4 * Copyright (c) 2003 Fabrice Bellard
5 * Copyright (c) 2005-2007 CodeSourcery
6 * Copyright (c) 2007 OpenedHand, Ltd.
8 * This library is free software; you can redistribute it and/or
9 * modify it under the terms of the GNU Lesser General Public
10 * License as published by the Free Software Foundation; either
11 * version 2 of the License, or (at your option) any later version.
13 * This library is distributed in the hope that it will be useful,
14 * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 * Lesser General Public License for more details.
18 * You should have received a copy of the GNU Lesser General Public
19 * License along with this library; if not, see <http://www.gnu.org/licenses/>.
36 #define ENABLE_ARCH_4T arm_feature(env, ARM_FEATURE_V4T)
37 #define ENABLE_ARCH_5 arm_feature(env, ARM_FEATURE_V5)
38 /* currently all emulated v5 cores are also v5TE, so don't bother */
39 #define ENABLE_ARCH_5TE arm_feature(env, ARM_FEATURE_V5)
40 #define ENABLE_ARCH_5J 0
41 #define ENABLE_ARCH_6 arm_feature(env, ARM_FEATURE_V6)
42 #define ENABLE_ARCH_6K arm_feature(env, ARM_FEATURE_V6K)
43 #define ENABLE_ARCH_6T2 arm_feature(env, ARM_FEATURE_THUMB2)
44 #define ENABLE_ARCH_7 arm_feature(env, ARM_FEATURE_V7)
46 #define ARCH(x) do { if (!ENABLE_ARCH_##x) goto illegal_op; } while(0)
48 /* internal defines */
49 typedef struct DisasContext {
52 /* Nonzero if this instruction has been conditionally skipped. */
54 /* The label that will be jumped to when the instruction is skipped. */
56 /* Thumb-2 condtional execution bits. */
59 struct TranslationBlock *tb;
60 int singlestep_enabled;
62 #if !defined(CONFIG_USER_ONLY)
70 static uint32_t gen_opc_condexec_bits[OPC_BUF_SIZE];
72 #if defined(CONFIG_USER_ONLY)
75 #define IS_USER(s) (s->user)
78 /* These instructions trap after executing, so defer them until after the
79 conditional executions state has been updated. */
83 static TCGv_ptr cpu_env;
84 /* We reuse the same 64-bit temporaries for efficiency. */
85 static TCGv_i64 cpu_V0, cpu_V1, cpu_M0;
86 static TCGv_i32 cpu_R[16];
87 static TCGv_i32 cpu_exclusive_addr;
88 static TCGv_i32 cpu_exclusive_val;
89 static TCGv_i32 cpu_exclusive_high;
90 #ifdef CONFIG_USER_ONLY
91 static TCGv_i32 cpu_exclusive_test;
92 static TCGv_i32 cpu_exclusive_info;
95 /* FIXME: These should be removed. */
96 static TCGv cpu_F0s, cpu_F1s;
97 static TCGv_i64 cpu_F0d, cpu_F1d;
99 #include "gen-icount.h"
101 static const char *regnames[] =
102 { "r0", "r1", "r2", "r3", "r4", "r5", "r6", "r7",
103 "r8", "r9", "r10", "r11", "r12", "r13", "r14", "pc" };
105 /* initialize TCG globals. */
106 void arm_translate_init(void)
110 cpu_env = tcg_global_reg_new_ptr(TCG_AREG0, "env");
112 for (i = 0; i < 16; i++) {
113 cpu_R[i] = tcg_global_mem_new_i32(TCG_AREG0,
114 offsetof(CPUState, regs[i]),
117 cpu_exclusive_addr = tcg_global_mem_new_i32(TCG_AREG0,
118 offsetof(CPUState, exclusive_addr), "exclusive_addr");
119 cpu_exclusive_val = tcg_global_mem_new_i32(TCG_AREG0,
120 offsetof(CPUState, exclusive_val), "exclusive_val");
121 cpu_exclusive_high = tcg_global_mem_new_i32(TCG_AREG0,
122 offsetof(CPUState, exclusive_high), "exclusive_high");
123 #ifdef CONFIG_USER_ONLY
124 cpu_exclusive_test = tcg_global_mem_new_i32(TCG_AREG0,
125 offsetof(CPUState, exclusive_test), "exclusive_test");
126 cpu_exclusive_info = tcg_global_mem_new_i32(TCG_AREG0,
127 offsetof(CPUState, exclusive_info), "exclusive_info");
134 static inline TCGv load_cpu_offset(int offset)
136 TCGv tmp = tcg_temp_new_i32();
137 tcg_gen_ld_i32(tmp, cpu_env, offset);
141 #define load_cpu_field(name) load_cpu_offset(offsetof(CPUState, name))
143 static inline void store_cpu_offset(TCGv var, int offset)
145 tcg_gen_st_i32(var, cpu_env, offset);
146 tcg_temp_free_i32(var);
149 #define store_cpu_field(var, name) \
150 store_cpu_offset(var, offsetof(CPUState, name))
152 /* Set a variable to the value of a CPU register. */
153 static void load_reg_var(DisasContext *s, TCGv var, int reg)
157 /* normaly, since we updated PC, we need only to add one insn */
159 addr = (long)s->pc + 2;
161 addr = (long)s->pc + 4;
162 tcg_gen_movi_i32(var, addr);
164 tcg_gen_mov_i32(var, cpu_R[reg]);
168 /* Create a new temporary and set it to the value of a CPU register. */
169 static inline TCGv load_reg(DisasContext *s, int reg)
171 TCGv tmp = tcg_temp_new_i32();
172 load_reg_var(s, tmp, reg);
176 /* Set a CPU register. The source must be a temporary and will be
178 static void store_reg(DisasContext *s, int reg, TCGv var)
181 tcg_gen_andi_i32(var, var, ~1);
182 s->is_jmp = DISAS_JUMP;
184 tcg_gen_mov_i32(cpu_R[reg], var);
185 tcg_temp_free_i32(var);
188 /* Value extensions. */
189 #define gen_uxtb(var) tcg_gen_ext8u_i32(var, var)
190 #define gen_uxth(var) tcg_gen_ext16u_i32(var, var)
191 #define gen_sxtb(var) tcg_gen_ext8s_i32(var, var)
192 #define gen_sxth(var) tcg_gen_ext16s_i32(var, var)
194 #define gen_sxtb16(var) gen_helper_sxtb16(var, var)
195 #define gen_uxtb16(var) gen_helper_uxtb16(var, var)
198 static inline void gen_set_cpsr(TCGv var, uint32_t mask)
200 TCGv tmp_mask = tcg_const_i32(mask);
201 gen_helper_cpsr_write(var, tmp_mask);
202 tcg_temp_free_i32(tmp_mask);
204 /* Set NZCV flags from the high 4 bits of var. */
205 #define gen_set_nzcv(var) gen_set_cpsr(var, CPSR_NZCV)
207 static void gen_exception(int excp)
209 TCGv tmp = tcg_temp_new_i32();
210 tcg_gen_movi_i32(tmp, excp);
211 gen_helper_exception(tmp);
212 tcg_temp_free_i32(tmp);
215 static void gen_smul_dual(TCGv a, TCGv b)
217 TCGv tmp1 = tcg_temp_new_i32();
218 TCGv tmp2 = tcg_temp_new_i32();
219 tcg_gen_ext16s_i32(tmp1, a);
220 tcg_gen_ext16s_i32(tmp2, b);
221 tcg_gen_mul_i32(tmp1, tmp1, tmp2);
222 tcg_temp_free_i32(tmp2);
223 tcg_gen_sari_i32(a, a, 16);
224 tcg_gen_sari_i32(b, b, 16);
225 tcg_gen_mul_i32(b, b, a);
226 tcg_gen_mov_i32(a, tmp1);
227 tcg_temp_free_i32(tmp1);
230 /* Byteswap each halfword. */
231 static void gen_rev16(TCGv var)
233 TCGv tmp = tcg_temp_new_i32();
234 tcg_gen_shri_i32(tmp, var, 8);
235 tcg_gen_andi_i32(tmp, tmp, 0x00ff00ff);
236 tcg_gen_shli_i32(var, var, 8);
237 tcg_gen_andi_i32(var, var, 0xff00ff00);
238 tcg_gen_or_i32(var, var, tmp);
239 tcg_temp_free_i32(tmp);
242 /* Byteswap low halfword and sign extend. */
243 static void gen_revsh(TCGv var)
245 tcg_gen_ext16u_i32(var, var);
246 tcg_gen_bswap16_i32(var, var);
247 tcg_gen_ext16s_i32(var, var);
250 /* Unsigned bitfield extract. */
251 static void gen_ubfx(TCGv var, int shift, uint32_t mask)
254 tcg_gen_shri_i32(var, var, shift);
255 tcg_gen_andi_i32(var, var, mask);
258 /* Signed bitfield extract. */
259 static void gen_sbfx(TCGv var, int shift, int width)
264 tcg_gen_sari_i32(var, var, shift);
265 if (shift + width < 32) {
266 signbit = 1u << (width - 1);
267 tcg_gen_andi_i32(var, var, (1u << width) - 1);
268 tcg_gen_xori_i32(var, var, signbit);
269 tcg_gen_subi_i32(var, var, signbit);
273 /* Bitfield insertion. Insert val into base. Clobbers base and val. */
274 static void gen_bfi(TCGv dest, TCGv base, TCGv val, int shift, uint32_t mask)
276 tcg_gen_andi_i32(val, val, mask);
277 tcg_gen_shli_i32(val, val, shift);
278 tcg_gen_andi_i32(base, base, ~(mask << shift));
279 tcg_gen_or_i32(dest, base, val);
282 /* Return (b << 32) + a. Mark inputs as dead */
283 static TCGv_i64 gen_addq_msw(TCGv_i64 a, TCGv b)
285 TCGv_i64 tmp64 = tcg_temp_new_i64();
287 tcg_gen_extu_i32_i64(tmp64, b);
288 tcg_temp_free_i32(b);
289 tcg_gen_shli_i64(tmp64, tmp64, 32);
290 tcg_gen_add_i64(a, tmp64, a);
292 tcg_temp_free_i64(tmp64);
296 /* Return (b << 32) - a. Mark inputs as dead. */
297 static TCGv_i64 gen_subq_msw(TCGv_i64 a, TCGv b)
299 TCGv_i64 tmp64 = tcg_temp_new_i64();
301 tcg_gen_extu_i32_i64(tmp64, b);
302 tcg_temp_free_i32(b);
303 tcg_gen_shli_i64(tmp64, tmp64, 32);
304 tcg_gen_sub_i64(a, tmp64, a);
306 tcg_temp_free_i64(tmp64);
310 /* FIXME: Most targets have native widening multiplication.
311 It would be good to use that instead of a full wide multiply. */
312 /* 32x32->64 multiply. Marks inputs as dead. */
313 static TCGv_i64 gen_mulu_i64_i32(TCGv a, TCGv b)
315 TCGv_i64 tmp1 = tcg_temp_new_i64();
316 TCGv_i64 tmp2 = tcg_temp_new_i64();
318 tcg_gen_extu_i32_i64(tmp1, a);
319 tcg_temp_free_i32(a);
320 tcg_gen_extu_i32_i64(tmp2, b);
321 tcg_temp_free_i32(b);
322 tcg_gen_mul_i64(tmp1, tmp1, tmp2);
323 tcg_temp_free_i64(tmp2);
327 static TCGv_i64 gen_muls_i64_i32(TCGv a, TCGv b)
329 TCGv_i64 tmp1 = tcg_temp_new_i64();
330 TCGv_i64 tmp2 = tcg_temp_new_i64();
332 tcg_gen_ext_i32_i64(tmp1, a);
333 tcg_temp_free_i32(a);
334 tcg_gen_ext_i32_i64(tmp2, b);
335 tcg_temp_free_i32(b);
336 tcg_gen_mul_i64(tmp1, tmp1, tmp2);
337 tcg_temp_free_i64(tmp2);
341 /* Swap low and high halfwords. */
342 static void gen_swap_half(TCGv var)
344 TCGv tmp = tcg_temp_new_i32();
345 tcg_gen_shri_i32(tmp, var, 16);
346 tcg_gen_shli_i32(var, var, 16);
347 tcg_gen_or_i32(var, var, tmp);
348 tcg_temp_free_i32(tmp);
351 /* Dual 16-bit add. Result placed in t0 and t1 is marked as dead.
352 tmp = (t0 ^ t1) & 0x8000;
355 t0 = (t0 + t1) ^ tmp;
358 static void gen_add16(TCGv t0, TCGv t1)
360 TCGv tmp = tcg_temp_new_i32();
361 tcg_gen_xor_i32(tmp, t0, t1);
362 tcg_gen_andi_i32(tmp, tmp, 0x8000);
363 tcg_gen_andi_i32(t0, t0, ~0x8000);
364 tcg_gen_andi_i32(t1, t1, ~0x8000);
365 tcg_gen_add_i32(t0, t0, t1);
366 tcg_gen_xor_i32(t0, t0, tmp);
367 tcg_temp_free_i32(tmp);
368 tcg_temp_free_i32(t1);
371 #define gen_set_CF(var) tcg_gen_st_i32(var, cpu_env, offsetof(CPUState, CF))
373 /* Set CF to the top bit of var. */
374 static void gen_set_CF_bit31(TCGv var)
376 TCGv tmp = tcg_temp_new_i32();
377 tcg_gen_shri_i32(tmp, var, 31);
379 tcg_temp_free_i32(tmp);
382 /* Set N and Z flags from var. */
383 static inline void gen_logic_CC(TCGv var)
385 tcg_gen_st_i32(var, cpu_env, offsetof(CPUState, NF));
386 tcg_gen_st_i32(var, cpu_env, offsetof(CPUState, ZF));
390 static void gen_adc(TCGv t0, TCGv t1)
393 tcg_gen_add_i32(t0, t0, t1);
394 tmp = load_cpu_field(CF);
395 tcg_gen_add_i32(t0, t0, tmp);
396 tcg_temp_free_i32(tmp);
399 /* dest = T0 + T1 + CF. */
400 static void gen_add_carry(TCGv dest, TCGv t0, TCGv t1)
403 tcg_gen_add_i32(dest, t0, t1);
404 tmp = load_cpu_field(CF);
405 tcg_gen_add_i32(dest, dest, tmp);
406 tcg_temp_free_i32(tmp);
409 /* dest = T0 - T1 + CF - 1. */
410 static void gen_sub_carry(TCGv dest, TCGv t0, TCGv t1)
413 tcg_gen_sub_i32(dest, t0, t1);
414 tmp = load_cpu_field(CF);
415 tcg_gen_add_i32(dest, dest, tmp);
416 tcg_gen_subi_i32(dest, dest, 1);
417 tcg_temp_free_i32(tmp);
420 /* FIXME: Implement this natively. */
421 #define tcg_gen_abs_i32(t0, t1) gen_helper_abs(t0, t1)
423 static void shifter_out_im(TCGv var, int shift)
425 TCGv tmp = tcg_temp_new_i32();
427 tcg_gen_andi_i32(tmp, var, 1);
429 tcg_gen_shri_i32(tmp, var, shift);
431 tcg_gen_andi_i32(tmp, tmp, 1);
434 tcg_temp_free_i32(tmp);
437 /* Shift by immediate. Includes special handling for shift == 0. */
438 static inline void gen_arm_shift_im(TCGv var, int shiftop, int shift, int flags)
444 shifter_out_im(var, 32 - shift);
445 tcg_gen_shli_i32(var, var, shift);
451 tcg_gen_shri_i32(var, var, 31);
454 tcg_gen_movi_i32(var, 0);
457 shifter_out_im(var, shift - 1);
458 tcg_gen_shri_i32(var, var, shift);
465 shifter_out_im(var, shift - 1);
468 tcg_gen_sari_i32(var, var, shift);
470 case 3: /* ROR/RRX */
473 shifter_out_im(var, shift - 1);
474 tcg_gen_rotri_i32(var, var, shift); break;
476 TCGv tmp = load_cpu_field(CF);
478 shifter_out_im(var, 0);
479 tcg_gen_shri_i32(var, var, 1);
480 tcg_gen_shli_i32(tmp, tmp, 31);
481 tcg_gen_or_i32(var, var, tmp);
482 tcg_temp_free_i32(tmp);
487 static inline void gen_arm_shift_reg(TCGv var, int shiftop,
488 TCGv shift, int flags)
492 case 0: gen_helper_shl_cc(var, var, shift); break;
493 case 1: gen_helper_shr_cc(var, var, shift); break;
494 case 2: gen_helper_sar_cc(var, var, shift); break;
495 case 3: gen_helper_ror_cc(var, var, shift); break;
499 case 0: gen_helper_shl(var, var, shift); break;
500 case 1: gen_helper_shr(var, var, shift); break;
501 case 2: gen_helper_sar(var, var, shift); break;
502 case 3: tcg_gen_andi_i32(shift, shift, 0x1f);
503 tcg_gen_rotr_i32(var, var, shift); break;
506 tcg_temp_free_i32(shift);
509 #define PAS_OP(pfx) \
511 case 0: gen_pas_helper(glue(pfx,add16)); break; \
512 case 1: gen_pas_helper(glue(pfx,addsubx)); break; \
513 case 2: gen_pas_helper(glue(pfx,subaddx)); break; \
514 case 3: gen_pas_helper(glue(pfx,sub16)); break; \
515 case 4: gen_pas_helper(glue(pfx,add8)); break; \
516 case 7: gen_pas_helper(glue(pfx,sub8)); break; \
518 static void gen_arm_parallel_addsub(int op1, int op2, TCGv a, TCGv b)
523 #define gen_pas_helper(name) glue(gen_helper_,name)(a, a, b, tmp)
525 tmp = tcg_temp_new_ptr();
526 tcg_gen_addi_ptr(tmp, cpu_env, offsetof(CPUState, GE));
528 tcg_temp_free_ptr(tmp);
531 tmp = tcg_temp_new_ptr();
532 tcg_gen_addi_ptr(tmp, cpu_env, offsetof(CPUState, GE));
534 tcg_temp_free_ptr(tmp);
536 #undef gen_pas_helper
537 #define gen_pas_helper(name) glue(gen_helper_,name)(a, a, b)
550 #undef gen_pas_helper
555 /* For unknown reasons Arm and Thumb-2 use arbitrarily different encodings. */
556 #define PAS_OP(pfx) \
558 case 0: gen_pas_helper(glue(pfx,add8)); break; \
559 case 1: gen_pas_helper(glue(pfx,add16)); break; \
560 case 2: gen_pas_helper(glue(pfx,addsubx)); break; \
561 case 4: gen_pas_helper(glue(pfx,sub8)); break; \
562 case 5: gen_pas_helper(glue(pfx,sub16)); break; \
563 case 6: gen_pas_helper(glue(pfx,subaddx)); break; \
565 static void gen_thumb2_parallel_addsub(int op1, int op2, TCGv a, TCGv b)
570 #define gen_pas_helper(name) glue(gen_helper_,name)(a, a, b, tmp)
572 tmp = tcg_temp_new_ptr();
573 tcg_gen_addi_ptr(tmp, cpu_env, offsetof(CPUState, GE));
575 tcg_temp_free_ptr(tmp);
578 tmp = tcg_temp_new_ptr();
579 tcg_gen_addi_ptr(tmp, cpu_env, offsetof(CPUState, GE));
581 tcg_temp_free_ptr(tmp);
583 #undef gen_pas_helper
584 #define gen_pas_helper(name) glue(gen_helper_,name)(a, a, b)
597 #undef gen_pas_helper
602 static void gen_test_cc(int cc, int label)
610 tmp = load_cpu_field(ZF);
611 tcg_gen_brcondi_i32(TCG_COND_EQ, tmp, 0, label);
614 tmp = load_cpu_field(ZF);
615 tcg_gen_brcondi_i32(TCG_COND_NE, tmp, 0, label);
618 tmp = load_cpu_field(CF);
619 tcg_gen_brcondi_i32(TCG_COND_NE, tmp, 0, label);
622 tmp = load_cpu_field(CF);
623 tcg_gen_brcondi_i32(TCG_COND_EQ, tmp, 0, label);
626 tmp = load_cpu_field(NF);
627 tcg_gen_brcondi_i32(TCG_COND_LT, tmp, 0, label);
630 tmp = load_cpu_field(NF);
631 tcg_gen_brcondi_i32(TCG_COND_GE, tmp, 0, label);
634 tmp = load_cpu_field(VF);
635 tcg_gen_brcondi_i32(TCG_COND_LT, tmp, 0, label);
638 tmp = load_cpu_field(VF);
639 tcg_gen_brcondi_i32(TCG_COND_GE, tmp, 0, label);
641 case 8: /* hi: C && !Z */
642 inv = gen_new_label();
643 tmp = load_cpu_field(CF);
644 tcg_gen_brcondi_i32(TCG_COND_EQ, tmp, 0, inv);
645 tcg_temp_free_i32(tmp);
646 tmp = load_cpu_field(ZF);
647 tcg_gen_brcondi_i32(TCG_COND_NE, tmp, 0, label);
650 case 9: /* ls: !C || Z */
651 tmp = load_cpu_field(CF);
652 tcg_gen_brcondi_i32(TCG_COND_EQ, tmp, 0, label);
653 tcg_temp_free_i32(tmp);
654 tmp = load_cpu_field(ZF);
655 tcg_gen_brcondi_i32(TCG_COND_EQ, tmp, 0, label);
657 case 10: /* ge: N == V -> N ^ V == 0 */
658 tmp = load_cpu_field(VF);
659 tmp2 = load_cpu_field(NF);
660 tcg_gen_xor_i32(tmp, tmp, tmp2);
661 tcg_temp_free_i32(tmp2);
662 tcg_gen_brcondi_i32(TCG_COND_GE, tmp, 0, label);
664 case 11: /* lt: N != V -> N ^ V != 0 */
665 tmp = load_cpu_field(VF);
666 tmp2 = load_cpu_field(NF);
667 tcg_gen_xor_i32(tmp, tmp, tmp2);
668 tcg_temp_free_i32(tmp2);
669 tcg_gen_brcondi_i32(TCG_COND_LT, tmp, 0, label);
671 case 12: /* gt: !Z && N == V */
672 inv = gen_new_label();
673 tmp = load_cpu_field(ZF);
674 tcg_gen_brcondi_i32(TCG_COND_EQ, tmp, 0, inv);
675 tcg_temp_free_i32(tmp);
676 tmp = load_cpu_field(VF);
677 tmp2 = load_cpu_field(NF);
678 tcg_gen_xor_i32(tmp, tmp, tmp2);
679 tcg_temp_free_i32(tmp2);
680 tcg_gen_brcondi_i32(TCG_COND_GE, tmp, 0, label);
683 case 13: /* le: Z || N != V */
684 tmp = load_cpu_field(ZF);
685 tcg_gen_brcondi_i32(TCG_COND_EQ, tmp, 0, label);
686 tcg_temp_free_i32(tmp);
687 tmp = load_cpu_field(VF);
688 tmp2 = load_cpu_field(NF);
689 tcg_gen_xor_i32(tmp, tmp, tmp2);
690 tcg_temp_free_i32(tmp2);
691 tcg_gen_brcondi_i32(TCG_COND_LT, tmp, 0, label);
694 fprintf(stderr, "Bad condition code 0x%x\n", cc);
697 tcg_temp_free_i32(tmp);
700 static const uint8_t table_logic_cc[16] = {
719 /* Set PC and Thumb state from an immediate address. */
720 static inline void gen_bx_im(DisasContext *s, uint32_t addr)
724 s->is_jmp = DISAS_UPDATE;
725 if (s->thumb != (addr & 1)) {
726 tmp = tcg_temp_new_i32();
727 tcg_gen_movi_i32(tmp, addr & 1);
728 tcg_gen_st_i32(tmp, cpu_env, offsetof(CPUState, thumb));
729 tcg_temp_free_i32(tmp);
731 tcg_gen_movi_i32(cpu_R[15], addr & ~1);
734 /* Set PC and Thumb state from var. var is marked as dead. */
735 static inline void gen_bx(DisasContext *s, TCGv var)
737 s->is_jmp = DISAS_UPDATE;
738 tcg_gen_andi_i32(cpu_R[15], var, ~1);
739 tcg_gen_andi_i32(var, var, 1);
740 store_cpu_field(var, thumb);
743 /* Variant of store_reg which uses branch&exchange logic when storing
744 to r15 in ARM architecture v7 and above. The source must be a temporary
745 and will be marked as dead. */
746 static inline void store_reg_bx(CPUState *env, DisasContext *s,
749 if (reg == 15 && ENABLE_ARCH_7) {
752 store_reg(s, reg, var);
756 /* Variant of store_reg which uses branch&exchange logic when storing
757 * to r15 in ARM architecture v5T and above. This is used for storing
758 * the results of a LDR/LDM/POP into r15, and corresponds to the cases
759 * in the ARM ARM which use the LoadWritePC() pseudocode function. */
760 static inline void store_reg_from_load(CPUState *env, DisasContext *s,
763 if (reg == 15 && ENABLE_ARCH_5) {
766 store_reg(s, reg, var);
770 static inline TCGv gen_ld8s(TCGv addr, int index)
772 TCGv tmp = tcg_temp_new_i32();
773 tcg_gen_qemu_ld8s(tmp, addr, index);
776 static inline TCGv gen_ld8u(TCGv addr, int index)
778 TCGv tmp = tcg_temp_new_i32();
779 tcg_gen_qemu_ld8u(tmp, addr, index);
782 static inline TCGv gen_ld16s(TCGv addr, int index)
784 TCGv tmp = tcg_temp_new_i32();
785 tcg_gen_qemu_ld16s(tmp, addr, index);
788 static inline TCGv gen_ld16u(TCGv addr, int index)
790 TCGv tmp = tcg_temp_new_i32();
791 tcg_gen_qemu_ld16u(tmp, addr, index);
794 static inline TCGv gen_ld32(TCGv addr, int index)
796 TCGv tmp = tcg_temp_new_i32();
797 tcg_gen_qemu_ld32u(tmp, addr, index);
800 static inline TCGv_i64 gen_ld64(TCGv addr, int index)
802 TCGv_i64 tmp = tcg_temp_new_i64();
803 tcg_gen_qemu_ld64(tmp, addr, index);
806 static inline void gen_st8(TCGv val, TCGv addr, int index)
808 tcg_gen_qemu_st8(val, addr, index);
809 tcg_temp_free_i32(val);
811 static inline void gen_st16(TCGv val, TCGv addr, int index)
813 tcg_gen_qemu_st16(val, addr, index);
814 tcg_temp_free_i32(val);
816 static inline void gen_st32(TCGv val, TCGv addr, int index)
818 tcg_gen_qemu_st32(val, addr, index);
819 tcg_temp_free_i32(val);
821 static inline void gen_st64(TCGv_i64 val, TCGv addr, int index)
823 tcg_gen_qemu_st64(val, addr, index);
824 tcg_temp_free_i64(val);
827 static inline void gen_set_pc_im(uint32_t val)
829 tcg_gen_movi_i32(cpu_R[15], val);
832 /* Force a TB lookup after an instruction that changes the CPU state. */
833 static inline void gen_lookup_tb(DisasContext *s)
835 tcg_gen_movi_i32(cpu_R[15], s->pc & ~1);
836 s->is_jmp = DISAS_UPDATE;
839 static inline void gen_add_data_offset(DisasContext *s, unsigned int insn,
842 int val, rm, shift, shiftop;
845 if (!(insn & (1 << 25))) {
848 if (!(insn & (1 << 23)))
851 tcg_gen_addi_i32(var, var, val);
855 shift = (insn >> 7) & 0x1f;
856 shiftop = (insn >> 5) & 3;
857 offset = load_reg(s, rm);
858 gen_arm_shift_im(offset, shiftop, shift, 0);
859 if (!(insn & (1 << 23)))
860 tcg_gen_sub_i32(var, var, offset);
862 tcg_gen_add_i32(var, var, offset);
863 tcg_temp_free_i32(offset);
867 static inline void gen_add_datah_offset(DisasContext *s, unsigned int insn,
873 if (insn & (1 << 22)) {
875 val = (insn & 0xf) | ((insn >> 4) & 0xf0);
876 if (!(insn & (1 << 23)))
880 tcg_gen_addi_i32(var, var, val);
884 tcg_gen_addi_i32(var, var, extra);
886 offset = load_reg(s, rm);
887 if (!(insn & (1 << 23)))
888 tcg_gen_sub_i32(var, var, offset);
890 tcg_gen_add_i32(var, var, offset);
891 tcg_temp_free_i32(offset);
895 static TCGv_ptr get_fpstatus_ptr(int neon)
897 TCGv_ptr statusptr = tcg_temp_new_ptr();
900 offset = offsetof(CPUState, vfp.standard_fp_status);
902 offset = offsetof(CPUState, vfp.fp_status);
904 tcg_gen_addi_ptr(statusptr, cpu_env, offset);
908 #define VFP_OP2(name) \
909 static inline void gen_vfp_##name(int dp) \
911 TCGv_ptr fpst = get_fpstatus_ptr(0); \
913 gen_helper_vfp_##name##d(cpu_F0d, cpu_F0d, cpu_F1d, fpst); \
915 gen_helper_vfp_##name##s(cpu_F0s, cpu_F0s, cpu_F1s, fpst); \
917 tcg_temp_free_ptr(fpst); \
927 static inline void gen_vfp_F1_mul(int dp)
929 /* Like gen_vfp_mul() but put result in F1 */
930 TCGv_ptr fpst = get_fpstatus_ptr(0);
932 gen_helper_vfp_muld(cpu_F1d, cpu_F0d, cpu_F1d, fpst);
934 gen_helper_vfp_muls(cpu_F1s, cpu_F0s, cpu_F1s, fpst);
936 tcg_temp_free_ptr(fpst);
939 static inline void gen_vfp_F1_neg(int dp)
941 /* Like gen_vfp_neg() but put result in F1 */
943 gen_helper_vfp_negd(cpu_F1d, cpu_F0d);
945 gen_helper_vfp_negs(cpu_F1s, cpu_F0s);
949 static inline void gen_vfp_abs(int dp)
952 gen_helper_vfp_absd(cpu_F0d, cpu_F0d);
954 gen_helper_vfp_abss(cpu_F0s, cpu_F0s);
957 static inline void gen_vfp_neg(int dp)
960 gen_helper_vfp_negd(cpu_F0d, cpu_F0d);
962 gen_helper_vfp_negs(cpu_F0s, cpu_F0s);
965 static inline void gen_vfp_sqrt(int dp)
968 gen_helper_vfp_sqrtd(cpu_F0d, cpu_F0d, cpu_env);
970 gen_helper_vfp_sqrts(cpu_F0s, cpu_F0s, cpu_env);
973 static inline void gen_vfp_cmp(int dp)
976 gen_helper_vfp_cmpd(cpu_F0d, cpu_F1d, cpu_env);
978 gen_helper_vfp_cmps(cpu_F0s, cpu_F1s, cpu_env);
981 static inline void gen_vfp_cmpe(int dp)
984 gen_helper_vfp_cmped(cpu_F0d, cpu_F1d, cpu_env);
986 gen_helper_vfp_cmpes(cpu_F0s, cpu_F1s, cpu_env);
989 static inline void gen_vfp_F1_ld0(int dp)
992 tcg_gen_movi_i64(cpu_F1d, 0);
994 tcg_gen_movi_i32(cpu_F1s, 0);
997 #define VFP_GEN_ITOF(name) \
998 static inline void gen_vfp_##name(int dp, int neon) \
1000 TCGv_ptr statusptr = get_fpstatus_ptr(neon); \
1002 gen_helper_vfp_##name##d(cpu_F0d, cpu_F0s, statusptr); \
1004 gen_helper_vfp_##name##s(cpu_F0s, cpu_F0s, statusptr); \
1006 tcg_temp_free_ptr(statusptr); \
1013 #define VFP_GEN_FTOI(name) \
1014 static inline void gen_vfp_##name(int dp, int neon) \
1016 TCGv_ptr statusptr = get_fpstatus_ptr(neon); \
1018 gen_helper_vfp_##name##d(cpu_F0s, cpu_F0d, statusptr); \
1020 gen_helper_vfp_##name##s(cpu_F0s, cpu_F0s, statusptr); \
1022 tcg_temp_free_ptr(statusptr); \
1031 #define VFP_GEN_FIX(name) \
1032 static inline void gen_vfp_##name(int dp, int shift, int neon) \
1034 TCGv tmp_shift = tcg_const_i32(shift); \
1035 TCGv_ptr statusptr = get_fpstatus_ptr(neon); \
1037 gen_helper_vfp_##name##d(cpu_F0d, cpu_F0d, tmp_shift, statusptr); \
1039 gen_helper_vfp_##name##s(cpu_F0s, cpu_F0s, tmp_shift, statusptr); \
1041 tcg_temp_free_i32(tmp_shift); \
1042 tcg_temp_free_ptr(statusptr); \
1054 static inline void gen_vfp_ld(DisasContext *s, int dp, TCGv addr)
1057 tcg_gen_qemu_ld64(cpu_F0d, addr, IS_USER(s));
1059 tcg_gen_qemu_ld32u(cpu_F0s, addr, IS_USER(s));
1062 static inline void gen_vfp_st(DisasContext *s, int dp, TCGv addr)
1065 tcg_gen_qemu_st64(cpu_F0d, addr, IS_USER(s));
1067 tcg_gen_qemu_st32(cpu_F0s, addr, IS_USER(s));
1071 vfp_reg_offset (int dp, int reg)
1074 return offsetof(CPUARMState, vfp.regs[reg]);
1076 return offsetof(CPUARMState, vfp.regs[reg >> 1])
1077 + offsetof(CPU_DoubleU, l.upper);
1079 return offsetof(CPUARMState, vfp.regs[reg >> 1])
1080 + offsetof(CPU_DoubleU, l.lower);
1084 /* Return the offset of a 32-bit piece of a NEON register.
