1 /* 2 * SH4 translation 3 * 4 * Copyright (c) 2005 Samuel Tardieu 5 * 6 * This library is free software; you can redistribute it and/or 7 * modify it under the terms of the GNU Lesser General Public 8 * License as published by the Free Software Foundation; either 9 * version 2 of the License, or (at your option) any later version. 10 * 11 * This library is distributed in the hope that it will be useful, 12 * but WITHOUT ANY WARRANTY; without even the implied warranty of 13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 14 * Lesser General Public License for more details. 15 * 16 * You should have received a copy of the GNU Lesser General Public 17 * License along with this library; if not, see <http://www.gnu.org/licenses/>. 18 */ 19 20 #define DEBUG_DISAS 21 22 #include "qemu/osdep.h" 23 #include "cpu.h" 24 #include "disas/disas.h" 25 #include "exec/exec-all.h" 26 #include "tcg-op.h" 27 #include "exec/cpu_ldst.h" 28 29 #include "exec/helper-proto.h" 30 #include "exec/helper-gen.h" 31 32 #include "trace-tcg.h" 33 #include "exec/log.h" 34 35 36 typedef struct DisasContext { 37 struct TranslationBlock *tb; 38 target_ulong pc; 39 uint16_t opcode; 40 uint32_t tbflags; /* should stay unmodified during the TB translation */ 41 uint32_t envflags; /* should stay in sync with env->flags using TCG ops */ 42 int bstate; 43 int memidx; 44 int gbank; 45 int fbank; 46 uint32_t delayed_pc; 47 int singlestep_enabled; 48 uint32_t features; 49 int has_movcal; 50 } DisasContext; 51 52 #if defined(CONFIG_USER_ONLY) 53 #define IS_USER(ctx) 1 54 #else 55 #define IS_USER(ctx) (!(ctx->tbflags & (1u << SR_MD))) 56 #endif 57 58 enum { 59 BS_NONE = 0, /* We go out of the TB without reaching a branch or an 60 * exception condition 61 */ 62 BS_STOP = 1, /* We want to stop translation for any reason */ 63 BS_BRANCH = 2, /* We reached a branch condition */ 64 BS_EXCP = 3, /* We reached an exception condition */ 65 }; 66 67 /* global register indexes */ 68 static TCGv cpu_gregs[32]; 69 static TCGv cpu_sr, cpu_sr_m, cpu_sr_q, cpu_sr_t; 70 static TCGv cpu_pc, cpu_ssr, cpu_spc, cpu_gbr; 71 static TCGv cpu_vbr, cpu_sgr, cpu_dbr, cpu_mach, cpu_macl; 72 static TCGv cpu_pr, cpu_fpscr, cpu_fpul, cpu_ldst; 73 static TCGv cpu_fregs[32]; 74 75 /* internal register indexes */ 76 static TCGv cpu_flags, cpu_delayed_pc, cpu_delayed_cond; 77 78 #include "exec/gen-icount.h" 79 80 void sh4_translate_init(void) 81 { 82 int i; 83 static const char * const gregnames[24] = { 84 "R0_BANK0", "R1_BANK0", "R2_BANK0", "R3_BANK0", 85 "R4_BANK0", "R5_BANK0", "R6_BANK0", "R7_BANK0", 86 "R8", "R9", "R10", "R11", "R12", "R13", "R14", "R15", 87 "R0_BANK1", "R1_BANK1", "R2_BANK1", "R3_BANK1", 88 "R4_BANK1", "R5_BANK1", "R6_BANK1", "R7_BANK1" 89 }; 90 static const char * const fregnames[32] = { 91 "FPR0_BANK0", "FPR1_BANK0", "FPR2_BANK0", "FPR3_BANK0", 92 "FPR4_BANK0", "FPR5_BANK0", "FPR6_BANK0", "FPR7_BANK0", 93 "FPR8_BANK0", "FPR9_BANK0", "FPR10_BANK0", "FPR11_BANK0", 94 "FPR12_BANK0", "FPR13_BANK0", "FPR14_BANK0", "FPR15_BANK0", 95 "FPR0_BANK1", "FPR1_BANK1", "FPR2_BANK1", "FPR3_BANK1", 96 "FPR4_BANK1", "FPR5_BANK1", "FPR6_BANK1", "FPR7_BANK1", 97 "FPR8_BANK1", "FPR9_BANK1", "FPR10_BANK1", "FPR11_BANK1", 98 "FPR12_BANK1", "FPR13_BANK1", "FPR14_BANK1", "FPR15_BANK1", 99 }; 100 101 for (i = 0; i < 24; i++) { 102 cpu_gregs[i] = tcg_global_mem_new_i32(cpu_env, 103 offsetof(CPUSH4State, gregs[i]), 104 gregnames[i]); 105 } 106 memcpy(cpu_gregs + 24, cpu_gregs + 8, 8 * sizeof(TCGv)); 107 108 cpu_pc = tcg_global_mem_new_i32(cpu_env, 109 offsetof(CPUSH4State, pc), "PC"); 110 cpu_sr = tcg_global_mem_new_i32(cpu_env, 111 offsetof(CPUSH4State, sr), "SR"); 112 cpu_sr_m = tcg_global_mem_new_i32(cpu_env, 113 offsetof(CPUSH4State, sr_m), "SR_M"); 114 cpu_sr_q = tcg_global_mem_new_i32(cpu_env, 115 offsetof(CPUSH4State, sr_q), "SR_Q"); 116 cpu_sr_t = tcg_global_mem_new_i32(cpu_env, 117 offsetof(CPUSH4State, sr_t), "SR_T"); 118 cpu_ssr = tcg_global_mem_new_i32(cpu_env, 119 offsetof(CPUSH4State, ssr), "SSR"); 120 cpu_spc = tcg_global_mem_new_i32(cpu_env, 121 offsetof(CPUSH4State, spc), "SPC"); 122 cpu_gbr = tcg_global_mem_new_i32(cpu_env, 123 offsetof(CPUSH4State, gbr), "GBR"); 124 cpu_vbr = tcg_global_mem_new_i32(cpu_env, 125 offsetof(CPUSH4State, vbr), "VBR"); 126 cpu_sgr = tcg_global_mem_new_i32(cpu_env, 127 offsetof(CPUSH4State, sgr), "SGR"); 128 cpu_dbr = tcg_global_mem_new_i32(cpu_env, 129 offsetof(CPUSH4State, dbr), "DBR"); 130 cpu_mach = tcg_global_mem_new_i32(cpu_env, 131 offsetof(CPUSH4State, mach), "MACH"); 132 cpu_macl = tcg_global_mem_new_i32(cpu_env, 133 offsetof(CPUSH4State, macl), "MACL"); 134 cpu_pr = tcg_global_mem_new_i32(cpu_env, 135 offsetof(CPUSH4State, pr), "PR"); 136 cpu_fpscr = tcg_global_mem_new_i32(cpu_env, 137 offsetof(CPUSH4State, fpscr), "FPSCR"); 138 cpu_fpul = tcg_global_mem_new_i32(cpu_env, 139 offsetof(CPUSH4State, fpul), "FPUL"); 140 141 cpu_flags = tcg_global_mem_new_i32(cpu_env, 142 offsetof(CPUSH4State, flags), "_flags_"); 143 cpu_delayed_pc = tcg_global_mem_new_i32(cpu_env, 144 offsetof(CPUSH4State, delayed_pc), 145 "_delayed_pc_"); 146 cpu_delayed_cond = tcg_global_mem_new_i32(cpu_env, 147 offsetof(CPUSH4State, 148 delayed_cond), 149 "_delayed_cond_"); 150 cpu_ldst = tcg_global_mem_new_i32(cpu_env, 151 offsetof(CPUSH4State, ldst), "_ldst_"); 152 153 for (i = 0; i < 32; i++) 154 cpu_fregs[i] = tcg_global_mem_new_i32(cpu_env, 155 offsetof(CPUSH4State, fregs[i]), 156 fregnames[i]); 157 } 158 159 void superh_cpu_dump_state(CPUState *cs, FILE *f, 160 fprintf_function cpu_fprintf, int flags) 161 { 162 SuperHCPU *cpu = SUPERH_CPU(cs); 163 CPUSH4State *env = &cpu->env; 164 int i; 165 cpu_fprintf(f, "pc=0x%08x sr=0x%08x pr=0x%08x fpscr=0x%08x\n", 166 env->pc, cpu_read_sr(env), env->pr, env->fpscr); 167 cpu_fprintf(f, "spc=0x%08x ssr=0x%08x gbr=0x%08x vbr=0x%08x\n", 168 env->spc, env->ssr, env->gbr, env->vbr); 169 cpu_fprintf(f, "sgr=0x%08x dbr=0x%08x delayed_pc=0x%08x fpul=0x%08x\n", 170 env->sgr, env->dbr, env->delayed_pc, env->fpul); 171 for (i = 0; i < 24; i += 4) { 172 cpu_fprintf(f, "r%d=0x%08x r%d=0x%08x r%d=0x%08x r%d=0x%08x\n", 173 i, env->gregs[i], i + 1, env->gregs[i + 1], 174 i + 2, env->gregs[i + 2], i + 3, env->gregs[i + 3]); 175 } 176 if (env->flags & DELAY_SLOT) { 177 cpu_fprintf(f, "in delay slot (delayed_pc=0x%08x)\n", 178 env->delayed_pc); 179 } else if (env->flags & DELAY_SLOT_CONDITIONAL) { 180 cpu_fprintf(f, "in conditional delay slot (delayed_pc=0x%08x)\n", 181 env->delayed_pc); 182 } else if (env->flags & DELAY_SLOT_RTE) { 183 cpu_fprintf(f, "in rte delay slot (delayed_pc=0x%08x)\n", 184 env->delayed_pc); 185 } 186 } 187 188 static void gen_read_sr(TCGv dst) 189 { 190 TCGv t0 = tcg_temp_new(); 191 tcg_gen_shli_i32(t0, cpu_sr_q, SR_Q); 192 tcg_gen_or_i32(dst, dst, t0); 193 tcg_gen_shli_i32(t0, cpu_sr_m, SR_M); 194 tcg_gen_or_i32(dst, dst, t0); 195 tcg_gen_shli_i32(t0, cpu_sr_t, SR_T); 196 tcg_gen_or_i32(dst, cpu_sr, t0); 197 tcg_temp_free_i32(t0); 198 } 199 200 static void gen_write_sr(TCGv src) 201 { 202 tcg_gen_andi_i32(cpu_sr, src, 203 ~((1u << SR_Q) | (1u << SR_M) | (1u << SR_T))); 204 tcg_gen_extract_i32(cpu_sr_q, src, SR_Q, 1); 205 tcg_gen_extract_i32(cpu_sr_m, src, SR_M, 1); 206 tcg_gen_extract_i32(cpu_sr_t, src, SR_T, 1); 207 } 208 209 static inline void gen_save_cpu_state(DisasContext *ctx, bool save_pc) 210 { 211 if (save_pc) { 212 tcg_gen_movi_i32(cpu_pc, ctx->pc); 213 } 214 if (ctx->delayed_pc != (uint32_t) -1) { 215 tcg_gen_movi_i32(cpu_delayed_pc, ctx->delayed_pc); 216 } 217 if ((ctx->tbflags & TB_FLAG_ENVFLAGS_MASK) != ctx->envflags) { 218 tcg_gen_movi_i32(cpu_flags, ctx->envflags); 219 } 220 } 221 222 static inline bool use_exit_tb(DisasContext *ctx) 223 { 224 return (ctx->tbflags & GUSA_EXCLUSIVE) != 0; 225 } 226 227 static inline bool use_goto_tb(DisasContext *ctx, target_ulong dest) 228 { 229 /* Use a direct jump if in same page and singlestep not enabled */ 230 if (unlikely(ctx->singlestep_enabled || use_exit_tb(ctx))) { 231 return false; 232 } 233 #ifndef CONFIG_USER_ONLY 234 return (ctx->tb->pc & TARGET_PAGE_MASK) == (dest & TARGET_PAGE_MASK); 235 #else 236 return true; 237 #endif 238 } 239 240 static void gen_goto_tb(DisasContext *ctx, int n, target_ulong dest) 241 { 242 if (use_goto_tb(ctx, dest)) { 243 tcg_gen_goto_tb(n); 244 tcg_gen_movi_i32(cpu_pc, dest); 245 tcg_gen_exit_tb((uintptr_t)ctx->tb + n); 246 } else { 247 tcg_gen_movi_i32(cpu_pc, dest); 248 if (ctx->singlestep_enabled) { 249 gen_helper_debug(cpu_env); 250 } else if (use_exit_tb(ctx)) { 251 tcg_gen_exit_tb(0); 252 } else { 253 tcg_gen_lookup_and_goto_ptr(); 254 } 255 } 256 } 257 258 static void gen_jump(DisasContext * ctx) 259 { 260 if (ctx->delayed_pc == -1) { 261 /* Target is not statically known, it comes necessarily from a 262 delayed jump as immediate jump are conditinal jumps */ 263 tcg_gen_mov_i32(cpu_pc, cpu_delayed_pc); 264 tcg_gen_discard_i32(cpu_delayed_pc); 265 if (ctx->singlestep_enabled) { 266 gen_helper_debug(cpu_env); 267 } else if (use_exit_tb(ctx)) { 268 tcg_gen_exit_tb(0); 269 } else { 