1# AArch64 A64 allowed instruction decoding 2# 3# Copyright (c) 2023 Linaro, Ltd 4# 5# This library is free software; you can redistribute it and/or 6# modify it under the terms of the GNU Lesser General Public 7# License as published by the Free Software Foundation; either 8# version 2.1 of the License, or (at your option) any later version. 9# 10# This library is distributed in the hope that it will be useful, 11# but WITHOUT ANY WARRANTY; without even the implied warranty of 12# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 13# Lesser General Public License for more details. 14# 15# You should have received a copy of the GNU Lesser General Public 16# License along with this library; if not, see <http://www.gnu.org/licenses/>. 17 18# 19# This file is processed by scripts/decodetree.py 20# 21 22%rd 0:5 23 24&r rn 25&ri rd imm 26&rri_sf rd rn imm sf 27&i imm 28&qrr_e q rd rn esz 29&qrrr_e q rd rn rm esz 30&qrrrr_e q rd rn rm ra esz 31 32@rr_q1e0 ........ ........ ...... rn:5 rd:5 &qrr_e q=1 esz=0 33@r2r_q1e0 ........ ........ ...... rm:5 rd:5 &qrrr_e rn=%rd q=1 esz=0 34@rrr_q1e0 ........ ... rm:5 ...... rn:5 rd:5 &qrrr_e q=1 esz=0 35@rrr_q1e3 ........ ... rm:5 ...... rn:5 rd:5 &qrrr_e q=1 esz=3 36@rrrr_q1e3 ........ ... rm:5 . ra:5 rn:5 rd:5 &qrrrr_e q=1 esz=3 37 38### Data Processing - Immediate 39 40# PC-rel addressing 41 42%imm_pcrel 5:s19 29:2 43@pcrel . .. ..... ................... rd:5 &ri imm=%imm_pcrel 44 45ADR 0 .. 10000 ................... ..... @pcrel 46ADRP 1 .. 10000 ................... ..... @pcrel 47 48# Add/subtract (immediate) 49 50%imm12_sh12 10:12 !function=shl_12 51@addsub_imm sf:1 .. ...... . imm:12 rn:5 rd:5 52@addsub_imm12 sf:1 .. ...... . ............ rn:5 rd:5 imm=%imm12_sh12 53 54ADD_i . 00 100010 0 ............ ..... ..... @addsub_imm 55ADD_i . 00 100010 1 ............ ..... ..... @addsub_imm12 56ADDS_i . 01 100010 0 ............ ..... ..... @addsub_imm 57ADDS_i . 01 100010 1 ............ ..... ..... @addsub_imm12 58 59SUB_i . 10 100010 0 ............ ..... ..... @addsub_imm 60SUB_i . 10 100010 1 ............ ..... ..... @addsub_imm12 61SUBS_i . 11 100010 0 ............ ..... ..... @addsub_imm 62SUBS_i . 11 100010 1 ............ ..... ..... @addsub_imm12 63 64# Add/subtract (immediate with tags) 65 66&rri_tag rd rn uimm6 uimm4 67@addsub_imm_tag . .. ...... . uimm6:6 .. uimm4:4 rn:5 rd:5 &rri_tag 68 69ADDG_i 1 00 100011 0 ...... 00 .... ..... ..... @addsub_imm_tag 70SUBG_i 1 10 100011 0 ...... 00 .... ..... ..... @addsub_imm_tag 71 72# Logical (immediate) 73 74&rri_log rd rn sf dbm 75@logic_imm_64 1 .. ...... dbm:13 rn:5 rd:5 &rri_log sf=1 76@logic_imm_32 0 .. ...... 0 dbm:12 rn:5 rd:5 &rri_log sf=0 77 78AND_i . 00 100100 . ...... ...... ..... ..... @logic_imm_64 79AND_i . 00 100100 . ...... ...... ..... ..... @logic_imm_32 80ORR_i . 01 100100 . ...... ...... ..... ..... @logic_imm_64 81ORR_i . 01 100100 . ...... ...... ..... ..... @logic_imm_32 82EOR_i . 10 100100 . ...... ...... ..... ..... @logic_imm_64 83EOR_i . 10 100100 . ...... ...... ..... ..... @logic_imm_32 84ANDS_i . 11 100100 . ...... ...... ..... ..... @logic_imm_64 85ANDS_i . 11 100100 . ...... ...... ..... ..... @logic_imm_32 86 87# Move wide (immediate) 88 89&movw rd sf imm hw 90@movw_64 1 .. ...... hw:2 imm:16 rd:5 &movw sf=1 91@movw_32 0 .. ...... 0 hw:1 imm:16 rd:5 &movw sf=0 92 93MOVN . 00 100101 .. ................ ..... @movw_64 94MOVN . 00 100101 .. ................ ..... @movw_32 95MOVZ . 10 100101 .. ................ ..... @movw_64 96MOVZ . 10 100101 .. ................ ..... @movw_32 97MOVK . 11 100101 .. ................ ..... @movw_64 98MOVK . 11 100101 .. ................ ..... @movw_32 99 100# Bitfield 101 102&bitfield rd rn sf immr imms 103@bitfield_64 1 .. ...... 1 immr:6 imms:6 rn:5 rd:5 &bitfield sf=1 104@bitfield_32 0 .. ...... 0 0 immr:5 0 imms:5 rn:5 rd:5 &bitfield sf=0 105 106SBFM . 00 100110 . ...... ...... ..... ..... @bitfield_64 107SBFM . 00 100110 . ...... ...... ..... ..... @bitfield_32 108BFM . 01 100110 . ...... ...... ..... ..... @bitfield_64 109BFM . 01 100110 . ...... ...... ..... ..... @bitfield_32 110UBFM . 