search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
bcm2835_mbox: add BCM2835 mailboxes
[qemu/ar7.git] / target-arm / translate.c
blobcff511b9c65fb3bff491caed8dbcd63123d5aa65
1 /*
2 * ARM translation
3 *
4 * Copyright (c) 2003 Fabrice Bellard
5 * Copyright (c) 2005-2007 CodeSourcery
6 * Copyright (c) 2007 OpenedHand, Ltd.
7 *
8 * This library is free software; you can redistribute it and/or
9 * modify it under the terms of the GNU Lesser General Public
10 * License as published by the Free Software Foundation; either
11 * version 2 of the License, or (at your option) any later version.
12 *
13 * This library is distributed in the hope that it will be useful,
14 * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 * Lesser General Public License for more details.
17 *
18 * You should have received a copy of the GNU Lesser General Public
19 * License along with this library; if not, see <http://www.gnu.org/licenses/>.
20 */
21 #include "qemu/osdep.h"
22
23 #include "cpu.h"
24 #include "internals.h"
25 #include "disas/disas.h"
26 #include "tcg-op.h"
27 #include "qemu/log.h"
28 #include "qemu/bitops.h"
29 #include "arm_ldst.h"
30
31 #include "exec/helper-proto.h"
32 #include "exec/helper-gen.h"
33
34 #include "trace-tcg.h"
35
36
37 #define ENABLE_ARCH_4T arm_dc_feature(s, ARM_FEATURE_V4T)
38 #define ENABLE_ARCH_5 arm_dc_feature(s, ARM_FEATURE_V5)
39 /* currently all emulated v5 cores are also v5TE, so don't bother */
40 #define ENABLE_ARCH_5TE arm_dc_feature(s, ARM_FEATURE_V5)
41 #define ENABLE_ARCH_5J 0
42 #define ENABLE_ARCH_6 arm_dc_feature(s, ARM_FEATURE_V6)
43 #define ENABLE_ARCH_6K arm_dc_feature(s, ARM_FEATURE_V6K)
44 #define ENABLE_ARCH_6T2 arm_dc_feature(s, ARM_FEATURE_THUMB2)
45 #define ENABLE_ARCH_7 arm_dc_feature(s, ARM_FEATURE_V7)
46 #define ENABLE_ARCH_8 arm_dc_feature(s, ARM_FEATURE_V8)
47
48 #define ARCH(x) do { if (!ENABLE_ARCH_##x) goto illegal_op; } while(0)
49
50 #include "translate.h"
51
52 #if defined(CONFIG_USER_ONLY)
53 #define IS_USER(s) 1
54 #else
55 #define IS_USER(s) (s->user)
56 #endif
57
58 TCGv_ptr cpu_env;
59 /* We reuse the same 64-bit temporaries for efficiency. */
60 static TCGv_i64 cpu_V0, cpu_V1, cpu_M0;
61 static TCGv_i32 cpu_R[16];
62 TCGv_i32 cpu_CF, cpu_NF, cpu_VF, cpu_ZF;
63 TCGv_i64 cpu_exclusive_addr;
64 TCGv_i64 cpu_exclusive_val;
65 #ifdef CONFIG_USER_ONLY
66 TCGv_i64 cpu_exclusive_test;
67 TCGv_i32 cpu_exclusive_info;
68 #endif
69
70 /* FIXME: These should be removed. */
71 static TCGv_i32 cpu_F0s, cpu_F1s;
72 static TCGv_i64 cpu_F0d, cpu_F1d;
73
74 #include "exec/gen-icount.h"
75
76 static const char *regnames[] =
77 { "r0", "r1", "r2", "r3", "r4", "r5", "r6", "r7",
78 "r8", "r9", "r10", "r11", "r12", "r13", "r14", "pc" };
79
80 /* initialize TCG globals. */
81 void arm_translate_init(void)
82 {
83 int i;
84
85 cpu_env = tcg_global_reg_new_ptr(TCG_AREG0, "env");
86
87 for (i = 0; i < 16; i++) {
88 cpu_R[i] = tcg_global_mem_new_i32(TCG_AREG0,
89 offsetof(CPUARMState, regs[i]),
90 regnames[i]);
91 }
92 cpu_CF = tcg_global_mem_new_i32(TCG_AREG0, offsetof(CPUARMState, CF), "CF");
93 cpu_NF = tcg_global_mem_new_i32(TCG_AREG0, offsetof(CPUARMState, NF), "NF");
94 cpu_VF = tcg_global_mem_new_i32(TCG_AREG0, offsetof(CPUARMState, VF), "VF");
95 cpu_ZF = tcg_global_mem_new_i32(TCG_AREG0, offsetof(CPUARMState, ZF), "ZF");
96
97 cpu_exclusive_addr = tcg_global_mem_new_i64(TCG_AREG0,
98 offsetof(CPUARMState, exclusive_addr), "exclusive_addr");
99 cpu_exclusive_val = tcg_global_mem_new_i64(TCG_AREG0,
100 offsetof(CPUARMState, exclusive_val), "exclusive_val");
101 #ifdef CONFIG_USER_ONLY
102 cpu_exclusive_test = tcg_global_mem_new_i64(TCG_AREG0,
103 offsetof(CPUARMState, exclusive_test), "exclusive_test");
104 cpu_exclusive_info = tcg_global_mem_new_i32(TCG_AREG0,
105 offsetof(CPUARMState, exclusive_info), "exclusive_info");
106 #endif
107
108 a64_translate_init();
109 }
110
111 static inline ARMMMUIdx get_a32_user_mem_index(DisasContext *s)
112 {
113 /* Return the mmu_idx to use for A32/T32 "unprivileged load/store"
114 * insns:
115 * if PL2, UNPREDICTABLE (we choose to implement as if PL0)
116 * otherwise, access as if at PL0.
117 */
118 switch (s->mmu_idx) {
119 case ARMMMUIdx_S1E2: /* this one is UNPREDICTABLE */
120 case ARMMMUIdx_S12NSE0:
121 case ARMMMUIdx_S12NSE1:
122 return ARMMMUIdx_S12NSE0;
123 case ARMMMUIdx_S1E3:
124 case ARMMMUIdx_S1SE0:
125 case ARMMMUIdx_S1SE1:
126 return ARMMMUIdx_S1SE0;
127 case ARMMMUIdx_S2NS:
128 default:
129 g_assert_not_reached();
130 }
131 }
132
133 static inline TCGv_i32 load_cpu_offset(int offset)
134 {
135 TCGv_i32 tmp = tcg_temp_new_i32();
136 tcg_gen_ld_i32(tmp, cpu_env, offset);
137 return tmp;
138 }
139
140 #define load_cpu_field(name) load_cpu_offset(offsetof(CPUARMState, name))
141
142 static inline void store_cpu_offset(TCGv_i32 var, int offset)
143 {
144 tcg_gen_st_i32(var, cpu_env, offset);
145 tcg_temp_free_i32(var);
146 }
147
148 #define store_cpu_field(var, name) \
149 store_cpu_offset(var, offsetof(CPUARMState, name))
150
151 /* Set a variable to the value of a CPU register. */
152 static void load_reg_var(DisasContext *s, TCGv_i32 var, int reg)
153 {
154 if (reg == 15) {
155 uint32_t addr;
156 /* normally, since we updated PC, we need only to add one insn */
157 if (s->thumb)
158 addr = (long)s->pc + 2;
159 else
160 addr = (long)s->pc + 4;
161 tcg_gen_movi_i32(var, addr);
162 } else {
163 tcg_gen_mov_i32(var, cpu_R[reg]);
164 }
165 }
166
167 /* Create a new temporary and set it to the value of a CPU register. */
168 static inline TCGv_i32 load_reg(DisasContext *s, int reg)
169 {
170 TCGv_i32 tmp = tcg_temp_new_i32();
171 load_reg_var(s, tmp, reg);
172 return tmp;
173 }
174
175 /* Set a CPU register. The source must be a temporary and will be
176 marked as dead. */
177 static void store_reg(DisasContext *s, int reg, TCGv_i32 var)
178 {
179 if (reg == 15) {
180 tcg_gen_andi_i32(var, var, ~1);
181 s->is_jmp = DISAS_JUMP;
182 }
183 tcg_gen_mov_i32(cpu_R[reg], var);
184 tcg_temp_free_i32(var);
185 }
186
187 /* Value extensions. */
188 #define gen_uxtb(var) tcg_gen_ext8u_i32(var, var)
189 #define gen_uxth(var) tcg_gen_ext16u_i32(var, var)
190 #define gen_sxtb(var) tcg_gen_ext8s_i32(var, var)
191 #define gen_sxth(var) tcg_gen_ext16s_i32(var, var)
192
193 #define gen_sxtb16(var) gen_helper_sxtb16(var, var)
194 #define gen_uxtb16(var) gen_helper_uxtb16(var, var)
195
196
197 static inline void gen_set_cpsr(TCGv_i32 var, uint32_t mask)
198 {
199 TCGv_i32 tmp_mask = tcg_const_i32(mask);
200 gen_helper_cpsr_write(cpu_env, var, tmp_mask);
201 tcg_temp_free_i32(tmp_mask);
202 }
203 /* Set NZCV flags from the high 4 bits of var. */
204 #define gen_set_nzcv(var) gen_set_cpsr(var, CPSR_NZCV)
205
206 static void gen_exception_internal(int excp)
207 {
208 TCGv_i32 tcg_excp = tcg_const_i32(excp);
209
210 assert(excp_is_internal(excp));
211 gen_helper_exception_internal(cpu_env, tcg_excp);
212 tcg_temp_free_i32(tcg_excp);
213 }
214
215 static void gen_exception(int excp, uint32_t syndrome, uint32_t target_el)
216 {
217 TCGv_i32 tcg_excp = tcg_const_i32(excp);
218 TCGv_i32 tcg_syn = tcg_const_i32(syndrome);
219 TCGv_i32 tcg_el = tcg_const_i32(target_el);
220
221 gen_helper_exception_with_syndrome(cpu_env, tcg_excp,
222 tcg_syn, tcg_el);
223
224 tcg_temp_free_i32(tcg_el);
225 tcg_temp_free_i32(tcg_syn);
226 tcg_temp_free_i32(tcg_excp);
227 }
228
229 static void gen_ss_advance(DisasContext *s)
230 {
231 /* If the singlestep state is Active-not-pending, advance to
232 * Active-pending.
233 */
234 if (s->ss_active) {
235 s->pstate_ss = 0;
236 gen_helper_clear_pstate_ss(cpu_env);
237 }
238 }
239
240 static void gen_step_complete_exception(DisasContext *s)
241 {
242 /* We just completed step of an insn. Move from Active-not-pending
243 * to Active-pending, and then also take the swstep exception.
244 * This corresponds to making the (IMPDEF) choice to prioritize
245 * swstep exceptions over asynchronous exceptions taken to an exception
246 * level where debug is disabled. This choice has the advantage that
247 * we do not need to maintain internal state corresponding to the
248 * ISV/EX syndrome bits between completion of the step and generation
249 * of the exception, and our syndrome information is always correct.
250 */
251 gen_ss_advance(s);
252 gen_exception(EXCP_UDEF, syn_swstep(s->ss_same_el, 1, s->is_ldex),
253 default_exception_el(s));
254 s->is_jmp = DISAS_EXC;
255 }
256
257 static void gen_smul_dual(TCGv_i32 a, TCGv_i32 b)
258 {
259 TCGv_i32 tmp1 = tcg_temp_new_i32();
260 TCGv_i32 tmp2 = tcg_temp_new_i32();
261 tcg_gen_ext16s_i32(tmp1, a);
262 tcg_gen_ext16s_i32(tmp2, b);
263 tcg_gen_mul_i32(tmp1, tmp1, tmp2);
264 tcg_temp_free_i32(tmp2);
265 tcg_gen_sari_i32(a, a, 16);
266 tcg_gen_sari_i32(b, b, 16);
267 tcg_gen_mul_i32(b, b, a);
268 tcg_gen_mov_i32(a, tmp1);
269 tcg_temp_free_i32(tmp1);
270 }
271
272 /* Byteswap each halfword. */
273 static void gen_rev16(TCGv_i32 var)
274 {
275 TCGv_i32 tmp = tcg_temp_new_i32();
276 tcg_gen_shri_i32(tmp, var, 8);
277 tcg_gen_andi_i32(tmp, tmp, 0x00ff00ff);
278 tcg_gen_shli_i32(var, var, 8);
279 tcg_gen_andi_i32(var, var, 0xff00ff00);
280 tcg_gen_or_i32(var, var, tmp);
281 tcg_temp_free_i32(tmp);
282 }
283
284 /* Byteswap low halfword and sign extend. */
285 static void gen_revsh(TCGv_i32 var)
286 {
287 tcg_gen_ext16u_i32(var, var);
288 tcg_gen_bswap16_i32(var, var);
289 tcg_gen_ext16s_i32(var, var);
290 }
291
292 /* Unsigned bitfield extract. */
293 static void gen_ubfx(TCGv_i32 var, int shift, uint32_t mask)
294 {
295 if (shift)
296 tcg_gen_shri_i32(var, var, shift);
297 tcg_gen_andi_i32(var, var, mask);
298 }
299
300 /* Signed bitfield extract. */
301 static void gen_sbfx(TCGv_i32 var, int shift, int width)
302 {
303 uint32_t signbit;
304
305 if (shift)
306 tcg_gen_sari_i32(var, var, shift);
307 if (shift + width < 32) {
308 signbit = 1u << (width - 1);
309 tcg_gen_andi_i32(var, var, (1u << width) - 1);
310 tcg_gen_xori_i32(var, var, signbit);
311 tcg_gen_subi_i32(var, var, signbit);
312 }
313 }
314
315 /* Return (b << 32) + a. Mark inputs as dead */
316 static TCGv_i64 gen_addq_msw(TCGv_i64 a, TCGv_i32 b)
317 {
318 TCGv_i64 tmp64 = tcg_temp_new_i64();
319
320 tcg_gen_extu_i32_i64(tmp64, b);
321 tcg_temp_free_i32(b);
322 tcg_gen_shli_i64(tmp64, tmp64, 32);
323 tcg_gen_add_i64(a, tmp64, a);
324
325 tcg_temp_free_i64(tmp64);
326 return a;
327 }
328
329 /* Return (b << 32) - a. Mark inputs as dead. */
330 static TCGv_i64 gen_subq_msw(TCGv_i64 a, TCGv_i32 b)
331 {
332 TCGv_i64 tmp64 = tcg_temp_new_i64();
333
334 tcg_gen_extu_i32_i64(tmp64, b);
335 tcg_temp_free_i32(b);
336 tcg_gen_shli_i64(tmp64, tmp64, 32);
337 tcg_gen_sub_i64(a, tmp64, a);
338
339 tcg_temp_free_i64(tmp64);
340 return a;
341 }
342
343 /* 32x32->64 multiply. Marks inputs as dead. */
344 static TCGv_i64 gen_mulu_i64_i32(TCGv_i32 a, TCGv_i32 b)
345 {
346 TCGv_i32 lo = tcg_temp_new_i32();
347 TCGv_i32 hi = tcg_temp_new_i32();
348 TCGv_i64 ret;
349
350 tcg_gen_mulu2_i32(lo, hi, a, b);
351 tcg_temp_free_i32(a);
352 tcg_temp_free_i32(b);
353
354 ret = tcg_temp_new_i64();
355 tcg_gen_concat_i32_i64(ret, lo, hi);
356 tcg_temp_free_i32(lo);
357 tcg_temp_free_i32(hi);
358
359 return ret;
360 }
361
362 static TCGv_i64 gen_muls_i64_i32(TCGv_i32 a, TCGv_i32 b)
363 {
364 TCGv_i32 lo = tcg_temp_new_i32();
365 TCGv_i32 hi = tcg_temp_new_i32();
366 TCGv_i64 ret;
367
368 tcg_gen_muls2_i32(lo, hi, a, b);
369 tcg_temp_free_i32(a);
370 tcg_temp_free_i32(b);
371
372 ret = tcg_temp_new_i64();
373 tcg_gen_concat_i32_i64(ret, lo, hi);
374 tcg_temp_free_i32(lo);
375 tcg_temp_free_i32(hi);
376
377 return ret;
378 }
379
380 /* Swap low and high halfwords. */
381 static void gen_swap_half(TCGv_i32 var)
382 {
383 TCGv_i32 tmp = tcg_temp_new_i32();
384 tcg_gen_shri_i32(tmp, var, 16);
385 tcg_gen_shli_i32(var, var, 16);
386 tcg_gen_or_i32(var, var, tmp);
387 tcg_temp_free_i32(tmp);
388 }
389
390 /* Dual 16-bit add. Result placed in t0 and t1 is marked as dead.
391 tmp = (t0 ^ t1) & 0x8000;
392 t0 &= ~0x8000;
393 t1 &= ~0x8000;
394 t0 = (t0 + t1) ^ tmp;
395 */
396
397 static void gen_add16(TCGv_i32 t0, TCGv_i32 t1)
398 {
399 TCGv_i32 tmp = tcg_temp_new_i32();
400 tcg_gen_xor_i32(tmp, t0, t1);
401 tcg_gen_andi_i32(tmp, tmp, 0x8000);
402 tcg_gen_andi_i32(t0, t0, ~0x8000);
403 tcg_gen_andi_i32(t1, t1, ~0x8000);
404 tcg_gen_add_i32(t0, t0, t1);
405 tcg_gen_xor_i32(t0, t0, tmp);
406 tcg_temp_free_i32(tmp);
407 tcg_temp_free_i32(t1);
408 }
409
410 /* Set CF to the top bit of var. */
411 static void gen_set_CF_bit31(TCGv_i32 var)
412 {
413 tcg_gen_shri_i32(cpu_CF, var, 31);
414 }
415
416 /* Set N and Z flags from var. */
417 static inline void gen_logic_CC(TCGv_i32 var)
418 {
419 tcg_gen_mov_i32(cpu_NF, var);
420 tcg_gen_mov_i32(cpu_ZF, var);
421 }
422
423 /* T0 += T1 + CF. */
424 static void gen_adc(TCGv_i32 t0, TCGv_i32 t1)
425 {
426 tcg_gen_add_i32(t0, t0, t1);
427 tcg_gen_add_i32(t0, t0, cpu_CF);
428 }
429
430 /* dest = T0 + T1 + CF. */
431 static void gen_add_carry(TCGv_i32 dest, TCGv_i32 t0, TCGv_i32 t1)
432 {
433 tcg_gen_add_i32(dest, t0, t1);
434 tcg_gen_add_i32(dest, dest, cpu_CF);
435 }
436
437 /* dest = T0 - T1 + CF - 1. */
438 static void gen_sub_carry(TCGv_i32 dest, TCGv_i32 t0, TCGv_i32 t1)
439 {
440 tcg_gen_sub_i32(dest, t0, t1);
441 tcg_gen_add_i32(dest, dest, cpu_CF);
442 tcg_gen_subi_i32(dest, dest, 1);
443 }
444
445 /* dest = T0 + T1. Compute C, N, V and Z flags */
446 static void gen_add_CC(TCGv_i32 dest, TCGv_i32 t0, TCGv_i32 t1)
447 {
448 TCGv_i32 tmp = tcg_temp_new_i32();
449 tcg_gen_movi_i32(tmp, 0);
450 tcg_gen_add2_i32(cpu_NF, cpu_CF, t0, tmp, t1, tmp);
451 tcg_gen_mov_i32(cpu_ZF, cpu_NF);
452 tcg_gen_xor_i32(cpu_VF, cpu_NF, t0);
453 tcg_gen_xor_i32(tmp, t0, t1);
454 tcg_gen_andc_i32(cpu_VF, cpu_VF, tmp);
455 tcg_temp_free_i32(tmp);
456 tcg_gen_mov_i32(dest, cpu_NF);
457 }
458
459 /* dest = T0 + T1 + CF. Compute C, N, V and Z flags */
460 static void gen_adc_CC(TCGv_i32 dest, TCGv_i32 t0, TCGv_i32 t1)
461 {
462 TCGv_i32 tmp = tcg_temp_new_i32();
463 if (TCG_TARGET_HAS_add2_i32) {
464 tcg_gen_movi_i32(tmp, 0);
465 tcg_gen_add2_i32(cpu_NF, cpu_CF, t0, tmp, cpu_CF, tmp);
466 tcg_gen_add2_i32(cpu_NF, cpu_CF, cpu_NF, cpu_CF, t1, tmp);
467 } else {
468 TCGv_i64 q0 = tcg_temp_new_i64();
469 TCGv_i64 q1 = tcg_temp_new_i64();
470 tcg_gen_extu_i32_i64(q0, t0);
471 tcg_gen_extu_i32_i64(q1, t1);
472 tcg_gen_add_i64(q0, q0, q1);
473 tcg_gen_extu_i32_i64(q1, cpu_CF);
474 tcg_gen_add_i64(q0, q0, q1);
475 tcg_gen_extr_i64_i32(cpu_NF, cpu_CF, q0);
476 tcg_temp_free_i64(q0);
477 tcg_temp_free_i64(q1);
478 }
479 tcg_gen_mov_i32(cpu_ZF, cpu_NF);
480 tcg_gen_xor_i32(cpu_VF, cpu_NF, t0);
481 tcg_gen_xor_i32(tmp, t0, t1);
482 tcg_gen_andc_i32(cpu_VF, cpu_VF, tmp);
483 tcg_temp_free_i32(tmp);
484 tcg_gen_mov_i32(dest, cpu_NF);
485 }
486
487 /* dest = T0 - T1. Compute C, N, V and Z flags */
488 static void gen_sub_CC(TCGv_i32 dest, TCGv_i32 t0, TCGv_i32 t1)
489 {
490 TCGv_i32 tmp;
491 tcg_gen_sub_i32(cpu_NF, t0, t1);
492 tcg_gen_mov_i32(cpu_ZF, cpu_NF);
493 tcg_gen_setcond_i32(TCG_COND_GEU, cpu_CF, t0, t1);
494 tcg_gen_xor_i32(cpu_VF, cpu_NF, t0);
495 tmp = tcg_temp_new_i32();
496 tcg_gen_xor_i32(tmp, t0, t1);
497 tcg_gen_and_i32(cpu_VF, cpu_VF, tmp);
498 tcg_temp_free_i32(tmp);
499 tcg_gen_mov_i32(dest, cpu_NF);
500 }
501
502 /* dest = T0 + ~T1 + CF. Compute C, N, V and Z flags */
503 static void gen_sbc_CC(TCGv_i32 dest, TCGv_i32 t0, TCGv_i32 t1)
504 {
505 TCGv_i32 tmp = tcg_temp_new_i32();
506 tcg_gen_not_i32(tmp, t1);
507 gen_adc_CC(dest, t0, tmp);
508 tcg_temp_free_i32(tmp);
509 }
510
511 #define GEN_SHIFT(name) \
512 static void gen_##name(TCGv_i32 dest, TCGv_i32 t0, TCGv_i32 t1) \
513 { \
514 TCGv_i32 tmp1, tmp2, tmp3; \
515 tmp1 = tcg_temp_new_i32(); \
516 tcg_gen_andi_i32(tmp1, t1, 0xff); \
517 tmp2 = tcg_const_i32(0); \
518 tmp3 = tcg_const_i32(0x1f); \
519 tcg_gen_movcond_i32(TCG_COND_GTU, tmp2, tmp1, tmp3, tmp2, t0); \
520 tcg_temp_free_i32(tmp3); \
521 tcg_gen_andi_i32(tmp1, tmp1, 0x1f); \
522 tcg_gen_##name##_i32(dest, tmp2, tmp1); \
523 tcg_temp_free_i32(tmp2); \
524 tcg_temp_free_i32(tmp1); \
525 }
526 GEN_SHIFT(shl)
527 GEN_SHIFT(shr)
528 #undef GEN_SHIFT
529
530 static void gen_sar(TCGv_i32 dest, TCGv_i32 t0, TCGv_i32 t1)
531 {
532 TCGv_i32 tmp1, tmp2;
533 tmp1 = tcg_temp_new_i32();
534 tcg_gen_andi_i32(tmp1, t1, 0xff);
535 tmp2 = tcg_const_i32(0x1f);
536 tcg_gen_movcond_i32(TCG_COND_GTU, tmp1, tmp1, tmp2, tmp2, tmp1);
537 tcg_temp_free_i32(tmp2);
538 tcg_gen_sar_i32(dest, t0, tmp1);
539 tcg_temp_free_i32(tmp1);
540 }
541
542 static void tcg_gen_abs_i32(TCGv_i32 dest, TCGv_i32 src)
543 {
544 TCGv_i32 c0 = tcg_const_i32(0);
545 TCGv_i32 tmp = tcg_temp_new_i32();
546 tcg_gen_neg_i32(tmp, src);
547 tcg_gen_movcond_i32(TCG_COND_GT, dest, src, c0, src, tmp);
548 tcg_temp_free_i32(c0);
549 tcg_temp_free_i32(tmp);
550 }
551
552 static void shifter_out_im(TCGv_i32 var, int shift)
553 {
554 if (shift == 0) {
555 tcg_gen_andi_i32(cpu_CF, var, 1);
556 } else {
557 tcg_gen_shri_i32(cpu_CF, var, shift);
558 if (shift != 31) {
559 tcg_gen_andi_i32(cpu_CF, cpu_CF, 1);
560 }
561 }
562 }
563
564 /* Shift by immediate. Includes special handling for shift == 0. */
565 static inline void gen_arm_shift_im(TCGv_i32 var, int shiftop,
566 int shift, int flags)
567 {
568 switch (shiftop) {
569 case 0: /* LSL */
570 if (shift != 0) {
571 if (flags)
572 shifter_out_im(var, 32 - shift);
573 tcg_gen_shli_i32(var, var, shift);
574 }
575 break;
576 case 1: /* LSR */
577 if (shift == 0) {
578 if (flags) {
579 tcg_gen_shri_i32(cpu_CF, var, 31);
580 }
581 tcg_gen_movi_i32(var, 0);
582 } else {
583 if (flags)
584 shifter_out_im(var, shift - 1);
585 tcg_gen_shri_i32(var, var, shift);
586 }
587 break;
588 case 2: /* ASR */
589 if (shift == 0)
590 shift = 32;
591 if (flags)
592 shifter_out_im(var, shift - 1);
593 if (shift == 32)
594 shift = 31;
595 tcg_gen_sari_i32(var, var, shift);
596 break;
597 case 3: /* ROR/RRX */
598 if (shift != 0) {
599 if (flags)
600 shifter_out_im(var, shift - 1);
601 tcg_gen_rotri_i32(var, var, shift); break;
602 } else {
603 TCGv_i32 tmp = tcg_temp_new_i32();
604 tcg_gen_shli_i32(tmp, cpu_CF, 31);
605 if (flags)
606 shifter_out_im(var, 0);
607 tcg_gen_shri_i32(var, var, 1);
608 tcg_gen_or_i32(var, var, tmp);
609 tcg_temp_free_i32(tmp);
610 }
611 }
612 };
613
614 static inline void gen_arm_shift_reg(TCGv_i32 var, int shiftop,
615 TCGv_i32 shift, int flags)
616 {
617 if (flags) {
618 switch (shiftop) {
619 case 0: gen_helper_shl_cc(var, cpu_env, var, shift); break;
620 case 1: gen_helper_shr_cc(var, cpu_env, var, shift); break;
621 case 2: gen_helper_sar_cc(var, cpu_env, var, shift); break;
622 case 3: gen_helper_ror_cc(var, cpu_env, var, shift); break;
623 }
624 } else {
625 switch (shiftop) {
626 case 0:
627 gen_shl(var, var, shift);
628 break;
629 case 1:
630 gen_shr(var, var, shift);
631 break;
632 case 2:
633 gen_sar(var, var, shift);
634 break;
635 case 3: tcg_gen_andi_i32(shift, shift, 0x1f);
636 tcg_gen_rotr_i32(var, var, shift); break;
637 }
638 }
639 tcg_temp_free_i32(shift);
640 }
641
642 #define PAS_OP(pfx) \
643 switch (op2) { \
644 case 0: gen_pas_helper(glue(pfx,add16)); break; \
645 case 1: gen_pas_helper(glue(pfx,addsubx)); break; \
646 case 2: gen_pas_helper(glue(pfx,subaddx)); break; \
647 case 3: gen_pas_helper(glue(pfx,sub16)); break; \
648 case 4: gen_pas_helper(glue(pfx,add8)); break; \
649 case 7: gen_pas_helper(glue(pfx,sub8)); break; \
650 }
651 static void gen_arm_parallel_addsub(int op1, int op2, TCGv_i32 a, TCGv_i32 b)
652 {
653 TCGv_ptr tmp;
654
655 switch (op1) {
656 #define gen_pas_helper(name) glue(gen_helper_,name)(a, a, b, tmp)
657 case 1:
658 tmp = tcg_temp_new_ptr();
659 tcg_gen_addi_ptr(tmp, cpu_env, offsetof(CPUARMState, GE));
660 PAS_OP(s)
661 tcg_temp_free_ptr(tmp);
662 break;
663 case 5:
664 tmp = tcg_temp_new_ptr();
665 tcg_gen_addi_ptr(tmp, cpu_env, offsetof(CPUARMState, GE));
666 PAS_OP(u)
667 tcg_temp_free_ptr(tmp);
668 break;
669 #undef gen_pas_helper
670 #define gen_pas_helper(name) glue(gen_helper_,name)(a, a, b)
671 case 2:
672 PAS_OP(q);
673 break;
674 case 3:
675 PAS_OP(sh);
676 break;
677 case 6:
678 PAS_OP(uq);
679 break;
680 case 7:
681 PAS_OP(uh);
682 break;
683 #undef gen_pas_helper
684 }
685 }
686 #undef PAS_OP
687
688 /* For unknown reasons Arm and Thumb-2 use arbitrarily different encodings. */
689 #define PAS_OP(pfx) \
690 switch (op1) { \
691 case 0: gen_pas_helper(glue(pfx,add8)); break; \
692 case 1: gen_pas_helper(glue(pfx,add16)); break; \
693 case 2: gen_pas_helper(glue(pfx,addsubx)); break; \
694 case 4: gen_pas_helper(glue(pfx,sub8)); break; \
695 case 5: gen_pas_helper(glue(pfx,sub16)); break; \
696 case 6: gen_pas_helper(glue(pfx,subaddx)); break; \
697 }
698 static void gen_thumb2_parallel_addsub(int op1, int op2, TCGv_i32 a, TCGv_i32 b)
699 {
700 TCGv_ptr tmp;
701
702 switch (op2) {
703 #define gen_pas_helper(name) glue(gen_helper_,name)(a, a, b, tmp)
704 case 0:
705 tmp = tcg_temp_new_ptr();
706 tcg_gen_addi_ptr(tmp, cpu_env, offsetof(CPUARMState, GE));
707 PAS_OP(s)
708 tcg_temp_free_ptr(tmp);
709 break;
710 case 4:
711 tmp = tcg_temp_new_ptr();
712 tcg_gen_addi_ptr(tmp, cpu_env, offsetof(CPUARMState, GE));
713 PAS_OP(u)
714 tcg_temp_free_ptr(tmp);
715 break;
716 #undef gen_pas_helper
717 #define gen_pas_helper(name) glue(gen_helper_,name)(a, a, b)
718 case 1:
719 PAS_OP(q);
720 break;
721 case 2:
722 PAS_OP(sh);
723 break;
724 case 5:
725 PAS_OP(uq);
726 break;
727 case 6:
728 PAS_OP(uh);
729 break;
730 #undef gen_pas_helper
731 }
732 }
733 #undef PAS_OP
734
735 /*
736 * Generate a conditional based on ARM condition code cc.
737 * This is common between ARM and Aarch64 targets.
738 */
739 void arm_test_cc(DisasCompare *cmp, int cc)
740 {
741 TCGv_i32 value;
742 TCGCond cond;
743 bool global = true;
744
745 switch (cc) {
746 case 0: /* eq: Z */
747 case 1: /* ne: !Z */
748 cond = TCG_COND_EQ;
749 value = cpu_ZF;
750 break;
751
752 case 2: /* cs: C */
753 case 3: /* cc: !C */
754 cond = TCG_COND_NE;
755 value = cpu_CF;
756 break;
757
758 case 4: /* mi: N */
759 case 5: /* pl: !N */
760 cond = TCG_COND_LT;
761 value = cpu_NF;
762 break;
763
764 case 6: /* vs: V */
765 case 7: /* vc: !V */
766 cond = TCG_COND_LT;
767 value = cpu_VF;
768 break;
769
770 case 8: /* hi: C && !Z */
771 case 9: /* ls: !C || Z -> !(C && !Z) */
772 cond = TCG_COND_NE;
773 value = tcg_temp_new_i32();
774 global = false;
775 /* CF is 1 for C, so -CF is an all-bits-set mask for C;
776 ZF is non-zero for !Z; so AND the two subexpressions. */
777 tcg_gen_neg_i32(value, cpu_CF);
778 tcg_gen_and_i32(value, value, cpu_ZF);
779 break;
780
781 case 10: /* ge: N == V -> N ^ V == 0 */
782 case 11: /* lt: N != V -> N ^ V != 0 */
783 /* Since we're only interested in the sign bit, == 0 is >= 0. */
784 cond = TCG_COND_GE;
785 value = tcg_temp_new_i32();
786 global = false;
787 tcg_gen_xor_i32(value, cpu_VF, cpu_NF);
788 break;
789
790 case 12: /* gt: !Z && N == V */
791 case 13: /* le: Z || N != V */
792 cond = TCG_COND_NE;
793 value = tcg_temp_new_i32();
794 global = false;
795 /* (N == V) is equal to the sign bit of ~(NF ^ VF). Propagate
796 * the sign bit then AND with ZF to yield the result. */
797 tcg_gen_xor_i32(value, cpu_VF, cpu_NF);
798 tcg_gen_sari_i32(value, value, 31);
799 tcg_gen_andc_i32(value, cpu_ZF, value);
800 break;
801
802 case 14: /* always */
803 case 15: /* always */
804 /* Use the ALWAYS condition, which will fold early.
805 * It doesn't matter what we use for the value. */
806 cond = TCG_COND_ALWAYS;
807 value = cpu_ZF;
808 goto no_invert;
809
810 default:
811 fprintf(stderr, "Bad condition code 0x%x\n", cc);
812 abort();
813 }
814
815 if (cc & 1) {
816 cond = tcg_invert_cond(cond);
817 }
818
819 no_invert:
820 cmp->cond = cond;
821 cmp->value = value;
822 cmp->value_global = global;
823 }
824
825 void arm_free_cc(DisasCompare *cmp)
826 {
827 if (!cmp->value_global) {
828 tcg_temp_free_i32(cmp->value);
829 }
830 }
831
832 void arm_jump_cc(DisasCompare *cmp, TCGLabel *label)
833 {
834 tcg_gen_brcondi_i32(cmp->cond, cmp->value, 0, label);
835 }
836
837 void arm_gen_test_cc(int cc, TCGLabel *label)
838 {
839 DisasCompare cmp;
840 arm_test_cc(&cmp, cc);
841 arm_jump_cc(&cmp, label);
842 arm_free_cc(&cmp);
843 }
844
845 static const uint8_t table_logic_cc[16] = {
846 1, /* and */
847 1, /* xor */
848 0, /* sub */
849 0, /* rsb */
850 0, /* add */
851 0, /* adc */
852 0, /* sbc */
853 0, /* rsc */
854 1, /* andl */
855 1, /* xorl */
856 0, /* cmp */
857 0, /* cmn */
858 1, /* orr */
859 1, /* mov */
860 1, /* bic */
861 1, /* mvn */
862 };
863
864 /* Set PC and Thumb state from an immediate address. */
865 static inline void gen_bx_im(DisasContext *s, uint32_t addr)
866 {
867 TCGv_i32 tmp;
868
869 s->is_jmp = DISAS_JUMP;
870 if (s->thumb != (addr & 1)) {
871 tmp = tcg_temp_new_i32();
872 tcg_gen_movi_i32(tmp, addr & 1);
873 tcg_gen_st_i32(tmp, cpu_env, offsetof(CPUARMState, thumb));
874 tcg_temp_free_i32(tmp);
875 }
876 tcg_gen_movi_i32(cpu_R[15], addr & ~1);
877 }
878
879 /* Set PC and Thumb state from var. var is marked as dead. */
880 static inline void gen_bx(DisasContext *s, TCGv_i32 var)
881 {
882 s->is_jmp = DISAS_JUMP;
883 tcg_gen_andi_i32(cpu_R[15], var, ~1);
884 tcg_gen_andi_i32(var, var, 1);
885 store_cpu_field(var, thumb);
886 }
887
888 /* Variant of store_reg which uses branch&exchange logic when storing
889 to r15 in ARM architecture v7 and above. The source must be a temporary
890 and will be marked as dead. */
891 static inline void store_reg_bx(DisasContext *s, int reg, TCGv_i32 var)
892 {
893 if (reg == 15 && ENABLE_ARCH_7) {
894 gen_bx(s, var);
895 } else {
896 store_reg(s, reg, var);
897 }
898 }
899
900 /* Variant of store_reg which uses branch&exchange logic when storing
901 * to r15 in ARM architecture v5T and above. This is used for storing
902 * the results of a LDR/LDM/POP into r15, and corresponds to the cases
903 * in the ARM ARM which use the LoadWritePC() pseudocode function. */
904 static inline void store_reg_from_load(DisasContext *s, int reg, TCGv_i32 var)
905 {
906 if (reg == 15 && ENABLE_ARCH_5) {
907 gen_bx(s, var);
908 } else {
909 store_reg(s, reg, var);
910 }
911 }
912
913 /* Abstractions of "generate code to do a guest load/store for
914 * AArch32", where a vaddr is always 32 bits (and is zero
915 * extended if we're a 64 bit core) and data is also
916 * 32 bits unless specifically doing a 64 bit access.
917 * These functions work like tcg_gen_qemu_{ld,st}* except
918 * that the address argument is TCGv_i32 rather than TCGv.
919 */
920 #if TARGET_LONG_BITS == 32
921
922 #define DO_GEN_LD(SUFF, OPC) \
923 static inline void gen_aa32_ld##SUFF(TCGv_i32 val, TCGv_i32 addr, int index) \
924 { \
925 tcg_gen_qemu_ld_i32(val, addr, index, (OPC)); \
926 }
927
928 #define DO_GEN_ST(SUFF, OPC) \
929 static inline void gen_aa32_st##SUFF(TCGv_i32 val, TCGv_i32 addr, int index) \
930 { \
931 tcg_gen_qemu_st_i32(val, addr, index, (OPC)); \
932 }
933
934 static inline void gen_aa32_ld64(TCGv_i64 val, TCGv_i32 addr, int index)
935 {
936 tcg_gen_qemu_ld_i64(val, addr, index, MO_TEQ);
937 }
938
939 static inline void gen_aa32_st64(TCGv_i64 val, TCGv_i32 addr, int index)
940 {
941 tcg_gen_qemu_st_i64(val, addr, index, MO_TEQ);
942 }
943
944 #else
945
946 #define DO_GEN_LD(SUFF, OPC) \
947 static inline void gen_aa32_ld##SUFF(TCGv_i32 val, TCGv_i32 addr, int index) \
948 { \
949 TCGv addr64 = tcg_temp_new(); \
950 tcg_gen_extu_i32_i64(addr64, addr); \
951 tcg_gen_qemu_ld_i32(val, addr64, index, OPC); \
952 tcg_temp_free(addr64); \
953 }
954
955 #define DO_GEN_ST(SUFF, OPC) \
956 static inline void gen_aa32_st##SUFF(TCGv_i32 val, TCGv_i32 addr, int index) \
957 { \
958 TCGv addr64 = tcg_temp_new(); \
959 tcg_gen_extu_i32_i64(addr64, addr); \
960 tcg_gen_qemu_st_i32(val, addr64, index, OPC); \
961 tcg_temp_free(addr64); \
962 }
963
964 static inline void gen_aa32_ld64(TCGv_i64 val, TCGv_i32 addr, int index)
965 {
966 TCGv addr64 = tcg_temp_new();
967 tcg_gen_extu_i32_i64(addr64, addr);
968 tcg_gen_qemu_ld_i64(val, addr64, index, MO_TEQ);
969 tcg_temp_free(addr64);
970 }
971
972 static inline void gen_aa32_st64(TCGv_i64 val, TCGv_i32 addr, int index)
973 {
974 TCGv addr64 = tcg_temp_new();
975 tcg_gen_extu_i32_i64(addr64, addr);
976 tcg_gen_qemu_st_i64(val, addr64, index, MO_TEQ);
977 tcg_temp_free(addr64);
978 }
979
980 #endif
981
982 DO_GEN_LD(8s, MO_SB)
983 DO_GEN_LD(8u, MO_UB)
984 DO_GEN_LD(16s, MO_TESW)
985 DO_GEN_LD(16u, MO_TEUW)
986 DO_GEN_LD(32u, MO_TEUL)
987 /* 'a' variants include an alignment check */
988 DO_GEN_LD(16ua, MO_TEUW | MO_ALIGN)
989 DO_GEN_LD(32ua, MO_TEUL | MO_ALIGN)
990 DO_GEN_ST(8, MO_UB)
991 DO_GEN_ST(16, MO_TEUW)
992 DO_GEN_ST(32, MO_TEUL)
993
994 static inline void gen_set_pc_im(DisasContext *s, target_ulong val)
995 {
996 tcg_gen_movi_i32(cpu_R[15], val);
997 }
998
999 static inline void gen_hvc(DisasContext *s, int imm16)
1000 {
1001 /* The pre HVC helper handles cases when HVC gets trapped
1002 * as an undefined insn by runtime configuration (ie before
1003 * the insn really executes).
1004 */
1005 gen_set_pc_im(s, s->pc - 4);
1006 gen_helper_pre_hvc(cpu_env);
1007 /* Otherwise we will treat this as a real exception which
1008 * happens after execution of the insn. (The distinction matters
1009 * for the PC value reported to the exception handler and also
1010 * for single stepping.)
1011 */
1012 s->svc_imm = imm16;
1013 gen_set_pc_im(s, s->pc);
1014 s->is_jmp = DISAS_HVC;
1015 }
1016
1017 static inline void gen_smc(DisasContext *s)
1018 {
1019 /* As with HVC, we may take an exception either before or after
1020 * the insn executes.
1021 */
1022 TCGv_i32 tmp;
1023
1024 gen_set_pc_im(s, s->pc - 4);
1025 tmp = tcg_const_i32(syn_aa32_smc());
1026 gen_helper_pre_smc(cpu_env, tmp);
1027 tcg_temp_free_i32(tmp);
1028 gen_set_pc_im(s, s->pc);
1029 s->is_jmp = DISAS_SMC;
1030 }
1031
1032 static inline void
1033 gen_set_condexec (DisasContext *s)
1034 {
1035 if (s->condexec_mask) {
1036 uint32_t val = (s->condexec_cond << 4) | (s->condexec_mask >> 1);
1037 TCGv_i32 tmp = tcg_temp_new_i32();
1038 tcg_gen_movi_i32(tmp, val);
1039 store_cpu_field(tmp, condexec_bits);
1040 }
1041 }
1042
1043 static void gen_exception_internal_insn(DisasContext *s, int offset, int excp)
1044 {
1045 gen_set_condexec(s);
1046 gen_set_pc_im(s, s->pc - offset);
1047 gen_exception_internal(excp);
1048 s->is_jmp = DISAS_JUMP;
1049 }
1050
1051 static void gen_exception_insn(DisasContext *s, int offset, int excp,
1052 int syn, uint32_t target_el)
1053 {
1054 gen_set_condexec(s);
1055 gen_set_pc_im(s, s->pc - offset);
1056 gen_exception(excp, syn, target_el);
1057 s->is_jmp = DISAS_JUMP;
1058 }
1059
1060 /* Force a TB lookup after an instruction that changes the CPU state. */
1061 static inline void gen_lookup_tb(DisasContext *s)
1062 {
1063 tcg_gen_movi_i32(cpu_R[15], s->pc & ~1);
1064 s->is_jmp = DISAS_JUMP;
1065 }
1066
1067 static inline void gen_add_data_offset(DisasContext *s, unsigned int insn,
1068 TCGv_i32 var)
1069 {
1070 int val, rm, shift, shiftop;
1071 TCGv_i32 offset;
1072
1073 if (!(insn & (1 << 25))) {
1074 /* immediate */
1075 val = insn & 0xfff;
1076 if (!(insn & (1 << 23)))
1077 val = -val;
1078 if (val != 0)
1079 tcg_gen_addi_i32(var, var, val);
1080 } else {
1081 /* shift/register */
1082 rm = (insn) & 0xf;
1083 shift = (insn >> 7) & 0x1f;
1084 shiftop = (insn >> 5) & 3;
1085 offset = load_reg(s, rm);
1086 gen_arm_shift_im(offset, shiftop, shift, 0);
1087 if (!(insn & (1 << 23)))
1088 tcg_gen_sub_i32(var, var, offset);
1089 else
1090 tcg_gen_add_i32(var, var, offset);
1091 tcg_temp_free_i32(offset);
1092 }
1093 }
1094
1095 static inline void gen_add_datah_offset(DisasContext *s, unsigned int insn,
1096 int extra, TCGv_i32 var)
1097 {
1098 int val, rm;
1099 TCGv_i32 offset;
1100
1101 if (insn & (1 << 22)) {
1102 /* immediate */
1103 val = (insn & 0xf) | ((insn >> 4) & 0xf0);
1104 if (!(insn & (1 << 23)))
1105 val = -val;
1106 val += extra;
1107 if (val != 0)
1108 tcg_gen_addi_i32(var, var, val);
1109 } else {
1110 /* register */
1111 if (extra)
1112 tcg_gen_addi_i32(var, var, extra);
1113 rm = (insn) & 0xf;
1114 offset = load_reg(s, rm);
1115 if (!(insn & (1 << 23)))
1116 tcg_gen_sub_i32(var, var, offset);
1117 else
1118 tcg_gen_add_i32(var, var, offset);
1119 tcg_temp_free_i32(offset);
1120 }
1121 }
1122
1123 static TCGv_ptr get_fpstatus_ptr(int neon)
1124 {
1125 TCGv_ptr statusptr = tcg_temp_new_ptr();
1126 int offset;
1127 if (neon) {
1128 offset = offsetof(CPUARMState, vfp.standard_fp_status);
1129 } else {
1130 offset = offsetof(CPUARMState, vfp.fp_status);
1131 }
1132 tcg_gen_addi_ptr(statusptr, cpu_env, offset);
1133 return statusptr;
1134 }
1135
1136 #define VFP_OP2(name) \
1137 static inline void gen_vfp_##name(int dp) \
1138 { \
1139 TCGv_ptr fpst = get_fpstatus_ptr(0); \
1140 if (dp) { \
1141 gen_helper_vfp_##name##d(cpu_F0d, cpu_F0d, cpu_F1d, fpst); \
1142 } else { \
1143 gen_helper_vfp_##name##s(cpu_F0s, cpu_F0s, cpu_F1s, fpst); \
1144 } \
1145 tcg_temp_free_ptr(fpst); \
1146 }
1147
1148 VFP_OP2(add)
1149 VFP_OP2(sub)
1150 VFP_OP2(mul)
1151 VFP_OP2(div)
1152
1153 #undef VFP_OP2
1154
1155 static inline void gen_vfp_F1_mul(int dp)
1156 {
1157 /* Like gen_vfp_mul() but put result in F1 */
1158 TCGv_ptr fpst = get_fpstatus_ptr(0);
1159 if (dp) {
1160 gen_helper_vfp_muld(cpu_F1d, cpu_F0d, cpu_F1d, fpst);
1161 } else {
1162 gen_helper_vfp_muls(cpu_F1s, cpu_F0s, cpu_F1s, fpst);
1163 }
1164 tcg_temp_free_ptr(fpst);
1165 }
1166
1167 static inline void gen_vfp_F1_neg(int dp)
1168 {
1169 /* Like gen_vfp_neg() but put result in F1 */
1170 if (dp) {
1171 gen_helper_vfp_negd(cpu_F1d, cpu_F0d);
1172 } else {
1173 gen_helper_vfp_negs(cpu_F1s, cpu_F0s);
1174 }
1175 }
1176
1177 static inline void gen_vfp_abs(int dp)
1178 {
1179 if (dp)
1180 gen_helper_vfp_absd(cpu_F0d, cpu_F0d);
1181 else
1182 gen_helper_vfp_abss(cpu_F0s, cpu_F0s);
1183 }
1184
1185 static inline void gen_vfp_neg(int dp)
1186 {
1187 if (dp)
1188 gen_helper_vfp_negd(cpu_F0d, cpu_F0d);
1189 else
1190 gen_helper_vfp_negs(cpu_F0s, cpu_F0s);
1191 }
1192
1193 static inline void gen_vfp_sqrt(int dp)
1194 {
1195 if (dp)
1196 gen_helper_vfp_sqrtd(cpu_F0d, cpu_F0d, cpu_env);
1197 else
1198 gen_helper_vfp_sqrts(cpu_F0s, cpu_F0s, cpu_env);
1199 }
1200
1201 static inline void gen_vfp_cmp(int dp)
1202 {
1203 if (dp)
1204 gen_helper_vfp_cmpd(cpu_F0d, cpu_F1d, cpu_env);
1205 else
1206 gen_helper_vfp_cmps(cpu_F0s, cpu_F1s, cpu_env);
1207 }
1208
1209 static inline void gen_vfp_cmpe(int dp)
1210 {
1211 if (dp)
1212 gen_helper_vfp_cmped(cpu_F0d, cpu_F1d, cpu_env);
1213 else
1214 gen_helper_vfp_cmpes(cpu_F0s, cpu_F1s, cpu_env);
1215 }
1216
1217 static inline void gen_vfp_F1_ld0(int dp)
1218 {
1219 if (dp)
1220 tcg_gen_movi_i64(cpu_F1d, 0);
1221 else
1222 tcg_gen_movi_i32(cpu_F1s, 0);
1223 }
1224
1225 #define VFP_GEN_ITOF(name) \
1226 static inline void gen_vfp_##name(int dp, int neon) \
1227 { \
1228 TCGv_ptr statusptr = get_fpstatus_ptr(neon); \
1229 if (dp) { \
1230 gen_helper_vfp_##name##d(cpu_F0d, cpu_F0s, statusptr); \
1231 } else { \
1232 gen_helper_vfp_##name##s(cpu_F0s, cpu_F0s, statusptr); \
1233 } \
1234 tcg_temp_free_ptr(statusptr); \
1235 }
1236
1237 VFP_GEN_ITOF(uito)
1238 VFP_GEN_ITOF(sito)
1239 #undef VFP_GEN_ITOF
1240
1241 #define VFP_GEN_FTOI(name) \
1242 static inline void gen_vfp_##name(int dp, int neon) \
1243 { \
1244 TCGv_ptr statusptr = get_fpstatus_ptr(neon); \
1245 if (dp) { \
1246 gen_helper_vfp_##name##d(cpu_F0s, cpu_F0d, statusptr); \
1247 } else { \
1248 gen_helper_vfp_##name##s(cpu_F0s, cpu_F0s, statusptr); \
1249 } \
1250 tcg_temp_free_ptr(statusptr); \
1251 }
1252
1253 VFP_GEN_FTOI(toui)
1254 VFP_GEN_FTOI(touiz)
1255 VFP_GEN_FTOI(tosi)
1256 VFP_GEN_FTOI(tosiz)
1257 #undef VFP_GEN_FTOI
1258
1259 #define VFP_GEN_FIX(name, round) \
1260 static inline void gen_vfp_##name(int dp, int shift, int neon) \
1261 { \
1262 TCGv_i32 tmp_shift = tcg_const_i32(shift); \
1263 TCGv_ptr statusptr = get_fpstatus_ptr(neon); \
1264 if (dp) { \
1265 gen_helper_vfp_##name##d##round(cpu_F0d, cpu_F0d, tmp_shift, \
1266 statusptr); \
1267 } else { \
1268 gen_helper_vfp_##name##s##round(cpu_F0s, cpu_F0s, tmp_shift, \
1269 statusptr); \
1270 } \
1271 tcg_temp_free_i32(tmp_shift); \
1272 tcg_temp_free_ptr(statusptr); \
1273 }
1274 VFP_GEN_FIX(tosh, _round_to_zero)
1275 VFP_GEN_FIX(tosl, _round_to_zero)
1276 VFP_GEN_FIX(touh, _round_to_zero)
1277 VFP_GEN_FIX(toul, _round_to_zero)
1278 VFP_GEN_FIX(shto, )
1279 VFP_GEN_FIX(slto, )
1280 VFP_GEN_FIX(uhto, )
1281 VFP_GEN_FIX(ulto, )
1282 #undef VFP_GEN_FIX
1283
1284 static inline void gen_vfp_ld(DisasContext *s, int dp, TCGv_i32 addr)
1285 {
1286 if (dp) {
1287 gen_aa32_ld64(cpu_F0d, addr, get_mem_index(s));
1288 } else {
1289 gen_aa32_ld32u(cpu_F0s, addr, get_mem_index(s));
1290 }
1291 }
1292
1293 static inline void gen_vfp_st(DisasContext *s, int dp, TCGv_i32 addr)
1294 {
1295 if (dp) {
1296 gen_aa32_st64(cpu_F0d, addr, get_mem_index(s));
1297 } else {
1298 gen_aa32_st32(cpu_F0s, addr, get_mem_index(s));
1299 }
1300 }
1301
1302 static inline long
1303 vfp_reg_offset (int dp, int reg)
1304 {
1305 if (dp)
1306 return offsetof(CPUARMState, vfp.regs[reg]);
1307 else if (reg & 1) {
1308 return offsetof(CPUARMState, vfp.regs[reg >> 1])
1309 + offsetof(CPU_DoubleU, l.upper);
1310 } else {
1311 return offsetof(CPUARMState, vfp.regs[reg >> 1])
1312 + offsetof(CPU_DoubleU, l.lower);
1313 }
1314 }
1315
1316 /* Return the offset of a 32-bit piece of a NEON register.
