1 /* 2 * QEMU AVR CPU 3 * 4 * Copyright (c) 2019-2020 Michael Rolnik 5 * 6 * This library is free software; you can redistribute it and/or 7 * modify it under the terms of the GNU Lesser General Public 8 * License as published by the Free Software Foundation; either 9 * version 2.1 of the License, or (at your option) any later version. 10 * 11 * This library is distributed in the hope that it will be useful, 12 * but WITHOUT ANY WARRANTY; without even the implied warranty of 13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 14 * Lesser General Public License for more details. 15 * 16 * You should have received a copy of the GNU Lesser General Public 17 * License along with this library; if not, see 18 * <http://www.gnu.org/licenses/lgpl-2.1.html> 19 */ 20 21 #include "qemu/osdep.h" 22 #include "qemu/qemu-print.h" 23 #include "tcg/tcg.h" 24 #include "cpu.h" 25 #include "exec/exec-all.h" 26 #include "tcg/tcg-op.h" 27 #include "exec/cpu_ldst.h" 28 #include "exec/helper-proto.h" 29 #include "exec/helper-gen.h" 30 #include "exec/log.h" 31 #include "exec/translator.h" 32 #include "exec/gen-icount.h" 33 34 /* 35 * Define if you want a BREAK instruction translated to a breakpoint 36 * Active debugging connection is assumed 37 * This is for 38 * https://github.com/seharris/qemu-avr-tests/tree/master/instruction-tests 39 * tests 40 */ 41 #undef BREAKPOINT_ON_BREAK 42 43 static TCGv cpu_pc; 44 45 static TCGv cpu_Cf; 46 static TCGv cpu_Zf; 47 static TCGv cpu_Nf; 48 static TCGv cpu_Vf; 49 static TCGv cpu_Sf; 50 static TCGv cpu_Hf; 51 static TCGv cpu_Tf; 52 static TCGv cpu_If; 53 54 static TCGv cpu_rampD; 55 static TCGv cpu_rampX; 56 static TCGv cpu_rampY; 57 static TCGv cpu_rampZ; 58 59 static TCGv cpu_r[NUMBER_OF_CPU_REGISTERS]; 60 static TCGv cpu_eind; 61 static TCGv cpu_sp; 62 63 static TCGv cpu_skip; 64 65 static const char reg_names[NUMBER_OF_CPU_REGISTERS][8] = { 66 "r0", "r1", "r2", "r3", "r4", "r5", "r6", "r7", 67 "r8", "r9", "r10", "r11", "r12", "r13", "r14", "r15", 68 "r16", "r17", "r18", "r19", "r20", "r21", "r22", "r23", 69 "r24", "r25", "r26", "r27", "r28", "r29", "r30", "r31", 70 }; 71 #define REG(x) (cpu_r[x]) 72 73 enum { 74 DISAS_EXIT = DISAS_TARGET_0, /* We want return to the cpu main loop. */ 75 DISAS_LOOKUP = DISAS_TARGET_1, /* We have a variable condition exit. */ 76 DISAS_CHAIN = DISAS_TARGET_2, /* We have a single condition exit. */ 77 }; 78 79 typedef struct DisasContext DisasContext; 80 81 /* This is the state at translation time. */ 82 struct DisasContext { 83 DisasContextBase base; 84 85 CPUAVRState *env; 86 CPUState *cs; 87 88 target_long npc; 89 uint32_t opcode; 90 91 /* Routine used to access memory */ 92 int memidx; 93 94 /* 95 * some AVR instructions can make the following instruction to be skipped 96 * Let's name those instructions 97 * A - instruction that can skip the next one 98 * B - instruction that can be skipped. this depends on execution of A 99 * there are two scenarios 100 * 1. A and B belong to the same translation block 101 * 2. A is the last instruction in the translation block and B is the last 102 * 103 * following variables are used to simplify the skipping logic, they are 104 * used in the following manner (sketch) 105 * 106 * TCGLabel *skip_label = NULL; 107 * if (ctx->skip_cond != TCG_COND_NEVER) { 108 * skip_label = gen_new_label(); 109 * tcg_gen_brcond_tl(skip_cond, skip_var0, skip_var1, skip_label); 110 * } 111 * 112 * if (free_skip_var0) { 113 * tcg_temp_free(skip_var0); 114 * free_skip_var0 = false; 115 * } 116 * 117 * translate(ctx); 118 * 119 * if (skip_label) { 120 * gen_set_label(skip_label); 121 * } 122 */ 123 TCGv skip_var0; 124 TCGv skip_var1; 125 TCGCond skip_cond; 126 bool free_skip_var0; 127 }; 128 129 void avr_cpu_tcg_init(void) 130 { 131 int i; 132 133 #define AVR_REG_OFFS(x) offsetof(CPUAVRState, x) 134 cpu_pc = tcg_global_mem_new_i32(cpu_env, AVR_REG_OFFS(pc_w), "pc"); 135 cpu_Cf = tcg_global_mem_new_i32(cpu_env, AVR_REG_OFFS(sregC), "Cf"); 136 cpu_Zf = tcg_global_mem_new_i32(cpu_env, AVR_REG_OFFS(sregZ), "Zf"); 137 cpu_Nf = tcg_global_mem_new_i32(cpu_env, AVR_REG_OFFS(sregN), "Nf"); 138 cpu_Vf = tcg_global_mem_new_i32(cpu_env, AVR_REG_OFFS(sregV), "Vf"); 139 cpu_Sf = tcg_global_mem_new_i32(cpu_env, AVR_REG_OFFS(sregS), "Sf"); 140 cpu_Hf = tcg_global_mem_new_i32(cpu_env, AVR_REG_OFFS(sregH), "Hf"); 141 cpu_Tf = tcg_global_mem_new_i32(cpu_env, AVR_REG_OFFS(sregT), "Tf"); 142 cpu_If = tcg_global_mem_new_i32(cpu_env, AVR_REG_OFFS(sregI), "If"); 143 cpu_rampD = tcg_global_mem_new_i32(cpu_env, AVR_REG_OFFS(rampD), "rampD"); 144 cpu_rampX = tcg_global_mem_new_i32(cpu_env, AVR_REG_OFFS(rampX), "rampX"); 145 cpu_rampY = tcg_global_mem_new_i32(cpu_env, AVR_REG_OFFS(rampY), "rampY"); 146 cpu_rampZ = tcg_global_mem_new_i32(cpu_env, AVR_REG_OFFS(rampZ), "rampZ"); 147 cpu_eind = tcg_global_mem_new_i32(cpu_env, AVR_REG_OFFS(eind), "eind"); 148 cpu_sp = tcg_global_mem_new_i32(cpu_env, AVR_REG_OFFS(sp), "sp"); 149 cpu_skip = tcg_global_mem_new_i32(cpu_env, AVR_REG_OFFS(skip), "skip"); 150 151 for (i = 0; i < NUMBER_OF_CPU_REGISTERS; i++) { 152 cpu_r[i] = tcg_global_mem_new_i32(cpu_env, AVR_REG_OFFS(r[i]), 153 reg_names[i]); 154 } 155 #undef AVR_REG_OFFS 156 } 157 158 static int to_regs_16_31_by_one(DisasContext *ctx, int indx) 159 { 160 return 16 + (indx % 16); 161 } 162 163 static int to_regs_16_23_by_one(DisasContext *ctx, int indx) 164 { 165 return 16 + (indx % 8); 166 } 167 168 static int to_regs_24_30_by_two(DisasContext *ctx, int indx) 169 { 170 return 24 + (indx % 4) * 2; 171 } 172 173 static int to_regs_00_30_by_two(DisasContext *ctx, int indx) 174 { 175 return (indx % 16) * 2; 176 } 177 178 static uint16_t next_word(DisasContext *ctx) 179 { 180 return cpu_lduw_code(ctx->env, ctx->npc++ * 2); 181 } 182 183 static int append_16(DisasContext *ctx, int x) 184 { 185 return x << 16 | next_word(ctx); 186 } 187 188 static bool avr_have_feature(DisasContext *ctx, int feature) 189 { 190 if (!avr_feature(ctx->env, feature)) { 191 gen_helper_unsupported(cpu_env); 192 ctx->base.is_jmp = DISAS_NORETURN; 193 return false; 194 } 195 return true; 196 } 197 198 static bool decode_insn(DisasContext *ctx, uint16_t insn); 199 #include "decode-insn.c.inc" 200 201 /* 202 * Arithmetic Instructions 203 */ 204 205 /* 206 * Utility functions for updating status registers: 207 * 208 * - gen_add_CHf() 209 * - gen_add_Vf() 210 * - gen_sub_CHf() 211 * - gen_sub_Vf() 212 * - gen_NSf() 213 * - gen_ZNSf() 214 * 215 */ 216 217 static void gen_add_CHf(TCGv R, TCGv Rd, TCGv Rr) 218 { 219 TCGv t1 = tcg_temp_new_i32(); 220 TCGv t2 = tcg_temp_new_i32(); 221 TCGv t3 = tcg_temp_new_i32(); 222 223 tcg_gen_and_tl(t1, Rd, Rr); /* t1 = Rd & Rr */ 224 tcg_gen_andc_tl(t2, Rd, R); /* t2 = Rd & ~R */ 225 tcg_gen_andc_tl(t3, Rr, R); /* t3 = Rr & ~R */ 226 tcg_gen_or_tl(t1, t1, t2); /* t1 = t1 | t2 | t3 */ 227 tcg_gen_or_tl(t1, t1, t3); 228 229 tcg_gen_shri_tl(cpu_Cf, t1, 7); /* Cf = t1(7) */ 230 tcg_gen_shri_tl(cpu_Hf, t1, 3); /* Hf = t1(3) */ 231 tcg_gen_andi_tl(cpu_Hf, cpu_Hf, 1); 232 233 tcg_temp_free_i32(t3); 234 tcg_temp_free_i32(t2); 235 tcg_temp_free_i32(t1); 236 } 237 238 static void gen_add_Vf(TCGv R, TCGv Rd, TCGv Rr) 239 { 240 TCGv t1 = tcg_temp_new_i32(); 241 TCGv t2 = tcg_temp_new_i32(); 242 243 /* t1 = Rd & Rr & ~R | ~Rd & ~Rr & R */ 244 /* = (Rd ^ R) & ~(Rd ^ Rr) */ 245 tcg_gen_xor_tl(t1, Rd, R); 246 tcg_gen_xor_tl(t2, Rd, Rr); 247 tcg_gen_andc_tl(t1, t1, t2); 248 249 tcg_gen_shri_tl(cpu_Vf, t1, 7); /* Vf = t1(7) */ 250 251 tcg_temp_free_i32(t2); 252 tcg_temp_free_i32(t1); 253 } 254 255 static void gen_sub_CHf(TCGv R, TCGv Rd, TCGv Rr) 256 { 257 TCGv t1 = tcg_temp_new_i32(); 258 TCGv t2 = tcg_temp_new_i32(); 259 TCGv t3 = tcg_temp_new_i32(); 260 261 tcg_gen_not_tl(t1, Rd); /* t1 = ~Rd */ 262 tcg_gen_and_tl(t2, t1, Rr); /* t2 = ~Rd & Rr */ 263 tcg_gen_or_tl(t3, t1, Rr); /* t3 = (~Rd | Rr) & R */ 264 tcg_gen_and_tl(t3, t3, R); 265 tcg_gen_or_tl(t2, t2, t3); /* t2 = ~Rd & Rr | ~Rd & R | R & Rr */ 266 267 tcg_gen_shri_tl(cpu_Cf, t2, 7); /* Cf = t2(7) */ 268 tcg_gen_shri_tl(cpu_Hf, t2, 3); /* Hf = t2(3) */ 269 tcg_gen_andi_tl(cpu_Hf, cpu_Hf, 1); 270 271 tcg_temp_free_i32(t3); 272 tcg_temp_free_i32(t2); 273 tcg_temp_free_i32(t1); 274 } 275 276 static void gen_sub_Vf(TCGv R, TCGv Rd, TCGv Rr) 277 { 278 TCGv t1 = tcg_temp_new_i32(); 279 TCGv t2 = tcg_temp_new_i32(); 280 281 /* t1 = Rd & ~Rr & ~R | ~Rd & Rr & R */ 282 /* = (Rd ^ R) & (Rd ^ R) */ 283 tcg_gen_xor_tl(t1, Rd, R); 284 tcg_gen_xor_tl(t2, Rd, Rr); 285 tcg_gen_and_tl(t1, t1, t2); 286 287 tcg_gen_shri_tl(cpu_Vf, t1, 7); /* Vf = t1(7) */ 288 289 tcg_temp_free_i32(t2); 290 tcg_temp_free_i32(t1); 291 } 292 293 static void gen_NSf(TCGv R) 294 { 295 tcg_gen_shri_tl(cpu_Nf, R, 7); /* Nf = R(7) */ 296 tcg_gen_xor_tl(cpu_Sf, cpu_Nf, cpu_Vf); /* Sf = Nf ^ Vf */ 297 } 298 299 static void gen_ZNSf(TCGv R) 300 { 301 tcg_gen_setcondi_tl(TCG_COND_EQ, cpu_Zf, R, 0); /* Zf = R == 0 */ 302 303 /* update status register */ 304 tcg_gen_shri_tl(cpu_Nf, R, 7); /* Nf = R(7) */ 305 tcg_gen_xor_tl(cpu_Sf, cpu_Nf, cpu_Vf); /* Sf = Nf ^ Vf */ 306 } 307 308 /* 309 * Adds two registers without the C Flag and places the result in the 310 * destination register Rd. 311 */ 312 static bool trans_ADD(DisasContext *ctx, arg_ADD *a) 313 { 314 TCGv Rd = cpu_r[a->rd]; 315 TCGv Rr = cpu_r[a->rr]; 316 TCGv R = tcg_temp_new_i32(); 317 318 tcg_gen_add_tl(R, Rd, Rr); /* Rd = Rd + Rr */ 319 tcg_gen_andi_tl(R, R, 0xff); /* make it 8 bits */ 320 321 /* update status register */ 322 gen_add_CHf(R, Rd, Rr); 323 gen_add_Vf(R, Rd, Rr); 324 gen_ZNSf(R); 325 326 /* update output registers */ 327 tcg_gen_mov_tl(Rd, R); 328 329 tcg_temp_free_i32(R); 330 331 return true; 332 } 333 334 /* 335 * Adds two registers and the contents of the C Flag and places the result in 336 * the destination register Rd. 337 */ 338 static bool trans_ADC(DisasContext *ctx, arg_ADC *a) 339 { 340 TCGv Rd = cpu_r[a->rd]; 341 TCGv Rr = cpu_r[a->rr]; 342 TCGv R = tcg_temp_new_i32(); 343 344 tcg_gen_add_tl(R, Rd, Rr); /* R = Rd + Rr + Cf */ 345 tcg_gen_add_tl(R, R, cpu_Cf); 346 tcg_gen_andi_tl(R, R, 0xff); /* make it 8 bits */ 347 348 /* update status register */ 349 gen_add_CHf(R, Rd, Rr); 350 gen_add_Vf(R, Rd, Rr); 351 gen_ZNSf(R); 352 353 /* update output registers */ 354 tcg_gen_mov_tl(Rd, R); 355 356 tcg_temp_free_i32(R); 357 358 return true; 359 } 360 361 /* 362 * Adds an immediate value (0 - 63) to a register pair and places the result 363 * in the register pair. This instruction operates on the upper four register 364 * pairs, and is well suited for operations on the pointer registers. This 365 * instruction is not available in all devices. Refer to the device specific 366 * instruction set summary. 367 */ 368 static bool trans_ADIW(DisasContext *ctx, arg_ADIW *a) 369 { 370 if (!avr_have_feature(ctx, AVR_FEATURE_ADIW_SBIW)) { 371 return true; 372 } 373 374 TCGv RdL = cpu_r[a->rd]; 375 TCGv RdH = cpu_r[a->rd + 1]; 376 int Imm = (a->imm); 377 TCGv R = tcg_temp_new_i32(); 378 TCGv Rd = tcg_temp_new_i32(); 379 380 tcg_gen_deposit_tl(Rd, RdL, RdH, 8, 8); /* Rd = RdH:RdL */ 381 tcg_gen_addi_tl(R, Rd, Imm); /* R = Rd + Imm */ 382 tcg_gen_andi_tl(R, R, 0xffff); /* make it 16 bits */ 383 384 /* update status register */ 385 tcg_gen_andc_tl(cpu_Cf, Rd, R); /* Cf = Rd & ~R */ 386 tcg_gen_shri_tl(cpu_Cf, cpu_Cf, 15); 387 tcg_gen_andc_tl(cpu_Vf, R, Rd); /* Vf = R & ~Rd */ 388 tcg_gen_shri_tl(cpu_Vf, cpu_Vf, 15); 389 tcg_gen_setcondi_tl(TCG_COND_EQ, cpu_Zf, R, 0); /* Zf = R == 0 */ 390 tcg_gen_shri_tl(cpu_Nf, R, 15); /* Nf = R(15) */ 391 tcg_gen_xor_tl(cpu_Sf, cpu_Nf, cpu_Vf);/* Sf = Nf ^ Vf */ 392 393 /* update output registers */ 394 tcg_gen_andi_tl(RdL, R, 0xff); 395 tcg_gen_shri_tl(RdH, R, 8); 396 397 tcg_temp_free_i32(Rd); 398 tcg_temp_free_i32(R); 399 400 return true; 401 } 402 403 /* 404 * Subtracts two registers and places the result in the destination 405 * register Rd. 406 */ 407 static bool trans_SUB(DisasContext *ctx, arg_SUB *a) 408 { 409 TCGv Rd = cpu_r[a->rd]; 410 TCGv Rr = cpu_r[a->rr]; 411 TCGv R = tcg_temp_new_i32(); 412 413 tcg_gen_sub_tl(R, Rd, Rr); /* R = Rd - Rr */ 414 tcg_gen_andi_tl(R, R, 0xff); /* make it 8 bits */ 415 416 /* update status register */ 417 tcg_gen_andc_tl(cpu_Cf, Rd, R); /* Cf = Rd & ~R */ 418 gen_sub_CHf(R, Rd, Rr); 419 gen_sub_Vf(R, Rd, Rr); 420 gen_ZNSf(R); 421 422 /* update output registers */ 423 tcg_gen_mov_tl(Rd, R); 424 425 tcg_temp_free_i32(R); 426 427 return true; 428 } 429 430 /* 431 * Subtracts a register and a constant and places the result in the 432 * destination register Rd. This instruction is working on Register R16 to R31 433 * and is very well suited for operations on the X, Y, and Z-pointers. 