 case 2: /* ldab */
8728 gen_aa32_ld8u(s, tmp, addr,
8729 get_mem_index(s));
8730 break;
8731 case 3: /* ldah */
8732 gen_aa32_ld16u(s, tmp, addr,
8733 get_mem_index(s));
8734 break;
8735 default:
8736 abort();
8737 }
8738 store_reg(s, rd, tmp);
8739 } else {
8740 rm = insn & 0xf;
8741 tmp = load_reg(s, rm);
8742 switch (op1) {
8743 case 0: /* stl */
8744 gen_aa32_st32(s, tmp, addr,
8745 get_mem_index(s));
8746 break;
8747 case 2: /* stlb */
8748 gen_aa32_st8(s, tmp, addr,
8749 get_mem_index(s));
8750 break;
8751 case 3: /* stlh */
8752 gen_aa32_st16(s, tmp, addr,
8753 get_mem_index(s));
8754 break;
8755 default:
8756 abort();
8757 }
8758 tcg_temp_free_i32(tmp);
8759 }
8760 } else if (insn & (1 << 20)) {
8761 switch (op1) {
8762 case 0: /* ldrex */
8763 gen_load_exclusive(s, rd, 15, addr, 2);
8764 break;
8765 case 1: /* ldrexd */
8766 gen_load_exclusive(s, rd, rd + 1, addr, 3);
8767 break;
8768 case 2: /* ldrexb */
8769 gen_load_exclusive(s, rd, 15, addr, 0);
8770 break;
8771 case 3: /* ldrexh */
8772 gen_load_exclusive(s, rd, 15, addr, 1);
8773 break;
8774 default:
8775 abort();
8776 }
8777 } else {
8778 rm = insn & 0xf;
8779 switch (op1) {
8780 case 0: /* strex */
8781 gen_store_exclusive(s, rd, rm, 15, addr, 2);
8782 break;
8783 case 1: /* strexd */
8784 gen_store_exclusive(s, rd, rm, rm + 1, addr, 3);
8785 break;
8786 case 2: /* strexb */
8787 gen_store_exclusive(s, rd, rm, 15, addr, 0);
8788 break;
8789 case 3: /* strexh */
8790 gen_store_exclusive(s, rd, rm, 15, addr, 1);
8791 break;
8792 default:
8793 abort();
8794 }
8795 }
8796 tcg_temp_free_i32(addr);
8797 } else {
8798 /* SWP instruction */
8799 rm = (insn) & 0xf;
8800
8801 /* ??? This is not really atomic. However we know
8802 we never have multiple CPUs running in parallel,
8803 so it is good enough. */
8804 addr = load_reg(s, rn);
8805 tmp = load_reg(s, rm);
8806 tmp2 = tcg_temp_new_i32();
8807 if (insn & (1 << 22)) {
8808 gen_aa32_ld8u(s, tmp2, addr, get_mem_index(s));
8809 gen_aa32_st8(s, tmp, addr, get_mem_index(s));
8810 } else {
8811 gen_aa32_ld32u(s, tmp2, addr, get_mem_index(s));
8812 gen_aa32_st32(s, tmp, addr, get_mem_index(s));
8813 }
8814 tcg_temp_free_i32(tmp);
8815 tcg_temp_free_i32(addr);
8816 store_reg(s, rd, tmp2);
8817 }
8818 }
8819 } else {
8820 int address_offset;
8821 bool load = insn & (1 << 20);
8822 bool doubleword = false;
8823 /* Misc load/store */
8824 rn = (insn >> 16) & 0xf;
8825 rd = (insn >> 12) & 0xf;
8826
8827 if (!load && (sh & 2)) {
8828 /* doubleword */
8829 ARCH(5TE);
8830 if (rd & 1) {
8831 /* UNPREDICTABLE; we choose to UNDEF */
8832 goto illegal_op;
8833 }
8834 load = (sh & 1) == 0;
8835 doubleword = true;
8836 }
8837
8838 addr = load_reg(s, rn);
8839 if (insn & (1 << 24))
8840 gen_add_datah_offset(s, insn, 0, addr);
8841 address_offset = 0;
8842
8843 if (doubleword) {
8844 if (!load) {
8845 /* store */
8846 tmp = load_reg(s, rd);
8847 gen_aa32_st32(s, tmp, addr, get_mem_index(s));
8848 tcg_temp_free_i32(tmp);
8849 tcg_gen_addi_i32(addr, addr, 4);
8850 tmp = load_reg(s, rd + 1);
8851 gen_aa32_st32(s, tmp, addr, get_mem_index(s));
8852 tcg_temp_free_i32(tmp);
8853 } else {
8854 /* load */
8855 tmp = tcg_temp_new_i32();
8856 gen_aa32_ld32u(s, tmp, addr, get_mem_index(s));
8857 store_reg(s, rd, tmp);
8858 tcg_gen_addi_i32(addr, addr, 4);
8859 tmp = tcg_temp_new_i32();
8860 gen_aa32_ld32u(s, tmp, addr, get_mem_index(s));
8861 rd++;
8862 }
8863 address_offset = -4;
8864 } else if (load) {
8865 /* load */
8866 tmp = tcg_temp_new_i32();
8867 switch (sh) {
8868 case 1:
8869 gen_aa32_ld16u(s, tmp, addr, get_mem_index(s));
8870 break;
8871 case 2:
8872 gen_aa32_ld8s(s, tmp, addr, get_mem_index(s));
8873 break;
8874 default:
8875 case 3:
8876 gen_aa32_ld16s(s, tmp, addr, get_mem_index(s));
8877 break;
8878 }
8879 } else {
8880 /* store */
8881 tmp = load_reg(s, rd);
8882 gen_aa32_st16(s, tmp, addr, get_mem_index(s));
8883 tcg_temp_free_i32(tmp);
8884 }
8885 /* Perform base writeback before the loaded value to
8886 ensure correct behavior with overlapping index registers.
8887 ldrd with base writeback is undefined if the
8888 destination and index registers overlap. */
8889 if (!(insn & (1 << 24))) {
8890 gen_add_datah_offset(s, insn, address_offset, addr);
8891 store_reg(s, rn, addr);
8892 } else if (insn & (1 << 21)) {
8893 if (address_offset)
8894 tcg_gen_addi_i32(addr, addr, address_offset);
8895 store_reg(s, rn, addr);
8896 } else {
8897 tcg_temp_free_i32(addr);
8898 }
8899 if (load) {
8900 /* Complete the load. */
8901 store_reg(s, rd, tmp);
8902 }
8903 }
8904 break;
8905 case 0x4:
8906 case 0x5:
8907 goto do_ldst;
8908 case 0x6:
8909 case 0x7:
8910 if (insn & (1 << 4)) {
8911 ARCH(6);
8912 /* Armv6 Media instructions. */
8913 rm = insn & 0xf;
8914 rn = (insn >> 16) & 0xf;
8915 rd = (insn >> 12) & 0xf;
8916 rs = (insn >> 8) & 0xf;
8917 switch ((insn >> 23) & 3) {
8918 case 0: /* Parallel add/subtract. */
8919 op1 = (insn >> 20) & 7;
8920 tmp = load_reg(s, rn);
8921 tmp2 = load_reg(s, rm);
8922 sh = (insn >> 5) & 7;
8923 if ((op1 & 3) == 0 || sh == 5 || sh == 6)
8924 goto illegal_op;
8925 gen_arm_parallel_addsub(op1, sh, tmp, tmp2);
8926 tcg_temp_free_i32(tmp2);
8927 store_reg(s, rd, tmp);
8928 break;
8929 case 1:
8930 if ((insn & 0x00700020) == 0) {
8931 /* Halfword pack. */
8932 tmp = load_reg(s, rn);
8933 tmp2 = load_reg(s, rm);
8934 shift = (insn >> 7) & 0x1f;
8935 if (insn & (1 << 6)) {
8936 /* pkhtb */
8937 if (shift == 0)
8938 shift = 31;
8939 tcg_gen_sari_i32(tmp2, tmp2, shift);
8940 tcg_gen_andi_i32(tmp, tmp, 0xffff0000);
8941 tcg_gen_ext16u_i32(tmp2, tmp2);
8942 } else {
8943 /* pkhbt */
8944 if (shift)
8945 tcg_gen_shli_i32(tmp2, tmp2, shift);
8946 tcg_gen_ext16u_i32(tmp, tmp);
8947 tcg_gen_andi_i32(tmp2, tmp2, 0xffff0000);
8948 }
8949 tcg_gen_or_i32(tmp, tmp, tmp2);
8950 tcg_temp_free_i32(tmp2);
8951 store_reg(s, rd, tmp);
8952 } else if ((insn & 0x00200020) == 0x00200000) {
8953 /* [us]sat */
8954 tmp = load_reg(s, rm);
8955 shift = (insn >> 7) & 0x1f;
8956 if (insn & (1 << 6)) {
8957 if (shift == 0)
8958 shift = 31;
8959 tcg_gen_sari_i32(tmp, tmp, shift);
8960 } else {
8961 tcg_gen_shli_i32(tmp, tmp, shift);
8962 }
8963 sh = (insn >> 16) & 0x1f;
8964 tmp2 = tcg_const_i32(sh);
8965 if (insn & (1 << 22))
8966 gen_helper_usat(tmp, cpu_env, tmp, tmp2);
8967 else
8968 gen_helper_ssat(tmp, cpu_env, tmp, tmp2);
8969 tcg_temp_free_i32(tmp2);
8970 store_reg(s, rd, tmp);
8971 } else if ((insn & 0x00300fe0) == 0x00200f20) {
8972 /* [us]sat16 */
8973 tmp = load_reg(s, rm);
8974 sh = (insn >> 16) & 0x1f;
8975 tmp2 = tcg_const_i32(sh);
8976 if (insn & (1 << 22))
8977 gen_helper_usat16(tmp, cpu_env, tmp, tmp2);
8978 else
8979 gen_helper_ssat16(tmp, cpu_env, tmp, tmp2);
8980 tcg_temp_free_i32(tmp2);
8981 store_reg(s, rd, tmp);
8982 } else if ((insn & 0x00700fe0) == 0x00000fa0) {
8983 /* Select bytes. */
8984 tmp = load_reg(s, rn);
8985 tmp2 = load_reg(s, rm);
8986 tmp3 = tcg_temp_new_i32();
8987 tcg_gen_ld_i32(tmp3, cpu_env, offsetof(CPUARMState, GE));
8988 gen_helper_sel_flags(tmp, tmp3, tmp, tmp2);
8989 tcg_temp_free_i32(tmp3);
8990 tcg_temp_free_i32(tmp2);
8991 store_reg(s, rd, tmp);
8992 } else if ((insn & 0x000003e0) == 0x00000060) {
8993 tmp = load_reg(s, rm);
8994 shift = (insn >> 10) & 3;
8995 /* ??? In many cases it's not necessary to do a
8996 rotate, a shift is sufficient. */
8997 if (shift != 0)
8998 tcg_gen_rotri_i32(tmp, tmp, shift * 8);
8999 op1 = (insn >> 20) & 7;
9000 switch (op1) {
9001 case 0: gen_sxtb16(tmp); break;
9002 case 2: gen_sxtb(tmp); break;
9003 case 3: gen_sxth(tmp); break;
9004 case 4: gen_uxtb16(tmp); break;
9005 case 6: gen_uxtb(tmp); break;
9006 case 7: gen_uxth(tmp); break;
9007 default: goto illegal_op;
9008 }
9009 if (rn != 15) {
9010 tmp2 = load_reg(s, rn);
9011 if ((op1 & 3) == 0) {
9012 gen_add16(tmp, tmp2);
9013 } else {
9014 tcg_gen_add_i32(tmp, tmp, tmp2);
9015 tcg_temp_free_i32(tmp2);
9016 }
9017 }
9018 store_reg(s, rd, tmp);
9019 } else if ((insn & 0x003f0f60) == 0x003f0f20) {
9020 /* rev */
9021 tmp = load_reg(s, rm);
9022 if (insn & (1 << 22)) {
9023 if (insn & (1 << 7)) {
9024 gen_revsh(tmp);
9025 } else {
9026 ARCH(6T2);
9027 gen_helper_rbit(tmp, tmp);
9028 }
9029 } else {
9030 if (insn & (1 << 7))
9031 gen_rev16(tmp);
9032 else
9033 tcg_gen_bswap32_i32(tmp, tmp);
9034 }
9035 store_reg(s, rd, tmp);
9036 } else {
9037 goto illegal_op;
9038 }
9039 break;
9040 case 2: /* Multiplies (Type 3). */
9041 switch ((insn >> 20) & 0x7) {
9042 case 5:
9043 if (((insn >> 6) ^ (insn >> 7)) & 1) {
9044 /* op2 not 00x or 11x : UNDEF */
9045 goto illegal_op;
9046 }
9047 /* Signed multiply most significant [accumulate].
9048 (SMMUL, SMMLA, SMMLS) */
9049 tmp = load_reg(s, rm);
9050 tmp2 = load_reg(s, rs);
9051 tmp64 = gen_muls_i64_i32(tmp, tmp2);
9052
9053 if (rd != 15) {
9054 tmp = load_reg(s, rd);
9055 if (insn & (1 << 6)) {
9056 tmp64 = gen_subq_msw(tmp64, tmp);
9057 } else {
9058 tmp64 = gen_addq_msw(tmp64, tmp);
9059 }
9060 }
9061 if (insn & (1 << 5)) {
9062 tcg_gen_addi_i64(tmp64, tmp64, 0x80000000u);
9063 }
9064 tcg_gen_shri_i64(tmp64, tmp64, 32);
9065 tmp = tcg_temp_new_i32();
9066 tcg_gen_extrl_i64_i32(tmp, tmp64);
9067 tcg_temp_free_i64(tmp64);
9068 store_reg(s, rn, tmp);
9069 break;
9070 case 0:
9071 case 4:
9072 /* SMLAD, SMUAD, SMLSD, SMUSD, SMLALD, SMLSLD */
9073 if (insn & (1 << 7)) {
9074 goto illegal_op;
9075 }
9076 tmp = load_reg(s, rm);
9077 tmp2 = load_reg(s, rs);
9078 if (insn & (1 << 5))
9079 gen_swap_half(tmp2);
9080 gen_smul_dual(tmp, tmp2);
9081 if (insn & (1 << 22)) {
9082 /* smlald, smlsld */
9083 TCGv_i64 tmp64_2;
9084
9085 tmp64 = tcg_temp_new_i64();
9086 tmp64_2 = tcg_temp_new_i64();
9087 tcg_gen_ext_i32_i64(tmp64, tmp);
9088 tcg_gen_ext_i32_i64(tmp64_2, tmp2);
9089 tcg_temp_free_i32(tmp);
9090 tcg_temp_free_i32(tmp2);
9091 if (insn & (1 << 6)) {
9092 tcg_gen_sub_i64(tmp64, tmp64, tmp64_2);
9093 } else {
9094 tcg_gen_add_i64(tmp64, tmp64, tmp64_2);
9095 }
9096 tcg_temp_free_i64(tmp64_2);
9097 gen_addq(s, tmp64, rd, rn);
9098 gen_storeq_reg(s, rd, rn, tmp64);
9099 tcg_temp_free_i64(tmp64);
9100 } else {
9101 /* smuad, smusd, smlad, smlsd */
9102 if (insn & (1 << 6)) {
9103 /* This subtraction cannot overflow. */
9104 tcg_gen_sub_i32(tmp, tmp, tmp2);
9105 } else {
9106 /* This addition cannot overflow 32 bits;
9107 * however it may overflow considered as a
9108 * signed operation, in which case we must set
9109 * the Q flag.
