4 * Copyright (c) 2003 Fabrice Bellard
6 * This library is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU Lesser General Public
8 * License as published by the Free Software Foundation; either
9 * version 2 of the License, or (at your option) any later version.
11 * This library is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 * Lesser General Public License for more details.
16 * You should have received a copy of the GNU Lesser General Public
17 * License along with this library; if not, see <http://www.gnu.org/licenses/>.
34 #define PREFIX_REPZ 0x01
35 #define PREFIX_REPNZ 0x02
36 #define PREFIX_LOCK 0x04
37 #define PREFIX_DATA 0x08
38 #define PREFIX_ADR 0x10
41 #define X86_64_ONLY(x) x
42 #define X86_64_DEF(...) __VA_ARGS__
43 #define CODE64(s) ((s)->code64)
44 #define REX_X(s) ((s)->rex_x)
45 #define REX_B(s) ((s)->rex_b)
46 /* XXX: gcc generates push/pop in some opcodes, so we cannot use them */
48 #define BUGGY_64(x) NULL
51 #define X86_64_ONLY(x) NULL
52 #define X86_64_DEF(...)
58 //#define MACRO_TEST 1
60 /* global register indexes */
61 static TCGv_ptr cpu_env;
62 static TCGv cpu_A0, cpu_cc_src, cpu_cc_dst, cpu_cc_tmp;
63 static TCGv_i32 cpu_cc_op;
64 static TCGv cpu_regs[CPU_NB_REGS];
66 static TCGv cpu_T[2], cpu_T3;
67 /* local register indexes (only used inside old micro ops) */
68 static TCGv cpu_tmp0, cpu_tmp4;
69 static TCGv_ptr cpu_ptr0, cpu_ptr1;
70 static TCGv_i32 cpu_tmp2_i32, cpu_tmp3_i32;
71 static TCGv_i64 cpu_tmp1_i64;
74 static uint8_t gen_opc_cc_op[OPC_BUF_SIZE];
76 #include "gen-icount.h"
79 static int x86_64_hregs;
82 typedef struct DisasContext {
83 /* current insn context */
84 int override; /* -1 if no override */
87 target_ulong pc; /* pc = eip + cs_base */
88 int is_jmp; /* 1 = means jump (stop translation), 2 means CPU
89 static state change (stop translation) */
90 /* current block context */
91 target_ulong cs_base; /* base of CS segment */
92 int pe; /* protected mode */
93 int code32; /* 32 bit code segment */
95 int lma; /* long mode active */
96 int code64; /* 64 bit code segment */
99 int ss32; /* 32 bit stack segment */
100 int cc_op; /* current CC operation */
101 int addseg; /* non zero if either DS/ES/SS have a non zero base */
102 int f_st; /* currently unused */
103 int vm86; /* vm86 mode */
106 int tf; /* TF cpu flag */
107 int singlestep_enabled; /* "hardware" single step enabled */
108 int jmp_opt; /* use direct block chaining for direct jumps */
109 int mem_index; /* select memory access functions */
110 uint64_t flags; /* all execution flags */
111 struct TranslationBlock *tb;
112 int popl_esp_hack; /* for correct popl with esp base handling */
113 int rip_offset; /* only used in x86_64, but left for simplicity */
115 int cpuid_ext_features;
116 int cpuid_ext2_features;
117 int cpuid_ext3_features;
120 static void gen_eob(DisasContext *s);
121 static void gen_jmp(DisasContext *s, target_ulong eip);
122 static void gen_jmp_tb(DisasContext *s, target_ulong eip, int tb_num);
124 /* i386 arith/logic operations */
144 OP_SHL1, /* undocumented */
168 /* I386 int registers */
169 OR_EAX, /* MUST be even numbered */
178 OR_TMP0 = 16, /* temporary operand register */
180 OR_A0, /* temporary register used when doing address evaluation */
183 static inline void gen_op_movl_T0_0(void)
185 tcg_gen_movi_tl(cpu_T[0], 0);
188 static inline void gen_op_movl_T0_im(int32_t val)
190 tcg_gen_movi_tl(cpu_T[0], val);
193 static inline void gen_op_movl_T0_imu(uint32_t val)
195 tcg_gen_movi_tl(cpu_T[0], val);
198 static inline void gen_op_movl_T1_im(int32_t val)
200 tcg_gen_movi_tl(cpu_T[1], val);
203 static inline void gen_op_movl_T1_imu(uint32_t val)
205 tcg_gen_movi_tl(cpu_T[1], val);
208 static inline void gen_op_movl_A0_im(uint32_t val)
210 tcg_gen_movi_tl(cpu_A0, val);
214 static inline void gen_op_movq_A0_im(int64_t val)
216 tcg_gen_movi_tl(cpu_A0, val);
220 static inline void gen_movtl_T0_im(target_ulong val)
222 tcg_gen_movi_tl(cpu_T[0], val);
225 static inline void gen_movtl_T1_im(target_ulong val)
227 tcg_gen_movi_tl(cpu_T[1], val);
230 static inline void gen_op_andl_T0_ffff(void)
232 tcg_gen_andi_tl(cpu_T[0], cpu_T[0], 0xffff);
235 static inline void gen_op_andl_T0_im(uint32_t val)
237 tcg_gen_andi_tl(cpu_T[0], cpu_T[0], val);
240 static inline void gen_op_movl_T0_T1(void)
242 tcg_gen_mov_tl(cpu_T[0], cpu_T[1]);
245 static inline void gen_op_andl_A0_ffff(void)
247 tcg_gen_andi_tl(cpu_A0, cpu_A0, 0xffff);
252 #define NB_OP_SIZES 4
254 #else /* !TARGET_X86_64 */
256 #define NB_OP_SIZES 3
258 #endif /* !TARGET_X86_64 */
260 #if defined(HOST_WORDS_BIGENDIAN)
261 #define REG_B_OFFSET (sizeof(target_ulong) - 1)
262 #define REG_H_OFFSET (sizeof(target_ulong) - 2)
263 #define REG_W_OFFSET (sizeof(target_ulong) - 2)
264 #define REG_L_OFFSET (sizeof(target_ulong) - 4)
265 #define REG_LH_OFFSET (sizeof(target_ulong) - 8)
267 #define REG_B_OFFSET 0
268 #define REG_H_OFFSET 1
269 #define REG_W_OFFSET 0
270 #define REG_L_OFFSET 0
271 #define REG_LH_OFFSET 4
274 static inline void gen_op_mov_reg_v(int ot, int reg, TCGv t0)
278 if (reg < 4 X86_64_DEF( || reg >= 8 || x86_64_hregs)) {
279 tcg_gen_deposit_tl(cpu_regs[reg], cpu_regs[reg], t0, 0, 8);
281 tcg_gen_deposit_tl(cpu_regs[reg - 4], cpu_regs[reg - 4], t0, 8, 8);
285 tcg_gen_deposit_tl(cpu_regs[reg], cpu_regs[reg], t0, 0, 16);
287 default: /* XXX this shouldn't be reached; abort? */
289 /* For x86_64, this sets the higher half of register to zero.
290 For i386, this is equivalent to a mov. */
291 tcg_gen_ext32u_tl(cpu_regs[reg], t0);
295 tcg_gen_mov_tl(cpu_regs[reg], t0);
301 static inline void gen_op_mov_reg_T0(int ot, int reg)
303 gen_op_mov_reg_v(ot, reg, cpu_T[0]);
306 static inline void gen_op_mov_reg_T1(int ot, int reg)
308 gen_op_mov_reg_v(ot, reg, cpu_T[1]);
311 static inline void gen_op_mov_reg_A0(int size, int reg)
315 tcg_gen_deposit_tl(cpu_regs[reg], cpu_regs[reg], cpu_A0, 0, 16);
317 default: /* XXX this shouldn't be reached; abort? */
319 /* For x86_64, this sets the higher half of register to zero.
320 For i386, this is equivalent to a mov. */
321 tcg_gen_ext32u_tl(cpu_regs[reg], cpu_A0);
325 tcg_gen_mov_tl(cpu_regs[reg], cpu_A0);
331 static inline void gen_op_mov_v_reg(int ot, TCGv t0, int reg)
335 if (reg < 4 X86_64_DEF( || reg >= 8 || x86_64_hregs)) {
338 tcg_gen_shri_tl(t0, cpu_regs[reg - 4], 8);
339 tcg_gen_ext8u_tl(t0, t0);
344 tcg_gen_mov_tl(t0, cpu_regs[reg]);
349 static inline void gen_op_mov_TN_reg(int ot, int t_index, int reg)
351 gen_op_mov_v_reg(ot, cpu_T[t_index], reg);
354 static inline void gen_op_movl_A0_reg(int reg)
356 tcg_gen_mov_tl(cpu_A0, cpu_regs[reg]);
359 static inline void gen_op_addl_A0_im(int32_t val)
361 tcg_gen_addi_tl(cpu_A0, cpu_A0, val);
363 tcg_gen_andi_tl(cpu_A0, cpu_A0, 0xffffffff);
368 static inline void gen_op_addq_A0_im(int64_t val)
370 tcg_gen_addi_tl(cpu_A0, cpu_A0, val);
374 static void gen_add_A0_im(DisasContext *s, int val)
378 gen_op_addq_A0_im(val);
381 gen_op_addl_A0_im(val);
384 static inline void gen_op_addl_T0_T1(void)
386 tcg_gen_add_tl(cpu_T[0], cpu_T[0], cpu_T[1]);
389 static inline void gen_op_jmp_T0(void)
391 tcg_gen_st_tl(cpu_T[0], cpu_env, offsetof(CPUState, eip));
394 static inline void gen_op_add_reg_im(int size, int reg, int32_t val)
398 tcg_gen_addi_tl(cpu_tmp0, cpu_regs[reg], val);
399 tcg_gen_deposit_tl(cpu_regs[reg], cpu_regs[reg], cpu_tmp0, 0, 16);
402 tcg_gen_addi_tl(cpu_tmp0, cpu_regs[reg], val);
403 /* For x86_64, this sets the higher half of register to zero.
404 For i386, this is equivalent to a nop. */
405 tcg_gen_ext32u_tl(cpu_tmp0, cpu_tmp0);
406 tcg_gen_mov_tl(cpu_regs[reg], cpu_tmp0);
410 tcg_gen_addi_tl(cpu_regs[reg], cpu_regs[reg], val);
416 static inline void gen_op_add_reg_T0(int size, int reg)
420 tcg_gen_add_tl(cpu_tmp0, cpu_regs[reg], cpu_T[0]);
421 tcg_gen_deposit_tl(cpu_regs[reg], cpu_regs[reg], cpu_tmp0, 0, 16);
424 tcg_gen_add_tl(cpu_tmp0, cpu_regs[reg], cpu_T[0]);
425 /* For x86_64, this sets the higher half of register to zero.
426 For i386, this is equivalent to a nop. */
427 tcg_gen_ext32u_tl(cpu_tmp0, cpu_tmp0);
428 tcg_gen_mov_tl(cpu_regs[reg], cpu_tmp0);
432 tcg_gen_add_tl(cpu_regs[reg], cpu_regs[reg], cpu_T[0]);
438 static inline void gen_op_set_cc_op(int32_t val)
440 tcg_gen_movi_i32(cpu_cc_op, val);
443 static inline void gen_op_addl_A0_reg_sN(int shift, int reg)
445 tcg_gen_mov_tl(cpu_tmp0, cpu_regs[reg]);
447 tcg_gen_shli_tl(cpu_tmp0, cpu_tmp0, shift);
448 tcg_gen_add_tl(cpu_A0, cpu_A0, cpu_tmp0);
449 /* For x86_64, this sets the higher half of register to zero.
450 For i386, this is equivalent to a nop. */
451 tcg_gen_ext32u_tl(cpu_A0, cpu_A0);
454 static inline void gen_op_movl_A0_seg(int reg)
456 tcg_gen_ld32u_tl(cpu_A0, cpu_env, offsetof(CPUState, segs[reg].base) + REG_L_OFFSET);
459 static inline void gen_op_addl_A0_seg(int reg)
461 tcg_gen_ld_tl(cpu_tmp0, cpu_env, offsetof(CPUState, segs[reg].base));
462 tcg_gen_add_tl(cpu_A0, cpu_A0, cpu_tmp0);
464 tcg_gen_andi_tl(cpu_A0, cpu_A0, 0xffffffff);
469 static inline void gen_op_movq_A0_seg(int reg)
471 tcg_gen_ld_tl(cpu_A0, cpu_env, offsetof(CPUState, segs[reg].base));
474 static inline void gen_op_addq_A0_seg(int reg)
476 tcg_gen_ld_tl(cpu_tmp0, cpu_env, offsetof(CPUState, segs[reg].base));
477 tcg_gen_add_tl(cpu_A0, cpu_A0, cpu_tmp0);
480 static inline void gen_op_movq_A0_reg(int reg)
482 tcg_gen_mov_tl(cpu_A0, cpu_regs[reg]);
485 static inline void gen_op_addq_A0_reg_sN(int shift, int reg)
487 tcg_gen_mov_tl(cpu_tmp0, cpu_regs[reg]);
489 tcg_gen_shli_tl(cpu_tmp0, cpu_tmp0, shift);
490 tcg_gen_add_tl(cpu_A0, cpu_A0, cpu_tmp0);
494 static inline void gen_op_lds_T0_A0(int idx)
496 int mem_index = (idx >> 2) - 1;
499 tcg_gen_qemu_ld8s(cpu_T[0], cpu_A0, mem_index);
502 tcg_gen_qemu_ld16s(cpu_T[0], cpu_A0, mem_index);
506 tcg_gen_qemu_ld32s(cpu_T[0], cpu_A0, mem_index);
511 static inline void gen_op_ld_v(int idx, TCGv t0, TCGv a0)
513 int mem_index = (idx >> 2) - 1;
516 tcg_gen_qemu_ld8u(t0, a0, mem_index);
519 tcg_gen_qemu_ld16u(t0, a0, mem_index);
522 tcg_gen_qemu_ld32u(t0, a0, mem_index);
526 /* Should never happen on 32-bit targets. */
528 tcg_gen_qemu_ld64(t0, a0, mem_index);
534 /* XXX: always use ldu or lds */
535 static inline void gen_op_ld_T0_A0(int idx)
537 gen_op_ld_v(idx, cpu_T[0], cpu_A0);
540 static inline void gen_op_ldu_T0_A0(int idx)
542 gen_op_ld_v(idx, cpu_T[0], cpu_A0);
545 static inline void gen_op_ld_T1_A0(int idx)
547 gen_op_ld_v(idx, cpu_T[1], cpu_A0);
550 static inline void gen_op_st_v(int idx, TCGv t0, TCGv a0)
552 int mem_index = (idx >> 2) - 1;
555 tcg_gen_qemu_st8(t0, a0, mem_index);
558 tcg_gen_qemu_st16(t0, a0, mem_index);
561 tcg_gen_qemu_st32(t0, a0, mem_index);
565 /* Should never happen on 32-bit targets. */
567 tcg_gen_qemu_st64(t0, a0, mem_index);
573 static inline void gen_op_st_T0_A0(int idx)
575 gen_op_st_v(idx, cpu_T[0], cpu_A0);
578 static inline void gen_op_st_T1_A0(int idx)
580 gen_op_st_v(idx, cpu_T[1], cpu_A0);
583 static inline void gen_jmp_im(target_ulong pc)
585 tcg_gen_movi_tl(cpu_tmp0, pc);
586 tcg_gen_st_tl(cpu_tmp0, cpu_env, offsetof(CPUState, eip));
589 static inline void gen_string_movl_A0_ESI(DisasContext *s)
593 override = s->override;
597 gen_op_movq_A0_seg(override);
598 gen_op_addq_A0_reg_sN(0, R_ESI);
600 gen_op_movq_A0_reg(R_ESI);
606 if (s->addseg && override < 0)
609 gen_op_movl_A0_seg(override);
610 gen_op_addl_A0_reg_sN(0, R_ESI);
612 gen_op_movl_A0_reg(R_ESI);
615 /* 16 address, always override */
618 gen_op_movl_A0_reg(R_ESI);
619 gen_op_andl_A0_ffff();
620 gen_op_addl_A0_seg(override);
624 static inline void gen_string_movl_A0_EDI(DisasContext *s)
628 gen_op_movq_A0_reg(R_EDI);
633 gen_op_movl_A0_seg(R_ES);
634 gen_op_addl_A0_reg_sN(0, R_EDI);
636 gen_op_movl_A0_reg(R_EDI);
639 gen_op_movl_A0_reg(R_EDI);
640 gen_op_andl_A0_ffff();
641 gen_op_addl_A0_seg(R_ES);
645 static inline void gen_op_movl_T0_Dshift(int ot)
647 tcg_gen_ld32s_tl(cpu_T[0], cpu_env, offsetof(CPUState, df));
648 tcg_gen_shli_tl(cpu_T[0], cpu_T[0], ot);
651 static void gen_extu(int ot, TCGv reg)
655 tcg_gen_ext8u_tl(reg, reg);
658 tcg_gen_ext16u_tl(reg, reg);
661 tcg_gen_ext32u_tl(reg, reg);
668 static void gen_exts(int ot, TCGv reg)
672 tcg_gen_ext8s_tl(reg, reg);
675 tcg_gen_ext16s_tl(reg, reg);
678 tcg_gen_ext32s_tl(reg, reg);
685 static inline void gen_op_jnz_ecx(int size, int label1)
687 tcg_gen_mov_tl(cpu_tmp0, cpu_regs[R_ECX]);
688 gen_extu(size + 1, cpu_tmp0);
689 tcg_gen_brcondi_tl(TCG_COND_NE, cpu_tmp0, 0, label1);
692 static inline void gen_op_jz_ecx(int size, int label1)
694 tcg_gen_mov_tl(cpu_tmp0, cpu_regs[R_ECX]);
695 gen_extu(size + 1, cpu_tmp0);
696 tcg_gen_brcondi_tl(TCG_COND_EQ, cpu_tmp0, 0, label1);
699 static void gen_helper_in_func(int ot, TCGv v, TCGv_i32 n)
702 case 0: gen_helper_inb(v, n); break;
703 case 1: gen_helper_inw(v, n); break;
704 case 2: gen_helper_inl(v, n); break;
709 static void gen_helper_out_func(int ot, TCGv_i32 v, TCGv_i32 n)
712 case 0: gen_helper_outb(v, n); break;
713 case 1: gen_helper_outw(v, n); break;
714 case 2: gen_helper_outl(v, n); break;
719 static void gen_check_io(DisasContext *s, int ot, target_ulong cur_eip,
723 target_ulong next_eip;
726 if (s->pe && (s->cpl > s->iopl || s->vm86)) {
727 if (s->cc_op != CC_OP_DYNAMIC)
728 gen_op_set_cc_op(s->cc_op);
731 tcg_gen_trunc_tl_i32(cpu_tmp2_i32, cpu_T[0]);
733 case 0: gen_helper_check_iob(cpu_tmp2_i32); break;
734 case 1: gen_helper_check_iow(cpu_tmp2_i32); break;
735 case 2: gen_helper_check_iol(cpu_tmp2_i32); break;
738 if(s->flags & HF_SVMI_MASK) {
740 if (s->cc_op != CC_OP_DYNAMIC)
741 gen_op_set_cc_op(s->cc_op);
744 svm_flags |= (1 << (4 + ot));
745 next_eip = s->pc - s->cs_base;
746 tcg_gen_trunc_tl_i32(cpu_tmp2_i32, cpu_T[0]);
747 gen_helper_svm_check_io(cpu_tmp2_i32, tcg_const_i32(svm_flags),
748 tcg_const_i32(next_eip - cur_eip));
752 static inline void gen_movs(DisasContext *s, int ot)
754 gen_string_movl_A0_ESI(s);
755 gen_op_ld_T0_A0(ot + s->mem_index);
756 gen_string_movl_A0_EDI(s);
757 gen_op_st_T0_A0(ot + s->mem_index);
758 gen_op_movl_T0_Dshift(ot);
759 gen_op_add_reg_T0(s->aflag, R_ESI);
760 gen_op_add_reg_T0(s->aflag, R_EDI);
763 static inline void gen_update_cc_op(DisasContext *s)
765 if (s->cc_op != CC_OP_DYNAMIC) {
766 gen_op_set_cc_op(s->cc_op);
767 s->cc_op = CC_OP_DYNAMIC;
771 static void gen_op_update1_cc(void)
773 tcg_gen_discard_tl(cpu_cc_src);
774 tcg_gen_mov_tl(cpu_cc_dst, cpu_T[0]);
777 static void gen_op_update2_cc(void)
779 tcg_gen_mov_tl(cpu_cc_src, cpu_T[1]);
780 tcg_gen_mov_tl(cpu_cc_dst, cpu_T[0]);
783 static inline void gen_op_cmpl_T0_T1_cc(void)
785 tcg_gen_mov_tl(cpu_cc_src, cpu_T[1]);
786 tcg_gen_sub_tl(cpu_cc_dst, cpu_T[0], cpu_T[1]);
789 static inline void gen_op_testl_T0_T1_cc(void)
791 tcg_gen_discard_tl(cpu_cc_src);
792 tcg_gen_and_tl(cpu_cc_dst, cpu_T[0], cpu_T[1]);
795 static void gen_op_update_neg_cc(void)
797 tcg_gen_neg_tl(cpu_cc_src, cpu_T[0]);
798 tcg_gen_mov_tl(cpu_cc_dst, cpu_T[0]);
801 /* compute eflags.C to reg */
802 static void gen_compute_eflags_c(TCGv reg)
804 gen_helper_cc_compute_c(cpu_tmp2_i32, cpu_cc_op);
805 tcg_gen_extu_i32_tl(reg, cpu_tmp2_i32);
808 /* compute all eflags to cc_src */
809 static void gen_compute_eflags(TCGv reg)
811 gen_helper_cc_compute_all(cpu_tmp2_i32, cpu_cc_op);
812 tcg_gen_extu_i32_tl(reg, cpu_tmp2_i32);
815 static inline void gen_setcc_slow_T0(DisasContext *s, int jcc_op)
817 if (s->cc_op != CC_OP_DYNAMIC)
818 gen_op_set_cc_op(s->cc_op);
821 gen_compute_eflags(cpu_T[0]);
822 tcg_gen_shri_tl(cpu_T[0], cpu_T[0], 11);
823 tcg_gen_andi_tl(cpu_T[0], cpu_T[0], 1);
826 gen_compute_eflags_c(cpu_T[0]);
829 gen_compute_eflags(cpu_T[0]);
830 tcg_gen_shri_tl(cpu_T[0], cpu_T[0], 6);
831 tcg_gen_andi_tl(cpu_T[0], cpu_T[0], 1);
834 gen_compute_eflags(cpu_tmp0);
835 tcg_gen_shri_tl(cpu_T[0], cpu_tmp0, 6);
836 tcg_gen_or_tl(cpu_T[0], cpu_T[0], cpu_tmp0);
837 tcg_gen_andi_tl(cpu_T[0], cpu_T[0], 1);
840 gen_compute_eflags(cpu_T[0]);
841 tcg_gen_shri_tl(cpu_T[0], cpu_T[0], 7);
842 tcg_gen_andi_tl(cpu_T[0], cpu_T[0], 1);
845 gen_compute_eflags(cpu_T[0]);
846 tcg_gen_shri_tl(cpu_T[0], cpu_T[0], 2);
847 tcg_gen_andi_tl(cpu_T[0], cpu_T[0], 1);
850 gen_compute_eflags(cpu_tmp0);
851 tcg_gen_shri_tl(cpu_T[0], cpu_tmp0, 11); /* CC_O */
852 tcg_gen_shri_tl(cpu_tmp0, cpu_tmp0, 7); /* CC_S */
853 tcg_gen_xor_tl(cpu_T[0], cpu_T[0], cpu_tmp0);
854 tcg_gen_andi_tl(cpu_T[0], cpu_T[0], 1);
858 gen_compute_eflags(cpu_tmp0);
859 tcg_gen_shri_tl(cpu_T[0], cpu_tmp0, 11); /* CC_O */
860 tcg_gen_shri_tl(cpu_tmp4, cpu_tmp0, 7); /* CC_S */
861 tcg_gen_shri_tl(cpu_tmp0, cpu_tmp0, 6); /* CC_Z */
862 tcg_gen_xor_tl(cpu_T[0], cpu_T[0], cpu_tmp4);
863 tcg_gen_or_tl(cpu_T[0], cpu_T[0], cpu_tmp0);
864 tcg_gen_andi_tl(cpu_T[0], cpu_T[0], 1);
869 /* return true if setcc_slow is not needed (WARNING: must be kept in
870 sync with gen_jcc1) */
871 static int is_fast_jcc_case(DisasContext *s, int b)
874 jcc_op = (b >> 1) & 7;
876 /* we optimize the cmp/jcc case */
881 if (jcc_op == JCC_O || jcc_op == JCC_P)
885 /* some jumps are easy to compute */
910 if (jcc_op != JCC_Z && jcc_op != JCC_S)
920 /* generate a conditional jump to label 'l1' according to jump opcode
921 value 'b'. In the fast case, T0 is guaranted not to be used. */
922 static inline void gen_jcc1(DisasContext *s, int cc_op, int b, int l1)
924 int inv, jcc_op, size, cond;
928 jcc_op = (b >> 1) & 7;
931 /* we optimize the cmp/jcc case */
937 size = cc_op - CC_OP_SUBB;
943 tcg_gen_andi_tl(cpu_tmp0, cpu_cc_dst, 0xff);
947 tcg_gen_andi_tl(cpu_tmp0, cpu_cc_dst, 0xffff);
952 tcg_gen_andi_tl(cpu_tmp0, cpu_cc_dst, 0xffffffff);
960 tcg_gen_brcondi_tl(inv ? TCG_COND_NE : TCG_COND_EQ, t0, 0, l1);
966 tcg_gen_andi_tl(cpu_tmp0, cpu_cc_dst, 0x80);
967 tcg_gen_brcondi_tl(inv ? TCG_COND_EQ : TCG_COND_NE, cpu_tmp0,
971 tcg_gen_andi_tl(cpu_tmp0, cpu_cc_dst, 0x8000);
972 tcg_gen_brcondi_tl(inv ? TCG_COND_EQ : TCG_COND_NE, cpu_tmp0,
977 tcg_gen_andi_tl(cpu_tmp0, cpu_cc_dst, 0x80000000);
978 tcg_gen_brcondi_tl(inv ? TCG_COND_EQ : TCG_COND_NE, cpu_tmp0,
983 tcg_gen_brcondi_tl(inv ? TCG_COND_GE : TCG_COND_LT, cpu_cc_dst,
990 cond = inv ? TCG_COND_GEU : TCG_COND_LTU;
993 cond = inv ? TCG_COND_GTU : TCG_COND_LEU;
995 tcg_gen_add_tl(cpu_tmp4, cpu_cc_dst, cpu_cc_src);
999 tcg_gen_andi_tl(cpu_tmp4, cpu_tmp4, 0xff);
1000 tcg_gen_andi_tl(t0, cpu_cc_src, 0xff);
1004 tcg_gen_andi_tl(cpu_tmp4, cpu_tmp4, 0xffff);
1005 tcg_gen_andi_tl(t0, cpu_cc_src, 0xffff);
1007 #ifdef TARGET_X86_64
1010 tcg_gen_andi_tl(cpu_tmp4, cpu_tmp4, 0xffffffff);
1011 tcg_gen_andi_tl(t0, cpu_cc_src, 0xffffffff);
1018 tcg_gen_brcond_tl(cond, cpu_tmp4, t0, l1);
1022 cond = inv ? TCG_COND_GE : TCG_COND_LT;
1025 cond = inv ? TCG_COND_GT : TCG_COND_LE;
1027 tcg_gen_add_tl(cpu_tmp4, cpu_cc_dst, cpu_cc_src);
1031 tcg_gen_ext8s_tl(cpu_tmp4, cpu_tmp4);
1032 tcg_gen_ext8s_tl(t0, cpu_cc_src);
1036 tcg_gen_ext16s_tl(cpu_tmp4, cpu_tmp4);
1037 tcg_gen_ext16s_tl(t0, cpu_cc_src);
1039 #ifdef TARGET_X86_64
1042 tcg_gen_ext32s_tl(cpu_tmp4, cpu_tmp4);
1043 tcg_gen_ext32s_tl(t0, cpu_cc_src);
1050 tcg_gen_brcond_tl(cond, cpu_tmp4, t0, l1);
1058 /* some jumps are easy to compute */
1100 size = (cc_op - CC_OP_ADDB) & 3;
1103 size = (cc_op - CC_OP_ADDB) & 3;
1111 gen_setcc_slow_T0(s, jcc_op);
1112 tcg_gen_brcondi_tl(inv ? TCG_COND_EQ : TCG_COND_NE,
1118 /* XXX: does not work with gdbstub "ice" single step - not a
1120 static int gen_jz_ecx_string(DisasContext *s, target_ulong next_eip)
1124 l1 = gen_new_label();
1125 l2 = gen_new_label();
1126 gen_op_jnz_ecx(s->aflag, l1);
1128 gen_jmp_tb(s, next_eip, 1);
1133 static inline void gen_stos(DisasContext *s, int ot)
1135 gen_op_mov_TN_reg(OT_LONG, 0, R_EAX);
1136 gen_string_movl_A0_EDI(s);
1137 gen_op_st_T0_A0(ot + s->mem_index);
1138 gen_op_movl_T0_Dshift(ot);
1139 gen_op_add_reg_T0(s->aflag, R_EDI);
1142 static inline void gen_lods(DisasContext *s, int ot)
1144 gen_string_movl_A0_ESI(s);
1145 gen_op_ld_T0_A0(ot + s->mem_index);
1146 gen_op_mov_reg_T0(ot, R_EAX);
1147 gen_op_movl_T0_Dshift(ot);
1148 gen_op_add_reg_T0(s->aflag, R_ESI);
1151 static inline void gen_scas(DisasContext *s, int ot)
1153 gen_op_mov_TN_reg(OT_LONG, 0, R_EAX);
1154 gen_string_movl_A0_EDI(s);
1155 gen_op_ld_T1_A0(ot + s->mem_index);
1156 gen_op_cmpl_T0_T1_cc();
1157 gen_op_movl_T0_Dshift(ot);
1158 gen_op_add_reg_T0(s->aflag, R_EDI);
1161 static inline void gen_cmps(DisasContext *s, int ot)
1163 gen_string_movl_A0_ESI(s);
1164 gen_op_ld_T0_A0(ot + s->mem_index);
1165 gen_string_movl_A0_EDI(s);
1166 gen_op_ld_T1_A0(ot + s->mem_index);
1167 gen_op_cmpl_T0_T1_cc();
1168 gen_op_movl_T0_Dshift(ot);
1169 gen_op_add_reg_T0(s->aflag, R_ESI);
1170 gen_op_add_reg_T0(s->aflag, R_EDI);
1173 static inline void gen_ins(DisasContext *s, int ot)
1177 gen_string_movl_A0_EDI(s);
1178 /* Note: we must do this dummy write first to be restartable in
1179 case of page fault. */
1181 gen_op_st_T0_A0(ot + s->mem_index);
1182 gen_op_mov_TN_reg(OT_WORD, 1, R_EDX);
1183 tcg_gen_trunc_tl_i32(cpu_tmp2_i32, cpu_T[1]);
1184 tcg_gen_andi_i32(cpu_tmp2_i32, cpu_tmp2_i32, 0xffff);
1185 gen_helper_in_func(ot, cpu_T[0], cpu_tmp2_i32);
