1 /* 2 * SH4 translation 3 * 4 * Copyright (c) 2005 Samuel Tardieu 5 * 6 * This library is free software; you can redistribute it and/or 7 * modify it under the terms of the GNU Lesser General Public 8 * License as published by the Free Software Foundation; either 9 * version 2 of the License, or (at your option) any later version. 10 * 11 * This library is distributed in the hope that it will be useful, 12 * but WITHOUT ANY WARRANTY; without even the implied warranty of 13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 14 * Lesser General Public License for more details. 15 * 16 * You should have received a copy of the GNU Lesser General Public 17 * License along with this library; if not, see <http://www.gnu.org/licenses/>. 18 */ 19 20 #define DEBUG_DISAS 21 22 #include "qemu/osdep.h" 23 #include "cpu.h" 24 #include "disas/disas.h" 25 #include "exec/exec-all.h" 26 #include "tcg-op.h" 27 #include "exec/cpu_ldst.h" 28 #include "exec/helper-proto.h" 29 #include "exec/helper-gen.h" 30 #include "exec/translator.h" 31 #include "trace-tcg.h" 32 #include "exec/log.h" 33 34 35 typedef struct DisasContext { 36 DisasContextBase base; 37 38 uint32_t tbflags; /* should stay unmodified during the TB translation */ 39 uint32_t envflags; /* should stay in sync with env->flags using TCG ops */ 40 int memidx; 41 int gbank; 42 int fbank; 43 uint32_t delayed_pc; 44 uint32_t features; 45 46 uint16_t opcode; 47 48 bool has_movcal; 49 } DisasContext; 50 51 #if defined(CONFIG_USER_ONLY) 52 #define IS_USER(ctx) 1 53 #else 54 #define IS_USER(ctx) (!(ctx->tbflags & (1u << SR_MD))) 55 #endif 56 57 /* Target-specific values for ctx->base.is_jmp. */ 58 /* We want to exit back to the cpu loop for some reason. 59 Usually this is to recognize interrupts immediately. */ 60 #define DISAS_STOP DISAS_TARGET_0 61 62 /* global register indexes */ 63 static TCGv cpu_gregs[32]; 64 static TCGv cpu_sr, cpu_sr_m, cpu_sr_q, cpu_sr_t; 65 static TCGv cpu_pc, cpu_ssr, cpu_spc, cpu_gbr; 66 static TCGv cpu_vbr, cpu_sgr, cpu_dbr, cpu_mach, cpu_macl; 67 static TCGv cpu_pr, cpu_fpscr, cpu_fpul; 68 static TCGv cpu_lock_addr, cpu_lock_value; 69 static TCGv cpu_fregs[32]; 70 71 /* internal register indexes */ 72 static TCGv cpu_flags, cpu_delayed_pc, cpu_delayed_cond; 73 74 #include "exec/gen-icount.h" 75 76 void sh4_translate_init(void) 77 { 78 int i; 79 static const char * const gregnames[24] = { 80 "R0_BANK0", "R1_BANK0", "R2_BANK0", "R3_BANK0", 81 "R4_BANK0", "R5_BANK0", "R6_BANK0", "R7_BANK0", 82 "R8", "R9", "R10", "R11", "R12", "R13", "R14", "R15", 83 "R0_BANK1", "R1_BANK1", "R2_BANK1", "R3_BANK1", 84 "R4_BANK1", "R5_BANK1", "R6_BANK1", "R7_BANK1" 85 }; 86 static const char * const fregnames[32] = { 87 "FPR0_BANK0", "FPR1_BANK0", "FPR2_BANK0", "FPR3_BANK0", 88 "FPR4_BANK0", "FPR5_BANK0", "FPR6_BANK0", "FPR7_BANK0", 89 "FPR8_BANK0", "FPR9_BANK0", "FPR10_BANK0", "FPR11_BANK0", 90 "FPR12_BANK0", "FPR13_BANK0", "FPR14_BANK0", "FPR15_BANK0", 91 "FPR0_BANK1", "FPR1_BANK1", "FPR2_BANK1", "FPR3_BANK1", 92 "FPR4_BANK1", "FPR5_BANK1", "FPR6_BANK1", "FPR7_BANK1", 93 "FPR8_BANK1", "FPR9_BANK1", "FPR10_BANK1", "FPR11_BANK1", 94 "FPR12_BANK1", "FPR13_BANK1", "FPR14_BANK1", "FPR15_BANK1", 95 }; 96 97 for (i = 0; i < 24; i++) { 98 cpu_gregs[i] = tcg_global_mem_new_i32(cpu_env, 99 offsetof(CPUSH4State, gregs[i]), 100 gregnames[i]); 101 } 102 memcpy(cpu_gregs + 24, cpu_gregs + 8, 8 * sizeof(TCGv)); 103 104 cpu_pc = tcg_global_mem_new_i32(cpu_env, 105 offsetof(CPUSH4State, pc), "PC"); 106 cpu_sr = tcg_global_mem_new_i32(cpu_env, 107 offsetof(CPUSH4State, sr), "SR"); 108 cpu_sr_m = tcg_global_mem_new_i32(cpu_env, 109 offsetof(CPUSH4State, sr_m), "SR_M"); 110 cpu_sr_q = tcg_global_mem_new_i32(cpu_env, 111 offsetof(CPUSH4State, sr_q), "SR_Q"); 112 cpu_sr_t = tcg_global_mem_new_i32(cpu_env, 113 offsetof(CPUSH4State, sr_t), "SR_T"); 114 cpu_ssr = tcg_global_mem_new_i32(cpu_env, 115 offsetof(CPUSH4State, ssr), "SSR"); 116 cpu_spc = tcg_global_mem_new_i32(cpu_env, 117 offsetof(CPUSH4State, spc), "SPC"); 118 cpu_gbr = tcg_global_mem_new_i32(cpu_env, 119 offsetof(CPUSH4State, gbr), "GBR"); 120 cpu_vbr = tcg_global_mem_new_i32(cpu_env, 121 offsetof(CPUSH4State, vbr), "VBR"); 122 cpu_sgr = tcg_global_mem_new_i32(cpu_env, 123 offsetof(CPUSH4State, sgr), "SGR"); 124 cpu_dbr = tcg_global_mem_new_i32(cpu_env, 125 offsetof(CPUSH4State, dbr), "DBR"); 126 cpu_mach = tcg_global_mem_new_i32(cpu_env, 127 offsetof(CPUSH4State, mach), "MACH"); 128 cpu_macl = tcg_global_mem_new_i32(cpu_env, 129 offsetof(CPUSH4State, macl), "MACL"); 130 cpu_pr = tcg_global_mem_new_i32(cpu_env, 131 offsetof(CPUSH4State, pr), "PR"); 132 cpu_fpscr = tcg_global_mem_new_i32(cpu_env, 133 offsetof(CPUSH4State, fpscr), "FPSCR"); 134 cpu_fpul = tcg_global_mem_new_i32(cpu_env, 135 offsetof(CPUSH4State, fpul), "FPUL"); 136 137 cpu_flags = tcg_global_mem_new_i32(cpu_env, 138 offsetof(CPUSH4State, flags), "_flags_"); 139 cpu_delayed_pc = tcg_global_mem_new_i32(cpu_env, 140 offsetof(CPUSH4State, delayed_pc), 141 "_delayed_pc_"); 142 cpu_delayed_cond = tcg_global_mem_new_i32(cpu_env, 143 offsetof(CPUSH4State, 144 delayed_cond), 145 "_delayed_cond_"); 146 cpu_lock_addr = tcg_global_mem_new_i32(cpu_env, 147 offsetof(CPUSH4State, lock_addr), 148 "_lock_addr_"); 149 cpu_lock_value = tcg_global_mem_new_i32(cpu_env, 150 offsetof(CPUSH4State, lock_value), 151 "_lock_value_"); 152 153 for (i = 0; i < 32; i++) 154 cpu_fregs[i] = tcg_global_mem_new_i32(cpu_env, 155 offsetof(CPUSH4State, fregs[i]), 156 fregnames[i]); 157 } 158 159 void superh_cpu_dump_state(CPUState *cs, FILE *f, 160 fprintf_function cpu_fprintf, int flags) 161 { 162 SuperHCPU *cpu = SUPERH_CPU(cs); 163 CPUSH4State *env = &cpu->env; 164 int i; 165 cpu_fprintf(f, "pc=0x%08x sr=0x%08x pr=0x%08x fpscr=0x%08x\n", 166 env->pc, cpu_read_sr(env), env->pr, env->fpscr); 167 cpu_fprintf(f, "spc=0x%08x ssr=0x%08x gbr=0x%08x vbr=0x%08x\n", 168 env->spc, env->ssr, env->gbr, env->vbr); 169 cpu_fprintf(f, "sgr=0x%08x dbr=0x%08x delayed_pc=0x%08x fpul=0x%08x\n", 170 env->sgr, env->dbr, env->delayed_pc, env->fpul); 171 for (i = 0; i < 24; i += 4) { 172 cpu_fprintf(f, "r%d=0x%08x r%d=0x%08x r%d=0x%08x r%d=0x%08x\n", 173 i, env->gregs[i], i + 1, env->gregs[i + 1], 174 i + 2, env->gregs[i + 2], i + 3, env->gregs[i + 3]); 175 } 176 if (env->flags & DELAY_SLOT) { 177 cpu_fprintf(f, "in delay slot (delayed_pc=0x%08x)\n", 178 env->delayed_pc); 179 } else if (env->flags & DELAY_SLOT_CONDITIONAL) { 180 cpu_fprintf(f, "in conditional delay slot (delayed_pc=0x%08x)\n", 181 env->delayed_pc); 182 } else if (env->flags & DELAY_SLOT_RTE) { 183 cpu_fprintf(f, "in rte delay slot (delayed_pc=0x%08x)\n", 184 env->delayed_pc); 185 } 186 } 187 188 static void gen_read_sr(TCGv dst) 189 { 190 TCGv t0 = tcg_temp_new(); 191 tcg_gen_shli_i32(t0, cpu_sr_q, SR_Q); 192 tcg_gen_or_i32(dst, dst, t0); 193 tcg_gen_shli_i32(t0, cpu_sr_m, SR_M); 194 tcg_gen_or_i32(dst, dst, t0); 195 tcg_gen_shli_i32(t0, cpu_sr_t, SR_T); 196 tcg_gen_or_i32(dst, cpu_sr, t0); 197 tcg_temp_free_i32(t0); 198 } 199 200 static void gen_write_sr(TCGv src) 201 { 202 tcg_gen_andi_i32(cpu_sr, src, 203 ~((1u << SR_Q) | (1u << SR_M) | (1u << SR_T))); 204 tcg_gen_extract_i32(cpu_sr_q, src, SR_Q, 1); 205 tcg_gen_extract_i32(cpu_sr_m, src, SR_M, 1); 206 tcg_gen_extract_i32(cpu_sr_t, src, SR_T, 1); 207 } 208 209 static inline void gen_save_cpu_state(DisasContext *ctx, bool save_pc) 210 { 211 if (save_pc) { 212 tcg_gen_movi_i32(cpu_pc, ctx->base.pc_next); 213 } 214 if (ctx->delayed_pc != (uint32_t) -1) { 215 tcg_gen_movi_i32(cpu_delayed_pc, ctx->delayed_pc); 216 } 217 if ((ctx->tbflags & TB_FLAG_ENVFLAGS_MASK) != ctx->envflags) { 218 tcg_gen_movi_i32(cpu_flags, ctx->envflags); 219 } 220 } 221 222 static inline bool use_exit_tb(DisasContext *ctx) 223 { 224 return (ctx->tbflags & GUSA_EXCLUSIVE) != 0; 225 } 226 227 static inline bool use_goto_tb(DisasContext *ctx, target_ulong dest) 228 { 229 /* Use a direct jump if in same page and singlestep not enabled */ 230 if (unlikely(ctx->base.singlestep_enabled || use_exit_tb(ctx))) { 231 return false; 232 } 233 #ifndef CONFIG_USER_ONLY 234 return (ctx->base.tb->pc & TARGET_PAGE_MASK) == (dest & TARGET_PAGE_MASK); 235 #else 236 return true; 237 #endif 238 } 239 240 static void gen_goto_tb(DisasContext *ctx, int n, target_ulong dest) 241 { 242 if (use_goto_tb(ctx, dest)) { 243 tcg_gen_goto_tb(n); 244 tcg_gen_movi_i32(cpu_pc, dest); 245 tcg_gen_exit_tb(ctx->base.tb, n); 246 } else { 247 tcg_gen_movi_i32(cpu_pc, dest); 248 if (ctx->base.singlestep_enabled) { 249 gen_helper_debug(cpu_env); 250 } else if (use_exit_tb(ctx)) { 251 tcg_gen_exit_tb(NULL, 0); 252 } else { 253 tcg_gen_lookup_and_goto_ptr(); 254 } 255 } 256 ctx->base.is_jmp = DISAS_NORETURN; 257 } 258 259 static void gen_jump(DisasContext * ctx) 260 { 261 if (ctx->delayed_pc == -1) { 262 /* Target is not statically known, it comes necessarily from a 263 delayed jump as immediate jump are conditinal jumps */ 264 tcg_gen_mov_i32(cpu_pc, cpu_delayed_pc); 265 tcg_gen_discard_i32(cpu_delayed_pc); 266 if (ctx->base.singlestep_enabled) { 267 gen_helper_debug(cpu_env); 268 } else if (use_exit_tb(ctx)) { 269 tcg_gen_exit_tb(NULL, 0); 270 } else { 271 tcg_gen_lookup_and_goto_ptr(); 272 } 273 ctx->base.is_jmp = DISAS_NORETURN; 274 } else { 275 gen_goto_tb(ctx, 0, ctx->delayed_pc); 276 } 277 } 278 279 /* Immediate conditional jump (bt or bf) */ 280 static