[CC_OP_ADOX] = USES_CC_SRC | USES_CC_SRC2,
[CC_OP_ADCOX] = USES_CC_DST | USES_CC_SRC | USES_CC_SRC2,
[CC_OP_CLR] = 0,
+ [CC_OP_POPCNT] = USES_CC_SRC,
};
static void set_cc_op(DisasContext *s, CCOp op)
static inline void gen_op_mov_v_reg(TCGMemOp ot, TCGv t0, int reg)
{
if (ot == MO_8 && byte_reg_is_xH(reg)) {
- tcg_gen_shri_tl(t0, cpu_regs[reg - 4], 8);
- tcg_gen_ext8u_tl(t0, t0);
+ tcg_gen_extract_tl(t0, cpu_regs[reg - 4], 8, 8);
} else {
tcg_gen_mov_tl(t0, cpu_regs[reg]);
}
case CC_OP_LOGICB ... CC_OP_LOGICQ:
case CC_OP_CLR:
+ case CC_OP_POPCNT:
return (CCPrepare) { .cond = TCG_COND_NEVER, .mask = -1 };
case CC_OP_INCB ... CC_OP_INCQ:
return (CCPrepare) { .cond = TCG_COND_NE, .reg = cpu_cc_src,
.mask = CC_S };
case CC_OP_CLR:
+ case CC_OP_POPCNT:
return (CCPrepare) { .cond = TCG_COND_NEVER, .mask = -1 };
default:
{
return (CCPrepare) { .cond = TCG_COND_NE, .reg = cpu_cc_src2,
.mask = -1, .no_setcond = true };
case CC_OP_CLR:
+ case CC_OP_POPCNT:
return (CCPrepare) { .cond = TCG_COND_NEVER, .mask = -1 };
default:
gen_compute_eflags(s);
.mask = CC_Z };
case CC_OP_CLR:
return (CCPrepare) { .cond = TCG_COND_ALWAYS, .mask = -1 };
+ case CC_OP_POPCNT:
+ return (CCPrepare) { .cond = TCG_COND_EQ, .reg = cpu_cc_src,
+ .mask = -1 };
default:
{
TCGMemOp size = (s->cc_op - CC_OP_ADDB) & 3;
}
/* Generate an end of block. Trace exception is also generated if needed.
- If IIM, set HF_INHIBIT_IRQ_MASK if it isn't already set. */
-static void gen_eob_inhibit_irq(DisasContext *s, bool inhibit)
+ If INHIBIT, set HF_INHIBIT_IRQ_MASK if it isn't already set.
+ If RECHECK_TF, emit a rechecking helper for #DB, ignoring the state of
+ S->TF. This is used by the syscall/sysret insns. */
+static void gen_eob_worker(DisasContext *s, bool inhibit, bool recheck_tf)
{
gen_update_cc_op(s);
}
if (s->singlestep_enabled) {
gen_helper_debug(cpu_env);
+ } else if (recheck_tf) {
+ gen_helper_rechecking_single_step(cpu_env);
+ tcg_gen_exit_tb(0);
} else if (s->tf) {
gen_helper_single_step(cpu_env);
} else {
s->is_jmp = DISAS_TB_JUMP;
}
+/* End of block.
+ If INHIBIT, set HF_INHIBIT_IRQ_MASK if it isn't already set. */
+static void gen_eob_inhibit_irq(DisasContext *s, bool inhibit)
+{
+ gen_eob_worker(s, inhibit, false);
+}
+
/* End of block, resetting the inhibit irq flag. */
static void gen_eob(DisasContext *s)
{
- gen_eob_inhibit_irq(s, false);
+ gen_eob_worker(s, false, false);
}
/* generate a jump to eip. No segment change must happen before as a
/* Extract the LEN into a mask. Lengths larger than
operand size get all ones. */
- tcg_gen_shri_tl(cpu_A0, cpu_regs[s->vex_v], 8);
- tcg_gen_ext8u_tl(cpu_A0, cpu_A0);
+ tcg_gen_extract_tl(cpu_A0, cpu_regs[s->vex_v], 8, 8);
tcg_gen_movcond_tl(TCG_COND_LEU, cpu_A0, cpu_A0, bound,
cpu_A0, bound);
tcg_temp_free(bound);
gen_compute_eflags(s);
}
carry_in = cpu_tmp0;
- tcg_gen_shri_tl(carry_in, cpu_cc_src,
- ctz32(b == 0x1f6 ? CC_C : CC_O));
- tcg_gen_andi_tl(carry_in, carry_in, 1);
+ tcg_gen_extract_tl(carry_in, cpu_cc_src,
+ ctz32(b == 0x1f6 ? CC_C : CC_O), 1);
}
switch (ot) {
s->vex_l = 0;
s->vex_v = 0;
next_byte:
+ /* x86 has an upper limit of 15 bytes for an instruction. Since we
+ * do not want to decode and generate IR for an illegal
+ * instruction, the following check limits the instruction size to
+ * 25 bytes: 14 prefix + 1 opc + 6 (modrm+sib+ofs) + 4 imm */
+ if (s->pc - pc_start > 14) {
+ goto illegal_op;
+ }
b = cpu_ldub_code(env, s->pc);
s->pc++;
/* Collect prefixes. */
rm = (modrm & 7) | REX_B(s);
if (mod == 3) {
- gen_op_mov_v_reg(ot, cpu_T0, rm);
- switch (s_ot) {
- case MO_UB:
- tcg_gen_ext8u_tl(cpu_T0, cpu_T0);
- break;
- case MO_SB:
- tcg_gen_ext8s_tl(cpu_T0, cpu_T0);
- break;
- case MO_UW:
- tcg_gen_ext16u_tl(cpu_T0, cpu_T0);
- break;
- default:
- case MO_SW:
- tcg_gen_ext16s_tl(cpu_T0, cpu_T0);
- break;
+ if (s_ot == MO_SB && byte_reg_is_xH(rm)) {
+ tcg_gen_sextract_tl(cpu_T0, cpu_regs[rm - 4], 8, 8);
+ } else {
+ gen_op_mov_v_reg(ot, cpu_T0, rm);
+ switch (s_ot) {
+ case MO_UB:
+ tcg_gen_ext8u_tl(cpu_T0, cpu_T0);
+ break;
+ case MO_SB:
+ tcg_gen_ext8s_tl(cpu_T0, cpu_T0);
+ break;
+ case MO_UW:
+ tcg_gen_ext16u_tl(cpu_T0, cpu_T0);
+ break;
+ default:
+ case MO_SW:
+ tcg_gen_ext16s_tl(cpu_T0, cpu_T0);
+ break;
+ }
}
gen_op_mov_reg_v(d_ot, reg, cpu_T0);
} else {
? s->cpuid_ext3_features & CPUID_EXT3_ABM
: s->cpuid_7_0_ebx_features & CPUID_7_0_EBX_BMI1)) {
int size = 8 << ot;
+ /* For lzcnt/tzcnt, C bit is defined related to the input. */
tcg_gen_mov_tl(cpu_cc_src, cpu_T0);
if (b & 1) {
/* For lzcnt, reduce the target_ulong result by the
number of zeros that we expect to find at the top. */
- gen_helper_clz(cpu_T0, cpu_T0);
+ tcg_gen_clzi_tl(cpu_T0, cpu_T0, TARGET_LONG_BITS);
tcg_gen_subi_tl(cpu_T0, cpu_T0, TARGET_LONG_BITS - size);
} else {
- /* For tzcnt, a zero input must return the operand size:
- force all bits outside the operand size to 1. */
- target_ulong mask = (target_ulong)-2 << (size - 1);
- tcg_gen_ori_tl(cpu_T0, cpu_T0, mask);
- gen_helper_ctz(cpu_T0, cpu_T0);
- }
- /* For lzcnt/tzcnt, C and Z bits are defined and are
- related to the result. */
+ /* For tzcnt, a zero input must return the operand size. */
+ tcg_gen_ctzi_tl(cpu_T0, cpu_T0, size);
+ }
+ /* For lzcnt/tzcnt, Z bit is defined related to the result. */
gen_op_update1_cc();
set_cc_op(s, CC_OP_BMILGB + ot);
} else {
to the input and not the result. */
tcg_gen_mov_tl(cpu_cc_dst, cpu_T0);
set_cc_op(s, CC_OP_LOGICB + ot);
+
+ /* ??? The manual says that the output is undefined when the
+ input is zero, but real hardware leaves it unchanged, and
+ real programs appear to depend on that. Accomplish this
+ by passing the output as the value to return upon zero. */
if (b & 1) {
/* For bsr, return the bit index of the first 1 bit,
not the count of leading zeros. */
- gen_helper_clz(cpu_T0, cpu_T0);
+ tcg_gen_xori_tl(cpu_T1, cpu_regs[reg], TARGET_LONG_BITS - 1);
+ tcg_gen_clz_tl(cpu_T0, cpu_T0, cpu_T1);
tcg_gen_xori_tl(cpu_T0, cpu_T0, TARGET_LONG_BITS - 1);
} else {
- gen_helper_ctz(cpu_T0, cpu_T0);
+ tcg_gen_ctz_tl(cpu_T0, cpu_T0, cpu_regs[reg]);
}
- /* ??? The manual says that the output is undefined when the
- input is zero, but real hardware leaves it unchanged, and
- real programs appear to depend on that. */
- tcg_gen_movi_tl(cpu_tmp0, 0);
- tcg_gen_movcond_tl(TCG_COND_EQ, cpu_T0, cpu_cc_dst, cpu_tmp0,
- cpu_regs[reg], cpu_T0);
}
gen_op_mov_reg_v(ot, reg, cpu_T0);
break;
gen_update_cc_op(s);
gen_jmp_im(pc_start - s->cs_base);
gen_helper_syscall(cpu_env, tcg_const_i32(s->pc - pc_start));
- gen_eob(s);
+ /* TF handling for the syscall insn is different. The TF bit is checked
+ after the syscall insn completes. This allows #DB to not be
+ generated after one has entered CPL0 if TF is set in FMASK. */
+ gen_eob_worker(s, false, true);
break;
case 0x107: /* sysret */
if (!s->pe) {
if (s->lma) {
set_cc_op(s, CC_OP_EFLAGS);
}
- gen_eob(s);
+ /* TF handling for the sysret insn is different. The TF bit is
+ checked after the sysret insn completes. This allows #DB to be
+ generated "as if" the syscall insn in userspace has just
+ completed. */
+ gen_eob_worker(s, false, true);
}
break;
#endif
}
gen_ldst_modrm(env, s, modrm, ot, OR_TMP0, 0);
- gen_helper_popcnt(cpu_T0, cpu_env, cpu_T0, tcg_const_i32(ot));
+ gen_extu(ot, cpu_T0);
+ tcg_gen_mov_tl(cpu_cc_src, cpu_T0);
+ tcg_gen_ctpop_tl(cpu_T0, cpu_T0);
gen_op_mov_reg_v(ot, reg, cpu_T0);
- set_cc_op(s, CC_OP_EFLAGS);
+ set_cc_op(s, CC_OP_POPCNT);
break;
case 0x10e ... 0x10f:
/* 3DNow! instructions, ignore prefixes */