1186 gen_op_st_T0_A0(ot + s->mem_index);
1187 gen_op_movl_T0_Dshift(ot);
1188 gen_op_add_reg_T0(s->aflag, R_EDI);
1193 static inline void gen_outs(DisasContext *s, int ot)
1197 gen_string_movl_A0_ESI(s);
1198 gen_op_ld_T0_A0(ot + s->mem_index);
1200 gen_op_mov_TN_reg(OT_WORD, 1, R_EDX);
1201 tcg_gen_trunc_tl_i32(cpu_tmp2_i32, cpu_T[1]);
1202 tcg_gen_andi_i32(cpu_tmp2_i32, cpu_tmp2_i32, 0xffff);
1203 tcg_gen_trunc_tl_i32(cpu_tmp3_i32, cpu_T[0]);
1204 gen_helper_out_func(ot, cpu_tmp2_i32, cpu_tmp3_i32);
1206 gen_op_movl_T0_Dshift(ot);
1207 gen_op_add_reg_T0(s->aflag, R_ESI);
1212 /* same method as Valgrind : we generate jumps to current or next
1214 #define GEN_REPZ(op) \
1215 static inline void gen_repz_ ## op(DisasContext *s, int ot, \
1216 target_ulong cur_eip, target_ulong next_eip) \
1219 gen_update_cc_op(s); \
1220 l2 = gen_jz_ecx_string(s, next_eip); \
1221 gen_ ## op(s, ot); \
1222 gen_op_add_reg_im(s->aflag, R_ECX, -1); \
1223 /* a loop would cause two single step exceptions if ECX = 1 \
1224 before rep string_insn */ \
1226 gen_op_jz_ecx(s->aflag, l2); \
1227 gen_jmp(s, cur_eip); \
1230 #define GEN_REPZ2(op) \
1231 static inline void gen_repz_ ## op(DisasContext *s, int ot, \
1232 target_ulong cur_eip, \
1233 target_ulong next_eip, \
1237 gen_update_cc_op(s); \
1238 l2 = gen_jz_ecx_string(s, next_eip); \
1239 gen_ ## op(s, ot); \
1240 gen_op_add_reg_im(s->aflag, R_ECX, -1); \
1241 gen_op_set_cc_op(CC_OP_SUBB + ot); \
1242 gen_jcc1(s, CC_OP_SUBB + ot, (JCC_Z << 1) | (nz ^ 1), l2); \
1244 gen_op_jz_ecx(s->aflag, l2); \
1245 gen_jmp(s, cur_eip); \
1256 static void gen_helper_fp_arith_ST0_FT0(int op)
1259 case 0: gen_helper_fadd_ST0_FT0(); break;
1260 case 1: gen_helper_fmul_ST0_FT0(); break;
1261 case 2: gen_helper_fcom_ST0_FT0(); break;
1262 case 3: gen_helper_fcom_ST0_FT0(); break;
1263 case 4: gen_helper_fsub_ST0_FT0(); break;
1264 case 5: gen_helper_fsubr_ST0_FT0(); break;
1265 case 6: gen_helper_fdiv_ST0_FT0(); break;
1266 case 7: gen_helper_fdivr_ST0_FT0(); break;
1270 /* NOTE the exception in "r" op ordering */
1271 static void gen_helper_fp_arith_STN_ST0(int op, int opreg)
1273 TCGv_i32 tmp = tcg_const_i32(opreg);
1275 case 0: gen_helper_fadd_STN_ST0(tmp); break;
1276 case 1: gen_helper_fmul_STN_ST0(tmp); break;
1277 case 4: gen_helper_fsubr_STN_ST0(tmp); break;
1278 case 5: gen_helper_fsub_STN_ST0(tmp); break;
1279 case 6: gen_helper_fdivr_STN_ST0(tmp); break;
1280 case 7: gen_helper_fdiv_STN_ST0(tmp); break;
1284 /* if d == OR_TMP0, it means memory operand (address in A0) */
1285 static void gen_op(DisasContext *s1, int op, int ot, int d)
1288 gen_op_mov_TN_reg(ot, 0, d);
1290 gen_op_ld_T0_A0(ot + s1->mem_index);
1294 if (s1->cc_op != CC_OP_DYNAMIC)
1295 gen_op_set_cc_op(s1->cc_op);
1296 gen_compute_eflags_c(cpu_tmp4);
1297 tcg_gen_add_tl(cpu_T[0], cpu_T[0], cpu_T[1]);
1298 tcg_gen_add_tl(cpu_T[0], cpu_T[0], cpu_tmp4);
1300 gen_op_mov_reg_T0(ot, d);
1302 gen_op_st_T0_A0(ot + s1->mem_index);
1303 tcg_gen_mov_tl(cpu_cc_src, cpu_T[1]);
1304 tcg_gen_mov_tl(cpu_cc_dst, cpu_T[0]);
1305 tcg_gen_trunc_tl_i32(cpu_tmp2_i32, cpu_tmp4);
1306 tcg_gen_shli_i32(cpu_tmp2_i32, cpu_tmp2_i32, 2);
1307 tcg_gen_addi_i32(cpu_cc_op, cpu_tmp2_i32, CC_OP_ADDB + ot);
1308 s1->cc_op = CC_OP_DYNAMIC;
1311 if (s1->cc_op != CC_OP_DYNAMIC)
1312 gen_op_set_cc_op(s1->cc_op);
1313 gen_compute_eflags_c(cpu_tmp4);
1314 tcg_gen_sub_tl(cpu_T[0], cpu_T[0], cpu_T[1]);
1315 tcg_gen_sub_tl(cpu_T[0], cpu_T[0], cpu_tmp4);
1317 gen_op_mov_reg_T0(ot, d);
1319 gen_op_st_T0_A0(ot + s1->mem_index);
1320 tcg_gen_mov_tl(cpu_cc_src, cpu_T[1]);
1321 tcg_gen_mov_tl(cpu_cc_dst, cpu_T[0]);
1322 tcg_gen_trunc_tl_i32(cpu_tmp2_i32, cpu_tmp4);
1323 tcg_gen_shli_i32(cpu_tmp2_i32, cpu_tmp2_i32, 2);
1324 tcg_gen_addi_i32(cpu_cc_op, cpu_tmp2_i32, CC_OP_SUBB + ot);
1325 s1->cc_op = CC_OP_DYNAMIC;
1328 gen_op_addl_T0_T1();
1330 gen_op_mov_reg_T0(ot, d);
1332 gen_op_st_T0_A0(ot + s1->mem_index);
1333 gen_op_update2_cc();
1334 s1->cc_op = CC_OP_ADDB + ot;
1337 tcg_gen_sub_tl(cpu_T[0], cpu_T[0], cpu_T[1]);
1339 gen_op_mov_reg_T0(ot, d);
1341 gen_op_st_T0_A0(ot + s1->mem_index);
1342 gen_op_update2_cc();
1343 s1->cc_op = CC_OP_SUBB + ot;
1347 tcg_gen_and_tl(cpu_T[0], cpu_T[0], cpu_T[1]);
1349 gen_op_mov_reg_T0(ot, d);
1351 gen_op_st_T0_A0(ot + s1->mem_index);
1352 gen_op_update1_cc();
1353 s1->cc_op = CC_OP_LOGICB + ot;
1356 tcg_gen_or_tl(cpu_T[0], cpu_T[0], cpu_T[1]);
1358 gen_op_mov_reg_T0(ot, d);
1360 gen_op_st_T0_A0(ot + s1->mem_index);
1361 gen_op_update1_cc();
1362 s1->cc_op = CC_OP_LOGICB + ot;
1365 tcg_gen_xor_tl(cpu_T[0], cpu_T[0], cpu_T[1]);
1367 gen_op_mov_reg_T0(ot, d);
1369 gen_op_st_T0_A0(ot + s1->mem_index);
1370 gen_op_update1_cc();
1371 s1->cc_op = CC_OP_LOGICB + ot;
1374 gen_op_cmpl_T0_T1_cc();
1375 s1->cc_op = CC_OP_SUBB + ot;
1380 /* if d == OR_TMP0, it means memory operand (address in A0) */
1381 static void gen_inc(DisasContext *s1, int ot, int d, int c)
1384 gen_op_mov_TN_reg(ot, 0, d);
1386 gen_op_ld_T0_A0(ot + s1->mem_index);
1387 if (s1->cc_op != CC_OP_DYNAMIC)
1388 gen_op_set_cc_op(s1->cc_op);
1390 tcg_gen_addi_tl(cpu_T[0], cpu_T[0], 1);
1391 s1->cc_op = CC_OP_INCB + ot;
1393 tcg_gen_addi_tl(cpu_T[0], cpu_T[0], -1);
1394 s1->cc_op = CC_OP_DECB + ot;
1397 gen_op_mov_reg_T0(ot, d);
1399 gen_op_st_T0_A0(ot + s1->mem_index);
1400 gen_compute_eflags_c(cpu_cc_src);
1401 tcg_gen_mov_tl(cpu_cc_dst, cpu_T[0]);
1404 static void gen_shift_rm_T1(DisasContext *s, int ot, int op1,
1405 int is_right, int is_arith)
1418 gen_op_ld_T0_A0(ot + s->mem_index);
1420 gen_op_mov_TN_reg(ot, 0, op1);
1422 tcg_gen_andi_tl(cpu_T[1], cpu_T[1], mask);
1424 tcg_gen_addi_tl(cpu_tmp5, cpu_T[1], -1);
1428 gen_exts(ot, cpu_T[0]);
1429 tcg_gen_sar_tl(cpu_T3, cpu_T[0], cpu_tmp5);
1430 tcg_gen_sar_tl(cpu_T[0], cpu_T[0], cpu_T[1]);
1432 gen_extu(ot, cpu_T[0]);
1433 tcg_gen_shr_tl(cpu_T3, cpu_T[0], cpu_tmp5);
1434 tcg_gen_shr_tl(cpu_T[0], cpu_T[0], cpu_T[1]);
1437 tcg_gen_shl_tl(cpu_T3, cpu_T[0], cpu_tmp5);
1438 tcg_gen_shl_tl(cpu_T[0], cpu_T[0], cpu_T[1]);
1443 gen_op_st_T0_A0(ot + s->mem_index);
1445 gen_op_mov_reg_T0(ot, op1);
1447 /* update eflags if non zero shift */
1448 if (s->cc_op != CC_OP_DYNAMIC)
1449 gen_op_set_cc_op(s->cc_op);
1451 /* XXX: inefficient */
1452 t0 = tcg_temp_local_new();
1453 t1 = tcg_temp_local_new();
1455 tcg_gen_mov_tl(t0, cpu_T[0]);
1456 tcg_gen_mov_tl(t1, cpu_T3);
1458 shift_label = gen_new_label();
1459 tcg_gen_brcondi_tl(TCG_COND_EQ, cpu_T[1], 0, shift_label);
1461 tcg_gen_mov_tl(cpu_cc_src, t1);
1462 tcg_gen_mov_tl(cpu_cc_dst, t0);
1464 tcg_gen_movi_i32(cpu_cc_op, CC_OP_SARB + ot);
1466 tcg_gen_movi_i32(cpu_cc_op, CC_OP_SHLB + ot);
1468 gen_set_label(shift_label);
1469 s->cc_op = CC_OP_DYNAMIC; /* cannot predict flags after */
1475 static void gen_shift_rm_im(DisasContext *s, int ot, int op1, int op2,
1476 int is_right, int is_arith)
1487 gen_op_ld_T0_A0(ot + s->mem_index);
1489 gen_op_mov_TN_reg(ot, 0, op1);
1495 gen_exts(ot, cpu_T[0]);
1496 tcg_gen_sari_tl(cpu_tmp4, cpu_T[0], op2 - 1);
1497 tcg_gen_sari_tl(cpu_T[0], cpu_T[0], op2);
1499 gen_extu(ot, cpu_T[0]);
1500 tcg_gen_shri_tl(cpu_tmp4, cpu_T[0], op2 - 1);
1501 tcg_gen_shri_tl(cpu_T[0], cpu_T[0], op2);
1504 tcg_gen_shli_tl(cpu_tmp4, cpu_T[0], op2 - 1);
1505 tcg_gen_shli_tl(cpu_T[0], cpu_T[0], op2);
1511 gen_op_st_T0_A0(ot + s->mem_index);
1513 gen_op_mov_reg_T0(ot, op1);
1515 /* update eflags if non zero shift */
1517 tcg_gen_mov_tl(cpu_cc_src, cpu_tmp4);
1518 tcg_gen_mov_tl(cpu_cc_dst, cpu_T[0]);
1520 s->cc_op = CC_OP_SARB + ot;
1522 s->cc_op = CC_OP_SHLB + ot;
1526 static inline void tcg_gen_lshift(TCGv ret, TCGv arg1, target_long arg2)
1529 tcg_gen_shli_tl(ret, arg1, arg2);
1531 tcg_gen_shri_tl(ret, arg1, -arg2);
1534 static void gen_rot_rm_T1(DisasContext *s, int ot, int op1,
1538 int label1, label2, data_bits;
1539 TCGv t0, t1, t2, a0;
1541 /* XXX: inefficient, but we must use local temps */
1542 t0 = tcg_temp_local_new();
1543 t1 = tcg_temp_local_new();
1544 t2 = tcg_temp_local_new();
1545 a0 = tcg_temp_local_new();
1553 if (op1 == OR_TMP0) {
1554 tcg_gen_mov_tl(a0, cpu_A0);
1555 gen_op_ld_v(ot + s->mem_index, t0, a0);
1557 gen_op_mov_v_reg(ot, t0, op1);
1560 tcg_gen_mov_tl(t1, cpu_T[1]);
1562 tcg_gen_andi_tl(t1, t1, mask);
1564 /* Must test zero case to avoid using undefined behaviour in TCG
1566 label1 = gen_new_label();
1567 tcg_gen_brcondi_tl(TCG_COND_EQ, t1, 0, label1);
1570 tcg_gen_andi_tl(cpu_tmp0, t1, (1 << (3 + ot)) - 1);
1572 tcg_gen_mov_tl(cpu_tmp0, t1);
1575 tcg_gen_mov_tl(t2, t0);
1577 data_bits = 8 << ot;
1578 /* XXX: rely on behaviour of shifts when operand 2 overflows (XXX:
1579 fix TCG definition) */
1581 tcg_gen_shr_tl(cpu_tmp4, t0, cpu_tmp0);
1582 tcg_gen_subfi_tl(cpu_tmp0, data_bits, cpu_tmp0);
1583 tcg_gen_shl_tl(t0, t0, cpu_tmp0);
1585 tcg_gen_shl_tl(cpu_tmp4, t0, cpu_tmp0);
1586 tcg_gen_subfi_tl(cpu_tmp0, data_bits, cpu_tmp0);
1587 tcg_gen_shr_tl(t0, t0, cpu_tmp0);
1589 tcg_gen_or_tl(t0, t0, cpu_tmp4);
1591 gen_set_label(label1);
1593 if (op1 == OR_TMP0) {
1594 gen_op_st_v(ot + s->mem_index, t0, a0);
1596 gen_op_mov_reg_v(ot, op1, t0);
1600 if (s->cc_op != CC_OP_DYNAMIC)
1601 gen_op_set_cc_op(s->cc_op);
1603 label2 = gen_new_label();
1604 tcg_gen_brcondi_tl(TCG_COND_EQ, t1, 0, label2);
1606 gen_compute_eflags(cpu_cc_src);
1607 tcg_gen_andi_tl(cpu_cc_src, cpu_cc_src, ~(CC_O | CC_C));
1608 tcg_gen_xor_tl(cpu_tmp0, t2, t0);
1609 tcg_gen_lshift(cpu_tmp0, cpu_tmp0, 11 - (data_bits - 1));
1610 tcg_gen_andi_tl(cpu_tmp0, cpu_tmp0, CC_O);
1611 tcg_gen_or_tl(cpu_cc_src, cpu_cc_src, cpu_tmp0);
1613 tcg_gen_shri_tl(t0, t0, data_bits - 1);
1615 tcg_gen_andi_tl(t0, t0, CC_C);
1616 tcg_gen_or_tl(cpu_cc_src, cpu_cc_src, t0);
1618 tcg_gen_discard_tl(cpu_cc_dst);
1619 tcg_gen_movi_i32(cpu_cc_op, CC_OP_EFLAGS);
1621 gen_set_label(label2);
1622 s->cc_op = CC_OP_DYNAMIC; /* cannot predict flags after */
1630 static void gen_rot_rm_im(DisasContext *s, int ot, int op1, int op2,
1637 /* XXX: inefficient, but we must use local temps */
1638 t0 = tcg_temp_local_new();
1639 t1 = tcg_temp_local_new();
1640 a0 = tcg_temp_local_new();
1648 if (op1 == OR_TMP0) {
1649 tcg_gen_mov_tl(a0, cpu_A0);
1650 gen_op_ld_v(ot + s->mem_index, t0, a0);
1652 gen_op_mov_v_reg(ot, t0, op1);
1656 tcg_gen_mov_tl(t1, t0);
1659 data_bits = 8 << ot;
1661 int shift = op2 & ((1 << (3 + ot)) - 1);
1663 tcg_gen_shri_tl(cpu_tmp4, t0, shift);
1664 tcg_gen_shli_tl(t0, t0, data_bits - shift);
1667 tcg_gen_shli_tl(cpu_tmp4, t0, shift);
1668 tcg_gen_shri_tl(t0, t0, data_bits - shift);
1670 tcg_gen_or_tl(t0, t0, cpu_tmp4);
1674 if (op1 == OR_TMP0) {
1675 gen_op_st_v(ot + s->mem_index, t0, a0);
1677 gen_op_mov_reg_v(ot, op1, t0);
1682 if (s->cc_op != CC_OP_DYNAMIC)
1683 gen_op_set_cc_op(s->cc_op);
1685 gen_compute_eflags(cpu_cc_src);
1686 tcg_gen_andi_tl(cpu_cc_src, cpu_cc_src, ~(CC_O | CC_C));
1687 tcg_gen_xor_tl(cpu_tmp0, t1, t0);
1688 tcg_gen_lshift(cpu_tmp0, cpu_tmp0, 11 - (data_bits - 1));
1689 tcg_gen_andi_tl(cpu_tmp0, cpu_tmp0, CC_O);
1690 tcg_gen_or_tl(cpu_cc_src, cpu_cc_src, cpu_tmp0);
1692 tcg_gen_shri_tl(t0, t0, data_bits - 1);
1694 tcg_gen_andi_tl(t0, t0, CC_C);
1695 tcg_gen_or_tl(cpu_cc_src, cpu_cc_src, t0);
1697 tcg_gen_discard_tl(cpu_cc_dst);
1698 tcg_gen_movi_i32(cpu_cc_op, CC_OP_EFLAGS);
1699 s->cc_op = CC_OP_EFLAGS;
1707 /* XXX: add faster immediate = 1 case */
1708 static void gen_rotc_rm_T1(DisasContext *s, int ot, int op1,
1713 if (s->cc_op != CC_OP_DYNAMIC)
1714 gen_op_set_cc_op(s->cc_op);
1718 gen_op_ld_T0_A0(ot + s->mem_index);
1720 gen_op_mov_TN_reg(ot, 0, op1);
1724 case 0: gen_helper_rcrb(cpu_T[0], cpu_T[0], cpu_T[1]); break;
1725 case 1: gen_helper_rcrw(cpu_T[0], cpu_T[0], cpu_T[1]); break;
1726 case 2: gen_helper_rcrl(cpu_T[0], cpu_T[0], cpu_T[1]); break;
1727 #ifdef TARGET_X86_64
1728 case 3: gen_helper_rcrq(cpu_T[0], cpu_T[0], cpu_T[1]); break;
1733 case 0: gen_helper_rclb(cpu_T[0], cpu_T[0], cpu_T[1]); break;
1734 case 1: gen_helper_rclw(cpu_T[0], cpu_T[0], cpu_T[1]); break;
1735 case 2: gen_helper_rcll(cpu_T[0], cpu_T[0], cpu_T[1]); break;
1736 #ifdef TARGET_X86_64
1737 case 3: gen_helper_rclq(cpu_T[0], cpu_T[0], cpu_T[1]); break;
1743 gen_op_st_T0_A0(ot + s->mem_index);
1745 gen_op_mov_reg_T0(ot, op1);
1748 label1 = gen_new_label();
1749 tcg_gen_brcondi_tl(TCG_COND_EQ, cpu_cc_tmp, -1, label1);
1751 tcg_gen_mov_tl(cpu_cc_src, cpu_cc_tmp);
1752 tcg_gen_discard_tl(cpu_cc_dst);
1753 tcg_gen_movi_i32(cpu_cc_op, CC_OP_EFLAGS);
1755 gen_set_label(label1);
1756 s->cc_op = CC_OP_DYNAMIC; /* cannot predict flags after */
1759 /* XXX: add faster immediate case */
1760 static void gen_shiftd_rm_T1_T3(DisasContext *s, int ot, int op1,
1763 int label1, label2, data_bits;
1765 TCGv t0, t1, t2, a0;
1767 t0 = tcg_temp_local_new();
1768 t1 = tcg_temp_local_new();
1769 t2 = tcg_temp_local_new();
1770 a0 = tcg_temp_local_new();
1778 if (op1 == OR_TMP0) {
1779 tcg_gen_mov_tl(a0, cpu_A0);
1780 gen_op_ld_v(ot + s->mem_index, t0, a0);
1782 gen_op_mov_v_reg(ot, t0, op1);
1785 tcg_gen_andi_tl(cpu_T3, cpu_T3, mask);
1787 tcg_gen_mov_tl(t1, cpu_T[1]);
1788 tcg_gen_mov_tl(t2, cpu_T3);
1790 /* Must test zero case to avoid using undefined behaviour in TCG
1792 label1 = gen_new_label();
1793 tcg_gen_brcondi_tl(TCG_COND_EQ, t2, 0, label1);
1795 tcg_gen_addi_tl(cpu_tmp5, t2, -1);
1796 if (ot == OT_WORD) {
1797 /* Note: we implement the Intel behaviour for shift count > 16 */
1799 tcg_gen_andi_tl(t0, t0, 0xffff);
1800 tcg_gen_shli_tl(cpu_tmp0, t1, 16);
1801 tcg_gen_or_tl(t0, t0, cpu_tmp0);
1802 tcg_gen_ext32u_tl(t0, t0);
1804 tcg_gen_shr_tl(cpu_tmp4, t0, cpu_tmp5);
1806 /* only needed if count > 16, but a test would complicate */
1807 tcg_gen_subfi_tl(cpu_tmp5, 32, t2);
1808 tcg_gen_shl_tl(cpu_tmp0, t0, cpu_tmp5);
1810 tcg_gen_shr_tl(t0, t0, t2);
1812 tcg_gen_or_tl(t0, t0, cpu_tmp0);
1814 /* XXX: not optimal */
1815 tcg_gen_andi_tl(t0, t0, 0xffff);
1816 tcg_gen_shli_tl(t1, t1, 16);
1817 tcg_gen_or_tl(t1, t1, t0);
1818 tcg_gen_ext32u_tl(t1, t1);
1820 tcg_gen_shl_tl(cpu_tmp4, t0, cpu_tmp5);
1821 tcg_gen_subfi_tl(cpu_tmp0, 32, cpu_tmp5);
1822 tcg_gen_shr_tl(cpu_tmp5, t1, cpu_tmp0);
1823 tcg_gen_or_tl(cpu_tmp4, cpu_tmp4, cpu_tmp5);
1825 tcg_gen_shl_tl(t0, t0, t2);
1826 tcg_gen_subfi_tl(cpu_tmp5, 32, t2);
1827 tcg_gen_shr_tl(t1, t1, cpu_tmp5);
1828 tcg_gen_or_tl(t0, t0, t1);
1831 data_bits = 8 << ot;
1834 tcg_gen_ext32u_tl(t0, t0);
1836 tcg_gen_shr_tl(cpu_tmp4, t0, cpu_tmp5);
1838 tcg_gen_shr_tl(t0, t0, t2);
1839 tcg_gen_subfi_tl(cpu_tmp5, data_bits, t2);
1840 tcg_gen_shl_tl(t1, t1, cpu_tmp5);
1841 tcg_gen_or_tl(t0, t0, t1);
1845 tcg_gen_ext32u_tl(t1, t1);
1847 tcg_gen_shl_tl(cpu_tmp4, t0, cpu_tmp5);
1849 tcg_gen_shl_tl(t0, t0, t2);
1850 tcg_gen_subfi_tl(cpu_tmp5, data_bits, t2);
1851 tcg_gen_shr_tl(t1, t1, cpu_tmp5);
1852 tcg_gen_or_tl(t0, t0, t1);
1855 tcg_gen_mov_tl(t1, cpu_tmp4);
1857 gen_set_label(label1);
1859 if (op1 == OR_TMP0) {
1860 gen_op_st_v(ot + s->mem_index, t0, a0);
1862 gen_op_mov_reg_v(ot, op1, t0);
1866 if (s->cc_op != CC_OP_DYNAMIC)
1867 gen_op_set_cc_op(s->cc_op);
1869 label2 = gen_new_label();
1870 tcg_gen_brcondi_tl(TCG_COND_EQ, t2, 0, label2);
1872 tcg_gen_mov_tl(cpu_cc_src, t1);
1873 tcg_gen_mov_tl(cpu_cc_dst, t0);
1875 tcg_gen_movi_i32(cpu_cc_op, CC_OP_SARB + ot);
1877 tcg_gen_movi_i32(cpu_cc_op, CC_OP_SHLB + ot);
1879 gen_set_label(label2);
1880 s->cc_op = CC_OP_DYNAMIC; /* cannot predict flags after */
1888 static void gen_shift(DisasContext *s1, int op, int ot, int d, int s)
1891 gen_op_mov_TN_reg(ot, 1, s);
1894 gen_rot_rm_T1(s1, ot, d, 0);
1897 gen_rot_rm_T1(s1, ot, d, 1);
1901 gen_shift_rm_T1(s1, ot, d, 0, 0);
1904 gen_shift_rm_T1(s1, ot, d, 1, 0);
1907 gen_shift_rm_T1(s1, ot, d, 1, 1);
1910 gen_rotc_rm_T1(s1, ot, d, 0);
1913 gen_rotc_rm_T1(s1, ot, d, 1);
1918 static void gen_shifti(DisasContext *s1, int op, int ot, int d, int c)
1922 gen_rot_rm_im(s1, ot, d, c, 0);
1925 gen_rot_rm_im(s1, ot, d, c, 1);
1929 gen_shift_rm_im(s1, ot, d, c, 0, 0);
1932 gen_shift_rm_im(s1, ot, d, c, 1, 0);
1935 gen_shift_rm_im(s1, ot, d, c, 1, 1);
1938 /* currently not optimized */
1939 gen_op_movl_T1_im(c);
1940 gen_shift(s1, op, ot, d, OR_TMP1);
1945 static void gen_lea_modrm(DisasContext *s, int modrm, int *reg_ptr, int *offset_ptr)
1953 int mod, rm, code, override, must_add_seg;
1955 override = s->override;
1956 must_add_seg = s->addseg;
1959 mod = (modrm >> 6) & 3;
1971 code = ldub_code(s->pc++);
1972 scale = (code >> 6) & 3;
1973 index = ((code >> 3) & 7) | REX_X(s);
1980 if ((base & 7) == 5) {
1982 disp = (int32_t)ldl_code(s->pc);
1984 if (CODE64(s) && !havesib) {
1985 disp += s->pc + s->rip_offset;
1992 disp = (int8_t)ldub_code(s->pc++);
1996 disp = (int32_t)ldl_code(s->pc);
2002 /* for correct popl handling with esp */
2003 if (base == 4 && s->popl_esp_hack)
2004 disp += s->popl_esp_hack;
2005 #ifdef TARGET_X86_64
2006 if (s->aflag == 2) {
2007 gen_op_movq_A0_reg(base);
2009 gen_op_addq_A0_im(disp);
2014 gen_op_movl_A0_reg(base);
2016 gen_op_addl_A0_im(disp);
2019 #ifdef TARGET_X86_64
2020 if (s->aflag == 2) {
2021 gen_op_movq_A0_im(disp);
2025 gen_op_movl_A0_im(disp);
2028 /* index == 4 means no index */
2029 if (havesib && (index != 4)) {
2030 #ifdef TARGET_X86_64
2031 if (s->aflag == 2) {
2032 gen_op_addq_A0_reg_sN(scale, index);
2036 gen_op_addl_A0_reg_sN(scale, index);
2041 if (base == R_EBP || base == R_ESP)
2046 #ifdef TARGET_X86_64
2047 if (s->aflag == 2) {
2048 gen_op_addq_A0_seg(override);
2052 gen_op_addl_A0_seg(override);
2059 disp = lduw_code(s->pc);
2061 gen_op_movl_A0_im(disp);
2062 rm = 0; /* avoid SS override */
2069 disp = (int8_t)ldub_code(s->pc++);
2073 disp = lduw_code(s->pc);
2079 gen_op_movl_A0_reg(R_EBX);
2080 gen_op_addl_A0_reg_sN(0, R_ESI);
2083 gen_op_movl_A0_reg(R_EBX);
2084 gen_op_addl_A0_reg_sN(0, R_EDI);
2087 gen_op_movl_A0_reg(R_EBP);
2088 gen_op_addl_A0_reg_sN(0, R_ESI);
2091 gen_op_movl_A0_reg(R_EBP);
2092 gen_op_addl_A0_reg_sN(0, R_EDI);
2095 gen_op_movl_A0_reg(R_ESI);
2098 gen_op_movl_A0_reg(R_EDI);
2101 gen_op_movl_A0_reg(R_EBP);
2105 gen_op_movl_A0_reg(R_EBX);
2109 gen_op_addl_A0_im(disp);
2110 gen_op_andl_A0_ffff();
2114 if (rm == 2 || rm == 3 || rm == 6)
2119 gen_op_addl_A0_seg(override);
2129 static void gen_nop_modrm(DisasContext *s, int modrm)
2131 int mod, rm, base, code;
2133 mod = (modrm >> 6) & 3;
2143 code = ldub_code(s->pc++);
2179 /* used for LEA and MOV AX, mem */
2180 static void gen_add_A0_ds_seg(DisasContext *s)
2182 int override, must_add_seg;
2183 must_add_seg = s->addseg;
2185 if (s->override >= 0) {
2186 override = s->override;
2190 #ifdef TARGET_X86_64
2192 gen_op_addq_A0_seg(override);
2196 gen_op_addl_A0_seg(override);
2201 /* generate modrm memory load or store of 'reg'. TMP0 is used if reg ==
2203 static void gen_ldst_modrm(DisasContext *s, int modrm, int ot, int reg, int is_store)
2205 int mod, rm, opreg, disp;
2207 mod = (modrm >> 6) & 3;
2208 rm = (modrm & 7) | REX_B(s);
2212 gen_op_mov_TN_reg(ot, 0, reg);
2213 gen_op_mov_reg_T0(ot, rm);
2215 gen_op_mov_TN_reg(ot, 0, rm);
2217 gen_op_mov_reg_T0(ot, reg);
2220 gen_lea_modrm(s, modrm, &opreg, &disp);
2223 gen_op_mov_TN_reg(ot, 0, reg);
2224 gen_op_st_T0_A0(ot + s->mem_index);
2226 gen_op_ld_T0_A0(ot + s->mem_index);
2228 gen_op_mov_reg_T0(ot, reg);
2233 static inline uint32_t insn_get(DisasContext *s, int ot)
2239 ret = ldub_code(s->pc);
2243 ret = lduw_code(s->pc);
2248 ret = ldl_code(s->pc);
2255 static inline int insn_const_size(unsigned int ot)
2263 static inline void gen_goto_tb(DisasContext *s, int tb_num, target_ulong eip)
2265 TranslationBlock *tb;
2268 pc = s->cs_base + eip;
2270 /* NOTE: we handle the case where the TB spans two pages here */
2271 if ((pc & TARGET_PAGE_MASK) == (tb->pc & TARGET_PAGE_MASK) ||
2272 (pc & TARGET_PAGE_MASK) == ((s->pc - 1) & TARGET_PAGE_MASK)) {
2273 /* jump to same page: we can use a direct jump */
2274 tcg_gen_goto_tb(tb_num);
2276 tcg_gen_exit_tb((tcg_target_long)tb + tb_num);
2278 /* jump to another page: currently not optimized */
2284 static inline void gen_jcc(DisasContext *s, int b,
2285 target_ulong val, target_ulong next_eip)
2290 gen_update_cc_op(s);
2292 l1 = gen_new_label();
2293 gen_jcc1(s, cc_op, b, l1);
2295 gen_goto_tb(s, 0, next_eip);
2298 gen_goto_tb(s, 1, val);
2299 s->is_jmp = DISAS_TB_JUMP;
2302 l1 = gen_new_label();
2303 l2 = gen_new_label();
2304 gen_jcc1(s, cc_op, b, l1);
2306 gen_jmp_im(next_eip);
2316 static void gen_setcc(DisasContext *s, int b)
2318 int inv, jcc_op, l1;
2321 if (is_fast_jcc_case(s, b)) {
2322 /* nominal case: we use a jump */
2323 /* XXX: make it faster by adding new instructions in TCG */
2324 t0 = tcg_temp_local_new();
2325 tcg_gen_movi_tl(t0, 0);
2326 l1 = gen_new_label();
2327 gen_jcc1(s, s->cc_op, b ^ 1, l1);
2328 tcg_gen_movi_tl(t0, 1);
2330 tcg_gen_mov_tl(cpu_T[0], t0);
2333 /* slow case: it is more efficient not to generate a jump,
2334 although it is questionnable whether this optimization is
2337 jcc_op = (b >> 1) & 7;
2338 gen_setcc_slow_T0(s, jcc_op);
2340 tcg_gen_xori_tl(cpu_T[0], cpu_T[0], 1);
2345 static inline void gen_op_movl_T0_seg(int seg_reg)