1085 zero is the least significant end of the register. */
1087 neon_reg_offset (int reg, int n)
1091 return vfp_reg_offset(0, sreg);
1094 static TCGv neon_load_reg(int reg, int pass)
1096 TCGv tmp = tcg_temp_new_i32();
1097 tcg_gen_ld_i32(tmp, cpu_env, neon_reg_offset(reg, pass));
1101 static void neon_store_reg(int reg, int pass, TCGv var)
1103 tcg_gen_st_i32(var, cpu_env, neon_reg_offset(reg, pass));
1104 tcg_temp_free_i32(var);
1107 static inline void neon_load_reg64(TCGv_i64 var, int reg)
1109 tcg_gen_ld_i64(var, cpu_env, vfp_reg_offset(1, reg));
1112 static inline void neon_store_reg64(TCGv_i64 var, int reg)
1114 tcg_gen_st_i64(var, cpu_env, vfp_reg_offset(1, reg));
1117 #define tcg_gen_ld_f32 tcg_gen_ld_i32
1118 #define tcg_gen_ld_f64 tcg_gen_ld_i64
1119 #define tcg_gen_st_f32 tcg_gen_st_i32
1120 #define tcg_gen_st_f64 tcg_gen_st_i64
1122 static inline void gen_mov_F0_vreg(int dp, int reg)
1125 tcg_gen_ld_f64(cpu_F0d, cpu_env, vfp_reg_offset(dp, reg));
1127 tcg_gen_ld_f32(cpu_F0s, cpu_env, vfp_reg_offset(dp, reg));
1130 static inline void gen_mov_F1_vreg(int dp, int reg)
1133 tcg_gen_ld_f64(cpu_F1d, cpu_env, vfp_reg_offset(dp, reg));
1135 tcg_gen_ld_f32(cpu_F1s, cpu_env, vfp_reg_offset(dp, reg));
1138 static inline void gen_mov_vreg_F0(int dp, int reg)
1141 tcg_gen_st_f64(cpu_F0d, cpu_env, vfp_reg_offset(dp, reg));
1143 tcg_gen_st_f32(cpu_F0s, cpu_env, vfp_reg_offset(dp, reg));
1146 #define ARM_CP_RW_BIT (1 << 20)
1148 static inline void iwmmxt_load_reg(TCGv_i64 var, int reg)
1150 tcg_gen_ld_i64(var, cpu_env, offsetof(CPUState, iwmmxt.regs[reg]));
1153 static inline void iwmmxt_store_reg(TCGv_i64 var, int reg)
1155 tcg_gen_st_i64(var, cpu_env, offsetof(CPUState, iwmmxt.regs[reg]));
1158 static inline TCGv iwmmxt_load_creg(int reg)
1160 TCGv var = tcg_temp_new_i32();
1161 tcg_gen_ld_i32(var, cpu_env, offsetof(CPUState, iwmmxt.cregs[reg]));
1165 static inline void iwmmxt_store_creg(int reg, TCGv var)
1167 tcg_gen_st_i32(var, cpu_env, offsetof(CPUState, iwmmxt.cregs[reg]));
1168 tcg_temp_free_i32(var);
1171 static inline void gen_op_iwmmxt_movq_wRn_M0(int rn)
1173 iwmmxt_store_reg(cpu_M0, rn);
1176 static inline void gen_op_iwmmxt_movq_M0_wRn(int rn)
1178 iwmmxt_load_reg(cpu_M0, rn);
1181 static inline void gen_op_iwmmxt_orq_M0_wRn(int rn)
1183 iwmmxt_load_reg(cpu_V1, rn);
1184 tcg_gen_or_i64(cpu_M0, cpu_M0, cpu_V1);
1187 static inline void gen_op_iwmmxt_andq_M0_wRn(int rn)
1189 iwmmxt_load_reg(cpu_V1, rn);
1190 tcg_gen_and_i64(cpu_M0, cpu_M0, cpu_V1);
1193 static inline void gen_op_iwmmxt_xorq_M0_wRn(int rn)
1195 iwmmxt_load_reg(cpu_V1, rn);
1196 tcg_gen_xor_i64(cpu_M0, cpu_M0, cpu_V1);
1199 #define IWMMXT_OP(name) \
1200 static inline void gen_op_iwmmxt_##name##_M0_wRn(int rn) \
1202 iwmmxt_load_reg(cpu_V1, rn); \
1203 gen_helper_iwmmxt_##name(cpu_M0, cpu_M0, cpu_V1); \
1206 #define IWMMXT_OP_ENV(name) \
1207 static inline void gen_op_iwmmxt_##name##_M0_wRn(int rn) \
1209 iwmmxt_load_reg(cpu_V1, rn); \
1210 gen_helper_iwmmxt_##name(cpu_M0, cpu_env, cpu_M0, cpu_V1); \
1213 #define IWMMXT_OP_ENV_SIZE(name) \
1214 IWMMXT_OP_ENV(name##b) \
1215 IWMMXT_OP_ENV(name##w) \
1216 IWMMXT_OP_ENV(name##l)
1218 #define IWMMXT_OP_ENV1(name) \
1219 static inline void gen_op_iwmmxt_##name##_M0(void) \
1221 gen_helper_iwmmxt_##name(cpu_M0, cpu_env, cpu_M0); \
1235 IWMMXT_OP_ENV_SIZE(unpackl)
1236 IWMMXT_OP_ENV_SIZE(unpackh)
1238 IWMMXT_OP_ENV1(unpacklub)
1239 IWMMXT_OP_ENV1(unpackluw)
1240 IWMMXT_OP_ENV1(unpacklul)
1241 IWMMXT_OP_ENV1(unpackhub)
1242 IWMMXT_OP_ENV1(unpackhuw)
1243 IWMMXT_OP_ENV1(unpackhul)
1244 IWMMXT_OP_ENV1(unpacklsb)
1245 IWMMXT_OP_ENV1(unpacklsw)
1246 IWMMXT_OP_ENV1(unpacklsl)
1247 IWMMXT_OP_ENV1(unpackhsb)
1248 IWMMXT_OP_ENV1(unpackhsw)
1249 IWMMXT_OP_ENV1(unpackhsl)
1251 IWMMXT_OP_ENV_SIZE(cmpeq)
1252 IWMMXT_OP_ENV_SIZE(cmpgtu)
1253 IWMMXT_OP_ENV_SIZE(cmpgts)
1255 IWMMXT_OP_ENV_SIZE(mins)
1256 IWMMXT_OP_ENV_SIZE(minu)
1257 IWMMXT_OP_ENV_SIZE(maxs)
1258 IWMMXT_OP_ENV_SIZE(maxu)
1260 IWMMXT_OP_ENV_SIZE(subn)
1261 IWMMXT_OP_ENV_SIZE(addn)
1262 IWMMXT_OP_ENV_SIZE(subu)
1263 IWMMXT_OP_ENV_SIZE(addu)
1264 IWMMXT_OP_ENV_SIZE(subs)
1265 IWMMXT_OP_ENV_SIZE(adds)
1267 IWMMXT_OP_ENV(avgb0)
1268 IWMMXT_OP_ENV(avgb1)
1269 IWMMXT_OP_ENV(avgw0)
1270 IWMMXT_OP_ENV(avgw1)
1274 IWMMXT_OP_ENV(packuw)
1275 IWMMXT_OP_ENV(packul)
1276 IWMMXT_OP_ENV(packuq)
1277 IWMMXT_OP_ENV(packsw)
1278 IWMMXT_OP_ENV(packsl)
1279 IWMMXT_OP_ENV(packsq)
1281 static void gen_op_iwmmxt_set_mup(void)
1284 tmp = load_cpu_field(iwmmxt.cregs[ARM_IWMMXT_wCon]);
1285 tcg_gen_ori_i32(tmp, tmp, 2);
1286 store_cpu_field(tmp, iwmmxt.cregs[ARM_IWMMXT_wCon]);
1289 static void gen_op_iwmmxt_set_cup(void)
1292 tmp = load_cpu_field(iwmmxt.cregs[ARM_IWMMXT_wCon]);
1293 tcg_gen_ori_i32(tmp, tmp, 1);
1294 store_cpu_field(tmp, iwmmxt.cregs[ARM_IWMMXT_wCon]);
1297 static void gen_op_iwmmxt_setpsr_nz(void)
1299 TCGv tmp = tcg_temp_new_i32();
1300 gen_helper_iwmmxt_setpsr_nz(tmp, cpu_M0);
1301 store_cpu_field(tmp, iwmmxt.cregs[ARM_IWMMXT_wCASF]);
1304 static inline void gen_op_iwmmxt_addl_M0_wRn(int rn)
1306 iwmmxt_load_reg(cpu_V1, rn);
1307 tcg_gen_ext32u_i64(cpu_V1, cpu_V1);
1308 tcg_gen_add_i64(cpu_M0, cpu_M0, cpu_V1);
1311 static inline int gen_iwmmxt_address(DisasContext *s, uint32_t insn, TCGv dest)
1317 rd = (insn >> 16) & 0xf;
1318 tmp = load_reg(s, rd);
1320 offset = (insn & 0xff) << ((insn >> 7) & 2);
1321 if (insn & (1 << 24)) {
1323 if (insn & (1 << 23))
1324 tcg_gen_addi_i32(tmp, tmp, offset);
1326 tcg_gen_addi_i32(tmp, tmp, -offset);
1327 tcg_gen_mov_i32(dest, tmp);
1328 if (insn & (1 << 21))
1329 store_reg(s, rd, tmp);
1331 tcg_temp_free_i32(tmp);
1332 } else if (insn & (1 << 21)) {
1334 tcg_gen_mov_i32(dest, tmp);
1335 if (insn & (1 << 23))
1336 tcg_gen_addi_i32(tmp, tmp, offset);
1338 tcg_gen_addi_i32(tmp, tmp, -offset);
1339 store_reg(s, rd, tmp);
1340 } else if (!(insn & (1 << 23)))
1345 static inline int gen_iwmmxt_shift(uint32_t insn, uint32_t mask, TCGv dest)
1347 int rd = (insn >> 0) & 0xf;
1350 if (insn & (1 << 8)) {
1351 if (rd < ARM_IWMMXT_wCGR0 || rd > ARM_IWMMXT_wCGR3) {
1354 tmp = iwmmxt_load_creg(rd);
1357 tmp = tcg_temp_new_i32();
1358 iwmmxt_load_reg(cpu_V0, rd);
1359 tcg_gen_trunc_i64_i32(tmp, cpu_V0);
1361 tcg_gen_andi_i32(tmp, tmp, mask);
1362 tcg_gen_mov_i32(dest, tmp);
1363 tcg_temp_free_i32(tmp);
1367 /* Disassemble an iwMMXt instruction. Returns nonzero if an error occurred
1368 (ie. an undefined instruction). */
1369 static int disas_iwmmxt_insn(CPUState *env, DisasContext *s, uint32_t insn)
1372 int rdhi, rdlo, rd0, rd1, i;
1374 TCGv tmp, tmp2, tmp3;
1376 if ((insn & 0x0e000e00) == 0x0c000000) {
1377 if ((insn & 0x0fe00ff0) == 0x0c400000) {
1379 rdlo = (insn >> 12) & 0xf;
1380 rdhi = (insn >> 16) & 0xf;
1381 if (insn & ARM_CP_RW_BIT) { /* TMRRC */
1382 iwmmxt_load_reg(cpu_V0, wrd);
1383 tcg_gen_trunc_i64_i32(cpu_R[rdlo], cpu_V0);
1384 tcg_gen_shri_i64(cpu_V0, cpu_V0, 32);
1385 tcg_gen_trunc_i64_i32(cpu_R[rdhi], cpu_V0);
1386 } else { /* TMCRR */
1387 tcg_gen_concat_i32_i64(cpu_V0, cpu_R[rdlo], cpu_R[rdhi]);
1388 iwmmxt_store_reg(cpu_V0, wrd);
1389 gen_op_iwmmxt_set_mup();
1394 wrd = (insn >> 12) & 0xf;
1395 addr = tcg_temp_new_i32();
1396 if (gen_iwmmxt_address(s, insn, addr)) {
1397 tcg_temp_free_i32(addr);
1400 if (insn & ARM_CP_RW_BIT) {
1401 if ((insn >> 28) == 0xf) { /* WLDRW wCx */
1402 tmp = tcg_temp_new_i32();
1403 tcg_gen_qemu_ld32u(tmp, addr, IS_USER(s));
1404 iwmmxt_store_creg(wrd, tmp);
1407 if (insn & (1 << 8)) {
1408 if (insn & (1 << 22)) { /* WLDRD */
1409 tcg_gen_qemu_ld64(cpu_M0, addr, IS_USER(s));
1411 } else { /* WLDRW wRd */
1412 tmp = gen_ld32(addr, IS_USER(s));
1415 if (insn & (1 << 22)) { /* WLDRH */
1416 tmp = gen_ld16u(addr, IS_USER(s));
1417 } else { /* WLDRB */
1418 tmp = gen_ld8u(addr, IS_USER(s));
1422 tcg_gen_extu_i32_i64(cpu_M0, tmp);
1423 tcg_temp_free_i32(tmp);
1425 gen_op_iwmmxt_movq_wRn_M0(wrd);
1428 if ((insn >> 28) == 0xf) { /* WSTRW wCx */
1429 tmp = iwmmxt_load_creg(wrd);
1430 gen_st32(tmp, addr, IS_USER(s));
1432 gen_op_iwmmxt_movq_M0_wRn(wrd);
1433 tmp = tcg_temp_new_i32();
1434 if (insn & (1 << 8)) {
1435 if (insn & (1 << 22)) { /* WSTRD */
1436 tcg_temp_free_i32(tmp);
1437 tcg_gen_qemu_st64(cpu_M0, addr, IS_USER(s));
1438 } else { /* WSTRW wRd */
1439 tcg_gen_trunc_i64_i32(tmp, cpu_M0);
1440 gen_st32(tmp, addr, IS_USER(s));
1443 if (insn & (1 << 22)) { /* WSTRH */
1444 tcg_gen_trunc_i64_i32(tmp, cpu_M0);
1445 gen_st16(tmp, addr, IS_USER(s));
1446 } else { /* WSTRB */
1447 tcg_gen_trunc_i64_i32(tmp, cpu_M0);
1448 gen_st8(tmp, addr, IS_USER(s));
1453 tcg_temp_free_i32(addr);
1457 if ((insn & 0x0f000000) != 0x0e000000)
1460 switch (((insn >> 12) & 0xf00) | ((insn >> 4) & 0xff)) {
1461 case 0x000: /* WOR */
1462 wrd = (insn >> 12) & 0xf;
1463 rd0 = (insn >> 0) & 0xf;
1464 rd1 = (insn >> 16) & 0xf;
1465 gen_op_iwmmxt_movq_M0_wRn(rd0);
1466 gen_op_iwmmxt_orq_M0_wRn(rd1);
1467 gen_op_iwmmxt_setpsr_nz();
1468 gen_op_iwmmxt_movq_wRn_M0(wrd);
1469 gen_op_iwmmxt_set_mup();
1470 gen_op_iwmmxt_set_cup();
1472 case 0x011: /* TMCR */
1475 rd = (insn >> 12) & 0xf;
1476 wrd = (insn >> 16) & 0xf;
1478 case ARM_IWMMXT_wCID:
1479 case ARM_IWMMXT_wCASF:
1481 case ARM_IWMMXT_wCon:
1482 gen_op_iwmmxt_set_cup();
1484 case ARM_IWMMXT_wCSSF:
1485 tmp = iwmmxt_load_creg(wrd);
1486 tmp2 = load_reg(s, rd);
1487 tcg_gen_andc_i32(tmp, tmp, tmp2);
1488 tcg_temp_free_i32(tmp2);
1489 iwmmxt_store_creg(wrd, tmp);
1491 case ARM_IWMMXT_wCGR0:
1492 case ARM_IWMMXT_wCGR1:
1493 case ARM_IWMMXT_wCGR2:
1494 case ARM_IWMMXT_wCGR3:
1495 gen_op_iwmmxt_set_cup();
1496 tmp = load_reg(s, rd);
1497 iwmmxt_store_creg(wrd, tmp);
1503 case 0x100: /* WXOR */
1504 wrd = (insn >> 12) & 0xf;
1505 rd0 = (insn >> 0) & 0xf;
1506 rd1 = (insn >> 16) & 0xf;
1507 gen_op_iwmmxt_movq_M0_wRn(rd0);
1508 gen_op_iwmmxt_xorq_M0_wRn(rd1);
1509 gen_op_iwmmxt_setpsr_nz();
1510 gen_op_iwmmxt_movq_wRn_M0(wrd);
1511 gen_op_iwmmxt_set_mup();
1512 gen_op_iwmmxt_set_cup();
1514 case 0x111: /* TMRC */
1517 rd = (insn >> 12) & 0xf;
1518 wrd = (insn >> 16) & 0xf;
1519 tmp = iwmmxt_load_creg(wrd);
1520 store_reg(s, rd, tmp);
1522 case 0x300: /* WANDN */
1523 wrd = (insn >> 12) & 0xf;
1524 rd0 = (insn >> 0) & 0xf;
1525 rd1 = (insn >> 16) & 0xf;
1526 gen_op_iwmmxt_movq_M0_wRn(rd0);
1527 tcg_gen_neg_i64(cpu_M0, cpu_M0);
1528 gen_op_iwmmxt_andq_M0_wRn(rd1);
1529 gen_op_iwmmxt_setpsr_nz();
1530 gen_op_iwmmxt_movq_wRn_M0(wrd);
1531 gen_op_iwmmxt_set_mup();
1532 gen_op_iwmmxt_set_cup();
1534 case 0x200: /* WAND */
1535 wrd = (insn >> 12) & 0xf;
1536 rd0 = (insn >> 0) & 0xf;
1537 rd1 = (insn >> 16) & 0xf;
1538 gen_op_iwmmxt_movq_M0_wRn(rd0);
1539 gen_op_iwmmxt_andq_M0_wRn(rd1);
1540 gen_op_iwmmxt_setpsr_nz();
1541 gen_op_iwmmxt_movq_wRn_M0(wrd);
1542 gen_op_iwmmxt_set_mup();
1543 gen_op_iwmmxt_set_cup();
1545 case 0x810: case 0xa10: /* WMADD */
1546 wrd = (insn >> 12) & 0xf;
1547 rd0 = (insn >> 0) & 0xf;
1548 rd1 = (insn >> 16) & 0xf;
1549 gen_op_iwmmxt_movq_M0_wRn(rd0);
1550 if (insn & (1 << 21))
1551 gen_op_iwmmxt_maddsq_M0_wRn(rd1);
1553 gen_op_iwmmxt_madduq_M0_wRn(rd1);
1554 gen_op_iwmmxt_movq_wRn_M0(wrd);
1555 gen_op_iwmmxt_set_mup();
1557 case 0x10e: case 0x50e: case 0x90e: case 0xd0e: /* WUNPCKIL */
1558 wrd = (insn >> 12) & 0xf;
1559 rd0 = (insn >> 16) & 0xf;
1560 rd1 = (insn >> 0) & 0xf;
1561 gen_op_iwmmxt_movq_M0_wRn(rd0);
1562 switch ((insn >> 22) & 3) {
1564 gen_op_iwmmxt_unpacklb_M0_wRn(rd1);
1567 gen_op_iwmmxt_unpacklw_M0_wRn(rd1);
1570 gen_op_iwmmxt_unpackll_M0_wRn(rd1);
1575 gen_op_iwmmxt_movq_wRn_M0(wrd);
1576 gen_op_iwmmxt_set_mup();
1577 gen_op_iwmmxt_set_cup();
1579 case 0x10c: case 0x50c: case 0x90c: case 0xd0c: /* WUNPCKIH */
1580 wrd = (insn >> 12) & 0xf;
1581 rd0 = (insn >> 16) & 0xf;
1582 rd1 = (insn >> 0) & 0xf;
1583 gen_op_iwmmxt_movq_M0_wRn(rd0);
1584 switch ((insn >> 22) & 3) {
1586 gen_op_iwmmxt_unpackhb_M0_wRn(rd1);
1589 gen_op_iwmmxt_unpackhw_M0_wRn(rd1);
1592 gen_op_iwmmxt_unpackhl_M0_wRn(rd1);
1597 gen_op_iwmmxt_movq_wRn_M0(wrd);
1598 gen_op_iwmmxt_set_mup();
1599 gen_op_iwmmxt_set_cup();
1601 case 0x012: case 0x112: case 0x412: case 0x512: /* WSAD */
1602 wrd = (insn >> 12) & 0xf;
1603 rd0 = (insn >> 16) & 0xf;
1604 rd1 = (insn >> 0) & 0xf;
1605 gen_op_iwmmxt_movq_M0_wRn(rd0);
1606 if (insn & (1 << 22))
1607 gen_op_iwmmxt_sadw_M0_wRn(rd1);
1609 gen_op_iwmmxt_sadb_M0_wRn(rd1);
1610 if (!(insn & (1 << 20)))
1611 gen_op_iwmmxt_addl_M0_wRn(wrd);
1612 gen_op_iwmmxt_movq_wRn_M0(wrd);
1613 gen_op_iwmmxt_set_mup();
1615 case 0x010: case 0x110: case 0x210: case 0x310: /* WMUL */
1616 wrd = (insn >> 12) & 0xf;
1617 rd0 = (insn >> 16) & 0xf;
1618 rd1 = (insn >> 0) & 0xf;
1619 gen_op_iwmmxt_movq_M0_wRn(rd0);
1620 if (insn & (1 << 21)) {
1621 if (insn & (1 << 20))
1622 gen_op_iwmmxt_mulshw_M0_wRn(rd1);
1624 gen_op_iwmmxt_mulslw_M0_wRn(rd1);
1626 if (insn & (1 << 20))
1627 gen_op_iwmmxt_muluhw_M0_wRn(rd1);
1629 gen_op_iwmmxt_mululw_M0_wRn(rd1);
1631 gen_op_iwmmxt_movq_wRn_M0(wrd);
1632 gen_op_iwmmxt_set_mup();
1634 case 0x410: case 0x510: case 0x610: case 0x710: /* WMAC */
1635 wrd = (insn >> 12) & 0xf;
1636 rd0 = (insn >> 16) & 0xf;
1637 rd1 = (insn >> 0) & 0xf;
1638 gen_op_iwmmxt_movq_M0_wRn(rd0);
1639 if (insn & (1 << 21))
1640 gen_op_iwmmxt_macsw_M0_wRn(rd1);
1642 gen_op_iwmmxt_macuw_M0_wRn(rd1);
1643 if (!(insn & (1 << 20))) {
1644 iwmmxt_load_reg(cpu_V1, wrd);
1645 tcg_gen_add_i64(cpu_M0, cpu_M0, cpu_V1);
1647 gen_op_iwmmxt_movq_wRn_M0(wrd);
1648 gen_op_iwmmxt_set_mup();
1650 case 0x006: case 0x406: case 0x806: case 0xc06: /* WCMPEQ */
1651 wrd = (insn >> 12) & 0xf;
1652 rd0 = (insn >> 16) & 0xf;
1653 rd1 = (insn >> 0) & 0xf;
1654 gen_op_iwmmxt_movq_M0_wRn(rd0);
1655 switch ((insn >> 22) & 3) {
1657 gen_op_iwmmxt_cmpeqb_M0_wRn(rd1);
1660 gen_op_iwmmxt_cmpeqw_M0_wRn(rd1);
1663 gen_op_iwmmxt_cmpeql_M0_wRn(rd1);
1668 gen_op_iwmmxt_movq_wRn_M0(wrd);
1669 gen_op_iwmmxt_set_mup();
1670 gen_op_iwmmxt_set_cup();
1672 case 0x800: case 0x900: case 0xc00: case 0xd00: /* WAVG2 */
1673 wrd = (insn >> 12) & 0xf;
1674 rd0 = (insn >> 16) & 0xf;
1675 rd1 = (insn >> 0) & 0xf;
1676 gen_op_iwmmxt_movq_M0_wRn(rd0);
1677 if (insn & (1 << 22)) {
1678 if (insn & (1 << 20))
1679 gen_op_iwmmxt_avgw1_M0_wRn(rd1);
1681 gen_op_iwmmxt_avgw0_M0_wRn(rd1);
1683 if (insn & (1 << 20))
1684 gen_op_iwmmxt_avgb1_M0_wRn(rd1);
1686 gen_op_iwmmxt_avgb0_M0_wRn(rd1);
1688 gen_op_iwmmxt_movq_wRn_M0(wrd);
1689 gen_op_iwmmxt_set_mup();
1690 gen_op_iwmmxt_set_cup();
1692 case 0x802: case 0x902: case 0xa02: case 0xb02: /* WALIGNR */
1693 wrd = (insn >> 12) & 0xf;
1694 rd0 = (insn >> 16) & 0xf;
1695 rd1 = (insn >> 0) & 0xf;
1696 gen_op_iwmmxt_movq_M0_wRn(rd0);
1697 tmp = iwmmxt_load_creg(ARM_IWMMXT_wCGR0 + ((insn >> 20) & 3));
1698 tcg_gen_andi_i32(tmp, tmp, 7);
1699 iwmmxt_load_reg(cpu_V1, rd1);
1700 gen_helper_iwmmxt_align(cpu_M0, cpu_M0, cpu_V1, tmp);
1701 tcg_temp_free_i32(tmp);
1702 gen_op_iwmmxt_movq_wRn_M0(wrd);
1703 gen_op_iwmmxt_set_mup();
1705 case 0x601: case 0x605: case 0x609: case 0x60d: /* TINSR */
1706 if (((insn >> 6) & 3) == 3)
1708 rd = (insn >> 12) & 0xf;
1709 wrd = (insn >> 16) & 0xf;
1710 tmp = load_reg(s, rd);
1711 gen_op_iwmmxt_movq_M0_wRn(wrd);
1712 switch ((insn >> 6) & 3) {
1714 tmp2 = tcg_const_i32(0xff);
1715 tmp3 = tcg_const_i32((insn & 7) << 3);
1718 tmp2 = tcg_const_i32(0xffff);
1719 tmp3 = tcg_const_i32((insn & 3) << 4);
1722 tmp2 = tcg_const_i32(0xffffffff);
1723 tmp3 = tcg_const_i32((insn & 1) << 5);
1729 gen_helper_iwmmxt_insr(cpu_M0, cpu_M0, tmp, tmp2, tmp3);
1730 tcg_temp_free(tmp3);
1731 tcg_temp_free(tmp2);
1732 tcg_temp_free_i32(tmp);
1733 gen_op_iwmmxt_movq_wRn_M0(wrd);
1734 gen_op_iwmmxt_set_mup();
1736 case 0x107: case 0x507: case 0x907: case 0xd07: /* TEXTRM */
1737 rd = (insn >> 12) & 0xf;
1738 wrd = (insn >> 16) & 0xf;
1739 if (rd == 15 || ((insn >> 22) & 3) == 3)
1741 gen_op_iwmmxt_movq_M0_wRn(wrd);
1742 tmp = tcg_temp_new_i32();
1743 switch ((insn >> 22) & 3) {
1745 tcg_gen_shri_i64(cpu_M0, cpu_M0, (insn & 7) << 3);
1746 tcg_gen_trunc_i64_i32(tmp, cpu_M0);
1748 tcg_gen_ext8s_i32(tmp, tmp);
1750 tcg_gen_andi_i32(tmp, tmp, 0xff);
1754 tcg_gen_shri_i64(cpu_M0, cpu_M0, (insn & 3) << 4);
1755 tcg_gen_trunc_i64_i32(tmp, cpu_M0);
1757 tcg_gen_ext16s_i32(tmp, tmp);
1759 tcg_gen_andi_i32(tmp, tmp, 0xffff);
1763 tcg_gen_shri_i64(cpu_M0, cpu_M0, (insn & 1) << 5);
1764 tcg_gen_trunc_i64_i32(tmp, cpu_M0);
1767 store_reg(s, rd, tmp);
1769 case 0x117: case 0x517: case 0x917: case 0xd17: /* TEXTRC */
1770 if ((insn & 0x000ff008) != 0x0003f000 || ((insn >> 22) & 3) == 3)
1772 tmp = iwmmxt_load_creg(ARM_IWMMXT_wCASF);
1773 switch ((insn >> 22) & 3) {
1775 tcg_gen_shri_i32(tmp, tmp, ((insn & 7) << 2) + 0);
1778 tcg_gen_shri_i32(tmp, tmp, ((insn & 3) << 3) + 4);
1781 tcg_gen_shri_i32(tmp, tmp, ((insn & 1) << 4) + 12);
1784 tcg_gen_shli_i32(tmp, tmp, 28);
1786 tcg_temp_free_i32(tmp);
1788 case 0x401: case 0x405: case 0x409: case 0x40d: /* TBCST */
1789 if (((insn >> 6) & 3) == 3)
1791 rd = (insn >> 12) & 0xf;
1792 wrd = (insn >> 16) & 0xf;
1793 tmp = load_reg(s, rd);
1794 switch ((insn >> 6) & 3) {
1796 gen_helper_iwmmxt_bcstb(cpu_M0, tmp);
1799 gen_helper_iwmmxt_bcstw(cpu_M0, tmp);
1802 gen_helper_iwmmxt_bcstl(cpu_M0, tmp);
1805 tcg_temp_free_i32(tmp);
1806 gen_op_iwmmxt_movq_wRn_M0(wrd);
1807 gen_op_iwmmxt_set_mup();
1809 case 0x113: case 0x513: case 0x913: case 0xd13: /* TANDC */
1810 if ((insn & 0x000ff00f) != 0x0003f000 || ((insn >> 22) & 3) == 3)
1812 tmp = iwmmxt_load_creg(ARM_IWMMXT_wCASF);
1813 tmp2 = tcg_temp_new_i32();
1814 tcg_gen_mov_i32(tmp2, tmp);
1815 switch ((insn >> 22) & 3) {
1817 for (i = 0; i < 7; i ++) {
1818 tcg_gen_shli_i32(tmp2, tmp2, 4);
1819 tcg_gen_and_i32(tmp, tmp, tmp2);
1823 for (i = 0; i < 3; i ++) {
1824 tcg_gen_shli_i32(tmp2, tmp2, 8);
1825 tcg_gen_and_i32(tmp, tmp, tmp2);
1829 tcg_gen_shli_i32(tmp2, tmp2, 16);
1830 tcg_gen_and_i32(tmp, tmp, tmp2);
1834 tcg_temp_free_i32(tmp2);
1835 tcg_temp_free_i32(tmp);
1837 case 0x01c: case 0x41c: case 0x81c: case 0xc1c: /* WACC */
1838 wrd = (insn >> 12) & 0xf;
1839 rd0 = (insn >> 16) & 0xf;
1840 gen_op_iwmmxt_movq_M0_wRn(rd0);
1841 switch ((insn >> 22) & 3) {
1843 gen_helper_iwmmxt_addcb(cpu_M0, cpu_M0);
1846 gen_helper_iwmmxt_addcw(cpu_M0, cpu_M0);
1849 gen_helper_iwmmxt_addcl(cpu_M0, cpu_M0);
1854 gen_op_iwmmxt_movq_wRn_M0(wrd);
1855 gen_op_iwmmxt_set_mup();
1857 case 0x115: case 0x515: case 0x915: case 0xd15: /* TORC */
1858 if ((insn & 0x000ff00f) != 0x0003f000 || ((insn >> 22) & 3) == 3)
1860 tmp = iwmmxt_load_creg(ARM_IWMMXT_wCASF);
1861 tmp2 = tcg_temp_new_i32();
1862 tcg_gen_mov_i32(tmp2, tmp);
1863 switch ((insn >> 22) & 3) {
1865 for (i = 0; i < 7; i ++) {
1866 tcg_gen_shli_i32(tmp2, tmp2, 4);
1867 tcg_gen_or_i32(tmp, tmp, tmp2);
1871 for (i = 0; i < 3; i ++) {
1872 tcg_gen_shli_i32(tmp2, tmp2, 8);
1873 tcg_gen_or_i32(tmp, tmp, tmp2);
1877 tcg_gen_shli_i32(tmp2, tmp2, 16);
1878 tcg_gen_or_i32(tmp, tmp, tmp2);
1882 tcg_temp_free_i32(tmp2);
1883 tcg_temp_free_i32(tmp);
1885 case 0x103: case 0x503: case 0x903: case 0xd03: /* TMOVMSK */
1886 rd = (insn >> 12) & 0xf;
1887 rd0 = (insn >> 16) & 0xf;
1888 if ((insn & 0xf) != 0 || ((insn >> 22) & 3) == 3)
1890 gen_op_iwmmxt_movq_M0_wRn(rd0);
1891 tmp = tcg_temp_new_i32();
1892 switch ((insn >> 22) & 3) {
1894 gen_helper_iwmmxt_msbb(tmp, cpu_M0);
1897 gen_helper_iwmmxt_msbw(tmp, cpu_M0);
1900 gen_helper_iwmmxt_msbl(tmp, cpu_M0);
1903 store_reg(s, rd, tmp);
1905 case 0x106: case 0x306: case 0x506: case 0x706: /* WCMPGT */
1906 case 0x906: case 0xb06: case 0xd06: case 0xf06:
1907 wrd = (insn >> 12) & 0xf;
1908 rd0 = (insn >> 16) & 0xf;
1909 rd1 = (insn >> 0) & 0xf;
1910 gen_op_iwmmxt_movq_M0_wRn(rd0);
1911 switch ((insn >> 22) & 3) {
1913 if (insn & (1 << 21))
1914 gen_op_iwmmxt_cmpgtsb_M0_wRn(rd1);
1916 gen_op_iwmmxt_cmpgtub_M0_wRn(rd1);
1919 if (insn & (1 << 21))
1920 gen_op_iwmmxt_cmpgtsw_M0_wRn(rd1);
1922 gen_op_iwmmxt_cmpgtuw_M0_wRn(rd1);
1925 if (insn & (1 << 21))
1926 gen_op_iwmmxt_cmpgtsl_M0_wRn(rd1);
1928 gen_op_iwmmxt_cmpgtul_M0_wRn(rd1);
1933 gen_op_iwmmxt_movq_wRn_M0(wrd);
1934 gen_op_iwmmxt_set_mup();
1935 gen_op_iwmmxt_set_cup();
1937 case 0x00e: case 0x20e: case 0x40e: case 0x60e: /* WUNPCKEL */
1938 case 0x80e: case 0xa0e: case 0xc0e: case 0xe0e:
1939 wrd = (insn >> 12) & 0xf;
1940 rd0 = (insn >> 16) & 0xf;
1941 gen_op_iwmmxt_movq_M0_wRn(rd0);
1942 switch ((insn >> 22) & 3) {
1944 if (insn & (1 << 21))
1945 gen_op_iwmmxt_unpacklsb_M0();
1947 gen_op_iwmmxt_unpacklub_M0();
1950 if (insn & (1 << 21))
1951 gen_op_iwmmxt_unpacklsw_M0();
1953 gen_op_iwmmxt_unpackluw_M0();
1956 if (insn & (1 << 21))
1957 gen_op_iwmmxt_unpacklsl_M0();
1959 gen_op_iwmmxt_unpacklul_M0();
1964 gen_op_iwmmxt_movq_wRn_M0(wrd);
1965 gen_op_iwmmxt_set_mup();
1966 gen_op_iwmmxt_set_cup();
1968 case 0x00c: case 0x20c: case 0x40c: case 0x60c: /* WUNPCKEH */
1969 case 0x80c: case 0xa0c: case 0xc0c: case 0xe0c:
1970 wrd = (insn >> 12) & 0xf;
1971 rd0 = (insn >> 16) & 0xf;
1972 gen_op_iwmmxt_movq_M0_wRn(rd0);
1973 switch ((insn >> 22) & 3) {
1975 if (insn & (1 << 21))
1976 gen_op_iwmmxt_unpackhsb_M0();
1978 gen_op_iwmmxt_unpackhub_M0();
1981 if (insn & (1 << 21))
1982 gen_op_iwmmxt_unpackhsw_M0();
1984 gen_op_iwmmxt_unpackhuw_M0();
1987 if (insn & (1 << 21))
1988 gen_op_iwmmxt_unpackhsl_M0();
1990 gen_op_iwmmxt_unpackhul_M0();
1995 gen_op_iwmmxt_movq_wRn_M0(wrd);
1996 gen_op_iwmmxt_set_mup();
1997 gen_op_iwmmxt_set_cup();
1999 case 0x204: case 0x604: case 0xa04: case 0xe04: /* WSRL */
2000 case 0x214: case 0x614: case 0xa14: case 0xe14:
2001 if (((insn >> 22) & 3) == 0)
2003 wrd = (insn >> 12) & 0xf;
2004 rd0 = (insn >> 16) & 0xf;
2005 gen_op_iwmmxt_movq_M0_wRn(rd0);
2006 tmp = tcg_temp_new_i32();
2007 if (gen_iwmmxt_shift(insn, 0xff, tmp)) {
2008 tcg_temp_free_i32(tmp);
2011 switch ((insn >> 22) & 3) {
2013 gen_helper_iwmmxt_srlw(cpu_M0, cpu_env, cpu_M0, tmp);
2016 gen_helper_iwmmxt_srll(cpu_M0, cpu_env, cpu_M0, tmp);
2019 gen_helper_iwmmxt_srlq(cpu_M0, cpu_env, cpu_M0, tmp);
2022 tcg_temp_free_i32(tmp);
2023 gen_op_iwmmxt_movq_wRn_M0(wrd);
2024 gen_op_iwmmxt_set_mup();
2025 gen_op_iwmmxt_set_cup();
2027 case 0x004: case 0x404: case 0x804: case 0xc04: /* WSRA */
2028 case 0x014: case 0x414: case 0x814: case 0xc14:
2029 if (((insn >> 22) & 3) == 0)
2031 wrd = (insn >> 12) & 0xf;
2032 rd0 = (insn >> 16) & 0xf;
2033 gen_op_iwmmxt_movq_M0_wRn(rd0);
2034 tmp = tcg_temp_new_i32();
2035 if (gen_iwmmxt_shift(insn, 0xff, tmp)) {
2036 tcg_temp_free_i32(tmp);
2039 switch ((insn >> 22) & 3) {
2041 gen_helper_iwmmxt_sraw(cpu_M0, cpu_env, cpu_M0, tmp);
2044 gen_helper_iwmmxt_sral(cpu_M0, cpu_env, cpu_M0, tmp);
2047 gen_helper_iwmmxt_sraq(cpu_M0, cpu_env, cpu_M0, tmp);
2050 tcg_temp_free_i32(tmp);
2051 gen_op_iwmmxt_movq_wRn_M0(wrd);
2052 gen_op_iwmmxt_set_mup();
2053 gen_op_iwmmxt_set_cup();
2055 case 0x104: case 0x504: case 0x904: case 0xd04: /* WSLL */
2056 case 0x114: case 0x514: case 0x914: case 0xd14:
2057 if (((insn >> 22) & 3) == 0)
2059 wrd = (insn >> 12) & 0xf;
2060 rd0 = (insn >> 16) & 0xf;
2061 gen_op_iwmmxt_movq_M0_wRn(rd0);
2062 tmp = tcg_temp_new_i32();
2063 if (gen_iwmmxt_shift(insn, 0xff, tmp)) {
2064 tcg_temp_free_i32(tmp);
2067 switch ((insn >> 22) & 3) {
2069 gen_helper_iwmmxt_sllw(cpu_M0, cpu_env, cpu_M0, tmp);
2072 gen_helper_iwmmxt_slll(cpu_M0, cpu_env, cpu_M0, tmp);
2075 gen_helper_iwmmxt_sllq(cpu_M0, cpu_env, cpu_M0, tmp);
2078 tcg_temp_free_i32(tmp);
2079 gen_op_iwmmxt_movq_wRn_M0(wrd);
2080 gen_op_iwmmxt_set_mup();
2081 gen_op_iwmmxt_set_cup();
2083 case 0x304: case 0x704: case 0xb04: case 0xf04: /* WROR */
2084 case 0x314: case 0x714: case 0xb14: case 0xf14:
2085 if (((insn >> 22) & 3) == 0)
2087 wrd = (insn >> 12) & 0xf;
2088 rd0 = (insn >> 16) & 0xf;
2089 gen_op_iwmmxt_movq_M0_wRn(rd0);
2090 tmp = tcg_temp_new_i32();
2091 switch ((insn >> 22) & 3) {
2093 if (gen_iwmmxt_shift(insn, 0xf, tmp)) {
2094 tcg_temp_free_i32(tmp);
2097 gen_helper_iwmmxt_rorw(cpu_M0, cpu_env, cpu_M0, tmp);
2100 if (gen_iwmmxt_shift(insn, 0x1f, tmp)) {
2101 tcg_temp_free_i32(tmp);
2104 gen_helper_iwmmxt_rorl(cpu_M0, cpu_env, cpu_M0, tmp);
2107 if (gen_iwmmxt_shift(insn, 0x3f, tmp)) {
2108 tcg_temp_free_i32(tmp);
2111 gen_helper_iwmmxt_rorq(cpu_M0, cpu_env, cpu_M0, tmp);
2114 tcg_temp_free_i32(tmp);
2115 gen_op_iwmmxt_movq_wRn_M0(wrd);
2116 gen_op_iwmmxt_set_mup();
2117 gen_op_iwmmxt_set_cup();
2119 case 0x116: case 0x316: case 0x516: case 0x716: /* WMIN */
2120 case 0x916: case 0xb16: case 0xd16: case 0xf16:
2121 wrd = (insn >> 12) & 0xf;
2122 rd0 = (insn >> 16) & 0xf;
2123 rd1 = (insn >> 0) & 0xf;
2124 gen_op_iwmmxt_movq_M0_wRn(rd0);
2125 switch ((insn >> 22) & 3) {
2127 if (insn & (1 << 21))
2128 gen_op_iwmmxt_minsb_M0_wRn(rd1);
2130 gen_op_iwmmxt_minub_M0_wRn(rd1);
2133 if (insn & (1 << 21))
2134 gen_op_iwmmxt_minsw_M0_wRn(rd1);
2136 gen_op_iwmmxt_minuw_M0_wRn(rd1);
2139 if (insn & (1 << 21))
2140 gen_op_iwmmxt_minsl_M0_wRn(rd1);
2142 gen_op_iwmmxt_minul_M0_wRn(rd1);
2147 gen_op_iwmmxt_movq_wRn_M0(wrd);
2148 gen_op_iwmmxt_set_mup();
2150 case 0x016: case 0x216: case 0x416: case 0x616: /* WMAX */
2151 case 0x816: case 0xa16: case 0xc16: case 0xe16:
2152 wrd = (insn >> 12) & 0xf;
2153 rd0 = (insn >> 16) & 0xf;
2154 rd1 = (insn >> 0) & 0xf;
2155 gen_op_iwmmxt_movq_M0_wRn(rd0);
2156 switch ((insn >> 22) & 3) {
2158 if (insn & (1 << 21))
2159 gen_op_iwmmxt_maxsb_M0_wRn(rd1);
2161 gen_op_iwmmxt_maxub_M0_wRn(rd1);
2164 if (insn & (1 << 21))
2165 gen_op_iwmmxt_maxsw_M0_wRn(rd1);
2167 gen_op_iwmmxt_maxuw_M0_wRn(rd1);
2170 if (insn & (1 << 21))
2171 gen_op_iwmmxt_maxsl_M0_wRn(rd1);
2173 gen_op_iwmmxt_maxul_M0_wRn(rd1);
2178 gen_op_iwmmxt_movq_wRn_M0(wrd);
2179 gen_op_iwmmxt_set_mup();
2181 case 0x002: case 0x102: case 0x202: case 0x302: /* WALIGNI */
2182 case 0x402: case 0x502: case 0x602: case 0x702:
2183 wrd = (insn >> 12) & 0xf;
2184 rd0 = (insn >> 16) & 0xf;
2185 rd1 = (insn >> 0) & 0xf;
2186 gen_op_iwmmxt_movq_M0_wRn(rd0);
2187 tmp = tcg_const_i32((insn >> 20) & 3);
2188 iwmmxt_load_reg(cpu_V1, rd1);
2189 gen_helper_iwmmxt_align(cpu_M0, cpu_M0, cpu_V1, tmp);
2191 gen_op_iwmmxt_movq_wRn_M0(wrd);
2192 gen_op_iwmmxt_set_mup();
2194 case 0x01a: case 0x11a: case 0x21a: case 0x31a: /* WSUB */
2195 case 0x41a: case 0x51a: case 0x61a: case 0x71a:
2196 case 0x81a: case 0x91a: case 0xa1a: case 0xb1a:
2197 case 0xc1a: case 0xd1a: case 0xe1a: case 0xf1a:
2198 wrd = (insn >> 12) & 0xf;
2199 rd0 = (insn >> 16) & 0xf;
2200 rd1 = (insn >> 0) & 0xf;
2201 gen_op_iwmmxt_movq_M0_wRn(rd0);
2202 switch ((insn >> 20) & 0xf) {
2204 gen_op_iwmmxt_subnb_M0_wRn(rd1);
2207 gen_op_iwmmxt_subub_M0_wRn(rd1);
2210 gen_op_iwmmxt_subsb_M0_wRn(rd1);
2213 gen_op_iwmmxt_subnw_M0_wRn(rd1);
2216 gen_op_iwmmxt_subuw_M0_wRn(rd1);
2219 gen_op_iwmmxt_subsw_M0_wRn(rd1);
2222 gen_op_iwmmxt_subnl_M0_wRn(rd1);
2225 gen_op_iwmmxt_subul_M0_wRn(rd1);
2228 gen_op_iwmmxt_subsl_M0_wRn(rd1);
2233 gen_op_iwmmxt_movq_wRn_M0(wrd);
2234 gen_op_iwmmxt_set_mup();
2235 gen_op_iwmmxt_set_cup();
2237 case 0x01e: case 0x11e: case 0x21e: case 0x31e: /* WSHUFH */
2238 case 0x41e: case 0x51e: case 0x61e: case 0x71e:
2239 case 0x81e: case 0x91e: case 0xa1e: case 0xb1e:
2240 case 0xc1e: case 0xd1e: case 0xe1e: case 0xf1e:
2241 wrd = (insn >> 12) & 0xf;
2242 rd0 = (insn >> 16) & 0xf;
2243 gen_op_iwmmxt_movq_M0_wRn(rd0);
2244 tmp = tcg_const_i32(((insn >> 16) & 0xf0) | (insn & 0x0f));
2245 gen_helper_iwmmxt_shufh(cpu_M0, cpu_env, cpu_M0, tmp);
2247 gen_op_iwmmxt_movq_wRn_M0(wrd);
2248 gen_op_iwmmxt_set_mup();
2249 gen_op_iwmmxt_set_cup();
2251 case 0x018: case 0x118: case 0x218: case 0x318: /* WADD */
2252 case 0x418: case 0x518: case 0x618: case 0x718:
2253 case 0x818: case 0x918: case 0xa18: case 0xb18:
2254 case 0xc18: case 0xd18: case 0xe18: case 0xf18:
2255 wrd = (insn >> 12) & 0xf;
2256 rd0 = (insn >> 16) & 0xf;
2257 rd1 = (insn >> 0) & 0xf;
2258 gen_op_iwmmxt_movq_M0_wRn(rd0);
2259 switch ((insn >> 20) & 0xf) {
2261 gen_op_iwmmxt_addnb_M0_wRn(rd1);
2264 gen_op_iwmmxt_addub_M0_wRn(rd1);
2267 gen_op_iwmmxt_addsb_M0_wRn(rd1);
2270 gen_op_iwmmxt_addnw_M0_wRn(rd1);
2273 gen_op_iwmmxt_adduw_M0_wRn(rd1);
2276 gen_op_iwmmxt_addsw_M0_wRn(rd1);
2279 gen_op_iwmmxt_addnl_M0_wRn(rd1);
2282 gen_op_iwmmxt_addul_M0_wRn(rd1);
2285 gen_op_iwmmxt_addsl_M0_wRn(rd1);
2290 gen_op_iwmmxt_movq_wRn_M0(wrd);
2291 gen_op_iwmmxt_set_mup();
2292 gen_op_iwmmxt_set_cup();
2294 case 0x008: case 0x108: case 0x208: case 0x308: /* WPACK */
2295 case 0x408: case 0x508: case 0x608: case 0x708:
2296 case 0x808: case 0x908: case 0xa08: case 0xb08:
2297 case 0xc08: case 0xd08: case 0xe08: case 0xf08:
2298 if (!(insn & (1 << 20)) || ((insn >> 22) & 3) == 0)
2300 wrd = (insn >> 12) & 0xf;
2301 rd0 = (insn >> 16) & 0xf;
2302 rd1 = (insn >> 0) & 0xf;
2303 gen_op_iwmmxt_movq_M0_wRn(rd0);
2304 switch ((insn >> 22) & 3) {
2306 if (insn & (1 << 21))
2307 gen_op_iwmmxt_packsw_M0_wRn(rd1);
2309 gen_op_iwmmxt_packuw_M0_wRn(rd1);
2312 if (insn & (1 << 21))
2313 gen_op_iwmmxt_packsl_M0_wRn(rd1);
2315 gen_op_iwmmxt_packul_M0_wRn(rd1);
2318 if (insn & (1 << 21))
2319 gen_op_iwmmxt_packsq_M0_wRn(rd1);
2321 gen_op_iwmmxt_packuq_M0_wRn(rd1);
2324 gen_op_iwmmxt_movq_wRn_M0(wrd);
2325 gen_op_iwmmxt_set_mup();
2326 gen_op_iwmmxt_set_cup();
2328 case 0x201: case 0x203: case 0x205: case 0x207:
2329 case 0x209: case 0x20b: case 0x20d: case 0x20f:
2330 case 0x211: case 0x213: case 0x215: case 0x217:
2331 case 0x219: case 0x21b: case 0x21d: case 0x21f:
2332 wrd = (insn >> 5) & 0xf;
2333 rd0 = (insn >> 12) & 0xf;
2334 rd1 = (insn >> 0) & 0xf;
2335 if (rd0 == 0xf || rd1 == 0xf)
2337 gen_op_iwmmxt_movq_M0_wRn(wrd);
2338 tmp = load_reg(s, rd0);
2339 tmp2 = load_reg(s, rd1);
2340 switch ((insn >> 16) & 0xf) {
2341 case 0x0: /* TMIA */
2342 gen_helper_iwmmxt_muladdsl(cpu_M0, cpu_M0, tmp, tmp2);
2344 case 0x8: /* TMIAPH */
2345 gen_helper_iwmmxt_muladdsw(cpu_M0, cpu_M0, tmp, tmp2);
2347 case 0xc: case 0xd: case 0xe: case 0xf: /* TMIAxy */
2348 if (insn & (1 << 16))
2349 tcg_gen_shri_i32(tmp, tmp, 16);
2350 if (insn & (1 << 17))
2351 tcg_gen_shri_i32(tmp2, tmp2, 16);
2352 gen_helper_iwmmxt_muladdswl(cpu_M0, cpu_M0, tmp, tmp2);
2355 tcg_temp_free_i32(tmp2);
2356 tcg_temp_free_i32(tmp);
2359 tcg_temp_free_i32(tmp2);
2360 tcg_temp_free_i32(tmp);
2361 gen_op_iwmmxt_movq_wRn_M0(wrd);
2362 gen_op_iwmmxt_set_mup();
2371 /* Disassemble an XScale DSP instruction. Returns nonzero if an error occurred
2372 (ie. an undefined instruction). */
2373 static int disas_dsp_insn(CPUState *env, DisasContext *s, uint32_t insn)
2375 int acc, rd0, rd1, rdhi, rdlo;
2378 if ((insn & 0x0ff00f10) == 0x0e200010) {
2379 /* Multiply with Internal Accumulate Format */
2380 rd0 = (insn >> 12) & 0xf;
2382 acc = (insn >> 5) & 7;
2387 tmp = load_reg(s, rd0);
2388 tmp2 = load_reg(s, rd1);
2389 switch ((insn >> 16) & 0xf) {
2391 gen_helper_iwmmxt_muladdsl(cpu_M0, cpu_M0, tmp, tmp2);
2393 case 0x8: /* MIAPH */
2394 gen_helper_iwmmxt_muladdsw(cpu_M0, cpu_M0, tmp, tmp2);
2396 case 0xc: /* MIABB */
2397 case 0xd: /* MIABT */
2398 case 0xe: /* MIATB */
2399 case 0xf: /* MIATT */
2400 if (insn & (1 << 16))
2401 tcg_gen_shri_i32(tmp, tmp, 16);
2402 if (insn & (1 << 17))
2403 tcg_gen_shri_i32(tmp2, tmp2, 16);
2404 gen_helper_iwmmxt_muladdswl(cpu_M0, cpu_M0, tmp, tmp2);
2409 tcg_temp_free_i32(tmp2);
2410 tcg_temp_free_i32(tmp);
2412 gen_op_iwmmxt_movq_wRn_M0(acc);
2416 if ((insn & 0x0fe00ff8) == 0x0c400000) {
2417 /* Internal Accumulator Access Format */
2418 rdhi = (insn >> 16) & 0xf;
2419 rdlo = (insn >> 12) & 0xf;
2425 if (insn & ARM_CP_RW_BIT) { /* MRA */
2426 iwmmxt_load_reg(cpu_V0, acc);
2427 tcg_gen_trunc_i64_i32(cpu_R[rdlo], cpu_V0);
2428 tcg_gen_shri_i64(cpu_V0, cpu_V0, 32);
2429 tcg_gen_trunc_i64_i32(cpu_R[rdhi], cpu_V0);
2430 tcg_gen_andi_i32(cpu_R[rdhi], cpu_R[rdhi], (1 << (40 - 32)) - 1);
2432 tcg_gen_concat_i32_i64(cpu_V0, cpu_R[rdlo], cpu_R[rdhi]);
2433 iwmmxt_store_reg(cpu_V0, acc);
2441 /* Disassemble system coprocessor instruction. Return nonzero if
2442 instruction is not defined. */
2443 static int disas_cp_insn(CPUState *env, DisasContext *s, uint32_t insn)
2446 uint32_t rd = (insn >> 12) & 0xf;
2447 uint32_t cp = (insn >> 8) & 0xf;
2452 if (insn & ARM_CP_RW_BIT) {
2453 if (!env->cp[cp].cp_read)
2455 gen_set_pc_im(s->pc);
2456 tmp = tcg_temp_new_i32();
2457 tmp2 = tcg_const_i32(insn);
2458 gen_helper_get_cp(tmp, cpu_env, tmp2);
2459 tcg_temp_free(tmp2);
2460 store_reg(s, rd, tmp);
2462 if (!env->cp[cp].cp_write)
2464 gen_set_pc_im(s->pc);
2465 tmp = load_reg(s, rd);
2466 tmp2 = tcg_const_i32(insn);
2467 gen_helper_set_cp(cpu_env, tmp2, tmp);
2468 tcg_temp_free(tmp2);
2469 tcg_temp_free_i32(tmp);
2474 static int cp15_user_ok(CPUState *env, uint32_t insn)
2476 int cpn = (insn >> 16) & 0xf;
2477 int cpm = insn & 0xf;
2478 int op = ((insn >> 5) & 7) | ((insn >> 18) & 0x38);
2480 if (arm_feature(env, ARM_FEATURE_V7) && cpn == 9) {
2481 /* Performance monitor registers fall into three categories:
2482 * (a) always UNDEF in usermode
2483 * (b) UNDEF only if PMUSERENR.EN is 0
2484 * (c) always read OK and UNDEF on write (PMUSERENR only)
2486 if ((cpm == 12 && (op < 6)) ||
2487 (cpm == 13 && (op < 3))) {
2488 return env->cp15.c9_pmuserenr;
2489 } else if (cpm == 14 && op == 0 && (insn & ARM_CP_RW_BIT)) {
2490 /* PMUSERENR, read only */
2496 if (cpn == 13 && cpm == 0) {
2498 if (op == 2 || (op == 3 && (insn & ARM_CP_RW_BIT)))
2504 static int cp15_tls_load_store(CPUState *env, DisasContext *s, uint32_t insn, uint32_t rd)
2507 int cpn = (insn >> 16) & 0xf;
2508 int cpm = insn & 0xf;
2509 int op = ((insn >> 5) & 7) | ((insn >> 18) & 0x38);
2511 if (!arm_feature(env, ARM_FEATURE_V6K))
2514 if (!(cpn == 13 && cpm == 0))
2517 if (insn & ARM_CP_RW_BIT) {
2520 tmp = load_cpu_field(cp15.c13_tls1);
2523 tmp = load_cpu_field(cp15.c13_tls2);
2526 tmp = load_cpu_field(cp15.c13_tls3);
2531 store_reg(s, rd, tmp);
2534 tmp = load_reg(s, rd);
2537 store_cpu_field(tmp, cp15.c13_tls1);
2540 store_cpu_field(tmp, cp15.c13_tls2);
2543 store_cpu_field(tmp, cp15.c13_tls3);
2546 tcg_temp_free_i32(tmp);
2553 /* Disassemble system coprocessor (cp15) instruction. Return nonzero if
2554 instruction is not defined. */
2555 static int disas_cp15_insn(CPUState *env, DisasContext *s, uint32_t insn)
2560 /* M profile cores use memory mapped registers instead of cp15. */
2561 if (arm_feature(env, ARM_FEATURE_M))
2564 if ((insn & (1 << 25)) == 0) {
2565 if (insn & (1 << 20)) {
2569 /* mcrr. Used for block cache operations, so implement as no-op. */
2572 if ((insn & (1 << 4)) == 0) {
2576 /* We special case a number of cp15 instructions which were used
2577 * for things which are real instructions in ARMv7. This allows
2578 * them to work in linux-user mode which doesn't provide functional
2579 * get_cp15/set_cp15 helpers, and is more efficient anyway.
2581 switch ((insn & 0x0fff0fff)) {
2583 /* 0,c7,c0,4: Standard v6 WFI (also used in some pre-v6 cores).
2584 * In v7, this must NOP.
2589 if (!arm_feature(env, ARM_FEATURE_V7)) {
2590 /* Wait for interrupt. */
2591 gen_set_pc_im(s->pc);
2592 s->is_jmp = DISAS_WFI;
2596 /* 0,c7,c8,2: Not all pre-v6 cores implemented this WFI,
2597 * so this is slightly over-broad.
2599 if (!IS_USER(s) && !arm_feature(env, ARM_FEATURE_V6)) {
2600 /* Wait for interrupt. */
2601 gen_set_pc_im(s->pc);
2602 s->is_jmp = DISAS_WFI;
2605 /* Otherwise continue to handle via helper function.
2606 * In particular, on v7 and some v6 cores this is one of
2607 * the VA-PA registers.
2611 /* 0,c7,c13,1: prefetch-by-MVA in v6, NOP in v7 */
2612 if (arm_feature(env, ARM_FEATURE_V6)) {
2613 return IS_USER(s) ? 1 : 0;
2616 case 0x0e070f95: /* 0,c7,c5,4 : ISB */
2617 case 0x0e070f9a: /* 0,c7,c10,4: DSB */
2618 case 0x0e070fba: /* 0,c7,c10,5: DMB */
2619 /* Barriers in both v6 and v7 */
2620 if (arm_feature(env, ARM_FEATURE_V6)) {
2628 if (IS_USER(s) && !cp15_user_ok(env, insn)) {
2632 rd = (insn >> 12) & 0xf;
2634 if (cp15_tls_load_store(env, s, insn, rd))
2637 tmp2 = tcg_const_i32(insn);
2638 if (insn & ARM_CP_RW_BIT) {
2639 tmp = tcg_temp_new_i32();
2640 gen_helper_get_cp15(tmp, cpu_env, tmp2);
2641 /* If the destination register is r15 then sets condition codes. */
2643 store_reg(s, rd, tmp);
2645 tcg_temp_free_i32(tmp);
2647 tmp = load_reg(s, rd);
2648 gen_helper_set_cp15(cpu_env, tmp2, tmp);
2649 tcg_temp_free_i32(tmp);
2650 /* Normally we would always end the TB here, but Linux
2651 * arch/arm/mach-pxa/sleep.S expects two instructions following
2652 * an MMU enable to execute from cache. Imitate this behaviour. */
2653 if (!arm_feature(env, ARM_FEATURE_XSCALE) ||
2654 (insn & 0x0fff0fff) != 0x0e010f10)
2657 tcg_temp_free_i32(tmp2);
2661 #define VFP_REG_SHR(x, n) (((n) > 0) ? (x) >> (n) : (x) << -(n))
2662 #define VFP_SREG(insn, bigbit, smallbit) \
2663 ((VFP_REG_SHR(insn, bigbit - 1) & 0x1e) | (((insn) >> (smallbit)) & 1))
2664 #define VFP_DREG(reg, insn, bigbit, smallbit) do { \
2665 if (arm_feature(env, ARM_FEATURE_VFP3)) { \
2666 reg = (((insn) >> (bigbit)) & 0x0f) \
2667 | (((insn) >> ((smallbit) - 4)) & 0x10); \
2669 if (insn & (1 << (smallbit))) \
2671 reg = ((insn) >> (bigbit)) & 0x0f; \
2674 #define VFP_SREG_D(insn) VFP_SREG(insn, 12, 22)
2675 #define VFP_DREG_D(reg, insn) VFP_DREG(reg, insn, 12, 22)
2676 #define VFP_SREG_N(insn) VFP_SREG(insn, 16, 7)
2677 #define VFP_DREG_N(reg, insn) VFP_DREG(reg, insn, 16, 7)
2678 #define VFP_SREG_M(insn) VFP_SREG(insn, 0, 5)
2679 #define VFP_DREG_M(reg, insn) VFP_DREG(reg, insn, 0, 5)
2681 /* Move between integer and VFP cores. */
2682 static TCGv gen_vfp_mrs(void)
2684 TCGv tmp = tcg_temp_new_i32();
2685 tcg_gen_mov_i32(tmp, cpu_F0s);
2689 static void gen_vfp_msr(TCGv tmp)
2691 tcg_gen_mov_i32(cpu_F0s, tmp);
2692 tcg_temp_free_i32(tmp);
2695 static void gen_neon_dup_u8(TCGv var, int shift)
2697 TCGv tmp = tcg_temp_new_i32();
2699 tcg_gen_shri_i32(var, var, shift);
2700 tcg_gen_ext8u_i32(var, var);
2701 tcg_gen_shli_i32(tmp, var, 8);
2702 tcg_gen_or_i32(var, var, tmp);
2703 tcg_gen_shli_i32(tmp, var, 16);
2704 tcg_gen_or_i32(var, var, tmp);
2705 tcg_temp_free_i32(tmp);
2708 static void gen_neon_dup_low16(TCGv var)
2710 TCGv tmp = tcg_temp_new_i32();
2711 tcg_gen_ext16u_i32(var, var);
2712 tcg_gen_shli_i32(tmp, var, 16);
2713 tcg_gen_or_i32(var, var, tmp);
2714 tcg_temp_free_i32(tmp);
2717 static void gen_neon_dup_high16(TCGv var)
2719 TCGv tmp = tcg_temp_new_i32();
2720 tcg_gen_andi_i32(var, var, 0xffff0000);
2721 tcg_gen_shri_i32(tmp, var, 16);
2722 tcg_gen_or_i32(var, var, tmp);
2723 tcg_temp_free_i32(tmp);
2726 static TCGv gen_load_and_replicate(DisasContext *s, TCGv addr, int size)
2728 /* Load a single Neon element and replicate into a 32 bit TCG reg */
2732 tmp = gen_ld8u(addr, IS_USER(s));
2733 gen_neon_dup_u8(tmp, 0);
2736 tmp = gen_ld16u(addr, IS_USER(s));
2737 gen_neon_dup_low16(tmp);
2740 tmp = gen_ld32(addr, IS_USER(s));
2742 default: /* Avoid compiler warnings. */
2748 /* Disassemble a VFP instruction. Returns nonzero if an error occurred
2749 (ie. an undefined instruction). */
2750 static int disas_vfp_insn(CPUState * env, DisasContext *s, uint32_t insn)
2752 uint32_t rd, rn, rm, op, i, n, offset, delta_d, delta_m, bank_mask;
2758 if (!arm_feature(env, ARM_FEATURE_VFP))
2761 if (!s->vfp_enabled) {
2762 /* VFP disabled. Only allow fmxr/fmrx to/from some control regs. */
2763 if ((insn & 0x0fe00fff) != 0x0ee00a10)
2765 rn = (insn >> 16) & 0xf;
2766 if (rn != ARM_VFP_FPSID && rn != ARM_VFP_FPEXC
2767 && rn != ARM_VFP_MVFR1 && rn != ARM_VFP_MVFR0)
2770 dp = ((insn & 0xf00) == 0xb00);
2771 switch ((insn >> 24) & 0xf) {
2773 if (insn & (1 << 4)) {
2774 /* single register transfer */
2775 rd = (insn >> 12) & 0xf;
2780 VFP_DREG_N(rn, insn);
2783 if (insn & 0x00c00060
2784 && !arm_feature(env, ARM_FEATURE_NEON))
2787 pass = (insn >> 21) & 1;
2788 if (insn & (1 << 22)) {
2790 offset = ((insn >> 5) & 3) * 8;
2791 } else if (insn & (1 << 5)) {
2793 offset = (insn & (1 << 6)) ? 16 : 0;
2798 if (insn & ARM_CP_RW_BIT) {
2800 tmp = neon_load_reg(rn, pass);
2804 tcg_gen_shri_i32(tmp, tmp, offset);
2805 if (insn & (1 << 23))
2811 if (insn & (1 << 23)) {
2813 tcg_gen_shri_i32(tmp, tmp, 16);
2819 tcg_gen_sari_i32(tmp, tmp, 16);
2828 store_reg(s, rd, tmp);
2831 tmp = load_reg(s, rd);
2832 if (insn & (1 << 23)) {
2835 gen_neon_dup_u8(tmp, 0);
2836 } else if (size == 1) {
2837 gen_neon_dup_low16(tmp);
2839 for (n = 0; n <= pass * 2; n++) {
2840 tmp2 = tcg_temp_new_i32();
2841 tcg_gen_mov_i32(tmp2, tmp);
2842 neon_store_reg(rn, n, tmp2);
2844 neon_store_reg(rn, n, tmp);
2849 tmp2 = neon_load_reg(rn, pass);
2850 gen_bfi(tmp, tmp2, tmp, offset, 0xff);
2851 tcg_temp_free_i32(tmp2);
2854 tmp2 = neon_load_reg(rn, pass);
2855 gen_bfi(tmp, tmp2, tmp, offset, 0xffff);
2856 tcg_temp_free_i32(tmp2);
2861 neon_store_reg(rn, pass, tmp);
2865 if ((insn & 0x6f) != 0x00)
2867 rn = VFP_SREG_N(insn);
2868 if (insn & ARM_CP_RW_BIT) {
2870 if (insn & (1 << 21)) {
2871 /* system register */
2876 /* VFP2 allows access to FSID from userspace.
2877 VFP3 restricts all id registers to privileged
2880 && arm_feature(env, ARM_FEATURE_VFP3))
2882 tmp = load_cpu_field(vfp.xregs[rn]);
2887 tmp = load_cpu_field(vfp.xregs[rn]);
2889 case ARM_VFP_FPINST:
2890 case ARM_VFP_FPINST2:
2891 /* Not present in VFP3. */
2893 || arm_feature(env, ARM_FEATURE_VFP3))
2895 tmp = load_cpu_field(vfp.xregs[rn]);
2899 tmp = load_cpu_field(vfp.xregs[ARM_VFP_FPSCR]);
2900 tcg_gen_andi_i32(tmp, tmp, 0xf0000000);
2902 tmp = tcg_temp_new_i32();
2903 gen_helper_vfp_get_fpscr(tmp, cpu_env);
2909 || !arm_feature(env, ARM_FEATURE_VFP3))
2911 tmp = load_cpu_field(vfp.xregs[rn]);
2917 gen_mov_F0_vreg(0, rn);
2918 tmp = gen_vfp_mrs();
2921 /* Set the 4 flag bits in the CPSR. */
2923 tcg_temp_free_i32(tmp);
2925 store_reg(s, rd, tmp);
2929 tmp = load_reg(s, rd);
2930 if (insn & (1 << 21)) {
2932 /* system register */
2937 /* Writes are ignored. */
2940 gen_helper_vfp_set_fpscr(cpu_env, tmp);
2941 tcg_temp_free_i32(tmp);
2947 /* TODO: VFP subarchitecture support.
2948 * For now, keep the EN bit only */
2949 tcg_gen_andi_i32(tmp, tmp, 1 << 30);
2950 store_cpu_field(tmp, vfp.xregs[rn]);
2953 case ARM_VFP_FPINST:
2954 case ARM_VFP_FPINST2:
2955 store_cpu_field(tmp, vfp.xregs[rn]);
2962 gen_mov_vreg_F0(0, rn);
2967 /* data processing */
2968 /* The opcode is in bits 23, 21, 20 and 6. */
2969 op = ((insn >> 20) & 8) | ((insn >> 19) & 6) | ((insn >> 6) & 1);
2973 rn = ((insn >> 15) & 0x1e) | ((insn >> 7) & 1);
2975 /* rn is register number */
2976 VFP_DREG_N(rn, insn);
2979 if (op == 15 && (rn == 15 || ((rn & 0x1c) == 0x18))) {
2980 /* Integer or single precision destination. */
2981 rd = VFP_SREG_D(insn);
2983 VFP_DREG_D(rd, insn);
2986 (((rn & 0x1c) == 0x10) || ((rn & 0x14) == 0x14))) {
2987 /* VCVT from int is always from S reg regardless of dp bit.
2988 * VCVT with immediate frac_bits has same format as SREG_M
2990 rm = VFP_SREG_M(insn);
2992 VFP_DREG_M(rm, insn);
2995 rn = VFP_SREG_N(insn);
2996 if (op == 15 && rn == 15) {
2997 /* Double precision destination. */
2998 VFP_DREG_D(rd, insn);
3000 rd = VFP_SREG_D(insn);
3002 /* NB that we implicitly rely on the encoding for the frac_bits
3003 * in VCVT of fixed to float being the same as that of an SREG_M
3005 rm = VFP_SREG_M(insn);
3008 veclen = s->vec_len;
3009 if (op == 15 && rn > 3)
3012 /* Shut up compiler warnings. */
3023 /* Figure out what type of vector operation this is. */
3024 if ((rd & bank_mask) == 0) {
3029 delta_d = (s->vec_stride >> 1) + 1;
3031 delta_d = s->vec_stride + 1;
3033 if ((rm & bank_mask) == 0) {
3034 /* mixed scalar/vector */
3043 /* Load the initial operands. */
3048 /* Integer source */
3049 gen_mov_F0_vreg(0, rm);
3054 gen_mov_F0_vreg(dp, rd);
3055 gen_mov_F1_vreg(dp, rm);
3059 /* Compare with zero */
3060 gen_mov_F0_vreg(dp, rd);
3071 /* Source and destination the same. */
3072 gen_mov_F0_vreg(dp, rd);
3075 /* One source operand. */
3076 gen_mov_F0_vreg(dp, rm);
3080 /* Two source operands. */
3081 gen_mov_F0_vreg(dp, rn);
3082 gen_mov_F1_vreg(dp, rm);
3086 /* Perform the calculation. */
3088 case 0: /* VMLA: fd + (fn * fm) */
3089 /* Note that order of inputs to the add matters for NaNs */
3091 gen_mov_F0_vreg(dp, rd);
3094 case 1: /* VMLS: fd + -(fn * fm) */
3097 gen_mov_F0_vreg(dp, rd);
3100 case 2: /* VNMLS: -fd + (fn * fm) */
3101 /* Note that it isn't valid to replace (-A + B) with (B - A)
3102 * or similar plausible looking simplifications
3103 * because this will give wrong results for NaNs.