270 tcg_gen_lookup_and_goto_ptr(); 271 } 272 } else { 273 gen_goto_tb(ctx, 0, ctx->delayed_pc); 274 } 275 } 276 277 /* Immediate conditional jump (bt or bf) */ 278 static void gen_conditional_jump(DisasContext *ctx, target_ulong dest, 279 bool jump_if_true) 280 { 281 TCGLabel *l1 = gen_new_label(); 282 TCGCond cond_not_taken = jump_if_true ? TCG_COND_EQ : TCG_COND_NE; 283 284 if (ctx->tbflags & GUSA_EXCLUSIVE) { 285 /* When in an exclusive region, we must continue to the end. 286 Therefore, exit the region on a taken branch, but otherwise 287 fall through to the next instruction. */ 288 tcg_gen_brcondi_i32(cond_not_taken, cpu_sr_t, 0, l1); 289 tcg_gen_movi_i32(cpu_flags, ctx->envflags & ~GUSA_MASK); 290 /* Note that this won't actually use a goto_tb opcode because we 291 disallow it in use_goto_tb, but it handles exit + singlestep. */ 292 gen_goto_tb(ctx, 0, dest); 293 gen_set_label(l1); 294 return; 295 } 296 297 gen_save_cpu_state(ctx, false); 298 tcg_gen_brcondi_i32(cond_not_taken, cpu_sr_t, 0, l1); 299 gen_goto_tb(ctx, 0, dest); 300 gen_set_label(l1); 301 gen_goto_tb(ctx, 1, ctx->pc + 2); 302 ctx->bstate = BS_BRANCH; 303 } 304 305 /* Delayed conditional jump (bt or bf) */ 306 static void gen_delayed_conditional_jump(DisasContext * ctx) 307 { 308 TCGLabel *l1 = gen_new_label(); 309 TCGv ds = tcg_temp_new(); 310 311 tcg_gen_mov_i32(ds, cpu_delayed_cond); 312 tcg_gen_discard_i32(cpu_delayed_cond); 313 314 if (ctx->tbflags & GUSA_EXCLUSIVE) { 315 /* When in an exclusive region, we must continue to the end. 316 Therefore, exit the region on a taken branch, but otherwise 317 fall through to the next instruction. */ 318 tcg_gen_brcondi_i32(TCG_COND_EQ, ds, 0, l1); 319 320 /* Leave the gUSA region. */ 321 tcg_gen_movi_i32(cpu_flags, ctx->envflags & ~GUSA_MASK); 322 gen_jump(ctx); 323 324 gen_set_label(l1); 325 return; 326 } 327 328 tcg_gen_brcondi_i32(TCG_COND_NE, ds, 0, l1); 329 gen_goto_tb(ctx, 1, ctx->pc + 2); 330 gen_set_label(l1); 331 gen_jump(ctx); 332 } 333 334 static inline void gen_load_fpr64(DisasContext *ctx, TCGv_i64 t, int reg) 335 { 336 /* We have already signaled illegal instruction for odd Dr. */ 337 tcg_debug_assert((reg & 1) == 0); 338 reg ^= ctx->fbank; 339 tcg_gen_concat_i32_i64(t, cpu_fregs[reg + 1], cpu_fregs[reg]); 340 } 341 342 static inline void gen_store_fpr64(DisasContext *ctx, TCGv_i64 t, int reg) 343 { 344 /* We have already signaled illegal instruction for odd Dr. */ 345 tcg_debug_assert((reg & 1) == 0); 346 reg ^= ctx->fbank; 347 tcg_gen_extr_i64_i32(cpu_fregs[reg + 1], cpu_fregs[reg], t); 348 } 349 350 #define B3_0 (ctx->opcode & 0xf) 351 #define B6_4 ((ctx->opcode >> 4) & 0x7) 352 #define B7_4 ((ctx->opcode >> 4) & 0xf) 353 #define B7_0 (ctx->opcode & 0xff) 354 #define B7_0s ((int32_t) (int8_t) (ctx->opcode & 0xff)) 355 #define B11_0s (ctx->opcode & 0x800 ? 0xfffff000 | (ctx->opcode & 0xfff) : \ 356 (ctx->opcode & 0xfff)) 357 #define B11_8 ((ctx->opcode >> 8) & 0xf) 358 #define B15_12 ((ctx->opcode >> 12) & 0xf) 359 360 #define REG(x) cpu_gregs[(x) ^ ctx->gbank] 361 #define ALTREG(x) cpu_gregs[(x) ^ ctx->gbank ^ 0x10] 362 #define FREG(x) cpu_fregs[(x) ^ ctx->fbank] 363 364 #define XHACK(x) ((((x) & 1 ) << 4) | ((x) & 0xe)) 365 366 #define CHECK_NOT_DELAY_SLOT \ 367 if (ctx->envflags & DELAY_SLOT_MASK) { \ 368 goto do_illegal_slot; \ 369 } 370 371 #define CHECK_PRIVILEGED \ 372 if (IS_USER(ctx)) { \ 373 goto do_illegal; \ 374 } 375 376 #define CHECK_FPU_ENABLED \ 377 if (ctx->tbflags & (1u << SR_FD)) { \ 378 goto do_fpu_disabled; \ 379 } 380 381 #define CHECK_FPSCR_PR_0 \ 382 if (ctx->tbflags & FPSCR_PR) { \ 383 goto do_illegal; \ 384 } 385 386 #define CHECK_FPSCR_PR_1 \ 387 if (!(ctx->tbflags & FPSCR_PR)) { \ 388 goto do_illegal; \ 389 } 390 391 #define CHECK_SH4A \ 392 if (!(ctx->features & SH_FEATURE_SH4A)) { \ 393 goto do_illegal; \ 394 } 395 396 static void _decode_opc(DisasContext * ctx) 397 { 398 /* This code tries to make movcal emulation sufficiently 399 accurate for Linux purposes. This instruction writes 400 memory, and prior to that, always allocates a cache line. 401 It is used in two contexts: 402 - in memcpy, where data is copied in blocks, the first write 403 of to a block uses movca.l for performance. 404 - in arch/sh/mm/cache-sh4.c, movcal.l + ocbi combination is used 405 to flush the cache. Here, the data written by movcal.l is never 406 written to memory, and the data written is just bogus. 407 408 To simulate this, we simulate movcal.l, we store the value to memory, 409 but we also remember the previous content. If we see ocbi, we check 410 if movcal.l for that address was done previously. If so, the write should 411 not have hit the memory, so we restore the previous content. 412 When we see an instruction that is neither movca.l 413 nor ocbi, the previous content is discarded. 414 415 To optimize, we only try to flush stores when we're at the start of 416 TB, or if we already saw movca.l in this TB and did not flush stores 417 yet. */ 418 if (ctx->has_movcal) 419 { 420 int opcode = ctx->opcode & 0xf0ff; 421 if (opcode != 0x0093 /* ocbi */ 422 && opcode != 0x00c3 /* movca.l */) 423 { 424 gen_helper_discard_movcal_backup(cpu_env); 425 ctx->has_movcal = 0; 426 } 427 } 428 429 #if 0 430 fprintf(stderr, "Translating opcode 0x%04x\n", ctx->opcode); 431 #endif 432 433 switch (ctx->opcode) { 434 case 0x0019: /* div0u */ 435 tcg_gen_movi_i32(cpu_sr_m, 0); 436 tcg_gen_movi_i32(cpu_sr_q, 0); 437 tcg_gen_movi_i32(cpu_sr_t, 0); 438 return; 439 case 0x000b: /* rts */ 440 CHECK_NOT_DELAY_SLOT 441 tcg_gen_mov_i32(cpu_delayed_pc, cpu_pr); 442 ctx->envflags |= DELAY_SLOT; 443 ctx->delayed_pc = (uint32_t) - 1; 444 return; 445 case 0x0028: /* clrmac */ 446 tcg_gen_movi_i32(cpu_mach, 0); 447 tcg_gen_movi_i32(cpu_macl, 0); 448 return; 449 case 0x0048: /* clrs */ 450 tcg_gen_andi_i32(cpu_sr, cpu_sr, ~(1u << SR_S)); 451 return; 452 case 0x0008: /* clrt */ 453 tcg_gen_movi_i32(cpu_sr_t, 0); 454 return; 455 case 0x0038: /* ldtlb */ 456 CHECK_PRIVILEGED 457 gen_helper_ldtlb(cpu_env); 458 return; 459 case 0x002b: /* rte */ 460 CHECK_PRIVILEGED 461 CHECK_NOT_DELAY_SLOT 462 gen_write_sr(cpu_ssr); 463 tcg_gen_mov_i32(cpu_delayed_pc, cpu_spc); 464 ctx->envflags |= DELAY_SLOT_RTE; 465 ctx->delayed_pc = (uint32_t) - 1; 466 ctx->bstate = BS_STOP; 467 return; 468 case 0x0058: /* sets */ 469 tcg_gen_ori_i32(cpu_sr, cpu_sr, (1u << SR_S)); 470 return; 471 case 0x0018: /* sett */ 472 tcg_gen_movi_i32(cpu_sr_t, 1); 473 return; 474 case 0xfbfd: /* frchg */ 475 CHECK_FPSCR_PR_0 476 tcg_gen_xori_i32(cpu_fpscr, cpu_fpscr, FPSCR_FR); 477 ctx->bstate = BS_STOP; 478 return; 479 case 0xf3fd: /* fschg */ 480 CHECK_FPSCR_PR_0 481 tcg_gen_xori_i32(cpu_fpscr, cpu_fpscr, FPSCR_SZ); 482 ctx->bstate = BS_STOP; 483 return; 484 case 0xf7fd: /* fpchg */ 485 CHECK_SH4A 486 tcg_gen_xori_i32(cpu_fpscr, cpu_fpscr, FPSCR_PR); 487 ctx->bstate = BS_STOP; 488 return; 489 case 0x0009: /* nop */ 490 return; 491 case 0x001b: /* sleep */ 492 CHECK_PRIVILEGED 493 tcg_gen_movi_i32(cpu_pc, ctx->pc + 2); 494 gen_helper_sleep(cpu_env); 495 return; 496 } 497 498 switch (ctx->opcode & 0xf000) { 499 case 0x1000: /* mov.l Rm,@(disp,Rn) */ 500 { 501 TCGv addr = tcg_temp_new(); 502 tcg_gen_addi_i32(addr, REG(B11_8), B3_0 * 4); 503 tcg_gen_qemu_st_i32(REG(B7_4), addr, ctx->memidx, MO_TEUL); 504 tcg_temp_free(addr); 505 } 506 return; 507 case 0x5000: /* mov.l @(disp,Rm),Rn */ 508 { 509 TCGv addr = tcg_temp_new(); 510 tcg_gen_addi_i32(addr, REG(B7_4), B3_0 * 4); 511 tcg_gen_qemu_ld_i32(REG(B11_8), addr, ctx->memidx, MO_TESL); 512 tcg_temp_free(addr); 513 } 514 return; 515 case 0xe000: /* mov #imm,Rn */ 516 #ifdef CONFIG_USER_ONLY 517 /* Detect the start of a gUSA region. If so, update envflags 518 and end the TB. This will allow us to see the end of the 519 region (stored in R0) in the next TB. */ 520 if (B11_8 == 15 && B7_0s < 0 && (tb_cflags(ctx->tb) & CF_PARALLEL)) { 521 ctx->envflags = deposit32(ctx->envflags, GUSA_SHIFT, 8, B7_0s); 522 ctx->bstate = BS_STOP; 523 } 524 #endif 525 tcg_gen_movi_i32(REG(B11_8), B7_0s); 526 return; 527 case 0x9000: /* mov.w @(disp,PC),Rn */ 528 { 529 TCGv addr = tcg_const_i32(ctx->pc + 4 + B7_0 * 2); 530 tcg_gen_qemu_ld_i32(REG(B11_8), addr, ctx->memidx, MO_TESW); 531 tcg_temp_free(addr); 532 } 533 return; 534 case 0xd000: /* mov.l @(disp,PC),Rn */ 535 { 536 TCGv addr = tcg_const_i32((ctx->pc + 4 + B7_0 * 4) & ~3); 537 tcg_gen_qemu_ld_i32(REG(B11_8), addr, ctx->memidx, MO_TESL); 538 tcg_temp_free(addr); 539 } 540 return; 541 case 0x7000: /* add #imm,Rn */ 542 tcg_gen_addi_i32(REG(B11_8), REG(B11_8), B7_0s); 543 return; 544 case 0xa000: /* bra disp */ 545 CHECK_NOT_DELAY_SLOT 546 ctx->delayed_pc = ctx->pc + 4 + B11_0s * 2; 547 ctx->envflags |= DELAY_SLOT; 548 return; 549 case 0xb000: /* bsr disp */ 550 CHECK_NOT_DELAY_SLOT 551 tcg_gen_movi_i32(cpu_pr, ctx->pc + 4); 552 ctx->delayed_pc = ctx->pc + 4 + B11_0s * 2; 553 ctx->envflags |= DELAY_SLOT; 554 return; 555 } 556 557 switch (ctx->opcode & 0xf00f) { 558 case 0x6003: /* mov Rm,Rn */ 559 tcg_gen_mov_i32(REG(B11_8), REG(B7_4)); 