10 100110 . ...... ...... ..... ..... @bitfield_64 111UBFM . 10 100110 . ...... ...... ..... ..... @bitfield_32 112 113# Extract 114 115&extract rd rn rm imm sf 116 117EXTR 1 00 100111 1 0 rm:5 imm:6 rn:5 rd:5 &extract sf=1 118EXTR 0 00 100111 0 0 rm:5 0 imm:5 rn:5 rd:5 &extract sf=0 119 120# Branches 121 122%imm26 0:s26 !function=times_4 123@branch . ..... .......................... &i imm=%imm26 124 125B 0 00101 .......................... @branch 126BL 1 00101 .......................... @branch 127 128%imm19 5:s19 !function=times_4 129&cbz rt imm sf nz 130 131CBZ sf:1 011010 nz:1 ................... rt:5 &cbz imm=%imm19 132 133%imm14 5:s14 !function=times_4 134%imm31_19 31:1 19:5 135&tbz rt imm nz bitpos 136 137TBZ . 011011 nz:1 ..... .............. rt:5 &tbz imm=%imm14 bitpos=%imm31_19 138 139# B.cond and BC.cond 140B_cond 0101010 0 ................... c:1 cond:4 imm=%imm19 141 142BR 1101011 0000 11111 000000 rn:5 00000 &r 143BLR 1101011 0001 11111 000000 rn:5 00000 &r 144RET 1101011 0010 11111 000000 rn:5 00000 &r 145 146&braz rn m 147BRAZ 1101011 0000 11111 00001 m:1 rn:5 11111 &braz # BRAAZ, BRABZ 148BLRAZ 1101011 0001 11111 00001 m:1 rn:5 11111 &braz # BLRAAZ, BLRABZ 149 150&reta m 151RETA 1101011 0010 11111 00001 m:1 11111 11111 &reta # RETAA, RETAB 152 153&bra rn rm m 154BRA 1101011 1000 11111 00001 m:1 rn:5 rm:5 &bra # BRAA, BRAB 155BLRA 1101011 1001 11111 00001 m:1 rn:5 rm:5 &bra # BLRAA, BLRAB 156 157ERET 1101011 0100 11111 000000 11111 00000 158ERETA 1101011 0100 11111 00001 m:1 11111 11111 &reta # ERETAA, ERETAB 159 160# We don't need to decode DRPS because it always UNDEFs except when 161# the processor is in halting debug state (which we don't implement). 162# The pattern is listed here as documentation. 163# DRPS 1101011 0101 11111 000000 11111 00000 164 165# Hint instruction group 166{ 167 [ 168 YIELD 1101 0101 0000 0011 0010 0000 001 11111 169 WFE 1101 0101 0000 0011 0010 0000 010 11111 170 WFI 1101 0101 0000 0011 0010 0000 011 11111 171 # We implement WFE to never block, so our SEV/SEVL are NOPs 172 # SEV 1101 0101 0000 0011 0010 0000 100 11111 173 # SEVL 1101 0101 0000 0011 0010 0000 101 11111 174 # Our DGL is a NOP because we don't merge memory accesses anyway. 175 # DGL 1101 0101 0000 0011 0010 0000 110 11111 176 XPACLRI 1101 0101 0000 0011 0010 0000 111 11111 177 PACIA1716 1101 0101 0000 0011 0010 0001 000 11111 178 PACIB1716 1101 0101 0000 0011 0010 0001 010 11111 179 AUTIA1716 1101 0101 0000 0011 0010 0001 100 11111 180 AUTIB1716 1101 0101 0000 0011 0010 0001 110 11111 181 ESB 1101 0101 0000 0011 0010 0010 000 11111 182 PACIAZ 1101 0101 0000 0011 0010 0011 000 11111 183 PACIASP 1101 0101 0000 0011 0010 0011 001 11111 184 PACIBZ 1101 0101 0000 0011 0010 0011 010 11111 185 PACIBSP 1101 0101 0000 0011 0010 0011 011 11111 186 AUTIAZ 1101 0101 0000 0011 0010 0011 100 11111 187 AUTIASP 1101 0101 0000 0011 0010 0011 101 11111 188 AUTIBZ 1101 0101 0000 0011 0010 0011 110 11111 189 AUTIBSP 1101 0101 0000 0011 0010 0011 111 11111 190 ] 191 # The canonical NOP has CRm == op2 == 0, but all of the space 192 # that isn't specifically allocated to an instruction must NOP 193 NOP 1101 0101 0000 0011 0010 ---- --- 11111 194} 195 196# Barriers 197 198CLREX 1101 0101 0000 0011 0011 ---- 010 11111 199DSB_DMB 1101 0101 0000 0011 0011 domain:2 types:2 10- 11111 200ISB 1101 0101 0000 0011 0011 ---- 110 11111 201SB 1101 0101 0000 0011 0011 0000 111 11111 202 203# PSTATE 204 205CFINV 1101 0101 0000 0 000 0100 0000 000 11111 206XAFLAG 1101 0101 0000 0 000 0100 0000 001 11111 207AXFLAG 1101 0101 0000 0 000 0100 0000 010 11111 208 209# These are architecturally all "MSR (immediate)"; we decode the destination 210# register too because there is no commonality in our implementation. 211@msr_i .... .... .... . ... .... imm:4 ... ..... 212MSR_i_UAO 1101 0101 0000 0 000 0100 .... 011 11111 @msr_i 213MSR_i_PAN 1101 0101 0000 0 000 0100 .... 100 11111 @msr_i 214MSR_i_SPSEL 1101 0101 0000 0 000 0100 .... 101 11111 @msr_i 215MSR_i_SBSS 1101 0101 0000 0 011 0100 .... 001 11111 @msr_i 216MSR_i_DIT 1101 0101 0000 0 011 0100 .... 