xref: /openbmc/qemu/target/xtensa/translate.c (revision 4a09d0bb)
1 /*
2  * Xtensa ISA:
3  * http://www.tensilica.com/products/literature-docs/documentation/xtensa-isa-databook.htm
4  *
5  * Copyright (c) 2011, Max Filippov, Open Source and Linux Lab.
6  * All rights reserved.
7  *
8  * Redistribution and use in source and binary forms, with or without
9  * modification, are permitted provided that the following conditions are met:
10  *     * Redistributions of source code must retain the above copyright
11  *       notice, this list of conditions and the following disclaimer.
12  *     * Redistributions in binary form must reproduce the above copyright
13  *       notice, this list of conditions and the following disclaimer in the
14  *       documentation and/or other materials provided with the distribution.
15  *     * Neither the name of the Open Source and Linux Lab nor the
16  *       names of its contributors may be used to endorse or promote products
17  *       derived from this software without specific prior written permission.
18  *
19  * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
20  * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
21  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
22  * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
23  * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
24  * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
25  * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
26  * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
27  * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
28  * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
29  */
30 
31 #include "qemu/osdep.h"
32 
33 #include "cpu.h"
34 #include "exec/exec-all.h"
35 #include "disas/disas.h"
36 #include "tcg-op.h"
37 #include "qemu/log.h"
38 #include "sysemu/sysemu.h"
39 #include "exec/cpu_ldst.h"
40 #include "exec/semihost.h"
41 
42 #include "exec/helper-proto.h"
43 #include "exec/helper-gen.h"
44 
45 #include "trace-tcg.h"
46 #include "exec/log.h"
47 
48 
49 typedef struct DisasContext {
50     const XtensaConfig *config;
51     TranslationBlock *tb;
52     uint32_t pc;
53     uint32_t next_pc;
54     int cring;
55     int ring;
56     uint32_t lbeg;
57     uint32_t lend;
58     TCGv_i32 litbase;
59     int is_jmp;
60     int singlestep_enabled;
61 
62     bool sar_5bit;
63     bool sar_m32_5bit;
64     bool sar_m32_allocated;
65     TCGv_i32 sar_m32;
66 
67     unsigned window;
68 
69     bool debug;
70     bool icount;
71     TCGv_i32 next_icount;
72 
73     unsigned cpenable;
74 } DisasContext;
75 
76 static TCGv_env cpu_env;
77 static TCGv_i32 cpu_pc;
78 static TCGv_i32 cpu_R[16];
79 static TCGv_i32 cpu_FR[16];
80 static TCGv_i32 cpu_SR[256];
81 static TCGv_i32 cpu_UR[256];
82 
83 #include "exec/gen-icount.h"
84 
85 typedef struct XtensaReg {
86     const char *name;
87     uint64_t opt_bits;
88     enum {
89         SR_R = 1,
90         SR_W = 2,
91         SR_X = 4,
92         SR_RW = 3,
93         SR_RWX = 7,
94     } access;
95 } XtensaReg;
96 
97 #define XTENSA_REG_ACCESS(regname, opt, acc) { \
98         .name = (regname), \
99         .opt_bits = XTENSA_OPTION_BIT(opt), \
100         .access = (acc), \
101     }
102 
103 #define XTENSA_REG(regname, opt) XTENSA_REG_ACCESS(regname, opt, SR_RWX)
104 
105 #define XTENSA_REG_BITS_ACCESS(regname, opt, acc) { \
106         .name = (regname), \
107         .opt_bits = (opt), \
108         .access = (acc), \
109     }
110 
111 #define XTENSA_REG_BITS(regname, opt) \
112     XTENSA_REG_BITS_ACCESS(regname, opt, SR_RWX)
113 
114 static const XtensaReg sregnames[256] = {
115     [LBEG] = XTENSA_REG("LBEG", XTENSA_OPTION_LOOP),
116     [LEND] = XTENSA_REG("LEND", XTENSA_OPTION_LOOP),
117     [LCOUNT] = XTENSA_REG("LCOUNT", XTENSA_OPTION_LOOP),
118     [SAR] = XTENSA_REG_BITS("SAR", XTENSA_OPTION_ALL),
119     [BR] = XTENSA_REG("BR", XTENSA_OPTION_BOOLEAN),
120     [LITBASE] = XTENSA_REG("LITBASE", XTENSA_OPTION_EXTENDED_L32R),
121     [SCOMPARE1] = XTENSA_REG("SCOMPARE1", XTENSA_OPTION_CONDITIONAL_STORE),
122     [ACCLO] = XTENSA_REG("ACCLO", XTENSA_OPTION_MAC16),
123     [ACCHI] = XTENSA_REG("ACCHI", XTENSA_OPTION_MAC16),
124     [MR] = XTENSA_REG("MR0", XTENSA_OPTION_MAC16),
125     [MR + 1] = XTENSA_REG("MR1", XTENSA_OPTION_MAC16),
126     [MR + 2] = XTENSA_REG("MR2", XTENSA_OPTION_MAC16),
127     [MR + 3] = XTENSA_REG("MR3", XTENSA_OPTION_MAC16),
128     [WINDOW_BASE] = XTENSA_REG("WINDOW_BASE", XTENSA_OPTION_WINDOWED_REGISTER),
129     [WINDOW_START] = XTENSA_REG("WINDOW_START",
130             XTENSA_OPTION_WINDOWED_REGISTER),
131     [PTEVADDR] = XTENSA_REG("PTEVADDR", XTENSA_OPTION_MMU),
132     [RASID] = XTENSA_REG("RASID", XTENSA_OPTION_MMU),
133     [ITLBCFG] = XTENSA_REG("ITLBCFG", XTENSA_OPTION_MMU),
134     [DTLBCFG] = XTENSA_REG("DTLBCFG", XTENSA_OPTION_MMU),
135     [IBREAKENABLE] = XTENSA_REG("IBREAKENABLE", XTENSA_OPTION_DEBUG),
136     [MEMCTL] = XTENSA_REG_BITS("MEMCTL", XTENSA_OPTION_ALL),
137     [CACHEATTR] = XTENSA_REG("CACHEATTR", XTENSA_OPTION_CACHEATTR),
138     [ATOMCTL] = XTENSA_REG("ATOMCTL", XTENSA_OPTION_ATOMCTL),
139     [IBREAKA] = XTENSA_REG("IBREAKA0", XTENSA_OPTION_DEBUG),
140     [IBREAKA + 1] = XTENSA_REG("IBREAKA1", XTENSA_OPTION_DEBUG),
141     [DBREAKA] = XTENSA_REG("DBREAKA0", XTENSA_OPTION_DEBUG),
142     [DBREAKA + 1] = XTENSA_REG("DBREAKA1", XTENSA_OPTION_DEBUG),
143     [DBREAKC] = XTENSA_REG("DBREAKC0", XTENSA_OPTION_DEBUG),
144     [DBREAKC + 1] = XTENSA_REG("DBREAKC1", XTENSA_OPTION_DEBUG),
145     [CONFIGID0] = XTENSA_REG_BITS_ACCESS("CONFIGID0", XTENSA_OPTION_ALL, SR_R),
146     [EPC1] = XTENSA_REG("EPC1", XTENSA_OPTION_EXCEPTION),
147     [EPC1 + 1] = XTENSA_REG("EPC2", XTENSA_OPTION_HIGH_PRIORITY_INTERRUPT),
148     [EPC1 + 2] = XTENSA_REG("EPC3", XTENSA_OPTION_HIGH_PRIORITY_INTERRUPT),
149     [EPC1 + 3] = XTENSA_REG("EPC4", XTENSA_OPTION_HIGH_PRIORITY_INTERRUPT),
150     [EPC1 + 4] = XTENSA_REG("EPC5", XTENSA_OPTION_HIGH_PRIORITY_INTERRUPT),
151     [EPC1 + 5] = XTENSA_REG("EPC6", XTENSA_OPTION_HIGH_PRIORITY_INTERRUPT),
152     [EPC1 + 6] = XTENSA_REG("EPC7", XTENSA_OPTION_HIGH_PRIORITY_INTERRUPT),
153     [DEPC] = XTENSA_REG("DEPC", XTENSA_OPTION_EXCEPTION),
154     [EPS2] = XTENSA_REG("EPS2", XTENSA_OPTION_HIGH_PRIORITY_INTERRUPT),
155     [EPS2 + 1] = XTENSA_REG("EPS3", XTENSA_OPTION_HIGH_PRIORITY_INTERRUPT),
156     [EPS2 + 2] = XTENSA_REG("EPS4", XTENSA_OPTION_HIGH_PRIORITY_INTERRUPT),
157     [EPS2 + 3] = XTENSA_REG("EPS5", XTENSA_OPTION_HIGH_PRIORITY_INTERRUPT),
158     [EPS2 + 4] = XTENSA_REG("EPS6", XTENSA_OPTION_HIGH_PRIORITY_INTERRUPT),
159     [EPS2 + 5] = XTENSA_REG("EPS7", XTENSA_OPTION_HIGH_PRIORITY_INTERRUPT),
160     [CONFIGID1] = XTENSA_REG_BITS_ACCESS("CONFIGID1", XTENSA_OPTION_ALL, SR_R),
161     [EXCSAVE1] = XTENSA_REG("EXCSAVE1", XTENSA_OPTION_EXCEPTION),
162     [EXCSAVE1 + 1] = XTENSA_REG("EXCSAVE2",
163             XTENSA_OPTION_HIGH_PRIORITY_INTERRUPT),
164     [EXCSAVE1 + 2] = XTENSA_REG("EXCSAVE3",
165             XTENSA_OPTION_HIGH_PRIORITY_INTERRUPT),
166     [EXCSAVE1 + 3] = XTENSA_REG("EXCSAVE4",
167             XTENSA_OPTION_HIGH_PRIORITY_INTERRUPT),
168     [EXCSAVE1 + 4] = XTENSA_REG("EXCSAVE5",
169             XTENSA_OPTION_HIGH_PRIORITY_INTERRUPT),
170     [EXCSAVE1 + 5] = XTENSA_REG("EXCSAVE6",
171             XTENSA_OPTION_HIGH_PRIORITY_INTERRUPT),
172     [EXCSAVE1 + 6] = XTENSA_REG("EXCSAVE7",
173             XTENSA_OPTION_HIGH_PRIORITY_INTERRUPT),
174     [CPENABLE] = XTENSA_REG("CPENABLE", XTENSA_OPTION_COPROCESSOR),
175     [INTSET] = XTENSA_REG_ACCESS("INTSET", XTENSA_OPTION_INTERRUPT, SR_RW),
176     [INTCLEAR] = XTENSA_REG_ACCESS("INTCLEAR", XTENSA_OPTION_INTERRUPT, SR_W),
177     [INTENABLE] = XTENSA_REG("INTENABLE", XTENSA_OPTION_INTERRUPT),
178     [PS] = XTENSA_REG_BITS("PS", XTENSA_OPTION_ALL),
179     [VECBASE] = XTENSA_REG("VECBASE", XTENSA_OPTION_RELOCATABLE_VECTOR),
180     [EXCCAUSE] = XTENSA_REG("EXCCAUSE", XTENSA_OPTION_EXCEPTION),
181     [DEBUGCAUSE] = XTENSA_REG_ACCESS("DEBUGCAUSE", XTENSA_OPTION_DEBUG, SR_R),
182     [CCOUNT] = XTENSA_REG("CCOUNT", XTENSA_OPTION_TIMER_INTERRUPT),
183     [PRID] = XTENSA_REG_ACCESS("PRID", XTENSA_OPTION_PROCESSOR_ID, SR_R),
184     [ICOUNT] = XTENSA_REG("ICOUNT", XTENSA_OPTION_DEBUG),
185     [ICOUNTLEVEL] = XTENSA_REG("ICOUNTLEVEL", XTENSA_OPTION_DEBUG),
186     [EXCVADDR] = XTENSA_REG("EXCVADDR", XTENSA_OPTION_EXCEPTION),
187     [CCOMPARE] = XTENSA_REG("CCOMPARE0", XTENSA_OPTION_TIMER_INTERRUPT),
188     [CCOMPARE + 1] = XTENSA_REG("CCOMPARE1",
189             XTENSA_OPTION_TIMER_INTERRUPT),
190     [CCOMPARE + 2] = XTENSA_REG("CCOMPARE2",
191             XTENSA_OPTION_TIMER_INTERRUPT),
192     [MISC] = XTENSA_REG("MISC0", XTENSA_OPTION_MISC_SR),
193     [MISC + 1] = XTENSA_REG("MISC1", XTENSA_OPTION_MISC_SR),
194     [MISC + 2] = XTENSA_REG("MISC2", XTENSA_OPTION_MISC_SR),
195     [MISC + 3] = XTENSA_REG("MISC3", XTENSA_OPTION_MISC_SR),
196 };
197 
198 static const XtensaReg uregnames[256] = {
199     [THREADPTR] = XTENSA_REG("THREADPTR", XTENSA_OPTION_THREAD_POINTER),
200     [FCR] = XTENSA_REG("FCR", XTENSA_OPTION_FP_COPROCESSOR),
201     [FSR] = XTENSA_REG("FSR", XTENSA_OPTION_FP_COPROCESSOR),
202 };
203 
204 void xtensa_translate_init(void)
205 {
206     static const char * const regnames[] = {
207         "ar0", "ar1", "ar2", "ar3",
208         "ar4", "ar5", "ar6", "ar7",
209         "ar8", "ar9", "ar10", "ar11",
210         "ar12", "ar13", "ar14", "ar15",
211     };
212     static const char * const fregnames[] = {
213         "f0", "f1", "f2", "f3",
214         "f4", "f5", "f6", "f7",
215         "f8", "f9", "f10", "f11",
216         "f12", "f13", "f14", "f15",
217     };
218     int i;
219 
220     cpu_env = tcg_global_reg_new_ptr(TCG_AREG0, "env");
221     tcg_ctx.tcg_env = cpu_env;
222     cpu_pc = tcg_global_mem_new_i32(cpu_env,
223             offsetof(CPUXtensaState, pc), "pc");
224 
225     for (i = 0; i < 16; i++) {
226         cpu_R[i] = tcg_global_mem_new_i32(cpu_env,
227                 offsetof(CPUXtensaState, regs[i]),
228                 regnames[i]);
229     }
230 
231     for (i = 0; i < 16; i++) {
232         cpu_FR[i] = tcg_global_mem_new_i32(cpu_env,
233                 offsetof(CPUXtensaState, fregs[i].f32[FP_F32_LOW]),
234                 fregnames[i]);
235     }
236 
237     for (i = 0; i < 256; ++i) {
238         if (sregnames[i].name) {
239             cpu_SR[i] = tcg_global_mem_new_i32(cpu_env,
240                     offsetof(CPUXtensaState, sregs[i]),
241                     sregnames[i].name);
242         }
243     }
244 
245     for (i = 0; i < 256; ++i) {
246         if (uregnames[i].name) {
247             cpu_UR[i] = tcg_global_mem_new_i32(cpu_env,
248                     offsetof(CPUXtensaState, uregs[i]),
249                     uregnames[i].name);
250         }
251     }
252 }
253 
254 static inline bool option_bits_enabled(DisasContext *dc, uint64_t opt)
255 {
256     return xtensa_option_bits_enabled(dc->config, opt);
257 }
258 
259 static inline bool option_enabled(DisasContext *dc, int opt)
260 {
261     return xtensa_option_enabled(dc->config, opt);
262 }
263 
264 static void init_litbase(DisasContext *dc)
265 {
266     if (dc->tb->flags & XTENSA_TBFLAG_LITBASE) {
267         dc->litbase = tcg_temp_local_new_i32();
268         tcg_gen_andi_i32(dc->litbase, cpu_SR[LITBASE], 0xfffff000);
269     }
270 }
271 
272 static void reset_litbase(DisasContext *dc)
273 {
274     if (dc->tb->flags & XTENSA_TBFLAG_LITBASE) {
275         tcg_temp_free(dc->litbase);
276     }
277 }
278 
279 static void init_sar_tracker(DisasContext *dc)
280 {
281     dc->sar_5bit = false;
282     dc->sar_m32_5bit = false;
283     dc->sar_m32_allocated = false;
284 }
285 
286 static void reset_sar_tracker(DisasContext *dc)
287 {
288     if (dc->sar_m32_allocated) {
289         tcg_temp_free(dc->sar_m32);
290     }
291 }
292 
293 static void gen_right_shift_sar(DisasContext *dc, TCGv_i32 sa)
294 {
295     tcg_gen_andi_i32(cpu_SR[SAR], sa, 0x1f);
296     if (dc->sar_m32_5bit) {
297         tcg_gen_discard_i32(dc->sar_m32);
298     }
299     dc->sar_5bit = true;
300     dc->sar_m32_5bit = false;
301 }
302 
303 static void gen_left_shift_sar(DisasContext *dc, TCGv_i32 sa)
304 {
305     TCGv_i32 tmp = tcg_const_i32(32);
306     if (!dc->sar_m32_allocated) {
307         dc->sar_m32 = tcg_temp_local_new_i32();
308         dc->sar_m32_allocated = true;
309     }
310     tcg_gen_andi_i32(dc->sar_m32, sa, 0x1f);
311     tcg_gen_sub_i32(cpu_SR[SAR], tmp, dc->sar_m32);
312     dc->sar_5bit = false;
313     dc->sar_m32_5bit = true;
314     tcg_temp_free(tmp);
315 }
316 
317 static void gen_exception(DisasContext *dc, int excp)
318 {
319     TCGv_i32 tmp = tcg_const_i32(excp);
320     gen_helper_exception(cpu_env, tmp);
321     tcg_temp_free(tmp);
322 }
323 
324 static void gen_exception_cause(DisasContext *dc, uint32_t cause)
325 {
326     TCGv_i32 tpc = tcg_const_i32(dc->pc);
327     TCGv_i32 tcause = tcg_const_i32(cause);
328     gen_helper_exception_cause(cpu_env, tpc, tcause);
329     tcg_temp_free(tpc);
330     tcg_temp_free(tcause);
331     if (cause == ILLEGAL_INSTRUCTION_CAUSE ||
332             cause == SYSCALL_CAUSE) {
333         dc->is_jmp = DISAS_UPDATE;
334     }
335 }
336 
337 static void gen_exception_cause_vaddr(DisasContext *dc, uint32_t cause,
338         TCGv_i32 vaddr)
339 {
340     TCGv_i32 tpc = tcg_const_i32(dc->pc);
341     TCGv_i32 tcause = tcg_const_i32(cause);
342     gen_helper_exception_cause_vaddr(cpu_env, tpc, tcause, vaddr);
343     tcg_temp_free(tpc);
344     tcg_temp_free(tcause);
345 }
346 
347 static void gen_debug_exception(DisasContext *dc, uint32_t cause)
348 {
349     TCGv_i32 tpc = tcg_const_i32(dc->pc);
350     TCGv_i32 tcause = tcg_const_i32(cause);
351     gen_helper_debug_exception(cpu_env, tpc, tcause);
352     tcg_temp_free(tpc);
353     tcg_temp_free(tcause);
354     if (cause & (DEBUGCAUSE_IB | DEBUGCAUSE_BI | DEBUGCAUSE_BN)) {
355         dc->is_jmp = DISAS_UPDATE;
356     }
357 }
358 
359 static bool gen_check_privilege(DisasContext *dc)
360 {
361     if (dc->cring) {
362         gen_exception_cause(dc, PRIVILEGED_CAUSE);
363         dc->is_jmp = DISAS_UPDATE;
364         return false;
365     }
366     return true;
367 }
368 
369 static bool gen_check_cpenable(DisasContext *dc, unsigned cp)
370 {
371     if (option_enabled(dc, XTENSA_OPTION_COPROCESSOR) &&
372             !(dc->cpenable & (1 << cp))) {
373         gen_exception_cause(dc, COPROCESSOR0_DISABLED + cp);
374         dc->is_jmp = DISAS_UPDATE;
375         return false;
376     }
377     return true;
378 }
379 
380 static void gen_jump_slot(DisasContext *dc, TCGv dest, int slot)
381 {
382     tcg_gen_mov_i32(cpu_pc, dest);
383     if (dc->icount) {
384         tcg_gen_mov_i32(cpu_SR[ICOUNT], dc->next_icount);
385     }
386     if (dc->singlestep_enabled) {
387         gen_exception(dc, EXCP_DEBUG);
388     } else {
389         if (slot >= 0) {
390             tcg_gen_goto_tb(slot);
391             tcg_gen_exit_tb((uintptr_t)dc->tb + slot);
392         } else {
393             tcg_gen_exit_tb(0);
394         }
395     }
396     dc->is_jmp = DISAS_UPDATE;
397 }
398 
399 static void gen_jump(DisasContext *dc, TCGv dest)
400 {
401     gen_jump_slot(dc, dest, -1);
402 }
403 
404 static void gen_jumpi(DisasContext *dc, uint32_t dest, int slot)
405 {
406     TCGv_i32 tmp = tcg_const_i32(dest);
407 #ifndef CONFIG_USER_ONLY
408     if (((dc->tb->pc ^ dest) & TARGET_PAGE_MASK) != 0) {
409         slot = -1;
410     }
411 #endif
412     gen_jump_slot(dc, tmp, slot);
413     tcg_temp_free(tmp);
414 }