434 */ 435 static bool trans_SUBI(DisasContext *ctx, arg_SUBI *a) 436 { 437 TCGv Rd = cpu_r[a->rd]; 438 TCGv Rr = tcg_const_i32(a->imm); 439 TCGv R = tcg_temp_new_i32(); 440 441 tcg_gen_sub_tl(R, Rd, Rr); /* R = Rd - Imm */ 442 tcg_gen_andi_tl(R, R, 0xff); /* make it 8 bits */ 443 444 /* update status register */ 445 gen_sub_CHf(R, Rd, Rr); 446 gen_sub_Vf(R, Rd, Rr); 447 gen_ZNSf(R); 448 449 /* update output registers */ 450 tcg_gen_mov_tl(Rd, R); 451 452 tcg_temp_free_i32(R); 453 tcg_temp_free_i32(Rr); 454 455 return true; 456 } 457 458 /* 459 * Subtracts two registers and subtracts with the C Flag and places the 460 * result in the destination register Rd. 461 */ 462 static bool trans_SBC(DisasContext *ctx, arg_SBC *a) 463 { 464 TCGv Rd = cpu_r[a->rd]; 465 TCGv Rr = cpu_r[a->rr]; 466 TCGv R = tcg_temp_new_i32(); 467 TCGv zero = tcg_const_i32(0); 468 469 tcg_gen_sub_tl(R, Rd, Rr); /* R = Rd - Rr - Cf */ 470 tcg_gen_sub_tl(R, R, cpu_Cf); 471 tcg_gen_andi_tl(R, R, 0xff); /* make it 8 bits */ 472 473 /* update status register */ 474 gen_sub_CHf(R, Rd, Rr); 475 gen_sub_Vf(R, Rd, Rr); 476 gen_NSf(R); 477 478 /* 479 * Previous value remains unchanged when the result is zero; 480 * cleared otherwise. 481 */ 482 tcg_gen_movcond_tl(TCG_COND_EQ, cpu_Zf, R, zero, cpu_Zf, zero); 483 484 /* update output registers */ 485 tcg_gen_mov_tl(Rd, R); 486 487 tcg_temp_free_i32(zero); 488 tcg_temp_free_i32(R); 489 490 return true; 491 } 492 493 /* 494 * SBCI -- Subtract Immediate with Carry 495 */ 496 static bool trans_SBCI(DisasContext *ctx, arg_SBCI *a) 497 { 498 TCGv Rd = cpu_r[a->rd]; 499 TCGv Rr = tcg_const_i32(a->imm); 500 TCGv R = tcg_temp_new_i32(); 501 TCGv zero = tcg_const_i32(0); 502 503 tcg_gen_sub_tl(R, Rd, Rr); /* R = Rd - Rr - Cf */ 504 tcg_gen_sub_tl(R, R, cpu_Cf); 505 tcg_gen_andi_tl(R, R, 0xff); /* make it 8 bits */ 506 507 /* update status register */ 508 gen_sub_CHf(R, Rd, Rr); 509 gen_sub_Vf(R, Rd, Rr); 510 gen_NSf(R); 511 512 /* 513 * Previous value remains unchanged when the result is zero; 514 * cleared otherwise. 515 */ 516 tcg_gen_movcond_tl(TCG_COND_EQ, cpu_Zf, R, zero, cpu_Zf, zero); 517 518 /* update output registers */ 519 tcg_gen_mov_tl(Rd, R); 520 521 tcg_temp_free_i32(zero); 522 tcg_temp_free_i32(R); 523 tcg_temp_free_i32(Rr); 524 525 return true; 526 } 527 528 /* 529 * Subtracts an immediate value (0-63) from a register pair and places the 530 * result in the register pair. This instruction operates on the upper four 531 * register pairs, and is well suited for operations on the Pointer Registers. 532 * This instruction is not available in all devices. Refer to the device 533 * specific instruction set summary. 534 */ 535 static bool trans_SBIW(DisasContext *ctx, arg_SBIW *a) 536 { 537 if (!avr_have_feature(ctx, AVR_FEATURE_ADIW_SBIW)) { 538 return true; 539 } 540 541 TCGv RdL = cpu_r[a->rd]; 542 TCGv RdH = cpu_r[a->rd + 1]; 543 int Imm = (a->imm); 544 TCGv R = tcg_temp_new_i32(); 545 TCGv Rd = tcg_temp_new_i32(); 546 547 tcg_gen_deposit_tl(Rd, RdL, RdH, 8, 8); /* Rd = RdH:RdL */ 548 tcg_gen_subi_tl(R, Rd, Imm); /* R = Rd - Imm */ 549 tcg_gen_andi_tl(R, R, 0xffff); /* make it 16 bits */ 550 551 /* update status register */ 552 tcg_gen_andc_tl(cpu_Cf, R, Rd); 553 tcg_gen_shri_tl(cpu_Cf, cpu_Cf, 15); /* Cf = R & ~Rd */ 554 tcg_gen_andc_tl(cpu_Vf, Rd, R); 555 tcg_gen_shri_tl(cpu_Vf, cpu_Vf, 15); /* Vf = Rd & ~R */ 556 tcg_gen_setcondi_tl(TCG_COND_EQ, cpu_Zf, R, 0); /* Zf = R == 0 */ 557 tcg_gen_shri_tl(cpu_Nf, R, 15); /* Nf = R(15) */ 558 tcg_gen_xor_tl(cpu_Sf, cpu_Nf, cpu_Vf); /* Sf = Nf ^ Vf */ 559 560 /* update output registers */ 561 tcg_gen_andi_tl(RdL, R, 0xff); 562 tcg_gen_shri_tl(RdH, R, 8); 563 564 tcg_temp_free_i32(Rd); 565 tcg_temp_free_i32(R); 566 567 return true; 568 } 569 570 /* 571 * Performs the logical AND between the contents of register Rd and register 572 * Rr and places the result in the destination register Rd. 573 */ 574 static bool trans_AND(DisasContext *ctx, arg_AND *a) 575 { 576 TCGv Rd = cpu_r[a->rd]; 577 TCGv Rr = cpu_r[a->rr]; 578 TCGv R = tcg_temp_new_i32(); 579 580 tcg_gen_and_tl(R, Rd, Rr); /* Rd = Rd and Rr */ 581 582 /* update status register */ 583 tcg_gen_movi_tl(cpu_Vf, 0); /* Vf = 0 */ 584 tcg_gen_setcondi_tl(TCG_COND_EQ, cpu_Zf, R, 0); /* Zf = R == 0 */ 585 gen_ZNSf(R); 586 587 /* update output registers */ 588 tcg_gen_mov_tl(Rd, R); 589 590 tcg_temp_free_i32(R); 591 592 return true; 593 } 594 595 /* 596 * Performs the logical AND between the contents of register Rd and a constant 597 * and places the result in the destination register Rd. 598 */ 599 static bool trans_ANDI(DisasContext *ctx, arg_ANDI *a) 600 { 601 TCGv Rd = cpu_r[a->rd]; 602 int Imm = (a->imm); 603 604 tcg_gen_andi_tl(Rd, Rd, Imm); /* Rd = Rd & Imm */ 605 606 /* update status register */ 607 tcg_gen_movi_tl(cpu_Vf, 0x00); /* Vf = 0 */ 608 gen_ZNSf(Rd); 609 610 return true; 611 } 612 613 /* 614 * Performs the logical OR between the contents of register Rd and register 615 * Rr and places the result in the destination register Rd. 616 */ 617 static bool trans_OR(DisasContext *ctx, arg_OR *a) 618 { 619 TCGv Rd = cpu_r[a->rd]; 620 TCGv Rr = cpu_r[a->rr]; 621 TCGv R = tcg_temp_new_i32(); 622 623 tcg_gen_or_tl(R, Rd, Rr); 624 625 /* update status register */ 626 tcg_gen_movi_tl(cpu_Vf, 0); 627 gen_ZNSf(R); 628 629 /* update output registers */ 630 tcg_gen_mov_tl(Rd, R); 631 632 tcg_temp_free_i32(R); 633 634 return true; 635 } 636 637 /* 638 * Performs the logical OR between the contents of register Rd and a 639 * constant and places the result in the destination register Rd. 640 */ 641 static bool trans_ORI(DisasContext *ctx, arg_ORI *a) 642 { 643 TCGv Rd = cpu_r[a->rd]; 644 int Imm = (a->imm); 645 646 tcg_gen_ori_tl(Rd, Rd, Imm); /* Rd = Rd | Imm */ 647 648 /* update status register */ 649 tcg_gen_movi_tl(cpu_Vf, 0x00); /* Vf = 0 */ 650 gen_ZNSf(Rd); 651 652 return true; 653 } 654 655 /* 656 * Performs the logical EOR between the contents of register Rd and 657 * register Rr and places the result in the destination register Rd. 658 */ 659 static bool trans_EOR(DisasContext *ctx, arg_EOR *a) 660 { 661 TCGv Rd = cpu_r[a->rd]; 662 TCGv Rr = cpu_r[a->rr]; 663 664 tcg_gen_xor_tl(Rd, Rd, Rr); 665 666 /* update status register */ 667 tcg_gen_movi_tl(cpu_Vf, 0); 668 gen_ZNSf(Rd); 669 670 return true; 671 } 672 673 /* 674 * Clears the specified bits in register Rd. Performs the logical AND 675 * between the contents of register Rd and the complement of the constant mask 676 * K. The result will be placed in register Rd. 677 */ 678 static bool trans_COM(DisasContext *ctx, arg_COM *a) 679 { 680 TCGv Rd = cpu_r[a->rd]; 681 TCGv R = tcg_temp_new_i32(); 682 683 tcg_gen_xori_tl(Rd, Rd, 0xff); 684 685 /* update status register */ 686 tcg_gen_movi_tl(cpu_Cf, 1); /* Cf = 1 */ 687 tcg_gen_movi_tl(cpu_Vf, 0); /* Vf = 0 */ 688 gen_ZNSf(Rd); 689 690 tcg_temp_free_i32(R); 691 692 return true; 693 } 694 695 /* 696 * Replaces the contents of register Rd with its two's complement; the 697 * value $80 is left unchanged. 698 */ 699 static bool trans_NEG(DisasContext *ctx, arg_NEG *a) 700 { 701 TCGv Rd = cpu_r[a->rd]; 702 TCGv t0 = tcg_const_i32(0); 703 TCGv R = tcg_temp_new_i32(); 704 705 tcg_gen_sub_tl(R, t0, Rd); /* R = 0 - Rd */ 706 tcg_gen_andi_tl(R, R, 0xff); /* make it 8 bits */ 707 708 /* update status register */ 709 gen_sub_CHf(R, t0, Rd); 710 gen_sub_Vf(R, t0, Rd); 711 gen_ZNSf(R); 712 713 /* update output registers */ 714 tcg_gen_mov_tl(Rd, R); 715 716 tcg_temp_free_i32(t0); 717 tcg_temp_free_i32(R); 718 719 return true; 720 } 721 722 /* 723 * Adds one -1- to the contents of register Rd and places the result in the 724 * destination register Rd. The C Flag in SREG is not affected by the 725 * operation, thus allowing the INC instruction to be used on a loop counter in 726 * multiple-precision computations. When operating on unsigned numbers, only 727 * BREQ and BRNE branches can be expected to perform consistently. When 728 * operating on two's complement values, all signed branches are available. 729 */ 730 static bool trans_INC(DisasContext *ctx, arg_INC *a) 731 { 732 TCGv Rd = cpu_r[a->rd]; 733 734 tcg_gen_addi_tl(Rd, Rd, 1); 735 tcg_gen_andi_tl(Rd, Rd, 0xff); 736 737 /* update status register */ 738 tcg_gen_setcondi_tl(TCG_COND_EQ, cpu_Vf, Rd, 0x80); /* Vf = Rd == 0x80 */ 739 gen_ZNSf(Rd); 740 741 return true; 742 } 743 744 /* 745 * Subtracts one -1- from the contents of register Rd and places the result 746 * in the destination register Rd. The C Flag in SREG is not affected by the 747 * operation, thus allowing the DEC instruction to be used on a loop counter in 748 * multiple-precision computations. When operating on unsigned values, only 749 * BREQ and BRNE branches can be expected to perform consistently. When 750 * operating on two's complement values, all signed branches are available. 751 */ 752 static bool trans_DEC(DisasContext *ctx, arg_DEC *a) 753 { 754 TCGv Rd = cpu_r[a->rd]; 755 756 tcg_gen_subi_tl(Rd, Rd, 1); /* Rd = Rd - 1 */ 757 tcg_gen_andi_tl(Rd, Rd, 0xff); /* make it 8 bits */ 758 759 /* update status register */ 760 tcg_gen_setcondi_tl(TCG_COND_EQ, cpu_Vf, Rd, 0x7f); /* Vf = Rd == 0x7f */ 761 gen_ZNSf(Rd); 762 763 return true; 764 } 765 766 /* 767 * This instruction performs 8-bit x 8-bit -> 16-bit unsigned multiplication. 768 */ 769 static bool trans_MUL(DisasContext *ctx, arg_MUL *a) 770 { 771 if (!avr_have_feature(ctx, AVR_FEATURE_MUL)) { 772 return true; 773 } 774 775 TCGv R0 = cpu_r[0]; 776 TCGv R1 = cpu_r[1]; 777 TCGv Rd = cpu_r[a->rd]; 778 TCGv Rr = cpu_r[a->rr]; 779 TCGv R = tcg_temp_new_i32(); 780 781 tcg_gen_mul_tl(R, Rd, Rr); /* R = Rd * Rr */ 782 tcg_gen_andi_tl(R0, R, 0xff); 783 tcg_gen_shri_tl(R1, R, 8); 784 785 /* update status register */ 786 tcg_gen_shri_tl(cpu_Cf, R, 15); /* Cf = R(15) */ 787 tcg_gen_setcondi_tl(TCG_COND_EQ, cpu_Zf, R, 0); /* Zf = R == 0 */ 788 789 tcg_temp_free_i32(R); 790 791 return true; 792 } 793 794 /* 795 * This instruction performs 8-bit x 8-bit -> 16-bit signed multiplication. 796 */ 797 static bool trans_MULS(DisasContext *ctx, arg_MULS *a) 798 { 799 if (!avr_have_feature(ctx, AVR_FEATURE_MUL)) { 800 return true; 801 } 802 803 TCGv R0 = cpu_r[0]; 804 TCGv R1 = cpu_r[1]; 805 TCGv Rd = cpu_r[a->rd]; 806 TCGv Rr = cpu_r[a->rr]; 807 TCGv R = tcg_temp_new_i32(); 808 TCGv t0 = tcg_temp_new_i32(); 809 TCGv t1 = tcg_temp_new_i32(); 810 811 tcg_gen_ext8s_tl(t0, Rd); /* make Rd full 32 bit signed */ 812 tcg_gen_ext8s_tl(t1, Rr); /* make Rr full 32 bit signed */ 813 tcg_gen_mul_tl(R, t0, t1); /* R = Rd * Rr */ 814 tcg_gen_andi_tl(R, R, 0xffff); /* make it 16 bits */ 815 tcg_gen_andi_tl(R0, R, 0xff); 816 tcg_gen_shri_tl(R1, R, 8); 817 818 /* update status register */ 819 tcg_gen_shri_tl(cpu_Cf, R, 15); /* Cf = R(15) */ 820 tcg_gen_setcondi_tl(TCG_COND_EQ, cpu_Zf, R, 0); /* Zf = R == 0 */ 821 822 tcg_temp_free_i32(t1); 823 tcg_temp_free_i32(t0); 824 tcg_temp_free_i32(R); 825 826 return true; 827 } 828 829 /* 830 * This instruction performs 8-bit x 8-bit -> 16-bit multiplication of a 831 * signed and an unsigned number. 