1317 zero is the least significant end of the register. */
1318 static inline long
1319 neon_reg_offset (int reg, int n)
1320 {
1321 int sreg;
1322 sreg = reg * 2 + n;
1323 return vfp_reg_offset(0, sreg);
1324 }
1325
1326 static TCGv_i32 neon_load_reg(int reg, int pass)
1327 {
1328 TCGv_i32 tmp = tcg_temp_new_i32();
1329 tcg_gen_ld_i32(tmp, cpu_env, neon_reg_offset(reg, pass));
1330 return tmp;
1331 }
1332
1333 static void neon_store_reg(int reg, int pass, TCGv_i32 var)
1334 {
1335 tcg_gen_st_i32(var, cpu_env, neon_reg_offset(reg, pass));
1336 tcg_temp_free_i32(var);
1337 }
1338
1339 static inline void neon_load_reg64(TCGv_i64 var, int reg)
1340 {
1341 tcg_gen_ld_i64(var, cpu_env, vfp_reg_offset(1, reg));
1342 }
1343
1344 static inline void neon_store_reg64(TCGv_i64 var, int reg)
1345 {
1346 tcg_gen_st_i64(var, cpu_env, vfp_reg_offset(1, reg));
1347 }
1348
1349 #define tcg_gen_ld_f32 tcg_gen_ld_i32
1350 #define tcg_gen_ld_f64 tcg_gen_ld_i64
1351 #define tcg_gen_st_f32 tcg_gen_st_i32
1352 #define tcg_gen_st_f64 tcg_gen_st_i64
1353
1354 static inline void gen_mov_F0_vreg(int dp, int reg)
1355 {
1356 if (dp)
1357 tcg_gen_ld_f64(cpu_F0d, cpu_env, vfp_reg_offset(dp, reg));
1358 else
1359 tcg_gen_ld_f32(cpu_F0s, cpu_env, vfp_reg_offset(dp, reg));
1360 }
1361
1362 static inline void gen_mov_F1_vreg(int dp, int reg)
1363 {
1364 if (dp)
1365 tcg_gen_ld_f64(cpu_F1d, cpu_env, vfp_reg_offset(dp, reg));
1366 else
1367 tcg_gen_ld_f32(cpu_F1s, cpu_env, vfp_reg_offset(dp, reg));
1368 }
1369
1370 static inline void gen_mov_vreg_F0(int dp, int reg)
1371 {
1372 if (dp)
1373 tcg_gen_st_f64(cpu_F0d, cpu_env, vfp_reg_offset(dp, reg));
1374 else
1375 tcg_gen_st_f32(cpu_F0s, cpu_env, vfp_reg_offset(dp, reg));
1376 }
1377
1378 #define ARM_CP_RW_BIT (1 << 20)
1379
1380 static inline void iwmmxt_load_reg(TCGv_i64 var, int reg)
1381 {
1382 tcg_gen_ld_i64(var, cpu_env, offsetof(CPUARMState, iwmmxt.regs[reg]));
1383 }
1384
1385 static inline void iwmmxt_store_reg(TCGv_i64 var, int reg)
1386 {
1387 tcg_gen_st_i64(var, cpu_env, offsetof(CPUARMState, iwmmxt.regs[reg]));
1388 }
1389
1390 static inline TCGv_i32 iwmmxt_load_creg(int reg)
1391 {
1392 TCGv_i32 var = tcg_temp_new_i32();
1393 tcg_gen_ld_i32(var, cpu_env, offsetof(CPUARMState, iwmmxt.cregs[reg]));
1394 return var;
1395 }
1396
1397 static inline void iwmmxt_store_creg(int reg, TCGv_i32 var)
1398 {
1399 tcg_gen_st_i32(var, cpu_env, offsetof(CPUARMState, iwmmxt.cregs[reg]));
1400 tcg_temp_free_i32(var);
1401 }
1402
1403 static inline void gen_op_iwmmxt_movq_wRn_M0(int rn)
1404 {
1405 iwmmxt_store_reg(cpu_M0, rn);
1406 }
1407
1408 static inline void gen_op_iwmmxt_movq_M0_wRn(int rn)
1409 {
1410 iwmmxt_load_reg(cpu_M0, rn);
1411 }
1412
1413 static inline void gen_op_iwmmxt_orq_M0_wRn(int rn)
1414 {
1415 iwmmxt_load_reg(cpu_V1, rn);
1416 tcg_gen_or_i64(cpu_M0, cpu_M0, cpu_V1);
1417 }
1418
1419 static inline void gen_op_iwmmxt_andq_M0_wRn(int rn)
1420 {
1421 iwmmxt_load_reg(cpu_V1, rn);
1422 tcg_gen_and_i64(cpu_M0, cpu_M0, cpu_V1);
1423 }
1424
1425 static inline void gen_op_iwmmxt_xorq_M0_wRn(int rn)
1426 {
1427 iwmmxt_load_reg(cpu_V1, rn);
1428 tcg_gen_xor_i64(cpu_M0, cpu_M0, cpu_V1);
1429 }
1430
1431 #define IWMMXT_OP(name) \
1432 static inline void gen_op_iwmmxt_##name##_M0_wRn(int rn) \
1433 { \
1434 iwmmxt_load_reg(cpu_V1, rn); \
1435 gen_helper_iwmmxt_##name(cpu_M0, cpu_M0, cpu_V1); \
1436 }
1437
1438 #define IWMMXT_OP_ENV(name) \
1439 static inline void gen_op_iwmmxt_##name##_M0_wRn(int rn) \
1440 { \
1441 iwmmxt_load_reg(cpu_V1, rn); \
1442 gen_helper_iwmmxt_##name(cpu_M0, cpu_env, cpu_M0, cpu_V1); \
1443 }
1444
1445 #define IWMMXT_OP_ENV_SIZE(name) \
1446 IWMMXT_OP_ENV(name##b) \
1447 IWMMXT_OP_ENV(name##w) \
1448 IWMMXT_OP_ENV(name##l)
1449
1450 #define IWMMXT_OP_ENV1(name) \
1451 static inline void gen_op_iwmmxt_##name##_M0(void) \
1452 { \
1453 gen_helper_iwmmxt_##name(cpu_M0, cpu_env, cpu_M0); \
1454 }
1455
1456 IWMMXT_OP(maddsq)
1457 IWMMXT_OP(madduq)
1458 IWMMXT_OP(sadb)
1459 IWMMXT_OP(sadw)
1460 IWMMXT_OP(mulslw)
1461 IWMMXT_OP(mulshw)
1462 IWMMXT_OP(mululw)
1463 IWMMXT_OP(muluhw)
1464 IWMMXT_OP(macsw)
1465 IWMMXT_OP(macuw)
1466
1467 IWMMXT_OP_ENV_SIZE(unpackl)
1468 IWMMXT_OP_ENV_SIZE(unpackh)
1469
1470 IWMMXT_OP_ENV1(unpacklub)
1471 IWMMXT_OP_ENV1(unpackluw)
1472 IWMMXT_OP_ENV1(unpacklul)
1473 IWMMXT_OP_ENV1(unpackhub)
1474 IWMMXT_OP_ENV1(unpackhuw)
1475 IWMMXT_OP_ENV1(unpackhul)
1476 IWMMXT_OP_ENV1(unpacklsb)
1477 IWMMXT_OP_ENV1(unpacklsw)
1478 IWMMXT_OP_ENV1(unpacklsl)
1479 IWMMXT_OP_ENV1(unpackhsb)
1480 IWMMXT_OP_ENV1(unpackhsw)
1481 IWMMXT_OP_ENV1(unpackhsl)
1482
1483 IWMMXT_OP_ENV_SIZE(cmpeq)
1484 IWMMXT_OP_ENV_SIZE(cmpgtu)
1485 IWMMXT_OP_ENV_SIZE(cmpgts)
1486
1487 IWMMXT_OP_ENV_SIZE(mins)
1488 IWMMXT_OP_ENV_SIZE(minu)
1489 IWMMXT_OP_ENV_SIZE(maxs)
1490 IWMMXT_OP_ENV_SIZE(maxu)
1491
1492 IWMMXT_OP_ENV_SIZE(subn)
1493 IWMMXT_OP_ENV_SIZE(addn)
1494 IWMMXT_OP_ENV_SIZE(subu)
1495 IWMMXT_OP_ENV_SIZE(addu)
1496 IWMMXT_OP_ENV_SIZE(subs)
1497 IWMMXT_OP_ENV_SIZE(adds)
1498
1499 IWMMXT_OP_ENV(avgb0)
1500 IWMMXT_OP_ENV(avgb1)
1501 IWMMXT_OP_ENV(avgw0)
1502 IWMMXT_OP_ENV(avgw1)
1503
1504 IWMMXT_OP_ENV(packuw)
1505 IWMMXT_OP_ENV(packul)
1506 IWMMXT_OP_ENV(packuq)
1507 IWMMXT_OP_ENV(packsw)
1508 IWMMXT_OP_ENV(packsl)
1509 IWMMXT_OP_ENV(packsq)
1510
1511 static void gen_op_iwmmxt_set_mup(void)
1512 {
1513 TCGv_i32 tmp;
1514 tmp = load_cpu_field(iwmmxt.cregs[ARM_IWMMXT_wCon]);
1515 tcg_gen_ori_i32(tmp, tmp, 2);
1516 store_cpu_field(tmp, iwmmxt.cregs[ARM_IWMMXT_wCon]);
1517 }
1518
1519 static void gen_op_iwmmxt_set_cup(void)
1520 {
1521 TCGv_i32 tmp;
1522 tmp = load_cpu_field(iwmmxt.cregs[ARM_IWMMXT_wCon]);
1523 tcg_gen_ori_i32(tmp, tmp, 1);
1524 store_cpu_field(tmp, iwmmxt.cregs[ARM_IWMMXT_wCon]);
1525 }
1526
1527 static void gen_op_iwmmxt_setpsr_nz(void)
1528 {
1529 TCGv_i32 tmp = tcg_temp_new_i32();
1530 gen_helper_iwmmxt_setpsr_nz(tmp, cpu_M0);
1531 store_cpu_field(tmp, iwmmxt.cregs[ARM_IWMMXT_wCASF]);
1532 }
1533
1534 static inline void gen_op_iwmmxt_addl_M0_wRn(int rn)
1535 {
1536 iwmmxt_load_reg(cpu_V1, rn);
1537 tcg_gen_ext32u_i64(cpu_V1, cpu_V1);
1538 tcg_gen_add_i64(cpu_M0, cpu_M0, cpu_V1);
1539 }
1540
1541 static inline int gen_iwmmxt_address(DisasContext *s, uint32_t insn,
1542 TCGv_i32 dest)
1543 {
1544 int rd;
1545 uint32_t offset;
1546 TCGv_i32 tmp;
1547
1548 rd = (insn >> 16) & 0xf;
1549 tmp = load_reg(s, rd);
1550
1551 offset = (insn & 0xff) << ((insn >> 7) & 2);
1552 if (insn & (1 << 24)) {
1553 /* Pre indexed */
1554 if (insn & (1 << 23))
1555 tcg_gen_addi_i32(tmp, tmp, offset);
1556 else
1557 tcg_gen_addi_i32(tmp, tmp, -offset);
1558 tcg_gen_mov_i32(dest, tmp);
1559 if (insn & (1 << 21))
1560 store_reg(s, rd, tmp);
1561 else
1562 tcg_temp_free_i32(tmp);
1563 } else if (insn & (1 << 21)) {
1564 /* Post indexed */
1565 tcg_gen_mov_i32(dest, tmp);
1566 if (insn & (1 << 23))
1567 tcg_gen_addi_i32(tmp, tmp, offset);
1568 else
1569 tcg_gen_addi_i32(tmp, tmp, -offset);
1570 store_reg(s, rd, tmp);
1571 } else if (!(insn & (1 << 23)))
1572 return 1;
1573 return 0;
1574 }
1575
1576 static inline int gen_iwmmxt_shift(uint32_t insn, uint32_t mask, TCGv_i32 dest)
1577 {
1578 int rd = (insn >> 0) & 0xf;
1579 TCGv_i32 tmp;
1580
1581 if (insn & (1 << 8)) {
1582 if (rd < ARM_IWMMXT_wCGR0 || rd > ARM_IWMMXT_wCGR3) {
1583 return 1;
1584 } else {
1585 tmp = iwmmxt_load_creg(rd);
1586 }
1587 } else {
1588 tmp = tcg_temp_new_i32();
1589 iwmmxt_load_reg(cpu_V0, rd);
1590 tcg_gen_extrl_i64_i32(tmp, cpu_V0);
1591 }
1592 tcg_gen_andi_i32(tmp, tmp, mask);
1593 tcg_gen_mov_i32(dest, tmp);
1594 tcg_temp_free_i32(tmp);
1595 return 0;
1596 }
1597
1598 /* Disassemble an iwMMXt instruction. Returns nonzero if an error occurred
1599 (ie. an undefined instruction). */
1600 static int disas_iwmmxt_insn(DisasContext *s, uint32_t insn)
1601 {
1602 int rd, wrd;
1603 int rdhi, rdlo, rd0, rd1, i;
1604 TCGv_i32 addr;
1605 TCGv_i32 tmp, tmp2, tmp3;
1606
1607 if ((insn & 0x0e000e00) == 0x0c000000) {
1608 if ((insn & 0x0fe00ff0) == 0x0c400000) {
1609 wrd = insn & 0xf;
1610 rdlo = (insn >> 12) & 0xf;
1611 rdhi = (insn >> 16) & 0xf;
1612 if (insn & ARM_CP_RW_BIT) { /* TMRRC */
1613 iwmmxt_load_reg(cpu_V0, wrd);
1614 tcg_gen_extrl_i64_i32(cpu_R[rdlo], cpu_V0);
1615 tcg_gen_shri_i64(cpu_V0, cpu_V0, 32);
1616 tcg_gen_extrl_i64_i32(cpu_R[rdhi], cpu_V0);
1617 } else { /* TMCRR */
1618 tcg_gen_concat_i32_i64(cpu_V0, cpu_R[rdlo], cpu_R[rdhi]);
1619 iwmmxt_store_reg(cpu_V0, wrd);
1620 gen_op_iwmmxt_set_mup();
1621 }
1622 return 0;
1623 }
1624
1625 wrd = (insn >> 12) & 0xf;
1626 addr = tcg_temp_new_i32();
1627 if (gen_iwmmxt_address(s, insn, addr)) {
1628 tcg_temp_free_i32(addr);
1629 return 1;
1630 }
1631 if (insn & ARM_CP_RW_BIT) {
1632 if ((insn >> 28) == 0xf) { /* WLDRW wCx */
1633 tmp = tcg_temp_new_i32();
1634 gen_aa32_ld32u(tmp, addr, get_mem_index(s));
1635 iwmmxt_store_creg(wrd, tmp);
1636 } else {
1637 i = 1;
1638 if (insn & (1 << 8)) {
1639 if (insn & (1 << 22)) { /* WLDRD */
1640 gen_aa32_ld64(cpu_M0, addr, get_mem_index(s));
1641 i = 0;
1642 } else { /* WLDRW wRd */
1643 tmp = tcg_temp_new_i32();
1644 gen_aa32_ld32u(tmp, addr, get_mem_index(s));
1645 }
1646 } else {
1647 tmp = tcg_temp_new_i32();
1648 if (insn & (1 << 22)) { /* WLDRH */
1649 gen_aa32_ld16u(tmp, addr, get_mem_index(s));
1650 } else { /* WLDRB */
1651 gen_aa32_ld8u(tmp, addr, get_mem_index(s));
1652 }
1653 }
1654 if (i) {
1655 tcg_gen_extu_i32_i64(cpu_M0, tmp);
1656 tcg_temp_free_i32(tmp);
1657 }
1658 gen_op_iwmmxt_movq_wRn_M0(wrd);
1659 }
1660 } else {
1661 if ((insn >> 28) == 0xf) { /* WSTRW wCx */
1662 tmp = iwmmxt_load_creg(wrd);
1663 gen_aa32_st32(tmp, addr, get_mem_index(s));
1664 } else {
1665 gen_op_iwmmxt_movq_M0_wRn(wrd);
1666 tmp = tcg_temp_new_i32();
1667 if (insn & (1 << 8)) {
1668 if (insn & (1 << 22)) { /* WSTRD */
1669 gen_aa32_st64(cpu_M0, addr, get_mem_index(s));
1670 } else { /* WSTRW wRd */
1671 tcg_gen_extrl_i64_i32(tmp, cpu_M0);
1672 gen_aa32_st32(tmp, addr, get_mem_index(s));
1673 }
1674 } else {
1675 if (insn & (1 << 22)) { /* WSTRH */
1676 tcg_gen_extrl_i64_i32(tmp, cpu_M0);
1677 gen_aa32_st16(tmp, addr, get_mem_index(s));
1678 } else { /* WSTRB */
1679 tcg_gen_extrl_i64_i32(tmp, cpu_M0);
1680 gen_aa32_st8(tmp, addr, get_mem_index(s));
1681 }
1682 }
1683 }
1684 tcg_temp_free_i32(tmp);
1685 }
1686 tcg_temp_free_i32(addr);
1687 return 0;
1688 }
1689
1690 if ((insn & 0x0f000000) != 0x0e000000)
1691 return 1;
1692
1693 switch (((insn >> 12) & 0xf00) | ((insn >> 4) & 0xff)) {
1694 case 0x000: /* WOR */
1695 wrd = (insn >> 12) & 0xf;
1696 rd0 = (insn >> 0) & 0xf;
1697 rd1 = (insn >> 16) & 0xf;
1698 gen_op_iwmmxt_movq_M0_wRn(rd0);
1699 gen_op_iwmmxt_orq_M0_wRn(rd1);
1700 gen_op_iwmmxt_setpsr_nz();
1701 gen_op_iwmmxt_movq_wRn_M0(wrd);
1702 gen_op_iwmmxt_set_mup();
1703 gen_op_iwmmxt_set_cup();
1704 break;
1705 case 0x011: /* TMCR */
1706 if (insn & 0xf)
1707 return 1;
1708 rd = (insn >> 12) & 0xf;
1709 wrd = (insn >> 16) & 0xf;
1710 switch (wrd) {
1711 case ARM_IWMMXT_wCID:
1712 case ARM_IWMMXT_wCASF:
1713 break;
1714 case ARM_IWMMXT_wCon:
1715 gen_op_iwmmxt_set_cup();
1716 /* Fall through. */
1717 case ARM_IWMMXT_wCSSF:
1718 tmp = iwmmxt_load_creg(wrd);
1719 tmp2 = load_reg(s, rd);
1720 tcg_gen_andc_i32(tmp, tmp, tmp2);
1721 tcg_temp_free_i32(tmp2);
1722 iwmmxt_store_creg(wrd, tmp);
1723 break;
1724 case ARM_IWMMXT_wCGR0:
1725 case ARM_IWMMXT_wCGR1:
1726 case ARM_IWMMXT_wCGR2:
1727 case ARM_IWMMXT_wCGR3:
1728 gen_op_iwmmxt_set_cup();
1729 tmp = load_reg(s, rd);
1730 iwmmxt_store_creg(wrd, tmp);
1731 break;
1732 default:
1733 return 1;
1734 }
1735 break;
1736 case 0x100: /* WXOR */
1737 wrd = (insn >> 12) & 0xf;
1738 rd0 = (insn >> 0) & 0xf;
1739 rd1 = (insn >> 16) & 0xf;
1740 gen_op_iwmmxt_movq_M0_wRn(rd0);
1741 gen_op_iwmmxt_xorq_M0_wRn(rd1);
1742 gen_op_iwmmxt_setpsr_nz();
1743 gen_op_iwmmxt_movq_wRn_M0(wrd);
1744 gen_op_iwmmxt_set_mup();
1745 gen_op_iwmmxt_set_cup();
1746 break;
1747 case 0x111: /* TMRC */
1748 if (insn & 0xf)
1749 return 1;
1750 rd = (insn >> 12) & 0xf;
1751 wrd = (insn >> 16) & 0xf;
1752 tmp = iwmmxt_load_creg(wrd);
1753 store_reg(s, rd, tmp);
1754 break;
1755 case 0x300: /* WANDN */
1756 wrd = (insn >> 12) & 0xf;
1757 rd0 = (insn >> 0) & 0xf;
1758 rd1 = (insn >> 16) & 0xf;
1759 gen_op_iwmmxt_movq_M0_wRn(rd0);
1760 tcg_gen_neg_i64(cpu_M0, cpu_M0);
1761 gen_op_iwmmxt_andq_M0_wRn(rd1);
1762 gen_op_iwmmxt_setpsr_nz();
1763 gen_op_iwmmxt_movq_wRn_M0(wrd);
1764 gen_op_iwmmxt_set_mup();
1765 gen_op_iwmmxt_set_cup();
1766 break;
1767 case 0x200: /* WAND */
1768 wrd = (insn >> 12) & 0xf;
1769 rd0 = (insn >> 0) & 0xf;
1770 rd1 = (insn >> 16) & 0xf;
1771 gen_op_iwmmxt_movq_M0_wRn(rd0);
1772 gen_op_iwmmxt_andq_M0_wRn(rd1);
1773 gen_op_iwmmxt_setpsr_nz();
1774 gen_op_iwmmxt_movq_wRn_M0(wrd);
1775 gen_op_iwmmxt_set_mup();
1776 gen_op_iwmmxt_set_cup();
1777 break;
1778 case 0x810: case 0xa10: /* WMADD */
1779 wrd = (insn >> 12) & 0xf;
1780 rd0 = (insn >> 0) & 0xf;
1781 rd1 = (insn >> 16) & 0xf;
1782 gen_op_iwmmxt_movq_M0_wRn(rd0);
1783 if (insn & (1 << 21))
1784 gen_op_iwmmxt_maddsq_M0_wRn(rd1);
1785 else
1786 gen_op_iwmmxt_madduq_M0_wRn(rd1);
1787 gen_op_iwmmxt_movq_wRn_M0(wrd);
1788 gen_op_iwmmxt_set_mup();
1789 break;
1790 case 0x10e: case 0x50e: case 0x90e: case 0xd0e: /* WUNPCKIL */
1791 wrd = (insn >> 12) & 0xf;
1792 rd0 = (insn >> 16) & 0xf;
1793 rd1 = (insn >> 0) & 0xf;
1794 gen_op_iwmmxt_movq_M0_wRn(rd0);
1795 switch ((insn >> 22) & 3) {
1796 case 0:
1797 gen_op_iwmmxt_unpacklb_M0_wRn(rd1);
1798 break;
1799 case 1:
1800 gen_op_iwmmxt_unpacklw_M0_wRn(rd1);
1801 break;
1802 case 2:
1803 gen_op_iwmmxt_unpackll_M0_wRn(rd1);
1804 break;
1805 case 3:
1806 return 1;
1807 }
1808 gen_op_iwmmxt_movq_wRn_M0(wrd);
1809 gen_op_iwmmxt_set_mup();
1810 gen_op_iwmmxt_set_cup();
1811 break;
1812 case 0x10c: case 0x50c: case 0x90c: case 0xd0c: /* WUNPCKIH */
1813 wrd = (insn >> 12) & 0xf;
1814 rd0 = (insn >> 16) & 0xf;
1815 rd1 = (insn >> 0) & 0xf;
1816 gen_op_iwmmxt_movq_M0_wRn(rd0);
1817 switch ((insn >> 22) & 3) {
1818 case 0:
1819 gen_op_iwmmxt_unpackhb_M0_wRn(rd1);
1820 break;
1821 case 1:
1822 gen_op_iwmmxt_unpackhw_M0_wRn(rd1);
1823 break;
1824 case 2:
1825 gen_op_iwmmxt_unpackhl_M0_wRn(rd1);
1826 break;
1827 case 3:
1828 return 1;
1829 }
1830 gen_op_iwmmxt_movq_wRn_M0(wrd);
1831 gen_op_iwmmxt_set_mup();
1832 gen_op_iwmmxt_set_cup();
1833 break;
1834 case 0x012: case 0x112: case 0x412: case 0x512: /* WSAD */
1835 wrd = (insn >> 12) & 0xf;
1836 rd0 = (insn >> 16) & 0xf;
1837 rd1 = (insn >> 0) & 0xf;
1838 gen_op_iwmmxt_movq_M0_wRn(rd0);
1839 if (insn & (1 << 22))
1840 gen_op_iwmmxt_sadw_M0_wRn(rd1);
1841 else
1842 gen_op_iwmmxt_sadb_M0_wRn(rd1);
1843 if (!(insn & (1 << 20)))
1844 gen_op_iwmmxt_addl_M0_wRn(wrd);
1845 gen_op_iwmmxt_movq_wRn_M0(wrd);
1846 gen_op_iwmmxt_set_mup();
1847 break;
1848 case 0x010: case 0x110: case 0x210: case 0x310: /* WMUL */
1849 wrd = (insn >> 12) & 0xf;
1850 rd0 = (insn >> 16) & 0xf;
1851 rd1 = (insn >> 0) & 0xf;
1852 gen_op_iwmmxt_movq_M0_wRn(rd0);
1853 if (insn & (1 << 21)) {
1854 if (insn & (1 << 20))
1855 gen_op_iwmmxt_mulshw_M0_wRn(rd1);
1856 else
1857 gen_op_iwmmxt_mulslw_M0_wRn(rd1);
1858 } else {
1859 if (insn & (1 << 20))
1860 gen_op_iwmmxt_muluhw_M0_wRn(rd1);
1861 else
1862 gen_op_iwmmxt_mululw_M0_wRn(rd1);
1863 }
1864 gen_op_iwmmxt_movq_wRn_M0(wrd);
1865 gen_op_iwmmxt_set_mup();
1866 break;
1867 case 0x410: case 0x510: case 0x610: case 0x710: /* WMAC */
1868 wrd = (insn >> 12) & 0xf;
1869 rd0 = (insn >> 16) & 0xf;
1870 rd1 = (insn >> 0) & 0xf;
1871 gen_op_iwmmxt_movq_M0_wRn(rd0);
1872 if (insn & (1 << 21))
1873 gen_op_iwmmxt_macsw_M0_wRn(rd1);
1874 else
1875 gen_op_iwmmxt_macuw_M0_wRn(rd1);
1876 if (!(insn & (1 << 20))) {
1877 iwmmxt_load_reg(cpu_V1, wrd);
1878 tcg_gen_add_i64(cpu_M0, cpu_M0, cpu_V1);
1879 }
1880 gen_op_iwmmxt_movq_wRn_M0(wrd);
1881 gen_op_iwmmxt_set_mup();
1882 break;
1883 case 0x006: case 0x406: case 0x806: case 0xc06: /* WCMPEQ */
1884 wrd = (insn >> 12) & 0xf;
1885 rd0 = (insn >> 16) & 0xf;
1886 rd1 = (insn >> 0) & 0xf;
1887 gen_op_iwmmxt_movq_M0_wRn(rd0);
1888 switch ((insn >> 22) & 3) {
1889 case 0:
1890 gen_op_iwmmxt_cmpeqb_M0_wRn(rd1);
1891 break;
1892 case 1:
1893 gen_op_iwmmxt_cmpeqw_M0_wRn(rd1);
1894 break;
1895 case 2:
1896 gen_op_iwmmxt_cmpeql_M0_wRn(rd1);
1897 break;
1898 case 3:
1899 return 1;
1900 }
1901 gen_op_iwmmxt_movq_wRn_M0(wrd);
1902 gen_op_iwmmxt_set_mup();
1903 gen_op_iwmmxt_set_cup();
1904 break;
1905 case 0x800: case 0x900: case 0xc00: case 0xd00: /* WAVG2 */
1906 wrd = (insn >> 12) & 0xf;
1907 rd0 = (insn >> 16) & 0xf;
1908 rd1 = (insn >> 0) & 0xf;
1909 gen_op_iwmmxt_movq_M0_wRn(rd0);
1910 if (insn & (1 << 22)) {
1911 if (insn & (1 << 20))
1912 gen_op_iwmmxt_avgw1_M0_wRn(rd1);
1913 else
1914 gen_op_iwmmxt_avgw0_M0_wRn(rd1);
1915 } else {
1916 if (insn & (1 << 20))
1917 gen_op_iwmmxt_avgb1_M0_wRn(rd1);
1918 else
1919 gen_op_iwmmxt_avgb0_M0_wRn(rd1);
1920 }
1921 gen_op_iwmmxt_movq_wRn_M0(wrd);
1922 gen_op_iwmmxt_set_mup();
1923 gen_op_iwmmxt_set_cup();
1924 break;
1925 case 0x802: case 0x902: case 0xa02: case 0xb02: /* WALIGNR */
1926 wrd = (insn >> 12) & 0xf;
1927 rd0 = (insn >> 16) & 0xf;
1928 rd1 = (insn >> 0) & 0xf;
1929 gen_op_iwmmxt_movq_M0_wRn(rd0);
1930 tmp = iwmmxt_load_creg(ARM_IWMMXT_wCGR0 + ((insn >> 20) & 3));
1931 tcg_gen_andi_i32(tmp, tmp, 7);
1932 iwmmxt_load_reg(cpu_V1, rd1);
1933 gen_helper_iwmmxt_align(cpu_M0, cpu_M0, cpu_V1, tmp);
1934 tcg_temp_free_i32(tmp);
1935 gen_op_iwmmxt_movq_wRn_M0(wrd);
1936 gen_op_iwmmxt_set_mup();
1937 break;
1938 case 0x601: case 0x605: case 0x609: case 0x60d: /* TINSR */
1939 if (((insn >> 6) & 3) == 3)
1940 return 1;
1941 rd = (insn >> 12) & 0xf;
1942 wrd = (insn >> 16) & 0xf;
1943 tmp = load_reg(s, rd);
1944 gen_op_iwmmxt_movq_M0_wRn(wrd);
1945 switch ((insn >> 6) & 3) {
1946 case 0:
1947 tmp2 = tcg_const_i32(0xff);
1948 tmp3 = tcg_const_i32((insn & 7) << 3);
1949 break;
1950 case 1:
1951 tmp2 = tcg_const_i32(0xffff);
1952 tmp3 = tcg_const_i32((insn & 3) << 4);
1953 break;
1954 case 2:
1955 tmp2 = tcg_const_i32(0xffffffff);
1956 tmp3 = tcg_const_i32((insn & 1) << 5);
1957 break;
1958 default:
1959 TCGV_UNUSED_I32(tmp2);
1960 TCGV_UNUSED_I32(tmp3);
1961 }
1962 gen_helper_iwmmxt_insr(cpu_M0, cpu_M0, tmp, tmp2, tmp3);
1963 tcg_temp_free_i32(tmp3);
1964 tcg_temp_free_i32(tmp2);
1965 tcg_temp_free_i32(tmp);
1966 gen_op_iwmmxt_movq_wRn_M0(wrd);
1967 gen_op_iwmmxt_set_mup();
1968 break;
1969 case 0x107: case 0x507: case 0x907: case 0xd07: /* TEXTRM */
1970 rd = (insn >> 12) & 0xf;
1971 wrd = (insn >> 16) & 0xf;
1972 if (rd == 15 || ((insn >> 22) & 3) == 3)
1973 return 1;
1974 gen_op_iwmmxt_movq_M0_wRn(wrd);
1975 tmp = tcg_temp_new_i32();
1976 switch ((insn >> 22) & 3) {
1977 case 0:
1978 tcg_gen_shri_i64(cpu_M0, cpu_M0, (insn & 7) << 3);
1979 tcg_gen_extrl_i64_i32(tmp, cpu_M0);
1980 if (insn & 8) {
1981 tcg_gen_ext8s_i32(tmp, tmp);
1982 } else {
1983 tcg_gen_andi_i32(tmp, tmp, 0xff);
1984 }
1985 break;
1986 case 1:
1987 tcg_gen_shri_i64(cpu_M0, cpu_M0, (insn & 3) << 4);
1988 tcg_gen_extrl_i64_i32(tmp, cpu_M0);
1989 if (insn & 8) {
1990 tcg_gen_ext16s_i32(tmp, tmp);
1991 } else {
1992 tcg_gen_andi_i32(tmp, tmp, 0xffff);
1993 }
1994 break;
1995 case 2:
1996 tcg_gen_shri_i64(cpu_M0, cpu_M0, (insn & 1) << 5);
1997 tcg_gen_extrl_i64_i32(tmp, cpu_M0);
1998 break;
1999 }
2000 store_reg(s, rd, tmp);
2001 break;
2002 case 0x117: case 0x517: case 0x917: case 0xd17: /* TEXTRC */
2003 if ((insn & 0x000ff008) != 0x0003f000 || ((insn >> 22) & 3) == 3)
2004 return 1;
2005 tmp = iwmmxt_load_creg(ARM_IWMMXT_wCASF);
2006 switch ((insn >> 22) & 3) {
2007 case 0:
2008 tcg_gen_shri_i32(tmp, tmp, ((insn & 7) << 2) + 0);
2009 break;
2010 case 1:
2011 tcg_gen_shri_i32(tmp, tmp, ((insn & 3) << 3) + 4);
2012 break;
2013 case 2:
2014 tcg_gen_shri_i32(tmp, tmp, ((insn & 1) << 4) + 12);
2015 break;
2016 }
2017 tcg_gen_shli_i32(tmp, tmp, 28);
2018 gen_set_nzcv(tmp);
2019 tcg_temp_free_i32(tmp);
2020 break;
2021 case 0x401: case 0x405: case 0x409: case 0x40d: /* TBCST */
2022 if (((insn >> 6) & 3) == 3)
2023 return 1;
2024 rd = (insn >> 12) & 0xf;
2025 wrd = (insn >> 16) & 0xf;
2026 tmp = load_reg(s, rd);
2027 switch ((insn >> 6) & 3) {
2028 case 0:
2029 gen_helper_iwmmxt_bcstb(cpu_M0, tmp);
2030 break;
2031 case 1:
2032 gen_helper_iwmmxt_bcstw(cpu_M0, tmp);
2033 break;
2034 case 2:
2035 gen_helper_iwmmxt_bcstl(cpu_M0, tmp);
2036 break;
2037 }
2038 tcg_temp_free_i32(tmp);
2039 gen_op_iwmmxt_movq_wRn_M0(wrd);
2040 gen_op_iwmmxt_set_mup();
2041 break;
2042 case 0x113: case 0x513: case 0x913: case 0xd13: /* TANDC */
2043 if ((insn & 0x000ff00f) != 0x0003f000 || ((insn >> 22) & 3) == 3)
2044 return 1;
2045 tmp = iwmmxt_load_creg(ARM_IWMMXT_wCASF);
2046 tmp2 = tcg_temp_new_i32();
2047 tcg_gen_mov_i32(tmp2, tmp);
2048 switch ((insn >> 22) & 3) {
2049 case 0:
2050 for (i = 0; i < 7; i ++) {
2051 tcg_gen_shli_i32(tmp2, tmp2, 4);
2052 tcg_gen_and_i32(tmp, tmp, tmp2);
2053 }
2054 break;
2055 case 1:
2056 for (i = 0; i < 3; i ++) {
2057 tcg_gen_shli_i32(tmp2, tmp2, 8);
2058 tcg_gen_and_i32(tmp, tmp, tmp2);
2059 }
2060 break;
2061 case 2:
2062 tcg_gen_shli_i32(tmp2, tmp2, 16);
2063 tcg_gen_and_i32(tmp, tmp, tmp2);
2064 break;
2065 }
2066 gen_set_nzcv(tmp);
2067 tcg_temp_free_i32(tmp2);
2068 tcg_temp_free_i32(tmp);
2069 break;
2070 case 0x01c: case 0x41c: case 0x81c: case 0xc1c: /* WACC */
2071 wrd = (insn >> 12) & 0xf;
2072 rd0 = (insn >> 16) & 0xf;
2073 gen_op_iwmmxt_movq_M0_wRn(rd0);
2074 switch ((insn >> 22) & 3) {
2075 case 0:
2076 gen_helper_iwmmxt_addcb(cpu_M0, cpu_M0);
2077 break;
2078 case 1:
2079 gen_helper_iwmmxt_addcw(cpu_M0, cpu_M0);
2080 break;
2081 case 2:
2082 gen_helper_iwmmxt_addcl(cpu_M0, cpu_M0);
2083 break;
2084 case 3:
2085 return 1;
2086 }
2087 gen_op_iwmmxt_movq_wRn_M0(wrd);
2088 gen_op_iwmmxt_set_mup();
2089 break;
2090 case 0x115: case 0x515: case 0x915: case 0xd15: /* TORC */
2091 if ((insn & 0x000ff00f) != 0x0003f000 || ((insn >> 22) & 3) == 3)
2092 return 1;
2093 tmp = iwmmxt_load_creg(ARM_IWMMXT_wCASF);
2094 tmp2 = tcg_temp_new_i32();
2095 tcg_gen_mov_i32(tmp2, tmp);
2096 switch ((insn >> 22) & 3) {
2097 case 0:
2098 for (i = 0; i < 7; i ++) {
2099 tcg_gen_shli_i32(tmp2, tmp2, 4);
2100 tcg_gen_or_i32(tmp, tmp, tmp2);
2101 }
2102 break;
2103 case 1:
2104 for (i = 0; i < 3; i ++) {
2105 tcg_gen_shli_i32(tmp2, tmp2, 8);
2106 tcg_gen_or_i32(tmp, tmp, tmp2);
2107 }
2108 break;
2109 case 2:
2110 tcg_gen_shli_i32(tmp2, tmp2, 16);
2111 tcg_gen_or_i32(tmp, tmp, tmp2);
2112 break;
2113 }
2114 gen_set_nzcv(tmp);
2115 tcg_temp_free_i32(tmp2);
2116 tcg_temp_free_i32(tmp);
2117 break;
2118 case 0x103: case 0x503: case 0x903: case 0xd03: /* TMOVMSK */
2119 rd = (insn >> 12) & 0xf;
2120 rd0 = (insn >> 16) & 0xf;
2121 if ((insn & 0xf) != 0 || ((insn >> 22) & 3) == 3)
2122 return 1;
2123 gen_op_iwmmxt_movq_M0_wRn(rd0);
2124 tmp = tcg_temp_new_i32();
2125 switch ((insn >> 22) & 3) {
2126 case 0:
2127 gen_helper_iwmmxt_msbb(tmp, cpu_M0);
2128 break;
2129 case 1:
2130 gen_helper_iwmmxt_msbw(tmp, cpu_M0);
2131 break;
2132 case 2:
2133 gen_helper_iwmmxt_msbl(tmp, cpu_M0);
2134 break;
2135 }
2136 store_reg(s, rd, tmp);
2137 break;
2138 case 0x106: case 0x306: case 0x506: case 0x706: /* WCMPGT */
2139 case 0x906: case 0xb06: case 0xd06: case 0xf06:
2140 wrd = (insn >> 12) & 0xf;
2141 rd0 = (insn >> 16) & 0xf;
2142 rd1 = (insn >> 0) & 0xf;
2143 gen_op_iwmmxt_movq_M0_wRn(rd0);
2144 switch ((insn >> 22) & 3) {
2145 case 0:
2146 if (insn & (1 << 21))
2147 gen_op_iwmmxt_cmpgtsb_M0_wRn(rd1);
2148 else
2149 gen_op_iwmmxt_cmpgtub_M0_wRn(rd1);
2150 break;
2151 case 1:
2152 if (insn & (1 << 21))
2153 gen_op_iwmmxt_cmpgtsw_M0_wRn(rd1);
2154 else
2155 gen_op_iwmmxt_cmpgtuw_M0_wRn(rd1);
2156 break;
2157 case 2:
2158 if (insn & (1 << 21))
2159 gen_op_iwmmxt_cmpgtsl_M0_wRn(rd1);
2160 else
2161 gen_op_iwmmxt_cmpgtul_M0_wRn(rd1);
2162 break;
2163 case 3:
2164 return 1;
2165 }
2166 gen_op_iwmmxt_movq_wRn_M0(wrd);
2167 gen_op_iwmmxt_set_mup();
2168 gen_op_iwmmxt_set_cup();
2169 break;
2170 case 0x00e: case 0x20e: case 0x40e: case 0x60e: /* WUNPCKEL */
2171 case 0x80e: case 0xa0e: case 0xc0e: case 0xe0e:
2172 wrd = (insn >> 12) & 0xf;
2173 rd0 = (insn >> 16) & 0xf;
2174 gen_op_iwmmxt_movq_M0_wRn(rd0);
2175 switch ((insn >> 22) & 3) {
2176 case 0:
2177 if (insn & (1 << 21))
2178 gen_op_iwmmxt_unpacklsb_M0();
2179 else
2180 gen_op_iwmmxt_unpacklub_M0();
2181 break;
2182 case 1:
2183 if (insn & (1 << 21))
2184 gen_op_iwmmxt_unpacklsw_M0();
2185 else
2186 gen_op_iwmmxt_unpackluw_M0();
2187 break;
2188 case 2:
2189 if (insn & (1 << 21))
2190 gen_op_iwmmxt_unpacklsl_M0();
2191 else
2192 gen_op_iwmmxt_unpacklul_M0();
2193 break;
2194 case 3:
2195 return 1;
2196 }
2197 gen_op_iwmmxt_movq_wRn_M0(wrd);
2198 gen_op_iwmmxt_set_mup();
2199 gen_op_iwmmxt_set_cup();
2200 break;
2201 case 0x00c: case 0x20c: case 0x40c: case 0x60c: /* WUNPCKEH */
2202 case 0x80c: case 0xa0c: case 0xc0c: case 0xe0c:
2203 wrd = (insn >> 12) & 0xf;
2204 rd0 = (insn >> 16) & 0xf;
2205 gen_op_iwmmxt_movq_M0_wRn(rd0);
2206 switch ((insn >> 22) & 3) {
2207 case 0:
2208 if (insn & (1 << 21))
2209 gen_op_iwmmxt_unpackhsb_M0();
2210 else
2211 gen_op_iwmmxt_unpackhub_M0();
2212 break;
2213 case 1:
2214 if (insn & (1 << 21))
2215 gen_op_iwmmxt_unpackhsw_M0();
2216 else
2217 gen_op_iwmmxt_unpackhuw_M0();
2218 break;
2219 case 2:
2220 if (insn & (1 << 21))
2221 gen_op_iwmmxt_unpackhsl_M0();
2222 else
2223 gen_op_iwmmxt_unpackhul_M0();
2224 break;
2225 case 3:
2226 return 1;
2227 }
2228 gen_op_iwmmxt_movq_wRn_M0(wrd);
2229 gen_op_iwmmxt_set_mup();
2230 gen_op_iwmmxt_set_cup();
2231 break;
2232 case 0x204: case 0x604: case 0xa04: case 0xe04: /* WSRL */
2233 case 0x214: case 0x614: case 0xa14: case 0xe14:
2234 if (((insn >> 22) & 3) == 0)
2235 return 1;
2236 wrd = (insn >> 12) & 0xf;
2237 rd0 = (insn >> 16) & 0xf;
2238 gen_op_iwmmxt_movq_M0_wRn(rd0);
2239 tmp = tcg_temp_new_i32();
2240 if (gen_iwmmxt_shift(insn, 0xff, tmp)) {
2241 tcg_temp_free_i32(tmp);
2242 return 1;
2243 }
2244 switch ((insn >> 22) & 3) {
2245 case 1:
2246 gen_helper_iwmmxt_srlw(cpu_M0, cpu_env, cpu_M0, tmp);
2247 break;
2248 case 2:
2249 gen_helper_iwmmxt_srll(cpu_M0, cpu_env, cpu_M0, tmp);
2250 break;
2251 case 3:
2252 gen_helper_iwmmxt_srlq(cpu_M0, cpu_env, cpu_M0, tmp);
2253 break;
2254 }
2255 tcg_temp_free_i32(tmp);
2256 gen_op_iwmmxt_movq_wRn_M0(wrd);
2257 gen_op_iwmmxt_set_mup();
2258 gen_op_iwmmxt_set_cup();
2259 break;
2260 case 0x004: case 0x404: case 0x804: case 0xc04: /* WSRA */
2261 case 0x014: case 0x414: case 0x814: case 0xc14:
2262 if (((insn >> 22) & 3) == 0)
2263 return 1;
2264 wrd = (insn >> 12) & 0xf;
2265 rd0 = (insn >> 16) & 0xf;
2266 gen_op_iwmmxt_movq_M0_wRn(rd0);
2267 tmp = tcg_temp_new_i32();
2268 if (gen_iwmmxt_shift(insn, 0xff, tmp)) {
2269 tcg_temp_free_i32(tmp);
2270 return 1;
2271 }
2272 switch ((insn >> 22) & 3) {
2273 case 1:
2274 gen_helper_iwmmxt_sraw(cpu_M0, cpu_env, cpu_M0, tmp);
2275 break;
2276 case 2:
2277 gen_helper_iwmmxt_sral(cpu_M0, cpu_env, cpu_M0, tmp);
2278 break;
2279 case 3:
2280 gen_helper_iwmmxt_sraq(cpu_M0, cpu_env, cpu_M0, tmp);
2281 break;
2282 }
2283 tcg_temp_free_i32(tmp);
2284 gen_op_iwmmxt_movq_wRn_M0(wrd);
2285 gen_op_iwmmxt_set_mup();
2286 gen_op_iwmmxt_set_cup();
2287 break;
2288 case 0x104: case 0x504: case 0x904: case 0xd04: /* WSLL */
2289 case 0x114: case 0x514: case 0x914: case 0xd14:
2290 if (((insn >> 22) & 3) == 0)
2291 return 1;
2292 wrd = (insn >> 12) & 0xf;
2293 rd0 = (insn >> 16) & 0xf;
2294 gen_op_iwmmxt_movq_M0_wRn(rd0);
2295 tmp = tcg_temp_new_i32();
2296 if (gen_iwmmxt_shift(insn, 0xff, tmp)) {
2297 tcg_temp_free_i32(tmp);
2298 return 1;
2299 }
2300 switch ((insn >> 22) & 3) {
2301 case 1:
2302 gen_helper_iwmmxt_sllw(cpu_M0, cpu_env, cpu_M0, tmp);
2303 break;
2304 case 2:
2305 gen_helper_iwmmxt_slll(cpu_M0, cpu_env, cpu_M0, tmp);
2306 break;
2307 case 3:
2308 gen_helper_iwmmxt_sllq(cpu_M0, cpu_env, cpu_M0, tmp);
2309 break;
2310 }
2311 tcg_temp_free_i32(tmp);
2312 gen_op_iwmmxt_movq_wRn_M0(wrd);
2313 gen_op_iwmmxt_set_mup();
2314 gen_op_iwmmxt_set_cup();
2315 break;
2316 case 0x304: case 0x704: case 0xb04: case 0xf04: /* WROR */
2317 case 0x314: case 0x714: case 0xb14: case 0xf14:
2318 if (((insn >> 22) & 3) == 0)
2319 return 1;
2320 wrd = (insn >> 12) & 0xf;
2321 rd0 = (insn >> 16) & 0xf;
2322 gen_op_iwmmxt_movq_M0_wRn(rd0);
2323 tmp = tcg_temp_new_i32();
2324 switch ((insn >> 22) & 3) {
2325 case 1:
2326 if (gen_iwmmxt_shift(insn, 0xf, tmp)) {
2327 tcg_temp_free_i32(tmp);
2328 return 1;
2329 }
2330 gen_helper_iwmmxt_rorw(cpu_M0, cpu_env, cpu_M0, tmp);
2331 break;
2332 case 2:
2333 if (gen_iwmmxt_shift(insn, 0x1f, tmp)) {
2334 tcg_temp_free_i32(tmp);
2335 return 1;
2336 }
2337 gen_helper_iwmmxt_rorl(cpu_M0, cpu_env, cpu_M0, tmp);
2338 break;
2339 case 3:
2340 if (gen_iwmmxt_shift(insn, 0x3f, tmp)) {
2341 tcg_temp_free_i32(tmp);
2342 return 1;
2343 }
2344 gen_helper_iwmmxt_rorq(cpu_M0, cpu_env, cpu_M0, tmp);
2345 break;
2346 }
2347 tcg_temp_free_i32(tmp);
2348 gen_op_iwmmxt_movq_wRn_M0(wrd);
2349 gen_op_iwmmxt_set_mup();
2350 gen_op_iwmmxt_set_cup();
2351 break;
2352 case 0x116: case 0x316: case 0x516: case 0x716: /* WMIN */
2353 case 0x916: case 0xb16: case 0xd16: case 0xf16:
2354 wrd = (insn >> 12) & 0xf;
2355 rd0 = (insn >> 16) & 0xf;
2356 rd1 = (insn >> 0) & 0xf;
2357 gen_op_iwmmxt_movq_M0_wRn(rd0);
2358 switch ((insn >> 22) & 3) {
2359 case 0:
2360 if (insn & (1 << 21))
2361 gen_op_iwmmxt_minsb_M0_wRn(rd1);
2362 else
2363 gen_op_iwmmxt_minub_M0_wRn(rd1);
2364 break;
2365 case 1:
2366 if (insn & (1 << 21))
2367 gen_op_iwmmxt_minsw_M0_wRn(rd1);
2368 else
2369 gen_op_iwmmxt_minuw_M0_wRn(rd1);
2370 break;
2371 case 2:
2372 if (insn & (1 << 21))
2373 gen_op_iwmmxt_minsl_M0_wRn(rd1);
2374 else
2375 gen_op_iwmmxt_minul_M0_wRn(rd1);
2376 break;
2377 case 3:
2378 return 1;
2379 }
2380 gen_op_iwmmxt_movq_wRn_M0(wrd);
2381 gen_op_iwmmxt_set_mup();
2382 break;
2383 case 0x016: case 0x216: case 0x416: case 0x616: /* WMAX */
2384 case 0x816: case 0xa16: case 0xc16: case 0xe16:
2385 wrd = (insn >> 12) & 0xf;
2386 rd0 = (insn >> 16) & 0xf;
2387 rd1 = (insn >> 0) & 0xf;
2388 gen_op_iwmmxt_movq_M0_wRn(rd0);
2389 switch ((insn >> 22) & 3) {
2390 case 0:
2391 if (insn & (1 << 21))
2392 gen_op_iwmmxt_maxsb_M0_wRn(rd1);
2393 else
2394 gen_op_iwmmxt_maxub_M0_wRn(rd1);
2395 break;
2396 case 1:
2397 if (insn & (1 << 21))
2398 gen_op_iwmmxt_maxsw_M0_wRn(rd1);
2399 else
2400 gen_op_iwmmxt_maxuw_M0_wRn(rd1);
2401 break;
2402 case 2:
2403 if (insn & (1 << 21))
2404 gen_op_iwmmxt_maxsl_M0_wRn(rd1);
2405 else
2406 gen_op_iwmmxt_maxul_M0_wRn(rd1);
2407 break;
2408 case 3:
2409 return 1;
2410 }
2411 gen_op_iwmmxt_movq_wRn_M0(wrd);
2412 gen_op_iwmmxt_set_mup();
2413 break;
2414 case 0x002: case 0x102: case 0x202: case 0x302: /* WALIGNI */
2415 case 0x402: case 0x502: case 0x602: case 0x702:
2416 wrd = (insn >> 12) & 0xf;
2417 rd0 = (insn >> 16) & 0xf;
2418 rd1 = (insn >> 0) & 0xf;
2419 gen_op_iwmmxt_movq_M0_wRn(rd0);
2420 tmp = tcg_const_i32((insn >> 20) & 3);
2421 iwmmxt_load_reg(cpu_V1, rd1);
2422 gen_helper_iwmmxt_align(cpu_M0, cpu_M0, cpu_V1, tmp);
2423 tcg_temp_free_i32(tmp);
2424 gen_op_iwmmxt_movq_wRn_M0(wrd);
2425 gen_op_iwmmxt_set_mup();
2426 break;
2427 case 0x01a: case 0x11a: case 0x21a: case 0x31a: /* WSUB */
2428 case 0x41a: case 0x51a: case 0x61a: case 0x71a:
2429 case 0x81a: case 0x91a: case 0xa1a: case 0xb1a:
2430 case 0xc1a: case 0xd1a: case 0xe1a: case 0xf1a:
2431 wrd = (insn >> 12) & 0xf;
2432 rd0 = (insn >> 16) & 0xf;
2433 rd1 = (insn >> 0) & 0xf;
2434 gen_op_iwmmxt_movq_M0_wRn(rd0);
2435 switch ((insn >> 20) & 0xf) {
2436 case 0x0:
2437 gen_op_iwmmxt_subnb_M0_wRn(rd1);
2438 break;
2439 case 0x1:
2440 gen_op_iwmmxt_subub_M0_wRn(rd1);
2441 break;
2442 case 0x3:
2443 gen_op_iwmmxt_subsb_M0_wRn(rd1);
2444 break;
2445 case 0x4:
2446 gen_op_iwmmxt_subnw_M0_wRn(rd1);
2447 break;
2448 case 0x5:
2449 gen_op_iwmmxt_subuw_M0_wRn(rd1);
2450 break;
2451 case 0x7:
2452 gen_op_iwmmxt_subsw_M0_wRn(rd1);
2453 break;
2454 case 0x8:
2455 gen_op_iwmmxt_subnl_M0_wRn(rd1);
2456 break;
2457 case 0x9:
2458 gen_op_iwmmxt_subul_M0_wRn(rd1);
2459 break;
2460 case 0xb:
2461 gen_op_iwmmxt_subsl_M0_wRn(rd1);
2462 break;
2463 default:
2464 return 1;
2465 }
2466 gen_op_iwmmxt_movq_wRn_M0(wrd);
2467 gen_op_iwmmxt_set_mup();
2468 gen_op_iwmmxt_set_cup();
2469 break;
2470 case 0x01e: case 0x11e: case 0x21e: case 0x31e: /* WSHUFH */
2471 case 0x41e: case 0x51e: case 0x61e: case 0x71e:
2472 case 0x81e: case 0x91e: case 0xa1e: case 0xb1e:
2473 case 0xc1e: case 0xd1e: case 0xe1e: case 0xf1e:
2474 wrd = (insn >> 12) & 0xf;
2475 rd0 = (insn >> 16) & 0xf;
2476 gen_op_iwmmxt_movq_M0_wRn(rd0);
2477 tmp = tcg_const_i32(((insn >> 16) & 0xf0) | (insn & 0x0f));
2478 gen_helper_iwmmxt_shufh(cpu_M0, cpu_env, cpu_M0, tmp);
2479 tcg_temp_free_i32(tmp);
2480 gen_op_iwmmxt_movq_wRn_M0(wrd);
2481 gen_op_iwmmxt_set_mup();
2482 gen_op_iwmmxt_set_cup();
2483 break;
2484 case 0x018: case 0x118: case 0x218: case 0x318: /* WADD */
2485 case 0x418: case 0x518: case 0x618: case 0x718:
2486 case 0x818: case 0x918: case 0xa18: case 0xb18:
2487 case 0xc18: case 0xd18: case 0xe18: case 0xf18:
2488 wrd = (insn >> 12) & 0xf;
2489 rd0 = (insn >> 16) & 0xf;
2490 rd1 = (insn >> 0) & 0xf;
2491 gen_op_iwmmxt_movq_M0_wRn(rd0);
2492 switch ((insn >> 20) & 0xf) {
2493 case 0x0:
2494 gen_op_iwmmxt_addnb_M0_wRn(rd1);
2495 break;
2496 case 0x1:
2497 gen_op_iwmmxt_addub_M0_wRn(rd1);
2498 break;
2499 case 0x3:
2500 gen_op_iwmmxt_addsb_M0_wRn(rd1);
2501 break;
2502 case 0x4:
2503 gen_op_iwmmxt_addnw_M0_wRn(rd1);
2504 break;
2505 case 0x5:
2506 gen_op_iwmmxt_adduw_M0_wRn(rd1);
2507 break;
2508 case 0x7:
2509 gen_op_iwmmxt_addsw_M0_wRn(rd1);
2510 break;
2511 case 0x8:
2512 gen_op_iwmmxt_addnl_M0_wRn(rd1);
2513 break;
2514 case 0x9:
2515 gen_op_iwmmxt_addul_M0_wRn(rd1);
2516 break;
2517 case 0xb:
2518 gen_op_iwmmxt_addsl_M0_wRn(rd1);
2519 break;
2520 default:
2521 return 1;
2522 }
2523 gen_op_iwmmxt_movq_wRn_M0(wrd);
2524 gen_op_iwmmxt_set_mup();
2525 gen_op_iwmmxt_set_cup();
2526 break;
2527 case 0x008: case 0x108: case 0x208: case 0x308: /* WPACK */
2528 case 0x408: case 0x508: case 0x608: case 0x708:
2529 case 0x808: case 0x908: case 0xa08: case 0xb08:
2530 case 0xc08: case 0xd08: case 0xe08: case 0xf08:
2531 if (!(insn & (1 << 20)) || ((insn >> 22) & 3) == 0)
2532 return 1;
2533 wrd = (insn >> 12) & 0xf;
2534 rd0 = (insn >> 16) & 0xf;
2535 rd1 = (insn >> 0) & 0xf;
2536 gen_op_iwmmxt_movq_M0_wRn(rd0);
2537 switch ((insn >> 22) & 3) {
2538 case 1:
2539 if (insn & (1 << 21))
2540 gen_op_iwmmxt_packsw_M0_wRn(rd1);
2541 else
2542 gen_op_iwmmxt_packuw_M0_wRn(rd1);
2543 break;
2544 case 2:
2545 if (insn & (1 << 21))
2546 gen_op_iwmmxt_packsl_M0_wRn(rd1);
2547 else
2548 gen_op_iwmmxt_packul_M0_wRn(rd1);
2549 break;
2550 case 3:
2551 if (insn & (1 << 21))
2552 gen_op_iwmmxt_packsq_M0_wRn(rd1);
2553 else
2554 gen_op_iwmmxt_packuq_M0_wRn(rd1);
2555 break;
2556 }
2557 gen_op_iwmmxt_movq_wRn_M0(wrd);
2558 gen_op_iwmmxt_set_mup();
2559 gen_op_iwmmxt_set_cup();
2560 break;
2561 case 0x201: case 0x203: case 0x205: case 0x207:
2562 case 0x209: case 0x20b: case 0x20d: case 0x20f:
2563 case 0x211: case 0x213: case 0x215: case 0x217:
2564 case 0x219: case 0x21b: case 0x21d: case 0x21f:
2565 wrd = (insn >> 5) & 0xf;
2566 rd0 = (insn >> 12) & 0xf;
2567 rd1 = (insn >> 0) & 0xf;
2568 if (rd0 == 0xf || rd1 == 0xf)
2569 return 1;
2570 gen_op_iwmmxt_movq_M0_wRn(wrd);
2571 tmp = load_reg(s, rd0);
2572 tmp2 = load_reg(s, rd1);
2573 switch ((insn >> 16) & 0xf) {
2574 case 0x0: /* TMIA */
2575 gen_helper_iwmmxt_muladdsl(cpu_M0, cpu_M0, tmp, tmp2);
2576 break;
2577 case 0x8: /* TMIAPH */
2578 gen_helper_iwmmxt_muladdsw(cpu_M0, cpu_M0, tmp, tmp2);
2579 break;
2580 case 0xc: case 0xd: case 0xe: case 0xf: /* TMIAxy */
2581 if (insn & (1 << 16))
2582 tcg_gen_shri_i32(tmp, tmp, 16);
2583 if (insn & (1 << 17))
2584 tcg_gen_shri_i32(tmp2, tmp2, 16);
2585 gen_helper_iwmmxt_muladdswl(cpu_M0, cpu_M0, tmp, tmp2);
2586 break;
2587 default:
2588 tcg_temp_free_i32(tmp2);
2589 tcg_temp_free_i32(tmp);
2590 return 1;
2591 }
2592 tcg_temp_free_i32(tmp2);
2593 tcg_temp_free_i32(tmp);
2594 gen_op_iwmmxt_movq_wRn_M0(wrd);
2595 gen_op_iwmmxt_set_mup();
2596 break;
2597 default:
2598 return 1;
2599 }
2600
2601 return 0;
2602 }
2603
2604 /* Disassemble an XScale DSP instruction. Returns nonzero if an error occurred
2605 (ie. an undefined instruction). */
2606 static int disas_dsp_insn(DisasContext *s, uint32_t insn)
2607 {
2608 int acc, rd0, rd1, rdhi, rdlo;
2609 TCGv_i32 tmp, tmp2;
2610
2611 if ((insn & 0x0ff00f10) == 0x0e200010) {
2612 /* Multiply with Internal Accumulate Format */
2613 rd0 = (insn >> 12) & 0xf;
2614 rd1 = insn & 0xf;
2615 acc = (insn >> 5) & 7;
2616
2617 if (acc != 0)
2618 return 1;
2619
2620 tmp = load_reg(s, rd0);
2621 tmp2 = load_reg(s, rd1);
2622 switch ((insn >> 16) & 0xf) {
2623 case 0x0: /* MIA */
2624 gen_helper_iwmmxt_muladdsl(cpu_M0, cpu_M0, tmp, tmp2);
2625 break;
2626 case 0x8: /* MIAPH */
2627 gen_helper_iwmmxt_muladdsw(cpu_M0, cpu_M0, tmp, tmp2);
2628 break;
2629 case 0xc: /* MIABB */
2630 case 0xd: /* MIABT */
2631 case 0xe: /* MIATB */
2632 case 0xf: /* MIATT */
2633 if (insn & (1 << 16))
2634 tcg_gen_shri_i32(tmp, tmp, 16);
2635 if (insn & (1 << 17))
2636 tcg_gen_shri_i32(tmp2, tmp2, 16);
2637 gen_helper_iwmmxt_muladdswl(cpu_M0, cpu_M0, tmp, tmp2);
2638 break;
2639 default:
2640 return 1;
2641 }
2642 tcg_temp_free_i32(tmp2);
2643 tcg_temp_free_i32(tmp);
2644
2645 gen_op_iwmmxt_movq_wRn_M0(acc);
2646 return 0;
2647 }
2648
2649 if ((insn & 0x0fe00ff8) == 0x0c400000) {
2650 /* Internal Accumulator Access Format */
2651 rdhi = (insn >> 16) & 0xf;
2652 rdlo = (insn >> 12) & 0xf;
2653 acc = insn & 7;
2654
2655 if (acc != 0)
2656 return 1;
2657
2658 if (insn & ARM_CP_RW_BIT) { /* MRA */
2659 iwmmxt_load_reg(cpu_V0, acc);
2660 tcg_gen_extrl_i64_i32(cpu_R[rdlo], cpu_V0);
2661 tcg_gen_shri_i64(cpu_V0, cpu_V0, 32);
2662 tcg_gen_extrl_i64_i32(cpu_R[rdhi], cpu_V0);
2663 tcg_gen_andi_i32(cpu_R[rdhi], cpu_R[rdhi], (1 << (40 - 32)) - 1);
2664 } else { /* MAR */
2665 tcg_gen_concat_i32_i64(cpu_V0, cpu_R[rdlo], cpu_R[rdhi]);
2666 iwmmxt_store_reg(cpu_V0, acc);
2667 }
2668 return 0;
2669 }
2670
2671 return 1;
2672 }
2673
2674 #define VFP_REG_SHR(x, n) (((n) > 0) ? (x) >> (n) : (x) << -(n))
2675 #define VFP_SREG(insn, bigbit, smallbit) \
2676 ((VFP_REG_SHR(insn, bigbit - 1) & 0x1e) | (((insn) >> (smallbit)) & 1))
2677 #define VFP_DREG(reg, insn, bigbit, smallbit) do { \
2678 if (arm_dc_feature(s, ARM_FEATURE_VFP3)) { \
2679 reg = (((insn) >> (bigbit)) & 0x0f) \
2680 | (((insn) >> ((smallbit) - 4)) & 0x10); \
2681 } else { \
2682 if (insn & (1 << (smallbit))) \
2683 return 1; \
2684 reg = ((insn) >> (bigbit)) & 0x0f; \
2685 }} while (0)
2686
2687 #define VFP_SREG_D(insn) VFP_SREG(insn, 12, 22)
2688 #define VFP_DREG_D(reg, insn) VFP_DREG(reg, insn, 12, 22)
2689 #define VFP_SREG_N(insn) VFP_SREG(insn, 16, 7)
2690 #define VFP_DREG_N(reg, insn) VFP_DREG(reg, insn, 16, 7)
2691 #define VFP_SREG_M(insn) VFP_SREG(insn, 0, 5)
2692 #define VFP_DREG_M(reg, insn) VFP_DREG(reg, insn, 0, 5)
2693
2694 /* Move between integer and VFP cores. */
2695 static TCGv_i32 gen_vfp_mrs(void)
2696 {
2697 TCGv_i32 tmp = tcg_temp_new_i32();
2698 tcg_gen_mov_i32(tmp, cpu_F0s);
2699 return tmp;
2700 }
2701
2702 static void gen_vfp_msr(TCGv_i32 tmp)
2703 {
2704 tcg_gen_mov_i32(cpu_F0s, tmp);
2705 tcg_temp_free_i32(tmp);
2706 }
2707
2708 static void gen_neon_dup_u8(TCGv_i32 var, int shift)
2709 {
2710 TCGv_i32 tmp = tcg_temp_new_i32();
2711 if (shift)
2712 tcg_gen_shri_i32(var, var, shift);
2713 tcg_gen_ext8u_i32(var, var);
2714 tcg_gen_shli_i32(tmp, var, 8);
2715 tcg_gen_or_i32(var, var, tmp);
2716 tcg_gen_shli_i32(tmp, var, 16);
2717 tcg_gen_or_i32(var, var, tmp);
2718 tcg_temp_free_i32(tmp);
2719 }
2720
2721 static void gen_neon_dup_low16(TCGv_i32 var)
2722 {
2723 TCGv_i32 tmp = tcg_temp_new_i32();
2724 tcg_gen_ext16u_i32(var, var);
2725 tcg_gen_shli_i32(tmp, var, 16);
2726 tcg_gen_or_i32(var, var, tmp);
2727 tcg_temp_free_i32(tmp);
2728 }
2729
2730 static void gen_neon_dup_high16(TCGv_i32 var)
2731 {
2732 TCGv_i32 tmp = tcg_temp_new_i32();
2733 tcg_gen_andi_i32(var, var, 0xffff0000);
2734 tcg_gen_shri_i32(tmp, var, 16);
2735 tcg_gen_or_i32(var, var, tmp);
2736 tcg_temp_free_i32(tmp);
2737 }
2738
2739 static TCGv_i32 gen_load_and_replicate(DisasContext *s, TCGv_i32 addr, int size)
2740 {
2741 /* Load a single Neon element and replicate into a 32 bit TCG reg */
2742 TCGv_i32 tmp = tcg_temp_new_i32();
2743 switch (size) {
2744 case 0:
2745 gen_aa32_ld8u(tmp, addr, get_mem_index(s));
2746 gen_neon_dup_u8(tmp, 0);
2747 break;
2748 case 1:
2749 gen_aa32_ld16u(tmp, addr, get_mem_index(s));
2750 gen_neon_dup_low16(tmp);
2751 break;
2752 case 2:
2753 gen_aa32_ld32u(tmp, addr, get_mem_index(s));
2754 break;
2755 default: /* Avoid compiler warnings. */
2756 abort();
2757 }
2758 return tmp;
2759 }
2760
2761 static int handle_vsel(uint32_t insn, uint32_t rd, uint32_t rn, uint32_t rm,
2762 uint32_t dp)
2763 {
2764 uint32_t cc = extract32(insn, 20, 2);
2765
2766 if (dp) {
2767 TCGv_i64 frn, frm, dest;
2768 TCGv_i64 tmp, zero, zf, nf, vf;
2769
2770 zero = tcg_const_i64(0);
2771
2772 frn = tcg_temp_new_i64();
2773 frm = tcg_temp_new_i64();
2774 dest = tcg_temp_new_i64();
2775
2776 zf = tcg_temp_new_i64();
2777 nf = tcg_temp_new_i64();
2778 vf = tcg_temp_new_i64();
2779
2780 tcg_gen_extu_i32_i64(zf, cpu_ZF);
2781 tcg_gen_ext_i32_i64(nf, cpu_NF);
2782 tcg_gen_ext_i32_i64(vf, cpu_VF);
2783
2784 tcg_gen_ld_f64(frn, cpu_env, vfp_reg_offset(dp, rn));
2785 tcg_gen_ld_f64(frm, cpu_env, vfp_reg_offset(dp, rm));
2786 switch (cc) {
2787 case 0: /* eq: Z */
2788 tcg_gen_movcond_i64(TCG_COND_EQ, dest, zf, zero,
2789 frn, frm);
2790 break;
2791 case 1: /* vs: V */
2792 tcg_gen_movcond_i64(TCG_COND_LT, dest, vf, zero,
2793 frn, frm);
2794 break;
2795 case 2: /* ge: N == V -> N ^ V == 0 */
2796 tmp = tcg_temp_new_i64();
2797 tcg_gen_xor_i64(tmp, vf, nf);
2798 tcg_gen_movcond_i64(TCG_COND_GE, dest, tmp, zero,
2799 frn, frm);
2800 tcg_temp_free_i64(tmp);
2801 break;
2802 case 3: /* gt: !Z && N == V */
2803 tcg_gen_movcond_i64(TCG_COND_NE, dest, zf, zero,
2804 frn, frm);
2805 tmp = tcg_temp_new_i64();
2806 tcg_gen_xor_i64(tmp, vf, nf);
2807 tcg_gen_movcond_i64(TCG_COND_GE, dest, tmp, zero,
2808 dest, frm);
2809 tcg_temp_free_i64(tmp);
2810 break;
2811 }
2812 tcg_gen_st_f64(dest, cpu_env, vfp_reg_offset(dp, rd));
2813 tcg_temp_free_i64(frn);
2814 tcg_temp_free_i64(frm);
2815 tcg_temp_free_i64(dest);
2816
2817 tcg_temp_free_i64(zf);
2818 tcg_temp_free_i64(nf);
2819 tcg_temp_free_i64(vf);
2820
2821 tcg_temp_free_i64(zero);
2822 } else {
2823 TCGv_i32 frn, frm, dest;
2824 TCGv_i32 tmp, zero;
2825
2826 zero = tcg_const_i32(0);
2827
2828 frn = tcg_temp_new_i32();
2829 frm = tcg_temp_new_i32();
2830 dest = tcg_temp_new_i32();
2831 tcg_gen_ld_f32(frn, cpu_env, vfp_reg_offset(dp, rn));
2832 tcg_gen_ld_f32(frm, cpu_env, vfp_reg_offset(dp, rm));
2833 switch (cc) {
2834 case 0: /* eq: Z */
2835 tcg_gen_movcond_i32(TCG_COND_EQ, dest, cpu_ZF, zero,
2836 frn, frm);
2837 break;
2838 case 1: /* vs: V */
2839 tcg_gen_movcond_i32(TCG_COND_LT, dest, cpu_VF, zero,
2840 frn, frm);
2841 break;
2842 case 2: /* ge: N == V -> N ^ V == 0 */
2843 tmp = tcg_temp_new_i32();
2844 tcg_gen_xor_i32(tmp, cpu_VF, cpu_NF);
2845 tcg_gen_movcond_i32(TCG_COND_GE, dest, tmp, zero,
2846 frn, frm);
2847 tcg_temp_free_i32(tmp);
2848 break;
2849 case 3: /* gt: !Z && N == V */
2850 tcg_gen_movcond_i32(TCG_COND_NE, dest, cpu_ZF, zero,
2851 frn, frm);
2852 tmp = tcg_temp_new_i32();
2853 tcg_gen_xor_i32(tmp, cpu_VF, cpu_NF);
2854 tcg_gen_movcond_i32(TCG_COND_GE, dest, tmp, zero,
2855 dest, frm);
2856 tcg_temp_free_i32(tmp);
2857 break;
2858 }
2859 tcg_gen_st_f32(dest, cpu_env, vfp_reg_offset(dp, rd));
2860 tcg_temp_free_i32(frn);
2861 tcg_temp_free_i32(frm);
2862 tcg_temp_free_i32(dest);
2863
2864 tcg_temp_free_i32(zero);
2865 }
2866
2867 return 0;
2868 }
2869
2870 static int handle_vminmaxnm(uint32_t insn, uint32_t rd, uint32_t rn,
2871 uint32_t rm, uint32_t dp)
2872 {
2873 uint32_t vmin = extract32(insn, 6, 1);
2874 TCGv_ptr fpst = get_fpstatus_ptr(0);
2875
2876 if (dp) {
2877 TCGv_i64 frn, frm, dest;
2878
2879 frn = tcg_temp_new_i64();
2880 frm = tcg_temp_new_i64();
2881 dest = tcg_temp_new_i64();
2882
2883 tcg_gen_ld_f64(frn, cpu_env, vfp_reg_offset(dp, rn));
2884 tcg_gen_ld_f64(frm, cpu_env, vfp_reg_offset(dp, rm));
2885 if (vmin) {
2886 gen_helper_vfp_minnumd(dest, frn, frm, fpst);
2887 } else {
2888 gen_helper_vfp_maxnumd(dest, frn, frm, fpst);
2889 }
2890 tcg_gen_st_f64(dest, cpu_env, vfp_reg_offset(dp, rd));
2891 tcg_temp_free_i64(frn);
2892 tcg_temp_free_i64(frm);
2893 tcg_temp_free_i64(dest);
2894 } else {
2895 TCGv_i32 frn, frm, dest;
2896
2897 frn = tcg_temp_new_i32();
2898 frm = tcg_temp_new_i32();
2899 dest = tcg_temp_new_i32();
2900
2901 tcg_gen_ld_f32(frn, cpu_env, vfp_reg_offset(dp, rn));
2902 tcg_gen_ld_f32(frm, cpu_env, vfp_reg_offset(dp, rm));
2903 if (vmin) {
2904 gen_helper_vfp_minnums(dest, frn, frm, fpst);
2905 } else {
2906 gen_helper_vfp_maxnums(dest, frn, frm, fpst);
2907 }
2908 tcg_gen_st_f32(dest, cpu_env, vfp_reg_offset(dp, rd));
2909 tcg_temp_free_i32(frn);
2910 tcg_temp_free_i32(frm);
2911 tcg_temp_free_i32(dest);
2912 }
2913
2914 tcg_temp_free_ptr(fpst);
2915 return 0;
2916 }
2917
2918 static int handle_vrint(uint32_t insn, uint32_t rd, uint32_t rm, uint32_t dp,
2919 int rounding)
2920 {
2921 TCGv_ptr fpst = get_fpstatus_ptr(0);
2922 TCGv_i32 tcg_rmode;
2923
2924 tcg_rmode = tcg_const_i32(arm_rmode_to_sf(rounding));
2925 gen_helper_set_rmode(tcg_rmode, tcg_rmode, cpu_env);
2926
2927 if (dp) {
2928 TCGv_i64 tcg_op;
2929 TCGv_i64 tcg_res;
2930 tcg_op = tcg_temp_new_i64();
2931 tcg_res = tcg_temp_new_i64();
2932 tcg_gen_ld_f64(tcg_op, cpu_env, vfp_reg_offset(dp, rm));
2933 gen_helper_rintd(tcg_res, tcg_op, fpst);
2934 tcg_gen_st_f64(tcg_res, cpu_env, vfp_reg_offset(dp, rd));
2935 tcg_temp_free_i64(tcg_op);
2936 tcg_temp_free_i64(tcg_res);
2937 } else {
2938 TCGv_i32 tcg_op;
2939 TCGv_i32 tcg_res;
2940 tcg_op = tcg_temp_new_i32();
2941 tcg_res = tcg_temp_new_i32();
2942 tcg_gen_ld_f32(tcg_op, cpu_env, vfp_reg_offset(dp, rm));
2943 gen_helper_rints(tcg_res, tcg_op, fpst);
2944 tcg_gen_st_f32(tcg_res, cpu_env, vfp_reg_offset(dp, rd));
2945 tcg_temp_free_i32(tcg_op);
2946 tcg_temp_free_i32(tcg_res);
2947 }
2948
2949 gen_helper_set_rmode(tcg_rmode, tcg_rmode, cpu_env);
2950 tcg_temp_free_i32(tcg_rmode);
2951
2952 tcg_temp_free_ptr(fpst);
2953 return 0;
2954 }
2955
2956 static int handle_vcvt(uint32_t insn, uint32_t rd, uint32_t rm, uint32_t dp,
2957 int rounding)
2958 {
2959 bool is_signed = extract32(insn, 7, 1);
2960 TCGv_ptr fpst = get_fpstatus_ptr(0);
2961 TCGv_i32 tcg_rmode, tcg_shift;
2962
2963 tcg_shift = tcg_const_i32(0);
2964
2965 tcg_rmode = tcg_const_i32(arm_rmode_to_sf(rounding));
2966 gen_helper_set_rmode(tcg_rmode, tcg_rmode, cpu_env);
2967
2968 if (dp) {
2969 TCGv_i64 tcg_double, tcg_res;
2970 TCGv_i32 tcg_tmp;
2971 /* Rd is encoded as a single precision register even when the source
2972 * is double precision.