415 
416 static void gen_callw_slot(DisasContext *dc, int callinc, TCGv_i32 dest,
417         int slot)
418 {
419     TCGv_i32 tcallinc = tcg_const_i32(callinc);
420 
421     tcg_gen_deposit_i32(cpu_SR[PS], cpu_SR[PS],
422             tcallinc, PS_CALLINC_SHIFT, PS_CALLINC_LEN);
423     tcg_temp_free(tcallinc);
424     tcg_gen_movi_i32(cpu_R[callinc << 2],
425             (callinc << 30) | (dc->next_pc & 0x3fffffff));
426     gen_jump_slot(dc, dest, slot);
427 }
428 
429 static void gen_callw(DisasContext *dc, int callinc, TCGv_i32 dest)
430 {
431     gen_callw_slot(dc, callinc, dest, -1);
432 }
433 
434 static void gen_callwi(DisasContext *dc, int callinc, uint32_t dest, int slot)
435 {
436     TCGv_i32 tmp = tcg_const_i32(dest);
437 #ifndef CONFIG_USER_ONLY
438     if (((dc->tb->pc ^ dest) & TARGET_PAGE_MASK) != 0) {
439         slot = -1;
440     }
441 #endif
442     gen_callw_slot(dc, callinc, tmp, slot);
443     tcg_temp_free(tmp);
444 }
445 
446 static bool gen_check_loop_end(DisasContext *dc, int slot)
447 {
448     if (option_enabled(dc, XTENSA_OPTION_LOOP) &&
449             !(dc->tb->flags & XTENSA_TBFLAG_EXCM) &&
450             dc->next_pc == dc->lend) {
451         TCGLabel *label = gen_new_label();
452 
453         tcg_gen_brcondi_i32(TCG_COND_EQ, cpu_SR[LCOUNT], 0, label);
454         tcg_gen_subi_i32(cpu_SR[LCOUNT], cpu_SR[LCOUNT], 1);
455         gen_jumpi(dc, dc->lbeg, slot);
456         gen_set_label(label);
457         gen_jumpi(dc, dc->next_pc, -1);
458         return true;
459     }
460     return false;
461 }
462 
463 static void gen_jumpi_check_loop_end(DisasContext *dc, int slot)
464 {
465     if (!gen_check_loop_end(dc, slot)) {
466         gen_jumpi(dc, dc->next_pc, slot);
467     }
468 }
469 
470 static void gen_brcond(DisasContext *dc, TCGCond cond,
471         TCGv_i32 t0, TCGv_i32 t1, uint32_t offset)
472 {
473     TCGLabel *label = gen_new_label();
474 
475     tcg_gen_brcond_i32(cond, t0, t1, label);
476     gen_jumpi_check_loop_end(dc, 0);
477     gen_set_label(label);
478     gen_jumpi(dc, dc->pc + offset, 1);
479 }
480 
481 static void gen_brcondi(DisasContext *dc, TCGCond cond,
482         TCGv_i32 t0, uint32_t t1, uint32_t offset)
483 {
484     TCGv_i32 tmp = tcg_const_i32(t1);
485     gen_brcond(dc, cond, t0, tmp, offset);
486     tcg_temp_free(tmp);
487 }
488 
489 static bool gen_check_sr(DisasContext *dc, uint32_t sr, unsigned access)
490 {
491     if (!xtensa_option_bits_enabled(dc->config, sregnames[sr].opt_bits)) {
492         if (sregnames[sr].name) {
493             qemu_log_mask(LOG_GUEST_ERROR, "SR %s is not configured\n", sregnames[sr].name);
494         } else {
495             qemu_log_mask(LOG_UNIMP, "SR %d is not implemented\n", sr);
496         }
497         gen_exception_cause(dc, ILLEGAL_INSTRUCTION_CAUSE);
498         return false;
499     } else if (!(sregnames[sr].access & access)) {
500         static const char * const access_text[] = {
501             [SR_R] = "rsr",
502             [SR_W] = "wsr",
503             [SR_X] = "xsr",
504         };
505         assert(access < ARRAY_SIZE(access_text) && access_text[access]);
506         qemu_log_mask(LOG_GUEST_ERROR, "SR %s is not available for %s\n", sregnames[sr].name,
507                       access_text[access]);
508         gen_exception_cause(dc, ILLEGAL_INSTRUCTION_CAUSE);
509         return false;
510     }
511     return true;
512 }
513 
514 static bool gen_rsr_ccount(DisasContext *dc, TCGv_i32 d, uint32_t sr)
515 {
516     if (dc->tb->cflags & CF_USE_ICOUNT) {
517         gen_io_start();
518     }
519     gen_helper_update_ccount(cpu_env);
520     tcg_gen_mov_i32(d, cpu_SR[sr]);
521     if (dc->tb->cflags & CF_USE_ICOUNT) {
522         gen_io_end();
523         return true;
524     }
525     return false;
526 }
527 
528 static bool gen_rsr_ptevaddr(DisasContext *dc, TCGv_i32 d, uint32_t sr)
529 {
530     tcg_gen_shri_i32(d, cpu_SR[EXCVADDR], 10);
531     tcg_gen_or_i32(d, d, cpu_SR[sr]);
532     tcg_gen_andi_i32(d, d, 0xfffffffc);
533     return false;
534 }
535 
536 static bool gen_rsr(DisasContext *dc, TCGv_i32 d, uint32_t sr)
537 {
538     static bool (* const rsr_handler[256])(DisasContext *dc,
539             TCGv_i32 d, uint32_t sr) = {
540         [CCOUNT] = gen_rsr_ccount,
541         [INTSET] = gen_rsr_ccount,
542         [PTEVADDR] = gen_rsr_ptevaddr,
543     };
544 
545     if (rsr_handler[sr]) {
546         return rsr_handler[sr](dc, d, sr);
547     } else {
548         tcg_gen_mov_i32(d, cpu_SR[sr]);
549         return false;
550     }
551 }
552 
553 static bool gen_wsr_lbeg(DisasContext *dc, uint32_t sr, TCGv_i32 s)
554 {
555     gen_helper_wsr_lbeg(cpu_env, s);
556     gen_jumpi_check_loop_end(dc, 0);
557     return false;
558 }
559 
560 static bool gen_wsr_lend(DisasContext *dc, uint32_t sr, TCGv_i32 s)
561 {
562     gen_helper_wsr_lend(cpu_env, s);
563     gen_jumpi_check_loop_end(dc, 0);
564     return false;
565 }
566 
567 static bool gen_wsr_sar(DisasContext *dc, uint32_t sr, TCGv_i32 s)
568 {
569     tcg_gen_andi_i32(cpu_SR[sr], s, 0x3f);
570     if (dc->sar_m32_5bit) {
571         tcg_gen_discard_i32(dc->sar_m32);
572     }
573     dc->sar_5bit = false;
574     dc->sar_m32_5bit = false;
575     return false;
576 }
577 
578 static bool gen_wsr_br(DisasContext *dc, uint32_t sr, TCGv_i32 s)
579 {
580     tcg_gen_andi_i32(cpu_SR[sr], s, 0xffff);
581     return false;
582 }
583 
584 static bool gen_wsr_litbase(DisasContext *dc, uint32_t sr, TCGv_i32 s)
585 {
586     tcg_gen_andi_i32(cpu_SR[sr], s, 0xfffff001);
587     /* This can change tb->flags, so exit tb */
588     gen_jumpi_check_loop_end(dc, -1);
589     return true;
590 }
591 
592 static bool gen_wsr_acchi(DisasContext *dc, uint32_t sr, TCGv_i32 s)
593 {
594     tcg_gen_ext8s_i32(cpu_SR[sr], s);
595     return false;
596 }
597 
598 static bool gen_wsr_windowbase(DisasContext *dc, uint32_t sr, TCGv_i32 v)
599 {
600     gen_helper_wsr_windowbase(cpu_env, v);
601     /* This can change tb->flags, so exit tb */
602     gen_jumpi_check_loop_end(dc, -1);
603     return true;
604 }
605 
606 static bool gen_wsr_windowstart(DisasContext *dc, uint32_t sr, TCGv_i32 v)
607 {
608     tcg_gen_andi_i32(cpu_SR[sr], v, (1 << dc->config->nareg / 4) - 1);
609     /* This can change tb->flags, so exit tb */
610     gen_jumpi_check_loop_end(dc, -1);
611     return true;
612 }
613 
614 static bool gen_wsr_ptevaddr(DisasContext *dc, uint32_t sr, TCGv_i32 v)
615 {
616     tcg_gen_andi_i32(cpu_SR[sr], v, 0xffc00000);
617     return false;
618 }
619 
620 static bool gen_wsr_rasid(DisasContext *dc, uint32_t sr, TCGv_i32 v)
621 {
622     gen_helper_wsr_rasid(cpu_env, v);
623     /* This can change tb->flags, so exit tb */
624     gen_jumpi_check_loop_end(dc, -1);
625     return true;
626 }
627 
628 static bool gen_wsr_tlbcfg(DisasContext *dc, uint32_t sr, TCGv_i32 v)
629 {
630     tcg_gen_andi_i32(cpu_SR[sr], v, 0x01130000);
631     return false;
632 }
633 
634 static bool gen_wsr_ibreakenable(DisasContext *dc, uint32_t sr, TCGv_i32 v)
635 {
636     gen_helper_wsr_ibreakenable(cpu_env, v);
637     gen_jumpi_check_loop_end(dc, 0);
638     return true;
639 }
640 
641 static bool gen_wsr_memctl(DisasContext *dc, uint32_t sr, TCGv_i32 v)
642 {
643     gen_helper_wsr_memctl(cpu_env, v);
644     return false;
645 }
646 
647 static bool gen_wsr_atomctl(DisasContext *dc, uint32_t sr, TCGv_i32 v)
648 {
649     tcg_gen_andi_i32(cpu_SR[sr], v, 0x3f);
650     return false;
651 }
652 
653 static bool gen_wsr_ibreaka(DisasContext *dc, uint32_t sr, TCGv_i32 v)
654 {
655     unsigned id = sr - IBREAKA;
656 
657     if (id < dc->config->nibreak) {
658         TCGv_i32 tmp = tcg_const_i32(id);
659         gen_helper_wsr_ibreaka(cpu_env, tmp, v);
660         tcg_temp_free(tmp);
661         gen_jumpi_check_loop_end(dc, 0);
662         return true;
663     }
664     return false;
665 }
666 
667 static bool gen_wsr_dbreaka(DisasContext *dc, uint32_t sr, TCGv_i32 v)
668 {
669     unsigned id = sr - DBREAKA;
670 
671     if (id < dc->config->ndbreak) {
672         TCGv_i32 tmp = tcg_const_i32(id);
673         gen_helper_wsr_dbreaka(cpu_env, tmp, v);
674         tcg_temp_free(tmp);
675     }
676     return false;
677 }
678 
679 static bool gen_wsr_dbreakc(DisasContext *dc, uint32_t sr, TCGv_i32 v)
680 {
681     unsigned id = sr - DBREAKC;
682 
683     if (id < dc->config->ndbreak) {
684         TCGv_i32 tmp = tcg_const_i32(id);
685         gen_helper_wsr_dbreakc(cpu_env, tmp, v);
686         tcg_temp_free(tmp);
687     }
688     return false;
689 }
690 
691 static bool gen_wsr_cpenable(DisasContext *dc, uint32_t sr, TCGv_i32 v)
692 {
693     tcg_gen_andi_i32(cpu_SR[sr], v, 0xff);
694     /* This can change tb->flags, so exit tb */
695     gen_jumpi_check_loop_end(dc, -1);
696     return true;
697 }
698 
699 static void gen_check_interrupts(DisasContext *dc)
700 {
701     if (dc->tb->cflags & CF_USE_ICOUNT) {
702         gen_io_start();
703     }
704     gen_helper_check_interrupts(cpu_env);
705     if (dc->tb->cflags & CF_USE_ICOUNT) {
706         gen_io_end();
707     }
708 }
709 
710 static bool gen_wsr_intset(DisasContext *dc, uint32_t sr, TCGv_i32 v)
711 {
712     tcg_gen_andi_i32(cpu_SR[sr], v,
713             dc->config->inttype_mask[INTTYPE_SOFTWARE]);
714     gen_check_interrupts(dc);
715     gen_jumpi_check_loop_end(dc, 0);
716     return true;
717 }
718 
719 static bool gen_wsr_intclear(DisasContext *dc, uint32_t sr, TCGv_i32 v)
720 {
721     TCGv_i32 tmp = tcg_temp_new_i32();
722 
723     tcg_gen_andi_i32(tmp, v,
724             dc->config->inttype_mask[INTTYPE_EDGE] |
725             dc->config->inttype_mask[INTTYPE_NMI] |
726             dc->config->inttype_mask[INTTYPE_SOFTWARE]);
727     tcg_gen_andc_i32(cpu_SR[INTSET], cpu_SR[INTSET], tmp);
728     tcg_temp_free(tmp);
729     gen_check_interrupts(dc);
730     gen_jumpi_check_loop_end(dc, 0);
731     return true;
732 }
733 
734 static bool gen_wsr_intenable(DisasContext *dc, uint32_t sr, TCGv_i32 v)
735 {
736     tcg_gen_mov_i32(cpu_SR[sr], v);
737     gen_check_interrupts(dc);
738     gen_jumpi_check_loop_end(dc, 0);
739     return true;
740 }
741 
742 static bool gen_wsr_ps(DisasContext *dc, uint32_t sr, TCGv_i32 v)
743 {
744     uint32_t mask = PS_WOE | PS_CALLINC | PS_OWB |
745         PS_UM | PS_EXCM | PS_INTLEVEL;
746 
747     if (option_enabled(dc, XTENSA_OPTION_MMU)) {
748         mask |= PS_RING;
749     }
750     tcg_gen_andi_i32(cpu_SR[sr], v, mask);
751     gen_check_interrupts(dc);
752     /* This can change mmu index and tb->flags, so exit tb */
753     gen_jumpi_check_loop_end(dc, -1);
754     return true;
755 }
756 
757 static bool gen_wsr_ccount(DisasContext *dc, uint32_t sr, TCGv_i32 v)
758 {
759     if (dc->tb->cflags & CF_USE_ICOUNT) {
760         gen_io_start();
761     }
762     gen_helper_wsr_ccount(cpu_env, v);
763     if (dc->tb->cflags & CF_USE_ICOUNT) {
764         gen_io_end();
765         gen_jumpi_check_loop_end(dc, 0);
766         return true;
767     }
768     return false;
769 }
770 
771 static bool gen_wsr_icount(DisasContext *dc, uint32_t sr, TCGv_i32 v)
772 {
773     if (dc->icount) {
774         tcg_gen_mov_i32(dc->next_icount, v);
775     } else {
776         tcg_gen_mov_i32(cpu_SR[sr], v);
777     }
778     return false;
779 }
780 
781 static bool gen_wsr_icountlevel(DisasContext *dc, uint32_t sr, TCGv_i32 v)
782 {
783     tcg_gen_andi_i32(cpu_SR[sr], v, 0xf);
784     /* This can change tb->flags, so exit tb */
785     gen_jumpi_check_loop_end(dc, -1);
786     return true;
787 }
788 
789 static bool gen_wsr_ccompare(DisasContext *dc, uint32_t sr, TCGv_i32 v)
790 {
791     uint32_t id = sr - CCOMPARE;
792     bool ret = false;
793 
794     if (id < dc->config->nccompare) {
795         uint32_t int_bit = 1 << dc->config->timerint[id];
796         TCGv_i32 tmp = tcg_const_i32(id);
797 
798         tcg_gen_mov_i32(cpu_SR[sr], v);
799         tcg_gen_andi_i32(cpu_SR[INTSET], cpu_SR[INTSET], ~int_bit);
800         if (dc->tb->cflags & CF_USE_ICOUNT) {
801             gen_io_start();
802         }
803         gen_helper_update_ccompare(cpu_env, tmp);
804         if (dc->tb->cflags & CF_USE_ICOUNT) {
805             gen_io_end();
806             gen_jumpi_check_loop_end(dc, 0);
807             ret = true;
808         }
809         tcg_temp_free(tmp);
810     }
811     return ret;
812 }
813 
814 static bool gen_wsr(DisasContext *dc, uint32_t sr, TCGv_i32 s)
815 {
816     static bool (* const wsr_handler[256])(DisasContext *dc,
817             uint32_t sr, TCGv_i32 v) = {
818         [LBEG] = gen_wsr_lbeg,
819         [LEND] = gen_wsr_lend,
820         [SAR] = gen_wsr_sar,
821         [BR] = gen_wsr_br,
822         [LITBASE] = gen_wsr_litbase,
823         [ACCHI] = gen_wsr_acchi,
824         [WINDOW_BASE] = gen_wsr_windowbase,
825         [WINDOW_START] = gen_wsr_windowstart,
826         [PTEVADDR] = gen_wsr_ptevaddr,
827         [RASID] = gen_wsr_rasid,
828         [ITLBCFG] = gen_wsr_tlbcfg,
829         [DTLBCFG] = gen_wsr_tlbcfg,
830         [IBREAKENABLE] = gen_wsr_ibreakenable,
831         [MEMCTL] = gen_wsr_memctl,
832         [ATOMCTL] = gen_wsr_atomctl,
833         [IBREAKA] = gen_wsr_ibreaka,
834         [IBREAKA + 1] = gen_wsr_ibreaka,
835         [DBREAKA] = gen_wsr_dbreaka,
836         [DBREAKA + 1] = gen_wsr_dbreaka,
837         [DBREAKC] = gen_wsr_dbreakc,
838         [DBREAKC + 1] = gen_wsr_dbreakc,
839         [CPENABLE] = gen_wsr_cpenable,
840         [INTSET] = gen_wsr_intset,
841         [INTCLEAR] = gen_wsr_intclear,
842         [INTENABLE] = gen_wsr_intenable,
843         [PS] = gen_wsr_ps,
844         [CCOUNT] = gen_wsr_ccount,
845         [ICOUNT] = gen_wsr_icount,
846         [ICOUNTLEVEL] = gen_wsr_icountlevel,
847         [CCOMPARE] = gen_wsr_ccompare,
848         [CCOMPARE + 1] = gen_wsr_ccompare,
849         [CCOMPARE + 2] = gen_wsr_ccompare,
850     };
851 
852     if (wsr_handler[sr]) {
853         return wsr_handler[sr](dc, sr, s);
854     } else {
855         tcg_gen_mov_i32(cpu_SR[sr], s);
856         return false;
857     }
858 }
859 
860 static void gen_wur(uint32_t ur, TCGv_i32 s)
861 {
862     switch (ur) {
863     case FCR:
864         gen_helper_wur_fcr(cpu_env, s);
865         break;
866 
867     case FSR:
868         tcg_gen_andi_i32(cpu_UR[ur], s, 0xffffff80);
869         break;
870 
871     default:
872         tcg_gen_mov_i32(cpu_UR[ur], s);
873         break;
874     }
875 }
876 
877 static void gen_load_store_alignment(DisasContext *dc, int shift,
878         TCGv_i32 addr, bool no_hw_alignment)
879 {
880     if (!option_enabled(dc, XTENSA_OPTION_UNALIGNED_EXCEPTION)) {
881         tcg_gen_andi_i32(addr, addr, ~0 << shift);
882     } else if (option_enabled(dc, XTENSA_OPTION_HW_ALIGNMENT) &&
883             no_hw_alignment) {
884         TCGLabel *label = gen_new_label();
885         TCGv_i32 tmp = tcg_temp_new_i32();
886         tcg_gen_andi_i32(tmp, addr, ~(~0 << shift));
887         tcg_gen_brcondi_i32(TCG_COND_EQ, tmp, 0, label);
888         gen_exception_cause_vaddr(dc, LOAD_STORE_ALIGNMENT_CAUSE, addr);
889         gen_set_label(label);
890         tcg_temp_free(tmp);
891     }
892 }
893 
894 static void gen_waiti(DisasContext *dc, uint32_t imm4)
895 {
896     TCGv_i32 pc = tcg_const_i32(dc->next_pc);
897     TCGv_i32 intlevel = tcg_const_i32(imm4);
898 
899     if (dc->tb->cflags & CF_USE_ICOUNT) {
900         gen_io_start();
901     }
902     gen_helper_waiti(cpu_env, pc, intlevel);
903     if (dc->tb->cflags & CF_USE_ICOUNT) {
904         gen_io_end();
905     }
906     tcg_temp_free(pc);
907     tcg_temp_free(intlevel);
908     gen_jumpi_check_loop_end(dc, 0);
909 }
