1 2 /*--------------------------------------------------------------------*/ 3 /*--- begin guest_arm_toIR.c ---*/ 4 /*--------------------------------------------------------------------*/ 5 6 /* 7 This file is part of Valgrind, a dynamic binary instrumentation 8 framework. 9 10 Copyright (C) 2004-2012 OpenWorks LLP 11 info (at) open-works.net 12 13 NEON support is 14 Copyright (C) 2010-2012 Samsung Electronics 15 contributed by Dmitry Zhurikhin <zhur (at) ispras.ru> 16 and Kirill Batuzov <batuzovk (at) ispras.ru> 17 18 This program is free software; you can redistribute it and/or 19 modify it under the terms of the GNU General Public License as 20 published by the Free Software Foundation; either version 2 of the 21 License, or (at your option) any later version. 22 23 This program is distributed in the hope that it will be useful, but 24 WITHOUT ANY WARRANTY; without even the implied warranty of 25 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 26 General Public License for more details. 27 28 You should have received a copy of the GNU General Public License 29 along with this program; if not, write to the Free Software 30 Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 31 02110-1301, USA. 32 33 The GNU General Public License is contained in the file COPYING. 34 */ 35 36 /* XXXX thumb to check: 37 that all cases where putIRegT writes r15, we generate a jump. 38 39 All uses of newTemp assign to an IRTemp and not a UInt 40 41 For all thumb loads and stores, including VFP ones, new-ITSTATE is 42 backed out before the memory op, and restored afterwards. This 43 needs to happen even after we go uncond. (and for sure it doesn't 44 happen for VFP loads/stores right now). 45 46 VFP on thumb: check that we exclude all r13/r15 cases that we 47 should. 48 49 XXXX thumb to do: improve the ITSTATE-zeroing optimisation by 50 taking into account the number of insns guarded by an IT. 51 52 remove the nasty hack, in the spechelper, of looking for Or32(..., 53 0xE0) in as the first arg to armg_calculate_condition, and instead 54 use Slice44 as specified in comments in the spechelper. 55 56 add specialisations for armg_calculate_flag_c and _v, as they 57 are moderately often needed in Thumb code. 58 59 Correctness: ITSTATE handling in Thumb SVCs is wrong. 60 61 Correctness (obscure): in m_transtab, when invalidating code 62 address ranges, invalidate up to 18 bytes after the end of the 63 range. This is because the ITSTATE optimisation at the top of 64 _THUMB_WRK below analyses up to 18 bytes before the start of any 65 given instruction, and so might depend on the invalidated area. 66 */ 67 68 /* Limitations, etc 69 70 - pretty dodgy exception semantics for {LD,ST}Mxx, no doubt 71 72 - SWP: the restart jump back is Ijk_Boring; it should be 73 Ijk_NoRedir but that's expensive. See comments on casLE() in 74 guest_x86_toIR.c. 75 */ 76 77 /* "Special" instructions. 78 79 This instruction decoder can decode four special instructions 80 which mean nothing natively (are no-ops as far as regs/mem are 81 concerned) but have meaning for supporting Valgrind. A special 82 instruction is flagged by a 16-byte preamble: 83 84 E1A0C1EC E1A0C6EC E1A0CEEC E1A0C9EC 85 (mov r12, r12, ROR #3; mov r12, r12, ROR #13; 86 mov r12, r12, ROR #29; mov r12, r12, ROR #19) 87 88 Following that, one of the following 3 are allowed 89 (standard interpretation in parentheses): 90 91 E18AA00A (orr r10,r10,r10) R3 = client_request ( R4 ) 92 E18BB00B (orr r11,r11,r11) R3 = guest_NRADDR 93 E18CC00C (orr r12,r12,r12) branch-and-link-to-noredir R4 94 95 Any other bytes following the 16-byte preamble are illegal and 96 constitute a failure in instruction decoding. This all assumes 97 that the preamble will never occur except in specific code 98 fragments designed for Valgrind to catch. 99 */ 100 101 /* Translates ARM(v5) code to IR. */ 102 103 #include "libvex_basictypes.h" 104 #include "libvex_ir.h" 105 #include "libvex.h" 106 #include "libvex_guest_arm.h" 107 108 #include "main_util.h" 109 #include "main_globals.h" 110 #include "guest_generic_bb_to_IR.h" 111 #include "guest_arm_defs.h" 112 113 114 /*------------------------------------------------------------*/ 115 /*--- Globals ---*/ 116 /*------------------------------------------------------------*/ 117 118 /* These are set at the start of the translation of a instruction, so 119 that we don't have to pass them around endlessly. CONST means does 120 not change during translation of the instruction. 121 */ 122 123 /* CONST: is the host bigendian? This has to do with float vs double 124 register accesses on VFP, but it's complex and not properly thought 125 out. */ 126 static Bool host_is_bigendian; 127 128 /* CONST: The guest address for the instruction currently being 129 translated. This is the real, "decoded" address (not subject 130 to the CPSR.T kludge). */ 131 static Addr32 guest_R15_curr_instr_notENC; 132 133 /* CONST, FOR ASSERTIONS ONLY. Indicates whether currently processed 134 insn is Thumb (True) or ARM (False). */ 135 static Bool __curr_is_Thumb; 136 137 /* MOD: The IRSB* into which we're generating code. */ 138 static IRSB* irsb; 139 140 /* These are to do with handling writes to r15. They are initially 141 set at the start of disInstr_ARM_WRK to indicate no update, 142 possibly updated during the routine, and examined again at the end. 143 If they have been set to indicate a r15 update then a jump is 144 generated. Note, "explicit" jumps (b, bx, etc) are generated 145 directly, not using this mechanism -- this is intended to handle 146 the implicit-style jumps resulting from (eg) assigning to r15 as 147 the result of insns we wouldn't normally consider branchy. */ 148 149 /* MOD. Initially False; set to True iff abovementioned handling is 150 required. */ 151 static Bool r15written; 152 153 /* MOD. Initially IRTemp_INVALID. If the r15 branch to be generated 154 is conditional, this holds the gating IRTemp :: Ity_I32. If the 155 branch to be generated is unconditional, this remains 156 IRTemp_INVALID. */ 157 static IRTemp r15guard; /* :: Ity_I32, 0 or 1 */ 158 159 /* MOD. Initially Ijk_Boring. If an r15 branch is to be generated, 160 this holds the jump kind. */ 161 static IRTemp r15kind; 162 163 164 /*------------------------------------------------------------*/ 165 /*--- Debugging output ---*/ 166 /*------------------------------------------------------------*/ 167 168 #define DIP(format, args...) \ 169 if (vex_traceflags & VEX_TRACE_FE) \ 170 vex_printf(format, ## args) 171 172 #define DIS(buf, format, args...) \ 173 if (vex_traceflags & VEX_TRACE_FE) \ 174 vex_sprintf(buf, format, ## args) 175 176 #define ASSERT_IS_THUMB \ 177 do { vassert(__curr_is_Thumb); } while (0) 178 179 #define ASSERT_IS_ARM \ 180 do { vassert(! __curr_is_Thumb); } while (0) 181 182 183 /*------------------------------------------------------------*/ 184 /*--- Helper bits and pieces for deconstructing the ---*/ 185 /*--- arm insn stream. ---*/ 186 /*------------------------------------------------------------*/ 187 188 /* Do a little-endian load of a 32-bit word, regardless of the 189 endianness of the underlying host. */ 190 static inline UInt getUIntLittleEndianly ( UChar* p ) 191 { 192 UInt w = 0; 193 w = (w << 8) | p[3]; 194 w = (w << 8) | p[2]; 195 w = (w << 8) | p[1]; 196 w = (w << 8) | p[0]; 197 return w; 198 } 199 200 /* Do a little-endian load of a 16-bit word, regardless of the 201 endianness of the underlying host. */ 202 static inline UShort getUShortLittleEndianly ( UChar* p ) 203 { 204 UShort w = 0; 205 w = (w << 8) | p[1]; 206 w = (w << 8) | p[0]; 207 return w; 208 } 209 210 static UInt ROR32 ( UInt x, UInt sh ) { 211 vassert(sh >= 0 && sh < 32); 212 if (sh == 0) 213 return x; 214 else 215 return (x << (32-sh)) | (x >> sh); 216 } 217 218 static Int popcount32 ( UInt x ) 219 { 220 Int res = 0, i; 221 for (i = 0; i < 32; i++) { 222 res += (x & 1); 223 x >>= 1; 224 } 225 return res; 226 } 227 228 static UInt setbit32 ( UInt x, Int ix, UInt b ) 229 { 230 UInt mask = 1 << ix; 231 x &= ~mask; 232 x |= ((b << ix) & mask); 233 return x; 234 } 235 236 #define BITS2(_b1,_b0) \ 237 (((_b1) << 1) | (_b0)) 238 239 #define BITS3(_b2,_b1,_b0) \ 240 (((_b2) << 2) | ((_b1) << 1) | (_b0)) 241 242 #define BITS4(_b3,_b2,_b1,_b0) \ 243 (((_b3) << 3) | ((_b2) << 2) | ((_b1) << 1) | (_b0)) 244 245 #define BITS8(_b7,_b6,_b5,_b4,_b3,_b2,_b1,_b0) \ 246 ((BITS4((_b7),(_b6),(_b5),(_b4)) << 4) \ 247 | BITS4((_b3),(_b2),(_b1),(_b0))) 248 249 #define BITS5(_b4,_b3,_b2,_b1,_b0) \ 250 (BITS8(0,0,0,(_b4),(_b3),(_b2),(_b1),(_b0))) 251 #define BITS6(_b5,_b4,_b3,_b2,_b1,_b0) \ 252 (BITS8(0,0,(_b5),(_b4),(_b3),(_b2),(_b1),(_b0))) 253 #define BITS7(_b6,_b5,_b4,_b3,_b2,_b1,_b0) \ 254 (BITS8(0,(_b6),(_b5),(_b4),(_b3),(_b2),(_b1),(_b0))) 255 256 #define BITS9(_b8,_b7,_b6,_b5,_b4,_b3,_b2,_b1,_b0) \ 257 (((_b8) << 8) \ 258 | BITS8((_b7),(_b6),(_b5),(_b4),(_b3),(_b2),(_b1),(_b0))) 259 260 #define BITS10(_b9,_b8,_b7,_b6,_b5,_b4,_b3,_b2,_b1,_b0) \ 261 (((_b9) << 9) | ((_b8) << 8) \ 262 | BITS8((_b7),(_b6),(_b5),(_b4),(_b3),(_b2),(_b1),(_b0))) 263 264 /* produces _uint[_bMax:_bMin] */ 265 #define SLICE_UInt(_uint,_bMax,_bMin) \ 266 (( ((UInt)(_uint)) >> (_bMin)) \ 267 & (UInt)((1ULL << ((_bMax) - (_bMin) + 1)) - 1ULL)) 268 269 270 /*------------------------------------------------------------*/ 271 /*--- Helper bits and pieces for creating IR fragments. ---*/ 272 /*------------------------------------------------------------*/ 273 274 static IRExpr* mkU64 ( ULong i ) 275 { 276 return IRExpr_Const(IRConst_U64(i)); 277 } 278 279 static IRExpr* mkU32 ( UInt i ) 280 { 281 return IRExpr_Const(IRConst_U32(i)); 282 } 283 284 static IRExpr* mkU8 ( UInt i ) 285 { 286 vassert(i < 256); 287 return IRExpr_Const(IRConst_U8( (UChar)i )); 288 } 289 290 static IRExpr* mkexpr ( IRTemp tmp ) 291 { 292 return IRExpr_RdTmp(tmp); 293 } 294 295 static IRExpr* unop ( IROp op, IRExpr* a ) 296 { 297 return IRExpr_Unop(op, a); 298 } 299 300 static IRExpr* binop ( IROp op, IRExpr* a1, IRExpr* a2 ) 301 { 302 return IRExpr_Binop(op, a1, a2); 303 } 304 305 static IRExpr* triop ( IROp op, IRExpr* a1, IRExpr* a2, IRExpr* a3 ) 306 { 307 return IRExpr_Triop(op, a1, a2, a3); 308 } 309 310 static IRExpr* loadLE ( IRType ty, IRExpr* addr ) 311 { 312 return IRExpr_Load(Iend_LE, ty, addr); 313 } 314 315 /* Add a statement to the list held by "irbb". */ 316 static void stmt ( IRStmt* st ) 317 { 318 addStmtToIRSB( irsb, st ); 319 } 320 321 static void assign ( IRTemp dst, IRExpr* e ) 322 { 323 stmt( IRStmt_WrTmp(dst, e) ); 324 } 325 326 static void storeLE ( IRExpr* addr, IRExpr* data ) 327 { 328 stmt( IRStmt_Store(Iend_LE, addr, data) ); 329 } 330 331 /* Generate a new temporary of the given type. */ 332 static IRTemp newTemp ( IRType ty ) 333 { 334 vassert(isPlausibleIRType(ty)); 335 return newIRTemp( irsb->tyenv, ty ); 336 } 337 338 /* Produces a value in 0 .. 3, which is encoded as per the type 339 IRRoundingMode. */ 340 static IRExpr* /* :: Ity_I32 */ get_FAKE_roundingmode ( void ) 341 { 342 return mkU32(Irrm_NEAREST); 343 } 344 345 /* Generate an expression for SRC rotated right by ROT. */ 346 static IRExpr* genROR32( IRTemp src, Int rot ) 347 { 348 vassert(rot >= 0 && rot < 32); 349 if (rot == 0) 350 return mkexpr(src); 351 return 352 binop(Iop_Or32, 353 binop(Iop_Shl32, mkexpr(src), mkU8(32 - rot)), 354 binop(Iop_Shr32, mkexpr(src), mkU8(rot))); 355 } 356 357 static IRExpr* mkU128 ( ULong i ) 358 { 359 return binop(Iop_64HLtoV128, mkU64(i), mkU64(i)); 360 } 361 362 /* Generate a 4-aligned version of the given expression if 363 the given condition is true. Else return it unchanged. */ 364 static IRExpr* align4if ( IRExpr* e, Bool b ) 365 { 366 if (b) 367 return binop(Iop_And32, e, mkU32(~3)); 368 else 369 return e; 370 } 371 372 373 /*------------------------------------------------------------*/ 374 /*--- Helpers for accessing guest registers. ---*/ 375 /*------------------------------------------------------------*/ 376 377 #define OFFB_R0 offsetof(VexGuestARMState,guest_R0) 378 #define OFFB_R1 offsetof(VexGuestARMState,guest_R1) 379 #define OFFB_R2 offsetof(VexGuestARMState,guest_R2) 380 #define OFFB_R3 offsetof(VexGuestARMState,guest_R3) 381 #define OFFB_R4 offsetof(VexGuestARMState,guest_R4) 382 #define OFFB_R5 offsetof(VexGuestARMState,guest_R5) 383 #define OFFB_R6 offsetof(VexGuestARMState,guest_R6) 384 #define OFFB_R7 offsetof(VexGuestARMState,guest_R7) 385 #define OFFB_R8 offsetof(VexGuestARMState,guest_R8) 386 #define OFFB_R9 offsetof(VexGuestARMState,guest_R9) 387 #define OFFB_R10 offsetof(VexGuestARMState,guest_R10) 388 #define OFFB_R11 offsetof(VexGuestARMState,guest_R11) 389 #define OFFB_R12 offsetof(VexGuestARMState,guest_R12) 390 #define OFFB_R13 offsetof(VexGuestARMState,guest_R13) 391 #define OFFB_R14 offsetof(VexGuestARMState,guest_R14) 392 #define OFFB_R15T offsetof(VexGuestARMState,guest_R15T) 393 394 #define OFFB_CC_OP offsetof(VexGuestARMState,guest_CC_OP) 395 #define OFFB_CC_DEP1 offsetof(VexGuestARMState,guest_CC_DEP1) 396 #define OFFB_CC_DEP2 offsetof(VexGuestARMState,guest_CC_DEP2) 397 #define OFFB_CC_NDEP offsetof(VexGuestARMState,guest_CC_NDEP) 398 #define OFFB_NRADDR offsetof(VexGuestARMState,guest_NRADDR) 399 400 #define OFFB_D0 offsetof(VexGuestARMState,guest_D0) 401 #define OFFB_D1 offsetof(VexGuestARMState,guest_D1) 402 #define OFFB_D2 offsetof(VexGuestARMState,guest_D2) 403 #define OFFB_D3 offsetof(VexGuestARMState,guest_D3) 404 #define OFFB_D4 offsetof(VexGuestARMState,guest_D4) 405 #define OFFB_D5 offsetof(VexGuestARMState,guest_D5) 406 #define OFFB_D6 offsetof(VexGuestARMState,guest_D6) 407 #define OFFB_D7 offsetof(VexGuestARMState,guest_D7) 408 #define OFFB_D8 offsetof(VexGuestARMState,guest_D8) 409 #define OFFB_D9 offsetof(VexGuestARMState,guest_D9) 410 #define OFFB_D10 offsetof(VexGuestARMState,guest_D10) 411 #define OFFB_D11 offsetof(VexGuestARMState,guest_D11) 412 #define OFFB_D12 offsetof(VexGuestARMState,guest_D12) 413 #define OFFB_D13 offsetof(VexGuestARMState,guest_D13) 414 #define OFFB_D14 offsetof(VexGuestARMState,guest_D14) 415 #define OFFB_D15 offsetof(VexGuestARMState,guest_D15) 416 #define OFFB_D16 offsetof(VexGuestARMState,guest_D16) 417 #define OFFB_D17 offsetof(VexGuestARMState,guest_D17) 418 #define OFFB_D18 offsetof(VexGuestARMState,guest_D18) 419 #define OFFB_D19 offsetof(VexGuestARMState,guest_D19) 420 #define OFFB_D20 offsetof(VexGuestARMState,guest_D20) 421 #define OFFB_D21 offsetof(VexGuestARMState,guest_D21) 422 #define OFFB_D22 offsetof(VexGuestARMState,guest_D22) 423 #define OFFB_D23 offsetof(VexGuestARMState,guest_D23) 424 #define OFFB_D24 offsetof(VexGuestARMState,guest_D24) 425 #define OFFB_D25 offsetof(VexGuestARMState,guest_D25) 426 #define OFFB_D26 offsetof(VexGuestARMState,guest_D26) 427 #define OFFB_D27 offsetof(VexGuestARMState,guest_D27) 428 #define OFFB_D28 offsetof(VexGuestARMState,guest_D28) 429 #define OFFB_D29 offsetof(VexGuestARMState,guest_D29) 430 #define OFFB_D30 offsetof(VexGuestARMState,guest_D30) 431 #define OFFB_D31 offsetof(VexGuestARMState,guest_D31) 432 433 #define OFFB_FPSCR offsetof(VexGuestARMState,guest_FPSCR) 434 #define OFFB_TPIDRURO offsetof(VexGuestARMState,guest_TPIDRURO) 435 #define OFFB_ITSTATE offsetof(VexGuestARMState,guest_ITSTATE) 436 #define OFFB_QFLAG32 offsetof(VexGuestARMState,guest_QFLAG32) 437 #define OFFB_GEFLAG0 offsetof(VexGuestARMState,guest_GEFLAG0) 438 #define OFFB_GEFLAG1 offsetof(VexGuestARMState,guest_GEFLAG1) 439 #define OFFB_GEFLAG2 offsetof(VexGuestARMState,guest_GEFLAG2) 440 #define OFFB_GEFLAG3 offsetof(VexGuestARMState,guest_GEFLAG3) 441 442 443 /* ---------------- Integer registers ---------------- */ 444 445 static Int integerGuestRegOffset ( UInt iregNo ) 446 { 447 /* Do we care about endianness here? We do if sub-parts of integer 448 registers are accessed, but I don't think that ever happens on 449 ARM. */ 450 switch (iregNo) { 451 case 0: return OFFB_R0; 452 case 1: return OFFB_R1; 453 case 2: return OFFB_R2; 454 case 3: return OFFB_R3; 455 case 4: return OFFB_R4; 456 case 5: return OFFB_R5; 457 case 6: return OFFB_R6; 458 case 7: return OFFB_R7; 459 case 8: return OFFB_R8; 460 case 9: return OFFB_R9; 461 case 10: return OFFB_R10; 462 case 11: return OFFB_R11; 463 case 12: return OFFB_R12; 464 case 13: return OFFB_R13; 465 case 14: return OFFB_R14; 466 case 15: return OFFB_R15T; 467 default: vassert(0); 468 } 469 } 470 471 /* Plain ("low level") read from a reg; no +8 offset magic for r15. */ 472 static IRExpr* llGetIReg ( UInt iregNo ) 473 { 474 vassert(iregNo < 16); 475 return IRExpr_Get( integerGuestRegOffset(iregNo), Ity_I32 ); 476 } 477 478 /* Architected read from a reg in ARM mode. This automagically adds 8 479 to all reads of r15. */ 480 static IRExpr* getIRegA ( UInt iregNo ) 481 { 482 IRExpr* e; 483 ASSERT_IS_ARM; 484 vassert(iregNo < 16); 485 if (iregNo == 15) { 486 /* If asked for r15, don't read the guest state value, as that 487 may not be up to date in the case where loop unrolling has 488 happened, because the first insn's write to the block is 489 omitted; hence in the 2nd and subsequent unrollings we don't 490 have a correct value in guest r15. Instead produce the 491 constant that we know would be produced at this point. */ 492 vassert(0 == (guest_R15_curr_instr_notENC & 3)); 493 e = mkU32(guest_R15_curr_instr_notENC + 8); 494 } else { 495 e = IRExpr_Get( integerGuestRegOffset(iregNo), Ity_I32 ); 496 } 497 return e; 498 } 499 500 /* Architected read from a reg in Thumb mode. This automagically adds 501 4 to all reads of r15. */ 502 static IRExpr* getIRegT ( UInt iregNo ) 503 { 504 IRExpr* e; 505 ASSERT_IS_THUMB; 506 vassert(iregNo < 16); 507 if (iregNo == 15) { 508 /* Ditto comment in getIReg. */ 509 vassert(0 == (guest_R15_curr_instr_notENC & 1)); 510 e = mkU32(guest_R15_curr_instr_notENC + 4); 511 } else { 512 e = IRExpr_Get( integerGuestRegOffset(iregNo), Ity_I32 ); 513 } 514 return e; 515 } 516 517 /* Plain ("low level") write to a reg; no jump or alignment magic for 518 r15. */ 519 static void llPutIReg ( UInt iregNo, IRExpr* e ) 520 { 521 vassert(iregNo < 16); 522 vassert(typeOfIRExpr(irsb->tyenv, e) == Ity_I32); 523 stmt( IRStmt_Put(integerGuestRegOffset(iregNo), e) ); 524 } 525 526 /* Architected write to an integer register in ARM mode. If it is to 527 r15, record info so at the end of this insn's translation, a branch 528 to it can be made. Also handles conditional writes to the 529 register: if guardT == IRTemp_INVALID then the write is 530 unconditional. If writing r15, also 4-align it. */ 531 static void putIRegA ( UInt iregNo, 532 IRExpr* e, 533 IRTemp guardT /* :: Ity_I32, 0 or 1 */, 534 IRJumpKind jk /* if a jump is generated */ ) 535 { 536 /* if writing r15, force e to be 4-aligned. */ 537 // INTERWORKING FIXME. this needs to be relaxed so that 538 // puts caused by LDMxx which load r15 interwork right. 539 // but is no aligned too relaxed? 540 //if (iregNo == 15) 541 // e = binop(Iop_And32, e, mkU32(~3)); 542 ASSERT_IS_ARM; 543 /* So, generate either an unconditional or a conditional write to 544 the reg. */ 545 if (guardT == IRTemp_INVALID) { 546 /* unconditional write */ 547 llPutIReg( iregNo, e ); 548 } else { 549 llPutIReg( iregNo, 550 IRExpr_Mux0X( unop(Iop_32to8, mkexpr(guardT)), 551 llGetIReg(iregNo), 552 e )); 553 } 554 if (iregNo == 15) { 555 // assert against competing r15 updates. Shouldn't 556 // happen; should be ruled out by the instr matching 557 // logic. 558 vassert(r15written == False); 559 vassert(r15guard == IRTemp_INVALID); 560 vassert(r15kind == Ijk_Boring); 561 r15written = True; 562 r15guard = guardT; 563 r15kind = jk; 564 } 565 } 566 567 568 /* Architected write to an integer register in Thumb mode. Writes to 569 r15 are not allowed. Handles conditional writes to the register: 570 if guardT == IRTemp_INVALID then the write is unconditional. */ 571 static void putIRegT ( UInt iregNo, 572 IRExpr* e, 573 IRTemp guardT /* :: Ity_I32, 0 or 1 */ ) 574 { 575 /* So, generate either an unconditional or a conditional write to 576 the reg. */ 577 ASSERT_IS_THUMB; 578 vassert(iregNo >= 0 && iregNo <= 14); 579 if (guardT == IRTemp_INVALID) { 580 /* unconditional write */ 581 llPutIReg( iregNo, e ); 582 } else { 583 llPutIReg( iregNo, 584 IRExpr_Mux0X( unop(Iop_32to8, mkexpr(guardT)), 585 llGetIReg(iregNo), 586 e )); 587 } 588 } 589 590 591 /* Thumb16 and Thumb32 only. 592 Returns true if reg is 13 or 15. Implements the BadReg 593 predicate in the ARM ARM. */ 594 static Bool isBadRegT ( UInt r ) 595 { 596 vassert(r <= 15); 597 ASSERT_IS_THUMB; 598 return r == 13 || r == 15; 599 } 600 601 602 /* ---------------- Double registers ---------------- */ 603 604 static Int doubleGuestRegOffset ( UInt dregNo ) 605 { 606 /* Do we care about endianness here? Probably do if we ever get 607 into the situation of dealing with the single-precision VFP 608 registers. */ 609 switch (dregNo) { 610 case 0: return OFFB_D0; 611 case 1: return OFFB_D1; 612 case 2: return OFFB_D2; 613 case 3: return OFFB_D3; 614 case 4: return OFFB_D4; 615 case 5: return OFFB_D5; 616 case 6: return OFFB_D6; 617 case 7: return OFFB_D7; 618 case 8: return OFFB_D8; 619 case 9: return OFFB_D9; 620 case 10: return OFFB_D10; 621 case 11: return OFFB_D11; 622 case 12: return OFFB_D12; 623 case 13: return OFFB_D13; 624 case 14: return OFFB_D14; 625 case 15: return OFFB_D15; 626 case 16: return OFFB_D16; 627 case 17: return OFFB_D17; 628 case 18: return OFFB_D18; 629 case 19: return OFFB_D19; 630 case 20: return OFFB_D20; 631 case 21: return OFFB_D21; 632 case 22: return OFFB_D22; 633 case 23: return OFFB_D23; 634 case 24: return OFFB_D24; 635 case 25: return OFFB_D25; 636 case 26: return OFFB_D26; 637 case 27: return OFFB_D27; 638 case 28: return OFFB_D28; 639 case 29: return OFFB_D29; 640 case 30: return OFFB_D30; 641 case 31: return OFFB_D31; 642 default: vassert(0); 643 } 644 } 645 646 /* Plain ("low level") read from a VFP Dreg. */ 647 static IRExpr* llGetDReg ( UInt dregNo ) 648 { 649 vassert(dregNo < 32); 650 return IRExpr_Get( doubleGuestRegOffset(dregNo), Ity_F64 ); 651 } 652 653 /* Architected read from a VFP Dreg. */ 654 static IRExpr* getDReg ( UInt dregNo ) { 655 return llGetDReg( dregNo ); 656 } 657 658 /* Plain ("low level") write to a VFP Dreg. */ 659 static void llPutDReg ( UInt dregNo, IRExpr* e ) 660 { 661 vassert(dregNo < 32); 662 vassert(typeOfIRExpr(irsb->tyenv, e) == Ity_F64); 663 stmt( IRStmt_Put(doubleGuestRegOffset(dregNo), e) ); 664 } 665 666 /* Architected write to a VFP Dreg. Handles conditional writes to the 667 register: if guardT == IRTemp_INVALID then the write is 668 unconditional. */ 669 static void putDReg ( UInt dregNo, 670 IRExpr* e, 671 IRTemp guardT /* :: Ity_I32, 0 or 1 */) 672 { 673 /* So, generate either an unconditional or a conditional write to 674 the reg. */ 675 if (guardT == IRTemp_INVALID) { 676 /* unconditional write */ 677 llPutDReg( dregNo, e ); 678 } else { 679 llPutDReg( dregNo, 680 IRExpr_Mux0X( unop(Iop_32to8, mkexpr(guardT)), 681 llGetDReg(dregNo), 682 e )); 683 } 684 } 685 686 /* And now exactly the same stuff all over again, but this time 687 taking/returning I64 rather than F64, to support 64-bit Neon 688 ops. */ 689 690 /* Plain ("low level") read from a Neon Integer Dreg. */ 691 static IRExpr* llGetDRegI64 ( UInt dregNo ) 692 { 693 vassert(dregNo < 32); 694 return IRExpr_Get( doubleGuestRegOffset(dregNo), Ity_I64 ); 695 } 696 697 /* Architected read from a Neon Integer Dreg. */ 698 static IRExpr* getDRegI64 ( UInt dregNo ) { 699 return llGetDRegI64( dregNo ); 700 } 701 702 /* Plain ("low level") write to a Neon Integer Dreg. */ 703 static void llPutDRegI64 ( UInt dregNo, IRExpr* e ) 704 { 705 vassert(dregNo < 32); 706 vassert(typeOfIRExpr(irsb->tyenv, e) == Ity_I64); 707 stmt( IRStmt_Put(doubleGuestRegOffset(dregNo), e) ); 708 } 709 710 /* Architected write to a Neon Integer Dreg. Handles conditional 711 writes to the register: if guardT == IRTemp_INVALID then the write 712 is unconditional. */ 713 static void putDRegI64 ( UInt dregNo, 714 IRExpr* e, 715 IRTemp guardT /* :: Ity_I32, 0 or 1 */) 716 { 717 /* So, generate either an unconditional or a conditional write to 718 the reg. */ 719 if (guardT == IRTemp_INVALID) { 720 /* unconditional write */ 721 llPutDRegI64( dregNo, e ); 722 } else { 723 llPutDRegI64( dregNo, 724 IRExpr_Mux0X( unop(Iop_32to8, mkexpr(guardT)), 725 llGetDRegI64(dregNo), 726 e )); 727 } 728 } 729 730 /* ---------------- Quad registers ---------------- */ 731 732 static Int quadGuestRegOffset ( UInt qregNo ) 733 { 734 /* Do we care about endianness here? Probably do if we ever get 735 into the situation of dealing with the 64 bit Neon registers. */ 736 switch (qregNo) { 737 case 0: return OFFB_D0; 738 case 1: return OFFB_D2; 739 case 2: return OFFB_D4; 740 case 3: return OFFB_D6; 741 case 4: return OFFB_D8; 742 case 5: return OFFB_D10; 743 case 6: return OFFB_D12; 744 case 7: return OFFB_D14; 745 case 8: return OFFB_D16; 746 case 9: return OFFB_D18; 747 case 10: return OFFB_D20; 748 case 11: return OFFB_D22; 749 case 12: return OFFB_D24; 750 case 13: return OFFB_D26; 751 case 14: return OFFB_D28; 752 case 15: return OFFB_D30; 753 default: vassert(0); 754 } 755 } 756 757 /* Plain ("low level") read from a Neon Qreg. */ 758 static IRExpr* llGetQReg ( UInt qregNo ) 759 { 760 vassert(qregNo < 16); 761 return IRExpr_Get( quadGuestRegOffset(qregNo), Ity_V128 ); 762 } 763 764 /* Architected read from a Neon Qreg. */ 765 static IRExpr* getQReg ( UInt qregNo ) { 766 return llGetQReg( qregNo ); 767 } 768 769 /* Plain ("low level") write to a Neon Qreg. */ 770 static void llPutQReg ( UInt qregNo, IRExpr* e ) 771 { 772 vassert(qregNo < 16); 773 vassert(typeOfIRExpr(irsb->tyenv, e) == Ity_V128); 774 stmt( IRStmt_Put(quadGuestRegOffset(qregNo), e) ); 775 } 776 777 /* Architected write to a Neon Qreg. Handles conditional writes to the 778 register: if guardT == IRTemp_INVALID then the write is 779 unconditional. */ 780 static void putQReg ( UInt qregNo, 781 IRExpr* e, 782 IRTemp guardT /* :: Ity_I32, 0 or 1 */) 783 { 784 /* So, generate either an unconditional or a conditional write to 785 the reg. */ 786 if (guardT == IRTemp_INVALID) { 787 /* unconditional write */ 788 llPutQReg( qregNo, e ); 789 } else { 790 llPutQReg( qregNo, 791 IRExpr_Mux0X( unop(Iop_32to8, mkexpr(guardT)), 792 llGetQReg(qregNo), 793 e )); 794 } 795 } 796 797 798 /* ---------------- Float registers ---------------- */ 799 800 static Int floatGuestRegOffset ( UInt fregNo ) 801 { 802 /* Start with the offset of the containing double, and then correct 803 for endianness. Actually this is completely bogus and needs 804 careful thought. */ 805 Int off; 806 vassert(fregNo < 32); 807 off = doubleGuestRegOffset(fregNo >> 1); 808 if (host_is_bigendian) { 809 vassert(0); 810 } else { 811 if (fregNo & 1) 812 off += 4; 813 } 814 return off; 815 } 816 817 /* Plain ("low level") read from a VFP Freg. */ 818 static IRExpr* llGetFReg ( UInt fregNo ) 819 { 820 vassert(fregNo < 32); 821 return IRExpr_Get( floatGuestRegOffset(fregNo), Ity_F32 ); 822 } 823 824 /* Architected read from a VFP Freg. */ 825 static IRExpr* getFReg ( UInt fregNo ) { 826 return llGetFReg( fregNo ); 827 } 828 829 /* Plain ("low level") write to a VFP Freg. */ 830 static void llPutFReg ( UInt fregNo, IRExpr* e ) 831 { 832 vassert(fregNo < 32); 833 vassert(typeOfIRExpr(irsb->tyenv, e) == Ity_F32); 834 stmt( IRStmt_Put(floatGuestRegOffset(fregNo), e) ); 835 } 836 837 /* Architected write to a VFP Freg. Handles conditional writes to the 838 register: if guardT == IRTemp_INVALID then the write is 839 unconditional. */ 840 static void putFReg ( UInt fregNo, 841 IRExpr* e, 842 IRTemp guardT /* :: Ity_I32, 0 or 1 */) 843 { 844 /* So, generate either an unconditional or a conditional write to 845 the reg. */ 846 if (guardT == IRTemp_INVALID) { 847 /* unconditional write */ 848 llPutFReg( fregNo, e ); 849 } else { 850 llPutFReg( fregNo, 851 IRExpr_Mux0X( unop(Iop_32to8, mkexpr(guardT)), 852 llGetFReg(fregNo), 853 e )); 854 } 855 } 856 857 858 /* ---------------- Misc registers ---------------- */ 859 860 static void putMiscReg32 ( UInt gsoffset, 861 IRExpr* e, /* :: Ity_I32 */ 862 IRTemp guardT /* :: Ity_I32, 0 or 1 */) 863 { 864 switch (gsoffset) { 865 case OFFB_FPSCR: break; 866 case OFFB_QFLAG32: break; 867 case OFFB_GEFLAG0: break; 868 case OFFB_GEFLAG1: break; 869 case OFFB_GEFLAG2: break; 870 case OFFB_GEFLAG3: break; 871 default: vassert(0); /* awaiting more cases */ 872 } 873 vassert(typeOfIRExpr(irsb->tyenv, e) == Ity_I32); 874 875 if (guardT == IRTemp_INVALID) { 876 /* unconditional write */ 877 stmt(IRStmt_Put(gsoffset, e)); 878 } else { 879 stmt(IRStmt_Put( 880 gsoffset, 881 IRExpr_Mux0X( unop(Iop_32to8, mkexpr(guardT)), 882 IRExpr_Get(gsoffset, Ity_I32), 883 e 884 ) 885 )); 886 } 887 } 888 889 static IRTemp get_ITSTATE ( void ) 890 { 891 ASSERT_IS_THUMB; 892 IRTemp t = newTemp(Ity_I32); 893 assign(t, IRExpr_Get( OFFB_ITSTATE, Ity_I32)); 894 return t; 895 } 896 897 static void put_ITSTATE ( IRTemp t ) 898 { 899 ASSERT_IS_THUMB; 900 stmt( IRStmt_Put( OFFB_ITSTATE, mkexpr(t)) ); 901 } 902 903 static IRTemp get_QFLAG32 ( void ) 904 { 905 IRTemp t = newTemp(Ity_I32); 906 assign(t, IRExpr_Get( OFFB_QFLAG32, Ity_I32)); 907 return t; 908 } 909 910 static void put_QFLAG32 ( IRTemp t, IRTemp condT ) 911 { 912 putMiscReg32( OFFB_QFLAG32, mkexpr(t), condT ); 913 } 914 915 /* Stickily set the 'Q' flag (APSR bit 27) of the APSR (Application Program 916 Status Register) to indicate that overflow or saturation occurred. 917 Nb: t must be zero to denote no saturation, and any nonzero 918 value to indicate saturation. */ 919 static void or_into_QFLAG32 ( IRExpr* e, IRTemp condT ) 920 { 921 IRTemp old = get_QFLAG32(); 922 IRTemp nyu = newTemp(Ity_I32); 923 assign(nyu, binop(Iop_Or32, mkexpr(old), e) ); 924 put_QFLAG32(nyu, condT); 925 } 926 927 /* Generate code to set APSR.GE[flagNo]. Each fn call sets 1 bit. 928 flagNo: which flag bit to set [3...0] 929 lowbits_to_ignore: 0 = look at all 32 bits 930 8 = look at top 24 bits only 931 16 = look at top 16 bits only 932 31 = look at the top bit only 933 e: input value to be evaluated. 934 The new value is taken from 'e' with the lowest 'lowbits_to_ignore' 935 masked out. If the resulting value is zero then the GE flag is 936 set to 0; any other value sets the flag to 1. */ 937 static void put_GEFLAG32 ( Int flagNo, /* 0, 1, 2 or 3 */ 938 Int lowbits_to_ignore, /* 0, 8, 16 or 31 */ 939 IRExpr* e, /* Ity_I32 */ 940 IRTemp condT ) 941 { 942 vassert( flagNo >= 0 && flagNo <= 3 ); 943 vassert( lowbits_to_ignore == 0 || 944 lowbits_to_ignore == 8 || 945 lowbits_to_ignore == 16 || 946 lowbits_to_ignore == 31 ); 947 IRTemp masked = newTemp(Ity_I32); 948 assign(masked, binop(Iop_Shr32, e, mkU8(lowbits_to_ignore))); 949 950 switch (flagNo) { 951 case 0: putMiscReg32(OFFB_GEFLAG0, mkexpr(masked), condT); break; 952 case 1: putMiscReg32(OFFB_GEFLAG1, mkexpr(masked), condT); break; 953 case 2: putMiscReg32(OFFB_GEFLAG2, mkexpr(masked), condT); break; 954 case 3: putMiscReg32(OFFB_GEFLAG3, mkexpr(masked), condT); break; 955 default: vassert(0); 956 } 957 } 958 959 /* Return the (32-bit, zero-or-nonzero representation scheme) of 960 the specified GE flag. */ 961 static IRExpr* get_GEFLAG32( Int flagNo /* 0, 1, 2, 3 */ ) 962 { 963 switch (flagNo) { 964 case 0: return IRExpr_Get( OFFB_GEFLAG0, Ity_I32 ); 965 case 1: return IRExpr_Get( OFFB_GEFLAG1, Ity_I32 ); 966 case 2: return IRExpr_Get( OFFB_GEFLAG2, Ity_I32 ); 967 case 3: return IRExpr_Get( OFFB_GEFLAG3, Ity_I32 ); 968 default: vassert(0); 969 } 970 } 971 972 /* Set all 4 GE flags from the given 32-bit value as follows: GE 3 and 973 2 are set from bit 31 of the value, and GE 1 and 0 are set from bit 974 15 of the value. All other bits are ignored. */ 975 static void set_GE_32_10_from_bits_31_15 ( IRTemp t32, IRTemp condT ) 976 { 977 IRTemp ge10 = newTemp(Ity_I32); 978 IRTemp ge32 = newTemp(Ity_I32); 979 assign(ge10, binop(Iop_And32, mkexpr(t32), mkU32(0x00008000))); 980 assign(ge32, binop(Iop_And32, mkexpr(t32), mkU32(0x80000000))); 981 put_GEFLAG32( 0, 0, mkexpr(ge10), condT ); 982 put_GEFLAG32( 1, 0, mkexpr(ge10), condT ); 983 put_GEFLAG32( 2, 0, mkexpr(ge32), condT ); 984 put_GEFLAG32( 3, 0, mkexpr(ge32), condT ); 985 } 986 987 988 /* Set all 4 GE flags from the given 32-bit value as follows: GE 3 989 from bit 31, GE 2 from bit 23, GE 1 from bit 15, and GE0 from 990 bit 7. All other bits are ignored. */ 991 static void set_GE_3_2_1_0_from_bits_31_23_15_7 ( IRTemp t32, IRTemp condT ) 992 { 993 IRTemp ge0 = newTemp(Ity_I32); 994 IRTemp ge1 = newTemp(Ity_I32); 995 IRTemp ge2 = newTemp(Ity_I32); 996 IRTemp ge3 = newTemp(Ity_I32); 997 assign(ge0, binop(Iop_And32, mkexpr(t32), mkU32(0x00000080))); 998 assign(ge1, binop(Iop_And32, mkexpr(t32), mkU32(0x00008000))); 999 assign(ge2, binop(Iop_And32, mkexpr(t32), mkU32(0x00800000))); 1000 assign(ge3, binop(Iop_And32, mkexpr(t32), mkU32(0x80000000))); 1001 put_GEFLAG32( 0, 0, mkexpr(ge0), condT ); 1002 put_GEFLAG32( 1, 0, mkexpr(ge1), condT ); 1003 put_GEFLAG32( 2, 0, mkexpr(ge2), condT ); 1004 put_GEFLAG32( 3, 0, mkexpr(ge3), condT ); 1005 } 1006 1007 1008 /* ---------------- FPSCR stuff ---------------- */ 1009 1010 /* Generate IR to get hold of the rounding mode bits in FPSCR, and 1011 convert them to IR format. Bind the final result to the 1012 returned temp. */ 1013 static IRTemp /* :: Ity_I32 */ mk_get_IR_rounding_mode ( void ) 1014 { 1015 /* The ARMvfp encoding for rounding mode bits is: 1016 00 to nearest 1017 01 to +infinity 1018 10 to -infinity 1019 11 to zero 1020 We need to convert that to the IR encoding: 1021 00 to nearest (the default) 1022 10 to +infinity 1023 01 to -infinity 1024 11 to zero 1025 Which can be done by swapping bits 0 and 1. 1026 The rmode bits are at 23:22 in FPSCR. 1027 */ 1028 IRTemp armEncd = newTemp(Ity_I32); 1029 IRTemp swapped = newTemp(Ity_I32); 1030 /* Fish FPSCR[23:22] out, and slide to bottom. Doesn't matter that 1031 we don't zero out bits 24 and above, since the assignment to 1032 'swapped' will mask them out anyway. */ 1033 assign(armEncd, 1034 binop(Iop_Shr32, IRExpr_Get(OFFB_FPSCR, Ity_I32), mkU8(22))); 1035 /* Now swap them. */ 1036 assign(swapped, 1037 binop(Iop_Or32, 1038 binop(Iop_And32, 1039 binop(Iop_Shl32, mkexpr(armEncd), mkU8(1)), 1040 mkU32(2)), 1041 binop(Iop_And32, 1042 binop(Iop_Shr32, mkexpr(armEncd), mkU8(1)), 1043 mkU32(1)) 1044 )); 1045 return swapped; 1046 } 1047 1048 1049 /*------------------------------------------------------------*/ 1050 /*--- Helpers for flag handling and conditional insns ---*/ 1051 /*------------------------------------------------------------*/ 1052 1053 static HChar* name_ARMCondcode ( ARMCondcode cond ) 1054 { 1055 switch (cond) { 1056 case ARMCondEQ: return "{eq}"; 1057 case ARMCondNE: return "{ne}"; 1058 case ARMCondHS: return "{hs}"; // or 'cs' 1059 case ARMCondLO: return "{lo}"; // or 'cc' 1060 case ARMCondMI: return "{mi}"; 1061 case ARMCondPL: return "{pl}"; 1062 case ARMCondVS: return "{vs}"; 1063 case ARMCondVC: return "{vc}"; 1064 case ARMCondHI: return "{hi}"; 1065 case ARMCondLS: return "{ls}"; 1066 case ARMCondGE: return "{ge}"; 1067 case ARMCondLT: return "{lt}"; 1068 case ARMCondGT: return "{gt}"; 1069 case ARMCondLE: return "{le}"; 1070 case ARMCondAL: return ""; // {al}: is the default 1071 case ARMCondNV: return "{nv}"; 1072 default: vpanic("name_ARMCondcode"); 1073 } 1074 } 1075 /* and a handy shorthand for it */ 1076 static HChar* nCC ( ARMCondcode cond ) { 1077 return name_ARMCondcode(cond); 1078 } 1079 1080 1081 /* Build IR to calculate some particular condition from stored 1082 CC_OP/CC_DEP1/CC_DEP2/CC_NDEP. Returns an expression of type 1083 Ity_I32, suitable for narrowing. Although the return type is 1084 Ity_I32, the returned value is either 0 or 1. 'cond' must be 1085 :: Ity_I32 and must denote the condition to compute in 1086 bits 7:4, and be zero everywhere else. 1087 */ 1088 static IRExpr* mk_armg_calculate_condition_dyn ( IRExpr* cond ) 1089 { 1090 vassert(typeOfIRExpr(irsb->tyenv, cond) == Ity_I32); 1091 /* And 'cond' had better produce a value in which only bits 7:4 are 1092 nonzero. However, obviously we can't assert for that. */ 1093 1094 /* So what we're constructing for the first argument is 1095 "(cond << 4) | stored-operation". 1096 However, as per comments above, 'cond' must be supplied 1097 pre-shifted to this function. 1098 1099 This pairing scheme requires that the ARM_CC_OP_ values all fit 1100 in 4 bits. Hence we are passing a (COND, OP) pair in the lowest 1101 8 bits of the first argument. */ 1102 IRExpr** args 1103 = mkIRExprVec_4( 1104 binop(Iop_Or32, IRExpr_Get(OFFB_CC_OP, Ity_I32), cond), 1105 IRExpr_Get(OFFB_CC_DEP1, Ity_I32), 1106 IRExpr_Get(OFFB_CC_DEP2, Ity_I32), 1107 IRExpr_Get(OFFB_CC_NDEP, Ity_I32) 1108 ); 1109 IRExpr* call 1110 = mkIRExprCCall( 1111 Ity_I32, 1112 0/*regparm*/, 1113 "armg_calculate_condition", &armg_calculate_condition, 1114 args 1115 ); 1116 1117 /* Exclude the requested condition, OP and NDEP from definedness 1118 checking. We're only interested in DEP1 and DEP2. */ 1119 call->Iex.CCall.cee->mcx_mask = (1<<0) | (1<<3); 1120 return call; 1121 } 1122 1123 1124 /* Build IR to calculate some particular condition from stored 1125 CC_OP/CC_DEP1/CC_DEP2/CC_NDEP. Returns an expression of type 1126 Ity_I32, suitable for narrowing. Although the return type is 1127 Ity_I32, the returned value is either 0 or 1. 1128 */ 1129 static IRExpr* mk_armg_calculate_condition ( ARMCondcode cond ) 1130 { 1131 /* First arg is "(cond << 4) | condition". This requires that the 1132 ARM_CC_OP_ values all fit in 4 bits. Hence we are passing a 1133 (COND, OP) pair in the lowest 8 bits of the first argument. */ 1134 vassert(cond >= 0 && cond <= 15); 1135 return mk_armg_calculate_condition_dyn( mkU32(cond << 4) ); 1136 } 1137 1138 1139 /* Build IR to calculate just the carry flag from stored 1140 CC_OP/CC_DEP1/CC_DEP2/CC_NDEP. Returns an expression :: 1141 Ity_I32. */ 1142 static IRExpr* mk_armg_calculate_flag_c ( void ) 1143 { 1144 IRExpr** args 1145 = mkIRExprVec_4( IRExpr_Get(OFFB_CC_OP, Ity_I32), 1146 IRExpr_Get(OFFB_CC_DEP1, Ity_I32), 1147 IRExpr_Get(OFFB_CC_DEP2, Ity_I32), 1148 IRExpr_Get(OFFB_CC_NDEP, Ity_I32) ); 1149 IRExpr* call 1150 = mkIRExprCCall( 1151 Ity_I32, 1152 0/*regparm*/, 1153 "armg_calculate_flag_c", &armg_calculate_flag_c, 1154 args 1155 ); 1156 /* Exclude OP and NDEP from definedness checking. We're only 1157 interested in DEP1 and DEP2. */ 1158 call->Iex.CCall.cee->mcx_mask = (1<<0) | (1<<3); 1159 return call; 1160 } 1161 1162 1163 /* Build IR to calculate just the overflow flag from stored 1164 CC_OP/CC_DEP1/CC_DEP2/CC_NDEP. Returns an expression :: 1165 Ity_I32. */ 1166 static IRExpr* mk_armg_calculate_flag_v ( void ) 1167 { 1168 IRExpr** args 1169 = mkIRExprVec_4( IRExpr_Get(OFFB_CC_OP, Ity_I32), 1170 IRExpr_Get(OFFB_CC_DEP1, Ity_I32), 1171 IRExpr_Get(OFFB_CC_DEP2, Ity_I32), 1172 IRExpr_Get(OFFB_CC_NDEP, Ity_I32) ); 1173 IRExpr* call 1174 = mkIRExprCCall( 1175 Ity_I32, 1176 0/*regparm*/, 1177 "armg_calculate_flag_v", &armg_calculate_flag_v, 1178 args 1179 ); 1180 /* Exclude OP and NDEP from definedness checking. We're only 1181 interested in DEP1 and DEP2. */ 1182 call->Iex.CCall.cee->mcx_mask = (1<<0) | (1<<3); 1183 return call; 1184 } 1185 1186 1187 /* Build IR to calculate N Z C V in bits 31:28 of the 1188 returned word. */ 1189 static IRExpr* mk_armg_calculate_flags_nzcv ( void ) 1190 { 1191 IRExpr** args 1192 = mkIRExprVec_4( IRExpr_Get(OFFB_CC_OP, Ity_I32), 1193 IRExpr_Get(OFFB_CC_DEP1, Ity_I32), 1194 IRExpr_Get(OFFB_CC_DEP2, Ity_I32), 1195 IRExpr_Get(OFFB_CC_NDEP, Ity_I32) ); 1196 IRExpr* call 1197 = mkIRExprCCall( 1198 Ity_I32, 1199 0/*regparm*/, 1200 "armg_calculate_flags_nzcv", &armg_calculate_flags_nzcv, 1201 args 1202 ); 1203 /* Exclude OP and NDEP from definedness checking. We're only 1204 interested in DEP1 and DEP2. */ 1205 call->Iex.CCall.cee->mcx_mask = (1<<0) | (1<<3); 1206 return call; 1207 } 1208 1209 static IRExpr* mk_armg_calculate_flag_qc ( IRExpr* resL, IRExpr* resR, Bool Q ) 1210 { 1211 IRExpr** args1; 1212 IRExpr** args2; 1213 IRExpr *call1, *call2, *res; 1214 1215 if (Q) { 1216 args1 = mkIRExprVec_4 ( binop(Iop_GetElem32x4, resL, mkU8(0)), 1217 binop(Iop_GetElem32x4, resL, mkU8(1)), 1218 binop(Iop_GetElem32x4, resR, mkU8(0)), 1219 binop(Iop_GetElem32x4, resR, mkU8(1)) ); 1220 args2 = mkIRExprVec_4 ( binop(Iop_GetElem32x4, resL, mkU8(2)), 1221 binop(Iop_GetElem32x4, resL, mkU8(3)), 1222 binop(Iop_GetElem32x4, resR, mkU8(2)), 1223 binop(Iop_GetElem32x4, resR, mkU8(3)) ); 1224 } else { 1225 args1 = mkIRExprVec_4 ( binop(Iop_GetElem32x2, resL, mkU8(0)), 1226 binop(Iop_GetElem32x2, resL, mkU8(1)), 1227 binop(Iop_GetElem32x2, resR, mkU8(0)), 1228 binop(Iop_GetElem32x2, resR, mkU8(1)) ); 1229 } 1230 1231 #if 1 1232 call1 = mkIRExprCCall( 1233 Ity_I32, 1234 0/*regparm*/, 1235 "armg_calculate_flag_qc", &armg_calculate_flag_qc, 1236 args1 1237 ); 1238 if (Q) { 1239 call2 = mkIRExprCCall( 1240 Ity_I32, 1241 0/*regparm*/, 1242 "armg_calculate_flag_qc", &armg_calculate_flag_qc, 1243 args2 1244 ); 1245 } 1246 if (Q) { 1247 res = binop(Iop_Or32, call1, call2); 1248 } else { 1249 res = call1; 1250 } 1251 #else 1252 if (Q) { 1253 res = unop(Iop_1Uto32, 1254 binop(Iop_CmpNE32, 1255 binop(Iop_Or32, 1256 binop(Iop_Or32, 1257 binop(Iop_Xor32, 1258 args1[0], 1259 args1[2]), 1260 binop(Iop_Xor32, 1261 args1[1], 1262 args1[3])), 1263 binop(Iop_Or32, 1264 binop(Iop_Xor32, 1265 args2[0], 1266 args2[2]), 1267 binop(Iop_Xor32, 1268 args2[1], 1269 args2[3]))), 1270 mkU32(0))); 1271 } else { 1272 res = unop(Iop_1Uto32, 1273 binop(Iop_CmpNE32, 1274 binop(Iop_Or32, 1275 binop(Iop_Xor32, 1276 args1[0], 1277 args1[2]), 1278 binop(Iop_Xor32, 1279 args1[1], 1280 args1[3])), 1281 mkU32(0))); 1282 } 1283 #endif 1284 return res; 1285 } 1286 1287 // FIXME: this is named wrongly .. looks like a sticky set of 1288 // QC, not a write to it. 1289 static void setFlag_QC ( IRExpr* resL, IRExpr* resR, Bool Q, 1290 IRTemp condT ) 1291 { 1292 putMiscReg32 (OFFB_FPSCR, 1293 binop(Iop_Or32, 1294 IRExpr_Get(OFFB_FPSCR, Ity_I32), 1295 binop(Iop_Shl32, 1296 mk_armg_calculate_flag_qc(resL, resR, Q), 1297 mkU8(27))), 1298 condT); 1299 } 1300 1301 /* Build IR to conditionally set the flags thunk. As with putIReg, if 1302 guard is IRTemp_INVALID then it's unconditional, else it holds a 1303 condition :: Ity_I32. */ 1304 static 1305 void setFlags_D1_D2_ND ( UInt cc_op, IRTemp t_dep1, 1306 IRTemp t_dep2, IRTemp t_ndep, 1307 IRTemp guardT /* :: Ity_I32, 0 or 1 */ ) 1308 { 1309 IRTemp c8; 1310 vassert(typeOfIRTemp(irsb->tyenv, t_dep1 == Ity_I32)); 1311 vassert(typeOfIRTemp(irsb->tyenv, t_dep2 == Ity_I32)); 1312 vassert(typeOfIRTemp(irsb->tyenv, t_ndep == Ity_I32)); 1313 vassert(cc_op >= ARMG_CC_OP_COPY && cc_op < ARMG_CC_OP_NUMBER); 1314 if (guardT == IRTemp_INVALID) { 1315 /* unconditional */ 1316 stmt( IRStmt_Put( OFFB_CC_OP, mkU32(cc_op) )); 1317 stmt( IRStmt_Put( OFFB_CC_DEP1, mkexpr(t_dep1) )); 1318 stmt( IRStmt_Put( OFFB_CC_DEP2, mkexpr(t_dep2) )); 1319 stmt( IRStmt_Put( OFFB_CC_NDEP, mkexpr(t_ndep) )); 1320 } else { 1321 /* conditional */ 1322 c8 = newTemp(Ity_I8); 1323 assign( c8, unop(Iop_32to8, mkexpr(guardT)) ); 1324 stmt( IRStmt_Put( 1325 OFFB_CC_OP, 1326 IRExpr_Mux0X( mkexpr(c8), 1327 IRExpr_Get(OFFB_CC_OP, Ity_I32), 1328 mkU32(cc_op) ))); 1329 stmt( IRStmt_Put( 1330 OFFB_CC_DEP1, 1331 IRExpr_Mux0X( mkexpr(c8), 1332 IRExpr_Get(OFFB_CC_DEP1, Ity_I32), 1333 mkexpr(t_dep1) ))); 1334 stmt( IRStmt_Put( 1335 OFFB_CC_DEP2, 1336 IRExpr_Mux0X( mkexpr(c8), 1337 IRExpr_Get(OFFB_CC_DEP2, Ity_I32), 1338 mkexpr(t_dep2) ))); 1339 stmt( IRStmt_Put( 1340 OFFB_CC_NDEP, 1341 IRExpr_Mux0X( mkexpr(c8), 1342 IRExpr_Get(OFFB_CC_NDEP, Ity_I32), 1343 mkexpr(t_ndep) ))); 1344 } 1345 } 1346 1347 1348 /* Minor variant of the above that sets NDEP to zero (if it 1349 sets it at all) */ 1350 static void setFlags_D1_D2 ( UInt cc_op, IRTemp t_dep1, 1351 IRTemp t_dep2, 1352 IRTemp guardT /* :: Ity_I32, 0 or 1 */ ) 1353 { 1354 IRTemp z32 = newTemp(Ity_I32); 1355 assign( z32, mkU32(0) ); 1356 setFlags_D1_D2_ND( cc_op, t_dep1, t_dep2, z32, guardT ); 1357 } 1358 1359 1360 /* Minor variant of the above that sets DEP2 to zero (if it 1361 sets it at all) */ 1362 static void setFlags_D1_ND ( UInt cc_op, IRTemp t_dep1, 1363 IRTemp t_ndep, 1364 IRTemp guardT /* :: Ity_I32, 0 or 1 */ ) 1365 { 1366 IRTemp z32 = newTemp(Ity_I32); 1367 assign( z32, mkU32(0) ); 1368 setFlags_D1_D2_ND( cc_op, t_dep1, z32, t_ndep, guardT ); 1369 } 1370 1371 1372 /* Minor variant of the above that sets DEP2 and NDEP to zero (if it 1373 sets them at all) */ 1374 static void setFlags_D1 ( UInt cc_op, IRTemp t_dep1, 1375 IRTemp guardT /* :: Ity_I32, 0 or 1 */ ) 1376 { 1377 IRTemp z32 = newTemp(Ity_I32); 1378 assign( z32, mkU32(0) ); 1379 setFlags_D1_D2_ND( cc_op, t_dep1, z32, z32, guardT ); 1380 } 1381 1382 1383 /* ARM only */ 1384 /* Generate a side-exit to the next instruction, if the given guard 1385 expression :: Ity_I32 is 0 (note! the side exit is taken if the 1386 condition is false!) This is used to skip over conditional 1387 instructions which we can't generate straight-line code for, either 1388 because they are too complex or (more likely) they potentially 1389 generate exceptions. 