2 * Tiny Code Generator for QEMU
4 * Copyright (c) 2008 Fabrice Bellard
6 * Permission is hereby granted, free of charge, to any person obtaining a copy
7 * of this software and associated documentation files (the "Software"), to deal
8 * in the Software without restriction, including without limitation the rights
9 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
10 * copies of the Software, and to permit persons to whom the Software is
11 * furnished to do so, subject to the following conditions:
13 * The above copyright notice and this permission notice shall be included in
14 * all copies or substantial portions of the Software.
16 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
17 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
18 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
19 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
20 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
21 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
25 #include "tcg-be-ldst.h"
27 #ifdef CONFIG_DEBUG_TCG
28 static const char * const tcg_target_reg_names[TCG_TARGET_NB_REGS] = {
29 #if TCG_TARGET_REG_BITS == 64
30 "%rax", "%rcx", "%rdx", "%rbx", "%rsp", "%rbp", "%rsi", "%rdi",
31 "%r8", "%r9", "%r10", "%r11", "%r12", "%r13", "%r14", "%r15",
33 "%eax", "%ecx", "%edx", "%ebx", "%esp", "%ebp", "%esi", "%edi",
38 static const int tcg_target_reg_alloc_order[] = {
39 #if TCG_TARGET_REG_BITS == 64
66 static const int tcg_target_call_iarg_regs[] = {
67 #if TCG_TARGET_REG_BITS == 64
80 /* 32 bit mode uses stack based calling convention (GCC default). */
84 static const int tcg_target_call_oarg_regs[] = {
86 #if TCG_TARGET_REG_BITS == 32
91 /* Constants we accept. */
92 #define TCG_CT_CONST_S32 0x100
93 #define TCG_CT_CONST_U32 0x200
94 #define TCG_CT_CONST_I32 0x400
96 /* Registers used with L constraint, which are the first argument
97 registers on x86_64, and two random call clobbered registers on
99 #if TCG_TARGET_REG_BITS == 64
100 # define TCG_REG_L0 tcg_target_call_iarg_regs[0]
101 # define TCG_REG_L1 tcg_target_call_iarg_regs[1]
103 # define TCG_REG_L0 TCG_REG_EAX
104 # define TCG_REG_L1 TCG_REG_EDX
107 /* The host compiler should supply <cpuid.h> to enable runtime features
108 detection, as we're not going to go so far as our own inline assembly.
109 If not available, default values will be assumed. */
110 #if defined(CONFIG_CPUID_H)
114 /* For 32-bit, we are going to attempt to determine at runtime whether cmov
116 #if TCG_TARGET_REG_BITS == 64
118 #elif defined(CONFIG_CPUID_H) && defined(bit_CMOV)
119 static bool have_cmov;
124 /* If bit_MOVBE is defined in cpuid.h (added in GCC version 4.6), we are
125 going to attempt to determine at runtime whether movbe is available. */
126 #if defined(CONFIG_CPUID_H) && defined(bit_MOVBE)
127 static bool have_movbe;
129 # define have_movbe 0
132 /* We need this symbol in tcg-target.h, and we can't properly conditionalize
133 it there. Therefore we always define the variable. */
136 #if defined(CONFIG_CPUID_H) && defined(bit_BMI2)
137 static bool have_bmi2;
142 static tcg_insn_unit *tb_ret_addr;
144 static void patch_reloc(tcg_insn_unit *code_ptr, int type,
145 intptr_t value, intptr_t addend)
150 value -= (uintptr_t)code_ptr;
151 if (value != (int32_t)value) {
154 tcg_patch32(code_ptr, value);
157 value -= (uintptr_t)code_ptr;
158 if (value != (int8_t)value) {
161 tcg_patch8(code_ptr, value);
168 /* parse target specific constraints */
169 static const char *target_parse_constraint(TCGArgConstraint *ct,
170 const char *ct_str, TCGType type)
174 ct->ct |= TCG_CT_REG;
175 tcg_regset_set_reg(ct->u.regs, TCG_REG_EAX);
178 ct->ct |= TCG_CT_REG;
179 tcg_regset_set_reg(ct->u.regs, TCG_REG_EBX);
182 ct->ct |= TCG_CT_REG;
183 tcg_regset_set_reg(ct->u.regs, TCG_REG_ECX);
186 ct->ct |= TCG_CT_REG;
187 tcg_regset_set_reg(ct->u.regs, TCG_REG_EDX);
190 ct->ct |= TCG_CT_REG;
191 tcg_regset_set_reg(ct->u.regs, TCG_REG_ESI);
194 ct->ct |= TCG_CT_REG;
195 tcg_regset_set_reg(ct->u.regs, TCG_REG_EDI);
198 ct->ct |= TCG_CT_REG;
199 if (TCG_TARGET_REG_BITS == 64) {
200 tcg_regset_set32(ct->u.regs, 0, 0xffff);
202 tcg_regset_set32(ct->u.regs, 0, 0xf);
206 ct->ct |= TCG_CT_REG;
207 tcg_regset_set32(ct->u.regs, 0, 0xf);
210 ct->ct |= TCG_CT_REG;
211 if (TCG_TARGET_REG_BITS == 64) {
212 tcg_regset_set32(ct->u.regs, 0, 0xffff);
214 tcg_regset_set32(ct->u.regs, 0, 0xff);
218 /* qemu_ld/st address constraint */
220 ct->ct |= TCG_CT_REG;
221 if (TCG_TARGET_REG_BITS == 64) {
222 tcg_regset_set32(ct->u.regs, 0, 0xffff);
224 tcg_regset_set32(ct->u.regs, 0, 0xff);
226 tcg_regset_reset_reg(ct->u.regs, TCG_REG_L0);
227 tcg_regset_reset_reg(ct->u.regs, TCG_REG_L1);
231 ct->ct |= (type == TCG_TYPE_I32 ? TCG_CT_CONST : TCG_CT_CONST_S32);
234 ct->ct |= (type == TCG_TYPE_I32 ? TCG_CT_CONST : TCG_CT_CONST_U32);
237 ct->ct |= (type == TCG_TYPE_I32 ? TCG_CT_CONST : TCG_CT_CONST_I32);
246 /* test if a constant matches the constraint */
247 static inline int tcg_target_const_match(tcg_target_long val, TCGType type,
248 const TCGArgConstraint *arg_ct)
251 if (ct & TCG_CT_CONST) {
254 if ((ct & TCG_CT_CONST_S32) && val == (int32_t)val) {
257 if ((ct & TCG_CT_CONST_U32) && val == (uint32_t)val) {
260 if ((ct & TCG_CT_CONST_I32) && ~val == (int32_t)~val) {
266 #if TCG_TARGET_REG_BITS == 64
267 # define LOWREGMASK(x) ((x) & 7)
269 # define LOWREGMASK(x) (x)
272 #define P_EXT 0x100 /* 0x0f opcode prefix */
273 #define P_EXT38 0x200 /* 0x0f 0x38 opcode prefix */
274 #define P_DATA16 0x400 /* 0x66 opcode prefix */
275 #if TCG_TARGET_REG_BITS == 64
276 # define P_ADDR32 0x800 /* 0x67 opcode prefix */
277 # define P_REXW 0x1000 /* Set REX.W = 1 */
278 # define P_REXB_R 0x2000 /* REG field as byte register */
279 # define P_REXB_RM 0x4000 /* R/M field as byte register */
280 # define P_GS 0x8000 /* gs segment override */
288 #define P_SIMDF3 0x10000 /* 0xf3 opcode prefix */
289 #define P_SIMDF2 0x20000 /* 0xf2 opcode prefix */
291 #define OPC_ARITH_EvIz (0x81)
292 #define OPC_ARITH_EvIb (0x83)
293 #define OPC_ARITH_GvEv (0x03) /* ... plus (ARITH_FOO << 3) */
294 #define OPC_ANDN (0xf2 | P_EXT38)
295 #define OPC_ADD_GvEv (OPC_ARITH_GvEv | (ARITH_ADD << 3))
296 #define OPC_BSWAP (0xc8 | P_EXT)
297 #define OPC_CALL_Jz (0xe8)
298 #define OPC_CMOVCC (0x40 | P_EXT) /* ... plus condition code */
299 #define OPC_CMP_GvEv (OPC_ARITH_GvEv | (ARITH_CMP << 3))
300 #define OPC_DEC_r32 (0x48)
301 #define OPC_IMUL_GvEv (0xaf | P_EXT)
302 #define OPC_IMUL_GvEvIb (0x6b)
303 #define OPC_IMUL_GvEvIz (0x69)
304 #define OPC_INC_r32 (0x40)
305 #define OPC_JCC_long (0x80 | P_EXT) /* ... plus condition code */
306 #define OPC_JCC_short (0x70) /* ... plus condition code */
307 #define OPC_JMP_long (0xe9)
308 #define OPC_JMP_short (0xeb)
309 #define OPC_LEA (0x8d)
310 #define OPC_MOVB_EvGv (0x88) /* stores, more or less */
311 #define OPC_MOVL_EvGv (0x89) /* stores, more or less */
312 #define OPC_MOVL_GvEv (0x8b) /* loads, more or less */
313 #define OPC_MOVB_EvIz (0xc6)
314 #define OPC_MOVL_EvIz (0xc7)
315 #define OPC_MOVL_Iv (0xb8)
316 #define OPC_MOVBE_GyMy (0xf0 | P_EXT38)
317 #define OPC_MOVBE_MyGy (0xf1 | P_EXT38)
318 #define OPC_MOVSBL (0xbe | P_EXT)
319 #define OPC_MOVSWL (0xbf | P_EXT)
320 #define OPC_MOVSLQ (0x63 | P_REXW)
321 #define OPC_MOVZBL (0xb6 | P_EXT)
322 #define OPC_MOVZWL (0xb7 | P_EXT)
323 #define OPC_POP_r32 (0x58)
324 #define OPC_PUSH_r32 (0x50)
325 #define OPC_PUSH_Iv (0x68)
326 #define OPC_PUSH_Ib (0x6a)
327 #define OPC_RET (0xc3)
328 #define OPC_SETCC (0x90 | P_EXT | P_REXB_RM) /* ... plus cc */
329 #define OPC_SHIFT_1 (0xd1)
330 #define OPC_SHIFT_Ib (0xc1)
331 #define OPC_SHIFT_cl (0xd3)
332 #define OPC_SARX (0xf7 | P_EXT38 | P_SIMDF3)
333 #define OPC_SHLX (0xf7 | P_EXT38 | P_DATA16)
334 #define OPC_SHRX (0xf7 | P_EXT38 | P_SIMDF2)
335 #define OPC_TESTL (0x85)
336 #define OPC_XCHG_ax_r32 (0x90)
338 #define OPC_GRP3_Ev (0xf7)
339 #define OPC_GRP5 (0xff)
341 /* Group 1 opcode extensions for 0x80-0x83.