910 
911 static bool gen_window_check1(DisasContext *dc, unsigned r1)
912 {
913     if (r1 / 4 > dc->window) {
914         TCGv_i32 pc = tcg_const_i32(dc->pc);
915         TCGv_i32 w = tcg_const_i32(r1 / 4);
916 
917         gen_helper_window_check(cpu_env, pc, w);
918         dc->is_jmp = DISAS_UPDATE;
919         return false;
920     }
921     return true;
922 }
923 
924 static bool gen_window_check2(DisasContext *dc, unsigned r1, unsigned r2)
925 {
926     return gen_window_check1(dc, r1 > r2 ? r1 : r2);
927 }
928 
929 static bool gen_window_check3(DisasContext *dc, unsigned r1, unsigned r2,
930         unsigned r3)
931 {
932     return gen_window_check2(dc, r1, r2 > r3 ? r2 : r3);
933 }
934 
935 static TCGv_i32 gen_mac16_m(TCGv_i32 v, bool hi, bool is_unsigned)
936 {
937     TCGv_i32 m = tcg_temp_new_i32();
938 
939     if (hi) {
940         (is_unsigned ? tcg_gen_shri_i32 : tcg_gen_sari_i32)(m, v, 16);
941     } else {
942         (is_unsigned ? tcg_gen_ext16u_i32 : tcg_gen_ext16s_i32)(m, v);
943     }
944     return m;
945 }
946 
947 static inline unsigned xtensa_op0_insn_len(unsigned op0)
948 {
949     return op0 >= 8 ? 2 : 3;
950 }
951 
952 static void disas_xtensa_insn(CPUXtensaState *env, DisasContext *dc)
953 {
954 #define HAS_OPTION_BITS(opt) do { \
955         if (!option_bits_enabled(dc, opt)) { \
956             qemu_log_mask(LOG_GUEST_ERROR, "Option is not enabled %s:%d\n", \
957                           __FILE__, __LINE__); \
958             goto invalid_opcode; \
959         } \
960     } while (0)
961 
962 #define HAS_OPTION(opt) HAS_OPTION_BITS(XTENSA_OPTION_BIT(opt))
963 
964 #define TBD() qemu_log_mask(LOG_UNIMP, "TBD(pc = %08x): %s:%d\n", dc->pc, __FILE__, __LINE__)
965 #define RESERVED() do { \
966         qemu_log_mask(LOG_GUEST_ERROR, "RESERVED(pc = %08x, %02x%02x%02x): %s:%d\n", \
967                       dc->pc, b0, b1, b2, __FILE__, __LINE__); \
968         goto invalid_opcode; \
969     } while (0)
970 
971 
972 #ifdef TARGET_WORDS_BIGENDIAN
973 #define OP0 (((b0) & 0xf0) >> 4)
974 #define OP1 (((b2) & 0xf0) >> 4)
975 #define OP2 ((b2) & 0xf)
976 #define RRR_R ((b1) & 0xf)
977 #define RRR_S (((b1) & 0xf0) >> 4)
978 #define RRR_T ((b0) & 0xf)
979 #else
980 #define OP0 (((b0) & 0xf))
981 #define OP1 (((b2) & 0xf))
982 #define OP2 (((b2) & 0xf0) >> 4)
983 #define RRR_R (((b1) & 0xf0) >> 4)
984 #define RRR_S (((b1) & 0xf))
985 #define RRR_T (((b0) & 0xf0) >> 4)
986 #endif
987 #define RRR_X ((RRR_R & 0x4) >> 2)
988 #define RRR_Y ((RRR_T & 0x4) >> 2)
989 #define RRR_W (RRR_R & 0x3)
990 
991 #define RRRN_R RRR_R
992 #define RRRN_S RRR_S
993 #define RRRN_T RRR_T
994 
995 #define RRI4_R RRR_R
996 #define RRI4_S RRR_S
997 #define RRI4_T RRR_T
998 #ifdef TARGET_WORDS_BIGENDIAN
999 #define RRI4_IMM4 ((b2) & 0xf)
1000 #else
1001 #define RRI4_IMM4 (((b2) & 0xf0) >> 4)
1002 #endif
1003 
1004 #define RRI8_R RRR_R
1005 #define RRI8_S RRR_S
1006 #define RRI8_T RRR_T
1007 #define RRI8_IMM8 (b2)
1008 #define RRI8_IMM8_SE ((((b2) & 0x80) ? 0xffffff00 : 0) | RRI8_IMM8)
1009 
1010 #ifdef TARGET_WORDS_BIGENDIAN
1011 #define RI16_IMM16 (((b1) << 8) | (b2))
1012 #else
1013 #define RI16_IMM16 (((b2) << 8) | (b1))
1014 #endif
1015 
1016 #ifdef TARGET_WORDS_BIGENDIAN
1017 #define CALL_N (((b0) & 0xc) >> 2)
1018 #define CALL_OFFSET ((((b0) & 0x3) << 16) | ((b1) << 8) | (b2))
1019 #else
1020 #define CALL_N (((b0) & 0x30) >> 4)
1021 #define CALL_OFFSET ((((b0) & 0xc0) >> 6) | ((b1) << 2) | ((b2) << 10))
1022 #endif
1023 #define CALL_OFFSET_SE \
1024     (((CALL_OFFSET & 0x20000) ? 0xfffc0000 : 0) | CALL_OFFSET)
1025 
1026 #define CALLX_N CALL_N
1027 #ifdef TARGET_WORDS_BIGENDIAN
1028 #define CALLX_M ((b0) & 0x3)
1029 #else
1030 #define CALLX_M (((b0) & 0xc0) >> 6)
1031 #endif
1032 #define CALLX_S RRR_S
1033 
1034 #define BRI12_M CALLX_M
1035 #define BRI12_S RRR_S
1036 #ifdef TARGET_WORDS_BIGENDIAN
1037 #define BRI12_IMM12 ((((b1) & 0xf) << 8) | (b2))
1038 #else
1039 #define BRI12_IMM12 ((((b1) & 0xf0) >> 4) | ((b2) << 4))
1040 #endif
1041 #define BRI12_IMM12_SE (((BRI12_IMM12 & 0x800) ? 0xfffff000 : 0) | BRI12_IMM12)
1042 
1043 #define BRI8_M BRI12_M
1044 #define BRI8_R RRI8_R
1045 #define BRI8_S RRI8_S
1046 #define BRI8_IMM8 RRI8_IMM8
1047 #define BRI8_IMM8_SE RRI8_IMM8_SE
1048 
1049 #define RSR_SR (b1)
1050 
1051     uint8_t b0 = cpu_ldub_code(env, dc->pc);
1052     uint8_t b1 = cpu_ldub_code(env, dc->pc + 1);
1053     uint8_t b2 = 0;
1054     unsigned len = xtensa_op0_insn_len(OP0);
1055 
1056     static const uint32_t B4CONST[] = {
1057         0xffffffff, 1, 2, 3, 4, 5, 6, 7, 8, 10, 12, 16, 32, 64, 128, 256
1058     };
1059 
1060     static const uint32_t B4CONSTU[] = {
1061         32768, 65536, 2, 3, 4, 5, 6, 7, 8, 10, 12, 16, 32, 64, 128, 256
1062     };
1063 
1064     switch (len) {
1065     case 2:
1066         HAS_OPTION(XTENSA_OPTION_CODE_DENSITY);
1067         break;
1068 
1069     case 3:
1070         b2 = cpu_ldub_code(env, dc->pc + 2);
1071         break;
1072 
1073     default:
1074         RESERVED();
1075     }
1076     dc->next_pc = dc->pc + len;
1077 
1078     switch (OP0) {
1079     case 0: /*QRST*/
1080         switch (OP1) {
1081         case 0: /*RST0*/
1082             switch (OP2) {
1083             case 0: /*ST0*/
1084                 if ((RRR_R & 0xc) == 0x8) {
1085                     HAS_OPTION(XTENSA_OPTION_BOOLEAN);
1086                 }
1087 
1088                 switch (RRR_R) {
1089                 case 0: /*SNM0*/
1090                     switch (CALLX_M) {
1091                     case 0: /*ILL*/
1092                         gen_exception_cause(dc, ILLEGAL_INSTRUCTION_CAUSE);
1093                         break;
1094 
1095                     case 1: /*reserved*/
1096                         RESERVED();
1097                         break;
1098 
1099                     case 2: /*JR*/
1100                         switch (CALLX_N) {
1101                         case 0: /*RET*/
1102                         case 2: /*JX*/
1103                             if (gen_window_check1(dc, CALLX_S)) {
1104                                 gen_jump(dc, cpu_R[CALLX_S]);
1105                             }
1106                             break;
1107 
1108                         case 1: /*RETWw*/
1109                             HAS_OPTION(XTENSA_OPTION_WINDOWED_REGISTER);
1110                             {
1111                                 TCGv_i32 tmp = tcg_const_i32(dc->pc);
1112                                 gen_helper_retw(tmp, cpu_env, tmp);
1113                                 gen_jump(dc, tmp);
1114                                 tcg_temp_free(tmp);
1115                             }
1116                             break;
1117 
1118                         case 3: /*reserved*/
1119                             RESERVED();
1120                             break;
1121                         }
1122                         break;
1123 
1124                     case 3: /*CALLX*/
1125                         if (!gen_window_check2(dc, CALLX_S, CALLX_N << 2)) {
1126                             break;
1127                         }
1128                         switch (CALLX_N) {
1129                         case 0: /*CALLX0*/
1130                             {
1131                                 TCGv_i32 tmp = tcg_temp_new_i32();
1132                                 tcg_gen_mov_i32(tmp, cpu_R[CALLX_S]);
1133                                 tcg_gen_movi_i32(cpu_R[0], dc->next_pc);
1134                                 gen_jump(dc, tmp);
1135                                 tcg_temp_free(tmp);
1136                             }
1137                             break;
1138 
1139                         case 1: /*CALLX4w*/
1140                         case 2: /*CALLX8w*/
1141                         case 3: /*CALLX12w*/
1142                             HAS_OPTION(XTENSA_OPTION_WINDOWED_REGISTER);
1143                             {
1144                                 TCGv_i32 tmp = tcg_temp_new_i32();
1145 
1146                                 tcg_gen_mov_i32(tmp, cpu_R[CALLX_S]);
1147                                 gen_callw(dc, CALLX_N, tmp);
1148                                 tcg_temp_free(tmp);
1149                             }
1150                             break;
1151                         }
1152                         break;
1153                     }
1154                     break;
1155 
1156                 case 1: /*MOVSPw*/
1157                     HAS_OPTION(XTENSA_OPTION_WINDOWED_REGISTER);
1158                     if (gen_window_check2(dc, RRR_T, RRR_S)) {
1159                         TCGv_i32 pc = tcg_const_i32(dc->pc);
1160                         gen_helper_movsp(cpu_env, pc);
1161                         tcg_gen_mov_i32(cpu_R[RRR_T], cpu_R[RRR_S]);
1162                         tcg_temp_free(pc);
1163                     }
1164                     break;
1165 
1166                 case 2: /*SYNC*/
1167                     switch (RRR_T) {
1168                     case 0: /*ISYNC*/
1169                         break;
1170 
1171                     case 1: /*RSYNC*/
1172                         break;
1173 
1174                     case 2: /*ESYNC*/
1175                         break;
1176 
1177                     case 3: /*DSYNC*/
1178                         break;
1179 
1180                     case 8: /*EXCW*/
1181                         HAS_OPTION(XTENSA_OPTION_EXCEPTION);
1182                         break;
1183 
1184                     case 12: /*MEMW*/
1185                         break;
1186 
1187                     case 13: /*EXTW*/
1188                         break;
1189 
1190                     case 15: /*NOP*/
1191                         break;
1192 
1193                     default: /*reserved*/
1194                         RESERVED();
1195                         break;
1196                     }
1197                     break;
1198 
1199                 case 3: /*RFEIx*/
1200                     switch (RRR_T) {
1201                     case 0: /*RFETx*/
1202                         HAS_OPTION(XTENSA_OPTION_EXCEPTION);
1203                         switch (RRR_S) {
1204                         case 0: /*RFEx*/
1205                             if (gen_check_privilege(dc)) {
1206                                 tcg_gen_andi_i32(cpu_SR[PS], cpu_SR[PS], ~PS_EXCM);
1207                                 gen_check_interrupts(dc);
1208                                 gen_jump(dc, cpu_SR[EPC1]);
1209                             }
1210                             break;
1211 
1212                         case 1: /*RFUEx*/
1213                             RESERVED();
1214                             break;
1215 
1216                         case 2: /*RFDEx*/
1217                             if (gen_check_privilege(dc)) {
1218                                 gen_jump(dc, cpu_SR[
1219                                          dc->config->ndepc ? DEPC : EPC1]);
1220                             }
1221                             break;
1222 
1223                         case 4: /*RFWOw*/
1224                         case 5: /*RFWUw*/
1225                             HAS_OPTION(XTENSA_OPTION_WINDOWED_REGISTER);
1226                             if (gen_check_privilege(dc)) {
1227                                 TCGv_i32 tmp = tcg_const_i32(1);
1228 
1229                                 tcg_gen_andi_i32(
1230                                         cpu_SR[PS], cpu_SR[PS], ~PS_EXCM);
1231                                 tcg_gen_shl_i32(tmp, tmp, cpu_SR[WINDOW_BASE]);
1232 
1233                                 if (RRR_S == 4) {
1234                                     tcg_gen_andc_i32(cpu_SR[WINDOW_START],
1235                                             cpu_SR[WINDOW_START], tmp);
1236                                 } else {
1237                                     tcg_gen_or_i32(cpu_SR[WINDOW_START],
1238                                             cpu_SR[WINDOW_START], tmp);
1239                                 }
1240 
1241                                 gen_helper_restore_owb(cpu_env);
1242                                 gen_check_interrupts(dc);
1243                                 gen_jump(dc, cpu_SR[EPC1]);
1244 
1245                                 tcg_temp_free(tmp);
1246                             }
1247                             break;
1248 
1249                         default: /*reserved*/
1250                             RESERVED();
1251                             break;
1252                         }
1253                         break;
1254 
1255                     case 1: /*RFIx*/
1256                         HAS_OPTION(XTENSA_OPTION_HIGH_PRIORITY_INTERRUPT);
1257                         if (RRR_S >= 2 && RRR_S <= dc->config->nlevel) {
1258                             if (gen_check_privilege(dc)) {
1259                                 tcg_gen_mov_i32(cpu_SR[PS],
1260                                                 cpu_SR[EPS2 + RRR_S - 2]);
1261                                 gen_check_interrupts(dc);
1262                                 gen_jump(dc, cpu_SR[EPC1 + RRR_S - 1]);
1263                             }
1264                         } else {
1265                             qemu_log_mask(LOG_GUEST_ERROR, "RFI %d is illegal\n", RRR_S);
1266                             gen_exception_cause(dc, ILLEGAL_INSTRUCTION_CAUSE);
1267                         }
1268                         break;
1269 
1270                     case 2: /*RFME*/
1271                         TBD();
1272                         break;
1273 
1274                     default: /*reserved*/
1275                         RESERVED();
1276                         break;
1277 
1278                     }
1279                     break;
1280 
1281                 case 4: /*BREAKx*/
1282                     HAS_OPTION(XTENSA_OPTION_DEBUG);
1283                     if (dc->debug) {
1284                         gen_debug_exception(dc, DEBUGCAUSE_BI);
1285                     }
1286                     break;
1287 
1288                 case 5: /*SYSCALLx*/
1289                     HAS_OPTION(XTENSA_OPTION_EXCEPTION);
1290                     switch (RRR_S) {
1291                     case 0: /*SYSCALLx*/
1292                         gen_exception_cause(dc, SYSCALL_CAUSE);
1293                         break;
1294 
1295                     case 1: /*SIMCALL*/
1296                         if (semihosting_enabled()) {
1297                             if (gen_check_privilege(dc)) {
1298                                 gen_helper_simcall(cpu_env);
1299                             }
1300                         } else {
1301                             qemu_log_mask(LOG_GUEST_ERROR, "SIMCALL but semihosting is disabled\n");
1302                             gen_exception_cause(dc, ILLEGAL_INSTRUCTION_CAUSE);
1303                         }
1304                         break;
1305 
1306                     default:
1307                         RESERVED();
1308                         break;
1309                     }
1310                     break;
1311 
1312                 case 6: /*RSILx*/
1313                     HAS_OPTION(XTENSA_OPTION_INTERRUPT);
1314                     if (gen_check_privilege(dc) &&
1315                         gen_window_check1(dc, RRR_T)) {
1316                         tcg_gen_mov_i32(cpu_R[RRR_T], cpu_SR[PS]);
1317                         tcg_gen_andi_i32(cpu_SR[PS], cpu_SR[PS], ~PS_INTLEVEL);
1318                         tcg_gen_ori_i32(cpu_SR[PS], cpu_SR[PS], RRR_S);
1319                         gen_check_interrupts(dc);
1320                         gen_jumpi_check_loop_end(dc, 0);
1321                     }