2973 */
2974 rd = ((rd << 1) & 0x1e) | ((rd >> 4) & 0x1);
2975 tcg_double = tcg_temp_new_i64();
2976 tcg_res = tcg_temp_new_i64();
2977 tcg_tmp = tcg_temp_new_i32();
2978 tcg_gen_ld_f64(tcg_double, cpu_env, vfp_reg_offset(1, rm));
2979 if (is_signed) {
2980 gen_helper_vfp_tosld(tcg_res, tcg_double, tcg_shift, fpst);
2981 } else {
2982 gen_helper_vfp_tould(tcg_res, tcg_double, tcg_shift, fpst);
2983 }
2984 tcg_gen_extrl_i64_i32(tcg_tmp, tcg_res);
2985 tcg_gen_st_f32(tcg_tmp, cpu_env, vfp_reg_offset(0, rd));
2986 tcg_temp_free_i32(tcg_tmp);
2987 tcg_temp_free_i64(tcg_res);
2988 tcg_temp_free_i64(tcg_double);
2989 } else {
2990 TCGv_i32 tcg_single, tcg_res;
2991 tcg_single = tcg_temp_new_i32();
2992 tcg_res = tcg_temp_new_i32();
2993 tcg_gen_ld_f32(tcg_single, cpu_env, vfp_reg_offset(0, rm));
2994 if (is_signed) {
2995 gen_helper_vfp_tosls(tcg_res, tcg_single, tcg_shift, fpst);
2996 } else {
2997 gen_helper_vfp_touls(tcg_res, tcg_single, tcg_shift, fpst);
2998 }
2999 tcg_gen_st_f32(tcg_res, cpu_env, vfp_reg_offset(0, rd));
3000 tcg_temp_free_i32(tcg_res);
3001 tcg_temp_free_i32(tcg_single);
3002 }
3003
3004 gen_helper_set_rmode(tcg_rmode, tcg_rmode, cpu_env);
3005 tcg_temp_free_i32(tcg_rmode);
3006
3007 tcg_temp_free_i32(tcg_shift);
3008
3009 tcg_temp_free_ptr(fpst);
3010
3011 return 0;
3012 }
3013
3014 /* Table for converting the most common AArch32 encoding of
3015 * rounding mode to arm_fprounding order (which matches the
3016 * common AArch64 order); see ARM ARM pseudocode FPDecodeRM().
3017 */
3018 static const uint8_t fp_decode_rm[] = {
3019 FPROUNDING_TIEAWAY,
3020 FPROUNDING_TIEEVEN,
3021 FPROUNDING_POSINF,
3022 FPROUNDING_NEGINF,
3023 };
3024
3025 static int disas_vfp_v8_insn(DisasContext *s, uint32_t insn)
3026 {
3027 uint32_t rd, rn, rm, dp = extract32(insn, 8, 1);
3028
3029 if (!arm_dc_feature(s, ARM_FEATURE_V8)) {
3030 return 1;
3031 }
3032
3033 if (dp) {
3034 VFP_DREG_D(rd, insn);
3035 VFP_DREG_N(rn, insn);
3036 VFP_DREG_M(rm, insn);
3037 } else {
3038 rd = VFP_SREG_D(insn);
3039 rn = VFP_SREG_N(insn);
3040 rm = VFP_SREG_M(insn);
3041 }
3042
3043 if ((insn & 0x0f800e50) == 0x0e000a00) {
3044 return handle_vsel(insn, rd, rn, rm, dp);
3045 } else if ((insn & 0x0fb00e10) == 0x0e800a00) {
3046 return handle_vminmaxnm(insn, rd, rn, rm, dp);
3047 } else if ((insn & 0x0fbc0ed0) == 0x0eb80a40) {
3048 /* VRINTA, VRINTN, VRINTP, VRINTM */
3049 int rounding = fp_decode_rm[extract32(insn, 16, 2)];
3050 return handle_vrint(insn, rd, rm, dp, rounding);
3051 } else if ((insn & 0x0fbc0e50) == 0x0ebc0a40) {
3052 /* VCVTA, VCVTN, VCVTP, VCVTM */
3053 int rounding = fp_decode_rm[extract32(insn, 16, 2)];
3054 return handle_vcvt(insn, rd, rm, dp, rounding);
3055 }
3056 return 1;
3057 }
3058
3059 /* Disassemble a VFP instruction. Returns nonzero if an error occurred
3060 (ie. an undefined instruction). */
3061 static int disas_vfp_insn(DisasContext *s, uint32_t insn)
3062 {
3063 uint32_t rd, rn, rm, op, i, n, offset, delta_d, delta_m, bank_mask;
3064 int dp, veclen;
3065 TCGv_i32 addr;
3066 TCGv_i32 tmp;
3067 TCGv_i32 tmp2;
3068
3069 if (!arm_dc_feature(s, ARM_FEATURE_VFP)) {
3070 return 1;
3071 }
3072
3073 /* FIXME: this access check should not take precedence over UNDEF
3074 * for invalid encodings; we will generate incorrect syndrome information
3075 * for attempts to execute invalid vfp/neon encodings with FP disabled.
3076 */
3077 if (s->fp_excp_el) {
3078 gen_exception_insn(s, 4, EXCP_UDEF,
3079 syn_fp_access_trap(1, 0xe, s->thumb), s->fp_excp_el);
3080 return 0;
3081 }
3082
3083 if (!s->vfp_enabled) {
3084 /* VFP disabled. Only allow fmxr/fmrx to/from some control regs. */
3085 if ((insn & 0x0fe00fff) != 0x0ee00a10)
3086 return 1;
3087 rn = (insn >> 16) & 0xf;
3088 if (rn != ARM_VFP_FPSID && rn != ARM_VFP_FPEXC && rn != ARM_VFP_MVFR2
3089 && rn != ARM_VFP_MVFR1 && rn != ARM_VFP_MVFR0) {
3090 return 1;
3091 }
3092 }
3093
3094 if (extract32(insn, 28, 4) == 0xf) {
3095 /* Encodings with T=1 (Thumb) or unconditional (ARM):
3096 * only used in v8 and above.
3097 */
3098 return disas_vfp_v8_insn(s, insn);
3099 }
3100
3101 dp = ((insn & 0xf00) == 0xb00);
3102 switch ((insn >> 24) & 0xf) {
3103 case 0xe:
3104 if (insn & (1 << 4)) {
3105 /* single register transfer */
3106 rd = (insn >> 12) & 0xf;
3107 if (dp) {
3108 int size;
3109 int pass;
3110
3111 VFP_DREG_N(rn, insn);
3112 if (insn & 0xf)
3113 return 1;
3114 if (insn & 0x00c00060
3115 && !arm_dc_feature(s, ARM_FEATURE_NEON)) {
3116 return 1;
3117 }
3118
3119 pass = (insn >> 21) & 1;
3120 if (insn & (1 << 22)) {
3121 size = 0;
3122 offset = ((insn >> 5) & 3) * 8;
3123 } else if (insn & (1 << 5)) {
3124 size = 1;
3125 offset = (insn & (1 << 6)) ? 16 : 0;
3126 } else {
3127 size = 2;
3128 offset = 0;
3129 }
3130 if (insn & ARM_CP_RW_BIT) {
3131 /* vfp->arm */
3132 tmp = neon_load_reg(rn, pass);
3133 switch (size) {
3134 case 0:
3135 if (offset)
3136 tcg_gen_shri_i32(tmp, tmp, offset);
3137 if (insn & (1 << 23))
3138 gen_uxtb(tmp);
3139 else
3140 gen_sxtb(tmp);
3141 break;
3142 case 1:
3143 if (insn & (1 << 23)) {
3144 if (offset) {
3145 tcg_gen_shri_i32(tmp, tmp, 16);
3146 } else {
3147 gen_uxth(tmp);
3148 }
3149 } else {
3150 if (offset) {
3151 tcg_gen_sari_i32(tmp, tmp, 16);
3152 } else {
3153 gen_sxth(tmp);
3154 }
3155 }
3156 break;
3157 case 2:
3158 break;
3159 }
3160 store_reg(s, rd, tmp);
3161 } else {
3162 /* arm->vfp */
3163 tmp = load_reg(s, rd);
3164 if (insn & (1 << 23)) {
3165 /* VDUP */
3166 if (size == 0) {
3167 gen_neon_dup_u8(tmp, 0);
3168 } else if (size == 1) {
3169 gen_neon_dup_low16(tmp);
3170 }
3171 for (n = 0; n <= pass * 2; n++) {
3172 tmp2 = tcg_temp_new_i32();
3173 tcg_gen_mov_i32(tmp2, tmp);
3174 neon_store_reg(rn, n, tmp2);
3175 }
3176 neon_store_reg(rn, n, tmp);
3177 } else {
3178 /* VMOV */
3179 switch (size) {
3180 case 0:
3181 tmp2 = neon_load_reg(rn, pass);
3182 tcg_gen_deposit_i32(tmp, tmp2, tmp, offset, 8);
3183 tcg_temp_free_i32(tmp2);
3184 break;
3185 case 1:
3186 tmp2 = neon_load_reg(rn, pass);
3187 tcg_gen_deposit_i32(tmp, tmp2, tmp, offset, 16);
3188 tcg_temp_free_i32(tmp2);
3189 break;
3190 case 2:
3191 break;
3192 }
3193 neon_store_reg(rn, pass, tmp);
3194 }
3195 }
3196 } else { /* !dp */
3197 if ((insn & 0x6f) != 0x00)
3198 return 1;
3199 rn = VFP_SREG_N(insn);
3200 if (insn & ARM_CP_RW_BIT) {
3201 /* vfp->arm */
3202 if (insn & (1 << 21)) {
3203 /* system register */
3204 rn >>= 1;
3205
3206 switch (rn) {
3207 case ARM_VFP_FPSID:
3208 /* VFP2 allows access to FSID from userspace.
3209 VFP3 restricts all id registers to privileged
3210 accesses. */
3211 if (IS_USER(s)
3212 && arm_dc_feature(s, ARM_FEATURE_VFP3)) {
3213 return 1;
3214 }
3215 tmp = load_cpu_field(vfp.xregs[rn]);
3216 break;
3217 case ARM_VFP_FPEXC:
3218 if (IS_USER(s))
3219 return 1;
3220 tmp = load_cpu_field(vfp.xregs[rn]);
3221 break;
3222 case ARM_VFP_FPINST:
3223 case ARM_VFP_FPINST2:
3224 /* Not present in VFP3. */
3225 if (IS_USER(s)
3226 || arm_dc_feature(s, ARM_FEATURE_VFP3)) {
3227 return 1;
3228 }
3229 tmp = load_cpu_field(vfp.xregs[rn]);
3230 break;
3231 case ARM_VFP_FPSCR:
3232 if (rd == 15) {
3233 tmp = load_cpu_field(vfp.xregs[ARM_VFP_FPSCR]);
3234 tcg_gen_andi_i32(tmp, tmp, 0xf0000000);
3235 } else {
3236 tmp = tcg_temp_new_i32();
3237 gen_helper_vfp_get_fpscr(tmp, cpu_env);
3238 }
3239 break;
3240 case ARM_VFP_MVFR2:
3241 if (!arm_dc_feature(s, ARM_FEATURE_V8)) {
3242 return 1;
3243 }
3244 /* fall through */
3245 case ARM_VFP_MVFR0:
3246 case ARM_VFP_MVFR1:
3247 if (IS_USER(s)
3248 || !arm_dc_feature(s, ARM_FEATURE_MVFR)) {
3249 return 1;
3250 }
3251 tmp = load_cpu_field(vfp.xregs[rn]);
3252 break;
3253 default:
3254 return 1;
3255 }
3256 } else {
3257 gen_mov_F0_vreg(0, rn);
3258 tmp = gen_vfp_mrs();
3259 }
3260 if (rd == 15) {
3261 /* Set the 4 flag bits in the CPSR. */
3262 gen_set_nzcv(tmp);
3263 tcg_temp_free_i32(tmp);
3264 } else {
3265 store_reg(s, rd, tmp);
3266 }
3267 } else {
3268 /* arm->vfp */
3269 if (insn & (1 << 21)) {
3270 rn >>= 1;
3271 /* system register */
3272 switch (rn) {
3273 case ARM_VFP_FPSID:
3274 case ARM_VFP_MVFR0:
3275 case ARM_VFP_MVFR1:
3276 /* Writes are ignored. */
3277 break;
3278 case ARM_VFP_FPSCR:
3279 tmp = load_reg(s, rd);
3280 gen_helper_vfp_set_fpscr(cpu_env, tmp);
3281 tcg_temp_free_i32(tmp);
3282 gen_lookup_tb(s);
3283 break;
3284 case ARM_VFP_FPEXC:
3285 if (IS_USER(s))
3286 return 1;
3287 /* TODO: VFP subarchitecture support.
3288 * For now, keep the EN bit only */
3289 tmp = load_reg(s, rd);
3290 tcg_gen_andi_i32(tmp, tmp, 1 << 30);
3291 store_cpu_field(tmp, vfp.xregs[rn]);
3292 gen_lookup_tb(s);
3293 break;
3294 case ARM_VFP_FPINST:
3295 case ARM_VFP_FPINST2:
3296 if (IS_USER(s)) {
3297 return 1;
3298 }
3299 tmp = load_reg(s, rd);
3300 store_cpu_field(tmp, vfp.xregs[rn]);
3301 break;
3302 default:
3303 return 1;
3304 }
3305 } else {
3306 tmp = load_reg(s, rd);
3307 gen_vfp_msr(tmp);
3308 gen_mov_vreg_F0(0, rn);
3309 }
3310 }
3311 }
3312 } else {
3313 /* data processing */
3314 /* The opcode is in bits 23, 21, 20 and 6. */
3315 op = ((insn >> 20) & 8) | ((insn >> 19) & 6) | ((insn >> 6) & 1);
3316 if (dp) {
3317 if (op == 15) {
3318 /* rn is opcode */
3319 rn = ((insn >> 15) & 0x1e) | ((insn >> 7) & 1);
3320 } else {
3321 /* rn is register number */
3322 VFP_DREG_N(rn, insn);
3323 }
3324
3325 if (op == 15 && (rn == 15 || ((rn & 0x1c) == 0x18) ||
3326 ((rn & 0x1e) == 0x6))) {
3327 /* Integer or single/half precision destination. */
3328 rd = VFP_SREG_D(insn);
3329 } else {
3330 VFP_DREG_D(rd, insn);
3331 }
3332 if (op == 15 &&
3333 (((rn & 0x1c) == 0x10) || ((rn & 0x14) == 0x14) ||
3334 ((rn & 0x1e) == 0x4))) {
3335 /* VCVT from int or half precision is always from S reg
3336 * regardless of dp bit. VCVT with immediate frac_bits
3337 * has same format as SREG_M.
3338 */
3339 rm = VFP_SREG_M(insn);
3340 } else {
3341 VFP_DREG_M(rm, insn);
3342 }
3343 } else {
3344 rn = VFP_SREG_N(insn);
3345 if (op == 15 && rn == 15) {
3346 /* Double precision destination. */
3347 VFP_DREG_D(rd, insn);
3348 } else {
3349 rd = VFP_SREG_D(insn);
3350 }
3351 /* NB that we implicitly rely on the encoding for the frac_bits
3352 * in VCVT of fixed to float being the same as that of an SREG_M
3353 */
3354 rm = VFP_SREG_M(insn);
3355 }
3356
3357 veclen = s->vec_len;
3358 if (op == 15 && rn > 3)
3359 veclen = 0;
3360
3361 /* Shut up compiler warnings. */
3362 delta_m = 0;
3363 delta_d = 0;
3364 bank_mask = 0;
3365
3366 if (veclen > 0) {
3367 if (dp)
3368 bank_mask = 0xc;
3369 else
3370 bank_mask = 0x18;
3371
3372 /* Figure out what type of vector operation this is. */
3373 if ((rd & bank_mask) == 0) {
3374 /* scalar */
3375 veclen = 0;
3376 } else {
3377 if (dp)
3378 delta_d = (s->vec_stride >> 1) + 1;
3379 else
3380 delta_d = s->vec_stride + 1;
3381
3382 if ((rm & bank_mask) == 0) {
3383 /* mixed scalar/vector */
3384 delta_m = 0;
3385 } else {
3386 /* vector */
3387 delta_m = delta_d;
3388 }
3389 }
3390 }
3391
3392 /* Load the initial operands. */
3393 if (op == 15) {
3394 switch (rn) {
3395 case 16:
3396 case 17:
3397 /* Integer source */
3398 gen_mov_F0_vreg(0, rm);
3399 break;
3400 case 8:
3401 case 9:
3402 /* Compare */
3403 gen_mov_F0_vreg(dp, rd);
3404 gen_mov_F1_vreg(dp, rm);
3405 break;
3406 case 10:
3407 case 11:
3408 /* Compare with zero */
3409 gen_mov_F0_vreg(dp, rd);
3410 gen_vfp_F1_ld0(dp);
3411 break;
3412 case 20:
3413 case 21:
3414 case 22:
3415 case 23:
3416 case 28:
3417 case 29:
3418 case 30:
3419 case 31:
3420 /* Source and destination the same. */
3421 gen_mov_F0_vreg(dp, rd);
3422 break;
3423 case 4:
3424 case 5:
3425 case 6:
3426 case 7:
3427 /* VCVTB, VCVTT: only present with the halfprec extension
3428 * UNPREDICTABLE if bit 8 is set prior to ARMv8
3429 * (we choose to UNDEF)
3430 */
3431 if ((dp && !arm_dc_feature(s, ARM_FEATURE_V8)) ||
3432 !arm_dc_feature(s, ARM_FEATURE_VFP_FP16)) {
3433 return 1;
3434 }
3435 if (!extract32(rn, 1, 1)) {
3436 /* Half precision source. */
3437 gen_mov_F0_vreg(0, rm);
3438 break;
3439 }
3440 /* Otherwise fall through */
3441 default:
3442 /* One source operand. */
3443 gen_mov_F0_vreg(dp, rm);
3444 break;
3445 }
3446 } else {
3447 /* Two source operands. */
3448 gen_mov_F0_vreg(dp, rn);
3449 gen_mov_F1_vreg(dp, rm);
3450 }
3451
3452 for (;;) {
3453 /* Perform the calculation. */
3454 switch (op) {
3455 case 0: /* VMLA: fd + (fn * fm) */
3456 /* Note that order of inputs to the add matters for NaNs */
3457 gen_vfp_F1_mul(dp);
3458 gen_mov_F0_vreg(dp, rd);
3459 gen_vfp_add(dp);
3460 break;
3461 case 1: /* VMLS: fd + -(fn * fm) */
3462 gen_vfp_mul(dp);
3463 gen_vfp_F1_neg(dp);
3464 gen_mov_F0_vreg(dp, rd);
3465 gen_vfp_add(dp);
3466 break;
3467 case 2: /* VNMLS: -fd + (fn * fm) */
3468 /* Note that it isn't valid to replace (-A + B) with (B - A)
3469 * or similar plausible looking simplifications
3470 * because this will give wrong results for NaNs.
3471 */
3472 gen_vfp_F1_mul(dp);
3473 gen_mov_F0_vreg(dp, rd);
3474 gen_vfp_neg(dp);
3475 gen_vfp_add(dp);
3476 break;
3477 case 3: /* VNMLA: -fd + -(fn * fm) */
3478 gen_vfp_mul(dp);
3479 gen_vfp_F1_neg(dp);
3480 gen_mov_F0_vreg(dp, rd);
3481 gen_vfp_neg(dp);
3482 gen_vfp_add(dp);
3483 break;
3484 case 4: /* mul: fn * fm */
3485 gen_vfp_mul(dp);
3486 break;
3487 case 5: /* nmul: -(fn * fm) */
3488 gen_vfp_mul(dp);
3489 gen_vfp_neg(dp);
3490 break;
3491 case 6: /* add: fn + fm */
3492 gen_vfp_add(dp);
3493 break;
3494 case 7: /* sub: fn - fm */
3495 gen_vfp_sub(dp);
3496 break;
3497 case 8: /* div: fn / fm */
3498 gen_vfp_div(dp);
3499 break;
3500 case 10: /* VFNMA : fd = muladd(-fd, fn, fm) */
3501 case 11: /* VFNMS : fd = muladd(-fd, -fn, fm) */
3502 case 12: /* VFMA : fd = muladd( fd, fn, fm) */
3503 case 13: /* VFMS : fd = muladd( fd, -fn, fm) */
3504 /* These are fused multiply-add, and must be done as one
3505 * floating point operation with no rounding between the
3506 * multiplication and addition steps.
3507 * NB that doing the negations here as separate steps is
3508 * correct : an input NaN should come out with its sign bit
3509 * flipped if it is a negated-input.
3510 */
3511 if (!arm_dc_feature(s, ARM_FEATURE_VFP4)) {
3512 return 1;
3513 }
3514 if (dp) {
3515 TCGv_ptr fpst;
3516 TCGv_i64 frd;
3517 if (op & 1) {
3518 /* VFNMS, VFMS */
3519 gen_helper_vfp_negd(cpu_F0d, cpu_F0d);
3520 }
3521 frd = tcg_temp_new_i64();
3522 tcg_gen_ld_f64(frd, cpu_env, vfp_reg_offset(dp, rd));
3523 if (op & 2) {
3524 /* VFNMA, VFNMS */
3525 gen_helper_vfp_negd(frd, frd);
3526 }
3527 fpst = get_fpstatus_ptr(0);
3528 gen_helper_vfp_muladdd(cpu_F0d, cpu_F0d,
3529 cpu_F1d, frd, fpst);
3530 tcg_temp_free_ptr(fpst);
3531 tcg_temp_free_i64(frd);
3532 } else {
3533 TCGv_ptr fpst;
3534 TCGv_i32 frd;
3535 if (op & 1) {
3536 /* VFNMS, VFMS */
3537 gen_helper_vfp_negs(cpu_F0s, cpu_F0s);
3538 }
3539 frd = tcg_temp_new_i32();
3540 tcg_gen_ld_f32(frd, cpu_env, vfp_reg_offset(dp, rd));
3541 if (op & 2) {
3542 gen_helper_vfp_negs(frd, frd);
3543 }
3544 fpst = get_fpstatus_ptr(0);
3545 gen_helper_vfp_muladds(cpu_F0s, cpu_F0s,
3546 cpu_F1s, frd, fpst);
3547 tcg_temp_free_ptr(fpst);
3548 tcg_temp_free_i32(frd);
3549 }
3550 break;
3551 case 14: /* fconst */
3552 if (!arm_dc_feature(s, ARM_FEATURE_VFP3)) {
3553 return 1;
3554 }
3555
3556 n = (insn << 12) & 0x80000000;
3557 i = ((insn >> 12) & 0x70) | (insn & 0xf);
3558 if (dp) {
3559 if (i & 0x40)
3560 i |= 0x3f80;
3561 else
3562 i |= 0x4000;
3563 n |= i << 16;
3564 tcg_gen_movi_i64(cpu_F0d, ((uint64_t)n) << 32);
3565 } else {
3566 if (i & 0x40)
3567 i |= 0x780;
3568 else
3569 i |= 0x800;
3570 n |= i << 19;
3571 tcg_gen_movi_i32(cpu_F0s, n);
3572 }
3573 break;
3574 case 15: /* extension space */
3575 switch (rn) {
3576 case 0: /* cpy */
3577 /* no-op */
3578 break;
3579 case 1: /* abs */
3580 gen_vfp_abs(dp);
3581 break;
3582 case 2: /* neg */
3583 gen_vfp_neg(dp);
3584 break;
3585 case 3: /* sqrt */
3586 gen_vfp_sqrt(dp);
3587 break;
3588 case 4: /* vcvtb.f32.f16, vcvtb.f64.f16 */
3589 tmp = gen_vfp_mrs();
3590 tcg_gen_ext16u_i32(tmp, tmp);
3591 if (dp) {
3592 gen_helper_vfp_fcvt_f16_to_f64(cpu_F0d, tmp,
3593 cpu_env);
3594 } else {
3595 gen_helper_vfp_fcvt_f16_to_f32(cpu_F0s, tmp,
3596 cpu_env);
3597 }
3598 tcg_temp_free_i32(tmp);
3599 break;
3600 case 5: /* vcvtt.f32.f16, vcvtt.f64.f16 */
3601 tmp = gen_vfp_mrs();
3602 tcg_gen_shri_i32(tmp, tmp, 16);
3603 if (dp) {
3604 gen_helper_vfp_fcvt_f16_to_f64(cpu_F0d, tmp,
3605 cpu_env);
3606 } else {
3607 gen_helper_vfp_fcvt_f16_to_f32(cpu_F0s, tmp,
3608 cpu_env);
3609 }
3610 tcg_temp_free_i32(tmp);
3611 break;
3612 case 6: /* vcvtb.f16.f32, vcvtb.f16.f64 */
3613 tmp = tcg_temp_new_i32();
3614 if (dp) {
3615 gen_helper_vfp_fcvt_f64_to_f16(tmp, cpu_F0d,
3616 cpu_env);
3617 } else {
3618 gen_helper_vfp_fcvt_f32_to_f16(tmp, cpu_F0s,
3619 cpu_env);
3620 }
3621 gen_mov_F0_vreg(0, rd);
3622 tmp2 = gen_vfp_mrs();
3623 tcg_gen_andi_i32(tmp2, tmp2, 0xffff0000);
3624 tcg_gen_or_i32(tmp, tmp, tmp2);
3625 tcg_temp_free_i32(tmp2);
3626 gen_vfp_msr(tmp);
3627 break;
3628 case 7: /* vcvtt.f16.f32, vcvtt.f16.f64 */
3629 tmp = tcg_temp_new_i32();
3630 if (dp) {
3631 gen_helper_vfp_fcvt_f64_to_f16(tmp, cpu_F0d,
3632 cpu_env);
3633 } else {
3634 gen_helper_vfp_fcvt_f32_to_f16(tmp, cpu_F0s,
3635 cpu_env);
3636 }
3637 tcg_gen_shli_i32(tmp, tmp, 16);
3638 gen_mov_F0_vreg(0, rd);
3639 tmp2 = gen_vfp_mrs();
3640 tcg_gen_ext16u_i32(tmp2, tmp2);
3641 tcg_gen_or_i32(tmp, tmp, tmp2);
3642 tcg_temp_free_i32(tmp2);
3643 gen_vfp_msr(tmp);
3644 break;
3645 case 8: /* cmp */
3646 gen_vfp_cmp(dp);
3647 break;
3648 case 9: /* cmpe */
3649 gen_vfp_cmpe(dp);
3650 break;
3651 case 10: /* cmpz */
3652 gen_vfp_cmp(dp);
3653 break;
3654 case 11: /* cmpez */
3655 gen_vfp_F1_ld0(dp);
3656 gen_vfp_cmpe(dp);
3657 break;
3658 case 12: /* vrintr */
3659 {
3660 TCGv_ptr fpst = get_fpstatus_ptr(0);
3661 if (dp) {
3662 gen_helper_rintd(cpu_F0d, cpu_F0d, fpst);
3663 } else {
3664 gen_helper_rints(cpu_F0s, cpu_F0s, fpst);
3665 }
3666 tcg_temp_free_ptr(fpst);
3667 break;
3668 }
3669 case 13: /* vrintz */
3670 {
3671 TCGv_ptr fpst = get_fpstatus_ptr(0);
3672 TCGv_i32 tcg_rmode;
3673 tcg_rmode = tcg_const_i32(float_round_to_zero);
3674 gen_helper_set_rmode(tcg_rmode, tcg_rmode, cpu_env);
3675 if (dp) {
3676 gen_helper_rintd(cpu_F0d, cpu_F0d, fpst);
3677 } else {
3678 gen_helper_rints(cpu_F0s, cpu_F0s, fpst);
3679 }
3680 gen_helper_set_rmode(tcg_rmode, tcg_rmode, cpu_env);
3681 tcg_temp_free_i32(tcg_rmode);
3682 tcg_temp_free_ptr(fpst);
3683 break;
3684 }
3685 case 14: /* vrintx */
3686 {
3687 TCGv_ptr fpst = get_fpstatus_ptr(0);
3688 if (dp) {
3689 gen_helper_rintd_exact(cpu_F0d, cpu_F0d, fpst);
3690 } else {
3691 gen_helper_rints_exact(cpu_F0s, cpu_F0s, fpst);
3692 }
3693 tcg_temp_free_ptr(fpst);
3694 break;
3695 }
3696 case 15: /* single<->double conversion */
3697 if (dp)
3698 gen_helper_vfp_fcvtsd(cpu_F0s, cpu_F0d, cpu_env);
3699 else
3700 gen_helper_vfp_fcvtds(cpu_F0d, cpu_F0s, cpu_env);
3701 break;
3702 case 16: /* fuito */
3703 gen_vfp_uito(dp, 0);
3704 break;
3705 case 17: /* fsito */
3706 gen_vfp_sito(dp, 0);
3707 break;
3708 case 20: /* fshto */
3709 if (!arm_dc_feature(s, ARM_FEATURE_VFP3)) {
3710 return 1;
3711 }
3712 gen_vfp_shto(dp, 16 - rm, 0);
3713 break;
3714 case 21: /* fslto */
3715 if (!arm_dc_feature(s, ARM_FEATURE_VFP3)) {
3716 return 1;
3717 }
3718 gen_vfp_slto(dp, 32 - rm, 0);
3719 break;
3720 case 22: /* fuhto */
3721 if (!arm_dc_feature(s, ARM_FEATURE_VFP3)) {
3722 return 1;
3723 }
3724 gen_vfp_uhto(dp, 16 - rm, 0);
3725 break;
3726 case 23: /* fulto */
3727 if (!arm_dc_feature(s, ARM_FEATURE_VFP3)) {
3728 return 1;
3729 }
3730 gen_vfp_ulto(dp, 32 - rm, 0);
3731 break;
3732 case 24: /* ftoui */
3733 gen_vfp_toui(dp, 0);
3734 break;
3735 case 25: /* ftouiz */
3736 gen_vfp_touiz(dp, 0);
3737 break;
3738 case 26: /* ftosi */
3739 gen_vfp_tosi(dp, 0);
3740 break;
3741 case 27: /* ftosiz */
3742 gen_vfp_tosiz(dp, 0);
3743 break;
3744 case 28: /* ftosh */
3745 if (!arm_dc_feature(s, ARM_FEATURE_VFP3)) {
3746 return 1;
3747 }
3748 gen_vfp_tosh(dp, 16 - rm, 0);
3749 break;
3750 case 29: /* ftosl */
3751 if (!arm_dc_feature(s, ARM_FEATURE_VFP3)) {
3752 return 1;
3753 }
3754 gen_vfp_tosl(dp, 32 - rm, 0);
3755 break;
3756 case 30: /* ftouh */
3757 if (!arm_dc_feature(s, ARM_FEATURE_VFP3)) {
3758 return 1;
3759 }
3760 gen_vfp_touh(dp, 16 - rm, 0);
3761 break;
3762 case 31: /* ftoul */
3763 if (!arm_dc_feature(s, ARM_FEATURE_VFP3)) {
3764 return 1;
3765 }
3766 gen_vfp_toul(dp, 32 - rm, 0);
3767 break;
3768 default: /* undefined */
3769 return 1;
3770 }
3771 break;
3772 default: /* undefined */
3773 return 1;
3774 }
3775
3776 /* Write back the result. */
3777 if (op == 15 && (rn >= 8 && rn <= 11)) {
3778 /* Comparison, do nothing. */
3779 } else if (op == 15 && dp && ((rn & 0x1c) == 0x18 ||
3780 (rn & 0x1e) == 0x6)) {
3781 /* VCVT double to int: always integer result.
3782 * VCVT double to half precision is always a single
3783 * precision result.
3784 */
3785 gen_mov_vreg_F0(0, rd);
3786 } else if (op == 15 && rn == 15) {
3787 /* conversion */
3788 gen_mov_vreg_F0(!dp, rd);
3789 } else {
3790 gen_mov_vreg_F0(dp, rd);
3791 }
3792
3793 /* break out of the loop if we have finished */
3794 if (veclen == 0)
3795 break;
3796
3797 if (op == 15 && delta_m == 0) {
3798 /* single source one-many */
3799 while (veclen--) {
3800 rd = ((rd + delta_d) & (bank_mask - 1))
3801 | (rd & bank_mask);
3802 gen_mov_vreg_F0(dp, rd);
3803 }
3804 break;
3805 }
3806 /* Setup the next operands. */
3807 veclen--;
3808 rd = ((rd + delta_d) & (bank_mask - 1))
3809 | (rd & bank_mask);
3810
3811 if (op == 15) {
3812 /* One source operand. */
3813 rm = ((rm + delta_m) & (bank_mask - 1))
3814 | (rm & bank_mask);
3815 gen_mov_F0_vreg(dp, rm);
3816 } else {
3817 /* Two source operands. */
3818 rn = ((rn + delta_d) & (bank_mask - 1))
3819 | (rn & bank_mask);
3820 gen_mov_F0_vreg(dp, rn);
3821 if (delta_m) {
3822 rm = ((rm + delta_m) & (bank_mask - 1))
3823 | (rm & bank_mask);
3824 gen_mov_F1_vreg(dp, rm);
3825 }
3826 }
3827 }
3828 }
3829 break;
3830 case 0xc:
3831 case 0xd:
3832 if ((insn & 0x03e00000) == 0x00400000) {
3833 /* two-register transfer */
3834 rn = (insn >> 16) & 0xf;
3835 rd = (insn >> 12) & 0xf;
3836 if (dp) {
3837 VFP_DREG_M(rm, insn);
3838 } else {
3839 rm = VFP_SREG_M(insn);
3840 }
3841
3842 if (insn & ARM_CP_RW_BIT) {
3843 /* vfp->arm */
3844 if (dp) {
3845 gen_mov_F0_vreg(0, rm * 2);
3846 tmp = gen_vfp_mrs();
3847 store_reg(s, rd, tmp);
3848 gen_mov_F0_vreg(0, rm * 2 + 1);
3849 tmp = gen_vfp_mrs();
3850 store_reg(s, rn, tmp);
3851 } else {
3852 gen_mov_F0_vreg(0, rm);
3853 tmp = gen_vfp_mrs();
3854 store_reg(s, rd, tmp);
3855 gen_mov_F0_vreg(0, rm + 1);
3856 tmp = gen_vfp_mrs();
3857 store_reg(s, rn, tmp);
3858 }
3859 } else {
3860 /* arm->vfp */
3861 if (dp) {
3862 tmp = load_reg(s, rd);
3863 gen_vfp_msr(tmp);
3864 gen_mov_vreg_F0(0, rm * 2);
3865 tmp = load_reg(s, rn);
3866 gen_vfp_msr(tmp);
3867 gen_mov_vreg_F0(0, rm * 2 + 1);
3868 } else {
3869 tmp = load_reg(s, rd);
3870 gen_vfp_msr(tmp);
3871 gen_mov_vreg_F0(0, rm);
3872 tmp = load_reg(s, rn);
3873 gen_vfp_msr(tmp);
3874 gen_mov_vreg_F0(0, rm + 1);
3875 }
3876 }
3877 } else {
3878 /* Load/store */
3879 rn = (insn >> 16) & 0xf;
3880 if (dp)
3881 VFP_DREG_D(rd, insn);
3882 else
3883 rd = VFP_SREG_D(insn);
3884 if ((insn & 0x01200000) == 0x01000000) {
3885 /* Single load/store */
3886 offset = (insn & 0xff) << 2;
3887 if ((insn & (1 << 23)) == 0)
3888 offset = -offset;
3889 if (s->thumb && rn == 15) {
3890 /* This is actually UNPREDICTABLE */
3891 addr = tcg_temp_new_i32();
3892 tcg_gen_movi_i32(addr, s->pc & ~2);
3893 } else {
3894 addr = load_reg(s, rn);
3895 }
3896 tcg_gen_addi_i32(addr, addr, offset);
3897 if (insn & (1 << 20)) {
3898 gen_vfp_ld(s, dp, addr);
3899 gen_mov_vreg_F0(dp, rd);
3900 } else {
3901 gen_mov_F0_vreg(dp, rd);
3902 gen_vfp_st(s, dp, addr);
3903 }
3904 tcg_temp_free_i32(addr);
3905 } else {
3906 /* load/store multiple */
3907 int w = insn & (1 << 21);
3908 if (dp)
3909 n = (insn >> 1) & 0x7f;
3910 else
3911 n = insn & 0xff;
3912
3913 if (w && !(((insn >> 23) ^ (insn >> 24)) & 1)) {
3914 /* P == U , W == 1 => UNDEF */
3915 return 1;
3916 }
3917 if (n == 0 || (rd + n) > 32 || (dp && n > 16)) {
3918 /* UNPREDICTABLE cases for bad immediates: we choose to
3919 * UNDEF to avoid generating huge numbers of TCG ops
3920 */
3921 return 1;
3922 }
3923 if (rn == 15 && w) {
3924 /* writeback to PC is UNPREDICTABLE, we choose to UNDEF */
3925 return 1;
3926 }
3927
3928 if (s->thumb && rn == 15) {
3929 /* This is actually UNPREDICTABLE */
3930 addr = tcg_temp_new_i32();
3931 tcg_gen_movi_i32(addr, s->pc & ~2);
3932 } else {
3933 addr = load_reg(s, rn);
3934 }
3935 if (insn & (1 << 24)) /* pre-decrement */
3936 tcg_gen_addi_i32(addr, addr, -((insn & 0xff) << 2));
3937
3938 if (dp)
3939 offset = 8;
3940 else
3941 offset = 4;
3942 for (i = 0; i < n; i++) {
3943 if (insn & ARM_CP_RW_BIT) {
3944 /* load */
3945 gen_vfp_ld(s, dp, addr);
3946 gen_mov_vreg_F0(dp, rd + i);
3947 } else {
3948 /* store */
3949 gen_mov_F0_vreg(dp, rd + i);
3950 gen_vfp_st(s, dp, addr);
3951 }
3952 tcg_gen_addi_i32(addr, addr, offset);
3953 }
3954 if (w) {
3955 /* writeback */
3956 if (insn & (1 << 24))
3957 offset = -offset * n;
3958 else if (dp && (insn & 1))
3959 offset = 4;
3960 else
3961 offset = 0;
3962
3963 if (offset != 0)
3964 tcg_gen_addi_i32(addr, addr, offset);
3965 store_reg(s, rn, addr);
3966 } else {
3967 tcg_temp_free_i32(addr);
3968 }
3969 }
3970 }
3971 break;
3972 default:
3973 /* Should never happen. */
3974 return 1;
3975 }
3976 return 0;
3977 }
3978
3979 static inline void gen_goto_tb(DisasContext *s, int n, target_ulong dest)
3980 {
3981 TranslationBlock *tb;
3982
3983 tb = s->tb;
3984 if ((tb->pc & TARGET_PAGE_MASK) == (dest & TARGET_PAGE_MASK)) {
3985 tcg_gen_goto_tb(n);
3986 gen_set_pc_im(s, dest);
3987 tcg_gen_exit_tb((uintptr_t)tb + n);
3988 } else {
3989 gen_set_pc_im(s, dest);
3990 tcg_gen_exit_tb(0);
3991 }
3992 }
3993
3994 static inline void gen_jmp (DisasContext *s, uint32_t dest)
3995 {
3996 if (unlikely(s->singlestep_enabled || s->ss_active)) {
3997 /* An indirect jump so that we still trigger the debug exception. */
3998 if (s->thumb)
3999 dest |= 1;
4000 gen_bx_im(s, dest);
4001 } else {
4002 gen_goto_tb(s, 0, dest);
4003 s->is_jmp = DISAS_TB_JUMP;
4004 }
4005 }
4006
4007 static inline void gen_mulxy(TCGv_i32 t0, TCGv_i32 t1, int x, int y)
4008 {
4009 if (x)
4010 tcg_gen_sari_i32(t0, t0, 16);
4011 else
4012 gen_sxth(t0);
4013 if (y)
4014 tcg_gen_sari_i32(t1, t1, 16);
4015 else
4016 gen_sxth(t1);
4017 tcg_gen_mul_i32(t0, t0, t1);
4018 }
4019
4020 /* Return the mask of PSR bits set by a MSR instruction. */
4021 static uint32_t msr_mask(DisasContext *s, int flags, int spsr)
4022 {
4023 uint32_t mask;
4024
4025 mask = 0;
4026 if (flags & (1 << 0))
4027 mask |= 0xff;
4028 if (flags & (1 << 1))
4029 mask |= 0xff00;
4030 if (flags & (1 << 2))
4031 mask |= 0xff0000;
4032 if (flags & (1 << 3))
4033 mask |= 0xff000000;
4034
4035 /* Mask out undefined bits. */
4036 mask &= ~CPSR_RESERVED;
4037 if (!arm_dc_feature(s, ARM_FEATURE_V4T)) {
4038 mask &= ~CPSR_T;
4039 }
4040 if (!arm_dc_feature(s, ARM_FEATURE_V5)) {
4041 mask &= ~CPSR_Q; /* V5TE in reality*/
4042 }
4043 if (!arm_dc_feature(s, ARM_FEATURE_V6)) {
4044 mask &= ~(CPSR_E | CPSR_GE);
4045 }
4046 if (!arm_dc_feature(s, ARM_FEATURE_THUMB2)) {
4047 mask &= ~CPSR_IT;
4048 }
4049 /* Mask out execution state and reserved bits. */
4050 if (!spsr) {
4051 mask &= ~(CPSR_EXEC | CPSR_RESERVED);
4052 }
4053 /* Mask out privileged bits. */
4054 if (IS_USER(s))
4055 mask &= CPSR_USER;
4056 return mask;
4057 }
4058
4059 /* Returns nonzero if access to the PSR is not permitted. Marks t0 as dead. */
4060 static int gen_set_psr(DisasContext *s, uint32_t mask, int spsr, TCGv_i32 t0)
4061 {
4062 TCGv_i32 tmp;
4063 if (spsr) {
4064 /* ??? This is also undefined in system mode. */
4065 if (IS_USER(s))
4066 return 1;
4067
4068 tmp = load_cpu_field(spsr);
4069 tcg_gen_andi_i32(tmp, tmp, ~mask);
4070 tcg_gen_andi_i32(t0, t0, mask);
4071 tcg_gen_or_i32(tmp, tmp, t0);
4072 store_cpu_field(tmp, spsr);
4073 } else {
4074 gen_set_cpsr(t0, mask);
4075 }
4076 tcg_temp_free_i32(t0);
4077 gen_lookup_tb(s);
4078 return 0;
4079 }
4080
4081 /* Returns nonzero if access to the PSR is not permitted. */
4082 static int gen_set_psr_im(DisasContext *s, uint32_t mask, int spsr, uint32_t val)
4083 {
4084 TCGv_i32 tmp;
4085 tmp = tcg_temp_new_i32();
4086 tcg_gen_movi_i32(tmp, val);
4087 return gen_set_psr(s, mask, spsr, tmp);
4088 }
4089
4090 /* Generate an old-style exception return. Marks pc as dead. */
4091 static void gen_exception_return(DisasContext *s, TCGv_i32 pc)
4092 {
4093 TCGv_i32 tmp;
4094 store_reg(s, 15, pc);
4095 tmp = load_cpu_field(spsr);
4096 gen_set_cpsr(tmp, CPSR_ERET_MASK);
4097 tcg_temp_free_i32(tmp);
4098 s->is_jmp = DISAS_JUMP;
4099 }
4100
4101 /* Generate a v6 exception return. Marks both values as dead. */
4102 static void gen_rfe(DisasContext *s, TCGv_i32 pc, TCGv_i32 cpsr)
4103 {
4104 gen_set_cpsr(cpsr, CPSR_ERET_MASK);
4105 tcg_temp_free_i32(cpsr);
4106 store_reg(s, 15, pc);
4107 s->is_jmp = DISAS_JUMP;
4108 }
4109
4110 static void gen_nop_hint(DisasContext *s, int val)
4111 {
4112 switch (val) {
4113 case 1: /* yield */
4114 gen_set_pc_im(s, s->pc);
4115 s->is_jmp = DISAS_YIELD;
4116 break;
4117 case 3: /* wfi */
4118 gen_set_pc_im(s, s->pc);
4119 s->is_jmp = DISAS_WFI;
4120 break;
4121 case 2: /* wfe */
4122 gen_set_pc_im(s, s->pc);
4123 s->is_jmp = DISAS_WFE;
4124 break;
4125 case 4: /* sev */
4126 case 5: /* sevl */
4127 /* TODO: Implement SEV, SEVL and WFE. May help SMP performance. */
4128 default: /* nop */
4129 break;
4130 }
4131 }
4132
4133 #define CPU_V001 cpu_V0, cpu_V0, cpu_V1
4134
4135 static inline void gen_neon_add(int size, TCGv_i32 t0, TCGv_i32 t1)
4136 {
4137 switch (size) {
4138 case 0: gen_helper_neon_add_u8(t0, t0, t1); break;
4139 case 1: gen_helper_neon_add_u16(t0, t0, t1); break;
4140 case 2: tcg_gen_add_i32(t0, t0, t1); break;
4141 default: abort();
4142 }
4143 }
4144
4145 static inline void gen_neon_rsb(int size, TCGv_i32 t0, TCGv_i32 t1)
4146 {
4147 switch (size) {
4148 case 0: gen_helper_neon_sub_u8(t0, t1, t0); break;
4149 case 1: gen_helper_neon_sub_u16(t0, t1, t0); break;
4150 case 2: tcg_gen_sub_i32(t0, t1, t0); break;
4151 default: return;
4152 }
4153 }
4154
4155 /* 32-bit pairwise ops end up the same as the elementwise versions. */
4156 #define gen_helper_neon_pmax_s32 gen_helper_neon_max_s32
4157 #define gen_helper_neon_pmax_u32 gen_helper_neon_max_u32
4158 #define gen_helper_neon_pmin_s32 gen_helper_neon_min_s32
4159 #define gen_helper_neon_pmin_u32 gen_helper_neon_min_u32
4160
4161 #define GEN_NEON_INTEGER_OP_ENV(name) do { \
4162 switch ((size << 1) | u) { \
4163 case 0: \
4164 gen_helper_neon_##name##_s8(tmp, cpu_env, tmp, tmp2); \
4165 break; \
4166 case 1: \
4167 gen_helper_neon_##name##_u8(tmp, cpu_env, tmp, tmp2); \
4168 break; \
4169 case 2: \
4170 gen_helper_neon_##name##_s16(tmp, cpu_env, tmp, tmp2); \
4171 break; \
4172 case 3: \
4173 gen_helper_neon_##name##_u16(tmp, cpu_env, tmp, tmp2); \
4174 break; \
4175 case 4: \
4176 gen_helper_neon_##name##_s32(tmp, cpu_env, tmp, tmp2); \
4177 break; \
4178 case 5: \
4179 gen_helper_neon_##name##_u32(tmp, cpu_env, tmp, tmp2); \
4180 break; \
4181 default: return 1; \
4182 }} while (0)
4183
4184 #define GEN_NEON_INTEGER_OP(name) do { \
4185 switch ((size << 1) | u) { \
4186 case 0: \
4187 gen_helper_neon_##name##_s8(tmp, tmp, tmp2); \
4188 break; \
4189 case 1: \
4190 gen_helper_neon_##name##_u8(tmp, tmp, tmp2); \
4191 break; \
4192 case 2: \
4193 gen_helper_neon_##name##_s16(tmp, tmp, tmp2); \
4194 break; \
4195 case 3: \
4196 gen_helper_neon_##name##_u16(tmp, tmp, tmp2); \
4197 break; \
4198 case 4: \
4199 gen_helper_neon_##name##_s32(tmp, tmp, tmp2); \
4200 break; \
4201 case 5: \
4202 gen_helper_neon_##name##_u32(tmp, tmp, tmp2); \
4203 break; \
4204 default: return 1; \
4205 }} while (0)
4206
4207 static TCGv_i32 neon_load_scratch(int scratch)
4208 {
4209 TCGv_i32 tmp = tcg_temp_new_i32();
4210 tcg_gen_ld_i32(tmp, cpu_env, offsetof(CPUARMState, vfp.scratch[scratch]));
4211 return tmp;
4212 }
4213
4214 static void neon_store_scratch(int scratch, TCGv_i32 var)
4215 {
4216 tcg_gen_st_i32(var, cpu_env, offsetof(CPUARMState, vfp.scratch[scratch]));
4217 tcg_temp_free_i32(var);
4218 }
4219
4220 static inline TCGv_i32 neon_get_scalar(int size, int reg)
4221 {
4222 TCGv_i32 tmp;
4223 if (size == 1) {
4224 tmp = neon_load_reg(reg & 7, reg >> 4);
4225 if (reg & 8) {
4226 gen_neon_dup_high16(tmp);
4227 } else {
4228 gen_neon_dup_low16(tmp);
4229 }
4230 } else {
4231 tmp = neon_load_reg(reg & 15, reg >> 4);
4232 }
4233 return tmp;
4234 }
4235
4236 static int gen_neon_unzip(int rd, int rm, int size, int q)
4237 {
4238 TCGv_i32 tmp, tmp2;
4239 if (!q && size == 2) {
4240 return 1;
4241 }
4242 tmp = tcg_const_i32(rd);
4243 tmp2 = tcg_const_i32(rm);
4244 if (q) {
4245 switch (size) {
4246 case 0:
4247 gen_helper_neon_qunzip8(cpu_env, tmp, tmp2);
4248 break;
4249 case 1:
4250 gen_helper_neon_qunzip16(cpu_env, tmp, tmp2);
4251 break;
4252 case 2:
4253 gen_helper_neon_qunzip32(cpu_env, tmp, tmp2);
4254 break;
4255 default:
4256 abort();
4257 }
4258 } else {
4259 switch (size) {
4260 case 0:
4261 gen_helper_neon_unzip8(cpu_env, tmp, tmp2);
4262 break;
4263 case 1:
4264 gen_helper_neon_unzip16(cpu_env, tmp, tmp2);
4265 break;
4266 default:
4267 abort();
4268 }
4269 }
4270 tcg_temp_free_i32(tmp);
4271 tcg_temp_free_i32(tmp2);
4272 return 0;
4273 }
4274
4275 static int gen_neon_zip(int rd, int rm, int size, int q)
4276 {
4277 TCGv_i32 tmp, tmp2;
4278 if (!q && size == 2) {
4279 return 1;
4280 }
4281 tmp = tcg_const_i32(rd);
4282 tmp2 = tcg_const_i32(rm);
4283 if (q) {
4284 switch (size) {
4285 case 0:
4286 gen_helper_neon_qzip8(cpu_env, tmp, tmp2);
4287 break;
4288 case 1:
4289 gen_helper_neon_qzip16(cpu_env, tmp, tmp2);
4290 break;
4291 case 2:
4292 gen_helper_neon_qzip32(cpu_env, tmp, tmp2);
4293 break;
4294 default:
4295 abort();
4296 }
4297 } else {
4298 switch (size) {
4299 case 0:
4300 gen_helper_neon_zip8(cpu_env, tmp, tmp2);
4301 break;
4302 case 1:
4303 gen_helper_neon_zip16(cpu_env, tmp, tmp2);
4304 break;
4305 default:
4306 abort();
4307 }
4308 }
4309 tcg_temp_free_i32(tmp);
4310 tcg_temp_free_i32(tmp2);
4311 return 0;
4312 }
4313
4314 static void gen_neon_trn_u8(TCGv_i32 t0, TCGv_i32 t1)
4315 {
4316 TCGv_i32 rd, tmp;
4317
4318 rd = tcg_temp_new_i32();
4319 tmp = tcg_temp_new_i32();
4320
4321 tcg_gen_shli_i32(rd, t0, 8);
4322 tcg_gen_andi_i32(rd, rd, 0xff00ff00);
4323 tcg_gen_andi_i32(tmp, t1, 0x00ff00ff);
4324 tcg_gen_or_i32(rd, rd, tmp);
4325
4326 tcg_gen_shri_i32(t1, t1, 8);
4327 tcg_gen_andi_i32(t1, t1, 0x00ff00ff);
4328 tcg_gen_andi_i32(tmp, t0, 0xff00ff00);
4329 tcg_gen_or_i32(t1, t1, tmp);
4330 tcg_gen_mov_i32(t0, rd);
4331
4332 tcg_temp_free_i32(tmp);
4333 tcg_temp_free_i32(rd);
4334 }
4335
4336 static void gen_neon_trn_u16(TCGv_i32 t0, TCGv_i32 t1)
4337 {
4338 TCGv_i32 rd, tmp;
4339
4340 rd = tcg_temp_new_i32();
4341 tmp = tcg_temp_new_i32();
4342
4343 tcg_gen_shli_i32(rd, t0, 16);
4344 tcg_gen_andi_i32(tmp, t1, 0xffff);
4345 tcg_gen_or_i32(rd, rd, tmp);
4346 tcg_gen_shri_i32(t1, t1, 16);
4347 tcg_gen_andi_i32(tmp, t0, 0xffff0000);
4348 tcg_gen_or_i32(t1, t1, tmp);
4349 tcg_gen_mov_i32(t0, rd);
4350
4351 tcg_temp_free_i32(tmp);
4352 tcg_temp_free_i32(rd);
4353 }
4354
4355
4356 static struct {
4357 int nregs;
4358 int interleave;
4359 int spacing;
4360 } neon_ls_element_type[11] = {
4361 {4, 4, 1},
4362 {4, 4, 2},
4363 {4, 1, 1},
4364 {4, 2, 1},
4365 {3, 3, 1},
4366 {3, 3, 2},
4367 {3, 1, 1},
4368 {1, 1, 1},
4369 {2, 2, 1},
4370 {2, 2, 2},
4371 {2, 1, 1}
4372 };
4373
4374 /* Translate a NEON load/store element instruction. Return nonzero if the
4375 instruction is invalid. */
4376 static int disas_neon_ls_insn(DisasContext *s, uint32_t insn)
4377 {
4378 int rd, rn, rm;
4379 int op;
4380 int nregs;
4381 int interleave;
4382 int spacing;
4383 int stride;
4384 int size;
4385 int reg;
4386 int pass;
4387 int load;
4388 int shift;
4389 int n;
4390 TCGv_i32 addr;
4391 TCGv_i32 tmp;
4392 TCGv_i32 tmp2;
4393 TCGv_i64 tmp64;
4394
4395 /* FIXME: this access check should not take precedence over UNDEF
4396 * for invalid encodings; we will generate incorrect syndrome information
4397 * for attempts to execute invalid vfp/neon encodings with FP disabled.