3106 gen_mov_F0_vreg(dp, rd);
3110 case 3: /* VNMLA: -fd + -(fn * fm) */
3113 gen_mov_F0_vreg(dp, rd);
3117 case 4: /* mul: fn * fm */
3120 case 5: /* nmul: -(fn * fm) */
3124 case 6: /* add: fn + fm */
3127 case 7: /* sub: fn - fm */
3130 case 8: /* div: fn / fm */
3133 case 14: /* fconst */
3134 if (!arm_feature(env, ARM_FEATURE_VFP3))
3137 n = (insn << 12) & 0x80000000;
3138 i = ((insn >> 12) & 0x70) | (insn & 0xf);
3145 tcg_gen_movi_i64(cpu_F0d, ((uint64_t)n) << 32);
3152 tcg_gen_movi_i32(cpu_F0s, n);
3155 case 15: /* extension space */
3169 case 4: /* vcvtb.f32.f16 */
3170 if (!arm_feature(env, ARM_FEATURE_VFP_FP16))
3172 tmp = gen_vfp_mrs();
3173 tcg_gen_ext16u_i32(tmp, tmp);
3174 gen_helper_vfp_fcvt_f16_to_f32(cpu_F0s, tmp, cpu_env);
3175 tcg_temp_free_i32(tmp);
3177 case 5: /* vcvtt.f32.f16 */
3178 if (!arm_feature(env, ARM_FEATURE_VFP_FP16))
3180 tmp = gen_vfp_mrs();
3181 tcg_gen_shri_i32(tmp, tmp, 16);
3182 gen_helper_vfp_fcvt_f16_to_f32(cpu_F0s, tmp, cpu_env);
3183 tcg_temp_free_i32(tmp);
3185 case 6: /* vcvtb.f16.f32 */
3186 if (!arm_feature(env, ARM_FEATURE_VFP_FP16))
3188 tmp = tcg_temp_new_i32();
3189 gen_helper_vfp_fcvt_f32_to_f16(tmp, cpu_F0s, cpu_env);
3190 gen_mov_F0_vreg(0, rd);
3191 tmp2 = gen_vfp_mrs();
3192 tcg_gen_andi_i32(tmp2, tmp2, 0xffff0000);
3193 tcg_gen_or_i32(tmp, tmp, tmp2);
3194 tcg_temp_free_i32(tmp2);
3197 case 7: /* vcvtt.f16.f32 */
3198 if (!arm_feature(env, ARM_FEATURE_VFP_FP16))
3200 tmp = tcg_temp_new_i32();
3201 gen_helper_vfp_fcvt_f32_to_f16(tmp, cpu_F0s, cpu_env);
3202 tcg_gen_shli_i32(tmp, tmp, 16);
3203 gen_mov_F0_vreg(0, rd);
3204 tmp2 = gen_vfp_mrs();
3205 tcg_gen_ext16u_i32(tmp2, tmp2);
3206 tcg_gen_or_i32(tmp, tmp, tmp2);
3207 tcg_temp_free_i32(tmp2);
3219 case 11: /* cmpez */
3223 case 15: /* single<->double conversion */
3225 gen_helper_vfp_fcvtsd(cpu_F0s, cpu_F0d, cpu_env);
3227 gen_helper_vfp_fcvtds(cpu_F0d, cpu_F0s, cpu_env);
3229 case 16: /* fuito */
3230 gen_vfp_uito(dp, 0);
3232 case 17: /* fsito */
3233 gen_vfp_sito(dp, 0);
3235 case 20: /* fshto */
3236 if (!arm_feature(env, ARM_FEATURE_VFP3))
3238 gen_vfp_shto(dp, 16 - rm, 0);
3240 case 21: /* fslto */
3241 if (!arm_feature(env, ARM_FEATURE_VFP3))
3243 gen_vfp_slto(dp, 32 - rm, 0);
3245 case 22: /* fuhto */
3246 if (!arm_feature(env, ARM_FEATURE_VFP3))
3248 gen_vfp_uhto(dp, 16 - rm, 0);
3250 case 23: /* fulto */
3251 if (!arm_feature(env, ARM_FEATURE_VFP3))
3253 gen_vfp_ulto(dp, 32 - rm, 0);
3255 case 24: /* ftoui */
3256 gen_vfp_toui(dp, 0);
3258 case 25: /* ftouiz */
3259 gen_vfp_touiz(dp, 0);
3261 case 26: /* ftosi */
3262 gen_vfp_tosi(dp, 0);
3264 case 27: /* ftosiz */
3265 gen_vfp_tosiz(dp, 0);
3267 case 28: /* ftosh */
3268 if (!arm_feature(env, ARM_FEATURE_VFP3))
3270 gen_vfp_tosh(dp, 16 - rm, 0);
3272 case 29: /* ftosl */
3273 if (!arm_feature(env, ARM_FEATURE_VFP3))
3275 gen_vfp_tosl(dp, 32 - rm, 0);
3277 case 30: /* ftouh */
3278 if (!arm_feature(env, ARM_FEATURE_VFP3))
3280 gen_vfp_touh(dp, 16 - rm, 0);
3282 case 31: /* ftoul */
3283 if (!arm_feature(env, ARM_FEATURE_VFP3))
3285 gen_vfp_toul(dp, 32 - rm, 0);
3287 default: /* undefined */
3288 printf ("rn:%d\n", rn);
3292 default: /* undefined */
3293 printf ("op:%d\n", op);
3297 /* Write back the result. */
3298 if (op == 15 && (rn >= 8 && rn <= 11))
3299 ; /* Comparison, do nothing. */
3300 else if (op == 15 && dp && ((rn & 0x1c) == 0x18))
3301 /* VCVT double to int: always integer result. */
3302 gen_mov_vreg_F0(0, rd);
3303 else if (op == 15 && rn == 15)
3305 gen_mov_vreg_F0(!dp, rd);
3307 gen_mov_vreg_F0(dp, rd);
3309 /* break out of the loop if we have finished */
3313 if (op == 15 && delta_m == 0) {
3314 /* single source one-many */
3316 rd = ((rd + delta_d) & (bank_mask - 1))
3318 gen_mov_vreg_F0(dp, rd);
3322 /* Setup the next operands. */
3324 rd = ((rd + delta_d) & (bank_mask - 1))
3328 /* One source operand. */
3329 rm = ((rm + delta_m) & (bank_mask - 1))
3331 gen_mov_F0_vreg(dp, rm);
3333 /* Two source operands. */
3334 rn = ((rn + delta_d) & (bank_mask - 1))
3336 gen_mov_F0_vreg(dp, rn);
3338 rm = ((rm + delta_m) & (bank_mask - 1))
3340 gen_mov_F1_vreg(dp, rm);
3348 if ((insn & 0x03e00000) == 0x00400000) {
3349 /* two-register transfer */
3350 rn = (insn >> 16) & 0xf;
3351 rd = (insn >> 12) & 0xf;
3353 VFP_DREG_M(rm, insn);
3355 rm = VFP_SREG_M(insn);
3358 if (insn & ARM_CP_RW_BIT) {
3361 gen_mov_F0_vreg(0, rm * 2);
3362 tmp = gen_vfp_mrs();
3363 store_reg(s, rd, tmp);
3364 gen_mov_F0_vreg(0, rm * 2 + 1);
3365 tmp = gen_vfp_mrs();
3366 store_reg(s, rn, tmp);
3368 gen_mov_F0_vreg(0, rm);
3369 tmp = gen_vfp_mrs();
3370 store_reg(s, rd, tmp);
3371 gen_mov_F0_vreg(0, rm + 1);
3372 tmp = gen_vfp_mrs();
3373 store_reg(s, rn, tmp);
3378 tmp = load_reg(s, rd);
3380 gen_mov_vreg_F0(0, rm * 2);
3381 tmp = load_reg(s, rn);
3383 gen_mov_vreg_F0(0, rm * 2 + 1);
3385 tmp = load_reg(s, rd);
3387 gen_mov_vreg_F0(0, rm);
3388 tmp = load_reg(s, rn);
3390 gen_mov_vreg_F0(0, rm + 1);
3395 rn = (insn >> 16) & 0xf;
3397 VFP_DREG_D(rd, insn);
3399 rd = VFP_SREG_D(insn);
3400 if ((insn & 0x01200000) == 0x01000000) {
3401 /* Single load/store */
3402 offset = (insn & 0xff) << 2;
3403 if ((insn & (1 << 23)) == 0)
3405 if (s->thumb && rn == 15) {
3406 /* This is actually UNPREDICTABLE */
3407 addr = tcg_temp_new_i32();
3408 tcg_gen_movi_i32(addr, s->pc & ~2);
3410 addr = load_reg(s, rn);
3412 tcg_gen_addi_i32(addr, addr, offset);
3413 if (insn & (1 << 20)) {
3414 gen_vfp_ld(s, dp, addr);
3415 gen_mov_vreg_F0(dp, rd);
3417 gen_mov_F0_vreg(dp, rd);
3418 gen_vfp_st(s, dp, addr);
3420 tcg_temp_free_i32(addr);
3422 /* load/store multiple */
3423 int w = insn & (1 << 21);
3425 n = (insn >> 1) & 0x7f;
3429 if (w && !(((insn >> 23) ^ (insn >> 24)) & 1)) {
3430 /* P == U , W == 1 => UNDEF */
3433 if (n == 0 || (rd + n) > 32 || (dp && n > 16)) {
3434 /* UNPREDICTABLE cases for bad immediates: we choose to
3435 * UNDEF to avoid generating huge numbers of TCG ops
3439 if (rn == 15 && w) {
3440 /* writeback to PC is UNPREDICTABLE, we choose to UNDEF */
3444 if (s->thumb && rn == 15) {
3445 /* This is actually UNPREDICTABLE */
3446 addr = tcg_temp_new_i32();
3447 tcg_gen_movi_i32(addr, s->pc & ~2);
3449 addr = load_reg(s, rn);
3451 if (insn & (1 << 24)) /* pre-decrement */
3452 tcg_gen_addi_i32(addr, addr, -((insn & 0xff) << 2));
3458 for (i = 0; i < n; i++) {
3459 if (insn & ARM_CP_RW_BIT) {
3461 gen_vfp_ld(s, dp, addr);
3462 gen_mov_vreg_F0(dp, rd + i);
3465 gen_mov_F0_vreg(dp, rd + i);
3466 gen_vfp_st(s, dp, addr);
3468 tcg_gen_addi_i32(addr, addr, offset);
3472 if (insn & (1 << 24))
3473 offset = -offset * n;
3474 else if (dp && (insn & 1))
3480 tcg_gen_addi_i32(addr, addr, offset);
3481 store_reg(s, rn, addr);
3483 tcg_temp_free_i32(addr);
3489 /* Should never happen. */
3495 static inline void gen_goto_tb(DisasContext *s, int n, uint32_t dest)
3497 TranslationBlock *tb;
3500 if ((tb->pc & TARGET_PAGE_MASK) == (dest & TARGET_PAGE_MASK)) {
3502 gen_set_pc_im(dest);
3503 tcg_gen_exit_tb((tcg_target_long)tb + n);
3505 gen_set_pc_im(dest);
3510 static inline void gen_jmp (DisasContext *s, uint32_t dest)
3512 if (unlikely(s->singlestep_enabled)) {
3513 /* An indirect jump so that we still trigger the debug exception. */
3518 gen_goto_tb(s, 0, dest);
3519 s->is_jmp = DISAS_TB_JUMP;
3523 static inline void gen_mulxy(TCGv t0, TCGv t1, int x, int y)
3526 tcg_gen_sari_i32(t0, t0, 16);
3530 tcg_gen_sari_i32(t1, t1, 16);
3533 tcg_gen_mul_i32(t0, t0, t1);
3536 /* Return the mask of PSR bits set by a MSR instruction. */
3537 static uint32_t msr_mask(CPUState *env, DisasContext *s, int flags, int spsr) {
3541 if (flags & (1 << 0))
3543 if (flags & (1 << 1))
3545 if (flags & (1 << 2))
3547 if (flags & (1 << 3))
3550 /* Mask out undefined bits. */
3551 mask &= ~CPSR_RESERVED;
3552 if (!arm_feature(env, ARM_FEATURE_V4T))
3554 if (!arm_feature(env, ARM_FEATURE_V5))
3555 mask &= ~CPSR_Q; /* V5TE in reality*/
3556 if (!arm_feature(env, ARM_FEATURE_V6))
3557 mask &= ~(CPSR_E | CPSR_GE);
3558 if (!arm_feature(env, ARM_FEATURE_THUMB2))
3560 /* Mask out execution state bits. */
3563 /* Mask out privileged bits. */
3569 /* Returns nonzero if access to the PSR is not permitted. Marks t0 as dead. */
3570 static int gen_set_psr(DisasContext *s, uint32_t mask, int spsr, TCGv t0)
3574 /* ??? This is also undefined in system mode. */
3578 tmp = load_cpu_field(spsr);
3579 tcg_gen_andi_i32(tmp, tmp, ~mask);
3580 tcg_gen_andi_i32(t0, t0, mask);
3581 tcg_gen_or_i32(tmp, tmp, t0);
3582 store_cpu_field(tmp, spsr);
3584 gen_set_cpsr(t0, mask);
3586 tcg_temp_free_i32(t0);
3591 /* Returns nonzero if access to the PSR is not permitted. */
3592 static int gen_set_psr_im(DisasContext *s, uint32_t mask, int spsr, uint32_t val)
3595 tmp = tcg_temp_new_i32();
3596 tcg_gen_movi_i32(tmp, val);
3597 return gen_set_psr(s, mask, spsr, tmp);
3600 /* Generate an old-style exception return. Marks pc as dead. */
3601 static void gen_exception_return(DisasContext *s, TCGv pc)
3604 store_reg(s, 15, pc);
3605 tmp = load_cpu_field(spsr);
3606 gen_set_cpsr(tmp, 0xffffffff);
3607 tcg_temp_free_i32(tmp);
3608 s->is_jmp = DISAS_UPDATE;
3611 /* Generate a v6 exception return. Marks both values as dead. */
3612 static void gen_rfe(DisasContext *s, TCGv pc, TCGv cpsr)
3614 gen_set_cpsr(cpsr, 0xffffffff);
3615 tcg_temp_free_i32(cpsr);
3616 store_reg(s, 15, pc);
3617 s->is_jmp = DISAS_UPDATE;
3621 gen_set_condexec (DisasContext *s)
3623 if (s->condexec_mask) {
3624 uint32_t val = (s->condexec_cond << 4) | (s->condexec_mask >> 1);
3625 TCGv tmp = tcg_temp_new_i32();
3626 tcg_gen_movi_i32(tmp, val);
3627 store_cpu_field(tmp, condexec_bits);
3631 static void gen_exception_insn(DisasContext *s, int offset, int excp)
3633 gen_set_condexec(s);
3634 gen_set_pc_im(s->pc - offset);
3635 gen_exception(excp);
3636 s->is_jmp = DISAS_JUMP;
3639 static void gen_nop_hint(DisasContext *s, int val)
3643 gen_set_pc_im(s->pc);
3644 s->is_jmp = DISAS_WFI;
3648 /* TODO: Implement SEV and WFE. May help SMP performance. */
3654 #define CPU_V001 cpu_V0, cpu_V0, cpu_V1
3656 static inline void gen_neon_add(int size, TCGv t0, TCGv t1)
3659 case 0: gen_helper_neon_add_u8(t0, t0, t1); break;
3660 case 1: gen_helper_neon_add_u16(t0, t0, t1); break;
3661 case 2: tcg_gen_add_i32(t0, t0, t1); break;
3666 static inline void gen_neon_rsb(int size, TCGv t0, TCGv t1)
3669 case 0: gen_helper_neon_sub_u8(t0, t1, t0); break;
3670 case 1: gen_helper_neon_sub_u16(t0, t1, t0); break;
3671 case 2: tcg_gen_sub_i32(t0, t1, t0); break;
3676 /* 32-bit pairwise ops end up the same as the elementwise versions. */
3677 #define gen_helper_neon_pmax_s32 gen_helper_neon_max_s32
3678 #define gen_helper_neon_pmax_u32 gen_helper_neon_max_u32
3679 #define gen_helper_neon_pmin_s32 gen_helper_neon_min_s32
3680 #define gen_helper_neon_pmin_u32 gen_helper_neon_min_u32
3682 #define GEN_NEON_INTEGER_OP_ENV(name) do { \
3683 switch ((size << 1) | u) { \
3685 gen_helper_neon_##name##_s8(tmp, cpu_env, tmp, tmp2); \
3688 gen_helper_neon_##name##_u8(tmp, cpu_env, tmp, tmp2); \
3691 gen_helper_neon_##name##_s16(tmp, cpu_env, tmp, tmp2); \
3694 gen_helper_neon_##name##_u16(tmp, cpu_env, tmp, tmp2); \
3697 gen_helper_neon_##name##_s32(tmp, cpu_env, tmp, tmp2); \
3700 gen_helper_neon_##name##_u32(tmp, cpu_env, tmp, tmp2); \
3702 default: return 1; \
3705 #define GEN_NEON_INTEGER_OP(name) do { \
3706 switch ((size << 1) | u) { \
3708 gen_helper_neon_##name##_s8(tmp, tmp, tmp2); \
3711 gen_helper_neon_##name##_u8(tmp, tmp, tmp2); \
3714 gen_helper_neon_##name##_s16(tmp, tmp, tmp2); \
3717 gen_helper_neon_##name##_u16(tmp, tmp, tmp2); \
3720 gen_helper_neon_##name##_s32(tmp, tmp, tmp2); \
3723 gen_helper_neon_##name##_u32(tmp, tmp, tmp2); \
3725 default: return 1; \
3728 static TCGv neon_load_scratch(int scratch)
3730 TCGv tmp = tcg_temp_new_i32();
3731 tcg_gen_ld_i32(tmp, cpu_env, offsetof(CPUARMState, vfp.scratch[scratch]));
3735 static void neon_store_scratch(int scratch, TCGv var)
3737 tcg_gen_st_i32(var, cpu_env, offsetof(CPUARMState, vfp.scratch[scratch]));
3738 tcg_temp_free_i32(var);
3741 static inline TCGv neon_get_scalar(int size, int reg)
3745 tmp = neon_load_reg(reg & 7, reg >> 4);
3747 gen_neon_dup_high16(tmp);
3749 gen_neon_dup_low16(tmp);
3752 tmp = neon_load_reg(reg & 15, reg >> 4);
3757 static int gen_neon_unzip(int rd, int rm, int size, int q)
3760 if (!q && size == 2) {
3763 tmp = tcg_const_i32(rd);
3764 tmp2 = tcg_const_i32(rm);
3768 gen_helper_neon_qunzip8(cpu_env, tmp, tmp2);
3771 gen_helper_neon_qunzip16(cpu_env, tmp, tmp2);
3774 gen_helper_neon_qunzip32(cpu_env, tmp, tmp2);
3782 gen_helper_neon_unzip8(cpu_env, tmp, tmp2);
3785 gen_helper_neon_unzip16(cpu_env, tmp, tmp2);
3791 tcg_temp_free_i32(tmp);
3792 tcg_temp_free_i32(tmp2);
3796 static int gen_neon_zip(int rd, int rm, int size, int q)
3799 if (!q && size == 2) {
3802 tmp = tcg_const_i32(rd);
3803 tmp2 = tcg_const_i32(rm);
3807 gen_helper_neon_qzip8(cpu_env, tmp, tmp2);
3810 gen_helper_neon_qzip16(cpu_env, tmp, tmp2);
3813 gen_helper_neon_qzip32(cpu_env, tmp, tmp2);
3821 gen_helper_neon_zip8(cpu_env, tmp, tmp2);
3824 gen_helper_neon_zip16(cpu_env, tmp, tmp2);
3830 tcg_temp_free_i32(tmp);
3831 tcg_temp_free_i32(tmp2);
3835 static void gen_neon_trn_u8(TCGv t0, TCGv t1)
3839 rd = tcg_temp_new_i32();
3840 tmp = tcg_temp_new_i32();
3842 tcg_gen_shli_i32(rd, t0, 8);
3843 tcg_gen_andi_i32(rd, rd, 0xff00ff00);
3844 tcg_gen_andi_i32(tmp, t1, 0x00ff00ff);
3845 tcg_gen_or_i32(rd, rd, tmp);
3847 tcg_gen_shri_i32(t1, t1, 8);
3848 tcg_gen_andi_i32(t1, t1, 0x00ff00ff);
3849 tcg_gen_andi_i32(tmp, t0, 0xff00ff00);
3850 tcg_gen_or_i32(t1, t1, tmp);
3851 tcg_gen_mov_i32(t0, rd);
3853 tcg_temp_free_i32(tmp);
3854 tcg_temp_free_i32(rd);
3857 static void gen_neon_trn_u16(TCGv t0, TCGv t1)
3861 rd = tcg_temp_new_i32();
3862 tmp = tcg_temp_new_i32();
3864 tcg_gen_shli_i32(rd, t0, 16);
3865 tcg_gen_andi_i32(tmp, t1, 0xffff);
3866 tcg_gen_or_i32(rd, rd, tmp);
3867 tcg_gen_shri_i32(t1, t1, 16);
3868 tcg_gen_andi_i32(tmp, t0, 0xffff0000);
3869 tcg_gen_or_i32(t1, t1, tmp);
3870 tcg_gen_mov_i32(t0, rd);
3872 tcg_temp_free_i32(tmp);
3873 tcg_temp_free_i32(rd);
3881 } neon_ls_element_type[11] = {
3895 /* Translate a NEON load/store element instruction. Return nonzero if the
3896 instruction is invalid. */
3897 static int disas_neon_ls_insn(CPUState * env, DisasContext *s, uint32_t insn)
3916 if (!s->vfp_enabled)
3918 VFP_DREG_D(rd, insn);
3919 rn = (insn >> 16) & 0xf;
3921 load = (insn & (1 << 21)) != 0;
3922 if ((insn & (1 << 23)) == 0) {
3923 /* Load store all elements. */
3924 op = (insn >> 8) & 0xf;
3925 size = (insn >> 6) & 3;
3928 /* Catch UNDEF cases for bad values of align field */
3931 if (((insn >> 5) & 1) == 1) {
3936 if (((insn >> 4) & 3) == 3) {
3943 nregs = neon_ls_element_type[op].nregs;
3944 interleave = neon_ls_element_type[op].interleave;
3945 spacing = neon_ls_element_type[op].spacing;
3946 if (size == 3 && (interleave | spacing) != 1)
3948 addr = tcg_temp_new_i32();
3949 load_reg_var(s, addr, rn);
3950 stride = (1 << size) * interleave;
3951 for (reg = 0; reg < nregs; reg++) {
3952 if (interleave > 2 || (interleave == 2 && nregs == 2)) {
3953 load_reg_var(s, addr, rn);
3954 tcg_gen_addi_i32(addr, addr, (1 << size) * reg);
3955 } else if (interleave == 2 && nregs == 4 && reg == 2) {
3956 load_reg_var(s, addr, rn);
3957 tcg_gen_addi_i32(addr, addr, 1 << size);
3961 tmp64 = gen_ld64(addr, IS_USER(s));
3962 neon_store_reg64(tmp64, rd);
3963 tcg_temp_free_i64(tmp64);
3965 tmp64 = tcg_temp_new_i64();
3966 neon_load_reg64(tmp64, rd);
3967 gen_st64(tmp64, addr, IS_USER(s));
3969 tcg_gen_addi_i32(addr, addr, stride);
3971 for (pass = 0; pass < 2; pass++) {
3974 tmp = gen_ld32(addr, IS_USER(s));
3975 neon_store_reg(rd, pass, tmp);
3977 tmp = neon_load_reg(rd, pass);
3978 gen_st32(tmp, addr, IS_USER(s));
3980 tcg_gen_addi_i32(addr, addr, stride);
3981 } else if (size == 1) {
3983 tmp = gen_ld16u(addr, IS_USER(s));
3984 tcg_gen_addi_i32(addr, addr, stride);
3985 tmp2 = gen_ld16u(addr, IS_USER(s));
3986 tcg_gen_addi_i32(addr, addr, stride);
3987 tcg_gen_shli_i32(tmp2, tmp2, 16);
3988 tcg_gen_or_i32(tmp, tmp, tmp2);
3989 tcg_temp_free_i32(tmp2);
3990 neon_store_reg(rd, pass, tmp);
3992 tmp = neon_load_reg(rd, pass);
3993 tmp2 = tcg_temp_new_i32();
3994 tcg_gen_shri_i32(tmp2, tmp, 16);
3995 gen_st16(tmp, addr, IS_USER(s));
3996 tcg_gen_addi_i32(addr, addr, stride);
3997 gen_st16(tmp2, addr, IS_USER(s));
3998 tcg_gen_addi_i32(addr, addr, stride);
4000 } else /* size == 0 */ {
4003 for (n = 0; n < 4; n++) {
4004 tmp = gen_ld8u(addr, IS_USER(s));
4005 tcg_gen_addi_i32(addr, addr, stride);
4009 tcg_gen_shli_i32(tmp, tmp, n * 8);
4010 tcg_gen_or_i32(tmp2, tmp2, tmp);
4011 tcg_temp_free_i32(tmp);
4014 neon_store_reg(rd, pass, tmp2);
4016 tmp2 = neon_load_reg(rd, pass);
4017 for (n = 0; n < 4; n++) {
4018 tmp = tcg_temp_new_i32();
4020 tcg_gen_mov_i32(tmp, tmp2);
4022 tcg_gen_shri_i32(tmp, tmp2, n * 8);
4024 gen_st8(tmp, addr, IS_USER(s));
4025 tcg_gen_addi_i32(addr, addr, stride);
4027 tcg_temp_free_i32(tmp2);
4034 tcg_temp_free_i32(addr);
4037 size = (insn >> 10) & 3;
4039 /* Load single element to all lanes. */
4040 int a = (insn >> 4) & 1;
4044 size = (insn >> 6) & 3;
4045 nregs = ((insn >> 8) & 3) + 1;
4048 if (nregs != 4 || a == 0) {
4051 /* For VLD4 size==3 a == 1 means 32 bits at 16 byte alignment */
4054 if (nregs == 1 && a == 1 && size == 0) {
4057 if (nregs == 3 && a == 1) {
4060 addr = tcg_temp_new_i32();
4061 load_reg_var(s, addr, rn);
4063 /* VLD1 to all lanes: bit 5 indicates how many Dregs to write */
4064 tmp = gen_load_and_replicate(s, addr, size);
4065 tcg_gen_st_i32(tmp, cpu_env, neon_reg_offset(rd, 0));
4066 tcg_gen_st_i32(tmp, cpu_env, neon_reg_offset(rd, 1));
4067 if (insn & (1 << 5)) {
4068 tcg_gen_st_i32(tmp, cpu_env, neon_reg_offset(rd + 1, 0));
4069 tcg_gen_st_i32(tmp, cpu_env, neon_reg_offset(rd + 1, 1));
4071 tcg_temp_free_i32(tmp);
4073 /* VLD2/3/4 to all lanes: bit 5 indicates register stride */
4074 stride = (insn & (1 << 5)) ? 2 : 1;
4075 for (reg = 0; reg < nregs; reg++) {
4076 tmp = gen_load_and_replicate(s, addr, size);
4077 tcg_gen_st_i32(tmp, cpu_env, neon_reg_offset(rd, 0));
4078 tcg_gen_st_i32(tmp, cpu_env, neon_reg_offset(rd, 1));
4079 tcg_temp_free_i32(tmp);
4080 tcg_gen_addi_i32(addr, addr, 1 << size);
4084 tcg_temp_free_i32(addr);
4085 stride = (1 << size) * nregs;
4087 /* Single element. */
4088 int idx = (insn >> 4) & 0xf;
4089 pass = (insn >> 7) & 1;
4092 shift = ((insn >> 5) & 3) * 8;
4096 shift = ((insn >> 6) & 1) * 16;
4097 stride = (insn & (1 << 5)) ? 2 : 1;
4101 stride = (insn & (1 << 6)) ? 2 : 1;
4106 nregs = ((insn >> 8) & 3) + 1;
4107 /* Catch the UNDEF cases. This is unavoidably a bit messy. */
4110 if (((idx & (1 << size)) != 0) ||
4111 (size == 2 && ((idx & 3) == 1 || (idx & 3) == 2))) {
4116 if ((idx & 1) != 0) {
4121 if (size == 2 && (idx & 2) != 0) {
4126 if ((size == 2) && ((idx & 3) == 3)) {
4133 if ((rd + stride * (nregs - 1)) > 31) {
4134 /* Attempts to write off the end of the register file
4135 * are UNPREDICTABLE; we choose to UNDEF because otherwise
4136 * the neon_load_reg() would write off the end of the array.
4140 addr = tcg_temp_new_i32();
4141 load_reg_var(s, addr, rn);
4142 for (reg = 0; reg < nregs; reg++) {
4146 tmp = gen_ld8u(addr, IS_USER(s));
4149 tmp = gen_ld16u(addr, IS_USER(s));
4152 tmp = gen_ld32(addr, IS_USER(s));
4154 default: /* Avoid compiler warnings. */
4158 tmp2 = neon_load_reg(rd, pass);
4159 gen_bfi(tmp, tmp2, tmp, shift, size ? 0xffff : 0xff);
4160 tcg_temp_free_i32(tmp2);
4162 neon_store_reg(rd, pass, tmp);
4163 } else { /* Store */
4164 tmp = neon_load_reg(rd, pass);
4166 tcg_gen_shri_i32(tmp, tmp, shift);
4169 gen_st8(tmp, addr, IS_USER(s));
4172 gen_st16(tmp, addr, IS_USER(s));
4175 gen_st32(tmp, addr, IS_USER(s));
4180 tcg_gen_addi_i32(addr, addr, 1 << size);
4182 tcg_temp_free_i32(addr);
4183 stride = nregs * (1 << size);
4189 base = load_reg(s, rn);
4191 tcg_gen_addi_i32(base, base, stride);
4194 index = load_reg(s, rm);
4195 tcg_gen_add_i32(base, base, index);
4196 tcg_temp_free_i32(index);
4198 store_reg(s, rn, base);
4203 /* Bitwise select. dest = c ? t : f. Clobbers T and F. */
4204 static void gen_neon_bsl(TCGv dest, TCGv t, TCGv f, TCGv c)
4206 tcg_gen_and_i32(t, t, c);
4207 tcg_gen_andc_i32(f, f, c);
4208 tcg_gen_or_i32(dest, t, f);
4211 static inline void gen_neon_narrow(int size, TCGv dest, TCGv_i64 src)
4214 case 0: gen_helper_neon_narrow_u8(dest, src); break;
4215 case 1: gen_helper_neon_narrow_u16(dest, src); break;
4216 case 2: tcg_gen_trunc_i64_i32(dest, src); break;
4221 static inline void gen_neon_narrow_sats(int size, TCGv dest, TCGv_i64 src)
4224 case 0: gen_helper_neon_narrow_sat_s8(dest, cpu_env, src); break;
4225 case 1: gen_helper_neon_narrow_sat_s16(dest, cpu_env, src); break;
4226 case 2: gen_helper_neon_narrow_sat_s32(dest, cpu_env, src); break;
4231 static inline void gen_neon_narrow_satu(int size, TCGv dest, TCGv_i64 src)
4234 case 0: gen_helper_neon_narrow_sat_u8(dest, cpu_env, src); break;
4235 case 1: gen_helper_neon_narrow_sat_u16(dest, cpu_env, src); break;
4236 case 2: gen_helper_neon_narrow_sat_u32(dest, cpu_env, src); break;
4241 static inline void gen_neon_unarrow_sats(int size, TCGv dest, TCGv_i64 src)
4244 case 0: gen_helper_neon_unarrow_sat8(dest, cpu_env, src); break;
4245 case 1: gen_helper_neon_unarrow_sat16(dest, cpu_env, src); break;
4246 case 2: gen_helper_neon_unarrow_sat32(dest, cpu_env, src); break;
4251 static inline void gen_neon_shift_narrow(int size, TCGv var, TCGv shift,
4257 case 1: gen_helper_neon_rshl_u16(var, var, shift); break;
4258 case 2: gen_helper_neon_rshl_u32(var, var, shift); break;
4263 case 1: gen_helper_neon_rshl_s16(var, var, shift); break;
4264 case 2: gen_helper_neon_rshl_s32(var, var, shift); break;
4271 case 1: gen_helper_neon_shl_u16(var, var, shift); break;
4272 case 2: gen_helper_neon_shl_u32(var, var, shift); break;
4277 case 1: gen_helper_neon_shl_s16(var, var, shift); break;
4278 case 2: gen_helper_neon_shl_s32(var, var, shift); break;
4285 static inline void gen_neon_widen(TCGv_i64 dest, TCGv src, int size, int u)
4289 case 0: gen_helper_neon_widen_u8(dest, src); break;
4290 case 1: gen_helper_neon_widen_u16(dest, src); break;
4291 case 2: tcg_gen_extu_i32_i64(dest, src); break;
4296 case 0: gen_helper_neon_widen_s8(dest, src); break;
4297 case 1: gen_helper_neon_widen_s16(dest, src); break;
4298 case 2: tcg_gen_ext_i32_i64(dest, src); break;
4302 tcg_temp_free_i32(src);
4305 static inline void gen_neon_addl(int size)
4308 case 0: gen_helper_neon_addl_u16(CPU_V001); break;
4309 case 1: gen_helper_neon_addl_u32(CPU_V001); break;
4310 case 2: tcg_gen_add_i64(CPU_V001); break;
4315 static inline void gen_neon_subl(int size)
4318 case 0: gen_helper_neon_subl_u16(CPU_V001); break;
4319 case 1: gen_helper_neon_subl_u32(CPU_V001); break;
4320 case 2: tcg_gen_sub_i64(CPU_V001); break;
4325 static inline void gen_neon_negl(TCGv_i64 var, int size)
4328 case 0: gen_helper_neon_negl_u16(var, var); break;
4329 case 1: gen_helper_neon_negl_u32(var, var); break;
4330 case 2: gen_helper_neon_negl_u64(var, var); break;
4335 static inline void gen_neon_addl_saturate(TCGv_i64 op0, TCGv_i64 op1, int size)
4338 case 1: gen_helper_neon_addl_saturate_s32(op0, cpu_env, op0, op1); break;
4339 case 2: gen_helper_neon_addl_saturate_s64(op0, cpu_env, op0, op1); break;
4344 static inline void gen_neon_mull(TCGv_i64 dest, TCGv a, TCGv b, int size, int u)
4348 switch ((size << 1) | u) {
4349 case 0: gen_helper_neon_mull_s8(dest, a, b); break;
4350 case 1: gen_helper_neon_mull_u8(dest, a, b); break;
4351 case 2: gen_helper_neon_mull_s16(dest, a, b); break;
4352 case 3: gen_helper_neon_mull_u16(dest, a, b); break;
4354 tmp = gen_muls_i64_i32(a, b);
4355 tcg_gen_mov_i64(dest, tmp);
4356 tcg_temp_free_i64(tmp);
4359 tmp = gen_mulu_i64_i32(a, b);
4360 tcg_gen_mov_i64(dest, tmp);
4361 tcg_temp_free_i64(tmp);
4366 /* gen_helper_neon_mull_[su]{8|16} do not free their parameters.
4367 Don't forget to clean them now. */
4369 tcg_temp_free_i32(a);
4370 tcg_temp_free_i32(b);
4374 static void gen_neon_narrow_op(int op, int u, int size, TCGv dest, TCGv_i64 src)
4378 gen_neon_unarrow_sats(size, dest, src);
4380 gen_neon_narrow(size, dest, src);
4384 gen_neon_narrow_satu(size, dest, src);
4386 gen_neon_narrow_sats(size, dest, src);
4391 /* Symbolic constants for op fields for Neon 3-register same-length.
4392 * The values correspond to bits [11:8,4]; see the ARM ARM DDI0406B
4395 #define NEON_3R_VHADD 0
4396 #define NEON_3R_VQADD 1
4397 #define NEON_3R_VRHADD 2
4398 #define NEON_3R_LOGIC 3 /* VAND,VBIC,VORR,VMOV,VORN,VEOR,VBIF,VBIT,VBSL */
4399 #define NEON_3R_VHSUB 4
4400 #define NEON_3R_VQSUB 5
4401 #define NEON_3R_VCGT 6
4402 #define NEON_3R_VCGE 7
4403 #define NEON_3R_VSHL 8
4404 #define NEON_3R_VQSHL 9
4405 #define NEON_3R_VRSHL 10
4406 #define NEON_3R_VQRSHL 11
4407 #define NEON_3R_VMAX 12
4408 #define NEON_3R_VMIN 13
4409 #define NEON_3R_VABD 14
4410 #define NEON_3R_VABA 15
4411 #define NEON_3R_VADD_VSUB 16
4412 #define NEON_3R_VTST_VCEQ 17
4413 #define NEON_3R_VML 18 /* VMLA, VMLAL, VMLS, VMLSL */
4414 #define NEON_3R_VMUL 19
4415 #define NEON_3R_VPMAX 20
4416 #define NEON_3R_VPMIN 21
4417 #define NEON_3R_VQDMULH_VQRDMULH 22
4418 #define NEON_3R_VPADD 23
4419 #define NEON_3R_FLOAT_ARITH 26 /* float VADD, VSUB, VPADD, VABD */
4420 #define NEON_3R_FLOAT_MULTIPLY 27 /* float VMLA, VMLS, VMUL */
4421 #define NEON_3R_FLOAT_CMP 28 /* float VCEQ, VCGE, VCGT */
4422 #define NEON_3R_FLOAT_ACMP 29 /* float VACGE, VACGT, VACLE, VACLT */
4423 #define NEON_3R_FLOAT_MINMAX 30 /* float VMIN, VMAX */
4424 #define NEON_3R_VRECPS_VRSQRTS 31 /* float VRECPS, VRSQRTS */
4426 static const uint8_t neon_3r_sizes[] = {
4427 [NEON_3R_VHADD] = 0x7,
4428 [NEON_3R_VQADD] = 0xf,
4429 [NEON_3R_VRHADD] = 0x7,
4430 [NEON_3R_LOGIC] = 0xf, /* size field encodes op type */
4431 [NEON_3R_VHSUB] = 0x7,
4432 [NEON_3R_VQSUB] = 0xf,
4433 [NEON_3R_VCGT] = 0x7,
4434 [NEON_3R_VCGE] = 0x7,
4435 [NEON_3R_VSHL] = 0xf,
4436 [NEON_3R_VQSHL] = 0xf,
4437 [NEON_3R_VRSHL] = 0xf,
4438 [NEON_3R_VQRSHL] = 0xf,
4439 [NEON_3R_VMAX] = 0x7,
4440 [NEON_3R_VMIN] = 0x7,
4441 [NEON_3R_VABD] = 0x7,
4442 [NEON_3R_VABA] = 0x7,
4443 [NEON_3R_VADD_VSUB] = 0xf,
4444 [NEON_3R_VTST_VCEQ] = 0x7,
4445 [NEON_3R_VML] = 0x7,
4446 [NEON_3R_VMUL] = 0x7,
4447 [NEON_3R_VPMAX] = 0x7,
4448 [NEON_3R_VPMIN] = 0x7,
4449 [NEON_3R_VQDMULH_VQRDMULH] = 0x6,
4450 [NEON_3R_VPADD] = 0x7,
4451 [NEON_3R_FLOAT_ARITH] = 0x5, /* size bit 1 encodes op */
4452 [NEON_3R_FLOAT_MULTIPLY] = 0x5, /* size bit 1 encodes op */
4453 [NEON_3R_FLOAT_CMP] = 0x5, /* size bit 1 encodes op */
4454 [NEON_3R_FLOAT_ACMP] = 0x5, /* size bit 1 encodes op */
4455 [NEON_3R_FLOAT_MINMAX] = 0x5, /* size bit 1 encodes op */
4456 [NEON_3R_VRECPS_VRSQRTS] = 0x5, /* size bit 1 encodes op */
4459 /* Symbolic constants for op fields for Neon 2-register miscellaneous.
4460 * The values correspond to bits [17:16,10:7]; see the ARM ARM DDI0406B
4463 #define NEON_2RM_VREV64 0
4464 #define NEON_2RM_VREV32 1
4465 #define NEON_2RM_VREV16 2
4466 #define NEON_2RM_VPADDL 4
4467 #define NEON_2RM_VPADDL_U 5
4468 #define NEON_2RM_VCLS 8
4469 #define NEON_2RM_VCLZ 9
4470 #define NEON_2RM_VCNT 10
4471 #define NEON_2RM_VMVN 11
4472 #define NEON_2RM_VPADAL 12
4473 #define NEON_2RM_VPADAL_U 13
4474 #define NEON_2RM_VQABS 14
4475 #define NEON_2RM_VQNEG 15
4476 #define NEON_2RM_VCGT0 16
4477 #define NEON_2RM_VCGE0 17
4478 #define NEON_2RM_VCEQ0 18
4479 #define NEON_2RM_VCLE0 19
4480 #define NEON_2RM_VCLT0 20
4481 #define NEON_2RM_VABS 22
4482 #define NEON_2RM_VNEG 23
4483 #define NEON_2RM_VCGT0_F 24
4484 #define NEON_2RM_VCGE0_F 25
4485 #define NEON_2RM_VCEQ0_F 26
4486 #define NEON_2RM_VCLE0_F 27
4487 #define NEON_2RM_VCLT0_F 28
4488 #define NEON_2RM_VABS_F 30
4489 #define NEON_2RM_VNEG_F 31
4490 #define NEON_2RM_VSWP 32
4491 #define NEON_2RM_VTRN 33
4492 #define NEON_2RM_VUZP 34
4493 #define NEON_2RM_VZIP 35
4494 #define NEON_2RM_VMOVN 36 /* Includes VQMOVN, VQMOVUN */
4495 #define NEON_2RM_VQMOVN 37 /* Includes VQMOVUN */
4496 #define NEON_2RM_VSHLL 38
4497 #define NEON_2RM_VCVT_F16_F32 44
4498 #define NEON_2RM_VCVT_F32_F16 46
4499 #define NEON_2RM_VRECPE 56
4500 #define NEON_2RM_VRSQRTE 57
4501 #define NEON_2RM_VRECPE_F 58
4502 #define NEON_2RM_VRSQRTE_F 59
4503 #define NEON_2RM_VCVT_FS 60
4504 #define NEON_2RM_VCVT_FU 61
4505 #define NEON_2RM_VCVT_SF 62
4506 #define NEON_2RM_VCVT_UF 63
4508 static int neon_2rm_is_float_op(int op)
4510 /* Return true if this neon 2reg-misc op is float-to-float */
4511 return (op == NEON_2RM_VABS_F || op == NEON_2RM_VNEG_F ||
4512 op >= NEON_2RM_VRECPE_F);
4515 /* Each entry in this array has bit n set if the insn allows
4516 * size value n (otherwise it will UNDEF). Since unallocated
4517 * op values will have no bits set they always UNDEF.
4519 static const uint8_t neon_2rm_sizes[] = {
4520 [NEON_2RM_VREV64] = 0x7,
4521 [NEON_2RM_VREV32] = 0x3,
4522 [NEON_2RM_VREV16] = 0x1,
4523 [NEON_2RM_VPADDL] = 0x7,
4524 [NEON_2RM_VPADDL_U] = 0x7,
4525 [NEON_2RM_VCLS] = 0x7,
4526 [NEON_2RM_VCLZ] = 0x7,
4527 [NEON_2RM_VCNT] = 0x1,
4528 [NEON_2RM_VMVN] = 0x1,
4529 [NEON_2RM_VPADAL] = 0x7,
4530 [NEON_2RM_VPADAL_U] = 0x7,
4531 [NEON_2RM_VQABS] = 0x7,
4532 [NEON_2RM_VQNEG] = 0x7,
4533 [NEON_2RM_VCGT0] = 0x7,
4534 [NEON_2RM_VCGE0] = 0x7,
4535 [NEON_2RM_VCEQ0] = 0x7,
4536 [NEON_2RM_VCLE0] = 0x7,
4537 [NEON_2RM_VCLT0] = 0x7,
4538 [NEON_2RM_VABS] = 0x7,
4539 [NEON_2RM_VNEG] = 0x7,
4540 [NEON_2RM_VCGT0_F] = 0x4,
4541 [NEON_2RM_VCGE0_F] = 0x4,
4542 [NEON_2RM_VCEQ0_F] = 0x4,
4543 [NEON_2RM_VCLE0_F] = 0x4,
4544 [NEON_2RM_VCLT0_F] = 0x4,
4545 [NEON_2RM_VABS_F] = 0x4,
4546 [NEON_2RM_VNEG_F] = 0x4,
4547 [NEON_2RM_VSWP] = 0x1,
4548 [NEON_2RM_VTRN] = 0x7,
4549 [NEON_2RM_VUZP] = 0x7,
4550 [NEON_2RM_VZIP] = 0x7,
4551 [NEON_2RM_VMOVN] = 0x7,
4552 [NEON_2RM_VQMOVN] = 0x7,
4553 [NEON_2RM_VSHLL] = 0x7,
4554 [NEON_2RM_VCVT_F16_F32] = 0x2,
4555 [NEON_2RM_VCVT_F32_F16] = 0x2,
4556 [NEON_2RM_VRECPE] = 0x4,
4557 [NEON_2RM_VRSQRTE] = 0x4,
4558 [NEON_2RM_VRECPE_F] = 0x4,
4559 [NEON_2RM_VRSQRTE_F] = 0x4,
4560 [NEON_2RM_VCVT_FS] = 0x4,
4561 [NEON_2RM_VCVT_FU] = 0x4,
4562 [NEON_2RM_VCVT_SF] = 0x4,
4563 [NEON_2RM_VCVT_UF] = 0x4,
4566 /* Translate a NEON data processing instruction. Return nonzero if the
4567 instruction is invalid.
4568 We process data in a mixture of 32-bit and 64-bit chunks.
4569 Mostly we use 32-bit chunks so we can use normal scalar instructions. */
4571 static int disas_neon_data_insn(CPUState * env, DisasContext *s, uint32_t insn)
4583 TCGv tmp, tmp2, tmp3, tmp4, tmp5;
4586 if (!s->vfp_enabled)
4588 q = (insn & (1 << 6)) != 0;
4589 u = (insn >> 24) & 1;
4590 VFP_DREG_D(rd, insn);
4591 VFP_DREG_N(rn, insn);
4592 VFP_DREG_M(rm, insn);
4593 size = (insn >> 20) & 3;
4594 if ((insn & (1 << 23)) == 0) {
4595 /* Three register same length. */
4596 op = ((insn >> 7) & 0x1e) | ((insn >> 4) & 1);
4597 /* Catch invalid op and bad size combinations: UNDEF */
4598 if ((neon_3r_sizes[op] & (1 << size)) == 0) {
4601 /* All insns of this form UNDEF for either this condition or the
4602 * superset of cases "Q==1"; we catch the latter later.