1322                     break;
1323 
1324                 case 7: /*WAITIx*/
1325                     HAS_OPTION(XTENSA_OPTION_INTERRUPT);
1326                     if (gen_check_privilege(dc)) {
1327                         gen_waiti(dc, RRR_S);
1328                     }
1329                     break;
1330 
1331                 case 8: /*ANY4p*/
1332                 case 9: /*ALL4p*/
1333                 case 10: /*ANY8p*/
1334                 case 11: /*ALL8p*/
1335                     HAS_OPTION(XTENSA_OPTION_BOOLEAN);
1336                     {
1337                         const unsigned shift = (RRR_R & 2) ? 8 : 4;
1338                         TCGv_i32 mask = tcg_const_i32(
1339                                 ((1 << shift) - 1) << RRR_S);
1340                         TCGv_i32 tmp = tcg_temp_new_i32();
1341 
1342                         tcg_gen_and_i32(tmp, cpu_SR[BR], mask);
1343                         if (RRR_R & 1) { /*ALL*/
1344                             tcg_gen_addi_i32(tmp, tmp, 1 << RRR_S);
1345                         } else { /*ANY*/
1346                             tcg_gen_add_i32(tmp, tmp, mask);
1347                         }
1348                         tcg_gen_shri_i32(tmp, tmp, RRR_S + shift);
1349                         tcg_gen_deposit_i32(cpu_SR[BR], cpu_SR[BR],
1350                                 tmp, RRR_T, 1);
1351                         tcg_temp_free(mask);
1352                         tcg_temp_free(tmp);
1353                     }
1354                     break;
1355 
1356                 default: /*reserved*/
1357                     RESERVED();
1358                     break;
1359 
1360                 }
1361                 break;
1362 
1363             case 1: /*AND*/
1364                 if (gen_window_check3(dc, RRR_R, RRR_S, RRR_T)) {
1365                     tcg_gen_and_i32(cpu_R[RRR_R], cpu_R[RRR_S], cpu_R[RRR_T]);
1366                 }
1367                 break;
1368 
1369             case 2: /*OR*/
1370                 if (gen_window_check3(dc, RRR_R, RRR_S, RRR_T)) {
1371                     tcg_gen_or_i32(cpu_R[RRR_R], cpu_R[RRR_S], cpu_R[RRR_T]);
1372                 }
1373                 break;
1374 
1375             case 3: /*XOR*/
1376                 if (gen_window_check3(dc, RRR_R, RRR_S, RRR_T)) {
1377                     tcg_gen_xor_i32(cpu_R[RRR_R], cpu_R[RRR_S], cpu_R[RRR_T]);
1378                 }
1379                 break;
1380 
1381             case 4: /*ST1*/
1382                 switch (RRR_R) {
1383                 case 0: /*SSR*/
1384                     if (gen_window_check1(dc, RRR_S)) {
1385                         gen_right_shift_sar(dc, cpu_R[RRR_S]);
1386                     }
1387                     break;
1388 
1389                 case 1: /*SSL*/
1390                     if (gen_window_check1(dc, RRR_S)) {
1391                         gen_left_shift_sar(dc, cpu_R[RRR_S]);
1392                     }
1393                     break;
1394 
1395                 case 2: /*SSA8L*/
1396                     if (gen_window_check1(dc, RRR_S)) {
1397                         TCGv_i32 tmp = tcg_temp_new_i32();
1398                         tcg_gen_shli_i32(tmp, cpu_R[RRR_S], 3);
1399                         gen_right_shift_sar(dc, tmp);
1400                         tcg_temp_free(tmp);
1401                     }
1402                     break;
1403 
1404                 case 3: /*SSA8B*/
1405                     if (gen_window_check1(dc, RRR_S)) {
1406                         TCGv_i32 tmp = tcg_temp_new_i32();
1407                         tcg_gen_shli_i32(tmp, cpu_R[RRR_S], 3);
1408                         gen_left_shift_sar(dc, tmp);
1409                         tcg_temp_free(tmp);
1410                     }
1411                     break;
1412 
1413                 case 4: /*SSAI*/
1414                     {
1415                         TCGv_i32 tmp = tcg_const_i32(
1416                                 RRR_S | ((RRR_T & 1) << 4));
1417                         gen_right_shift_sar(dc, tmp);
1418                         tcg_temp_free(tmp);
1419                     }
1420                     break;
1421 
1422                 case 6: /*RER*/
1423                     HAS_OPTION(XTENSA_OPTION_EXTERN_REGS);
1424                     if (gen_check_privilege(dc) &&
1425                         gen_window_check2(dc, RRR_S, RRR_T)) {
1426                         gen_helper_rer(cpu_R[RRR_T], cpu_env, cpu_R[RRR_S]);
1427                     }
1428                     break;
1429 
1430                 case 7: /*WER*/
1431                     HAS_OPTION(XTENSA_OPTION_EXTERN_REGS);
1432                     if (gen_check_privilege(dc) &&
1433                         gen_window_check2(dc, RRR_S, RRR_T)) {
1434                         gen_helper_wer(cpu_env, cpu_R[RRR_T], cpu_R[RRR_S]);
1435                     }
1436                     break;
1437 
1438                 case 8: /*ROTWw*/
1439                     HAS_OPTION(XTENSA_OPTION_WINDOWED_REGISTER);
1440                     if (gen_check_privilege(dc)) {
1441                         TCGv_i32 tmp = tcg_const_i32(
1442                                 RRR_T | ((RRR_T & 8) ? 0xfffffff0 : 0));
1443                         gen_helper_rotw(cpu_env, tmp);
1444                         tcg_temp_free(tmp);
1445                         /* This can change tb->flags, so exit tb */
1446                         gen_jumpi_check_loop_end(dc, -1);
1447                     }
1448                     break;
1449 
1450                 case 14: /*NSAu*/
1451                     HAS_OPTION(XTENSA_OPTION_MISC_OP_NSA);
1452                     if (gen_window_check2(dc, RRR_S, RRR_T)) {
1453                         tcg_gen_clrsb_i32(cpu_R[RRR_T], cpu_R[RRR_S]);
1454                     }
1455                     break;
1456 
1457                 case 15: /*NSAUu*/
1458                     HAS_OPTION(XTENSA_OPTION_MISC_OP_NSA);
1459                     if (gen_window_check2(dc, RRR_S, RRR_T)) {
1460                         tcg_gen_clzi_i32(cpu_R[RRR_T], cpu_R[RRR_S], 32);
1461                     }
1462                     break;
1463 
1464                 default: /*reserved*/
1465                     RESERVED();
1466                     break;
1467                 }
1468                 break;
1469 
1470             case 5: /*TLB*/
1471                 HAS_OPTION_BITS(
1472                         XTENSA_OPTION_BIT(XTENSA_OPTION_MMU) |
1473                         XTENSA_OPTION_BIT(XTENSA_OPTION_REGION_PROTECTION) |
1474                         XTENSA_OPTION_BIT(XTENSA_OPTION_REGION_TRANSLATION));
1475                 if (gen_check_privilege(dc) &&
1476                     gen_window_check2(dc, RRR_S, RRR_T)) {
1477                     TCGv_i32 dtlb = tcg_const_i32((RRR_R & 8) != 0);
1478 
1479                     switch (RRR_R & 7) {
1480                     case 3: /*RITLB0*/ /*RDTLB0*/
1481                         gen_helper_rtlb0(cpu_R[RRR_T],
1482                                 cpu_env, cpu_R[RRR_S], dtlb);
1483                         break;
1484 
1485                     case 4: /*IITLB*/ /*IDTLB*/
1486                         gen_helper_itlb(cpu_env, cpu_R[RRR_S], dtlb);
1487                         /* This could change memory mapping, so exit tb */
1488                         gen_jumpi_check_loop_end(dc, -1);
1489                         break;
1490 
1491                     case 5: /*PITLB*/ /*PDTLB*/
1492                         tcg_gen_movi_i32(cpu_pc, dc->pc);
1493                         gen_helper_ptlb(cpu_R[RRR_T],
1494                                 cpu_env, cpu_R[RRR_S], dtlb);
1495                         break;
1496 
1497                     case 6: /*WITLB*/ /*WDTLB*/
1498                         gen_helper_wtlb(
1499                                 cpu_env, cpu_R[RRR_T], cpu_R[RRR_S], dtlb);
1500                         /* This could change memory mapping, so exit tb */
1501                         gen_jumpi_check_loop_end(dc, -1);
1502                         break;
1503 
1504                     case 7: /*RITLB1*/ /*RDTLB1*/
1505                         gen_helper_rtlb1(cpu_R[RRR_T],
1506                                 cpu_env, cpu_R[RRR_S], dtlb);
1507                         break;
1508 
1509                     default:
1510                         tcg_temp_free(dtlb);
1511                         RESERVED();
1512                         break;
1513                     }
1514                     tcg_temp_free(dtlb);
1515                 }
1516                 break;
1517 
1518             case 6: /*RT0*/
1519                 if (!gen_window_check2(dc, RRR_R, RRR_T)) {
1520                     break;
1521                 }
1522                 switch (RRR_S) {
1523                 case 0: /*NEG*/
1524                     tcg_gen_neg_i32(cpu_R[RRR_R], cpu_R[RRR_T]);
1525                     break;
1526 
1527                 case 1: /*ABS*/
1528                     {
1529                         TCGv_i32 zero = tcg_const_i32(0);
1530                         TCGv_i32 neg = tcg_temp_new_i32();
1531 
1532                         tcg_gen_neg_i32(neg, cpu_R[RRR_T]);
1533                         tcg_gen_movcond_i32(TCG_COND_GE, cpu_R[RRR_R],
1534                                 cpu_R[RRR_T], zero, cpu_R[RRR_T], neg);
1535                         tcg_temp_free(neg);
1536                         tcg_temp_free(zero);
1537                     }
1538                     break;
1539 
1540                 default: /*reserved*/
1541                     RESERVED();
1542                     break;
1543                 }
1544                 break;
1545 
1546             case 7: /*reserved*/
1547                 RESERVED();
1548                 break;
1549 
1550             case 8: /*ADD*/
1551                 if (gen_window_check3(dc, RRR_R, RRR_S, RRR_T)) {
1552                     tcg_gen_add_i32(cpu_R[RRR_R], cpu_R[RRR_S], cpu_R[RRR_T]);
1553                 }
1554                 break;
1555 
1556             case 9: /*ADD**/
1557             case 10:
1558             case 11:
1559                 if (gen_window_check3(dc, RRR_R, RRR_S, RRR_T)) {
1560                     TCGv_i32 tmp = tcg_temp_new_i32();
1561                     tcg_gen_shli_i32(tmp, cpu_R[RRR_S], OP2 - 8);
1562                     tcg_gen_add_i32(cpu_R[RRR_R], tmp, cpu_R[RRR_T]);
1563                     tcg_temp_free(tmp);
1564                 }
1565                 break;
1566 
1567             case 12: /*SUB*/
1568                 if (gen_window_check3(dc, RRR_R, RRR_S, RRR_T)) {
1569                     tcg_gen_sub_i32(cpu_R[RRR_R], cpu_R[RRR_S], cpu_R[RRR_T]);
1570                 }
1571                 break;
1572 
1573             case 13: /*SUB**/
1574             case 14:
1575             case 15:
1576                 if (gen_window_check3(dc, RRR_R, RRR_S, RRR_T)) {
1577                     TCGv_i32 tmp = tcg_temp_new_i32();
1578                     tcg_gen_shli_i32(tmp, cpu_R[RRR_S], OP2 - 12);
1579                     tcg_gen_sub_i32(cpu_R[RRR_R], tmp, cpu_R[RRR_T]);
1580                     tcg_temp_free(tmp);
1581                 }
1582                 break;
1583             }
1584             break;
1585 
1586         case 1: /*RST1*/
1587             switch (OP2) {
1588             case 0: /*SLLI*/
1589             case 1:
1590                 if (gen_window_check2(dc, RRR_R, RRR_S)) {
1591                     tcg_gen_shli_i32(cpu_R[RRR_R], cpu_R[RRR_S],
1592                                      32 - (RRR_T | ((OP2 & 1) << 4)));
1593                 }
1594                 break;
1595 
1596             case 2: /*SRAI*/
1597             case 3:
1598                 if (gen_window_check2(dc, RRR_R, RRR_T)) {
1599                     tcg_gen_sari_i32(cpu_R[RRR_R], cpu_R[RRR_T],
1600                                      RRR_S | ((OP2 & 1) << 4));
1601                 }
1602                 break;
1603 
1604             case 4: /*SRLI*/
1605                 if (gen_window_check2(dc, RRR_R, RRR_T)) {
1606                     tcg_gen_shri_i32(cpu_R[RRR_R], cpu_R[RRR_T], RRR_S);
1607                 }
1608                 break;
1609 
1610             case 6: /*XSR*/
1611                 if (gen_check_sr(dc, RSR_SR, SR_X) &&
1612                     (RSR_SR < 64 || gen_check_privilege(dc)) &&
1613                     gen_window_check1(dc, RRR_T)) {
1614                     TCGv_i32 tmp = tcg_temp_new_i32();
1615                     bool rsr_end, wsr_end;
1616 
1617                     tcg_gen_mov_i32(tmp, cpu_R[RRR_T]);
1618                     rsr_end = gen_rsr(dc, cpu_R[RRR_T], RSR_SR);
1619                     wsr_end = gen_wsr(dc, RSR_SR, tmp);
1620                     tcg_temp_free(tmp);
1621                     if (rsr_end && !wsr_end) {
1622                         gen_jumpi_check_loop_end(dc, 0);
1623                     }
1624                 }
1625                 break;
1626 
1627                 /*
1628                  * Note: 64 bit ops are used here solely because SAR values
1629                  * have range 0..63
1630                  */
1631 #define gen_shift_reg(cmd, reg) do { \
1632                     TCGv_i64 tmp = tcg_temp_new_i64(); \
1633                     tcg_gen_extu_i32_i64(tmp, reg); \
1634                     tcg_gen_##cmd##_i64(v, v, tmp); \
1635                     tcg_gen_extrl_i64_i32(cpu_R[RRR_R], v); \
1636                     tcg_temp_free_i64(v); \
1637                     tcg_temp_free_i64(tmp); \
1638                 } while (0)
1639 
1640 #define gen_shift(cmd) gen_shift_reg(cmd, cpu_SR[SAR])
1641 
1642             case 8: /*SRC*/
1643                 if (gen_window_check3(dc, RRR_R, RRR_S, RRR_T)) {
1644                     TCGv_i64 v = tcg_temp_new_i64();
1645                     tcg_gen_concat_i32_i64(v, cpu_R[RRR_T], cpu_R[RRR_S]);
1646                     gen_shift(shr);
1647                 }
1648                 break;
1649 
1650             case 9: /*SRL*/
1651                 if (!gen_window_check2(dc, RRR_R, RRR_T)) {
1652                     break;
1653                 }
1654                 if (dc->sar_5bit) {
1655                     tcg_gen_shr_i32(cpu_R[RRR_R], cpu_R[RRR_T], cpu_SR[SAR]);
1656                 } else {
1657                     TCGv_i64 v = tcg_temp_new_i64();
1658                     tcg_gen_extu_i32_i64(v, cpu_R[RRR_T]);
1659                     gen_shift(shr);
1660                 }
1661                 break;
1662 
1663             case 10: /*SLL*/
1664                 if (!gen_window_check2(dc, RRR_R, RRR_S)) {
1665                     break;
1666                 }
1667                 if (dc->sar_m32_5bit) {
1668                     tcg_gen_shl_i32(cpu_R[RRR_R], cpu_R[RRR_S], dc->sar_m32);
1669                 } else {
1670                     TCGv_i64 v = tcg_temp_new_i64();
1671                     TCGv_i32 s = tcg_const_i32(32);
1672                     tcg_gen_sub_i32(s, s, cpu_SR[SAR]);
1673                     tcg_gen_andi_i32(s, s, 0x3f);
1674                     tcg_gen_extu_i32_i64(v, cpu_R[RRR_S]);
1675                     gen_shift_reg(shl, s);
1676                     tcg_temp_free(s);
1677                 }
1678                 break;
1679 
1680             case 11: /*SRA*/
1681                 if (!gen_window_check2(dc, RRR_R, RRR_T)) {
1682                     break;
1683                 }
1684                 if (dc->sar_5bit) {
1685                     tcg_gen_sar_i32(cpu_R[RRR_R], cpu_R[RRR_T], cpu_SR[SAR]);
1686                 } else {
1687                     TCGv_i64 v = tcg_temp_new_i64();
1688                     tcg_gen_ext_i32_i64(v, cpu_R[RRR_T]);
1689                     gen_shift(sar);