2347 tcg_gen_ld32u_tl(cpu_T[0], cpu_env,
2348 offsetof(CPUX86State,segs[seg_reg].selector));
2351 static inline void gen_op_movl_seg_T0_vm(int seg_reg)
2353 tcg_gen_andi_tl(cpu_T[0], cpu_T[0], 0xffff);
2354 tcg_gen_st32_tl(cpu_T[0], cpu_env,
2355 offsetof(CPUX86State,segs[seg_reg].selector));
2356 tcg_gen_shli_tl(cpu_T[0], cpu_T[0], 4);
2357 tcg_gen_st_tl(cpu_T[0], cpu_env,
2358 offsetof(CPUX86State,segs[seg_reg].base));
2361 /* move T0 to seg_reg and compute if the CPU state may change. Never
2362 call this function with seg_reg == R_CS */
2363 static void gen_movl_seg_T0(DisasContext *s, int seg_reg, target_ulong cur_eip)
2365 if (s->pe && !s->vm86) {
2366 /* XXX: optimize by finding processor state dynamically */
2367 if (s->cc_op != CC_OP_DYNAMIC)
2368 gen_op_set_cc_op(s->cc_op);
2369 gen_jmp_im(cur_eip);
2370 tcg_gen_trunc_tl_i32(cpu_tmp2_i32, cpu_T[0]);
2371 gen_helper_load_seg(tcg_const_i32(seg_reg), cpu_tmp2_i32);
2372 /* abort translation because the addseg value may change or
2373 because ss32 may change. For R_SS, translation must always
2374 stop as a special handling must be done to disable hardware
2375 interrupts for the next instruction */
2376 if (seg_reg == R_SS || (s->code32 && seg_reg < R_FS))
2377 s->is_jmp = DISAS_TB_JUMP;
2379 gen_op_movl_seg_T0_vm(seg_reg);
2380 if (seg_reg == R_SS)
2381 s->is_jmp = DISAS_TB_JUMP;
2385 static inline int svm_is_rep(int prefixes)
2387 return ((prefixes & (PREFIX_REPZ | PREFIX_REPNZ)) ? 8 : 0);
2391 gen_svm_check_intercept_param(DisasContext *s, target_ulong pc_start,
2392 uint32_t type, uint64_t param)
2394 /* no SVM activated; fast case */
2395 if (likely(!(s->flags & HF_SVMI_MASK)))
2397 if (s->cc_op != CC_OP_DYNAMIC)
2398 gen_op_set_cc_op(s->cc_op);
2399 gen_jmp_im(pc_start - s->cs_base);
2400 gen_helper_svm_check_intercept_param(tcg_const_i32(type),
2401 tcg_const_i64(param));
2405 gen_svm_check_intercept(DisasContext *s, target_ulong pc_start, uint64_t type)
2407 gen_svm_check_intercept_param(s, pc_start, type, 0);
2410 static inline void gen_stack_update(DisasContext *s, int addend)
2412 #ifdef TARGET_X86_64
2414 gen_op_add_reg_im(2, R_ESP, addend);
2418 gen_op_add_reg_im(1, R_ESP, addend);
2420 gen_op_add_reg_im(0, R_ESP, addend);
2424 /* generate a push. It depends on ss32, addseg and dflag */
2425 static void gen_push_T0(DisasContext *s)
2427 #ifdef TARGET_X86_64
2429 gen_op_movq_A0_reg(R_ESP);
2431 gen_op_addq_A0_im(-8);
2432 gen_op_st_T0_A0(OT_QUAD + s->mem_index);
2434 gen_op_addq_A0_im(-2);
2435 gen_op_st_T0_A0(OT_WORD + s->mem_index);
2437 gen_op_mov_reg_A0(2, R_ESP);
2441 gen_op_movl_A0_reg(R_ESP);
2443 gen_op_addl_A0_im(-2);
2445 gen_op_addl_A0_im(-4);
2448 tcg_gen_mov_tl(cpu_T[1], cpu_A0);
2449 gen_op_addl_A0_seg(R_SS);
2452 gen_op_andl_A0_ffff();
2453 tcg_gen_mov_tl(cpu_T[1], cpu_A0);
2454 gen_op_addl_A0_seg(R_SS);
2456 gen_op_st_T0_A0(s->dflag + 1 + s->mem_index);
2457 if (s->ss32 && !s->addseg)
2458 gen_op_mov_reg_A0(1, R_ESP);
2460 gen_op_mov_reg_T1(s->ss32 + 1, R_ESP);
2464 /* generate a push. It depends on ss32, addseg and dflag */
2465 /* slower version for T1, only used for call Ev */
2466 static void gen_push_T1(DisasContext *s)
2468 #ifdef TARGET_X86_64
2470 gen_op_movq_A0_reg(R_ESP);
2472 gen_op_addq_A0_im(-8);
2473 gen_op_st_T1_A0(OT_QUAD + s->mem_index);
2475 gen_op_addq_A0_im(-2);
2476 gen_op_st_T0_A0(OT_WORD + s->mem_index);
2478 gen_op_mov_reg_A0(2, R_ESP);
2482 gen_op_movl_A0_reg(R_ESP);
2484 gen_op_addl_A0_im(-2);
2486 gen_op_addl_A0_im(-4);
2489 gen_op_addl_A0_seg(R_SS);
2492 gen_op_andl_A0_ffff();
2493 gen_op_addl_A0_seg(R_SS);
2495 gen_op_st_T1_A0(s->dflag + 1 + s->mem_index);
2497 if (s->ss32 && !s->addseg)
2498 gen_op_mov_reg_A0(1, R_ESP);
2500 gen_stack_update(s, (-2) << s->dflag);
2504 /* two step pop is necessary for precise exceptions */
2505 static void gen_pop_T0(DisasContext *s)
2507 #ifdef TARGET_X86_64
2509 gen_op_movq_A0_reg(R_ESP);
2510 gen_op_ld_T0_A0((s->dflag ? OT_QUAD : OT_WORD) + s->mem_index);
2514 gen_op_movl_A0_reg(R_ESP);
2517 gen_op_addl_A0_seg(R_SS);
2519 gen_op_andl_A0_ffff();
2520 gen_op_addl_A0_seg(R_SS);
2522 gen_op_ld_T0_A0(s->dflag + 1 + s->mem_index);
2526 static void gen_pop_update(DisasContext *s)
2528 #ifdef TARGET_X86_64
2529 if (CODE64(s) && s->dflag) {
2530 gen_stack_update(s, 8);
2534 gen_stack_update(s, 2 << s->dflag);
2538 static void gen_stack_A0(DisasContext *s)
2540 gen_op_movl_A0_reg(R_ESP);
2542 gen_op_andl_A0_ffff();
2543 tcg_gen_mov_tl(cpu_T[1], cpu_A0);
2545 gen_op_addl_A0_seg(R_SS);
2548 /* NOTE: wrap around in 16 bit not fully handled */
2549 static void gen_pusha(DisasContext *s)
2552 gen_op_movl_A0_reg(R_ESP);
2553 gen_op_addl_A0_im(-16 << s->dflag);
2555 gen_op_andl_A0_ffff();
2556 tcg_gen_mov_tl(cpu_T[1], cpu_A0);
2558 gen_op_addl_A0_seg(R_SS);
2559 for(i = 0;i < 8; i++) {
2560 gen_op_mov_TN_reg(OT_LONG, 0, 7 - i);
2561 gen_op_st_T0_A0(OT_WORD + s->dflag + s->mem_index);
2562 gen_op_addl_A0_im(2 << s->dflag);
2564 gen_op_mov_reg_T1(OT_WORD + s->ss32, R_ESP);
2567 /* NOTE: wrap around in 16 bit not fully handled */
2568 static void gen_popa(DisasContext *s)
2571 gen_op_movl_A0_reg(R_ESP);
2573 gen_op_andl_A0_ffff();
2574 tcg_gen_mov_tl(cpu_T[1], cpu_A0);
2575 tcg_gen_addi_tl(cpu_T[1], cpu_T[1], 16 << s->dflag);
2577 gen_op_addl_A0_seg(R_SS);
2578 for(i = 0;i < 8; i++) {
2579 /* ESP is not reloaded */
2581 gen_op_ld_T0_A0(OT_WORD + s->dflag + s->mem_index);
2582 gen_op_mov_reg_T0(OT_WORD + s->dflag, 7 - i);
2584 gen_op_addl_A0_im(2 << s->dflag);
2586 gen_op_mov_reg_T1(OT_WORD + s->ss32, R_ESP);
2589 static void gen_enter(DisasContext *s, int esp_addend, int level)
2594 #ifdef TARGET_X86_64
2596 ot = s->dflag ? OT_QUAD : OT_WORD;
2599 gen_op_movl_A0_reg(R_ESP);
2600 gen_op_addq_A0_im(-opsize);
2601 tcg_gen_mov_tl(cpu_T[1], cpu_A0);
2604 gen_op_mov_TN_reg(OT_LONG, 0, R_EBP);
2605 gen_op_st_T0_A0(ot + s->mem_index);
2607 /* XXX: must save state */
2608 gen_helper_enter64_level(tcg_const_i32(level),
2609 tcg_const_i32((ot == OT_QUAD)),
2612 gen_op_mov_reg_T1(ot, R_EBP);
2613 tcg_gen_addi_tl(cpu_T[1], cpu_T[1], -esp_addend + (-opsize * level));
2614 gen_op_mov_reg_T1(OT_QUAD, R_ESP);
2618 ot = s->dflag + OT_WORD;
2619 opsize = 2 << s->dflag;
2621 gen_op_movl_A0_reg(R_ESP);
2622 gen_op_addl_A0_im(-opsize);
2624 gen_op_andl_A0_ffff();
2625 tcg_gen_mov_tl(cpu_T[1], cpu_A0);
2627 gen_op_addl_A0_seg(R_SS);
2629 gen_op_mov_TN_reg(OT_LONG, 0, R_EBP);
2630 gen_op_st_T0_A0(ot + s->mem_index);
2632 /* XXX: must save state */
2633 gen_helper_enter_level(tcg_const_i32(level),
2634 tcg_const_i32(s->dflag),
2637 gen_op_mov_reg_T1(ot, R_EBP);
2638 tcg_gen_addi_tl(cpu_T[1], cpu_T[1], -esp_addend + (-opsize * level));
2639 gen_op_mov_reg_T1(OT_WORD + s->ss32, R_ESP);
2643 static void gen_exception(DisasContext *s, int trapno, target_ulong cur_eip)
2645 if (s->cc_op != CC_OP_DYNAMIC)
2646 gen_op_set_cc_op(s->cc_op);
2647 gen_jmp_im(cur_eip);
2648 gen_helper_raise_exception(tcg_const_i32(trapno));
2649 s->is_jmp = DISAS_TB_JUMP;
2652 /* an interrupt is different from an exception because of the
2654 static void gen_interrupt(DisasContext *s, int intno,
2655 target_ulong cur_eip, target_ulong next_eip)
2657 if (s->cc_op != CC_OP_DYNAMIC)
2658 gen_op_set_cc_op(s->cc_op);
2659 gen_jmp_im(cur_eip);
2660 gen_helper_raise_interrupt(tcg_const_i32(intno),
2661 tcg_const_i32(next_eip - cur_eip));
2662 s->is_jmp = DISAS_TB_JUMP;
2665 static void gen_debug(DisasContext *s, target_ulong cur_eip)
2667 if (s->cc_op != CC_OP_DYNAMIC)
2668 gen_op_set_cc_op(s->cc_op);
2669 gen_jmp_im(cur_eip);
2671 s->is_jmp = DISAS_TB_JUMP;
2674 /* generate a generic end of block. Trace exception is also generated
2676 static void gen_eob(DisasContext *s)
2678 if (s->cc_op != CC_OP_DYNAMIC)
2679 gen_op_set_cc_op(s->cc_op);
2680 if (s->tb->flags & HF_INHIBIT_IRQ_MASK) {
2681 gen_helper_reset_inhibit_irq();
2683 if (s->tb->flags & HF_RF_MASK) {
2684 gen_helper_reset_rf();
2686 if (s->singlestep_enabled) {
2689 gen_helper_single_step();
2693 s->is_jmp = DISAS_TB_JUMP;
2696 /* generate a jump to eip. No segment change must happen before as a
2697 direct call to the next block may occur */
2698 static void gen_jmp_tb(DisasContext *s, target_ulong eip, int tb_num)
2701 gen_update_cc_op(s);
2702 gen_goto_tb(s, tb_num, eip);
2703 s->is_jmp = DISAS_TB_JUMP;
2710 static void gen_jmp(DisasContext *s, target_ulong eip)
2712 gen_jmp_tb(s, eip, 0);
2715 static inline void gen_ldq_env_A0(int idx, int offset)
2717 int mem_index = (idx >> 2) - 1;
2718 tcg_gen_qemu_ld64(cpu_tmp1_i64, cpu_A0, mem_index);
2719 tcg_gen_st_i64(cpu_tmp1_i64, cpu_env, offset);
2722 static inline void gen_stq_env_A0(int idx, int offset)
2724 int mem_index = (idx >> 2) - 1;
2725 tcg_gen_ld_i64(cpu_tmp1_i64, cpu_env, offset);
2726 tcg_gen_qemu_st64(cpu_tmp1_i64, cpu_A0, mem_index);
2729 static inline void gen_ldo_env_A0(int idx, int offset)
2731 int mem_index = (idx >> 2) - 1;
2732 tcg_gen_qemu_ld64(cpu_tmp1_i64, cpu_A0, mem_index);
2733 tcg_gen_st_i64(cpu_tmp1_i64, cpu_env, offset + offsetof(XMMReg, XMM_Q(0)));
2734 tcg_gen_addi_tl(cpu_tmp0, cpu_A0, 8);
2735 tcg_gen_qemu_ld64(cpu_tmp1_i64, cpu_tmp0, mem_index);
2736 tcg_gen_st_i64(cpu_tmp1_i64, cpu_env, offset + offsetof(XMMReg, XMM_Q(1)));
2739 static inline void gen_sto_env_A0(int idx, int offset)
2741 int mem_index = (idx >> 2) - 1;
2742 tcg_gen_ld_i64(cpu_tmp1_i64, cpu_env, offset + offsetof(XMMReg, XMM_Q(0)));
2743 tcg_gen_qemu_st64(cpu_tmp1_i64, cpu_A0, mem_index);
2744 tcg_gen_addi_tl(cpu_tmp0, cpu_A0, 8);
2745 tcg_gen_ld_i64(cpu_tmp1_i64, cpu_env, offset + offsetof(XMMReg, XMM_Q(1)));
2746 tcg_gen_qemu_st64(cpu_tmp1_i64, cpu_tmp0, mem_index);
2749 static inline void gen_op_movo(int d_offset, int s_offset)
2751 tcg_gen_ld_i64(cpu_tmp1_i64, cpu_env, s_offset);
2752 tcg_gen_st_i64(cpu_tmp1_i64, cpu_env, d_offset);
2753 tcg_gen_ld_i64(cpu_tmp1_i64, cpu_env, s_offset + 8);
2754 tcg_gen_st_i64(cpu_tmp1_i64, cpu_env, d_offset + 8);
2757 static inline void gen_op_movq(int d_offset, int s_offset)
2759 tcg_gen_ld_i64(cpu_tmp1_i64, cpu_env, s_offset);
2760 tcg_gen_st_i64(cpu_tmp1_i64, cpu_env, d_offset);
2763 static inline void gen_op_movl(int d_offset, int s_offset)
2765 tcg_gen_ld_i32(cpu_tmp2_i32, cpu_env, s_offset);
2766 tcg_gen_st_i32(cpu_tmp2_i32, cpu_env, d_offset);
2769 static inline void gen_op_movq_env_0(int d_offset)
2771 tcg_gen_movi_i64(cpu_tmp1_i64, 0);
2772 tcg_gen_st_i64(cpu_tmp1_i64, cpu_env, d_offset);
2775 #define SSE_SPECIAL ((void *)1)
2776 #define SSE_DUMMY ((void *)2)
2778 #define MMX_OP2(x) { gen_helper_ ## x ## _mmx, gen_helper_ ## x ## _xmm }
2779 #define SSE_FOP(x) { gen_helper_ ## x ## ps, gen_helper_ ## x ## pd, \
2780 gen_helper_ ## x ## ss, gen_helper_ ## x ## sd, }
2782 static void *sse_op_table1[256][4] = {
2783 /* 3DNow! extensions */
2784 [0x0e] = { SSE_DUMMY }, /* femms */
2785 [0x0f] = { SSE_DUMMY }, /* pf... */
2786 /* pure SSE operations */
2787 [0x10] = { SSE_SPECIAL, SSE_SPECIAL, SSE_SPECIAL, SSE_SPECIAL }, /* movups, movupd, movss, movsd */
2788 [0x11] = { SSE_SPECIAL, SSE_SPECIAL, SSE_SPECIAL, SSE_SPECIAL }, /* movups, movupd, movss, movsd */
2789 [0x12] = { SSE_SPECIAL, SSE_SPECIAL, SSE_SPECIAL, SSE_SPECIAL }, /* movlps, movlpd, movsldup, movddup */
2790 [0x13] = { SSE_SPECIAL, SSE_SPECIAL }, /* movlps, movlpd */
2791 [0x14] = { gen_helper_punpckldq_xmm, gen_helper_punpcklqdq_xmm },
2792 [0x15] = { gen_helper_punpckhdq_xmm, gen_helper_punpckhqdq_xmm },
2793 [0x16] = { SSE_SPECIAL, SSE_SPECIAL, SSE_SPECIAL }, /* movhps, movhpd, movshdup */
2794 [0x17] = { SSE_SPECIAL, SSE_SPECIAL }, /* movhps, movhpd */
2796 [0x28] = { SSE_SPECIAL, SSE_SPECIAL }, /* movaps, movapd */
2797 [0x29] = { SSE_SPECIAL, SSE_SPECIAL }, /* movaps, movapd */
2798 [0x2a] = { SSE_SPECIAL, SSE_SPECIAL, SSE_SPECIAL, SSE_SPECIAL }, /* cvtpi2ps, cvtpi2pd, cvtsi2ss, cvtsi2sd */
2799 [0x2b] = { SSE_SPECIAL, SSE_SPECIAL, SSE_SPECIAL, SSE_SPECIAL }, /* movntps, movntpd, movntss, movntsd */
2800 [0x2c] = { SSE_SPECIAL, SSE_SPECIAL, SSE_SPECIAL, SSE_SPECIAL }, /* cvttps2pi, cvttpd2pi, cvttsd2si, cvttss2si */
2801 [0x2d] = { SSE_SPECIAL, SSE_SPECIAL, SSE_SPECIAL, SSE_SPECIAL }, /* cvtps2pi, cvtpd2pi, cvtsd2si, cvtss2si */
2802 [0x2e] = { gen_helper_ucomiss, gen_helper_ucomisd },
2803 [0x2f] = { gen_helper_comiss, gen_helper_comisd },
2804 [0x50] = { SSE_SPECIAL, SSE_SPECIAL }, /* movmskps, movmskpd */
2805 [0x51] = SSE_FOP(sqrt),
2806 [0x52] = { gen_helper_rsqrtps, NULL, gen_helper_rsqrtss, NULL },
2807 [0x53] = { gen_helper_rcpps, NULL, gen_helper_rcpss, NULL },
2808 [0x54] = { gen_helper_pand_xmm, gen_helper_pand_xmm }, /* andps, andpd */
2809 [0x55] = { gen_helper_pandn_xmm, gen_helper_pandn_xmm }, /* andnps, andnpd */
2810 [0x56] = { gen_helper_por_xmm, gen_helper_por_xmm }, /* orps, orpd */
2811 [0x57] = { gen_helper_pxor_xmm, gen_helper_pxor_xmm }, /* xorps, xorpd */
2812 [0x58] = SSE_FOP(add),
2813 [0x59] = SSE_FOP(mul),
2814 [0x5a] = { gen_helper_cvtps2pd, gen_helper_cvtpd2ps,
2815 gen_helper_cvtss2sd, gen_helper_cvtsd2ss },
2816 [0x5b] = { gen_helper_cvtdq2ps, gen_helper_cvtps2dq, gen_helper_cvttps2dq },
2817 [0x5c] = SSE_FOP(sub),
2818 [0x5d] = SSE_FOP(min),
2819 [0x5e] = SSE_FOP(div),
2820 [0x5f] = SSE_FOP(max),
2822 [0xc2] = SSE_FOP(cmpeq),
2823 [0xc6] = { gen_helper_shufps, gen_helper_shufpd },
2825 [0x38] = { SSE_SPECIAL, SSE_SPECIAL, NULL, SSE_SPECIAL }, /* SSSE3/SSE4 */
2826 [0x3a] = { SSE_SPECIAL, SSE_SPECIAL }, /* SSSE3/SSE4 */
2828 /* MMX ops and their SSE extensions */
2829 [0x60] = MMX_OP2(punpcklbw),
2830 [0x61] = MMX_OP2(punpcklwd),
2831 [0x62] = MMX_OP2(punpckldq),
2832 [0x63] = MMX_OP2(packsswb),
2833 [0x64] = MMX_OP2(pcmpgtb),
2834 [0x65] = MMX_OP2(pcmpgtw),
2835 [0x66] = MMX_OP2(pcmpgtl),
2836 [0x67] = MMX_OP2(packuswb),
2837 [0x68] = MMX_OP2(punpckhbw),
2838 [0x69] = MMX_OP2(punpckhwd),
2839 [0x6a] = MMX_OP2(punpckhdq),
2840 [0x6b] = MMX_OP2(packssdw),
2841 [0x6c] = { NULL, gen_helper_punpcklqdq_xmm },
2842 [0x6d] = { NULL, gen_helper_punpckhqdq_xmm },
2843 [0x6e] = { SSE_SPECIAL, SSE_SPECIAL }, /* movd mm, ea */
2844 [0x6f] = { SSE_SPECIAL, SSE_SPECIAL, SSE_SPECIAL }, /* movq, movdqa, , movqdu */
2845 [0x70] = { gen_helper_pshufw_mmx,
2846 gen_helper_pshufd_xmm,
2847 gen_helper_pshufhw_xmm,
2848 gen_helper_pshuflw_xmm },
2849 [0x71] = { SSE_SPECIAL, SSE_SPECIAL }, /* shiftw */
2850 [0x72] = { SSE_SPECIAL, SSE_SPECIAL }, /* shiftd */
2851 [0x73] = { SSE_SPECIAL, SSE_SPECIAL }, /* shiftq */
2852 [0x74] = MMX_OP2(pcmpeqb),
2853 [0x75] = MMX_OP2(pcmpeqw),
2854 [0x76] = MMX_OP2(pcmpeql),
2855 [0x77] = { SSE_DUMMY }, /* emms */
2856 [0x78] = { NULL, SSE_SPECIAL, NULL, SSE_SPECIAL }, /* extrq_i, insertq_i */
2857 [0x79] = { NULL, gen_helper_extrq_r, NULL, gen_helper_insertq_r },
2858 [0x7c] = { NULL, gen_helper_haddpd, NULL, gen_helper_haddps },
2859 [0x7d] = { NULL, gen_helper_hsubpd, NULL, gen_helper_hsubps },
2860 [0x7e] = { SSE_SPECIAL, SSE_SPECIAL, SSE_SPECIAL }, /* movd, movd, , movq */
2861 [0x7f] = { SSE_SPECIAL, SSE_SPECIAL, SSE_SPECIAL }, /* movq, movdqa, movdqu */
2862 [0xc4] = { SSE_SPECIAL, SSE_SPECIAL }, /* pinsrw */
2863 [0xc5] = { SSE_SPECIAL, SSE_SPECIAL }, /* pextrw */
2864 [0xd0] = { NULL, gen_helper_addsubpd, NULL, gen_helper_addsubps },
2865 [0xd1] = MMX_OP2(psrlw),
2866 [0xd2] = MMX_OP2(psrld),
2867 [0xd3] = MMX_OP2(psrlq),
2868 [0xd4] = MMX_OP2(paddq),
2869 [0xd5] = MMX_OP2(pmullw),
2870 [0xd6] = { NULL, SSE_SPECIAL, SSE_SPECIAL, SSE_SPECIAL },
2871 [0xd7] = { SSE_SPECIAL, SSE_SPECIAL }, /* pmovmskb */
2872 [0xd8] = MMX_OP2(psubusb),
2873 [0xd9] = MMX_OP2(psubusw),
2874 [0xda] = MMX_OP2(pminub),
2875 [0xdb] = MMX_OP2(pand),
2876 [0xdc] = MMX_OP2(paddusb),
2877 [0xdd] = MMX_OP2(paddusw),
2878 [0xde] = MMX_OP2(pmaxub),
2879 [0xdf] = MMX_OP2(pandn),
2880 [0xe0] = MMX_OP2(pavgb),
2881 [0xe1] = MMX_OP2(psraw),
2882 [0xe2] = MMX_OP2(psrad),
2883 [0xe3] = MMX_OP2(pavgw),
2884 [0xe4] = MMX_OP2(pmulhuw),
2885 [0xe5] = MMX_OP2(pmulhw),
2886 [0xe6] = { NULL, gen_helper_cvttpd2dq, gen_helper_cvtdq2pd, gen_helper_cvtpd2dq },
2887 [0xe7] = { SSE_SPECIAL , SSE_SPECIAL }, /* movntq, movntq */
2888 [0xe8] = MMX_OP2(psubsb),
2889 [0xe9] = MMX_OP2(psubsw),
2890 [0xea] = MMX_OP2(pminsw),
2891 [0xeb] = MMX_OP2(por),
2892 [0xec] = MMX_OP2(paddsb),
2893 [0xed] = MMX_OP2(paddsw),
2894 [0xee] = MMX_OP2(pmaxsw),
2895 [0xef] = MMX_OP2(pxor),
2896 [0xf0] = { NULL, NULL, NULL, SSE_SPECIAL }, /* lddqu */
2897 [0xf1] = MMX_OP2(psllw),
2898 [0xf2] = MMX_OP2(pslld),
2899 [0xf3] = MMX_OP2(psllq),
2900 [0xf4] = MMX_OP2(pmuludq),
2901 [0xf5] = MMX_OP2(pmaddwd),
2902 [0xf6] = MMX_OP2(psadbw),
2903 [0xf7] = MMX_OP2(maskmov),
2904 [0xf8] = MMX_OP2(psubb),
2905 [0xf9] = MMX_OP2(psubw),
2906 [0xfa] = MMX_OP2(psubl),
2907 [0xfb] = MMX_OP2(psubq),
2908 [0xfc] = MMX_OP2(paddb),
2909 [0xfd] = MMX_OP2(paddw),
2910 [0xfe] = MMX_OP2(paddl),
2913 static void *sse_op_table2[3 * 8][2] = {
2914 [0 + 2] = MMX_OP2(psrlw),
2915 [0 + 4] = MMX_OP2(psraw),
2916 [0 + 6] = MMX_OP2(psllw),
2917 [8 + 2] = MMX_OP2(psrld),
2918 [8 + 4] = MMX_OP2(psrad),
2919 [8 + 6] = MMX_OP2(pslld),
2920 [16 + 2] = MMX_OP2(psrlq),
2921 [16 + 3] = { NULL, gen_helper_psrldq_xmm },
2922 [16 + 6] = MMX_OP2(psllq),
2923 [16 + 7] = { NULL, gen_helper_pslldq_xmm },
2926 static void *sse_op_table3[4 * 3] = {
2927 gen_helper_cvtsi2ss,
2928 gen_helper_cvtsi2sd,
2929 X86_64_ONLY(gen_helper_cvtsq2ss),
2930 X86_64_ONLY(gen_helper_cvtsq2sd),
2932 gen_helper_cvttss2si,
2933 gen_helper_cvttsd2si,
2934 X86_64_ONLY(gen_helper_cvttss2sq),
2935 X86_64_ONLY(gen_helper_cvttsd2sq),
2937 gen_helper_cvtss2si,
2938 gen_helper_cvtsd2si,
2939 X86_64_ONLY(gen_helper_cvtss2sq),
2940 X86_64_ONLY(gen_helper_cvtsd2sq),
2943 static void *sse_op_table4[8][4] = {
2954 static void *sse_op_table5[256] = {
2955 [0x0c] = gen_helper_pi2fw,
2956 [0x0d] = gen_helper_pi2fd,
2957 [0x1c] = gen_helper_pf2iw,
2958 [0x1d] = gen_helper_pf2id,
2959 [0x8a] = gen_helper_pfnacc,
2960 [0x8e] = gen_helper_pfpnacc,
2961 [0x90] = gen_helper_pfcmpge,
2962 [0x94] = gen_helper_pfmin,
2963 [0x96] = gen_helper_pfrcp,
2964 [0x97] = gen_helper_pfrsqrt,
2965 [0x9a] = gen_helper_pfsub,
2966 [0x9e] = gen_helper_pfadd,
2967 [0xa0] = gen_helper_pfcmpgt,
2968 [0xa4] = gen_helper_pfmax,
2969 [0xa6] = gen_helper_movq, /* pfrcpit1; no need to actually increase precision */
2970 [0xa7] = gen_helper_movq, /* pfrsqit1 */
2971 [0xaa] = gen_helper_pfsubr,
2972 [0xae] = gen_helper_pfacc,
2973 [0xb0] = gen_helper_pfcmpeq,
2974 [0xb4] = gen_helper_pfmul,
2975 [0xb6] = gen_helper_movq, /* pfrcpit2 */
2976 [0xb7] = gen_helper_pmulhrw_mmx,
2977 [0xbb] = gen_helper_pswapd,
2978 [0xbf] = gen_helper_pavgb_mmx /* pavgusb */
2981 struct sse_op_helper_s {
2982 void *op[2]; uint32_t ext_mask;
2984 #define SSSE3_OP(x) { MMX_OP2(x), CPUID_EXT_SSSE3 }
2985 #define SSE41_OP(x) { { NULL, gen_helper_ ## x ## _xmm }, CPUID_EXT_SSE41 }
2986 #define SSE42_OP(x) { { NULL, gen_helper_ ## x ## _xmm }, CPUID_EXT_SSE42 }
2987 #define SSE41_SPECIAL { { NULL, SSE_SPECIAL }, CPUID_EXT_SSE41 }
2988 static struct sse_op_helper_s sse_op_table6[256] = {
2989 [0x00] = SSSE3_OP(pshufb),
2990 [0x01] = SSSE3_OP(phaddw),
2991 [0x02] = SSSE3_OP(phaddd),
2992 [0x03] = SSSE3_OP(phaddsw),
2993 [0x04] = SSSE3_OP(pmaddubsw),
2994 [0x05] = SSSE3_OP(phsubw),
2995 [0x06] = SSSE3_OP(phsubd),
2996 [0x07] = SSSE3_OP(phsubsw),
2997 [0x08] = SSSE3_OP(psignb),
2998 [0x09] = SSSE3_OP(psignw),
2999 [0x0a] = SSSE3_OP(psignd),
3000 [0x0b] = SSSE3_OP(pmulhrsw),
3001 [0x10] = SSE41_OP(pblendvb),
3002 [0x14] = SSE41_OP(blendvps),
3003 [0x15] = SSE41_OP(blendvpd),
3004 [0x17] = SSE41_OP(ptest),
3005 [0x1c] = SSSE3_OP(pabsb),
3006 [0x1d] = SSSE3_OP(pabsw),
3007 [0x1e] = SSSE3_OP(pabsd),
3008 [0x20] = SSE41_OP(pmovsxbw),
3009 [0x21] = SSE41_OP(pmovsxbd),
3010 [0x22] = SSE41_OP(pmovsxbq),
3011 [0x23] = SSE41_OP(pmovsxwd),
3012 [0x24] = SSE41_OP(pmovsxwq),
3013 [0x25] = SSE41_OP(pmovsxdq),
3014 [0x28] = SSE41_OP(pmuldq),
3015 [0x29] = SSE41_OP(pcmpeqq),
3016 [0x2a] = SSE41_SPECIAL, /* movntqda */
3017 [0x2b] = SSE41_OP(packusdw),
3018 [0x30] = SSE41_OP(pmovzxbw),
3019 [0x31] = SSE41_OP(pmovzxbd),
3020 [0x32] = SSE41_OP(pmovzxbq),
3021 [0x33] = SSE41_OP(pmovzxwd),
3022 [0x34] = SSE41_OP(pmovzxwq),
3023 [0x35] = SSE41_OP(pmovzxdq),
3024 [0x37] = SSE42_OP(pcmpgtq),
3025 [0x38] = SSE41_OP(pminsb),
3026 [0x39] = SSE41_OP(pminsd),
3027 [0x3a] = SSE41_OP(pminuw),
3028 [0x3b] = SSE41_OP(pminud),
3029 [0x3c] = SSE41_OP(pmaxsb),
3030 [0x3d] = SSE41_OP(pmaxsd),
3031 [0x3e] = SSE41_OP(pmaxuw),
3032 [0x3f] = SSE41_OP(pmaxud),
3033 [0x40] = SSE41_OP(pmulld),
3034 [0x41] = SSE41_OP(phminposuw),
3037 static struct sse_op_helper_s sse_op_table7[256] = {
3038 [0x08] = SSE41_OP(roundps),
3039 [0x09] = SSE41_OP(roundpd),
3040 [0x0a] = SSE41_OP(roundss),
3041 [0x0b] = SSE41_OP(roundsd),
3042 [0x0c] = SSE41_OP(blendps),
3043 [0x0d] = SSE41_OP(blendpd),
3044 [0x0e] = SSE41_OP(pblendw),
3045 [0x0f] = SSSE3_OP(palignr),
3046 [0x14] = SSE41_SPECIAL, /* pextrb */
3047 [0x15] = SSE41_SPECIAL, /* pextrw */
3048 [0x16] = SSE41_SPECIAL, /* pextrd/pextrq */
3049 [0x17] = SSE41_SPECIAL, /* extractps */
3050 [0x20] = SSE41_SPECIAL, /* pinsrb */