9110 */
9111 gen_helper_add_setq(tmp, cpu_env, tmp, tmp2);
9112 }
9113 tcg_temp_free_i32(tmp2);
9114 if (rd != 15)
9115 {
9116 tmp2 = load_reg(s, rd);
9117 gen_helper_add_setq(tmp, cpu_env, tmp, tmp2);
9118 tcg_temp_free_i32(tmp2);
9119 }
9120 store_reg(s, rn, tmp);
9121 }
9122 break;
9123 case 1:
9124 case 3:
9125 /* SDIV, UDIV */
9126 if (!arm_dc_feature(s, ARM_FEATURE_ARM_DIV)) {
9127 goto illegal_op;
9128 }
9129 if (((insn >> 5) & 7) || (rd != 15)) {
9130 goto illegal_op;
9131 }
9132 tmp = load_reg(s, rm);
9133 tmp2 = load_reg(s, rs);
9134 if (insn & (1 << 21)) {
9135 gen_helper_udiv(tmp, tmp, tmp2);
9136 } else {
9137 gen_helper_sdiv(tmp, tmp, tmp2);
9138 }
9139 tcg_temp_free_i32(tmp2);
9140 store_reg(s, rn, tmp);
9141 break;
9142 default:
9143 goto illegal_op;
9144 }
9145 break;
9146 case 3:
9147 op1 = ((insn >> 17) & 0x38) | ((insn >> 5) & 7);
9148 switch (op1) {
9149 case 0: /* Unsigned sum of absolute differences. */
9150 ARCH(6);
9151 tmp = load_reg(s, rm);
9152 tmp2 = load_reg(s, rs);
9153 gen_helper_usad8(tmp, tmp, tmp2);
9154 tcg_temp_free_i32(tmp2);
9155 if (rd != 15) {
9156 tmp2 = load_reg(s, rd);
9157 tcg_gen_add_i32(tmp, tmp, tmp2);
9158 tcg_temp_free_i32(tmp2);
9159 }
9160 store_reg(s, rn, tmp);
9161 break;
9162 case 0x20: case 0x24: case 0x28: case 0x2c:
9163 /* Bitfield insert/clear. */
9164 ARCH(6T2);
9165 shift = (insn >> 7) & 0x1f;
9166 i = (insn >> 16) & 0x1f;
9167 if (i < shift) {
9168 /* UNPREDICTABLE; we choose to UNDEF */
9169 goto illegal_op;
9170 }
9171 i = i + 1 - shift;
9172 if (rm == 15) {
9173 tmp = tcg_temp_new_i32();
9174 tcg_gen_movi_i32(tmp, 0);
9175 } else {
9176 tmp = load_reg(s, rm);
9177 }
9178 if (i != 32) {
9179 tmp2 = load_reg(s, rd);
9180 tcg_gen_deposit_i32(tmp, tmp2, tmp, shift, i);
9181 tcg_temp_free_i32(tmp2);
9182 }
9183 store_reg(s, rd, tmp);
9184 break;
9185 case 0x12: case 0x16: case 0x1a: case 0x1e: /* sbfx */
9186 case 0x32: case 0x36: case 0x3a: case 0x3e: /* ubfx */
9187 ARCH(6T2);
9188 tmp = load_reg(s, rm);
9189 shift = (insn >> 7) & 0x1f;
9190 i = ((insn >> 16) & 0x1f) + 1;
9191 if (shift + i > 32)
9192 goto illegal_op;
9193 if (i < 32) {
9194 if (op1 & 0x20) {
9195 gen_ubfx(tmp, shift, (1u << i) - 1);
9196 } else {
9197 gen_sbfx(tmp, shift, i);
9198 }
9199 }
9200 store_reg(s, rd, tmp);
9201 break;
9202 default:
9203 goto illegal_op;
9204 }
9205 break;
9206 }
9207 break;
9208 }
9209 do_ldst:
9210 /* Check for undefined extension instructions
9211 * per the ARM Bible IE:
9212 * xxxx 0111 1111 xxxx xxxx xxxx 1111 xxxx
9213 */
9214 sh = (0xf << 20) | (0xf << 4);
9215 if (op1 == 0x7 && ((insn & sh) == sh))
9216 {
9217 goto illegal_op;
9218 }
9219 /* load/store byte/word */
9220 rn = (insn >> 16) & 0xf;
9221 rd = (insn >> 12) & 0xf;
9222 tmp2 = load_reg(s, rn);
9223 if ((insn & 0x01200000) == 0x00200000) {
9224 /* ldrt/strt */
9225 i = get_a32_user_mem_index(s);
9226 } else {
9227 i = get_mem_index(s);
9228 }
9229 if (insn & (1 << 24))
9230 gen_add_data_offset(s, insn, tmp2);
9231 if (insn & (1 << 20)) {
9232 /* load */
9233 tmp = tcg_temp_new_i32();
9234 if (insn & (1 << 22)) {
9235 gen_aa32_ld8u(s, tmp, tmp2, i);
9236 } else {
9237 gen_aa32_ld32u(s, tmp, tmp2, i);
9238 }
9239 } else {
9240 /* store */
9241 tmp = load_reg(s, rd);
9242 if (insn & (1 << 22)) {
9243 gen_aa32_st8(s, tmp, tmp2, i);
9244 } else {
9245 gen_aa32_st32(s, tmp, tmp2, i);
9246 }
9247 tcg_temp_free_i32(tmp);
9248 }
9249 if (!(insn & (1 << 24))) {
9250 gen_add_data_offset(s, insn, tmp2);
9251 store_reg(s, rn, tmp2);
9252 } else if (insn & (1 << 21)) {
9253 store_reg(s, rn, tmp2);
9254 } else {
9255 tcg_temp_free_i32(tmp2);
9256 }
9257 if (insn & (1 << 20)) {
9258 /* Complete the load. */
9259 store_reg_from_load(s, rd, tmp);
9260 }
9261 break;
9262 case 0x08:
9263 case 0x09:
9264 {
9265 int j, n, loaded_base;
9266 bool exc_return = false;
9267 bool is_load = extract32(insn, 20, 1);
9268 bool user = false;
9269 TCGv_i32 loaded_var;
9270 /* load/store multiple words */
9271 /* XXX: store correct base if write back */
9272 if (insn & (1 << 22)) {
9273 /* LDM (user), LDM (exception return) and STM (user) */
9274 if (IS_USER(s))
9275 goto illegal_op; /* only usable in supervisor mode */
9276
9277 if (is_load && extract32(insn, 15, 1)) {
9278 exc_return = true;
9279 } else {
9280 user = true;
9281 }
9282 }
9283 rn = (insn >> 16) & 0xf;
9284 addr = load_reg(s, rn);
9285
9286 /* compute total size */
9287 loaded_base = 0;
9288 TCGV_UNUSED_I32(loaded_var);
9289 n = 0;
9290 for(i=0;i<16;i++) {
9291 if (insn & (1 << i))
9292 n++;
9293 }
9294 /* XXX: test invalid n == 0 case ? */
9295 if (insn & (1 << 23)) {
9296 if (insn & (1 << 24)) {
9297 /* pre increment */
9298 tcg_gen_addi_i32(addr, addr, 4);
9299 } else {
9300 /* post increment */
9301 }
9302 } else {
9303 if (insn & (1 << 24)) {
9304 /* pre decrement */
9305 tcg_gen_addi_i32(addr, addr, -(n * 4));
9306 } else {
9307 /* post decrement */
9308 if (n != 1)
9309 tcg_gen_addi_i32(addr, addr, -((n - 1) * 4));
9310 }
9311 }
9312 j = 0;
9313 for(i=0;i<16;i++) {
9314 if (insn & (1 << i)) {
9315 if (is_load) {
9316 /* load */
9317 tmp = tcg_temp_new_i32();
9318 gen_aa32_ld32u(s, tmp, addr, get_mem_index(s));
9319 if (user) {
9320 tmp2 = tcg_const_i32(i);
9321 gen_helper_set_user_reg(cpu_env, tmp2, tmp);
9322 tcg_temp_free_i32(tmp2);
9323 tcg_temp_free_i32(tmp);
9324 } else if (i == rn) {
9325 loaded_var = tmp;
9326 loaded_base = 1;
9327 } else {
9328 store_reg_from_load(s, i, tmp);
9329 }
9330 } else {
9331 /* store */
9332 if (i == 15) {
9333 /* special case: r15 = PC + 8 */
9334 val = (long)s->pc + 4;
9335 tmp = tcg_temp_new_i32();
9336 tcg_gen_movi_i32(tmp, val);
9337 } else if (user) {
9338 tmp = tcg_temp_new_i32();
9339 tmp2 = tcg_const_i32(i);
9340 gen_helper_get_user_reg(tmp, cpu_env, tmp2);
9341 tcg_temp_free_i32(tmp2);
9342 } else {
9343 tmp = load_reg(s, i);
9344 }
9345 gen_aa32_st32(s, tmp, addr, get_mem_index(s));
9346 tcg_temp_free_i32(tmp);
9347 }
9348 j++;
9349 /* no need to add after the last transfer */
9350 if (j != n)
9351 tcg_gen_addi_i32(addr, addr, 4);
9352 }
9353 }
9354 if (insn & (1 << 21)) {
9355 /* write back */
9356 if (insn & (1 << 23)) {
9357 if (insn & (1 << 24)) {
9358 /* pre increment */
9359 } else {
9360 /* post increment */
9361 tcg_gen_addi_i32(addr, addr, 4);
9362 }
9363 } else {
9364 if (insn & (1 << 24)) {
9365 /* pre decrement */
9366 if (n != 1)
9367 tcg_gen_addi_i32(addr, addr, -((n - 1) * 4));
9368 } else {
9369 /* post decrement */
9370 tcg_gen_addi_i32(addr, addr, -(n * 4));
9371 }
9372 }
9373 store_reg(s, rn, addr);
9374 } else {
9375 tcg_temp_free_i32(addr);
9376 }
9377 if (loaded_base) {
9378 store_reg(s, rn, loaded_var);
9379 }
9380 if (exc_return) {
9381 /* Restore CPSR from SPSR. */
9382 tmp = load_cpu_field(spsr);
9383 gen_helper_cpsr_write_eret(cpu_env, tmp);
9384 tcg_temp_free_i32(tmp);
9385 s->is_jmp = DISAS_JUMP;
9386 }
9387 }
9388 break;
9389 case 0xa:
9390 case 0xb:
9391 {
9392 int32_t offset;
9393
9394 /* branch (and link) */
9395 val = (int32_t)s->pc;
9396 if (insn & (1 << 24)) {
9397 tmp = tcg_temp_new_i32();
9398 tcg_gen_movi_i32(tmp, val);
9399 store_reg(s, 14, tmp);
9400 }
9401 offset = sextract32(insn << 2, 0, 26);
9402 val += offset + 4;
9403 gen_jmp(s, val);
9404 }
9405 break;
9406 case 0xc:
9407 case 0xd:
9408 case 0xe:
9409 if (((insn >> 8) & 0xe) == 10) {
9410 /* VFP. */
9411 if (disas_vfp_insn(s, insn)) {
9412 goto illegal_op;
9413 }
9414 } else if (disas_coproc_insn(s, insn)) {
9415 /* Coprocessor. */
9416 goto illegal_op;
9417 }
9418 break;
9419 case 0xf:
9420 /* swi */
9421 gen_set_pc_im(s, s->pc);
9422 s->svc_imm = extract32(insn, 0, 24);
9423 s->is_jmp = DISAS_SWI;
9424 break;
9425 default:
9426 illegal_op:
9427 gen_exception_insn(s, 4, EXCP_UDEF, syn_uncategorized(),
9428 default_exception_el(s));
9429 break;
9430 }
9431 }
9432 }
9433
9434 /* Return true if this is a Thumb-2 logical op. */
9435 static int
9436 thumb2_logic_op(int op)
9437 {
9438 return (op < 8);
9439 }
9440
9441 /* Generate code for a Thumb-2 data processing operation. If CONDS is nonzero
9442 then set condition code flags based on the result of the operation.
9443 If SHIFTER_OUT is nonzero then set the carry flag for logical operations
9444 to the high bit of T1.
9445 Returns zero if the opcode is valid. */
9446
9447 static int
9448 gen_thumb2_data_op(DisasContext *s, int op, int conds, uint32_t shifter_out,
9449 TCGv_i32 t0, TCGv_i32 t1)
9450 {
9451 int logic_cc;
9452
9453 logic_cc = 0;
9454 switch (op) {
9455 case 0: /* and */
9456 tcg_gen_and_i32(t0, t0, t1);
9457 logic_cc = conds;
9458 break;
9459 case 1: /* bic */
9460 tcg_gen_andc_i32(t0, t0, t1);
9461 logic_cc = conds;
9462 break;
9463 case 2: /* orr */
9464 tcg_gen_or_i32(t0, t0, t1);
9465 logic_cc = conds;
9466 break;
9467 case 3: /* orn */
9468 tcg_gen_orc_i32(t0, t0, t1);
9469 logic_cc = conds;
9470 break;
9471 case 4: /* eor */
9472 tcg_gen_xor_i32(t0, t0, t1);
9473 logic_cc = conds;
9474 break;
9475 case 8: /* add */
9476 if (conds)
9477 gen_add_CC(t0, t0, t1);
9478 else
9479 tcg_gen_add_i32(t0, t0, t1);
9480 break;
9481 case 10: /* adc */
9482 if (conds)
9483 gen_adc_CC(t0, t0, t1);
9484 else
9485 gen_adc(t0, t1);
9486 break;
9487 case 11: /* sbc */
9488 if (conds) {
9489 gen_sbc_CC(t0, t0, t1);
9490 } else {
9491 gen_sub_carry(t0, t0, t1);
9492 }
9493 break;
9494 case 13: /* sub */
9495 if (conds)
9496 gen_sub_CC(t0, t0, t1);
9497 else
9498 tcg_gen_sub_i32(t0, t0, t1);
9499 break;
9500 case 14: /* rsb */
9501 if (conds)
9502 gen_sub_CC(t0, t1, t0);
9503 else
9504 tcg_gen_sub_i32(t0, t1, t0);
9505 break;
9506 default: /* 5, 6, 7, 9, 12, 15. */
9507 return 1;
9508 }
9509 if (logic_cc) {
9510 gen_logic_CC(t0);
9511 if (shifter_out)
9512 gen_set_CF_bit31(t1);
9513 }
9514 return 0;
9515 }
9516
9517 /* Translate a 32-bit thumb instruction. Returns nonzero if the instruction
9518 is not legal. */
9519 static int disas_thumb2_insn(CPUARMState *env, DisasContext *s, uint16_t insn_hw1)
9520 {
9521 uint32_t insn, imm, shift, offset;
9522 uint32_t rd, rn, rm, rs;
9523 TCGv_i32 tmp;
9524 TCGv_i32 tmp2;
9525 TCGv_i32 tmp3;
9526 TCGv_i32 addr;
9527 TCGv_i64 tmp64;
9528 int op;
9529 int shiftop;
9530 int conds;
9531 int logic_cc;
9532
9533 if (!(arm_dc_feature(s, ARM_FEATURE_THUMB2)
9534 || arm_dc_feature(s, ARM_FEATURE_M))) {
9535 /* Thumb-1 cores may need to treat bl and blx as a pair of
9536 16-bit instructions to get correct prefetch abort behavior. */
9537 insn = insn_hw1;
9538 if ((insn & (1 << 12)) == 0) {
9539 ARCH(5);
9540 /* Second half of blx. */
9541 offset = ((insn & 0x7ff) << 1);
9542 tmp = load_reg(s, 14);
9543 tcg_gen_addi_i32(tmp, tmp, offset);
9544 tcg_gen_andi_i32(tmp, tmp, 0xfffffffc);
9545
9546 tmp2 = tcg_temp_new_i32();
9547 tcg_gen_movi_i32(tmp2, s->pc | 1);
9548 store_reg(s, 14, tmp2);
9549 gen_bx(s, tmp);
9550 return 0;
9551 }
9552 if (insn & (1 << 11)) {
9553 /* Second half of bl. */
9554 offset = ((insn & 0x7ff) << 1) | 1;
9555 tmp = load_reg(s, 14);
9556 tcg_gen_addi_i32(tmp, tmp, offset);
9557
9558 tmp2 = tcg_temp_new_i32();
9559 tcg_gen_movi_i32(tmp2, s->pc | 1);
9560 store_reg(s, 14, tmp2);
9561 gen_bx(s, tmp);
9562 return 0;
9563 }
9564 if ((s->pc & ~TARGET_PAGE_MASK) == 0) {
9565 /* Instruction spans a page boundary. Implement it as two
9566 16-bit instructions in case the second half causes an
9567 prefetch abort. */
9568 offset = ((int32_t)insn << 21) >> 9;
9569 tcg_gen_movi_i32(cpu_R[14], s->pc + 2 + offset);