832 */ 833 static bool trans_MULSU(DisasContext *ctx, arg_MULSU *a) 834 { 835 if (!avr_have_feature(ctx, AVR_FEATURE_MUL)) { 836 return true; 837 } 838 839 TCGv R0 = cpu_r[0]; 840 TCGv R1 = cpu_r[1]; 841 TCGv Rd = cpu_r[a->rd]; 842 TCGv Rr = cpu_r[a->rr]; 843 TCGv R = tcg_temp_new_i32(); 844 TCGv t0 = tcg_temp_new_i32(); 845 846 tcg_gen_ext8s_tl(t0, Rd); /* make Rd full 32 bit signed */ 847 tcg_gen_mul_tl(R, t0, Rr); /* R = Rd * Rr */ 848 tcg_gen_andi_tl(R, R, 0xffff); /* make R 16 bits */ 849 tcg_gen_andi_tl(R0, R, 0xff); 850 tcg_gen_shri_tl(R1, R, 8); 851 852 /* update status register */ 853 tcg_gen_shri_tl(cpu_Cf, R, 15); /* Cf = R(15) */ 854 tcg_gen_setcondi_tl(TCG_COND_EQ, cpu_Zf, R, 0); /* Zf = R == 0 */ 855 856 tcg_temp_free_i32(t0); 857 tcg_temp_free_i32(R); 858 859 return true; 860 } 861 862 /* 863 * This instruction performs 8-bit x 8-bit -> 16-bit unsigned 864 * multiplication and shifts the result one bit left. 865 */ 866 static bool trans_FMUL(DisasContext *ctx, arg_FMUL *a) 867 { 868 if (!avr_have_feature(ctx, AVR_FEATURE_MUL)) { 869 return true; 870 } 871 872 TCGv R0 = cpu_r[0]; 873 TCGv R1 = cpu_r[1]; 874 TCGv Rd = cpu_r[a->rd]; 875 TCGv Rr = cpu_r[a->rr]; 876 TCGv R = tcg_temp_new_i32(); 877 878 tcg_gen_mul_tl(R, Rd, Rr); /* R = Rd * Rr */ 879 880 /* update status register */ 881 tcg_gen_shri_tl(cpu_Cf, R, 15); /* Cf = R(15) */ 882 tcg_gen_setcondi_tl(TCG_COND_EQ, cpu_Zf, R, 0); /* Zf = R == 0 */ 883 884 /* update output registers */ 885 tcg_gen_shli_tl(R, R, 1); 886 tcg_gen_andi_tl(R0, R, 0xff); 887 tcg_gen_shri_tl(R1, R, 8); 888 tcg_gen_andi_tl(R1, R1, 0xff); 889 890 891 tcg_temp_free_i32(R); 892 893 return true; 894 } 895 896 /* 897 * This instruction performs 8-bit x 8-bit -> 16-bit signed multiplication 898 * and shifts the result one bit left. 899 */ 900 static bool trans_FMULS(DisasContext *ctx, arg_FMULS *a) 901 { 902 if (!avr_have_feature(ctx, AVR_FEATURE_MUL)) { 903 return true; 904 } 905 906 TCGv R0 = cpu_r[0]; 907 TCGv R1 = cpu_r[1]; 908 TCGv Rd = cpu_r[a->rd]; 909 TCGv Rr = cpu_r[a->rr]; 910 TCGv R = tcg_temp_new_i32(); 911 TCGv t0 = tcg_temp_new_i32(); 912 TCGv t1 = tcg_temp_new_i32(); 913 914 tcg_gen_ext8s_tl(t0, Rd); /* make Rd full 32 bit signed */ 915 tcg_gen_ext8s_tl(t1, Rr); /* make Rr full 32 bit signed */ 916 tcg_gen_mul_tl(R, t0, t1); /* R = Rd * Rr */ 917 tcg_gen_andi_tl(R, R, 0xffff); /* make it 16 bits */ 918 919 /* update status register */ 920 tcg_gen_shri_tl(cpu_Cf, R, 15); /* Cf = R(15) */ 921 tcg_gen_setcondi_tl(TCG_COND_EQ, cpu_Zf, R, 0); /* Zf = R == 0 */ 922 923 /* update output registers */ 924 tcg_gen_shli_tl(R, R, 1); 925 tcg_gen_andi_tl(R0, R, 0xff); 926 tcg_gen_shri_tl(R1, R, 8); 927 tcg_gen_andi_tl(R1, R1, 0xff); 928 929 tcg_temp_free_i32(t1); 930 tcg_temp_free_i32(t0); 931 tcg_temp_free_i32(R); 932 933 return true; 934 } 935 936 /* 937 * This instruction performs 8-bit x 8-bit -> 16-bit signed multiplication 938 * and shifts the result one bit left. 939 */ 940 static bool trans_FMULSU(DisasContext *ctx, arg_FMULSU *a) 941 { 942 if (!avr_have_feature(ctx, AVR_FEATURE_MUL)) { 943 return true; 944 } 945 946 TCGv R0 = cpu_r[0]; 947 TCGv R1 = cpu_r[1]; 948 TCGv Rd = cpu_r[a->rd]; 949 TCGv Rr = cpu_r[a->rr]; 950 TCGv R = tcg_temp_new_i32(); 951 TCGv t0 = tcg_temp_new_i32(); 952 953 tcg_gen_ext8s_tl(t0, Rd); /* make Rd full 32 bit signed */ 954 tcg_gen_mul_tl(R, t0, Rr); /* R = Rd * Rr */ 955 tcg_gen_andi_tl(R, R, 0xffff); /* make it 16 bits */ 956 957 /* update status register */ 958 tcg_gen_shri_tl(cpu_Cf, R, 15); /* Cf = R(15) */ 959 tcg_gen_setcondi_tl(TCG_COND_EQ, cpu_Zf, R, 0); /* Zf = R == 0 */ 960 961 /* update output registers */ 962 tcg_gen_shli_tl(R, R, 1); 963 tcg_gen_andi_tl(R0, R, 0xff); 964 tcg_gen_shri_tl(R1, R, 8); 965 tcg_gen_andi_tl(R1, R1, 0xff); 966 967 tcg_temp_free_i32(t0); 968 tcg_temp_free_i32(R); 969 970 return true; 971 } 972 973 /* 974 * The module is an instruction set extension to the AVR CPU, performing 975 * DES iterations. The 64-bit data block (plaintext or ciphertext) is placed in 976 * the CPU register file, registers R0-R7, where LSB of data is placed in LSB 977 * of R0 and MSB of data is placed in MSB of R7. The full 64-bit key (including 978 * parity bits) is placed in registers R8- R15, organized in the register file 979 * with LSB of key in LSB of R8 and MSB of key in MSB of R15. Executing one DES 980 * instruction performs one round in the DES algorithm. Sixteen rounds must be 981 * executed in increasing order to form the correct DES ciphertext or 982 * plaintext. Intermediate results are stored in the register file (R0-R15) 983 * after each DES instruction. The instruction's operand (K) determines which 984 * round is executed, and the half carry flag (H) determines whether encryption 985 * or decryption is performed. The DES algorithm is described in 986 * "Specifications for the Data Encryption Standard" (Federal Information 987 * Processing Standards Publication 46). Intermediate results in this 988 * implementation differ from the standard because the initial permutation and 989 * the inverse initial permutation are performed each iteration. This does not 990 * affect the result in the final ciphertext or plaintext, but reduces 991 * execution time. 992 */ 993 static bool trans_DES(DisasContext *ctx, arg_DES *a) 994 { 995 /* TODO */ 996 if (!avr_have_feature(ctx, AVR_FEATURE_DES)) { 997 return true; 998 } 999 1000 qemu_log_mask(LOG_UNIMP, "%s: not implemented\n", __func__); 1001 1002 return true; 1003 } 1004 1005 /* 1006 * Branch Instructions 1007 */ 1008 static void gen_jmp_ez(DisasContext *ctx) 1009 { 1010 tcg_gen_deposit_tl(cpu_pc, cpu_r[30], cpu_r[31], 8, 8); 1011 tcg_gen_or_tl(cpu_pc, cpu_pc, cpu_eind); 1012 ctx->base.is_jmp = DISAS_LOOKUP; 1013 } 1014 1015 static void gen_jmp_z(DisasContext *ctx) 1016 { 1017 tcg_gen_deposit_tl(cpu_pc, cpu_r[30], cpu_r[31], 8, 8); 1018 ctx->base.is_jmp = DISAS_LOOKUP; 1019 } 1020 1021 static void gen_push_ret(DisasContext *ctx, int ret) 1022 { 1023 if (avr_feature(ctx->env, AVR_FEATURE_1_BYTE_PC)) { 1024 1025 TCGv t0 = tcg_const_i32((ret & 0x0000ff)); 1026 1027 tcg_gen_qemu_st_tl(t0, cpu_sp, MMU_DATA_IDX, MO_UB); 1028 tcg_gen_subi_tl(cpu_sp, cpu_sp, 1); 1029 1030 tcg_temp_free_i32(t0); 1031 } else if (avr_feature(ctx->env, AVR_FEATURE_2_BYTE_PC)) { 1032 1033 TCGv t0 = tcg_const_i32((ret & 0x00ffff)); 1034 1035 tcg_gen_subi_tl(cpu_sp, cpu_sp, 1); 1036 tcg_gen_qemu_st_tl(t0, cpu_sp, MMU_DATA_IDX, MO_BEUW); 1037 tcg_gen_subi_tl(cpu_sp, cpu_sp, 1); 1038 1039 tcg_temp_free_i32(t0); 1040 1041 } else if (avr_feature(ctx->env, AVR_FEATURE_3_BYTE_PC)) { 1042 1043 TCGv lo = tcg_const_i32((ret & 0x0000ff)); 1044 TCGv hi = tcg_const_i32((ret & 0xffff00) >> 8); 1045 1046 tcg_gen_qemu_st_tl(lo, cpu_sp, MMU_DATA_IDX, MO_UB); 1047 tcg_gen_subi_tl(cpu_sp, cpu_sp, 2); 1048 tcg_gen_qemu_st_tl(hi, cpu_sp, MMU_DATA_IDX, MO_BEUW); 1049 tcg_gen_subi_tl(cpu_sp, cpu_sp, 1); 1050 1051 tcg_temp_free_i32(lo); 1052 tcg_temp_free_i32(hi); 1053 } 1054 } 1055 1056 static void gen_pop_ret(DisasContext *ctx, TCGv ret) 1057 { 1058 if (avr_feature(ctx->env, AVR_FEATURE_1_BYTE_PC)) { 1059 tcg_gen_addi_tl(cpu_sp, cpu_sp, 1); 1060 tcg_gen_qemu_ld_tl(ret, cpu_sp, MMU_DATA_IDX, MO_UB); 1061 } else if (avr_feature(ctx->env, AVR_FEATURE_2_BYTE_PC)) { 1062 tcg_gen_addi_tl(cpu_sp, cpu_sp, 1); 1063 tcg_gen_qemu_ld_tl(ret, cpu_sp, MMU_DATA_IDX, MO_BEUW); 1064 tcg_gen_addi_tl(cpu_sp, cpu_sp, 1); 1065 } else if (avr_feature(ctx->env, AVR_FEATURE_3_BYTE_PC)) { 1066 TCGv lo = tcg_temp_new_i32(); 1067 TCGv hi = tcg_temp_new_i32(); 1068 1069 tcg_gen_addi_tl(cpu_sp, cpu_sp, 1); 1070 tcg_gen_qemu_ld_tl(hi, cpu_sp, MMU_DATA_IDX, MO_BEUW); 1071 1072 tcg_gen_addi_tl(cpu_sp, cpu_sp, 2); 1073 tcg_gen_qemu_ld_tl(lo, cpu_sp, MMU_DATA_IDX, MO_UB); 1074 1075 tcg_gen_deposit_tl(ret, lo, hi, 8, 16); 1076 1077 tcg_temp_free_i32(lo); 1078 tcg_temp_free_i32(hi); 1079 } 1080 } 1081 1082 static void gen_goto_tb(DisasContext *ctx, int n, target_ulong dest) 1083 { 1084 const TranslationBlock *tb = ctx->base.tb; 1085 1086 if (translator_use_goto_tb(&ctx->base, dest)) { 1087 tcg_gen_goto_tb(n); 1088 tcg_gen_movi_i32(cpu_pc, dest); 1089 tcg_gen_exit_tb(tb, n); 1090 } else { 1091 tcg_gen_movi_i32(cpu_pc, dest); 1092 if (ctx->base.singlestep_enabled) { 1093 gen_helper_debug(cpu_env); 1094 } else { 1095 tcg_gen_lookup_and_goto_ptr(); 1096 } 1097 } 1098 ctx->base.is_jmp = DISAS_NORETURN; 1099 } 1100 1101 /* 1102 * Relative jump to an address within PC - 2K +1 and PC + 2K (words). For 1103 * AVR microcontrollers with Program memory not exceeding 4K words (8KB) this 1104 * instruction can address the entire memory from every address location. See 1105 * also JMP. 1106 */ 1107 static bool trans_RJMP(DisasContext *ctx, arg_RJMP *a) 1108 { 1109 int dst = ctx->npc + a->imm; 1110 1111 gen_goto_tb(ctx, 0, dst); 1112 1113 return true; 1114 } 1115 1116 /* 1117 * Indirect jump to the address pointed to by the Z (16 bits) Pointer 1118 * Register in the Register File. The Z-pointer Register is 16 bits wide and 1119 * allows jump within the lowest 64K words (128KB) section of Program memory. 1120 * This instruction is not available in all devices. Refer to the device 1121 * specific instruction set summary. 1122 */ 1123 static bool trans_IJMP(DisasContext *ctx, arg_IJMP *a) 1124 { 1125 if (!avr_have_feature(ctx, AVR_FEATURE_IJMP_ICALL)) { 1126 return true; 1127 } 1128 1129 gen_jmp_z(ctx); 1130 1131 return true; 1132 } 1133 1134 /* 1135 * Indirect jump to the address pointed to by the Z (16 bits) Pointer 1136 * Register in the Register File and the EIND Register in the I/O space. This 1137 * instruction allows for indirect jumps to the entire 4M (words) Program 1138 * memory space. See also IJMP. This instruction is not available in all 1139 * devices. Refer to the device specific instruction set summary. 1140 */ 1141 static bool trans_EIJMP(DisasContext *ctx, arg_EIJMP *a) 1142 { 1143 if (!avr_have_feature(ctx, AVR_FEATURE_EIJMP_EICALL)) { 1144 return true; 1145 } 1146 1147 gen_jmp_ez(ctx); 1148 return true; 1149 } 1150 1151 /* 1152 * Jump to an address within the entire 4M (words) Program memory. See also 1153 * RJMP. This instruction is not available in all devices. Refer to the device 1154 * specific instruction set summary.0 1155 */ 1156 static bool trans_JMP(DisasContext *ctx, arg_JMP *a) 1157 { 1158 if (!avr_have_feature(ctx, AVR_FEATURE_JMP_CALL)) { 1159 return true; 1160 } 1161 1162 gen_goto_tb(ctx, 0, a->imm); 1163 1164 return true; 1165 } 1166 1167 /* 1168 * Relative call to an address within PC - 2K + 1 and PC + 2K (words). The 1169 * return address (the instruction after the RCALL) is stored onto the Stack. 1170 * See also CALL. For AVR microcontrollers with Program memory not exceeding 4K 1171 * words (8KB) this instruction can address the entire memory from every 1172 * address location. The Stack Pointer uses a post-decrement scheme during 1173 * RCALL. 1174 */ 1175 static bool trans_RCALL(DisasContext *ctx, arg_RCALL *a) 1176 { 1177 int ret = ctx->npc; 1178 int dst = ctx->npc + a->imm; 1179 1180 gen_push_ret(ctx, ret); 1181 gen_goto_tb(ctx, 0, dst); 1182 1183 return true; 1184 } 1185 1186 /* 1187 * Calls to a subroutine within the entire 4M (words) Program memory. The 1188 * return address (to the instruction after the CALL) will be stored onto the 1189 * Stack. See also RCALL. The Stack Pointer uses a post-decrement scheme during 1190 * CALL. This instruction is not available in all devices. Refer to the device 1191 * specific instruction set summary. 1192 */ 1193 static bool trans_ICALL(DisasContext *ctx, arg_ICALL *a) 1194 { 1195 if (!avr_have_feature(ctx, AVR_FEATURE_IJMP_ICALL)) { 1196 return true; 1197 } 1198 1199 int ret = ctx->npc; 1200 1201 gen_push_ret(ctx, ret); 1202 gen_jmp_z(ctx); 1203 1204 return true; 1205 } 1206 1207 /* 1208 * Indirect call of a subroutine pointed to by the Z (16 bits) Pointer 1209 * Register in the Register File and the EIND Register in the I/O space. This 1210 * instruction allows for indirect calls to the entire 4M (words) Program 1211 * memory space. See also ICALL. The Stack Pointer uses a post-decrement scheme 1212 * during EICALL. This instruction is not available in all devices. Refer to 1213 * the device specific instruction set summary. 