3051 [0x21] = SSE41_SPECIAL, /* insertps */
3052 [0x22] = SSE41_SPECIAL, /* pinsrd/pinsrq */
3053 [0x40] = SSE41_OP(dpps),
3054 [0x41] = SSE41_OP(dppd),
3055 [0x42] = SSE41_OP(mpsadbw),
3056 [0x60] = SSE42_OP(pcmpestrm),
3057 [0x61] = SSE42_OP(pcmpestri),
3058 [0x62] = SSE42_OP(pcmpistrm),
3059 [0x63] = SSE42_OP(pcmpistri),
3062 static void gen_sse(DisasContext *s, int b, target_ulong pc_start, int rex_r)
3064 int b1, op1_offset, op2_offset, is_xmm, val, ot;
3065 int modrm, mod, rm, reg, reg_addr, offset_addr;
3069 if (s->prefix & PREFIX_DATA)
3071 else if (s->prefix & PREFIX_REPZ)
3073 else if (s->prefix & PREFIX_REPNZ)
3077 sse_op2 = sse_op_table1[b][b1];
3080 if ((b <= 0x5f && b >= 0x10) || b == 0xc6 || b == 0xc2) {
3090 /* simple MMX/SSE operation */
3091 if (s->flags & HF_TS_MASK) {
3092 gen_exception(s, EXCP07_PREX, pc_start - s->cs_base);
3095 if (s->flags & HF_EM_MASK) {
3097 gen_exception(s, EXCP06_ILLOP, pc_start - s->cs_base);
3100 if (is_xmm && !(s->flags & HF_OSFXSR_MASK))
3101 if ((b != 0x38 && b != 0x3a) || (s->prefix & PREFIX_DATA))
3104 if (!(s->cpuid_ext2_features & CPUID_EXT2_3DNOW))
3115 /* prepare MMX state (XXX: optimize by storing fptt and fptags in
3116 the static cpu state) */
3118 gen_helper_enter_mmx();
3121 modrm = ldub_code(s->pc++);
3122 reg = ((modrm >> 3) & 7);
3125 mod = (modrm >> 6) & 3;
3126 if (sse_op2 == SSE_SPECIAL) {
3129 case 0x0e7: /* movntq */
3132 gen_lea_modrm(s, modrm, ®_addr, &offset_addr);
3133 gen_stq_env_A0(s->mem_index, offsetof(CPUX86State,fpregs[reg].mmx));
3135 case 0x1e7: /* movntdq */
3136 case 0x02b: /* movntps */
3137 case 0x12b: /* movntps */
3140 gen_lea_modrm(s, modrm, ®_addr, &offset_addr);
3141 gen_sto_env_A0(s->mem_index, offsetof(CPUX86State,xmm_regs[reg]));
3143 case 0x3f0: /* lddqu */
3146 gen_lea_modrm(s, modrm, ®_addr, &offset_addr);
3147 gen_ldo_env_A0(s->mem_index, offsetof(CPUX86State,xmm_regs[reg]));
3149 case 0x22b: /* movntss */
3150 case 0x32b: /* movntsd */
3153 gen_lea_modrm(s, modrm, ®_addr, &offset_addr);
3155 gen_stq_env_A0(s->mem_index, offsetof(CPUX86State,
3158 tcg_gen_ld32u_tl(cpu_T[0], cpu_env, offsetof(CPUX86State,
3159 xmm_regs[reg].XMM_L(0)));
3160 gen_op_st_T0_A0(OT_LONG + s->mem_index);
3163 case 0x6e: /* movd mm, ea */
3164 #ifdef TARGET_X86_64
3165 if (s->dflag == 2) {
3166 gen_ldst_modrm(s, modrm, OT_QUAD, OR_TMP0, 0);
3167 tcg_gen_st_tl(cpu_T[0], cpu_env, offsetof(CPUX86State,fpregs[reg].mmx));
3171 gen_ldst_modrm(s, modrm, OT_LONG, OR_TMP0, 0);
3172 tcg_gen_addi_ptr(cpu_ptr0, cpu_env,
3173 offsetof(CPUX86State,fpregs[reg].mmx));
3174 tcg_gen_trunc_tl_i32(cpu_tmp2_i32, cpu_T[0]);
3175 gen_helper_movl_mm_T0_mmx(cpu_ptr0, cpu_tmp2_i32);
3178 case 0x16e: /* movd xmm, ea */
3179 #ifdef TARGET_X86_64
3180 if (s->dflag == 2) {
3181 gen_ldst_modrm(s, modrm, OT_QUAD, OR_TMP0, 0);
3182 tcg_gen_addi_ptr(cpu_ptr0, cpu_env,
3183 offsetof(CPUX86State,xmm_regs[reg]));
3184 gen_helper_movq_mm_T0_xmm(cpu_ptr0, cpu_T[0]);
3188 gen_ldst_modrm(s, modrm, OT_LONG, OR_TMP0, 0);
3189 tcg_gen_addi_ptr(cpu_ptr0, cpu_env,
3190 offsetof(CPUX86State,xmm_regs[reg]));
3191 tcg_gen_trunc_tl_i32(cpu_tmp2_i32, cpu_T[0]);
3192 gen_helper_movl_mm_T0_xmm(cpu_ptr0, cpu_tmp2_i32);
3195 case 0x6f: /* movq mm, ea */
3197 gen_lea_modrm(s, modrm, ®_addr, &offset_addr);
3198 gen_ldq_env_A0(s->mem_index, offsetof(CPUX86State,fpregs[reg].mmx));
3201 tcg_gen_ld_i64(cpu_tmp1_i64, cpu_env,
3202 offsetof(CPUX86State,fpregs[rm].mmx));
3203 tcg_gen_st_i64(cpu_tmp1_i64, cpu_env,
3204 offsetof(CPUX86State,fpregs[reg].mmx));
3207 case 0x010: /* movups */
3208 case 0x110: /* movupd */
3209 case 0x028: /* movaps */
3210 case 0x128: /* movapd */
3211 case 0x16f: /* movdqa xmm, ea */
3212 case 0x26f: /* movdqu xmm, ea */
3214 gen_lea_modrm(s, modrm, ®_addr, &offset_addr);
3215 gen_ldo_env_A0(s->mem_index, offsetof(CPUX86State,xmm_regs[reg]));
3217 rm = (modrm & 7) | REX_B(s);
3218 gen_op_movo(offsetof(CPUX86State,xmm_regs[reg]),
3219 offsetof(CPUX86State,xmm_regs[rm]));
3222 case 0x210: /* movss xmm, ea */
3224 gen_lea_modrm(s, modrm, ®_addr, &offset_addr);
3225 gen_op_ld_T0_A0(OT_LONG + s->mem_index);
3226 tcg_gen_st32_tl(cpu_T[0], cpu_env, offsetof(CPUX86State,xmm_regs[reg].XMM_L(0)));
3228 tcg_gen_st32_tl(cpu_T[0], cpu_env, offsetof(CPUX86State,xmm_regs[reg].XMM_L(1)));
3229 tcg_gen_st32_tl(cpu_T[0], cpu_env, offsetof(CPUX86State,xmm_regs[reg].XMM_L(2)));
3230 tcg_gen_st32_tl(cpu_T[0], cpu_env, offsetof(CPUX86State,xmm_regs[reg].XMM_L(3)));
3232 rm = (modrm & 7) | REX_B(s);
3233 gen_op_movl(offsetof(CPUX86State,xmm_regs[reg].XMM_L(0)),
3234 offsetof(CPUX86State,xmm_regs[rm].XMM_L(0)));
3237 case 0x310: /* movsd xmm, ea */
3239 gen_lea_modrm(s, modrm, ®_addr, &offset_addr);
3240 gen_ldq_env_A0(s->mem_index, offsetof(CPUX86State,xmm_regs[reg].XMM_Q(0)));
3242 tcg_gen_st32_tl(cpu_T[0], cpu_env, offsetof(CPUX86State,xmm_regs[reg].XMM_L(2)));
3243 tcg_gen_st32_tl(cpu_T[0], cpu_env, offsetof(CPUX86State,xmm_regs[reg].XMM_L(3)));
3245 rm = (modrm & 7) | REX_B(s);
3246 gen_op_movq(offsetof(CPUX86State,xmm_regs[reg].XMM_Q(0)),
3247 offsetof(CPUX86State,xmm_regs[rm].XMM_Q(0)));
3250 case 0x012: /* movlps */
3251 case 0x112: /* movlpd */
3253 gen_lea_modrm(s, modrm, ®_addr, &offset_addr);
3254 gen_ldq_env_A0(s->mem_index, offsetof(CPUX86State,xmm_regs[reg].XMM_Q(0)));
3257 rm = (modrm & 7) | REX_B(s);
3258 gen_op_movq(offsetof(CPUX86State,xmm_regs[reg].XMM_Q(0)),
3259 offsetof(CPUX86State,xmm_regs[rm].XMM_Q(1)));
3262 case 0x212: /* movsldup */
3264 gen_lea_modrm(s, modrm, ®_addr, &offset_addr);
3265 gen_ldo_env_A0(s->mem_index, offsetof(CPUX86State,xmm_regs[reg]));
3267 rm = (modrm & 7) | REX_B(s);
3268 gen_op_movl(offsetof(CPUX86State,xmm_regs[reg].XMM_L(0)),
3269 offsetof(CPUX86State,xmm_regs[rm].XMM_L(0)));
3270 gen_op_movl(offsetof(CPUX86State,xmm_regs[reg].XMM_L(2)),
3271 offsetof(CPUX86State,xmm_regs[rm].XMM_L(2)));
3273 gen_op_movl(offsetof(CPUX86State,xmm_regs[reg].XMM_L(1)),
3274 offsetof(CPUX86State,xmm_regs[reg].XMM_L(0)));
3275 gen_op_movl(offsetof(CPUX86State,xmm_regs[reg].XMM_L(3)),
3276 offsetof(CPUX86State,xmm_regs[reg].XMM_L(2)));
3278 case 0x312: /* movddup */
3280 gen_lea_modrm(s, modrm, ®_addr, &offset_addr);
3281 gen_ldq_env_A0(s->mem_index, offsetof(CPUX86State,xmm_regs[reg].XMM_Q(0)));
3283 rm = (modrm & 7) | REX_B(s);
3284 gen_op_movq(offsetof(CPUX86State,xmm_regs[reg].XMM_Q(0)),
3285 offsetof(CPUX86State,xmm_regs[rm].XMM_Q(0)));
3287 gen_op_movq(offsetof(CPUX86State,xmm_regs[reg].XMM_Q(1)),
3288 offsetof(CPUX86State,xmm_regs[reg].XMM_Q(0)));
3290 case 0x016: /* movhps */
3291 case 0x116: /* movhpd */
3293 gen_lea_modrm(s, modrm, ®_addr, &offset_addr);
3294 gen_ldq_env_A0(s->mem_index, offsetof(CPUX86State,xmm_regs[reg].XMM_Q(1)));
3297 rm = (modrm & 7) | REX_B(s);
3298 gen_op_movq(offsetof(CPUX86State,xmm_regs[reg].XMM_Q(1)),
3299 offsetof(CPUX86State,xmm_regs[rm].XMM_Q(0)));
3302 case 0x216: /* movshdup */
3304 gen_lea_modrm(s, modrm, ®_addr, &offset_addr);
3305 gen_ldo_env_A0(s->mem_index, offsetof(CPUX86State,xmm_regs[reg]));
3307 rm = (modrm & 7) | REX_B(s);
3308 gen_op_movl(offsetof(CPUX86State,xmm_regs[reg].XMM_L(1)),
3309 offsetof(CPUX86State,xmm_regs[rm].XMM_L(1)));
3310 gen_op_movl(offsetof(CPUX86State,xmm_regs[reg].XMM_L(3)),
3311 offsetof(CPUX86State,xmm_regs[rm].XMM_L(3)));
3313 gen_op_movl(offsetof(CPUX86State,xmm_regs[reg].XMM_L(0)),
3314 offsetof(CPUX86State,xmm_regs[reg].XMM_L(1)));
3315 gen_op_movl(offsetof(CPUX86State,xmm_regs[reg].XMM_L(2)),
3316 offsetof(CPUX86State,xmm_regs[reg].XMM_L(3)));
3321 int bit_index, field_length;
3323 if (b1 == 1 && reg != 0)
3325 field_length = ldub_code(s->pc++) & 0x3F;
3326 bit_index = ldub_code(s->pc++) & 0x3F;
3327 tcg_gen_addi_ptr(cpu_ptr0, cpu_env,
3328 offsetof(CPUX86State,xmm_regs[reg]));
3330 gen_helper_extrq_i(cpu_ptr0, tcg_const_i32(bit_index),
3331 tcg_const_i32(field_length));
3333 gen_helper_insertq_i(cpu_ptr0, tcg_const_i32(bit_index),
3334 tcg_const_i32(field_length));
3337 case 0x7e: /* movd ea, mm */
3338 #ifdef TARGET_X86_64
3339 if (s->dflag == 2) {
3340 tcg_gen_ld_i64(cpu_T[0], cpu_env,
3341 offsetof(CPUX86State,fpregs[reg].mmx));
3342 gen_ldst_modrm(s, modrm, OT_QUAD, OR_TMP0, 1);
3346 tcg_gen_ld32u_tl(cpu_T[0], cpu_env,
3347 offsetof(CPUX86State,fpregs[reg].mmx.MMX_L(0)));
3348 gen_ldst_modrm(s, modrm, OT_LONG, OR_TMP0, 1);
3351 case 0x17e: /* movd ea, xmm */
3352 #ifdef TARGET_X86_64
3353 if (s->dflag == 2) {
3354 tcg_gen_ld_i64(cpu_T[0], cpu_env,
3355 offsetof(CPUX86State,xmm_regs[reg].XMM_Q(0)));
3356 gen_ldst_modrm(s, modrm, OT_QUAD, OR_TMP0, 1);
3360 tcg_gen_ld32u_tl(cpu_T[0], cpu_env,
3361 offsetof(CPUX86State,xmm_regs[reg].XMM_L(0)));
3362 gen_ldst_modrm(s, modrm, OT_LONG, OR_TMP0, 1);
3365 case 0x27e: /* movq xmm, ea */
3367 gen_lea_modrm(s, modrm, ®_addr, &offset_addr);
3368 gen_ldq_env_A0(s->mem_index, offsetof(CPUX86State,xmm_regs[reg].XMM_Q(0)));
3370 rm = (modrm & 7) | REX_B(s);
3371 gen_op_movq(offsetof(CPUX86State,xmm_regs[reg].XMM_Q(0)),
3372 offsetof(CPUX86State,xmm_regs[rm].XMM_Q(0)));
3374 gen_op_movq_env_0(offsetof(CPUX86State,xmm_regs[reg].XMM_Q(1)));
3376 case 0x7f: /* movq ea, mm */
3378 gen_lea_modrm(s, modrm, ®_addr, &offset_addr);
3379 gen_stq_env_A0(s->mem_index, offsetof(CPUX86State,fpregs[reg].mmx));
3382 gen_op_movq(offsetof(CPUX86State,fpregs[rm].mmx),
3383 offsetof(CPUX86State,fpregs[reg].mmx));
3386 case 0x011: /* movups */
3387 case 0x111: /* movupd */
3388 case 0x029: /* movaps */
3389 case 0x129: /* movapd */
3390 case 0x17f: /* movdqa ea, xmm */
3391 case 0x27f: /* movdqu ea, xmm */
3393 gen_lea_modrm(s, modrm, ®_addr, &offset_addr);
3394 gen_sto_env_A0(s->mem_index, offsetof(CPUX86State,xmm_regs[reg]));
3396 rm = (modrm & 7) | REX_B(s);
3397 gen_op_movo(offsetof(CPUX86State,xmm_regs[rm]),
3398 offsetof(CPUX86State,xmm_regs[reg]));
3401 case 0x211: /* movss ea, xmm */
3403 gen_lea_modrm(s, modrm, ®_addr, &offset_addr);
3404 tcg_gen_ld32u_tl(cpu_T[0], cpu_env, offsetof(CPUX86State,xmm_regs[reg].XMM_L(0)));
3405 gen_op_st_T0_A0(OT_LONG + s->mem_index);
3407 rm = (modrm & 7) | REX_B(s);
3408 gen_op_movl(offsetof(CPUX86State,xmm_regs[rm].XMM_L(0)),
3409 offsetof(CPUX86State,xmm_regs[reg].XMM_L(0)));
3412 case 0x311: /* movsd ea, xmm */
3414 gen_lea_modrm(s, modrm, ®_addr, &offset_addr);
3415 gen_stq_env_A0(s->mem_index, offsetof(CPUX86State,xmm_regs[reg].XMM_Q(0)));
3417 rm = (modrm & 7) | REX_B(s);
3418 gen_op_movq(offsetof(CPUX86State,xmm_regs[rm].XMM_Q(0)),
3419 offsetof(CPUX86State,xmm_regs[reg].XMM_Q(0)));
3422 case 0x013: /* movlps */
3423 case 0x113: /* movlpd */
3425 gen_lea_modrm(s, modrm, ®_addr, &offset_addr);
3426 gen_stq_env_A0(s->mem_index, offsetof(CPUX86State,xmm_regs[reg].XMM_Q(0)));
3431 case 0x017: /* movhps */
3432 case 0x117: /* movhpd */
3434 gen_lea_modrm(s, modrm, ®_addr, &offset_addr);
3435 gen_stq_env_A0(s->mem_index, offsetof(CPUX86State,xmm_regs[reg].XMM_Q(1)));
3440 case 0x71: /* shift mm, im */
3443 case 0x171: /* shift xmm, im */
3449 val = ldub_code(s->pc++);
3451 gen_op_movl_T0_im(val);
3452 tcg_gen_st32_tl(cpu_T[0], cpu_env, offsetof(CPUX86State,xmm_t0.XMM_L(0)));
3454 tcg_gen_st32_tl(cpu_T[0], cpu_env, offsetof(CPUX86State,xmm_t0.XMM_L(1)));
3455 op1_offset = offsetof(CPUX86State,xmm_t0);
3457 gen_op_movl_T0_im(val);
3458 tcg_gen_st32_tl(cpu_T[0], cpu_env, offsetof(CPUX86State,mmx_t0.MMX_L(0)));
3460 tcg_gen_st32_tl(cpu_T[0], cpu_env, offsetof(CPUX86State,mmx_t0.MMX_L(1)));
3461 op1_offset = offsetof(CPUX86State,mmx_t0);
3463 sse_op2 = sse_op_table2[((b - 1) & 3) * 8 + (((modrm >> 3)) & 7)][b1];
3467 rm = (modrm & 7) | REX_B(s);
3468 op2_offset = offsetof(CPUX86State,xmm_regs[rm]);
3471 op2_offset = offsetof(CPUX86State,fpregs[rm].mmx);
3473 tcg_gen_addi_ptr(cpu_ptr0, cpu_env, op2_offset);
3474 tcg_gen_addi_ptr(cpu_ptr1, cpu_env, op1_offset);
3475 ((void (*)(TCGv_ptr, TCGv_ptr))sse_op2)(cpu_ptr0, cpu_ptr1);
3477 case 0x050: /* movmskps */
3478 rm = (modrm & 7) | REX_B(s);
3479 tcg_gen_addi_ptr(cpu_ptr0, cpu_env,
3480 offsetof(CPUX86State,xmm_regs[rm]));
3481 gen_helper_movmskps(cpu_tmp2_i32, cpu_ptr0);
3482 tcg_gen_extu_i32_tl(cpu_T[0], cpu_tmp2_i32);
3483 gen_op_mov_reg_T0(OT_LONG, reg);
3485 case 0x150: /* movmskpd */
3486 rm = (modrm & 7) | REX_B(s);
3487 tcg_gen_addi_ptr(cpu_ptr0, cpu_env,
3488 offsetof(CPUX86State,xmm_regs[rm]));
3489 gen_helper_movmskpd(cpu_tmp2_i32, cpu_ptr0);
3490 tcg_gen_extu_i32_tl(cpu_T[0], cpu_tmp2_i32);
3491 gen_op_mov_reg_T0(OT_LONG, reg);
3493 case 0x02a: /* cvtpi2ps */
3494 case 0x12a: /* cvtpi2pd */
3495 gen_helper_enter_mmx();
3497 gen_lea_modrm(s, modrm, ®_addr, &offset_addr);
3498 op2_offset = offsetof(CPUX86State,mmx_t0);
3499 gen_ldq_env_A0(s->mem_index, op2_offset);
3502 op2_offset = offsetof(CPUX86State,fpregs[rm].mmx);
3504 op1_offset = offsetof(CPUX86State,xmm_regs[reg]);
3505 tcg_gen_addi_ptr(cpu_ptr0, cpu_env, op1_offset);
3506 tcg_gen_addi_ptr(cpu_ptr1, cpu_env, op2_offset);
3509 gen_helper_cvtpi2ps(cpu_ptr0, cpu_ptr1);
3513 gen_helper_cvtpi2pd(cpu_ptr0, cpu_ptr1);
3517 case 0x22a: /* cvtsi2ss */
3518 case 0x32a: /* cvtsi2sd */
3519 ot = (s->dflag == 2) ? OT_QUAD : OT_LONG;
3520 gen_ldst_modrm(s, modrm, ot, OR_TMP0, 0);
3521 op1_offset = offsetof(CPUX86State,xmm_regs[reg]);
3522 tcg_gen_addi_ptr(cpu_ptr0, cpu_env, op1_offset);
3523 sse_op2 = sse_op_table3[(s->dflag == 2) * 2 + ((b >> 8) - 2)];
3524 if (ot == OT_LONG) {
3525 tcg_gen_trunc_tl_i32(cpu_tmp2_i32, cpu_T[0]);
3526 ((void (*)(TCGv_ptr, TCGv_i32))sse_op2)(cpu_ptr0, cpu_tmp2_i32);
3528 ((void (*)(TCGv_ptr, TCGv))sse_op2)(cpu_ptr0, cpu_T[0]);
3531 case 0x02c: /* cvttps2pi */
3532 case 0x12c: /* cvttpd2pi */
3533 case 0x02d: /* cvtps2pi */
3534 case 0x12d: /* cvtpd2pi */
3535 gen_helper_enter_mmx();
3537 gen_lea_modrm(s, modrm, ®_addr, &offset_addr);
3538 op2_offset = offsetof(CPUX86State,xmm_t0);
3539 gen_ldo_env_A0(s->mem_index, op2_offset);
3541 rm = (modrm & 7) | REX_B(s);
3542 op2_offset = offsetof(CPUX86State,xmm_regs[rm]);
3544 op1_offset = offsetof(CPUX86State,fpregs[reg & 7].mmx);
3545 tcg_gen_addi_ptr(cpu_ptr0, cpu_env, op1_offset);
3546 tcg_gen_addi_ptr(cpu_ptr1, cpu_env, op2_offset);
3549 gen_helper_cvttps2pi(cpu_ptr0, cpu_ptr1);
3552 gen_helper_cvttpd2pi(cpu_ptr0, cpu_ptr1);
3555 gen_helper_cvtps2pi(cpu_ptr0, cpu_ptr1);
3558 gen_helper_cvtpd2pi(cpu_ptr0, cpu_ptr1);
3562 case 0x22c: /* cvttss2si */
3563 case 0x32c: /* cvttsd2si */
3564 case 0x22d: /* cvtss2si */
3565 case 0x32d: /* cvtsd2si */
3566 ot = (s->dflag == 2) ? OT_QUAD : OT_LONG;
3568 gen_lea_modrm(s, modrm, ®_addr, &offset_addr);
3570 gen_ldq_env_A0(s->mem_index, offsetof(CPUX86State,xmm_t0.XMM_Q(0)));
3572 gen_op_ld_T0_A0(OT_LONG + s->mem_index);
3573 tcg_gen_st32_tl(cpu_T[0], cpu_env, offsetof(CPUX86State,xmm_t0.XMM_L(0)));
3575 op2_offset = offsetof(CPUX86State,xmm_t0);
3577 rm = (modrm & 7) | REX_B(s);
3578 op2_offset = offsetof(CPUX86State,xmm_regs[rm]);
3580 sse_op2 = sse_op_table3[(s->dflag == 2) * 2 + ((b >> 8) - 2) + 4 +
3582 tcg_gen_addi_ptr(cpu_ptr0, cpu_env, op2_offset);
3583 if (ot == OT_LONG) {
3584 ((void (*)(TCGv_i32, TCGv_ptr))sse_op2)(cpu_tmp2_i32, cpu_ptr0);
3585 tcg_gen_extu_i32_tl(cpu_T[0], cpu_tmp2_i32);
3587 ((void (*)(TCGv, TCGv_ptr))sse_op2)(cpu_T[0], cpu_ptr0);
3589 gen_op_mov_reg_T0(ot, reg);
3591 case 0xc4: /* pinsrw */
3594 gen_ldst_modrm(s, modrm, OT_WORD, OR_TMP0, 0);
3595 val = ldub_code(s->pc++);
3598 tcg_gen_st16_tl(cpu_T[0], cpu_env,
3599 offsetof(CPUX86State,xmm_regs[reg].XMM_W(val)));
3602 tcg_gen_st16_tl(cpu_T[0], cpu_env,
3603 offsetof(CPUX86State,fpregs[reg].mmx.MMX_W(val)));
3606 case 0xc5: /* pextrw */
3610 ot = (s->dflag == 2) ? OT_QUAD : OT_LONG;
3611 val = ldub_code(s->pc++);
3614 rm = (modrm & 7) | REX_B(s);
3615 tcg_gen_ld16u_tl(cpu_T[0], cpu_env,
3616 offsetof(CPUX86State,xmm_regs[rm].XMM_W(val)));
3620 tcg_gen_ld16u_tl(cpu_T[0], cpu_env,
3621 offsetof(CPUX86State,fpregs[rm].mmx.MMX_W(val)));
3623 reg = ((modrm >> 3) & 7) | rex_r;
3624 gen_op_mov_reg_T0(ot, reg);
3626 case 0x1d6: /* movq ea, xmm */
3628 gen_lea_modrm(s, modrm, ®_addr, &offset_addr);
3629 gen_stq_env_A0(s->mem_index, offsetof(CPUX86State,xmm_regs[reg].XMM_Q(0)));
3631 rm = (modrm & 7) | REX_B(s);
3632 gen_op_movq(offsetof(CPUX86State,xmm_regs[rm].XMM_Q(0)),
3633 offsetof(CPUX86State,xmm_regs[reg].XMM_Q(0)));
3634 gen_op_movq_env_0(offsetof(CPUX86State,xmm_regs[rm].XMM_Q(1)));
3637 case 0x2d6: /* movq2dq */
3638 gen_helper_enter_mmx();
3640 gen_op_movq(offsetof(CPUX86State,xmm_regs[reg].XMM_Q(0)),
3641 offsetof(CPUX86State,fpregs[rm].mmx));
3642 gen_op_movq_env_0(offsetof(CPUX86State,xmm_regs[reg].XMM_Q(1)));
3644 case 0x3d6: /* movdq2q */
3645 gen_helper_enter_mmx();
3646 rm = (modrm & 7) | REX_B(s);
3647 gen_op_movq(offsetof(CPUX86State,fpregs[reg & 7].mmx),
3648 offsetof(CPUX86State,xmm_regs[rm].XMM_Q(0)));
3650 case 0xd7: /* pmovmskb */
3655 rm = (modrm & 7) | REX_B(s);
3656 tcg_gen_addi_ptr(cpu_ptr0, cpu_env, offsetof(CPUX86State,xmm_regs[rm]));
3657 gen_helper_pmovmskb_xmm(cpu_tmp2_i32, cpu_ptr0);
3660 tcg_gen_addi_ptr(cpu_ptr0, cpu_env, offsetof(CPUX86State,fpregs[rm].mmx));
3661 gen_helper_pmovmskb_mmx(cpu_tmp2_i32, cpu_ptr0);
3663 tcg_gen_extu_i32_tl(cpu_T[0], cpu_tmp2_i32);
3664 reg = ((modrm >> 3) & 7) | rex_r;
3665 gen_op_mov_reg_T0(OT_LONG, reg);
3668 if (s->prefix & PREFIX_REPNZ)
3672 modrm = ldub_code(s->pc++);
3674 reg = ((modrm >> 3) & 7) | rex_r;
3675 mod = (modrm >> 6) & 3;
3680 sse_op2 = sse_op_table6[b].op[b1];
3683 if (!(s->cpuid_ext_features & sse_op_table6[b].ext_mask))
3687 op1_offset = offsetof(CPUX86State,xmm_regs[reg]);
3689 op2_offset = offsetof(CPUX86State,xmm_regs[rm | REX_B(s)]);
3691 op2_offset = offsetof(CPUX86State,xmm_t0);
3692 gen_lea_modrm(s, modrm, ®_addr, &offset_addr);
3694 case 0x20: case 0x30: /* pmovsxbw, pmovzxbw */
3695 case 0x23: case 0x33: /* pmovsxwd, pmovzxwd */
3696 case 0x25: case 0x35: /* pmovsxdq, pmovzxdq */
3697 gen_ldq_env_A0(s->mem_index, op2_offset +
3698 offsetof(XMMReg, XMM_Q(0)));
3700 case 0x21: case 0x31: /* pmovsxbd, pmovzxbd */
3701 case 0x24: case 0x34: /* pmovsxwq, pmovzxwq */
3702 tcg_gen_qemu_ld32u(cpu_tmp0, cpu_A0,
3703 (s->mem_index >> 2) - 1);
3704 tcg_gen_trunc_tl_i32(cpu_tmp2_i32, cpu_tmp0);
3705 tcg_gen_st_i32(cpu_tmp2_i32, cpu_env, op2_offset +
3706 offsetof(XMMReg, XMM_L(0)));
3708 case 0x22: case 0x32: /* pmovsxbq, pmovzxbq */
3709 tcg_gen_qemu_ld16u(cpu_tmp0, cpu_A0,
3710 (s->mem_index >> 2) - 1);
3711 tcg_gen_st16_tl(cpu_tmp0, cpu_env, op2_offset +
3712 offsetof(XMMReg, XMM_W(0)));
3714 case 0x2a: /* movntqda */
3715 gen_ldo_env_A0(s->mem_index, op1_offset);
3718 gen_ldo_env_A0(s->mem_index, op2_offset);
3722 op1_offset = offsetof(CPUX86State,fpregs[reg].mmx);
3724 op2_offset = offsetof(CPUX86State,fpregs[rm].mmx);
3726 op2_offset = offsetof(CPUX86State,mmx_t0);
3727 gen_lea_modrm(s, modrm, ®_addr, &offset_addr);
3728 gen_ldq_env_A0(s->mem_index, op2_offset);
3731 if (sse_op2 == SSE_SPECIAL)
3734 tcg_gen_addi_ptr(cpu_ptr0, cpu_env, op1_offset);
3735 tcg_gen_addi_ptr(cpu_ptr1, cpu_env, op2_offset);
3736 ((void (*)(TCGv_ptr, TCGv_ptr))sse_op2)(cpu_ptr0, cpu_ptr1);
3739 s->cc_op = CC_OP_EFLAGS;
3741 case 0x338: /* crc32 */
3744 modrm = ldub_code(s->pc++);
3745 reg = ((modrm >> 3) & 7) | rex_r;
3747 if (b != 0xf0 && b != 0xf1)
3749 if (!(s->cpuid_ext_features & CPUID_EXT_SSE42))
3754 else if (b == 0xf1 && s->dflag != 2)
3755 if (s->prefix & PREFIX_DATA)
3762 gen_op_mov_TN_reg(OT_LONG, 0, reg);
3763 tcg_gen_trunc_tl_i32(cpu_tmp2_i32, cpu_T[0]);
3764 gen_ldst_modrm(s, modrm, ot, OR_TMP0, 0);
3765 gen_helper_crc32(cpu_T[0], cpu_tmp2_i32,
3766 cpu_T[0], tcg_const_i32(8 << ot));
3768 ot = (s->dflag == 2) ? OT_QUAD : OT_LONG;
3769 gen_op_mov_reg_T0(ot, reg);
3774 modrm = ldub_code(s->pc++);
3776 reg = ((modrm >> 3) & 7) | rex_r;
3777 mod = (modrm >> 6) & 3;
3782 sse_op2 = sse_op_table7[b].op[b1];
3785 if (!(s->cpuid_ext_features & sse_op_table7[b].ext_mask))
3788 if (sse_op2 == SSE_SPECIAL) {
3789 ot = (s->dflag == 2) ? OT_QUAD : OT_LONG;
3790 rm = (modrm & 7) | REX_B(s);
3792 gen_lea_modrm(s, modrm, ®_addr, &offset_addr);
3793 reg = ((modrm >> 3) & 7) | rex_r;
3794 val = ldub_code(s->pc++);
3796 case 0x14: /* pextrb */
3797 tcg_gen_ld8u_tl(cpu_T[0], cpu_env, offsetof(CPUX86State,
3798 xmm_regs[reg].XMM_B(val & 15)));
3800 gen_op_mov_reg_T0(ot, rm);
3802 tcg_gen_qemu_st8(cpu_T[0], cpu_A0,
3803 (s->mem_index >> 2) - 1);
3805 case 0x15: /* pextrw */
3806 tcg_gen_ld16u_tl(cpu_T[0], cpu_env, offsetof(CPUX86State,
3807 xmm_regs[reg].XMM_W(val & 7)));
3809 gen_op_mov_reg_T0(ot, rm);
3811 tcg_gen_qemu_st16(cpu_T[0], cpu_A0,
3812 (s->mem_index >> 2) - 1);
3815 if (ot == OT_LONG) { /* pextrd */
3816 tcg_gen_ld_i32(cpu_tmp2_i32, cpu_env,
3817 offsetof(CPUX86State,
3818 xmm_regs[reg].XMM_L(val & 3)));
3819 tcg_gen_extu_i32_tl(cpu_T[0], cpu_tmp2_i32);
3821 gen_op_mov_reg_v(ot, rm, cpu_T[0]);
3823 tcg_gen_qemu_st32(cpu_T[0], cpu_A0,
3824 (s->mem_index >> 2) - 1);
3825 } else { /* pextrq */
3826 #ifdef TARGET_X86_64
3827 tcg_gen_ld_i64(cpu_tmp1_i64, cpu_env,
3828 offsetof(CPUX86State,
3829 xmm_regs[reg].XMM_Q(val & 1)));
3831 gen_op_mov_reg_v(ot, rm, cpu_tmp1_i64);
