xref: /openbmc/qemu/target/xtensa/translate.c (revision 1c2adb95)
1 /*
2  * Xtensa ISA:
3  * http://www.tensilica.com/products/literature-docs/documentation/xtensa-isa-databook.htm
4  *
5  * Copyright (c) 2011, Max Filippov, Open Source and Linux Lab.
6  * All rights reserved.
7  *
8  * Redistribution and use in source and binary forms, with or without
9  * modification, are permitted provided that the following conditions are met:
10  *     * Redistributions of source code must retain the above copyright
11  *       notice, this list of conditions and the following disclaimer.
12  *     * Redistributions in binary form must reproduce the above copyright
13  *       notice, this list of conditions and the following disclaimer in the
14  *       documentation and/or other materials provided with the distribution.
15  *     * Neither the name of the Open Source and Linux Lab nor the
16  *       names of its contributors may be used to endorse or promote products
17  *       derived from this software without specific prior written permission.
18  *
19  * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
20  * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
21  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
22  * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
23  * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
24  * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
25  * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
26  * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
27  * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
28  * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
29  */
30 
31 #include "qemu/osdep.h"
32 
33 #include "cpu.h"
34 #include "exec/exec-all.h"
35 #include "disas/disas.h"
36 #include "tcg-op.h"
37 #include "qemu/log.h"
38 #include "sysemu/sysemu.h"
39 #include "exec/cpu_ldst.h"
40 #include "exec/semihost.h"
41 #include "exec/translator.h"
42 
43 #include "exec/helper-proto.h"
44 #include "exec/helper-gen.h"
45 
46 #include "trace-tcg.h"
47 #include "exec/log.h"
48 
49 
50 /* is_jmp field values */
51 #define DISAS_UPDATE  DISAS_TARGET_0 /* cpu state was modified dynamically */
52 
53 typedef struct DisasContext {
54     const XtensaConfig *config;
55     TranslationBlock *tb;
56     uint32_t pc;
57     uint32_t next_pc;
58     int cring;
59     int ring;
60     uint32_t lbeg;
61     uint32_t lend;
62     TCGv_i32 litbase;
63     int is_jmp;
64     int singlestep_enabled;
65 
66     bool sar_5bit;
67     bool sar_m32_5bit;
68     bool sar_m32_allocated;
69     TCGv_i32 sar_m32;
70 
71     unsigned window;
72 
73     bool debug;
74     bool icount;
75     TCGv_i32 next_icount;
76 
77     unsigned cpenable;
78 } DisasContext;
79 
80 static TCGv_i32 cpu_pc;
81 static TCGv_i32 cpu_R[16];
82 static TCGv_i32 cpu_FR[16];
83 static TCGv_i32 cpu_SR[256];
84 static TCGv_i32 cpu_UR[256];
85 
86 #include "exec/gen-icount.h"
87 
88 typedef struct XtensaReg {
89     const char *name;
90     uint64_t opt_bits;
91     enum {
92         SR_R = 1,
93         SR_W = 2,
94         SR_X = 4,
95         SR_RW = 3,
96         SR_RWX = 7,
97     } access;
98 } XtensaReg;
99 
100 #define XTENSA_REG_ACCESS(regname, opt, acc) { \
101         .name = (regname), \
102         .opt_bits = XTENSA_OPTION_BIT(opt), \
103         .access = (acc), \
104     }
105 
106 #define XTENSA_REG(regname, opt) XTENSA_REG_ACCESS(regname, opt, SR_RWX)
107 
108 #define XTENSA_REG_BITS_ACCESS(regname, opt, acc) { \
109         .name = (regname), \
110         .opt_bits = (opt), \
111         .access = (acc), \
112     }
113 
114 #define XTENSA_REG_BITS(regname, opt) \
115     XTENSA_REG_BITS_ACCESS(regname, opt, SR_RWX)
116 
117 static const XtensaReg sregnames[256] = {
118     [LBEG] = XTENSA_REG("LBEG", XTENSA_OPTION_LOOP),
119     [LEND] = XTENSA_REG("LEND", XTENSA_OPTION_LOOP),
120     [LCOUNT] = XTENSA_REG("LCOUNT", XTENSA_OPTION_LOOP),
121     [SAR] = XTENSA_REG_BITS("SAR", XTENSA_OPTION_ALL),
122     [BR] = XTENSA_REG("BR", XTENSA_OPTION_BOOLEAN),
123     [LITBASE] = XTENSA_REG("LITBASE", XTENSA_OPTION_EXTENDED_L32R),
124     [SCOMPARE1] = XTENSA_REG("SCOMPARE1", XTENSA_OPTION_CONDITIONAL_STORE),
125     [ACCLO] = XTENSA_REG("ACCLO", XTENSA_OPTION_MAC16),
126     [ACCHI] = XTENSA_REG("ACCHI", XTENSA_OPTION_MAC16),
127     [MR] = XTENSA_REG("MR0", XTENSA_OPTION_MAC16),
128     [MR + 1] = XTENSA_REG("MR1", XTENSA_OPTION_MAC16),
129     [MR + 2] = XTENSA_REG("MR2", XTENSA_OPTION_MAC16),
130     [MR + 3] = XTENSA_REG("MR3", XTENSA_OPTION_MAC16),
131     [WINDOW_BASE] = XTENSA_REG("WINDOW_BASE", XTENSA_OPTION_WINDOWED_REGISTER),
132     [WINDOW_START] = XTENSA_REG("WINDOW_START",
133             XTENSA_OPTION_WINDOWED_REGISTER),
134     [PTEVADDR] = XTENSA_REG("PTEVADDR", XTENSA_OPTION_MMU),
135     [RASID] = XTENSA_REG("RASID", XTENSA_OPTION_MMU),
136     [ITLBCFG] = XTENSA_REG("ITLBCFG", XTENSA_OPTION_MMU),
137     [DTLBCFG] = XTENSA_REG("DTLBCFG", XTENSA_OPTION_MMU),
138     [IBREAKENABLE] = XTENSA_REG("IBREAKENABLE", XTENSA_OPTION_DEBUG),
139     [MEMCTL] = XTENSA_REG_BITS("MEMCTL", XTENSA_OPTION_ALL),
140     [CACHEATTR] = XTENSA_REG("CACHEATTR", XTENSA_OPTION_CACHEATTR),
141     [ATOMCTL] = XTENSA_REG("ATOMCTL", XTENSA_OPTION_ATOMCTL),
142     [IBREAKA] = XTENSA_REG("IBREAKA0", XTENSA_OPTION_DEBUG),
143     [IBREAKA + 1] = XTENSA_REG("IBREAKA1", XTENSA_OPTION_DEBUG),
144     [DBREAKA] = XTENSA_REG("DBREAKA0", XTENSA_OPTION_DEBUG),
145     [DBREAKA + 1] = XTENSA_REG("DBREAKA1", XTENSA_OPTION_DEBUG),
146     [DBREAKC] = XTENSA_REG("DBREAKC0", XTENSA_OPTION_DEBUG),
147     [DBREAKC + 1] = XTENSA_REG("DBREAKC1", XTENSA_OPTION_DEBUG),
148     [CONFIGID0] = XTENSA_REG_BITS_ACCESS("CONFIGID0", XTENSA_OPTION_ALL, SR_R),
149     [EPC1] = XTENSA_REG("EPC1", XTENSA_OPTION_EXCEPTION),
150     [EPC1 + 1] = XTENSA_REG("EPC2", XTENSA_OPTION_HIGH_PRIORITY_INTERRUPT),
151     [EPC1 + 2] = XTENSA_REG("EPC3", XTENSA_OPTION_HIGH_PRIORITY_INTERRUPT),
152     [EPC1 + 3] = XTENSA_REG("EPC4", XTENSA_OPTION_HIGH_PRIORITY_INTERRUPT),
153     [EPC1 + 4] = XTENSA_REG("EPC5", XTENSA_OPTION_HIGH_PRIORITY_INTERRUPT),
154     [EPC1 + 5] = XTENSA_REG("EPC6", XTENSA_OPTION_HIGH_PRIORITY_INTERRUPT),
155     [EPC1 + 6] = XTENSA_REG("EPC7", XTENSA_OPTION_HIGH_PRIORITY_INTERRUPT),
156     [DEPC] = XTENSA_REG("DEPC", XTENSA_OPTION_EXCEPTION),
157     [EPS2] = XTENSA_REG("EPS2", XTENSA_OPTION_HIGH_PRIORITY_INTERRUPT),
158     [EPS2 + 1] = XTENSA_REG("EPS3", XTENSA_OPTION_HIGH_PRIORITY_INTERRUPT),
159     [EPS2 + 2] = XTENSA_REG("EPS4", XTENSA_OPTION_HIGH_PRIORITY_INTERRUPT),
160     [EPS2 + 3] = XTENSA_REG("EPS5", XTENSA_OPTION_HIGH_PRIORITY_INTERRUPT),
161     [EPS2 + 4] = XTENSA_REG("EPS6", XTENSA_OPTION_HIGH_PRIORITY_INTERRUPT),
162     [EPS2 + 5] = XTENSA_REG("EPS7", XTENSA_OPTION_HIGH_PRIORITY_INTERRUPT),
163     [CONFIGID1] = XTENSA_REG_BITS_ACCESS("CONFIGID1", XTENSA_OPTION_ALL, SR_R),
164     [EXCSAVE1] = XTENSA_REG("EXCSAVE1", XTENSA_OPTION_EXCEPTION),
165     [EXCSAVE1 + 1] = XTENSA_REG("EXCSAVE2",
166             XTENSA_OPTION_HIGH_PRIORITY_INTERRUPT),
167     [EXCSAVE1 + 2] = XTENSA_REG("EXCSAVE3",
168             XTENSA_OPTION_HIGH_PRIORITY_INTERRUPT),
169     [EXCSAVE1 + 3] = XTENSA_REG("EXCSAVE4",
170             XTENSA_OPTION_HIGH_PRIORITY_INTERRUPT),
171     [EXCSAVE1 + 4] = XTENSA_REG("EXCSAVE5",
172             XTENSA_OPTION_HIGH_PRIORITY_INTERRUPT),
173     [EXCSAVE1 + 5] = XTENSA_REG("EXCSAVE6",
174             XTENSA_OPTION_HIGH_PRIORITY_INTERRUPT),
175     [EXCSAVE1 + 6] = XTENSA_REG("EXCSAVE7",
176             XTENSA_OPTION_HIGH_PRIORITY_INTERRUPT),
177     [CPENABLE] = XTENSA_REG("CPENABLE", XTENSA_OPTION_COPROCESSOR),
178     [INTSET] = XTENSA_REG_ACCESS("INTSET", XTENSA_OPTION_INTERRUPT, SR_RW),
179     [INTCLEAR] = XTENSA_REG_ACCESS("INTCLEAR", XTENSA_OPTION_INTERRUPT, SR_W),
180     [INTENABLE] = XTENSA_REG("INTENABLE", XTENSA_OPTION_INTERRUPT),
181     [PS] = XTENSA_REG_BITS("PS", XTENSA_OPTION_ALL),
182     [VECBASE] = XTENSA_REG("VECBASE", XTENSA_OPTION_RELOCATABLE_VECTOR),
183     [EXCCAUSE] = XTENSA_REG("EXCCAUSE", XTENSA_OPTION_EXCEPTION),
184     [DEBUGCAUSE] = XTENSA_REG_ACCESS("DEBUGCAUSE", XTENSA_OPTION_DEBUG, SR_R),
185     [CCOUNT] = XTENSA_REG("CCOUNT", XTENSA_OPTION_TIMER_INTERRUPT),
186     [PRID] = XTENSA_REG_ACCESS("PRID", XTENSA_OPTION_PROCESSOR_ID, SR_R),
187     [ICOUNT] = XTENSA_REG("ICOUNT", XTENSA_OPTION_DEBUG),
188     [ICOUNTLEVEL] = XTENSA_REG("ICOUNTLEVEL", XTENSA_OPTION_DEBUG),
189     [EXCVADDR] = XTENSA_REG("EXCVADDR", XTENSA_OPTION_EXCEPTION),
190     [CCOMPARE] = XTENSA_REG("CCOMPARE0", XTENSA_OPTION_TIMER_INTERRUPT),
191     [CCOMPARE + 1] = XTENSA_REG("CCOMPARE1",
192             XTENSA_OPTION_TIMER_INTERRUPT),
193     [CCOMPARE + 2] = XTENSA_REG("CCOMPARE2",
194             XTENSA_OPTION_TIMER_INTERRUPT),
195     [MISC] = XTENSA_REG("MISC0", XTENSA_OPTION_MISC_SR),
196     [MISC + 1] = XTENSA_REG("MISC1", XTENSA_OPTION_MISC_SR),
197     [MISC + 2] = XTENSA_REG("MISC2", XTENSA_OPTION_MISC_SR),
198     [MISC + 3] = XTENSA_REG("MISC3", XTENSA_OPTION_MISC_SR),
199 };
200 
201 static const XtensaReg uregnames[256] = {
202     [THREADPTR] = XTENSA_REG("THREADPTR", XTENSA_OPTION_THREAD_POINTER),
203     [FCR] = XTENSA_REG("FCR", XTENSA_OPTION_FP_COPROCESSOR),
204     [FSR] = XTENSA_REG("FSR", XTENSA_OPTION_FP_COPROCESSOR),
205 };
206 
207 void xtensa_translate_init(void)
208 {
209     static const char * const regnames[] = {
210         "ar0", "ar1", "ar2", "ar3",
211         "ar4", "ar5", "ar6", "ar7",
212         "ar8", "ar9", "ar10", "ar11",
213         "ar12", "ar13", "ar14", "ar15",
214     };
215     static const char * const fregnames[] = {
216         "f0", "f1", "f2", "f3",
217         "f4", "f5", "f6", "f7",
218         "f8", "f9", "f10", "f11",
219         "f12", "f13", "f14", "f15",
220     };
221     int i;
222 
223     cpu_pc = tcg_global_mem_new_i32(cpu_env,
224             offsetof(CPUXtensaState, pc), "pc");
225 
226     for (i = 0; i < 16; i++) {
227         cpu_R[i] = tcg_global_mem_new_i32(cpu_env,
228                 offsetof(CPUXtensaState, regs[i]),
229                 regnames[i]);
230     }
231 
232     for (i = 0; i < 16; i++) {
233         cpu_FR[i] = tcg_global_mem_new_i32(cpu_env,
234                 offsetof(CPUXtensaState, fregs[i].f32[FP_F32_LOW]),
235                 fregnames[i]);
236     }
237 
238     for (i = 0; i < 256; ++i) {
239         if (sregnames[i].name) {
240             cpu_SR[i] = tcg_global_mem_new_i32(cpu_env,
241                     offsetof(CPUXtensaState, sregs[i]),
242                     sregnames[i].name);
243         }
244     }
245 
246     for (i = 0; i < 256; ++i) {
247         if (uregnames[i].name) {
248             cpu_UR[i] = tcg_global_mem_new_i32(cpu_env,
249                     offsetof(CPUXtensaState, uregs[i]),
250                     uregnames[i].name);
251         }
252     }
253 }
254 
255 static inline bool option_bits_enabled(DisasContext *dc, uint64_t opt)
256 {
257     return xtensa_option_bits_enabled(dc->config, opt);
258 }
259 
260 static inline bool option_enabled(DisasContext *dc, int opt)
261 {
262     return xtensa_option_enabled(dc->config, opt);
263 }
264 
265 static void init_litbase(DisasContext *dc)
266 {
267     if (dc->tb->flags & XTENSA_TBFLAG_LITBASE) {
268         dc->litbase = tcg_temp_local_new_i32();
269         tcg_gen_andi_i32(dc->litbase, cpu_SR[LITBASE], 0xfffff000);
270     }
271 }
272 
273 static void reset_litbase(DisasContext *dc)
274 {
275     if (dc->tb->flags & XTENSA_TBFLAG_LITBASE) {
276         tcg_temp_free(dc->litbase);
277     }
278 }
279 
280 static void init_sar_tracker(DisasContext *dc)
281 {
282     dc->sar_5bit = false;
283     dc->sar_m32_5bit = false;
284     dc->sar_m32_allocated = false;
285 }
286 
287 static void reset_sar_tracker(DisasContext *dc)
288 {
289     if (dc->sar_m32_allocated) {
290         tcg_temp_free(dc->sar_m32);
291     }
292 }
293 
294 static void gen_right_shift_sar(DisasContext *dc, TCGv_i32 sa)
295 {
296     tcg_gen_andi_i32(cpu_SR[SAR], sa, 0x1f);
297     if (dc->sar_m32_5bit) {
298         tcg_gen_discard_i32(dc->sar_m32);
299     }
300     dc->sar_5bit = true;
301     dc->sar_m32_5bit = false;
302 }
303 
304 static void gen_left_shift_sar(DisasContext *dc, TCGv_i32 sa)
305 {
306     TCGv_i32 tmp = tcg_const_i32(32);
307     if (!dc->sar_m32_allocated) {
308         dc->sar_m32 = tcg_temp_local_new_i32();
309         dc->sar_m32_allocated = true;
310     }
311     tcg_gen_andi_i32(dc->sar_m32, sa, 0x1f);
312     tcg_gen_sub_i32(cpu_SR[SAR], tmp, dc->sar_m32);
313     dc->sar_5bit = false;
314     dc->sar_m32_5bit = true;
315     tcg_temp_free(tmp);
316 }
317 
318 static void gen_exception(DisasContext *dc, int excp)
319 {
320     TCGv_i32 tmp = tcg_const_i32(excp);
321     gen_helper_exception(cpu_env, tmp);
322     tcg_temp_free(tmp);
323 }
324 
325 static void gen_exception_cause(DisasContext *dc, uint32_t cause)
326 {
327     TCGv_i32 tpc = tcg_const_i32(dc->pc);
328     TCGv_i32 tcause = tcg_const_i32(cause);
329     gen_helper_exception_cause(cpu_env, tpc, tcause);
330     tcg_temp_free(tpc);
331     tcg_temp_free(tcause);
332     if (cause == ILLEGAL_INSTRUCTION_CAUSE ||
333             cause == SYSCALL_CAUSE) {
334         dc->is_jmp = DISAS_UPDATE;
335     }
336 }
337 
338 static void gen_exception_cause_vaddr(DisasContext *dc, uint32_t cause,
339         TCGv_i32 vaddr)
340 {
341     TCGv_i32 tpc = tcg_const_i32(dc->pc);
342     TCGv_i32 tcause = tcg_const_i32(cause);
343     gen_helper_exception_cause_vaddr(cpu_env, tpc, tcause, vaddr);
344     tcg_temp_free(tpc);
345     tcg_temp_free(tcause);
346 }
347 
348 static void gen_debug_exception(DisasContext *dc, uint32_t cause)
349 {
350     TCGv_i32 tpc = tcg_const_i32(dc->pc);
351     TCGv_i32 tcause = tcg_const_i32(cause);
352     gen_helper_debug_exception(cpu_env, tpc, tcause);
353     tcg_temp_free(tpc);
354     tcg_temp_free(tcause);
355     if (cause & (DEBUGCAUSE_IB | DEBUGCAUSE_BI | DEBUGCAUSE_BN)) {
356         dc->is_jmp = DISAS_UPDATE;
357     }
358 }
359 
360 static bool gen_check_privilege(DisasContext *dc)
361 {
362     if (dc->cring) {
363         gen_exception_cause(dc, PRIVILEGED_CAUSE);
364         dc->is_jmp = DISAS_UPDATE;
365         return false;
366     }
367     return true;
368 }
369 
370 static bool gen_check_cpenable(DisasContext *dc, unsigned cp)
371 {
372     if (option_enabled(dc, XTENSA_OPTION_COPROCESSOR) &&
373             !(dc->cpenable & (1 << cp))) {
374         gen_exception_cause(dc, COPROCESSOR0_DISABLED + cp);
375         dc->is_jmp = DISAS_UPDATE;
376         return false;
377     }
378     return true;
379 }
380 
381 static void gen_jump_slot(DisasContext *dc, TCGv dest, int slot)
382 {
383     tcg_gen_mov_i32(cpu_pc, dest);
384     if (dc->icount) {
385         tcg_gen_mov_i32(cpu_SR[ICOUNT], dc->next_icount);
386     }
387     if (dc->singlestep_enabled) {
388         gen_exception(dc, EXCP_DEBUG);
389     } else {
390         if (slot >= 0) {
391             tcg_gen_goto_tb(slot);
392             tcg_gen_exit_tb((uintptr_t)dc->tb + slot);
393         } else {
394             tcg_gen_exit_tb(0);
395         }
396     }
397     dc->is_jmp = DISAS_UPDATE;
398 }
399 
400 static void gen_jump(DisasContext *dc, TCGv dest)
401 {
402     gen_jump_slot(dc, dest, -1);
403 }
404 
405 static void gen_jumpi(DisasContext *dc, uint32_t dest, int slot)
406 {
407     TCGv_i32 tmp = tcg_const_i32(dest);
408 #ifndef CONFIG_USER_ONLY
409     if (((dc->tb->pc ^ dest) & TARGET_PAGE_MASK) != 0) {
410         slot = -1;
411     }
412 #endif
413     gen_jump_slot(dc, tmp, slot);
