]> git.ipfire.org Git - thirdparty/binutils-gdb.git/blob - sim/arm/thumbemu.c
projects / thirdparty / binutils-gdb.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Fix invalid left shift of negative value
[thirdparty/binutils-gdb.git] / sim / arm / thumbemu.c
1 /* thumbemu.c -- Thumb instruction emulation.
2 Copyright (C) 1996, Cygnus Software Technologies Ltd.
3
4 This program is free software; you can redistribute it and/or modify
5 it under the terms of the GNU General Public License as published by
6 the Free Software Foundation; either version 3 of the License, or
7 (at your option) any later version.
8
9 This program is distributed in the hope that it will be useful,
10 but WITHOUT ANY WARRANTY; without even the implied warranty of
11 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 GNU General Public License for more details.
13
14 You should have received a copy of the GNU General Public License
15 along with this program; if not, see <http://www.gnu.org/licenses/>. */
16
17 /* We can provide simple Thumb simulation by decoding the Thumb
18 instruction into its corresponding ARM instruction, and using the
19 existing ARM simulator. */
20
21 #ifndef MODET /* required for the Thumb instruction support */
22 #if 1
23 #error "MODET needs to be defined for the Thumb world to work"
24 #else
25 #define MODET (1)
26 #endif
27 #endif
28
29 #include "armdefs.h"
30 #include "armemu.h"
31 #include "armos.h"
32
33 #define tBIT(n) ( (ARMword)(tinstr >> (n)) & 1)
34 #define tBITS(m,n) ( (ARMword)(tinstr << (31 - (n))) >> ((31 - (n)) + (m)) )
35
36 #define ntBIT(n) ( (ARMword)(next_instr >> (n)) & 1)
37 #define ntBITS(m,n) ( (ARMword)(next_instr << (31 - (n))) >> ((31 - (n)) + (m)) )
38
39 static int
40 test_cond (int cond, ARMul_State * state)
41 {
42 switch (cond)
43 {
44 case EQ: return ZFLAG;
45 case NE: return !ZFLAG;
46 case VS: return VFLAG;
47 case VC: return !VFLAG;
48 case MI: return NFLAG;
49 case PL: return !NFLAG;
50 case CS: return CFLAG;
51 case CC: return !CFLAG;
52 case HI: return (CFLAG && !ZFLAG);
53 case LS: return (!CFLAG || ZFLAG);
54 case GE: return ((!NFLAG && !VFLAG) || (NFLAG && VFLAG));
55 case LT: return ((NFLAG && !VFLAG) || (!NFLAG && VFLAG));
56 case GT: return ((!NFLAG && !VFLAG && !ZFLAG)
57 || (NFLAG && VFLAG && !ZFLAG));
58 case LE: return ((NFLAG && !VFLAG) || (!NFLAG && VFLAG)) || ZFLAG;
59 case AL: return TRUE;
60 case NV:
61 default: return FALSE;
62 }
63 }
64
65 static ARMword skipping_32bit_thumb = 0;
66
67 static int IT_block_cond = AL;
68 static ARMword IT_block_mask = 0;
69 static int IT_block_first = FALSE;
70
71 static void
72 handle_IT_block (ARMul_State * state,
73 ARMword tinstr,
74 tdstate * pvalid)
75 {
76 * pvalid = t_branch;
77 IT_block_mask = tBITS (0, 3);
78
79 if (IT_block_mask == 0)
80 // NOP or a HINT.