void gen_conditional_jump(DisasContext *ctx, target_ulong dest, 281 bool jump_if_true) 282 { 283 TCGLabel *l1 = gen_new_label(); 284 TCGCond cond_not_taken = jump_if_true ? TCG_COND_EQ : TCG_COND_NE; 285 286 if (ctx->tbflags & GUSA_EXCLUSIVE) { 287 /* When in an exclusive region, we must continue to the end. 288 Therefore, exit the region on a taken branch, but otherwise 289 fall through to the next instruction. */ 290 tcg_gen_brcondi_i32(cond_not_taken, cpu_sr_t, 0, l1); 291 tcg_gen_movi_i32(cpu_flags, ctx->envflags & ~GUSA_MASK); 292 /* Note that this won't actually use a goto_tb opcode because we 293 disallow it in use_goto_tb, but it handles exit + singlestep. */ 294 gen_goto_tb(ctx, 0, dest); 295 gen_set_label(l1); 296 ctx->base.is_jmp = DISAS_NEXT; 297 return; 298 } 299 300 gen_save_cpu_state(ctx, false); 301 tcg_gen_brcondi_i32(cond_not_taken, cpu_sr_t, 0, l1); 302 gen_goto_tb(ctx, 0, dest); 303 gen_set_label(l1); 304 gen_goto_tb(ctx, 1, ctx->base.pc_next + 2); 305 ctx->base.is_jmp = DISAS_NORETURN; 306 } 307 308 /* Delayed conditional jump (bt or bf) */ 309 static void gen_delayed_conditional_jump(DisasContext * ctx) 310 { 311 TCGLabel *l1 = gen_new_label(); 312 TCGv ds = tcg_temp_new(); 313 314 tcg_gen_mov_i32(ds, cpu_delayed_cond); 315 tcg_gen_discard_i32(cpu_delayed_cond); 316 317 if (ctx->tbflags & GUSA_EXCLUSIVE) { 318 /* When in an exclusive region, we must continue to the end. 319 Therefore, exit the region on a taken branch, but otherwise 320 fall through to the next instruction. */ 321 tcg_gen_brcondi_i32(TCG_COND_EQ, ds, 0, l1); 322 323 /* Leave the gUSA region. */ 324 tcg_gen_movi_i32(cpu_flags, ctx->envflags & ~GUSA_MASK); 325 gen_jump(ctx); 326 327 gen_set_label(l1); 328 ctx->base.is_jmp = DISAS_NEXT; 329 return; 330 } 331 332 tcg_gen_brcondi_i32(TCG_COND_NE, ds, 0, l1); 333 gen_goto_tb(ctx, 1, ctx->base.pc_next + 2); 334 gen_set_label(l1); 335 gen_jump(ctx); 336 } 337 338 static inline void gen_load_fpr64(DisasContext *ctx, TCGv_i64 t, int reg) 339 { 340 /* We have already signaled illegal instruction for odd Dr. */ 341 tcg_debug_assert((reg & 1) == 0); 342 reg ^= ctx->fbank; 343 tcg_gen_concat_i32_i64(t, cpu_fregs[reg + 1], cpu_fregs[reg]); 344 } 345 346 static inline void gen_store_fpr64(DisasContext *ctx, TCGv_i64 t, int reg) 347 { 348 /* We have already signaled illegal instruction for odd Dr. */ 349 tcg_debug_assert((reg & 1) == 0); 350 reg ^= ctx->fbank; 351 tcg_gen_extr_i64_i32(cpu_fregs[reg + 1], cpu_fregs[reg], t); 352 } 353 354 #define B3_0 (ctx->opcode & 0xf) 355 #define B6_4 ((ctx->opcode >> 4) & 0x7) 356 #define B7_4 ((ctx->opcode >> 4) & 0xf) 357 #define B7_0 (ctx->opcode & 0xff) 358 #define B7_0s ((int32_t) (int8_t) (ctx->opcode & 0xff)) 359 #define B11_0s (ctx->opcode & 0x800 ? 0xfffff000 | (ctx->opcode & 0xfff) : \ 360 (ctx->opcode & 0xfff)) 361 #define B11_8 ((ctx->opcode >> 8) & 0xf) 362 #define B15_12 ((ctx->opcode >> 12) & 0xf) 363 364 #define REG(x) cpu_gregs[(x) ^ ctx->gbank] 365 #define ALTREG(x) cpu_gregs[(x) ^ ctx->gbank ^ 0x10] 366 #define FREG(x) cpu_fregs[(x) ^ ctx->fbank] 367 368 #define XHACK(x) ((((x) & 1 ) << 4) | ((x) & 0xe)) 369 370 #define CHECK_NOT_DELAY_SLOT \ 371 if (ctx->envflags & DELAY_SLOT_MASK) { \ 372 goto do_illegal_slot; \ 373 } 374 375 #define CHECK_PRIVILEGED \ 376 if (IS_USER(ctx)) { \ 377 goto do_illegal; \ 378 } 379 380 #define CHECK_FPU_ENABLED \ 381 if (ctx->tbflags & (1u << SR_FD)) { \ 382 goto do_fpu_disabled; \ 383 } 384 385 #define CHECK_FPSCR_PR_0 \ 386 if (ctx->tbflags & FPSCR_PR) { \ 387 goto do_illegal; \ 388 } 389 390 #define CHECK_FPSCR_PR_1 \ 391 if (!(ctx->tbflags & FPSCR_PR)) { \ 392 goto do_illegal; \ 393 } 394 395 #define CHECK_SH4A \ 396 if (!(ctx->features & SH_FEATURE_SH4A)) { \ 397 goto do_illegal; \ 398 } 399 400 static void _decode_opc(DisasContext * ctx) 401 { 402 /* This code tries to make movcal emulation sufficiently 403 accurate for Linux purposes. This instruction writes 404 memory, and prior to that, always allocates a cache line. 405 It is used in two contexts: 406 - in memcpy, where data is copied in blocks, the first write 407 of to a block uses movca.l for performance. 408 - in arch/sh/mm/cache-sh4.c, movcal.l + ocbi combination is used 409 to flush the cache. Here, the data written by movcal.l is never 410 written to memory, and the data written is just bogus. 411 412 To simulate this, we simulate movcal.l, we store the value to memory, 413 but we also remember the previous content. If we see ocbi, we check 414 if movcal.l for that address was done previously. If so, the write should 415 not have hit the memory, so we restore the previous content. 416 When we see an instruction that is neither movca.l 417 nor ocbi, the previous content is discarded. 418 419 To optimize, we only try to flush stores when we're at the start of 420 TB, or if we already saw movca.l in this TB and did not flush stores 421 yet. */ 422 if (ctx->has_movcal) 423 { 424 int opcode = ctx->opcode & 0xf0ff; 425 if (opcode != 0x0093 /* ocbi */ 426 && opcode != 0x00c3 /* movca.l */) 427 { 428 gen_helper_discard_movcal_backup(cpu_env); 429 ctx->has_movcal = 0; 430 } 431 } 432 433 #if 0 434 fprintf(stderr, "Translating opcode 0x%04x\n", ctx->opcode); 435 #endif 436 437 switch (ctx->opcode) { 438 case 0x0019: /* div0u */ 439 tcg_gen_movi_i32(cpu_sr_m, 0); 440 tcg_gen_movi_i32(cpu_sr_q, 0); 441 tcg_gen_movi_i32(cpu_sr_t, 0); 442 return; 443 case 0x000b: /* rts */ 444 CHECK_NOT_DELAY_SLOT 445 tcg_gen_mov_i32(cpu_delayed_pc, cpu_pr); 446 ctx->envflags |= DELAY_SLOT; 447 ctx->delayed_pc = (uint32_t) - 1; 448 return; 449 case 0x0028: /* clrmac */ 450 tcg_gen_movi_i32(cpu_mach, 0); 451 tcg_gen_movi_i32(cpu_macl, 0); 452 return; 453 case 0x0048: /* clrs */ 454 tcg_gen_andi_i32(cpu_sr, cpu_sr, ~(1u << SR_S)); 455 return; 456 case 0x0008: /* clrt */ 457 tcg_gen_movi_i32(cpu_sr_t, 0); 458 return; 459 case 0x0038: /* ldtlb */ 460 CHECK_PRIVILEGED 461 gen_helper_ldtlb(cpu_env); 462 return; 463 case 0x002b: /* rte */ 464 CHECK_PRIVILEGED 465 CHECK_NOT_DELAY_SLOT 466 gen_write_sr(cpu_ssr); 467 tcg_gen_mov_i32(cpu_delayed_pc, cpu_spc); 468 ctx->envflags |= DELAY_SLOT_RTE; 469 ctx->delayed_pc = (uint32_t) - 1; 470 ctx->base.is_jmp = DISAS_STOP; 471 return; 472 case 0x0058: /* sets */ 473 tcg_gen_ori_i32(cpu_sr, cpu_sr, (1u << SR_S)); 474 return; 475 case 0x0018: /* sett */ 476 tcg_gen_movi_i32(cpu_sr_t, 1); 477 return; 478 case 0xfbfd: /* frchg */ 479 CHECK_FPSCR_PR_0 480 tcg_gen_xori_i32(cpu_fpscr, cpu_fpscr, FPSCR_FR); 481 ctx->base.is_jmp = DISAS_STOP; 482 return; 483 case 0xf3fd: /* fschg */ 484 CHECK_FPSCR_PR_0 485 tcg_gen_xori_i32(cpu_fpscr, cpu_fpscr, FPSCR_SZ); 486 ctx->base.is_jmp = DISAS_STOP; 487 return; 488 case 0xf7fd: /* fpchg */ 489 CHECK_SH4A 490 tcg_gen_xori_i32(cpu_fpscr, cpu_fpscr, FPSCR_PR); 491 ctx->base.is_jmp = DISAS_STOP; 492 return; 493 case 0x0009: /* nop */ 494 return; 495 case 0x001b: /* sleep */ 496 CHECK_PRIVILEGED 497 tcg_gen_movi_i32(cpu_pc, ctx->base.pc_next + 2); 498 gen_helper_sleep(cpu_env); 499 return; 500 } 501 502 switch (ctx->opcode & 0xf000) { 503 case 0x1000: /* mov.l Rm,@(disp,Rn) */ 504 { 505 TCGv addr = tcg_temp_new(); 506 tcg_gen_addi_i32(addr, REG(B11_8), B3_0 * 4); 507 tcg_gen_qemu_st_i32(REG(B7_4), addr, ctx->memidx, MO_TEUL); 508 tcg_temp_free(addr); 509 } 510 return; 511 case 0x5000: /* mov.l @(disp,Rm),Rn */ 512 { 513 TCGv addr = tcg_temp_new(); 514 tcg_gen_addi_i32(addr, REG(B7_4), B3_0 * 4); 515 tcg_gen_qemu_ld_i32(REG(B11_8), addr, ctx->memidx, MO_TESL); 516 tcg_temp_free(addr); 517 } 518 return; 519 case 0xe000: /* mov #imm,Rn */ 520 #ifdef CONFIG_USER_ONLY 521 /* Detect the start of a gUSA region. If so, update envflags 522 and end the TB. This will allow us to see the end of the 523 region (stored in R0) in the next TB. */ 524 if (B11_8 == 15 && B7_0s < 0 && 525 (tb_cflags(ctx->base.tb) & CF_PARALLEL)) { 526 ctx->envflags = deposit32(ctx->envflags, GUSA_SHIFT, 8, B7_0s); 527 ctx->base.is_jmp = DISAS_STOP; 528 } 529 #endif 530 tcg_gen_movi_i32(REG(B11_8), B7_0s); 531 return; 532 case 0x9000: /* mov.w @(disp,PC),Rn */ 533 { 534 TCGv addr = tcg_const_i32(ctx->base.pc_next + 4 + B7_0 * 2); 535 tcg_gen_qemu_ld_i32(REG(B11_8), addr, ctx->memidx, MO_TESW); 536 tcg_temp_free(addr); 537 } 538 return; 539 case 0xd000: /* mov.l @(disp,PC),Rn */ 540 { 541 TCGv addr = tcg_const_i32((ctx->base.pc_next + 4 + B7_0 * 4) & ~3); 542 tcg_gen_qemu_ld_i32(REG(B11_8), addr, ctx->memidx, MO_TESL); 543 tcg_temp_free(addr); 544 } 545 return; 546 case 0x7000: /* add #imm,Rn */ 547 tcg_gen_addi_i32(REG(B11_8), REG(B11_8), B7_0s); 548 return; 549 case 0xa000: /* bra disp */ 550 CHECK_NOT_DELAY_SLOT 551 ctx->delayed_pc = ctx->base.pc_next + 4 + B11_0s * 2; 552 ctx->envflags |= DELAY_SLOT; 553 return; 554 case 0xb000: /* bsr disp */ 555 CHECK_NOT_DELAY_SLOT 556 tcg_gen_movi_i32(cpu_pr, ctx->base.pc_next + 4); 557 ctx->delayed_pc = ctx->base.pc_next + 4 + B11_0s * 2; 558 ctx->envflags |= DELAY_SLOT; 559 return; 560 } 561 562 switch (ctx->opcode & 0xf00f) { 563 case 0x6003: /* mov Rm,Rn */ 564 tcg_gen_mov_i32(REG(B11_8), REG(B7_4)); 565 return; 566 case 0x2000: /* mov.b Rm,@Rn */ 567 tcg_gen_qemu_st_i32(REG(B7_4), REG(B11_8), ctx->memidx, MO_UB); 568 return; 569 case 0x2001: /* mov.w Rm,@Rn */ 570 tcg_gen_qemu_st_i32(REG(B7_4), REG(B11_8), ctx->memidx, MO_TEUW); 571 return; 572 case 0x2002: /* mov.l Rm,@Rn */ 573 