560 return; 561 case 0x2000: /* mov.b Rm,@Rn */ 562 tcg_gen_qemu_st_i32(REG(B7_4), REG(B11_8), ctx->memidx, MO_UB); 563 return; 564 case 0x2001: /* mov.w Rm,@Rn */ 565 tcg_gen_qemu_st_i32(REG(B7_4), REG(B11_8), ctx->memidx, MO_TEUW); 566 return; 567 case 0x2002: /* mov.l Rm,@Rn */ 568 tcg_gen_qemu_st_i32(REG(B7_4), REG(B11_8), ctx->memidx, MO_TEUL); 569 return; 570 case 0x6000: /* mov.b @Rm,Rn */ 571 tcg_gen_qemu_ld_i32(REG(B11_8), REG(B7_4), ctx->memidx, MO_SB); 572 return; 573 case 0x6001: /* mov.w @Rm,Rn */ 574 tcg_gen_qemu_ld_i32(REG(B11_8), REG(B7_4), ctx->memidx, MO_TESW); 575 return; 576 case 0x6002: /* mov.l @Rm,Rn */ 577 tcg_gen_qemu_ld_i32(REG(B11_8), REG(B7_4), ctx->memidx, MO_TESL); 578 return; 579 case 0x2004: /* mov.b Rm,@-Rn */ 580 { 581 TCGv addr = tcg_temp_new(); 582 tcg_gen_subi_i32(addr, REG(B11_8), 1); 583 /* might cause re-execution */ 584 tcg_gen_qemu_st_i32(REG(B7_4), addr, ctx->memidx, MO_UB); 585 tcg_gen_mov_i32(REG(B11_8), addr); /* modify register status */ 586 tcg_temp_free(addr); 587 } 588 return; 589 case 0x2005: /* mov.w Rm,@-Rn */ 590 { 591 TCGv addr = tcg_temp_new(); 592 tcg_gen_subi_i32(addr, REG(B11_8), 2); 593 tcg_gen_qemu_st_i32(REG(B7_4), addr, ctx->memidx, MO_TEUW); 594 tcg_gen_mov_i32(REG(B11_8), addr); 595 tcg_temp_free(addr); 596 } 597 return; 598 case 0x2006: /* mov.l Rm,@-Rn */ 599 { 600 TCGv addr = tcg_temp_new(); 601 tcg_gen_subi_i32(addr, REG(B11_8), 4); 602 tcg_gen_qemu_st_i32(REG(B7_4), addr, ctx->memidx, MO_TEUL); 603 tcg_gen_mov_i32(REG(B11_8), addr); 604 } 605 return; 606 case 0x6004: /* mov.b @Rm+,Rn */ 607 tcg_gen_qemu_ld_i32(REG(B11_8), REG(B7_4), ctx->memidx, MO_SB); 608 if ( B11_8 != B7_4 ) 609 tcg_gen_addi_i32(REG(B7_4), REG(B7_4), 1); 610 return; 611 case 0x6005: /* mov.w @Rm+,Rn */ 612 tcg_gen_qemu_ld_i32(REG(B11_8), REG(B7_4), ctx->memidx, MO_TESW); 613 if ( B11_8 != B7_4 ) 614 tcg_gen_addi_i32(REG(B7_4), REG(B7_4), 2); 615 return; 616 case 0x6006: /* mov.l @Rm+,Rn */ 617 tcg_gen_qemu_ld_i32(REG(B11_8), REG(B7_4), ctx->memidx, MO_TESL); 618 if ( B11_8 != B7_4 ) 619 tcg_gen_addi_i32(REG(B7_4), REG(B7_4), 4); 620 return; 621 case 0x0004: /* mov.b Rm,@(R0,Rn) */ 622 { 623 TCGv addr = tcg_temp_new(); 624 tcg_gen_add_i32(addr, REG(B11_8), REG(0)); 625 tcg_gen_qemu_st_i32(REG(B7_4), addr, ctx->memidx, MO_UB); 626 tcg_temp_free(addr); 627 } 628 return; 629 case 0x0005: /* mov.w Rm,@(R0,Rn) */ 630 { 631 TCGv addr = tcg_temp_new(); 632 tcg_gen_add_i32(addr, REG(B11_8), REG(0)); 633 tcg_gen_qemu_st_i32(REG(B7_4), addr, ctx->memidx, MO_TEUW); 634 tcg_temp_free(addr); 635 } 636 return; 637 case 0x0006: /* mov.l Rm,@(R0,Rn) */ 638 { 639 TCGv addr = tcg_temp_new(); 640 tcg_gen_add_i32(addr, REG(B11_8), REG(0)); 641 tcg_gen_qemu_st_i32(REG(B7_4), addr, ctx->memidx, MO_TEUL); 642 tcg_temp_free(addr); 643 } 644 return; 645 case 0x000c: /* mov.b @(R0,Rm),Rn */ 646 { 647 TCGv addr = tcg_temp_new(); 648 tcg_gen_add_i32(addr, REG(B7_4), REG(0)); 649 tcg_gen_qemu_ld_i32(REG(B11_8), addr, ctx->memidx, MO_SB); 650 tcg_temp_free(addr); 651 } 652 return; 653 case 0x000d: /* mov.w @(R0,Rm),Rn */ 654 { 655 TCGv addr = tcg_temp_new(); 656 tcg_gen_add_i32(addr, REG(B7_4), REG(0)); 657 tcg_gen_qemu_ld_i32(REG(B11_8), addr, ctx->memidx, MO_TESW); 658 tcg_temp_free(addr); 659 } 660 return; 661 case 0x000e: /* mov.l @(R0,Rm),Rn */ 662 { 663 TCGv addr = tcg_temp_new(); 664 tcg_gen_add_i32(addr, REG(B7_4), REG(0)); 665 tcg_gen_qemu_ld_i32(REG(B11_8), addr, ctx->memidx, MO_TESL); 666 tcg_temp_free(addr); 667 } 668 return; 669 case 0x6008: /* swap.b Rm,Rn */ 670 { 671 TCGv low = tcg_temp_new();; 672 tcg_gen_ext16u_i32(low, REG(B7_4)); 673 tcg_gen_bswap16_i32(low, low); 674 tcg_gen_deposit_i32(REG(B11_8), REG(B7_4), low, 0, 16); 675 tcg_temp_free(low); 676 } 677 return; 678 case 0x6009: /* swap.w Rm,Rn */ 679 tcg_gen_rotli_i32(REG(B11_8), REG(B7_4), 16); 680 return; 681 case 0x200d: /* xtrct Rm,Rn */ 682 { 683 TCGv high, low; 684 high = tcg_temp_new(); 685 tcg_gen_shli_i32(high, REG(B7_4), 16); 686 low = tcg_temp_new(); 687 tcg_gen_shri_i32(low, REG(B11_8), 16); 688 tcg_gen_or_i32(REG(B11_8), high, low); 689 tcg_temp_free(low); 690 tcg_temp_free(high); 691 } 692 return; 693 case 0x300c: /* add Rm,Rn */ 694 tcg_gen_add_i32(REG(B11_8), REG(B11_8), REG(B7_4)); 695 return; 696 case 0x300e: /* addc Rm,Rn */ 697 { 698 TCGv t0, t1; 699 t0 = tcg_const_tl(0); 700 t1 = tcg_temp_new(); 701 tcg_gen_add2_i32(t1, cpu_sr_t, cpu_sr_t, t0, REG(B7_4), t0); 702 tcg_gen_add2_i32(REG(B11_8), cpu_sr_t, 703 REG(B11_8), t0, t1, cpu_sr_t); 704 tcg_temp_free(t0); 705 tcg_temp_free(t1); 706 } 707 return; 708 case 0x300f: /* addv Rm,Rn */ 709 { 710 TCGv t0, t1, t2; 711 t0 = tcg_temp_new(); 712 tcg_gen_add_i32(t0, REG(B7_4), REG(B11_8)); 713 t1 = tcg_temp_new(); 714 tcg_gen_xor_i32(t1, t0, REG(B11_8)); 715 t2 = tcg_temp_new(); 716 tcg_gen_xor_i32(t2, REG(B7_4), REG(B11_8)); 717 tcg_gen_andc_i32(cpu_sr_t, t1, t2); 718 tcg_temp_free(t2); 719 tcg_gen_shri_i32(cpu_sr_t, cpu_sr_t, 31); 720 tcg_temp_free(t1); 721 tcg_gen_mov_i32(REG(B7_4), t0); 722 tcg_temp_free(t0); 723 } 724 return; 725 case 0x2009: /* and Rm,Rn */ 726 tcg_gen_and_i32(REG(B11_8), REG(B11_8), REG(B7_4)); 727 return; 728 case 0x3000: /* cmp/eq Rm,Rn */ 729 tcg_gen_setcond_i32(TCG_COND_EQ, cpu_sr_t, REG(B11_8), REG(B7_4)); 730 return; 731 case 0x3003: /* cmp/ge Rm,Rn */ 732 tcg_gen_setcond_i32(TCG_COND_GE, cpu_sr_t, REG(B11_8), REG(B7_4)); 733 return; 734 case 0x3007: /* cmp/gt Rm,Rn */ 735 tcg_gen_setcond_i32(TCG_COND_GT, cpu_sr_t, REG(B11_8), REG(B7_4)); 736 return; 737 case 0x3006: /* cmp/hi Rm,Rn */ 738 tcg_gen_setcond_i32(TCG_COND_GTU, cpu_sr_t, REG(B11_8), REG(B7_4)); 739 return; 740 case 0x3002: /* cmp/hs Rm,Rn */ 741 tcg_gen_setcond_i32(TCG_COND_GEU, cpu_sr_t, REG(B11_8), REG(B7_4)); 742 return; 743 case 0x200c: /* cmp/str Rm,Rn */ 744 { 745 TCGv cmp1 = tcg_temp_new(); 746 TCGv cmp2 = tcg_temp_new(); 747 tcg_gen_xor_i32(cmp2, REG(B7_4), REG(B11_8)); 748 tcg_gen_subi_i32(cmp1, cmp2, 0x01010101); 749 tcg_gen_andc_i32(cmp1, cmp1, cmp2); 750 tcg_gen_andi_i32(cmp1, cmp1, 0x80808080); 751 tcg_gen_setcondi_i32(TCG_COND_NE, cpu_sr_t, cmp1, 0); 752 tcg_temp_free(cmp2); 753 tcg_temp_free(cmp1); 754 } 755 return; 756 case 0x2007: /* div0s Rm,Rn */ 757 tcg_gen_shri_i32(cpu_sr_q, REG(B11_8), 31); /* SR_Q */ 758 tcg_gen_shri_i32(cpu_sr_m, REG(B7_4), 31); /* SR_M */ 759 tcg_gen_xor_i32(cpu_sr_t, cpu_sr_q, cpu_sr_m); /* SR_T */ 760 return; 761 case 0x3004: /* div1 Rm,Rn */ 762 { 763 TCGv t0 = tcg_temp_new(); 764 TCGv t1 = tcg_temp_new(); 765 TCGv t2 = tcg_temp_new(); 766 TCGv zero = tcg_const_i32(0); 767 768 /* shift left arg1, saving the bit being pushed out and inserting 769 T on the right */ 770 tcg_gen_shri_i32(t0, REG(B11_8), 31); 771 tcg_gen_shli_i32(REG(B11_8), REG(B11_8), 1); 772 tcg_gen_or_i32(REG(B11_8), REG(B11_8), cpu_sr_t); 773 774 /* Add or subtract arg0 from arg1 depending if Q == M. To avoid 775 using 64-bit temps, we compute arg0's high part from q ^ m, so 776 that it is 0x00000000 when adding the value or 0xffffffff when 777 subtracting it. */ 778 tcg_gen_xor_i32(t1, cpu_sr_q, cpu_sr_m); 779 tcg_gen_subi_i32(t1, t1, 1); 780 tcg_gen_neg_i32(t2, REG(B7_4)); 781 tcg_gen_movcond_i32(TCG_COND_EQ, t2, t1, zero, REG(B7_4), t2); 782 tcg_gen_add2_i32(REG(B11_8), t1, REG(B11_8), zero, t2, t1); 783 784 /* compute T and Q depending on carry */ 785 tcg_gen_andi_i32(t1, t1, 1); 786 tcg_gen_xor_i32(t1, t1, t0); 787 tcg_gen_xori_i32(cpu_sr_t, t1, 1); 788 tcg_gen_xor_i32(cpu_sr_q, cpu_sr_m, t1); 789 790 tcg_temp_free(zero); 791 tcg_temp_free(t2); 792 tcg_temp_free(t1); 793 tcg_temp_free(t0); 794 } 795 return; 796 case 0x300d: /* dmuls.l Rm,Rn */ 797 tcg_gen_muls2_i32(cpu_macl, cpu_mach, REG(B7_4), REG(B11_8)); 798 return; 799 case 0x3005: /* dmulu.l Rm,Rn */ 800 tcg_gen_mulu2_i32(cpu_macl, cpu_mach, REG(B7_4), REG(B11_8)); 801 return; 802 case 0x600e: /* exts.b Rm,Rn */ 803 tcg_gen_ext8s_i32(REG(B11_8), REG(B7_4)); 804 return; 805 case 0x600f: /* exts.w Rm,Rn */ 806 tcg_gen_ext16s_i32(REG(B11_8), REG(B7_4)); 807 return; 808 case 0x600c: /* extu.b Rm,Rn */ 809 tcg_gen_ext8u_i32(REG(B11_8), REG(B7_4)); 810 return; 811 case 0x600d: /* extu.w Rm,Rn */ 812 tcg_gen_ext16u_i32(REG(B11_8), REG(B7_4)); 813 return; 814 case 0x000f: /* mac.l @Rm+,@Rn+ */ 815 { 816 TCGv arg0, arg1; 817 arg0 = tcg_temp_new(); 818 tcg_gen_qemu_ld_i32(arg0, REG(B7_4), ctx->memidx, MO_TESL); 819 arg1 = tcg_temp_new(); 820 tcg_gen_qemu_ld_i32(arg1, REG(B11_8), ctx->memidx, MO_TESL); 821 gen_helper_macl(cpu_env, arg0, arg1); 822 tcg_temp_free(arg1); 823 tcg_temp_free(arg0); 824 tcg_gen_addi_i32(REG(B7_4), REG(B7_4), 4); 825 tcg_gen_addi_i32(REG(B11_8), REG(B11_8), 4); 826 } 827 return; 828 case 0x400f: /* mac.w @Rm+,@Rn+ */ 829 { 830 TCGv arg0, arg1; 831 arg0 = tcg_temp_new(); 832 tcg_gen_qemu_ld_i32(arg0, REG(B7_4), ctx->memidx, MO_TESL); 833 arg1 = tcg_temp_new(); 834 tcg_gen_qemu_ld_i32(arg1, REG(B11_8), ctx->memidx, MO_TESL); 835 gen_helper_macw(cpu_env, arg0, arg1); 836 tcg_temp_free(arg1); 837 tcg_temp_free(arg0); 838 tcg_gen_addi_i32(REG(B11_8), REG(B11_8), 