3833 tcg_gen_qemu_st64(cpu_tmp1_i64, cpu_A0,
3834 (s->mem_index >> 2) - 1);
3840 case 0x17: /* extractps */
3841 tcg_gen_ld32u_tl(cpu_T[0], cpu_env, offsetof(CPUX86State,
3842 xmm_regs[reg].XMM_L(val & 3)));
3844 gen_op_mov_reg_T0(ot, rm);
3846 tcg_gen_qemu_st32(cpu_T[0], cpu_A0,
3847 (s->mem_index >> 2) - 1);
3849 case 0x20: /* pinsrb */
3851 gen_op_mov_TN_reg(OT_LONG, 0, rm);
3853 tcg_gen_qemu_ld8u(cpu_tmp0, cpu_A0,
3854 (s->mem_index >> 2) - 1);
3855 tcg_gen_st8_tl(cpu_tmp0, cpu_env, offsetof(CPUX86State,
3856 xmm_regs[reg].XMM_B(val & 15)));
3858 case 0x21: /* insertps */
3860 tcg_gen_ld_i32(cpu_tmp2_i32, cpu_env,
3861 offsetof(CPUX86State,xmm_regs[rm]
3862 .XMM_L((val >> 6) & 3)));
3864 tcg_gen_qemu_ld32u(cpu_tmp0, cpu_A0,
3865 (s->mem_index >> 2) - 1);
3866 tcg_gen_trunc_tl_i32(cpu_tmp2_i32, cpu_tmp0);
3868 tcg_gen_st_i32(cpu_tmp2_i32, cpu_env,
3869 offsetof(CPUX86State,xmm_regs[reg]
3870 .XMM_L((val >> 4) & 3)));
3872 tcg_gen_st_i32(tcg_const_i32(0 /*float32_zero*/),
3873 cpu_env, offsetof(CPUX86State,
3874 xmm_regs[reg].XMM_L(0)));
3876 tcg_gen_st_i32(tcg_const_i32(0 /*float32_zero*/),
3877 cpu_env, offsetof(CPUX86State,
3878 xmm_regs[reg].XMM_L(1)));
3880 tcg_gen_st_i32(tcg_const_i32(0 /*float32_zero*/),
3881 cpu_env, offsetof(CPUX86State,
3882 xmm_regs[reg].XMM_L(2)));
3884 tcg_gen_st_i32(tcg_const_i32(0 /*float32_zero*/),
3885 cpu_env, offsetof(CPUX86State,
3886 xmm_regs[reg].XMM_L(3)));
3889 if (ot == OT_LONG) { /* pinsrd */
3891 gen_op_mov_v_reg(ot, cpu_tmp0, rm);
3893 tcg_gen_qemu_ld32u(cpu_tmp0, cpu_A0,
3894 (s->mem_index >> 2) - 1);
3895 tcg_gen_trunc_tl_i32(cpu_tmp2_i32, cpu_tmp0);
3896 tcg_gen_st_i32(cpu_tmp2_i32, cpu_env,
3897 offsetof(CPUX86State,
3898 xmm_regs[reg].XMM_L(val & 3)));
3899 } else { /* pinsrq */
3900 #ifdef TARGET_X86_64
3902 gen_op_mov_v_reg(ot, cpu_tmp1_i64, rm);
3904 tcg_gen_qemu_ld64(cpu_tmp1_i64, cpu_A0,
3905 (s->mem_index >> 2) - 1);
3906 tcg_gen_st_i64(cpu_tmp1_i64, cpu_env,
3907 offsetof(CPUX86State,
3908 xmm_regs[reg].XMM_Q(val & 1)));
3919 op1_offset = offsetof(CPUX86State,xmm_regs[reg]);
3921 op2_offset = offsetof(CPUX86State,xmm_regs[rm | REX_B(s)]);
3923 op2_offset = offsetof(CPUX86State,xmm_t0);
3924 gen_lea_modrm(s, modrm, ®_addr, &offset_addr);
3925 gen_ldo_env_A0(s->mem_index, op2_offset);
3928 op1_offset = offsetof(CPUX86State,fpregs[reg].mmx);
3930 op2_offset = offsetof(CPUX86State,fpregs[rm].mmx);
3932 op2_offset = offsetof(CPUX86State,mmx_t0);
3933 gen_lea_modrm(s, modrm, ®_addr, &offset_addr);
3934 gen_ldq_env_A0(s->mem_index, op2_offset);
3937 val = ldub_code(s->pc++);
3939 if ((b & 0xfc) == 0x60) { /* pcmpXstrX */
3940 s->cc_op = CC_OP_EFLAGS;
3943 /* The helper must use entire 64-bit gp registers */
3947 tcg_gen_addi_ptr(cpu_ptr0, cpu_env, op1_offset);
3948 tcg_gen_addi_ptr(cpu_ptr1, cpu_env, op2_offset);
3949 ((void (*)(TCGv_ptr, TCGv_ptr, TCGv_i32))sse_op2)(cpu_ptr0, cpu_ptr1, tcg_const_i32(val));
3955 /* generic MMX or SSE operation */
3957 case 0x70: /* pshufx insn */
3958 case 0xc6: /* pshufx insn */
3959 case 0xc2: /* compare insns */
3966 op1_offset = offsetof(CPUX86State,xmm_regs[reg]);
3968 gen_lea_modrm(s, modrm, ®_addr, &offset_addr);
3969 op2_offset = offsetof(CPUX86State,xmm_t0);
3970 if (b1 >= 2 && ((b >= 0x50 && b <= 0x5f && b != 0x5b) ||
3972 /* specific case for SSE single instructions */
3975 gen_op_ld_T0_A0(OT_LONG + s->mem_index);
3976 tcg_gen_st32_tl(cpu_T[0], cpu_env, offsetof(CPUX86State,xmm_t0.XMM_L(0)));
3979 gen_ldq_env_A0(s->mem_index, offsetof(CPUX86State,xmm_t0.XMM_D(0)));
3982 gen_ldo_env_A0(s->mem_index, op2_offset);
3985 rm = (modrm & 7) | REX_B(s);
3986 op2_offset = offsetof(CPUX86State,xmm_regs[rm]);
3989 op1_offset = offsetof(CPUX86State,fpregs[reg].mmx);
3991 gen_lea_modrm(s, modrm, ®_addr, &offset_addr);
3992 op2_offset = offsetof(CPUX86State,mmx_t0);
3993 gen_ldq_env_A0(s->mem_index, op2_offset);
3996 op2_offset = offsetof(CPUX86State,fpregs[rm].mmx);
4000 case 0x0f: /* 3DNow! data insns */
4001 if (!(s->cpuid_ext2_features & CPUID_EXT2_3DNOW))
4003 val = ldub_code(s->pc++);
4004 sse_op2 = sse_op_table5[val];
4007 tcg_gen_addi_ptr(cpu_ptr0, cpu_env, op1_offset);
4008 tcg_gen_addi_ptr(cpu_ptr1, cpu_env, op2_offset);
4009 ((void (*)(TCGv_ptr, TCGv_ptr))sse_op2)(cpu_ptr0, cpu_ptr1);
4011 case 0x70: /* pshufx insn */
4012 case 0xc6: /* pshufx insn */
4013 val = ldub_code(s->pc++);
4014 tcg_gen_addi_ptr(cpu_ptr0, cpu_env, op1_offset);
4015 tcg_gen_addi_ptr(cpu_ptr1, cpu_env, op2_offset);
4016 ((void (*)(TCGv_ptr, TCGv_ptr, TCGv_i32))sse_op2)(cpu_ptr0, cpu_ptr1, tcg_const_i32(val));
4020 val = ldub_code(s->pc++);
4023 sse_op2 = sse_op_table4[val][b1];
4024 tcg_gen_addi_ptr(cpu_ptr0, cpu_env, op1_offset);
4025 tcg_gen_addi_ptr(cpu_ptr1, cpu_env, op2_offset);
4026 ((void (*)(TCGv_ptr, TCGv_ptr))sse_op2)(cpu_ptr0, cpu_ptr1);
4029 /* maskmov : we must prepare A0 */
4032 #ifdef TARGET_X86_64
4033 if (s->aflag == 2) {
4034 gen_op_movq_A0_reg(R_EDI);
4038 gen_op_movl_A0_reg(R_EDI);
4040 gen_op_andl_A0_ffff();
4042 gen_add_A0_ds_seg(s);
4044 tcg_gen_addi_ptr(cpu_ptr0, cpu_env, op1_offset);
4045 tcg_gen_addi_ptr(cpu_ptr1, cpu_env, op2_offset);
4046 ((void (*)(TCGv_ptr, TCGv_ptr, TCGv))sse_op2)(cpu_ptr0, cpu_ptr1, cpu_A0);
4049 tcg_gen_addi_ptr(cpu_ptr0, cpu_env, op1_offset);
4050 tcg_gen_addi_ptr(cpu_ptr1, cpu_env, op2_offset);
4051 ((void (*)(TCGv_ptr, TCGv_ptr))sse_op2)(cpu_ptr0, cpu_ptr1);
4054 if (b == 0x2e || b == 0x2f) {
4055 s->cc_op = CC_OP_EFLAGS;
4060 /* convert one instruction. s->is_jmp is set if the translation must
4061 be stopped. Return the next pc value */
4062 static target_ulong disas_insn(DisasContext *s, target_ulong pc_start)
4064 int b, prefixes, aflag, dflag;
4066 int modrm, reg, rm, mod, reg_addr, op, opreg, offset_addr, val;
4067 target_ulong next_eip, tval;
4070 if (unlikely(qemu_loglevel_mask(CPU_LOG_TB_OP)))
4071 tcg_gen_debug_insn_start(pc_start);
4079 #ifdef TARGET_X86_64
4084 s->rip_offset = 0; /* for relative ip address */
4086 b = ldub_code(s->pc);
4088 /* check prefixes */
4089 #ifdef TARGET_X86_64
4093 prefixes |= PREFIX_REPZ;
4096 prefixes |= PREFIX_REPNZ;
4099 prefixes |= PREFIX_LOCK;
4120 prefixes |= PREFIX_DATA;
4123 prefixes |= PREFIX_ADR;
4127 rex_w = (b >> 3) & 1;
4128 rex_r = (b & 0x4) << 1;
4129 s->rex_x = (b & 0x2) << 2;
4130 REX_B(s) = (b & 0x1) << 3;
4131 x86_64_hregs = 1; /* select uniform byte register addressing */
4135 /* 0x66 is ignored if rex.w is set */
4138 if (prefixes & PREFIX_DATA)
4141 if (!(prefixes & PREFIX_ADR))
4148 prefixes |= PREFIX_REPZ;
4151 prefixes |= PREFIX_REPNZ;
4154 prefixes |= PREFIX_LOCK;
4175 prefixes |= PREFIX_DATA;
4178 prefixes |= PREFIX_ADR;
4181 if (prefixes & PREFIX_DATA)
4183 if (prefixes & PREFIX_ADR)
4187 s->prefix = prefixes;
4191 /* lock generation */
4192 if (prefixes & PREFIX_LOCK)
4195 /* now check op code */
4199 /**************************/
4200 /* extended op code */
4201 b = ldub_code(s->pc++) | 0x100;
4204 /**************************/
4222 ot = dflag + OT_WORD;
4225 case 0: /* OP Ev, Gv */
4226 modrm = ldub_code(s->pc++);
4227 reg = ((modrm >> 3) & 7) | rex_r;
4228 mod = (modrm >> 6) & 3;
4229 rm = (modrm & 7) | REX_B(s);
4231 gen_lea_modrm(s, modrm, ®_addr, &offset_addr);
4233 } else if (op == OP_XORL && rm == reg) {
4235 /* xor reg, reg optimisation */
4237 s->cc_op = CC_OP_LOGICB + ot;
4238 gen_op_mov_reg_T0(ot, reg);
4239 gen_op_update1_cc();
4244 gen_op_mov_TN_reg(ot, 1, reg);
4245 gen_op(s, op, ot, opreg);
4247 case 1: /* OP Gv, Ev */
4248 modrm = ldub_code(s->pc++);
4249 mod = (modrm >> 6) & 3;
4250 reg = ((modrm >> 3) & 7) | rex_r;
4251 rm = (modrm & 7) | REX_B(s);
4253 gen_lea_modrm(s, modrm, ®_addr, &offset_addr);
4254 gen_op_ld_T1_A0(ot + s->mem_index);
4255 } else if (op == OP_XORL && rm == reg) {
4258 gen_op_mov_TN_reg(ot, 1, rm);
4260 gen_op(s, op, ot, reg);
4262 case 2: /* OP A, Iv */
4263 val = insn_get(s, ot);
4264 gen_op_movl_T1_im(val);
4265 gen_op(s, op, ot, OR_EAX);
4274 case 0x80: /* GRP1 */
4283 ot = dflag + OT_WORD;
4285 modrm = ldub_code(s->pc++);
4286 mod = (modrm >> 6) & 3;
4287 rm = (modrm & 7) | REX_B(s);
4288 op = (modrm >> 3) & 7;
4294 s->rip_offset = insn_const_size(ot);
4295 gen_lea_modrm(s, modrm, ®_addr, &offset_addr);
4306 val = insn_get(s, ot);
4309 val = (int8_t)insn_get(s, OT_BYTE);
4312 gen_op_movl_T1_im(val);
4313 gen_op(s, op, ot, opreg);
4317 /**************************/
4318 /* inc, dec, and other misc arith */
4319 case 0x40 ... 0x47: /* inc Gv */
4320 ot = dflag ? OT_LONG : OT_WORD;
4321 gen_inc(s, ot, OR_EAX + (b & 7), 1);
4323 case 0x48 ... 0x4f: /* dec Gv */
4324 ot = dflag ? OT_LONG : OT_WORD;
4325 gen_inc(s, ot, OR_EAX + (b & 7), -1);
4327 case 0xf6: /* GRP3 */
4332 ot = dflag + OT_WORD;
4334 modrm = ldub_code(s->pc++);
4335 mod = (modrm >> 6) & 3;
4336 rm = (modrm & 7) | REX_B(s);
4337 op = (modrm >> 3) & 7;
4340 s->rip_offset = insn_const_size(ot);
4341 gen_lea_modrm(s, modrm, ®_addr, &offset_addr);
4342 gen_op_ld_T0_A0(ot + s->mem_index);
4344 gen_op_mov_TN_reg(ot, 0, rm);
4349 val = insn_get(s, ot);
4350 gen_op_movl_T1_im(val);
4351 gen_op_testl_T0_T1_cc();
4352 s->cc_op = CC_OP_LOGICB + ot;
4355 tcg_gen_not_tl(cpu_T[0], cpu_T[0]);
4357 gen_op_st_T0_A0(ot + s->mem_index);
4359 gen_op_mov_reg_T0(ot, rm);
4363 tcg_gen_neg_tl(cpu_T[0], cpu_T[0]);
4365 gen_op_st_T0_A0(ot + s->mem_index);
4367 gen_op_mov_reg_T0(ot, rm);
4369 gen_op_update_neg_cc();
4370 s->cc_op = CC_OP_SUBB + ot;
4375 gen_op_mov_TN_reg(OT_BYTE, 1, R_EAX);
4376 tcg_gen_ext8u_tl(cpu_T[0], cpu_T[0]);
4377 tcg_gen_ext8u_tl(cpu_T[1], cpu_T[1]);
4378 /* XXX: use 32 bit mul which could be faster */
4379 tcg_gen_mul_tl(cpu_T[0], cpu_T[0], cpu_T[1]);
4380 gen_op_mov_reg_T0(OT_WORD, R_EAX);
4381 tcg_gen_mov_tl(cpu_cc_dst, cpu_T[0]);
4382 tcg_gen_andi_tl(cpu_cc_src, cpu_T[0], 0xff00);
4383 s->cc_op = CC_OP_MULB;
4386 gen_op_mov_TN_reg(OT_WORD, 1, R_EAX);
4387 tcg_gen_ext16u_tl(cpu_T[0], cpu_T[0]);
4388 tcg_gen_ext16u_tl(cpu_T[1], cpu_T[1]);
4389 /* XXX: use 32 bit mul which could be faster */
4390 tcg_gen_mul_tl(cpu_T[0], cpu_T[0], cpu_T[1]);
4391 gen_op_mov_reg_T0(OT_WORD, R_EAX);
4392 tcg_gen_mov_tl(cpu_cc_dst, cpu_T[0]);
4393 tcg_gen_shri_tl(cpu_T[0], cpu_T[0], 16);
4394 gen_op_mov_reg_T0(OT_WORD, R_EDX);
4395 tcg_gen_mov_tl(cpu_cc_src, cpu_T[0]);
4396 s->cc_op = CC_OP_MULW;
4400 #ifdef TARGET_X86_64
4401 gen_op_mov_TN_reg(OT_LONG, 1, R_EAX);
4402 tcg_gen_ext32u_tl(cpu_T[0], cpu_T[0]);
4403 tcg_gen_ext32u_tl(cpu_T[1], cpu_T[1]);
4404 tcg_gen_mul_tl(cpu_T[0], cpu_T[0], cpu_T[1]);
4405 gen_op_mov_reg_T0(OT_LONG, R_EAX);
4406 tcg_gen_mov_tl(cpu_cc_dst, cpu_T[0]);
4407 tcg_gen_shri_tl(cpu_T[0], cpu_T[0], 32);
4408 gen_op_mov_reg_T0(OT_LONG, R_EDX);
4409 tcg_gen_mov_tl(cpu_cc_src, cpu_T[0]);
4413 t0 = tcg_temp_new_i64();
4414 t1 = tcg_temp_new_i64();
4415 gen_op_mov_TN_reg(OT_LONG, 1, R_EAX);
4416 tcg_gen_extu_i32_i64(t0, cpu_T[0]);
4417 tcg_gen_extu_i32_i64(t1, cpu_T[1]);
4418 tcg_gen_mul_i64(t0, t0, t1);
4419 tcg_gen_trunc_i64_i32(cpu_T[0], t0);
4420 gen_op_mov_reg_T0(OT_LONG, R_EAX);
4421 tcg_gen_mov_tl(cpu_cc_dst, cpu_T[0]);
4422 tcg_gen_shri_i64(t0, t0, 32);
4423 tcg_gen_trunc_i64_i32(cpu_T[0], t0);
4424 gen_op_mov_reg_T0(OT_LONG, R_EDX);
4425 tcg_gen_mov_tl(cpu_cc_src, cpu_T[0]);
4428 s->cc_op = CC_OP_MULL;
4430 #ifdef TARGET_X86_64
4432 gen_helper_mulq_EAX_T0(cpu_T[0]);
4433 s->cc_op = CC_OP_MULQ;
4441 gen_op_mov_TN_reg(OT_BYTE, 1, R_EAX);
4442 tcg_gen_ext8s_tl(cpu_T[0], cpu_T[0]);
4443 tcg_gen_ext8s_tl(cpu_T[1], cpu_T[1]);
4444 /* XXX: use 32 bit mul which could be faster */
4445 tcg_gen_mul_tl(cpu_T[0], cpu_T[0], cpu_T[1]);
4446 gen_op_mov_reg_T0(OT_WORD, R_EAX);
4447 tcg_gen_mov_tl(cpu_cc_dst, cpu_T[0]);
4448 tcg_gen_ext8s_tl(cpu_tmp0, cpu_T[0]);
4449 tcg_gen_sub_tl(cpu_cc_src, cpu_T[0], cpu_tmp0);
4450 s->cc_op = CC_OP_MULB;
4453 gen_op_mov_TN_reg(OT_WORD, 1, R_EAX);
4454 tcg_gen_ext16s_tl(cpu_T[0], cpu_T[0]);
4455 tcg_gen_ext16s_tl(cpu_T[1], cpu_T[1]);
4456 /* XXX: use 32 bit mul which could be faster */
4457 tcg_gen_mul_tl(cpu_T[0], cpu_T[0], cpu_T[1]);
4458 gen_op_mov_reg_T0(OT_WORD, R_EAX);
4459 tcg_gen_mov_tl(cpu_cc_dst, cpu_T[0]);
4460 tcg_gen_ext16s_tl(cpu_tmp0, cpu_T[0]);
4461 tcg_gen_sub_tl(cpu_cc_src, cpu_T[0], cpu_tmp0);
4462 tcg_gen_shri_tl(cpu_T[0], cpu_T[0], 16);
4463 gen_op_mov_reg_T0(OT_WORD, R_EDX);
4464 s->cc_op = CC_OP_MULW;
4468 #ifdef TARGET_X86_64
4469 gen_op_mov_TN_reg(OT_LONG, 1, R_EAX);
4470 tcg_gen_ext32s_tl(cpu_T[0], cpu_T[0]);
4471 tcg_gen_ext32s_tl(cpu_T[1], cpu_T[1]);
4472 tcg_gen_mul_tl(cpu_T[0], cpu_T[0], cpu_T[1]);
4473 gen_op_mov_reg_T0(OT_LONG, R_EAX);
4474 tcg_gen_mov_tl(cpu_cc_dst, cpu_T[0]);
4475 tcg_gen_ext32s_tl(cpu_tmp0, cpu_T[0]);
4476 tcg_gen_sub_tl(cpu_cc_src, cpu_T[0], cpu_tmp0);
4477 tcg_gen_shri_tl(cpu_T[0], cpu_T[0], 32);
4478 gen_op_mov_reg_T0(OT_LONG, R_EDX);
4482 t0 = tcg_temp_new_i64();
4483 t1 = tcg_temp_new_i64();
4484 gen_op_mov_TN_reg(OT_LONG, 1, R_EAX);
4485 tcg_gen_ext_i32_i64(t0, cpu_T[0]);
4486 tcg_gen_ext_i32_i64(t1, cpu_T[1]);
4487 tcg_gen_mul_i64(t0, t0, t1);
4488 tcg_gen_trunc_i64_i32(cpu_T[0], t0);
4489 gen_op_mov_reg_T0(OT_LONG, R_EAX);
4490 tcg_gen_mov_tl(cpu_cc_dst, cpu_T[0]);
4491 tcg_gen_sari_tl(cpu_tmp0, cpu_T[0], 31);
4492 tcg_gen_shri_i64(t0, t0, 32);
4493 tcg_gen_trunc_i64_i32(cpu_T[0], t0);
4494 gen_op_mov_reg_T0(OT_LONG, R_EDX);
4495 tcg_gen_sub_tl(cpu_cc_src, cpu_T[0], cpu_tmp0);
4498 s->cc_op = CC_OP_MULL;
4500 #ifdef TARGET_X86_64
4502 gen_helper_imulq_EAX_T0(cpu_T[0]);
4503 s->cc_op = CC_OP_MULQ;
4511 gen_jmp_im(pc_start - s->cs_base);
4512 gen_helper_divb_AL(cpu_T[0]);
4515 gen_jmp_im(pc_start - s->cs_base);
4516 gen_helper_divw_AX(cpu_T[0]);
4520 gen_jmp_im(pc_start - s->cs_base);
4521 gen_helper_divl_EAX(cpu_T[0]);
4523 #ifdef TARGET_X86_64
4525 gen_jmp_im(pc_start - s->cs_base);
4526 gen_helper_divq_EAX(cpu_T[0]);
4534 gen_jmp_im(pc_start - s->cs_base);
4535 gen_helper_idivb_AL(cpu_T[0]);
4538 gen_jmp_im(pc_start - s->cs_base);
4539 gen_helper_idivw_AX(cpu_T[0]);
4543 gen_jmp_im(pc_start - s->cs_base);
4544 gen_helper_idivl_EAX(cpu_T[0]);
4546 #ifdef TARGET_X86_64
4548 gen_jmp_im(pc_start - s->cs_base);
4549 gen_helper_idivq_EAX(cpu_T[0]);
4559 case 0xfe: /* GRP4 */
4560 case 0xff: /* GRP5 */
4564 ot = dflag + OT_WORD;
4566 modrm = ldub_code(s->pc++);
4567 mod = (modrm >> 6) & 3;
4568 rm = (modrm & 7) | REX_B(s);
4569 op = (modrm >> 3) & 7;
4570 if (op >= 2 && b == 0xfe) {
4574 if (op == 2 || op == 4) {
4575 /* operand size for jumps is 64 bit */
4577 } else if (op == 3 || op == 5) {
4578 ot = dflag ? OT_LONG + (rex_w == 1) : OT_WORD;
4579 } else if (op == 6) {
4580 /* default push size is 64 bit */
4581 ot = dflag ? OT_QUAD : OT_WORD;
4585 gen_lea_modrm(s, modrm, ®_addr, &offset_addr);
4586 if (op >= 2 && op != 3 && op != 5)
4587 gen_op_ld_T0_A0(ot + s->mem_index);
4589 gen_op_mov_TN_reg(ot, 0, rm);
4593 case 0: /* inc Ev */
4598 gen_inc(s, ot, opreg, 1);
4600 case 1: /* dec Ev */
4605 gen_inc(s, ot, opreg, -1);
4607 case 2: /* call Ev */
4608 /* XXX: optimize if memory (no 'and' is necessary) */
4610 gen_op_andl_T0_ffff();
4611 next_eip = s->pc - s->cs_base;
4612 gen_movtl_T1_im(next_eip);
4617 case 3: /* lcall Ev */
4618 gen_op_ld_T1_A0(ot + s->mem_index);
4619 gen_add_A0_im(s, 1 << (ot - OT_WORD + 1));
4620 gen_op_ldu_T0_A0(OT_WORD + s->mem_index);
4622 if (s->pe && !s->vm86) {
4623 if (s->cc_op != CC_OP_DYNAMIC)
4624 gen_op_set_cc_op(s->cc_op);
4625 gen_jmp_im(pc_start - s->cs_base);
4626 tcg_gen_trunc_tl_i32(cpu_tmp2_i32, cpu_T[0]);
4627 gen_helper_lcall_protected(cpu_tmp2_i32, cpu_T[1],
4628 tcg_const_i32(dflag),
4629 tcg_const_i32(s->pc - pc_start));
4631 tcg_gen_trunc_tl_i32(cpu_tmp2_i32, cpu_T[0]);
4632 gen_helper_lcall_real(cpu_tmp2_i32, cpu_T[1],
4633 tcg_const_i32(dflag),
4634 tcg_const_i32(s->pc - s->cs_base));
4638 case 4: /* jmp Ev */
4640 gen_op_andl_T0_ffff();
4644 case 5: /* ljmp Ev */
4645 gen_op_ld_T1_A0(ot + s->mem_index);
4646 gen_add_A0_im(s, 1 << (ot - OT_WORD + 1));
4647 gen_op_ldu_T0_A0(OT_WORD + s->mem_index);
4649 if (s->pe && !s->vm86) {
4650 if (s->cc_op != CC_OP_DYNAMIC)
4651 gen_op_set_cc_op(s->cc_op);
4652 gen_jmp_im(pc_start - s->cs_base);
4653 tcg_gen_trunc_tl_i32(cpu_tmp2_i32, cpu_T[0]);
4654 gen_helper_ljmp_protected(cpu_tmp2_i32, cpu_T[1],
4655 tcg_const_i32(s->pc - pc_start));
4657 gen_op_movl_seg_T0_vm(R_CS);
4658 gen_op_movl_T0_T1();
4663 case 6: /* push Ev */
4671 case 0x84: /* test Ev, Gv */
4676 ot = dflag + OT_WORD;
4678 modrm = ldub_code(s->pc++);
4679 reg = ((modrm >> 3) & 7) | rex_r;
4681 gen_ldst_modrm(s, modrm, ot, OR_TMP0, 0);
4682 gen_op_mov_TN_reg(ot, 1, reg);
4683 gen_op_testl_T0_T1_cc();
4684 s->cc_op = CC_OP_LOGICB + ot;
4687 case 0xa8: /* test eAX, Iv */
4692 ot = dflag + OT_WORD;
4693 val = insn_get(s, ot);
4695 gen_op_mov_TN_reg(ot, 0, OR_EAX);
4696 gen_op_movl_T1_im(val);
4697 gen_op_testl_T0_T1_cc();
4698 s->cc_op = CC_OP_LOGICB + ot;
4701 case 0x98: /* CWDE/CBW */
4702 #ifdef TARGET_X86_64
4704 gen_op_mov_TN_reg(OT_LONG, 0, R_EAX);
4705 tcg_gen_ext32s_tl(cpu_T[0], cpu_T[0]);
4706 gen_op_mov_reg_T0(OT_QUAD, R_EAX);
4710 gen_op_mov_TN_reg(OT_WORD, 0, R_EAX);
4711 tcg_gen_ext16s_tl(cpu_T[0], cpu_T[0]);
4712 gen_op_mov_reg_T0(OT_LONG, R_EAX);
4714 gen_op_mov_TN_reg(OT_BYTE, 0, R_EAX);
4715 tcg_gen_ext8s_tl(cpu_T[0], cpu_T[0]);
4716 gen_op_mov_reg_T0(OT_WORD, R_EAX);
4719 case 0x99: /* CDQ/CWD */
4720 #ifdef TARGET_X86_64
4722 gen_op_mov_TN_reg(OT_QUAD, 0, R_EAX);
4723 tcg_gen_sari_tl(cpu_T[0], cpu_T[0], 63);
4724 gen_op_mov_reg_T0(OT_QUAD, R_EDX);
4728 gen_op_mov_TN_reg(OT_LONG, 0, R_EAX);
4729 tcg_gen_ext32s_tl(cpu_T[0], cpu_T[0]);
4730 tcg_gen_sari_tl(cpu_T[0], cpu_T[0], 31);
4731 gen_op_mov_reg_T0(OT_LONG, R_EDX);
4733 gen_op_mov_TN_reg(OT_WORD, 0, R_EAX);
4734 tcg_gen_ext16s_tl(cpu_T[0], cpu_T[0]);
4735 tcg_gen_sari_tl(cpu_T[0], cpu_T[0], 15);
4736 gen_op_mov_reg_T0(OT_WORD, R_EDX);
4739 case 0x1af: /* imul Gv, Ev */
4740 case 0x69: /* imul Gv, Ev, I */
4742 ot = dflag + OT_WORD;
4743 modrm = ldub_code(s->pc++);
4744 reg = ((modrm >> 3) & 7) | rex_r;
4746 s->rip_offset = insn_const_size(ot);
4749 gen_ldst_modrm(s, modrm, ot, OR_TMP0, 0);
4751 val = insn_get(s, ot);
4752 gen_op_movl_T1_im(val);
4753 } else if (b == 0x6b) {
4754 val = (int8_t)insn_get(s, OT_BYTE);
4755 gen_op_movl_T1_im(val);
4757 gen_op_mov_TN_reg(ot, 1, reg);
4760 #ifdef TARGET_X86_64
4761 if (ot == OT_QUAD) {
4762 gen_helper_imulq_T0_T1(cpu_T[0], cpu_T[0], cpu_T[1]);
4765 if (ot == OT_LONG) {
4766 #ifdef TARGET_X86_64
4767 tcg_gen_ext32s_tl(cpu_T[0], cpu_T[0]);
4768 tcg_gen_ext32s_tl(cpu_T[1], cpu_T[1]);
4769 tcg_gen_mul_tl(cpu_T[0], cpu_T[0], cpu_T[1]);
4770 tcg_gen_mov_tl(cpu_cc_dst, cpu_T[0]);
4771 tcg_gen_ext32s_tl(cpu_tmp0, cpu_T[0]);
4772 tcg_gen_sub_tl(cpu_cc_src, cpu_T[0], cpu_tmp0);
4776 t0 = tcg_temp_new_i64();
4777 t1 = tcg_temp_new_i64();
4778 tcg_gen_ext_i32_i64(t0, cpu_T[0]);
4779 tcg_gen_ext_i32_i64(t1, cpu_T[1]);
4780 tcg_gen_mul_i64(t0, t0, t1);
4781 tcg_gen_trunc_i64_i32(cpu_T[0], t0);
4782 tcg_gen_mov_tl(cpu_cc_dst, cpu_T[0]);
4783 tcg_gen_sari_tl(cpu_tmp0, cpu_T[0], 31);
4784 tcg_gen_shri_i64(t0, t0, 32);
4785 tcg_gen_trunc_i64_i32(cpu_T[1], t0);
4786 tcg_gen_sub_tl(cpu_cc_src, cpu_T[1], cpu_tmp0);
4790 tcg_gen_ext16s_tl(cpu_T[0], cpu_T[0]);
4791 tcg_gen_ext16s_tl(cpu_T[1], cpu_T[1]);
4792 /* XXX: use 32 bit mul which could be faster */
4793 tcg_gen_mul_tl(cpu_T[0], cpu_T[0], cpu_T[1]);
4794 tcg_gen_mov_tl(cpu_cc_dst, cpu_T[0]);
4795 tcg_gen_ext16s_tl(cpu_tmp0, cpu_T[0]);
4796 tcg_gen_sub_tl(cpu_cc_src, cpu_T[0], cpu_tmp0);
4798 gen_op_mov_reg_T0(ot, reg);
4799 s->cc_op = CC_OP_MULB + ot;
4802 case 0x1c1: /* xadd Ev, Gv */
4806 ot = dflag + OT_WORD;
4807 modrm = ldub_code(s->pc++);
4808 reg = ((modrm >> 3) & 7) | rex_r;
4809 mod = (modrm >> 6) & 3;
4811 rm = (modrm & 7) | REX_B(s);
4812 gen_op_mov_TN_reg(ot, 0, reg);
4813 gen_op_mov_TN_reg(ot, 1, rm);
4814 gen_op_addl_T0_T1();
4815 gen_op_mov_reg_T1(ot, reg);
4816 gen_op_mov_reg_T0(ot, rm);
4818 gen_lea_modrm(s, modrm, ®_addr, &offset_addr);
4819 gen_op_mov_TN_reg(ot, 0, reg);
4820 gen_op_ld_T1_A0(ot + s->mem_index);
4821 gen_op_addl_T0_T1();
4822 gen_op_st_T0_A0(ot + s->mem_index);
4823 gen_op_mov_reg_T1(ot, reg);
4825 gen_op_update2_cc();
4826 s->cc_op = CC_OP_ADDB + ot;
4829 case 0x1b1: /* cmpxchg Ev, Gv */
4832 TCGv t0, t1, t2, a0;
4837 ot = dflag + OT_WORD;
4838 modrm = ldub_code(s->pc++);
4839 reg = ((modrm >> 3) & 7) | rex_r;
4840 mod = (modrm >> 6) & 3;
4841 t0 = tcg_temp_local_new();
4842 t1 = tcg_temp_local_new();
4843 t2 = tcg_temp_local_new();
4844 a0 = tcg_temp_local_new();
4845 gen_op_mov_v_reg(ot, t1, reg);
4847 rm = (modrm & 7) | REX_B(s);
4848 gen_op_mov_v_reg(ot, t0, rm);
4850 gen_lea_modrm(s, modrm, ®_addr, &offset_addr);
4851 tcg_gen_mov_tl(a0, cpu_A0);
4852 gen_op_ld_v(ot + s->mem_index, t0, a0);
4853 rm = 0; /* avoid warning */
4855 label1 = gen_new_label();
4856 tcg_gen_sub_tl(t2, cpu_regs[R_EAX], t0);
4858 tcg_gen_brcondi_tl(TCG_COND_EQ, t2, 0, label1);
4860 label2 = gen_new_label();
4861 gen_op_mov_reg_v(ot, R_EAX, t0);
4863 gen_set_label(label1);
4864 gen_op_mov_reg_v(ot, rm, t1);