tcg_gen_qemu_st_i32(REG(B7_4), REG(B11_8), ctx->memidx, MO_TEUL); 574 return; 575 case 0x6000: /* mov.b @Rm,Rn */ 576 tcg_gen_qemu_ld_i32(REG(B11_8), REG(B7_4), ctx->memidx, MO_SB); 577 return; 578 case 0x6001: /* mov.w @Rm,Rn */ 579 tcg_gen_qemu_ld_i32(REG(B11_8), REG(B7_4), ctx->memidx, MO_TESW); 580 return; 581 case 0x6002: /* mov.l @Rm,Rn */ 582 tcg_gen_qemu_ld_i32(REG(B11_8), REG(B7_4), ctx->memidx, MO_TESL); 583 return; 584 case 0x2004: /* mov.b Rm,@-Rn */ 585 { 586 TCGv addr = tcg_temp_new(); 587 tcg_gen_subi_i32(addr, REG(B11_8), 1); 588 /* might cause re-execution */ 589 tcg_gen_qemu_st_i32(REG(B7_4), addr, ctx->memidx, MO_UB); 590 tcg_gen_mov_i32(REG(B11_8), addr); /* modify register status */ 591 tcg_temp_free(addr); 592 } 593 return; 594 case 0x2005: /* mov.w Rm,@-Rn */ 595 { 596 TCGv addr = tcg_temp_new(); 597 tcg_gen_subi_i32(addr, REG(B11_8), 2); 598 tcg_gen_qemu_st_i32(REG(B7_4), addr, ctx->memidx, MO_TEUW); 599 tcg_gen_mov_i32(REG(B11_8), addr); 600 tcg_temp_free(addr); 601 } 602 return; 603 case 0x2006: /* mov.l Rm,@-Rn */ 604 { 605 TCGv addr = tcg_temp_new(); 606 tcg_gen_subi_i32(addr, REG(B11_8), 4); 607 tcg_gen_qemu_st_i32(REG(B7_4), addr, ctx->memidx, MO_TEUL); 608 tcg_gen_mov_i32(REG(B11_8), addr); 609 tcg_temp_free(addr); 610 } 611 return; 612 case 0x6004: /* mov.b @Rm+,Rn */ 613 tcg_gen_qemu_ld_i32(REG(B11_8), REG(B7_4), ctx->memidx, MO_SB); 614 if ( B11_8 != B7_4 ) 615 tcg_gen_addi_i32(REG(B7_4), REG(B7_4), 1); 616 return; 617 case 0x6005: /* mov.w @Rm+,Rn */ 618 tcg_gen_qemu_ld_i32(REG(B11_8), REG(B7_4), ctx->memidx, MO_TESW); 619 if ( B11_8 != B7_4 ) 620 tcg_gen_addi_i32(REG(B7_4), REG(B7_4), 2); 621 return; 622 case 0x6006: /* mov.l @Rm+,Rn */ 623 tcg_gen_qemu_ld_i32(REG(B11_8), REG(B7_4), ctx->memidx, MO_TESL); 624 if ( B11_8 != B7_4 ) 625 tcg_gen_addi_i32(REG(B7_4), REG(B7_4), 4); 626 return; 627 case 0x0004: /* mov.b Rm,@(R0,Rn) */ 628 { 629 TCGv addr = tcg_temp_new(); 630 tcg_gen_add_i32(addr, REG(B11_8), REG(0)); 631 tcg_gen_qemu_st_i32(REG(B7_4), addr, ctx->memidx, MO_UB); 632 tcg_temp_free(addr); 633 } 634 return; 635 case 0x0005: /* mov.w Rm,@(R0,Rn) */ 636 { 637 TCGv addr = tcg_temp_new(); 638 tcg_gen_add_i32(addr, REG(B11_8), REG(0)); 639 tcg_gen_qemu_st_i32(REG(B7_4), addr, ctx->memidx, MO_TEUW); 640 tcg_temp_free(addr); 641 } 642 return; 643 case 0x0006: /* mov.l Rm,@(R0,Rn) */ 644 { 645 TCGv addr = tcg_temp_new(); 646 tcg_gen_add_i32(addr, REG(B11_8), REG(0)); 647 tcg_gen_qemu_st_i32(REG(B7_4), addr, ctx->memidx, MO_TEUL); 648 tcg_temp_free(addr); 649 } 650 return; 651 case 0x000c: /* mov.b @(R0,Rm),Rn */ 652 { 653 TCGv addr = tcg_temp_new(); 654 tcg_gen_add_i32(addr, REG(B7_4), REG(0)); 655 tcg_gen_qemu_ld_i32(REG(B11_8), addr, ctx->memidx, MO_SB); 656 tcg_temp_free(addr); 657 } 658 return; 659 case 0x000d: /* mov.w @(R0,Rm),Rn */ 660 { 661 TCGv addr = tcg_temp_new(); 662 tcg_gen_add_i32(addr, REG(B7_4), REG(0)); 663 tcg_gen_qemu_ld_i32(REG(B11_8), addr, ctx->memidx, MO_TESW); 664 tcg_temp_free(addr); 665 } 666 return; 667 case 0x000e: /* mov.l @(R0,Rm),Rn */ 668 { 669 TCGv addr = tcg_temp_new(); 670 tcg_gen_add_i32(addr, REG(B7_4), REG(0)); 671 tcg_gen_qemu_ld_i32(REG(B11_8), addr, ctx->memidx, MO_TESL); 672 tcg_temp_free(addr); 673 } 674 return; 675 case 0x6008: /* swap.b Rm,Rn */ 676 { 677 TCGv low = tcg_temp_new(); 678 tcg_gen_ext16u_i32(low, REG(B7_4)); 679 tcg_gen_bswap16_i32(low, low); 680 tcg_gen_deposit_i32(REG(B11_8), REG(B7_4), low, 0, 16); 681 tcg_temp_free(low); 682 } 683 return; 684 case 0x6009: /* swap.w Rm,Rn */ 685 tcg_gen_rotli_i32(REG(B11_8), REG(B7_4), 16); 686 return; 687 case 0x200d: /* xtrct Rm,Rn */ 688 { 689 TCGv high, low; 690 high = tcg_temp_new(); 691 tcg_gen_shli_i32(high, REG(B7_4), 16); 692 low = tcg_temp_new(); 693 tcg_gen_shri_i32(low, REG(B11_8), 16); 694 tcg_gen_or_i32(REG(B11_8), high, low); 695 tcg_temp_free(low); 696 tcg_temp_free(high); 697 } 698 return; 699 case 0x300c: /* add Rm,Rn */ 700 tcg_gen_add_i32(REG(B11_8), REG(B11_8), REG(B7_4)); 701 return; 702 case 0x300e: /* addc Rm,Rn */ 703 { 704 TCGv t0, t1; 705 t0 = tcg_const_tl(0); 706 t1 = tcg_temp_new(); 707 tcg_gen_add2_i32(t1, cpu_sr_t, cpu_sr_t, t0, REG(B7_4), t0); 708 tcg_gen_add2_i32(REG(B11_8), cpu_sr_t, 709 REG(B11_8), t0, t1, cpu_sr_t); 710 tcg_temp_free(t0); 711 tcg_temp_free(t1); 712 } 713 return; 714 case 0x300f: /* addv Rm,Rn */ 715 { 716 TCGv t0, t1, t2; 717 t0 = tcg_temp_new(); 718 tcg_gen_add_i32(t0, REG(B7_4), REG(B11_8)); 719 t1 = tcg_temp_new(); 720 tcg_gen_xor_i32(t1, t0, REG(B11_8)); 721 t2 = tcg_temp_new(); 722 tcg_gen_xor_i32(t2, REG(B7_4), REG(B11_8)); 723 tcg_gen_andc_i32(cpu_sr_t, t1, t2); 724 tcg_temp_free(t2); 725 tcg_gen_shri_i32(cpu_sr_t, cpu_sr_t, 31); 726 tcg_temp_free(t1); 727 tcg_gen_mov_i32(REG(B7_4), t0); 728 tcg_temp_free(t0); 729 } 730 return; 731 case 0x2009: /* and Rm,Rn */ 732 tcg_gen_and_i32(REG(B11_8), REG(B11_8), REG(B7_4)); 733 return; 734 case 0x3000: /* cmp/eq Rm,Rn */ 735 tcg_gen_setcond_i32(TCG_COND_EQ, cpu_sr_t, REG(B11_8), REG(B7_4)); 736 return; 737 case 0x3003: /* cmp/ge Rm,Rn */ 738 tcg_gen_setcond_i32(TCG_COND_GE, cpu_sr_t, REG(B11_8), REG(B7_4)); 739 return; 740 case 0x3007: /* cmp/gt Rm,Rn */ 741 tcg_gen_setcond_i32(TCG_COND_GT, cpu_sr_t, REG(B11_8), REG(B7_4)); 742 return; 743 case 0x3006: /* cmp/hi Rm,Rn */ 744 tcg_gen_setcond_i32(TCG_COND_GTU, cpu_sr_t, REG(B11_8), REG(B7_4)); 745 return; 746 case 0x3002: /* cmp/hs Rm,Rn */ 747 tcg_gen_setcond_i32(TCG_COND_GEU, cpu_sr_t, REG(B11_8), REG(B7_4)); 748 return; 749 case 0x200c: /* cmp/str Rm,Rn */ 750 { 751 TCGv cmp1 = tcg_temp_new(); 752 TCGv cmp2 = tcg_temp_new(); 753 tcg_gen_xor_i32(cmp2, REG(B7_4), REG(B11_8)); 754 tcg_gen_subi_i32(cmp1, cmp2, 0x01010101); 755 tcg_gen_andc_i32(cmp1, cmp1, cmp2); 756 tcg_gen_andi_i32(cmp1, cmp1, 0x80808080); 757 tcg_gen_setcondi_i32(TCG_COND_NE, cpu_sr_t, cmp1, 0); 758 tcg_temp_free(cmp2); 759 tcg_temp_free(cmp1); 760 } 761 return; 762 case 0x2007: /* div0s Rm,Rn */ 763 tcg_gen_shri_i32(cpu_sr_q, REG(B11_8), 31); /* SR_Q */ 764 tcg_gen_shri_i32(cpu_sr_m, REG(B7_4), 31); /* SR_M */ 765 tcg_gen_xor_i32(cpu_sr_t, cpu_sr_q, cpu_sr_m); /* SR_T */ 766 return; 767 case 0x3004: /* div1 Rm,Rn */ 768 { 769 TCGv t0 = tcg_temp_new(); 770 TCGv t1 = tcg_temp_new(); 771 TCGv t2 = tcg_temp_new(); 772 TCGv zero = tcg_const_i32(0); 773 774 /* shift left arg1, saving the bit being pushed out and inserting 775 T on the right */ 776 tcg_gen_shri_i32(t0, REG(B11_8), 31); 777 tcg_gen_shli_i32(REG(B11_8), REG(B11_8), 1); 778 tcg_gen_or_i32(REG(B11_8), REG(B11_8), cpu_sr_t); 779 780 /* Add or subtract arg0 from arg1 depending if Q == M. To avoid 781 using 64-bit temps, we compute arg0's high part from q ^ m, so 782 that it is 0x00000000 when adding the value or 0xffffffff when 783 subtracting it. */ 784 tcg_gen_xor_i32(t1, cpu_sr_q, cpu_sr_m); 785 tcg_gen_subi_i32(t1, t1, 1); 786 tcg_gen_neg_i32(t2, REG(B7_4)); 787 tcg_gen_movcond_i32(TCG_COND_EQ, t2, t1, zero, REG(B7_4), t2); 788 tcg_gen_add2_i32(REG(B11_8), t1, REG(B11_8), zero, t2, t1); 789 790 /* compute T and Q depending on carry */ 791 tcg_gen_andi_i32(t1, t1, 1); 792 tcg_gen_xor_i32(t1, t1, t0); 793 tcg_gen_xori_i32(cpu_sr_t, t1, 1); 794 tcg_gen_xor_i32(cpu_sr_q, cpu_sr_m, t1); 795 796 tcg_temp_free(zero); 797 tcg_temp_free(t2); 798 tcg_temp_free(t1); 799 tcg_temp_free(t0); 800 } 801 return; 802 case 0x300d: /* dmuls.l Rm,Rn */ 803 tcg_gen_muls2_i32(cpu_macl, cpu_mach, REG(B7_4), REG(B11_8)); 804 return; 805 case 0x3005: /* dmulu.l Rm,Rn */ 806 tcg_gen_mulu2_i32(cpu_macl, cpu_mach, REG(B7_4), REG(B11_8)); 807 return; 808 case 0x600e: /* exts.b Rm,Rn */ 809 tcg_gen_ext8s_i32(REG(B11_8), REG(B7_4)); 810 return; 811 case 0x600f: /* exts.w Rm,Rn */ 812 tcg_gen_ext16s_i32(REG(B11_8), REG(B7_4)); 813 return; 814 case 0x600c: /* extu.b Rm,Rn */ 815 tcg_gen_ext8u_i32(REG(B11_8), REG(B7_4)); 816 return; 817 case 0x600d: /* extu.w Rm,Rn */ 818 tcg_gen_ext16u_i32(REG(B11_8), REG(B7_4)); 819 return; 820 case 0x000f: /* mac.l @Rm+,@Rn+ */ 821 { 822 TCGv arg0, arg1; 823 arg0 = tcg_temp_new(); 824 tcg_gen_qemu_ld_i32(arg0, REG(B7_4), ctx->memidx, MO_TESL); 825 arg1 = tcg_temp_new(); 826 tcg_gen_qemu_ld_i32(arg1, REG(B11_8), ctx->memidx, MO_TESL); 827 gen_helper_macl(cpu_env, arg0, arg1); 828 tcg_temp_free(arg1); 829 tcg_temp_free(arg0); 830 tcg_gen_addi_i32(REG(B7_4), REG(B7_4), 4); 831 tcg_gen_addi_i32(REG(B11_8), REG(B11_8), 4); 832 } 833 return; 834 case 0x400f: /* mac.w @Rm+,@Rn+ */ 835 { 836 TCGv arg0, arg1; 837 arg0 = tcg_temp_new(); 838 tcg_gen_qemu_ld_i32(arg0, REG(B7_4), ctx->memidx, MO_TESL); 839 arg1 = tcg_temp_new(); 840 tcg_gen_qemu_ld_i32(arg1, REG(B11_8), ctx->memidx, MO_TESL); 841 gen_helper_macw(cpu_env, arg0, arg1); 842 tcg_temp_free(arg1); 843 tcg_temp_free(arg0); 844 tcg_gen_addi_i32(REG(B11_8), REG(B11_8), 2); 845 tcg_gen_addi_i32(REG(B7_4), REG(B7_4), 2); 846 } 847 return; 848 case 0x0007: /* mul.l Rm,Rn */ 849 tcg_gen_mul_i32(cpu_macl, REG(B7_4), REG(B11_8)); 850 return; 851 case 0x200f: /* muls.w Rm,Rn */ 852 { 853 TCGv arg0, arg1; 854 arg0 = tcg_temp_new(); 855 tcg_gen_ext16s_i32(arg0, REG(B7_4)); 856 arg1 = tcg_temp_new(); 857 tcg_gen_ext16s_i32(arg1, REG(B11_8)); 858 tcg_gen_mul_i32(cpu_macl, arg0, arg1); 859 tcg_temp_free(arg1); 860 tcg_temp_free(arg0); 861 } 862 return; 863 case 0x200e: /* mulu.w Rm,Rn */ 864 { 865 TCGv arg0, arg1; 866 arg0 = tcg_temp_new(); 867 