1690                 }
1691                 break;
1692 #undef gen_shift
1693 #undef gen_shift_reg
1694 
1695             case 12: /*MUL16U*/
1696                 HAS_OPTION(XTENSA_OPTION_16_BIT_IMUL);
1697                 if (gen_window_check3(dc, RRR_R, RRR_S, RRR_T)) {
1698                     TCGv_i32 v1 = tcg_temp_new_i32();
1699                     TCGv_i32 v2 = tcg_temp_new_i32();
1700                     tcg_gen_ext16u_i32(v1, cpu_R[RRR_S]);
1701                     tcg_gen_ext16u_i32(v2, cpu_R[RRR_T]);
1702                     tcg_gen_mul_i32(cpu_R[RRR_R], v1, v2);
1703                     tcg_temp_free(v2);
1704                     tcg_temp_free(v1);
1705                 }
1706                 break;
1707 
1708             case 13: /*MUL16S*/
1709                 HAS_OPTION(XTENSA_OPTION_16_BIT_IMUL);
1710                 if (gen_window_check3(dc, RRR_R, RRR_S, RRR_T)) {
1711                     TCGv_i32 v1 = tcg_temp_new_i32();
1712                     TCGv_i32 v2 = tcg_temp_new_i32();
1713                     tcg_gen_ext16s_i32(v1, cpu_R[RRR_S]);
1714                     tcg_gen_ext16s_i32(v2, cpu_R[RRR_T]);
1715                     tcg_gen_mul_i32(cpu_R[RRR_R], v1, v2);
1716                     tcg_temp_free(v2);
1717                     tcg_temp_free(v1);
1718                 }
1719                 break;
1720 
1721             default: /*reserved*/
1722                 RESERVED();
1723                 break;
1724             }
1725             break;
1726 
1727         case 2: /*RST2*/
1728             if (OP2 >= 8 && !gen_window_check3(dc, RRR_R, RRR_S, RRR_T)) {
1729                 break;
1730             }
1731 
1732             if (OP2 >= 12) {
1733                 HAS_OPTION(XTENSA_OPTION_32_BIT_IDIV);
1734                 TCGLabel *label = gen_new_label();
1735                 tcg_gen_brcondi_i32(TCG_COND_NE, cpu_R[RRR_T], 0, label);
1736                 gen_exception_cause(dc, INTEGER_DIVIDE_BY_ZERO_CAUSE);
1737                 gen_set_label(label);
1738             }
1739 
1740             switch (OP2) {
1741 #define BOOLEAN_LOGIC(fn, r, s, t) \
1742                 do { \
1743                     HAS_OPTION(XTENSA_OPTION_BOOLEAN); \
1744                     TCGv_i32 tmp1 = tcg_temp_new_i32(); \
1745                     TCGv_i32 tmp2 = tcg_temp_new_i32(); \
1746                     \
1747                     tcg_gen_shri_i32(tmp1, cpu_SR[BR], s); \
1748                     tcg_gen_shri_i32(tmp2, cpu_SR[BR], t); \
1749                     tcg_gen_##fn##_i32(tmp1, tmp1, tmp2); \
1750                     tcg_gen_deposit_i32(cpu_SR[BR], cpu_SR[BR], tmp1, r, 1); \
1751                     tcg_temp_free(tmp1); \
1752                     tcg_temp_free(tmp2); \
1753                 } while (0)
1754 
1755             case 0: /*ANDBp*/
1756                 BOOLEAN_LOGIC(and, RRR_R, RRR_S, RRR_T);
1757                 break;
1758 
1759             case 1: /*ANDBCp*/
1760                 BOOLEAN_LOGIC(andc, RRR_R, RRR_S, RRR_T);
1761                 break;
1762 
1763             case 2: /*ORBp*/
1764                 BOOLEAN_LOGIC(or, RRR_R, RRR_S, RRR_T);
1765                 break;
1766 
1767             case 3: /*ORBCp*/
1768                 BOOLEAN_LOGIC(orc, RRR_R, RRR_S, RRR_T);
1769                 break;
1770 
1771             case 4: /*XORBp*/
1772                 BOOLEAN_LOGIC(xor, RRR_R, RRR_S, RRR_T);
1773                 break;
1774 
1775 #undef BOOLEAN_LOGIC
1776 
1777             case 8: /*MULLi*/
1778                 HAS_OPTION(XTENSA_OPTION_32_BIT_IMUL);
1779                 tcg_gen_mul_i32(cpu_R[RRR_R], cpu_R[RRR_S], cpu_R[RRR_T]);
1780                 break;
1781 
1782             case 10: /*MULUHi*/
1783             case 11: /*MULSHi*/
1784                 HAS_OPTION(XTENSA_OPTION_32_BIT_IMUL_HIGH);
1785                 {
1786                     TCGv lo = tcg_temp_new();
1787 
1788                     if (OP2 == 10) {
1789                         tcg_gen_mulu2_i32(lo, cpu_R[RRR_R],
1790                                           cpu_R[RRR_S], cpu_R[RRR_T]);
1791                     } else {
1792                         tcg_gen_muls2_i32(lo, cpu_R[RRR_R],
1793                                           cpu_R[RRR_S], cpu_R[RRR_T]);
1794                     }
1795                     tcg_temp_free(lo);
1796                 }
1797                 break;
1798 
1799             case 12: /*QUOUi*/
1800                 tcg_gen_divu_i32(cpu_R[RRR_R], cpu_R[RRR_S], cpu_R[RRR_T]);
1801                 break;
1802 
1803             case 13: /*QUOSi*/
1804             case 15: /*REMSi*/
1805                 {
1806                     TCGLabel *label1 = gen_new_label();
1807                     TCGLabel *label2 = gen_new_label();
1808 
1809                     tcg_gen_brcondi_i32(TCG_COND_NE, cpu_R[RRR_S], 0x80000000,
1810                             label1);
1811                     tcg_gen_brcondi_i32(TCG_COND_NE, cpu_R[RRR_T], 0xffffffff,
1812                             label1);
1813                     tcg_gen_movi_i32(cpu_R[RRR_R],
1814                             OP2 == 13 ? 0x80000000 : 0);
1815                     tcg_gen_br(label2);
1816                     gen_set_label(label1);
1817                     if (OP2 == 13) {
1818                         tcg_gen_div_i32(cpu_R[RRR_R],
1819                                 cpu_R[RRR_S], cpu_R[RRR_T]);
1820                     } else {
1821                         tcg_gen_rem_i32(cpu_R[RRR_R],
1822                                 cpu_R[RRR_S], cpu_R[RRR_T]);
1823                     }
1824                     gen_set_label(label2);
1825                 }
1826                 break;
1827 
1828             case 14: /*REMUi*/
1829                 tcg_gen_remu_i32(cpu_R[RRR_R], cpu_R[RRR_S], cpu_R[RRR_T]);
1830                 break;
1831 
1832             default: /*reserved*/
1833                 RESERVED();
1834                 break;
1835             }
1836             break;
1837 
1838         case 3: /*RST3*/
1839             switch (OP2) {
1840             case 0: /*RSR*/
1841                 if (gen_check_sr(dc, RSR_SR, SR_R) &&
1842                     (RSR_SR < 64 || gen_check_privilege(dc)) &&
1843                     gen_window_check1(dc, RRR_T)) {
1844                     if (gen_rsr(dc, cpu_R[RRR_T], RSR_SR)) {
1845                         gen_jumpi_check_loop_end(dc, 0);
1846                     }
1847                 }
1848                 break;
1849 
1850             case 1: /*WSR*/
1851                 if (gen_check_sr(dc, RSR_SR, SR_W) &&
1852                     (RSR_SR < 64 || gen_check_privilege(dc)) &&
1853                     gen_window_check1(dc, RRR_T)) {
1854                     gen_wsr(dc, RSR_SR, cpu_R[RRR_T]);
1855                 }
1856                 break;
1857 
1858             case 2: /*SEXTu*/
1859                 HAS_OPTION(XTENSA_OPTION_MISC_OP_SEXT);
1860                 if (gen_window_check2(dc, RRR_R, RRR_S)) {
1861                     int shift = 24 - RRR_T;
1862 
1863                     if (shift == 24) {
1864                         tcg_gen_ext8s_i32(cpu_R[RRR_R], cpu_R[RRR_S]);
1865                     } else if (shift == 16) {
1866                         tcg_gen_ext16s_i32(cpu_R[RRR_R], cpu_R[RRR_S]);
1867                     } else {
1868                         TCGv_i32 tmp = tcg_temp_new_i32();
1869                         tcg_gen_shli_i32(tmp, cpu_R[RRR_S], shift);
1870                         tcg_gen_sari_i32(cpu_R[RRR_R], tmp, shift);
1871                         tcg_temp_free(tmp);
1872                     }
1873                 }
1874                 break;
1875 
1876             case 3: /*CLAMPSu*/
1877                 HAS_OPTION(XTENSA_OPTION_MISC_OP_CLAMPS);
1878                 if (gen_window_check2(dc, RRR_R, RRR_S)) {
1879                     TCGv_i32 tmp1 = tcg_temp_new_i32();
1880                     TCGv_i32 tmp2 = tcg_temp_new_i32();
1881                     TCGv_i32 zero = tcg_const_i32(0);
1882 
1883                     tcg_gen_sari_i32(tmp1, cpu_R[RRR_S], 24 - RRR_T);
1884                     tcg_gen_xor_i32(tmp2, tmp1, cpu_R[RRR_S]);
1885                     tcg_gen_andi_i32(tmp2, tmp2, 0xffffffff << (RRR_T + 7));
1886 
1887                     tcg_gen_sari_i32(tmp1, cpu_R[RRR_S], 31);
1888                     tcg_gen_xori_i32(tmp1, tmp1, 0xffffffff >> (25 - RRR_T));
1889 
1890                     tcg_gen_movcond_i32(TCG_COND_EQ, cpu_R[RRR_R], tmp2, zero,
1891                             cpu_R[RRR_S], tmp1);
1892                     tcg_temp_free(tmp1);
1893                     tcg_temp_free(tmp2);
1894                     tcg_temp_free(zero);
1895                 }
1896                 break;
1897 
1898             case 4: /*MINu*/
1899             case 5: /*MAXu*/
1900             case 6: /*MINUu*/
1901             case 7: /*MAXUu*/
1902                 HAS_OPTION(XTENSA_OPTION_MISC_OP_MINMAX);
1903                 if (gen_window_check3(dc, RRR_R, RRR_S, RRR_T)) {
1904                     static const TCGCond cond[] = {
1905                         TCG_COND_LE,
1906                         TCG_COND_GE,
1907                         TCG_COND_LEU,
1908                         TCG_COND_GEU
1909                     };
1910                     tcg_gen_movcond_i32(cond[OP2 - 4], cpu_R[RRR_R],
1911                             cpu_R[RRR_S], cpu_R[RRR_T],
1912                             cpu_R[RRR_S], cpu_R[RRR_T]);
1913                 }
1914                 break;
1915 
1916             case 8: /*MOVEQZ*/
1917             case 9: /*MOVNEZ*/
1918             case 10: /*MOVLTZ*/
1919             case 11: /*MOVGEZ*/
1920                 if (gen_window_check3(dc, RRR_R, RRR_S, RRR_T)) {
1921                     static const TCGCond cond[] = {
1922                         TCG_COND_EQ,
1923                         TCG_COND_NE,
1924                         TCG_COND_LT,
1925                         TCG_COND_GE,
1926                     };
1927                     TCGv_i32 zero = tcg_const_i32(0);
1928 
1929                     tcg_gen_movcond_i32(cond[OP2 - 8], cpu_R[RRR_R],
1930                             cpu_R[RRR_T], zero, cpu_R[RRR_S], cpu_R[RRR_R]);
1931                     tcg_temp_free(zero);
1932                 }
1933                 break;
1934 
1935             case 12: /*MOVFp*/
1936             case 13: /*MOVTp*/
1937                 HAS_OPTION(XTENSA_OPTION_BOOLEAN);
1938                 if (gen_window_check2(dc, RRR_R, RRR_S)) {
1939                     TCGv_i32 zero = tcg_const_i32(0);
1940                     TCGv_i32 tmp = tcg_temp_new_i32();
1941 
1942                     tcg_gen_andi_i32(tmp, cpu_SR[BR], 1 << RRR_T);
1943                     tcg_gen_movcond_i32(OP2 & 1 ? TCG_COND_NE : TCG_COND_EQ,
1944                             cpu_R[RRR_R], tmp, zero,
1945                             cpu_R[RRR_S], cpu_R[RRR_R]);
1946 
1947                     tcg_temp_free(tmp);
1948                     tcg_temp_free(zero);
1949                 }
1950                 break;
1951 
1952             case 14: /*RUR*/
1953                 if (gen_window_check1(dc, RRR_R)) {
1954                     int st = (RRR_S << 4) + RRR_T;
1955                     if (uregnames[st].name) {
1956                         tcg_gen_mov_i32(cpu_R[RRR_R], cpu_UR[st]);
1957                     } else {
1958                         qemu_log_mask(LOG_UNIMP, "RUR %d not implemented, ", st);
1959                         TBD();
1960                     }
1961                 }
1962                 break;
1963 
1964             case 15: /*WUR*/
1965                 if (gen_window_check1(dc, RRR_T)) {
1966                     if (uregnames[RSR_SR].name) {
1967                         gen_wur(RSR_SR, cpu_R[RRR_T]);
1968                     } else {
1969                         qemu_log_mask(LOG_UNIMP, "WUR %d not implemented, ", RSR_SR);
1970                         TBD();
1971                     }
1972                 }
1973                 break;
1974 
1975             }
1976             break;
1977 
1978         case 4: /*EXTUI*/
1979         case 5:
1980             if (gen_window_check2(dc, RRR_R, RRR_T)) {
1981                 int shiftimm = RRR_S | ((OP1 & 1) << 4);
1982                 int maskimm = (1 << (OP2 + 1)) - 1;
1983 
1984                 TCGv_i32 tmp = tcg_temp_new_i32();
1985                 tcg_gen_shri_i32(tmp, cpu_R[RRR_T], shiftimm);
1986                 tcg_gen_andi_i32(cpu_R[RRR_R], tmp, maskimm);
1987                 tcg_temp_free(tmp);
1988             }
1989             break;
1990 
1991         case 6: /*CUST0*/
1992             RESERVED();
1993             break;
1994 
1995         case 7: /*CUST1*/
1996             RESERVED();
1997             break;
1998 
1999         case 8: /*LSCXp*/
2000             switch (OP2) {
2001             case 0: /*LSXf*/
2002             case 1: /*LSXUf*/
2003             case 4: /*SSXf*/
2004             case 5: /*SSXUf*/
2005                 HAS_OPTION(XTENSA_OPTION_FP_COPROCESSOR);
2006                 if (gen_window_check2(dc, RRR_S, RRR_T) &&
2007                     gen_check_cpenable(dc, 0)) {
2008                     TCGv_i32 addr = tcg_temp_new_i32();
2009                     tcg_gen_add_i32(addr, cpu_R[RRR_S], cpu_R[RRR_T]);
2010                     gen_load_store_alignment(dc, 2, addr, false);
2011                     if (OP2 & 0x4) {
2012                         tcg_gen_qemu_st32(cpu_FR[RRR_R], addr, dc->cring);
2013                     } else {
2014                         tcg_gen_qemu_ld32u(cpu_FR[RRR_R], addr, dc->cring);
2015                     }
2016                     if (OP2 & 0x1) {
2017                         tcg_gen_mov_i32(cpu_R[RRR_S], addr);
2018                     }
2019                     tcg_temp_free(addr);
2020                 }
2021                 break;
2022 
2023             default: /*reserved*/
2024                 RESERVED();
2025                 break;
2026             }
2027             break;
2028 
2029         case 9: /*LSC4*/
2030             if (!gen_window_check2(dc, RRR_S, RRR_T)) {
2031                 break;
2032             }
2033             switch (OP2) {
2034             case 0: /*L32E*/
2035                 HAS_OPTION(XTENSA_OPTION_WINDOWED_REGISTER);
2036                 if (gen_check_privilege(dc) &&
2037                     gen_window_check2(dc, RRR_S, RRR_T)) {
2038                     TCGv_i32 addr = tcg_temp_new_i32();
2039                     tcg_gen_addi_i32(addr, cpu_R[RRR_S],
2040                             (0xffffffc0 | (RRR_R << 2)));
2041                     tcg_gen_qemu_ld32u(cpu_R[RRR_T], addr, dc->ring);
2042                     tcg_temp_free(addr);
2043                 }
2044                 break;
2045 
2046             case 4: /*S32E*/
2047                 HAS_OPTION(XTENSA_OPTION_WINDOWED_REGISTER);
2048                 if (gen_check_privilege(dc) &&
2049                     gen_window_check2(dc, RRR_S, RRR_T)) {
2050                     TCGv_i32 addr = tcg_temp_new_i32();
2051                     tcg_gen_addi_i32(addr, cpu_R[RRR_S],
2052                             (0xffffffc0 | (RRR_R << 2)));
2053                     tcg_gen_qemu_st32(cpu_R[RRR_T], addr, dc->ring);
2054                     tcg_temp_free(addr);
2055                 }
2056                 break;
2057 
2058             case 5: /*S32N*/
2059                 if (gen_window_check2(dc, RRI4_S, RRI4_T)) {
2060                     TCGv_i32 addr = tcg_temp_new_i32();
2061 
2062                     tcg_gen_addi_i32(addr, cpu_R[RRI4_S], RRI4_IMM4 << 2);
2063                     gen_load_store_alignment(dc, 2, addr, false);