414     tcg_temp_free(tmp);
415 }
416 
417 static void gen_callw_slot(DisasContext *dc, int callinc, TCGv_i32 dest,
418         int slot)
419 {
420     TCGv_i32 tcallinc = tcg_const_i32(callinc);
421 
422     tcg_gen_deposit_i32(cpu_SR[PS], cpu_SR[PS],
423             tcallinc, PS_CALLINC_SHIFT, PS_CALLINC_LEN);
424     tcg_temp_free(tcallinc);
425     tcg_gen_movi_i32(cpu_R[callinc << 2],
426             (callinc << 30) | (dc->next_pc & 0x3fffffff));
427     gen_jump_slot(dc, dest, slot);
428 }
429 
430 static void gen_callw(DisasContext *dc, int callinc, TCGv_i32 dest)
431 {
432     gen_callw_slot(dc, callinc, dest, -1);
433 }
434 
435 static void gen_callwi(DisasContext *dc, int callinc, uint32_t dest, int slot)
436 {
437     TCGv_i32 tmp = tcg_const_i32(dest);
438 #ifndef CONFIG_USER_ONLY
439     if (((dc->tb->pc ^ dest) & TARGET_PAGE_MASK) != 0) {
440         slot = -1;
441     }
442 #endif
443     gen_callw_slot(dc, callinc, tmp, slot);
444     tcg_temp_free(tmp);
445 }
446 
447 static bool gen_check_loop_end(DisasContext *dc, int slot)
448 {
449     if (option_enabled(dc, XTENSA_OPTION_LOOP) &&
450             !(dc->tb->flags & XTENSA_TBFLAG_EXCM) &&
451             dc->next_pc == dc->lend) {
452         TCGLabel *label = gen_new_label();
453 
454         tcg_gen_brcondi_i32(TCG_COND_EQ, cpu_SR[LCOUNT], 0, label);
455         tcg_gen_subi_i32(cpu_SR[LCOUNT], cpu_SR[LCOUNT], 1);
456         gen_jumpi(dc, dc->lbeg, slot);
457         gen_set_label(label);
458         gen_jumpi(dc, dc->next_pc, -1);
459         return true;
460     }
461     return false;
462 }
463 
464 static void gen_jumpi_check_loop_end(DisasContext *dc, int slot)
465 {
466     if (!gen_check_loop_end(dc, slot)) {
467         gen_jumpi(dc, dc->next_pc, slot);
468     }
469 }
470 
471 static void gen_brcond(DisasContext *dc, TCGCond cond,
472         TCGv_i32 t0, TCGv_i32 t1, uint32_t offset)
473 {
474     TCGLabel *label = gen_new_label();
475 
476     tcg_gen_brcond_i32(cond, t0, t1, label);
477     gen_jumpi_check_loop_end(dc, 0);
478     gen_set_label(label);
479     gen_jumpi(dc, dc->pc + offset, 1);
480 }
481 
482 static void gen_brcondi(DisasContext *dc, TCGCond cond,
483         TCGv_i32 t0, uint32_t t1, uint32_t offset)
484 {
485     TCGv_i32 tmp = tcg_const_i32(t1);
486     gen_brcond(dc, cond, t0, tmp, offset);
487     tcg_temp_free(tmp);
488 }
489 
490 static bool gen_check_sr(DisasContext *dc, uint32_t sr, unsigned access)
491 {
492     if (!xtensa_option_bits_enabled(dc->config, sregnames[sr].opt_bits)) {
493         if (sregnames[sr].name) {
494             qemu_log_mask(LOG_GUEST_ERROR, "SR %s is not configured\n", sregnames[sr].name);
495         } else {
496             qemu_log_mask(LOG_UNIMP, "SR %d is not implemented\n", sr);
497         }
498         gen_exception_cause(dc, ILLEGAL_INSTRUCTION_CAUSE);
499         return false;
500     } else if (!(sregnames[sr].access & access)) {
501         static const char * const access_text[] = {
502             [SR_R] = "rsr",
503             [SR_W] = "wsr",
504             [SR_X] = "xsr",
505         };
506         assert(access < ARRAY_SIZE(access_text) && access_text[access]);
507         qemu_log_mask(LOG_GUEST_ERROR, "SR %s is not available for %s\n", sregnames[sr].name,
508                       access_text[access]);
509         gen_exception_cause(dc, ILLEGAL_INSTRUCTION_CAUSE);
510         return false;
511     }
512     return true;
513 }
514 
515 static bool gen_rsr_ccount(DisasContext *dc, TCGv_i32 d, uint32_t sr)
516 {
517     if (tb_cflags(dc->tb) & CF_USE_ICOUNT) {
518         gen_io_start();
519     }
520     gen_helper_update_ccount(cpu_env);
521     tcg_gen_mov_i32(d, cpu_SR[sr]);
522     if (tb_cflags(dc->tb) & CF_USE_ICOUNT) {
523         gen_io_end();
524         return true;
525     }
526     return false;
527 }
528 
529 static bool gen_rsr_ptevaddr(DisasContext *dc, TCGv_i32 d, uint32_t sr)
530 {
531     tcg_gen_shri_i32(d, cpu_SR[EXCVADDR], 10);
532     tcg_gen_or_i32(d, d, cpu_SR[sr]);
533     tcg_gen_andi_i32(d, d, 0xfffffffc);
534     return false;
535 }
536 
537 static bool gen_rsr(DisasContext *dc, TCGv_i32 d, uint32_t sr)
538 {
539     static bool (* const rsr_handler[256])(DisasContext *dc,
540             TCGv_i32 d, uint32_t sr) = {
541         [CCOUNT] = gen_rsr_ccount,
542         [INTSET] = gen_rsr_ccount,
543         [PTEVADDR] = gen_rsr_ptevaddr,
544     };
545 
546     if (rsr_handler[sr]) {
547         return rsr_handler[sr](dc, d, sr);
548     } else {
549         tcg_gen_mov_i32(d, cpu_SR[sr]);
550         return false;
551     }
552 }
553 
554 static bool gen_wsr_lbeg(DisasContext *dc, uint32_t sr, TCGv_i32 s)
555 {
556     gen_helper_wsr_lbeg(cpu_env, s);
557     gen_jumpi_check_loop_end(dc, 0);
558     return false;
559 }
560 
561 static bool gen_wsr_lend(DisasContext *dc, uint32_t sr, TCGv_i32 s)
562 {
563     gen_helper_wsr_lend(cpu_env, s);
564     gen_jumpi_check_loop_end(dc, 0);
565     return false;
566 }
567 
568 static bool gen_wsr_sar(DisasContext *dc, uint32_t sr, TCGv_i32 s)
569 {
570     tcg_gen_andi_i32(cpu_SR[sr], s, 0x3f);
571     if (dc->sar_m32_5bit) {
572         tcg_gen_discard_i32(dc->sar_m32);
573     }
574     dc->sar_5bit = false;
575     dc->sar_m32_5bit = false;
576     return false;
577 }
578 
579 static bool gen_wsr_br(DisasContext *dc, uint32_t sr, TCGv_i32 s)
580 {
581     tcg_gen_andi_i32(cpu_SR[sr], s, 0xffff);
582     return false;
583 }
584 
585 static bool gen_wsr_litbase(DisasContext *dc, uint32_t sr, TCGv_i32 s)
586 {
587     tcg_gen_andi_i32(cpu_SR[sr], s, 0xfffff001);
588     /* This can change tb->flags, so exit tb */
589     gen_jumpi_check_loop_end(dc, -1);
590     return true;
591 }
592 
593 static bool gen_wsr_acchi(DisasContext *dc, uint32_t sr, TCGv_i32 s)
594 {
595     tcg_gen_ext8s_i32(cpu_SR[sr], s);
596     return false;
597 }
598 
599 static bool gen_wsr_windowbase(DisasContext *dc, uint32_t sr, TCGv_i32 v)
600 {
601     gen_helper_wsr_windowbase(cpu_env, v);
602     /* This can change tb->flags, so exit tb */
603     gen_jumpi_check_loop_end(dc, -1);
604     return true;
605 }
606 
607 static bool gen_wsr_windowstart(DisasContext *dc, uint32_t sr, TCGv_i32 v)
608 {
609     tcg_gen_andi_i32(cpu_SR[sr], v, (1 << dc->config->nareg / 4) - 1);
610     /* This can change tb->flags, so exit tb */
611     gen_jumpi_check_loop_end(dc, -1);
612     return true;
613 }
614 
615 static bool gen_wsr_ptevaddr(DisasContext *dc, uint32_t sr, TCGv_i32 v)
616 {
617     tcg_gen_andi_i32(cpu_SR[sr], v, 0xffc00000);
618     return false;
619 }
620 
621 static bool gen_wsr_rasid(DisasContext *dc, uint32_t sr, TCGv_i32 v)
622 {
623     gen_helper_wsr_rasid(cpu_env, v);
624     /* This can change tb->flags, so exit tb */
625     gen_jumpi_check_loop_end(dc, -1);
626     return true;
627 }
628 
629 static bool gen_wsr_tlbcfg(DisasContext *dc, uint32_t sr, TCGv_i32 v)
630 {
631     tcg_gen_andi_i32(cpu_SR[sr], v, 0x01130000);
632     return false;
633 }
634 
635 static bool gen_wsr_ibreakenable(DisasContext *dc, uint32_t sr, TCGv_i32 v)
636 {
637     gen_helper_wsr_ibreakenable(cpu_env, v);
638     gen_jumpi_check_loop_end(dc, 0);
639     return true;
640 }
641 
642 static bool gen_wsr_memctl(DisasContext *dc, uint32_t sr, TCGv_i32 v)
643 {
644     gen_helper_wsr_memctl(cpu_env, v);
645     return false;
646 }
647 
648 static bool gen_wsr_atomctl(DisasContext *dc, uint32_t sr, TCGv_i32 v)
649 {
650     tcg_gen_andi_i32(cpu_SR[sr], v, 0x3f);
651     return false;
652 }
653 
654 static bool gen_wsr_ibreaka(DisasContext *dc, uint32_t sr, TCGv_i32 v)
655 {
656     unsigned id = sr - IBREAKA;
657 
658     if (id < dc->config->nibreak) {
659         TCGv_i32 tmp = tcg_const_i32(id);
660         gen_helper_wsr_ibreaka(cpu_env, tmp, v);
661         tcg_temp_free(tmp);
662         gen_jumpi_check_loop_end(dc, 0);
663         return true;
664     }
665     return false;
666 }
667 
668 static bool gen_wsr_dbreaka(DisasContext *dc, uint32_t sr, TCGv_i32 v)
669 {
670     unsigned id = sr - DBREAKA;
671 
672     if (id < dc->config->ndbreak) {
673         TCGv_i32 tmp = tcg_const_i32(id);
674         gen_helper_wsr_dbreaka(cpu_env, tmp, v);
675         tcg_temp_free(tmp);
676     }
677     return false;
678 }
679 
680 static bool gen_wsr_dbreakc(DisasContext *dc, uint32_t sr, TCGv_i32 v)
681 {
682     unsigned id = sr - DBREAKC;
683 
684     if (id < dc->config->ndbreak) {
685         TCGv_i32 tmp = tcg_const_i32(id);
686         gen_helper_wsr_dbreakc(cpu_env, tmp, v);
687         tcg_temp_free(tmp);
688     }
689     return false;
690 }
691 
692 static bool gen_wsr_cpenable(DisasContext *dc, uint32_t sr, TCGv_i32 v)
693 {
694     tcg_gen_andi_i32(cpu_SR[sr], v, 0xff);
695     /* This can change tb->flags, so exit tb */
696     gen_jumpi_check_loop_end(dc, -1);
697     return true;
698 }
699 
700 static void gen_check_interrupts(DisasContext *dc)
701 {
702     if (tb_cflags(dc->tb) & CF_USE_ICOUNT) {
703         gen_io_start();
704     }
705     gen_helper_check_interrupts(cpu_env);
706     if (tb_cflags(dc->tb) & CF_USE_ICOUNT) {
707         gen_io_end();
708     }
709 }
710 
711 static bool gen_wsr_intset(DisasContext *dc, uint32_t sr, TCGv_i32 v)
712 {
713     tcg_gen_andi_i32(cpu_SR[sr], v,
714             dc->config->inttype_mask[INTTYPE_SOFTWARE]);
715     gen_check_interrupts(dc);
716     gen_jumpi_check_loop_end(dc, 0);
717     return true;
718 }
719 
720 static bool gen_wsr_intclear(DisasContext *dc, uint32_t sr, TCGv_i32 v)
721 {
722     TCGv_i32 tmp = tcg_temp_new_i32();
723 
724     tcg_gen_andi_i32(tmp, v,
725             dc->config->inttype_mask[INTTYPE_EDGE] |
726             dc->config->inttype_mask[INTTYPE_NMI] |
727             dc->config->inttype_mask[INTTYPE_SOFTWARE]);
728     tcg_gen_andc_i32(cpu_SR[INTSET], cpu_SR[INTSET], tmp);
729     tcg_temp_free(tmp);
730     gen_check_interrupts(dc);
731     gen_jumpi_check_loop_end(dc, 0);
732     return true;
733 }
734 
735 static bool gen_wsr_intenable(DisasContext *dc, uint32_t sr, TCGv_i32 v)
736 {
737     tcg_gen_mov_i32(cpu_SR[sr], v);
738     gen_check_interrupts(dc);
739     gen_jumpi_check_loop_end(dc, 0);
740     return true;
741 }
742 
743 static bool gen_wsr_ps(DisasContext *dc, uint32_t sr, TCGv_i32 v)
744 {
745     uint32_t mask = PS_WOE | PS_CALLINC | PS_OWB |
746         PS_UM | PS_EXCM | PS_INTLEVEL;
747 
748     if (option_enabled(dc, XTENSA_OPTION_MMU)) {
749         mask |= PS_RING;
750     }
751     tcg_gen_andi_i32(cpu_SR[sr], v, mask);
752     gen_check_interrupts(dc);
753     /* This can change mmu index and tb->flags, so exit tb */
754     gen_jumpi_check_loop_end(dc, -1);
755     return true;
756 }
757 
758 static bool gen_wsr_ccount(DisasContext *dc, uint32_t sr, TCGv_i32 v)
759 {
760     if (tb_cflags(dc->tb) & CF_USE_ICOUNT) {
761         gen_io_start();
762     }
763     gen_helper_wsr_ccount(cpu_env, v);
764     if (tb_cflags(dc->tb) & CF_USE_ICOUNT) {
765         gen_io_end();
766         gen_jumpi_check_loop_end(dc, 0);
767         return true;
768     }
769     return false;
770 }
771 
772 static bool gen_wsr_icount(DisasContext *dc, uint32_t sr, TCGv_i32 v)
773 {
774     if (dc->icount) {
775         tcg_gen_mov_i32(dc->next_icount, v);
776     } else {
777         tcg_gen_mov_i32(cpu_SR[sr], v);
778     }
779     return false;
780 }
781 
782 static bool gen_wsr_icountlevel(DisasContext *dc, uint32_t sr, TCGv_i32 v)
783 {
784     tcg_gen_andi_i32(cpu_SR[sr], v, 0xf);
785     /* This can change tb->flags, so exit tb */
786     gen_jumpi_check_loop_end(dc, -1);
787     return true;
788 }
789 
790 static bool gen_wsr_ccompare(DisasContext *dc, uint32_t sr, TCGv_i32 v)
791 {
792     uint32_t id = sr - CCOMPARE;
793     bool ret = false;
794 
795     if (id < dc->config->nccompare) {
796         uint32_t int_bit = 1 << dc->config->timerint[id];
797         TCGv_i32 tmp = tcg_const_i32(id);
798 
799         tcg_gen_mov_i32(cpu_SR[sr], v);
800         tcg_gen_andi_i32(cpu_SR[INTSET], cpu_SR[INTSET], ~int_bit);
801         if (tb_cflags(dc->tb) & CF_USE_ICOUNT) {
802             gen_io_start();
803         }
804         gen_helper_update_ccompare(cpu_env, tmp);
805         if (tb_cflags(dc->tb) & CF_USE_ICOUNT) {
806             gen_io_end();
807             gen_jumpi_check_loop_end(dc, 0);
808             ret = true;
809         }
810         tcg_temp_free(tmp);
811     }
812     return ret;
813 }
814 
815 static bool gen_wsr(DisasContext *dc, uint32_t sr, TCGv_i32 s)
816 {
817     static bool (* const wsr_handler[256])(DisasContext *dc,
818             uint32_t sr, TCGv_i32 v) = {
819         [LBEG] = gen_wsr_lbeg,
820         [LEND] = gen_wsr_lend,
821         [SAR] = gen_wsr_sar,
822         [BR] = gen_wsr_br,
823         [LITBASE] = gen_wsr_litbase,
824         [ACCHI] = gen_wsr_acchi,
825         [WINDOW_BASE] = gen_wsr_windowbase,
826         [WINDOW_START] = gen_wsr_windowstart,
827         [PTEVADDR] = gen_wsr_ptevaddr,
828         [RASID] = gen_wsr_rasid,
829         [ITLBCFG] = gen_wsr_tlbcfg,
830         [DTLBCFG] = gen_wsr_tlbcfg,
831         [IBREAKENABLE] = gen_wsr_ibreakenable,
832         [MEMCTL] = gen_wsr_memctl,
833         [ATOMCTL] = gen_wsr_atomctl,
834         [IBREAKA] = gen_wsr_ibreaka,
835         [IBREAKA + 1] = gen_wsr_ibreaka,
836         [DBREAKA] = gen_wsr_dbreaka,
837         [DBREAKA + 1] = gen_wsr_dbreaka,
838         [DBREAKC] = gen_wsr_dbreakc,
839         [DBREAKC + 1] = gen_wsr_dbreakc,
840         [CPENABLE] = gen_wsr_cpenable,
841         [INTSET] = gen_wsr_intset,
842         [INTCLEAR] = gen_wsr_intclear,
843         [INTENABLE] = gen_wsr_intenable,
844         [PS] = gen_wsr_ps,
845         [CCOUNT] = gen_wsr_ccount,
846         [ICOUNT] = gen_wsr_icount,
847         [ICOUNTLEVEL] = gen_wsr_icountlevel,
848         [CCOMPARE] = gen_wsr_ccompare,
849         [CCOMPARE + 1] = gen_wsr_ccompare,
850         [CCOMPARE + 2] = gen_wsr_ccompare,
851     };
852 
853     if (wsr_handler[sr]) {
854         return wsr_handler[sr](dc, sr, s);
855     } else {
856         tcg_gen_mov_i32(cpu_SR[sr], s);
857         return false;
858     }
859 }
860 
861 static void gen_wur(uint32_t ur, TCGv_i32 s)
862 {
863     switch (ur) {
864     case FCR:
865         gen_helper_wur_fcr(cpu_env, s);
866         break;
867 
868     case FSR:
869         tcg_gen_andi_i32(cpu_UR[ur], s, 0xffffff80);
870         break;
871 
872     default:
873         tcg_gen_mov_i32(cpu_UR[ur], s);
874         break;
875     }
876 }
877 
878 static void gen_load_store_alignment(DisasContext *dc, int shift,
879         TCGv_i32 addr, bool no_hw_alignment)
880 {
881     if (!option_enabled(dc, XTENSA_OPTION_UNALIGNED_EXCEPTION)) {
882         tcg_gen_andi_i32(addr, addr, ~0 << shift);
883     } else if (option_enabled(dc, XTENSA_OPTION_HW_ALIGNMENT) &&
884             no_hw_alignment) {
885         TCGLabel *label = gen_new_label();
886         TCGv_i32 tmp = tcg_temp_new_i32();
887         tcg_gen_andi_i32(tmp, addr, ~(~0 << shift));
888         tcg_gen_brcondi_i32(TCG_COND_EQ, tmp, 0, label);
889         gen_exception_cause_vaddr(dc, LOAD_STORE_ALIGNMENT_CAUSE, addr);
890         gen_set_label(label);
891         tcg_temp_free(tmp);
892     }
893 }
894 
895 static void gen_waiti(DisasContext *dc, uint32_t imm4)
896 {
897     TCGv_i32 pc = tcg_const_i32(dc->next_pc);
898     TCGv_i32 intlevel = tcg_const_i32(imm4);
899 
900     if (tb_cflags(dc->tb) & CF_USE_ICOUNT) {
901         gen_io_start();
902     }
903     gen_helper_waiti(cpu_env, pc, intlevel);
904     if (tb_cflags(dc->tb) & CF_USE_ICOUNT) {
905         gen_io_end();
906     }
907     tcg_temp_free(pc);
908     tcg_temp_free(intlevel);