1214 */ 1215 static bool trans_EICALL(DisasContext *ctx, arg_EICALL *a) 1216 { 1217 if (!avr_have_feature(ctx, AVR_FEATURE_EIJMP_EICALL)) { 1218 return true; 1219 } 1220 1221 int ret = ctx->npc; 1222 1223 gen_push_ret(ctx, ret); 1224 gen_jmp_ez(ctx); 1225 return true; 1226 } 1227 1228 /* 1229 * Calls to a subroutine within the entire Program memory. The return 1230 * address (to the instruction after the CALL) will be stored onto the Stack. 1231 * (See also RCALL). The Stack Pointer uses a post-decrement scheme during 1232 * CALL. This instruction is not available in all devices. Refer to the device 1233 * specific instruction set summary. 1234 */ 1235 static bool trans_CALL(DisasContext *ctx, arg_CALL *a) 1236 { 1237 if (!avr_have_feature(ctx, AVR_FEATURE_JMP_CALL)) { 1238 return true; 1239 } 1240 1241 int Imm = a->imm; 1242 int ret = ctx->npc; 1243 1244 gen_push_ret(ctx, ret); 1245 gen_goto_tb(ctx, 0, Imm); 1246 1247 return true; 1248 } 1249 1250 /* 1251 * Returns from subroutine. The return address is loaded from the STACK. 1252 * The Stack Pointer uses a preincrement scheme during RET. 1253 */ 1254 static bool trans_RET(DisasContext *ctx, arg_RET *a) 1255 { 1256 gen_pop_ret(ctx, cpu_pc); 1257 1258 ctx->base.is_jmp = DISAS_LOOKUP; 1259 return true; 1260 } 1261 1262 /* 1263 * Returns from interrupt. The return address is loaded from the STACK and 1264 * the Global Interrupt Flag is set. Note that the Status Register is not 1265 * automatically stored when entering an interrupt routine, and it is not 1266 * restored when returning from an interrupt routine. This must be handled by 1267 * the application program. The Stack Pointer uses a pre-increment scheme 1268 * during RETI. 1269 */ 1270 static bool trans_RETI(DisasContext *ctx, arg_RETI *a) 1271 { 1272 gen_pop_ret(ctx, cpu_pc); 1273 tcg_gen_movi_tl(cpu_If, 1); 1274 1275 /* Need to return to main loop to re-evaluate interrupts. */ 1276 ctx->base.is_jmp = DISAS_EXIT; 1277 return true; 1278 } 1279 1280 /* 1281 * This instruction performs a compare between two registers Rd and Rr, and 1282 * skips the next instruction if Rd = Rr. 1283 */ 1284 static bool trans_CPSE(DisasContext *ctx, arg_CPSE *a) 1285 { 1286 ctx->skip_cond = TCG_COND_EQ; 1287 ctx->skip_var0 = cpu_r[a->rd]; 1288 ctx->skip_var1 = cpu_r[a->rr]; 1289 return true; 1290 } 1291 1292 /* 1293 * This instruction performs a compare between two registers Rd and Rr. 1294 * None of the registers are changed. All conditional branches can be used 1295 * after this instruction. 1296 */ 1297 static bool trans_CP(DisasContext *ctx, arg_CP *a) 1298 { 1299 TCGv Rd = cpu_r[a->rd]; 1300 TCGv Rr = cpu_r[a->rr]; 1301 TCGv R = tcg_temp_new_i32(); 1302 1303 tcg_gen_sub_tl(R, Rd, Rr); /* R = Rd - Rr */ 1304 tcg_gen_andi_tl(R, R, 0xff); /* make it 8 bits */ 1305 1306 /* update status register */ 1307 gen_sub_CHf(R, Rd, Rr); 1308 gen_sub_Vf(R, Rd, Rr); 1309 gen_ZNSf(R); 1310 1311 tcg_temp_free_i32(R); 1312 1313 return true; 1314 } 1315 1316 /* 1317 * This instruction performs a compare between two registers Rd and Rr and 1318 * also takes into account the previous carry. None of the registers are 1319 * changed. All conditional branches can be used after this instruction. 1320 */ 1321 static bool trans_CPC(DisasContext *ctx, arg_CPC *a) 1322 { 1323 TCGv Rd = cpu_r[a->rd]; 1324 TCGv Rr = cpu_r[a->rr]; 1325 TCGv R = tcg_temp_new_i32(); 1326 TCGv zero = tcg_const_i32(0); 1327 1328 tcg_gen_sub_tl(R, Rd, Rr); /* R = Rd - Rr - Cf */ 1329 tcg_gen_sub_tl(R, R, cpu_Cf); 1330 tcg_gen_andi_tl(R, R, 0xff); /* make it 8 bits */ 1331 /* update status register */ 1332 gen_sub_CHf(R, Rd, Rr); 1333 gen_sub_Vf(R, Rd, Rr); 1334 gen_NSf(R); 1335 1336 /* 1337 * Previous value remains unchanged when the result is zero; 1338 * cleared otherwise. 1339 */ 1340 tcg_gen_movcond_tl(TCG_COND_EQ, cpu_Zf, R, zero, cpu_Zf, zero); 1341 1342 tcg_temp_free_i32(zero); 1343 tcg_temp_free_i32(R); 1344 1345 return true; 1346 } 1347 1348 /* 1349 * This instruction performs a compare between register Rd and a constant. 1350 * The register is not changed. All conditional branches can be used after this 1351 * instruction. 1352 */ 1353 static bool trans_CPI(DisasContext *ctx, arg_CPI *a) 1354 { 1355 TCGv Rd = cpu_r[a->rd]; 1356 int Imm = a->imm; 1357 TCGv Rr = tcg_const_i32(Imm); 1358 TCGv R = tcg_temp_new_i32(); 1359 1360 tcg_gen_sub_tl(R, Rd, Rr); /* R = Rd - Rr */ 1361 tcg_gen_andi_tl(R, R, 0xff); /* make it 8 bits */ 1362 1363 /* update status register */ 1364 gen_sub_CHf(R, Rd, Rr); 1365 gen_sub_Vf(R, Rd, Rr); 1366 gen_ZNSf(R); 1367 1368 tcg_temp_free_i32(R); 1369 tcg_temp_free_i32(Rr); 1370 1371 return true; 1372 } 1373 1374 /* 1375 * This instruction tests a single bit in a register and skips the next 1376 * instruction if the bit is cleared. 1377 */ 1378 static bool trans_SBRC(DisasContext *ctx, arg_SBRC *a) 1379 { 1380 TCGv Rr = cpu_r[a->rr]; 1381 1382 ctx->skip_cond = TCG_COND_EQ; 1383 ctx->skip_var0 = tcg_temp_new(); 1384 ctx->free_skip_var0 = true; 1385 1386 tcg_gen_andi_tl(ctx->skip_var0, Rr, 1 << a->bit); 1387 return true; 1388 } 1389 1390 /* 1391 * This instruction tests a single bit in a register and skips the next 1392 * instruction if the bit is set. 1393 */ 1394 static bool trans_SBRS(DisasContext *ctx, arg_SBRS *a) 1395 { 1396 TCGv Rr = cpu_r[a->rr]; 1397 1398 ctx->skip_cond = TCG_COND_NE; 1399 ctx->skip_var0 = tcg_temp_new(); 1400 ctx->free_skip_var0 = true; 1401 1402 tcg_gen_andi_tl(ctx->skip_var0, Rr, 1 << a->bit); 1403 return true; 1404 } 1405 1406 /* 1407 * This instruction tests a single bit in an I/O Register and skips the 1408 * next instruction if the bit is cleared. This instruction operates on the 1409 * lower 32 I/O Registers -- addresses 0-31. 1410 */ 1411 static bool trans_SBIC(DisasContext *ctx, arg_SBIC *a) 1412 { 1413 TCGv temp = tcg_const_i32(a->reg); 1414 1415 gen_helper_inb(temp, cpu_env, temp); 1416 tcg_gen_andi_tl(temp, temp, 1 << a->bit); 1417 ctx->skip_cond = TCG_COND_EQ; 1418 ctx->skip_var0 = temp; 1419 ctx->free_skip_var0 = true; 1420 1421 return true; 1422 } 1423 1424 /* 1425 * This instruction tests a single bit in an I/O Register and skips the 1426 * next instruction if the bit is set. This instruction operates on the lower 1427 * 32 I/O Registers -- addresses 0-31. 1428 */ 1429 static bool trans_SBIS(DisasContext *ctx, arg_SBIS *a) 1430 { 1431 TCGv temp = tcg_const_i32(a->reg); 1432 1433 gen_helper_inb(temp, cpu_env, temp); 1434 tcg_gen_andi_tl(temp, temp, 1 << a->bit); 1435 ctx->skip_cond = TCG_COND_NE; 1436 ctx->skip_var0 = temp; 1437 ctx->free_skip_var0 = true; 1438 1439 return true; 1440 } 1441 1442 /* 1443 * Conditional relative branch. Tests a single bit in SREG and branches 1444 * relatively to PC if the bit is cleared. This instruction branches relatively 1445 * to PC in either direction (PC - 63 < = destination <= PC + 64). The 1446 * parameter k is the offset from PC and is represented in two's complement 1447 * form. 1448 */ 1449 static bool trans_BRBC(DisasContext *ctx, arg_BRBC *a) 1450 { 1451 TCGLabel *not_taken = gen_new_label(); 1452 1453 TCGv var; 1454 1455 switch (a->bit) { 1456 case 0x00: 1457 var = cpu_Cf; 1458 break; 1459 case 0x01: 1460 var = cpu_Zf; 1461 break; 1462 case 0x02: 1463 var = cpu_Nf; 1464 break; 1465 case 0x03: 1466 var = cpu_Vf; 1467 break; 1468 case 0x04: 1469 var = cpu_Sf; 1470 break; 1471 case 0x05: 1472 var = cpu_Hf; 1473 break; 1474 case 0x06: 1475 var = cpu_Tf; 1476 break; 1477 case 0x07: 1478 var = cpu_If; 1479 break; 1480 default: 1481 g_assert_not_reached(); 1482 } 1483 1484 tcg_gen_brcondi_i32(TCG_COND_NE, var, 0, not_taken); 1485 gen_goto_tb(ctx, 0, ctx->npc + a->imm); 1486 gen_set_label(not_taken); 1487 1488 ctx->base.is_jmp = DISAS_CHAIN; 1489 return true; 1490 } 1491 1492 /* 1493 * Conditional relative branch. Tests a single bit in SREG and branches 1494 * relatively to PC if the bit is set. This instruction branches relatively to 1495 * PC in either direction (PC - 63 < = destination <= PC + 64). The parameter k 1496 * is the offset from PC and is represented in two's complement form. 1497 */ 1498 static bool trans_BRBS(DisasContext *ctx, arg_BRBS *a) 1499 { 1500 TCGLabel *not_taken = gen_new_label(); 1501 1502 TCGv var; 1503 1504 switch (a->bit) { 1505 case 0x00: 1506 var = cpu_Cf; 1507 break; 1508 case 0x01: 1509 var = cpu_Zf; 1510 break; 1511 case 0x02: 1512 var = cpu_Nf; 1513 break; 1514 case 0x03: 1515 var = cpu_Vf; 1516 break; 1517 case 0x04: 1518 var = cpu_Sf; 1519 break; 1520 case 0x05: 1521 var = cpu_Hf; 1522 break; 1523 case 0x06: 1524 var = cpu_Tf; 1525 break; 1526 case 0x07: 1527 var = cpu_If; 1528 break; 1529 default: 1530 g_assert_not_reached(); 1531 } 1532 1533 tcg_gen_brcondi_i32(TCG_COND_EQ, var, 0, not_taken); 1534 gen_goto_tb(ctx, 0, ctx->npc + a->imm); 1535 gen_set_label(not_taken); 1536 1537 ctx->base.is_jmp = DISAS_CHAIN; 1538 return true; 1539 } 1540 1541 /* 1542 * Data Transfer Instructions 1543 */ 1544 1545 /* 1546 * in the gen_set_addr & gen_get_addr functions 1547 * H assumed to be in 0x00ff0000 format 1548 * M assumed to be in 0x000000ff format 1549 * L assumed to be in 0x000000ff format 1550 */ 1551 static void gen_set_addr(TCGv addr, TCGv H, TCGv M, TCGv L) 1552 { 1553 1554 tcg_gen_andi_tl(L, addr, 0x000000ff); 1555 1556 tcg_gen_andi_tl(M, addr, 0x0000ff00); 1557 tcg_gen_shri_tl(M, M, 8); 1558 1559 tcg_gen_andi_tl(H, addr, 0x00ff0000); 1560 } 1561 1562 static void gen_set_xaddr(TCGv addr) 1563 { 1564 gen_set_addr(addr, cpu_rampX, cpu_r[27], cpu_r[26]); 1565 } 1566 1567 static void gen_set_yaddr(TCGv addr) 1568 { 1569 gen_set_addr(addr, cpu_rampY, cpu_r[29], cpu_r[28]); 1570 } 1571 1572 static void gen_set_zaddr(TCGv addr) 1573 { 1574 gen_set_addr(addr, cpu_rampZ, cpu_r[31], cpu_r[30]); 1575 } 1576 1577 static TCGv gen_get_addr(TCGv H, TCGv M, TCGv L) 1578 { 1579 TCGv addr = tcg_temp_new_i32(); 1580 1581 tcg_gen_deposit_tl(addr, M, H, 8, 8); 1582 tcg_gen_deposit_tl(addr, L, addr, 8, 16); 1583 1584 return addr; 1585 } 1586 1587 static TCGv gen_get_xaddr(void) 1588 { 1589 return gen_get_addr(cpu_rampX, cpu_r[27], cpu_r[26]); 1590 } 1591 1592 static TCGv gen_get_yaddr(void) 1593 { 1594 return gen_get_addr(cpu_rampY, cpu_r[29], cpu_r[28]); 1595 } 1596 1597 static TCGv gen_get_zaddr(void) 1598 { 1599 return gen_get_addr(cpu_rampZ, cpu_r[31], cpu_r[30]); 1600 } 1601 1602 /* 1603 * Load one byte indirect from data space to register and stores an clear 1604 * the bits in data space specified by the register. The instruction can only 1605 * be used towards internal SRAM. The data location is pointed to by the Z (16 1606 * bits) Pointer Register in the Register File. Memory access is limited to the 1607 * current data segment of 64KB. To access another data segment in devices with 1608 * more than 64KB data space, the RAMPZ in register in the I/O area has to be 1609 * changed. The Z-pointer Register is left unchanged by the operation. This 1610 * instruction is especially suited for clearing status bits stored in SRAM. 1611 */ 1612 static void gen_data_store(DisasContext *ctx, TCGv data, TCGv addr) 1613 { 1614 if (ctx->base.tb->flags & TB_FLAGS_FULL_ACCESS) { 1615 gen_helper_fullwr(cpu_env, data, addr); 1616 } else { 1617 tcg_gen_qemu_st8(data, addr, MMU_DATA_IDX); /* mem[addr] = data */ 1618 } 1619 } 1620 1621 static void gen_data_load(DisasContext *ctx, TCGv data, TCGv addr) 1622 { 1623 if (ctx->base.tb->flags & TB_FLAGS_FULL_ACCESS) { 1624 gen_helper_fullrd(data, cpu_env, addr); 1625 } else { 1626 tcg_gen_qemu_ld8u(data, addr, MMU_DATA_IDX); /* data = mem[addr] */ 1627 } 1628 } 1629 1630 /* 1631 * This instruction makes a copy of one register into another. The source 1632 * register Rr is left unchanged, while the destination register Rd is loaded 1633 * with a copy of Rr. 1634 */ 1635 static bool trans_MOV(DisasContext *ctx, arg_MOV *a) 1636 { 1637 TCGv Rd = cpu_r[a->rd]; 1638 TCGv Rr = cpu_r[a->rr]; 1639 1640 tcg_gen_mov_tl(Rd, Rr); 1641 1642 return true; 1643 } 1644 1645 /* 1646 * This instruction makes a copy of one register pair into another register 1647 * pair. The source register pair Rr+1:Rr is left unchanged, while the 1648 * destination register pair Rd+1:Rd is loaded with a copy of Rr + 1:Rr. This 1649 * instruction is not available in all devices. Refer to the device specific 1650 * instruction set summary. 