4398 */
4399 if (s->fp_excp_el) {
4400 gen_exception_insn(s, 4, EXCP_UDEF,
4401 syn_fp_access_trap(1, 0xe, s->thumb), s->fp_excp_el);
4402 return 0;
4403 }
4404
4405 if (!s->vfp_enabled)
4406 return 1;
4407 VFP_DREG_D(rd, insn);
4408 rn = (insn >> 16) & 0xf;
4409 rm = insn & 0xf;
4410 load = (insn & (1 << 21)) != 0;
4411 if ((insn & (1 << 23)) == 0) {
4412 /* Load store all elements. */
4413 op = (insn >> 8) & 0xf;
4414 size = (insn >> 6) & 3;
4415 if (op > 10)
4416 return 1;
4417 /* Catch UNDEF cases for bad values of align field */
4418 switch (op & 0xc) {
4419 case 4:
4420 if (((insn >> 5) & 1) == 1) {
4421 return 1;
4422 }
4423 break;
4424 case 8:
4425 if (((insn >> 4) & 3) == 3) {
4426 return 1;
4427 }
4428 break;
4429 default:
4430 break;
4431 }
4432 nregs = neon_ls_element_type[op].nregs;
4433 interleave = neon_ls_element_type[op].interleave;
4434 spacing = neon_ls_element_type[op].spacing;
4435 if (size == 3 && (interleave | spacing) != 1)
4436 return 1;
4437 addr = tcg_temp_new_i32();
4438 load_reg_var(s, addr, rn);
4439 stride = (1 << size) * interleave;
4440 for (reg = 0; reg < nregs; reg++) {
4441 if (interleave > 2 || (interleave == 2 && nregs == 2)) {
4442 load_reg_var(s, addr, rn);
4443 tcg_gen_addi_i32(addr, addr, (1 << size) * reg);
4444 } else if (interleave == 2 && nregs == 4 && reg == 2) {
4445 load_reg_var(s, addr, rn);
4446 tcg_gen_addi_i32(addr, addr, 1 << size);
4447 }
4448 if (size == 3) {
4449 tmp64 = tcg_temp_new_i64();
4450 if (load) {
4451 gen_aa32_ld64(tmp64, addr, get_mem_index(s));
4452 neon_store_reg64(tmp64, rd);
4453 } else {
4454 neon_load_reg64(tmp64, rd);
4455 gen_aa32_st64(tmp64, addr, get_mem_index(s));
4456 }
4457 tcg_temp_free_i64(tmp64);
4458 tcg_gen_addi_i32(addr, addr, stride);
4459 } else {
4460 for (pass = 0; pass < 2; pass++) {
4461 if (size == 2) {
4462 if (load) {
4463 tmp = tcg_temp_new_i32();
4464 gen_aa32_ld32u(tmp, addr, get_mem_index(s));
4465 neon_store_reg(rd, pass, tmp);
4466 } else {
4467 tmp = neon_load_reg(rd, pass);
4468 gen_aa32_st32(tmp, addr, get_mem_index(s));
4469 tcg_temp_free_i32(tmp);
4470 }
4471 tcg_gen_addi_i32(addr, addr, stride);
4472 } else if (size == 1) {
4473 if (load) {
4474 tmp = tcg_temp_new_i32();
4475 gen_aa32_ld16u(tmp, addr, get_mem_index(s));
4476 tcg_gen_addi_i32(addr, addr, stride);
4477 tmp2 = tcg_temp_new_i32();
4478 gen_aa32_ld16u(tmp2, addr, get_mem_index(s));
4479 tcg_gen_addi_i32(addr, addr, stride);
4480 tcg_gen_shli_i32(tmp2, tmp2, 16);
4481 tcg_gen_or_i32(tmp, tmp, tmp2);
4482 tcg_temp_free_i32(tmp2);
4483 neon_store_reg(rd, pass, tmp);
4484 } else {
4485 tmp = neon_load_reg(rd, pass);
4486 tmp2 = tcg_temp_new_i32();
4487 tcg_gen_shri_i32(tmp2, tmp, 16);
4488 gen_aa32_st16(tmp, addr, get_mem_index(s));
4489 tcg_temp_free_i32(tmp);
4490 tcg_gen_addi_i32(addr, addr, stride);
4491 gen_aa32_st16(tmp2, addr, get_mem_index(s));
4492 tcg_temp_free_i32(tmp2);
4493 tcg_gen_addi_i32(addr, addr, stride);
4494 }
4495 } else /* size == 0 */ {
4496 if (load) {
4497 TCGV_UNUSED_I32(tmp2);
4498 for (n = 0; n < 4; n++) {
4499 tmp = tcg_temp_new_i32();
4500 gen_aa32_ld8u(tmp, addr, get_mem_index(s));
4501 tcg_gen_addi_i32(addr, addr, stride);
4502 if (n == 0) {
4503 tmp2 = tmp;
4504 } else {
4505 tcg_gen_shli_i32(tmp, tmp, n * 8);
4506 tcg_gen_or_i32(tmp2, tmp2, tmp);
4507 tcg_temp_free_i32(tmp);
4508 }
4509 }
4510 neon_store_reg(rd, pass, tmp2);
4511 } else {
4512 tmp2 = neon_load_reg(rd, pass);
4513 for (n = 0; n < 4; n++) {
4514 tmp = tcg_temp_new_i32();
4515 if (n == 0) {
4516 tcg_gen_mov_i32(tmp, tmp2);
4517 } else {
4518 tcg_gen_shri_i32(tmp, tmp2, n * 8);
4519 }
4520 gen_aa32_st8(tmp, addr, get_mem_index(s));
4521 tcg_temp_free_i32(tmp);
4522 tcg_gen_addi_i32(addr, addr, stride);
4523 }
4524 tcg_temp_free_i32(tmp2);
4525 }
4526 }
4527 }
4528 }
4529 rd += spacing;
4530 }
4531 tcg_temp_free_i32(addr);
4532 stride = nregs * 8;
4533 } else {
4534 size = (insn >> 10) & 3;
4535 if (size == 3) {
4536 /* Load single element to all lanes. */
4537 int a = (insn >> 4) & 1;
4538 if (!load) {
4539 return 1;
4540 }
4541 size = (insn >> 6) & 3;
4542 nregs = ((insn >> 8) & 3) + 1;
4543
4544 if (size == 3) {
4545 if (nregs != 4 || a == 0) {
4546 return 1;
4547 }
4548 /* For VLD4 size==3 a == 1 means 32 bits at 16 byte alignment */
4549 size = 2;
4550 }
4551 if (nregs == 1 && a == 1 && size == 0) {
4552 return 1;
4553 }
4554 if (nregs == 3 && a == 1) {
4555 return 1;
4556 }
4557 addr = tcg_temp_new_i32();
4558 load_reg_var(s, addr, rn);
4559 if (nregs == 1) {
4560 /* VLD1 to all lanes: bit 5 indicates how many Dregs to write */
4561 tmp = gen_load_and_replicate(s, addr, size);
4562 tcg_gen_st_i32(tmp, cpu_env, neon_reg_offset(rd, 0));
4563 tcg_gen_st_i32(tmp, cpu_env, neon_reg_offset(rd, 1));
4564 if (insn & (1 << 5)) {
4565 tcg_gen_st_i32(tmp, cpu_env, neon_reg_offset(rd + 1, 0));
4566 tcg_gen_st_i32(tmp, cpu_env, neon_reg_offset(rd + 1, 1));
4567 }
4568 tcg_temp_free_i32(tmp);
4569 } else {
4570 /* VLD2/3/4 to all lanes: bit 5 indicates register stride */
4571 stride = (insn & (1 << 5)) ? 2 : 1;
4572 for (reg = 0; reg < nregs; reg++) {
4573 tmp = gen_load_and_replicate(s, addr, size);
4574 tcg_gen_st_i32(tmp, cpu_env, neon_reg_offset(rd, 0));
4575 tcg_gen_st_i32(tmp, cpu_env, neon_reg_offset(rd, 1));
4576 tcg_temp_free_i32(tmp);
4577 tcg_gen_addi_i32(addr, addr, 1 << size);
4578 rd += stride;
4579 }
4580 }
4581 tcg_temp_free_i32(addr);
4582 stride = (1 << size) * nregs;
4583 } else {
4584 /* Single element. */
4585 int idx = (insn >> 4) & 0xf;
4586 pass = (insn >> 7) & 1;
4587 switch (size) {
4588 case 0:
4589 shift = ((insn >> 5) & 3) * 8;
4590 stride = 1;
4591 break;
4592 case 1:
4593 shift = ((insn >> 6) & 1) * 16;
4594 stride = (insn & (1 << 5)) ? 2 : 1;
4595 break;
4596 case 2:
4597 shift = 0;
4598 stride = (insn & (1 << 6)) ? 2 : 1;
4599 break;
4600 default:
4601 abort();
4602 }
4603 nregs = ((insn >> 8) & 3) + 1;
4604 /* Catch the UNDEF cases. This is unavoidably a bit messy. */
4605 switch (nregs) {
4606 case 1:
4607 if (((idx & (1 << size)) != 0) ||
4608 (size == 2 && ((idx & 3) == 1 || (idx & 3) == 2))) {
4609 return 1;
4610 }
4611 break;
4612 case 3:
4613 if ((idx & 1) != 0) {
4614 return 1;
4615 }
4616 /* fall through */
4617 case 2:
4618 if (size == 2 && (idx & 2) != 0) {
4619 return 1;
4620 }
4621 break;
4622 case 4:
4623 if ((size == 2) && ((idx & 3) == 3)) {
4624 return 1;
4625 }
4626 break;
4627 default:
4628 abort();
4629 }
4630 if ((rd + stride * (nregs - 1)) > 31) {
4631 /* Attempts to write off the end of the register file
4632 * are UNPREDICTABLE; we choose to UNDEF because otherwise
4633 * the neon_load_reg() would write off the end of the array.
4634 */
4635 return 1;
4636 }
4637 addr = tcg_temp_new_i32();
4638 load_reg_var(s, addr, rn);
4639 for (reg = 0; reg < nregs; reg++) {
4640 if (load) {
4641 tmp = tcg_temp_new_i32();
4642 switch (size) {
4643 case 0:
4644 gen_aa32_ld8u(tmp, addr, get_mem_index(s));
4645 break;
4646 case 1:
4647 gen_aa32_ld16u(tmp, addr, get_mem_index(s));
4648 break;
4649 case 2:
4650 gen_aa32_ld32u(tmp, addr, get_mem_index(s));
4651 break;
4652 default: /* Avoid compiler warnings. */
4653 abort();
4654 }
4655 if (size != 2) {
4656 tmp2 = neon_load_reg(rd, pass);
4657 tcg_gen_deposit_i32(tmp, tmp2, tmp,
4658 shift, size ? 16 : 8);
4659 tcg_temp_free_i32(tmp2);
4660 }
4661 neon_store_reg(rd, pass, tmp);
4662 } else { /* Store */
4663 tmp = neon_load_reg(rd, pass);
4664 if (shift)
4665 tcg_gen_shri_i32(tmp, tmp, shift);
4666 switch (size) {
4667 case 0:
4668 gen_aa32_st8(tmp, addr, get_mem_index(s));
4669 break;
4670 case 1:
4671 gen_aa32_st16(tmp, addr, get_mem_index(s));
4672 break;
4673 case 2:
4674 gen_aa32_st32(tmp, addr, get_mem_index(s));
4675 break;
4676 }
4677 tcg_temp_free_i32(tmp);
4678 }
4679 rd += stride;
4680 tcg_gen_addi_i32(addr, addr, 1 << size);
4681 }
4682 tcg_temp_free_i32(addr);
4683 stride = nregs * (1 << size);
4684 }
4685 }
4686 if (rm != 15) {
4687 TCGv_i32 base;
4688
4689 base = load_reg(s, rn);
4690 if (rm == 13) {
4691 tcg_gen_addi_i32(base, base, stride);
4692 } else {
4693 TCGv_i32 index;
4694 index = load_reg(s, rm);
4695 tcg_gen_add_i32(base, base, index);
4696 tcg_temp_free_i32(index);
4697 }
4698 store_reg(s, rn, base);
4699 }
4700 return 0;
4701 }
4702
4703 /* Bitwise select. dest = c ? t : f. Clobbers T and F. */
4704 static void gen_neon_bsl(TCGv_i32 dest, TCGv_i32 t, TCGv_i32 f, TCGv_i32 c)
4705 {
4706 tcg_gen_and_i32(t, t, c);
4707 tcg_gen_andc_i32(f, f, c);
4708 tcg_gen_or_i32(dest, t, f);
4709 }
4710
4711 static inline void gen_neon_narrow(int size, TCGv_i32 dest, TCGv_i64 src)
4712 {
4713 switch (size) {
4714 case 0: gen_helper_neon_narrow_u8(dest, src); break;
4715 case 1: gen_helper_neon_narrow_u16(dest, src); break;
4716 case 2: tcg_gen_extrl_i64_i32(dest, src); break;
4717 default: abort();
4718 }
4719 }
4720
4721 static inline void gen_neon_narrow_sats(int size, TCGv_i32 dest, TCGv_i64 src)
4722 {
4723 switch (size) {
4724 case 0: gen_helper_neon_narrow_sat_s8(dest, cpu_env, src); break;
4725 case 1: gen_helper_neon_narrow_sat_s16(dest, cpu_env, src); break;
4726 case 2: gen_helper_neon_narrow_sat_s32(dest, cpu_env, src); break;
4727 default: abort();
4728 }
4729 }
4730
4731 static inline void gen_neon_narrow_satu(int size, TCGv_i32 dest, TCGv_i64 src)
4732 {
4733 switch (size) {
4734 case 0: gen_helper_neon_narrow_sat_u8(dest, cpu_env, src); break;
4735 case 1: gen_helper_neon_narrow_sat_u16(dest, cpu_env, src); break;
4736 case 2: gen_helper_neon_narrow_sat_u32(dest, cpu_env, src); break;
4737 default: abort();
4738 }
4739 }
4740
4741 static inline void gen_neon_unarrow_sats(int size, TCGv_i32 dest, TCGv_i64 src)
4742 {
4743 switch (size) {
4744 case 0: gen_helper_neon_unarrow_sat8(dest, cpu_env, src); break;
4745 case 1: gen_helper_neon_unarrow_sat16(dest, cpu_env, src); break;
4746 case 2: gen_helper_neon_unarrow_sat32(dest, cpu_env, src); break;
4747 default: abort();
4748 }
4749 }
4750
4751 static inline void gen_neon_shift_narrow(int size, TCGv_i32 var, TCGv_i32 shift,
4752 int q, int u)
4753 {
4754 if (q) {
4755 if (u) {
4756 switch (size) {
4757 case 1: gen_helper_neon_rshl_u16(var, var, shift); break;
4758 case 2: gen_helper_neon_rshl_u32(var, var, shift); break;
4759 default: abort();
4760 }
4761 } else {
4762 switch (size) {
4763 case 1: gen_helper_neon_rshl_s16(var, var, shift); break;
4764 case 2: gen_helper_neon_rshl_s32(var, var, shift); break;
4765 default: abort();
4766 }
4767 }
4768 } else {
4769 if (u) {
4770 switch (size) {
4771 case 1: gen_helper_neon_shl_u16(var, var, shift); break;
4772 case 2: gen_helper_neon_shl_u32(var, var, shift); break;
4773 default: abort();
4774 }
4775 } else {
4776 switch (size) {
4777 case 1: gen_helper_neon_shl_s16(var, var, shift); break;
4778 case 2: gen_helper_neon_shl_s32(var, var, shift); break;
4779 default: abort();
4780 }
4781 }
4782 }
4783 }
4784
4785 static inline void gen_neon_widen(TCGv_i64 dest, TCGv_i32 src, int size, int u)
4786 {
4787 if (u) {
4788 switch (size) {
4789 case 0: gen_helper_neon_widen_u8(dest, src); break;
4790 case 1: gen_helper_neon_widen_u16(dest, src); break;
4791 case 2: tcg_gen_extu_i32_i64(dest, src); break;
4792 default: abort();
4793 }
4794 } else {
4795 switch (size) {
4796 case 0: gen_helper_neon_widen_s8(dest, src); break;
4797 case 1: gen_helper_neon_widen_s16(dest, src); break;
4798 case 2: tcg_gen_ext_i32_i64(dest, src); break;
4799 default: abort();
4800 }
4801 }
4802 tcg_temp_free_i32(src);
4803 }
4804
4805 static inline void gen_neon_addl(int size)
4806 {
4807 switch (size) {
4808 case 0: gen_helper_neon_addl_u16(CPU_V001); break;
4809 case 1: gen_helper_neon_addl_u32(CPU_V001); break;
4810 case 2: tcg_gen_add_i64(CPU_V001); break;
4811 default: abort();
4812 }
4813 }
4814
4815 static inline void gen_neon_subl(int size)
4816 {
4817 switch (size) {
4818 case 0: gen_helper_neon_subl_u16(CPU_V001); break;
4819 case 1: gen_helper_neon_subl_u32(CPU_V001); break;
4820 case 2: tcg_gen_sub_i64(CPU_V001); break;
4821 default: abort();
4822 }
4823 }
4824
4825 static inline void gen_neon_negl(TCGv_i64 var, int size)
4826 {
4827 switch (size) {
4828 case 0: gen_helper_neon_negl_u16(var, var); break;
4829 case 1: gen_helper_neon_negl_u32(var, var); break;
4830 case 2:
4831 tcg_gen_neg_i64(var, var);
4832 break;
4833 default: abort();
4834 }
4835 }
4836
4837 static inline void gen_neon_addl_saturate(TCGv_i64 op0, TCGv_i64 op1, int size)
4838 {
4839 switch (size) {
4840 case 1: gen_helper_neon_addl_saturate_s32(op0, cpu_env, op0, op1); break;
4841 case 2: gen_helper_neon_addl_saturate_s64(op0, cpu_env, op0, op1); break;
4842 default: abort();
4843 }
4844 }
4845
4846 static inline void gen_neon_mull(TCGv_i64 dest, TCGv_i32 a, TCGv_i32 b,
4847 int size, int u)
4848 {
4849 TCGv_i64 tmp;
4850
4851 switch ((size << 1) | u) {
4852 case 0: gen_helper_neon_mull_s8(dest, a, b); break;
4853 case 1: gen_helper_neon_mull_u8(dest, a, b); break;
4854 case 2: gen_helper_neon_mull_s16(dest, a, b); break;
4855 case 3: gen_helper_neon_mull_u16(dest, a, b); break;
4856 case 4:
4857 tmp = gen_muls_i64_i32(a, b);
4858 tcg_gen_mov_i64(dest, tmp);
4859 tcg_temp_free_i64(tmp);
4860 break;
4861 case 5:
4862 tmp = gen_mulu_i64_i32(a, b);
4863 tcg_gen_mov_i64(dest, tmp);
4864 tcg_temp_free_i64(tmp);
4865 break;
4866 default: abort();
4867 }
4868
4869 /* gen_helper_neon_mull_[su]{8|16} do not free their parameters.
4870 Don't forget to clean them now. */
4871 if (size < 2) {
4872 tcg_temp_free_i32(a);
4873 tcg_temp_free_i32(b);
4874 }
4875 }
4876
4877 static void gen_neon_narrow_op(int op, int u, int size,
4878 TCGv_i32 dest, TCGv_i64 src)
4879 {
4880 if (op) {
4881 if (u) {
4882 gen_neon_unarrow_sats(size, dest, src);
4883 } else {
4884 gen_neon_narrow(size, dest, src);
4885 }
4886 } else {
4887 if (u) {
4888 gen_neon_narrow_satu(size, dest, src);
4889 } else {
4890 gen_neon_narrow_sats(size, dest, src);
4891 }
4892 }
4893 }
4894
4895 /* Symbolic constants for op fields for Neon 3-register same-length.
4896 * The values correspond to bits [11:8,4]; see the ARM ARM DDI0406B
4897 * table A7-9.
4898 */
4899 #define NEON_3R_VHADD 0
4900 #define NEON_3R_VQADD 1
4901 #define NEON_3R_VRHADD 2
4902 #define NEON_3R_LOGIC 3 /* VAND,VBIC,VORR,VMOV,VORN,VEOR,VBIF,VBIT,VBSL */
4903 #define NEON_3R_VHSUB 4
4904 #define NEON_3R_VQSUB 5
4905 #define NEON_3R_VCGT 6
4906 #define NEON_3R_VCGE 7
4907 #define NEON_3R_VSHL 8
4908 #define NEON_3R_VQSHL 9
4909 #define NEON_3R_VRSHL 10
4910 #define NEON_3R_VQRSHL 11
4911 #define NEON_3R_VMAX 12
4912 #define NEON_3R_VMIN 13
4913 #define NEON_3R_VABD 14
4914 #define NEON_3R_VABA 15
4915 #define NEON_3R_VADD_VSUB 16
4916 #define NEON_3R_VTST_VCEQ 17
4917 #define NEON_3R_VML 18 /* VMLA, VMLAL, VMLS, VMLSL */
4918 #define NEON_3R_VMUL 19
4919 #define NEON_3R_VPMAX 20
4920 #define NEON_3R_VPMIN 21
4921 #define NEON_3R_VQDMULH_VQRDMULH 22
4922 #define NEON_3R_VPADD 23
4923 #define NEON_3R_SHA 24 /* SHA1C,SHA1P,SHA1M,SHA1SU0,SHA256H{2},SHA256SU1 */
4924 #define NEON_3R_VFM 25 /* VFMA, VFMS : float fused multiply-add */
4925 #define NEON_3R_FLOAT_ARITH 26 /* float VADD, VSUB, VPADD, VABD */
4926 #define NEON_3R_FLOAT_MULTIPLY 27 /* float VMLA, VMLS, VMUL */
4927 #define NEON_3R_FLOAT_CMP 28 /* float VCEQ, VCGE, VCGT */
4928 #define NEON_3R_FLOAT_ACMP 29 /* float VACGE, VACGT, VACLE, VACLT */
4929 #define NEON_3R_FLOAT_MINMAX 30 /* float VMIN, VMAX */
4930 #define NEON_3R_FLOAT_MISC 31 /* float VRECPS, VRSQRTS, VMAXNM/MINNM */
4931
4932 static const uint8_t neon_3r_sizes[] = {
4933 [NEON_3R_VHADD] = 0x7,
4934 [NEON_3R_VQADD] = 0xf,
4935 [NEON_3R_VRHADD] = 0x7,
4936 [NEON_3R_LOGIC] = 0xf, /* size field encodes op type */
4937 [NEON_3R_VHSUB] = 0x7,
4938 [NEON_3R_VQSUB] = 0xf,
4939 [NEON_3R_VCGT] = 0x7,
4940 [NEON_3R_VCGE] = 0x7,
4941 [NEON_3R_VSHL] = 0xf,
4942 [NEON_3R_VQSHL] = 0xf,
4943 [NEON_3R_VRSHL] = 0xf,
4944 [NEON_3R_VQRSHL] = 0xf,
4945 [NEON_3R_VMAX] = 0x7,
4946 [NEON_3R_VMIN] = 0x7,
4947 [NEON_3R_VABD] = 0x7,
4948 [NEON_3R_VABA] = 0x7,
4949 [NEON_3R_VADD_VSUB] = 0xf,
4950 [NEON_3R_VTST_VCEQ] = 0x7,
4951 [NEON_3R_VML] = 0x7,
4952 [NEON_3R_VMUL] = 0x7,
4953 [NEON_3R_VPMAX] = 0x7,
4954 [NEON_3R_VPMIN] = 0x7,
4955 [NEON_3R_VQDMULH_VQRDMULH] = 0x6,
4956 [NEON_3R_VPADD] = 0x7,
4957 [NEON_3R_SHA] = 0xf, /* size field encodes op type */
4958 [NEON_3R_VFM] = 0x5, /* size bit 1 encodes op */
4959 [NEON_3R_FLOAT_ARITH] = 0x5, /* size bit 1 encodes op */
4960 [NEON_3R_FLOAT_MULTIPLY] = 0x5, /* size bit 1 encodes op */
4961 [NEON_3R_FLOAT_CMP] = 0x5, /* size bit 1 encodes op */
4962 [NEON_3R_FLOAT_ACMP] = 0x5, /* size bit 1 encodes op */
4963 [NEON_3R_FLOAT_MINMAX] = 0x5, /* size bit 1 encodes op */
4964 [NEON_3R_FLOAT_MISC] = 0x5, /* size bit 1 encodes op */
4965 };
4966
4967 /* Symbolic constants for op fields for Neon 2-register miscellaneous.
4968 * The values correspond to bits [17:16,10:7]; see the ARM ARM DDI0406B
4969 * table A7-13.
4970 */
4971 #define NEON_2RM_VREV64 0
4972 #define NEON_2RM_VREV32 1
4973 #define NEON_2RM_VREV16 2
4974 #define NEON_2RM_VPADDL 4
4975 #define NEON_2RM_VPADDL_U 5
4976 #define NEON_2RM_AESE 6 /* Includes AESD */
4977 #define NEON_2RM_AESMC 7 /* Includes AESIMC */
4978 #define NEON_2RM_VCLS 8
4979 #define NEON_2RM_VCLZ 9
4980 #define NEON_2RM_VCNT 10
4981 #define NEON_2RM_VMVN 11
4982 #define NEON_2RM_VPADAL 12
4983 #define NEON_2RM_VPADAL_U 13
4984 #define NEON_2RM_VQABS 14
4985 #define NEON_2RM_VQNEG 15
4986 #define NEON_2RM_VCGT0 16
4987 #define NEON_2RM_VCGE0 17
4988 #define NEON_2RM_VCEQ0 18
4989 #define NEON_2RM_VCLE0 19
4990 #define NEON_2RM_VCLT0 20
4991 #define NEON_2RM_SHA1H 21
4992 #define NEON_2RM_VABS 22
4993 #define NEON_2RM_VNEG 23
4994 #define NEON_2RM_VCGT0_F 24
4995 #define NEON_2RM_VCGE0_F 25
4996 #define NEON_2RM_VCEQ0_F 26
4997 #define NEON_2RM_VCLE0_F 27
4998 #define NEON_2RM_VCLT0_F 28
4999 #define NEON_2RM_VABS_F 30
5000 #define NEON_2RM_VNEG_F 31
5001 #define NEON_2RM_VSWP 32
5002 #define NEON_2RM_VTRN 33
5003 #define NEON_2RM_VUZP 34
5004 #define NEON_2RM_VZIP 35
5005 #define NEON_2RM_VMOVN 36 /* Includes VQMOVN, VQMOVUN */
5006 #define NEON_2RM_VQMOVN 37 /* Includes VQMOVUN */
5007 #define NEON_2RM_VSHLL 38
5008 #define NEON_2RM_SHA1SU1 39 /* Includes SHA256SU0 */
5009 #define NEON_2RM_VRINTN 40
5010 #define NEON_2RM_VRINTX 41
5011 #define NEON_2RM_VRINTA 42
5012 #define NEON_2RM_VRINTZ 43
5013 #define NEON_2RM_VCVT_F16_F32 44
5014 #define NEON_2RM_VRINTM 45
5015 #define NEON_2RM_VCVT_F32_F16 46
5016 #define NEON_2RM_VRINTP 47
5017 #define NEON_2RM_VCVTAU 48
5018 #define NEON_2RM_VCVTAS 49
5019 #define NEON_2RM_VCVTNU 50
5020 #define NEON_2RM_VCVTNS 51
5021 #define NEON_2RM_VCVTPU 52
5022 #define NEON_2RM_VCVTPS 53
5023 #define NEON_2RM_VCVTMU 54
5024 #define NEON_2RM_VCVTMS 55
5025 #define NEON_2RM_VRECPE 56
5026 #define NEON_2RM_VRSQRTE 57
5027 #define NEON_2RM_VRECPE_F 58
5028 #define NEON_2RM_VRSQRTE_F 59
5029 #define NEON_2RM_VCVT_FS 60
5030 #define NEON_2RM_VCVT_FU 61
5031 #define NEON_2RM_VCVT_SF 62
5032 #define NEON_2RM_VCVT_UF 63
5033
5034 static int neon_2rm_is_float_op(int op)
5035 {
5036 /* Return true if this neon 2reg-misc op is float-to-float */
5037 return (op == NEON_2RM_VABS_F || op == NEON_2RM_VNEG_F ||
5038 (op >= NEON_2RM_VRINTN && op <= NEON_2RM_VRINTZ) ||
5039 op == NEON_2RM_VRINTM ||
5040 (op >= NEON_2RM_VRINTP && op <= NEON_2RM_VCVTMS) ||
5041 op >= NEON_2RM_VRECPE_F);
5042 }
5043
5044 /* Each entry in this array has bit n set if the insn allows
5045 * size value n (otherwise it will UNDEF). Since unallocated
5046 * op values will have no bits set they always UNDEF.
5047 */
5048 static const uint8_t neon_2rm_sizes[] = {
5049 [NEON_2RM_VREV64] = 0x7,
5050 [NEON_2RM_VREV32] = 0x3,
5051 [NEON_2RM_VREV16] = 0x1,
5052 [NEON_2RM_VPADDL] = 0x7,
5053 [NEON_2RM_VPADDL_U] = 0x7,
5054 [NEON_2RM_AESE] = 0x1,
5055 [NEON_2RM_AESMC] = 0x1,
5056 [NEON_2RM_VCLS] = 0x7,
5057 [NEON_2RM_VCLZ] = 0x7,
5058 [NEON_2RM_VCNT] = 0x1,
5059 [NEON_2RM_VMVN] = 0x1,
5060 [NEON_2RM_VPADAL] = 0x7,
5061 [NEON_2RM_VPADAL_U] = 0x7,
5062 [NEON_2RM_VQABS] = 0x7,
5063 [NEON_2RM_VQNEG] = 0x7,
5064 [NEON_2RM_VCGT0] = 0x7,
5065 [NEON_2RM_VCGE0] = 0x7,
5066 [NEON_2RM_VCEQ0] = 0x7,
5067 [NEON_2RM_VCLE0] = 0x7,
5068 [NEON_2RM_VCLT0] = 0x7,
5069 [NEON_2RM_SHA1H] = 0x4,
5070 [NEON_2RM_VABS] = 0x7,
5071 [NEON_2RM_VNEG] = 0x7,
5072 [NEON_2RM_VCGT0_F] = 0x4,
5073 [NEON_2RM_VCGE0_F] = 0x4,
5074 [NEON_2RM_VCEQ0_F] = 0x4,
5075 [NEON_2RM_VCLE0_F] = 0x4,
5076 [NEON_2RM_VCLT0_F] = 0x4,
5077 [NEON_2RM_VABS_F] = 0x4,
5078 [NEON_2RM_VNEG_F] = 0x4,
5079 [NEON_2RM_VSWP] = 0x1,
5080 [NEON_2RM_VTRN] = 0x7,
5081 [NEON_2RM_VUZP] = 0x7,
5082 [NEON_2RM_VZIP] = 0x7,
5083 [NEON_2RM_VMOVN] = 0x7,
5084 [NEON_2RM_VQMOVN] = 0x7,
5085 [NEON_2RM_VSHLL] = 0x7,
5086 [NEON_2RM_SHA1SU1] = 0x4,
5087 [NEON_2RM_VRINTN] = 0x4,
5088 [NEON_2RM_VRINTX] = 0x4,
5089 [NEON_2RM_VRINTA] = 0x4,
5090 [NEON_2RM_VRINTZ] = 0x4,
5091 [NEON_2RM_VCVT_F16_F32] = 0x2,
5092 [NEON_2RM_VRINTM] = 0x4,
5093 [NEON_2RM_VCVT_F32_F16] = 0x2,
5094 [NEON_2RM_VRINTP] = 0x4,
5095 [NEON_2RM_VCVTAU] = 0x4,
5096 [NEON_2RM_VCVTAS] = 0x4,
5097 [NEON_2RM_VCVTNU] = 0x4,
5098 [NEON_2RM_VCVTNS] = 0x4,
5099 [NEON_2RM_VCVTPU] = 0x4,
5100 [NEON_2RM_VCVTPS] = 0x4,
5101 [NEON_2RM_VCVTMU] = 0x4,
5102 [NEON_2RM_VCVTMS] = 0x4,
5103 [NEON_2RM_VRECPE] = 0x4,
5104 [NEON_2RM_VRSQRTE] = 0x4,
5105 [NEON_2RM_VRECPE_F] = 0x4,
5106 [NEON_2RM_VRSQRTE_F] = 0x4,
5107 [NEON_2RM_VCVT_FS] = 0x4,
5108 [NEON_2RM_VCVT_FU] = 0x4,
5109 [NEON_2RM_VCVT_SF] = 0x4,
5110 [NEON_2RM_VCVT_UF] = 0x4,
5111 };
5112
5113 /* Translate a NEON data processing instruction. Return nonzero if the
5114 instruction is invalid.
5115 We process data in a mixture of 32-bit and 64-bit chunks.
5116 Mostly we use 32-bit chunks so we can use normal scalar instructions. */
5117
5118 static int disas_neon_data_insn(DisasContext *s, uint32_t insn)
5119 {
5120 int op;
5121 int q;
5122 int rd, rn, rm;
5123 int size;
5124 int shift;
5125 int pass;
5126 int count;
5127 int pairwise;
5128 int u;
5129 uint32_t imm, mask;
5130 TCGv_i32 tmp, tmp2, tmp3, tmp4, tmp5;
5131 TCGv_i64 tmp64;
5132
5133 /* FIXME: this access check should not take precedence over UNDEF
5134 * for invalid encodings; we will generate incorrect syndrome information
5135 * for attempts to execute invalid vfp/neon encodings with FP disabled.
5136 */
5137 if (s->fp_excp_el) {
5138 gen_exception_insn(s, 4, EXCP_UDEF,
5139 syn_fp_access_trap(1, 0xe, s->thumb), s->fp_excp_el);
5140 return 0;
5141 }
5142
5143 if (!s->vfp_enabled)
5144 return 1;
5145 q = (insn & (1 << 6)) != 0;
5146 u = (insn >> 24) & 1;
5147 VFP_DREG_D(rd, insn);
5148 VFP_DREG_N(rn, insn);
5149 VFP_DREG_M(rm, insn);
5150 size = (insn >> 20) & 3;
5151 if ((insn & (1 << 23)) == 0) {
5152 /* Three register same length. */
5153 op = ((insn >> 7) & 0x1e) | ((insn >> 4) & 1);
5154 /* Catch invalid op and bad size combinations: UNDEF */
5155 if ((neon_3r_sizes[op] & (1 << size)) == 0) {
5156 return 1;
5157 }
5158 /* All insns of this form UNDEF for either this condition or the
5159 * superset of cases "Q==1"; we catch the latter later.
5160 */
5161 if (q && ((rd | rn | rm) & 1)) {
5162 return 1;
5163 }
5164 /*
5165 * The SHA-1/SHA-256 3-register instructions require special treatment
5166 * here, as their size field is overloaded as an op type selector, and
5167 * they all consume their input in a single pass.
5168 */
5169 if (op == NEON_3R_SHA) {
5170 if (!q) {
5171 return 1;
5172 }
5173 if (!u) { /* SHA-1 */
5174 if (!arm_dc_feature(s, ARM_FEATURE_V8_SHA1)) {
5175 return 1;
5176 }
5177 tmp = tcg_const_i32(rd);
5178 tmp2 = tcg_const_i32(rn);
5179 tmp3 = tcg_const_i32(rm);
5180 tmp4 = tcg_const_i32(size);
5181 gen_helper_crypto_sha1_3reg(cpu_env, tmp, tmp2, tmp3, tmp4);
5182 tcg_temp_free_i32(tmp4);
5183 } else { /* SHA-256 */
5184 if (!arm_dc_feature(s, ARM_FEATURE_V8_SHA256) || size == 3) {
5185 return 1;
5186 }
5187 tmp = tcg_const_i32(rd);
5188 tmp2 = tcg_const_i32(rn);
5189 tmp3 = tcg_const_i32(rm);
5190 switch (size) {
5191 case 0:
5192 gen_helper_crypto_sha256h(cpu_env, tmp, tmp2, tmp3);
5193 break;
5194 case 1:
5195 gen_helper_crypto_sha256h2(cpu_env, tmp, tmp2, tmp3);
5196 break;
5197 case 2:
5198 gen_helper_crypto_sha256su1(cpu_env, tmp, tmp2, tmp3);
5199 break;
5200 }
5201 }
5202 tcg_temp_free_i32(tmp);
5203 tcg_temp_free_i32(tmp2);
5204 tcg_temp_free_i32(tmp3);
5205 return 0;
5206 }
5207 if (size == 3 && op != NEON_3R_LOGIC) {
5208 /* 64-bit element instructions. */
5209 for (pass = 0; pass < (q ? 2 : 1); pass++) {
5210 neon_load_reg64(cpu_V0, rn + pass);
5211 neon_load_reg64(cpu_V1, rm + pass);
5212 switch (op) {
5213 case NEON_3R_VQADD:
5214 if (u) {
5215 gen_helper_neon_qadd_u64(cpu_V0, cpu_env,
5216 cpu_V0, cpu_V1);
5217 } else {
5218 gen_helper_neon_qadd_s64(cpu_V0, cpu_env,
5219 cpu_V0, cpu_V1);
5220 }
5221 break;
5222 case NEON_3R_VQSUB:
5223 if (u) {
5224 gen_helper_neon_qsub_u64(cpu_V0, cpu_env,
5225 cpu_V0, cpu_V1);
5226 } else {
5227 gen_helper_neon_qsub_s64(cpu_V0, cpu_env,
5228 cpu_V0, cpu_V1);
5229 }
5230 break;
5231 case NEON_3R_VSHL:
5232 if (u) {
5233 gen_helper_neon_shl_u64(cpu_V0, cpu_V1, cpu_V0);
5234 } else {
5235 gen_helper_neon_shl_s64(cpu_V0, cpu_V1, cpu_V0);
5236 }
5237 break;
5238 case NEON_3R_VQSHL:
5239 if (u) {
5240 gen_helper_neon_qshl_u64(cpu_V0, cpu_env,
5241 cpu_V1, cpu_V0);
5242 } else {
5243 gen_helper_neon_qshl_s64(cpu_V0, cpu_env,
5244 cpu_V1, cpu_V0);
5245 }
5246 break;
5247 case NEON_3R_VRSHL:
5248 if (u) {
5249 gen_helper_neon_rshl_u64(cpu_V0, cpu_V1, cpu_V0);
5250 } else {
5251 gen_helper_neon_rshl_s64(cpu_V0, cpu_V1, cpu_V0);
5252 }
5253 break;
5254 case NEON_3R_VQRSHL:
5255 if (u) {
5256 gen_helper_neon_qrshl_u64(cpu_V0, cpu_env,
5257 cpu_V1, cpu_V0);
5258 } else {
5259 gen_helper_neon_qrshl_s64(cpu_V0, cpu_env,
5260 cpu_V1, cpu_V0);
5261 }
5262 break;
5263 case NEON_3R_VADD_VSUB:
5264 if (u) {
5265 tcg_gen_sub_i64(CPU_V001);
5266 } else {
5267 tcg_gen_add_i64(CPU_V001);
5268 }
5269 break;
5270 default:
5271 abort();
5272 }
5273 neon_store_reg64(cpu_V0, rd + pass);
5274 }
5275 return 0;
5276 }
5277 pairwise = 0;
5278 switch (op) {
5279 case NEON_3R_VSHL:
5280 case NEON_3R_VQSHL:
5281 case NEON_3R_VRSHL:
5282 case NEON_3R_VQRSHL:
5283 {
5284 int rtmp;
5285 /* Shift instruction operands are reversed. */
5286 rtmp = rn;
5287 rn = rm;
5288 rm = rtmp;
5289 }
5290 break;
5291 case NEON_3R_VPADD:
5292 if (u) {
5293 return 1;
5294 }
5295 /* Fall through */
5296 case NEON_3R_VPMAX:
5297 case NEON_3R_VPMIN:
5298 pairwise = 1;
5299 break;
5300 case NEON_3R_FLOAT_ARITH:
5301 pairwise = (u && size < 2); /* if VPADD (float) */
5302 break;
5303 case NEON_3R_FLOAT_MINMAX:
5304 pairwise = u; /* if VPMIN/VPMAX (float) */
5305 break;
5306 case NEON_3R_FLOAT_CMP:
5307 if (!u && size) {
5308 /* no encoding for U=0 C=1x */
5309 return 1;
5310 }
5311 break;
5312 case NEON_3R_FLOAT_ACMP:
5313 if (!u) {
5314 return 1;
5315 }
5316 break;
5317 case NEON_3R_FLOAT_MISC:
5318 /* VMAXNM/VMINNM in ARMv8 */
5319 if (u && !arm_dc_feature(s, ARM_FEATURE_V8)) {
5320 return 1;
5321 }
5322 break;
5323 case NEON_3R_VMUL:
5324 if (u && (size != 0)) {
5325 /* UNDEF on invalid size for polynomial subcase */
5326 return 1;
5327 }
5328 break;
5329 case NEON_3R_VFM:
5330 if (!arm_dc_feature(s, ARM_FEATURE_VFP4) || u) {
5331 return 1;
5332 }
5333 break;
5334 default:
5335 break;
5336 }
5337
5338 if (pairwise && q) {
5339 /* All the pairwise insns UNDEF if Q is set */
5340 return 1;
5341 }
5342
5343 for (pass = 0; pass < (q ? 4 : 2); pass++) {
5344
5345 if (pairwise) {
5346 /* Pairwise. */
5347 if (pass < 1) {
5348 tmp = neon_load_reg(rn, 0);
5349 tmp2 = neon_load_reg(rn, 1);
5350 } else {
5351 tmp = neon_load_reg(rm, 0);
5352 tmp2 = neon_load_reg(rm, 1);
5353 }
5354 } else {
5355 /* Elementwise. */
5356 tmp = neon_load_reg(rn, pass);
5357 tmp2 = neon_load_reg(rm, pass);
5358 }
5359 switch (op) {
5360 case NEON_3R_VHADD:
5361 GEN_NEON_INTEGER_OP(hadd);
5362 break;
5363 case NEON_3R_VQADD:
5364 GEN_NEON_INTEGER_OP_ENV(qadd);
5365 break;
5366 case NEON_3R_VRHADD:
5367 GEN_NEON_INTEGER_OP(rhadd);
5368 break;
5369 case NEON_3R_LOGIC: /* Logic ops. */
5370 switch ((u << 2) | size) {
5371 case 0: /* VAND */
5372 tcg_gen_and_i32(tmp, tmp, tmp2);
5373 break;
5374 case 1: /* BIC */
5375 tcg_gen_andc_i32(tmp, tmp, tmp2);
5376 break;
5377 case 2: /* VORR */
5378 tcg_gen_or_i32(tmp, tmp, tmp2);
5379 break;
5380 case 3: /* VORN */
5381 tcg_gen_orc_i32(tmp, tmp, tmp2);
5382 break;
5383 case 4: /* VEOR */
5384 tcg_gen_xor_i32(tmp, tmp, tmp2);
5385 break;
5386 case 5: /* VBSL */
5387 tmp3 = neon_load_reg(rd, pass);
5388 gen_neon_bsl(tmp, tmp, tmp2, tmp3);
5389 tcg_temp_free_i32(tmp3);
5390 break;
5391 case 6: /* VBIT */
5392 tmp3 = neon_load_reg(rd, pass);
5393 gen_neon_bsl(tmp, tmp, tmp3, tmp2);
5394 tcg_temp_free_i32(tmp3);
5395 break;
5396 case 7: /* VBIF */
5397 tmp3 = neon_load_reg(rd, pass);
5398 gen_neon_bsl(tmp, tmp3, tmp, tmp2);
5399 tcg_temp_free_i32(tmp3);
5400 break;
5401 }
5402 break;
5403 case NEON_3R_VHSUB:
5404 GEN_NEON_INTEGER_OP(hsub);
5405 break;
5406 case NEON_3R_VQSUB:
5407 GEN_NEON_INTEGER_OP_ENV(qsub);
5408 break;
5409 case NEON_3R_VCGT:
5410 GEN_NEON_INTEGER_OP(cgt);
5411 break;
5412 case NEON_3R_VCGE:
5413 GEN_NEON_INTEGER_OP(cge);
5414 break;
5415 case NEON_3R_VSHL:
5416 GEN_NEON_INTEGER_OP(shl);
5417 break;
5418 case NEON_3R_VQSHL:
5419 GEN_NEON_INTEGER_OP_ENV(qshl);
5420 break;
5421 case NEON_3R_VRSHL:
5422 GEN_NEON_INTEGER_OP(rshl);
5423 break;
5424 case NEON_3R_VQRSHL:
5425 GEN_NEON_INTEGER_OP_ENV(qrshl);
5426 break;
5427 case NEON_3R_VMAX:
5428 GEN_NEON_INTEGER_OP(max);
5429 break;
5430 case NEON_3R_VMIN:
5431 GEN_NEON_INTEGER_OP(min);
5432 break;
5433 case NEON_3R_VABD:
5434 GEN_NEON_INTEGER_OP(abd);
5435 break;
5436 case NEON_3R_VABA:
5437 GEN_NEON_INTEGER_OP(abd);
5438 tcg_temp_free_i32(tmp2);
5439 tmp2 = neon_load_reg(rd, pass);
5440 gen_neon_add(size, tmp, tmp2);
5441 break;
5442 case NEON_3R_VADD_VSUB:
5443 if (!u) { /* VADD */
5444 gen_neon_add(size, tmp, tmp2);
5445 } else { /* VSUB */
5446 switch (size) {
5447 case 0: gen_helper_neon_sub_u8(tmp, tmp, tmp2); break;
5448 case 1: gen_helper_neon_sub_u16(tmp, tmp, tmp2); break;
5449 case 2: tcg_gen_sub_i32(tmp, tmp, tmp2); break;
5450 default: abort();
5451 }
5452 }
5453 break;
5454 case NEON_3R_VTST_VCEQ:
5455 if (!u) { /* VTST */
5456 switch (size) {
5457 case 0: gen_helper_neon_tst_u8(tmp, tmp, tmp2); break;
5458 case 1: gen_helper_neon_tst_u16(tmp, tmp, tmp2); break;
5459 case 2: gen_helper_neon_tst_u32(tmp, tmp, tmp2); break;
5460 default: abort();
5461 }
5462 } else { /* VCEQ */
5463 switch (size) {
5464 case 0: gen_helper_neon_ceq_u8(tmp, tmp, tmp2); break;
5465 case 1: gen_helper_neon_ceq_u16(tmp, tmp, tmp2); break;
5466 case 2: gen_helper_neon_ceq_u32(tmp, tmp, tmp2); break;
5467 default: abort();
5468 }
5469 }
5470 break;
5471 case NEON_3R_VML: /* VMLA, VMLAL, VMLS,VMLSL */
5472 switch (size) {
5473 case 0: gen_helper_neon_mul_u8(tmp, tmp, tmp2); break;
5474 case 1: gen_helper_neon_mul_u16(tmp, tmp, tmp2); break;
5475 case 2: tcg_gen_mul_i32(tmp, tmp, tmp2); break;
5476 default: abort();
5477 }
5478 tcg_temp_free_i32(tmp2);
5479 tmp2 = neon_load_reg(rd, pass);
5480 if (u) { /* VMLS */
5481 gen_neon_rsb(size, tmp, tmp2);
5482 } else { /* VMLA */
5483 gen_neon_add(size, tmp, tmp2);
5484 }
5485 break;
5486 case NEON_3R_VMUL:
5487 if (u) { /* polynomial */
5488 gen_helper_neon_mul_p8(tmp, tmp, tmp2);
5489 } else { /* Integer */
5490 switch (size) {
5491 case 0: gen_helper_neon_mul_u8(tmp, tmp, tmp2); break;
5492 case 1: gen_helper_neon_mul_u16(tmp, tmp, tmp2); break;
5493 case 2: tcg_gen_mul_i32(tmp, tmp, tmp2); break;
5494 default: abort();
5495 }
5496 }
5497 break;
5498 case NEON_3R_VPMAX:
5499 GEN_NEON_INTEGER_OP(pmax);
5500 break;
5501 case NEON_3R_VPMIN:
5502 GEN_NEON_INTEGER_OP(pmin);
5503 break;
5504 case NEON_3R_VQDMULH_VQRDMULH: /* Multiply high. */
5505 if (!u) { /* VQDMULH */
5506 switch (size) {
5507 case 1:
5508 gen_helper_neon_qdmulh_s16(tmp, cpu_env, tmp, tmp2);
5509 break;
5510 case 2:
5511 gen_helper_neon_qdmulh_s32(tmp, cpu_env, tmp, tmp2);
5512 break;
5513 default: abort();
5514 }
5515 } else { /* VQRDMULH */
5516 switch (size) {
5517 case 1:
5518 gen_helper_neon_qrdmulh_s16(tmp, cpu_env, tmp, tmp2);
5519 break;
5520 case 2:
5521 gen_helper_neon_qrdmulh_s32(tmp, cpu_env, tmp, tmp2);
5522 break;
5523 default: abort();
5524 }
5525 }
5526 break;
5527 case NEON_3R_VPADD:
5528 switch (size) {
5529 case 0: gen_helper_neon_padd_u8(tmp, tmp, tmp2); break;
5530 case 1: gen_helper_neon_padd_u16(tmp, tmp, tmp2); break;
5531 case 2: tcg_gen_add_i32(tmp, tmp, tmp2); break;
5532 default: abort();
5533 }
5534 break;
5535 case NEON_3R_FLOAT_ARITH: /* Floating point arithmetic. */
5536 {
5537 TCGv_ptr fpstatus = get_fpstatus_ptr(1);
5538 switch ((u << 2) | size) {
5539 case 0: /* VADD */
5540 case 4: /* VPADD */
5541 gen_helper_vfp_adds(tmp, tmp, tmp2, fpstatus);
5542 break;
5543 case 2: /* VSUB */
5544 gen_helper_vfp_subs(tmp, tmp, tmp2, fpstatus);
5545 break;
5546 case 6: /* VABD */
5547 gen_helper_neon_abd_f32(tmp, tmp, tmp2, fpstatus);
5548 break;
5549 default:
5550 abort();
5551 }
5552 tcg_temp_free_ptr(fpstatus);
5553 break;
5554 }
5555 case NEON_3R_FLOAT_MULTIPLY:
5556 {
5557 TCGv_ptr fpstatus = get_fpstatus_ptr(1);
5558 gen_helper_vfp_muls(tmp, tmp, tmp2, fpstatus);
5559 if (!u) {
5560 tcg_temp_free_i32(tmp2);
5561 tmp2 = neon_load_reg(rd, pass);
5562 if (size == 0) {
5563 gen_helper_vfp_adds(tmp, tmp, tmp2, fpstatus);
5564 } else {
5565 gen_helper_vfp_subs(tmp, tmp2, tmp, fpstatus);
5566 }
5567 }
5568 tcg_temp_free_ptr(fpstatus);
5569 break;
5570 }
5571 case NEON_3R_FLOAT_CMP:
5572 {
5573 TCGv_ptr fpstatus = get_fpstatus_ptr(1);
5574 if (!u) {
5575 gen_helper_neon_ceq_f32(tmp, tmp, tmp2, fpstatus);
5576 } else {
5577 if (size == 0) {
5578 gen_helper_neon_cge_f32(tmp, tmp, tmp2, fpstatus);
5579 } else {
5580 gen_helper_neon_cgt_f32(tmp, tmp, tmp2, fpstatus);
5581 }
5582 }
5583 tcg_temp_free_ptr(fpstatus);
5584 break;
5585 }
5586 case NEON_3R_FLOAT_ACMP:
5587 {
5588 TCGv_ptr fpstatus = get_fpstatus_ptr(1);
5589 if (size == 0) {
5590 gen_helper_neon_acge_f32(tmp, tmp, tmp2, fpstatus);
5591 } else {
5592 gen_helper_neon_acgt_f32(tmp, tmp, tmp2, fpstatus);
5593 }
5594 tcg_temp_free_ptr(fpstatus);
5595 break;
5596 }
5597 case NEON_3R_FLOAT_MINMAX:
5598 {
5599 TCGv_ptr fpstatus = get_fpstatus_ptr(1);
5600 if (size == 0) {
5601 gen_helper_vfp_maxs(tmp, tmp, tmp2, fpstatus);
5602 } else {
5603 gen_helper_vfp_mins(tmp, tmp, tmp2, fpstatus);
5604 }
5605 tcg_temp_free_ptr(fpstatus);
5606 break;
5607 }
5608 case NEON_3R_FLOAT_MISC:
5609 if (u) {
5610 /* VMAXNM/VMINNM */
5611 TCGv_ptr fpstatus = get_fpstatus_ptr(1);
5612 if (size == 0) {
5613 gen_helper_vfp_maxnums(tmp, tmp, tmp2, fpstatus);
5614 } else {
5615 gen_helper_vfp_minnums(tmp, tmp, tmp2, fpstatus);
5616 }
5617 tcg_temp_free_ptr(fpstatus);
5618 } else {
5619 if (size == 0) {
5620 gen_helper_recps_f32(tmp, tmp, tmp2, cpu_env);
5621 } else {
5622 gen_helper_rsqrts_f32(tmp, tmp, tmp2, cpu_env);
5623 }
5624 }
5625 break;
5626 case NEON_3R_VFM:
5627 {
5628 /* VFMA, VFMS: fused multiply-add */
5629 TCGv_ptr fpstatus = get_fpstatus_ptr(1);
5630 TCGv_i32 tmp3 = neon_load_reg(rd, pass);
5631 if (size) {
5632 /* VFMS */
5633 gen_helper_vfp_negs(tmp, tmp);
5634 }
5635 gen_helper_vfp_muladds(tmp, tmp, tmp2, tmp3, fpstatus);
5636 tcg_temp_free_i32(tmp3);
5637 tcg_temp_free_ptr(fpstatus);
5638 break;
5639 }
5640 default:
5641 abort();
5642 }
5643 tcg_temp_free_i32(tmp2);
5644
5645 /* Save the result. For elementwise operations we can put it
5646 straight into the destination register. For pairwise operations
5647 we have to be careful to avoid clobbering the source operands. */
5648 if (pairwise && rd == rm) {
5649 neon_store_scratch(pass, tmp);
5650 } else {
5651 neon_store_reg(rd, pass, tmp);
5652 }
5653
5654 } /* for pass */
5655 if (pairwise && rd == rm) {
5656 for (pass = 0; pass < (q ? 4 : 2); pass++) {
5657 tmp = neon_load_scratch(pass);
5658 neon_store_reg(rd, pass, tmp);
5659 }
5660 }
5661 /* End of 3 register same size operations. */
5662 } else if (insn & (1 << 4)) {
5663 if ((insn & 0x00380080) != 0) {
5664 /* Two registers and shift. */
5665 op = (insn >> 8) & 0xf;
5666 if (insn & (1 << 7)) {
5667 /* 64-bit shift. */
5668 if (op > 7) {
5669 return 1;
5670 }
5671 size = 3;
5672 } else {
5673 size = 2;
5674 while ((insn & (1 << (size + 19))) == 0)
5675 size--;
5676 }
5677 shift = (insn >> 16) & ((1 << (3 + size)) - 1);
5678 /* To avoid excessive duplication of ops we implement shift
5679 by immediate using the variable shift operations. */
5680 if (op < 8) {
5681 /* Shift by immediate:
5682 VSHR, VSRA, VRSHR, VRSRA, VSRI, VSHL, VQSHL, VQSHLU. */
5683 if (q && ((rd | rm) & 1)) {
5684 return 1;
5685 }
5686 if (!u && (op == 4 || op == 6)) {
5687 return 1;
5688 }
5689 /* Right shifts are encoded as N - shift, where N is the
5690 element size in bits. */
5691 if (op <= 4)
5692 shift = shift - (1 << (size + 3));
5693 if (size == 3) {
5694 count = q + 1;
5695 } else {
5696 count = q ? 4: 2;
5697 }
5698 switch (size) {
5699 case 0:
5700 imm = (uint8_t) shift;
5701 imm |= imm << 8;
5702 imm |= imm << 16;
5703 break;
5704 case 1:
5705 imm = (uint16_t) shift;
5706 imm |= imm << 16;
5707 break;
5708 case 2:
5709 case 3:
5710 imm = shift;
5711 break;
5712 default:
5713 abort();
5714 }
5715
5716 for (pass = 0; pass < count; pass++) {
5717 if (size == 3) {
5718 neon_load_reg64(cpu_V0, rm + pass);
5719 tcg_gen_movi_i64(cpu_V1, imm);
5720 switch (op) {
5721 case 0: /* VSHR */
5722 case 1: /* VSRA */
5723 if (u)
5724 gen_helper_neon_shl_u64(cpu_V0, cpu_V0, cpu_V1);
5725 else
5726 gen_helper_neon_shl_s64(cpu_V0, cpu_V0, cpu_V1);
5727 break;
5728 case 2: /* VRSHR */
5729 case 3: /* VRSRA */
5730 if (u)
5731 gen_helper_neon_rshl_u64(cpu_V0, cpu_V0, cpu_V1);
5732 else
5733 gen_helper_neon_rshl_s64(cpu_V0, cpu_V0, cpu_V1);
5734 break;
5735 case 4: /* VSRI */
5736 case 5: /* VSHL, VSLI */
5737 gen_helper_neon_shl_u64(cpu_V0, cpu_V0, cpu_V1);
5738 break;
5739 case 6: /* VQSHLU */
5740 gen_helper_neon_qshlu_s64(cpu_V0, cpu_env,
5741 cpu_V0, cpu_V1);
5742 break;
5743 case 7: /* VQSHL */
5744 if (u) {
5745 gen_helper_neon_qshl_u64(cpu_V0, cpu_env,
5746 cpu_V0, cpu_V1);
5747 } else {
5748 gen_helper_neon_qshl_s64(cpu_V0, cpu_env,
5749 cpu_V0, cpu_V1);
5750 }
5751 break;
5752 }
5753 if (op == 1 || op == 3) {
5754 /* Accumulate. */
5755 neon_load_reg64(cpu_V1, rd + pass);
5756 tcg_gen_add_i64(cpu_V0, cpu_V0, cpu_V1);
5757 } else if (op == 4 || (op == 5 && u)) {
5758 /* Insert */
5759 neon_load_reg64(cpu_V1, rd + pass);
5760 uint64_t mask;
5761 if (shift < -63 || shift > 63) {
5762 mask = 0;
5763 } else {
5764 if (op == 4) {
5765 mask = 0xffffffffffffffffull >> -shift;
5766 } else {
5767 mask = 0xffffffffffffffffull << shift;
5768 }
5769 }
5770 tcg_gen_andi_i64(cpu_V1, cpu_V1, ~mask);
5771 tcg_gen_or_i64(cpu_V0, cpu_V0, cpu_V1);
5772 }
5773 neon_store_reg64(cpu_V0, rd + pass);
5774 } else { /* size < 3 */
5775 /* Operands in T0 and T1. */
5776 tmp = neon_load_reg(rm, pass);
5777 tmp2 = tcg_temp_new_i32();
5778 tcg_gen_movi_i32(tmp2, imm);
5779 switch (op) {
5780 case 0: /* VSHR */
5781 case 1: /* VSRA */
5782 GEN_NEON_INTEGER_OP(shl);
5783 break;
5784 case 2: /* VRSHR */
5785 case 3: /* VRSRA */
5786 GEN_NEON_INTEGER_OP(rshl);
5787 break;
5788 case 4: /* VSRI */
5789 case 5: /* VSHL, VSLI */
5790 switch (size) {
5791 case 0: gen_helper_neon_shl_u8(tmp, tmp, tmp2); break;
5792 case 1: gen_helper_neon_shl_u16(tmp, tmp, tmp2); break;
5793 case 2: gen_helper_neon_shl_u32(tmp, tmp, tmp2); break;
5794 default: abort();
5795 }
5796 break;
5797 case 6: /* VQSHLU */
5798 switch (size) {
5799 case 0:
5800 gen_helper_neon_qshlu_s8(tmp, cpu_env,
5801 tmp, tmp2);
5802 break;
5803 case 1:
5804 gen_helper_neon_qshlu_s16(tmp, cpu_env,
5805 tmp, tmp2);
5806 break;
5807 case 2:
5808 gen_helper_neon_qshlu_s32(tmp, cpu_env,
5809 tmp, tmp2);
5810 break;
5811 default:
5812 abort();
5813 }
5814 break;
5815 case 7: /* VQSHL */
5816 GEN_NEON_INTEGER_OP_ENV(qshl);
5817 break;
5818 }
5819 tcg_temp_free_i32(tmp2);
5820
5821 if (op == 1 || op == 3) {
5822 /* Accumulate. */
5823 tmp2 = neon_load_reg(rd, pass);
5824 gen_neon_add(size, tmp, tmp2);
5825 tcg_temp_free_i32(tmp2);
5826 } else if (op == 4 || (op == 5 && u)) {
5827 /* Insert */
5828 switch (size) {
5829 case 0:
5830 if (op == 4)
5831 mask = 0xff >> -shift;
5832 else
5833 mask = (uint8_t)(0xff << shift);
5834 mask |= mask << 8;
5835 mask |= mask << 16;
5836 break;
5837 case 1:
5838 if (op == 4)
5839 mask = 0xffff >> -shift;
5840 else
5841 mask = (uint16_t)(0xffff << shift);
5842 mask |= mask << 16;
5843 break;
5844 case 2:
5845 if (shift < -31 || shift > 31) {
5846 mask = 0;
5847 } else {
5848 if (op == 4)
5849 mask = 0xffffffffu >> -shift;
5850 else
5851 mask = 0xffffffffu << shift;
5852 }
5853 break;
5854 default:
5855 abort();
5856 }
5857 tmp2 = neon_load_reg(rd, pass);
5858 tcg_gen_andi_i32(tmp, tmp, mask);
5859 tcg_gen_andi_i32(tmp2, tmp2, ~mask);
5860 tcg_gen_or_i32(tmp, tmp, tmp2);
5861 tcg_temp_free_i32(tmp2);
5862 }
5863 neon_store_reg(rd, pass, tmp);
5864 }
5865 } /* for pass */
5866 } else if (op < 10) {
5867 /* Shift by immediate and narrow:
5868 VSHRN, VRSHRN, VQSHRN, VQRSHRN. */
5869 int input_unsigned = (op == 8) ? !u : u;
5870 if (rm & 1) {
5871 return 1;
5872 }
5873 shift = shift - (1 << (size + 3));
5874 size++;
5875 if (size == 3) {
5876 tmp64 = tcg_const_i64(shift);
5877 neon_load_reg64(cpu_V0, rm);
5878 neon_load_reg64(cpu_V1, rm + 1);
5879 for (pass = 0; pass < 2; pass++) {
5880 TCGv_i64 in;
5881 if (pass == 0) {
5882 in = cpu_V0;
5883 } else {
5884 in = cpu_V1;
5885 }
5886 if (q) {
5887 if (input_unsigned) {
5888 gen_helper_neon_rshl_u64(cpu_V0, in, tmp64);
5889 } else {
5890 gen_helper_neon_rshl_s64(cpu_V0, in, tmp64);
5891 }
5892 } else {
5893 if (input_unsigned) {
5894 gen_helper_neon_shl_u64(cpu_V0, in, tmp64);
5895 } else {
5896 gen_helper_neon_shl_s64(cpu_V0, in, tmp64);
5897 }
5898 }
5899 tmp = tcg_temp_new_i32();
5900 gen_neon_narrow_op(op == 8, u, size - 1, tmp, cpu_V0);
5901 neon_store_reg(rd, pass, tmp);
5902 } /* for pass */
5903 tcg_temp_free_i64(tmp64);
5904 } else {
5905 if (size == 1) {
5906 imm = (uint16_t)shift;
5907 imm |= imm << 16;
5908 } else {
5909 /* size == 2 */
5910 imm = (uint32_t)shift;
5911 }
5912 tmp2 = tcg_const_i32(imm);
5913 tmp4 = neon_load_reg(rm + 1, 0);
5914 tmp5 = neon_load_reg(rm + 1, 1);
5915 for (pass = 0; pass < 2; pass++) {
5916 if (pass == 0) {
5917 tmp = neon_load_reg(rm, 0);
5918 } else {
5919 tmp = tmp4;
5920 }
5921 gen_neon_shift_narrow(size, tmp, tmp2, q,
5922 input_unsigned);
5923 if (pass == 0) {
5924 tmp3 = neon_load_reg(rm, 1);
5925 } else {
5926 tmp3 = tmp5;
5927 }
5928 gen_neon_shift_narrow(size, tmp3, tmp2, q,
5929 input_unsigned);
5930 tcg_gen_concat_i32_i64(cpu_V0, tmp, tmp3);
5931 tcg_temp_free_i32(tmp);
5932 tcg_temp_free_i32(tmp3);
5933 tmp = tcg_temp_new_i32();
5934 gen_neon_narrow_op(op == 8, u, size - 1, tmp, cpu_V0);
5935 neon_store_reg(rd, pass, tmp);
5936 } /* for pass */
5937 tcg_temp_free_i32(tmp2);
5938 }
5939 } else if (op == 10) {
5940 /* VSHLL, VMOVL */
5941 if (q || (rd & 1)) {
5942 return 1;
5943 }
5944 tmp = neon_load_reg(rm, 0);
5945 tmp2 = neon_load_reg(rm, 1);
5946 for (pass = 0; pass < 2; pass++) {
5947 if (pass == 1)
5948 tmp = tmp2;
5949
5950 gen_neon_widen(cpu_V0, tmp, size, u);
5951
5952 if (shift != 0) {
5953 /* The shift is less than the width of the source
5954 type, so we can just shift the whole register. */
5955 tcg_gen_shli_i64(cpu_V0, cpu_V0, shift);
5956 /* Widen the result of shift: we need to clear
5957 * the potential overflow bits resulting from
5958 * left bits of the narrow input appearing as
5959 * right bits of left the neighbour narrow
5960 * input. */
5961 if (size < 2 || !u) {
5962 uint64_t imm64;
5963 if (size == 0) {
5964 imm = (0xffu >> (8 - shift));
5965 imm |= imm << 16;
5966 } else if (size == 1) {
5967 imm = 0xffff >> (16 - shift);
5968 } else {
5969 /* size == 2 */
5970 imm = 0xffffffff >> (32 - shift);
5971 }
5972 if (size < 2) {
5973 imm64 = imm | (((uint64_t)imm) << 32);
5974 } else {
5975 imm64 = imm;
5976 }
5977 tcg_gen_andi_i64(cpu_V0, cpu_V0, ~imm64);
5978 }
5979 }
5980 neon_store_reg64(cpu_V0, rd + pass);
5981 }
5982 } else if (op >= 14) {
5983 /* VCVT fixed-point. */
5984 if (!(insn & (1 << 21)) || (q && ((rd | rm) & 1))) {
5985 return 1;
5986 }
5987 /* We have already masked out the must-be-1 top bit of imm6,
5988 * hence this 32-shift where the ARM ARM has 64-imm6.