9570 return 0;
9571 }
9572 /* Fall through to 32-bit decode. */
9573 }
9574
9575 insn = arm_lduw_code(env, s->pc, s->sctlr_b);
9576 s->pc += 2;
9577 insn |= (uint32_t)insn_hw1 << 16;
9578
9579 if ((insn & 0xf800e800) != 0xf000e800) {
9580 ARCH(6T2);
9581 }
9582
9583 rn = (insn >> 16) & 0xf;
9584 rs = (insn >> 12) & 0xf;
9585 rd = (insn >> 8) & 0xf;
9586 rm = insn & 0xf;
9587 switch ((insn >> 25) & 0xf) {
9588 case 0: case 1: case 2: case 3:
9589 /* 16-bit instructions. Should never happen. */
9590 abort();
9591 case 4:
9592 if (insn & (1 << 22)) {
9593 /* Other load/store, table branch. */
9594 if (insn & 0x01200000) {
9595 /* Load/store doubleword. */
9596 if (rn == 15) {
9597 addr = tcg_temp_new_i32();
9598 tcg_gen_movi_i32(addr, s->pc & ~3);
9599 } else {
9600 addr = load_reg(s, rn);
9601 }
9602 offset = (insn & 0xff) * 4;
9603 if ((insn & (1 << 23)) == 0)
9604 offset = -offset;
9605 if (insn & (1 << 24)) {
9606 tcg_gen_addi_i32(addr, addr, offset);
9607 offset = 0;
9608 }
9609 if (insn & (1 << 20)) {
9610 /* ldrd */
9611 tmp = tcg_temp_new_i32();
9612 gen_aa32_ld32u(s, tmp, addr, get_mem_index(s));
9613 store_reg(s, rs, tmp);
9614 tcg_gen_addi_i32(addr, addr, 4);
9615 tmp = tcg_temp_new_i32();
9616 gen_aa32_ld32u(s, tmp, addr, get_mem_index(s));
9617 store_reg(s, rd, tmp);
9618 } else {
9619 /* strd */
9620 tmp = load_reg(s, rs);
9621 gen_aa32_st32(s, tmp, addr, get_mem_index(s));
9622 tcg_temp_free_i32(tmp);
9623 tcg_gen_addi_i32(addr, addr, 4);
9624 tmp = load_reg(s, rd);
9625 gen_aa32_st32(s, tmp, addr, get_mem_index(s));
9626 tcg_temp_free_i32(tmp);
9627 }
9628 if (insn & (1 << 21)) {
9629 /* Base writeback. */
9630 if (rn == 15)
9631 goto illegal_op;
9632 tcg_gen_addi_i32(addr, addr, offset - 4);
9633 store_reg(s, rn, addr);
9634 } else {
9635 tcg_temp_free_i32(addr);
9636 }
9637 } else if ((insn & (1 << 23)) == 0) {
9638 /* Load/store exclusive word. */
9639 addr = tcg_temp_local_new_i32();
9640 load_reg_var(s, addr, rn);
9641 tcg_gen_addi_i32(addr, addr, (insn & 0xff) << 2);
9642 if (insn & (1 << 20)) {
9643 gen_load_exclusive(s, rs, 15, addr, 2);
9644 } else {
9645 gen_store_exclusive(s, rd, rs, 15, addr, 2);
9646 }
9647 tcg_temp_free_i32(addr);
9648 } else if ((insn & (7 << 5)) == 0) {
9649 /* Table Branch. */
9650 if (rn == 15) {
9651 addr = tcg_temp_new_i32();
9652 tcg_gen_movi_i32(addr, s->pc);
9653 } else {
9654 addr = load_reg(s, rn);
9655 }
9656 tmp = load_reg(s, rm);
9657 tcg_gen_add_i32(addr, addr, tmp);
9658 if (insn & (1 << 4)) {
9659 /* tbh */
9660 tcg_gen_add_i32(addr, addr, tmp);
9661 tcg_temp_free_i32(tmp);
9662 tmp = tcg_temp_new_i32();
9663 gen_aa32_ld16u(s, tmp, addr, get_mem_index(s));
9664 } else { /* tbb */
9665 tcg_temp_free_i32(tmp);
9666 tmp = tcg_temp_new_i32();
9667 gen_aa32_ld8u(s, tmp, addr, get_mem_index(s));
9668 }
9669 tcg_temp_free_i32(addr);
9670 tcg_gen_shli_i32(tmp, tmp, 1);
9671 tcg_gen_addi_i32(tmp, tmp, s->pc);
9672 store_reg(s, 15, tmp);
9673 } else {
9674 int op2 = (insn >> 6) & 0x3;
9675 op = (insn >> 4) & 0x3;
9676 switch (op2) {
9677 case 0:
9678 goto illegal_op;
9679 case 1:
9680 /* Load/store exclusive byte/halfword/doubleword */
9681 if (op == 2) {
9682 goto illegal_op;
9683 }
9684 ARCH(7);
9685 break;
9686 case 2:
9687 /* Load-acquire/store-release */
9688 if (op == 3) {
9689 goto illegal_op;
9690 }
9691 /* Fall through */
9692 case 3:
9693 /* Load-acquire/store-release exclusive */
9694 ARCH(8);
9695 break;
9696 }
9697 addr = tcg_temp_local_new_i32();
9698 load_reg_var(s, addr, rn);
9699 if (!(op2 & 1)) {
9700 if (insn & (1 << 20)) {
9701 tmp = tcg_temp_new_i32();
9702 switch (op) {
9703 case 0: /* ldab */
9704 gen_aa32_ld8u(s, tmp, addr, get_mem_index(s));
9705 break;
9706 case 1: /* ldah */
9707 gen_aa32_ld16u(s, tmp, addr, get_mem_index(s));
9708 break;
9709 case 2: /* lda */
9710 gen_aa32_ld32u(s, tmp, addr, get_mem_index(s));
9711 break;
9712 default:
9713 abort();
9714 }
9715 store_reg(s, rs, tmp);
9716 } else {
9717 tmp = load_reg(s, rs);
9718 switch (op) {
9719 case 0: /* stlb */
9720 gen_aa32_st8(s, tmp, addr, get_mem_index(s));
9721 break;
9722 case 1: /* stlh */
9723 gen_aa32_st16(s, tmp, addr, get_mem_index(s));
9724 break;
9725 case 2: /* stl */
9726 gen_aa32_st32(s, tmp, addr, get_mem_index(s));
9727 break;
9728 default:
9729 abort();
9730 }
9731 tcg_temp_free_i32(tmp);
9732 }
9733 } else if (insn & (1 << 20)) {
9734 gen_load_exclusive(s, rs, rd, addr, op);
9735 } else {
9736 gen_store_exclusive(s, rm, rs, rd, addr, op);
9737 }
9738 tcg_temp_free_i32(addr);
9739 }
9740 } else {
9741 /* Load/store multiple, RFE, SRS. */
9742 if (((insn >> 23) & 1) == ((insn >> 24) & 1)) {
9743 /* RFE, SRS: not available in user mode or on M profile */
9744 if (IS_USER(s) || arm_dc_feature(s, ARM_FEATURE_M)) {
9745 goto illegal_op;
9746 }
9747 if (insn & (1 << 20)) {
9748 /* rfe */
9749 addr = load_reg(s, rn);
9750 if ((insn & (1 << 24)) == 0)
9751 tcg_gen_addi_i32(addr, addr, -8);
9752 /* Load PC into tmp and CPSR into tmp2. */
9753 tmp = tcg_temp_new_i32();
9754 gen_aa32_ld32u(s, tmp, addr, get_mem_index(s));
9755 tcg_gen_addi_i32(addr, addr, 4);
9756 tmp2 = tcg_temp_new_i32();
9757 gen_aa32_ld32u(s, tmp2, addr, get_mem_index(s));
9758 if (insn & (1 << 21)) {
9759 /* Base writeback. */
9760 if (insn & (1 << 24)) {
9761 tcg_gen_addi_i32(addr, addr, 4);
9762 } else {
9763 tcg_gen_addi_i32(addr, addr, -4);
9764 }
9765 store_reg(s, rn, addr);
9766 } else {
9767 tcg_temp_free_i32(addr);
9768 }
9769 gen_rfe(s, tmp, tmp2);
9770 } else {
9771 /* srs */
9772 gen_srs(s, (insn & 0x1f), (insn & (1 << 24)) ? 1 : 2,
9773 insn & (1 << 21));
9774 }
9775 } else {
9776 int i, loaded_base = 0;
9777 TCGv_i32 loaded_var;
9778 /* Load/store multiple. */
9779 addr = load_reg(s, rn);
9780 offset = 0;
9781 for (i = 0; i < 16; i++) {
9782 if (insn & (1 << i))
9783 offset += 4;
9784 }
9785 if (insn & (1 << 24)) {
9786 tcg_gen_addi_i32(addr, addr, -offset);
9787 }
9788
9789 TCGV_UNUSED_I32(loaded_var);
9790 for (i = 0; i < 16; i++) {
9791 if ((insn & (1 << i)) == 0)
9792 continue;
9793 if (insn & (1 << 20)) {
9794 /* Load. */
9795 tmp = tcg_temp_new_i32();
9796 gen_aa32_ld32u(s, tmp, addr, get_mem_index(s));
9797 if (i == 15) {
9798 gen_bx(s, tmp);
9799 } else if (i == rn) {
9800 loaded_var = tmp;
9801 loaded_base = 1;
9802 } else {
9803 store_reg(s, i, tmp);
9804 }
9805 } else {
9806 /* Store. */
9807 tmp = load_reg(s, i);
9808 gen_aa32_st32(s, tmp, addr, get_mem_index(s));
9809 tcg_temp_free_i32(tmp);
9810 }
9811 tcg_gen_addi_i32(addr, addr, 4);
9812 }
9813 if (loaded_base) {
9814 store_reg(s, rn, loaded_var);
9815 }
9816 if (insn & (1 << 21)) {
9817 /* Base register writeback. */
9818 if (insn & (1 << 24)) {
9819 tcg_gen_addi_i32(addr, addr, -offset);
9820 }
9821 /* Fault if writeback register is in register list. */
9822 if (insn & (1 << rn))
9823 goto illegal_op;
9824 store_reg(s, rn, addr);
9825 } else {
9826 tcg_temp_free_i32(addr);
9827 }
9828 }
9829 }
9830 break;
9831 case 5:
9832
9833 op = (insn >> 21) & 0xf;
9834 if (op == 6) {
9835 if (!arm_dc_feature(s, ARM_FEATURE_THUMB_DSP)) {
9836 goto illegal_op;
9837 }
9838 /* Halfword pack. */
9839 tmp = load_reg(s, rn);
9840 tmp2 = load_reg(s, rm);
9841 shift = ((insn >> 10) & 0x1c) | ((insn >> 6) & 0x3);
9842 if (insn & (1 << 5)) {
9843 /* pkhtb */
9844 if (shift == 0)
9845 shift = 31;
9846 tcg_gen_sari_i32(tmp2, tmp2, shift);
9847 tcg_gen_andi_i32(tmp, tmp, 0xffff0000);
9848 tcg_gen_ext16u_i32(tmp2, tmp2);
9849 } else {
9850 /* pkhbt */
9851 if (shift)
9852 tcg_gen_shli_i32(tmp2, tmp2, shift);
9853 tcg_gen_ext16u_i32(tmp, tmp);
9854 tcg_gen_andi_i32(tmp2, tmp2, 0xffff0000);
9855 }
9856 tcg_gen_or_i32(tmp, tmp, tmp2);
9857 tcg_temp_free_i32(tmp2);
9858 store_reg(s, rd, tmp);
9859 } else {
9860 /* Data processing register constant shift. */
9861 if (rn == 15) {
9862 tmp = tcg_temp_new_i32();
9863 tcg_gen_movi_i32(tmp, 0);
9864 } else {
9865 tmp = load_reg(s, rn);
9866 }
9867 tmp2 = load_reg(s, rm);
9868
9869 shiftop = (insn >> 4) & 3;
9870 shift = ((insn >> 6) & 3) | ((insn >> 10) & 0x1c);
9871 conds = (insn & (1 << 20)) != 0;
9872 logic_cc = (conds && thumb2_logic_op(op));
9873 gen_arm_shift_im(tmp2, shiftop, shift, logic_cc);
9874 if (gen_thumb2_data_op(s, op, conds, 0, tmp, tmp2))
9875 goto illegal_op;
9876 tcg_temp_free_i32(tmp2);
9877 if (rd != 15) {
9878 store_reg(s, rd, tmp);
9879 } else {
9880 tcg_temp_free_i32(tmp);
9881 }
9882 }
9883 break;
9884 case 13: /* Misc data processing. */
9885 op = ((insn >> 22) & 6) | ((insn >> 7) & 1);
9886 if (op < 4 && (insn & 0xf000) != 0xf000)
9887 goto illegal_op;
9888 switch (op) {
9889 case 0: /* Register controlled shift. */
9890 tmp = load_reg(s, rn);
9891 tmp2 = load_reg(s, rm);
9892 if ((insn & 0x70) != 0)
9893 goto illegal_op;
9894 op = (insn >> 21) & 3;
9895 logic_cc = (insn & (1 << 20)) != 0;
9896 gen_arm_shift_reg(tmp, op, tmp2, logic_cc);
9897 if (logic_cc)
9898 gen_logic_CC(tmp);
9899 store_reg_bx(s, rd, tmp);
9900 break;
9901 case 1: /* Sign/zero extend. */
9902 op = (insn >> 20) & 7;
9903 switch (op) {
9904 case 0: /* SXTAH, SXTH */
9905 case 1: /* UXTAH, UXTH */
9906 case 4: /* SXTAB, SXTB */
9907 case 5: /* UXTAB, UXTB */
9908 break;
9909 case 2: /* SXTAB16, SXTB16 */
9910 case 3: /* UXTAB16, UXTB16 */
9911 if (!arm_dc_feature(s, ARM_FEATURE_THUMB_DSP)) {
9912 goto illegal_op;
9913 }
9914 break;
9915 default:
9916 goto illegal_op;
9917 }
9918 if (rn != 15) {
9919 if (!arm_dc_feature(s, ARM_FEATURE_THUMB_DSP)) {
9920 goto illegal_op;
9921 }
9922 }
9923 tmp = load_reg(s, rm);
9924 shift = (insn >> 4) & 3;
9925 /* ??? In many cases it's not necessary to do a
9926 rotate, a shift is sufficient. */
9927 if (shift != 0)
9928 tcg_gen_rotri_i32(tmp, tmp, shift * 8);
9929 op = (insn >> 20) & 7;
9930 switch (op) {
9931 case 0: gen_sxth(tmp); break;
9932 case 1: gen_uxth(tmp); break;
9933 case 2: gen_sxtb16(tmp); break;
9934 case 3: gen_uxtb16(tmp); break;
9935 case 4: gen_sxtb(tmp); break;
9936 case 5: gen_uxtb(tmp); break;
9937 default:
9938 g_assert_not_reached();
9939 }
9940 if (rn != 15) {
9941 tmp2 = load_reg(s, rn);
9942 if ((op >> 1) == 1) {
9943 gen_add16(tmp, tmp2);
9944 } else {
9945 tcg_gen_add_i32(tmp, tmp, tmp2);
9946 tcg_temp_free_i32(tmp2);
9947 }
9948 }
9949 store_reg(s, rd, tmp);
9950 break;
9951 case 2: /* SIMD add/subtract. */
9952 if (!arm_dc_feature(s, ARM_FEATURE_THUMB_DSP)) {
9953 goto illegal_op;
9954 }
9955 op = (insn >> 20) & 7;
9956 shift = (insn >> 4) & 7;
9957 if ((op & 3) == 3 || (shift & 3) == 3)
9958 goto illegal_op;
9959 tmp = load_reg(s, rn);
9960 tmp2 = load_reg(s, rm);
9961 gen_thumb2_parallel_addsub(op, shift, tmp, tmp2);
9962 tcg_temp_free_i32(tmp2);
9963 store_reg(s, rd, tmp);
9964 break;
9965 case 3: /* Other data processing. */
9966 op = ((insn >> 17) & 0x38) | ((insn >> 4) & 7);
9967 if (op < 4) {
9968 /* Saturating add/subtract. */
9969 if (!arm_dc_feature(s, ARM_FEATURE_THUMB_DSP)) {
9970 goto illegal_op;
9971 }
9972 tmp = load_reg(s, rn);
9973 tmp2 = load_reg(s, rm);
9974 if (op & 1)
9975 gen_helper_double_saturate(tmp, cpu_env, tmp);
9976 if (op & 2)
9977 gen_helper_sub_saturate(tmp, cpu_env, tmp2, tmp);
9978 else
9979 gen_helper_add_saturate(tmp, cpu_env, tmp, tmp2);
9980 tcg_temp_free_i32(tmp2);
9981 } else {
9982 switch (op) {
9983 case 0x0a: /* rbit */
9984 case 0x08: /* rev */
9985 case 0x09: /* rev16 */
9986 case 0x0b: /* revsh */
9987 case 0x18: /* clz */
9988 break;