010 11111 @msr_i 217MSR_i_TCO 1101 0101 0000 0 011 0100 .... 100 11111 @msr_i 218MSR_i_DAIFSET 1101 0101 0000 0 011 0100 .... 110 11111 @msr_i 219MSR_i_DAIFCLEAR 1101 0101 0000 0 011 0100 .... 111 11111 @msr_i 220MSR_i_ALLINT 1101 0101 0000 0 001 0100 000 imm:1 000 11111 221MSR_i_SVCR 1101 0101 0000 0 011 0100 0 mask:2 imm:1 011 11111 222 223# MRS, MSR (register), SYS, SYSL. These are all essentially the 224# same instruction as far as QEMU is concerned. 225# NB: op0 is bits [20:19], but op0=0b00 is other insns, so we have 226# to hand-decode it. 227SYS 1101 0101 00 l:1 01 op1:3 crn:4 crm:4 op2:3 rt:5 op0=1 228SYS 1101 0101 00 l:1 10 op1:3 crn:4 crm:4 op2:3 rt:5 op0=2 229SYS 1101 0101 00 l:1 11 op1:3 crn:4 crm:4 op2:3 rt:5 op0=3 230 231# Exception generation 232 233@i16 .... .... ... imm:16 ... .. &i 234SVC 1101 0100 000 ................ 000 01 @i16 235HVC 1101 0100 000 ................ 000 10 @i16 236SMC 1101 0100 000 ................ 000 11 @i16 237BRK 1101 0100 001 ................ 000 00 @i16 238HLT 1101 0100 010 ................ 000 00 @i16 239# These insns always UNDEF unless in halting debug state, which 240# we don't implement. So we don't need to decode them. The patterns 241# are listed here as documentation. 242# DCPS1 1101 0100 101 ................ 000 01 @i16 243# DCPS2 1101 0100 101 ................ 000 10 @i16 244# DCPS3 1101 0100 101 ................ 000 11 @i16 245 246# Loads and stores 247 248&stxr rn rt rt2 rs sz lasr 249&stlr rn rt sz lasr 250@stxr sz:2 ...... ... rs:5 lasr:1 rt2:5 rn:5 rt:5 &stxr 251@stlr sz:2 ...... ... ..... lasr:1 ..... rn:5 rt:5 &stlr 252%imm1_30_p2 30:1 !function=plus_2 253@stxp .. ...... ... rs:5 lasr:1 rt2:5 rn:5 rt:5 &stxr sz=%imm1_30_p2 254STXR .. 001000 000 ..... . ..... ..... ..... @stxr # inc STLXR 255LDXR .. 001000 010 ..... . ..... ..... ..... @stxr # inc LDAXR 256STLR .. 001000 100 11111 . 11111 ..... ..... @stlr # inc STLLR 257LDAR .. 001000 110 11111 . 11111 ..... ..... @stlr # inc LDLAR 258 259STXP 1 . 001000 001 ..... . ..... ..... ..... @stxp # inc STLXP 260LDXP 1 . 001000 011 ..... . ..... ..... ..... @stxp # inc LDAXP 261 262# CASP, CASPA, CASPAL, CASPL (we don't decode the bits that determine 263# acquire/release semantics because QEMU's cmpxchg always has those) 264CASP 0 . 001000 0 - 1 rs:5 - 11111 rn:5 rt:5 sz=%imm1_30_p2 265# CAS, CASA, CASAL, CASL 266CAS sz:2 001000 1 - 1 rs:5 - 11111 rn:5 rt:5 267 268&ldlit rt imm sz sign 269@ldlit .. ... . .. ................... rt:5 &ldlit imm=%imm19 270 271LD_lit 00 011 0 00 ................... ..... @ldlit sz=2 sign=0 272LD_lit 01 011 0 00 ................... ..... @ldlit sz=3 sign=0 273LD_lit 10 011 0 00 ................... ..... @ldlit sz=2 sign=1 274LD_lit_v 00 011 1 00 ................... ..... @ldlit sz=2 sign=0 275LD_lit_v 01 011 1 00 ................... ..... @ldlit sz=3 sign=0 276LD_lit_v 10 011 1 00 ................... ..... @ldlit sz=4 sign=0 277 278# PRFM 279NOP 11 011 0 00 ------------------- ----- 280 281&ldstpair rt2 rt rn imm sz sign w p 282@ldstpair .. ... . ... . imm:s7 rt2:5 rn:5 rt:5 &ldstpair 283 284# STNP, LDNP: Signed offset, non-temporal hint. We don't emulate caches 285# so we ignore hints about data access patterns, and handle these like 286# plain signed offset. 287STP 00 101 0 000 0 ....... ..... ..... ..... @ldstpair sz=2 sign=0 p=0 w=0 288LDP 00 101 0 000 1 ....... ..... ..... ..... @ldstpair sz=2 sign=0 p=0 w=0 289STP 10 101 0 000 0 ....... ..... ..... ..... @ldstpair sz=3 sign=0 p=0 w=0 290LDP 10 101 0 000 1 ....... ..... ..... ..... @ldstpair sz=3 sign=0 p=0 w=0 291STP_v 00 101 1 000 0 ....... ..... ..... ..... @ldstpair sz=2 sign=0 p=0 w=0 292LDP_v 00 101 1 000 1 ....... ..... ..... ..... @ldstpair sz=2 sign=0 p=0 w=0 293STP_v 01 101 1 000 0 ....... ..... ..... ..... @ldstpair sz=3 sign=0 p=0 w=0 294LDP_v 01 101 1 000 1 ....... ..... ..... ..... @ldstpair sz=3 sign=0 p=0 w=0 295STP_v 10 101 1 000 0 ....... ..... ..... ..... @ldstpair sz=4 sign=0 p=0 w=0 296LDP_v 10 101 1 000 1 ....... ..... ..... ..... @ldstpair sz=4 sign=0 p=0 w=0 297 298# STP and LDP: post-indexed 299STP 00 101 0 001 0 ....... ..... ..... ..... @ldstpair