342 These are also used as modifiers for OPC_ARITH. */
352 /* Group 2 opcode extensions for 0xc0, 0xc1, 0xd0-0xd3. */
359 /* Group 3 opcode extensions for 0xf6, 0xf7. To be used with OPC_GRP3. */
367 /* Group 5 opcode extensions for 0xff. To be used with OPC_GRP5. */
368 #define EXT5_INC_Ev 0
369 #define EXT5_DEC_Ev 1
370 #define EXT5_CALLN_Ev 2
371 #define EXT5_JMPN_Ev 4
373 /* Condition codes to be added to OPC_JCC_{long,short}. */
392 static const uint8_t tcg_cond_to_jcc[] = {
393 [TCG_COND_EQ] = JCC_JE,
394 [TCG_COND_NE] = JCC_JNE,
395 [TCG_COND_LT] = JCC_JL,
396 [TCG_COND_GE] = JCC_JGE,
397 [TCG_COND_LE] = JCC_JLE,
398 [TCG_COND_GT] = JCC_JG,
399 [TCG_COND_LTU] = JCC_JB,
400 [TCG_COND_GEU] = JCC_JAE,
401 [TCG_COND_LEU] = JCC_JBE,
402 [TCG_COND_GTU] = JCC_JA,
405 #if TCG_TARGET_REG_BITS == 64
406 static void tcg_out_opc(TCGContext *s, int opc, int r, int rm, int x)
413 if (opc & P_DATA16) {
414 /* We should never be asking for both 16 and 64-bit operation. */
415 tcg_debug_assert((opc & P_REXW) == 0);
418 if (opc & P_ADDR32) {
423 rex |= (opc & P_REXW) ? 0x8 : 0x0; /* REX.W */
424 rex |= (r & 8) >> 1; /* REX.R */
425 rex |= (x & 8) >> 2; /* REX.X */
426 rex |= (rm & 8) >> 3; /* REX.B */
428 /* P_REXB_{R,RM} indicates that the given register is the low byte.
429 For %[abcd]l we need no REX prefix, but for %{si,di,bp,sp}l we do,
430 as otherwise the encoding indicates %[abcd]h. Note that the values
431 that are ORed in merely indicate that the REX byte must be present;
432 those bits get discarded in output. */
433 rex |= opc & (r >= 4 ? P_REXB_R : 0);
434 rex |= opc & (rm >= 4 ? P_REXB_RM : 0);
437 tcg_out8(s, (uint8_t)(rex | 0x40));
440 if (opc & (P_EXT | P_EXT38)) {
450 static void tcg_out_opc(TCGContext *s, int opc)
452 if (opc & P_DATA16) {
455 if (opc & (P_EXT | P_EXT38)) {
463 /* Discard the register arguments to tcg_out_opc early, so as not to penalize
464 the 32-bit compilation paths. This method works with all versions of gcc,
465 whereas relying on optimization may not be able to exclude them. */
466 #define tcg_out_opc(s, opc, r, rm, x) (tcg_out_opc)(s, opc)
469 static void tcg_out_modrm(TCGContext *s, int opc, int r, int rm)
471 tcg_out_opc(s, opc, r, rm, 0);
472 tcg_out8(s, 0xc0 | (LOWREGMASK(r) << 3) | LOWREGMASK(rm));
475 static void tcg_out_vex_modrm(TCGContext *s, int opc, int r, int v, int rm)
479 if ((opc & (P_REXW | P_EXT | P_EXT38)) || (rm & 8)) {
480 /* Three byte VEX prefix. */
486 } else if (opc & P_EXT) {
491 tmp |= 0x40; /* VEX.X */
492 tmp |= (r & 8 ? 0 : 0x80); /* VEX.R */
493 tmp |= (rm & 8 ? 0 : 0x20); /* VEX.B */
496 tmp = (opc & P_REXW ? 0x80 : 0); /* VEX.W */
498 /* Two byte VEX prefix. */
501 tmp = (r & 8 ? 0 : 0x80); /* VEX.R */
504 if (opc & P_DATA16) {
506 } else if (opc & P_SIMDF3) {
508 } else if (opc & P_SIMDF2) {
511 tmp |= (~v & 15) << 3; /* VEX.vvvv */
514 tcg_out8(s, 0xc0 | (LOWREGMASK(r) << 3) | LOWREGMASK(rm));
517 /* Output an opcode with a full "rm + (index<<shift) + offset" address mode.
518 We handle either RM and INDEX missing with a negative value. In 64-bit
519 mode for absolute addresses, ~RM is the size of the immediate operand
520 that will follow the instruction. */
522 static void tcg_out_modrm_sib_offset(TCGContext *s, int opc, int r, int rm,
523 int index, int shift, intptr_t offset)
527 if (index < 0 && rm < 0) {
528 if (TCG_TARGET_REG_BITS == 64) {
529 /* Try for a rip-relative addressing mode. This has replaced
530 the 32-bit-mode absolute addressing encoding. */
531 intptr_t pc = (intptr_t)s->code_ptr + 5 + ~rm;
532 intptr_t disp = offset - pc;
533 if (disp == (int32_t)disp) {
534 tcg_out_opc(s, opc, r, 0, 0);
535 tcg_out8(s, (LOWREGMASK(r) << 3) | 5);
540 /* Try for an absolute address encoding. This requires the
541 use of the MODRM+SIB encoding and is therefore larger than
542 rip-relative addressing. */
543 if (offset == (int32_t)offset) {
544 tcg_out_opc(s, opc, r, 0, 0);
545 tcg_out8(s, (LOWREGMASK(r) << 3) | 4);
546 tcg_out8(s, (4 << 3) | 5);
547 tcg_out32(s, offset);
551 /* ??? The memory isn't directly addressable. */
554 /* Absolute address. */
555 tcg_out_opc(s, opc, r, 0, 0);
556 tcg_out8(s, (r << 3) | 5);
557 tcg_out32(s, offset);
562 /* Find the length of the immediate addend. Note that the encoding
563 that would be used for (%ebp) indicates absolute addressing. */
565 mod = 0, len = 4, rm = 5;
566 } else if (offset == 0 && LOWREGMASK(rm) != TCG_REG_EBP) {
568 } else if (offset == (int8_t)offset) {
574 /* Use a single byte MODRM format if possible. Note that the encoding
575 that would be used for %esp is the escape to the two byte form. */
576 if (index < 0 && LOWREGMASK(rm) != TCG_REG_ESP) {
577 /* Single byte MODRM format. */
578 tcg_out_opc(s, opc, r, rm, 0);
579 tcg_out8(s, mod | (LOWREGMASK(r) << 3) | LOWREGMASK(rm));
581 /* Two byte MODRM+SIB format. */
583 /* Note that the encoding that would place %esp into the index
584 field indicates no index register. In 64-bit mode, the REX.X
585 bit counts, so %r12 can be used as the index. */
589 tcg_debug_assert(index != TCG_REG_ESP);
592 tcg_out_opc(s, opc, r, rm, index);
593 tcg_out8(s, mod | (LOWREGMASK(r) << 3) | 4);
594 tcg_out8(s, (shift << 6) | (LOWREGMASK(index) << 3) | LOWREGMASK(rm));
599 } else if (len == 4) {
600 tcg_out32(s, offset);
604 /* A simplification of the above with no index or shift. */
605 static inline void tcg_out_modrm_offset(TCGContext *s, int opc, int r,
606 int rm, intptr_t offset)
608 tcg_out_modrm_sib_offset(s, opc, r, rm, -1, 0, offset);
611 /* Generate dest op= src. Uses the same ARITH_* codes as tgen_arithi. */
612 static inline void tgen_arithr(TCGContext *s, int subop, int dest, int src)
614 /* Propagate an opcode prefix, such as P_REXW. */
615 int ext = subop & ~0x7;
618 tcg_out_modrm(s, OPC_ARITH_GvEv + (subop << 3) + ext, dest, src);
621 static inline void tcg_out_mov(TCGContext *s, TCGType type,
622 TCGReg ret, TCGReg arg)
625 int opc = OPC_MOVL_GvEv + (type == TCG_TYPE_I64 ? P_REXW : 0);
626 tcg_out_modrm(s, opc, ret, arg);
630 static void tcg_out_movi(TCGContext *s, TCGType type,
631 TCGReg ret, tcg_target_long arg)
633 tcg_target_long diff;
636 tgen_arithr(s, ARITH_XOR, ret, ret);
639 if (arg == (uint32_t)arg || type == TCG_TYPE_I32) {
640 tcg_out_opc(s, OPC_MOVL_Iv + LOWREGMASK(ret), 0, ret, 0);
644 if (arg == (int32_t)arg) {
645 tcg_out_modrm(s, OPC_MOVL_EvIz + P_REXW, 0, ret);
650 /* Try a 7 byte pc-relative lea before the 10 byte movq. */
651 diff = arg - ((uintptr_t)s->code_ptr + 7);
652 if (diff == (int32_t)diff) {
653 tcg_out_opc(s, OPC_LEA | P_REXW, ret, 0, 0);
654 tcg_out8(s, (LOWREGMASK(ret) << 3) | 5);
659 tcg_out_opc(s, OPC_MOVL_Iv + P_REXW + LOWREGMASK(ret), 0, ret, 0);
663 static inline void tcg_out_pushi(TCGContext *s, tcg_target_long val)
665 if (val == (int8_t)val) {
666 tcg_out_opc(s, OPC_PUSH_Ib, 0, 0, 0);
668 } else if (val == (int32_t)val) {
669 tcg_out_opc(s, OPC_PUSH_Iv, 0, 0, 0);
676 static inline void tcg_out_mb(TCGContext *s, TCGArg a0)
678 /* Given the strength of x86 memory ordering, we only need care for
679 store-load ordering. Experimentally, "lock orl $0,0(%esp)" is
680 faster than "mfence", so don't bother with the sse insn. */
681 if (a0 & TCG_MO_ST_LD) {
683 tcg_out_modrm_offset(s, OPC_ARITH_EvIb, ARITH_OR, TCG_REG_ESP, 0);
688 static inline void tcg_out_push(TCGContext *s, int reg)
690 tcg_out_opc(s, OPC_PUSH_r32 + LOWREGMASK(reg), 0, reg, 0);
693 static inline void tcg_out_pop(TCGContext *s, int reg)
695 tcg_out_opc(s, OPC_POP_r32 + LOWREGMASK(reg), 0, reg, 0);
698 static inline void tcg_out_ld(TCGContext *s, TCGType type, TCGReg ret,
699 TCGReg arg1, intptr_t arg2)
701 int opc = OPC_MOVL_GvEv + (type == TCG_TYPE_I64 ? P_REXW : 0);
702 tcg_out_modrm_offset(s, opc, ret, arg1, arg2);
705 static inline void tcg_out_st(TCGContext *s, TCGType type, TCGReg arg,
706 TCGReg arg1, intptr_t arg2)
708 int opc = OPC_MOVL_EvGv + (type == TCG_TYPE_I64 ? P_REXW : 0);
709 tcg_out_modrm_offset(s, opc, arg, arg1, arg2);
712 static bool tcg_out_sti(TCGContext *s, TCGType type, TCGArg val,
713 TCGReg base, intptr_t ofs)
716 if (TCG_TARGET_REG_BITS == 64 && type == TCG_TYPE_I64) {
717 if (val != (int32_t)val) {
722 tcg_out_modrm_offset(s, OPC_MOVL_EvIz | rexw, 0, base, ofs);
727 static void tcg_out_shifti(TCGContext *s, int subopc, int reg, int count)
729 /* Propagate an opcode prefix, such as P_DATA16. */
730 int ext = subopc & ~0x7;
734 tcg_out_modrm(s, OPC_SHIFT_1 + ext, subopc, reg);
736 tcg_out_modrm(s, OPC_SHIFT_Ib + ext, subopc, reg);
741 static inline void tcg_out_bswap32(TCGContext *s, int reg)
743 tcg_out_opc(s, OPC_BSWAP + LOWREGMASK(reg), 0, reg, 0);
746 static inline void tcg_out_rolw_8(TCGContext *s, int reg)
748 tcg_out_shifti(s, SHIFT_ROL + P_DATA16, reg, 8);
751 static inline void tcg_out_ext8u(TCGContext *s, int dest, int src)
754 tcg_debug_assert(src < 4 || TCG_TARGET_REG_BITS == 64);
755 tcg_out_modrm(s, OPC_MOVZBL + P_REXB_RM, dest, src);
758 static void tcg_out_ext8s(TCGContext *s, int dest, int src, int rexw)
761 tcg_debug_assert(src < 4 || TCG_TARGET_REG_BITS == 64);
762 tcg_out_modrm(s, OPC_MOVSBL + P_REXB_RM + rexw, dest, src);
765 static inline void tcg_out_ext16u(TCGContext *s, int dest, int src)