9989 case 0x10: /* sel */
9990 if (!arm_dc_feature(s, ARM_FEATURE_THUMB_DSP)) {
9991 goto illegal_op;
9992 }
9993 break;
9994 case 0x20: /* crc32/crc32c */
9995 case 0x21:
9996 case 0x22:
9997 case 0x28:
9998 case 0x29:
9999 case 0x2a:
10000 if (!arm_dc_feature(s, ARM_FEATURE_CRC)) {
10001 goto illegal_op;
10002 }
10003 break;
10004 default:
10005 goto illegal_op;
10006 }
10007 tmp = load_reg(s, rn);
10008 switch (op) {
10009 case 0x0a: /* rbit */
10010 gen_helper_rbit(tmp, tmp);
10011 break;
10012 case 0x08: /* rev */
10013 tcg_gen_bswap32_i32(tmp, tmp);
10014 break;
10015 case 0x09: /* rev16 */
10016 gen_rev16(tmp);
10017 break;
10018 case 0x0b: /* revsh */
10019 gen_revsh(tmp);
10020 break;
10021 case 0x10: /* sel */
10022 tmp2 = load_reg(s, rm);
10023 tmp3 = tcg_temp_new_i32();
10024 tcg_gen_ld_i32(tmp3, cpu_env, offsetof(CPUARMState, GE));
10025 gen_helper_sel_flags(tmp, tmp3, tmp, tmp2);
10026 tcg_temp_free_i32(tmp3);
10027 tcg_temp_free_i32(tmp2);
10028 break;
10029 case 0x18: /* clz */
10030 gen_helper_clz(tmp, tmp);
10031 break;
10032 case 0x20:
10033 case 0x21:
10034 case 0x22:
10035 case 0x28:
10036 case 0x29:
10037 case 0x2a:
10038 {
10039 /* crc32/crc32c */
10040 uint32_t sz = op & 0x3;
10041 uint32_t c = op & 0x8;
10042
10043 tmp2 = load_reg(s, rm);
10044 if (sz == 0) {
10045 tcg_gen_andi_i32(tmp2, tmp2, 0xff);
10046 } else if (sz == 1) {
10047 tcg_gen_andi_i32(tmp2, tmp2, 0xffff);
10048 }
10049 tmp3 = tcg_const_i32(1 << sz);
10050 if (c) {
10051 gen_helper_crc32c(tmp, tmp, tmp2, tmp3);
10052 } else {
10053 gen_helper_crc32(tmp, tmp, tmp2, tmp3);
10054 }
10055 tcg_temp_free_i32(tmp2);
10056 tcg_temp_free_i32(tmp3);
10057 break;
10058 }
10059 default:
10060 g_assert_not_reached();
10061 }
10062 }
10063 store_reg(s, rd, tmp);
10064 break;
10065 case 4: case 5: /* 32-bit multiply. Sum of absolute differences. */
10066 switch ((insn >> 20) & 7) {
10067 case 0: /* 32 x 32 -> 32 */
10068 case 7: /* Unsigned sum of absolute differences. */
10069 break;
10070 case 1: /* 16 x 16 -> 32 */
10071 case 2: /* Dual multiply add. */
10072 case 3: /* 32 * 16 -> 32msb */
10073 case 4: /* Dual multiply subtract. */
10074 case 5: case 6: /* 32 * 32 -> 32msb (SMMUL, SMMLA, SMMLS) */
10075 if (!arm_dc_feature(s, ARM_FEATURE_THUMB_DSP)) {
10076 goto illegal_op;
10077 }
10078 break;
10079 }
10080 op = (insn >> 4) & 0xf;
10081 tmp = load_reg(s, rn);
10082 tmp2 = load_reg(s, rm);
10083 switch ((insn >> 20) & 7) {
10084 case 0: /* 32 x 32 -> 32 */
10085 tcg_gen_mul_i32(tmp, tmp, tmp2);
10086 tcg_temp_free_i32(tmp2);
10087 if (rs != 15) {
10088 tmp2 = load_reg(s, rs);
10089 if (op)
10090 tcg_gen_sub_i32(tmp, tmp2, tmp);
10091 else
10092 tcg_gen_add_i32(tmp, tmp, tmp2);
10093 tcg_temp_free_i32(tmp2);
10094 }
10095 break;
10096 case 1: /* 16 x 16 -> 32 */
10097 gen_mulxy(tmp, tmp2, op & 2, op & 1);
10098 tcg_temp_free_i32(tmp2);
10099 if (rs != 15) {
10100 tmp2 = load_reg(s, rs);
10101 gen_helper_add_setq(tmp, cpu_env, tmp, tmp2);
10102 tcg_temp_free_i32(tmp2);
10103 }
10104 break;
10105 case 2: /* Dual multiply add. */
10106 case 4: /* Dual multiply subtract. */
10107 if (op)
10108 gen_swap_half(tmp2);
10109 gen_smul_dual(tmp, tmp2);
10110 if (insn & (1 << 22)) {
10111 /* This subtraction cannot overflow. */
10112 tcg_gen_sub_i32(tmp, tmp, tmp2);
10113 } else {
10114 /* This addition cannot overflow 32 bits;
10115 * however it may overflow considered as a signed
10116 * operation, in which case we must set the Q flag.
10117 */
10118 gen_helper_add_setq(tmp, cpu_env, tmp, tmp2);
10119 }
10120 tcg_temp_free_i32(tmp2);
10121 if (rs != 15)
10122 {
10123 tmp2 = load_reg(s, rs);
10124 gen_helper_add_setq(tmp, cpu_env, tmp, tmp2);
10125 tcg_temp_free_i32(tmp2);
10126 }
10127 break;
10128 case 3: /* 32 * 16 -> 32msb */
10129 if (op)
10130 tcg_gen_sari_i32(tmp2, tmp2, 16);
10131 else
10132 gen_sxth(tmp2);
10133 tmp64 = gen_muls_i64_i32(tmp, tmp2);
10134 tcg_gen_shri_i64(tmp64, tmp64, 16);
10135 tmp = tcg_temp_new_i32();
10136 tcg_gen_extrl_i64_i32(tmp, tmp64);
10137 tcg_temp_free_i64(tmp64);
10138 if (rs != 15)
10139 {
10140 tmp2 = load_reg(s, rs);
10141 gen_helper_add_setq(tmp, cpu_env, tmp, tmp2);
10142 tcg_temp_free_i32(tmp2);
10143 }
10144 break;
10145 case 5: case 6: /* 32 * 32 -> 32msb (SMMUL, SMMLA, SMMLS) */
10146 tmp64 = gen_muls_i64_i32(tmp, tmp2);
10147 if (rs != 15) {
10148 tmp = load_reg(s, rs);
10149 if (insn & (1 << 20)) {
10150 tmp64 = gen_addq_msw(tmp64, tmp);
10151 } else {
10152 tmp64 = gen_subq_msw(tmp64, tmp);
10153 }
10154 }
10155 if (insn & (1 << 4)) {
10156 tcg_gen_addi_i64(tmp64, tmp64, 0x80000000u);
10157 }
10158 tcg_gen_shri_i64(tmp64, tmp64, 32);
10159 tmp = tcg_temp_new_i32();
10160 tcg_gen_extrl_i64_i32(tmp, tmp64);
10161 tcg_temp_free_i64(tmp64);
10162 break;
10163 case 7: /* Unsigned sum of absolute differences. */
10164 gen_helper_usad8(tmp, tmp, tmp2);
10165 tcg_temp_free_i32(tmp2);
10166 if (rs != 15) {
10167 tmp2 = load_reg(s, rs);
10168 tcg_gen_add_i32(tmp, tmp, tmp2);
10169 tcg_temp_free_i32(tmp2);
10170 }
10171 break;
10172 }
10173 store_reg(s, rd, tmp);
10174 break;
10175 case 6: case 7: /* 64-bit multiply, Divide. */
10176 op = ((insn >> 4) & 0xf) | ((insn >> 16) & 0x70);
10177 tmp = load_reg(s, rn);
10178 tmp2 = load_reg(s, rm);
10179 if ((op & 0x50) == 0x10) {
10180 /* sdiv, udiv */
10181 if (!arm_dc_feature(s, ARM_FEATURE_THUMB_DIV)) {
10182 goto illegal_op;
10183 }
10184 if (op & 0x20)
10185 gen_helper_udiv(tmp, tmp, tmp2);
10186 else
10187 gen_helper_sdiv(tmp, tmp, tmp2);
10188 tcg_temp_free_i32(tmp2);
10189 store_reg(s, rd, tmp);
10190 } else if ((op & 0xe) == 0xc) {
10191 /* Dual multiply accumulate long. */
10192 if (!arm_dc_feature(s, ARM_FEATURE_THUMB_DSP)) {
10193 tcg_temp_free_i32(tmp);
10194 tcg_temp_free_i32(tmp2);
10195 goto illegal_op;
10196 }
10197 if (op & 1)
10198 gen_swap_half(tmp2);
10199 gen_smul_dual(tmp, tmp2);
10200 if (op & 0x10) {
10201 tcg_gen_sub_i32(tmp, tmp, tmp2);
10202 } else {
10203 tcg_gen_add_i32(tmp, tmp, tmp2);
10204 }
10205 tcg_temp_free_i32(tmp2);
10206 /* BUGFIX */
10207 tmp64 = tcg_temp_new_i64();
10208 tcg_gen_ext_i32_i64(tmp64, tmp);
10209 tcg_temp_free_i32(tmp);
10210 gen_addq(s, tmp64, rs, rd);
10211 gen_storeq_reg(s, rs, rd, tmp64);
10212 tcg_temp_free_i64(tmp64);
10213 } else {
10214 if (op & 0x20) {
10215 /* Unsigned 64-bit multiply */
10216 tmp64 = gen_mulu_i64_i32(tmp, tmp2);
10217 } else {
10218 if (op & 8) {
10219 /* smlalxy */
10220 if (!arm_dc_feature(s, ARM_FEATURE_THUMB_DSP)) {
10221 tcg_temp_free_i32(tmp2);
10222 tcg_temp_free_i32(tmp);
10223 goto illegal_op;
10224 }
10225 gen_mulxy(tmp, tmp2, op & 2, op & 1);
10226 tcg_temp_free_i32(tmp2);
10227 tmp64 = tcg_temp_new_i64();
10228 tcg_gen_ext_i32_i64(tmp64, tmp);
10229 tcg_temp_free_i32(tmp);
10230 } else {
10231 /* Signed 64-bit multiply */
10232 tmp64 = gen_muls_i64_i32(tmp, tmp2);
10233 }
10234 }
10235 if (op & 4) {
10236 /* umaal */
10237 if (!arm_dc_feature(s, ARM_FEATURE_THUMB_DSP)) {
10238 tcg_temp_free_i64(tmp64);
10239 goto illegal_op;
10240 }
10241 gen_addq_lo(s, tmp64, rs);
10242 gen_addq_lo(s, tmp64, rd);
10243 } else if (op & 0x40) {
10244 /* 64-bit accumulate. */
10245 gen_addq(s, tmp64, rs, rd);
10246 }
10247 gen_storeq_reg(s, rs, rd, tmp64);
10248 tcg_temp_free_i64(tmp64);
10249 }
10250 break;
10251 }
10252 break;
10253 case 6: case 7: case 14: case 15:
10254 /* Coprocessor. */
10255 if (((insn >> 24) & 3) == 3) {
10256 /* Translate into the equivalent ARM encoding. */
10257 insn = (insn & 0xe2ffffff) | ((insn & (1 << 28)) >> 4) | (1 << 28);
10258 if (disas_neon_data_insn(s, insn)) {
10259 goto illegal_op;
10260 }
10261 } else if (((insn >> 8) & 0xe) == 10) {
10262 if (disas_vfp_insn(s, insn)) {
10263 goto illegal_op;
10264 }
10265 } else {
10266 if (insn & (1 << 28))
10267 goto illegal_op;
10268 if (disas_coproc_insn(s, insn)) {
10269 goto illegal_op;
10270 }
10271 }
10272 break;
10273 case 8: case 9: case 10: case 11:
10274 if (insn & (1 << 15)) {
10275 /* Branches, misc control. */
10276 if (insn & 0x5000) {
10277 /* Unconditional branch. */
10278 /* signextend(hw1[10:0]) -> offset[:12]. */
10279 offset = ((int32_t)insn << 5) >> 9 & ~(int32_t)0xfff;
10280 /* hw1[10:0] -> offset[11:1]. */
10281 offset |= (insn & 0x7ff) << 1;
10282 /* (~hw2[13, 11] ^ offset[24]) -> offset[23,22]
10283 offset[24:22] already have the same value because of the
10284 sign extension above. */
10285 offset ^= ((~insn) & (1 << 13)) << 10;
10286 offset ^= ((~insn) & (1 << 11)) << 11;
10287
10288 if (insn & (1 << 14)) {
10289 /* Branch and link. */
10290 tcg_gen_movi_i32(cpu_R[14], s->pc | 1);
10291 }
10292
10293 offset += s->pc;
10294 if (insn & (1 << 12)) {
10295 /* b/bl */
10296 gen_jmp(s, offset);
10297 } else {
10298 /* blx */
10299 offset &= ~(uint32_t)2;
10300 /* thumb2 bx, no need to check */
10301 gen_bx_im(s, offset);
10302 }
10303 } else if (((insn >> 23) & 7) == 7) {
10304 /* Misc control */
10305 if (insn & (1 << 13))
10306 goto illegal_op;
10307
10308 if (insn & (1 << 26)) {
10309 if (!(insn & (1 << 20))) {
10310 /* Hypervisor call (v7) */
10311 int imm16 = extract32(insn, 16, 4) << 12
10312 | extract32(insn, 0, 12);
10313 ARCH(7);
10314 if (IS_USER(s)) {
10315 goto illegal_op;
10316 }
10317 gen_hvc(s, imm16);
10318 } else {
10319 /* Secure monitor call (v6+) */
10320 ARCH(6K);
10321 if (IS_USER(s)) {
10322 goto illegal_op;
10323 }
10324 gen_smc(s);
10325 }
10326 } else {
10327 op = (insn >> 20) & 7;
10328 switch (op) {
10329 case 0: /* msr cpsr. */
10330 if (arm_dc_feature(s, ARM_FEATURE_M)) {
10331 tmp = load_reg(s, rn);
10332 addr = tcg_const_i32(insn & 0xff);
10333 gen_helper_v7m_msr(cpu_env, addr, tmp);
10334 tcg_temp_free_i32(addr);
10335 tcg_temp_free_i32(tmp);
10336 gen_lookup_tb(s);
10337 break;
10338 }
10339 /* fall through */
10340 case 1: /* msr spsr. */
10341 if (arm_dc_feature(s, ARM_FEATURE_M)) {
10342 goto illegal_op;
10343 }
10344
10345 if (extract32(insn, 5, 1)) {
10346 /* MSR (banked) */
10347 int sysm = extract32(insn, 8, 4) |
10348 (extract32(insn, 4, 1) << 4);
10349 int r = op & 1;
10350
10351 gen_msr_banked(s, r, sysm, rm);
10352 break;
10353 }
10354
10355 /* MSR (for PSRs) */
10356 tmp = load_reg(s, rn);
10357 if (gen_set_psr(s,
10358 msr_mask(s, (insn >> 8) & 0xf, op == 1),
10359 op == 1, tmp))
10360 goto illegal_op;
10361 break;
10362 case 2: /* cps, nop-hint. */
10363 if (((insn >> 8) & 7) == 0) {
10364 gen_nop_hint(s, insn & 0xff);
10365 }
10366 /* Implemented as NOP in user mode. */
10367 if (IS_USER(s))
10368 break;
10369 offset = 0;
10370 imm = 0;
10371 if (insn & (1 << 10)) {
10372 if (insn & (1 << 7))
10373 offset |= CPSR_A;
10374 if (insn & (1 << 6))
10375 offset |= CPSR_I;
10376 if (insn & (1 << 5))
10377 offset |= CPSR_F;
10378 if (insn & (1 << 9))
10379 imm = CPSR_A | CPSR_I | CPSR_F;
10380 }
10381 if (insn & (1 << 8)) {
10382 offset |= 0x1f;
10383 imm |= (insn & 0x1f);
10384 }
10385 if (offset) {
10386 gen_set_psr_im(s, offset, 0, imm);
10387 }
10388 break;
10389 case 3: /* Special control operations. */
10390 ARCH(7);
10391 op = (insn >> 4) & 0xf;
10392 switch (op) {
10393 case 2: /* clrex */
10394 gen_clrex(s);
10395 break;
10396 case 4: /* dsb */
10397 case 5: /* dmb */
10398 /* These execute as NOPs. */
10399 break;
10400 case 6: /* isb */
10401 /* We need to break the TB after this insn
10402 * to execute self-modifying code correctly
10403 * and also to take any pending interrupts
10404 * immediately.