909     gen_jumpi_check_loop_end(dc, 0);
910 }
911 
912 static bool gen_window_check1(DisasContext *dc, unsigned r1)
913 {
914     if (r1 / 4 > dc->window) {
915         TCGv_i32 pc = tcg_const_i32(dc->pc);
916         TCGv_i32 w = tcg_const_i32(r1 / 4);
917 
918         gen_helper_window_check(cpu_env, pc, w);
919         dc->is_jmp = DISAS_UPDATE;
920         return false;
921     }
922     return true;
923 }
924 
925 static bool gen_window_check2(DisasContext *dc, unsigned r1, unsigned r2)
926 {
927     return gen_window_check1(dc, r1 > r2 ? r1 : r2);
928 }
929 
930 static bool gen_window_check3(DisasContext *dc, unsigned r1, unsigned r2,
931         unsigned r3)
932 {
933     return gen_window_check2(dc, r1, r2 > r3 ? r2 : r3);
934 }
935 
936 static TCGv_i32 gen_mac16_m(TCGv_i32 v, bool hi, bool is_unsigned)
937 {
938     TCGv_i32 m = tcg_temp_new_i32();
939 
940     if (hi) {
941         (is_unsigned ? tcg_gen_shri_i32 : tcg_gen_sari_i32)(m, v, 16);
942     } else {
943         (is_unsigned ? tcg_gen_ext16u_i32 : tcg_gen_ext16s_i32)(m, v);
944     }
945     return m;
946 }
947 
948 static inline unsigned xtensa_op0_insn_len(unsigned op0)
949 {
950     return op0 >= 8 ? 2 : 3;
951 }
952 
953 static void disas_xtensa_insn(CPUXtensaState *env, DisasContext *dc)
954 {
955 #define HAS_OPTION_BITS(opt) do { \
956         if (!option_bits_enabled(dc, opt)) { \
957             qemu_log_mask(LOG_GUEST_ERROR, "Option is not enabled %s:%d\n", \
958                           __FILE__, __LINE__); \
959             goto invalid_opcode; \
960         } \
961     } while (0)
962 
963 #define HAS_OPTION(opt) HAS_OPTION_BITS(XTENSA_OPTION_BIT(opt))
964 
965 #define TBD() qemu_log_mask(LOG_UNIMP, "TBD(pc = %08x): %s:%d\n", dc->pc, __FILE__, __LINE__)
966 #define RESERVED() do { \
967         qemu_log_mask(LOG_GUEST_ERROR, "RESERVED(pc = %08x, %02x%02x%02x): %s:%d\n", \
968                       dc->pc, b0, b1, b2, __FILE__, __LINE__); \
969         goto invalid_opcode; \
970     } while (0)
971 
972 
973 #ifdef TARGET_WORDS_BIGENDIAN
974 #define OP0 (((b0) & 0xf0) >> 4)
975 #define OP1 (((b2) & 0xf0) >> 4)
976 #define OP2 ((b2) & 0xf)
977 #define RRR_R ((b1) & 0xf)
978 #define RRR_S (((b1) & 0xf0) >> 4)
979 #define RRR_T ((b0) & 0xf)
980 #else
981 #define OP0 (((b0) & 0xf))
982 #define OP1 (((b2) & 0xf))
983 #define OP2 (((b2) & 0xf0) >> 4)
984 #define RRR_R (((b1) & 0xf0) >> 4)
985 #define RRR_S (((b1) & 0xf))
986 #define RRR_T (((b0) & 0xf0) >> 4)
987 #endif
988 #define RRR_X ((RRR_R & 0x4) >> 2)
989 #define RRR_Y ((RRR_T & 0x4) >> 2)
990 #define RRR_W (RRR_R & 0x3)
991 
992 #define RRRN_R RRR_R
993 #define RRRN_S RRR_S
994 #define RRRN_T RRR_T
995 
996 #define RRI4_R RRR_R
997 #define RRI4_S RRR_S
998 #define RRI4_T RRR_T
999 #ifdef TARGET_WORDS_BIGENDIAN
1000 #define RRI4_IMM4 ((b2) & 0xf)
1001 #else
1002 #define RRI4_IMM4 (((b2) & 0xf0) >> 4)
1003 #endif
1004 
1005 #define RRI8_R RRR_R
1006 #define RRI8_S RRR_S
1007 #define RRI8_T RRR_T
1008 #define RRI8_IMM8 (b2)
1009 #define RRI8_IMM8_SE ((((b2) & 0x80) ? 0xffffff00 : 0) | RRI8_IMM8)
1010 
1011 #ifdef TARGET_WORDS_BIGENDIAN
1012 #define RI16_IMM16 (((b1) << 8) | (b2))
1013 #else
1014 #define RI16_IMM16 (((b2) << 8) | (b1))
1015 #endif
1016 
1017 #ifdef TARGET_WORDS_BIGENDIAN
1018 #define CALL_N (((b0) & 0xc) >> 2)
1019 #define CALL_OFFSET ((((b0) & 0x3) << 16) | ((b1) << 8) | (b2))
1020 #else
1021 #define CALL_N (((b0) & 0x30) >> 4)
1022 #define CALL_OFFSET ((((b0) & 0xc0) >> 6) | ((b1) << 2) | ((b2) << 10))
1023 #endif
1024 #define CALL_OFFSET_SE \
1025     (((CALL_OFFSET & 0x20000) ? 0xfffc0000 : 0) | CALL_OFFSET)
1026 
1027 #define CALLX_N CALL_N
1028 #ifdef TARGET_WORDS_BIGENDIAN
1029 #define CALLX_M ((b0) & 0x3)
1030 #else
1031 #define CALLX_M (((b0) & 0xc0) >> 6)
1032 #endif
1033 #define CALLX_S RRR_S
1034 
1035 #define BRI12_M CALLX_M
1036 #define BRI12_S RRR_S
1037 #ifdef TARGET_WORDS_BIGENDIAN
1038 #define BRI12_IMM12 ((((b1) & 0xf) << 8) | (b2))
1039 #else
1040 #define BRI12_IMM12 ((((b1) & 0xf0) >> 4) | ((b2) << 4))
1041 #endif
1042 #define BRI12_IMM12_SE (((BRI12_IMM12 & 0x800) ? 0xfffff000 : 0) | BRI12_IMM12)
1043 
1044 #define BRI8_M BRI12_M
1045 #define BRI8_R RRI8_R
1046 #define BRI8_S RRI8_S
1047 #define BRI8_IMM8 RRI8_IMM8
1048 #define BRI8_IMM8_SE RRI8_IMM8_SE
1049 
1050 #define RSR_SR (b1)
1051 
1052     uint8_t b0 = cpu_ldub_code(env, dc->pc);
1053     uint8_t b1 = cpu_ldub_code(env, dc->pc + 1);
1054     uint8_t b2 = 0;
1055     unsigned len = xtensa_op0_insn_len(OP0);
1056 
1057     static const uint32_t B4CONST[] = {
1058         0xffffffff, 1, 2, 3, 4, 5, 6, 7, 8, 10, 12, 16, 32, 64, 128, 256
1059     };
1060 
1061     static const uint32_t B4CONSTU[] = {
1062         32768, 65536, 2, 3, 4, 5, 6, 7, 8, 10, 12, 16, 32, 64, 128, 256
1063     };
1064 
1065     switch (len) {
1066     case 2:
1067         HAS_OPTION(XTENSA_OPTION_CODE_DENSITY);
1068         break;
1069 
1070     case 3:
1071         b2 = cpu_ldub_code(env, dc->pc + 2);
1072         break;
1073 
1074     default:
1075         RESERVED();
1076     }
1077     dc->next_pc = dc->pc + len;
1078 
1079     switch (OP0) {
1080     case 0: /*QRST*/
1081         switch (OP1) {
1082         case 0: /*RST0*/
1083             switch (OP2) {
1084             case 0: /*ST0*/
1085                 if ((RRR_R & 0xc) == 0x8) {
1086                     HAS_OPTION(XTENSA_OPTION_BOOLEAN);
1087                 }
1088 
1089                 switch (RRR_R) {
1090                 case 0: /*SNM0*/
1091                     switch (CALLX_M) {
1092                     case 0: /*ILL*/
1093                         gen_exception_cause(dc, ILLEGAL_INSTRUCTION_CAUSE);
1094                         break;
1095 
1096                     case 1: /*reserved*/
1097                         RESERVED();
1098                         break;
1099 
1100                     case 2: /*JR*/
1101                         switch (CALLX_N) {
1102                         case 0: /*RET*/
1103                         case 2: /*JX*/
1104                             if (gen_window_check1(dc, CALLX_S)) {
1105                                 gen_jump(dc, cpu_R[CALLX_S]);
1106                             }
1107                             break;
1108 
1109                         case 1: /*RETWw*/
1110                             HAS_OPTION(XTENSA_OPTION_WINDOWED_REGISTER);
1111                             {
1112                                 TCGv_i32 tmp = tcg_const_i32(dc->pc);
1113                                 gen_helper_retw(tmp, cpu_env, tmp);
1114                                 gen_jump(dc, tmp);
1115                                 tcg_temp_free(tmp);
1116                             }
1117                             break;
1118 
1119                         case 3: /*reserved*/
1120                             RESERVED();
1121                             break;
1122                         }
1123                         break;
1124 
1125                     case 3: /*CALLX*/
1126                         if (!gen_window_check2(dc, CALLX_S, CALLX_N << 2)) {
1127                             break;
1128                         }
1129                         switch (CALLX_N) {
1130                         case 0: /*CALLX0*/
1131                             {
1132                                 TCGv_i32 tmp = tcg_temp_new_i32();
1133                                 tcg_gen_mov_i32(tmp, cpu_R[CALLX_S]);
1134                                 tcg_gen_movi_i32(cpu_R[0], dc->next_pc);
1135                                 gen_jump(dc, tmp);
1136                                 tcg_temp_free(tmp);
1137                             }
1138                             break;
1139 
1140                         case 1: /*CALLX4w*/
1141                         case 2: /*CALLX8w*/
1142                         case 3: /*CALLX12w*/
1143                             HAS_OPTION(XTENSA_OPTION_WINDOWED_REGISTER);
1144                             {
1145                                 TCGv_i32 tmp = tcg_temp_new_i32();
1146 
1147                                 tcg_gen_mov_i32(tmp, cpu_R[CALLX_S]);
1148                                 gen_callw(dc, CALLX_N, tmp);
1149                                 tcg_temp_free(tmp);
1150                             }
1151                             break;
1152                         }
1153                         break;
1154                     }
1155                     break;
1156 
1157                 case 1: /*MOVSPw*/
1158                     HAS_OPTION(XTENSA_OPTION_WINDOWED_REGISTER);
1159                     if (gen_window_check2(dc, RRR_T, RRR_S)) {
1160                         TCGv_i32 pc = tcg_const_i32(dc->pc);
1161                         gen_helper_movsp(cpu_env, pc);
1162                         tcg_gen_mov_i32(cpu_R[RRR_T], cpu_R[RRR_S]);
1163                         tcg_temp_free(pc);
1164                     }
1165                     break;
1166 
1167                 case 2: /*SYNC*/
1168                     switch (RRR_T) {
1169                     case 0: /*ISYNC*/
1170                         break;
1171 
1172                     case 1: /*RSYNC*/
1173                         break;
1174 
1175                     case 2: /*ESYNC*/
1176                         break;
1177 
1178                     case 3: /*DSYNC*/
1179                         break;
1180 
1181                     case 8: /*EXCW*/
1182                         HAS_OPTION(XTENSA_OPTION_EXCEPTION);
1183                         break;
1184 
1185                     case 12: /*MEMW*/
1186                         break;
1187 
1188                     case 13: /*EXTW*/
1189                         break;
1190 
1191                     case 15: /*NOP*/
1192                         break;
1193 
1194                     default: /*reserved*/
1195                         RESERVED();
1196                         break;
1197                     }
1198                     break;
1199 
1200                 case 3: /*RFEIx*/
1201                     switch (RRR_T) {
1202                     case 0: /*RFETx*/
1203                         HAS_OPTION(XTENSA_OPTION_EXCEPTION);
1204                         switch (RRR_S) {
1205                         case 0: /*RFEx*/
1206                             if (gen_check_privilege(dc)) {
1207                                 tcg_gen_andi_i32(cpu_SR[PS], cpu_SR[PS], ~PS_EXCM);
1208                                 gen_check_interrupts(dc);
1209                                 gen_jump(dc, cpu_SR[EPC1]);
1210                             }
1211                             break;
1212 
1213                         case 1: /*RFUEx*/
1214                             RESERVED();
1215                             break;
1216 
1217                         case 2: /*RFDEx*/
1218                             if (gen_check_privilege(dc)) {
1219                                 gen_jump(dc, cpu_SR[
1220                                          dc->config->ndepc ? DEPC : EPC1]);
1221                             }
1222                             break;
1223 
1224                         case 4: /*RFWOw*/
1225                         case 5: /*RFWUw*/
1226                             HAS_OPTION(XTENSA_OPTION_WINDOWED_REGISTER);
1227                             if (gen_check_privilege(dc)) {
1228                                 TCGv_i32 tmp = tcg_const_i32(1);
1229 
1230                                 tcg_gen_andi_i32(
1231                                         cpu_SR[PS], cpu_SR[PS], ~PS_EXCM);
1232                                 tcg_gen_shl_i32(tmp, tmp, cpu_SR[WINDOW_BASE]);
1233 
1234                                 if (RRR_S == 4) {
1235                                     tcg_gen_andc_i32(cpu_SR[WINDOW_START],
1236                                             cpu_SR[WINDOW_START], tmp);
1237                                 } else {
1238                                     tcg_gen_or_i32(cpu_SR[WINDOW_START],
1239                                             cpu_SR[WINDOW_START], tmp);
1240                                 }
1241 
1242                                 gen_helper_restore_owb(cpu_env);
1243                                 gen_check_interrupts(dc);
1244                                 gen_jump(dc, cpu_SR[EPC1]);
1245 
1246                                 tcg_temp_free(tmp);
1247                             }
1248                             break;
1249 
1250                         default: /*reserved*/
1251                             RESERVED();
1252                             break;
1253                         }
1254                         break;
1255 
1256                     case 1: /*RFIx*/
1257                         HAS_OPTION(XTENSA_OPTION_HIGH_PRIORITY_INTERRUPT);
1258                         if (RRR_S >= 2 && RRR_S <= dc->config->nlevel) {
1259                             if (gen_check_privilege(dc)) {
1260                                 tcg_gen_mov_i32(cpu_SR[PS],
1261                                                 cpu_SR[EPS2 + RRR_S - 2]);
1262                                 gen_check_interrupts(dc);
1263                                 gen_jump(dc, cpu_SR[EPC1 + RRR_S - 1]);
1264                             }
1265                         } else {
1266                             qemu_log_mask(LOG_GUEST_ERROR, "RFI %d is illegal\n", RRR_S);
1267                             gen_exception_cause(dc, ILLEGAL_INSTRUCTION_CAUSE);
1268                         }
1269                         break;
1270 
1271                     case 2: /*RFME*/
1272                         TBD();
1273                         break;
1274 
1275                     default: /*reserved*/
1276                         RESERVED();
1277                         break;
1278 
1279                     }
1280                     break;
1281 
1282                 case 4: /*BREAKx*/
1283                     HAS_OPTION(XTENSA_OPTION_DEBUG);
1284                     if (dc->debug) {
1285                         gen_debug_exception(dc, DEBUGCAUSE_BI);
1286                     }
1287                     break;
1288 
1289                 case 5: /*SYSCALLx*/
1290                     HAS_OPTION(XTENSA_OPTION_EXCEPTION);
1291                     switch (RRR_S) {
1292                     case 0: /*SYSCALLx*/
1293                         gen_exception_cause(dc, SYSCALL_CAUSE);
1294                         break;
1295 
1296                     case 1: /*SIMCALL*/
1297                         if (semihosting_enabled()) {
1298                             if (gen_check_privilege(dc)) {
1299                                 gen_helper_simcall(cpu_env);
1300                             }
1301                         } else {
1302                             qemu_log_mask(LOG_GUEST_ERROR, "SIMCALL but semihosting is disabled\n");
1303                             gen_exception_cause(dc, ILLEGAL_INSTRUCTION_CAUSE);
1304                         }
1305                         break;
1306 
1307                     default:
1308                         RESERVED();
1309                         break;
1310                     }
1311                     break;
1312 
1313                 case 6: /*RSILx*/
1314                     HAS_OPTION(XTENSA_OPTION_INTERRUPT);
1315                     if (gen_check_privilege(dc) &&
1316                         gen_window_check1(dc, RRR_T)) {
1317                         tcg_gen_mov_i32(cpu_R[RRR_T], cpu_SR[PS]);
1318                         tcg_gen_andi_i32(cpu_SR[PS], cpu_SR[PS], ~PS_INTLEVEL);
1319                         tcg_gen_ori_i32(cpu_SR[PS], cpu_SR[PS], RRR_S);
1320                         gen_check_interrupts(dc);
1321                         gen_jumpi_check_loop_end(dc, 0);