768 tcg_out_modrm(s, OPC_MOVZWL, dest, src);
771 static inline void tcg_out_ext16s(TCGContext *s, int dest, int src, int rexw)
774 tcg_out_modrm(s, OPC_MOVSWL + rexw, dest, src);
777 static inline void tcg_out_ext32u(TCGContext *s, int dest, int src)
779 /* 32-bit mov zero extends. */
780 tcg_out_modrm(s, OPC_MOVL_GvEv, dest, src);
783 static inline void tcg_out_ext32s(TCGContext *s, int dest, int src)
785 tcg_out_modrm(s, OPC_MOVSLQ, dest, src);
788 static inline void tcg_out_bswap64(TCGContext *s, int reg)
790 tcg_out_opc(s, OPC_BSWAP + P_REXW + LOWREGMASK(reg), 0, reg, 0);
793 static void tgen_arithi(TCGContext *s, int c, int r0,
794 tcg_target_long val, int cf)
798 if (TCG_TARGET_REG_BITS == 64) {
803 /* ??? While INC is 2 bytes shorter than ADDL $1, they also induce
804 partial flags update stalls on Pentium4 and are not recommended
805 by current Intel optimization manuals. */
806 if (!cf && (c == ARITH_ADD || c == ARITH_SUB) && (val == 1 || val == -1)) {
807 int is_inc = (c == ARITH_ADD) ^ (val < 0);
808 if (TCG_TARGET_REG_BITS == 64) {
809 /* The single-byte increment encodings are re-tasked as the
810 REX prefixes. Use the MODRM encoding. */
811 tcg_out_modrm(s, OPC_GRP5 + rexw,
812 (is_inc ? EXT5_INC_Ev : EXT5_DEC_Ev), r0);
814 tcg_out8(s, (is_inc ? OPC_INC_r32 : OPC_DEC_r32) + r0);
819 if (c == ARITH_AND) {
820 if (TCG_TARGET_REG_BITS == 64) {
821 if (val == 0xffffffffu) {
822 tcg_out_ext32u(s, r0, r0);
825 if (val == (uint32_t)val) {
826 /* AND with no high bits set can use a 32-bit operation. */
830 if (val == 0xffu && (r0 < 4 || TCG_TARGET_REG_BITS == 64)) {
831 tcg_out_ext8u(s, r0, r0);
834 if (val == 0xffffu) {
835 tcg_out_ext16u(s, r0, r0);
840 if (val == (int8_t)val) {
841 tcg_out_modrm(s, OPC_ARITH_EvIb + rexw, c, r0);
845 if (rexw == 0 || val == (int32_t)val) {
846 tcg_out_modrm(s, OPC_ARITH_EvIz + rexw, c, r0);
854 static void tcg_out_addi(TCGContext *s, int reg, tcg_target_long val)
857 tgen_arithi(s, ARITH_ADD + P_REXW, reg, val, 0);
861 /* Use SMALL != 0 to force a short forward branch. */
862 static void tcg_out_jxx(TCGContext *s, int opc, TCGLabel *l, int small)
867 val = tcg_pcrel_diff(s, l->u.value_ptr);
869 if ((int8_t)val1 == val1) {
871 tcg_out8(s, OPC_JMP_short);
873 tcg_out8(s, OPC_JCC_short + opc);
881 tcg_out8(s, OPC_JMP_long);
882 tcg_out32(s, val - 5);
884 tcg_out_opc(s, OPC_JCC_long + opc, 0, 0, 0);
885 tcg_out32(s, val - 6);
890 tcg_out8(s, OPC_JMP_short);
892 tcg_out8(s, OPC_JCC_short + opc);
894 tcg_out_reloc(s, s->code_ptr, R_386_PC8, l, -1);
898 tcg_out8(s, OPC_JMP_long);
900 tcg_out_opc(s, OPC_JCC_long + opc, 0, 0, 0);
902 tcg_out_reloc(s, s->code_ptr, R_386_PC32, l, -4);
907 static void tcg_out_cmp(TCGContext *s, TCGArg arg1, TCGArg arg2,
908 int const_arg2, int rexw)
913 tcg_out_modrm(s, OPC_TESTL + rexw, arg1, arg1);
915 tgen_arithi(s, ARITH_CMP + rexw, arg1, arg2, 0);
918 tgen_arithr(s, ARITH_CMP + rexw, arg1, arg2);
922 static void tcg_out_brcond32(TCGContext *s, TCGCond cond,
923 TCGArg arg1, TCGArg arg2, int const_arg2,
924 TCGLabel *label, int small)
926 tcg_out_cmp(s, arg1, arg2, const_arg2, 0);
927 tcg_out_jxx(s, tcg_cond_to_jcc[cond], label, small);
930 #if TCG_TARGET_REG_BITS == 64
931 static void tcg_out_brcond64(TCGContext *s, TCGCond cond,
932 TCGArg arg1, TCGArg arg2, int const_arg2,
933 TCGLabel *label, int small)
935 tcg_out_cmp(s, arg1, arg2, const_arg2, P_REXW);
936 tcg_out_jxx(s, tcg_cond_to_jcc[cond], label, small);
939 /* XXX: we implement it at the target level to avoid having to
940 handle cross basic blocks temporaries */
941 static void tcg_out_brcond2(TCGContext *s, const TCGArg *args,
942 const int *const_args, int small)
944 TCGLabel *label_next = gen_new_label();
945 TCGLabel *label_this = arg_label(args[5]);
949 tcg_out_brcond32(s, TCG_COND_NE, args[0], args[2], const_args[2],
951 tcg_out_brcond32(s, TCG_COND_EQ, args[1], args[3], const_args[3],
955 tcg_out_brcond32(s, TCG_COND_NE, args[0], args[2], const_args[2],
957 tcg_out_brcond32(s, TCG_COND_NE, args[1], args[3], const_args[3],
961 tcg_out_brcond32(s, TCG_COND_LT, args[1], args[3], const_args[3],
963 tcg_out_jxx(s, JCC_JNE, label_next, 1);
964 tcg_out_brcond32(s, TCG_COND_LTU, args[0], args[2], const_args[2],
968 tcg_out_brcond32(s, TCG_COND_LT, args[1], args[3], const_args[3],
970 tcg_out_jxx(s, JCC_JNE, label_next, 1);
971 tcg_out_brcond32(s, TCG_COND_LEU, args[0], args[2], const_args[2],
975 tcg_out_brcond32(s, TCG_COND_GT, args[1], args[3], const_args[3],
977 tcg_out_jxx(s, JCC_JNE, label_next, 1);
978 tcg_out_brcond32(s, TCG_COND_GTU, args[0], args[2], const_args[2],
982 tcg_out_brcond32(s, TCG_COND_GT, args[1], args[3], const_args[3],
984 tcg_out_jxx(s, JCC_JNE, label_next, 1);
985 tcg_out_brcond32(s, TCG_COND_GEU, args[0], args[2], const_args[2],
989 tcg_out_brcond32(s, TCG_COND_LTU, args[1], args[3], const_args[3],
991 tcg_out_jxx(s, JCC_JNE, label_next, 1);
992 tcg_out_brcond32(s, TCG_COND_LTU, args[0], args[2], const_args[2],
996 tcg_out_brcond32(s, TCG_COND_LTU, args[1], args[3], const_args[3],
998 tcg_out_jxx(s, JCC_JNE, label_next, 1);
999 tcg_out_brcond32(s, TCG_COND_LEU, args[0], args[2], const_args[2],
1003 tcg_out_brcond32(s, TCG_COND_GTU, args[1], args[3], const_args[3],
1005 tcg_out_jxx(s, JCC_JNE, label_next, 1);
1006 tcg_out_brcond32(s, TCG_COND_GTU, args[0], args[2], const_args[2],
1010 tcg_out_brcond32(s, TCG_COND_GTU, args[1], args[3], const_args[3],
1012 tcg_out_jxx(s, JCC_JNE, label_next, 1);
1013 tcg_out_brcond32(s, TCG_COND_GEU, args[0], args[2], const_args[2],
1019 tcg_out_label(s, label_next, s->code_ptr);
1023 static void tcg_out_setcond32(TCGContext *s, TCGCond cond, TCGArg dest,
1024 TCGArg arg1, TCGArg arg2, int const_arg2)
1026 tcg_out_cmp(s, arg1, arg2, const_arg2, 0);
1027 tcg_out_modrm(s, OPC_SETCC | tcg_cond_to_jcc[cond], 0, dest);
1028 tcg_out_ext8u(s, dest, dest);
1031 #if TCG_TARGET_REG_BITS == 64
1032 static void tcg_out_setcond64(TCGContext *s, TCGCond cond, TCGArg dest,
1033 TCGArg arg1, TCGArg arg2, int const_arg2)
1035 tcg_out_cmp(s, arg1, arg2, const_arg2, P_REXW);
1036 tcg_out_modrm(s, OPC_SETCC | tcg_cond_to_jcc[cond], 0, dest);
1037 tcg_out_ext8u(s, dest, dest);
1040 static void tcg_out_setcond2(TCGContext *s, const TCGArg *args,
1041 const int *const_args)
1044 TCGLabel *label_true, *label_over;
1046 memcpy(new_args, args+1, 5*sizeof(TCGArg));
1048 if (args[0] == args[1] || args[0] == args[2]
1049 || (!const_args[3] && args[0] == args[3])
1050 || (!const_args[4] && args[0] == args[4])) {
1051 /* When the destination overlaps with one of the argument
1052 registers, don't do anything tricky. */
1053 label_true = gen_new_label();
1054 label_over = gen_new_label();
1056 new_args[5] = label_arg(label_true);
1057 tcg_out_brcond2(s, new_args, const_args+1, 1);
1059 tcg_out_movi(s, TCG_TYPE_I32, args[0], 0);
1060 tcg_out_jxx(s, JCC_JMP, label_over, 1);
1061 tcg_out_label(s, label_true, s->code_ptr);
1063 tcg_out_movi(s, TCG_TYPE_I32, args[0], 1);
1064 tcg_out_label(s, label_over, s->code_ptr);
1066 /* When the destination does not overlap one of the arguments,
1067 clear the destination first, jump if cond false, and emit an
1068 increment in the true case. This results in smaller code. */
1070 tcg_out_movi(s, TCG_TYPE_I32, args[0], 0);
1072 label_over = gen_new_label();
1073 new_args[4] = tcg_invert_cond(new_args[4]);
1074 new_args[5] = label_arg(label_over);
1075 tcg_out_brcond2(s, new_args, const_args+1, 1);
1077 tgen_arithi(s, ARITH_ADD, args[0], 1, 0);
1078 tcg_out_label(s, label_over, s->code_ptr);
1083 static void tcg_out_movcond32(TCGContext *s, TCGCond cond, TCGArg dest,
1084 TCGArg c1, TCGArg c2, int const_c2,
1087 tcg_out_cmp(s, c1, c2, const_c2, 0);
1089 tcg_out_modrm(s, OPC_CMOVCC | tcg_cond_to_jcc[cond], dest, v1);
1091 TCGLabel *over = gen_new_label();
1092 tcg_out_jxx(s, tcg_cond_to_jcc[tcg_invert_cond(cond)], over, 1);
1093 tcg_out_mov(s, TCG_TYPE_I32, dest, v1);
1094 tcg_out_label(s, over, s->code_ptr);
1098 #if TCG_TARGET_REG_BITS == 64
1099 static void tcg_out_movcond64(TCGContext *s, TCGCond cond, TCGArg dest,
1100 TCGArg c1, TCGArg c2, int const_c2,
1103 tcg_out_cmp(s, c1, c2, const_c2, P_REXW);
1104 tcg_out_modrm(s, OPC_CMOVCC | tcg_cond_to_jcc[cond] | P_REXW, dest, v1);
1108 static void tcg_out_branch(TCGContext *s, int call, tcg_insn_unit *dest)
1110 intptr_t disp = tcg_pcrel_diff(s, dest) - 5;
1112 if (disp == (int32_t)disp) {
1113 tcg_out_opc(s, call ? OPC_CALL_Jz : OPC_JMP_long, 0, 0, 0);
1116 tcg_out_movi(s, TCG_TYPE_PTR, TCG_REG_R10, (uintptr_t)dest);
1117 tcg_out_modrm(s, OPC_GRP5,
1118 call ? EXT5_CALLN_Ev : EXT5_JMPN_Ev, TCG_REG_R10);
1122 static inline void tcg_out_call(TCGContext *s, tcg_insn_unit *dest)
1124 tcg_out_branch(s, 1, dest);
1127 static void tcg_out_jmp(TCGContext *s, tcg_insn_unit *dest)
1129 tcg_out_branch(s, 0, dest);
1132 static void tcg_out_nopn(TCGContext *s, int n)
1135 /* Emit 1 or 2 operand size prefixes for the standard one byte nop,
1136 * "xchg %eax,%eax", forming "xchg %ax,%ax". All cores accept the
1137 * duplicate prefix, and all of the interesting recent cores can
1138 * decode and discard the duplicates in a single cycle.
