]> git.proxmox.com Git - qemu.git/blob - target-i386/translate.c
projects / qemu.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
target-i386: optimize setle
[qemu.git] / target-i386 / translate.c
1 /*
2 * i386 translation
3 *
4 * Copyright (c) 2003 Fabrice Bellard
5 *
6 * This library is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU Lesser General Public
8 * License as published by the Free Software Foundation; either
9 * version 2 of the License, or (at your option) any later version.
10 *
11 * This library is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 * Lesser General Public License for more details.
15 *
16 * You should have received a copy of the GNU Lesser General Public
17 * License along with this library; if not, see <http://www.gnu.org/licenses/>.
18 */
19 #include <stdarg.h>
20 #include <stdlib.h>
21 #include <stdio.h>
22 #include <string.h>
23 #include <inttypes.h>
24 #include <signal.h>
25
26 #include "cpu.h"
27 #include "disas/disas.h"
28 #include "tcg-op.h"
29
30 #include "helper.h"
31 #define GEN_HELPER 1
32 #include "helper.h"
33
34 #define PREFIX_REPZ 0x01
35 #define PREFIX_REPNZ 0x02
36 #define PREFIX_LOCK 0x04
37 #define PREFIX_DATA 0x08
38 #define PREFIX_ADR 0x10
39
40 #ifdef TARGET_X86_64
41 #define CODE64(s) ((s)->code64)
42 #define REX_X(s) ((s)->rex_x)
43 #define REX_B(s) ((s)->rex_b)
44 #else
45 #define CODE64(s) 0
46 #define REX_X(s) 0
47 #define REX_B(s) 0
48 #endif
49
50 //#define MACRO_TEST 1
51
52 /* global register indexes */
53 static TCGv_ptr cpu_env;
54 static TCGv cpu_A0, cpu_cc_src, cpu_cc_dst;
55 static TCGv_i32 cpu_cc_op;
56 static TCGv cpu_regs[CPU_NB_REGS];
57 /* local temps */
58 static TCGv cpu_T[2], cpu_T3;
59 /* local register indexes (only used inside old micro ops) */
60 static TCGv cpu_tmp0, cpu_tmp4;
61 static TCGv_ptr cpu_ptr0, cpu_ptr1;
62 static TCGv_i32 cpu_tmp2_i32, cpu_tmp3_i32;
63 static TCGv_i64 cpu_tmp1_i64;
64 static TCGv cpu_tmp5;
65
66 static uint8_t gen_opc_cc_op[OPC_BUF_SIZE];
67
68 #include "exec/gen-icount.h"
69
70 #ifdef TARGET_X86_64
71 static int x86_64_hregs;
72 #endif
73
74 typedef struct DisasContext {
75 /* current insn context */
76 int override; /* -1 if no override */
77 int prefix;
78 int aflag, dflag;
79 target_ulong pc; /* pc = eip + cs_base */
80 int is_jmp; /* 1 = means jump (stop translation), 2 means CPU
81 static state change (stop translation) */
82 /* current block context */
83 target_ulong cs_base; /* base of CS segment */
84 int pe; /* protected mode */
85 int code32; /* 32 bit code segment */
86 #ifdef TARGET_X86_64
87 int lma; /* long mode active */
88 int code64; /* 64 bit code segment */
89 int rex_x, rex_b;
90 #endif
91 int ss32; /* 32 bit stack segment */
92 CCOp cc_op; /* current CC operation */
93 bool cc_op_dirty;
94 int addseg; /* non zero if either DS/ES/SS have a non zero base */
95 int f_st; /* currently unused */
96 int vm86; /* vm86 mode */
97 int cpl;
98 int iopl;
99 int tf; /* TF cpu flag */
100 int singlestep_enabled; /* "hardware" single step enabled */
101 int jmp_opt; /* use direct block chaining for direct jumps */
102 int mem_index; /* select memory access functions */
103 uint64_t flags; /* all execution flags */
104 struct TranslationBlock *tb;
105 int popl_esp_hack; /* for correct popl with esp base handling */
106 int rip_offset; /* only used in x86_64, but left for simplicity */
107 int cpuid_features;
108 int cpuid_ext_features;
109 int cpuid_ext2_features;
110 int cpuid_ext3_features;
111 int cpuid_7_0_ebx_features;
112 } DisasContext;
113
114 static void gen_eob(DisasContext *s);
115 static void gen_jmp(DisasContext *s, target_ulong eip);
116 static void gen_jmp_tb(DisasContext *s, target_ulong eip, int tb_num);
117
118 /* i386 arith/logic operations */
119 enum {
120 OP_ADDL,
121 OP_ORL,
122 OP_ADCL,
123 OP_SBBL,
124 OP_ANDL,
125 OP_SUBL,
126 OP_XORL,
127 OP_CMPL,
128 };
129
130 /* i386 shift ops */
131 enum {
132 OP_ROL,
133 OP_ROR,
134 OP_RCL,
135 OP_RCR,
136 OP_SHL,
137 OP_SHR,
138 OP_SHL1, /* undocumented */
139 OP_SAR = 7,
140 };
141
142 enum {
143 JCC_O,
144 JCC_B,
145 JCC_Z,
146 JCC_BE,
147 JCC_S,
148 JCC_P,
149 JCC_L,
150 JCC_LE,
151 };
152
153 /* operand size */
154 enum {
155 OT_BYTE = 0,
156 OT_WORD,
157 OT_LONG,
158 OT_QUAD,
159 };
160
161 enum {
162 /* I386 int registers */
163 OR_EAX, /* MUST be even numbered */
164 OR_ECX,
165 OR_EDX,
166 OR_EBX,
167 OR_ESP,
168 OR_EBP,
169 OR_ESI,
170 OR_EDI,
171
172 OR_TMP0 = 16, /* temporary operand register */
173 OR_TMP1,
174 OR_A0, /* temporary register used when doing address evaluation */
175 };
176
177 enum {
178 USES_CC_DST = 1,
179 USES_CC_SRC = 2,
180 };
181
182 /* Bit set if the global variable is live after setting CC_OP to X. */
183 static const uint8_t cc_op_live[CC_OP_NB] = {
184 [CC_OP_DYNAMIC] = USES_CC_DST | USES_CC_SRC,
185 [CC_OP_EFLAGS] = USES_CC_SRC,
186 [CC_OP_MULB ... CC_OP_MULQ] = USES_CC_DST | USES_CC_SRC,
187 [CC_OP_ADDB ... CC_OP_ADDQ] = USES_CC_DST | USES_CC_SRC,
188 [CC_OP_ADCB ... CC_OP_ADCQ] = USES_CC_DST | USES_CC_SRC,
189 [CC_OP_SUBB ... CC_OP_SUBQ] = USES_CC_DST | USES_CC_SRC,
190 [CC_OP_SBBB ... CC_OP_SBBQ] = USES_CC_DST | USES_CC_SRC,
191 [CC_OP_LOGICB ... CC_OP_LOGICQ] = USES_CC_DST,
192 [CC_OP_INCB ... CC_OP_INCQ] = USES_CC_DST | USES_CC_SRC,
193 [CC_OP_DECB ... CC_OP_DECQ] = USES_CC_DST | USES_CC_SRC,
194 [CC_OP_SHLB ... CC_OP_SHLQ] = USES_CC_DST | USES_CC_SRC,
195 [CC_OP_SARB ... CC_OP_SARQ] = USES_CC_DST | USES_CC_SRC,
196 };
197
198 static void set_cc_op(DisasContext *s, CCOp op)
199 {
200 int dead;
201
202 if (s->cc_op == op) {
203 return;
204 }
205
206 /* Discard CC computation that will no longer be used. */
207 dead = cc_op_live[s->cc_op] & ~cc_op_live[op];
208 if (dead & USES_CC_DST) {
209 tcg_gen_discard_tl(cpu_cc_dst);
210 }
211 if (dead & USES_CC_SRC) {
212 tcg_gen_discard_tl(cpu_cc_src);
213 }
214
215 s->cc_op = op;
216 /* The DYNAMIC setting is translator only, and should never be
217 stored. Thus we always consider it clean. */
218 s->cc_op_dirty = (op != CC_OP_DYNAMIC);
219 }
220
221 static void gen_update_cc_op(DisasContext *s)
222 {
223 if (s->cc_op_dirty) {
224 tcg_gen_movi_i32(cpu_cc_op, s->cc_op);
225 s->cc_op_dirty = false;
226 }
227 }
228
229 static inline void gen_op_movl_T0_0(void)
230 {
231 tcg_gen_movi_tl(cpu_T[0], 0);
232 }
233
234 static inline void gen_op_movl_T0_im(int32_t val)
235 {
236 tcg_gen_movi_tl(cpu_T[0], val);
237 }
238
239 static inline void gen_op_movl_T0_imu(uint32_t val)
240 {
241 tcg_gen_movi_tl(cpu_T[0], val);
242 }
243
244 static inline void gen_op_movl_T1_im(int32_t val)
245 {
246 tcg_gen_movi_tl(cpu_T[1], val);
247 }
248
249 static inline void gen_op_movl_T1_imu(uint32_t val)
250 {
251 tcg_gen_movi_tl(cpu_T[1], val);
252 }
253
254 static inline void gen_op_movl_A0_im(uint32_t val)
255 {
256 tcg_gen_movi_tl(cpu_A0, val);
257 }
258
259 #ifdef TARGET_X86_64
260 static inline void gen_op_movq_A0_im(int64_t val)
261 {
262 tcg_gen_movi_tl(cpu_A0, val);
263 }
264 #endif
265
266 static inline void gen_movtl_T0_im(target_ulong val)
267 {
268 tcg_gen_movi_tl(cpu_T[0], val);
269 }
270
271 static inline void gen_movtl_T1_im(target_ulong val)
272 {
273 tcg_gen_movi_tl(cpu_T[1], val);
274 }
275
276 static inline void gen_op_andl_T0_ffff(void)
277 {
278 tcg_gen_andi_tl(cpu_T[0], cpu_T[0], 0xffff);
279 }
280
281 static inline void gen_op_andl_T0_im(uint32_t val)
282 {
283 tcg_gen_andi_tl(cpu_T[0], cpu_T[0], val);
284 }
285
286 static inline void gen_op_movl_T0_T1(void)
287 {
288 tcg_gen_mov_tl(cpu_T[0], cpu_T[1]);
289 }
290
291 static inline void gen_op_andl_A0_ffff(void)
292 {
293 tcg_gen_andi_tl(cpu_A0, cpu_A0, 0xffff);
294 }
295
296 #ifdef TARGET_X86_64
297
298 #define NB_OP_SIZES 4
299
300 #else /* !TARGET_X86_64 */
301
302 #define NB_OP_SIZES 3
303
304 #endif /* !TARGET_X86_64 */
305
306 #if defined(HOST_WORDS_BIGENDIAN)
307 #define REG_B_OFFSET (sizeof(target_ulong) - 1)
308 #define REG_H_OFFSET (sizeof(target_ulong) - 2)
309 #define REG_W_OFFSET (sizeof(target_ulong) - 2)
310 #define REG_L_OFFSET (sizeof(target_ulong) - 4)
311 #define REG_LH_OFFSET (sizeof(target_ulong) - 8)
312 #else
313 #define REG_B_OFFSET 0
314 #define REG_H_OFFSET 1
315 #define REG_W_OFFSET 0
316 #define REG_L_OFFSET 0
317 #define REG_LH_OFFSET 4
318 #endif
319
320 /* In instruction encodings for byte register accesses the
321 * register number usually indicates "low 8 bits of register N";
322 * however there are some special cases where N 4..7 indicates
323 * [AH, CH, DH, BH], ie "bits 15..8 of register N-4". Return
324 * true for this special case, false otherwise.
325 */
326 static inline bool byte_reg_is_xH(int reg)
327 {
328 if (reg < 4) {
329 return false;
330 }
331 #ifdef TARGET_X86_64
332 if (reg >= 8 || x86_64_hregs) {
333 return false;
334 }
335 #endif
336 return true;
337 }
338
339 static inline void gen_op_mov_reg_v(int ot, int reg, TCGv t0)
340 {
341 switch(ot) {
342 case OT_BYTE:
343 if (!byte_reg_is_xH(reg)) {
344 tcg_gen_deposit_tl(cpu_regs[reg], cpu_regs[reg], t0, 0, 8);
345 } else {
346 tcg_gen_deposit_tl(cpu_regs[reg - 4], cpu_regs[reg - 4], t0, 8, 8);
347 }
348 break;
349 case OT_WORD:
350 tcg_gen_deposit_tl(cpu_regs[reg], cpu_regs[reg], t0, 0, 16);
351 break;
352 default: /* XXX this shouldn't be reached; abort? */
353 case OT_LONG:
354 /* For x86_64, this sets the higher half of register to zero.
355 For i386, this is equivalent to a mov. */
356 tcg_gen_ext32u_tl(cpu_regs[reg], t0);
357 break;
358 #ifdef TARGET_X86_64
359 case OT_QUAD:
360 tcg_gen_mov_tl(cpu_regs[reg], t0);
361 break;
362 #endif
363 }
364 }
365
366 static inline void gen_op_mov_reg_T0(int ot, int reg)
367 {
368 gen_op_mov_reg_v(ot, reg, cpu_T[0]);
369 }
370
371 static inline void gen_op_mov_reg_T1(int ot, int reg)
372 {
373 gen_op_mov_reg_v(ot, reg, cpu_T[1]);
374 }
375
376 static inline void gen_op_mov_reg_A0(int size, int reg)
377 {
378 switch(size) {
379 case OT_BYTE:
380 tcg_gen_deposit_tl(cpu_regs[reg], cpu_regs[reg], cpu_A0, 0, 16);
381 break;
382 default: /* XXX this shouldn't be reached; abort? */
383 case OT_WORD:
384 /* For x86_64, this sets the higher half of register to zero.
385 For i386, this is equivalent to a mov. */
386 tcg_gen_ext32u_tl(cpu_regs[reg], cpu_A0);
387 break;
388 #ifdef TARGET_X86_64
389 case OT_LONG:
390 tcg_gen_mov_tl(cpu_regs[reg], cpu_A0);
391 break;
392 #endif
393 }
394 }
395
396 static inline void gen_op_mov_v_reg(int ot, TCGv t0, int reg)
397 {
398 if (ot == OT_BYTE && byte_reg_is_xH(reg)) {
399 tcg_gen_shri_tl(t0, cpu_regs[reg - 4], 8);
400 tcg_gen_ext8u_tl(t0, t0);
401 } else {
402 tcg_gen_mov_tl(t0, cpu_regs[reg]);
403 }
404 }
405
406 static inline void gen_op_mov_TN_reg(int ot, int t_index, int reg)
407 {
408 gen_op_mov_v_reg(ot, cpu_T[t_index], reg);
409 }
410
411 static inline void gen_op_movl_A0_reg(int reg)
412 {
413 tcg_gen_mov_tl(cpu_A0, cpu_regs[reg]);
414 }
415
416 static inline void gen_op_addl_A0_im(int32_t val)
417 {
418 tcg_gen_addi_tl(cpu_A0, cpu_A0, val);
419 #ifdef TARGET_X86_64
420 tcg_gen_andi_tl(cpu_A0, cpu_A0, 0xffffffff);
421 #endif
422 }
423
424 #ifdef TARGET_X86_64
425 static inline void gen_op_addq_A0_im(int64_t val)
426 {
427 tcg_gen_addi_tl(cpu_A0, cpu_A0, val);
428 }
429 #endif
430
431 static void gen_add_A0_im(DisasContext *s, int val)
432 {
433 #ifdef TARGET_X86_64
434 if (CODE64(s))
435 gen_op_addq_A0_im(val);
436 else
437 #endif
438 gen_op_addl_A0_im(val);
439 }
440
441 static inline void gen_op_addl_T0_T1(void)
442 {
443 tcg_gen_add_tl(cpu_T[0], cpu_T[0], cpu_T[1]);
444 }
445
446 static inline void gen_op_jmp_T0(void)
447 {
448 tcg_gen_st_tl(cpu_T[0], cpu_env, offsetof(CPUX86State, eip));
449 }
450
451 static inline void gen_op_add_reg_im(int size, int reg, int32_t val)
452 {
453 switch(size) {
454 case OT_BYTE:
455 tcg_gen_addi_tl(cpu_tmp0, cpu_regs[reg], val);
456 tcg_gen_deposit_tl(cpu_regs[reg], cpu_regs[reg], cpu_tmp0, 0, 16);
457 break;
458 case OT_WORD:
459 tcg_gen_addi_tl(cpu_tmp0, cpu_regs[reg], val);
460 /* For x86_64, this sets the higher half of register to zero.
461 For i386, this is equivalent to a nop. */
462 tcg_gen_ext32u_tl(cpu_tmp0, cpu_tmp0);
463 tcg_gen_mov_tl(cpu_regs[reg], cpu_tmp0);
464 break;
465 #ifdef TARGET_X86_64
466 case OT_LONG:
467 tcg_gen_addi_tl(cpu_regs[reg], cpu_regs[reg], val);
468 break;
469 #endif
470 }
471 }
472
473 static inline void gen_op_add_reg_T0(int size, int reg)
474 {
475 switch(size) {
476 case OT_BYTE:
477 tcg_gen_add_tl(cpu_tmp0, cpu_regs[reg], cpu_T[0]);
478 tcg_gen_deposit_tl(cpu_regs[reg], cpu_regs[reg], cpu_tmp0, 0, 16);
479 break;
480 case OT_WORD:
481 tcg_gen_add_tl(cpu_tmp0, cpu_regs[reg], cpu_T[0]);
482 /* For x86_64, this sets the higher half of register to zero.
483 For i386, this is equivalent to a nop. */
484 tcg_gen_ext32u_tl(cpu_tmp0, cpu_tmp0);
485 tcg_gen_mov_tl(cpu_regs[reg], cpu_tmp0);
486 break;
487 #ifdef TARGET_X86_64
488 case OT_LONG:
489 tcg_gen_add_tl(cpu_regs[reg], cpu_regs[reg], cpu_T[0]);
490 break;
491 #endif
492 }
493 }
494
495 static inline void gen_op_addl_A0_reg_sN(int shift, int reg)
496 {
497 tcg_gen_mov_tl(cpu_tmp0, cpu_regs[reg]);
498 if (shift != 0)
499 tcg_gen_shli_tl(cpu_tmp0, cpu_tmp0, shift);
500 tcg_gen_add_tl(cpu_A0, cpu_A0, cpu_tmp0);
501 /* For x86_64, this sets the higher half of register to zero.
502 For i386, this is equivalent to a nop. */
503 tcg_gen_ext32u_tl(cpu_A0, cpu_A0);
504 }
505
506 static inline void gen_op_movl_A0_seg(int reg)
507 {
508 tcg_gen_ld32u_tl(cpu_A0, cpu_env, offsetof(CPUX86State, segs[reg].base) + REG_L_OFFSET);
509 }
510
511 static inline void gen_op_addl_A0_seg(DisasContext *s, int reg)
512 {
513 tcg_gen_ld_tl(cpu_tmp0, cpu_env, offsetof(CPUX86State, segs[reg].base));
514 #ifdef TARGET_X86_64
515 if (CODE64(s)) {
516 tcg_gen_andi_tl(cpu_A0, cpu_A0, 0xffffffff);
517 tcg_gen_add_tl(cpu_A0, cpu_A0, cpu_tmp0);
518 } else {
519 tcg_gen_add_tl(cpu_A0, cpu_A0, cpu_tmp0);
520 tcg_gen_andi_tl(cpu_A0, cpu_A0, 0xffffffff);
521 }
522 #else
523 tcg_gen_add_tl(cpu_A0, cpu_A0, cpu_tmp0);
524 #endif
525 }
526
527 #ifdef TARGET_X86_64
528 static inline void gen_op_movq_A0_seg(int reg)
529 {
530 tcg_gen_ld_tl(cpu_A0, cpu_env, offsetof(CPUX86State, segs[reg].base));
531 }
532
533 static inline void gen_op_addq_A0_seg(int reg)
534 {
535 tcg_gen_ld_tl(cpu_tmp0, cpu_env, offsetof(CPUX86State, segs[reg].base));
536 tcg_gen_add_tl(cpu_A0, cpu_A0, cpu_tmp0);
537 }
538
539 static inline void gen_op_movq_A0_reg(int reg)
540 {
541 tcg_gen_mov_tl(cpu_A0, cpu_regs[reg]);
542 }
543
544 static inline void gen_op_addq_A0_reg_sN(int shift, int reg)
545 {
546 tcg_gen_mov_tl(cpu_tmp0, cpu_regs[reg]);
547 if (shift != 0)
548 tcg_gen_shli_tl(cpu_tmp0, cpu_tmp0, shift);
549 tcg_gen_add_tl(cpu_A0, cpu_A0, cpu_tmp0);
550 }
551 #endif
552
553 static inline void gen_op_lds_T0_A0(int idx)
554 {
555 int mem_index = (idx >> 2) - 1;
556 switch(idx & 3) {
557 case OT_BYTE:
558 tcg_gen_qemu_ld8s(cpu_T[0], cpu_A0, mem_index);
559 break;
560 case OT_WORD:
561 tcg_gen_qemu_ld16s(cpu_T[0], cpu_A0, mem_index);
562 break;
563 default:
564 case OT_LONG:
565 tcg_gen_qemu_ld32s(cpu_T[0], cpu_A0, mem_index);
566 break;
567 }
568 }
569
570 static inline void gen_op_ld_v(int idx, TCGv t0, TCGv a0)
571 {
572 int mem_index = (idx >> 2) - 1;
573 switch(idx & 3) {
574 case OT_BYTE:
575 tcg_gen_qemu_ld8u(t0, a0, mem_index);
576 break;
577 case OT_WORD:
578 tcg_gen_qemu_ld16u(t0, a0, mem_index);
579 break;
580 case OT_LONG:
581 tcg_gen_qemu_ld32u(t0, a0, mem_index);
582 break;
583 default:
584 case OT_QUAD:
585 /* Should never happen on 32-bit targets. */
586 #ifdef TARGET_X86_64
587 tcg_gen_qemu_ld64(t0, a0, mem_index);
588 #endif
589 break;
590 }
591 }
592
593 /* XXX: always use ldu or lds */
594 static inline void gen_op_ld_T0_A0(int idx)
595 {
596 gen_op_ld_v(idx, cpu_T[0], cpu_A0);
597 }
598
599 static inline void gen_op_ldu_T0_A0(int idx)
600 {
601 gen_op_ld_v(idx, cpu_T[0], cpu_A0);
602 }
603
604 static inline void gen_op_ld_T1_A0(int idx)
605 {
606 gen_op_ld_v(idx, cpu_T[1], cpu_A0);
607 }
608
609 static inline void gen_op_st_v(int idx, TCGv t0, TCGv a0)
610 {
611 int mem_index = (idx >> 2) - 1;
612 switch(idx & 3) {
613 case OT_BYTE:
614 tcg_gen_qemu_st8(t0, a0, mem_index);
615 break;
616 case OT_WORD:
617 tcg_gen_qemu_st16(t0, a0, mem_index);
618 break;
619 case OT_LONG:
620 tcg_gen_qemu_st32(t0, a0, mem_index);
621 break;
622 default:
623 case OT_QUAD:
624 /* Should never happen on 32-bit targets. */
625 #ifdef TARGET_X86_64
626 tcg_gen_qemu_st64(t0, a0, mem_index);
627 #endif
628 break;
629 }
630 }
631
632 static inline void gen_op_st_T0_A0(int idx)
633 {
634 gen_op_st_v(idx, cpu_T[0], cpu_A0);
635 }
636
637 static inline void gen_op_st_T1_A0(int idx)
638 {
639 gen_op_st_v(idx, cpu_T[1], cpu_A0);
640 }
641
642 static inline void gen_jmp_im(target_ulong pc)
643 {
644 tcg_gen_movi_tl(cpu_tmp0, pc);
645 tcg_gen_st_tl(cpu_tmp0, cpu_env, offsetof(CPUX86State, eip));
646 }
647
648 static inline void gen_string_movl_A0_ESI(DisasContext *s)
649 {
650 int override;
651
652 override = s->override;
653 #ifdef TARGET_X86_64
654 if (s->aflag == 2) {
655 if (override >= 0) {
656 gen_op_movq_A0_seg(override);
657 gen_op_addq_A0_reg_sN(0, R_ESI);
658 } else {
659 gen_op_movq_A0_reg(R_ESI);
660 }
661 } else
662 #endif
663 if (s->aflag) {
664 /* 32 bit address */
665 if (s->addseg && override < 0)
666 override = R_DS;
667 if (override >= 0) {
668 gen_op_movl_A0_seg(override);
669 gen_op_addl_A0_reg_sN(0, R_ESI);
670 } else {
671 gen_op_movl_A0_reg(R_ESI);
672 }
673 } else {
674 /* 16 address, always override */
675 if (override < 0)
676 override = R_DS;
677 gen_op_movl_A0_reg(R_ESI);
678 gen_op_andl_A0_ffff();
679 gen_op_addl_A0_seg(s, override);
680 }
681 }
682
683 static inline void gen_string_movl_A0_EDI(DisasContext *s)
684 {
685 #ifdef TARGET_X86_64
686 if (s->aflag == 2) {
687 gen_op_movq_A0_reg(R_EDI);
688 } else
689 #endif
690 if (s->aflag) {
691 if (s->addseg) {
692 gen_op_movl_A0_seg(R_ES);
693 gen_op_addl_A0_reg_sN(0, R_EDI);
694 } else {
695 gen_op_movl_A0_reg(R_EDI);
696 }
697 } else {
698 gen_op_movl_A0_reg(R_EDI);
699 gen_op_andl_A0_ffff();
700 gen_op_addl_A0_seg(s, R_ES);
701 }
702 }
703
704 static inline void gen_op_movl_T0_Dshift(int ot)
705 {
706 tcg_gen_ld32s_tl(cpu_T[0], cpu_env, offsetof(CPUX86State, df));
707 tcg_gen_shli_tl(cpu_T[0], cpu_T[0], ot);
708 };
709
710 static TCGv gen_ext_tl(TCGv dst, TCGv src, int size, bool sign)
711 {
712 switch (size) {
713 case OT_BYTE:
714 if (sign) {
715 tcg_gen_ext8s_tl(dst, src);
716 } else {
717 tcg_gen_ext8u_tl(dst, src);
718 }
719 return dst;
720 case OT_WORD:
721 if (sign) {
722 tcg_gen_ext16s_tl(dst, src);
723 } else {
724 tcg_gen_ext16u_tl(dst, src);
725 }
726 return dst;
727 #ifdef TARGET_X86_64
728 case OT_LONG:
729 if (sign) {
730 tcg_gen_ext32s_tl(dst, src);
731 } else {
732 tcg_gen_ext32u_tl(dst, src);
733 }
734 return dst;
735 #endif
736 default:
737 return src;
738 }
739 }
740
741 static void gen_extu(int ot, TCGv reg)
742 {
743 gen_ext_tl(reg, reg, ot, false);
744 }
745
746 static void gen_exts(int ot, TCGv reg)
747 {
748 gen_ext_tl(reg, reg, ot, true);
749 }
750
751 static inline void gen_op_jnz_ecx(int size, int label1)
752 {
753 tcg_gen_mov_tl(cpu_tmp0, cpu_regs[R_ECX]);
754 gen_extu(size + 1, cpu_tmp0);
755 tcg_gen_brcondi_tl(TCG_COND_NE, cpu_tmp0, 0, label1);
756 }
757
758 static inline void gen_op_jz_ecx(int size, int label1)
759 {
760 tcg_gen_mov_tl(cpu_tmp0, cpu_regs[R_ECX]);
761 gen_extu(size + 1, cpu_tmp0);
762 tcg_gen_brcondi_tl(TCG_COND_EQ, cpu_tmp0, 0, label1);
763 }
764
765 static void gen_helper_in_func(int ot, TCGv v, TCGv_i32 n)
766 {
767 switch (ot) {
768 case OT_BYTE:
769 gen_helper_inb(v, n);
770 break;
771 case OT_WORD:
772 gen_helper_inw(v, n);
773 break;
774 case OT_LONG:
775 gen_helper_inl(v, n);
776 break;
777 }
778 }
779
780 static void gen_helper_out_func(int ot, TCGv_i32 v, TCGv_i32 n)
781 {
782 switch (ot) {
783 case OT_BYTE:
784 gen_helper_outb(v, n);
785 break;
786 case OT_WORD:
787 gen_helper_outw(v, n);
788 break;
789 case OT_LONG:
790 gen_helper_outl(v, n);
791 break;
792 }
793 }
794
795 static void gen_check_io(DisasContext *s, int ot, target_ulong cur_eip,
796 uint32_t svm_flags)
797 {
798 int state_saved;
799 target_ulong next_eip;
800
801 state_saved = 0;
802 if (s->pe && (s->cpl > s->iopl || s->vm86)) {
803 gen_update_cc_op(s);
804 gen_jmp_im(cur_eip);
805 state_saved = 1;
806 tcg_gen_trunc_tl_i32(cpu_tmp2_i32, cpu_T[0]);
807 switch (ot) {
808 case OT_BYTE:
809 gen_helper_check_iob(cpu_env, cpu_tmp2_i32);
810 break;
811 case OT_WORD:
812 gen_helper_check_iow(cpu_env, cpu_tmp2_i32);
813 break;
814 case OT_LONG:
815 gen_helper_check_iol(cpu_env, cpu_tmp2_i32);
816 break;
817 }
818 }
819 if(s->flags & HF_SVMI_MASK) {
820 if (!state_saved) {
821 gen_update_cc_op(s);
822 gen_jmp_im(cur_eip);
823 }
824 svm_flags |= (1 << (4 + ot));
825 next_eip = s->pc - s->cs_base;
826 tcg_gen_trunc_tl_i32(cpu_tmp2_i32, cpu_T[0]);
827 gen_helper_svm_check_io(cpu_env, cpu_tmp2_i32,
828 tcg_const_i32(svm_flags),
829 tcg_const_i32(next_eip - cur_eip));
830 }
831 }
832
833 static inline void gen_movs(DisasContext *s, int ot)
834 {
835 gen_string_movl_A0_ESI(s);
836 gen_op_ld_T0_A0(ot + s->mem_index);
837 gen_string_movl_A0_EDI(s);
838 gen_op_st_T0_A0(ot + s->mem_index);
839 gen_op_movl_T0_Dshift(ot);
840 gen_op_add_reg_T0(s->aflag, R_ESI);
841 gen_op_add_reg_T0(s->aflag, R_EDI);
842 }
843
844 static void gen_op_update1_cc(void)
845 {
846 tcg_gen_mov_tl(cpu_cc_dst, cpu_T[0]);
847 }
848
849 static void gen_op_update2_cc(void)
850 {
851 tcg_gen_mov_tl(cpu_cc_src, cpu_T[1]);
852 tcg_gen_mov_tl(cpu_cc_dst, cpu_T[0]);
853 }
854
855 static inline void gen_op_cmpl_T0_T1_cc(void)
856 {
857 tcg_gen_mov_tl(cpu_cc_src, cpu_T[1]);
858 tcg_gen_sub_tl(cpu_cc_dst, cpu_T[0], cpu_T[1]);
859 }
860
861 static inline void gen_op_testl_T0_T1_cc(void)
862 {
863 tcg_gen_and_tl(cpu_cc_dst, cpu_T[0], cpu_T[1]);
864 }
865
866 static void gen_op_update_neg_cc(void)
867 {
868 tcg_gen_neg_tl(cpu_cc_src, cpu_T[0]);
869 tcg_gen_mov_tl(cpu_cc_dst, cpu_T[0]);
870 }
871
872 /* compute all eflags to cc_src */
873 static void gen_compute_eflags(DisasContext *s)
874 {
875 if (s->cc_op == CC_OP_EFLAGS) {
876 return;
877 }
878 gen_update_cc_op(s);
879 gen_helper_cc_compute_all(cpu_tmp2_i32, cpu_env, cpu_cc_op);
880 set_cc_op(s, CC_OP_EFLAGS);
881 tcg_gen_extu_i32_tl(cpu_cc_src, cpu_tmp2_i32);
882 }
883
884 /* compute eflags.C to reg */
885 static void gen_compute_eflags_c(DisasContext *s, TCGv reg, bool inv)
886 {
887 TCGv t0, t1;
888 int size;
889
890 switch (s->cc_op) {
891 case CC_OP_SUBB ... CC_OP_SUBQ:
892 /* (DATA_TYPE)(CC_DST + CC_SRC) < (DATA_TYPE)CC_SRC */
893 size = s->cc_op - CC_OP_SUBB;
894 t1 = gen_ext_tl(cpu_tmp0, cpu_cc_src, size, false);
895 /* If no temporary was used, be careful not to alias t1 and t0. */
896 t0 = TCGV_EQUAL(t1, cpu_cc_src) ? cpu_tmp0 : reg;
897 tcg_gen_add_tl(t0, cpu_cc_dst, cpu_cc_src);
898 gen_extu(size, t0);
899 goto add_sub;
900
901 case CC_OP_ADDB ... CC_OP_ADDQ:
902 /* (DATA_TYPE)CC_DST < (DATA_TYPE)CC_SRC */
903 size = s->cc_op - CC_OP_ADDB;
904 t1 = gen_ext_tl(cpu_tmp0, cpu_cc_src, size, false);
905 t0 = gen_ext_tl(reg, cpu_cc_dst, size, false);
906 add_sub:
907 tcg_gen_setcond_tl(inv ? TCG_COND_GEU : TCG_COND_LTU, reg, t0, t1);
908 inv = false;
909 break;
910
911 case CC_OP_SBBB ... CC_OP_SBBQ:
912 /* (DATA_TYPE)(CC_DST + CC_SRC + 1) <= (DATA_TYPE)CC_SRC */
913 size = s->cc_op - CC_OP_SBBB;
914 t1 = gen_ext_tl(cpu_tmp0, cpu_cc_src, size, false);
915 if (TCGV_EQUAL(t1, reg) && TCGV_EQUAL(reg, cpu_cc_src)) {
916 tcg_gen_mov_tl(cpu_tmp0, cpu_cc_src);
917 t1 = cpu_tmp0;
918 }
919
920 tcg_gen_add_tl(reg, cpu_cc_dst, cpu_cc_src);
921 tcg_gen_addi_tl(reg, reg, 1);
922 gen_extu(size, reg);
923 t0 = reg;
924 goto adc_sbb;
925
926 case CC_OP_ADCB ... CC_OP_ADCQ:
927 /* (DATA_TYPE)CC_DST <= (DATA_TYPE)CC_SRC */
928 size = s->cc_op - CC_OP_ADCB;
929 t1 = gen_ext_tl(cpu_tmp0, cpu_cc_src, size, false);
930 t0 = gen_ext_tl(reg, cpu_cc_dst, size, false);
931 adc_sbb:
932 tcg_gen_setcond_tl(inv ? TCG_COND_GTU : TCG_COND_LEU, reg, t0, t1);
933 inv = false;
934 break;
935
936 case CC_OP_LOGICB ... CC_OP_LOGICQ:
937 tcg_gen_movi_tl(reg, 0);
938 break;
939
940 case CC_OP_INCB ... CC_OP_INCQ:
941 case CC_OP_DECB ... CC_OP_DECQ:
942 if (inv) {
943 tcg_gen_xori_tl(reg, cpu_cc_src, 1);
944 } else {
945 tcg_gen_mov_tl(reg, cpu_cc_src);
946 }
947 inv = false;
948 break;
949
950 case CC_OP_SHLB ... CC_OP_SHLQ:
951 /* (CC_SRC >> (DATA_BITS - 1)) & 1 */
952 size = s->cc_op - CC_OP_SHLB;
953 tcg_gen_shri_tl(reg, cpu_cc_src, (8 << size) - 1);
954 tcg_gen_andi_tl(reg, reg, 1);
955 break;
956
957 case CC_OP_MULB ... CC_OP_MULQ:
958 tcg_gen_setcondi_tl(inv ? TCG_COND_EQ : TCG_COND_NE,
959 reg, cpu_cc_src, 0);
960 inv = false;
961 break;
962
963 case CC_OP_EFLAGS:
964 case CC_OP_SARB ... CC_OP_SARQ:
965 /* CC_SRC & 1 */
966 tcg_gen_andi_tl(reg, cpu_cc_src, 1);
967 break;
968
969 default:
970 /* The need to compute only C from CC_OP_DYNAMIC is important
971 in efficiently implementing e.g. INC at the start of a TB. */
972 gen_update_cc_op(s);
973 gen_helper_cc_compute_c(cpu_tmp2_i32, cpu_env, cpu_cc_op);
974 tcg_gen_extu_i32_tl(reg, cpu_tmp2_i32);
975 break;
976 }
977 if (inv) {
978 tcg_gen_xori_tl(reg, reg, 1);
979 }
980 }
981
982 /* compute eflags.P to reg */
983 static void gen_compute_eflags_p(DisasContext *s, TCGv reg)
984 {
985 gen_compute_eflags(s);
986 tcg_gen_shri_tl(reg, cpu_cc_src, 2);
987 tcg_gen_andi_tl(reg, reg, 1);
988 }
989
990 /* compute eflags.S to reg */
991 static void gen_compute_eflags_s(DisasContext *s, TCGv reg, bool inv)
992 {
993 switch (s->cc_op) {
994 case CC_OP_DYNAMIC:
995 gen_compute_eflags(s);
996 /* FALLTHRU */
997 case CC_OP_EFLAGS:
998 tcg_gen_shri_tl(reg, cpu_cc_src, 7);
999 tcg_gen_andi_tl(reg, reg, 1);
1000 if (inv) {
1001 tcg_gen_xori_tl(reg, reg, 1);
1002 }
1003 break;
1004 default:
1005 {
1006 int size = (s->cc_op - CC_OP_ADDB) & 3;
1007 TCGv t0 = gen_ext_tl(reg, cpu_cc_dst, size, true);
1008 tcg_gen_setcondi_tl(inv ? TCG_COND_GE : TCG_COND_LT, reg, t0, 0);
1009 }
1010 break;
1011 }
1012 }
1013
1014 /* compute eflags.O to reg */
1015 static void gen_compute_eflags_o(DisasContext *s, TCGv reg)
1016 {
1017 gen_compute_eflags(s);
1018 tcg_gen_shri_tl(reg, cpu_cc_src, 11);
1019 tcg_gen_andi_tl(reg, reg, 1);
1020 }
1021
1022 /* compute eflags.Z to reg */
1023 static void gen_compute_eflags_z(DisasContext *s, TCGv reg, bool inv)
1024 {
1025 switch (s->cc_op) {
1026 case CC_OP_DYNAMIC:
1027 gen_compute_eflags(s);
1028 /* FALLTHRU */
1029 case CC_OP_EFLAGS:
1030 tcg_gen_shri_tl(reg, cpu_cc_src, 6);
1031 tcg_gen_andi_tl(reg, reg, 1);
1032 if (inv) {
1033 tcg_gen_xori_tl(reg, reg, 1);
1034 }
1035 break;
1036 default:
1037 {
1038 int size = (s->cc_op - CC_OP_ADDB) & 3;
1039 TCGv t0 = gen_ext_tl(reg, cpu_cc_dst, size, false);
1040 tcg_gen_setcondi_tl(inv ? TCG_COND_NE : TCG_COND_EQ, reg, t0, 0);
1041 }
1042 break;
1043 }
1044 }
1045
1046 static void gen_setcc_slow(DisasContext *s, int jcc_op, TCGv reg, bool inv)
1047 {
1048 switch(jcc_op) {
1049 case JCC_O:
1050 gen_compute_eflags_o(s, reg);
1051 break;
1052 case JCC_B:
1053 gen_compute_eflags_c(s, reg, inv);
1054 inv = false;
1055 break;
1056 case JCC_Z:
1057 gen_compute_eflags_z(s, reg, inv);
1058 inv = false;
1059 break;
1060 case JCC_BE:
1061 gen_compute_eflags(s);
1062 tcg_gen_andi_tl(reg, cpu_cc_src, CC_Z | CC_C);
1063 tcg_gen_setcondi_tl(inv ? TCG_COND_EQ : TCG_COND_NE, reg, reg, 0);
1064 return;
1065 case JCC_S:
1066 gen_compute_eflags_s(s, reg, inv);
1067 inv = false;
1068 break;
1069 case JCC_P:
1070 gen_compute_eflags_p(s, reg);
1071 break;
1072 case JCC_L:
1073 gen_compute_eflags(s);
1074 tcg_gen_shri_tl(cpu_tmp0, cpu_cc_src, 11); /* CC_O */
1075 tcg_gen_shri_tl(reg, cpu_cc_src, 7); /* CC_S */
1076 tcg_gen_xor_tl(reg, reg, cpu_tmp0);
1077 tcg_gen_andi_tl(reg, reg, 1);
1078 break;
1079 default:
1080 case JCC_LE:
1081 gen_compute_eflags(s);
1082 tcg_gen_shri_tl(cpu_tmp0, cpu_cc_src, 4); /* CC_O -> CC_S */
1083 tcg_gen_xor_tl(reg, cpu_tmp0, cpu_cc_src);
1084 tcg_gen_andi_tl(reg, reg, CC_S | CC_Z);
1085 tcg_gen_setcondi_tl(inv ? TCG_COND_EQ : TCG_COND_NE, reg, reg, 0);
1086 break;
1087 }
1088 if (inv) {
1089 tcg_gen_xori_tl(reg, reg, 1);
1090 }
1091 }
1092
1093 /* return true if setcc_slow is not needed (WARNING: must be kept in
1094 sync with gen_jcc1) */
1095 static int is_fast_jcc_case(DisasContext *s, int b)
1096 {
1097 int jcc_op;
1098 jcc_op = (b >> 1) & 7;
1099 switch(s->cc_op) {
1100 /* we optimize the cmp/jcc case */
1101 case CC_OP_SUBB:
1102 case CC_OP_SUBW:
1103 case CC_OP_SUBL:
1104 case CC_OP_SUBQ:
1105 if (jcc_op == JCC_O || jcc_op == JCC_P)
1106 goto slow_jcc;
1107 break;
1108
1109 /* some jumps are easy to compute */
1110 case CC_OP_ADDB:
1111 case CC_OP_ADDW:
1112 case CC_OP_ADDL:
1113 case CC_OP_ADDQ:
1114