2); 839 tcg_gen_addi_i32(REG(B7_4), REG(B7_4), 2); 840 } 841 return; 842 case 0x0007: /* mul.l Rm,Rn */ 843 tcg_gen_mul_i32(cpu_macl, REG(B7_4), REG(B11_8)); 844 return; 845 case 0x200f: /* muls.w Rm,Rn */ 846 { 847 TCGv arg0, arg1; 848 arg0 = tcg_temp_new(); 849 tcg_gen_ext16s_i32(arg0, REG(B7_4)); 850 arg1 = tcg_temp_new(); 851 tcg_gen_ext16s_i32(arg1, REG(B11_8)); 852 tcg_gen_mul_i32(cpu_macl, arg0, arg1); 853 tcg_temp_free(arg1); 854 tcg_temp_free(arg0); 855 } 856 return; 857 case 0x200e: /* mulu.w Rm,Rn */ 858 { 859 TCGv arg0, arg1; 860 arg0 = tcg_temp_new(); 861 tcg_gen_ext16u_i32(arg0, REG(B7_4)); 862 arg1 = tcg_temp_new(); 863 tcg_gen_ext16u_i32(arg1, REG(B11_8)); 864 tcg_gen_mul_i32(cpu_macl, arg0, arg1); 865 tcg_temp_free(arg1); 866 tcg_temp_free(arg0); 867 } 868 return; 869 case 0x600b: /* neg Rm,Rn */ 870 tcg_gen_neg_i32(REG(B11_8), REG(B7_4)); 871 return; 872 case 0x600a: /* negc Rm,Rn */ 873 { 874 TCGv t0 = tcg_const_i32(0); 875 tcg_gen_add2_i32(REG(B11_8), cpu_sr_t, 876 REG(B7_4), t0, cpu_sr_t, t0); 877 tcg_gen_sub2_i32(REG(B11_8), cpu_sr_t, 878 t0, t0, REG(B11_8), cpu_sr_t); 879 tcg_gen_andi_i32(cpu_sr_t, cpu_sr_t, 1); 880 tcg_temp_free(t0); 881 } 882 return; 883 case 0x6007: /* not Rm,Rn */ 884 tcg_gen_not_i32(REG(B11_8), REG(B7_4)); 885 return; 886 case 0x200b: /* or Rm,Rn */ 887 tcg_gen_or_i32(REG(B11_8), REG(B11_8), REG(B7_4)); 888 return; 889 case 0x400c: /* shad Rm,Rn */ 890 { 891 TCGv t0 = tcg_temp_new(); 892 TCGv t1 = tcg_temp_new(); 893 TCGv t2 = tcg_temp_new(); 894 895 tcg_gen_andi_i32(t0, REG(B7_4), 0x1f); 896 897 /* positive case: shift to the left */ 898 tcg_gen_shl_i32(t1, REG(B11_8), t0); 899 900 /* negative case: shift to the right in two steps to 901 correctly handle the -32 case */ 902 tcg_gen_xori_i32(t0, t0, 0x1f); 903 tcg_gen_sar_i32(t2, REG(B11_8), t0); 904 tcg_gen_sari_i32(t2, t2, 1); 905 906 /* select between the two cases */ 907 tcg_gen_movi_i32(t0, 0); 908 tcg_gen_movcond_i32(TCG_COND_GE, REG(B11_8), REG(B7_4), t0, t1, t2); 909 910 tcg_temp_free(t0); 911 tcg_temp_free(t1); 912 tcg_temp_free(t2); 913 } 914 return; 915 case 0x400d: /* shld Rm,Rn */ 916 { 917 TCGv t0 = tcg_temp_new(); 918 TCGv t1 = tcg_temp_new(); 919 TCGv t2 = tcg_temp_new(); 920 921 tcg_gen_andi_i32(t0, REG(B7_4), 0x1f); 922 923 /* positive case: shift to the left */ 924 tcg_gen_shl_i32(t1, REG(B11_8), t0); 925 926 /* negative case: shift to the right in two steps to 927 correctly handle the -32 case */ 928 tcg_gen_xori_i32(t0, t0, 0x1f); 929 tcg_gen_shr_i32(t2, REG(B11_8), t0); 930 tcg_gen_shri_i32(t2, t2, 1); 931 932 /* select between the two cases */ 933 tcg_gen_movi_i32(t0, 0); 934 tcg_gen_movcond_i32(TCG_COND_GE, REG(B11_8), REG(B7_4), t0, t1, t2); 935 936 tcg_temp_free(t0); 937 tcg_temp_free(t1); 938 tcg_temp_free(t2); 939 } 940 return; 941 case 0x3008: /* sub Rm,Rn */ 942 tcg_gen_sub_i32(REG(B11_8), REG(B11_8), REG(B7_4)); 943 return; 944 case 0x300a: /* subc Rm,Rn */ 945 { 946 TCGv t0, t1; 947 t0 = tcg_const_tl(0); 948 t1 = tcg_temp_new(); 949 tcg_gen_add2_i32(t1, cpu_sr_t, cpu_sr_t, t0, REG(B7_4), t0); 950 tcg_gen_sub2_i32(REG(B11_8), cpu_sr_t, 951 REG(B11_8), t0, t1, cpu_sr_t); 952 tcg_gen_andi_i32(cpu_sr_t, cpu_sr_t, 1); 953 tcg_temp_free(t0); 954 tcg_temp_free(t1); 955 } 956 return; 957 case 0x300b: /* subv Rm,Rn */ 958 { 959 TCGv t0, t1, t2; 960 t0 = tcg_temp_new(); 961 tcg_gen_sub_i32(t0, REG(B11_8), REG(B7_4)); 962 t1 = tcg_temp_new(); 963 tcg_gen_xor_i32(t1, t0, REG(B7_4)); 964 t2 = tcg_temp_new(); 965 tcg_gen_xor_i32(t2, REG(B11_8), REG(B7_4)); 966 tcg_gen_and_i32(t1, t1, t2); 967 tcg_temp_free(t2); 968 tcg_gen_shri_i32(cpu_sr_t, t1, 31); 969 tcg_temp_free(t1); 970 tcg_gen_mov_i32(REG(B11_8), t0); 971 tcg_temp_free(t0); 972 } 973 return; 974 case 0x2008: /* tst Rm,Rn */ 975 { 976 TCGv val = tcg_temp_new(); 977 tcg_gen_and_i32(val, REG(B7_4), REG(B11_8)); 978 tcg_gen_setcondi_i32(TCG_COND_EQ, cpu_sr_t, val, 0); 979 tcg_temp_free(val); 980 } 981 return; 982 case 0x200a: /* xor Rm,Rn */ 983 tcg_gen_xor_i32(REG(B11_8), REG(B11_8), REG(B7_4)); 984 return; 985 case 0xf00c: /* fmov {F,D,X}Rm,{F,D,X}Rn - FPSCR: Nothing */ 986 CHECK_FPU_ENABLED 987 if (ctx->tbflags & FPSCR_SZ) { 988 int xsrc = XHACK(B7_4); 989 int xdst = XHACK(B11_8); 990 tcg_gen_mov_i32(FREG(xdst), FREG(xsrc)); 991 tcg_gen_mov_i32(FREG(xdst + 1), FREG(xsrc + 1)); 992 } else { 993 tcg_gen_mov_i32(FREG(B11_8), FREG(B7_4)); 994 } 995 return; 996 case 0xf00a: /* fmov {F,D,X}Rm,@Rn - FPSCR: Nothing */ 997 CHECK_FPU_ENABLED 998 if (ctx->tbflags & FPSCR_SZ) { 999 TCGv_i64 fp = tcg_temp_new_i64(); 1000 gen_load_fpr64(ctx, fp, XHACK(B7_4)); 1001 tcg_gen_qemu_st_i64(fp, REG(B11_8), ctx->memidx, MO_TEQ); 1002 tcg_temp_free_i64(fp); 1003 } else { 1004 tcg_gen_qemu_st_i32(FREG(B7_4), REG(B11_8), ctx->memidx, MO_TEUL); 1005 } 1006 return; 1007 case 0xf008: /* fmov @Rm,{F,D,X}Rn - FPSCR: Nothing */ 1008 CHECK_FPU_ENABLED 1009 if (ctx->tbflags & FPSCR_SZ) { 1010 TCGv_i64 fp = tcg_temp_new_i64(); 1011 tcg_gen_qemu_ld_i64(fp, REG(B7_4), ctx->memidx, MO_TEQ); 1012 gen_store_fpr64(ctx, fp, XHACK(B11_8)); 1013 tcg_temp_free_i64(fp); 1014 } else { 1015 tcg_gen_qemu_ld_i32(FREG(B11_8), REG(B7_4), ctx->memidx, MO_TEUL); 1016 } 1017 return; 1018 case 0xf009: /* fmov @Rm+,{F,D,X}Rn - FPSCR: Nothing */ 1019 CHECK_FPU_ENABLED 1020 if (ctx->tbflags & FPSCR_SZ) { 1021 TCGv_i64 fp = tcg_temp_new_i64(); 1022 tcg_gen_qemu_ld_i64(fp, REG(B7_4), ctx->memidx, MO_TEQ); 1023 gen_store_fpr64(ctx, fp, XHACK(B11_8)); 1024 tcg_temp_free_i64(fp); 1025 tcg_gen_addi_i32(REG(B7_4), REG(B7_4), 8); 1026 } else { 1027 tcg_gen_qemu_ld_i32(FREG(B11_8), REG(B7_4), ctx->memidx, MO_TEUL); 1028 tcg_gen_addi_i32(REG(B7_4), REG(B7_4), 4); 1029 } 1030 return; 1031 case 0xf00b: /* fmov {F,D,X}Rm,@-Rn - FPSCR: Nothing */ 1032 CHECK_FPU_ENABLED 1033 { 1034 TCGv addr = tcg_temp_new_i32(); 1035 if (ctx->tbflags & FPSCR_SZ) { 1036 TCGv_i64 fp = tcg_temp_new_i64(); 1037 gen_load_fpr64(ctx, fp, XHACK(B7_4)); 1038 tcg_gen_subi_i32(addr, REG(B11_8), 8); 1039 tcg_gen_qemu_st_i64(fp, addr, ctx->memidx, MO_TEQ); 1040 tcg_temp_free_i64(fp); 1041 } else { 1042 tcg_gen_subi_i32(addr, REG(B11_8), 4); 1043 tcg_gen_qemu_st_i32(FREG(B7_4), addr, ctx->memidx, MO_TEUL); 1044 } 1045 tcg_gen_mov_i32(REG(B11_8), addr); 1046 tcg_temp_free(addr); 1047 } 1048 return; 1049 case 0xf006: /* fmov @(R0,Rm),{F,D,X}Rm - FPSCR: Nothing */ 1050 CHECK_FPU_ENABLED 1051 { 1052 TCGv addr = tcg_temp_new_i32(); 1053 tcg_gen_add_i32(addr, REG(B7_4), REG(0)); 1054 if (ctx->tbflags & FPSCR_SZ) { 1055 TCGv_i64 fp = tcg_temp_new_i64(); 1056 tcg_gen_qemu_ld_i64(fp, addr, ctx->memidx, MO_TEQ); 1057 gen_store_fpr64(ctx, fp, XHACK(B11_8)); 1058 tcg_temp_free_i64(fp); 1059 } else { 1060 tcg_gen_qemu_ld_i32(FREG(B11_8), addr, ctx->memidx, MO_TEUL); 1061 } 1062 tcg_temp_free(addr); 1063 } 1064 return; 1065 case 0xf007: /* fmov {F,D,X}Rn,@(R0,Rn) - FPSCR: Nothing */ 1066 CHECK_FPU_ENABLED 1067 { 1068 TCGv addr = tcg_temp_new(); 1069 tcg_gen_add_i32(addr, REG(B11_8), REG(0)); 1070 if (ctx->tbflags & FPSCR_SZ) { 1071 TCGv_i64 fp = tcg_temp_new_i64(); 1072 gen_load_fpr64(ctx, fp, XHACK(B7_4)); 1073 tcg_gen_qemu_st_i64(fp, addr, ctx->memidx, MO_TEQ); 1074 tcg_temp_free_i64(fp); 1075 } else { 1076 tcg_gen_qemu_st_i32(FREG(B7_4), addr, ctx->memidx, MO_TEUL); 1077 } 1078 tcg_temp_free(addr); 1079 } 1080 return; 1081 case 0xf000: /* fadd Rm,Rn - FPSCR: R[PR,Enable.O/U/I]/W[Cause,Flag] */ 1082 case 0xf001: /* fsub Rm,Rn - FPSCR: R[PR,Enable.O/U/I]/W[Cause,Flag] */ 1083 case 0xf002: /* fmul Rm,Rn - FPSCR: R[PR,Enable.O/U/I]/W[Cause,Flag] */ 1084 case 0xf003: /* fdiv Rm,Rn - FPSCR: R[PR,Enable.O/U/I]/W[Cause,Flag] */ 1085 case 0xf004: /* fcmp/eq Rm,Rn - FPSCR: R[PR,Enable.V]/W[Cause,Flag] */ 1086 case 0xf005: /* fcmp/gt Rm,Rn - FPSCR: R[PR,Enable.V]/W[Cause,Flag] */ 1087 { 1088 CHECK_FPU_ENABLED 1089 if (ctx->tbflags & FPSCR_PR) { 1090 TCGv_i64 fp0, fp1; 1091 1092 if (ctx->opcode & 0x0110) { 1093 goto do_illegal; 1094 } 1095 fp0 = tcg_temp_new_i64(); 1096 fp1 = tcg_temp_new_i64(); 1097 gen_load_fpr64(ctx, fp0, B11_8); 1098 gen_load_fpr64(ctx, fp1, B7_4); 1099 switch (ctx->opcode & 0xf00f) { 1100 case 0xf000: /* fadd Rm,Rn */ 1101 gen_helper_fadd_DT(fp0, cpu_env, fp0, fp1); 1102 break; 1103 case 0xf001: /* fsub Rm,Rn */ 1104 gen_helper_fsub_DT(fp0, cpu_env, fp0, fp1); 1105 break; 1106 case 0xf002: /* fmul Rm,Rn */ 1107 gen_helper_fmul_DT(fp0, cpu_env, fp0, fp1); 1108 break; 1109 case 0xf003: /* fdiv Rm,Rn */ 1110 gen_helper_fdiv_DT(fp0, cpu_env, fp0, fp1); 1111 break; 1112 case 0xf004: /* fcmp/eq Rm,Rn */ 1113 gen_helper_fcmp_eq_DT(cpu_sr_t, cpu_env, fp0, fp1); 1114 return; 1115 case 0xf005: /* fcmp/gt Rm,Rn */ 1116 gen_helper_fcmp_gt_DT(cpu_sr_t, cpu_env, fp0, fp1); 1117 return; 1118 } 1119 gen_store_fpr64(ctx, fp0, B11_8); 1120 tcg_temp_free_i64(fp0); 1121 tcg_temp_free_i64(fp1); 1122 } else { 1123 switch (ctx->opcode & 0xf00f) { 1124 case 0xf000: /* fadd Rm,Rn */ 1125 gen_helper_fadd_FT(FREG(B11_8), cpu_env, 1126 FREG(B11_8), FREG(B7_4)); 1127 break; 1128 case 0xf001: /* fsub Rm,Rn */ 1129 