10405 */
10406 gen_lookup_tb(s);
10407 break;
10408 default:
10409 goto illegal_op;
10410 }
10411 break;
10412 case 4: /* bxj */
10413 /* Trivial implementation equivalent to bx. */
10414 tmp = load_reg(s, rn);
10415 gen_bx(s, tmp);
10416 break;
10417 case 5: /* Exception return. */
10418 if (IS_USER(s)) {
10419 goto illegal_op;
10420 }
10421 if (rn != 14 || rd != 15) {
10422 goto illegal_op;
10423 }
10424 tmp = load_reg(s, rn);
10425 tcg_gen_subi_i32(tmp, tmp, insn & 0xff);
10426 gen_exception_return(s, tmp);
10427 break;
10428 case 6: /* MRS */
10429 if (extract32(insn, 5, 1)) {
10430 /* MRS (banked) */
10431 int sysm = extract32(insn, 16, 4) |
10432 (extract32(insn, 4, 1) << 4);
10433
10434 gen_mrs_banked(s, 0, sysm, rd);
10435 break;
10436 }
10437
10438 /* mrs cpsr */
10439 tmp = tcg_temp_new_i32();
10440 if (arm_dc_feature(s, ARM_FEATURE_M)) {
10441 addr = tcg_const_i32(insn & 0xff);
10442 gen_helper_v7m_mrs(tmp, cpu_env, addr);
10443 tcg_temp_free_i32(addr);
10444 } else {
10445 gen_helper_cpsr_read(tmp, cpu_env);
10446 }
10447 store_reg(s, rd, tmp);
10448 break;
10449 case 7: /* MRS */
10450 if (extract32(insn, 5, 1)) {
10451 /* MRS (banked) */
10452 int sysm = extract32(insn, 16, 4) |
10453 (extract32(insn, 4, 1) << 4);
10454
10455 gen_mrs_banked(s, 1, sysm, rd);
10456 break;
10457 }
10458
10459 /* mrs spsr. */
10460 /* Not accessible in user mode. */
10461 if (IS_USER(s) || arm_dc_feature(s, ARM_FEATURE_M)) {
10462 goto illegal_op;
10463 }
10464 tmp = load_cpu_field(spsr);
10465 store_reg(s, rd, tmp);
10466 break;
10467 }
10468 }
10469 } else {
10470 /* Conditional branch. */
10471 op = (insn >> 22) & 0xf;
10472 /* Generate a conditional jump to next instruction. */
10473 s->condlabel = gen_new_label();
10474 arm_gen_test_cc(op ^ 1, s->condlabel);
10475 s->condjmp = 1;
10476
10477 /* offset[11:1] = insn[10:0] */
10478 offset = (insn & 0x7ff) << 1;
10479 /* offset[17:12] = insn[21:16]. */
10480 offset |= (insn & 0x003f0000) >> 4;
10481 /* offset[31:20] = insn[26]. */
10482 offset |= ((int32_t)((insn << 5) & 0x80000000)) >> 11;
10483 /* offset[18] = insn[13]. */
10484 offset |= (insn & (1 << 13)) << 5;
10485 /* offset[19] = insn[11]. */
10486 offset |= (insn & (1 << 11)) << 8;
10487
10488 /* jump to the offset */
10489 gen_jmp(s, s->pc + offset);
10490 }
10491 } else {
10492 /* Data processing immediate. */
10493 if (insn & (1 << 25)) {
10494 if (insn & (1 << 24)) {
10495 if (insn & (1 << 20))
10496 goto illegal_op;
10497 /* Bitfield/Saturate. */
10498 op = (insn >> 21) & 7;
10499 imm = insn & 0x1f;
10500 shift = ((insn >> 6) & 3) | ((insn >> 10) & 0x1c);
10501 if (rn == 15) {
10502 tmp = tcg_temp_new_i32();
10503 tcg_gen_movi_i32(tmp, 0);
10504 } else {
10505 tmp = load_reg(s, rn);
10506 }
10507 switch (op) {
10508 case 2: /* Signed bitfield extract. */
10509 imm++;
10510 if (shift + imm > 32)
10511 goto illegal_op;
10512 if (imm < 32)
10513 gen_sbfx(tmp, shift, imm);
10514 break;
10515 case 6: /* Unsigned bitfield extract. */
10516 imm++;
10517 if (shift + imm > 32)
10518 goto illegal_op;
10519 if (imm < 32)
10520 gen_ubfx(tmp, shift, (1u << imm) - 1);
10521 break;
10522 case 3: /* Bitfield insert/clear. */
10523 if (imm < shift)
10524 goto illegal_op;
10525 imm = imm + 1 - shift;
10526 if (imm != 32) {
10527 tmp2 = load_reg(s, rd);
10528 tcg_gen_deposit_i32(tmp, tmp2, tmp, shift, imm);
10529 tcg_temp_free_i32(tmp2);
10530 }
10531 break;
10532 case 7:
10533 goto illegal_op;
10534 default: /* Saturate. */
10535 if (shift) {
10536 if (op & 1)
10537 tcg_gen_sari_i32(tmp, tmp, shift);
10538 else
10539 tcg_gen_shli_i32(tmp, tmp, shift);
10540 }
10541 tmp2 = tcg_const_i32(imm);
10542 if (op & 4) {
10543 /* Unsigned. */
10544 if ((op & 1) && shift == 0) {
10545 if (!arm_dc_feature(s, ARM_FEATURE_THUMB_DSP)) {
10546 tcg_temp_free_i32(tmp);
10547 tcg_temp_free_i32(tmp2);
10548 goto illegal_op;
10549 }
10550 gen_helper_usat16(tmp, cpu_env, tmp, tmp2);
10551 } else {
10552 gen_helper_usat(tmp, cpu_env, tmp, tmp2);
10553 }
10554 } else {
10555 /* Signed. */
10556 if ((op & 1) && shift == 0) {
10557 if (!arm_dc_feature(s, ARM_FEATURE_THUMB_DSP)) {
10558 tcg_temp_free_i32(tmp);
10559 tcg_temp_free_i32(tmp2);
10560 goto illegal_op;
10561 }
10562 gen_helper_ssat16(tmp, cpu_env, tmp, tmp2);
10563 } else {
10564 gen_helper_ssat(tmp, cpu_env, tmp, tmp2);
10565 }
10566 }
10567 tcg_temp_free_i32(tmp2);
10568 break;
10569 }
10570 store_reg(s, rd, tmp);
10571 } else {
10572 imm = ((insn & 0x04000000) >> 15)
10573 | ((insn & 0x7000) >> 4) | (insn & 0xff);
10574 if (insn & (1 << 22)) {
10575 /* 16-bit immediate. */
10576 imm |= (insn >> 4) & 0xf000;
10577 if (insn & (1 << 23)) {
10578 /* movt */
10579 tmp = load_reg(s, rd);
10580 tcg_gen_ext16u_i32(tmp, tmp);
10581 tcg_gen_ori_i32(tmp, tmp, imm << 16);
10582 } else {
10583 /* movw */
10584 tmp = tcg_temp_new_i32();
10585 tcg_gen_movi_i32(tmp, imm);
10586 }
10587 } else {
10588 /* Add/sub 12-bit immediate. */
10589 if (rn == 15) {
10590 offset = s->pc & ~(uint32_t)3;
10591 if (insn & (1 << 23))
10592 offset -= imm;
10593 else
10594 offset += imm;
10595 tmp = tcg_temp_new_i32();
10596 tcg_gen_movi_i32(tmp, offset);
10597 } else {
10598 tmp = load_reg(s, rn);
10599 if (insn & (1 << 23))
10600 tcg_gen_subi_i32(tmp, tmp, imm);
10601 else
10602 tcg_gen_addi_i32(tmp, tmp, imm);
10603 }
10604 }
10605 store_reg(s, rd, tmp);
10606 }
10607 } else {
10608 int shifter_out = 0;
10609 /* modified 12-bit immediate. */
10610 shift = ((insn & 0x04000000) >> 23) | ((insn & 0x7000) >> 12);
10611 imm = (insn & 0xff);
10612 switch (shift) {
10613 case 0: /* XY */
10614 /* Nothing to do. */
10615 break;
10616 case 1: /* 00XY00XY */
10617 imm |= imm << 16;
10618 break;
10619 case 2: /* XY00XY00 */
10620 imm |= imm << 16;
10621 imm <<= 8;
10622 break;
10623 case 3: /* XYXYXYXY */
10624 imm |= imm << 16;
10625 imm |= imm << 8;
10626 break;
10627 default: /* Rotated constant. */
10628 shift = (shift << 1) | (imm >> 7);
10629 imm |= 0x80;
10630 imm = imm << (32 - shift);
10631 shifter_out = 1;
10632 break;
10633 }
10634 tmp2 = tcg_temp_new_i32();
10635 tcg_gen_movi_i32(tmp2, imm);
10636 rn = (insn >> 16) & 0xf;
10637 if (rn == 15) {
10638 tmp = tcg_temp_new_i32();
10639 tcg_gen_movi_i32(tmp, 0);
10640 } else {
10641 tmp = load_reg(s, rn);
10642 }
10643 op = (insn >> 21) & 0xf;
10644 if (gen_thumb2_data_op(s, op, (insn & (1 << 20)) != 0,
10645 shifter_out, tmp, tmp2))
10646 goto illegal_op;
10647 tcg_temp_free_i32(tmp2);
10648 rd = (insn >> 8) & 0xf;
10649 if (rd != 15) {
10650 store_reg(s, rd, tmp);
10651 } else {
10652 tcg_temp_free_i32(tmp);
10653 }
10654 }
10655 }
10656 break;
10657 case 12: /* Load/store single data item. */
10658 {
10659 int postinc = 0;
10660 int writeback = 0;
10661 int memidx;
10662 if ((insn & 0x01100000) == 0x01000000) {
10663 if (disas_neon_ls_insn(s, insn)) {
10664 goto illegal_op;
10665 }
10666 break;
10667 }
10668 op = ((insn >> 21) & 3) | ((insn >> 22) & 4);
10669 if (rs == 15) {
10670 if (!(insn & (1 << 20))) {
10671 goto illegal_op;
10672 }
10673 if (op != 2) {
10674 /* Byte or halfword load space with dest == r15 : memory hints.
10675 * Catch them early so we don't emit pointless addressing code.
10676 * This space is a mix of:
10677 * PLD/PLDW/PLI, which we implement as NOPs (note that unlike
10678 * the ARM encodings, PLDW space doesn't UNDEF for non-v7MP
10679 * cores)
10680 * unallocated hints, which must be treated as NOPs
10681 * UNPREDICTABLE space, which we NOP or UNDEF depending on
10682 * which is easiest for the decoding logic
10683 * Some space which must UNDEF
10684 */
10685 int op1 = (insn >> 23) & 3;
10686 int op2 = (insn >> 6) & 0x3f;
10687 if (op & 2) {
10688 goto illegal_op;
10689 }
10690 if (rn == 15) {
10691 /* UNPREDICTABLE, unallocated hint or
10692 * PLD/PLDW/PLI (literal)
10693 */
10694 return 0;
10695 }
10696 if (op1 & 1) {
10697 return 0; /* PLD/PLDW/PLI or unallocated hint */
10698 }
10699 if ((op2 == 0) || ((op2 & 0x3c) == 0x30)) {
10700 return 0; /* PLD/PLDW/PLI or unallocated hint */
10701 }
10702 /* UNDEF space, or an UNPREDICTABLE */
10703 return 1;
10704 }
10705 }
10706 memidx = get_mem_index(s);
10707 if (rn == 15) {
10708 addr = tcg_temp_new_i32();
10709 /* PC relative. */
10710 /* s->pc has already been incremented by 4. */
10711 imm = s->pc & 0xfffffffc;
10712 if (insn & (1 << 23))
10713 imm += insn & 0xfff;
10714 else
10715 imm -= insn & 0xfff;
10716 tcg_gen_movi_i32(addr, imm);
10717 } else {
10718 addr = load_reg(s, rn);
10719 if (insn & (1 << 23)) {
10720 /* Positive offset. */
10721 imm = insn & 0xfff;
10722 tcg_gen_addi_i32(addr, addr, imm);
10723 } else {
10724 imm = insn & 0xff;
10725 switch ((insn >> 8) & 0xf) {
10726 case 0x0: /* Shifted Register. */
10727 shift = (insn >> 4) & 0xf;
10728 if (shift > 3) {
10729 tcg_temp_free_i32(addr);
10730 goto illegal_op;
10731 }
10732 tmp = load_reg(s, rm);
10733 if (shift)
10734 tcg_gen_shli_i32(tmp, tmp, shift);
10735 tcg_gen_add_i32(addr, addr, tmp);
10736 tcg_temp_free_i32(tmp);
10737 break;
10738 case 0xc: /* Negative offset. */
10739 tcg_gen_addi_i32(addr, addr, -imm);
10740 break;
10741 case 0xe: /* User privilege. */
10742 tcg_gen_addi_i32(addr, addr, imm);
10743 memidx = get_a32_user_mem_index(s);
10744 break;
10745 case 0x9: /* Post-decrement. */
10746 imm = -imm;
10747 /* Fall through. */
10748 case 0xb: /* Post-increment. */
10749 postinc = 1;
10750 writeback = 1;
10751 break;
10752 case 0xd: /* Pre-decrement. */
10753 imm = -imm;
10754 /* Fall through. */
10755 case 0xf: /* Pre-increment. */
10756 tcg_gen_addi_i32(addr, addr, imm);
10757 writeback = 1;
10758 break;
10759 default:
10760 tcg_temp_free_i32(addr);
10761 goto illegal_op;
10762 }
10763 }
10764 }
10765 if (insn & (1 << 20)) {
10766 /* Load. */
10767 tmp = tcg_temp_new_i32();
10768 switch (op) {
10769 case 0:
10770 gen_aa32_ld8u(s, tmp, addr, memidx);
10771 break;
10772 case 4:
10773 gen_aa32_ld8s(s, tmp, addr, memidx);
10774 break;
10775 case 1:
10776 gen_aa32_ld16u(s, tmp, addr, memidx);
10777 break;
10778 case 5:
10779 gen_aa32_ld16s(s, tmp, addr, memidx);
10780 break;
10781 case 2:
10782 gen_aa32_ld32u(s, tmp, addr, memidx);
10783 break;
10784 default:
10785 tcg_temp_free_i32(tmp);
10786 tcg_temp_free_i32(addr);
10787 goto illegal_op;
10788 }
10789 if (rs == 15) {
10790 gen_bx(s, tmp);
10791 } else {
10792 store_reg(s, rs, tmp);
10793 }
10794 } else {
10795 /* Store. */
10796 tmp = load_reg(s, rs);
10797 switch (op) {
10798 case 0:
10799 gen_aa32_st8(s, tmp, addr, memidx);
10800 break;
10801 case 1:
10802 gen_aa32_st16(s, tmp, addr, memidx);
10803 break;
10804 case 2:
10805 gen_aa32_st32(s, tmp, addr, memidx);
10806 break;
10807 default:
10808 tcg_temp_free_i32(tmp);
10809 tcg_temp_free_i32(addr);
10810 goto illegal_op;
10811 }
10812 tcg_temp_free_i32(tmp);
10813 }
10814 if (postinc)
10815 tcg_gen_addi_i32(addr, addr, imm);
10816 if (writeback) {
10817 store_reg(s, rn, addr);
10818 } else {
10819 tcg_temp_free_i32(addr);
10820 }
10821 }
10822 break;
10823 default:
10824 goto illegal_op;
10825 }
10826 return 0;
10827 illegal_op:
10828 return 1;
10829 }
10830