5989 */
5990 shift = 32 - shift;
5991 for (pass = 0; pass < (q ? 4 : 2); pass++) {
5992 tcg_gen_ld_f32(cpu_F0s, cpu_env, neon_reg_offset(rm, pass));
5993 if (!(op & 1)) {
5994 if (u)
5995 gen_vfp_ulto(0, shift, 1);
5996 else
5997 gen_vfp_slto(0, shift, 1);
5998 } else {
5999 if (u)
6000 gen_vfp_toul(0, shift, 1);
6001 else
6002 gen_vfp_tosl(0, shift, 1);
6003 }
6004 tcg_gen_st_f32(cpu_F0s, cpu_env, neon_reg_offset(rd, pass));
6005 }
6006 } else {
6007 return 1;
6008 }
6009 } else { /* (insn & 0x00380080) == 0 */
6010 int invert;
6011 if (q && (rd & 1)) {
6012 return 1;
6013 }
6014
6015 op = (insn >> 8) & 0xf;
6016 /* One register and immediate. */
6017 imm = (u << 7) | ((insn >> 12) & 0x70) | (insn & 0xf);
6018 invert = (insn & (1 << 5)) != 0;
6019 /* Note that op = 2,3,4,5,6,7,10,11,12,13 imm=0 is UNPREDICTABLE.
6020 * We choose to not special-case this and will behave as if a
6021 * valid constant encoding of 0 had been given.
6022 */
6023 switch (op) {
6024 case 0: case 1:
6025 /* no-op */
6026 break;
6027 case 2: case 3:
6028 imm <<= 8;
6029 break;
6030 case 4: case 5:
6031 imm <<= 16;
6032 break;
6033 case 6: case 7:
6034 imm <<= 24;
6035 break;
6036 case 8: case 9:
6037 imm |= imm << 16;
6038 break;
6039 case 10: case 11:
6040 imm = (imm << 8) | (imm << 24);
6041 break;
6042 case 12:
6043 imm = (imm << 8) | 0xff;
6044 break;
6045 case 13:
6046 imm = (imm << 16) | 0xffff;
6047 break;
6048 case 14:
6049 imm |= (imm << 8) | (imm << 16) | (imm << 24);
6050 if (invert)
6051 imm = ~imm;
6052 break;
6053 case 15:
6054 if (invert) {
6055 return 1;
6056 }
6057 imm = ((imm & 0x80) << 24) | ((imm & 0x3f) << 19)
6058 | ((imm & 0x40) ? (0x1f << 25) : (1 << 30));
6059 break;
6060 }
6061 if (invert)
6062 imm = ~imm;
6063
6064 for (pass = 0; pass < (q ? 4 : 2); pass++) {
6065 if (op & 1 && op < 12) {
6066 tmp = neon_load_reg(rd, pass);
6067 if (invert) {
6068 /* The immediate value has already been inverted, so
6069 BIC becomes AND. */
6070 tcg_gen_andi_i32(tmp, tmp, imm);
6071 } else {
6072 tcg_gen_ori_i32(tmp, tmp, imm);
6073 }
6074 } else {
6075 /* VMOV, VMVN. */
6076 tmp = tcg_temp_new_i32();
6077 if (op == 14 && invert) {
6078 int n;
6079 uint32_t val;
6080 val = 0;
6081 for (n = 0; n < 4; n++) {
6082 if (imm & (1 << (n + (pass & 1) * 4)))
6083 val |= 0xff << (n * 8);
6084 }
6085 tcg_gen_movi_i32(tmp, val);
6086 } else {
6087 tcg_gen_movi_i32(tmp, imm);
6088 }
6089 }
6090 neon_store_reg(rd, pass, tmp);
6091 }
6092 }
6093 } else { /* (insn & 0x00800010 == 0x00800000) */
6094 if (size != 3) {
6095 op = (insn >> 8) & 0xf;
6096 if ((insn & (1 << 6)) == 0) {
6097 /* Three registers of different lengths. */
6098 int src1_wide;
6099 int src2_wide;
6100 int prewiden;
6101 /* undefreq: bit 0 : UNDEF if size == 0
6102 * bit 1 : UNDEF if size == 1
6103 * bit 2 : UNDEF if size == 2
6104 * bit 3 : UNDEF if U == 1
6105 * Note that [2:0] set implies 'always UNDEF'
6106 */
6107 int undefreq;
6108 /* prewiden, src1_wide, src2_wide, undefreq */
6109 static const int neon_3reg_wide[16][4] = {
6110 {1, 0, 0, 0}, /* VADDL */
6111 {1, 1, 0, 0}, /* VADDW */
6112 {1, 0, 0, 0}, /* VSUBL */
6113 {1, 1, 0, 0}, /* VSUBW */
6114 {0, 1, 1, 0}, /* VADDHN */
6115 {0, 0, 0, 0}, /* VABAL */
6116 {0, 1, 1, 0}, /* VSUBHN */
6117 {0, 0, 0, 0}, /* VABDL */
6118 {0, 0, 0, 0}, /* VMLAL */
6119 {0, 0, 0, 9}, /* VQDMLAL */
6120 {0, 0, 0, 0}, /* VMLSL */
6121 {0, 0, 0, 9}, /* VQDMLSL */
6122 {0, 0, 0, 0}, /* Integer VMULL */
6123 {0, 0, 0, 1}, /* VQDMULL */
6124 {0, 0, 0, 0xa}, /* Polynomial VMULL */
6125 {0, 0, 0, 7}, /* Reserved: always UNDEF */
6126 };
6127
6128 prewiden = neon_3reg_wide[op][0];
6129 src1_wide = neon_3reg_wide[op][1];
6130 src2_wide = neon_3reg_wide[op][2];
6131 undefreq = neon_3reg_wide[op][3];
6132
6133 if ((undefreq & (1 << size)) ||
6134 ((undefreq & 8) && u)) {
6135 return 1;
6136 }
6137 if ((src1_wide && (rn & 1)) ||
6138 (src2_wide && (rm & 1)) ||
6139 (!src2_wide && (rd & 1))) {
6140 return 1;
6141 }
6142
6143 /* Handle VMULL.P64 (Polynomial 64x64 to 128 bit multiply)
6144 * outside the loop below as it only performs a single pass.
6145 */
6146 if (op == 14 && size == 2) {
6147 TCGv_i64 tcg_rn, tcg_rm, tcg_rd;
6148
6149 if (!arm_dc_feature(s, ARM_FEATURE_V8_PMULL)) {
6150 return 1;
6151 }
6152 tcg_rn = tcg_temp_new_i64();
6153 tcg_rm = tcg_temp_new_i64();
6154 tcg_rd = tcg_temp_new_i64();
6155 neon_load_reg64(tcg_rn, rn);
6156 neon_load_reg64(tcg_rm, rm);
6157 gen_helper_neon_pmull_64_lo(tcg_rd, tcg_rn, tcg_rm);
6158 neon_store_reg64(tcg_rd, rd);
6159 gen_helper_neon_pmull_64_hi(tcg_rd, tcg_rn, tcg_rm);
6160 neon_store_reg64(tcg_rd, rd + 1);
6161 tcg_temp_free_i64(tcg_rn);
6162 tcg_temp_free_i64(tcg_rm);
6163 tcg_temp_free_i64(tcg_rd);
6164 return 0;
6165 }
6166
6167 /* Avoid overlapping operands. Wide source operands are
6168 always aligned so will never overlap with wide
6169 destinations in problematic ways. */
6170 if (rd == rm && !src2_wide) {
6171 tmp = neon_load_reg(rm, 1);
6172 neon_store_scratch(2, tmp);
6173 } else if (rd == rn && !src1_wide) {
6174 tmp = neon_load_reg(rn, 1);
6175 neon_store_scratch(2, tmp);
6176 }
6177 TCGV_UNUSED_I32(tmp3);
6178 for (pass = 0; pass < 2; pass++) {
6179 if (src1_wide) {
6180 neon_load_reg64(cpu_V0, rn + pass);
6181 TCGV_UNUSED_I32(tmp);
6182 } else {
6183 if (pass == 1 && rd == rn) {
6184 tmp = neon_load_scratch(2);
6185 } else {
6186 tmp = neon_load_reg(rn, pass);
6187 }
6188 if (prewiden) {
6189 gen_neon_widen(cpu_V0, tmp, size, u);
6190 }
6191 }
6192 if (src2_wide) {
6193 neon_load_reg64(cpu_V1, rm + pass);
6194 TCGV_UNUSED_I32(tmp2);
6195 } else {
6196 if (pass == 1 && rd == rm) {
6197 tmp2 = neon_load_scratch(2);
6198 } else {
6199 tmp2 = neon_load_reg(rm, pass);
6200 }
6201 if (prewiden) {
6202 gen_neon_widen(cpu_V1, tmp2, size, u);
6203 }
6204 }
6205 switch (op) {
6206 case 0: case 1: case 4: /* VADDL, VADDW, VADDHN, VRADDHN */
6207 gen_neon_addl(size);
6208 break;
6209 case 2: case 3: case 6: /* VSUBL, VSUBW, VSUBHN, VRSUBHN */
6210 gen_neon_subl(size);
6211 break;
6212 case 5: case 7: /* VABAL, VABDL */
6213 switch ((size << 1) | u) {
6214 case 0:
6215 gen_helper_neon_abdl_s16(cpu_V0, tmp, tmp2);
6216 break;
6217 case 1:
6218 gen_helper_neon_abdl_u16(cpu_V0, tmp, tmp2);
6219 break;
6220 case 2:
6221 gen_helper_neon_abdl_s32(cpu_V0, tmp, tmp2);
6222 break;
6223 case 3:
6224 gen_helper_neon_abdl_u32(cpu_V0, tmp, tmp2);
6225 break;
6226 case 4:
6227 gen_helper_neon_abdl_s64(cpu_V0, tmp, tmp2);
6228 break;
6229 case 5:
6230 gen_helper_neon_abdl_u64(cpu_V0, tmp, tmp2);
6231 break;
6232 default: abort();
6233 }
6234 tcg_temp_free_i32(tmp2);
6235 tcg_temp_free_i32(tmp);
6236 break;
6237 case 8: case 9: case 10: case 11: case 12: case 13:
6238 /* VMLAL, VQDMLAL, VMLSL, VQDMLSL, VMULL, VQDMULL */
6239 gen_neon_mull(cpu_V0, tmp, tmp2, size, u);
6240 break;
6241 case 14: /* Polynomial VMULL */
6242 gen_helper_neon_mull_p8(cpu_V0, tmp, tmp2);
6243 tcg_temp_free_i32(tmp2);
6244 tcg_temp_free_i32(tmp);
6245 break;
6246 default: /* 15 is RESERVED: caught earlier */
6247 abort();
6248 }
6249 if (op == 13) {
6250 /* VQDMULL */
6251 gen_neon_addl_saturate(cpu_V0, cpu_V0, size);
6252 neon_store_reg64(cpu_V0, rd + pass);
6253 } else if (op == 5 || (op >= 8 && op <= 11)) {
6254 /* Accumulate. */
6255 neon_load_reg64(cpu_V1, rd + pass);
6256 switch (op) {
6257 case 10: /* VMLSL */
6258 gen_neon_negl(cpu_V0, size);
6259 /* Fall through */
6260 case 5: case 8: /* VABAL, VMLAL */
6261 gen_neon_addl(size);
6262 break;
6263 case 9: case 11: /* VQDMLAL, VQDMLSL */
6264 gen_neon_addl_saturate(cpu_V0, cpu_V0, size);
6265 if (op == 11) {
6266 gen_neon_negl(cpu_V0, size);
6267 }
6268 gen_neon_addl_saturate(cpu_V0, cpu_V1, size);
6269 break;
6270 default:
6271 abort();
6272 }
6273 neon_store_reg64(cpu_V0, rd + pass);
6274 } else if (op == 4 || op == 6) {
6275 /* Narrowing operation. */
6276 tmp = tcg_temp_new_i32();
6277 if (!u) {
6278 switch (size) {
6279 case 0:
6280 gen_helper_neon_narrow_high_u8(tmp, cpu_V0);
6281 break;
6282 case 1:
6283 gen_helper_neon_narrow_high_u16(tmp, cpu_V0);
6284 break;
6285 case 2:
6286 tcg_gen_shri_i64(cpu_V0, cpu_V0, 32);
6287 tcg_gen_extrl_i64_i32(tmp, cpu_V0);
6288 break;
6289 default: abort();
6290 }
6291 } else {
6292 switch (size) {
6293 case 0:
6294 gen_helper_neon_narrow_round_high_u8(tmp, cpu_V0);
6295 break;
6296 case 1:
6297 gen_helper_neon_narrow_round_high_u16(tmp, cpu_V0);
6298 break;
6299 case 2:
6300 tcg_gen_addi_i64(cpu_V0, cpu_V0, 1u << 31);
6301 tcg_gen_shri_i64(cpu_V0, cpu_V0, 32);
6302 tcg_gen_extrl_i64_i32(tmp, cpu_V0);
6303 break;
6304 default: abort();
6305 }
6306 }
6307 if (pass == 0) {
6308 tmp3 = tmp;
6309 } else {
6310 neon_store_reg(rd, 0, tmp3);
6311 neon_store_reg(rd, 1, tmp);
6312 }
6313 } else {
6314 /* Write back the result. */
6315 neon_store_reg64(cpu_V0, rd + pass);
6316 }
6317 }
6318 } else {
6319 /* Two registers and a scalar. NB that for ops of this form
6320 * the ARM ARM labels bit 24 as Q, but it is in our variable
6321 * 'u', not 'q'.
6322 */
6323 if (size == 0) {
6324 return 1;
6325 }
6326 switch (op) {
6327 case 1: /* Float VMLA scalar */
6328 case 5: /* Floating point VMLS scalar */
6329 case 9: /* Floating point VMUL scalar */
6330 if (size == 1) {
6331 return 1;
6332 }
6333 /* fall through */
6334 case 0: /* Integer VMLA scalar */
6335 case 4: /* Integer VMLS scalar */
6336 case 8: /* Integer VMUL scalar */
6337 case 12: /* VQDMULH scalar */
6338 case 13: /* VQRDMULH scalar */
6339 if (u && ((rd | rn) & 1)) {
6340 return 1;
6341 }
6342 tmp = neon_get_scalar(size, rm);
6343 neon_store_scratch(0, tmp);
6344 for (pass = 0; pass < (u ? 4 : 2); pass++) {
6345 tmp = neon_load_scratch(0);
6346 tmp2 = neon_load_reg(rn, pass);
6347 if (op == 12) {
6348 if (size == 1) {
6349 gen_helper_neon_qdmulh_s16(tmp, cpu_env, tmp, tmp2);
6350 } else {
6351 gen_helper_neon_qdmulh_s32(tmp, cpu_env, tmp, tmp2);
6352 }
6353 } else if (op == 13) {
6354 if (size == 1) {
6355 gen_helper_neon_qrdmulh_s16(tmp, cpu_env, tmp, tmp2);
6356 } else {
6357 gen_helper_neon_qrdmulh_s32(tmp, cpu_env, tmp, tmp2);
6358 }
6359 } else if (op & 1) {
6360 TCGv_ptr fpstatus = get_fpstatus_ptr(1);
6361 gen_helper_vfp_muls(tmp, tmp, tmp2, fpstatus);
6362 tcg_temp_free_ptr(fpstatus);
6363 } else {
6364 switch (size) {
6365 case 0: gen_helper_neon_mul_u8(tmp, tmp, tmp2); break;
6366 case 1: gen_helper_neon_mul_u16(tmp, tmp, tmp2); break;
6367 case 2: tcg_gen_mul_i32(tmp, tmp, tmp2); break;
6368 default: abort();
6369 }
6370 }
6371 tcg_temp_free_i32(tmp2);
6372 if (op < 8) {
6373 /* Accumulate. */
6374 tmp2 = neon_load_reg(rd, pass);
6375 switch (op) {
6376 case 0:
6377 gen_neon_add(size, tmp, tmp2);
6378 break;
6379 case 1:
6380 {
6381 TCGv_ptr fpstatus = get_fpstatus_ptr(1);
6382 gen_helper_vfp_adds(tmp, tmp, tmp2, fpstatus);
6383 tcg_temp_free_ptr(fpstatus);
6384 break;
6385 }
6386 case 4:
6387 gen_neon_rsb(size, tmp, tmp2);
6388 break;
6389 case 5:
6390 {
6391 TCGv_ptr fpstatus = get_fpstatus_ptr(1);
6392 gen_helper_vfp_subs(tmp, tmp2, tmp, fpstatus);
6393 tcg_temp_free_ptr(fpstatus);
6394 break;
6395 }
6396 default:
6397 abort();
6398 }
6399 tcg_temp_free_i32(tmp2);
6400 }
6401 neon_store_reg(rd, pass, tmp);
6402 }
6403 break;
6404 case 3: /* VQDMLAL scalar */
6405 case 7: /* VQDMLSL scalar */
6406 case 11: /* VQDMULL scalar */
6407 if (u == 1) {
6408 return 1;
6409 }
6410 /* fall through */
6411 case 2: /* VMLAL sclar */
6412 case 6: /* VMLSL scalar */
6413 case 10: /* VMULL scalar */
6414 if (rd & 1) {
6415 return 1;
6416 }
6417 tmp2 = neon_get_scalar(size, rm);
6418 /* We need a copy of tmp2 because gen_neon_mull
6419 * deletes it during pass 0. */
6420 tmp4 = tcg_temp_new_i32();
6421 tcg_gen_mov_i32(tmp4, tmp2);
6422 tmp3 = neon_load_reg(rn, 1);
6423
6424 for (pass = 0; pass < 2; pass++) {
6425 if (pass == 0) {
6426 tmp = neon_load_reg(rn, 0);
6427 } else {
6428 tmp = tmp3;
6429 tmp2 = tmp4;
6430 }
6431 gen_neon_mull(cpu_V0, tmp, tmp2, size, u);
6432 if (op != 11) {
6433 neon_load_reg64(cpu_V1, rd + pass);
6434 }
6435 switch (op) {
6436 case 6:
6437 gen_neon_negl(cpu_V0, size);
6438 /* Fall through */
6439 case 2:
6440 gen_neon_addl(size);
6441 break;
6442 case 3: case 7:
6443 gen_neon_addl_saturate(cpu_V0, cpu_V0, size);
6444 if (op == 7) {
6445 gen_neon_negl(cpu_V0, size);
6446 }
6447 gen_neon_addl_saturate(cpu_V0, cpu_V1, size);
6448 break;
6449 case 10:
6450 /* no-op */
6451 break;
6452 case 11:
6453 gen_neon_addl_saturate(cpu_V0, cpu_V0, size);
6454 break;
6455 default:
6456 abort();
6457 }
6458 neon_store_reg64(cpu_V0, rd + pass);
6459 }
6460
6461
6462 break;
6463 default: /* 14 and 15 are RESERVED */
6464 return 1;
6465 }
6466 }
6467 } else { /* size == 3 */
6468 if (!u) {
6469 /* Extract. */
6470 imm = (insn >> 8) & 0xf;
6471
6472 if (imm > 7 && !q)
6473 return 1;
6474
6475 if (q && ((rd | rn | rm) & 1)) {
6476 return 1;
6477 }
6478
6479 if (imm == 0) {
6480 neon_load_reg64(cpu_V0, rn);
6481 if (q) {
6482 neon_load_reg64(cpu_V1, rn + 1);
6483 }
6484 } else if (imm == 8) {
6485 neon_load_reg64(cpu_V0, rn + 1);
6486 if (q) {
6487 neon_load_reg64(cpu_V1, rm);
6488 }
6489 } else if (q) {
6490 tmp64 = tcg_temp_new_i64();
6491 if (imm < 8) {
6492 neon_load_reg64(cpu_V0, rn);
6493 neon_load_reg64(tmp64, rn + 1);
6494 } else {
6495 neon_load_reg64(cpu_V0, rn + 1);
6496 neon_load_reg64(tmp64, rm);
6497 }
6498 tcg_gen_shri_i64(cpu_V0, cpu_V0, (imm & 7) * 8);
6499 tcg_gen_shli_i64(cpu_V1, tmp64, 64 - ((imm & 7) * 8));
6500 tcg_gen_or_i64(cpu_V0, cpu_V0, cpu_V1);
6501 if (imm < 8) {
6502 neon_load_reg64(cpu_V1, rm);
6503 } else {
6504 neon_load_reg64(cpu_V1, rm + 1);
6505 imm -= 8;
6506 }
6507 tcg_gen_shli_i64(cpu_V1, cpu_V1, 64 - (imm * 8));
6508 tcg_gen_shri_i64(tmp64, tmp64, imm * 8);
6509 tcg_gen_or_i64(cpu_V1, cpu_V1, tmp64);
6510 tcg_temp_free_i64(tmp64);
6511 } else {
6512 /* BUGFIX */
6513 neon_load_reg64(cpu_V0, rn);
6514 tcg_gen_shri_i64(cpu_V0, cpu_V0, imm * 8);
6515 neon_load_reg64(cpu_V1, rm);
6516 tcg_gen_shli_i64(cpu_V1, cpu_V1, 64 - (imm * 8));
6517 tcg_gen_or_i64(cpu_V0, cpu_V0, cpu_V1);
6518 }
6519 neon_store_reg64(cpu_V0, rd);
6520 if (q) {
6521 neon_store_reg64(cpu_V1, rd + 1);
6522 }
6523 } else if ((insn & (1 << 11)) == 0) {
6524 /* Two register misc. */
6525 op = ((insn >> 12) & 0x30) | ((insn >> 7) & 0xf);
6526 size = (insn >> 18) & 3;
6527 /* UNDEF for unknown op values and bad op-size combinations */
6528 if ((neon_2rm_sizes[op] & (1 << size)) == 0) {
6529 return 1;
6530 }
6531 if ((op != NEON_2RM_VMOVN && op != NEON_2RM_VQMOVN) &&
6532 q && ((rm | rd) & 1)) {
6533 return 1;
6534 }
6535 switch (op) {
6536 case NEON_2RM_VREV64:
6537 for (pass = 0; pass < (q ? 2 : 1); pass++) {
6538 tmp = neon_load_reg(rm, pass * 2);
6539 tmp2 = neon_load_reg(rm, pass * 2 + 1);
6540 switch (size) {
6541 case 0: tcg_gen_bswap32_i32(tmp, tmp); break;
6542 case 1: gen_swap_half(tmp); break;
6543 case 2: /* no-op */ break;
6544 default: abort();
6545 }
6546 neon_store_reg(rd, pass * 2 + 1, tmp);
6547 if (size == 2) {
6548 neon_store_reg(rd, pass * 2, tmp2);
6549 } else {
6550 switch (size) {
6551 case 0: tcg_gen_bswap32_i32(tmp2, tmp2); break;
6552 case 1: gen_swap_half(tmp2); break;
6553 default: abort();
6554 }
6555 neon_store_reg(rd, pass * 2, tmp2);
6556 }
6557 }
6558 break;
6559 case NEON_2RM_VPADDL: case NEON_2RM_VPADDL_U:
6560 case NEON_2RM_VPADAL: case NEON_2RM_VPADAL_U:
6561 for (pass = 0; pass < q + 1; pass++) {
6562 tmp = neon_load_reg(rm, pass * 2);
6563 gen_neon_widen(cpu_V0, tmp, size, op & 1);
6564 tmp = neon_load_reg(rm, pass * 2 + 1);
6565 gen_neon_widen(cpu_V1, tmp, size, op & 1);
6566 switch (size) {
6567 case 0: gen_helper_neon_paddl_u16(CPU_V001); break;
6568 case 1: gen_helper_neon_paddl_u32(CPU_V001); break;
6569 case 2: tcg_gen_add_i64(CPU_V001); break;
6570 default: abort();
6571 }
6572 if (op >= NEON_2RM_VPADAL) {
6573 /* Accumulate. */
6574 neon_load_reg64(cpu_V1, rd + pass);
6575 gen_neon_addl(size);
6576 }
6577 neon_store_reg64(cpu_V0, rd + pass);
6578 }
6579 break;
6580 case NEON_2RM_VTRN:
6581 if (size == 2) {
6582 int n;
6583 for (n = 0; n < (q ? 4 : 2); n += 2) {
6584 tmp = neon_load_reg(rm, n);
6585 tmp2 = neon_load_reg(rd, n + 1);
6586 neon_store_reg(rm, n, tmp2);
6587 neon_store_reg(rd, n + 1, tmp);
6588 }
6589 } else {
6590 goto elementwise;
6591 }
6592 break;
6593 case NEON_2RM_VUZP:
6594 if (gen_neon_unzip(rd, rm, size, q)) {
6595 return 1;
6596 }
6597 break;
6598 case NEON_2RM_VZIP:
6599 if (gen_neon_zip(rd, rm, size, q)) {
6600 return 1;
6601 }
6602 break;
6603 case NEON_2RM_VMOVN: case NEON_2RM_VQMOVN:
6604 /* also VQMOVUN; op field and mnemonics don't line up */
6605 if (rm & 1) {
6606 return 1;
6607 }
6608 TCGV_UNUSED_I32(tmp2);
6609 for (pass = 0; pass < 2; pass++) {
6610 neon_load_reg64(cpu_V0, rm + pass);
6611 tmp = tcg_temp_new_i32();
6612 gen_neon_narrow_op(op == NEON_2RM_VMOVN, q, size,
6613 tmp, cpu_V0);
6614 if (pass == 0) {
6615 tmp2 = tmp;
6616 } else {
6617 neon_store_reg(rd, 0, tmp2);
6618 neon_store_reg(rd, 1, tmp);
6619 }
6620 }
6621 break;
6622 case NEON_2RM_VSHLL:
6623 if (q || (rd & 1)) {
6624 return 1;
6625 }
6626 tmp = neon_load_reg(rm, 0);
6627 tmp2 = neon_load_reg(rm, 1);
6628 for (pass = 0; pass < 2; pass++) {
6629 if (pass == 1)
6630 tmp = tmp2;
6631 gen_neon_widen(cpu_V0, tmp, size, 1);
6632 tcg_gen_shli_i64(cpu_V0, cpu_V0, 8 << size);
6633 neon_store_reg64(cpu_V0, rd + pass);
6634 }
6635 break;
6636 case NEON_2RM_VCVT_F16_F32:
6637 if (!arm_dc_feature(s, ARM_FEATURE_VFP_FP16) ||
6638 q || (rm & 1)) {
6639 return 1;
6640 }
6641 tmp = tcg_temp_new_i32();
6642 tmp2 = tcg_temp_new_i32();
6643 tcg_gen_ld_f32(cpu_F0s, cpu_env, neon_reg_offset(rm, 0));
6644 gen_helper_neon_fcvt_f32_to_f16(tmp, cpu_F0s, cpu_env);
6645 tcg_gen_ld_f32(cpu_F0s, cpu_env, neon_reg_offset(rm, 1));
6646 gen_helper_neon_fcvt_f32_to_f16(tmp2, cpu_F0s, cpu_env);
6647 tcg_gen_shli_i32(tmp2, tmp2, 16);
6648 tcg_gen_or_i32(tmp2, tmp2, tmp);
6649 tcg_gen_ld_f32(cpu_F0s, cpu_env, neon_reg_offset(rm, 2));
6650 gen_helper_neon_fcvt_f32_to_f16(tmp, cpu_F0s, cpu_env);
6651 tcg_gen_ld_f32(cpu_F0s, cpu_env, neon_reg_offset(rm, 3));
6652 neon_store_reg(rd, 0, tmp2);
6653 tmp2 = tcg_temp_new_i32();
6654 gen_helper_neon_fcvt_f32_to_f16(tmp2, cpu_F0s, cpu_env);
6655 tcg_gen_shli_i32(tmp2, tmp2, 16);
6656 tcg_gen_or_i32(tmp2, tmp2, tmp);
6657 neon_store_reg(rd, 1, tmp2);
6658 tcg_temp_free_i32(tmp);
6659 break;
6660 case NEON_2RM_VCVT_F32_F16:
6661 if (!arm_dc_feature(s, ARM_FEATURE_VFP_FP16) ||
6662 q || (rd & 1)) {
6663 return 1;
6664 }
6665 tmp3 = tcg_temp_new_i32();
6666 tmp = neon_load_reg(rm, 0);
6667 tmp2 = neon_load_reg(rm, 1);
6668 tcg_gen_ext16u_i32(tmp3, tmp);
6669 gen_helper_neon_fcvt_f16_to_f32(cpu_F0s, tmp3, cpu_env);
6670 tcg_gen_st_f32(cpu_F0s, cpu_env, neon_reg_offset(rd, 0));
6671 tcg_gen_shri_i32(tmp3, tmp, 16);
6672 gen_helper_neon_fcvt_f16_to_f32(cpu_F0s, tmp3, cpu_env);
6673 tcg_gen_st_f32(cpu_F0s, cpu_env, neon_reg_offset(rd, 1));
6674 tcg_temp_free_i32(tmp);
6675 tcg_gen_ext16u_i32(tmp3, tmp2);
6676 gen_helper_neon_fcvt_f16_to_f32(cpu_F0s, tmp3, cpu_env);
6677 tcg_gen_st_f32(cpu_F0s, cpu_env, neon_reg_offset(rd, 2));
6678 tcg_gen_shri_i32(tmp3, tmp2, 16);
6679 gen_helper_neon_fcvt_f16_to_f32(cpu_F0s, tmp3, cpu_env);
6680 tcg_gen_st_f32(cpu_F0s, cpu_env, neon_reg_offset(rd, 3));
6681 tcg_temp_free_i32(tmp2);
6682 tcg_temp_free_i32(tmp3);
6683 break;
6684 case NEON_2RM_AESE: case NEON_2RM_AESMC:
6685 if (!arm_dc_feature(s, ARM_FEATURE_V8_AES)
6686 || ((rm | rd) & 1)) {
6687 return 1;
6688 }
6689 tmp = tcg_const_i32(rd);
6690 tmp2 = tcg_const_i32(rm);
6691
6692 /* Bit 6 is the lowest opcode bit; it distinguishes between
6693 * encryption (AESE/AESMC) and decryption (AESD/AESIMC)
6694 */
6695 tmp3 = tcg_const_i32(extract32(insn, 6, 1));
6696
6697 if (op == NEON_2RM_AESE) {
6698 gen_helper_crypto_aese(cpu_env, tmp, tmp2, tmp3);
6699 } else {
6700 gen_helper_crypto_aesmc(cpu_env, tmp, tmp2, tmp3);
6701 }
6702 tcg_temp_free_i32(tmp);
6703 tcg_temp_free_i32(tmp2);
6704 tcg_temp_free_i32(tmp3);
6705 break;
6706 case NEON_2RM_SHA1H:
6707 if (!arm_dc_feature(s, ARM_FEATURE_V8_SHA1)
6708 || ((rm | rd) & 1)) {
6709 return 1;
6710 }
6711 tmp = tcg_const_i32(rd);
6712 tmp2 = tcg_const_i32(rm);
6713
6714 gen_helper_crypto_sha1h(cpu_env, tmp, tmp2);
6715
6716 tcg_temp_free_i32(tmp);
6717 tcg_temp_free_i32(tmp2);
6718 break;
6719 case NEON_2RM_SHA1SU1:
6720 if ((rm | rd) & 1) {
6721 return 1;
6722 }
6723 /* bit 6 (q): set -> SHA256SU0, cleared -> SHA1SU1 */
6724 if (q) {
6725 if (!arm_dc_feature(s, ARM_FEATURE_V8_SHA256)) {
6726 return 1;
6727 }
6728 } else if (!arm_dc_feature(s, ARM_FEATURE_V8_SHA1)) {
6729 return 1;
6730 }
6731 tmp = tcg_const_i32(rd);
6732 tmp2 = tcg_const_i32(rm);
6733 if (q) {
6734 gen_helper_crypto_sha256su0(cpu_env, tmp, tmp2);
6735 } else {
6736 gen_helper_crypto_sha1su1(cpu_env, tmp, tmp2);
6737 }
6738 tcg_temp_free_i32(tmp);
6739 tcg_temp_free_i32(tmp2);
6740 break;
6741 default:
6742 elementwise:
6743 for (pass = 0; pass < (q ? 4 : 2); pass++) {
6744 if (neon_2rm_is_float_op(op)) {
6745 tcg_gen_ld_f32(cpu_F0s, cpu_env,
6746 neon_reg_offset(rm, pass));
6747 TCGV_UNUSED_I32(tmp);
6748 } else {
6749 tmp = neon_load_reg(rm, pass);
6750 }
6751 switch (op) {
6752 case NEON_2RM_VREV32:
6753 switch (size) {
6754 case 0: tcg_gen_bswap32_i32(tmp, tmp); break;
6755 case 1: gen_swap_half(tmp); break;
6756 default: abort();
6757 }
6758 break;
6759 case NEON_2RM_VREV16:
6760 gen_rev16(tmp);
6761 break;
6762 case NEON_2RM_VCLS:
6763 switch (size) {
6764 case 0: gen_helper_neon_cls_s8(tmp, tmp); break;
6765 case 1: gen_helper_neon_cls_s16(tmp, tmp); break;
6766 case 2: gen_helper_neon_cls_s32(tmp, tmp); break;
6767 default: abort();
6768 }
6769 break;
6770 case NEON_2RM_VCLZ:
6771 switch (size) {
6772 case 0: gen_helper_neon_clz_u8(tmp, tmp); break;
6773 case 1: gen_helper_neon_clz_u16(tmp, tmp); break;
6774 case 2: gen_helper_clz(tmp, tmp); break;
6775 default: abort();
6776 }
6777 break;
6778 case NEON_2RM_VCNT:
6779 gen_helper_neon_cnt_u8(tmp, tmp);
6780 break;
6781 case NEON_2RM_VMVN:
6782 tcg_gen_not_i32(tmp, tmp);
6783 break;
6784 case NEON_2RM_VQABS:
6785 switch (size) {
6786 case 0:
6787 gen_helper_neon_qabs_s8(tmp, cpu_env, tmp);
6788 break;
6789 case 1:
6790 gen_helper_neon_qabs_s16(tmp, cpu_env, tmp);
6791 break;
6792 case 2:
6793 gen_helper_neon_qabs_s32(tmp, cpu_env, tmp);
6794 break;
6795 default: abort();
6796 }
6797 break;
6798 case NEON_2RM_VQNEG:
6799 switch (size) {
6800 case 0:
6801 gen_helper_neon_qneg_s8(tmp, cpu_env, tmp);
6802 break;
6803 case 1:
6804 gen_helper_neon_qneg_s16(tmp, cpu_env, tmp);
6805 break;
6806 case 2:
6807 gen_helper_neon_qneg_s32(tmp, cpu_env, tmp);
6808 break;
6809 default: abort();
6810 }
6811 break;
6812 case NEON_2RM_VCGT0: case NEON_2RM_VCLE0:
6813 tmp2 = tcg_const_i32(0);
6814 switch(size) {
6815 case 0: gen_helper_neon_cgt_s8(tmp, tmp, tmp2); break;
6816 case 1: gen_helper_neon_cgt_s16(tmp, tmp, tmp2); break;
6817 case 2: gen_helper_neon_cgt_s32(tmp, tmp, tmp2); break;
6818 default: abort();
6819 }
6820 tcg_temp_free_i32(tmp2);
6821 if (op == NEON_2RM_VCLE0) {
6822 tcg_gen_not_i32(tmp, tmp);
6823 }
6824 break;
6825 case NEON_2RM_VCGE0: case NEON_2RM_VCLT0:
6826 tmp2 = tcg_const_i32(0);
6827 switch(size) {
6828 case 0: gen_helper_neon_cge_s8(tmp, tmp, tmp2); break;
6829 case 1: gen_helper_neon_cge_s16(tmp, tmp, tmp2); break;
6830 case 2: gen_helper_neon_cge_s32(tmp, tmp, tmp2); break;
6831 default: abort();
6832 }
6833 tcg_temp_free_i32(tmp2);
6834 if (op == NEON_2RM_VCLT0) {
6835 tcg_gen_not_i32(tmp, tmp);
6836 }
6837 break;
6838 case NEON_2RM_VCEQ0:
6839 tmp2 = tcg_const_i32(0);
6840 switch(size) {
6841 case 0: gen_helper_neon_ceq_u8(tmp, tmp, tmp2); break;
6842 case 1: gen_helper_neon_ceq_u16(tmp, tmp, tmp2); break;
6843 case 2: gen_helper_neon_ceq_u32(tmp, tmp, tmp2); break;
6844 default: abort();
6845 }
6846 tcg_temp_free_i32(tmp2);
6847 break;
6848 case NEON_2RM_VABS:
6849 switch(size) {
6850 case 0: gen_helper_neon_abs_s8(tmp, tmp); break;
6851 case 1: gen_helper_neon_abs_s16(tmp, tmp); break;
6852 case 2: tcg_gen_abs_i32(tmp, tmp); break;
6853 default: abort();
6854 }
6855 break;
6856 case NEON_2RM_VNEG:
6857 tmp2 = tcg_const_i32(0);
6858 gen_neon_rsb(size, tmp, tmp2);
6859 tcg_temp_free_i32(tmp2);
6860 break;
6861 case NEON_2RM_VCGT0_F:
6862 {
6863 TCGv_ptr fpstatus = get_fpstatus_ptr(1);
6864 tmp2 = tcg_const_i32(0);
6865 gen_helper_neon_cgt_f32(tmp, tmp, tmp2, fpstatus);
6866 tcg_temp_free_i32(tmp2);
6867 tcg_temp_free_ptr(fpstatus);
6868 break;
6869 }
6870 case NEON_2RM_VCGE0_F:
6871 {
6872 TCGv_ptr fpstatus = get_fpstatus_ptr(1);
6873 tmp2 = tcg_const_i32(0);
6874 gen_helper_neon_cge_f32(tmp, tmp, tmp2, fpstatus);
6875 tcg_temp_free_i32(tmp2);
6876 tcg_temp_free_ptr(fpstatus);
6877 break;
6878 }
6879 case NEON_2RM_VCEQ0_F:
6880 {
6881 TCGv_ptr fpstatus = get_fpstatus_ptr(1);
6882 tmp2 = tcg_const_i32(0);
6883 gen_helper_neon_ceq_f32(tmp, tmp, tmp2, fpstatus);
6884 tcg_temp_free_i32(tmp2);
6885 tcg_temp_free_ptr(fpstatus);
6886 break;
6887 }
6888 case NEON_2RM_VCLE0_F:
6889 {
6890 TCGv_ptr fpstatus = get_fpstatus_ptr(1);
6891 tmp2 = tcg_const_i32(0);
6892 gen_helper_neon_cge_f32(tmp, tmp2, tmp, fpstatus);
6893 tcg_temp_free_i32(tmp2);
6894 tcg_temp_free_ptr(fpstatus);
6895 break;
6896 }
6897 case NEON_2RM_VCLT0_F:
6898 {
6899 TCGv_ptr fpstatus = get_fpstatus_ptr(1);
6900 tmp2 = tcg_const_i32(0);
6901 gen_helper_neon_cgt_f32(tmp, tmp2, tmp, fpstatus);
6902 tcg_temp_free_i32(tmp2);
6903 tcg_temp_free_ptr(fpstatus);
6904 break;
6905 }
6906 case NEON_2RM_VABS_F:
6907 gen_vfp_abs(0);
6908 break;
6909 case NEON_2RM_VNEG_F:
6910 gen_vfp_neg(0);
6911 break;
6912 case NEON_2RM_VSWP:
6913 tmp2 = neon_load_reg(rd, pass);
6914 neon_store_reg(rm, pass, tmp2);
6915 break;
6916 case NEON_2RM_VTRN:
6917 tmp2 = neon_load_reg(rd, pass);
6918 switch (size) {
6919 case 0: gen_neon_trn_u8(tmp, tmp2); break;
6920 case 1: gen_neon_trn_u16(tmp, tmp2); break;
6921 default: abort();
6922 }
6923 neon_store_reg(rm, pass, tmp2);
6924 break;
6925 case NEON_2RM_VRINTN:
6926 case NEON_2RM_VRINTA:
6927 case NEON_2RM_VRINTM:
6928 case NEON_2RM_VRINTP:
6929 case NEON_2RM_VRINTZ:
6930 {
6931 TCGv_i32 tcg_rmode;
6932 TCGv_ptr fpstatus = get_fpstatus_ptr(1);
6933 int rmode;
6934
6935 if (op == NEON_2RM_VRINTZ) {
6936 rmode = FPROUNDING_ZERO;
6937 } else {
6938 rmode = fp_decode_rm[((op & 0x6) >> 1) ^ 1];
6939 }
6940
6941 tcg_rmode = tcg_const_i32(arm_rmode_to_sf(rmode));
6942 gen_helper_set_neon_rmode(tcg_rmode, tcg_rmode,
6943 cpu_env);
6944 gen_helper_rints(cpu_F0s, cpu_F0s, fpstatus);
6945 gen_helper_set_neon_rmode(tcg_rmode, tcg_rmode,
6946 cpu_env);
6947 tcg_temp_free_ptr(fpstatus);
6948 tcg_temp_free_i32(tcg_rmode);
6949 break;
6950 }
6951 case NEON_2RM_VRINTX:
6952 {
6953 TCGv_ptr fpstatus = get_fpstatus_ptr(1);
6954 gen_helper_rints_exact(cpu_F0s, cpu_F0s, fpstatus);
6955 tcg_temp_free_ptr(fpstatus);
6956 break;
6957 }
6958 case NEON_2RM_VCVTAU:
6959 case NEON_2RM_VCVTAS:
6960 case NEON_2RM_VCVTNU:
6961 case NEON_2RM_VCVTNS:
6962 case NEON_2RM_VCVTPU:
6963 case NEON_2RM_VCVTPS:
6964 case NEON_2RM_VCVTMU:
6965 case NEON_2RM_VCVTMS:
6966 {
6967 bool is_signed = !extract32(insn, 7, 1);
6968 TCGv_ptr fpst = get_fpstatus_ptr(1);
6969 TCGv_i32 tcg_rmode, tcg_shift;
6970 int rmode = fp_decode_rm[extract32(insn, 8, 2)];
6971
6972 tcg_shift = tcg_const_i32(0);
6973 tcg_rmode = tcg_const_i32(arm_rmode_to_sf(rmode));
6974 gen_helper_set_neon_rmode(tcg_rmode, tcg_rmode,
6975 cpu_env);
6976
6977 if (is_signed) {
6978 gen_helper_vfp_tosls(cpu_F0s, cpu_F0s,
6979 tcg_shift, fpst);
6980 } else {
6981 gen_helper_vfp_touls(cpu_F0s, cpu_F0s,
6982 tcg_shift, fpst);
6983 }
6984
6985 gen_helper_set_neon_rmode(tcg_rmode, tcg_rmode,
6986 cpu_env);
6987 tcg_temp_free_i32(tcg_rmode);
6988 tcg_temp_free_i32(tcg_shift);
6989 tcg_temp_free_ptr(fpst);
6990 break;
6991 }
6992 case NEON_2RM_VRECPE:
6993 {
6994 TCGv_ptr fpstatus = get_fpstatus_ptr(1);
6995 gen_helper_recpe_u32(tmp, tmp, fpstatus);
6996 tcg_temp_free_ptr(fpstatus);
6997 break;
6998 }
6999 case NEON_2RM_VRSQRTE:
7000 {
7001 TCGv_ptr fpstatus = get_fpstatus_ptr(1);
7002 gen_helper_rsqrte_u32(tmp, tmp, fpstatus);
7003 tcg_temp_free_ptr(fpstatus);
7004 break;
7005 }
7006 case NEON_2RM_VRECPE_F:
7007 {
7008 TCGv_ptr fpstatus = get_fpstatus_ptr(1);
7009 gen_helper_recpe_f32(cpu_F0s, cpu_F0s, fpstatus);
7010 tcg_temp_free_ptr(fpstatus);
7011 break;
7012 }
7013 case NEON_2RM_VRSQRTE_F:
7014 {
7015 TCGv_ptr fpstatus = get_fpstatus_ptr(1);
7016 gen_helper_rsqrte_f32(cpu_F0s, cpu_F0s, fpstatus);
7017 tcg_temp_free_ptr(fpstatus);
7018 break;
7019 }
7020 case NEON_2RM_VCVT_FS: /* VCVT.F32.S32 */
7021 gen_vfp_sito(0, 1);
7022 break;
7023 case NEON_2RM_VCVT_FU: /* VCVT.F32.U32 */
7024 gen_vfp_uito(0, 1);
7025 break;
7026 case NEON_2RM_VCVT_SF: /* VCVT.S32.F32 */
7027 gen_vfp_tosiz(0, 1);
7028 break;
7029 case NEON_2RM_VCVT_UF: /* VCVT.U32.F32 */
7030 gen_vfp_touiz(0, 1);
7031 break;
7032 default:
7033 /* Reserved op values were caught by the
7034 * neon_2rm_sizes[] check earlier.
7035 */
7036 abort();
7037 }
7038 if (neon_2rm_is_float_op(op)) {
7039 tcg_gen_st_f32(cpu_F0s, cpu_env,
7040 neon_reg_offset(rd, pass));
7041 } else {
7042 neon_store_reg(rd, pass, tmp);
7043 }
7044 }
7045 break;
7046 }
7047 } else if ((insn & (1 << 10)) == 0) {
7048 /* VTBL, VTBX. */
7049 int n = ((insn >> 8) & 3) + 1;
7050 if ((rn + n) > 32) {
7051 /* This is UNPREDICTABLE; we choose to UNDEF to avoid the
7052 * helper function running off the end of the register file.