gen_helper_fsub_FT(FREG(B11_8), cpu_env, 1130 FREG(B11_8), FREG(B7_4)); 1131 break; 1132 case 0xf002: /* fmul Rm,Rn */ 1133 gen_helper_fmul_FT(FREG(B11_8), cpu_env, 1134 FREG(B11_8), FREG(B7_4)); 1135 break; 1136 case 0xf003: /* fdiv Rm,Rn */ 1137 gen_helper_fdiv_FT(FREG(B11_8), cpu_env, 1138 FREG(B11_8), FREG(B7_4)); 1139 break; 1140 case 0xf004: /* fcmp/eq Rm,Rn */ 1141 gen_helper_fcmp_eq_FT(cpu_sr_t, cpu_env, 1142 FREG(B11_8), FREG(B7_4)); 1143 return; 1144 case 0xf005: /* fcmp/gt Rm,Rn */ 1145 gen_helper_fcmp_gt_FT(cpu_sr_t, cpu_env, 1146 FREG(B11_8), FREG(B7_4)); 1147 return; 1148 } 1149 } 1150 } 1151 return; 1152 case 0xf00e: /* fmac FR0,RM,Rn */ 1153 CHECK_FPU_ENABLED 1154 CHECK_FPSCR_PR_0 1155 gen_helper_fmac_FT(FREG(B11_8), cpu_env, 1156 FREG(0), FREG(B7_4), FREG(B11_8)); 1157 return; 1158 } 1159 1160 switch (ctx->opcode & 0xff00) { 1161 case 0xc900: /* and #imm,R0 */ 1162 tcg_gen_andi_i32(REG(0), REG(0), B7_0); 1163 return; 1164 case 0xcd00: /* and.b #imm,@(R0,GBR) */ 1165 { 1166 TCGv addr, val; 1167 addr = tcg_temp_new(); 1168 tcg_gen_add_i32(addr, REG(0), cpu_gbr); 1169 val = tcg_temp_new(); 1170 tcg_gen_qemu_ld_i32(val, addr, ctx->memidx, MO_UB); 1171 tcg_gen_andi_i32(val, val, B7_0); 1172 tcg_gen_qemu_st_i32(val, addr, ctx->memidx, MO_UB); 1173 tcg_temp_free(val); 1174 tcg_temp_free(addr); 1175 } 1176 return; 1177 case 0x8b00: /* bf label */ 1178 CHECK_NOT_DELAY_SLOT 1179 gen_conditional_jump(ctx, ctx->pc + 4 + B7_0s * 2, false); 1180 return; 1181 case 0x8f00: /* bf/s label */ 1182 CHECK_NOT_DELAY_SLOT 1183 tcg_gen_xori_i32(cpu_delayed_cond, cpu_sr_t, 1); 1184 ctx->delayed_pc = ctx->pc + 4 + B7_0s * 2; 1185 ctx->envflags |= DELAY_SLOT_CONDITIONAL; 1186 return; 1187 case 0x8900: /* bt label */ 1188 CHECK_NOT_DELAY_SLOT 1189 gen_conditional_jump(ctx, ctx->pc + 4 + B7_0s * 2, true); 1190 return; 1191 case 0x8d00: /* bt/s label */ 1192 CHECK_NOT_DELAY_SLOT 1193 tcg_gen_mov_i32(cpu_delayed_cond, cpu_sr_t); 1194 ctx->delayed_pc = ctx->pc + 4 + B7_0s * 2; 1195 ctx->envflags |= DELAY_SLOT_CONDITIONAL; 1196 return; 1197 case 0x8800: /* cmp/eq #imm,R0 */ 1198 tcg_gen_setcondi_i32(TCG_COND_EQ, cpu_sr_t, REG(0), B7_0s); 1199 return; 1200 case 0xc400: /* mov.b @(disp,GBR),R0 */ 1201 { 1202 TCGv addr = tcg_temp_new(); 1203 tcg_gen_addi_i32(addr, cpu_gbr, B7_0); 1204 tcg_gen_qemu_ld_i32(REG(0), addr, ctx->memidx, MO_SB); 1205 tcg_temp_free(addr); 1206 } 1207 return; 1208 case 0xc500: /* mov.w @(disp,GBR),R0 */ 1209 { 1210 TCGv addr = tcg_temp_new(); 1211 tcg_gen_addi_i32(addr, cpu_gbr, B7_0 * 2); 1212 tcg_gen_qemu_ld_i32(REG(0), addr, ctx->memidx, MO_TESW); 1213 tcg_temp_free(addr); 1214 } 1215 return; 1216 case 0xc600: /* mov.l @(disp,GBR),R0 */ 1217 { 1218 TCGv addr = tcg_temp_new(); 1219 tcg_gen_addi_i32(addr, cpu_gbr, B7_0 * 4); 1220 tcg_gen_qemu_ld_i32(REG(0), addr, ctx->memidx, MO_TESL); 1221 tcg_temp_free(addr); 1222 } 1223 return; 1224 case 0xc000: /* mov.b R0,@(disp,GBR) */ 1225 { 1226 TCGv addr = tcg_temp_new(); 1227 tcg_gen_addi_i32(addr, cpu_gbr, B7_0); 1228 tcg_gen_qemu_st_i32(REG(0), addr, ctx->memidx, MO_UB); 1229 tcg_temp_free(addr); 1230 } 1231 return; 1232 case 0xc100: /* mov.w R0,@(disp,GBR) */ 1233 { 1234 TCGv addr = tcg_temp_new(); 1235 tcg_gen_addi_i32(addr, cpu_gbr, B7_0 * 2); 1236 tcg_gen_qemu_st_i32(REG(0), addr, ctx->memidx, MO_TEUW); 1237 tcg_temp_free(addr); 1238 } 1239 return; 1240 case 0xc200: /* mov.l R0,@(disp,GBR) */ 1241 { 1242 TCGv addr = tcg_temp_new(); 1243 tcg_gen_addi_i32(addr, cpu_gbr, B7_0 * 4); 1244 tcg_gen_qemu_st_i32(REG(0), addr, ctx->memidx, MO_TEUL); 1245 tcg_temp_free(addr); 1246 } 1247 return; 1248 case 0x8000: /* mov.b R0,@(disp,Rn) */ 1249 { 1250 TCGv addr = tcg_temp_new(); 1251 tcg_gen_addi_i32(addr, REG(B7_4), B3_0); 1252 tcg_gen_qemu_st_i32(REG(0), addr, ctx->memidx, MO_UB); 1253 tcg_temp_free(addr); 1254 } 1255 return; 1256 case 0x8100: /* mov.w R0,@(disp,Rn) */ 1257 { 1258 TCGv addr = tcg_temp_new(); 1259 tcg_gen_addi_i32(addr, REG(B7_4), B3_0 * 2); 1260 tcg_gen_qemu_st_i32(REG(0), addr, ctx->memidx, MO_TEUW); 1261 tcg_temp_free(addr); 1262 } 1263 return; 1264 case 0x8400: /* mov.b @(disp,Rn),R0 */ 1265 { 1266 TCGv addr = tcg_temp_new(); 1267 tcg_gen_addi_i32(addr, REG(B7_4), B3_0); 1268 tcg_gen_qemu_ld_i32(REG(0), addr, ctx->memidx, MO_SB); 1269 tcg_temp_free(addr); 1270 } 1271 return; 1272 case 0x8500: /* mov.w @(disp,Rn),R0 */ 1273 { 1274 TCGv addr = tcg_temp_new(); 1275 tcg_gen_addi_i32(addr, REG(B7_4), B3_0 * 2); 1276 tcg_gen_qemu_ld_i32(REG(0), addr, ctx->memidx, MO_TESW); 1277 tcg_temp_free(addr); 1278 } 1279 return; 1280 case 0xc700: /* mova @(disp,PC),R0 */ 1281 tcg_gen_movi_i32(REG(0), ((ctx->pc & 0xfffffffc) + 4 + B7_0 * 4) & ~3); 1282 return; 1283 case 0xcb00: /* or #imm,R0 */ 1284 tcg_gen_ori_i32(REG(0), REG(0), B7_0); 1285 return; 1286 case 0xcf00: /* or.b #imm,@(R0,GBR) */ 1287 { 1288 TCGv addr, val; 1289 addr = tcg_temp_new(); 1290 tcg_gen_add_i32(addr, REG(0), cpu_gbr); 1291 val = tcg_temp_new(); 1292 tcg_gen_qemu_ld_i32(val, addr, ctx->memidx, MO_UB); 1293 tcg_gen_ori_i32(val, val, B7_0); 1294 tcg_gen_qemu_st_i32(val, addr, ctx->memidx, MO_UB); 1295 tcg_temp_free(val); 1296 tcg_temp_free(addr); 1297 } 1298 return; 1299 case 0xc300: /* trapa #imm */ 1300 { 1301 TCGv imm; 1302 CHECK_NOT_DELAY_SLOT 1303 gen_save_cpu_state(ctx, true); 1304 imm = tcg_const_i32(B7_0); 1305 gen_helper_trapa(cpu_env, imm); 1306 tcg_temp_free(imm); 1307 ctx->bstate = BS_EXCP; 1308 } 1309 return; 1310 case 0xc800: /* tst #imm,R0 */ 1311 { 1312 TCGv val = tcg_temp_new(); 1313 tcg_gen_andi_i32(val, REG(0), B7_0); 1314 tcg_gen_setcondi_i32(TCG_COND_EQ, cpu_sr_t, val, 0); 1315 tcg_temp_free(val); 1316 } 1317 return; 1318 case 0xcc00: /* tst.b #imm,@(R0,GBR) */ 1319 { 1320 TCGv val = tcg_temp_new(); 1321 tcg_gen_add_i32(val, REG(0), cpu_gbr); 1322 tcg_gen_qemu_ld_i32(val, val, ctx->memidx, MO_UB); 1323 tcg_gen_andi_i32(val, val, B7_0); 1324 tcg_gen_setcondi_i32(TCG_COND_EQ, cpu_sr_t, val, 0); 1325 tcg_temp_free(val); 1326 } 1327 return; 1328 case 0xca00: /* xor #imm,R0 */ 1329 tcg_gen_xori_i32(REG(0), REG(0), B7_0); 1330 return; 1331 case 0xce00: /* xor.b #imm,@(R0,GBR) */ 1332 { 1333 TCGv addr, val; 1334 addr = tcg_temp_new(); 1335 tcg_gen_add_i32(addr, REG(0), cpu_gbr); 1336 val = tcg_temp_new(); 1337 tcg_gen_qemu_ld_i32(val, addr, ctx->memidx, MO_UB); 1338 tcg_gen_xori_i32(val, val, B7_0); 1339 tcg_gen_qemu_st_i32(val, addr, ctx->memidx, MO_UB); 1340 tcg_temp_free(val); 1341 tcg_temp_free(addr); 1342 } 1343 return; 1344 } 1345 1346 switch (ctx->opcode & 0xf08f) { 1347 case 0x408e: /* ldc Rm,Rn_BANK */ 1348 CHECK_PRIVILEGED 1349 tcg_gen_mov_i32(ALTREG(B6_4), REG(B11_8)); 1350 return; 1351 case 0x4087: /* ldc.l @Rm+,Rn_BANK */ 1352 CHECK_PRIVILEGED 1353 tcg_gen_qemu_ld_i32(ALTREG(B6_4), REG(B11_8), ctx->memidx, MO_TESL); 1354 tcg_gen_addi_i32(REG(B11_8), REG(B11_8), 4); 1355 return; 1356 case 0x0082: /* stc Rm_BANK,Rn */ 1357 CHECK_PRIVILEGED 1358 tcg_gen_mov_i32(REG(B11_8), ALTREG(B6_4)); 1359 return; 1360 case 0x4083: /* stc.l Rm_BANK,@-Rn */ 1361 CHECK_PRIVILEGED 1362 { 1363 TCGv addr = tcg_temp_new(); 1364 tcg_gen_subi_i32(addr, REG(B11_8), 4); 1365 tcg_gen_qemu_st_i32(ALTREG(B6_4), addr, ctx->memidx, MO_TEUL); 1366 tcg_gen_mov_i32(REG(B11_8), addr); 1367 tcg_temp_free(addr); 1368 } 1369 return; 1370 } 1371 1372 switch (ctx->opcode & 0xf0ff) { 1373 case 0x0023: /* braf Rn */ 1374 CHECK_NOT_DELAY_SLOT 1375 tcg_gen_addi_i32(cpu_delayed_pc, REG(B11_8), ctx->pc + 4); 1376 ctx->envflags |= DELAY_SLOT; 1377 ctx->delayed_pc = (uint32_t) - 1; 1378 return; 1379 case 0x0003: /* bsrf Rn */ 1380 CHECK_NOT_DELAY_SLOT 1381 tcg_gen_movi_i32(cpu_pr, ctx->pc + 4); 1382 tcg_gen_add_i32(cpu_delayed_pc, REG(B11_8), cpu_pr); 1383 ctx->envflags |= DELAY_SLOT; 1384 ctx->delayed_pc = (uint32_t) - 1; 1385 return; 1386 case 0x4015: /* cmp/pl Rn */ 1387 tcg_gen_setcondi_i32(TCG_COND_GT, cpu_sr_t, REG(B11_8), 0); 1388 return; 1389 case 0x4011: /* cmp/pz Rn */ 1390 tcg_gen_setcondi_i32(TCG_COND_GE, cpu_sr_t, REG(B11_8), 0); 1391 return; 1392 case 0x4010: /* dt Rn */ 1393 tcg_gen_subi_i32(REG(B11_8), REG(B11_8), 1); 1394 tcg_gen_setcondi_i32(TCG_COND_EQ, cpu_sr_t, REG(B11_8), 0); 1395 return; 1396 case 0x402b: /* jmp @Rn */ 1397 CHECK_NOT_DELAY_SLOT 1398 tcg_gen_mov_i32(cpu_delayed_pc, REG(B11_8)); 1399 ctx->envflags |= DELAY_SLOT; 1400 ctx->delayed_pc = (uint32_t) - 1; 1401 return; 1402 case 0x400b: /* jsr @Rn */ 1403 CHECK_NOT_DELAY_SLOT 1404 tcg_gen_movi_i32(cpu_pr, ctx->pc + 4); 1405 tcg_gen_mov_i32(cpu_delayed_pc, REG(B11_8)); 1406 ctx->envflags |= DELAY_SLOT; 1407 ctx->delayed_pc = (uint32_t) - 1; 1408 return; 1409 case 0x400e: /* ldc Rm,SR */ 1410 CHECK_PRIVILEGED 1411 { 1412 TCGv val = tcg_temp_new(); 1413 tcg_gen_andi_i32(val, REG(B11_8), 0x700083f3); 1414 gen_write_sr(val); 1415 tcg_temp_free(val); 1416 ctx->bstate = BS_STOP; 1417 } 1418 return; 1419 case 0x4007: /* ldc.l @Rm+,SR */ 1420 CHECK_PRIVILEGED 1421 { 1422 TCGv val = tcg_temp_new(); 1423 tcg_gen_qemu_ld_i32(val, REG(B11_8), ctx->memidx, MO_TESL); 1424 tcg_gen_andi_i32(val, val, 