1140 tcg_debug_assert(n >= 1);
1141 for (i = 1; i < n; ++i) {
1147 #if defined(CONFIG_SOFTMMU)
1148 /* helper signature: helper_ret_ld_mmu(CPUState *env, target_ulong addr,
1149 * int mmu_idx, uintptr_t ra)
1151 static void * const qemu_ld_helpers[16] = {
1152 [MO_UB] = helper_ret_ldub_mmu,
1153 [MO_LEUW] = helper_le_lduw_mmu,
1154 [MO_LEUL] = helper_le_ldul_mmu,
1155 [MO_LEQ] = helper_le_ldq_mmu,
1156 [MO_BEUW] = helper_be_lduw_mmu,
1157 [MO_BEUL] = helper_be_ldul_mmu,
1158 [MO_BEQ] = helper_be_ldq_mmu,
1161 /* helper signature: helper_ret_st_mmu(CPUState *env, target_ulong addr,
1162 * uintxx_t val, int mmu_idx, uintptr_t ra)
1164 static void * const qemu_st_helpers[16] = {
1165 [MO_UB] = helper_ret_stb_mmu,
1166 [MO_LEUW] = helper_le_stw_mmu,
1167 [MO_LEUL] = helper_le_stl_mmu,
1168 [MO_LEQ] = helper_le_stq_mmu,
1169 [MO_BEUW] = helper_be_stw_mmu,
1170 [MO_BEUL] = helper_be_stl_mmu,
1171 [MO_BEQ] = helper_be_stq_mmu,
1174 /* Perform the TLB load and compare.
1177 ADDRLO and ADDRHI contain the low and high part of the address.
1179 MEM_INDEX and S_BITS are the memory context and log2 size of the load.
1181 WHICH is the offset into the CPUTLBEntry structure of the slot to read.
1182 This should be offsetof addr_read or addr_write.
1185 LABEL_PTRS is filled with 1 (32-bit addresses) or 2 (64-bit addresses)
1186 positions of the displacements of forward jumps to the TLB miss case.
1188 Second argument register is loaded with the low part of the address.
1189 In the TLB hit case, it has been adjusted as indicated by the TLB
1190 and so is a host address. In the TLB miss case, it continues to
1191 hold a guest address.
1193 First argument register is clobbered. */
1195 static inline void tcg_out_tlb_load(TCGContext *s, TCGReg addrlo, TCGReg addrhi,
1196 int mem_index, TCGMemOp opc,
1197 tcg_insn_unit **label_ptr, int which)
1199 const TCGReg r0 = TCG_REG_L0;
1200 const TCGReg r1 = TCG_REG_L1;
1201 TCGType ttype = TCG_TYPE_I32;
1202 TCGType tlbtype = TCG_TYPE_I32;
1203 int trexw = 0, hrexw = 0, tlbrexw = 0;
1204 unsigned a_bits = get_alignment_bits(opc);
1205 unsigned s_bits = opc & MO_SIZE;
1206 unsigned a_mask = (1 << a_bits) - 1;
1207 unsigned s_mask = (1 << s_bits) - 1;
1208 target_ulong tlb_mask;
1210 if (TCG_TARGET_REG_BITS == 64) {
1211 if (TARGET_LONG_BITS == 64) {
1212 ttype = TCG_TYPE_I64;
1215 if (TCG_TYPE_PTR == TCG_TYPE_I64) {
1217 if (TARGET_PAGE_BITS + CPU_TLB_BITS > 32) {
1218 tlbtype = TCG_TYPE_I64;
1224 tcg_out_mov(s, tlbtype, r0, addrlo);
1225 /* If the required alignment is at least as large as the access, simply
1226 copy the address and mask. For lesser alignments, check that we don't
1227 cross pages for the complete access. */
1228 if (a_bits >= s_bits) {
1229 tcg_out_mov(s, ttype, r1, addrlo);
1231 tcg_out_modrm_offset(s, OPC_LEA + trexw, r1, addrlo, s_mask - a_mask);
1233 tlb_mask = (target_ulong)TARGET_PAGE_MASK | a_mask;
1235 tcg_out_shifti(s, SHIFT_SHR + tlbrexw, r0,
1236 TARGET_PAGE_BITS - CPU_TLB_ENTRY_BITS);
1238 tgen_arithi(s, ARITH_AND + trexw, r1, tlb_mask, 0);
1239 tgen_arithi(s, ARITH_AND + tlbrexw, r0,
1240 (CPU_TLB_SIZE - 1) << CPU_TLB_ENTRY_BITS, 0);
1242 tcg_out_modrm_sib_offset(s, OPC_LEA + hrexw, r0, TCG_AREG0, r0, 0,
1243 offsetof(CPUArchState, tlb_table[mem_index][0])
1247 tcg_out_modrm_offset(s, OPC_CMP_GvEv + trexw, r1, r0, 0);
1249 /* Prepare for both the fast path add of the tlb addend, and the slow
1250 path function argument setup. There are two cases worth note:
1251 For 32-bit guest and x86_64 host, MOVL zero-extends the guest address
1252 before the fastpath ADDQ below. For 64-bit guest and x32 host, MOVQ
1253 copies the entire guest address for the slow path, while truncation
1254 for the 32-bit host happens with the fastpath ADDL below. */
1255 tcg_out_mov(s, ttype, r1, addrlo);
1258 tcg_out_opc(s, OPC_JCC_long + JCC_JNE, 0, 0, 0);
1259 label_ptr[0] = s->code_ptr;
1262 if (TARGET_LONG_BITS > TCG_TARGET_REG_BITS) {
1263 /* cmp 4(r0), addrhi */
1264 tcg_out_modrm_offset(s, OPC_CMP_GvEv, addrhi, r0, 4);
1267 tcg_out_opc(s, OPC_JCC_long + JCC_JNE, 0, 0, 0);
1268 label_ptr[1] = s->code_ptr;
1274 /* add addend(r0), r1 */
1275 tcg_out_modrm_offset(s, OPC_ADD_GvEv + hrexw, r1, r0,
1276 offsetof(CPUTLBEntry, addend) - which);
1280 * Record the context of a call to the out of line helper code for the slow path
1281 * for a load or store, so that we can later generate the correct helper code
1283 static void add_qemu_ldst_label(TCGContext *s, bool is_ld, TCGMemOpIdx oi,
1284 TCGReg datalo, TCGReg datahi,
1285 TCGReg addrlo, TCGReg addrhi,
1286 tcg_insn_unit *raddr,
1287 tcg_insn_unit **label_ptr)
1289 TCGLabelQemuLdst *label = new_ldst_label(s);
1291 label->is_ld = is_ld;
1293 label->datalo_reg = datalo;
1294 label->datahi_reg = datahi;
1295 label->addrlo_reg = addrlo;
1296 label->addrhi_reg = addrhi;
1297 label->raddr = raddr;
1298 label->label_ptr[0] = label_ptr[0];
1299 if (TARGET_LONG_BITS > TCG_TARGET_REG_BITS) {
1300 label->label_ptr[1] = label_ptr[1];
1305 * Generate code for the slow path for a load at the end of block
1307 static void tcg_out_qemu_ld_slow_path(TCGContext *s, TCGLabelQemuLdst *l)
1309 TCGMemOpIdx oi = l->oi;
1310 TCGMemOp opc = get_memop(oi);
1312 tcg_insn_unit **label_ptr = &l->label_ptr[0];
1314 /* resolve label address */
1315 tcg_patch32(label_ptr[0], s->code_ptr - label_ptr[0] - 4);
1316 if (TARGET_LONG_BITS > TCG_TARGET_REG_BITS) {
1317 tcg_patch32(label_ptr[1], s->code_ptr - label_ptr[1] - 4);
1320 if (TCG_TARGET_REG_BITS == 32) {
1323 tcg_out_st(s, TCG_TYPE_PTR, TCG_AREG0, TCG_REG_ESP, ofs);
1326 tcg_out_st(s, TCG_TYPE_I32, l->addrlo_reg, TCG_REG_ESP, ofs);
1329 if (TARGET_LONG_BITS == 64) {
1330 tcg_out_st(s, TCG_TYPE_I32, l->addrhi_reg, TCG_REG_ESP, ofs);
1334 tcg_out_sti(s, TCG_TYPE_I32, oi, TCG_REG_ESP, ofs);
1337 tcg_out_sti(s, TCG_TYPE_PTR, (uintptr_t)l->raddr, TCG_REG_ESP, ofs);
1339 tcg_out_mov(s, TCG_TYPE_PTR, tcg_target_call_iarg_regs[0], TCG_AREG0);
1340 /* The second argument is already loaded with addrlo. */
1341 tcg_out_movi(s, TCG_TYPE_I32, tcg_target_call_iarg_regs[2], oi);
1342 tcg_out_movi(s, TCG_TYPE_PTR, tcg_target_call_iarg_regs[3],
1343 (uintptr_t)l->raddr);
1346 tcg_out_call(s, qemu_ld_helpers[opc & (MO_BSWAP | MO_SIZE)]);
1348 data_reg = l->datalo_reg;
1349 switch (opc & MO_SSIZE) {
1351 tcg_out_ext8s(s, data_reg, TCG_REG_EAX, P_REXW);
1354 tcg_out_ext16s(s, data_reg, TCG_REG_EAX, P_REXW);
1356 #if TCG_TARGET_REG_BITS == 64
1358 tcg_out_ext32s(s, data_reg, TCG_REG_EAX);
1363 /* Note that the helpers have zero-extended to tcg_target_long. */
1365 tcg_out_mov(s, TCG_TYPE_I32, data_reg, TCG_REG_EAX);
1368 if (TCG_TARGET_REG_BITS == 64) {
1369 tcg_out_mov(s, TCG_TYPE_I64, data_reg, TCG_REG_RAX);
1370 } else if (data_reg == TCG_REG_EDX) {
1371 /* xchg %edx, %eax */
1372 tcg_out_opc(s, OPC_XCHG_ax_r32 + TCG_REG_EDX, 0, 0, 0);
1373 tcg_out_mov(s, TCG_TYPE_I32, l->datahi_reg, TCG_REG_EAX);
1375 tcg_out_mov(s, TCG_TYPE_I32, data_reg, TCG_REG_EAX);