1390 */ 1391 static void mk_skip_over_A32_if_cond_is_false ( 1392 IRTemp guardT /* :: Ity_I32, 0 or 1 */ 1393 ) 1394 { 1395 ASSERT_IS_ARM; 1396 vassert(guardT != IRTemp_INVALID); 1397 vassert(0 == (guest_R15_curr_instr_notENC & 3)); 1398 stmt( IRStmt_Exit( 1399 unop(Iop_Not1, unop(Iop_32to1, mkexpr(guardT))), 1400 Ijk_Boring, 1401 IRConst_U32(toUInt(guest_R15_curr_instr_notENC + 4)), 1402 OFFB_R15T 1403 )); 1404 } 1405 1406 /* Thumb16 only */ 1407 /* ditto, but jump over a 16-bit thumb insn */ 1408 static void mk_skip_over_T16_if_cond_is_false ( 1409 IRTemp guardT /* :: Ity_I32, 0 or 1 */ 1410 ) 1411 { 1412 ASSERT_IS_THUMB; 1413 vassert(guardT != IRTemp_INVALID); 1414 vassert(0 == (guest_R15_curr_instr_notENC & 1)); 1415 stmt( IRStmt_Exit( 1416 unop(Iop_Not1, unop(Iop_32to1, mkexpr(guardT))), 1417 Ijk_Boring, 1418 IRConst_U32(toUInt((guest_R15_curr_instr_notENC + 2) | 1)), 1419 OFFB_R15T 1420 )); 1421 } 1422 1423 1424 /* Thumb32 only */ 1425 /* ditto, but jump over a 32-bit thumb insn */ 1426 static void mk_skip_over_T32_if_cond_is_false ( 1427 IRTemp guardT /* :: Ity_I32, 0 or 1 */ 1428 ) 1429 { 1430 ASSERT_IS_THUMB; 1431 vassert(guardT != IRTemp_INVALID); 1432 vassert(0 == (guest_R15_curr_instr_notENC & 1)); 1433 stmt( IRStmt_Exit( 1434 unop(Iop_Not1, unop(Iop_32to1, mkexpr(guardT))), 1435 Ijk_Boring, 1436 IRConst_U32(toUInt((guest_R15_curr_instr_notENC + 4) | 1)), 1437 OFFB_R15T 1438 )); 1439 } 1440 1441 1442 /* Thumb16 and Thumb32 only 1443 Generate a SIGILL followed by a restart of the current instruction 1444 if the given temp is nonzero. */ 1445 static void gen_SIGILL_T_if_nonzero ( IRTemp t /* :: Ity_I32 */ ) 1446 { 1447 ASSERT_IS_THUMB; 1448 vassert(t != IRTemp_INVALID); 1449 vassert(0 == (guest_R15_curr_instr_notENC & 1)); 1450 stmt( 1451 IRStmt_Exit( 1452 binop(Iop_CmpNE32, mkexpr(t), mkU32(0)), 1453 Ijk_NoDecode, 1454 IRConst_U32(toUInt(guest_R15_curr_instr_notENC | 1)), 1455 OFFB_R15T 1456 ) 1457 ); 1458 } 1459 1460 1461 /* Inspect the old_itstate, and generate a SIGILL if it indicates that 1462 we are currently in an IT block and are not the last in the block. 1463 This also rolls back guest_ITSTATE to its old value before the exit 1464 and restores it to its new value afterwards. This is so that if 1465 the exit is taken, we have an up to date version of ITSTATE 1466 available. Without doing that, we have no hope of making precise 1467 exceptions work. */ 1468 static void gen_SIGILL_T_if_in_but_NLI_ITBlock ( 1469 IRTemp old_itstate /* :: Ity_I32 */, 1470 IRTemp new_itstate /* :: Ity_I32 */ 1471 ) 1472 { 1473 ASSERT_IS_THUMB; 1474 put_ITSTATE(old_itstate); // backout 1475 IRTemp guards_for_next3 = newTemp(Ity_I32); 1476 assign(guards_for_next3, 1477 binop(Iop_Shr32, mkexpr(old_itstate), mkU8(8))); 1478 gen_SIGILL_T_if_nonzero(guards_for_next3); 1479 put_ITSTATE(new_itstate); //restore 1480 } 1481 1482 1483 /* Simpler version of the above, which generates a SIGILL if 1484 we're anywhere within an IT block. */ 1485 static void gen_SIGILL_T_if_in_ITBlock ( 1486 IRTemp old_itstate /* :: Ity_I32 */, 1487 IRTemp new_itstate /* :: Ity_I32 */ 1488 ) 1489 { 1490 put_ITSTATE(old_itstate); // backout 1491 gen_SIGILL_T_if_nonzero(old_itstate); 1492 put_ITSTATE(new_itstate); //restore 1493 } 1494 1495 1496 /* Generate an APSR value, from the NZCV thunk, and 1497 from QFLAG32 and GEFLAG0 .. GEFLAG3. */ 1498 static IRTemp synthesise_APSR ( void ) 1499 { 1500 IRTemp res1 = newTemp(Ity_I32); 1501 // Get NZCV 1502 assign( res1, mk_armg_calculate_flags_nzcv() ); 1503 // OR in the Q value 1504 IRTemp res2 = newTemp(Ity_I32); 1505 assign( 1506 res2, 1507 binop(Iop_Or32, 1508 mkexpr(res1), 1509 binop(Iop_Shl32, 1510 unop(Iop_1Uto32, 1511 binop(Iop_CmpNE32, 1512 mkexpr(get_QFLAG32()), 1513 mkU32(0))), 1514 mkU8(ARMG_CC_SHIFT_Q))) 1515 ); 1516 // OR in GE0 .. GE3 1517 IRExpr* ge0 1518 = unop(Iop_1Uto32, binop(Iop_CmpNE32, get_GEFLAG32(0), mkU32(0))); 1519 IRExpr* ge1 1520 = unop(Iop_1Uto32, binop(Iop_CmpNE32, get_GEFLAG32(1), mkU32(0))); 1521 IRExpr* ge2 1522 = unop(Iop_1Uto32, binop(Iop_CmpNE32, get_GEFLAG32(2), mkU32(0))); 1523 IRExpr* ge3 1524 = unop(Iop_1Uto32, binop(Iop_CmpNE32, get_GEFLAG32(3), mkU32(0))); 1525 IRTemp res3 = newTemp(Ity_I32); 1526 assign(res3, 1527 binop(Iop_Or32, 1528 mkexpr(res2), 1529 binop(Iop_Or32, 1530 binop(Iop_Or32, 1531 binop(Iop_Shl32, ge0, mkU8(16)), 1532 binop(Iop_Shl32, ge1, mkU8(17))), 1533 binop(Iop_Or32, 1534 binop(Iop_Shl32, ge2, mkU8(18)), 1535 binop(Iop_Shl32, ge3, mkU8(19))) ))); 1536 return res3; 1537 } 1538 1539 1540 /* and the inverse transformation: given an APSR value, 1541 set the NZCV thunk, the Q flag, and the GE flags. */ 1542 static void desynthesise_APSR ( Bool write_nzcvq, Bool write_ge, 1543 IRTemp apsrT, IRTemp condT ) 1544 { 1545 vassert(write_nzcvq || write_ge); 1546 if (write_nzcvq) { 1547 // Do NZCV 1548 IRTemp immT = newTemp(Ity_I32); 1549 assign(immT, binop(Iop_And32, mkexpr(apsrT), mkU32(0xF0000000)) ); 1550 setFlags_D1(ARMG_CC_OP_COPY, immT, condT); 1551 // Do Q 1552 IRTemp qnewT = newTemp(Ity_I32); 1553 assign(qnewT, binop(Iop_And32, mkexpr(apsrT), mkU32(ARMG_CC_MASK_Q))); 1554 put_QFLAG32(qnewT, condT); 1555 } 1556 if (write_ge) { 1557 // Do GE3..0 1558 put_GEFLAG32(0, 0, binop(Iop_And32, mkexpr(apsrT), mkU32(1<<16)), 1559 condT); 1560 put_GEFLAG32(1, 0, binop(Iop_And32, mkexpr(apsrT), mkU32(1<<17)), 1561 condT); 1562 put_GEFLAG32(2, 0, binop(Iop_And32, mkexpr(apsrT), mkU32(1<<18)), 1563 condT); 1564 put_GEFLAG32(3, 0, binop(Iop_And32, mkexpr(apsrT), mkU32(1<<19)), 1565 condT); 1566 } 1567 } 1568 1569 1570 /*------------------------------------------------------------*/ 1571 /*--- Helpers for saturation ---*/ 1572 /*------------------------------------------------------------*/ 1573 1574 /* FIXME: absolutely the only diff. between (a) armUnsignedSatQ and 1575 (b) armSignedSatQ is that in (a) the floor is set to 0, whereas in 1576 (b) the floor is computed from the value of imm5. these two fnsn 1577 should be commoned up. */ 1578 1579 /* UnsignedSatQ(): 'clamp' each value so it lies between 0 <= x <= (2^N)-1 1580 Optionally return flag resQ saying whether saturation occurred. 1581 See definition in manual, section A2.2.1, page 41 1582 (bits(N), boolean) UnsignedSatQ( integer i, integer N ) 1583 { 1584 if ( i > (2^N)-1 ) { result = (2^N)-1; saturated = TRUE; } 1585 elsif ( i < 0 ) { result = 0; saturated = TRUE; } 1586 else { result = i; saturated = FALSE; } 1587 return ( result<N-1:0>, saturated ); 1588 } 1589 */ 1590 static void armUnsignedSatQ( IRTemp* res, /* OUT - Ity_I32 */ 1591 IRTemp* resQ, /* OUT - Ity_I32 */ 1592 IRTemp regT, /* value to clamp - Ity_I32 */ 1593 UInt imm5 ) /* saturation ceiling */ 1594 { 1595 UInt ceil = (1 << imm5) - 1; // (2^imm5)-1 1596 UInt floor = 0; 1597 1598 IRTemp node0 = newTemp(Ity_I32); 1599 IRTemp node1 = newTemp(Ity_I32); 1600 IRTemp node2 = newTemp(Ity_I1); 1601 IRTemp node3 = newTemp(Ity_I32); 1602 IRTemp node4 = newTemp(Ity_I32); 1603 IRTemp node5 = newTemp(Ity_I1); 1604 IRTemp node6 = newTemp(Ity_I32); 1605 1606 assign( node0, mkexpr(regT) ); 1607 assign( node1, mkU32(ceil) ); 1608 assign( node2, binop( Iop_CmpLT32S, mkexpr(node1), mkexpr(node0) ) ); 1609 assign( node3, IRExpr_Mux0X( unop(Iop_1Uto8, mkexpr(node2)), 1610 mkexpr(node0), 1611 mkexpr(node1) ) ); 1612 assign( node4, mkU32(floor) ); 1613 assign( node5, binop( Iop_CmpLT32S, mkexpr(node3), mkexpr(node4) ) ); 1614 assign( node6, IRExpr_Mux0X( unop(Iop_1Uto8, mkexpr(node5)), 1615 mkexpr(node3), 1616 mkexpr(node4) ) ); 1617 assign( *res, mkexpr(node6) ); 1618 1619 /* if saturation occurred, then resQ is set to some nonzero value 1620 if sat did not occur, resQ is guaranteed to be zero. */ 1621 if (resQ) { 1622 assign( *resQ, binop(Iop_Xor32, mkexpr(*res), mkexpr(regT)) ); 1623 } 1624 } 1625 1626 1627 /* SignedSatQ(): 'clamp' each value so it lies between -2^N <= x <= (2^N) - 1 1628 Optionally return flag resQ saying whether saturation occurred. 1629 - see definition in manual, section A2.2.1, page 41 1630 (bits(N), boolean ) SignedSatQ( integer i, integer N ) 1631 { 1632 if ( i > 2^(N-1) - 1 ) { result = 2^(N-1) - 1; saturated = TRUE; } 1633 elsif ( i < -(2^(N-1)) ) { result = -(2^(N-1)); saturated = FALSE; } 1634 else { result = i; saturated = FALSE; } 1635 return ( result[N-1:0], saturated ); 1636 } 1637 */ 1638 static void armSignedSatQ( IRTemp regT, /* value to clamp - Ity_I32 */ 1639 UInt imm5, /* saturation ceiling */ 1640 IRTemp* res, /* OUT - Ity_I32 */ 1641 IRTemp* resQ ) /* OUT - Ity_I32 */ 1642 { 1643 Int ceil = (1 << (imm5-1)) - 1; // (2^(imm5-1))-1 1644 Int floor = -(1 << (imm5-1)); // -(2^(imm5-1)) 1645 1646 IRTemp node0 = newTemp(Ity_I32); 1647 IRTemp node1 = newTemp(Ity_I32); 1648 IRTemp node2 = newTemp(Ity_I1); 1649 IRTemp node3 = newTemp(Ity_I32); 1650 IRTemp node4 = newTemp(Ity_I32); 1651 IRTemp node5 = newTemp(Ity_I1); 1652 IRTemp node6 = newTemp(Ity_I32); 1653 1654 assign( node0, mkexpr(regT) ); 1655 assign( node1, mkU32(ceil) ); 1656 assign( node2, binop( Iop_CmpLT32S, mkexpr(node1), mkexpr(node0) ) ); 1657 assign( node3, IRExpr_Mux0X( unop(Iop_1Uto8, mkexpr(node2)), 1658 mkexpr(node0), mkexpr(node1) ) ); 1659 assign( node4, mkU32(floor) ); 1660 assign( node5, binop( Iop_CmpLT32S, mkexpr(node3), mkexpr(node4) ) ); 1661 assign( node6, IRExpr_Mux0X( unop(Iop_1Uto8, mkexpr(node5)), 1662 mkexpr(node3), mkexpr(node4) ) ); 1663 assign( *res, mkexpr(node6) ); 1664 1665 /* if saturation occurred, then resQ is set to some nonzero value 1666 if sat did not occur, resQ is guaranteed to be zero. */ 1667 if (resQ) { 1668 assign( *resQ, binop(Iop_Xor32, mkexpr(*res), mkexpr(regT)) ); 1669 } 1670 } 1671 1672 1673 /* Compute a value 0 :: I32 or 1 :: I32, indicating whether signed 1674 overflow occurred for 32-bit addition. Needs both args and the 1675 result. HD p27. */ 1676 static 1677 IRExpr* signed_overflow_after_Add32 ( IRExpr* resE, 1678 IRTemp argL, IRTemp argR ) 1679 { 1680 IRTemp res = newTemp(Ity_I32); 1681 assign(res, resE); 1682 return 1683 binop( Iop_Shr32, 1684 binop( Iop_And32, 1685 binop( Iop_Xor32, mkexpr(res), mkexpr(argL) ), 1686 binop( Iop_Xor32, mkexpr(res), mkexpr(argR) )), 1687 mkU8(31) ); 1688 } 1689 1690 /* Similarly .. also from HD p27 .. */ 1691 static 1692 IRExpr* signed_overflow_after_Sub32 ( IRExpr* resE, 1693 IRTemp argL, IRTemp argR ) 1694 { 1695 IRTemp res = newTemp(Ity_I32); 1696 assign(res, resE); 1697 return 1698 binop( Iop_Shr32, 1699 binop( Iop_And32, 1700 binop( Iop_Xor32, mkexpr(argL), mkexpr(argR) ), 1701 binop( Iop_Xor32, mkexpr(res), mkexpr(argL) )), 1702 mkU8(31) ); 1703 } 1704 1705 1706 /*------------------------------------------------------------*/ 1707 /*--- Larger helpers ---*/ 1708 /*------------------------------------------------------------*/ 1709 1710 /* Compute both the result and new C flag value for a LSL by an imm5 1711 or by a register operand. May generate reads of the old C value 1712 (hence only safe to use before any writes to guest state happen). 1713 Are factored out so can be used by both ARM and Thumb. 1714 1715 Note that in compute_result_and_C_after_{LSL,LSR,ASR}_by{imm5,reg}, 1716 "res" (the result) is a.k.a. "shop", shifter operand 1717 "newC" (the new C) is a.k.a. "shco", shifter carry out 1718 1719 The calling convention for res and newC is a bit funny. They could 1720 be passed by value, but instead are passed by ref. 1721 1722 The C (shco) value computed must be zero in bits 31:1, as the IR 1723 optimisations for flag handling (guest_arm_spechelper) rely on 1724 that, and the slow-path handlers (armg_calculate_flags_nzcv) assert 1725 for it. Same applies to all these functions that compute shco 1726 after a shift or rotate, not just this one. 1727 */ 1728 1729 static void compute_result_and_C_after_LSL_by_imm5 ( 1730 /*OUT*/HChar* buf, 1731 IRTemp* res, 1732 IRTemp* newC, 1733 IRTemp rMt, UInt shift_amt, /* operands */ 1734 UInt rM /* only for debug printing */ 1735 ) 1736 { 1737 if (shift_amt == 0) { 1738 if (newC) { 1739 assign( *newC, mk_armg_calculate_flag_c() ); 1740 } 1741 assign( *res, mkexpr(rMt) ); 1742 DIS(buf, "r%u", rM); 1743 } else { 1744 vassert(shift_amt >= 1 && shift_amt <= 31); 1745 if (newC) { 1746 assign( *newC, 1747 binop(Iop_And32, 1748 binop(Iop_Shr32, mkexpr(rMt), 1749 mkU8(32 - shift_amt)), 1750 mkU32(1))); 1751 } 1752 assign( *res, 1753 binop(Iop_Shl32, mkexpr(rMt), mkU8(shift_amt)) ); 1754 DIS(buf, "r%u, LSL #%u", rM, shift_amt); 1755 } 1756 } 1757 1758 1759 static void compute_result_and_C_after_LSL_by_reg ( 1760 /*OUT*/HChar* buf, 1761 IRTemp* res, 1762 IRTemp* newC, 1763 IRTemp rMt, IRTemp rSt, /* operands */ 1764 UInt rM, UInt rS /* only for debug printing */ 1765 ) 1766 { 1767 // shift left in range 0 .. 255 1768 // amt = rS & 255 1769 // res = amt < 32 ? Rm << amt : 0 1770 // newC = amt == 0 ? oldC : 1771 // amt in 1..32 ? Rm[32-amt] : 0 1772 IRTemp amtT = newTemp(Ity_I32); 1773 assign( amtT, binop(Iop_And32, mkexpr(rSt), mkU32(255)) ); 1774 if (newC) { 1775 /* mux0X(amt == 0, 1776 mux0X(amt < 32, 1777 0, 1778 Rm[(32-amt) & 31]), 1779 oldC) 1780 */ 1781 /* About the best you can do is pray that iropt is able 1782 to nuke most or all of the following junk. */ 1783 IRTemp oldC = newTemp(Ity_I32); 1784 assign(oldC, mk_armg_calculate_flag_c() ); 1785 assign( 1786 *newC, 1787 IRExpr_Mux0X( 1788 unop(Iop_1Uto8, 1789 binop(Iop_CmpEQ32, mkexpr(amtT), mkU32(0))), 1790 IRExpr_Mux0X( 1791 unop(Iop_1Uto8, 1792 binop(Iop_CmpLE32U, mkexpr(amtT), mkU32(32))), 1793 mkU32(0), 1794 binop(Iop_And32, 1795 binop(Iop_Shr32, 1796 mkexpr(rMt), 1797 unop(Iop_32to8, 1798 binop(Iop_And32, 1799 binop(Iop_Sub32, 1800 mkU32(32), 1801 mkexpr(amtT)), 1802 mkU32(31) 1803 ) 1804 ) 1805 ), 1806 mkU32(1) 1807 ) 1808 ), 1809 mkexpr(oldC) 1810 ) 1811 ); 1812 } 1813 // (Rm << (Rs & 31)) & (((Rs & 255) - 32) >>s 31) 1814 // Lhs of the & limits the shift to 31 bits, so as to 1815 // give known IR semantics. Rhs of the & is all 1s for 1816 // Rs <= 31 and all 0s for Rs >= 32. 1817 assign( 1818 *res, 1819 binop( 1820 Iop_And32, 1821 binop(Iop_Shl32, 1822 mkexpr(rMt), 1823 unop(Iop_32to8, 1824 binop(Iop_And32, mkexpr(rSt), mkU32(31)))), 1825 binop(Iop_Sar32, 1826 binop(Iop_Sub32, 1827 mkexpr(amtT), 1828 mkU32(32)), 1829 mkU8(31)))); 1830 DIS(buf, "r%u, LSL r%u", rM, rS); 1831 } 1832 1833 1834 static void compute_result_and_C_after_LSR_by_imm5 ( 1835 /*OUT*/HChar* buf, 1836 IRTemp* res, 1837 IRTemp* newC, 1838 IRTemp rMt, UInt shift_amt, /* operands */ 1839 UInt rM /* only for debug printing */ 1840 ) 1841 { 1842 if (shift_amt == 0) { 1843 // conceptually a 32-bit shift, however: 1844 // res = 0 1845 // newC = Rm[31] 1846 if (newC) { 1847 assign( *newC, 1848 binop(Iop_And32, 1849 binop(Iop_Shr32, mkexpr(rMt), mkU8(31)), 1850 mkU32(1))); 1851 } 1852 assign( *res, mkU32(0) ); 1853 DIS(buf, "r%u, LSR #0(a.k.a. 32)", rM); 1854 } else { 1855 // shift in range 1..31 1856 // res = Rm >>u shift_amt 1857 // newC = Rm[shift_amt - 1] 1858 vassert(shift_amt >= 1 && shift_amt <= 31); 1859 if (newC) { 1860 assign( *newC, 1861 binop(Iop_And32, 1862 binop(Iop_Shr32, mkexpr(rMt), 1863 mkU8(shift_amt - 1)), 1864 mkU32(1))); 1865 } 1866 assign( *res, 1867 binop(Iop_Shr32, mkexpr(rMt), mkU8(shift_amt)) ); 1868 DIS(buf, "r%u, LSR #%u", rM, shift_amt); 1869 } 1870 } 1871 1872 1873 static void compute_result_and_C_after_LSR_by_reg ( 1874 /*OUT*/HChar* buf, 1875 IRTemp* res, 1876 IRTemp* newC, 1877 IRTemp rMt, IRTemp rSt, /* operands */ 1878 UInt rM, UInt rS /* only for debug printing */ 1879 ) 1880 { 1881 // shift right in range 0 .. 255 1882 // amt = rS & 255 1883 // res = amt < 32 ? Rm >>u amt : 0 1884 // newC = amt == 0 ? oldC : 1885 // amt in 1..32 ? Rm[amt-1] : 0 1886 IRTemp amtT = newTemp(Ity_I32); 1887 assign( amtT, binop(Iop_And32, mkexpr(rSt), mkU32(255)) ); 1888 if (newC) { 1889 /* mux0X(amt == 0, 1890 mux0X(amt < 32, 1891 0, 1892 Rm[(amt-1) & 31]), 1893 oldC) 1894 */ 1895 IRTemp oldC = newTemp(Ity_I32); 1896 assign(oldC, mk_armg_calculate_flag_c() ); 1897 assign( 1898 *newC, 1899 IRExpr_Mux0X( 1900 unop(Iop_1Uto8, 1901 binop(Iop_CmpEQ32, mkexpr(amtT), mkU32(0))), 1902 IRExpr_Mux0X( 1903 unop(Iop_1Uto8, 1904 binop(Iop_CmpLE32U, mkexpr(amtT), mkU32(32))), 1905 mkU32(0), 1906 binop(Iop_And32, 1907 binop(Iop_Shr32, 1908 mkexpr(rMt), 1909 unop(Iop_32to8, 1910 binop(Iop_And32, 1911 binop(Iop_Sub32, 1912 mkexpr(amtT), 1913 mkU32(1)), 1914 mkU32(31) 1915 ) 1916 ) 1917 ), 1918 mkU32(1) 1919 ) 1920 ), 1921 mkexpr(oldC) 1922 ) 1923 ); 1924 } 1925 // (Rm >>u (Rs & 31)) & (((Rs & 255) - 32) >>s 31) 1926 // Lhs of the & limits the shift to 31 bits, so as to 1927 // give known IR semantics. Rhs of the & is all 1s for 1928 // Rs <= 31 and all 0s for Rs >= 32. 1929 assign( 1930 *res, 1931 binop( 1932 Iop_And32, 1933 binop(Iop_Shr32, 1934 mkexpr(rMt), 1935 unop(Iop_32to8, 1936 binop(Iop_And32, mkexpr(rSt), mkU32(31)))), 1937 binop(Iop_Sar32, 1938 binop(Iop_Sub32, 1939 mkexpr(amtT), 1940 mkU32(32)), 1941 mkU8(31)))); 1942 DIS(buf, "r%u, LSR r%u", rM, rS); 1943 } 1944 1945 1946 static void compute_result_and_C_after_ASR_by_imm5 ( 1947 /*OUT*/HChar* buf, 1948 IRTemp* res, 1949 IRTemp* newC, 1950 IRTemp rMt, UInt shift_amt, /* operands */ 1951 UInt rM /* only for debug printing */ 1952 ) 1953 { 1954 if (shift_amt == 0) { 1955 // conceptually a 32-bit shift, however: 1956 // res = Rm >>s 31 1957 // newC = Rm[31] 1958 if (newC) { 1959 assign( *newC, 1960 binop(Iop_And32, 1961 binop(Iop_Shr32, mkexpr(rMt), mkU8(31)), 1962 mkU32(1))); 1963 } 1964 assign( *res, binop(Iop_Sar32, mkexpr(rMt), mkU8(31)) ); 1965 DIS(buf, "r%u, ASR #0(a.k.a. 32)", rM); 1966 } else { 1967 // shift in range 1..31 1968 // res = Rm >>s shift_amt 1969 // newC = Rm[shift_amt - 1] 1970 vassert(shift_amt >= 1 && shift_amt <= 31); 1971 if (newC) { 1972 assign( *newC, 1973 binop(Iop_And32, 1974 binop(Iop_Shr32, mkexpr(rMt), 1975 mkU8(shift_amt - 1)), 1976 mkU32(1))); 1977 } 1978 assign( *res, 1979 binop(Iop_Sar32, mkexpr(rMt), mkU8(shift_amt)) ); 1980 DIS(buf, "r%u, ASR #%u", rM, shift_amt); 1981 } 1982 } 1983 1984 1985 static void compute_result_and_C_after_ASR_by_reg ( 1986 /*OUT*/HChar* buf, 1987 IRTemp* res, 1988 IRTemp* newC, 1989 IRTemp rMt, IRTemp rSt, /* operands */ 1990 UInt rM, UInt rS /* only for debug printing */ 1991 ) 1992 { 1993 // arithmetic shift right in range 0 .. 255 1994 // amt = rS & 255 1995 // res = amt < 32 ? Rm >>s amt : Rm >>s 31 1996 // newC = amt == 0 ? oldC : 1997 // amt in 1..32 ? Rm[amt-1] : Rm[31] 1998 IRTemp amtT = newTemp(Ity_I32); 1999 assign( amtT, binop(Iop_And32, mkexpr(rSt), mkU32(255)) ); 2000 if (newC) { 2001 /* mux0X(amt == 0, 2002 mux0X(amt < 32, 2003 Rm[31], 2004 Rm[(amt-1) & 31]) 2005 oldC) 2006 */ 2007 IRTemp oldC = newTemp(Ity_I32); 2008 assign(oldC, mk_armg_calculate_flag_c() ); 2009 assign( 2010 *newC, 2011 IRExpr_Mux0X( 2012 unop(Iop_1Uto8, 2013 binop(Iop_CmpEQ32, mkexpr(amtT), mkU32(0))), 2014 IRExpr_Mux0X( 2015 unop(Iop_1Uto8, 2016 binop(Iop_CmpLE32U, mkexpr(amtT), mkU32(32))), 2017 binop(Iop_And32, 2018 binop(Iop_Shr32, 2019 mkexpr(rMt), 2020 mkU8(31) 2021 ), 2022 mkU32(1) 2023 ), 2024 binop(Iop_And32, 2025 binop(Iop_Shr32, 2026 mkexpr(rMt), 2027 unop(Iop_32to8, 2028 binop(Iop_And32, 2029 binop(Iop_Sub32, 2030 mkexpr(amtT), 2031 mkU32(1)), 2032 mkU32(31) 2033 ) 2034 ) 2035 ), 2036 mkU32(1) 2037 ) 2038 ), 2039 mkexpr(oldC) 2040 ) 2041 ); 2042 } 2043 // (Rm >>s (amt <u 32 ? amt : 31)) 2044 assign( 2045 *res, 2046 binop( 2047 Iop_Sar32, 2048 mkexpr(rMt), 2049 unop( 2050 Iop_32to8, 2051 IRExpr_Mux0X( 2052 unop( 2053 Iop_1Uto8, 2054 binop(Iop_CmpLT32U, mkexpr(amtT), mkU32(32))), 2055 mkU32(31), 2056 mkexpr(amtT))))); 2057 DIS(buf, "r%u, ASR r%u", rM, rS); 2058 } 2059 2060 2061 static void compute_result_and_C_after_ROR_by_reg ( 2062 /*OUT*/HChar* buf, 2063 IRTemp* res, 2064 IRTemp* newC, 2065 IRTemp rMt, IRTemp rSt, /* operands */ 2066 UInt rM, UInt rS /* only for debug printing */ 2067 ) 2068 { 2069 // rotate right in range 0 .. 255 2070 // amt = rS & 255 2071 // shop = Rm `ror` (amt & 31) 2072 // shco = amt == 0 ? oldC : Rm[(amt-1) & 31] 2073 IRTemp amtT = newTemp(Ity_I32); 2074 assign( amtT, binop(Iop_And32, mkexpr(rSt), mkU32(255)) ); 2075 IRTemp amt5T = newTemp(Ity_I32); 2076 assign( amt5T, binop(Iop_And32, mkexpr(rSt), mkU32(31)) ); 2077 IRTemp oldC = newTemp(Ity_I32); 2078 assign(oldC, mk_armg_calculate_flag_c() ); 2079 if (newC) { 2080 assign( 2081 *newC, 2082 IRExpr_Mux0X( 2083 unop(Iop_32to8, mkexpr(amtT)), 2084 mkexpr(oldC), 2085 binop(Iop_And32, 2086 binop(Iop_Shr32, 2087 mkexpr(rMt), 2088 unop(Iop_32to8, 2089 binop(Iop_And32, 2090 binop(Iop_Sub32, 2091 mkexpr(amtT), 2092 mkU32(1) 2093 ), 2094 mkU32(31) 2095 ) 2096 ) 2097 ), 2098 mkU32(1) 2099 ) 2100 ) 2101 ); 2102 } 2103 assign( 2104 *res, 2105 IRExpr_Mux0X( 2106 unop(Iop_32to8, mkexpr(amt5T)), mkexpr(rMt), 2107 binop(Iop_Or32, 2108 binop(Iop_Shr32, 2109 mkexpr(rMt), 2110 unop(Iop_32to8, mkexpr(amt5T)) 2111 ), 2112 binop(Iop_Shl32, 2113 mkexpr(rMt), 2114 unop(Iop_32to8, 2115 binop(Iop_Sub32, mkU32(32), mkexpr(amt5T)) 2116 ) 2117 ) 2118 ) 2119 ) 2120 ); 2121 DIS(buf, "r%u, ROR r#%u", rM, rS); 2122 } 2123 2124 2125 /* Generate an expression corresponding to the immediate-shift case of 2126 a shifter operand. This is used both for ARM and Thumb2. 2127 2128 Bind it to a temporary, and return that via *res. If newC is 2129 non-NULL, also compute a value for the shifter's carry out (in the 2130 LSB of a word), bind it to a temporary, and return that via *shco. 2131 2132 Generates GETs from the guest state and is therefore not safe to 2133 use once we start doing PUTs to it, for any given instruction. 2134 2135 'how' is encoded thusly: 2136 00b LSL, 01b LSR, 10b ASR, 11b ROR 2137 Most but not all ARM and Thumb integer insns use this encoding. 2138 Be careful to ensure the right value is passed here. 2139 */ 2140 static void compute_result_and_C_after_shift_by_imm5 ( 2141 /*OUT*/HChar* buf, 2142 /*OUT*/IRTemp* res, 2143 /*OUT*/IRTemp* newC, 2144 IRTemp rMt, /* reg to shift */ 2145 UInt how, /* what kind of shift */ 2146 UInt shift_amt, /* shift amount (0..31) */ 2147 UInt rM /* only for debug printing */ 2148 ) 2149 { 2150 vassert(shift_amt < 32); 2151 vassert(how < 4); 2152 2153 switch (how) { 2154 2155 case 0: 2156 compute_result_and_C_after_LSL_by_imm5( 2157 buf, res, newC, rMt, shift_amt, rM 2158 ); 2159 break; 2160 2161 case 1: 2162 compute_result_and_C_after_LSR_by_imm5( 2163 buf, res, newC, rMt, shift_amt, rM 2164 ); 2165 break; 2166 2167 case 2: 2168 compute_result_and_C_after_ASR_by_imm5( 2169 buf, res, newC, rMt, shift_amt, rM 2170 ); 2171 break; 2172 2173 case 3: 2174 if (shift_amt == 0) { 2175 IRTemp oldcT = newTemp(Ity_I32); 2176 // rotate right 1 bit through carry (?) 2177 // RRX -- described at ARM ARM A5-17 2178 // res = (oldC << 31) | (Rm >>u 1) 2179 // newC = Rm[0] 2180 if (newC) { 2181 assign( *newC, 2182 binop(Iop_And32, mkexpr(rMt), mkU32(1))); 2183 } 2184 assign( oldcT, mk_armg_calculate_flag_c() ); 2185 assign( *res, 2186 binop(Iop_Or32, 2187 binop(Iop_Shl32, mkexpr(oldcT), mkU8(31)), 2188 binop(Iop_Shr32, mkexpr(rMt), mkU8(1))) ); 2189 DIS(buf, "r%u, RRX", rM); 2190 } else { 2191 // rotate right in range 1..31 2192 // res = Rm `ror` shift_amt 2193 // newC = Rm[shift_amt - 1] 2194 vassert(shift_amt >= 1 && shift_amt <= 31); 2195 if (newC) { 2196 assign( *newC, 2197 binop(Iop_And32, 2198 binop(Iop_Shr32, mkexpr(rMt), 2199 mkU8(shift_amt - 1)), 2200 mkU32(1))); 2201 } 2202 assign( *res, 2203 binop(Iop_Or32, 2204 binop(Iop_Shr32, mkexpr(rMt), mkU8(shift_amt)), 2205 binop(Iop_Shl32, mkexpr(rMt), 2206 mkU8(32-shift_amt)))); 2207 DIS(buf, "r%u, ROR #%u", rM, shift_amt); 2208 } 2209 break; 2210 2211 default: 2212 /*NOTREACHED*/ 2213 vassert(0); 2214 } 2215 } 2216 2217 2218 /* Generate an expression corresponding to the register-shift case of 2219 a shifter operand. This is used both for ARM and Thumb2. 2220 2221 Bind it to a temporary, and return that via *res. If newC is 2222 non-NULL, also compute a value for the shifter's carry out (in the 2223 LSB of a word), bind it to a temporary, and return that via *shco. 2224 2225 Generates GETs from the guest state and is therefore not safe to 2226 use once we start doing PUTs to it, for any given instruction. 2227 2228 'how' is encoded thusly: 2229 00b LSL, 01b LSR, 10b ASR, 11b ROR 2230 Most but not all ARM and Thumb integer insns use this encoding. 2231 Be careful to ensure the right value is passed here. 2232 */ 2233 static void compute_result_and_C_after_shift_by_reg ( 2234 /*OUT*/HChar* buf, 2235 /*OUT*/IRTemp* res, 2236 /*OUT*/IRTemp* newC, 2237 IRTemp rMt, /* reg to shift */ 2238 UInt how, /* what kind of shift */ 2239 IRTemp rSt, /* shift amount */ 2240 UInt rM, /* only for debug printing */ 2241 UInt rS /* only for debug printing */ 2242 ) 2243 { 2244 vassert(how < 4); 2245 switch (how) { 2246 case 0: { /* LSL */ 2247 compute_result_and_C_after_LSL_by_reg( 2248 buf, res, newC, rMt, rSt, rM, rS 2249 ); 2250 break; 2251 } 2252 case 1: { /* LSR */ 2253 compute_result_and_C_after_LSR_by_reg( 2254 buf, res, newC, rMt, rSt, rM, rS 2255 ); 2256 break; 2257 } 2258 case 2: { /* ASR */ 2259 compute_result_and_C_after_ASR_by_reg( 2260 buf, res, newC, rMt, rSt, rM, rS 2261 ); 2262 break; 2263 } 2264 case 3: { /* ROR */ 2265 compute_result_and_C_after_ROR_by_reg( 2266 buf, res, newC, rMt, rSt, rM, rS 2267 ); 2268 break; 2269 } 2270 default: 2271 /*NOTREACHED*/ 2272 vassert(0); 2273 } 2274 } 2275 2276 2277 /* Generate an expression corresponding to a shifter_operand, bind it 2278 to a temporary, and return that via *shop. If shco is non-NULL, 2279 also compute a value for the shifter's carry out (in the LSB of a 2280 word), bind it to a temporary, and return that via *shco. 2281 2282 If for some reason we can't come up with a shifter operand (missing 2283 case? not really a shifter operand?) return False. 2284 2285 Generates GETs from the guest state and is therefore not safe to 2286 use once we start doing PUTs to it, for any given instruction. 2287 2288 For ARM insns only; not for Thumb. 2289 */ 2290 static Bool mk_shifter_operand ( UInt insn_25, UInt insn_11_0, 2291 /*OUT*/IRTemp* shop, 2292 /*OUT*/IRTemp* shco, 2293 /*OUT*/HChar* buf ) 2294 { 2295 UInt insn_4 = (insn_11_0 >> 4) & 1; 2296 UInt insn_7 = (insn_11_0 >> 7) & 1; 2297 vassert(insn_25 <= 0x1); 2298 vassert(insn_11_0 <= 0xFFF); 2299 2300 vassert(shop && *shop == IRTemp_INVALID); 2301 *shop = newTemp(Ity_I32); 2302 2303 if (shco) { 2304 vassert(*shco == IRTemp_INVALID); 2305 *shco = newTemp(Ity_I32); 2306 } 2307 2308 /* 32-bit immediate */ 2309 2310 if (insn_25 == 1) { 2311 /* immediate: (7:0) rotated right by 2 * (11:8) */ 2312 UInt imm = (insn_11_0 >> 0) & 0xFF; 2313 UInt rot = 2 * ((insn_11_0 >> 8) & 0xF); 2314 vassert(rot <= 30); 2315 imm = ROR32(imm, rot); 2316 if (shco) { 2317 if (rot == 0) { 2318 assign( *shco, mk_armg_calculate_flag_c() ); 2319 } else { 2320 assign( *shco, mkU32( (imm >> 31) & 1 ) ); 2321 } 2322 } 2323 DIS(buf, "#0x%x", imm); 2324 assign( *shop, mkU32(imm) ); 2325 return True; 2326 } 2327 2328 /* Shift/rotate by immediate */ 2329 2330 if (insn_25 == 0 && insn_4 == 0) { 2331 /* Rm (3:0) shifted (6:5) by immediate (11:7) */ 2332 UInt shift_amt = (insn_11_0 >> 7) & 0x1F; 2333 UInt rM = (insn_11_0 >> 0) & 0xF; 2334 UInt how = (insn_11_0 >> 5) & 3; 2335 /* how: 00 = Shl, 01 = Shr, 10 = Sar, 11 = Ror */ 2336 IRTemp rMt = newTemp(Ity_I32); 2337 assign(rMt, getIRegA(rM)); 2338 2339 vassert(shift_amt <= 31); 2340 2341 compute_result_and_C_after_shift_by_imm5( 2342 buf, shop, shco, rMt, how, shift_amt, rM 2343 ); 2344 return True; 2345 } 2346 2347 /* Shift/rotate by register */ 2348 if (insn_25 == 0 && insn_4 == 1) { 2349 /* Rm (3:0) shifted (6:5) by Rs (11:8) */ 2350 UInt rM = (insn_11_0 >> 0) & 0xF; 2351 UInt rS = (insn_11_0 >> 8) & 0xF; 2352 UInt how = (insn_11_0 >> 5) & 3; 2353 /* how: 00 = Shl, 01 = Shr, 10 = Sar, 11 = Ror */ 2354 IRTemp rMt = newTemp(Ity_I32); 2355 IRTemp rSt = newTemp(Ity_I32); 2356 2357 if (insn_7 == 1) 2358 return False; /* not really a shifter operand */ 2359 2360 assign(rMt, getIRegA(rM)); 2361 assign(rSt, getIRegA(rS)); 2362 2363 compute_result_and_C_after_shift_by_reg( 2364 buf, shop, shco, rMt, how, rSt, rM, rS 2365 ); 2366 return True; 2367 } 2368 2369 vex_printf("mk_shifter_operand(0x%x,0x%x)\n", insn_25, insn_11_0 ); 2370 return False; 2371 } 2372 2373 2374 /* ARM only */ 2375 static 2376 IRExpr* mk_EA_reg_plusminus_imm12 ( UInt rN, UInt bU, UInt imm12, 2377 /*OUT*/HChar* buf ) 2378 { 2379 vassert(rN < 16); 2380 vassert(bU < 2); 2381 vassert(imm12 < 0x1000); 2382 UChar opChar = bU == 1 ? '+' : '-'; 2383 DIS(buf, "[r%u, #%c%u]", rN, opChar, imm12); 2384 return 2385 binop( (bU == 1 ? Iop_Add32 : Iop_Sub32), 2386 getIRegA(rN), 2387 mkU32(imm12) ); 2388 } 2389 2390 2391 /* ARM only. 2392 NB: This is "DecodeImmShift" in newer versions of the the ARM ARM. 2393 */ 2394 static 2395 IRExpr* mk_EA_reg_plusminus_shifted_reg ( UInt rN, UInt bU, UInt rM, 2396 UInt sh2, UInt imm5, 2397 /*OUT*/HChar* buf ) 2398 { 2399 vassert(rN < 16); 2400 vassert(bU < 2); 2401 vassert(rM < 16); 2402 vassert(sh2 < 4); 2403 vassert(imm5 < 32); 2404 UChar opChar = bU == 1 ? '+' : '-'; 2405 IRExpr* index = NULL; 2406 switch (sh2) { 2407 case 0: /* LSL */ 2408 /* imm5 can be in the range 0 .. 31 inclusive. */ 2409 index = binop(Iop_Shl32, getIRegA(rM), mkU8(imm5)); 2410 DIS(buf, "[r%u, %c r%u LSL #%u]", rN, opChar, rM, imm5); 2411 break; 2412 case 1: /* LSR */ 2413 if (imm5 == 0) { 2414 index = mkU32(0); 2415 vassert(0); // ATC 2416 } else { 2417 index = binop(Iop_Shr32, getIRegA(rM), mkU8(imm5)); 2418 } 2419 DIS(buf, "[r%u, %cr%u, LSR #%u]", 2420 rN, opChar, rM, imm5 == 0 ? 32 : imm5); 2421 break; 2422 case 2: /* ASR */ 2423 /* Doesn't this just mean that the behaviour with imm5 == 0 2424 is the same as if it had been 31 ? */ 2425 if (imm5 == 0) { 2426 index = binop(Iop_Sar32, getIRegA(rM), mkU8(31)); 2427 vassert(0); // ATC 2428 } else { 2429 index = binop(Iop_Sar32, getIRegA(rM), mkU8(imm5)); 2430 } 2431 DIS(buf, "[r%u, %cr%u, ASR #%u]", 2432 rN, opChar, rM, imm5 == 0 ? 32 : imm5); 2433 break; 2434 case 3: /* ROR or RRX */ 2435 if (imm5 == 0) { 2436 IRTemp rmT = newTemp(Ity_I32); 2437 IRTemp cflagT = newTemp(Ity_I32); 2438 assign(rmT, getIRegA(rM)); 2439 assign(cflagT, mk_armg_calculate_flag_c()); 2440 index = binop(Iop_Or32, 2441 binop(Iop_Shl32, mkexpr(cflagT), mkU8(31)), 2442 binop(Iop_Shr32, mkexpr(rmT), mkU8(1))); 2443 DIS(buf, "[r%u, %cr%u, RRX]", rN, opChar, rM); 2444 } else { 2445 IRTemp rmT = newTemp(Ity_I32); 2446 assign(rmT, getIRegA(rM)); 2447 vassert(imm5 >= 1 && imm5 <= 31); 2448 index = binop(Iop_Or32, 2449 binop(Iop_Shl32, mkexpr(rmT), mkU8(32-imm5)), 2450 binop(Iop_Shr32, mkexpr(rmT), mkU8(imm5))); 2451 DIS(buf, "[r%u, %cr%u, ROR #%u]", rN, opChar, rM, imm5); 2452 } 2453 break; 2454 default: 2455 vassert(0); 2456 } 2457 vassert(index); 2458 return binop(bU == 1 ? Iop_Add32 : Iop_Sub32, 2459 getIRegA(rN), index); 2460 } 2461 2462 2463 /* ARM only */ 2464 static 2465 IRExpr* mk_EA_reg_plusminus_imm8 ( UInt rN, UInt bU, UInt imm8, 2466 /*OUT*/HChar* buf ) 2467 { 2468 vassert(rN < 16); 2469 vassert(bU < 2); 2470 vassert(imm8 < 0x100); 2471 UChar opChar = bU == 1 ? '+' : '-'; 2472 DIS(buf, "[r%u, #%c%u]", rN, opChar, imm8); 2473 return 2474 binop( (bU == 1 ? Iop_Add32 : Iop_Sub32), 2475 getIRegA(rN), 2476 mkU32(imm8) ); 2477 } 2478 2479 2480 /* ARM only */ 2481 static 2482 IRExpr* mk_EA_reg_plusminus_reg ( UInt rN, UInt bU, UInt rM, 2483 /*OUT*/HChar* buf ) 2484 { 2485 vassert(rN < 16); 2486 vassert(bU < 2); 2487 vassert(rM < 16); 2488 UChar opChar = bU == 1 ? '+' : '-'; 2489 IRExpr* index = getIRegA(rM); 2490 DIS(buf, "[r%u, %c r%u]", rN, opChar, rM); 2491 return binop(bU == 1 ? Iop_Add32 : Iop_Sub32, 2492 getIRegA(rN), index); 2493 } 2494 2495 2496 /* irRes :: Ity_I32 holds a floating point comparison result encoded 2497 as an IRCmpF64Result. Generate code to convert it to an 2498 ARM-encoded (N,Z,C,V) group in the lowest 4 bits of an I32 value. 2499 Assign a new temp to hold that value, and return the temp. */ 2500 static 2501 IRTemp mk_convert_IRCmpF64Result_to_NZCV ( IRTemp irRes ) 2502 { 2503 IRTemp ix = newTemp(Ity_I32); 2504 IRTemp termL = newTemp(Ity_I32); 2505 IRTemp termR = newTemp(Ity_I32); 2506 IRTemp nzcv = newTemp(Ity_I32); 2507 2508 /* This is where the fun starts. We have to convert 'irRes' from 2509 an IR-convention return result (IRCmpF64Result) to an 2510 ARM-encoded (N,Z,C,V) group. The final result is in the bottom 2511 4 bits of 'nzcv'. */ 2512 /* Map compare result from IR to ARM(nzcv) */ 2513 /* 2514 FP cmp result | IR | ARM(nzcv) 2515 -------------------------------- 2516 UN 0x45 0011 2517 LT 0x01 1000 2518 GT 0x00 0010 2519 EQ 0x40 0110 2520 */ 2521 /* Now since you're probably wondering WTF .. 2522 2523 ix fishes the useful bits out of the IR value, bits 6 and 0, and 2524 places them side by side, giving a number which is 0, 1, 2 or 3. 2525 2526 termL is a sequence cooked up by GNU superopt. It converts ix 2527 into an almost correct value NZCV value (incredibly), except 2528 for the case of UN, where it produces 0100 instead of the 2529 required 0011. 2530 2531 termR is therefore a correction term, also computed from ix. It 2532 is 1 in the UN case and 0 for LT, GT and UN. Hence, to get 2533 the final correct value, we subtract termR from termL. 2534 2535 Don't take my word for it. There's a test program at the bottom 2536 of this file, to try this out with. 2537 */ 2538 assign( 2539 ix, 2540 binop(Iop_Or32, 2541 binop(Iop_And32, 2542 binop(Iop_Shr32, mkexpr(irRes), mkU8(5)), 2543 mkU32(3)), 2544 binop(Iop_And32, mkexpr(irRes), mkU32(1)))); 2545 2546 assign( 2547 termL, 2548 binop(Iop_Add32, 2549 binop(Iop_Shr32, 2550 binop(Iop_Sub32, 2551 binop(Iop_Shl32, 2552 binop(Iop_Xor32, mkexpr(ix), mkU32(1)), 2553 mkU8(30)), 2554 mkU32(1)), 2555 mkU8(29)), 2556 mkU32(1))); 2557 2558 assign( 2559 termR, 2560 binop(Iop_And32, 2561 binop(Iop_And32, 2562 mkexpr(ix), 2563 binop(Iop_Shr32, mkexpr(ix), mkU8(1))), 2564 mkU32(1))); 2565 2566 assign(nzcv, binop(Iop_Sub32, mkexpr(termL), mkexpr(termR))); 2567 return nzcv; 2568 } 2569 2570 2571 /* Thumb32 only. This is "ThumbExpandImm" in the ARM ARM. If 2572 updatesC is non-NULL, a boolean is written to it indicating whether 2573 or not the C flag is updated, as per ARM ARM "ThumbExpandImm_C". 2574 */ 2575 static UInt thumbExpandImm ( Bool* updatesC, 2576 UInt imm1, UInt imm3, UInt imm8 ) 2577 { 2578 vassert(imm1 < (1<<1)); 2579 vassert(imm3 < (1<<3)); 2580 vassert(imm8 < (1<<8)); 2581 UInt i_imm3_a = (imm1 << 4) | (imm3 << 1) | ((imm8 >> 7) & 1); 2582 UInt abcdefgh = imm8; 2583 UInt lbcdefgh = imm8 | 0x80; 2584 if (updatesC) { 2585 *updatesC = i_imm3_a >= 8; 2586 } 2587 switch (i_imm3_a) { 2588 case 0: case 1: 2589 return abcdefgh; 2590 case 2: case 3: 2591 return (abcdefgh << 16) | abcdefgh; 2592 case 4: case 5: 2593 return (abcdefgh << 24) | (abcdefgh << 8); 2594 case 6: case 7: 2595 return (abcdefgh << 24) | (abcdefgh << 16) 2596 | (abcdefgh << 8) | abcdefgh; 2597 case 8 ... 31: 2598 return lbcdefgh << (32 - i_imm3_a); 2599 default: 2600 break; 2601 } 2602 /*NOTREACHED*/vassert(0); 2603 } 2604 2605 2606 /* Version of thumbExpandImm where we simply feed it the 2607 instruction halfwords (the lowest addressed one is I0). */ 2608 static UInt thumbExpandImm_from_I0_I1 ( Bool* updatesC, 2609 UShort i0s, UShort i1s ) 2610 { 2611 UInt i0 = (UInt)i0s; 2612 UInt i1 = (UInt)i1s; 2613 UInt imm1 = SLICE_UInt(i0,10,10); 2614 UInt imm3 = SLICE_UInt(i1,14,12); 2615 UInt imm8 = SLICE_UInt(i1,7,0); 2616 return thumbExpandImm(updatesC, imm1, imm3, imm8); 2617 } 2618 2619 2620 /* Thumb16 only. Given the firstcond and mask fields from an IT 2621 instruction, compute the 32-bit ITSTATE value implied, as described 2622 in libvex_guest_arm.h. This is not the ARM ARM representation. 2623 Also produce the t/e chars for the 2nd, 3rd, 4th insns, for 2624 disassembly printing. Returns False if firstcond or mask 2625 denote something invalid. 2626 2627 The number and conditions for the instructions to be 2628 conditionalised depend on firstcond and mask: 2629 2630 mask cond 1 cond 2 cond 3 cond 4 2631 2632 1000 fc[3:0] 2633 x100 fc[3:0] fc[3:1]:x 2634 xy10 fc[3:0] fc[3:1]:x fc[3:1]:y 2635 xyz1 fc[3:0] fc[3:1]:x fc[3:1]:y fc[3:1]:z 2636 2637 The condition fields are assembled in *itstate backwards (cond 4 at 2638 the top, cond 1 at the bottom). Conditions are << 4'd and then 2639 ^0xE'd, and those fields that correspond to instructions in the IT 2640 block are tagged with a 1 bit. 2641 */ 2642 static Bool compute_ITSTATE ( /*OUT*/UInt* itstate, 2643 /*OUT*/UChar* ch1, 2644 /*OUT*/UChar* ch2, 2645 /*OUT*/UChar* ch3, 2646 UInt firstcond, UInt mask ) 2647 { 2648 vassert(firstcond <= 0xF); 2649 vassert(mask <= 0xF); 2650 *itstate = 0; 2651 *ch1 = *ch2 = *ch3 = '.'; 2652 if (mask == 0) 2653 return False; /* the logic below actually ensures this anyway, 2654 but clearer to make it explicit. */ 2655 if (firstcond == 0xF) 2656 return False; /* NV is not allowed */ 2657 if (firstcond == 0xE && popcount32(mask) != 1) 2658 return False; /* if firstcond is AL then all the rest must be too */ 2659 2660 UInt m3 = (mask >> 3) & 1; 2661 UInt m2 = (mask >> 2) & 1; 2662 UInt m1 = (mask >> 1) & 1; 2663 UInt m0 = (mask >> 0) & 1; 2664 2665 UInt fc = (firstcond << 4) | 1/*in-IT-block*/; 2666 UInt ni = (0xE/*AL*/ << 4) | 0/*not-in-IT-block*/; 2667 2668 if (m3 == 1 && (m2|m1|m0) == 0) { 2669 *itstate = (ni << 24) | (ni << 16) | (ni << 8) | fc; 2670 *itstate ^= 0xE0E0E0E0; 2671 return True; 2672 } 2673 2674 if (m2 == 1 && (m1|m0) == 0) { 2675 *itstate = (ni << 24) | (ni << 16) | (setbit32(fc, 4, m3) << 8) | fc; 2676 *itstate ^= 0xE0E0E0E0; 2677 *ch1 = m3 == (firstcond & 1) ? 't' : 'e'; 2678 return True; 2679 } 2680 2681 if (m1 == 1 && m0 == 0) { 2682 *itstate = (ni << 24) 2683 | (setbit32(fc, 4, m2) << 16) 2684 | (setbit32(fc, 4, m3) << 8) | fc; 2685 *itstate ^= 0xE0E0E0E0; 2686 *ch1 = m3 == (firstcond & 1) ? 't' : 'e'; 2687 *ch2 = m2 == (firstcond & 1) ? 't' : 'e'; 2688 return True; 2689 } 2690 2691 if (m0 == 1) { 2692 *itstate = (setbit32(fc, 4, m1) << 24) 2693 | (setbit32(fc, 4, m2) << 16) 2694 | (setbit32(fc, 4, m3) << 8) | fc; 2695 *itstate ^= 0xE0E0E0E0; 2696 *ch1 = m3 == (firstcond & 1) ? 't' : 'e'; 2697 *ch2 = m2 == (firstcond & 1) ? 't' : 'e'; 2698 *ch3 = m1 == (firstcond & 1) ? 't' : 'e'; 2699 return True; 2700 } 2701 2702 return False; 2703 } 2704 2705 2706 /* Generate IR to do 32-bit bit reversal, a la Hacker's Delight 2707 Chapter 7 Section 1. */ 2708 static IRTemp gen_BITREV ( IRTemp x0 ) 2709 { 2710 IRTemp x1 = newTemp(Ity_I32); 2711 IRTemp x2 = newTemp(Ity_I32); 2712 IRTemp x3 = newTemp(Ity_I32); 2713 IRTemp x4 = newTemp(Ity_I32); 2714 IRTemp x5 = newTemp(Ity_I32); 2715 UInt c1 = 0x55555555; 2716 UInt c2 = 0x33333333; 2717 UInt c3 = 0x0F0F0F0F; 2718 UInt c4 = 0x00FF00FF; 2719 UInt c5 = 0x0000FFFF; 2720 assign(x1, 2721 binop(Iop_Or32, 2722 binop(Iop_Shl32, 2723 binop(Iop_And32, mkexpr(x0), mkU32(c1)), 2724 mkU8(1)), 2725 binop(Iop_Shr32, 2726 binop(Iop_And32, mkexpr(x0), mkU32(~c1)), 2727 mkU8(1)) 2728 )); 2729 assign(x2, 2730 binop(Iop_Or32, 2731 binop(Iop_Shl32, 2732 binop(Iop_And32, mkexpr(x1), mkU32(c2)), 2733 mkU8(2)), 2734 binop(Iop_Shr32, 2735 binop(Iop_And32, mkexpr(x1), mkU32(~c2)), 2736 mkU8(2)) 2737 )); 2738 assign(x3, 2739 binop(Iop_Or32, 2740 binop(Iop_Shl32, 2741 binop(Iop_And32, mkexpr(x2), mkU32(c3)), 2742 mkU8(4)), 2743 binop(Iop_Shr32, 2744 binop(Iop_And32, mkexpr(x2), mkU32(~c3)), 2745 mkU8(4)) 2746 )); 2747 assign(x4, 2748 binop(Iop_Or32, 2749 binop(Iop_Shl32, 2750 binop(Iop_And32, mkexpr(x3), mkU32(c4)), 2751 mkU8(8)), 2752 binop(Iop_Shr32, 2753 binop(Iop_And32, mkexpr(x3), mkU32(~c4)), 2754 mkU8(8)) 2755 )); 2756 assign(x5, 2757 binop(Iop_Or32, 2758 binop(Iop_Shl32, 2759 binop(Iop_And32, mkexpr(x4), mkU32(c5)), 2760 mkU8(16)), 2761 binop(Iop_Shr32, 2762 binop(Iop_And32, mkexpr(x4), mkU32(~c5)), 2763 mkU8(16)) 2764 )); 2765 return x5; 2766 } 2767 2768 2769 /* Generate IR to do rearrange bytes 3:2:1:0 in a word in to the order 2770 0:1:2:3 (aka byte-swap). */ 2771 static IRTemp gen_REV ( IRTemp arg ) 2772 { 2773 IRTemp res = newTemp(Ity_I32); 2774 assign(res, 2775 binop(Iop_Or32, 2776 binop(Iop_Shl32, mkexpr(arg), mkU8(24)), 2777 binop(Iop_Or32, 2778 binop(Iop_And32, binop(Iop_Shl32, mkexpr(arg), mkU8(8)), 2779 mkU32(0x00FF0000)), 2780 binop(Iop_Or32, 2781 binop(Iop_And32, binop(Iop_Shr32, mkexpr(arg), mkU8(8)), 2782 mkU32(0x0000FF00)), 2783 binop(Iop_And32, binop(Iop_Shr32, mkexpr(arg), mkU8(24)), 2784 mkU32(0x000000FF) ) 2785 )))); 2786 return res; 2787 } 2788 2789 2790 /* Generate IR to do rearrange bytes 3:2:1:0 in a word in to the order 2791 2:3:0:1 (swap within lo and hi halves). */ 2792 static IRTemp gen_REV16 ( IRTemp arg ) 2793 { 2794 IRTemp res = newTemp(Ity_I32); 2795 assign(res, 2796 binop(Iop_Or32, 2797 binop(Iop_And32, 2798 binop(Iop_Shl32, mkexpr(arg), mkU8(8)), 2799 mkU32(0xFF00FF00)), 2800 binop(Iop_And32, 2801 binop(Iop_Shr32, mkexpr(arg), mkU8(8)), 2802 mkU32(0x00FF00FF)))); 2803 return res; 2804 } 2805 2806 2807 /*------------------------------------------------------------*/ 2808 /*--- Advanced SIMD (NEON) instructions ---*/ 2809 /*------------------------------------------------------------*/ 2810 2811 /*------------------------------------------------------------*/ 2812 /*--- NEON data processing ---*/ 2813 /*------------------------------------------------------------*/ 2814 2815 /* For all NEON DP ops, we use the normal scheme to handle conditional 2816 writes to registers -- pass in condT and hand that on to the 2817 put*Reg functions. In ARM mode condT is always IRTemp_INVALID 2818 since NEON is unconditional for ARM. In Thumb mode condT is 2819 derived from the ITSTATE shift register in the normal way. */ 2820 2821 static 2822 UInt get_neon_d_regno(UInt theInstr) 2823 { 2824 UInt x = ((theInstr >> 18) & 0x10) | ((theInstr >> 12) & 0xF); 2825 if (theInstr & 0x40) { 2826 if (x & 1) { 2827 x = x + 0x100; 2828 } else { 2829 x = x >> 1; 2830 } 2831 } 2832 return x; 2833 } 2834 2835 static 2836 UInt get_neon_n_regno(UInt theInstr) 2837 { 2838 UInt x = ((theInstr >> 3) & 0x10) | ((theInstr >> 16) & 0xF); 2839 if (theInstr & 0x40) { 2840 if (x & 1) { 2841 x = x + 0x100; 2842 } else { 2843 x = x >> 1; 2844 } 2845 } 2846 return x; 2847 } 2848 2849 static 2850 UInt get_neon_m_regno(UInt theInstr) 2851 { 2852 UInt x = ((theInstr >> 1) & 0x10) | (theInstr & 0xF); 2853 if (theInstr & 0x40) { 2854 if (x & 1) { 2855 x = x + 0x100; 2856 } else { 2857 x = x >> 1; 2858 } 2859 } 2860 return x; 2861 } 2862 2863 static 2864 Bool dis_neon_vext ( UInt theInstr, IRTemp condT ) 2865 { 2866 UInt dreg = get_neon_d_regno(theInstr); 2867 UInt mreg = get_neon_m_regno(theInstr); 2868 UInt nreg = get_neon_n_regno(theInstr); 2869 UInt imm4 = (theInstr >> 8) & 0xf; 2870 UInt Q = (theInstr >> 6) & 1; 2871 HChar reg_t = Q ? 