1115 case CC_OP_LOGICB:
1116 case CC_OP_LOGICW:
1117 case CC_OP_LOGICL:
1118 case CC_OP_LOGICQ:
1119
1120 case CC_OP_INCB:
1121 case CC_OP_INCW:
1122 case CC_OP_INCL:
1123 case CC_OP_INCQ:
1124
1125 case CC_OP_DECB:
1126 case CC_OP_DECW:
1127 case CC_OP_DECL:
1128 case CC_OP_DECQ:
1129
1130 case CC_OP_SHLB:
1131 case CC_OP_SHLW:
1132 case CC_OP_SHLL:
1133 case CC_OP_SHLQ:
1134 if (jcc_op != JCC_Z && jcc_op != JCC_S)
1135 goto slow_jcc;
1136 break;
1137 default:
1138 slow_jcc:
1139 return 0;
1140 }
1141 return 1;
1142 }
1143
1144 /* generate a conditional jump to label 'l1' according to jump opcode
1145 value 'b'. In the fast case, T0 is guaranted not to be used. */
1146 static inline void gen_jcc1(DisasContext *s, int b, int l1)
1147 {
1148 int inv, jcc_op, size, cond;
1149 TCGv t0;
1150
1151 inv = b & 1;
1152 jcc_op = (b >> 1) & 7;
1153
1154 switch (s->cc_op) {
1155 /* we optimize the cmp/jcc case */
1156 case CC_OP_SUBB:
1157 case CC_OP_SUBW:
1158 case CC_OP_SUBL:
1159 case CC_OP_SUBQ:
1160
1161 size = s->cc_op - CC_OP_SUBB;
1162 switch(jcc_op) {
1163 case JCC_Z:
1164 fast_jcc_z:
1165 t0 = gen_ext_tl(cpu_tmp0, cpu_cc_dst, size, false);
1166 tcg_gen_brcondi_tl(inv ? TCG_COND_NE : TCG_COND_EQ, t0, 0, l1);
1167 break;
1168 case JCC_S:
1169 fast_jcc_s:
1170 t0 = gen_ext_tl(cpu_tmp0, cpu_cc_dst, size, true);
1171 tcg_gen_brcondi_tl(inv ? TCG_COND_GE : TCG_COND_LT, t0, 0, l1);
1172 break;
1173
1174 case JCC_B:
1175 cond = inv ? TCG_COND_GEU : TCG_COND_LTU;
1176 goto fast_jcc_b;
1177 case JCC_BE:
1178 cond = inv ? TCG_COND_GTU : TCG_COND_LEU;
1179 fast_jcc_b:
1180 tcg_gen_add_tl(cpu_tmp4, cpu_cc_dst, cpu_cc_src);
1181 gen_extu(size, cpu_tmp4);
1182 t0 = gen_ext_tl(cpu_tmp0, cpu_cc_src, size, false);
1183 tcg_gen_brcond_tl(cond, cpu_tmp4, t0, l1);
1184 break;
1185
1186 case JCC_L:
1187 cond = inv ? TCG_COND_GE : TCG_COND_LT;
1188 goto fast_jcc_l;
1189 case JCC_LE:
1190 cond = inv ? TCG_COND_GT : TCG_COND_LE;
1191 fast_jcc_l:
1192 tcg_gen_add_tl(cpu_tmp4, cpu_cc_dst, cpu_cc_src);
1193 gen_exts(size, cpu_tmp4);
1194 t0 = gen_ext_tl(cpu_tmp0, cpu_cc_src, size, true);
1195 tcg_gen_brcond_tl(cond, cpu_tmp4, t0, l1);
1196 break;
1197
1198 default:
1199 goto slow_jcc;
1200 }
1201 break;
1202
1203 /* some jumps are easy to compute */
1204 case CC_OP_ADDB:
1205 case CC_OP_ADDW:
1206 case CC_OP_ADDL:
1207 case CC_OP_ADDQ:
1208
1209 case CC_OP_ADCB:
1210 case CC_OP_ADCW:
1211 case CC_OP_ADCL:
1212 case CC_OP_ADCQ:
1213
1214 case CC_OP_SBBB:
1215 case CC_OP_SBBW:
1216 case CC_OP_SBBL:
1217 case CC_OP_SBBQ:
1218
1219 case CC_OP_LOGICB:
1220 case CC_OP_LOGICW:
1221 case CC_OP_LOGICL:
1222 case CC_OP_LOGICQ:
1223
1224 case CC_OP_INCB:
1225 case CC_OP_INCW:
1226 case CC_OP_INCL:
1227 case CC_OP_INCQ:
1228
1229 case CC_OP_DECB:
1230 case CC_OP_DECW:
1231 case CC_OP_DECL:
1232 case CC_OP_DECQ:
1233
1234 case CC_OP_SHLB:
1235 case CC_OP_SHLW:
1236 case CC_OP_SHLL:
1237 case CC_OP_SHLQ:
1238
1239 case CC_OP_SARB:
1240 case CC_OP_SARW:
1241 case CC_OP_SARL:
1242 case CC_OP_SARQ:
1243 switch(jcc_op) {
1244 case JCC_Z:
1245 size = (s->cc_op - CC_OP_ADDB) & 3;
1246 goto fast_jcc_z;
1247 case JCC_S:
1248 size = (s->cc_op - CC_OP_ADDB) & 3;
1249 goto fast_jcc_s;
1250 default:
1251 goto slow_jcc;
1252 }
1253 break;
1254 default:
1255 slow_jcc:
1256 gen_setcc_slow(s, jcc_op, cpu_T[0], false);
1257 tcg_gen_brcondi_tl(inv ? TCG_COND_EQ : TCG_COND_NE,
1258 cpu_T[0], 0, l1);
1259 break;
1260 }
1261 }
1262
1263 /* XXX: does not work with gdbstub "ice" single step - not a
1264 serious problem */
1265 static int gen_jz_ecx_string(DisasContext *s, target_ulong next_eip)
1266 {
1267 int l1, l2;
1268
1269 l1 = gen_new_label();
1270 l2 = gen_new_label();
1271 gen_op_jnz_ecx(s->aflag, l1);
1272 gen_set_label(l2);
1273 gen_jmp_tb(s, next_eip, 1);
1274 gen_set_label(l1);
1275 return l2;
1276 }
1277
1278 static inline void gen_stos(DisasContext *s, int ot)
1279 {
1280 gen_op_mov_TN_reg(OT_LONG, 0, R_EAX);
1281 gen_string_movl_A0_EDI(s);
1282 gen_op_st_T0_A0(ot + s->mem_index);
1283 gen_op_movl_T0_Dshift(ot);
1284 gen_op_add_reg_T0(s->aflag, R_EDI);
1285 }
1286
1287 static inline void gen_lods(DisasContext *s, int ot)
1288 {
1289 gen_string_movl_A0_ESI(s);
1290 gen_op_ld_T0_A0(ot + s->mem_index);
1291 gen_op_mov_reg_T0(ot, R_EAX);
1292 gen_op_movl_T0_Dshift(ot);
1293 gen_op_add_reg_T0(s->aflag, R_ESI);
1294 }
1295
1296 static inline void gen_scas(DisasContext *s, int ot)
1297 {
1298 gen_op_mov_TN_reg(OT_LONG, 0, R_EAX);
1299 gen_string_movl_A0_EDI(s);
1300 gen_op_ld_T1_A0(ot + s->mem_index);
1301 gen_op_cmpl_T0_T1_cc();
1302 gen_op_movl_T0_Dshift(ot);
1303 gen_op_add_reg_T0(s->aflag, R_EDI);
1304 set_cc_op(s, CC_OP_SUBB + ot);
1305 }
1306
1307 static inline void gen_cmps(DisasContext *s, int ot)
1308 {
1309 gen_string_movl_A0_ESI(s);
1310 gen_op_ld_T0_A0(ot + s->mem_index);
1311 gen_string_movl_A0_EDI(s);
1312 gen_op_ld_T1_A0(ot + s->mem_index);
1313 gen_op_cmpl_T0_T1_cc();
1314 gen_op_movl_T0_Dshift(ot);
1315 gen_op_add_reg_T0(s->aflag, R_ESI);
1316 gen_op_add_reg_T0(s->aflag, R_EDI);
1317 set_cc_op(s, CC_OP_SUBB + ot);
1318 }
1319
1320 static inline void gen_ins(DisasContext *s, int ot)
1321 {
1322 if (use_icount)
1323 gen_io_start();
1324 gen_string_movl_A0_EDI(s);
1325 /* Note: we must do this dummy write first to be restartable in
1326 case of page fault. */
1327 gen_op_movl_T0_0();
1328 gen_op_st_T0_A0(ot + s->mem_index);
1329 gen_op_mov_TN_reg(OT_WORD, 1, R_EDX);
1330 tcg_gen_trunc_tl_i32(cpu_tmp2_i32, cpu_T[1]);
1331 tcg_gen_andi_i32(cpu_tmp2_i32, cpu_tmp2_i32, 0xffff);
1332 gen_helper_in_func(ot, cpu_T[0], cpu_tmp2_i32);
1333 gen_op_st_T0_A0(ot + s->mem_index);
1334 gen_op_movl_T0_Dshift(ot);
1335 gen_op_add_reg_T0(s->aflag, R_EDI);
1336 if (use_icount)
1337 gen_io_end();
1338 }
1339
1340 static inline void gen_outs(DisasContext *s, int ot)
1341 {
1342 if (use_icount)
1343 gen_io_start();
1344 gen_string_movl_A0_ESI(s);
1345 gen_op_ld_T0_A0(ot + s->mem_index);
1346
1347 gen_op_mov_TN_reg(OT_WORD, 1, R_EDX);
1348 tcg_gen_trunc_tl_i32(cpu_tmp2_i32, cpu_T[1]);
1349 tcg_gen_andi_i32(cpu_tmp2_i32, cpu_tmp2_i32, 0xffff);
1350 tcg_gen_trunc_tl_i32(cpu_tmp3_i32, cpu_T[0]);
1351 gen_helper_out_func(ot, cpu_tmp2_i32, cpu_tmp3_i32);
1352
1353 gen_op_movl_T0_Dshift(ot);
1354 gen_op_add_reg_T0(s->aflag, R_ESI);
1355 if (use_icount)
1356 gen_io_end();
1357 }
1358
1359 /* same method as Valgrind : we generate jumps to current or next
1360 instruction */
1361 #define GEN_REPZ(op) \
1362 static inline void gen_repz_ ## op(DisasContext *s, int ot, \
1363 target_ulong cur_eip, target_ulong next_eip) \
1364 { \
1365 int l2;\
1366 gen_update_cc_op(s); \
1367 l2 = gen_jz_ecx_string(s, next_eip); \
1368 gen_ ## op(s, ot); \
1369 gen_op_add_reg_im(s->aflag, R_ECX, -1); \
1370 /* a loop would cause two single step exceptions if ECX = 1 \
1371 before rep string_insn */ \
1372 if (!s->jmp_opt) \
1373 gen_op_jz_ecx(s->aflag, l2); \
1374 gen_jmp(s, cur_eip); \
1375 }
1376
1377 #define GEN_REPZ2(op) \
1378 static inline void gen_repz_ ## op(DisasContext *s, int ot, \
1379 target_ulong cur_eip, \
1380 target_ulong next_eip, \
1381 int nz) \
1382 { \
1383 int l2;\
1384 gen_update_cc_op(s); \
1385 l2 = gen_jz_ecx_string(s, next_eip); \
1386 gen_ ## op(s, ot); \
1387 gen_op_add_reg_im(s->aflag, R_ECX, -1); \
1388 gen_update_cc_op(s); \
1389 gen_jcc1(s, (JCC_Z << 1) | (nz ^ 1), l2); \
1390 if (!s->jmp_opt) \
1391 gen_op_jz_ecx(s->aflag, l2); \
1392 gen_jmp(s, cur_eip); \
1393 set_cc_op(s, CC_OP_DYNAMIC); \
1394 }
1395
1396 GEN_REPZ(movs)
1397 GEN_REPZ(stos)
1398 GEN_REPZ(lods)
1399 GEN_REPZ(ins)
1400 GEN_REPZ(outs)
1401 GEN_REPZ2(scas)
1402 GEN_REPZ2(cmps)
1403
1404 static void gen_helper_fp_arith_ST0_FT0(int op)
1405 {
1406 switch (op) {
1407 case 0:
1408 gen_helper_fadd_ST0_FT0(cpu_env);
1409 break;
1410 case 1:
1411 gen_helper_fmul_ST0_FT0(cpu_env);
1412 break;
1413 case 2:
1414 gen_helper_fcom_ST0_FT0(cpu_env);
1415 break;
1416 case 3:
1417 gen_helper_fcom_ST0_FT0(cpu_env);
1418 break;
1419 case 4:
1420 gen_helper_fsub_ST0_FT0(cpu_env);
1421 break;
1422 case 5:
1423 gen_helper_fsubr_ST0_FT0(cpu_env);
1424 break;
1425 case 6:
1426 gen_helper_fdiv_ST0_FT0(cpu_env);
1427 break;
1428 case 7:
1429 gen_helper_fdivr_ST0_FT0(cpu_env);
1430 break;
1431 }
1432 }
1433
1434 /* NOTE the exception in "r" op ordering */
1435 static void gen_helper_fp_arith_STN_ST0(int op, int opreg)
1436 {
1437 TCGv_i32 tmp = tcg_const_i32(opreg);
1438 switch (op) {
1439 case 0:
1440 gen_helper_fadd_STN_ST0(cpu_env, tmp);
1441 break;
1442 case 1:
1443 gen_helper_fmul_STN_ST0(cpu_env, tmp);
1444 break;
1445 case 4:
1446 gen_helper_fsubr_STN_ST0(cpu_env, tmp);
1447 break;
1448 case 5:
1449 gen_helper_fsub_STN_ST0(cpu_env, tmp);
1450 break;
1451 case 6:
1452 gen_helper_fdivr_STN_ST0(cpu_env, tmp);
1453 break;
1454 case 7:
1455 gen_helper_fdiv_STN_ST0(cpu_env, tmp);
1456 break;
1457 }
1458 }
1459
1460 /* if d == OR_TMP0, it means memory operand (address in A0) */
1461 static void gen_op(DisasContext *s1, int op, int ot, int d)
1462 {
1463 if (d != OR_TMP0) {
1464 gen_op_mov_TN_reg(ot, 0, d);
1465 } else {
1466 gen_op_ld_T0_A0(ot + s1->mem_index);
1467 }
1468 switch(op) {
1469 case OP_ADCL:
1470 gen_compute_eflags_c(s1, cpu_tmp4, false);
1471 tcg_gen_add_tl(cpu_T[0], cpu_T[0], cpu_T[1]);
1472 tcg_gen_add_tl(cpu_T[0], cpu_T[0], cpu_tmp4);
1473 if (d != OR_TMP0)
1474 gen_op_mov_reg_T0(ot, d);
1475 else
1476 gen_op_st_T0_A0(ot + s1->mem_index);
1477 tcg_gen_mov_tl(cpu_cc_src, cpu_T[1]);
1478 tcg_gen_mov_tl(cpu_cc_dst, cpu_T[0]);
1479 tcg_gen_trunc_tl_i32(cpu_tmp2_i32, cpu_tmp4);
1480 tcg_gen_shli_i32(cpu_tmp2_i32, cpu_tmp2_i32, 2);
1481 tcg_gen_addi_i32(cpu_cc_op, cpu_tmp2_i32, CC_OP_ADDB + ot);
1482 set_cc_op(s1, CC_OP_DYNAMIC);
1483 break;
1484 case OP_SBBL:
1485 gen_compute_eflags_c(s1, cpu_tmp4, false);
1486 tcg_gen_sub_tl(cpu_T[0], cpu_T[0], cpu_T[1]);
1487 tcg_gen_sub_tl(cpu_T[0], cpu_T[0], cpu_tmp4);
1488 if (d != OR_TMP0)
1489 gen_op_mov_reg_T0(ot, d);
1490 else
1491 gen_op_st_T0_A0(ot + s1->mem_index);
1492 tcg_gen_mov_tl(cpu_cc_src, cpu_T[1]);
1493 tcg_gen_mov_tl(cpu_cc_dst, cpu_T[0]);
1494 tcg_gen_trunc_tl_i32(cpu_tmp2_i32, cpu_tmp4);
1495 tcg_gen_shli_i32(cpu_tmp2_i32, cpu_tmp2_i32, 2);
1496 tcg_gen_addi_i32(cpu_cc_op, cpu_tmp2_i32, CC_OP_SUBB + ot);
1497 set_cc_op(s1, CC_OP_DYNAMIC);
1498 break;
1499 case OP_ADDL:
1500 gen_op_addl_T0_T1();
1501 if (d != OR_TMP0)
1502 gen_op_mov_reg_T0(ot, d);
1503 else
1504 gen_op_st_T0_A0(ot + s1->mem_index);
1505 gen_op_update2_cc();
1506 set_cc_op(s1, CC_OP_ADDB + ot);
1507 break;
1508 case OP_SUBL:
1509 tcg_gen_sub_tl(cpu_T[0], cpu_T[0], cpu_T[1]);
1510 if (d != OR_TMP0)
1511 gen_op_mov_reg_T0(ot, d);
1512 else
1513 gen_op_st_T0_A0(ot + s1->mem_index);
1514 gen_op_update2_cc();
1515 set_cc_op(s1, CC_OP_SUBB + ot);
1516 break;
1517 default:
1518 case OP_ANDL:
1519 tcg_gen_and_tl(cpu_T[0], cpu_T[0], cpu_T[1]);
1520 if (d != OR_TMP0)
1521 gen_op_mov_reg_T0(ot, d);
1522 else
1523 gen_op_st_T0_A0(ot + s1->mem_index);
1524 gen_op_update1_cc();
1525 set_cc_op(s1, CC_OP_LOGICB + ot);
1526 break;
1527 case OP_ORL:
1528 tcg_gen_or_tl(cpu_T[0], cpu_T[0], cpu_T[1]);
1529 if (d != OR_TMP0)
1530 gen_op_mov_reg_T0(ot, d);
1531 else
1532 gen_op_st_T0_A0(ot + s1->mem_index);
1533 gen_op_update1_cc();
1534 set_cc_op(s1, CC_OP_LOGICB + ot);
1535 break;
1536 case OP_XORL:
1537 tcg_gen_xor_tl(cpu_T[0], cpu_T[0], cpu_T[1]);
1538 if (d != OR_TMP0)
1539 gen_op_mov_reg_T0(ot, d);
1540 else
1541 gen_op_st_T0_A0(ot + s1->mem_index);
1542 gen_op_update1_cc();
1543 set_cc_op(s1, CC_OP_LOGICB + ot);
1544 break;
1545 case OP_CMPL:
1546 gen_op_cmpl_T0_T1_cc();
1547 set_cc_op(s1, CC_OP_SUBB + ot);
1548 break;
1549 }
1550 }
1551
1552 /* if d == OR_TMP0, it means memory operand (address in A0) */
1553 static void gen_inc(DisasContext *s1, int ot, int d, int c)
1554 {
1555 if (d != OR_TMP0)
1556 gen_op_mov_TN_reg(ot, 0, d);
1557 else
1558 gen_op_ld_T0_A0(ot + s1->mem_index);
1559 gen_compute_eflags_c(s1, cpu_cc_src, false);
1560 if (c > 0) {
1561 tcg_gen_addi_tl(cpu_T[0], cpu_T[0], 1);
1562 set_cc_op(s1, CC_OP_INCB + ot);
1563 } else {
1564 tcg_gen_addi_tl(cpu_T[0], cpu_T[0], -1);
1565 set_cc_op(s1, CC_OP_DECB + ot);
1566 }
1567 if (d != OR_TMP0)
1568 gen_op_mov_reg_T0(ot, d);
1569 else
1570 gen_op_st_T0_A0(ot + s1->mem_index);
1571 tcg_gen_mov_tl(cpu_cc_dst, cpu_T[0]);
1572 }
1573
1574 static void gen_shift_rm_T1(DisasContext *s, int ot, int op1,
1575 int is_right, int is_arith)
1576 {
1577 target_ulong mask;
1578 int shift_label;
1579 TCGv t0, t1, t2;
1580
1581 if (ot == OT_QUAD) {
1582 mask = 0x3f;
1583 } else {
1584 mask = 0x1f;
1585 }
1586
1587 /* load */
1588 if (op1 == OR_TMP0) {
1589 gen_op_ld_T0_A0(ot + s->mem_index);
1590 } else {
1591 gen_op_mov_TN_reg(ot, 0, op1);
1592 }
1593
1594 t0 = tcg_temp_local_new();
1595 t1 = tcg_temp_local_new();
1596 t2 = tcg_temp_local_new();
1597
1598 tcg_gen_andi_tl(t2, cpu_T[1], mask);
1599
1600 if (is_right) {
1601 if (is_arith) {
1602 gen_exts(ot, cpu_T[0]);
1603 tcg_gen_mov_tl(t0, cpu_T[0]);
1604 tcg_gen_sar_tl(cpu_T[0], cpu_T[0], t2);
1605 } else {
1606 gen_extu(ot, cpu_T[0]);
1607 tcg_gen_mov_tl(t0, cpu_T[0]);
1608 tcg_gen_shr_tl(cpu_T[0], cpu_T[0], t2);
1609 }
1610 } else {
1611 tcg_gen_mov_tl(t0, cpu_T[0]);
1612 tcg_gen_shl_tl(cpu_T[0], cpu_T[0], t2);
1613 }
1614
1615 /* store */
1616 if (op1 == OR_TMP0) {
1617 gen_op_st_T0_A0(ot + s->mem_index);
1618 } else {
1619 gen_op_mov_reg_T0(ot, op1);
1620 }
1621
1622 /* update eflags */
1623 gen_update_cc_op(s);
1624
1625 tcg_gen_mov_tl(t1, cpu_T[0]);
1626
1627 shift_label = gen_new_label();
1628 tcg_gen_brcondi_tl(TCG_COND_EQ, t2, 0, shift_label);
1629
1630 tcg_gen_addi_tl(t2, t2, -1);
1631 tcg_gen_mov_tl(cpu_cc_dst, t1);
1632
1633 if (is_right) {
1634 if (is_arith) {
1635 tcg_gen_sar_tl(cpu_cc_src, t0, t2);
1636 } else {
1637 tcg_gen_shr_tl(cpu_cc_src, t0, t2);
1638 }
1639 } else {
1640 tcg_gen_shl_tl(cpu_cc_src, t0, t2);
1641 }
1642
1643 if (is_right) {
1644 tcg_gen_movi_i32(cpu_cc_op, CC_OP_SARB + ot);
1645 } else {
1646 tcg_gen_movi_i32(cpu_cc_op, CC_OP_SHLB + ot);
1647 }
1648
1649 gen_set_label(shift_label);
1650 set_cc_op(s, CC_OP_DYNAMIC); /* cannot predict flags after */
1651
1652 tcg_temp_free(t0);
1653 tcg_temp_free(t1);
1654 tcg_temp_free(t2);
1655 }
1656
1657 static void gen_shift_rm_im(DisasContext *s, int ot, int op1, int op2,
1658 int is_right, int is_arith)
1659 {
1660 int mask;
1661
1662 if (ot == OT_QUAD)
1663 mask = 0x3f;
1664 else
1665 mask = 0x1f;
1666
1667 /* load */
1668 if (op1 == OR_TMP0)
1669 gen_op_ld_T0_A0(ot + s->mem_index);
1670 else
1671 gen_op_mov_TN_reg(ot, 0, op1);
1672
1673 op2 &= mask;
1674 if (op2 != 0) {
1675 if (is_right) {
1676 if (is_arith) {
1677 gen_exts(ot, cpu_T[0]);
1678 tcg_gen_sari_tl(cpu_tmp4, cpu_T[0], op2 - 1);
1679 tcg_gen_sari_tl(cpu_T[0], cpu_T[0], op2);
1680 } else {
1681 gen_extu(ot, cpu_T[0]);
1682 tcg_gen_shri_tl(cpu_tmp4, cpu_T[0], op2 - 1);
1683 tcg_gen_shri_tl(cpu_T[0], cpu_T[0], op2);
1684 }
1685 } else {
1686 tcg_gen_shli_tl(cpu_tmp4, cpu_T[0], op2 - 1);
1687 tcg_gen_shli_tl(cpu_T[0], cpu_T[0], op2);
1688 }
1689 }
1690
1691 /* store */
1692 if (op1 == OR_TMP0)
1693 gen_op_st_T0_A0(ot + s->mem_index);
1694 else
1695 gen_op_mov_reg_T0(ot, op1);
1696
1697 /* update eflags if non zero shift */
1698 if (op2 != 0) {
1699 tcg_gen_mov_tl(cpu_cc_src, cpu_tmp4);
1700 tcg_gen_mov_tl(cpu_cc_dst, cpu_T[0]);
1701 set_cc_op(s, (is_right ? CC_OP_SARB : CC_OP_SHLB) + ot);
1702 }
1703 }
1704
1705 static inline void tcg_gen_lshift(TCGv ret, TCGv arg1, target_long arg2)
1706 {
1707 if (arg2 >= 0)
1708 tcg_gen_shli_tl(ret, arg1, arg2);
1709 else
1710 tcg_gen_shri_tl(ret, arg1, -arg2);
1711 }
1712
1713 static void gen_rot_rm_T1(DisasContext *s, int ot, int op1,
1714 int is_right)
1715 {
1716 target_ulong mask;
1717 int label1, label2, data_bits;
1718 TCGv t0, t1, t2, a0;
1719
1720 /* XXX: inefficient, but we must use local temps */
1721 t0 = tcg_temp_local_new();
1722 t1 = tcg_temp_local_new();
1723 t2 = tcg_temp_local_new();
1724 a0 = tcg_temp_local_new();
1725
1726 if (ot == OT_QUAD)
1727 mask = 0x3f;
1728 else
1729 mask = 0x1f;
1730
1731 /* load */
1732 if (op1 == OR_TMP0) {
1733 tcg_gen_mov_tl(a0, cpu_A0);
1734 gen_op_ld_v(ot + s->mem_index, t0, a0);
1735 } else {
1736 gen_op_mov_v_reg(ot, t0, op1);
1737 }
1738
1739 tcg_gen_mov_tl(t1, cpu_T[1]);
1740
1741 tcg_gen_andi_tl(t1, t1, mask);
1742
1743 /* Must test zero case to avoid using undefined behaviour in TCG
1744 shifts. */
1745 label1 = gen_new_label();
1746 tcg_gen_brcondi_tl(TCG_COND_EQ, t1, 0, label1);
1747
1748 if (ot <= OT_WORD)
1749 tcg_gen_andi_tl(cpu_tmp0, t1, (1 << (3 + ot)) - 1);
1750 else
1751 tcg_gen_mov_tl(cpu_tmp0, t1);
1752
1753 gen_extu(ot, t0);
1754 tcg_gen_mov_tl(t2, t0);
1755
1756 data_bits = 8 << ot;
1757 /* XXX: rely on behaviour of shifts when operand 2 overflows (XXX:
1758 fix TCG definition) */
1759 if (is_right) {
1760 tcg_gen_shr_tl(cpu_tmp4, t0, cpu_tmp0);
1761 tcg_gen_subfi_tl(cpu_tmp0, data_bits, cpu_tmp0);
1762 tcg_gen_shl_tl(t0, t0, cpu_tmp0);
1763 } else {
1764 tcg_gen_shl_tl(cpu_tmp4, t0, cpu_tmp0);
1765 tcg_gen_subfi_tl(cpu_tmp0, data_bits, cpu_tmp0);
1766 tcg_gen_shr_tl(t0, t0, cpu_tmp0);
1767 }
1768 tcg_gen_or_tl(t0, t0, cpu_tmp4);
1769
1770 gen_set_label(label1);
1771 /* store */
1772 if (op1 == OR_TMP0) {
1773 gen_op_st_v(ot + s->mem_index, t0, a0);
1774 } else {
1775 gen_op_mov_reg_v(ot, op1, t0);
1776 }
1777
1778 /* update eflags. It is needed anyway most of the time, do it always. */
1779 gen_compute_eflags(s);
1780 assert(s->cc_op == CC_OP_EFLAGS);
1781
1782 label2 = gen_new_label();
1783 tcg_gen_brcondi_tl(TCG_COND_EQ, t1, 0, label2);
1784
1785 tcg_gen_andi_tl(cpu_cc_src, cpu_cc_src, ~(CC_O | CC_C));
1786 tcg_gen_xor_tl(cpu_tmp0, t2, t0);
1787 tcg_gen_lshift(cpu_tmp0, cpu_tmp0, 11 - (data_bits - 1));
1788 tcg_gen_andi_tl(cpu_tmp0, cpu_tmp0, CC_O);
1789 tcg_gen_or_tl(cpu_cc_src, cpu_cc_src, cpu_tmp0);
1790 if (is_right) {
1791 tcg_gen_shri_tl(t0, t0, data_bits - 1);
1792 }
1793 tcg_gen_andi_tl(t0, t0, CC_C);
1794 tcg_gen_or_tl(cpu_cc_src, cpu_cc_src, t0);
1795
1796 gen_set_label(label2);
1797
1798 tcg_temp_free(t0);
1799 tcg_temp_free(t1);
1800 tcg_temp_free(t2);
1801 tcg_temp_free(a0);
1802 }
1803
1804 static void gen_rot_rm_im(DisasContext *s, int ot, int op1, int op2,
1805 int is_right)
1806 {
1807 int mask;
1808 int data_bits;
1809 TCGv t0, t1, a0;
1810
1811 /* XXX: inefficient, but we must use local temps */
1812 t0 = tcg_temp_local_new();
1813 t1 = tcg_temp_local_new();
1814 a0 = tcg_temp_local_new();
1815
1816 if (ot == OT_QUAD)
1817 mask = 0x3f;
1818 else
1819 mask = 0x1f;
1820
1821 /* load */
1822 if (op1 == OR_TMP0) {
1823 tcg_gen_mov_tl(a0, cpu_A0);
1824 gen_op_ld_v(ot + s->mem_index, t0, a0);
1825 } else {
1826 gen_op_mov_v_reg(ot, t0, op1);
1827 }
1828
1829 gen_extu(ot, t0);
1830 tcg_gen_mov_tl(t1, t0);
1831
1832 op2 &= mask;
1833 data_bits = 8 << ot;
1834 if (op2 != 0) {
1835 int shift = op2 & ((1 << (3 + ot)) - 1);
1836 if (is_right) {
1837 tcg_gen_shri_tl(cpu_tmp4, t0, shift);
1838 tcg_gen_shli_tl(t0, t0, data_bits - shift);
1839 }
1840 else {
1841 tcg_gen_shli_tl(cpu_tmp4, t0, shift);
1842 tcg_gen_shri_tl(t0, t0, data_bits - shift);
1843 }
1844 tcg_gen_or_tl(t0, t0, cpu_tmp4);
1845 }
1846
1847 /* store */
1848 if (op1 == OR_TMP0) {
1849 gen_op_st_v(ot + s->mem_index, t0, a0);
1850 } else {
1851 gen_op_mov_reg_v(ot, op1, t0);
1852 }
1853
1854 if (op2 != 0) {
1855 /* update eflags */
1856 gen_compute_eflags(s);
1857 assert(s->cc_op == CC_OP_EFLAGS);
1858
1859 tcg_gen_andi_tl(cpu_cc_src, cpu_cc_src, ~(CC_O | CC_C));
1860 tcg_gen_xor_tl(cpu_tmp0, t1, t0);
1861 tcg_gen_lshift(cpu_tmp0, cpu_tmp0, 11 - (data_bits - 1));
1862 tcg_gen_andi_tl(cpu_tmp0, cpu_tmp0, CC_O);
1863 tcg_gen_or_tl(cpu_cc_src, cpu_cc_src, cpu_tmp0);
1864 if (is_right) {
1865 tcg_gen_shri_tl(t0, t0, data_bits - 1);
1866 }
1867 tcg_gen_andi_tl(t0, t0, CC_C);
1868 tcg_gen_or_tl(cpu_cc_src, cpu_cc_src, t0);
1869 }
1870
1871 tcg_temp_free(t0);
1872 tcg_temp_free(t1);
1873 tcg_temp_free(a0);
1874 }
1875
1876 /* XXX: add faster immediate = 1 case */
1877 static void gen_rotc_rm_T1(DisasContext *s, int ot, int op1,
1878 int is_right)
1879 {
1880 gen_compute_eflags(s);
1881 assert(s->cc_op == CC_OP_EFLAGS);
1882
1883 /* load */
1884 if (op1 == OR_TMP0)
1885 gen_op_ld_T0_A0(ot + s->mem_index);
1886 else
1887 gen_op_mov_TN_reg(ot, 0, op1);
1888
1889 if (is_right) {
1890 switch (ot) {
1891 case OT_BYTE:
1892 gen_helper_rcrb(cpu_T[0], cpu_env, cpu_T[0], cpu_T[1]);
1893 break;
1894 case OT_WORD:
1895 gen_helper_rcrw(cpu_T[0], cpu_env, cpu_T[0], cpu_T[1]);
1896 break;
1897 case OT_LONG:
1898 gen_helper_rcrl(cpu_T[0], cpu_env, cpu_T[0], cpu_T[1]);
1899 break;
1900 #ifdef TARGET_X86_64
1901 case OT_QUAD:
1902 gen_helper_rcrq(cpu_T[0], cpu_env, cpu_T[0], cpu_T[1]);
1903 break;
1904 #endif
1905 }
1906 } else {
1907 switch (ot) {
1908 case OT_BYTE:
1909 gen_helper_rclb(cpu_T[0], cpu_env, cpu_T[0], cpu_T[1]);
1910 break;
1911 case OT_WORD:
1912 gen_helper_rclw(cpu_T[0], cpu_env, cpu_T[0], cpu_T[1]);
1913 break;
1914 case OT_LONG:
1915 gen_helper_rcll(cpu_T[0], cpu_env, cpu_T[0], cpu_T[1]);
1916 break;
1917 #ifdef TARGET_X86_64
1918 case OT_QUAD:
1919 gen_helper_rclq(cpu_T[0], cpu_env, cpu_T[0], cpu_T[1]);
1920 break;
1921 #endif
1922 }
1923 }
1924 /* store */
1925 if (op1 == OR_TMP0)
1926 gen_op_st_T0_A0(ot + s->mem_index);
1927 else
1928 gen_op_mov_reg_T0(ot, op1);
1929 }
1930
1931 /* XXX: add faster immediate case */
1932 static void gen_shiftd_rm_T1_T3(DisasContext *s, int ot, int op1,
1933 int is_right)
1934 {
1935 int label1, label2, data_bits;
1936 target_ulong mask;
1937 TCGv t0, t1, t2, a0;
1938
1939 t0 = tcg_temp_local_new();
1940 t1 = tcg_temp_local_new();
1941 t2 = tcg_temp_local_new();
1942 a0 = tcg_temp_local_new();
1943
1944 if (ot == OT_QUAD)
1945 mask = 0x3f;
1946 else
1947 mask = 0x1f;
1948
1949 /* load */
1950 if (op1 == OR_TMP0) {
1951 tcg_gen_mov_tl(a0, cpu_A0);
1952 gen_op_ld_v(ot + s->mem_index, t0, a0);
1953 } else {
1954 gen_op_mov_v_reg(ot, t0, op1);
1955 }
1956
1957 tcg_gen_andi_tl(cpu_T3, cpu_T3, mask);
1958
1959 tcg_gen_mov_tl(t1, cpu_T[1]);
1960 tcg_gen_mov_tl(t2, cpu_T3);
1961
1962 /* Must test zero case to avoid using undefined behaviour in TCG
1963 shifts. */
1964 label1 = gen_new_label();
1965 tcg_gen_brcondi_tl(TCG_COND_EQ, t2, 0, label1);
1966
1967 tcg_gen_addi_tl(cpu_tmp5, t2, -1);
1968 if (ot == OT_WORD) {
1969 /* Note: we implement the Intel behaviour for shift count > 16 */
1970 if (is_right) {
1971 tcg_gen_andi_tl(t0, t0, 0xffff);
1972 tcg_gen_shli_tl(cpu_tmp0, t1, 16);
1973 tcg_gen_or_tl(t0, t0, cpu_tmp0);
1974 tcg_gen_ext32u_tl(t0, t0);
1975
1976 tcg_gen_shr_tl(cpu_tmp4, t0, cpu_tmp5);
1977
1978 /* only needed if count > 16, but a test would complicate */
1979 tcg_gen_subfi_tl(cpu_tmp5, 32, t2);
1980 tcg_gen_shl_tl(cpu_tmp0, t0, cpu_tmp5);
1981
1982 tcg_gen_shr_tl(t0, t0, t2);
1983
1984 tcg_gen_or_tl(t0, t0, cpu_tmp0);
1985 } else {
1986 /* XXX: not optimal */
1987 tcg_gen_andi_tl(t0, t0, 0xffff);
1988 tcg_gen_shli_tl(t1, t1, 16);
1989 tcg_gen_or_tl(t1, t1, t0);
1990 tcg_gen_ext32u_tl(t1, t1);
1991
1992 tcg_gen_shl_tl(cpu_tmp4, t0, cpu_tmp5);
1993 tcg_gen_subfi_tl(cpu_tmp0, 32, cpu_tmp5);
1994 tcg_gen_shr_tl(cpu_tmp5, t1, cpu_tmp0);
1995 tcg_gen_or_tl(cpu_tmp4, cpu_tmp4, cpu_tmp5);
1996
1997 tcg_gen_shl_tl(t0, t0, t2);
1998 tcg_gen_subfi_tl(cpu_tmp5, 32, t2);
1999 tcg_gen_shr_tl(t1, t1, cpu_tmp5);
2000 tcg_gen_or_tl(t0, t0, t1);
2001 }
2002 } else {
2003 data_bits = 8 << ot;
2004 if (is_right) {
2005 if (ot == OT_LONG)
2006 tcg_gen_ext32u_tl(t0, t0);
2007
2008 tcg_gen_shr_tl(cpu_tmp4, t0, cpu_tmp5);
2009
2010 tcg_gen_shr_tl(t0, t0, t2);
2011 tcg_gen_subfi_tl(cpu_tmp5, data_bits, t2);
2012 tcg_gen_shl_tl(t1, t1, cpu_tmp5);
2013 tcg_gen_or_tl(t0, t0, t1);
2014
2015 } else {
2016 if (ot == OT_LONG)
2017 tcg_gen_ext32u_tl(t1, t1);
2018
2019 tcg_gen_shl_tl(cpu_tmp4, t0, cpu_tmp5);
2020
2021 tcg_gen_shl_tl(t0, t0, t2);
2022 tcg_gen_subfi_tl(cpu_tmp5, data_bits, t2);
2023 tcg_gen_shr_tl(t1, t1, cpu_tmp5);
2024 tcg_gen_or_tl(t0, t0, t1);
2025 }
2026 }
2027 tcg_gen_mov_tl(t1, cpu_tmp4);
2028
2029 gen_set_label(label1);
2030 /* store */
2031 if (op1 == OR_TMP0) {
2032 gen_op_st_v(ot + s->mem_index, t0, a0);
2033 } else {
2034 gen_op_mov_reg_v(ot, op1, t0);
2035 }
2036
2037 /* update eflags */
2038 gen_update_cc_op(s);
2039
2040 label2 = gen_new_label();
2041 tcg_gen_brcondi_tl(TCG_COND_EQ, t2, 0, label2);
2042
2043 tcg_gen_mov_tl(cpu_cc_src, t1);
2044 tcg_gen_mov_tl(cpu_cc_dst, t0);
2045 if (is_right) {
2046 tcg_gen_movi_i32(cpu_cc_op, CC_OP_SARB + ot);
2047 } else {
2048 tcg_gen_movi_i32(cpu_cc_op, CC_OP_SHLB + ot);
2049 }
2050 gen_set_label(label2);
2051 set_cc_op(s, CC_OP_DYNAMIC); /* cannot predict flags after */
2052
2053 tcg_temp_free(t0);
2054 tcg_temp_free(t1);
2055 tcg_temp_free(t2);
2056 tcg_temp_free(a0);
2057 }
2058
2059 static void gen_shift(DisasContext *s1, int op, int ot, int d, int s)
2060 {
2061 if (s != OR_TMP1)
2062 gen_op_mov_TN_reg(ot, 1, s);
2063 switch(op) {
2064 case OP_ROL:
2065 gen_rot_rm_T1(s1, ot, d, 0);
2066 break;
2067 case OP_ROR:
2068 gen_rot_rm_T1(s1, ot, d, 1);
2069 break;
2070 case OP_SHL:
2071 case OP_SHL1:
2072 gen_shift_rm_T1(s1, ot, d, 0, 0);
2073 break;
2074 case OP_SHR:
2075 gen_shift_rm_T1(s1, ot, d, 1, 0);
2076 break;
2077 case OP_SAR:
2078 gen_shift_rm_T1(s1, ot, d, 1, 1);
2079 break;
2080 case OP_RCL:
2081 gen_rotc_rm_T1(s1, ot, d, 0);
2082 break;
2083 case OP_RCR:
2084 gen_rotc_rm_T1(s1, ot, d, 1);
2085 break;
2086 }
2087 }
2088
2089 static void gen_shifti(DisasContext *s1, int op, int ot, int d, int c)
2090 {
2091 switch(op) {
2092 case OP_ROL:
2093 gen_rot_rm_im(s1, ot, d, c, 0);
2094 break;
2095 case OP_ROR:
2096 gen_rot_rm_im(s1, ot, d, c, 1);
2097 break;
2098 case OP_SHL:
2099 case OP_SHL1:
2100 gen_shift_rm_im(s1, ot, d, c, 0, 0);
2101 break;
2102 case OP_SHR:
2103 gen_shift_rm_im(s1, ot, d, c, 1, 0);
2104 break;
2105 case OP_SAR:
2106 gen_shift_rm_im(s1, ot, d, c, 1, 1);
2107 break;
2108 default:
2109 /* currently not optimized */
2110 gen_op_movl_T1_im(c);
2111 gen_shift(s1, op, ot, d, OR_TMP1);
2112 break;
2113 }
2114 }
2115
2116 static void gen_lea_modrm(CPUX86State *env, DisasContext *s, int modrm,
2117 int *reg_ptr, int *offset_ptr)
2118 {
2119 target_long disp;
2120 int havesib;
2121 int base;
2122 int index;
2123 int scale;
2124 int opreg;
2125 int mod, rm, code, override, must_add_seg;
2126
2127 override = s->override;
2128 must_add_seg = s->addseg;
2129 if (override >= 0)
2130 must_add_seg = 1;
2131 mod = (modrm >> 6) & 3;
2132 rm = modrm & 7;
2133
2134 if (s->aflag) {
2135
2136 havesib = 0;
2137 base = rm;
2138 index = 0;
2139 scale = 0;
2140
2141 if (base == 4) {
2142 havesib = 1;
2143 code = cpu_ldub_code(env, s->pc++);
2144 scale = (code >> 6) & 3;
2145 index = ((code >> 3) & 7) | REX_X(s);
2146 base = (code & 7);
2147 }
2148 base |= REX_B(s);
2149
2150 switch (mod) {
2151 case 0:
2152 if ((base & 7) == 5) {
2153 base = -1;
2154 disp = (int32_t)cpu_ldl_code(env, s->pc);
2155 s->pc += 4;
2156 if (CODE64(s) && !havesib) {
2157 disp += s->pc + s->rip_offset;
2158 }
2159 } else {
2160 disp = 0;
2161 }
2162 break;
2163 case 1:
2164 disp = (int8_t)cpu_ldub_code(env, s->pc++);
2165 break;
2166 default:
2167 case 2:
2168 disp = (int32_t)cpu_ldl_code(env, s->pc);
2169 s->pc += 4;
2170 break;
2171 }
2172
2173 if (base >= 0) {
2174 /* for correct popl handling with esp */
2175 if (base == 4 && s->popl_esp_hack)
2176 disp += s->popl_esp_hack;
2177 #ifdef TARGET_X86_64
2178 if (s->aflag == 2) {
2179 gen_op_movq_A0_reg(base);
2180 if (disp != 0) {
2181 gen_op_addq_A0_im(disp);
2182 }
2183 } else
2184 #endif
2185 {
2186 gen_op_movl_A0_reg(base);
2187 if (disp != 0)
2188 gen_op_addl_A0_im(disp);
2189 }
2190 } else {
2191 #ifdef TARGET_X86_64
2192 if (s->aflag == 2) {
2193 gen_op_movq_A0_im(disp);
2194 } else
2195 #endif
2196 {
2197 gen_op_movl_A0_im(disp);
2198 }
2199 }
2200 /* index == 4 means no index */
2201 if (havesib && (index != 4)) {
2202 #ifdef TARGET_X86_64
2203 if (s->aflag == 2) {
2204 gen_op_addq_A0_reg_sN(scale, index);
2205 } else
2206 #endif
2207 {
2208 gen_op_addl_A0_reg_sN(scale, index);
2209 }
2210 }
2211 if (must_add_seg) {
2212 if (override < 0) {
2213 if (base == R_EBP || base == R_ESP)
2214 override = R_SS;
2215 else
2216 override = R_DS;
2217 }
2218 #ifdef TARGET_X86_64
2219 if (s->aflag == 2) {
2220 gen_op_addq_A0_seg(override);
2221 } else
2222 #endif
2223 {
2224 gen_op_addl_A0_seg(s, override);
2225 }
2226 }
2227 } else {
2228 switch (mod) {
2229 case 0:
2230 if (rm == 6) {
2231 disp = cpu_lduw_code(env, s->pc);
2232 s->pc += 2;
2233 gen_op_movl_A0_im(disp);
2234 rm = 0; /* avoid SS override */
2235 goto no_rm;
2236 } else {
2237 disp = 0;
2238 }
2239 break;
2240 case 1:
2241 disp = (int8_t)cpu_ldub_code(env, s->pc++);