1322                     }
1323                     break;
1324 
1325                 case 7: /*WAITIx*/
1326                     HAS_OPTION(XTENSA_OPTION_INTERRUPT);
1327                     if (gen_check_privilege(dc)) {
1328                         gen_waiti(dc, RRR_S);
1329                     }
1330                     break;
1331 
1332                 case 8: /*ANY4p*/
1333                 case 9: /*ALL4p*/
1334                 case 10: /*ANY8p*/
1335                 case 11: /*ALL8p*/
1336                     HAS_OPTION(XTENSA_OPTION_BOOLEAN);
1337                     {
1338                         const unsigned shift = (RRR_R & 2) ? 8 : 4;
1339                         TCGv_i32 mask = tcg_const_i32(
1340                                 ((1 << shift) - 1) << RRR_S);
1341                         TCGv_i32 tmp = tcg_temp_new_i32();
1342 
1343                         tcg_gen_and_i32(tmp, cpu_SR[BR], mask);
1344                         if (RRR_R & 1) { /*ALL*/
1345                             tcg_gen_addi_i32(tmp, tmp, 1 << RRR_S);
1346                         } else { /*ANY*/
1347                             tcg_gen_add_i32(tmp, tmp, mask);
1348                         }
1349                         tcg_gen_shri_i32(tmp, tmp, RRR_S + shift);
1350                         tcg_gen_deposit_i32(cpu_SR[BR], cpu_SR[BR],
1351                                 tmp, RRR_T, 1);
1352                         tcg_temp_free(mask);
1353                         tcg_temp_free(tmp);
1354                     }
1355                     break;
1356 
1357                 default: /*reserved*/
1358                     RESERVED();
1359                     break;
1360 
1361                 }
1362                 break;
1363 
1364             case 1: /*AND*/
1365                 if (gen_window_check3(dc, RRR_R, RRR_S, RRR_T)) {
1366                     tcg_gen_and_i32(cpu_R[RRR_R], cpu_R[RRR_S], cpu_R[RRR_T]);
1367                 }
1368                 break;
1369 
1370             case 2: /*OR*/
1371                 if (gen_window_check3(dc, RRR_R, RRR_S, RRR_T)) {
1372                     tcg_gen_or_i32(cpu_R[RRR_R], cpu_R[RRR_S], cpu_R[RRR_T]);
1373                 }
1374                 break;
1375 
1376             case 3: /*XOR*/
1377                 if (gen_window_check3(dc, RRR_R, RRR_S, RRR_T)) {
1378                     tcg_gen_xor_i32(cpu_R[RRR_R], cpu_R[RRR_S], cpu_R[RRR_T]);
1379                 }
1380                 break;
1381 
1382             case 4: /*ST1*/
1383                 switch (RRR_R) {
1384                 case 0: /*SSR*/
1385                     if (gen_window_check1(dc, RRR_S)) {
1386                         gen_right_shift_sar(dc, cpu_R[RRR_S]);
1387                     }
1388                     break;
1389 
1390                 case 1: /*SSL*/
1391                     if (gen_window_check1(dc, RRR_S)) {
1392                         gen_left_shift_sar(dc, cpu_R[RRR_S]);
1393                     }
1394                     break;
1395 
1396                 case 2: /*SSA8L*/
1397                     if (gen_window_check1(dc, RRR_S)) {
1398                         TCGv_i32 tmp = tcg_temp_new_i32();
1399                         tcg_gen_shli_i32(tmp, cpu_R[RRR_S], 3);
1400                         gen_right_shift_sar(dc, tmp);
1401                         tcg_temp_free(tmp);
1402                     }
1403                     break;
1404 
1405                 case 3: /*SSA8B*/
1406                     if (gen_window_check1(dc, RRR_S)) {
1407                         TCGv_i32 tmp = tcg_temp_new_i32();
1408                         tcg_gen_shli_i32(tmp, cpu_R[RRR_S], 3);
1409                         gen_left_shift_sar(dc, tmp);
1410                         tcg_temp_free(tmp);
1411                     }
1412                     break;
1413 
1414                 case 4: /*SSAI*/
1415                     {
1416                         TCGv_i32 tmp = tcg_const_i32(
1417                                 RRR_S | ((RRR_T & 1) << 4));
1418                         gen_right_shift_sar(dc, tmp);
1419                         tcg_temp_free(tmp);
1420                     }
1421                     break;
1422 
1423                 case 6: /*RER*/
1424                     HAS_OPTION(XTENSA_OPTION_EXTERN_REGS);
1425                     if (gen_check_privilege(dc) &&
1426                         gen_window_check2(dc, RRR_S, RRR_T)) {
1427                         gen_helper_rer(cpu_R[RRR_T], cpu_env, cpu_R[RRR_S]);
1428                     }
1429                     break;
1430 
1431                 case 7: /*WER*/
1432                     HAS_OPTION(XTENSA_OPTION_EXTERN_REGS);
1433                     if (gen_check_privilege(dc) &&
1434                         gen_window_check2(dc, RRR_S, RRR_T)) {
1435                         gen_helper_wer(cpu_env, cpu_R[RRR_T], cpu_R[RRR_S]);
1436                     }
1437                     break;
1438 
1439                 case 8: /*ROTWw*/
1440                     HAS_OPTION(XTENSA_OPTION_WINDOWED_REGISTER);
1441                     if (gen_check_privilege(dc)) {
1442                         TCGv_i32 tmp = tcg_const_i32(
1443                                 RRR_T | ((RRR_T & 8) ? 0xfffffff0 : 0));
1444                         gen_helper_rotw(cpu_env, tmp);
1445                         tcg_temp_free(tmp);
1446                         /* This can change tb->flags, so exit tb */
1447                         gen_jumpi_check_loop_end(dc, -1);
1448                     }
1449                     break;
1450 
1451                 case 14: /*NSAu*/
1452                     HAS_OPTION(XTENSA_OPTION_MISC_OP_NSA);
1453                     if (gen_window_check2(dc, RRR_S, RRR_T)) {
1454                         tcg_gen_clrsb_i32(cpu_R[RRR_T], cpu_R[RRR_S]);
1455                     }
1456                     break;
1457 
1458                 case 15: /*NSAUu*/
1459                     HAS_OPTION(XTENSA_OPTION_MISC_OP_NSA);
1460                     if (gen_window_check2(dc, RRR_S, RRR_T)) {
1461                         tcg_gen_clzi_i32(cpu_R[RRR_T], cpu_R[RRR_S], 32);
1462                     }
1463                     break;
1464 
1465                 default: /*reserved*/
1466                     RESERVED();
1467                     break;
1468                 }
1469                 break;
1470 
1471             case 5: /*TLB*/
1472                 HAS_OPTION_BITS(
1473                         XTENSA_OPTION_BIT(XTENSA_OPTION_MMU) |
1474                         XTENSA_OPTION_BIT(XTENSA_OPTION_REGION_PROTECTION) |
1475                         XTENSA_OPTION_BIT(XTENSA_OPTION_REGION_TRANSLATION));
1476                 if (gen_check_privilege(dc) &&
1477                     gen_window_check2(dc, RRR_S, RRR_T)) {
1478                     TCGv_i32 dtlb = tcg_const_i32((RRR_R & 8) != 0);
1479 
1480                     switch (RRR_R & 7) {
1481                     case 3: /*RITLB0*/ /*RDTLB0*/
1482                         gen_helper_rtlb0(cpu_R[RRR_T],
1483                                 cpu_env, cpu_R[RRR_S], dtlb);
1484                         break;
1485 
1486                     case 4: /*IITLB*/ /*IDTLB*/
1487                         gen_helper_itlb(cpu_env, cpu_R[RRR_S], dtlb);
1488                         /* This could change memory mapping, so exit tb */
1489                         gen_jumpi_check_loop_end(dc, -1);
1490                         break;
1491 
1492                     case 5: /*PITLB*/ /*PDTLB*/
1493                         tcg_gen_movi_i32(cpu_pc, dc->pc);
1494                         gen_helper_ptlb(cpu_R[RRR_T],
1495                                 cpu_env, cpu_R[RRR_S], dtlb);
1496                         break;
1497 
1498                     case 6: /*WITLB*/ /*WDTLB*/
1499                         gen_helper_wtlb(
1500                                 cpu_env, cpu_R[RRR_T], cpu_R[RRR_S], dtlb);
1501                         /* This could change memory mapping, so exit tb */
1502                         gen_jumpi_check_loop_end(dc, -1);
1503                         break;
1504 
1505                     case 7: /*RITLB1*/ /*RDTLB1*/
1506                         gen_helper_rtlb1(cpu_R[RRR_T],
1507                                 cpu_env, cpu_R[RRR_S], dtlb);
1508                         break;
1509 
1510                     default:
1511                         tcg_temp_free(dtlb);
1512                         RESERVED();
1513                         break;
1514                     }
1515                     tcg_temp_free(dtlb);
1516                 }
1517                 break;
1518 
1519             case 6: /*RT0*/
1520                 if (!gen_window_check2(dc, RRR_R, RRR_T)) {
1521                     break;
1522                 }
1523                 switch (RRR_S) {
1524                 case 0: /*NEG*/
1525                     tcg_gen_neg_i32(cpu_R[RRR_R], cpu_R[RRR_T]);
1526                     break;
1527 
1528                 case 1: /*ABS*/
1529                     {
1530                         TCGv_i32 zero = tcg_const_i32(0);
1531                         TCGv_i32 neg = tcg_temp_new_i32();
1532 
1533                         tcg_gen_neg_i32(neg, cpu_R[RRR_T]);
1534                         tcg_gen_movcond_i32(TCG_COND_GE, cpu_R[RRR_R],
1535                                 cpu_R[RRR_T], zero, cpu_R[RRR_T], neg);
1536                         tcg_temp_free(neg);
1537                         tcg_temp_free(zero);
1538                     }
1539                     break;
1540 
1541                 default: /*reserved*/
1542                     RESERVED();
1543                     break;
1544                 }
1545                 break;
1546 
1547             case 7: /*reserved*/
1548                 RESERVED();
1549                 break;
1550 
1551             case 8: /*ADD*/
1552                 if (gen_window_check3(dc, RRR_R, RRR_S, RRR_T)) {
1553                     tcg_gen_add_i32(cpu_R[RRR_R], cpu_R[RRR_S], cpu_R[RRR_T]);
1554                 }
1555                 break;
1556 
1557             case 9: /*ADD**/
1558             case 10:
1559             case 11:
1560                 if (gen_window_check3(dc, RRR_R, RRR_S, RRR_T)) {
1561                     TCGv_i32 tmp = tcg_temp_new_i32();
1562                     tcg_gen_shli_i32(tmp, cpu_R[RRR_S], OP2 - 8);
1563                     tcg_gen_add_i32(cpu_R[RRR_R], tmp, cpu_R[RRR_T]);
1564                     tcg_temp_free(tmp);
1565                 }
1566                 break;
1567 
1568             case 12: /*SUB*/
1569                 if (gen_window_check3(dc, RRR_R, RRR_S, RRR_T)) {
1570                     tcg_gen_sub_i32(cpu_R[RRR_R], cpu_R[RRR_S], cpu_R[RRR_T]);
1571                 }
1572                 break;
1573 
1574             case 13: /*SUB**/
1575             case 14:
1576             case 15:
1577                 if (gen_window_check3(dc, RRR_R, RRR_S, RRR_T)) {
1578                     TCGv_i32 tmp = tcg_temp_new_i32();
1579                     tcg_gen_shli_i32(tmp, cpu_R[RRR_S], OP2 - 12);
1580                     tcg_gen_sub_i32(cpu_R[RRR_R], tmp, cpu_R[RRR_T]);
1581                     tcg_temp_free(tmp);
1582                 }
1583                 break;
1584             }
1585             break;
1586 
1587         case 1: /*RST1*/
1588             switch (OP2) {
1589             case 0: /*SLLI*/
1590             case 1:
1591                 if (gen_window_check2(dc, RRR_R, RRR_S)) {
1592                     tcg_gen_shli_i32(cpu_R[RRR_R], cpu_R[RRR_S],
1593                                      32 - (RRR_T | ((OP2 & 1) << 4)));
1594                 }
1595                 break;
1596 
1597             case 2: /*SRAI*/
1598             case 3:
1599                 if (gen_window_check2(dc, RRR_R, RRR_T)) {
1600                     tcg_gen_sari_i32(cpu_R[RRR_R], cpu_R[RRR_T],
1601                                      RRR_S | ((OP2 & 1) << 4));
1602                 }
1603                 break;
1604 
1605             case 4: /*SRLI*/
1606                 if (gen_window_check2(dc, RRR_R, RRR_T)) {
1607                     tcg_gen_shri_i32(cpu_R[RRR_R], cpu_R[RRR_T], RRR_S);
1608                 }
1609                 break;
1610 
1611             case 6: /*XSR*/
1612                 if (gen_check_sr(dc, RSR_SR, SR_X) &&
1613                     (RSR_SR < 64 || gen_check_privilege(dc)) &&
1614                     gen_window_check1(dc, RRR_T)) {
1615                     TCGv_i32 tmp = tcg_temp_new_i32();
1616                     bool rsr_end, wsr_end;
1617 
1618                     tcg_gen_mov_i32(tmp, cpu_R[RRR_T]);
1619                     rsr_end = gen_rsr(dc, cpu_R[RRR_T], RSR_SR);
1620                     wsr_end = gen_wsr(dc, RSR_SR, tmp);
1621                     tcg_temp_free(tmp);
1622                     if (rsr_end && !wsr_end) {
1623                         gen_jumpi_check_loop_end(dc, 0);
1624                     }
1625                 }
1626                 break;
1627 
1628                 /*
1629                  * Note: 64 bit ops are used here solely because SAR values
1630                  * have range 0..63
1631                  */
1632 #define gen_shift_reg(cmd, reg) do { \
1633                     TCGv_i64 tmp = tcg_temp_new_i64(); \
1634                     tcg_gen_extu_i32_i64(tmp, reg); \
1635                     tcg_gen_##cmd##_i64(v, v, tmp); \
1636                     tcg_gen_extrl_i64_i32(cpu_R[RRR_R], v); \
1637                     tcg_temp_free_i64(v); \
1638                     tcg_temp_free_i64(tmp); \
1639                 } while (0)
1640 
1641 #define gen_shift(cmd) gen_shift_reg(cmd, cpu_SR[SAR])
1642 
1643             case 8: /*SRC*/
1644                 if (gen_window_check3(dc, RRR_R, RRR_S, RRR_T)) {
1645                     TCGv_i64 v = tcg_temp_new_i64();
1646                     tcg_gen_concat_i32_i64(v, cpu_R[RRR_T], cpu_R[RRR_S]);
1647                     gen_shift(shr);
1648                 }
1649                 break;
1650 
1651             case 9: /*SRL*/
1652                 if (!gen_window_check2(dc, RRR_R, RRR_T)) {
1653                     break;
1654                 }
1655                 if (dc->sar_5bit) {
1656                     tcg_gen_shr_i32(cpu_R[RRR_R], cpu_R[RRR_T], cpu_SR[SAR]);
1657                 } else {
1658                     TCGv_i64 v = tcg_temp_new_i64();
1659                     tcg_gen_extu_i32_i64(v, cpu_R[RRR_T]);
1660                     gen_shift(shr);
1661                 }
1662                 break;
1663 
1664             case 10: /*SLL*/
1665                 if (!gen_window_check2(dc, RRR_R, RRR_S)) {
1666                     break;
1667                 }
1668                 if (dc->sar_m32_5bit) {
1669                     tcg_gen_shl_i32(cpu_R[RRR_R], cpu_R[RRR_S], dc->sar_m32);
1670                 } else {
1671                     TCGv_i64 v = tcg_temp_new_i64();
1672                     TCGv_i32 s = tcg_const_i32(32);
1673                     tcg_gen_sub_i32(s, s, cpu_SR[SAR]);
1674                     tcg_gen_andi_i32(s, s, 0x3f);
1675                     tcg_gen_extu_i32_i64(v, cpu_R[RRR_S]);
1676                     gen_shift_reg(shl, s);
1677                     tcg_temp_free(s);
1678                 }
1679                 break;
1680 
1681             case 11: /*SRA*/
1682                 if (!gen_window_check2(dc, RRR_R, RRR_T)) {
1683                     break;
1684                 }
1685                 if (dc->sar_5bit) {
1686                     tcg_gen_sar_i32(cpu_R[RRR_R], cpu_R[RRR_T], cpu_SR[SAR]);
1687                 } else {
1688                     TCGv_i64 v = tcg_temp_new_i64();
1689                     tcg_gen_ext_i32_i64(v, cpu_R[RRR_T]);