'q' : 'd'; 2872 2873 if (Q) { 2874 putQReg(dreg, triop(Iop_ExtractV128, getQReg(nreg), 2875 getQReg(mreg), mkU8(imm4)), condT); 2876 } else { 2877 putDRegI64(dreg, triop(Iop_Extract64, getDRegI64(nreg), 2878 getDRegI64(mreg), mkU8(imm4)), condT); 2879 } 2880 DIP("vext.8 %c%d, %c%d, %c%d, #%d\n", reg_t, dreg, reg_t, nreg, 2881 reg_t, mreg, imm4); 2882 return True; 2883 } 2884 2885 /* VTBL, VTBX */ 2886 static 2887 Bool dis_neon_vtb ( UInt theInstr, IRTemp condT ) 2888 { 2889 UInt op = (theInstr >> 6) & 1; 2890 UInt dreg = get_neon_d_regno(theInstr & ~(1 << 6)); 2891 UInt nreg = get_neon_n_regno(theInstr & ~(1 << 6)); 2892 UInt mreg = get_neon_m_regno(theInstr & ~(1 << 6)); 2893 UInt len = (theInstr >> 8) & 3; 2894 Int i; 2895 IROp cmp; 2896 ULong imm; 2897 IRTemp arg_l; 2898 IRTemp old_mask, new_mask, cur_mask; 2899 IRTemp old_res, new_res; 2900 IRTemp old_arg, new_arg; 2901 2902 if (dreg >= 0x100 || mreg >= 0x100 || nreg >= 0x100) 2903 return False; 2904 if (nreg + len > 31) 2905 return False; 2906 2907 cmp = Iop_CmpGT8Ux8; 2908 2909 old_mask = newTemp(Ity_I64); 2910 old_res = newTemp(Ity_I64); 2911 old_arg = newTemp(Ity_I64); 2912 assign(old_mask, mkU64(0)); 2913 assign(old_res, mkU64(0)); 2914 assign(old_arg, getDRegI64(mreg)); 2915 imm = 8; 2916 imm = (imm << 8) | imm; 2917 imm = (imm << 16) | imm; 2918 imm = (imm << 32) | imm; 2919 2920 for (i = 0; i <= len; i++) { 2921 arg_l = newTemp(Ity_I64); 2922 new_mask = newTemp(Ity_I64); 2923 cur_mask = newTemp(Ity_I64); 2924 new_res = newTemp(Ity_I64); 2925 new_arg = newTemp(Ity_I64); 2926 assign(arg_l, getDRegI64(nreg+i)); 2927 assign(new_arg, binop(Iop_Sub8x8, mkexpr(old_arg), mkU64(imm))); 2928 assign(cur_mask, binop(cmp, mkU64(imm), mkexpr(old_arg))); 2929 assign(new_mask, binop(Iop_Or64, mkexpr(old_mask), mkexpr(cur_mask))); 2930 assign(new_res, binop(Iop_Or64, 2931 mkexpr(old_res), 2932 binop(Iop_And64, 2933 binop(Iop_Perm8x8, 2934 mkexpr(arg_l), 2935 binop(Iop_And64, 2936 mkexpr(old_arg), 2937 mkexpr(cur_mask))), 2938 mkexpr(cur_mask)))); 2939 2940 old_arg = new_arg; 2941 old_mask = new_mask; 2942 old_res = new_res; 2943 } 2944 if (op) { 2945 new_res = newTemp(Ity_I64); 2946 assign(new_res, binop(Iop_Or64, 2947 binop(Iop_And64, 2948 getDRegI64(dreg), 2949 unop(Iop_Not64, mkexpr(old_mask))), 2950 mkexpr(old_res))); 2951 old_res = new_res; 2952 } 2953 2954 putDRegI64(dreg, mkexpr(old_res), condT); 2955 DIP("vtb%c.8 d%u, {", op ? 'x' : 'l', dreg); 2956 if (len > 0) { 2957 DIP("d%u-d%u", nreg, nreg + len); 2958 } else { 2959 DIP("d%u", nreg); 2960 } 2961 DIP("}, d%u\n", mreg); 2962 return True; 2963 } 2964 2965 /* VDUP (scalar) */ 2966 static 2967 Bool dis_neon_vdup ( UInt theInstr, IRTemp condT ) 2968 { 2969 UInt Q = (theInstr >> 6) & 1; 2970 UInt dreg = ((theInstr >> 18) & 0x10) | ((theInstr >> 12) & 0xF); 2971 UInt mreg = ((theInstr >> 1) & 0x10) | (theInstr & 0xF); 2972 UInt imm4 = (theInstr >> 16) & 0xF; 2973 UInt index; 2974 UInt size; 2975 IRTemp arg_m; 2976 IRTemp res; 2977 IROp op, op2; 2978 2979 if ((imm4 == 0) || (imm4 == 8)) 2980 return False; 2981 if ((Q == 1) && ((dreg & 1) == 1)) 2982 return False; 2983 if (Q) 2984 dreg >>= 1; 2985 arg_m = newTemp(Ity_I64); 2986 assign(arg_m, getDRegI64(mreg)); 2987 if (Q) 2988 res = newTemp(Ity_V128); 2989 else 2990 res = newTemp(Ity_I64); 2991 if ((imm4 & 1) == 1) { 2992 op = Q ? Iop_Dup8x16 : Iop_Dup8x8; 2993 op2 = Iop_GetElem8x8; 2994 index = imm4 >> 1; 2995 size = 8; 2996 } else if ((imm4 & 3) == 2) { 2997 op = Q ? Iop_Dup16x8 : Iop_Dup16x4; 2998 op2 = Iop_GetElem16x4; 2999 index = imm4 >> 2; 3000 size = 16; 3001 } else if ((imm4 & 7) == 4) { 3002 op = Q ? Iop_Dup32x4 : Iop_Dup32x2; 3003 op2 = Iop_GetElem32x2; 3004 index = imm4 >> 3; 3005 size = 32; 3006 } else { 3007 return False; // can this ever happen? 3008 } 3009 assign(res, unop(op, binop(op2, mkexpr(arg_m), mkU8(index)))); 3010 if (Q) { 3011 putQReg(dreg, mkexpr(res), condT); 3012 } else { 3013 putDRegI64(dreg, mkexpr(res), condT); 3014 } 3015 DIP("vdup.%d %c%d, d%d[%d]\n", size, Q ? 'q' : 'd', dreg, mreg, index); 3016 return True; 3017 } 3018 3019 /* A7.4.1 Three registers of the same length */ 3020 static 3021 Bool dis_neon_data_3same ( UInt theInstr, IRTemp condT ) 3022 { 3023 UInt Q = (theInstr >> 6) & 1; 3024 UInt dreg = get_neon_d_regno(theInstr); 3025 UInt nreg = get_neon_n_regno(theInstr); 3026 UInt mreg = get_neon_m_regno(theInstr); 3027 UInt A = (theInstr >> 8) & 0xF; 3028 UInt B = (theInstr >> 4) & 1; 3029 UInt C = (theInstr >> 20) & 0x3; 3030 UInt U = (theInstr >> 24) & 1; 3031 UInt size = C; 3032 3033 IRTemp arg_n; 3034 IRTemp arg_m; 3035 IRTemp res; 3036 3037 if (Q) { 3038 arg_n = newTemp(Ity_V128); 3039 arg_m = newTemp(Ity_V128); 3040 res = newTemp(Ity_V128); 3041 assign(arg_n, getQReg(nreg)); 3042 assign(arg_m, getQReg(mreg)); 3043 } else { 3044 arg_n = newTemp(Ity_I64); 3045 arg_m = newTemp(Ity_I64); 3046 res = newTemp(Ity_I64); 3047 assign(arg_n, getDRegI64(nreg)); 3048 assign(arg_m, getDRegI64(mreg)); 3049 } 3050 3051 switch(A) { 3052 case 0: 3053 if (B == 0) { 3054 /* VHADD */ 3055 ULong imm = 0; 3056 IRExpr *imm_val; 3057 IROp addOp; 3058 IROp andOp; 3059 IROp shOp; 3060 char regType = Q ? 'q' : 'd'; 3061 3062 if (size == 3) 3063 return False; 3064 switch(size) { 3065 case 0: imm = 0x101010101010101LL; break; 3066 case 1: imm = 0x1000100010001LL; break; 3067 case 2: imm = 0x100000001LL; break; 3068 default: vassert(0); 3069 } 3070 if (Q) { 3071 imm_val = binop(Iop_64HLtoV128, mkU64(imm), mkU64(imm)); 3072 andOp = Iop_AndV128; 3073 } else { 3074 imm_val = mkU64(imm); 3075 andOp = Iop_And64; 3076 } 3077 if (U) { 3078 switch(size) { 3079 case 0: 3080 addOp = Q ? Iop_Add8x16 : Iop_Add8x8; 3081 shOp = Q ? Iop_ShrN8x16 : Iop_ShrN8x8; 3082 break; 3083 case 1: 3084 addOp = Q ? Iop_Add16x8 : Iop_Add16x4; 3085 shOp = Q ? Iop_ShrN16x8 : Iop_ShrN16x4; 3086 break; 3087 case 2: 3088 addOp = Q ? Iop_Add32x4 : Iop_Add32x2; 3089 shOp = Q ? Iop_ShrN32x4 : Iop_ShrN32x2; 3090 break; 3091 default: 3092 vassert(0); 3093 } 3094 } else { 3095 switch(size) { 3096 case 0: 3097 addOp = Q ? Iop_Add8x16 : Iop_Add8x8; 3098 shOp = Q ? Iop_SarN8x16 : Iop_SarN8x8; 3099 break; 3100 case 1: 3101 addOp = Q ? Iop_Add16x8 : Iop_Add16x4; 3102 shOp = Q ? Iop_SarN16x8 : Iop_SarN16x4; 3103 break; 3104 case 2: 3105 addOp = Q ? Iop_Add32x4 : Iop_Add32x2; 3106 shOp = Q ? Iop_SarN32x4 : Iop_SarN32x2; 3107 break; 3108 default: 3109 vassert(0); 3110 } 3111 } 3112 assign(res, 3113 binop(addOp, 3114 binop(addOp, 3115 binop(shOp, mkexpr(arg_m), mkU8(1)), 3116 binop(shOp, mkexpr(arg_n), mkU8(1))), 3117 binop(shOp, 3118 binop(addOp, 3119 binop(andOp, mkexpr(arg_m), imm_val), 3120 binop(andOp, mkexpr(arg_n), imm_val)), 3121 mkU8(1)))); 3122 DIP("vhadd.%c%d %c%d, %c%d, %c%d\n", 3123 U ? 'u' : 's', 8 << size, regType, 3124 dreg, regType, nreg, regType, mreg); 3125 } else { 3126 /* VQADD */ 3127 IROp op, op2; 3128 IRTemp tmp; 3129 char reg_t = Q ? 'q' : 'd'; 3130 if (Q) { 3131 switch (size) { 3132 case 0: 3133 op = U ? Iop_QAdd8Ux16 : Iop_QAdd8Sx16; 3134 op2 = Iop_Add8x16; 3135 break; 3136 case 1: 3137 op = U ? Iop_QAdd16Ux8 : Iop_QAdd16Sx8; 3138 op2 = Iop_Add16x8; 3139 break; 3140 case 2: 3141 op = U ? Iop_QAdd32Ux4 : Iop_QAdd32Sx4; 3142 op2 = Iop_Add32x4; 3143 break; 3144 case 3: 3145 op = U ? Iop_QAdd64Ux2 : Iop_QAdd64Sx2; 3146 op2 = Iop_Add64x2; 3147 break; 3148 default: 3149 vassert(0); 3150 } 3151 } else { 3152 switch (size) { 3153 case 0: 3154 op = U ? Iop_QAdd8Ux8 : Iop_QAdd8Sx8; 3155 op2 = Iop_Add8x8; 3156 break; 3157 case 1: 3158 op = U ? Iop_QAdd16Ux4 : Iop_QAdd16Sx4; 3159 op2 = Iop_Add16x4; 3160 break; 3161 case 2: 3162 op = U ? Iop_QAdd32Ux2 : Iop_QAdd32Sx2; 3163 op2 = Iop_Add32x2; 3164 break; 3165 case 3: 3166 op = U ? Iop_QAdd64Ux1 : Iop_QAdd64Sx1; 3167 op2 = Iop_Add64; 3168 break; 3169 default: 3170 vassert(0); 3171 } 3172 } 3173 if (Q) { 3174 tmp = newTemp(Ity_V128); 3175 } else { 3176 tmp = newTemp(Ity_I64); 3177 } 3178 assign(res, binop(op, mkexpr(arg_n), mkexpr(arg_m))); 3179 #ifndef DISABLE_QC_FLAG 3180 assign(tmp, binop(op2, mkexpr(arg_n), mkexpr(arg_m))); 3181 setFlag_QC(mkexpr(res), mkexpr(tmp), Q, condT); 3182 #endif 3183 DIP("vqadd.%c%d %c%d, %c%d, %c%d\n", 3184 U ? 'u' : 's', 3185 8 << size, reg_t, dreg, reg_t, nreg, reg_t, mreg); 3186 } 3187 break; 3188 case 1: 3189 if (B == 0) { 3190 /* VRHADD */ 3191 /* VRHADD C, A, B ::= 3192 C = (A >> 1) + (B >> 1) + (((A & 1) + (B & 1) + 1) >> 1) */ 3193 IROp shift_op, add_op; 3194 IRTemp cc; 3195 ULong one = 1; 3196 HChar reg_t = Q ? 'q' : 'd'; 3197 switch (size) { 3198 case 0: one = (one << 8) | one; /* fall through */ 3199 case 1: one = (one << 16) | one; /* fall through */ 3200 case 2: one = (one << 32) | one; break; 3201 case 3: return False; 3202 default: vassert(0); 3203 } 3204 if (Q) { 3205 switch (size) { 3206 case 0: 3207 shift_op = U ? Iop_ShrN8x16 : Iop_SarN8x16; 3208 add_op = Iop_Add8x16; 3209 break; 3210 case 1: 3211 shift_op = U ? Iop_ShrN16x8 : Iop_SarN16x8; 3212 add_op = Iop_Add16x8; 3213 break; 3214 case 2: 3215 shift_op = U ? Iop_ShrN32x4 : Iop_SarN32x4; 3216 add_op = Iop_Add32x4; 3217 break; 3218 case 3: 3219 return False; 3220 default: 3221 vassert(0); 3222 } 3223 } else { 3224 switch (size) { 3225 case 0: 3226 shift_op = U ? Iop_ShrN8x8 : Iop_SarN8x8; 3227 add_op = Iop_Add8x8; 3228 break; 3229 case 1: 3230 shift_op = U ? Iop_ShrN16x4 : Iop_SarN16x4; 3231 add_op = Iop_Add16x4; 3232 break; 3233 case 2: 3234 shift_op = U ? Iop_ShrN32x2 : Iop_SarN32x2; 3235 add_op = Iop_Add32x2; 3236 break; 3237 case 3: 3238 return False; 3239 default: 3240 vassert(0); 3241 } 3242 } 3243 if (Q) { 3244 cc = newTemp(Ity_V128); 3245 assign(cc, binop(shift_op, 3246 binop(add_op, 3247 binop(add_op, 3248 binop(Iop_AndV128, 3249 mkexpr(arg_n), 3250 binop(Iop_64HLtoV128, 3251 mkU64(one), 3252 mkU64(one))), 3253 binop(Iop_AndV128, 3254 mkexpr(arg_m), 3255 binop(Iop_64HLtoV128, 3256 mkU64(one), 3257 mkU64(one)))), 3258 binop(Iop_64HLtoV128, 3259 mkU64(one), 3260 mkU64(one))), 3261 mkU8(1))); 3262 assign(res, binop(add_op, 3263 binop(add_op, 3264 binop(shift_op, 3265 mkexpr(arg_n), 3266 mkU8(1)), 3267 binop(shift_op, 3268 mkexpr(arg_m), 3269 mkU8(1))), 3270 mkexpr(cc))); 3271 } else { 3272 cc = newTemp(Ity_I64); 3273 assign(cc, binop(shift_op, 3274 binop(add_op, 3275 binop(add_op, 3276 binop(Iop_And64, 3277 mkexpr(arg_n), 3278 mkU64(one)), 3279 binop(Iop_And64, 3280 mkexpr(arg_m), 3281 mkU64(one))), 3282 mkU64(one)), 3283 mkU8(1))); 3284 assign(res, binop(add_op, 3285 binop(add_op, 3286 binop(shift_op, 3287 mkexpr(arg_n), 3288 mkU8(1)), 3289 binop(shift_op, 3290 mkexpr(arg_m), 3291 mkU8(1))), 3292 mkexpr(cc))); 3293 } 3294 DIP("vrhadd.%c%d %c%d, %c%d, %c%d\n", 3295 U ? 'u' : 's', 3296 8 << size, reg_t, dreg, reg_t, nreg, reg_t, mreg); 3297 } else { 3298 if (U == 0) { 3299 switch(C) { 3300 case 0: { 3301 /* VAND */ 3302 HChar reg_t = Q ? 'q' : 'd'; 3303 if (Q) { 3304 assign(res, binop(Iop_AndV128, mkexpr(arg_n), 3305 mkexpr(arg_m))); 3306 } else { 3307 assign(res, binop(Iop_And64, mkexpr(arg_n), 3308 mkexpr(arg_m))); 3309 } 3310 DIP("vand %c%d, %c%d, %c%d\n", 3311 reg_t, dreg, reg_t, nreg, reg_t, mreg); 3312 break; 3313 } 3314 case 1: { 3315 /* VBIC */ 3316 HChar reg_t = Q ? 'q' : 'd'; 3317 if (Q) { 3318 assign(res, binop(Iop_AndV128,mkexpr(arg_n), 3319 unop(Iop_NotV128, mkexpr(arg_m)))); 3320 } else { 3321 assign(res, binop(Iop_And64, mkexpr(arg_n), 3322 unop(Iop_Not64, mkexpr(arg_m)))); 3323 } 3324 DIP("vbic %c%d, %c%d, %c%d\n", 3325 reg_t, dreg, reg_t, nreg, reg_t, mreg); 3326 break; 3327 } 3328 case 2: 3329 if ( nreg != mreg) { 3330 /* VORR */ 3331 HChar reg_t = Q ? 'q' : 'd'; 3332 if (Q) { 3333 assign(res, binop(Iop_OrV128, mkexpr(arg_n), 3334 mkexpr(arg_m))); 3335 } else { 3336 assign(res, binop(Iop_Or64, mkexpr(arg_n), 3337 mkexpr(arg_m))); 3338 } 3339 DIP("vorr %c%d, %c%d, %c%d\n", 3340 reg_t, dreg, reg_t, nreg, reg_t, mreg); 3341 } else { 3342 /* VMOV */ 3343 HChar reg_t = Q ? 'q' : 'd'; 3344 assign(res, mkexpr(arg_m)); 3345 DIP("vmov %c%d, %c%d\n", reg_t, dreg, reg_t, mreg); 3346 } 3347 break; 3348 case 3:{ 3349 /* VORN */ 3350 HChar reg_t = Q ? 'q' : 'd'; 3351 if (Q) { 3352 assign(res, binop(Iop_OrV128,mkexpr(arg_n), 3353 unop(Iop_NotV128, mkexpr(arg_m)))); 3354 } else { 3355 assign(res, binop(Iop_Or64, mkexpr(arg_n), 3356 unop(Iop_Not64, mkexpr(arg_m)))); 3357 } 3358 DIP("vorn %c%d, %c%d, %c%d\n", 3359 reg_t, dreg, reg_t, nreg, reg_t, mreg); 3360 break; 3361 } 3362 } 3363 } else { 3364 switch(C) { 3365 case 0: 3366 /* VEOR (XOR) */ 3367 if (Q) { 3368 assign(res, binop(Iop_XorV128, mkexpr(arg_n), 3369 mkexpr(arg_m))); 3370 } else { 3371 assign(res, binop(Iop_Xor64, mkexpr(arg_n), 3372 mkexpr(arg_m))); 3373 } 3374 DIP("veor %c%u, %c%u, %c%u\n", Q ? 'q' : 'd', dreg, 3375 Q ? 'q' : 'd', nreg, Q ? 'q' : 'd', mreg); 3376 break; 3377 case 1: 3378 /* VBSL */ 3379 if (Q) { 3380 IRTemp reg_d = newTemp(Ity_V128); 3381 assign(reg_d, getQReg(dreg)); 3382 assign(res, 3383 binop(Iop_OrV128, 3384 binop(Iop_AndV128, mkexpr(arg_n), 3385 mkexpr(reg_d)), 3386 binop(Iop_AndV128, 3387 mkexpr(arg_m), 3388 unop(Iop_NotV128, 3389 mkexpr(reg_d)) ) ) ); 3390 } else { 3391 IRTemp reg_d = newTemp(Ity_I64); 3392 assign(reg_d, getDRegI64(dreg)); 3393 assign(res, 3394 binop(Iop_Or64, 3395 binop(Iop_And64, mkexpr(arg_n), 3396 mkexpr(reg_d)), 3397 binop(Iop_And64, 3398 mkexpr(arg_m), 3399 unop(Iop_Not64, mkexpr(reg_d))))); 3400 } 3401 DIP("vbsl %c%u, %c%u, %c%u\n", 3402 Q ? 'q' : 'd', dreg, 3403 Q ? 'q' : 'd', nreg, Q ? 'q' : 'd', mreg); 3404 break; 3405 case 2: 3406 /* VBIT */ 3407 if (Q) { 3408 IRTemp reg_d = newTemp(Ity_V128); 3409 assign(reg_d, getQReg(dreg)); 3410 assign(res, 3411 binop(Iop_OrV128, 3412 binop(Iop_AndV128, mkexpr(arg_n), 3413 mkexpr(arg_m)), 3414 binop(Iop_AndV128, 3415 mkexpr(reg_d), 3416 unop(Iop_NotV128, mkexpr(arg_m))))); 3417 } else { 3418 IRTemp reg_d = newTemp(Ity_I64); 3419 assign(reg_d, getDRegI64(dreg)); 3420 assign(res, 3421 binop(Iop_Or64, 3422 binop(Iop_And64, mkexpr(arg_n), 3423 mkexpr(arg_m)), 3424 binop(Iop_And64, 3425 mkexpr(reg_d), 3426 unop(Iop_Not64, mkexpr(arg_m))))); 3427 } 3428 DIP("vbit %c%u, %c%u, %c%u\n", 3429 Q ? 'q' : 'd', dreg, 3430 Q ? 'q' : 'd', nreg, Q ? 'q' : 'd', mreg); 3431 break; 3432 case 3: 3433 /* VBIF */ 3434 if (Q) { 3435 IRTemp reg_d = newTemp(Ity_V128); 3436 assign(reg_d, getQReg(dreg)); 3437 assign(res, 3438 binop(Iop_OrV128, 3439 binop(Iop_AndV128, mkexpr(reg_d), 3440 mkexpr(arg_m)), 3441 binop(Iop_AndV128, 3442 mkexpr(arg_n), 3443 unop(Iop_NotV128, mkexpr(arg_m))))); 3444 } else { 3445 IRTemp reg_d = newTemp(Ity_I64); 3446 assign(reg_d, getDRegI64(dreg)); 3447 assign(res, 3448 binop(Iop_Or64, 3449 binop(Iop_And64, mkexpr(reg_d), 3450 mkexpr(arg_m)), 3451 binop(Iop_And64, 3452 mkexpr(arg_n), 3453 unop(Iop_Not64, mkexpr(arg_m))))); 3454 } 3455 DIP("vbif %c%u, %c%u, %c%u\n", 3456 Q ? 'q' : 'd', dreg, 3457 Q ? 'q' : 'd', nreg, Q ? 'q' : 'd', mreg); 3458 break; 3459 } 3460 } 3461 } 3462 break; 3463 case 2: 3464 if (B == 0) { 3465 /* VHSUB */ 3466 /* (A >> 1) - (B >> 1) - (NOT (A) & B & 1) */ 3467 ULong imm = 0; 3468 IRExpr *imm_val; 3469 IROp subOp; 3470 IROp notOp; 3471 IROp andOp; 3472 IROp shOp; 3473 if (size == 3) 3474 return False; 3475 switch(size) { 3476 case 0: imm = 0x101010101010101LL; break; 3477 case 1: imm = 0x1000100010001LL; break; 3478 case 2: imm = 0x100000001LL; break; 3479 default: vassert(0); 3480 } 3481 if (Q) { 3482 imm_val = binop(Iop_64HLtoV128, mkU64(imm), mkU64(imm)); 3483 andOp = Iop_AndV128; 3484 notOp = Iop_NotV128; 3485 } else { 3486 imm_val = mkU64(imm); 3487 andOp = Iop_And64; 3488 notOp = Iop_Not64; 3489 } 3490 if (U) { 3491 switch(size) { 3492 case 0: 3493 subOp = Q ? Iop_Sub8x16 : Iop_Sub8x8; 3494 shOp = Q ? Iop_ShrN8x16 : Iop_ShrN8x8; 3495 break; 3496 case 1: 3497 subOp = Q ? Iop_Sub16x8 : Iop_Sub16x4; 3498 shOp = Q ? Iop_ShrN16x8 : Iop_ShrN16x4; 3499 break; 3500 case 2: 3501 subOp = Q ? Iop_Sub32x4 : Iop_Sub32x2; 3502 shOp = Q ? Iop_ShrN32x4 : Iop_ShrN32x2; 3503 break; 3504 default: 3505 vassert(0); 3506 } 3507 } else { 3508 switch(size) { 3509 case 0: 3510 subOp = Q ? Iop_Sub8x16 : Iop_Sub8x8; 3511 shOp = Q ? Iop_SarN8x16 : Iop_SarN8x8; 3512 break; 3513 case 1: 3514 subOp = Q ? Iop_Sub16x8 : Iop_Sub16x4; 3515 shOp = Q ? Iop_SarN16x8 : Iop_SarN16x4; 3516 break; 3517 case 2: 3518 subOp = Q ? Iop_Sub32x4 : Iop_Sub32x2; 3519 shOp = Q ? Iop_SarN32x4 : Iop_SarN32x2; 3520 break; 3521 default: 3522 vassert(0); 3523 } 3524 } 3525 assign(res, 3526 binop(subOp, 3527 binop(subOp, 3528 binop(shOp, mkexpr(arg_n), mkU8(1)), 3529 binop(shOp, mkexpr(arg_m), mkU8(1))), 3530 binop(andOp, 3531 binop(andOp, 3532 unop(notOp, mkexpr(arg_n)), 3533 mkexpr(arg_m)), 3534 imm_val))); 3535 DIP("vhsub.%c%u %c%u, %c%u, %c%u\n", 3536 U ? 'u' : 's', 8 << size, 3537 Q ? 'q' : 'd', dreg, Q ? 'q' : 'd', nreg, Q ? 'q' : 'd', 3538 mreg); 3539 } else { 3540 /* VQSUB */ 3541 IROp op, op2; 3542 IRTemp tmp; 3543 if (Q) { 3544 switch (size) { 3545 case 0: 3546 op = U ? Iop_QSub8Ux16 : Iop_QSub8Sx16; 3547 op2 = Iop_Sub8x16; 3548 break; 3549 case 1: 3550 op = U ? Iop_QSub16Ux8 : Iop_QSub16Sx8; 3551 op2 = Iop_Sub16x8; 3552 break; 3553 case 2: 3554 op = U ? Iop_QSub32Ux4 : Iop_QSub32Sx4; 3555 op2 = Iop_Sub32x4; 3556 break; 3557 case 3: 3558 op = U ? Iop_QSub64Ux2 : Iop_QSub64Sx2; 3559 op2 = Iop_Sub64x2; 3560 break; 3561 default: 3562 vassert(0); 3563 } 3564 } else { 3565 switch (size) { 3566 case 0: 3567 op = U ? Iop_QSub8Ux8 : Iop_QSub8Sx8; 3568 op2 = Iop_Sub8x8; 3569 break; 3570 case 1: 3571 op = U ? Iop_QSub16Ux4 : Iop_QSub16Sx4; 3572 op2 = Iop_Sub16x4; 3573 break; 3574 case 2: 3575 op = U ? Iop_QSub32Ux2 : Iop_QSub32Sx2; 3576 op2 = Iop_Sub32x2; 3577 break; 3578 case 3: 3579 op = U ? Iop_QSub64Ux1 : Iop_QSub64Sx1; 3580 op2 = Iop_Sub64; 3581 break; 3582 default: 3583 vassert(0); 3584 } 3585 } 3586 if (Q) 3587 tmp = newTemp(Ity_V128); 3588 else 3589 tmp = newTemp(Ity_I64); 3590 assign(res, binop(op, mkexpr(arg_n), mkexpr(arg_m))); 3591 #ifndef DISABLE_QC_FLAG 3592 assign(tmp, binop(op2, mkexpr(arg_n), mkexpr(arg_m))); 3593 setFlag_QC(mkexpr(res), mkexpr(tmp), Q, condT); 3594 #endif 3595 DIP("vqsub.%c%u %c%u, %c%u, %c%u\n", 3596 U ? 'u' : 's', 8 << size, 3597 Q ? 'q' : 'd', dreg, Q ? 'q' : 'd', nreg, Q ? 'q' : 'd', 3598 mreg); 3599 } 3600 break; 3601 case 3: { 3602 IROp op; 3603 if (Q) { 3604 switch (size) { 3605 case 0: op = U ? Iop_CmpGT8Ux16 : Iop_CmpGT8Sx16; break; 3606 case 1: op = U ? Iop_CmpGT16Ux8 : Iop_CmpGT16Sx8; break; 3607 case 2: op = U ? Iop_CmpGT32Ux4 : Iop_CmpGT32Sx4; break; 3608 case 3: return False; 3609 default: vassert(0); 3610 } 3611 } else { 3612 switch (size) { 3613 case 0: op = U ? Iop_CmpGT8Ux8 : Iop_CmpGT8Sx8; break; 3614 case 1: op = U ? Iop_CmpGT16Ux4 : Iop_CmpGT16Sx4; break; 3615 case 2: op = U ? Iop_CmpGT32Ux2: Iop_CmpGT32Sx2; break; 3616 case 3: return False; 3617 default: vassert(0); 3618 } 3619 } 3620 if (B == 0) { 3621 /* VCGT */ 3622 assign(res, binop(op, mkexpr(arg_n), mkexpr(arg_m))); 3623 DIP("vcgt.%c%u %c%u, %c%u, %c%u\n", 3624 U ? 'u' : 's', 8 << size, 3625 Q ? 'q' : 'd', dreg, Q ? 'q' : 'd', nreg, Q ? 'q' : 'd', 3626 mreg); 3627 } else { 3628 /* VCGE */ 3629 /* VCGE res, argn, argm 3630 is equal to 3631 VCGT tmp, argm, argn 3632 VNOT res, tmp */ 3633 assign(res, 3634 unop(Q ? Iop_NotV128 : Iop_Not64, 3635 binop(op, mkexpr(arg_m), mkexpr(arg_n)))); 3636 DIP("vcge.%c%u %c%u, %c%u, %c%u\n", 3637 U ? 'u' : 's', 8 << size, 3638 Q ? 'q' : 'd', dreg, Q ? 'q' : 'd', nreg, Q ? 'q' : 'd', 3639 mreg); 3640 } 3641 } 3642 break; 3643 case 4: 3644 if (B == 0) { 3645 /* VSHL */ 3646 IROp op, sub_op; 3647 IRTemp tmp; 3648 if (U) { 3649 switch (size) { 3650 case 0: op = Q ? Iop_Shl8x16 : Iop_Shl8x8; break; 3651 case 1: op = Q ? Iop_Shl16x8 : Iop_Shl16x4; break; 3652 case 2: op = Q ? Iop_Shl32x4 : Iop_Shl32x2; break; 3653 case 3: op = Q ? Iop_Shl64x2 : Iop_Shl64; break; 3654 default: vassert(0); 3655 } 3656 } else { 3657 tmp = newTemp(Q ? Ity_V128 : Ity_I64); 3658 switch (size) { 3659 case 0: 3660 op = Q ? Iop_Sar8x16 : Iop_Sar8x8; 3661 sub_op = Q ? Iop_Sub8x16 : Iop_Sub8x8; 3662 break; 3663 case 1: 3664 op = Q ? Iop_Sar16x8 : Iop_Sar16x4; 3665 sub_op = Q ? Iop_Sub16x8 : Iop_Sub16x4; 3666 break; 3667 case 2: 3668 op = Q ? Iop_Sar32x4 : Iop_Sar32x2; 3669 sub_op = Q ? Iop_Sub32x4 : Iop_Sub32x2; 3670 break; 3671 case 3: 3672 op = Q ? Iop_Sar64x2 : Iop_Sar64; 3673 sub_op = Q ? Iop_Sub64x2 : Iop_Sub64; 3674 break; 3675 default: 3676 vassert(0); 3677 } 3678 } 3679 if (U) { 3680 if (!Q && (size == 3)) 3681 assign(res, binop(op, mkexpr(arg_m), 3682 unop(Iop_64to8, mkexpr(arg_n)))); 3683 else 3684 assign(res, binop(op, mkexpr(arg_m), mkexpr(arg_n))); 3685 } else { 3686 if (Q) 3687 assign(tmp, binop(sub_op, 3688 binop(Iop_64HLtoV128, mkU64(0), mkU64(0)), 3689 mkexpr(arg_n))); 3690 else 3691 assign(tmp, binop(sub_op, mkU64(0), mkexpr(arg_n))); 3692 if (!Q && (size == 3)) 3693 assign(res, binop(op, mkexpr(arg_m), 3694 unop(Iop_64to8, mkexpr(tmp)))); 3695 else 3696 assign(res, binop(op, mkexpr(arg_m), mkexpr(tmp))); 3697 } 3698 DIP("vshl.%c%u %c%u, %c%u, %c%u\n", 3699 U ? 'u' : 's', 8 << size, 3700 Q ? 'q' : 'd', dreg, Q ? 'q' : 'd', mreg, Q ? 'q' : 'd', 3701 nreg); 3702 } else { 3703 /* VQSHL */ 3704 IROp op, op_rev, op_shrn, op_shln, cmp_neq, cmp_gt; 3705 IRTemp tmp, shval, mask, old_shval; 3706 UInt i; 3707 ULong esize; 3708 cmp_neq = Q ? Iop_CmpNEZ8x16 : Iop_CmpNEZ8x8; 3709 cmp_gt = Q ? Iop_CmpGT8Sx16 : Iop_CmpGT8Sx8; 3710 if (U) { 3711 switch (size) { 3712 case 0: 3713 op = Q ? Iop_QShl8x16 : Iop_QShl8x8; 3714 op_rev = Q ? Iop_Shr8x16 : Iop_Shr8x8; 3715 op_shrn = Q ? Iop_ShrN8x16 : Iop_ShrN8x8; 3716 op_shln = Q ? Iop_ShlN8x16 : Iop_ShlN8x8; 3717 break; 3718 case 1: 3719 op = Q ? Iop_QShl16x8 : Iop_QShl16x4; 3720 op_rev = Q ? Iop_Shr16x8 : Iop_Shr16x4; 3721 op_shrn = Q ? Iop_ShrN16x8 : Iop_ShrN16x4; 3722 op_shln = Q ? Iop_ShlN16x8 : Iop_ShlN16x4; 3723 break; 3724 case 2: 3725 op = Q ? Iop_QShl32x4 : Iop_QShl32x2; 3726 op_rev = Q ? Iop_Shr32x4 : Iop_Shr32x2; 3727 op_shrn = Q ? Iop_ShrN32x4 : Iop_ShrN32x2; 3728 op_shln = Q ? Iop_ShlN32x4 : Iop_ShlN32x2; 3729 break; 3730 case 3: 3731 op = Q ? Iop_QShl64x2 : Iop_QShl64x1; 3732 op_rev = Q ? Iop_Shr64x2 : Iop_Shr64; 3733 op_shrn = Q ? Iop_ShrN64x2 : Iop_Shr64; 3734 op_shln = Q ? Iop_ShlN64x2 : Iop_Shl64; 3735 break; 3736 default: 3737 vassert(0); 3738 } 3739 } else { 3740 switch (size) { 3741 case 0: 3742 op = Q ? Iop_QSal8x16 : Iop_QSal8x8; 3743 op_rev = Q ? Iop_Sar8x16 : Iop_Sar8x8; 3744 op_shrn = Q ? Iop_ShrN8x16 : Iop_ShrN8x8; 3745 op_shln = Q ? Iop_ShlN8x16 : Iop_ShlN8x8; 3746 break; 3747 case 1: 3748 op = Q ? Iop_QSal16x8 : Iop_QSal16x4; 3749 op_rev = Q ? Iop_Sar16x8 : Iop_Sar16x4; 3750 op_shrn = Q ? Iop_ShrN16x8 : Iop_ShrN16x4; 3751 op_shln = Q ? Iop_ShlN16x8 : Iop_ShlN16x4; 3752 break; 3753 case 2: 3754 op = Q ? Iop_QSal32x4 : Iop_QSal32x2; 3755 op_rev = Q ? Iop_Sar32x4 : Iop_Sar32x2; 3756 op_shrn = Q ? Iop_ShrN32x4 : Iop_ShrN32x2; 3757 op_shln = Q ? Iop_ShlN32x4 : Iop_ShlN32x2; 3758 break; 3759 case 3: 3760 op = Q ? Iop_QSal64x2 : Iop_QSal64x1; 3761 op_rev = Q ? Iop_Sar64x2 : Iop_Sar64; 3762 op_shrn = Q ? Iop_ShrN64x2 : Iop_Shr64; 3763 op_shln = Q ? Iop_ShlN64x2 : Iop_Shl64; 3764 break; 3765 default: 3766 vassert(0); 3767 } 3768 } 3769 if (Q) { 3770 tmp = newTemp(Ity_V128); 3771 shval = newTemp(Ity_V128); 3772 mask = newTemp(Ity_V128); 3773 } else { 3774 tmp = newTemp(Ity_I64); 3775 shval = newTemp(Ity_I64); 3776 mask = newTemp(Ity_I64); 3777 } 3778 assign(res, binop(op, mkexpr(arg_m), mkexpr(arg_n))); 3779 #ifndef DISABLE_QC_FLAG 3780 /* Only least significant byte from second argument is used. 3781 Copy this byte to the whole vector element. */ 3782 assign(shval, binop(op_shrn, 3783 binop(op_shln, 3784 mkexpr(arg_n), 3785 mkU8((8 << size) - 8)), 3786 mkU8((8 << size) - 8))); 3787 for(i = 0; i < size; i++) { 3788 old_shval = shval; 3789 shval = newTemp(Q ? Ity_V128 : Ity_I64); 3790 assign(shval, binop(Q ? Iop_OrV128 : Iop_Or64, 3791 mkexpr(old_shval), 3792 binop(op_shln, 3793 mkexpr(old_shval), 3794 mkU8(8 << i)))); 3795 } 3796 /* If shift is greater or equal to the element size and 3797 element is non-zero, then QC flag should be set. */ 3798 esize = (8 << size) - 1; 3799 esize = (esize << 8) | esize; 3800 esize = (esize << 16) | esize; 3801 esize = (esize << 32) | esize; 3802 setFlag_QC(binop(Q ? Iop_AndV128 : Iop_And64, 3803 binop(cmp_gt, mkexpr(shval), 3804 Q ? mkU128(esize) : mkU64(esize)), 3805 unop(cmp_neq, mkexpr(arg_m))), 3806 Q ? mkU128(0) : mkU64(0), 3807 Q, condT); 3808 /* Othervise QC flag should be set if shift value is positive and 3809 result beign rightshifted the same value is not equal to left 3810 argument. */ 3811 assign(mask, binop(cmp_gt, mkexpr(shval), 3812 Q ? mkU128(0) : mkU64(0))); 3813 if (!Q && size == 3) 3814 assign(tmp, binop(op_rev, mkexpr(res), 3815 unop(Iop_64to8, mkexpr(arg_n)))); 3816 else 3817 assign(tmp, binop(op_rev, mkexpr(res), mkexpr(arg_n))); 3818 setFlag_QC(binop(Q ? Iop_AndV128 : Iop_And64, 3819 mkexpr(tmp), mkexpr(mask)), 3820 binop(Q ? Iop_AndV128 : Iop_And64, 3821 mkexpr(arg_m), mkexpr(mask)), 3822 Q, condT); 3823 #endif 3824 DIP("vqshl.%c%u %c%u, %c%u, %c%u\n", 3825 U ? 'u' : 's', 8 << size, 3826 Q ? 'q' : 'd', dreg, Q ? 'q' : 'd', mreg, Q ? 'q' : 'd', 3827 nreg); 3828 } 3829 break; 3830 case 5: 3831 if (B == 0) { 3832 /* VRSHL */ 3833 IROp op, op_shrn, op_shln, cmp_gt, op_add; 3834 IRTemp shval, old_shval, imm_val, round; 3835 UInt i; 3836 ULong imm; 3837 cmp_gt = Q ? Iop_CmpGT8Sx16 : Iop_CmpGT8Sx8; 3838 imm = 1L; 3839 switch (size) { 3840 case 0: imm = (imm << 8) | imm; /* fall through */ 3841 case 1: imm = (imm << 16) | imm; /* fall through */ 3842 case 2: imm = (imm << 32) | imm; /* fall through */ 3843 case 3: break; 3844 default: vassert(0); 3845 } 3846 imm_val = newTemp(Q ? Ity_V128 : Ity_I64); 3847 round = newTemp(Q ? Ity_V128 : Ity_I64); 3848 assign(imm_val, Q ? mkU128(imm) : mkU64(imm)); 3849 if (U) { 3850 switch (size) { 3851 case 0: 3852 op = Q ? Iop_Shl8x16 : Iop_Shl8x8; 3853 op_add = Q ? Iop_Add8x16 : Iop_Add8x8; 3854 op_shrn = Q ? Iop_ShrN8x16 : Iop_ShrN8x8; 3855 op_shln = Q ? Iop_ShlN8x16 : Iop_ShlN8x8; 3856 break; 3857 case 1: 3858 op = Q ? Iop_Shl16x8 : Iop_Shl16x4; 3859 op_add = Q ? Iop_Add16x8 : Iop_Add16x4; 3860 op_shrn = Q ? Iop_ShrN16x8 : Iop_ShrN16x4; 3861 op_shln = Q ? Iop_ShlN16x8 : Iop_ShlN16x4; 3862 break; 3863 case 2: 3864 op = Q ? Iop_Shl32x4 : Iop_Shl32x2; 3865 op_add = Q ? Iop_Add32x4 : Iop_Add32x2; 3866 op_shrn = Q ? Iop_ShrN32x4 : Iop_ShrN32x2; 3867 op_shln = Q ? Iop_ShlN32x4 : Iop_ShlN32x2; 3868 break; 3869 case 3: 3870 op = Q ? Iop_Shl64x2 : Iop_Shl64; 3871 op_add = Q ? Iop_Add64x2 : Iop_Add64; 3872 op_shrn = Q ? Iop_ShrN64x2 : Iop_Shr64; 3873 op_shln = Q ? Iop_ShlN64x2 : Iop_Shl64; 3874 break; 3875 default: 3876 vassert(0); 3877 } 3878 } else { 3879 switch (size) { 3880 case 0: 3881 op = Q ? Iop_Sal8x16 : Iop_Sal8x8; 3882 op_add = Q ? Iop_Add8x16 : Iop_Add8x8; 3883 op_shrn = Q ? Iop_ShrN8x16 : Iop_ShrN8x8; 3884 op_shln = Q ? Iop_ShlN8x16 : Iop_ShlN8x8; 3885 break; 3886 case 1: 3887 op = Q ? Iop_Sal16x8 : Iop_Sal16x4; 3888 op_add = Q ? Iop_Add16x8 : Iop_Add16x4; 3889 op_shrn = Q ? Iop_ShrN16x8 : Iop_ShrN16x4; 3890 op_shln = Q ? Iop_ShlN16x8 : Iop_ShlN16x4; 3891 break; 3892 case 2: 3893 op = Q ? Iop_Sal32x4 : Iop_Sal32x2; 3894 op_add = Q ? Iop_Add32x4 : Iop_Add32x2; 3895 op_shrn = Q ? Iop_ShrN32x4 : Iop_ShrN32x2; 3896 op_shln = Q ? Iop_ShlN32x4 : Iop_ShlN32x2; 3897 break; 3898 case 3: 3899 op = Q ? Iop_Sal64x2 : Iop_Sal64x1; 3900 op_add = Q ? Iop_Add64x2 : Iop_Add64; 3901 op_shrn = Q ? Iop_ShrN64x2 : Iop_Shr64; 3902 op_shln = Q ? Iop_ShlN64x2 : Iop_Shl64; 3903 break; 3904 default: 3905 vassert(0); 3906 } 3907 } 3908 if (Q) { 3909 shval = newTemp(Ity_V128); 3910 } else { 3911 shval = newTemp(Ity_I64); 3912 } 3913 /* Only least significant byte from second argument is used. 3914 Copy this byte to the whole vector element. */ 3915 assign(shval, binop(op_shrn, 3916 binop(op_shln, 3917 mkexpr(arg_n), 3918 mkU8((8 << size) - 8)), 3919 mkU8((8 << size) - 8))); 3920 for (i = 0; i < size; i++) { 3921 old_shval = shval; 3922 shval = newTemp(Q ? Ity_V128 : Ity_I64); 3923 assign(shval, binop(Q ? Iop_OrV128 : Iop_Or64, 3924 mkexpr(old_shval), 3925 binop(op_shln, 3926 mkexpr(old_shval), 3927 mkU8(8 << i)))); 3928 } 3929 /* Compute the result */ 3930 if (!Q && size == 3 && U) { 3931 assign(round, binop(Q ? Iop_AndV128 : Iop_And64, 3932 binop(op, 3933 mkexpr(arg_m), 3934 unop(Iop_64to8, 3935 binop(op_add, 3936 mkexpr(arg_n), 3937 mkexpr(imm_val)))), 3938 binop(Q ? Iop_AndV128 : Iop_And64, 3939 mkexpr(imm_val), 3940 binop(cmp_gt, 3941 Q ? mkU128(0) : mkU64(0), 3942 mkexpr(arg_n))))); 3943 assign(res, binop(op_add, 3944 binop(op, 3945 mkexpr(arg_m), 3946 unop(Iop_64to8, mkexpr(arg_n))), 3947 mkexpr(round))); 3948 } else { 3949 assign(round, binop(Q ? Iop_AndV128 : Iop_And64, 3950 binop(op, 3951 mkexpr(arg_m), 3952 binop(op_add, 3953 mkexpr(arg_n), 3954 mkexpr(imm_val))), 3955 binop(Q ? Iop_AndV128 : Iop_And64, 3956 mkexpr(imm_val), 3957 binop(cmp_gt, 3958 Q ? mkU128(0) : mkU64(0), 3959 mkexpr(arg_n))))); 3960 assign(res, binop(op_add, 3961 binop(op, mkexpr(arg_m), mkexpr(arg_n)), 3962 mkexpr(round))); 3963 } 3964 DIP("vrshl.%c%u %c%u, %c%u, %c%u\n", 3965 U ? 'u' : 's', 8 << size, 3966 Q ? 'q' : 'd', dreg, Q ? 'q' : 'd', mreg, Q ? 'q' : 'd', 3967 nreg); 3968 } else { 3969 /* VQRSHL */ 3970 IROp op, op_rev, op_shrn, op_shln, cmp_neq, cmp_gt, op_add; 3971 IRTemp tmp, shval, mask, old_shval, imm_val, round; 3972 UInt i; 3973 ULong esize, imm; 3974 cmp_neq = Q ? Iop_CmpNEZ8x16 : Iop_CmpNEZ8x8; 3975 cmp_gt = Q ? Iop_CmpGT8Sx16 : Iop_CmpGT8Sx8; 3976 imm = 1L; 3977 switch (size) { 3978 case 0: imm = (imm << 8) | imm; /* fall through */ 3979 case 1: imm = (imm << 16) | imm; /* fall through */ 3980 case 2: imm = (imm << 32) | imm; /* fall through */ 3981 case 3: break; 3982 default: vassert(0); 3983 } 3984 imm_val = newTemp(Q ? Ity_V128 : Ity_I64); 3985 round = newTemp(Q ? Ity_V128 : Ity_I64); 3986 assign(imm_val, Q ? mkU128(imm) : mkU64(imm)); 3987 if (U) { 3988 switch (size) { 3989 case 0: 3990 op = Q ? Iop_QShl8x16 : Iop_QShl8x8; 3991 op_add = Q ? Iop_Add8x16 : Iop_Add8x8; 3992 op_rev = Q ? Iop_Shr8x16 : Iop_Shr8x8; 3993 op_shrn = Q ? Iop_ShrN8x16 : Iop_ShrN8x8; 3994 op_shln = Q ? Iop_ShlN8x16 : Iop_ShlN8x8; 3995 break; 3996 case 1: 3997 op = Q ? Iop_QShl16x8 : Iop_QShl16x4; 3998 op_add = Q ? Iop_Add16x8 : Iop_Add16x4; 3999 op_rev = Q ? Iop_Shr16x8 : Iop_Shr16x4; 4000 op_shrn = Q ? Iop_ShrN16x8 : Iop_ShrN16x4; 4001 op_shln = Q ? Iop_ShlN16x8 : Iop_ShlN16x4; 4002 break; 4003 case 2: 4004 op = Q ? Iop_QShl32x4 : Iop_QShl32x2; 4005 op_add = Q ? Iop_Add32x4 : Iop_Add32x2; 4006 op_rev = Q ? Iop_Shr32x4 : Iop_Shr32x2; 4007 op_shrn = Q ? Iop_ShrN32x4 : Iop_ShrN32x2; 4008 op_shln = Q ? Iop_ShlN32x4 : Iop_ShlN32x2; 4009 break; 4010 case 3: 4011 op = Q ? Iop_QShl64x2 : Iop_QShl64x1; 4012 op_add = Q ? Iop_Add64x2 : Iop_Add64; 4013 op_rev = Q ? Iop_Shr64x2 : Iop_Shr64; 4014 op_shrn = Q ? Iop_ShrN64x2 : Iop_Shr64; 4015 op_shln = Q ? Iop_ShlN64x2 : Iop_Shl64; 4016 break; 4017 default: 4018 vassert(0); 4019 } 4020 } else { 4021 switch (size) { 4022 case 0: 4023 op = Q ? Iop_QSal8x16 : Iop_QSal8x8; 4024 op_add = Q ? Iop_Add8x16 : Iop_Add8x8; 4025 op_rev = Q ? Iop_Sar8x16 : Iop_Sar8x8; 4026 op_shrn = Q ? Iop_ShrN8x16 : Iop_ShrN8x8; 4027 op_shln = Q ? Iop_ShlN8x16 : Iop_ShlN8x8; 4028 break; 4029 case 1: 4030 op = Q ? Iop_QSal16x8 : Iop_QSal16x4; 4031 op_add = Q ? Iop_Add16x8 : Iop_Add16x4; 4032 op_rev = Q ? Iop_Sar16x8 : Iop_Sar16x4; 4033 op_shrn = Q ? Iop_ShrN16x8 : Iop_ShrN16x4; 4034 op_shln = Q ? Iop_ShlN16x8 : Iop_ShlN16x4; 4035 break; 4036 case 2: 4037 op = Q ? Iop_QSal32x4 : Iop_QSal32x2; 4038 op_add = Q ? Iop_Add32x4 : Iop_Add32x2; 4039 op_rev = Q ? Iop_Sar32x4 : Iop_Sar32x2; 4040 op_shrn = Q ? Iop_ShrN32x4 : Iop_ShrN32x2; 4041 op_shln = Q ? Iop_ShlN32x4 : Iop_ShlN32x2; 4042 break; 4043 case 3: 4044 op = Q ? Iop_QSal64x2 : Iop_QSal64x1; 4045 op_add = Q ? Iop_Add64x2 : Iop_Add64; 4046 op_rev = Q ? Iop_Sar64x2 : Iop_Sar64; 4047 op_shrn = Q ? Iop_ShrN64x2 : Iop_Shr64; 4048 op_shln = Q ? Iop_ShlN64x2 : Iop_Shl64; 4049 break; 4050 default: 4051 vassert(0); 4052 } 4053 } 4054 if (Q) { 4055 tmp = newTemp(Ity_V128); 4056 shval = newTemp(Ity_V128); 4057 mask = newTemp(Ity_V128); 4058 } else { 4059 tmp = newTemp(Ity_I64); 4060 shval = newTemp(Ity_I64); 4061 mask = newTemp(Ity_I64); 4062 } 4063 /* Only least significant byte from second argument is used. 4064 Copy this byte to the whole vector element. */ 4065 assign(shval, binop(op_shrn, 4066 binop(op_shln, 4067 mkexpr(arg_n), 4068 mkU8((8 << size) - 8)), 4069 mkU8((8 << size) - 8))); 4070 for (i = 0; i < size; i++) { 4071 old_shval = shval; 4072 shval = newTemp(Q ? Ity_V128 : Ity_I64); 4073 assign(shval, binop(Q ? Iop_OrV128 : Iop_Or64, 4074 mkexpr(old_shval), 4075 binop(op_shln, 4076 mkexpr(old_shval), 4077 mkU8(8 << i)))); 4078 } 4079 /* Compute the result */ 4080 assign(round, binop(Q ? Iop_AndV128 : Iop_And64, 4081 binop(op, 4082 mkexpr(arg_m), 4083 binop(op_add, 4084 mkexpr(arg_n), 4085 mkexpr(imm_val))), 4086 binop(Q ? Iop_AndV128 : Iop_And64, 4087 mkexpr(imm_val), 4088 binop(cmp_gt, 4089 Q ? mkU128(0) : mkU64(0), 4090 mkexpr(arg_n))))); 4091 assign(res, binop(op_add, 4092 binop(op, mkexpr(arg_m), mkexpr(arg_n)), 4093 mkexpr(round))); 4094 #ifndef DISABLE_QC_FLAG 4095 /* If shift is greater or equal to the element size and element is 4096 non-zero, then QC flag should be set. */ 4097 esize = (8 << size) - 1; 4098 esize = (esize << 8) | esize; 4099 esize = (esize << 16) | esize; 4100 esize = (esize << 32) | esize; 4101 setFlag_QC(binop(Q ? Iop_AndV128 : Iop_And64, 4102 binop(cmp_gt, mkexpr(shval), 4103 Q ? mkU128(esize) : mkU64(esize)), 4104 unop(cmp_neq, mkexpr(arg_m))), 4105 Q ? mkU128(0) : mkU64(0), 4106 Q, condT); 4107 /* Othervise QC flag should be set if shift value is positive and 4108 result beign rightshifted the same value is not equal to left 4109 argument. */ 4110 assign(mask, binop(cmp_gt, mkexpr(shval), 4111 Q ? mkU128(0) : mkU64(0))); 4112 if (!Q && size == 3) 4113 assign(tmp, binop(op_rev, mkexpr(res), 4114 unop(Iop_64to8, mkexpr(arg_n)))); 4115 else 4116 assign(tmp, binop(op_rev, mkexpr(res), mkexpr(arg_n))); 4117 setFlag_QC(binop(Q ? Iop_AndV128 : Iop_And64, 4118 mkexpr(tmp), mkexpr(mask)), 4119 binop(Q ? Iop_AndV128 : Iop_And64, 4120 mkexpr(arg_m), mkexpr(mask)), 4121 Q, condT); 4122 #endif 4123 DIP("vqrshl.%c%u %c%u, %c%u, %c%u\n", 4124 U ? 'u' : 's', 8 << size, 4125 Q ? 'q' : 'd', dreg, Q ? 'q' : 'd', mreg, Q ? 'q' : 'd', 4126 nreg); 4127 } 4128 break; 4129 case 6: 4130 /* VMAX, VMIN */ 4131 if (B == 0) { 4132 /* VMAX */ 4133 IROp op; 4134 if (U == 0) { 4135 switch (size) { 4136 case 0: op = Q ? Iop_Max8Sx16 : Iop_Max8Sx8; break; 4137 case 1: op = Q ? Iop_Max16Sx8 : Iop_Max16Sx4; break; 4138 case 2: op = Q ? Iop_Max32Sx4 : Iop_Max32Sx2; break; 4139 case 3: return False; 4140 default: vassert(0); 4141 } 4142 } else { 4143 switch (size) { 4144 case 0: op = Q ? Iop_Max8Ux16 : Iop_Max8Ux8; break; 4145 case 1: op = Q ? Iop_Max16Ux8 : Iop_Max16Ux4; break; 4146 case 2: op = Q ? Iop_Max32Ux4 : Iop_Max32Ux2; break; 4147 case 3: return False; 4148 default: vassert(0); 4149 } 4150 } 4151 assign(res, binop(op, mkexpr(arg_n), mkexpr(arg_m))); 4152 DIP("vmax.%c%u %c%u, %c%u, %c%u\n", 4153 U ? 'u' : 's', 8 << size, 4154 Q ? 'q' : 'd', dreg, Q ? 'q' : 'd', nreg, Q ? 'q' : 'd', 4155 mreg); 4156 } else { 4157 /* VMIN */ 4158 IROp op; 4159 if (U == 0) { 4160 switch (size) { 4161 case 0: op = Q ? Iop_Min8Sx16 : Iop_Min8Sx8; break; 4162 case 1: op = Q ? Iop_Min16Sx8 : Iop_Min16Sx4; break; 4163 case 2: op = Q ? Iop_Min32Sx4 : Iop_Min32Sx2; break; 4164 case 3: return False; 4165 default: vassert(0); 4166 } 4167 } else { 4168 switch (size) { 4169 case 0: op = Q ? Iop_Min8Ux16 : Iop_Min8Ux8; break; 4170 case 1: op = Q ? Iop_Min16Ux8 : Iop_Min16Ux4; break; 4171 case 2: op = Q ? Iop_Min32Ux4 : Iop_Min32Ux2; break; 4172 case 3: return False; 4173 default: vassert(0); 4174 } 4175 } 4176 assign(res, binop(op, mkexpr(arg_n), mkexpr(arg_m))); 4177 DIP("vmin.%c%u %c%u, %c%u, %c%u\n", 4178 U ? 'u' : 's', 8 << size, 4179 Q ? 'q' : 'd', dreg, Q ? 'q' : 'd', nreg, Q ? 'q' : 'd', 4180 mreg); 4181 } 4182 break; 4183 case 7: 4184 if (B == 0) { 4185 /* VABD */ 4186 IROp op_cmp, op_sub; 4187 IRTemp cond; 4188 if ((theInstr >> 23) & 1) { 4189 vpanic("VABDL should not be in dis_neon_data_3same\n"); 4190 } 4191 if (Q) { 4192 switch (size) { 4193 case 0: 4194 op_cmp = U ? Iop_CmpGT8Ux16 : Iop_CmpGT8Sx16; 4195 op_sub = Iop_Sub8x16; 4196 break; 4197 case 1: 4198 op_cmp = U ? Iop_CmpGT16Ux8 : Iop_CmpGT16Sx8; 4199 op_sub = Iop_Sub16x8; 4200 break; 4201 case 2: 4202 op_cmp = U ? Iop_CmpGT32Ux4 : Iop_CmpGT32Sx4; 4203 op_sub = Iop_Sub32x4; 4204 break; 4205 case 3: 4206 return False; 4207 default: 4208 vassert(0); 4209 } 4210 } else { 4211 switch (size) { 4212 case 0: 4213 op_cmp = U ? Iop_CmpGT8Ux8 : Iop_CmpGT8Sx8; 4214 op_sub = Iop_Sub8x8; 4215 break; 4216 case 1: 4217 op_cmp = U ? Iop_CmpGT16Ux4 : Iop_CmpGT16Sx4; 4218 op_sub = Iop_Sub16x4; 4219 break; 4220 case 2: 4221 op_cmp = U ? Iop_CmpGT32Ux2 : Iop_CmpGT32Sx2; 4222 op_sub = Iop_Sub32x2; 4223 break; 4224 case 3: 4225 return False; 4226 default: 4227 vassert(0); 4228 } 4229 } 4230 if (Q) { 4231 cond = newTemp(Ity_V128); 4232 } else { 4233 cond = newTemp(Ity_I64); 4234 } 4235 assign(cond, binop(op_cmp, mkexpr(arg_n), mkexpr(arg_m))); 4236 assign(res, binop(Q ? Iop_OrV128 : Iop_Or64, 4237 binop(Q ? Iop_AndV128 : Iop_And64, 4238 binop(op_sub, mkexpr(arg_n), 4239 mkexpr(arg_m)), 4240 mkexpr(cond)), 4241 binop(Q ? Iop_AndV128 : Iop_And64, 4242 binop(op_sub, mkexpr(arg_m), 4243 mkexpr(arg_n)), 4244 unop(Q ? Iop_NotV128 : Iop_Not64, 4245 mkexpr(cond))))); 4246 DIP("vabd.%c%u %c%u, %c%u, %c%u\n", 4247 U ? 'u' : 's', 8 << size, 4248 Q ? 'q' : 'd', dreg, Q ? 'q' : 'd', nreg, Q ? 'q' : 'd', 4249 mreg); 4250 } else { 4251 /* VABA */ 4252 IROp op_cmp, op_sub, op_add; 4253 IRTemp cond, acc, tmp; 4254 if ((theInstr >> 23) & 1) { 4255 vpanic("VABAL should not be in dis_neon_data_3same"); 4256 } 4257 if (Q) { 4258 switch (size) { 4259 case 0: 4260 op_cmp = U ? Iop_CmpGT8Ux16 : Iop_CmpGT8Sx16; 4261 op_sub = Iop_Sub8x16; 4262 op_add = Iop_Add8x16; 4263 break; 4264 case 1: 4265 op_cmp = U ? Iop_CmpGT16Ux8 : Iop_CmpGT16Sx8; 4266 op_sub = Iop_Sub16x8; 4267 op_add = Iop_Add16x8; 4268 break; 4269 case 2: 4270 op_cmp = U ? Iop_CmpGT32Ux4 : Iop_CmpGT32Sx4; 4271 op_sub = Iop_Sub32x4; 4272 op_add = Iop_Add32x4; 4273 break; 4274 case 3: 4275 return False; 4276 default: 4277 vassert(0); 4278 } 4279 } else { 4280 switch (size) { 4281 case 0: 4282 op_cmp = U ? Iop_CmpGT8Ux8 : Iop_CmpGT8Sx8; 4283 op_sub = Iop_Sub8x8; 4284 op_add = Iop_Add8x8; 4285 break; 4286 case 1: 4287 op_cmp = U ? Iop_CmpGT16Ux4 : Iop_CmpGT16Sx4; 4288 op_sub = Iop_Sub16x4; 4289 op_add = Iop_Add16x4; 4290 break; 4291 case 2: 4292 op_cmp = U ? Iop_CmpGT32Ux2 : Iop_CmpGT32Sx2; 4293 op_sub = Iop_Sub32x2; 4294 op_add = Iop_Add32x2; 4295 break; 4296 case 3: 4297 return False; 4298 default: 4299 vassert(0); 4300 } 4301 } 4302 if (Q) { 4303 cond = newTemp(Ity_V128); 4304 acc = newTemp(Ity_V128); 4305 tmp = newTemp(Ity_V128); 4306 assign(acc, getQReg(dreg)); 4307 } else { 4308 cond = newTemp(Ity_I64); 4309 acc = newTemp(Ity_I64); 4310 tmp = newTemp(Ity_I64); 4311 assign(acc, getDRegI64(dreg)); 4312 } 4313 assign(cond, binop(op_cmp, mkexpr(arg_n), mkexpr(arg_m))); 4314 assign(tmp, binop(Q ? Iop_OrV128 : Iop_Or64, 4315 binop(Q ? Iop_AndV128 : Iop_And64, 4316 binop(op_sub, mkexpr(arg_n), 4317 mkexpr(arg_m)), 4318 mkexpr(cond)), 4319 binop(Q ? Iop_AndV128 : Iop_And64, 4320 binop(op_sub, mkexpr(arg_m), 4321 mkexpr(arg_n)), 4322 unop(Q ? Iop_NotV128 : Iop_Not64, 4323 mkexpr(cond))))); 4324 assign(res, binop(op_add, mkexpr(acc), mkexpr(tmp))); 4325 DIP("vaba.%c%u %c%u, %c%u, %c%u\n", 4326 U ? 'u' : 's', 8 << size, 4327 Q ? 'q' : 'd', dreg, Q ? 'q' : 'd', nreg, Q ? 'q' : 'd', 4328 mreg); 4329 } 4330 break; 4331 case 8: 4332 if (B == 0) { 4333 IROp op; 4334 if (U == 0) { 4335 /* VADD */ 4336 switch (size) { 4337 case 0: op = Q ? Iop_Add8x16 : Iop_Add8x8; break; 4338 case 1: op = Q ? Iop_Add16x8 : Iop_Add16x4; break; 4339 case 2: op = Q ? Iop_Add32x4 : Iop_Add32x2; break; 4340 case 3: op = Q ? Iop_Add64x2 : Iop_Add64; break; 4341 default: vassert(0); 4342 } 4343 DIP("vadd.i%u %c%u, %c%u, %c%u\n", 4344 8 << size, Q ? 'q' : 'd', 4345 dreg, Q ? 'q' : 'd', nreg, Q ? 'q' : 'd', mreg); 4346 } else { 4347 /* VSUB */ 4348 switch (size) { 4349 case 0: op = Q ? Iop_Sub8x16 : Iop_Sub8x8; break; 4350 case 1: op = Q ? Iop_Sub16x8 : Iop_Sub16x4; break; 4351 case 2: op = Q ? Iop_Sub32x4 : Iop_Sub32x2; break; 4352 case 3: op = Q ? Iop_Sub64x2 : Iop_Sub64; break; 4353 default: vassert(0); 4354 } 4355 DIP("vsub.i%u %c%u, %c%u, %c%u\n", 4356 8 << size, Q ? 'q' : 'd', 4357 dreg, Q ? 'q' : 'd', nreg, Q ? 'q' : 'd', mreg); 4358 } 4359 assign(res, binop(op, mkexpr(arg_n), mkexpr(arg_m))); 4360 } else { 4361 IROp op; 4362 switch (size) { 4363 case 0: op = Q ? Iop_CmpNEZ8x16 : Iop_CmpNEZ8x8; break; 4364 case 1: op = Q ? Iop_CmpNEZ16x8 : Iop_CmpNEZ16x4; break; 4365 case 2: op = Q ? Iop_CmpNEZ32x4 : Iop_CmpNEZ32x2; break; 4366 case 3: op = Q ? Iop_CmpNEZ64x2 : Iop_CmpwNEZ64; break; 4367 default: vassert(0); 4368 } 4369 if (U == 0) { 4370 /* VTST */ 4371 assign(res, unop(op, binop(Q ? Iop_AndV128 : Iop_And64, 4372 mkexpr(arg_n), 4373 mkexpr(arg_m)))); 4374 DIP("vtst.