2242 break;
2243 default:
2244 case 2:
2245 disp = cpu_lduw_code(env, s->pc);
2246 s->pc += 2;
2247 break;
2248 }
2249 switch(rm) {
2250 case 0:
2251 gen_op_movl_A0_reg(R_EBX);
2252 gen_op_addl_A0_reg_sN(0, R_ESI);
2253 break;
2254 case 1:
2255 gen_op_movl_A0_reg(R_EBX);
2256 gen_op_addl_A0_reg_sN(0, R_EDI);
2257 break;
2258 case 2:
2259 gen_op_movl_A0_reg(R_EBP);
2260 gen_op_addl_A0_reg_sN(0, R_ESI);
2261 break;
2262 case 3:
2263 gen_op_movl_A0_reg(R_EBP);
2264 gen_op_addl_A0_reg_sN(0, R_EDI);
2265 break;
2266 case 4:
2267 gen_op_movl_A0_reg(R_ESI);
2268 break;
2269 case 5:
2270 gen_op_movl_A0_reg(R_EDI);
2271 break;
2272 case 6:
2273 gen_op_movl_A0_reg(R_EBP);
2274 break;
2275 default:
2276 case 7:
2277 gen_op_movl_A0_reg(R_EBX);
2278 break;
2279 }
2280 if (disp != 0)
2281 gen_op_addl_A0_im(disp);
2282 gen_op_andl_A0_ffff();
2283 no_rm:
2284 if (must_add_seg) {
2285 if (override < 0) {
2286 if (rm == 2 || rm == 3 || rm == 6)
2287 override = R_SS;
2288 else
2289 override = R_DS;
2290 }
2291 gen_op_addl_A0_seg(s, override);
2292 }
2293 }
2294
2295 opreg = OR_A0;
2296 disp = 0;
2297 *reg_ptr = opreg;
2298 *offset_ptr = disp;
2299 }
2300
2301 static void gen_nop_modrm(CPUX86State *env, DisasContext *s, int modrm)
2302 {
2303 int mod, rm, base, code;
2304
2305 mod = (modrm >> 6) & 3;
2306 if (mod == 3)
2307 return;
2308 rm = modrm & 7;
2309
2310 if (s->aflag) {
2311
2312 base = rm;
2313
2314 if (base == 4) {
2315 code = cpu_ldub_code(env, s->pc++);
2316 base = (code & 7);
2317 }
2318
2319 switch (mod) {
2320 case 0:
2321 if (base == 5) {
2322 s->pc += 4;
2323 }
2324 break;
2325 case 1:
2326 s->pc++;
2327 break;
2328 default:
2329 case 2:
2330 s->pc += 4;
2331 break;
2332 }
2333 } else {
2334 switch (mod) {
2335 case 0:
2336 if (rm == 6) {
2337 s->pc += 2;
2338 }
2339 break;
2340 case 1:
2341 s->pc++;
2342 break;
2343 default:
2344 case 2:
2345 s->pc += 2;
2346 break;
2347 }
2348 }
2349 }
2350
2351 /* used for LEA and MOV AX, mem */
2352 static void gen_add_A0_ds_seg(DisasContext *s)
2353 {
2354 int override, must_add_seg;
2355 must_add_seg = s->addseg;
2356 override = R_DS;
2357 if (s->override >= 0) {
2358 override = s->override;
2359 must_add_seg = 1;
2360 }
2361 if (must_add_seg) {
2362 #ifdef TARGET_X86_64
2363 if (CODE64(s)) {
2364 gen_op_addq_A0_seg(override);
2365 } else
2366 #endif
2367 {
2368 gen_op_addl_A0_seg(s, override);
2369 }
2370 }
2371 }
2372
2373 /* generate modrm memory load or store of 'reg'. TMP0 is used if reg ==
2374 OR_TMP0 */
2375 static void gen_ldst_modrm(CPUX86State *env, DisasContext *s, int modrm,
2376 int ot, int reg, int is_store)
2377 {
2378 int mod, rm, opreg, disp;
2379
2380 mod = (modrm >> 6) & 3;
2381 rm = (modrm & 7) | REX_B(s);
2382 if (mod == 3) {
2383 if (is_store) {
2384 if (reg != OR_TMP0)
2385 gen_op_mov_TN_reg(ot, 0, reg);
2386 gen_op_mov_reg_T0(ot, rm);
2387 } else {
2388 gen_op_mov_TN_reg(ot, 0, rm);
2389 if (reg != OR_TMP0)
2390 gen_op_mov_reg_T0(ot, reg);
2391 }
2392 } else {
2393 gen_lea_modrm(env, s, modrm, &opreg, &disp);
2394 if (is_store) {
2395 if (reg != OR_TMP0)
2396 gen_op_mov_TN_reg(ot, 0, reg);
2397 gen_op_st_T0_A0(ot + s->mem_index);
2398 } else {
2399 gen_op_ld_T0_A0(ot + s->mem_index);
2400 if (reg != OR_TMP0)
2401 gen_op_mov_reg_T0(ot, reg);
2402 }
2403 }
2404 }
2405
2406 static inline uint32_t insn_get(CPUX86State *env, DisasContext *s, int ot)
2407 {
2408 uint32_t ret;
2409
2410 switch(ot) {
2411 case OT_BYTE:
2412 ret = cpu_ldub_code(env, s->pc);
2413 s->pc++;
2414 break;
2415 case OT_WORD:
2416 ret = cpu_lduw_code(env, s->pc);
2417 s->pc += 2;
2418 break;
2419 default:
2420 case OT_LONG:
2421 ret = cpu_ldl_code(env, s->pc);
2422 s->pc += 4;
2423 break;
2424 }
2425 return ret;
2426 }
2427
2428 static inline int insn_const_size(unsigned int ot)
2429 {
2430 if (ot <= OT_LONG)
2431 return 1 << ot;
2432 else
2433 return 4;
2434 }
2435
2436 static inline void gen_goto_tb(DisasContext *s, int tb_num, target_ulong eip)
2437 {
2438 TranslationBlock *tb;
2439 target_ulong pc;
2440
2441 pc = s->cs_base + eip;
2442 tb = s->tb;
2443 /* NOTE: we handle the case where the TB spans two pages here */
2444 if ((pc & TARGET_PAGE_MASK) == (tb->pc & TARGET_PAGE_MASK) ||
2445 (pc & TARGET_PAGE_MASK) == ((s->pc - 1) & TARGET_PAGE_MASK)) {
2446 /* jump to same page: we can use a direct jump */
2447 tcg_gen_goto_tb(tb_num);
2448 gen_jmp_im(eip);
2449 tcg_gen_exit_tb((tcg_target_long)tb + tb_num);
2450 } else {
2451 /* jump to another page: currently not optimized */
2452 gen_jmp_im(eip);
2453 gen_eob(s);
2454 }
2455 }
2456
2457 static inline void gen_jcc(DisasContext *s, int b,
2458 target_ulong val, target_ulong next_eip)
2459 {
2460 int l1, l2;
2461
2462 if (s->jmp_opt) {
2463 gen_update_cc_op(s);
2464 l1 = gen_new_label();
2465 gen_jcc1(s, b, l1);
2466 set_cc_op(s, CC_OP_DYNAMIC);
2467
2468 gen_goto_tb(s, 0, next_eip);
2469
2470 gen_set_label(l1);
2471 gen_goto_tb(s, 1, val);
2472 s->is_jmp = DISAS_TB_JUMP;
2473 } else {
2474 l1 = gen_new_label();
2475 l2 = gen_new_label();
2476 gen_jcc1(s, b, l1);
2477
2478 gen_jmp_im(next_eip);
2479 tcg_gen_br(l2);
2480
2481 gen_set_label(l1);
2482 gen_jmp_im(val);
2483 gen_set_label(l2);
2484 gen_eob(s);
2485 }
2486 }
2487
2488 static void gen_setcc(DisasContext *s, int b)
2489 {
2490 int inv, jcc_op, l1;
2491 TCGv t0;
2492
2493 if (is_fast_jcc_case(s, b)) {
2494 /* nominal case: we use a jump */
2495 /* XXX: make it faster by adding new instructions in TCG */
2496 t0 = tcg_temp_local_new();
2497 tcg_gen_movi_tl(t0, 0);
2498 l1 = gen_new_label();
2499 gen_jcc1(s, b ^ 1, l1);
2500 tcg_gen_movi_tl(t0, 1);
2501 gen_set_label(l1);
2502 tcg_gen_mov_tl(cpu_T[0], t0);
2503 tcg_temp_free(t0);
2504 } else {
2505 /* slow case: it is more efficient not to generate a jump,
2506 although it is questionnable whether this optimization is
2507 worth to */
2508 inv = b & 1;
2509 jcc_op = (b >> 1) & 7;
2510 gen_setcc_slow(s, jcc_op, cpu_T[0], inv);
2511 }
2512 }
2513
2514 static inline void gen_op_movl_T0_seg(int seg_reg)
2515 {
2516 tcg_gen_ld32u_tl(cpu_T[0], cpu_env,
2517 offsetof(CPUX86State,segs[seg_reg].selector));
2518 }
2519
2520 static inline void gen_op_movl_seg_T0_vm(int seg_reg)
2521 {
2522 tcg_gen_andi_tl(cpu_T[0], cpu_T[0], 0xffff);
2523 tcg_gen_st32_tl(cpu_T[0], cpu_env,
2524 offsetof(CPUX86State,segs[seg_reg].selector));
2525 tcg_gen_shli_tl(cpu_T[0], cpu_T[0], 4);
2526 tcg_gen_st_tl(cpu_T[0], cpu_env,
2527 offsetof(CPUX86State,segs[seg_reg].base));
2528 }
2529
2530 /* move T0 to seg_reg and compute if the CPU state may change. Never
2531 call this function with seg_reg == R_CS */
2532 static void gen_movl_seg_T0(DisasContext *s, int seg_reg, target_ulong cur_eip)
2533 {
2534 if (s->pe && !s->vm86) {
2535 /* XXX: optimize by finding processor state dynamically */
2536 gen_update_cc_op(s);
2537 gen_jmp_im(cur_eip);
2538 tcg_gen_trunc_tl_i32(cpu_tmp2_i32, cpu_T[0]);
2539 gen_helper_load_seg(cpu_env, tcg_const_i32(seg_reg), cpu_tmp2_i32);
2540 /* abort translation because the addseg value may change or
2541 because ss32 may change. For R_SS, translation must always
2542 stop as a special handling must be done to disable hardware
2543 interrupts for the next instruction */
2544 if (seg_reg == R_SS || (s->code32 && seg_reg < R_FS))
2545 s->is_jmp = DISAS_TB_JUMP;
2546 } else {
2547 gen_op_movl_seg_T0_vm(seg_reg);
2548 if (seg_reg == R_SS)
2549 s->is_jmp = DISAS_TB_JUMP;
2550 }
2551 }
2552
2553 static inline int svm_is_rep(int prefixes)
2554 {
2555 return ((prefixes & (PREFIX_REPZ | PREFIX_REPNZ)) ? 8 : 0);
2556 }
2557
2558 static inline void
2559 gen_svm_check_intercept_param(DisasContext *s, target_ulong pc_start,
2560 uint32_t type, uint64_t param)
2561 {
2562 /* no SVM activated; fast case */
2563 if (likely(!(s->flags & HF_SVMI_MASK)))
2564 return;
2565 gen_update_cc_op(s);
2566 gen_jmp_im(pc_start - s->cs_base);
2567 gen_helper_svm_check_intercept_param(cpu_env, tcg_const_i32(type),
2568 tcg_const_i64(param));
2569 }
2570
2571 static inline void
2572 gen_svm_check_intercept(DisasContext *s, target_ulong pc_start, uint64_t type)
2573 {
2574 gen_svm_check_intercept_param(s, pc_start, type, 0);
2575 }
2576
2577 static inline void gen_stack_update(DisasContext *s, int addend)
2578 {
2579 #ifdef TARGET_X86_64
2580 if (CODE64(s)) {
2581 gen_op_add_reg_im(2, R_ESP, addend);
2582 } else
2583 #endif
2584 if (s->ss32) {
2585 gen_op_add_reg_im(1, R_ESP, addend);
2586 } else {
2587 gen_op_add_reg_im(0, R_ESP, addend);
2588 }
2589 }
2590
2591 /* generate a push. It depends on ss32, addseg and dflag */
2592 static void gen_push_T0(DisasContext *s)
2593 {
2594 #ifdef TARGET_X86_64
2595 if (CODE64(s)) {
2596 gen_op_movq_A0_reg(R_ESP);
2597 if (s->dflag) {
2598 gen_op_addq_A0_im(-8);
2599 gen_op_st_T0_A0(OT_QUAD + s->mem_index);
2600 } else {
2601 gen_op_addq_A0_im(-2);
2602 gen_op_st_T0_A0(OT_WORD + s->mem_index);
2603 }
2604 gen_op_mov_reg_A0(2, R_ESP);
2605 } else
2606 #endif
2607 {
2608 gen_op_movl_A0_reg(R_ESP);
2609 if (!s->dflag)
2610 gen_op_addl_A0_im(-2);
2611 else
2612 gen_op_addl_A0_im(-4);
2613 if (s->ss32) {
2614 if (s->addseg) {
2615 tcg_gen_mov_tl(cpu_T[1], cpu_A0);
2616 gen_op_addl_A0_seg(s, R_SS);
2617 }
2618 } else {
2619 gen_op_andl_A0_ffff();
2620 tcg_gen_mov_tl(cpu_T[1], cpu_A0);
2621 gen_op_addl_A0_seg(s, R_SS);
2622 }
2623 gen_op_st_T0_A0(s->dflag + 1 + s->mem_index);
2624 if (s->ss32 && !s->addseg)
2625 gen_op_mov_reg_A0(1, R_ESP);
2626 else
2627 gen_op_mov_reg_T1(s->ss32 + 1, R_ESP);
2628 }
2629 }
2630
2631 /* generate a push. It depends on ss32, addseg and dflag */
2632 /* slower version for T1, only used for call Ev */
2633 static void gen_push_T1(DisasContext *s)
2634 {
2635 #ifdef TARGET_X86_64
2636 if (CODE64(s)) {
2637 gen_op_movq_A0_reg(R_ESP);
2638 if (s->dflag) {
2639 gen_op_addq_A0_im(-8);
2640 gen_op_st_T1_A0(OT_QUAD + s->mem_index);
2641 } else {
2642 gen_op_addq_A0_im(-2);
2643 gen_op_st_T0_A0(OT_WORD + s->mem_index);
2644 }
2645 gen_op_mov_reg_A0(2, R_ESP);
2646 } else
2647 #endif
2648 {
2649 gen_op_movl_A0_reg(R_ESP);
2650 if (!s->dflag)
2651 gen_op_addl_A0_im(-2);
2652 else
2653 gen_op_addl_A0_im(-4);
2654 if (s->ss32) {
2655 if (s->addseg) {
2656 gen_op_addl_A0_seg(s, R_SS);
2657 }
2658 } else {
2659 gen_op_andl_A0_ffff();
2660 gen_op_addl_A0_seg(s, R_SS);
2661 }
2662 gen_op_st_T1_A0(s->dflag + 1 + s->mem_index);
2663
2664 if (s->ss32 && !s->addseg)
2665 gen_op_mov_reg_A0(1, R_ESP);
2666 else
2667 gen_stack_update(s, (-2) << s->dflag);
2668 }
2669 }
2670
2671 /* two step pop is necessary for precise exceptions */
2672 static void gen_pop_T0(DisasContext *s)
2673 {
2674 #ifdef TARGET_X86_64
2675 if (CODE64(s)) {
2676 gen_op_movq_A0_reg(R_ESP);
2677 gen_op_ld_T0_A0((s->dflag ? OT_QUAD : OT_WORD) + s->mem_index);
2678 } else
2679 #endif
2680 {
2681 gen_op_movl_A0_reg(R_ESP);
2682 if (s->ss32) {
2683 if (s->addseg)
2684 gen_op_addl_A0_seg(s, R_SS);
2685 } else {
2686 gen_op_andl_A0_ffff();
2687 gen_op_addl_A0_seg(s, R_SS);
2688 }
2689 gen_op_ld_T0_A0(s->dflag + 1 + s->mem_index);
2690 }
2691 }
2692
2693 static void gen_pop_update(DisasContext *s)
2694 {
2695 #ifdef TARGET_X86_64
2696 if (CODE64(s) && s->dflag) {
2697 gen_stack_update(s, 8);
2698 } else
2699 #endif
2700 {
2701 gen_stack_update(s, 2 << s->dflag);
2702 }
2703 }
2704
2705 static void gen_stack_A0(DisasContext *s)
2706 {
2707 gen_op_movl_A0_reg(R_ESP);
2708 if (!s->ss32)
2709 gen_op_andl_A0_ffff();
2710 tcg_gen_mov_tl(cpu_T[1], cpu_A0);
2711 if (s->addseg)
2712 gen_op_addl_A0_seg(s, R_SS);
2713 }
2714
2715 /* NOTE: wrap around in 16 bit not fully handled */
2716 static void gen_pusha(DisasContext *s)
2717 {
2718 int i;
2719 gen_op_movl_A0_reg(R_ESP);
2720 gen_op_addl_A0_im(-16 << s->dflag);
2721 if (!s->ss32)
2722 gen_op_andl_A0_ffff();
2723 tcg_gen_mov_tl(cpu_T[1], cpu_A0);
2724 if (s->addseg)
2725 gen_op_addl_A0_seg(s, R_SS);
2726 for(i = 0;i < 8; i++) {
2727 gen_op_mov_TN_reg(OT_LONG, 0, 7 - i);
2728 gen_op_st_T0_A0(OT_WORD + s->dflag + s->mem_index);
2729 gen_op_addl_A0_im(2 << s->dflag);
2730 }
2731 gen_op_mov_reg_T1(OT_WORD + s->ss32, R_ESP);
2732 }
2733
2734 /* NOTE: wrap around in 16 bit not fully handled */
2735 static void gen_popa(DisasContext *s)
2736 {
2737 int i;
2738 gen_op_movl_A0_reg(R_ESP);
2739 if (!s->ss32)
2740 gen_op_andl_A0_ffff();
2741 tcg_gen_mov_tl(cpu_T[1], cpu_A0);
2742 tcg_gen_addi_tl(cpu_T[1], cpu_T[1], 16 << s->dflag);
2743 if (s->addseg)
2744 gen_op_addl_A0_seg(s, R_SS);
2745 for(i = 0;i < 8; i++) {
2746 /* ESP is not reloaded */
2747 if (i != 3) {
2748 gen_op_ld_T0_A0(OT_WORD + s->dflag + s->mem_index);
2749 gen_op_mov_reg_T0(OT_WORD + s->dflag, 7 - i);
2750 }
2751 gen_op_addl_A0_im(2 << s->dflag);
2752 }
2753 gen_op_mov_reg_T1(OT_WORD + s->ss32, R_ESP);
2754 }
2755
2756 static void gen_enter(DisasContext *s, int esp_addend, int level)
2757 {
2758 int ot, opsize;
2759
2760 level &= 0x1f;
2761 #ifdef TARGET_X86_64
2762 if (CODE64(s)) {
2763 ot = s->dflag ? OT_QUAD : OT_WORD;
2764 opsize = 1 << ot;
2765
2766 gen_op_movl_A0_reg(R_ESP);
2767 gen_op_addq_A0_im(-opsize);
2768 tcg_gen_mov_tl(cpu_T[1], cpu_A0);
2769
2770 /* push bp */
2771 gen_op_mov_TN_reg(OT_LONG, 0, R_EBP);
2772 gen_op_st_T0_A0(ot + s->mem_index);
2773 if (level) {
2774 /* XXX: must save state */
2775 gen_helper_enter64_level(cpu_env, tcg_const_i32(level),
2776 tcg_const_i32((ot == OT_QUAD)),
2777 cpu_T[1]);
2778 }
2779 gen_op_mov_reg_T1(ot, R_EBP);
2780 tcg_gen_addi_tl(cpu_T[1], cpu_T[1], -esp_addend + (-opsize * level));
2781 gen_op_mov_reg_T1(OT_QUAD, R_ESP);
2782 } else
2783 #endif
2784 {
2785 ot = s->dflag + OT_WORD;
2786 opsize = 2 << s->dflag;
2787
2788 gen_op_movl_A0_reg(R_ESP);
2789 gen_op_addl_A0_im(-opsize);
2790 if (!s->ss32)
2791 gen_op_andl_A0_ffff();
2792 tcg_gen_mov_tl(cpu_T[1], cpu_A0);
2793 if (s->addseg)
2794 gen_op_addl_A0_seg(s, R_SS);
2795 /* push bp */
2796 gen_op_mov_TN_reg(OT_LONG, 0, R_EBP);
2797 gen_op_st_T0_A0(ot + s->mem_index);
2798 if (level) {
2799 /* XXX: must save state */
2800 gen_helper_enter_level(cpu_env, tcg_const_i32(level),
2801 tcg_const_i32(s->dflag),
2802 cpu_T[1]);
2803 }
2804 gen_op_mov_reg_T1(ot, R_EBP);
2805 tcg_gen_addi_tl(cpu_T[1], cpu_T[1], -esp_addend + (-opsize * level));
2806 gen_op_mov_reg_T1(OT_WORD + s->ss32, R_ESP);
2807 }
2808 }
2809
2810 static void gen_exception(DisasContext *s, int trapno, target_ulong cur_eip)
2811 {
2812 gen_update_cc_op(s);
2813 gen_jmp_im(cur_eip);
2814 gen_helper_raise_exception(cpu_env, tcg_const_i32(trapno));
2815 s->is_jmp = DISAS_TB_JUMP;
2816 }
2817
2818 /* an interrupt is different from an exception because of the
2819 privilege checks */
2820 static void gen_interrupt(DisasContext *s, int intno,
2821 target_ulong cur_eip, target_ulong next_eip)
2822 {
2823 gen_update_cc_op(s);
2824 gen_jmp_im(cur_eip);
2825 gen_helper_raise_interrupt(cpu_env, tcg_const_i32(intno),
2826 tcg_const_i32(next_eip - cur_eip));
2827 s->is_jmp = DISAS_TB_JUMP;
2828 }
2829
2830 static void gen_debug(DisasContext *s, target_ulong cur_eip)
2831 {
2832 gen_update_cc_op(s);
2833 gen_jmp_im(cur_eip);
2834 gen_helper_debug(cpu_env);
2835 s->is_jmp = DISAS_TB_JUMP;
2836 }
2837
2838 /* generate a generic end of block. Trace exception is also generated
2839 if needed */
2840 static void gen_eob(DisasContext *s)
2841 {
2842 gen_update_cc_op(s);
2843 if (s->tb->flags & HF_INHIBIT_IRQ_MASK) {
2844 gen_helper_reset_inhibit_irq(cpu_env);
2845 }
2846 if (s->tb->flags & HF_RF_MASK) {
2847 gen_helper_reset_rf(cpu_env);
2848 }
2849 if (s->singlestep_enabled) {
2850 gen_helper_debug(cpu_env);
2851 } else if (s->tf) {
2852 gen_helper_single_step(cpu_env);
2853 } else {
2854 tcg_gen_exit_tb(0);
2855 }
2856 s->is_jmp = DISAS_TB_JUMP;
2857 }
2858
2859 /* generate a jump to eip. No segment change must happen before as a
2860 direct call to the next block may occur */
2861 static void gen_jmp_tb(DisasContext *s, target_ulong eip, int tb_num)
2862 {
2863 if (s->jmp_opt) {
2864 gen_update_cc_op(s);
2865 gen_goto_tb(s, tb_num, eip);
2866 s->is_jmp = DISAS_TB_JUMP;
2867 } else {
2868 gen_jmp_im(eip);
2869 gen_eob(s);
2870 }
2871 }
2872
2873 static void gen_jmp(DisasContext *s, target_ulong eip)
2874 {
2875 gen_jmp_tb(s, eip, 0);
2876 }
2877
2878 static inline void gen_ldq_env_A0(int idx, int offset)
2879 {
2880 int mem_index = (idx >> 2) - 1;
2881 tcg_gen_qemu_ld64(cpu_tmp1_i64, cpu_A0, mem_index);
2882 tcg_gen_st_i64(cpu_tmp1_i64, cpu_env, offset);
2883 }
2884
2885 static inline void gen_stq_env_A0(int idx, int offset)
2886 {
2887 int mem_index = (idx >> 2) - 1;
2888 tcg_gen_ld_i64(cpu_tmp1_i64, cpu_env, offset);
2889 tcg_gen_qemu_st64(cpu_tmp1_i64, cpu_A0, mem_index);
2890 }
2891
2892 static inline void gen_ldo_env_A0(int idx, int offset)
2893 {
2894 int mem_index = (idx >> 2) - 1;
2895 tcg_gen_qemu_ld64(cpu_tmp1_i64, cpu_A0, mem_index);
2896 tcg_gen_st_i64(cpu_tmp1_i64, cpu_env, offset + offsetof(XMMReg, XMM_Q(0)));
2897 tcg_gen_addi_tl(cpu_tmp0, cpu_A0, 8);
2898 tcg_gen_qemu_ld64(cpu_tmp1_i64, cpu_tmp0, mem_index);
2899 tcg_gen_st_i64(cpu_tmp1_i64, cpu_env, offset + offsetof(XMMReg, XMM_Q(1)));
2900 }
2901
2902 static inline void gen_sto_env_A0(int idx, int offset)
2903 {
2904 int mem_index = (idx >> 2) - 1;
2905 tcg_gen_ld_i64(cpu_tmp1_i64, cpu_env, offset + offsetof(XMMReg, XMM_Q(0)));
2906 tcg_gen_qemu_st64(cpu_tmp1_i64, cpu_A0, mem_index);
2907 tcg_gen_addi_tl(cpu_tmp0, cpu_A0, 8);
2908 tcg_gen_ld_i64(cpu_tmp1_i64, cpu_env, offset + offsetof(XMMReg, XMM_Q(1)));
2909 tcg_gen_qemu_st64(cpu_tmp1_i64, cpu_tmp0, mem_index);
2910 }
2911
2912 static inline void gen_op_movo(int d_offset, int s_offset)
2913 {
2914 tcg_gen_ld_i64(cpu_tmp1_i64, cpu_env, s_offset);
2915 tcg_gen_st_i64(cpu_tmp1_i64, cpu_env, d_offset);
2916 tcg_gen_ld_i64(cpu_tmp1_i64, cpu_env, s_offset + 8);
2917 tcg_gen_st_i64(cpu_tmp1_i64, cpu_env, d_offset + 8);
2918 }
2919
2920 static inline void gen_op_movq(int d_offset, int s_offset)
2921 {
2922 tcg_gen_ld_i64(cpu_tmp1_i64, cpu_env, s_offset);
2923 tcg_gen_st_i64(cpu_tmp1_i64, cpu_env, d_offset);
2924 }
2925
2926 static inline void gen_op_movl(int d_offset, int s_offset)
2927 {
2928 tcg_gen_ld_i32(cpu_tmp2_i32, cpu_env, s_offset);
2929 tcg_gen_st_i32(cpu_tmp2_i32, cpu_env, d_offset);
2930 }
2931
2932 static inline void gen_op_movq_env_0(int d_offset)
2933 {
2934 tcg_gen_movi_i64(cpu_tmp1_i64, 0);
2935 tcg_gen_st_i64(cpu_tmp1_i64, cpu_env, d_offset);
2936 }
2937
2938 typedef void (*SSEFunc_i_ep)(TCGv_i32 val, TCGv_ptr env, TCGv_ptr reg);
2939 typedef void (*SSEFunc_l_ep)(TCGv_i64 val, TCGv_ptr env, TCGv_ptr reg);
2940 typedef void (*SSEFunc_0_epi)(TCGv_ptr env, TCGv_ptr reg, TCGv_i32 val);
2941 typedef void (*SSEFunc_0_epl)(TCGv_ptr env, TCGv_ptr reg, TCGv_i64 val);
2942 typedef void (*SSEFunc_0_epp)(TCGv_ptr env, TCGv_ptr reg_a, TCGv_ptr reg_b);
2943 typedef void (*SSEFunc_0_eppi)(TCGv_ptr env, TCGv_ptr reg_a, TCGv_ptr reg_b,
2944 TCGv_i32 val);
2945 typedef void (*SSEFunc_0_ppi)(TCGv_ptr reg_a, TCGv_ptr reg_b, TCGv_i32 val);
2946 typedef void (*SSEFunc_0_eppt)(TCGv_ptr env, TCGv_ptr reg_a, TCGv_ptr reg_b,
2947 TCGv val);
2948
2949 #define SSE_SPECIAL ((void *)1)
2950 #define SSE_DUMMY ((void *)2)
2951
2952 #define MMX_OP2(x) { gen_helper_ ## x ## _mmx, gen_helper_ ## x ## _xmm }
2953 #define SSE_FOP(x) { gen_helper_ ## x ## ps, gen_helper_ ## x ## pd, \
2954 gen_helper_ ## x ## ss, gen_helper_ ## x ## sd, }
2955
2956 static const SSEFunc_0_epp sse_op_table1[256][4] = {
2957 /* 3DNow! extensions */
2958 [0x0e] = { SSE_DUMMY }, /* femms */
2959 [0x0f] = { SSE_DUMMY }, /* pf... */
2960 /* pure SSE operations */
2961 [0x10] = { SSE_SPECIAL, SSE_SPECIAL, SSE_SPECIAL, SSE_SPECIAL }, /* movups, movupd, movss, movsd */
2962 [0x11] = { SSE_SPECIAL, SSE_SPECIAL, SSE_SPECIAL, SSE_SPECIAL }, /* movups, movupd, movss, movsd */
2963 [0x12] = { SSE_SPECIAL, SSE_SPECIAL, SSE_SPECIAL, SSE_SPECIAL }, /* movlps, movlpd, movsldup, movddup */
2964 [0x13] = { SSE_SPECIAL, SSE_SPECIAL }, /* movlps, movlpd */
2965 [0x14] = { gen_helper_punpckldq_xmm, gen_helper_punpcklqdq_xmm },
2966 [0x15] = { gen_helper_punpckhdq_xmm, gen_helper_punpckhqdq_xmm },
2967 [0x16] = { SSE_SPECIAL, SSE_SPECIAL, SSE_SPECIAL }, /* movhps, movhpd, movshdup */
2968 [0x17] = { SSE_SPECIAL, SSE_SPECIAL }, /* movhps, movhpd */
2969
2970 [0x28] = { SSE_SPECIAL, SSE_SPECIAL }, /* movaps, movapd */
2971 [0x29] = { SSE_SPECIAL, SSE_SPECIAL }, /* movaps, movapd */
2972 [0x2a] = { SSE_SPECIAL, SSE_SPECIAL, SSE_SPECIAL, SSE_SPECIAL }, /* cvtpi2ps, cvtpi2pd, cvtsi2ss, cvtsi2sd */
2973 [0x2b] = { SSE_SPECIAL, SSE_SPECIAL, SSE_SPECIAL, SSE_SPECIAL }, /* movntps, movntpd, movntss, movntsd */
2974 [0x2c] = { SSE_SPECIAL, SSE_SPECIAL, SSE_SPECIAL, SSE_SPECIAL }, /* cvttps2pi, cvttpd2pi, cvttsd2si, cvttss2si */
2975 [0x2d] = { SSE_SPECIAL, SSE_SPECIAL, SSE_SPECIAL, SSE_SPECIAL }, /* cvtps2pi, cvtpd2pi, cvtsd2si, cvtss2si */
2976 [0x2e] = { gen_helper_ucomiss, gen_helper_ucomisd },
2977 [0x2f] = { gen_helper_comiss, gen_helper_comisd },
2978 [0x50] = { SSE_SPECIAL, SSE_SPECIAL }, /* movmskps, movmskpd */
2979 [0x51] = SSE_FOP(sqrt),
2980 [0x52] = { gen_helper_rsqrtps, NULL, gen_helper_rsqrtss, NULL },
2981 [0x53] = { gen_helper_rcpps, NULL, gen_helper_rcpss, NULL },
2982 [0x54] = { gen_helper_pand_xmm, gen_helper_pand_xmm }, /* andps, andpd */
2983 [0x55] = { gen_helper_pandn_xmm, gen_helper_pandn_xmm }, /* andnps, andnpd */
2984 [0x56] = { gen_helper_por_xmm, gen_helper_por_xmm }, /* orps, orpd */
2985 [0x57] = { gen_helper_pxor_xmm, gen_helper_pxor_xmm }, /* xorps, xorpd */
2986 [0x58] = SSE_FOP(add),
2987 [0x59] = SSE_FOP(mul),
2988 [0x5a] = { gen_helper_cvtps2pd, gen_helper_cvtpd2ps,
2989 gen_helper_cvtss2sd, gen_helper_cvtsd2ss },
2990 [0x5b] = { gen_helper_cvtdq2ps, gen_helper_cvtps2dq, gen_helper_cvttps2dq },
2991 [0x5c] = SSE_FOP(sub),
2992 [0x5d] = SSE_FOP(min),
2993 [0x5e] = SSE_FOP(div),
2994 [0x5f] = SSE_FOP(max),
2995
2996 [0xc2] = SSE_FOP(cmpeq),
2997 [0xc6] = { (SSEFunc_0_epp)gen_helper_shufps,
2998 (SSEFunc_0_epp)gen_helper_shufpd }, /* XXX: casts */
2999
3000 [0x38] = { SSE_SPECIAL, SSE_SPECIAL, NULL, SSE_SPECIAL }, /* SSSE3/SSE4 */
3001 [0x3a] = { SSE_SPECIAL, SSE_SPECIAL }, /* SSSE3/SSE4 */
3002
3003 /* MMX ops and their SSE extensions */
3004 [0x60] = MMX_OP2(punpcklbw),
3005 [0x61] = MMX_OP2(punpcklwd),
3006 [0x62] = MMX_OP2(punpckldq),
3007 [0x63] = MMX_OP2(packsswb),
3008 [0x64] = MMX_OP2(pcmpgtb),
3009 [0x65] = MMX_OP2(pcmpgtw),
3010 [0x66] = MMX_OP2(pcmpgtl),
3011 [0x67] = MMX_OP2(packuswb),
3012 [0x68] = MMX_OP2(punpckhbw),
3013 [0x69] = MMX_OP2(punpckhwd),
3014 [0x6a] = MMX_OP2(punpckhdq),
3015 [0x6b] = MMX_OP2(packssdw),
3016 [0x6c] = { NULL, gen_helper_punpcklqdq_xmm },
3017 [0x6d] = { NULL, gen_helper_punpckhqdq_xmm },
3018 [0x6e] = { SSE_SPECIAL, SSE_SPECIAL }, /* movd mm, ea */
3019 [0x6f] = { SSE_SPECIAL, SSE_SPECIAL, SSE_SPECIAL }, /* movq, movdqa, , movqdu */
3020 [0x70] = { (SSEFunc_0_epp)gen_helper_pshufw_mmx,
3021 (SSEFunc_0_epp)gen_helper_pshufd_xmm,
3022 (SSEFunc_0_epp)gen_helper_pshufhw_xmm,
3023 (SSEFunc_0_epp)gen_helper_pshuflw_xmm }, /* XXX: casts */
3024 [0x71] = { SSE_SPECIAL, SSE_SPECIAL }, /* shiftw */
3025 [0x72] = { SSE_SPECIAL, SSE_SPECIAL }, /* shiftd */
3026 [0x73] = { SSE_SPECIAL, SSE_SPECIAL }, /* shiftq */
3027 [0x74] = MMX_OP2(pcmpeqb),
3028 [0x75] = MMX_OP2(pcmpeqw),
3029 [0x76] = MMX_OP2(pcmpeql),
3030 [0x77] = { SSE_DUMMY }, /* emms */
3031 [0x78] = { NULL, SSE_SPECIAL, NULL, SSE_SPECIAL }, /* extrq_i, insertq_i */
3032 [0x79] = { NULL, gen_helper_extrq_r, NULL, gen_helper_insertq_r },
3033 [0x7c] = { NULL, gen_helper_haddpd, NULL, gen_helper_haddps },
3034 [0x7d] = { NULL, gen_helper_hsubpd, NULL, gen_helper_hsubps },
3035 [0x7e] = { SSE_SPECIAL, SSE_SPECIAL, SSE_SPECIAL }, /* movd, movd, , movq */
3036 [0x7f] = { SSE_SPECIAL, SSE_SPECIAL, SSE_SPECIAL }, /* movq, movdqa, movdqu */
3037 [0xc4] = { SSE_SPECIAL, SSE_SPECIAL }, /* pinsrw */
3038 [0xc5] = { SSE_SPECIAL, SSE_SPECIAL }, /* pextrw */
3039 [0xd0] = { NULL, gen_helper_addsubpd, NULL, gen_helper_addsubps },
3040 [0xd1] = MMX_OP2(psrlw),
3041 [0xd2] = MMX_OP2(psrld),
3042 [0xd3] = MMX_OP2(psrlq),
3043 [0xd4] = MMX_OP2(paddq),
3044 [0xd5] = MMX_OP2(pmullw),
3045 [0xd6] = { NULL, SSE_SPECIAL, SSE_SPECIAL, SSE_SPECIAL },
3046 [0xd7] = { SSE_SPECIAL, SSE_SPECIAL }, /* pmovmskb */
3047 [0xd8] = MMX_OP2(psubusb),
3048 [0xd9] = MMX_OP2(psubusw),
3049 [0xda] = MMX_OP2(pminub),
3050 [0xdb] = MMX_OP2(pand),
3051 [0xdc] = MMX_OP2(paddusb),
3052 [0xdd] = MMX_OP2(paddusw),
3053 [0xde] = MMX_OP2(pmaxub),
3054 [0xdf] = MMX_OP2(pandn),
3055 [0xe0] = MMX_OP2(pavgb),
3056 [0xe1] = MMX_OP2(psraw),
3057 [0xe2] = MMX_OP2(psrad),
3058 [0xe3] = MMX_OP2(pavgw),
3059 [0xe4] = MMX_OP2(pmulhuw),
3060 [0xe5] = MMX_OP2(pmulhw),
3061 [0xe6] = { NULL, gen_helper_cvttpd2dq, gen_helper_cvtdq2pd, gen_helper_cvtpd2dq },
3062 [0xe7] = { SSE_SPECIAL , SSE_SPECIAL }, /* movntq, movntq */
3063 [0xe8] = MMX_OP2(psubsb),
3064 [0xe9] = MMX_OP2(psubsw),
3065 [0xea] = MMX_OP2(pminsw),
3066 [0xeb] = MMX_OP2(por),
3067 [0xec] = MMX_OP2(paddsb),
3068 [0xed] = MMX_OP2(paddsw),
3069 [0xee] = MMX_OP2(pmaxsw),
3070 [0xef] = MMX_OP2(pxor),
3071 [0xf0] = { NULL, NULL, NULL, SSE_SPECIAL }, /* lddqu */
3072 [0xf1] = MMX_OP2(psllw),
3073 [0xf2] = MMX_OP2(pslld),
3074 [0xf3] = MMX_OP2(psllq),
3075 [0xf4] = MMX_OP2(pmuludq),
3076 [0xf5] = MMX_OP2(pmaddwd),
3077 [0xf6] = MMX_OP2(psadbw),
3078 [0xf7] = { (SSEFunc_0_epp)gen_helper_maskmov_mmx,
3079 (SSEFunc_0_epp)gen_helper_maskmov_xmm }, /* XXX: casts */
3080 [0xf8] = MMX_OP2(psubb),
3081 [0xf9] = MMX_OP2(psubw),
3082 [0xfa] = MMX_OP2(psubl),
3083 [0xfb] = MMX_OP2(psubq),
3084 [0xfc] = MMX_OP2(paddb),
3085 [0xfd] = MMX_OP2(paddw),
3086 [0xfe] = MMX_OP2(paddl),
3087 };
3088
3089 static const SSEFunc_0_epp sse_op_table2[3 * 8][2] = {
3090 [0 + 2] = MMX_OP2(psrlw),
3091 [0 + 4] = MMX_OP2(psraw),
3092 [0 + 6] = MMX_OP2(psllw),
3093 [8 + 2] = MMX_OP2(psrld),
3094 [8 + 4] = MMX_OP2(psrad),
3095 [8 + 6] = MMX_OP2(pslld),
3096 [16 + 2] = MMX_OP2(psrlq),
3097 [16 + 3] = { NULL, gen_helper_psrldq_xmm },
3098 [16 + 6] = MMX_OP2(psllq),
3099 [16 + 7] = { NULL, gen_helper_pslldq_xmm },
3100 };
3101
3102 static const SSEFunc_0_epi sse_op_table3ai[] = {
3103 gen_helper_cvtsi2ss,
3104 gen_helper_cvtsi2sd
3105 };
3106
3107 #ifdef TARGET_X86_64
3108 static const SSEFunc_0_epl sse_op_table3aq[] = {
3109 gen_helper_cvtsq2ss,
3110 gen_helper_cvtsq2sd
3111 };
3112 #endif
3113
3114 static const SSEFunc_i_ep sse_op_table3bi[] = {
3115 gen_helper_cvttss2si,
3116 gen_helper_cvtss2si,
3117 gen_helper_cvttsd2si,
3118 gen_helper_cvtsd2si
3119 };
3120
3121 #ifdef TARGET_X86_64
3122 static const SSEFunc_l_ep sse_op_table3bq[] = {
3123 gen_helper_cvttss2sq,
3124 gen_helper_cvtss2sq,
3125 gen_helper_cvttsd2sq,
3126 gen_helper_cvtsd2sq
3127 };
3128 #endif
3129
3130 static const SSEFunc_0_epp sse_op_table4[8][4] = {
3131 SSE_FOP(cmpeq),
3132 SSE_FOP(cmplt),
3133 SSE_FOP(cmple),
3134 SSE_FOP(cmpunord),
3135 SSE_FOP(cmpneq),
3136 SSE_FOP(cmpnlt),
3137 SSE_FOP(cmpnle),
3138 SSE_FOP(cmpord),
3139 };
3140
3141 static const SSEFunc_0_epp sse_op_table5[256] = {
3142 [0x0c] = gen_helper_pi2fw,
3143 [0x0d] = gen_helper_pi2fd,
3144 [0x1c] = gen_helper_pf2iw,
3145 [0x1d] = gen_helper_pf2id,
3146 [0x8a] = gen_helper_pfnacc,
3147 [0x8e] = gen_helper_pfpnacc,
3148 [0x90] = gen_helper_pfcmpge,
3149 [0x94] = gen_helper_pfmin,
3150 [0x96] = gen_helper_pfrcp,
3151 [0x97] = gen_helper_pfrsqrt,
3152 [0x9a] = gen_helper_pfsub,
3153 [0x9e] = gen_helper_pfadd,
3154 [0xa0] = gen_helper_pfcmpgt,
3155 [0xa4] = gen_helper_pfmax,
3156 [0xa6] = gen_helper_movq, /* pfrcpit1; no need to actually increase precision */
3157 [0xa7] = gen_helper_movq, /* pfrsqit1 */
3158 [0xaa] = gen_helper_pfsubr,
3159 [0xae] = gen_helper_pfacc,
3160 [0xb0] = gen_helper_pfcmpeq,
3161 [0xb4] = gen_helper_pfmul,
3162 [0xb6] = gen_helper_movq, /* pfrcpit2 */
3163 [0xb7] = gen_helper_pmulhrw_mmx,
3164 [0xbb] = gen_helper_pswapd,
3165 [0xbf] = gen_helper_pavgb_mmx /* pavgusb */
3166 };
3167
3168 struct SSEOpHelper_epp {
3169 SSEFunc_0_epp op[2];
3170 uint32_t ext_mask;
3171 };
3172
3173 struct SSEOpHelper_eppi {
3174 SSEFunc_0_eppi op[2];
3175 uint32_t ext_mask;
3176 };
3177
3178 #define SSSE3_OP(x) { MMX_OP2(x), CPUID_EXT_SSSE3 }
3179 #define SSE41_OP(x) { { NULL, gen_helper_ ## x ## _xmm }, CPUID_EXT_SSE41 }
3180 #define SSE42_OP(x) { { NULL, gen_helper_ ## x ## _xmm }, CPUID_EXT_SSE42 }
3181 #define SSE41_SPECIAL { { NULL, SSE_SPECIAL }, CPUID_EXT_SSE41 }
3182
3183 static const struct SSEOpHelper_epp sse_op_table6[256] = {
3184 [0x00] = SSSE3_OP(pshufb),
3185 [0x01] = SSSE3_OP(phaddw),
3186 [0x02] = SSSE3_OP(phaddd),
3187 [0x03] = SSSE3_OP(phaddsw),
3188 [0x04] = SSSE3_OP(pmaddubsw),
3189 [0x05] = SSSE3_OP(phsubw),
3190 [0x06] = SSSE3_OP(phsubd),
3191 [0x07] = SSSE3_OP(phsubsw),
3192 [0x08] = SSSE3_OP(psignb),
3193 [0x09] = SSSE3_OP(psignw),