tcg_gen_ext16u_i32(arg0, REG(B7_4)); 868 arg1 = tcg_temp_new(); 869 tcg_gen_ext16u_i32(arg1, REG(B11_8)); 870 tcg_gen_mul_i32(cpu_macl, arg0, arg1); 871 tcg_temp_free(arg1); 872 tcg_temp_free(arg0); 873 } 874 return; 875 case 0x600b: /* neg Rm,Rn */ 876 tcg_gen_neg_i32(REG(B11_8), REG(B7_4)); 877 return; 878 case 0x600a: /* negc Rm,Rn */ 879 { 880 TCGv t0 = tcg_const_i32(0); 881 tcg_gen_add2_i32(REG(B11_8), cpu_sr_t, 882 REG(B7_4), t0, cpu_sr_t, t0); 883 tcg_gen_sub2_i32(REG(B11_8), cpu_sr_t, 884 t0, t0, REG(B11_8), cpu_sr_t); 885 tcg_gen_andi_i32(cpu_sr_t, cpu_sr_t, 1); 886 tcg_temp_free(t0); 887 } 888 return; 889 case 0x6007: /* not Rm,Rn */ 890 tcg_gen_not_i32(REG(B11_8), REG(B7_4)); 891 return; 892 case 0x200b: /* or Rm,Rn */ 893 tcg_gen_or_i32(REG(B11_8), REG(B11_8), REG(B7_4)); 894 return; 895 case 0x400c: /* shad Rm,Rn */ 896 { 897 TCGv t0 = tcg_temp_new(); 898 TCGv t1 = tcg_temp_new(); 899 TCGv t2 = tcg_temp_new(); 900 901 tcg_gen_andi_i32(t0, REG(B7_4), 0x1f); 902 903 /* positive case: shift to the left */ 904 tcg_gen_shl_i32(t1, REG(B11_8), t0); 905 906 /* negative case: shift to the right in two steps to 907 correctly handle the -32 case */ 908 tcg_gen_xori_i32(t0, t0, 0x1f); 909 tcg_gen_sar_i32(t2, REG(B11_8), t0); 910 tcg_gen_sari_i32(t2, t2, 1); 911 912 /* select between the two cases */ 913 tcg_gen_movi_i32(t0, 0); 914 tcg_gen_movcond_i32(TCG_COND_GE, REG(B11_8), REG(B7_4), t0, t1, t2); 915 916 tcg_temp_free(t0); 917 tcg_temp_free(t1); 918 tcg_temp_free(t2); 919 } 920 return; 921 case 0x400d: /* shld Rm,Rn */ 922 { 923 TCGv t0 = tcg_temp_new(); 924 TCGv t1 = tcg_temp_new(); 925 TCGv t2 = tcg_temp_new(); 926 927 tcg_gen_andi_i32(t0, REG(B7_4), 0x1f); 928 929 /* positive case: shift to the left */ 930 tcg_gen_shl_i32(t1, REG(B11_8), t0); 931 932 /* negative case: shift to the right in two steps to 933 correctly handle the -32 case */ 934 tcg_gen_xori_i32(t0, t0, 0x1f); 935 tcg_gen_shr_i32(t2, REG(B11_8), t0); 936 tcg_gen_shri_i32(t2, t2, 1); 937 938 /* select between the two cases */ 939 tcg_gen_movi_i32(t0, 0); 940 tcg_gen_movcond_i32(TCG_COND_GE, REG(B11_8), REG(B7_4), t0, t1, t2); 941 942 tcg_temp_free(t0); 943 tcg_temp_free(t1); 944 tcg_temp_free(t2); 945 } 946 return; 947 case 0x3008: /* sub Rm,Rn */ 948 tcg_gen_sub_i32(REG(B11_8), REG(B11_8), REG(B7_4)); 949 return; 950 case 0x300a: /* subc Rm,Rn */ 951 { 952 TCGv t0, t1; 953 t0 = tcg_const_tl(0); 954 t1 = tcg_temp_new(); 955 tcg_gen_add2_i32(t1, cpu_sr_t, cpu_sr_t, t0, REG(B7_4), t0); 956 tcg_gen_sub2_i32(REG(B11_8), cpu_sr_t, 957 REG(B11_8), t0, t1, cpu_sr_t); 958 tcg_gen_andi_i32(cpu_sr_t, cpu_sr_t, 1); 959 tcg_temp_free(t0); 960 tcg_temp_free(t1); 961 } 962 return; 963 case 0x300b: /* subv Rm,Rn */ 964 { 965 TCGv t0, t1, t2; 966 t0 = tcg_temp_new(); 967 tcg_gen_sub_i32(t0, REG(B11_8), REG(B7_4)); 968 t1 = tcg_temp_new(); 969 tcg_gen_xor_i32(t1, t0, REG(B7_4)); 970 t2 = tcg_temp_new(); 971 tcg_gen_xor_i32(t2, REG(B11_8), REG(B7_4)); 972 tcg_gen_and_i32(t1, t1, t2); 973 tcg_temp_free(t2); 974 tcg_gen_shri_i32(cpu_sr_t, t1, 31); 975 tcg_temp_free(t1); 976 tcg_gen_mov_i32(REG(B11_8), t0); 977 tcg_temp_free(t0); 978 } 979 return; 980 case 0x2008: /* tst Rm,Rn */ 981 { 982 TCGv val = tcg_temp_new(); 983 tcg_gen_and_i32(val, REG(B7_4), REG(B11_8)); 984 tcg_gen_setcondi_i32(TCG_COND_EQ, cpu_sr_t, val, 0); 985 tcg_temp_free(val); 986 } 987 return; 988 case 0x200a: /* xor Rm,Rn */ 989 tcg_gen_xor_i32(REG(B11_8), REG(B11_8), REG(B7_4)); 990 return; 991 case 0xf00c: /* fmov {F,D,X}Rm,{F,D,X}Rn - FPSCR: Nothing */ 992 CHECK_FPU_ENABLED 993 if (ctx->tbflags & FPSCR_SZ) { 994 int xsrc = XHACK(B7_4); 995 int xdst = XHACK(B11_8); 996 tcg_gen_mov_i32(FREG(xdst), FREG(xsrc)); 997 tcg_gen_mov_i32(FREG(xdst + 1), FREG(xsrc + 1)); 998 } else { 999 tcg_gen_mov_i32(FREG(B11_8), FREG(B7_4)); 1000 } 1001 return; 1002 case 0xf00a: /* fmov {F,D,X}Rm,@Rn - FPSCR: Nothing */ 1003 CHECK_FPU_ENABLED 1004 if (ctx->tbflags & FPSCR_SZ) { 1005 TCGv_i64 fp = tcg_temp_new_i64(); 1006 gen_load_fpr64(ctx, fp, XHACK(B7_4)); 1007 tcg_gen_qemu_st_i64(fp, REG(B11_8), ctx->memidx, MO_TEQ); 1008 tcg_temp_free_i64(fp); 1009 } else { 1010 tcg_gen_qemu_st_i32(FREG(B7_4), REG(B11_8), ctx->memidx, MO_TEUL); 1011 } 1012 return; 1013 case 0xf008: /* fmov @Rm,{F,D,X}Rn - FPSCR: Nothing */ 1014 CHECK_FPU_ENABLED 1015 if (ctx->tbflags & FPSCR_SZ) { 1016 TCGv_i64 fp = tcg_temp_new_i64(); 1017 tcg_gen_qemu_ld_i64(fp, REG(B7_4), ctx->memidx, MO_TEQ); 1018 gen_store_fpr64(ctx, fp, XHACK(B11_8)); 1019 tcg_temp_free_i64(fp); 1020 } else { 1021 tcg_gen_qemu_ld_i32(FREG(B11_8), REG(B7_4), ctx->memidx, MO_TEUL); 1022 } 1023 return; 1024 case 0xf009: /* fmov @Rm+,{F,D,X}Rn - FPSCR: Nothing */ 1025 CHECK_FPU_ENABLED 1026 if (ctx->tbflags & FPSCR_SZ) { 1027 TCGv_i64 fp = tcg_temp_new_i64(); 1028 tcg_gen_qemu_ld_i64(fp, REG(B7_4), ctx->memidx, MO_TEQ); 1029 gen_store_fpr64(ctx, fp, XHACK(B11_8)); 1030 tcg_temp_free_i64(fp); 1031 tcg_gen_addi_i32(REG(B7_4), REG(B7_4), 8); 1032 } else { 1033 tcg_gen_qemu_ld_i32(FREG(B11_8), REG(B7_4), ctx->memidx, MO_TEUL); 1034 tcg_gen_addi_i32(REG(B7_4), REG(B7_4), 4); 1035 } 1036 return; 1037 case 0xf00b: /* fmov {F,D,X}Rm,@-Rn - FPSCR: Nothing */ 1038 CHECK_FPU_ENABLED 1039 { 1040 TCGv addr = tcg_temp_new_i32(); 1041 if (ctx->tbflags & FPSCR_SZ) { 1042 TCGv_i64 fp = tcg_temp_new_i64(); 1043 gen_load_fpr64(ctx, fp, XHACK(B7_4)); 1044 tcg_gen_subi_i32(addr, REG(B11_8), 8); 1045 tcg_gen_qemu_st_i64(fp, addr, ctx->memidx, MO_TEQ); 1046 tcg_temp_free_i64(fp); 1047 } else { 1048 tcg_gen_subi_i32(addr, REG(B11_8), 4); 1049 tcg_gen_qemu_st_i32(FREG(B7_4), addr, ctx->memidx, MO_TEUL); 1050 } 1051 tcg_gen_mov_i32(REG(B11_8), addr); 1052 tcg_temp_free(addr); 1053 } 1054 return; 1055 case 0xf006: /* fmov @(R0,Rm),{F,D,X}Rm - FPSCR: Nothing */ 1056 CHECK_FPU_ENABLED 1057 { 1058 TCGv addr = tcg_temp_new_i32(); 1059 tcg_gen_add_i32(addr, REG(B7_4), REG(0)); 1060 if (ctx->tbflags & FPSCR_SZ) { 1061 TCGv_i64 fp = tcg_temp_new_i64(); 1062 tcg_gen_qemu_ld_i64(fp, addr, ctx->memidx, MO_TEQ); 1063 gen_store_fpr64(ctx, fp, XHACK(B11_8)); 1064 tcg_temp_free_i64(fp); 1065 } else { 1066 tcg_gen_qemu_ld_i32(FREG(B11_8), addr, ctx->memidx, MO_TEUL); 1067 } 1068 tcg_temp_free(addr); 1069 } 1070 return; 1071 case 0xf007: /* fmov {F,D,X}Rn,@(R0,Rn) - FPSCR: Nothing */ 1072 CHECK_FPU_ENABLED 1073 { 1074 TCGv addr = tcg_temp_new(); 1075 tcg_gen_add_i32(addr, REG(B11_8), REG(0)); 1076 if (ctx->tbflags & FPSCR_SZ) { 1077 TCGv_i64 fp = tcg_temp_new_i64(); 1078 gen_load_fpr64(ctx, fp, XHACK(B7_4)); 1079 tcg_gen_qemu_st_i64(fp, addr, ctx->memidx, MO_TEQ); 1080 tcg_temp_free_i64(fp); 1081 } else { 1082 tcg_gen_qemu_st_i32(FREG(B7_4), addr, ctx->memidx, MO_TEUL); 1083 } 1084 tcg_temp_free(addr); 1085 } 1086 return; 1087 case 0xf000: /* fadd Rm,Rn - FPSCR: R[PR,Enable.O/U/I]/W[Cause,Flag] */ 1088 case 0xf001: /* fsub Rm,Rn - FPSCR: R[PR,Enable.O/U/I]/W[Cause,Flag] */ 1089 case 0xf002: /* fmul Rm,Rn - FPSCR: R[PR,Enable.O/U/I]/W[Cause,Flag] */ 1090 case 0xf003: /* fdiv Rm,Rn - FPSCR: R[PR,Enable.O/U/I]/W[Cause,Flag] */ 1091 case 0xf004: /* fcmp/eq Rm,Rn - FPSCR: R[PR,Enable.V]/W[Cause,Flag] */ 1092 case 0xf005: /* fcmp/gt Rm,Rn - FPSCR: R[PR,Enable.V]/W[Cause,Flag] */ 1093 { 1094 CHECK_FPU_ENABLED 1095 if (ctx->tbflags & FPSCR_PR) { 1096 TCGv_i64 fp0, fp1; 1097 1098 if (ctx->opcode & 0x0110) { 1099 goto do_illegal; 1100 } 1101 fp0 = tcg_temp_new_i64(); 1102 fp1 = tcg_temp_new_i64(); 1103 gen_load_fpr64(ctx, fp0, B11_8); 1104 gen_load_fpr64(ctx, fp1, B7_4); 1105 switch (ctx->opcode & 0xf00f) { 1106 case 0xf000: /* fadd Rm,Rn */ 1107 gen_helper_fadd_DT(fp0, cpu_env, fp0, fp1); 1108 break; 1109 case 0xf001: /* fsub Rm,Rn */ 1110 gen_helper_fsub_DT(fp0, cpu_env, fp0, fp1); 1111 break; 1112 case 0xf002: /* fmul Rm,Rn */ 1113 gen_helper_fmul_DT(fp0, cpu_env, fp0, fp1); 1114 break; 1115 case 0xf003: /* fdiv Rm,Rn */ 1116 gen_helper_fdiv_DT(fp0, cpu_env, fp0, fp1); 1117 break; 1118 case 0xf004: /* fcmp/eq Rm,Rn */ 1119 gen_helper_fcmp_eq_DT(cpu_sr_t, cpu_env, fp0, fp1); 1120 return; 1121 case 0xf005: /* fcmp/gt Rm,Rn */ 1122 gen_helper_fcmp_gt_DT(cpu_sr_t, cpu_env, fp0, fp1); 1123 return; 1124 } 1125 gen_store_fpr64(ctx, fp0, B11_8); 1126 tcg_temp_free_i64(fp0); 1127 tcg_temp_free_i64(fp1); 1128 } else { 1129 switch (ctx->opcode & 0xf00f) { 1130 case 0xf000: /* fadd Rm,Rn */ 1131 gen_helper_fadd_FT(FREG(B11_8), cpu_env, 1132 FREG(B11_8), FREG(B7_4)); 1133 break; 1134 case 0xf001: /* fsub Rm,Rn */ 1135 gen_helper_fsub_FT(FREG(B11_8), cpu_env, 1136 FREG(B11_8), FREG(B7_4)); 1137 break; 1138 case 0xf002: /* fmul Rm,Rn */ 1139 gen_helper_fmul_FT(FREG(B11_8), cpu_env, 1140 FREG(B11_8), FREG(B7_4)); 1141 break; 1142 case 0xf003: /* fdiv Rm,Rn */ 1143 gen_helper_fdiv_FT(FREG(B11_8), cpu_env, 1144 FREG(B11_8), FREG(B7_4)); 1145 break; 1146 case 0xf004: /* fcmp/eq Rm,Rn */ 1147 gen_helper_fcmp_eq_FT(cpu_sr_t, cpu_env, 1148 FREG(B11_8), FREG(B7_4)); 1149 return; 1150 case 0xf005: /* fcmp/gt Rm,Rn */ 1151 gen_helper_fcmp_gt_FT(cpu_sr_t, cpu_env, 1152 FREG(B11_8), FREG(B7_4)); 1153 return; 1154 } 1155 } 1156 } 1157 return; 1158 case 0xf00e: /* fmac FR0,RM,Rn */ 1159 CHECK_FPU_ENABLED 1160 CHECK_FPSCR_PR_0 1161 gen_helper_fmac_FT(FREG(B11_8), cpu_env, 1162 FREG(0), FREG(B7_4), FREG(B11_8)); 1163 return; 1164 } 1165 1166 switch (ctx->opcode & 0xff00) { 1167 case 0xc900: /* and #imm,R0 */ 1168 tcg_gen_andi_i32(REG(0), REG(0), B7_0); 