%u %c%u, %c%u, %c%u\n", 4375 8 << size, Q ? 'q' : 'd', 4376 dreg, Q ? 'q' : 'd', nreg, Q ? 'q' : 'd', mreg); 4377 } else { 4378 /* VCEQ */ 4379 assign(res, unop(Q ? Iop_NotV128 : Iop_Not64, 4380 unop(op, 4381 binop(Q ? Iop_XorV128 : Iop_Xor64, 4382 mkexpr(arg_n), 4383 mkexpr(arg_m))))); 4384 DIP("vceq.i%u %c%u, %c%u, %c%u\n", 4385 8 << size, Q ? 'q' : 'd', 4386 dreg, Q ? 'q' : 'd', nreg, Q ? 'q' : 'd', mreg); 4387 } 4388 } 4389 break; 4390 case 9: 4391 if (B == 0) { 4392 /* VMLA, VMLS (integer) */ 4393 IROp op, op2; 4394 UInt P = (theInstr >> 24) & 1; 4395 if (P) { 4396 switch (size) { 4397 case 0: 4398 op = Q ? Iop_Mul8x16 : Iop_Mul8x8; 4399 op2 = Q ? Iop_Sub8x16 : Iop_Sub8x8; 4400 break; 4401 case 1: 4402 op = Q ? Iop_Mul16x8 : Iop_Mul16x4; 4403 op2 = Q ? Iop_Sub16x8 : Iop_Sub16x4; 4404 break; 4405 case 2: 4406 op = Q ? Iop_Mul32x4 : Iop_Mul32x2; 4407 op2 = Q ? Iop_Sub32x4 : Iop_Sub32x2; 4408 break; 4409 case 3: 4410 return False; 4411 default: 4412 vassert(0); 4413 } 4414 } else { 4415 switch (size) { 4416 case 0: 4417 op = Q ? Iop_Mul8x16 : Iop_Mul8x8; 4418 op2 = Q ? Iop_Add8x16 : Iop_Add8x8; 4419 break; 4420 case 1: 4421 op = Q ? Iop_Mul16x8 : Iop_Mul16x4; 4422 op2 = Q ? Iop_Add16x8 : Iop_Add16x4; 4423 break; 4424 case 2: 4425 op = Q ? Iop_Mul32x4 : Iop_Mul32x2; 4426 op2 = Q ? Iop_Add32x4 : Iop_Add32x2; 4427 break; 4428 case 3: 4429 return False; 4430 default: 4431 vassert(0); 4432 } 4433 } 4434 assign(res, binop(op2, 4435 Q ? getQReg(dreg) : getDRegI64(dreg), 4436 binop(op, mkexpr(arg_n), mkexpr(arg_m)))); 4437 DIP("vml%c.i%u %c%u, %c%u, %c%u\n", 4438 P ? 's' : 'a', 8 << size, 4439 Q ? 'q' : 'd', dreg, Q ? 'q' : 'd', nreg, Q ? 'q' : 'd', 4440 mreg); 4441 } else { 4442 /* VMUL */ 4443 IROp op; 4444 UInt P = (theInstr >> 24) & 1; 4445 if (P) { 4446 switch (size) { 4447 case 0: 4448 op = Q ? Iop_PolynomialMul8x16 : Iop_PolynomialMul8x8; 4449 break; 4450 case 1: case 2: case 3: return False; 4451 default: vassert(0); 4452 } 4453 } else { 4454 switch (size) { 4455 case 0: op = Q ? Iop_Mul8x16 : Iop_Mul8x8; break; 4456 case 1: op = Q ? Iop_Mul16x8 : Iop_Mul16x4; break; 4457 case 2: op = Q ? Iop_Mul32x4 : Iop_Mul32x2; break; 4458 case 3: return False; 4459 default: vassert(0); 4460 } 4461 } 4462 assign(res, binop(op, mkexpr(arg_n), mkexpr(arg_m))); 4463 DIP("vmul.%c%u %c%u, %c%u, %c%u\n", 4464 P ? 'p' : 'i', 8 << size, 4465 Q ? 'q' : 'd', dreg, Q ? 'q' : 'd', nreg, Q ? 'q' : 'd', 4466 mreg); 4467 } 4468 break; 4469 case 10: { 4470 /* VPMAX, VPMIN */ 4471 UInt P = (theInstr >> 4) & 1; 4472 IROp op; 4473 if (Q) 4474 return False; 4475 if (P) { 4476 switch (size) { 4477 case 0: op = U ? Iop_PwMin8Ux8 : Iop_PwMin8Sx8; break; 4478 case 1: op = U ? Iop_PwMin16Ux4 : Iop_PwMin16Sx4; break; 4479 case 2: op = U ? Iop_PwMin32Ux2 : Iop_PwMin32Sx2; break; 4480 case 3: return False; 4481 default: vassert(0); 4482 } 4483 } else { 4484 switch (size) { 4485 case 0: op = U ? Iop_PwMax8Ux8 : Iop_PwMax8Sx8; break; 4486 case 1: op = U ? Iop_PwMax16Ux4 : Iop_PwMax16Sx4; break; 4487 case 2: op = U ? Iop_PwMax32Ux2 : Iop_PwMax32Sx2; break; 4488 case 3: return False; 4489 default: vassert(0); 4490 } 4491 } 4492 assign(res, binop(op, mkexpr(arg_n), mkexpr(arg_m))); 4493 DIP("vp%s.%c%u %c%u, %c%u, %c%u\n", 4494 P ? "min" : "max", U ? 'u' : 's', 4495 8 << size, Q ? 'q' : 'd', dreg, Q ? 'q' : 'd', nreg, 4496 Q ? 'q' : 'd', mreg); 4497 break; 4498 } 4499 case 11: 4500 if (B == 0) { 4501 if (U == 0) { 4502 /* VQDMULH */ 4503 IROp op ,op2; 4504 ULong imm; 4505 switch (size) { 4506 case 0: case 3: 4507 return False; 4508 case 1: 4509 op = Q ? Iop_QDMulHi16Sx8 : Iop_QDMulHi16Sx4; 4510 op2 = Q ? Iop_CmpEQ16x8 : Iop_CmpEQ16x4; 4511 imm = 1LL << 15; 4512 imm = (imm << 16) | imm; 4513 imm = (imm << 32) | imm; 4514 break; 4515 case 2: 4516 op = Q ? Iop_QDMulHi32Sx4 : Iop_QDMulHi32Sx2; 4517 op2 = Q ? Iop_CmpEQ32x4 : Iop_CmpEQ32x2; 4518 imm = 1LL << 31; 4519 imm = (imm << 32) | imm; 4520 break; 4521 default: 4522 vassert(0); 4523 } 4524 assign(res, binop(op, mkexpr(arg_n), mkexpr(arg_m))); 4525 #ifndef DISABLE_QC_FLAG 4526 setFlag_QC(binop(Q ? Iop_AndV128 : Iop_And64, 4527 binop(op2, mkexpr(arg_n), 4528 Q ? mkU128(imm) : mkU64(imm)), 4529 binop(op2, mkexpr(arg_m), 4530 Q ? mkU128(imm) : mkU64(imm))), 4531 Q ? mkU128(0) : mkU64(0), 4532 Q, condT); 4533 #endif 4534 DIP("vqdmulh.s%u %c%u, %c%u, %c%u\n", 4535 8 << size, Q ? 'q' : 'd', 4536 dreg, Q ? 'q' : 'd', nreg, Q ? 'q' : 'd', mreg); 4537 } else { 4538 /* VQRDMULH */ 4539 IROp op ,op2; 4540 ULong imm; 4541 switch(size) { 4542 case 0: case 3: 4543 return False; 4544 case 1: 4545 imm = 1LL << 15; 4546 imm = (imm << 16) | imm; 4547 imm = (imm << 32) | imm; 4548 op = Q ? Iop_QRDMulHi16Sx8 : Iop_QRDMulHi16Sx4; 4549 op2 = Q ? Iop_CmpEQ16x8 : Iop_CmpEQ16x4; 4550 break; 4551 case 2: 4552 imm = 1LL << 31; 4553 imm = (imm << 32) | imm; 4554 op = Q ? Iop_QRDMulHi32Sx4 : Iop_QRDMulHi32Sx2; 4555 op2 = Q ? Iop_CmpEQ32x4 : Iop_CmpEQ32x2; 4556 break; 4557 default: 4558 vassert(0); 4559 } 4560 assign(res, binop(op, mkexpr(arg_n), mkexpr(arg_m))); 4561 #ifndef DISABLE_QC_FLAG 4562 setFlag_QC(binop(Q ? Iop_AndV128 : Iop_And64, 4563 binop(op2, mkexpr(arg_n), 4564 Q ? mkU128(imm) : mkU64(imm)), 4565 binop(op2, mkexpr(arg_m), 4566 Q ? mkU128(imm) : mkU64(imm))), 4567 Q ? mkU128(0) : mkU64(0), 4568 Q, condT); 4569 #endif 4570 DIP("vqrdmulh.s%u %c%u, %c%u, %c%u\n", 4571 8 << size, Q ? 'q' : 'd', 4572 dreg, Q ? 'q' : 'd', nreg, Q ? 'q' : 'd', mreg); 4573 } 4574 } else { 4575 if (U == 0) { 4576 /* VPADD */ 4577 IROp op; 4578 if (Q) 4579 return False; 4580 switch (size) { 4581 case 0: op = Q ? Iop_PwAdd8x16 : Iop_PwAdd8x8; break; 4582 case 1: op = Q ? Iop_PwAdd16x8 : Iop_PwAdd16x4; break; 4583 case 2: op = Q ? Iop_PwAdd32x4 : Iop_PwAdd32x2; break; 4584 case 3: return False; 4585 default: vassert(0); 4586 } 4587 assign(res, binop(op, mkexpr(arg_n), mkexpr(arg_m))); 4588 DIP("vpadd.i%d %c%u, %c%u, %c%u\n", 4589 8 << size, Q ? 'q' : 'd', 4590 dreg, Q ? 'q' : 'd', nreg, Q ? 'q' : 'd', mreg); 4591 } 4592 } 4593 break; 4594 /* Starting from here these are FP SIMD cases */ 4595 case 13: 4596 if (B == 0) { 4597 IROp op; 4598 if (U == 0) { 4599 if ((C >> 1) == 0) { 4600 /* VADD */ 4601 op = Q ? Iop_Add32Fx4 : Iop_Add32Fx2 ; 4602 DIP("vadd.f32 %c%u, %c%u, %c%u\n", 4603 Q ? 'q' : 'd', dreg, 4604 Q ? 'q' : 'd', nreg, Q ? 'q' : 'd', mreg); 4605 } else { 4606 /* VSUB */ 4607 op = Q ? Iop_Sub32Fx4 : Iop_Sub32Fx2 ; 4608 DIP("vsub.f32 %c%u, %c%u, %c%u\n", 4609 Q ? 'q' : 'd', dreg, 4610 Q ? 'q' : 'd', nreg, Q ? 'q' : 'd', mreg); 4611 } 4612 } else { 4613 if ((C >> 1) == 0) { 4614 /* VPADD */ 4615 if (Q) 4616 return False; 4617 op = Iop_PwAdd32Fx2; 4618 DIP("vpadd.f32 d%u, d%u, d%u\n", dreg, nreg, mreg); 4619 } else { 4620 /* VABD */ 4621 if (Q) { 4622 assign(res, unop(Iop_Abs32Fx4, 4623 binop(Iop_Sub32Fx4, 4624 mkexpr(arg_n), 4625 mkexpr(arg_m)))); 4626 } else { 4627 assign(res, unop(Iop_Abs32Fx2, 4628 binop(Iop_Sub32Fx2, 4629 mkexpr(arg_n), 4630 mkexpr(arg_m)))); 4631 } 4632 DIP("vabd.f32 %c%u, %c%u, %c%u\n", 4633 Q ? 'q' : 'd', dreg, 4634 Q ? 'q' : 'd', nreg, Q ? 'q' : 'd', mreg); 4635 break; 4636 } 4637 } 4638 assign(res, binop(op, mkexpr(arg_n), mkexpr(arg_m))); 4639 } else { 4640 if (U == 0) { 4641 /* VMLA, VMLS */ 4642 IROp op, op2; 4643 UInt P = (theInstr >> 21) & 1; 4644 if (P) { 4645 switch (size & 1) { 4646 case 0: 4647 op = Q ? Iop_Mul32Fx4 : Iop_Mul32Fx2; 4648 op2 = Q ? Iop_Sub32Fx4 : Iop_Sub32Fx2; 4649 break; 4650 case 1: return False; 4651 default: vassert(0); 4652 } 4653 } else { 4654 switch (size & 1) { 4655 case 0: 4656 op = Q ? Iop_Mul32Fx4 : Iop_Mul32Fx2; 4657 op2 = Q ? Iop_Add32Fx4 : Iop_Add32Fx2; 4658 break; 4659 case 1: return False; 4660 default: vassert(0); 4661 } 4662 } 4663 assign(res, binop(op2, 4664 Q ? getQReg(dreg) : getDRegI64(dreg), 4665 binop(op, mkexpr(arg_n), mkexpr(arg_m)))); 4666 4667 DIP("vml%c.f32 %c%u, %c%u, %c%u\n", 4668 P ? 's' : 'a', Q ? 'q' : 'd', 4669 dreg, Q ? 'q' : 'd', nreg, Q ? 'q' : 'd', mreg); 4670 } else { 4671 /* VMUL */ 4672 IROp op; 4673 if ((C >> 1) != 0) 4674 return False; 4675 op = Q ? Iop_Mul32Fx4 : Iop_Mul32Fx2 ; 4676 assign(res, binop(op, mkexpr(arg_n), mkexpr(arg_m))); 4677 DIP("vmul.f32 %c%u, %c%u, %c%u\n", 4678 Q ? 'q' : 'd', dreg, 4679 Q ? 'q' : 'd', nreg, Q ? 'q' : 'd', mreg); 4680 } 4681 } 4682 break; 4683 case 14: 4684 if (B == 0) { 4685 if (U == 0) { 4686 if ((C >> 1) == 0) { 4687 /* VCEQ */ 4688 IROp op; 4689 if ((theInstr >> 20) & 1) 4690 return False; 4691 op = Q ? Iop_CmpEQ32Fx4 : Iop_CmpEQ32Fx2; 4692 assign(res, binop(op, mkexpr(arg_n), mkexpr(arg_m))); 4693 DIP("vceq.f32 %c%u, %c%u, %c%u\n", 4694 Q ? 'q' : 'd', dreg, 4695 Q ? 'q' : 'd', nreg, Q ? 'q' : 'd', mreg); 4696 } else { 4697 return False; 4698 } 4699 } else { 4700 if ((C >> 1) == 0) { 4701 /* VCGE */ 4702 IROp op; 4703 if ((theInstr >> 20) & 1) 4704 return False; 4705 op = Q ? Iop_CmpGE32Fx4 : Iop_CmpGE32Fx2; 4706 assign(res, binop(op, mkexpr(arg_n), mkexpr(arg_m))); 4707 DIP("vcge.f32 %c%u, %c%u, %c%u\n", 4708 Q ? 'q' : 'd', dreg, 4709 Q ? 'q' : 'd', nreg, Q ? 'q' : 'd', mreg); 4710 } else { 4711 /* VCGT */ 4712 IROp op; 4713 if ((theInstr >> 20) & 1) 4714 return False; 4715 op = Q ? Iop_CmpGT32Fx4 : Iop_CmpGT32Fx2; 4716 assign(res, binop(op, mkexpr(arg_n), mkexpr(arg_m))); 4717 DIP("vcgt.f32 %c%u, %c%u, %c%u\n", 4718 Q ? 'q' : 'd', dreg, 4719 Q ? 'q' : 'd', nreg, Q ? 'q' : 'd', mreg); 4720 } 4721 } 4722 } else { 4723 if (U == 1) { 4724 /* VACGE, VACGT */ 4725 UInt op_bit = (theInstr >> 21) & 1; 4726 IROp op, op2; 4727 op2 = Q ? Iop_Abs32Fx4 : Iop_Abs32Fx2; 4728 if (op_bit) { 4729 op = Q ? Iop_CmpGT32Fx4 : Iop_CmpGT32Fx2; 4730 assign(res, binop(op, 4731 unop(op2, mkexpr(arg_n)), 4732 unop(op2, mkexpr(arg_m)))); 4733 } else { 4734 op = Q ? Iop_CmpGE32Fx4 : Iop_CmpGE32Fx2; 4735 assign(res, binop(op, 4736 unop(op2, mkexpr(arg_n)), 4737 unop(op2, mkexpr(arg_m)))); 4738 } 4739 DIP("vacg%c.f32 %c%u, %c%u, %c%u\n", op_bit ? 't' : 'e', 4740 Q ? 'q' : 'd', dreg, Q ? 'q' : 'd', nreg, 4741 Q ? 'q' : 'd', mreg); 4742 } 4743 } 4744 break; 4745 case 15: 4746 if (B == 0) { 4747 if (U == 0) { 4748 /* VMAX, VMIN */ 4749 IROp op; 4750 if ((theInstr >> 20) & 1) 4751 return False; 4752 if ((theInstr >> 21) & 1) { 4753 op = Q ? Iop_Min32Fx4 : Iop_Min32Fx2; 4754 DIP("vmin.f32 %c%u, %c%u, %c%u\n", Q ? 'q' : 'd', dreg, 4755 Q ? 'q' : 'd', nreg, Q ? 'q' : 'd', mreg); 4756 } else { 4757 op = Q ? Iop_Max32Fx4 : Iop_Max32Fx2; 4758 DIP("vmax.f32 %c%u, %c%u, %c%u\n", Q ? 'q' : 'd', dreg, 4759 Q ? 'q' : 'd', nreg, Q ? 'q' : 'd', mreg); 4760 } 4761 assign(res, binop(op, mkexpr(arg_n), mkexpr(arg_m))); 4762 } else { 4763 /* VPMAX, VPMIN */ 4764 IROp op; 4765 if (Q) 4766 return False; 4767 if ((theInstr >> 20) & 1) 4768 return False; 4769 if ((theInstr >> 21) & 1) { 4770 op = Iop_PwMin32Fx2; 4771 DIP("vpmin.f32 d%u, d%u, d%u\n", dreg, nreg, mreg); 4772 } else { 4773 op = Iop_PwMax32Fx2; 4774 DIP("vpmax.f32 d%u, d%u, d%u\n", dreg, nreg, mreg); 4775 } 4776 assign(res, binop(op, mkexpr(arg_n), mkexpr(arg_m))); 4777 } 4778 } else { 4779 if (U == 0) { 4780 if ((C >> 1) == 0) { 4781 /* VRECPS */ 4782 if ((theInstr >> 20) & 1) 4783 return False; 4784 assign(res, binop(Q ? Iop_Recps32Fx4 : Iop_Recps32Fx2, 4785 mkexpr(arg_n), 4786 mkexpr(arg_m))); 4787 DIP("vrecps.f32 %c%u, %c%u, %c%u\n", Q ? 'q' : 'd', dreg, 4788 Q ? 'q' : 'd', nreg, Q ? 'q' : 'd', mreg); 4789 } else { 4790 /* VRSQRTS */ 4791 if ((theInstr >> 20) & 1) 4792 return False; 4793 assign(res, binop(Q ? Iop_Rsqrts32Fx4 : Iop_Rsqrts32Fx2, 4794 mkexpr(arg_n), 4795 mkexpr(arg_m))); 4796 DIP("vrsqrts.f32 %c%u, %c%u, %c%u\n", Q ? 'q' : 'd', dreg, 4797 Q ? 'q' : 'd', nreg, Q ? 'q' : 'd', mreg); 4798 } 4799 } 4800 } 4801 break; 4802 } 4803 4804 if (Q) { 4805 putQReg(dreg, mkexpr(res), condT); 4806 } else { 4807 putDRegI64(dreg, mkexpr(res), condT); 4808 } 4809 4810 return True; 4811 } 4812 4813 /* A7.4.2 Three registers of different length */ 4814 static 4815 Bool dis_neon_data_3diff ( UInt theInstr, IRTemp condT ) 4816 { 4817 UInt A = (theInstr >> 8) & 0xf; 4818 UInt B = (theInstr >> 20) & 3; 4819 UInt U = (theInstr >> 24) & 1; 4820 UInt P = (theInstr >> 9) & 1; 4821 UInt mreg = get_neon_m_regno(theInstr); 4822 UInt nreg = get_neon_n_regno(theInstr); 4823 UInt dreg = get_neon_d_regno(theInstr); 4824 UInt size = B; 4825 ULong imm; 4826 IRTemp res, arg_m, arg_n, cond, tmp; 4827 IROp cvt, cvt2, cmp, op, op2, sh, add; 4828 switch (A) { 4829 case 0: case 1: case 2: case 3: 4830 /* VADDL, VADDW, VSUBL, VSUBW */ 4831 if (dreg & 1) 4832 return False; 4833 dreg >>= 1; 4834 size = B; 4835 switch (size) { 4836 case 0: 4837 cvt = U ? Iop_Widen8Uto16x8 : Iop_Widen8Sto16x8; 4838 op = (A & 2) ? Iop_Sub16x8 : Iop_Add16x8; 4839 break; 4840 case 1: 4841 cvt = U ? Iop_Widen16Uto32x4 : Iop_Widen16Sto32x4; 4842 op = (A & 2) ? Iop_Sub32x4 : Iop_Add32x4; 4843 break; 4844 case 2: 4845 cvt = U ? Iop_Widen32Uto64x2 : Iop_Widen32Sto64x2; 4846 op = (A & 2) ? Iop_Sub64x2 : Iop_Add64x2; 4847 break; 4848 case 3: 4849 return False; 4850 default: 4851 vassert(0); 4852 } 4853 arg_n = newTemp(Ity_V128); 4854 arg_m = newTemp(Ity_V128); 4855 if (A & 1) { 4856 if (nreg & 1) 4857 return False; 4858 nreg >>= 1; 4859 assign(arg_n, getQReg(nreg)); 4860 } else { 4861 assign(arg_n, unop(cvt, getDRegI64(nreg))); 4862 } 4863 assign(arg_m, unop(cvt, getDRegI64(mreg))); 4864 putQReg(dreg, binop(op, mkexpr(arg_n), mkexpr(arg_m)), 4865 condT); 4866 DIP("v%s%c.%c%u q%u, %c%u, d%u\n", (A & 2) ? "sub" : "add", 4867 (A & 1) ? 'w' : 'l', U ? 'u' : 's', 8 << size, dreg, 4868 (A & 1) ? 'q' : 'd', nreg, mreg); 4869 return True; 4870 case 4: 4871 /* VADDHN, VRADDHN */ 4872 if (mreg & 1) 4873 return False; 4874 mreg >>= 1; 4875 if (nreg & 1) 4876 return False; 4877 nreg >>= 1; 4878 size = B; 4879 switch (size) { 4880 case 0: 4881 op = Iop_Add16x8; 4882 cvt = Iop_NarrowUn16to8x8; 4883 sh = Iop_ShrN16x8; 4884 imm = 1U << 7; 4885 imm = (imm << 16) | imm; 4886 imm = (imm << 32) | imm; 4887 break; 4888 case 1: 4889 op = Iop_Add32x4; 4890 cvt = Iop_NarrowUn32to16x4; 4891 sh = Iop_ShrN32x4; 4892 imm = 1U << 15; 4893 imm = (imm << 32) | imm; 4894 break; 4895 case 2: 4896 op = Iop_Add64x2; 4897 cvt = Iop_NarrowUn64to32x2; 4898 sh = Iop_ShrN64x2; 4899 imm = 1U << 31; 4900 break; 4901 case 3: 4902 return False; 4903 default: 4904 vassert(0); 4905 } 4906 tmp = newTemp(Ity_V128); 4907 res = newTemp(Ity_V128); 4908 assign(tmp, binop(op, getQReg(nreg), getQReg(mreg))); 4909 if (U) { 4910 /* VRADDHN */ 4911 assign(res, binop(op, mkexpr(tmp), 4912 binop(Iop_64HLtoV128, mkU64(imm), mkU64(imm)))); 4913 } else { 4914 assign(res, mkexpr(tmp)); 4915 } 4916 putDRegI64(dreg, unop(cvt, binop(sh, mkexpr(res), mkU8(8 << size))), 4917 condT); 4918 DIP("v%saddhn.i%u d%u, q%u, q%u\n", U ? "r" : "", 16 << size, dreg, 4919 nreg, mreg); 4920 return True; 4921 case 5: 4922 /* VABAL */ 4923 if (!((theInstr >> 23) & 1)) { 4924 vpanic("VABA should not be in dis_neon_data_3diff\n"); 4925 } 4926 if (dreg & 1) 4927 return False; 4928 dreg >>= 1; 4929 switch (size) { 4930 case 0: 4931 cmp = U ? Iop_CmpGT8Ux8 : Iop_CmpGT8Sx8; 4932 cvt = U ? Iop_Widen8Uto16x8 : Iop_Widen8Sto16x8; 4933 cvt2 = Iop_Widen8Sto16x8; 4934 op = Iop_Sub16x8; 4935 op2 = Iop_Add16x8; 4936 break; 4937 case 1: 4938 cmp = U ? Iop_CmpGT16Ux4 : Iop_CmpGT16Sx4; 4939 cvt = U ? Iop_Widen16Uto32x4 : Iop_Widen16Sto32x4; 4940 cvt2 = Iop_Widen16Sto32x4; 4941 op = Iop_Sub32x4; 4942 op2 = Iop_Add32x4; 4943 break; 4944 case 2: 4945 cmp = U ? Iop_CmpGT32Ux2 : Iop_CmpGT32Sx2; 4946 cvt = U ? Iop_Widen32Uto64x2 : Iop_Widen32Sto64x2; 4947 cvt2 = Iop_Widen32Sto64x2; 4948 op = Iop_Sub64x2; 4949 op2 = Iop_Add64x2; 4950 break; 4951 case 3: 4952 return False; 4953 default: 4954 vassert(0); 4955 } 4956 arg_n = newTemp(Ity_V128); 4957 arg_m = newTemp(Ity_V128); 4958 cond = newTemp(Ity_V128); 4959 res = newTemp(Ity_V128); 4960 assign(arg_n, unop(cvt, getDRegI64(nreg))); 4961 assign(arg_m, unop(cvt, getDRegI64(mreg))); 4962 assign(cond, unop(cvt2, binop(cmp, getDRegI64(nreg), 4963 getDRegI64(mreg)))); 4964 assign(res, binop(op2, 4965 binop(Iop_OrV128, 4966 binop(Iop_AndV128, 4967 binop(op, mkexpr(arg_n), mkexpr(arg_m)), 4968 mkexpr(cond)), 4969 binop(Iop_AndV128, 4970 binop(op, mkexpr(arg_m), mkexpr(arg_n)), 4971 unop(Iop_NotV128, mkexpr(cond)))), 4972 getQReg(dreg))); 4973 putQReg(dreg, mkexpr(res), condT); 4974 DIP("vabal.%c%u q%u, d%u, d%u\n", U ? 'u' : 's', 8 << size, dreg, 4975 nreg, mreg); 4976 return True; 4977 case 6: 4978 /* VSUBHN, VRSUBHN */ 4979 if (mreg & 1) 4980 return False; 4981 mreg >>= 1; 4982 if (nreg & 1) 4983 return False; 4984 nreg >>= 1; 4985 size = B; 4986 switch (size) { 4987 case 0: 4988 op = Iop_Sub16x8; 4989 op2 = Iop_Add16x8; 4990 cvt = Iop_NarrowUn16to8x8; 4991 sh = Iop_ShrN16x8; 4992 imm = 1U << 7; 4993 imm = (imm << 16) | imm; 4994 imm = (imm << 32) | imm; 4995 break; 4996 case 1: 4997 op = Iop_Sub32x4; 4998 op2 = Iop_Add32x4; 4999 cvt = Iop_NarrowUn32to16x4; 5000 sh = Iop_ShrN32x4; 5001 imm = 1U << 15; 5002 imm = (imm << 32) | imm; 5003 break; 5004 case 2: 5005 op = Iop_Sub64x2; 5006 op2 = Iop_Add64x2; 5007 cvt = Iop_NarrowUn64to32x2; 5008 sh = Iop_ShrN64x2; 5009 imm = 1U << 31; 5010 break; 5011 case 3: 5012 return False; 5013 default: 5014 vassert(0); 5015 } 5016 tmp = newTemp(Ity_V128); 5017 res = newTemp(Ity_V128); 5018 assign(tmp, binop(op, getQReg(nreg), getQReg(mreg))); 5019 if (U) { 5020 /* VRSUBHN */ 5021 assign(res, binop(op2, mkexpr(tmp), 5022 binop(Iop_64HLtoV128, mkU64(imm), mkU64(imm)))); 5023 } else { 5024 assign(res, mkexpr(tmp)); 5025 } 5026 putDRegI64(dreg, unop(cvt, binop(sh, mkexpr(res), mkU8(8 << size))), 5027 condT); 5028 DIP("v%ssubhn.i%u d%u, q%u, q%u\n", U ? "r" : "", 16 << size, dreg, 5029 nreg, mreg); 5030 return True; 5031 case 7: 5032 /* VABDL */ 5033 if (!((theInstr >> 23) & 1)) { 5034 vpanic("VABL should not be in dis_neon_data_3diff\n"); 5035 } 5036 if (dreg & 1) 5037 return False; 5038 dreg >>= 1; 5039 switch (size) { 5040 case 0: 5041 cmp = U ? Iop_CmpGT8Ux8 : Iop_CmpGT8Sx8; 5042 cvt = U ? Iop_Widen8Uto16x8 : Iop_Widen8Sto16x8; 5043 cvt2 = Iop_Widen8Sto16x8; 5044 op = Iop_Sub16x8; 5045 break; 5046 case 1: 5047 cmp = U ? Iop_CmpGT16Ux4 : Iop_CmpGT16Sx4; 5048 cvt = U ? Iop_Widen16Uto32x4 : Iop_Widen16Sto32x4; 5049 cvt2 = Iop_Widen16Sto32x4; 5050 op = Iop_Sub32x4; 5051 break; 5052 case 2: 5053 cmp = U ? Iop_CmpGT32Ux2 : Iop_CmpGT32Sx2; 5054 cvt = U ? Iop_Widen32Uto64x2 : Iop_Widen32Sto64x2; 5055 cvt2 = Iop_Widen32Sto64x2; 5056 op = Iop_Sub64x2; 5057 break; 5058 case 3: 5059 return False; 5060 default: 5061 vassert(0); 5062 } 5063 arg_n = newTemp(Ity_V128); 5064 arg_m = newTemp(Ity_V128); 5065 cond = newTemp(Ity_V128); 5066 res = newTemp(Ity_V128); 5067 assign(arg_n, unop(cvt, getDRegI64(nreg))); 5068 assign(arg_m, unop(cvt, getDRegI64(mreg))); 5069 assign(cond, unop(cvt2, binop(cmp, getDRegI64(nreg), 5070 getDRegI64(mreg)))); 5071 assign(res, binop(Iop_OrV128, 5072 binop(Iop_AndV128, 5073 binop(op, mkexpr(arg_n), mkexpr(arg_m)), 5074 mkexpr(cond)), 5075 binop(Iop_AndV128, 5076 binop(op, mkexpr(arg_m), mkexpr(arg_n)), 5077 unop(Iop_NotV128, mkexpr(cond))))); 5078 putQReg(dreg, mkexpr(res), condT); 5079 DIP("vabdl.%c%u q%u, d%u, d%u\n", U ? 'u' : 's', 8 << size, dreg, 5080 nreg, mreg); 5081 return True; 5082 case 8: 5083 case 10: 5084 /* VMLAL, VMLSL (integer) */ 5085 if (dreg & 1) 5086 return False; 5087 dreg >>= 1; 5088 size = B; 5089 switch (size) { 5090 case 0: 5091 op = U ? Iop_Mull8Ux8 : Iop_Mull8Sx8; 5092 op2 = P ? Iop_Sub16x8 : Iop_Add16x8; 5093 break; 5094 case 1: 5095 op = U ? Iop_Mull16Ux4 : Iop_Mull16Sx4; 5096 op2 = P ? Iop_Sub32x4 : Iop_Add32x4; 5097 break; 5098 case 2: 5099 op = U ? Iop_Mull32Ux2 : Iop_Mull32Sx2; 5100 op2 = P ? Iop_Sub64x2 : Iop_Add64x2; 5101 break; 5102 case 3: 5103 return False; 5104 default: 5105 vassert(0); 5106 } 5107 res = newTemp(Ity_V128); 5108 assign(res, binop(op, getDRegI64(nreg),getDRegI64(mreg))); 5109 putQReg(dreg, binop(op2, getQReg(dreg), mkexpr(res)), condT); 5110 DIP("vml%cl.%c%u q%u, d%u, d%u\n", P ? 's' : 'a', U ? 'u' : 's', 5111 8 << size, dreg, nreg, mreg); 5112 return True; 5113 case 9: 5114 case 11: 5115 /* VQDMLAL, VQDMLSL */ 5116 if (U) 5117 return False; 5118 if (dreg & 1) 5119 return False; 5120 dreg >>= 1; 5121 size = B; 5122 switch (size) { 5123 case 0: case 3: 5124 return False; 5125 case 1: 5126 op = Iop_QDMulLong16Sx4; 5127 cmp = Iop_CmpEQ16x4; 5128 add = P ? Iop_QSub32Sx4 : Iop_QAdd32Sx4; 5129 op2 = P ? Iop_Sub32x4 : Iop_Add32x4; 5130 imm = 1LL << 15; 5131 imm = (imm << 16) | imm; 5132 imm = (imm << 32) | imm; 5133 break; 5134 case 2: 5135 op = Iop_QDMulLong32Sx2; 5136 cmp = Iop_CmpEQ32x2; 5137 add = P ? Iop_QSub64Sx2 : Iop_QAdd64Sx2; 5138 op2 = P ? Iop_Sub64x2 : Iop_Add64x2; 5139 imm = 1LL << 31; 5140 imm = (imm << 32) | imm; 5141 break; 5142 default: 5143 vassert(0); 5144 } 5145 res = newTemp(Ity_V128); 5146 tmp = newTemp(Ity_V128); 5147 assign(res, binop(op, getDRegI64(nreg), getDRegI64(mreg))); 5148 #ifndef DISABLE_QC_FLAG 5149 assign(tmp, binop(op2, getQReg(dreg), mkexpr(res))); 5150 setFlag_QC(mkexpr(tmp), binop(add, getQReg(dreg), mkexpr(res)), 5151 True, condT); 5152 setFlag_QC(binop(Iop_And64, 5153 binop(cmp, getDRegI64(nreg), mkU64(imm)), 5154 binop(cmp, getDRegI64(mreg), mkU64(imm))), 5155 mkU64(0), 5156 False, condT); 5157 #endif 5158 putQReg(dreg, binop(add, getQReg(dreg), mkexpr(res)), condT); 5159 DIP("vqdml%cl.s%u q%u, d%u, d%u\n", P ? 's' : 'a', 8 << size, dreg, 5160 nreg, mreg); 5161 return True; 5162 case 12: 5163 case 14: 5164 /* VMULL (integer or polynomial) */ 5165 if (dreg & 1) 5166 return False; 5167 dreg >>= 1; 5168 size = B; 5169 switch (size) { 5170 case 0: 5171 op = (U) ? Iop_Mull8Ux8 : Iop_Mull8Sx8; 5172 if (P) 5173 op = Iop_PolynomialMull8x8; 5174 break; 5175 case 1: 5176 op = (U) ? Iop_Mull16Ux4 : Iop_Mull16Sx4; 5177 break; 5178 case 2: 5179 op = (U) ? Iop_Mull32Ux2 : Iop_Mull32Sx2; 5180 break; 5181 default: 5182 vassert(0); 5183 } 5184 putQReg(dreg, binop(op, getDRegI64(nreg), 5185 getDRegI64(mreg)), condT); 5186 DIP("vmull.%c%u q%u, d%u, d%u\n", P ? 'p' : (U ? 'u' : 's'), 5187 8 << size, dreg, nreg, mreg); 5188 return True; 5189 case 13: 5190 /* VQDMULL */ 5191 if (U) 5192 return False; 5193 if (dreg & 1) 5194 return False; 5195 dreg >>= 1; 5196 size = B; 5197 switch (size) { 5198 case 0: 5199 case 3: 5200 return False; 5201 case 1: 5202 op = Iop_QDMulLong16Sx4; 5203 op2 = Iop_CmpEQ16x4; 5204 imm = 1LL << 15; 5205 imm = (imm << 16) | imm; 5206 imm = (imm << 32) | imm; 5207 break; 5208 case 2: 5209 op = Iop_QDMulLong32Sx2; 5210 op2 = Iop_CmpEQ32x2; 5211 imm = 1LL << 31; 5212 imm = (imm << 32) | imm; 5213 break; 5214 default: 5215 vassert(0); 5216 } 5217 putQReg(dreg, binop(op, getDRegI64(nreg), getDRegI64(mreg)), 5218 condT); 5219 #ifndef DISABLE_QC_FLAG 5220 setFlag_QC(binop(Iop_And64, 5221 binop(op2, getDRegI64(nreg), mkU64(imm)), 5222 binop(op2, getDRegI64(mreg), mkU64(imm))), 5223 mkU64(0), 5224 False, condT); 5225 #endif 5226 DIP("vqdmull.s%u q%u, d%u, d%u\n", 8 << size, dreg, nreg, mreg); 5227 return True; 5228 default: 5229 return False; 5230 } 5231 return False; 5232 } 5233 5234 /* A7.4.3 Two registers and a scalar */ 5235 static 5236 Bool dis_neon_data_2reg_and_scalar ( UInt theInstr, IRTemp condT ) 5237 { 5238 # define INSN(_bMax,_bMin) SLICE_UInt(theInstr, (_bMax), (_bMin)) 5239 UInt U = INSN(24,24); 5240 UInt dreg = get_neon_d_regno(theInstr & ~(1 << 6)); 5241 UInt nreg = get_neon_n_regno(theInstr & ~(1 << 6)); 5242 UInt mreg = get_neon_m_regno(theInstr & ~(1 << 6)); 5243 UInt size = INSN(21,20); 5244 UInt index; 5245 UInt Q = INSN(24,24); 5246 5247 if (INSN(27,25) != 1 || INSN(23,23) != 1 5248 || INSN(6,6) != 1 || INSN(4,4) != 0) 5249 return False; 5250 5251 /* VMLA, VMLS (scalar) */ 5252 if ((INSN(11,8) & BITS4(1,0,1,0)) == BITS4(0,0,0,0)) { 5253 IRTemp res, arg_m, arg_n; 5254 IROp dup, get, op, op2, add, sub; 5255 if (Q) { 5256 if ((dreg & 1) || (nreg & 1)) 5257 return False; 5258 dreg >>= 1; 5259 nreg >>= 1; 5260 res = newTemp(Ity_V128); 5261 arg_m = newTemp(Ity_V128); 5262 arg_n = newTemp(Ity_V128); 5263 assign(arg_n, getQReg(nreg)); 5264 switch(size) { 5265 case 1: 5266 dup = Iop_Dup16x8; 5267 get = Iop_GetElem16x4; 5268 index = mreg >> 3; 5269 mreg &= 7; 5270 break; 5271 case 2: 5272 dup = Iop_Dup32x4; 5273 get = Iop_GetElem32x2; 5274 index = mreg >> 4; 5275 mreg &= 0xf; 5276 break; 5277 case 0: 5278 case 3: 5279 return False; 5280 default: 5281 vassert(0); 5282 } 5283 assign(arg_m, unop(dup, binop(get, getDRegI64(mreg), mkU8(index)))); 5284 } else { 5285 res = newTemp(Ity_I64); 5286 arg_m = newTemp(Ity_I64); 5287 arg_n = newTemp(Ity_I64); 5288 assign(arg_n, getDRegI64(nreg)); 5289 switch(size) { 5290 case 1: 5291 dup = Iop_Dup16x4; 5292 get = Iop_GetElem16x4; 5293 index = mreg >> 3; 5294 mreg &= 7; 5295 break; 5296 case 2: 5297 dup = Iop_Dup32x2; 5298 get = Iop_GetElem32x2; 5299 index = mreg >> 4; 5300 mreg &= 0xf; 5301 break; 5302 case 0: 5303 case 3: 5304 return False; 5305 default: 5306 vassert(0); 5307 } 5308 assign(arg_m, unop(dup, binop(get, getDRegI64(mreg), mkU8(index)))); 5309 } 5310 if (INSN(8,8)) { 5311 switch (size) { 5312 case 2: 5313 op = Q ? Iop_Mul32Fx4 : Iop_Mul32Fx2; 5314 add = Q ? Iop_Add32Fx4 : Iop_Add32Fx2; 5315 sub = Q ? Iop_Sub32Fx4 : Iop_Sub32Fx2; 5316 break; 5317 case 0: 5318 case 1: 5319 case 3: 5320 return False; 5321 default: 5322 vassert(0); 5323 } 5324 } else { 5325 switch (size) { 5326 case 1: 5327 op = Q ? Iop_Mul16x8 : Iop_Mul16x4; 5328 add = Q ? Iop_Add16x8 : Iop_Add16x4; 5329 sub = Q ? Iop_Sub16x8 : Iop_Sub16x4; 5330 break; 5331 case 2: 5332 op = Q ? Iop_Mul32x4 : Iop_Mul32x2; 5333 add = Q ? Iop_Add32x4 : Iop_Add32x2; 5334 sub = Q ? Iop_Sub32x4 : Iop_Sub32x2; 5335 break; 5336 case 0: 5337 case 3: 5338 return False; 5339 default: 5340 vassert(0); 5341 } 5342 } 5343 op2 = INSN(10,10) ? sub : add; 5344 assign(res, binop(op, mkexpr(arg_n), mkexpr(arg_m))); 5345 if (Q) 5346 putQReg(dreg, binop(op2, getQReg(dreg), mkexpr(res)), 5347 condT); 5348 else 5349 putDRegI64(dreg, binop(op2, getDRegI64(dreg), mkexpr(res)), 5350 condT); 5351 DIP("vml%c.%c%u %c%u, %c%u, d%u[%u]\n", INSN(10,10) ? 's' : 'a', 5352 INSN(8,8) ? 'f' : 'i', 8 << size, 5353 Q ? 'q' : 'd', dreg, Q ? 'q' : 'd', nreg, mreg, index); 5354 return True; 5355 } 5356 5357 /* VMLAL, VMLSL (scalar) */ 5358 if ((INSN(11,8) & BITS4(1,0,1,1)) == BITS4(0,0,1,0)) { 5359 IRTemp res, arg_m, arg_n; 5360 IROp dup, get, op, op2, add, sub; 5361 if (dreg & 1) 5362 return False; 5363 dreg >>= 1; 5364 res = newTemp(Ity_V128); 5365 arg_m = newTemp(Ity_I64); 5366 arg_n = newTemp(Ity_I64); 5367 assign(arg_n, getDRegI64(nreg)); 5368 switch(size) { 5369 case 1: 5370 dup = Iop_Dup16x4; 5371 get = Iop_GetElem16x4; 5372 index = mreg >> 3; 5373 mreg &= 7; 5374 break; 5375 case 2: 5376 dup = Iop_Dup32x2; 5377 get = Iop_GetElem32x2; 5378 index = mreg >> 4; 5379 mreg &= 0xf; 5380 break; 5381 case 0: 5382 case 3: 5383 return False; 5384 default: 5385 vassert(0); 5386 } 5387 assign(arg_m, unop(dup, binop(get, getDRegI64(mreg), mkU8(index)))); 5388 switch (size) { 5389 case 1: 5390 op = U ? Iop_Mull16Ux4 : Iop_Mull16Sx4; 5391 add = Iop_Add32x4; 5392 sub = Iop_Sub32x4; 5393 break; 5394 case 2: 5395 op = U ? Iop_Mull32Ux2 : Iop_Mull32Sx2; 5396 add = Iop_Add64x2; 5397 sub = Iop_Sub64x2; 5398 break; 5399 case 0: 5400 case 3: 5401 return False; 5402 default: 5403 vassert(0); 5404 } 5405 op2 = INSN(10,10) ? sub : add; 5406 assign(res, binop(op, mkexpr(arg_n), mkexpr(arg_m))); 5407 putQReg(dreg, binop(op2, getQReg(dreg), mkexpr(res)), condT); 5408 DIP("vml%cl.%c%u q%u, d%u, d%u[%u]\n", 5409 INSN(10,10) ? 's' : 'a', U ? 'u' : 's', 5410 8 << size, dreg, nreg, mreg, index); 5411 return True; 5412 } 5413 5414 /* VQDMLAL, VQDMLSL (scalar) */ 5415 if ((INSN(11,8) & BITS4(1,0,1,1)) == BITS4(0,0,1,1) && !U) { 5416 IRTemp res, arg_m, arg_n, tmp; 5417 IROp dup, get, op, op2, add, cmp; 5418 UInt P = INSN(10,10); 5419 ULong imm; 5420 if (dreg & 1) 5421 return False; 5422 dreg >>= 1; 5423 res = newTemp(Ity_V128); 5424 arg_m = newTemp(Ity_I64); 5425 arg_n = newTemp(Ity_I64); 5426 assign(arg_n, getDRegI64(nreg)); 5427 switch(size) { 5428 case 1: 5429 dup = Iop_Dup16x4; 5430 get = Iop_GetElem16x4; 5431 index = mreg >> 3; 5432 mreg &= 7; 5433 break; 5434 case 2: 5435 dup = Iop_Dup32x2; 5436 get = Iop_GetElem32x2; 5437 index = mreg >> 4; 5438 mreg &= 0xf; 5439 break; 5440 case 0: 5441 case 3: 5442 return False; 5443 default: 5444 vassert(0); 5445 } 5446 assign(arg_m, unop(dup, binop(get, getDRegI64(mreg), mkU8(index)))); 5447 switch (size) { 5448 case 0: 5449 case 3: 5450 return False; 5451 case 1: 5452 op = Iop_QDMulLong16Sx4; 5453 cmp = Iop_CmpEQ16x4; 5454 add = P ? Iop_QSub32Sx4 : Iop_QAdd32Sx4; 5455 op2 = P ? Iop_Sub32x4 : Iop_Add32x4; 5456 imm = 1LL << 15; 5457 imm = (imm << 16) | imm; 5458 imm = (imm << 32) | imm; 5459 break; 5460 case 2: 5461 op = Iop_QDMulLong32Sx2; 5462 cmp = Iop_CmpEQ32x2; 5463 add = P ? Iop_QSub64Sx2 : Iop_QAdd64Sx2; 5464 op2 = P ? Iop_Sub64x2 : Iop_Add64x2; 5465 imm = 1LL << 31; 5466 imm = (imm << 32) | imm; 5467 break; 5468 default: 5469 vassert(0); 5470 } 5471 res = newTemp(Ity_V128); 5472 tmp = newTemp(Ity_V128); 5473 assign(res, binop(op, mkexpr(arg_n), mkexpr(arg_m))); 5474 #ifndef DISABLE_QC_FLAG 5475 assign(tmp, binop(op2, getQReg(dreg), mkexpr(res))); 5476 setFlag_QC(binop(Iop_And64, 5477 binop(cmp, mkexpr(arg_n), mkU64(imm)), 5478 binop(cmp, mkexpr(arg_m), mkU64(imm))), 5479 mkU64(0), 5480 False, condT); 5481 setFlag_QC(mkexpr(tmp), binop(add, getQReg(dreg), mkexpr(res)), 5482 True, condT); 5483 #endif 5484 putQReg(dreg, binop(add, getQReg(dreg), mkexpr(res)), condT); 5485 DIP("vqdml%cl.s%u q%u, d%u, d%u[%u]\n", P ? 's' : 'a', 8 << size, 5486 dreg, nreg, mreg, index); 5487 return True; 5488 } 5489 5490 /* VMUL (by scalar) */ 5491 if ((INSN(11,8) & BITS4(1,1,1,0)) == BITS4(1,0,0,0)) { 5492 IRTemp res, arg_m, arg_n; 5493 IROp dup, get, op; 5494 if (Q) { 5495 if ((dreg & 1) || (nreg & 1)) 5496 return False; 5497 dreg >>= 1; 5498 nreg >>= 1; 5499 res = newTemp(Ity_V128); 5500 arg_m = newTemp(Ity_V128); 5501 arg_n = newTemp(Ity_V128); 5502 assign(arg_n, getQReg(nreg)); 5503 switch(size) { 5504 case 1: 5505 dup = Iop_Dup16x8; 5506 get = Iop_GetElem16x4; 5507 index = mreg >> 3; 5508 mreg &= 7; 5509 break; 5510 case 2: 5511 dup = Iop_Dup32x4; 5512 get = Iop_GetElem32x2; 5513 index = mreg >> 4; 5514 mreg &= 0xf; 5515 break; 5516 case 0: 5517 case 3: 5518 return False; 5519 default: 5520 vassert(0); 5521 } 5522 assign(arg_m, unop(dup, binop(get, getDRegI64(mreg), mkU8(index)))); 5523 } else { 5524 res = newTemp(Ity_I64); 5525 arg_m = newTemp(Ity_I64); 5526 arg_n = newTemp(Ity_I64); 5527 assign(arg_n, getDRegI64(nreg)); 5528 switch(size) { 5529 case 1: 5530 dup = Iop_Dup16x4; 5531 get = Iop_GetElem16x4; 5532 index = mreg >> 3; 5533 mreg &= 7; 5534 break; 5535 case 2: 5536 dup = Iop_Dup32x2; 5537 get = Iop_GetElem32x2; 5538 index = mreg >> 4; 5539 mreg &= 0xf; 5540 break; 5541 case 0: 5542 case 3: 5543 return False; 5544 default: 5545 vassert(0); 5546 } 5547 assign(arg_m, unop(dup, binop(get, getDRegI64(mreg), mkU8(index)))); 5548 } 5549 if (INSN(8,8)) { 5550 switch (size) { 5551 case 2: 5552 op = Q ? Iop_Mul32Fx4 : Iop_Mul32Fx2; 5553 break; 5554 case 0: 5555 case 1: 5556 case 3: 5557 return False; 5558 default: 5559 vassert(0); 5560 } 5561 } else { 5562 switch (size) { 5563 case 1: 5564 op = Q ? Iop_Mul16x8 : Iop_Mul16x4; 5565 break; 5566 case 2: 5567 op = Q ? Iop_Mul32x4 : Iop_Mul32x2; 5568 break; 5569 case 0: 5570 case 3: 5571 return False; 5572 default: 5573 vassert(0); 5574 } 5575 } 5576 assign(res, binop(op, mkexpr(arg_n), mkexpr(arg_m))); 5577 if (Q) 5578 putQReg(dreg, mkexpr(res), condT); 5579 else 5580 putDRegI64(dreg, mkexpr(res), condT); 5581 DIP("vmul.%c%u %c%u, %c%u, d%u[%u]\n", INSN(8,8) ? 'f' : 'i', 5582 8 << size, Q ? 'q' : 'd', dreg, 5583 Q ? 'q' : 'd', nreg, mreg, index); 5584 return True; 5585 } 5586 5587 /* VMULL (scalar) */ 5588 if (INSN(11,8) == BITS4(1,0,1,0)) { 5589 IRTemp res, arg_m, arg_n; 5590 IROp dup, get, op; 5591 if (dreg & 1) 5592 return False; 5593 dreg >>= 1; 5594 res = newTemp(Ity_V128); 5595 arg_m = newTemp(Ity_I64); 5596 arg_n = newTemp(Ity_I64); 5597 assign(arg_n, getDRegI64(nreg)); 5598 switch(size) { 5599 case 1: 5600 dup = Iop_Dup16x4; 5601 get = Iop_GetElem16x4; 5602 index = mreg >> 3; 5603 mreg &= 7; 5604 break; 5605 case 2: 5606 dup = Iop_Dup32x2; 5607 get = Iop_GetElem32x2; 5608 index = mreg >> 4; 5609 mreg &= 0xf; 5610 break; 5611 case 0: 5612 case 3: 5613 return False; 5614 default: 5615 vassert(0); 5616 } 5617 assign(arg_m, unop(dup, binop(get, getDRegI64(mreg), mkU8(index)))); 5618 switch (size) { 5619 case 1: op = U ? Iop_Mull16Ux4 : Iop_Mull16Sx4; break; 5620 case 2: op = U ? Iop_Mull32Ux2 : Iop_Mull32Sx2; break; 5621 case 0: case 3: return False; 5622 default: vassert(0); 5623 } 5624 assign(res, binop(op, mkexpr(arg_n), mkexpr(arg_m))); 5625 putQReg(dreg, mkexpr(res), condT); 5626 DIP("vmull.%c%u q%u, d%u, d%u[%u]\n", U ? 'u' : 's', 8 << size, dreg, 5627 nreg, mreg, index); 5628 return True; 5629 } 5630 5631 /* VQDMULL */ 5632 if (INSN(11,8) == BITS4(1,0,1,1) && !U) { 5633 IROp op ,op2, dup, get; 5634 ULong imm; 5635 IRTemp arg_m, arg_n; 5636 if (dreg & 1) 5637 return False; 5638 dreg >>= 1; 5639 arg_m = newTemp(Ity_I64); 5640 arg_n = newTemp(Ity_I64); 5641 assign(arg_n, getDRegI64(nreg)); 5642 switch(size) { 5643 case 1: 5644 dup = Iop_Dup16x4; 5645 get = Iop_GetElem16x4; 5646 index = mreg >> 3; 5647 mreg &= 7; 5648 break; 5649 case 2: 5650 dup = Iop_Dup32x2; 5651 get = Iop_GetElem32x2; 5652 index = mreg >> 4; 5653 mreg &= 0xf; 5654 break; 5655 case 0: 5656 case 3: 5657 return False; 5658 default: 5659 vassert(0); 5660 } 5661 assign(arg_m, unop(dup, binop(get, getDRegI64(mreg), mkU8(index)))); 5662 switch (size) { 5663 case 0: 5664 case 3: 5665 return False; 5666 case 1: 5667 op = Iop_QDMulLong16Sx4; 5668 op2 = Iop_CmpEQ16x4; 5669 imm = 1LL << 15; 5670 imm = (imm << 16) | imm; 5671 imm = (imm << 32) | imm; 5672 break; 5673 case 2: 5674 op = Iop_QDMulLong32Sx2; 5675 op2 = Iop_CmpEQ32x2; 5676 imm = 1LL << 31; 5677 imm = (imm << 32) | imm; 5678 break; 5679 default: 5680 vassert(0); 5681 } 5682 putQReg(dreg, binop(op, mkexpr(arg_n), mkexpr(arg_m)), 5683 condT); 5684 #ifndef DISABLE_QC_FLAG 5685 setFlag_QC(binop(Iop_And64, 5686 binop(op2, mkexpr(arg_n), mkU64(imm)), 5687 binop(op2, mkexpr(arg_m), mkU64(imm))), 5688 mkU64(0), 5689 False, condT); 5690 #endif 5691 DIP("vqdmull.s%u q%u, d%u, d%u[%u]\n", 8 << size, dreg, nreg, mreg, 5692 index); 5693 return True; 5694 } 5695 5696 /* VQDMULH */ 5697 if (INSN(11,8) == BITS4(1,1,0,0)) { 5698 IROp op ,op2, dup, get; 5699 ULong imm; 5700 IRTemp res, arg_m, arg_n; 5701 if (Q) { 5702 if ((dreg & 1) || (nreg & 1)) 5703 return False; 5704 dreg >>= 1; 5705 nreg >>= 1; 5706 res = newTemp(Ity_V128); 5707 arg_m = newTemp(Ity_V128); 5708 arg_n = newTemp(Ity_V128); 5709 assign(arg_n, getQReg(nreg)); 5710 switch(size) { 5711 case 1: 5712 dup = Iop_Dup16x8; 5713 get = Iop_GetElem16x4; 5714 index = mreg >> 3; 5715 mreg &= 7; 5716 break; 5717 case 2: 5718 dup = Iop_Dup32x4; 5719 get = Iop_GetElem32x2; 5720 index = mreg >> 4; 5721 mreg &= 0xf; 5722 break; 5723 case 0: 5724 case 3: 5725 return False; 5726 default: 5727 vassert(0); 5728 } 5729 assign(arg_m, unop(dup, binop(get, getDRegI64(mreg), mkU8(index)))); 5730 } else { 5731 res = newTemp(Ity_I64); 5732 arg_m = newTemp(Ity_I64); 5733 arg_n = newTemp(Ity_I64); 5734 assign(arg_n, getDRegI64(nreg)); 5735 switch(size) { 5736 case 1: 5737 dup = Iop_Dup16x4; 5738 get = Iop_GetElem16x4; 5739 index = mreg >> 3; 5740 mreg &= 7; 5741 break; 5742 case 2: 5743 dup = Iop_Dup32x2; 5744 get = Iop_GetElem32x2; 5745 index = mreg >> 4; 5746 mreg &= 0xf; 5747 break; 5748 case 0: 5749 case 3: 5750 return False; 5751 default: 5752 vassert(0); 5753 } 5754 assign(arg_m, unop(dup, binop(get, getDRegI64(mreg), mkU8(index)))); 5755 } 5756 switch (size) { 5757 case 0: 5758 case 3: 5759 return False; 5760 case 1: 5761 op = Q ? Iop_QDMulHi16Sx8 : Iop_QDMulHi16Sx4; 5762 op2 = Q ? Iop_CmpEQ16x8 : Iop_CmpEQ16x4; 5763 imm = 1LL << 15; 5764 imm = (imm << 16) | imm; 5765 imm = (imm << 32) | imm; 5766 break; 5767 case 2: 5768 op = Q ? Iop_QDMulHi32Sx4 : Iop_QDMulHi32Sx2; 5769 op2 = Q ? Iop_CmpEQ32x4 : Iop_CmpEQ32x2; 5770 imm = 1LL << 31; 5771 imm = (imm << 32) | imm; 5772 break; 5773 default: 5774 vassert(0); 5775 } 5776 assign(res, binop(op, mkexpr(arg_n), mkexpr(arg_m))); 5777 #ifndef DISABLE_QC_FLAG 5778 setFlag_QC(binop(Q ? Iop_AndV128 : Iop_And64, 5779 binop(op2, mkexpr(arg_n), 5780 Q ? mkU128(imm) : mkU64(imm)), 5781 binop(op2, mkexpr(arg_m), 5782 Q ? mkU128(imm) : mkU64(imm))), 5783 Q ? mkU128(0) : mkU64(0), 5784 Q, condT); 5785 #endif 5786 if (Q) 5787 putQReg(dreg, mkexpr(res), condT); 5788 else 5789 putDRegI64(dreg, mkexpr(res), condT); 5790 DIP("vqdmulh.s%u %c%u, %c%u, d%u[%u]\n", 5791 8 << size, Q ? 'q' : 'd', dreg, 5792 Q ? 'q' : 'd', nreg, mreg, index); 5793 return True; 5794 } 5795 5796 /* VQRDMULH (scalar) */ 5797 if (INSN(11,8) == BITS4(1,1,0,1)) { 5798 IROp op ,op2, dup, get; 5799 ULong imm; 5800 IRTemp res, arg_m, arg_n; 5801 if (Q) { 5802 if ((dreg & 1) || (nreg & 1)) 5803 return False; 5804 dreg >>= 1; 5805 nreg >>= 1; 5806 res = newTemp(Ity_V128); 5807 arg_m = newTemp(Ity_V128); 5808 arg_n = newTemp(Ity_V128); 5809 assign(arg_n, getQReg(nreg)); 5810 switch(size) { 5811 case 1: 5812 dup = Iop_Dup16x8; 5813 get = Iop_GetElem16x4; 5814 index = mreg >> 3; 5815 mreg &= 7; 5816 break; 5817 case 2: 5818 dup = Iop_Dup32x4; 5819 get = Iop_GetElem32x2; 5820 index = mreg >> 4; 5821 mreg &= 0xf; 5822 break; 5823 case 0: 5824 case 3: 5825 return False; 5826 default: 5827 vassert(0); 5828 } 5829 assign(arg_m, unop(dup, binop(get, getDRegI64(mreg), mkU8(index)))); 5830 } else { 5831 res = newTemp(Ity_I64); 5832 arg_m = newTemp(Ity_I64); 5833 arg_n = newTemp(Ity_I64); 5834 assign(arg_n, getDRegI64(nreg)); 5835 switch(size) { 5836 case 1: 5837 dup = Iop_Dup16x4; 5838 get = Iop_GetElem16x4; 5839 index = mreg >> 3; 5840 mreg &= 7; 5841 break; 5842 case 2: 5843 dup = Iop_Dup32x2; 5844 get = Iop_GetElem32x2; 5845 index = mreg >> 4; 5846 mreg &= 0xf; 5847 break; 5848 case 0: 5849 case 3: 5850 return False; 5851 default: 5852 vassert(0); 5853 } 5854 assign(arg_m, unop(dup, binop(get, getDRegI64(mreg), mkU8(index)))); 5855 } 5856 switch (size) { 5857 case 0: 5858 case 3: 5859 return False; 5860 case 1: 5861 op = Q ? Iop_QRDMulHi16Sx8 : Iop_QRDMulHi16Sx4; 5862 op2 = Q ? Iop_CmpEQ16x8 : Iop_CmpEQ16x4; 5863 imm = 1LL << 15; 5864 imm = (imm << 16) | imm; 5865 imm = (imm << 32) | imm; 5866 break; 5867 case 2: 5868 op = Q ? Iop_QRDMulHi32Sx4 : Iop_QRDMulHi32Sx2; 5869 op2 = Q ? Iop_CmpEQ32x4 : Iop_CmpEQ32x2; 5870 imm = 1LL << 31; 5871 imm = (imm << 32) | imm; 5872 break; 5873 default: 5874 vassert(0); 5875 } 5876 assign(res, binop(op, mkexpr(arg_n), mkexpr(arg_m))); 5877 #ifndef DISABLE_QC_FLAG 5878 setFlag_QC(binop(Q ? Iop_AndV128 : Iop_And64, 5879 binop(op2, mkexpr(arg_n), 5880 Q ? mkU128(imm) : mkU64(imm)), 5881 binop(op2, mkexpr(arg_m), 5882 Q ? mkU128(imm) : mkU64(imm))), 5883 Q ? mkU128(0) : mkU64(0), 5884 Q, condT); 5885 #endif 5886 if (Q) 5887 putQReg(dreg, mkexpr(res), condT); 5888 else 5889 putDRegI64(dreg, mkexpr(res), condT); 5890 DIP("vqrdmulh.s%u %c%u, %c%u, d%u[%u]\n", 5891 8 << size, Q ? 'q' : 'd', dreg, 5892 Q ? 'q' : 'd', nreg, mreg, index); 5893 return True; 5894 } 5895 5896 return False; 5897 # undef INSN 5898 } 5899 5900 /* A7.4.4 Two registers and a shift amount */ 5901 static 5902 Bool dis_neon_data_2reg_and_shift ( UInt theInstr, IRTemp condT ) 5903 { 5904 UInt A = (theInstr >> 8) & 0xf; 5905 UInt B = (theInstr >> 6) & 1; 5906 UInt L = (theInstr >> 7) & 1; 5907 UInt U = (theInstr >> 24) & 1; 5908 UInt Q = B; 5909 UInt imm6 = (theInstr >> 16) & 0x3f; 5910 UInt shift_imm; 5911 UInt size = 4; 5912 UInt tmp; 5913 UInt mreg = get_neon_m_regno(theInstr); 5914 UInt dreg = get_neon_d_regno(theInstr); 5915 ULong imm = 0; 5916 IROp op, cvt, add = Iop_INVALID, cvt2, op_rev; 5917 IRTemp reg_m, res, mask; 5918 5919 if (L == 0 && ((theInstr >> 19) & 7) == 0) 5920 /* It is one reg and immediate */ 5921 return False; 5922 5923 tmp = (L << 6) | imm6; 5924 if (tmp & 0x40) { 5925 size = 3; 5926 shift_imm = 64 - imm6; 5927 } else if (tmp & 0x20) { 5928 size = 2; 5929 shift_imm = 64 - imm6; 5930 } else if (tmp & 0x10) { 5931 size = 1; 5932 shift_imm = 32 - imm6; 5933 } else if (tmp & 0x8) { 5934 size = 0; 5935 shift_imm = 16 - imm6; 5936 } else { 5937 return False; 5938 } 5939 5940 switch (A) { 5941 case 3: 5942 case 2: 5943 /* VRSHR, VRSRA */ 5944 if (shift_imm > 0) { 5945 IRExpr *imm_val; 5946 imm = 1L; 5947 switch (size) { 5948 case 0: 5949 imm = (imm << 8) | imm; 5950 /* fall through */ 5951 case 1: 5952 imm = (imm << 16) | imm; 5953 /* fall through */ 5954 case 2: 5955 imm = (imm << 32) | imm; 5956 /* fall through */ 5957 case 3: 5958 break; 5959 default: 5960 vassert(0); 5961 } 5962 if (Q) { 5963 reg_m = newTemp(Ity_V128); 5964 res = newTemp(Ity_V128); 5965 imm_val = binop(Iop_64HLtoV128, mkU64(imm), mkU64(imm)); 5966 assign(reg_m, getQReg(mreg)); 5967 switch (size) { 5968 case 0: 5969 add = Iop_Add8x16; 5970 op = U ? Iop_ShrN8x16 : Iop_SarN8x16; 5971 break; 5972 case 1: 5973 add = Iop_Add16x8; 5974 op = U ? Iop_ShrN16x8 : Iop_SarN16x8; 5975 break; 5976 case 2: 5977 add = Iop_Add32x4; 5978 op = U ? Iop_ShrN32x4 : Iop_SarN32x4; 5979 break; 5980 case 3: 5981 add = Iop_Add64x2; 5982 op = U ? Iop_ShrN64x2 : Iop_SarN64x2; 5983 break; 5984 default: 5985 vassert(0); 5986 } 5987 } else { 5988 reg_m = newTemp(Ity_I64); 5989 res = newTemp(Ity_I64); 5990 imm_val = mkU64(imm); 5991 assign(reg_m, getDRegI64(mreg)); 5992 switch (size) { 5993 case 0: 5994 add = Iop_Add8x8; 5995 op = U ? Iop_ShrN8x8 : Iop_SarN8x8; 5996 break; 5997 case 1: 5998 add = Iop_Add16x4; 5999 op = U ? Iop_ShrN16x4 : Iop_SarN16x4; 6000 break; 6001 case 2: 6002 add = Iop_Add32x2; 6003 op = U ? Iop_ShrN32x2 : Iop_SarN32x2; 6004 break; 6005 case 3: 6006 add = Iop_Add64; 6007 op = U ? Iop_Shr64 : Iop_Sar64; 6008 break; 6009 default: 6010 vassert(0); 6011 } 6012 } 6013 assign(res, 6014 binop(add, 6015 binop(op, 6016 mkexpr(reg_m), 6017 mkU8(shift_imm)), 6018 binop(Q ? Iop_AndV128 : Iop_And64, 6019 binop(op, 6020 mkexpr(reg_m), 6021 mkU8(shift_imm - 1)), 6022 imm_val))); 6023 } else { 6024 if (Q) { 6025 res = newTemp(Ity_V128); 6026 assign(res, getQReg(mreg)); 6027 } else { 6028 res = newTemp(Ity_I64); 6029 assign(res, getDRegI64(mreg)); 6030 } 6031 } 6032 if (A == 3) { 6033 if (Q) { 6034 putQReg(dreg, binop(add, mkexpr(res), getQReg(dreg)), 6035 condT); 6036 } else { 6037 putDRegI64(dreg, binop(add, mkexpr(res), getDRegI64(dreg)), 6038 condT); 6039 } 6040 DIP("vrsra.%c%u %c%u, %c%u, #%u\n", 6041 U ? 'u' : 's', 8 << size, 6042 Q ? 'q' : 'd', dreg, Q ? 'q' : 'd', mreg, shift_imm); 6043 } else { 6044 if (Q) { 6045 putQReg(dreg, mkexpr(res), condT); 6046 } else { 6047 putDRegI64(dreg, mkexpr(res), condT); 6048 } 6049 DIP("vrshr.