1376 tcg_out_mov(s, TCG_TYPE_I32, l->datahi_reg, TCG_REG_EDX);
1383 /* Jump to the code corresponding to next IR of qemu_st */
1384 tcg_out_jmp(s, l->raddr);
1388 * Generate code for the slow path for a store at the end of block
1390 static void tcg_out_qemu_st_slow_path(TCGContext *s, TCGLabelQemuLdst *l)
1392 TCGMemOpIdx oi = l->oi;
1393 TCGMemOp opc = get_memop(oi);
1394 TCGMemOp s_bits = opc & MO_SIZE;
1395 tcg_insn_unit **label_ptr = &l->label_ptr[0];
1398 /* resolve label address */
1399 tcg_patch32(label_ptr[0], s->code_ptr - label_ptr[0] - 4);
1400 if (TARGET_LONG_BITS > TCG_TARGET_REG_BITS) {
1401 tcg_patch32(label_ptr[1], s->code_ptr - label_ptr[1] - 4);
1404 if (TCG_TARGET_REG_BITS == 32) {
1407 tcg_out_st(s, TCG_TYPE_PTR, TCG_AREG0, TCG_REG_ESP, ofs);
1410 tcg_out_st(s, TCG_TYPE_I32, l->addrlo_reg, TCG_REG_ESP, ofs);
1413 if (TARGET_LONG_BITS == 64) {
1414 tcg_out_st(s, TCG_TYPE_I32, l->addrhi_reg, TCG_REG_ESP, ofs);
1418 tcg_out_st(s, TCG_TYPE_I32, l->datalo_reg, TCG_REG_ESP, ofs);
1421 if (s_bits == MO_64) {
1422 tcg_out_st(s, TCG_TYPE_I32, l->datahi_reg, TCG_REG_ESP, ofs);
1426 tcg_out_sti(s, TCG_TYPE_I32, oi, TCG_REG_ESP, ofs);
1429 retaddr = TCG_REG_EAX;
1430 tcg_out_movi(s, TCG_TYPE_PTR, retaddr, (uintptr_t)l->raddr);
1431 tcg_out_st(s, TCG_TYPE_PTR, retaddr, TCG_REG_ESP, ofs);
1433 tcg_out_mov(s, TCG_TYPE_PTR, tcg_target_call_iarg_regs[0], TCG_AREG0);
1434 /* The second argument is already loaded with addrlo. */
1435 tcg_out_mov(s, (s_bits == MO_64 ? TCG_TYPE_I64 : TCG_TYPE_I32),
1436 tcg_target_call_iarg_regs[2], l->datalo_reg);
1437 tcg_out_movi(s, TCG_TYPE_I32, tcg_target_call_iarg_regs[3], oi);
1439 if (ARRAY_SIZE(tcg_target_call_iarg_regs) > 4) {
1440 retaddr = tcg_target_call_iarg_regs[4];
1441 tcg_out_movi(s, TCG_TYPE_PTR, retaddr, (uintptr_t)l->raddr);
1443 retaddr = TCG_REG_RAX;
1444 tcg_out_movi(s, TCG_TYPE_PTR, retaddr, (uintptr_t)l->raddr);
1445 tcg_out_st(s, TCG_TYPE_PTR, retaddr, TCG_REG_ESP,
1446 TCG_TARGET_CALL_STACK_OFFSET);
1450 /* "Tail call" to the helper, with the return address back inline. */
1451 tcg_out_push(s, retaddr);
1452 tcg_out_jmp(s, qemu_st_helpers[opc & (MO_BSWAP | MO_SIZE)]);
1454 #elif defined(__x86_64__) && defined(__linux__)
1455 # include <asm/prctl.h>
1456 # include <sys/prctl.h>
1458 int arch_prctl(int code, unsigned long addr);
1460 static int guest_base_flags;
1461 static inline void setup_guest_base_seg(void)
1463 if (arch_prctl(ARCH_SET_GS, guest_base) == 0) {
1464 guest_base_flags = P_GS;
1468 # define guest_base_flags 0
1469 static inline void setup_guest_base_seg(void) { }
1470 #endif /* SOFTMMU */
1472 static void tcg_out_qemu_ld_direct(TCGContext *s, TCGReg datalo, TCGReg datahi,
1473 TCGReg base, int index, intptr_t ofs,
1474 int seg, TCGMemOp memop)
1476 const TCGMemOp real_bswap = memop & MO_BSWAP;
1477 TCGMemOp bswap = real_bswap;
1478 int movop = OPC_MOVL_GvEv;
1480 if (have_movbe && real_bswap) {
1482 movop = OPC_MOVBE_GyMy;
1485 switch (memop & MO_SSIZE) {
1487 tcg_out_modrm_sib_offset(s, OPC_MOVZBL + seg, datalo,
1488 base, index, 0, ofs);
1491 tcg_out_modrm_sib_offset(s, OPC_MOVSBL + P_REXW + seg, datalo,
1492 base, index, 0, ofs);
1495 tcg_out_modrm_sib_offset(s, OPC_MOVZWL + seg, datalo,
1496 base, index, 0, ofs);
1498 tcg_out_rolw_8(s, datalo);
1504 tcg_out_modrm_sib_offset(s, OPC_MOVBE_GyMy + P_DATA16 + seg,
1505 datalo, base, index, 0, ofs);
1507 tcg_out_modrm_sib_offset(s, OPC_MOVZWL + seg, datalo,
1508 base, index, 0, ofs);
1509 tcg_out_rolw_8(s, datalo);
1511 tcg_out_modrm(s, OPC_MOVSWL + P_REXW, datalo, datalo);
1513 tcg_out_modrm_sib_offset(s, OPC_MOVSWL + P_REXW + seg,
1514 datalo, base, index, 0, ofs);
1518 tcg_out_modrm_sib_offset(s, movop + seg, datalo, base, index, 0, ofs);
1520 tcg_out_bswap32(s, datalo);
1523 #if TCG_TARGET_REG_BITS == 64
1526 tcg_out_modrm_sib_offset(s, movop + seg, datalo,
1527 base, index, 0, ofs);
1529 tcg_out_bswap32(s, datalo);
1531 tcg_out_ext32s(s, datalo, datalo);
1533 tcg_out_modrm_sib_offset(s, OPC_MOVSLQ + seg, datalo,
1534 base, index, 0, ofs);
1539 if (TCG_TARGET_REG_BITS == 64) {
1540 tcg_out_modrm_sib_offset(s, movop + P_REXW + seg, datalo,
1541 base, index, 0, ofs);
1543 tcg_out_bswap64(s, datalo);
1551 if (base != datalo) {
1552 tcg_out_modrm_sib_offset(s, movop + seg, datalo,
1553 base, index, 0, ofs);
1554 tcg_out_modrm_sib_offset(s, movop + seg, datahi,
1555 base, index, 0, ofs + 4);
1557 tcg_out_modrm_sib_offset(s, movop + seg, datahi,
1558 base, index, 0, ofs + 4);
1559 tcg_out_modrm_sib_offset(s, movop + seg, datalo,
1560 base, index, 0, ofs);
1563 tcg_out_bswap32(s, datalo);
1564 tcg_out_bswap32(s, datahi);
1573 /* XXX: qemu_ld and qemu_st could be modified to clobber only EDX and
1574 EAX. It will be useful once fixed registers globals are less
1576 static void tcg_out_qemu_ld(TCGContext *s, const TCGArg *args, bool is64)
1578 TCGReg datalo, datahi, addrlo;
1579 TCGReg addrhi __attribute__((unused));
1582 #if defined(CONFIG_SOFTMMU)
1584 tcg_insn_unit *label_ptr[2];
1588 datahi = (TCG_TARGET_REG_BITS == 32 && is64 ? *args++ : 0);
1590 addrhi = (TARGET_LONG_BITS > TCG_TARGET_REG_BITS ? *args++ : 0);
1592 opc = get_memop(oi);
1594 #if defined(CONFIG_SOFTMMU)
1595 mem_index = get_mmuidx(oi);
1597 tcg_out_tlb_load(s, addrlo, addrhi, mem_index, opc,
1598 label_ptr, offsetof(CPUTLBEntry, addr_read));
1601 tcg_out_qemu_ld_direct(s, datalo, datahi, TCG_REG_L1, -1, 0, 0, opc);
1603 /* Record the current context of a load into ldst label */
1604 add_qemu_ldst_label(s, true, oi, datalo, datahi, addrlo, addrhi,
1605 s->code_ptr, label_ptr);
1608 int32_t offset = guest_base;
1609 TCGReg base = addrlo;
1613 /* For a 32-bit guest, the high 32 bits may contain garbage.
1614 We can do this with the ADDR32 prefix if we're not using
1615 a guest base, or when using segmentation. Otherwise we
1616 need to zero-extend manually. */
1617 if (guest_base == 0 || guest_base_flags) {
1618 seg = guest_base_flags;
1620 if (TCG_TARGET_REG_BITS > TARGET_LONG_BITS) {
1623 } else if (TCG_TARGET_REG_BITS == 64) {
1624 if (TARGET_LONG_BITS == 32) {
1625 tcg_out_ext32u(s, TCG_REG_L0, base);
1628 if (offset != guest_base) {
1629 tcg_out_movi(s, TCG_TYPE_I64, TCG_REG_L1, guest_base);
1635 tcg_out_qemu_ld_direct(s, datalo, datahi,
1636 base, index, offset, seg, opc);
1641 static void tcg_out_qemu_st_direct(TCGContext *s, TCGReg datalo, TCGReg datahi,
1642 TCGReg base, intptr_t ofs, int seg,
1645 /* ??? Ideally we wouldn't need a scratch register. For user-only,
1646 we could perform the bswap twice to restore the original value
1647 instead of moving to the scratch. But as it is, the L constraint
1648 means that TCG_REG_L0 is definitely free here. */
1649 const TCGReg scratch = TCG_REG_L0;
1650 const TCGMemOp real_bswap = memop & MO_BSWAP;
1651 TCGMemOp bswap = real_bswap;
1652 int movop = OPC_MOVL_EvGv;
1654 if (have_movbe && real_bswap) {
1656 movop = OPC_MOVBE_MyGy;
1659 switch (memop & MO_SIZE) {
1661 /* In 32-bit mode, 8-bit stores can only happen from [abcd]x.