1690                     gen_shift(sar);
1691                 }
1692                 break;
1693 #undef gen_shift
1694 #undef gen_shift_reg
1695 
1696             case 12: /*MUL16U*/
1697                 HAS_OPTION(XTENSA_OPTION_16_BIT_IMUL);
1698                 if (gen_window_check3(dc, RRR_R, RRR_S, RRR_T)) {
1699                     TCGv_i32 v1 = tcg_temp_new_i32();
1700                     TCGv_i32 v2 = tcg_temp_new_i32();
1701                     tcg_gen_ext16u_i32(v1, cpu_R[RRR_S]);
1702                     tcg_gen_ext16u_i32(v2, cpu_R[RRR_T]);
1703                     tcg_gen_mul_i32(cpu_R[RRR_R], v1, v2);
1704                     tcg_temp_free(v2);
1705                     tcg_temp_free(v1);
1706                 }
1707                 break;
1708 
1709             case 13: /*MUL16S*/
1710                 HAS_OPTION(XTENSA_OPTION_16_BIT_IMUL);
1711                 if (gen_window_check3(dc, RRR_R, RRR_S, RRR_T)) {
1712                     TCGv_i32 v1 = tcg_temp_new_i32();
1713                     TCGv_i32 v2 = tcg_temp_new_i32();
1714                     tcg_gen_ext16s_i32(v1, cpu_R[RRR_S]);
1715                     tcg_gen_ext16s_i32(v2, cpu_R[RRR_T]);
1716                     tcg_gen_mul_i32(cpu_R[RRR_R], v1, v2);
1717                     tcg_temp_free(v2);
1718                     tcg_temp_free(v1);
1719                 }
1720                 break;
1721 
1722             default: /*reserved*/
1723                 RESERVED();
1724                 break;
1725             }
1726             break;
1727 
1728         case 2: /*RST2*/
1729             if (OP2 >= 8 && !gen_window_check3(dc, RRR_R, RRR_S, RRR_T)) {
1730                 break;
1731             }
1732 
1733             if (OP2 >= 12) {
1734                 HAS_OPTION(XTENSA_OPTION_32_BIT_IDIV);
1735                 TCGLabel *label = gen_new_label();
1736                 tcg_gen_brcondi_i32(TCG_COND_NE, cpu_R[RRR_T], 0, label);
1737                 gen_exception_cause(dc, INTEGER_DIVIDE_BY_ZERO_CAUSE);
1738                 gen_set_label(label);
1739             }
1740 
1741             switch (OP2) {
1742 #define BOOLEAN_LOGIC(fn, r, s, t) \
1743                 do { \
1744                     HAS_OPTION(XTENSA_OPTION_BOOLEAN); \
1745                     TCGv_i32 tmp1 = tcg_temp_new_i32(); \
1746                     TCGv_i32 tmp2 = tcg_temp_new_i32(); \
1747                     \
1748                     tcg_gen_shri_i32(tmp1, cpu_SR[BR], s); \
1749                     tcg_gen_shri_i32(tmp2, cpu_SR[BR], t); \
1750                     tcg_gen_##fn##_i32(tmp1, tmp1, tmp2); \
1751                     tcg_gen_deposit_i32(cpu_SR[BR], cpu_SR[BR], tmp1, r, 1); \
1752                     tcg_temp_free(tmp1); \
1753                     tcg_temp_free(tmp2); \
1754                 } while (0)
1755 
1756             case 0: /*ANDBp*/
1757                 BOOLEAN_LOGIC(and, RRR_R, RRR_S, RRR_T);
1758                 break;
1759 
1760             case 1: /*ANDBCp*/
1761                 BOOLEAN_LOGIC(andc, RRR_R, RRR_S, RRR_T);
1762                 break;
1763 
1764             case 2: /*ORBp*/
1765                 BOOLEAN_LOGIC(or, RRR_R, RRR_S, RRR_T);
1766                 break;
1767 
1768             case 3: /*ORBCp*/
1769                 BOOLEAN_LOGIC(orc, RRR_R, RRR_S, RRR_T);
1770                 break;
1771 
1772             case 4: /*XORBp*/
1773                 BOOLEAN_LOGIC(xor, RRR_R, RRR_S, RRR_T);
1774                 break;
1775 
1776 #undef BOOLEAN_LOGIC
1777 
1778             case 8: /*MULLi*/
1779                 HAS_OPTION(XTENSA_OPTION_32_BIT_IMUL);
1780                 tcg_gen_mul_i32(cpu_R[RRR_R], cpu_R[RRR_S], cpu_R[RRR_T]);
1781                 break;
1782 
1783             case 10: /*MULUHi*/
1784             case 11: /*MULSHi*/
1785                 HAS_OPTION(XTENSA_OPTION_32_BIT_IMUL_HIGH);
1786                 {
1787                     TCGv lo = tcg_temp_new();
1788 
1789                     if (OP2 == 10) {
1790                         tcg_gen_mulu2_i32(lo, cpu_R[RRR_R],
1791                                           cpu_R[RRR_S], cpu_R[RRR_T]);
1792                     } else {
1793                         tcg_gen_muls2_i32(lo, cpu_R[RRR_R],
1794                                           cpu_R[RRR_S], cpu_R[RRR_T]);
1795                     }
1796                     tcg_temp_free(lo);
1797                 }
1798                 break;
1799 
1800             case 12: /*QUOUi*/
1801                 tcg_gen_divu_i32(cpu_R[RRR_R], cpu_R[RRR_S], cpu_R[RRR_T]);
1802                 break;
1803 
1804             case 13: /*QUOSi*/
1805             case 15: /*REMSi*/
1806                 {
1807                     TCGLabel *label1 = gen_new_label();
1808                     TCGLabel *label2 = gen_new_label();
1809 
1810                     tcg_gen_brcondi_i32(TCG_COND_NE, cpu_R[RRR_S], 0x80000000,
1811                             label1);
1812                     tcg_gen_brcondi_i32(TCG_COND_NE, cpu_R[RRR_T], 0xffffffff,
1813                             label1);
1814                     tcg_gen_movi_i32(cpu_R[RRR_R],
1815                             OP2 == 13 ? 0x80000000 : 0);
1816                     tcg_gen_br(label2);
1817                     gen_set_label(label1);
1818                     if (OP2 == 13) {
1819                         tcg_gen_div_i32(cpu_R[RRR_R],
1820                                 cpu_R[RRR_S], cpu_R[RRR_T]);
1821                     } else {
1822                         tcg_gen_rem_i32(cpu_R[RRR_R],
1823                                 cpu_R[RRR_S], cpu_R[RRR_T]);
1824                     }
1825                     gen_set_label(label2);
1826                 }
1827                 break;
1828 
1829             case 14: /*REMUi*/
1830                 tcg_gen_remu_i32(cpu_R[RRR_R], cpu_R[RRR_S], cpu_R[RRR_T]);
1831                 break;
1832 
1833             default: /*reserved*/
1834                 RESERVED();
1835                 break;
1836             }
1837             break;
1838 
1839         case 3: /*RST3*/
1840             switch (OP2) {
1841             case 0: /*RSR*/
1842                 if (gen_check_sr(dc, RSR_SR, SR_R) &&
1843                     (RSR_SR < 64 || gen_check_privilege(dc)) &&
1844                     gen_window_check1(dc, RRR_T)) {
1845                     if (gen_rsr(dc, cpu_R[RRR_T], RSR_SR)) {
1846                         gen_jumpi_check_loop_end(dc, 0);
1847                     }
1848                 }
1849                 break;
1850 
1851             case 1: /*WSR*/
1852                 if (gen_check_sr(dc, RSR_SR, SR_W) &&
1853                     (RSR_SR < 64 || gen_check_privilege(dc)) &&
1854                     gen_window_check1(dc, RRR_T)) {
1855                     gen_wsr(dc, RSR_SR, cpu_R[RRR_T]);
1856                 }
1857                 break;
1858 
1859             case 2: /*SEXTu*/
1860                 HAS_OPTION(XTENSA_OPTION_MISC_OP_SEXT);
1861                 if (gen_window_check2(dc, RRR_R, RRR_S)) {
1862                     int shift = 24 - RRR_T;
1863 
1864                     if (shift == 24) {
1865                         tcg_gen_ext8s_i32(cpu_R[RRR_R], cpu_R[RRR_S]);
1866                     } else if (shift == 16) {
1867                         tcg_gen_ext16s_i32(cpu_R[RRR_R], cpu_R[RRR_S]);
1868                     } else {
1869                         TCGv_i32 tmp = tcg_temp_new_i32();
1870                         tcg_gen_shli_i32(tmp, cpu_R[RRR_S], shift);
1871                         tcg_gen_sari_i32(cpu_R[RRR_R], tmp, shift);
1872                         tcg_temp_free(tmp);
1873                     }
1874                 }
1875                 break;
1876 
1877             case 3: /*CLAMPSu*/
1878                 HAS_OPTION(XTENSA_OPTION_MISC_OP_CLAMPS);
1879                 if (gen_window_check2(dc, RRR_R, RRR_S)) {
1880                     TCGv_i32 tmp1 = tcg_temp_new_i32();
1881                     TCGv_i32 tmp2 = tcg_temp_new_i32();
1882                     TCGv_i32 zero = tcg_const_i32(0);
1883 
1884                     tcg_gen_sari_i32(tmp1, cpu_R[RRR_S], 24 - RRR_T);
1885                     tcg_gen_xor_i32(tmp2, tmp1, cpu_R[RRR_S]);
1886                     tcg_gen_andi_i32(tmp2, tmp2, 0xffffffff << (RRR_T + 7));
1887 
1888                     tcg_gen_sari_i32(tmp1, cpu_R[RRR_S], 31);
1889                     tcg_gen_xori_i32(tmp1, tmp1, 0xffffffff >> (25 - RRR_T));
1890 
1891                     tcg_gen_movcond_i32(TCG_COND_EQ, cpu_R[RRR_R], tmp2, zero,
1892                             cpu_R[RRR_S], tmp1);
1893                     tcg_temp_free(tmp1);
1894                     tcg_temp_free(tmp2);
1895                     tcg_temp_free(zero);
1896                 }
1897                 break;
1898 
1899             case 4: /*MINu*/
1900             case 5: /*MAXu*/
1901             case 6: /*MINUu*/
1902             case 7: /*MAXUu*/
1903                 HAS_OPTION(XTENSA_OPTION_MISC_OP_MINMAX);
1904                 if (gen_window_check3(dc, RRR_R, RRR_S, RRR_T)) {
1905                     static const TCGCond cond[] = {
1906                         TCG_COND_LE,
1907                         TCG_COND_GE,
1908                         TCG_COND_LEU,
1909                         TCG_COND_GEU
1910                     };
1911                     tcg_gen_movcond_i32(cond[OP2 - 4], cpu_R[RRR_R],
1912                             cpu_R[RRR_S], cpu_R[RRR_T],
1913                             cpu_R[RRR_S], cpu_R[RRR_T]);
1914                 }
1915                 break;
1916 
1917             case 8: /*MOVEQZ*/
1918             case 9: /*MOVNEZ*/
1919             case 10: /*MOVLTZ*/
1920             case 11: /*MOVGEZ*/
1921                 if (gen_window_check3(dc, RRR_R, RRR_S, RRR_T)) {
1922                     static const TCGCond cond[] = {
1923                         TCG_COND_EQ,
1924                         TCG_COND_NE,
1925                         TCG_COND_LT,
1926                         TCG_COND_GE,
1927                     };
1928                     TCGv_i32 zero = tcg_const_i32(0);
1929 
1930                     tcg_gen_movcond_i32(cond[OP2 - 8], cpu_R[RRR_R],
1931                             cpu_R[RRR_T], zero, cpu_R[RRR_S], cpu_R[RRR_R]);
1932                     tcg_temp_free(zero);
1933                 }
1934                 break;
1935 
1936             case 12: /*MOVFp*/
1937             case 13: /*MOVTp*/
1938                 HAS_OPTION(XTENSA_OPTION_BOOLEAN);
1939                 if (gen_window_check2(dc, RRR_R, RRR_S)) {
1940                     TCGv_i32 zero = tcg_const_i32(0);
1941                     TCGv_i32 tmp = tcg_temp_new_i32();
1942 
1943                     tcg_gen_andi_i32(tmp, cpu_SR[BR], 1 << RRR_T);
1944                     tcg_gen_movcond_i32(OP2 & 1 ? TCG_COND_NE : TCG_COND_EQ,
1945                             cpu_R[RRR_R], tmp, zero,
1946                             cpu_R[RRR_S], cpu_R[RRR_R]);
1947 
1948                     tcg_temp_free(tmp);
1949                     tcg_temp_free(zero);
1950                 }
1951                 break;
1952 
1953             case 14: /*RUR*/
1954                 if (gen_window_check1(dc, RRR_R)) {
1955                     int st = (RRR_S << 4) + RRR_T;
1956                     if (uregnames[st].name) {
1957                         tcg_gen_mov_i32(cpu_R[RRR_R], cpu_UR[st]);
1958                     } else {
1959                         qemu_log_mask(LOG_UNIMP, "RUR %d not implemented, ", st);
1960                         TBD();
1961                     }
1962                 }
1963                 break;
1964 
1965             case 15: /*WUR*/
1966                 if (gen_window_check1(dc, RRR_T)) {
1967                     if (uregnames[RSR_SR].name) {
1968                         gen_wur(RSR_SR, cpu_R[RRR_T]);
1969                     } else {
1970                         qemu_log_mask(LOG_UNIMP, "WUR %d not implemented, ", RSR_SR);
1971                         TBD();
1972                     }
1973                 }
1974                 break;
1975 
1976             }
1977             break;
1978 
1979         case 4: /*EXTUI*/
1980         case 5:
1981             if (gen_window_check2(dc, RRR_R, RRR_T)) {
1982                 int shiftimm = RRR_S | ((OP1 & 1) << 4);
1983                 int maskimm = (1 << (OP2 + 1)) - 1;
1984 
1985                 TCGv_i32 tmp = tcg_temp_new_i32();
1986                 tcg_gen_shri_i32(tmp, cpu_R[RRR_T], shiftimm);
1987                 tcg_gen_andi_i32(cpu_R[RRR_R], tmp, maskimm);
1988                 tcg_temp_free(tmp);
1989             }
1990             break;
1991 
1992         case 6: /*CUST0*/
1993             RESERVED();
1994             break;
1995 
1996         case 7: /*CUST1*/
1997             RESERVED();
1998             break;
1999 
2000         case 8: /*LSCXp*/
2001             switch (OP2) {
2002             case 0: /*LSXf*/
2003             case 1: /*LSXUf*/
2004             case 4: /*SSXf*/
2005             case 5: /*SSXUf*/
2006                 HAS_OPTION(XTENSA_OPTION_FP_COPROCESSOR);
2007                 if (gen_window_check2(dc, RRR_S, RRR_T) &&
2008                     gen_check_cpenable(dc, 0)) {
2009                     TCGv_i32 addr = tcg_temp_new_i32();
2010                     tcg_gen_add_i32(addr, cpu_R[RRR_S], cpu_R[RRR_T]);
2011                     gen_load_store_alignment(dc, 2, addr, false);
2012                     if (OP2 & 0x4) {
2013                         tcg_gen_qemu_st32(cpu_FR[RRR_R], addr, dc->cring);
2014                     } else {
2015                         tcg_gen_qemu_ld32u(cpu_FR[RRR_R], addr, dc->cring);
2016                     }
2017                     if (OP2 & 0x1) {
2018                         tcg_gen_mov_i32(cpu_R[RRR_S], addr);
2019                     }
2020                     tcg_temp_free(addr);
2021                 }
2022                 break;
2023 
2024             default: /*reserved*/
2025                 RESERVED();
2026                 break;
2027             }
2028             break;
2029 
2030         case 9: /*LSC4*/
2031             if (!gen_window_check2(dc, RRR_S, RRR_T)) {
2032                 break;
2033             }
2034             switch (OP2) {
2035             case 0: /*L32E*/
2036                 HAS_OPTION(XTENSA_OPTION_WINDOWED_REGISTER);
2037                 if (gen_check_privilege(dc) &&
2038                     gen_window_check2(dc, RRR_S, RRR_T)) {
2039                     TCGv_i32 addr = tcg_temp_new_i32();
2040                     tcg_gen_addi_i32(addr, cpu_R[RRR_S],
2041                             (0xffffffc0 | (RRR_R << 2)));
2042                     tcg_gen_qemu_ld32u(cpu_R[RRR_T], addr, dc->ring);
2043                     tcg_temp_free(addr);
2044                 }
2045                 break;
2046 
2047             case 4: /*S32E*/
2048                 HAS_OPTION(XTENSA_OPTION_WINDOWED_REGISTER);
2049                 if (gen_check_privilege(dc) &&
2050                     gen_window_check2(dc, RRR_S, RRR_T)) {
2051                     TCGv_i32 addr = tcg_temp_new_i32();
2052                     tcg_gen_addi_i32(addr, cpu_R[RRR_S],
2053                             (0xffffffc0 | (RRR_R << 2)));
2054                     tcg_gen_qemu_st32(cpu_R[RRR_T], addr, dc->ring);
2055                     tcg_temp_free(addr);
2056                 }
2057                 break;
2058 
2059             case 5: /*S32N*/
2060                 if (gen_window_check2(dc, RRI4_S, RRI4_T)) {
2061                     TCGv_i32 addr = tcg_temp_new_i32();
2062 
2063                     tcg_gen_addi_i32(addr, cpu_R[RRI4_S], RRI4_IMM4 << 2);
2064                     gen_load_store_alignment(dc, 2, addr, false);