4604 if (q && ((rd | rn | rm) & 1)) {
4607 if (size == 3 && op != NEON_3R_LOGIC) {
4608 /* 64-bit element instructions. */
4609 for (pass = 0; pass < (q ? 2 : 1); pass++) {
4610 neon_load_reg64(cpu_V0, rn + pass);
4611 neon_load_reg64(cpu_V1, rm + pass);
4615 gen_helper_neon_qadd_u64(cpu_V0, cpu_env,
4618 gen_helper_neon_qadd_s64(cpu_V0, cpu_env,
4624 gen_helper_neon_qsub_u64(cpu_V0, cpu_env,
4627 gen_helper_neon_qsub_s64(cpu_V0, cpu_env,
4633 gen_helper_neon_shl_u64(cpu_V0, cpu_V1, cpu_V0);
4635 gen_helper_neon_shl_s64(cpu_V0, cpu_V1, cpu_V0);
4640 gen_helper_neon_qshl_u64(cpu_V0, cpu_env,
4643 gen_helper_neon_qshl_s64(cpu_V0, cpu_env,
4649 gen_helper_neon_rshl_u64(cpu_V0, cpu_V1, cpu_V0);
4651 gen_helper_neon_rshl_s64(cpu_V0, cpu_V1, cpu_V0);
4654 case NEON_3R_VQRSHL:
4656 gen_helper_neon_qrshl_u64(cpu_V0, cpu_env,
4659 gen_helper_neon_qrshl_s64(cpu_V0, cpu_env,
4663 case NEON_3R_VADD_VSUB:
4665 tcg_gen_sub_i64(CPU_V001);
4667 tcg_gen_add_i64(CPU_V001);
4673 neon_store_reg64(cpu_V0, rd + pass);
4682 case NEON_3R_VQRSHL:
4685 /* Shift instruction operands are reversed. */
4700 case NEON_3R_FLOAT_ARITH:
4701 pairwise = (u && size < 2); /* if VPADD (float) */
4703 case NEON_3R_FLOAT_MINMAX:
4704 pairwise = u; /* if VPMIN/VPMAX (float) */
4706 case NEON_3R_FLOAT_CMP:
4708 /* no encoding for U=0 C=1x */
4712 case NEON_3R_FLOAT_ACMP:
4717 case NEON_3R_VRECPS_VRSQRTS:
4723 if (u && (size != 0)) {
4724 /* UNDEF on invalid size for polynomial subcase */
4732 if (pairwise && q) {
4733 /* All the pairwise insns UNDEF if Q is set */
4737 for (pass = 0; pass < (q ? 4 : 2); pass++) {
4742 tmp = neon_load_reg(rn, 0);
4743 tmp2 = neon_load_reg(rn, 1);
4745 tmp = neon_load_reg(rm, 0);
4746 tmp2 = neon_load_reg(rm, 1);
4750 tmp = neon_load_reg(rn, pass);
4751 tmp2 = neon_load_reg(rm, pass);
4755 GEN_NEON_INTEGER_OP(hadd);
4758 GEN_NEON_INTEGER_OP_ENV(qadd);
4760 case NEON_3R_VRHADD:
4761 GEN_NEON_INTEGER_OP(rhadd);
4763 case NEON_3R_LOGIC: /* Logic ops. */
4764 switch ((u << 2) | size) {
4766 tcg_gen_and_i32(tmp, tmp, tmp2);
4769 tcg_gen_andc_i32(tmp, tmp, tmp2);
4772 tcg_gen_or_i32(tmp, tmp, tmp2);
4775 tcg_gen_orc_i32(tmp, tmp, tmp2);
4778 tcg_gen_xor_i32(tmp, tmp, tmp2);
4781 tmp3 = neon_load_reg(rd, pass);
4782 gen_neon_bsl(tmp, tmp, tmp2, tmp3);
4783 tcg_temp_free_i32(tmp3);
4786 tmp3 = neon_load_reg(rd, pass);
4787 gen_neon_bsl(tmp, tmp, tmp3, tmp2);
4788 tcg_temp_free_i32(tmp3);
4791 tmp3 = neon_load_reg(rd, pass);
4792 gen_neon_bsl(tmp, tmp3, tmp, tmp2);
4793 tcg_temp_free_i32(tmp3);
4798 GEN_NEON_INTEGER_OP(hsub);
4801 GEN_NEON_INTEGER_OP_ENV(qsub);
4804 GEN_NEON_INTEGER_OP(cgt);
4807 GEN_NEON_INTEGER_OP(cge);
4810 GEN_NEON_INTEGER_OP(shl);
4813 GEN_NEON_INTEGER_OP_ENV(qshl);
4816 GEN_NEON_INTEGER_OP(rshl);
4818 case NEON_3R_VQRSHL:
4819 GEN_NEON_INTEGER_OP_ENV(qrshl);
4822 GEN_NEON_INTEGER_OP(max);
4825 GEN_NEON_INTEGER_OP(min);
4828 GEN_NEON_INTEGER_OP(abd);
4831 GEN_NEON_INTEGER_OP(abd);
4832 tcg_temp_free_i32(tmp2);
4833 tmp2 = neon_load_reg(rd, pass);
4834 gen_neon_add(size, tmp, tmp2);
4836 case NEON_3R_VADD_VSUB:
4837 if (!u) { /* VADD */
4838 gen_neon_add(size, tmp, tmp2);
4841 case 0: gen_helper_neon_sub_u8(tmp, tmp, tmp2); break;
4842 case 1: gen_helper_neon_sub_u16(tmp, tmp, tmp2); break;
4843 case 2: tcg_gen_sub_i32(tmp, tmp, tmp2); break;
4848 case NEON_3R_VTST_VCEQ:
4849 if (!u) { /* VTST */
4851 case 0: gen_helper_neon_tst_u8(tmp, tmp, tmp2); break;
4852 case 1: gen_helper_neon_tst_u16(tmp, tmp, tmp2); break;
4853 case 2: gen_helper_neon_tst_u32(tmp, tmp, tmp2); break;
4858 case 0: gen_helper_neon_ceq_u8(tmp, tmp, tmp2); break;
4859 case 1: gen_helper_neon_ceq_u16(tmp, tmp, tmp2); break;
4860 case 2: gen_helper_neon_ceq_u32(tmp, tmp, tmp2); break;
4865 case NEON_3R_VML: /* VMLA, VMLAL, VMLS,VMLSL */
4867 case 0: gen_helper_neon_mul_u8(tmp, tmp, tmp2); break;
4868 case 1: gen_helper_neon_mul_u16(tmp, tmp, tmp2); break;
4869 case 2: tcg_gen_mul_i32(tmp, tmp, tmp2); break;
4872 tcg_temp_free_i32(tmp2);
4873 tmp2 = neon_load_reg(rd, pass);
4875 gen_neon_rsb(size, tmp, tmp2);
4877 gen_neon_add(size, tmp, tmp2);
4881 if (u) { /* polynomial */
4882 gen_helper_neon_mul_p8(tmp, tmp, tmp2);
4883 } else { /* Integer */
4885 case 0: gen_helper_neon_mul_u8(tmp, tmp, tmp2); break;
4886 case 1: gen_helper_neon_mul_u16(tmp, tmp, tmp2); break;
4887 case 2: tcg_gen_mul_i32(tmp, tmp, tmp2); break;
4893 GEN_NEON_INTEGER_OP(pmax);
4896 GEN_NEON_INTEGER_OP(pmin);
4898 case NEON_3R_VQDMULH_VQRDMULH: /* Multiply high. */
4899 if (!u) { /* VQDMULH */
4902 gen_helper_neon_qdmulh_s16(tmp, cpu_env, tmp, tmp2);
4905 gen_helper_neon_qdmulh_s32(tmp, cpu_env, tmp, tmp2);
4909 } else { /* VQRDMULH */
4912 gen_helper_neon_qrdmulh_s16(tmp, cpu_env, tmp, tmp2);
4915 gen_helper_neon_qrdmulh_s32(tmp, cpu_env, tmp, tmp2);
4923 case 0: gen_helper_neon_padd_u8(tmp, tmp, tmp2); break;
4924 case 1: gen_helper_neon_padd_u16(tmp, tmp, tmp2); break;
4925 case 2: tcg_gen_add_i32(tmp, tmp, tmp2); break;
4929 case NEON_3R_FLOAT_ARITH: /* Floating point arithmetic. */
4931 TCGv_ptr fpstatus = get_fpstatus_ptr(1);
4932 switch ((u << 2) | size) {
4935 gen_helper_vfp_adds(tmp, tmp, tmp2, fpstatus);
4938 gen_helper_vfp_subs(tmp, tmp, tmp2, fpstatus);
4941 gen_helper_neon_abd_f32(tmp, tmp, tmp2, fpstatus);
4946 tcg_temp_free_ptr(fpstatus);
4949 case NEON_3R_FLOAT_MULTIPLY:
4951 TCGv_ptr fpstatus = get_fpstatus_ptr(1);
4952 gen_helper_vfp_muls(tmp, tmp, tmp2, fpstatus);
4954 tcg_temp_free_i32(tmp2);
4955 tmp2 = neon_load_reg(rd, pass);
4957 gen_helper_vfp_adds(tmp, tmp, tmp2, fpstatus);
4959 gen_helper_vfp_subs(tmp, tmp2, tmp, fpstatus);
4962 tcg_temp_free_ptr(fpstatus);
4965 case NEON_3R_FLOAT_CMP:
4967 TCGv_ptr fpstatus = get_fpstatus_ptr(1);
4969 gen_helper_neon_ceq_f32(tmp, tmp, tmp2, fpstatus);
4972 gen_helper_neon_cge_f32(tmp, tmp, tmp2, fpstatus);
4974 gen_helper_neon_cgt_f32(tmp, tmp, tmp2, fpstatus);
4977 tcg_temp_free_ptr(fpstatus);
4980 case NEON_3R_FLOAT_ACMP:
4982 TCGv_ptr fpstatus = get_fpstatus_ptr(1);
4984 gen_helper_neon_acge_f32(tmp, tmp, tmp2, fpstatus);
4986 gen_helper_neon_acgt_f32(tmp, tmp, tmp2, fpstatus);
4988 tcg_temp_free_ptr(fpstatus);
4991 case NEON_3R_FLOAT_MINMAX:
4993 TCGv_ptr fpstatus = get_fpstatus_ptr(1);
4995 gen_helper_neon_max_f32(tmp, tmp, tmp2, fpstatus);
4997 gen_helper_neon_min_f32(tmp, tmp, tmp2, fpstatus);
4999 tcg_temp_free_ptr(fpstatus);
5002 case NEON_3R_VRECPS_VRSQRTS:
5004 gen_helper_recps_f32(tmp, tmp, tmp2, cpu_env);
5006 gen_helper_rsqrts_f32(tmp, tmp, tmp2, cpu_env);
5011 tcg_temp_free_i32(tmp2);
5013 /* Save the result. For elementwise operations we can put it
5014 straight into the destination register. For pairwise operations
5015 we have to be careful to avoid clobbering the source operands. */
5016 if (pairwise && rd == rm) {
5017 neon_store_scratch(pass, tmp);
5019 neon_store_reg(rd, pass, tmp);
5023 if (pairwise && rd == rm) {
5024 for (pass = 0; pass < (q ? 4 : 2); pass++) {
5025 tmp = neon_load_scratch(pass);
5026 neon_store_reg(rd, pass, tmp);
5029 /* End of 3 register same size operations. */
5030 } else if (insn & (1 << 4)) {
5031 if ((insn & 0x00380080) != 0) {
5032 /* Two registers and shift. */
5033 op = (insn >> 8) & 0xf;
5034 if (insn & (1 << 7)) {
5042 while ((insn & (1 << (size + 19))) == 0)
5045 shift = (insn >> 16) & ((1 << (3 + size)) - 1);
5046 /* To avoid excessive dumplication of ops we implement shift
5047 by immediate using the variable shift operations. */
5049 /* Shift by immediate:
5050 VSHR, VSRA, VRSHR, VRSRA, VSRI, VSHL, VQSHL, VQSHLU. */
5051 if (q && ((rd | rm) & 1)) {
5054 if (!u && (op == 4 || op == 6)) {
5057 /* Right shifts are encoded as N - shift, where N is the
5058 element size in bits. */
5060 shift = shift - (1 << (size + 3));
5068 imm = (uint8_t) shift;
5073 imm = (uint16_t) shift;
5084 for (pass = 0; pass < count; pass++) {
5086 neon_load_reg64(cpu_V0, rm + pass);
5087 tcg_gen_movi_i64(cpu_V1, imm);
5092 gen_helper_neon_shl_u64(cpu_V0, cpu_V0, cpu_V1);
5094 gen_helper_neon_shl_s64(cpu_V0, cpu_V0, cpu_V1);
5099 gen_helper_neon_rshl_u64(cpu_V0, cpu_V0, cpu_V1);
5101 gen_helper_neon_rshl_s64(cpu_V0, cpu_V0, cpu_V1);
5104 case 5: /* VSHL, VSLI */
5105 gen_helper_neon_shl_u64(cpu_V0, cpu_V0, cpu_V1);
5107 case 6: /* VQSHLU */
5108 gen_helper_neon_qshlu_s64(cpu_V0, cpu_env,
5113 gen_helper_neon_qshl_u64(cpu_V0, cpu_env,
5116 gen_helper_neon_qshl_s64(cpu_V0, cpu_env,
5121 if (op == 1 || op == 3) {
5123 neon_load_reg64(cpu_V1, rd + pass);
5124 tcg_gen_add_i64(cpu_V0, cpu_V0, cpu_V1);
5125 } else if (op == 4 || (op == 5 && u)) {
5127 neon_load_reg64(cpu_V1, rd + pass);
5129 if (shift < -63 || shift > 63) {
5133 mask = 0xffffffffffffffffull >> -shift;
5135 mask = 0xffffffffffffffffull << shift;
5138 tcg_gen_andi_i64(cpu_V1, cpu_V1, ~mask);
5139 tcg_gen_or_i64(cpu_V0, cpu_V0, cpu_V1);
5141 neon_store_reg64(cpu_V0, rd + pass);
5142 } else { /* size < 3 */
5143 /* Operands in T0 and T1. */
5144 tmp = neon_load_reg(rm, pass);
5145 tmp2 = tcg_temp_new_i32();
5146 tcg_gen_movi_i32(tmp2, imm);
5150 GEN_NEON_INTEGER_OP(shl);
5154 GEN_NEON_INTEGER_OP(rshl);
5157 case 5: /* VSHL, VSLI */
5159 case 0: gen_helper_neon_shl_u8(tmp, tmp, tmp2); break;
5160 case 1: gen_helper_neon_shl_u16(tmp, tmp, tmp2); break;
5161 case 2: gen_helper_neon_shl_u32(tmp, tmp, tmp2); break;
5165 case 6: /* VQSHLU */
5168 gen_helper_neon_qshlu_s8(tmp, cpu_env,
5172 gen_helper_neon_qshlu_s16(tmp, cpu_env,
5176 gen_helper_neon_qshlu_s32(tmp, cpu_env,
5184 GEN_NEON_INTEGER_OP_ENV(qshl);
5187 tcg_temp_free_i32(tmp2);
5189 if (op == 1 || op == 3) {
5191 tmp2 = neon_load_reg(rd, pass);
5192 gen_neon_add(size, tmp, tmp2);
5193 tcg_temp_free_i32(tmp2);
5194 } else if (op == 4 || (op == 5 && u)) {
5199 mask = 0xff >> -shift;
5201 mask = (uint8_t)(0xff << shift);
5207 mask = 0xffff >> -shift;
5209 mask = (uint16_t)(0xffff << shift);
5213 if (shift < -31 || shift > 31) {
5217 mask = 0xffffffffu >> -shift;
5219 mask = 0xffffffffu << shift;
5225 tmp2 = neon_load_reg(rd, pass);
5226 tcg_gen_andi_i32(tmp, tmp, mask);
5227 tcg_gen_andi_i32(tmp2, tmp2, ~mask);
5228 tcg_gen_or_i32(tmp, tmp, tmp2);
5229 tcg_temp_free_i32(tmp2);
5231 neon_store_reg(rd, pass, tmp);
5234 } else if (op < 10) {
5235 /* Shift by immediate and narrow:
5236 VSHRN, VRSHRN, VQSHRN, VQRSHRN. */
5237 int input_unsigned = (op == 8) ? !u : u;
5241 shift = shift - (1 << (size + 3));
5244 tmp64 = tcg_const_i64(shift);
5245 neon_load_reg64(cpu_V0, rm);
5246 neon_load_reg64(cpu_V1, rm + 1);
5247 for (pass = 0; pass < 2; pass++) {
5255 if (input_unsigned) {
5256 gen_helper_neon_rshl_u64(cpu_V0, in, tmp64);
5258 gen_helper_neon_rshl_s64(cpu_V0, in, tmp64);
5261 if (input_unsigned) {
5262 gen_helper_neon_shl_u64(cpu_V0, in, tmp64);
5264 gen_helper_neon_shl_s64(cpu_V0, in, tmp64);
5267 tmp = tcg_temp_new_i32();
5268 gen_neon_narrow_op(op == 8, u, size - 1, tmp, cpu_V0);
5269 neon_store_reg(rd, pass, tmp);
5271 tcg_temp_free_i64(tmp64);
5274 imm = (uint16_t)shift;
5278 imm = (uint32_t)shift;
5280 tmp2 = tcg_const_i32(imm);
5281 tmp4 = neon_load_reg(rm + 1, 0);
5282 tmp5 = neon_load_reg(rm + 1, 1);
5283 for (pass = 0; pass < 2; pass++) {
5285 tmp = neon_load_reg(rm, 0);
5289 gen_neon_shift_narrow(size, tmp, tmp2, q,
5292 tmp3 = neon_load_reg(rm, 1);
5296 gen_neon_shift_narrow(size, tmp3, tmp2, q,
5298 tcg_gen_concat_i32_i64(cpu_V0, tmp, tmp3);
5299 tcg_temp_free_i32(tmp);
5300 tcg_temp_free_i32(tmp3);
5301 tmp = tcg_temp_new_i32();
5302 gen_neon_narrow_op(op == 8, u, size - 1, tmp, cpu_V0);
5303 neon_store_reg(rd, pass, tmp);
5305 tcg_temp_free_i32(tmp2);
5307 } else if (op == 10) {
5309 if (q || (rd & 1)) {
5312 tmp = neon_load_reg(rm, 0);
5313 tmp2 = neon_load_reg(rm, 1);
5314 for (pass = 0; pass < 2; pass++) {
5318 gen_neon_widen(cpu_V0, tmp, size, u);
5321 /* The shift is less than the width of the source
5322 type, so we can just shift the whole register. */
5323 tcg_gen_shli_i64(cpu_V0, cpu_V0, shift);
5324 /* Widen the result of shift: we need to clear
5325 * the potential overflow bits resulting from
5326 * left bits of the narrow input appearing as
5327 * right bits of left the neighbour narrow
5329 if (size < 2 || !u) {
5332 imm = (0xffu >> (8 - shift));
5334 } else if (size == 1) {
5335 imm = 0xffff >> (16 - shift);
5338 imm = 0xffffffff >> (32 - shift);
5341 imm64 = imm | (((uint64_t)imm) << 32);
5345 tcg_gen_andi_i64(cpu_V0, cpu_V0, ~imm64);
5348 neon_store_reg64(cpu_V0, rd + pass);
5350 } else if (op >= 14) {
5351 /* VCVT fixed-point. */
5352 if (!(insn & (1 << 21)) || (q && ((rd | rm) & 1))) {
5355 /* We have already masked out the must-be-1 top bit of imm6,
5356 * hence this 32-shift where the ARM ARM has 64-imm6.
5359 for (pass = 0; pass < (q ? 4 : 2); pass++) {
5360 tcg_gen_ld_f32(cpu_F0s, cpu_env, neon_reg_offset(rm, pass));
5363 gen_vfp_ulto(0, shift, 1);
5365 gen_vfp_slto(0, shift, 1);
5368 gen_vfp_toul(0, shift, 1);
5370 gen_vfp_tosl(0, shift, 1);
5372 tcg_gen_st_f32(cpu_F0s, cpu_env, neon_reg_offset(rd, pass));
5377 } else { /* (insn & 0x00380080) == 0 */
5379 if (q && (rd & 1)) {
5383 op = (insn >> 8) & 0xf;
5384 /* One register and immediate. */
5385 imm = (u << 7) | ((insn >> 12) & 0x70) | (insn & 0xf);
5386 invert = (insn & (1 << 5)) != 0;
5387 /* Note that op = 2,3,4,5,6,7,10,11,12,13 imm=0 is UNPREDICTABLE.
5388 * We choose to not special-case this and will behave as if a
5389 * valid constant encoding of 0 had been given.
5408 imm = (imm << 8) | (imm << 24);
5411 imm = (imm << 8) | 0xff;
5414 imm = (imm << 16) | 0xffff;
5417 imm |= (imm << 8) | (imm << 16) | (imm << 24);
5425 imm = ((imm & 0x80) << 24) | ((imm & 0x3f) << 19)
5426 | ((imm & 0x40) ? (0x1f << 25) : (1 << 30));
5432 for (pass = 0; pass < (q ? 4 : 2); pass++) {
5433 if (op & 1 && op < 12) {
5434 tmp = neon_load_reg(rd, pass);
5436 /* The immediate value has already been inverted, so
5438 tcg_gen_andi_i32(tmp, tmp, imm);
5440 tcg_gen_ori_i32(tmp, tmp, imm);
5444 tmp = tcg_temp_new_i32();
5445 if (op == 14 && invert) {
5449 for (n = 0; n < 4; n++) {
5450 if (imm & (1 << (n + (pass & 1) * 4)))
5451 val |= 0xff << (n * 8);
5453 tcg_gen_movi_i32(tmp, val);
5455 tcg_gen_movi_i32(tmp, imm);
5458 neon_store_reg(rd, pass, tmp);
5461 } else { /* (insn & 0x00800010 == 0x00800000) */
5463 op = (insn >> 8) & 0xf;
5464 if ((insn & (1 << 6)) == 0) {
5465 /* Three registers of different lengths. */
5469 /* undefreq: bit 0 : UNDEF if size != 0
5470 * bit 1 : UNDEF if size == 0
5471 * bit 2 : UNDEF if U == 1
5472 * Note that [1:0] set implies 'always UNDEF'
5475 /* prewiden, src1_wide, src2_wide, undefreq */
5476 static const int neon_3reg_wide[16][4] = {
5477 {1, 0, 0, 0}, /* VADDL */
5478 {1, 1, 0, 0}, /* VADDW */
5479 {1, 0, 0, 0}, /* VSUBL */
5480 {1, 1, 0, 0}, /* VSUBW */
5481 {0, 1, 1, 0}, /* VADDHN */
5482 {0, 0, 0, 0}, /* VABAL */
5483 {0, 1, 1, 0}, /* VSUBHN */
5484 {0, 0, 0, 0}, /* VABDL */
5485 {0, 0, 0, 0}, /* VMLAL */
5486 {0, 0, 0, 6}, /* VQDMLAL */
5487 {0, 0, 0, 0}, /* VMLSL */
5488 {0, 0, 0, 6}, /* VQDMLSL */
5489 {0, 0, 0, 0}, /* Integer VMULL */
5490 {0, 0, 0, 2}, /* VQDMULL */
5491 {0, 0, 0, 5}, /* Polynomial VMULL */
5492 {0, 0, 0, 3}, /* Reserved: always UNDEF */
5495 prewiden = neon_3reg_wide[op][0];
5496 src1_wide = neon_3reg_wide[op][1];
5497 src2_wide = neon_3reg_wide[op][2];
5498 undefreq = neon_3reg_wide[op][3];
5500 if (((undefreq & 1) && (size != 0)) ||
5501 ((undefreq & 2) && (size == 0)) ||
5502 ((undefreq & 4) && u)) {
5505 if ((src1_wide && (rn & 1)) ||
5506 (src2_wide && (rm & 1)) ||
5507 (!src2_wide && (rd & 1))) {
5511 /* Avoid overlapping operands. Wide source operands are
5512 always aligned so will never overlap with wide
5513 destinations in problematic ways. */
5514 if (rd == rm && !src2_wide) {
5515 tmp = neon_load_reg(rm, 1);
5516 neon_store_scratch(2, tmp);
5517 } else if (rd == rn && !src1_wide) {
5518 tmp = neon_load_reg(rn, 1);
5519 neon_store_scratch(2, tmp);
5522 for (pass = 0; pass < 2; pass++) {
5524 neon_load_reg64(cpu_V0, rn + pass);
5527 if (pass == 1 && rd == rn) {
5528 tmp = neon_load_scratch(2);
5530 tmp = neon_load_reg(rn, pass);
5533 gen_neon_widen(cpu_V0, tmp, size, u);
5537 neon_load_reg64(cpu_V1, rm + pass);
5540 if (pass == 1 && rd == rm) {
5541 tmp2 = neon_load_scratch(2);
5543 tmp2 = neon_load_reg(rm, pass);
5546 gen_neon_widen(cpu_V1, tmp2, size, u);
5550 case 0: case 1: case 4: /* VADDL, VADDW, VADDHN, VRADDHN */
5551 gen_neon_addl(size);
5553 case 2: case 3: case 6: /* VSUBL, VSUBW, VSUBHN, VRSUBHN */
5554 gen_neon_subl(size);
5556 case 5: case 7: /* VABAL, VABDL */
5557 switch ((size << 1) | u) {
5559 gen_helper_neon_abdl_s16(cpu_V0, tmp, tmp2);
5562 gen_helper_neon_abdl_u16(cpu_V0, tmp, tmp2);
5565 gen_helper_neon_abdl_s32(cpu_V0, tmp, tmp2);
5568 gen_helper_neon_abdl_u32(cpu_V0, tmp, tmp2);
5571 gen_helper_neon_abdl_s64(cpu_V0, tmp, tmp2);
5574 gen_helper_neon_abdl_u64(cpu_V0, tmp, tmp2);
5578 tcg_temp_free_i32(tmp2);
5579 tcg_temp_free_i32(tmp);
5581 case 8: case 9: case 10: case 11: case 12: case 13:
5582 /* VMLAL, VQDMLAL, VMLSL, VQDMLSL, VMULL, VQDMULL */
5583 gen_neon_mull(cpu_V0, tmp, tmp2, size, u);
5585 case 14: /* Polynomial VMULL */
5586 gen_helper_neon_mull_p8(cpu_V0, tmp, tmp2);
5587 tcg_temp_free_i32(tmp2);
5588 tcg_temp_free_i32(tmp);
5590 default: /* 15 is RESERVED: caught earlier */
5595 gen_neon_addl_saturate(cpu_V0, cpu_V0, size);
5596 neon_store_reg64(cpu_V0, rd + pass);
5597 } else if (op == 5 || (op >= 8 && op <= 11)) {
5599 neon_load_reg64(cpu_V1, rd + pass);
5601 case 10: /* VMLSL */
5602 gen_neon_negl(cpu_V0, size);
5604 case 5: case 8: /* VABAL, VMLAL */
5605 gen_neon_addl(size);
5607 case 9: case 11: /* VQDMLAL, VQDMLSL */
5608 gen_neon_addl_saturate(cpu_V0, cpu_V0, size);
5610 gen_neon_negl(cpu_V0, size);
5612 gen_neon_addl_saturate(cpu_V0, cpu_V1, size);
5617 neon_store_reg64(cpu_V0, rd + pass);
5618 } else if (op == 4 || op == 6) {
5619 /* Narrowing operation. */
5620 tmp = tcg_temp_new_i32();
5624 gen_helper_neon_narrow_high_u8(tmp, cpu_V0);
5627 gen_helper_neon_narrow_high_u16(tmp, cpu_V0);
5630 tcg_gen_shri_i64(cpu_V0, cpu_V0, 32);
5631 tcg_gen_trunc_i64_i32(tmp, cpu_V0);
5638 gen_helper_neon_narrow_round_high_u8(tmp, cpu_V0);
5641 gen_helper_neon_narrow_round_high_u16(tmp, cpu_V0);
5644 tcg_gen_addi_i64(cpu_V0, cpu_V0, 1u << 31);
5645 tcg_gen_shri_i64(cpu_V0, cpu_V0, 32);
5646 tcg_gen_trunc_i64_i32(tmp, cpu_V0);
5654 neon_store_reg(rd, 0, tmp3);
5655 neon_store_reg(rd, 1, tmp);
5658 /* Write back the result. */
5659 neon_store_reg64(cpu_V0, rd + pass);
5663 /* Two registers and a scalar. NB that for ops of this form
5664 * the ARM ARM labels bit 24 as Q, but it is in our variable
5671 case 1: /* Float VMLA scalar */
5672 case 5: /* Floating point VMLS scalar */
5673 case 9: /* Floating point VMUL scalar */
5678 case 0: /* Integer VMLA scalar */
5679 case 4: /* Integer VMLS scalar */
5680 case 8: /* Integer VMUL scalar */
5681 case 12: /* VQDMULH scalar */
5682 case 13: /* VQRDMULH scalar */
5683 if (u && ((rd | rn) & 1)) {
5686 tmp = neon_get_scalar(size, rm);
5687 neon_store_scratch(0, tmp);
5688 for (pass = 0; pass < (u ? 4 : 2); pass++) {
5689 tmp = neon_load_scratch(0);
5690 tmp2 = neon_load_reg(rn, pass);
5693 gen_helper_neon_qdmulh_s16(tmp, cpu_env, tmp, tmp2);
5695 gen_helper_neon_qdmulh_s32(tmp, cpu_env, tmp, tmp2);
5697 } else if (op == 13) {
5699 gen_helper_neon_qrdmulh_s16(tmp, cpu_env, tmp, tmp2);
5701 gen_helper_neon_qrdmulh_s32(tmp, cpu_env, tmp, tmp2);
5703 } else if (op & 1) {
5704 TCGv_ptr fpstatus = get_fpstatus_ptr(1);
5705 gen_helper_vfp_muls(tmp, tmp, tmp2, fpstatus);
5706 tcg_temp_free_ptr(fpstatus);
5709 case 0: gen_helper_neon_mul_u8(tmp, tmp, tmp2); break;
5710 case 1: gen_helper_neon_mul_u16(tmp, tmp, tmp2); break;
5711 case 2: tcg_gen_mul_i32(tmp, tmp, tmp2); break;
5715 tcg_temp_free_i32(tmp2);
5718 tmp2 = neon_load_reg(rd, pass);
5721 gen_neon_add(size, tmp, tmp2);
5725 TCGv_ptr fpstatus = get_fpstatus_ptr(1);
5726 gen_helper_vfp_adds(tmp, tmp, tmp2, fpstatus);
5727 tcg_temp_free_ptr(fpstatus);
5731 gen_neon_rsb(size, tmp, tmp2);
5735 TCGv_ptr fpstatus = get_fpstatus_ptr(1);
5736 gen_helper_vfp_subs(tmp, tmp2, tmp, fpstatus);
5737 tcg_temp_free_ptr(fpstatus);
5743 tcg_temp_free_i32(tmp2);
5745 neon_store_reg(rd, pass, tmp);
5748 case 3: /* VQDMLAL scalar */
5749 case 7: /* VQDMLSL scalar */
5750 case 11: /* VQDMULL scalar */
5755 case 2: /* VMLAL sclar */
5756 case 6: /* VMLSL scalar */
5757 case 10: /* VMULL scalar */
5761 tmp2 = neon_get_scalar(size, rm);
5762 /* We need a copy of tmp2 because gen_neon_mull
5763 * deletes it during pass 0. */
5764 tmp4 = tcg_temp_new_i32();
5765 tcg_gen_mov_i32(tmp4, tmp2);
5766 tmp3 = neon_load_reg(rn, 1);
5768 for (pass = 0; pass < 2; pass++) {
5770 tmp = neon_load_reg(rn, 0);
5775 gen_neon_mull(cpu_V0, tmp, tmp2, size, u);
5777 neon_load_reg64(cpu_V1, rd + pass);
5781 gen_neon_negl(cpu_V0, size);
5784 gen_neon_addl(size);
5787 gen_neon_addl_saturate(cpu_V0, cpu_V0, size);
5789 gen_neon_negl(cpu_V0, size);
5791 gen_neon_addl_saturate(cpu_V0, cpu_V1, size);
5797 gen_neon_addl_saturate(cpu_V0, cpu_V0, size);
5802 neon_store_reg64(cpu_V0, rd + pass);
5807 default: /* 14 and 15 are RESERVED */
5811 } else { /* size == 3 */
5814 imm = (insn >> 8) & 0xf;
5819 if (q && ((rd | rn | rm) & 1)) {
5824 neon_load_reg64(cpu_V0, rn);
5826 neon_load_reg64(cpu_V1, rn + 1);
5828 } else if (imm == 8) {
5829 neon_load_reg64(cpu_V0, rn + 1);
5831 neon_load_reg64(cpu_V1, rm);
5834 tmp64 = tcg_temp_new_i64();
5836 neon_load_reg64(cpu_V0, rn);
5837 neon_load_reg64(tmp64, rn + 1);
5839 neon_load_reg64(cpu_V0, rn + 1);
5840 neon_load_reg64(tmp64, rm);
5842 tcg_gen_shri_i64(cpu_V0, cpu_V0, (imm & 7) * 8);
5843 tcg_gen_shli_i64(cpu_V1, tmp64, 64 - ((imm & 7) * 8));
5844 tcg_gen_or_i64(cpu_V0, cpu_V0, cpu_V1);
5846 neon_load_reg64(cpu_V1, rm);
5848 neon_load_reg64(cpu_V1, rm + 1);
5851 tcg_gen_shli_i64(cpu_V1, cpu_V1, 64 - (imm * 8));
5852 tcg_gen_shri_i64(tmp64, tmp64, imm * 8);
5853 tcg_gen_or_i64(cpu_V1, cpu_V1, tmp64);
5854 tcg_temp_free_i64(tmp64);
5857 neon_load_reg64(cpu_V0, rn);
5858 tcg_gen_shri_i64(cpu_V0, cpu_V0, imm * 8);
5859 neon_load_reg64(cpu_V1, rm);
5860 tcg_gen_shli_i64(cpu_V1, cpu_V1, 64 - (imm * 8));
5861 tcg_gen_or_i64(cpu_V0, cpu_V0, cpu_V1);
5863 neon_store_reg64(cpu_V0, rd);
5865 neon_store_reg64(cpu_V1, rd + 1);
5867 } else if ((insn & (1 << 11)) == 0) {
5868 /* Two register misc. */
5869 op = ((insn >> 12) & 0x30) | ((insn >> 7) & 0xf);
5870 size = (insn >> 18) & 3;
5871 /* UNDEF for unknown op values and bad op-size combinations */
5872 if ((neon_2rm_sizes[op] & (1 << size)) == 0) {
5875 if ((op != NEON_2RM_VMOVN && op != NEON_2RM_VQMOVN) &&
5876 q && ((rm | rd) & 1)) {
5880 case NEON_2RM_VREV64:
5881 for (pass = 0; pass < (q ? 2 : 1); pass++) {
5882 tmp = neon_load_reg(rm, pass * 2);
5883 tmp2 = neon_load_reg(rm, pass * 2 + 1);
5885 case 0: tcg_gen_bswap32_i32(tmp, tmp); break;
5886 case 1: gen_swap_half(tmp); break;
5887 case 2: /* no-op */ break;
5890 neon_store_reg(rd, pass * 2 + 1, tmp);
5892 neon_store_reg(rd, pass * 2, tmp2);
5895 case 0: tcg_gen_bswap32_i32(tmp2, tmp2); break;
5896 case 1: gen_swap_half(tmp2); break;
5899 neon_store_reg(rd, pass * 2, tmp2);
5903 case NEON_2RM_VPADDL: case NEON_2RM_VPADDL_U:
5904 case NEON_2RM_VPADAL: case NEON_2RM_VPADAL_U:
5905 for (pass = 0; pass < q + 1; pass++) {
5906 tmp = neon_load_reg(rm, pass * 2);
5907 gen_neon_widen(cpu_V0, tmp, size, op & 1);
5908 tmp = neon_load_reg(rm, pass * 2 + 1);
5909 gen_neon_widen(cpu_V1, tmp, size, op & 1);
5911 case 0: gen_helper_neon_paddl_u16(CPU_V001); break;
5912 case 1: gen_helper_neon_paddl_u32(CPU_V001); break;
5913 case 2: tcg_gen_add_i64(CPU_V001); break;
5916 if (op >= NEON_2RM_VPADAL) {
5918 neon_load_reg64(cpu_V1, rd + pass);
5919 gen_neon_addl(size);
5921 neon_store_reg64(cpu_V0, rd + pass);
5927 for (n = 0; n < (q ? 4 : 2); n += 2) {
5928 tmp = neon_load_reg(rm, n);
5929 tmp2 = neon_load_reg(rd, n + 1);
5930 neon_store_reg(rm, n, tmp2);
5931 neon_store_reg(rd, n + 1, tmp);
5938 if (gen_neon_unzip(rd, rm, size, q)) {
5943 if (gen_neon_zip(rd, rm, size, q)) {
5947 case NEON_2RM_VMOVN: case NEON_2RM_VQMOVN:
5948 /* also VQMOVUN; op field and mnemonics don't line up */
5953 for (pass = 0; pass < 2; pass++) {
5954 neon_load_reg64(cpu_V0, rm + pass);
5955 tmp = tcg_temp_new_i32();
5956 gen_neon_narrow_op(op == NEON_2RM_VMOVN, q, size,
5961 neon_store_reg(rd, 0, tmp2);
5962 neon_store_reg(rd, 1, tmp);
5966 case NEON_2RM_VSHLL:
5967 if (q || (rd & 1)) {
5970 tmp = neon_load_reg(rm, 0);
5971 tmp2 = neon_load_reg(rm, 1);
5972 for (pass = 0; pass < 2; pass++) {
5975 gen_neon_widen(cpu_V0, tmp, size, 1);
5976 tcg_gen_shli_i64(cpu_V0, cpu_V0, 8 << size);
5977 neon_store_reg64(cpu_V0, rd + pass);
5980 case NEON_2RM_VCVT_F16_F32:
5981 if (!arm_feature(env, ARM_FEATURE_VFP_FP16) ||
5985 tmp = tcg_temp_new_i32();
5986 tmp2 = tcg_temp_new_i32();
5987 tcg_gen_ld_f32(cpu_F0s, cpu_env, neon_reg_offset(rm, 0));
5988 gen_helper_neon_fcvt_f32_to_f16(tmp, cpu_F0s, cpu_env);
5989 tcg_gen_ld_f32(cpu_F0s, cpu_env, neon_reg_offset(rm, 1));
5990 gen_helper_neon_fcvt_f32_to_f16(tmp2, cpu_F0s, cpu_env);
5991 tcg_gen_shli_i32(tmp2, tmp2, 16);
5992 tcg_gen_or_i32(tmp2, tmp2, tmp);
5993 tcg_gen_ld_f32(cpu_F0s, cpu_env, neon_reg_offset(rm, 2));
5994 gen_helper_neon_fcvt_f32_to_f16(tmp, cpu_F0s, cpu_env);
5995 tcg_gen_ld_f32(cpu_F0s, cpu_env, neon_reg_offset(rm, 3));
5996 neon_store_reg(rd, 0, tmp2);
5997 tmp2 = tcg_temp_new_i32();
5998 gen_helper_neon_fcvt_f32_to_f16(tmp2, cpu_F0s, cpu_env);
5999 tcg_gen_shli_i32(tmp2, tmp2, 16);
6000 tcg_gen_or_i32(tmp2, tmp2, tmp);
6001 neon_store_reg(rd, 1, tmp2);
6002 tcg_temp_free_i32(tmp);
6004 case NEON_2RM_VCVT_F32_F16:
6005 if (!arm_feature(env, ARM_FEATURE_VFP_FP16) ||
6009 tmp3 = tcg_temp_new_i32();
6010 tmp = neon_load_reg(rm, 0);
6011 tmp2 = neon_load_reg(rm, 1);
6012 tcg_gen_ext16u_i32(tmp3, tmp);
6013 gen_helper_neon_fcvt_f16_to_f32(cpu_F0s, tmp3, cpu_env);
6014 tcg_gen_st_f32(cpu_F0s, cpu_env, neon_reg_offset(rd, 0));
6015 tcg_gen_shri_i32(tmp3, tmp, 16);
6016 gen_helper_neon_fcvt_f16_to_f32(cpu_F0s, tmp3, cpu_env);
6017 tcg_gen_st_f32(cpu_F0s, cpu_env, neon_reg_offset(rd, 1));
6018 tcg_temp_free_i32(tmp);
6019 tcg_gen_ext16u_i32(tmp3, tmp2);
6020 gen_helper_neon_fcvt_f16_to_f32(cpu_F0s, tmp3, cpu_env);
6021 tcg_gen_st_f32(cpu_F0s, cpu_env, neon_reg_offset(rd, 2));
6022 tcg_gen_shri_i32(tmp3, tmp2, 16);
6023 gen_helper_neon_fcvt_f16_to_f32(cpu_F0s, tmp3, cpu_env);
6024 tcg_gen_st_f32(cpu_F0s, cpu_env, neon_reg_offset(rd, 3));
6025 tcg_temp_free_i32(tmp2);
6026 tcg_temp_free_i32(tmp3);
6030 for (pass = 0; pass < (q ? 4 : 2); pass++) {
6031 if (neon_2rm_is_float_op(op)) {
6032 tcg_gen_ld_f32(cpu_F0s, cpu_env,
6033 neon_reg_offset(rm, pass));
6036 tmp = neon_load_reg(rm, pass);
6039 case NEON_2RM_VREV32:
6041 case 0: tcg_gen_bswap32_i32(tmp, tmp); break;
6042 case 1: gen_swap_half(tmp); break;
6046 case NEON_2RM_VREV16:
6051 case 0: gen_helper_neon_cls_s8(tmp, tmp); break;
6052 case 1: gen_helper_neon_cls_s16(tmp, tmp); break;
6053 case 2: gen_helper_neon_cls_s32(tmp, tmp); break;
6059 case 0: gen_helper_neon_clz_u8(tmp, tmp); break;
6060 case 1: gen_helper_neon_clz_u16(tmp, tmp); break;
6061 case 2: gen_helper_clz(tmp, tmp); break;
6066 gen_helper_neon_cnt_u8(tmp, tmp);
6069 tcg_gen_not_i32(tmp, tmp);
6071 case NEON_2RM_VQABS:
6074 gen_helper_neon_qabs_s8(tmp, cpu_env, tmp);
6077 gen_helper_neon_qabs_s16(tmp, cpu_env, tmp);
6080 gen_helper_neon_qabs_s32(tmp, cpu_env, tmp);
6085 case NEON_2RM_VQNEG:
6088 gen_helper_neon_qneg_s8(tmp, cpu_env, tmp);
6091 gen_helper_neon_qneg_s16(tmp, cpu_env, tmp);
6094 gen_helper_neon_qneg_s32(tmp, cpu_env, tmp);
6099 case NEON_2RM_VCGT0: case NEON_2RM_VCLE0:
6100 tmp2 = tcg_const_i32(0);
6102 case 0: gen_helper_neon_cgt_s8(tmp, tmp, tmp2); break;
6103 case 1: gen_helper_neon_cgt_s16(tmp, tmp, tmp2); break;
6104 case 2: gen_helper_neon_cgt_s32(tmp, tmp, tmp2); break;
6107 tcg_temp_free(tmp2);
6108 if (op == NEON_2RM_VCLE0) {
6109 tcg_gen_not_i32(tmp, tmp);
6112 case NEON_2RM_VCGE0: case NEON_2RM_VCLT0:
6113 tmp2 = tcg_const_i32(0);
6115 case 0: gen_helper_neon_cge_s8(tmp, tmp, tmp2); break;
6116 case 1: gen_helper_neon_cge_s16(tmp, tmp, tmp2); break;
6117 case 2: gen_helper_neon_cge_s32(tmp, tmp, tmp2); break;
6120 tcg_temp_free(tmp2);
6121 if (op == NEON_2RM_VCLT0) {
6122 tcg_gen_not_i32(tmp, tmp);
6125 case NEON_2RM_VCEQ0:
6126 tmp2 = tcg_const_i32(0);
6128 case 0: gen_helper_neon_ceq_u8(tmp, tmp, tmp2); break;
6129 case 1: gen_helper_neon_ceq_u16(tmp, tmp, tmp2); break;
6130 case 2: gen_helper_neon_ceq_u32(tmp, tmp, tmp2); break;
6133 tcg_temp_free(tmp2);
6137 case 0: gen_helper_neon_abs_s8(tmp, tmp); break;
6138 case 1: gen_helper_neon_abs_s16(tmp, tmp); break;
6139 case 2: tcg_gen_abs_i32(tmp, tmp); break;
6144 tmp2 = tcg_const_i32(0);
6145 gen_neon_rsb(size, tmp, tmp2);
6146 tcg_temp_free(tmp2);
6148 case NEON_2RM_VCGT0_F:
6150 TCGv_ptr fpstatus = get_fpstatus_ptr(1);
6151 tmp2 = tcg_const_i32(0);
6152 gen_helper_neon_cgt_f32(tmp, tmp, tmp2, fpstatus);
6153 tcg_temp_free(tmp2);
6154 tcg_temp_free_ptr(fpstatus);
6157 case NEON_2RM_VCGE0_F:
6159 TCGv_ptr fpstatus = get_fpstatus_ptr(1);
6160 tmp2 = tcg_const_i32(0);
6161 gen_helper_neon_cge_f32(tmp, tmp, tmp2, fpstatus);
6162 tcg_temp_free(tmp2);
6163 tcg_temp_free_ptr(fpstatus);
6166 case NEON_2RM_VCEQ0_F:
6168 TCGv_ptr fpstatus = get_fpstatus_ptr(1);
6169 tmp2 = tcg_const_i32(0);
6170 gen_helper_neon_ceq_f32(tmp, tmp, tmp2, fpstatus);
6171 tcg_temp_free(tmp2);
6172 tcg_temp_free_ptr(fpstatus);
6175 case NEON_2RM_VCLE0_F:
6177 TCGv_ptr fpstatus = get_fpstatus_ptr(1);
6178 tmp2 = tcg_const_i32(0);
6179 gen_helper_neon_cge_f32(tmp, tmp2, tmp, fpstatus);
6180 tcg_temp_free(tmp2);
6181 tcg_temp_free_ptr(fpstatus);
6184 case NEON_2RM_VCLT0_F:
6186 TCGv_ptr fpstatus = get_fpstatus_ptr(1);
6187 tmp2 = tcg_const_i32(0);
6188 gen_helper_neon_cgt_f32(tmp, tmp2, tmp, fpstatus);
6189 tcg_temp_free(tmp2);
6190 tcg_temp_free_ptr(fpstatus);
6193 case NEON_2RM_VABS_F:
6196 case NEON_2RM_VNEG_F:
6200 tmp2 = neon_load_reg(rd, pass);
6201 neon_store_reg(rm, pass, tmp2);
6204 tmp2 = neon_load_reg(rd, pass);
6206 case 0: gen_neon_trn_u8(tmp, tmp2); break;
6207 case 1: gen_neon_trn_u16(tmp, tmp2); break;
6210 neon_store_reg(rm, pass, tmp2);
6212 case NEON_2RM_VRECPE:
6213 gen_helper_recpe_u32(tmp, tmp, cpu_env);
6215 case NEON_2RM_VRSQRTE:
6216 gen_helper_rsqrte_u32(tmp, tmp, cpu_env);
6218 case NEON_2RM_VRECPE_F:
6219 gen_helper_recpe_f32(cpu_F0s, cpu_F0s, cpu_env);
6221 case NEON_2RM_VRSQRTE_F:
6222 gen_helper_rsqrte_f32(cpu_F0s, cpu_F0s, cpu_env);
6224 case NEON_2RM_VCVT_FS: /* VCVT.F32.S32 */
6227 case NEON_2RM_VCVT_FU: /* VCVT.F32.U32 */
6230 case NEON_2RM_VCVT_SF: /* VCVT.S32.F32 */
6231 gen_vfp_tosiz(0, 1);
6233 case NEON_2RM_VCVT_UF: /* VCVT.U32.F32 */
6234 gen_vfp_touiz(0, 1);
6237 /* Reserved op values were caught by the
6238 * neon_2rm_sizes[] check earlier.