2064                     tcg_gen_qemu_st32(cpu_R[RRI4_T], addr, dc->cring);
2065                     tcg_temp_free(addr);
2066                 }
2067                 break;
2068 
2069             default:
2070                 RESERVED();
2071                 break;
2072             }
2073             break;
2074 
2075         case 10: /*FP0*/
2076             /*DEPBITS*/
2077             if (option_enabled(dc, XTENSA_OPTION_DEPBITS)) {
2078                 if (!gen_window_check2(dc, RRR_S, RRR_T)) {
2079                     break;
2080                 }
2081                 tcg_gen_deposit_i32(cpu_R[RRR_T], cpu_R[RRR_T], cpu_R[RRR_S],
2082                                     OP2, RRR_R + 1);
2083                 break;
2084             }
2085 
2086             HAS_OPTION(XTENSA_OPTION_FP_COPROCESSOR);
2087             switch (OP2) {
2088             case 0: /*ADD.Sf*/
2089                 if (gen_check_cpenable(dc, 0)) {
2090                     gen_helper_add_s(cpu_FR[RRR_R], cpu_env,
2091                                      cpu_FR[RRR_S], cpu_FR[RRR_T]);
2092                 }
2093                 break;
2094 
2095             case 1: /*SUB.Sf*/
2096                 if (gen_check_cpenable(dc, 0)) {
2097                     gen_helper_sub_s(cpu_FR[RRR_R], cpu_env,
2098                                      cpu_FR[RRR_S], cpu_FR[RRR_T]);
2099                 }
2100                 break;
2101 
2102             case 2: /*MUL.Sf*/
2103                 if (gen_check_cpenable(dc, 0)) {
2104                     gen_helper_mul_s(cpu_FR[RRR_R], cpu_env,
2105                                      cpu_FR[RRR_S], cpu_FR[RRR_T]);
2106                 }
2107                 break;
2108 
2109             case 4: /*MADD.Sf*/
2110                 if (gen_check_cpenable(dc, 0)) {
2111                     gen_helper_madd_s(cpu_FR[RRR_R], cpu_env,
2112                                       cpu_FR[RRR_R], cpu_FR[RRR_S],
2113                                       cpu_FR[RRR_T]);
2114                 }
2115                 break;
2116 
2117             case 5: /*MSUB.Sf*/
2118                 if (gen_check_cpenable(dc, 0)) {
2119                     gen_helper_msub_s(cpu_FR[RRR_R], cpu_env,
2120                                       cpu_FR[RRR_R], cpu_FR[RRR_S],
2121                                       cpu_FR[RRR_T]);
2122                 }
2123                 break;
2124 
2125             case 8: /*ROUND.Sf*/
2126             case 9: /*TRUNC.Sf*/
2127             case 10: /*FLOOR.Sf*/
2128             case 11: /*CEIL.Sf*/
2129             case 14: /*UTRUNC.Sf*/
2130                 if (gen_window_check1(dc, RRR_R) &&
2131                     gen_check_cpenable(dc, 0)) {
2132                     static const unsigned rounding_mode_const[] = {
2133                         float_round_nearest_even,
2134                         float_round_to_zero,
2135                         float_round_down,
2136                         float_round_up,
2137                         [6] = float_round_to_zero,
2138                     };
2139                     TCGv_i32 rounding_mode = tcg_const_i32(
2140                             rounding_mode_const[OP2 & 7]);
2141                     TCGv_i32 scale = tcg_const_i32(RRR_T);
2142 
2143                     if (OP2 == 14) {
2144                         gen_helper_ftoui(cpu_R[RRR_R], cpu_FR[RRR_S],
2145                                 rounding_mode, scale);
2146                     } else {
2147                         gen_helper_ftoi(cpu_R[RRR_R], cpu_FR[RRR_S],
2148                                 rounding_mode, scale);
2149                     }
2150 
2151                     tcg_temp_free(rounding_mode);
2152                     tcg_temp_free(scale);
2153                 }
2154                 break;
2155 
2156             case 12: /*FLOAT.Sf*/
2157             case 13: /*UFLOAT.Sf*/
2158                 if (gen_window_check1(dc, RRR_S) &&
2159                     gen_check_cpenable(dc, 0)) {
2160                     TCGv_i32 scale = tcg_const_i32(-RRR_T);
2161 
2162                     if (OP2 == 13) {
2163                         gen_helper_uitof(cpu_FR[RRR_R], cpu_env,
2164                                 cpu_R[RRR_S], scale);
2165                     } else {
2166                         gen_helper_itof(cpu_FR[RRR_R], cpu_env,
2167                                 cpu_R[RRR_S], scale);
2168                     }
2169                     tcg_temp_free(scale);
2170                 }
2171                 break;
2172 
2173             case 15: /*FP1OP*/
2174                 switch (RRR_T) {
2175                 case 0: /*MOV.Sf*/
2176                     if (gen_check_cpenable(dc, 0)) {
2177                         tcg_gen_mov_i32(cpu_FR[RRR_R], cpu_FR[RRR_S]);
2178                     }
2179                     break;
2180 
2181                 case 1: /*ABS.Sf*/
2182                     if (gen_check_cpenable(dc, 0)) {
2183                         gen_helper_abs_s(cpu_FR[RRR_R], cpu_FR[RRR_S]);
2184                     }
2185                     break;
2186 
2187                 case 4: /*RFRf*/
2188                     if (gen_window_check1(dc, RRR_R) &&
2189                         gen_check_cpenable(dc, 0)) {
2190                         tcg_gen_mov_i32(cpu_R[RRR_R], cpu_FR[RRR_S]);
2191                     }
2192                     break;
2193 
2194                 case 5: /*WFRf*/
2195                     if (gen_window_check1(dc, RRR_S) &&
2196                         gen_check_cpenable(dc, 0)) {
2197                         tcg_gen_mov_i32(cpu_FR[RRR_R], cpu_R[RRR_S]);
2198                     }
2199                     break;
2200 
2201                 case 6: /*NEG.Sf*/
2202                     if (gen_check_cpenable(dc, 0)) {
2203                         gen_helper_neg_s(cpu_FR[RRR_R], cpu_FR[RRR_S]);
2204                     }
2205                     break;
2206 
2207                 default: /*reserved*/
2208                     RESERVED();
2209                     break;
2210                 }
2211                 break;
2212 
2213             default: /*reserved*/
2214                 RESERVED();
2215                 break;
2216             }
2217             break;
2218 
2219         case 11: /*FP1*/
2220             /*DEPBITS*/
2221             if (option_enabled(dc, XTENSA_OPTION_DEPBITS)) {
2222                 if (!gen_window_check2(dc, RRR_S, RRR_T)) {
2223                     break;
2224                 }
2225                 tcg_gen_deposit_i32(cpu_R[RRR_T], cpu_R[RRR_T], cpu_R[RRR_S],
2226                                     OP2 + 16, RRR_R + 1);
2227                 break;
2228             }
2229 
2230             HAS_OPTION(XTENSA_OPTION_FP_COPROCESSOR);
2231 
2232 #define gen_compare(rel, br, a, b) \
2233     do { \
2234         if (gen_check_cpenable(dc, 0)) { \
2235             TCGv_i32 bit = tcg_const_i32(1 << br); \
2236             \
2237             gen_helper_##rel(cpu_env, bit, cpu_FR[a], cpu_FR[b]); \
2238             tcg_temp_free(bit); \
2239         } \
2240     } while (0)
2241 
2242             switch (OP2) {
2243             case 1: /*UN.Sf*/
2244                 gen_compare(un_s, RRR_R, RRR_S, RRR_T);
2245                 break;
2246 
2247             case 2: /*OEQ.Sf*/
2248                 gen_compare(oeq_s, RRR_R, RRR_S, RRR_T);
2249                 break;
2250 
2251             case 3: /*UEQ.Sf*/
2252                 gen_compare(ueq_s, RRR_R, RRR_S, RRR_T);
2253                 break;
2254 
2255             case 4: /*OLT.Sf*/
2256                 gen_compare(olt_s, RRR_R, RRR_S, RRR_T);
2257                 break;
2258 
2259             case 5: /*ULT.Sf*/
2260                 gen_compare(ult_s, RRR_R, RRR_S, RRR_T);
2261                 break;
2262 
2263             case 6: /*OLE.Sf*/
2264                 gen_compare(ole_s, RRR_R, RRR_S, RRR_T);
2265                 break;
2266 
2267             case 7: /*ULE.Sf*/
2268                 gen_compare(ule_s, RRR_R, RRR_S, RRR_T);
2269                 break;
2270 
2271 #undef gen_compare
2272 
2273             case 8: /*MOVEQZ.Sf*/
2274             case 9: /*MOVNEZ.Sf*/
2275             case 10: /*MOVLTZ.Sf*/
2276             case 11: /*MOVGEZ.Sf*/
2277                 if (gen_window_check1(dc, RRR_T) &&
2278                     gen_check_cpenable(dc, 0)) {
2279                     static const TCGCond cond[] = {
2280                         TCG_COND_EQ,
2281                         TCG_COND_NE,
2282                         TCG_COND_LT,
2283                         TCG_COND_GE,
2284                     };
2285                     TCGv_i32 zero = tcg_const_i32(0);
2286 
2287                     tcg_gen_movcond_i32(cond[OP2 - 8], cpu_FR[RRR_R],
2288                             cpu_R[RRR_T], zero, cpu_FR[RRR_S], cpu_FR[RRR_R]);
2289                     tcg_temp_free(zero);
2290                 }
2291                 break;
2292 
2293             case 12: /*MOVF.Sf*/
2294             case 13: /*MOVT.Sf*/
2295                 HAS_OPTION(XTENSA_OPTION_BOOLEAN);
2296                 if (gen_check_cpenable(dc, 0)) {
2297                     TCGv_i32 zero = tcg_const_i32(0);
2298                     TCGv_i32 tmp = tcg_temp_new_i32();
2299 
2300                     tcg_gen_andi_i32(tmp, cpu_SR[BR], 1 << RRR_T);
2301                     tcg_gen_movcond_i32(OP2 & 1 ? TCG_COND_NE : TCG_COND_EQ,
2302                             cpu_FR[RRR_R], tmp, zero,
2303                             cpu_FR[RRR_S], cpu_FR[RRR_R]);
2304 
2305                     tcg_temp_free(tmp);
2306                     tcg_temp_free(zero);
2307                 }
2308                 break;
2309 
2310             default: /*reserved*/
2311                 RESERVED();
2312                 break;
2313             }
2314             break;
2315 
2316         default: /*reserved*/
2317             RESERVED();
2318             break;
2319         }
2320         break;
2321 
2322     case 1: /*L32R*/
2323         if (gen_window_check1(dc, RRR_T)) {
2324             TCGv_i32 tmp = tcg_const_i32(
2325                     ((dc->tb->flags & XTENSA_TBFLAG_LITBASE) ?
2326                      0 : ((dc->pc + 3) & ~3)) +
2327                     (0xfffc0000 | (RI16_IMM16 << 2)));
2328 
2329             if (dc->tb->flags & XTENSA_TBFLAG_LITBASE) {
2330                 tcg_gen_add_i32(tmp, tmp, dc->litbase);
2331             }
2332             tcg_gen_qemu_ld32u(cpu_R[RRR_T], tmp, dc->cring);
2333             tcg_temp_free(tmp);
2334         }
2335         break;
2336 
2337     case 2: /*LSAI*/
2338 #define gen_load_store(type, shift) do { \
2339             if (gen_window_check2(dc, RRI8_S, RRI8_T)) { \
2340                 TCGv_i32 addr = tcg_temp_new_i32(); \
2341                 \
2342                 tcg_gen_addi_i32(addr, cpu_R[RRI8_S], RRI8_IMM8 << shift); \
2343                 if (shift) { \
2344                     gen_load_store_alignment(dc, shift, addr, false); \
2345                 } \
2346                 tcg_gen_qemu_##type(cpu_R[RRI8_T], addr, dc->cring); \
2347                 tcg_temp_free(addr); \
2348             } \
2349         } while (0)
2350 
2351         switch (RRI8_R) {
2352         case 0: /*L8UI*/
2353             gen_load_store(ld8u, 0);
2354             break;
2355 
2356         case 1: /*L16UI*/
2357             gen_load_store(ld16u, 1);
2358             break;
2359 
2360         case 2: /*L32I*/
2361             gen_load_store(ld32u, 2);
2362             break;
2363 
2364         case 4: /*S8I*/
2365             gen_load_store(st8, 0);
2366             break;
2367 
2368         case 5: /*S16I*/
2369             gen_load_store(st16, 1);
2370             break;
2371 
2372         case 6: /*S32I*/
2373             gen_load_store(st32, 2);
2374             break;
2375 
2376 #define gen_dcache_hit_test(w, shift) do { \
2377             if (gen_window_check1(dc, RRI##w##_S)) { \
2378                 TCGv_i32 addr = tcg_temp_new_i32(); \
2379                 TCGv_i32 res = tcg_temp_new_i32(); \
2380                 tcg_gen_addi_i32(addr, cpu_R[RRI##w##_S], \
2381                                  RRI##w##_IMM##w << shift); \
2382                 tcg_gen_qemu_ld8u(res, addr, dc->cring); \
2383                 tcg_temp_free(addr); \
2384                 tcg_temp_free(res); \
2385             } \
2386         } while (0)
2387 
2388 #define gen_dcache_hit_test4() gen_dcache_hit_test(4, 4)
2389 #define gen_dcache_hit_test8() gen_dcache_hit_test(8, 2)
2390 
2391         case 7: /*CACHEc*/
2392             if (RRI8_T < 8) {
2393                 HAS_OPTION(XTENSA_OPTION_DCACHE);
2394             }
2395 
2396             switch (RRI8_T) {
2397             case 0: /*DPFRc*/
2398                 gen_window_check1(dc, RRI8_S);
2399                 break;
2400 
2401             case 1: /*DPFWc*/
2402                 gen_window_check1(dc, RRI8_S);
2403                 break;
2404 
2405             case 2: /*DPFROc*/
2406                 gen_window_check1(dc, RRI8_S);
2407                 break;
2408 
2409             case 3: /*DPFWOc*/
2410                 gen_window_check1(dc, RRI8_S);
2411                 break;
2412 
2413             case 4: /*DHWBc*/
2414                 gen_dcache_hit_test8();
2415                 break;
2416 
2417             case 5: /*DHWBIc*/
2418                 gen_dcache_hit_test8();
2419                 break;
2420 
2421             case 6: /*DHIc*/
2422                 if (gen_check_privilege(dc)) {
2423                     gen_dcache_hit_test8();
2424                 }
2425                 break;
2426 
2427             case 7: /*DIIc*/
2428                 if (gen_check_privilege(dc)) {
2429                     gen_window_check1(dc, RRI8_S);
2430                 }
2431                 break;
2432 
2433             case 8: /*DCEc*/
2434                 switch (OP1) {
2435                 case 0: /*DPFLl*/
2436                     HAS_OPTION(XTENSA_OPTION_DCACHE_INDEX_LOCK);
2437                     if (gen_check_privilege(dc)) {
2438                         gen_dcache_hit_test4();
2439                     }
2440                     break;
2441 
2442                 case 2: /*DHUl*/
2443                     HAS_OPTION(XTENSA_OPTION_DCACHE_INDEX_LOCK);
2444                     if (gen_check_privilege(dc)) {
2445                         gen_dcache_hit_test4();
2446                     }
2447                     break;
2448 
2449                 case 3: /*DIUl*/
2450                     HAS_OPTION(XTENSA_OPTION_DCACHE_INDEX_LOCK);
2451                     if (gen_check_privilege(dc)) {
2452                         gen_window_check1(dc, RRI4_S);
2453                     }
2454                     break;
2455 
2456                 case 4: /*DIWBc*/
2457                     HAS_OPTION(XTENSA_OPTION_DCACHE);
2458                     if (gen_check_privilege(dc)) {
2459                         gen_window_check1(dc, RRI4_S);
2460                     }
2461                     break;
2462 
2463                 case 5: /*DIWBIc*/
2464                     HAS_OPTION(XTENSA_OPTION_DCACHE);
2465                     if (gen_check_privilege(dc)) {
2466                         gen_window_check1(dc, RRI4_S);
2467                     }
2468                     break;
2469 
2470                 default: /*reserved*/
2471                     RESERVED();
2472                     break;
2473 
2474                 }
2475                 break;
2476 
2477 #undef gen_dcache_hit_test
2478 #undef gen_dcache_hit_test4
2479 #undef gen_dcache_hit_test8
2480 
2481 #define gen_icache_hit_test(w, shift) do { \
2482             if (gen_window_check1(dc, RRI##w##_S)) { \
2483                 TCGv_i32 addr = tcg_temp_new_i32(); \