3194 [0x0a] = SSSE3_OP(psignd),
3195 [0x0b] = SSSE3_OP(pmulhrsw),
3196 [0x10] = SSE41_OP(pblendvb),
3197 [0x14] = SSE41_OP(blendvps),
3198 [0x15] = SSE41_OP(blendvpd),
3199 [0x17] = SSE41_OP(ptest),
3200 [0x1c] = SSSE3_OP(pabsb),
3201 [0x1d] = SSSE3_OP(pabsw),
3202 [0x1e] = SSSE3_OP(pabsd),
3203 [0x20] = SSE41_OP(pmovsxbw),
3204 [0x21] = SSE41_OP(pmovsxbd),
3205 [0x22] = SSE41_OP(pmovsxbq),
3206 [0x23] = SSE41_OP(pmovsxwd),
3207 [0x24] = SSE41_OP(pmovsxwq),
3208 [0x25] = SSE41_OP(pmovsxdq),
3209 [0x28] = SSE41_OP(pmuldq),
3210 [0x29] = SSE41_OP(pcmpeqq),
3211 [0x2a] = SSE41_SPECIAL, /* movntqda */
3212 [0x2b] = SSE41_OP(packusdw),
3213 [0x30] = SSE41_OP(pmovzxbw),
3214 [0x31] = SSE41_OP(pmovzxbd),
3215 [0x32] = SSE41_OP(pmovzxbq),
3216 [0x33] = SSE41_OP(pmovzxwd),
3217 [0x34] = SSE41_OP(pmovzxwq),
3218 [0x35] = SSE41_OP(pmovzxdq),
3219 [0x37] = SSE42_OP(pcmpgtq),
3220 [0x38] = SSE41_OP(pminsb),
3221 [0x39] = SSE41_OP(pminsd),
3222 [0x3a] = SSE41_OP(pminuw),
3223 [0x3b] = SSE41_OP(pminud),
3224 [0x3c] = SSE41_OP(pmaxsb),
3225 [0x3d] = SSE41_OP(pmaxsd),
3226 [0x3e] = SSE41_OP(pmaxuw),
3227 [0x3f] = SSE41_OP(pmaxud),
3228 [0x40] = SSE41_OP(pmulld),
3229 [0x41] = SSE41_OP(phminposuw),
3230 };
3231
3232 static const struct SSEOpHelper_eppi sse_op_table7[256] = {
3233 [0x08] = SSE41_OP(roundps),
3234 [0x09] = SSE41_OP(roundpd),
3235 [0x0a] = SSE41_OP(roundss),
3236 [0x0b] = SSE41_OP(roundsd),
3237 [0x0c] = SSE41_OP(blendps),
3238 [0x0d] = SSE41_OP(blendpd),
3239 [0x0e] = SSE41_OP(pblendw),
3240 [0x0f] = SSSE3_OP(palignr),
3241 [0x14] = SSE41_SPECIAL, /* pextrb */
3242 [0x15] = SSE41_SPECIAL, /* pextrw */
3243 [0x16] = SSE41_SPECIAL, /* pextrd/pextrq */
3244 [0x17] = SSE41_SPECIAL, /* extractps */
3245 [0x20] = SSE41_SPECIAL, /* pinsrb */
3246 [0x21] = SSE41_SPECIAL, /* insertps */
3247 [0x22] = SSE41_SPECIAL, /* pinsrd/pinsrq */
3248 [0x40] = SSE41_OP(dpps),
3249 [0x41] = SSE41_OP(dppd),
3250 [0x42] = SSE41_OP(mpsadbw),
3251 [0x60] = SSE42_OP(pcmpestrm),
3252 [0x61] = SSE42_OP(pcmpestri),
3253 [0x62] = SSE42_OP(pcmpistrm),
3254 [0x63] = SSE42_OP(pcmpistri),
3255 };
3256
3257 static void gen_sse(CPUX86State *env, DisasContext *s, int b,
3258 target_ulong pc_start, int rex_r)
3259 {
3260 int b1, op1_offset, op2_offset, is_xmm, val, ot;
3261 int modrm, mod, rm, reg, reg_addr, offset_addr;
3262 SSEFunc_0_epp sse_fn_epp;
3263 SSEFunc_0_eppi sse_fn_eppi;
3264 SSEFunc_0_ppi sse_fn_ppi;
3265 SSEFunc_0_eppt sse_fn_eppt;
3266
3267 b &= 0xff;
3268 if (s->prefix & PREFIX_DATA)
3269 b1 = 1;
3270 else if (s->prefix & PREFIX_REPZ)
3271 b1 = 2;
3272 else if (s->prefix & PREFIX_REPNZ)
3273 b1 = 3;
3274 else
3275 b1 = 0;
3276 sse_fn_epp = sse_op_table1[b][b1];
3277 if (!sse_fn_epp) {
3278 goto illegal_op;
3279 }
3280 if ((b <= 0x5f && b >= 0x10) || b == 0xc6 || b == 0xc2) {
3281 is_xmm = 1;
3282 } else {
3283 if (b1 == 0) {
3284 /* MMX case */
3285 is_xmm = 0;
3286 } else {
3287 is_xmm = 1;
3288 }
3289 }
3290 /* simple MMX/SSE operation */
3291 if (s->flags & HF_TS_MASK) {
3292 gen_exception(s, EXCP07_PREX, pc_start - s->cs_base);
3293 return;
3294 }
3295 if (s->flags & HF_EM_MASK) {
3296 illegal_op:
3297 gen_exception(s, EXCP06_ILLOP, pc_start - s->cs_base);
3298 return;
3299 }
3300 if (is_xmm && !(s->flags & HF_OSFXSR_MASK))
3301 if ((b != 0x38 && b != 0x3a) || (s->prefix & PREFIX_DATA))
3302 goto illegal_op;
3303 if (b == 0x0e) {
3304 if (!(s->cpuid_ext2_features & CPUID_EXT2_3DNOW))
3305 goto illegal_op;
3306 /* femms */
3307 gen_helper_emms(cpu_env);
3308 return;
3309 }
3310 if (b == 0x77) {
3311 /* emms */
3312 gen_helper_emms(cpu_env);
3313 return;
3314 }
3315 /* prepare MMX state (XXX: optimize by storing fptt and fptags in
3316 the static cpu state) */
3317 if (!is_xmm) {
3318 gen_helper_enter_mmx(cpu_env);
3319 }
3320
3321 modrm = cpu_ldub_code(env, s->pc++);
3322 reg = ((modrm >> 3) & 7);
3323 if (is_xmm)
3324 reg |= rex_r;
3325 mod = (modrm >> 6) & 3;
3326 if (sse_fn_epp == SSE_SPECIAL) {
3327 b |= (b1 << 8);
3328 switch(b) {
3329 case 0x0e7: /* movntq */
3330 if (mod == 3)
3331 goto illegal_op;
3332 gen_lea_modrm(env, s, modrm, &reg_addr, &offset_addr);
3333 gen_stq_env_A0(s->mem_index, offsetof(CPUX86State,fpregs[reg].mmx));
3334 break;
3335 case 0x1e7: /* movntdq */
3336 case 0x02b: /* movntps */
3337 case 0x12b: /* movntps */
3338 if (mod == 3)
3339 goto illegal_op;
3340 gen_lea_modrm(env, s, modrm, &reg_addr, &offset_addr);
3341 gen_sto_env_A0(s->mem_index, offsetof(CPUX86State,xmm_regs[reg]));
3342 break;
3343 case 0x3f0: /* lddqu */
3344 if (mod == 3)
3345 goto illegal_op;
3346 gen_lea_modrm(env, s, modrm, &reg_addr, &offset_addr);
3347 gen_ldo_env_A0(s->mem_index, offsetof(CPUX86State,xmm_regs[reg]));
3348 break;
3349 case 0x22b: /* movntss */
3350 case 0x32b: /* movntsd */
3351 if (mod == 3)
3352 goto illegal_op;
3353 gen_lea_modrm(env, s, modrm, &reg_addr, &offset_addr);
3354 if (b1 & 1) {
3355 gen_stq_env_A0(s->mem_index, offsetof(CPUX86State,
3356 xmm_regs[reg]));
3357 } else {
3358 tcg_gen_ld32u_tl(cpu_T[0], cpu_env, offsetof(CPUX86State,
3359 xmm_regs[reg].XMM_L(0)));
3360 gen_op_st_T0_A0(OT_LONG + s->mem_index);
3361 }
3362 break;
3363 case 0x6e: /* movd mm, ea */
3364 #ifdef TARGET_X86_64
3365 if (s->dflag == 2) {
3366 gen_ldst_modrm(env, s, modrm, OT_QUAD, OR_TMP0, 0);
3367 tcg_gen_st_tl(cpu_T[0], cpu_env, offsetof(CPUX86State,fpregs[reg].mmx));
3368 } else
3369 #endif
3370 {
3371 gen_ldst_modrm(env, s, modrm, OT_LONG, OR_TMP0, 0);
3372 tcg_gen_addi_ptr(cpu_ptr0, cpu_env,
3373 offsetof(CPUX86State,fpregs[reg].mmx));
3374 tcg_gen_trunc_tl_i32(cpu_tmp2_i32, cpu_T[0]);
3375 gen_helper_movl_mm_T0_mmx(cpu_ptr0, cpu_tmp2_i32);
3376 }
3377 break;
3378 case 0x16e: /* movd xmm, ea */
3379 #ifdef TARGET_X86_64
3380 if (s->dflag == 2) {
3381 gen_ldst_modrm(env, s, modrm, OT_QUAD, OR_TMP0, 0);
3382 tcg_gen_addi_ptr(cpu_ptr0, cpu_env,
3383 offsetof(CPUX86State,xmm_regs[reg]));
3384 gen_helper_movq_mm_T0_xmm(cpu_ptr0, cpu_T[0]);
3385 } else
3386 #endif
3387 {
3388 gen_ldst_modrm(env, s, modrm, OT_LONG, OR_TMP0, 0);
3389 tcg_gen_addi_ptr(cpu_ptr0, cpu_env,
3390 offsetof(CPUX86State,xmm_regs[reg]));
3391 tcg_gen_trunc_tl_i32(cpu_tmp2_i32, cpu_T[0]);
3392 gen_helper_movl_mm_T0_xmm(cpu_ptr0, cpu_tmp2_i32);
3393 }
3394 break;
3395 case 0x6f: /* movq mm, ea */
3396 if (mod != 3) {
3397 gen_lea_modrm(env, s, modrm, &reg_addr, &offset_addr);
3398 gen_ldq_env_A0(s->mem_index, offsetof(CPUX86State,fpregs[reg].mmx));
3399 } else {
3400 rm = (modrm & 7);
3401 tcg_gen_ld_i64(cpu_tmp1_i64, cpu_env,
3402 offsetof(CPUX86State,fpregs[rm].mmx));
3403 tcg_gen_st_i64(cpu_tmp1_i64, cpu_env,
3404 offsetof(CPUX86State,fpregs[reg].mmx));
3405 }
3406 break;
3407 case 0x010: /* movups */
3408 case 0x110: /* movupd */
3409 case 0x028: /* movaps */
3410 case 0x128: /* movapd */
3411 case 0x16f: /* movdqa xmm, ea */
3412 case 0x26f: /* movdqu xmm, ea */
3413 if (mod != 3) {
3414 gen_lea_modrm(env, s, modrm, &reg_addr, &offset_addr);
3415 gen_ldo_env_A0(s->mem_index, offsetof(CPUX86State,xmm_regs[reg]));
3416 } else {
3417 rm = (modrm & 7) | REX_B(s);
3418 gen_op_movo(offsetof(CPUX86State,xmm_regs[reg]),
3419 offsetof(CPUX86State,xmm_regs[rm]));
3420 }
3421 break;
3422 case 0x210: /* movss xmm, ea */
3423 if (mod != 3) {
3424 gen_lea_modrm(env, s, modrm, &reg_addr, &offset_addr);
3425 gen_op_ld_T0_A0(OT_LONG + s->mem_index);
3426 tcg_gen_st32_tl(cpu_T[0], cpu_env, offsetof(CPUX86State,xmm_regs[reg].XMM_L(0)));
3427 gen_op_movl_T0_0();
3428 tcg_gen_st32_tl(cpu_T[0], cpu_env, offsetof(CPUX86State,xmm_regs[reg].XMM_L(1)));
3429 tcg_gen_st32_tl(cpu_T[0], cpu_env, offsetof(CPUX86State,xmm_regs[reg].XMM_L(2)));
3430 tcg_gen_st32_tl(cpu_T[0], cpu_env, offsetof(CPUX86State,xmm_regs[reg].XMM_L(3)));
3431 } else {
3432 rm = (modrm & 7) | REX_B(s);
3433 gen_op_movl(offsetof(CPUX86State,xmm_regs[reg].XMM_L(0)),
3434 offsetof(CPUX86State,xmm_regs[rm].XMM_L(0)));
3435 }
3436 break;
3437 case 0x310: /* movsd xmm, ea */
3438 if (mod != 3) {
3439 gen_lea_modrm(env, s, modrm, &reg_addr, &offset_addr);
3440 gen_ldq_env_A0(s->mem_index, offsetof(CPUX86State,xmm_regs[reg].XMM_Q(0)));
3441 gen_op_movl_T0_0();
3442 tcg_gen_st32_tl(cpu_T[0], cpu_env, offsetof(CPUX86State,xmm_regs[reg].XMM_L(2)));
3443 tcg_gen_st32_tl(cpu_T[0], cpu_env, offsetof(CPUX86State,xmm_regs[reg].XMM_L(3)));
3444 } else {
3445 rm = (modrm & 7) | REX_B(s);
3446 gen_op_movq(offsetof(CPUX86State,xmm_regs[reg].XMM_Q(0)),
3447 offsetof(CPUX86State,xmm_regs[rm].XMM_Q(0)));
3448 }
3449 break;
3450 case 0x012: /* movlps */
3451 case 0x112: /* movlpd */
3452 if (mod != 3) {
3453 gen_lea_modrm(env, s, modrm, &reg_addr, &offset_addr);
3454 gen_ldq_env_A0(s->mem_index, offsetof(CPUX86State,xmm_regs[reg].XMM_Q(0)));
3455 } else {
3456 /* movhlps */
3457 rm = (modrm & 7) | REX_B(s);
3458 gen_op_movq(offsetof(CPUX86State,xmm_regs[reg].XMM_Q(0)),
3459 offsetof(CPUX86State,xmm_regs[rm].XMM_Q(1)));
3460 }
3461 break;
3462 case 0x212: /* movsldup */
3463 if (mod != 3) {
3464 gen_lea_modrm(env, s, modrm, &reg_addr, &offset_addr);
3465 gen_ldo_env_A0(s->mem_index, offsetof(CPUX86State,xmm_regs[reg]));
3466 } else {
3467 rm = (modrm & 7) | REX_B(s);
3468 gen_op_movl(offsetof(CPUX86State,xmm_regs[reg].XMM_L(0)),
3469 offsetof(CPUX86State,xmm_regs[rm].XMM_L(0)));
3470 gen_op_movl(offsetof(CPUX86State,xmm_regs[reg].XMM_L(2)),
3471 offsetof(CPUX86State,xmm_regs[rm].XMM_L(2)));
3472 }
3473 gen_op_movl(offsetof(CPUX86State,xmm_regs[reg].XMM_L(1)),
3474 offsetof(CPUX86State,xmm_regs[reg].XMM_L(0)));
3475 gen_op_movl(offsetof(CPUX86State,xmm_regs[reg].XMM_L(3)),
3476 offsetof(CPUX86State,xmm_regs[reg].XMM_L(2)));
3477 break;
3478 case 0x312: /* movddup */
3479 if (mod != 3) {
3480 gen_lea_modrm(env, s, modrm, &reg_addr, &offset_addr);
3481 gen_ldq_env_A0(s->mem_index, offsetof(CPUX86State,xmm_regs[reg].XMM_Q(0)));
3482 } else {
3483 rm = (modrm & 7) | REX_B(s);
3484 gen_op_movq(offsetof(CPUX86State,xmm_regs[reg].XMM_Q(0)),
3485 offsetof(CPUX86State,xmm_regs[rm].XMM_Q(0)));
3486 }
3487 gen_op_movq(offsetof(CPUX86State,xmm_regs[reg].XMM_Q(1)),
3488 offsetof(CPUX86State,xmm_regs[reg].XMM_Q(0)));
3489 break;
3490 case 0x016: /* movhps */
3491 case 0x116: /* movhpd */
3492 if (mod != 3) {
3493 gen_lea_modrm(env, s, modrm, &reg_addr, &offset_addr);
3494 gen_ldq_env_A0(s->mem_index, offsetof(CPUX86State,xmm_regs[reg].XMM_Q(1)));
3495 } else {
3496 /* movlhps */
3497 rm = (modrm & 7) | REX_B(s);
3498 gen_op_movq(offsetof(CPUX86State,xmm_regs[reg].XMM_Q(1)),
3499 offsetof(CPUX86State,xmm_regs[rm].XMM_Q(0)));
3500 }
3501 break;
3502 case 0x216: /* movshdup */
3503 if (mod != 3) {
3504 gen_lea_modrm(env, s, modrm, &reg_addr, &offset_addr);
3505 gen_ldo_env_A0(s->mem_index, offsetof(CPUX86State,xmm_regs[reg]));
3506 } else {
3507 rm = (modrm & 7) | REX_B(s);
3508 gen_op_movl(offsetof(CPUX86State,xmm_regs[reg].XMM_L(1)),
3509 offsetof(CPUX86State,xmm_regs[rm].XMM_L(1)));
3510 gen_op_movl(offsetof(CPUX86State,xmm_regs[reg].XMM_L(3)),
3511 offsetof(CPUX86State,xmm_regs[rm].XMM_L(3)));
3512 }
3513 gen_op_movl(offsetof(CPUX86State,xmm_regs[reg].XMM_L(0)),
3514 offsetof(CPUX86State,xmm_regs[reg].XMM_L(1)));
3515 gen_op_movl(offsetof(CPUX86State,xmm_regs[reg].XMM_L(2)),
3516 offsetof(CPUX86State,xmm_regs[reg].XMM_L(3)));
3517 break;
3518 case 0x178:
3519 case 0x378:
3520 {
3521 int bit_index, field_length;
3522
3523 if (b1 == 1 && reg != 0)
3524 goto illegal_op;
3525 field_length = cpu_ldub_code(env, s->pc++) & 0x3F;
3526 bit_index = cpu_ldub_code(env, s->pc++) & 0x3F;
3527 tcg_gen_addi_ptr(cpu_ptr0, cpu_env,
3528 offsetof(CPUX86State,xmm_regs[reg]));
3529 if (b1 == 1)
3530 gen_helper_extrq_i(cpu_env, cpu_ptr0,
3531 tcg_const_i32(bit_index),
3532 tcg_const_i32(field_length));
3533 else
3534 gen_helper_insertq_i(cpu_env, cpu_ptr0,
3535 tcg_const_i32(bit_index),
3536 tcg_const_i32(field_length));
3537 }
3538 break;
3539 case 0x7e: /* movd ea, mm */
3540 #ifdef TARGET_X86_64
3541 if (s->dflag == 2) {
3542 tcg_gen_ld_i64(cpu_T[0], cpu_env,
3543 offsetof(CPUX86State,fpregs[reg].mmx));
3544 gen_ldst_modrm(env, s, modrm, OT_QUAD, OR_TMP0, 1);
3545 } else
3546 #endif
3547 {
3548 tcg_gen_ld32u_tl(cpu_T[0], cpu_env,
3549 offsetof(CPUX86State,fpregs[reg].mmx.MMX_L(0)));
3550 gen_ldst_modrm(env, s, modrm, OT_LONG, OR_TMP0, 1);
3551 }
3552 break;
3553 case 0x17e: /* movd ea, xmm */
3554 #ifdef TARGET_X86_64
3555 if (s->dflag == 2) {
3556 tcg_gen_ld_i64(cpu_T[0], cpu_env,
3557 offsetof(CPUX86State,xmm_regs[reg].XMM_Q(0)));
3558 gen_ldst_modrm(env, s, modrm, OT_QUAD, OR_TMP0, 1);
3559 } else
3560 #endif
3561 {
3562 tcg_gen_ld32u_tl(cpu_T[0], cpu_env,
3563 offsetof(CPUX86State,xmm_regs[reg].XMM_L(0)));
3564 gen_ldst_modrm(env, s, modrm, OT_LONG, OR_TMP0, 1);
3565 }
3566 break;
3567 case 0x27e: /* movq xmm, ea */
3568 if (mod != 3) {
3569 gen_lea_modrm(env, s, modrm, &reg_addr, &offset_addr);
3570 gen_ldq_env_A0(s->mem_index, offsetof(CPUX86State,xmm_regs[reg].XMM_Q(0)));
3571 } else {
3572 rm = (modrm & 7) | REX_B(s);
3573 gen_op_movq(offsetof(CPUX86State,xmm_regs[reg].XMM_Q(0)),
3574 offsetof(CPUX86State,xmm_regs[rm].XMM_Q(0)));
3575 }
3576 gen_op_movq_env_0(offsetof(CPUX86State,xmm_regs[reg].XMM_Q(1)));
3577 break;
3578 case 0x7f: /* movq ea, mm */
3579 if (mod != 3) {
3580 gen_lea_modrm(env, s, modrm, &reg_addr, &offset_addr);
3581 gen_stq_env_A0(s->mem_index, offsetof(CPUX86State,fpregs[reg].mmx));
3582 } else {
3583 rm = (modrm & 7);
3584 gen_op_movq(offsetof(CPUX86State,fpregs[rm].mmx),
3585 offsetof(CPUX86State,fpregs[reg].mmx));
3586 }
3587 break;
3588 case 0x011: /* movups */
3589 case 0x111: /* movupd */
3590 case 0x029: /* movaps */
3591 case 0x129: /* movapd */
3592 case 0x17f: /* movdqa ea, xmm */
3593 case 0x27f: /* movdqu ea, xmm */
3594 if (mod != 3) {
3595 gen_lea_modrm(env, s, modrm, &reg_addr, &offset_addr);
3596 gen_sto_env_A0(s->mem_index, offsetof(CPUX86State,xmm_regs[reg]));
3597 } else {
3598 rm = (modrm & 7) | REX_B(s);
3599 gen_op_movo(offsetof(CPUX86State,xmm_regs[rm]),
3600 offsetof(CPUX86State,xmm_regs[reg]));
3601 }
3602 break;
3603 case 0x211: /* movss ea, xmm */
3604 if (mod != 3) {
3605 gen_lea_modrm(env, s, modrm, &reg_addr, &offset_addr);
3606 tcg_gen_ld32u_tl(cpu_T[0], cpu_env, offsetof(CPUX86State,xmm_regs[reg].XMM_L(0)));
3607 gen_op_st_T0_A0(OT_LONG + s->mem_index);
3608 } else {
3609 rm = (modrm & 7) | REX_B(s);
3610 gen_op_movl(offsetof(CPUX86State,xmm_regs[rm].XMM_L(0)),
3611 offsetof(CPUX86State,xmm_regs[reg].XMM_L(0)));
3612 }
3613 break;
3614 case 0x311: /* movsd ea, xmm */
3615 if (mod != 3) {
3616 gen_lea_modrm(env, s, modrm, &reg_addr, &offset_addr);
3617 gen_stq_env_A0(s->mem_index, offsetof(CPUX86State,xmm_regs[reg].XMM_Q(0)));
3618 } else {
3619 rm = (modrm & 7) | REX_B(s);
3620 gen_op_movq(offsetof(CPUX86State,xmm_regs[rm].XMM_Q(0)),
3621 offsetof(CPUX86State,xmm_regs[reg].XMM_Q(0)));
3622 }
3623 break;
3624 case 0x013: /* movlps */
3625 case 0x113: /* movlpd */
3626 if (mod != 3) {
3627 gen_lea_modrm(env, s, modrm, &reg_addr, &offset_addr);
3628 gen_stq_env_A0(s->mem_index, offsetof(CPUX86State,xmm_regs[reg].XMM_Q(0)));
3629 } else {
3630 goto illegal_op;
3631 }
3632 break;
3633 case 0x017: /* movhps */
3634 case 0x117: /* movhpd */
3635 if (mod != 3) {
3636 gen_lea_modrm(env, s, modrm, &reg_addr, &offset_addr);
3637 gen_stq_env_A0(s->mem_index, offsetof(CPUX86State,xmm_regs[reg].XMM_Q(1)));
3638 } else {
3639 goto illegal_op;
3640 }
3641 break;
3642 case 0x71: /* shift mm, im */
3643 case 0x72:
3644 case 0x73:
3645 case 0x171: /* shift xmm, im */
3646 case 0x172:
3647 case 0x173:
3648 if (b1 >= 2) {
3649 goto illegal_op;
3650 }
3651 val = cpu_ldub_code(env, s->pc++);
3652 if (is_xmm) {
3653 gen_op_movl_T0_im(val);
3654 tcg_gen_st32_tl(cpu_T[0], cpu_env, offsetof(CPUX86State,xmm_t0.XMM_L(0)));
3655 gen_op_movl_T0_0();
3656 tcg_gen_st32_tl(cpu_T[0], cpu_env, offsetof(CPUX86State,xmm_t0.XMM_L(1)));
3657 op1_offset = offsetof(CPUX86State,xmm_t0);
3658 } else {
3659 gen_op_movl_T0_im(val);
3660 tcg_gen_st32_tl(cpu_T[0], cpu_env, offsetof(CPUX86State,mmx_t0.MMX_L(0)));
3661 gen_op_movl_T0_0();
3662 tcg_gen_st32_tl(cpu_T[0], cpu_env, offsetof(CPUX86State,mmx_t0.MMX_L(1)));
3663 op1_offset = offsetof(CPUX86State,mmx_t0);
3664 }
3665 sse_fn_epp = sse_op_table2[((b - 1) & 3) * 8 +
3666 (((modrm >> 3)) & 7)][b1];
3667 if (!sse_fn_epp) {
3668 goto illegal_op;
3669 }
3670 if (is_xmm) {
3671 rm = (modrm & 7) | REX_B(s);
3672 op2_offset = offsetof(CPUX86State,xmm_regs[rm]);
3673 } else {
3674 rm = (modrm & 7);
3675 op2_offset = offsetof(CPUX86State,fpregs[rm].mmx);
3676 }
3677 tcg_gen_addi_ptr(cpu_ptr0, cpu_env, op2_offset);
3678 tcg_gen_addi_ptr(cpu_ptr1, cpu_env, op1_offset);
3679 sse_fn_epp(cpu_env, cpu_ptr0, cpu_ptr1);
3680 break;
3681 case 0x050: /* movmskps */
3682 rm = (modrm & 7) | REX_B(s);
3683 tcg_gen_addi_ptr(cpu_ptr0, cpu_env,
3684 offsetof(CPUX86State,xmm_regs[rm]));
3685 gen_helper_movmskps(cpu_tmp2_i32, cpu_env, cpu_ptr0);
3686 tcg_gen_extu_i32_tl(cpu_T[0], cpu_tmp2_i32);
3687 gen_op_mov_reg_T0(OT_LONG, reg);
3688 break;
3689 case 0x150: /* movmskpd */
3690 rm = (modrm & 7) | REX_B(s);
3691 tcg_gen_addi_ptr(cpu_ptr0, cpu_env,
3692 offsetof(CPUX86State,xmm_regs[rm]));
3693 gen_helper_movmskpd(cpu_tmp2_i32, cpu_env, cpu_ptr0);
3694 tcg_gen_extu_i32_tl(cpu_T[0], cpu_tmp2_i32);
3695 gen_op_mov_reg_T0(OT_LONG, reg);
3696 break;
3697 case 0x02a: /* cvtpi2ps */
3698 case 0x12a: /* cvtpi2pd */
3699 gen_helper_enter_mmx(cpu_env);
3700 if (mod != 3) {
3701 gen_lea_modrm(env, s, modrm, &reg_addr, &offset_addr);
3702 op2_offset = offsetof(CPUX86State,mmx_t0);
3703 gen_ldq_env_A0(s->mem_index, op2_offset);
3704 } else {
3705 rm = (modrm & 7);
3706 op2_offset = offsetof(CPUX86State,fpregs[rm].mmx);
3707 }
3708 op1_offset = offsetof(CPUX86State,xmm_regs[reg]);
3709 tcg_gen_addi_ptr(cpu_ptr0, cpu_env, op1_offset);
3710 tcg_gen_addi_ptr(cpu_ptr1, cpu_env, op2_offset);
3711 switch(b >> 8) {
3712 case 0x0:
3713 gen_helper_cvtpi2ps(cpu_env, cpu_ptr0, cpu_ptr1);
3714 break;
3715 default:
3716 case 0x1:
3717 gen_helper_cvtpi2pd(cpu_env, cpu_ptr0, cpu_ptr1);
3718 break;
3719 }
3720 break;
3721 case 0x22a: /* cvtsi2ss */
3722 case 0x32a: /* cvtsi2sd */
3723 ot = (s->dflag == 2) ? OT_QUAD : OT_LONG;
3724 gen_ldst_modrm(env, s, modrm, ot, OR_TMP0, 0);
3725 op1_offset = offsetof(CPUX86State,xmm_regs[reg]);
3726 tcg_gen_addi_ptr(cpu_ptr0, cpu_env, op1_offset);
3727 if (ot == OT_LONG) {
3728 SSEFunc_0_epi sse_fn_epi = sse_op_table3ai[(b >> 8) & 1];
3729 tcg_gen_trunc_tl_i32(cpu_tmp2_i32, cpu_T[0]);
3730 sse_fn_epi(cpu_env, cpu_ptr0, cpu_tmp2_i32);
3731 } else {
3732 #ifdef TARGET_X86_64
3733 SSEFunc_0_epl sse_fn_epl = sse_op_table3aq[(b >> 8) & 1];
3734 sse_fn_epl(cpu_env, cpu_ptr0, cpu_T[0]);
3735 #else
3736 goto illegal_op;
3737 #endif
3738 }
3739 break;
3740 case 0x02c: /* cvttps2pi */
3741 case 0x12c: /* cvttpd2pi */
3742 case 0x02d: /* cvtps2pi */
3743 case 0x12d: /* cvtpd2pi */
3744 gen_helper_enter_mmx(cpu_env);
3745 if (mod != 3) {
3746 gen_lea_modrm(env, s, modrm, &reg_addr, &offset_addr);
3747 op2_offset = offsetof(CPUX86State,xmm_t0);
3748 gen_ldo_env_A0(s->mem_index, op2_offset);
3749 } else {
3750 rm = (modrm & 7) | REX_B(s);
3751 op2_offset = offsetof(CPUX86State,xmm_regs[rm]);
3752 }
3753 op1_offset = offsetof(CPUX86State,fpregs[reg & 7].mmx);
3754 tcg_gen_addi_ptr(cpu_ptr0, cpu_env, op1_offset);
3755 tcg_gen_addi_ptr(cpu_ptr1, cpu_env, op2_offset);
3756 switch(b) {
3757 case 0x02c:
3758 gen_helper_cvttps2pi(cpu_env, cpu_ptr0, cpu_ptr1);
3759 break;
3760 case 0x12c:
3761 gen_helper_cvttpd2pi(cpu_env, cpu_ptr0, cpu_ptr1);
3762 break;
3763 case 0x02d:
3764 gen_helper_cvtps2pi(cpu_env, cpu_ptr0, cpu_ptr1);
3765 break;
3766 case 0x12d:
3767 gen_helper_cvtpd2pi(cpu_env, cpu_ptr0, cpu_ptr1);
3768 break;
3769 }
3770 break;
3771 case 0x22c: /* cvttss2si */
3772 case 0x32c: /* cvttsd2si */
3773 case 0x22d: /* cvtss2si */
3774 case 0x32d: /* cvtsd2si */
3775 ot = (s->dflag == 2) ? OT_QUAD : OT_LONG;
3776 if (mod != 3) {
3777 gen_lea_modrm(env, s, modrm, &reg_addr, &offset_addr);
3778 if ((b >> 8) & 1) {
3779 gen_ldq_env_A0(s->mem_index, offsetof(CPUX86State,xmm_t0.XMM_Q(0)));
3780 } else {
3781 gen_op_ld_T0_A0(OT_LONG + s->mem_index);
3782 tcg_gen_st32_tl(cpu_T[0], cpu_env, offsetof(CPUX86State,xmm_t0.XMM_L(0)));
3783 }
3784 op2_offset = offsetof(CPUX86State,xmm_t0);
3785 } else {
3786 rm = (modrm & 7) | REX_B(s);
3787 op2_offset = offsetof(CPUX86State,xmm_regs[rm]);
3788 }
3789 tcg_gen_addi_ptr(cpu_ptr0, cpu_env, op2_offset);
3790 if (ot == OT_LONG) {
3791 SSEFunc_i_ep sse_fn_i_ep =
3792 sse_op_table3bi[((b >> 7) & 2) | (b & 1)];
3793 sse_fn_i_ep(cpu_tmp2_i32, cpu_env, cpu_ptr0);
3794 tcg_gen_extu_i32_tl(cpu_T[0], cpu_tmp2_i32);
3795 } else {
3796 #ifdef TARGET_X86_64
3797 SSEFunc_l_ep sse_fn_l_ep =
3798 sse_op_table3bq[((b >> 7) & 2) | (b & 1)];
3799 sse_fn_l_ep(cpu_T[0], cpu_env, cpu_ptr0);
3800 #else
3801 goto illegal_op;
3802 #endif
3803 }
3804 gen_op_mov_reg_T0(ot, reg);
3805 break;
3806 case 0xc4: /* pinsrw */
3807 case 0x1c4:
3808 s->rip_offset = 1;
3809 gen_ldst_modrm(env, s, modrm, OT_WORD, OR_TMP0, 0);
3810 val = cpu_ldub_code(env, s->pc++);
3811 if (b1) {
3812 val &= 7;
3813 tcg_gen_st16_tl(cpu_T[0], cpu_env,
3814 offsetof(CPUX86State,xmm_regs[reg].XMM_W(val)));
3815 } else {
3816 val &= 3;
3817 tcg_gen_st16_tl(cpu_T[0], cpu_env,
3818 offsetof(CPUX86State,fpregs[reg].mmx.MMX_W(val)));
3819 }
3820 break;
3821 case 0xc5: /* pextrw */
3822 case 0x1c5:
3823 if (mod != 3)
3824 goto illegal_op;
3825 ot = (s->dflag == 2) ? OT_QUAD : OT_LONG;
3826 val = cpu_ldub_code(env, s->pc++);
3827 if (b1) {
3828 val &= 7;
3829 rm = (modrm & 7) | REX_B(s);
3830 tcg_gen_ld16u_tl(cpu_T[0], cpu_env,
3831 offsetof(CPUX86State,xmm_regs[rm].XMM_W(val)));
3832 } else {
3833 val &= 3;
3834 rm = (modrm & 7);
3835 tcg_gen_ld16u_tl(cpu_T[0], cpu_env,
3836 offsetof(CPUX86State,fpregs[rm].mmx.MMX_W(val)));
3837 }
3838 reg = ((modrm >> 3) & 7) | rex_r;
3839 gen_op_mov_reg_T0(ot, reg);
3840 break;
3841 case 0x1d6: /* movq ea, xmm */
3842 if (mod != 3) {
3843 gen_lea_modrm(env, s, modrm, &reg_addr, &offset_addr);
3844 gen_stq_env_A0(s->mem_index, offsetof(CPUX86State,xmm_regs[reg].XMM_Q(0)));
3845 } else {
3846 rm = (modrm & 7) | REX_B(s);
3847 gen_op_movq(offsetof(CPUX86State,xmm_regs[rm].XMM_Q(0)),
3848 offsetof(CPUX86State,xmm_regs[reg].XMM_Q(0)));
3849 gen_op_movq_env_0(offsetof(CPUX86State,xmm_regs[rm].XMM_Q(1)));
3850 }
3851 break;
3852 case 0x2d6: /* movq2dq */
3853 gen_helper_enter_mmx(cpu_env);
3854 rm = (modrm & 7);
3855 gen_op_movq(offsetof(CPUX86State,xmm_regs[reg].XMM_Q(0)),
3856 offsetof(CPUX86State,fpregs[rm].mmx));
3857 gen_op_movq_env_0(offsetof(CPUX86State,xmm_regs[reg].XMM_Q(1)));
3858 break;
3859 case 0x3d6: /* movdq2q */
3860 gen_helper_enter_mmx(cpu_env);
3861 rm = (modrm & 7) | REX_B(s);
3862 gen_op_movq(offsetof(CPUX86State,fpregs[reg & 7].mmx),
3863 offsetof(CPUX86State,xmm_regs[rm].XMM_Q(0)));
3864 break;
3865 case 0xd7: /* pmovmskb */
3866 case 0x1d7:
3867 if (mod != 3)
3868 goto illegal_op;
3869 if (b1) {
3870 rm = (modrm & 7) | REX_B(s);
3871 tcg_gen_addi_ptr(cpu_ptr0, cpu_env, offsetof(CPUX86State,xmm_regs[rm]));
3872 gen_helper_pmovmskb_xmm(cpu_tmp2_i32, cpu_env, cpu_ptr0);
3873 } else {
3874 rm = (modrm & 7);
3875 tcg_gen_addi_ptr(cpu_ptr0, cpu_env, offsetof(CPUX86State,fpregs[rm].mmx));
3876 gen_helper_pmovmskb_mmx(cpu_tmp2_i32, cpu_env, cpu_ptr0);
3877 }
3878 tcg_gen_extu_i32_tl(cpu_T[0], cpu_tmp2_i32);
3879 reg = ((modrm >> 3) & 7) | rex_r;
3880 gen_op_mov_reg_T0(OT_LONG, reg);
3881 break;
3882 case 0x138:
3883 if (s->prefix & PREFIX_REPNZ)
3884 goto crc32;
3885 case 0x038:
3886 b = modrm;
3887 modrm = cpu_ldub_code(env, s->pc++);
3888 rm = modrm & 7;
3889 reg = ((modrm >> 3) & 7) | rex_r;
3890 mod = (modrm >> 6) & 3;
3891 if (b1 >= 2) {
3892 goto illegal_op;
3893 }
3894
3895 sse_fn_epp = sse_op_table6[b].op[b1];
3896 if (!sse_fn_epp) {
3897 goto illegal_op;
3898 }
3899 if (!(s->cpuid_ext_features & sse_op_table6[b].ext_mask))
3900 goto illegal_op;
3901
3902 if (b1) {
3903 op1_offset = offsetof(CPUX86State,xmm_regs[reg]);
3904 if (mod == 3) {
3905 op2_offset = offsetof(CPUX86State,xmm_regs[rm | REX_B(s)]);
3906 } else {
3907 op2_offset = offsetof(CPUX86State,xmm_t0);
3908 gen_lea_modrm(env, s, modrm, &reg_addr, &offset_addr);
3909 switch (b) {
3910 case 0x20: case 0x30: /* pmovsxbw, pmovzxbw */
3911 case 0x23: case 0x33: /* pmovsxwd, pmovzxwd */
3912 case 0x25: case 0x35: /* pmovsxdq, pmovzxdq */
3913 gen_ldq_env_A0(s->mem_index, op2_offset +
3914 offsetof(XMMReg, XMM_Q(0)));
3915 break;
3916 case 0x21: case 0x31: /* pmovsxbd, pmovzxbd */
3917 case 0x24: case 0x34: /* pmovsxwq, pmovzxwq */
3918 tcg_gen_qemu_ld32u(cpu_tmp0, cpu_A0,
3919 (s->mem_index >> 2) - 1);
3920 tcg_gen_trunc_tl_i32(cpu_tmp2_i32, cpu_tmp0);
3921 tcg_gen_st_i32(cpu_tmp2_i32, cpu_env, op2_offset +
3922 offsetof(XMMReg, XMM_L(0)));
3923 break;
3924 case 0x22: case 0x32: /* pmovsxbq, pmovzxbq */
3925 tcg_gen_qemu_ld16u(cpu_tmp0, cpu_A0,
3926 (s->mem_index >> 2) - 1);
3927 tcg_gen_st16_tl(cpu_tmp0, cpu_env, op2_offset +
3928 offsetof(XMMReg, XMM_W(0)));
3929 break;
3930 case 0x2a: /* movntqda */
3931 gen_ldo_env_A0(s->mem_index, op1_offset);
3932 return;
3933 default:
3934 gen_ldo_env_A0(s->mem_index, op2_offset);
3935 }
3936 }
3937 } else {
3938 op1_offset = offsetof(CPUX86State,fpregs[reg].mmx);
3939 if (mod == 3) {
3940 op2_offset = offsetof(CPUX86State,fpregs[rm].mmx);
3941 } else {
3942 op2_offset = offsetof(CPUX86State,mmx_t0);
3943 gen_lea_modrm(env, s, modrm, &reg_addr, &offset_addr);
3944 gen_ldq_env_A0(s->mem_index, op2_offset);
3945 }
3946 }
3947 if (sse_fn_epp == SSE_SPECIAL) {
3948 goto illegal_op;
3949 }
3950
3951 tcg_gen_addi_ptr(cpu_ptr0, cpu_env, op1_offset);
3952 tcg_gen_addi_ptr(cpu_ptr1, cpu_env, op2_offset);
3953 sse_fn_epp(cpu_env, cpu_ptr0, cpu_ptr1);
3954
3955 if (b == 0x17) {
3956 set_cc_op(s, CC_OP_EFLAGS);
3957 }
3958 break;
3959 case 0x338: /* crc32 */
3960 crc32:
3961 b = modrm;
3962 modrm = cpu_ldub_code(env, s->pc++);
3963 reg = ((modrm >> 3) & 7) | rex_r;
3964
3965 if (b != 0xf0 && b != 0xf1)
3966 goto illegal_op;
3967 if (!(s->cpuid_ext_features & CPUID_EXT_SSE42))
3968 goto illegal_op;
3969
3970 if (b == 0xf0)
3971 ot = OT_BYTE;
3972 else if (b == 0xf1 && s->dflag != 2)
3973 if (s->prefix & PREFIX_DATA)
3974 ot = OT_WORD;
3975 else
3976 ot = OT_LONG;
3977 else
3978 ot = OT_QUAD;
3979
3980 gen_op_mov_TN_reg(OT_LONG, 0, reg);
3981 tcg_gen_trunc_tl_i32(cpu_tmp2_i32, cpu_T[0]);
3982 gen_ldst_modrm(env, s, modrm, ot, OR_TMP0, 0);
3983 gen_helper_crc32(cpu_T[0], cpu_tmp2_i32,
3984 cpu_T[0], tcg_const_i32(8 << ot));
3985
3986 ot = (s->dflag == 2) ? OT_QUAD : OT_LONG;
3987 gen_op_mov_reg_T0(ot, reg);
3988 break;
3989 case 0x03a:
3990 case 0x13a:
3991 b = modrm;
3992 modrm = cpu_ldub_code(env, s->pc++);
3993 rm = modrm & 7;
3994 reg = ((modrm >> 3) & 7) | rex_r;
3995 mod = (modrm >> 6) & 3;
3996 if (b1 >= 2) {
3997 goto illegal_op;
3998 }
3999
4000 sse_fn_eppi = sse_op_table7[b].op[b1];
4001 if (!sse_fn_eppi) {
4002 goto illegal_op;
4003 }
4004 if (!(s->cpuid_ext_features & sse_op_table7[b].ext_mask))
4005 goto illegal_op;
4006
4007 if (sse_fn_eppi == SSE_SPECIAL) {
4008 ot = (s->dflag == 2) ? OT_QUAD : OT_LONG;
4009 rm = (modrm & 7) | REX_B(s);
4010 if (mod != 3)
4011 gen_lea_modrm(env, s, modrm, &reg_addr, &offset_addr);
4012 reg = ((modrm >> 3) & 7) | rex_r;
4013 val = cpu_ldub_code(env, s->pc++);
4014 switch (b) {
4015 case 0x14: /* pextrb */
4016 tcg_gen_ld8u_tl(cpu_T[0], cpu_env, offsetof(CPUX86State,
4017 xmm_regs[reg].XMM_B(val & 15)));
4018 if (mod == 3)
4019 gen_op_mov_reg_T0(ot, rm);
4020 else
4021 tcg_gen_qemu_st8(cpu_T[0], cpu_A0,
4022 (s->mem_index >> 2) - 1);
4023 break;
4024 case 0x15: /* pextrw */
4025 tcg_gen_ld16u_tl(cpu_T[0], cpu_env, offsetof(CPUX86State,
4026 xmm_regs[reg].XMM_W(val & 7)));
4027 if (mod == 3)
4028 gen_op_mov_reg_T0(ot, rm);
4029 else
4030 tcg_gen_qemu_st16(cpu_T[0], cpu_A0,
4031 (s->mem_index >> 2) - 1);
4032 break;
4033 case 0x16:
4034 if (ot == OT_LONG) { /* pextrd */
4035 tcg_gen_ld_i32(cpu_tmp2_i32, cpu_env,
4036 offsetof(CPUX86State,
4037 xmm_regs[reg].XMM_L(val & 3)));
4038 tcg_gen_extu_i32_tl(cpu_T[0], cpu_tmp2_i32);
4039 if (mod == 3)
4040 gen_op_mov_reg_v(ot, rm, cpu_T[0]);
4041 else
4042 tcg_gen_qemu_st32(cpu_T[0], cpu_A0,
4043 (s->mem_index >> 2) - 1);
4044 } else { /* pextrq */
4045 #ifdef TARGET_X86_64
4046 tcg_gen_ld_i64(cpu_tmp1_i64, cpu_env,
4047 offsetof(CPUX86State,
4048 xmm_regs[reg].XMM_Q(val & 1)));
4049 if (mod == 3)
4050 gen_op_mov_reg_v(ot, rm, cpu_tmp1_i64);
4051 else
4052 tcg_gen_qemu_st64(cpu_tmp1_i64, cpu_A0,
4053 (s->mem_index >> 2) - 1);
4054 #else
4055 goto illegal_op;
4056 #endif
4057 }
4058 break;
4059 case 0x17: /* extractps */
4060 tcg_gen_ld32u_tl(cpu_T[0], cpu_env, offsetof(CPUX86State,
4061 xmm_regs[reg].XMM_L(val & 3)));
4062 if (mod == 3)
4063 gen_op_mov_reg_T0(ot, rm);