1169 return; 1170 case 0xcd00: /* and.b #imm,@(R0,GBR) */ 1171 { 1172 TCGv addr, val; 1173 addr = tcg_temp_new(); 1174 tcg_gen_add_i32(addr, REG(0), cpu_gbr); 1175 val = tcg_temp_new(); 1176 tcg_gen_qemu_ld_i32(val, addr, ctx->memidx, MO_UB); 1177 tcg_gen_andi_i32(val, val, B7_0); 1178 tcg_gen_qemu_st_i32(val, addr, ctx->memidx, MO_UB); 1179 tcg_temp_free(val); 1180 tcg_temp_free(addr); 1181 } 1182 return; 1183 case 0x8b00: /* bf label */ 1184 CHECK_NOT_DELAY_SLOT 1185 gen_conditional_jump(ctx, ctx->base.pc_next + 4 + B7_0s * 2, false); 1186 return; 1187 case 0x8f00: /* bf/s label */ 1188 CHECK_NOT_DELAY_SLOT 1189 tcg_gen_xori_i32(cpu_delayed_cond, cpu_sr_t, 1); 1190 ctx->delayed_pc = ctx->base.pc_next + 4 + B7_0s * 2; 1191 ctx->envflags |= DELAY_SLOT_CONDITIONAL; 1192 return; 1193 case 0x8900: /* bt label */ 1194 CHECK_NOT_DELAY_SLOT 1195 gen_conditional_jump(ctx, ctx->base.pc_next + 4 + B7_0s * 2, true); 1196 return; 1197 case 0x8d00: /* bt/s label */ 1198 CHECK_NOT_DELAY_SLOT 1199 tcg_gen_mov_i32(cpu_delayed_cond, cpu_sr_t); 1200 ctx->delayed_pc = ctx->base.pc_next + 4 + B7_0s * 2; 1201 ctx->envflags |= DELAY_SLOT_CONDITIONAL; 1202 return; 1203 case 0x8800: /* cmp/eq #imm,R0 */ 1204 tcg_gen_setcondi_i32(TCG_COND_EQ, cpu_sr_t, REG(0), B7_0s); 1205 return; 1206 case 0xc400: /* mov.b @(disp,GBR),R0 */ 1207 { 1208 TCGv addr = tcg_temp_new(); 1209 tcg_gen_addi_i32(addr, cpu_gbr, B7_0); 1210 tcg_gen_qemu_ld_i32(REG(0), addr, ctx->memidx, MO_SB); 1211 tcg_temp_free(addr); 1212 } 1213 return; 1214 case 0xc500: /* mov.w @(disp,GBR),R0 */ 1215 { 1216 TCGv addr = tcg_temp_new(); 1217 tcg_gen_addi_i32(addr, cpu_gbr, B7_0 * 2); 1218 tcg_gen_qemu_ld_i32(REG(0), addr, ctx->memidx, MO_TESW); 1219 tcg_temp_free(addr); 1220 } 1221 return; 1222 case 0xc600: /* mov.l @(disp,GBR),R0 */ 1223 { 1224 TCGv addr = tcg_temp_new(); 1225 tcg_gen_addi_i32(addr, cpu_gbr, B7_0 * 4); 1226 tcg_gen_qemu_ld_i32(REG(0), addr, ctx->memidx, MO_TESL); 1227 tcg_temp_free(addr); 1228 } 1229 return; 1230 case 0xc000: /* mov.b R0,@(disp,GBR) */ 1231 { 1232 TCGv addr = tcg_temp_new(); 1233 tcg_gen_addi_i32(addr, cpu_gbr, B7_0); 1234 tcg_gen_qemu_st_i32(REG(0), addr, ctx->memidx, MO_UB); 1235 tcg_temp_free(addr); 1236 } 1237 return; 1238 case 0xc100: /* mov.w R0,@(disp,GBR) */ 1239 { 1240 TCGv addr = tcg_temp_new(); 1241 tcg_gen_addi_i32(addr, cpu_gbr, B7_0 * 2); 1242 tcg_gen_qemu_st_i32(REG(0), addr, ctx->memidx, MO_TEUW); 1243 tcg_temp_free(addr); 1244 } 1245 return; 1246 case 0xc200: /* mov.l R0,@(disp,GBR) */ 1247 { 1248 TCGv addr = tcg_temp_new(); 1249 tcg_gen_addi_i32(addr, cpu_gbr, B7_0 * 4); 1250 tcg_gen_qemu_st_i32(REG(0), addr, ctx->memidx, MO_TEUL); 1251 tcg_temp_free(addr); 1252 } 1253 return; 1254 case 0x8000: /* mov.b R0,@(disp,Rn) */ 1255 { 1256 TCGv addr = tcg_temp_new(); 1257 tcg_gen_addi_i32(addr, REG(B7_4), B3_0); 1258 tcg_gen_qemu_st_i32(REG(0), addr, ctx->memidx, MO_UB); 1259 tcg_temp_free(addr); 1260 } 1261 return; 1262 case 0x8100: /* mov.w R0,@(disp,Rn) */ 1263 { 1264 TCGv addr = tcg_temp_new(); 1265 tcg_gen_addi_i32(addr, REG(B7_4), B3_0 * 2); 1266 tcg_gen_qemu_st_i32(REG(0), addr, ctx->memidx, MO_TEUW); 1267 tcg_temp_free(addr); 1268 } 1269 return; 1270 case 0x8400: /* mov.b @(disp,Rn),R0 */ 1271 { 1272 TCGv addr = tcg_temp_new(); 1273 tcg_gen_addi_i32(addr, REG(B7_4), B3_0); 1274 tcg_gen_qemu_ld_i32(REG(0), addr, ctx->memidx, MO_SB); 1275 tcg_temp_free(addr); 1276 } 1277 return; 1278 case 0x8500: /* mov.w @(disp,Rn),R0 */ 1279 { 1280 TCGv addr = tcg_temp_new(); 1281 tcg_gen_addi_i32(addr, REG(B7_4), B3_0 * 2); 1282 tcg_gen_qemu_ld_i32(REG(0), addr, ctx->memidx, MO_TESW); 1283 tcg_temp_free(addr); 1284 } 1285 return; 1286 case 0xc700: /* mova @(disp,PC),R0 */ 1287 tcg_gen_movi_i32(REG(0), ((ctx->base.pc_next & 0xfffffffc) + 1288 4 + B7_0 * 4) & ~3); 1289 return; 1290 case 0xcb00: /* or #imm,R0 */ 1291 tcg_gen_ori_i32(REG(0), REG(0), B7_0); 1292 return; 1293 case 0xcf00: /* or.b #imm,@(R0,GBR) */ 1294 { 1295 TCGv addr, val; 1296 addr = tcg_temp_new(); 1297 tcg_gen_add_i32(addr, REG(0), cpu_gbr); 1298 val = tcg_temp_new(); 1299 tcg_gen_qemu_ld_i32(val, addr, ctx->memidx, MO_UB); 1300 tcg_gen_ori_i32(val, val, B7_0); 1301 tcg_gen_qemu_st_i32(val, addr, ctx->memidx, MO_UB); 1302 tcg_temp_free(val); 1303 tcg_temp_free(addr); 1304 } 1305 return; 1306 case 0xc300: /* trapa #imm */ 1307 { 1308 TCGv imm; 1309 CHECK_NOT_DELAY_SLOT 1310 gen_save_cpu_state(ctx, true); 1311 imm = tcg_const_i32(B7_0); 1312 gen_helper_trapa(cpu_env, imm); 1313 tcg_temp_free(imm); 1314 ctx->base.is_jmp = DISAS_NORETURN; 1315 } 1316 return; 1317 case 0xc800: /* tst #imm,R0 */ 1318 { 1319 TCGv val = tcg_temp_new(); 1320 tcg_gen_andi_i32(val, REG(0), B7_0); 1321 tcg_gen_setcondi_i32(TCG_COND_EQ, cpu_sr_t, val, 0); 1322 tcg_temp_free(val); 1323 } 1324 return; 1325 case 0xcc00: /* tst.b #imm,@(R0,GBR) */ 1326 { 1327 TCGv val = tcg_temp_new(); 1328 tcg_gen_add_i32(val, REG(0), cpu_gbr); 1329 tcg_gen_qemu_ld_i32(val, val, ctx->memidx, MO_UB); 1330 tcg_gen_andi_i32(val, val, B7_0); 1331 tcg_gen_setcondi_i32(TCG_COND_EQ, cpu_sr_t, val, 0); 1332 tcg_temp_free(val); 1333 } 1334 return; 1335 case 0xca00: /* xor #imm,R0 */ 1336 tcg_gen_xori_i32(REG(0), REG(0), B7_0); 1337 return; 1338 case 0xce00: /* xor.b #imm,@(R0,GBR) */ 1339 { 1340 TCGv addr, val; 1341 addr = tcg_temp_new(); 1342 tcg_gen_add_i32(addr, REG(0), cpu_gbr); 1343 val = tcg_temp_new(); 1344 tcg_gen_qemu_ld_i32(val, addr, ctx->memidx, MO_UB); 1345 tcg_gen_xori_i32(val, val, B7_0); 1346 tcg_gen_qemu_st_i32(val, addr, ctx->memidx, MO_UB); 1347 tcg_temp_free(val); 1348 tcg_temp_free(addr); 1349 } 1350 return; 1351 } 1352 1353 switch (ctx->opcode & 0xf08f) { 1354 case 0x408e: /* ldc Rm,Rn_BANK */ 1355 CHECK_PRIVILEGED 1356 tcg_gen_mov_i32(ALTREG(B6_4), REG(B11_8)); 1357 return; 1358 case 0x4087: /* ldc.l @Rm+,Rn_BANK */ 1359 CHECK_PRIVILEGED 1360 tcg_gen_qemu_ld_i32(ALTREG(B6_4), REG(B11_8), ctx->memidx, MO_TESL); 1361 tcg_gen_addi_i32(REG(B11_8), REG(B11_8), 4); 1362 return; 1363 case 0x0082: /* stc Rm_BANK,Rn */ 1364 CHECK_PRIVILEGED 1365 tcg_gen_mov_i32(REG(B11_8), ALTREG(B6_4)); 1366 return; 1367 case 0x4083: /* stc.l Rm_BANK,@-Rn */ 1368 CHECK_PRIVILEGED 1369 { 1370 TCGv addr = tcg_temp_new(); 1371 tcg_gen_subi_i32(addr, REG(B11_8), 4); 1372 tcg_gen_qemu_st_i32(ALTREG(B6_4), addr, ctx->memidx, MO_TEUL); 1373 tcg_gen_mov_i32(REG(B11_8), addr); 1374 tcg_temp_free(addr); 1375 } 1376 return; 1377 } 1378 1379 switch (ctx->opcode & 0xf0ff) { 1380 case 0x0023: /* braf Rn */ 1381 CHECK_NOT_DELAY_SLOT 1382 tcg_gen_addi_i32(cpu_delayed_pc, REG(B11_8), ctx->base.pc_next + 4); 1383 ctx->envflags |= DELAY_SLOT; 1384 ctx->delayed_pc = (uint32_t) - 1; 1385 return; 1386 case 0x0003: /* bsrf Rn */ 1387 CHECK_NOT_DELAY_SLOT 1388 tcg_gen_movi_i32(cpu_pr, ctx->base.pc_next + 4); 1389 tcg_gen_add_i32(cpu_delayed_pc, REG(B11_8), cpu_pr); 1390 ctx->envflags |= DELAY_SLOT; 1391 ctx->delayed_pc = (uint32_t) - 1; 1392 return; 1393 case 0x4015: /* cmp/pl Rn */ 1394 tcg_gen_setcondi_i32(TCG_COND_GT, cpu_sr_t, REG(B11_8), 0); 1395 return; 1396 case 0x4011: /* cmp/pz Rn */ 1397 tcg_gen_setcondi_i32(TCG_COND_GE, cpu_sr_t, REG(B11_8), 0); 1398 return; 1399 case 0x4010: /* dt Rn */ 1400 tcg_gen_subi_i32(REG(B11_8), REG(B11_8), 1); 1401 tcg_gen_setcondi_i32(TCG_COND_EQ, cpu_sr_t, REG(B11_8), 0); 1402 return; 1403 case 0x402b: /* jmp @Rn */ 1404 CHECK_NOT_DELAY_SLOT 1405 tcg_gen_mov_i32(cpu_delayed_pc, REG(B11_8)); 1406 ctx->envflags |= DELAY_SLOT; 1407 ctx->delayed_pc = (uint32_t) - 1; 1408 return; 1409 case 0x400b: /* jsr @Rn */ 1410 CHECK_NOT_DELAY_SLOT 1411 tcg_gen_movi_i32(cpu_pr, ctx->base.pc_next + 4); 1412 tcg_gen_mov_i32(cpu_delayed_pc, REG(B11_8)); 1413 ctx->envflags |= DELAY_SLOT; 1414 ctx->delayed_pc = (uint32_t) - 1; 1415 return; 1416 case 0x400e: /* ldc Rm,SR */ 1417 CHECK_PRIVILEGED 1418 { 1419 TCGv val = tcg_temp_new(); 1420 tcg_gen_andi_i32(val, REG(B11_8), 0x700083f3); 1421 gen_write_sr(val); 1422 tcg_temp_free(val); 1423 ctx->base.is_jmp = DISAS_STOP; 1424 } 1425 return; 1426 case 0x4007: /* ldc.l @Rm+,SR */ 1427 CHECK_PRIVILEGED 1428 { 1429 TCGv val = tcg_temp_new(); 1430 tcg_gen_qemu_ld_i32(val, REG(B11_8), ctx->memidx, MO_TESL); 1431 tcg_gen_andi_i32(val, val, 0x700083f3); 1432 gen_write_sr(val); 1433 tcg_temp_free(val); 1434 tcg_gen_addi_i32(REG(B11_8), REG(B11_8), 4); 1435 ctx->base.is_jmp = DISAS_STOP; 1436 } 1437 return; 1438 case 0x0002: /* stc SR,Rn */ 1439 CHECK_PRIVILEGED 1440 gen_read_sr(REG(B11_8)); 1441 return; 1442 case 0x4003: /* stc SR,@-Rn */ 1443 CHECK_PRIVILEGED 1444 { 1445 TCGv addr = tcg_temp_new(); 1446 TCGv val = tcg_temp_new(); 1447 tcg_gen_subi_i32(addr, REG(B11_8), 4); 1448 gen_read_sr(val); 1449 tcg_gen_qemu_st_i32(val, addr, ctx->memidx, MO_TEUL); 1450 tcg_gen_mov_i32(REG(B11_8), addr); 1451 tcg_temp_free(val); 1452 tcg_temp_free(addr); 1453 } 1454 return; 1455 #define LD(reg,ldnum,ldpnum,prechk) \ 1456 case ldnum: \ 1457 prechk \ 1458 tcg_gen_mov_i32 (cpu_##reg, REG(B11_8)); \ 1459 return; \ 1460 case ldpnum: \ 1461 prechk \ 1462 tcg_gen_qemu_ld_i32(cpu_##reg, REG(B11_8), ctx->memidx, MO_TESL); \ 1463 tcg_gen_addi_i32(REG(B11_8), REG(B11_8), 4); \ 1464 return; 1465 #define ST(reg,stnum,stpnum,prechk) \ 1466 case stnum: \ 1467 prechk \ 1468 tcg_gen_mov_i32 (REG(B11_8), cpu_##reg); \ 1469 return; \ 1470 case stpnum: \ 1471 prechk \ 1472 { \ 1473 TCGv addr = tcg_temp_new(); \ 1474 