10831 static void disas_thumb_insn(CPUARMState *env, DisasContext *s)
10832 {
10833 uint32_t val, insn, op, rm, rn, rd, shift, cond;
10834 int32_t offset;
10835 int i;
10836 TCGv_i32 tmp;
10837 TCGv_i32 tmp2;
10838 TCGv_i32 addr;
10839
10840 if (s->condexec_mask) {
10841 cond = s->condexec_cond;
10842 if (cond != 0x0e) { /* Skip conditional when condition is AL. */
10843 s->condlabel = gen_new_label();
10844 arm_gen_test_cc(cond ^ 1, s->condlabel);
10845 s->condjmp = 1;
10846 }
10847 }
10848
10849 insn = arm_lduw_code(env, s->pc, s->sctlr_b);
10850 s->pc += 2;
10851
10852 switch (insn >> 12) {
10853 case 0: case 1:
10854
10855 rd = insn & 7;
10856 op = (insn >> 11) & 3;
10857 if (op == 3) {
10858 /* add/subtract */
10859 rn = (insn >> 3) & 7;
10860 tmp = load_reg(s, rn);
10861 if (insn & (1 << 10)) {
10862 /* immediate */
10863 tmp2 = tcg_temp_new_i32();
10864 tcg_gen_movi_i32(tmp2, (insn >> 6) & 7);
10865 } else {
10866 /* reg */
10867 rm = (insn >> 6) & 7;
10868 tmp2 = load_reg(s, rm);
10869 }
10870 if (insn & (1 << 9)) {
10871 if (s->condexec_mask)
10872 tcg_gen_sub_i32(tmp, tmp, tmp2);
10873 else
10874 gen_sub_CC(tmp, tmp, tmp2);
10875 } else {
10876 if (s->condexec_mask)
10877 tcg_gen_add_i32(tmp, tmp, tmp2);
10878 else
10879 gen_add_CC(tmp, tmp, tmp2);
10880 }
10881 tcg_temp_free_i32(tmp2);
10882 store_reg(s, rd, tmp);
10883 } else {
10884 /* shift immediate */
10885 rm = (insn >> 3) & 7;
10886 shift = (insn >> 6) & 0x1f;
10887 tmp = load_reg(s, rm);
10888 gen_arm_shift_im(tmp, op, shift, s->condexec_mask == 0);
10889 if (!s->condexec_mask)
10890 gen_logic_CC(tmp);
10891 store_reg(s, rd, tmp);
10892 }
10893 break;
10894 case 2: case 3:
10895 /* arithmetic large immediate */
10896 op = (insn >> 11) & 3;
10897 rd = (insn >> 8) & 0x7;
10898 if (op == 0) { /* mov */
10899 tmp = tcg_temp_new_i32();
10900 tcg_gen_movi_i32(tmp, insn & 0xff);
10901 if (!s->condexec_mask)
10902 gen_logic_CC(tmp);
10903 store_reg(s, rd, tmp);
10904 } else {
10905 tmp = load_reg(s, rd);
10906 tmp2 = tcg_temp_new_i32();
10907 tcg_gen_movi_i32(tmp2, insn & 0xff);
10908 switch (op) {
10909 case 1: /* cmp */
10910 gen_sub_CC(tmp, tmp, tmp2);
10911 tcg_temp_free_i32(tmp);
10912 tcg_temp_free_i32(tmp2);
10913 break;
10914 case 2: /* add */
10915 if (s->condexec_mask)
10916 tcg_gen_add_i32(tmp, tmp, tmp2);
10917 else
10918 gen_add_CC(tmp, tmp, tmp2);
10919 tcg_temp_free_i32(tmp2);
10920 store_reg(s, rd, tmp);
10921 break;
10922 case 3: /* sub */
10923 if (s->condexec_mask)
10924 tcg_gen_sub_i32(tmp, tmp, tmp2);
10925 else
10926 gen_sub_CC(tmp, tmp, tmp2);
10927 tcg_temp_free_i32(tmp2);
10928 store_reg(s, rd, tmp);
10929 break;
10930 }
10931 }
10932 break;
10933 case 4:
10934 if (insn & (1 << 11)) {
10935 rd = (insn >> 8) & 7;
10936 /* load pc-relative. Bit 1 of PC is ignored. */
10937 val = s->pc + 2 + ((insn & 0xff) * 4);
10938 val &= ~(uint32_t)2;
10939 addr = tcg_temp_new_i32();
10940 tcg_gen_movi_i32(addr, val);
10941 tmp = tcg_temp_new_i32();
10942 gen_aa32_ld32u(s, tmp, addr, get_mem_index(s));
10943 tcg_temp_free_i32(addr);
10944 store_reg(s, rd, tmp);
10945 break;
10946 }
10947 if (insn & (1 << 10)) {
10948 /* data processing extended or blx */
10949 rd = (insn & 7) | ((insn >> 4) & 8);
10950 rm = (insn >> 3) & 0xf;
10951 op = (insn >> 8) & 3;
10952 switch (op) {
10953 case 0: /* add */
10954 tmp = load_reg(s, rd);
10955 tmp2 = load_reg(s, rm);
10956 tcg_gen_add_i32(tmp, tmp, tmp2);
10957 tcg_temp_free_i32(tmp2);
10958 store_reg(s, rd, tmp);
10959 break;
10960 case 1: /* cmp */
10961 tmp = load_reg(s, rd);
10962 tmp2 = load_reg(s, rm);
10963 gen_sub_CC(tmp, tmp, tmp2);
10964 tcg_temp_free_i32(tmp2);
10965 tcg_temp_free_i32(tmp);
10966 break;
10967 case 2: /* mov/cpy */
10968 tmp = load_reg(s, rm);
10969 store_reg(s, rd, tmp);
10970 break;
10971 case 3:/* branch [and link] exchange thumb register */
10972 tmp = load_reg(s, rm);
10973 if (insn & (1 << 7)) {
10974 ARCH(5);
10975 val = (uint32_t)s->pc | 1;
10976 tmp2 = tcg_temp_new_i32();
10977 tcg_gen_movi_i32(tmp2, val);
10978 store_reg(s, 14, tmp2);
10979 }
10980 /* already thumb, no need to check */
10981 gen_bx(s, tmp);
10982 break;
10983 }
10984 break;
10985 }
10986
10987 /* data processing register */
10988 rd = insn & 7;
10989 rm = (insn >> 3) & 7;
10990 op = (insn >> 6) & 0xf;
10991 if (op == 2 || op == 3 || op == 4 || op == 7) {
10992 /* the shift/rotate ops want the operands backwards */
10993 val = rm;
10994 rm = rd;
10995 rd = val;
10996 val = 1;
10997 } else {
10998 val = 0;
10999 }
11000
11001 if (op == 9) { /* neg */
11002 tmp = tcg_temp_new_i32();
11003 tcg_gen_movi_i32(tmp, 0);
11004 } else if (op != 0xf) { /* mvn doesn't read its first operand */
11005 tmp = load_reg(s, rd);
11006 } else {
11007 TCGV_UNUSED_I32(tmp);
11008 }
11009
11010 tmp2 = load_reg(s, rm);
11011 switch (op) {
11012 case 0x0: /* and */
11013 tcg_gen_and_i32(tmp, tmp, tmp2);
11014 if (!s->condexec_mask)
11015 gen_logic_CC(tmp);
11016 break;
11017 case 0x1: /* eor */
11018 tcg_gen_xor_i32(tmp, tmp, tmp2);
11019 if (!s->condexec_mask)
11020 gen_logic_CC(tmp);
11021 break;
11022 case 0x2: /* lsl */
11023 if (s->condexec_mask) {
11024 gen_shl(tmp2, tmp2, tmp);
11025 } else {
11026 gen_helper_shl_cc(tmp2, cpu_env, tmp2, tmp);
11027 gen_logic_CC(tmp2);
11028 }
11029 break;
11030 case 0x3: /* lsr */
11031 if (s->condexec_mask) {
11032 gen_shr(tmp2, tmp2, tmp);
11033 } else {
11034 gen_helper_shr_cc(tmp2, cpu_env, tmp2, tmp);
11035 gen_logic_CC(tmp2);
11036 }
11037 break;
11038 case 0x4: /* asr */
11039 if (s->condexec_mask) {
11040 gen_sar(tmp2, tmp2, tmp);
11041 } else {
11042 gen_helper_sar_cc(tmp2, cpu_env, tmp2, tmp);
11043 gen_logic_CC(tmp2);
11044 }
11045 break;
11046 case 0x5: /* adc */
11047 if (s->condexec_mask) {
11048 gen_adc(tmp, tmp2);
11049 } else {
11050 gen_adc_CC(tmp, tmp, tmp2);
11051 }
11052 break;
11053 case 0x6: /* sbc */
11054 if (s->condexec_mask) {
11055 gen_sub_carry(tmp, tmp, tmp2);
11056 } else {
11057 gen_sbc_CC(tmp, tmp, tmp2);
11058 }
11059 break;
11060 case 0x7: /* ror */
11061 if (s->condexec_mask) {
11062 tcg_gen_andi_i32(tmp, tmp, 0x1f);
11063 tcg_gen_rotr_i32(tmp2, tmp2, tmp);
11064 } else {
11065 gen_helper_ror_cc(tmp2, cpu_env, tmp2, tmp);
11066 gen_logic_CC(tmp2);
11067 }
11068 break;
11069 case 0x8: /* tst */
11070 tcg_gen_and_i32(tmp, tmp, tmp2);
11071 gen_logic_CC(tmp);
11072 rd = 16;
11073 break;
11074 case 0x9: /* neg */
11075 if (s->condexec_mask)
11076 tcg_gen_neg_i32(tmp, tmp2);
11077 else
11078 gen_sub_CC(tmp, tmp, tmp2);
11079 break;
11080 case 0xa: /* cmp */
11081 gen_sub_CC(tmp, tmp, tmp2);
11082 rd = 16;
11083 break;
11084 case 0xb: /* cmn */
11085 gen_add_CC(tmp, tmp, tmp2);
11086 rd = 16;
11087 break;
11088 case 0xc: /* orr */
11089 tcg_gen_or_i32(tmp, tmp, tmp2);
11090 if (!s->condexec_mask)
11091 gen_logic_CC(tmp);
11092 break;
11093 case 0xd: /* mul */
11094 tcg_gen_mul_i32(tmp, tmp, tmp2);
11095 if (!s->condexec_mask)
11096 gen_logic_CC(tmp);
11097 break;
11098 case 0xe: /* bic */
11099 tcg_gen_andc_i32(tmp, tmp, tmp2);
11100 if (!s->condexec_mask)
11101 gen_logic_CC(tmp);
11102 break;
11103 case 0xf: /* mvn */
11104 tcg_gen_not_i32(tmp2, tmp2);
11105 if (!s->condexec_mask)
11106 gen_logic_CC(tmp2);
11107 val = 1;
11108 rm = rd;
11109 break;
11110 }
11111 if (rd != 16) {
11112 if (val) {
11113 store_reg(s, rm, tmp2);
11114 if (op != 0xf)
11115 tcg_temp_free_i32(tmp);
11116 } else {
11117 store_reg(s, rd, tmp);
11118 tcg_temp_free_i32(tmp2);
11119 }
11120 } else {
11121 tcg_temp_free_i32(tmp);
11122 tcg_temp_free_i32(tmp2);
11123 }
11124 break;
11125
11126 case 5:
11127 /* load/store register offset. */
11128 rd = insn & 7;
11129 rn = (insn >> 3) & 7;
11130 rm = (insn >> 6) & 7;
11131 op = (insn >> 9) & 7;
11132 addr = load_reg(s, rn);
11133 tmp = load_reg(s, rm);
11134 tcg_gen_add_i32(addr, addr, tmp);
11135 tcg_temp_free_i32(tmp);
11136
11137 if (op < 3) { /* store */
11138 tmp = load_reg(s, rd);
11139 } else {
11140 tmp = tcg_temp_new_i32();
11141 }
11142
11143 switch (op) {
11144 case 0: /* str */
11145 gen_aa32_st32(s, tmp, addr, get_mem_index(s));
11146 break;
11147 case 1: /* strh */
11148 gen_aa32_st16(s, tmp, addr, get_mem_index(s));
11149 break;
11150 case 2: /* strb */
11151 gen_aa32_st8(s, tmp, addr, get_mem_index(s));
11152 break;
11153 case 3: /* ldrsb */
11154 gen_aa32_ld8s(s, tmp, addr, get_mem_index(s));
11155 break;
11156 case 4: /* ldr */
11157 gen_aa32_ld32u(s, tmp, addr, get_mem_index(s));
11158 break;
11159 case 5: /* ldrh */
11160 gen_aa32_ld16u(s, tmp, addr, get_mem_index(s));
11161 break;
11162 case 6: /* ldrb */
11163 gen_aa32_ld8u(s, tmp, addr, get_mem_index(s));
11164 break;
11165 case 7: /* ldrsh */
11166 gen_aa32_ld16s(s, tmp, addr, get_mem_index(s));
11167 break;
11168 }
11169 if (op >= 3) { /* load */
11170 store_reg(s, rd, tmp);
11171 } else {
11172 tcg_temp_free_i32(tmp);
11173 }
11174 tcg_temp_free_i32(addr);
11175 break;
11176
11177 case 6:
11178 /* load/store word immediate offset */
11179 rd = insn & 7;
11180 rn = (insn >> 3) & 7;
11181 addr = load_reg(s, rn);
11182 val = (insn >> 4) & 0x7c;
11183 tcg_gen_addi_i32(addr, addr, val);
11184
11185 if (insn & (1 << 11)) {
11186 /* load */
11187 tmp = tcg_temp_new_i32();
11188 gen_aa32_ld32u(s, tmp, addr, get_mem_index(s));
11189 store_reg(s, rd, tmp);
11190 } else {
11191 /* store */
11192 tmp = load_reg(s, rd);
11193 gen_aa32_st32(s, tmp, addr, get_mem_index(s));
11194 tcg_temp_free_i32(tmp);
11195 }
11196 tcg_temp_free_i32(addr);
11197 break;
11198
11199 case 7:
11200 /* load/store byte immediate offset */
11201 rd = insn & 7;
11202 rn = (insn >> 3) & 7;
11203 addr = load_reg(s, rn);
11204 val = (insn >> 6) & 0x1f;
11205 tcg_gen_addi_i32(addr, addr, val);
11206
11207 if (insn & (1 << 11)) {
11208 /* load */
11209 tmp = tcg_temp_new_i32();
11210 gen_aa32_ld8u(s, tmp, addr, get_mem_index(s));
11211 store_reg(s, rd, tmp);
11212 } else {
11213 /* store */
11214 tmp = load_reg(s, rd);
11215 gen_aa32_st8(s, tmp, addr, get_mem_index(s));
11216 tcg_temp_free_i32(tmp);
11217 }
11218 tcg_temp_free_i32(addr);
11219 break;
11220
11221 case 8:
11222 /* load/store halfword immediate offset */
11223 rd = insn & 7;
11224 rn = (insn >> 3) & 7;
11225 addr = load_reg(s, rn);
11226 val = (insn >> 5) & 0x3e;
11227 tcg_gen_addi_i32(addr, addr, val);
11228
11229 if (insn & (1 << 11)) {
11230 /* load */
11231 tmp = tcg_temp_new_i32();
11232 gen_aa32_ld16u(s, tmp, addr, get_mem_index(s));
11233 store_reg(s, rd, tmp);
11234 } else {
11235 /* store */
11236 tmp = load_reg(s, rd);
11237 gen_aa32_st16(s, tmp, addr, get_mem_index(s));
11238 tcg_temp_free_i32(tmp);
11239 }
11240 tcg_temp_free_i32(addr);
11241 break;
11242
11243 case 9:
11244 /* load/store from stack */
11245 rd = (insn >> 8) & 7;
11246 addr = load_reg(s, 13);
11247 val = (insn & 0xff) * 4;
11248 tcg_gen_addi_i32(addr, addr, val);
11249
11250 if (insn & (1 << 11)) {
11251 /* load */
11252 tmp = tcg_temp_new_i32();
11253 gen_aa32_ld32u(s, tmp, addr, get_mem_index(s));
11254 store_reg(s, rd, tmp);
11255 } else {
11256 /* store */
11257 tmp = load_reg(s, rd);
11258 gen_aa32_st32(s, tmp, addr, get_mem_index(s));