sz=2 sign=0 p=1 w=1 300LDP 00 101 0 001 1 ....... ..... ..... ..... @ldstpair sz=2 sign=0 p=1 w=1 301LDP 01 101 0 001 1 ....... ..... ..... ..... @ldstpair sz=2 sign=1 p=1 w=1 302STP 10 101 0 001 0 ....... ..... ..... ..... @ldstpair sz=3 sign=0 p=1 w=1 303LDP 10 101 0 001 1 ....... ..... ..... ..... @ldstpair sz=3 sign=0 p=1 w=1 304STP_v 00 101 1 001 0 ....... ..... ..... ..... @ldstpair sz=2 sign=0 p=1 w=1 305LDP_v 00 101 1 001 1 ....... ..... ..... ..... @ldstpair sz=2 sign=0 p=1 w=1 306STP_v 01 101 1 001 0 ....... ..... ..... ..... @ldstpair sz=3 sign=0 p=1 w=1 307LDP_v 01 101 1 001 1 ....... ..... ..... ..... @ldstpair sz=3 sign=0 p=1 w=1 308STP_v 10 101 1 001 0 ....... ..... ..... ..... @ldstpair sz=4 sign=0 p=1 w=1 309LDP_v 10 101 1 001 1 ....... ..... ..... ..... @ldstpair sz=4 sign=0 p=1 w=1 310 311# STP and LDP: offset 312STP 00 101 0 010 0 ....... ..... ..... ..... @ldstpair sz=2 sign=0 p=0 w=0 313LDP 00 101 0 010 1 ....... ..... ..... ..... @ldstpair sz=2 sign=0 p=0 w=0 314LDP 01 101 0 010 1 ....... ..... ..... ..... @ldstpair sz=2 sign=1 p=0 w=0 315STP 10 101 0 010 0 ....... ..... ..... ..... @ldstpair sz=3 sign=0 p=0 w=0 316LDP 10 101 0 010 1 ....... ..... ..... ..... @ldstpair sz=3 sign=0 p=0 w=0 317STP_v 00 101 1 010 0 ....... ..... ..... ..... @ldstpair sz=2 sign=0 p=0 w=0 318LDP_v 00 101 1 010 1 ....... ..... ..... ..... @ldstpair sz=2 sign=0 p=0 w=0 319STP_v 01 101 1 010 0 ....... ..... ..... ..... @ldstpair sz=3 sign=0 p=0 w=0 320LDP_v 01 101 1 010 1 ....... ..... ..... ..... @ldstpair sz=3 sign=0 p=0 w=0 321STP_v 10 101 1 010 0 ....... ..... ..... ..... @ldstpair sz=4 sign=0 p=0 w=0 322LDP_v 10 101 1 010 1 ....... ..... ..... ..... @ldstpair sz=4 sign=0 p=0 w=0 323 324# STP and LDP: pre-indexed 325STP 00 101 0 011 0 ....... ..... ..... ..... @ldstpair sz=2 sign=0 p=0 w=1 326LDP 00 101 0 011 1 ....... ..... ..... ..... @ldstpair sz=2 sign=0 p=0 w=1 327LDP 01 101 0 011 1 ....... ..... ..... ..... @ldstpair sz=2 sign=1 p=0 w=1 328STP 10 101 0 011 0 ....... ..... ..... ..... @ldstpair sz=3 sign=0 p=0 w=1 329LDP 10 101 0 011 1 ....... ..... ..... ..... @ldstpair sz=3 sign=0 p=0 w=1 330STP_v 00 101 1 011 0 ....... ..... ..... ..... @ldstpair sz=2 sign=0 p=0 w=1 331LDP_v 00 101 1 011 1 ....... ..... ..... ..... @ldstpair sz=2 sign=0 p=0 w=1 332STP_v 01 101 1 011 0 ....... ..... ..... ..... @ldstpair sz=3 sign=0 p=0 w=1 333LDP_v 01 101 1 011 1 ....... ..... ..... ..... @ldstpair sz=3 sign=0 p=0 w=1 334STP_v 10 101 1 011 0 ....... ..... ..... ..... @ldstpair sz=4 sign=0 p=0 w=1 335LDP_v 10 101 1 011 1 ....... ..... ..... ..... @ldstpair sz=4 sign=0 p=0 w=1 336 337# STGP: store tag and pair 338STGP 01 101 0 001 0 ....... ..... ..... ..... @ldstpair sz=3 sign=0 p=1 w=1 339STGP 01 101 0 010 0 ....... ..... ..... ..... @ldstpair sz=3 sign=0 p=0 w=0 340STGP 01 101 0 011 0 ....... ..... ..... ..... @ldstpair sz=3 sign=0 p=0 w=1 341 342# Load/store register (unscaled immediate) 343&ldst_imm rt rn imm sz sign w p unpriv ext 344@ldst_imm .. ... . .. .. . imm:s9 .. rn:5 rt:5 &ldst_imm unpriv=0 p=0 w=0 345@ldst_imm_pre .. ... . .. .. . imm:s9 .. rn:5 rt:5 &ldst_imm unpriv=0 p=0 w=1 346@ldst_imm_post .. ... . .. .. . imm:s9 .. rn:5 rt:5 &ldst_imm unpriv=0 p=1 w=1 347@ldst_imm_user .. ... . .. .. . imm:s9 .. rn:5 rt:5 &ldst_imm unpriv=1 p=0 w=0 348 349STR_i sz:2 111 0 00 00 0 ......... 00 ..... ..... @ldst_imm sign=0 ext=0 350LDR_i 00 111 0 00 01 0 ......... 00 ..... ..... @ldst_imm sign=0 ext=1 sz=0 351LDR_i 01 111 0 00 01 0 ......... 00 ..... ..... @ldst_imm sign=0 ext=1 sz=1 352LDR_i 10 111 0 00 01 0 ......... 00 ..... ..... @ldst_imm sign=0 ext=1 sz=2 353LDR_i 11 111 0 00 01 0 ......... 00 ..... ..... @ldst_imm sign=0 ext=0 sz=3 354LDR_i 00 111 0 00 10 0 ......... 00 ..... ..... @ldst_imm sign=1 ext=0 sz=0 355LDR_i 01 111 0 00 10 0 ......... 00 ..... ..... @ldst_imm sign=1 ext=0 sz=1 356LDR_i 10 111 0 00 10 0 ......... 00 ..... ..... @ldst_imm sign=1 ext=0 sz=2 357LDR_i 00 111 0 00 11 0 ......... 00 ..... ..... @ldst_imm sign=1 ext=1 sz=0 358LDR_i 01 111 0 00 11 0 ......... 00 ..... ..... @ldst_imm sign=1 ext=1 sz=1 359 360STR_i sz:2 111 0 00 00 0 ......... 