tcg_gen_subi_i32(addr, REG(B11_8), 4); \ 1475 tcg_gen_qemu_st_i32(cpu_##reg, addr, ctx->memidx, MO_TEUL); \ 1476 tcg_gen_mov_i32(REG(B11_8), addr); \ 1477 tcg_temp_free(addr); \ 1478 } \ 1479 return; 1480 #define LDST(reg,ldnum,ldpnum,stnum,stpnum,prechk) \ 1481 LD(reg,ldnum,ldpnum,prechk) \ 1482 ST(reg,stnum,stpnum,prechk) 1483 LDST(gbr, 0x401e, 0x4017, 0x0012, 0x4013, {}) 1484 LDST(vbr, 0x402e, 0x4027, 0x0022, 0x4023, CHECK_PRIVILEGED) 1485 LDST(ssr, 0x403e, 0x4037, 0x0032, 0x4033, CHECK_PRIVILEGED) 1486 LDST(spc, 0x404e, 0x4047, 0x0042, 0x4043, CHECK_PRIVILEGED) 1487 ST(sgr, 0x003a, 0x4032, CHECK_PRIVILEGED) 1488 LD(sgr, 0x403a, 0x4036, CHECK_PRIVILEGED CHECK_SH4A) 1489 LDST(dbr, 0x40fa, 0x40f6, 0x00fa, 0x40f2, CHECK_PRIVILEGED) 1490 LDST(mach, 0x400a, 0x4006, 0x000a, 0x4002, {}) 1491 LDST(macl, 0x401a, 0x4016, 0x001a, 0x4012, {}) 1492 LDST(pr, 0x402a, 0x4026, 0x002a, 0x4022, {}) 1493 LDST(fpul, 0x405a, 0x4056, 0x005a, 0x4052, {CHECK_FPU_ENABLED}) 1494 case 0x406a: /* lds Rm,FPSCR */ 1495 CHECK_FPU_ENABLED 1496 gen_helper_ld_fpscr(cpu_env, REG(B11_8)); 1497 ctx->base.is_jmp = DISAS_STOP; 1498 return; 1499 case 0x4066: /* lds.l @Rm+,FPSCR */ 1500 CHECK_FPU_ENABLED 1501 { 1502 TCGv addr = tcg_temp_new(); 1503 tcg_gen_qemu_ld_i32(addr, REG(B11_8), ctx->memidx, MO_TESL); 1504 tcg_gen_addi_i32(REG(B11_8), REG(B11_8), 4); 1505 gen_helper_ld_fpscr(cpu_env, addr); 1506 tcg_temp_free(addr); 1507 ctx->base.is_jmp = DISAS_STOP; 1508 } 1509 return; 1510 case 0x006a: /* sts FPSCR,Rn */ 1511 CHECK_FPU_ENABLED 1512 tcg_gen_andi_i32(REG(B11_8), cpu_fpscr, 0x003fffff); 1513 return; 1514 case 0x4062: /* sts FPSCR,@-Rn */ 1515 CHECK_FPU_ENABLED 1516 { 1517 TCGv addr, val; 1518 val = tcg_temp_new(); 1519 tcg_gen_andi_i32(val, cpu_fpscr, 0x003fffff); 1520 addr = tcg_temp_new(); 1521 tcg_gen_subi_i32(addr, REG(B11_8), 4); 1522 tcg_gen_qemu_st_i32(val, addr, ctx->memidx, MO_TEUL); 1523 tcg_gen_mov_i32(REG(B11_8), addr); 1524 tcg_temp_free(addr); 1525 tcg_temp_free(val); 1526 } 1527 return; 1528 case 0x00c3: /* movca.l R0,@Rm */ 1529 { 1530 TCGv val = tcg_temp_new(); 1531 tcg_gen_qemu_ld_i32(val, REG(B11_8), ctx->memidx, MO_TEUL); 1532 gen_helper_movcal(cpu_env, REG(B11_8), val); 1533 tcg_gen_qemu_st_i32(REG(0), REG(B11_8), ctx->memidx, MO_TEUL); 1534 tcg_temp_free(val); 1535 } 1536 ctx->has_movcal = 1; 1537 return; 1538 case 0x40a9: /* movua.l @Rm,R0 */ 1539 CHECK_SH4A 1540 /* Load non-boundary-aligned data */ 1541 tcg_gen_qemu_ld_i32(REG(0), REG(B11_8), ctx->memidx, 1542 MO_TEUL | MO_UNALN); 1543 return; 1544 break; 1545 case 0x40e9: /* movua.l @Rm+,R0 */ 1546 CHECK_SH4A 1547 /* Load non-boundary-aligned data */ 1548 tcg_gen_qemu_ld_i32(REG(0), REG(B11_8), ctx->memidx, 1549 MO_TEUL | MO_UNALN); 1550 tcg_gen_addi_i32(REG(B11_8), REG(B11_8), 4); 1551 return; 1552 break; 1553 case 0x0029: /* movt Rn */ 1554 tcg_gen_mov_i32(REG(B11_8), cpu_sr_t); 1555 return; 1556 case 0x0073: 1557 /* MOVCO.L 1558 * LDST -> T 1559 * If (T == 1) R0 -> (Rn) 1560 * 0 -> LDST 1561 * 1562 * The above description doesn't work in a parallel context. 1563 * Since we currently support no smp boards, this implies user-mode. 1564 * But we can still support the official mechanism while user-mode 1565 * is single-threaded. */ 1566 CHECK_SH4A 1567 { 1568 TCGLabel *fail = gen_new_label(); 1569 TCGLabel *done = gen_new_label(); 1570 1571 if ((tb_cflags(ctx->base.tb) & CF_PARALLEL)) { 1572 TCGv tmp; 1573 1574 tcg_gen_brcond_i32(TCG_COND_NE, REG(B11_8), 1575 cpu_lock_addr, fail); 1576 tmp = tcg_temp_new(); 1577 tcg_gen_atomic_cmpxchg_i32(tmp, REG(B11_8), cpu_lock_value, 1578 REG(0), ctx->memidx, MO_TEUL); 1579 tcg_gen_setcond_i32(TCG_COND_EQ, cpu_sr_t, tmp, cpu_lock_value); 1580 tcg_temp_free(tmp); 1581 } else { 1582 tcg_gen_brcondi_i32(TCG_COND_EQ, cpu_lock_addr, -1, fail); 1583 tcg_gen_qemu_st_i32(REG(0), REG(B11_8), ctx->memidx, MO_TEUL); 1584 tcg_gen_movi_i32(cpu_sr_t, 1); 1585 } 1586 tcg_gen_br(done); 1587 1588 gen_set_label(fail); 1589 tcg_gen_movi_i32(cpu_sr_t, 0); 1590 1591 gen_set_label(done); 1592 tcg_gen_movi_i32(cpu_lock_addr, -1); 1593 } 1594 return; 1595 case 0x0063: 1596 /* MOVLI.L @Rm,R0 1597 * 1 -> LDST 1598 * (Rm) -> R0 1599 * When interrupt/exception 1600 * occurred 0 -> LDST 1601 * 1602 * In a parallel context, we must also save the loaded value 1603 * for use with the cmpxchg that we'll use with movco.l. */ 1604 CHECK_SH4A 1605 if ((tb_cflags(ctx->base.tb) & CF_PARALLEL)) { 1606 TCGv tmp = tcg_temp_new(); 1607 tcg_gen_mov_i32(tmp, REG(B11_8)); 1608 tcg_gen_qemu_ld_i32(REG(0), REG(B11_8), ctx->memidx, MO_TESL); 1609 tcg_gen_mov_i32(cpu_lock_value, REG(0)); 1610 tcg_gen_mov_i32(cpu_lock_addr, tmp); 1611 tcg_temp_free(tmp); 1612 } else { 1613 tcg_gen_qemu_ld_i32(REG(0), REG(B11_8), ctx->memidx, MO_TESL); 1614 tcg_gen_movi_i32(cpu_lock_addr, 0); 1615 } 1616 return; 1617 case 0x0093: /* ocbi @Rn */ 1618 { 1619 gen_helper_ocbi(cpu_env, REG(B11_8)); 1620 } 1621 return; 1622 case 0x00a3: /* ocbp @Rn */ 1623 case 0x00b3: /* ocbwb @Rn */ 1624 /* These instructions are supposed to do nothing in case of 1625 a cache miss. Given that we only partially emulate caches 1626 it is safe to simply ignore them. */ 1627 return; 1628 case 0x0083: /* pref @Rn */ 1629 return; 1630 case 0x00d3: /* prefi @Rn */ 1631 CHECK_SH4A 1632 return; 1633 case 0x00e3: /* icbi @Rn */ 1634 CHECK_SH4A 1635 return; 1636 case 0x00ab: /* synco */ 1637 CHECK_SH4A 1638 tcg_gen_mb(TCG_MO_ALL | TCG_BAR_SC); 1639 return; 1640 break; 1641 case 0x4024: /* rotcl Rn */ 1642 { 1643 TCGv tmp = tcg_temp_new(); 1644 tcg_gen_mov_i32(tmp, cpu_sr_t); 1645 tcg_gen_shri_i32(cpu_sr_t, REG(B11_8), 31); 1646 tcg_gen_shli_i32(REG(B11_8), REG(B11_8), 1); 1647 tcg_gen_or_i32(REG(B11_8), REG(B11_8), tmp); 1648 tcg_temp_free(tmp); 1649 } 1650 return; 1651 case 0x4025: /* rotcr Rn */ 1652 { 1653 TCGv tmp = tcg_temp_new(); 1654 tcg_gen_shli_i32(tmp, cpu_sr_t, 31); 1655 tcg_gen_andi_i32(cpu_sr_t, REG(B11_8), 1); 1656 tcg_gen_shri_i32(REG(B11_8), REG(B11_8), 1); 1657 tcg_gen_or_i32(REG(B11_8), REG(B11_8), tmp); 1658 tcg_temp_free(tmp); 1659 } 1660 return; 1661 case 0x4004: /* rotl Rn */ 1662 tcg_gen_rotli_i32(REG(B11_8), REG(B11_8), 1); 1663 tcg_gen_andi_i32(cpu_sr_t, REG(B11_8), 0); 1664 return; 1665 case 0x4005: /* rotr Rn */ 1666 tcg_gen_andi_i32(cpu_sr_t, REG(B11_8), 0); 1667 tcg_gen_rotri_i32(REG(B11_8), REG(B11_8), 1); 1668 return; 1669 case 0x4000: /* shll Rn */ 1670 case 0x4020: /* shal Rn */ 1671 tcg_gen_shri_i32(cpu_sr_t, REG(B11_8), 31); 1672 tcg_gen_shli_i32(REG(B11_8), REG(B11_8), 1); 1673 return; 1674 case 0x4021: /* shar Rn */ 1675 tcg_gen_andi_i32(cpu_sr_t, REG(B11_8), 1); 1676 tcg_gen_sari_i32(REG(B11_8), REG(B11_8), 1); 1677 return; 1678 case 0x4001: /* shlr Rn */ 1679 tcg_gen_andi_i32(cpu_sr_t, REG(B11_8), 1); 1680 tcg_gen_shri_i32(REG(B11_8), REG(B11_8), 1); 1681 return; 1682 case 0x4008: /* shll2 Rn */ 1683 tcg_gen_shli_i32(REG(B11_8), REG(B11_8), 2); 1684 return; 1685 case 0x4018: /* shll8 Rn */ 1686 tcg_gen_shli_i32(REG(B11_8), REG(B11_8), 8); 1687 return; 1688 case 0x4028: /* shll16 Rn */ 1689 tcg_gen_shli_i32(REG(B11_8), REG(B11_8), 16); 1690 return; 1691 case 0x4009: /* shlr2 Rn */ 1692 tcg_gen_shri_i32(REG(B11_8), REG(B11_8), 2); 1693 return; 1694 case 0x4019: /* shlr8 Rn */ 1695 tcg_gen_shri_i32(REG(B11_8), REG(B11_8), 8); 1696 return; 1697 case 0x4029: /* shlr16 Rn */ 1698 tcg_gen_shri_i32(REG(B11_8), REG(B11_8), 16); 1699 return; 1700 case 0x401b: /* tas.b @Rn */ 1701 { 1702 TCGv val = tcg_const_i32(0x80); 1703 tcg_gen_atomic_fetch_or_i32(val, REG(B11_8), val, 1704 ctx->memidx, MO_UB); 1705 tcg_gen_setcondi_i32(TCG_COND_EQ, cpu_sr_t, val, 0); 1706 tcg_temp_free(val); 1707 } 1708 return; 1709 case 0xf00d: /* fsts FPUL,FRn - FPSCR: Nothing */ 1710 CHECK_FPU_ENABLED 1711 tcg_gen_mov_i32(FREG(B11_8), cpu_fpul); 1712 return; 1713 case 0xf01d: /* flds FRm,FPUL - FPSCR: Nothing */ 1714 CHECK_FPU_ENABLED 1715 tcg_gen_mov_i32(cpu_fpul, FREG(B11_8)); 1716 return; 1717 case 0xf02d: /* float FPUL,FRn/DRn - FPSCR: R[PR,Enable.I]/W[Cause,Flag] */ 1718 CHECK_FPU_ENABLED 1719 if (ctx->tbflags & FPSCR_PR) { 1720 TCGv_i64 fp; 1721 if (ctx->opcode & 0x0100) { 1722 goto do_illegal; 1723 } 1724 fp = tcg_temp_new_i64(); 1725 gen_helper_float_DT(fp, cpu_env, cpu_fpul); 1726 gen_store_fpr64(ctx, fp, B11_8); 1727 tcg_temp_free_i64(fp); 1728 } 1729 else { 1730 gen_helper_float_FT(FREG(B11_8), cpu_env, cpu_fpul); 1731 } 1732 return; 1733 case 0xf03d: /* ftrc FRm/DRm,FPUL - FPSCR: R[PR,Enable.V]/W[Cause,Flag] */ 1734 CHECK_FPU_ENABLED 1735 if (ctx->tbflags & FPSCR_PR) { 1736 TCGv_i64 fp; 1737 if (ctx->opcode & 0x0100) { 1738 goto do_illegal; 1739 } 1740 fp = tcg_temp_new_i64(); 1741 gen_load_fpr64(ctx, fp, B11_8); 1742 gen_helper_ftrc_DT(cpu_fpul, cpu_env, fp); 1743 tcg_temp_free_i64(fp); 1744 } 1745 else { 1746 gen_helper_ftrc_FT(cpu_fpul, cpu_env, FREG(B11_8)); 1747 } 1748 return; 1749 case 0xf04d: /* fneg FRn/DRn - FPSCR: Nothing */ 1750 CHECK_FPU_ENABLED 1751 tcg_gen_xori_i32(FREG(B11_8), FREG(B11_8), 0x80000000); 1752 return; 1753 case 0xf05d: /* fabs FRn/DRn - FPCSR: Nothing */ 1754 CHECK_FPU_ENABLED 1755 tcg_gen_andi_i32(FREG(B11_8), FREG(B11_8), 0x7fffffff); 1756 return; 1757 case 0xf06d: /* fsqrt FRn */ 1758 CHECK_FPU_ENABLED 1759 if (ctx->tbflags & FPSCR_PR) { 1760 if (ctx->opcode & 0x0100) { 1761 goto do_illegal; 1762 } 1763 TCGv_i64 fp = tcg_temp_new_i64(); 1764 gen_load_fpr64(ctx, fp, B11_8); 