1662 Use the scratch register if necessary. */
1663 if (TCG_TARGET_REG_BITS == 32 && datalo >= 4) {
1664 tcg_out_mov(s, TCG_TYPE_I32, scratch, datalo);
1667 tcg_out_modrm_offset(s, OPC_MOVB_EvGv + P_REXB_R + seg,
1672 tcg_out_mov(s, TCG_TYPE_I32, scratch, datalo);
1673 tcg_out_rolw_8(s, scratch);
1676 tcg_out_modrm_offset(s, movop + P_DATA16 + seg, datalo, base, ofs);
1680 tcg_out_mov(s, TCG_TYPE_I32, scratch, datalo);
1681 tcg_out_bswap32(s, scratch);
1684 tcg_out_modrm_offset(s, movop + seg, datalo, base, ofs);
1687 if (TCG_TARGET_REG_BITS == 64) {
1689 tcg_out_mov(s, TCG_TYPE_I64, scratch, datalo);
1690 tcg_out_bswap64(s, scratch);
1693 tcg_out_modrm_offset(s, movop + P_REXW + seg, datalo, base, ofs);
1695 tcg_out_mov(s, TCG_TYPE_I32, scratch, datahi);
1696 tcg_out_bswap32(s, scratch);
1697 tcg_out_modrm_offset(s, OPC_MOVL_EvGv + seg, scratch, base, ofs);
1698 tcg_out_mov(s, TCG_TYPE_I32, scratch, datalo);
1699 tcg_out_bswap32(s, scratch);
1700 tcg_out_modrm_offset(s, OPC_MOVL_EvGv + seg, scratch, base, ofs+4);
1707 tcg_out_modrm_offset(s, movop + seg, datalo, base, ofs);
1708 tcg_out_modrm_offset(s, movop + seg, datahi, base, ofs+4);
1716 static void tcg_out_qemu_st(TCGContext *s, const TCGArg *args, bool is64)
1718 TCGReg datalo, datahi, addrlo;
1719 TCGReg addrhi __attribute__((unused));
1722 #if defined(CONFIG_SOFTMMU)
1724 tcg_insn_unit *label_ptr[2];
1728 datahi = (TCG_TARGET_REG_BITS == 32 && is64 ? *args++ : 0);
1730 addrhi = (TARGET_LONG_BITS > TCG_TARGET_REG_BITS ? *args++ : 0);
1732 opc = get_memop(oi);
1734 #if defined(CONFIG_SOFTMMU)
1735 mem_index = get_mmuidx(oi);
1737 tcg_out_tlb_load(s, addrlo, addrhi, mem_index, opc,
1738 label_ptr, offsetof(CPUTLBEntry, addr_write));
1741 tcg_out_qemu_st_direct(s, datalo, datahi, TCG_REG_L1, 0, 0, opc);
1743 /* Record the current context of a store into ldst label */
1744 add_qemu_ldst_label(s, false, oi, datalo, datahi, addrlo, addrhi,
1745 s->code_ptr, label_ptr);
1748 int32_t offset = guest_base;
1749 TCGReg base = addrlo;
1752 /* See comment in tcg_out_qemu_ld re zero-extension of addrlo. */
1753 if (guest_base == 0 || guest_base_flags) {
1754 seg = guest_base_flags;
1756 if (TCG_TARGET_REG_BITS > TARGET_LONG_BITS) {
1759 } else if (TCG_TARGET_REG_BITS == 64) {
1760 /* ??? Note that we can't use the same SIB addressing scheme
1761 as for loads, since we require L0 free for bswap. */
1762 if (offset != guest_base) {
1763 if (TARGET_LONG_BITS == 32) {
1764 tcg_out_ext32u(s, TCG_REG_L0, base);
1767 tcg_out_movi(s, TCG_TYPE_I64, TCG_REG_L1, guest_base);
1768 tgen_arithr(s, ARITH_ADD + P_REXW, TCG_REG_L1, base);
1771 } else if (TARGET_LONG_BITS == 32) {
1772 tcg_out_ext32u(s, TCG_REG_L1, base);
1777 tcg_out_qemu_st_direct(s, datalo, datahi, base, offset, seg, opc);
1782 static inline void tcg_out_op(TCGContext *s, TCGOpcode opc,
1783 const TCGArg *args, const int *const_args)
1786 int c, const_a2, vexop, rexw = 0;
1788 #if TCG_TARGET_REG_BITS == 64
1789 # define OP_32_64(x) \
1790 case glue(glue(INDEX_op_, x), _i64): \
1791 rexw = P_REXW; /* FALLTHRU */ \
1792 case glue(glue(INDEX_op_, x), _i32)
1794 # define OP_32_64(x) \
1795 case glue(glue(INDEX_op_, x), _i32)
1798 /* Hoist the loads of the most common arguments. */
1802 const_a2 = const_args[2];
1805 case INDEX_op_exit_tb:
1806 tcg_out_movi(s, TCG_TYPE_PTR, TCG_REG_EAX, a0);
1807 tcg_out_jmp(s, tb_ret_addr);
1809 case INDEX_op_goto_tb:
1810 if (s->tb_jmp_insn_offset) {
1811 /* direct jump method */
1813 /* jump displacement must be aligned for atomic patching;
1814 * see if we need to add extra nops before jump
1816 gap = tcg_pcrel_diff(s, QEMU_ALIGN_PTR_UP(s->code_ptr + 1, 4));
1818 tcg_out_nopn(s, gap - 1);
1820 tcg_out8(s, OPC_JMP_long); /* jmp im */
1821 s->tb_jmp_insn_offset[a0] = tcg_current_code_size(s);
1824 /* indirect jump method */
1825 tcg_out_modrm_offset(s, OPC_GRP5, EXT5_JMPN_Ev, -1,
1826 (intptr_t)(s->tb_jmp_target_addr + a0));
1828 s->tb_jmp_reset_offset[a0] = tcg_current_code_size(s);
1831 tcg_out_jxx(s, JCC_JMP, arg_label(a0), 0);
1834 /* Note that we can ignore REXW for the zero-extend to 64-bit. */
1835 tcg_out_modrm_offset(s, OPC_MOVZBL, a0, a1, a2);
1838 tcg_out_modrm_offset(s, OPC_MOVSBL + rexw, a0, a1, a2);
1841 /* Note that we can ignore REXW for the zero-extend to 64-bit. */
1842 tcg_out_modrm_offset(s, OPC_MOVZWL, a0, a1, a2);
1845 tcg_out_modrm_offset(s, OPC_MOVSWL + rexw, a0, a1, a2);
1847 #if TCG_TARGET_REG_BITS == 64
1848 case INDEX_op_ld32u_i64:
1850 case INDEX_op_ld_i32:
1851 tcg_out_ld(s, TCG_TYPE_I32, a0, a1, a2);
1855 if (const_args[0]) {
1856 tcg_out_modrm_offset(s, OPC_MOVB_EvIz, 0, a1, a2);
1859 tcg_out_modrm_offset(s, OPC_MOVB_EvGv | P_REXB_R, a0, a1, a2);
1863 if (const_args[0]) {
1864 tcg_out_modrm_offset(s, OPC_MOVL_EvIz | P_DATA16, 0, a1, a2);
1867 tcg_out_modrm_offset(s, OPC_MOVL_EvGv | P_DATA16, a0, a1, a2);
1870 #if TCG_TARGET_REG_BITS == 64
1871 case INDEX_op_st32_i64:
1873 case INDEX_op_st_i32:
1874 if (const_args[0]) {
1875 tcg_out_modrm_offset(s, OPC_MOVL_EvIz, 0, a1, a2);
1878 tcg_out_st(s, TCG_TYPE_I32, a0, a1, a2);
1883 /* For 3-operand addition, use LEA. */
1888 } else if (a0 == a2) {
1889 /* Watch out for dest = src + dest, since we've removed
1890 the matching constraint on the add. */
1891 tgen_arithr(s, ARITH_ADD + rexw, a0, a1);
1895 tcg_out_modrm_sib_offset(s, OPC_LEA + rexw, a0, a1, a2, 0, c3);
1914 tgen_arithi(s, c + rexw, a0, a2, 0);
1916 tgen_arithr(s, c + rexw, a0, a2);
1922 tcg_out_mov(s, rexw ? TCG_TYPE_I64 : TCG_TYPE_I32, a0, a1);
1923 tgen_arithi(s, ARITH_AND + rexw, a0, ~a2, 0);
1925 tcg_out_vex_modrm(s, OPC_ANDN + rexw, a0, a2, a1);
1933 if (val == (int8_t)val) {
1934 tcg_out_modrm(s, OPC_IMUL_GvEvIb + rexw, a0, a0);
1937 tcg_out_modrm(s, OPC_IMUL_GvEvIz + rexw, a0, a0);
1941 tcg_out_modrm(s, OPC_IMUL_GvEv + rexw, a0, a2);
1946 tcg_out_modrm(s, OPC_GRP3_Ev + rexw, EXT3_IDIV, args[4]);
1949 tcg_out_modrm(s, OPC_GRP3_Ev + rexw, EXT3_DIV, args[4]);
1953 /* For small constant 3-operand shift, use LEA. */
1954 if (const_a2 && a0 != a1 && (a2 - 1) < 3) {
1956 /* shl $1,a1,a0 -> lea (a1,a1),a0 */
1957 tcg_out_modrm_sib_offset(s, OPC_LEA + rexw, a0, a1, a1, 0, 0);
1959 /* shl $n,a1,a0 -> lea 0(,a1,n),a0 */
1960 tcg_out_modrm_sib_offset(s, OPC_LEA + rexw, a0, -1, a1, a2, 0);
1966 goto gen_shift_maybe_vex;
1970 goto gen_shift_maybe_vex;
1974 goto gen_shift_maybe_vex;
1981 gen_shift_maybe_vex:
1984 tcg_out_vex_modrm(s, vexop + rexw, a0, a2, a1);
1987 tcg_out_mov(s, rexw ? TCG_TYPE_I64 : TCG_TYPE_I32, a0, a1);
1992 tcg_out_shifti(s, c + rexw, a0, a2);
1994 tcg_out_modrm(s, OPC_SHIFT_cl + rexw, c, a0);
1998 case INDEX_op_brcond_i32:
1999 tcg_out_brcond32(s, a2, a0, a1, const_args[1], arg_label(args[3]), 0);
2001 case INDEX_op_setcond_i32:
2002 tcg_out_setcond32(s, args[3], a0, a1, a2, const_a2);
2004 case INDEX_op_movcond_i32:
2005 tcg_out_movcond32(s, args[5], a0, a1, a2, const_a2, args[3]);
2009 tcg_out_rolw_8(s, a0);
2012 tcg_out_bswap32(s, a0);
2016 tcg_out_modrm(s, OPC_GRP3_Ev + rexw, EXT3_NEG, a0);
2019 tcg_out_modrm(s, OPC_GRP3_Ev + rexw, EXT3_NOT, a0);
2023 tcg_out_ext8s(s, a0, a1, rexw);
2026 tcg_out_ext16s(s, a0, a1, rexw);
2029 tcg_out_ext8u(s, a0, a1);
2032 tcg_out_ext16u(s, a0, a1);
2035 case INDEX_op_qemu_ld_i32:
2036 tcg_out_qemu_ld(s, args, 0);
2038 case INDEX_op_qemu_ld_i64:
2039 tcg_out_qemu_ld(s, args, 1);
2041 case INDEX_op_qemu_st_i32:
2042 tcg_out_qemu_st(s, args, 0);
2044 case INDEX_op_qemu_st_i64:
2045 tcg_out_qemu_st(s, args, 1);