01 ..... ..... @ldst_imm_post sign=0 ext=0 361LDR_i 00 111 0 00 01 0 ......... 01 ..... ..... @ldst_imm_post sign=0 ext=1 sz=0 362LDR_i 01 111 0 00 01 0 ......... 01 ..... ..... @ldst_imm_post sign=0 ext=1 sz=1 363LDR_i 10 111 0 00 01 0 ......... 01 ..... ..... @ldst_imm_post sign=0 ext=1 sz=2 364LDR_i 11 111 0 00 01 0 ......... 01 ..... ..... @ldst_imm_post sign=0 ext=0 sz=3 365LDR_i 00 111 0 00 10 0 ......... 01 ..... ..... @ldst_imm_post sign=1 ext=0 sz=0 366LDR_i 01 111 0 00 10 0 ......... 01 ..... ..... @ldst_imm_post sign=1 ext=0 sz=1 367LDR_i 10 111 0 00 10 0 ......... 01 ..... ..... @ldst_imm_post sign=1 ext=0 sz=2 368LDR_i 00 111 0 00 11 0 ......... 01 ..... ..... @ldst_imm_post sign=1 ext=1 sz=0 369LDR_i 01 111 0 00 11 0 ......... 01 ..... ..... @ldst_imm_post sign=1 ext=1 sz=1 370 371STR_i sz:2 111 0 00 00 0 ......... 10 ..... ..... @ldst_imm_user sign=0 ext=0 372LDR_i 00 111 0 00 01 0 ......... 10 ..... ..... @ldst_imm_user sign=0 ext=1 sz=0 373LDR_i 01 111 0 00 01 0 ......... 10 ..... ..... @ldst_imm_user sign=0 ext=1 sz=1 374LDR_i 10 111 0 00 01 0 ......... 10 ..... ..... @ldst_imm_user sign=0 ext=1 sz=2 375LDR_i 11 111 0 00 01 0 ......... 10 ..... ..... @ldst_imm_user sign=0 ext=0 sz=3 376LDR_i 00 111 0 00 10 0 ......... 10 ..... ..... @ldst_imm_user sign=1 ext=0 sz=0 377LDR_i 01 111 0 00 10 0 ......... 10 ..... ..... @ldst_imm_user sign=1 ext=0 sz=1 378LDR_i 10 111 0 00 10 0 ......... 10 ..... ..... @ldst_imm_user sign=1 ext=0 sz=2 379LDR_i 00 111 0 00 11 0 ......... 10 ..... ..... @ldst_imm_user sign=1 ext=1 sz=0 380LDR_i 01 111 0 00 11 0 ......... 10 ..... ..... @ldst_imm_user sign=1 ext=1 sz=1 381 382STR_i sz:2 111 0 00 00 0 ......... 11 ..... ..... @ldst_imm_pre sign=0 ext=0 383LDR_i 00 111 0 00 01 0 ......... 11 ..... ..... @ldst_imm_pre sign=0 ext=1 sz=0 384LDR_i 01 111 0 00 01 0 ......... 11 ..... ..... @ldst_imm_pre sign=0 ext=1 sz=1 385LDR_i 10 111 0 00 01 0 ......... 11 ..... ..... @ldst_imm_pre sign=0 ext=1 sz=2 386LDR_i 11 111 0 00 01 0 ......... 11 ..... ..... @ldst_imm_pre sign=0 ext=0 sz=3 387LDR_i 00 111 0 00 10 0 ......... 11 ..... ..... @ldst_imm_pre sign=1 ext=0 sz=0 388LDR_i 01 111 0 00 10 0 ......... 11 ..... ..... @ldst_imm_pre sign=1 ext=0 sz=1 389LDR_i 10 111 0 00 10 0 ......... 11 ..... ..... @ldst_imm_pre sign=1 ext=0 sz=2 390LDR_i 00 111 0 00 11 0 ......... 11 ..... ..... @ldst_imm_pre sign=1 ext=1 sz=0 391LDR_i 01 111 0 00 11 0 ......... 11 ..... ..... @ldst_imm_pre sign=1 ext=1 sz=1 392 393# PRFM : prefetch memory: a no-op for QEMU 394NOP 11 111 0 00 10 0 --------- 00 ----- ----- 395 396STR_v_i sz:2 111 1 00 00 0 ......... 00 ..... ..... @ldst_imm sign=0 ext=0 397STR_v_i 00 111 1 00 10 0 ......... 00 ..... ..... @ldst_imm sign=0 ext=0 sz=4 398LDR_v_i sz:2 111 1 00 01 0 ......... 00 ..... ..... @ldst_imm sign=0 ext=0 399LDR_v_i 00 111 1 00 11 0 ......... 00 ..... ..... @ldst_imm sign=0 ext=0 sz=4 400 401STR_v_i sz:2 111 1 00 00 0 ......... 01 ..... ..... @ldst_imm_post sign=0 ext=0 402STR_v_i 00 111 1 00 10 0 ......... 01 ..... ..... @ldst_imm_post sign=0 ext=0 sz=4 403LDR_v_i sz:2 111 1 00 01 0 ......... 01 ..... ..... @ldst_imm_post sign=0 ext=0 404LDR_v_i 00 111 1 00 11 0 ......... 01 ..... ..... @ldst_imm_post sign=0 ext=0 sz=4 405 406STR_v_i sz:2 111 1 00 00 0 ......... 11 ..... ..... @ldst_imm_pre sign=0 ext=0 407STR_v_i 00 111 1 00 10 0 ......... 11 ..... ..... @ldst_imm_pre sign=0 ext=0 sz=4 408LDR_v_i sz:2 111 1 00 01 0 ......... 11 ..... ..... @ldst_imm_pre sign=0 ext=0 409LDR_v_i 00 111 1 00 11 0 ......... 11 ..... ..... @ldst_imm_pre sign=0 ext=0 sz=4 410 411# Load/store with an unsigned 12 bit immediate, which is scaled by the 412# element size. The function gets the sz:imm and returns the scaled immediate. 413%uimm_scaled 10:12 sz:3 !function=uimm_scaled 414 415@ldst_uimm .. ... . .. .. ............ rn:5 rt:5 &ldst_imm unpriv=0 p=0 w=0 imm=%uimm_scaled 416 417STR_i sz:2 111 0 01 00 ............ ..... ..... @ldst_uimm sign=0 ext=0 418LDR_i 00 111 0 01 01 ............ ..... ..... @ldst_uimm sign=0 ext=1 sz=0 419LDR_i 01 111 0 01 01 ............ ..... ..... @ldst_uimm sign=0 ext=1 sz=1 420LDR_i 10 111 0 01 01 ............ ..... ..... @ldst_uimm sign=0 ext=1 sz=2 421LDR_i 11 111 0 01 01 ............ ..... ..... @ldst_uimm sign=0 ext=0 sz=3 422LDR_i 00 111 0 01 10 ............ ..... ..... @ldst_uimm sign=1 ext=0 sz=0 423LDR_i 01 111 0 01 10 ............ ..... ..... @ldst_uimm sign=1 ext=0 sz=1 424LDR_i 10 111 0 01 10 ............ ..... ..... @ldst_uimm sign=1 ext=0 sz=2 425LDR_i 00 111 0 01 11 ............ ..... ..... @ldst_uimm sign=1 ext=1 sz=0 426LDR_i 01 111 0 01 11 ............ ..... ..... @ldst_uimm sign=1 ext=1 sz=1 427 428# PRFM 429NOP 11 111 0 01 10 ------------ ----- ----- 430 431STR_v_i sz:2 111 1 01 00 ............ ..... ..... @ldst_uimm sign=0 ext=0 432STR_v_i 00 111 1 01 10 ............ ..... ..... @ldst_uimm sign=0 ext=0 sz=4 433LDR_v_i sz:2 111 1 01 01 ............ ..... ..... @ldst_uimm sign=0 ext=0 434LDR_v_i 00 111 1 01 11 ............ ..... ..... @ldst_uimm sign=0 ext=0 sz=4 435 436# Load/store with register offset 437&ldst rm rn rt sign ext sz opt s 438@ldst .. ... . .. .. . rm:5 opt:3 s:1 .. rn:5 rt:5 &ldst 439STR sz:2 111 0 00 00 1 ..... ... . 10 ..... ..... @ldst sign=0 ext=0 440LDR 00 111 0 00 01 1 ..... ... . 10 ..... ..... @ldst sign=0 ext=1 sz=0 441LDR 01 111 0 00 01 1 ..... ... . 10 ..... ..... @ldst sign=0 ext=1 sz=1 442LDR 10 111 0 00 01 1 ..... ... . 10 ..... ..... @ldst sign=0 ext=1 sz=2 443LDR 11 111 0 00 01 1 ..... ... . 10 ..... ..... @ldst sign=0 ext=0 sz=3 444LDR 00 111 0 00 10 1 ..... ... . 10 ..... ..... @ldst sign=1 ext=0 sz=0 445LDR 01 111 0 00 10 1 ..... ... . 10 ..... ..... @ldst sign=1 ext=0 sz=1 446LDR 10 111 0 00 10 1 ..... ... . 10 ..... ..... @ldst sign=1 ext=0 sz=2 447LDR 00 111 0 00 11 1 ..... ... . 10 ..... ..... @ldst sign=1 ext=1 sz=0 448LDR 01 111 0 00 11 1 ..... ... . 10 ..... ..... @ldst sign=1 ext=1 sz=1 449 450# PRFM 451NOP 11 111 0 00 10 1 ----- -1- - 10 ----- ----- 452 453STR_v sz:2 111 1 00 00 1 ..... ... . 10 ..... ..... @ldst sign=0 ext=0 454STR_v 00 111 1 00 10 1 ..... ... . 10 ..... ..... @ldst sign=0 ext=0 sz=4 455LDR_v sz:2 111 1 00 01 1 ..... ... . 10 ..... ..... @ldst sign=0 ext=0 456LDR_v 00 111 1 00 11 1 ..... ... . 10 ..... ..... @ldst sign=0 ext=0 sz=4 457 458# Atomic memory operations 459&atomic rs rn rt a r sz 460@atomic sz:2 ... . .. a:1 r:1 . rs:5 . ... .. rn:5 rt:5 &atomic 461LDADD .. 111 0 00 . . 1 ..... 0000 00 ..... ..... @atomic 462LDCLR .. 111 0 00 . . 1 ..... 0001 00 ..... ..... @atomic 463LDEOR .. 111 0 00 . . 1 ..... 0010 00 ..... ..... @atomic 464LDSET .. 111 0 00 . . 1 ..... 0011 00 ..... ..... @atomic 465LDSMAX .. 111 0 00 . . 1 ..... 0100 00 ..... ..... @atomic 466LDSMIN .. 111 0 00 . . 1 ..... 0101 00 ..... ..... @atomic 467LDUMAX .. 111 0 00 . . 1 ..... 0110 00 ..... ..... @atomic 468LDUMIN .. 111 0 00 . . 1 ..... 0111 00 ..... ..... @atomic 469SWP .. 111 0 00 . . 1 ..... 1000 00 ..... ..... @atomic 470 471LDAPR sz:2 111 0 00 1 0 1 11111 1100 00 rn:5 rt:5 472 473# Load/store register (pointer authentication) 474 475# LDRA immediate is 10 bits signed and scaled, but the bits aren't all contiguous 476%ldra_imm 22:s1 12:9 !function=times_8 477 478LDRA 11 111 0 00 m:1 . 1 ......... w:1 1 rn:5 rt:5 imm=%ldra_imm 479 480&ldapr_stlr_i rn rt imm sz sign ext 481@ldapr_stlr_i .. ...... .. . imm:9 .. rn:5 rt:5 &ldapr_stlr_i 482STLR_i sz:2 011001 00 0 ......... 00 ..... ..... @ldapr_stlr_i sign=0 ext=0 483LDAPR_i sz:2 011001 01 0 ......... 00 ..... ..... @ldapr_stlr_i sign=0 ext=0 484LDAPR_i 00 011001 10 0 ......... 00 ..... ..... @ldapr_stlr_i sign=1 ext=0 sz=0 485LDAPR_i 01 011001 10 0 ......... 00 ..... ..... @ldapr_stlr_i sign=1 ext=0 sz=1 486LDAPR_i 10 011001 10 0 ......... 00 ..... ..... @ldapr_stlr_i sign=1 ext=0 sz=2 487LDAPR_i 00 011001 11 0 ......... 00 ..... ..... @ldapr_stlr_i sign=1 ext=1 sz=0 488LDAPR_i 01 011001 11 0 ......... 00 ..... ..... @ldapr_stlr_i sign=1 ext=1 sz=1 489 490# Load/store multiple structures 491# The 4-bit opcode in [15:12] encodes repeat count and structure elements 492&ldst_mult rm rn rt sz q p rpt selem 493@ldst_mult . q:1 ...... p:1 . . rm:5 .... sz:2 rn:5 rt:5 &ldst_mult 494ST_mult 0 . 