4865 gen_set_label(label2);
4867 tcg_gen_mov_tl(t1, t0);
4868 gen_op_mov_reg_v(ot, R_EAX, t0);
4869 gen_set_label(label1);
4871 gen_op_st_v(ot + s->mem_index, t1, a0);
4873 tcg_gen_mov_tl(cpu_cc_src, t0);
4874 tcg_gen_mov_tl(cpu_cc_dst, t2);
4875 s->cc_op = CC_OP_SUBB + ot;
4882 case 0x1c7: /* cmpxchg8b */
4883 modrm = ldub_code(s->pc++);
4884 mod = (modrm >> 6) & 3;
4885 if ((mod == 3) || ((modrm & 0x38) != 0x8))
4887 #ifdef TARGET_X86_64
4889 if (!(s->cpuid_ext_features & CPUID_EXT_CX16))
4891 gen_jmp_im(pc_start - s->cs_base);
4892 if (s->cc_op != CC_OP_DYNAMIC)
4893 gen_op_set_cc_op(s->cc_op);
4894 gen_lea_modrm(s, modrm, ®_addr, &offset_addr);
4895 gen_helper_cmpxchg16b(cpu_A0);
4899 if (!(s->cpuid_features & CPUID_CX8))
4901 gen_jmp_im(pc_start - s->cs_base);
4902 if (s->cc_op != CC_OP_DYNAMIC)
4903 gen_op_set_cc_op(s->cc_op);
4904 gen_lea_modrm(s, modrm, ®_addr, &offset_addr);
4905 gen_helper_cmpxchg8b(cpu_A0);
4907 s->cc_op = CC_OP_EFLAGS;
4910 /**************************/
4912 case 0x50 ... 0x57: /* push */
4913 gen_op_mov_TN_reg(OT_LONG, 0, (b & 7) | REX_B(s));
4916 case 0x58 ... 0x5f: /* pop */
4918 ot = dflag ? OT_QUAD : OT_WORD;
4920 ot = dflag + OT_WORD;
4923 /* NOTE: order is important for pop %sp */
4925 gen_op_mov_reg_T0(ot, (b & 7) | REX_B(s));
4927 case 0x60: /* pusha */
4932 case 0x61: /* popa */
4937 case 0x68: /* push Iv */
4940 ot = dflag ? OT_QUAD : OT_WORD;
4942 ot = dflag + OT_WORD;
4945 val = insn_get(s, ot);
4947 val = (int8_t)insn_get(s, OT_BYTE);
4948 gen_op_movl_T0_im(val);
4951 case 0x8f: /* pop Ev */
4953 ot = dflag ? OT_QUAD : OT_WORD;
4955 ot = dflag + OT_WORD;
4957 modrm = ldub_code(s->pc++);
4958 mod = (modrm >> 6) & 3;
4961 /* NOTE: order is important for pop %sp */
4963 rm = (modrm & 7) | REX_B(s);
4964 gen_op_mov_reg_T0(ot, rm);
4966 /* NOTE: order is important too for MMU exceptions */
4967 s->popl_esp_hack = 1 << ot;
4968 gen_ldst_modrm(s, modrm, ot, OR_TMP0, 1);
4969 s->popl_esp_hack = 0;
4973 case 0xc8: /* enter */
4976 val = lduw_code(s->pc);
4978 level = ldub_code(s->pc++);
4979 gen_enter(s, val, level);
4982 case 0xc9: /* leave */
4983 /* XXX: exception not precise (ESP is updated before potential exception) */
4985 gen_op_mov_TN_reg(OT_QUAD, 0, R_EBP);
4986 gen_op_mov_reg_T0(OT_QUAD, R_ESP);
4987 } else if (s->ss32) {
4988 gen_op_mov_TN_reg(OT_LONG, 0, R_EBP);
4989 gen_op_mov_reg_T0(OT_LONG, R_ESP);
4991 gen_op_mov_TN_reg(OT_WORD, 0, R_EBP);
4992 gen_op_mov_reg_T0(OT_WORD, R_ESP);
4996 ot = dflag ? OT_QUAD : OT_WORD;
4998 ot = dflag + OT_WORD;
5000 gen_op_mov_reg_T0(ot, R_EBP);
5003 case 0x06: /* push es */
5004 case 0x0e: /* push cs */
5005 case 0x16: /* push ss */
5006 case 0x1e: /* push ds */
5009 gen_op_movl_T0_seg(b >> 3);
5012 case 0x1a0: /* push fs */
5013 case 0x1a8: /* push gs */
5014 gen_op_movl_T0_seg((b >> 3) & 7);
5017 case 0x07: /* pop es */
5018 case 0x17: /* pop ss */
5019 case 0x1f: /* pop ds */
5024 gen_movl_seg_T0(s, reg, pc_start - s->cs_base);
5027 /* if reg == SS, inhibit interrupts/trace. */
5028 /* If several instructions disable interrupts, only the
5030 if (!(s->tb->flags & HF_INHIBIT_IRQ_MASK))
5031 gen_helper_set_inhibit_irq();
5035 gen_jmp_im(s->pc - s->cs_base);
5039 case 0x1a1: /* pop fs */
5040 case 0x1a9: /* pop gs */
5042 gen_movl_seg_T0(s, (b >> 3) & 7, pc_start - s->cs_base);
5045 gen_jmp_im(s->pc - s->cs_base);
5050 /**************************/
5053 case 0x89: /* mov Gv, Ev */
5057 ot = dflag + OT_WORD;
5058 modrm = ldub_code(s->pc++);
5059 reg = ((modrm >> 3) & 7) | rex_r;
5061 /* generate a generic store */
5062 gen_ldst_modrm(s, modrm, ot, reg, 1);
5065 case 0xc7: /* mov Ev, Iv */
5069 ot = dflag + OT_WORD;
5070 modrm = ldub_code(s->pc++);
5071 mod = (modrm >> 6) & 3;
5073 s->rip_offset = insn_const_size(ot);
5074 gen_lea_modrm(s, modrm, ®_addr, &offset_addr);
5076 val = insn_get(s, ot);
5077 gen_op_movl_T0_im(val);
5079 gen_op_st_T0_A0(ot + s->mem_index);
5081 gen_op_mov_reg_T0(ot, (modrm & 7) | REX_B(s));
5084 case 0x8b: /* mov Ev, Gv */
5088 ot = OT_WORD + dflag;
5089 modrm = ldub_code(s->pc++);
5090 reg = ((modrm >> 3) & 7) | rex_r;
5092 gen_ldst_modrm(s, modrm, ot, OR_TMP0, 0);
5093 gen_op_mov_reg_T0(ot, reg);
5095 case 0x8e: /* mov seg, Gv */
5096 modrm = ldub_code(s->pc++);
5097 reg = (modrm >> 3) & 7;
5098 if (reg >= 6 || reg == R_CS)
5100 gen_ldst_modrm(s, modrm, OT_WORD, OR_TMP0, 0);
5101 gen_movl_seg_T0(s, reg, pc_start - s->cs_base);
5103 /* if reg == SS, inhibit interrupts/trace */
5104 /* If several instructions disable interrupts, only the
5106 if (!(s->tb->flags & HF_INHIBIT_IRQ_MASK))
5107 gen_helper_set_inhibit_irq();
5111 gen_jmp_im(s->pc - s->cs_base);
5115 case 0x8c: /* mov Gv, seg */
5116 modrm = ldub_code(s->pc++);
5117 reg = (modrm >> 3) & 7;
5118 mod = (modrm >> 6) & 3;
5121 gen_op_movl_T0_seg(reg);
5123 ot = OT_WORD + dflag;
5126 gen_ldst_modrm(s, modrm, ot, OR_TMP0, 1);
5129 case 0x1b6: /* movzbS Gv, Eb */
5130 case 0x1b7: /* movzwS Gv, Eb */
5131 case 0x1be: /* movsbS Gv, Eb */
5132 case 0x1bf: /* movswS Gv, Eb */
5135 /* d_ot is the size of destination */
5136 d_ot = dflag + OT_WORD;
5137 /* ot is the size of source */
5138 ot = (b & 1) + OT_BYTE;
5139 modrm = ldub_code(s->pc++);
5140 reg = ((modrm >> 3) & 7) | rex_r;
5141 mod = (modrm >> 6) & 3;
5142 rm = (modrm & 7) | REX_B(s);
5145 gen_op_mov_TN_reg(ot, 0, rm);
5146 switch(ot | (b & 8)) {
5148 tcg_gen_ext8u_tl(cpu_T[0], cpu_T[0]);
5151 tcg_gen_ext8s_tl(cpu_T[0], cpu_T[0]);
5154 tcg_gen_ext16u_tl(cpu_T[0], cpu_T[0]);
5158 tcg_gen_ext16s_tl(cpu_T[0], cpu_T[0]);
5161 gen_op_mov_reg_T0(d_ot, reg);
5163 gen_lea_modrm(s, modrm, ®_addr, &offset_addr);
5165 gen_op_lds_T0_A0(ot + s->mem_index);
5167 gen_op_ldu_T0_A0(ot + s->mem_index);
5169 gen_op_mov_reg_T0(d_ot, reg);
5174 case 0x8d: /* lea */
5175 ot = dflag + OT_WORD;
5176 modrm = ldub_code(s->pc++);
5177 mod = (modrm >> 6) & 3;
5180 reg = ((modrm >> 3) & 7) | rex_r;
5181 /* we must ensure that no segment is added */
5185 gen_lea_modrm(s, modrm, ®_addr, &offset_addr);
5187 gen_op_mov_reg_A0(ot - OT_WORD, reg);
5190 case 0xa0: /* mov EAX, Ov */
5192 case 0xa2: /* mov Ov, EAX */
5195 target_ulong offset_addr;
5200 ot = dflag + OT_WORD;
5201 #ifdef TARGET_X86_64
5202 if (s->aflag == 2) {
5203 offset_addr = ldq_code(s->pc);
5205 gen_op_movq_A0_im(offset_addr);
5210 offset_addr = insn_get(s, OT_LONG);
5212 offset_addr = insn_get(s, OT_WORD);
5214 gen_op_movl_A0_im(offset_addr);
5216 gen_add_A0_ds_seg(s);
5218 gen_op_ld_T0_A0(ot + s->mem_index);
5219 gen_op_mov_reg_T0(ot, R_EAX);
5221 gen_op_mov_TN_reg(ot, 0, R_EAX);
5222 gen_op_st_T0_A0(ot + s->mem_index);
5226 case 0xd7: /* xlat */
5227 #ifdef TARGET_X86_64
5228 if (s->aflag == 2) {
5229 gen_op_movq_A0_reg(R_EBX);
5230 gen_op_mov_TN_reg(OT_QUAD, 0, R_EAX);
5231 tcg_gen_andi_tl(cpu_T[0], cpu_T[0], 0xff);
5232 tcg_gen_add_tl(cpu_A0, cpu_A0, cpu_T[0]);
5236 gen_op_movl_A0_reg(R_EBX);
5237 gen_op_mov_TN_reg(OT_LONG, 0, R_EAX);
5238 tcg_gen_andi_tl(cpu_T[0], cpu_T[0], 0xff);
5239 tcg_gen_add_tl(cpu_A0, cpu_A0, cpu_T[0]);
5241 gen_op_andl_A0_ffff();
5243 tcg_gen_andi_tl(cpu_A0, cpu_A0, 0xffffffff);
5245 gen_add_A0_ds_seg(s);
5246 gen_op_ldu_T0_A0(OT_BYTE + s->mem_index);
5247 gen_op_mov_reg_T0(OT_BYTE, R_EAX);
5249 case 0xb0 ... 0xb7: /* mov R, Ib */
5250 val = insn_get(s, OT_BYTE);
5251 gen_op_movl_T0_im(val);
5252 gen_op_mov_reg_T0(OT_BYTE, (b & 7) | REX_B(s));
5254 case 0xb8 ... 0xbf: /* mov R, Iv */
5255 #ifdef TARGET_X86_64
5259 tmp = ldq_code(s->pc);
5261 reg = (b & 7) | REX_B(s);
5262 gen_movtl_T0_im(tmp);
5263 gen_op_mov_reg_T0(OT_QUAD, reg);
5267 ot = dflag ? OT_LONG : OT_WORD;
5268 val = insn_get(s, ot);
5269 reg = (b & 7) | REX_B(s);
5270 gen_op_movl_T0_im(val);
5271 gen_op_mov_reg_T0(ot, reg);
5275 case 0x91 ... 0x97: /* xchg R, EAX */
5277 ot = dflag + OT_WORD;
5278 reg = (b & 7) | REX_B(s);
5282 case 0x87: /* xchg Ev, Gv */
5286 ot = dflag + OT_WORD;
5287 modrm = ldub_code(s->pc++);
5288 reg = ((modrm >> 3) & 7) | rex_r;
5289 mod = (modrm >> 6) & 3;
5291 rm = (modrm & 7) | REX_B(s);
5293 gen_op_mov_TN_reg(ot, 0, reg);
5294 gen_op_mov_TN_reg(ot, 1, rm);
5295 gen_op_mov_reg_T0(ot, rm);
5296 gen_op_mov_reg_T1(ot, reg);
5298 gen_lea_modrm(s, modrm, ®_addr, &offset_addr);
5299 gen_op_mov_TN_reg(ot, 0, reg);
5300 /* for xchg, lock is implicit */
5301 if (!(prefixes & PREFIX_LOCK))
5303 gen_op_ld_T1_A0(ot + s->mem_index);
5304 gen_op_st_T0_A0(ot + s->mem_index);
5305 if (!(prefixes & PREFIX_LOCK))
5306 gen_helper_unlock();
5307 gen_op_mov_reg_T1(ot, reg);
5310 case 0xc4: /* les Gv */
5315 case 0xc5: /* lds Gv */
5320 case 0x1b2: /* lss Gv */
5323 case 0x1b4: /* lfs Gv */
5326 case 0x1b5: /* lgs Gv */
5329 ot = dflag ? OT_LONG : OT_WORD;
5330 modrm = ldub_code(s->pc++);
5331 reg = ((modrm >> 3) & 7) | rex_r;
5332 mod = (modrm >> 6) & 3;
5335 gen_lea_modrm(s, modrm, ®_addr, &offset_addr);
5336 gen_op_ld_T1_A0(ot + s->mem_index);
5337 gen_add_A0_im(s, 1 << (ot - OT_WORD + 1));
5338 /* load the segment first to handle exceptions properly */
5339 gen_op_ldu_T0_A0(OT_WORD + s->mem_index);
5340 gen_movl_seg_T0(s, op, pc_start - s->cs_base);
5341 /* then put the data */
5342 gen_op_mov_reg_T1(ot, reg);
5344 gen_jmp_im(s->pc - s->cs_base);
5349 /************************/
5360 ot = dflag + OT_WORD;
5362 modrm = ldub_code(s->pc++);
5363 mod = (modrm >> 6) & 3;
5364 op = (modrm >> 3) & 7;
5370 gen_lea_modrm(s, modrm, ®_addr, &offset_addr);
5373 opreg = (modrm & 7) | REX_B(s);
5378 gen_shift(s, op, ot, opreg, OR_ECX);
5381 shift = ldub_code(s->pc++);
5383 gen_shifti(s, op, ot, opreg, shift);
5398 case 0x1a4: /* shld imm */
5402 case 0x1a5: /* shld cl */
5406 case 0x1ac: /* shrd imm */
5410 case 0x1ad: /* shrd cl */
5414 ot = dflag + OT_WORD;
5415 modrm = ldub_code(s->pc++);
5416 mod = (modrm >> 6) & 3;
5417 rm = (modrm & 7) | REX_B(s);
5418 reg = ((modrm >> 3) & 7) | rex_r;
5420 gen_lea_modrm(s, modrm, ®_addr, &offset_addr);
5425 gen_op_mov_TN_reg(ot, 1, reg);
5428 val = ldub_code(s->pc++);
5429 tcg_gen_movi_tl(cpu_T3, val);
5431 tcg_gen_mov_tl(cpu_T3, cpu_regs[R_ECX]);
5433 gen_shiftd_rm_T1_T3(s, ot, opreg, op);
5436 /************************/
5439 if (s->flags & (HF_EM_MASK | HF_TS_MASK)) {
5440 /* if CR0.EM or CR0.TS are set, generate an FPU exception */
5441 /* XXX: what to do if illegal op ? */
5442 gen_exception(s, EXCP07_PREX, pc_start - s->cs_base);
5445 modrm = ldub_code(s->pc++);
5446 mod = (modrm >> 6) & 3;
5448 op = ((b & 7) << 3) | ((modrm >> 3) & 7);
5451 gen_lea_modrm(s, modrm, ®_addr, &offset_addr);
5453 case 0x00 ... 0x07: /* fxxxs */
5454 case 0x10 ... 0x17: /* fixxxl */
5455 case 0x20 ... 0x27: /* fxxxl */
5456 case 0x30 ... 0x37: /* fixxx */
5463 gen_op_ld_T0_A0(OT_LONG + s->mem_index);
5464 tcg_gen_trunc_tl_i32(cpu_tmp2_i32, cpu_T[0]);
5465 gen_helper_flds_FT0(cpu_tmp2_i32);
5468 gen_op_ld_T0_A0(OT_LONG + s->mem_index);
5469 tcg_gen_trunc_tl_i32(cpu_tmp2_i32, cpu_T[0]);
5470 gen_helper_fildl_FT0(cpu_tmp2_i32);
5473 tcg_gen_qemu_ld64(cpu_tmp1_i64, cpu_A0,
5474 (s->mem_index >> 2) - 1);
5475 gen_helper_fldl_FT0(cpu_tmp1_i64);
5479 gen_op_lds_T0_A0(OT_WORD + s->mem_index);
5480 tcg_gen_trunc_tl_i32(cpu_tmp2_i32, cpu_T[0]);
5481 gen_helper_fildl_FT0(cpu_tmp2_i32);
5485 gen_helper_fp_arith_ST0_FT0(op1);
5487 /* fcomp needs pop */
5492 case 0x08: /* flds */
5493 case 0x0a: /* fsts */
5494 case 0x0b: /* fstps */
5495 case 0x18 ... 0x1b: /* fildl, fisttpl, fistl, fistpl */
5496 case 0x28 ... 0x2b: /* fldl, fisttpll, fstl, fstpl */
5497 case 0x38 ... 0x3b: /* filds, fisttps, fists, fistps */
5502 gen_op_ld_T0_A0(OT_LONG + s->mem_index);
5503 tcg_gen_trunc_tl_i32(cpu_tmp2_i32, cpu_T[0]);
5504 gen_helper_flds_ST0(cpu_tmp2_i32);
5507 gen_op_ld_T0_A0(OT_LONG + s->mem_index);
5508 tcg_gen_trunc_tl_i32(cpu_tmp2_i32, cpu_T[0]);
5509 gen_helper_fildl_ST0(cpu_tmp2_i32);
5512 tcg_gen_qemu_ld64(cpu_tmp1_i64, cpu_A0,
5513 (s->mem_index >> 2) - 1);
5514 gen_helper_fldl_ST0(cpu_tmp1_i64);
5518 gen_op_lds_T0_A0(OT_WORD + s->mem_index);
5519 tcg_gen_trunc_tl_i32(cpu_tmp2_i32, cpu_T[0]);
5520 gen_helper_fildl_ST0(cpu_tmp2_i32);
5525 /* XXX: the corresponding CPUID bit must be tested ! */
5528 gen_helper_fisttl_ST0(cpu_tmp2_i32);
5529 tcg_gen_extu_i32_tl(cpu_T[0], cpu_tmp2_i32);
5530 gen_op_st_T0_A0(OT_LONG + s->mem_index);
5533 gen_helper_fisttll_ST0(cpu_tmp1_i64);
5534 tcg_gen_qemu_st64(cpu_tmp1_i64, cpu_A0,
5535 (s->mem_index >> 2) - 1);
5539 gen_helper_fistt_ST0(cpu_tmp2_i32);
5540 tcg_gen_extu_i32_tl(cpu_T[0], cpu_tmp2_i32);
5541 gen_op_st_T0_A0(OT_WORD + s->mem_index);
5549 gen_helper_fsts_ST0(cpu_tmp2_i32);
5550 tcg_gen_extu_i32_tl(cpu_T[0], cpu_tmp2_i32);
5551 gen_op_st_T0_A0(OT_LONG + s->mem_index);
5554 gen_helper_fistl_ST0(cpu_tmp2_i32);
5555 tcg_gen_extu_i32_tl(cpu_T[0], cpu_tmp2_i32);
5556 gen_op_st_T0_A0(OT_LONG + s->mem_index);
5559 gen_helper_fstl_ST0(cpu_tmp1_i64);
5560 tcg_gen_qemu_st64(cpu_tmp1_i64, cpu_A0,
5561 (s->mem_index >> 2) - 1);
5565 gen_helper_fist_ST0(cpu_tmp2_i32);
5566 tcg_gen_extu_i32_tl(cpu_T[0], cpu_tmp2_i32);
5567 gen_op_st_T0_A0(OT_WORD + s->mem_index);
5575 case 0x0c: /* fldenv mem */
5576 if (s->cc_op != CC_OP_DYNAMIC)
5577 gen_op_set_cc_op(s->cc_op);
5578 gen_jmp_im(pc_start - s->cs_base);
5580 cpu_A0, tcg_const_i32(s->dflag));
5582 case 0x0d: /* fldcw mem */
5583 gen_op_ld_T0_A0(OT_WORD + s->mem_index);
5584 tcg_gen_trunc_tl_i32(cpu_tmp2_i32, cpu_T[0]);
5585 gen_helper_fldcw(cpu_tmp2_i32);
5587 case 0x0e: /* fnstenv mem */
5588 if (s->cc_op != CC_OP_DYNAMIC)
5589 gen_op_set_cc_op(s->cc_op);
5590 gen_jmp_im(pc_start - s->cs_base);
5591 gen_helper_fstenv(cpu_A0, tcg_const_i32(s->dflag));
5593 case 0x0f: /* fnstcw mem */
5594 gen_helper_fnstcw(cpu_tmp2_i32);
5595 tcg_gen_extu_i32_tl(cpu_T[0], cpu_tmp2_i32);
5596 gen_op_st_T0_A0(OT_WORD + s->mem_index);
5598 case 0x1d: /* fldt mem */
5599 if (s->cc_op != CC_OP_DYNAMIC)
5600 gen_op_set_cc_op(s->cc_op);
5601 gen_jmp_im(pc_start - s->cs_base);
5602 gen_helper_fldt_ST0(cpu_A0);
5604 case 0x1f: /* fstpt mem */
5605 if (s->cc_op != CC_OP_DYNAMIC)
5606 gen_op_set_cc_op(s->cc_op);
5607 gen_jmp_im(pc_start - s->cs_base);
5608 gen_helper_fstt_ST0(cpu_A0);
5611 case 0x2c: /* frstor mem */
5612 if (s->cc_op != CC_OP_DYNAMIC)
5613 gen_op_set_cc_op(s->cc_op);
5614 gen_jmp_im(pc_start - s->cs_base);
5615 gen_helper_frstor(cpu_A0, tcg_const_i32(s->dflag));
5617 case 0x2e: /* fnsave mem */
5618 if (s->cc_op != CC_OP_DYNAMIC)
5619 gen_op_set_cc_op(s->cc_op);
5620 gen_jmp_im(pc_start - s->cs_base);
5621 gen_helper_fsave(cpu_A0, tcg_const_i32(s->dflag));
5623 case 0x2f: /* fnstsw mem */
5624 gen_helper_fnstsw(cpu_tmp2_i32);
5625 tcg_gen_extu_i32_tl(cpu_T[0], cpu_tmp2_i32);
5626 gen_op_st_T0_A0(OT_WORD + s->mem_index);
5628 case 0x3c: /* fbld */
5629 if (s->cc_op != CC_OP_DYNAMIC)
5630 gen_op_set_cc_op(s->cc_op);
5631 gen_jmp_im(pc_start - s->cs_base);
5632 gen_helper_fbld_ST0(cpu_A0);
5634 case 0x3e: /* fbstp */
5635 if (s->cc_op != CC_OP_DYNAMIC)
5636 gen_op_set_cc_op(s->cc_op);
5637 gen_jmp_im(pc_start - s->cs_base);
5638 gen_helper_fbst_ST0(cpu_A0);
5641 case 0x3d: /* fildll */
5642 tcg_gen_qemu_ld64(cpu_tmp1_i64, cpu_A0,
5643 (s->mem_index >> 2) - 1);
5644 gen_helper_fildll_ST0(cpu_tmp1_i64);
5646 case 0x3f: /* fistpll */
5647 gen_helper_fistll_ST0(cpu_tmp1_i64);
5648 tcg_gen_qemu_st64(cpu_tmp1_i64, cpu_A0,
5649 (s->mem_index >> 2) - 1);
5656 /* register float ops */
5660 case 0x08: /* fld sti */
5662 gen_helper_fmov_ST0_STN(tcg_const_i32((opreg + 1) & 7));
5664 case 0x09: /* fxchg sti */
5665 case 0x29: /* fxchg4 sti, undocumented op */
5666 case 0x39: /* fxchg7 sti, undocumented op */
5667 gen_helper_fxchg_ST0_STN(tcg_const_i32(opreg));
5669 case 0x0a: /* grp d9/2 */
5672 /* check exceptions (FreeBSD FPU probe) */
5673 if (s->cc_op != CC_OP_DYNAMIC)
5674 gen_op_set_cc_op(s->cc_op);
5675 gen_jmp_im(pc_start - s->cs_base);
5682 case 0x0c: /* grp d9/4 */
5685 gen_helper_fchs_ST0();
5688 gen_helper_fabs_ST0();
5691 gen_helper_fldz_FT0();
5692 gen_helper_fcom_ST0_FT0();
5695 gen_helper_fxam_ST0();
5701 case 0x0d: /* grp d9/5 */
5706 gen_helper_fld1_ST0();
5710 gen_helper_fldl2t_ST0();
5714 gen_helper_fldl2e_ST0();
5718 gen_helper_fldpi_ST0();
5722 gen_helper_fldlg2_ST0();
5726 gen_helper_fldln2_ST0();
5730 gen_helper_fldz_ST0();
5737 case 0x0e: /* grp d9/6 */
5748 case 3: /* fpatan */
5749 gen_helper_fpatan();
5751 case 4: /* fxtract */
5752 gen_helper_fxtract();
5754 case 5: /* fprem1 */
5755 gen_helper_fprem1();
5757 case 6: /* fdecstp */
5758 gen_helper_fdecstp();
5761 case 7: /* fincstp */
5762 gen_helper_fincstp();
5766 case 0x0f: /* grp d9/7 */
5771 case 1: /* fyl2xp1 */
5772 gen_helper_fyl2xp1();
5777 case 3: /* fsincos */
5778 gen_helper_fsincos();
5780 case 5: /* fscale */
5781 gen_helper_fscale();
5783 case 4: /* frndint */
5784 gen_helper_frndint();
5795 case 0x00: case 0x01: case 0x04 ... 0x07: /* fxxx st, sti */
5796 case 0x20: case 0x21: case 0x24 ... 0x27: /* fxxx sti, st */
5797 case 0x30: case 0x31: case 0x34 ... 0x37: /* fxxxp sti, st */
5803 gen_helper_fp_arith_STN_ST0(op1, opreg);
5807 gen_helper_fmov_FT0_STN(tcg_const_i32(opreg));
5808 gen_helper_fp_arith_ST0_FT0(op1);
5812 case 0x02: /* fcom */
5813 case 0x22: /* fcom2, undocumented op */
5814 gen_helper_fmov_FT0_STN(tcg_const_i32(opreg));
5815 gen_helper_fcom_ST0_FT0();
5817 case 0x03: /* fcomp */
5818 case 0x23: /* fcomp3, undocumented op */
5819 case 0x32: /* fcomp5, undocumented op */
5820 gen_helper_fmov_FT0_STN(tcg_const_i32(opreg));
5821 gen_helper_fcom_ST0_FT0();
5824 case 0x15: /* da/5 */
5826 case 1: /* fucompp */
5827 gen_helper_fmov_FT0_STN(tcg_const_i32(1));
5828 gen_helper_fucom_ST0_FT0();
5838 case 0: /* feni (287 only, just do nop here) */
5840 case 1: /* fdisi (287 only, just do nop here) */
5845 case 3: /* fninit */
5846 gen_helper_fninit();
5848 case 4: /* fsetpm (287 only, just do nop here) */
5854 case 0x1d: /* fucomi */
5855 if (s->cc_op != CC_OP_DYNAMIC)
5856 gen_op_set_cc_op(s->cc_op);
5857 gen_helper_fmov_FT0_STN(tcg_const_i32(opreg));
5858 gen_helper_fucomi_ST0_FT0();
5859 s->cc_op = CC_OP_EFLAGS;
5861 case 0x1e: /* fcomi */
5862 if (s->cc_op != CC_OP_DYNAMIC)
5863 gen_op_set_cc_op(s->cc_op);
5864 gen_helper_fmov_FT0_STN(tcg_const_i32(opreg));
5865 gen_helper_fcomi_ST0_FT0();
5866 s->cc_op = CC_OP_EFLAGS;
5868 case 0x28: /* ffree sti */
5869 gen_helper_ffree_STN(tcg_const_i32(opreg));
5871 case 0x2a: /* fst sti */
5872 gen_helper_fmov_STN_ST0(tcg_const_i32(opreg));
5874 case 0x2b: /* fstp sti */
5875 case 0x0b: /* fstp1 sti, undocumented op */
5876 case 0x3a: /* fstp8 sti, undocumented op */
5877 case 0x3b: /* fstp9 sti, undocumented op */
5878 gen_helper_fmov_STN_ST0(tcg_const_i32(opreg));
5881 case 0x2c: /* fucom st(i) */
5882 gen_helper_fmov_FT0_STN(tcg_const_i32(opreg));
5883 gen_helper_fucom_ST0_FT0();
5885 case 0x2d: /* fucomp st(i) */
5886 gen_helper_fmov_FT0_STN(tcg_const_i32(opreg));
5887 gen_helper_fucom_ST0_FT0();
5890 case 0x33: /* de/3 */
5892 case 1: /* fcompp */
5893 gen_helper_fmov_FT0_STN(tcg_const_i32(1));
5894 gen_helper_fcom_ST0_FT0();
5902 case 0x38: /* ffreep sti, undocumented op */
5903 gen_helper_ffree_STN(tcg_const_i32(opreg));
5906 case 0x3c: /* df/4 */
5909 gen_helper_fnstsw(cpu_tmp2_i32);
5910 tcg_gen_extu_i32_tl(cpu_T[0], cpu_tmp2_i32);
5911 gen_op_mov_reg_T0(OT_WORD, R_EAX);
5917 case 0x3d: /* fucomip */
5918 if (s->cc_op != CC_OP_DYNAMIC)
5919 gen_op_set_cc_op(s->cc_op);
5920 gen_helper_fmov_FT0_STN(tcg_const_i32(opreg));
5921 gen_helper_fucomi_ST0_FT0();
5923 s->cc_op = CC_OP_EFLAGS;
5925 case 0x3e: /* fcomip */
5926 if (s->cc_op != CC_OP_DYNAMIC)
5927 gen_op_set_cc_op(s->cc_op);
5928 gen_helper_fmov_FT0_STN(tcg_const_i32(opreg));
5929 gen_helper_fcomi_ST0_FT0();
5931 s->cc_op = CC_OP_EFLAGS;
5933 case 0x10 ... 0x13: /* fcmovxx */
5937 static const uint8_t fcmov_cc[8] = {
5943 op1 = fcmov_cc[op & 3] | (((op >> 3) & 1) ^ 1);
5944 l1 = gen_new_label();
5945 gen_jcc1(s, s->cc_op, op1, l1);
5946 gen_helper_fmov_ST0_STN(tcg_const_i32(opreg));
5955 /************************/
5958 case 0xa4: /* movsS */
5963 ot = dflag + OT_WORD;
5965 if (prefixes & (PREFIX_REPZ | PREFIX_REPNZ)) {
5966 gen_repz_movs(s, ot, pc_start - s->cs_base, s->pc - s->cs_base);
5972 case 0xaa: /* stosS */
5977 ot = dflag + OT_WORD;
5979 if (prefixes & (PREFIX_REPZ | PREFIX_REPNZ)) {
5980 gen_repz_stos(s, ot, pc_start - s->cs_base, s->pc - s->cs_base);
5985 case 0xac: /* lodsS */
5990 ot = dflag + OT_WORD;
5991 if (prefixes & (PREFIX_REPZ | PREFIX_REPNZ)) {
5992 gen_repz_lods(s, ot, pc_start - s->cs_base, s->pc - s->cs_base);
5997 case 0xae: /* scasS */
6002 ot = dflag + OT_WORD;
6003 if (prefixes & PREFIX_REPNZ) {
6004 gen_repz_scas(s, ot, pc_start - s->cs_base, s->pc - s->cs_base, 1);
6005 } else if (prefixes & PREFIX_REPZ) {
6006 gen_repz_scas(s, ot, pc_start - s->cs_base, s->pc - s->cs_base, 0);
6009 s->cc_op = CC_OP_SUBB + ot;
6013 case 0xa6: /* cmpsS */
6018 ot = dflag + OT_WORD;
6019 if (prefixes & PREFIX_REPNZ) {
6020 gen_repz_cmps(s, ot, pc_start - s->cs_base, s->pc - s->cs_base, 1);
6021 } else if (prefixes & PREFIX_REPZ) {
6022 gen_repz_cmps(s, ot, pc_start - s->cs_base, s->pc - s->cs_base, 0);