4064 else
4065 tcg_gen_qemu_st32(cpu_T[0], cpu_A0,
4066 (s->mem_index >> 2) - 1);
4067 break;
4068 case 0x20: /* pinsrb */
4069 if (mod == 3)
4070 gen_op_mov_TN_reg(OT_LONG, 0, rm);
4071 else
4072 tcg_gen_qemu_ld8u(cpu_tmp0, cpu_A0,
4073 (s->mem_index >> 2) - 1);
4074 tcg_gen_st8_tl(cpu_tmp0, cpu_env, offsetof(CPUX86State,
4075 xmm_regs[reg].XMM_B(val & 15)));
4076 break;
4077 case 0x21: /* insertps */
4078 if (mod == 3) {
4079 tcg_gen_ld_i32(cpu_tmp2_i32, cpu_env,
4080 offsetof(CPUX86State,xmm_regs[rm]
4081 .XMM_L((val >> 6) & 3)));
4082 } else {
4083 tcg_gen_qemu_ld32u(cpu_tmp0, cpu_A0,
4084 (s->mem_index >> 2) - 1);
4085 tcg_gen_trunc_tl_i32(cpu_tmp2_i32, cpu_tmp0);
4086 }
4087 tcg_gen_st_i32(cpu_tmp2_i32, cpu_env,
4088 offsetof(CPUX86State,xmm_regs[reg]
4089 .XMM_L((val >> 4) & 3)));
4090 if ((val >> 0) & 1)
4091 tcg_gen_st_i32(tcg_const_i32(0 /*float32_zero*/),
4092 cpu_env, offsetof(CPUX86State,
4093 xmm_regs[reg].XMM_L(0)));
4094 if ((val >> 1) & 1)
4095 tcg_gen_st_i32(tcg_const_i32(0 /*float32_zero*/),
4096 cpu_env, offsetof(CPUX86State,
4097 xmm_regs[reg].XMM_L(1)));
4098 if ((val >> 2) & 1)
4099 tcg_gen_st_i32(tcg_const_i32(0 /*float32_zero*/),
4100 cpu_env, offsetof(CPUX86State,
4101 xmm_regs[reg].XMM_L(2)));
4102 if ((val >> 3) & 1)
4103 tcg_gen_st_i32(tcg_const_i32(0 /*float32_zero*/),
4104 cpu_env, offsetof(CPUX86State,
4105 xmm_regs[reg].XMM_L(3)));
4106 break;
4107 case 0x22:
4108 if (ot == OT_LONG) { /* pinsrd */
4109 if (mod == 3)
4110 gen_op_mov_v_reg(ot, cpu_tmp0, rm);
4111 else
4112 tcg_gen_qemu_ld32u(cpu_tmp0, cpu_A0,
4113 (s->mem_index >> 2) - 1);
4114 tcg_gen_trunc_tl_i32(cpu_tmp2_i32, cpu_tmp0);
4115 tcg_gen_st_i32(cpu_tmp2_i32, cpu_env,
4116 offsetof(CPUX86State,
4117 xmm_regs[reg].XMM_L(val & 3)));
4118 } else { /* pinsrq */
4119 #ifdef TARGET_X86_64
4120 if (mod == 3)
4121 gen_op_mov_v_reg(ot, cpu_tmp1_i64, rm);
4122 else
4123 tcg_gen_qemu_ld64(cpu_tmp1_i64, cpu_A0,
4124 (s->mem_index >> 2) - 1);
4125 tcg_gen_st_i64(cpu_tmp1_i64, cpu_env,
4126 offsetof(CPUX86State,
4127 xmm_regs[reg].XMM_Q(val & 1)));
4128 #else
4129 goto illegal_op;
4130 #endif
4131 }
4132 break;
4133 }
4134 return;
4135 }
4136
4137 if (b1) {
4138 op1_offset = offsetof(CPUX86State,xmm_regs[reg]);
4139 if (mod == 3) {
4140 op2_offset = offsetof(CPUX86State,xmm_regs[rm | REX_B(s)]);
4141 } else {
4142 op2_offset = offsetof(CPUX86State,xmm_t0);
4143 gen_lea_modrm(env, s, modrm, &reg_addr, &offset_addr);
4144 gen_ldo_env_A0(s->mem_index, op2_offset);
4145 }
4146 } else {
4147 op1_offset = offsetof(CPUX86State,fpregs[reg].mmx);
4148 if (mod == 3) {
4149 op2_offset = offsetof(CPUX86State,fpregs[rm].mmx);
4150 } else {
4151 op2_offset = offsetof(CPUX86State,mmx_t0);
4152 gen_lea_modrm(env, s, modrm, &reg_addr, &offset_addr);
4153 gen_ldq_env_A0(s->mem_index, op2_offset);
4154 }
4155 }
4156 val = cpu_ldub_code(env, s->pc++);
4157
4158 if ((b & 0xfc) == 0x60) { /* pcmpXstrX */
4159 set_cc_op(s, CC_OP_EFLAGS);
4160
4161 if (s->dflag == 2)
4162 /* The helper must use entire 64-bit gp registers */
4163 val |= 1 << 8;
4164 }
4165
4166 tcg_gen_addi_ptr(cpu_ptr0, cpu_env, op1_offset);
4167 tcg_gen_addi_ptr(cpu_ptr1, cpu_env, op2_offset);
4168 sse_fn_eppi(cpu_env, cpu_ptr0, cpu_ptr1, tcg_const_i32(val));
4169 break;
4170 default:
4171 goto illegal_op;
4172 }
4173 } else {
4174 /* generic MMX or SSE operation */
4175 switch(b) {
4176 case 0x70: /* pshufx insn */
4177 case 0xc6: /* pshufx insn */
4178 case 0xc2: /* compare insns */
4179 s->rip_offset = 1;
4180 break;
4181 default:
4182 break;
4183 }
4184 if (is_xmm) {
4185 op1_offset = offsetof(CPUX86State,xmm_regs[reg]);
4186 if (mod != 3) {
4187 gen_lea_modrm(env, s, modrm, &reg_addr, &offset_addr);
4188 op2_offset = offsetof(CPUX86State,xmm_t0);
4189 if (b1 >= 2 && ((b >= 0x50 && b <= 0x5f && b != 0x5b) ||
4190 b == 0xc2)) {
4191 /* specific case for SSE single instructions */
4192 if (b1 == 2) {
4193 /* 32 bit access */
4194 gen_op_ld_T0_A0(OT_LONG + s->mem_index);
4195 tcg_gen_st32_tl(cpu_T[0], cpu_env, offsetof(CPUX86State,xmm_t0.XMM_L(0)));
4196 } else {
4197 /* 64 bit access */
4198 gen_ldq_env_A0(s->mem_index, offsetof(CPUX86State,xmm_t0.XMM_D(0)));
4199 }
4200 } else {
4201 gen_ldo_env_A0(s->mem_index, op2_offset);
4202 }
4203 } else {
4204 rm = (modrm & 7) | REX_B(s);
4205 op2_offset = offsetof(CPUX86State,xmm_regs[rm]);
4206 }
4207 } else {
4208 op1_offset = offsetof(CPUX86State,fpregs[reg].mmx);
4209 if (mod != 3) {
4210 gen_lea_modrm(env, s, modrm, &reg_addr, &offset_addr);
4211 op2_offset = offsetof(CPUX86State,mmx_t0);
4212 gen_ldq_env_A0(s->mem_index, op2_offset);
4213 } else {
4214 rm = (modrm & 7);
4215 op2_offset = offsetof(CPUX86State,fpregs[rm].mmx);
4216 }
4217 }
4218 switch(b) {
4219 case 0x0f: /* 3DNow! data insns */
4220 if (!(s->cpuid_ext2_features & CPUID_EXT2_3DNOW))
4221 goto illegal_op;
4222 val = cpu_ldub_code(env, s->pc++);
4223 sse_fn_epp = sse_op_table5[val];
4224 if (!sse_fn_epp) {
4225 goto illegal_op;
4226 }
4227 tcg_gen_addi_ptr(cpu_ptr0, cpu_env, op1_offset);
4228 tcg_gen_addi_ptr(cpu_ptr1, cpu_env, op2_offset);
4229 sse_fn_epp(cpu_env, cpu_ptr0, cpu_ptr1);
4230 break;
4231 case 0x70: /* pshufx insn */
4232 case 0xc6: /* pshufx insn */
4233 val = cpu_ldub_code(env, s->pc++);
4234 tcg_gen_addi_ptr(cpu_ptr0, cpu_env, op1_offset);
4235 tcg_gen_addi_ptr(cpu_ptr1, cpu_env, op2_offset);
4236 /* XXX: introduce a new table? */
4237 sse_fn_ppi = (SSEFunc_0_ppi)sse_fn_epp;
4238 sse_fn_ppi(cpu_ptr0, cpu_ptr1, tcg_const_i32(val));
4239 break;
4240 case 0xc2:
4241 /* compare insns */
4242 val = cpu_ldub_code(env, s->pc++);
4243 if (val >= 8)
4244 goto illegal_op;
4245 sse_fn_epp = sse_op_table4[val][b1];
4246
4247 tcg_gen_addi_ptr(cpu_ptr0, cpu_env, op1_offset);
4248 tcg_gen_addi_ptr(cpu_ptr1, cpu_env, op2_offset);
4249 sse_fn_epp(cpu_env, cpu_ptr0, cpu_ptr1);
4250 break;
4251 case 0xf7:
4252 /* maskmov : we must prepare A0 */
4253 if (mod != 3)
4254 goto illegal_op;
4255 #ifdef TARGET_X86_64
4256 if (s->aflag == 2) {
4257 gen_op_movq_A0_reg(R_EDI);
4258 } else
4259 #endif
4260 {
4261 gen_op_movl_A0_reg(R_EDI);
4262 if (s->aflag == 0)
4263 gen_op_andl_A0_ffff();
4264 }
4265 gen_add_A0_ds_seg(s);
4266
4267 tcg_gen_addi_ptr(cpu_ptr0, cpu_env, op1_offset);
4268 tcg_gen_addi_ptr(cpu_ptr1, cpu_env, op2_offset);
4269 /* XXX: introduce a new table? */
4270 sse_fn_eppt = (SSEFunc_0_eppt)sse_fn_epp;
4271 sse_fn_eppt(cpu_env, cpu_ptr0, cpu_ptr1, cpu_A0);
4272 break;
4273 default:
4274 tcg_gen_addi_ptr(cpu_ptr0, cpu_env, op1_offset);
4275 tcg_gen_addi_ptr(cpu_ptr1, cpu_env, op2_offset);
4276 sse_fn_epp(cpu_env, cpu_ptr0, cpu_ptr1);
4277 break;
4278 }
4279 if (b == 0x2e || b == 0x2f) {
4280 set_cc_op(s, CC_OP_EFLAGS);
4281 }
4282 }
4283 }
4284
4285 /* convert one instruction. s->is_jmp is set if the translation must
4286 be stopped. Return the next pc value */
4287 static target_ulong disas_insn(CPUX86State *env, DisasContext *s,
4288 target_ulong pc_start)
4289 {
4290 int b, prefixes, aflag, dflag;
4291 int shift, ot;
4292 int modrm, reg, rm, mod, reg_addr, op, opreg, offset_addr, val;
4293 target_ulong next_eip, tval;
4294 int rex_w, rex_r;
4295
4296 if (unlikely(qemu_loglevel_mask(CPU_LOG_TB_OP | CPU_LOG_TB_OP_OPT))) {
4297 tcg_gen_debug_insn_start(pc_start);
4298 }
4299 s->pc = pc_start;
4300 prefixes = 0;
4301 aflag = s->code32;
4302 dflag = s->code32;
4303 s->override = -1;
4304 rex_w = -1;
4305 rex_r = 0;
4306 #ifdef TARGET_X86_64
4307 s->rex_x = 0;
4308 s->rex_b = 0;
4309 x86_64_hregs = 0;
4310 #endif
4311 s->rip_offset = 0; /* for relative ip address */
4312 next_byte:
4313 b = cpu_ldub_code(env, s->pc);
4314 s->pc++;
4315 /* check prefixes */
4316 #ifdef TARGET_X86_64
4317 if (CODE64(s)) {
4318 switch (b) {
4319 case 0xf3:
4320 prefixes |= PREFIX_REPZ;
4321 goto next_byte;
4322 case 0xf2:
4323 prefixes |= PREFIX_REPNZ;
4324 goto next_byte;
4325 case 0xf0:
4326 prefixes |= PREFIX_LOCK;
4327 goto next_byte;
4328 case 0x2e:
4329 s->override = R_CS;
4330 goto next_byte;
4331 case 0x36:
4332 s->override = R_SS;
4333 goto next_byte;
4334 case 0x3e:
4335 s->override = R_DS;
4336 goto next_byte;
4337 case 0x26:
4338 s->override = R_ES;
4339 goto next_byte;
4340 case 0x64:
4341 s->override = R_FS;
4342 goto next_byte;
4343 case 0x65:
4344 s->override = R_GS;
4345 goto next_byte;
4346 case 0x66:
4347 prefixes |= PREFIX_DATA;
4348 goto next_byte;
4349 case 0x67:
4350 prefixes |= PREFIX_ADR;
4351 goto next_byte;
4352 case 0x40 ... 0x4f:
4353 /* REX prefix */
4354 rex_w = (b >> 3) & 1;
4355 rex_r = (b & 0x4) << 1;
4356 s->rex_x = (b & 0x2) << 2;
4357 REX_B(s) = (b & 0x1) << 3;
4358 x86_64_hregs = 1; /* select uniform byte register addressing */
4359 goto next_byte;
4360 }
4361 if (rex_w == 1) {
4362 /* 0x66 is ignored if rex.w is set */
4363 dflag = 2;
4364 } else {
4365 if (prefixes & PREFIX_DATA)
4366 dflag ^= 1;
4367 }
4368 if (!(prefixes & PREFIX_ADR))
4369 aflag = 2;
4370 } else
4371 #endif
4372 {
4373 switch (b) {
4374 case 0xf3:
4375 prefixes |= PREFIX_REPZ;
4376 goto next_byte;
4377 case 0xf2:
4378 prefixes |= PREFIX_REPNZ;
4379 goto next_byte;
4380 case 0xf0:
4381 prefixes |= PREFIX_LOCK;
4382 goto next_byte;
4383 case 0x2e:
4384 s->override = R_CS;
4385 goto next_byte;
4386 case 0x36:
4387 s->override = R_SS;
4388 goto next_byte;
4389 case 0x3e:
4390 s->override = R_DS;
4391 goto next_byte;
4392 case 0x26:
4393 s->override = R_ES;
4394 goto next_byte;
4395 case 0x64:
4396 s->override = R_FS;
4397 goto next_byte;
4398 case 0x65:
4399 s->override = R_GS;
4400 goto next_byte;
4401 case 0x66:
4402 prefixes |= PREFIX_DATA;
4403 goto next_byte;
4404 case 0x67:
4405 prefixes |= PREFIX_ADR;
4406 goto next_byte;
4407 }
4408 if (prefixes & PREFIX_DATA)
4409 dflag ^= 1;
4410 if (prefixes & PREFIX_ADR)
4411 aflag ^= 1;
4412 }
4413
4414 s->prefix = prefixes;
4415 s->aflag = aflag;
4416 s->dflag = dflag;
4417
4418 /* lock generation */
4419 if (prefixes & PREFIX_LOCK)
4420 gen_helper_lock();
4421
4422 /* now check op code */
4423 reswitch:
4424 switch(b) {
4425 case 0x0f:
4426 /**************************/
4427 /* extended op code */
4428 b = cpu_ldub_code(env, s->pc++) | 0x100;
4429 goto reswitch;
4430
4431 /**************************/
4432 /* arith & logic */
4433 case 0x00 ... 0x05:
4434 case 0x08 ... 0x0d:
4435 case 0x10 ... 0x15:
4436 case 0x18 ... 0x1d:
4437 case 0x20 ... 0x25:
4438 case 0x28 ... 0x2d:
4439 case 0x30 ... 0x35:
4440 case 0x38 ... 0x3d:
4441 {
4442 int op, f, val;
4443 op = (b >> 3) & 7;
4444 f = (b >> 1) & 3;
4445
4446 if ((b & 1) == 0)
4447 ot = OT_BYTE;
4448 else
4449 ot = dflag + OT_WORD;
4450
4451 switch(f) {
4452 case 0: /* OP Ev, Gv */
4453 modrm = cpu_ldub_code(env, s->pc++);
4454 reg = ((modrm >> 3) & 7) | rex_r;
4455 mod = (modrm >> 6) & 3;
4456 rm = (modrm & 7) | REX_B(s);
4457 if (mod != 3) {
4458 gen_lea_modrm(env, s, modrm, &reg_addr, &offset_addr);
4459 opreg = OR_TMP0;
4460 } else if (op == OP_XORL && rm == reg) {
4461 xor_zero:
4462 /* xor reg, reg optimisation */
4463 gen_op_movl_T0_0();
4464 set_cc_op(s, CC_OP_LOGICB + ot);
4465 gen_op_mov_reg_T0(ot, reg);
4466 gen_op_update1_cc();
4467 break;
4468 } else {
4469 opreg = rm;
4470 }
4471 gen_op_mov_TN_reg(ot, 1, reg);
4472 gen_op(s, op, ot, opreg);
4473 break;
4474 case 1: /* OP Gv, Ev */
4475 modrm = cpu_ldub_code(env, s->pc++);
4476 mod = (modrm >> 6) & 3;
4477 reg = ((modrm >> 3) & 7) | rex_r;
4478 rm = (modrm & 7) | REX_B(s);
4479 if (mod != 3) {
4480 gen_lea_modrm(env, s, modrm, &reg_addr, &offset_addr);
4481 gen_op_ld_T1_A0(ot + s->mem_index);
4482 } else if (op == OP_XORL && rm == reg) {
4483 goto xor_zero;
4484 } else {
4485 gen_op_mov_TN_reg(ot, 1, rm);
4486 }
4487 gen_op(s, op, ot, reg);
4488 break;
4489 case 2: /* OP A, Iv */
4490 val = insn_get(env, s, ot);
4491 gen_op_movl_T1_im(val);
4492 gen_op(s, op, ot, OR_EAX);
4493 break;
4494 }
4495 }
4496 break;
4497
4498 case 0x82:
4499 if (CODE64(s))
4500 goto illegal_op;
4501 case 0x80: /* GRP1 */
4502 case 0x81:
4503 case 0x83:
4504 {
4505 int val;
4506
4507 if ((b & 1) == 0)
4508 ot = OT_BYTE;
4509 else
4510 ot = dflag + OT_WORD;
4511
4512 modrm = cpu_ldub_code(env, s->pc++);
4513 mod = (modrm >> 6) & 3;
4514 rm = (modrm & 7) | REX_B(s);
4515 op = (modrm >> 3) & 7;
4516
4517 if (mod != 3) {
4518 if (b == 0x83)
4519 s->rip_offset = 1;
4520 else
4521 s->rip_offset = insn_const_size(ot);
4522 gen_lea_modrm(env, s, modrm, &reg_addr, &offset_addr);
4523 opreg = OR_TMP0;
4524 } else {
4525 opreg = rm;
4526 }
4527
4528 switch(b) {
4529 default:
4530 case 0x80:
4531 case 0x81:
4532 case 0x82:
4533 val = insn_get(env, s, ot);
4534 break;
4535 case 0x83:
4536 val = (int8_t)insn_get(env, s, OT_BYTE);
4537 break;
4538 }
4539 gen_op_movl_T1_im(val);
4540 gen_op(s, op, ot, opreg);
4541 }
4542 break;
4543
4544 /**************************/
4545 /* inc, dec, and other misc arith */
4546 case 0x40 ... 0x47: /* inc Gv */
4547 ot = dflag ? OT_LONG : OT_WORD;
4548 gen_inc(s, ot, OR_EAX + (b & 7), 1);
4549 break;
4550 case 0x48 ... 0x4f: /* dec Gv */
4551 ot = dflag ? OT_LONG : OT_WORD;
4552 gen_inc(s, ot, OR_EAX + (b & 7), -1);
4553 break;
4554 case 0xf6: /* GRP3 */
4555 case 0xf7:
4556 if ((b & 1) == 0)
4557 ot = OT_BYTE;
4558 else
4559 ot = dflag + OT_WORD;
4560
4561 modrm = cpu_ldub_code(env, s->pc++);
4562 mod = (modrm >> 6) & 3;
4563 rm = (modrm & 7) | REX_B(s);
4564 op = (modrm >> 3) & 7;
4565 if (mod != 3) {
4566 if (op == 0)
4567 s->rip_offset = insn_const_size(ot);
4568 gen_lea_modrm(env, s, modrm, &reg_addr, &offset_addr);
4569 gen_op_ld_T0_A0(ot + s->mem_index);
4570 } else {
4571 gen_op_mov_TN_reg(ot, 0, rm);
4572 }
4573
4574 switch(op) {
4575 case 0: /* test */
4576 val = insn_get(env, s, ot);
4577 gen_op_movl_T1_im(val);
4578 gen_op_testl_T0_T1_cc();
4579 set_cc_op(s, CC_OP_LOGICB + ot);
4580 break;
4581 case 2: /* not */
4582 tcg_gen_not_tl(cpu_T[0], cpu_T[0]);
4583 if (mod != 3) {
4584 gen_op_st_T0_A0(ot + s->mem_index);
4585 } else {
4586 gen_op_mov_reg_T0(ot, rm);
4587 }
4588 break;
4589 case 3: /* neg */
4590 tcg_gen_neg_tl(cpu_T[0], cpu_T[0]);
4591 if (mod != 3) {
4592 gen_op_st_T0_A0(ot + s->mem_index);
4593 } else {
4594 gen_op_mov_reg_T0(ot, rm);
4595 }
4596 gen_op_update_neg_cc();
4597 set_cc_op(s, CC_OP_SUBB + ot);
4598 break;
4599 case 4: /* mul */
4600 switch(ot) {
4601 case OT_BYTE:
4602 gen_op_mov_TN_reg(OT_BYTE, 1, R_EAX);
4603 tcg_gen_ext8u_tl(cpu_T[0], cpu_T[0]);
4604 tcg_gen_ext8u_tl(cpu_T[1], cpu_T[1]);
4605 /* XXX: use 32 bit mul which could be faster */
4606 tcg_gen_mul_tl(cpu_T[0], cpu_T[0], cpu_T[1]);
4607 gen_op_mov_reg_T0(OT_WORD, R_EAX);
4608 tcg_gen_mov_tl(cpu_cc_dst, cpu_T[0]);
4609 tcg_gen_andi_tl(cpu_cc_src, cpu_T[0], 0xff00);
4610 set_cc_op(s, CC_OP_MULB);
4611 break;
4612 case OT_WORD:
4613 gen_op_mov_TN_reg(OT_WORD, 1, R_EAX);
4614 tcg_gen_ext16u_tl(cpu_T[0], cpu_T[0]);
4615 tcg_gen_ext16u_tl(cpu_T[1], cpu_T[1]);
4616 /* XXX: use 32 bit mul which could be faster */
4617 tcg_gen_mul_tl(cpu_T[0], cpu_T[0], cpu_T[1]);
4618 gen_op_mov_reg_T0(OT_WORD, R_EAX);
4619 tcg_gen_mov_tl(cpu_cc_dst, cpu_T[0]);
4620 tcg_gen_shri_tl(cpu_T[0], cpu_T[0], 16);
4621 gen_op_mov_reg_T0(OT_WORD, R_EDX);
4622 tcg_gen_mov_tl(cpu_cc_src, cpu_T[0]);
4623 set_cc_op(s, CC_OP_MULW);
4624 break;
4625 default:
4626 case OT_LONG:
4627 #ifdef TARGET_X86_64
4628 gen_op_mov_TN_reg(OT_LONG, 1, R_EAX);
4629 tcg_gen_ext32u_tl(cpu_T[0], cpu_T[0]);
4630 tcg_gen_ext32u_tl(cpu_T[1], cpu_T[1]);
4631 tcg_gen_mul_tl(cpu_T[0], cpu_T[0], cpu_T[1]);
4632 gen_op_mov_reg_T0(OT_LONG, R_EAX);
4633 tcg_gen_mov_tl(cpu_cc_dst, cpu_T[0]);
4634 tcg_gen_shri_tl(cpu_T[0], cpu_T[0], 32);
4635 gen_op_mov_reg_T0(OT_LONG, R_EDX);
4636 tcg_gen_mov_tl(cpu_cc_src, cpu_T[0]);
4637 #else
4638 {
4639 TCGv_i64 t0, t1;
4640 t0 = tcg_temp_new_i64();
4641 t1 = tcg_temp_new_i64();
4642 gen_op_mov_TN_reg(OT_LONG, 1, R_EAX);
4643 tcg_gen_extu_i32_i64(t0, cpu_T[0]);
4644 tcg_gen_extu_i32_i64(t1, cpu_T[1]);
4645 tcg_gen_mul_i64(t0, t0, t1);
4646 tcg_gen_trunc_i64_i32(cpu_T[0], t0);
4647 gen_op_mov_reg_T0(OT_LONG, R_EAX);
4648 tcg_gen_mov_tl(cpu_cc_dst, cpu_T[0]);
4649 tcg_gen_shri_i64(t0, t0, 32);
4650 tcg_gen_trunc_i64_i32(cpu_T[0], t0);
4651 gen_op_mov_reg_T0(OT_LONG, R_EDX);
4652 tcg_gen_mov_tl(cpu_cc_src, cpu_T[0]);
4653 }
4654 #endif
4655 set_cc_op(s, CC_OP_MULL);
4656 break;
4657 #ifdef TARGET_X86_64
4658 case OT_QUAD:
4659 gen_helper_mulq_EAX_T0(cpu_env, cpu_T[0]);
4660 set_cc_op(s, CC_OP_MULQ);
4661 break;
4662 #endif
4663 }
4664 break;
4665 case 5: /* imul */
4666 switch(ot) {
4667 case OT_BYTE:
4668 gen_op_mov_TN_reg(OT_BYTE, 1, R_EAX);
4669 tcg_gen_ext8s_tl(cpu_T[0], cpu_T[0]);
4670 tcg_gen_ext8s_tl(cpu_T[1], cpu_T[1]);
4671 /* XXX: use 32 bit mul which could be faster */
4672 tcg_gen_mul_tl(cpu_T[0], cpu_T[0], cpu_T[1]);
4673 gen_op_mov_reg_T0(OT_WORD, R_EAX);
4674 tcg_gen_mov_tl(cpu_cc_dst, cpu_T[0]);
4675 tcg_gen_ext8s_tl(cpu_tmp0, cpu_T[0]);
4676 tcg_gen_sub_tl(cpu_cc_src, cpu_T[0], cpu_tmp0);
4677 set_cc_op(s, CC_OP_MULB);
4678 break;
4679 case OT_WORD:
4680 gen_op_mov_TN_reg(OT_WORD, 1, R_EAX);
4681 tcg_gen_ext16s_tl(cpu_T[0], cpu_T[0]);
4682 tcg_gen_ext16s_tl(cpu_T[1], cpu_T[1]);
4683 /* XXX: use 32 bit mul which could be faster */
4684 tcg_gen_mul_tl(cpu_T[0], cpu_T[0], cpu_T[1]);
4685 gen_op_mov_reg_T0(OT_WORD, R_EAX);
4686 tcg_gen_mov_tl(cpu_cc_dst, cpu_T[0]);
4687 tcg_gen_ext16s_tl(cpu_tmp0, cpu_T[0]);
4688 tcg_gen_sub_tl(cpu_cc_src, cpu_T[0], cpu_tmp0);
4689 tcg_gen_shri_tl(cpu_T[0], cpu_T[0], 16);
4690 gen_op_mov_reg_T0(OT_WORD, R_EDX);
4691 set_cc_op(s, CC_OP_MULW);
4692 break;
4693 default:
4694 case OT_LONG:
4695 #ifdef TARGET_X86_64
4696 gen_op_mov_TN_reg(OT_LONG, 1, R_EAX);
4697 tcg_gen_ext32s_tl(cpu_T[0], cpu_T[0]);
4698 tcg_gen_ext32s_tl(cpu_T[1], cpu_T[1]);
4699 tcg_gen_mul_tl(cpu_T[0], cpu_T[0], cpu_T[1]);
4700 gen_op_mov_reg_T0(OT_LONG, R_EAX);
4701 tcg_gen_mov_tl(cpu_cc_dst, cpu_T[0]);
4702 tcg_gen_ext32s_tl(cpu_tmp0, cpu_T[0]);
4703 tcg_gen_sub_tl(cpu_cc_src, cpu_T[0], cpu_tmp0);
4704 tcg_gen_shri_tl(cpu_T[0], cpu_T[0], 32);
4705 gen_op_mov_reg_T0(OT_LONG, R_EDX);
4706 #else
4707 {
4708 TCGv_i64 t0, t1;
4709 t0 = tcg_temp_new_i64();
4710 t1 = tcg_temp_new_i64();
4711 gen_op_mov_TN_reg(OT_LONG, 1, R_EAX);
4712 tcg_gen_ext_i32_i64(t0, cpu_T[0]);
4713 tcg_gen_ext_i32_i64(t1, cpu_T[1]);
4714 tcg_gen_mul_i64(t0, t0, t1);
4715 tcg_gen_trunc_i64_i32(cpu_T[0], t0);
4716 gen_op_mov_reg_T0(OT_LONG, R_EAX);
4717 tcg_gen_mov_tl(cpu_cc_dst, cpu_T[0]);
4718 tcg_gen_sari_tl(cpu_tmp0, cpu_T[0], 31);
4719 tcg_gen_shri_i64(t0, t0, 32);
4720 tcg_gen_trunc_i64_i32(cpu_T[0], t0);
4721 gen_op_mov_reg_T0(OT_LONG, R_EDX);
4722 tcg_gen_sub_tl(cpu_cc_src, cpu_T[0], cpu_tmp0);
4723 }
4724 #endif
4725 set_cc_op(s, CC_OP_MULL);
4726 break;
4727 #ifdef TARGET_X86_64
4728 case OT_QUAD:
4729 gen_helper_imulq_EAX_T0(cpu_env, cpu_T[0]);
4730 set_cc_op(s, CC_OP_MULQ);
4731 break;
4732 #endif
4733 }
4734 break;
4735 case 6: /* div */
4736 switch(ot) {
4737 case OT_BYTE:
4738 gen_jmp_im(pc_start - s->cs_base);
4739 gen_helper_divb_AL(cpu_env, cpu_T[0]);
4740 break;
4741 case OT_WORD:
4742 gen_jmp_im(pc_start - s->cs_base);
4743 gen_helper_divw_AX(cpu_env, cpu_T[0]);
4744 break;
4745 default:
4746 case OT_LONG:
4747 gen_jmp_im(pc_start - s->cs_base);
4748 gen_helper_divl_EAX(cpu_env, cpu_T[0]);
4749 break;
4750 #ifdef TARGET_X86_64
4751 case OT_QUAD:
4752 gen_jmp_im(pc_start - s->cs_base);
4753 gen_helper_divq_EAX(cpu_env, cpu_T[0]);
4754 break;
4755 #endif
4756 }
4757 break;
4758 case 7: /* idiv */
4759 switch(ot) {
4760 case OT_BYTE:
4761 gen_jmp_im(pc_start - s->cs_base);
4762 gen_helper_idivb_AL(cpu_env, cpu_T[0]);
4763 break;
4764 case OT_WORD:
4765 gen_jmp_im(pc_start - s->cs_base);
4766 gen_helper_idivw_AX(cpu_env, cpu_T[0]);
4767 break;
4768 default:
4769 case OT_LONG:
4770 gen_jmp_im(pc_start - s->cs_base);
4771 gen_helper_idivl_EAX(cpu_env, cpu_T[0]);
4772 break;
4773 #ifdef TARGET_X86_64
4774 case OT_QUAD:
4775 gen_jmp_im(pc_start - s->cs_base);
4776 gen_helper_idivq_EAX(cpu_env, cpu_T[0]);
4777 break;
4778 #endif
4779 }
4780 break;
4781 default:
4782 goto illegal_op;
4783 }
4784 break;
4785
4786 case 0xfe: /* GRP4 */
4787 case 0xff: /* GRP5 */
4788 if ((b & 1) == 0)
4789 ot = OT_BYTE;
4790 else
4791 ot = dflag + OT_WORD;
4792
4793 modrm = cpu_ldub_code(env, s->pc++);
4794 mod = (modrm >> 6) & 3;
4795 rm = (modrm & 7) | REX_B(s);
4796 op = (modrm >> 3) & 7;
4797 if (op >= 2 && b == 0xfe) {
4798 goto illegal_op;
4799 }
4800 if (CODE64(s)) {
4801 if (op == 2 || op == 4) {
4802 /* operand size for jumps is 64 bit */
4803 ot = OT_QUAD;
4804 } else if (op == 3 || op == 5) {
4805 ot = dflag ? OT_LONG + (rex_w == 1) : OT_WORD;
4806 } else if (op == 6) {
4807 /* default push size is 64 bit */
4808 ot = dflag ? OT_QUAD : OT_WORD;
4809 }
4810 }
4811 if (mod != 3) {
4812 gen_lea_modrm(env, s, modrm, &reg_addr, &offset_addr);
4813 if (op >= 2 && op != 3 && op != 5)
4814 gen_op_ld_T0_A0(ot + s->mem_index);
4815 } else {
4816 gen_op_mov_TN_reg(ot, 0, rm);
4817 }
4818
4819 switch(op) {
4820 case 0: /* inc Ev */
4821 if (mod != 3)
4822 opreg = OR_TMP0;
4823 else
4824 opreg = rm;
4825 gen_inc(s, ot, opreg, 1);
4826 break;
4827 case 1: /* dec Ev */
4828 if (mod != 3)
4829 opreg = OR_TMP0;
4830 else
4831 opreg = rm;
4832 gen_inc(s, ot, opreg, -1);
4833 break;
4834 case 2: /* call Ev */
4835 /* XXX: optimize if memory (no 'and' is necessary) */
4836 if (s->dflag == 0)
4837 gen_op_andl_T0_ffff();
4838 next_eip = s->pc - s->cs_base;
4839 gen_movtl_T1_im(next_eip);
4840 gen_push_T1(s);
4841 gen_op_jmp_T0();
4842 gen_eob(s);
4843 break;
4844 case 3: /* lcall Ev */
4845 gen_op_ld_T1_A0(ot + s->mem_index);
4846 gen_add_A0_im(s, 1 << (ot - OT_WORD + 1));
4847 gen_op_ldu_T0_A0(OT_WORD + s->mem_index);
4848 do_lcall:
4849 if (s->pe && !s->vm86) {
4850 gen_update_cc_op(s);
4851 gen_jmp_im(pc_start - s->cs_base);
4852 tcg_gen_trunc_tl_i32(cpu_tmp2_i32, cpu_T[0]);
4853 gen_helper_lcall_protected(cpu_env, cpu_tmp2_i32, cpu_T[1],
4854 tcg_const_i32(dflag),
4855 tcg_const_i32(s->pc - pc_start));
4856 } else {
4857 tcg_gen_trunc_tl_i32(cpu_tmp2_i32, cpu_T[0]);
4858 gen_helper_lcall_real(cpu_env, cpu_tmp2_i32, cpu_T[1],
4859 tcg_const_i32(dflag),
4860 tcg_const_i32(s->pc - s->cs_base));
4861 }
4862 gen_eob(s);
4863 break;
4864 case 4: /* jmp Ev */
4865 if (s->dflag == 0)
4866 gen_op_andl_T0_ffff();
4867 gen_op_jmp_T0();
4868 gen_eob(s);
4869 break;
4870 case 5: /* ljmp Ev */
4871 gen_op_ld_T1_A0(ot + s->mem_index);
4872 gen_add_A0_im(s, 1 << (ot - OT_WORD + 1));
4873 gen_op_ldu_T0_A0(OT_WORD + s->mem_index);
4874 do_ljmp:
4875 if (s->pe && !s->vm86) {
4876 gen_update_cc_op(s);
4877 gen_jmp_im(pc_start - s->cs_base);
4878 tcg_gen_trunc_tl_i32(cpu_tmp2_i32, cpu_T[0]);
4879 gen_helper_ljmp_protected(cpu_env, cpu_tmp2_i32, cpu_T[1],
4880 tcg_const_i32(s->pc - pc_start));
4881 } else {
4882 gen_op_movl_seg_T0_vm(R_CS);
4883 gen_op_movl_T0_T1();
4884 gen_op_jmp_T0();
4885 }
4886 gen_eob(s);
4887 break;
4888 case 6: /* push Ev */
4889 gen_push_T0(s);
4890 break;
4891 default:
4892 goto illegal_op;
4893 }
4894 break;
4895
4896 case 0x84: /* test Ev, Gv */
4897 case 0x85:
4898 if ((b & 1) == 0)
4899 ot = OT_BYTE;
4900 else
4901 ot = dflag + OT_WORD;
4902
4903 modrm = cpu_ldub_code(env, s->pc++);
4904 reg = ((modrm >> 3) & 7) | rex_r;
4905
4906 gen_ldst_modrm(env, s, modrm, ot, OR_TMP0, 0);
4907 gen_op_mov_TN_reg(ot, 1, reg);
4908 gen_op_testl_T0_T1_cc();
4909 set_cc_op(s, CC_OP_LOGICB + ot);
4910 break;
4911
4912 case 0xa8: /* test eAX, Iv */
4913 case 0xa9:
4914 if ((b & 1) == 0)
4915 ot = OT_BYTE;
4916 else
4917 ot = dflag + OT_WORD;
4918 val = insn_get(env, s, ot);
4919
4920 gen_op_mov_TN_reg(ot, 0, OR_EAX);
4921 gen_op_movl_T1_im(val);
4922 gen_op_testl_T0_T1_cc();
4923 set_cc_op(s, CC_OP_LOGICB + ot);
4924 break;
4925
4926 case 0x98: /* CWDE/CBW */
4927 #ifdef TARGET_X86_64
4928 if (dflag == 2) {
4929 gen_op_mov_TN_reg(OT_LONG, 0, R_EAX);
4930 tcg_gen_ext32s_tl(cpu_T[0], cpu_T[0]);
4931 gen_op_mov_reg_T0(OT_QUAD, R_EAX);
4932 } else
4933 #endif
4934 if (dflag == 1) {
4935 gen_op_mov_TN_reg(OT_WORD, 0, R_EAX);
4936 tcg_gen_ext16s_tl(cpu_T[0], cpu_T[0]);
4937 gen_op_mov_reg_T0(OT_LONG, R_EAX);
4938 } else {
4939 gen_op_mov_TN_reg(OT_BYTE, 0, R_EAX);
4940 tcg_gen_ext8s_tl(cpu_T[0], cpu_T[0]);
4941 gen_op_mov_reg_T0(OT_WORD, R_EAX);
4942 }
4943 break;
4944 case 0x99: /* CDQ/CWD */
4945 #ifdef TARGET_X86_64
4946 if (dflag == 2) {
4947 gen_op_mov_TN_reg(OT_QUAD, 0, R_EAX);
4948 tcg_gen_sari_tl(cpu_T[0], cpu_T[0], 63);
4949 gen_op_mov_reg_T0(OT_QUAD, R_EDX);
4950 } else
4951 #endif
4952 if (dflag == 1) {
4953 gen_op_mov_TN_reg(OT_LONG, 0, R_EAX);
4954 tcg_gen_ext32s_tl(cpu_T[0], cpu_T[0]);
4955 tcg_gen_sari_tl(cpu_T[0], cpu_T[0], 31);
4956 gen_op_mov_reg_T0(OT_LONG, R_EDX);
4957 } else {
4958 gen_op_mov_TN_reg(OT_WORD, 0, R_EAX);
4959 tcg_gen_ext16s_tl(cpu_T[0], cpu_T[0]);
4960 tcg_gen_sari_tl(cpu_T[0], cpu_T[0], 15);
4961 gen_op_mov_reg_T0(OT_WORD, R_EDX);
4962 }
4963 break;
4964 case 0x1af: /* imul Gv, Ev */
4965 case 0x69: /* imul Gv, Ev, I */
4966 case 0x6b:
4967 ot = dflag + OT_WORD;
4968 modrm = cpu_ldub_code(env, s->pc++);
4969 reg = ((modrm >> 3) & 7) | rex_r;
4970 if (b == 0x69)
4971 s->rip_offset = insn_const_size(ot);
4972 else if (b == 0x6b)
4973 s->rip_offset = 1;
4974 gen_ldst_modrm(env, s, modrm, ot, OR_TMP0, 0);
4975 if (b == 0x69) {
4976 val = insn_get(env, s, ot);
4977 gen_op_movl_T1_im(val);
4978 } else if (b == 0x6b) {
4979 val = (int8_t)insn_get(env, s, OT_BYTE);
4980 gen_op_movl_T1_im(val);
4981 } else {
4982 gen_op_mov_TN_reg(ot, 1, reg);
4983 }
4984
4985 #ifdef TARGET_X86_64
4986 if (ot == OT_QUAD) {
4987 gen_helper_imulq_T0_T1(cpu_T[0], cpu_env, cpu_T[0], cpu_T[1]);
4988 } else
4989 #endif
4990 if (ot == OT_LONG) {
4991 #ifdef TARGET_X86_64
4992 tcg_gen_ext32s_tl(cpu_T[0], cpu_T[0]);
4993 tcg_gen_ext32s_tl(cpu_T[1], cpu_T[1]);
4994 tcg_gen_mul_tl(cpu_T[0], cpu_T[0], cpu_T[1]);
4995 tcg_gen_mov_tl(cpu_cc_dst, cpu_T[0]);
4996 tcg_gen_ext32s_tl(cpu_tmp0, cpu_T[0]);
4997 tcg_gen_sub_tl(cpu_cc_src, cpu_T[0], cpu_tmp0);
4998 #else
4999 {
5000 TCGv_i64 t0, t1;
5001 t0 = tcg_temp_new_i64();
5002 t1 = tcg_temp_new_i64();
5003 tcg_gen_ext_i32_i64(t0, cpu_T[0]);
5004 tcg_gen_ext_i32_i64(t1, cpu_T[1]);
5005 tcg_gen_mul_i64(t0, t0, t1);
5006 tcg_gen_trunc_i64_i32(cpu_T[0], t0);
5007 tcg_gen_mov_tl(cpu_cc_dst, cpu_T[0]);
5008 tcg_gen_sari_tl(cpu_tmp0, cpu_T[0], 31);
5009 tcg_gen_shri_i64(t0, t0, 32);
5010 tcg_gen_trunc_i64_i32(cpu_T[1], t0);
5011 tcg_gen_sub_tl(cpu_cc_src, cpu_T[1], cpu_tmp0);
5012 }
5013 #endif
5014 } else {
5015 tcg_gen_ext16s_tl(cpu_T[0], cpu_T[0]);
5016 tcg_gen_ext16s_tl(cpu_T[1], cpu_T[1]);
5017 /* XXX: use 32 bit mul which could be faster */
5018 tcg_gen_mul_tl(cpu_T[0], cpu_T[0], cpu_T[1]);
5019 tcg_gen_mov_tl(cpu_cc_dst, cpu_T[0]);
5020 tcg_gen_ext16s_tl(cpu_tmp0, cpu_T[0]);
5021 tcg_gen_sub_tl(cpu_cc_src, cpu_T[0], cpu_tmp0);
5022 }
5023 gen_op_mov_reg_T0(ot, reg);
5024 set_cc_op(s, CC_OP_MULB + ot);
5025 break;
5026 case 0x1c0:
5027 case 0x1c1: /* xadd Ev, Gv */
5028 if ((b & 1) == 0)
5029 ot = OT_BYTE;
5030 else
5031 ot = dflag + OT_WORD;
5032 modrm = cpu_ldub_code(env, s->pc++);
5033 reg = ((modrm >> 3) & 7) | rex_r;
5034 mod = (modrm >> 6) & 3;
5035 if (mod == 3) {
5036 rm = (modrm & 7) | REX_B(s);
5037 gen_op_mov_TN_reg(ot, 0, reg);
5038 gen_op_mov_TN_reg(ot, 1, rm);
5039 gen_op_addl_T0_T1();
5040 gen_op_mov_reg_T1(ot, reg);
5041 gen_op_mov_reg_T0(ot, rm);
5042 } else {
5043 gen_lea_modrm(env, s, modrm, &reg_addr, &offset_addr);
5044 gen_op_mov_TN_reg(ot, 0, reg);
5045 gen_op_ld_T1_A0(ot + s->mem_index);
5046 gen_op_addl_T0_T1();
5047 gen_op_st_T0_A0(ot + s->mem_index);
5048 gen_op_mov_reg_T1(ot, reg);
5049 }
5050 gen_op_update2_cc();
5051 set_cc_op(s, CC_OP_ADDB + ot);
5052 break;
5053 case 0x1b0:
5054 case 0x1b1: /* cmpxchg Ev, Gv */
5055 {
5056 int label1, label2;
5057 TCGv t0, t1, t2, a0;
5058
5059 if ((b & 1) == 0)
5060 ot = OT_BYTE;
5061 else
5062 ot = dflag + OT_WORD;
5063 modrm = cpu_ldub_code(env, s->pc++);
5064 reg = ((modrm >> 3) & 7) | rex_r;
5065 mod = (modrm >> 6) & 3;
5066 t0 = tcg_temp_local_new();
5067 t1 = tcg_temp_local_new();
5068 t2 = tcg_temp_local_new();
5069 a0 = tcg_temp_local_new();
5070 gen_op_mov_v_reg(ot, t1, reg);
5071 if (mod == 3) {
5072 rm = (modrm & 7) | REX_B(s);
5073 gen_op_mov_v_reg(ot, t0, rm);
5074 } else {
5075 gen_lea_modrm(env, s, modrm, &reg_addr, &offset_addr);
5076 tcg_gen_mov_tl(a0, cpu_A0);
5077 gen_op_ld_v(ot + s->mem_index, t0, a0);
5078 rm = 0; /* avoid warning */
5079 }
5080 label1 = gen_new_label();
5081 tcg_gen_sub_tl(t2, cpu_regs[R_EAX], t0);
5082 gen_extu(ot, t2);
5083 tcg_gen_brcondi_tl(TCG_COND_EQ, t2, 0, label1);
5084 label2 = gen_new_label();
5085 if (mod == 3) {
5086 gen_op_mov_reg_v(ot, R_EAX, t0);
5087 tcg_gen_br(label2);
5088 gen_set_label(label1);
5089 gen_op_mov_reg_v(ot, rm, t1);
5090 } else {