%c%u %c%u, %c%u, #%u\n", U ? 'u' : 's', 8 << size, 6050 Q ? 'q' : 'd', dreg, Q ? 'q' : 'd', mreg, shift_imm); 6051 } 6052 return True; 6053 case 1: 6054 case 0: 6055 /* VSHR, VSRA */ 6056 if (Q) { 6057 reg_m = newTemp(Ity_V128); 6058 assign(reg_m, getQReg(mreg)); 6059 res = newTemp(Ity_V128); 6060 } else { 6061 reg_m = newTemp(Ity_I64); 6062 assign(reg_m, getDRegI64(mreg)); 6063 res = newTemp(Ity_I64); 6064 } 6065 if (Q) { 6066 switch (size) { 6067 case 0: 6068 op = U ? Iop_ShrN8x16 : Iop_SarN8x16; 6069 add = Iop_Add8x16; 6070 break; 6071 case 1: 6072 op = U ? Iop_ShrN16x8 : Iop_SarN16x8; 6073 add = Iop_Add16x8; 6074 break; 6075 case 2: 6076 op = U ? Iop_ShrN32x4 : Iop_SarN32x4; 6077 add = Iop_Add32x4; 6078 break; 6079 case 3: 6080 op = U ? Iop_ShrN64x2 : Iop_SarN64x2; 6081 add = Iop_Add64x2; 6082 break; 6083 default: 6084 vassert(0); 6085 } 6086 } else { 6087 switch (size) { 6088 case 0: 6089 op = U ? Iop_ShrN8x8 : Iop_SarN8x8; 6090 add = Iop_Add8x8; 6091 break; 6092 case 1: 6093 op = U ? Iop_ShrN16x4 : Iop_SarN16x4; 6094 add = Iop_Add16x4; 6095 break; 6096 case 2: 6097 op = U ? Iop_ShrN32x2 : Iop_SarN32x2; 6098 add = Iop_Add32x2; 6099 break; 6100 case 3: 6101 op = U ? Iop_Shr64 : Iop_Sar64; 6102 add = Iop_Add64; 6103 break; 6104 default: 6105 vassert(0); 6106 } 6107 } 6108 assign(res, binop(op, mkexpr(reg_m), mkU8(shift_imm))); 6109 if (A == 1) { 6110 if (Q) { 6111 putQReg(dreg, binop(add, mkexpr(res), getQReg(dreg)), 6112 condT); 6113 } else { 6114 putDRegI64(dreg, binop(add, mkexpr(res), getDRegI64(dreg)), 6115 condT); 6116 } 6117 DIP("vsra.%c%u %c%u, %c%u, #%u\n", U ? 'u' : 's', 8 << size, 6118 Q ? 'q' : 'd', dreg, Q ? 'q' : 'd', mreg, shift_imm); 6119 } else { 6120 if (Q) { 6121 putQReg(dreg, mkexpr(res), condT); 6122 } else { 6123 putDRegI64(dreg, mkexpr(res), condT); 6124 } 6125 DIP("vshr.%c%u %c%u, %c%u, #%u\n", U ? 'u' : 's', 8 << size, 6126 Q ? 'q' : 'd', dreg, Q ? 'q' : 'd', mreg, shift_imm); 6127 } 6128 return True; 6129 case 4: 6130 /* VSRI */ 6131 if (!U) 6132 return False; 6133 if (Q) { 6134 res = newTemp(Ity_V128); 6135 mask = newTemp(Ity_V128); 6136 } else { 6137 res = newTemp(Ity_I64); 6138 mask = newTemp(Ity_I64); 6139 } 6140 switch (size) { 6141 case 0: op = Q ? Iop_ShrN8x16 : Iop_ShrN8x8; break; 6142 case 1: op = Q ? Iop_ShrN16x8 : Iop_ShrN16x4; break; 6143 case 2: op = Q ? Iop_ShrN32x4 : Iop_ShrN32x2; break; 6144 case 3: op = Q ? Iop_ShrN64x2 : Iop_Shr64; break; 6145 default: vassert(0); 6146 } 6147 if (Q) { 6148 assign(mask, binop(op, binop(Iop_64HLtoV128, 6149 mkU64(0xFFFFFFFFFFFFFFFFLL), 6150 mkU64(0xFFFFFFFFFFFFFFFFLL)), 6151 mkU8(shift_imm))); 6152 assign(res, binop(Iop_OrV128, 6153 binop(Iop_AndV128, 6154 getQReg(dreg), 6155 unop(Iop_NotV128, 6156 mkexpr(mask))), 6157 binop(op, 6158 getQReg(mreg), 6159 mkU8(shift_imm)))); 6160 putQReg(dreg, mkexpr(res), condT); 6161 } else { 6162 assign(mask, binop(op, mkU64(0xFFFFFFFFFFFFFFFFLL), 6163 mkU8(shift_imm))); 6164 assign(res, binop(Iop_Or64, 6165 binop(Iop_And64, 6166 getDRegI64(dreg), 6167 unop(Iop_Not64, 6168 mkexpr(mask))), 6169 binop(op, 6170 getDRegI64(mreg), 6171 mkU8(shift_imm)))); 6172 putDRegI64(dreg, mkexpr(res), condT); 6173 } 6174 DIP("vsri.%u %c%u, %c%u, #%u\n", 6175 8 << size, Q ? 'q' : 'd', dreg, 6176 Q ? 'q' : 'd', mreg, shift_imm); 6177 return True; 6178 case 5: 6179 if (U) { 6180 /* VSLI */ 6181 shift_imm = 8 * (1 << size) - shift_imm; 6182 if (Q) { 6183 res = newTemp(Ity_V128); 6184 mask = newTemp(Ity_V128); 6185 } else { 6186 res = newTemp(Ity_I64); 6187 mask = newTemp(Ity_I64); 6188 } 6189 switch (size) { 6190 case 0: op = Q ? Iop_ShlN8x16 : Iop_ShlN8x8; break; 6191 case 1: op = Q ? Iop_ShlN16x8 : Iop_ShlN16x4; break; 6192 case 2: op = Q ? Iop_ShlN32x4 : Iop_ShlN32x2; break; 6193 case 3: op = Q ? Iop_ShlN64x2 : Iop_Shl64; break; 6194 default: vassert(0); 6195 } 6196 if (Q) { 6197 assign(mask, binop(op, binop(Iop_64HLtoV128, 6198 mkU64(0xFFFFFFFFFFFFFFFFLL), 6199 mkU64(0xFFFFFFFFFFFFFFFFLL)), 6200 mkU8(shift_imm))); 6201 assign(res, binop(Iop_OrV128, 6202 binop(Iop_AndV128, 6203 getQReg(dreg), 6204 unop(Iop_NotV128, 6205 mkexpr(mask))), 6206 binop(op, 6207 getQReg(mreg), 6208 mkU8(shift_imm)))); 6209 putQReg(dreg, mkexpr(res), condT); 6210 } else { 6211 assign(mask, binop(op, mkU64(0xFFFFFFFFFFFFFFFFLL), 6212 mkU8(shift_imm))); 6213 assign(res, binop(Iop_Or64, 6214 binop(Iop_And64, 6215 getDRegI64(dreg), 6216 unop(Iop_Not64, 6217 mkexpr(mask))), 6218 binop(op, 6219 getDRegI64(mreg), 6220 mkU8(shift_imm)))); 6221 putDRegI64(dreg, mkexpr(res), condT); 6222 } 6223 DIP("vsli.%u %c%u, %c%u, #%u\n", 6224 8 << size, Q ? 'q' : 'd', dreg, 6225 Q ? 'q' : 'd', mreg, shift_imm); 6226 return True; 6227 } else { 6228 /* VSHL #imm */ 6229 shift_imm = 8 * (1 << size) - shift_imm; 6230 if (Q) { 6231 res = newTemp(Ity_V128); 6232 } else { 6233 res = newTemp(Ity_I64); 6234 } 6235 switch (size) { 6236 case 0: op = Q ? Iop_ShlN8x16 : Iop_ShlN8x8; break; 6237 case 1: op = Q ? Iop_ShlN16x8 : Iop_ShlN16x4; break; 6238 case 2: op = Q ? Iop_ShlN32x4 : Iop_ShlN32x2; break; 6239 case 3: op = Q ? Iop_ShlN64x2 : Iop_Shl64; break; 6240 default: vassert(0); 6241 } 6242 assign(res, binop(op, Q ? getQReg(mreg) : getDRegI64(mreg), 6243 mkU8(shift_imm))); 6244 if (Q) { 6245 putQReg(dreg, mkexpr(res), condT); 6246 } else { 6247 putDRegI64(dreg, mkexpr(res), condT); 6248 } 6249 DIP("vshl.i%u %c%u, %c%u, #%u\n", 6250 8 << size, Q ? 'q' : 'd', dreg, 6251 Q ? 'q' : 'd', mreg, shift_imm); 6252 return True; 6253 } 6254 break; 6255 case 6: 6256 case 7: 6257 /* VQSHL, VQSHLU */ 6258 shift_imm = 8 * (1 << size) - shift_imm; 6259 if (U) { 6260 if (A & 1) { 6261 switch (size) { 6262 case 0: 6263 op = Q ? Iop_QShlN8x16 : Iop_QShlN8x8; 6264 op_rev = Q ? Iop_ShrN8x16 : Iop_ShrN8x8; 6265 break; 6266 case 1: 6267 op = Q ? Iop_QShlN16x8 : Iop_QShlN16x4; 6268 op_rev = Q ? Iop_ShrN16x8 : Iop_ShrN16x4; 6269 break; 6270 case 2: 6271 op = Q ? Iop_QShlN32x4 : Iop_QShlN32x2; 6272 op_rev = Q ? Iop_ShrN32x4 : Iop_ShrN32x2; 6273 break; 6274 case 3: 6275 op = Q ? Iop_QShlN64x2 : Iop_QShlN64x1; 6276 op_rev = Q ? Iop_ShrN64x2 : Iop_Shr64; 6277 break; 6278 default: 6279 vassert(0); 6280 } 6281 DIP("vqshl.u%u %c%u, %c%u, #%u\n", 6282 8 << size, 6283 Q ? 'q' : 'd', dreg, Q ? 'q' : 'd', mreg, shift_imm); 6284 } else { 6285 switch (size) { 6286 case 0: 6287 op = Q ? Iop_QShlN8Sx16 : Iop_QShlN8Sx8; 6288 op_rev = Q ? Iop_ShrN8x16 : Iop_ShrN8x8; 6289 break; 6290 case 1: 6291 op = Q ? Iop_QShlN16Sx8 : Iop_QShlN16Sx4; 6292 op_rev = Q ? Iop_ShrN16x8 : Iop_ShrN16x4; 6293 break; 6294 case 2: 6295 op = Q ? Iop_QShlN32Sx4 : Iop_QShlN32Sx2; 6296 op_rev = Q ? Iop_ShrN32x4 : Iop_ShrN32x2; 6297 break; 6298 case 3: 6299 op = Q ? Iop_QShlN64Sx2 : Iop_QShlN64Sx1; 6300 op_rev = Q ? Iop_ShrN64x2 : Iop_Shr64; 6301 break; 6302 default: 6303 vassert(0); 6304 } 6305 DIP("vqshlu.s%u %c%u, %c%u, #%u\n", 6306 8 << size, 6307 Q ? 'q' : 'd', dreg, Q ? 'q' : 'd', mreg, shift_imm); 6308 } 6309 } else { 6310 if (!(A & 1)) 6311 return False; 6312 switch (size) { 6313 case 0: 6314 op = Q ? Iop_QSalN8x16 : Iop_QSalN8x8; 6315 op_rev = Q ? Iop_SarN8x16 : Iop_SarN8x8; 6316 break; 6317 case 1: 6318 op = Q ? Iop_QSalN16x8 : Iop_QSalN16x4; 6319 op_rev = Q ? Iop_SarN16x8 : Iop_SarN16x4; 6320 break; 6321 case 2: 6322 op = Q ? Iop_QSalN32x4 : Iop_QSalN32x2; 6323 op_rev = Q ? Iop_SarN32x4 : Iop_SarN32x2; 6324 break; 6325 case 3: 6326 op = Q ? Iop_QSalN64x2 : Iop_QSalN64x1; 6327 op_rev = Q ? Iop_SarN64x2 : Iop_Sar64; 6328 break; 6329 default: 6330 vassert(0); 6331 } 6332 DIP("vqshl.s%u %c%u, %c%u, #%u\n", 6333 8 << size, 6334 Q ? 'q' : 'd', dreg, Q ? 'q' : 'd', mreg, shift_imm); 6335 } 6336 if (Q) { 6337 tmp = newTemp(Ity_V128); 6338 res = newTemp(Ity_V128); 6339 reg_m = newTemp(Ity_V128); 6340 assign(reg_m, getQReg(mreg)); 6341 } else { 6342 tmp = newTemp(Ity_I64); 6343 res = newTemp(Ity_I64); 6344 reg_m = newTemp(Ity_I64); 6345 assign(reg_m, getDRegI64(mreg)); 6346 } 6347 assign(res, binop(op, mkexpr(reg_m), mkU8(shift_imm))); 6348 #ifndef DISABLE_QC_FLAG 6349 assign(tmp, binop(op_rev, mkexpr(res), mkU8(shift_imm))); 6350 setFlag_QC(mkexpr(tmp), mkexpr(reg_m), Q, condT); 6351 #endif 6352 if (Q) 6353 putQReg(dreg, mkexpr(res), condT); 6354 else 6355 putDRegI64(dreg, mkexpr(res), condT); 6356 return True; 6357 case 8: 6358 if (!U) { 6359 if (L == 1) 6360 return False; 6361 size++; 6362 dreg = ((theInstr >> 18) & 0x10) | ((theInstr >> 12) & 0xF); 6363 mreg = ((theInstr >> 1) & 0x10) | (theInstr & 0xF); 6364 if (mreg & 1) 6365 return False; 6366 mreg >>= 1; 6367 if (!B) { 6368 /* VSHRN*/ 6369 IROp narOp; 6370 reg_m = newTemp(Ity_V128); 6371 assign(reg_m, getQReg(mreg)); 6372 res = newTemp(Ity_I64); 6373 switch (size) { 6374 case 1: 6375 op = Iop_ShrN16x8; 6376 narOp = Iop_NarrowUn16to8x8; 6377 break; 6378 case 2: 6379 op = Iop_ShrN32x4; 6380 narOp = Iop_NarrowUn32to16x4; 6381 break; 6382 case 3: 6383 op = Iop_ShrN64x2; 6384 narOp = Iop_NarrowUn64to32x2; 6385 break; 6386 default: 6387 vassert(0); 6388 } 6389 assign(res, unop(narOp, 6390 binop(op, 6391 mkexpr(reg_m), 6392 mkU8(shift_imm)))); 6393 putDRegI64(dreg, mkexpr(res), condT); 6394 DIP("vshrn.i%u d%u, q%u, #%u\n", 8 << size, dreg, mreg, 6395 shift_imm); 6396 return True; 6397 } else { 6398 /* VRSHRN */ 6399 IROp addOp, shOp, narOp; 6400 IRExpr *imm_val; 6401 reg_m = newTemp(Ity_V128); 6402 assign(reg_m, getQReg(mreg)); 6403 res = newTemp(Ity_I64); 6404 imm = 1L; 6405 switch (size) { 6406 case 0: imm = (imm << 8) | imm; /* fall through */ 6407 case 1: imm = (imm << 16) | imm; /* fall through */ 6408 case 2: imm = (imm << 32) | imm; /* fall through */ 6409 case 3: break; 6410 default: vassert(0); 6411 } 6412 imm_val = binop(Iop_64HLtoV128, mkU64(imm), mkU64(imm)); 6413 switch (size) { 6414 case 1: 6415 addOp = Iop_Add16x8; 6416 shOp = Iop_ShrN16x8; 6417 narOp = Iop_NarrowUn16to8x8; 6418 break; 6419 case 2: 6420 addOp = Iop_Add32x4; 6421 shOp = Iop_ShrN32x4; 6422 narOp = Iop_NarrowUn32to16x4; 6423 break; 6424 case 3: 6425 addOp = Iop_Add64x2; 6426 shOp = Iop_ShrN64x2; 6427 narOp = Iop_NarrowUn64to32x2; 6428 break; 6429 default: 6430 vassert(0); 6431 } 6432 assign(res, unop(narOp, 6433 binop(addOp, 6434 binop(shOp, 6435 mkexpr(reg_m), 6436 mkU8(shift_imm)), 6437 binop(Iop_AndV128, 6438 binop(shOp, 6439 mkexpr(reg_m), 6440 mkU8(shift_imm - 1)), 6441 imm_val)))); 6442 putDRegI64(dreg, mkexpr(res), condT); 6443 if (shift_imm == 0) { 6444 DIP("vmov%u d%u, q%u, #%u\n", 8 << size, dreg, mreg, 6445 shift_imm); 6446 } else { 6447 DIP("vrshrn.i%u d%u, q%u, #%u\n", 8 << size, dreg, mreg, 6448 shift_imm); 6449 } 6450 return True; 6451 } 6452 } else { 6453 /* fall through */ 6454 } 6455 case 9: 6456 dreg = ((theInstr >> 18) & 0x10) | ((theInstr >> 12) & 0xF); 6457 mreg = ((theInstr >> 1) & 0x10) | (theInstr & 0xF); 6458 if (mreg & 1) 6459 return False; 6460 mreg >>= 1; 6461 size++; 6462 if ((theInstr >> 8) & 1) { 6463 switch (size) { 6464 case 1: 6465 op = U ? Iop_ShrN16x8 : Iop_SarN16x8; 6466 cvt = U ? Iop_QNarrowUn16Uto8Ux8 : Iop_QNarrowUn16Sto8Sx8; 6467 cvt2 = U ? Iop_Widen8Uto16x8 : Iop_Widen8Sto16x8; 6468 break; 6469 case 2: 6470 op = U ? Iop_ShrN32x4 : Iop_SarN32x4; 6471 cvt = U ? Iop_QNarrowUn32Uto16Ux4 : Iop_QNarrowUn32Sto16Sx4; 6472 cvt2 = U ? Iop_Widen16Uto32x4 : Iop_Widen16Sto32x4; 6473 break; 6474 case 3: 6475 op = U ? Iop_ShrN64x2 : Iop_SarN64x2; 6476 cvt = U ? Iop_QNarrowUn64Uto32Ux2 : Iop_QNarrowUn64Sto32Sx2; 6477 cvt2 = U ? Iop_Widen32Uto64x2 : Iop_Widen32Sto64x2; 6478 break; 6479 default: 6480 vassert(0); 6481 } 6482 DIP("vq%sshrn.%c%u d%u, q%u, #%u\n", B ? "r" : "", 6483 U ? 'u' : 's', 8 << size, dreg, mreg, shift_imm); 6484 } else { 6485 vassert(U); 6486 switch (size) { 6487 case 1: 6488 op = Iop_SarN16x8; 6489 cvt = Iop_QNarrowUn16Sto8Ux8; 6490 cvt2 = Iop_Widen8Uto16x8; 6491 break; 6492 case 2: 6493 op = Iop_SarN32x4; 6494 cvt = Iop_QNarrowUn32Sto16Ux4; 6495 cvt2 = Iop_Widen16Uto32x4; 6496 break; 6497 case 3: 6498 op = Iop_SarN64x2; 6499 cvt = Iop_QNarrowUn64Sto32Ux2; 6500 cvt2 = Iop_Widen32Uto64x2; 6501 break; 6502 default: 6503 vassert(0); 6504 } 6505 DIP("vq%sshrun.s%u d%u, q%u, #%u\n", B ? "r" : "", 6506 8 << size, dreg, mreg, shift_imm); 6507 } 6508 if (B) { 6509 if (shift_imm > 0) { 6510 imm = 1; 6511 switch (size) { 6512 case 1: imm = (imm << 16) | imm; /* fall through */ 6513 case 2: imm = (imm << 32) | imm; /* fall through */ 6514 case 3: break; 6515 case 0: default: vassert(0); 6516 } 6517 switch (size) { 6518 case 1: add = Iop_Add16x8; break; 6519 case 2: add = Iop_Add32x4; break; 6520 case 3: add = Iop_Add64x2; break; 6521 case 0: default: vassert(0); 6522 } 6523 } 6524 } 6525 reg_m = newTemp(Ity_V128); 6526 res = newTemp(Ity_V128); 6527 assign(reg_m, getQReg(mreg)); 6528 if (B) { 6529 /* VQRSHRN, VQRSHRUN */ 6530 assign(res, binop(add, 6531 binop(op, mkexpr(reg_m), mkU8(shift_imm)), 6532 binop(Iop_AndV128, 6533 binop(op, 6534 mkexpr(reg_m), 6535 mkU8(shift_imm - 1)), 6536 mkU128(imm)))); 6537 } else { 6538 /* VQSHRN, VQSHRUN */ 6539 assign(res, binop(op, mkexpr(reg_m), mkU8(shift_imm))); 6540 } 6541 #ifndef DISABLE_QC_FLAG 6542 setFlag_QC(unop(cvt2, unop(cvt, mkexpr(res))), mkexpr(res), 6543 True, condT); 6544 #endif 6545 putDRegI64(dreg, unop(cvt, mkexpr(res)), condT); 6546 return True; 6547 case 10: 6548 /* VSHLL 6549 VMOVL ::= VSHLL #0 */ 6550 if (B) 6551 return False; 6552 if (dreg & 1) 6553 return False; 6554 dreg >>= 1; 6555 shift_imm = (8 << size) - shift_imm; 6556 res = newTemp(Ity_V128); 6557 switch (size) { 6558 case 0: 6559 op = Iop_ShlN16x8; 6560 cvt = U ? Iop_Widen8Uto16x8 : Iop_Widen8Sto16x8; 6561 break; 6562 case 1: 6563 op = Iop_ShlN32x4; 6564 cvt = U ? Iop_Widen16Uto32x4 : Iop_Widen16Sto32x4; 6565 break; 6566 case 2: 6567 op = Iop_ShlN64x2; 6568 cvt = U ? Iop_Widen32Uto64x2 : Iop_Widen32Sto64x2; 6569 break; 6570 case 3: 6571 return False; 6572 default: 6573 vassert(0); 6574 } 6575 assign(res, binop(op, unop(cvt, getDRegI64(mreg)), mkU8(shift_imm))); 6576 putQReg(dreg, mkexpr(res), condT); 6577 if (shift_imm == 0) { 6578 DIP("vmovl.%c%u q%u, d%u\n", U ? 'u' : 's', 8 << size, 6579 dreg, mreg); 6580 } else { 6581 DIP("vshll.%c%u q%u, d%u, #%u\n", U ? 'u' : 's', 8 << size, 6582 dreg, mreg, shift_imm); 6583 } 6584 return True; 6585 case 14: 6586 case 15: 6587 /* VCVT floating-point <-> fixed-point */ 6588 if ((theInstr >> 8) & 1) { 6589 if (U) { 6590 op = Q ? Iop_F32ToFixed32Ux4_RZ : Iop_F32ToFixed32Ux2_RZ; 6591 } else { 6592 op = Q ? Iop_F32ToFixed32Sx4_RZ : Iop_F32ToFixed32Sx2_RZ; 6593 } 6594 DIP("vcvt.%c32.f32 %c%u, %c%u, #%u\n", U ? 'u' : 's', 6595 Q ? 'q' : 'd', dreg, Q ? 'q' : 'd', mreg, 6596 64 - ((theInstr >> 16) & 0x3f)); 6597 } else { 6598 if (U) { 6599 op = Q ? Iop_Fixed32UToF32x4_RN : Iop_Fixed32UToF32x2_RN; 6600 } else { 6601 op = Q ? Iop_Fixed32SToF32x4_RN : Iop_Fixed32SToF32x2_RN; 6602 } 6603 DIP("vcvt.f32.%c32 %c%u, %c%u, #%u\n", U ? 'u' : 's', 6604 Q ? 'q' : 'd', dreg, Q ? 'q' : 'd', mreg, 6605 64 - ((theInstr >> 16) & 0x3f)); 6606 } 6607 if (((theInstr >> 21) & 1) == 0) 6608 return False; 6609 if (Q) { 6610 putQReg(dreg, binop(op, getQReg(mreg), 6611 mkU8(64 - ((theInstr >> 16) & 0x3f))), condT); 6612 } else { 6613 putDRegI64(dreg, binop(op, getDRegI64(mreg), 6614 mkU8(64 - ((theInstr >> 16) & 0x3f))), condT); 6615 } 6616 return True; 6617 default: 6618 return False; 6619 6620 } 6621 return False; 6622 } 6623 6624 /* A7.4.5 Two registers, miscellaneous */ 6625 static 6626 Bool dis_neon_data_2reg_misc ( UInt theInstr, IRTemp condT ) 6627 { 6628 UInt A = (theInstr >> 16) & 3; 6629 UInt B = (theInstr >> 6) & 0x1f; 6630 UInt Q = (theInstr >> 6) & 1; 6631 UInt U = (theInstr >> 24) & 1; 6632 UInt size = (theInstr >> 18) & 3; 6633 UInt dreg = get_neon_d_regno(theInstr); 6634 UInt mreg = get_neon_m_regno(theInstr); 6635 UInt F = (theInstr >> 10) & 1; 6636 IRTemp arg_d; 6637 IRTemp arg_m; 6638 IRTemp res; 6639 switch (A) { 6640 case 0: 6641 if (Q) { 6642 arg_m = newTemp(Ity_V128); 6643 res = newTemp(Ity_V128); 6644 assign(arg_m, getQReg(mreg)); 6645 } else { 6646 arg_m = newTemp(Ity_I64); 6647 res = newTemp(Ity_I64); 6648 assign(arg_m, getDRegI64(mreg)); 6649 } 6650 switch (B >> 1) { 6651 case 0: { 6652 /* VREV64 */ 6653 IROp op; 6654 switch (size) { 6655 case 0: 6656 op = Q ? Iop_Reverse64_8x16 : Iop_Reverse64_8x8; 6657 break; 6658 case 1: 6659 op = Q ? Iop_Reverse64_16x8 : Iop_Reverse64_16x4; 6660 break; 6661 case 2: 6662 op = Q ? Iop_Reverse64_32x4 : Iop_Reverse64_32x2; 6663 break; 6664 case 3: 6665 return False; 6666 default: 6667 vassert(0); 6668 } 6669 assign(res, unop(op, mkexpr(arg_m))); 6670 DIP("vrev64.%u %c%u, %c%u\n", 8 << size, 6671 Q ? 'q' : 'd', dreg, Q ? 'q' : 'd', mreg); 6672 break; 6673 } 6674 case 1: { 6675 /* VREV32 */ 6676 IROp op; 6677 switch (size) { 6678 case 0: 6679 op = Q ? Iop_Reverse32_8x16 : Iop_Reverse32_8x8; 6680 break; 6681 case 1: 6682 op = Q ? Iop_Reverse32_16x8 : Iop_Reverse32_16x4; 6683 break; 6684 case 2: 6685 case 3: 6686 return False; 6687 default: 6688 vassert(0); 6689 } 6690 assign(res, unop(op, mkexpr(arg_m))); 6691 DIP("vrev32.%u %c%u, %c%u\n", 8 << size, 6692 Q ? 'q' : 'd', dreg, Q ? 'q' : 'd', mreg); 6693 break; 6694 } 6695 case 2: { 6696 /* VREV16 */ 6697 IROp op; 6698 switch (size) { 6699 case 0: 6700 op = Q ? Iop_Reverse16_8x16 : Iop_Reverse16_8x8; 6701 break; 6702 case 1: 6703 case 2: 6704 case 3: 6705 return False; 6706 default: 6707 vassert(0); 6708 } 6709 assign(res, unop(op, mkexpr(arg_m))); 6710 DIP("vrev16.%u %c%u, %c%u\n", 8 << size, 6711 Q ? 'q' : 'd', dreg, Q ? 'q' : 'd', mreg); 6712 break; 6713 } 6714 case 3: 6715 return False; 6716 case 4: 6717 case 5: { 6718 /* VPADDL */ 6719 IROp op; 6720 U = (theInstr >> 7) & 1; 6721 if (Q) { 6722 switch (size) { 6723 case 0: op = U ? Iop_PwAddL8Ux16 : Iop_PwAddL8Sx16; break; 6724 case 1: op = U ? Iop_PwAddL16Ux8 : Iop_PwAddL16Sx8; break; 6725 case 2: op = U ? Iop_PwAddL32Ux4 : Iop_PwAddL32Sx4; break; 6726 case 3: return False; 6727 default: vassert(0); 6728 } 6729 } else { 6730 switch (size) { 6731 case 0: op = U ? Iop_PwAddL8Ux8 : Iop_PwAddL8Sx8; break; 6732 case 1: op = U ? Iop_PwAddL16Ux4 : Iop_PwAddL16Sx4; break; 6733 case 2: op = U ? Iop_PwAddL32Ux2 : Iop_PwAddL32Sx2; break; 6734 case 3: return False; 6735 default: vassert(0); 6736 } 6737 } 6738 assign(res, unop(op, mkexpr(arg_m))); 6739 DIP("vpaddl.%c%u %c%u, %c%u\n", U ? 'u' : 's', 8 << size, 6740 Q ? 'q' : 'd', dreg, Q ? 'q' : 'd', mreg); 6741 break; 6742 } 6743 case 6: 6744 case 7: 6745 return False; 6746 case 8: { 6747 /* VCLS */ 6748 IROp op; 6749 switch (size) { 6750 case 0: op = Q ? Iop_Cls8Sx16 : Iop_Cls8Sx8; break; 6751 case 1: op = Q ? Iop_Cls16Sx8 : Iop_Cls16Sx4; break; 6752 case 2: op = Q ? Iop_Cls32Sx4 : Iop_Cls32Sx2; break; 6753 case 3: return False; 6754 default: vassert(0); 6755 } 6756 assign(res, unop(op, mkexpr(arg_m))); 6757 DIP("vcls.s%u %c%u, %c%u\n", 8 << size, Q ? 'q' : 'd', dreg, 6758 Q ? 'q' : 'd', mreg); 6759 break; 6760 } 6761 case 9: { 6762 /* VCLZ */ 6763 IROp op; 6764 switch (size) { 6765 case 0: op = Q ? Iop_Clz8Sx16 : Iop_Clz8Sx8; break; 6766 case 1: op = Q ? Iop_Clz16Sx8 : Iop_Clz16Sx4; break; 6767 case 2: op = Q ? Iop_Clz32Sx4 : Iop_Clz32Sx2; break; 6768 case 3: return False; 6769 default: vassert(0); 6770 } 6771 assign(res, unop(op, mkexpr(arg_m))); 6772 DIP("vclz.i%u %c%u, %c%u\n", 8 << size, Q ? 'q' : 'd', dreg, 6773 Q ? 'q' : 'd', mreg); 6774 break; 6775 } 6776 case 10: 6777 /* VCNT */ 6778 assign(res, unop(Q ? Iop_Cnt8x16 : Iop_Cnt8x8, mkexpr(arg_m))); 6779 DIP("vcnt.8 %c%u, %c%u\n", Q ? 'q' : 'd', dreg, Q ? 'q' : 'd', 6780 mreg); 6781 break; 6782 case 11: 6783 /* VMVN */ 6784 if (Q) 6785 assign(res, unop(Iop_NotV128, mkexpr(arg_m))); 6786 else 6787 assign(res, unop(Iop_Not64, mkexpr(arg_m))); 6788 DIP("vmvn %c%u, %c%u\n", Q ? 'q' : 'd', dreg, Q ? 'q' : 'd', 6789 mreg); 6790 break; 6791 case 12: 6792 case 13: { 6793 /* VPADAL */ 6794 IROp op, add_op; 6795 U = (theInstr >> 7) & 1; 6796 if (Q) { 6797 switch (size) { 6798 case 0: 6799 op = U ? Iop_PwAddL8Ux16 : Iop_PwAddL8Sx16; 6800 add_op = Iop_Add16x8; 6801 break; 6802 case 1: 6803 op = U ? Iop_PwAddL16Ux8 : Iop_PwAddL16Sx8; 6804 add_op = Iop_Add32x4; 6805 break; 6806 case 2: 6807 op = U ? Iop_PwAddL32Ux4 : Iop_PwAddL32Sx4; 6808 add_op = Iop_Add64x2; 6809 break; 6810 case 3: 6811 return False; 6812 default: 6813 vassert(0); 6814 } 6815 } else { 6816 switch (size) { 6817 case 0: 6818 op = U ? Iop_PwAddL8Ux8 : Iop_PwAddL8Sx8; 6819 add_op = Iop_Add16x4; 6820 break; 6821 case 1: 6822 op = U ? Iop_PwAddL16Ux4 : Iop_PwAddL16Sx4; 6823 add_op = Iop_Add32x2; 6824 break; 6825 case 2: 6826 op = U ? Iop_PwAddL32Ux2 : Iop_PwAddL32Sx2; 6827 add_op = Iop_Add64; 6828 break; 6829 case 3: 6830 return False; 6831 default: 6832 vassert(0); 6833 } 6834 } 6835 if (Q) { 6836 arg_d = newTemp(Ity_V128); 6837 assign(arg_d, getQReg(dreg)); 6838 } else { 6839 arg_d = newTemp(Ity_I64); 6840 assign(arg_d, getDRegI64(dreg)); 6841 } 6842 assign(res, binop(add_op, unop(op, mkexpr(arg_m)), 6843 mkexpr(arg_d))); 6844 DIP("vpadal.%c%u %c%u, %c%u\n", U ? 'u' : 's', 8 << size, 6845 Q ? 'q' : 'd', dreg, Q ? 'q' : 'd', mreg); 6846 break; 6847 } 6848 case 14: { 6849 /* VQABS */ 6850 IROp op_sub, op_qsub, op_cmp; 6851 IRTemp mask, tmp; 6852 IRExpr *zero1, *zero2; 6853 IRExpr *neg, *neg2; 6854 if (Q) { 6855 zero1 = binop(Iop_64HLtoV128, mkU64(0), mkU64(0)); 6856 zero2 = binop(Iop_64HLtoV128, mkU64(0), mkU64(0)); 6857 mask = newTemp(Ity_V128); 6858 tmp = newTemp(Ity_V128); 6859 } else { 6860 zero1 = mkU64(0); 6861 zero2 = mkU64(0); 6862 mask = newTemp(Ity_I64); 6863 tmp = newTemp(Ity_I64); 6864 } 6865 switch (size) { 6866 case 0: 6867 op_sub = Q ? Iop_Sub8x16 : Iop_Sub8x8; 6868 op_qsub = Q ? Iop_QSub8Sx16 : Iop_QSub8Sx8; 6869 op_cmp = Q ? Iop_CmpGT8Sx16 : Iop_CmpGT8Sx8; 6870 break; 6871 case 1: 6872 op_sub = Q ? Iop_Sub16x8 : Iop_Sub16x4; 6873 op_qsub = Q ? Iop_QSub16Sx8 : Iop_QSub16Sx4; 6874 op_cmp = Q ? Iop_CmpGT16Sx8 : Iop_CmpGT16Sx4; 6875 break; 6876 case 2: 6877 op_sub = Q ? Iop_Sub32x4 : Iop_Sub32x2; 6878 op_qsub = Q ? Iop_QSub32Sx4 : Iop_QSub32Sx2; 6879 op_cmp = Q ? Iop_CmpGT32Sx4 : Iop_CmpGT32Sx2; 6880 break; 6881 case 3: 6882 return False; 6883 default: 6884 vassert(0); 6885 } 6886 assign(mask, binop(op_cmp, mkexpr(arg_m), zero1)); 6887 neg = binop(op_qsub, zero2, mkexpr(arg_m)); 6888 neg2 = binop(op_sub, zero2, mkexpr(arg_m)); 6889 assign(res, binop(Q ? Iop_OrV128 : Iop_Or64, 6890 binop(Q ? Iop_AndV128 : Iop_And64, 6891 mkexpr(mask), 6892 mkexpr(arg_m)), 6893 binop(Q ? Iop_AndV128 : Iop_And64, 6894 unop(Q ? Iop_NotV128 : Iop_Not64, 6895 mkexpr(mask)), 6896 neg))); 6897 #ifndef DISABLE_QC_FLAG 6898 assign(tmp, binop(Q ? Iop_OrV128 : Iop_Or64, 6899 binop(Q ? Iop_AndV128 : Iop_And64, 6900 mkexpr(mask), 6901 mkexpr(arg_m)), 6902 binop(Q ? Iop_AndV128 : Iop_And64, 6903 unop(Q ? Iop_NotV128 : Iop_Not64, 6904 mkexpr(mask)), 6905 neg2))); 6906 setFlag_QC(mkexpr(res), mkexpr(tmp), Q, condT); 6907 #endif 6908 DIP("vqabs.s%u %c%u, %c%u\n", 8 << size, Q ? 'q' : 'd', dreg, 6909 Q ? 'q' : 'd', mreg); 6910 break; 6911 } 6912 case 15: { 6913 /* VQNEG */ 6914 IROp op, op2; 6915 IRExpr *zero; 6916 if (Q) { 6917 zero = binop(Iop_64HLtoV128, mkU64(0), mkU64(0)); 6918 } else { 6919 zero = mkU64(0); 6920 } 6921 switch (size) { 6922 case 0: 6923 op = Q ? Iop_QSub8Sx16 : Iop_QSub8Sx8; 6924 op2 = Q ? Iop_Sub8x16 : Iop_Sub8x8; 6925 break; 6926 case 1: 6927 op = Q ? Iop_QSub16Sx8 : Iop_QSub16Sx4; 6928 op2 = Q ? Iop_Sub16x8 : Iop_Sub16x4; 6929 break; 6930 case 2: 6931 op = Q ? Iop_QSub32Sx4 : Iop_QSub32Sx2; 6932 op2 = Q ? Iop_Sub32x4 : Iop_Sub32x2; 6933 break; 6934 case 3: 6935 return False; 6936 default: 6937 vassert(0); 6938 } 6939 assign(res, binop(op, zero, mkexpr(arg_m))); 6940 #ifndef DISABLE_QC_FLAG 6941 setFlag_QC(mkexpr(res), binop(op2, zero, mkexpr(arg_m)), 6942 Q, condT); 6943 #endif 6944 DIP("vqneg.s%u %c%u, %c%u\n", 8 << size, Q ? 'q' : 'd', dreg, 6945 Q ? 'q' : 'd', mreg); 6946 break; 6947 } 6948 default: 6949 vassert(0); 6950 } 6951 if (Q) { 6952 putQReg(dreg, mkexpr(res), condT); 6953 } else { 6954 putDRegI64(dreg, mkexpr(res), condT); 6955 } 6956 return True; 6957 case 1: 6958 if (Q) { 6959 arg_m = newTemp(Ity_V128); 6960 res = newTemp(Ity_V128); 6961 assign(arg_m, getQReg(mreg)); 6962 } else { 6963 arg_m = newTemp(Ity_I64); 6964 res = newTemp(Ity_I64); 6965 assign(arg_m, getDRegI64(mreg)); 6966 } 6967 switch ((B >> 1) & 0x7) { 6968 case 0: { 6969 /* VCGT #0 */ 6970 IRExpr *zero; 6971 IROp op; 6972 if (Q) { 6973 zero = binop(Iop_64HLtoV128, mkU64(0), mkU64(0)); 6974 } else { 6975 zero = mkU64(0); 6976 } 6977 if (F) { 6978 switch (size) { 6979 case 0: case 1: case 3: return False; 6980 case 2: op = Q ? Iop_CmpGT32Fx4 : Iop_CmpGT32Fx2; break; 6981 default: vassert(0); 6982 } 6983 } else { 6984 switch (size) { 6985 case 0: op = Q ? Iop_CmpGT8Sx16 : Iop_CmpGT8Sx8; break; 6986 case 1: op = Q ? Iop_CmpGT16Sx8 : Iop_CmpGT16Sx4; break; 6987 case 2: op = Q ? Iop_CmpGT32Sx4 : Iop_CmpGT32Sx2; break; 6988 case 3: return False; 6989 default: vassert(0); 6990 } 6991 } 6992 assign(res, binop(op, mkexpr(arg_m), zero)); 6993 DIP("vcgt.%c%u %c%u, %c%u, #0\n", F ? 'f' : 's', 8 << size, 6994 Q ? 'q' : 'd', dreg, Q ? 'q' : 'd', mreg); 6995 break; 6996 } 6997 case 1: { 6998 /* VCGE #0 */ 6999 IROp op; 7000 IRExpr *zero; 7001 if (Q) { 7002 zero = binop(Iop_64HLtoV128, mkU64(0), mkU64(0)); 7003 } else { 7004 zero = mkU64(0); 7005 } 7006 if (F) { 7007 switch (size) { 7008 case 0: case 1: case 3: return False; 7009 case 2: op = Q ? Iop_CmpGE32Fx4 : Iop_CmpGE32Fx2; break; 7010 default: vassert(0); 7011 } 7012 assign(res, binop(op, mkexpr(arg_m), zero)); 7013 } else { 7014 switch (size) { 7015 case 0: op = Q ? Iop_CmpGT8Sx16 : Iop_CmpGT8Sx8; break; 7016 case 1: op = Q ? Iop_CmpGT16Sx8 : Iop_CmpGT16Sx4; break; 7017 case 2: op = Q ? Iop_CmpGT32Sx4 : Iop_CmpGT32Sx2; break; 7018 case 3: return False; 7019 default: vassert(0); 7020 } 7021 assign(res, unop(Q ? Iop_NotV128 : Iop_Not64, 7022 binop(op, zero, mkexpr(arg_m)))); 7023 } 7024 DIP("vcge.%c%u %c%u, %c%u, #0\n", F ? 'f' : 's', 8 << size, 7025 Q ? 'q' : 'd', dreg, Q ? 'q' : 'd', mreg); 7026 break; 7027 } 7028 case 2: { 7029 /* VCEQ #0 */ 7030 IROp op; 7031 IRExpr *zero; 7032 if (F) { 7033 if (Q) { 7034 zero = binop(Iop_64HLtoV128, mkU64(0), mkU64(0)); 7035 } else { 7036 zero = mkU64(0); 7037 } 7038 switch (size) { 7039 case 0: case 1: case 3: return False; 7040 case 2: op = Q ? Iop_CmpEQ32Fx4 : Iop_CmpEQ32Fx2; break; 7041 default: vassert(0); 7042 } 7043 assign(res, binop(op, zero, mkexpr(arg_m))); 7044 } else { 7045 switch (size) { 7046 case 0: op = Q ? Iop_CmpNEZ8x16 : Iop_CmpNEZ8x8; break; 7047 case 1: op = Q ? Iop_CmpNEZ16x8 : Iop_CmpNEZ16x4; break; 7048 case 2: op = Q ? Iop_CmpNEZ32x4 : Iop_CmpNEZ32x2; break; 7049 case 3: return False; 7050 default: vassert(0); 7051 } 7052 assign(res, unop(Q ? Iop_NotV128 : Iop_Not64, 7053 unop(op, mkexpr(arg_m)))); 7054 } 7055 DIP("vceq.%c%u %c%u, %c%u, #0\n", F ? 'f' : 'i', 8 << size, 7056 Q ? 'q' : 'd', dreg, Q ? 'q' : 'd', mreg); 7057 break; 7058 } 7059 case 3: { 7060 /* VCLE #0 */ 7061 IRExpr *zero; 7062 IROp op; 7063 if (Q) { 7064 zero = binop(Iop_64HLtoV128, mkU64(0), mkU64(0)); 7065 } else { 7066 zero = mkU64(0); 7067 } 7068 if (F) { 7069 switch (size) { 7070 case 0: case 1: case 3: return False; 7071 case 2: op = Q ? Iop_CmpGE32Fx4 : Iop_CmpGE32Fx2; break; 7072 default: vassert(0); 7073 } 7074 assign(res, binop(op, zero, mkexpr(arg_m))); 7075 } else { 7076 switch (size) { 7077 case 0: op = Q ? Iop_CmpGT8Sx16 : Iop_CmpGT8Sx8; break; 7078 case 1: op = Q ? Iop_CmpGT16Sx8 : Iop_CmpGT16Sx4; break; 7079 case 2: op = Q ? Iop_CmpGT32Sx4 : Iop_CmpGT32Sx2; break; 7080 case 3: return False; 7081 default: vassert(0); 7082 } 7083 assign(res, unop(Q ? Iop_NotV128 : Iop_Not64, 7084 binop(op, mkexpr(arg_m), zero))); 7085 } 7086 DIP("vcle.%c%u %c%u, %c%u, #0\n", F ? 'f' : 's', 8 << size, 7087 Q ? 'q' : 'd', dreg, Q ? 'q' : 'd', mreg); 7088 break; 7089 } 7090 case 4: { 7091 /* VCLT #0 */ 7092 IROp op; 7093 IRExpr *zero; 7094 if (Q) { 7095 zero = binop(Iop_64HLtoV128, mkU64(0), mkU64(0)); 7096 } else { 7097 zero = mkU64(0); 7098 } 7099 if (F) { 7100 switch (size) { 7101 case 0: case 1: case 3: return False; 7102 case 2: op = Q ? Iop_CmpGT32Fx4 : Iop_CmpGT32Fx2; break; 7103 default: vassert(0); 7104 } 7105 assign(res, binop(op, zero, mkexpr(arg_m))); 7106 } else { 7107 switch (size) { 7108 case 0: op = Q ? Iop_CmpGT8Sx16 : Iop_CmpGT8Sx8; break; 7109 case 1: op = Q ? Iop_CmpGT16Sx8 : Iop_CmpGT16Sx4; break; 7110 case 2: op = Q ? Iop_CmpGT32Sx4 : Iop_CmpGT32Sx2; break; 7111 case 3: return False; 7112 default: vassert(0); 7113 } 7114 assign(res, binop(op, zero, mkexpr(arg_m))); 7115 } 7116 DIP("vclt.%c%u %c%u, %c%u, #0\n", F ? 'f' : 's', 8 << size, 7117 Q ? 'q' : 'd', dreg, Q ? 'q' : 'd', mreg); 7118 break; 7119 } 7120 case 5: 7121 return False; 7122 case 6: { 7123 /* VABS */ 7124 if (!F) { 7125 IROp op; 7126 switch(size) { 7127 case 0: op = Q ? Iop_Abs8x16 : Iop_Abs8x8; break; 7128 case 1: op = Q ? Iop_Abs16x8 : Iop_Abs16x4; break; 7129 case 2: op = Q ? Iop_Abs32x4 : Iop_Abs32x2; break; 7130 case 3: return False; 7131 default: vassert(0); 7132 } 7133 assign(res, unop(op, mkexpr(arg_m))); 7134 } else { 7135 assign(res, unop(Q ? Iop_Abs32Fx4 : Iop_Abs32Fx2, 7136 mkexpr(arg_m))); 7137 } 7138 DIP("vabs.%c%u %c%u, %c%u\n", 7139 F ? 'f' : 's', 8 << size, Q ? 'q' : 'd', dreg, 7140 Q ? 'q' : 'd', mreg); 7141 break; 7142 } 7143 case 7: { 7144 /* VNEG */ 7145 IROp op; 7146 IRExpr *zero; 7147 if (F) { 7148 switch (size) { 7149 case 0: case 1: case 3: return False; 7150 case 2: op = Q ? Iop_Neg32Fx4 : Iop_Neg32Fx2; break; 7151 default: vassert(0); 7152 } 7153 assign(res, unop(op, mkexpr(arg_m))); 7154 } else { 7155 if (Q) { 7156 zero = binop(Iop_64HLtoV128, mkU64(0), mkU64(0)); 7157 } else { 7158 zero = mkU64(0); 7159 } 7160 switch (size) { 7161 case 0: op = Q ? Iop_Sub8x16 : Iop_Sub8x8; break; 7162 case 1: op = Q ? Iop_Sub16x8 : Iop_Sub16x4; break; 7163 case 2: op = Q ? Iop_Sub32x4 : Iop_Sub32x2; break; 7164 case 3: return False; 7165 default: vassert(0); 7166 } 7167 assign(res, binop(op, zero, mkexpr(arg_m))); 7168 } 7169 DIP("vneg.%c%u %c%u, %c%u\n", 7170 F ? 'f' : 's', 8 << size, Q ? 'q' : 'd', dreg, 7171 Q ? 'q' : 'd', mreg); 7172 break; 7173 } 7174 default: 7175 vassert(0); 7176 } 7177 if (Q) { 7178 putQReg(dreg, mkexpr(res), condT); 7179 } else { 7180 putDRegI64(dreg, mkexpr(res), condT); 7181 } 7182 return True; 7183 case 2: 7184 if ((B >> 1) == 0) { 7185 /* VSWP */ 7186 if (Q) { 7187 arg_m = newTemp(Ity_V128); 7188 assign(arg_m, getQReg(mreg)); 7189 putQReg(mreg, getQReg(dreg), condT); 7190 putQReg(dreg, mkexpr(arg_m), condT); 7191 } else { 7192 arg_m = newTemp(Ity_I64); 7193 assign(arg_m, getDRegI64(mreg)); 7194 putDRegI64(mreg, getDRegI64(dreg), condT); 7195 putDRegI64(dreg, mkexpr(arg_m), condT); 7196 } 7197 DIP("vswp %c%u, %c%u\n", 7198 Q ? 'q' : 'd', dreg, Q ? 'q' : 'd', mreg); 7199 return True; 7200 } else if ((B >> 1) == 1) { 7201 /* VTRN */ 7202 IROp op_lo, op_hi; 7203 IRTemp res1, res2; 7204 if (Q) { 7205 arg_m = newTemp(Ity_V128); 7206 arg_d = newTemp(Ity_V128); 7207 res1 = newTemp(Ity_V128); 7208 res2 = newTemp(Ity_V128); 7209 assign(arg_m, getQReg(mreg)); 7210 assign(arg_d, getQReg(dreg)); 7211 } else { 7212 res1 = newTemp(Ity_I64); 7213 res2 = newTemp(Ity_I64); 7214 arg_m = newTemp(Ity_I64); 7215 arg_d = newTemp(Ity_I64); 7216 assign(arg_m, getDRegI64(mreg)); 7217 assign(arg_d, getDRegI64(dreg)); 7218 } 7219 if (Q) { 7220 switch (size) { 7221 case 0: 7222 op_lo = Iop_InterleaveOddLanes8x16; 7223 op_hi = Iop_InterleaveEvenLanes8x16; 7224 break; 7225 case 1: 7226 op_lo = Iop_InterleaveOddLanes16x8; 7227 op_hi = Iop_InterleaveEvenLanes16x8; 7228 break; 7229 case 2: 7230 op_lo = Iop_InterleaveOddLanes32x4; 7231 op_hi = Iop_InterleaveEvenLanes32x4; 7232 break; 7233 case 3: 7234 return False; 7235 default: 7236 vassert(0); 7237 } 7238 } else { 7239 switch (size) { 7240 case 0: 7241 op_lo = Iop_InterleaveOddLanes8x8; 7242 op_hi = Iop_InterleaveEvenLanes8x8; 7243 break; 7244 case 1: 7245 op_lo = Iop_InterleaveOddLanes16x4; 7246 op_hi = Iop_InterleaveEvenLanes16x4; 7247 break; 7248 case 2: 7249 op_lo = Iop_InterleaveLO32x2; 7250 op_hi = Iop_InterleaveHI32x2; 7251 break; 7252 case 3: 7253 return False; 7254 default: 7255 vassert(0); 7256 } 7257 } 7258 assign(res1, binop(op_lo, mkexpr(arg_m), mkexpr(arg_d))); 7259 assign(res2, binop(op_hi, mkexpr(arg_m), mkexpr(arg_d))); 7260 if (Q) { 7261 putQReg(dreg, mkexpr(res1), condT); 7262 putQReg(mreg, mkexpr(res2), condT); 7263 } else { 7264 putDRegI64(dreg, mkexpr(res1), condT); 7265 putDRegI64(mreg, mkexpr(res2), condT); 7266 } 7267 DIP("vtrn.%u %c%u, %c%u\n", 7268 8 << size, Q ? 'q' : 'd', dreg, Q ? 'q' : 'd', mreg); 7269 return True; 7270 } else if ((B >> 1) == 2) { 7271 /* VUZP */ 7272 IROp op_lo, op_hi; 7273 IRTemp res1, res2; 7274 if (!Q && size == 2) 7275 return False; 7276 if (Q) { 7277 arg_m = newTemp(Ity_V128); 7278 arg_d = newTemp(Ity_V128); 7279 res1 = newTemp(Ity_V128); 7280 res2 = newTemp(Ity_V128); 7281 assign(arg_m, getQReg(mreg)); 7282 assign(arg_d, getQReg(dreg)); 7283 } else { 7284 res1 = newTemp(Ity_I64); 7285 res2 = newTemp(Ity_I64); 7286 arg_m = newTemp(Ity_I64); 7287 arg_d = newTemp(Ity_I64); 7288 assign(arg_m, getDRegI64(mreg)); 7289 assign(arg_d, getDRegI64(dreg)); 7290 } 7291 switch (size) { 7292 case 0: 7293 op_lo = Q ? Iop_CatOddLanes8x16 : Iop_CatOddLanes8x8; 7294 op_hi = Q ? Iop_CatEvenLanes8x16 : Iop_CatEvenLanes8x8; 7295 break; 7296 case 1: 7297 op_lo = Q ? Iop_CatOddLanes16x8 : Iop_CatOddLanes16x4; 7298 op_hi = Q ? Iop_CatEvenLanes16x8 : Iop_CatEvenLanes16x4; 7299 break; 7300 case 2: 7301 op_lo = Iop_CatOddLanes32x4; 7302 op_hi = Iop_CatEvenLanes32x4; 7303 break; 7304 case 3: 7305 return False; 7306 default: 7307 vassert(0); 7308 } 7309 assign(res1, binop(op_lo, mkexpr(arg_m), mkexpr(arg_d))); 7310 assign(res2, binop(op_hi, mkexpr(arg_m), mkexpr(arg_d))); 7311 if (Q) { 7312 putQReg(dreg, mkexpr(res1), condT); 7313 putQReg(mreg, mkexpr(res2), condT); 7314 } else { 7315 putDRegI64(dreg, mkexpr(res1), condT); 7316 putDRegI64(mreg, mkexpr(res2), condT); 7317 } 7318 DIP("vuzp.%u %c%u, %c%u\n", 7319 8 << size, Q ? 'q' : 'd', dreg, Q ? 'q' : 'd', mreg); 7320 return True; 7321 } else if ((B >> 1) == 3) { 7322 /* VZIP */ 7323 IROp op_lo, op_hi; 7324 IRTemp res1, res2; 7325 if (!Q && size == 2) 7326 return False; 7327 if (Q) { 7328 arg_m = newTemp(Ity_V128); 7329 arg_d = newTemp(Ity_V128); 7330 res1 = newTemp(Ity_V128); 7331 res2 = newTemp(Ity_V128); 7332 assign(arg_m, getQReg(mreg)); 7333 assign(arg_d, getQReg(dreg)); 7334 } else { 7335 res1 = newTemp(Ity_I64); 7336 res2 = newTemp(Ity_I64); 7337 arg_m = newTemp(Ity_I64); 7338 arg_d = newTemp(Ity_I64); 7339 assign(arg_m, getDRegI64(mreg)); 7340 assign(arg_d, getDRegI64(dreg)); 7341 } 7342 switch (size) { 7343 case 0: 7344 op_lo = Q ? Iop_InterleaveHI8x16 : Iop_InterleaveHI8x8; 7345 op_hi = Q ? Iop_InterleaveLO8x16 : Iop_InterleaveLO8x8; 7346 break; 7347 case 1: 7348 op_lo = Q ? Iop_InterleaveHI16x8 : Iop_InterleaveHI16x4; 7349 op_hi = Q ? Iop_InterleaveLO16x8 : Iop_InterleaveLO16x4; 7350 break; 7351 case 2: 7352 op_lo = Iop_InterleaveHI32x4; 7353 op_hi = Iop_InterleaveLO32x4; 7354 break; 7355 case 3: 7356 return False; 7357 default: 7358 vassert(0); 7359 } 7360 assign(res1, binop(op_lo, mkexpr(arg_m), mkexpr(arg_d))); 7361 assign(res2, binop(op_hi, mkexpr(arg_m), mkexpr(arg_d))); 7362 if (Q) { 7363 putQReg(dreg, mkexpr(res1), condT); 7364 putQReg(mreg, mkexpr(res2), condT); 7365 } else { 7366 putDRegI64(dreg, mkexpr(res1), condT); 7367 putDRegI64(mreg, mkexpr(res2), condT); 7368 } 7369 DIP("vzip.%u %c%u, %c%u\n", 7370 8 << size, Q ? 'q' : 'd', dreg, Q ? 'q' : 'd', mreg); 7371 return True; 7372 } else if (B == 8) { 7373 /* VMOVN */ 7374 IROp op; 7375 mreg >>= 1; 7376 switch (size) { 7377 case 0: op = Iop_NarrowUn16to8x8; break; 7378 case 1: op = Iop_NarrowUn32to16x4; break; 7379 case 2: op = Iop_NarrowUn64to32x2; break; 7380 case 3: return False; 7381 default: vassert(0); 7382 } 7383 putDRegI64(dreg, unop(op, getQReg(mreg)), condT); 7384 DIP("vmovn.i%u d%u, q%u\n", 16 << size, dreg, mreg); 7385 return True; 7386 } else if (B == 9 || (B >> 1) == 5) { 7387 /* VQMOVN, VQMOVUN */ 7388 IROp op, op2; 7389 IRTemp tmp; 7390 dreg = ((theInstr >> 18) & 0x10) | ((theInstr >> 12) & 0xF); 7391 mreg = ((theInstr >> 1) & 0x10) | (theInstr & 0xF); 7392 if (mreg & 1) 7393 return False; 7394 mreg >>= 1; 7395 switch (size) { 7396 case 0: op2 = Iop_NarrowUn16to8x8; break; 7397 case 1: op2 = Iop_NarrowUn32to16x4; break; 7398 case 2: op2 = Iop_NarrowUn64to32x2; break; 7399 case 3: return False; 7400 default: vassert(0); 7401 } 7402 switch (B & 3) { 7403 case 0: 7404 vassert(0); 7405 case 1: 7406 switch (size) { 7407 case 0: op = Iop_QNarrowUn16Sto8Ux8; break; 7408 case 1: op = Iop_QNarrowUn32Sto16Ux4; break; 7409 case 2: op = Iop_QNarrowUn64Sto32Ux2; break; 7410 case 3: return False; 7411 default: vassert(0); 7412 } 7413 DIP("vqmovun.s%u d%u, q%u\n", 16 << size, dreg, mreg); 7414 break; 7415 case 2: 7416 switch (size) { 7417 case 0: op = Iop_QNarrowUn16Sto8Sx8; break; 7418 case 1: op = Iop_QNarrowUn32Sto16Sx4; break; 7419 case 2: op = Iop_QNarrowUn64Sto32Sx2; break; 7420 case 3: return False; 7421 default: vassert(0); 7422 } 7423 DIP("vqmovn.s%u d%u, q%u\n", 16 << size, dreg, mreg); 7424 break; 7425 case 3: 7426 switch (size) { 7427 case 0: op = Iop_QNarrowUn16Uto8Ux8; break; 7428 case 1: op = Iop_QNarrowUn32Uto16Ux4; break; 7429 case 2: op = Iop_QNarrowUn64Uto32Ux2; break; 7430 case 3: return False; 7431 default: vassert(0); 7432 } 7433 DIP("vqmovn.u%u d%u, q%u\n", 16 << size, dreg, mreg); 7434 break; 7435 default: 7436 vassert(0); 7437 } 7438 res = newTemp(Ity_I64); 7439 tmp = newTemp(Ity_I64); 7440 assign(res, unop(op, getQReg(mreg))); 7441 #ifndef DISABLE_QC_FLAG 7442 assign(tmp, unop(op2, getQReg(mreg))); 7443 setFlag_QC(mkexpr(res), mkexpr(tmp), False, condT); 7444 #endif 7445 putDRegI64(dreg, mkexpr(res), condT); 7446 return True; 7447 } else if (B == 12) { 7448 /* VSHLL (maximum shift) */ 7449 IROp op, cvt; 7450 UInt shift_imm; 7451 if (Q) 7452 return False; 7453 if (dreg & 1) 7454 return False; 7455 dreg >>= 1; 7456 shift_imm = 8 << size; 7457 res = newTemp(Ity_V128); 7458 switch (size) { 7459 case 0: op = Iop_ShlN16x8; cvt = Iop_Widen8Uto16x8; break; 7460 case 1: op = Iop_ShlN32x4; cvt = Iop_Widen16Uto32x4; break; 7461 case 2: op = Iop_ShlN64x2; cvt = Iop_Widen32Uto64x2; break; 7462 case 3: return False; 7463 default: vassert(0); 7464 } 7465 assign(res, binop(op, unop(cvt, getDRegI64(mreg)), 7466 mkU8(shift_imm))); 7467 putQReg(dreg, mkexpr(res), condT); 7468 DIP("vshll.i%u q%u, d%u, #%u\n", 8 << size, dreg, mreg, 8 << size); 7469 return True; 7470 } else if ((B >> 3) == 3 && (B & 3) == 0) { 7471 /* VCVT (half<->single) */ 7472 /* Half-precision extensions are needed to run this */ 7473 vassert(0); // ATC 7474 if (((theInstr >> 18) & 3) != 1) 7475 return False; 7476 if ((theInstr >> 8) & 1) { 7477 if (dreg & 1) 7478 return False; 7479 dreg >>= 1; 7480 putQReg(dreg, unop(Iop_F16toF32x4, getDRegI64(mreg)), 7481 condT); 7482 DIP("vcvt.f32.f16 q%u, d%u\n", dreg, mreg); 7483 } else { 7484 if (mreg & 1) 7485 return False; 7486 mreg >>= 1; 7487 putDRegI64(dreg, unop(Iop_F32toF16x4, getQReg(mreg)), 7488 condT); 7489 DIP("vcvt.f16.f32 d%u, q%u\n", dreg, mreg); 7490 } 7491 return True; 7492 } else { 7493 return False; 7494 } 7495 vassert(0); 7496 return True; 7497 case 3: 7498 if (((B >> 1) & BITS4(1,1,0,1)) == BITS4(1,0,0,0)) { 7499 /* VRECPE */ 7500 IROp op; 7501 F = (theInstr >> 8) & 1; 7502 if (size != 2) 7503 return False; 7504 if (Q) { 7505 op = F ? Iop_Recip32Fx4 : Iop_Recip32x4; 7506 putQReg(dreg, unop(op, getQReg(mreg)), condT); 7507 DIP("vrecpe.%c32 q%u, q%u\n", F ? 'f' : 'u', dreg, mreg); 7508 } else { 7509 op = F ? Iop_Recip32Fx2 : Iop_Recip32x2; 7510 putDRegI64(dreg, unop(op, getDRegI64(mreg)), condT); 7511 DIP("vrecpe.%c32 d%u, d%u\n", F ? 'f' : 'u', dreg, mreg); 7512 } 7513 return True; 7514 } else if (((B >> 1) & BITS4(1,1,0,1)) == BITS4(1,0,0,1)) { 7515 /* VRSQRTE */ 7516 IROp op; 7517 F = (B >> 2) & 1; 7518 if (size != 2) 7519 return False; 7520 if (F) { 7521 /* fp */ 7522 op = Q ? Iop_Rsqrte32Fx4 : Iop_Rsqrte32Fx2; 7523 } else { 7524 /* unsigned int */ 7525 op = Q ? Iop_Rsqrte32x4 : Iop_Rsqrte32x2; 7526 } 7527 if (Q) { 7528 putQReg(dreg, unop(op, getQReg(mreg)), condT); 7529 DIP("vrsqrte.%c32 q%u, q%u\n", F ? 'f' : 'u', dreg, mreg); 7530 } else { 7531 putDRegI64(dreg, unop(op, getDRegI64(mreg)), condT); 7532 DIP("vrsqrte.%c32 d%u, d%u\n", F ? 'f' : 'u', dreg, mreg); 7533 } 7534 return True; 7535 } else if ((B >> 3) == 3) { 7536 /* VCVT (fp<->integer) */ 7537 IROp op; 7538 if (size != 2) 7539 return False; 7540 switch ((B >> 1) & 3) { 7541 case 0: 7542 op = Q ? Iop_I32StoFx4 : Iop_I32StoFx2; 7543 DIP("vcvt.f32.s32 %c%u, %c%u\n", 7544 Q ? 'q' : 'd', dreg, Q ? 'q' : 'd', mreg); 7545 break; 7546 case 1: 7547 op = Q ? Iop_I32UtoFx4 : Iop_I32UtoFx2; 7548 DIP("vcvt.f32.u32 %c%u, %c%u\n", 7549 Q ? 'q' : 'd', dreg, Q ? 'q' : 'd', mreg); 7550 break; 7551 case 2: 7552 op = Q ? Iop_FtoI32Sx4_RZ : Iop_FtoI32Sx2_RZ; 7553 DIP("vcvt.s32.f32 %c%u, %c%u\n", 7554 Q ? 'q' : 'd', dreg, Q ? 'q' : 'd', mreg); 7555 break; 7556 case 3: 7557 op = Q ? Iop_FtoI32Ux4_RZ : Iop_FtoI32Ux2_RZ; 7558 DIP("vcvt.u32.f32 %c%u, %c%u\n", 7559 Q ? 'q' : 'd', dreg, Q ? 'q' : 'd', mreg); 7560 break; 7561 default: 7562 vassert(0); 7563 } 7564 if (Q) { 7565 putQReg(dreg, unop(op, getQReg(mreg)), condT); 7566 } else { 7567 putDRegI64(dreg, unop(op, getDRegI64(mreg)), condT); 7568 } 7569 return True; 7570 } else { 7571 return False; 7572 } 7573 vassert(0); 7574 return True; 7575 default: 7576 vassert(0); 7577 } 7578 return False; 7579 } 7580 7581 /* A7.4.6 One register and a modified immediate value */ 7582 static 7583 void ppNeonImm(UInt imm, UInt cmode, UInt op) 7584 { 7585 int i; 7586 switch (cmode) { 7587 case 0: case 1: case 8: case 9: 7588 vex_printf("0x%x", imm); 7589 break; 7590 case 2: case 3: case 10: case 11: 7591 vex_printf("0x%x00", imm); 7592 break; 7593 case 4: case 5: 7594 vex_printf("0x%x0000", imm); 7595 break; 7596 case 6: case 7: 7597 vex_printf("0x%x000000", imm); 7598 break; 7599 case 12: 7600 vex_printf("0x%xff", imm); 7601 break; 7602 case 13: 7603 vex_printf("0x%xffff", imm); 7604 break; 7605 case 14: 7606 if (op) { 7607 vex_printf("0x"); 7608 for (i = 7; i >= 0; i--) 7609 vex_printf("%s", (imm & (1 << i)) ? "ff" : "00"); 7610 } else { 7611 vex_printf("0x%x", imm); 7612 } 7613 break; 7614 case 15: 7615 vex_printf("0x%x", imm); 7616 break; 7617 } 7618 } 7619 7620 static 7621 const char *ppNeonImmType(UInt cmode, UInt op) 7622 { 7623 switch (cmode) { 7624 case 0 ... 7: 7625 case 12: case 13: 7626 return "i32"; 7627 case 8 ... 11: 7628 return "i16"; 7629 case 14: 7630 if (op) 7631 return "i64"; 7632 else 7633 return "i8"; 7634 case 15: 7635 if (op) 7636 vassert(0); 7637 else 7638 return "f32"; 7639 default: 7640 vassert(0); 7641 } 7642 } 7643 7644 static 7645 void DIPimm(UInt imm, UInt cmode, UInt op, 7646 const char *instr, UInt Q, UInt dreg) 7647 { 7648 if (vex_traceflags & VEX_TRACE_FE) { 7649 vex_printf("%s.