0x700083f3); 1425 gen_write_sr(val); 1426 tcg_temp_free(val); 1427 tcg_gen_addi_i32(REG(B11_8), REG(B11_8), 4); 1428 ctx->bstate = BS_STOP; 1429 } 1430 return; 1431 case 0x0002: /* stc SR,Rn */ 1432 CHECK_PRIVILEGED 1433 gen_read_sr(REG(B11_8)); 1434 return; 1435 case 0x4003: /* stc SR,@-Rn */ 1436 CHECK_PRIVILEGED 1437 { 1438 TCGv addr = tcg_temp_new(); 1439 TCGv val = tcg_temp_new(); 1440 tcg_gen_subi_i32(addr, REG(B11_8), 4); 1441 gen_read_sr(val); 1442 tcg_gen_qemu_st_i32(val, addr, ctx->memidx, MO_TEUL); 1443 tcg_gen_mov_i32(REG(B11_8), addr); 1444 tcg_temp_free(val); 1445 tcg_temp_free(addr); 1446 } 1447 return; 1448 #define LD(reg,ldnum,ldpnum,prechk) \ 1449 case ldnum: \ 1450 prechk \ 1451 tcg_gen_mov_i32 (cpu_##reg, REG(B11_8)); \ 1452 return; \ 1453 case ldpnum: \ 1454 prechk \ 1455 tcg_gen_qemu_ld_i32(cpu_##reg, REG(B11_8), ctx->memidx, MO_TESL); \ 1456 tcg_gen_addi_i32(REG(B11_8), REG(B11_8), 4); \ 1457 return; 1458 #define ST(reg,stnum,stpnum,prechk) \ 1459 case stnum: \ 1460 prechk \ 1461 tcg_gen_mov_i32 (REG(B11_8), cpu_##reg); \ 1462 return; \ 1463 case stpnum: \ 1464 prechk \ 1465 { \ 1466 TCGv addr = tcg_temp_new(); \ 1467 tcg_gen_subi_i32(addr, REG(B11_8), 4); \ 1468 tcg_gen_qemu_st_i32(cpu_##reg, addr, ctx->memidx, MO_TEUL); \ 1469 tcg_gen_mov_i32(REG(B11_8), addr); \ 1470 tcg_temp_free(addr); \ 1471 } \ 1472 return; 1473 #define LDST(reg,ldnum,ldpnum,stnum,stpnum,prechk) \ 1474 LD(reg,ldnum,ldpnum,prechk) \ 1475 ST(reg,stnum,stpnum,prechk) 1476 LDST(gbr, 0x401e, 0x4017, 0x0012, 0x4013, {}) 1477 LDST(vbr, 0x402e, 0x4027, 0x0022, 0x4023, CHECK_PRIVILEGED) 1478 LDST(ssr, 0x403e, 0x4037, 0x0032, 0x4033, CHECK_PRIVILEGED) 1479 LDST(spc, 0x404e, 0x4047, 0x0042, 0x4043, CHECK_PRIVILEGED) 1480 ST(sgr, 0x003a, 0x4032, CHECK_PRIVILEGED) 1481 LD(sgr, 0x403a, 0x4036, CHECK_PRIVILEGED CHECK_SH4A) 1482 LDST(dbr, 0x40fa, 0x40f6, 0x00fa, 0x40f2, CHECK_PRIVILEGED) 1483 LDST(mach, 0x400a, 0x4006, 0x000a, 0x4002, {}) 1484 LDST(macl, 0x401a, 0x4016, 0x001a, 0x4012, {}) 1485 LDST(pr, 0x402a, 0x4026, 0x002a, 0x4022, {}) 1486 LDST(fpul, 0x405a, 0x4056, 0x005a, 0x4052, {CHECK_FPU_ENABLED}) 1487 case 0x406a: /* lds Rm,FPSCR */ 1488 CHECK_FPU_ENABLED 1489 gen_helper_ld_fpscr(cpu_env, REG(B11_8)); 1490 ctx->bstate = BS_STOP; 1491 return; 1492 case 0x4066: /* lds.l @Rm+,FPSCR */ 1493 CHECK_FPU_ENABLED 1494 { 1495 TCGv addr = tcg_temp_new(); 1496 tcg_gen_qemu_ld_i32(addr, REG(B11_8), ctx->memidx, MO_TESL); 1497 tcg_gen_addi_i32(REG(B11_8), REG(B11_8), 4); 1498 gen_helper_ld_fpscr(cpu_env, addr); 1499 tcg_temp_free(addr); 1500 ctx->bstate = BS_STOP; 1501 } 1502 return; 1503 case 0x006a: /* sts FPSCR,Rn */ 1504 CHECK_FPU_ENABLED 1505 tcg_gen_andi_i32(REG(B11_8), cpu_fpscr, 0x003fffff); 1506 return; 1507 case 0x4062: /* sts FPSCR,@-Rn */ 1508 CHECK_FPU_ENABLED 1509 { 1510 TCGv addr, val; 1511 val = tcg_temp_new(); 1512 tcg_gen_andi_i32(val, cpu_fpscr, 0x003fffff); 1513 addr = tcg_temp_new(); 1514 tcg_gen_subi_i32(addr, REG(B11_8), 4); 1515 tcg_gen_qemu_st_i32(val, addr, ctx->memidx, MO_TEUL); 1516 tcg_gen_mov_i32(REG(B11_8), addr); 1517 tcg_temp_free(addr); 1518 tcg_temp_free(val); 1519 } 1520 return; 1521 case 0x00c3: /* movca.l R0,@Rm */ 1522 { 1523 TCGv val = tcg_temp_new(); 1524 tcg_gen_qemu_ld_i32(val, REG(B11_8), ctx->memidx, MO_TEUL); 1525 gen_helper_movcal(cpu_env, REG(B11_8), val); 1526 tcg_gen_qemu_st_i32(REG(0), REG(B11_8), ctx->memidx, MO_TEUL); 1527 } 1528 ctx->has_movcal = 1; 1529 return; 1530 case 0x40a9: /* movua.l @Rm,R0 */ 1531 CHECK_SH4A 1532 /* Load non-boundary-aligned data */ 1533 tcg_gen_qemu_ld_i32(REG(0), REG(B11_8), ctx->memidx, 1534 MO_TEUL | MO_UNALN); 1535 return; 1536 break; 1537 case 0x40e9: /* movua.l @Rm+,R0 */ 1538 CHECK_SH4A 1539 /* Load non-boundary-aligned data */ 1540 tcg_gen_qemu_ld_i32(REG(0), REG(B11_8), ctx->memidx, 1541 MO_TEUL | MO_UNALN); 1542 tcg_gen_addi_i32(REG(B11_8), REG(B11_8), 4); 1543 return; 1544 break; 1545 case 0x0029: /* movt Rn */ 1546 tcg_gen_mov_i32(REG(B11_8), cpu_sr_t); 1547 return; 1548 case 0x0073: 1549 /* MOVCO.L 1550 LDST -> T 1551 If (T == 1) R0 -> (Rn) 1552 0 -> LDST 1553 */ 1554 CHECK_SH4A 1555 { 1556 TCGLabel *label = gen_new_label(); 1557 tcg_gen_mov_i32(cpu_sr_t, cpu_ldst); 1558 tcg_gen_brcondi_i32(TCG_COND_EQ, cpu_ldst, 0, label); 1559 tcg_gen_qemu_st_i32(REG(0), REG(B11_8), ctx->memidx, MO_TEUL); 1560 gen_set_label(label); 1561 tcg_gen_movi_i32(cpu_ldst, 0); 1562 return; 1563 } 1564 case 0x0063: 1565 /* MOVLI.L @Rm,R0 1566 1 -> LDST 1567 (Rm) -> R0 1568 When interrupt/exception 1569 occurred 0 -> LDST 1570 */ 1571 CHECK_SH4A 1572 tcg_gen_movi_i32(cpu_ldst, 0); 1573 tcg_gen_qemu_ld_i32(REG(0), REG(B11_8), ctx->memidx, MO_TESL); 1574 tcg_gen_movi_i32(cpu_ldst, 1); 1575 return; 1576 case 0x0093: /* ocbi @Rn */ 1577 { 1578 gen_helper_ocbi(cpu_env, REG(B11_8)); 1579 } 1580 return; 1581 case 0x00a3: /* ocbp @Rn */ 1582 case 0x00b3: /* ocbwb @Rn */ 1583 /* These instructions are supposed to do nothing in case of 1584 a cache miss. Given that we only partially emulate caches 1585 it is safe to simply ignore them. */ 1586 return; 1587 case 0x0083: /* pref @Rn */ 1588 return; 1589 case 0x00d3: /* prefi @Rn */ 1590 CHECK_SH4A 1591 return; 1592 case 0x00e3: /* icbi @Rn */ 1593 CHECK_SH4A 1594 return; 1595 case 0x00ab: /* synco */ 1596 CHECK_SH4A 1597 tcg_gen_mb(TCG_MO_ALL | TCG_BAR_SC); 1598 return; 1599 break; 1600 case 0x4024: /* rotcl Rn */ 1601 { 1602 TCGv tmp = tcg_temp_new(); 1603 tcg_gen_mov_i32(tmp, cpu_sr_t); 1604 tcg_gen_shri_i32(cpu_sr_t, REG(B11_8), 31); 1605 tcg_gen_shli_i32(REG(B11_8), REG(B11_8), 1); 1606 tcg_gen_or_i32(REG(B11_8), REG(B11_8), tmp); 1607 tcg_temp_free(tmp); 1608 } 1609 return; 1610 case 0x4025: /* rotcr Rn */ 1611 { 1612 TCGv tmp = tcg_temp_new(); 1613 tcg_gen_shli_i32(tmp, cpu_sr_t, 31); 1614 tcg_gen_andi_i32(cpu_sr_t, REG(B11_8), 1); 1615 tcg_gen_shri_i32(REG(B11_8), REG(B11_8), 1); 1616 tcg_gen_or_i32(REG(B11_8), REG(B11_8), tmp); 1617 tcg_temp_free(tmp); 1618 } 1619 return; 1620 case 0x4004: /* rotl Rn */ 1621 tcg_gen_rotli_i32(REG(B11_8), REG(B11_8), 1); 1622 tcg_gen_andi_i32(cpu_sr_t, REG(B11_8), 0); 1623 return; 1624 case 0x4005: /* rotr Rn */ 1625 tcg_gen_andi_i32(cpu_sr_t, REG(B11_8), 0); 1626 tcg_gen_rotri_i32(REG(B11_8), REG(B11_8), 1); 1627 return; 1628 case 0x4000: /* shll Rn */ 1629 case 0x4020: /* shal Rn */ 1630 tcg_gen_shri_i32(cpu_sr_t, REG(B11_8), 31); 1631 tcg_gen_shli_i32(REG(B11_8), REG(B11_8), 1); 1632 return; 1633 case 0x4021: /* shar Rn */ 1634 tcg_gen_andi_i32(cpu_sr_t, REG(B11_8), 1); 1635 tcg_gen_sari_i32(REG(B11_8), REG(B11_8), 1); 1636 return; 1637 case 0x4001: /* shlr Rn */ 1638 tcg_gen_andi_i32(cpu_sr_t, REG(B11_8), 1); 1639 tcg_gen_shri_i32(REG(B11_8), REG(B11_8), 1); 1640 return; 1641 case 0x4008: /* shll2 Rn */ 1642 tcg_gen_shli_i32(REG(B11_8), REG(B11_8), 2); 1643 return; 1644 case 0x4018: /* shll8 Rn */ 1645 tcg_gen_shli_i32(REG(B11_8), REG(B11_8), 8); 1646 return; 1647 case 0x4028: /* shll16 Rn */ 1648 tcg_gen_shli_i32(REG(B11_8), REG(B11_8), 16); 1649 return; 1650 case 0x4009: /* shlr2 Rn */ 1651 tcg_gen_shri_i32(REG(B11_8), REG(B11_8), 2); 1652 return; 1653 case 0x4019: /* shlr8 Rn */ 1654 tcg_gen_shri_i32(REG(B11_8), REG(B11_8), 8); 1655 return; 1656 case 0x4029: /* shlr16 Rn */ 1657 tcg_gen_shri_i32(REG(B11_8), REG(B11_8), 16); 1658 return; 1659 case 0x401b: /* tas.b @Rn */ 1660 { 1661 TCGv val = tcg_const_i32(0x80); 1662 tcg_gen_atomic_fetch_or_i32(val, REG(B11_8), val, 1663 ctx->memidx, MO_UB); 1664 tcg_gen_setcondi_i32(TCG_COND_EQ, cpu_sr_t, val, 0); 1665 tcg_temp_free(val); 1666 } 1667 return; 1668 case 0xf00d: /* fsts FPUL,FRn - FPSCR: Nothing */ 1669 CHECK_FPU_ENABLED 1670 tcg_gen_mov_i32(FREG(B11_8), cpu_fpul); 1671 return; 1672 case 0xf01d: /* flds FRm,FPUL - FPSCR: Nothing */ 1673 CHECK_FPU_ENABLED 1674 tcg_gen_mov_i32(cpu_fpul, FREG(B11_8)); 1675 return; 1676 case 0xf02d: /* float FPUL,FRn/DRn - FPSCR: R[PR,Enable.I]/W[Cause,Flag] */ 1677 CHECK_FPU_ENABLED 1678 if (ctx->tbflags & FPSCR_PR) { 1679 TCGv_i64 fp; 1680 if (ctx->opcode & 0x0100) { 1681 goto do_illegal; 1682 } 1683 fp = tcg_temp_new_i64(); 1684 gen_helper_float_DT(fp, cpu_env, cpu_fpul); 1685 gen_store_fpr64(ctx, fp, B11_8); 1686 tcg_temp_free_i64(fp); 1687 } 1688 else { 1689 gen_helper_float_FT(FREG(B11_8), cpu_env, cpu_fpul); 1690 } 1691 return; 1692 case 0xf03d: /* ftrc FRm/DRm,FPUL - FPSCR: R[PR,Enable.V]/W[Cause,Flag] */ 1693 CHECK_FPU_ENABLED 1694 if (ctx->tbflags & FPSCR_PR) { 1695 TCGv_i64 fp; 1696 if (ctx->opcode & 0x0100) { 1697 goto do_illegal; 1698 } 1699 fp = tcg_temp_new_i64(); 1700 gen_load_fpr64(ctx, fp, B11_8); 1701 gen_helper_ftrc_DT(cpu_fpul, cpu_env, fp); 1702 tcg_temp_free_i64(fp); 1703 } 1704 else { 1705 gen_helper_ftrc_FT(cpu_fpul, cpu_env, FREG(B11_8)); 1706 } 1707 return; 1708 case 0xf04d: /* fneg FRn/DRn - FPSCR: Nothing */ 1709 CHECK_FPU_ENABLED 1710 tcg_gen_xori_i32(FREG(B11_8), FREG(B11_8), 0x80000000); 1711 return; 1712 case 0xf05d: /* fabs FRn/DRn - FPCSR: Nothing */ 1713 CHECK_FPU_ENABLED 1714 tcg_gen_andi_i32(FREG(B11_8), FREG(B11_8), 0x7fffffff); 