1651 */ 1652 static bool trans_MOVW(DisasContext *ctx, arg_MOVW *a) 1653 { 1654 if (!avr_have_feature(ctx, AVR_FEATURE_MOVW)) { 1655 return true; 1656 } 1657 1658 TCGv RdL = cpu_r[a->rd]; 1659 TCGv RdH = cpu_r[a->rd + 1]; 1660 TCGv RrL = cpu_r[a->rr]; 1661 TCGv RrH = cpu_r[a->rr + 1]; 1662 1663 tcg_gen_mov_tl(RdH, RrH); 1664 tcg_gen_mov_tl(RdL, RrL); 1665 1666 return true; 1667 } 1668 1669 /* 1670 * Loads an 8 bit constant directly to register 16 to 31. 1671 */ 1672 static bool trans_LDI(DisasContext *ctx, arg_LDI *a) 1673 { 1674 TCGv Rd = cpu_r[a->rd]; 1675 int imm = a->imm; 1676 1677 tcg_gen_movi_tl(Rd, imm); 1678 1679 return true; 1680 } 1681 1682 /* 1683 * Loads one byte from the data space to a register. For parts with SRAM, 1684 * the data space consists of the Register File, I/O memory and internal SRAM 1685 * (and external SRAM if applicable). For parts without SRAM, the data space 1686 * consists of the register file only. The EEPROM has a separate address space. 1687 * A 16-bit address must be supplied. Memory access is limited to the current 1688 * data segment of 64KB. The LDS instruction uses the RAMPD Register to access 1689 * memory above 64KB. To access another data segment in devices with more than 1690 * 64KB data space, the RAMPD in register in the I/O area has to be changed. 1691 * This instruction is not available in all devices. Refer to the device 1692 * specific instruction set summary. 1693 */ 1694 static bool trans_LDS(DisasContext *ctx, arg_LDS *a) 1695 { 1696 TCGv Rd = cpu_r[a->rd]; 1697 TCGv addr = tcg_temp_new_i32(); 1698 TCGv H = cpu_rampD; 1699 a->imm = next_word(ctx); 1700 1701 tcg_gen_mov_tl(addr, H); /* addr = H:M:L */ 1702 tcg_gen_shli_tl(addr, addr, 16); 1703 tcg_gen_ori_tl(addr, addr, a->imm); 1704 1705 gen_data_load(ctx, Rd, addr); 1706 1707 tcg_temp_free_i32(addr); 1708 1709 return true; 1710 } 1711 1712 /* 1713 * Loads one byte indirect from the data space to a register. For parts 1714 * with SRAM, the data space consists of the Register File, I/O memory and 1715 * internal SRAM (and external SRAM if applicable). For parts without SRAM, the 1716 * data space consists of the Register File only. In some parts the Flash 1717 * Memory has been mapped to the data space and can be read using this command. 1718 * The EEPROM has a separate address space. The data location is pointed to by 1719 * the X (16 bits) Pointer Register in the Register File. Memory access is 1720 * limited to the current data segment of 64KB. To access another data segment 1721 * in devices with more than 64KB data space, the RAMPX in register in the I/O 1722 * area has to be changed. The X-pointer Register can either be left unchanged 1723 * by the operation, or it can be post-incremented or predecremented. These 1724 * features are especially suited for accessing arrays, tables, and Stack 1725 * Pointer usage of the X-pointer Register. Note that only the low byte of the 1726 * X-pointer is updated in devices with no more than 256 bytes data space. For 1727 * such devices, the high byte of the pointer is not used by this instruction 1728 * and can be used for other purposes. The RAMPX Register in the I/O area is 1729 * updated in parts with more than 64KB data space or more than 64KB Program 1730 * memory, and the increment/decrement is added to the entire 24-bit address on 1731 * such devices. Not all variants of this instruction is available in all 1732 * devices. Refer to the device specific instruction set summary. In the 1733 * Reduced Core tinyAVR the LD instruction can be used to achieve the same 1734 * operation as LPM since the program memory is mapped to the data memory 1735 * space. 1736 */ 1737 static bool trans_LDX1(DisasContext *ctx, arg_LDX1 *a) 1738 { 1739 TCGv Rd = cpu_r[a->rd]; 1740 TCGv addr = gen_get_xaddr(); 1741 1742 gen_data_load(ctx, Rd, addr); 1743 1744 tcg_temp_free_i32(addr); 1745 1746 return true; 1747 } 1748 1749 static bool trans_LDX2(DisasContext *ctx, arg_LDX2 *a) 1750 { 1751 TCGv Rd = cpu_r[a->rd]; 1752 TCGv addr = gen_get_xaddr(); 1753 1754 gen_data_load(ctx, Rd, addr); 1755 tcg_gen_addi_tl(addr, addr, 1); /* addr = addr + 1 */ 1756 1757 gen_set_xaddr(addr); 1758 1759 tcg_temp_free_i32(addr); 1760 1761 return true; 1762 } 1763 1764 static bool trans_LDX3(DisasContext *ctx, arg_LDX3 *a) 1765 { 1766 TCGv Rd = cpu_r[a->rd]; 1767 TCGv addr = gen_get_xaddr(); 1768 1769 tcg_gen_subi_tl(addr, addr, 1); /* addr = addr - 1 */ 1770 gen_data_load(ctx, Rd, addr); 1771 gen_set_xaddr(addr); 1772 1773 tcg_temp_free_i32(addr); 1774 1775 return true; 1776 } 1777 1778 /* 1779 * Loads one byte indirect with or without displacement from the data space 1780 * to a register. For parts with SRAM, the data space consists of the Register 1781 * File, I/O memory and internal SRAM (and external SRAM if applicable). For 1782 * parts without SRAM, the data space consists of the Register File only. In 1783 * some parts the Flash Memory has been mapped to the data space and can be 1784 * read using this command. The EEPROM has a separate address space. The data 1785 * location is pointed to by the Y (16 bits) Pointer Register in the Register 1786 * File. Memory access is limited to the current data segment of 64KB. To 1787 * access another data segment in devices with more than 64KB data space, the 1788 * RAMPY in register in the I/O area has to be changed. The Y-pointer Register 1789 * can either be left unchanged by the operation, or it can be post-incremented 1790 * or predecremented. These features are especially suited for accessing 1791 * arrays, tables, and Stack Pointer usage of the Y-pointer Register. Note that 1792 * only the low byte of the Y-pointer is updated in devices with no more than 1793 * 256 bytes data space. For such devices, the high byte of the pointer is not 1794 * used by this instruction and can be used for other purposes. The RAMPY 1795 * Register in the I/O area is updated in parts with more than 64KB data space 1796 * or more than 64KB Program memory, and the increment/decrement/displacement 1797 * is added to the entire 24-bit address on such devices. Not all variants of 1798 * this instruction is available in all devices. Refer to the device specific 1799 * instruction set summary. In the Reduced Core tinyAVR the LD instruction can 1800 * be used to achieve the same operation as LPM since the program memory is 1801 * mapped to the data memory space. 1802 */ 1803 static bool trans_LDY2(DisasContext *ctx, arg_LDY2 *a) 1804 { 1805 TCGv Rd = cpu_r[a->rd]; 1806 TCGv addr = gen_get_yaddr(); 1807 1808 gen_data_load(ctx, Rd, addr); 1809 tcg_gen_addi_tl(addr, addr, 1); /* addr = addr + 1 */ 1810 1811 gen_set_yaddr(addr); 1812 1813 tcg_temp_free_i32(addr); 1814 1815 return true; 1816 } 1817 1818 static bool trans_LDY3(DisasContext *ctx, arg_LDY3 *a) 1819 { 1820 TCGv Rd = cpu_r[a->rd]; 1821 TCGv addr = gen_get_yaddr(); 1822 1823 tcg_gen_subi_tl(addr, addr, 1); /* addr = addr - 1 */ 1824 gen_data_load(ctx, Rd, addr); 1825 gen_set_yaddr(addr); 1826 1827 tcg_temp_free_i32(addr); 1828 1829 return true; 1830 } 1831 1832 static bool trans_LDDY(DisasContext *ctx, arg_LDDY *a) 1833 { 1834 TCGv Rd = cpu_r[a->rd]; 1835 TCGv addr = gen_get_yaddr(); 1836 1837 tcg_gen_addi_tl(addr, addr, a->imm); /* addr = addr + q */ 1838 gen_data_load(ctx, Rd, addr); 1839 1840 tcg_temp_free_i32(addr); 1841 1842 return true; 1843 } 1844 1845 /* 1846 * Loads one byte indirect with or without displacement from the data space 1847 * to a register. For parts with SRAM, the data space consists of the Register 1848 * File, I/O memory and internal SRAM (and external SRAM if applicable). For 1849 * parts without SRAM, the data space consists of the Register File only. In 1850 * some parts the Flash Memory has been mapped to the data space and can be 1851 * read using this command. The EEPROM has a separate address space. The data 1852 * location is pointed to by the Z (16 bits) Pointer Register in the Register 1853 * File. Memory access is limited to the current data segment of 64KB. To 1854 * access another data segment in devices with more than 64KB data space, the 1855 * RAMPZ in register in the I/O area has to be changed. The Z-pointer Register 1856 * can either be left unchanged by the operation, or it can be post-incremented 1857 * or predecremented. These features are especially suited for Stack Pointer 1858 * usage of the Z-pointer Register, however because the Z-pointer Register can 1859 * be used for indirect subroutine calls, indirect jumps and table lookup, it 1860 * is often more convenient to use the X or Y-pointer as a dedicated Stack 1861 * Pointer. Note that only the low byte of the Z-pointer is updated in devices 1862 * with no more than 256 bytes data space. For such devices, the high byte of 1863 * the pointer is not used by this instruction and can be used for other 1864 * purposes. The RAMPZ Register in the I/O area is updated in parts with more 1865 * than 64KB data space or more than 64KB Program memory, and the 1866 * increment/decrement/displacement is added to the entire 24-bit address on 1867 * such devices. Not all variants of this instruction is available in all 1868 * devices. Refer to the device specific instruction set summary. In the 1869 * Reduced Core tinyAVR the LD instruction can be used to achieve the same 1870 * operation as LPM since the program memory is mapped to the data memory 1871 * space. For using the Z-pointer for table lookup in Program memory see the 1872 * LPM and ELPM instructions. 1873 */ 1874 static bool trans_LDZ2(DisasContext *ctx, arg_LDZ2 *a) 1875 { 1876 TCGv Rd = cpu_r[a->rd]; 1877 TCGv addr = gen_get_zaddr(); 1878 1879 gen_data_load(ctx, Rd, addr); 1880 tcg_gen_addi_tl(addr, addr, 1); /* addr = addr + 1 */ 1881 1882 gen_set_zaddr(addr); 1883 1884 tcg_temp_free_i32(addr); 1885 1886 return true; 1887 } 1888 1889 static bool trans_LDZ3(DisasContext *ctx, arg_LDZ3 *a) 1890 { 1891 TCGv Rd = cpu_r[a->rd]; 1892 TCGv addr = gen_get_zaddr(); 1893 1894 tcg_gen_subi_tl(addr, addr, 1); /* addr = addr - 1 */ 1895 gen_data_load(ctx, Rd, addr); 1896 1897 gen_set_zaddr(addr); 1898 1899 tcg_temp_free_i32(addr); 1900 1901 return true; 1902 } 1903 1904 static bool trans_LDDZ(DisasContext *ctx, arg_LDDZ *a) 1905 { 1906 TCGv Rd = cpu_r[a->rd]; 1907 TCGv addr = gen_get_zaddr(); 1908 1909 tcg_gen_addi_tl(addr, addr, a->imm); /* addr = addr + q */ 1910 gen_data_load(ctx, Rd, addr); 1911 1912 tcg_temp_free_i32(addr); 1913 1914 return true; 1915 } 1916 1917 /* 1918 * Stores one byte from a Register to the data space. For parts with SRAM, 1919 * the data space consists of the Register File, I/O memory and internal SRAM 1920 * (and external SRAM if applicable). For parts without SRAM, the data space 1921 * consists of the Register File only. The EEPROM has a separate address space. 1922 * A 16-bit address must be supplied. Memory access is limited to the current 1923 * data segment of 64KB. The STS instruction uses the RAMPD Register to access 1924 * memory above 64KB. To access another data segment in devices with more than 1925 * 64KB data space, the RAMPD in register in the I/O area has to be changed. 1926 * This instruction is not available in all devices. Refer to the device 1927 * specific instruction set summary. 