%s %c%u, #", instr, 7650 ppNeonImmType(cmode, op), Q ? 'q' : 'd', dreg); 7651 ppNeonImm(imm, cmode, op); 7652 vex_printf("\n"); 7653 } 7654 } 7655 7656 static 7657 Bool dis_neon_data_1reg_and_imm ( UInt theInstr, IRTemp condT ) 7658 { 7659 UInt dreg = get_neon_d_regno(theInstr); 7660 ULong imm_raw = ((theInstr >> 17) & 0x80) | ((theInstr >> 12) & 0x70) | 7661 (theInstr & 0xf); 7662 ULong imm_raw_pp = imm_raw; 7663 UInt cmode = (theInstr >> 8) & 0xf; 7664 UInt op_bit = (theInstr >> 5) & 1; 7665 ULong imm = 0; 7666 UInt Q = (theInstr >> 6) & 1; 7667 int i, j; 7668 UInt tmp; 7669 IRExpr *imm_val; 7670 IRExpr *expr; 7671 IRTemp tmp_var; 7672 switch(cmode) { 7673 case 7: case 6: 7674 imm_raw = imm_raw << 8; 7675 /* fallthrough */ 7676 case 5: case 4: 7677 imm_raw = imm_raw << 8; 7678 /* fallthrough */ 7679 case 3: case 2: 7680 imm_raw = imm_raw << 8; 7681 /* fallthrough */ 7682 case 0: case 1: 7683 imm = (imm_raw << 32) | imm_raw; 7684 break; 7685 case 11: case 10: 7686 imm_raw = imm_raw << 8; 7687 /* fallthrough */ 7688 case 9: case 8: 7689 imm_raw = (imm_raw << 16) | imm_raw; 7690 imm = (imm_raw << 32) | imm_raw; 7691 break; 7692 case 13: 7693 imm_raw = (imm_raw << 8) | 0xff; 7694 /* fallthrough */ 7695 case 12: 7696 imm_raw = (imm_raw << 8) | 0xff; 7697 imm = (imm_raw << 32) | imm_raw; 7698 break; 7699 case 14: 7700 if (! op_bit) { 7701 for(i = 0; i < 8; i++) { 7702 imm = (imm << 8) | imm_raw; 7703 } 7704 } else { 7705 for(i = 7; i >= 0; i--) { 7706 tmp = 0; 7707 for(j = 0; j < 8; j++) { 7708 tmp = (tmp << 1) | ((imm_raw >> i) & 1); 7709 } 7710 imm = (imm << 8) | tmp; 7711 } 7712 } 7713 break; 7714 case 15: 7715 imm = (imm_raw & 0x80) << 5; 7716 imm |= ((~imm_raw & 0x40) << 5); 7717 for(i = 1; i <= 4; i++) 7718 imm |= (imm_raw & 0x40) << i; 7719 imm |= (imm_raw & 0x7f); 7720 imm = imm << 19; 7721 imm = (imm << 32) | imm; 7722 break; 7723 default: 7724 return False; 7725 } 7726 if (Q) { 7727 imm_val = binop(Iop_64HLtoV128, mkU64(imm), mkU64(imm)); 7728 } else { 7729 imm_val = mkU64(imm); 7730 } 7731 if (((op_bit == 0) && 7732 (((cmode & 9) == 0) || ((cmode & 13) == 8) || ((cmode & 12) == 12))) || 7733 ((op_bit == 1) && (cmode == 14))) { 7734 /* VMOV (immediate) */ 7735 if (Q) { 7736 putQReg(dreg, imm_val, condT); 7737 } else { 7738 putDRegI64(dreg, imm_val, condT); 7739 } 7740 DIPimm(imm_raw_pp, cmode, op_bit, "vmov", Q, dreg); 7741 return True; 7742 } 7743 if ((op_bit == 1) && 7744 (((cmode & 9) == 0) || ((cmode & 13) == 8) || ((cmode & 14) == 12))) { 7745 /* VMVN (immediate) */ 7746 if (Q) { 7747 putQReg(dreg, unop(Iop_NotV128, imm_val), condT); 7748 } else { 7749 putDRegI64(dreg, unop(Iop_Not64, imm_val), condT); 7750 } 7751 DIPimm(imm_raw_pp, cmode, op_bit, "vmvn", Q, dreg); 7752 return True; 7753 } 7754 if (Q) { 7755 tmp_var = newTemp(Ity_V128); 7756 assign(tmp_var, getQReg(dreg)); 7757 } else { 7758 tmp_var = newTemp(Ity_I64); 7759 assign(tmp_var, getDRegI64(dreg)); 7760 } 7761 if ((op_bit == 0) && (((cmode & 9) == 1) || ((cmode & 13) == 9))) { 7762 /* VORR (immediate) */ 7763 if (Q) 7764 expr = binop(Iop_OrV128, mkexpr(tmp_var), imm_val); 7765 else 7766 expr = binop(Iop_Or64, mkexpr(tmp_var), imm_val); 7767 DIPimm(imm_raw_pp, cmode, op_bit, "vorr", Q, dreg); 7768 } else if ((op_bit == 1) && (((cmode & 9) == 1) || ((cmode & 13) == 9))) { 7769 /* VBIC (immediate) */ 7770 if (Q) 7771 expr = binop(Iop_AndV128, mkexpr(tmp_var), 7772 unop(Iop_NotV128, imm_val)); 7773 else 7774 expr = binop(Iop_And64, mkexpr(tmp_var), unop(Iop_Not64, imm_val)); 7775 DIPimm(imm_raw_pp, cmode, op_bit, "vbic", Q, dreg); 7776 } else { 7777 return False; 7778 } 7779 if (Q) 7780 putQReg(dreg, expr, condT); 7781 else 7782 putDRegI64(dreg, expr, condT); 7783 return True; 7784 } 7785 7786 /* A7.4 Advanced SIMD data-processing instructions */ 7787 static 7788 Bool dis_neon_data_processing ( UInt theInstr, IRTemp condT ) 7789 { 7790 UInt A = (theInstr >> 19) & 0x1F; 7791 UInt B = (theInstr >> 8) & 0xF; 7792 UInt C = (theInstr >> 4) & 0xF; 7793 UInt U = (theInstr >> 24) & 0x1; 7794 7795 if (! (A & 0x10)) { 7796 return dis_neon_data_3same(theInstr, condT); 7797 } 7798 if (((A & 0x17) == 0x10) && ((C & 0x9) == 0x1)) { 7799 return dis_neon_data_1reg_and_imm(theInstr, condT); 7800 } 7801 if ((C & 1) == 1) { 7802 return dis_neon_data_2reg_and_shift(theInstr, condT); 7803 } 7804 if (((C & 5) == 0) && (((A & 0x14) == 0x10) || ((A & 0x16) == 0x14))) { 7805 return dis_neon_data_3diff(theInstr, condT); 7806 } 7807 if (((C & 5) == 4) && (((A & 0x14) == 0x10) || ((A & 0x16) == 0x14))) { 7808 return dis_neon_data_2reg_and_scalar(theInstr, condT); 7809 } 7810 if ((A & 0x16) == 0x16) { 7811 if ((U == 0) && ((C & 1) == 0)) { 7812 return dis_neon_vext(theInstr, condT); 7813 } 7814 if ((U != 1) || ((C & 1) == 1)) 7815 return False; 7816 if ((B & 8) == 0) { 7817 return dis_neon_data_2reg_misc(theInstr, condT); 7818 } 7819 if ((B & 12) == 8) { 7820 return dis_neon_vtb(theInstr, condT); 7821 } 7822 if ((B == 12) && ((C & 9) == 0)) { 7823 return dis_neon_vdup(theInstr, condT); 7824 } 7825 } 7826 return False; 7827 } 7828 7829 7830 /*------------------------------------------------------------*/ 7831 /*--- NEON loads and stores ---*/ 7832 /*------------------------------------------------------------*/ 7833 7834 /* For NEON memory operations, we use the standard scheme to handle 7835 conditionalisation: generate a jump around the instruction if the 7836 condition is false. That's only necessary in Thumb mode, however, 7837 since in ARM mode NEON instructions are unconditional. */ 7838 7839 /* A helper function for what follows. It assumes we already went 7840 uncond as per comments at the top of this section. */ 7841 static 7842 void mk_neon_elem_load_to_one_lane( UInt rD, UInt inc, UInt index, 7843 UInt N, UInt size, IRTemp addr ) 7844 { 7845 UInt i; 7846 switch (size) { 7847 case 0: 7848 putDRegI64(rD, triop(Iop_SetElem8x8, getDRegI64(rD), mkU8(index), 7849 loadLE(Ity_I8, mkexpr(addr))), IRTemp_INVALID); 7850 break; 7851 case 1: 7852 putDRegI64(rD, triop(Iop_SetElem16x4, getDRegI64(rD), mkU8(index), 7853 loadLE(Ity_I16, mkexpr(addr))), IRTemp_INVALID); 7854 break; 7855 case 2: 7856 putDRegI64(rD, triop(Iop_SetElem32x2, getDRegI64(rD), mkU8(index), 7857 loadLE(Ity_I32, mkexpr(addr))), IRTemp_INVALID); 7858 break; 7859 default: 7860 vassert(0); 7861 } 7862 for (i = 1; i <= N; i++) { 7863 switch (size) { 7864 case 0: 7865 putDRegI64(rD + i * inc, 7866 triop(Iop_SetElem8x8, 7867 getDRegI64(rD + i * inc), 7868 mkU8(index), 7869 loadLE(Ity_I8, binop(Iop_Add32, 7870 mkexpr(addr), 7871 mkU32(i * 1)))), 7872 IRTemp_INVALID); 7873 break; 7874 case 1: 7875 putDRegI64(rD + i * inc, 7876 triop(Iop_SetElem16x4, 7877 getDRegI64(rD + i * inc), 7878 mkU8(index), 7879 loadLE(Ity_I16, binop(Iop_Add32, 7880 mkexpr(addr), 7881 mkU32(i * 2)))), 7882 IRTemp_INVALID); 7883 break; 7884 case 2: 7885 putDRegI64(rD + i * inc, 7886 triop(Iop_SetElem32x2, 7887 getDRegI64(rD + i * inc), 7888 mkU8(index), 7889 loadLE(Ity_I32, binop(Iop_Add32, 7890 mkexpr(addr), 7891 mkU32(i * 4)))), 7892 IRTemp_INVALID); 7893 break; 7894 default: 7895 vassert(0); 7896 } 7897 } 7898 } 7899 7900 /* A(nother) helper function for what follows. It assumes we already 7901 went uncond as per comments at the top of this section. */ 7902 static 7903 void mk_neon_elem_store_from_one_lane( UInt rD, UInt inc, UInt index, 7904 UInt N, UInt size, IRTemp addr ) 7905 { 7906 UInt i; 7907 switch (size) { 7908 case 0: 7909 storeLE(mkexpr(addr), 7910 binop(Iop_GetElem8x8, getDRegI64(rD), mkU8(index))); 7911 break; 7912 case 1: 7913 storeLE(mkexpr(addr), 7914 binop(Iop_GetElem16x4, getDRegI64(rD), mkU8(index))); 7915 break; 7916 case 2: 7917 storeLE(mkexpr(addr), 7918 binop(Iop_GetElem32x2, getDRegI64(rD), mkU8(index))); 7919 break; 7920 default: 7921 vassert(0); 7922 } 7923 for (i = 1; i <= N; i++) { 7924 switch (size) { 7925 case 0: 7926 storeLE(binop(Iop_Add32, mkexpr(addr), mkU32(i * 1)), 7927 binop(Iop_GetElem8x8, getDRegI64(rD + i * inc), 7928 mkU8(index))); 7929 break; 7930 case 1: 7931 storeLE(binop(Iop_Add32, mkexpr(addr), mkU32(i * 2)), 7932 binop(Iop_GetElem16x4, getDRegI64(rD + i * inc), 7933 mkU8(index))); 7934 break; 7935 case 2: 7936 storeLE(binop(Iop_Add32, mkexpr(addr), mkU32(i * 4)), 7937 binop(Iop_GetElem32x2, getDRegI64(rD + i * inc), 7938 mkU8(index))); 7939 break; 7940 default: 7941 vassert(0); 7942 } 7943 } 7944 } 7945 7946 /* A7.7 Advanced SIMD element or structure load/store instructions */ 7947 static 7948 Bool dis_neon_load_or_store ( UInt theInstr, 7949 Bool isT, IRTemp condT ) 7950 { 7951 # define INSN(_bMax,_bMin) SLICE_UInt(theInstr, (_bMax), (_bMin)) 7952 UInt bA = INSN(23,23); 7953 UInt fB = INSN(11,8); 7954 UInt bL = INSN(21,21); 7955 UInt rD = (INSN(22,22) << 4) | INSN(15,12); 7956 UInt rN = INSN(19,16); 7957 UInt rM = INSN(3,0); 7958 UInt N, size, i, j; 7959 UInt inc; 7960 UInt regs = 1; 7961 7962 if (isT) { 7963 vassert(condT != IRTemp_INVALID); 7964 } else { 7965 vassert(condT == IRTemp_INVALID); 7966 } 7967 /* So now, if condT is not IRTemp_INVALID, we know we're 7968 dealing with Thumb code. */ 7969 7970 if (INSN(20,20) != 0) 7971 return False; 7972 7973 IRTemp initialRn = newTemp(Ity_I32); 7974 assign(initialRn, isT ? getIRegT(rN) : getIRegA(rN)); 7975 7976 IRTemp initialRm = newTemp(Ity_I32); 7977 assign(initialRm, isT ? getIRegT(rM) : getIRegA(rM)); 7978 7979 /* There are 3 cases: 7980 (1) VSTn / VLDn (n-element structure from/to one lane) 7981 (2) VLDn (single element to all lanes) 7982 (3) VSTn / VLDn (multiple n-element structures) 7983 */ 7984 if (bA) { 7985 N = fB & 3; 7986 if ((fB >> 2) < 3) { 7987 /* ------------ Case (1) ------------ 7988 VSTn / VLDn (n-element structure from/to one lane) */ 7989 7990 size = fB >> 2; 7991 7992 switch (size) { 7993 case 0: i = INSN(7,5); inc = 1; break; 7994 case 1: i = INSN(7,6); inc = INSN(5,5) ? 2 : 1; break; 7995 case 2: i = INSN(7,7); inc = INSN(6,6) ? 2 : 1; break; 7996 case 3: return False; 7997 default: vassert(0); 7998 } 7999 8000 IRTemp addr = newTemp(Ity_I32); 8001 assign(addr, mkexpr(initialRn)); 8002 8003 // go uncond 8004 if (condT != IRTemp_INVALID) 8005 mk_skip_over_T32_if_cond_is_false(condT); 8006 // now uncond 8007 8008 if (bL) 8009 mk_neon_elem_load_to_one_lane(rD, inc, i, N, size, addr); 8010 else 8011 mk_neon_elem_store_from_one_lane(rD, inc, i, N, size, addr); 8012 DIP("v%s%u.%u {", bL ? "ld" : "st", N + 1, 8 << size); 8013 for (j = 0; j <= N; j++) { 8014 if (j) 8015 DIP(", "); 8016 DIP("d%u[%u]", rD + j * inc, i); 8017 } 8018 DIP("}, [r%u]", rN); 8019 if (rM != 13 && rM != 15) { 8020 DIP(", r%u\n", rM); 8021 } else { 8022 DIP("%s\n", (rM != 15) ? "!" : ""); 8023 } 8024 } else { 8025 /* ------------ Case (2) ------------ 8026 VLDn (single element to all lanes) */ 8027 UInt r; 8028 if (bL == 0) 8029 return False; 8030 8031 inc = INSN(5,5) + 1; 8032 size = INSN(7,6); 8033 8034 /* size == 3 and size == 2 cases differ in alignment constraints */ 8035 if (size == 3 && N == 3 && INSN(4,4) == 1) 8036 size = 2; 8037 8038 if (size == 0 && N == 0 && INSN(4,4) == 1) 8039 return False; 8040 if (N == 2 && INSN(4,4) == 1) 8041 return False; 8042 if (size == 3) 8043 return False; 8044 8045 // go uncond 8046 if (condT != IRTemp_INVALID) 8047 mk_skip_over_T32_if_cond_is_false(condT); 8048 // now uncond 8049 8050 IRTemp addr = newTemp(Ity_I32); 8051 assign(addr, mkexpr(initialRn)); 8052 8053 if (N == 0 && INSN(5,5)) 8054 regs = 2; 8055 8056 for (r = 0; r < regs; r++) { 8057 switch (size) { 8058 case 0: 8059 putDRegI64(rD + r, unop(Iop_Dup8x8, 8060 loadLE(Ity_I8, mkexpr(addr))), 8061 IRTemp_INVALID); 8062 break; 8063 case 1: 8064 putDRegI64(rD + r, unop(Iop_Dup16x4, 8065 loadLE(Ity_I16, mkexpr(addr))), 8066 IRTemp_INVALID); 8067 break; 8068 case 2: 8069 putDRegI64(rD + r, unop(Iop_Dup32x2, 8070 loadLE(Ity_I32, mkexpr(addr))), 8071 IRTemp_INVALID); 8072 break; 8073 default: 8074 vassert(0); 8075 } 8076 for (i = 1; i <= N; i++) { 8077 switch (size) { 8078 case 0: 8079 putDRegI64(rD + r + i * inc, 8080 unop(Iop_Dup8x8, 8081 loadLE(Ity_I8, binop(Iop_Add32, 8082 mkexpr(addr), 8083 mkU32(i * 1)))), 8084 IRTemp_INVALID); 8085 break; 8086 case 1: 8087 putDRegI64(rD + r + i * inc, 8088 unop(Iop_Dup16x4, 8089 loadLE(Ity_I16, binop(Iop_Add32, 8090 mkexpr(addr), 8091 mkU32(i * 2)))), 8092 IRTemp_INVALID); 8093 break; 8094 case 2: 8095 putDRegI64(rD + r + i * inc, 8096 unop(Iop_Dup32x2, 8097 loadLE(Ity_I32, binop(Iop_Add32, 8098 mkexpr(addr), 8099 mkU32(i * 4)))), 8100 IRTemp_INVALID); 8101 break; 8102 default: 8103 vassert(0); 8104 } 8105 } 8106 } 8107 DIP("vld%u.%u {", N + 1, 8 << size); 8108 for (r = 0; r < regs; r++) { 8109 for (i = 0; i <= N; i++) { 8110 if (i || r) 8111 DIP(", "); 8112 DIP("d%u[]", rD + r + i * inc); 8113 } 8114 } 8115 DIP("}, [r%u]", rN); 8116 if (rM != 13 && rM != 15) { 8117 DIP(", r%u\n", rM); 8118 } else { 8119 DIP("%s\n", (rM != 15) ? "!" : ""); 8120 } 8121 } 8122 /* Writeback. We're uncond here, so no condT-ing. */ 8123 if (rM != 15) { 8124 if (rM == 13) { 8125 IRExpr* e = binop(Iop_Add32, 8126 mkexpr(initialRn), 8127 mkU32((1 << size) * (N + 1))); 8128 if (isT) 8129 putIRegT(rN, e, IRTemp_INVALID); 8130 else 8131 putIRegA(rN, e, IRTemp_INVALID, Ijk_Boring); 8132 } else { 8133 IRExpr* e = binop(Iop_Add32, 8134 mkexpr(initialRn), 8135 mkexpr(initialRm)); 8136 if (isT) 8137 putIRegT(rN, e, IRTemp_INVALID); 8138 else 8139 putIRegA(rN, e, IRTemp_INVALID, Ijk_Boring); 8140 } 8141 } 8142 return True; 8143 } else { 8144 /* ------------ Case (3) ------------ 8145 VSTn / VLDn (multiple n-element structures) */ 8146 IRTemp tmp; 8147 UInt r, elems; 8148 if (fB == BITS4(0,0,1,0) || fB == BITS4(0,1,1,0) 8149 || fB == BITS4(0,1,1,1) || fB == BITS4(1,0,1,0)) { 8150 N = 0; 8151 } else if (fB == BITS4(0,0,1,1) || fB == BITS4(1,0,0,0) 8152 || fB == BITS4(1,0,0,1)) { 8153 N = 1; 8154 } else if (fB == BITS4(0,1,0,0) || fB == BITS4(0,1,0,1)) { 8155 N = 2; 8156 } else if (fB == BITS4(0,0,0,0) || fB == BITS4(0,0,0,1)) { 8157 N = 3; 8158 } else { 8159 return False; 8160 } 8161 inc = (fB & 1) + 1; 8162 if (N == 1 && fB == BITS4(0,0,1,1)) { 8163 regs = 2; 8164 } else if (N == 0) { 8165 if (fB == BITS4(1,0,1,0)) { 8166 regs = 2; 8167 } else if (fB == BITS4(0,1,1,0)) { 8168 regs = 3; 8169 } else if (fB == BITS4(0,0,1,0)) { 8170 regs = 4; 8171 } 8172 } 8173 8174 size = INSN(7,6); 8175 if (N == 0 && size == 3) 8176 size = 2; 8177 if (size == 3) 8178 return False; 8179 8180 elems = 8 / (1 << size); 8181 8182 // go uncond 8183 if (condT != IRTemp_INVALID) 8184 mk_skip_over_T32_if_cond_is_false(condT); 8185 // now uncond 8186 8187 IRTemp addr = newTemp(Ity_I32); 8188 assign(addr, mkexpr(initialRn)); 8189 8190 for (r = 0; r < regs; r++) { 8191 for (i = 0; i < elems; i++) { 8192 if (bL) 8193 mk_neon_elem_load_to_one_lane(rD + r, inc, i, N, size, addr); 8194 else 8195 mk_neon_elem_store_from_one_lane(rD + r, inc, i, N, size, addr); 8196 tmp = newTemp(Ity_I32); 8197 assign(tmp, binop(Iop_Add32, mkexpr(addr), 8198 mkU32((1 << size) * (N + 1)))); 8199 addr = tmp; 8200 } 8201 } 8202 /* Writeback */ 8203 if (rM != 15) { 8204 if (rM == 13) { 8205 IRExpr* e = binop(Iop_Add32, 8206 mkexpr(initialRn), 8207 mkU32(8 * (N + 1) * regs)); 8208 if (isT) 8209 putIRegT(rN, e, IRTemp_INVALID); 8210 else 8211 putIRegA(rN, e, IRTemp_INVALID, Ijk_Boring); 8212 } else { 8213 IRExpr* e = binop(Iop_Add32, 8214 mkexpr(initialRn), 8215 mkexpr(initialRm)); 8216 if (isT) 8217 putIRegT(rN, e, IRTemp_INVALID); 8218 else 8219 putIRegA(rN, e, IRTemp_INVALID, Ijk_Boring); 8220 } 8221 } 8222 DIP("v%s%u.%u {", bL ? "ld" : "st", N + 1, 8 << INSN(7,6)); 8223 if ((inc == 1 && regs * (N + 1) > 1) 8224 || (inc == 2 && regs > 1 && N > 0)) { 8225 DIP("d%u-d%u", rD, rD + regs * (N + 1) - 1); 8226 } else { 8227 for (r = 0; r < regs; r++) { 8228 for (i = 0; i <= N; i++) { 8229 if (i || r) 8230 DIP(", "); 8231 DIP("d%u", rD + r + i * inc); 8232 } 8233 } 8234 } 8235 DIP("}, [r%u]", rN); 8236 if (rM != 13 && rM != 15) { 8237 DIP(", r%u\n", rM); 8238 } else { 8239 DIP("%s\n", (rM != 15) ? "!" : ""); 8240 } 8241 return True; 8242 } 8243 # undef INSN 8244 } 8245 8246 8247 /*------------------------------------------------------------*/ 8248 /*--- NEON, top level control ---*/ 8249 /*------------------------------------------------------------*/ 8250 8251 /* Both ARM and Thumb */ 8252 8253 /* Translate a NEON instruction. If successful, returns 8254 True and *dres may or may not be updated. If failure, returns 8255 False and doesn't change *dres nor create any IR. 8256 8257 The Thumb and ARM encodings are similar for the 24 bottom bits, but 8258 the top 8 bits are slightly different. In both cases, the caller 8259 must pass the entire 32 bits. Callers may pass any instruction; 8260 this ignores non-NEON ones. 8261 8262 Caller must supply an IRTemp 'condT' holding the gating condition, 8263 or IRTemp_INVALID indicating the insn is always executed. In ARM 8264 code, this must always be IRTemp_INVALID because NEON insns are 8265 unconditional for ARM. 8266 8267 Finally, the caller must indicate whether this occurs in ARM or in 8268 Thumb code. 8269 */ 8270 static Bool decode_NEON_instruction ( 8271 /*MOD*/DisResult* dres, 8272 UInt insn32, 8273 IRTemp condT, 8274 Bool isT 8275 ) 8276 { 8277 # define INSN(_bMax,_bMin) SLICE_UInt(insn32, (_bMax), (_bMin)) 8278 8279 /* There are two kinds of instruction to deal with: load/store and 8280 data processing. In each case, in ARM mode we merely identify 8281 the kind, and pass it on to the relevant sub-handler. In Thumb 8282 mode we identify the kind, swizzle the bits around to make it 8283 have the same encoding as in ARM, and hand it on to the 8284 sub-handler. 8285 */ 8286 8287 /* In ARM mode, NEON instructions can't be conditional. */ 8288 if (!isT) 8289 vassert(condT == IRTemp_INVALID); 8290 8291 /* Data processing: 8292 Thumb: 111U 1111 AAAA Axxx xxxx BBBB CCCC xxxx 8293 ARM: 1111 001U AAAA Axxx xxxx BBBB CCCC xxxx 8294 */ 8295 if (!isT && INSN(31,25) == BITS7(1,1,1,1,0,0,1)) { 8296 // ARM, DP 8297 return dis_neon_data_processing(INSN(31,0), condT); 8298 } 8299 if (isT && INSN(31,29) == BITS3(1,1,1) 8300 && INSN(27,24) == BITS4(1,1,1,1)) { 8301 // Thumb, DP 8302 UInt reformatted = INSN(23,0); 8303 reformatted |= (INSN(28,28) << 24); // U bit 8304 reformatted |= (BITS7(1,1,1,1,0,0,1) << 25); 8305 return dis_neon_data_processing(reformatted, condT); 8306 } 8307 8308 /* Load/store: 8309 Thumb: 1111 1001 AxL0 xxxx xxxx BBBB xxxx xxxx 8310 ARM: 1111 0100 AxL0 xxxx xxxx BBBB xxxx xxxx 8311 */ 8312 if (!isT && INSN(31,24) == BITS8(1,1,1,1,0,1,0,0)) { 8313 // ARM, memory 8314 return dis_neon_load_or_store(INSN(31,0), isT, condT); 8315 } 8316 if (isT && INSN(31,24) == BITS8(1,1,1,1,1,0,0,1)) { 8317 UInt reformatted = INSN(23,0); 8318 reformatted |= (BITS8(1,1,1,1,0,1,0,0) << 24); 8319 return dis_neon_load_or_store(reformatted, isT, condT); 8320 } 8321 8322 /* Doesn't match. */ 8323 return False; 8324 8325 # undef INSN 8326 } 8327 8328 8329 /*------------------------------------------------------------*/ 8330 /*--- V6 MEDIA instructions ---*/ 8331 /*------------------------------------------------------------*/ 8332 8333 /* Both ARM and Thumb */ 8334 8335 /* Translate a V6 media instruction. If successful, returns 8336 True and *dres may or may not be updated. If failure, returns 8337 False and doesn't change *dres nor create any IR. 8338 8339 The Thumb and ARM encodings are completely different. In Thumb 8340 mode, the caller must pass the entire 32 bits. In ARM mode it must 8341 pass the lower 28 bits. Apart from that, callers may pass any 8342 instruction; this function ignores anything it doesn't recognise. 8343 8344 Caller must supply an IRTemp 'condT' holding the gating condition, 8345 or IRTemp_INVALID indicating the insn is always executed. 8346 8347 Caller must also supply an ARMCondcode 'cond'. This is only used 8348 for debug printing, no other purpose. For ARM, this is simply the 8349 top 4 bits of the original instruction. For Thumb, the condition 8350 is not (really) known until run time, and so ARMCondAL should be 8351 passed, only so that printing of these instructions does not show 8352 any condition. 8353 8354 Finally, the caller must indicate whether this occurs in ARM or in 8355 Thumb code. 8356 */ 8357 static Bool decode_V6MEDIA_instruction ( 8358 /*MOD*/DisResult* dres, 8359 UInt insnv6m, 8360 IRTemp condT, 8361 ARMCondcode conq, 8362 Bool isT 8363 ) 8364 { 8365 # define INSNA(_bMax,_bMin) SLICE_UInt(insnv6m, (_bMax), (_bMin)) 8366 # define INSNT0(_bMax,_bMin) SLICE_UInt( ((insnv6m >> 16) & 0xFFFF), \ 8367 (_bMax), (_bMin) ) 8368 # define INSNT1(_bMax,_bMin) SLICE_UInt( ((insnv6m >> 0) & 0xFFFF), \ 8369 (_bMax), (_bMin) ) 8370 HChar dis_buf[128]; 8371 dis_buf[0] = 0; 8372 8373 if (isT) { 8374 vassert(conq == ARMCondAL); 8375 } else { 8376 vassert(INSNA(31,28) == BITS4(0,0,0,0)); // caller's obligation 8377 vassert(conq >= ARMCondEQ && conq <= ARMCondAL); 8378 } 8379 8380 /* ----------- smulbb, smulbt, smultb, smultt ----------- */ 8381 { 8382 UInt regD = 99, regM = 99, regN = 99, bitM = 0, bitN = 0; 8383 Bool gate = False; 8384 8385 if (isT) { 8386 if (INSNT0(15,4) == 0xFB1 && INSNT1(15,12) == BITS4(1,1,1,1) 8387 && INSNT1(7,6) == BITS2(0,0)) { 8388 regD = INSNT1(11,8); 8389 regM = INSNT1(3,0); 8390 regN = INSNT0(3,0); 8391 bitM = INSNT1(4,4); 8392 bitN = INSNT1(5,5); 8393 if (!isBadRegT(regD) && !isBadRegT(regN) && !isBadRegT(regM)) 8394 gate = True; 8395 } 8396 } else { 8397 if (BITS8(0,0,0,1,0,1,1,0) == INSNA(27,20) && 8398 BITS4(0,0,0,0) == INSNA(15,12) && 8399 BITS4(1,0,0,0) == (INSNA(7,4) & BITS4(1,0,0,1)) ) { 8400 regD = INSNA(19,16); 8401 regM = INSNA(11,8); 8402 regN = INSNA(3,0); 8403 bitM = INSNA(6,6); 8404 bitN = INSNA(5,5); 8405 if (regD != 15 && regN != 15 && regM != 15) 8406 gate = True; 8407 } 8408 } 8409 8410 if (gate) { 8411 IRTemp srcN = newTemp(Ity_I32); 8412 IRTemp srcM = newTemp(Ity_I32); 8413 IRTemp res = newTemp(Ity_I32); 8414 8415 assign( srcN, binop(Iop_Sar32, 8416 binop(Iop_Shl32, 8417 isT ? getIRegT(regN) : getIRegA(regN), 8418 mkU8(bitN ? 0 : 16)), mkU8(16)) ); 8419 assign( srcM, binop(Iop_Sar32, 8420 binop(Iop_Shl32, 8421 isT ? getIRegT(regM) : getIRegA(regM), 8422 mkU8(bitM ? 0 : 16)), mkU8(16)) ); 8423 assign( res, binop(Iop_Mul32, mkexpr(srcN), mkexpr(srcM)) ); 8424 8425 if (isT) 8426 putIRegT( regD, mkexpr(res), condT ); 8427 else 8428 putIRegA( regD, mkexpr(res), condT, Ijk_Boring ); 8429 8430 DIP( "smul%c%c%s r%u, r%u, r%u\n", bitN ? 't' : 'b', bitM ? 't' : 'b', 8431 nCC(conq), regD, regN, regM ); 8432 return True; 8433 } 8434 /* fall through */ 8435 } 8436 8437 /* ------------ smulwb<y><c> <Rd>,<Rn>,<Rm> ------------- */ 8438 /* ------------ smulwt<y><c> <Rd>,<Rn>,<Rm> ------------- */ 8439 { 8440 UInt regD = 99, regN = 99, regM = 99, bitM = 0; 8441 Bool gate = False; 8442 8443 if (isT) { 8444 if (INSNT0(15,4) == 0xFB3 && INSNT1(15,12) == BITS4(1,1,1,1) 8445 && INSNT1(7,5) == BITS3(0,0,0)) { 8446 regN = INSNT0(3,0); 8447 regD = INSNT1(11,8); 8448 regM = INSNT1(3,0); 8449 bitM = INSNT1(4,4); 8450 if (!isBadRegT(regD) && !isBadRegT(regN) && !isBadRegT(regM)) 8451 gate = True; 8452 } 8453 } else { 8454 if (INSNA(27,20) == BITS8(0,0,0,1,0,0,1,0) && 8455 INSNA(15,12) == BITS4(0,0,0,0) && 8456 (INSNA(7,4) & BITS4(1,0,1,1)) == BITS4(1,0,1,0)) { 8457 regD = INSNA(19,16); 8458 regN = INSNA(3,0); 8459 regM = INSNA(11,8); 8460 bitM = INSNA(6,6); 8461 if (regD != 15 && regN != 15 && regM != 15) 8462 gate = True; 8463 } 8464 } 8465 8466 if (gate) { 8467 IRTemp irt_prod = newTemp(Ity_I64); 8468 8469 assign( irt_prod, 8470 binop(Iop_MullS32, 8471 isT ? getIRegT(regN) : getIRegA(regN), 8472 binop(Iop_Sar32, 8473 binop(Iop_Shl32, 8474 isT ? getIRegT(regM) : getIRegA(regM), 8475 mkU8(bitM ? 0 : 16)), 8476 mkU8(16))) ); 8477 8478 IRExpr* ire_result = binop(Iop_Or32, 8479 binop( Iop_Shl32, 8480 unop(Iop_64HIto32, mkexpr(irt_prod)), 8481 mkU8(16) ), 8482 binop( Iop_Shr32, 8483 unop(Iop_64to32, mkexpr(irt_prod)), 8484 mkU8(16) ) ); 8485 8486 if (isT) 8487 putIRegT( regD, ire_result, condT ); 8488 else 8489 putIRegA( regD, ire_result, condT, Ijk_Boring ); 8490 8491 DIP("smulw%c%s r%u, r%u, r%u\n", 8492 bitM ? 't' : 'b', nCC(conq),regD,regN,regM); 8493 return True; 8494 } 8495 /* fall through */ 8496 } 8497 8498 /* ------------ pkhbt<c> Rd, Rn, Rm {,LSL #imm} ------------- */ 8499 /* ------------ pkhtb<c> Rd, Rn, Rm {,ASR #imm} ------------- */ 8500 { 8501 UInt regD = 99, regN = 99, regM = 99, imm5 = 99, shift_type = 99; 8502 Bool tbform = False; 8503 Bool gate = False; 8504 8505 if (isT) { 8506 if (INSNT0(15,4) == 0xEAC 8507 && INSNT1(15,15) == 0 && INSNT1(4,4) == 0) { 8508 regN = INSNT0(3,0); 8509 regD = INSNT1(11,8); 8510 regM = INSNT1(3,0); 8511 imm5 = (INSNT1(14,12) << 2) | INSNT1(7,6); 8512 shift_type = (INSNT1(5,5) << 1) | 0; 8513 tbform = (INSNT1(5,5) == 0) ? False : True; 8514 if (!isBadRegT(regD) && !isBadRegT(regN) && !isBadRegT(regM)) 8515 gate = True; 8516 } 8517 } else { 8518 if (INSNA(27,20) == BITS8(0,1,1,0,1,0,0,0) && 8519 INSNA(5,4) == BITS2(0,1) && 8520 (INSNA(6,6) == 0 || INSNA(6,6) == 1) ) { 8521 regD = INSNA(15,12); 8522 regN = INSNA(19,16); 8523 regM = INSNA(3,0); 8524 imm5 = INSNA(11,7); 8525 shift_type = (INSNA(6,6) << 1) | 0; 8526 tbform = (INSNA(6,6) == 0) ? False : True; 8527 if (regD != 15 && regN != 15 && regM != 15) 8528 gate = True; 8529 } 8530 } 8531 8532 if (gate) { 8533 IRTemp irt_regM = newTemp(Ity_I32); 8534 IRTemp irt_regM_shift = newTemp(Ity_I32); 8535 assign( irt_regM, isT ? getIRegT(regM) : getIRegA(regM) ); 8536 compute_result_and_C_after_shift_by_imm5( 8537 dis_buf, &irt_regM_shift, NULL, irt_regM, shift_type, imm5, regM ); 8538 8539 UInt mask = (tbform == True) ? 0x0000FFFF : 0xFFFF0000; 8540 IRExpr* ire_result 8541 = binop( Iop_Or32, 8542 binop(Iop_And32, mkexpr(irt_regM_shift), mkU32(mask)), 8543 binop(Iop_And32, isT ? getIRegT(regN) : getIRegA(regN), 8544 unop(Iop_Not32, mkU32(mask))) ); 8545 8546 if (isT) 8547 putIRegT( regD, ire_result, condT ); 8548 else 8549 putIRegA( regD, ire_result, condT, Ijk_Boring ); 8550 8551 DIP( "pkh%s%s r%u, r%u, r%u %s\n", tbform ? "tb" : "bt", 8552 nCC(conq), regD, regN, regM, dis_buf ); 8553 8554 return True; 8555 } 8556 /* fall through */ 8557 } 8558 8559 /* ---------- usat<c> <Rd>,#<imm5>,<Rn>{,<shift>} ----------- */ 8560 { 8561 UInt regD = 99, regN = 99, shift_type = 99, imm5 = 99, sat_imm = 99; 8562 Bool gate = False; 8563 8564 if (isT) { 8565 if (INSNT0(15,6) == BITS10(1,1,1,1,0,0,1,1,1,0) 8566 && INSNT0(4,4) == 0 8567 && INSNT1(15,15) == 0 && INSNT1(5,5) == 0) { 8568 regD = INSNT1(11,8); 8569 regN = INSNT0(3,0); 8570 shift_type = (INSNT0(5,5) << 1) | 0; 8571 imm5 = (INSNT1(14,12) << 2) | INSNT1(7,6); 8572 sat_imm = INSNT1(4,0); 8573 if (!isBadRegT(regD) && !isBadRegT(regN)) 8574 gate = True; 8575 if (shift_type == BITS2(1,0) && imm5 == 0) 8576 gate = False; 8577 } 8578 } else { 8579 if (INSNA(27,21) == BITS7(0,1,1,0,1,1,1) && 8580 INSNA(5,4) == BITS2(0,1)) { 8581 regD = INSNA(15,12); 8582 regN = INSNA(3,0); 8583 shift_type = (INSNA(6,6) << 1) | 0; 8584 imm5 = INSNA(11,7); 8585 sat_imm = INSNA(20,16); 8586 if (regD != 15 && regN != 15) 8587 gate = True; 8588 } 8589 } 8590 8591 if (gate) { 8592 IRTemp irt_regN = newTemp(Ity_I32); 8593 IRTemp irt_regN_shift = newTemp(Ity_I32); 8594 IRTemp irt_sat_Q = newTemp(Ity_I32); 8595 IRTemp irt_result = newTemp(Ity_I32); 8596 8597 assign( irt_regN, isT ? getIRegT(regN) : getIRegA(regN) ); 8598 compute_result_and_C_after_shift_by_imm5( 8599 dis_buf, &irt_regN_shift, NULL, 8600 irt_regN, shift_type, imm5, regN ); 8601 8602 armUnsignedSatQ( &irt_result, &irt_sat_Q, irt_regN_shift, sat_imm ); 8603 or_into_QFLAG32( mkexpr(irt_sat_Q), condT ); 8604 8605 if (isT) 8606 putIRegT( regD, mkexpr(irt_result), condT ); 8607 else 8608 putIRegA( regD, mkexpr(irt_result), condT, Ijk_Boring ); 8609 8610 DIP("usat%s r%u, #0x%04x, %s\n", 8611 nCC(conq), regD, imm5, dis_buf); 8612 return True; 8613 } 8614 /* fall through */ 8615 } 8616 8617 /* ----------- ssat<c> <Rd>,#<imm5>,<Rn>{,<shift>} ----------- */ 8618 { 8619 UInt regD = 99, regN = 99, shift_type = 99, imm5 = 99, sat_imm = 99; 8620 Bool gate = False; 8621 8622 if (isT) { 8623 if (INSNT0(15,6) == BITS10(1,1,1,1,0,0,1,1,0,0) 8624 && INSNT0(4,4) == 0 8625 && INSNT1(15,15) == 0 && INSNT1(5,5) == 0) { 8626 regD = INSNT1(11,8); 8627 regN = INSNT0(3,0); 8628 shift_type = (INSNT0(5,5) << 1) | 0; 8629 imm5 = (INSNT1(14,12) << 2) | INSNT1(7,6); 8630 sat_imm = INSNT1(4,0) + 1; 8631 if (!isBadRegT(regD) && !isBadRegT(regN)) 8632 gate = True; 8633 if (shift_type == BITS2(1,0) && imm5 == 0) 8634 gate = False; 8635 } 8636 } else { 8637 if (INSNA(27,21) == BITS7(0,1,1,0,1,0,1) && 8638 INSNA(5,4) == BITS2(0,1)) { 8639 regD = INSNA(15,12); 8640 regN = INSNA(3,0); 8641 shift_type = (INSNA(6,6) << 1) | 0; 8642 imm5 = INSNA(11,7); 8643 sat_imm = INSNA(20,16) + 1; 8644 if (regD != 15 && regN != 15) 8645 gate = True; 8646 } 8647 } 8648 8649 if (gate) { 8650 IRTemp irt_regN = newTemp(Ity_I32); 8651 IRTemp irt_regN_shift = newTemp(Ity_I32); 8652 IRTemp irt_sat_Q = newTemp(Ity_I32); 8653 IRTemp irt_result = newTemp(Ity_I32); 8654 8655 assign( irt_regN, isT ? getIRegT(regN) : getIRegA(regN) ); 8656 compute_result_and_C_after_shift_by_imm5( 8657 dis_buf, &irt_regN_shift, NULL, 8658 irt_regN, shift_type, imm5, regN ); 8659 8660 armSignedSatQ( irt_regN_shift, sat_imm, &irt_result, &irt_sat_Q ); 8661 or_into_QFLAG32( mkexpr(irt_sat_Q), condT ); 8662 8663 if (isT) 8664 putIRegT( regD, mkexpr(irt_result), condT ); 8665 else 8666 putIRegA( regD, mkexpr(irt_result), condT, Ijk_Boring ); 8667 8668 DIP( "ssat%s r%u, #0x%04x, %s\n", 8669 nCC(conq), regD, imm5, dis_buf); 8670 return True; 8671 } 8672 /* fall through */ 8673 } 8674 8675 /* -------------- usat16<c> <Rd>,#<imm4>,<Rn> --------------- */ 8676 { 8677 UInt regD = 99, regN = 99, sat_imm = 99; 8678 Bool gate = False; 8679 8680 if (isT) { 8681 if (INSNT0(15,4) == 0xF3A && (INSNT1(15,0) & 0xF0F0) == 0x0000) { 8682 regN = INSNT0(3,0); 8683 regD = INSNT1(11,8); 8684 sat_imm = INSNT1(3,0); 8685 if (!isBadRegT(regD) && !isBadRegT(regN)) 8686 gate = True; 8687 } 8688 } else { 8689 if (INSNA(27,20) == BITS8(0,1,1,0,1,1,1,0) && 8690 INSNA(11,8) == BITS4(1,1,1,1) && 8691 INSNA(7,4) == BITS4(0,0,1,1)) { 8692 regD = INSNA(15,12); 8693 regN = INSNA(3,0); 8694 sat_imm = INSNA(19,16); 8695 if (regD != 15 && regN != 15) 8696 gate = True; 8697 } 8698 } 8699 8700 if (gate) { 8701 IRTemp irt_regN = newTemp(Ity_I32); 8702 IRTemp irt_regN_lo = newTemp(Ity_I32); 8703 IRTemp irt_regN_hi = newTemp(Ity_I32); 8704 IRTemp irt_Q_lo = newTemp(Ity_I32); 8705 IRTemp irt_Q_hi = newTemp(Ity_I32); 8706 IRTemp irt_res_lo = newTemp(Ity_I32); 8707 IRTemp irt_res_hi = newTemp(Ity_I32); 8708 8709 assign( irt_regN, isT ? getIRegT(regN) : getIRegA(regN) ); 8710 assign( irt_regN_lo, binop( Iop_Sar32, 8711 binop(Iop_Shl32, mkexpr(irt_regN), mkU8(16)), 8712 mkU8(16)) ); 8713 assign( irt_regN_hi, binop(Iop_Sar32, mkexpr(irt_regN), mkU8(16)) ); 8714 8715 armUnsignedSatQ( &irt_res_lo, &irt_Q_lo, irt_regN_lo, sat_imm ); 8716 or_into_QFLAG32( mkexpr(irt_Q_lo), condT ); 8717 8718 armUnsignedSatQ( &irt_res_hi, &irt_Q_hi, irt_regN_hi, sat_imm ); 8719 or_into_QFLAG32( mkexpr(irt_Q_hi), condT ); 8720 8721 IRExpr* ire_result = binop( Iop_Or32, 8722 binop(Iop_Shl32, mkexpr(irt_res_hi), mkU8(16)), 8723 mkexpr(irt_res_lo) ); 8724 8725 if (isT) 8726 putIRegT( regD, ire_result, condT ); 8727 else 8728 putIRegA( regD, ire_result, condT, Ijk_Boring ); 8729 8730 DIP( "usat16%s r%u, #0x%04x, r%u\n", nCC(conq), regD, sat_imm, regN ); 8731 return True; 8732 } 8733 /* fall through */ 8734 } 8735 8736 /* -------------- uadd16<c> <Rd>,<Rn>,<Rm> -------------- */ 8737 { 8738 UInt regD = 99, regN = 99, regM = 99; 8739 Bool gate = False; 8740 8741 if (isT) { 8742 if (INSNT0(15,4) == 0xFA9 && (INSNT1(15,0) & 0xF0F0) == 0xF040) { 8743 regN = INSNT0(3,0); 8744 regD = INSNT1(11,8); 8745 regM = INSNT1(3,0); 8746 if (!isBadRegT(regD) && !isBadRegT(regN) && !isBadRegT(regM)) 8747 gate = True; 8748 } 8749 } else { 8750 if (INSNA(27,20) == BITS8(0,1,1,0,0,1,0,1) && 8751 INSNA(11,8) == BITS4(1,1,1,1) && 8752 INSNA(7,4) == BITS4(0,0,0,1)) { 8753 regD = INSNA(15,12); 8754 regN = INSNA(19,16); 8755 regM = INSNA(3,0); 8756 if (regD != 15 && regN != 15 && regM != 15) 8757 gate = True; 8758 } 8759 } 8760 8761 if (gate) { 8762 IRTemp rNt = newTemp(Ity_I32); 8763 IRTemp rMt = newTemp(Ity_I32); 8764 IRTemp res = newTemp(Ity_I32); 8765 IRTemp reso = newTemp(Ity_I32); 8766 8767 assign( rNt, isT ? getIRegT(regN) : getIRegA(regN) ); 8768 assign( rMt, isT ? getIRegT(regM) : getIRegA(regM) ); 8769 8770 assign(res, binop(Iop_Add16x2, mkexpr(rNt), mkexpr(rMt))); 8771 if (isT) 8772 putIRegT( regD, mkexpr(res), condT ); 8773 else 8774 putIRegA( regD, mkexpr(res), condT, Ijk_Boring ); 8775 8776 assign(reso, binop(Iop_HAdd16Ux2, mkexpr(rNt), mkexpr(rMt))); 8777 set_GE_32_10_from_bits_31_15(reso, condT); 8778 8779 DIP("uadd16%s r%u, r%u, r%u\n", nCC(conq),regD,regN,regM); 8780 return True; 8781 } 8782 /* fall through */ 8783 } 8784 8785 /* -------------- sadd16<c> <Rd>,<Rn>,<Rm> -------------- */ 8786 { 8787 UInt regD = 99, regN = 99, regM = 99; 8788 Bool gate = False; 8789 8790 if (isT) { 8791 if (INSNT0(15,4) == 0xFA9 && (INSNT1(15,0) & 0xF0F0) == 0xF000) { 8792 regN = INSNT0(3,0); 8793 regD = INSNT1(11,8); 8794 regM = INSNT1(3,0); 8795 if (!isBadRegT(regD) && !isBadRegT(regN) && !isBadRegT(regM)) 8796 gate = True; 8797 } 8798 } else { 8799 if (INSNA(27,20) == BITS8(0,1,1,0,0,0,0,1) && 8800 INSNA(11,8) == BITS4(1,1,1,1) && 8801 INSNA(7,4) == BITS4(0,0,0,1)) { 8802 regD = INSNA(15,12); 8803 regN = INSNA(19,16); 8804 regM = INSNA(3,0); 8805 if (regD != 15 && regN != 15 && regM != 15) 8806 gate = True; 8807 } 8808 } 8809 8810 if (gate) { 8811 IRTemp rNt = newTemp(Ity_I32); 8812 IRTemp rMt = newTemp(Ity_I32); 8813 IRTemp res = newTemp(Ity_I32); 8814 IRTemp reso = newTemp(Ity_I32); 8815 8816 assign( rNt, isT ? getIRegT(regN) : getIRegA(regN) ); 8817 assign( rMt, isT ? getIRegT(regM) : getIRegA(regM) ); 8818 8819 assign(res, binop(Iop_Add16x2, mkexpr(rNt), mkexpr(rMt))); 8820 if (isT) 8821 putIRegT( regD, mkexpr(res), condT ); 8822 else 8823 putIRegA( regD, mkexpr(res), condT, Ijk_Boring ); 8824 8825 assign(reso, unop(Iop_Not32, 8826 binop(Iop_HAdd16Sx2, mkexpr(rNt), mkexpr(rMt)))); 8827 set_GE_32_10_from_bits_31_15(reso, condT); 8828 8829 DIP("sadd16%s r%u, r%u, r%u\n", nCC(conq),regD,regN,regM); 8830 return True; 8831 } 8832 /* fall through */ 8833 } 8834 8835 /* ---------------- usub16<c> <Rd>,<Rn>,<Rm> ---------------- */ 8836 { 8837 UInt regD = 99, regN = 99, regM = 99; 8838 Bool gate = False; 8839 8840 if (isT) { 8841 if (INSNT0(15,4) == 0xFAD && (INSNT1(15,0) & 0xF0F0) == 0xF040) { 8842 regN = INSNT0(3,0); 8843 regD = INSNT1(11,8); 8844 regM = INSNT1(3,0); 8845 if (!isBadRegT(regD) && !isBadRegT(regN) && !isBadRegT(regM)) 8846 gate = True; 8847 } 8848 } else { 8849 if (INSNA(27,20) == BITS8(0,1,1,0,0,1,0,1) && 8850 INSNA(11,8) == BITS4(1,1,1,1) && 8851 INSNA(7,4) == BITS4(0,1,1,1)) { 8852 regD = INSNA(15,12); 8853 regN = INSNA(19,16); 8854 regM = INSNA(3,0); 8855 if (regD != 15 && regN != 15 && regM != 15) 8856 gate = True; 8857 } 8858 } 8859 8860 if (gate) { 8861 IRTemp rNt = newTemp(Ity_I32); 8862 IRTemp rMt = newTemp(Ity_I32); 8863 IRTemp res = newTemp(Ity_I32); 8864 IRTemp reso = newTemp(Ity_I32); 8865 8866 assign( rNt, isT ? getIRegT(regN) : getIRegA(regN) ); 8867 assign( rMt, isT ? getIRegT(regM) : getIRegA(regM) ); 8868 8869 assign(res, binop(Iop_Sub16x2, mkexpr(rNt), mkexpr(rMt))); 8870 if (isT) 8871 putIRegT( regD, mkexpr(res), condT ); 8872 else 8873 putIRegA( regD, mkexpr(res), condT, Ijk_Boring ); 8874 8875 assign(reso, unop(Iop_Not32, 8876 binop(Iop_HSub16Ux2, mkexpr(rNt), mkexpr(rMt)))); 8877 set_GE_32_10_from_bits_31_15(reso, condT); 8878 8879 DIP("usub16%s r%u, r%u, r%u\n", nCC(conq),regD,regN,regM); 8880 return True; 8881 } 8882 /* fall through */ 8883 } 8884 8885 /* -------------- ssub16<c> <Rd>,<Rn>,<Rm> -------------- */ 8886 { 8887 UInt regD = 99, regN = 99, regM = 99; 8888 Bool gate = False; 8889 8890 if (isT) { 8891 if (INSNT0(15,4) == 0xFAD && (INSNT1(15,0) & 0xF0F0) == 0xF000) { 8892 regN = INSNT0(3,0); 8893 regD = INSNT1(11,8); 8894 regM = INSNT1(3,0); 8895 if (!isBadRegT(regD) && !isBadRegT(regN) && !isBadRegT(regM)) 8896 gate = True; 8897 } 8898 } else { 8899 if (INSNA(27,20) == BITS8(0,1,1,0,0,0,0,1) && 8900 INSNA(11,8) == BITS4(1,1,1,1) && 8901 INSNA(7,4) == BITS4(0,1,1,1)) { 8902 regD = INSNA(15,12); 8903 regN = INSNA(19,16); 8904 regM = INSNA(3,0); 8905 if (regD != 15 && regN != 15 && regM != 15) 8906 gate = True; 8907 } 8908 } 8909 8910 if (gate) { 8911 IRTemp rNt = newTemp(Ity_I32); 8912 IRTemp rMt = newTemp(Ity_I32); 8913 IRTemp res = newTemp(Ity_I32); 8914 IRTemp reso = newTemp(Ity_I32); 8915 8916 assign( rNt, isT ? getIRegT(regN) : getIRegA(regN) ); 8917 assign( rMt, isT ? getIRegT(regM) : getIRegA(regM) ); 8918 8919 assign(res, binop(Iop_Sub16x2, mkexpr(rNt), mkexpr(rMt))); 8920 if (isT) 8921 putIRegT( regD, mkexpr(res), condT ); 8922 else 8923 putIRegA( regD, mkexpr(res), condT, Ijk_Boring ); 8924 8925 assign(reso, unop(Iop_Not32, 8926 binop(Iop_HSub16Sx2, mkexpr(rNt), mkexpr(rMt)))); 8927 set_GE_32_10_from_bits_31_15(reso, condT); 8928 8929 DIP("ssub16%s r%u, r%u, r%u\n", nCC(conq),regD,regN,regM); 8930 return True; 8931 } 8932 /* fall through */ 8933 } 8934 8935 /* ----------------- uadd8<c> <Rd>,<Rn>,<Rm> ---------------- */ 8936 { 8937 UInt regD = 99, regN = 99, regM = 99; 8938 Bool gate = False; 8939 8940 if (isT) { 8941 if (INSNT0(15,4) == 0xFA8 && (INSNT1(15,0) & 0xF0F0) == 0xF040) { 8942 regN = INSNT0(3,0); 8943 regD = INSNT1(11,8); 8944 regM = INSNT1(3,0); 8945 if (!isBadRegT(regD) && !isBadRegT(regN) && !isBadRegT(regM)) 8946 gate = True; 8947 } 8948 } else { 8949 if (INSNA(27,20) == BITS8(0,1,1,0,0,1,0,1) && 8950 INSNA(11,8) == BITS4(1,1,1,1) && 8951 (INSNA(7,4) == BITS4(1,0,0,1))) { 8952 regD = INSNA(15,12); 8953 regN = INSNA(19,16); 8954 regM = INSNA(3,0); 8955 if (regD != 15 && regN != 15 && regM != 15) 8956 gate = True; 8957 } 8958 } 8959 8960 if (gate) { 8961 IRTemp rNt = newTemp(Ity_I32); 8962 IRTemp rMt = newTemp(Ity_I32); 8963 IRTemp res = newTemp(Ity_I32); 8964 IRTemp reso = newTemp(Ity_I32); 8965 8966 assign( rNt, isT ? getIRegT(regN) : getIRegA(regN) ); 8967 assign( rMt, isT ? getIRegT(regM) : getIRegA(regM) ); 8968 8969 assign(res, binop(Iop_Add8x4, mkexpr(rNt), mkexpr(rMt))); 8970 if (isT) 8971 putIRegT( regD, mkexpr(res), condT ); 8972 else 8973 putIRegA( regD, mkexpr(res), condT, Ijk_Boring ); 8974 8975 assign(reso, binop(Iop_HAdd8Ux4, mkexpr(rNt), mkexpr(rMt))); 8976 set_GE_3_2_1_0_from_bits_31_23_15_7(reso, condT); 8977 8978 DIP("uadd8%s r%u, r%u, r%u\n", nCC(conq),regD,regN,regM); 8979 return True; 8980 } 8981 /* fall through */ 8982 } 8983 8984 /* ------------------- sadd8<c> <Rd>,<Rn>,<Rm> ------------------ */ 8985 { 8986 UInt regD = 99, regN = 99, regM = 99; 8987 Bool gate = False; 8988 8989 if (isT) { 8990 if (INSNT0(15,4) == 0xFA8 && (INSNT1(15,0) & 0xF0F0) == 0xF000) { 8991 regN = INSNT0(3,0); 8992 regD = INSNT1(11,8); 8993 regM = INSNT1(3,0); 8994 if (!isBadRegT(regD) && !isBadRegT(regN) && !isBadRegT(regM)) 8995 gate = True; 8996 } 8997 } else { 8998 if (INSNA(27,20) == BITS8(0,1,1,0,0,0,0,1) && 8999 INSNA(11,8) == BITS4(1,1,1,1) && 9000 (INSNA(7,4) == BITS4(1,0,0,1))) { 9001 regD = INSNA(15,12); 9002 regN = INSNA(19,16); 9003 regM = INSNA(3,0); 9004 if (regD != 15 && regN != 15 && regM != 15) 9005 gate = True; 9006 } 9007 } 9008 9009 if (gate) { 9010 IRTemp rNt = newTemp(Ity_I32); 9011 IRTemp rMt = newTemp(Ity_I32); 9012 IRTemp res = newTemp(Ity_I32); 9013 IRTemp reso = newTemp(Ity_I32); 9014 9015 assign( rNt, isT ? getIRegT(regN) : getIRegA(regN) ); 9016 assign( rMt, isT ? getIRegT(regM) : getIRegA(regM) ); 9017 9018 assign(res, binop(Iop_Add8x4, mkexpr(rNt), mkexpr(rMt))); 9019 if (isT) 9020 putIRegT( regD, mkexpr(res), condT ); 9021 else 9022 putIRegA( regD, mkexpr(res), condT, Ijk_Boring ); 9023 9024 assign(reso, unop(Iop_Not32, 9025 binop(Iop_HAdd8Sx4, mkexpr(rNt), mkexpr(rMt)))); 9026 set_GE_3_2_1_0_from_bits_31_23_15_7(reso, condT); 9027 9028 DIP("sadd8%s r%u, r%u, r%u\n", nCC(conq),regD,regN,regM); 9029 return True; 9030 } 9031 /* fall through */ 9032 } 9033 9034 /* ------------------- usub8<c> <Rd>,<Rn>,<Rm> ------------------ */ 9035 { 9036 UInt regD = 99, regN = 99, regM = 99; 9037 Bool gate = False; 9038 9039 if (isT) { 9040 if (INSNT0(15,4) == 0xFAC && (INSNT1(15,0) & 0xF0F0) == 0xF040) { 9041 regN = INSNT0(3,0); 9042 regD = INSNT1(11,8); 9043 regM = INSNT1(3,0); 9044 if (!isBadRegT(regD) && !isBadRegT(regN) && !isBadRegT(regM)) 9045 gate = True; 9046 } 9047 } else { 9048 if (INSNA(27,20) == BITS8(0,1,1,0,0,1,0,1) && 9049 INSNA(11,8) == BITS4(1,1,1,1) && 9050 (INSNA(7,4) == BITS4(1,1,1,1))) { 9051 regD = INSNA(15,12); 9052 regN = INSNA(19,16); 9053 regM = INSNA(3,0); 9054 if (regD != 15 && regN != 15 && regM != 15) 9055 gate = True; 9056 } 9057 } 9058 9059 if (gate) { 9060 IRTemp rNt = newTemp(Ity_I32); 9061 IRTemp rMt = newTemp(Ity_I32); 9062 IRTemp res = newTemp(Ity_I32); 9063 IRTemp reso = newTemp(Ity_I32); 9064 9065 assign( rNt, isT ? getIRegT(regN) : getIRegA(regN) ); 9066 assign( rMt, isT ? getIRegT(regM) : getIRegA(regM) ); 9067 9068 assign(res, binop(Iop_Sub8x4, mkexpr(rNt), mkexpr(rMt))); 9069 if (isT) 9070 putIRegT( regD, mkexpr(res), condT ); 9071 else 9072 putIRegA( regD, mkexpr(res), condT, Ijk_Boring ); 9073 9074 assign(reso, unop(Iop_Not32, 9075 binop(Iop_HSub8Ux4, mkexpr(rNt), mkexpr(rMt)))); 9076 set_GE_3_2_1_0_from_bits_31_23_15_7(reso, condT); 9077 9078 DIP("usub8%s r%u, r%u, r%u\n", nCC(conq),regD,regN,regM); 9079 return True; 9080 } 9081 /* fall through */ 9082 } 9083 9084 /* ------------------- ssub8<c> <Rd>,<Rn>,<Rm> ------------------ */ 9085 { 9086 UInt regD = 99, regN = 99, regM = 99; 9087 Bool gate = False; 9088 9089 if (isT) { 9090 if (INSNT0(15,4) == 0xFAC && (INSNT1(15,0) & 0xF0F0) == 0xF000) { 9091 regN = INSNT0(3,0); 9092 regD = INSNT1(11,8); 9093 regM = INSNT1(3,0); 9094 if (!isBadRegT(regD) && !isBadRegT(regN) && !isBadRegT(regM)) 9095 gate = True; 9096 } 9097 } else { 9098 if (INSNA(27,20) == BITS8(0,1,1,0,0,0,0,1) && 9099 INSNA(11,8) == BITS4(1,1,1,1) && 9100 INSNA(7,4) == BITS4(1,1,1,1)) { 9101 regD = INSNA(15,12); 9102 regN = INSNA(19,16); 9103 regM = INSNA(3,0); 9104 if (regD != 15 && regN != 15 && regM != 15) 9105 gate = True; 9106 } 9107 } 9108 9109 if (gate) { 9110 IRTemp rNt = newTemp(Ity_I32); 9111 IRTemp rMt = newTemp(Ity_I32); 9112 IRTemp res = newTemp(Ity_I32); 9113 IRTemp reso = newTemp(Ity_I32); 9114 9115 assign( rNt, isT ? getIRegT(regN) : getIRegA(regN) ); 9116 assign( rMt, isT ? getIRegT(regM) : getIRegA(regM) ); 9117 9118 assign(res, binop(Iop_Sub8x4, mkexpr(rNt), mkexpr(rMt))); 9119 if (isT) 9120 putIRegT( regD, mkexpr(res), condT ); 9121 else 9122 putIRegA( regD, mkexpr(res), condT, Ijk_Boring ); 9123 9124 assign(reso, unop(Iop_Not32, 9125 binop(Iop_HSub8Sx4, mkexpr(rNt), mkexpr(rMt)))); 9126 set_GE_3_2_1_0_from_bits_31_23_15_7(reso, condT); 9127 9128 DIP("ssub8%s r%u, r%u, r%u\n", nCC(conq),regD,regN,regM); 