1765 gen_helper_fsqrt_DT(fp, cpu_env, fp); 1766 gen_store_fpr64(ctx, fp, B11_8); 1767 tcg_temp_free_i64(fp); 1768 } else { 1769 gen_helper_fsqrt_FT(FREG(B11_8), cpu_env, FREG(B11_8)); 1770 } 1771 return; 1772 case 0xf07d: /* fsrra FRn */ 1773 CHECK_FPU_ENABLED 1774 CHECK_FPSCR_PR_0 1775 gen_helper_fsrra_FT(FREG(B11_8), cpu_env, FREG(B11_8)); 1776 break; 1777 case 0xf08d: /* fldi0 FRn - FPSCR: R[PR] */ 1778 CHECK_FPU_ENABLED 1779 CHECK_FPSCR_PR_0 1780 tcg_gen_movi_i32(FREG(B11_8), 0); 1781 return; 1782 case 0xf09d: /* fldi1 FRn - FPSCR: R[PR] */ 1783 CHECK_FPU_ENABLED 1784 CHECK_FPSCR_PR_0 1785 tcg_gen_movi_i32(FREG(B11_8), 0x3f800000); 1786 return; 1787 case 0xf0ad: /* fcnvsd FPUL,DRn */ 1788 CHECK_FPU_ENABLED 1789 { 1790 TCGv_i64 fp = tcg_temp_new_i64(); 1791 gen_helper_fcnvsd_FT_DT(fp, cpu_env, cpu_fpul); 1792 gen_store_fpr64(ctx, fp, B11_8); 1793 tcg_temp_free_i64(fp); 1794 } 1795 return; 1796 case 0xf0bd: /* fcnvds DRn,FPUL */ 1797 CHECK_FPU_ENABLED 1798 { 1799 TCGv_i64 fp = tcg_temp_new_i64(); 1800 gen_load_fpr64(ctx, fp, B11_8); 1801 gen_helper_fcnvds_DT_FT(cpu_fpul, cpu_env, fp); 1802 tcg_temp_free_i64(fp); 1803 } 1804 return; 1805 case 0xf0ed: /* fipr FVm,FVn */ 1806 CHECK_FPU_ENABLED 1807 CHECK_FPSCR_PR_1 1808 { 1809 TCGv m = tcg_const_i32((ctx->opcode >> 8) & 3); 1810 TCGv n = tcg_const_i32((ctx->opcode >> 10) & 3); 1811 gen_helper_fipr(cpu_env, m, n); 1812 tcg_temp_free(m); 1813 tcg_temp_free(n); 1814 return; 1815 } 1816 break; 1817 case 0xf0fd: /* ftrv XMTRX,FVn */ 1818 CHECK_FPU_ENABLED 1819 CHECK_FPSCR_PR_1 1820 { 1821 if ((ctx->opcode & 0x0300) != 0x0100) { 1822 goto do_illegal; 1823 } 1824 TCGv n = tcg_const_i32((ctx->opcode >> 10) & 3); 1825 gen_helper_ftrv(cpu_env, n); 1826 tcg_temp_free(n); 1827 return; 1828 } 1829 break; 1830 } 1831 #if 0 1832 fprintf(stderr, "unknown instruction 0x%04x at pc 0x%08x\n", 1833 ctx->opcode, ctx->base.pc_next); 1834 fflush(stderr); 1835 #endif 1836 do_illegal: 1837 if (ctx->envflags & DELAY_SLOT_MASK) { 1838 do_illegal_slot: 1839 gen_save_cpu_state(ctx, true); 1840 gen_helper_raise_slot_illegal_instruction(cpu_env); 1841 } else { 1842 gen_save_cpu_state(ctx, true); 1843 gen_helper_raise_illegal_instruction(cpu_env); 1844 } 1845 ctx->base.is_jmp = DISAS_NORETURN; 1846 return; 1847 1848 do_fpu_disabled: 1849 gen_save_cpu_state(ctx, true); 1850 if (ctx->envflags & DELAY_SLOT_MASK) { 1851 gen_helper_raise_slot_fpu_disable(cpu_env); 1852 } else { 1853 gen_helper_raise_fpu_disable(cpu_env); 1854 } 1855 ctx->base.is_jmp = DISAS_NORETURN; 1856 return; 1857 } 1858 1859 static void decode_opc(DisasContext * ctx) 1860 { 1861 uint32_t old_flags = ctx->envflags; 1862 1863 _decode_opc(ctx); 1864 1865 if (old_flags & DELAY_SLOT_MASK) { 1866 /* go out of the delay slot */ 1867 ctx->envflags &= ~DELAY_SLOT_MASK; 1868 1869 /* When in an exclusive region, we must continue to the end 1870 for conditional branches. */ 1871 if (ctx->tbflags & GUSA_EXCLUSIVE 1872 && old_flags & DELAY_SLOT_CONDITIONAL) { 1873 gen_delayed_conditional_jump(ctx); 1874 return; 1875 } 1876 /* Otherwise this is probably an invalid gUSA region. 1877 Drop the GUSA bits so the next TB doesn't see them. */ 1878 ctx->envflags &= ~GUSA_MASK; 1879 1880 tcg_gen_movi_i32(cpu_flags, ctx->envflags); 1881 if (old_flags & DELAY_SLOT_CONDITIONAL) { 1882 gen_delayed_conditional_jump(ctx); 1883 } else { 1884 gen_jump(ctx); 1885 } 1886 } 1887 } 1888 1889 #ifdef CONFIG_USER_ONLY 1890 /* For uniprocessors, SH4 uses optimistic restartable atomic sequences. 1891 Upon an interrupt, a real kernel would simply notice magic values in 1892 the registers and reset the PC to the start of the sequence. 1893 1894 For QEMU, we cannot do this in quite the same way. Instead, we notice 1895 the normal start of such a sequence (mov #-x,r15). While we can handle 1896 any sequence via cpu_exec_step_atomic, we can recognize the "normal" 1897 sequences and transform them into atomic operations as seen by the host. 1898 */ 1899 static void decode_gusa(DisasContext *ctx, CPUSH4State *env) 1900 { 1901 uint16_t insns[5]; 1902 int ld_adr, ld_dst, ld_mop; 1903 int op_dst, op_src, op_opc; 1904 int mv_src, mt_dst, st_src, st_mop; 1905 TCGv op_arg; 1906 uint32_t pc = ctx->base.pc_next; 1907 uint32_t pc_end = ctx->base.tb->cs_base; 1908 int max_insns = (pc_end - pc) / 2; 1909 int i; 1910 1911 /* The state machine below will consume only a few insns. 1912 If there are more than that in a region, fail now. */ 1913 if (max_insns > ARRAY_SIZE(insns)) { 1914 goto fail; 1915 } 1916 1917 /* Read all of the insns for the region. */ 1918 for (i = 0; i < max_insns; ++i) { 1919 insns[i] = cpu_lduw_code(env, pc + i * 2); 1920 } 1921 1922 ld_adr = ld_dst = ld_mop = -1; 1923 mv_src = -1; 1924 op_dst = op_src = op_opc = -1; 1925 mt_dst = -1; 1926 st_src = st_mop = -1; 1927 op_arg = NULL; 1928 i = 0; 1929 1930 #define NEXT_INSN \ 1931 do { if (i >= max_insns) goto fail; ctx->opcode = insns[i++]; } while (0) 1932 1933 /* 1934 * Expect a load to begin the region. 1935 */ 1936 NEXT_INSN; 1937 switch (ctx->opcode & 0xf00f) { 1938 case 0x6000: /* mov.b @Rm,Rn */ 1939 ld_mop = MO_SB; 1940 break; 1941 case 0x6001: /* mov.w @Rm,Rn */ 1942 ld_mop = MO_TESW; 1943 break; 1944 case 0x6002: /* mov.l @Rm,Rn */ 1945 ld_mop = MO_TESL; 1946 break; 1947 default: 1948 goto fail; 1949 } 1950 ld_adr = B7_4; 1951 ld_dst = B11_8; 1952 if (ld_adr == ld_dst) { 1953 goto fail; 1954 } 1955 /* Unless we see a mov, any two-operand operation must use ld_dst. */ 1956 op_dst = ld_dst; 1957 1958 /* 1959 * Expect an optional register move. 1960 */ 1961 NEXT_INSN; 1962 switch (ctx->opcode & 0xf00f) { 1963 case 0x6003: /* mov Rm,Rn */ 1964 /* Here we want to recognize ld_dst being saved for later consumtion, 1965 or for another input register being copied so that ld_dst need not 1966 be clobbered during the operation. */ 1967 op_dst = B11_8; 1968 mv_src = B7_4; 1969 if (op_dst == ld_dst) { 1970 /* Overwriting the load output. */ 1971 goto fail; 1972 } 1973 if (mv_src != ld_dst) { 1974 /* Copying a new input; constrain op_src to match the load. */ 1975 op_src = ld_dst; 1976 } 1977 break; 1978 1979 default: 1980 /* Put back and re-examine as operation. */ 1981 --i; 1982 } 1983 1984 /* 1985 * Expect the operation. 1986 */ 1987 NEXT_INSN; 1988 switch (ctx->opcode & 0xf00f) { 1989 case 0x300c: /* add Rm,Rn */ 1990 op_opc = INDEX_op_add_i32; 1991 goto do_reg_op; 1992 case 0x2009: /* and Rm,Rn */ 1993 op_opc = INDEX_op_and_i32; 1994 goto do_reg_op; 1995 case 0x200a: /* xor Rm,Rn */ 1996 op_opc = INDEX_op_xor_i32; 1997 goto do_reg_op; 1998 case 0x200b: /* or Rm,Rn */ 1999 op_opc = INDEX_op_or_i32; 2000 do_reg_op: 2001 /* The operation register should be as expected, and the 2002 other input cannot depend on the load. */ 2003 if (op_dst != B11_8) { 2004 goto fail; 2005 } 2006 if (op_src < 0) { 2007 /* Unconstrainted input. */ 2008 op_src = B7_4; 2009 } else if (op_src == B7_4) { 2010 /* Constrained input matched load. All operations are 2011 commutative; "swap" them by "moving" the load output 2012 to the (implicit) first argument and the move source 2013 to the (explicit) second argument. */ 2014 op_src = mv_src; 2015 } else { 2016 goto fail; 2017 } 2018 op_arg = REG(op_src); 2019 break; 2020 2021 case 0x6007: /* not Rm,Rn */ 2022 if (ld_dst != B7_4 || mv_src >= 0) { 2023 goto fail; 2024 } 2025 op_dst = B11_8; 2026 op_opc = INDEX_op_xor_i32; 2027 op_arg = tcg_const_i32(-1); 2028 break; 2029 2030 case 0x7000 ... 0x700f: /* add #imm,Rn */ 2031 if (op_dst != B11_8 || mv_src >= 0) { 2032 goto fail; 2033 } 2034 op_opc = INDEX_op_add_i32; 2035 op_arg = tcg_const_i32(B7_0s); 2036 break; 2037 2038 case 0x3000: /* cmp/eq Rm,Rn */ 2039 /* Looking for the middle of a compare-and-swap sequence, 2040 beginning with the compare. Operands can be either order, 2041 but with only one overlapping the load. */ 2042 if ((ld_dst == B11_8) + (ld_dst == B7_4) != 1 || mv_src >= 0) { 2043 goto fail; 2044 } 2045 op_opc = INDEX_op_setcond_i32; /* placeholder */ 2046 op_src = (ld_dst == B11_8 ? B7_4 : B11_8); 2047 op_arg = REG(op_src); 2048 2049 NEXT_INSN; 2050 switch (ctx->opcode & 0xff00) { 2051 case 0x8b00: /* bf label */ 2052 case 0x8f00: /* bf/s label */ 2053 if (pc + (i + 1 + B7_0s) * 2 != pc_end) { 2054 goto fail; 2055 } 2056 if ((ctx->opcode & 0xff00) == 0x8b00) { /* bf label */ 2057 break; 2058 } 2059 /* We're looking to unconditionally modify Rn with the 2060 result of the comparison, within the delay slot of 2061 the branch. This is used by older gcc. */ 2062 NEXT_INSN; 2063 if ((ctx->opcode & 0xf0ff) == 0x0029) { /* movt Rn */ 2064 mt_dst = B11_8; 2065 } else { 2066 goto fail; 2067 } 2068 break; 2069 2070 default: 2071 goto fail; 2072 } 2073 break; 2074 2075 case 0x2008: /* tst Rm,Rn */ 2076 /* Looking for a compare-and-swap against zero. */ 2077 if (ld_dst != B11_8 || ld_dst != B7_4 || mv_src >= 0) { 2078 goto fail; 2079 } 2080 op_opc = INDEX_op_setcond_i32; 2081 op_arg = tcg_const_i32(0); 2082 2083 NEXT_INSN; 2084 if ((ctx->opcode & 0xff00) != 0x8900 /* bt label */ 2085 || pc + (i + 1 + B7_0s) * 2 != pc_end) { 2086 goto fail; 2087 } 2088 break; 2089 2090 default: 2091 /* Put back and re-examine as store. */ 2092 --i; 2093 } 2094 2095 /* 2096 * Expect the store. 