2065                     tcg_gen_qemu_st32(cpu_R[RRI4_T], addr, dc->cring);
2066                     tcg_temp_free(addr);
2067                 }
2068                 break;
2069 
2070             default:
2071                 RESERVED();
2072                 break;
2073             }
2074             break;
2075 
2076         case 10: /*FP0*/
2077             /*DEPBITS*/
2078             if (option_enabled(dc, XTENSA_OPTION_DEPBITS)) {
2079                 if (!gen_window_check2(dc, RRR_S, RRR_T)) {
2080                     break;
2081                 }
2082                 tcg_gen_deposit_i32(cpu_R[RRR_T], cpu_R[RRR_T], cpu_R[RRR_S],
2083                                     OP2, RRR_R + 1);
2084                 break;
2085             }
2086 
2087             HAS_OPTION(XTENSA_OPTION_FP_COPROCESSOR);
2088             switch (OP2) {
2089             case 0: /*ADD.Sf*/
2090                 if (gen_check_cpenable(dc, 0)) {
2091                     gen_helper_add_s(cpu_FR[RRR_R], cpu_env,
2092                                      cpu_FR[RRR_S], cpu_FR[RRR_T]);
2093                 }
2094                 break;
2095 
2096             case 1: /*SUB.Sf*/
2097                 if (gen_check_cpenable(dc, 0)) {
2098                     gen_helper_sub_s(cpu_FR[RRR_R], cpu_env,
2099                                      cpu_FR[RRR_S], cpu_FR[RRR_T]);
2100                 }
2101                 break;
2102 
2103             case 2: /*MUL.Sf*/
2104                 if (gen_check_cpenable(dc, 0)) {
2105                     gen_helper_mul_s(cpu_FR[RRR_R], cpu_env,
2106                                      cpu_FR[RRR_S], cpu_FR[RRR_T]);
2107                 }
2108                 break;
2109 
2110             case 4: /*MADD.Sf*/
2111                 if (gen_check_cpenable(dc, 0)) {
2112                     gen_helper_madd_s(cpu_FR[RRR_R], cpu_env,
2113                                       cpu_FR[RRR_R], cpu_FR[RRR_S],
2114                                       cpu_FR[RRR_T]);
2115                 }
2116                 break;
2117 
2118             case 5: /*MSUB.Sf*/
2119                 if (gen_check_cpenable(dc, 0)) {
2120                     gen_helper_msub_s(cpu_FR[RRR_R], cpu_env,
2121                                       cpu_FR[RRR_R], cpu_FR[RRR_S],
2122                                       cpu_FR[RRR_T]);
2123                 }
2124                 break;
2125 
2126             case 8: /*ROUND.Sf*/
2127             case 9: /*TRUNC.Sf*/
2128             case 10: /*FLOOR.Sf*/
2129             case 11: /*CEIL.Sf*/
2130             case 14: /*UTRUNC.Sf*/
2131                 if (gen_window_check1(dc, RRR_R) &&
2132                     gen_check_cpenable(dc, 0)) {
2133                     static const unsigned rounding_mode_const[] = {
2134                         float_round_nearest_even,
2135                         float_round_to_zero,
2136                         float_round_down,
2137                         float_round_up,
2138                         [6] = float_round_to_zero,
2139                     };
2140                     TCGv_i32 rounding_mode = tcg_const_i32(
2141                             rounding_mode_const[OP2 & 7]);
2142                     TCGv_i32 scale = tcg_const_i32(RRR_T);
2143 
2144                     if (OP2 == 14) {
2145                         gen_helper_ftoui(cpu_R[RRR_R], cpu_FR[RRR_S],
2146                                 rounding_mode, scale);
2147                     } else {
2148                         gen_helper_ftoi(cpu_R[RRR_R], cpu_FR[RRR_S],
2149                                 rounding_mode, scale);
2150                     }
2151 
2152                     tcg_temp_free(rounding_mode);
2153                     tcg_temp_free(scale);
2154                 }
2155                 break;
2156 
2157             case 12: /*FLOAT.Sf*/
2158             case 13: /*UFLOAT.Sf*/
2159                 if (gen_window_check1(dc, RRR_S) &&
2160                     gen_check_cpenable(dc, 0)) {
2161                     TCGv_i32 scale = tcg_const_i32(-RRR_T);
2162 
2163                     if (OP2 == 13) {
2164                         gen_helper_uitof(cpu_FR[RRR_R], cpu_env,
2165                                 cpu_R[RRR_S], scale);
2166                     } else {
2167                         gen_helper_itof(cpu_FR[RRR_R], cpu_env,
2168                                 cpu_R[RRR_S], scale);
2169                     }
2170                     tcg_temp_free(scale);
2171                 }
2172                 break;
2173 
2174             case 15: /*FP1OP*/
2175                 switch (RRR_T) {
2176                 case 0: /*MOV.Sf*/
2177                     if (gen_check_cpenable(dc, 0)) {
2178                         tcg_gen_mov_i32(cpu_FR[RRR_R], cpu_FR[RRR_S]);
2179                     }
2180                     break;
2181 
2182                 case 1: /*ABS.Sf*/
2183                     if (gen_check_cpenable(dc, 0)) {
2184                         gen_helper_abs_s(cpu_FR[RRR_R], cpu_FR[RRR_S]);
2185                     }
2186                     break;
2187 
2188                 case 4: /*RFRf*/
2189                     if (gen_window_check1(dc, RRR_R) &&
2190                         gen_check_cpenable(dc, 0)) {
2191                         tcg_gen_mov_i32(cpu_R[RRR_R], cpu_FR[RRR_S]);
2192                     }
2193                     break;
2194 
2195                 case 5: /*WFRf*/
2196                     if (gen_window_check1(dc, RRR_S) &&
2197                         gen_check_cpenable(dc, 0)) {
2198                         tcg_gen_mov_i32(cpu_FR[RRR_R], cpu_R[RRR_S]);
2199                     }
2200                     break;
2201 
2202                 case 6: /*NEG.Sf*/
2203                     if (gen_check_cpenable(dc, 0)) {
2204                         gen_helper_neg_s(cpu_FR[RRR_R], cpu_FR[RRR_S]);
2205                     }
2206                     break;
2207 
2208                 default: /*reserved*/
2209                     RESERVED();
2210                     break;
2211                 }
2212                 break;
2213 
2214             default: /*reserved*/
2215                 RESERVED();
2216                 break;
2217             }
2218             break;
2219 
2220         case 11: /*FP1*/
2221             /*DEPBITS*/
2222             if (option_enabled(dc, XTENSA_OPTION_DEPBITS)) {
2223                 if (!gen_window_check2(dc, RRR_S, RRR_T)) {
2224                     break;
2225                 }
2226                 tcg_gen_deposit_i32(cpu_R[RRR_T], cpu_R[RRR_T], cpu_R[RRR_S],
2227                                     OP2 + 16, RRR_R + 1);
2228                 break;
2229             }
2230 
2231             HAS_OPTION(XTENSA_OPTION_FP_COPROCESSOR);
2232 
2233 #define gen_compare(rel, br, a, b) \
2234     do { \
2235         if (gen_check_cpenable(dc, 0)) { \
2236             TCGv_i32 bit = tcg_const_i32(1 << br); \
2237             \
2238             gen_helper_##rel(cpu_env, bit, cpu_FR[a], cpu_FR[b]); \
2239             tcg_temp_free(bit); \
2240         } \
2241     } while (0)
2242 
2243             switch (OP2) {
2244             case 1: /*UN.Sf*/
2245                 gen_compare(un_s, RRR_R, RRR_S, RRR_T);
2246                 break;
2247 
2248             case 2: /*OEQ.Sf*/
2249                 gen_compare(oeq_s, RRR_R, RRR_S, RRR_T);
2250                 break;
2251 
2252             case 3: /*UEQ.Sf*/
2253                 gen_compare(ueq_s, RRR_R, RRR_S, RRR_T);
2254                 break;
2255 
2256             case 4: /*OLT.Sf*/
2257                 gen_compare(olt_s, RRR_R, RRR_S, RRR_T);
2258                 break;
2259 
2260             case 5: /*ULT.Sf*/
2261                 gen_compare(ult_s, RRR_R, RRR_S, RRR_T);
2262                 break;
2263 
2264             case 6: /*OLE.Sf*/
2265                 gen_compare(ole_s, RRR_R, RRR_S, RRR_T);
2266                 break;
2267 
2268             case 7: /*ULE.Sf*/
2269                 gen_compare(ule_s, RRR_R, RRR_S, RRR_T);
2270                 break;
2271 
2272 #undef gen_compare
2273 
2274             case 8: /*MOVEQZ.Sf*/
2275             case 9: /*MOVNEZ.Sf*/
2276             case 10: /*MOVLTZ.Sf*/
2277             case 11: /*MOVGEZ.Sf*/
2278                 if (gen_window_check1(dc, RRR_T) &&
2279                     gen_check_cpenable(dc, 0)) {
2280                     static const TCGCond cond[] = {
2281                         TCG_COND_EQ,
2282                         TCG_COND_NE,
2283                         TCG_COND_LT,
2284                         TCG_COND_GE,
2285                     };
2286                     TCGv_i32 zero = tcg_const_i32(0);
2287 
2288                     tcg_gen_movcond_i32(cond[OP2 - 8], cpu_FR[RRR_R],
2289                             cpu_R[RRR_T], zero, cpu_FR[RRR_S], cpu_FR[RRR_R]);
2290                     tcg_temp_free(zero);
2291                 }
2292                 break;
2293 
2294             case 12: /*MOVF.Sf*/
2295             case 13: /*MOVT.Sf*/
2296                 HAS_OPTION(XTENSA_OPTION_BOOLEAN);
2297                 if (gen_check_cpenable(dc, 0)) {
2298                     TCGv_i32 zero = tcg_const_i32(0);
2299                     TCGv_i32 tmp = tcg_temp_new_i32();
2300 
2301                     tcg_gen_andi_i32(tmp, cpu_SR[BR], 1 << RRR_T);
2302                     tcg_gen_movcond_i32(OP2 & 1 ? TCG_COND_NE : TCG_COND_EQ,
2303                             cpu_FR[RRR_R], tmp, zero,
2304                             cpu_FR[RRR_S], cpu_FR[RRR_R]);
2305 
2306                     tcg_temp_free(tmp);
2307                     tcg_temp_free(zero);
2308                 }
2309                 break;
2310 
2311             default: /*reserved*/
2312                 RESERVED();
2313                 break;
2314             }
2315             break;
2316 
2317         default: /*reserved*/
2318             RESERVED();
2319             break;
2320         }
2321         break;
2322 
2323     case 1: /*L32R*/
2324         if (gen_window_check1(dc, RRR_T)) {
2325             TCGv_i32 tmp = tcg_const_i32(
2326                     ((dc->tb->flags & XTENSA_TBFLAG_LITBASE) ?
2327                      0 : ((dc->pc + 3) & ~3)) +
2328                     (0xfffc0000 | (RI16_IMM16 << 2)));
2329 
2330             if (dc->tb->flags & XTENSA_TBFLAG_LITBASE) {
2331                 tcg_gen_add_i32(tmp, tmp, dc->litbase);
2332             }
2333             tcg_gen_qemu_ld32u(cpu_R[RRR_T], tmp, dc->cring);
2334             tcg_temp_free(tmp);
2335         }
2336         break;
2337 
2338     case 2: /*LSAI*/
2339 #define gen_load_store(type, shift) do { \
2340             if (gen_window_check2(dc, RRI8_S, RRI8_T)) { \
2341                 TCGv_i32 addr = tcg_temp_new_i32(); \
2342                 \
2343                 tcg_gen_addi_i32(addr, cpu_R[RRI8_S], RRI8_IMM8 << shift); \
2344                 if (shift) { \
2345                     gen_load_store_alignment(dc, shift, addr, false); \
2346                 } \
2347                 tcg_gen_qemu_##type(cpu_R[RRI8_T], addr, dc->cring); \
2348                 tcg_temp_free(addr); \
2349             } \
2350         } while (0)
2351 
2352         switch (RRI8_R) {
2353         case 0: /*L8UI*/
2354             gen_load_store(ld8u, 0);
2355             break;
2356 
2357         case 1: /*L16UI*/
2358             gen_load_store(ld16u, 1);
2359             break;
2360 
2361         case 2: /*L32I*/
2362             gen_load_store(ld32u, 2);
2363             break;
2364 
2365         case 4: /*S8I*/
2366             gen_load_store(st8, 0);
2367             break;
2368 
2369         case 5: /*S16I*/
2370             gen_load_store(st16, 1);
2371             break;
2372 
2373         case 6: /*S32I*/
2374             gen_load_store(st32, 2);
2375             break;
2376 
2377 #define gen_dcache_hit_test(w, shift) do { \
2378             if (gen_window_check1(dc, RRI##w##_S)) { \
2379                 TCGv_i32 addr = tcg_temp_new_i32(); \
2380                 TCGv_i32 res = tcg_temp_new_i32(); \
2381                 tcg_gen_addi_i32(addr, cpu_R[RRI##w##_S], \
2382                                  RRI##w##_IMM##w << shift); \
2383                 tcg_gen_qemu_ld8u(res, addr, dc->cring); \
2384                 tcg_temp_free(addr); \
2385                 tcg_temp_free(res); \
2386             } \
2387         } while (0)
2388 
2389 #define gen_dcache_hit_test4() gen_dcache_hit_test(4, 4)
2390 #define gen_dcache_hit_test8() gen_dcache_hit_test(8, 2)
2391 
2392         case 7: /*CACHEc*/
2393             if (RRI8_T < 8) {
2394                 HAS_OPTION(XTENSA_OPTION_DCACHE);
2395             }
2396 
2397             switch (RRI8_T) {
2398             case 0: /*DPFRc*/
2399                 gen_window_check1(dc, RRI8_S);
2400                 break;
2401 
2402             case 1: /*DPFWc*/
2403                 gen_window_check1(dc, RRI8_S);
2404                 break;
2405 
2406             case 2: /*DPFROc*/
2407                 gen_window_check1(dc, RRI8_S);
2408                 break;
2409 
2410             case 3: /*DPFWOc*/
2411                 gen_window_check1(dc, RRI8_S);
2412                 break;
2413 
2414             case 4: /*DHWBc*/
2415                 gen_dcache_hit_test8();
2416                 break;
2417 
2418             case 5: /*DHWBIc*/
2419                 gen_dcache_hit_test8();
2420                 break;
2421 
2422             case 6: /*DHIc*/
2423                 if (gen_check_privilege(dc)) {
2424                     gen_dcache_hit_test8();
2425                 }
2426                 break;
2427 
2428             case 7: /*DIIc*/
2429                 if (gen_check_privilege(dc)) {
2430                     gen_window_check1(dc, RRI8_S);
2431                 }
2432                 break;
2433 
2434             case 8: /*DCEc*/
2435                 switch (OP1) {
2436                 case 0: /*DPFLl*/
2437                     HAS_OPTION(XTENSA_OPTION_DCACHE_INDEX_LOCK);
2438                     if (gen_check_privilege(dc)) {
2439                         gen_dcache_hit_test4();
2440                     }
2441                     break;
2442 
2443                 case 2: /*DHUl*/
2444                     HAS_OPTION(XTENSA_OPTION_DCACHE_INDEX_LOCK);
2445                     if (gen_check_privilege(dc)) {
2446                         gen_dcache_hit_test4();
2447                     }
2448                     break;
2449 
2450                 case 3: /*DIUl*/
2451                     HAS_OPTION(XTENSA_OPTION_DCACHE_INDEX_LOCK);
2452                     if (gen_check_privilege(dc)) {
2453                         gen_window_check1(dc, RRI4_S);
2454                     }
2455                     break;
2456 
2457                 case 4: /*DIWBc*/
2458                     HAS_OPTION(XTENSA_OPTION_DCACHE);
2459                     if (gen_check_privilege(dc)) {
2460                         gen_window_check1(dc, RRI4_S);
2461                     }
2462                     break;
2463 
2464                 case 5: /*DIWBIc*/
2465                     HAS_OPTION(XTENSA_OPTION_DCACHE);
2466                     if (gen_check_privilege(dc)) {
2467                         gen_window_check1(dc, RRI4_S);
2468                     }
2469                     break;
2470 
2471                 default: /*reserved*/
2472                     RESERVED();
2473                     break;
2474 
2475                 }
2476                 break;
2477 
2478 #undef gen_dcache_hit_test
2479 #undef gen_dcache_hit_test4
2480 #undef gen_dcache_hit_test8
2481 
2482 #define gen_icache_hit_test(w, shift) do { \
2483             if (gen_window_check1(dc, RRI##w##_S)) { \