9129 return True; 9130 } 9131 /* fall through */ 9132 } 9133 9134 /* ------------------ qadd8<c> <Rd>,<Rn>,<Rm> ------------------- */ 9135 { 9136 UInt regD = 99, regN = 99, regM = 99; 9137 Bool gate = False; 9138 9139 if (isT) { 9140 if (INSNT0(15,4) == 0xFA8 && (INSNT1(15,0) & 0xF0F0) == 0xF010) { 9141 regN = INSNT0(3,0); 9142 regD = INSNT1(11,8); 9143 regM = INSNT1(3,0); 9144 if (!isBadRegT(regD) && !isBadRegT(regN) && !isBadRegT(regM)) 9145 gate = True; 9146 } 9147 } else { 9148 if (INSNA(27,20) == BITS8(0,1,1,0,0,0,1,0) && 9149 INSNA(11,8) == BITS4(1,1,1,1) && 9150 INSNA(7,4) == BITS4(1,0,0,1)) { 9151 regD = INSNA(15,12); 9152 regN = INSNA(19,16); 9153 regM = INSNA(3,0); 9154 if (regD != 15 && regN != 15 && regM != 15) 9155 gate = True; 9156 } 9157 } 9158 9159 if (gate) { 9160 IRTemp rNt = newTemp(Ity_I32); 9161 IRTemp rMt = newTemp(Ity_I32); 9162 IRTemp res_q = newTemp(Ity_I32); 9163 9164 assign( rNt, isT ? getIRegT(regN) : getIRegA(regN) ); 9165 assign( rMt, isT ? getIRegT(regM) : getIRegA(regM) ); 9166 9167 assign(res_q, binop(Iop_QAdd8Sx4, mkexpr(rNt), mkexpr(rMt))); 9168 if (isT) 9169 putIRegT( regD, mkexpr(res_q), condT ); 9170 else 9171 putIRegA( regD, mkexpr(res_q), condT, Ijk_Boring ); 9172 9173 DIP("qadd8%s r%u, r%u, r%u\n", nCC(conq),regD,regN,regM); 9174 return True; 9175 } 9176 /* fall through */ 9177 } 9178 9179 /* ------------------ qsub8<c> <Rd>,<Rn>,<Rm> ------------------- */ 9180 { 9181 UInt regD = 99, regN = 99, regM = 99; 9182 Bool gate = False; 9183 9184 if (isT) { 9185 if (INSNT0(15,4) == 0xFAC && (INSNT1(15,0) & 0xF0F0) == 0xF010) { 9186 regN = INSNT0(3,0); 9187 regD = INSNT1(11,8); 9188 regM = INSNT1(3,0); 9189 if (!isBadRegT(regD) && !isBadRegT(regN) && !isBadRegT(regM)) 9190 gate = True; 9191 } 9192 } else { 9193 if (INSNA(27,20) == BITS8(0,1,1,0,0,0,1,0) && 9194 INSNA(11,8) == BITS4(1,1,1,1) && 9195 INSNA(7,4) == BITS4(1,1,1,1)) { 9196 regD = INSNA(15,12); 9197 regN = INSNA(19,16); 9198 regM = INSNA(3,0); 9199 if (regD != 15 && regN != 15 && regM != 15) 9200 gate = True; 9201 } 9202 } 9203 9204 if (gate) { 9205 IRTemp rNt = newTemp(Ity_I32); 9206 IRTemp rMt = newTemp(Ity_I32); 9207 IRTemp res_q = newTemp(Ity_I32); 9208 9209 assign( rNt, isT ? getIRegT(regN) : getIRegA(regN) ); 9210 assign( rMt, isT ? getIRegT(regM) : getIRegA(regM) ); 9211 9212 assign(res_q, binop(Iop_QSub8Sx4, mkexpr(rNt), mkexpr(rMt))); 9213 if (isT) 9214 putIRegT( regD, mkexpr(res_q), condT ); 9215 else 9216 putIRegA( regD, mkexpr(res_q), condT, Ijk_Boring ); 9217 9218 DIP("qsub8%s r%u, r%u, r%u\n", nCC(conq),regD,regN,regM); 9219 return True; 9220 } 9221 /* fall through */ 9222 } 9223 9224 /* ------------------ uqadd8<c> <Rd>,<Rn>,<Rm> ------------------ */ 9225 { 9226 UInt regD = 99, regN = 99, regM = 99; 9227 Bool gate = False; 9228 9229 if (isT) { 9230 if (INSNT0(15,4) == 0xFA8 && (INSNT1(15,0) & 0xF0F0) == 0xF050) { 9231 regN = INSNT0(3,0); 9232 regD = INSNT1(11,8); 9233 regM = INSNT1(3,0); 9234 if (!isBadRegT(regD) && !isBadRegT(regN) && !isBadRegT(regM)) 9235 gate = True; 9236 } 9237 } else { 9238 if (INSNA(27,20) == BITS8(0,1,1,0,0,1,1,0) && 9239 INSNA(11,8) == BITS4(1,1,1,1) && 9240 (INSNA(7,4) == BITS4(1,0,0,1))) { 9241 regD = INSNA(15,12); 9242 regN = INSNA(19,16); 9243 regM = INSNA(3,0); 9244 if (regD != 15 && regN != 15 && regM != 15) 9245 gate = True; 9246 } 9247 } 9248 9249 if (gate) { 9250 IRTemp rNt = newTemp(Ity_I32); 9251 IRTemp rMt = newTemp(Ity_I32); 9252 IRTemp res_q = newTemp(Ity_I32); 9253 9254 assign( rNt, isT ? getIRegT(regN) : getIRegA(regN) ); 9255 assign( rMt, isT ? getIRegT(regM) : getIRegA(regM) ); 9256 9257 assign(res_q, binop(Iop_QAdd8Ux4, mkexpr(rNt), mkexpr(rMt))); 9258 if (isT) 9259 putIRegT( regD, mkexpr(res_q), condT ); 9260 else 9261 putIRegA( regD, mkexpr(res_q), condT, Ijk_Boring ); 9262 9263 DIP("uqadd8%s r%u, r%u, r%u\n", nCC(conq),regD,regN,regM); 9264 return True; 9265 } 9266 /* fall through */ 9267 } 9268 9269 /* ------------------ uqsub8<c> <Rd>,<Rn>,<Rm> ------------------ */ 9270 { 9271 UInt regD = 99, regN = 99, regM = 99; 9272 Bool gate = False; 9273 9274 if (isT) { 9275 if (INSNT0(15,4) == 0xFAC && (INSNT1(15,0) & 0xF0F0) == 0xF050) { 9276 regN = INSNT0(3,0); 9277 regD = INSNT1(11,8); 9278 regM = INSNT1(3,0); 9279 if (!isBadRegT(regD) && !isBadRegT(regN) && !isBadRegT(regM)) 9280 gate = True; 9281 } 9282 } else { 9283 if (INSNA(27,20) == BITS8(0,1,1,0,0,1,1,0) && 9284 INSNA(11,8) == BITS4(1,1,1,1) && 9285 (INSNA(7,4) == BITS4(1,1,1,1))) { 9286 regD = INSNA(15,12); 9287 regN = INSNA(19,16); 9288 regM = INSNA(3,0); 9289 if (regD != 15 && regN != 15 && regM != 15) 9290 gate = True; 9291 } 9292 } 9293 9294 if (gate) { 9295 IRTemp rNt = newTemp(Ity_I32); 9296 IRTemp rMt = newTemp(Ity_I32); 9297 IRTemp res_q = newTemp(Ity_I32); 9298 9299 assign( rNt, isT ? getIRegT(regN) : getIRegA(regN) ); 9300 assign( rMt, isT ? getIRegT(regM) : getIRegA(regM) ); 9301 9302 assign(res_q, binop(Iop_QSub8Ux4, mkexpr(rNt), mkexpr(rMt))); 9303 if (isT) 9304 putIRegT( regD, mkexpr(res_q), condT ); 9305 else 9306 putIRegA( regD, mkexpr(res_q), condT, Ijk_Boring ); 9307 9308 DIP("uqsub8%s r%u, r%u, r%u\n", nCC(conq),regD,regN,regM); 9309 return True; 9310 } 9311 /* fall through */ 9312 } 9313 9314 /* ----------------- uhadd8<c> <Rd>,<Rn>,<Rm> ------------------- */ 9315 { 9316 UInt regD = 99, regN = 99, regM = 99; 9317 Bool gate = False; 9318 9319 if (isT) { 9320 if (INSNT0(15,4) == 0xFA8 && (INSNT1(15,0) & 0xF0F0) == 0xF060) { 9321 regN = INSNT0(3,0); 9322 regD = INSNT1(11,8); 9323 regM = INSNT1(3,0); 9324 if (!isBadRegT(regD) && !isBadRegT(regN) && !isBadRegT(regM)) 9325 gate = True; 9326 } 9327 } else { 9328 if (INSNA(27,20) == BITS8(0,1,1,0,0,1,1,1) && 9329 INSNA(11,8) == BITS4(1,1,1,1) && 9330 INSNA(7,4) == BITS4(1,0,0,1)) { 9331 regD = INSNA(15,12); 9332 regN = INSNA(19,16); 9333 regM = INSNA(3,0); 9334 if (regD != 15 && regN != 15 && regM != 15) 9335 gate = True; 9336 } 9337 } 9338 9339 if (gate) { 9340 IRTemp rNt = newTemp(Ity_I32); 9341 IRTemp rMt = newTemp(Ity_I32); 9342 IRTemp res_q = newTemp(Ity_I32); 9343 9344 assign( rNt, isT ? getIRegT(regN) : getIRegA(regN) ); 9345 assign( rMt, isT ? getIRegT(regM) : getIRegA(regM) ); 9346 9347 assign(res_q, binop(Iop_HAdd8Ux4, mkexpr(rNt), mkexpr(rMt))); 9348 if (isT) 9349 putIRegT( regD, mkexpr(res_q), condT ); 9350 else 9351 putIRegA( regD, mkexpr(res_q), condT, Ijk_Boring ); 9352 9353 DIP("uhadd8%s r%u, r%u, r%u\n", nCC(conq),regD,regN,regM); 9354 return True; 9355 } 9356 /* fall through */ 9357 } 9358 9359 /* ----------------- uhadd16<c> <Rd>,<Rn>,<Rm> ------------------- */ 9360 { 9361 UInt regD = 99, regN = 99, regM = 99; 9362 Bool gate = False; 9363 9364 if (isT) { 9365 if (INSNT0(15,4) == 0xFA9 && (INSNT1(15,0) & 0xF0F0) == 0xF060) { 9366 regN = INSNT0(3,0); 9367 regD = INSNT1(11,8); 9368 regM = INSNT1(3,0); 9369 if (!isBadRegT(regD) && !isBadRegT(regN) && !isBadRegT(regM)) 9370 gate = True; 9371 } 9372 } else { 9373 if (INSNA(27,20) == BITS8(0,1,1,0,0,1,1,1) && 9374 INSNA(11,8) == BITS4(1,1,1,1) && 9375 INSNA(7,4) == BITS4(0,0,0,1)) { 9376 regD = INSNA(15,12); 9377 regN = INSNA(19,16); 9378 regM = INSNA(3,0); 9379 if (regD != 15 && regN != 15 && regM != 15) 9380 gate = True; 9381 } 9382 } 9383 9384 if (gate) { 9385 IRTemp rNt = newTemp(Ity_I32); 9386 IRTemp rMt = newTemp(Ity_I32); 9387 IRTemp res_q = newTemp(Ity_I32); 9388 9389 assign( rNt, isT ? getIRegT(regN) : getIRegA(regN) ); 9390 assign( rMt, isT ? getIRegT(regM) : getIRegA(regM) ); 9391 9392 assign(res_q, binop(Iop_HAdd16Ux2, mkexpr(rNt), mkexpr(rMt))); 9393 if (isT) 9394 putIRegT( regD, mkexpr(res_q), condT ); 9395 else 9396 putIRegA( regD, mkexpr(res_q), condT, Ijk_Boring ); 9397 9398 DIP("uhadd16%s r%u, r%u, r%u\n", nCC(conq),regD,regN,regM); 9399 return True; 9400 } 9401 /* fall through */ 9402 } 9403 9404 /* ----------------- shadd8<c> <Rd>,<Rn>,<Rm> ------------------- */ 9405 { 9406 UInt regD = 99, regN = 99, regM = 99; 9407 Bool gate = False; 9408 9409 if (isT) { 9410 if (INSNT0(15,4) == 0xFA8 && (INSNT1(15,0) & 0xF0F0) == 0xF020) { 9411 regN = INSNT0(3,0); 9412 regD = INSNT1(11,8); 9413 regM = INSNT1(3,0); 9414 if (!isBadRegT(regD) && !isBadRegT(regN) && !isBadRegT(regM)) 9415 gate = True; 9416 } 9417 } else { 9418 if (INSNA(27,20) == BITS8(0,1,1,0,0,0,1,1) && 9419 INSNA(11,8) == BITS4(1,1,1,1) && 9420 INSNA(7,4) == BITS4(1,0,0,1)) { 9421 regD = INSNA(15,12); 9422 regN = INSNA(19,16); 9423 regM = INSNA(3,0); 9424 if (regD != 15 && regN != 15 && regM != 15) 9425 gate = True; 9426 } 9427 } 9428 9429 if (gate) { 9430 IRTemp rNt = newTemp(Ity_I32); 9431 IRTemp rMt = newTemp(Ity_I32); 9432 IRTemp res_q = newTemp(Ity_I32); 9433 9434 assign( rNt, isT ? getIRegT(regN) : getIRegA(regN) ); 9435 assign( rMt, isT ? getIRegT(regM) : getIRegA(regM) ); 9436 9437 assign(res_q, binop(Iop_HAdd8Sx4, mkexpr(rNt), mkexpr(rMt))); 9438 if (isT) 9439 putIRegT( regD, mkexpr(res_q), condT ); 9440 else 9441 putIRegA( regD, mkexpr(res_q), condT, Ijk_Boring ); 9442 9443 DIP("shadd8%s r%u, r%u, r%u\n", nCC(conq),regD,regN,regM); 9444 return True; 9445 } 9446 /* fall through */ 9447 } 9448 9449 /* ------------------ qadd16<c> <Rd>,<Rn>,<Rm> ------------------ */ 9450 { 9451 UInt regD = 99, regN = 99, regM = 99; 9452 Bool gate = False; 9453 9454 if (isT) { 9455 if (INSNT0(15,4) == 0xFA9 && (INSNT1(15,0) & 0xF0F0) == 0xF010) { 9456 regN = INSNT0(3,0); 9457 regD = INSNT1(11,8); 9458 regM = INSNT1(3,0); 9459 if (!isBadRegT(regD) && !isBadRegT(regN) && !isBadRegT(regM)) 9460 gate = True; 9461 } 9462 } else { 9463 if (INSNA(27,20) == BITS8(0,1,1,0,0,0,1,0) && 9464 INSNA(11,8) == BITS4(1,1,1,1) && 9465 INSNA(7,4) == BITS4(0,0,0,1)) { 9466 regD = INSNA(15,12); 9467 regN = INSNA(19,16); 9468 regM = INSNA(3,0); 9469 if (regD != 15 && regN != 15 && regM != 15) 9470 gate = True; 9471 } 9472 } 9473 9474 if (gate) { 9475 IRTemp rNt = newTemp(Ity_I32); 9476 IRTemp rMt = newTemp(Ity_I32); 9477 IRTemp res_q = newTemp(Ity_I32); 9478 9479 assign( rNt, isT ? getIRegT(regN) : getIRegA(regN) ); 9480 assign( rMt, isT ? getIRegT(regM) : getIRegA(regM) ); 9481 9482 assign(res_q, binop(Iop_QAdd16Sx2, mkexpr(rNt), mkexpr(rMt))); 9483 if (isT) 9484 putIRegT( regD, mkexpr(res_q), condT ); 9485 else 9486 putIRegA( regD, mkexpr(res_q), condT, Ijk_Boring ); 9487 9488 DIP("qadd16%s r%u, r%u, r%u\n", nCC(conq),regD,regN,regM); 9489 return True; 9490 } 9491 /* fall through */ 9492 } 9493 9494 /* ------------------ qsub16<c> <Rd>,<Rn>,<Rm> ------------------ */ 9495 { 9496 UInt regD = 99, regN = 99, regM = 99; 9497 Bool gate = False; 9498 9499 if (isT) { 9500 if (INSNT0(15,4) == 0xFAD && (INSNT1(15,0) & 0xF0F0) == 0xF010) { 9501 regN = INSNT0(3,0); 9502 regD = INSNT1(11,8); 9503 regM = INSNT1(3,0); 9504 if (!isBadRegT(regD) && !isBadRegT(regN) && !isBadRegT(regM)) 9505 gate = True; 9506 } 9507 } else { 9508 if (INSNA(27,20) == BITS8(0,1,1,0,0,0,1,0) && 9509 INSNA(11,8) == BITS4(1,1,1,1) && 9510 INSNA(7,4) == BITS4(0,1,1,1)) { 9511 regD = INSNA(15,12); 9512 regN = INSNA(19,16); 9513 regM = INSNA(3,0); 9514 if (regD != 15 && regN != 15 && regM != 15) 9515 gate = True; 9516 } 9517 } 9518 9519 if (gate) { 9520 IRTemp rNt = newTemp(Ity_I32); 9521 IRTemp rMt = newTemp(Ity_I32); 9522 IRTemp res_q = newTemp(Ity_I32); 9523 9524 assign( rNt, isT ? getIRegT(regN) : getIRegA(regN) ); 9525 assign( rMt, isT ? getIRegT(regM) : getIRegA(regM) ); 9526 9527 assign(res_q, binop(Iop_QSub16Sx2, mkexpr(rNt), mkexpr(rMt))); 9528 if (isT) 9529 putIRegT( regD, mkexpr(res_q), condT ); 9530 else 9531 putIRegA( regD, mkexpr(res_q), condT, Ijk_Boring ); 9532 9533 DIP("qsub16%s r%u, r%u, r%u\n", nCC(conq),regD,regN,regM); 9534 return True; 9535 } 9536 /* fall through */ 9537 } 9538 9539 ///////////////////////////////////////////////////////////////// 9540 ///////////////////////////////////////////////////////////////// 9541 ///////////////////////////////////////////////////////////////// 9542 ///////////////////////////////////////////////////////////////// 9543 ///////////////////////////////////////////////////////////////// 9544 9545 /* ------------------- qsax<c> <Rd>,<Rn>,<Rm> ------------------- */ 9546 /* note: the hardware seems to construct the result differently 9547 from wot the manual says. */ 9548 { 9549 UInt regD = 99, regN = 99, regM = 99; 9550 Bool gate = False; 9551 9552 if (isT) { 9553 if (INSNT0(15,4) == 0xFAE && (INSNT1(15,0) & 0xF0F0) == 0xF010) { 9554 regN = INSNT0(3,0); 9555 regD = INSNT1(11,8); 9556 regM = INSNT1(3,0); 9557 if (!isBadRegT(regD) && !isBadRegT(regN) && !isBadRegT(regM)) 9558 gate = True; 9559 } 9560 } else { 9561 if (INSNA(27,20) == BITS8(0,1,1,0,0,0,1,0) && 9562 INSNA(11,8) == BITS4(1,1,1,1) && 9563 INSNA(7,4) == BITS4(0,1,0,1)) { 9564 regD = INSNA(15,12); 9565 regN = INSNA(19,16); 9566 regM = INSNA(3,0); 9567 if (regD != 15 && regN != 15 && regM != 15) 9568 gate = True; 9569 } 9570 } 9571 9572 if (gate) { 9573 IRTemp irt_regN = newTemp(Ity_I32); 9574 IRTemp irt_regM = newTemp(Ity_I32); 9575 IRTemp irt_sum = newTemp(Ity_I32); 9576 IRTemp irt_diff = newTemp(Ity_I32); 9577 IRTemp irt_sum_res = newTemp(Ity_I32); 9578 IRTemp irt_diff_res = newTemp(Ity_I32); 9579 9580 assign( irt_regN, isT ? getIRegT(regN) : getIRegA(regN) ); 9581 assign( irt_regM, isT ? getIRegT(regM) : getIRegA(regM) ); 9582 9583 assign( irt_diff, 9584 binop( Iop_Sub32, 9585 binop( Iop_Sar32, mkexpr(irt_regN), mkU8(16) ), 9586 binop( Iop_Sar32, 9587 binop(Iop_Shl32, mkexpr(irt_regM), mkU8(16)), 9588 mkU8(16) ) ) ); 9589 armSignedSatQ( irt_diff, 0x10, &irt_diff_res, NULL); 9590 9591 assign( irt_sum, 9592 binop( Iop_Add32, 9593 binop( Iop_Sar32, 9594 binop( Iop_Shl32, mkexpr(irt_regN), mkU8(16) ), 9595 mkU8(16) ), 9596 binop( Iop_Sar32, mkexpr(irt_regM), mkU8(16) )) ); 9597 armSignedSatQ( irt_sum, 0x10, &irt_sum_res, NULL ); 9598 9599 IRExpr* ire_result = binop( Iop_Or32, 9600 binop( Iop_Shl32, mkexpr(irt_diff_res), 9601 mkU8(16) ), 9602 binop( Iop_And32, mkexpr(irt_sum_res), 9603 mkU32(0xFFFF)) ); 9604 9605 if (isT) 9606 putIRegT( regD, ire_result, condT ); 9607 else 9608 putIRegA( regD, ire_result, condT, Ijk_Boring ); 9609 9610 DIP( "qsax%s r%u, r%u, r%u\n", nCC(conq), regD, regN, regM ); 9611 return True; 9612 } 9613 /* fall through */ 9614 } 9615 9616 /* ------------------- qasx<c> <Rd>,<Rn>,<Rm> ------------------- */ 9617 { 9618 UInt regD = 99, regN = 99, regM = 99; 9619 Bool gate = False; 9620 9621 if (isT) { 9622 if (INSNT0(15,4) == 0xFAA && (INSNT1(15,0) & 0xF0F0) == 0xF010) { 9623 regN = INSNT0(3,0); 9624 regD = INSNT1(11,8); 9625 regM = INSNT1(3,0); 9626 if (!isBadRegT(regD) && !isBadRegT(regN) && !isBadRegT(regM)) 9627 gate = True; 9628 } 9629 } else { 9630 if (INSNA(27,20) == BITS8(0,1,1,0,0,0,1,0) && 9631 INSNA(11,8) == BITS4(1,1,1,1) && 9632 INSNA(7,4) == BITS4(0,0,1,1)) { 9633 regD = INSNA(15,12); 9634 regN = INSNA(19,16); 9635 regM = INSNA(3,0); 9636 if (regD != 15 && regN != 15 && regM != 15) 9637 gate = True; 9638 } 9639 } 9640 9641 if (gate) { 9642 IRTemp irt_regN = newTemp(Ity_I32); 9643 IRTemp irt_regM = newTemp(Ity_I32); 9644 IRTemp irt_sum = newTemp(Ity_I32); 9645 IRTemp irt_diff = newTemp(Ity_I32); 9646 IRTemp irt_res_sum = newTemp(Ity_I32); 9647 IRTemp irt_res_diff = newTemp(Ity_I32); 9648 9649 assign( irt_regN, isT ? getIRegT(regN) : getIRegA(regN) ); 9650 assign( irt_regM, isT ? getIRegT(regM) : getIRegA(regM) ); 9651 9652 assign( irt_diff, 9653 binop( Iop_Sub32, 9654 binop( Iop_Sar32, 9655 binop( Iop_Shl32, mkexpr(irt_regN), mkU8(16) ), 9656 mkU8(16) ), 9657 binop( Iop_Sar32, mkexpr(irt_regM), mkU8(16) ) ) ); 9658 armSignedSatQ( irt_diff, 0x10, &irt_res_diff, NULL ); 9659 9660 assign( irt_sum, 9661 binop( Iop_Add32, 9662 binop( Iop_Sar32, mkexpr(irt_regN), mkU8(16) ), 9663 binop( Iop_Sar32, 9664 binop( Iop_Shl32, mkexpr(irt_regM), mkU8(16) ), 9665 mkU8(16) ) ) ); 9666 armSignedSatQ( irt_sum, 0x10, &irt_res_sum, NULL ); 9667 9668 IRExpr* ire_result 9669 = binop( Iop_Or32, 9670 binop( Iop_Shl32, mkexpr(irt_res_sum), mkU8(16) ), 9671 binop( Iop_And32, mkexpr(irt_res_diff), mkU32(0xFFFF) ) ); 9672 9673 if (isT) 9674 putIRegT( regD, ire_result, condT ); 9675 else 9676 putIRegA( regD, ire_result, condT, Ijk_Boring ); 9677 9678 DIP( "qasx%s r%u, r%u, r%u\n", nCC(conq), regD, regN, regM ); 9679 return True; 9680 } 9681 /* fall through */ 9682 } 9683 9684 /* ------------------- sasx<c> <Rd>,<Rn>,<Rm> ------------------- */ 9685 { 9686 UInt regD = 99, regN = 99, regM = 99; 9687 Bool gate = False; 9688 9689 if (isT) { 9690 if (INSNT0(15,4) == 0xFAA && (INSNT1(15,0) & 0xF0F0) == 0xF000) { 9691 regN = INSNT0(3,0); 9692 regD = INSNT1(11,8); 9693 regM = INSNT1(3,0); 9694 if (!isBadRegT(regD) && !isBadRegT(regN) && !isBadRegT(regM)) 9695 gate = True; 9696 } 9697 } else { 9698 if (INSNA(27,20) == BITS8(0,1,1,0,0,0,0,1) && 9699 INSNA(11,8) == BITS4(1,1,1,1) && 9700 INSNA(7,4) == BITS4(0,0,1,1)) { 9701 regD = INSNA(15,12); 9702 regN = INSNA(19,16); 9703 regM = INSNA(3,0); 9704 if (regD != 15 && regN != 15 && regM != 15) 9705 gate = True; 9706 } 9707 } 9708 9709 if (gate) { 9710 IRTemp irt_regN = newTemp(Ity_I32); 9711 IRTemp irt_regM = newTemp(Ity_I32); 9712 IRTemp irt_sum = newTemp(Ity_I32); 9713 IRTemp irt_diff = newTemp(Ity_I32); 9714 9715 assign( irt_regN, isT ? getIRegT(regN) : getIRegA(regN) ); 9716 assign( irt_regM, isT ? getIRegT(regM) : getIRegA(regM) ); 9717 9718 assign( irt_diff, 9719 binop( Iop_Sub32, 9720 binop( Iop_Sar32, 9721 binop( Iop_Shl32, mkexpr(irt_regN), mkU8(16) ), 9722 mkU8(16) ), 9723 binop( Iop_Sar32, mkexpr(irt_regM), mkU8(16) ) ) ); 9724 9725 assign( irt_sum, 9726 binop( Iop_Add32, 9727 binop( Iop_Sar32, mkexpr(irt_regN), mkU8(16) ), 9728 binop( Iop_Sar32, 9729 binop( Iop_Shl32, mkexpr(irt_regM), mkU8(16) ), 9730 mkU8(16) ) ) ); 9731 9732 IRExpr* ire_result 9733 = binop( Iop_Or32, 9734 binop( Iop_Shl32, mkexpr(irt_sum), mkU8(16) ), 9735 binop( Iop_And32, mkexpr(irt_diff), mkU32(0xFFFF) ) ); 9736 9737 IRTemp ge10 = newTemp(Ity_I32); 9738 assign(ge10, unop(Iop_Not32, mkexpr(irt_diff))); 9739 put_GEFLAG32( 0, 31, mkexpr(ge10), condT ); 9740 put_GEFLAG32( 1, 31, mkexpr(ge10), condT ); 9741 9742 IRTemp ge32 = newTemp(Ity_I32); 9743 assign(ge32, unop(Iop_Not32, mkexpr(irt_sum))); 9744 put_GEFLAG32( 2, 31, mkexpr(ge32), condT ); 9745 put_GEFLAG32( 3, 31, mkexpr(ge32), condT ); 9746 9747 if (isT) 9748 putIRegT( regD, ire_result, condT ); 9749 else 9750 putIRegA( regD, ire_result, condT, Ijk_Boring ); 9751 9752 DIP( "sasx%s r%u, r%u, r%u\n", nCC(conq), regD, regN, regM ); 9753 return True; 9754 } 9755 /* fall through */ 9756 } 9757 9758 /* --------------- smuad, smuadx<c><Rd>,<Rn>,<Rm> --------------- */ 9759 /* --------------- smsad, smsadx<c><Rd>,<Rn>,<Rm> --------------- */ 9760 { 9761 UInt regD = 99, regN = 99, regM = 99, bitM = 99; 9762 Bool gate = False, isAD = False; 9763 9764 if (isT) { 9765 if ((INSNT0(15,4) == 0xFB2 || INSNT0(15,4) == 0xFB4) 9766 && (INSNT1(15,0) & 0xF0E0) == 0xF000) { 9767 regN = INSNT0(3,0); 9768 regD = INSNT1(11,8); 9769 regM = INSNT1(3,0); 9770 bitM = INSNT1(4,4); 9771 isAD = INSNT0(15,4) == 0xFB2; 9772 if (!isBadRegT(regD) && !isBadRegT(regN) && !isBadRegT(regM)) 9773 gate = True; 9774 } 9775 } else { 9776 if (INSNA(27,20) == BITS8(0,1,1,1,0,0,0,0) && 9777 INSNA(15,12) == BITS4(1,1,1,1) && 9778 (INSNA(7,4) & BITS4(1,0,0,1)) == BITS4(0,0,0,1) ) { 9779 regD = INSNA(19,16); 9780 regN = INSNA(3,0); 9781 regM = INSNA(11,8); 9782 bitM = INSNA(5,5); 9783 isAD = INSNA(6,6) == 0; 9784 if (regD != 15 && regN != 15 && regM != 15) 9785 gate = True; 9786 } 9787 } 9788 9789 if (gate) { 9790 IRTemp irt_regN = newTemp(Ity_I32); 9791 IRTemp irt_regM = newTemp(Ity_I32); 9792 IRTemp irt_prod_lo = newTemp(Ity_I32); 9793 IRTemp irt_prod_hi = newTemp(Ity_I32); 9794 IRTemp tmpM = newTemp(Ity_I32); 9795 9796 assign( irt_regN, isT ? getIRegT(regN) : getIRegA(regN) ); 9797 9798 assign( tmpM, isT ? getIRegT(regM) : getIRegA(regM) ); 9799 assign( irt_regM, genROR32(tmpM, (bitM & 1) ? 16 : 0) ); 9800 9801 assign( irt_prod_lo, 9802 binop( Iop_Mul32, 9803 binop( Iop_Sar32, 9804 binop(Iop_Shl32, mkexpr(irt_regN), mkU8(16)), 9805 mkU8(16) ), 9806 binop( Iop_Sar32, 9807 binop(Iop_Shl32, mkexpr(irt_regM), mkU8(16)), 9808 mkU8(16) ) ) ); 9809 assign( irt_prod_hi, binop(Iop_Mul32, 9810 binop(Iop_Sar32, mkexpr(irt_regN), mkU8(16)), 9811 binop(Iop_Sar32, mkexpr(irt_regM), mkU8(16))) ); 9812 IRExpr* ire_result 9813 = binop( isAD ? Iop_Add32 : Iop_Sub32, 9814 mkexpr(irt_prod_lo), mkexpr(irt_prod_hi) ); 9815 9816 if (isT) 9817 putIRegT( regD, ire_result, condT ); 9818 else 9819 putIRegA( regD, ire_result, condT, Ijk_Boring ); 9820 9821 if (isAD) { 9822 or_into_QFLAG32( 9823 signed_overflow_after_Add32( ire_result, 9824 irt_prod_lo, irt_prod_hi ), 9825 condT 9826 ); 9827 } 9828 9829 DIP("smu%cd%s%s r%u, r%u, r%u\n", 9830 isAD ? 'a' : 's', 9831 bitM ? "x" : "", nCC(conq), regD, regN, regM); 9832 return True; 9833 } 9834 /* fall through */ 9835 } 9836 9837 /* --------------- smlad{X}<c> <Rd>,<Rn>,<Rm>,<Ra> -------------- */ 9838 /* --------------- smlsd{X}<c> <Rd>,<Rn>,<Rm>,<Ra> -------------- */ 9839 { 9840 UInt regD = 99, regN = 99, regM = 99, regA = 99, bitM = 99; 9841 Bool gate = False, isAD = False; 9842 9843 if (isT) { 9844 if ((INSNT0(15,4) == 0xFB2 || INSNT0(15,4) == 0xFB4) 9845 && INSNT1(7,5) == BITS3(0,0,0)) { 9846 regN = INSNT0(3,0); 9847 regD = INSNT1(11,8); 9848 regM = INSNT1(3,0); 9849 regA = INSNT1(15,12); 9850 bitM = INSNT1(4,4); 9851 isAD = INSNT0(15,4) == 0xFB2; 9852 if (!isBadRegT(regD) && !isBadRegT(regN) && !isBadRegT(regM) 9853 && !isBadRegT(regA)) 9854 gate = True; 9855 } 9856 } else { 9857 if (INSNA(27,20) == BITS8(0,1,1,1,0,0,0,0) && 9858 (INSNA(7,4) & BITS4(1,0,0,1)) == BITS4(0,0,0,1)) { 9859 regD = INSNA(19,16); 9860 regA = INSNA(15,12); 9861 regN = INSNA(3,0); 9862 regM = INSNA(11,8); 9863 bitM = INSNA(5,5); 9864 isAD = INSNA(6,6) == 0; 9865 if (regD != 15 && regN != 15 && regM != 15 && regA != 15) 9866 gate = True; 9867 } 9868 } 9869 9870 if (gate) { 9871 IRTemp irt_regN = newTemp(Ity_I32); 9872 IRTemp irt_regM = newTemp(Ity_I32); 9873 IRTemp irt_regA = newTemp(Ity_I32); 9874 IRTemp irt_prod_lo = newTemp(Ity_I32); 9875 IRTemp irt_prod_hi = newTemp(Ity_I32); 9876 IRTemp irt_sum = newTemp(Ity_I32); 9877 IRTemp tmpM = newTemp(Ity_I32); 9878 9879 assign( irt_regN, isT ? getIRegT(regN) : getIRegA(regN) ); 9880 assign( irt_regA, isT ? getIRegT(regA) : getIRegA(regA) ); 9881 9882 assign( tmpM, isT ? getIRegT(regM) : getIRegA(regM) ); 9883 assign( irt_regM, genROR32(tmpM, (bitM & 1) ? 16 : 0) ); 9884 9885 assign( irt_prod_lo, 9886 binop(Iop_Mul32, 9887 binop(Iop_Sar32, 9888 binop( Iop_Shl32, mkexpr(irt_regN), mkU8(16) ), 9889 mkU8(16)), 9890 binop(Iop_Sar32, 9891 binop( Iop_Shl32, mkexpr(irt_regM), mkU8(16) ), 9892 mkU8(16))) ); 9893 assign( irt_prod_hi, 9894 binop( Iop_Mul32, 9895 binop( Iop_Sar32, mkexpr(irt_regN), mkU8(16) ), 9896 binop( Iop_Sar32, mkexpr(irt_regM), mkU8(16) ) ) ); 9897 assign( irt_sum, binop( isAD ? Iop_Add32 : Iop_Sub32, 9898 mkexpr(irt_prod_lo), mkexpr(irt_prod_hi) ) ); 9899 9900 IRExpr* ire_result = binop(Iop_Add32, mkexpr(irt_sum), mkexpr(irt_regA)); 9901 9902 if (isT) 9903 putIRegT( regD, ire_result, condT ); 9904 else 9905 putIRegA( regD, ire_result, condT, Ijk_Boring ); 9906 9907 if (isAD) { 9908 or_into_QFLAG32( 9909 signed_overflow_after_Add32( mkexpr(irt_sum), 9910 irt_prod_lo, irt_prod_hi ), 9911 condT 9912 ); 9913 } 9914 9915 or_into_QFLAG32( 9916 signed_overflow_after_Add32( ire_result, irt_sum, irt_regA ), 9917 condT 9918 ); 9919 9920 DIP("sml%cd%s%s r%u, r%u, r%u, r%u\n", 9921 isAD ? 'a' : 's', 9922 bitM ? "x" : "", nCC(conq), regD, regN, regM, regA); 9923 return True; 9924 } 9925 /* fall through */ 9926 } 9927 9928 /* ----- smlabb, smlabt, smlatb, smlatt <Rd>,<Rn>,<Rm>,<Ra> ----- */ 9929 { 9930 UInt regD = 99, regN = 99, regM = 99, regA = 99, bitM = 99, bitN = 99; 9931 Bool gate = False; 9932 9933 if (isT) { 9934 if (INSNT0(15,4) == 0xFB1 && INSNT1(7,6) == BITS2(0,0)) { 9935 regN = INSNT0(3,0); 9936 regD = INSNT1(11,8); 9937 regM = INSNT1(3,0); 9938 regA = INSNT1(15,12); 9939 bitM = INSNT1(4,4); 9940 bitN = INSNT1(5,5); 9941 if (!isBadRegT(regD) && !isBadRegT(regN) && !isBadRegT(regM) 9942 && !isBadRegT(regA)) 9943 gate = True; 9944 } 9945 } else { 9946 if (INSNA(27,20) == BITS8(0,0,0,1,0,0,0,0) && 9947 (INSNA(7,4) & BITS4(1,0,0,1)) == BITS4(1,0,0,0)) { 9948 regD = INSNA(19,16); 9949 regN = INSNA(3,0); 9950 regM = INSNA(11,8); 9951 regA = INSNA(15,12); 9952 bitM = INSNA(6,6); 9953 bitN = INSNA(5,5); 9954 if (regD != 15 && regN != 15 && regM != 15 && regA != 15) 9955 gate = True; 9956 } 9957 } 9958 9959 if (gate) { 9960 IRTemp irt_regA = newTemp(Ity_I32); 9961 IRTemp irt_prod = newTemp(Ity_I32); 9962 9963 assign( irt_prod, 9964 binop(Iop_Mul32, 9965 binop(Iop_Sar32, 9966 binop(Iop_Shl32, 9967 isT ? getIRegT(regN) : getIRegA(regN), 9968 mkU8(bitN ? 0 : 16)), 9969 mkU8(16)), 9970 binop(Iop_Sar32, 9971 binop(Iop_Shl32, 9972 isT ? getIRegT(regM) : getIRegA(regM), 9973 mkU8(bitM ? 0 : 16)), 9974 mkU8(16))) ); 9975 9976 assign( irt_regA, isT ? getIRegT(regA) : getIRegA(regA) ); 9977 9978 IRExpr* ire_result = binop(Iop_Add32, mkexpr(irt_prod), mkexpr(irt_regA)); 9979 9980 if (isT) 9981 putIRegT( regD, ire_result, condT ); 9982 else 9983 putIRegA( regD, ire_result, condT, Ijk_Boring ); 9984 9985 or_into_QFLAG32( 9986 signed_overflow_after_Add32( ire_result, irt_prod, irt_regA ), 9987 condT 9988 ); 9989 9990 DIP( "smla%c%c%s r%u, r%u, r%u, r%u\n", 9991 bitN ? 't' : 'b', bitM ? 't' : 'b', 9992 nCC(conq), regD, regN, regM, regA ); 9993 return True; 9994 } 9995 /* fall through */ 9996 } 9997 9998 /* ----- smlawb, smlawt <Rd>,<Rn>,<Rm>,<Ra> ----- */ 9999 { 10000 UInt regD = 99, regN = 99, regM = 99, regA = 99, bitM = 99; 10001 Bool gate = False; 10002 10003 if (isT) { 10004 if (INSNT0(15,4) == 0xFB3 && INSNT1(7,5) == BITS3(0,0,0)) { 10005 regN = INSNT0(3,0); 10006 regD = INSNT1(11,8); 10007 regM = INSNT1(3,0); 10008 regA = INSNT1(15,12); 10009 bitM = INSNT1(4,4); 10010 if (!isBadRegT(regD) && !isBadRegT(regN) && !isBadRegT(regM) 10011 && !isBadRegT(regA)) 10012 gate = True; 10013 } 10014 } else { 10015 if (INSNA(27,20) == BITS8(0,0,0,1,0,0,1,0) && 10016 (INSNA(7,4) & BITS4(1,0,1,1)) == BITS4(1,0,0,0)) { 10017 regD = INSNA(19,16); 10018 regN = INSNA(3,0); 10019 regM = INSNA(11,8); 10020 regA = INSNA(15,12); 10021 bitM = INSNA(6,6); 10022 if (regD != 15 && regN != 15 && regM != 15 && regA != 15) 10023 gate = True; 10024 } 10025 } 10026 10027 if (gate) { 10028 IRTemp irt_regA = newTemp(Ity_I32); 10029 IRTemp irt_prod = newTemp(Ity_I64); 10030 10031 assign( irt_prod, 10032 binop(Iop_MullS32, 10033 isT ? getIRegT(regN) : getIRegA(regN), 10034 binop(Iop_Sar32, 10035 binop(Iop_Shl32, 10036 isT ? getIRegT(regM) : getIRegA(regM), 10037 mkU8(bitM ? 0 : 16)), 10038 mkU8(16))) ); 10039 10040 assign( irt_regA, isT ? getIRegT(regA) : getIRegA(regA) ); 10041 10042 IRTemp prod32 = newTemp(Ity_I32); 10043 assign(prod32, 10044 binop(Iop_Or32, 10045 binop(Iop_Shl32, unop(Iop_64HIto32, mkexpr(irt_prod)), mkU8(16)), 10046 binop(Iop_Shr32, unop(Iop_64to32, mkexpr(irt_prod)), mkU8(16)) 10047 )); 10048 10049 IRExpr* ire_result = binop(Iop_Add32, mkexpr(prod32), mkexpr(irt_regA)); 10050 10051 if (isT) 10052 putIRegT( regD, ire_result, condT ); 10053 else 10054 putIRegA( regD, ire_result, condT, Ijk_Boring ); 10055 10056 or_into_QFLAG32( 10057 signed_overflow_after_Add32( ire_result, prod32, irt_regA ), 10058 condT 10059 ); 10060 10061 DIP( "smlaw%c%s r%u, r%u, r%u, r%u\n", 10062 bitM ? 't' : 'b', 10063 nCC(conq), regD, regN, regM, regA ); 10064 return True; 10065 } 10066 /* fall through */ 10067 } 10068 10069 /* ------------------- sel<c> <Rd>,<Rn>,<Rm> -------------------- */ 10070 /* fixme: fix up the test in v6media.c so that we can pass the ge 10071 flags as part of the test. */ 10072 { 10073 UInt regD = 99, regN = 99, regM = 99; 10074 Bool gate = False; 10075 10076 if (isT) { 10077 if (INSNT0(15,4) == 0xFAA && (INSNT1(15,0) & 0xF0F0) == 0xF080) { 10078 regN = INSNT0(3,0); 10079 regD = INSNT1(11,8); 10080 regM = INSNT1(3,0); 10081 if (!isBadRegT(regD) && !isBadRegT(regN) && !isBadRegT(regM)) 10082 gate = True; 10083 } 10084 } else { 10085 if (INSNA(27,20) == BITS8(0,1,1,0,1,0,0,0) && 10086 INSNA(11,8) == BITS4(1,1,1,1) && 10087 INSNA(7,4) == BITS4(1,0,1,1)) { 10088 regD = INSNA(15,12); 10089 regN = INSNA(19,16); 10090 regM = INSNA(3,0); 10091 if (regD != 15 && regN != 15 && regM != 15) 10092 gate = True; 10093 } 10094 } 10095 10096 if (gate) { 10097 IRTemp irt_ge_flag0 = newTemp(Ity_I32); 10098 IRTemp irt_ge_flag1 = newTemp(Ity_I32); 10099 IRTemp irt_ge_flag2 = newTemp(Ity_I32); 10100 IRTemp irt_ge_flag3 = newTemp(Ity_I32); 10101 10102 assign( irt_ge_flag0, get_GEFLAG32(0) ); 10103 assign( irt_ge_flag1, get_GEFLAG32(1) ); 10104 assign( irt_ge_flag2, get_GEFLAG32(2) ); 10105 assign( irt_ge_flag3, get_GEFLAG32(3) ); 10106 10107 IRExpr* ire_ge_flag0_or 10108 = binop(Iop_Or32, mkexpr(irt_ge_flag0), 10109 binop(Iop_Sub32, mkU32(0), mkexpr(irt_ge_flag0))); 10110 IRExpr* ire_ge_flag1_or 10111 = binop(Iop_Or32, mkexpr(irt_ge_flag1), 10112 binop(Iop_Sub32, mkU32(0), mkexpr(irt_ge_flag1))); 10113 IRExpr* ire_ge_flag2_or 10114 = binop(Iop_Or32, mkexpr(irt_ge_flag2), 10115 binop(Iop_Sub32, mkU32(0), mkexpr(irt_ge_flag2))); 10116 IRExpr* ire_ge_flag3_or 10117 = binop(Iop_Or32, mkexpr(irt_ge_flag3), 10118 binop(Iop_Sub32, mkU32(0), mkexpr(irt_ge_flag3))); 10119 10120 IRExpr* ire_ge_flags 10121 = binop( Iop_Or32, 10122 binop(Iop_Or32, 10123 binop(Iop_And32, 10124 binop(Iop_Sar32, ire_ge_flag0_or, mkU8(31)), 10125 mkU32(0x000000ff)), 10126 binop(Iop_And32, 10127 binop(Iop_Sar32, ire_ge_flag1_or, mkU8(31)), 10128 mkU32(0x0000ff00))), 10129 binop(Iop_Or32, 10130 binop(Iop_And32, 10131 binop(Iop_Sar32, ire_ge_flag2_or, mkU8(31)), 10132 mkU32(0x00ff0000)), 10133 binop(Iop_And32, 10134 binop(Iop_Sar32, ire_ge_flag3_or, mkU8(31)), 10135 mkU32(0xff000000))) ); 10136 10137 IRExpr* ire_result 10138 = binop(Iop_Or32, 10139 binop(Iop_And32, 10140 isT ? getIRegT(regN) : getIRegA(regN), 10141 ire_ge_flags ), 10142 binop(Iop_And32, 10143 isT ? getIRegT(regM) : getIRegA(regM), 10144 unop(Iop_Not32, ire_ge_flags))); 10145 10146 if (isT) 10147 putIRegT( regD, ire_result, condT ); 10148 else 10149 putIRegA( regD, ire_result, condT, Ijk_Boring ); 10150 10151 DIP("sel%s r%u, r%u, r%u\n", nCC(conq), regD, regN, regM ); 10152 return True; 10153 } 10154 /* fall through */ 10155 } 10156 10157 /* ----------------- uxtab16<c> Rd,Rn,Rm{,rot} ------------------ */ 10158 { 10159 UInt regD = 99, regN = 99, regM = 99, rotate = 99; 10160 Bool gate = False; 10161 10162 if (isT) { 10163 if (INSNT0(15,4) == 0xFA3 && (INSNT1(15,0) & 0xF0C0) == 0xF080) { 10164 regN = INSNT0(3,0); 10165 regD = INSNT1(11,8); 10166 regM = INSNT1(3,0); 10167 rotate = INSNT1(5,4); 10168 if (!isBadRegT(regD) && !isBadRegT(regN) && !isBadRegT(regM)) 10169 gate = True; 10170 } 10171 } else { 10172 if (INSNA(27,20) == BITS8(0,1,1,0,1,1,0,0) && 10173 INSNA(9,4) == BITS6(0,0,0,1,1,1) ) { 10174 regD = INSNA(15,12); 10175 regN = INSNA(19,16); 10176 regM = INSNA(3,0); 10177 rotate = INSNA(11,10); 10178 if (regD != 15 && regN != 15 && regM != 15) 10179 gate = True; 10180 } 10181 } 10182 10183 if (gate) { 10184 IRTemp irt_regN = newTemp(Ity_I32); 10185 assign( irt_regN, isT ? getIRegT(regN) : getIRegA(regN) ); 10186 10187 IRTemp irt_regM = newTemp(Ity_I32); 10188 assign( irt_regM, isT ? getIRegT(regM) : getIRegA(regM) ); 10189 10190 IRTemp irt_rot = newTemp(Ity_I32); 10191 assign( irt_rot, binop(Iop_And32, 10192 genROR32(irt_regM, 8 * rotate), 10193 mkU32(0x00FF00FF)) ); 10194 10195 IRExpr* resLo 10196 = binop(Iop_And32, 10197 binop(Iop_Add32, mkexpr(irt_regN), mkexpr(irt_rot)), 10198 mkU32(0x0000FFFF)); 10199 10200 IRExpr* resHi 10201 = binop(Iop_Add32, 10202 binop(Iop_And32, mkexpr(irt_regN), mkU32(0xFFFF0000)), 10203 binop(Iop_And32, mkexpr(irt_rot), mkU32(0xFFFF0000))); 10204 10205 IRExpr* ire_result 10206 = binop( Iop_Or32, resHi, resLo ); 10207 10208 if (isT) 10209 putIRegT( regD, ire_result, condT ); 10210 else 10211 putIRegA( regD, ire_result, condT, Ijk_Boring ); 10212 10213 DIP( "uxtab16%s r%u, r%u, r%u, ROR #%u\n", 10214 nCC(conq), regD, regN, regM, 8 * rotate ); 10215 return True; 10216 } 10217 /* fall through */ 10218 } 10219 10220 /* --------------- usad8 Rd,Rn,Rm ---------------- */ 10221 /* --------------- usada8 Rd,Rn,Rm,Ra ---------------- */ 10222 { 10223 UInt rD = 99, rN = 99, rM = 99, rA = 99; 10224 Bool gate = False; 10225 10226 if (isT) { 10227 if (INSNT0(15,4) == 0xFB7 && INSNT1(7,4) == BITS4(0,0,0,0)) { 10228 rN = INSNT0(3,0); 10229 rA = INSNT1(15,12); 10230 rD = INSNT1(11,8); 10231 rM = INSNT1(3,0); 10232 if (!isBadRegT(rD) && !isBadRegT(rN) && !isBadRegT(rM) && rA != 13) 10233 gate = True; 10234 } 10235 } else { 10236 if (INSNA(27,20) == BITS8(0,1,1,1,1,0,0,0) && 10237 INSNA(7,4) == BITS4(0,0,0,1) ) { 10238 rD = INSNA(19,16); 10239 rA = INSNA(15,12); 10240 rM = INSNA(11,8); 10241 rN = INSNA(3,0); 10242 if (rD != 15 && rN != 15 && rM != 15 /* but rA can be 15 */) 10243 gate = True; 10244 } 10245 } 10246 /* We allow rA == 15, to denote the usad8 (no accumulator) case. */ 10247 10248 if (gate) { 10249 IRExpr* rNe = isT ? getIRegT(rN) : getIRegA(rN); 10250 IRExpr* rMe = isT ? getIRegT(rM) : getIRegA(rM); 10251 IRExpr* rAe = rA == 15 ? mkU32(0) 10252 : (isT ? getIRegT(rA) : getIRegA(rA)); 10253 IRExpr* res = binop(Iop_Add32, 10254 binop(Iop_Sad8Ux4, rNe, rMe), 10255 rAe); 10256 if (isT) 10257 putIRegT( rD, res, condT ); 10258 else 10259 putIRegA( rD, res, condT, Ijk_Boring ); 10260 10261 if (rA == 15) { 10262 DIP( "usad8%s r%u, r%u, r%u\n", 10263 nCC(conq), rD, rN, rM ); 10264 } else { 10265 DIP( "usada8%s r%u, r%u, r%u, r%u\n", 10266 nCC(conq), rD, rN, rM, rA ); 10267 } 10268 return True; 10269 } 10270 /* fall through */ 10271 } 10272 10273 /* ------------------ qadd<c> <Rd>,<Rn>,<Rm> ------------------- */ 10274 { 10275 UInt regD = 99, regN = 99, regM = 99; 10276 Bool gate = False; 10277 10278 if (isT) { 10279 if (INSNT0(15,4) == 0xFA8 && (INSNT1(15,0) & 0xF0F0) == 0xF080) { 10280 regN = INSNT0(3,0); 10281 regD = INSNT1(11,8); 10282 regM = INSNT1(3,0); 10283 if (!isBadRegT(regD) && !isBadRegT(regN) && !isBadRegT(regM)) 10284 gate = True; 10285 } 10286 } else { 10287 if (INSNA(27,20) == BITS8(0,0,0,1,0,0,0,0) && 10288 INSNA(11,8) == BITS4(0,0,0,0) && 10289 INSNA(7,4) == BITS4(0,1,0,1)) { 10290 regD = INSNA(15,12); 10291 regN = INSNA(19,16); 10292 regM = INSNA(3,0); 10293 if (regD != 15 && regN != 15 && regM != 15) 10294 gate = True; 10295 } 10296 } 10297 10298 if (gate) { 10299 IRTemp rNt = newTemp(Ity_I32); 10300 IRTemp rMt = newTemp(Ity_I32); 10301 IRTemp res_q = newTemp(Ity_I32); 10302 10303 assign( rNt, isT ? getIRegT(regN) : getIRegA(regN) ); 10304 assign( rMt, isT ? getIRegT(regM) : getIRegA(regM) ); 10305 10306 assign(res_q, binop(Iop_QAdd32S, mkexpr(rMt), mkexpr(rNt))); 10307 if (isT) 10308 putIRegT( regD, mkexpr(res_q), condT ); 10309 else 10310 putIRegA( regD, mkexpr(res_q), condT, Ijk_Boring ); 10311 10312 or_into_QFLAG32( 10313 signed_overflow_after_Add32( 10314 binop(Iop_Add32, mkexpr(rMt), mkexpr(rNt)), rMt, rNt), 10315 condT 10316 ); 10317 10318 DIP("qadd%s r%u, r%u, r%u\n", nCC(conq),regD,regM,regN); 10319 return True; 10320 } 10321 /* fall through */ 10322 } 10323 10324 /* ------------------ qdadd<c> <Rd>,<Rm>,<Rn> ------------------- */ 10325 { 10326 UInt regD = 99, regN = 99, regM = 99; 10327 Bool gate = False; 10328 10329 if (isT) { 10330 if (INSNT0(15,4) == 0xFA8 && (INSNT1(15,0) & 0xF0F0) == 0xF090) { 10331 regN = INSNT0(3,0); 10332 regD = INSNT1(11,8); 10333 regM = INSNT1(3,0); 10334 if (!isBadRegT(regD) && !isBadRegT(regN) && !isBadRegT(regM)) 10335 gate = True; 10336 } 10337 } else { 10338 if (INSNA(27,20) == BITS8(0,0,0,1,0,1,0,0) && 10339 INSNA(11,8) == BITS4(0,0,0,0) && 10340 INSNA(7,4) == BITS4(0,1,0,1)) { 10341 regD = INSNA(15,12); 10342 regN = INSNA(19,16); 10343 regM = INSNA(3,0); 10344 if (regD != 15 && regN != 15 && regM != 15) 10345 gate = True; 10346 } 10347 } 10348 10349 if (gate) { 10350 IRTemp rNt = newTemp(Ity_I32); 10351 IRTemp rMt = newTemp(Ity_I32); 10352 IRTemp rN_d = newTemp(Ity_I32); 10353 IRTemp res_q = newTemp(Ity_I32); 10354 10355 assign( rNt, isT ? getIRegT(regN) : getIRegA(regN) ); 10356 assign( rMt, isT ? getIRegT(regM) : getIRegA(regM) ); 10357 10358 or_into_QFLAG32( 10359 signed_overflow_after_Add32( 10360 binop(Iop_Add32, mkexpr(rNt), mkexpr(rNt)), rNt, rNt), 10361 condT 10362 ); 10363 10364 assign(rN_d, binop(Iop_QAdd32S, mkexpr(rNt), mkexpr(rNt))); 10365 assign(res_q, binop(Iop_QAdd32S, mkexpr(rMt), mkexpr(rN_d))); 10366 if (isT) 10367 putIRegT( regD, mkexpr(res_q), condT ); 10368 else 10369 putIRegA( regD, mkexpr(res_q), condT, Ijk_Boring ); 10370 10371 or_into_QFLAG32( 10372 signed_overflow_after_Add32( 10373 binop(Iop_Add32, mkexpr(rMt), mkexpr(rN_d)), rMt, rN_d), 10374 condT 10375 ); 10376 10377 DIP("qdadd%s r%u, r%u, r%u\n", nCC(conq),regD,regM,regN); 10378 return True; 10379 } 10380 /* fall through */ 10381 } 10382 10383 /* ------------------ qsub<c> <Rd>,<Rn>,<Rm> ------------------- */ 10384 { 10385 UInt regD = 99, regN = 99, regM = 99; 10386 Bool gate = False; 10387 10388 if (isT) { 10389 if (INSNT0(15,4) == 0xFA8 && (INSNT1(15,0) & 0xF0F0) == 0xF0A0) { 10390 regN = INSNT0(3,0); 10391 regD = INSNT1(11,8); 10392 regM = INSNT1(3,0); 10393 if (!isBadRegT(regD) && !isBadRegT(regN) && !isBadRegT(regM)) 10394 gate = True; 10395 } 10396 } else { 10397 if (INSNA(27,20) == BITS8(0,0,0,1,0,0,1,0) && 10398 INSNA(11,8) == BITS4(0,0,0,0) && 10399 INSNA(7,4) == BITS4(0,1,0,1)) { 10400 regD = INSNA(15,12); 10401 regN = INSNA(19,16); 10402 regM = INSNA(3,0); 10403 if (regD != 15 && regN != 15 && regM != 15) 10404 gate = True; 10405 } 10406 } 10407 10408 if (gate) { 10409 IRTemp rNt = newTemp(Ity_I32); 10410 IRTemp rMt = newTemp(Ity_I32); 10411 IRTemp res_q = newTemp(Ity_I32); 10412 10413 assign( rNt, isT ? getIRegT(regN) : getIRegA(regN) ); 10414 assign( rMt, isT ? getIRegT(regM) : getIRegA(regM) ); 10415 10416 assign(res_q, binop(Iop_QSub32S, mkexpr(rMt), mkexpr(rNt))); 10417 if (isT) 10418 putIRegT( regD, mkexpr(res_q), condT ); 10419 else 10420 putIRegA( regD, mkexpr(res_q), condT, Ijk_Boring ); 10421 10422 or_into_QFLAG32( 10423 signed_overflow_after_Sub32( 10424 binop(Iop_Sub32, mkexpr(rMt), mkexpr(rNt)), rMt, rNt), 10425 condT 10426 ); 10427 10428 DIP("qsub%s r%u, r%u, r%u\n", nCC(conq),regD,regM,regN); 10429 return True; 10430 } 10431 /* fall through */ 10432 } 10433 10434 /* ------------------ qdsub<c> <Rd>,<Rm>,<Rn> ------------------- */ 10435 { 10436 UInt regD = 99, regN = 99, regM = 99; 10437 Bool gate = False; 10438 10439 if (isT) { 10440 if (INSNT0(15,4) == 0xFA8 && (INSNT1(15,0) & 0xF0F0) == 0xF0B0) { 10441 regN = INSNT0(3,0); 10442 regD = INSNT1(11,8); 10443 regM = INSNT1(3,0); 10444 if (!isBadRegT(regD) && !isBadRegT(regN) && !isBadRegT(regM)) 10445 gate = True; 10446 } 10447 } else { 10448 if (INSNA(27,20) == BITS8(0,0,0,1,0,1,1,0) && 10449 INSNA(11,8) == BITS4(0,0,0,0) && 10450 INSNA(7,4) == BITS4(0,1,0,1)) { 10451 regD = INSNA(15,12); 10452 regN = INSNA(19,16); 10453 regM = INSNA(3,0); 10454 if (regD != 15 && regN != 15 && regM != 15) 10455 gate = True; 10456 } 10457 } 10458 10459 if (gate) { 10460 IRTemp rNt = newTemp(Ity_I32); 10461 IRTemp rMt = newTemp(Ity_I32); 10462 IRTemp rN_d = newTemp(Ity_I32); 10463 IRTemp res_q = newTemp(Ity_I32); 10464 10465 assign( rNt, isT ? getIRegT(regN) : getIRegA(regN) ); 10466 assign( rMt, isT ? getIRegT(regM) : getIRegA(regM) ); 10467 10468 or_into_QFLAG32( 10469 signed_overflow_after_Add32( 10470 binop(Iop_Add32, mkexpr(rNt), mkexpr(rNt)), rNt, rNt), 10471 condT 10472 ); 10473 10474 assign(rN_d, binop(Iop_QAdd32S, mkexpr(rNt), mkexpr(rNt))); 10475 assign(res_q, binop(Iop_QSub32S, mkexpr(rMt), mkexpr(rN_d))); 10476 if (isT) 10477 putIRegT( regD, mkexpr(res_q), condT ); 10478 else 10479 putIRegA( regD, mkexpr(res_q), condT, Ijk_Boring ); 10480 10481 or_into_QFLAG32( 10482 signed_overflow_after_Sub32( 10483 binop(Iop_Sub32, mkexpr(rMt), mkexpr(rN_d)), rMt, rN_d), 10484 condT 10485 ); 10486 10487 DIP("qdsub%s r%u, r%u, r%u\n", nCC(conq),regD,regM,regN); 10488 return True; 10489 } 10490 /* fall through */ 10491 } 10492 10493 /* ------------------ uqsub16<c> <Rd>,<Rn>,<Rm> ------------------ */ 10494 { 10495 UInt regD = 99, regN = 99, regM = 99; 10496 Bool gate = False; 10497 10498 if (isT) { 10499 if (INSNT0(15,4) == 0xFAD && (INSNT1(15,0) & 0xF0F0) == 0xF050) { 10500 regN = INSNT0(3,0); 10501 regD = INSNT1(11,8); 10502 regM = INSNT1(3,0); 10503 if (!isBadRegT(regD) && !isBadRegT(regN) && !isBadRegT(regM)) 10504 gate = True; 10505 } 10506 } else { 10507 if (INSNA(27,20) == BITS8(0,1,1,0,0,1,1,0) && 10508 INSNA(11,8) == BITS4(1,1,1,1) && 10509 INSNA(7,4) == BITS4(0,1,1,1)) { 10510 regD = INSNA(15,12); 10511 regN = INSNA(19,16); 10512 regM = INSNA(3,0); 10513 if (regD != 15 && regN != 15 && regM != 15) 10514 gate = True; 10515 } 10516 } 10517 10518 if (gate) { 10519 IRTemp rNt = newTemp(Ity_I32); 10520 IRTemp rMt = newTemp(Ity_I32); 10521 IRTemp res_q = newTemp(Ity_I32); 10522 10523 assign( rNt, isT ? getIRegT(regN) : getIRegA(regN) ); 10524 assign( rMt, isT ? getIRegT(regM) : getIRegA(regM) ); 10525 10526 assign(res_q, binop(Iop_QSub16Ux2, mkexpr(rNt), mkexpr(rMt))); 10527 if (isT) 10528 putIRegT( regD, mkexpr(res_q), condT ); 10529 else 10530 putIRegA( regD, mkexpr(res_q), condT, Ijk_Boring ); 10531 10532 DIP("uqsub16%s r%u, r%u, r%u\n", nCC(conq),regD,regN,regM); 10533 return True; 10534 } 10535 /* fall through */ 10536 } 10537 10538 /* ----------------- shadd16<c> <Rd>,<Rn>,<Rm> ------------------- */ 10539 { 10540 UInt regD = 99, regN = 99, regM = 99; 10541 Bool gate = False; 10542 10543 if (isT) { 10544 if (INSNT0(15,4) == 0xFA9 && (INSNT1(15,0) & 0xF0F0) == 0xF020) { 10545 regN = INSNT0(3,0); 10546 regD = INSNT1(11,8); 10547 regM = INSNT1(3,0); 10548 if (!isBadRegT(regD) && !isBadRegT(regN) && !isBadRegT(regM)) 10549 gate = True; 10550 } 10551 } else { 10552 if (INSNA(27,20) == BITS8(0,1,1,0,0,0,1,1) && 10553 INSNA(11,8) == BITS4(1,1,1,1) && 10554 INSNA(7,4) == BITS4(0,0,0,1)) { 10555 regD = INSNA(15,12); 10556 regN = INSNA(19,16); 10557 regM = INSNA(3,0); 10558 if (regD != 15 && regN != 15 && regM != 15) 10559 gate = True; 10560 } 10561 } 10562 10563 if (gate) { 10564 IRTemp rNt = newTemp(Ity_I32); 10565 IRTemp rMt = newTemp(Ity_I32); 10566 IRTemp res_q = newTemp(Ity_I32); 10567 10568 assign( rNt, isT ? getIRegT(regN) : getIRegA(regN) ); 10569 assign( rMt, isT ? getIRegT(regM) : getIRegA(regM) ); 10570 10571 assign(res_q, binop(Iop_HAdd16Sx2, mkexpr(rNt), mkexpr(rMt))); 10572 if (isT) 10573 putIRegT( regD, mkexpr(res_q), condT ); 10574 else 10575 putIRegA( regD, mkexpr(res_q), condT, Ijk_Boring ); 10576 10577 DIP("shadd16%s r%u, r%u, r%u\n", nCC(conq),regD,regN,regM); 10578 return True; 10579 } 10580 /* fall through */ 10581 } 10582 10583 /* ----------------- uhsub8<c> <Rd>,<Rn>,<Rm> ------------------- */ 10584 { 10585 UInt regD = 99, regN = 99, regM = 99; 10586 Bool gate = False; 10587 10588 if (isT) { 10589 if (INSNT0(15,4) == 0xFAC && (INSNT1(15,0) & 0xF0F0) == 0xF060) { 10590 regN = INSNT0(3,0); 10591 regD = INSNT1(11,8); 10592 regM = INSNT1(3,0); 10593 if (!isBadRegT(regD) && !isBadRegT(regN) && !isBadRegT(regM)) 10594 gate = True; 10595 } 10596 } else { 10597 if (INSNA(27,20) == BITS8(0,1,1,0,0,1,1,1) && 10598 INSNA(11,8) == BITS4(1,1,1,1) && 10599 INSNA(7,4) == BITS4(1,1,1,1)) { 10600 regD = INSNA(15,12); 10601 regN = INSNA(19,16); 10602 regM = INSNA(3,0); 10603 if (regD != 15 && regN != 15 && regM != 15) 10604 gate = True; 10605 } 10606 } 10607 10608 if (gate) { 10609 IRTemp rNt = newTemp(Ity_I32); 10610 IRTemp rMt = newTemp(Ity_I32); 10611 IRTemp res_q = newTemp(Ity_I32); 10612 10613 assign( rNt, isT ? getIRegT(regN) : getIRegA(regN) ); 10614 assign( rMt, isT ? getIRegT(regM) : getIRegA(regM) ); 10615 10616 assign(res_q, binop(Iop_HSub8Ux4, mkexpr(rNt), mkexpr(rMt))); 10617 if (isT) 10618 putIRegT( regD, mkexpr(res_q), condT ); 10619 else 10620 putIRegA( regD, mkexpr(res_q), condT, Ijk_Boring ); 10621 10622 DIP("uhsub8%s r%u, r%u, r%u\n", nCC(conq),regD,regN,regM); 10623 return True; 10624 } 10625 /* fall through */ 10626 } 10627 10628 /* ----------------- uhsub16<c> <Rd>,<Rn>,<Rm> ------------------- */ 10629 { 10630 UInt regD = 99, regN = 99, regM = 99; 10631 Bool gate = False; 10632 10633 if (isT) { 10634 if (INSNT0(15,4) == 0xFAD && (INSNT1(15,0) & 0xF0F0) == 0xF060) { 10635 regN = INSNT0(3,0); 10636 regD = INSNT1(11,8); 10637 regM = INSNT1(3,0); 10638 if (!isBadRegT(regD) && !isBadRegT(regN) && !isBadRegT(regM)) 10639 gate = True; 10640 } 10641 } else { 10642 if (INSNA(27,20) == BITS8(0,1,1,0,0,1,1,1) && 10643 INSNA(11,8) == BITS4(1,1,1,1) && 10644 INSNA(7,4) == BITS4(0,1,1,1)) { 10645 regD = INSNA(15,12); 10646 regN = INSNA(19,16); 10647 regM = INSNA(3,0); 10648 if (regD != 15 && regN != 15 && regM != 15) 10649 gate = True; 10650 } 10651 } 10652 10653 if (gate) { 10654 IRTemp rNt = newTemp(Ity_I32); 10655 IRTemp rMt = newTemp(Ity_I32); 10656 IRTemp res_q = newTemp(Ity_I32); 10657 10658 assign( rNt, isT ? getIRegT(regN) : getIRegA(regN) ); 10659 assign( rMt, isT ? getIRegT(regM) : getIRegA(regM) ); 10660 10661 assign(res_q, binop(Iop_HSub16Ux2, mkexpr(rNt), mkexpr(rMt))); 10662 if (isT) 10663 putIRegT( regD, mkexpr(res_q), condT ); 10664 else 10665 putIRegA( regD, mkexpr(res_q), condT, Ijk_Boring ); 10666 10667 DIP("uhsub16%s r%u, r%u, r%u\n", nCC(conq),regD,regN,regM); 10668 return True; 10669 } 10670 /* fall through */ 10671 } 10672 10673 /* ---------- Doesn't match anything. ---------- */ 10674 return False; 10675 10676 # undef INSNA 10677 # undef INSNT0 10678 # undef INSNT1 10679 } 10680 10681 10682 /*------------------------------------------------------------*/ 10683 /*--- LDMxx/STMxx helper (both ARM and Thumb32) ---*/ 10684 /*------------------------------------------------------------*/ 10685 10686 /* Generate IR for LDMxx and STMxx. This is complex. Assumes it's 10687 unconditional, so the caller must produce a jump-around before 10688 calling this, if the insn is to be conditional. Caller is 10689 responsible for all validation of parameters. For LDMxx, if PC is 10690 amongst the values loaded, caller is also responsible for 10691 generating the jump. */ 10692 static void mk_ldm_stm ( Bool arm, /* True: ARM, False: Thumb */ 10693 UInt rN, /* base reg */ 10694 UInt bINC, /* 1: inc, 0: dec */ 10695 UInt bBEFORE, /* 1: inc/dec before, 0: after */ 10696 UInt bW, /* 1: writeback to Rn */ 10697 UInt bL, /* 1: load, 0: store */ 10698 UInt regList ) 10699 { 10700 Int i, r, m, nRegs; 10701 IRTemp jk = Ijk_Boring; 10702 10703 /* Get hold of the old Rn value. We might need to write its value 10704 to memory during a store, and if it's also the writeback 10705 register then we need to get its value now. We can't treat it 10706 exactly like the other registers we're going to transfer, 10707 because for xxMDA and xxMDB writeback forms, the generated IR 10708 updates Rn in the guest state before any transfers take place. 