11259 tcg_temp_free_i32(tmp);
11260 }
11261 tcg_temp_free_i32(addr);
11262 break;
11263
11264 case 10:
11265 /* add to high reg */
11266 rd = (insn >> 8) & 7;
11267 if (insn & (1 << 11)) {
11268 /* SP */
11269 tmp = load_reg(s, 13);
11270 } else {
11271 /* PC. bit 1 is ignored. */
11272 tmp = tcg_temp_new_i32();
11273 tcg_gen_movi_i32(tmp, (s->pc + 2) & ~(uint32_t)2);
11274 }
11275 val = (insn & 0xff) * 4;
11276 tcg_gen_addi_i32(tmp, tmp, val);
11277 store_reg(s, rd, tmp);
11278 break;
11279
11280 case 11:
11281 /* misc */
11282 op = (insn >> 8) & 0xf;
11283 switch (op) {
11284 case 0:
11285 /* adjust stack pointer */
11286 tmp = load_reg(s, 13);
11287 val = (insn & 0x7f) * 4;
11288 if (insn & (1 << 7))
11289 val = -(int32_t)val;
11290 tcg_gen_addi_i32(tmp, tmp, val);
11291 store_reg(s, 13, tmp);
11292 break;
11293
11294 case 2: /* sign/zero extend. */
11295 ARCH(6);
11296 rd = insn & 7;
11297 rm = (insn >> 3) & 7;
11298 tmp = load_reg(s, rm);
11299 switch ((insn >> 6) & 3) {
11300 case 0: gen_sxth(tmp); break;
11301 case 1: gen_sxtb(tmp); break;
11302 case 2: gen_uxth(tmp); break;
11303 case 3: gen_uxtb(tmp); break;
11304 }
11305 store_reg(s, rd, tmp);
11306 break;
11307 case 4: case 5: case 0xc: case 0xd:
11308 /* push/pop */
11309 addr = load_reg(s, 13);
11310 if (insn & (1 << 8))
11311 offset = 4;
11312 else
11313 offset = 0;
11314 for (i = 0; i < 8; i++) {
11315 if (insn & (1 << i))
11316 offset += 4;
11317 }
11318 if ((insn & (1 << 11)) == 0) {
11319 tcg_gen_addi_i32(addr, addr, -offset);
11320 }
11321 for (i = 0; i < 8; i++) {
11322 if (insn & (1 << i)) {
11323 if (insn & (1 << 11)) {
11324 /* pop */
11325 tmp = tcg_temp_new_i32();
11326 gen_aa32_ld32u(s, tmp, addr, get_mem_index(s));
11327 store_reg(s, i, tmp);
11328 } else {
11329 /* push */
11330 tmp = load_reg(s, i);
11331 gen_aa32_st32(s, tmp, addr, get_mem_index(s));
11332 tcg_temp_free_i32(tmp);
11333 }
11334 /* advance to the next address. */
11335 tcg_gen_addi_i32(addr, addr, 4);
11336 }
11337 }
11338 TCGV_UNUSED_I32(tmp);
11339 if (insn & (1 << 8)) {
11340 if (insn & (1 << 11)) {
11341 /* pop pc */
11342 tmp = tcg_temp_new_i32();
11343 gen_aa32_ld32u(s, tmp, addr, get_mem_index(s));
11344 /* don't set the pc until the rest of the instruction
11345 has completed */
11346 } else {
11347 /* push lr */
11348 tmp = load_reg(s, 14);
11349 gen_aa32_st32(s, tmp, addr, get_mem_index(s));
11350 tcg_temp_free_i32(tmp);
11351 }
11352 tcg_gen_addi_i32(addr, addr, 4);
11353 }
11354 if ((insn & (1 << 11)) == 0) {
11355 tcg_gen_addi_i32(addr, addr, -offset);
11356 }
11357 /* write back the new stack pointer */
11358 store_reg(s, 13, addr);
11359 /* set the new PC value */
11360 if ((insn & 0x0900) == 0x0900) {
11361 store_reg_from_load(s, 15, tmp);
11362 }
11363 break;
11364
11365 case 1: case 3: case 9: case 11: /* czb */
11366 rm = insn & 7;
11367 tmp = load_reg(s, rm);
11368 s->condlabel = gen_new_label();
11369 s->condjmp = 1;
11370 if (insn & (1 << 11))
11371 tcg_gen_brcondi_i32(TCG_COND_EQ, tmp, 0, s->condlabel);
11372 else
11373 tcg_gen_brcondi_i32(TCG_COND_NE, tmp, 0, s->condlabel);
11374 tcg_temp_free_i32(tmp);
11375 offset = ((insn & 0xf8) >> 2) | (insn & 0x200) >> 3;
11376 val = (uint32_t)s->pc + 2;
11377 val += offset;
11378 gen_jmp(s, val);
11379 break;
11380
11381 case 15: /* IT, nop-hint. */
11382 if ((insn & 0xf) == 0) {
11383 gen_nop_hint(s, (insn >> 4) & 0xf);
11384 break;
11385 }
11386 /* If Then. */
11387 s->condexec_cond = (insn >> 4) & 0xe;
11388 s->condexec_mask = insn & 0x1f;
11389 /* No actual code generated for this insn, just setup state. */
11390 break;
11391
11392 case 0xe: /* bkpt */
11393 {
11394 int imm8 = extract32(insn, 0, 8);
11395 ARCH(5);
11396 gen_exception_insn(s, 2, EXCP_BKPT, syn_aa32_bkpt(imm8, true),
11397 default_exception_el(s));
11398 break;
11399 }
11400
11401 case 0xa: /* rev */
11402 ARCH(6);
11403 rn = (insn >> 3) & 0x7;
11404 rd = insn & 0x7;
11405 tmp = load_reg(s, rn);
11406 switch ((insn >> 6) & 3) {
11407 case 0: tcg_gen_bswap32_i32(tmp, tmp); break;
11408 case 1: gen_rev16(tmp); break;
11409 case 3: gen_revsh(tmp); break;
11410 default: goto illegal_op;
11411 }
11412 store_reg(s, rd, tmp);
11413 break;
11414
11415 case 6:
11416 switch ((insn >> 5) & 7) {
11417 case 2:
11418 /* setend */
11419 ARCH(6);
11420 if (((insn >> 3) & 1) != !!(s->be_data == MO_BE)) {
11421 gen_helper_setend(cpu_env);
11422 s->is_jmp = DISAS_UPDATE;
11423 }
11424 break;
11425 case 3:
11426 /* cps */
11427 ARCH(6);
11428 if (IS_USER(s)) {
11429 break;
11430 }
11431 if (arm_dc_feature(s, ARM_FEATURE_M)) {
11432 tmp = tcg_const_i32((insn & (1 << 4)) != 0);
11433 /* FAULTMASK */
11434 if (insn & 1) {
11435 addr = tcg_const_i32(19);
11436 gen_helper_v7m_msr(cpu_env, addr, tmp);
11437 tcg_temp_free_i32(addr);
11438 }
11439 /* PRIMASK */
11440 if (insn & 2) {
11441 addr = tcg_const_i32(16);
11442 gen_helper_v7m_msr(cpu_env, addr, tmp);
11443 tcg_temp_free_i32(addr);
11444 }
11445 tcg_temp_free_i32(tmp);
11446 gen_lookup_tb(s);
11447 } else {
11448 if (insn & (1 << 4)) {
11449 shift = CPSR_A | CPSR_I | CPSR_F;
11450 } else {
11451 shift = 0;
11452 }
11453 gen_set_psr_im(s, ((insn & 7) << 6), 0, shift);
11454 }
11455 break;
11456 default:
11457 goto undef;
11458 }
11459 break;
11460
11461 default:
11462 goto undef;
11463 }
11464 break;
11465
11466 case 12:
11467 {
11468 /* load/store multiple */
11469 TCGv_i32 loaded_var;
11470 TCGV_UNUSED_I32(loaded_var);
11471 rn = (insn >> 8) & 0x7;
11472 addr = load_reg(s, rn);
11473 for (i = 0; i < 8; i++) {
11474 if (insn & (1 << i)) {
11475 if (insn & (1 << 11)) {
11476 /* load */
11477 tmp = tcg_temp_new_i32();
11478 gen_aa32_ld32u(s, tmp, addr, get_mem_index(s));
11479 if (i == rn) {
11480 loaded_var = tmp;
11481 } else {
11482 store_reg(s, i, tmp);
11483 }
11484 } else {
11485 /* store */
11486 tmp = load_reg(s, i);
11487 gen_aa32_st32(s, tmp, addr, get_mem_index(s));
11488 tcg_temp_free_i32(tmp);
11489 }
11490 /* advance to the next address */
11491 tcg_gen_addi_i32(addr, addr, 4);
11492 }
11493 }
11494 if ((insn & (1 << rn)) == 0) {
11495 /* base reg not in list: base register writeback */
11496 store_reg(s, rn, addr);
11497 } else {
11498 /* base reg in list: if load, complete it now */
11499 if (insn & (1 << 11)) {
11500 store_reg(s, rn, loaded_var);
11501 }
11502 tcg_temp_free_i32(addr);
11503 }
11504 break;
11505 }
11506 case 13:
11507 /* conditional branch or swi */
11508 cond = (insn >> 8) & 0xf;
11509 if (cond == 0xe)
11510 goto undef;
11511
11512 if (cond == 0xf) {
11513 /* swi */
11514 gen_set_pc_im(s, s->pc);
11515 s->svc_imm = extract32(insn, 0, 8);
11516 s->is_jmp = DISAS_SWI;
11517 break;
11518 }
11519 /* generate a conditional jump to next instruction */
11520 s->condlabel = gen_new_label();
11521 arm_gen_test_cc(cond ^ 1, s->condlabel);
11522 s->condjmp = 1;
11523
11524 /* jump to the offset */
11525 val = (uint32_t)s->pc + 2;
11526 offset = ((int32_t)insn << 24) >> 24;
11527 val += offset << 1;
11528 gen_jmp(s, val);
11529 break;
11530
11531 case 14:
11532 if (insn & (1 << 11)) {
11533 if (disas_thumb2_insn(env, s, insn))
11534 goto undef32;
11535 break;
11536 }
11537 /* unconditional branch */
11538 val = (uint32_t)s->pc;
11539 offset = ((int32_t)insn << 21) >> 21;
11540 val += (offset << 1) + 2;
11541 gen_jmp(s, val);
11542 break;
11543
11544 case 15:
11545 if (disas_thumb2_insn(env, s, insn))
11546 goto undef32;
11547 break;
11548 }
11549 return;
11550 undef32:
11551 gen_exception_insn(s, 4, EXCP_UDEF, syn_uncategorized(),
11552 default_exception_el(s));
11553 return;
11554 illegal_op:
11555 undef:
11556 gen_exception_insn(s, 2, EXCP_UDEF, syn_uncategorized(),
11557 default_exception_el(s));
11558 }
11559
11560 static bool insn_crosses_page(CPUARMState *env, DisasContext *s)
11561 {
11562 /* Return true if the insn at dc->pc might cross a page boundary.
11563 * (False positives are OK, false negatives are not.)
11564 */
11565 uint16_t insn;
11566
11567 if ((s->pc & 3) == 0) {
11568 /* At a 4-aligned address we can't be crossing a page */
11569 return false;
11570 }
11571
11572 /* This must be a Thumb insn */
11573 insn = arm_lduw_code(env, s->pc, s->sctlr_b);
11574
11575 if ((insn >> 11) >= 0x1d) {
11576 /* Top five bits 0b11101 / 0b11110 / 0b11111 : this is the
11577 * First half of a 32-bit Thumb insn. Thumb-1 cores might
11578 * end up actually treating this as two 16-bit insns (see the
11579 * code at the start of disas_thumb2_insn()) but we don't bother
11580 * to check for that as it is unlikely, and false positives here
11581 * are harmless.
11582 */
11583 return true;
11584 }
11585 /* Definitely a 16-bit insn, can't be crossing a page. */
11586 return false;
11587 }
11588
11589 /* generate intermediate code for basic block 'tb'. */
11590 void gen_intermediate_code(CPUARMState *env, TranslationBlock *tb)
11591 {
11592 ARMCPU *cpu = arm_env_get_cpu(env);
11593 CPUState *cs = CPU(cpu);
11594 DisasContext dc1, *dc = &dc1;
11595 target_ulong pc_start;
11596 target_ulong next_page_start;
11597 int num_insns;
11598 int max_insns;
11599 bool end_of_page;
11600
11601 /* generate intermediate code */
11602
11603 /* The A64 decoder has its own top level loop, because it doesn't need
11604 * the A32/T32 complexity to do with conditional execution/IT blocks/etc.
11605 */
11606 if (ARM_TBFLAG_AARCH64_STATE(tb->flags)) {
11607 gen_intermediate_code_a64(cpu, tb);
11608 return;
11609 }
11610
11611 pc_start = tb->pc;
11612
11613 dc->tb = tb;
11614
11615 dc->is_jmp = DISAS_NEXT;
11616 dc->pc = pc_start;
11617 dc->singlestep_enabled = cs->singlestep_enabled;
11618 dc->condjmp = 0;
11619
11620 dc->aarch64 = 0;
11621 /* If we are coming from secure EL0 in a system with a 32-bit EL3, then
11622 * there is no secure EL1, so we route exceptions to EL3.
11623 */
11624 dc->secure_routed_to_el3 = arm_feature(env, ARM_FEATURE_EL3) &&
11625 !arm_el_is_aa64(env, 3);
11626 dc->thumb = ARM_TBFLAG_THUMB(tb->flags);
11627 dc->sctlr_b = ARM_TBFLAG_SCTLR_B(tb->flags);
11628 dc->be_data = ARM_TBFLAG_BE_DATA(tb->flags) ? MO_BE : MO_LE;
11629 dc->condexec_mask = (ARM_TBFLAG_CONDEXEC(tb->flags) & 0xf) << 1;
11630 dc->condexec_cond = ARM_TBFLAG_CONDEXEC(tb->flags) >> 4;
11631 dc->mmu_idx = ARM_TBFLAG_MMUIDX(tb->flags);
11632 dc->current_el = arm_mmu_idx_to_el(dc->mmu_idx);
11633 #if !defined(CONFIG_USER_ONLY)
11634 dc->user = (dc->current_el == 0);
11635 #endif
11636 dc->ns = ARM_TBFLAG_NS(tb->flags);
11637 dc->fp_excp_el = ARM_TBFLAG_FPEXC_EL(tb->flags);
11638 dc->vfp_enabled = ARM_TBFLAG_VFPEN(tb->flags);
11639 dc->vec_len = ARM_TBFLAG_VECLEN(tb->flags);
11640 dc->vec_stride = ARM_TBFLAG_VECSTRIDE(tb->flags);
11641 dc->c15_cpar = ARM_TBFLAG_XSCALE_CPAR(tb->flags);
11642 dc->cp_regs = cpu->cp_regs;
11643 dc->features = env->features;
11644
11645 /* Single step state. The code-generation logic here is:
11646 * SS_ACTIVE == 0:
11647 * generate code with no special handling for single-stepping (except
11648 * that anything that can make us go to SS_ACTIVE == 1 must end the TB;
11649 * this happens anyway because those changes are all system register or
11650 * PSTATE writes).