6242 if (neon_2rm_is_float_op(op)) {
6243 tcg_gen_st_f32(cpu_F0s, cpu_env,
6244 neon_reg_offset(rd, pass));
6246 neon_store_reg(rd, pass, tmp);
6251 } else if ((insn & (1 << 10)) == 0) {
6253 int n = ((insn >> 8) & 3) + 1;
6254 if ((rn + n) > 32) {
6255 /* This is UNPREDICTABLE; we choose to UNDEF to avoid the
6256 * helper function running off the end of the register file.
6261 if (insn & (1 << 6)) {
6262 tmp = neon_load_reg(rd, 0);
6264 tmp = tcg_temp_new_i32();
6265 tcg_gen_movi_i32(tmp, 0);
6267 tmp2 = neon_load_reg(rm, 0);
6268 tmp4 = tcg_const_i32(rn);
6269 tmp5 = tcg_const_i32(n);
6270 gen_helper_neon_tbl(tmp2, tmp2, tmp, tmp4, tmp5);
6271 tcg_temp_free_i32(tmp);
6272 if (insn & (1 << 6)) {
6273 tmp = neon_load_reg(rd, 1);
6275 tmp = tcg_temp_new_i32();
6276 tcg_gen_movi_i32(tmp, 0);
6278 tmp3 = neon_load_reg(rm, 1);
6279 gen_helper_neon_tbl(tmp3, tmp3, tmp, tmp4, tmp5);
6280 tcg_temp_free_i32(tmp5);
6281 tcg_temp_free_i32(tmp4);
6282 neon_store_reg(rd, 0, tmp2);
6283 neon_store_reg(rd, 1, tmp3);
6284 tcg_temp_free_i32(tmp);
6285 } else if ((insn & 0x380) == 0) {
6287 if ((insn & (7 << 16)) == 0 || (q && (rd & 1))) {
6290 if (insn & (1 << 19)) {
6291 tmp = neon_load_reg(rm, 1);
6293 tmp = neon_load_reg(rm, 0);
6295 if (insn & (1 << 16)) {
6296 gen_neon_dup_u8(tmp, ((insn >> 17) & 3) * 8);
6297 } else if (insn & (1 << 17)) {
6298 if ((insn >> 18) & 1)
6299 gen_neon_dup_high16(tmp);
6301 gen_neon_dup_low16(tmp);
6303 for (pass = 0; pass < (q ? 4 : 2); pass++) {
6304 tmp2 = tcg_temp_new_i32();
6305 tcg_gen_mov_i32(tmp2, tmp);
6306 neon_store_reg(rd, pass, tmp2);
6308 tcg_temp_free_i32(tmp);
6317 static int disas_cp14_read(CPUState * env, DisasContext *s, uint32_t insn)
6319 int crn = (insn >> 16) & 0xf;
6320 int crm = insn & 0xf;
6321 int op1 = (insn >> 21) & 7;
6322 int op2 = (insn >> 5) & 7;
6323 int rt = (insn >> 12) & 0xf;
6326 /* Minimal set of debug registers, since we don't support debug */
6327 if (op1 == 0 && crn == 0 && op2 == 0) {
6330 /* DBGDIDR: just RAZ. In particular this means the
6331 * "debug architecture version" bits will read as
6332 * a reserved value, which should cause Linux to
6333 * not try to use the debug hardware.
6335 tmp = tcg_const_i32(0);
6336 store_reg(s, rt, tmp);
6340 /* DBGDRAR and DBGDSAR: v7 only. Always RAZ since we
6341 * don't implement memory mapped debug components
6343 if (ENABLE_ARCH_7) {
6344 tmp = tcg_const_i32(0);
6345 store_reg(s, rt, tmp);
6354 if (arm_feature(env, ARM_FEATURE_THUMB2EE)) {
6355 if (op1 == 6 && crn == 0 && crm == 0 && op2 == 0) {
6359 tmp = load_cpu_field(teecr);
6360 store_reg(s, rt, tmp);
6363 if (op1 == 6 && crn == 1 && crm == 0 && op2 == 0) {
6365 if (IS_USER(s) && (env->teecr & 1))
6367 tmp = load_cpu_field(teehbr);
6368 store_reg(s, rt, tmp);
6372 fprintf(stderr, "Unknown cp14 read op1:%d crn:%d crm:%d op2:%d\n",
6373 op1, crn, crm, op2);
6377 static int disas_cp14_write(CPUState * env, DisasContext *s, uint32_t insn)
6379 int crn = (insn >> 16) & 0xf;
6380 int crm = insn & 0xf;
6381 int op1 = (insn >> 21) & 7;
6382 int op2 = (insn >> 5) & 7;
6383 int rt = (insn >> 12) & 0xf;
6386 if (arm_feature(env, ARM_FEATURE_THUMB2EE)) {
6387 if (op1 == 6 && crn == 0 && crm == 0 && op2 == 0) {
6391 tmp = load_reg(s, rt);
6392 gen_helper_set_teecr(cpu_env, tmp);
6393 tcg_temp_free_i32(tmp);
6396 if (op1 == 6 && crn == 1 && crm == 0 && op2 == 0) {
6398 if (IS_USER(s) && (env->teecr & 1))
6400 tmp = load_reg(s, rt);
6401 store_cpu_field(tmp, teehbr);
6405 fprintf(stderr, "Unknown cp14 write op1:%d crn:%d crm:%d op2:%d\n",
6406 op1, crn, crm, op2);
6410 static int disas_coproc_insn(CPUState * env, DisasContext *s, uint32_t insn)
6414 cpnum = (insn >> 8) & 0xf;
6415 if (arm_feature(env, ARM_FEATURE_XSCALE)
6416 && ((env->cp15.c15_cpar ^ 0x3fff) & (1 << cpnum)))
6422 if (arm_feature(env, ARM_FEATURE_IWMMXT)) {
6423 return disas_iwmmxt_insn(env, s, insn);
6424 } else if (arm_feature(env, ARM_FEATURE_XSCALE)) {
6425 return disas_dsp_insn(env, s, insn);
6430 return disas_vfp_insn (env, s, insn);
6432 /* Coprocessors 7-15 are architecturally reserved by ARM.
6433 Unfortunately Intel decided to ignore this. */
6434 if (arm_feature(env, ARM_FEATURE_XSCALE))
6436 if (insn & (1 << 20))
6437 return disas_cp14_read(env, s, insn);
6439 return disas_cp14_write(env, s, insn);
6441 return disas_cp15_insn (env, s, insn);
6444 /* Unknown coprocessor. See if the board has hooked it. */
6445 return disas_cp_insn (env, s, insn);
6450 /* Store a 64-bit value to a register pair. Clobbers val. */
6451 static void gen_storeq_reg(DisasContext *s, int rlow, int rhigh, TCGv_i64 val)
6454 tmp = tcg_temp_new_i32();
6455 tcg_gen_trunc_i64_i32(tmp, val);
6456 store_reg(s, rlow, tmp);
6457 tmp = tcg_temp_new_i32();
6458 tcg_gen_shri_i64(val, val, 32);
6459 tcg_gen_trunc_i64_i32(tmp, val);
6460 store_reg(s, rhigh, tmp);
6463 /* load a 32-bit value from a register and perform a 64-bit accumulate. */
6464 static void gen_addq_lo(DisasContext *s, TCGv_i64 val, int rlow)
6469 /* Load value and extend to 64 bits. */
6470 tmp = tcg_temp_new_i64();
6471 tmp2 = load_reg(s, rlow);
6472 tcg_gen_extu_i32_i64(tmp, tmp2);
6473 tcg_temp_free_i32(tmp2);
6474 tcg_gen_add_i64(val, val, tmp);
6475 tcg_temp_free_i64(tmp);
6478 /* load and add a 64-bit value from a register pair. */
6479 static void gen_addq(DisasContext *s, TCGv_i64 val, int rlow, int rhigh)
6485 /* Load 64-bit value rd:rn. */
6486 tmpl = load_reg(s, rlow);
6487 tmph = load_reg(s, rhigh);
6488 tmp = tcg_temp_new_i64();
6489 tcg_gen_concat_i32_i64(tmp, tmpl, tmph);
6490 tcg_temp_free_i32(tmpl);
6491 tcg_temp_free_i32(tmph);
6492 tcg_gen_add_i64(val, val, tmp);
6493 tcg_temp_free_i64(tmp);
6496 /* Set N and Z flags from a 64-bit value. */
6497 static void gen_logicq_cc(TCGv_i64 val)
6499 TCGv tmp = tcg_temp_new_i32();
6500 gen_helper_logicq_cc(tmp, val);
6502 tcg_temp_free_i32(tmp);
6505 /* Load/Store exclusive instructions are implemented by remembering
6506 the value/address loaded, and seeing if these are the same
6507 when the store is performed. This should be is sufficient to implement
6508 the architecturally mandated semantics, and avoids having to monitor
6511 In system emulation mode only one CPU will be running at once, so
6512 this sequence is effectively atomic. In user emulation mode we
6513 throw an exception and handle the atomic operation elsewhere. */
6514 static void gen_load_exclusive(DisasContext *s, int rt, int rt2,
6515 TCGv addr, int size)
6521 tmp = gen_ld8u(addr, IS_USER(s));
6524 tmp = gen_ld16u(addr, IS_USER(s));
6528 tmp = gen_ld32(addr, IS_USER(s));
6533 tcg_gen_mov_i32(cpu_exclusive_val, tmp);
6534 store_reg(s, rt, tmp);
6536 TCGv tmp2 = tcg_temp_new_i32();
6537 tcg_gen_addi_i32(tmp2, addr, 4);
6538 tmp = gen_ld32(tmp2, IS_USER(s));
6539 tcg_temp_free_i32(tmp2);
6540 tcg_gen_mov_i32(cpu_exclusive_high, tmp);
6541 store_reg(s, rt2, tmp);
6543 tcg_gen_mov_i32(cpu_exclusive_addr, addr);
6546 static void gen_clrex(DisasContext *s)
6548 tcg_gen_movi_i32(cpu_exclusive_addr, -1);
6551 #ifdef CONFIG_USER_ONLY
6552 static void gen_store_exclusive(DisasContext *s, int rd, int rt, int rt2,
6553 TCGv addr, int size)
6555 tcg_gen_mov_i32(cpu_exclusive_test, addr);
6556 tcg_gen_movi_i32(cpu_exclusive_info,
6557 size | (rd << 4) | (rt << 8) | (rt2 << 12));
6558 gen_exception_insn(s, 4, EXCP_STREX);
6561 static void gen_store_exclusive(DisasContext *s, int rd, int rt, int rt2,
6562 TCGv addr, int size)
6568 /* if (env->exclusive_addr == addr && env->exclusive_val == [addr]) {
6574 fail_label = gen_new_label();
6575 done_label = gen_new_label();
6576 tcg_gen_brcond_i32(TCG_COND_NE, addr, cpu_exclusive_addr, fail_label);
6579 tmp = gen_ld8u(addr, IS_USER(s));
6582 tmp = gen_ld16u(addr, IS_USER(s));
6586 tmp = gen_ld32(addr, IS_USER(s));
6591 tcg_gen_brcond_i32(TCG_COND_NE, tmp, cpu_exclusive_val, fail_label);
6592 tcg_temp_free_i32(tmp);
6594 TCGv tmp2 = tcg_temp_new_i32();
6595 tcg_gen_addi_i32(tmp2, addr, 4);
6596 tmp = gen_ld32(tmp2, IS_USER(s));
6597 tcg_temp_free_i32(tmp2);
6598 tcg_gen_brcond_i32(TCG_COND_NE, tmp, cpu_exclusive_high, fail_label);
6599 tcg_temp_free_i32(tmp);
6601 tmp = load_reg(s, rt);
6604 gen_st8(tmp, addr, IS_USER(s));
6607 gen_st16(tmp, addr, IS_USER(s));
6611 gen_st32(tmp, addr, IS_USER(s));
6617 tcg_gen_addi_i32(addr, addr, 4);
6618 tmp = load_reg(s, rt2);
6619 gen_st32(tmp, addr, IS_USER(s));
6621 tcg_gen_movi_i32(cpu_R[rd], 0);
6622 tcg_gen_br(done_label);
6623 gen_set_label(fail_label);
6624 tcg_gen_movi_i32(cpu_R[rd], 1);
6625 gen_set_label(done_label);
6626 tcg_gen_movi_i32(cpu_exclusive_addr, -1);
6630 static void disas_arm_insn(CPUState * env, DisasContext *s)
6632 unsigned int cond, insn, val, op1, i, shift, rm, rs, rn, rd, sh;
6639 insn = ldl_code(s->pc);
6642 /* M variants do not implement ARM mode. */
6647 /* In ARMv3 and v4 the NV condition is UNPREDICTABLE; we
6648 * choose to UNDEF. In ARMv5 and above the space is used
6649 * for miscellaneous unconditional instructions.
6653 /* Unconditional instructions. */
6654 if (((insn >> 25) & 7) == 1) {
6655 /* NEON Data processing. */
6656 if (!arm_feature(env, ARM_FEATURE_NEON))
6659 if (disas_neon_data_insn(env, s, insn))
6663 if ((insn & 0x0f100000) == 0x04000000) {
6664 /* NEON load/store. */
6665 if (!arm_feature(env, ARM_FEATURE_NEON))
6668 if (disas_neon_ls_insn(env, s, insn))
6672 if (((insn & 0x0f30f000) == 0x0510f000) ||
6673 ((insn & 0x0f30f010) == 0x0710f000)) {
6674 if ((insn & (1 << 22)) == 0) {
6676 if (!arm_feature(env, ARM_FEATURE_V7MP)) {
6680 /* Otherwise PLD; v5TE+ */
6684 if (((insn & 0x0f70f000) == 0x0450f000) ||
6685 ((insn & 0x0f70f010) == 0x0650f000)) {
6687 return; /* PLI; V7 */
6689 if (((insn & 0x0f700000) == 0x04100000) ||
6690 ((insn & 0x0f700010) == 0x06100000)) {
6691 if (!arm_feature(env, ARM_FEATURE_V7MP)) {
6694 return; /* v7MP: Unallocated memory hint: must NOP */
6697 if ((insn & 0x0ffffdff) == 0x01010000) {
6700 if (insn & (1 << 9)) {
6701 /* BE8 mode not implemented. */
6705 } else if ((insn & 0x0fffff00) == 0x057ff000) {
6706 switch ((insn >> 4) & 0xf) {
6715 /* We don't emulate caches so these are a no-op. */
6720 } else if ((insn & 0x0e5fffe0) == 0x084d0500) {
6726 op1 = (insn & 0x1f);
6727 addr = tcg_temp_new_i32();
6728 tmp = tcg_const_i32(op1);
6729 gen_helper_get_r13_banked(addr, cpu_env, tmp);
6730 tcg_temp_free_i32(tmp);
6731 i = (insn >> 23) & 3;
6733 case 0: offset = -4; break; /* DA */
6734 case 1: offset = 0; break; /* IA */
6735 case 2: offset = -8; break; /* DB */
6736 case 3: offset = 4; break; /* IB */
6740 tcg_gen_addi_i32(addr, addr, offset);
6741 tmp = load_reg(s, 14);
6742 gen_st32(tmp, addr, 0);
6743 tmp = load_cpu_field(spsr);
6744 tcg_gen_addi_i32(addr, addr, 4);
6745 gen_st32(tmp, addr, 0);
6746 if (insn & (1 << 21)) {
6747 /* Base writeback. */
6749 case 0: offset = -8; break;
6750 case 1: offset = 4; break;
6751 case 2: offset = -4; break;
6752 case 3: offset = 0; break;
6756 tcg_gen_addi_i32(addr, addr, offset);
6757 tmp = tcg_const_i32(op1);
6758 gen_helper_set_r13_banked(cpu_env, tmp, addr);
6759 tcg_temp_free_i32(tmp);
6760 tcg_temp_free_i32(addr);
6762 tcg_temp_free_i32(addr);
6765 } else if ((insn & 0x0e50ffe0) == 0x08100a00) {
6771 rn = (insn >> 16) & 0xf;
6772 addr = load_reg(s, rn);
6773 i = (insn >> 23) & 3;
6775 case 0: offset = -4; break; /* DA */
6776 case 1: offset = 0; break; /* IA */
6777 case 2: offset = -8; break; /* DB */
6778 case 3: offset = 4; break; /* IB */
6782 tcg_gen_addi_i32(addr, addr, offset);
6783 /* Load PC into tmp and CPSR into tmp2. */
6784 tmp = gen_ld32(addr, 0);
6785 tcg_gen_addi_i32(addr, addr, 4);
6786 tmp2 = gen_ld32(addr, 0);
6787 if (insn & (1 << 21)) {
6788 /* Base writeback. */
6790 case 0: offset = -8; break;
6791 case 1: offset = 4; break;
6792 case 2: offset = -4; break;
6793 case 3: offset = 0; break;
6797 tcg_gen_addi_i32(addr, addr, offset);
6798 store_reg(s, rn, addr);
6800 tcg_temp_free_i32(addr);
6802 gen_rfe(s, tmp, tmp2);
6804 } else if ((insn & 0x0e000000) == 0x0a000000) {
6805 /* branch link and change to thumb (blx <offset>) */
6808 val = (uint32_t)s->pc;
6809 tmp = tcg_temp_new_i32();
6810 tcg_gen_movi_i32(tmp, val);
6811 store_reg(s, 14, tmp);
6812 /* Sign-extend the 24-bit offset */
6813 offset = (((int32_t)insn) << 8) >> 8;
6814 /* offset * 4 + bit24 * 2 + (thumb bit) */
6815 val += (offset << 2) | ((insn >> 23) & 2) | 1;
6816 /* pipeline offset */
6818 /* protected by ARCH(5); above, near the start of uncond block */
6821 } else if ((insn & 0x0e000f00) == 0x0c000100) {
6822 if (arm_feature(env, ARM_FEATURE_IWMMXT)) {
6823 /* iWMMXt register transfer. */
6824 if (env->cp15.c15_cpar & (1 << 1))
6825 if (!disas_iwmmxt_insn(env, s, insn))
6828 } else if ((insn & 0x0fe00000) == 0x0c400000) {
6829 /* Coprocessor double register transfer. */
6831 } else if ((insn & 0x0f000010) == 0x0e000010) {
6832 /* Additional coprocessor register transfer. */
6833 } else if ((insn & 0x0ff10020) == 0x01000000) {
6836 /* cps (privileged) */
6840 if (insn & (1 << 19)) {
6841 if (insn & (1 << 8))
6843 if (insn & (1 << 7))
6845 if (insn & (1 << 6))
6847 if (insn & (1 << 18))
6850 if (insn & (1 << 17)) {
6852 val |= (insn & 0x1f);
6855 gen_set_psr_im(s, mask, 0, val);
6862 /* if not always execute, we generate a conditional jump to
6864 s->condlabel = gen_new_label();
6865 gen_test_cc(cond ^ 1, s->condlabel);
6868 if ((insn & 0x0f900000) == 0x03000000) {
6869 if ((insn & (1 << 21)) == 0) {
6871 rd = (insn >> 12) & 0xf;
6872 val = ((insn >> 4) & 0xf000) | (insn & 0xfff);
6873 if ((insn & (1 << 22)) == 0) {
6875 tmp = tcg_temp_new_i32();
6876 tcg_gen_movi_i32(tmp, val);
6879 tmp = load_reg(s, rd);
6880 tcg_gen_ext16u_i32(tmp, tmp);
6881 tcg_gen_ori_i32(tmp, tmp, val << 16);
6883 store_reg(s, rd, tmp);
6885 if (((insn >> 12) & 0xf) != 0xf)
6887 if (((insn >> 16) & 0xf) == 0) {
6888 gen_nop_hint(s, insn & 0xff);
6890 /* CPSR = immediate */
6892 shift = ((insn >> 8) & 0xf) * 2;
6894 val = (val >> shift) | (val << (32 - shift));
6895 i = ((insn & (1 << 22)) != 0);
6896 if (gen_set_psr_im(s, msr_mask(env, s, (insn >> 16) & 0xf, i), i, val))
6900 } else if ((insn & 0x0f900000) == 0x01000000
6901 && (insn & 0x00000090) != 0x00000090) {
6902 /* miscellaneous instructions */
6903 op1 = (insn >> 21) & 3;
6904 sh = (insn >> 4) & 0xf;
6907 case 0x0: /* move program status register */
6910 tmp = load_reg(s, rm);
6911 i = ((op1 & 2) != 0);
6912 if (gen_set_psr(s, msr_mask(env, s, (insn >> 16) & 0xf, i), i, tmp))
6916 rd = (insn >> 12) & 0xf;
6920 tmp = load_cpu_field(spsr);
6922 tmp = tcg_temp_new_i32();
6923 gen_helper_cpsr_read(tmp);
6925 store_reg(s, rd, tmp);
6930 /* branch/exchange thumb (bx). */
6932 tmp = load_reg(s, rm);
6934 } else if (op1 == 3) {
6937 rd = (insn >> 12) & 0xf;
6938 tmp = load_reg(s, rm);
6939 gen_helper_clz(tmp, tmp);
6940 store_reg(s, rd, tmp);
6948 /* Trivial implementation equivalent to bx. */
6949 tmp = load_reg(s, rm);
6960 /* branch link/exchange thumb (blx) */
6961 tmp = load_reg(s, rm);
6962 tmp2 = tcg_temp_new_i32();
6963 tcg_gen_movi_i32(tmp2, s->pc);
6964 store_reg(s, 14, tmp2);
6967 case 0x5: /* saturating add/subtract */
6969 rd = (insn >> 12) & 0xf;
6970 rn = (insn >> 16) & 0xf;
6971 tmp = load_reg(s, rm);
6972 tmp2 = load_reg(s, rn);
6974 gen_helper_double_saturate(tmp2, tmp2);
6976 gen_helper_sub_saturate(tmp, tmp, tmp2);
6978 gen_helper_add_saturate(tmp, tmp, tmp2);
6979 tcg_temp_free_i32(tmp2);
6980 store_reg(s, rd, tmp);
6983 /* SMC instruction (op1 == 3)
6984 and undefined instructions (op1 == 0 || op1 == 2)
6991 gen_exception_insn(s, 4, EXCP_BKPT);
6993 case 0x8: /* signed multiply */
6998 rs = (insn >> 8) & 0xf;
6999 rn = (insn >> 12) & 0xf;
7000 rd = (insn >> 16) & 0xf;
7002 /* (32 * 16) >> 16 */
7003 tmp = load_reg(s, rm);
7004 tmp2 = load_reg(s, rs);
7006 tcg_gen_sari_i32(tmp2, tmp2, 16);
7009 tmp64 = gen_muls_i64_i32(tmp, tmp2);
7010 tcg_gen_shri_i64(tmp64, tmp64, 16);
7011 tmp = tcg_temp_new_i32();
7012 tcg_gen_trunc_i64_i32(tmp, tmp64);
7013 tcg_temp_free_i64(tmp64);
7014 if ((sh & 2) == 0) {
7015 tmp2 = load_reg(s, rn);
7016 gen_helper_add_setq(tmp, tmp, tmp2);
7017 tcg_temp_free_i32(tmp2);
7019 store_reg(s, rd, tmp);
7022 tmp = load_reg(s, rm);
7023 tmp2 = load_reg(s, rs);
7024 gen_mulxy(tmp, tmp2, sh & 2, sh & 4);
7025 tcg_temp_free_i32(tmp2);
7027 tmp64 = tcg_temp_new_i64();
7028 tcg_gen_ext_i32_i64(tmp64, tmp);
7029 tcg_temp_free_i32(tmp);
7030 gen_addq(s, tmp64, rn, rd);
7031 gen_storeq_reg(s, rn, rd, tmp64);
7032 tcg_temp_free_i64(tmp64);
7035 tmp2 = load_reg(s, rn);
7036 gen_helper_add_setq(tmp, tmp, tmp2);
7037 tcg_temp_free_i32(tmp2);
7039 store_reg(s, rd, tmp);
7046 } else if (((insn & 0x0e000000) == 0 &&
7047 (insn & 0x00000090) != 0x90) ||
7048 ((insn & 0x0e000000) == (1 << 25))) {
7049 int set_cc, logic_cc, shiftop;
7051 op1 = (insn >> 21) & 0xf;
7052 set_cc = (insn >> 20) & 1;
7053 logic_cc = table_logic_cc[op1] & set_cc;
7055 /* data processing instruction */
7056 if (insn & (1 << 25)) {
7057 /* immediate operand */
7059 shift = ((insn >> 8) & 0xf) * 2;
7061 val = (val >> shift) | (val << (32 - shift));
7063 tmp2 = tcg_temp_new_i32();
7064 tcg_gen_movi_i32(tmp2, val);
7065 if (logic_cc && shift) {
7066 gen_set_CF_bit31(tmp2);
7071 tmp2 = load_reg(s, rm);
7072 shiftop = (insn >> 5) & 3;
7073 if (!(insn & (1 << 4))) {
7074 shift = (insn >> 7) & 0x1f;
7075 gen_arm_shift_im(tmp2, shiftop, shift, logic_cc);
7077 rs = (insn >> 8) & 0xf;
7078 tmp = load_reg(s, rs);
7079 gen_arm_shift_reg(tmp2, shiftop, tmp, logic_cc);
7082 if (op1 != 0x0f && op1 != 0x0d) {
7083 rn = (insn >> 16) & 0xf;
7084 tmp = load_reg(s, rn);
7088 rd = (insn >> 12) & 0xf;
7091 tcg_gen_and_i32(tmp, tmp, tmp2);
7095 store_reg_bx(env, s, rd, tmp);
7098 tcg_gen_xor_i32(tmp, tmp, tmp2);
7102 store_reg_bx(env, s, rd, tmp);
7105 if (set_cc && rd == 15) {
7106 /* SUBS r15, ... is used for exception return. */
7110 gen_helper_sub_cc(tmp, tmp, tmp2);
7111 gen_exception_return(s, tmp);
7114 gen_helper_sub_cc(tmp, tmp, tmp2);
7116 tcg_gen_sub_i32(tmp, tmp, tmp2);
7118 store_reg_bx(env, s, rd, tmp);
7123 gen_helper_sub_cc(tmp, tmp2, tmp);
7125 tcg_gen_sub_i32(tmp, tmp2, tmp);
7127 store_reg_bx(env, s, rd, tmp);
7131 gen_helper_add_cc(tmp, tmp, tmp2);
7133 tcg_gen_add_i32(tmp, tmp, tmp2);
7135 store_reg_bx(env, s, rd, tmp);
7139 gen_helper_adc_cc(tmp, tmp, tmp2);
7141 gen_add_carry(tmp, tmp, tmp2);
7143 store_reg_bx(env, s, rd, tmp);
7147 gen_helper_sbc_cc(tmp, tmp, tmp2);
7149 gen_sub_carry(tmp, tmp, tmp2);
7151 store_reg_bx(env, s, rd, tmp);
7155 gen_helper_sbc_cc(tmp, tmp2, tmp);
7157 gen_sub_carry(tmp, tmp2, tmp);
7159 store_reg_bx(env, s, rd, tmp);
7163 tcg_gen_and_i32(tmp, tmp, tmp2);
7166 tcg_temp_free_i32(tmp);
7170 tcg_gen_xor_i32(tmp, tmp, tmp2);
7173 tcg_temp_free_i32(tmp);
7177 gen_helper_sub_cc(tmp, tmp, tmp2);
7179 tcg_temp_free_i32(tmp);
7183 gen_helper_add_cc(tmp, tmp, tmp2);
7185 tcg_temp_free_i32(tmp);
7188 tcg_gen_or_i32(tmp, tmp, tmp2);
7192 store_reg_bx(env, s, rd, tmp);
7195 if (logic_cc && rd == 15) {
7196 /* MOVS r15, ... is used for exception return. */
7200 gen_exception_return(s, tmp2);
7205 store_reg_bx(env, s, rd, tmp2);
7209 tcg_gen_andc_i32(tmp, tmp, tmp2);
7213 store_reg_bx(env, s, rd, tmp);
7217 tcg_gen_not_i32(tmp2, tmp2);
7221 store_reg_bx(env, s, rd, tmp2);
7224 if (op1 != 0x0f && op1 != 0x0d) {
7225 tcg_temp_free_i32(tmp2);
7228 /* other instructions */
7229 op1 = (insn >> 24) & 0xf;
7233 /* multiplies, extra load/stores */
7234 sh = (insn >> 5) & 3;
7237 rd = (insn >> 16) & 0xf;
7238 rn = (insn >> 12) & 0xf;
7239 rs = (insn >> 8) & 0xf;
7241 op1 = (insn >> 20) & 0xf;
7243 case 0: case 1: case 2: case 3: case 6:
7245 tmp = load_reg(s, rs);
7246 tmp2 = load_reg(s, rm);
7247 tcg_gen_mul_i32(tmp, tmp, tmp2);
7248 tcg_temp_free_i32(tmp2);
7249 if (insn & (1 << 22)) {
7250 /* Subtract (mls) */
7252 tmp2 = load_reg(s, rn);
7253 tcg_gen_sub_i32(tmp, tmp2, tmp);
7254 tcg_temp_free_i32(tmp2);
7255 } else if (insn & (1 << 21)) {
7257 tmp2 = load_reg(s, rn);
7258 tcg_gen_add_i32(tmp, tmp, tmp2);
7259 tcg_temp_free_i32(tmp2);
7261 if (insn & (1 << 20))
7263 store_reg(s, rd, tmp);
7266 /* 64 bit mul double accumulate (UMAAL) */
7268 tmp = load_reg(s, rs);
7269 tmp2 = load_reg(s, rm);
7270 tmp64 = gen_mulu_i64_i32(tmp, tmp2);
7271 gen_addq_lo(s, tmp64, rn);
7272 gen_addq_lo(s, tmp64, rd);
7273 gen_storeq_reg(s, rn, rd, tmp64);
7274 tcg_temp_free_i64(tmp64);
7276 case 8: case 9: case 10: case 11:
7277 case 12: case 13: case 14: case 15:
7278 /* 64 bit mul: UMULL, UMLAL, SMULL, SMLAL. */
7279 tmp = load_reg(s, rs);
7280 tmp2 = load_reg(s, rm);
7281 if (insn & (1 << 22)) {
7282 tmp64 = gen_muls_i64_i32(tmp, tmp2);
7284 tmp64 = gen_mulu_i64_i32(tmp, tmp2);
7286 if (insn & (1 << 21)) { /* mult accumulate */
7287 gen_addq(s, tmp64, rn, rd);
7289 if (insn & (1 << 20)) {
7290 gen_logicq_cc(tmp64);
7292 gen_storeq_reg(s, rn, rd, tmp64);
7293 tcg_temp_free_i64(tmp64);
7299 rn = (insn >> 16) & 0xf;
7300 rd = (insn >> 12) & 0xf;
7301 if (insn & (1 << 23)) {
7302 /* load/store exclusive */
7303 op1 = (insn >> 21) & 0x3;
7308 addr = tcg_temp_local_new_i32();
7309 load_reg_var(s, addr, rn);
7310 if (insn & (1 << 20)) {
7313 gen_load_exclusive(s, rd, 15, addr, 2);
7315 case 1: /* ldrexd */
7316 gen_load_exclusive(s, rd, rd + 1, addr, 3);
7318 case 2: /* ldrexb */
7319 gen_load_exclusive(s, rd, 15, addr, 0);
7321 case 3: /* ldrexh */
7322 gen_load_exclusive(s, rd, 15, addr, 1);
7331 gen_store_exclusive(s, rd, rm, 15, addr, 2);
7333 case 1: /* strexd */
7334 gen_store_exclusive(s, rd, rm, rm + 1, addr, 3);
7336 case 2: /* strexb */
7337 gen_store_exclusive(s, rd, rm, 15, addr, 0);
7339 case 3: /* strexh */
7340 gen_store_exclusive(s, rd, rm, 15, addr, 1);
7346 tcg_temp_free(addr);
7348 /* SWP instruction */
7351 /* ??? This is not really atomic. However we know
7352 we never have multiple CPUs running in parallel,
7353 so it is good enough. */
7354 addr = load_reg(s, rn);
7355 tmp = load_reg(s, rm);
7356 if (insn & (1 << 22)) {
7357 tmp2 = gen_ld8u(addr, IS_USER(s));
7358 gen_st8(tmp, addr, IS_USER(s));
7360 tmp2 = gen_ld32(addr, IS_USER(s));
7361 gen_st32(tmp, addr, IS_USER(s));
7363 tcg_temp_free_i32(addr);
7364 store_reg(s, rd, tmp2);
7370 /* Misc load/store */
7371 rn = (insn >> 16) & 0xf;
7372 rd = (insn >> 12) & 0xf;
7373 addr = load_reg(s, rn);
7374 if (insn & (1 << 24))
7375 gen_add_datah_offset(s, insn, 0, addr);
7377 if (insn & (1 << 20)) {
7381 tmp = gen_ld16u(addr, IS_USER(s));
7384 tmp = gen_ld8s(addr, IS_USER(s));
7388 tmp = gen_ld16s(addr, IS_USER(s));
7392 } else if (sh & 2) {
7397 tmp = load_reg(s, rd);
7398 gen_st32(tmp, addr, IS_USER(s));
7399 tcg_gen_addi_i32(addr, addr, 4);
7400 tmp = load_reg(s, rd + 1);
7401 gen_st32(tmp, addr, IS_USER(s));
7405 tmp = gen_ld32(addr, IS_USER(s));
7406 store_reg(s, rd, tmp);
7407 tcg_gen_addi_i32(addr, addr, 4);
7408 tmp = gen_ld32(addr, IS_USER(s));
7412 address_offset = -4;
7415 tmp = load_reg(s, rd);
7416 gen_st16(tmp, addr, IS_USER(s));
7419 /* Perform base writeback before the loaded value to
7420 ensure correct behavior with overlapping index registers.