1928 */ 1929 static bool trans_STS(DisasContext *ctx, arg_STS *a) 1930 { 1931 TCGv Rd = cpu_r[a->rd]; 1932 TCGv addr = tcg_temp_new_i32(); 1933 TCGv H = cpu_rampD; 1934 a->imm = next_word(ctx); 1935 1936 tcg_gen_mov_tl(addr, H); /* addr = H:M:L */ 1937 tcg_gen_shli_tl(addr, addr, 16); 1938 tcg_gen_ori_tl(addr, addr, a->imm); 1939 gen_data_store(ctx, Rd, addr); 1940 1941 tcg_temp_free_i32(addr); 1942 1943 return true; 1944 } 1945 1946 /* 1947 * Stores one byte indirect from a register to data space. For parts with SRAM, 1948 * the data space consists of the Register File, I/O memory, and internal SRAM 1949 * (and external SRAM if applicable). For parts without SRAM, the data space 1950 * consists of the Register File only. The EEPROM has a separate address space. 1951 * 1952 * The data location is pointed to by the X (16 bits) Pointer Register in the 1953 * Register File. Memory access is limited to the current data segment of 64KB. 1954 * To access another data segment in devices with more than 64KB data space, the 1955 * RAMPX in register in the I/O area has to be changed. 1956 * 1957 * The X-pointer Register can either be left unchanged by the operation, or it 1958 * can be post-incremented or pre-decremented. These features are especially 1959 * suited for accessing arrays, tables, and Stack Pointer usage of the 1960 * X-pointer Register. Note that only the low byte of the X-pointer is updated 1961 * in devices with no more than 256 bytes data space. For such devices, the high 1962 * byte of the pointer is not used by this instruction and can be used for other 1963 * purposes. The RAMPX Register in the I/O area is updated in parts with more 1964 * than 64KB data space or more than 64KB Program memory, and the increment / 1965 * decrement is added to the entire 24-bit address on such devices. 1966 */ 1967 static bool trans_STX1(DisasContext *ctx, arg_STX1 *a) 1968 { 1969 TCGv Rd = cpu_r[a->rr]; 1970 TCGv addr = gen_get_xaddr(); 1971 1972 gen_data_store(ctx, Rd, addr); 1973 1974 tcg_temp_free_i32(addr); 1975 1976 return true; 1977 } 1978 1979 static bool trans_STX2(DisasContext *ctx, arg_STX2 *a) 1980 { 1981 TCGv Rd = cpu_r[a->rr]; 1982 TCGv addr = gen_get_xaddr(); 1983 1984 gen_data_store(ctx, Rd, addr); 1985 tcg_gen_addi_tl(addr, addr, 1); /* addr = addr + 1 */ 1986 gen_set_xaddr(addr); 1987 1988 tcg_temp_free_i32(addr); 1989 1990 return true; 1991 } 1992 1993 static bool trans_STX3(DisasContext *ctx, arg_STX3 *a) 1994 { 1995 TCGv Rd = cpu_r[a->rr]; 1996 TCGv addr = gen_get_xaddr(); 1997 1998 tcg_gen_subi_tl(addr, addr, 1); /* addr = addr - 1 */ 1999 gen_data_store(ctx, Rd, addr); 2000 gen_set_xaddr(addr); 2001 2002 tcg_temp_free_i32(addr); 2003 2004 return true; 2005 } 2006 2007 /* 2008 * Stores one byte indirect with or without displacement from a register to data 2009 * space. For parts with SRAM, the data space consists of the Register File, I/O 2010 * memory, and internal SRAM (and external SRAM if applicable). For parts 2011 * without SRAM, the data space consists of the Register File only. The EEPROM 2012 * has a separate address space. 2013 * 2014 * The data location is pointed to by the Y (16 bits) Pointer Register in the 2015 * Register File. Memory access is limited to the current data segment of 64KB. 2016 * To access another data segment in devices with more than 64KB data space, the 2017 * RAMPY in register in the I/O area has to be changed. 2018 * 2019 * The Y-pointer Register can either be left unchanged by the operation, or it 2020 * can be post-incremented or pre-decremented. These features are especially 2021 * suited for accessing arrays, tables, and Stack Pointer usage of the Y-pointer 2022 * Register. Note that only the low byte of the Y-pointer is updated in devices 2023 * with no more than 256 bytes data space. For such devices, the high byte of 2024 * the pointer is not used by this instruction and can be used for other 2025 * purposes. The RAMPY Register in the I/O area is updated in parts with more 2026 * than 64KB data space or more than 64KB Program memory, and the increment / 2027 * decrement / displacement is added to the entire 24-bit address on such 2028 * devices. 2029 */ 2030 static bool trans_STY2(DisasContext *ctx, arg_STY2 *a) 2031 { 2032 TCGv Rd = cpu_r[a->rd]; 2033 TCGv addr = gen_get_yaddr(); 2034 2035 gen_data_store(ctx, Rd, addr); 2036 tcg_gen_addi_tl(addr, addr, 1); /* addr = addr + 1 */ 2037 gen_set_yaddr(addr); 2038 2039 tcg_temp_free_i32(addr); 2040 2041 return true; 2042 } 2043 2044 static bool trans_STY3(DisasContext *ctx, arg_STY3 *a) 2045 { 2046 TCGv Rd = cpu_r[a->rd]; 2047 TCGv addr = gen_get_yaddr(); 2048 2049 tcg_gen_subi_tl(addr, addr, 1); /* addr = addr - 1 */ 2050 gen_data_store(ctx, Rd, addr); 2051 gen_set_yaddr(addr); 2052 2053 tcg_temp_free_i32(addr); 2054 2055 return true; 2056 } 2057 2058 static bool trans_STDY(DisasContext *ctx, arg_STDY *a) 2059 { 2060 TCGv Rd = cpu_r[a->rd]; 2061 TCGv addr = gen_get_yaddr(); 2062 2063 tcg_gen_addi_tl(addr, addr, a->imm); /* addr = addr + q */ 2064 gen_data_store(ctx, Rd, addr); 2065 2066 tcg_temp_free_i32(addr); 2067 2068 return true; 2069 } 2070 2071 /* 2072 * Stores one byte indirect with or without displacement from a register to data 2073 * space. For parts with SRAM, the data space consists of the Register File, I/O 2074 * memory, and internal SRAM (and external SRAM if applicable). For parts 2075 * without SRAM, the data space consists of the Register File only. The EEPROM 2076 * has a separate address space. 2077 * 2078 * The data location is pointed to by the Y (16 bits) Pointer Register in the 2079 * Register File. Memory access is limited to the current data segment of 64KB. 2080 * To access another data segment in devices with more than 64KB data space, the 2081 * RAMPY in register in the I/O area has to be changed. 2082 * 2083 * The Y-pointer Register can either be left unchanged by the operation, or it 2084 * can be post-incremented or pre-decremented. These features are especially 2085 * suited for accessing arrays, tables, and Stack Pointer usage of the Y-pointer 2086 * Register. Note that only the low byte of the Y-pointer is updated in devices 2087 * with no more than 256 bytes data space. For such devices, the high byte of 2088 * the pointer is not used by this instruction and can be used for other 2089 * purposes. The RAMPY Register in the I/O area is updated in parts with more 2090 * than 64KB data space or more than 64KB Program memory, and the increment / 2091 * decrement / displacement is added to the entire 24-bit address on such 2092 * devices. 2093 */ 2094 static bool trans_STZ2(DisasContext *ctx, arg_STZ2 *a) 2095 { 2096 TCGv Rd = cpu_r[a->rd]; 2097 TCGv addr = gen_get_zaddr(); 2098 2099 gen_data_store(ctx, Rd, addr); 2100 tcg_gen_addi_tl(addr, addr, 1); /* addr = addr + 1 */ 2101 2102 gen_set_zaddr(addr); 2103 2104 tcg_temp_free_i32(addr); 2105 2106 return true; 2107 } 2108 2109 static bool trans_STZ3(DisasContext *ctx, arg_STZ3 *a) 2110 { 2111 TCGv Rd = cpu_r[a->rd]; 2112 TCGv addr = gen_get_zaddr(); 2113 2114 tcg_gen_subi_tl(addr, addr, 1); /* addr = addr - 1 */ 2115 gen_data_store(ctx, Rd, addr); 2116 2117 gen_set_zaddr(addr); 2118 2119 tcg_temp_free_i32(addr); 2120 2121 return true; 2122 } 2123 2124 static bool trans_STDZ(DisasContext *ctx, arg_STDZ *a) 2125 { 2126 TCGv Rd = cpu_r[a->rd]; 2127 TCGv addr = gen_get_zaddr(); 2128 2129 tcg_gen_addi_tl(addr, addr, a->imm); /* addr = addr + q */ 2130 gen_data_store(ctx, Rd, addr); 2131 2132 tcg_temp_free_i32(addr); 2133 2134 return true; 2135 } 2136 2137 /* 2138 * Loads one byte pointed to by the Z-register into the destination 2139 * register Rd. This instruction features a 100% space effective constant 2140 * initialization or constant data fetch. The Program memory is organized in 2141 * 16-bit words while the Z-pointer is a byte address. Thus, the least 2142 * significant bit of the Z-pointer selects either low byte (ZLSB = 0) or high 2143 * byte (ZLSB = 1). This instruction can address the first 64KB (32K words) of 2144 * Program memory. The Zpointer Register can either be left unchanged by the 2145 * operation, or it can be incremented. The incrementation does not apply to 2146 * the RAMPZ Register. 2147 * 2148 * Devices with Self-Programming capability can use the LPM instruction to read 2149 * the Fuse and Lock bit values. 2150 */ 2151 static bool trans_LPM1(DisasContext *ctx, arg_LPM1 *a) 2152 { 2153 if (!avr_have_feature(ctx, AVR_FEATURE_LPM)) { 2154 return true; 2155 } 2156 2157 TCGv Rd = cpu_r[0]; 2158 TCGv addr = tcg_temp_new_i32(); 2159 TCGv H = cpu_r[31]; 2160 TCGv L = cpu_r[30]; 2161 2162 tcg_gen_shli_tl(addr, H, 8); /* addr = H:L */ 2163 tcg_gen_or_tl(addr, addr, L); 2164 tcg_gen_qemu_ld8u(Rd, addr, MMU_CODE_IDX); /* Rd = mem[addr] */ 2165 2166 tcg_temp_free_i32(addr); 2167 2168 return true; 2169 } 2170 2171 static bool trans_LPM2(DisasContext *ctx, arg_LPM2 *a) 2172 { 2173 if (!avr_have_feature(ctx, AVR_FEATURE_LPM)) { 2174 return true; 2175 } 2176 2177 TCGv Rd = cpu_r[a->rd]; 2178 TCGv addr = tcg_temp_new_i32(); 2179 TCGv H = cpu_r[31]; 2180 TCGv L = cpu_r[30]; 2181 2182 tcg_gen_shli_tl(addr, H, 8); /* addr = H:L */ 2183 tcg_gen_or_tl(addr, addr, L); 2184 tcg_gen_qemu_ld8u(Rd, addr, MMU_CODE_IDX); /* Rd = mem[addr] */ 2185 2186 tcg_temp_free_i32(addr); 2187 2188 return true; 2189 } 2190 2191 static bool trans_LPMX(DisasContext *ctx, arg_LPMX *a) 2192 { 2193 if (!avr_have_feature(ctx, AVR_FEATURE_LPMX)) { 2194 return true; 2195 } 2196 2197 TCGv Rd = cpu_r[a->rd]; 2198 TCGv addr = tcg_temp_new_i32(); 2199 TCGv H = cpu_r[31]; 2200 TCGv L = cpu_r[30]; 2201 2202 tcg_gen_shli_tl(addr, H, 8); /* addr = H:L */ 2203 tcg_gen_or_tl(addr, addr, L); 2204 tcg_gen_qemu_ld8u(Rd, addr, MMU_CODE_IDX); /* Rd = mem[addr] */ 2205 tcg_gen_addi_tl(addr, addr, 1); /* addr = addr + 1 */ 2206 tcg_gen_andi_tl(L, addr, 0xff); 2207 tcg_gen_shri_tl(addr, addr, 8); 2208 tcg_gen_andi_tl(H, addr, 0xff); 2209 2210 tcg_temp_free_i32(addr); 2211 2212 return true; 2213 } 2214 2215 /* 2216 * Loads one byte pointed to by the Z-register and the RAMPZ Register in 2217 * the I/O space, and places this byte in the destination register Rd. This 2218 * instruction features a 100% space effective constant initialization or 2219 * constant data fetch. The Program memory is organized in 16-bit words while 2220 * the Z-pointer is a byte address. Thus, the least significant bit of the 2221 * Z-pointer selects either low byte (ZLSB = 0) or high byte (ZLSB = 1). This 2222 * instruction can address the entire Program memory space. The Z-pointer 2223 * Register can either be left unchanged by the operation, or it can be 2224 * incremented. The incrementation applies to the entire 24-bit concatenation 2225 * of the RAMPZ and Z-pointer Registers. 2226 * 2227 * Devices with Self-Programming capability can use the ELPM instruction to 2228 * read the Fuse and Lock bit value. 2229 */ 2230 static bool trans_ELPM1(DisasContext *ctx, arg_ELPM1 *a) 2231 { 2232 if (!avr_have_feature(ctx, AVR_FEATURE_ELPM)) { 2233 return true; 2234 } 2235 2236 TCGv Rd = cpu_r[0]; 2237 TCGv addr = gen_get_zaddr(); 2238 2239 tcg_gen_qemu_ld8u(Rd, addr, MMU_CODE_IDX); /* Rd = mem[addr] */ 2240 2241 tcg_temp_free_i32(addr); 2242 2243 return true; 2244 } 2245 2246 static bool trans_ELPM2(DisasContext *ctx, arg_ELPM2 *a) 2247 { 2248 if (!avr_have_feature(ctx, AVR_FEATURE_ELPM)) { 2249 return true; 2250 } 2251 2252 TCGv Rd = cpu_r[a->rd]; 2253 TCGv addr = gen_get_zaddr(); 2254 2255 tcg_gen_qemu_ld8u(Rd, addr, MMU_CODE_IDX); /* Rd = mem[addr] */ 2256 2257 tcg_temp_free_i32(addr); 2258 2259 return true; 2260 } 2261 2262 static bool trans_ELPMX(DisasContext *ctx, arg_ELPMX *a) 2263 { 2264 if (!avr_have_feature(ctx, AVR_FEATURE_ELPMX)) { 2265 return true; 2266 } 2267 2268 TCGv Rd = cpu_r[a->rd]; 2269 TCGv addr = gen_get_zaddr(); 2270 2271 tcg_gen_qemu_ld8u(Rd, addr, MMU_CODE_IDX); /* Rd = mem[addr] */ 2272 tcg_gen_addi_tl(addr, addr, 1); /* addr = addr + 1 */ 2273 gen_set_zaddr(addr); 2274 2275 tcg_temp_free_i32(addr); 2276 2277 return true; 2278 } 2279 2280 /* 2281 * SPM can be used to erase a page in the Program memory, to write a page 2282 * in the Program memory (that is already erased), and to set Boot Loader Lock 2283 * bits. In some devices, the Program memory can be written one word at a time, 2284 * in other devices an entire page can be programmed simultaneously after first 2285 * filling a temporary page buffer. In all cases, the Program memory must be 2286 * erased one page at a time. When erasing the Program memory, the RAMPZ and 2287 * Z-register are used as page address. When writing the Program memory, the 2288 * RAMPZ and Z-register are used as page or word address, and the R1:R0 2289 * register pair is used as data(1). When setting the Boot Loader Lock bits, 2290 * the R1:R0 register pair is used as data. Refer to the device documentation 2291 * for detailed description of SPM usage. This instruction can address the 2292 * entire Program memory. 