2484                 tcg_gen_movi_i32(cpu_pc, dc->pc); \
2485                 tcg_gen_addi_i32(addr, cpu_R[RRI##w##_S], \
2486                                  RRI##w##_IMM##w << shift); \
2487                 gen_helper_itlb_hit_test(cpu_env, addr); \
2488                 tcg_temp_free(addr); \
2489             }\
2490         } while (0)
2491 
2492 #define gen_icache_hit_test4() gen_icache_hit_test(4, 4)
2493 #define gen_icache_hit_test8() gen_icache_hit_test(8, 2)
2494 
2495             case 12: /*IPFc*/
2496                 HAS_OPTION(XTENSA_OPTION_ICACHE);
2497                 gen_window_check1(dc, RRI8_S);
2498                 break;
2499 
2500             case 13: /*ICEc*/
2501                 switch (OP1) {
2502                 case 0: /*IPFLl*/
2503                     HAS_OPTION(XTENSA_OPTION_ICACHE_INDEX_LOCK);
2504                     if (gen_check_privilege(dc)) {
2505                         gen_icache_hit_test4();
2506                     }
2507                     break;
2508 
2509                 case 2: /*IHUl*/
2510                     HAS_OPTION(XTENSA_OPTION_ICACHE_INDEX_LOCK);
2511                     if (gen_check_privilege(dc)) {
2512                         gen_icache_hit_test4();
2513                     }
2514                     break;
2515 
2516                 case 3: /*IIUl*/
2517                     HAS_OPTION(XTENSA_OPTION_ICACHE_INDEX_LOCK);
2518                     if (gen_check_privilege(dc)) {
2519                         gen_window_check1(dc, RRI4_S);
2520                     }
2521                     break;
2522 
2523                 default: /*reserved*/
2524                     RESERVED();
2525                     break;
2526                 }
2527                 break;
2528 
2529             case 14: /*IHIc*/
2530                 HAS_OPTION(XTENSA_OPTION_ICACHE);
2531                 gen_icache_hit_test8();
2532                 break;
2533 
2534             case 15: /*IIIc*/
2535                 HAS_OPTION(XTENSA_OPTION_ICACHE);
2536                 if (gen_check_privilege(dc)) {
2537                     gen_window_check1(dc, RRI8_S);
2538                 }
2539                 break;
2540 
2541             default: /*reserved*/
2542                 RESERVED();
2543                 break;
2544             }
2545             break;
2546 
2547 #undef gen_icache_hit_test
2548 #undef gen_icache_hit_test4
2549 #undef gen_icache_hit_test8
2550 
2551         case 9: /*L16SI*/
2552             gen_load_store(ld16s, 1);
2553             break;
2554 #undef gen_load_store
2555 
2556         case 10: /*MOVI*/
2557             if (gen_window_check1(dc, RRI8_T)) {
2558                 tcg_gen_movi_i32(cpu_R[RRI8_T],
2559                                  RRI8_IMM8 | (RRI8_S << 8) |
2560                                  ((RRI8_S & 0x8) ? 0xfffff000 : 0));
2561             }
2562             break;
2563 
2564 #define gen_load_store_no_hw_align(type) do { \
2565             if (gen_window_check2(dc, RRI8_S, RRI8_T)) { \
2566                 TCGv_i32 addr = tcg_temp_local_new_i32(); \
2567                 tcg_gen_addi_i32(addr, cpu_R[RRI8_S], RRI8_IMM8 << 2); \
2568                 gen_load_store_alignment(dc, 2, addr, true); \
2569                 tcg_gen_qemu_##type(cpu_R[RRI8_T], addr, dc->cring); \
2570                 tcg_temp_free(addr); \
2571             } \
2572         } while (0)
2573 
2574         case 11: /*L32AIy*/
2575             HAS_OPTION(XTENSA_OPTION_MP_SYNCHRO);
2576             gen_load_store_no_hw_align(ld32u); /*TODO acquire?*/
2577             break;
2578 
2579         case 12: /*ADDI*/
2580             if (gen_window_check2(dc, RRI8_S, RRI8_T)) {
2581                 tcg_gen_addi_i32(cpu_R[RRI8_T], cpu_R[RRI8_S], RRI8_IMM8_SE);
2582             }
2583             break;
2584 
2585         case 13: /*ADDMI*/
2586             if (gen_window_check2(dc, RRI8_S, RRI8_T)) {
2587                 tcg_gen_addi_i32(cpu_R[RRI8_T], cpu_R[RRI8_S],
2588                                  RRI8_IMM8_SE << 8);
2589             }
2590             break;
2591 
2592         case 14: /*S32C1Iy*/
2593             HAS_OPTION(XTENSA_OPTION_CONDITIONAL_STORE);
2594             if (gen_window_check2(dc, RRI8_S, RRI8_T)) {
2595                 TCGLabel *label = gen_new_label();
2596                 TCGv_i32 tmp = tcg_temp_local_new_i32();
2597                 TCGv_i32 addr = tcg_temp_local_new_i32();
2598                 TCGv_i32 tpc;
2599 
2600                 tcg_gen_mov_i32(tmp, cpu_R[RRI8_T]);
2601                 tcg_gen_addi_i32(addr, cpu_R[RRI8_S], RRI8_IMM8 << 2);
2602                 gen_load_store_alignment(dc, 2, addr, true);
2603 
2604                 tpc = tcg_const_i32(dc->pc);
2605                 gen_helper_check_atomctl(cpu_env, tpc, addr);
2606                 tcg_gen_qemu_ld32u(cpu_R[RRI8_T], addr, dc->cring);
2607                 tcg_gen_brcond_i32(TCG_COND_NE, cpu_R[RRI8_T],
2608                         cpu_SR[SCOMPARE1], label);
2609 
2610                 tcg_gen_qemu_st32(tmp, addr, dc->cring);
2611 
2612                 gen_set_label(label);
2613                 tcg_temp_free(tpc);
2614                 tcg_temp_free(addr);
2615                 tcg_temp_free(tmp);
2616             }
2617             break;
2618 
2619         case 15: /*S32RIy*/
2620             HAS_OPTION(XTENSA_OPTION_MP_SYNCHRO);
2621             gen_load_store_no_hw_align(st32); /*TODO release?*/
2622             break;
2623 #undef gen_load_store_no_hw_align
2624 
2625         default: /*reserved*/
2626             RESERVED();
2627             break;
2628         }
2629         break;
2630 
2631     case 3: /*LSCIp*/
2632         switch (RRI8_R) {
2633         case 0: /*LSIf*/
2634         case 4: /*SSIf*/
2635         case 8: /*LSIUf*/
2636         case 12: /*SSIUf*/
2637             HAS_OPTION(XTENSA_OPTION_FP_COPROCESSOR);
2638             if (gen_window_check1(dc, RRI8_S) &&
2639                 gen_check_cpenable(dc, 0)) {
2640                 TCGv_i32 addr = tcg_temp_new_i32();
2641                 tcg_gen_addi_i32(addr, cpu_R[RRI8_S], RRI8_IMM8 << 2);
2642                 gen_load_store_alignment(dc, 2, addr, false);
2643                 if (RRI8_R & 0x4) {
2644                     tcg_gen_qemu_st32(cpu_FR[RRI8_T], addr, dc->cring);
2645                 } else {
2646                     tcg_gen_qemu_ld32u(cpu_FR[RRI8_T], addr, dc->cring);
2647                 }
2648                 if (RRI8_R & 0x8) {
2649                     tcg_gen_mov_i32(cpu_R[RRI8_S], addr);
2650                 }
2651                 tcg_temp_free(addr);
2652             }
2653             break;
2654 
2655         default: /*reserved*/
2656             RESERVED();
2657             break;
2658         }
2659         break;
2660 
2661     case 4: /*MAC16d*/
2662         HAS_OPTION(XTENSA_OPTION_MAC16);
2663         {
2664             enum {
2665                 MAC16_UMUL = 0x0,
2666                 MAC16_MUL  = 0x4,
2667                 MAC16_MULA = 0x8,
2668                 MAC16_MULS = 0xc,
2669                 MAC16_NONE = 0xf,
2670             } op = OP1 & 0xc;
2671             bool is_m1_sr = (OP2 & 0x3) == 2;
2672             bool is_m2_sr = (OP2 & 0xc) == 0;
2673             uint32_t ld_offset = 0;
2674 
2675             if (OP2 > 9) {
2676                 RESERVED();
2677             }
2678 
2679             switch (OP2 & 2) {
2680             case 0: /*MACI?/MACC?*/
2681                 is_m1_sr = true;
2682                 ld_offset = (OP2 & 1) ? -4 : 4;
2683 
2684                 if (OP2 >= 8) { /*MACI/MACC*/
2685                     if (OP1 == 0) { /*LDINC/LDDEC*/
2686                         op = MAC16_NONE;
2687                     } else {
2688                         RESERVED();
2689                     }
2690                 } else if (op != MAC16_MULA) { /*MULA.*.*.LDINC/LDDEC*/
2691                     RESERVED();
2692                 }
2693                 break;
2694 
2695             case 2: /*MACD?/MACA?*/
2696                 if (op == MAC16_UMUL && OP2 != 7) { /*UMUL only in MACAA*/
2697                     RESERVED();
2698                 }
2699                 break;
2700             }
2701 
2702             if (op != MAC16_NONE) {
2703                 if (!is_m1_sr && !gen_window_check1(dc, RRR_S)) {
2704                     break;
2705                 }
2706                 if (!is_m2_sr && !gen_window_check1(dc, RRR_T)) {
2707                     break;
2708                 }
2709             }
2710 
2711             if (ld_offset && !gen_window_check1(dc, RRR_S)) {
2712                 break;
2713             }
2714 
2715             {
2716                 TCGv_i32 vaddr = tcg_temp_new_i32();
2717                 TCGv_i32 mem32 = tcg_temp_new_i32();
2718 
2719                 if (ld_offset) {
2720                     tcg_gen_addi_i32(vaddr, cpu_R[RRR_S], ld_offset);
2721                     gen_load_store_alignment(dc, 2, vaddr, false);
2722                     tcg_gen_qemu_ld32u(mem32, vaddr, dc->cring);
2723                 }
2724                 if (op != MAC16_NONE) {
2725                     TCGv_i32 m1 = gen_mac16_m(
2726                             is_m1_sr ? cpu_SR[MR + RRR_X] : cpu_R[RRR_S],
2727                             OP1 & 1, op == MAC16_UMUL);
2728                     TCGv_i32 m2 = gen_mac16_m(
2729                             is_m2_sr ? cpu_SR[MR + 2 + RRR_Y] : cpu_R[RRR_T],
2730                             OP1 & 2, op == MAC16_UMUL);
2731 
2732                     if (op == MAC16_MUL || op == MAC16_UMUL) {
2733                         tcg_gen_mul_i32(cpu_SR[ACCLO], m1, m2);
2734                         if (op == MAC16_UMUL) {
2735                             tcg_gen_movi_i32(cpu_SR[ACCHI], 0);
2736                         } else {
2737                             tcg_gen_sari_i32(cpu_SR[ACCHI], cpu_SR[ACCLO], 31);
2738                         }
2739                     } else {
2740                         TCGv_i32 lo = tcg_temp_new_i32();
2741                         TCGv_i32 hi = tcg_temp_new_i32();
2742 
2743                         tcg_gen_mul_i32(lo, m1, m2);
2744                         tcg_gen_sari_i32(hi, lo, 31);
2745                         if (op == MAC16_MULA) {
2746                             tcg_gen_add2_i32(cpu_SR[ACCLO], cpu_SR[ACCHI],
2747                                              cpu_SR[ACCLO], cpu_SR[ACCHI],
2748                                              lo, hi);
2749                         } else {
2750                             tcg_gen_sub2_i32(cpu_SR[ACCLO], cpu_SR[ACCHI],
2751                                              cpu_SR[ACCLO], cpu_SR[ACCHI],
2752                                              lo, hi);
2753                         }
2754                         tcg_gen_ext8s_i32(cpu_SR[ACCHI], cpu_SR[ACCHI]);
2755 
2756                         tcg_temp_free_i32(lo);
2757                         tcg_temp_free_i32(hi);
2758                     }
2759                     tcg_temp_free(m1);
2760                     tcg_temp_free(m2);
2761                 }
2762                 if (ld_offset) {
2763                     tcg_gen_mov_i32(cpu_R[RRR_S], vaddr);
2764                     tcg_gen_mov_i32(cpu_SR[MR + RRR_W], mem32);
2765                 }
2766                 tcg_temp_free(vaddr);
2767                 tcg_temp_free(mem32);
2768             }
2769         }
2770         break;
2771 
2772     case 5: /*CALLN*/
2773         switch (CALL_N) {
2774         case 0: /*CALL0*/
2775             tcg_gen_movi_i32(cpu_R[0], dc->next_pc);
2776             gen_jumpi(dc, (dc->pc & ~3) + (CALL_OFFSET_SE << 2) + 4, 0);
2777             break;
2778 
2779         case 1: /*CALL4w*/
2780         case 2: /*CALL8w*/
2781         case 3: /*CALL12w*/
2782             HAS_OPTION(XTENSA_OPTION_WINDOWED_REGISTER);
2783             if (gen_window_check1(dc, CALL_N << 2)) {
2784                 gen_callwi(dc, CALL_N,
2785                            (dc->pc & ~3) + (CALL_OFFSET_SE << 2) + 4, 0);
2786             }
2787             break;
2788         }
2789         break;
2790 
2791     case 6: /*SI*/
2792         switch (CALL_N) {
2793         case 0: /*J*/
2794             gen_jumpi(dc, dc->pc + 4 + CALL_OFFSET_SE, 0);
2795             break;
2796 
2797         case 1: /*BZ*/
2798             if (gen_window_check1(dc, BRI12_S)) {
2799                 static const TCGCond cond[] = {
2800                     TCG_COND_EQ, /*BEQZ*/
2801                     TCG_COND_NE, /*BNEZ*/
2802                     TCG_COND_LT, /*BLTZ*/
2803                     TCG_COND_GE, /*BGEZ*/
2804                 };
2805 
2806                 gen_brcondi(dc, cond[BRI12_M & 3], cpu_R[BRI12_S], 0,
2807                         4 + BRI12_IMM12_SE);
2808             }
2809             break;
2810 
2811         case 2: /*BI0*/
2812             if (gen_window_check1(dc, BRI8_S)) {
2813                 static const TCGCond cond[] = {
2814                     TCG_COND_EQ, /*BEQI*/
2815                     TCG_COND_NE, /*BNEI*/
2816                     TCG_COND_LT, /*BLTI*/
2817                     TCG_COND_GE, /*BGEI*/
2818                 };
2819 
2820                 gen_brcondi(dc, cond[BRI8_M & 3],
2821                         cpu_R[BRI8_S], B4CONST[BRI8_R], 4 + BRI8_IMM8_SE);
2822             }
2823             break;
2824 
2825         case 3: /*BI1*/
2826             switch (BRI8_M) {
2827             case 0: /*ENTRYw*/
2828                 HAS_OPTION(XTENSA_OPTION_WINDOWED_REGISTER);
2829                 {
2830                     TCGv_i32 pc = tcg_const_i32(dc->pc);
2831                     TCGv_i32 s = tcg_const_i32(BRI12_S);
2832                     TCGv_i32 imm = tcg_const_i32(BRI12_IMM12);
2833                     gen_helper_entry(cpu_env, pc, s, imm);
2834                     tcg_temp_free(imm);
2835                     tcg_temp_free(s);
2836                     tcg_temp_free(pc);
2837                     /* This can change tb->flags, so exit tb */
2838                     gen_jumpi_check_loop_end(dc, -1);
2839                 }
2840                 break;
2841 
2842             case 1: /*B1*/
2843                 switch (BRI8_R) {
2844                 case 0: /*BFp*/
2845                 case 1: /*BTp*/
2846                     HAS_OPTION(XTENSA_OPTION_BOOLEAN);
2847                     {
2848                         TCGv_i32 tmp = tcg_temp_new_i32();
2849                         tcg_gen_andi_i32(tmp, cpu_SR[BR], 1 << RRI8_S);
2850                         gen_brcondi(dc,
2851                                 BRI8_R == 1 ? TCG_COND_NE : TCG_COND_EQ,
2852                                 tmp, 0, 4 + RRI8_IMM8_SE);
2853                         tcg_temp_free(tmp);
2854                     }
2855                     break;
2856 
2857                 case 8: /*LOOP*/
2858                 case 9: /*LOOPNEZ*/
2859                 case 10: /*LOOPGTZ*/
2860                     HAS_OPTION(XTENSA_OPTION_LOOP);
2861                     if (gen_window_check1(dc, RRI8_S)) {
2862                         uint32_t lend = dc->pc + RRI8_IMM8 + 4;
2863                         TCGv_i32 tmp = tcg_const_i32(lend);
2864 
2865                         tcg_gen_subi_i32(cpu_SR[LCOUNT], cpu_R[RRI8_S], 1);
2866                         tcg_gen_movi_i32(cpu_SR[LBEG], dc->next_pc);
2867                         gen_helper_wsr_lend(cpu_env, tmp);
2868                         tcg_temp_free(tmp);
2869 
2870                         if (BRI8_R > 8) {
2871                             TCGLabel *label = gen_new_label();
2872                             tcg_gen_brcondi_i32(
2873                                     BRI8_R == 9 ? TCG_COND_NE : TCG_COND_GT,