7421 ldrd with base writeback is is undefined if the
7422 destination and index registers overlap. */
7423 if (!(insn & (1 << 24))) {
7424 gen_add_datah_offset(s, insn, address_offset, addr);
7425 store_reg(s, rn, addr);
7426 } else if (insn & (1 << 21)) {
7428 tcg_gen_addi_i32(addr, addr, address_offset);
7429 store_reg(s, rn, addr);
7431 tcg_temp_free_i32(addr);
7434 /* Complete the load. */
7435 store_reg(s, rd, tmp);
7444 if (insn & (1 << 4)) {
7446 /* Armv6 Media instructions. */
7448 rn = (insn >> 16) & 0xf;
7449 rd = (insn >> 12) & 0xf;
7450 rs = (insn >> 8) & 0xf;
7451 switch ((insn >> 23) & 3) {
7452 case 0: /* Parallel add/subtract. */
7453 op1 = (insn >> 20) & 7;
7454 tmp = load_reg(s, rn);
7455 tmp2 = load_reg(s, rm);
7456 sh = (insn >> 5) & 7;
7457 if ((op1 & 3) == 0 || sh == 5 || sh == 6)
7459 gen_arm_parallel_addsub(op1, sh, tmp, tmp2);
7460 tcg_temp_free_i32(tmp2);
7461 store_reg(s, rd, tmp);
7464 if ((insn & 0x00700020) == 0) {
7465 /* Halfword pack. */
7466 tmp = load_reg(s, rn);
7467 tmp2 = load_reg(s, rm);
7468 shift = (insn >> 7) & 0x1f;
7469 if (insn & (1 << 6)) {
7473 tcg_gen_sari_i32(tmp2, tmp2, shift);
7474 tcg_gen_andi_i32(tmp, tmp, 0xffff0000);
7475 tcg_gen_ext16u_i32(tmp2, tmp2);
7479 tcg_gen_shli_i32(tmp2, tmp2, shift);
7480 tcg_gen_ext16u_i32(tmp, tmp);
7481 tcg_gen_andi_i32(tmp2, tmp2, 0xffff0000);
7483 tcg_gen_or_i32(tmp, tmp, tmp2);
7484 tcg_temp_free_i32(tmp2);
7485 store_reg(s, rd, tmp);
7486 } else if ((insn & 0x00200020) == 0x00200000) {
7488 tmp = load_reg(s, rm);
7489 shift = (insn >> 7) & 0x1f;
7490 if (insn & (1 << 6)) {
7493 tcg_gen_sari_i32(tmp, tmp, shift);
7495 tcg_gen_shli_i32(tmp, tmp, shift);
7497 sh = (insn >> 16) & 0x1f;
7498 tmp2 = tcg_const_i32(sh);
7499 if (insn & (1 << 22))
7500 gen_helper_usat(tmp, tmp, tmp2);
7502 gen_helper_ssat(tmp, tmp, tmp2);
7503 tcg_temp_free_i32(tmp2);
7504 store_reg(s, rd, tmp);
7505 } else if ((insn & 0x00300fe0) == 0x00200f20) {
7507 tmp = load_reg(s, rm);
7508 sh = (insn >> 16) & 0x1f;
7509 tmp2 = tcg_const_i32(sh);
7510 if (insn & (1 << 22))
7511 gen_helper_usat16(tmp, tmp, tmp2);
7513 gen_helper_ssat16(tmp, tmp, tmp2);
7514 tcg_temp_free_i32(tmp2);
7515 store_reg(s, rd, tmp);
7516 } else if ((insn & 0x00700fe0) == 0x00000fa0) {
7518 tmp = load_reg(s, rn);
7519 tmp2 = load_reg(s, rm);
7520 tmp3 = tcg_temp_new_i32();
7521 tcg_gen_ld_i32(tmp3, cpu_env, offsetof(CPUState, GE));
7522 gen_helper_sel_flags(tmp, tmp3, tmp, tmp2);
7523 tcg_temp_free_i32(tmp3);
7524 tcg_temp_free_i32(tmp2);
7525 store_reg(s, rd, tmp);
7526 } else if ((insn & 0x000003e0) == 0x00000060) {
7527 tmp = load_reg(s, rm);
7528 shift = (insn >> 10) & 3;
7529 /* ??? In many cases it's not necessary to do a
7530 rotate, a shift is sufficient. */
7532 tcg_gen_rotri_i32(tmp, tmp, shift * 8);
7533 op1 = (insn >> 20) & 7;
7535 case 0: gen_sxtb16(tmp); break;
7536 case 2: gen_sxtb(tmp); break;
7537 case 3: gen_sxth(tmp); break;
7538 case 4: gen_uxtb16(tmp); break;
7539 case 6: gen_uxtb(tmp); break;
7540 case 7: gen_uxth(tmp); break;
7541 default: goto illegal_op;
7544 tmp2 = load_reg(s, rn);
7545 if ((op1 & 3) == 0) {
7546 gen_add16(tmp, tmp2);
7548 tcg_gen_add_i32(tmp, tmp, tmp2);
7549 tcg_temp_free_i32(tmp2);
7552 store_reg(s, rd, tmp);
7553 } else if ((insn & 0x003f0f60) == 0x003f0f20) {
7555 tmp = load_reg(s, rm);
7556 if (insn & (1 << 22)) {
7557 if (insn & (1 << 7)) {
7561 gen_helper_rbit(tmp, tmp);
7564 if (insn & (1 << 7))
7567 tcg_gen_bswap32_i32(tmp, tmp);
7569 store_reg(s, rd, tmp);
7574 case 2: /* Multiplies (Type 3). */
7575 tmp = load_reg(s, rm);
7576 tmp2 = load_reg(s, rs);
7577 if (insn & (1 << 20)) {
7578 /* Signed multiply most significant [accumulate].
7579 (SMMUL, SMMLA, SMMLS) */
7580 tmp64 = gen_muls_i64_i32(tmp, tmp2);
7583 tmp = load_reg(s, rd);
7584 if (insn & (1 << 6)) {
7585 tmp64 = gen_subq_msw(tmp64, tmp);
7587 tmp64 = gen_addq_msw(tmp64, tmp);
7590 if (insn & (1 << 5)) {
7591 tcg_gen_addi_i64(tmp64, tmp64, 0x80000000u);
7593 tcg_gen_shri_i64(tmp64, tmp64, 32);
7594 tmp = tcg_temp_new_i32();
7595 tcg_gen_trunc_i64_i32(tmp, tmp64);
7596 tcg_temp_free_i64(tmp64);
7597 store_reg(s, rn, tmp);
7599 if (insn & (1 << 5))
7600 gen_swap_half(tmp2);
7601 gen_smul_dual(tmp, tmp2);
7602 if (insn & (1 << 6)) {
7603 /* This subtraction cannot overflow. */
7604 tcg_gen_sub_i32(tmp, tmp, tmp2);
7606 /* This addition cannot overflow 32 bits;
7607 * however it may overflow considered as a signed
7608 * operation, in which case we must set the Q flag.
7610 gen_helper_add_setq(tmp, tmp, tmp2);
7612 tcg_temp_free_i32(tmp2);
7613 if (insn & (1 << 22)) {
7614 /* smlald, smlsld */
7615 tmp64 = tcg_temp_new_i64();
7616 tcg_gen_ext_i32_i64(tmp64, tmp);
7617 tcg_temp_free_i32(tmp);
7618 gen_addq(s, tmp64, rd, rn);
7619 gen_storeq_reg(s, rd, rn, tmp64);
7620 tcg_temp_free_i64(tmp64);
7622 /* smuad, smusd, smlad, smlsd */
7625 tmp2 = load_reg(s, rd);
7626 gen_helper_add_setq(tmp, tmp, tmp2);
7627 tcg_temp_free_i32(tmp2);
7629 store_reg(s, rn, tmp);
7634 op1 = ((insn >> 17) & 0x38) | ((insn >> 5) & 7);
7636 case 0: /* Unsigned sum of absolute differences. */
7638 tmp = load_reg(s, rm);
7639 tmp2 = load_reg(s, rs);
7640 gen_helper_usad8(tmp, tmp, tmp2);
7641 tcg_temp_free_i32(tmp2);
7643 tmp2 = load_reg(s, rd);
7644 tcg_gen_add_i32(tmp, tmp, tmp2);
7645 tcg_temp_free_i32(tmp2);
7647 store_reg(s, rn, tmp);
7649 case 0x20: case 0x24: case 0x28: case 0x2c:
7650 /* Bitfield insert/clear. */
7652 shift = (insn >> 7) & 0x1f;
7653 i = (insn >> 16) & 0x1f;
7656 tmp = tcg_temp_new_i32();
7657 tcg_gen_movi_i32(tmp, 0);
7659 tmp = load_reg(s, rm);
7662 tmp2 = load_reg(s, rd);
7663 gen_bfi(tmp, tmp2, tmp, shift, (1u << i) - 1);
7664 tcg_temp_free_i32(tmp2);
7666 store_reg(s, rd, tmp);
7668 case 0x12: case 0x16: case 0x1a: case 0x1e: /* sbfx */
7669 case 0x32: case 0x36: case 0x3a: case 0x3e: /* ubfx */
7671 tmp = load_reg(s, rm);
7672 shift = (insn >> 7) & 0x1f;
7673 i = ((insn >> 16) & 0x1f) + 1;
7678 gen_ubfx(tmp, shift, (1u << i) - 1);
7680 gen_sbfx(tmp, shift, i);
7683 store_reg(s, rd, tmp);
7693 /* Check for undefined extension instructions
7694 * per the ARM Bible IE:
7695 * xxxx 0111 1111 xxxx xxxx xxxx 1111 xxxx
7697 sh = (0xf << 20) | (0xf << 4);
7698 if (op1 == 0x7 && ((insn & sh) == sh))
7702 /* load/store byte/word */
7703 rn = (insn >> 16) & 0xf;
7704 rd = (insn >> 12) & 0xf;
7705 tmp2 = load_reg(s, rn);
7706 i = (IS_USER(s) || (insn & 0x01200000) == 0x00200000);
7707 if (insn & (1 << 24))
7708 gen_add_data_offset(s, insn, tmp2);
7709 if (insn & (1 << 20)) {
7711 if (insn & (1 << 22)) {
7712 tmp = gen_ld8u(tmp2, i);
7714 tmp = gen_ld32(tmp2, i);
7718 tmp = load_reg(s, rd);
7719 if (insn & (1 << 22))
7720 gen_st8(tmp, tmp2, i);
7722 gen_st32(tmp, tmp2, i);
7724 if (!(insn & (1 << 24))) {
7725 gen_add_data_offset(s, insn, tmp2);
7726 store_reg(s, rn, tmp2);
7727 } else if (insn & (1 << 21)) {
7728 store_reg(s, rn, tmp2);
7730 tcg_temp_free_i32(tmp2);
7732 if (insn & (1 << 20)) {
7733 /* Complete the load. */
7734 store_reg_from_load(env, s, rd, tmp);
7740 int j, n, user, loaded_base;
7742 /* load/store multiple words */
7743 /* XXX: store correct base if write back */
7745 if (insn & (1 << 22)) {
7747 goto illegal_op; /* only usable in supervisor mode */
7749 if ((insn & (1 << 15)) == 0)
7752 rn = (insn >> 16) & 0xf;
7753 addr = load_reg(s, rn);
7755 /* compute total size */
7757 TCGV_UNUSED(loaded_var);
7760 if (insn & (1 << i))
7763 /* XXX: test invalid n == 0 case ? */
7764 if (insn & (1 << 23)) {
7765 if (insn & (1 << 24)) {
7767 tcg_gen_addi_i32(addr, addr, 4);
7769 /* post increment */
7772 if (insn & (1 << 24)) {
7774 tcg_gen_addi_i32(addr, addr, -(n * 4));
7776 /* post decrement */
7778 tcg_gen_addi_i32(addr, addr, -((n - 1) * 4));
7783 if (insn & (1 << i)) {
7784 if (insn & (1 << 20)) {
7786 tmp = gen_ld32(addr, IS_USER(s));
7788 tmp2 = tcg_const_i32(i);
7789 gen_helper_set_user_reg(tmp2, tmp);
7790 tcg_temp_free_i32(tmp2);
7791 tcg_temp_free_i32(tmp);
7792 } else if (i == rn) {
7796 store_reg_from_load(env, s, i, tmp);
7801 /* special case: r15 = PC + 8 */
7802 val = (long)s->pc + 4;
7803 tmp = tcg_temp_new_i32();
7804 tcg_gen_movi_i32(tmp, val);
7806 tmp = tcg_temp_new_i32();
7807 tmp2 = tcg_const_i32(i);
7808 gen_helper_get_user_reg(tmp, tmp2);
7809 tcg_temp_free_i32(tmp2);
7811 tmp = load_reg(s, i);
7813 gen_st32(tmp, addr, IS_USER(s));
7816 /* no need to add after the last transfer */
7818 tcg_gen_addi_i32(addr, addr, 4);
7821 if (insn & (1 << 21)) {
7823 if (insn & (1 << 23)) {
7824 if (insn & (1 << 24)) {
7827 /* post increment */
7828 tcg_gen_addi_i32(addr, addr, 4);
7831 if (insn & (1 << 24)) {
7834 tcg_gen_addi_i32(addr, addr, -((n - 1) * 4));
7836 /* post decrement */
7837 tcg_gen_addi_i32(addr, addr, -(n * 4));
7840 store_reg(s, rn, addr);
7842 tcg_temp_free_i32(addr);
7845 store_reg(s, rn, loaded_var);
7847 if ((insn & (1 << 22)) && !user) {
7848 /* Restore CPSR from SPSR. */
7849 tmp = load_cpu_field(spsr);
7850 gen_set_cpsr(tmp, 0xffffffff);
7851 tcg_temp_free_i32(tmp);
7852 s->is_jmp = DISAS_UPDATE;
7861 /* branch (and link) */
7862 val = (int32_t)s->pc;
7863 if (insn & (1 << 24)) {
7864 tmp = tcg_temp_new_i32();
7865 tcg_gen_movi_i32(tmp, val);
7866 store_reg(s, 14, tmp);
7868 offset = (((int32_t)insn << 8) >> 8);
7869 val += (offset << 2) + 4;
7877 if (disas_coproc_insn(env, s, insn))
7882 gen_set_pc_im(s->pc);
7883 s->is_jmp = DISAS_SWI;
7887 gen_exception_insn(s, 4, EXCP_UDEF);
7893 /* Return true if this is a Thumb-2 logical op. */
7895 thumb2_logic_op(int op)
7900 /* Generate code for a Thumb-2 data processing operation. If CONDS is nonzero
7901 then set condition code flags based on the result of the operation.
7902 If SHIFTER_OUT is nonzero then set the carry flag for logical operations
7903 to the high bit of T1.
7904 Returns zero if the opcode is valid. */
7907 gen_thumb2_data_op(DisasContext *s, int op, int conds, uint32_t shifter_out, TCGv t0, TCGv t1)
7914 tcg_gen_and_i32(t0, t0, t1);
7918 tcg_gen_andc_i32(t0, t0, t1);
7922 tcg_gen_or_i32(t0, t0, t1);
7926 tcg_gen_orc_i32(t0, t0, t1);
7930 tcg_gen_xor_i32(t0, t0, t1);
7935 gen_helper_add_cc(t0, t0, t1);
7937 tcg_gen_add_i32(t0, t0, t1);
7941 gen_helper_adc_cc(t0, t0, t1);
7947 gen_helper_sbc_cc(t0, t0, t1);
7949 gen_sub_carry(t0, t0, t1);
7953 gen_helper_sub_cc(t0, t0, t1);
7955 tcg_gen_sub_i32(t0, t0, t1);
7959 gen_helper_sub_cc(t0, t1, t0);
7961 tcg_gen_sub_i32(t0, t1, t0);
7963 default: /* 5, 6, 7, 9, 12, 15. */
7969 gen_set_CF_bit31(t1);
7974 /* Translate a 32-bit thumb instruction. Returns nonzero if the instruction
7976 static int disas_thumb2_insn(CPUState *env, DisasContext *s, uint16_t insn_hw1)
7978 uint32_t insn, imm, shift, offset;
7979 uint32_t rd, rn, rm, rs;
7990 if (!(arm_feature(env, ARM_FEATURE_THUMB2)
7991 || arm_feature (env, ARM_FEATURE_M))) {
7992 /* Thumb-1 cores may need to treat bl and blx as a pair of
7993 16-bit instructions to get correct prefetch abort behavior. */
7995 if ((insn & (1 << 12)) == 0) {
7997 /* Second half of blx. */
7998 offset = ((insn & 0x7ff) << 1);
7999 tmp = load_reg(s, 14);
8000 tcg_gen_addi_i32(tmp, tmp, offset);
8001 tcg_gen_andi_i32(tmp, tmp, 0xfffffffc);
8003 tmp2 = tcg_temp_new_i32();
8004 tcg_gen_movi_i32(tmp2, s->pc | 1);
8005 store_reg(s, 14, tmp2);
8009 if (insn & (1 << 11)) {
8010 /* Second half of bl. */
8011 offset = ((insn & 0x7ff) << 1) | 1;
8012 tmp = load_reg(s, 14);
8013 tcg_gen_addi_i32(tmp, tmp, offset);
8015 tmp2 = tcg_temp_new_i32();
8016 tcg_gen_movi_i32(tmp2, s->pc | 1);
8017 store_reg(s, 14, tmp2);
8021 if ((s->pc & ~TARGET_PAGE_MASK) == 0) {
8022 /* Instruction spans a page boundary. Implement it as two
8023 16-bit instructions in case the second half causes an
8025 offset = ((int32_t)insn << 21) >> 9;
8026 tcg_gen_movi_i32(cpu_R[14], s->pc + 2 + offset);
8029 /* Fall through to 32-bit decode. */
8032 insn = lduw_code(s->pc);
8034 insn |= (uint32_t)insn_hw1 << 16;
8036 if ((insn & 0xf800e800) != 0xf000e800) {
8040 rn = (insn >> 16) & 0xf;
8041 rs = (insn >> 12) & 0xf;
8042 rd = (insn >> 8) & 0xf;
8044 switch ((insn >> 25) & 0xf) {
8045 case 0: case 1: case 2: case 3:
8046 /* 16-bit instructions. Should never happen. */
8049 if (insn & (1 << 22)) {
8050 /* Other load/store, table branch. */
8051 if (insn & 0x01200000) {
8052 /* Load/store doubleword. */
8054 addr = tcg_temp_new_i32();
8055 tcg_gen_movi_i32(addr, s->pc & ~3);
8057 addr = load_reg(s, rn);
8059 offset = (insn & 0xff) * 4;
8060 if ((insn & (1 << 23)) == 0)
8062 if (insn & (1 << 24)) {
8063 tcg_gen_addi_i32(addr, addr, offset);
8066 if (insn & (1 << 20)) {
8068 tmp = gen_ld32(addr, IS_USER(s));
8069 store_reg(s, rs, tmp);
8070 tcg_gen_addi_i32(addr, addr, 4);
8071 tmp = gen_ld32(addr, IS_USER(s));
8072 store_reg(s, rd, tmp);
8075 tmp = load_reg(s, rs);
8076 gen_st32(tmp, addr, IS_USER(s));
8077 tcg_gen_addi_i32(addr, addr, 4);
8078 tmp = load_reg(s, rd);
8079 gen_st32(tmp, addr, IS_USER(s));
8081 if (insn & (1 << 21)) {
8082 /* Base writeback. */
8085 tcg_gen_addi_i32(addr, addr, offset - 4);
8086 store_reg(s, rn, addr);
8088 tcg_temp_free_i32(addr);
8090 } else if ((insn & (1 << 23)) == 0) {
8091 /* Load/store exclusive word. */
8092 addr = tcg_temp_local_new();
8093 load_reg_var(s, addr, rn);
8094 tcg_gen_addi_i32(addr, addr, (insn & 0xff) << 2);
8095 if (insn & (1 << 20)) {
8096 gen_load_exclusive(s, rs, 15, addr, 2);
8098 gen_store_exclusive(s, rd, rs, 15, addr, 2);
8100 tcg_temp_free(addr);
8101 } else if ((insn & (1 << 6)) == 0) {
8104 addr = tcg_temp_new_i32();
8105 tcg_gen_movi_i32(addr, s->pc);
8107 addr = load_reg(s, rn);
8109 tmp = load_reg(s, rm);
8110 tcg_gen_add_i32(addr, addr, tmp);
8111 if (insn & (1 << 4)) {
8113 tcg_gen_add_i32(addr, addr, tmp);
8114 tcg_temp_free_i32(tmp);
8115 tmp = gen_ld16u(addr, IS_USER(s));
8117 tcg_temp_free_i32(tmp);
8118 tmp = gen_ld8u(addr, IS_USER(s));
8120 tcg_temp_free_i32(addr);
8121 tcg_gen_shli_i32(tmp, tmp, 1);
8122 tcg_gen_addi_i32(tmp, tmp, s->pc);
8123 store_reg(s, 15, tmp);
8125 /* Load/store exclusive byte/halfword/doubleword. */
8127 op = (insn >> 4) & 0x3;
8131 addr = tcg_temp_local_new();
8132 load_reg_var(s, addr, rn);
8133 if (insn & (1 << 20)) {
8134 gen_load_exclusive(s, rs, rd, addr, op);
8136 gen_store_exclusive(s, rm, rs, rd, addr, op);
8138 tcg_temp_free(addr);
8141 /* Load/store multiple, RFE, SRS. */
8142 if (((insn >> 23) & 1) == ((insn >> 24) & 1)) {
8143 /* Not available in user mode. */
8146 if (insn & (1 << 20)) {
8148 addr = load_reg(s, rn);
8149 if ((insn & (1 << 24)) == 0)
8150 tcg_gen_addi_i32(addr, addr, -8);
8151 /* Load PC into tmp and CPSR into tmp2. */
8152 tmp = gen_ld32(addr, 0);
8153 tcg_gen_addi_i32(addr, addr, 4);
8154 tmp2 = gen_ld32(addr, 0);
8155 if (insn & (1 << 21)) {
8156 /* Base writeback. */
8157 if (insn & (1 << 24)) {
8158 tcg_gen_addi_i32(addr, addr, 4);
8160 tcg_gen_addi_i32(addr, addr, -4);
8162 store_reg(s, rn, addr);
8164 tcg_temp_free_i32(addr);
8166 gen_rfe(s, tmp, tmp2);
8170 addr = tcg_temp_new_i32();
8171 tmp = tcg_const_i32(op);
8172 gen_helper_get_r13_banked(addr, cpu_env, tmp);
8173 tcg_temp_free_i32(tmp);
8174 if ((insn & (1 << 24)) == 0) {
8175 tcg_gen_addi_i32(addr, addr, -8);
8177 tmp = load_reg(s, 14);
8178 gen_st32(tmp, addr, 0);
8179 tcg_gen_addi_i32(addr, addr, 4);
8180 tmp = tcg_temp_new_i32();
8181 gen_helper_cpsr_read(tmp);
8182 gen_st32(tmp, addr, 0);
8183 if (insn & (1 << 21)) {
8184 if ((insn & (1 << 24)) == 0) {
8185 tcg_gen_addi_i32(addr, addr, -4);
8187 tcg_gen_addi_i32(addr, addr, 4);
8189 tmp = tcg_const_i32(op);
8190 gen_helper_set_r13_banked(cpu_env, tmp, addr);
8191 tcg_temp_free_i32(tmp);
8193 tcg_temp_free_i32(addr);
8197 int i, loaded_base = 0;
8199 /* Load/store multiple. */
8200 addr = load_reg(s, rn);
8202 for (i = 0; i < 16; i++) {
8203 if (insn & (1 << i))
8206 if (insn & (1 << 24)) {
8207 tcg_gen_addi_i32(addr, addr, -offset);
8210 TCGV_UNUSED(loaded_var);
8211 for (i = 0; i < 16; i++) {
8212 if ((insn & (1 << i)) == 0)
8214 if (insn & (1 << 20)) {
8216 tmp = gen_ld32(addr, IS_USER(s));
8219 } else if (i == rn) {
8223 store_reg(s, i, tmp);
8227 tmp = load_reg(s, i);
8228 gen_st32(tmp, addr, IS_USER(s));
8230 tcg_gen_addi_i32(addr, addr, 4);
8233 store_reg(s, rn, loaded_var);
8235 if (insn & (1 << 21)) {
8236 /* Base register writeback. */
8237 if (insn & (1 << 24)) {
8238 tcg_gen_addi_i32(addr, addr, -offset);
8240 /* Fault if writeback register is in register list. */
8241 if (insn & (1 << rn))
8243 store_reg(s, rn, addr);
8245 tcg_temp_free_i32(addr);
8252 op = (insn >> 21) & 0xf;
8254 /* Halfword pack. */
8255 tmp = load_reg(s, rn);
8256 tmp2 = load_reg(s, rm);
8257 shift = ((insn >> 10) & 0x1c) | ((insn >> 6) & 0x3);
8258 if (insn & (1 << 5)) {
8262 tcg_gen_sari_i32(tmp2, tmp2, shift);
8263 tcg_gen_andi_i32(tmp, tmp, 0xffff0000);
8264 tcg_gen_ext16u_i32(tmp2, tmp2);
8268 tcg_gen_shli_i32(tmp2, tmp2, shift);
8269 tcg_gen_ext16u_i32(tmp, tmp);
8270 tcg_gen_andi_i32(tmp2, tmp2, 0xffff0000);
8272 tcg_gen_or_i32(tmp, tmp, tmp2);
8273 tcg_temp_free_i32(tmp2);
8274 store_reg(s, rd, tmp);
8276 /* Data processing register constant shift. */
8278 tmp = tcg_temp_new_i32();
8279 tcg_gen_movi_i32(tmp, 0);
8281 tmp = load_reg(s, rn);
8283 tmp2 = load_reg(s, rm);
8285 shiftop = (insn >> 4) & 3;
8286 shift = ((insn >> 6) & 3) | ((insn >> 10) & 0x1c);
8287 conds = (insn & (1 << 20)) != 0;
8288 logic_cc = (conds && thumb2_logic_op(op));
8289 gen_arm_shift_im(tmp2, shiftop, shift, logic_cc);
8290 if (gen_thumb2_data_op(s, op, conds, 0, tmp, tmp2))
8292 tcg_temp_free_i32(tmp2);
8294 store_reg(s, rd, tmp);
8296 tcg_temp_free_i32(tmp);
8300 case 13: /* Misc data processing. */
8301 op = ((insn >> 22) & 6) | ((insn >> 7) & 1);
8302 if (op < 4 && (insn & 0xf000) != 0xf000)
8305 case 0: /* Register controlled shift. */
8306 tmp = load_reg(s, rn);
8307 tmp2 = load_reg(s, rm);
8308 if ((insn & 0x70) != 0)
8310 op = (insn >> 21) & 3;
8311 logic_cc = (insn & (1 << 20)) != 0;
8312 gen_arm_shift_reg(tmp, op, tmp2, logic_cc);
8315 store_reg_bx(env, s, rd, tmp);
8317 case 1: /* Sign/zero extend. */
8318 tmp = load_reg(s, rm);
8319 shift = (insn >> 4) & 3;
8320 /* ??? In many cases it's not necessary to do a
8321 rotate, a shift is sufficient. */
8323 tcg_gen_rotri_i32(tmp, tmp, shift * 8);
8324 op = (insn >> 20) & 7;
8326 case 0: gen_sxth(tmp); break;
8327 case 1: gen_uxth(tmp); break;
8328 case 2: gen_sxtb16(tmp); break;
8329 case 3: gen_uxtb16(tmp); break;
8330 case 4: gen_sxtb(tmp); break;
8331 case 5: gen_uxtb(tmp); break;
8332 default: goto illegal_op;
8335 tmp2 = load_reg(s, rn);
8336 if ((op >> 1) == 1) {
8337 gen_add16(tmp, tmp2);
8339 tcg_gen_add_i32(tmp, tmp, tmp2);
8340 tcg_temp_free_i32(tmp2);
8343 store_reg(s, rd, tmp);
8345 case 2: /* SIMD add/subtract. */
8346 op = (insn >> 20) & 7;
8347 shift = (insn >> 4) & 7;
8348 if ((op & 3) == 3 || (shift & 3) == 3)
8350 tmp = load_reg(s, rn);
8351 tmp2 = load_reg(s, rm);
8352 gen_thumb2_parallel_addsub(op, shift, tmp, tmp2);
8353 tcg_temp_free_i32(tmp2);
8354 store_reg(s, rd, tmp);
8356 case 3: /* Other data processing. */
8357 op = ((insn >> 17) & 0x38) | ((insn >> 4) & 7);
8359 /* Saturating add/subtract. */
8360 tmp = load_reg(s, rn);
8361 tmp2 = load_reg(s, rm);
8363 gen_helper_double_saturate(tmp, tmp);
8365 gen_helper_sub_saturate(tmp, tmp2, tmp);
8367 gen_helper_add_saturate(tmp, tmp, tmp2);
8368 tcg_temp_free_i32(tmp2);
8370 tmp = load_reg(s, rn);
8372 case 0x0a: /* rbit */
8373 gen_helper_rbit(tmp, tmp);
8375 case 0x08: /* rev */
8376 tcg_gen_bswap32_i32(tmp, tmp);
8378 case 0x09: /* rev16 */
8381 case 0x0b: /* revsh */
8384 case 0x10: /* sel */
8385 tmp2 = load_reg(s, rm);
8386 tmp3 = tcg_temp_new_i32();
8387 tcg_gen_ld_i32(tmp3, cpu_env, offsetof(CPUState, GE));
8388 gen_helper_sel_flags(tmp, tmp3, tmp, tmp2);
8389 tcg_temp_free_i32(tmp3);
8390 tcg_temp_free_i32(tmp2);
8392 case 0x18: /* clz */
8393 gen_helper_clz(tmp, tmp);
8399 store_reg(s, rd, tmp);
8401 case 4: case 5: /* 32-bit multiply. Sum of absolute differences. */
8402 op = (insn >> 4) & 0xf;
8403 tmp = load_reg(s, rn);
8404 tmp2 = load_reg(s, rm);
8405 switch ((insn >> 20) & 7) {
8406 case 0: /* 32 x 32 -> 32 */
8407 tcg_gen_mul_i32(tmp, tmp, tmp2);
8408 tcg_temp_free_i32(tmp2);
8410 tmp2 = load_reg(s, rs);
8412 tcg_gen_sub_i32(tmp, tmp2, tmp);
8414 tcg_gen_add_i32(tmp, tmp, tmp2);
8415 tcg_temp_free_i32(tmp2);
8418 case 1: /* 16 x 16 -> 32 */
8419 gen_mulxy(tmp, tmp2, op & 2, op & 1);
8420 tcg_temp_free_i32(tmp2);
8422 tmp2 = load_reg(s, rs);
8423 gen_helper_add_setq(tmp, tmp, tmp2);
8424 tcg_temp_free_i32(tmp2);
8427 case 2: /* Dual multiply add. */
8428 case 4: /* Dual multiply subtract. */
8430 gen_swap_half(tmp2);
8431 gen_smul_dual(tmp, tmp2);
8432 if (insn & (1 << 22)) {
8433 /* This subtraction cannot overflow. */
8434 tcg_gen_sub_i32(tmp, tmp, tmp2);
8436 /* This addition cannot overflow 32 bits;
8437 * however it may overflow considered as a signed
8438 * operation, in which case we must set the Q flag.
8440 gen_helper_add_setq(tmp, tmp, tmp2);
8442 tcg_temp_free_i32(tmp2);
8445 tmp2 = load_reg(s, rs);
8446 gen_helper_add_setq(tmp, tmp, tmp2);
8447 tcg_temp_free_i32(tmp2);
8450 case 3: /* 32 * 16 -> 32msb */
8452 tcg_gen_sari_i32(tmp2, tmp2, 16);
8455 tmp64 = gen_muls_i64_i32(tmp, tmp2);
8456 tcg_gen_shri_i64(tmp64, tmp64, 16);
8457 tmp = tcg_temp_new_i32();
8458 tcg_gen_trunc_i64_i32(tmp, tmp64);
8459 tcg_temp_free_i64(tmp64);
8462 tmp2 = load_reg(s, rs);
8463 gen_helper_add_setq(tmp, tmp, tmp2);
8464 tcg_temp_free_i32(tmp2);
8467 case 5: case 6: /* 32 * 32 -> 32msb (SMMUL, SMMLA, SMMLS) */
8468 tmp64 = gen_muls_i64_i32(tmp, tmp2);
8470 tmp = load_reg(s, rs);
8471 if (insn & (1 << 20)) {
8472 tmp64 = gen_addq_msw(tmp64, tmp);
8474 tmp64 = gen_subq_msw(tmp64, tmp);
8477 if (insn & (1 << 4)) {
8478 tcg_gen_addi_i64(tmp64, tmp64, 0x80000000u);
8480 tcg_gen_shri_i64(tmp64, tmp64, 32);
8481 tmp = tcg_temp_new_i32();
8482 tcg_gen_trunc_i64_i32(tmp, tmp64);
8483 tcg_temp_free_i64(tmp64);
8485 case 7: /* Unsigned sum of absolute differences. */
8486 gen_helper_usad8(tmp, tmp, tmp2);
8487 tcg_temp_free_i32(tmp2);
8489 tmp2 = load_reg(s, rs);
8490 tcg_gen_add_i32(tmp, tmp, tmp2);
8491 tcg_temp_free_i32(tmp2);
8495 store_reg(s, rd, tmp);
8497 case 6: case 7: /* 64-bit multiply, Divide. */
8498 op = ((insn >> 4) & 0xf) | ((insn >> 16) & 0x70);
8499 tmp = load_reg(s, rn);
8500 tmp2 = load_reg(s, rm);
8501 if ((op & 0x50) == 0x10) {
8503 if (!arm_feature(env, ARM_FEATURE_DIV))
8506 gen_helper_udiv(tmp, tmp, tmp2);
8508 gen_helper_sdiv(tmp, tmp, tmp2);
8509 tcg_temp_free_i32(tmp2);
8510 store_reg(s, rd, tmp);
8511 } else if ((op & 0xe) == 0xc) {
8512 /* Dual multiply accumulate long. */
8514 gen_swap_half(tmp2);
8515 gen_smul_dual(tmp, tmp2);
8517 tcg_gen_sub_i32(tmp, tmp, tmp2);
8519 tcg_gen_add_i32(tmp, tmp, tmp2);
8521 tcg_temp_free_i32(tmp2);
8523 tmp64 = tcg_temp_new_i64();
8524 tcg_gen_ext_i32_i64(tmp64, tmp);
8525 tcg_temp_free_i32(tmp);
8526 gen_addq(s, tmp64, rs, rd);
8527 gen_storeq_reg(s, rs, rd, tmp64);
8528 tcg_temp_free_i64(tmp64);
8531 /* Unsigned 64-bit multiply */
8532 tmp64 = gen_mulu_i64_i32(tmp, tmp2);
8536 gen_mulxy(tmp, tmp2, op & 2, op & 1);
8537 tcg_temp_free_i32(tmp2);
8538 tmp64 = tcg_temp_new_i64();
8539 tcg_gen_ext_i32_i64(tmp64, tmp);
8540 tcg_temp_free_i32(tmp);
8542 /* Signed 64-bit multiply */
8543 tmp64 = gen_muls_i64_i32(tmp, tmp2);
8548 gen_addq_lo(s, tmp64, rs);
8549 gen_addq_lo(s, tmp64, rd);
8550 } else if (op & 0x40) {
8551 /* 64-bit accumulate. */
8552 gen_addq(s, tmp64, rs, rd);
8554 gen_storeq_reg(s, rs, rd, tmp64);
8555 tcg_temp_free_i64(tmp64);
8560 case 6: case 7: case 14: case 15:
8562 if (((insn >> 24) & 3) == 3) {
8563 /* Translate into the equivalent ARM encoding. */
8564 insn = (insn & 0xe2ffffff) | ((insn & (1 << 28)) >> 4) | (1 << 28);
8565 if (disas_neon_data_insn(env, s, insn))
8568 if (insn & (1 << 28))
8570 if (disas_coproc_insn (env, s, insn))
8574 case 8: case 9: case 10: case 11:
8575 if (insn & (1 << 15)) {
8576 /* Branches, misc control. */
8577 if (insn & 0x5000) {
8578 /* Unconditional branch. */
8579 /* signextend(hw1[10:0]) -> offset[:12]. */
8580 offset = ((int32_t)insn << 5) >> 9 & ~(int32_t)0xfff;
8581 /* hw1[10:0] -> offset[11:1]. */
8582 offset |= (insn & 0x7ff) << 1;
8583 /* (~hw2[13, 11] ^ offset[24]) -> offset[23,22]
8584 offset[24:22] already have the same value because of the
8585 sign extension above. */
8586 offset ^= ((~insn) & (1 << 13)) << 10;
8587 offset ^= ((~insn) & (1 << 11)) << 11;
8589 if (insn & (1 << 14)) {
8590 /* Branch and link. */
8591 tcg_gen_movi_i32(cpu_R[14], s->pc | 1);
8595 if (insn & (1 << 12)) {
8600 offset &= ~(uint32_t)2;
8601 /* thumb2 bx, no need to check */
8602 gen_bx_im(s, offset);
8604 } else if (((insn >> 23) & 7) == 7) {
8606 if (insn & (1 << 13))
8609 if (insn & (1 << 26)) {
8610 /* Secure monitor call (v6Z) */
8611 goto illegal_op; /* not implemented. */
8613 op = (insn >> 20) & 7;
8615 case 0: /* msr cpsr. */
8617 tmp = load_reg(s, rn);
8618 addr = tcg_const_i32(insn & 0xff);
8619 gen_helper_v7m_msr(cpu_env, addr, tmp);
8620 tcg_temp_free_i32(addr);
8621 tcg_temp_free_i32(tmp);
8626 case 1: /* msr spsr. */
8629 tmp = load_reg(s, rn);
8631 msr_mask(env, s, (insn >> 8) & 0xf, op == 1),
8635 case 2: /* cps, nop-hint. */
8636 if (((insn >> 8) & 7) == 0) {
8637 gen_nop_hint(s, insn & 0xff);
8639 /* Implemented as NOP in user mode. */
8644 if (insn & (1 << 10)) {
8645 if (insn & (1 << 7))
8647 if (insn & (1 << 6))
8649 if (insn & (1 << 5))
8651 if (insn & (1 << 9))
8652 imm = CPSR_A | CPSR_I | CPSR_F;
8654 if (insn & (1 << 8)) {
8656 imm |= (insn & 0x1f);
8659 gen_set_psr_im(s, offset, 0, imm);
8662 case 3: /* Special control operations. */
8664 op = (insn >> 4) & 0xf;
8672 /* These execute as NOPs. */
8679 /* Trivial implementation equivalent to bx. */
8680 tmp = load_reg(s, rn);
8683 case 5: /* Exception return. */
8687 if (rn != 14 || rd != 15) {
8690 tmp = load_reg(s, rn);
8691 tcg_gen_subi_i32(tmp, tmp, insn & 0xff);
8692 gen_exception_return(s, tmp);
8694 case 6: /* mrs cpsr. */
8695 tmp = tcg_temp_new_i32();
8697 addr = tcg_const_i32(insn & 0xff);
8698 gen_helper_v7m_mrs(tmp, cpu_env, addr);
8699 tcg_temp_free_i32(addr);
8701 gen_helper_cpsr_read(tmp);
8703 store_reg(s, rd, tmp);
8705 case 7: /* mrs spsr. */
8706 /* Not accessible in user mode. */
8707 if (IS_USER(s) || IS_M(env))
8709 tmp = load_cpu_field(spsr);
8710 store_reg(s, rd, tmp);
8715 /* Conditional branch. */
8716 op = (insn >> 22) & 0xf;
8717 /* Generate a conditional jump to next instruction. */
8718 s->condlabel = gen_new_label();
8719 gen_test_cc(op ^ 1, s->condlabel);
8722 /* offset[11:1] = insn[10:0] */
8723 offset = (insn & 0x7ff) << 1;
8724 /* offset[17:12] = insn[21:16]. */
8725 offset |= (insn & 0x003f0000) >> 4;
8726 /* offset[31:20] = insn[26]. */
8727 offset |= ((int32_t)((insn << 5) & 0x80000000)) >> 11;
8728 /* offset[18] = insn[13]. */
8729 offset |= (insn & (1 << 13)) << 5;
8730 /* offset[19] = insn[11]. */
8731 offset |= (insn & (1 << 11)) << 8;
8733 /* jump to the offset */
8734 gen_jmp(s, s->pc + offset);
8737 /* Data processing immediate. */
8738 if (insn & (1 << 25)) {
8739 if (insn & (1 << 24)) {
8740 if (insn & (1 << 20))
8742 /* Bitfield/Saturate. */
8743 op = (insn >> 21) & 7;
8745 shift = ((insn >> 6) & 3) | ((insn >> 10) & 0x1c);
8747 tmp = tcg_temp_new_i32();
8748 tcg_gen_movi_i32(tmp, 0);
8750 tmp = load_reg(s, rn);
8753 case 2: /* Signed bitfield extract. */
8755 if (shift + imm > 32)
8758 gen_sbfx(tmp, shift, imm);
8760 case 6: /* Unsigned bitfield extract. */
8762 if (shift + imm > 32)
8765 gen_ubfx(tmp, shift, (1u << imm) - 1);
8767 case 3: /* Bitfield insert/clear. */
8770 imm = imm + 1 - shift;
8772 tmp2 = load_reg(s, rd);
8773 gen_bfi(tmp, tmp2, tmp, shift, (1u << imm) - 1);
8774 tcg_temp_free_i32(tmp2);
8779 default: /* Saturate. */
8782 tcg_gen_sari_i32(tmp, tmp, shift);
8784 tcg_gen_shli_i32(tmp, tmp, shift);
8786 tmp2 = tcg_const_i32(imm);
8789 if ((op & 1) && shift == 0)
8790 gen_helper_usat16(tmp, tmp, tmp2);
8792 gen_helper_usat(tmp, tmp, tmp2);
8795 if ((op & 1) && shift == 0)
8796 gen_helper_ssat16(tmp, tmp, tmp2);
8798 gen_helper_ssat(tmp, tmp, tmp2);
8800 tcg_temp_free_i32(tmp2);
8803 store_reg(s, rd, tmp);
8805 imm = ((insn & 0x04000000) >> 15)
8806 | ((insn & 0x7000) >> 4) | (insn & 0xff);
8807 if (insn & (1 << 22)) {
8808 /* 16-bit immediate. */
8809 imm |= (insn >> 4) & 0xf000;
8810 if (insn & (1 << 23)) {
8812 tmp = load_reg(s, rd);
8813 tcg_gen_ext16u_i32(tmp, tmp);
8814 tcg_gen_ori_i32(tmp, tmp, imm << 16);
8817 tmp = tcg_temp_new_i32();
8818 tcg_gen_movi_i32(tmp, imm);
8821 /* Add/sub 12-bit immediate. */
8823 offset = s->pc & ~(uint32_t)3;
8824 if (insn & (1 << 23))
8828 tmp = tcg_temp_new_i32();
8829 tcg_gen_movi_i32(tmp, offset);
8831 tmp = load_reg(s, rn);
8832 if (insn & (1 << 23))
8833 tcg_gen_subi_i32(tmp, tmp, imm);
8835 tcg_gen_addi_i32(tmp, tmp, imm);
8838 store_reg(s, rd, tmp);
8841 int shifter_out = 0;
8842 /* modified 12-bit immediate. */
8843 shift = ((insn & 0x04000000) >> 23) | ((insn & 0x7000) >> 12);
8844 imm = (insn & 0xff);
8847 /* Nothing to do. */
8849 case 1: /* 00XY00XY */
8852 case 2: /* XY00XY00 */
8856 case 3: /* XYXYXYXY */
8860 default: /* Rotated constant. */
8861 shift = (shift << 1) | (imm >> 7);
8863 imm = imm << (32 - shift);
8867 tmp2 = tcg_temp_new_i32();
8868 tcg_gen_movi_i32(tmp2, imm);
8869 rn = (insn >> 16) & 0xf;
8871 tmp = tcg_temp_new_i32();
8872 tcg_gen_movi_i32(tmp, 0);
8874 tmp = load_reg(s, rn);
8876 op = (insn >> 21) & 0xf;
8877 if (gen_thumb2_data_op(s, op, (insn & (1 << 20)) != 0,
8878 shifter_out, tmp, tmp2))
8880 tcg_temp_free_i32(tmp2);
8881 rd = (insn >> 8) & 0xf;
8883 store_reg(s, rd, tmp);
8885 tcg_temp_free_i32(tmp);
8890 case 12: /* Load/store single data item. */
8895 if ((insn & 0x01100000) == 0x01000000) {
8896 if (disas_neon_ls_insn(env, s, insn))
8900 op = ((insn >> 21) & 3) | ((insn >> 22) & 4);
8902 if (!(insn & (1 << 20))) {
8906 /* Byte or halfword load space with dest == r15 : memory hints.