2293 * 2294 * The SPM instruction is not available in all devices. Refer to the device 2295 * specific instruction set summary. 2296 * 2297 * Note: 1. R1 determines the instruction high byte, and R0 determines the 2298 * instruction low byte. 2299 */ 2300 static bool trans_SPM(DisasContext *ctx, arg_SPM *a) 2301 { 2302 /* TODO */ 2303 if (!avr_have_feature(ctx, AVR_FEATURE_SPM)) { 2304 return true; 2305 } 2306 2307 return true; 2308 } 2309 2310 static bool trans_SPMX(DisasContext *ctx, arg_SPMX *a) 2311 { 2312 /* TODO */ 2313 if (!avr_have_feature(ctx, AVR_FEATURE_SPMX)) { 2314 return true; 2315 } 2316 2317 return true; 2318 } 2319 2320 /* 2321 * Loads data from the I/O Space (Ports, Timers, Configuration Registers, 2322 * etc.) into register Rd in the Register File. 2323 */ 2324 static bool trans_IN(DisasContext *ctx, arg_IN *a) 2325 { 2326 TCGv Rd = cpu_r[a->rd]; 2327 TCGv port = tcg_const_i32(a->imm); 2328 2329 gen_helper_inb(Rd, cpu_env, port); 2330 2331 tcg_temp_free_i32(port); 2332 2333 return true; 2334 } 2335 2336 /* 2337 * Stores data from register Rr in the Register File to I/O Space (Ports, 2338 * Timers, Configuration Registers, etc.). 2339 */ 2340 static bool trans_OUT(DisasContext *ctx, arg_OUT *a) 2341 { 2342 TCGv Rd = cpu_r[a->rd]; 2343 TCGv port = tcg_const_i32(a->imm); 2344 2345 gen_helper_outb(cpu_env, port, Rd); 2346 2347 tcg_temp_free_i32(port); 2348 2349 return true; 2350 } 2351 2352 /* 2353 * This instruction stores the contents of register Rr on the STACK. The 2354 * Stack Pointer is post-decremented by 1 after the PUSH. This instruction is 2355 * not available in all devices. Refer to the device specific instruction set 2356 * summary. 2357 */ 2358 static bool trans_PUSH(DisasContext *ctx, arg_PUSH *a) 2359 { 2360 TCGv Rd = cpu_r[a->rd]; 2361 2362 gen_data_store(ctx, Rd, cpu_sp); 2363 tcg_gen_subi_tl(cpu_sp, cpu_sp, 1); 2364 2365 return true; 2366 } 2367 2368 /* 2369 * This instruction loads register Rd with a byte from the STACK. The Stack 2370 * Pointer is pre-incremented by 1 before the POP. This instruction is not 2371 * available in all devices. Refer to the device specific instruction set 2372 * summary. 2373 */ 2374 static bool trans_POP(DisasContext *ctx, arg_POP *a) 2375 { 2376 /* 2377 * Using a temp to work around some strange behaviour: 2378 * tcg_gen_addi_tl(cpu_sp, cpu_sp, 1); 2379 * gen_data_load(ctx, Rd, cpu_sp); 2380 * seems to cause the add to happen twice. 2381 * This doesn't happen if either the add or the load is removed. 2382 */ 2383 TCGv t1 = tcg_temp_new_i32(); 2384 TCGv Rd = cpu_r[a->rd]; 2385 2386 tcg_gen_addi_tl(t1, cpu_sp, 1); 2387 gen_data_load(ctx, Rd, t1); 2388 tcg_gen_mov_tl(cpu_sp, t1); 2389 2390 return true; 2391 } 2392 2393 /* 2394 * Exchanges one byte indirect between register and data space. The data 2395 * location is pointed to by the Z (16 bits) Pointer Register in the Register 2396 * File. Memory access is limited to the current data segment of 64KB. To 2397 * access another data segment in devices with more than 64KB data space, the 2398 * RAMPZ in register in the I/O area has to be changed. 2399 * 2400 * The Z-pointer Register is left unchanged by the operation. This instruction 2401 * is especially suited for writing/reading status bits stored in SRAM. 2402 */ 2403 static bool trans_XCH(DisasContext *ctx, arg_XCH *a) 2404 { 2405 if (!avr_have_feature(ctx, AVR_FEATURE_RMW)) { 2406 return true; 2407 } 2408 2409 TCGv Rd = cpu_r[a->rd]; 2410 TCGv t0 = tcg_temp_new_i32(); 2411 TCGv addr = gen_get_zaddr(); 2412 2413 gen_data_load(ctx, t0, addr); 2414 gen_data_store(ctx, Rd, addr); 2415 tcg_gen_mov_tl(Rd, t0); 2416 2417 tcg_temp_free_i32(t0); 2418 tcg_temp_free_i32(addr); 2419 2420 return true; 2421 } 2422 2423 /* 2424 * Load one byte indirect from data space to register and set bits in data 2425 * space specified by the register. The instruction can only be used towards 2426 * internal SRAM. The data location is pointed to by the Z (16 bits) Pointer 2427 * Register in the Register File. Memory access is limited to the current data 2428 * segment of 64KB. To access another data segment in devices with more than 2429 * 64KB data space, the RAMPZ in register in the I/O area has to be changed. 2430 * 2431 * The Z-pointer Register is left unchanged by the operation. This instruction 2432 * is especially suited for setting status bits stored in SRAM. 2433 */ 2434 static bool trans_LAS(DisasContext *ctx, arg_LAS *a) 2435 { 2436 if (!avr_have_feature(ctx, AVR_FEATURE_RMW)) { 2437 return true; 2438 } 2439 2440 TCGv Rr = cpu_r[a->rd]; 2441 TCGv addr = gen_get_zaddr(); 2442 TCGv t0 = tcg_temp_new_i32(); 2443 TCGv t1 = tcg_temp_new_i32(); 2444 2445 gen_data_load(ctx, t0, addr); /* t0 = mem[addr] */ 2446 tcg_gen_or_tl(t1, t0, Rr); 2447 tcg_gen_mov_tl(Rr, t0); /* Rr = t0 */ 2448 gen_data_store(ctx, t1, addr); /* mem[addr] = t1 */ 2449 2450 tcg_temp_free_i32(t1); 2451 tcg_temp_free_i32(t0); 2452 tcg_temp_free_i32(addr); 2453 2454 return true; 2455 } 2456 2457 /* 2458 * Load one byte indirect from data space to register and stores and clear 2459 * the bits in data space specified by the register. The instruction can 2460 * only be used towards internal SRAM. The data location is pointed to by 2461 * the Z (16 bits) Pointer Register in the Register File. Memory access is 2462 * limited to the current data segment of 64KB. To access another data 2463 * segment in devices with more than 64KB data space, the RAMPZ in register 2464 * in the I/O area has to be changed. 2465 * 2466 * The Z-pointer Register is left unchanged by the operation. This instruction 2467 * is especially suited for clearing status bits stored in SRAM. 2468 */ 2469 static bool trans_LAC(DisasContext *ctx, arg_LAC *a) 2470 { 2471 if (!avr_have_feature(ctx, AVR_FEATURE_RMW)) { 2472 return true; 2473 } 2474 2475 TCGv Rr = cpu_r[a->rd]; 2476 TCGv addr = gen_get_zaddr(); 2477 TCGv t0 = tcg_temp_new_i32(); 2478 TCGv t1 = tcg_temp_new_i32(); 2479 2480 gen_data_load(ctx, t0, addr); /* t0 = mem[addr] */ 2481 tcg_gen_andc_tl(t1, t0, Rr); /* t1 = t0 & (0xff - Rr) = t0 & ~Rr */ 2482 tcg_gen_mov_tl(Rr, t0); /* Rr = t0 */ 2483 gen_data_store(ctx, t1, addr); /* mem[addr] = t1 */ 2484 2485 tcg_temp_free_i32(t1); 2486 tcg_temp_free_i32(t0); 2487 tcg_temp_free_i32(addr); 2488 2489 return true; 2490 } 2491 2492 2493 /* 2494 * Load one byte indirect from data space to register and toggles bits in 2495 * the data space specified by the register. The instruction can only be used 2496 * towards SRAM. The data location is pointed to by the Z (16 bits) Pointer 2497 * Register in the Register File. Memory access is limited to the current data 2498 * segment of 64KB. To access another data segment in devices with more than 2499 * 64KB data space, the RAMPZ in register in the I/O area has to be changed. 2500 * 2501 * The Z-pointer Register is left unchanged by the operation. This instruction 2502 * is especially suited for changing status bits stored in SRAM. 2503 */ 2504 static bool trans_LAT(DisasContext *ctx, arg_LAT *a) 2505 { 2506 if (!avr_have_feature(ctx, AVR_FEATURE_RMW)) { 2507 return true; 2508 } 2509 2510 TCGv Rd = cpu_r[a->rd]; 2511 TCGv addr = gen_get_zaddr(); 2512 TCGv t0 = tcg_temp_new_i32(); 2513 TCGv t1 = tcg_temp_new_i32(); 2514 2515 gen_data_load(ctx, t0, addr); /* t0 = mem[addr] */ 2516 tcg_gen_xor_tl(t1, t0, Rd); 2517 tcg_gen_mov_tl(Rd, t0); /* Rd = t0 */ 2518 gen_data_store(ctx, t1, addr); /* mem[addr] = t1 */ 2519 2520 tcg_temp_free_i32(t1); 2521 tcg_temp_free_i32(t0); 2522 tcg_temp_free_i32(addr); 2523 2524 return true; 2525 } 2526 2527 /* 2528 * Bit and Bit-test Instructions 2529 */ 2530 static void gen_rshift_ZNVSf(TCGv R) 2531 { 2532 tcg_gen_setcondi_tl(TCG_COND_EQ, cpu_Zf, R, 0); /* Zf = R == 0 */ 2533 tcg_gen_shri_tl(cpu_Nf, R, 7); /* Nf = R(7) */ 2534 tcg_gen_xor_tl(cpu_Vf, cpu_Nf, cpu_Cf); 2535 tcg_gen_xor_tl(cpu_Sf, cpu_Nf, cpu_Vf); /* Sf = Nf ^ Vf */ 2536 } 2537 2538 /* 2539 * Shifts all bits in Rd one place to the right. Bit 7 is cleared. Bit 0 is 2540 * loaded into the C Flag of the SREG. This operation effectively divides an 2541 * unsigned value by two. The C Flag can be used to round the result. 2542 */ 2543 static bool trans_LSR(DisasContext *ctx, arg_LSR *a) 2544 { 2545 TCGv Rd = cpu_r[a->rd]; 2546 2547 tcg_gen_andi_tl(cpu_Cf, Rd, 1); 2548 tcg_gen_shri_tl(Rd, Rd, 1); 2549 2550 /* update status register */ 2551 tcg_gen_setcondi_tl(TCG_COND_EQ, cpu_Zf, Rd, 0); /* Zf = Rd == 0 */ 2552 tcg_gen_movi_tl(cpu_Nf, 0); 2553 tcg_gen_mov_tl(cpu_Vf, cpu_Cf); 2554 tcg_gen_mov_tl(cpu_Sf, cpu_Vf); 2555 2556 return true; 2557 } 2558 2559 /* 2560 * Shifts all bits in Rd one place to the right. The C Flag is shifted into 2561 * bit 7 of Rd. Bit 0 is shifted into the C Flag. This operation, combined 2562 * with ASR, effectively divides multi-byte signed values by two. Combined with 2563 * LSR it effectively divides multi-byte unsigned values by two. The Carry Flag 2564 * can be used to round the result. 2565 */ 2566 static bool trans_ROR(DisasContext *ctx, arg_ROR *a) 2567 { 2568 TCGv Rd = cpu_r[a->rd]; 2569 TCGv t0 = tcg_temp_new_i32(); 2570 2571 tcg_gen_shli_tl(t0, cpu_Cf, 7); 2572 2573 /* update status register */ 2574 tcg_gen_andi_tl(cpu_Cf, Rd, 1); 2575 2576 /* update output register */ 2577 tcg_gen_shri_tl(Rd, Rd, 1); 2578 tcg_gen_or_tl(Rd, Rd, t0); 2579 2580 /* update status register */ 2581 gen_rshift_ZNVSf(Rd); 2582 2583 tcg_temp_free_i32(t0); 2584 2585 return true; 2586 } 2587 2588 /* 2589 * Shifts all bits in Rd one place to the right. Bit 7 is held constant. Bit 0 2590 * is loaded into the C Flag of the SREG. This operation effectively divides a 2591 * signed value by two without changing its sign. The Carry Flag can be used to 2592 * round the result. 2593 */ 2594 static bool trans_ASR(DisasContext *ctx, arg_ASR *a) 2595 { 2596 TCGv Rd = cpu_r[a->rd]; 2597 TCGv t0 = tcg_temp_new_i32(); 2598 2599 /* update status register */ 2600 tcg_gen_andi_tl(cpu_Cf, Rd, 1); /* Cf = Rd(0) */ 2601 2602 /* update output register */ 2603 tcg_gen_andi_tl(t0, Rd, 0x80); /* Rd = (Rd & 0x80) | (Rd >> 1) */ 2604 tcg_gen_shri_tl(Rd, Rd, 1); 2605 tcg_gen_or_tl(Rd, Rd, t0); 2606 2607 /* update status register */ 2608 gen_rshift_ZNVSf(Rd); 2609 2610 tcg_temp_free_i32(t0); 2611 2612 return true; 2613 } 2614 2615 /* 2616 * Swaps high and low nibbles in a register. 2617 */ 2618 static bool trans_SWAP(DisasContext *ctx, arg_SWAP *a) 2619 { 2620 TCGv Rd = cpu_r[a->rd]; 2621 TCGv t0 = tcg_temp_new_i32(); 2622 TCGv t1 = tcg_temp_new_i32(); 2623 2624 tcg_gen_andi_tl(t0, Rd, 0x0f); 2625 tcg_gen_shli_tl(t0, t0, 4); 2626 tcg_gen_andi_tl(t1, Rd, 0xf0); 2627 tcg_gen_shri_tl(t1, t1, 4); 2628 tcg_gen_or_tl(Rd, t0, t1); 2629 2630 tcg_temp_free_i32(t1); 2631 tcg_temp_free_i32(t0); 2632 2633 return true; 2634 } 2635 2636 /* 2637 * Sets a specified bit in an I/O Register. This instruction operates on 2638 * the lower 32 I/O Registers -- addresses 0-31. 