2049 tcg_out_modrm(s, OPC_GRP3_Ev + rexw, EXT3_MUL, args[3]);
2052 tcg_out_modrm(s, OPC_GRP3_Ev + rexw, EXT3_IMUL, args[3]);
2055 if (const_args[4]) {
2056 tgen_arithi(s, ARITH_ADD + rexw, a0, args[4], 1);
2058 tgen_arithr(s, ARITH_ADD + rexw, a0, args[4]);
2060 if (const_args[5]) {
2061 tgen_arithi(s, ARITH_ADC + rexw, a1, args[5], 1);
2063 tgen_arithr(s, ARITH_ADC + rexw, a1, args[5]);
2067 if (const_args[4]) {
2068 tgen_arithi(s, ARITH_SUB + rexw, a0, args[4], 1);
2070 tgen_arithr(s, ARITH_SUB + rexw, a0, args[4]);
2072 if (const_args[5]) {
2073 tgen_arithi(s, ARITH_SBB + rexw, a1, args[5], 1);
2075 tgen_arithr(s, ARITH_SBB + rexw, a1, args[5]);
2079 #if TCG_TARGET_REG_BITS == 32
2080 case INDEX_op_brcond2_i32:
2081 tcg_out_brcond2(s, args, const_args, 0);
2083 case INDEX_op_setcond2_i32:
2084 tcg_out_setcond2(s, args, const_args);
2086 #else /* TCG_TARGET_REG_BITS == 64 */
2087 case INDEX_op_ld32s_i64:
2088 tcg_out_modrm_offset(s, OPC_MOVSLQ, a0, a1, a2);
2090 case INDEX_op_ld_i64:
2091 tcg_out_ld(s, TCG_TYPE_I64, a0, a1, a2);
2093 case INDEX_op_st_i64:
2094 if (const_args[0]) {
2095 tcg_out_modrm_offset(s, OPC_MOVL_EvIz | P_REXW, 0, a1, a2);
2098 tcg_out_st(s, TCG_TYPE_I64, a0, a1, a2);
2102 case INDEX_op_brcond_i64:
2103 tcg_out_brcond64(s, a2, a0, a1, const_args[1], arg_label(args[3]), 0);
2105 case INDEX_op_setcond_i64:
2106 tcg_out_setcond64(s, args[3], a0, a1, a2, const_a2);
2108 case INDEX_op_movcond_i64:
2109 tcg_out_movcond64(s, args[5], a0, a1, a2, const_a2, args[3]);
2112 case INDEX_op_bswap64_i64:
2113 tcg_out_bswap64(s, a0);
2115 case INDEX_op_extu_i32_i64:
2116 case INDEX_op_ext32u_i64:
2117 tcg_out_ext32u(s, a0, a1);
2119 case INDEX_op_ext_i32_i64:
2120 case INDEX_op_ext32s_i64:
2121 tcg_out_ext32s(s, a0, a1);
2126 if (args[3] == 0 && args[4] == 8) {
2127 /* load bits 0..7 */
2128 tcg_out_modrm(s, OPC_MOVB_EvGv | P_REXB_R | P_REXB_RM, a2, a0);
2129 } else if (args[3] == 8 && args[4] == 8) {
2130 /* load bits 8..15 */
2131 tcg_out_modrm(s, OPC_MOVB_EvGv, a2, a0 + 4);
2132 } else if (args[3] == 0 && args[4] == 16) {
2133 /* load bits 0..15 */
2134 tcg_out_modrm(s, OPC_MOVL_EvGv | P_DATA16, a2, a0);
2140 case INDEX_op_extract_i64:
2141 if (a2 + args[3] == 32) {
2142 /* This is a 32-bit zero-extending right shift. */
2143 tcg_out_mov(s, TCG_TYPE_I32, a0, a1);
2144 tcg_out_shifti(s, SHIFT_SHR, a0, a2);
2148 case INDEX_op_extract_i32:
2149 /* On the off-chance that we can use the high-byte registers.
2150 Otherwise we emit the same ext16 + shift pattern that we
2151 would have gotten from the normal tcg-op.c expansion. */
2152 tcg_debug_assert(a2 == 8 && args[3] == 8);
2153 if (a1 < 4 && a0 < 8) {
2154 tcg_out_modrm(s, OPC_MOVZBL, a0, a1 + 4);
2156 tcg_out_ext16u(s, a0, a1);
2157 tcg_out_shifti(s, SHIFT_SHR, a0, 8);
2161 case INDEX_op_sextract_i32:
2162 /* We don't implement sextract_i64, as we cannot sign-extend to
2163 64-bits without using the REX prefix that explicitly excludes
2164 access to the high-byte registers. */
2165 tcg_debug_assert(a2 == 8 && args[3] == 8);
2166 if (a1 < 4 && a0 < 8) {
2167 tcg_out_modrm(s, OPC_MOVSBL, a0, a1 + 4);
2169 tcg_out_ext16s(s, a0, a1, 0);
2170 tcg_out_shifti(s, SHIFT_SAR, a0, 8);
2177 case INDEX_op_mov_i32: /* Always emitted via tcg_out_mov. */
2178 case INDEX_op_mov_i64:
2179 case INDEX_op_movi_i32: /* Always emitted via tcg_out_movi. */
2180 case INDEX_op_movi_i64:
2181 case INDEX_op_call: /* Always emitted via tcg_out_call. */
2189 static const TCGTargetOpDef *tcg_target_op_def(TCGOpcode op)
2191 static const TCGTargetOpDef ri_r = { .args_ct_str = { "ri", "r" } };
2192 static const TCGTargetOpDef re_r = { .args_ct_str = { "re", "r" } };
2193 static const TCGTargetOpDef qi_r = { .args_ct_str = { "qi", "r" } };
2194 static const TCGTargetOpDef r_r = { .args_ct_str = { "r", "r" } };
2195 static const TCGTargetOpDef r_q = { .args_ct_str = { "r", "q" } };
2196 static const TCGTargetOpDef r_re = { .args_ct_str = { "r", "re" } };
2197 static const TCGTargetOpDef r_0 = { .args_ct_str = { "r", "0" } };
2198 static const TCGTargetOpDef r_r_ri = { .args_ct_str = { "r", "r", "ri" } };
2199 static const TCGTargetOpDef r_r_re = { .args_ct_str = { "r", "r", "re" } };
2200 static const TCGTargetOpDef r_0_re = { .args_ct_str = { "r", "0", "re" } };
2201 static const TCGTargetOpDef r_0_ci = { .args_ct_str = { "r", "0", "ci" } };
2202 static const TCGTargetOpDef r_L = { .args_ct_str = { "r", "L" } };
2203 static const TCGTargetOpDef L_L = { .args_ct_str = { "L", "L" } };
2204 static const TCGTargetOpDef r_L_L = { .args_ct_str = { "r", "L", "L" } };
2205 static const TCGTargetOpDef r_r_L = { .args_ct_str = { "r", "r", "L" } };
2206 static const TCGTargetOpDef L_L_L = { .args_ct_str = { "L", "L", "L" } };
2207 static const TCGTargetOpDef r_r_L_L
2208 = { .args_ct_str = { "r", "r", "L", "L" } };
2209 static const TCGTargetOpDef L_L_L_L
2210 = { .args_ct_str = { "L", "L", "L", "L" } };
2213 case INDEX_op_ld8u_i32:
2214 case INDEX_op_ld8u_i64:
2215 case INDEX_op_ld8s_i32:
2216 case INDEX_op_ld8s_i64:
2217 case INDEX_op_ld16u_i32:
2218 case INDEX_op_ld16u_i64:
2219 case INDEX_op_ld16s_i32:
2220 case INDEX_op_ld16s_i64:
2221 case INDEX_op_ld_i32:
2222 case INDEX_op_ld32u_i64:
2223 case INDEX_op_ld32s_i64:
2224 case INDEX_op_ld_i64:
2227 case INDEX_op_st8_i32:
2228 case INDEX_op_st8_i64:
2230 case INDEX_op_st16_i32:
2231 case INDEX_op_st16_i64:
2232 case INDEX_op_st_i32:
2233 case INDEX_op_st32_i64:
2235 case INDEX_op_st_i64:
2238 case INDEX_op_add_i32:
2239 case INDEX_op_add_i64:
2241 case INDEX_op_sub_i32:
2242 case INDEX_op_sub_i64:
2243 case INDEX_op_mul_i32:
2244 case INDEX_op_mul_i64:
2245 case INDEX_op_or_i32:
2246 case INDEX_op_or_i64:
2247 case INDEX_op_xor_i32:
2248 case INDEX_op_xor_i64:
2251 case INDEX_op_and_i32:
2252 case INDEX_op_and_i64:
2254 static const TCGTargetOpDef and
2255 = { .args_ct_str = { "r", "0", "reZ" } };
2259 case INDEX_op_andc_i32:
2260 case INDEX_op_andc_i64:
2262 static const TCGTargetOpDef andc
2263 = { .args_ct_str = { "r", "r", "rI" } };
2268 case INDEX_op_shl_i32:
2269 case INDEX_op_shl_i64:
2270 case INDEX_op_shr_i32:
2271 case INDEX_op_shr_i64:
2272 case INDEX_op_sar_i32:
2273 case INDEX_op_sar_i64:
2274 return have_bmi2 ? &r_r_ri : &r_0_ci;
2275 case INDEX_op_rotl_i32:
2276 case INDEX_op_rotl_i64:
2277 case INDEX_op_rotr_i32:
2278 case INDEX_op_rotr_i64:
2281 case INDEX_op_brcond_i32:
2282 case INDEX_op_brcond_i64:
2285 case INDEX_op_bswap16_i32:
2286 case INDEX_op_bswap16_i64:
2287 case INDEX_op_bswap32_i32:
2288 case INDEX_op_bswap32_i64:
2289 case INDEX_op_bswap64_i64:
2290 case INDEX_op_neg_i32:
2291 case INDEX_op_neg_i64:
2292 case INDEX_op_not_i32:
2293 case INDEX_op_not_i64:
2296 case INDEX_op_ext8s_i32:
2297 case INDEX_op_ext8s_i64:
2298 case INDEX_op_ext8u_i32:
2299 case INDEX_op_ext8u_i64:
2301 case INDEX_op_ext16s_i32:
2302 case INDEX_op_ext16s_i64:
2303 case INDEX_op_ext16u_i32:
2304 case INDEX_op_ext16u_i64:
2305 case INDEX_op_ext32s_i64:
2306 case INDEX_op_ext32u_i64:
2307 case INDEX_op_ext_i32_i64:
2308 case INDEX_op_extu_i32_i64:
2309 case INDEX_op_extract_i32:
2310 case INDEX_op_extract_i64:
2311 case INDEX_op_sextract_i32:
2314 case INDEX_op_deposit_i32:
2315 case INDEX_op_deposit_i64:
2317 static const TCGTargetOpDef dep
2318 = { .args_ct_str = { "Q", "0", "Q" } };
2321 case INDEX_op_setcond_i32:
2322 case INDEX_op_setcond_i64:
2324 static const TCGTargetOpDef setc
2325 = { .args_ct_str = { "q", "r", "re" } };
2328 case INDEX_op_movcond_i32:
2329 case INDEX_op_movcond_i64:
2331 static const TCGTargetOpDef movc
2332 = { .args_ct_str = { "r", "r", "re", "r", "0" } };
2335 case INDEX_op_div2_i32:
2336 case INDEX_op_div2_i64:
2337 case INDEX_op_divu2_i32:
2338 case INDEX_op_divu2_i64:
2340 static const TCGTargetOpDef div2
2341 = { .args_ct_str = { "a", "d", "0", "1", "r" } };
2344 case INDEX_op_mulu2_i32:
2345 case INDEX_op_mulu2_i64:
2346 case INDEX_op_muls2_i32:
2347 case INDEX_op_muls2_i64:
2349 static const TCGTargetOpDef mul2
2350 = { .args_ct_str = { "a", "d", "a", "r" } };
2353 case INDEX_op_add2_i32:
2354 case INDEX_op_add2_i64:
2355 case INDEX_op_sub2_i32:
2356 case INDEX_op_sub2_i64:
2358 static const TCGTargetOpDef arith2
2359 = { .args_ct_str = { "r", "r", "0", "1", "re", "re" } };
2363 case INDEX_op_qemu_ld_i32:
2364 return TARGET_LONG_BITS <= TCG_TARGET_REG_BITS ? &r_L : &r_L_L;
2365 case INDEX_op_qemu_st_i32:
2366 return TARGET_LONG_BITS <= TCG_TARGET_REG_BITS ? &L_L : &L_L_L;
2367 case INDEX_op_qemu_ld_i64:
2368 return (TCG_TARGET_REG_BITS == 64 ? &r_L
2369 : TARGET_LONG_BITS <= TCG_TARGET_REG_BITS ? &r_r_L
2371 case INDEX_op_qemu_st_i64:
2372 return (TCG_TARGET_REG_BITS == 64 ? &L_L
2373 : TARGET_LONG_BITS <= TCG_TARGET_REG_BITS ? &L_L_L
2376 case INDEX_op_brcond2_i32:
2378 static const TCGTargetOpDef b2
2379 = { .args_ct_str = { "r", "r", "ri", "ri" } };
2382 case INDEX_op_setcond2_i32:
2384 static const TCGTargetOpDef s2
2385 = { .args_ct_str = { "r", "r", "r", "ri", "ri" } };
2395 static int tcg_target_callee_save_regs[] = {
2396 #if TCG_TARGET_REG_BITS == 64
2405 TCG_REG_R14, /* Currently used for the global env. */
2408 TCG_REG_EBP, /* Currently used for the global env. */
2415 /* Compute frame size via macros, to share between tcg_target_qemu_prologue
2416 and tcg_register_jit. */
2419 ((1 + ARRAY_SIZE(tcg_target_callee_save_regs)) \
2420 * (TCG_TARGET_REG_BITS / 8))
2422 #define FRAME_SIZE \
2424 + TCG_STATIC_CALL_ARGS_SIZE \
2425 + CPU_TEMP_BUF_NLONGS * sizeof(long) \
2426 + TCG_TARGET_STACK_ALIGN - 1) \
2427 & ~(TCG_TARGET_STACK_ALIGN - 1))
2429 /* Generate global QEMU prologue and epilogue code */
2430 static void tcg_target_qemu_prologue(TCGContext *s)
2432 int i, stack_addend;
2436 /* Reserve some stack space, also for TCG temps. */
2437 stack_addend = FRAME_SIZE - PUSH_SIZE;
2438 tcg_set_frame(s, TCG_REG_CALL_STACK, TCG_STATIC_CALL_ARGS_SIZE,
2439 CPU_TEMP_BUF_NLONGS * sizeof(long));
2441 /* Save all callee saved registers. */
2442 for (i = 0; i < ARRAY_SIZE(tcg_target_callee_save_regs); i++) {
2443 tcg_out_push(s, tcg_target_callee_save_regs[i]);
2446 #if TCG_TARGET_REG_BITS == 32
2447 tcg_out_ld(s, TCG_TYPE_PTR, TCG_AREG0, TCG_REG_ESP,
2448 (ARRAY_SIZE(tcg_target_callee_save_regs) + 1) * 4);
2449 tcg_out_addi(s, TCG_REG_ESP, -stack_addend);
2451 tcg_out_modrm_offset(s, OPC_GRP5, EXT5_JMPN_Ev, TCG_REG_ESP,
2452 (ARRAY_SIZE(tcg_target_callee_save_regs) + 2) * 4
2455 tcg_out_mov(s, TCG_TYPE_PTR, TCG_AREG0, tcg_target_call_iarg_regs[0]);
2456 tcg_out_addi(s, TCG_REG_ESP, -stack_addend);
2458 tcg_out_modrm(s, OPC_GRP5, EXT5_JMPN_Ev, tcg_target_call_iarg_regs[1]);
2462 tb_ret_addr = s->code_ptr;
2464 tcg_out_addi(s, TCG_REG_CALL_STACK, stack_addend);
2466 for (i = ARRAY_SIZE(tcg_target_callee_save_regs) - 1; i >= 0; i--) {
2467 tcg_out_pop(s, tcg_target_callee_save_regs[i]);
2469 tcg_out_opc(s, OPC_RET, 0, 0, 0);
2471 #if !defined(CONFIG_SOFTMMU)
2472 /* Try to set up a segment register to point to guest_base. */
2474 setup_guest_base_seg();
2479 static void tcg_target_init(TCGContext *s)
2481 #ifdef CONFIG_CPUID_H
2482 unsigned a, b, c, d;
2483 int max = __get_cpuid_max(0, 0);
2486 __cpuid(1, a, b, c, d);
2488 /* For 32-bit, 99% certainty that we're running on hardware that
2489 supports cmov, but we still need to check. In case cmov is not
2490 available, we'll use a small forward branch. */
2491 have_cmov = (d & bit_CMOV) != 0;
2494 /* MOVBE is only available on Intel Atom and Haswell CPUs, so we
2495 need to probe for it. */
2496 have_movbe = (c & bit_MOVBE) != 0;
2501 /* BMI1 is available on AMD Piledriver and Intel Haswell CPUs. */
2502 __cpuid_count(7, 0, a, b, c, d);
2504 have_bmi1 = (b & bit_BMI) != 0;
2507 have_bmi2 = (b & bit_BMI2) != 0;
2512 if (TCG_TARGET_REG_BITS == 64) {
2513 tcg_regset_set32(tcg_target_available_regs[TCG_TYPE_I32], 0, 0xffff);
2514 tcg_regset_set32(tcg_target_available_regs[TCG_TYPE_I64], 0, 0xffff);
2516 tcg_regset_set32(tcg_target_available_regs[TCG_TYPE_I32], 0, 0xff);
2519 tcg_regset_clear(tcg_target_call_clobber_regs);
2520 tcg_regset_set_reg(tcg_target_call_clobber_regs, TCG_REG_EAX);
2521 tcg_regset_set_reg(tcg_target_call_clobber_regs, TCG_REG_EDX);
2522 tcg_regset_set_reg(tcg_target_call_clobber_regs, TCG_REG_ECX);
2523 if (TCG_TARGET_REG_BITS == 64) {
2524 #if !defined(_WIN64)
2525 tcg_regset_set_reg(tcg_target_call_clobber_regs, TCG_REG_RDI);
2526 tcg_regset_set_reg(tcg_target_call_clobber_regs, TCG_REG_RSI);
2528 tcg_regset_set_reg(tcg_target_call_clobber_regs, TCG_REG_R8);
2529 tcg_regset_set_reg(tcg_target_call_clobber_regs, TCG_REG_R9);
2530 tcg_regset_set_reg(tcg_target_call_clobber_regs, TCG_REG_R10);
2531 tcg_regset_set_reg(tcg_target_call_clobber_regs, TCG_REG_R11);
2534 tcg_regset_clear(s->reserved_regs);
2535 tcg_regset_set_reg(s->reserved_regs, TCG_REG_CALL_STACK);
2540 uint8_t fde_def_cfa[4];
2541 uint8_t fde_reg_ofs[14];
2544 /* We're expecting a 2 byte uleb128 encoded value. */
2545 QEMU_BUILD_BUG_ON(FRAME_SIZE >= (1 << 14));
2547 #if !defined(__ELF__)
2548 /* Host machine without ELF. */
2549 #elif TCG_TARGET_REG_BITS == 64
2550 #define ELF_HOST_MACHINE EM_X86_64
2551 static const DebugFrame debug_frame = {
2552 .h.cie.len = sizeof(DebugFrameCIE)-4, /* length after .len member */
2555 .h.cie.code_align = 1,
2556 .h.cie.data_align = 0x78, /* sleb128 -8 */
2557 .h.cie.return_column = 16,
2559 /* Total FDE size does not include the "len" member. */
2560 .h.fde.len = sizeof(DebugFrame) - offsetof(DebugFrame, h.fde.cie_offset),
2563 12, 7, /* DW_CFA_def_cfa %rsp, ... */
2564 (FRAME_SIZE & 0x7f) | 0x80, /* ... uleb128 FRAME_SIZE */
2568 0x90, 1, /* DW_CFA_offset, %rip, -8 */
2569 /* The following ordering must match tcg_target_callee_save_regs. */
2570 0x86, 2, /* DW_CFA_offset, %rbp, -16 */
2571 0x83, 3, /* DW_CFA_offset, %rbx, -24 */
2572 0x8c, 4, /* DW_CFA_offset, %r12, -32 */
2573 0x8d, 5, /* DW_CFA_offset, %r13, -40 */
2574 0x8e, 6, /* DW_CFA_offset, %r14, -48 */
2575 0x8f, 7, /* DW_CFA_offset, %r15, -56 */
2579 #define ELF_HOST_MACHINE EM_386
2580 static const DebugFrame debug_frame = {
2581 .h.cie.len = sizeof(DebugFrameCIE)-4, /* length after .len member */
2584 .h.cie.code_align = 1,
2585 .h.cie.data_align = 0x7c, /* sleb128 -4 */
2586 .h.cie.return_column = 8,
2588 /* Total FDE size does not include the "len" member. */
2589 .h.fde.len = sizeof(DebugFrame) - offsetof(DebugFrame, h.fde.cie_offset),
2592 12, 4, /* DW_CFA_def_cfa %esp, ... */
2593 (FRAME_SIZE & 0x7f) | 0x80, /* ... uleb128 FRAME_SIZE */
2597 0x88, 1, /* DW_CFA_offset, %eip, -4 */
2598 /* The following ordering must match tcg_target_callee_save_regs. */
2599 0x85, 2, /* DW_CFA_offset, %ebp, -8 */
2600 0x83, 3, /* DW_CFA_offset, %ebx, -12 */
2601 0x86, 4, /* DW_CFA_offset, %esi, -16 */
2602 0x87, 5, /* DW_CFA_offset, %edi, -20 */
2607 #if defined(ELF_HOST_MACHINE)
2608 void tcg_register_jit(void *buf, size_t buf_size)
2610 tcg_register_jit_int(buf, buf_size, &debug_frame, sizeof(debug_frame));
projects / qemu.git / blob