8907 * Catch them early so we don't emit pointless addressing code.
8908 * This space is a mix of:
8909 * PLD/PLDW/PLI, which we implement as NOPs (note that unlike
8910 * the ARM encodings, PLDW space doesn't UNDEF for non-v7MP
8912 * unallocated hints, which must be treated as NOPs
8913 * UNPREDICTABLE space, which we NOP or UNDEF depending on
8914 * which is easiest for the decoding logic
8915 * Some space which must UNDEF
8917 int op1 = (insn >> 23) & 3;
8918 int op2 = (insn >> 6) & 0x3f;
8923 /* UNPREDICTABLE or unallocated hint */
8927 return 0; /* PLD* or unallocated hint */
8929 if ((op2 == 0) || ((op2 & 0x3c) == 0x30)) {
8930 return 0; /* PLD* or unallocated hint */
8932 /* UNDEF space, or an UNPREDICTABLE */
8938 addr = tcg_temp_new_i32();
8940 /* s->pc has already been incremented by 4. */
8941 imm = s->pc & 0xfffffffc;
8942 if (insn & (1 << 23))
8943 imm += insn & 0xfff;
8945 imm -= insn & 0xfff;
8946 tcg_gen_movi_i32(addr, imm);
8948 addr = load_reg(s, rn);
8949 if (insn & (1 << 23)) {
8950 /* Positive offset. */
8952 tcg_gen_addi_i32(addr, addr, imm);
8955 switch ((insn >> 8) & 0xf) {
8956 case 0x0: /* Shifted Register. */
8957 shift = (insn >> 4) & 0xf;
8959 tcg_temp_free_i32(addr);
8962 tmp = load_reg(s, rm);
8964 tcg_gen_shli_i32(tmp, tmp, shift);
8965 tcg_gen_add_i32(addr, addr, tmp);
8966 tcg_temp_free_i32(tmp);
8968 case 0xc: /* Negative offset. */
8969 tcg_gen_addi_i32(addr, addr, -imm);
8971 case 0xe: /* User privilege. */
8972 tcg_gen_addi_i32(addr, addr, imm);
8975 case 0x9: /* Post-decrement. */
8978 case 0xb: /* Post-increment. */
8982 case 0xd: /* Pre-decrement. */
8985 case 0xf: /* Pre-increment. */
8986 tcg_gen_addi_i32(addr, addr, imm);
8990 tcg_temp_free_i32(addr);
8995 if (insn & (1 << 20)) {
8998 case 0: tmp = gen_ld8u(addr, user); break;
8999 case 4: tmp = gen_ld8s(addr, user); break;
9000 case 1: tmp = gen_ld16u(addr, user); break;
9001 case 5: tmp = gen_ld16s(addr, user); break;
9002 case 2: tmp = gen_ld32(addr, user); break;
9004 tcg_temp_free_i32(addr);
9010 store_reg(s, rs, tmp);
9014 tmp = load_reg(s, rs);
9016 case 0: gen_st8(tmp, addr, user); break;
9017 case 1: gen_st16(tmp, addr, user); break;
9018 case 2: gen_st32(tmp, addr, user); break;
9020 tcg_temp_free_i32(addr);
9025 tcg_gen_addi_i32(addr, addr, imm);
9027 store_reg(s, rn, addr);
9029 tcg_temp_free_i32(addr);
9041 static void disas_thumb_insn(CPUState *env, DisasContext *s)
9043 uint32_t val, insn, op, rm, rn, rd, shift, cond;
9050 if (s->condexec_mask) {
9051 cond = s->condexec_cond;
9052 if (cond != 0x0e) { /* Skip conditional when condition is AL. */
9053 s->condlabel = gen_new_label();
9054 gen_test_cc(cond ^ 1, s->condlabel);
9059 insn = lduw_code(s->pc);
9062 switch (insn >> 12) {
9066 op = (insn >> 11) & 3;
9069 rn = (insn >> 3) & 7;
9070 tmp = load_reg(s, rn);
9071 if (insn & (1 << 10)) {
9073 tmp2 = tcg_temp_new_i32();
9074 tcg_gen_movi_i32(tmp2, (insn >> 6) & 7);
9077 rm = (insn >> 6) & 7;
9078 tmp2 = load_reg(s, rm);
9080 if (insn & (1 << 9)) {
9081 if (s->condexec_mask)
9082 tcg_gen_sub_i32(tmp, tmp, tmp2);
9084 gen_helper_sub_cc(tmp, tmp, tmp2);
9086 if (s->condexec_mask)
9087 tcg_gen_add_i32(tmp, tmp, tmp2);
9089 gen_helper_add_cc(tmp, tmp, tmp2);
9091 tcg_temp_free_i32(tmp2);
9092 store_reg(s, rd, tmp);
9094 /* shift immediate */
9095 rm = (insn >> 3) & 7;
9096 shift = (insn >> 6) & 0x1f;
9097 tmp = load_reg(s, rm);
9098 gen_arm_shift_im(tmp, op, shift, s->condexec_mask == 0);
9099 if (!s->condexec_mask)
9101 store_reg(s, rd, tmp);
9105 /* arithmetic large immediate */
9106 op = (insn >> 11) & 3;
9107 rd = (insn >> 8) & 0x7;
9108 if (op == 0) { /* mov */
9109 tmp = tcg_temp_new_i32();
9110 tcg_gen_movi_i32(tmp, insn & 0xff);
9111 if (!s->condexec_mask)
9113 store_reg(s, rd, tmp);
9115 tmp = load_reg(s, rd);
9116 tmp2 = tcg_temp_new_i32();
9117 tcg_gen_movi_i32(tmp2, insn & 0xff);
9120 gen_helper_sub_cc(tmp, tmp, tmp2);
9121 tcg_temp_free_i32(tmp);
9122 tcg_temp_free_i32(tmp2);
9125 if (s->condexec_mask)
9126 tcg_gen_add_i32(tmp, tmp, tmp2);
9128 gen_helper_add_cc(tmp, tmp, tmp2);
9129 tcg_temp_free_i32(tmp2);
9130 store_reg(s, rd, tmp);
9133 if (s->condexec_mask)
9134 tcg_gen_sub_i32(tmp, tmp, tmp2);
9136 gen_helper_sub_cc(tmp, tmp, tmp2);
9137 tcg_temp_free_i32(tmp2);
9138 store_reg(s, rd, tmp);
9144 if (insn & (1 << 11)) {
9145 rd = (insn >> 8) & 7;
9146 /* load pc-relative. Bit 1 of PC is ignored. */
9147 val = s->pc + 2 + ((insn & 0xff) * 4);
9148 val &= ~(uint32_t)2;
9149 addr = tcg_temp_new_i32();
9150 tcg_gen_movi_i32(addr, val);
9151 tmp = gen_ld32(addr, IS_USER(s));
9152 tcg_temp_free_i32(addr);
9153 store_reg(s, rd, tmp);
9156 if (insn & (1 << 10)) {
9157 /* data processing extended or blx */
9158 rd = (insn & 7) | ((insn >> 4) & 8);
9159 rm = (insn >> 3) & 0xf;
9160 op = (insn >> 8) & 3;
9163 tmp = load_reg(s, rd);
9164 tmp2 = load_reg(s, rm);
9165 tcg_gen_add_i32(tmp, tmp, tmp2);
9166 tcg_temp_free_i32(tmp2);
9167 store_reg(s, rd, tmp);
9170 tmp = load_reg(s, rd);
9171 tmp2 = load_reg(s, rm);
9172 gen_helper_sub_cc(tmp, tmp, tmp2);
9173 tcg_temp_free_i32(tmp2);
9174 tcg_temp_free_i32(tmp);
9176 case 2: /* mov/cpy */
9177 tmp = load_reg(s, rm);
9178 store_reg(s, rd, tmp);
9180 case 3:/* branch [and link] exchange thumb register */
9181 tmp = load_reg(s, rm);
9182 if (insn & (1 << 7)) {
9184 val = (uint32_t)s->pc | 1;
9185 tmp2 = tcg_temp_new_i32();
9186 tcg_gen_movi_i32(tmp2, val);
9187 store_reg(s, 14, tmp2);
9189 /* already thumb, no need to check */
9196 /* data processing register */
9198 rm = (insn >> 3) & 7;
9199 op = (insn >> 6) & 0xf;
9200 if (op == 2 || op == 3 || op == 4 || op == 7) {
9201 /* the shift/rotate ops want the operands backwards */
9210 if (op == 9) { /* neg */
9211 tmp = tcg_temp_new_i32();
9212 tcg_gen_movi_i32(tmp, 0);
9213 } else if (op != 0xf) { /* mvn doesn't read its first operand */
9214 tmp = load_reg(s, rd);
9219 tmp2 = load_reg(s, rm);
9222 tcg_gen_and_i32(tmp, tmp, tmp2);
9223 if (!s->condexec_mask)
9227 tcg_gen_xor_i32(tmp, tmp, tmp2);
9228 if (!s->condexec_mask)
9232 if (s->condexec_mask) {
9233 gen_helper_shl(tmp2, tmp2, tmp);
9235 gen_helper_shl_cc(tmp2, tmp2, tmp);
9240 if (s->condexec_mask) {
9241 gen_helper_shr(tmp2, tmp2, tmp);
9243 gen_helper_shr_cc(tmp2, tmp2, tmp);
9248 if (s->condexec_mask) {
9249 gen_helper_sar(tmp2, tmp2, tmp);
9251 gen_helper_sar_cc(tmp2, tmp2, tmp);
9256 if (s->condexec_mask)
9259 gen_helper_adc_cc(tmp, tmp, tmp2);
9262 if (s->condexec_mask)
9263 gen_sub_carry(tmp, tmp, tmp2);
9265 gen_helper_sbc_cc(tmp, tmp, tmp2);
9268 if (s->condexec_mask) {
9269 tcg_gen_andi_i32(tmp, tmp, 0x1f);
9270 tcg_gen_rotr_i32(tmp2, tmp2, tmp);
9272 gen_helper_ror_cc(tmp2, tmp2, tmp);
9277 tcg_gen_and_i32(tmp, tmp, tmp2);
9282 if (s->condexec_mask)
9283 tcg_gen_neg_i32(tmp, tmp2);
9285 gen_helper_sub_cc(tmp, tmp, tmp2);
9288 gen_helper_sub_cc(tmp, tmp, tmp2);
9292 gen_helper_add_cc(tmp, tmp, tmp2);
9296 tcg_gen_or_i32(tmp, tmp, tmp2);
9297 if (!s->condexec_mask)
9301 tcg_gen_mul_i32(tmp, tmp, tmp2);
9302 if (!s->condexec_mask)
9306 tcg_gen_andc_i32(tmp, tmp, tmp2);
9307 if (!s->condexec_mask)
9311 tcg_gen_not_i32(tmp2, tmp2);
9312 if (!s->condexec_mask)
9320 store_reg(s, rm, tmp2);
9322 tcg_temp_free_i32(tmp);
9324 store_reg(s, rd, tmp);
9325 tcg_temp_free_i32(tmp2);
9328 tcg_temp_free_i32(tmp);
9329 tcg_temp_free_i32(tmp2);
9334 /* load/store register offset. */
9336 rn = (insn >> 3) & 7;
9337 rm = (insn >> 6) & 7;
9338 op = (insn >> 9) & 7;
9339 addr = load_reg(s, rn);
9340 tmp = load_reg(s, rm);
9341 tcg_gen_add_i32(addr, addr, tmp);
9342 tcg_temp_free_i32(tmp);
9344 if (op < 3) /* store */
9345 tmp = load_reg(s, rd);
9349 gen_st32(tmp, addr, IS_USER(s));
9352 gen_st16(tmp, addr, IS_USER(s));
9355 gen_st8(tmp, addr, IS_USER(s));
9358 tmp = gen_ld8s(addr, IS_USER(s));
9361 tmp = gen_ld32(addr, IS_USER(s));
9364 tmp = gen_ld16u(addr, IS_USER(s));
9367 tmp = gen_ld8u(addr, IS_USER(s));
9370 tmp = gen_ld16s(addr, IS_USER(s));
9373 if (op >= 3) /* load */
9374 store_reg(s, rd, tmp);
9375 tcg_temp_free_i32(addr);
9379 /* load/store word immediate offset */
9381 rn = (insn >> 3) & 7;
9382 addr = load_reg(s, rn);
9383 val = (insn >> 4) & 0x7c;
9384 tcg_gen_addi_i32(addr, addr, val);
9386 if (insn & (1 << 11)) {
9388 tmp = gen_ld32(addr, IS_USER(s));
9389 store_reg(s, rd, tmp);
9392 tmp = load_reg(s, rd);
9393 gen_st32(tmp, addr, IS_USER(s));
9395 tcg_temp_free_i32(addr);
9399 /* load/store byte immediate offset */
9401 rn = (insn >> 3) & 7;
9402 addr = load_reg(s, rn);
9403 val = (insn >> 6) & 0x1f;
9404 tcg_gen_addi_i32(addr, addr, val);
9406 if (insn & (1 << 11)) {
9408 tmp = gen_ld8u(addr, IS_USER(s));
9409 store_reg(s, rd, tmp);
9412 tmp = load_reg(s, rd);
9413 gen_st8(tmp, addr, IS_USER(s));
9415 tcg_temp_free_i32(addr);
9419 /* load/store halfword immediate offset */
9421 rn = (insn >> 3) & 7;
9422 addr = load_reg(s, rn);
9423 val = (insn >> 5) & 0x3e;
9424 tcg_gen_addi_i32(addr, addr, val);
9426 if (insn & (1 << 11)) {
9428 tmp = gen_ld16u(addr, IS_USER(s));
9429 store_reg(s, rd, tmp);
9432 tmp = load_reg(s, rd);
9433 gen_st16(tmp, addr, IS_USER(s));
9435 tcg_temp_free_i32(addr);
9439 /* load/store from stack */
9440 rd = (insn >> 8) & 7;
9441 addr = load_reg(s, 13);
9442 val = (insn & 0xff) * 4;
9443 tcg_gen_addi_i32(addr, addr, val);
9445 if (insn & (1 << 11)) {
9447 tmp = gen_ld32(addr, IS_USER(s));
9448 store_reg(s, rd, tmp);
9451 tmp = load_reg(s, rd);
9452 gen_st32(tmp, addr, IS_USER(s));
9454 tcg_temp_free_i32(addr);
9458 /* add to high reg */
9459 rd = (insn >> 8) & 7;
9460 if (insn & (1 << 11)) {
9462 tmp = load_reg(s, 13);
9464 /* PC. bit 1 is ignored. */
9465 tmp = tcg_temp_new_i32();
9466 tcg_gen_movi_i32(tmp, (s->pc + 2) & ~(uint32_t)2);
9468 val = (insn & 0xff) * 4;
9469 tcg_gen_addi_i32(tmp, tmp, val);
9470 store_reg(s, rd, tmp);
9475 op = (insn >> 8) & 0xf;
9478 /* adjust stack pointer */
9479 tmp = load_reg(s, 13);
9480 val = (insn & 0x7f) * 4;
9481 if (insn & (1 << 7))
9482 val = -(int32_t)val;
9483 tcg_gen_addi_i32(tmp, tmp, val);
9484 store_reg(s, 13, tmp);
9487 case 2: /* sign/zero extend. */
9490 rm = (insn >> 3) & 7;
9491 tmp = load_reg(s, rm);
9492 switch ((insn >> 6) & 3) {
9493 case 0: gen_sxth(tmp); break;
9494 case 1: gen_sxtb(tmp); break;
9495 case 2: gen_uxth(tmp); break;
9496 case 3: gen_uxtb(tmp); break;
9498 store_reg(s, rd, tmp);
9500 case 4: case 5: case 0xc: case 0xd:
9502 addr = load_reg(s, 13);
9503 if (insn & (1 << 8))
9507 for (i = 0; i < 8; i++) {
9508 if (insn & (1 << i))
9511 if ((insn & (1 << 11)) == 0) {
9512 tcg_gen_addi_i32(addr, addr, -offset);
9514 for (i = 0; i < 8; i++) {
9515 if (insn & (1 << i)) {
9516 if (insn & (1 << 11)) {
9518 tmp = gen_ld32(addr, IS_USER(s));
9519 store_reg(s, i, tmp);
9522 tmp = load_reg(s, i);
9523 gen_st32(tmp, addr, IS_USER(s));
9525 /* advance to the next address. */
9526 tcg_gen_addi_i32(addr, addr, 4);
9530 if (insn & (1 << 8)) {
9531 if (insn & (1 << 11)) {
9533 tmp = gen_ld32(addr, IS_USER(s));
9534 /* don't set the pc until the rest of the instruction
9538 tmp = load_reg(s, 14);
9539 gen_st32(tmp, addr, IS_USER(s));
9541 tcg_gen_addi_i32(addr, addr, 4);
9543 if ((insn & (1 << 11)) == 0) {
9544 tcg_gen_addi_i32(addr, addr, -offset);
9546 /* write back the new stack pointer */
9547 store_reg(s, 13, addr);
9548 /* set the new PC value */
9549 if ((insn & 0x0900) == 0x0900) {
9550 store_reg_from_load(env, s, 15, tmp);
9554 case 1: case 3: case 9: case 11: /* czb */
9556 tmp = load_reg(s, rm);
9557 s->condlabel = gen_new_label();
9559 if (insn & (1 << 11))
9560 tcg_gen_brcondi_i32(TCG_COND_EQ, tmp, 0, s->condlabel);
9562 tcg_gen_brcondi_i32(TCG_COND_NE, tmp, 0, s->condlabel);
9563 tcg_temp_free_i32(tmp);
9564 offset = ((insn & 0xf8) >> 2) | (insn & 0x200) >> 3;
9565 val = (uint32_t)s->pc + 2;
9570 case 15: /* IT, nop-hint. */
9571 if ((insn & 0xf) == 0) {
9572 gen_nop_hint(s, (insn >> 4) & 0xf);
9576 s->condexec_cond = (insn >> 4) & 0xe;
9577 s->condexec_mask = insn & 0x1f;
9578 /* No actual code generated for this insn, just setup state. */
9581 case 0xe: /* bkpt */
9583 gen_exception_insn(s, 2, EXCP_BKPT);
9588 rn = (insn >> 3) & 0x7;
9590 tmp = load_reg(s, rn);
9591 switch ((insn >> 6) & 3) {
9592 case 0: tcg_gen_bswap32_i32(tmp, tmp); break;
9593 case 1: gen_rev16(tmp); break;
9594 case 3: gen_revsh(tmp); break;
9595 default: goto illegal_op;
9597 store_reg(s, rd, tmp);
9605 tmp = tcg_const_i32((insn & (1 << 4)) != 0);
9608 addr = tcg_const_i32(16);
9609 gen_helper_v7m_msr(cpu_env, addr, tmp);
9610 tcg_temp_free_i32(addr);
9614 addr = tcg_const_i32(17);
9615 gen_helper_v7m_msr(cpu_env, addr, tmp);
9616 tcg_temp_free_i32(addr);
9618 tcg_temp_free_i32(tmp);
9621 if (insn & (1 << 4))
9622 shift = CPSR_A | CPSR_I | CPSR_F;
9625 gen_set_psr_im(s, ((insn & 7) << 6), 0, shift);
9636 /* load/store multiple */
9638 TCGV_UNUSED(loaded_var);
9639 rn = (insn >> 8) & 0x7;
9640 addr = load_reg(s, rn);
9641 for (i = 0; i < 8; i++) {
9642 if (insn & (1 << i)) {
9643 if (insn & (1 << 11)) {
9645 tmp = gen_ld32(addr, IS_USER(s));
9649 store_reg(s, i, tmp);
9653 tmp = load_reg(s, i);
9654 gen_st32(tmp, addr, IS_USER(s));
9656 /* advance to the next address */
9657 tcg_gen_addi_i32(addr, addr, 4);
9660 if ((insn & (1 << rn)) == 0) {
9661 /* base reg not in list: base register writeback */
9662 store_reg(s, rn, addr);
9664 /* base reg in list: if load, complete it now */
9665 if (insn & (1 << 11)) {
9666 store_reg(s, rn, loaded_var);
9668 tcg_temp_free_i32(addr);
9673 /* conditional branch or swi */
9674 cond = (insn >> 8) & 0xf;
9680 gen_set_pc_im(s->pc);
9681 s->is_jmp = DISAS_SWI;
9684 /* generate a conditional jump to next instruction */
9685 s->condlabel = gen_new_label();
9686 gen_test_cc(cond ^ 1, s->condlabel);
9689 /* jump to the offset */
9690 val = (uint32_t)s->pc + 2;
9691 offset = ((int32_t)insn << 24) >> 24;
9697 if (insn & (1 << 11)) {
9698 if (disas_thumb2_insn(env, s, insn))
9702 /* unconditional branch */
9703 val = (uint32_t)s->pc;
9704 offset = ((int32_t)insn << 21) >> 21;
9705 val += (offset << 1) + 2;
9710 if (disas_thumb2_insn(env, s, insn))
9716 gen_exception_insn(s, 4, EXCP_UDEF);
9720 gen_exception_insn(s, 2, EXCP_UDEF);
9723 /* generate intermediate code in gen_opc_buf and gen_opparam_buf for
9724 basic block 'tb'. If search_pc is TRUE, also generate PC
9725 information for each intermediate instruction. */
9726 static inline void gen_intermediate_code_internal(CPUState *env,
9727 TranslationBlock *tb,
9730 DisasContext dc1, *dc = &dc1;
9732 uint16_t *gen_opc_end;
9734 target_ulong pc_start;
9735 uint32_t next_page_start;
9739 /* generate intermediate code */
9744 gen_opc_end = gen_opc_buf + OPC_MAX_SIZE;
9746 dc->is_jmp = DISAS_NEXT;
9748 dc->singlestep_enabled = env->singlestep_enabled;
9750 dc->thumb = ARM_TBFLAG_THUMB(tb->flags);
9751 dc->condexec_mask = (ARM_TBFLAG_CONDEXEC(tb->flags) & 0xf) << 1;
9752 dc->condexec_cond = ARM_TBFLAG_CONDEXEC(tb->flags) >> 4;
9753 #if !defined(CONFIG_USER_ONLY)
9754 dc->user = (ARM_TBFLAG_PRIV(tb->flags) == 0);
9756 dc->vfp_enabled = ARM_TBFLAG_VFPEN(tb->flags);
9757 dc->vec_len = ARM_TBFLAG_VECLEN(tb->flags);
9758 dc->vec_stride = ARM_TBFLAG_VECSTRIDE(tb->flags);
9759 cpu_F0s = tcg_temp_new_i32();
9760 cpu_F1s = tcg_temp_new_i32();
9761 cpu_F0d = tcg_temp_new_i64();
9762 cpu_F1d = tcg_temp_new_i64();
9765 /* FIXME: cpu_M0 can probably be the same as cpu_V0. */
9766 cpu_M0 = tcg_temp_new_i64();
9767 next_page_start = (pc_start & TARGET_PAGE_MASK) + TARGET_PAGE_SIZE;
9770 max_insns = tb->cflags & CF_COUNT_MASK;
9772 max_insns = CF_COUNT_MASK;
9776 tcg_clear_temp_count();
9778 /* A note on handling of the condexec (IT) bits:
9780 * We want to avoid the overhead of having to write the updated condexec
9781 * bits back to the CPUState for every instruction in an IT block. So:
9782 * (1) if the condexec bits are not already zero then we write
9783 * zero back into the CPUState now. This avoids complications trying
9784 * to do it at the end of the block. (For example if we don't do this
9785 * it's hard to identify whether we can safely skip writing condexec
9786 * at the end of the TB, which we definitely want to do for the case
9787 * where a TB doesn't do anything with the IT state at all.)
9788 * (2) if we are going to leave the TB then we call gen_set_condexec()
9789 * which will write the correct value into CPUState if zero is wrong.
9790 * This is done both for leaving the TB at the end, and for leaving
9791 * it because of an exception we know will happen, which is done in
9792 * gen_exception_insn(). The latter is necessary because we need to
9793 * leave the TB with the PC/IT state just prior to execution of the
9794 * instruction which caused the exception.
9795 * (3) if we leave the TB unexpectedly (eg a data abort on a load)
9796 * then the CPUState will be wrong and we need to reset it.
9797 * This is handled in the same way as restoration of the
9798 * PC in these situations: we will be called again with search_pc=1
9799 * and generate a mapping of the condexec bits for each PC in
9800 * gen_opc_condexec_bits[]. restore_state_to_opc() then uses
9801 * this to restore the condexec bits.
9803 * Note that there are no instructions which can read the condexec
9804 * bits, and none which can write non-static values to them, so
9805 * we don't need to care about whether CPUState is correct in the
9809 /* Reset the conditional execution bits immediately. This avoids
9810 complications trying to do it at the end of the block. */
9811 if (dc->condexec_mask || dc->condexec_cond)
9813 TCGv tmp = tcg_temp_new_i32();
9814 tcg_gen_movi_i32(tmp, 0);
9815 store_cpu_field(tmp, condexec_bits);
9818 #ifdef CONFIG_USER_ONLY
9819 /* Intercept jump to the magic kernel page. */
9820 if (dc->pc >= 0xffff0000) {
9821 /* We always get here via a jump, so know we are not in a
9822 conditional execution block. */
9823 gen_exception(EXCP_KERNEL_TRAP);
9824 dc->is_jmp = DISAS_UPDATE;
9828 if (dc->pc >= 0xfffffff0 && IS_M(env)) {
9829 /* We always get here via a jump, so know we are not in a
9830 conditional execution block. */
9831 gen_exception(EXCP_EXCEPTION_EXIT);
9832 dc->is_jmp = DISAS_UPDATE;
9837 if (unlikely(!QTAILQ_EMPTY(&env->breakpoints))) {
9838 QTAILQ_FOREACH(bp, &env->breakpoints, entry) {
9839 if (bp->pc == dc->pc) {
9840 gen_exception_insn(dc, 0, EXCP_DEBUG);
9841 /* Advance PC so that clearing the breakpoint will
9842 invalidate this TB. */
9844 goto done_generating;
9850 j = gen_opc_ptr - gen_opc_buf;
9854 gen_opc_instr_start[lj++] = 0;
9856 gen_opc_pc[lj] = dc->pc;
9857 gen_opc_condexec_bits[lj] = (dc->condexec_cond << 4) | (dc->condexec_mask >> 1);
9858 gen_opc_instr_start[lj] = 1;
9859 gen_opc_icount[lj] = num_insns;
9862 if (num_insns + 1 == max_insns && (tb->cflags & CF_LAST_IO))
9865 if (unlikely(qemu_loglevel_mask(CPU_LOG_TB_OP))) {
9866 tcg_gen_debug_insn_start(dc->pc);
9870 disas_thumb_insn(env, dc);
9871 if (dc->condexec_mask) {
9872 dc->condexec_cond = (dc->condexec_cond & 0xe)
9873 | ((dc->condexec_mask >> 4) & 1);
9874 dc->condexec_mask = (dc->condexec_mask << 1) & 0x1f;
9875 if (dc->condexec_mask == 0) {
9876 dc->condexec_cond = 0;
9880 disas_arm_insn(env, dc);
9883 if (dc->condjmp && !dc->is_jmp) {
9884 gen_set_label(dc->condlabel);
9888 if (tcg_check_temp_count()) {
9889 fprintf(stderr, "TCG temporary leak before %08x\n", dc->pc);
9892 /* Translation stops when a conditional branch is encountered.
9893 * Otherwise the subsequent code could get translated several times.
9894 * Also stop translation when a page boundary is reached. This
9895 * ensures prefetch aborts occur at the right place. */
9897 } while (!dc->is_jmp && gen_opc_ptr < gen_opc_end &&
9898 !env->singlestep_enabled &&
9900 dc->pc < next_page_start &&
9901 num_insns < max_insns);
9903 if (tb->cflags & CF_LAST_IO) {
9905 /* FIXME: This can theoretically happen with self-modifying
9907 cpu_abort(env, "IO on conditional branch instruction");
9912 /* At this stage dc->condjmp will only be set when the skipped
9913 instruction was a conditional branch or trap, and the PC has
9914 already been written. */
9915 if (unlikely(env->singlestep_enabled)) {
9916 /* Make sure the pc is updated, and raise a debug exception. */
9918 gen_set_condexec(dc);
9919 if (dc->is_jmp == DISAS_SWI) {
9920 gen_exception(EXCP_SWI);
9922 gen_exception(EXCP_DEBUG);
9924 gen_set_label(dc->condlabel);
9926 if (dc->condjmp || !dc->is_jmp) {
9927 gen_set_pc_im(dc->pc);
9930 gen_set_condexec(dc);
9931 if (dc->is_jmp == DISAS_SWI && !dc->condjmp) {
9932 gen_exception(EXCP_SWI);
9934 /* FIXME: Single stepping a WFI insn will not halt
9936 gen_exception(EXCP_DEBUG);
9939 /* While branches must always occur at the end of an IT block,
9940 there are a few other things that can cause us to terminate
9941 the TB in the middel of an IT block:
9942 - Exception generating instructions (bkpt, swi, undefined).
9944 - Hardware watchpoints.
9945 Hardware breakpoints have already been handled and skip this code.
9947 gen_set_condexec(dc);
9948 switch(dc->is_jmp) {
9950 gen_goto_tb(dc, 1, dc->pc);
9955 /* indicate that the hash table must be used to find the next TB */
9959 /* nothing more to generate */
9965 gen_exception(EXCP_SWI);
9969 gen_set_label(dc->condlabel);
9970 gen_set_condexec(dc);
9971 gen_goto_tb(dc, 1, dc->pc);
9977 gen_icount_end(tb, num_insns);
9978 *gen_opc_ptr = INDEX_op_end;
9981 if (qemu_loglevel_mask(CPU_LOG_TB_IN_ASM)) {
9982 qemu_log("----------------\n");
9983 qemu_log("IN: %s\n", lookup_symbol(pc_start));
9984 log_target_disas(pc_start, dc->pc - pc_start, dc->thumb);
9989 j = gen_opc_ptr - gen_opc_buf;
9992 gen_opc_instr_start[lj++] = 0;
9994 tb->size = dc->pc - pc_start;
9995 tb->icount = num_insns;
9999 void gen_intermediate_code(CPUState *env, TranslationBlock *tb)
10001 gen_intermediate_code_internal(env, tb, 0);
10004 void gen_intermediate_code_pc(CPUState *env, TranslationBlock *tb)
10006 gen_intermediate_code_internal(env, tb, 1);
10009 static const char *cpu_mode_names[16] = {
10010 "usr", "fiq", "irq", "svc", "???", "???", "???", "abt",
10011 "???", "???", "???", "und", "???", "???", "???", "sys"
10014 void cpu_dump_state(CPUState *env, FILE *f, fprintf_function cpu_fprintf,
10024 /* ??? This assumes float64 and double have the same layout.
10025 Oh well, it's only debug dumps. */
10033 for(i=0;i<16;i++) {
10034 cpu_fprintf(f, "R%02d=%08x", i, env->regs[i]);
10036 cpu_fprintf(f, "\n");
10038 cpu_fprintf(f, " ");
10040 psr = cpsr_read(env);
10041 cpu_fprintf(f, "PSR=%08x %c%c%c%c %c %s%d\n",
10043 psr & (1 << 31) ? 'N' : '-',
10044 psr & (1 << 30) ? 'Z' : '-',
10045 psr & (1 << 29) ? 'C' : '-',
10046 psr & (1 << 28) ? 'V' : '-',
10047 psr & CPSR_T ? 'T' : 'A',
10048 cpu_mode_names[psr & 0xf], (psr & 0x10) ? 32 : 26);
10051 for (i = 0; i < 16; i++) {
10052 d.d = env->vfp.regs[i];
10056 cpu_fprintf(f, "s%02d=%08x(%8g) s%02d=%08x(%8g) d%02d=%08x%08x(%8g)\n",
10057 i * 2, (int)s0.i, s0.s,
10058 i * 2 + 1, (int)s1.i, s1.s,
10059 i, (int)(uint32_t)d.l.upper, (int)(uint32_t)d.l.lower,
10062 cpu_fprintf(f, "FPSCR: %08x\n", (int)env->vfp.xregs[ARM_VFP_FPSCR]);
10066 void restore_state_to_opc(CPUState *env, TranslationBlock *tb, int pc_pos)
10068 env->regs[15] = gen_opc_pc[pc_pos];
10069 env->condexec_bits = gen_opc_condexec_bits[pc_pos];
projects / qemu.git / blob