2874                                     cpu_R[RRI8_S], 0, label);
2875                             gen_jumpi(dc, lend, 1);
2876                             gen_set_label(label);
2877                         }
2878 
2879                         gen_jumpi(dc, dc->next_pc, 0);
2880                     }
2881                     break;
2882 
2883                 default: /*reserved*/
2884                     RESERVED();
2885                     break;
2886 
2887                 }
2888                 break;
2889 
2890             case 2: /*BLTUI*/
2891             case 3: /*BGEUI*/
2892                 if (gen_window_check1(dc, BRI8_S)) {
2893                     gen_brcondi(dc, BRI8_M == 2 ? TCG_COND_LTU : TCG_COND_GEU,
2894                                 cpu_R[BRI8_S], B4CONSTU[BRI8_R],
2895                                 4 + BRI8_IMM8_SE);
2896                 }
2897                 break;
2898             }
2899             break;
2900 
2901         }
2902         break;
2903 
2904     case 7: /*B*/
2905         {
2906             TCGCond eq_ne = (RRI8_R & 8) ? TCG_COND_NE : TCG_COND_EQ;
2907 
2908             switch (RRI8_R & 7) {
2909             case 0: /*BNONE*/ /*BANY*/
2910                 if (gen_window_check2(dc, RRI8_S, RRI8_T)) {
2911                     TCGv_i32 tmp = tcg_temp_new_i32();
2912                     tcg_gen_and_i32(tmp, cpu_R[RRI8_S], cpu_R[RRI8_T]);
2913                     gen_brcondi(dc, eq_ne, tmp, 0, 4 + RRI8_IMM8_SE);
2914                     tcg_temp_free(tmp);
2915                 }
2916                 break;
2917 
2918             case 1: /*BEQ*/ /*BNE*/
2919             case 2: /*BLT*/ /*BGE*/
2920             case 3: /*BLTU*/ /*BGEU*/
2921                 if (gen_window_check2(dc, RRI8_S, RRI8_T)) {
2922                     static const TCGCond cond[] = {
2923                         [1] = TCG_COND_EQ,
2924                         [2] = TCG_COND_LT,
2925                         [3] = TCG_COND_LTU,
2926                         [9] = TCG_COND_NE,
2927                         [10] = TCG_COND_GE,
2928                         [11] = TCG_COND_GEU,
2929                     };
2930                     gen_brcond(dc, cond[RRI8_R], cpu_R[RRI8_S], cpu_R[RRI8_T],
2931                             4 + RRI8_IMM8_SE);
2932                 }
2933                 break;
2934 
2935             case 4: /*BALL*/ /*BNALL*/
2936                 if (gen_window_check2(dc, RRI8_S, RRI8_T)) {
2937                     TCGv_i32 tmp = tcg_temp_new_i32();
2938                     tcg_gen_and_i32(tmp, cpu_R[RRI8_S], cpu_R[RRI8_T]);
2939                     gen_brcond(dc, eq_ne, tmp, cpu_R[RRI8_T],
2940                             4 + RRI8_IMM8_SE);
2941                     tcg_temp_free(tmp);
2942                 }
2943                 break;
2944 
2945             case 5: /*BBC*/ /*BBS*/
2946                 if (gen_window_check2(dc, RRI8_S, RRI8_T)) {
2947 #ifdef TARGET_WORDS_BIGENDIAN
2948                     TCGv_i32 bit = tcg_const_i32(0x80000000);
2949 #else
2950                     TCGv_i32 bit = tcg_const_i32(0x00000001);
2951 #endif
2952                     TCGv_i32 tmp = tcg_temp_new_i32();
2953                     tcg_gen_andi_i32(tmp, cpu_R[RRI8_T], 0x1f);
2954 #ifdef TARGET_WORDS_BIGENDIAN
2955                     tcg_gen_shr_i32(bit, bit, tmp);
2956 #else
2957                     tcg_gen_shl_i32(bit, bit, tmp);
2958 #endif
2959                     tcg_gen_and_i32(tmp, cpu_R[RRI8_S], bit);
2960                     gen_brcondi(dc, eq_ne, tmp, 0, 4 + RRI8_IMM8_SE);
2961                     tcg_temp_free(tmp);
2962                     tcg_temp_free(bit);
2963                 }
2964                 break;
2965 
2966             case 6: /*BBCI*/ /*BBSI*/
2967             case 7:
2968                 if (gen_window_check1(dc, RRI8_S)) {
2969                     TCGv_i32 tmp = tcg_temp_new_i32();
2970                     tcg_gen_andi_i32(tmp, cpu_R[RRI8_S],
2971 #ifdef TARGET_WORDS_BIGENDIAN
2972                             0x80000000 >> (((RRI8_R & 1) << 4) | RRI8_T));
2973 #else
2974                             0x00000001 << (((RRI8_R & 1) << 4) | RRI8_T));
2975 #endif
2976                     gen_brcondi(dc, eq_ne, tmp, 0, 4 + RRI8_IMM8_SE);
2977                     tcg_temp_free(tmp);
2978                 }
2979                 break;
2980 
2981             }
2982         }
2983         break;
2984 
2985 #define gen_narrow_load_store(type) do { \
2986             if (gen_window_check2(dc, RRRN_S, RRRN_T)) { \
2987                 TCGv_i32 addr = tcg_temp_new_i32(); \
2988                 tcg_gen_addi_i32(addr, cpu_R[RRRN_S], RRRN_R << 2); \
2989                 gen_load_store_alignment(dc, 2, addr, false); \
2990                 tcg_gen_qemu_##type(cpu_R[RRRN_T], addr, dc->cring); \
2991                 tcg_temp_free(addr); \
2992             } \
2993         } while (0)
2994 
2995     case 8: /*L32I.Nn*/
2996         gen_narrow_load_store(ld32u);
2997         break;
2998 
2999     case 9: /*S32I.Nn*/
3000         gen_narrow_load_store(st32);
3001         break;
3002 #undef gen_narrow_load_store
3003 
3004     case 10: /*ADD.Nn*/
3005         if (gen_window_check3(dc, RRRN_R, RRRN_S, RRRN_T)) {
3006             tcg_gen_add_i32(cpu_R[RRRN_R], cpu_R[RRRN_S], cpu_R[RRRN_T]);
3007         }
3008         break;
3009 
3010     case 11: /*ADDI.Nn*/
3011         if (gen_window_check2(dc, RRRN_R, RRRN_S)) {
3012             tcg_gen_addi_i32(cpu_R[RRRN_R], cpu_R[RRRN_S],
3013                              RRRN_T ? RRRN_T : -1);
3014         }
3015         break;
3016 
3017     case 12: /*ST2n*/
3018         if (!gen_window_check1(dc, RRRN_S)) {
3019             break;
3020         }
3021         if (RRRN_T < 8) { /*MOVI.Nn*/
3022             tcg_gen_movi_i32(cpu_R[RRRN_S],
3023                     RRRN_R | (RRRN_T << 4) |
3024                     ((RRRN_T & 6) == 6 ? 0xffffff80 : 0));
3025         } else { /*BEQZ.Nn*/ /*BNEZ.Nn*/
3026             TCGCond eq_ne = (RRRN_T & 4) ? TCG_COND_NE : TCG_COND_EQ;
3027 
3028             gen_brcondi(dc, eq_ne, cpu_R[RRRN_S], 0,
3029                     4 + (RRRN_R | ((RRRN_T & 3) << 4)));
3030         }
3031         break;
3032 
3033     case 13: /*ST3n*/
3034         switch (RRRN_R) {
3035         case 0: /*MOV.Nn*/
3036             if (gen_window_check2(dc, RRRN_S, RRRN_T)) {
3037                 tcg_gen_mov_i32(cpu_R[RRRN_T], cpu_R[RRRN_S]);
3038             }
3039             break;
3040 
3041         case 15: /*S3*/
3042             switch (RRRN_T) {
3043             case 0: /*RET.Nn*/
3044                 gen_jump(dc, cpu_R[0]);
3045                 break;
3046 
3047             case 1: /*RETW.Nn*/
3048                 HAS_OPTION(XTENSA_OPTION_WINDOWED_REGISTER);
3049                 {
3050                     TCGv_i32 tmp = tcg_const_i32(dc->pc);
3051                     gen_helper_retw(tmp, cpu_env, tmp);
3052                     gen_jump(dc, tmp);
3053                     tcg_temp_free(tmp);
3054                 }
3055                 break;
3056 
3057             case 2: /*BREAK.Nn*/
3058                 HAS_OPTION(XTENSA_OPTION_DEBUG);
3059                 if (dc->debug) {
3060                     gen_debug_exception(dc, DEBUGCAUSE_BN);
3061                 }
3062                 break;
3063 
3064             case 3: /*NOP.Nn*/
3065                 break;
3066 
3067             case 6: /*ILL.Nn*/
3068                 gen_exception_cause(dc, ILLEGAL_INSTRUCTION_CAUSE);
3069                 break;
3070 
3071             default: /*reserved*/
3072                 RESERVED();
3073                 break;
3074             }
3075             break;
3076 
3077         default: /*reserved*/
3078             RESERVED();
3079             break;
3080         }
3081         break;
3082 
3083     default: /*reserved*/
3084         RESERVED();
3085         break;
3086     }
3087 
3088     if (dc->is_jmp == DISAS_NEXT) {
3089         gen_check_loop_end(dc, 0);
3090     }
3091     dc->pc = dc->next_pc;
3092 
3093     return;
3094 
3095 invalid_opcode:
3096     qemu_log_mask(LOG_GUEST_ERROR, "INVALID(pc = %08x)\n", dc->pc);
3097     gen_exception_cause(dc, ILLEGAL_INSTRUCTION_CAUSE);
3098 #undef HAS_OPTION
3099 }
3100 
3101 static inline unsigned xtensa_insn_len(CPUXtensaState *env, DisasContext *dc)
3102 {
3103     uint8_t b0 = cpu_ldub_code(env, dc->pc);
3104     return xtensa_op0_insn_len(OP0);
3105 }
3106 
3107 static void gen_ibreak_check(CPUXtensaState *env, DisasContext *dc)
3108 {
3109     unsigned i;
3110 
3111     for (i = 0; i < dc->config->nibreak; ++i) {
3112         if ((env->sregs[IBREAKENABLE] & (1 << i)) &&
3113                 env->sregs[IBREAKA + i] == dc->pc) {
3114             gen_debug_exception(dc, DEBUGCAUSE_IB);
3115             break;
3116         }
3117     }
3118 }
3119 
3120 void gen_intermediate_code(CPUXtensaState *env, TranslationBlock *tb)
3121 {
3122     XtensaCPU *cpu = xtensa_env_get_cpu(env);
3123     CPUState *cs = CPU(cpu);
3124     DisasContext dc;
3125     int insn_count = 0;
3126     int max_insns = tb->cflags & CF_COUNT_MASK;
3127     uint32_t pc_start = tb->pc;
3128     uint32_t next_page_start =
3129         (pc_start & TARGET_PAGE_MASK) + TARGET_PAGE_SIZE;
3130 
3131     if (max_insns == 0) {
3132         max_insns = CF_COUNT_MASK;
3133     }
3134     if (max_insns > TCG_MAX_INSNS) {
3135         max_insns = TCG_MAX_INSNS;
3136     }
3137 
3138     dc.config = env->config;
3139     dc.singlestep_enabled = cs->singlestep_enabled;
3140     dc.tb = tb;
3141     dc.pc = pc_start;
3142     dc.ring = tb->flags & XTENSA_TBFLAG_RING_MASK;
3143     dc.cring = (tb->flags & XTENSA_TBFLAG_EXCM) ? 0 : dc.ring;
3144     dc.lbeg = env->sregs[LBEG];
3145     dc.lend = env->sregs[LEND];
3146     dc.is_jmp = DISAS_NEXT;
3147     dc.debug = tb->flags & XTENSA_TBFLAG_DEBUG;
3148     dc.icount = tb->flags & XTENSA_TBFLAG_ICOUNT;
3149     dc.cpenable = (tb->flags & XTENSA_TBFLAG_CPENABLE_MASK) >>
3150         XTENSA_TBFLAG_CPENABLE_SHIFT;
3151     dc.window = ((tb->flags & XTENSA_TBFLAG_WINDOW_MASK) >>
3152                  XTENSA_TBFLAG_WINDOW_SHIFT);
3153 
3154     init_litbase(&dc);
3155     init_sar_tracker(&dc);
3156     if (dc.icount) {
3157         dc.next_icount = tcg_temp_local_new_i32();
3158     }
3159 
3160     gen_tb_start(tb);
3161 
3162     if ((tb->cflags & CF_USE_ICOUNT) &&
3163         (tb->flags & XTENSA_TBFLAG_YIELD)) {
3164         tcg_gen_insn_start(dc.pc);
3165         ++insn_count;
3166         gen_exception(&dc, EXCP_YIELD);
3167         dc.is_jmp = DISAS_UPDATE;
3168         goto done;
3169     }
3170     if (tb->flags & XTENSA_TBFLAG_EXCEPTION) {
3171         tcg_gen_insn_start(dc.pc);
3172         ++insn_count;
3173         gen_exception(&dc, EXCP_DEBUG);
3174         dc.is_jmp = DISAS_UPDATE;
3175         goto done;
3176     }
3177 
3178     do {
3179         tcg_gen_insn_start(dc.pc);
3180         ++insn_count;
3181 
3182         if (unlikely(cpu_breakpoint_test(cs, dc.pc, BP_ANY))) {
3183             tcg_gen_movi_i32(cpu_pc, dc.pc);
3184             gen_exception(&dc, EXCP_DEBUG);
3185             dc.is_jmp = DISAS_UPDATE;
3186             /* The address covered by the breakpoint must be included in
3187                [tb->pc, tb->pc + tb->size) in order to for it to be
3188                properly cleared -- thus we increment the PC here so that
3189                the logic setting tb->size below does the right thing.  */
3190             dc.pc += 2;
3191             break;
3192         }
3193 
3194         if (insn_count == max_insns && (tb->cflags & CF_LAST_IO)) {
3195             gen_io_start();
3196         }
3197 
3198         if (dc.icount) {
3199             TCGLabel *label = gen_new_label();
3200 
3201             tcg_gen_addi_i32(dc.next_icount, cpu_SR[ICOUNT], 1);
3202             tcg_gen_brcondi_i32(TCG_COND_NE, dc.next_icount, 0, label);
3203             tcg_gen_mov_i32(dc.next_icount, cpu_SR[ICOUNT]);
3204             if (dc.debug) {
3205                 gen_debug_exception(&dc, DEBUGCAUSE_IC);
3206             }
3207             gen_set_label(label);
3208         }
3209 
3210         if (dc.debug) {
3211             gen_ibreak_check(env, &dc);
3212         }
3213 
3214         disas_xtensa_insn(env, &dc);
3215         if (dc.icount) {
3216             tcg_gen_mov_i32(cpu_SR[ICOUNT], dc.next_icount);
3217         }
3218         if (cs->singlestep_enabled) {
3219             tcg_gen_movi_i32(cpu_pc, dc.pc);
3220             gen_exception(&dc, EXCP_DEBUG);
3221             break;
3222         }
3223     } while (dc.is_jmp == DISAS_NEXT &&
3224             insn_count < max_insns &&
3225             dc.pc < next_page_start &&
3226             dc.pc + xtensa_insn_len(env, &dc) <= next_page_start &&
3227             !tcg_op_buf_full());
3228 done:
3229     reset_litbase(&dc);
3230     reset_sar_tracker(&dc);
3231     if (dc.icount) {
3232         tcg_temp_free(dc.next_icount);
3233     }
3234 
3235     if (tb->cflags & CF_LAST_IO) {
3236         gen_io_end();
3237     }
3238 
3239     if (dc.is_jmp == DISAS_NEXT) {
3240         gen_jumpi(&dc, dc.pc, 0);
3241     }
3242     gen_tb_end(tb, insn_count);
3243 
3244 #ifdef DEBUG_DISAS
3245     if (qemu_loglevel_mask(CPU_LOG_TB_IN_ASM)
3246         && qemu_log_in_addr_range(pc_start)) {
3247         qemu_log_lock();
3248         qemu_log("----------------\n");
3249         qemu_log("IN: %s\n", lookup_symbol(pc_start));
3250         log_target_disas(cs, pc_start, dc.pc - pc_start, 0);
3251         qemu_log("\n");
3252         qemu_log_unlock();
3253     }
3254 #endif
3255     tb->size = dc.pc - pc_start;
3256     tb->icount = insn_count;
3257 }
3258 
3259 void xtensa_cpu_dump_state(CPUState *cs, FILE *f,
3260                            fprintf_function cpu_fprintf, int flags)
3261 {
3262     XtensaCPU *cpu = XTENSA_CPU(cs);
3263     CPUXtensaState *env = &cpu->env;
3264     int i, j;
3265 
3266     cpu_fprintf(f, "PC=%08x\n\n", env->pc);
3267 
3268     for (i = j = 0; i < 256; ++i) {
3269         if (xtensa_option_bits_enabled(env->config, sregnames[i].opt_bits)) {
3270             cpu_fprintf(f, "%12s=%08x%c", sregnames[i].name, env->sregs[i],
3271                     (j++ % 4) == 3 ? '\n' : ' ');
3272         }
3273     }
3274 
3275     cpu_fprintf(f, (j % 4) == 0 ? "\n" : "\n\n");
3276 
3277     for (i = j = 0; i < 256; ++i) {
3278         if (xtensa_option_bits_enabled(env->config, uregnames[i].opt_bits)) {
3279             cpu_fprintf(f, "%s=%08x%c", uregnames[i].name, env->uregs[i],
3280                     (j++ % 4) == 3 ? '\n' : ' ');
3281         }
3282     }
3283 
3284     cpu_fprintf(f, (j % 4) == 0 ? "\n" : "\n\n");
3285 
3286     for (i = 0; i < 16; ++i) {
3287         cpu_fprintf(f, " A%02d=%08x%c", i, env->regs[i],
3288                 (i % 4) == 3 ? '\n' : ' ');
3289     }
3290 
3291     cpu_fprintf(f, "\n");
3292 
3293     for (i = 0; i < env->config->nareg; ++i) {
3294         cpu_fprintf(f, "AR%02d=%08x%c", i, env->phys_regs[i],
3295                 (i % 4) == 3 ? '\n' : ' ');
3296     }
3297 
3298     if (xtensa_option_enabled(env->config, XTENSA_OPTION_FP_COPROCESSOR)) {
3299         cpu_fprintf(f, "\n");
3300 
3301         for (i = 0; i < 16; ++i) {
3302             cpu_fprintf(f, "F%02d=%08x (%+10.8e)%c", i,
3303                     float32_val(env->fregs[i].f32[FP_F32_LOW]),
3304                     *(float *)(env->fregs[i].f32 + FP_F32_LOW),
3305                     (i % 2) == 1 ? '\n' : ' ');
3306         }
3307     }
3308 }
3309 
3310 void restore_state_to_opc(CPUXtensaState *env, TranslationBlock *tb,
3311                           target_ulong *data)
3312 {
3313     env->pc = data[0];
3314 }
3315