1715 return; 1716 case 0xf06d: /* fsqrt FRn */ 1717 CHECK_FPU_ENABLED 1718 if (ctx->tbflags & FPSCR_PR) { 1719 if (ctx->opcode & 0x0100) { 1720 goto do_illegal; 1721 } 1722 TCGv_i64 fp = tcg_temp_new_i64(); 1723 gen_load_fpr64(ctx, fp, B11_8); 1724 gen_helper_fsqrt_DT(fp, cpu_env, fp); 1725 gen_store_fpr64(ctx, fp, B11_8); 1726 tcg_temp_free_i64(fp); 1727 } else { 1728 gen_helper_fsqrt_FT(FREG(B11_8), cpu_env, FREG(B11_8)); 1729 } 1730 return; 1731 case 0xf07d: /* fsrra FRn */ 1732 CHECK_FPU_ENABLED 1733 CHECK_FPSCR_PR_0 1734 gen_helper_fsrra_FT(FREG(B11_8), cpu_env, FREG(B11_8)); 1735 break; 1736 case 0xf08d: /* fldi0 FRn - FPSCR: R[PR] */ 1737 CHECK_FPU_ENABLED 1738 CHECK_FPSCR_PR_0 1739 tcg_gen_movi_i32(FREG(B11_8), 0); 1740 return; 1741 case 0xf09d: /* fldi1 FRn - FPSCR: R[PR] */ 1742 CHECK_FPU_ENABLED 1743 CHECK_FPSCR_PR_0 1744 tcg_gen_movi_i32(FREG(B11_8), 0x3f800000); 1745 return; 1746 case 0xf0ad: /* fcnvsd FPUL,DRn */ 1747 CHECK_FPU_ENABLED 1748 { 1749 TCGv_i64 fp = tcg_temp_new_i64(); 1750 gen_helper_fcnvsd_FT_DT(fp, cpu_env, cpu_fpul); 1751 gen_store_fpr64(ctx, fp, B11_8); 1752 tcg_temp_free_i64(fp); 1753 } 1754 return; 1755 case 0xf0bd: /* fcnvds DRn,FPUL */ 1756 CHECK_FPU_ENABLED 1757 { 1758 TCGv_i64 fp = tcg_temp_new_i64(); 1759 gen_load_fpr64(ctx, fp, B11_8); 1760 gen_helper_fcnvds_DT_FT(cpu_fpul, cpu_env, fp); 1761 tcg_temp_free_i64(fp); 1762 } 1763 return; 1764 case 0xf0ed: /* fipr FVm,FVn */ 1765 CHECK_FPU_ENABLED 1766 CHECK_FPSCR_PR_1 1767 { 1768 TCGv m = tcg_const_i32((ctx->opcode >> 8) & 3); 1769 TCGv n = tcg_const_i32((ctx->opcode >> 10) & 3); 1770 gen_helper_fipr(cpu_env, m, n); 1771 tcg_temp_free(m); 1772 tcg_temp_free(n); 1773 return; 1774 } 1775 break; 1776 case 0xf0fd: /* ftrv XMTRX,FVn */ 1777 CHECK_FPU_ENABLED 1778 CHECK_FPSCR_PR_1 1779 { 1780 if ((ctx->opcode & 0x0300) != 0x0100) { 1781 goto do_illegal; 1782 } 1783 TCGv n = tcg_const_i32((ctx->opcode >> 10) & 3); 1784 gen_helper_ftrv(cpu_env, n); 1785 tcg_temp_free(n); 1786 return; 1787 } 1788 break; 1789 } 1790 #if 0 1791 fprintf(stderr, "unknown instruction 0x%04x at pc 0x%08x\n", 1792 ctx->opcode, ctx->pc); 1793 fflush(stderr); 1794 #endif 1795 do_illegal: 1796 if (ctx->envflags & DELAY_SLOT_MASK) { 1797 do_illegal_slot: 1798 gen_save_cpu_state(ctx, true); 1799 gen_helper_raise_slot_illegal_instruction(cpu_env); 1800 } else { 1801 gen_save_cpu_state(ctx, true); 1802 gen_helper_raise_illegal_instruction(cpu_env); 1803 } 1804 ctx->bstate = BS_EXCP; 1805 return; 1806 1807 do_fpu_disabled: 1808 gen_save_cpu_state(ctx, true); 1809 if (ctx->envflags & DELAY_SLOT_MASK) { 1810 gen_helper_raise_slot_fpu_disable(cpu_env); 1811 } else { 1812 gen_helper_raise_fpu_disable(cpu_env); 1813 } 1814 ctx->bstate = BS_EXCP; 1815 return; 1816 } 1817 1818 static void decode_opc(DisasContext * ctx) 1819 { 1820 uint32_t old_flags = ctx->envflags; 1821 1822 _decode_opc(ctx); 1823 1824 if (old_flags & DELAY_SLOT_MASK) { 1825 /* go out of the delay slot */ 1826 ctx->envflags &= ~DELAY_SLOT_MASK; 1827 1828 /* When in an exclusive region, we must continue to the end 1829 for conditional branches. */ 1830 if (ctx->tbflags & GUSA_EXCLUSIVE 1831 && old_flags & DELAY_SLOT_CONDITIONAL) { 1832 gen_delayed_conditional_jump(ctx); 1833 return; 1834 } 1835 /* Otherwise this is probably an invalid gUSA region. 1836 Drop the GUSA bits so the next TB doesn't see them. */ 1837 ctx->envflags &= ~GUSA_MASK; 1838 1839 tcg_gen_movi_i32(cpu_flags, ctx->envflags); 1840 ctx->bstate = BS_BRANCH; 1841 if (old_flags & DELAY_SLOT_CONDITIONAL) { 1842 gen_delayed_conditional_jump(ctx); 1843 } else { 1844 gen_jump(ctx); 1845 } 1846 } 1847 } 1848 1849 #ifdef CONFIG_USER_ONLY 1850 /* For uniprocessors, SH4 uses optimistic restartable atomic sequences. 1851 Upon an interrupt, a real kernel would simply notice magic values in 1852 the registers and reset the PC to the start of the sequence. 1853 1854 For QEMU, we cannot do this in quite the same way. Instead, we notice 1855 the normal start of such a sequence (mov #-x,r15). While we can handle 1856 any sequence via cpu_exec_step_atomic, we can recognize the "normal" 1857 sequences and transform them into atomic operations as seen by the host. 1858 */ 1859 static int decode_gusa(DisasContext *ctx, CPUSH4State *env, int *pmax_insns) 1860 { 1861 uint16_t insns[5]; 1862 int ld_adr, ld_dst, ld_mop; 1863 int op_dst, op_src, op_opc; 1864 int mv_src, mt_dst, st_src, st_mop; 1865 TCGv op_arg; 1866 1867 uint32_t pc = ctx->pc; 1868 uint32_t pc_end = ctx->tb->cs_base; 1869 int backup = sextract32(ctx->tbflags, GUSA_SHIFT, 8); 1870 int max_insns = (pc_end - pc) / 2; 1871 int i; 1872 1873 if (pc != pc_end + backup || max_insns < 2) { 1874 /* This is a malformed gUSA region. Don't do anything special, 1875 since the interpreter is likely to get confused. */ 1876 ctx->envflags &= ~GUSA_MASK; 1877 return 0; 1878 } 1879 1880 if (ctx->tbflags & GUSA_EXCLUSIVE) { 1881 /* Regardless of single-stepping or the end of the page, 1882 we must complete execution of the gUSA region while 1883 holding the exclusive lock. */ 1884 *pmax_insns = max_insns; 1885 return 0; 1886 } 1887 1888 /* The state machine below will consume only a few insns. 1889 If there are more than that in a region, fail now. */ 1890 if (max_insns > ARRAY_SIZE(insns)) { 1891 goto fail; 1892 } 1893 1894 /* Read all of the insns for the region. */ 1895 for (i = 0; i < max_insns; ++i) { 1896 insns[i] = cpu_lduw_code(env, pc + i * 2); 1897 } 1898 1899 ld_adr = ld_dst = ld_mop = -1; 1900 mv_src = -1; 1901 op_dst = op_src = op_opc = -1; 1902 mt_dst = -1; 1903 st_src = st_mop = -1; 1904 TCGV_UNUSED(op_arg); 1905 i = 0; 1906 1907 #define NEXT_INSN \ 1908 do { if (i >= max_insns) goto fail; ctx->opcode = insns[i++]; } while (0) 1909 1910 /* 1911 * Expect a load to begin the region. 1912 */ 1913 NEXT_INSN; 1914 switch (ctx->opcode & 0xf00f) { 1915 case 0x6000: /* mov.b @Rm,Rn */ 1916 ld_mop = MO_SB; 1917 break; 1918 case 0x6001: /* mov.w @Rm,Rn */ 1919 ld_mop = MO_TESW; 1920 break; 1921 case 0x6002: /* mov.l @Rm,Rn */ 1922 ld_mop = MO_TESL; 1923 break; 1924 default: 1925 goto fail; 1926 } 1927 ld_adr = B7_4; 1928 ld_dst = B11_8; 1929 if (ld_adr == ld_dst) { 1930 goto fail; 1931 } 1932 /* Unless we see a mov, any two-operand operation must use ld_dst. */ 1933 op_dst = ld_dst; 1934 1935 /* 1936 * Expect an optional register move. 1937 */ 1938 NEXT_INSN; 1939 switch (ctx->opcode & 0xf00f) { 1940 case 0x6003: /* mov Rm,Rn */ 1941 /* Here we want to recognize ld_dst being saved for later consumtion, 1942 or for another input register being copied so that ld_dst need not 1943 be clobbered during the operation. */ 1944 op_dst = B11_8; 1945 mv_src = B7_4; 1946 if (op_dst == ld_dst) { 1947 /* Overwriting the load output. */ 1948 goto fail; 1949 } 1950 if (mv_src != ld_dst) { 1951 /* Copying a new input; constrain op_src to match the load. */ 1952 op_src = ld_dst; 1953 } 1954 break; 1955 1956 default: 1957 /* Put back and re-examine as operation. */ 1958 --i; 1959 } 1960 1961 /* 1962 * Expect the operation. 1963 */ 1964 NEXT_INSN; 1965 switch (ctx->opcode & 0xf00f) { 1966 case 0x300c: /* add Rm,Rn */ 1967 op_opc = INDEX_op_add_i32; 1968 goto do_reg_op; 1969 case 0x2009: /* and Rm,Rn */ 1970 op_opc = INDEX_op_and_i32; 1971 goto do_reg_op; 1972 case 0x200a: /* xor Rm,Rn */ 1973 op_opc = INDEX_op_xor_i32; 1974 goto do_reg_op; 1975 case 0x200b: /* or Rm,Rn */ 1976 op_opc = INDEX_op_or_i32; 1977 do_reg_op: 1978 /* The operation register should be as expected, and the 1979 other input cannot depend on the load. */ 1980 if (op_dst != B11_8) { 1981 goto fail; 1982 } 1983 if (op_src < 0) { 1984 /* Unconstrainted input. */ 1985 op_src = B7_4; 1986 } else if (op_src == B7_4) { 1987 /* Constrained input matched load. All operations are 1988 commutative; "swap" them by "moving" the load output 1989 to the (implicit) first argument and the move source 1990 to the (explicit) second argument. */ 1991 op_src = mv_src; 1992 } else { 1993 goto fail; 1994 } 1995 op_arg = REG(op_src); 1996 break; 1997 1998 case 0x6007: /* not Rm,Rn */ 1999 if (ld_dst != B7_4 || mv_src >= 0) { 2000 goto fail; 2001 } 2002 op_dst = B11_8; 2003 op_opc = INDEX_op_xor_i32; 2004 op_arg = tcg_const_i32(-1); 2005 break; 2006 2007 case 0x7000 ... 