10709 We have to do this as per comments below, in order that if Rn is 10710 the stack pointer then it always has a value is below or equal 10711 to any of the transfer addresses. Ick. */ 10712 IRTemp oldRnT = newTemp(Ity_I32); 10713 assign(oldRnT, arm ? getIRegA(rN) : getIRegT(rN)); 10714 10715 IRTemp anchorT = newTemp(Ity_I32); 10716 /* The old (Addison-Wesley) ARM ARM seems to say that LDMxx/STMxx 10717 ignore the bottom two bits of the address. However, Cortex-A8 10718 doesn't seem to care. Hence: */ 10719 /* No .. don't force alignment .. */ 10720 /* assign(anchorT, binop(Iop_And32, mkexpr(oldRnT), mkU32(~3U))); */ 10721 /* Instead, use the potentially misaligned address directly. */ 10722 assign(anchorT, mkexpr(oldRnT)); 10723 10724 IROp opADDorSUB = bINC ? Iop_Add32 : Iop_Sub32; 10725 // bINC == 1: xxMIA, xxMIB 10726 // bINC == 0: xxMDA, xxMDB 10727 10728 // For xxMDA and xxMDB, update Rn first if necessary. We have 10729 // to do this first so that, for the common idiom of the transfers 10730 // faulting because we're pushing stuff onto a stack and the stack 10731 // is growing down onto allocate-on-fault pages (as Valgrind simulates), 10732 // we need to have the SP up-to-date "covering" (pointing below) the 10733 // transfer area. For the same reason, if we are doing xxMIA or xxMIB, 10734 // do the transfer first, and then update rN afterwards. 10735 nRegs = 0; 10736 for (i = 0; i < 16; i++) { 10737 if ((regList & (1 << i)) != 0) 10738 nRegs++; 10739 } 10740 if (bW == 1 && !bINC) { 10741 IRExpr* e = binop(opADDorSUB, mkexpr(oldRnT), mkU32(4*nRegs)); 10742 if (arm) 10743 putIRegA( rN, e, IRTemp_INVALID, Ijk_Boring ); 10744 else 10745 putIRegT( rN, e, IRTemp_INVALID ); 10746 } 10747 10748 // Make up a list of the registers to transfer, and their offsets 10749 // in memory relative to the anchor. If the base reg (Rn) is part 10750 // of the transfer, then do it last for a load and first for a store. 10751 UInt xReg[16], xOff[16]; 10752 Int nX = 0; 10753 m = 0; 10754 for (i = 0; i < 16; i++) { 10755 r = bINC ? i : (15-i); 10756 if (0 == (regList & (1<<r))) 10757 continue; 10758 if (bBEFORE) 10759 m++; 10760 /* paranoia: check we aren't transferring the writeback 10761 register during a load. Should be assured by decode-point 10762 check above. */ 10763 if (bW == 1 && bL == 1) 10764 vassert(r != rN); 10765 10766 xOff[nX] = 4 * m; 10767 xReg[nX] = r; 10768 nX++; 10769 10770 if (!bBEFORE) 10771 m++; 10772 } 10773 vassert(m == nRegs); 10774 vassert(nX == nRegs); 10775 vassert(nX <= 16); 10776 10777 if (bW == 0 && (regList & (1<<rN)) != 0) { 10778 /* Non-writeback, and basereg is to be transferred. Do its 10779 transfer last for a load and first for a store. Requires 10780 reordering xOff/xReg. */ 10781 if (0) { 10782 vex_printf("\nREG_LIST_PRE: (rN=%d)\n", rN); 10783 for (i = 0; i < nX; i++) 10784 vex_printf("reg %d off %d\n", xReg[i], xOff[i]); 10785 vex_printf("\n"); 10786 } 10787 10788 vassert(nX > 0); 10789 for (i = 0; i < nX; i++) { 10790 if (xReg[i] == rN) 10791 break; 10792 } 10793 vassert(i < nX); /* else we didn't find it! */ 10794 UInt tReg = xReg[i]; 10795 UInt tOff = xOff[i]; 10796 if (bL == 1) { 10797 /* load; make this transfer happen last */ 10798 if (i < nX-1) { 10799 for (m = i+1; m < nX; m++) { 10800 xReg[m-1] = xReg[m]; 10801 xOff[m-1] = xOff[m]; 10802 } 10803 vassert(m == nX); 10804 xReg[m-1] = tReg; 10805 xOff[m-1] = tOff; 10806 } 10807 } else { 10808 /* store; make this transfer happen first */ 10809 if (i > 0) { 10810 for (m = i-1; m >= 0; m--) { 10811 xReg[m+1] = xReg[m]; 10812 xOff[m+1] = xOff[m]; 10813 } 10814 vassert(m == -1); 10815 xReg[0] = tReg; 10816 xOff[0] = tOff; 10817 } 10818 } 10819 10820 if (0) { 10821 vex_printf("REG_LIST_POST:\n"); 10822 for (i = 0; i < nX; i++) 10823 vex_printf("reg %d off %d\n", xReg[i], xOff[i]); 10824 vex_printf("\n"); 10825 } 10826 } 10827 10828 /* According to the Cortex A8 TRM Sec. 5.2.1, LDM(1) with r13 as the base 10829 register and PC in the register list is a return for purposes of branch 10830 prediction. 10831 The ARM ARM Sec. C9.10.1 further specifies that writeback must be enabled 10832 to be counted in event 0x0E (Procedure return).*/ 10833 if (rN == 13 && bL == 1 && bINC && !bBEFORE && bW == 1) { 10834 jk = Ijk_Ret; 10835 } 10836 10837 /* Actually generate the transfers */ 10838 for (i = 0; i < nX; i++) { 10839 r = xReg[i]; 10840 if (bL == 1) { 10841 IRExpr* e = loadLE(Ity_I32, 10842 binop(opADDorSUB, mkexpr(anchorT), 10843 mkU32(xOff[i]))); 10844 if (arm) { 10845 putIRegA( r, e, IRTemp_INVALID, jk ); 10846 } else { 10847 // no: putIRegT( r, e, IRTemp_INVALID ); 10848 // putIRegT refuses to write to R15. But that might happen. 10849 // Since this is uncond, and we need to be able to 10850 // write the PC, just use the low level put: 10851 llPutIReg( r, e ); 10852 } 10853 } else { 10854 /* if we're storing Rn, make sure we use the correct 10855 value, as per extensive comments above */ 10856 storeLE( binop(opADDorSUB, mkexpr(anchorT), mkU32(xOff[i])), 10857 r == rN ? mkexpr(oldRnT) 10858 : (arm ? getIRegA(r) : getIRegT(r) ) ); 10859 } 10860 } 10861 10862 // If we are doing xxMIA or xxMIB, 10863 // do the transfer first, and then update rN afterwards. 10864 if (bW == 1 && bINC) { 10865 IRExpr* e = binop(opADDorSUB, mkexpr(oldRnT), mkU32(4*nRegs)); 10866 if (arm) 10867 putIRegA( rN, e, IRTemp_INVALID, Ijk_Boring ); 10868 else 10869 putIRegT( rN, e, IRTemp_INVALID ); 10870 } 10871 } 10872 10873 10874 /*------------------------------------------------------------*/ 10875 /*--- VFP (CP 10 and 11) instructions ---*/ 10876 /*------------------------------------------------------------*/ 10877 10878 /* Both ARM and Thumb */ 10879 10880 /* Translate a CP10 or CP11 instruction. If successful, returns 10881 True and *dres may or may not be updated. If failure, returns 10882 False and doesn't change *dres nor create any IR. 10883 10884 The ARM and Thumb encodings are identical for the low 28 bits of 10885 the insn (yay!) and that's what the caller must supply, iow, imm28 10886 has the top 4 bits masked out. Caller is responsible for 10887 determining whether the masked-out bits are valid for a CP10/11 10888 insn. The rules for the top 4 bits are: 10889 10890 ARM: 0000 to 1110 allowed, and this is the gating condition. 10891 1111 (NV) is not allowed. 10892 10893 Thumb: must be 1110. The gating condition is taken from 10894 ITSTATE in the normal way. 10895 10896 Conditionalisation: 10897 10898 Caller must supply an IRTemp 'condT' holding the gating condition, 10899 or IRTemp_INVALID indicating the insn is always executed. 10900 10901 Caller must also supply an ARMCondcode 'cond'. This is only used 10902 for debug printing, no other purpose. For ARM, this is simply the 10903 top 4 bits of the original instruction. For Thumb, the condition 10904 is not (really) known until run time, and so ARMCondAL should be 10905 passed, only so that printing of these instructions does not show 10906 any condition. 10907 10908 Finally, the caller must indicate whether this occurs in ARM or 10909 Thumb code. 10910 */ 10911 static Bool decode_CP10_CP11_instruction ( 10912 /*MOD*/DisResult* dres, 10913 UInt insn28, 10914 IRTemp condT, 10915 ARMCondcode conq, 10916 Bool isT 10917 ) 10918 { 10919 # define INSN(_bMax,_bMin) SLICE_UInt(insn28, (_bMax), (_bMin)) 10920 10921 vassert(INSN(31,28) == BITS4(0,0,0,0)); // caller's obligation 10922 10923 if (isT) { 10924 vassert(conq == ARMCondAL); 10925 } else { 10926 vassert(conq >= ARMCondEQ && conq <= ARMCondAL); 10927 } 10928 10929 /* ----------------------------------------------------------- */ 10930 /* -- VFP instructions -- double precision (mostly) -- */ 10931 /* ----------------------------------------------------------- */ 10932 10933 /* --------------------- fldmx, fstmx --------------------- */ 10934 /* 10935 31 27 23 19 15 11 7 0 10936 P U WL 10937 C4-100, C5-26 1 FSTMX cond 1100 1000 Rn Dd 1011 offset 10938 C4-100, C5-28 2 FSTMIAX cond 1100 1010 Rn Dd 1011 offset 10939 C4-100, C5-30 3 FSTMDBX cond 1101 0010 Rn Dd 1011 offset 10940 10941 C4-42, C5-26 1 FLDMX cond 1100 1001 Rn Dd 1011 offset 10942 C4-42, C5-28 2 FLDMIAX cond 1100 1011 Rn Dd 1011 offset 10943 C4-42, C5-30 3 FLDMDBX cond 1101 0011 Rn Dd 1011 offset 10944 10945 Regs transferred: Dd .. D(d + (offset-3)/2) 10946 offset must be odd, must not imply a reg > 15 10947 IA/DB: Rn is changed by (4 + 8 x # regs transferred) 10948 10949 case coding: 10950 1 at-Rn (access at Rn) 10951 2 ia-Rn (access at Rn, then Rn += 4+8n) 10952 3 db-Rn (Rn -= 4+8n, then access at Rn) 10953 */ 10954 if (BITS8(1,1,0,0,0,0,0,0) == (INSN(27,20) & BITS8(1,1,1,0,0,0,0,0)) 10955 && INSN(11,8) == BITS4(1,0,1,1)) { 10956 UInt bP = (insn28 >> 24) & 1; 10957 UInt bU = (insn28 >> 23) & 1; 10958 UInt bW = (insn28 >> 21) & 1; 10959 UInt bL = (insn28 >> 20) & 1; 10960 UInt offset = (insn28 >> 0) & 0xFF; 10961 UInt rN = INSN(19,16); 10962 UInt dD = (INSN(22,22) << 4) | INSN(15,12); 10963 UInt nRegs = (offset - 1) / 2; 10964 UInt summary = 0; 10965 Int i; 10966 10967 /**/ if (bP == 0 && bU == 1 && bW == 0) { 10968 summary = 1; 10969 } 10970 else if (bP == 0 && bU == 1 && bW == 1) { 10971 summary = 2; 10972 } 10973 else if (bP == 1 && bU == 0 && bW == 1) { 10974 summary = 3; 10975 } 10976 else goto after_vfp_fldmx_fstmx; 10977 10978 /* no writebacks to r15 allowed. No use of r15 in thumb mode. */ 10979 if (rN == 15 && (summary == 2 || summary == 3 || isT)) 10980 goto after_vfp_fldmx_fstmx; 10981 10982 /* offset must be odd, and specify at least one register */ 10983 if (0 == (offset & 1) || offset < 3) 10984 goto after_vfp_fldmx_fstmx; 10985 10986 /* can't transfer regs after D15 */ 10987 if (dD + nRegs - 1 >= 32) 10988 goto after_vfp_fldmx_fstmx; 10989 10990 /* Now, we can't do a conditional load or store, since that very 10991 likely will generate an exception. So we have to take a side 10992 exit at this point if the condition is false. */ 10993 if (condT != IRTemp_INVALID) { 10994 if (isT) 10995 mk_skip_over_T32_if_cond_is_false( condT ); 10996 else 10997 mk_skip_over_A32_if_cond_is_false( condT ); 10998 condT = IRTemp_INVALID; 10999 } 11000 /* Ok, now we're unconditional. Do the load or store. */ 11001 11002 /* get the old Rn value */ 11003 IRTemp rnT = newTemp(Ity_I32); 11004 assign(rnT, align4if(isT ? getIRegT(rN) : getIRegA(rN), 11005 rN == 15)); 11006 11007 /* make a new value for Rn, post-insn */ 11008 IRTemp rnTnew = IRTemp_INVALID; 11009 if (summary == 2 || summary == 3) { 11010 rnTnew = newTemp(Ity_I32); 11011 assign(rnTnew, binop(summary == 2 ? Iop_Add32 : Iop_Sub32, 11012 mkexpr(rnT), 11013 mkU32(4 + 8 * nRegs))); 11014 } 11015 11016 /* decide on the base transfer address */ 11017 IRTemp taT = newTemp(Ity_I32); 11018 assign(taT, summary == 3 ? mkexpr(rnTnew) : mkexpr(rnT)); 11019 11020 /* update Rn if necessary -- in case 3, we're moving it down, so 11021 update before any memory reference, in order to keep Memcheck 11022 and V's stack-extending logic (on linux) happy */ 11023 if (summary == 3) { 11024 if (isT) 11025 putIRegT(rN, mkexpr(rnTnew), IRTemp_INVALID); 11026 else 11027 putIRegA(rN, mkexpr(rnTnew), IRTemp_INVALID, Ijk_Boring); 11028 } 11029 11030 /* generate the transfers */ 11031 for (i = 0; i < nRegs; i++) { 11032 IRExpr* addr = binop(Iop_Add32, mkexpr(taT), mkU32(8*i)); 11033 if (bL) { 11034 putDReg(dD + i, loadLE(Ity_F64, addr), IRTemp_INVALID); 11035 } else { 11036 storeLE(addr, getDReg(dD + i)); 11037 } 11038 } 11039 11040 /* update Rn if necessary -- in case 2, we're moving it up, so 11041 update after any memory reference, in order to keep Memcheck 11042 and V's stack-extending logic (on linux) happy */ 11043 if (summary == 2) { 11044 if (isT) 11045 putIRegT(rN, mkexpr(rnTnew), IRTemp_INVALID); 11046 else 11047 putIRegA(rN, mkexpr(rnTnew), IRTemp_INVALID, Ijk_Boring); 11048 } 11049 11050 HChar* nm = bL==1 ? "ld" : "st"; 11051 switch (summary) { 11052 case 1: DIP("f%smx%s r%u, {d%u-d%u}\n", 11053 nm, nCC(conq), rN, dD, dD + nRegs - 1); 11054 break; 11055 case 2: DIP("f%smiax%s r%u!, {d%u-d%u}\n", 11056 nm, nCC(conq), rN, dD, dD + nRegs - 1); 11057 break; 11058 case 3: DIP("f%smdbx%s r%u!, {d%u-d%u}\n", 11059 nm, nCC(conq), rN, dD, dD + nRegs - 1); 11060 break; 11061 default: vassert(0); 11062 } 11063 11064 goto decode_success_vfp; 11065 /* FIXME alignment constraints? */ 11066 } 11067 11068 after_vfp_fldmx_fstmx: 11069 11070 /* --------------------- fldmd, fstmd --------------------- */ 11071 /* 11072 31 27 23 19 15 11 7 0 11073 P U WL 11074 C4-96, C5-26 1 FSTMD cond 1100 1000 Rn Dd 1011 offset 11075 C4-96, C5-28 2 FSTMDIA cond 1100 1010 Rn Dd 1011 offset 11076 C4-96, C5-30 3 FSTMDDB cond 1101 0010 Rn Dd 1011 offset 11077 11078 C4-38, C5-26 1 FLDMD cond 1100 1001 Rn Dd 1011 offset 11079 C4-38, C5-28 2 FLDMIAD cond 1100 1011 Rn Dd 1011 offset 11080 C4-38, C5-30 3 FLDMDBD cond 1101 0011 Rn Dd 1011 offset 11081 11082 Regs transferred: Dd .. D(d + (offset-2)/2) 11083 offset must be even, must not imply a reg > 15 11084 IA/DB: Rn is changed by (8 x # regs transferred) 11085 11086 case coding: 11087 1 at-Rn (access at Rn) 11088 2 ia-Rn (access at Rn, then Rn += 8n) 11089 3 db-Rn (Rn -= 8n, then access at Rn) 11090 */ 11091 if (BITS8(1,1,0,0,0,0,0,0) == (INSN(27,20) & BITS8(1,1,1,0,0,0,0,0)) 11092 && INSN(11,8) == BITS4(1,0,1,1)) { 11093 UInt bP = (insn28 >> 24) & 1; 11094 UInt bU = (insn28 >> 23) & 1; 11095 UInt bW = (insn28 >> 21) & 1; 11096 UInt bL = (insn28 >> 20) & 1; 11097 UInt offset = (insn28 >> 0) & 0xFF; 11098 UInt rN = INSN(19,16); 11099 UInt dD = (INSN(22,22) << 4) | INSN(15,12); 11100 UInt nRegs = offset / 2; 11101 UInt summary = 0; 11102 Int i; 11103 11104 /**/ if (bP == 0 && bU == 1 && bW == 0) { 11105 summary = 1; 11106 } 11107 else if (bP == 0 && bU == 1 && bW == 1) { 11108 summary = 2; 11109 } 11110 else if (bP == 1 && bU == 0 && bW == 1) { 11111 summary = 3; 11112 } 11113 else goto after_vfp_fldmd_fstmd; 11114 11115 /* no writebacks to r15 allowed. No use of r15 in thumb mode. */ 11116 if (rN == 15 && (summary == 2 || summary == 3 || isT)) 11117 goto after_vfp_fldmd_fstmd; 11118 11119 /* offset must be even, and specify at least one register */ 11120 if (1 == (offset & 1) || offset < 2) 11121 goto after_vfp_fldmd_fstmd; 11122 11123 /* can't transfer regs after D15 */ 11124 if (dD + nRegs - 1 >= 32) 11125 goto after_vfp_fldmd_fstmd; 11126 11127 /* Now, we can't do a conditional load or store, since that very 11128 likely will generate an exception. So we have to take a side 11129 exit at this point if the condition is false. */ 11130 if (condT != IRTemp_INVALID) { 11131 if (isT) 11132 mk_skip_over_T32_if_cond_is_false( condT ); 11133 else 11134 mk_skip_over_A32_if_cond_is_false( condT ); 11135 condT = IRTemp_INVALID; 11136 } 11137 /* Ok, now we're unconditional. Do the load or store. */ 11138 11139 /* get the old Rn value */ 11140 IRTemp rnT = newTemp(Ity_I32); 11141 assign(rnT, align4if(isT ? getIRegT(rN) : getIRegA(rN), 11142 rN == 15)); 11143 11144 /* make a new value for Rn, post-insn */ 11145 IRTemp rnTnew = IRTemp_INVALID; 11146 if (summary == 2 || summary == 3) { 11147 rnTnew = newTemp(Ity_I32); 11148 assign(rnTnew, binop(summary == 2 ? Iop_Add32 : Iop_Sub32, 11149 mkexpr(rnT), 11150 mkU32(8 * nRegs))); 11151 } 11152 11153 /* decide on the base transfer address */ 11154 IRTemp taT = newTemp(Ity_I32); 11155 assign(taT, summary == 3 ? mkexpr(rnTnew) : mkexpr(rnT)); 11156 11157 /* update Rn if necessary -- in case 3, we're moving it down, so 11158 update before any memory reference, in order to keep Memcheck 11159 and V's stack-extending logic (on linux) happy */ 11160 if (summary == 3) { 11161 if (isT) 11162 putIRegT(rN, mkexpr(rnTnew), IRTemp_INVALID); 11163 else 11164 putIRegA(rN, mkexpr(rnTnew), IRTemp_INVALID, Ijk_Boring); 11165 } 11166 11167 /* generate the transfers */ 11168 for (i = 0; i < nRegs; i++) { 11169 IRExpr* addr = binop(Iop_Add32, mkexpr(taT), mkU32(8*i)); 11170 if (bL) { 11171 putDReg(dD + i, loadLE(Ity_F64, addr), IRTemp_INVALID); 11172 } else { 11173 storeLE(addr, getDReg(dD + i)); 11174 } 11175 } 11176 11177 /* update Rn if necessary -- in case 2, we're moving it up, so 11178 update after any memory reference, in order to keep Memcheck 11179 and V's stack-extending logic (on linux) happy */ 11180 if (summary == 2) { 11181 if (isT) 11182 putIRegT(rN, mkexpr(rnTnew), IRTemp_INVALID); 11183 else 11184 putIRegA(rN, mkexpr(rnTnew), IRTemp_INVALID, Ijk_Boring); 11185 } 11186 11187 HChar* nm = bL==1 ? "ld" : "st"; 11188 switch (summary) { 11189 case 1: DIP("f%smd%s r%u, {d%u-d%u}\n", 11190 nm, nCC(conq), rN, dD, dD + nRegs - 1); 11191 break; 11192 case 2: DIP("f%smiad%s r%u!, {d%u-d%u}\n", 11193 nm, nCC(conq), rN, dD, dD + nRegs - 1); 11194 break; 11195 case 3: DIP("f%smdbd%s r%u!, {d%u-d%u}\n", 11196 nm, nCC(conq), rN, dD, dD + nRegs - 1); 11197 break; 11198 default: vassert(0); 11199 } 11200 11201 goto decode_success_vfp; 11202 /* FIXME alignment constraints? */ 11203 } 11204 11205 after_vfp_fldmd_fstmd: 11206 11207 /* ------------------- fmrx, fmxr ------------------- */ 11208 if (BITS8(1,1,1,0,1,1,1,1) == INSN(27,20) 11209 && BITS4(1,0,1,0) == INSN(11,8) 11210 && BITS8(0,0,0,1,0,0,0,0) == (insn28 & 0xFF)) { 11211 UInt rD = INSN(15,12); 11212 UInt reg = INSN(19,16); 11213 if (reg == BITS4(0,0,0,1)) { 11214 if (rD == 15) { 11215 IRTemp nzcvT = newTemp(Ity_I32); 11216 /* When rD is 15, we are copying the top 4 bits of FPSCR 11217 into CPSR. That is, set the flags thunk to COPY and 11218 install FPSCR[31:28] as the value to copy. */ 11219 assign(nzcvT, binop(Iop_And32, 11220 IRExpr_Get(OFFB_FPSCR, Ity_I32), 11221 mkU32(0xF0000000))); 11222 setFlags_D1(ARMG_CC_OP_COPY, nzcvT, condT); 11223 DIP("fmstat%s\n", nCC(conq)); 11224 } else { 11225 /* Otherwise, merely transfer FPSCR to r0 .. r14. */ 11226 IRExpr* e = IRExpr_Get(OFFB_FPSCR, Ity_I32); 11227 if (isT) 11228 putIRegT(rD, e, condT); 11229 else 11230 putIRegA(rD, e, condT, Ijk_Boring); 11231 DIP("fmrx%s r%u, fpscr\n", nCC(conq), rD); 11232 } 11233 goto decode_success_vfp; 11234 } 11235 /* fall through */ 11236 } 11237 11238 if (BITS8(1,1,1,0,1,1,1,0) == INSN(27,20) 11239 && BITS4(1,0,1,0) == INSN(11,8) 11240 && BITS8(0,0,0,1,0,0,0,0) == (insn28 & 0xFF)) { 11241 UInt rD = INSN(15,12); 11242 UInt reg = INSN(19,16); 11243 if (reg == BITS4(0,0,0,1)) { 11244 putMiscReg32(OFFB_FPSCR, 11245 isT ? getIRegT(rD) : getIRegA(rD), condT); 11246 DIP("fmxr%s fpscr, r%u\n", nCC(conq), rD); 11247 goto decode_success_vfp; 11248 } 11249 /* fall through */ 11250 } 11251 11252 /* --------------------- vmov --------------------- */ 11253 // VMOV dM, rD, rN 11254 if (0x0C400B10 == (insn28 & 0x0FF00FD0)) { 11255 UInt dM = INSN(3,0) | (INSN(5,5) << 4); 11256 UInt rD = INSN(15,12); /* lo32 */ 11257 UInt rN = INSN(19,16); /* hi32 */ 11258 if (rD == 15 || rN == 15 || (isT && (rD == 13 || rN == 13))) { 11259 /* fall through */ 11260 } else { 11261 putDReg(dM, 11262 unop(Iop_ReinterpI64asF64, 11263 binop(Iop_32HLto64, 11264 isT ? getIRegT(rN) : getIRegA(rN), 11265 isT ? getIRegT(rD) : getIRegA(rD))), 11266 condT); 11267 DIP("vmov%s d%u, r%u, r%u\n", nCC(conq), dM, rD, rN); 11268 goto decode_success_vfp; 11269 } 11270 /* fall through */ 11271 } 11272 11273 // VMOV rD, rN, dM 11274 if (0x0C500B10 == (insn28 & 0x0FF00FD0)) { 11275 UInt dM = INSN(3,0) | (INSN(5,5) << 4); 11276 UInt rD = INSN(15,12); /* lo32 */ 11277 UInt rN = INSN(19,16); /* hi32 */ 11278 if (rD == 15 || rN == 15 || (isT && (rD == 13 || rN == 13)) 11279 || rD == rN) { 11280 /* fall through */ 11281 } else { 11282 IRTemp i64 = newTemp(Ity_I64); 11283 assign(i64, unop(Iop_ReinterpF64asI64, getDReg(dM))); 11284 IRExpr* hi32 = unop(Iop_64HIto32, mkexpr(i64)); 11285 IRExpr* lo32 = unop(Iop_64to32, mkexpr(i64)); 11286 if (isT) { 11287 putIRegT(rN, hi32, condT); 11288 putIRegT(rD, lo32, condT); 11289 } else { 11290 putIRegA(rN, hi32, condT, Ijk_Boring); 11291 putIRegA(rD, lo32, condT, Ijk_Boring); 11292 } 11293 DIP("vmov%s r%u, r%u, d%u\n", nCC(conq), rD, rN, dM); 11294 goto decode_success_vfp; 11295 } 11296 /* fall through */ 11297 } 11298 11299 // VMOV sD, sD+1, rN, rM 11300 if (0x0C400A10 == (insn28 & 0x0FF00FD0)) { 11301 UInt sD = (INSN(3,0) << 1) | INSN(5,5); 11302 UInt rN = INSN(15,12); 11303 UInt rM = INSN(19,16); 11304 if (rM == 15 || rN == 15 || (isT && (rM == 13 || rN == 13)) 11305 || sD == 31) { 11306 /* fall through */ 11307 } else { 11308 putFReg(sD, 11309 unop(Iop_ReinterpI32asF32, isT ? getIRegT(rN) : getIRegA(rN)), 11310 condT); 11311 putFReg(sD+1, 11312 unop(Iop_ReinterpI32asF32, isT ? getIRegT(rM) : getIRegA(rM)), 11313 condT); 11314 DIP("vmov%s, s%u, s%u, r%u, r%u\n", 11315 nCC(conq), sD, sD + 1, rN, rM); 11316 goto decode_success_vfp; 11317 } 11318 } 11319 11320 // VMOV rN, rM, sD, sD+1 11321 if (0x0C500A10 == (insn28 & 0x0FF00FD0)) { 11322 UInt sD = (INSN(3,0) << 1) | INSN(5,5); 11323 UInt rN = INSN(15,12); 11324 UInt rM = INSN(19,16); 11325 if (rM == 15 || rN == 15 || (isT && (rM == 13 || rN == 13)) 11326 || sD == 31 || rN == rM) { 11327 /* fall through */ 11328 } else { 11329 IRExpr* res0 = unop(Iop_ReinterpF32asI32, getFReg(sD)); 11330 IRExpr* res1 = unop(Iop_ReinterpF32asI32, getFReg(sD+1)); 11331 if (isT) { 11332 putIRegT(rN, res0, condT); 11333 putIRegT(rM, res1, condT); 11334 } else { 11335 putIRegA(rN, res0, condT, Ijk_Boring); 11336 putIRegA(rM, res1, condT, Ijk_Boring); 11337 } 11338 DIP("vmov%s, r%u, r%u, s%u, s%u\n", 11339 nCC(conq), rN, rM, sD, sD + 1); 11340 goto decode_success_vfp; 11341 } 11342 } 11343 11344 // VMOV rD[x], rT (ARM core register to scalar) 11345 if (0x0E000B10 == (insn28 & 0x0F900F1F)) { 11346 UInt rD = (INSN(7,7) << 4) | INSN(19,16); 11347 UInt rT = INSN(15,12); 11348 UInt opc = (INSN(22,21) << 2) | INSN(6,5); 11349 UInt index; 11350 if (rT == 15 || (isT && rT == 13)) { 11351 /* fall through */ 11352 } else { 11353 if ((opc & BITS4(1,0,0,0)) == BITS4(1,0,0,0)) { 11354 index = opc & 7; 11355 putDRegI64(rD, triop(Iop_SetElem8x8, 11356 getDRegI64(rD), 11357 mkU8(index), 11358 unop(Iop_32to8, 11359 isT ? getIRegT(rT) : getIRegA(rT))), 11360 condT); 11361 DIP("vmov%s.8 d%u[%u], r%u\n", nCC(conq), rD, index, rT); 11362 goto decode_success_vfp; 11363 } 11364 else if ((opc & BITS4(1,0,0,1)) == BITS4(0,0,0,1)) { 11365 index = (opc >> 1) & 3; 11366 putDRegI64(rD, triop(Iop_SetElem16x4, 11367 getDRegI64(rD), 11368 mkU8(index), 11369 unop(Iop_32to16, 11370 isT ? getIRegT(rT) : getIRegA(rT))), 11371 condT); 11372 DIP("vmov%s.16 d%u[%u], r%u\n", nCC(conq), rD, index, rT); 11373 goto decode_success_vfp; 11374 } 11375 else if ((opc & BITS4(1,0,1,1)) == BITS4(0,0,0,0)) { 11376 index = (opc >> 2) & 1; 11377 putDRegI64(rD, triop(Iop_SetElem32x2, 11378 getDRegI64(rD), 11379 mkU8(index), 11380 isT ? getIRegT(rT) : getIRegA(rT)), 11381 condT); 11382 DIP("vmov%s.32 d%u[%u], r%u\n", nCC(conq), rD, index, rT); 11383 goto decode_success_vfp; 11384 } else { 11385 /* fall through */ 11386 } 11387 } 11388 } 11389 11390 // VMOV (scalar to ARM core register) 11391 // VMOV rT, rD[x] 11392 if (0x0E100B10 == (insn28 & 0x0F100F1F)) { 11393 UInt rN = (INSN(7,7) << 4) | INSN(19,16); 11394 UInt rT = INSN(15,12); 11395 UInt U = INSN(23,23); 11396 UInt opc = (INSN(22,21) << 2) | INSN(6,5); 11397 UInt index; 11398 if (rT == 15 || (isT && rT == 13)) { 11399 /* fall through */ 11400 } else { 11401 if ((opc & BITS4(1,0,0,0)) == BITS4(1,0,0,0)) { 11402 index = opc & 7; 11403 IRExpr* e = unop(U ? Iop_8Uto32 : Iop_8Sto32, 11404 binop(Iop_GetElem8x8, 11405 getDRegI64(rN), 11406 mkU8(index))); 11407 if (isT) 11408 putIRegT(rT, e, condT); 11409 else 11410 putIRegA(rT, e, condT, Ijk_Boring); 11411 DIP("vmov%s.%c8 r%u, d%u[%u]\n", nCC(conq), U ? 'u' : 's', 11412 rT, rN, index); 11413 goto decode_success_vfp; 11414 } 11415 else if ((opc & BITS4(1,0,0,1)) == BITS4(0,0,0,1)) { 11416 index = (opc >> 1) & 3; 11417 IRExpr* e = unop(U ? Iop_16Uto32 : Iop_16Sto32, 11418 binop(Iop_GetElem16x4, 11419 getDRegI64(rN), 11420 mkU8(index))); 11421 if (isT) 11422 putIRegT(rT, e, condT); 11423 else 11424 putIRegA(rT, e, condT, Ijk_Boring); 11425 DIP("vmov%s.%c16 r%u, d%u[%u]\n", nCC(conq), U ? 'u' : 's', 11426 rT, rN, index); 11427 goto decode_success_vfp; 11428 } 11429 else if ((opc & BITS4(1,0,1,1)) == BITS4(0,0,0,0) && U == 0) { 11430 index = (opc >> 2) & 1; 11431 IRExpr* e = binop(Iop_GetElem32x2, getDRegI64(rN), mkU8(index)); 11432 if (isT) 11433 putIRegT(rT, e, condT); 11434 else 11435 putIRegA(rT, e, condT, Ijk_Boring); 11436 DIP("vmov%s.32 r%u, d%u[%u]\n", nCC(conq), rT, rN, index); 11437 goto decode_success_vfp; 11438 } else { 11439 /* fall through */ 11440 } 11441 } 11442 } 11443 11444 // VMOV.F32 sD, #imm 11445 // FCONSTS sD, #imm 11446 if (BITS8(1,1,1,0,1,0,1,1) == (INSN(27,20) & BITS8(1,1,1,1,1,0,1,1)) 11447 && BITS4(0,0,0,0) == INSN(7,4) && INSN(11,8) == BITS4(1,0,1,0)) { 11448 UInt rD = (INSN(15,12) << 1) | INSN(22,22); 11449 UInt imm8 = (INSN(19,16) << 4) | INSN(3,0); 11450 UInt b = (imm8 >> 6) & 1; 11451 UInt imm; 11452 imm = (BITS8((imm8 >> 7) & 1,(~b) & 1,b,b,b,b,b,(imm8 >> 5) & 1) << 8) 11453 | ((imm8 & 0x1f) << 3); 11454 imm <<= 16; 11455 putFReg(rD, unop(Iop_ReinterpI32asF32, mkU32(imm)), condT); 11456 DIP("fconsts%s s%u #%u", nCC(conq), rD, imm8); 11457 goto decode_success_vfp; 11458 } 11459 11460 // VMOV.F64 dD, #imm 11461 // FCONSTD dD, #imm 11462 if (BITS8(1,1,1,0,1,0,1,1) == (INSN(27,20) & BITS8(1,1,1,1,1,0,1,1)) 11463 && BITS4(0,0,0,0) == INSN(7,4) && INSN(11,8) == BITS4(1,0,1,1)) { 11464 UInt rD = INSN(15,12) | (INSN(22,22) << 4); 11465 UInt imm8 = (INSN(19,16) << 4) | INSN(3,0); 11466 UInt b = (imm8 >> 6) & 1; 11467 ULong imm; 11468 imm = (BITS8((imm8 >> 7) & 1,(~b) & 1,b,b,b,b,b,b) << 8) 11469 | BITS8(b,b,0,0,0,0,0,0) | (imm8 & 0x3f); 11470 imm <<= 48; 11471 putDReg(rD, unop(Iop_ReinterpI64asF64, mkU64(imm)), condT); 11472 DIP("fconstd%s d%u #%u", nCC(conq), rD, imm8); 11473 goto decode_success_vfp; 11474 } 11475 11476 /* ---------------------- vdup ------------------------- */ 11477 // VDUP dD, rT 11478 // VDUP qD, rT 11479 if (BITS8(1,1,1,0,1,0,0,0) == (INSN(27,20) & BITS8(1,1,1,1,1,0,0,1)) 11480 && BITS4(1,0,1,1) == INSN(11,8) && INSN(6,6) == 0 && INSN(4,4) == 1) { 11481 UInt rD = (INSN(7,7) << 4) | INSN(19,16); 11482 UInt rT = INSN(15,12); 11483 UInt Q = INSN(21,21); 11484 UInt size = (INSN(22,22) << 1) | INSN(5,5); 11485 if (rT == 15 || (isT && rT == 13) || size == 3 || (Q && (rD & 1))) { 11486 /* fall through */ 11487 } else { 11488 IRExpr* e = isT ? getIRegT(rT) : getIRegA(rT); 11489 if (Q) { 11490 rD >>= 1; 11491 switch (size) { 11492 case 0: 11493 putQReg(rD, unop(Iop_Dup32x4, e), condT); 11494 break; 11495 case 1: 11496 putQReg(rD, unop(Iop_Dup16x8, unop(Iop_32to16, e)), 11497 condT); 11498 break; 11499 case 2: 11500 putQReg(rD, unop(Iop_Dup8x16, unop(Iop_32to8, e)), 11501 condT); 11502 break; 11503 default: 11504 vassert(0); 11505 } 11506 DIP("vdup.%u q%u, r%u\n", 32 / (1<<size), rD, rT); 11507 } else { 11508 switch (size) { 11509 case 0: 11510 putDRegI64(rD, unop(Iop_Dup32x2, e), condT); 11511 break; 11512 case 1: 11513 putDRegI64(rD, unop(Iop_Dup16x4, unop(Iop_32to16, e)), 11514 condT); 11515 break; 11516 case 2: 11517 putDRegI64(rD, unop(Iop_Dup8x8, unop(Iop_32to8, e)), 11518 condT); 11519 break; 11520 default: 11521 vassert(0); 11522 } 11523 DIP("vdup.%u d%u, r%u\n", 32 / (1<<size), rD, rT); 11524 } 11525 goto decode_success_vfp; 11526 } 11527 } 11528 11529 /* --------------------- f{ld,st}d --------------------- */ 11530 // FLDD, FSTD 11531 if (BITS8(1,1,0,1,0,0,0,0) == (INSN(27,20) & BITS8(1,1,1,1,0,0,1,0)) 11532 && BITS4(1,0,1,1) == INSN(11,8)) { 11533 UInt dD = INSN(15,12) | (INSN(22,22) << 4); 11534 UInt rN = INSN(19,16); 11535 UInt offset = (insn28 & 0xFF) << 2; 11536 UInt bU = (insn28 >> 23) & 1; /* 1: +offset 0: -offset */ 11537 UInt bL = (insn28 >> 20) & 1; /* 1: load 0: store */ 11538 /* make unconditional */ 11539 if (condT != IRTemp_INVALID) { 11540 if (isT) 11541 mk_skip_over_T32_if_cond_is_false( condT ); 11542 else 11543 mk_skip_over_A32_if_cond_is_false( condT ); 11544 condT = IRTemp_INVALID; 11545 } 11546 IRTemp ea = newTemp(Ity_I32); 11547 assign(ea, binop(bU ? Iop_Add32 : Iop_Sub32, 11548 align4if(isT ? getIRegT(rN) : getIRegA(rN), 11549 rN == 15), 11550 mkU32(offset))); 11551 if (bL) { 11552 putDReg(dD, loadLE(Ity_F64,mkexpr(ea)), IRTemp_INVALID); 11553 } else { 11554 storeLE(mkexpr(ea), getDReg(dD)); 11555 } 11556 DIP("f%sd%s d%u, [r%u, %c#%u]\n", 11557 bL ? "ld" : "st", nCC(conq), dD, rN, 11558 bU ? '+' : '-', offset); 11559 goto decode_success_vfp; 11560 } 11561 11562 /* --------------------- dp insns (D) --------------------- */ 11563 if (BITS8(1,1,1,0,0,0,0,0) == (INSN(27,20) & BITS8(1,1,1,1,0,0,0,0)) 11564 && BITS4(1,0,1,1) == INSN(11,8) 11565 && BITS4(0,0,0,0) == (INSN(7,4) & BITS4(0,0,0,1))) { 11566 UInt dM = INSN(3,0) | (INSN(5,5) << 4); /* argR */ 11567 UInt dD = INSN(15,12) | (INSN(22,22) << 4); /* dst/acc */ 11568 UInt dN = INSN(19,16) | (INSN(7,7) << 4); /* argL */ 11569 UInt bP = (insn28 >> 23) & 1; 11570 UInt bQ = (insn28 >> 21) & 1; 11571 UInt bR = (insn28 >> 20) & 1; 11572 UInt bS = (insn28 >> 6) & 1; 11573 UInt opc = (bP << 3) | (bQ << 2) | (bR << 1) | bS; 11574 IRExpr* rm = get_FAKE_roundingmode(); /* XXXROUNDINGFIXME */ 11575 switch (opc) { 11576 case BITS4(0,0,0,0): /* MAC: d + n * m */ 11577 putDReg(dD, triop(Iop_AddF64, rm, 11578 getDReg(dD), 11579 triop(Iop_MulF64, rm, getDReg(dN), 11580 getDReg(dM))), 11581 condT); 11582 DIP("fmacd%s d%u, d%u, d%u\n", nCC(conq), dD, dN, dM); 11583 goto decode_success_vfp; 11584 case BITS4(0,0,0,1): /* NMAC: d + -(n * m) */ 11585 putDReg(dD, triop(Iop_AddF64, rm, 11586 getDReg(dD), 11587 unop(Iop_NegF64, 11588 triop(Iop_MulF64, rm, getDReg(dN), 11589 getDReg(dM)))), 11590 condT); 11591 DIP("fnmacd%s d%u, d%u, d%u\n", nCC(conq), dD, dN, dM); 11592 goto decode_success_vfp; 11593 case BITS4(0,0,1,0): /* MSC: - d + n * m */ 11594 putDReg(dD, triop(Iop_AddF64, rm, 11595 unop(Iop_NegF64, getDReg(dD)), 11596 triop(Iop_MulF64, rm, getDReg(dN), 11597 getDReg(dM))), 11598 condT); 11599 DIP("fmscd%s d%u, d%u, d%u\n", nCC(conq), dD, dN, dM); 11600 goto decode_success_vfp; 11601 case BITS4(0,0,1,1): /* NMSC: - d + -(n * m) */ 11602 putDReg(dD, triop(Iop_AddF64, rm, 11603 unop(Iop_NegF64, getDReg(dD)), 11604 unop(Iop_NegF64, 11605 triop(Iop_MulF64, rm, getDReg(dN), 11606 getDReg(dM)))), 11607 condT); 11608 DIP("fnmscd%s d%u, d%u, d%u\n", nCC(conq), dD, dN, dM); 11609 goto decode_success_vfp; 11610 case BITS4(0,1,0,0): /* MUL: n * m */ 11611 putDReg(dD, triop(Iop_MulF64, rm, getDReg(dN), getDReg(dM)), 11612 condT); 11613 DIP("fmuld%s d%u, d%u, d%u\n", nCC(conq), dD, dN, dM); 11614 goto decode_success_vfp; 11615 case BITS4(0,1,0,1): /* NMUL: - n * m */ 11616 putDReg(dD, unop(Iop_NegF64, 11617 triop(Iop_MulF64, rm, getDReg(dN), 11618 getDReg(dM))), 11619 condT); 11620 DIP("fnmuld%s d%u, d%u, d%u\n", nCC(conq), dD, dN, dM); 11621 goto decode_success_vfp; 11622 case BITS4(0,1,1,0): /* ADD: n + m */ 11623 putDReg(dD, triop(Iop_AddF64, rm, getDReg(dN), getDReg(dM)), 11624 condT); 11625 DIP("faddd%s d%u, d%u, d%u\n", nCC(conq), dD, dN, dM); 11626 goto decode_success_vfp; 11627 case BITS4(0,1,1,1): /* SUB: n - m */ 11628 putDReg(dD, triop(Iop_SubF64, rm, getDReg(dN), getDReg(dM)), 11629 condT); 11630 DIP("fsubd%s d%u, d%u, d%u\n", nCC(conq), dD, dN, dM); 11631 goto decode_success_vfp; 11632 case BITS4(1,0,0,0): /* DIV: n / m */ 11633 putDReg(dD, triop(Iop_DivF64, rm, getDReg(dN), getDReg(dM)), 11634 condT); 11635 DIP("fdivd%s d%u, d%u, d%u\n", nCC(conq), dD, dN, dM); 11636 goto decode_success_vfp; 11637 default: 11638 break; 11639 } 11640 } 11641 11642 /* --------------------- compares (D) --------------------- */ 11643 /* 31 27 23 19 15 11 7 3 11644 28 24 20 16 12 8 4 0 11645 FCMPD cond 1110 1D11 0100 Dd 1011 0100 Dm 11646 FCMPED cond 1110 1D11 0100 Dd 1011 1100 Dm 11647 FCMPZD cond 1110 1D11 0101 Dd 1011 0100 0000 11648 FCMPZED cond 1110 1D11 0101 Dd 1011 1100 0000 11649 Z N 11650 11651 Z=0 Compare Dd vs Dm and set FPSCR 31:28 accordingly 11652 Z=1 Compare Dd vs zero 11653 11654 N=1 generates Invalid Operation exn if either arg is any kind of NaN 11655 N=0 generates Invalid Operation exn if either arg is a signalling NaN 11656 (Not that we pay any attention to N here) 11657 */ 11658 if (BITS8(1,1,1,0,1,0,1,1) == (INSN(27,20) & BITS8(1,1,1,1,1,0,1,1)) 11659 && BITS4(0,1,0,0) == (INSN(19,16) & BITS4(1,1,1,0)) 11660 && BITS4(1,0,1,1) == INSN(11,8) 11661 && BITS4(0,1,0,0) == (INSN(7,4) & BITS4(0,1,0,1))) { 11662 UInt bZ = (insn28 >> 16) & 1; 11663 UInt bN = (insn28 >> 7) & 1; 11664 UInt dD = INSN(15,12) | (INSN(22,22) << 4); 11665 UInt dM = INSN(3,0) | (INSN(5,5) << 4); 11666 if (bZ && INSN(3,0) != 0) { 11667 /* does not decode; fall through */ 11668 } else { 11669 IRTemp argL = newTemp(Ity_F64); 11670 IRTemp argR = newTemp(Ity_F64); 11671 IRTemp irRes = newTemp(Ity_I32); 11672 assign(argL, getDReg(dD)); 11673 assign(argR, bZ ? IRExpr_Const(IRConst_F64i(0)) : getDReg(dM)); 11674 assign(irRes, binop(Iop_CmpF64, mkexpr(argL), mkexpr(argR))); 11675 11676 IRTemp nzcv = IRTemp_INVALID; 11677 IRTemp oldFPSCR = newTemp(Ity_I32); 11678 IRTemp newFPSCR = newTemp(Ity_I32); 11679 11680 /* This is where the fun starts. We have to convert 'irRes' 11681 from an IR-convention return result (IRCmpF64Result) to an 11682 ARM-encoded (N,Z,C,V) group. The final result is in the 11683 bottom 4 bits of 'nzcv'. */ 11684 /* Map compare result from IR to ARM(nzcv) */ 11685 /* 11686 FP cmp result | IR | ARM(nzcv) 11687 -------------------------------- 11688 UN 0x45 0011 11689 LT 0x01 1000 11690 GT 0x00 0010 11691 EQ 0x40 0110 11692 */ 11693 nzcv = mk_convert_IRCmpF64Result_to_NZCV(irRes); 11694 11695 /* And update FPSCR accordingly */ 11696 assign(oldFPSCR, IRExpr_Get(OFFB_FPSCR, Ity_I32)); 11697 assign(newFPSCR, 11698 binop(Iop_Or32, 11699 binop(Iop_And32, mkexpr(oldFPSCR), mkU32(0x0FFFFFFF)), 11700 binop(Iop_Shl32, mkexpr(nzcv), mkU8(28)))); 11701 11702 putMiscReg32(OFFB_FPSCR, mkexpr(newFPSCR), condT); 11703 11704 if (bZ) { 11705 DIP("fcmpz%sd%s d%u\n", bN ? "e" : "", nCC(conq), dD); 11706 } else { 11707 DIP("fcmp%sd%s d%u, d%u\n", bN ? "e" : "", nCC(conq), dD, dM); 11708 } 11709 goto decode_success_vfp; 11710 } 11711 /* fall through */ 11712 } 11713 11714 /* --------------------- unary (D) --------------------- */ 11715 if (BITS8(1,1,1,0,1,0,1,1) == (INSN(27,20) & BITS8(1,1,1,1,1,0,1,1)) 11716 && BITS4(0,0,0,0) == (INSN(19,16) & BITS4(1,1,1,0)) 11717 && BITS4(1,0,1,1) == INSN(11,8) 11718 && BITS4(0,1,0,0) == (INSN(7,4) & BITS4(0,1,0,1))) { 11719 UInt dD = INSN(15,12) | (INSN(22,22) << 4); 11720 UInt dM = INSN(3,0) | (INSN(5,5) << 4); 11721 UInt b16 = (insn28 >> 16) & 1; 11722 UInt b7 = (insn28 >> 7) & 1; 11723 /**/ if (b16 == 0 && b7 == 0) { 11724 // FCPYD 11725 putDReg(dD, getDReg(dM), condT); 11726 DIP("fcpyd%s d%u, d%u\n", nCC(conq), dD, dM); 11727 goto decode_success_vfp; 11728 } 11729 else if (b16 == 0 && b7 == 1) { 11730 // FABSD 11731 putDReg(dD, unop(Iop_AbsF64, getDReg(dM)), condT); 11732 DIP("fabsd%s d%u, d%u\n", nCC(conq), dD, dM); 11733 goto decode_success_vfp; 11734 } 11735 else if (b16 == 1 && b7 == 0) { 11736 // FNEGD 11737 putDReg(dD, unop(Iop_NegF64, getDReg(dM)), condT); 11738 DIP("fnegd%s d%u, d%u\n", nCC(conq), dD, dM); 11739 goto decode_success_vfp; 11740 } 11741 else if (b16 == 1 && b7 == 1) { 11742 // FSQRTD 11743 IRExpr* rm = get_FAKE_roundingmode(); /* XXXROUNDINGFIXME */ 11744 putDReg(dD, binop(Iop_SqrtF64, rm, getDReg(dM)), condT); 11745 DIP("fsqrtd%s d%u, d%u\n", nCC(conq), dD, dM); 11746 goto decode_success_vfp; 11747 } 11748 else 11749 vassert(0); 11750 11751 /* fall through */ 11752 } 11753 11754 /* ----------------- I <-> D conversions ----------------- */ 11755 11756 // F{S,U}ITOD dD, fM 11757 if (BITS8(1,1,1,0,1,0,1,1) == (INSN(27,20) & BITS8(1,1,1,1,1,0,1,1)) 11758 && BITS4(1,0,0,0) == (INSN(19,16) & BITS4(1,1,1,1)) 11759 && BITS4(1,0,1,1) == INSN(11,8) 11760 && BITS4(0,1,0,0) == (INSN(7,4) & BITS4(0,1,0,1))) { 11761 UInt bM = (insn28 >> 5) & 1; 11762 UInt fM = (INSN(3,0) << 1) | bM; 11763 UInt dD = INSN(15,12) | (INSN(22,22) << 4); 11764 UInt syned = (insn28 >> 7) & 1; 11765 if (syned) { 11766 // FSITOD 11767 putDReg(dD, unop(Iop_I32StoF64, 11768 unop(Iop_ReinterpF32asI32, getFReg(fM))), 11769 condT); 11770 DIP("fsitod%s d%u, s%u\n", nCC(conq), dD, fM); 11771 } else { 11772 // FUITOD 11773 putDReg(dD, unop(Iop_I32UtoF64, 11774 unop(Iop_ReinterpF32asI32, getFReg(fM))), 11775 condT); 11776 DIP("fuitod%s d%u, s%u\n", nCC(conq), dD, fM); 11777 } 11778 goto decode_success_vfp; 11779 } 11780 11781 // FTO{S,U}ID fD, dM 11782 if (BITS8(1,1,1,0,1,0,1,1) == (INSN(27,20) & BITS8(1,1,1,1,1,0,1,1)) 11783 && BITS4(1,1,0,0) == (INSN(19,16) & BITS4(1,1,1,0)) 11784 && BITS4(1,0,1,1) == INSN(11,8) 11785 && BITS4(0,1,0,0) == (INSN(7,4) & BITS4(0,1,0,1))) { 11786 UInt bD = (insn28 >> 22) & 1; 11787 UInt fD = (INSN(15,12) << 1) | bD; 11788 UInt dM = INSN(3,0) | (INSN(5,5) << 4); 11789 UInt bZ = (insn28 >> 7) & 1; 11790 UInt syned = (insn28 >> 16) & 1; 11791 IRTemp rmode = newTemp(Ity_I32); 11792 assign(rmode, bZ ? mkU32(Irrm_ZERO) 11793 : mkexpr(mk_get_IR_rounding_mode())); 11794 if (syned) { 11795 // FTOSID 11796 putFReg(fD, unop(Iop_ReinterpI32asF32, 11797 binop(Iop_F64toI32S, mkexpr(rmode), 11798 getDReg(dM))), 11799 condT); 11800 DIP("ftosi%sd%s s%u, d%u\n", bZ ? "z" : "", 11801 nCC(conq), fD, dM); 11802 } else { 11803 // FTOUID 11804 putFReg(fD, unop(Iop_ReinterpI32asF32, 11805 binop(Iop_F64toI32U, mkexpr(rmode), 11806 getDReg(dM))), 11807 condT); 11808 DIP("ftoui%sd%s s%u, d%u\n", bZ ? "z" : "", 11809 nCC(conq), fD, dM); 11810 } 11811 goto decode_success_vfp; 11812 } 11813 11814 /* ----------------------------------------------------------- */ 11815 /* -- VFP instructions -- single precision -- */ 11816 /* ----------------------------------------------------------- */ 11817 11818 /* --------------------- fldms, fstms --------------------- */ 11819 /* 11820 31 27 23 19 15 11 7 0 11821 P UDWL 11822 C4-98, C5-26 1 FSTMD cond 1100 1x00 Rn Fd 1010 offset 11823 C4-98, C5-28 2 FSTMDIA cond 1100 1x10 Rn Fd 1010 offset 11824 C4-98, C5-30 3 FSTMDDB cond 1101 0x10 Rn Fd 1010 offset 11825 11826 C4-40, C5-26 1 FLDMD cond 1100 1x01 Rn Fd 1010 offset 11827 C4-40, C5-26 2 FLDMIAD cond 1100 1x11 Rn Fd 1010 offset 11828 C4-40, C5-26 3 FLDMDBD cond 1101 0x11 Rn Fd 1010 offset 11829 11830 Regs transferred: F(Fd:D) .. F(Fd:d + offset) 11831 offset must not imply a reg > 15 11832 IA/DB: Rn is changed by (4 x # regs transferred) 11833 11834 case coding: 11835 1 at-Rn (access at Rn) 11836 2 ia-Rn (access at Rn, then Rn += 4n) 11837 3 db-Rn (Rn -= 4n, then access at Rn) 11838 */ 11839 if (BITS8(1,1,0,0,0,0,0,0) == (INSN(27,20) & BITS8(1,1,1,0,0,0,0,0)) 11840 && INSN(11,8) == BITS4(1,0,1,0)) { 11841 UInt bP = (insn28 >> 24) & 1; 11842 UInt bU = (insn28 >> 23) & 1; 11843 UInt bW = (insn28 >> 21) & 1; 11844 UInt bL = (insn28 >> 20) & 1; 11845 UInt bD = (insn28 >> 22) & 1; 11846 UInt offset = (insn28 >> 0) & 0xFF; 11847 UInt rN = INSN(19,16); 11848 UInt fD = (INSN(15,12) << 1) | bD; 11849 UInt nRegs = offset; 11850 UInt summary = 0; 11851 Int i; 11852 11853 /**/ if (bP == 0 && bU == 1 && bW == 0) { 11854 summary = 1; 11855 } 11856 else if (b