2639 */ 2640 static bool trans_SBI(DisasContext *ctx, arg_SBI *a) 2641 { 2642 TCGv data = tcg_temp_new_i32(); 2643 TCGv port = tcg_const_i32(a->reg); 2644 2645 gen_helper_inb(data, cpu_env, port); 2646 tcg_gen_ori_tl(data, data, 1 << a->bit); 2647 gen_helper_outb(cpu_env, port, data); 2648 2649 tcg_temp_free_i32(port); 2650 tcg_temp_free_i32(data); 2651 2652 return true; 2653 } 2654 2655 /* 2656 * Clears a specified bit in an I/O Register. This instruction operates on 2657 * the lower 32 I/O Registers -- addresses 0-31. 2658 */ 2659 static bool trans_CBI(DisasContext *ctx, arg_CBI *a) 2660 { 2661 TCGv data = tcg_temp_new_i32(); 2662 TCGv port = tcg_const_i32(a->reg); 2663 2664 gen_helper_inb(data, cpu_env, port); 2665 tcg_gen_andi_tl(data, data, ~(1 << a->bit)); 2666 gen_helper_outb(cpu_env, port, data); 2667 2668 tcg_temp_free_i32(data); 2669 tcg_temp_free_i32(port); 2670 2671 return true; 2672 } 2673 2674 /* 2675 * Stores bit b from Rd to the T Flag in SREG (Status Register). 2676 */ 2677 static bool trans_BST(DisasContext *ctx, arg_BST *a) 2678 { 2679 TCGv Rd = cpu_r[a->rd]; 2680 2681 tcg_gen_andi_tl(cpu_Tf, Rd, 1 << a->bit); 2682 tcg_gen_shri_tl(cpu_Tf, cpu_Tf, a->bit); 2683 2684 return true; 2685 } 2686 2687 /* 2688 * Copies the T Flag in the SREG (Status Register) to bit b in register Rd. 2689 */ 2690 static bool trans_BLD(DisasContext *ctx, arg_BLD *a) 2691 { 2692 TCGv Rd = cpu_r[a->rd]; 2693 TCGv t1 = tcg_temp_new_i32(); 2694 2695 tcg_gen_andi_tl(Rd, Rd, ~(1u << a->bit)); /* clear bit */ 2696 tcg_gen_shli_tl(t1, cpu_Tf, a->bit); /* create mask */ 2697 tcg_gen_or_tl(Rd, Rd, t1); 2698 2699 tcg_temp_free_i32(t1); 2700 2701 return true; 2702 } 2703 2704 /* 2705 * Sets a single Flag or bit in SREG. 2706 */ 2707 static bool trans_BSET(DisasContext *ctx, arg_BSET *a) 2708 { 2709 switch (a->bit) { 2710 case 0x00: 2711 tcg_gen_movi_tl(cpu_Cf, 0x01); 2712 break; 2713 case 0x01: 2714 tcg_gen_movi_tl(cpu_Zf, 0x01); 2715 break; 2716 case 0x02: 2717 tcg_gen_movi_tl(cpu_Nf, 0x01); 2718 break; 2719 case 0x03: 2720 tcg_gen_movi_tl(cpu_Vf, 0x01); 2721 break; 2722 case 0x04: 2723 tcg_gen_movi_tl(cpu_Sf, 0x01); 2724 break; 2725 case 0x05: 2726 tcg_gen_movi_tl(cpu_Hf, 0x01); 2727 break; 2728 case 0x06: 2729 tcg_gen_movi_tl(cpu_Tf, 0x01); 2730 break; 2731 case 0x07: 2732 tcg_gen_movi_tl(cpu_If, 0x01); 2733 break; 2734 } 2735 2736 return true; 2737 } 2738 2739 /* 2740 * Clears a single Flag in SREG. 2741 */ 2742 static bool trans_BCLR(DisasContext *ctx, arg_BCLR *a) 2743 { 2744 switch (a->bit) { 2745 case 0x00: 2746 tcg_gen_movi_tl(cpu_Cf, 0x00); 2747 break; 2748 case 0x01: 2749 tcg_gen_movi_tl(cpu_Zf, 0x00); 2750 break; 2751 case 0x02: 2752 tcg_gen_movi_tl(cpu_Nf, 0x00); 2753 break; 2754 case 0x03: 2755 tcg_gen_movi_tl(cpu_Vf, 0x00); 2756 break; 2757 case 0x04: 2758 tcg_gen_movi_tl(cpu_Sf, 0x00); 2759 break; 2760 case 0x05: 2761 tcg_gen_movi_tl(cpu_Hf, 0x00); 2762 break; 2763 case 0x06: 2764 tcg_gen_movi_tl(cpu_Tf, 0x00); 2765 break; 2766 case 0x07: 2767 tcg_gen_movi_tl(cpu_If, 0x00); 2768 break; 2769 } 2770 2771 return true; 2772 } 2773 2774 /* 2775 * MCU Control Instructions 2776 */ 2777 2778 /* 2779 * The BREAK instruction is used by the On-chip Debug system, and is 2780 * normally not used in the application software. When the BREAK instruction is 2781 * executed, the AVR CPU is set in the Stopped Mode. This gives the On-chip 2782 * Debugger access to internal resources. If any Lock bits are set, or either 2783 * the JTAGEN or OCDEN Fuses are unprogrammed, the CPU will treat the BREAK 2784 * instruction as a NOP and will not enter the Stopped mode. This instruction 2785 * is not available in all devices. Refer to the device specific instruction 2786 * set summary. 2787 */ 2788 static bool trans_BREAK(DisasContext *ctx, arg_BREAK *a) 2789 { 2790 if (!avr_have_feature(ctx, AVR_FEATURE_BREAK)) { 2791 return true; 2792 } 2793 2794 #ifdef BREAKPOINT_ON_BREAK 2795 tcg_gen_movi_tl(cpu_pc, ctx->npc - 1); 2796 gen_helper_debug(cpu_env); 2797 ctx->base.is_jmp = DISAS_EXIT; 2798 #else 2799 /* NOP */ 2800 #endif 2801 2802 return true; 2803 } 2804 2805 /* 2806 * This instruction performs a single cycle No Operation. 2807 */ 2808 static bool trans_NOP(DisasContext *ctx, arg_NOP *a) 2809 { 2810 2811 /* NOP */ 2812 2813 return true; 2814 } 2815 2816 /* 2817 * This instruction sets the circuit in sleep mode defined by the MCU 2818 * Control Register. 2819 */ 2820 static bool trans_SLEEP(DisasContext *ctx, arg_SLEEP *a) 2821 { 2822 gen_helper_sleep(cpu_env); 2823 ctx->base.is_jmp = DISAS_NORETURN; 2824 return true; 2825 } 2826 2827 /* 2828 * This instruction resets the Watchdog Timer. This instruction must be 2829 * executed within a limited time given by the WD prescaler. See the Watchdog 2830 * Timer hardware specification. 2831 */ 2832 static bool trans_WDR(DisasContext *ctx, arg_WDR *a) 2833 { 2834 gen_helper_wdr(cpu_env); 2835 2836 return true; 2837 } 2838 2839 /* 2840 * Core translation mechanism functions: 2841 * 2842 * - translate() 2843 * - canonicalize_skip() 2844 * - gen_intermediate_code() 2845 * - restore_state_to_opc() 2846 * 2847 */ 2848 static void translate(DisasContext *ctx) 2849 { 2850 uint32_t opcode = next_word(ctx); 2851 2852 if (!decode_insn(ctx, opcode)) { 2853 gen_helper_unsupported(cpu_env); 2854 ctx->base.is_jmp = DISAS_NORETURN; 2855 } 2856 } 2857 2858 /* Standardize the cpu_skip condition to NE. */ 2859 static bool canonicalize_skip(DisasContext *ctx) 2860 { 2861 switch (ctx->skip_cond) { 2862 case TCG_COND_NEVER: 2863 /* Normal case: cpu_skip is known to be false. */ 2864 return false; 2865 2866 case TCG_COND_ALWAYS: 2867 /* 2868 * Breakpoint case: cpu_skip is known to be true, via TB_FLAGS_SKIP. 2869 * The breakpoint is on the instruction being skipped, at the start 2870 * of the TranslationBlock. No need to update. 2871 */ 2872 return false; 2873 2874 case TCG_COND_NE: 2875 if (ctx->skip_var1 == NULL) { 2876 tcg_gen_mov_tl(cpu_skip, ctx->skip_var0); 2877 } else { 2878 tcg_gen_xor_tl(cpu_skip, ctx->skip_var0, ctx->skip_var1); 2879 ctx->skip_var1 = NULL; 2880 } 2881 break; 2882 2883 default: 2884 /* Convert to a NE condition vs 0. */ 2885 if (ctx->skip_var1 == NULL) { 2886 tcg_gen_setcondi_tl(ctx->skip_cond, cpu_skip, ctx->skip_var0, 0); 2887 } else { 2888 tcg_gen_setcond_tl(ctx->skip_cond, cpu_skip, 2889 ctx->skip_var0, ctx->skip_var1); 2890 ctx->skip_var1 = NULL; 2891 } 2892 ctx->skip_cond = TCG_COND_NE; 2893 break; 2894 } 2895 if (ctx->free_skip_var0) { 2896 tcg_temp_free(ctx->skip_var0); 2897 ctx->free_skip_var0 = false; 2898 } 2899 ctx->skip_var0 = cpu_skip; 2900 return true; 2901 } 2902 2903 static void gen_breakpoint(DisasContext *ctx) 2904 { 2905 canonicalize_skip(ctx); 2906 tcg_gen_movi_tl(cpu_pc, ctx->npc); 2907 gen_helper_debug(cpu_env); 2908 ctx->base.is_jmp = DISAS_NORETURN; 2909 } 2910 2911 static void avr_tr_init_disas_context(DisasContextBase *dcbase, CPUState *cs) 2912 { 2913 DisasContext *ctx = container_of(dcbase, DisasContext, base); 2914 CPUAVRState *env = cs->env_ptr; 2915 uint32_t tb_flags = ctx->base.tb->flags; 2916 2917 ctx->cs = cs; 2918 ctx->env = env; 2919 ctx->npc = ctx->base.pc_first / 2; 2920 2921 ctx->skip_cond = TCG_COND_NEVER; 2922 if (tb_flags & TB_FLAGS_SKIP) { 2923 ctx->skip_cond = TCG_COND_ALWAYS; 2924 ctx->skip_var0 = cpu_skip; 2925 } 2926 2927 if (tb_flags & TB_FLAGS_FULL_ACCESS) { 2928 /* 2929 * This flag is set by ST/LD instruction we will regenerate it ONLY 2930 * with mem/cpu memory access instead of mem access 2931 */ 2932 ctx->base.max_insns = 1; 2933 } 2934 } 2935 2936 static void avr_tr_tb_start(DisasContextBase *db, CPUState *cs) 2937 { 2938 } 2939 2940 static void avr_tr_insn_start(DisasContextBase *dcbase, CPUState *cs) 2941 { 2942 DisasContext *ctx = container_of(dcbase, DisasContext, base); 2943 2944 tcg_gen_insn_start(ctx->npc); 2945 } 2946 2947 static bool avr_tr_breakpoint_check(DisasContextBase *dcbase, CPUState *cs, 2948 const CPUBreakpoint *bp) 2949 { 2950 DisasContext *ctx = container_of(dcbase, DisasContext, base); 2951 2952 gen_breakpoint(ctx); 2953 return true; 2954 } 2955 2956 static void avr_tr_translate_insn(DisasContextBase *dcbase, CPUState *cs) 2957 { 2958 DisasContext *ctx = container_of(dcbase, DisasContext, base); 2959 TCGLabel *skip_label = NULL; 2960 2961 /* 2962 * This is due to some strange GDB behavior 2963 * Let's assume main has address 0x100: 2964 * b main - sets breakpoint at address 0x00000100 (code) 2965 * b *0x100 - sets breakpoint at address 0x00800100 (data) 2966 * 2967 * The translator driver has already taken care of the code pointer. 2968 */ 2969 if (!ctx->base.singlestep_enabled && 2970 cpu_breakpoint_test(cs, OFFSET_DATA + ctx->base.pc_next, BP_ANY)) { 2971 gen_breakpoint(ctx); 2972 return; 2973 } 2974 2975 /* Conditionally skip the next instruction, if indicated. */ 2976 if (ctx->skip_cond != TCG_COND_NEVER) { 2977 skip_label = gen_new_label(); 2978 if (ctx->skip_var0 == cpu_skip) { 2979 /* 2980 * Copy cpu_skip so that we may zero it before the branch. 2981 * This ensures that cpu_skip is non-zero after the label 2982 * if and only if the skipped insn itself sets a skip. 2983 */ 2984 ctx->free_skip_var0 = true; 2985 ctx->skip_var0 = tcg_temp_new(); 2986 tcg_gen_mov_tl(ctx->skip_var0, cpu_skip); 2987 tcg_gen_movi_tl(cpu_skip, 0); 2988 } 2989 if (ctx->skip_var1 == NULL) { 2990 tcg_gen_brcondi_tl(ctx->skip_cond, ctx->skip_var0, 0, skip_label); 2991 } else { 2992 tcg_gen_brcond_tl(ctx->skip_cond, ctx->skip_var0, 2993 ctx->skip_var1, skip_label); 2994 ctx->skip_var1 = NULL; 2995 } 2996 if (ctx->free_skip_var0) { 2997 tcg_temp_free(ctx->skip_var0); 2998 ctx->free_skip_var0 = false; 2999 } 3000 ctx->skip_cond = TCG_COND_NEVER; 3001 ctx->skip_var0 = NULL; 3002 } 3003 3004 translate(ctx); 3005 3006 ctx->base.pc_next = ctx->npc * 2; 3007 3008 if (skip_label) { 3009 canonicalize_skip(ctx); 3010 gen_set_label(skip_label); 3011 if (ctx->base.is_jmp == DISAS_NORETURN) { 3012 ctx->base.is_jmp = DISAS_CHAIN; 3013 } 3014 } 3015 3016 if (ctx->base.is_jmp == DISAS_NEXT) { 3017 target_ulong page_first = ctx->base.pc_first & TARGET_PAGE_MASK; 3018 3019 if ((ctx->base.pc_next - page_first) >= TARGET_PAGE_SIZE - 4) { 3020 ctx->base.is_jmp = DISAS_TOO_MANY; 3021 } 3022 } 3023 } 3024 3025 static void avr_tr_tb_stop(DisasContextBase *dcbase, CPUState *cs) 3026 { 3027 DisasContext *ctx = container_of(dcbase, DisasContext, base); 3028 bool nonconst_skip = canonicalize_skip(ctx); 3029 3030 switch (ctx->base.is_jmp) { 3031 case DISAS_NORETURN: 3032 assert(!nonconst_skip); 3033 break; 3034 case DISAS_NEXT: 3035 case DISAS_TOO_MANY: 3036 case DISAS_CHAIN: 3037 if (!nonconst_skip) { 3038 /* Note gen_goto_tb checks singlestep. */ 3039 gen_goto_tb(ctx, 1, ctx->npc); 3040 break; 3041 } 3042 tcg_gen_movi_tl(cpu_pc, ctx->npc); 3043 /* fall through */ 3044 case DISAS_LOOKUP: 3045 if (!ctx->base.singlestep_enabled) { 3046 tcg_gen_lookup_and_goto_ptr(); 3047 break; 3048 } 3049 /* fall through */ 3050 case DISAS_EXIT: 3051 if (ctx->base.singlestep_enabled) { 3052 gen_helper_debug(cpu_env); 3053 } else { 3054 tcg_gen_exit_tb(NULL, 0); 3055 } 3056 break; 3057 default: 3058 g_assert_not_reached(); 3059 } 3060 } 3061 3062 static void avr_tr_disas_log(const DisasContextBase *dcbase, CPUState *cs) 3063 { 3064 qemu_log("IN: %s\n", lookup_symbol(dcbase->pc_first)); 3065 log_target_disas(cs, dcbase->pc_first, dcbase->tb->size); 3066 } 3067 3068 static const TranslatorOps avr_tr_ops = { 3069 .init_disas_context = avr_tr_init_disas_context, 3070 .tb_start = avr_tr_tb_start, 3071 .insn_start = avr_tr_insn_start, 3072 .breakpoint_check = avr_tr_breakpoint_check, 3073 .translate_insn = avr_tr_translate_insn, 3074 .tb_stop = avr_tr_tb_stop, 3075 .disas_log = avr_tr_disas_log, 3076 }; 3077 3078 void gen_intermediate_code(CPUState *cs, TranslationBlock *tb, int max_insns) 3079 { 3080 DisasContext dc = { }; 3081 translator_loop(&avr_tr_ops, &dc.base, cs, tb, max_insns); 3082 } 3083 3084 void restore_state_to_opc(CPUAVRState *env, TranslationBlock *tb, 3085 target_ulong *data) 3086 { 3087 env->pc_w = data[0]; 3088 } 3089