5091 /* perform no-op store cycle like physical cpu; must be
5092 before changing accumulator to ensure idempotency if
5093 the store faults and the instruction is restarted */
5094 gen_op_st_v(ot + s->mem_index, t0, a0);
5095 gen_op_mov_reg_v(ot, R_EAX, t0);
5096 tcg_gen_br(label2);
5097 gen_set_label(label1);
5098 gen_op_st_v(ot + s->mem_index, t1, a0);
5099 }
5100 gen_set_label(label2);
5101 tcg_gen_mov_tl(cpu_cc_src, t0);
5102 tcg_gen_mov_tl(cpu_cc_dst, t2);
5103 set_cc_op(s, CC_OP_SUBB + ot);
5104 tcg_temp_free(t0);
5105 tcg_temp_free(t1);
5106 tcg_temp_free(t2);
5107 tcg_temp_free(a0);
5108 }
5109 break;
5110 case 0x1c7: /* cmpxchg8b */
5111 modrm = cpu_ldub_code(env, s->pc++);
5112 mod = (modrm >> 6) & 3;
5113 if ((mod == 3) || ((modrm & 0x38) != 0x8))
5114 goto illegal_op;
5115 #ifdef TARGET_X86_64
5116 if (dflag == 2) {
5117 if (!(s->cpuid_ext_features & CPUID_EXT_CX16))
5118 goto illegal_op;
5119 gen_jmp_im(pc_start - s->cs_base);
5120 gen_update_cc_op(s);
5121 gen_lea_modrm(env, s, modrm, &reg_addr, &offset_addr);
5122 gen_helper_cmpxchg16b(cpu_env, cpu_A0);
5123 } else
5124 #endif
5125 {
5126 if (!(s->cpuid_features & CPUID_CX8))
5127 goto illegal_op;
5128 gen_jmp_im(pc_start - s->cs_base);
5129 gen_update_cc_op(s);
5130 gen_lea_modrm(env, s, modrm, &reg_addr, &offset_addr);
5131 gen_helper_cmpxchg8b(cpu_env, cpu_A0);
5132 }
5133 set_cc_op(s, CC_OP_EFLAGS);
5134 break;
5135
5136 /**************************/
5137 /* push/pop */
5138 case 0x50 ... 0x57: /* push */
5139 gen_op_mov_TN_reg(OT_LONG, 0, (b & 7) | REX_B(s));
5140 gen_push_T0(s);
5141 break;
5142 case 0x58 ... 0x5f: /* pop */
5143 if (CODE64(s)) {
5144 ot = dflag ? OT_QUAD : OT_WORD;
5145 } else {
5146 ot = dflag + OT_WORD;
5147 }
5148 gen_pop_T0(s);
5149 /* NOTE: order is important for pop %sp */
5150 gen_pop_update(s);
5151 gen_op_mov_reg_T0(ot, (b & 7) | REX_B(s));
5152 break;
5153 case 0x60: /* pusha */
5154 if (CODE64(s))
5155 goto illegal_op;
5156 gen_pusha(s);
5157 break;
5158 case 0x61: /* popa */
5159 if (CODE64(s))
5160 goto illegal_op;
5161 gen_popa(s);
5162 break;
5163 case 0x68: /* push Iv */
5164 case 0x6a:
5165 if (CODE64(s)) {
5166 ot = dflag ? OT_QUAD : OT_WORD;
5167 } else {
5168 ot = dflag + OT_WORD;
5169 }
5170 if (b == 0x68)
5171 val = insn_get(env, s, ot);
5172 else
5173 val = (int8_t)insn_get(env, s, OT_BYTE);
5174 gen_op_movl_T0_im(val);
5175 gen_push_T0(s);
5176 break;
5177 case 0x8f: /* pop Ev */
5178 if (CODE64(s)) {
5179 ot = dflag ? OT_QUAD : OT_WORD;
5180 } else {
5181 ot = dflag + OT_WORD;
5182 }
5183 modrm = cpu_ldub_code(env, s->pc++);
5184 mod = (modrm >> 6) & 3;
5185 gen_pop_T0(s);
5186 if (mod == 3) {
5187 /* NOTE: order is important for pop %sp */
5188 gen_pop_update(s);
5189 rm = (modrm & 7) | REX_B(s);
5190 gen_op_mov_reg_T0(ot, rm);
5191 } else {
5192 /* NOTE: order is important too for MMU exceptions */
5193 s->popl_esp_hack = 1 << ot;
5194 gen_ldst_modrm(env, s, modrm, ot, OR_TMP0, 1);
5195 s->popl_esp_hack = 0;
5196 gen_pop_update(s);
5197 }
5198 break;
5199 case 0xc8: /* enter */
5200 {
5201 int level;
5202 val = cpu_lduw_code(env, s->pc);
5203 s->pc += 2;
5204 level = cpu_ldub_code(env, s->pc++);
5205 gen_enter(s, val, level);
5206 }
5207 break;
5208 case 0xc9: /* leave */
5209 /* XXX: exception not precise (ESP is updated before potential exception) */
5210 if (CODE64(s)) {
5211 gen_op_mov_TN_reg(OT_QUAD, 0, R_EBP);
5212 gen_op_mov_reg_T0(OT_QUAD, R_ESP);
5213 } else if (s->ss32) {
5214 gen_op_mov_TN_reg(OT_LONG, 0, R_EBP);
5215 gen_op_mov_reg_T0(OT_LONG, R_ESP);
5216 } else {
5217 gen_op_mov_TN_reg(OT_WORD, 0, R_EBP);
5218 gen_op_mov_reg_T0(OT_WORD, R_ESP);
5219 }
5220 gen_pop_T0(s);
5221 if (CODE64(s)) {
5222 ot = dflag ? OT_QUAD : OT_WORD;
5223 } else {
5224 ot = dflag + OT_WORD;
5225 }
5226 gen_op_mov_reg_T0(ot, R_EBP);
5227 gen_pop_update(s);
5228 break;
5229 case 0x06: /* push es */
5230 case 0x0e: /* push cs */
5231 case 0x16: /* push ss */
5232 case 0x1e: /* push ds */
5233 if (CODE64(s))
5234 goto illegal_op;
5235 gen_op_movl_T0_seg(b >> 3);
5236 gen_push_T0(s);
5237 break;
5238 case 0x1a0: /* push fs */
5239 case 0x1a8: /* push gs */
5240 gen_op_movl_T0_seg((b >> 3) & 7);
5241 gen_push_T0(s);
5242 break;
5243 case 0x07: /* pop es */
5244 case 0x17: /* pop ss */
5245 case 0x1f: /* pop ds */
5246 if (CODE64(s))
5247 goto illegal_op;
5248 reg = b >> 3;
5249 gen_pop_T0(s);
5250 gen_movl_seg_T0(s, reg, pc_start - s->cs_base);
5251 gen_pop_update(s);
5252 if (reg == R_SS) {
5253 /* if reg == SS, inhibit interrupts/trace. */
5254 /* If several instructions disable interrupts, only the
5255 _first_ does it */
5256 if (!(s->tb->flags & HF_INHIBIT_IRQ_MASK))
5257 gen_helper_set_inhibit_irq(cpu_env);
5258 s->tf = 0;
5259 }
5260 if (s->is_jmp) {
5261 gen_jmp_im(s->pc - s->cs_base);
5262 gen_eob(s);
5263 }
5264 break;
5265 case 0x1a1: /* pop fs */
5266 case 0x1a9: /* pop gs */
5267 gen_pop_T0(s);
5268 gen_movl_seg_T0(s, (b >> 3) & 7, pc_start - s->cs_base);
5269 gen_pop_update(s);
5270 if (s->is_jmp) {
5271 gen_jmp_im(s->pc - s->cs_base);
5272 gen_eob(s);
5273 }
5274 break;
5275
5276 /**************************/
5277 /* mov */
5278 case 0x88:
5279 case 0x89: /* mov Gv, Ev */
5280 if ((b & 1) == 0)
5281 ot = OT_BYTE;
5282 else
5283 ot = dflag + OT_WORD;
5284 modrm = cpu_ldub_code(env, s->pc++);
5285 reg = ((modrm >> 3) & 7) | rex_r;
5286
5287 /* generate a generic store */
5288 gen_ldst_modrm(env, s, modrm, ot, reg, 1);
5289 break;
5290 case 0xc6:
5291 case 0xc7: /* mov Ev, Iv */
5292 if ((b & 1) == 0)
5293 ot = OT_BYTE;
5294 else
5295 ot = dflag + OT_WORD;
5296 modrm = cpu_ldub_code(env, s->pc++);
5297 mod = (modrm >> 6) & 3;
5298 if (mod != 3) {
5299 s->rip_offset = insn_const_size(ot);
5300 gen_lea_modrm(env, s, modrm, &reg_addr, &offset_addr);
5301 }
5302 val = insn_get(env, s, ot);
5303 gen_op_movl_T0_im(val);
5304 if (mod != 3)
5305 gen_op_st_T0_A0(ot + s->mem_index);
5306 else
5307 gen_op_mov_reg_T0(ot, (modrm & 7) | REX_B(s));
5308 break;
5309 case 0x8a:
5310 case 0x8b: /* mov Ev, Gv */
5311 if ((b & 1) == 0)
5312 ot = OT_BYTE;
5313 else
5314 ot = OT_WORD + dflag;
5315 modrm = cpu_ldub_code(env, s->pc++);
5316 reg = ((modrm >> 3) & 7) | rex_r;
5317
5318 gen_ldst_modrm(env, s, modrm, ot, OR_TMP0, 0);
5319 gen_op_mov_reg_T0(ot, reg);
5320 break;
5321 case 0x8e: /* mov seg, Gv */
5322 modrm = cpu_ldub_code(env, s->pc++);
5323 reg = (modrm >> 3) & 7;
5324 if (reg >= 6 || reg == R_CS)
5325 goto illegal_op;
5326 gen_ldst_modrm(env, s, modrm, OT_WORD, OR_TMP0, 0);
5327 gen_movl_seg_T0(s, reg, pc_start - s->cs_base);
5328 if (reg == R_SS) {
5329 /* if reg == SS, inhibit interrupts/trace */
5330 /* If several instructions disable interrupts, only the
5331 _first_ does it */
5332 if (!(s->tb->flags & HF_INHIBIT_IRQ_MASK))
5333 gen_helper_set_inhibit_irq(cpu_env);
5334 s->tf = 0;
5335 }
5336 if (s->is_jmp) {
5337 gen_jmp_im(s->pc - s->cs_base);
5338 gen_eob(s);
5339 }
5340 break;
5341 case 0x8c: /* mov Gv, seg */
5342 modrm = cpu_ldub_code(env, s->pc++);
5343 reg = (modrm >> 3) & 7;
5344 mod = (modrm >> 6) & 3;
5345 if (reg >= 6)
5346 goto illegal_op;
5347 gen_op_movl_T0_seg(reg);
5348 if (mod == 3)
5349 ot = OT_WORD + dflag;
5350 else
5351 ot = OT_WORD;
5352 gen_ldst_modrm(env, s, modrm, ot, OR_TMP0, 1);
5353 break;
5354
5355 case 0x1b6: /* movzbS Gv, Eb */
5356 case 0x1b7: /* movzwS Gv, Eb */
5357 case 0x1be: /* movsbS Gv, Eb */
5358 case 0x1bf: /* movswS Gv, Eb */
5359 {
5360 int d_ot;
5361 /* d_ot is the size of destination */
5362 d_ot = dflag + OT_WORD;
5363 /* ot is the size of source */
5364 ot = (b & 1) + OT_BYTE;
5365 modrm = cpu_ldub_code(env, s->pc++);
5366 reg = ((modrm >> 3) & 7) | rex_r;
5367 mod = (modrm >> 6) & 3;
5368 rm = (modrm & 7) | REX_B(s);
5369
5370 if (mod == 3) {
5371 gen_op_mov_TN_reg(ot, 0, rm);
5372 switch(ot | (b & 8)) {
5373 case OT_BYTE:
5374 tcg_gen_ext8u_tl(cpu_T[0], cpu_T[0]);
5375 break;
5376 case OT_BYTE | 8:
5377 tcg_gen_ext8s_tl(cpu_T[0], cpu_T[0]);
5378 break;
5379 case OT_WORD:
5380 tcg_gen_ext16u_tl(cpu_T[0], cpu_T[0]);
5381 break;
5382 default:
5383 case OT_WORD | 8:
5384 tcg_gen_ext16s_tl(cpu_T[0], cpu_T[0]);
5385 break;
5386 }
5387 gen_op_mov_reg_T0(d_ot, reg);
5388 } else {
5389 gen_lea_modrm(env, s, modrm, &reg_addr, &offset_addr);
5390 if (b & 8) {
5391 gen_op_lds_T0_A0(ot + s->mem_index);
5392 } else {
5393 gen_op_ldu_T0_A0(ot + s->mem_index);
5394 }
5395 gen_op_mov_reg_T0(d_ot, reg);
5396 }
5397 }
5398 break;
5399
5400 case 0x8d: /* lea */
5401 ot = dflag + OT_WORD;
5402 modrm = cpu_ldub_code(env, s->pc++);
5403 mod = (modrm >> 6) & 3;
5404 if (mod == 3)
5405 goto illegal_op;
5406 reg = ((modrm >> 3) & 7) | rex_r;
5407 /* we must ensure that no segment is added */
5408 s->override = -1;
5409 val = s->addseg;
5410 s->addseg = 0;
5411 gen_lea_modrm(env, s, modrm, &reg_addr, &offset_addr);
5412 s->addseg = val;
5413 gen_op_mov_reg_A0(ot - OT_WORD, reg);
5414 break;
5415
5416 case 0xa0: /* mov EAX, Ov */
5417 case 0xa1:
5418 case 0xa2: /* mov Ov, EAX */
5419 case 0xa3:
5420 {
5421 target_ulong offset_addr;
5422
5423 if ((b & 1) == 0)
5424 ot = OT_BYTE;
5425 else
5426 ot = dflag + OT_WORD;
5427 #ifdef TARGET_X86_64
5428 if (s->aflag == 2) {
5429 offset_addr = cpu_ldq_code(env, s->pc);
5430 s->pc += 8;
5431 gen_op_movq_A0_im(offset_addr);
5432 } else
5433 #endif
5434 {
5435 if (s->aflag) {
5436 offset_addr = insn_get(env, s, OT_LONG);
5437 } else {
5438 offset_addr = insn_get(env, s, OT_WORD);
5439 }
5440 gen_op_movl_A0_im(offset_addr);
5441 }
5442 gen_add_A0_ds_seg(s);
5443 if ((b & 2) == 0) {
5444 gen_op_ld_T0_A0(ot + s->mem_index);
5445 gen_op_mov_reg_T0(ot, R_EAX);
5446 } else {
5447 gen_op_mov_TN_reg(ot, 0, R_EAX);
5448 gen_op_st_T0_A0(ot + s->mem_index);
5449 }
5450 }
5451 break;
5452 case 0xd7: /* xlat */
5453 #ifdef TARGET_X86_64
5454 if (s->aflag == 2) {
5455 gen_op_movq_A0_reg(R_EBX);
5456 gen_op_mov_TN_reg(OT_QUAD, 0, R_EAX);
5457 tcg_gen_andi_tl(cpu_T[0], cpu_T[0], 0xff);
5458 tcg_gen_add_tl(cpu_A0, cpu_A0, cpu_T[0]);
5459 } else
5460 #endif
5461 {
5462 gen_op_movl_A0_reg(R_EBX);
5463 gen_op_mov_TN_reg(OT_LONG, 0, R_EAX);
5464 tcg_gen_andi_tl(cpu_T[0], cpu_T[0], 0xff);
5465 tcg_gen_add_tl(cpu_A0, cpu_A0, cpu_T[0]);
5466 if (s->aflag == 0)
5467 gen_op_andl_A0_ffff();
5468 else
5469 tcg_gen_andi_tl(cpu_A0, cpu_A0, 0xffffffff);
5470 }
5471 gen_add_A0_ds_seg(s);
5472 gen_op_ldu_T0_A0(OT_BYTE + s->mem_index);
5473 gen_op_mov_reg_T0(OT_BYTE, R_EAX);
5474 break;
5475 case 0xb0 ... 0xb7: /* mov R, Ib */
5476 val = insn_get(env, s, OT_BYTE);
5477 gen_op_movl_T0_im(val);
5478 gen_op_mov_reg_T0(OT_BYTE, (b & 7) | REX_B(s));
5479 break;
5480 case 0xb8 ... 0xbf: /* mov R, Iv */
5481 #ifdef TARGET_X86_64
5482 if (dflag == 2) {
5483 uint64_t tmp;
5484 /* 64 bit case */
5485 tmp = cpu_ldq_code(env, s->pc);
5486 s->pc += 8;
5487 reg = (b & 7) | REX_B(s);
5488 gen_movtl_T0_im(tmp);
5489 gen_op_mov_reg_T0(OT_QUAD, reg);
5490 } else
5491 #endif
5492 {
5493 ot = dflag ? OT_LONG : OT_WORD;
5494 val = insn_get(env, s, ot);
5495 reg = (b & 7) | REX_B(s);
5496 gen_op_movl_T0_im(val);
5497 gen_op_mov_reg_T0(ot, reg);
5498 }
5499 break;
5500
5501 case 0x91 ... 0x97: /* xchg R, EAX */
5502 do_xchg_reg_eax:
5503 ot = dflag + OT_WORD;
5504 reg = (b & 7) | REX_B(s);
5505 rm = R_EAX;
5506 goto do_xchg_reg;
5507 case 0x86:
5508 case 0x87: /* xchg Ev, Gv */
5509 if ((b & 1) == 0)
5510 ot = OT_BYTE;
5511 else
5512 ot = dflag + OT_WORD;
5513 modrm = cpu_ldub_code(env, s->pc++);
5514 reg = ((modrm >> 3) & 7) | rex_r;
5515 mod = (modrm >> 6) & 3;
5516 if (mod == 3) {
5517 rm = (modrm & 7) | REX_B(s);
5518 do_xchg_reg:
5519 gen_op_mov_TN_reg(ot, 0, reg);
5520 gen_op_mov_TN_reg(ot, 1, rm);
5521 gen_op_mov_reg_T0(ot, rm);
5522 gen_op_mov_reg_T1(ot, reg);
5523 } else {
5524 gen_lea_modrm(env, s, modrm, &reg_addr, &offset_addr);
5525 gen_op_mov_TN_reg(ot, 0, reg);
5526 /* for xchg, lock is implicit */
5527 if (!(prefixes & PREFIX_LOCK))
5528 gen_helper_lock();
5529 gen_op_ld_T1_A0(ot + s->mem_index);
5530 gen_op_st_T0_A0(ot + s->mem_index);
5531 if (!(prefixes & PREFIX_LOCK))
5532 gen_helper_unlock();
5533 gen_op_mov_reg_T1(ot, reg);
5534 }
5535 break;
5536 case 0xc4: /* les Gv */
5537 if (CODE64(s))
5538 goto illegal_op;
5539 op = R_ES;
5540 goto do_lxx;
5541 case 0xc5: /* lds Gv */
5542 if (CODE64(s))
5543 goto illegal_op;
5544 op = R_DS;
5545 goto do_lxx;
5546 case 0x1b2: /* lss Gv */
5547 op = R_SS;
5548 goto do_lxx;
5549 case 0x1b4: /* lfs Gv */
5550 op = R_FS;
5551 goto do_lxx;
5552 case 0x1b5: /* lgs Gv */
5553 op = R_GS;
5554 do_lxx:
5555 ot = dflag ? OT_LONG : OT_WORD;
5556 modrm = cpu_ldub_code(env, s->pc++);
5557 reg = ((modrm >> 3) & 7) | rex_r;
5558 mod = (modrm >> 6) & 3;
5559 if (mod == 3)
5560 goto illegal_op;
5561 gen_lea_modrm(env, s, modrm, &reg_addr, &offset_addr);
5562 gen_op_ld_T1_A0(ot + s->mem_index);
5563 gen_add_A0_im(s, 1 << (ot - OT_WORD + 1));
5564 /* load the segment first to handle exceptions properly */
5565 gen_op_ldu_T0_A0(OT_WORD + s->mem_index);
5566 gen_movl_seg_T0(s, op, pc_start - s->cs_base);
5567 /* then put the data */
5568 gen_op_mov_reg_T1(ot, reg);
5569 if (s->is_jmp) {
5570 gen_jmp_im(s->pc - s->cs_base);
5571 gen_eob(s);
5572 }
5573 break;
5574
5575 /************************/
5576 /* shifts */
5577 case 0xc0:
5578 case 0xc1:
5579 /* shift Ev,Ib */
5580 shift = 2;
5581 grp2:
5582 {
5583 if ((b & 1) == 0)
5584 ot = OT_BYTE;
5585 else
5586 ot = dflag + OT_WORD;
5587
5588 modrm = cpu_ldub_code(env, s->pc++);
5589 mod = (modrm >> 6) & 3;
5590 op = (modrm >> 3) & 7;
5591
5592 if (mod != 3) {
5593 if (shift == 2) {
5594 s->rip_offset = 1;
5595 }
5596 gen_lea_modrm(env, s, modrm, &reg_addr, &offset_addr);
5597 opreg = OR_TMP0;
5598 } else {
5599 opreg = (modrm & 7) | REX_B(s);
5600 }
5601
5602 /* simpler op */
5603 if (shift == 0) {
5604 gen_shift(s, op, ot, opreg, OR_ECX);
5605 } else {
5606 if (shift == 2) {
5607 shift = cpu_ldub_code(env, s->pc++);
5608 }
5609 gen_shifti(s, op, ot, opreg, shift);
5610 }
5611 }
5612 break;
5613 case 0xd0:
5614 case 0xd1:
5615 /* shift Ev,1 */
5616 shift = 1;
5617 goto grp2;
5618 case 0xd2:
5619 case 0xd3:
5620 /* shift Ev,cl */
5621 shift = 0;
5622 goto grp2;
5623
5624 case 0x1a4: /* shld imm */
5625 op = 0;
5626 shift = 1;
5627 goto do_shiftd;
5628 case 0x1a5: /* shld cl */
5629 op = 0;
5630 shift = 0;
5631 goto do_shiftd;
5632 case 0x1ac: /* shrd imm */
5633 op = 1;
5634 shift = 1;
5635 goto do_shiftd;
5636 case 0x1ad: /* shrd cl */
5637 op = 1;
5638 shift = 0;
5639 do_shiftd:
5640 ot = dflag + OT_WORD;
5641 modrm = cpu_ldub_code(env, s->pc++);
5642 mod = (modrm >> 6) & 3;
5643 rm = (modrm & 7) | REX_B(s);
5644 reg = ((modrm >> 3) & 7) | rex_r;
5645 if (mod != 3) {
5646 gen_lea_modrm(env, s, modrm, &reg_addr, &offset_addr);
5647 opreg = OR_TMP0;
5648 } else {
5649 opreg = rm;
5650 }
5651 gen_op_mov_TN_reg(ot, 1, reg);
5652
5653 if (shift) {
5654 val = cpu_ldub_code(env, s->pc++);
5655 tcg_gen_movi_tl(cpu_T3, val);
5656 } else {
5657 tcg_gen_mov_tl(cpu_T3, cpu_regs[R_ECX]);
5658 }
5659 gen_shiftd_rm_T1_T3(s, ot, opreg, op);
5660 break;
5661
5662 /************************/
5663 /* floats */
5664 case 0xd8 ... 0xdf:
5665 if (s->flags & (HF_EM_MASK | HF_TS_MASK)) {
5666 /* if CR0.EM or CR0.TS are set, generate an FPU exception */
5667 /* XXX: what to do if illegal op ? */
5668 gen_exception(s, EXCP07_PREX, pc_start - s->cs_base);
5669 break;
5670 }
5671 modrm = cpu_ldub_code(env, s->pc++);
5672 mod = (modrm >> 6) & 3;
5673 rm = modrm & 7;
5674 op = ((b & 7) << 3) | ((modrm >> 3) & 7);
5675 if (mod != 3) {
5676 /* memory op */
5677 gen_lea_modrm(env, s, modrm, &reg_addr, &offset_addr);
5678 switch(op) {
5679 case 0x00 ... 0x07: /* fxxxs */
5680 case 0x10 ... 0x17: /* fixxxl */
5681 case 0x20 ... 0x27: /* fxxxl */
5682 case 0x30 ... 0x37: /* fixxx */
5683 {
5684 int op1;
5685 op1 = op & 7;
5686
5687 switch(op >> 4) {
5688 case 0:
5689 gen_op_ld_T0_A0(OT_LONG + s->mem_index);
5690 tcg_gen_trunc_tl_i32(cpu_tmp2_i32, cpu_T[0]);
5691 gen_helper_flds_FT0(cpu_env, cpu_tmp2_i32);
5692 break;
5693 case 1:
5694 gen_op_ld_T0_A0(OT_LONG + s->mem_index);
5695 tcg_gen_trunc_tl_i32(cpu_tmp2_i32, cpu_T[0]);
5696 gen_helper_fildl_FT0(cpu_env, cpu_tmp2_i32);
5697 break;
5698 case 2:
5699 tcg_gen_qemu_ld64(cpu_tmp1_i64, cpu_A0,
5700 (s->mem_index >> 2) - 1);
5701 gen_helper_fldl_FT0(cpu_env, cpu_tmp1_i64);
5702 break;
5703 case 3:
5704 default:
5705 gen_op_lds_T0_A0(OT_WORD + s->mem_index);
5706 tcg_gen_trunc_tl_i32(cpu_tmp2_i32, cpu_T[0]);
5707 gen_helper_fildl_FT0(cpu_env, cpu_tmp2_i32);
5708 break;
5709 }
5710
5711 gen_helper_fp_arith_ST0_FT0(op1);
5712 if (op1 == 3) {
5713 /* fcomp needs pop */
5714 gen_helper_fpop(cpu_env);
5715 }
5716 }
5717 break;
5718 case 0x08: /* flds */
5719 case 0x0a: /* fsts */
5720 case 0x0b: /* fstps */
5721 case 0x18 ... 0x1b: /* fildl, fisttpl, fistl, fistpl */
5722 case 0x28 ... 0x2b: /* fldl, fisttpll, fstl, fstpl */
5723 case 0x38 ... 0x3b: /* filds, fisttps, fists, fistps */
5724 switch(op & 7) {
5725 case 0:
5726 switch(op >> 4) {
5727 case 0:
5728 gen_op_ld_T0_A0(OT_LONG + s->mem_index);
5729 tcg_gen_trunc_tl_i32(cpu_tmp2_i32, cpu_T[0]);
5730 gen_helper_flds_ST0(cpu_env, cpu_tmp2_i32);
5731 break;
5732 case 1:
5733 gen_op_ld_T0_A0(OT_LONG + s->mem_index);
5734 tcg_gen_trunc_tl_i32(cpu_tmp2_i32, cpu_T[0]);
5735 gen_helper_fildl_ST0(cpu_env, cpu_tmp2_i32);
5736 break;
5737 case 2:
5738 tcg_gen_qemu_ld64(cpu_tmp1_i64, cpu_A0,
5739 (s->mem_index >> 2) - 1);
5740 gen_helper_fldl_ST0(cpu_env, cpu_tmp1_i64);
5741 break;
5742 case 3:
5743 default:
5744 gen_op_lds_T0_A0(OT_WORD + s->mem_index);
5745 tcg_gen_trunc_tl_i32(cpu_tmp2_i32, cpu_T[0]);
5746 gen_helper_fildl_ST0(cpu_env, cpu_tmp2_i32);
5747 break;
5748 }
5749 break;
5750 case 1:
5751 /* XXX: the corresponding CPUID bit must be tested ! */
5752 switch(op >> 4) {
5753 case 1:
5754 gen_helper_fisttl_ST0(cpu_tmp2_i32, cpu_env);
5755 tcg_gen_extu_i32_tl(cpu_T[0], cpu_tmp2_i32);
5756 gen_op_st_T0_A0(OT_LONG + s->mem_index);
5757 break;
5758 case 2:
5759 gen_helper_fisttll_ST0(cpu_tmp1_i64, cpu_env);
5760 tcg_gen_qemu_st64(cpu_tmp1_i64, cpu_A0,
5761 (s->mem_index >> 2) - 1);
5762 break;
5763 case 3:
5764 default:
5765 gen_helper_fistt_ST0(cpu_tmp2_i32, cpu_env);
5766 tcg_gen_extu_i32_tl(cpu_T[0], cpu_tmp2_i32);
5767 gen_op_st_T0_A0(OT_WORD + s->mem_index);
5768 break;
5769 }
5770 gen_helper_fpop(cpu_env);
5771 break;
5772 default:
5773 switch(op >> 4) {
5774 case 0:
5775 gen_helper_fsts_ST0(cpu_tmp2_i32, cpu_env);
5776 tcg_gen_extu_i32_tl(cpu_T[0], cpu_tmp2_i32);
5777 gen_op_st_T0_A0(OT_LONG + s->mem_index);
5778 break;
5779 case 1:
5780 gen_helper_fistl_ST0(cpu_tmp2_i32, cpu_env);
5781 tcg_gen_extu_i32_tl(cpu_T[0], cpu_tmp2_i32);
5782 gen_op_st_T0_A0(OT_LONG + s->mem_index);
5783 break;
5784 case 2:
5785 gen_helper_fstl_ST0(cpu_tmp1_i64, cpu_env);
5786 tcg_gen_qemu_st64(cpu_tmp1_i64, cpu_A0,
5787 (s->mem_index >> 2) - 1);
5788 break;
5789 case 3:
5790 default:
5791 gen_helper_fist_ST0(cpu_tmp2_i32, cpu_env);
5792 tcg_gen_extu_i32_tl(cpu_T[0], cpu_tmp2_i32);
5793 gen_op_st_T0_A0(OT_WORD + s->mem_index);
5794 break;
5795 }
5796 if ((op & 7) == 3)
5797 gen_helper_fpop(cpu_env);
5798 break;
5799 }
5800 break;
5801 case 0x0c: /* fldenv mem */
5802 gen_update_cc_op(s);
5803 gen_jmp_im(pc_start - s->cs_base);
5804 gen_helper_fldenv(cpu_env, cpu_A0, tcg_const_i32(s->dflag));
5805 break;
5806 case 0x0d: /* fldcw mem */
5807 gen_op_ld_T0_A0(OT_WORD + s->mem_index);
5808 tcg_gen_trunc_tl_i32(cpu_tmp2_i32, cpu_T[0]);
5809 gen_helper_fldcw(cpu_env, cpu_tmp2_i32);
5810 break;
5811 case 0x0e: /* fnstenv mem */
5812 gen_update_cc_op(s);
5813 gen_jmp_im(pc_start - s->cs_base);
5814 gen_helper_fstenv(cpu_env, cpu_A0, tcg_const_i32(s->dflag));
5815 break;
5816 case 0x0f: /* fnstcw mem */
5817 gen_helper_fnstcw(cpu_tmp2_i32, cpu_env);
5818 tcg_gen_extu_i32_tl(cpu_T[0], cpu_tmp2_i32);
5819 gen_op_st_T0_A0(OT_WORD + s->mem_index);
5820 break;
5821 case 0x1d: /* fldt mem */
5822 gen_update_cc_op(s);
5823 gen_jmp_im(pc_start - s->cs_base);
5824 gen_helper_fldt_ST0(cpu_env, cpu_A0);
5825 break;
5826 case 0x1f: /* fstpt mem */
5827 gen_update_cc_op(s);
5828 gen_jmp_im(pc_start - s->cs_base);
5829 gen_helper_fstt_ST0(cpu_env, cpu_A0);
5830 gen_helper_fpop(cpu_env);
5831 break;
5832 case 0x2c: /* frstor mem */
5833 gen_update_cc_op(s);
5834 gen_jmp_im(pc_start - s->cs_base);
5835 gen_helper_frstor(cpu_env, cpu_A0, tcg_const_i32(s->dflag));
5836 break;
5837 case 0x2e: /* fnsave mem */
5838 gen_update_cc_op(s);
5839 gen_jmp_im(pc_start - s->cs_base);
5840 gen_helper_fsave(cpu_env, cpu_A0, tcg_const_i32(s->dflag));
5841 break;
5842 case 0x2f: /* fnstsw mem */
5843 gen_helper_fnstsw(cpu_tmp2_i32, cpu_env);
5844 tcg_gen_extu_i32_tl(cpu_T[0], cpu_tmp2_i32);
5845 gen_op_st_T0_A0(OT_WORD + s->mem_index);
5846 break;
5847 case 0x3c: /* fbld */
5848 gen_update_cc_op(s);
5849 gen_jmp_im(pc_start - s->cs_base);
5850 gen_helper_fbld_ST0(cpu_env, cpu_A0);
5851 break;
5852 case 0x3e: /* fbstp */
5853 gen_update_cc_op(s);
5854 gen_jmp_im(pc_start - s->cs_base);
5855 gen_helper_fbst_ST0(cpu_env, cpu_A0);
5856 gen_helper_fpop(cpu_env);
5857 break;
5858 case 0x3d: /* fildll */
5859 tcg_gen_qemu_ld64(cpu_tmp1_i64, cpu_A0,
5860 (s->mem_index >> 2) - 1);
5861 gen_helper_fildll_ST0(cpu_env, cpu_tmp1_i64);
5862 break;
5863 case 0x3f: /* fistpll */
5864 gen_helper_fistll_ST0(cpu_tmp1_i64, cpu_env);
5865 tcg_gen_qemu_st64(cpu_tmp1_i64, cpu_A0,
5866 (s->mem_index >> 2) - 1);
5867 gen_helper_fpop(cpu_env);
5868 break;
5869 default:
5870 goto illegal_op;
5871 }
5872 } else {
5873 /* register float ops */
5874 opreg = rm;
5875
5876 switch(op) {
5877 case 0x08: /* fld sti */
5878 gen_helper_fpush(cpu_env);
5879 gen_helper_fmov_ST0_STN(cpu_env,
5880 tcg_const_i32((opreg + 1) & 7));
5881 break;
5882 case 0x09: /* fxchg sti */
5883 case 0x29: /* fxchg4 sti, undocumented op */
5884 case 0x39: /* fxchg7 sti, undocumented op */
5885 gen_helper_fxchg_ST0_STN(cpu_env, tcg_const_i32(opreg));
5886 break;
5887 case 0x0a: /* grp d9/2 */
5888 switch(rm) {
5889 case 0: /* fnop */
5890 /* check exceptions (FreeBSD FPU probe) */
5891 gen_update_cc_op(s);
5892 gen_jmp_im(pc_start - s->cs_base);
5893 gen_helper_fwait(cpu_env);
5894 break;
5895 default:
5896 goto illegal_op;
5897 }
5898 break;
5899 case 0x0c: /* grp d9/4 */
5900 switch(rm) {
5901 case 0: /* fchs */
5902 gen_helper_fchs_ST0(cpu_env);
5903 break;
5904 case 1: /* fabs */
5905 gen_helper_fabs_ST0(cpu_env);
5906 break;
5907 case 4: /* ftst */
5908 gen_helper_fldz_FT0(cpu_env);
5909 gen_helper_fcom_ST0_FT0(cpu_env);
5910 break;
5911 case 5: /* fxam */
5912 gen_helper_fxam_ST0(cpu_env);
5913 break;
5914 default:
5915 goto illegal_op;
5916 }
5917 break;
5918 case 0x0d: /* grp d9/5 */
5919 {
5920 switch(rm) {
5921 case 0:
5922 gen_helper_fpush(cpu_env);
5923 gen_helper_fld1_ST0(cpu_env);
5924 break;
5925 case 1:
5926 gen_helper_fpush(cpu_env);
5927 gen_helper_fldl2t_ST0(cpu_env);
5928 break;
5929 case 2:
5930 gen_helper_fpush(cpu_env);
5931 gen_helper_fldl2e_ST0(cpu_env);
5932 break;
5933 case 3:
5934 gen_helper_fpush(cpu_env);
5935 gen_helper_fldpi_ST0(cpu_env);
5936 break;
5937 case 4:
5938 gen_helper_fpush(cpu_env);
5939 gen_helper_fldlg2_ST0(cpu_env);
5940 break;
5941 case 5:
5942 gen_helper_fpush(cpu_env);
5943 gen_helper_fldln2_ST0(cpu_env);
5944 break;
5945 case 6:
5946 gen_helper_fpush(cpu_env);
5947 gen_helper_fldz_ST0(cpu_env);
5948 break;
5949 default:
5950 goto illegal_op;
5951 }
5952 }
5953 break;
5954 case 0x0e: /* grp d9/6 */
5955 switch(rm) {
5956 case 0: /* f2xm1 */
5957 gen_helper_f2xm1(cpu_env);
5958 break;
5959 case 1: /* fyl2x */
5960 gen_helper_fyl2x(cpu_env);
5961 break;
5962 case 2: /* fptan */
5963 gen_helper_fptan(cpu_env);
5964 break;
5965 case 3: /* fpatan */
5966 gen_helper_fpatan(cpu_env);
5967 break;
5968 case 4: /* fxtract */
5969 gen_helper_fxtract(cpu_env);
5970 break;
5971 case 5: /* fprem1 */
5972 gen_helper_fprem1(cpu_env);
5973 break;
5974 case 6: /* fdecstp */
5975 gen_helper_fdecstp(cpu_env);
5976 break;
5977 default:
5978 case 7: /* fincstp */
5979 gen_helper_fincstp(cpu_env);
5980 break;
5981 }
5982 break;
5983 case 0x0f: /* grp d9/7 */
5984 switch(rm) {
5985 case 0: /* fprem */
5986 gen_helper_fprem(cpu_env);
5987 break;
5988 case 1: /* fyl2xp1 */
5989 gen_helper_fyl2xp1(cpu_env);
5990 break;
5991 case 2: /* fsqrt */
5992 gen_helper_fsqrt(cpu_env);
5993 break;
5994 case 3: /* fsincos */
5995 gen_helper_fsincos(cpu_env);
5996 break;
5997 case 5: /* fscale */
5998 gen_helper_fscale(cpu_env);
5999 break;
6000 case 4: /* frndint */
6001 gen_helper_frndint(cpu_env);
6002 break;
6003 case 6: /* fsin */
6004 gen_helper_fsin(cpu_env);
6005 break;
6006 default:
6007 case 7: /* fcos */
6008 gen_helper_fcos(cpu_env);
6009 break;
6010 }
6011 break;
6012 case 0x00: case 0x01: case 0x04 ... 0x07: /* fxxx st, sti */
6013 case 0x20: case 0x21: case 0x24 ... 0x27: /* fxxx sti, st */
6014 case 0x30: case 0x31: case 0x34 ... 0x37: /* fxxxp sti, st */
6015 {
6016 int op1;
6017
6018 op1 = op & 7;
6019 if (op >= 0x20) {
6020 gen_helper_fp_arith_STN_ST0(op1, opreg);
6021 if (op >= 0x30)
6022 gen_helper_fpop(cpu_env);
6023 } else {
6024 gen_helper_fmov_FT0_STN(cpu_env, tcg_const_i32(opreg));
6025 gen_helper_fp_arith_ST0_FT0(op1);
6026 }
6027 }
6028 break;
6029 case 0x02: /* fcom */
6030 case 0x22: /* fcom2, undocumented op */
6031 gen_helper_fmov_FT0_STN(cpu_env, tcg_const_i32(opreg));
6032 gen_helper_fcom_ST0_FT0(cpu_env);
6033 break;
6034 case 0x03: /* fcomp */
6035 case 0x23: /* fcomp3, undocumented op */
6036 case 0x32: /* fcomp5, undocumented op */
6037 gen_helper_fmov_FT0_STN(cpu_env, tcg_const_i32(opreg));
6038 gen_helper_fcom_ST0_FT0(cpu_env);
6039 gen_helper_fpop(cpu_env);
6040 break;
6041 case 0x15: /* da/5 */
6042 switch(rm) {
6043 case 1: /* fucompp */
6044 gen_helper_fmov_FT0_STN(cpu_env, tcg_const_i32(1));
6045 gen_helper_fucom_ST0_FT0(cpu_env);
6046 gen_helper_fpop(cpu_env);
6047 gen_helper_fpop(cpu_env);
6048 break;
6049 default:
6050 goto illegal_op;
6051 }
6052 break;
6053 case 0x1c:
6054 switch(rm) {
6055 case 0: /* feni (287 only, just do nop here) */
6056 break;
6057 case 1: /* fdisi (287 only, just do nop here) */
6058 break;
6059 case 2: /* fclex */
6060 gen_helper_fclex(cpu_env);
6061 break;
6062 case 3: /* fninit */
6063 gen_helper_fninit(cpu_env);
6064 break;
6065 case 4: /* fsetpm (287 only, just do nop here) */
6066 break;
6067 default:
6068 goto illegal_op;
6069 }
6070 break;
6071 case 0x1d: /* fucomi */
6072 gen_update_cc_op(s);
6073 gen_helper_fmov_FT0_STN(cpu_env, tcg_const_i32(opreg));
6074 gen_helper_fucomi_ST0_FT0(cpu_env);
6075 set_cc_op(s, CC_OP_EFLAGS);
6076 break;
6077 case 0x1e: /* fcomi */
6078 gen_update_cc_op(s);
6079 gen_helper_fmov_FT0_STN(cpu_env, tcg_const_i32(opreg));
6080 gen_helper_fcomi_ST0_FT0(cpu_env);
6081 set_cc_op(s, CC_OP_EFLAGS);
6082 break;
6083 case 0x28: /* ffree sti */
6084 gen_helper_ffree_STN(cpu_env, tcg_const_i32(opreg));
6085 break;
6086 case 0x2a: /* fst sti */
6087 gen_helper_fmov_STN_ST0(cpu_env, tcg_const_i32(opreg));
6088 break;
6089 case 0x2b: /* fstp sti */
6090 case 0x0b: /* fstp1 sti, undocumented op */
6091 case 0x3a: /* fstp8 sti, undocumented op */
6092 case 0x3b: /* fstp9 sti, undocumented op */
6093 gen_helper_fmov_STN_ST0(cpu_env, tcg_const_i32(opreg));
6094 gen_helper_fpop(cpu_env);
6095 break;
6096 case 0x2c: /* fucom st(i) */
6097 gen_helper_fmov_FT0_STN(cpu_env, tcg_const_i32(opreg));
6098 gen_helper_fucom_ST0_FT0(cpu_env);
6099 break;
6100 case 0x2d: /* fucomp st(i) */
6101 gen_helper_fmov_FT0_STN(cpu_env, tcg_const_i32(opreg));
6102 gen_helper_fucom_ST0_FT0(cpu_env);
6103 gen_helper_fpop(cpu_env);
6104 break;
6105 case 0x33: /* de/3 */
6106 switch(rm) {
6107 case 1: /* fcompp */
6108 gen_helper_fmov_FT0_STN(cpu_env, tcg_const_i32(1));
6109 gen_helper_fcom_ST0_FT0(cpu_env);
6110 gen_helper_fpop(cpu_env);
6111 gen_helper_fpop(cpu_env);
6112 break;
6113 default:
6114 goto illegal_op;
6115 }
6116 break;
6117 case 0x38: /* ffreep sti, undocumented op */
6118 gen_helper_ffree_STN(cpu_env, tcg_const_i32(opreg));
6119 gen_helper_fpop(cpu_env);
6120 break;
6121 case 0x3c: /* df/4 */
6122 switch(rm) {
6123 case 0:
6124 gen_helper_fnstsw(cpu_tmp2_i32, cpu_env);
6125 tcg_gen_extu_i32_tl(cpu_T[0], cpu_tmp2_i32);
6126 gen_op_mov_reg_T0(OT_WORD, R_EAX);
6127 break;
6128 default:
6129 goto illegal_op;
6130 }
6131 break;
6132 case 0x3d: /* fucomip */
6133 gen_update_cc_op(s);
6134 gen_helper_fmov_FT0_STN(cpu_env, tcg_const_i32(opreg));
6135 gen_helper_fucomi_ST0_FT0(cpu_env);
6136 gen_helper_fpop(cpu_env);
6137 set_cc_op(s, CC_OP_EFLAGS);
6138 break;
6139 case 0x3e: /* fcomip */
6140 gen_update_cc_op(s);
6141 gen_helper_fmov_FT0_STN(cpu_env, tcg_const_i32(opreg));
6142 gen_helper_fcomi_ST0_FT0(cpu_env);
6143 gen_helper_fpop(cpu_env);
6144 set_cc_op(s, CC_OP_EFLAGS);
6145 break;
6146 case 0x10 ... 0x13: /* fcmovxx */