2097 */ 2098 /* The store must be the last insn. */ 2099 if (i != max_insns - 1) { 2100 goto fail; 2101 } 2102 NEXT_INSN; 2103 switch (ctx->opcode & 0xf00f) { 2104 case 0x2000: /* mov.b Rm,@Rn */ 2105 st_mop = MO_UB; 2106 break; 2107 case 0x2001: /* mov.w Rm,@Rn */ 2108 st_mop = MO_UW; 2109 break; 2110 case 0x2002: /* mov.l Rm,@Rn */ 2111 st_mop = MO_UL; 2112 break; 2113 default: 2114 goto fail; 2115 } 2116 /* The store must match the load. */ 2117 if (ld_adr != B11_8 || st_mop != (ld_mop & MO_SIZE)) { 2118 goto fail; 2119 } 2120 st_src = B7_4; 2121 2122 #undef NEXT_INSN 2123 2124 /* 2125 * Emit the operation. 2126 */ 2127 switch (op_opc) { 2128 case -1: 2129 /* No operation found. Look for exchange pattern. */ 2130 if (st_src == ld_dst || mv_src >= 0) { 2131 goto fail; 2132 } 2133 tcg_gen_atomic_xchg_i32(REG(ld_dst), REG(ld_adr), REG(st_src), 2134 ctx->memidx, ld_mop); 2135 break; 2136 2137 case INDEX_op_add_i32: 2138 if (op_dst != st_src) { 2139 goto fail; 2140 } 2141 if (op_dst == ld_dst && st_mop == MO_UL) { 2142 tcg_gen_atomic_add_fetch_i32(REG(ld_dst), REG(ld_adr), 2143 op_arg, ctx->memidx, ld_mop); 2144 } else { 2145 tcg_gen_atomic_fetch_add_i32(REG(ld_dst), REG(ld_adr), 2146 op_arg, ctx->memidx, ld_mop); 2147 if (op_dst != ld_dst) { 2148 /* Note that mop sizes < 4 cannot use add_fetch 2149 because it won't carry into the higher bits. */ 2150 tcg_gen_add_i32(REG(op_dst), REG(ld_dst), op_arg); 2151 } 2152 } 2153 break; 2154 2155 case INDEX_op_and_i32: 2156 if (op_dst != st_src) { 2157 goto fail; 2158 } 2159 if (op_dst == ld_dst) { 2160 tcg_gen_atomic_and_fetch_i32(REG(ld_dst), REG(ld_adr), 2161 op_arg, ctx->memidx, ld_mop); 2162 } else { 2163 tcg_gen_atomic_fetch_and_i32(REG(ld_dst), REG(ld_adr), 2164 op_arg, ctx->memidx, ld_mop); 2165 tcg_gen_and_i32(REG(op_dst), REG(ld_dst), op_arg); 2166 } 2167 break; 2168 2169 case INDEX_op_or_i32: 2170 if (op_dst != st_src) { 2171 goto fail; 2172 } 2173 if (op_dst == ld_dst) { 2174 tcg_gen_atomic_or_fetch_i32(REG(ld_dst), REG(ld_adr), 2175 op_arg, ctx->memidx, ld_mop); 2176 } else { 2177 tcg_gen_atomic_fetch_or_i32(REG(ld_dst), REG(ld_adr), 2178 op_arg, ctx->memidx, ld_mop); 2179 tcg_gen_or_i32(REG(op_dst), REG(ld_dst), op_arg); 2180 } 2181 break; 2182 2183 case INDEX_op_xor_i32: 2184 if (op_dst != st_src) { 2185 goto fail; 2186 } 2187 if (op_dst == ld_dst) { 2188 tcg_gen_atomic_xor_fetch_i32(REG(ld_dst), REG(ld_adr), 2189 op_arg, ctx->memidx, ld_mop); 2190 } else { 2191 tcg_gen_atomic_fetch_xor_i32(REG(ld_dst), REG(ld_adr), 2192 op_arg, ctx->memidx, ld_mop); 2193 tcg_gen_xor_i32(REG(op_dst), REG(ld_dst), op_arg); 2194 } 2195 break; 2196 2197 case INDEX_op_setcond_i32: 2198 if (st_src == ld_dst) { 2199 goto fail; 2200 } 2201 tcg_gen_atomic_cmpxchg_i32(REG(ld_dst), REG(ld_adr), op_arg, 2202 REG(st_src), ctx->memidx, ld_mop); 2203 tcg_gen_setcond_i32(TCG_COND_EQ, cpu_sr_t, REG(ld_dst), op_arg); 2204 if (mt_dst >= 0) { 2205 tcg_gen_mov_i32(REG(mt_dst), cpu_sr_t); 2206 } 2207 break; 2208 2209 default: 2210 g_assert_not_reached(); 2211 } 2212 2213 /* If op_src is not a valid register, then op_arg was a constant. */ 2214 if (op_src < 0 && op_arg) { 2215 tcg_temp_free_i32(op_arg); 2216 } 2217 2218 /* The entire region has been translated. */ 2219 ctx->envflags &= ~GUSA_MASK; 2220 ctx->base.pc_next = pc_end; 2221 ctx->base.num_insns += max_insns - 1; 2222 return; 2223 2224 fail: 2225 qemu_log_mask(LOG_UNIMP, "Unrecognized gUSA sequence %08x-%08x\n", 2226 pc, pc_end); 2227 2228 /* Restart with the EXCLUSIVE bit set, within a TB run via 2229 cpu_exec_step_atomic holding the exclusive lock. */ 2230 ctx->envflags |= GUSA_EXCLUSIVE; 2231 gen_save_cpu_state(ctx, false); 2232 gen_helper_exclusive(cpu_env); 2233 ctx->base.is_jmp = DISAS_NORETURN; 2234 2235 /* We're not executing an instruction, but we must report one for the 2236 purposes of accounting within the TB. We might as well report the 2237 entire region consumed via ctx->base.pc_next so that it's immediately 2238 available in the disassembly dump. */ 2239 ctx->base.pc_next = pc_end; 2240 ctx->base.num_insns += max_insns - 1; 2241 } 2242 #endif 2243 2244 static void sh4_tr_init_disas_context(DisasContextBase *dcbase, CPUState *cs) 2245 { 2246 DisasContext *ctx = container_of(dcbase, DisasContext, base); 2247 CPUSH4State *env = cs->env_ptr; 2248 uint32_t tbflags; 2249 int bound; 2250 2251 ctx->tbflags = tbflags = ctx->base.tb->flags; 2252 ctx->envflags = tbflags & TB_FLAG_ENVFLAGS_MASK; 2253 ctx->memidx = (tbflags & (1u << SR_MD)) == 0 ? 1 : 0; 2254 /* We don't know if the delayed pc came from a dynamic or static branch, 2255 so assume it is a dynamic branch. */ 2256 ctx->delayed_pc = -1; /* use delayed pc from env pointer */ 2257 ctx->features = env->features; 2258 ctx->has_movcal = (tbflags & TB_FLAG_PENDING_MOVCA); 2259 ctx->gbank = ((tbflags & (1 << SR_MD)) && 2260 (tbflags & (1 << SR_RB))) * 0x10; 2261 ctx->fbank = tbflags & FPSCR_FR ? 0x10 : 0; 2262 2263 if (tbflags & GUSA_MASK) { 2264 uint32_t pc = ctx->base.pc_next; 2265 uint32_t pc_end = ctx->base.tb->cs_base; 2266 int backup = sextract32(ctx->tbflags, GUSA_SHIFT, 8); 2267 int max_insns = (pc_end - pc) / 2; 2268 2269 if (pc != pc_end + backup || max_insns < 2) { 2270 /* This is a malformed gUSA region. Don't do anything special, 2271 since the interpreter is likely to get confused. */ 2272 ctx->envflags &= ~GUSA_MASK; 2273 } else if (tbflags & GUSA_EXCLUSIVE) { 2274 /* Regardless of single-stepping or the end of the page, 2275 we must complete execution of the gUSA region while 2276 holding the exclusive lock. */ 2277 ctx->base.max_insns = max_insns; 2278 return; 2279 } 2280 } 2281 2282 /* Since the ISA is fixed-width, we can bound by the number 2283 of instructions remaining on the page. */ 2284 bound = -(ctx->base.pc_next | TARGET_PAGE_MASK) / 2; 2285 ctx->base.max_insns = MIN(ctx->base.max_insns, bound); 2286 } 2287 2288 static void sh4_tr_tb_start(DisasContextBase *dcbase, CPUState *cs) 2289 { 2290 } 2291 2292 static void sh4_tr_insn_start(DisasContextBase *dcbase, CPUState *cs) 2293 { 2294 DisasContext *ctx = container_of(dcbase, DisasContext, base); 2295 2296 tcg_gen_insn_start(ctx->base.pc_next, ctx->envflags); 2297 } 2298 2299 static bool sh4_tr_breakpoint_check(DisasContextBase *dcbase, CPUState *cs, 2300 const CPUBreakpoint *bp) 2301 { 2302 DisasContext *ctx = container_of(dcbase, DisasContext, base); 2303 2304 /* We have hit a breakpoint - make sure PC is up-to-date */ 2305 gen_save_cpu_state(ctx, true); 2306 gen_helper_debug(cpu_env); 2307 ctx->base.is_jmp = DISAS_NORETURN; 2308 /* The address covered by the breakpoint must be included in 2309 [tb->pc, tb->pc + tb->size) in order to for it to be 2310 properly cleared -- thus we increment the PC here so that 2311 the logic setting tb->size below does the right thing. */ 2312 ctx->base.pc_next += 2; 2313 return true; 2314 } 2315 2316 static void sh4_tr_translate_insn(DisasContextBase *dcbase, CPUState *cs) 2317 { 2318 CPUSH4State *env = cs->env_ptr; 2319 DisasContext *ctx = container_of(dcbase, DisasContext, base); 2320 2321 #ifdef CONFIG_USER_ONLY 2322 if (unlikely(ctx->envflags & GUSA_MASK) 2323 && !(ctx->envflags & GUSA_EXCLUSIVE)) { 2324 /* We're in an gUSA region, and we have not already fallen 2325 back on using an exclusive region. Attempt to parse the 2326 region into a single supported atomic operation. Failure 2327 is handled within the parser by raising an exception to 2328 retry using an exclusive region. */ 2329 decode_gusa(ctx, env); 2330 return; 2331 } 2332 #endif 2333 2334 ctx->opcode = cpu_lduw_code(env, ctx->base.pc_next); 2335 decode_opc(ctx); 2336 ctx->base.pc_next += 2; 2337 } 2338 2339 static void sh4_tr_tb_stop(DisasContextBase *dcbase, CPUState *cs) 2340 { 2341 DisasContext *ctx = container_of(dcbase, DisasContext, base); 2342 2343 if (ctx->tbflags & GUSA_EXCLUSIVE) { 2344 /* Ending the region of exclusivity. Clear the bits. */ 2345 ctx->envflags &= ~GUSA_MASK; 2346 } 2347 2348 switch (ctx->base.is_jmp) { 2349 case DISAS_STOP: 2350 gen_save_cpu_state(ctx, true); 2351 if (ctx->base.singlestep_enabled) { 2352 gen_helper_debug(cpu_env); 2353 } else { 2354 tcg_gen_exit_tb(NULL, 0); 2355 } 2356 break; 2357 case DISAS_NEXT: 2358 case DISAS_TOO_MANY: 2359 gen_save_cpu_state(ctx, false); 2360 gen_goto_tb(ctx, 0, ctx->base.pc_next); 2361 break; 2362 case DISAS_NORETURN: 2363 break; 2364 default: 2365 g_assert_not_reached(); 2366 } 2367 } 2368 2369 static void sh4_tr_disas_log(const DisasContextBase *dcbase, CPUState *cs) 2370 { 2371 qemu_log("IN:\n"); /* , lookup_symbol(dcbase->pc_first)); */ 2372 log_target_disas(cs, dcbase->pc_first, dcbase->tb->size); 2373 } 2374 2375 static const TranslatorOps sh4_tr_ops = { 2376 .init_disas_context = sh4_tr_init_disas_context, 2377 .tb_start = sh4_tr_tb_start, 2378 .insn_start = sh4_tr_insn_start, 2379 .breakpoint_check = sh4_tr_breakpoint_check, 2380 .translate_insn = sh4_tr_translate_insn, 2381 .tb_stop = sh4_tr_tb_stop, 2382 .disas_log = sh4_tr_disas_log, 2383 }; 2384 2385 void gen_intermediate_code(CPUState *cs, TranslationBlock *tb) 2386 { 2387 DisasContext ctx; 2388 2389 translator_loop(&sh4_tr_ops, &ctx.base, cs, tb); 2390 } 2391 2392 void restore_state_to_opc(CPUSH4State *env, TranslationBlock *tb, 2393 target_ulong *data) 2394 { 2395 env->pc = data[0]; 2396 env->flags = data[1]; 2397 /* Theoretically delayed_pc should also be restored. In practice the 2398 branch instruction is re-executed after exception, so the delayed 2399 branch target will be recomputed. */ 2400 } 2401