2484                 TCGv_i32 addr = tcg_temp_new_i32(); \
2485                 tcg_gen_movi_i32(cpu_pc, dc->pc); \
2486                 tcg_gen_addi_i32(addr, cpu_R[RRI##w##_S], \
2487                                  RRI##w##_IMM##w << shift); \
2488                 gen_helper_itlb_hit_test(cpu_env, addr); \
2489                 tcg_temp_free(addr); \
2490             }\
2491         } while (0)
2492 
2493 #define gen_icache_hit_test4() gen_icache_hit_test(4, 4)
2494 #define gen_icache_hit_test8() gen_icache_hit_test(8, 2)
2495 
2496             case 12: /*IPFc*/
2497                 HAS_OPTION(XTENSA_OPTION_ICACHE);
2498                 gen_window_check1(dc, RRI8_S);
2499                 break;
2500 
2501             case 13: /*ICEc*/
2502                 switch (OP1) {
2503                 case 0: /*IPFLl*/
2504                     HAS_OPTION(XTENSA_OPTION_ICACHE_INDEX_LOCK);
2505                     if (gen_check_privilege(dc)) {
2506                         gen_icache_hit_test4();
2507                     }
2508                     break;
2509 
2510                 case 2: /*IHUl*/
2511                     HAS_OPTION(XTENSA_OPTION_ICACHE_INDEX_LOCK);
2512                     if (gen_check_privilege(dc)) {
2513                         gen_icache_hit_test4();
2514                     }
2515                     break;
2516 
2517                 case 3: /*IIUl*/
2518                     HAS_OPTION(XTENSA_OPTION_ICACHE_INDEX_LOCK);
2519                     if (gen_check_privilege(dc)) {
2520                         gen_window_check1(dc, RRI4_S);
2521                     }
2522                     break;
2523 
2524                 default: /*reserved*/
2525                     RESERVED();
2526                     break;
2527                 }
2528                 break;
2529 
2530             case 14: /*IHIc*/
2531                 HAS_OPTION(XTENSA_OPTION_ICACHE);
2532                 gen_icache_hit_test8();
2533                 break;
2534 
2535             case 15: /*IIIc*/
2536                 HAS_OPTION(XTENSA_OPTION_ICACHE);
2537                 if (gen_check_privilege(dc)) {
2538                     gen_window_check1(dc, RRI8_S);
2539                 }
2540                 break;
2541 
2542             default: /*reserved*/
2543                 RESERVED();
2544                 break;
2545             }
2546             break;
2547 
2548 #undef gen_icache_hit_test
2549 #undef gen_icache_hit_test4
2550 #undef gen_icache_hit_test8
2551 
2552         case 9: /*L16SI*/
2553             gen_load_store(ld16s, 1);
2554             break;
2555 #undef gen_load_store
2556 
2557         case 10: /*MOVI*/
2558             if (gen_window_check1(dc, RRI8_T)) {
2559                 tcg_gen_movi_i32(cpu_R[RRI8_T],
2560                                  RRI8_IMM8 | (RRI8_S << 8) |
2561                                  ((RRI8_S & 0x8) ? 0xfffff000 : 0));
2562             }
2563             break;
2564 
2565 #define gen_load_store_no_hw_align(type) do { \
2566             if (gen_window_check2(dc, RRI8_S, RRI8_T)) { \
2567                 TCGv_i32 addr = tcg_temp_local_new_i32(); \
2568                 tcg_gen_addi_i32(addr, cpu_R[RRI8_S], RRI8_IMM8 << 2); \
2569                 gen_load_store_alignment(dc, 2, addr, true); \
2570                 tcg_gen_qemu_##type(cpu_R[RRI8_T], addr, dc->cring); \
2571                 tcg_temp_free(addr); \
2572             } \
2573         } while (0)
2574 
2575         case 11: /*L32AIy*/
2576             HAS_OPTION(XTENSA_OPTION_MP_SYNCHRO);
2577             gen_load_store_no_hw_align(ld32u); /*TODO acquire?*/
2578             break;
2579 
2580         case 12: /*ADDI*/
2581             if (gen_window_check2(dc, RRI8_S, RRI8_T)) {
2582                 tcg_gen_addi_i32(cpu_R[RRI8_T], cpu_R[RRI8_S], RRI8_IMM8_SE);
2583             }
2584             break;
2585 
2586         case 13: /*ADDMI*/
2587             if (gen_window_check2(dc, RRI8_S, RRI8_T)) {
2588                 tcg_gen_addi_i32(cpu_R[RRI8_T], cpu_R[RRI8_S],
2589                                  RRI8_IMM8_SE << 8);
2590             }
2591             break;
2592 
2593         case 14: /*S32C1Iy*/
2594             HAS_OPTION(XTENSA_OPTION_CONDITIONAL_STORE);
2595             if (gen_window_check2(dc, RRI8_S, RRI8_T)) {
2596                 TCGLabel *label = gen_new_label();
2597                 TCGv_i32 tmp = tcg_temp_local_new_i32();
2598                 TCGv_i32 addr = tcg_temp_local_new_i32();
2599                 TCGv_i32 tpc;
2600 
2601                 tcg_gen_mov_i32(tmp, cpu_R[RRI8_T]);
2602                 tcg_gen_addi_i32(addr, cpu_R[RRI8_S], RRI8_IMM8 << 2);
2603                 gen_load_store_alignment(dc, 2, addr, true);
2604 
2605                 tpc = tcg_const_i32(dc->pc);
2606                 gen_helper_check_atomctl(cpu_env, tpc, addr);
2607                 tcg_gen_qemu_ld32u(cpu_R[RRI8_T], addr, dc->cring);
2608                 tcg_gen_brcond_i32(TCG_COND_NE, cpu_R[RRI8_T],
2609                         cpu_SR[SCOMPARE1], label);
2610 
2611                 tcg_gen_qemu_st32(tmp, addr, dc->cring);
2612 
2613                 gen_set_label(label);
2614                 tcg_temp_free(tpc);
2615                 tcg_temp_free(addr);
2616                 tcg_temp_free(tmp);
2617             }
2618             break;
2619 
2620         case 15: /*S32RIy*/
2621             HAS_OPTION(XTENSA_OPTION_MP_SYNCHRO);
2622             gen_load_store_no_hw_align(st32); /*TODO release?*/
2623             break;
2624 #undef gen_load_store_no_hw_align
2625 
2626         default: /*reserved*/
2627             RESERVED();
2628             break;
2629         }
2630         break;
2631 
2632     case 3: /*LSCIp*/
2633         switch (RRI8_R) {
2634         case 0: /*LSIf*/
2635         case 4: /*SSIf*/
2636         case 8: /*LSIUf*/
2637         case 12: /*SSIUf*/
2638             HAS_OPTION(XTENSA_OPTION_FP_COPROCESSOR);
2639             if (gen_window_check1(dc, RRI8_S) &&
2640                 gen_check_cpenable(dc, 0)) {
2641                 TCGv_i32 addr = tcg_temp_new_i32();
2642                 tcg_gen_addi_i32(addr, cpu_R[RRI8_S], RRI8_IMM8 << 2);
2643                 gen_load_store_alignment(dc, 2, addr, false);
2644                 if (RRI8_R & 0x4) {
2645                     tcg_gen_qemu_st32(cpu_FR[RRI8_T], addr, dc->cring);
2646                 } else {
2647                     tcg_gen_qemu_ld32u(cpu_FR[RRI8_T], addr, dc->cring);
2648                 }
2649                 if (RRI8_R & 0x8) {
2650                     tcg_gen_mov_i32(cpu_R[RRI8_S], addr);
2651                 }
2652                 tcg_temp_free(addr);
2653             }
2654             break;
2655 
2656         default: /*reserved*/
2657             RESERVED();
2658             break;
2659         }
2660         break;
2661 
2662     case 4: /*MAC16d*/
2663         HAS_OPTION(XTENSA_OPTION_MAC16);
2664         {
2665             enum {
2666                 MAC16_UMUL = 0x0,
2667                 MAC16_MUL  = 0x4,
2668                 MAC16_MULA = 0x8,
2669                 MAC16_MULS = 0xc,
2670                 MAC16_NONE = 0xf,
2671             } op = OP1 & 0xc;
2672             bool is_m1_sr = (OP2 & 0x3) == 2;
2673             bool is_m2_sr = (OP2 & 0xc) == 0;
2674             uint32_t ld_offset = 0;
2675 
2676             if (OP2 > 9) {
2677                 RESERVED();
2678             }
2679 
2680             switch (OP2 & 2) {
2681             case 0: /*MACI?/MACC?*/
2682                 is_m1_sr = true;
2683                 ld_offset = (OP2 & 1) ? -4 : 4;
2684 
2685                 if (OP2 >= 8) { /*MACI/MACC*/
2686                     if (OP1 == 0) { /*LDINC/LDDEC*/
2687                         op = MAC16_NONE;
2688                     } else {
2689                         RESERVED();
2690                     }
2691                 } else if (op != MAC16_MULA) { /*MULA.*.*.LDINC/LDDEC*/
2692                     RESERVED();
2693                 }
2694                 break;
2695 
2696             case 2: /*MACD?/MACA?*/
2697                 if (op == MAC16_UMUL && OP2 != 7) { /*UMUL only in MACAA*/
2698                     RESERVED();
2699                 }
2700                 break;
2701             }
2702 
2703             if (op != MAC16_NONE) {
2704                 if (!is_m1_sr && !gen_window_check1(dc, RRR_S)) {
2705                     break;
2706                 }
2707                 if (!is_m2_sr && !gen_window_check1(dc, RRR_T)) {
2708                     break;
2709                 }
2710             }
2711 
2712             if (ld_offset && !gen_window_check1(dc, RRR_S)) {
2713                 break;
2714             }
2715 
2716             {
2717                 TCGv_i32 vaddr = tcg_temp_new_i32();
2718                 TCGv_i32 mem32 = tcg_temp_new_i32();
2719 
2720                 if (ld_offset) {
2721                     tcg_gen_addi_i32(vaddr, cpu_R[RRR_S], ld_offset);
2722                     gen_load_store_alignment(dc, 2, vaddr, false);
2723                     tcg_gen_qemu_ld32u(mem32, vaddr, dc->cring);
2724                 }
2725                 if (op != MAC16_NONE) {
2726                     TCGv_i32 m1 = gen_mac16_m(
2727                             is_m1_sr ? cpu_SR[MR + RRR_X] : cpu_R[RRR_S],
2728                             OP1 & 1, op == MAC16_UMUL);
2729                     TCGv_i32 m2 = gen_mac16_m(
2730                             is_m2_sr ? cpu_SR[MR + 2 + RRR_Y] : cpu_R[RRR_T],
2731                             OP1 & 2, op == MAC16_UMUL);
2732 
2733                     if (op == MAC16_MUL || op == MAC16_UMUL) {
2734                         tcg_gen_mul_i32(cpu_SR[ACCLO], m1, m2);
2735                         if (op == MAC16_UMUL) {
2736                             tcg_gen_movi_i32(cpu_SR[ACCHI], 0);
2737                         } else {
2738                             tcg_gen_sari_i32(cpu_SR[ACCHI], cpu_SR[ACCLO], 31);
2739                         }
2740                     } else {
2741                         TCGv_i32 lo = tcg_temp_new_i32();
2742                         TCGv_i32 hi = tcg_temp_new_i32();
2743 
2744                         tcg_gen_mul_i32(lo, m1, m2);
2745                         tcg_gen_sari_i32(hi, lo, 31);
2746                         if (op == MAC16_MULA) {
2747                             tcg_gen_add2_i32(cpu_SR[ACCLO], cpu_SR[ACCHI],
2748                                              cpu_SR[ACCLO], cpu_SR[ACCHI],
2749                                              lo, hi);
2750                         } else {
2751                             tcg_gen_sub2_i32(cpu_SR[ACCLO], cpu_SR[ACCHI],
2752                                              cpu_SR[ACCLO], cpu_SR[ACCHI],
2753                                              lo, hi);
2754                         }
2755                         tcg_gen_ext8s_i32(cpu_SR[ACCHI], cpu_SR[ACCHI]);
2756 
2757                         tcg_temp_free_i32(lo);
2758                         tcg_temp_free_i32(hi);
2759                     }
2760                     tcg_temp_free(m1);
2761                     tcg_temp_free(m2);
2762                 }
2763                 if (ld_offset) {
2764                     tcg_gen_mov_i32(cpu_R[RRR_S], vaddr);
2765                     tcg_gen_mov_i32(cpu_SR[MR + RRR_W], mem32);
2766                 }
2767                 tcg_temp_free(vaddr);
2768                 tcg_temp_free(mem32);
2769             }
2770         }
2771         break;
2772 
2773     case 5: /*CALLN*/
2774         switch (CALL_N) {
2775         case 0: /*CALL0*/
2776             tcg_gen_movi_i32(cpu_R[0], dc->next_pc);
2777             gen_jumpi(dc, (dc->pc & ~3) + (CALL_OFFSET_SE << 2) + 4, 0);
2778             break;
2779 
2780         case 1: /*CALL4w*/
2781         case 2: /*CALL8w*/
2782         case 3: /*CALL12w*/
2783             HAS_OPTION(XTENSA_OPTION_WINDOWED_REGISTER);
2784             if (gen_window_check1(dc, CALL_N << 2)) {
2785                 gen_callwi(dc, CALL_N,
2786                            (dc->pc & ~3) + (CALL_OFFSET_SE << 2) + 4, 0);
2787             }
2788             break;
2789         }
2790         break;
2791 
2792     case 6: /*SI*/
2793         switch (CALL_N) {
2794         case 0: /*J*/
2795             gen_jumpi(dc, dc->pc + 4 + CALL_OFFSET_SE, 0);
2796             break;
2797 
2798         case 1: /*BZ*/
2799             if (gen_window_check1(dc, BRI12_S)) {
2800                 static const TCGCond cond[] = {
2801                     TCG_COND_EQ, /*BEQZ*/
2802                     TCG_COND_NE, /*BNEZ*/
2803                     TCG_COND_LT, /*BLTZ*/
2804                     TCG_COND_GE, /*BGEZ*/
2805                 };
2806 
2807                 gen_brcondi(dc, cond[BRI12_M & 3], cpu_R[BRI12_S], 0,
2808                         4 + BRI12_IMM12_SE);
2809             }
2810             break;
2811 
2812         case 2: /*BI0*/
2813             if (gen_window_check1(dc, BRI8_S)) {
2814                 static const TCGCond cond[] = {
2815                     TCG_COND_EQ, /*BEQI*/
2816                     TCG_COND_NE, /*BNEI*/
2817                     TCG_COND_LT, /*BLTI*/
2818                     TCG_COND_GE, /*BGEI*/
2819                 };
2820 
2821                 gen_brcondi(dc, cond[BRI8_M & 3],
2822                         cpu_R[BRI8_S], B4CONST[BRI8_R], 4 + BRI8_IMM8_SE);
2823             }
2824             break;
2825 
2826         case 3: /*BI1*/
2827             switch (BRI8_M) {
2828             case 0: /*ENTRYw*/
2829                 HAS_OPTION(XTENSA_OPTION_WINDOWED_REGISTER);
2830                 {
2831                     TCGv_i32 pc = tcg_const_i32(dc->pc);
2832                     TCGv_i32 s = tcg_const_i32(BRI12_S);
2833                     TCGv_i32 imm = tcg_const_i32(BRI12_IMM12);
2834                     gen_helper_entry(cpu_env, pc, s, imm);
2835                     tcg_temp_free(imm);
2836                     tcg_temp_free(s);
2837                     tcg_temp_free(pc);
2838                     /* This can change tb->flags, so exit tb */
2839                     gen_jumpi_check_loop_end(dc, -1);
2840                 }
2841                 break;
2842 
2843             case 1: /*B1*/
2844                 switch (BRI8_R) {
2845                 case 0: /*BFp*/
2846                 case 1: /*BTp*/
2847                     HAS_OPTION(XTENSA_OPTION_BOOLEAN);
2848                     {
2849                         TCGv_i32 tmp = tcg_temp_new_i32();
2850                         tcg_gen_andi_i32(tmp, cpu_SR[BR], 1 << RRI8_S);
2851                         gen_brcondi(dc,
2852                                 BRI8_R == 1 ? TCG_COND_NE : TCG_COND_EQ,
2853                                 tmp, 0, 4 + RRI8_IMM8_SE);
2854                         tcg_temp_free(tmp);
2855                     }
2856                     break;
2857 
2858                 case 8: /*LOOP*/
2859                 case 9: /*LOOPNEZ*/
2860                 case 10: /*LOOPGTZ*/
2861                     HAS_OPTION(XTENSA_OPTION_LOOP);
2862                     if (gen_window_check1(dc, RRI8_S)) {
2863                         uint32_t lend = dc->pc + RRI8_IMM8 + 4;
2864                         TCGv_i32 tmp = tcg_const_i32(lend);
2865 
2866                         tcg_gen_subi_i32(cpu_SR[LCOUNT], cpu_R[RRI8_S], 1);
2867                         tcg_gen_movi_i32(cpu_SR[LBEG], dc->next_pc);
2868                         gen_helper_wsr_lend(cpu_env, tmp);
2869                         tcg_temp_free(tmp);
2870 
2871                         if (BRI8_R > 8) {
2872                             TCGLabel *label = gen_new_label();
2873                             tcg_gen_brcondi_i32(
2874                                     BRI8_R == 9 ? TCG_COND_NE : TCG_COND_GT,