6025 s->cc_op = CC_OP_SUBB + ot;
6028 case 0x6c: /* insS */
6033 ot = dflag ? OT_LONG : OT_WORD;
6034 gen_op_mov_TN_reg(OT_WORD, 0, R_EDX);
6035 gen_op_andl_T0_ffff();
6036 gen_check_io(s, ot, pc_start - s->cs_base,
6037 SVM_IOIO_TYPE_MASK | svm_is_rep(prefixes) | 4);
6038 if (prefixes & (PREFIX_REPZ | PREFIX_REPNZ)) {
6039 gen_repz_ins(s, ot, pc_start - s->cs_base, s->pc - s->cs_base);
6043 gen_jmp(s, s->pc - s->cs_base);
6047 case 0x6e: /* outsS */
6052 ot = dflag ? OT_LONG : OT_WORD;
6053 gen_op_mov_TN_reg(OT_WORD, 0, R_EDX);
6054 gen_op_andl_T0_ffff();
6055 gen_check_io(s, ot, pc_start - s->cs_base,
6056 svm_is_rep(prefixes) | 4);
6057 if (prefixes & (PREFIX_REPZ | PREFIX_REPNZ)) {
6058 gen_repz_outs(s, ot, pc_start - s->cs_base, s->pc - s->cs_base);
6062 gen_jmp(s, s->pc - s->cs_base);
6067 /************************/
6075 ot = dflag ? OT_LONG : OT_WORD;
6076 val = ldub_code(s->pc++);
6077 gen_op_movl_T0_im(val);
6078 gen_check_io(s, ot, pc_start - s->cs_base,
6079 SVM_IOIO_TYPE_MASK | svm_is_rep(prefixes));
6082 tcg_gen_trunc_tl_i32(cpu_tmp2_i32, cpu_T[0]);
6083 gen_helper_in_func(ot, cpu_T[1], cpu_tmp2_i32);
6084 gen_op_mov_reg_T1(ot, R_EAX);
6087 gen_jmp(s, s->pc - s->cs_base);
6095 ot = dflag ? OT_LONG : OT_WORD;
6096 val = ldub_code(s->pc++);
6097 gen_op_movl_T0_im(val);
6098 gen_check_io(s, ot, pc_start - s->cs_base,
6099 svm_is_rep(prefixes));
6100 gen_op_mov_TN_reg(ot, 1, R_EAX);
6104 tcg_gen_trunc_tl_i32(cpu_tmp2_i32, cpu_T[0]);
6105 tcg_gen_andi_i32(cpu_tmp2_i32, cpu_tmp2_i32, 0xffff);
6106 tcg_gen_trunc_tl_i32(cpu_tmp3_i32, cpu_T[1]);
6107 gen_helper_out_func(ot, cpu_tmp2_i32, cpu_tmp3_i32);
6110 gen_jmp(s, s->pc - s->cs_base);
6118 ot = dflag ? OT_LONG : OT_WORD;
6119 gen_op_mov_TN_reg(OT_WORD, 0, R_EDX);
6120 gen_op_andl_T0_ffff();
6121 gen_check_io(s, ot, pc_start - s->cs_base,
6122 SVM_IOIO_TYPE_MASK | svm_is_rep(prefixes));
6125 tcg_gen_trunc_tl_i32(cpu_tmp2_i32, cpu_T[0]);
6126 gen_helper_in_func(ot, cpu_T[1], cpu_tmp2_i32);
6127 gen_op_mov_reg_T1(ot, R_EAX);
6130 gen_jmp(s, s->pc - s->cs_base);
6138 ot = dflag ? OT_LONG : OT_WORD;
6139 gen_op_mov_TN_reg(OT_WORD, 0, R_EDX);
6140 gen_op_andl_T0_ffff();
6141 gen_check_io(s, ot, pc_start - s->cs_base,
6142 svm_is_rep(prefixes));
6143 gen_op_mov_TN_reg(ot, 1, R_EAX);
6147 tcg_gen_trunc_tl_i32(cpu_tmp2_i32, cpu_T[0]);
6148 tcg_gen_andi_i32(cpu_tmp2_i32, cpu_tmp2_i32, 0xffff);
6149 tcg_gen_trunc_tl_i32(cpu_tmp3_i32, cpu_T[1]);
6150 gen_helper_out_func(ot, cpu_tmp2_i32, cpu_tmp3_i32);
6153 gen_jmp(s, s->pc - s->cs_base);
6157 /************************/
6159 case 0xc2: /* ret im */
6160 val = ldsw_code(s->pc);
6163 if (CODE64(s) && s->dflag)
6165 gen_stack_update(s, val + (2 << s->dflag));
6167 gen_op_andl_T0_ffff();
6171 case 0xc3: /* ret */
6175 gen_op_andl_T0_ffff();
6179 case 0xca: /* lret im */
6180 val = ldsw_code(s->pc);
6183 if (s->pe && !s->vm86) {
6184 if (s->cc_op != CC_OP_DYNAMIC)
6185 gen_op_set_cc_op(s->cc_op);
6186 gen_jmp_im(pc_start - s->cs_base);
6187 gen_helper_lret_protected(tcg_const_i32(s->dflag),
6188 tcg_const_i32(val));
6192 gen_op_ld_T0_A0(1 + s->dflag + s->mem_index);
6194 gen_op_andl_T0_ffff();
6195 /* NOTE: keeping EIP updated is not a problem in case of
6199 gen_op_addl_A0_im(2 << s->dflag);
6200 gen_op_ld_T0_A0(1 + s->dflag + s->mem_index);
6201 gen_op_movl_seg_T0_vm(R_CS);
6202 /* add stack offset */
6203 gen_stack_update(s, val + (4 << s->dflag));
6207 case 0xcb: /* lret */
6210 case 0xcf: /* iret */
6211 gen_svm_check_intercept(s, pc_start, SVM_EXIT_IRET);
6214 gen_helper_iret_real(tcg_const_i32(s->dflag));
6215 s->cc_op = CC_OP_EFLAGS;
6216 } else if (s->vm86) {
6218 gen_exception(s, EXCP0D_GPF, pc_start - s->cs_base);
6220 gen_helper_iret_real(tcg_const_i32(s->dflag));
6221 s->cc_op = CC_OP_EFLAGS;
6224 if (s->cc_op != CC_OP_DYNAMIC)
6225 gen_op_set_cc_op(s->cc_op);
6226 gen_jmp_im(pc_start - s->cs_base);
6227 gen_helper_iret_protected(tcg_const_i32(s->dflag),
6228 tcg_const_i32(s->pc - s->cs_base));
6229 s->cc_op = CC_OP_EFLAGS;
6233 case 0xe8: /* call im */
6236 tval = (int32_t)insn_get(s, OT_LONG);
6238 tval = (int16_t)insn_get(s, OT_WORD);
6239 next_eip = s->pc - s->cs_base;
6245 gen_movtl_T0_im(next_eip);
6250 case 0x9a: /* lcall im */
6252 unsigned int selector, offset;
6256 ot = dflag ? OT_LONG : OT_WORD;
6257 offset = insn_get(s, ot);
6258 selector = insn_get(s, OT_WORD);
6260 gen_op_movl_T0_im(selector);
6261 gen_op_movl_T1_imu(offset);
6264 case 0xe9: /* jmp im */
6266 tval = (int32_t)insn_get(s, OT_LONG);
6268 tval = (int16_t)insn_get(s, OT_WORD);
6269 tval += s->pc - s->cs_base;
6276 case 0xea: /* ljmp im */
6278 unsigned int selector, offset;
6282 ot = dflag ? OT_LONG : OT_WORD;
6283 offset = insn_get(s, ot);
6284 selector = insn_get(s, OT_WORD);
6286 gen_op_movl_T0_im(selector);
6287 gen_op_movl_T1_imu(offset);
6290 case 0xeb: /* jmp Jb */
6291 tval = (int8_t)insn_get(s, OT_BYTE);
6292 tval += s->pc - s->cs_base;
6297 case 0x70 ... 0x7f: /* jcc Jb */
6298 tval = (int8_t)insn_get(s, OT_BYTE);
6300 case 0x180 ... 0x18f: /* jcc Jv */
6302 tval = (int32_t)insn_get(s, OT_LONG);
6304 tval = (int16_t)insn_get(s, OT_WORD);
6307 next_eip = s->pc - s->cs_base;
6311 gen_jcc(s, b, tval, next_eip);
6314 case 0x190 ... 0x19f: /* setcc Gv */
6315 modrm = ldub_code(s->pc++);
6317 gen_ldst_modrm(s, modrm, OT_BYTE, OR_TMP0, 1);
6319 case 0x140 ... 0x14f: /* cmov Gv, Ev */
6324 ot = dflag + OT_WORD;
6325 modrm = ldub_code(s->pc++);
6326 reg = ((modrm >> 3) & 7) | rex_r;
6327 mod = (modrm >> 6) & 3;
6328 t0 = tcg_temp_local_new();
6330 gen_lea_modrm(s, modrm, ®_addr, &offset_addr);
6331 gen_op_ld_v(ot + s->mem_index, t0, cpu_A0);
6333 rm = (modrm & 7) | REX_B(s);
6334 gen_op_mov_v_reg(ot, t0, rm);
6336 #ifdef TARGET_X86_64
6337 if (ot == OT_LONG) {
6338 /* XXX: specific Intel behaviour ? */
6339 l1 = gen_new_label();
6340 gen_jcc1(s, s->cc_op, b ^ 1, l1);
6341 tcg_gen_mov_tl(cpu_regs[reg], t0);
6343 tcg_gen_ext32u_tl(cpu_regs[reg], cpu_regs[reg]);
6347 l1 = gen_new_label();
6348 gen_jcc1(s, s->cc_op, b ^ 1, l1);
6349 gen_op_mov_reg_v(ot, reg, t0);
6356 /************************/
6358 case 0x9c: /* pushf */
6359 gen_svm_check_intercept(s, pc_start, SVM_EXIT_PUSHF);
6360 if (s->vm86 && s->iopl != 3) {
6361 gen_exception(s, EXCP0D_GPF, pc_start - s->cs_base);
6363 if (s->cc_op != CC_OP_DYNAMIC)
6364 gen_op_set_cc_op(s->cc_op);
6365 gen_helper_read_eflags(cpu_T[0]);
6369 case 0x9d: /* popf */
6370 gen_svm_check_intercept(s, pc_start, SVM_EXIT_POPF);
6371 if (s->vm86 && s->iopl != 3) {
6372 gen_exception(s, EXCP0D_GPF, pc_start - s->cs_base);
6377 gen_helper_write_eflags(cpu_T[0],
6378 tcg_const_i32((TF_MASK | AC_MASK | ID_MASK | NT_MASK | IF_MASK | IOPL_MASK)));
6380 gen_helper_write_eflags(cpu_T[0],
6381 tcg_const_i32((TF_MASK | AC_MASK | ID_MASK | NT_MASK | IF_MASK | IOPL_MASK) & 0xffff));
6384 if (s->cpl <= s->iopl) {
6386 gen_helper_write_eflags(cpu_T[0],
6387 tcg_const_i32((TF_MASK | AC_MASK | ID_MASK | NT_MASK | IF_MASK)));
6389 gen_helper_write_eflags(cpu_T[0],
6390 tcg_const_i32((TF_MASK | AC_MASK | ID_MASK | NT_MASK | IF_MASK) & 0xffff));
6394 gen_helper_write_eflags(cpu_T[0],
6395 tcg_const_i32((TF_MASK | AC_MASK | ID_MASK | NT_MASK)));
6397 gen_helper_write_eflags(cpu_T[0],
6398 tcg_const_i32((TF_MASK | AC_MASK | ID_MASK | NT_MASK) & 0xffff));
6403 s->cc_op = CC_OP_EFLAGS;
6404 /* abort translation because TF flag may change */
6405 gen_jmp_im(s->pc - s->cs_base);
6409 case 0x9e: /* sahf */
6410 if (CODE64(s) && !(s->cpuid_ext3_features & CPUID_EXT3_LAHF_LM))
6412 gen_op_mov_TN_reg(OT_BYTE, 0, R_AH);
6413 if (s->cc_op != CC_OP_DYNAMIC)
6414 gen_op_set_cc_op(s->cc_op);
6415 gen_compute_eflags(cpu_cc_src);
6416 tcg_gen_andi_tl(cpu_cc_src, cpu_cc_src, CC_O);
6417 tcg_gen_andi_tl(cpu_T[0], cpu_T[0], CC_S | CC_Z | CC_A | CC_P | CC_C);
6418 tcg_gen_or_tl(cpu_cc_src, cpu_cc_src, cpu_T[0]);
6419 s->cc_op = CC_OP_EFLAGS;
6421 case 0x9f: /* lahf */
6422 if (CODE64(s) && !(s->cpuid_ext3_features & CPUID_EXT3_LAHF_LM))
6424 if (s->cc_op != CC_OP_DYNAMIC)
6425 gen_op_set_cc_op(s->cc_op);
6426 gen_compute_eflags(cpu_T[0]);
6427 /* Note: gen_compute_eflags() only gives the condition codes */
6428 tcg_gen_ori_tl(cpu_T[0], cpu_T[0], 0x02);
6429 gen_op_mov_reg_T0(OT_BYTE, R_AH);
6431 case 0xf5: /* cmc */
6432 if (s->cc_op != CC_OP_DYNAMIC)
6433 gen_op_set_cc_op(s->cc_op);
6434 gen_compute_eflags(cpu_cc_src);
6435 tcg_gen_xori_tl(cpu_cc_src, cpu_cc_src, CC_C);
6436 s->cc_op = CC_OP_EFLAGS;
6438 case 0xf8: /* clc */
6439 if (s->cc_op != CC_OP_DYNAMIC)
6440 gen_op_set_cc_op(s->cc_op);
6441 gen_compute_eflags(cpu_cc_src);
6442 tcg_gen_andi_tl(cpu_cc_src, cpu_cc_src, ~CC_C);
6443 s->cc_op = CC_OP_EFLAGS;
6445 case 0xf9: /* stc */
6446 if (s->cc_op != CC_OP_DYNAMIC)
6447 gen_op_set_cc_op(s->cc_op);
6448 gen_compute_eflags(cpu_cc_src);
6449 tcg_gen_ori_tl(cpu_cc_src, cpu_cc_src, CC_C);
6450 s->cc_op = CC_OP_EFLAGS;
6452 case 0xfc: /* cld */
6453 tcg_gen_movi_i32(cpu_tmp2_i32, 1);
6454 tcg_gen_st_i32(cpu_tmp2_i32, cpu_env, offsetof(CPUState, df));
6456 case 0xfd: /* std */
6457 tcg_gen_movi_i32(cpu_tmp2_i32, -1);
6458 tcg_gen_st_i32(cpu_tmp2_i32, cpu_env, offsetof(CPUState, df));
6461 /************************/
6462 /* bit operations */
6463 case 0x1ba: /* bt/bts/btr/btc Gv, im */
6464 ot = dflag + OT_WORD;
6465 modrm = ldub_code(s->pc++);
6466 op = (modrm >> 3) & 7;
6467 mod = (modrm >> 6) & 3;
6468 rm = (modrm & 7) | REX_B(s);
6471 gen_lea_modrm(s, modrm, ®_addr, &offset_addr);
6472 gen_op_ld_T0_A0(ot + s->mem_index);
6474 gen_op_mov_TN_reg(ot, 0, rm);
6477 val = ldub_code(s->pc++);
6478 gen_op_movl_T1_im(val);
6483 case 0x1a3: /* bt Gv, Ev */
6486 case 0x1ab: /* bts */
6489 case 0x1b3: /* btr */
6492 case 0x1bb: /* btc */
6495 ot = dflag + OT_WORD;
6496 modrm = ldub_code(s->pc++);
6497 reg = ((modrm >> 3) & 7) | rex_r;
6498 mod = (modrm >> 6) & 3;
6499 rm = (modrm & 7) | REX_B(s);
6500 gen_op_mov_TN_reg(OT_LONG, 1, reg);
6502 gen_lea_modrm(s, modrm, ®_addr, &offset_addr);
6503 /* specific case: we need to add a displacement */
6504 gen_exts(ot, cpu_T[1]);
6505 tcg_gen_sari_tl(cpu_tmp0, cpu_T[1], 3 + ot);
6506 tcg_gen_shli_tl(cpu_tmp0, cpu_tmp0, ot);
6507 tcg_gen_add_tl(cpu_A0, cpu_A0, cpu_tmp0);
6508 gen_op_ld_T0_A0(ot + s->mem_index);
6510 gen_op_mov_TN_reg(ot, 0, rm);
6513 tcg_gen_andi_tl(cpu_T[1], cpu_T[1], (1 << (3 + ot)) - 1);
6516 tcg_gen_shr_tl(cpu_cc_src, cpu_T[0], cpu_T[1]);
6517 tcg_gen_movi_tl(cpu_cc_dst, 0);
6520 tcg_gen_shr_tl(cpu_tmp4, cpu_T[0], cpu_T[1]);
6521 tcg_gen_movi_tl(cpu_tmp0, 1);
6522 tcg_gen_shl_tl(cpu_tmp0, cpu_tmp0, cpu_T[1]);
6523 tcg_gen_or_tl(cpu_T[0], cpu_T[0], cpu_tmp0);
6526 tcg_gen_shr_tl(cpu_tmp4, cpu_T[0], cpu_T[1]);
6527 tcg_gen_movi_tl(cpu_tmp0, 1);
6528 tcg_gen_shl_tl(cpu_tmp0, cpu_tmp0, cpu_T[1]);
6529 tcg_gen_not_tl(cpu_tmp0, cpu_tmp0);
6530 tcg_gen_and_tl(cpu_T[0], cpu_T[0], cpu_tmp0);
6534 tcg_gen_shr_tl(cpu_tmp4, cpu_T[0], cpu_T[1]);
6535 tcg_gen_movi_tl(cpu_tmp0, 1);
6536 tcg_gen_shl_tl(cpu_tmp0, cpu_tmp0, cpu_T[1]);
6537 tcg_gen_xor_tl(cpu_T[0], cpu_T[0], cpu_tmp0);
6540 s->cc_op = CC_OP_SARB + ot;
6543 gen_op_st_T0_A0(ot + s->mem_index);
6545 gen_op_mov_reg_T0(ot, rm);
6546 tcg_gen_mov_tl(cpu_cc_src, cpu_tmp4);
6547 tcg_gen_movi_tl(cpu_cc_dst, 0);
6550 case 0x1bc: /* bsf */
6551 case 0x1bd: /* bsr */
6556 ot = dflag + OT_WORD;
6557 modrm = ldub_code(s->pc++);
6558 reg = ((modrm >> 3) & 7) | rex_r;
6559 gen_ldst_modrm(s,modrm, ot, OR_TMP0, 0);
6560 gen_extu(ot, cpu_T[0]);
6561 t0 = tcg_temp_local_new();
6562 tcg_gen_mov_tl(t0, cpu_T[0]);
6563 if ((b & 1) && (prefixes & PREFIX_REPZ) &&
6564 (s->cpuid_ext3_features & CPUID_EXT3_ABM)) {
6566 case OT_WORD: gen_helper_lzcnt(cpu_T[0], t0,
6567 tcg_const_i32(16)); break;
6568 case OT_LONG: gen_helper_lzcnt(cpu_T[0], t0,
6569 tcg_const_i32(32)); break;
6570 case OT_QUAD: gen_helper_lzcnt(cpu_T[0], t0,
6571 tcg_const_i32(64)); break;
6573 gen_op_mov_reg_T0(ot, reg);
6575 label1 = gen_new_label();
6576 tcg_gen_movi_tl(cpu_cc_dst, 0);
6577 tcg_gen_brcondi_tl(TCG_COND_EQ, t0, 0, label1);
6579 gen_helper_bsr(cpu_T[0], t0);
6581 gen_helper_bsf(cpu_T[0], t0);
6583 gen_op_mov_reg_T0(ot, reg);
6584 tcg_gen_movi_tl(cpu_cc_dst, 1);
6585 gen_set_label(label1);
6586 tcg_gen_discard_tl(cpu_cc_src);
6587 s->cc_op = CC_OP_LOGICB + ot;
6592 /************************/
6594 case 0x27: /* daa */
6597 if (s->cc_op != CC_OP_DYNAMIC)
6598 gen_op_set_cc_op(s->cc_op);
6600 s->cc_op = CC_OP_EFLAGS;
6602 case 0x2f: /* das */
6605 if (s->cc_op != CC_OP_DYNAMIC)
6606 gen_op_set_cc_op(s->cc_op);
6608 s->cc_op = CC_OP_EFLAGS;
6610 case 0x37: /* aaa */
6613 if (s->cc_op != CC_OP_DYNAMIC)
6614 gen_op_set_cc_op(s->cc_op);
6616 s->cc_op = CC_OP_EFLAGS;
6618 case 0x3f: /* aas */
6621 if (s->cc_op != CC_OP_DYNAMIC)
6622 gen_op_set_cc_op(s->cc_op);
6624 s->cc_op = CC_OP_EFLAGS;
6626 case 0xd4: /* aam */
6629 val = ldub_code(s->pc++);
6631 gen_exception(s, EXCP00_DIVZ, pc_start - s->cs_base);
6633 gen_helper_aam(tcg_const_i32(val));
6634 s->cc_op = CC_OP_LOGICB;
6637 case 0xd5: /* aad */
6640 val = ldub_code(s->pc++);
6641 gen_helper_aad(tcg_const_i32(val));
6642 s->cc_op = CC_OP_LOGICB;
6644 /************************/
6646 case 0x90: /* nop */
6647 /* XXX: correct lock test for all insn */
6648 if (prefixes & PREFIX_LOCK) {
6651 /* If REX_B is set, then this is xchg eax, r8d, not a nop. */
6653 goto do_xchg_reg_eax;
6655 if (prefixes & PREFIX_REPZ) {
6656 gen_svm_check_intercept(s, pc_start, SVM_EXIT_PAUSE);
6659 case 0x9b: /* fwait */
6660 if ((s->flags & (HF_MP_MASK | HF_TS_MASK)) ==
6661 (HF_MP_MASK | HF_TS_MASK)) {
6662 gen_exception(s, EXCP07_PREX, pc_start - s->cs_base);
6664 if (s->cc_op != CC_OP_DYNAMIC)
6665 gen_op_set_cc_op(s->cc_op);
6666 gen_jmp_im(pc_start - s->cs_base);
6670 case 0xcc: /* int3 */
6671 gen_interrupt(s, EXCP03_INT3, pc_start - s->cs_base, s->pc - s->cs_base);
6673 case 0xcd: /* int N */
6674 val = ldub_code(s->pc++);
6675 if (s->vm86 && s->iopl != 3) {
6676 gen_exception(s, EXCP0D_GPF, pc_start - s->cs_base);
6678 gen_interrupt(s, val, pc_start - s->cs_base, s->pc - s->cs_base);
6681 case 0xce: /* into */
6684 if (s->cc_op != CC_OP_DYNAMIC)
6685 gen_op_set_cc_op(s->cc_op);
6686 gen_jmp_im(pc_start - s->cs_base);
6687 gen_helper_into(tcg_const_i32(s->pc - pc_start));
6690 case 0xf1: /* icebp (undocumented, exits to external debugger) */
6691 gen_svm_check_intercept(s, pc_start, SVM_EXIT_ICEBP);
6693 gen_debug(s, pc_start - s->cs_base);
6696 tb_flush(cpu_single_env);
6697 cpu_set_log(CPU_LOG_INT | CPU_LOG_TB_IN_ASM);
6701 case 0xfa: /* cli */
6703 if (s->cpl <= s->iopl) {
6706 gen_exception(s, EXCP0D_GPF, pc_start - s->cs_base);
6712 gen_exception(s, EXCP0D_GPF, pc_start - s->cs_base);
6716 case 0xfb: /* sti */
6718 if (s->cpl <= s->iopl) {
6721 /* interruptions are enabled only the first insn after sti */
6722 /* If several instructions disable interrupts, only the
6724 if (!(s->tb->flags & HF_INHIBIT_IRQ_MASK))
6725 gen_helper_set_inhibit_irq();
6726 /* give a chance to handle pending irqs */
6727 gen_jmp_im(s->pc - s->cs_base);
6730 gen_exception(s, EXCP0D_GPF, pc_start - s->cs_base);
6736 gen_exception(s, EXCP0D_GPF, pc_start - s->cs_base);
6740 case 0x62: /* bound */
6743 ot = dflag ? OT_LONG : OT_WORD;
6744 modrm = ldub_code(s->pc++);
6745 reg = (modrm >> 3) & 7;
6746 mod = (modrm >> 6) & 3;
6749 gen_op_mov_TN_reg(ot, 0, reg);
6750 gen_lea_modrm(s, modrm, ®_addr, &offset_addr);
6751 gen_jmp_im(pc_start - s->cs_base);
6752 tcg_gen_trunc_tl_i32(cpu_tmp2_i32, cpu_T[0]);
6754 gen_helper_boundw(cpu_A0, cpu_tmp2_i32);
6756 gen_helper_boundl(cpu_A0, cpu_tmp2_i32);
6758 case 0x1c8 ... 0x1cf: /* bswap reg */
6759 reg = (b & 7) | REX_B(s);
6760 #ifdef TARGET_X86_64
6762 gen_op_mov_TN_reg(OT_QUAD, 0, reg);
6763 tcg_gen_bswap64_i64(cpu_T[0], cpu_T[0]);
6764 gen_op_mov_reg_T0(OT_QUAD, reg);
6768 gen_op_mov_TN_reg(OT_LONG, 0, reg);
6769 tcg_gen_ext32u_tl(cpu_T[0], cpu_T[0]);
6770 tcg_gen_bswap32_tl(cpu_T[0], cpu_T[0]);
6771 gen_op_mov_reg_T0(OT_LONG, reg);
6774 case 0xd6: /* salc */
6777 if (s->cc_op != CC_OP_DYNAMIC)
6778 gen_op_set_cc_op(s->cc_op);
6779 gen_compute_eflags_c(cpu_T[0]);
6780 tcg_gen_neg_tl(cpu_T[0], cpu_T[0]);
6781 gen_op_mov_reg_T0(OT_BYTE, R_EAX);
6783 case 0xe0: /* loopnz */
6784 case 0xe1: /* loopz */
6785 case 0xe2: /* loop */
6786 case 0xe3: /* jecxz */
6790 tval = (int8_t)insn_get(s, OT_BYTE);
6791 next_eip = s->pc - s->cs_base;
6796 l1 = gen_new_label();
6797 l2 = gen_new_label();
6798 l3 = gen_new_label();
6801 case 0: /* loopnz */
6803 if (s->cc_op != CC_OP_DYNAMIC)
6804 gen_op_set_cc_op(s->cc_op);
6805 gen_op_add_reg_im(s->aflag, R_ECX, -1);
6806 gen_op_jz_ecx(s->aflag, l3);
6807 gen_compute_eflags(cpu_tmp0);
6808 tcg_gen_andi_tl(cpu_tmp0, cpu_tmp0, CC_Z);
6810 tcg_gen_brcondi_tl(TCG_COND_EQ, cpu_tmp0, 0, l1);
6812 tcg_gen_brcondi_tl(TCG_COND_NE, cpu_tmp0, 0, l1);
6816 gen_op_add_reg_im(s->aflag, R_ECX, -1);
6817 gen_op_jnz_ecx(s->aflag, l1);
6821 gen_op_jz_ecx(s->aflag, l1);
6826 gen_jmp_im(next_eip);
6835 case 0x130: /* wrmsr */
6836 case 0x132: /* rdmsr */
6838 gen_exception(s, EXCP0D_GPF, pc_start - s->cs_base);
6840 if (s->cc_op != CC_OP_DYNAMIC)
6841 gen_op_set_cc_op(s->cc_op);
6842 gen_jmp_im(pc_start - s->cs_base);
6850 case 0x131: /* rdtsc */
6851 if (s->cc_op != CC_OP_DYNAMIC)
6852 gen_op_set_cc_op(s->cc_op);
6853 gen_jmp_im(pc_start - s->cs_base);
6859 gen_jmp(s, s->pc - s->cs_base);
6862 case 0x133: /* rdpmc */
6863 if (s->cc_op != CC_OP_DYNAMIC)
6864 gen_op_set_cc_op(s->cc_op);
6865 gen_jmp_im(pc_start - s->cs_base);
6868 case 0x134: /* sysenter */
6869 /* For Intel SYSENTER is valid on 64-bit */
6870 if (CODE64(s) && cpu_single_env->cpuid_vendor1 != CPUID_VENDOR_INTEL_1)
6873 gen_exception(s, EXCP0D_GPF, pc_start - s->cs_base);
6875 gen_update_cc_op(s);
6876 gen_jmp_im(pc_start - s->cs_base);
6877 gen_helper_sysenter();
6881 case 0x135: /* sysexit */
6882 /* For Intel SYSEXIT is valid on 64-bit */
6883 if (CODE64(s) && cpu_single_env->cpuid_vendor1 != CPUID_VENDOR_INTEL_1)
6886 gen_exception(s, EXCP0D_GPF, pc_start - s->cs_base);
6888 gen_update_cc_op(s);
6889 gen_jmp_im(pc_start - s->cs_base);
6890 gen_helper_sysexit(tcg_const_i32(dflag));
6894 #ifdef TARGET_X86_64
6895 case 0x105: /* syscall */
6896 /* XXX: is it usable in real mode ? */
6897 gen_update_cc_op(s);
6898 gen_jmp_im(pc_start - s->cs_base);
6899 gen_helper_syscall(tcg_const_i32(s->pc - pc_start));
6902 case 0x107: /* sysret */
6904 gen_exception(s, EXCP0D_GPF, pc_start - s->cs_base);
6906 gen_update_cc_op(s);
6907 gen_jmp_im(pc_start - s->cs_base);
6908 gen_helper_sysret(tcg_const_i32(s->dflag));
6909 /* condition codes are modified only in long mode */
6911 s->cc_op = CC_OP_EFLAGS;
6916 case 0x1a2: /* cpuid */
6917 if (s->cc_op != CC_OP_DYNAMIC)
6918 gen_op_set_cc_op(s->cc_op);
6919 gen_jmp_im(pc_start - s->cs_base);
6922 case 0xf4: /* hlt */
6924 gen_exception(s, EXCP0D_GPF, pc_start - s->cs_base);
6926 if (s->cc_op != CC_OP_DYNAMIC)
6927 gen_op_set_cc_op(s->cc_op);
6928 gen_jmp_im(pc_start - s->cs_base);
6929 gen_helper_hlt(tcg_const_i32(s->pc - pc_start));
6930 s->is_jmp = DISAS_TB_JUMP;
6934 modrm = ldub_code(s->pc++);
6935 mod = (modrm >> 6) & 3;
6936 op = (modrm >> 3) & 7;
6939 if (!s->pe || s->vm86)
6941 gen_svm_check_intercept(s, pc_start, SVM_EXIT_LDTR_READ);
6942 tcg_gen_ld32u_tl(cpu_T[0], cpu_env, offsetof(CPUX86State,ldt.selector));
6946 gen_ldst_modrm(s, modrm, ot, OR_TMP0, 1);
6949 if (!s->pe || s->vm86)
6952 gen_exception(s, EXCP0D_GPF, pc_start - s->cs_base);
6954 gen_svm_check_intercept(s, pc_start, SVM_EXIT_LDTR_WRITE);
6955 gen_ldst_modrm(s, modrm, OT_WORD, OR_TMP0, 0);
6956 gen_jmp_im(pc_start - s->cs_base);
6957 tcg_gen_trunc_tl_i32(cpu_tmp2_i32, cpu_T[0]);
6958 gen_helper_lldt(cpu_tmp2_i32);
6962 if (!s->pe || s->vm86)
6964 gen_svm_check_intercept(s, pc_start, SVM_EXIT_TR_READ);
6965 tcg_gen_ld32u_tl(cpu_T[0], cpu_env, offsetof(CPUX86State,tr.selector));
6969 gen_ldst_modrm(s, modrm, ot, OR_TMP0, 1);
6972 if (!s->pe || s->vm86)
6975 gen_exception(s, EXCP0D_GPF, pc_start - s->cs_base);
6977 gen_svm_check_intercept(s, pc_start, SVM_EXIT_TR_WRITE);
6978 gen_ldst_modrm(s, modrm, OT_WORD, OR_TMP0, 0);
6979 gen_jmp_im(pc_start - s->cs_base);
6980 tcg_gen_trunc_tl_i32(cpu_tmp2_i32, cpu_T[0]);
6981 gen_helper_ltr(cpu_tmp2_i32);
6986 if (!s->pe || s->vm86)
6988 gen_ldst_modrm(s, modrm, OT_WORD, OR_TMP0, 0);
6989 if (s->cc_op != CC_OP_DYNAMIC)
6990 gen_op_set_cc_op(s->cc_op);
6992 gen_helper_verr(cpu_T[0]);
6994 gen_helper_verw(cpu_T[0]);
6995 s->cc_op = CC_OP_EFLAGS;
7002 modrm = ldub_code(s->pc++);
7003 mod = (modrm >> 6) & 3;
7004 op = (modrm >> 3) & 7;
7010 gen_svm_check_intercept(s, pc_start, SVM_EXIT_GDTR_READ);
7011 gen_lea_modrm(s, modrm, ®_addr, &offset_addr);
7012 tcg_gen_ld32u_tl(cpu_T[0], cpu_env, offsetof(CPUX86State, gdt.limit));
7013 gen_op_st_T0_A0(OT_WORD + s->mem_index);
7014 gen_add_A0_im(s, 2);
7015 tcg_gen_ld_tl(cpu_T[0], cpu_env, offsetof(CPUX86State, gdt.base));
7017 gen_op_andl_T0_im(0xffffff);
7018 gen_op_st_T0_A0(CODE64(s) + OT_LONG + s->mem_index);
7023 case 0: /* monitor */