6147 case 0x18 ... 0x1b:
6148 {
6149 int op1, l1;
6150 static const uint8_t fcmov_cc[8] = {
6151 (JCC_B << 1),
6152 (JCC_Z << 1),
6153 (JCC_BE << 1),
6154 (JCC_P << 1),
6155 };
6156 op1 = fcmov_cc[op & 3] | (((op >> 3) & 1) ^ 1);
6157 l1 = gen_new_label();
6158 gen_jcc1(s, op1, l1);
6159 gen_helper_fmov_ST0_STN(cpu_env, tcg_const_i32(opreg));
6160 gen_set_label(l1);
6161 }
6162 break;
6163 default:
6164 goto illegal_op;
6165 }
6166 }
6167 break;
6168 /************************/
6169 /* string ops */
6170
6171 case 0xa4: /* movsS */
6172 case 0xa5:
6173 if ((b & 1) == 0)
6174 ot = OT_BYTE;
6175 else
6176 ot = dflag + OT_WORD;
6177
6178 if (prefixes & (PREFIX_REPZ | PREFIX_REPNZ)) {
6179 gen_repz_movs(s, ot, pc_start - s->cs_base, s->pc - s->cs_base);
6180 } else {
6181 gen_movs(s, ot);
6182 }
6183 break;
6184
6185 case 0xaa: /* stosS */
6186 case 0xab:
6187 if ((b & 1) == 0)
6188 ot = OT_BYTE;
6189 else
6190 ot = dflag + OT_WORD;
6191
6192 if (prefixes & (PREFIX_REPZ | PREFIX_REPNZ)) {
6193 gen_repz_stos(s, ot, pc_start - s->cs_base, s->pc - s->cs_base);
6194 } else {
6195 gen_stos(s, ot);
6196 }
6197 break;
6198 case 0xac: /* lodsS */
6199 case 0xad:
6200 if ((b & 1) == 0)
6201 ot = OT_BYTE;
6202 else
6203 ot = dflag + OT_WORD;
6204 if (prefixes & (PREFIX_REPZ | PREFIX_REPNZ)) {
6205 gen_repz_lods(s, ot, pc_start - s->cs_base, s->pc - s->cs_base);
6206 } else {
6207 gen_lods(s, ot);
6208 }
6209 break;
6210 case 0xae: /* scasS */
6211 case 0xaf:
6212 if ((b & 1) == 0)
6213 ot = OT_BYTE;
6214 else
6215 ot = dflag + OT_WORD;
6216 if (prefixes & PREFIX_REPNZ) {
6217 gen_repz_scas(s, ot, pc_start - s->cs_base, s->pc - s->cs_base, 1);
6218 } else if (prefixes & PREFIX_REPZ) {
6219 gen_repz_scas(s, ot, pc_start - s->cs_base, s->pc - s->cs_base, 0);
6220 } else {
6221 gen_scas(s, ot);
6222 }
6223 break;
6224
6225 case 0xa6: /* cmpsS */
6226 case 0xa7:
6227 if ((b & 1) == 0)
6228 ot = OT_BYTE;
6229 else
6230 ot = dflag + OT_WORD;
6231 if (prefixes & PREFIX_REPNZ) {
6232 gen_repz_cmps(s, ot, pc_start - s->cs_base, s->pc - s->cs_base, 1);
6233 } else if (prefixes & PREFIX_REPZ) {
6234 gen_repz_cmps(s, ot, pc_start - s->cs_base, s->pc - s->cs_base, 0);
6235 } else {
6236 gen_cmps(s, ot);
6237 }
6238 break;
6239 case 0x6c: /* insS */
6240 case 0x6d:
6241 if ((b & 1) == 0)
6242 ot = OT_BYTE;
6243 else
6244 ot = dflag ? OT_LONG : OT_WORD;
6245 gen_op_mov_TN_reg(OT_WORD, 0, R_EDX);
6246 gen_op_andl_T0_ffff();
6247 gen_check_io(s, ot, pc_start - s->cs_base,
6248 SVM_IOIO_TYPE_MASK | svm_is_rep(prefixes) | 4);
6249 if (prefixes & (PREFIX_REPZ | PREFIX_REPNZ)) {
6250 gen_repz_ins(s, ot, pc_start - s->cs_base, s->pc - s->cs_base);
6251 } else {
6252 gen_ins(s, ot);
6253 if (use_icount) {
6254 gen_jmp(s, s->pc - s->cs_base);
6255 }
6256 }
6257 break;
6258 case 0x6e: /* outsS */
6259 case 0x6f:
6260 if ((b & 1) == 0)
6261 ot = OT_BYTE;
6262 else
6263 ot = dflag ? OT_LONG : OT_WORD;
6264 gen_op_mov_TN_reg(OT_WORD, 0, R_EDX);
6265 gen_op_andl_T0_ffff();
6266 gen_check_io(s, ot, pc_start - s->cs_base,
6267 svm_is_rep(prefixes) | 4);
6268 if (prefixes & (PREFIX_REPZ | PREFIX_REPNZ)) {
6269 gen_repz_outs(s, ot, pc_start - s->cs_base, s->pc - s->cs_base);
6270 } else {
6271 gen_outs(s, ot);
6272 if (use_icount) {
6273 gen_jmp(s, s->pc - s->cs_base);
6274 }
6275 }
6276 break;
6277
6278 /************************/
6279 /* port I/O */
6280
6281 case 0xe4:
6282 case 0xe5:
6283 if ((b & 1) == 0)
6284 ot = OT_BYTE;
6285 else
6286 ot = dflag ? OT_LONG : OT_WORD;
6287 val = cpu_ldub_code(env, s->pc++);
6288 gen_op_movl_T0_im(val);
6289 gen_check_io(s, ot, pc_start - s->cs_base,
6290 SVM_IOIO_TYPE_MASK | svm_is_rep(prefixes));
6291 if (use_icount)
6292 gen_io_start();
6293 tcg_gen_trunc_tl_i32(cpu_tmp2_i32, cpu_T[0]);
6294 gen_helper_in_func(ot, cpu_T[1], cpu_tmp2_i32);
6295 gen_op_mov_reg_T1(ot, R_EAX);
6296 if (use_icount) {
6297 gen_io_end();
6298 gen_jmp(s, s->pc - s->cs_base);
6299 }
6300 break;
6301 case 0xe6:
6302 case 0xe7:
6303 if ((b & 1) == 0)
6304 ot = OT_BYTE;
6305 else
6306 ot = dflag ? OT_LONG : OT_WORD;
6307 val = cpu_ldub_code(env, s->pc++);
6308 gen_op_movl_T0_im(val);
6309 gen_check_io(s, ot, pc_start - s->cs_base,
6310 svm_is_rep(prefixes));
6311 gen_op_mov_TN_reg(ot, 1, R_EAX);
6312
6313 if (use_icount)
6314 gen_io_start();
6315 tcg_gen_trunc_tl_i32(cpu_tmp2_i32, cpu_T[0]);
6316 tcg_gen_trunc_tl_i32(cpu_tmp3_i32, cpu_T[1]);
6317 gen_helper_out_func(ot, cpu_tmp2_i32, cpu_tmp3_i32);
6318 if (use_icount) {
6319 gen_io_end();
6320 gen_jmp(s, s->pc - s->cs_base);
6321 }
6322 break;
6323 case 0xec:
6324 case 0xed:
6325 if ((b & 1) == 0)
6326 ot = OT_BYTE;
6327 else
6328 ot = dflag ? OT_LONG : OT_WORD;
6329 gen_op_mov_TN_reg(OT_WORD, 0, R_EDX);
6330 gen_op_andl_T0_ffff();
6331 gen_check_io(s, ot, pc_start - s->cs_base,
6332 SVM_IOIO_TYPE_MASK | svm_is_rep(prefixes));
6333 if (use_icount)
6334 gen_io_start();
6335 tcg_gen_trunc_tl_i32(cpu_tmp2_i32, cpu_T[0]);
6336 gen_helper_in_func(ot, cpu_T[1], cpu_tmp2_i32);
6337 gen_op_mov_reg_T1(ot, R_EAX);
6338 if (use_icount) {
6339 gen_io_end();
6340 gen_jmp(s, s->pc - s->cs_base);
6341 }
6342 break;
6343 case 0xee:
6344 case 0xef:
6345 if ((b & 1) == 0)
6346 ot = OT_BYTE;
6347 else
6348 ot = dflag ? OT_LONG : OT_WORD;
6349 gen_op_mov_TN_reg(OT_WORD, 0, R_EDX);
6350 gen_op_andl_T0_ffff();
6351 gen_check_io(s, ot, pc_start - s->cs_base,
6352 svm_is_rep(prefixes));
6353 gen_op_mov_TN_reg(ot, 1, R_EAX);
6354
6355 if (use_icount)
6356 gen_io_start();
6357 tcg_gen_trunc_tl_i32(cpu_tmp2_i32, cpu_T[0]);
6358 tcg_gen_trunc_tl_i32(cpu_tmp3_i32, cpu_T[1]);
6359 gen_helper_out_func(ot, cpu_tmp2_i32, cpu_tmp3_i32);
6360 if (use_icount) {
6361 gen_io_end();
6362 gen_jmp(s, s->pc - s->cs_base);
6363 }
6364 break;
6365
6366 /************************/
6367 /* control */
6368 case 0xc2: /* ret im */
6369 val = cpu_ldsw_code(env, s->pc);
6370 s->pc += 2;
6371 gen_pop_T0(s);
6372 if (CODE64(s) && s->dflag)
6373 s->dflag = 2;
6374 gen_stack_update(s, val + (2 << s->dflag));
6375 if (s->dflag == 0)
6376 gen_op_andl_T0_ffff();
6377 gen_op_jmp_T0();
6378 gen_eob(s);
6379 break;
6380 case 0xc3: /* ret */
6381 gen_pop_T0(s);
6382 gen_pop_update(s);
6383 if (s->dflag == 0)
6384 gen_op_andl_T0_ffff();
6385 gen_op_jmp_T0();
6386 gen_eob(s);
6387 break;
6388 case 0xca: /* lret im */
6389 val = cpu_ldsw_code(env, s->pc);
6390 s->pc += 2;
6391 do_lret:
6392 if (s->pe && !s->vm86) {
6393 gen_update_cc_op(s);
6394 gen_jmp_im(pc_start - s->cs_base);
6395 gen_helper_lret_protected(cpu_env, tcg_const_i32(s->dflag),
6396 tcg_const_i32(val));
6397 } else {
6398 gen_stack_A0(s);
6399 /* pop offset */
6400 gen_op_ld_T0_A0(1 + s->dflag + s->mem_index);
6401 if (s->dflag == 0)
6402 gen_op_andl_T0_ffff();
6403 /* NOTE: keeping EIP updated is not a problem in case of
6404 exception */
6405 gen_op_jmp_T0();
6406 /* pop selector */
6407 gen_op_addl_A0_im(2 << s->dflag);
6408 gen_op_ld_T0_A0(1 + s->dflag + s->mem_index);
6409 gen_op_movl_seg_T0_vm(R_CS);
6410 /* add stack offset */
6411 gen_stack_update(s, val + (4 << s->dflag));
6412 }
6413 gen_eob(s);
6414 break;
6415 case 0xcb: /* lret */
6416 val = 0;
6417 goto do_lret;
6418 case 0xcf: /* iret */
6419 gen_svm_check_intercept(s, pc_start, SVM_EXIT_IRET);
6420 if (!s->pe) {
6421 /* real mode */
6422 gen_helper_iret_real(cpu_env, tcg_const_i32(s->dflag));
6423 set_cc_op(s, CC_OP_EFLAGS);
6424 } else if (s->vm86) {
6425 if (s->iopl != 3) {
6426 gen_exception(s, EXCP0D_GPF, pc_start - s->cs_base);
6427 } else {
6428 gen_helper_iret_real(cpu_env, tcg_const_i32(s->dflag));
6429 set_cc_op(s, CC_OP_EFLAGS);
6430 }
6431 } else {
6432 gen_update_cc_op(s);
6433 gen_jmp_im(pc_start - s->cs_base);
6434 gen_helper_iret_protected(cpu_env, tcg_const_i32(s->dflag),
6435 tcg_const_i32(s->pc - s->cs_base));
6436 set_cc_op(s, CC_OP_EFLAGS);
6437 }
6438 gen_eob(s);
6439 break;
6440 case 0xe8: /* call im */
6441 {
6442 if (dflag)
6443 tval = (int32_t)insn_get(env, s, OT_LONG);
6444 else
6445 tval = (int16_t)insn_get(env, s, OT_WORD);
6446 next_eip = s->pc - s->cs_base;
6447 tval += next_eip;
6448 if (s->dflag == 0)
6449 tval &= 0xffff;
6450 else if(!CODE64(s))
6451 tval &= 0xffffffff;
6452 gen_movtl_T0_im(next_eip);
6453 gen_push_T0(s);
6454 gen_jmp(s, tval);
6455 }
6456 break;
6457 case 0x9a: /* lcall im */
6458 {
6459 unsigned int selector, offset;
6460
6461 if (CODE64(s))
6462 goto illegal_op;
6463 ot = dflag ? OT_LONG : OT_WORD;
6464 offset = insn_get(env, s, ot);
6465 selector = insn_get(env, s, OT_WORD);
6466
6467 gen_op_movl_T0_im(selector);
6468 gen_op_movl_T1_imu(offset);
6469 }
6470 goto do_lcall;
6471 case 0xe9: /* jmp im */
6472 if (dflag)
6473 tval = (int32_t)insn_get(env, s, OT_LONG);
6474 else
6475 tval = (int16_t)insn_get(env, s, OT_WORD);
6476 tval += s->pc - s->cs_base;
6477 if (s->dflag == 0)
6478 tval &= 0xffff;
6479 else if(!CODE64(s))
6480 tval &= 0xffffffff;
6481 gen_jmp(s, tval);
6482 break;
6483 case 0xea: /* ljmp im */
6484 {
6485 unsigned int selector, offset;
6486
6487 if (CODE64(s))
6488 goto illegal_op;
6489 ot = dflag ? OT_LONG : OT_WORD;
6490 offset = insn_get(env, s, ot);
6491 selector = insn_get(env, s, OT_WORD);
6492
6493 gen_op_movl_T0_im(selector);
6494 gen_op_movl_T1_imu(offset);
6495 }
6496 goto do_ljmp;
6497 case 0xeb: /* jmp Jb */
6498 tval = (int8_t)insn_get(env, s, OT_BYTE);
6499 tval += s->pc - s->cs_base;
6500 if (s->dflag == 0)
6501 tval &= 0xffff;
6502 gen_jmp(s, tval);
6503 break;
6504 case 0x70 ... 0x7f: /* jcc Jb */
6505 tval = (int8_t)insn_get(env, s, OT_BYTE);
6506 goto do_jcc;
6507 case 0x180 ... 0x18f: /* jcc Jv */
6508 if (dflag) {
6509 tval = (int32_t)insn_get(env, s, OT_LONG);
6510 } else {
6511 tval = (int16_t)insn_get(env, s, OT_WORD);
6512 }
6513 do_jcc:
6514 next_eip = s->pc - s->cs_base;
6515 tval += next_eip;
6516 if (s->dflag == 0)
6517 tval &= 0xffff;
6518 gen_jcc(s, b, tval, next_eip);
6519 break;
6520
6521 case 0x190 ... 0x19f: /* setcc Gv */
6522 modrm = cpu_ldub_code(env, s->pc++);
6523 gen_setcc(s, b);
6524 gen_ldst_modrm(env, s, modrm, OT_BYTE, OR_TMP0, 1);
6525 break;
6526 case 0x140 ... 0x14f: /* cmov Gv, Ev */
6527 {
6528 int l1;
6529 TCGv t0;
6530
6531 ot = dflag + OT_WORD;
6532 modrm = cpu_ldub_code(env, s->pc++);
6533 reg = ((modrm >> 3) & 7) | rex_r;
6534 mod = (modrm >> 6) & 3;
6535 t0 = tcg_temp_local_new();
6536 if (mod != 3) {
6537 gen_lea_modrm(env, s, modrm, &reg_addr, &offset_addr);
6538 gen_op_ld_v(ot + s->mem_index, t0, cpu_A0);
6539 } else {
6540 rm = (modrm & 7) | REX_B(s);
6541 gen_op_mov_v_reg(ot, t0, rm);
6542 }
6543 #ifdef TARGET_X86_64
6544 if (ot == OT_LONG) {
6545 /* XXX: specific Intel behaviour ? */
6546 l1 = gen_new_label();
6547 gen_jcc1(s, b ^ 1, l1);
6548 tcg_gen_mov_tl(cpu_regs[reg], t0);
6549 gen_set_label(l1);
6550 tcg_gen_ext32u_tl(cpu_regs[reg], cpu_regs[reg]);
6551 } else
6552 #endif
6553 {
6554 l1 = gen_new_label();
6555 gen_jcc1(s, b ^ 1, l1);
6556 gen_op_mov_reg_v(ot, reg, t0);
6557 gen_set_label(l1);
6558 }
6559 tcg_temp_free(t0);
6560 }
6561 break;
6562
6563 /************************/
6564 /* flags */
6565 case 0x9c: /* pushf */
6566 gen_svm_check_intercept(s, pc_start, SVM_EXIT_PUSHF);
6567 if (s->vm86 && s->iopl != 3) {
6568 gen_exception(s, EXCP0D_GPF, pc_start - s->cs_base);
6569 } else {
6570 gen_update_cc_op(s);
6571 gen_helper_read_eflags(cpu_T[0], cpu_env);
6572 gen_push_T0(s);
6573 }
6574 break;
6575 case 0x9d: /* popf */
6576 gen_svm_check_intercept(s, pc_start, SVM_EXIT_POPF);
6577 if (s->vm86 && s->iopl != 3) {
6578 gen_exception(s, EXCP0D_GPF, pc_start - s->cs_base);
6579 } else {
6580 gen_pop_T0(s);
6581 if (s->cpl == 0) {
6582 if (s->dflag) {
6583 gen_helper_write_eflags(cpu_env, cpu_T[0],
6584 tcg_const_i32((TF_MASK | AC_MASK |
6585 ID_MASK | NT_MASK |
6586 IF_MASK |
6587 IOPL_MASK)));
6588 } else {
6589 gen_helper_write_eflags(cpu_env, cpu_T[0],
6590 tcg_const_i32((TF_MASK | AC_MASK |
6591 ID_MASK | NT_MASK |
6592 IF_MASK | IOPL_MASK)
6593 & 0xffff));
6594 }
6595 } else {
6596 if (s->cpl <= s->iopl) {
6597 if (s->dflag) {
6598 gen_helper_write_eflags(cpu_env, cpu_T[0],
6599 tcg_const_i32((TF_MASK |
6600 AC_MASK |
6601 ID_MASK |
6602 NT_MASK |
6603 IF_MASK)));
6604 } else {
6605 gen_helper_write_eflags(cpu_env, cpu_T[0],
6606 tcg_const_i32((TF_MASK |
6607 AC_MASK |
6608 ID_MASK |
6609 NT_MASK |
6610 IF_MASK)
6611 & 0xffff));
6612 }
6613 } else {
6614 if (s->dflag) {
6615 gen_helper_write_eflags(cpu_env, cpu_T[0],
6616 tcg_const_i32((TF_MASK | AC_MASK |
6617 ID_MASK | NT_MASK)));
6618 } else {
6619 gen_helper_write_eflags(cpu_env, cpu_T[0],
6620 tcg_const_i32((TF_MASK | AC_MASK |
6621 ID_MASK | NT_MASK)
6622 & 0xffff));
6623 }
6624 }
6625 }
6626 gen_pop_update(s);
6627 set_cc_op(s, CC_OP_EFLAGS);
6628 /* abort translation because TF/AC flag may change */
6629 gen_jmp_im(s->pc - s->cs_base);
6630 gen_eob(s);
6631 }
6632 break;
6633 case 0x9e: /* sahf */
6634 if (CODE64(s) && !(s->cpuid_ext3_features & CPUID_EXT3_LAHF_LM))
6635 goto illegal_op;
6636 gen_op_mov_TN_reg(OT_BYTE, 0, R_AH);
6637 gen_compute_eflags(s);
6638 tcg_gen_andi_tl(cpu_cc_src, cpu_cc_src, CC_O);
6639 tcg_gen_andi_tl(cpu_T[0], cpu_T[0], CC_S | CC_Z | CC_A | CC_P | CC_C);
6640 tcg_gen_or_tl(cpu_cc_src, cpu_cc_src, cpu_T[0]);
6641 break;
6642 case 0x9f: /* lahf */
6643 if (CODE64(s) && !(s->cpuid_ext3_features & CPUID_EXT3_LAHF_LM))
6644 goto illegal_op;
6645 gen_compute_eflags(s);
6646 /* Note: gen_compute_eflags() only gives the condition codes */
6647 tcg_gen_ori_tl(cpu_T[0], cpu_cc_src, 0x02);
6648 gen_op_mov_reg_T0(OT_BYTE, R_AH);
6649 break;
6650 case 0xf5: /* cmc */
6651 gen_compute_eflags(s);
6652 tcg_gen_xori_tl(cpu_cc_src, cpu_cc_src, CC_C);
6653 break;
6654 case 0xf8: /* clc */
6655 gen_compute_eflags(s);
6656 tcg_gen_andi_tl(cpu_cc_src, cpu_cc_src, ~CC_C);
6657 break;
6658 case 0xf9: /* stc */
6659 gen_compute_eflags(s);
6660 tcg_gen_ori_tl(cpu_cc_src, cpu_cc_src, CC_C);
6661 break;
6662 case 0xfc: /* cld */
6663 tcg_gen_movi_i32(cpu_tmp2_i32, 1);
6664 tcg_gen_st_i32(cpu_tmp2_i32, cpu_env, offsetof(CPUX86State, df));
6665 break;
6666 case 0xfd: /* std */
6667 tcg_gen_movi_i32(cpu_tmp2_i32, -1);
6668 tcg_gen_st_i32(cpu_tmp2_i32, cpu_env, offsetof(CPUX86State, df));
6669 break;
6670
6671 /************************/
6672 /* bit operations */
6673 case 0x1ba: /* bt/bts/btr/btc Gv, im */
6674 ot = dflag + OT_WORD;
6675 modrm = cpu_ldub_code(env, s->pc++);
6676 op = (modrm >> 3) & 7;
6677 mod = (modrm >> 6) & 3;
6678 rm = (modrm & 7) | REX_B(s);
6679 if (mod != 3) {
6680 s->rip_offset = 1;
6681 gen_lea_modrm(env, s, modrm, &reg_addr, &offset_addr);
6682 gen_op_ld_T0_A0(ot + s->mem_index);
6683 } else {
6684 gen_op_mov_TN_reg(ot, 0, rm);
6685 }
6686 /* load shift */
6687 val = cpu_ldub_code(env, s->pc++);
6688 gen_op_movl_T1_im(val);
6689 if (op < 4)
6690 goto illegal_op;
6691 op -= 4;
6692 goto bt_op;
6693 case 0x1a3: /* bt Gv, Ev */
6694 op = 0;
6695 goto do_btx;
6696 case 0x1ab: /* bts */
6697 op = 1;
6698 goto do_btx;
6699 case 0x1b3: /* btr */
6700 op = 2;
6701 goto do_btx;
6702 case 0x1bb: /* btc */
6703 op = 3;
6704 do_btx:
6705 ot = dflag + OT_WORD;
6706 modrm = cpu_ldub_code(env, s->pc++);
6707 reg = ((modrm >> 3) & 7) | rex_r;
6708 mod = (modrm >> 6) & 3;
6709 rm = (modrm & 7) | REX_B(s);
6710 gen_op_mov_TN_reg(OT_LONG, 1, reg);
6711 if (mod != 3) {
6712 gen_lea_modrm(env, s, modrm, &reg_addr, &offset_addr);
6713 /* specific case: we need to add a displacement */
6714 gen_exts(ot, cpu_T[1]);
6715 tcg_gen_sari_tl(cpu_tmp0, cpu_T[1], 3 + ot);
6716 tcg_gen_shli_tl(cpu_tmp0, cpu_tmp0, ot);
6717 tcg_gen_add_tl(cpu_A0, cpu_A0, cpu_tmp0);
6718 gen_op_ld_T0_A0(ot + s->mem_index);
6719 } else {
6720 gen_op_mov_TN_reg(ot, 0, rm);
6721 }
6722 bt_op:
6723 tcg_gen_andi_tl(cpu_T[1], cpu_T[1], (1 << (3 + ot)) - 1);
6724 switch(op) {
6725 case 0:
6726 tcg_gen_shr_tl(cpu_cc_src, cpu_T[0], cpu_T[1]);
6727 tcg_gen_movi_tl(cpu_cc_dst, 0);
6728 break;
6729 case 1:
6730 tcg_gen_shr_tl(cpu_tmp4, cpu_T[0], cpu_T[1]);
6731 tcg_gen_movi_tl(cpu_tmp0, 1);
6732 tcg_gen_shl_tl(cpu_tmp0, cpu_tmp0, cpu_T[1]);
6733 tcg_gen_or_tl(cpu_T[0], cpu_T[0], cpu_tmp0);
6734 break;
6735 case 2:
6736 tcg_gen_shr_tl(cpu_tmp4, cpu_T[0], cpu_T[1]);
6737 tcg_gen_movi_tl(cpu_tmp0, 1);
6738 tcg_gen_shl_tl(cpu_tmp0, cpu_tmp0, cpu_T[1]);
6739 tcg_gen_not_tl(cpu_tmp0, cpu_tmp0);
6740 tcg_gen_and_tl(cpu_T[0], cpu_T[0], cpu_tmp0);
6741 break;
6742 default:
6743 case 3:
6744 tcg_gen_shr_tl(cpu_tmp4, cpu_T[0], cpu_T[1]);
6745 tcg_gen_movi_tl(cpu_tmp0, 1);
6746 tcg_gen_shl_tl(cpu_tmp0, cpu_tmp0, cpu_T[1]);
6747 tcg_gen_xor_tl(cpu_T[0], cpu_T[0], cpu_tmp0);
6748 break;
6749 }
6750 set_cc_op(s, CC_OP_SARB + ot);
6751 if (op != 0) {
6752 if (mod != 3)
6753 gen_op_st_T0_A0(ot + s->mem_index);
6754 else
6755 gen_op_mov_reg_T0(ot, rm);
6756 tcg_gen_mov_tl(cpu_cc_src, cpu_tmp4);
6757 tcg_gen_movi_tl(cpu_cc_dst, 0);
6758 }
6759 break;
6760 case 0x1bc: /* bsf */
6761 case 0x1bd: /* bsr */
6762 {
6763 int label1;
6764 TCGv t0;
6765
6766 ot = dflag + OT_WORD;
6767 modrm = cpu_ldub_code(env, s->pc++);
6768 reg = ((modrm >> 3) & 7) | rex_r;
6769 gen_ldst_modrm(env, s,modrm, ot, OR_TMP0, 0);
6770 gen_extu(ot, cpu_T[0]);
6771 t0 = tcg_temp_local_new();
6772 tcg_gen_mov_tl(t0, cpu_T[0]);
6773 if ((b & 1) && (prefixes & PREFIX_REPZ) &&
6774 (s->cpuid_ext3_features & CPUID_EXT3_ABM)) {
6775 switch(ot) {
6776 case OT_WORD: gen_helper_lzcnt(cpu_T[0], t0,
6777 tcg_const_i32(16)); break;
6778 case OT_LONG: gen_helper_lzcnt(cpu_T[0], t0,
6779 tcg_const_i32(32)); break;
6780 case OT_QUAD: gen_helper_lzcnt(cpu_T[0], t0,
6781 tcg_const_i32(64)); break;
6782 }
6783 gen_op_mov_reg_T0(ot, reg);
6784 } else {
6785 label1 = gen_new_label();
6786 tcg_gen_movi_tl(cpu_cc_dst, 0);
6787 tcg_gen_brcondi_tl(TCG_COND_EQ, t0, 0, label1);
6788 if (b & 1) {
6789 gen_helper_bsr(cpu_T[0], t0);
6790 } else {
6791 gen_helper_bsf(cpu_T[0], t0);
6792 }
6793 gen_op_mov_reg_T0(ot, reg);
6794 tcg_gen_movi_tl(cpu_cc_dst, 1);
6795 gen_set_label(label1);
6796 set_cc_op(s, CC_OP_LOGICB + ot);
6797 }
6798 tcg_temp_free(t0);
6799 }
6800 break;
6801 /************************/
6802 /* bcd */
6803 case 0x27: /* daa */
6804 if (CODE64(s))
6805 goto illegal_op;
6806 gen_update_cc_op(s);
6807 gen_helper_daa(cpu_env);
6808 set_cc_op(s, CC_OP_EFLAGS);
6809 break;
6810 case 0x2f: /* das */
6811 if (CODE64(s))
6812 goto illegal_op;
6813 gen_update_cc_op(s);
6814 gen_helper_das(cpu_env);
6815 set_cc_op(s, CC_OP_EFLAGS);
6816 break;
6817 case 0x37: /* aaa */
6818 if (CODE64(s))
6819 goto illegal_op;
6820 gen_update_cc_op(s);
6821 gen_helper_aaa(cpu_env);
6822 set_cc_op(s, CC_OP_EFLAGS);
6823 break;
6824 case 0x3f: /* aas */
6825 if (CODE64(s))
6826 goto illegal_op;
6827 gen_update_cc_op(s);
6828 gen_helper_aas(cpu_env);
6829 set_cc_op(s, CC_OP_EFLAGS);
6830 break;
6831 case 0xd4: /* aam */
6832 if (CODE64(s))
6833 goto illegal_op;
6834 val = cpu_ldub_code(env, s->pc++);
6835 if (val == 0) {
6836 gen_exception(s, EXCP00_DIVZ, pc_start - s->cs_base);
6837 } else {
6838 gen_helper_aam(cpu_env, tcg_const_i32(val));
6839 set_cc_op(s, CC_OP_LOGICB);
6840 }
6841 break;
6842 case 0xd5: /* aad */
6843 if (CODE64(s))
6844 goto illegal_op;
6845 val = cpu_ldub_code(env, s->pc++);
6846 gen_helper_aad(cpu_env, tcg_const_i32(val));
6847 set_cc_op(s, CC_OP_LOGICB);
6848 break;
6849 /************************/
6850 /* misc */
6851 case 0x90: /* nop */
6852 /* XXX: correct lock test for all insn */
6853 if (prefixes & PREFIX_LOCK) {
6854 goto illegal_op;
6855 }
6856 /* If REX_B is set, then this is xchg eax, r8d, not a nop. */
6857 if (REX_B(s)) {
6858 goto do_xchg_reg_eax;
6859 }
6860 if (prefixes & PREFIX_REPZ) {
6861 gen_svm_check_intercept(s, pc_start, SVM_EXIT_PAUSE);
6862 }
6863 break;
6864 case 0x9b: /* fwait */
6865 if ((s->flags & (HF_MP_MASK | HF_TS_MASK)) ==
6866 (HF_MP_MASK | HF_TS_MASK)) {
6867 gen_exception(s, EXCP07_PREX, pc_start - s->cs_base);
6868 } else {
6869 gen_update_cc_op(s);
6870 gen_jmp_im(pc_start - s->cs_base);
6871 gen_helper_fwait(cpu_env);
6872 }
6873 break;
6874 case 0xcc: /* int3 */
6875 gen_interrupt(s, EXCP03_INT3, pc_start - s->cs_base, s->pc - s->cs_base);
6876 break;
6877 case 0xcd: /* int N */
6878 val = cpu_ldub_code(env, s->pc++);
6879 if (s->vm86 && s->iopl != 3) {
6880 gen_exception(s, EXCP0D_GPF, pc_start - s->cs_base);
6881 } else {
6882 gen_interrupt(s, val, pc_start - s->cs_base, s->pc - s->cs_base);
6883 }
6884 break;
6885 case 0xce: /* into */
6886 if (CODE64(s))
6887 goto illegal_op;
6888 gen_update_cc_op(s);
6889 gen_jmp_im(pc_start - s->cs_base);
6890 gen_helper_into(cpu_env, tcg_const_i32(s->pc - pc_start));
6891 break;
6892 #ifdef WANT_ICEBP
6893 case 0xf1: /* icebp (undocumented, exits to external debugger) */
6894 gen_svm_check_intercept(s, pc_start, SVM_EXIT_ICEBP);
6895 #if 1
6896 gen_debug(s, pc_start - s->cs_base);
6897 #else
6898 /* start debug */
6899 tb_flush(env);
6900 qemu_set_log(CPU_LOG_INT | CPU_LOG_TB_IN_ASM);
6901 #endif
6902 break;
6903 #endif
6904 case 0xfa: /* cli */
6905 if (!s->vm86) {
6906 if (s->cpl <= s->iopl) {
6907 gen_helper_cli(cpu_env);
6908 } else {
6909 gen_exception(s, EXCP0D_GPF, pc_start - s->cs_base);
6910 }
6911 } else {
6912 if (s->iopl == 3) {
6913 gen_helper_cli(cpu_env);
6914 } else {
6915 gen_exception(s, EXCP0D_GPF, pc_start - s->cs_base);
6916 }
6917 }
6918 break;
6919 case 0xfb: /* sti */
6920 if (!s->vm86) {
6921 if (s->cpl <= s->iopl) {
6922 gen_sti:
6923 gen_helper_sti(cpu_env);
6924 /* interruptions are enabled only the first insn after sti */
6925 /* If several instructions disable interrupts, only the
6926 _first_ does it */
6927 if (!(s->tb->flags & HF_INHIBIT_IRQ_MASK))
6928 gen_helper_set_inhibit_irq(cpu_env);
6929 /* give a chance to handle pending irqs */
6930 gen_jmp_im(s->pc - s->cs_base);
6931 gen_eob(s);
6932 } else {
6933 gen_exception(s, EXCP0D_GPF, pc_start - s->cs_base);
6934 }
6935 } else {
6936 if (s->iopl == 3) {
6937 goto gen_sti;
6938 } else {
6939 gen_exception(s, EXCP0D_GPF, pc_start - s->cs_base);
6940 }
6941 }
6942 break;
6943 case 0x62: /* bound */
6944 if (CODE64(s))
6945 goto illegal_op;
6946 ot = dflag ? OT_LONG : OT_WORD;
6947 modrm = cpu_ldub_code(env, s->pc++);
6948 reg = (modrm >> 3) & 7;
6949 mod = (modrm >> 6) & 3;
6950 if (mod == 3)
6951 goto illegal_op;
6952 gen_op_mov_TN_reg(ot, 0, reg);
6953 gen_lea_modrm(env, s, modrm, &reg_addr, &offset_addr);
6954 gen_jmp_im(pc_start - s->cs_base);
6955 tcg_gen_trunc_tl_i32(cpu_tmp2_i32, cpu_T[0]);
6956 if (ot == OT_WORD) {
6957 gen_helper_boundw(cpu_env, cpu_A0, cpu_tmp2_i32);
6958 } else {
6959 gen_helper_boundl(cpu_env, cpu_A0, cpu_tmp2_i32);
6960 }
6961 break;
6962 case 0x1c8 ... 0x1cf: /* bswap reg */
6963 reg = (b & 7) | REX_B(s);
6964 #ifdef TARGET_X86_64
6965 if (dflag == 2) {
6966 gen_op_mov_TN_reg(OT_QUAD, 0, reg);
6967 tcg_gen_bswap64_i64(cpu_T[0], cpu_T[0]);
6968 gen_op_mov_reg_T0(OT_QUAD, reg);
6969 } else
6970 #endif
6971 {
6972 gen_op_mov_TN_reg(OT_LONG, 0, reg);
6973 tcg_gen_ext32u_tl(cpu_T[0], cpu_T[0]);
6974 tcg_gen_bswap32_tl(cpu_T[0], cpu_T[0]);
6975 gen_op_mov_reg_T0(OT_LONG, reg);
6976 }
6977 break;
6978 case 0xd6: /* salc */
6979 if (CODE64(s))
6980 goto illegal_op;
6981 gen_compute_eflags_c(s, cpu_T[0], false);
6982 tcg_gen_neg_tl(cpu_T[0], cpu_T[0]);
6983 gen_op_mov_reg_T0(OT_BYTE, R_EAX);
6984 break;
6985 case 0xe0: /* loopnz */
6986 case 0xe1: /* loopz */
6987 case 0xe2: /* loop */
6988 case 0xe3: /* jecxz */
6989 {
6990 int l1, l2, l3;
6991
6992 tval = (int8_t)insn_get(env, s, OT_BYTE);
6993 next_eip = s->pc - s->cs_base;
6994 tval += next_eip;
6995 if (s->dflag == 0)
6996 tval &= 0xffff;
6997
6998 l1 = gen_new_label();
6999 l2 = gen_new_label();
7000 l3 = gen_new_label();
7001 b &= 3;
7002 switch(b) {
7003 case 0: /* loopnz */
7004 case 1: /* loopz */
7005 gen_op_add_reg_im(s->aflag, R_ECX, -1);
7006 gen_op_jz_ecx(s->aflag, l3);
7007 gen_jcc1(s, (JCC_Z << 1) | (b ^ 1), l1);
7008 break;
7009 case 2: /* loop */
7010 gen_op_add_reg_im(s->aflag, R_ECX, -1);
7011 gen_op_jnz_ecx(s->aflag, l1);
7012 break;
7013 default:
7014 case 3: /* jcxz */
7015 gen_op_jz_ecx(s->aflag, l1);
7016 break;
7017 }
7018
7019 gen_set_label(l3);
7020 gen_jmp_im(next_eip);
7021 tcg_gen_br(l2);
7022
7023 gen_set_label(l1);
7024 gen_jmp_im(tval);
7025 gen_set_label(l2);
7026 gen_eob(s);
7027 }
7028 break;
7029 case 0x130: /* wrmsr */
7030 case 0x132: /* rdmsr */
7031 if (s->cpl != 0) {
7032 gen_exception(s, EXCP0D_GPF, pc_start - s->cs_base);
7033 } else {
7034 gen_update_cc_op(s);
7035 gen_jmp_im(pc_start - s->cs_base);
7036 if (b & 2) {
7037 gen_helper_rdmsr(cpu_env);
7038 } else {
7039 gen_helper_wrmsr(cpu_env);
7040 }
7041 }
7042 break;
7043 case 0x131: /* rdtsc */
7044 gen_update_cc_op(s);
7045 gen_jmp_im(pc_start - s->cs_base);
7046 if (use_icount)
7047 gen_io_start();
7048 gen_helper_rdtsc(cpu_env);
7049 if (use_icount) {
7050 gen_io_end();
7051 gen_jmp(s, s->pc - s->cs_base);
7052 }
7053 break;
7054 case 0x133: /* rdpmc */
7055 gen_update_cc_op(s);
7056 gen_jmp_im(pc_start - s->cs_base);
7057 gen_helper_rdpmc(cpu_env);
7058 break;
7059 case 0x134: /* sysenter */
7060 /* For Intel SYSENTER is valid on 64-bit */
7061 if (CODE64(s) && env->cpuid_vendor1 != CPUID_VENDOR_INTEL_1)
7062 goto illegal_op;
7063 if (!s->pe) {
7064 gen_exception(s, EXCP0D_GPF, pc_start - s->cs_base);
7065 } else {
7066 gen_update_cc_op(s);
7067 gen_jmp_im(pc_start - s->cs_base);
7068 gen_helper_sysenter(cpu_env);
7069 gen_eob(s);
7070 }
7071 break;
7072 case 0x135: /* sysexit */
7073 /* For Intel SYSEXIT is valid on 64-bit */
7074 if (CODE64(s) && env->cpuid_vendor1 != CPUID_VENDOR_INTEL_1)
7075 goto illegal_op;
7076 if (!s->pe) {
7077 gen_exception(s, EXCP0D_GPF, pc_start - s->cs_base);
7078 } else {
7079 gen_update_cc_op(s);
7080 gen_jmp_im(pc_start - s->cs_base);
7081 gen_helper_sysexit(cpu_env, tcg_const_i32(dflag));
7082 gen_eob(s);
7083 }
7084 break;
7085 #ifdef TARGET_X86_64
7086 case 0x105: /* syscall */
7087 /* XXX: is it usable in real mode ? */
7088 gen_update_cc_op(s);
7089 gen_jmp_im(pc_start - s->cs_base);
7090 gen_helper_syscall(cpu_env, tcg_const_i32(s->pc - pc_start));
7091 gen_eob(s);
7092 break;
7093 case 0x107: /* sysret */
7094 if (!s->pe) {
7095 gen_exception(s, EXCP0D_GPF, pc_start - s->cs_base);
7096 } else {
7097 gen_update_cc_op(s);
7098 gen_jmp_im(pc_start - s->cs_base);
7099 gen_helper_sysret(cpu_env, tcg_const_i32(s->dflag));
7100 /* condition codes are modified only in long mode */
7101 if (s->lma) {
7102 set_cc_op(s, CC_OP_EFLAGS);
7103 }
7104 gen_eob(s);
7105 }
7106 break;
7107 #endif
7108 case 0x1a2: /* cpuid */
7109 gen_update_cc_op(s);
7110 gen_jmp_im(pc_start - s->cs_base);
7111 gen_helper_cpuid(cpu_env);
7112 break;
7113 case 0xf4: /* hlt */
7114 if (s->cpl != 0) {
7115 gen_exception(s, EXCP0D_GPF, pc_start - s->cs_base);
7116 } else {
7117 gen_update_cc_op(s);
7118 gen_jmp_im(pc_start - s->cs_base);
7119 gen_helper_hlt(cpu_env, tcg_const_i32(s->pc - pc_start));
7120 s->is_jmp = DISAS_TB_JUMP;
7121 }
7122 break;
7123 case 0x100:
7124 modrm = cpu_ldub_code(env, s->pc++);
7125 mod = (modrm >> 6) & 3;
7126 op = (modrm >> 3) & 7;
7127 switch(op) {
7128 case 0: /* sldt */
7129 if (!s->pe || s->vm86)
7130 goto illegal_op;
7131 gen_svm_check_intercept(s, pc_start, SVM_EXIT_LDTR_READ);
7132 tcg_gen_ld32u_tl(cpu_T[0], cpu_env, offsetof(CPUX86State,ldt.selector));
7133 ot = OT_WORD;
7134 if (mod == 3)
7135 ot += s->dflag;
7136 gen_ldst_modrm(env, s, modrm, ot, OR_TMP0, 1);
7137 break;
7138 case 2: /* lldt */
7139 if (!s->pe || s->vm86)
7140 goto illegal_op;
7141 if (s->cpl != 0) {
7142 gen_exception(s, EXCP0D_GPF, pc_start - s->cs_base);
7143 } else {
7144 gen_svm_check_intercept(s, pc_start, SVM_EXIT_LDTR_WRITE);
7145 gen_ldst_modrm(env, s, modrm, OT_WORD, OR_TMP0, 0);
7146 gen_jmp_im(pc_start - s->cs_base);
7147 tcg_gen_trunc_tl_i32(cpu_tmp2_i32, cpu_T[0]);
7148 gen_helper_lldt(cpu_env, cpu_tmp2_i32);
7149 }
7150 break;
7151 case 1: /* str */
7152 if (!s->pe || s->vm86)
7153 goto illegal_op;
7154 gen_svm_check_intercept(s, pc_start, SVM_EXIT_TR_READ);
7155 tcg_gen_ld32u_tl(cpu_T[0], cpu_env, offsetof(CPUX86State,tr.selector));
7156 ot = OT_WORD;
7157 if (mod == 3)
7158 ot += s->dflag;
7159 gen_ldst_modrm(env, s, modrm, ot, OR_TMP0, 1);
7160 break;
7161 case 3: /* ltr */
7162 if (!s->pe || s->vm86)
7163 goto illegal_op;
7164 if (s->cpl != 0) {
7165 gen_exception(s, EXCP0D_GPF, pc_start - s->cs_base);
7166 } else {
7167 gen_svm_check_intercept(s, pc_start, SVM_EXIT_TR_WRITE);
7168 gen_ldst_modrm(env, s, modrm, OT_WORD, OR_TMP0, 0);
7169 gen_jmp_im(pc_start - s->cs_base);
7170 tcg_gen_trunc_tl_i32(cpu_tmp2_i32, cpu_T[0]);
7171 gen_helper_ltr(cpu_env, cpu_tmp2_i32);
7172 }
7173 break;
7174 case 4: /* verr */
7175 case 5: /* verw */
7176 if (!s->pe || s->vm86)
7177 goto illegal_op;
7178 gen_ldst_modrm(env, s, modrm, OT_WORD, OR_TMP0, 0);
7179 gen_update_cc_op(s);
7180 if (op == 4) {