7053 */
7054 return 1;
7055 }
7056 n <<= 3;
7057 if (insn & (1 << 6)) {
7058 tmp = neon_load_reg(rd, 0);
7059 } else {
7060 tmp = tcg_temp_new_i32();
7061 tcg_gen_movi_i32(tmp, 0);
7062 }
7063 tmp2 = neon_load_reg(rm, 0);
7064 tmp4 = tcg_const_i32(rn);
7065 tmp5 = tcg_const_i32(n);
7066 gen_helper_neon_tbl(tmp2, cpu_env, tmp2, tmp, tmp4, tmp5);
7067 tcg_temp_free_i32(tmp);
7068 if (insn & (1 << 6)) {
7069 tmp = neon_load_reg(rd, 1);
7070 } else {
7071 tmp = tcg_temp_new_i32();
7072 tcg_gen_movi_i32(tmp, 0);
7073 }
7074 tmp3 = neon_load_reg(rm, 1);
7075 gen_helper_neon_tbl(tmp3, cpu_env, tmp3, tmp, tmp4, tmp5);
7076 tcg_temp_free_i32(tmp5);
7077 tcg_temp_free_i32(tmp4);
7078 neon_store_reg(rd, 0, tmp2);
7079 neon_store_reg(rd, 1, tmp3);
7080 tcg_temp_free_i32(tmp);
7081 } else if ((insn & 0x380) == 0) {
7082 /* VDUP */
7083 if ((insn & (7 << 16)) == 0 || (q && (rd & 1))) {
7084 return 1;
7085 }
7086 if (insn & (1 << 19)) {
7087 tmp = neon_load_reg(rm, 1);
7088 } else {
7089 tmp = neon_load_reg(rm, 0);
7090 }
7091 if (insn & (1 << 16)) {
7092 gen_neon_dup_u8(tmp, ((insn >> 17) & 3) * 8);
7093 } else if (insn & (1 << 17)) {
7094 if ((insn >> 18) & 1)
7095 gen_neon_dup_high16(tmp);
7096 else
7097 gen_neon_dup_low16(tmp);
7098 }
7099 for (pass = 0; pass < (q ? 4 : 2); pass++) {
7100 tmp2 = tcg_temp_new_i32();
7101 tcg_gen_mov_i32(tmp2, tmp);
7102 neon_store_reg(rd, pass, tmp2);
7103 }
7104 tcg_temp_free_i32(tmp);
7105 } else {
7106 return 1;
7107 }
7108 }
7109 }
7110 return 0;
7111 }
7112
7113 static int disas_coproc_insn(DisasContext *s, uint32_t insn)
7114 {
7115 int cpnum, is64, crn, crm, opc1, opc2, isread, rt, rt2;
7116 const ARMCPRegInfo *ri;
7117
7118 cpnum = (insn >> 8) & 0xf;
7119
7120 /* First check for coprocessor space used for XScale/iwMMXt insns */
7121 if (arm_dc_feature(s, ARM_FEATURE_XSCALE) && (cpnum < 2)) {
7122 if (extract32(s->c15_cpar, cpnum, 1) == 0) {
7123 return 1;
7124 }
7125 if (arm_dc_feature(s, ARM_FEATURE_IWMMXT)) {
7126 return disas_iwmmxt_insn(s, insn);
7127 } else if (arm_dc_feature(s, ARM_FEATURE_XSCALE)) {
7128 return disas_dsp_insn(s, insn);
7129 }
7130 return 1;
7131 }
7132
7133 /* Otherwise treat as a generic register access */
7134 is64 = (insn & (1 << 25)) == 0;
7135 if (!is64 && ((insn & (1 << 4)) == 0)) {
7136 /* cdp */
7137 return 1;
7138 }
7139
7140 crm = insn & 0xf;
7141 if (is64) {
7142 crn = 0;
7143 opc1 = (insn >> 4) & 0xf;
7144 opc2 = 0;
7145 rt2 = (insn >> 16) & 0xf;
7146 } else {
7147 crn = (insn >> 16) & 0xf;
7148 opc1 = (insn >> 21) & 7;
7149 opc2 = (insn >> 5) & 7;
7150 rt2 = 0;
7151 }
7152 isread = (insn >> 20) & 1;
7153 rt = (insn >> 12) & 0xf;
7154
7155 ri = get_arm_cp_reginfo(s->cp_regs,
7156 ENCODE_CP_REG(cpnum, is64, s->ns, crn, crm, opc1, opc2));
7157 if (ri) {
7158 /* Check access permissions */
7159 if (!cp_access_ok(s->current_el, ri, isread)) {
7160 return 1;
7161 }
7162
7163 if (ri->accessfn ||
7164 (arm_dc_feature(s, ARM_FEATURE_XSCALE) && cpnum < 14)) {
7165 /* Emit code to perform further access permissions checks at
7166 * runtime; this may result in an exception.
7167 * Note that on XScale all cp0..c13 registers do an access check
7168 * call in order to handle c15_cpar.
7169 */
7170 TCGv_ptr tmpptr;
7171 TCGv_i32 tcg_syn;
7172 uint32_t syndrome;
7173
7174 /* Note that since we are an implementation which takes an
7175 * exception on a trapped conditional instruction only if the
7176 * instruction passes its condition code check, we can take
7177 * advantage of the clause in the ARM ARM that allows us to set
7178 * the COND field in the instruction to 0xE in all cases.
7179 * We could fish the actual condition out of the insn (ARM)
7180 * or the condexec bits (Thumb) but it isn't necessary.
7181 */
7182 switch (cpnum) {
7183 case 14:
7184 if (is64) {
7185 syndrome = syn_cp14_rrt_trap(1, 0xe, opc1, crm, rt, rt2,
7186 isread, s->thumb);
7187 } else {
7188 syndrome = syn_cp14_rt_trap(1, 0xe, opc1, opc2, crn, crm,
7189 rt, isread, s->thumb);
7190 }
7191 break;
7192 case 15:
7193 if (is64) {
7194 syndrome = syn_cp15_rrt_trap(1, 0xe, opc1, crm, rt, rt2,
7195 isread, s->thumb);
7196 } else {
7197 syndrome = syn_cp15_rt_trap(1, 0xe, opc1, opc2, crn, crm,
7198 rt, isread, s->thumb);
7199 }
7200 break;
7201 default:
7202 /* ARMv8 defines that only coprocessors 14 and 15 exist,
7203 * so this can only happen if this is an ARMv7 or earlier CPU,
7204 * in which case the syndrome information won't actually be
7205 * guest visible.
7206 */
7207 assert(!arm_dc_feature(s, ARM_FEATURE_V8));
7208 syndrome = syn_uncategorized();
7209 break;
7210 }
7211
7212 gen_set_condexec(s);
7213 gen_set_pc_im(s, s->pc - 4);
7214 tmpptr = tcg_const_ptr(ri);
7215 tcg_syn = tcg_const_i32(syndrome);
7216 gen_helper_access_check_cp_reg(cpu_env, tmpptr, tcg_syn);
7217 tcg_temp_free_ptr(tmpptr);
7218 tcg_temp_free_i32(tcg_syn);
7219 }
7220
7221 /* Handle special cases first */
7222 switch (ri->type & ~(ARM_CP_FLAG_MASK & ~ARM_CP_SPECIAL)) {
7223 case ARM_CP_NOP:
7224 return 0;
7225 case ARM_CP_WFI:
7226 if (isread) {
7227 return 1;
7228 }
7229 gen_set_pc_im(s, s->pc);
7230 s->is_jmp = DISAS_WFI;
7231 return 0;
7232 default:
7233 break;
7234 }
7235
7236 if ((s->tb->cflags & CF_USE_ICOUNT) && (ri->type & ARM_CP_IO)) {
7237 gen_io_start();
7238 }
7239
7240 if (isread) {
7241 /* Read */
7242 if (is64) {
7243 TCGv_i64 tmp64;
7244 TCGv_i32 tmp;
7245 if (ri->type & ARM_CP_CONST) {
7246 tmp64 = tcg_const_i64(ri->resetvalue);
7247 } else if (ri->readfn) {
7248 TCGv_ptr tmpptr;
7249 tmp64 = tcg_temp_new_i64();
7250 tmpptr = tcg_const_ptr(ri);
7251 gen_helper_get_cp_reg64(tmp64, cpu_env, tmpptr);
7252 tcg_temp_free_ptr(tmpptr);
7253 } else {
7254 tmp64 = tcg_temp_new_i64();
7255 tcg_gen_ld_i64(tmp64, cpu_env, ri->fieldoffset);
7256 }
7257 tmp = tcg_temp_new_i32();
7258 tcg_gen_extrl_i64_i32(tmp, tmp64);
7259 store_reg(s, rt, tmp);
7260 tcg_gen_shri_i64(tmp64, tmp64, 32);
7261 tmp = tcg_temp_new_i32();
7262 tcg_gen_extrl_i64_i32(tmp, tmp64);
7263 tcg_temp_free_i64(tmp64);
7264 store_reg(s, rt2, tmp);
7265 } else {
7266 TCGv_i32 tmp;
7267 if (ri->type & ARM_CP_CONST) {
7268 tmp = tcg_const_i32(ri->resetvalue);
7269 } else if (ri->readfn) {
7270 TCGv_ptr tmpptr;
7271 tmp = tcg_temp_new_i32();
7272 tmpptr = tcg_const_ptr(ri);
7273 gen_helper_get_cp_reg(tmp, cpu_env, tmpptr);
7274 tcg_temp_free_ptr(tmpptr);
7275 } else {
7276 tmp = load_cpu_offset(ri->fieldoffset);
7277 }
7278 if (rt == 15) {
7279 /* Destination register of r15 for 32 bit loads sets
7280 * the condition codes from the high 4 bits of the value
7281 */
7282 gen_set_nzcv(tmp);
7283 tcg_temp_free_i32(tmp);
7284 } else {
7285 store_reg(s, rt, tmp);
7286 }
7287 }
7288 } else {
7289 /* Write */
7290 if (ri->type & ARM_CP_CONST) {
7291 /* If not forbidden by access permissions, treat as WI */
7292 return 0;
7293 }
7294
7295 if (is64) {
7296 TCGv_i32 tmplo, tmphi;
7297 TCGv_i64 tmp64 = tcg_temp_new_i64();
7298 tmplo = load_reg(s, rt);
7299 tmphi = load_reg(s, rt2);
7300 tcg_gen_concat_i32_i64(tmp64, tmplo, tmphi);
7301 tcg_temp_free_i32(tmplo);
7302 tcg_temp_free_i32(tmphi);
7303 if (ri->writefn) {
7304 TCGv_ptr tmpptr = tcg_const_ptr(ri);
7305 gen_helper_set_cp_reg64(cpu_env, tmpptr, tmp64);
7306 tcg_temp_free_ptr(tmpptr);
7307 } else {
7308 tcg_gen_st_i64(tmp64, cpu_env, ri->fieldoffset);
7309 }
7310 tcg_temp_free_i64(tmp64);
7311 } else {
7312 if (ri->writefn) {
7313 TCGv_i32 tmp;
7314 TCGv_ptr tmpptr;
7315 tmp = load_reg(s, rt);
7316 tmpptr = tcg_const_ptr(ri);
7317 gen_helper_set_cp_reg(cpu_env, tmpptr, tmp);
7318 tcg_temp_free_ptr(tmpptr);
7319 tcg_temp_free_i32(tmp);
7320 } else {
7321 TCGv_i32 tmp = load_reg(s, rt);
7322 store_cpu_offset(tmp, ri->fieldoffset);
7323 }
7324 }
7325 }
7326
7327 if ((s->tb->cflags & CF_USE_ICOUNT) && (ri->type & ARM_CP_IO)) {
7328 /* I/O operations must end the TB here (whether read or write) */
7329 gen_io_end();
7330 gen_lookup_tb(s);
7331 } else if (!isread && !(ri->type & ARM_CP_SUPPRESS_TB_END)) {
7332 /* We default to ending the TB on a coprocessor register write,
7333 * but allow this to be suppressed by the register definition
7334 * (usually only necessary to work around guest bugs).
7335 */
7336 gen_lookup_tb(s);
7337 }
7338
7339 return 0;
7340 }
7341
7342 /* Unknown register; this might be a guest error or a QEMU
7343 * unimplemented feature.
7344 */
7345 if (is64) {
7346 qemu_log_mask(LOG_UNIMP, "%s access to unsupported AArch32 "
7347 "64 bit system register cp:%d opc1: %d crm:%d "
7348 "(%s)\n",
7349 isread ? "read" : "write", cpnum, opc1, crm,
7350 s->ns ? "non-secure" : "secure");
7351 } else {
7352 qemu_log_mask(LOG_UNIMP, "%s access to unsupported AArch32 "
7353 "system register cp:%d opc1:%d crn:%d crm:%d opc2:%d "
7354 "(%s)\n",
7355 isread ? "read" : "write", cpnum, opc1, crn, crm, opc2,
7356 s->ns ? "non-secure" : "secure");
7357 }
7358
7359 return 1;
7360 }
7361
7362
7363 /* Store a 64-bit value to a register pair. Clobbers val. */
7364 static void gen_storeq_reg(DisasContext *s, int rlow, int rhigh, TCGv_i64 val)
7365 {
7366 TCGv_i32 tmp;
7367 tmp = tcg_temp_new_i32();
7368 tcg_gen_extrl_i64_i32(tmp, val);
7369 store_reg(s, rlow, tmp);
7370 tmp = tcg_temp_new_i32();
7371 tcg_gen_shri_i64(val, val, 32);
7372 tcg_gen_extrl_i64_i32(tmp, val);
7373 store_reg(s, rhigh, tmp);
7374 }
7375
7376 /* load a 32-bit value from a register and perform a 64-bit accumulate. */
7377 static void gen_addq_lo(DisasContext *s, TCGv_i64 val, int rlow)
7378 {
7379 TCGv_i64 tmp;
7380 TCGv_i32 tmp2;
7381
7382 /* Load value and extend to 64 bits. */
7383 tmp = tcg_temp_new_i64();
7384 tmp2 = load_reg(s, rlow);
7385 tcg_gen_extu_i32_i64(tmp, tmp2);
7386 tcg_temp_free_i32(tmp2);
7387 tcg_gen_add_i64(val, val, tmp);
7388 tcg_temp_free_i64(tmp);
7389 }
7390
7391 /* load and add a 64-bit value from a register pair. */
7392 static void gen_addq(DisasContext *s, TCGv_i64 val, int rlow, int rhigh)
7393 {
7394 TCGv_i64 tmp;
7395 TCGv_i32 tmpl;
7396 TCGv_i32 tmph;
7397
7398 /* Load 64-bit value rd:rn. */
7399 tmpl = load_reg(s, rlow);
7400 tmph = load_reg(s, rhigh);
7401 tmp = tcg_temp_new_i64();
7402 tcg_gen_concat_i32_i64(tmp, tmpl, tmph);
7403 tcg_temp_free_i32(tmpl);
7404 tcg_temp_free_i32(tmph);
7405 tcg_gen_add_i64(val, val, tmp);
7406 tcg_temp_free_i64(tmp);
7407 }
7408
7409 /* Set N and Z flags from hi|lo. */
7410 static void gen_logicq_cc(TCGv_i32 lo, TCGv_i32 hi)
7411 {
7412 tcg_gen_mov_i32(cpu_NF, hi);
7413 tcg_gen_or_i32(cpu_ZF, lo, hi);
7414 }
7415
7416 /* Load/Store exclusive instructions are implemented by remembering
7417 the value/address loaded, and seeing if these are the same
7418 when the store is performed. This should be sufficient to implement
7419 the architecturally mandated semantics, and avoids having to monitor
7420 regular stores.
7421
7422 In system emulation mode only one CPU will be running at once, so
7423 this sequence is effectively atomic. In user emulation mode we
7424 throw an exception and handle the atomic operation elsewhere. */
7425 static void gen_load_exclusive(DisasContext *s, int rt, int rt2,
7426 TCGv_i32 addr, int size)
7427 {
7428 TCGv_i32 tmp = tcg_temp_new_i32();
7429
7430 s->is_ldex = true;
7431
7432 switch (size) {
7433 case 0:
7434 gen_aa32_ld8u(tmp, addr, get_mem_index(s));
7435 break;
7436 case 1:
7437 gen_aa32_ld16ua(tmp, addr, get_mem_index(s));
7438 break;
7439 case 2:
7440 case 3:
7441 gen_aa32_ld32ua(tmp, addr, get_mem_index(s));
7442 break;
7443 default:
7444 abort();
7445 }
7446
7447 if (size == 3) {
7448 TCGv_i32 tmp2 = tcg_temp_new_i32();
7449 TCGv_i32 tmp3 = tcg_temp_new_i32();
7450
7451 tcg_gen_addi_i32(tmp2, addr, 4);
7452 gen_aa32_ld32u(tmp3, tmp2, get_mem_index(s));
7453 tcg_temp_free_i32(tmp2);
7454 tcg_gen_concat_i32_i64(cpu_exclusive_val, tmp, tmp3);
7455 store_reg(s, rt2, tmp3);
7456 } else {
7457 tcg_gen_extu_i32_i64(cpu_exclusive_val, tmp);
7458 }
7459
7460 store_reg(s, rt, tmp);
7461 tcg_gen_extu_i32_i64(cpu_exclusive_addr, addr);
7462 }
7463
7464 static void gen_clrex(DisasContext *s)
7465 {
7466 tcg_gen_movi_i64(cpu_exclusive_addr, -1);
7467 }
7468
7469 #ifdef CONFIG_USER_ONLY
7470 static void gen_store_exclusive(DisasContext *s, int rd, int rt, int rt2,
7471 TCGv_i32 addr, int size)
7472 {
7473 tcg_gen_extu_i32_i64(cpu_exclusive_test, addr);
7474 tcg_gen_movi_i32(cpu_exclusive_info,
7475 size | (rd << 4) | (rt << 8) | (rt2 << 12));
7476 gen_exception_internal_insn(s, 4, EXCP_STREX);
7477 }
7478 #else
7479 static void gen_store_exclusive(DisasContext *s, int rd, int rt, int rt2,
7480 TCGv_i32 addr, int size)
7481 {
7482 TCGv_i32 tmp;
7483 TCGv_i64 val64, extaddr;
7484 TCGLabel *done_label;
7485 TCGLabel *fail_label;
7486
7487 /* if (env->exclusive_addr == addr && env->exclusive_val == [addr]) {
7488 [addr] = {Rt};
7489 {Rd} = 0;
7490 } else {
7491 {Rd} = 1;
7492 } */
7493 fail_label = gen_new_label();
7494 done_label = gen_new_label();
7495 extaddr = tcg_temp_new_i64();
7496 tcg_gen_extu_i32_i64(extaddr, addr);
7497 tcg_gen_brcond_i64(TCG_COND_NE, extaddr, cpu_exclusive_addr, fail_label);
7498 tcg_temp_free_i64(extaddr);
7499
7500 tmp = tcg_temp_new_i32();
7501 switch (size) {
7502 case 0:
7503 gen_aa32_ld8u(tmp, addr, get_mem_index(s));
7504 break;
7505 case 1:
7506 gen_aa32_ld16u(tmp, addr, get_mem_index(s));
7507 break;
7508 case 2:
7509 case 3:
7510 gen_aa32_ld32u(tmp, addr, get_mem_index(s));
7511 break;
7512 default:
7513 abort();
7514 }
7515
7516 val64 = tcg_temp_new_i64();
7517 if (size == 3) {
7518 TCGv_i32 tmp2 = tcg_temp_new_i32();
7519 TCGv_i32 tmp3 = tcg_temp_new_i32();
7520 tcg_gen_addi_i32(tmp2, addr, 4);
7521 gen_aa32_ld32u(tmp3, tmp2, get_mem_index(s));
7522 tcg_temp_free_i32(tmp2);
7523 tcg_gen_concat_i32_i64(val64, tmp, tmp3);
7524 tcg_temp_free_i32(tmp3);
7525 } else {
7526 tcg_gen_extu_i32_i64(val64, tmp);
7527 }
7528 tcg_temp_free_i32(tmp);
7529
7530 tcg_gen_brcond_i64(TCG_COND_NE, val64, cpu_exclusive_val, fail_label);
7531 tcg_temp_free_i64(val64);
7532
7533 tmp = load_reg(s, rt);
7534 switch (size) {
7535 case 0:
7536 gen_aa32_st8(tmp, addr, get_mem_index(s));
7537 break;
7538 case 1:
7539 gen_aa32_st16(tmp, addr, get_mem_index(s));
7540 break;
7541 case 2:
7542 case 3:
7543 gen_aa32_st32(tmp, addr, get_mem_index(s));
7544 break;
7545 default:
7546 abort();
7547 }
7548 tcg_temp_free_i32(tmp);
7549 if (size == 3) {
7550 tcg_gen_addi_i32(addr, addr, 4);
7551 tmp = load_reg(s, rt2);
7552 gen_aa32_st32(tmp, addr, get_mem_index(s));
7553 tcg_temp_free_i32(tmp);
7554 }
7555 tcg_gen_movi_i32(cpu_R[rd], 0);
7556 tcg_gen_br(done_label);
7557 gen_set_label(fail_label);
7558 tcg_gen_movi_i32(cpu_R[rd], 1);
7559 gen_set_label(done_label);
7560 tcg_gen_movi_i64(cpu_exclusive_addr, -1);
7561 }
7562 #endif
7563
7564 /* gen_srs:
7565 * @env: CPUARMState
7566 * @s: DisasContext
7567 * @mode: mode field from insn (which stack to store to)
7568 * @amode: addressing mode (DA/IA/DB/IB), encoded as per P,U bits in ARM insn
7569 * @writeback: true if writeback bit set
7570 *
7571 * Generate code for the SRS (Store Return State) insn.
7572 */
7573 static void gen_srs(DisasContext *s,
7574 uint32_t mode, uint32_t amode, bool writeback)
7575 {
7576 int32_t offset;
7577 TCGv_i32 addr = tcg_temp_new_i32();
7578 TCGv_i32 tmp = tcg_const_i32(mode);
7579 gen_helper_get_r13_banked(addr, cpu_env, tmp);
7580 tcg_temp_free_i32(tmp);
7581 switch (amode) {
7582 case 0: /* DA */
7583 offset = -4;
7584 break;
7585 case 1: /* IA */
7586 offset = 0;
7587 break;
7588 case 2: /* DB */
7589 offset = -8;
7590 break;
7591 case 3: /* IB */
7592 offset = 4;
7593 break;
7594 default:
7595 abort();
7596 }
7597 tcg_gen_addi_i32(addr, addr, offset);
7598 tmp = load_reg(s, 14);
7599 gen_aa32_st32(tmp, addr, get_mem_index(s));
7600 tcg_temp_free_i32(tmp);
7601 tmp = load_cpu_field(spsr);
7602 tcg_gen_addi_i32(addr, addr, 4);
7603 gen_aa32_st32(tmp, addr, get_mem_index(s));
7604 tcg_temp_free_i32(tmp);
7605 if (writeback) {
7606 switch (amode) {
7607 case 0:
7608 offset = -8;
7609 break;
7610 case 1:
7611 offset = 4;
7612 break;
7613 case 2:
7614 offset = -4;
7615 break;
7616 case 3:
7617 offset = 0;
7618 break;
7619 default:
7620 abort();
7621 }
7622 tcg_gen_addi_i32(addr, addr, offset);
7623 tmp = tcg_const_i32(mode);
7624 gen_helper_set_r13_banked(cpu_env, tmp, addr);
7625 tcg_temp_free_i32(tmp);
7626 }
7627 tcg_temp_free_i32(addr);
7628 }
7629
7630 static void disas_arm_insn(DisasContext *s, unsigned int insn)
7631 {
7632 unsigned int cond, val, op1, i, shift, rm, rs, rn, rd, sh;
7633 TCGv_i32 tmp;
7634 TCGv_i32 tmp2;
7635 TCGv_i32 tmp3;
7636 TCGv_i32 addr;
7637 TCGv_i64 tmp64;
7638
7639 /* M variants do not implement ARM mode. */
7640 if (arm_dc_feature(s, ARM_FEATURE_M)) {
7641 goto illegal_op;
7642 }
7643 cond = insn >> 28;
7644 if (cond == 0xf){
7645 /* In ARMv3 and v4 the NV condition is UNPREDICTABLE; we
7646 * choose to UNDEF. In ARMv5 and above the space is used
7647 * for miscellaneous unconditional instructions.
7648 */
7649 ARCH(5);
7650
7651 /* Unconditional instructions. */
7652 if (((insn >> 25) & 7) == 1) {
7653 /* NEON Data processing. */
7654 if (!arm_dc_feature(s, ARM_FEATURE_NEON)) {
7655 goto illegal_op;
7656 }
7657
7658 if (disas_neon_data_insn(s, insn)) {
7659 goto illegal_op;
7660 }
7661 return;
7662 }
7663 if ((insn & 0x0f100000) == 0x04000000) {
7664 /* NEON load/store. */
7665 if (!arm_dc_feature(s, ARM_FEATURE_NEON)) {
7666 goto illegal_op;
7667 }
7668
7669 if (disas_neon_ls_insn(s, insn)) {
7670 goto illegal_op;
7671 }
7672 return;
7673 }
7674 if ((insn & 0x0f000e10) == 0x0e000a00) {
7675 /* VFP. */
7676 if (disas_vfp_insn(s, insn)) {
7677 goto illegal_op;
7678 }
7679 return;
7680 }
7681 if (((insn & 0x0f30f000) == 0x0510f000) ||
7682 ((insn & 0x0f30f010) == 0x0710f000)) {
7683 if ((insn & (1 << 22)) == 0) {
7684 /* PLDW; v7MP */
7685 if (!arm_dc_feature(s, ARM_FEATURE_V7MP)) {
7686 goto illegal_op;
7687 }
7688 }
7689 /* Otherwise PLD; v5TE+ */
7690 ARCH(5TE);
7691 return;
7692 }
7693 if (((insn & 0x0f70f000) == 0x0450f000) ||
7694 ((insn & 0x0f70f010) == 0x0650f000)) {
7695 ARCH(7);
7696 return; /* PLI; V7 */
7697 }
7698 if (((insn & 0x0f700000) == 0x04100000) ||
7699 ((insn & 0x0f700010) == 0x06100000)) {
7700 if (!arm_dc_feature(s, ARM_FEATURE_V7MP)) {
7701 goto illegal_op;
7702 }
7703 return; /* v7MP: Unallocated memory hint: must NOP */
7704 }
7705
7706 if ((insn & 0x0ffffdff) == 0x01010000) {
7707 ARCH(6);
7708 /* setend */
7709 if (((insn >> 9) & 1) != s->bswap_code) {
7710 /* Dynamic endianness switching not implemented. */
7711 qemu_log_mask(LOG_UNIMP, "arm: unimplemented setend\n");
7712 goto illegal_op;
7713 }
7714 return;
7715 } else if ((insn & 0x0fffff00) == 0x057ff000) {
7716 switch ((insn >> 4) & 0xf) {
7717 case 1: /* clrex */
7718 ARCH(6K);
7719 gen_clrex(s);
7720 return;
7721 case 4: /* dsb */
7722 case 5: /* dmb */
7723 ARCH(7);
7724 /* We don't emulate caches so these are a no-op. */
7725 return;
7726 case 6: /* isb */
7727 /* We need to break the TB after this insn to execute
7728 * self-modifying code correctly and also to take
7729 * any pending interrupts immediately.
7730 */
7731 gen_lookup_tb(s);
7732 return;
7733 default:
7734 goto illegal_op;
7735 }
7736 } else if ((insn & 0x0e5fffe0) == 0x084d0500) {
7737 /* srs */
7738 if (IS_USER(s)) {
7739 goto illegal_op;
7740 }
7741 ARCH(6);
7742 gen_srs(s, (insn & 0x1f), (insn >> 23) & 3, insn & (1 << 21));
7743 return;
7744 } else if ((insn & 0x0e50ffe0) == 0x08100a00) {
7745 /* rfe */
7746 int32_t offset;
7747 if (IS_USER(s))
7748 goto illegal_op;
7749 ARCH(6);
7750 rn = (insn >> 16) & 0xf;
7751 addr = load_reg(s, rn);
7752 i = (insn >> 23) & 3;
7753 switch (i) {
7754 case 0: offset = -4; break; /* DA */
7755 case 1: offset = 0; break; /* IA */
7756 case 2: offset = -8; break; /* DB */
7757 case 3: offset = 4; break; /* IB */
7758 default: abort();
7759 }
7760 if (offset)
7761 tcg_gen_addi_i32(addr, addr, offset);
7762 /* Load PC into tmp and CPSR into tmp2. */
7763 tmp = tcg_temp_new_i32();
7764 gen_aa32_ld32u(tmp, addr, get_mem_index(s));
7765 tcg_gen_addi_i32(addr, addr, 4);
7766 tmp2 = tcg_temp_new_i32();
7767 gen_aa32_ld32u(tmp2, addr, get_mem_index(s));
7768 if (insn & (1 << 21)) {
7769 /* Base writeback. */
7770 switch (i) {
7771 case 0: offset = -8; break;
7772 case 1: offset = 4; break;
7773 case 2: offset = -4; break;
7774 case 3: offset = 0; break;
7775 default: abort();
7776 }
7777 if (offset)
7778 tcg_gen_addi_i32(addr, addr, offset);
7779 store_reg(s, rn, addr);
7780 } else {
7781 tcg_temp_free_i32(addr);
7782 }
7783 gen_rfe(s, tmp, tmp2);
7784 return;
7785 } else if ((insn & 0x0e000000) == 0x0a000000) {
7786 /* branch link and change to thumb (blx <offset>) */
7787 int32_t offset;
7788
7789 val = (uint32_t)s->pc;
7790 tmp = tcg_temp_new_i32();
7791 tcg_gen_movi_i32(tmp, val);
7792 store_reg(s, 14, tmp);
7793 /* Sign-extend the 24-bit offset */
7794 offset = (((int32_t)insn) << 8) >> 8;
7795 /* offset * 4 + bit24 * 2 + (thumb bit) */
7796 val += (offset << 2) | ((insn >> 23) & 2) | 1;
7797 /* pipeline offset */
7798 val += 4;
7799 /* protected by ARCH(5); above, near the start of uncond block */
7800 gen_bx_im(s, val);
7801 return;
7802 } else if ((insn & 0x0e000f00) == 0x0c000100) {
7803 if (arm_dc_feature(s, ARM_FEATURE_IWMMXT)) {
7804 /* iWMMXt register transfer. */
7805 if (extract32(s->c15_cpar, 1, 1)) {
7806 if (!disas_iwmmxt_insn(s, insn)) {
7807 return;
7808 }
7809 }
7810 }
7811 } else if ((insn & 0x0fe00000) == 0x0c400000) {
7812 /* Coprocessor double register transfer. */
7813 ARCH(5TE);
7814 } else if ((insn & 0x0f000010) == 0x0e000010) {
7815 /* Additional coprocessor register transfer. */
7816 } else if ((insn & 0x0ff10020) == 0x01000000) {
7817 uint32_t mask;
7818 uint32_t val;
7819 /* cps (privileged) */
7820 if (IS_USER(s))
7821 return;
7822 mask = val = 0;
7823 if (insn & (1 << 19)) {
7824 if (insn & (1 << 8))
7825 mask |= CPSR_A;
7826 if (insn & (1 << 7))
7827 mask |= CPSR_I;
7828 if (insn & (1 << 6))
7829 mask |= CPSR_F;
7830 if (insn & (1 << 18))
7831 val |= mask;
7832 }
7833 if (insn & (1 << 17)) {
7834 mask |= CPSR_M;
7835 val |= (insn & 0x1f);
7836 }
7837 if (mask) {
7838 gen_set_psr_im(s, mask, 0, val);
7839 }
7840 return;
7841 }
7842 goto illegal_op;
7843 }
7844 if (cond != 0xe) {
7845 /* if not always execute, we generate a conditional jump to
7846 next instruction */
7847 s->condlabel = gen_new_label();
7848 arm_gen_test_cc(cond ^ 1, s->condlabel);
7849 s->condjmp = 1;
7850 }
7851 if ((insn & 0x0f900000) == 0x03000000) {
7852 if ((insn & (1 << 21)) == 0) {
7853 ARCH(6T2);
7854 rd = (insn >> 12) & 0xf;
7855 val = ((insn >> 4) & 0xf000) | (insn & 0xfff);
7856 if ((insn & (1 << 22)) == 0) {
7857 /* MOVW */
7858 tmp = tcg_temp_new_i32();
7859 tcg_gen_movi_i32(tmp, val);
7860 } else {
7861 /* MOVT */
7862 tmp = load_reg(s, rd);
7863 tcg_gen_ext16u_i32(tmp, tmp);
7864 tcg_gen_ori_i32(tmp, tmp, val << 16);
7865 }
7866 store_reg(s, rd, tmp);
7867 } else {
7868 if (((insn >> 12) & 0xf) != 0xf)
7869 goto illegal_op;
7870 if (((insn >> 16) & 0xf) == 0) {
7871 gen_nop_hint(s, insn & 0xff);
7872 } else {
7873 /* CPSR = immediate */
7874 val = insn & 0xff;
7875 shift = ((insn >> 8) & 0xf) * 2;
7876 if (shift)
7877 val = (val >> shift) | (val << (32 - shift));
7878 i = ((insn & (1 << 22)) != 0);
7879 if (gen_set_psr_im(s, msr_mask(s, (insn >> 16) & 0xf, i),
7880 i, val)) {
7881 goto illegal_op;
7882 }
7883 }
7884 }
7885 } else if ((insn & 0x0f900000) == 0x01000000
7886 && (insn & 0x00000090) != 0x00000090) {
7887 /* miscellaneous instructions */
7888 op1 = (insn >> 21) & 3;
7889 sh = (insn >> 4) & 0xf;
7890 rm = insn & 0xf;
7891 switch (sh) {
7892 case 0x0: /* move program status register */
7893 if (op1 & 1) {
7894 /* PSR = reg */
7895 tmp = load_reg(s, rm);
7896 i = ((op1 & 2) != 0);
7897 if (gen_set_psr(s, msr_mask(s, (insn >> 16) & 0xf, i), i, tmp))
7898 goto illegal_op;
7899 } else {
7900 /* reg = PSR */
7901 rd = (insn >> 12) & 0xf;
7902 if (op1 & 2) {
7903 if (IS_USER(s))
7904 goto illegal_op;
7905 tmp = load_cpu_field(spsr);
7906 } else {
7907 tmp = tcg_temp_new_i32();
7908 gen_helper_cpsr_read(tmp, cpu_env);
7909 }
7910 store_reg(s, rd, tmp);
7911 }
7912 break;
7913 case 0x1:
7914 if (op1 == 1) {
7915 /* branch/exchange thumb (bx). */
7916 ARCH(4T);
7917 tmp = load_reg(s, rm);
7918 gen_bx(s, tmp);
7919 } else if (op1 == 3) {
7920 /* clz */
7921 ARCH(5);
7922 rd = (insn >> 12) & 0xf;
7923 tmp = load_reg(s, rm);
7924 gen_helper_clz(tmp, tmp);
7925 store_reg(s, rd, tmp);
7926 } else {
7927 goto illegal_op;
7928 }
7929 break;
7930 case 0x2:
7931 if (op1 == 1) {
7932 ARCH(5J); /* bxj */
7933 /* Trivial implementation equivalent to bx. */
7934 tmp = load_reg(s, rm);
7935 gen_bx(s, tmp);
7936 } else {
7937 goto illegal_op;
7938 }
7939 break;
7940 case 0x3:
7941 if (op1 != 1)
7942 goto illegal_op;
7943
7944 ARCH(5);
7945 /* branch link/exchange thumb (blx) */
7946 tmp = load_reg(s, rm);
7947 tmp2 = tcg_temp_new_i32();
7948 tcg_gen_movi_i32(tmp2, s->pc);
7949 store_reg(s, 14, tmp2);
7950 gen_bx(s, tmp);
7951 break;
7952 case 0x4:
7953 {
7954 /* crc32/crc32c */
7955 uint32_t c = extract32(insn, 8, 4);
7956
7957 /* Check this CPU supports ARMv8 CRC instructions.
7958 * op1 == 3 is UNPREDICTABLE but handle as UNDEFINED.
7959 * Bits 8, 10 and 11 should be zero.
7960 */
7961 if (!arm_dc_feature(s, ARM_FEATURE_CRC) || op1 == 0x3 ||
7962 (c & 0xd) != 0) {
7963 goto illegal_op;
7964 }
7965
7966 rn = extract32(insn, 16, 4);
7967 rd = extract32(insn, 12, 4);
7968
7969 tmp = load_reg(s, rn);
7970 tmp2 = load_reg(s, rm);
7971 if (op1 == 0) {
7972 tcg_gen_andi_i32(tmp2, tmp2, 0xff);
7973 } else if (op1 == 1) {
7974 tcg_gen_andi_i32(tmp2, tmp2, 0xffff);
7975 }
7976 tmp3 = tcg_const_i32(1 << op1);
7977 if (c & 0x2) {
7978 gen_helper_crc32c(tmp, tmp, tmp2, tmp3);
7979 } else {
7980 gen_helper_crc32(tmp, tmp, tmp2, tmp3);
7981 }
7982 tcg_temp_free_i32(tmp2);
7983 tcg_temp_free_i32(tmp3);
7984 store_reg(s, rd, tmp);
7985 break;
7986 }
7987 case 0x5: /* saturating add/subtract */
7988 ARCH(5TE);
7989 rd = (insn >> 12) & 0xf;
7990 rn = (insn >> 16) & 0xf;
7991 tmp = load_reg(s, rm);
7992 tmp2 = load_reg(s, rn);
7993 if (op1 & 2)
7994 gen_helper_double_saturate(tmp2, cpu_env, tmp2);
7995 if (op1 & 1)
7996 gen_helper_sub_saturate(tmp, cpu_env, tmp, tmp2);
7997 else
7998 gen_helper_add_saturate(tmp, cpu_env, tmp, tmp2);
7999 tcg_temp_free_i32(tmp2);
8000 store_reg(s, rd, tmp);
8001 break;
8002 case 7:
8003 {
8004 int imm16 = extract32(insn, 0, 4) | (extract32(insn, 8, 12) << 4);
8005 switch (op1) {
8006 case 1:
8007 /* bkpt */
8008 ARCH(5);
8009 gen_exception_insn(s, 4, EXCP_BKPT,
8010 syn_aa32_bkpt(imm16, false),
8011 default_exception_el(s));
8012 break;
8013 case 2:
8014 /* Hypervisor call (v7) */
8015 ARCH(7);
8016 if (IS_USER(s)) {
8017 goto illegal_op;
8018 }
8019 gen_hvc(s, imm16);
8020 break;
8021 case 3:
8022 /* Secure monitor call (v6+) */
8023 ARCH(6K);
8024 if (IS_USER(s)) {
8025 goto illegal_op;
8026 }
8027 gen_smc(s);
8028 break;
8029 default:
8030 goto illegal_op;
8031 }
8032 break;
8033 }
8034 case 0x8: /* signed multiply */
8035 case 0xa:
8036 case 0xc:
8037 case 0xe:
8038 ARCH(5TE);
8039 rs = (insn >> 8) & 0xf;
8040 rn = (insn >> 12) & 0xf;
8041 rd = (insn >> 16) & 0xf;
8042 if (op1 == 1) {
8043 /* (32 * 16) >> 16 */
8044 tmp = load_reg(s, rm);
8045 tmp2 = load_reg(s, rs);
8046 if (sh & 4)
8047 tcg_gen_sari_i32(tmp2, tmp2, 16);
8048 else
8049 gen_sxth(tmp2);
8050 tmp64 = gen_muls_i64_i32(tmp, tmp2);
8051 tcg_gen_shri_i64(tmp64, tmp64, 16);
8052 tmp = tcg_temp_new_i32();
8053 tcg_gen_extrl_i64_i32(tmp, tmp64);
8054 tcg_temp_free_i64(tmp64);
8055 if ((sh & 2) == 0) {
8056 tmp2 = load_reg(s, rn);
8057 gen_helper_add_setq(tmp, cpu_env, tmp, tmp2);
8058 tcg_temp_free_i32(tmp2);
8059 }
8060 store_reg(s, rd, tmp);
8061 } else {
8062 /* 16 * 16 */
8063 tmp = load_reg(s, rm);
8064 tmp2 = load_reg(s, rs);
8065 gen_mulxy(tmp, tmp2, sh & 2, sh & 4);
8066 tcg_temp_free_i32(tmp2);
8067 if (op1 == 2) {
8068 tmp64 = tcg_temp_new_i64();
8069 tcg_gen_ext_i32_i64(tmp64, tmp);
8070 tcg_temp_free_i32(tmp);
8071 gen_addq(s, tmp64, rn, rd);
8072 gen_storeq_reg(s, rn, rd, tmp64);
8073 tcg_temp_free_i64(tmp64);
8074 } else {
8075 if (op1 == 0) {
8076 tmp2 = load_reg(s, rn);
8077 gen_helper_add_setq(tmp, cpu_env, tmp, tmp2);
8078 tcg_temp_free_i32(tmp2);
8079 }
8080 store_reg(s, rd, tmp);
8081 }
8082 }
8083 break;
8084 default:
8085 goto illegal_op;
8086 }
8087 } else if (((insn & 0x0e000000) == 0 &&
8088 (insn & 0x00000090) != 0x90) ||
8089 ((insn & 0x0e000000) == (1 << 25))) {
8090 int set_cc, logic_cc, shiftop;
8091
8092 op1 = (insn >> 21) & 0xf;
8093 set_cc = (insn >> 20) & 1;
8094 logic_cc = table_logic_cc[op1] & set_cc;
8095
8096 /* data processing instruction */
8097 if (insn & (1 << 25)) {
8098 /* immediate operand */
8099 val = insn & 0xff;
8100 shift = ((insn >> 8) & 0xf) * 2;
8101 if (shift) {
8102 val = (val >> shift) | (val << (32 - shift));
8103 }
8104 tmp2 = tcg_temp_new_i32();
8105 tcg_gen_movi_i32(tmp2, val);
8106 if (logic_cc && shift) {
8107 gen_set_CF_bit31(tmp2);
8108 }
8109 } else {
8110 /* register */
8111 rm = (insn) & 0xf;
8112 tmp2 = load_reg(s, rm);
8113 shiftop = (insn >> 5) & 3;
8114 if (!(insn & (1 << 4))) {
8115 shift = (insn >> 7) & 0x1f;
8116 gen_arm_shift_im(tmp2, shiftop, shift, logic_cc);
8117 } else {
8118 rs = (insn >> 8) & 0xf;
8119 tmp = load_reg(s, rs);
8120 gen_arm_shift_reg(tmp2, shiftop, tmp, logic_cc);
8121 }
8122 }
8123 if (op1 != 0x0f && op1 != 0x0d) {
8124 rn = (insn >> 16) & 0xf;
8125 tmp = load_reg(s, rn);
8126 } else {
8127 TCGV_UNUSED_I32(tmp);
8128 }
8129 rd = (insn >> 12) & 0xf;
8130 switch(op1) {
8131 case 0x00:
8132 tcg_gen_and_i32(tmp, tmp, tmp2);
8133 if (logic_cc) {
8134 gen_logic_CC(tmp);
8135 }
8136 store_reg_bx(s, rd, tmp);
8137 break;
8138 case 0x01:
8139 tcg_gen_xor_i32(tmp, tmp, tmp2);
8140 if (logic_cc) {
8141 gen_logic_CC(tmp);
8142 }
8143 store_reg_bx(s, rd, tmp);
8144 break;
8145 case 0x02:
8146 if (set_cc && rd == 15) {
8147 /* SUBS r15, ... is used for exception return. */
8148 if (IS_USER(s)) {
8149 goto illegal_op;
8150 }
8151 gen_sub_CC(tmp, tmp, tmp2);
8152 gen_exception_return(s, tmp);
8153 } else {
8154 if (set_cc) {
8155 gen_sub_CC(tmp, tmp, tmp2);
8156 } else {
8157 tcg_gen_sub_i32(tmp, tmp, tmp2);
8158 }
8159 store_reg_bx(s, rd, tmp);
8160 }
8161 break;
8162 case 0x03:
8163 if (set_cc) {
8164 gen_sub_CC(tmp, tmp2, tmp);
8165 } else {
8166 tcg_gen_sub_i32(tmp, tmp2, tmp);
8167 }
8168 store_reg_bx(s, rd, tmp);
8169 break;
8170 case 0x04:
8171 if (set_cc) {
8172 gen_add_CC(tmp, tmp, tmp2);
8173 } else {
8174 tcg_gen_add_i32(tmp, tmp, tmp2);
8175 }
8176 store_reg_bx(s, rd, tmp);
8177 break;
8178 case 0x05:
8179 if (set_cc) {
8180 gen_adc_CC(tmp, tmp, tmp2);
8181 } else {
8182 gen_add_carry(tmp, tmp, tmp2);
8183 }
8184 store_reg_bx(s, rd, tmp);
8185 break;
8186 case 0x06:
8187 if (set_cc) {
8188 gen_sbc_CC(tmp, tmp, tmp2);
8189 } else {
8190 gen_sub_carry(tmp, tmp, tmp2);
8191 }
8192 store_reg_bx(s, rd, tmp);
8193 break;
8194 case 0x07:
8195 if (set_cc) {
8196 gen_sbc_CC(tmp, tmp2, tmp);
8197 } else {
8198 gen_sub_carry(tmp, tmp2, tmp);
8199 }
8200 store_reg_bx(s, rd, tmp);
8201 break;
8202 case 0x08:
8203 if (set_cc) {
8204 tcg_gen_and_i32(tmp, tmp, tmp2);
8205 gen_logic_CC(tmp);
8206 }
8207 tcg_temp_free_i32(tmp);
8208 break;
8209 case 0x09:
8210 if (set_cc) {
8211 tcg_gen_xor_i32(tmp, tmp, tmp2);
8212 gen_logic_CC(tmp);
8213 }
8214 tcg_temp_free_i32(tmp);
8215 break;
8216 case 0x0a:
8217 if (set_cc) {
8218 gen_sub_CC(tmp, tmp, tmp2);
8219 }
8220 tcg_temp_free_i32(tmp);
8221 break;
8222 case 0x0b:
8223 if (set_cc) {
8224 gen_add_CC(tmp, tmp, tmp2);
8225 }
8226 tcg_temp_free_i32(tmp);
8227 break;
8228 case 0x0c:
8229 tcg_gen_or_i32(tmp, tmp, tmp2);
8230 if (logic_cc) {
8231 gen_logic_CC(tmp);
8232 }
8233 store_reg_bx(s, rd, tmp);
8234 break;
8235 case 0x0d:
8236 if (logic_cc && rd == 15) {
8237 /* MOVS r15, ... is used for exception return. */
8238 if (IS_USER(s)) {
8239 goto illegal_op;
8240 }
8241 gen_exception_return(s, tmp2);
8242 } else {
8243 if (logic_cc) {
8244 gen_logic_CC(tmp2);
8245 }
8246 store_reg_bx(s, rd, tmp2);
8247 }
8248 break;
8249 case 0x0e:
8250 tcg_gen_andc_i32(tmp, tmp, tmp2);
8251 if (logic_cc) {
8252 gen_logic_CC(tmp);
8253 }
8254 store_reg_bx(s, rd, tmp);
8255 break;
8256 default:
8257 case 0x0f:
8258 tcg_gen_not_i32(tmp2, tmp2);
8259 if (logic_cc) {
8260 gen_logic_CC(tmp2);
8261 }
8262 store_reg_bx(s, rd, tmp2);
8263 break;
8264 }
8265 if (op1 != 0x0f && op1 != 0x0d) {
8266 tcg_temp_free_i32(tmp2);
8267 }
8268 } else {
8269 /* other instructions */
8270 op1 = (insn >> 24) & 0xf;
8271 switch(op1) {
8272 case 0x0:
8273 case 0x1:
8274 /* multiplies, extra load/stores */
8275 sh = (insn >> 5) & 3;
8276 if (sh == 0) {
8277 if (op1 == 0x0) {
8278 rd = (insn >> 16) & 0xf;
8279 rn = (insn >> 12) & 0xf;
8280 rs = (insn >> 8) & 0xf;
8281 rm = (insn) & 0xf;
8282 op1 = (insn >> 20) & 0xf;
8283 switch (op1) {
8284 case 0: case 1: case 2: case 3: case 6:
8285 /* 32 bit mul */
8286 tmp = load_reg(s, rs);
8287 tmp2 = load_reg(s, rm);
8288 tcg_gen_mul_i32(tmp, tmp, tmp2);
8289 tcg_temp_free_i32(tmp2);
8290 if (insn & (1 << 22)) {
8291 /* Subtract (mls) */
8292 ARCH(6T2);
8293 tmp2 = load_reg(s, rn);
8294 tcg_gen_sub_i32(tmp, tmp2, tmp);
8295 tcg_temp_free_i32(tmp2);
8296 } else if (insn & (1 << 21)) {
8297 /* Add */
8298 tmp2 = load_reg(s, rn);
8299 tcg_gen_add_i32(tmp, tmp, tmp2);
8300 tcg_temp_free_i32(tmp2);
8301 }
8302 if (insn & (1 << 20))
8303 gen_logic_CC(tmp);
8304 store_reg(s, rd, tmp);
8305 break;
8306 case 4:
8307 /* 64 bit mul double accumulate (UMAAL) */
8308 ARCH(6);
8309 tmp = load_reg(s, rs);
8310 tmp2 = load_reg(s, rm);
8311 tmp64 = gen_mulu_i64_i32(tmp, tmp2);
8312 gen_addq_lo(s, tmp64, rn);
8313 gen_addq_lo(s, tmp64, rd);
8314 gen_storeq_reg(s, rn, rd, tmp64);
8315 tcg_temp_free_i64(tmp64);
8316 break;
8317 case 8: case 9: case 10: case 11:
8318 case 12: case 13: case 14: case 15:
8319 /* 64 bit mul: UMULL, UMLAL, SMULL, SMLAL. */
8320 tmp = load_reg(s, rs);
8321 tmp2 = load_reg(s, rm);
8322 if (insn & (1 << 22)) {
8323 tcg_gen_muls2_i32(tmp, tmp2, tmp, tmp2);
8324 } else {
8325 tcg_gen_mulu2_i32(tmp, tmp2, tmp, tmp2);
8326 }
8327 if (insn & (1 << 21)) { /* mult accumulate */
8328 TCGv_i32 al = load_reg(s, rn);
8329 TCGv_i32 ah = load_reg(s, rd);
8330 tcg_gen_add2_i32(tmp, tmp2, tmp, tmp2, al, ah);
8331 tcg_temp_free_i32(al);
8332 tcg_temp_free_i32(ah);
8333 }
8334 if (insn & (1 << 20)) {
8335 gen_logicq_cc(tmp, tmp2);
8336 }
8337 store_reg(s, rn, tmp);
8338 store_reg(s, rd, tmp2);
8339 break;
8340 default:
8341 goto illegal_op;
8342 }
8343 } else {
8344 rn = (insn >> 16) & 0xf;
8345 rd = (insn >> 12) & 0xf;
8346 if (insn & (1 << 23)) {
8347 /* load/store exclusive */
8348 int op2 = (insn >> 8) & 3;
8349 op1 = (insn >> 21) & 0x3;
8350
8351 switch (op2) {
8352 case 0: /* lda/stl */
8353 if (op1 == 1) {
8354 goto illegal_op;
8355 }
8356 ARCH(8);
8357 break;
8358 case 1: /* reserved */
8359 goto illegal_op;
8360 case 2: /* ldaex/stlex */
8361 ARCH(8);
8362 break;
8363 case 3: /* ldrex/strex */
8364 if (op1) {
8365 ARCH(6K);
8366 } else {
8367 ARCH(6);
8368 }
8369 break;
8370 }
8371
8372 addr = tcg_temp_local_new_i32();
8373 load_reg_var(s, addr, rn);
8374
8375 /* Since the emulation does not have barriers,
8376 the acquire/release semantics need no special
8377 handling */
8378 if (op2 == 0) {
8379 if (insn & (1 << 20)) {
8380 tmp = tcg_temp_new_i32();
8381 switch (op1) {
8382 case 0: /* lda */
8383 gen_aa32_ld32u(tmp, addr, get_mem_index(s));
8384 break;
8385 case 2: /* ldab */
8386 gen_aa32_ld8u(tmp, addr, get_mem_index(s));
8387 break;
8388 case 3: /* ldah */
8389 gen_aa32_ld16u(tmp, addr, get_mem_index(s));
8390 break;
8391 default:
8392 abort();
8393 }
8394 store_reg(s, rd, tmp);
8395 } else {
8396 rm = insn & 0xf;
8397 tmp = load_reg(s, rm);
8398 switch (op1) {
8399 case 0: /* stl */
8400 gen_aa32_st32(tmp, addr, get_mem_index(s));
8401 break;
8402 case 2: /* stlb */
8403 gen_aa32_st8(tmp, addr, get_mem_index(s));
8404 break;
8405 case 3: /* stlh */
8406 gen_aa32_st16(tmp, addr, get_mem_index(s));
8407 break;
8408 default:
8409 abort();
8410 }
8411 tcg_temp_free_i32(tmp);
8412 }
8413 } else if (insn & (1 << 20)) {
8414 switch (op1) {
8415 case 0: /* ldrex */
8416 gen_load_exclusive(s, rd, 15, addr, 2);
8417 break;
8418 case 1: /* ldrexd */
8419 gen_load_exclusive(s, rd, rd + 1, addr, 3);
8420 break;
8421 case 2: /* ldrexb */
8422 gen_load_exclusive(s, rd, 15, addr, 0);
8423 break;
8424 case 3: /* ldrexh */
8425 gen_load_exclusive(s, rd, 15, addr, 1);
8426 break;
8427 default:
8428 abort();
8429 }
8430 } else {
8431 rm = insn & 0xf;
8432 switch (op1) {
8433 case 0: /* strex */
8434 gen_store_exclusive(s, rd, rm, 15, addr, 2);
8435 break;
8436 case 1: /* strexd */
8437 gen_store_exclusive(s, rd, rm, rm + 1, addr, 3);
8438 break;
8439 case 2: /* strexb */
8440 gen_store_exclusive(s, rd, rm, 15, addr, 0);
8441 break;
8442 case 3: /* strexh */
8443 gen_store_exclusive(s, rd, rm, 15, addr, 1);
8444 break;
8445 default:
8446 abort();
8447 }
8448 }
8449 tcg_temp_free_i32(addr);
8450 } else {
8451 /* SWP instruction */
8452 rm = (insn) & 0xf;
8453
8454 /* ??? This is not really atomic. However we know
8455 we never have multiple CPUs running in parallel,
8456 so it is good enough. */
8457 addr = load_reg(s, rn);
8458 tmp = load_reg(s, rm);
8459 tmp2 = tcg_temp_new_i32();
8460 if (insn & (1 << 22)) {
8461 gen_aa32_ld8u(tmp2, addr, get_mem_index(s));
8462 gen_aa32_st8(tmp, addr, get_mem_index(s));
8463 } else {
8464 gen_aa32_ld32u(tmp2, addr, get_mem_index(s));
8465 gen_aa32_st32(tmp, addr, get_mem_index(s));
8466 }
8467 tcg_temp_free_i32(tmp);
8468 tcg_temp_free_i32(addr);
8469 store_reg(s, rd, tmp2);
8470 }
8471 }
8472 } else {
8473 int address_offset;
8474 bool load = insn & (1 << 20);
8475 bool doubleword = false;
8476 /* Misc load/store */
8477 rn = (insn >> 16) & 0xf;
8478 rd = (insn >> 12) & 0xf;
8479
8480 if (!load && (sh & 2)) {
8481 /* doubleword */
8482 ARCH(5TE);
8483 if (rd & 1) {
8484 /* UNPREDICTABLE; we choose to UNDEF */
8485 goto illegal_op;
8486 }
8487 load = (sh & 1) == 0;
8488 doubleword = true;
8489 }
8490
8491 addr = load_reg(s, rn);
8492 if (insn & (1 << 24))
8493 gen_add_datah_offset(s, insn, 0, addr);
8494 address_offset = 0;
8495
8496 if (doubleword) {
8497 if (!load) {
8498 /* store */
8499 tmp = load_reg(s, rd);
8500 gen_aa32_st32(tmp, addr, get_mem_index(s));
8501 tcg_temp_free_i32(tmp);
8502 tcg_gen_addi_i32(addr, addr, 4);
8503 tmp = load_reg(s, rd + 1);
8504 gen_aa32_st32(tmp, addr, get_mem_index(s));
8505 tcg_temp_free_i32(tmp);
8506 } else {
8507 /* load */
8508 tmp = tcg_temp_new_i32();
8509 gen_aa32_ld32u(tmp, addr, get_mem_index(s));
8510 store_reg(s, rd, tmp);
8511 tcg_gen_addi_i32(addr, addr, 4);
8512 tmp = tcg_temp_new_i32();
8513 gen_aa32_ld32u(tmp, addr, get_mem_index(s));
8514 rd++;
8515 }
8516 address_offset = -4;
8517 } else if (load) {
8518 /* load */
8519 tmp = tcg_temp_new_i32();
8520 switch (sh) {
8521 case 1:
8522 gen_aa32_ld16u(tmp, addr, get_mem_index(s));
8523 break;
8524 case 2:
8525 gen_aa32_ld8s(tmp, addr, get_mem_index(s));
8526 break;
8527 default:
8528 case 3:
8529 gen_aa32_ld16s(tmp, addr, get_mem_index(s));
8530 break;
8531 }
8532 } else {
8533 /* store */
8534 tmp = load_reg(s, rd);
8535 gen_aa32_st16(tmp, addr, get_mem_index(s));
8536 tcg_temp_free_i32(tmp);
8537 }
8538 /* Perform base writeback before the loaded value to
8539 ensure correct behavior with overlapping index registers.