0x700f: /* add #imm,Rn */ 2008 if (op_dst != B11_8 || mv_src >= 0) { 2009 goto fail; 2010 } 2011 op_opc = INDEX_op_add_i32; 2012 op_arg = tcg_const_i32(B7_0s); 2013 break; 2014 2015 case 0x3000: /* cmp/eq Rm,Rn */ 2016 /* Looking for the middle of a compare-and-swap sequence, 2017 beginning with the compare. Operands can be either order, 2018 but with only one overlapping the load. */ 2019 if ((ld_dst == B11_8) + (ld_dst == B7_4) != 1 || mv_src >= 0) { 2020 goto fail; 2021 } 2022 op_opc = INDEX_op_setcond_i32; /* placeholder */ 2023 op_src = (ld_dst == B11_8 ? B7_4 : B11_8); 2024 op_arg = REG(op_src); 2025 2026 NEXT_INSN; 2027 switch (ctx->opcode & 0xff00) { 2028 case 0x8b00: /* bf label */ 2029 case 0x8f00: /* bf/s label */ 2030 if (pc + (i + 1 + B7_0s) * 2 != pc_end) { 2031 goto fail; 2032 } 2033 if ((ctx->opcode & 0xff00) == 0x8b00) { /* bf label */ 2034 break; 2035 } 2036 /* We're looking to unconditionally modify Rn with the 2037 result of the comparison, within the delay slot of 2038 the branch. This is used by older gcc. */ 2039 NEXT_INSN; 2040 if ((ctx->opcode & 0xf0ff) == 0x0029) { /* movt Rn */ 2041 mt_dst = B11_8; 2042 } else { 2043 goto fail; 2044 } 2045 break; 2046 2047 default: 2048 goto fail; 2049 } 2050 break; 2051 2052 case 0x2008: /* tst Rm,Rn */ 2053 /* Looking for a compare-and-swap against zero. */ 2054 if (ld_dst != B11_8 || ld_dst != B7_4 || mv_src >= 0) { 2055 goto fail; 2056 } 2057 op_opc = INDEX_op_setcond_i32; 2058 op_arg = tcg_const_i32(0); 2059 2060 NEXT_INSN; 2061 if ((ctx->opcode & 0xff00) != 0x8900 /* bt label */ 2062 || pc + (i + 1 + B7_0s) * 2 != pc_end) { 2063 goto fail; 2064 } 2065 break; 2066 2067 default: 2068 /* Put back and re-examine as store. */ 2069 --i; 2070 } 2071 2072 /* 2073 * Expect the store. 2074 */ 2075 /* The store must be the last insn. */ 2076 if (i != max_insns - 1) { 2077 goto fail; 2078 } 2079 NEXT_INSN; 2080 switch (ctx->opcode & 0xf00f) { 2081 case 0x2000: /* mov.b Rm,@Rn */ 2082 st_mop = MO_UB; 2083 break; 2084 case 0x2001: /* mov.w Rm,@Rn */ 2085 st_mop = MO_UW; 2086 break; 2087 case 0x2002: /* mov.l Rm,@Rn */ 2088 st_mop = MO_UL; 2089 break; 2090 default: 2091 goto fail; 2092 } 2093 /* The store must match the load. */ 2094 if (ld_adr != B11_8 || st_mop != (ld_mop & MO_SIZE)) { 2095 goto fail; 2096 } 2097 st_src = B7_4; 2098 2099 #undef NEXT_INSN 2100 2101 /* 2102 * Emit the operation. 2103 */ 2104 tcg_gen_insn_start(pc, ctx->envflags); 2105 switch (op_opc) { 2106 case -1: 2107 /* No operation found. Look for exchange pattern. */ 2108 if (st_src == ld_dst || mv_src >= 0) { 2109 goto fail; 2110 } 2111 tcg_gen_atomic_xchg_i32(REG(ld_dst), REG(ld_adr), REG(st_src), 2112 ctx->memidx, ld_mop); 2113 break; 2114 2115 case INDEX_op_add_i32: 2116 if (op_dst != st_src) { 2117 goto fail; 2118 } 2119 if (op_dst == ld_dst && st_mop == MO_UL) { 2120 tcg_gen_atomic_add_fetch_i32(REG(ld_dst), REG(ld_adr), 2121 op_arg, ctx->memidx, ld_mop); 2122 } else { 2123 tcg_gen_atomic_fetch_add_i32(REG(ld_dst), REG(ld_adr), 2124 op_arg, ctx->memidx, ld_mop); 2125 if (op_dst != ld_dst) { 2126 /* Note that mop sizes < 4 cannot use add_fetch 2127 because it won't carry into the higher bits. */ 2128 tcg_gen_add_i32(REG(op_dst), REG(ld_dst), op_arg); 2129 } 2130 } 2131 break; 2132 2133 case INDEX_op_and_i32: 2134 if (op_dst != st_src) { 2135 goto fail; 2136 } 2137 if (op_dst == ld_dst) { 2138 tcg_gen_atomic_and_fetch_i32(REG(ld_dst), REG(ld_adr), 2139 op_arg, ctx->memidx, ld_mop); 2140 } else { 2141 tcg_gen_atomic_fetch_and_i32(REG(ld_dst), REG(ld_adr), 2142 op_arg, ctx->memidx, ld_mop); 2143 tcg_gen_and_i32(REG(op_dst), REG(ld_dst), op_arg); 2144 } 2145 break; 2146 2147 case INDEX_op_or_i32: 2148 if (op_dst != st_src) { 2149 goto fail; 2150 } 2151 if (op_dst == ld_dst) { 2152 tcg_gen_atomic_or_fetch_i32(REG(ld_dst), REG(ld_adr), 2153 op_arg, ctx->memidx, ld_mop); 2154 } else { 2155 tcg_gen_atomic_fetch_or_i32(REG(ld_dst), REG(ld_adr), 2156 op_arg, ctx->memidx, ld_mop); 2157 tcg_gen_or_i32(REG(op_dst), REG(ld_dst), op_arg); 2158 } 2159 break; 2160 2161 case INDEX_op_xor_i32: 2162 if (op_dst != st_src) { 2163 goto fail; 2164 } 2165 if (op_dst == ld_dst) { 2166 tcg_gen_atomic_xor_fetch_i32(REG(ld_dst), REG(ld_adr), 2167 op_arg, ctx->memidx, ld_mop); 2168 } else { 2169 tcg_gen_atomic_fetch_xor_i32(REG(ld_dst), REG(ld_adr), 2170 op_arg, ctx->memidx, ld_mop); 2171 tcg_gen_xor_i32(REG(op_dst), REG(ld_dst), op_arg); 2172 } 2173 break; 2174 2175 case INDEX_op_setcond_i32: 2176 if (st_src == ld_dst) { 2177 goto fail; 2178 } 2179 tcg_gen_atomic_cmpxchg_i32(REG(ld_dst), REG(ld_adr), op_arg, 2180 REG(st_src), ctx->memidx, ld_mop); 2181 tcg_gen_setcond_i32(TCG_COND_EQ, cpu_sr_t, REG(ld_dst), op_arg); 2182 if (mt_dst >= 0) { 2183 tcg_gen_mov_i32(REG(mt_dst), cpu_sr_t); 2184 } 2185 break; 2186 2187 default: 2188 g_assert_not_reached(); 2189 } 2190 2191 /* If op_src is not a valid register, then op_arg was a constant. */ 2192 if (op_src < 0) { 2193 tcg_temp_free_i32(op_arg); 2194 } 2195 2196 /* The entire region has been translated. */ 2197 ctx->envflags &= ~GUSA_MASK; 2198 ctx->pc = pc_end; 2199 return max_insns; 2200 2201 fail: 2202 qemu_log_mask(LOG_UNIMP, "Unrecognized gUSA sequence %08x-%08x\n", 2203 pc, pc_end); 2204 2205 /* Restart with the EXCLUSIVE bit set, within a TB run via 2206 cpu_exec_step_atomic holding the exclusive lock. */ 2207 tcg_gen_insn_start(pc, ctx->envflags); 2208 ctx->envflags |= GUSA_EXCLUSIVE; 2209 gen_save_cpu_state(ctx, false); 2210 gen_helper_exclusive(cpu_env); 2211 ctx->bstate = BS_EXCP; 2212 2213 /* We're not executing an instruction, but we must report one for the 2214 purposes of accounting within the TB. We might as well report the 2215 entire region consumed via ctx->pc so that it's immediately available 2216 in the disassembly dump. */ 2217 ctx->pc = pc_end; 2218 return 1; 2219 } 2220 #endif 2221 2222 void gen_intermediate_code(CPUState *cs, struct TranslationBlock *tb) 2223 { 2224 CPUSH4State *env = cs->env_ptr; 2225 DisasContext ctx; 2226 target_ulong pc_start; 2227 int num_insns; 2228 int max_insns; 2229 2230 pc_start = tb->pc; 2231 ctx.pc = pc_start; 2232 ctx.tbflags = (uint32_t)tb->flags; 2233 ctx.envflags = tb->flags & TB_FLAG_ENVFLAGS_MASK; 2234 ctx.bstate = BS_NONE; 2235 ctx.memidx = (ctx.tbflags & (1u << SR_MD)) == 0 ? 1 : 0; 2236 /* We don't know if the delayed pc came from a dynamic or static branch, 2237 so assume it is a dynamic branch. */ 2238 ctx.delayed_pc = -1; /* use delayed pc from env pointer */ 2239 ctx.tb = tb; 2240 ctx.singlestep_enabled = cs->singlestep_enabled; 2241 ctx.features = env->features; 2242 ctx.has_movcal = (ctx.tbflags & TB_FLAG_PENDING_MOVCA); 2243 ctx.gbank = ((ctx.tbflags & (1 << SR_MD)) && 2244 (ctx.tbflags & (1 << SR_RB))) * 0x10; 2245 ctx.fbank = ctx.tbflags & FPSCR_FR ? 0x10 : 0; 2246 2247 max_insns = tb_cflags(tb) & CF_COUNT_MASK; 2248 if (max_insns == 0) { 2249 max_insns = CF_COUNT_MASK; 2250 } 2251 max_insns = MIN(max_insns, TCG_MAX_INSNS); 2252 2253 /* Since the ISA is fixed-width, we can bound by the number 2254 of instructions remaining on the page. */ 2255 num_insns = -(ctx.pc | TARGET_PAGE_MASK) / 2; 2256 max_insns = MIN(max_insns, num_insns); 2257 2258 /* Single stepping means just that. */ 2259 if (ctx.singlestep_enabled || singlestep) { 2260 max_insns = 1; 2261 } 2262 2263 gen_tb_start(tb); 2264 num_insns = 0; 2265 2266 #ifdef CONFIG_USER_ONLY 2267 if (ctx.tbflags & GUSA_MASK) { 2268 num_insns = decode_gusa(&ctx, env, &max_insns); 2269 } 2270 #endif 2271 2272 while (ctx.bstate == BS_NONE 2273 && num_insns < max_insns 2274 && !tcg_op_buf_full()) { 2275 tcg_gen_insn_start(ctx.pc, ctx.envflags); 2276 num_insns++; 2277 2278 if (unlikely(cpu_breakpoint_test(cs, ctx.pc, BP_ANY))) { 2279 /* We have hit a breakpoint - make sure PC is up-to-date */ 2280 gen_save_cpu_state(&ctx, true); 2281 gen_helper_debug(cpu_env); 2282 ctx.bstate = BS_EXCP; 2283 /* The address covered by the breakpoint must be included in 2284 [tb->pc, tb->pc + tb->size) in order to for it to be 2285 properly cleared -- thus we increment the PC here so that 2286 the logic setting tb->size below does the right thing. */ 2287 ctx.pc += 2; 2288 break; 2289 } 2290 2291 if (num_insns == max_insns && (tb_cflags(tb) & CF_LAST_IO)) { 2292 gen_io_start(); 2293 } 2294 2295 ctx.opcode = cpu_lduw_code(env, ctx.pc); 2296 decode_opc(&ctx); 2297 ctx.pc += 2; 2298 } 2299 if (tb_cflags(tb) & CF_LAST_IO) { 2300 gen_io_end(); 2301 } 2302 2303 if (ctx.tbflags & GUSA_EXCLUSIVE) { 2304 /* Ending the region of exclusivity. Clear the bits. */ 2305 ctx.envflags &= ~GUSA_MASK; 2306 } 2307 2308 if (cs->singlestep_enabled) { 2309 gen_save_cpu_state(&ctx, true); 2310 gen_helper_debug(cpu_env); 2311 } else { 2312 switch (ctx.bstate) { 2313 case BS_STOP: 2314 gen_save_cpu_state(&ctx, true); 2315 tcg_gen_exit_tb(0); 2316 break; 2317 case BS_NONE: 2318 gen_save_cpu_state(&ctx, false); 2319 gen_goto_tb(&ctx, 0, ctx.pc); 2320 break; 2321 case BS_EXCP: 2322 /* fall through */ 2323 case BS_BRANCH: 2324 default: 2325 break; 2326 } 2327 } 2328 2329 gen_tb_end(tb, num_insns); 2330 2331 tb->size = ctx.pc - pc_start; 2332 tb->icount = num_insns; 2333 2334 #ifdef DEBUG_DISAS 2335 if (qemu_loglevel_mask(CPU_LOG_TB_IN_ASM) 2336 && qemu_log_in_addr_range(pc_start)) { 2337 qemu_log_lock(); 2338 qemu_log("IN:\n"); /* , lookup_symbol(pc_start)); */ 2339 log_target_disas(cs, pc_start, ctx.pc - pc_start, 0); 2340 qemu_log("\n"); 2341 qemu_log_unlock(); 2342 } 2343 #endif 2344 } 2345 2346 void restore_state_to_opc(CPUSH4State *env, TranslationBlock *tb, 2347 target_ulong *data) 2348 { 2349 env->pc = data[0]; 2350 env->flags = data[1]; 2351 /* Theoretically delayed_pc should also be restored. In practice the 2352 branch instruction is re-executed after exception, so the delayed 2353 branch target will be recomputed. */ 2354 } 2355