11651 * SS_ACTIVE == 1, PSTATE.SS == 1: (active-not-pending)
11652 * emit code for one insn
11653 * emit code to clear PSTATE.SS
11654 * emit code to generate software step exception for completed step
11655 * end TB (as usual for having generated an exception)
11656 * SS_ACTIVE == 1, PSTATE.SS == 0: (active-pending)
11657 * emit code to generate a software step exception
11658 * end the TB
11659 */
11660 dc->ss_active = ARM_TBFLAG_SS_ACTIVE(tb->flags);
11661 dc->pstate_ss = ARM_TBFLAG_PSTATE_SS(tb->flags);
11662 dc->is_ldex = false;
11663 dc->ss_same_el = false; /* Can't be true since EL_d must be AArch64 */
11664
11665 cpu_F0s = tcg_temp_new_i32();
11666 cpu_F1s = tcg_temp_new_i32();
11667 cpu_F0d = tcg_temp_new_i64();
11668 cpu_F1d = tcg_temp_new_i64();
11669 cpu_V0 = cpu_F0d;
11670 cpu_V1 = cpu_F1d;
11671 /* FIXME: cpu_M0 can probably be the same as cpu_V0. */
11672 cpu_M0 = tcg_temp_new_i64();
11673 next_page_start = (pc_start & TARGET_PAGE_MASK) + TARGET_PAGE_SIZE;
11674 num_insns = 0;
11675 max_insns = tb->cflags & CF_COUNT_MASK;
11676 if (max_insns == 0) {
11677 max_insns = CF_COUNT_MASK;
11678 }
11679 if (max_insns > TCG_MAX_INSNS) {
11680 max_insns = TCG_MAX_INSNS;
11681 }
11682
11683 gen_tb_start(tb);
11684
11685 tcg_clear_temp_count();
11686
11687 /* A note on handling of the condexec (IT) bits:
11688 *
11689 * We want to avoid the overhead of having to write the updated condexec
11690 * bits back to the CPUARMState for every instruction in an IT block. So:
11691 * (1) if the condexec bits are not already zero then we write
11692 * zero back into the CPUARMState now. This avoids complications trying
11693 * to do it at the end of the block. (For example if we don't do this
11694 * it's hard to identify whether we can safely skip writing condexec
11695 * at the end of the TB, which we definitely want to do for the case
11696 * where a TB doesn't do anything with the IT state at all.)
11697 * (2) if we are going to leave the TB then we call gen_set_condexec()
11698 * which will write the correct value into CPUARMState if zero is wrong.
11699 * This is done both for leaving the TB at the end, and for leaving
11700 * it because of an exception we know will happen, which is done in
11701 * gen_exception_insn(). The latter is necessary because we need to
11702 * leave the TB with the PC/IT state just prior to execution of the
11703 * instruction which caused the exception.
11704 * (3) if we leave the TB unexpectedly (eg a data abort on a load)
11705 * then the CPUARMState will be wrong and we need to reset it.
11706 * This is handled in the same way as restoration of the
11707 * PC in these situations; we save the value of the condexec bits
11708 * for each PC via tcg_gen_insn_start(), and restore_state_to_opc()
11709 * then uses this to restore them after an exception.
11710 *
11711 * Note that there are no instructions which can read the condexec
11712 * bits, and none which can write non-static values to them, so
11713 * we don't need to care about whether CPUARMState is correct in the
11714 * middle of a TB.
11715 */
11716
11717 /* Reset the conditional execution bits immediately. This avoids
11718 complications trying to do it at the end of the block. */
11719 if (dc->condexec_mask || dc->condexec_cond)
11720 {
11721 TCGv_i32 tmp = tcg_temp_new_i32();
11722 tcg_gen_movi_i32(tmp, 0);
11723 store_cpu_field(tmp, condexec_bits);
11724 }
11725 do {
11726 tcg_gen_insn_start(dc->pc,
11727 (dc->condexec_cond << 4) | (dc->condexec_mask >> 1));
11728 num_insns++;
11729
11730 #ifdef CONFIG_USER_ONLY
11731 /* Intercept jump to the magic kernel page. */
11732 if (dc->pc >= 0xffff0000) {
11733 /* We always get here via a jump, so know we are not in a
11734 conditional execution block. */
11735 gen_exception_internal(EXCP_KERNEL_TRAP);
11736 dc->is_jmp = DISAS_EXC;
11737 break;
11738 }
11739 #else
11740 if (dc->pc >= 0xfffffff0 && arm_dc_feature(dc, ARM_FEATURE_M)) {
11741 /* We always get here via a jump, so know we are not in a
11742 conditional execution block. */
11743 gen_exception_internal(EXCP_EXCEPTION_EXIT);
11744 dc->is_jmp = DISAS_EXC;
11745 break;
11746 }
11747 #endif
11748
11749 if (unlikely(!QTAILQ_EMPTY(&cs->breakpoints))) {
11750 CPUBreakpoint *bp;
11751 QTAILQ_FOREACH(bp, &cs->breakpoints, entry) {
11752 if (bp->pc == dc->pc) {
11753 if (bp->flags & BP_CPU) {
11754 gen_set_condexec(dc);
11755 gen_set_pc_im(dc, dc->pc);
11756 gen_helper_check_breakpoints(cpu_env);
11757 /* End the TB early; it's likely not going to be executed */
11758 dc->is_jmp = DISAS_UPDATE;
11759 } else {
11760 gen_exception_internal_insn(dc, 0, EXCP_DEBUG);
11761 /* The address covered by the breakpoint must be
11762 included in [tb->pc, tb->pc + tb->size) in order
11763 to for it to be properly cleared -- thus we
11764 increment the PC here so that the logic setting
11765 tb->size below does the right thing. */
11766 /* TODO: Advance PC by correct instruction length to
11767 * avoid disassembler error messages */
11768 dc->pc += 2;
11769 goto done_generating;
11770 }
11771 break;
11772 }
11773 }
11774 }
11775
11776 if (num_insns == max_insns && (tb->cflags & CF_LAST_IO)) {
11777 gen_io_start();
11778 }
11779
11780 if (dc->ss_active && !dc->pstate_ss) {
11781 /* Singlestep state is Active-pending.
11782 * If we're in this state at the start of a TB then either
11783 * a) we just took an exception to an EL which is being debugged
11784 * and this is the first insn in the exception handler
11785 * b) debug exceptions were masked and we just unmasked them
11786 * without changing EL (eg by clearing PSTATE.D)
11787 * In either case we're going to take a swstep exception in the
11788 * "did not step an insn" case, and so the syndrome ISV and EX
11789 * bits should be zero.
11790 */
11791 assert(num_insns == 1);
11792 gen_exception(EXCP_UDEF, syn_swstep(dc->ss_same_el, 0, 0),
11793 default_exception_el(dc));
11794 goto done_generating;
11795 }
11796
11797 if (dc->thumb) {
11798 disas_thumb_insn(env, dc);
11799 if (dc->condexec_mask) {
11800 dc->condexec_cond = (dc->condexec_cond & 0xe)
11801 | ((dc->condexec_mask >> 4) & 1);
11802 dc->condexec_mask = (dc->condexec_mask << 1) & 0x1f;
11803 if (dc->condexec_mask == 0) {
11804 dc->condexec_cond = 0;
11805 }
11806 }
11807 } else {
11808 unsigned int insn = arm_ldl_code(env, dc->pc, dc->sctlr_b);
11809 dc->pc += 4;
11810 disas_arm_insn(dc, insn);
11811 }
11812
11813 if (dc->condjmp && !dc->is_jmp) {
11814 gen_set_label(dc->condlabel);
11815 dc->condjmp = 0;
11816 }
11817
11818 if (tcg_check_temp_count()) {
11819 fprintf(stderr, "TCG temporary leak before "TARGET_FMT_lx"\n",
11820 dc->pc);
11821 }
11822
11823 /* Translation stops when a conditional branch is encountered.
11824 * Otherwise the subsequent code could get translated several times.
11825 * Also stop translation when a page boundary is reached. This
11826 * ensures prefetch aborts occur at the right place. */
11827
11828 /* We want to stop the TB if the next insn starts in a new page,
11829 * or if it spans between this page and the next. This means that
11830 * if we're looking at the last halfword in the page we need to
11831 * see if it's a 16-bit Thumb insn (which will fit in this TB)
11832 * or a 32-bit Thumb insn (which won't).
11833 * This is to avoid generating a silly TB with a single 16-bit insn
11834 * in it at the end of this page (which would execute correctly
11835 * but isn't very efficient).
11836 */
11837 end_of_page = (dc->pc >= next_page_start) ||
11838 ((dc->pc >= next_page_start - 3) && insn_crosses_page(env, dc));
11839
11840 } while (!dc->is_jmp && !tcg_op_buf_full() &&
11841 !cs->singlestep_enabled &&
11842 !singlestep &&
11843 !dc->ss_active &&
11844 !end_of_page &&
11845 num_insns < max_insns);
11846
11847 if (tb->cflags & CF_LAST_IO) {
11848 if (dc->condjmp) {
11849 /* FIXME: This can theoretically happen with self-modifying
11850 code. */
11851 cpu_abort(cs, "IO on conditional branch instruction");
11852 }
11853 gen_io_end();
11854 }
11855
11856 /* At this stage dc->condjmp will only be set when the skipped
11857 instruction was a conditional branch or trap, and the PC has
11858 already been written. */
11859 if (unlikely(cs->singlestep_enabled || dc->ss_active)) {
11860 /* Unconditional and "condition passed" instruction codepath. */
11861 gen_set_condexec(dc);
11862 switch (dc->is_jmp) {
11863 case DISAS_SWI:
11864 gen_ss_advance(dc);
11865 gen_exception(EXCP_SWI, syn_aa32_svc(dc->svc_imm, dc->thumb),
11866 default_exception_el(dc));
11867 break;
11868 case DISAS_HVC:
11869 gen_ss_advance(dc);
11870 gen_exception(EXCP_HVC, syn_aa32_hvc(dc->svc_imm), 2);
11871 break;
11872 case DISAS_SMC:
11873 gen_ss_advance(dc);
11874 gen_exception(EXCP_SMC, syn_aa32_smc(), 3);
11875 break;
11876 case DISAS_NEXT:
11877 case DISAS_UPDATE:
11878 gen_set_pc_im(dc, dc->pc);
11879 /* fall through */
11880 default:
11881 if (dc->ss_active) {
11882 gen_step_complete_exception(dc);
11883 } else {
11884 /* FIXME: Single stepping a WFI insn will not halt
11885 the CPU. */
11886 gen_exception_internal(EXCP_DEBUG);
11887 }
11888 }
11889 if (dc->condjmp) {
11890 /* "Condition failed" instruction codepath. */
11891 gen_set_label(dc->condlabel);
11892 gen_set_condexec(dc);
11893 gen_set_pc_im(dc, dc->pc);
11894 if (dc->ss_active) {
11895 gen_step_complete_exception(dc);
11896 } else {
11897 gen_exception_internal(EXCP_DEBUG);
11898 }
11899 }
11900 } else {
11901 /* While branches must always occur at the end of an IT block,
11902 there are a few other things that can cause us to terminate
11903 the TB in the middle of an IT block:
11904 - Exception generating instructions (bkpt, swi, undefined).
11905 - Page boundaries.
11906 - Hardware watchpoints.
11907 Hardware breakpoints have already been handled and skip this code.
11908 */
11909 gen_set_condexec(dc);
11910 switch(dc->is_jmp) {
11911 case DISAS_NEXT:
11912 gen_goto_tb(dc, 1, dc->pc);
11913 break;
11914 case DISAS_UPDATE:
11915 gen_set_pc_im(dc, dc->pc);
11916 /* fall through */
11917 case DISAS_JUMP:
11918 default:
11919 /* indicate that the hash table must be used to find the next TB */
11920 tcg_gen_exit_tb(0);
11921 break;
11922 case DISAS_TB_JUMP:
11923 /* nothing more to generate */
11924 break;
11925 case DISAS_WFI:
11926 gen_helper_wfi(cpu_env);
11927 /* The helper doesn't necessarily throw an exception, but we
11928 * must go back to the main loop to check for interrupts anyway.
11929 */
11930 tcg_gen_exit_tb(0);
11931 break;
11932 case DISAS_WFE:
11933 gen_helper_wfe(cpu_env);
11934 break;
11935 case DISAS_YIELD:
11936 gen_helper_yield(cpu_env);
11937 break;
11938 case DISAS_SWI:
11939 gen_exception(EXCP_SWI, syn_aa32_svc(dc->svc_imm, dc->thumb),
11940 default_exception_el(dc));
11941 break;
11942 case DISAS_HVC:
11943 gen_exception(EXCP_HVC, syn_aa32_hvc(dc->svc_imm), 2);
11944 break;
11945 case DISAS_SMC:
11946 gen_exception(EXCP_SMC, syn_aa32_smc(), 3);
11947 break;
11948 }
11949 if (dc->condjmp) {
11950 gen_set_label(dc->condlabel);
11951 gen_set_condexec(dc);
11952 gen_goto_tb(dc, 1, dc->pc);
11953 dc->condjmp = 0;
11954 }
11955 }
11956
11957 done_generating:
11958 gen_tb_end(tb, num_insns);
11959
11960 #ifdef DEBUG_DISAS
11961 if (qemu_loglevel_mask(CPU_LOG_TB_IN_ASM) &&
11962 qemu_log_in_addr_range(pc_start)) {
11963 qemu_log("----------------\n");
11964 qemu_log("IN: %s\n", lookup_symbol(pc_start));
11965 log_target_disas(cs, pc_start, dc->pc - pc_start,
11966 dc->thumb | (dc->sctlr_b << 1));
11967 qemu_log("\n");
11968 }
11969 #endif
11970 tb->size = dc->pc - pc_start;
11971 tb->icount = num_insns;
11972 }
11973
11974 static const char *cpu_mode_names[16] = {
11975 "usr", "fiq", "irq", "svc", "???", "???", "mon", "abt",
11976 "???", "???", "hyp", "und", "???", "???", "???", "sys"
11977 };
11978
11979 void arm_cpu_dump_state(CPUState *cs, FILE *f, fprintf_function cpu_fprintf,
11980 int flags)
11981 {
11982 ARMCPU *cpu = ARM_CPU(cs);
11983 CPUARMState *env = &cpu->env;
11984 int i;
11985 uint32_t psr;
11986 const char *ns_status;
11987
11988 if (is_a64(env)) {
11989 aarch64_cpu_dump_state(cs, f, cpu_fprintf, flags);
11990 return;
11991 }
11992
11993 for(i=0;i<16;i++) {
11994 cpu_fprintf(f, "R%02d=%08x", i, env->regs[i]);
11995 if ((i % 4) == 3)
11996 cpu_fprintf(f, "\n");
11997 else
11998 cpu_fprintf(f, " ");
11999 }
12000 psr = cpsr_read(env);
12001
12002 if (arm_feature(env, ARM_FEATURE_EL3) &&
12003 (psr & CPSR_M) != ARM_CPU_MODE_MON) {
12004 ns_status = env->cp15.scr_el3 & SCR_NS ? "NS " : "S ";
12005 } else {
12006 ns_status = "";
12007 }
12008
12009 cpu_fprintf(f, "PSR=%08x %c%c%c%c %c %s%s%d\n",
12010 psr,
12011 psr & (1 << 31) ? 'N' : '-',
12012 psr & (1 << 30) ? 'Z' : '-',
12013 psr & (1 << 29) ? 'C' : '-',
12014 psr & (1 << 28) ? 'V' : '-',
12015 psr & CPSR_T ? 'T' : 'A',
12016 ns_status,
12017 cpu_mode_names[psr & 0xf], (psr & 0x10) ? 32 : 26);
12018
12019 if (flags & CPU_DUMP_FPU) {
12020 int numvfpregs = 0;
12021 if (arm_feature(env, ARM_FEATURE_VFP)) {
12022 numvfpregs += 16;
12023 }
12024 if (arm_feature(env, ARM_FEATURE_VFP3)) {
12025 numvfpregs += 16;
12026 }
12027 for (i = 0; i < numvfpregs; i++) {
12028 uint64_t v = float64_val(env->vfp.regs[i]);
12029 cpu_fprintf(f, "s%02d=%08x s%02d=%08x d%02d=%016" PRIx64 "\n",
12030 i * 2, (uint32_t)v,
12031 i * 2 + 1, (uint32_t)(v >> 32),
12032 i, v);
12033 }
12034 cpu_fprintf(f, "FPSCR: %08x\n", (int)env->vfp.xregs[ARM_VFP_FPSCR]);
12035 }
12036 }
12037
12038 void restore_state_to_opc(CPUARMState *env, TranslationBlock *tb,
12039 target_ulong *data)
12040 {
12041 if (is_a64(env)) {
12042 env->pc = data[0];
12043 env->condexec_bits = 0;
12044 } else {
12045 env->regs[15] = data[0];
12046 env->condexec_bits = data[1];
12047 }
12048 }
AR7 emulation for QEMU