001100 . 0 0 ..... 0000 .. ..... ..... @ldst_mult rpt=1 selem=4 495ST_mult 0 . 001100 . 0 0 ..... 0010 .. ..... ..... @ldst_mult rpt=4 selem=1 496ST_mult 0 . 001100 . 0 0 ..... 0100 .. ..... ..... @ldst_mult rpt=1 selem=3 497ST_mult 0 . 001100 . 0 0 ..... 0110 .. ..... ..... @ldst_mult rpt=3 selem=1 498ST_mult 0 . 001100 . 0 0 ..... 0111 .. ..... ..... @ldst_mult rpt=1 selem=1 499ST_mult 0 . 001100 . 0 0 ..... 1000 .. ..... ..... @ldst_mult rpt=1 selem=2 500ST_mult 0 . 001100 . 0 0 ..... 1010 .. ..... ..... @ldst_mult rpt=2 selem=1 501 502LD_mult 0 . 001100 . 1 0 ..... 0000 .. ..... ..... @ldst_mult rpt=1 selem=4 503LD_mult 0 . 001100 . 1 0 ..... 0010 .. ..... ..... @ldst_mult rpt=4 selem=1 504LD_mult 0 . 001100 . 1 0 ..... 0100 .. ..... ..... @ldst_mult rpt=1 selem=3 505LD_mult 0 . 001100 . 1 0 ..... 0110 .. ..... ..... @ldst_mult rpt=3 selem=1 506LD_mult 0 . 001100 . 1 0 ..... 0111 .. ..... ..... @ldst_mult rpt=1 selem=1 507LD_mult 0 . 001100 . 1 0 ..... 1000 .. ..... ..... @ldst_mult rpt=1 selem=2 508LD_mult 0 . 001100 . 1 0 ..... 1010 .. ..... ..... @ldst_mult rpt=2 selem=1 509 510# Load/store single structure 511&ldst_single rm rn rt p selem index scale 512 513%ldst_single_selem 13:1 21:1 !function=plus_1 514 515%ldst_single_index_b 30:1 10:3 516%ldst_single_index_h 30:1 11:2 517%ldst_single_index_s 30:1 12:1 518 519@ldst_single_b .. ...... p:1 .. rm:5 ...... rn:5 rt:5 \ 520 &ldst_single scale=0 selem=%ldst_single_selem \ 521 index=%ldst_single_index_b 522@ldst_single_h .. ...... p:1 .. rm:5 ...... rn:5 rt:5 \ 523 &ldst_single scale=1 selem=%ldst_single_selem \ 524 index=%ldst_single_index_h 525@ldst_single_s .. ...... p:1 .. rm:5 ...... rn:5 rt:5 \ 526 &ldst_single scale=2 selem=%ldst_single_selem \ 527 index=%ldst_single_index_s 528@ldst_single_d . index:1 ...... p:1 .. rm:5 ...... rn:5 rt:5 \ 529 &ldst_single scale=3 selem=%ldst_single_selem 530 531ST_single 0 . 001101 . 0 . ..... 00 . ... ..... ..... @ldst_single_b 532ST_single 0 . 001101 . 0 . ..... 01 . ..0 ..... ..... @ldst_single_h 533ST_single 0 . 001101 . 0 . ..... 10 . .00 ..... ..... @ldst_single_s 534ST_single 0 . 001101 . 0 . ..... 10 . 001 ..... ..... @ldst_single_d 535 536LD_single 0 . 001101 . 1 . ..... 00 . ... ..... ..... @ldst_single_b 537LD_single 0 . 001101 . 1 . ..... 01 . ..0 ..... ..... @ldst_single_h 538LD_single 0 . 001101 . 1 . ..... 10 . .00 ..... ..... @ldst_single_s 539LD_single 0 . 001101 . 1 . ..... 10 . 001 ..... ..... @ldst_single_d 540 541# Replicating load case 542LD_single_repl 0 q:1 001101 p:1 1 . rm:5 11 . 0 scale:2 rn:5 rt:5 selem=%ldst_single_selem 543 544%tag_offset 12:s9 !function=scale_by_log2_tag_granule 545&ldst_tag rn rt imm p w 546@ldst_tag ........ .. . ......... .. rn:5 rt:5 &ldst_tag imm=%tag_offset 547@ldst_tag_mult ........ .. . 000000000 .. rn:5 rt:5 &ldst_tag imm=0 548 549STZGM 11011001 00 1 ......... 00 ..... ..... @ldst_tag_mult p=0 w=0 550STG 11011001 00 1 ......... 01 ..... ..... @ldst_tag p=1 w=1 551STG 11011001 00 1 ......... 10 ..... ..... @ldst_tag p=0 w=0 552STG 11011001 00 1 ......... 11 ..... ..... @ldst_tag p=0 w=1 553 554LDG 11011001 01 1 ......... 00 ..... ..... @ldst_tag p=0 w=0 555STZG 11011001 01 1 ......... 01 ..... ..... @ldst_tag p=1 w=1 556STZG 11011001 01 1 ......... 10 ..... ..... @ldst_tag p=0 w=0 557STZG 11011001 01 1 ......... 11 ..... ..... @ldst_tag p=0 w=1 558 559STGM 11011001 10 1 ......... 00 ..... ..... @ldst_tag_mult p=0 w=0 560ST2G 11011001 10 1 ......... 01 ..... ..... @ldst_tag p=1 w=1 561ST2G 11011001 10 1 ......... 10 ..... ..... @ldst_tag p=0 w=0 562ST2G 11011001 10 1 ......... 11 ..... ..... @ldst_tag p=0 w=1 563 564LDGM 11011001 11 1 ......... 00 ..... ..... @ldst_tag_mult p=0 w=0 565STZ2G 11011001 11 1 ......... 01 ..... ..... @ldst_tag p=1 w=1 566STZ2G 11011001 11 1 ......... 10 ..... ..... @ldst_tag p=0 w=0 567STZ2G 11011001 11 1 ......... 11 ..... ..... @ldst_tag p=0 w=1 568 569# Memory operations (memset, memcpy, memmove) 570# Each of these comes in a set of three, eg SETP (prologue), SETM (main), 571# SETE (epilogue), and each of those has different flavours to 572# indicate whether memory accesses should be unpriv or non-temporal. 