8540 ldrd with base writeback is undefined if the
8541 destination and index registers overlap. */
8542 if (!(insn & (1 << 24))) {
8543 gen_add_datah_offset(s, insn, address_offset, addr);
8544 store_reg(s, rn, addr);
8545 } else if (insn & (1 << 21)) {
8546 if (address_offset)
8547 tcg_gen_addi_i32(addr, addr, address_offset);
8548 store_reg(s, rn, addr);
8549 } else {
8550 tcg_temp_free_i32(addr);
8551 }
8552 if (load) {
8553 /* Complete the load. */
8554 store_reg(s, rd, tmp);
8555 }
8556 }
8557 break;
8558 case 0x4:
8559 case 0x5:
8560 goto do_ldst;
8561 case 0x6:
8562 case 0x7:
8563 if (insn & (1 << 4)) {
8564 ARCH(6);
8565 /* Armv6 Media instructions. */
8566 rm = insn & 0xf;
8567 rn = (insn >> 16) & 0xf;
8568 rd = (insn >> 12) & 0xf;
8569 rs = (insn >> 8) & 0xf;
8570 switch ((insn >> 23) & 3) {
8571 case 0: /* Parallel add/subtract. */
8572 op1 = (insn >> 20) & 7;
8573 tmp = load_reg(s, rn);
8574 tmp2 = load_reg(s, rm);
8575 sh = (insn >> 5) & 7;
8576 if ((op1 & 3) == 0 || sh == 5 || sh == 6)
8577 goto illegal_op;
8578 gen_arm_parallel_addsub(op1, sh, tmp, tmp2);
8579 tcg_temp_free_i32(tmp2);
8580 store_reg(s, rd, tmp);
8581 break;
8582 case 1:
8583 if ((insn & 0x00700020) == 0) {
8584 /* Halfword pack. */
8585 tmp = load_reg(s, rn);
8586 tmp2 = load_reg(s, rm);
8587 shift = (insn >> 7) & 0x1f;
8588 if (insn & (1 << 6)) {
8589 /* pkhtb */
8590 if (shift == 0)
8591 shift = 31;
8592 tcg_gen_sari_i32(tmp2, tmp2, shift);
8593 tcg_gen_andi_i32(tmp, tmp, 0xffff0000);
8594 tcg_gen_ext16u_i32(tmp2, tmp2);
8595 } else {
8596 /* pkhbt */
8597 if (shift)
8598 tcg_gen_shli_i32(tmp2, tmp2, shift);
8599 tcg_gen_ext16u_i32(tmp, tmp);
8600 tcg_gen_andi_i32(tmp2, tmp2, 0xffff0000);
8601 }
8602 tcg_gen_or_i32(tmp, tmp, tmp2);
8603 tcg_temp_free_i32(tmp2);
8604 store_reg(s, rd, tmp);
8605 } else if ((insn & 0x00200020) == 0x00200000) {
8606 /* [us]sat */
8607 tmp = load_reg(s, rm);
8608 shift = (insn >> 7) & 0x1f;
8609 if (insn & (1 << 6)) {
8610 if (shift == 0)
8611 shift = 31;
8612 tcg_gen_sari_i32(tmp, tmp, shift);
8613 } else {
8614 tcg_gen_shli_i32(tmp, tmp, shift);
8615 }
8616 sh = (insn >> 16) & 0x1f;
8617 tmp2 = tcg_const_i32(sh);
8618 if (insn & (1 << 22))
8619 gen_helper_usat(tmp, cpu_env, tmp, tmp2);
8620 else
8621 gen_helper_ssat(tmp, cpu_env, tmp, tmp2);
8622 tcg_temp_free_i32(tmp2);
8623 store_reg(s, rd, tmp);
8624 } else if ((insn & 0x00300fe0) == 0x00200f20) {
8625 /* [us]sat16 */
8626 tmp = load_reg(s, rm);
8627 sh = (insn >> 16) & 0x1f;
8628 tmp2 = tcg_const_i32(sh);
8629 if (insn & (1 << 22))
8630 gen_helper_usat16(tmp, cpu_env, tmp, tmp2);
8631 else
8632 gen_helper_ssat16(tmp, cpu_env, tmp, tmp2);
8633 tcg_temp_free_i32(tmp2);
8634 store_reg(s, rd, tmp);
8635 } else if ((insn & 0x00700fe0) == 0x00000fa0) {
8636 /* Select bytes. */
8637 tmp = load_reg(s, rn);
8638 tmp2 = load_reg(s, rm);
8639 tmp3 = tcg_temp_new_i32();
8640 tcg_gen_ld_i32(tmp3, cpu_env, offsetof(CPUARMState, GE));
8641 gen_helper_sel_flags(tmp, tmp3, tmp, tmp2);
8642 tcg_temp_free_i32(tmp3);
8643 tcg_temp_free_i32(tmp2);
8644 store_reg(s, rd, tmp);
8645 } else if ((insn & 0x000003e0) == 0x00000060) {
8646 tmp = load_reg(s, rm);
8647 shift = (insn >> 10) & 3;
8648 /* ??? In many cases it's not necessary to do a
8649 rotate, a shift is sufficient. */
8650 if (shift != 0)
8651 tcg_gen_rotri_i32(tmp, tmp, shift * 8);
8652 op1 = (insn >> 20) & 7;
8653 switch (op1) {
8654 case 0: gen_sxtb16(tmp); break;
8655 case 2: gen_sxtb(tmp); break;
8656 case 3: gen_sxth(tmp); break;
8657 case 4: gen_uxtb16(tmp); break;
8658 case 6: gen_uxtb(tmp); break;
8659 case 7: gen_uxth(tmp); break;
8660 default: goto illegal_op;
8661 }
8662 if (rn != 15) {
8663 tmp2 = load_reg(s, rn);
8664 if ((op1 & 3) == 0) {
8665 gen_add16(tmp, tmp2);
8666 } else {
8667 tcg_gen_add_i32(tmp, tmp, tmp2);
8668 tcg_temp_free_i32(tmp2);
8669 }
8670 }
8671 store_reg(s, rd, tmp);
8672 } else if ((insn & 0x003f0f60) == 0x003f0f20) {
8673 /* rev */
8674 tmp = load_reg(s, rm);
8675 if (insn & (1 << 22)) {
8676 if (insn & (1 << 7)) {
8677 gen_revsh(tmp);
8678 } else {
8679 ARCH(6T2);
8680 gen_helper_rbit(tmp, tmp);
8681 }
8682 } else {
8683 if (insn & (1 << 7))
8684 gen_rev16(tmp);
8685 else
8686 tcg_gen_bswap32_i32(tmp, tmp);
8687 }
8688 store_reg(s, rd, tmp);
8689 } else {
8690 goto illegal_op;
8691 }
8692 break;
8693 case 2: /* Multiplies (Type 3). */
8694 switch ((insn >> 20) & 0x7) {
8695 case 5:
8696 if (((insn >> 6) ^ (insn >> 7)) & 1) {
8697 /* op2 not 00x or 11x : UNDEF */
8698 goto illegal_op;
8699 }
8700 /* Signed multiply most significant [accumulate].
8701 (SMMUL, SMMLA, SMMLS) */
8702 tmp = load_reg(s, rm);
8703 tmp2 = load_reg(s, rs);
8704 tmp64 = gen_muls_i64_i32(tmp, tmp2);
8705
8706 if (rd != 15) {
8707 tmp = load_reg(s, rd);
8708 if (insn & (1 << 6)) {
8709 tmp64 = gen_subq_msw(tmp64, tmp);
8710 } else {
8711 tmp64 = gen_addq_msw(tmp64, tmp);
8712 }
8713 }
8714 if (insn & (1 << 5)) {
8715 tcg_gen_addi_i64(tmp64, tmp64, 0x80000000u);
8716 }
8717 tcg_gen_shri_i64(tmp64, tmp64, 32);
8718 tmp = tcg_temp_new_i32();
8719 tcg_gen_extrl_i64_i32(tmp, tmp64);
8720 tcg_temp_free_i64(tmp64);
8721 store_reg(s, rn, tmp);
8722 break;
8723 case 0:
8724 case 4:
8725 /* SMLAD, SMUAD, SMLSD, SMUSD, SMLALD, SMLSLD */
8726 if (insn & (1 << 7)) {
8727 goto illegal_op;
8728 }
8729 tmp = load_reg(s, rm);
8730 tmp2 = load_reg(s, rs);
8731 if (insn & (1 << 5))
8732 gen_swap_half(tmp2);
8733 gen_smul_dual(tmp, tmp2);
8734 if (insn & (1 << 22)) {
8735 /* smlald, smlsld */
8736 TCGv_i64 tmp64_2;
8737
8738 tmp64 = tcg_temp_new_i64();
8739 tmp64_2 = tcg_temp_new_i64();
8740 tcg_gen_ext_i32_i64(tmp64, tmp);
8741 tcg_gen_ext_i32_i64(tmp64_2, tmp2);
8742 tcg_temp_free_i32(tmp);
8743 tcg_temp_free_i32(tmp2);
8744 if (insn & (1 << 6)) {
8745 tcg_gen_sub_i64(tmp64, tmp64, tmp64_2);
8746 } else {
8747 tcg_gen_add_i64(tmp64, tmp64, tmp64_2);
8748 }
8749 tcg_temp_free_i64(tmp64_2);
8750 gen_addq(s, tmp64, rd, rn);
8751 gen_storeq_reg(s, rd, rn, tmp64);
8752 tcg_temp_free_i64(tmp64);
8753 } else {
8754 /* smuad, smusd, smlad, smlsd */
8755 if (insn & (1 << 6)) {
8756 /* This subtraction cannot overflow. */
8757 tcg_gen_sub_i32(tmp, tmp, tmp2);
8758 } else {
8759 /* This addition cannot overflow 32 bits;
8760 * however it may overflow considered as a
8761 * signed operation, in which case we must set
8762 * the Q flag.
8763 */
8764 gen_helper_add_setq(tmp, cpu_env, tmp, tmp2);
8765 }
8766 tcg_temp_free_i32(tmp2);
8767 if (rd != 15)
8768 {
8769 tmp2 = load_reg(s, rd);
8770 gen_helper_add_setq(tmp, cpu_env, tmp, tmp2);
8771 tcg_temp_free_i32(tmp2);
8772 }
8773 store_reg(s, rn, tmp);
8774 }
8775 break;
8776 case 1:
8777 case 3:
8778 /* SDIV, UDIV */
8779 if (!arm_dc_feature(s, ARM_FEATURE_ARM_DIV)) {
8780 goto illegal_op;
8781 }
8782 if (((insn >> 5) & 7) || (rd != 15)) {
8783 goto illegal_op;
8784 }
8785 tmp = load_reg(s, rm);
8786 tmp2 = load_reg(s, rs);
8787 if (insn & (1 << 21)) {
8788 gen_helper_udiv(tmp, tmp, tmp2);
8789 } else {
8790 gen_helper_sdiv(tmp, tmp, tmp2);
8791 }
8792 tcg_temp_free_i32(tmp2);
8793 store_reg(s, rn, tmp);
8794 break;
8795 default:
8796 goto illegal_op;
8797 }
8798 break;
8799 case 3:
8800 op1 = ((insn >> 17) & 0x38) | ((insn >> 5) & 7);
8801 switch (op1) {
8802 case 0: /* Unsigned sum of absolute differences. */
8803 ARCH(6);
8804 tmp = load_reg(s, rm);
8805 tmp2 = load_reg(s, rs);
8806 gen_helper_usad8(tmp, tmp, tmp2);
8807 tcg_temp_free_i32(tmp2);
8808 if (rd != 15) {
8809 tmp2 = load_reg(s, rd);
8810 tcg_gen_add_i32(tmp, tmp, tmp2);
8811 tcg_temp_free_i32(tmp2);
8812 }
8813 store_reg(s, rn, tmp);
8814 break;
8815 case 0x20: case 0x24: case 0x28: case 0x2c:
8816 /* Bitfield insert/clear. */
8817 ARCH(6T2);
8818 shift = (insn >> 7) & 0x1f;
8819 i = (insn >> 16) & 0x1f;
8820 if (i < shift) {
8821 /* UNPREDICTABLE; we choose to UNDEF */
8822 goto illegal_op;
8823 }
8824 i = i + 1 - shift;
8825 if (rm == 15) {
8826 tmp = tcg_temp_new_i32();
8827 tcg_gen_movi_i32(tmp, 0);
8828 } else {
8829 tmp = load_reg(s, rm);
8830 }
8831 if (i != 32) {
8832 tmp2 = load_reg(s, rd);
8833 tcg_gen_deposit_i32(tmp, tmp2, tmp, shift, i);
8834 tcg_temp_free_i32(tmp2);
8835 }
8836 store_reg(s, rd, tmp);
8837 break;
8838 case 0x12: case 0x16: case 0x1a: case 0x1e: /* sbfx */
8839 case 0x32: case 0x36: case 0x3a: case 0x3e: /* ubfx */
8840 ARCH(6T2);
8841 tmp = load_reg(s, rm);
8842 shift = (insn >> 7) & 0x1f;
8843 i = ((insn >> 16) & 0x1f) + 1;
8844 if (shift + i > 32)
8845 goto illegal_op;
8846 if (i < 32) {
8847 if (op1 & 0x20) {
8848 gen_ubfx(tmp, shift, (1u << i) - 1);
8849 } else {
8850 gen_sbfx(tmp, shift, i);
8851 }
8852 }
8853 store_reg(s, rd, tmp);
8854 break;
8855 default:
8856 goto illegal_op;
8857 }
8858 break;
8859 }
8860 break;
8861 }
8862 do_ldst:
8863 /* Check for undefined extension instructions
8864 * per the ARM Bible IE:
8865 * xxxx 0111 1111 xxxx xxxx xxxx 1111 xxxx
8866 */
8867 sh = (0xf << 20) | (0xf << 4);
8868 if (op1 == 0x7 && ((insn & sh) == sh))
8869 {
8870 goto illegal_op;
8871 }
8872 /* load/store byte/word */
8873 rn = (insn >> 16) & 0xf;
8874 rd = (insn >> 12) & 0xf;
8875 tmp2 = load_reg(s, rn);
8876 if ((insn & 0x01200000) == 0x00200000) {
8877 /* ldrt/strt */
8878 i = get_a32_user_mem_index(s);
8879 } else {
8880 i = get_mem_index(s);
8881 }
8882 if (insn & (1 << 24))
8883 gen_add_data_offset(s, insn, tmp2);
8884 if (insn & (1 << 20)) {
8885 /* load */
8886 tmp = tcg_temp_new_i32();
8887 if (insn & (1 << 22)) {
8888 gen_aa32_ld8u(tmp, tmp2, i);
8889 } else {
8890 gen_aa32_ld32u(tmp, tmp2, i);
8891 }
8892 } else {
8893 /* store */
8894 tmp = load_reg(s, rd);
8895 if (insn & (1 << 22)) {
8896 gen_aa32_st8(tmp, tmp2, i);
8897 } else {
8898 gen_aa32_st32(tmp, tmp2, i);
8899 }
8900 tcg_temp_free_i32(tmp);
8901 }
8902 if (!(insn & (1 << 24))) {
8903 gen_add_data_offset(s, insn, tmp2);
8904 store_reg(s, rn, tmp2);
8905 } else if (insn & (1 << 21)) {
8906 store_reg(s, rn, tmp2);
8907 } else {
8908 tcg_temp_free_i32(tmp2);
8909 }
8910 if (insn & (1 << 20)) {
8911 /* Complete the load. */
8912 store_reg_from_load(s, rd, tmp);
8913 }
8914 break;
8915 case 0x08:
8916 case 0x09:
8917 {
8918 int j, n, loaded_base;
8919 bool exc_return = false;
8920 bool is_load = extract32(insn, 20, 1);
8921 bool user = false;
8922 TCGv_i32 loaded_var;
8923 /* load/store multiple words */
8924 /* XXX: store correct base if write back */
8925 if (insn & (1 << 22)) {
8926 /* LDM (user), LDM (exception return) and STM (user) */
8927 if (IS_USER(s))
8928 goto illegal_op; /* only usable in supervisor mode */
8929
8930 if (is_load && extract32(insn, 15, 1)) {
8931 exc_return = true;
8932 } else {
8933 user = true;
8934 }
8935 }
8936 rn = (insn >> 16) & 0xf;
8937 addr = load_reg(s, rn);
8938
8939 /* compute total size */
8940 loaded_base = 0;
8941 TCGV_UNUSED_I32(loaded_var);
8942 n = 0;
8943 for(i=0;i<16;i++) {
8944 if (insn & (1 << i))
8945 n++;
8946 }
8947 /* XXX: test invalid n == 0 case ? */
8948 if (insn & (1 << 23)) {
8949 if (insn & (1 << 24)) {
8950 /* pre increment */
8951 tcg_gen_addi_i32(addr, addr, 4);
8952 } else {
8953 /* post increment */
8954 }
8955 } else {
8956 if (insn & (1 << 24)) {
8957 /* pre decrement */
8958 tcg_gen_addi_i32(addr, addr, -(n * 4));
8959 } else {
8960 /* post decrement */
8961 if (n != 1)
8962 tcg_gen_addi_i32(addr, addr, -((n - 1) * 4));
8963 }
8964 }
8965 j = 0;
8966 for(i=0;i<16;i++) {
8967 if (insn & (1 << i)) {
8968 if (is_load) {
8969 /* load */
8970 tmp = tcg_temp_new_i32();
8971 gen_aa32_ld32u(tmp, addr, get_mem_index(s));
8972 if (user) {
8973 tmp2 = tcg_const_i32(i);
8974 gen_helper_set_user_reg(cpu_env, tmp2, tmp);
8975 tcg_temp_free_i32(tmp2);
8976 tcg_temp_free_i32(tmp);
8977 } else if (i == rn) {
8978 loaded_var = tmp;
8979 loaded_base = 1;
8980 } else {
8981 store_reg_from_load(s, i, tmp);
8982 }
8983 } else {
8984 /* store */
8985 if (i == 15) {
8986 /* special case: r15 = PC + 8 */
8987 val = (long)s->pc + 4;
8988 tmp = tcg_temp_new_i32();
8989 tcg_gen_movi_i32(tmp, val);
8990 } else if (user) {
8991 tmp = tcg_temp_new_i32();
8992 tmp2 = tcg_const_i32(i);
8993 gen_helper_get_user_reg(tmp, cpu_env, tmp2);
8994 tcg_temp_free_i32(tmp2);
8995 } else {
8996 tmp = load_reg(s, i);
8997 }
8998 gen_aa32_st32(tmp, addr, get_mem_index(s));
8999 tcg_temp_free_i32(tmp);
9000 }
9001 j++;
9002 /* no need to add after the last transfer */
9003 if (j != n)
9004 tcg_gen_addi_i32(addr, addr, 4);
9005 }
9006 }
9007 if (insn & (1 << 21)) {
9008 /* write back */
9009 if (insn & (1 << 23)) {
9010 if (insn & (1 << 24)) {
9011 /* pre increment */
9012 } else {
9013 /* post increment */
9014 tcg_gen_addi_i32(addr, addr, 4);
9015 }
9016 } else {
9017 if (insn & (1 << 24)) {
9018 /* pre decrement */
9019 if (n != 1)
9020 tcg_gen_addi_i32(addr, addr, -((n - 1) * 4));
9021 } else {
9022 /* post decrement */
9023 tcg_gen_addi_i32(addr, addr, -(n * 4));
9024 }
9025 }
9026 store_reg(s, rn, addr);
9027 } else {
9028 tcg_temp_free_i32(addr);
9029 }
9030 if (loaded_base) {
9031 store_reg(s, rn, loaded_var);
9032 }
9033 if (exc_return) {
9034 /* Restore CPSR from SPSR. */
9035 tmp = load_cpu_field(spsr);
9036 gen_set_cpsr(tmp, CPSR_ERET_MASK);
9037 tcg_temp_free_i32(tmp);
9038 s->is_jmp = DISAS_JUMP;
9039 }
9040 }
9041 break;
9042 case 0xa:
9043 case 0xb:
9044 {
9045 int32_t offset;
9046
9047 /* branch (and link) */
9048 val = (int32_t)s->pc;
9049 if (insn & (1 << 24)) {
9050 tmp = tcg_temp_new_i32();
9051 tcg_gen_movi_i32(tmp, val);
9052 store_reg(s, 14, tmp);
9053 }
9054 offset = sextract32(insn << 2, 0, 26);
9055 val += offset + 4;
9056 gen_jmp(s, val);
9057 }
9058 break;
9059 case 0xc:
9060 case 0xd:
9061 case 0xe:
9062 if (((insn >> 8) & 0xe) == 10) {
9063 /* VFP. */
9064 if (disas_vfp_insn(s, insn)) {
9065 goto illegal_op;
9066 }
9067 } else if (disas_coproc_insn(s, insn)) {
9068 /* Coprocessor. */
9069 goto illegal_op;
9070 }
9071 break;
9072 case 0xf:
9073 /* swi */
9074 gen_set_pc_im(s, s->pc);
9075 s->svc_imm = extract32(insn, 0, 24);
9076 s->is_jmp = DISAS_SWI;
9077 break;
9078 default:
9079 illegal_op:
9080 gen_exception_insn(s, 4, EXCP_UDEF, syn_uncategorized(),
9081 default_exception_el(s));
9082 break;
9083 }
9084 }
9085 }
9086
9087 /* Return true if this is a Thumb-2 logical op. */
9088 static int
9089 thumb2_logic_op(int op)
9090 {
9091 return (op < 8);
9092 }
9093
9094 /* Generate code for a Thumb-2 data processing operation. If CONDS is nonzero
9095 then set condition code flags based on the result of the operation.
9096 If SHIFTER_OUT is nonzero then set the carry flag for logical operations
9097 to the high bit of T1.
9098 Returns zero if the opcode is valid. */
9099
9100 static int
9101 gen_thumb2_data_op(DisasContext *s, int op, int conds, uint32_t shifter_out,
9102 TCGv_i32 t0, TCGv_i32 t1)
9103 {
9104 int logic_cc;
9105
9106 logic_cc = 0;
9107 switch (op) {
9108 case 0: /* and */
9109 tcg_gen_and_i32(t0, t0, t1);
9110 logic_cc = conds;
9111 break;
9112 case 1: /* bic */
9113 tcg_gen_andc_i32(t0, t0, t1);
9114 logic_cc = conds;
9115 break;
9116 case 2: /* orr */
9117 tcg_gen_or_i32(t0, t0, t1);
9118 logic_cc = conds;
9119 break;
9120 case 3: /* orn */
9121 tcg_gen_orc_i32(t0, t0, t1);
9122 logic_cc = conds;
9123 break;
9124 case 4: /* eor */
9125 tcg_gen_xor_i32(t0, t0, t1);
9126 logic_cc = conds;
9127 break;
9128 case 8: /* add */
9129 if (conds)
9130 gen_add_CC(t0, t0, t1);
9131 else
9132 tcg_gen_add_i32(t0, t0, t1);
9133 break;
9134 case 10: /* adc */
9135 if (conds)
9136 gen_adc_CC(t0, t0, t1);
9137 else
9138 gen_adc(t0, t1);
9139 break;
9140 case 11: /* sbc */
9141 if (conds) {
9142 gen_sbc_CC(t0, t0, t1);
9143 } else {
9144 gen_sub_carry(t0, t0, t1);
9145 }
9146 break;
9147 case 13: /* sub */
9148 if (conds)
9149 gen_sub_CC(t0, t0, t1);
9150 else
9151 tcg_gen_sub_i32(t0, t0, t1);
9152 break;
9153 case 14: /* rsb */
9154 if (conds)
9155 gen_sub_CC(t0, t1, t0);
9156 else
9157 tcg_gen_sub_i32(t0, t1, t0);
9158 break;
9159 default: /* 5, 6, 7, 9, 12, 15. */
9160 return 1;
9161 }
9162 if (logic_cc) {
9163 gen_logic_CC(t0);
9164 if (shifter_out)
9165 gen_set_CF_bit31(t1);
9166 }
9167 return 0;
9168 }
9169
9170 /* Translate a 32-bit thumb instruction. Returns nonzero if the instruction
9171 is not legal. */
9172 static int disas_thumb2_insn(CPUARMState *env, DisasContext *s, uint16_t insn_hw1)
9173 {
9174 uint32_t insn, imm, shift, offset;
9175 uint32_t rd, rn, rm, rs;
9176 TCGv_i32 tmp;
9177 TCGv_i32 tmp2;
9178 TCGv_i32 tmp3;
9179 TCGv_i32 addr;
9180 TCGv_i64 tmp64;
9181 int op;
9182 int shiftop;
9183 int conds;
9184 int logic_cc;
9185
9186 if (!(arm_dc_feature(s, ARM_FEATURE_THUMB2)
9187 || arm_dc_feature(s, ARM_FEATURE_M))) {
9188 /* Thumb-1 cores may need to treat bl and blx as a pair of
9189 16-bit instructions to get correct prefetch abort behavior. */
9190 insn = insn_hw1;
9191 if ((insn & (1 << 12)) == 0) {
9192 ARCH(5);
9193 /* Second half of blx. */
9194 offset = ((insn & 0x7ff) << 1);
9195 tmp = load_reg(s, 14);
9196 tcg_gen_addi_i32(tmp, tmp, offset);
9197 tcg_gen_andi_i32(tmp, tmp, 0xfffffffc);
9198
9199 tmp2 = tcg_temp_new_i32();
9200 tcg_gen_movi_i32(tmp2, s->pc | 1);
9201 store_reg(s, 14, tmp2);
9202 gen_bx(s, tmp);
9203 return 0;
9204 }
9205 if (insn & (1 << 11)) {
9206 /* Second half of bl. */
9207 offset = ((insn & 0x7ff) << 1) | 1;
9208 tmp = load_reg(s, 14);
9209 tcg_gen_addi_i32(tmp, tmp, offset);
9210
9211 tmp2 = tcg_temp_new_i32();
9212 tcg_gen_movi_i32(tmp2, s->pc | 1);
9213 store_reg(s, 14, tmp2);
9214 gen_bx(s, tmp);
9215 return 0;
9216 }
9217 if ((s->pc & ~TARGET_PAGE_MASK) == 0) {
9218 /* Instruction spans a page boundary. Implement it as two
9219 16-bit instructions in case the second half causes an
9220 prefetch abort. */
9221 offset = ((int32_t)insn << 21) >> 9;
9222 tcg_gen_movi_i32(cpu_R[14], s->pc + 2 + offset);
9223 return 0;
9224 }
9225 /* Fall through to 32-bit decode. */
9226 }
9227
9228 insn = arm_lduw_code(env, s->pc, s->bswap_code);
9229 s->pc += 2;
9230 insn |= (uint32_t)insn_hw1 << 16;
9231
9232 if ((insn & 0xf800e800) != 0xf000e800) {
9233 ARCH(6T2);
9234 }
9235
9236 rn = (insn >> 16) & 0xf;
9237 rs = (insn >> 12) & 0xf;
9238 rd = (insn >> 8) & 0xf;
9239 rm = insn & 0xf;
9240 switch ((insn >> 25) & 0xf) {
9241 case 0: case 1: case 2: case 3:
9242 /* 16-bit instructions. Should never happen. */
9243 abort();
9244 case 4:
9245 if (insn & (1 << 22)) {
9246 /* Other load/store, table branch. */
9247 if (insn & 0x01200000) {
9248 /* Load/store doubleword. */
9249 if (rn == 15) {
9250 addr = tcg_temp_new_i32();
9251 tcg_gen_movi_i32(addr, s->pc & ~3);
9252 } else {
9253 addr = load_reg(s, rn);
9254 }
9255 offset = (insn & 0xff) * 4;
9256 if ((insn & (1 << 23)) == 0)
9257 offset = -offset;
9258 if (insn & (1 << 24)) {
9259 tcg_gen_addi_i32(addr, addr, offset);
9260 offset = 0;
9261 }
9262 if (insn & (1 << 20)) {
9263 /* ldrd */
9264 tmp = tcg_temp_new_i32();
9265 gen_aa32_ld32u(tmp, addr, get_mem_index(s));
9266 store_reg(s, rs, tmp);
9267 tcg_gen_addi_i32(addr, addr, 4);
9268 tmp = tcg_temp_new_i32();
9269 gen_aa32_ld32u(tmp, addr, get_mem_index(s));
9270 store_reg(s, rd, tmp);
9271 } else {
9272 /* strd */
9273 tmp = load_reg(s, rs);
9274 gen_aa32_st32(tmp, addr, get_mem_index(s));
9275 tcg_temp_free_i32(tmp);
9276 tcg_gen_addi_i32(addr, addr, 4);
9277 tmp = load_reg(s, rd);
9278 gen_aa32_st32(tmp, addr, get_mem_index(s));
9279 tcg_temp_free_i32(tmp);
9280 }
9281 if (insn & (1 << 21)) {
9282 /* Base writeback. */
9283 if (rn == 15)
9284 goto illegal_op;
9285 tcg_gen_addi_i32(addr, addr, offset - 4);
9286 store_reg(s, rn, addr);
9287 } else {
9288 tcg_temp_free_i32(addr);
9289 }
9290 } else if ((insn & (1 << 23)) == 0) {
9291 /* Load/store exclusive word. */
9292 addr = tcg_temp_local_new_i32();
9293 load_reg_var(s, addr, rn);
9294 tcg_gen_addi_i32(addr, addr, (insn & 0xff) << 2);
9295 if (insn & (1 << 20)) {
9296 gen_load_exclusive(s, rs, 15, addr, 2);
9297 } else {
9298 gen_store_exclusive(s, rd, rs, 15, addr, 2);
9299 }
9300 tcg_temp_free_i32(addr);
9301 } else if ((insn & (7 << 5)) == 0) {
9302 /* Table Branch. */
9303 if (rn == 15) {
9304 addr = tcg_temp_new_i32();
9305 tcg_gen_movi_i32(addr, s->pc);
9306 } else {
9307 addr = load_reg(s, rn);
9308 }
9309 tmp = load_reg(s, rm);
9310 tcg_gen_add_i32(addr, addr, tmp);
9311 if (insn & (1 << 4)) {
9312 /* tbh */
9313 tcg_gen_add_i32(addr, addr, tmp);
9314 tcg_temp_free_i32(tmp);
9315 tmp = tcg_temp_new_i32();
9316 gen_aa32_ld16u(tmp, addr, get_mem_index(s));
9317 } else { /* tbb */
9318 tcg_temp_free_i32(tmp);
9319 tmp = tcg_temp_new_i32();
9320 gen_aa32_ld8u(tmp, addr, get_mem_index(s));
9321 }
9322 tcg_temp_free_i32(addr);
9323 tcg_gen_shli_i32(tmp, tmp, 1);
9324 tcg_gen_addi_i32(tmp, tmp, s->pc);
9325 store_reg(s, 15, tmp);
9326 } else {
9327 int op2 = (insn >> 6) & 0x3;
9328 op = (insn >> 4) & 0x3;
9329 switch (op2) {
9330 case 0:
9331 goto illegal_op;
9332 case 1:
9333 /* Load/store exclusive byte/halfword/doubleword */
9334 if (op == 2) {
9335 goto illegal_op;
9336 }
9337 ARCH(7);
9338 break;
9339 case 2:
9340 /* Load-acquire/store-release */
9341 if (op == 3) {
9342 goto illegal_op;
9343 }
9344 /* Fall through */
9345 case 3:
9346 /* Load-acquire/store-release exclusive */
9347 ARCH(8);
9348 break;
9349 }
9350 addr = tcg_temp_local_new_i32();
9351 load_reg_var(s, addr, rn);
9352 if (!(op2 & 1)) {
9353 if (insn & (1 << 20)) {
9354 tmp = tcg_temp_new_i32();
9355 switch (op) {
9356 case 0: /* ldab */
9357 gen_aa32_ld8u(tmp, addr, get_mem_index(s));
9358 break;
9359 case 1: /* ldah */
9360 gen_aa32_ld16u(tmp, addr, get_mem_index(s));
9361 break;
9362 case 2: /* lda */
9363 gen_aa32_ld32u(tmp, addr, get_mem_index(s));
9364 break;
9365 default:
9366 abort();
9367 }
9368 store_reg(s, rs, tmp);
9369 } else {
9370 tmp = load_reg(s, rs);
9371 switch (op) {
9372 case 0: /* stlb */
9373 gen_aa32_st8(tmp, addr, get_mem_index(s));
9374 break;
9375 case 1: /* stlh */
9376 gen_aa32_st16(tmp, addr, get_mem_index(s));
9377 break;
9378 case 2: /* stl */
9379 gen_aa32_st32(tmp, addr, get_mem_index(s));
9380 break;
9381 default:
9382 abort();
9383 }
9384 tcg_temp_free_i32(tmp);
9385 }
9386 } else if (insn & (1 << 20)) {
9387 gen_load_exclusive(s, rs, rd, addr, op);
9388 } else {
9389 gen_store_exclusive(s, rm, rs, rd, addr, op);
9390 }
9391 tcg_temp_free_i32(addr);
9392 }
9393 } else {
9394 /* Load/store multiple, RFE, SRS. */
9395 if (((insn >> 23) & 1) == ((insn >> 24) & 1)) {
9396 /* RFE, SRS: not available in user mode or on M profile */
9397 if (IS_USER(s) || arm_dc_feature(s, ARM_FEATURE_M)) {
9398 goto illegal_op;
9399 }
9400 if (insn & (1 << 20)) {
9401 /* rfe */
9402 addr = load_reg(s, rn);
9403 if ((insn & (1 << 24)) == 0)
9404 tcg_gen_addi_i32(addr, addr, -8);
9405 /* Load PC into tmp and CPSR into tmp2. */
9406 tmp = tcg_temp_new_i32();
9407 gen_aa32_ld32u(tmp, addr, get_mem_index(s));
9408 tcg_gen_addi_i32(addr, addr, 4);
9409 tmp2 = tcg_temp_new_i32();
9410 gen_aa32_ld32u(tmp2, addr, get_mem_index(s));
9411 if (insn & (1 << 21)) {
9412 /* Base writeback. */
9413 if (insn & (1 << 24)) {
9414 tcg_gen_addi_i32(addr, addr, 4);
9415 } else {
9416 tcg_gen_addi_i32(addr, addr, -4);
9417 }
9418 store_reg(s, rn, addr);
9419 } else {
9420 tcg_temp_free_i32(addr);
9421 }
9422 gen_rfe(s, tmp, tmp2);
9423 } else {
9424 /* srs */
9425 gen_srs(s, (insn & 0x1f), (insn & (1 << 24)) ? 1 : 2,
9426 insn & (1 << 21));
9427 }
9428 } else {
9429 int i, loaded_base = 0;
9430 TCGv_i32 loaded_var;
9431 /* Load/store multiple. */
9432 addr = load_reg(s, rn);
9433 offset = 0;
9434 for (i = 0; i < 16; i++) {
9435 if (insn & (1 << i))
9436 offset += 4;
9437 }
9438 if (insn & (1 << 24)) {
9439 tcg_gen_addi_i32(addr, addr, -offset);
9440 }
9441
9442 TCGV_UNUSED_I32(loaded_var);
9443 for (i = 0; i < 16; i++) {
9444 if ((insn & (1 << i)) == 0)
9445 continue;
9446 if (insn & (1 << 20)) {
9447 /* Load. */
9448 tmp = tcg_temp_new_i32();
9449 gen_aa32_ld32u(tmp, addr, get_mem_index(s));
9450 if (i == 15) {
9451 gen_bx(s, tmp);
9452 } else if (i == rn) {
9453 loaded_var = tmp;
9454 loaded_base = 1;
9455 } else {
9456 store_reg(s, i, tmp);
9457 }
9458 } else {
9459 /* Store. */
9460 tmp = load_reg(s, i);
9461 gen_aa32_st32(tmp, addr, get_mem_index(s));
9462 tcg_temp_free_i32(tmp);
9463 }
9464 tcg_gen_addi_i32(addr, addr, 4);
9465 }
9466 if (loaded_base) {
9467 store_reg(s, rn, loaded_var);
9468 }
9469 if (insn & (1 << 21)) {
9470 /* Base register writeback. */
9471 if (insn & (1 << 24)) {
9472 tcg_gen_addi_i32(addr, addr, -offset);
9473 }
9474 /* Fault if writeback register is in register list. */
9475 if (insn & (1 << rn))
9476 goto illegal_op;
9477 store_reg(s, rn, addr);
9478 } else {
9479 tcg_temp_free_i32(addr);
9480 }
9481 }
9482 }
9483 break;
9484 case 5:
9485
9486 op = (insn >> 21) & 0xf;
9487 if (op == 6) {
9488 if (!arm_dc_feature(s, ARM_FEATURE_THUMB_DSP)) {
9489 goto illegal_op;
9490 }
9491 /* Halfword pack. */
9492 tmp = load_reg(s, rn);
9493 tmp2 = load_reg(s, rm);
9494 shift = ((insn >> 10) & 0x1c) | ((insn >> 6) & 0x3);
9495 if (insn & (1 << 5)) {
9496 /* pkhtb */
9497 if (shift == 0)
9498 shift = 31;
9499 tcg_gen_sari_i32(tmp2, tmp2, shift);
9500 tcg_gen_andi_i32(tmp, tmp, 0xffff0000);
9501 tcg_gen_ext16u_i32(tmp2, tmp2);
9502 } else {
9503 /* pkhbt */
9504 if (shift)
9505 tcg_gen_shli_i32(tmp2, tmp2, shift);
9506 tcg_gen_ext16u_i32(tmp, tmp);
9507 tcg_gen_andi_i32(tmp2, tmp2, 0xffff0000);
9508 }
9509 tcg_gen_or_i32(tmp, tmp, tmp2);
9510 tcg_temp_free_i32(tmp2);
9511 store_reg(s, rd, tmp);
9512 } else {
9513 /* Data processing register constant shift. */
9514 if (rn == 15) {
9515 tmp = tcg_temp_new_i32();
9516 tcg_gen_movi_i32(tmp, 0);
9517 } else {
9518 tmp = load_reg(s, rn);
9519 }
9520 tmp2 = load_reg(s, rm);
9521
9522 shiftop = (insn >> 4) & 3;
9523 shift = ((insn >> 6) & 3) | ((insn >> 10) & 0x1c);
9524 conds = (insn & (1 << 20)) != 0;
9525 logic_cc = (conds && thumb2_logic_op(op));
9526 gen_arm_shift_im(tmp2, shiftop, shift, logic_cc);
9527 if (gen_thumb2_data_op(s, op, conds, 0, tmp, tmp2))
9528 goto illegal_op;
9529 tcg_temp_free_i32(tmp2);
9530 if (rd != 15) {
9531 store_reg(s, rd, tmp);
9532 } else {
9533 tcg_temp_free_i32(tmp);
9534 }
9535 }
9536 break;
9537 case 13: /* Misc data processing. */
9538 op = ((insn >> 22) & 6) | ((insn >> 7) & 1);
9539 if (op < 4 && (insn & 0xf000) != 0xf000)
9540 goto illegal_op;
9541 switch (op) {
9542 case 0: /* Register controlled shift. */
9543 tmp = load_reg(s, rn);
9544 tmp2 = load_reg(s, rm);
9545 if ((insn & 0x70) != 0)
9546 goto illegal_op;
9547 op = (insn >> 21) & 3;
9548 logic_cc = (insn & (1 << 20)) != 0;
9549 gen_arm_shift_reg(tmp, op, tmp2, logic_cc);
9550 if (logic_cc)
9551 gen_logic_CC(tmp);
9552 store_reg_bx(s, rd, tmp);
9553 break;
9554 case 1: /* Sign/zero extend. */
9555 op = (insn >> 20) & 7;
9556 switch (op) {
9557 case 0: /* SXTAH, SXTH */
9558 case 1: /* UXTAH, UXTH */
9559 case 4: /* SXTAB, SXTB */
9560 case 5: /* UXTAB, UXTB */
9561 break;
9562 case 2: /* SXTAB16, SXTB16 */
9563 case 3: /* UXTAB16, UXTB16 */
9564 if (!arm_dc_feature(s, ARM_FEATURE_THUMB_DSP)) {
9565 goto illegal_op;
9566 }
9567 break;
9568 default:
9569 goto illegal_op;
9570 }
9571 if (rn != 15) {
9572 if (!arm_dc_feature(s, ARM_FEATURE_THUMB_DSP)) {
9573 goto illegal_op;
9574 }
9575 }
9576 tmp = load_reg(s, rm);
9577 shift = (insn >> 4) & 3;
9578 /* ??? In many cases it's not necessary to do a
9579 rotate, a shift is sufficient. */
9580 if (shift != 0)
9581 tcg_gen_rotri_i32(tmp, tmp, shift * 8);
9582 op = (insn >> 20) & 7;
9583 switch (op) {
9584 case 0: gen_sxth(tmp); break;
9585 case 1: gen_uxth(tmp); break;
9586 case 2: gen_sxtb16(tmp); break;
9587 case 3: gen_uxtb16(tmp); break;
9588 case 4: gen_sxtb(tmp); break;
9589 case 5: gen_uxtb(tmp); break;
9590 default:
9591 g_assert_not_reached();
9592 }
9593 if (rn != 15) {
9594 tmp2 = load_reg(s, rn);
9595 if ((op >> 1) == 1) {
9596 gen_add16(tmp, tmp2);
9597 } else {
9598 tcg_gen_add_i32(tmp, tmp, tmp2);
9599 tcg_temp_free_i32(tmp2);
9600 }
9601 }
9602 store_reg(s, rd, tmp);
9603 break;
9604 case 2: /* SIMD add/subtract. */
9605 if (!arm_dc_feature(s, ARM_FEATURE_THUMB_DSP)) {
9606 goto illegal_op;
9607 }
9608 op = (insn >> 20) & 7;
9609 shift = (insn >> 4) & 7;
9610 if ((op & 3) == 3 || (shift & 3) == 3)
9611 goto illegal_op;
9612 tmp = load_reg(s, rn);
9613 tmp2 = load_reg(s, rm);
9614 gen_thumb2_parallel_addsub(op, shift, tmp, tmp2);
9615 tcg_temp_free_i32(tmp2);
9616 store_reg(s, rd, tmp);
9617 break;
9618 case 3: /* Other data processing. */
9619 op = ((insn >> 17) & 0x38) | ((insn >> 4) & 7);
9620 if (op < 4) {
9621 /* Saturating add/subtract. */
9622 if (!arm_dc_feature(s, ARM_FEATURE_THUMB_DSP)) {
9623 goto illegal_op;
9624 }
9625 tmp = load_reg(s, rn);
9626 tmp2 = load_reg(s, rm);
9627 if (op & 1)
9628 gen_helper_double_saturate(tmp, cpu_env, tmp);
9629 if (op & 2)
9630 gen_helper_sub_saturate(tmp, cpu_env, tmp2, tmp);
9631 else
9632 gen_helper_add_saturate(tmp, cpu_env, tmp, tmp2);
9633 tcg_temp_free_i32(tmp2);
9634 } else {
9635 switch (op) {
9636 case 0x0a: /* rbit */
9637 case 0x08: /* rev */
9638 case 0x09: /* rev16 */
9639 case 0x0b: /* revsh */
9640 case 0x18: /* clz */
9641 break;
9642 case 0x10: /* sel */
9643 if (!arm_dc_feature(s, ARM_FEATURE_THUMB_DSP)) {
9644 goto illegal_op;
9645 }
9646 break;
9647 case 0x20: /* crc32/crc32c */
9648 case 0x21:
9649 case 0x22:
9650 case 0x28:
9651 case 0x29:
9652 case 0x2a:
9653 if (!arm_dc_feature(s, ARM_FEATURE_CRC)) {
9654 goto illegal_op;
9655 }
9656 break;
9657 default:
9658 goto illegal_op;
9659 }
9660 tmp = load_reg(s, rn);
9661 switch (op) {
9662 case 0x0a: /* rbit */
9663 gen_helper_rbit(tmp, tmp);
9664 break;
9665 case 0x08: /* rev */
9666 tcg_gen_bswap32_i32(tmp, tmp);
9667 break;
9668 case 0x09: /* rev16 */
9669 gen_rev16(tmp);
9670 break;
9671 case 0x0b: /* revsh */
9672 gen_revsh(tmp);
9673 break;
9674 case 0x10: /* sel */
9675 tmp2 = load_reg(s, rm);
9676 tmp3 = tcg_temp_new_i32();
9677 tcg_gen_ld_i32(tmp3, cpu_env, offsetof(CPUARMState, GE));
9678 gen_helper_sel_flags(tmp, tmp3, tmp, tmp2);
9679 tcg_temp_free_i32(tmp3);
9680 tcg_temp_free_i32(tmp2);
9681 break;
9682 case 0x18: /* clz */
9683 gen_helper_clz(tmp, tmp);
9684 break;
9685 case 0x20:
9686 case 0x21:
9687 case 0x22:
9688 case 0x28:
9689 case 0x29:
9690 case 0x2a:
9691 {
9692 /* crc32/crc32c */
9693 uint32_t sz = op & 0x3;
9694 uint32_t c = op & 0x8;
9695
9696 tmp2 = load_reg(s, rm);
9697 if (sz == 0) {
9698 tcg_gen_andi_i32(tmp2, tmp2, 0xff);
9699 } else if (sz == 1) {
9700 tcg_gen_andi_i32(tmp2, tmp2, 0xffff);
9701 }
9702 tmp3 = tcg_const_i32(1 << sz);
9703 if (c) {
9704 gen_helper_crc32c(tmp, tmp, tmp2, tmp3);
9705 } else {
9706 gen_helper_crc32(tmp, tmp, tmp2, tmp3);
9707 }
9708 tcg_temp_free_i32(tmp2);
9709 tcg_temp_free_i32(tmp3);
9710 break;
9711 }
9712 default:
9713 g_assert_not_reached();
9714 }
9715 }
9716 store_reg(s, rd, tmp);
9717 break;
9718 case 4: case 5: /* 32-bit multiply. Sum of absolute differences. */
9719 switch ((insn >> 20) & 7) {
9720 case 0: /* 32 x 32 -> 32 */
9721 case 7: /* Unsigned sum of absolute differences. */
9722 break;
9723 case 1: /* 16 x 16 -> 32 */
9724 case 2: /* Dual multiply add. */
9725 case 3: /* 32 * 16 -> 32msb */
9726 case 4: /* Dual multiply subtract. */
9727 case 5: case 6: /* 32 * 32 -> 32msb (SMMUL, SMMLA, SMMLS) */
9728 if (!arm_dc_feature(s, ARM_FEATURE_THUMB_DSP)) {
9729 goto illegal_op;
9730 }
9731 break;
9732 }
9733 op = (insn >> 4) & 0xf;
9734 tmp = load_reg(s, rn);
9735 tmp2 = load_reg(s, rm);
9736 switch ((insn >> 20) & 7) {
9737 case 0: /* 32 x 32 -> 32 */
9738 tcg_gen_mul_i32(tmp, tmp, tmp2);
9739 tcg_temp_free_i32(tmp2);
9740 if (rs != 15) {
9741 tmp2 = load_reg(s, rs);
9742 if (op)
9743 tcg_gen_sub_i32(tmp, tmp2, tmp);
9744 else
9745 tcg_gen_add_i32(tmp, tmp, tmp2);
9746 tcg_temp_free_i32(tmp2);
9747 }
9748 break;
9749 case 1: /* 16 x 16 -> 32 */
9750 gen_mulxy(tmp, tmp2, op & 2, op & 1);
9751 tcg_temp_free_i32(tmp2);
9752 if (rs != 15) {
9753 tmp2 = load_reg(s, rs);
9754 gen_helper_add_setq(tmp, cpu_env, tmp, tmp2);
9755 tcg_temp_free_i32(tmp2);
9756 }
9757 break;
9758 case 2: /* Dual multiply add. */
9759 case 4: /* Dual multiply subtract. */
9760 if (op)
9761 gen_swap_half(tmp2);
9762 gen_smul_dual(tmp, tmp2);
9763 if (insn & (1 << 22)) {
9764 /* This subtraction cannot overflow. */
9765 tcg_gen_sub_i32(tmp, tmp, tmp2);
9766 } else {
9767 /* This addition cannot overflow 32 bits;
9768 * however it may overflow considered as a signed
9769 * operation, in which case we must set the Q flag.
9770 */
9771 gen_helper_add_setq(tmp, cpu_env, tmp, tmp2);
9772 }
9773 tcg_temp_free_i32(tmp2);
9774 if (rs != 15)
9775 {
9776 tmp2 = load_reg(s, rs);
9777 gen_helper_add_setq(tmp, cpu_env, tmp, tmp2);
9778 tcg_temp_free_i32(tmp2);
9779 }
9780 break;
9781 case 3: /* 32 * 16 -> 32msb */
9782 if (op)
9783 tcg_gen_sari_i32(tmp2, tmp2, 16);
9784 else
9785 gen_sxth(tmp2);
9786 tmp64 = gen_muls_i64_i32(tmp, tmp2);
9787 tcg_gen_shri_i64(tmp64, tmp64, 16);
9788 tmp = tcg_temp_new_i32();
9789 tcg_gen_extrl_i64_i32(tmp, tmp64);
9790 tcg_temp_free_i64(tmp64);
9791 if (rs != 15)
9792 {
9793 tmp2 = load_reg(s, rs);
9794 gen_helper_add_setq(tmp, cpu_env, tmp, tmp2);
9795 tcg_temp_free_i32(tmp2);
9796 }
9797 break;
9798 case 5: case 6: /* 32 * 32 -> 32msb (SMMUL, SMMLA, SMMLS) */
9799 tmp64 = gen_muls_i64_i32(tmp, tmp2);
9800 if (rs != 15) {
9801 tmp = load_reg(s, rs);
9802 if (insn & (1 << 20)) {
9803 tmp64 = gen_addq_msw(tmp64, tmp);
9804 } else {
9805 tmp64 = gen_subq_msw(tmp64, tmp);
9806 }
9807 }
9808 if (insn & (1 << 4)) {
9809 tcg_gen_addi_i64(tmp64, tmp64, 0x80000000u);
9810 }
9811 tcg_gen_shri_i64(tmp64, tmp64, 32);
9812 tmp = tcg_temp_new_i32();
9813 tcg_gen_extrl_i64_i32(tmp, tmp64);
9814 tcg_temp_free_i64(tmp64);
9815 break;
9816 case 7: /* Unsigned sum of absolute differences. */
9817 gen_helper_usad8(tmp, tmp, tmp2);
9818 tcg_temp_free_i32(tmp2);
9819 if (rs != 15) {
9820 tmp2 = load_reg(s, rs);
9821 tcg_gen_add_i32(tmp, tmp, tmp2);
9822 tcg_temp_free_i32(tmp2);
9823 }
9824 break;
9825 }
9826 store_reg(s, rd, tmp);
9827 break;
9828 case 6: case 7: /* 64-bit multiply, Divide. */
9829 op = ((insn >> 4) & 0xf) | ((insn >> 16) & 0x70);
9830 tmp = load_reg(s, rn);
9831 tmp2 = load_reg(s, rm);
9832 if ((op & 0x50) == 0x10) {
9833 /* sdiv, udiv */
9834 if (!arm_dc_feature(s, ARM_FEATURE_THUMB_DIV)) {
9835 goto illegal_op;
9836 }
9837 if (op & 0x20)
9838 gen_helper_udiv(tmp, tmp, tmp2);
9839 else
9840 gen_helper_sdiv(tmp, tmp, tmp2);
9841 tcg_temp_free_i32(tmp2);
9842 store_reg(s, rd, tmp);
9843 } else if ((op & 0xe) == 0xc) {
9844 /* Dual multiply accumulate long. */
9845 if (!arm_dc_feature(s, ARM_FEATURE_THUMB_DSP)) {
9846 tcg_temp_free_i32(tmp);
9847 tcg_temp_free_i32(tmp2);
9848 goto illegal_op;
9849 }
9850 if (op & 1)
9851 gen_swap_half(tmp2);
9852 gen_smul_dual(tmp, tmp2);
9853 if (op & 0x10) {
9854 tcg_gen_sub_i32(tmp, tmp, tmp2);
9855 } else {
9856 tcg_gen_add_i32(tmp, tmp, tmp2);
9857 }
9858 tcg_temp_free_i32(tmp2);
9859 /* BUGFIX */
9860 tmp64 = tcg_temp_new_i64();
9861 tcg_gen_ext_i32_i64(tmp64, tmp);
9862 tcg_temp_free_i32(tmp);
9863 gen_addq(s, tmp64, rs, rd);
9864 gen_storeq_reg(s, rs, rd, tmp64);
9865 tcg_temp_free_i64(tmp64);
9866 } else {
9867 if (op & 0x20) {
9868 /* Unsigned 64-bit multiply */
9869 tmp64 = gen_mulu_i64_i32(tmp, tmp2);
9870 } else {
9871 if (op & 8) {
9872 /* smlalxy */
9873 if (!arm_dc_feature(s, ARM_FEATURE_THUMB_DSP)) {
9874 tcg_temp_free_i32(tmp2);
9875 tcg_temp_free_i32(tmp);
9876 goto illegal_op;
9877 }
9878 gen_mulxy(tmp, tmp2, op & 2, op & 1);
9879 tcg_temp_free_i32(tmp2);
9880 tmp64 = tcg_temp_new_i64();
9881 tcg_gen_ext_i32_i64(tmp64, tmp);
9882 tcg_temp_free_i32(tmp);
9883 } else {
9884 /* Signed 64-bit multiply */
9885 tmp64 = gen_muls_i64_i32(tmp, tmp2);
9886 }
9887 }
9888 if (op & 4) {
9889 /* umaal */
9890 if (!arm_dc_feature(s, ARM_FEATURE_THUMB_DSP)) {
9891 tcg_temp_free_i64(tmp64);
9892 goto illegal_op;
9893 }
9894 gen_addq_lo(s, tmp64, rs);
9895 gen_addq_lo(s, tmp64, rd);
9896 } else if (op & 0x40) {
9897 /* 64-bit accumulate. */
9898 gen_addq(s, tmp64, rs, rd);
9899 }
9900 gen_storeq_reg(s, rs, rd, tmp64);
9901 tcg_temp_free_i64(tmp64);
9902 }
9903 break;
9904 }
9905 break;
9906 case 6: case 7: case 14: case 15:
9907 /* Coprocessor. */
9908 if (((insn >> 24) & 3) == 3) {
9909 /* Translate into the equivalent ARM encoding. */
9910 insn = (insn & 0xe2ffffff) | ((insn & (1 << 28)) >> 4) | (1 << 28);
9911 if (disas_neon_data_insn(s, insn)) {
9912 goto illegal_op;
9913 }
9914 } else if (((insn >> 8) & 0xe) == 10) {
9915 if (disas_vfp_insn(s, insn)) {
9916 goto illegal_op;
9917 }
9918 } else {
9919 if (insn & (1 << 28))
9920 goto illegal_op;
9921 if (disas_coproc_insn(s, insn)) {
9922 goto illegal_op;
9923 }
9924 }
9925 break;
9926 case 8: case 9: case 10: case 11:
9927 if (insn & (1 << 15)) {
9928 /* Branches, misc control. */
9929 if (insn & 0x5000) {
9930 /* Unconditional branch. */
9931 /* signextend(hw1[10:0]) -> offset[:12]. */
9932 offset = ((int32_t)insn << 5) >> 9 & ~(int32_t)0xfff;
9933 /* hw1[10:0] -> offset[11:1]. */
9934 offset |= (insn & 0x7ff) << 1;
9935 /* (~hw2[13, 11] ^ offset[24]) -> offset[23,22]
9936 offset[24:22] already have the same value because of the
9937 sign extension above. */
9938 offset ^= ((~insn) & (1 << 13)) << 10;
9939 offset ^= ((~insn) & (1 << 11)) << 11;
9940
9941 if (insn & (1 << 14)) {
9942 /* Branch and link. */
9943 tcg_gen_movi_i32(cpu_R[14], s->pc | 1);
9944 }
9945
9946 offset += s->pc;
9947 if (insn & (1 << 12)) {
9948 /* b/bl */
9949 gen_jmp(s, offset);
9950 } else {
9951 /* blx */
9952 offset &= ~(uint32_t)2;
9953 /* thumb2 bx, no need to check */
9954 gen_bx_im(s, offset);
9955 }
9956 } else if (((insn >> 23) & 7) == 7) {
9957 /* Misc control */
9958 if (insn & (1 << 13))
9959 goto illegal_op;
9960
9961 if (insn & (1 << 26)) {
9962 if (!(insn & (1 << 20))) {
9963 /* Hypervisor call (v7) */
9964 int imm16 = extract32(insn, 16, 4) << 12
9965 | extract32(insn, 0, 12);
9966 ARCH(7);
9967 if (IS_USER(s)) {
9968 goto illegal_op;
9969 }
9970 gen_hvc(s, imm16);
9971 } else {
9972 /* Secure monitor call (v6+) */
9973 ARCH(6K);
9974 if (IS_USER(s)) {
9975 goto illegal_op;
9976 }
9977 gen_smc(s);
9978 }
9979 } else {
9980 op = (insn >> 20) & 7;
9981 switch (op) {
9982 case 0: /* msr cpsr. */
9983 if (arm_dc_feature(s, ARM_FEATURE_M)) {
9984 tmp = load_reg(s, rn);
9985 addr = tcg_const_i32(insn & 0xff);
9986 gen_helper_v7m_msr(cpu_env, addr, tmp);
9987 tcg_temp_free_i32(addr);
9988 tcg_temp_free_i32(tmp);
9989 gen_lookup_tb(s);
9990 break;
9991 }
9992 /* fall through */
9993 case 1: /* msr spsr. */
9994 if (arm_dc_feature(s, ARM_FEATURE_M)) {
9995 goto illegal_op;
9996 }
9997 tmp = load_reg(s, rn);
9998 if (gen_set_psr(s,
9999 msr_mask(s, (insn >> 8) & 0xf, op == 1),
10000 op == 1, tmp))
10001 goto illegal_op;
10002 break;
10003 case 2: /* cps, nop-hint. */
10004 if (((insn >> 8) & 7) == 0) {
10005 gen_nop_hint(s, insn & 0xff);
10006 }
10007 /* Implemented as NOP in user mode. */
10008 if (IS_USER(s))
10009 break;
10010 offset = 0;
10011 imm = 0;
10012 if (insn & (1 << 10)) {
10013 if (insn & (1 << 7))
10014 offset |= CPSR_A;
10015 if (insn & (1 << 6))
10016 offset |= CPSR_I;
10017 if (insn & (1 << 5))
10018 offset |= CPSR_F;
10019 if (insn & (1 << 9))
10020 imm = CPSR_A | CPSR_I | CPSR_F;
10021 }
10022 if (insn & (1 << 8)) {
10023 offset |= 0x1f;
10024 imm |= (insn & 0x1f);
10025 }
10026 if (offset) {
10027 gen_set_psr_im(s, offset, 0, imm);
10028 }
10029 break;
10030 case 3: /* Special control operations. */
10031 ARCH(7);
10032 op = (insn >> 4) & 0xf;
10033 switch (op) {
10034 case 2: /* clrex */
10035 gen_clrex(s);
10036 break;
10037 case 4: /* dsb */
10038 case 5: /* dmb */
10039 /* These execute as NOPs. */
10040 break;
10041 case 6: /* isb */
10042 /* We need to break the TB after this insn
10043 * to execute self-modifying code correctly
10044 * and also to take any pending interrupts
10045 * immediately.