7181 gen_helper_verr(cpu_env, cpu_T[0]);
7182 } else {
7183 gen_helper_verw(cpu_env, cpu_T[0]);
7184 }
7185 set_cc_op(s, CC_OP_EFLAGS);
7186 break;
7187 default:
7188 goto illegal_op;
7189 }
7190 break;
7191 case 0x101:
7192 modrm = cpu_ldub_code(env, s->pc++);
7193 mod = (modrm >> 6) & 3;
7194 op = (modrm >> 3) & 7;
7195 rm = modrm & 7;
7196 switch(op) {
7197 case 0: /* sgdt */
7198 if (mod == 3)
7199 goto illegal_op;
7200 gen_svm_check_intercept(s, pc_start, SVM_EXIT_GDTR_READ);
7201 gen_lea_modrm(env, s, modrm, &reg_addr, &offset_addr);
7202 tcg_gen_ld32u_tl(cpu_T[0], cpu_env, offsetof(CPUX86State, gdt.limit));
7203 gen_op_st_T0_A0(OT_WORD + s->mem_index);
7204 gen_add_A0_im(s, 2);
7205 tcg_gen_ld_tl(cpu_T[0], cpu_env, offsetof(CPUX86State, gdt.base));
7206 if (!s->dflag)
7207 gen_op_andl_T0_im(0xffffff);
7208 gen_op_st_T0_A0(CODE64(s) + OT_LONG + s->mem_index);
7209 break;
7210 case 1:
7211 if (mod == 3) {
7212 switch (rm) {
7213 case 0: /* monitor */
7214 if (!(s->cpuid_ext_features & CPUID_EXT_MONITOR) ||
7215 s->cpl != 0)
7216 goto illegal_op;
7217 gen_update_cc_op(s);
7218 gen_jmp_im(pc_start - s->cs_base);
7219 #ifdef TARGET_X86_64
7220 if (s->aflag == 2) {
7221 gen_op_movq_A0_reg(R_EAX);
7222 } else
7223 #endif
7224 {
7225 gen_op_movl_A0_reg(R_EAX);
7226 if (s->aflag == 0)
7227 gen_op_andl_A0_ffff();
7228 }
7229 gen_add_A0_ds_seg(s);
7230 gen_helper_monitor(cpu_env, cpu_A0);
7231 break;
7232 case 1: /* mwait */
7233 if (!(s->cpuid_ext_features & CPUID_EXT_MONITOR) ||
7234 s->cpl != 0)
7235 goto illegal_op;
7236 gen_update_cc_op(s);
7237 gen_jmp_im(pc_start - s->cs_base);
7238 gen_helper_mwait(cpu_env, tcg_const_i32(s->pc - pc_start));
7239 gen_eob(s);
7240 break;
7241 case 2: /* clac */
7242 if (!(s->cpuid_7_0_ebx_features & CPUID_7_0_EBX_SMAP) ||
7243 s->cpl != 0) {
7244 goto illegal_op;
7245 }
7246 gen_helper_clac(cpu_env);
7247 gen_jmp_im(s->pc - s->cs_base);
7248 gen_eob(s);
7249 break;
7250 case 3: /* stac */
7251 if (!(s->cpuid_7_0_ebx_features & CPUID_7_0_EBX_SMAP) ||
7252 s->cpl != 0) {
7253 goto illegal_op;
7254 }
7255 gen_helper_stac(cpu_env);
7256 gen_jmp_im(s->pc - s->cs_base);
7257 gen_eob(s);
7258 break;
7259 default:
7260 goto illegal_op;
7261 }
7262 } else { /* sidt */
7263 gen_svm_check_intercept(s, pc_start, SVM_EXIT_IDTR_READ);
7264 gen_lea_modrm(env, s, modrm, &reg_addr, &offset_addr);
7265 tcg_gen_ld32u_tl(cpu_T[0], cpu_env, offsetof(CPUX86State, idt.limit));
7266 gen_op_st_T0_A0(OT_WORD + s->mem_index);
7267 gen_add_A0_im(s, 2);
7268 tcg_gen_ld_tl(cpu_T[0], cpu_env, offsetof(CPUX86State, idt.base));
7269 if (!s->dflag)
7270 gen_op_andl_T0_im(0xffffff);
7271 gen_op_st_T0_A0(CODE64(s) + OT_LONG + s->mem_index);
7272 }
7273 break;
7274 case 2: /* lgdt */
7275 case 3: /* lidt */
7276 if (mod == 3) {
7277 gen_update_cc_op(s);
7278 gen_jmp_im(pc_start - s->cs_base);
7279 switch(rm) {
7280 case 0: /* VMRUN */
7281 if (!(s->flags & HF_SVME_MASK) || !s->pe)
7282 goto illegal_op;
7283 if (s->cpl != 0) {
7284 gen_exception(s, EXCP0D_GPF, pc_start - s->cs_base);
7285 break;
7286 } else {
7287 gen_helper_vmrun(cpu_env, tcg_const_i32(s->aflag),
7288 tcg_const_i32(s->pc - pc_start));
7289 tcg_gen_exit_tb(0);
7290 s->is_jmp = DISAS_TB_JUMP;
7291 }
7292 break;
7293 case 1: /* VMMCALL */
7294 if (!(s->flags & HF_SVME_MASK))
7295 goto illegal_op;
7296 gen_helper_vmmcall(cpu_env);
7297 break;
7298 case 2: /* VMLOAD */
7299 if (!(s->flags & HF_SVME_MASK) || !s->pe)
7300 goto illegal_op;
7301 if (s->cpl != 0) {
7302 gen_exception(s, EXCP0D_GPF, pc_start - s->cs_base);
7303 break;
7304 } else {
7305 gen_helper_vmload(cpu_env, tcg_const_i32(s->aflag));
7306 }
7307 break;
7308 case 3: /* VMSAVE */
7309 if (!(s->flags & HF_SVME_MASK) || !s->pe)
7310 goto illegal_op;
7311 if (s->cpl != 0) {
7312 gen_exception(s, EXCP0D_GPF, pc_start - s->cs_base);
7313 break;
7314 } else {
7315 gen_helper_vmsave(cpu_env, tcg_const_i32(s->aflag));
7316 }
7317 break;
7318 case 4: /* STGI */
7319 if ((!(s->flags & HF_SVME_MASK) &&
7320 !(s->cpuid_ext3_features & CPUID_EXT3_SKINIT)) ||
7321 !s->pe)
7322 goto illegal_op;
7323 if (s->cpl != 0) {
7324 gen_exception(s, EXCP0D_GPF, pc_start - s->cs_base);
7325 break;
7326 } else {
7327 gen_helper_stgi(cpu_env);
7328 }
7329 break;
7330 case 5: /* CLGI */
7331 if (!(s->flags & HF_SVME_MASK) || !s->pe)
7332 goto illegal_op;
7333 if (s->cpl != 0) {
7334 gen_exception(s, EXCP0D_GPF, pc_start - s->cs_base);
7335 break;
7336 } else {
7337 gen_helper_clgi(cpu_env);
7338 }
7339 break;
7340 case 6: /* SKINIT */
7341 if ((!(s->flags & HF_SVME_MASK) &&
7342 !(s->cpuid_ext3_features & CPUID_EXT3_SKINIT)) ||
7343 !s->pe)
7344 goto illegal_op;
7345 gen_helper_skinit(cpu_env);
7346 break;
7347 case 7: /* INVLPGA */
7348 if (!(s->flags & HF_SVME_MASK) || !s->pe)
7349 goto illegal_op;
7350 if (s->cpl != 0) {
7351 gen_exception(s, EXCP0D_GPF, pc_start - s->cs_base);
7352 break;
7353 } else {
7354 gen_helper_invlpga(cpu_env, tcg_const_i32(s->aflag));
7355 }
7356 break;
7357 default:
7358 goto illegal_op;
7359 }
7360 } else if (s->cpl != 0) {
7361 gen_exception(s, EXCP0D_GPF, pc_start - s->cs_base);
7362 } else {
7363 gen_svm_check_intercept(s, pc_start,
7364 op==2 ? SVM_EXIT_GDTR_WRITE : SVM_EXIT_IDTR_WRITE);
7365 gen_lea_modrm(env, s, modrm, &reg_addr, &offset_addr);
7366 gen_op_ld_T1_A0(OT_WORD + s->mem_index);
7367 gen_add_A0_im(s, 2);
7368 gen_op_ld_T0_A0(CODE64(s) + OT_LONG + s->mem_index);
7369 if (!s->dflag)
7370 gen_op_andl_T0_im(0xffffff);
7371 if (op == 2) {
7372 tcg_gen_st_tl(cpu_T[0], cpu_env, offsetof(CPUX86State,gdt.base));
7373 tcg_gen_st32_tl(cpu_T[1], cpu_env, offsetof(CPUX86State,gdt.limit));
7374 } else {
7375 tcg_gen_st_tl(cpu_T[0], cpu_env, offsetof(CPUX86State,idt.base));
7376 tcg_gen_st32_tl(cpu_T[1], cpu_env, offsetof(CPUX86State,idt.limit));
7377 }
7378 }
7379 break;
7380 case 4: /* smsw */
7381 gen_svm_check_intercept(s, pc_start, SVM_EXIT_READ_CR0);
7382 #if defined TARGET_X86_64 && defined HOST_WORDS_BIGENDIAN
7383 tcg_gen_ld32u_tl(cpu_T[0], cpu_env, offsetof(CPUX86State,cr[0]) + 4);
7384 #else
7385 tcg_gen_ld32u_tl(cpu_T[0], cpu_env, offsetof(CPUX86State,cr[0]));
7386 #endif
7387 gen_ldst_modrm(env, s, modrm, OT_WORD, OR_TMP0, 1);
7388 break;
7389 case 6: /* lmsw */
7390 if (s->cpl != 0) {
7391 gen_exception(s, EXCP0D_GPF, pc_start - s->cs_base);
7392 } else {
7393 gen_svm_check_intercept(s, pc_start, SVM_EXIT_WRITE_CR0);
7394 gen_ldst_modrm(env, s, modrm, OT_WORD, OR_TMP0, 0);
7395 gen_helper_lmsw(cpu_env, cpu_T[0]);
7396 gen_jmp_im(s->pc - s->cs_base);
7397 gen_eob(s);
7398 }
7399 break;
7400 case 7:
7401 if (mod != 3) { /* invlpg */
7402 if (s->cpl != 0) {
7403 gen_exception(s, EXCP0D_GPF, pc_start - s->cs_base);
7404 } else {
7405 gen_update_cc_op(s);
7406 gen_jmp_im(pc_start - s->cs_base);
7407 gen_lea_modrm(env, s, modrm, &reg_addr, &offset_addr);
7408 gen_helper_invlpg(cpu_env, cpu_A0);
7409 gen_jmp_im(s->pc - s->cs_base);
7410 gen_eob(s);
7411 }
7412 } else {
7413 switch (rm) {
7414 case 0: /* swapgs */
7415 #ifdef TARGET_X86_64
7416 if (CODE64(s)) {
7417 if (s->cpl != 0) {
7418 gen_exception(s, EXCP0D_GPF, pc_start - s->cs_base);
7419 } else {
7420 tcg_gen_ld_tl(cpu_T[0], cpu_env,
7421 offsetof(CPUX86State,segs[R_GS].base));
7422 tcg_gen_ld_tl(cpu_T[1], cpu_env,
7423 offsetof(CPUX86State,kernelgsbase));
7424 tcg_gen_st_tl(cpu_T[1], cpu_env,
7425 offsetof(CPUX86State,segs[R_GS].base));
7426 tcg_gen_st_tl(cpu_T[0], cpu_env,
7427 offsetof(CPUX86State,kernelgsbase));
7428 }
7429 } else
7430 #endif
7431 {
7432 goto illegal_op;
7433 }
7434 break;
7435 case 1: /* rdtscp */
7436 if (!(s->cpuid_ext2_features & CPUID_EXT2_RDTSCP))
7437 goto illegal_op;
7438 gen_update_cc_op(s);
7439 gen_jmp_im(pc_start - s->cs_base);
7440 if (use_icount)
7441 gen_io_start();
7442 gen_helper_rdtscp(cpu_env);
7443 if (use_icount) {
7444 gen_io_end();
7445 gen_jmp(s, s->pc - s->cs_base);
7446 }
7447 break;
7448 default:
7449 goto illegal_op;
7450 }
7451 }
7452 break;
7453 default:
7454 goto illegal_op;
7455 }
7456 break;
7457 case 0x108: /* invd */
7458 case 0x109: /* wbinvd */
7459 if (s->cpl != 0) {
7460 gen_exception(s, EXCP0D_GPF, pc_start - s->cs_base);
7461 } else {
7462 gen_svm_check_intercept(s, pc_start, (b & 2) ? SVM_EXIT_INVD : SVM_EXIT_WBINVD);
7463 /* nothing to do */
7464 }
7465 break;
7466 case 0x63: /* arpl or movslS (x86_64) */
7467 #ifdef TARGET_X86_64
7468 if (CODE64(s)) {
7469 int d_ot;
7470 /* d_ot is the size of destination */
7471 d_ot = dflag + OT_WORD;
7472
7473 modrm = cpu_ldub_code(env, s->pc++);
7474 reg = ((modrm >> 3) & 7) | rex_r;
7475 mod = (modrm >> 6) & 3;
7476 rm = (modrm & 7) | REX_B(s);
7477
7478 if (mod == 3) {
7479 gen_op_mov_TN_reg(OT_LONG, 0, rm);
7480 /* sign extend */
7481 if (d_ot == OT_QUAD)
7482 tcg_gen_ext32s_tl(cpu_T[0], cpu_T[0]);
7483 gen_op_mov_reg_T0(d_ot, reg);
7484 } else {
7485 gen_lea_modrm(env, s, modrm, &reg_addr, &offset_addr);
7486 if (d_ot == OT_QUAD) {
7487 gen_op_lds_T0_A0(OT_LONG + s->mem_index);
7488 } else {
7489 gen_op_ld_T0_A0(OT_LONG + s->mem_index);
7490 }
7491 gen_op_mov_reg_T0(d_ot, reg);
7492 }
7493 } else
7494 #endif
7495 {
7496 int label1;
7497 TCGv t0, t1, t2, a0;
7498
7499 if (!s->pe || s->vm86)
7500 goto illegal_op;
7501 t0 = tcg_temp_local_new();
7502 t1 = tcg_temp_local_new();
7503 t2 = tcg_temp_local_new();
7504 ot = OT_WORD;
7505 modrm = cpu_ldub_code(env, s->pc++);
7506 reg = (modrm >> 3) & 7;
7507 mod = (modrm >> 6) & 3;
7508 rm = modrm & 7;
7509 if (mod != 3) {
7510 gen_lea_modrm(env, s, modrm, &reg_addr, &offset_addr);
7511 gen_op_ld_v(ot + s->mem_index, t0, cpu_A0);
7512 a0 = tcg_temp_local_new();
7513 tcg_gen_mov_tl(a0, cpu_A0);
7514 } else {
7515 gen_op_mov_v_reg(ot, t0, rm);
7516 TCGV_UNUSED(a0);
7517 }
7518 gen_op_mov_v_reg(ot, t1, reg);
7519 tcg_gen_andi_tl(cpu_tmp0, t0, 3);
7520 tcg_gen_andi_tl(t1, t1, 3);
7521 tcg_gen_movi_tl(t2, 0);
7522 label1 = gen_new_label();
7523 tcg_gen_brcond_tl(TCG_COND_GE, cpu_tmp0, t1, label1);
7524 tcg_gen_andi_tl(t0, t0, ~3);
7525 tcg_gen_or_tl(t0, t0, t1);
7526 tcg_gen_movi_tl(t2, CC_Z);
7527 gen_set_label(label1);
7528 if (mod != 3) {
7529 gen_op_st_v(ot + s->mem_index, t0, a0);
7530 tcg_temp_free(a0);
7531 } else {
7532 gen_op_mov_reg_v(ot, rm, t0);
7533 }
7534 gen_compute_eflags(s);
7535 tcg_gen_andi_tl(cpu_cc_src, cpu_cc_src, ~CC_Z);
7536 tcg_gen_or_tl(cpu_cc_src, cpu_cc_src, t2);
7537 tcg_temp_free(t0);
7538 tcg_temp_free(t1);
7539 tcg_temp_free(t2);
7540 }
7541 break;
7542 case 0x102: /* lar */
7543 case 0x103: /* lsl */
7544 {
7545 int label1;
7546 TCGv t0;
7547 if (!s->pe || s->vm86)
7548 goto illegal_op;
7549 ot = dflag ? OT_LONG : OT_WORD;
7550 modrm = cpu_ldub_code(env, s->pc++);
7551 reg = ((modrm >> 3) & 7) | rex_r;
7552 gen_ldst_modrm(env, s, modrm, OT_WORD, OR_TMP0, 0);
7553 t0 = tcg_temp_local_new();
7554 gen_update_cc_op(s);
7555 if (b == 0x102) {
7556 gen_helper_lar(t0, cpu_env, cpu_T[0]);
7557 } else {
7558 gen_helper_lsl(t0, cpu_env, cpu_T[0]);
7559 }
7560 tcg_gen_andi_tl(cpu_tmp0, cpu_cc_src, CC_Z);
7561 label1 = gen_new_label();
7562 tcg_gen_brcondi_tl(TCG_COND_EQ, cpu_tmp0, 0, label1);
7563 gen_op_mov_reg_v(ot, reg, t0);
7564 gen_set_label(label1);
7565 set_cc_op(s, CC_OP_EFLAGS);
7566 tcg_temp_free(t0);
7567 }
7568 break;
7569 case 0x118:
7570 modrm = cpu_ldub_code(env, s->pc++);
7571 mod = (modrm >> 6) & 3;
7572 op = (modrm >> 3) & 7;
7573 switch(op) {
7574 case 0: /* prefetchnta */
7575 case 1: /* prefetchnt0 */
7576 case 2: /* prefetchnt0 */
7577 case 3: /* prefetchnt0 */
7578 if (mod == 3)
7579 goto illegal_op;
7580 gen_lea_modrm(env, s, modrm, &reg_addr, &offset_addr);
7581 /* nothing more to do */
7582 break;
7583 default: /* nop (multi byte) */
7584 gen_nop_modrm(env, s, modrm);
7585 break;
7586 }
7587 break;
7588 case 0x119 ... 0x11f: /* nop (multi byte) */
7589 modrm = cpu_ldub_code(env, s->pc++);
7590 gen_nop_modrm(env, s, modrm);
7591 break;
7592 case 0x120: /* mov reg, crN */
7593 case 0x122: /* mov crN, reg */
7594 if (s->cpl != 0) {
7595 gen_exception(s, EXCP0D_GPF, pc_start - s->cs_base);
7596 } else {
7597 modrm = cpu_ldub_code(env, s->pc++);
7598 /* Ignore the mod bits (assume (modrm&0xc0)==0xc0).
7599 * AMD documentation (24594.pdf) and testing of
7600 * intel 386 and 486 processors all show that the mod bits
7601 * are assumed to be 1's, regardless of actual values.
7602 */
7603 rm = (modrm & 7) | REX_B(s);
7604 reg = ((modrm >> 3) & 7) | rex_r;
7605 if (CODE64(s))
7606 ot = OT_QUAD;
7607 else
7608 ot = OT_LONG;
7609 if ((prefixes & PREFIX_LOCK) && (reg == 0) &&
7610 (s->cpuid_ext3_features & CPUID_EXT3_CR8LEG)) {
7611 reg = 8;
7612 }
7613 switch(reg) {
7614 case 0:
7615 case 2:
7616 case 3:
7617 case 4:
7618 case 8:
7619 gen_update_cc_op(s);
7620 gen_jmp_im(pc_start - s->cs_base);
7621 if (b & 2) {
7622 gen_op_mov_TN_reg(ot, 0, rm);
7623 gen_helper_write_crN(cpu_env, tcg_const_i32(reg),
7624 cpu_T[0]);
7625 gen_jmp_im(s->pc - s->cs_base);
7626 gen_eob(s);
7627 } else {
7628 gen_helper_read_crN(cpu_T[0], cpu_env, tcg_const_i32(reg));
7629 gen_op_mov_reg_T0(ot, rm);
7630 }
7631 break;
7632 default:
7633 goto illegal_op;
7634 }
7635 }
7636 break;
7637 case 0x121: /* mov reg, drN */
7638 case 0x123: /* mov drN, reg */
7639 if (s->cpl != 0) {
7640 gen_exception(s, EXCP0D_GPF, pc_start - s->cs_base);
7641 } else {
7642 modrm = cpu_ldub_code(env, s->pc++);
7643 /* Ignore the mod bits (assume (modrm&0xc0)==0xc0).
7644 * AMD documentation (24594.pdf) and testing of
7645 * intel 386 and 486 processors all show that the mod bits
7646 * are assumed to be 1's, regardless of actual values.
7647 */
7648 rm = (modrm & 7) | REX_B(s);
7649 reg = ((modrm >> 3) & 7) | rex_r;
7650 if (CODE64(s))
7651 ot = OT_QUAD;
7652 else
7653 ot = OT_LONG;
7654 /* XXX: do it dynamically with CR4.DE bit */
7655 if (reg == 4 || reg == 5 || reg >= 8)
7656 goto illegal_op;
7657 if (b & 2) {
7658 gen_svm_check_intercept(s, pc_start, SVM_EXIT_WRITE_DR0 + reg);
7659 gen_op_mov_TN_reg(ot, 0, rm);
7660 gen_helper_movl_drN_T0(cpu_env, tcg_const_i32(reg), cpu_T[0]);
7661 gen_jmp_im(s->pc - s->cs_base);
7662 gen_eob(s);
7663 } else {
7664 gen_svm_check_intercept(s, pc_start, SVM_EXIT_READ_DR0 + reg);
7665 tcg_gen_ld_tl(cpu_T[0], cpu_env, offsetof(CPUX86State,dr[reg]));
7666 gen_op_mov_reg_T0(ot, rm);
7667 }
7668 }
7669 break;
7670 case 0x106: /* clts */
7671 if (s->cpl != 0) {
7672 gen_exception(s, EXCP0D_GPF, pc_start - s->cs_base);
7673 } else {
7674 gen_svm_check_intercept(s, pc_start, SVM_EXIT_WRITE_CR0);
7675 gen_helper_clts(cpu_env);
7676 /* abort block because static cpu state changed */
7677 gen_jmp_im(s->pc - s->cs_base);
7678 gen_eob(s);
7679 }
7680 break;
7681 /* MMX/3DNow!/SSE/SSE2/SSE3/SSSE3/SSE4 support */
7682 case 0x1c3: /* MOVNTI reg, mem */
7683 if (!(s->cpuid_features & CPUID_SSE2))
7684 goto illegal_op;
7685 ot = s->dflag == 2 ? OT_QUAD : OT_LONG;
7686 modrm = cpu_ldub_code(env, s->pc++);
7687 mod = (modrm >> 6) & 3;
7688 if (mod == 3)
7689 goto illegal_op;
7690 reg = ((modrm >> 3) & 7) | rex_r;
7691 /* generate a generic store */
7692 gen_ldst_modrm(env, s, modrm, ot, reg, 1);
7693 break;
7694 case 0x1ae:
7695 modrm = cpu_ldub_code(env, s->pc++);
7696 mod = (modrm >> 6) & 3;
7697 op = (modrm >> 3) & 7;
7698 switch(op) {
7699 case 0: /* fxsave */
7700 if (mod == 3 || !(s->cpuid_features & CPUID_FXSR) ||
7701 (s->prefix & PREFIX_LOCK))
7702 goto illegal_op;
7703 if ((s->flags & HF_EM_MASK) || (s->flags & HF_TS_MASK)) {
7704 gen_exception(s, EXCP07_PREX, pc_start - s->cs_base);
7705 break;
7706 }
7707 gen_lea_modrm(env, s, modrm, &reg_addr, &offset_addr);
7708 gen_update_cc_op(s);
7709 gen_jmp_im(pc_start - s->cs_base);
7710 gen_helper_fxsave(cpu_env, cpu_A0, tcg_const_i32((s->dflag == 2)));
7711 break;
7712 case 1: /* fxrstor */
7713 if (mod == 3 || !(s->cpuid_features & CPUID_FXSR) ||
7714 (s->prefix & PREFIX_LOCK))
7715 goto illegal_op;
7716 if ((s->flags & HF_EM_MASK) || (s->flags & HF_TS_MASK)) {
7717 gen_exception(s, EXCP07_PREX, pc_start - s->cs_base);
7718 break;
7719 }
7720 gen_lea_modrm(env, s, modrm, &reg_addr, &offset_addr);
7721 gen_update_cc_op(s);
7722 gen_jmp_im(pc_start - s->cs_base);
7723 gen_helper_fxrstor(cpu_env, cpu_A0,
7724 tcg_const_i32((s->dflag == 2)));
7725 break;
7726 case 2: /* ldmxcsr */
7727 case 3: /* stmxcsr */
7728 if (s->flags & HF_TS_MASK) {
7729 gen_exception(s, EXCP07_PREX, pc_start - s->cs_base);
7730 break;
7731 }
7732 if ((s->flags & HF_EM_MASK) || !(s->flags & HF_OSFXSR_MASK) ||
7733 mod == 3)
7734 goto illegal_op;
7735 gen_lea_modrm(env, s, modrm, &reg_addr, &offset_addr);
7736 if (op == 2) {
7737 gen_op_ld_T0_A0(OT_LONG + s->mem_index);
7738 tcg_gen_trunc_tl_i32(cpu_tmp2_i32, cpu_T[0]);
7739 gen_helper_ldmxcsr(cpu_env, cpu_tmp2_i32);
7740 } else {
7741 tcg_gen_ld32u_tl(cpu_T[0], cpu_env, offsetof(CPUX86State, mxcsr));
7742 gen_op_st_T0_A0(OT_LONG + s->mem_index);
7743 }
7744 break;
7745 case 5: /* lfence */
7746 case 6: /* mfence */
7747 if ((modrm & 0xc7) != 0xc0 || !(s->cpuid_features & CPUID_SSE2))
7748 goto illegal_op;
7749 break;
7750 case 7: /* sfence / clflush */
7751 if ((modrm & 0xc7) == 0xc0) {
7752 /* sfence */
7753 /* XXX: also check for cpuid_ext2_features & CPUID_EXT2_EMMX */
7754 if (!(s->cpuid_features & CPUID_SSE))
7755 goto illegal_op;
7756 } else {
7757 /* clflush */
7758 if (!(s->cpuid_features & CPUID_CLFLUSH))
7759 goto illegal_op;
7760 gen_lea_modrm(env, s, modrm, &reg_addr, &offset_addr);
7761 }
7762 break;
7763 default:
7764 goto illegal_op;
7765 }
7766 break;
7767 case 0x10d: /* 3DNow! prefetch(w) */
7768 modrm = cpu_ldub_code(env, s->pc++);
7769 mod = (modrm >> 6) & 3;
7770 if (mod == 3)
7771 goto illegal_op;
7772 gen_lea_modrm(env, s, modrm, &reg_addr, &offset_addr);
7773 /* ignore for now */
7774 break;
7775 case 0x1aa: /* rsm */
7776 gen_svm_check_intercept(s, pc_start, SVM_EXIT_RSM);
7777 if (!(s->flags & HF_SMM_MASK))
7778 goto illegal_op;
7779 gen_update_cc_op(s);
7780 gen_jmp_im(s->pc - s->cs_base);
7781 gen_helper_rsm(cpu_env);
7782 gen_eob(s);
7783 break;
7784 case 0x1b8: /* SSE4.2 popcnt */
7785 if ((prefixes & (PREFIX_REPZ | PREFIX_LOCK | PREFIX_REPNZ)) !=
7786 PREFIX_REPZ)
7787 goto illegal_op;
7788 if (!(s->cpuid_ext_features & CPUID_EXT_POPCNT))
7789 goto illegal_op;
7790
7791 modrm = cpu_ldub_code(env, s->pc++);
7792 reg = ((modrm >> 3) & 7) | rex_r;
7793
7794 if (s->prefix & PREFIX_DATA)
7795 ot = OT_WORD;
7796 else if (s->dflag != 2)
7797 ot = OT_LONG;
7798 else
7799 ot = OT_QUAD;
7800
7801 gen_ldst_modrm(env, s, modrm, ot, OR_TMP0, 0);
7802 gen_helper_popcnt(cpu_T[0], cpu_env, cpu_T[0], tcg_const_i32(ot));
7803 gen_op_mov_reg_T0(ot, reg);
7804
7805 set_cc_op(s, CC_OP_EFLAGS);
7806 break;
7807 case 0x10e ... 0x10f:
7808 /* 3DNow! instructions, ignore prefixes */
7809 s->prefix &= ~(PREFIX_REPZ | PREFIX_REPNZ | PREFIX_DATA);
7810 case 0x110 ... 0x117:
7811 case 0x128 ... 0x12f:
7812 case 0x138 ... 0x13a:
7813 case 0x150 ... 0x179:
7814 case 0x17c ... 0x17f:
7815 case 0x1c2:
7816 case 0x1c4 ... 0x1c6:
7817 case 0x1d0 ... 0x1fe:
7818 gen_sse(env, s, b, pc_start, rex_r);
7819 break;
7820 default:
7821 goto illegal_op;
7822 }
7823 /* lock generation */
7824 if (s->prefix & PREFIX_LOCK)
7825 gen_helper_unlock();
7826 return s->pc;
7827 illegal_op:
7828 if (s->prefix & PREFIX_LOCK)
7829 gen_helper_unlock();
7830 /* XXX: ensure that no lock was generated */
7831 gen_exception(s, EXCP06_ILLOP, pc_start - s->cs_base);
7832 return s->pc;
7833 }
7834
7835 void optimize_flags_init(void)
7836 {
7837 cpu_env = tcg_global_reg_new_ptr(TCG_AREG0, "env");
7838 cpu_cc_op = tcg_global_mem_new_i32(TCG_AREG0,
7839 offsetof(CPUX86State, cc_op), "cc_op");
7840 cpu_cc_src = tcg_global_mem_new(TCG_AREG0, offsetof(CPUX86State, cc_src),
7841 "cc_src");
7842 cpu_cc_dst = tcg_global_mem_new(TCG_AREG0, offsetof(CPUX86State, cc_dst),
7843 "cc_dst");
7844
7845 #ifdef TARGET_X86_64
7846 cpu_regs[R_EAX] = tcg_global_mem_new_i64(TCG_AREG0,
7847 offsetof(CPUX86State, regs[R_EAX]), "rax");
7848 cpu_regs[R_ECX] = tcg_global_mem_new_i64(TCG_AREG0,
7849 offsetof(CPUX86State, regs[R_ECX]), "rcx");
7850 cpu_regs[R_EDX] = tcg_global_mem_new_i64(TCG_AREG0,
7851 offsetof(CPUX86State, regs[R_EDX]), "rdx");
7852 cpu_regs[R_EBX] = tcg_global_mem_new_i64(TCG_AREG0,
7853 offsetof(CPUX86State, regs[R_EBX]), "rbx");
7854 cpu_regs[R_ESP] = tcg_global_mem_new_i64(TCG_AREG0,
7855 offsetof(CPUX86State, regs[R_ESP]), "rsp");
7856 cpu_regs[R_EBP] = tcg_global_mem_new_i64(TCG_AREG0,
7857 offsetof(CPUX86State, regs[R_EBP]), "rbp");
7858 cpu_regs[R_ESI] = tcg_global_mem_new_i64(TCG_AREG0,
7859 offsetof(CPUX86State, regs[R_ESI]), "rsi");
7860 cpu_regs[R_EDI] = tcg_global_mem_new_i64(TCG_AREG0,
7861 offsetof(CPUX86State, regs[R_EDI]), "rdi");
7862 cpu_regs[8] = tcg_global_mem_new_i64(TCG_AREG0,
7863 offsetof(CPUX86State, regs[8]), "r8");
7864 cpu_regs[9] = tcg_global_mem_new_i64(TCG_AREG0,
7865 offsetof(CPUX86State, regs[9]), "r9");
7866 cpu_regs[10] = tcg_global_mem_new_i64(TCG_AREG0,
7867 offsetof(CPUX86State, regs[10]), "r10");
7868 cpu_regs[11] = tcg_global_mem_new_i64(TCG_AREG0,
7869 offsetof(CPUX86State, regs[11]), "r11");
7870 cpu_regs[12] = tcg_global_mem_new_i64(TCG_AREG0,
7871 offsetof(CPUX86State, regs[12]), "r12");
7872 cpu_regs[13] = tcg_global_mem_new_i64(TCG_AREG0,
7873 offsetof(CPUX86State, regs[13]), "r13");
7874 cpu_regs[14] = tcg_global_mem_new_i64(TCG_AREG0,
7875 offsetof(CPUX86State, regs[14]), "r14");
7876 cpu_regs[15] = tcg_global_mem_new_i64(TCG_AREG0,
7877 offsetof(CPUX86State, regs[15]), "r15");
7878 #else
7879 cpu_regs[R_EAX] = tcg_global_mem_new_i32(TCG_AREG0,
7880 offsetof(CPUX86State, regs[R_EAX]), "eax");
7881 cpu_regs[R_ECX] = tcg_global_mem_new_i32(TCG_AREG0,
7882 offsetof(CPUX86State, regs[R_ECX]), "ecx");
7883 cpu_regs[R_EDX] = tcg_global_mem_new_i32(TCG_AREG0,
7884 offsetof(CPUX86State, regs[R_EDX]), "edx");
7885 cpu_regs[R_EBX] = tcg_global_mem_new_i32(TCG_AREG0,
7886 offsetof(CPUX86State, regs[R_EBX]), "ebx");
7887 cpu_regs[R_ESP] = tcg_global_mem_new_i32(TCG_AREG0,
7888 offsetof(CPUX86State, regs[R_ESP]), "esp");
7889 cpu_regs[R_EBP] = tcg_global_mem_new_i32(TCG_AREG0,
7890 offsetof(CPUX86State, regs[R_EBP]), "ebp");
7891 cpu_regs[R_ESI] = tcg_global_mem_new_i32(TCG_AREG0,
7892 offsetof(CPUX86State, regs[R_ESI]), "esi");
7893 cpu_regs[R_EDI] = tcg_global_mem_new_i32(TCG_AREG0,
7894 offsetof(CPUX86State, regs[R_EDI]), "edi");
7895 #endif
7896
7897 /* register helpers */
7898 #define GEN_HELPER 2
7899 #include "helper.h"
7900 }
7901
7902 /* generate intermediate code in gen_opc_buf and gen_opparam_buf for
7903 basic block 'tb'. If search_pc is TRUE, also generate PC
7904 information for each intermediate instruction. */
7905 static inline void gen_intermediate_code_internal(CPUX86State *env,
7906 TranslationBlock *tb,
7907 int search_pc)
7908 {
7909 DisasContext dc1, *dc = &dc1;
7910 target_ulong pc_ptr;
7911 uint16_t *gen_opc_end;
7912 CPUBreakpoint *bp;
7913 int j, lj;
7914 uint64_t flags;
7915 target_ulong pc_start;
7916 target_ulong cs_base;
7917 int num_insns;
7918 int max_insns;
7919
7920 /* generate intermediate code */
7921 pc_start = tb->pc;
7922 cs_base = tb->cs_base;
7923 flags = tb->flags;
7924
7925 dc->pe = (flags >> HF_PE_SHIFT) & 1;
7926 dc->code32 = (flags >> HF_CS32_SHIFT) & 1;
7927 dc->ss32 = (flags >> HF_SS32_SHIFT) & 1;
7928 dc->addseg = (flags >> HF_ADDSEG_SHIFT) & 1;
7929 dc->f_st = 0;
7930 dc->vm86 = (flags >> VM_SHIFT) & 1;
7931 dc->cpl = (flags >> HF_CPL_SHIFT) & 3;
7932 dc->iopl = (flags >> IOPL_SHIFT) & 3;
7933 dc->tf = (flags >> TF_SHIFT) & 1;
7934 dc->singlestep_enabled = env->singlestep_enabled;
7935 dc->cc_op = CC_OP_DYNAMIC;
7936 dc->cc_op_dirty = false;
7937 dc->cs_base = cs_base;
7938 dc->tb = tb;
7939 dc->popl_esp_hack = 0;
7940 /* select memory access functions */
7941 dc->mem_index = 0;
7942 if (flags & HF_SOFTMMU_MASK) {
7943 dc->mem_index = (cpu_mmu_index(env) + 1) << 2;
7944 }
7945 dc->cpuid_features = env->cpuid_features;
7946 dc->cpuid_ext_features = env->cpuid_ext_features;
7947 dc->cpuid_ext2_features = env->cpuid_ext2_features;
7948 dc->cpuid_ext3_features = env->cpuid_ext3_features;
7949 dc->cpuid_7_0_ebx_features = env->cpuid_7_0_ebx_features;
7950 #ifdef TARGET_X86_64
7951 dc->lma = (flags >> HF_LMA_SHIFT) & 1;
7952 dc->code64 = (flags >> HF_CS64_SHIFT) & 1;
7953 #endif
7954 dc->flags = flags;
7955 dc->jmp_opt = !(dc->tf || env->singlestep_enabled ||
7956 (flags & HF_INHIBIT_IRQ_MASK)
7957 #ifndef CONFIG_SOFTMMU
7958 || (flags & HF_SOFTMMU_MASK)
7959 #endif
7960 );
7961 #if 0
7962 /* check addseg logic */
7963 if (!dc->addseg && (dc->vm86 || !dc->pe || !dc->code32))
7964 printf("ERROR addseg\n");
7965 #endif
7966
7967 cpu_T[0] = tcg_temp_new();
7968 cpu_T[1] = tcg_temp_new();
7969 cpu_A0 = tcg_temp_new();
7970 cpu_T3 = tcg_temp_new();
7971
7972 cpu_tmp0 = tcg_temp_new();
7973 cpu_tmp1_i64 = tcg_temp_new_i64();
7974 cpu_tmp2_i32 = tcg_temp_new_i32();
7975 cpu_tmp3_i32 = tcg_temp_new_i32();
7976 cpu_tmp4 = tcg_temp_new();
7977 cpu_tmp5 = tcg_temp_new();
7978 cpu_ptr0 = tcg_temp_new_ptr();
7979 cpu_ptr1 = tcg_temp_new_ptr();
7980
7981 gen_opc_end = tcg_ctx.gen_opc_buf + OPC_MAX_SIZE;
7982
7983 dc->is_jmp = DISAS_NEXT;
7984 pc_ptr = pc_start;
7985 lj = -1;
7986 num_insns = 0;
7987 max_insns = tb->cflags & CF_COUNT_MASK;
7988 if (max_insns == 0)
7989 max_insns = CF_COUNT_MASK;
7990
7991 gen_icount_start();
7992 for(;;) {
7993 if (unlikely(!QTAILQ_EMPTY(&env->breakpoints))) {
7994 QTAILQ_FOREACH(bp, &env->breakpoints, entry) {
7995 if (bp->pc == pc_ptr &&
7996 !((bp->flags & BP_CPU) && (tb->flags & HF_RF_MASK))) {
7997 gen_debug(dc, pc_ptr - dc->cs_base);
7998 break;
7999 }
8000 }
8001 }
8002 if (search_pc) {
8003 j = tcg_ctx.gen_opc_ptr - tcg_ctx.gen_opc_buf;
8004 if (lj < j) {
8005 lj++;
8006 while (lj < j)
8007 tcg_ctx.gen_opc_instr_start[lj++] = 0;
8008 }
8009 tcg_ctx.gen_opc_pc[lj] = pc_ptr;
8010 gen_opc_cc_op[lj] = dc->cc_op;
8011 tcg_ctx.gen_opc_instr_start[lj] = 1;
8012 tcg_ctx.gen_opc_icount[lj] = num_insns;
8013 }
8014 if (num_insns + 1 == max_insns && (tb->cflags & CF_LAST_IO))
8015 gen_io_start();
8016
8017 pc_ptr = disas_insn(env, dc, pc_ptr);
8018 num_insns++;
8019 /* stop translation if indicated */
8020 if (dc->is_jmp)
8021 break;
8022 /* if single step mode, we generate only one instruction and
8023 generate an exception */
8024 /* if irq were inhibited with HF_INHIBIT_IRQ_MASK, we clear
8025 the flag and abort the translation to give the irqs a
8026 change to be happen */
8027 if (dc->tf || dc->singlestep_enabled ||
8028 (flags & HF_INHIBIT_IRQ_MASK)) {
8029 gen_jmp_im(pc_ptr - dc->cs_base);
8030 gen_eob(dc);
8031 break;
8032 }
8033 /* if too long translation, stop generation too */
8034 if (tcg_ctx.gen_opc_ptr >= gen_opc_end ||
8035 (pc_ptr - pc_start) >= (TARGET_PAGE_SIZE - 32) ||
8036 num_insns >= max_insns) {
8037 gen_jmp_im(pc_ptr - dc->cs_base);
8038 gen_eob(dc);
8039 break;
8040 }
8041 if (singlestep) {
8042 gen_jmp_im(pc_ptr - dc->cs_base);
8043 gen_eob(dc);
8044 break;
8045 }
8046 }
8047 if (tb->cflags & CF_LAST_IO)
8048 gen_io_end();
8049 gen_icount_end(tb, num_insns);
8050 *tcg_ctx.gen_opc_ptr = INDEX_op_end;
8051 /* we don't forget to fill the last values */
8052 if (search_pc) {
8053 j = tcg_ctx.gen_opc_ptr - tcg_ctx.gen_opc_buf;
8054 lj++;
8055 while (lj <= j)
8056 tcg_ctx.gen_opc_instr_start[lj++] = 0;
8057 }
8058
8059 #ifdef DEBUG_DISAS
8060 if (qemu_loglevel_mask(CPU_LOG_TB_IN_ASM)) {
8061 int disas_flags;
8062 qemu_log("----------------\n");
8063 qemu_log("IN: %s\n", lookup_symbol(pc_start));
8064 #ifdef TARGET_X86_64
8065 if (dc->code64)
8066 disas_flags = 2;
8067 else
8068 #endif
8069 disas_flags = !dc->code32;
8070 log_target_disas(env, pc_start, pc_ptr - pc_start, disas_flags);
8071 qemu_log("\n");
8072 }
8073 #endif
8074
8075 if (!search_pc) {
8076 tb->size = pc_ptr - pc_start;
8077 tb->icount = num_insns;
8078 }
8079 }
8080
8081 void gen_intermediate_code(CPUX86State *env, TranslationBlock *tb)
8082 {
8083 gen_intermediate_code_internal(env, tb, 0);
8084 }
8085
8086 void gen_intermediate_code_pc(CPUX86State *env, TranslationBlock *tb)
8087 {
8088 gen_intermediate_code_internal(env, tb, 1);
8089 }
8090
8091 void restore_state_to_opc(CPUX86State *env, TranslationBlock *tb, int pc_pos)
8092 {
8093 int cc_op;
8094 #ifdef DEBUG_DISAS
8095 if (qemu_loglevel_mask(CPU_LOG_TB_OP)) {
8096 int i;
8097 qemu_log("RESTORE:\n");
8098 for(i = 0;i <= pc_pos; i++) {
8099 if (tcg_ctx.gen_opc_instr_start[i]) {
8100 qemu_log("0x%04x: " TARGET_FMT_lx "\n", i,
8101 tcg_ctx.gen_opc_pc[i]);
8102 }
8103 }
8104 qemu_log("pc_pos=0x%x eip=" TARGET_FMT_lx " cs_base=%x\n",
8105 pc_pos, tcg_ctx.gen_opc_pc[pc_pos] - tb->cs_base,
8106 (uint32_t)tb->cs_base);
8107 }
8108 #endif
8109 env->eip = tcg_ctx.gen_opc_pc[pc_pos] - tb->cs_base;
8110 cc_op = gen_opc_cc_op[pc_pos];
8111 if (cc_op != CC_OP_DYNAMIC)
8112 env->cc_op = cc_op;
8113 }
Qemu copy for testing