573# We don't distinguish temporal and non-temporal accesses, but we 574# do need to report it in syndrome register values. 575 576# Memset 577&set rs rn rd unpriv nontemp 578# op2 bit 1 is nontemporal bit 579@set .. ......... rs:5 .. nontemp:1 unpriv:1 .. rn:5 rd:5 &set 580 581SETP 00 011001110 ..... 00 . . 01 ..... ..... @set 582SETM 00 011001110 ..... 01 . . 01 ..... ..... @set 583SETE 00 011001110 ..... 10 . . 01 ..... ..... @set 584 585# Like SET, but also setting MTE tags 586SETGP 00 011101110 ..... 00 . . 01 ..... ..... @set 587SETGM 00 011101110 ..... 01 . . 01 ..... ..... @set 588SETGE 00 011101110 ..... 10 . . 01 ..... ..... @set 589 590# Memmove/Memcopy: the CPY insns allow overlapping src/dest and 591# copy in the correct direction; the CPYF insns always copy forwards. 592# 593# options has the nontemporal and unpriv bits for src and dest 594&cpy rs rn rd options 595@cpy .. ... . ..... rs:5 options:4 .. rn:5 rd:5 &cpy 596 597CPYFP 00 011 0 01000 ..... .... 01 ..... ..... @cpy 598CPYFM 00 011 0 01010 ..... .... 01 ..... ..... @cpy 599CPYFE 00 011 0 01100 ..... .... 01 ..... ..... @cpy 600CPYP 00 011 1 01000 ..... .... 01 ..... ..... @cpy 601CPYM 00 011 1 01010 ..... .... 01 ..... ..... @cpy 602CPYE 00 011 1 01100 ..... .... 01 ..... ..... @cpy 603 604### Cryptographic AES 605 606AESE 01001110 00 10100 00100 10 ..... ..... @r2r_q1e0 607AESD 01001110 00 10100 00101 10 ..... ..... @r2r_q1e0 608AESMC 01001110 00 10100 00110 10 ..... ..... @rr_q1e0 609AESIMC 01001110 00 10100 00111 10 ..... ..... @rr_q1e0 610 611### Cryptographic three-register SHA 612 613SHA1C 0101 1110 000 ..... 000000 ..... ..... @rrr_q1e0 614SHA1P 0101 1110 000 ..... 000100 ..... ..... @rrr_q1e0 615SHA1M 0101 1110 000 ..... 001000 ..... ..... @rrr_q1e0 616SHA1SU0 0101 1110 000 ..... 001100 ..... ..... @rrr_q1e0 617SHA256H 0101 1110 000 ..... 010000 ..... ..... @rrr_q1e0 618SHA256H2 0101 1110 000 ..... 010100 ..... ..... @rrr_q1e0 619SHA256SU1 0101 1110 000 ..... 011000 ..... ..... @rrr_q1e0 620 621### Cryptographic two-register SHA 622 623SHA1H 0101 1110 0010 1000 0000 10 ..... ..... @rr_q1e0 624SHA1SU1 0101 1110 0010 1000 0001 10 ..... ..... @rr_q1e0 625SHA256SU0 0101 1110 0010 1000 0010 10 ..... ..... @rr_q1e0 626 627### Cryptographic three-register SHA512 628 629SHA512H 1100 1110 011 ..... 100000 ..... ..... @rrr_q1e0 630SHA512H2 1100 1110 011 ..... 100001 ..... ..... @rrr_q1e0 631SHA512SU1 1100 1110 011 ..... 100010 ..... ..... @rrr_q1e0 632RAX1 1100 1110 011 ..... 100011 ..... ..... @rrr_q1e3 633SM3PARTW1 1100 1110 011 ..... 110000 ..... ..... @rrr_q1e0 634SM3PARTW2 1100 1110 011 ..... 110001 ..... ..... @rrr_q1e0 635SM4EKEY 1100 1110 011 ..... 110010 ..... ..... @rrr_q1e0 636 637### Cryptographic two-register SHA512 638 639SHA512SU0 1100 1110 110 00000 100000 ..... ..... @rr_q1e0 640SM4E 1100 1110 110 00000 100001 ..... ..... @r2r_q1e0 641 642### Cryptographic four-register 643 644EOR3 1100 1110 000 ..... 0 ..... ..... ..... @rrrr_q1e3 645BCAX 1100 1110 001 ..... 0 ..... ..... ..... @rrrr_q1e3 646SM3SS1 1100 1110 010 ..... 0 ..... ..... ..... @rrrr_q1e3 647 648### Cryptographic three-register, imm2 649 650&crypto3i rd rn rm imm 651@crypto3i ........ ... rm:5 .. imm:2 .. rn:5 rd:5 &crypto3i 652 653SM3TT1A 11001110 010 ..... 10 .. 00 ..... ..... @crypto3i 654SM3TT1B 11001110 010 ..... 10 .. 01 ..... ..... @crypto3i 655SM3TT2A 11001110 010 ..... 10 .. 10 ..... ..... @crypto3i 656SM3TT2B 11001110 010 ..... 10 .. 11 ..... ..... @crypto3i 657 658### Cryptographic XAR 659 660XAR 1100 1110 100 rm:5 imm:6 rn:5 rd:5 661 662### Advanced SIMD scalar copy 663 664DUP_element_s 0101 1110 000 imm:5 0 0000 1 rn:5 rd:5 665 666### Advanced SIMD copy 667 668DUP_element_v 0 q:1 00 1110 000 imm:5 0 0000 1 rn:5 rd:5 669DUP_general 0 q:1 00 1110 000 imm:5 0 0001 1 rn:5 rd:5 670INS_general 0 1 00 1110 000 imm:5 0 0011 1 rn:5 rd:5 671SMOV 0 q:1 00 1110 000 imm:5 0 0101 1 rn:5 rd:5 672UMOV 0 q:1 00 1110 000 imm:5 0 0111 1 rn:5 rd:5 673INS_element 0 1 10 1110 000 di:5 0 si:4 1 rn:5 rd:5 674