7024 if (!(s->cpuid_ext_features & CPUID_EXT_MONITOR) ||
7027 if (s->cc_op != CC_OP_DYNAMIC)
7028 gen_op_set_cc_op(s->cc_op);
7029 gen_jmp_im(pc_start - s->cs_base);
7030 #ifdef TARGET_X86_64
7031 if (s->aflag == 2) {
7032 gen_op_movq_A0_reg(R_EAX);
7036 gen_op_movl_A0_reg(R_EAX);
7038 gen_op_andl_A0_ffff();
7040 gen_add_A0_ds_seg(s);
7041 gen_helper_monitor(cpu_A0);
7044 if (!(s->cpuid_ext_features & CPUID_EXT_MONITOR) ||
7047 gen_update_cc_op(s);
7048 gen_jmp_im(pc_start - s->cs_base);
7049 gen_helper_mwait(tcg_const_i32(s->pc - pc_start));
7056 gen_svm_check_intercept(s, pc_start, SVM_EXIT_IDTR_READ);
7057 gen_lea_modrm(s, modrm, ®_addr, &offset_addr);
7058 tcg_gen_ld32u_tl(cpu_T[0], cpu_env, offsetof(CPUX86State, idt.limit));
7059 gen_op_st_T0_A0(OT_WORD + s->mem_index);
7060 gen_add_A0_im(s, 2);
7061 tcg_gen_ld_tl(cpu_T[0], cpu_env, offsetof(CPUX86State, idt.base));
7063 gen_op_andl_T0_im(0xffffff);
7064 gen_op_st_T0_A0(CODE64(s) + OT_LONG + s->mem_index);
7070 if (s->cc_op != CC_OP_DYNAMIC)
7071 gen_op_set_cc_op(s->cc_op);
7072 gen_jmp_im(pc_start - s->cs_base);
7075 if (!(s->flags & HF_SVME_MASK) || !s->pe)
7078 gen_exception(s, EXCP0D_GPF, pc_start - s->cs_base);
7081 gen_helper_vmrun(tcg_const_i32(s->aflag),
7082 tcg_const_i32(s->pc - pc_start));
7084 s->is_jmp = DISAS_TB_JUMP;
7087 case 1: /* VMMCALL */
7088 if (!(s->flags & HF_SVME_MASK))
7090 gen_helper_vmmcall();
7092 case 2: /* VMLOAD */
7093 if (!(s->flags & HF_SVME_MASK) || !s->pe)
7096 gen_exception(s, EXCP0D_GPF, pc_start - s->cs_base);
7099 gen_helper_vmload(tcg_const_i32(s->aflag));
7102 case 3: /* VMSAVE */
7103 if (!(s->flags & HF_SVME_MASK) || !s->pe)
7106 gen_exception(s, EXCP0D_GPF, pc_start - s->cs_base);
7109 gen_helper_vmsave(tcg_const_i32(s->aflag));
7113 if ((!(s->flags & HF_SVME_MASK) &&
7114 !(s->cpuid_ext3_features & CPUID_EXT3_SKINIT)) ||
7118 gen_exception(s, EXCP0D_GPF, pc_start - s->cs_base);
7125 if (!(s->flags & HF_SVME_MASK) || !s->pe)
7128 gen_exception(s, EXCP0D_GPF, pc_start - s->cs_base);
7134 case 6: /* SKINIT */
7135 if ((!(s->flags & HF_SVME_MASK) &&
7136 !(s->cpuid_ext3_features & CPUID_EXT3_SKINIT)) ||
7139 gen_helper_skinit();
7141 case 7: /* INVLPGA */
7142 if (!(s->flags & HF_SVME_MASK) || !s->pe)
7145 gen_exception(s, EXCP0D_GPF, pc_start - s->cs_base);
7148 gen_helper_invlpga(tcg_const_i32(s->aflag));
7154 } else if (s->cpl != 0) {
7155 gen_exception(s, EXCP0D_GPF, pc_start - s->cs_base);
7157 gen_svm_check_intercept(s, pc_start,
7158 op==2 ? SVM_EXIT_GDTR_WRITE : SVM_EXIT_IDTR_WRITE);
7159 gen_lea_modrm(s, modrm, ®_addr, &offset_addr);
7160 gen_op_ld_T1_A0(OT_WORD + s->mem_index);
7161 gen_add_A0_im(s, 2);
7162 gen_op_ld_T0_A0(CODE64(s) + OT_LONG + s->mem_index);
7164 gen_op_andl_T0_im(0xffffff);
7166 tcg_gen_st_tl(cpu_T[0], cpu_env, offsetof(CPUX86State,gdt.base));
7167 tcg_gen_st32_tl(cpu_T[1], cpu_env, offsetof(CPUX86State,gdt.limit));
7169 tcg_gen_st_tl(cpu_T[0], cpu_env, offsetof(CPUX86State,idt.base));
7170 tcg_gen_st32_tl(cpu_T[1], cpu_env, offsetof(CPUX86State,idt.limit));
7175 gen_svm_check_intercept(s, pc_start, SVM_EXIT_READ_CR0);
7176 #if defined TARGET_X86_64 && defined HOST_WORDS_BIGENDIAN
7177 tcg_gen_ld32u_tl(cpu_T[0], cpu_env, offsetof(CPUX86State,cr[0]) + 4);
7179 tcg_gen_ld32u_tl(cpu_T[0], cpu_env, offsetof(CPUX86State,cr[0]));
7181 gen_ldst_modrm(s, modrm, OT_WORD, OR_TMP0, 1);
7185 gen_exception(s, EXCP0D_GPF, pc_start - s->cs_base);
7187 gen_svm_check_intercept(s, pc_start, SVM_EXIT_WRITE_CR0);
7188 gen_ldst_modrm(s, modrm, OT_WORD, OR_TMP0, 0);
7189 gen_helper_lmsw(cpu_T[0]);
7190 gen_jmp_im(s->pc - s->cs_base);
7195 if (mod != 3) { /* invlpg */
7197 gen_exception(s, EXCP0D_GPF, pc_start - s->cs_base);
7199 if (s->cc_op != CC_OP_DYNAMIC)
7200 gen_op_set_cc_op(s->cc_op);
7201 gen_jmp_im(pc_start - s->cs_base);
7202 gen_lea_modrm(s, modrm, ®_addr, &offset_addr);
7203 gen_helper_invlpg(cpu_A0);
7204 gen_jmp_im(s->pc - s->cs_base);
7209 case 0: /* swapgs */
7210 #ifdef TARGET_X86_64
7213 gen_exception(s, EXCP0D_GPF, pc_start - s->cs_base);
7215 tcg_gen_ld_tl(cpu_T[0], cpu_env,
7216 offsetof(CPUX86State,segs[R_GS].base));
7217 tcg_gen_ld_tl(cpu_T[1], cpu_env,
7218 offsetof(CPUX86State,kernelgsbase));
7219 tcg_gen_st_tl(cpu_T[1], cpu_env,
7220 offsetof(CPUX86State,segs[R_GS].base));
7221 tcg_gen_st_tl(cpu_T[0], cpu_env,
7222 offsetof(CPUX86State,kernelgsbase));
7230 case 1: /* rdtscp */
7231 if (!(s->cpuid_ext2_features & CPUID_EXT2_RDTSCP))
7233 if (s->cc_op != CC_OP_DYNAMIC)
7234 gen_op_set_cc_op(s->cc_op);
7235 gen_jmp_im(pc_start - s->cs_base);
7238 gen_helper_rdtscp();
7241 gen_jmp(s, s->pc - s->cs_base);
7253 case 0x108: /* invd */
7254 case 0x109: /* wbinvd */
7256 gen_exception(s, EXCP0D_GPF, pc_start - s->cs_base);
7258 gen_svm_check_intercept(s, pc_start, (b & 2) ? SVM_EXIT_INVD : SVM_EXIT_WBINVD);
7262 case 0x63: /* arpl or movslS (x86_64) */
7263 #ifdef TARGET_X86_64
7266 /* d_ot is the size of destination */
7267 d_ot = dflag + OT_WORD;
7269 modrm = ldub_code(s->pc++);
7270 reg = ((modrm >> 3) & 7) | rex_r;
7271 mod = (modrm >> 6) & 3;
7272 rm = (modrm & 7) | REX_B(s);
7275 gen_op_mov_TN_reg(OT_LONG, 0, rm);
7277 if (d_ot == OT_QUAD)
7278 tcg_gen_ext32s_tl(cpu_T[0], cpu_T[0]);
7279 gen_op_mov_reg_T0(d_ot, reg);
7281 gen_lea_modrm(s, modrm, ®_addr, &offset_addr);
7282 if (d_ot == OT_QUAD) {
7283 gen_op_lds_T0_A0(OT_LONG + s->mem_index);
7285 gen_op_ld_T0_A0(OT_LONG + s->mem_index);
7287 gen_op_mov_reg_T0(d_ot, reg);
7293 TCGv t0, t1, t2, a0;
7295 if (!s->pe || s->vm86)
7297 t0 = tcg_temp_local_new();
7298 t1 = tcg_temp_local_new();
7299 t2 = tcg_temp_local_new();
7301 modrm = ldub_code(s->pc++);
7302 reg = (modrm >> 3) & 7;
7303 mod = (modrm >> 6) & 3;
7306 gen_lea_modrm(s, modrm, ®_addr, &offset_addr);
7307 gen_op_ld_v(ot + s->mem_index, t0, cpu_A0);
7308 a0 = tcg_temp_local_new();
7309 tcg_gen_mov_tl(a0, cpu_A0);
7311 gen_op_mov_v_reg(ot, t0, rm);
7314 gen_op_mov_v_reg(ot, t1, reg);
7315 tcg_gen_andi_tl(cpu_tmp0, t0, 3);
7316 tcg_gen_andi_tl(t1, t1, 3);
7317 tcg_gen_movi_tl(t2, 0);
7318 label1 = gen_new_label();
7319 tcg_gen_brcond_tl(TCG_COND_GE, cpu_tmp0, t1, label1);
7320 tcg_gen_andi_tl(t0, t0, ~3);
7321 tcg_gen_or_tl(t0, t0, t1);
7322 tcg_gen_movi_tl(t2, CC_Z);
7323 gen_set_label(label1);
7325 gen_op_st_v(ot + s->mem_index, t0, a0);
7328 gen_op_mov_reg_v(ot, rm, t0);
7330 if (s->cc_op != CC_OP_DYNAMIC)
7331 gen_op_set_cc_op(s->cc_op);
7332 gen_compute_eflags(cpu_cc_src);
7333 tcg_gen_andi_tl(cpu_cc_src, cpu_cc_src, ~CC_Z);
7334 tcg_gen_or_tl(cpu_cc_src, cpu_cc_src, t2);
7335 s->cc_op = CC_OP_EFLAGS;
7341 case 0x102: /* lar */
7342 case 0x103: /* lsl */
7346 if (!s->pe || s->vm86)
7348 ot = dflag ? OT_LONG : OT_WORD;
7349 modrm = ldub_code(s->pc++);
7350 reg = ((modrm >> 3) & 7) | rex_r;
7351 gen_ldst_modrm(s, modrm, OT_WORD, OR_TMP0, 0);
7352 t0 = tcg_temp_local_new();
7353 if (s->cc_op != CC_OP_DYNAMIC)
7354 gen_op_set_cc_op(s->cc_op);
7356 gen_helper_lar(t0, cpu_T[0]);
7358 gen_helper_lsl(t0, cpu_T[0]);
7359 tcg_gen_andi_tl(cpu_tmp0, cpu_cc_src, CC_Z);
7360 label1 = gen_new_label();
7361 tcg_gen_brcondi_tl(TCG_COND_EQ, cpu_tmp0, 0, label1);
7362 gen_op_mov_reg_v(ot, reg, t0);
7363 gen_set_label(label1);
7364 s->cc_op = CC_OP_EFLAGS;
7369 modrm = ldub_code(s->pc++);
7370 mod = (modrm >> 6) & 3;
7371 op = (modrm >> 3) & 7;
7373 case 0: /* prefetchnta */
7374 case 1: /* prefetchnt0 */
7375 case 2: /* prefetchnt0 */
7376 case 3: /* prefetchnt0 */
7379 gen_lea_modrm(s, modrm, ®_addr, &offset_addr);
7380 /* nothing more to do */
7382 default: /* nop (multi byte) */
7383 gen_nop_modrm(s, modrm);
7387 case 0x119 ... 0x11f: /* nop (multi byte) */
7388 modrm = ldub_code(s->pc++);
7389 gen_nop_modrm(s, modrm);
7391 case 0x120: /* mov reg, crN */
7392 case 0x122: /* mov crN, reg */
7394 gen_exception(s, EXCP0D_GPF, pc_start - s->cs_base);
7396 modrm = ldub_code(s->pc++);
7397 if ((modrm & 0xc0) != 0xc0)
7399 rm = (modrm & 7) | REX_B(s);
7400 reg = ((modrm >> 3) & 7) | rex_r;
7405 if ((prefixes & PREFIX_LOCK) && (reg == 0) &&
7406 (s->cpuid_ext3_features & CPUID_EXT3_CR8LEG)) {
7415 if (s->cc_op != CC_OP_DYNAMIC)
7416 gen_op_set_cc_op(s->cc_op);
7417 gen_jmp_im(pc_start - s->cs_base);
7419 gen_op_mov_TN_reg(ot, 0, rm);
7420 gen_helper_write_crN(tcg_const_i32(reg), cpu_T[0]);
7421 gen_jmp_im(s->pc - s->cs_base);
7424 gen_helper_read_crN(cpu_T[0], tcg_const_i32(reg));
7425 gen_op_mov_reg_T0(ot, rm);
7433 case 0x121: /* mov reg, drN */
7434 case 0x123: /* mov drN, reg */
7436 gen_exception(s, EXCP0D_GPF, pc_start - s->cs_base);
7438 modrm = ldub_code(s->pc++);
7439 if ((modrm & 0xc0) != 0xc0)
7441 rm = (modrm & 7) | REX_B(s);
7442 reg = ((modrm >> 3) & 7) | rex_r;
7447 /* XXX: do it dynamically with CR4.DE bit */
7448 if (reg == 4 || reg == 5 || reg >= 8)
7451 gen_svm_check_intercept(s, pc_start, SVM_EXIT_WRITE_DR0 + reg);
7452 gen_op_mov_TN_reg(ot, 0, rm);
7453 gen_helper_movl_drN_T0(tcg_const_i32(reg), cpu_T[0]);
7454 gen_jmp_im(s->pc - s->cs_base);
7457 gen_svm_check_intercept(s, pc_start, SVM_EXIT_READ_DR0 + reg);
7458 tcg_gen_ld_tl(cpu_T[0], cpu_env, offsetof(CPUX86State,dr[reg]));
7459 gen_op_mov_reg_T0(ot, rm);
7463 case 0x106: /* clts */
7465 gen_exception(s, EXCP0D_GPF, pc_start - s->cs_base);
7467 gen_svm_check_intercept(s, pc_start, SVM_EXIT_WRITE_CR0);
7469 /* abort block because static cpu state changed */
7470 gen_jmp_im(s->pc - s->cs_base);
7474 /* MMX/3DNow!/SSE/SSE2/SSE3/SSSE3/SSE4 support */
7475 case 0x1c3: /* MOVNTI reg, mem */
7476 if (!(s->cpuid_features & CPUID_SSE2))
7478 ot = s->dflag == 2 ? OT_QUAD : OT_LONG;
7479 modrm = ldub_code(s->pc++);
7480 mod = (modrm >> 6) & 3;
7483 reg = ((modrm >> 3) & 7) | rex_r;
7484 /* generate a generic store */
7485 gen_ldst_modrm(s, modrm, ot, reg, 1);
7488 modrm = ldub_code(s->pc++);
7489 mod = (modrm >> 6) & 3;
7490 op = (modrm >> 3) & 7;
7492 case 0: /* fxsave */
7493 if (mod == 3 || !(s->cpuid_features & CPUID_FXSR) ||
7494 (s->prefix & PREFIX_LOCK))
7496 if ((s->flags & HF_EM_MASK) || (s->flags & HF_TS_MASK)) {
7497 gen_exception(s, EXCP07_PREX, pc_start - s->cs_base);
7500 gen_lea_modrm(s, modrm, ®_addr, &offset_addr);
7501 if (s->cc_op != CC_OP_DYNAMIC)
7502 gen_op_set_cc_op(s->cc_op);
7503 gen_jmp_im(pc_start - s->cs_base);
7504 gen_helper_fxsave(cpu_A0, tcg_const_i32((s->dflag == 2)));
7506 case 1: /* fxrstor */
7507 if (mod == 3 || !(s->cpuid_features & CPUID_FXSR) ||
7508 (s->prefix & PREFIX_LOCK))
7510 if ((s->flags & HF_EM_MASK) || (s->flags & HF_TS_MASK)) {
7511 gen_exception(s, EXCP07_PREX, pc_start - s->cs_base);
7514 gen_lea_modrm(s, modrm, ®_addr, &offset_addr);
7515 if (s->cc_op != CC_OP_DYNAMIC)
7516 gen_op_set_cc_op(s->cc_op);
7517 gen_jmp_im(pc_start - s->cs_base);
7518 gen_helper_fxrstor(cpu_A0, tcg_const_i32((s->dflag == 2)));
7520 case 2: /* ldmxcsr */
7521 case 3: /* stmxcsr */
7522 if (s->flags & HF_TS_MASK) {
7523 gen_exception(s, EXCP07_PREX, pc_start - s->cs_base);
7526 if ((s->flags & HF_EM_MASK) || !(s->flags & HF_OSFXSR_MASK) ||
7529 gen_lea_modrm(s, modrm, ®_addr, &offset_addr);
7531 gen_op_ld_T0_A0(OT_LONG + s->mem_index);
7532 tcg_gen_st32_tl(cpu_T[0], cpu_env, offsetof(CPUX86State, mxcsr));
7534 tcg_gen_ld32u_tl(cpu_T[0], cpu_env, offsetof(CPUX86State, mxcsr));
7535 gen_op_st_T0_A0(OT_LONG + s->mem_index);
7538 case 5: /* lfence */
7539 case 6: /* mfence */
7540 if ((modrm & 0xc7) != 0xc0 || !(s->cpuid_features & CPUID_SSE2))
7543 case 7: /* sfence / clflush */
7544 if ((modrm & 0xc7) == 0xc0) {
7546 /* XXX: also check for cpuid_ext2_features & CPUID_EXT2_EMMX */
7547 if (!(s->cpuid_features & CPUID_SSE))
7551 if (!(s->cpuid_features & CPUID_CLFLUSH))
7553 gen_lea_modrm(s, modrm, ®_addr, &offset_addr);
7560 case 0x10d: /* 3DNow! prefetch(w) */
7561 modrm = ldub_code(s->pc++);
7562 mod = (modrm >> 6) & 3;
7565 gen_lea_modrm(s, modrm, ®_addr, &offset_addr);
7566 /* ignore for now */
7568 case 0x1aa: /* rsm */
7569 gen_svm_check_intercept(s, pc_start, SVM_EXIT_RSM);
7570 if (!(s->flags & HF_SMM_MASK))
7572 gen_update_cc_op(s);
7573 gen_jmp_im(s->pc - s->cs_base);
7577 case 0x1b8: /* SSE4.2 popcnt */
7578 if ((prefixes & (PREFIX_REPZ | PREFIX_LOCK | PREFIX_REPNZ)) !=
7581 if (!(s->cpuid_ext_features & CPUID_EXT_POPCNT))
7584 modrm = ldub_code(s->pc++);
7585 reg = ((modrm >> 3) & 7);
7587 if (s->prefix & PREFIX_DATA)
7589 else if (s->dflag != 2)
7594 gen_ldst_modrm(s, modrm, ot, OR_TMP0, 0);
7595 gen_helper_popcnt(cpu_T[0], cpu_T[0], tcg_const_i32(ot));
7596 gen_op_mov_reg_T0(ot, reg);
7598 s->cc_op = CC_OP_EFLAGS;
7600 case 0x10e ... 0x10f:
7601 /* 3DNow! instructions, ignore prefixes */
7602 s->prefix &= ~(PREFIX_REPZ | PREFIX_REPNZ | PREFIX_DATA);
7603 case 0x110 ... 0x117:
7604 case 0x128 ... 0x12f:
7605 case 0x138 ... 0x13a:
7606 case 0x150 ... 0x179:
7607 case 0x17c ... 0x17f:
7609 case 0x1c4 ... 0x1c6:
7610 case 0x1d0 ... 0x1fe:
7611 gen_sse(s, b, pc_start, rex_r);
7616 /* lock generation */
7617 if (s->prefix & PREFIX_LOCK)
7618 gen_helper_unlock();
7621 if (s->prefix & PREFIX_LOCK)
7622 gen_helper_unlock();
7623 /* XXX: ensure that no lock was generated */
7624 gen_exception(s, EXCP06_ILLOP, pc_start - s->cs_base);
7628 void optimize_flags_init(void)
7630 #if TCG_TARGET_REG_BITS == 32
7631 assert(sizeof(CCTable) == (1 << 3));
7633 assert(sizeof(CCTable) == (1 << 4));
7635 cpu_env = tcg_global_reg_new_ptr(TCG_AREG0, "env");
7636 cpu_cc_op = tcg_global_mem_new_i32(TCG_AREG0,
7637 offsetof(CPUState, cc_op), "cc_op");
7638 cpu_cc_src = tcg_global_mem_new(TCG_AREG0, offsetof(CPUState, cc_src),
7640 cpu_cc_dst = tcg_global_mem_new(TCG_AREG0, offsetof(CPUState, cc_dst),
7642 cpu_cc_tmp = tcg_global_mem_new(TCG_AREG0, offsetof(CPUState, cc_tmp),
7645 #ifdef TARGET_X86_64
7646 cpu_regs[R_EAX] = tcg_global_mem_new_i64(TCG_AREG0,
7647 offsetof(CPUState, regs[R_EAX]), "rax");
7648 cpu_regs[R_ECX] = tcg_global_mem_new_i64(TCG_AREG0,
7649 offsetof(CPUState, regs[R_ECX]), "rcx");
7650 cpu_regs[R_EDX] = tcg_global_mem_new_i64(TCG_AREG0,
7651 offsetof(CPUState, regs[R_EDX]), "rdx");
7652 cpu_regs[R_EBX] = tcg_global_mem_new_i64(TCG_AREG0,
7653 offsetof(CPUState, regs[R_EBX]), "rbx");
7654 cpu_regs[R_ESP] = tcg_global_mem_new_i64(TCG_AREG0,
7655 offsetof(CPUState, regs[R_ESP]), "rsp");
7656 cpu_regs[R_EBP] = tcg_global_mem_new_i64(TCG_AREG0,
7657 offsetof(CPUState, regs[R_EBP]), "rbp");
7658 cpu_regs[R_ESI] = tcg_global_mem_new_i64(TCG_AREG0,
7659 offsetof(CPUState, regs[R_ESI]), "rsi");
7660 cpu_regs[R_EDI] = tcg_global_mem_new_i64(TCG_AREG0,
7661 offsetof(CPUState, regs[R_EDI]), "rdi");
7662 cpu_regs[8] = tcg_global_mem_new_i64(TCG_AREG0,
7663 offsetof(CPUState, regs[8]), "r8");
7664 cpu_regs[9] = tcg_global_mem_new_i64(TCG_AREG0,
7665 offsetof(CPUState, regs[9]), "r9");
7666 cpu_regs[10] = tcg_global_mem_new_i64(TCG_AREG0,
7667 offsetof(CPUState, regs[10]), "r10");
7668 cpu_regs[11] = tcg_global_mem_new_i64(TCG_AREG0,
7669 offsetof(CPUState, regs[11]), "r11");
7670 cpu_regs[12] = tcg_global_mem_new_i64(TCG_AREG0,
7671 offsetof(CPUState, regs[12]), "r12");
7672 cpu_regs[13] = tcg_global_mem_new_i64(TCG_AREG0,
7673 offsetof(CPUState, regs[13]), "r13");
7674 cpu_regs[14] = tcg_global_mem_new_i64(TCG_AREG0,
7675 offsetof(CPUState, regs[14]), "r14");
7676 cpu_regs[15] = tcg_global_mem_new_i64(TCG_AREG0,
7677 offsetof(CPUState, regs[15]), "r15");
7679 cpu_regs[R_EAX] = tcg_global_mem_new_i32(TCG_AREG0,
7680 offsetof(CPUState, regs[R_EAX]), "eax");
7681 cpu_regs[R_ECX] = tcg_global_mem_new_i32(TCG_AREG0,
7682 offsetof(CPUState, regs[R_ECX]), "ecx");
7683 cpu_regs[R_EDX] = tcg_global_mem_new_i32(TCG_AREG0,
7684 offsetof(CPUState, regs[R_EDX]), "edx");
7685 cpu_regs[R_EBX] = tcg_global_mem_new_i32(TCG_AREG0,
7686 offsetof(CPUState, regs[R_EBX]), "ebx");
7687 cpu_regs[R_ESP] = tcg_global_mem_new_i32(TCG_AREG0,
7688 offsetof(CPUState, regs[R_ESP]), "esp");
7689 cpu_regs[R_EBP] = tcg_global_mem_new_i32(TCG_AREG0,
7690 offsetof(CPUState, regs[R_EBP]), "ebp");
7691 cpu_regs[R_ESI] = tcg_global_mem_new_i32(TCG_AREG0,
7692 offsetof(CPUState, regs[R_ESI]), "esi");
7693 cpu_regs[R_EDI] = tcg_global_mem_new_i32(TCG_AREG0,
7694 offsetof(CPUState, regs[R_EDI]), "edi");
7697 /* register helpers */
7698 #define GEN_HELPER 2
7702 /* generate intermediate code in gen_opc_buf and gen_opparam_buf for
7703 basic block 'tb'. If search_pc is TRUE, also generate PC
7704 information for each intermediate instruction. */
7705 static inline void gen_intermediate_code_internal(CPUState *env,
7706 TranslationBlock *tb,
7709 DisasContext dc1, *dc = &dc1;
7710 target_ulong pc_ptr;
7711 uint16_t *gen_opc_end;
7715 target_ulong pc_start;
7716 target_ulong cs_base;
7720 /* generate intermediate code */
7722 cs_base = tb->cs_base;
7725 dc->pe = (flags >> HF_PE_SHIFT) & 1;
7726 dc->code32 = (flags >> HF_CS32_SHIFT) & 1;
7727 dc->ss32 = (flags >> HF_SS32_SHIFT) & 1;
7728 dc->addseg = (flags >> HF_ADDSEG_SHIFT) & 1;
7730 dc->vm86 = (flags >> VM_SHIFT) & 1;
7731 dc->cpl = (flags >> HF_CPL_SHIFT) & 3;
7732 dc->iopl = (flags >> IOPL_SHIFT) & 3;
7733 dc->tf = (flags >> TF_SHIFT) & 1;
7734 dc->singlestep_enabled = env->singlestep_enabled;
7735 dc->cc_op = CC_OP_DYNAMIC;
7736 dc->cs_base = cs_base;
7738 dc->popl_esp_hack = 0;
7739 /* select memory access functions */
7741 if (flags & HF_SOFTMMU_MASK) {
7743 dc->mem_index = 2 * 4;
7745 dc->mem_index = 1 * 4;
7747 dc->cpuid_features = env->cpuid_features;
7748 dc->cpuid_ext_features = env->cpuid_ext_features;
7749 dc->cpuid_ext2_features = env->cpuid_ext2_features;
7750 dc->cpuid_ext3_features = env->cpuid_ext3_features;
7751 #ifdef TARGET_X86_64
7752 dc->lma = (flags >> HF_LMA_SHIFT) & 1;
7753 dc->code64 = (flags >> HF_CS64_SHIFT) & 1;
7756 dc->jmp_opt = !(dc->tf || env->singlestep_enabled ||
7757 (flags & HF_INHIBIT_IRQ_MASK)
7758 #ifndef CONFIG_SOFTMMU
7759 || (flags & HF_SOFTMMU_MASK)
7763 /* check addseg logic */
7764 if (!dc->addseg && (dc->vm86 || !dc->pe || !dc->code32))
7765 printf("ERROR addseg\n");
7768 cpu_T[0] = tcg_temp_new();
7769 cpu_T[1] = tcg_temp_new();
7770 cpu_A0 = tcg_temp_new();
7771 cpu_T3 = tcg_temp_new();
7773 cpu_tmp0 = tcg_temp_new();
7774 cpu_tmp1_i64 = tcg_temp_new_i64();
7775 cpu_tmp2_i32 = tcg_temp_new_i32();
7776 cpu_tmp3_i32 = tcg_temp_new_i32();
7777 cpu_tmp4 = tcg_temp_new();
7778 cpu_tmp5 = tcg_temp_new();
7779 cpu_ptr0 = tcg_temp_new_ptr();
7780 cpu_ptr1 = tcg_temp_new_ptr();
7782 gen_opc_end = gen_opc_buf + OPC_MAX_SIZE;
7784 dc->is_jmp = DISAS_NEXT;
7788 max_insns = tb->cflags & CF_COUNT_MASK;
7790 max_insns = CF_COUNT_MASK;
7794 if (unlikely(!QTAILQ_EMPTY(&env->breakpoints))) {
7795 QTAILQ_FOREACH(bp, &env->breakpoints, entry) {
7796 if (bp->pc == pc_ptr &&
7797 !((bp->flags & BP_CPU) && (tb->flags & HF_RF_MASK))) {
7798 gen_debug(dc, pc_ptr - dc->cs_base);
7804 j = gen_opc_ptr - gen_opc_buf;
7808 gen_opc_instr_start[lj++] = 0;
7810 gen_opc_pc[lj] = pc_ptr;
7811 gen_opc_cc_op[lj] = dc->cc_op;
7812 gen_opc_instr_start[lj] = 1;
7813 gen_opc_icount[lj] = num_insns;
7815 if (num_insns + 1 == max_insns && (tb->cflags & CF_LAST_IO))
7818 pc_ptr = disas_insn(dc, pc_ptr);
7820 /* stop translation if indicated */
7823 /* if single step mode, we generate only one instruction and
7824 generate an exception */
7825 /* if irq were inhibited with HF_INHIBIT_IRQ_MASK, we clear
7826 the flag and abort the translation to give the irqs a
7827 change to be happen */
7828 if (dc->tf || dc->singlestep_enabled ||
7829 (flags & HF_INHIBIT_IRQ_MASK)) {
7830 gen_jmp_im(pc_ptr - dc->cs_base);
7834 /* if too long translation, stop generation too */
7835 if (gen_opc_ptr >= gen_opc_end ||
7836 (pc_ptr - pc_start) >= (TARGET_PAGE_SIZE - 32) ||
7837 num_insns >= max_insns) {
7838 gen_jmp_im(pc_ptr - dc->cs_base);
7843 gen_jmp_im(pc_ptr - dc->cs_base);
7848 if (tb->cflags & CF_LAST_IO)
7850 gen_icount_end(tb, num_insns);
7851 *gen_opc_ptr = INDEX_op_end;
7852 /* we don't forget to fill the last values */
7854 j = gen_opc_ptr - gen_opc_buf;
7857 gen_opc_instr_start[lj++] = 0;
7861 if (qemu_loglevel_mask(CPU_LOG_TB_IN_ASM)) {
7863 qemu_log("----------------\n");
7864 qemu_log("IN: %s\n", lookup_symbol(pc_start));
7865 #ifdef TARGET_X86_64
7870 disas_flags = !dc->code32;
7871 log_target_disas(pc_start, pc_ptr - pc_start, disas_flags);
7877 tb->size = pc_ptr - pc_start;
7878 tb->icount = num_insns;
7882 void gen_intermediate_code(CPUState *env, TranslationBlock *tb)
7884 gen_intermediate_code_internal(env, tb, 0);
7887 void gen_intermediate_code_pc(CPUState *env, TranslationBlock *tb)
7889 gen_intermediate_code_internal(env, tb, 1);
7892 void restore_state_to_opc(CPUState *env, TranslationBlock *tb, int pc_pos)
7896 if (qemu_loglevel_mask(CPU_LOG_TB_OP)) {
7898 qemu_log("RESTORE:\n");
7899 for(i = 0;i <= pc_pos; i++) {
7900 if (gen_opc_instr_start[i]) {
7901 qemu_log("0x%04x: " TARGET_FMT_lx "\n", i, gen_opc_pc[i]);
7904 qemu_log("pc_pos=0x%x eip=" TARGET_FMT_lx " cs_base=%x\n",
7905 pc_pos, gen_opc_pc[pc_pos] - tb->cs_base,
7906 (uint32_t)tb->cs_base);
7909 env->eip = gen_opc_pc[pc_pos] - tb->cs_base;
7910 cc_op = gen_opc_cc_op[pc_pos];
7911 if (cc_op != CC_OP_DYNAMIC)
projects / qemu.git / blob