2875                                     cpu_R[RRI8_S], 0, label);
2876                             gen_jumpi(dc, lend, 1);
2877                             gen_set_label(label);
2878                         }
2879 
2880                         gen_jumpi(dc, dc->next_pc, 0);
2881                     }
2882                     break;
2883 
2884                 default: /*reserved*/
2885                     RESERVED();
2886                     break;
2887 
2888                 }
2889                 break;
2890 
2891             case 2: /*BLTUI*/
2892             case 3: /*BGEUI*/
2893                 if (gen_window_check1(dc, BRI8_S)) {
2894                     gen_brcondi(dc, BRI8_M == 2 ? TCG_COND_LTU : TCG_COND_GEU,
2895                                 cpu_R[BRI8_S], B4CONSTU[BRI8_R],
2896                                 4 + BRI8_IMM8_SE);
2897                 }
2898                 break;
2899             }
2900             break;
2901 
2902         }
2903         break;
2904 
2905     case 7: /*B*/
2906         {
2907             TCGCond eq_ne = (RRI8_R & 8) ? TCG_COND_NE : TCG_COND_EQ;
2908 
2909             switch (RRI8_R & 7) {
2910             case 0: /*BNONE*/ /*BANY*/
2911                 if (gen_window_check2(dc, RRI8_S, RRI8_T)) {
2912                     TCGv_i32 tmp = tcg_temp_new_i32();
2913                     tcg_gen_and_i32(tmp, cpu_R[RRI8_S], cpu_R[RRI8_T]);
2914                     gen_brcondi(dc, eq_ne, tmp, 0, 4 + RRI8_IMM8_SE);
2915                     tcg_temp_free(tmp);
2916                 }
2917                 break;
2918 
2919             case 1: /*BEQ*/ /*BNE*/
2920             case 2: /*BLT*/ /*BGE*/
2921             case 3: /*BLTU*/ /*BGEU*/
2922                 if (gen_window_check2(dc, RRI8_S, RRI8_T)) {
2923                     static const TCGCond cond[] = {
2924                         [1] = TCG_COND_EQ,
2925                         [2] = TCG_COND_LT,
2926                         [3] = TCG_COND_LTU,
2927                         [9] = TCG_COND_NE,
2928                         [10] = TCG_COND_GE,
2929                         [11] = TCG_COND_GEU,
2930                     };
2931                     gen_brcond(dc, cond[RRI8_R], cpu_R[RRI8_S], cpu_R[RRI8_T],
2932                             4 + RRI8_IMM8_SE);
2933                 }
2934                 break;
2935 
2936             case 4: /*BALL*/ /*BNALL*/
2937                 if (gen_window_check2(dc, RRI8_S, RRI8_T)) {
2938                     TCGv_i32 tmp = tcg_temp_new_i32();
2939                     tcg_gen_and_i32(tmp, cpu_R[RRI8_S], cpu_R[RRI8_T]);
2940                     gen_brcond(dc, eq_ne, tmp, cpu_R[RRI8_T],
2941                             4 + RRI8_IMM8_SE);
2942                     tcg_temp_free(tmp);
2943                 }
2944                 break;
2945 
2946             case 5: /*BBC*/ /*BBS*/
2947                 if (gen_window_check2(dc, RRI8_S, RRI8_T)) {
2948 #ifdef TARGET_WORDS_BIGENDIAN
2949                     TCGv_i32 bit = tcg_const_i32(0x80000000);
2950 #else
2951                     TCGv_i32 bit = tcg_const_i32(0x00000001);
2952 #endif
2953                     TCGv_i32 tmp = tcg_temp_new_i32();
2954                     tcg_gen_andi_i32(tmp, cpu_R[RRI8_T], 0x1f);
2955 #ifdef TARGET_WORDS_BIGENDIAN
2956                     tcg_gen_shr_i32(bit, bit, tmp);
2957 #else
2958                     tcg_gen_shl_i32(bit, bit, tmp);
2959 #endif
2960                     tcg_gen_and_i32(tmp, cpu_R[RRI8_S], bit);
2961                     gen_brcondi(dc, eq_ne, tmp, 0, 4 + RRI8_IMM8_SE);
2962                     tcg_temp_free(tmp);
2963                     tcg_temp_free(bit);
2964                 }
2965                 break;
2966 
2967             case 6: /*BBCI*/ /*BBSI*/
2968             case 7:
2969                 if (gen_window_check1(dc, RRI8_S)) {
2970                     TCGv_i32 tmp = tcg_temp_new_i32();
2971                     tcg_gen_andi_i32(tmp, cpu_R[RRI8_S],
2972 #ifdef TARGET_WORDS_BIGENDIAN
2973                             0x80000000 >> (((RRI8_R & 1) << 4) | RRI8_T));
2974 #else
2975                             0x00000001 << (((RRI8_R & 1) << 4) | RRI8_T));
2976 #endif
2977                     gen_brcondi(dc, eq_ne, tmp, 0, 4 + RRI8_IMM8_SE);
2978                     tcg_temp_free(tmp);
2979                 }
2980                 break;
2981 
2982             }
2983         }
2984         break;
2985 
2986 #define gen_narrow_load_store(type) do { \
2987             if (gen_window_check2(dc, RRRN_S, RRRN_T)) { \
2988                 TCGv_i32 addr = tcg_temp_new_i32(); \
2989                 tcg_gen_addi_i32(addr, cpu_R[RRRN_S], RRRN_R << 2); \
2990                 gen_load_store_alignment(dc, 2, addr, false); \
2991                 tcg_gen_qemu_##type(cpu_R[RRRN_T], addr, dc->cring); \
2992                 tcg_temp_free(addr); \
2993             } \
2994         } while (0)
2995 
2996     case 8: /*L32I.Nn*/
2997         gen_narrow_load_store(ld32u);
2998         break;
2999 
3000     case 9: /*S32I.Nn*/
3001         gen_narrow_load_store(st32);
3002         break;
3003 #undef gen_narrow_load_store
3004 
3005     case 10: /*ADD.Nn*/
3006         if (gen_window_check3(dc, RRRN_R, RRRN_S, RRRN_T)) {
3007             tcg_gen_add_i32(cpu_R[RRRN_R], cpu_R[RRRN_S], cpu_R[RRRN_T]);
3008         }
3009         break;
3010 
3011     case 11: /*ADDI.Nn*/
3012         if (gen_window_check2(dc, RRRN_R, RRRN_S)) {
3013             tcg_gen_addi_i32(cpu_R[RRRN_R], cpu_R[RRRN_S],
3014                              RRRN_T ? RRRN_T : -1);
3015         }
3016         break;
3017 
3018     case 12: /*ST2n*/
3019         if (!gen_window_check1(dc, RRRN_S)) {
3020             break;
3021         }
3022         if (RRRN_T < 8) { /*MOVI.Nn*/
3023             tcg_gen_movi_i32(cpu_R[RRRN_S],
3024                     RRRN_R | (RRRN_T << 4) |
3025                     ((RRRN_T & 6) == 6 ? 0xffffff80 : 0));
3026         } else { /*BEQZ.Nn*/ /*BNEZ.Nn*/
3027             TCGCond eq_ne = (RRRN_T & 4) ? TCG_COND_NE : TCG_COND_EQ;
3028 
3029             gen_brcondi(dc, eq_ne, cpu_R[RRRN_S], 0,
3030                     4 + (RRRN_R | ((RRRN_T & 3) << 4)));
3031         }
3032         break;
3033 
3034     case 13: /*ST3n*/
3035         switch (RRRN_R) {
3036         case 0: /*MOV.Nn*/
3037             if (gen_window_check2(dc, RRRN_S, RRRN_T)) {
3038                 tcg_gen_mov_i32(cpu_R[RRRN_T], cpu_R[RRRN_S]);
3039             }
3040             break;
3041 
3042         case 15: /*S3*/
3043             switch (RRRN_T) {
3044             case 0: /*RET.Nn*/
3045                 gen_jump(dc, cpu_R[0]);
3046                 break;
3047 
3048             case 1: /*RETW.Nn*/
3049                 HAS_OPTION(XTENSA_OPTION_WINDOWED_REGISTER);
3050                 {
3051                     TCGv_i32 tmp = tcg_const_i32(dc->pc);
3052                     gen_helper_retw(tmp, cpu_env, tmp);
3053                     gen_jump(dc, tmp);
3054                     tcg_temp_free(tmp);
3055                 }
3056                 break;
3057 
3058             case 2: /*BREAK.Nn*/
3059                 HAS_OPTION(XTENSA_OPTION_DEBUG);
3060                 if (dc->debug) {
3061                     gen_debug_exception(dc, DEBUGCAUSE_BN);
3062                 }
3063                 break;
3064 
3065             case 3: /*NOP.Nn*/
3066                 break;
3067 
3068             case 6: /*ILL.Nn*/
3069                 gen_exception_cause(dc, ILLEGAL_INSTRUCTION_CAUSE);
3070                 break;
3071 
3072             default: /*reserved*/
3073                 RESERVED();
3074                 break;
3075             }
3076             break;
3077 
3078         default: /*reserved*/
3079             RESERVED();
3080             break;
3081         }
3082         break;
3083 
3084     default: /*reserved*/
3085         RESERVED();
3086         break;
3087     }
3088 
3089     if (dc->is_jmp == DISAS_NEXT) {
3090         gen_check_loop_end(dc, 0);
3091     }
3092     dc->pc = dc->next_pc;
3093 
3094     return;
3095 
3096 invalid_opcode:
3097     qemu_log_mask(LOG_GUEST_ERROR, "INVALID(pc = %08x)\n", dc->pc);
3098     gen_exception_cause(dc, ILLEGAL_INSTRUCTION_CAUSE);
3099 #undef HAS_OPTION
3100 }
3101 
3102 static inline unsigned xtensa_insn_len(CPUXtensaState *env, DisasContext *dc)
3103 {
3104     uint8_t b0 = cpu_ldub_code(env, dc->pc);
3105     return xtensa_op0_insn_len(OP0);
3106 }
3107 
3108 static void gen_ibreak_check(CPUXtensaState *env, DisasContext *dc)
3109 {
3110     unsigned i;
3111 
3112     for (i = 0; i < dc->config->nibreak; ++i) {
3113         if ((env->sregs[IBREAKENABLE] & (1 << i)) &&
3114                 env->sregs[IBREAKA + i] == dc->pc) {
3115             gen_debug_exception(dc, DEBUGCAUSE_IB);
3116             break;
3117         }
3118     }
3119 }
3120 
3121 void gen_intermediate_code(CPUState *cs, TranslationBlock *tb)
3122 {
3123     CPUXtensaState *env = cs->env_ptr;
3124     DisasContext dc;
3125     int insn_count = 0;
3126     int max_insns = tb_cflags(tb) & CF_COUNT_MASK;
3127     uint32_t pc_start = tb->pc;
3128     uint32_t next_page_start =
3129         (pc_start & TARGET_PAGE_MASK) + TARGET_PAGE_SIZE;
3130 
3131     if (max_insns == 0) {
3132         max_insns = CF_COUNT_MASK;
3133     }
3134     if (max_insns > TCG_MAX_INSNS) {
3135         max_insns = TCG_MAX_INSNS;
3136     }
3137 
3138     dc.config = env->config;
3139     dc.singlestep_enabled = cs->singlestep_enabled;
3140     dc.tb = tb;
3141     dc.pc = pc_start;
3142     dc.ring = tb->flags & XTENSA_TBFLAG_RING_MASK;
3143     dc.cring = (tb->flags & XTENSA_TBFLAG_EXCM) ? 0 : dc.ring;
3144     dc.lbeg = env->sregs[LBEG];
3145     dc.lend = env->sregs[LEND];
3146     dc.is_jmp = DISAS_NEXT;
3147     dc.debug = tb->flags & XTENSA_TBFLAG_DEBUG;
3148     dc.icount = tb->flags & XTENSA_TBFLAG_ICOUNT;
3149     dc.cpenable = (tb->flags & XTENSA_TBFLAG_CPENABLE_MASK) >>
3150         XTENSA_TBFLAG_CPENABLE_SHIFT;
3151     dc.window = ((tb->flags & XTENSA_TBFLAG_WINDOW_MASK) >>
3152                  XTENSA_TBFLAG_WINDOW_SHIFT);
3153 
3154     init_litbase(&dc);
3155     init_sar_tracker(&dc);
3156     if (dc.icount) {
3157         dc.next_icount = tcg_temp_local_new_i32();
3158     }
3159 
3160     gen_tb_start(tb);
3161 
3162     if ((tb_cflags(tb) & CF_USE_ICOUNT) &&
3163         (tb->flags & XTENSA_TBFLAG_YIELD)) {
3164         tcg_gen_insn_start(dc.pc);
3165         ++insn_count;
3166         gen_exception(&dc, EXCP_YIELD);
3167         dc.is_jmp = DISAS_UPDATE;
3168         goto done;
3169     }
3170     if (tb->flags & XTENSA_TBFLAG_EXCEPTION) {
3171         tcg_gen_insn_start(dc.pc);
3172         ++insn_count;
3173         gen_exception(&dc, EXCP_DEBUG);
3174         dc.is_jmp = DISAS_UPDATE;
3175         goto done;
3176     }
3177 
3178     do {
3179         tcg_gen_insn_start(dc.pc);
3180         ++insn_count;
3181 
3182         if (unlikely(cpu_breakpoint_test(cs, dc.pc, BP_ANY))) {
3183             tcg_gen_movi_i32(cpu_pc, dc.pc);
3184             gen_exception(&dc, EXCP_DEBUG);
3185             dc.is_jmp = DISAS_UPDATE;
3186             /* The address covered by the breakpoint must be included in
3187                [tb->pc, tb->pc + tb->size) in order to for it to be
3188                properly cleared -- thus we increment the PC here so that
3189                the logic setting tb->size below does the right thing.  */
3190             dc.pc += 2;
3191             break;
3192         }
3193 
3194         if (insn_count == max_insns && (tb_cflags(tb) & CF_LAST_IO)) {
3195             gen_io_start();
3196         }
3197 
3198         if (dc.icount) {
3199             TCGLabel *label = gen_new_label();
3200 
3201             tcg_gen_addi_i32(dc.next_icount, cpu_SR[ICOUNT], 1);
3202             tcg_gen_brcondi_i32(TCG_COND_NE, dc.next_icount, 0, label);
3203             tcg_gen_mov_i32(dc.next_icount, cpu_SR[ICOUNT]);
3204             if (dc.debug) {
3205                 gen_debug_exception(&dc, DEBUGCAUSE_IC);
3206             }
3207             gen_set_label(label);
3208         }
3209 
3210         if (dc.debug) {
3211             gen_ibreak_check(env, &dc);
3212         }
3213 
3214         disas_xtensa_insn(env, &dc);
3215         if (dc.icount) {
3216             tcg_gen_mov_i32(cpu_SR[ICOUNT], dc.next_icount);
3217         }
3218         if (cs->singlestep_enabled) {
3219             tcg_gen_movi_i32(cpu_pc, dc.pc);
3220             gen_exception(&dc, EXCP_DEBUG);
3221             break;
3222         }
3223     } while (dc.is_jmp == DISAS_NEXT &&
3224             insn_count < max_insns &&
3225             dc.pc < next_page_start &&
3226             dc.pc + xtensa_insn_len(env, &dc) <= next_page_start &&
3227             !tcg_op_buf_full());
3228 done:
3229     reset_litbase(&dc);
3230     reset_sar_tracker(&dc);
3231     if (dc.icount) {
3232         tcg_temp_free(dc.next_icount);
3233     }
3234 
3235     if (tb_cflags(tb) & CF_LAST_IO) {
3236         gen_io_end();
3237     }
3238 
3239     if (dc.is_jmp == DISAS_NEXT) {
3240         gen_jumpi(&dc, dc.pc, 0);
3241     }
3242     gen_tb_end(tb, insn_count);
3243 
3244 #ifdef DEBUG_DISAS
3245     if (qemu_loglevel_mask(CPU_LOG_TB_IN_ASM)
3246         && qemu_log_in_addr_range(pc_start)) {
3247         qemu_log_lock();
3248         qemu_log("----------------\n");
3249         qemu_log("IN: %s\n", lookup_symbol(pc_start));
3250         log_target_disas(cs, pc_start, dc.pc - pc_start, 0);
3251         qemu_log("\n");
3252         qemu_log_unlock();
3253     }
3254 #endif
3255     tb->size = dc.pc - pc_start;
3256     tb->icount = insn_count;
3257 }
3258 
3259 void xtensa_cpu_dump_state(CPUState *cs, FILE *f,
3260                            fprintf_function cpu_fprintf, int flags)
3261 {
3262     XtensaCPU *cpu = XTENSA_CPU(cs);
3263     CPUXtensaState *env = &cpu->env;
3264     int i, j;
3265 
3266     cpu_fprintf(f, "PC=%08x\n\n", env->pc);
3267 
3268     for (i = j = 0; i < 256; ++i) {
3269         if (xtensa_option_bits_enabled(env->config, sregnames[i].opt_bits)) {
3270             cpu_fprintf(f, "%12s=%08x%c", sregnames[i].name, env->sregs[i],
3271                     (j++ % 4) == 3 ? '\n' : ' ');
3272         }
3273     }
3274 
3275     cpu_fprintf(f, (j % 4) == 0 ? "\n" : "\n\n");
3276 
3277     for (i = j = 0; i < 256; ++i) {
3278         if (xtensa_option_bits_enabled(env->config, uregnames[i].opt_bits)) {
3279             cpu_fprintf(f, "%s=%08x%c", uregnames[i].name, env->uregs[i],
3280                     (j++ % 4) == 3 ? '\n' : ' ');
3281         }
3282     }
3283 
3284     cpu_fprintf(f, (j % 4) == 0 ? "\n" : "\n\n");
3285 
3286     for (i = 0; i < 16; ++i) {
3287         cpu_fprintf(f, " A%02d=%08x%c", i, env->regs[i],
3288                 (i % 4) == 3 ? '\n' : ' ');
3289     }
3290 
3291     cpu_fprintf(f, "\n");
3292 
3293     for (i = 0; i < env->config->nareg; ++i) {
3294         cpu_fprintf(f, "AR%02d=%08x%c", i, env->phys_regs[i],
3295                 (i % 4) == 3 ? '\n' : ' ');
3296     }
3297 
3298     if (xtensa_option_enabled(env->config, XTENSA_OPTION_FP_COPROCESSOR)) {
3299         cpu_fprintf(f, "\n");
3300 
3301         for (i = 0; i < 16; ++i) {
3302             cpu_fprintf(f, "F%02d=%08x (%+10.8e)%c", i,
3303                     float32_val(env->fregs[i].f32[FP_F32_LOW]),
3304                     *(float *)(env->fregs[i].f32 + FP_F32_LOW),
3305                     (i % 2) == 1 ? '\n' : ' ');
3306         }
3307     }
3308 }
3309 
3310 void restore_state_to_opc(CPUXtensaState *env, TranslationBlock *tb,
3311                           target_ulong *data)
3312 {
3313     env->pc = data[0];
3314 }
3315