10046 */
10047 gen_lookup_tb(s);
10048 break;
10049 default:
10050 goto illegal_op;
10051 }
10052 break;
10053 case 4: /* bxj */
10054 /* Trivial implementation equivalent to bx. */
10055 tmp = load_reg(s, rn);
10056 gen_bx(s, tmp);
10057 break;
10058 case 5: /* Exception return. */
10059 if (IS_USER(s)) {
10060 goto illegal_op;
10061 }
10062 if (rn != 14 || rd != 15) {
10063 goto illegal_op;
10064 }
10065 tmp = load_reg(s, rn);
10066 tcg_gen_subi_i32(tmp, tmp, insn & 0xff);
10067 gen_exception_return(s, tmp);
10068 break;
10069 case 6: /* mrs cpsr. */
10070 tmp = tcg_temp_new_i32();
10071 if (arm_dc_feature(s, ARM_FEATURE_M)) {
10072 addr = tcg_const_i32(insn & 0xff);
10073 gen_helper_v7m_mrs(tmp, cpu_env, addr);
10074 tcg_temp_free_i32(addr);
10075 } else {
10076 gen_helper_cpsr_read(tmp, cpu_env);
10077 }
10078 store_reg(s, rd, tmp);
10079 break;
10080 case 7: /* mrs spsr. */
10081 /* Not accessible in user mode. */
10082 if (IS_USER(s) || arm_dc_feature(s, ARM_FEATURE_M)) {
10083 goto illegal_op;
10084 }
10085 tmp = load_cpu_field(spsr);
10086 store_reg(s, rd, tmp);
10087 break;
10088 }
10089 }
10090 } else {
10091 /* Conditional branch. */
10092 op = (insn >> 22) & 0xf;
10093 /* Generate a conditional jump to next instruction. */
10094 s->condlabel = gen_new_label();
10095 arm_gen_test_cc(op ^ 1, s->condlabel);
10096 s->condjmp = 1;
10097
10098 /* offset[11:1] = insn[10:0] */
10099 offset = (insn & 0x7ff) << 1;
10100 /* offset[17:12] = insn[21:16]. */
10101 offset |= (insn & 0x003f0000) >> 4;
10102 /* offset[31:20] = insn[26]. */
10103 offset |= ((int32_t)((insn << 5) & 0x80000000)) >> 11;
10104 /* offset[18] = insn[13]. */
10105 offset |= (insn & (1 << 13)) << 5;
10106 /* offset[19] = insn[11]. */
10107 offset |= (insn & (1 << 11)) << 8;
10108
10109 /* jump to the offset */
10110 gen_jmp(s, s->pc + offset);
10111 }
10112 } else {
10113 /* Data processing immediate. */
10114 if (insn & (1 << 25)) {
10115 if (insn & (1 << 24)) {
10116 if (insn & (1 << 20))
10117 goto illegal_op;
10118 /* Bitfield/Saturate. */
10119 op = (insn >> 21) & 7;
10120 imm = insn & 0x1f;
10121 shift = ((insn >> 6) & 3) | ((insn >> 10) & 0x1c);
10122 if (rn == 15) {
10123 tmp = tcg_temp_new_i32();
10124 tcg_gen_movi_i32(tmp, 0);
10125 } else {
10126 tmp = load_reg(s, rn);
10127 }
10128 switch (op) {
10129 case 2: /* Signed bitfield extract. */
10130 imm++;
10131 if (shift + imm > 32)
10132 goto illegal_op;
10133 if (imm < 32)
10134 gen_sbfx(tmp, shift, imm);
10135 break;
10136 case 6: /* Unsigned bitfield extract. */
10137 imm++;
10138 if (shift + imm > 32)
10139 goto illegal_op;
10140 if (imm < 32)
10141 gen_ubfx(tmp, shift, (1u << imm) - 1);
10142 break;
10143 case 3: /* Bitfield insert/clear. */
10144 if (imm < shift)
10145 goto illegal_op;
10146 imm = imm + 1 - shift;
10147 if (imm != 32) {
10148 tmp2 = load_reg(s, rd);
10149 tcg_gen_deposit_i32(tmp, tmp2, tmp, shift, imm);
10150 tcg_temp_free_i32(tmp2);
10151 }
10152 break;
10153 case 7:
10154 goto illegal_op;
10155 default: /* Saturate. */
10156 if (shift) {
10157 if (op & 1)
10158 tcg_gen_sari_i32(tmp, tmp, shift);
10159 else
10160 tcg_gen_shli_i32(tmp, tmp, shift);
10161 }
10162 tmp2 = tcg_const_i32(imm);
10163 if (op & 4) {
10164 /* Unsigned. */
10165 if ((op & 1) && shift == 0) {
10166 if (!arm_dc_feature(s, ARM_FEATURE_THUMB_DSP)) {
10167 tcg_temp_free_i32(tmp);
10168 tcg_temp_free_i32(tmp2);
10169 goto illegal_op;
10170 }
10171 gen_helper_usat16(tmp, cpu_env, tmp, tmp2);
10172 } else {
10173 gen_helper_usat(tmp, cpu_env, tmp, tmp2);
10174 }
10175 } else {
10176 /* Signed. */
10177 if ((op & 1) && shift == 0) {
10178 if (!arm_dc_feature(s, ARM_FEATURE_THUMB_DSP)) {
10179 tcg_temp_free_i32(tmp);
10180 tcg_temp_free_i32(tmp2);
10181 goto illegal_op;
10182 }
10183 gen_helper_ssat16(tmp, cpu_env, tmp, tmp2);
10184 } else {
10185 gen_helper_ssat(tmp, cpu_env, tmp, tmp2);
10186 }
10187 }
10188 tcg_temp_free_i32(tmp2);
10189 break;
10190 }
10191 store_reg(s, rd, tmp);
10192 } else {
10193 imm = ((insn & 0x04000000) >> 15)
10194 | ((insn & 0x7000) >> 4) | (insn & 0xff);
10195 if (insn & (1 << 22)) {
10196 /* 16-bit immediate. */
10197 imm |= (insn >> 4) & 0xf000;
10198 if (insn & (1 << 23)) {
10199 /* movt */
10200 tmp = load_reg(s, rd);
10201 tcg_gen_ext16u_i32(tmp, tmp);
10202 tcg_gen_ori_i32(tmp, tmp, imm << 16);
10203 } else {
10204 /* movw */
10205 tmp = tcg_temp_new_i32();
10206 tcg_gen_movi_i32(tmp, imm);
10207 }
10208 } else {
10209 /* Add/sub 12-bit immediate. */
10210 if (rn == 15) {
10211 offset = s->pc & ~(uint32_t)3;
10212 if (insn & (1 << 23))
10213 offset -= imm;
10214 else
10215 offset += imm;
10216 tmp = tcg_temp_new_i32();
10217 tcg_gen_movi_i32(tmp, offset);
10218 } else {
10219 tmp = load_reg(s, rn);
10220 if (insn & (1 << 23))
10221 tcg_gen_subi_i32(tmp, tmp, imm);
10222 else
10223 tcg_gen_addi_i32(tmp, tmp, imm);
10224 }
10225 }
10226 store_reg(s, rd, tmp);
10227 }
10228 } else {
10229 int shifter_out = 0;
10230 /* modified 12-bit immediate. */
10231 shift = ((insn & 0x04000000) >> 23) | ((insn & 0x7000) >> 12);
10232 imm = (insn & 0xff);
10233 switch (shift) {
10234 case 0: /* XY */
10235 /* Nothing to do. */
10236 break;
10237 case 1: /* 00XY00XY */
10238 imm |= imm << 16;
10239 break;
10240 case 2: /* XY00XY00 */
10241 imm |= imm << 16;
10242 imm <<= 8;
10243 break;
10244 case 3: /* XYXYXYXY */
10245 imm |= imm << 16;
10246 imm |= imm << 8;
10247 break;
10248 default: /* Rotated constant. */
10249 shift = (shift << 1) | (imm >> 7);
10250 imm |= 0x80;
10251 imm = imm << (32 - shift);
10252 shifter_out = 1;
10253 break;
10254 }
10255 tmp2 = tcg_temp_new_i32();
10256 tcg_gen_movi_i32(tmp2, imm);
10257 rn = (insn >> 16) & 0xf;
10258 if (rn == 15) {
10259 tmp = tcg_temp_new_i32();
10260 tcg_gen_movi_i32(tmp, 0);
10261 } else {
10262 tmp = load_reg(s, rn);
10263 }
10264 op = (insn >> 21) & 0xf;
10265 if (gen_thumb2_data_op(s, op, (insn & (1 << 20)) != 0,
10266 shifter_out, tmp, tmp2))
10267 goto illegal_op;
10268 tcg_temp_free_i32(tmp2);
10269 rd = (insn >> 8) & 0xf;
10270 if (rd != 15) {
10271 store_reg(s, rd, tmp);
10272 } else {
10273 tcg_temp_free_i32(tmp);
10274 }
10275 }
10276 }
10277 break;
10278 case 12: /* Load/store single data item. */
10279 {
10280 int postinc = 0;
10281 int writeback = 0;
10282 int memidx;
10283 if ((insn & 0x01100000) == 0x01000000) {
10284 if (disas_neon_ls_insn(s, insn)) {
10285 goto illegal_op;
10286 }
10287 break;
10288 }
10289 op = ((insn >> 21) & 3) | ((insn >> 22) & 4);
10290 if (rs == 15) {
10291 if (!(insn & (1 << 20))) {
10292 goto illegal_op;
10293 }
10294 if (op != 2) {
10295 /* Byte or halfword load space with dest == r15 : memory hints.
10296 * Catch them early so we don't emit pointless addressing code.
10297 * This space is a mix of:
10298 * PLD/PLDW/PLI, which we implement as NOPs (note that unlike
10299 * the ARM encodings, PLDW space doesn't UNDEF for non-v7MP
10300 * cores)
10301 * unallocated hints, which must be treated as NOPs
10302 * UNPREDICTABLE space, which we NOP or UNDEF depending on
10303 * which is easiest for the decoding logic
10304 * Some space which must UNDEF
10305 */
10306 int op1 = (insn >> 23) & 3;
10307 int op2 = (insn >> 6) & 0x3f;
10308 if (op & 2) {
10309 goto illegal_op;
10310 }
10311 if (rn == 15) {
10312 /* UNPREDICTABLE, unallocated hint or
10313 * PLD/PLDW/PLI (literal)
10314 */
10315 return 0;
10316 }
10317 if (op1 & 1) {
10318 return 0; /* PLD/PLDW/PLI or unallocated hint */
10319 }
10320 if ((op2 == 0) || ((op2 & 0x3c) == 0x30)) {
10321 return 0; /* PLD/PLDW/PLI or unallocated hint */
10322 }
10323 /* UNDEF space, or an UNPREDICTABLE */
10324 return 1;
10325 }
10326 }
10327 memidx = get_mem_index(s);
10328 if (rn == 15) {
10329 addr = tcg_temp_new_i32();
10330 /* PC relative. */
10331 /* s->pc has already been incremented by 4. */
10332 imm = s->pc & 0xfffffffc;
10333 if (insn & (1 << 23))
10334 imm += insn & 0xfff;
10335 else
10336 imm -= insn & 0xfff;
10337 tcg_gen_movi_i32(addr, imm);
10338 } else {
10339 addr = load_reg(s, rn);
10340 if (insn & (1 << 23)) {
10341 /* Positive offset. */
10342 imm = insn & 0xfff;
10343 tcg_gen_addi_i32(addr, addr, imm);
10344 } else {
10345 imm = insn & 0xff;
10346 switch ((insn >> 8) & 0xf) {
10347 case 0x0: /* Shifted Register. */
10348 shift = (insn >> 4) & 0xf;
10349 if (shift > 3) {
10350 tcg_temp_free_i32(addr);
10351 goto illegal_op;
10352 }
10353 tmp = load_reg(s, rm);
10354 if (shift)
10355 tcg_gen_shli_i32(tmp, tmp, shift);
10356 tcg_gen_add_i32(addr, addr, tmp);
10357 tcg_temp_free_i32(tmp);
10358 break;
10359 case 0xc: /* Negative offset. */
10360 tcg_gen_addi_i32(addr, addr, -imm);
10361 break;
10362 case 0xe: /* User privilege. */
10363 tcg_gen_addi_i32(addr, addr, imm);
10364 memidx = get_a32_user_mem_index(s);
10365 break;
10366 case 0x9: /* Post-decrement. */
10367 imm = -imm;
10368 /* Fall through. */
10369 case 0xb: /* Post-increment. */
10370 postinc = 1;
10371 writeback = 1;
10372 break;
10373 case 0xd: /* Pre-decrement. */
10374 imm = -imm;
10375 /* Fall through. */
10376 case 0xf: /* Pre-increment. */
10377 tcg_gen_addi_i32(addr, addr, imm);
10378 writeback = 1;
10379 break;
10380 default:
10381 tcg_temp_free_i32(addr);
10382 goto illegal_op;
10383 }
10384 }
10385 }
10386 if (insn & (1 << 20)) {
10387 /* Load. */
10388 tmp = tcg_temp_new_i32();
10389 switch (op) {
10390 case 0:
10391 gen_aa32_ld8u(tmp, addr, memidx);
10392 break;
10393 case 4:
10394 gen_aa32_ld8s(tmp, addr, memidx);
10395 break;
10396 case 1:
10397 gen_aa32_ld16u(tmp, addr, memidx);
10398 break;
10399 case 5:
10400 gen_aa32_ld16s(tmp, addr, memidx);
10401 break;
10402 case 2:
10403 gen_aa32_ld32u(tmp, addr, memidx);
10404 break;
10405 default:
10406 tcg_temp_free_i32(tmp);
10407 tcg_temp_free_i32(addr);
10408 goto illegal_op;
10409 }
10410 if (rs == 15) {
10411 gen_bx(s, tmp);
10412 } else {
10413 store_reg(s, rs, tmp);
10414 }
10415 } else {
10416 /* Store. */
10417 tmp = load_reg(s, rs);
10418 switch (op) {
10419 case 0:
10420 gen_aa32_st8(tmp, addr, memidx);
10421 break;
10422 case 1:
10423 gen_aa32_st16(tmp, addr, memidx);
10424 break;
10425 case 2:
10426 gen_aa32_st32(tmp, addr, memidx);
10427 break;
10428 default:
10429 tcg_temp_free_i32(tmp);
10430 tcg_temp_free_i32(addr);
10431 goto illegal_op;
10432 }
10433 tcg_temp_free_i32(tmp);
10434 }
10435 if (postinc)
10436 tcg_gen_addi_i32(addr, addr, imm);
10437 if (writeback) {
10438 store_reg(s, rn, addr);
10439 } else {
10440 tcg_temp_free_i32(addr);
10441 }
10442 }
10443 break;
10444 default:
10445 goto illegal_op;
10446 }
10447 return 0;
10448 illegal_op:
10449 return 1;
10450 }
10451
10452 static void disas_thumb_insn(CPUARMState *env, DisasContext *s)
10453 {
10454 uint32_t val, insn, op, rm, rn, rd, shift, cond;
10455 int32_t offset;
10456 int i;
10457 TCGv_i32 tmp;
10458 TCGv_i32 tmp2;
10459 TCGv_i32 addr;
10460
10461 if (s->condexec_mask) {
10462 cond = s->condexec_cond;
10463 if (cond != 0x0e) { /* Skip conditional when condition is AL. */
10464 s->condlabel = gen_new_label();
10465 arm_gen_test_cc(cond ^ 1, s->condlabel);
10466 s->condjmp = 1;
10467 }
10468 }
10469
10470 insn = arm_lduw_code(env, s->pc, s->bswap_code);
10471 s->pc += 2;
10472
10473 switch (insn >> 12) {
10474 case 0: case 1:
10475
10476 rd = insn & 7;
10477 op = (insn >> 11) & 3;
10478 if (op == 3) {
10479 /* add/subtract */
10480 rn = (insn >> 3) & 7;
10481 tmp = load_reg(s, rn);
10482 if (insn & (1 << 10)) {
10483 /* immediate */
10484 tmp2 = tcg_temp_new_i32();
10485 tcg_gen_movi_i32(tmp2, (insn >> 6) & 7);
10486 } else {
10487 /* reg */
10488 rm = (insn >> 6) & 7;
10489 tmp2 = load_reg(s, rm);
10490 }
10491 if (insn & (1 << 9)) {
10492 if (s->condexec_mask)
10493 tcg_gen_sub_i32(tmp, tmp, tmp2);
10494 else
10495 gen_sub_CC(tmp, tmp, tmp2);
10496 } else {
10497 if (s->condexec_mask)
10498 tcg_gen_add_i32(tmp, tmp, tmp2);
10499 else
10500 gen_add_CC(tmp, tmp, tmp2);
10501 }
10502 tcg_temp_free_i32(tmp2);
10503 store_reg(s, rd, tmp);
10504 } else {
10505 /* shift immediate */
10506 rm = (insn >> 3) & 7;
10507 shift = (insn >> 6) & 0x1f;
10508 tmp = load_reg(s, rm);
10509 gen_arm_shift_im(tmp, op, shift, s->condexec_mask == 0);
10510 if (!s->condexec_mask)
10511 gen_logic_CC(tmp);
10512 store_reg(s, rd, tmp);
10513 }
10514 break;
10515 case 2: case 3:
10516 /* arithmetic large immediate */
10517 op = (insn >> 11) & 3;
10518 rd = (insn >> 8) & 0x7;
10519 if (op == 0) { /* mov */
10520 tmp = tcg_temp_new_i32();
10521 tcg_gen_movi_i32(tmp, insn & 0xff);
10522 if (!s->condexec_mask)
10523 gen_logic_CC(tmp);
10524 store_reg(s, rd, tmp);
10525 } else {
10526 tmp = load_reg(s, rd);
10527 tmp2 = tcg_temp_new_i32();
10528 tcg_gen_movi_i32(tmp2, insn & 0xff);
10529 switch (op) {
10530 case 1: /* cmp */
10531 gen_sub_CC(tmp, tmp, tmp2);
10532 tcg_temp_free_i32(tmp);
10533 tcg_temp_free_i32(tmp2);
10534 break;
10535 case 2: /* add */
10536 if (s->condexec_mask)
10537 tcg_gen_add_i32(tmp, tmp, tmp2);
10538 else
10539 gen_add_CC(tmp, tmp, tmp2);
10540 tcg_temp_free_i32(tmp2);
10541 store_reg(s, rd, tmp);
10542 break;
10543 case 3: /* sub */
10544 if (s->condexec_mask)
10545 tcg_gen_sub_i32(tmp, tmp, tmp2);
10546 else
10547 gen_sub_CC(tmp, tmp, tmp2);
10548 tcg_temp_free_i32(tmp2);
10549 store_reg(s, rd, tmp);
10550 break;
10551 }
10552 }
10553 break;
10554 case 4:
10555 if (insn & (1 << 11)) {
10556 rd = (insn >> 8) & 7;
10557 /* load pc-relative. Bit 1 of PC is ignored. */
10558 val = s->pc + 2 + ((insn & 0xff) * 4);
10559 val &= ~(uint32_t)2;
10560 addr = tcg_temp_new_i32();
10561 tcg_gen_movi_i32(addr, val);
10562 tmp = tcg_temp_new_i32();
10563 gen_aa32_ld32u(tmp, addr, get_mem_index(s));
10564 tcg_temp_free_i32(addr);
10565 store_reg(s, rd, tmp);
10566 break;
10567 }
10568 if (insn & (1 << 10)) {
10569 /* data processing extended or blx */
10570 rd = (insn & 7) | ((insn >> 4) & 8);
10571 rm = (insn >> 3) & 0xf;
10572 op = (insn >> 8) & 3;
10573 switch (op) {
10574 case 0: /* add */
10575 tmp = load_reg(s, rd);
10576 tmp2 = load_reg(s, rm);
10577 tcg_gen_add_i32(tmp, tmp, tmp2);
10578 tcg_temp_free_i32(tmp2);
10579 store_reg(s, rd, tmp);
10580 break;
10581 case 1: /* cmp */
10582 tmp = load_reg(s, rd);
10583 tmp2 = load_reg(s, rm);
10584 gen_sub_CC(tmp, tmp, tmp2);
10585 tcg_temp_free_i32(tmp2);
10586 tcg_temp_free_i32(tmp);
10587 break;
10588 case 2: /* mov/cpy */
10589 tmp = load_reg(s, rm);
10590 store_reg(s, rd, tmp);
10591 break;
10592 case 3:/* branch [and link] exchange thumb register */
10593 tmp = load_reg(s, rm);
10594 if (insn & (1 << 7)) {
10595 ARCH(5);
10596 val = (uint32_t)s->pc | 1;
10597 tmp2 = tcg_temp_new_i32();
10598 tcg_gen_movi_i32(tmp2, val);
10599 store_reg(s, 14, tmp2);
10600 }
10601 /* already thumb, no need to check */
10602 gen_bx(s, tmp);
10603 break;
10604 }
10605 break;
10606 }
10607
10608 /* data processing register */
10609 rd = insn & 7;
10610 rm = (insn >> 3) & 7;
10611 op = (insn >> 6) & 0xf;
10612 if (op == 2 || op == 3 || op == 4 || op == 7) {
10613 /* the shift/rotate ops want the operands backwards */
10614 val = rm;
10615 rm = rd;
10616 rd = val;
10617 val = 1;
10618 } else {
10619 val = 0;
10620 }
10621
10622 if (op == 9) { /* neg */
10623 tmp = tcg_temp_new_i32();
10624 tcg_gen_movi_i32(tmp, 0);
10625 } else if (op != 0xf) { /* mvn doesn't read its first operand */
10626 tmp = load_reg(s, rd);
10627 } else {
10628 TCGV_UNUSED_I32(tmp);
10629 }
10630
10631 tmp2 = load_reg(s, rm);
10632 switch (op) {
10633 case 0x0: /* and */
10634 tcg_gen_and_i32(tmp, tmp, tmp2);
10635 if (!s->condexec_mask)
10636 gen_logic_CC(tmp);
10637 break;
10638 case 0x1: /* eor */
10639 tcg_gen_xor_i32(tmp, tmp, tmp2);
10640 if (!s->condexec_mask)
10641 gen_logic_CC(tmp);
10642 break;
10643 case 0x2: /* lsl */
10644 if (s->condexec_mask) {
10645 gen_shl(tmp2, tmp2, tmp);
10646 } else {
10647 gen_helper_shl_cc(tmp2, cpu_env, tmp2, tmp);
10648 gen_logic_CC(tmp2);
10649 }
10650 break;
10651 case 0x3: /* lsr */
10652 if (s->condexec_mask) {
10653 gen_shr(tmp2, tmp2, tmp);
10654 } else {
10655 gen_helper_shr_cc(tmp2, cpu_env, tmp2, tmp);
10656 gen_logic_CC(tmp2);
10657 }
10658 break;
10659 case 0x4: /* asr */
10660 if (s->condexec_mask) {
10661 gen_sar(tmp2, tmp2, tmp);
10662 } else {
10663 gen_helper_sar_cc(tmp2, cpu_env, tmp2, tmp);
10664 gen_logic_CC(tmp2);
10665 }
10666 break;
10667 case 0x5: /* adc */
10668 if (s->condexec_mask) {
10669 gen_adc(tmp, tmp2);
10670 } else {
10671 gen_adc_CC(tmp, tmp, tmp2);
10672 }
10673 break;
10674 case 0x6: /* sbc */
10675 if (s->condexec_mask) {
10676 gen_sub_carry(tmp, tmp, tmp2);
10677 } else {
10678 gen_sbc_CC(tmp, tmp, tmp2);
10679 }
10680 break;
10681 case 0x7: /* ror */
10682 if (s->condexec_mask) {
10683 tcg_gen_andi_i32(tmp, tmp, 0x1f);
10684 tcg_gen_rotr_i32(tmp2, tmp2, tmp);
10685 } else {
10686 gen_helper_ror_cc(tmp2, cpu_env, tmp2, tmp);
10687 gen_logic_CC(tmp2);
10688 }
10689 break;
10690 case 0x8: /* tst */
10691 tcg_gen_and_i32(tmp, tmp, tmp2);
10692 gen_logic_CC(tmp);
10693 rd = 16;
10694 break;
10695 case 0x9: /* neg */
10696 if (s->condexec_mask)
10697 tcg_gen_neg_i32(tmp, tmp2);
10698 else
10699 gen_sub_CC(tmp, tmp, tmp2);
10700 break;
10701 case 0xa: /* cmp */
10702 gen_sub_CC(tmp, tmp, tmp2);
10703 rd = 16;
10704 break;
10705 case 0xb: /* cmn */
10706 gen_add_CC(tmp, tmp, tmp2);
10707 rd = 16;
10708 break;
10709 case 0xc: /* orr */
10710 tcg_gen_or_i32(tmp, tmp, tmp2);
10711 if (!s->condexec_mask)
10712 gen_logic_CC(tmp);
10713 break;
10714 case 0xd: /* mul */
10715 tcg_gen_mul_i32(tmp, tmp, tmp2);
10716 if (!s->condexec_mask)
10717 gen_logic_CC(tmp);
10718 break;
10719 case 0xe: /* bic */
10720 tcg_gen_andc_i32(tmp, tmp, tmp2);
10721 if (!s->condexec_mask)
10722 gen_logic_CC(tmp);
10723 break;
10724 case 0xf: /* mvn */
10725 tcg_gen_not_i32(tmp2, tmp2);
10726 if (!s->condexec_mask)
10727 gen_logic_CC(tmp2);
10728 val = 1;
10729 rm = rd;
10730 break;
10731 }
10732 if (rd != 16) {
10733 if (val) {
10734 store_reg(s, rm, tmp2);
10735 if (op != 0xf)
10736 tcg_temp_free_i32(tmp);
10737 } else {
10738 store_reg(s, rd, tmp);
10739 tcg_temp_free_i32(tmp2);
10740 }
10741 } else {
10742 tcg_temp_free_i32(tmp);
10743 tcg_temp_free_i32(tmp2);
10744 }
10745 break;
10746
10747 case 5:
10748 /* load/store register offset. */
10749 rd = insn & 7;
10750 rn = (insn >> 3) & 7;
10751 rm = (insn >> 6) & 7;
10752 op = (insn >> 9) & 7;
10753 addr = load_reg(s, rn);
10754 tmp = load_reg(s, rm);
10755 tcg_gen_add_i32(addr, addr, tmp);
10756 tcg_temp_free_i32(tmp);
10757
10758 if (op < 3) { /* store */
10759 tmp = load_reg(s, rd);
10760 } else {
10761 tmp = tcg_temp_new_i32();
10762 }
10763
10764 switch (op) {
10765 case 0: /* str */
10766 gen_aa32_st32(tmp, addr, get_mem_index(s));
10767 break;
10768 case 1: /* strh */
10769 gen_aa32_st16(tmp, addr, get_mem_index(s));
10770 break;
10771 case 2: /* strb */
10772 gen_aa32_st8(tmp, addr, get_mem_index(s));
10773 break;
10774 case 3: /* ldrsb */
10775 gen_aa32_ld8s(tmp, addr, get_mem_index(s));
10776 break;
10777 case 4: /* ldr */
10778 gen_aa32_ld32u(tmp, addr, get_mem_index(s));
10779 break;
10780 case 5: /* ldrh */
10781 gen_aa32_ld16u(tmp, addr, get_mem_index(s));
10782 break;
10783 case 6: /* ldrb */
10784 gen_aa32_ld8u(tmp, addr, get_mem_index(s));
10785 break;
10786 case 7: /* ldrsh */
10787 gen_aa32_ld16s(tmp, addr, get_mem_index(s));
10788 break;
10789 }
10790 if (op >= 3) { /* load */
10791 store_reg(s, rd, tmp);
10792 } else {
10793 tcg_temp_free_i32(tmp);
10794 }
10795 tcg_temp_free_i32(addr);
10796 break;
10797
10798 case 6:
10799 /* load/store word immediate offset */
10800 rd = insn & 7;
10801 rn = (insn >> 3) & 7;
10802 addr = load_reg(s, rn);
10803 val = (insn >> 4) & 0x7c;
10804 tcg_gen_addi_i32(addr, addr, val);
10805
10806 if (insn & (1 << 11)) {
10807 /* load */
10808 tmp = tcg_temp_new_i32();
10809 gen_aa32_ld32u(tmp, addr, get_mem_index(s));
10810 store_reg(s, rd, tmp);
10811 } else {
10812 /* store */
10813 tmp = load_reg(s, rd);
10814 gen_aa32_st32(tmp, addr, get_mem_index(s));
10815 tcg_temp_free_i32(tmp);
10816 }
10817 tcg_temp_free_i32(addr);
10818 break;
10819
10820 case 7:
10821 /* load/store byte immediate offset */
10822 rd = insn & 7;
10823 rn = (insn >> 3) & 7;
10824 addr = load_reg(s, rn);
10825 val = (insn >> 6) & 0x1f;
10826 tcg_gen_addi_i32(addr, addr, val);
10827
10828 if (insn & (1 << 11)) {
10829 /* load */
10830 tmp = tcg_temp_new_i32();
10831 gen_aa32_ld8u(tmp, addr, get_mem_index(s));
10832 store_reg(s, rd, tmp);
10833 } else {
10834 /* store */
10835 tmp = load_reg(s, rd);
10836 gen_aa32_st8(tmp, addr, get_mem_index(s));
10837 tcg_temp_free_i32(tmp);
10838 }
10839 tcg_temp_free_i32(addr);
10840 break;
10841
10842 case 8:
10843 /* load/store halfword immediate offset */
10844 rd = insn & 7;
10845 rn = (insn >> 3) & 7;
10846 addr = load_reg(s, rn);
10847 val = (insn >> 5) & 0x3e;
10848 tcg_gen_addi_i32(addr, addr, val);
10849
10850 if (insn & (1 << 11)) {
10851 /* load */
10852 tmp = tcg_temp_new_i32();
10853 gen_aa32_ld16u(tmp, addr, get_mem_index(s));
10854 store_reg(s, rd, tmp);
10855 } else {
10856 /* store */
10857 tmp = load_reg(s, rd);
10858 gen_aa32_st16(tmp, addr, get_mem_index(s));
10859 tcg_temp_free_i32(tmp);
10860 }
10861 tcg_temp_free_i32(addr);
10862 break;
10863
10864 case 9:
10865 /* load/store from stack */
10866 rd = (insn >> 8) & 7;
10867 addr = load_reg(s, 13);
10868 val = (insn & 0xff) * 4;
10869 tcg_gen_addi_i32(addr, addr, val);
10870
10871 if (insn & (1 << 11)) {
10872 /* load */
10873 tmp = tcg_temp_new_i32();
10874 gen_aa32_ld32u(tmp, addr, get_mem_index(s));
10875 store_reg(s, rd, tmp);
10876 } else {
10877 /* store */
10878 tmp = load_reg(s, rd);
10879 gen_aa32_st32(tmp, addr, get_mem_index(s));
10880 tcg_temp_free_i32(tmp);
10881 }
10882 tcg_temp_free_i32(addr);
10883 break;
10884
10885 case 10:
10886 /* add to high reg */
10887 rd = (insn >> 8) & 7;
10888 if (insn & (1 << 11)) {
10889 /* SP */
10890 tmp = load_reg(s, 13);
10891 } else {
10892 /* PC. bit 1 is ignored. */
10893 tmp = tcg_temp_new_i32();
10894 tcg_gen_movi_i32(tmp, (s->pc + 2) & ~(uint32_t)2);
10895 }
10896 val = (insn & 0xff) * 4;
10897 tcg_gen_addi_i32(tmp, tmp, val);
10898 store_reg(s, rd, tmp);
10899 break;
10900
10901 case 11:
10902 /* misc */
10903 op = (insn >> 8) & 0xf;
10904 switch (op) {
10905 case 0:
10906 /* adjust stack pointer */
10907 tmp = load_reg(s, 13);
10908 val = (insn & 0x7f) * 4;
10909 if (insn & (1 << 7))
10910 val = -(int32_t)val;
10911 tcg_gen_addi_i32(tmp, tmp, val);
10912 store_reg(s, 13, tmp);
10913 break;
10914
10915 case 2: /* sign/zero extend. */
10916 ARCH(6);
10917 rd = insn & 7;
10918 rm = (insn >> 3) & 7;
10919 tmp = load_reg(s, rm);
10920 switch ((insn >> 6) & 3) {
10921 case 0: gen_sxth(tmp); break;
10922 case 1: gen_sxtb(tmp); break;
10923 case 2: gen_uxth(tmp); break;
10924 case 3: gen_uxtb(tmp); break;
10925 }
10926 store_reg(s, rd, tmp);
10927 break;
10928 case 4: case 5: case 0xc: case 0xd:
10929 /* push/pop */
10930 addr = load_reg(s, 13);
10931 if (insn & (1 << 8))
10932 offset = 4;
10933 else
10934 offset = 0;
10935 for (i = 0; i < 8; i++) {
10936 if (insn & (1 << i))
10937 offset += 4;
10938 }
10939 if ((insn & (1 << 11)) == 0) {
10940 tcg_gen_addi_i32(addr, addr, -offset);
10941 }
10942 for (i = 0; i < 8; i++) {
10943 if (insn & (1 << i)) {
10944 if (insn & (1 << 11)) {
10945 /* pop */
10946 tmp = tcg_temp_new_i32();
10947 gen_aa32_ld32u(tmp, addr, get_mem_index(s));
10948 store_reg(s, i, tmp);
10949 } else {
10950 /* push */
10951 tmp = load_reg(s, i);
10952 gen_aa32_st32(tmp, addr, get_mem_index(s));
10953 tcg_temp_free_i32(tmp);
10954 }
10955 /* advance to the next address. */
10956 tcg_gen_addi_i32(addr, addr, 4);
10957 }
10958 }
10959 TCGV_UNUSED_I32(tmp);
10960 if (insn & (1 << 8)) {
10961 if (insn & (1 << 11)) {
10962 /* pop pc */
10963 tmp = tcg_temp_new_i32();
10964 gen_aa32_ld32u(tmp, addr, get_mem_index(s));
10965 /* don't set the pc until the rest of the instruction
10966 has completed */
10967 } else {
10968 /* push lr */
10969 tmp = load_reg(s, 14);
10970 gen_aa32_st32(tmp, addr, get_mem_index(s));
10971 tcg_temp_free_i32(tmp);
10972 }
10973 tcg_gen_addi_i32(addr, addr, 4);
10974 }
10975 if ((insn & (1 << 11)) == 0) {
10976 tcg_gen_addi_i32(addr, addr, -offset);
10977 }
10978 /* write back the new stack pointer */
10979 store_reg(s, 13, addr);
10980 /* set the new PC value */
10981 if ((insn & 0x0900) == 0x0900) {
10982 store_reg_from_load(s, 15, tmp);
10983 }
10984 break;
10985
10986 case 1: case 3: case 9: case 11: /* czb */
10987 rm = insn & 7;
10988 tmp = load_reg(s, rm);
10989 s->condlabel = gen_new_label();
10990 s->condjmp = 1;
10991 if (insn & (1 << 11))
10992 tcg_gen_brcondi_i32(TCG_COND_EQ, tmp, 0, s->condlabel);
10993 else
10994 tcg_gen_brcondi_i32(TCG_COND_NE, tmp, 0, s->condlabel);
10995 tcg_temp_free_i32(tmp);
10996 offset = ((insn & 0xf8) >> 2) | (insn & 0x200) >> 3;
10997 val = (uint32_t)s->pc + 2;
10998 val += offset;
10999 gen_jmp(s, val);
11000 break;
11001
11002 case 15: /* IT, nop-hint. */
11003 if ((insn & 0xf) == 0) {
11004 gen_nop_hint(s, (insn >> 4) & 0xf);
11005 break;
11006 }
11007 /* If Then. */
11008 s->condexec_cond = (insn >> 4) & 0xe;
11009 s->condexec_mask = insn & 0x1f;
11010 /* No actual code generated for this insn, just setup state. */
11011 break;
11012
11013 case 0xe: /* bkpt */
11014 {
11015 int imm8 = extract32(insn, 0, 8);
11016 ARCH(5);
11017 gen_exception_insn(s, 2, EXCP_BKPT, syn_aa32_bkpt(imm8, true),
11018 default_exception_el(s));
11019 break;
11020 }
11021
11022 case 0xa: /* rev */
11023 ARCH(6);
11024 rn = (insn >> 3) & 0x7;
11025 rd = insn & 0x7;
11026 tmp = load_reg(s, rn);
11027 switch ((insn >> 6) & 3) {
11028 case 0: tcg_gen_bswap32_i32(tmp, tmp); break;
11029 case 1: gen_rev16(tmp); break;
11030 case 3: gen_revsh(tmp); break;
11031 default: goto illegal_op;
11032 }
11033 store_reg(s, rd, tmp);
11034 break;
11035
11036 case 6:
11037 switch ((insn >> 5) & 7) {
11038 case 2:
11039 /* setend */
11040 ARCH(6);
11041 if (((insn >> 3) & 1) != s->bswap_code) {
11042 /* Dynamic endianness switching not implemented. */
11043 qemu_log_mask(LOG_UNIMP, "arm: unimplemented setend\n");
11044 goto illegal_op;
11045 }
11046 break;
11047 case 3:
11048 /* cps */
11049 ARCH(6);
11050 if (IS_USER(s)) {
11051 break;
11052 }
11053 if (arm_dc_feature(s, ARM_FEATURE_M)) {
11054 tmp = tcg_const_i32((insn & (1 << 4)) != 0);
11055 /* FAULTMASK */
11056 if (insn & 1) {
11057 addr = tcg_const_i32(19);
11058 gen_helper_v7m_msr(cpu_env, addr, tmp);
11059 tcg_temp_free_i32(addr);
11060 }
11061 /* PRIMASK */
11062 if (insn & 2) {
11063 addr = tcg_const_i32(16);
11064 gen_helper_v7m_msr(cpu_env, addr, tmp);
11065 tcg_temp_free_i32(addr);
11066 }
11067 tcg_temp_free_i32(tmp);
11068 gen_lookup_tb(s);
11069 } else {
11070 if (insn & (1 << 4)) {
11071 shift = CPSR_A | CPSR_I | CPSR_F;
11072 } else {
11073 shift = 0;
11074 }
11075 gen_set_psr_im(s, ((insn & 7) << 6), 0, shift);
11076 }
11077 break;
11078 default:
11079 goto undef;
11080 }
11081 break;
11082
11083 default:
11084 goto undef;
11085 }
11086 break;
11087
11088 case 12:
11089 {
11090 /* load/store multiple */
11091 TCGv_i32 loaded_var;
11092 TCGV_UNUSED_I32(loaded_var);
11093 rn = (insn >> 8) & 0x7;
11094 addr = load_reg(s, rn);
11095 for (i = 0; i < 8; i++) {
11096 if (insn & (1 << i)) {
11097 if (insn & (1 << 11)) {
11098 /* load */
11099 tmp = tcg_temp_new_i32();
11100 gen_aa32_ld32u(tmp, addr, get_mem_index(s));
11101 if (i == rn) {
11102 loaded_var = tmp;
11103 } else {
11104 store_reg(s, i, tmp);
11105 }
11106 } else {
11107 /* store */
11108 tmp = load_reg(s, i);
11109 gen_aa32_st32(tmp, addr, get_mem_index(s));
11110 tcg_temp_free_i32(tmp);
11111 }
11112 /* advance to the next address */
11113 tcg_gen_addi_i32(addr, addr, 4);
11114 }
11115 }
11116 if ((insn & (1 << rn)) == 0) {
11117 /* base reg not in list: base register writeback */
11118 store_reg(s, rn, addr);
11119 } else {
11120 /* base reg in list: if load, complete it now */
11121 if (insn & (1 << 11)) {
11122 store_reg(s, rn, loaded_var);
11123 }
11124 tcg_temp_free_i32(addr);
11125 }
11126 break;
11127 }
11128 case 13:
11129 /* conditional branch or swi */
11130 cond = (insn >> 8) & 0xf;
11131 if (cond == 0xe)
11132 goto undef;
11133
11134 if (cond == 0xf) {
11135 /* swi */
11136 gen_set_pc_im(s, s->pc);
11137 s->svc_imm = extract32(insn, 0, 8);
11138 s->is_jmp = DISAS_SWI;
11139 break;
11140 }
11141 /* generate a conditional jump to next instruction */
11142 s->condlabel = gen_new_label();
11143 arm_gen_test_cc(cond ^ 1, s->condlabel);
11144 s->condjmp = 1;
11145
11146 /* jump to the offset */
11147 val = (uint32_t)s->pc + 2;
11148 offset = ((int32_t)insn << 24) >> 24;
11149 val += offset << 1;
11150 gen_jmp(s, val);
11151 break;
11152
11153 case 14:
11154 if (insn & (1 << 11)) {
11155 if (disas_thumb2_insn(env, s, insn))
11156 goto undef32;
11157 break;
11158 }
11159 /* unconditional branch */
11160 val = (uint32_t)s->pc;
11161 offset = ((int32_t)insn << 21) >> 21;
11162 val += (offset << 1) + 2;
11163 gen_jmp(s, val);
11164 break;
11165
11166 case 15:
11167 if (disas_thumb2_insn(env, s, insn))
11168 goto undef32;
11169 break;
11170 }
11171 return;
11172 undef32:
11173 gen_exception_insn(s, 4, EXCP_UDEF, syn_uncategorized(),
11174 default_exception_el(s));
11175 return;
11176 illegal_op:
11177 undef:
11178 gen_exception_insn(s, 2, EXCP_UDEF, syn_uncategorized(),
11179 default_exception_el(s));
11180 }
11181
11182 static bool insn_crosses_page(CPUARMState *env, DisasContext *s)
11183 {
11184 /* Return true if the insn at dc->pc might cross a page boundary.
11185 * (False positives are OK, false negatives are not.)
11186 */
11187 uint16_t insn;
11188
11189 if ((s->pc & 3) == 0) {
11190 /* At a 4-aligned address we can't be crossing a page */
11191 return false;
11192 }
11193
11194 /* This must be a Thumb insn */
11195 insn = arm_lduw_code(env, s->pc, s->bswap_code);
11196
11197 if ((insn >> 11) >= 0x1d) {
11198 /* Top five bits 0b11101 / 0b11110 / 0b11111 : this is the
11199 * First half of a 32-bit Thumb insn. Thumb-1 cores might
11200 * end up actually treating this as two 16-bit insns (see the
11201 * code at the start of disas_thumb2_insn()) but we don't bother
11202 * to check for that as it is unlikely, and false positives here
11203 * are harmless.
11204 */
11205 return true;
11206 }
11207 /* Definitely a 16-bit insn, can't be crossing a page. */
11208 return false;
11209 }
11210
11211 /* generate intermediate code in gen_opc_buf and gen_opparam_buf for
11212 basic block 'tb'. */
11213 void gen_intermediate_code(CPUARMState *env, TranslationBlock *tb)
11214 {
11215 ARMCPU *cpu = arm_env_get_cpu(env);
11216 CPUState *cs = CPU(cpu);
11217 DisasContext dc1, *dc = &dc1;
11218 target_ulong pc_start;
11219 target_ulong next_page_start;
11220 int num_insns;
11221 int max_insns;
11222 bool end_of_page;
11223
11224 /* generate intermediate code */
11225
11226 /* The A64 decoder has its own top level loop, because it doesn't need
11227 * the A32/T32 complexity to do with conditional execution/IT blocks/etc.
11228 */
11229 if (ARM_TBFLAG_AARCH64_STATE(tb->flags)) {
11230 gen_intermediate_code_a64(cpu, tb);
11231 return;
11232 }
11233
11234 pc_start = tb->pc;
11235
11236 dc->tb = tb;
11237
11238 dc->is_jmp = DISAS_NEXT;
11239 dc->pc = pc_start;
11240 dc->singlestep_enabled = cs->singlestep_enabled;
11241 dc->condjmp = 0;
11242
11243 dc->aarch64 = 0;
11244 /* If we are coming from secure EL0 in a system with a 32-bit EL3, then
11245 * there is no secure EL1, so we route exceptions to EL3.
11246 */
11247 dc->secure_routed_to_el3 = arm_feature(env, ARM_FEATURE_EL3) &&
11248 !arm_el_is_aa64(env, 3);
11249 dc->thumb = ARM_TBFLAG_THUMB(tb->flags);
11250 dc->bswap_code = ARM_TBFLAG_BSWAP_CODE(tb->flags);
11251 dc->condexec_mask = (ARM_TBFLAG_CONDEXEC(tb->flags) & 0xf) << 1;
11252 dc->condexec_cond = ARM_TBFLAG_CONDEXEC(tb->flags) >> 4;
11253 dc->mmu_idx = ARM_TBFLAG_MMUIDX(tb->flags);
11254 dc->current_el = arm_mmu_idx_to_el(dc->mmu_idx);
11255 #if !defined(CONFIG_USER_ONLY)
11256 dc->user = (dc->current_el == 0);
11257 #endif
11258 dc->ns = ARM_TBFLAG_NS(tb->flags);
11259 dc->fp_excp_el = ARM_TBFLAG_FPEXC_EL(tb->flags);
11260 dc->vfp_enabled = ARM_TBFLAG_VFPEN(tb->flags);
11261 dc->vec_len = ARM_TBFLAG_VECLEN(tb->flags);
11262 dc->vec_stride = ARM_TBFLAG_VECSTRIDE(tb->flags);
11263 dc->c15_cpar = ARM_TBFLAG_XSCALE_CPAR(tb->flags);
11264 dc->cp_regs = cpu->cp_regs;
11265 dc->features = env->features;
11266
11267 /* Single step state. The code-generation logic here is:
11268 * SS_ACTIVE == 0:
11269 * generate code with no special handling for single-stepping (except
11270 * that anything that can make us go to SS_ACTIVE == 1 must end the TB;
11271 * this happens anyway because those changes are all system register or
11272 * PSTATE writes).
11273 * SS_ACTIVE == 1, PSTATE.SS == 1: (active-not-pending)
11274 * emit code for one insn
11275 * emit code to clear PSTATE.SS
11276 * emit code to generate software step exception for completed step
11277 * end TB (as usual for having generated an exception)
11278 * SS_ACTIVE == 1, PSTATE.SS == 0: (active-pending)
11279 * emit code to generate a software step exception
11280 * end the TB
11281 */
11282 dc->ss_active = ARM_TBFLAG_SS_ACTIVE(tb->flags);
11283 dc->pstate_ss = ARM_TBFLAG_PSTATE_SS(tb->flags);
11284 dc->is_ldex = false;
11285 dc->ss_same_el = false; /* Can't be true since EL_d must be AArch64 */
11286
11287 cpu_F0s = tcg_temp_new_i32();
11288 cpu_F1s = tcg_temp_new_i32();
11289 cpu_F0d = tcg_temp_new_i64();
11290 cpu_F1d = tcg_temp_new_i64();
11291 cpu_V0 = cpu_F0d;
11292 cpu_V1 = cpu_F1d;
11293 /* FIXME: cpu_M0 can probably be the same as cpu_V0. */
11294 cpu_M0 = tcg_temp_new_i64();
11295 next_page_start = (pc_start & TARGET_PAGE_MASK) + TARGET_PAGE_SIZE;
11296 num_insns = 0;
11297 max_insns = tb->cflags & CF_COUNT_MASK;
11298 if (max_insns == 0) {
11299 max_insns = CF_COUNT_MASK;
11300 }
11301 if (max_insns > TCG_MAX_INSNS) {
11302 max_insns = TCG_MAX_INSNS;
11303 }
11304
11305 gen_tb_start(tb);
11306
11307 tcg_clear_temp_count();
11308
11309 /* A note on handling of the condexec (IT) bits:
11310 *
11311 * We want to avoid the overhead of having to write the updated condexec
11312 * bits back to the CPUARMState for every instruction in an IT block. So:
11313 * (1) if the condexec bits are not already zero then we write
11314 * zero back into the CPUARMState now. This avoids complications trying
11315 * to do it at the end of the block. (For example if we don't do this
11316 * it's hard to identify whether we can safely skip writing condexec
11317 * at the end of the TB, which we definitely want to do for the case
11318 * where a TB doesn't do anything with the IT state at all.)
11319 * (2) if we are going to leave the TB then we call gen_set_condexec()
11320 * which will write the correct value into CPUARMState if zero is wrong.
11321 * This is done both for leaving the TB at the end, and for leaving
11322 * it because of an exception we know will happen, which is done in
11323 * gen_exception_insn(). The latter is necessary because we need to
11324 * leave the TB with the PC/IT state just prior to execution of the
11325 * instruction which caused the exception.
11326 * (3) if we leave the TB unexpectedly (eg a data abort on a load)
11327 * then the CPUARMState will be wrong and we need to reset it.
11328 * This is handled in the same way as restoration of the
11329 * PC in these situations; we save the value of the condexec bits
11330 * for each PC via tcg_gen_insn_start(), and restore_state_to_opc()
11331 * then uses this to restore them after an exception.
11332 *
11333 * Note that there are no instructions which can read the condexec
11334 * bits, and none which can write non-static values to them, so
11335 * we don't need to care about whether CPUARMState is correct in the
11336 * middle of a TB.
11337 */
11338
11339 /* Reset the conditional execution bits immediately. This avoids
11340 complications trying to do it at the end of the block. */
11341 if (dc->condexec_mask || dc->condexec_cond)
11342 {
11343 TCGv_i32 tmp = tcg_temp_new_i32();
11344 tcg_gen_movi_i32(tmp, 0);
11345 store_cpu_field(tmp, condexec_bits);
11346 }
11347 do {
11348 tcg_gen_insn_start(dc->pc,
11349 (dc->condexec_cond << 4) | (dc->condexec_mask >> 1));
11350 num_insns++;
11351
11352 #ifdef CONFIG_USER_ONLY
11353 /* Intercept jump to the magic kernel page. */
11354 if (dc->pc >= 0xffff0000) {
11355 /* We always get here via a jump, so know we are not in a
11356 conditional execution block. */
11357 gen_exception_internal(EXCP_KERNEL_TRAP);
11358 dc->is_jmp = DISAS_EXC;
11359 break;
11360 }
11361 #else
11362 if (dc->pc >= 0xfffffff0 && arm_dc_feature(dc, ARM_FEATURE_M)) {
11363 /* We always get here via a jump, so know we are not in a
11364 conditional execution block. */
11365 gen_exception_internal(EXCP_EXCEPTION_EXIT);
11366 dc->is_jmp = DISAS_EXC;
11367 break;
11368 }
11369 #endif
11370
11371 if (unlikely(!QTAILQ_EMPTY(&cs->breakpoints))) {
11372 CPUBreakpoint *bp;
11373 QTAILQ_FOREACH(bp, &cs->breakpoints, entry) {
11374 if (bp->pc == dc->pc) {
11375 if (bp->flags & BP_CPU) {
11376 gen_set_condexec(dc);
11377 gen_set_pc_im(dc, dc->pc);
11378 gen_helper_check_breakpoints(cpu_env);
11379 /* End the TB early; it's likely not going to be executed */
11380 dc->is_jmp = DISAS_UPDATE;
11381 } else {
11382 gen_exception_internal_insn(dc, 0, EXCP_DEBUG);
11383 /* The address covered by the breakpoint must be
11384 included in [tb->pc, tb->pc + tb->size) in order
11385 to for it to be properly cleared -- thus we
11386 increment the PC here so that the logic setting
11387 tb->size below does the right thing. */
11388 /* TODO: Advance PC by correct instruction length to
11389 * avoid disassembler error messages */
11390 dc->pc += 2;
11391 goto done_generating;
11392 }
11393 break;
11394 }
11395 }
11396 }
11397
11398 if (num_insns == max_insns && (tb->cflags & CF_LAST_IO)) {
11399 gen_io_start();
11400 }
11401
11402 if (dc->ss_active && !dc->pstate_ss) {
11403 /* Singlestep state is Active-pending.
11404 * If we're in this state at the start of a TB then either
11405 * a) we just took an exception to an EL which is being debugged
11406 * and this is the first insn in the exception handler
11407 * b) debug exceptions were masked and we just unmasked them
11408 * without changing EL (eg by clearing PSTATE.D)
11409 * In either case we're going to take a swstep exception in the
11410 * "did not step an insn" case, and so the syndrome ISV and EX
11411 * bits should be zero.
11412 */
11413 assert(num_insns == 1);
11414 gen_exception(EXCP_UDEF, syn_swstep(dc->ss_same_el, 0, 0),
11415 default_exception_el(dc));
11416 goto done_generating;
11417 }
11418
11419 if (dc->thumb) {
11420 disas_thumb_insn(env, dc);
11421 if (dc->condexec_mask) {
11422 dc->condexec_cond = (dc->condexec_cond & 0xe)
11423 | ((dc->condexec_mask >> 4) & 1);
11424 dc->condexec_mask = (dc->condexec_mask << 1) & 0x1f;
11425 if (dc->condexec_mask == 0) {
11426 dc->condexec_cond = 0;
11427 }
11428 }
11429 } else {
11430 unsigned int insn = arm_ldl_code(env, dc->pc, dc->bswap_code);
11431 dc->pc += 4;
11432 disas_arm_insn(dc, insn);
11433 }
11434
11435 if (dc->condjmp && !dc->is_jmp) {
11436 gen_set_label(dc->condlabel);
11437 dc->condjmp = 0;
11438 }
11439
11440 if (tcg_check_temp_count()) {
11441 fprintf(stderr, "TCG temporary leak before "TARGET_FMT_lx"\n",
11442 dc->pc);
11443 }
11444
11445 /* Translation stops when a conditional branch is encountered.
11446 * Otherwise the subsequent code could get translated several times.
11447 * Also stop translation when a page boundary is reached. This
11448 * ensures prefetch aborts occur at the right place. */
11449
11450 /* We want to stop the TB if the next insn starts in a new page,
11451 * or if it spans between this page and the next. This means that
11452 * if we're looking at the last halfword in the page we need to
11453 * see if it's a 16-bit Thumb insn (which will fit in this TB)
11454 * or a 32-bit Thumb insn (which won't).
11455 * This is to avoid generating a silly TB with a single 16-bit insn
11456 * in it at the end of this page (which would execute correctly
11457 * but isn't very efficient).
11458 */
11459 end_of_page = (dc->pc >= next_page_start) ||
11460 ((dc->pc >= next_page_start - 3) && insn_crosses_page(env, dc));
11461
11462 } while (!dc->is_jmp && !tcg_op_buf_full() &&
11463 !cs->singlestep_enabled &&
11464 !singlestep &&
11465 !dc->ss_active &&
11466 !end_of_page &&
11467 num_insns < max_insns);
11468
11469 if (tb->cflags & CF_LAST_IO) {
11470 if (dc->condjmp) {
11471 /* FIXME: This can theoretically happen with self-modifying
11472 code. */
11473 cpu_abort(cs, "IO on conditional branch instruction");
11474 }
11475 gen_io_end();
11476 }
11477
11478 /* At this stage dc->condjmp will only be set when the skipped
11479 instruction was a conditional branch or trap, and the PC has
11480 already been written. */
11481 if (unlikely(cs->singlestep_enabled || dc->ss_active)) {
11482 /* Unconditional and "condition passed" instruction codepath. */
11483 gen_set_condexec(dc);
11484 switch (dc->is_jmp) {
11485 case DISAS_SWI:
11486 gen_ss_advance(dc);
11487 gen_exception(EXCP_SWI, syn_aa32_svc(dc->svc_imm, dc->thumb),
11488 default_exception_el(dc));
11489 break;
11490 case DISAS_HVC:
11491 gen_ss_advance(dc);
11492 gen_exception(EXCP_HVC, syn_aa32_hvc(dc->svc_imm), 2);
11493 break;
11494 case DISAS_SMC:
11495 gen_ss_advance(dc);
11496 gen_exception(EXCP_SMC, syn_aa32_smc(), 3);
11497 break;
11498 case DISAS_NEXT:
11499 case DISAS_UPDATE:
11500 gen_set_pc_im(dc, dc->pc);
11501 /* fall through */
11502 default:
11503 if (dc->ss_active) {
11504 gen_step_complete_exception(dc);
11505 } else {
11506 /* FIXME: Single stepping a WFI insn will not halt
11507 the CPU. */
11508 gen_exception_internal(EXCP_DEBUG);
11509 }
11510 }
11511 if (dc->condjmp) {
11512 /* "Condition failed" instruction codepath. */
11513 gen_set_label(dc->condlabel);
11514 gen_set_condexec(dc);
11515 gen_set_pc_im(dc, dc->pc);
11516 if (dc->ss_active) {
11517 gen_step_complete_exception(dc);
11518 } else {
11519 gen_exception_internal(EXCP_DEBUG);
11520 }
11521 }
11522 } else {
11523 /* While branches must always occur at the end of an IT block,
11524 there are a few other things that can cause us to terminate
11525 the TB in the middle of an IT block:
11526 - Exception generating instructions (bkpt, swi, undefined).
11527 - Page boundaries.
11528 - Hardware watchpoints.
11529 Hardware breakpoints have already been handled and skip this code.
11530 */
11531 gen_set_condexec(dc);
11532 switch(dc->is_jmp) {
11533 case DISAS_NEXT:
11534 gen_goto_tb(dc, 1, dc->pc);
11535 break;
11536 case DISAS_UPDATE:
11537 gen_set_pc_im(dc, dc->pc);
11538 /* fall through */
11539 case DISAS_JUMP:
11540 default:
11541 /* indicate that the hash table must be used to find the next TB */
11542 tcg_gen_exit_tb(0);
11543 break;
11544 case DISAS_TB_JUMP:
11545 /* nothing more to generate */
11546 break;
11547 case DISAS_WFI:
11548 gen_helper_wfi(cpu_env);
11549 /* The helper doesn't necessarily throw an exception, but we
11550 * must go back to the main loop to check for interrupts anyway.
11551 */
11552 tcg_gen_exit_tb(0);
11553 break;
11554 case DISAS_WFE:
11555 gen_helper_wfe(cpu_env);
11556 break;
11557 case DISAS_YIELD:
11558 gen_helper_yield(cpu_env);
11559 break;
11560 case DISAS_SWI:
11561 gen_exception(EXCP_SWI, syn_aa32_svc(dc->svc_imm, dc->thumb),
11562 default_exception_el(dc));
11563 break;
11564 case DISAS_HVC:
11565 gen_exception(EXCP_HVC, syn_aa32_hvc(dc->svc_imm), 2);
11566 break;
11567 case DISAS_SMC:
11568 gen_exception(EXCP_SMC, syn_aa32_smc(), 3);
11569 break;
11570 }
11571 if (dc->condjmp) {
11572 gen_set_label(dc->condlabel);
11573 gen_set_condexec(dc);
11574 gen_goto_tb(dc, 1, dc->pc);
11575 dc->condjmp = 0;
11576 }
11577 }
11578
11579 done_generating:
11580 gen_tb_end(tb, num_insns);
11581
11582 #ifdef DEBUG_DISAS
11583 if (qemu_loglevel_mask(CPU_LOG_TB_IN_ASM)) {
11584 qemu_log("----------------\n");
11585 qemu_log("IN: %s\n", lookup_symbol(pc_start));
11586 log_target_disas(cs, pc_start, dc->pc - pc_start,
11587 dc->thumb | (dc->bswap_code << 1));
11588 qemu_log("\n");
11589 }
11590 #endif
11591 tb->size = dc->pc - pc_start;
11592 tb->icount = num_insns;
11593 }
11594
11595 static const char *cpu_mode_names[16] = {
11596 "usr", "fiq", "irq", "svc", "???", "???", "mon", "abt",
11597 "???", "???", "hyp", "und", "???", "???", "???", "sys"
11598 };
11599
11600 void arm_cpu_dump_state(CPUState *cs, FILE *f, fprintf_function cpu_fprintf,
11601 int flags)
11602 {
11603 ARMCPU *cpu = ARM_CPU(cs);
11604 CPUARMState *env = &cpu->env;
11605 int i;
11606 uint32_t psr;
11607 const char *ns_status;
11608
11609 if (is_a64(env)) {
11610 aarch64_cpu_dump_state(cs, f, cpu_fprintf, flags);
11611 return;
11612 }
11613
11614 for(i=0;i<16;i++) {
11615 cpu_fprintf(f, "R%02d=%08x", i, env->regs[i]);
11616 if ((i % 4) == 3)
11617 cpu_fprintf(f, "\n");
11618 else
11619 cpu_fprintf(f, " ");
11620 }
11621 psr = cpsr_read(env);
11622
11623 if (arm_feature(env, ARM_FEATURE_EL3) &&
11624 (psr & CPSR_M) != ARM_CPU_MODE_MON) {
11625 ns_status = env->cp15.scr_el3 & SCR_NS ? "NS " : "S ";
11626 } else {
11627 ns_status = "";
11628 }
11629
11630 cpu_fprintf(f, "PSR=%08x %c%c%c%c %c %s%s%d\n",
11631 psr,
11632 psr & (1 << 31) ? 'N' : '-',
11633 psr & (1 << 30) ? 'Z' : '-',
11634 psr & (1 << 29) ? 'C' : '-',
11635 psr & (1 << 28) ? 'V' : '-',
11636 psr & CPSR_T ? 'T' : 'A',
11637 ns_status,
11638 cpu_mode_names[psr & 0xf], (psr & 0x10) ? 32 : 26);
11639
11640 if (flags & CPU_DUMP_FPU) {
11641 int numvfpregs = 0;
11642 if (arm_feature(env, ARM_FEATURE_VFP)) {
11643 numvfpregs += 16;
11644 }
11645 if (arm_feature(env, ARM_FEATURE_VFP3)) {
11646 numvfpregs += 16;
11647 }
11648 for (i = 0; i < numvfpregs; i++) {
11649 uint64_t v = float64_val(env->vfp.regs[i]);
11650 cpu_fprintf(f, "s%02d=%08x s%02d=%08x d%02d=%016" PRIx64 "\n",
11651 i * 2, (uint32_t)v,
11652 i * 2 + 1, (uint32_t)(v >> 32),
11653 i, v);
11654 }
11655 cpu_fprintf(f, "FPSCR: %08x\n", (int)env->vfp.xregs[ARM_VFP_FPSCR]);
11656 }
11657 }
11658
11659 void restore_state_to_opc(CPUARMState *env, TranslationBlock *tb,
11660 target_ulong *data)
11661 {
11662 if (is_a64(env)) {
11663 env->pc = data[0];
11664 env->condexec_bits = 0;
11665 } else {
11666 env->regs[15] = data[0];
11667 env->condexec_bits = data[1];
11668 }
11669 }
AR7 emulation for QEMU