81 return;
82
83 IT_block_cond = tBITS (4, 7);
84 IT_block_first = TRUE;
85 }
86
87 static int
88 in_IT_block (void)
89 {
90 return IT_block_mask != 0;
91 }
92
93 static int
94 IT_block_allow (ARMul_State * state)
95 {
96 int cond;
97
98 if (IT_block_mask == 0)
99 return TRUE;
100
101 cond = IT_block_cond;
102
103 if (IT_block_first)
104 IT_block_first = FALSE;
105 else
106 {
107 if ((IT_block_mask & 8) == 0)
108 cond &= 0xe;
109 else
110 cond |= 1;
111 IT_block_mask <<= 1;
112 IT_block_mask &= 0xF;
113 }
114
115 if (IT_block_mask == 0x8)
116 IT_block_mask = 0;
117
118 return test_cond (cond, state);
119 }
120
121 static ARMword
122 ThumbExpandImm (ARMword tinstr)
123 {
124 ARMword val;
125
126 if (tBITS (10, 11) == 0)
127 {
128 switch (tBITS (8, 9))
129 {
130 case 0: val = tBITS (0, 7); break;
131 case 1: val = tBITS (0, 7) << 8; break;
132 case 2: val = (tBITS (0, 7) << 8) | (tBITS (0, 7) << 24); break;
133 case 3: val = tBITS (0, 7) * 0x01010101; break;
134 default: val = 0;
135 }
136 }
137 else
138 {
139 int ror = tBITS (7, 11);
140
141 val = (1 << 7) | tBITS (0, 6);
142 val = (val >> ror) | (val << (32 - ror));
143 }
144
145 return val;
146 }
147
148 #define tASSERT(truth) \
149 do \
150 { \
151 if (! (truth)) \
152 { \
153 fprintf (stderr, "unhandled T2 insn %04x|%04x detected at thumbemu.c:%d\n", \
154 tinstr, next_instr, __LINE__); \
155 return ; \
156 } \
157 } \
158 while (0)
159
160
161 /* Attempt to emulate a 32-bit ARMv7 Thumb instruction.
162 Stores t_branch into PVALUE upon success or t_undefined otherwise. */
163
164 static void
165 handle_T2_insn (ARMul_State * state,
166 ARMword tinstr,
167 ARMword next_instr,
168 ARMword pc,
169 ARMword * ainstr,
170 tdstate * pvalid)
171 {
172 * pvalid = t_undefined;
173
174 if (! state->is_v6)
175 return;
176
177 if (trace)
178 fprintf (stderr, "|%04x ", next_instr);
179
180 if (tBITS (11, 15) == 0x1E && ntBIT (15) == 1)
181 {
182 ARMsword simm32 = 0;
183 int S = tBIT (10);
184
185 * pvalid = t_branch;
186 switch ((ntBIT (14) << 1) | ntBIT (12))
187 {
188 case 0: /* B<c>.W */
189 {
190 ARMword cond = tBITS (6, 9);
191 ARMword imm6;
192 ARMword imm11;
193 ARMword J1;
194 ARMword J2;
195
196 tASSERT (cond != AL && cond != NV);
197 if (! test_cond (cond, state))
198 return;
199
200 imm6 = tBITS (0, 5);
201 imm11 = ntBITS (0, 10);
202 J1 = ntBIT (13);
203 J2 = ntBIT (11);
204
205 simm32 = (J1 << 19) | (J2 << 18) | (imm6 << 12) | (imm11 << 1);
206 if (S)
207 simm32 |= -(1 << 20);
208 break;
209 }
210
211 case 1: /* B.W */
212 {
213 ARMword imm10 = tBITS (0, 9);
214 ARMword imm11 = ntBITS (0, 10);
215 ARMword I1 = (ntBIT (13) ^ S) ? 0 : 1;
216 ARMword I2 = (ntBIT (11) ^ S) ? 0 : 1;
217
218 simm32 = (I1 << 23) | (I2 << 22) | (imm10 << 12) | (imm11 << 1);
219 if (S)
220 simm32 |= -(1 << 24);
221 break;
222 }
223
224 case 2: /* BLX <label> */
225 {
226 ARMword imm10h = tBITS (0, 9);
227 ARMword imm10l = ntBITS (1, 10);
228 ARMword I1 = (ntBIT (13) ^ S) ? 0 : 1;
229 ARMword I2 = (ntBIT (11) ^ S) ? 0 : 1;
230
231 simm32 = (I1 << 23) | (I2 << 22) | (imm10h << 12) | (imm10l << 2);
232 if (S)
233 simm32 |= -(1 << 24);
234
235 CLEART;
236 state->Reg[14] = (pc + 4) | 1;
237 break;
238 }
239
240 case 3: /* BL <label> */
241 {
242 ARMword imm10 = tBITS (0, 9);
243 ARMword imm11 = ntBITS (0, 10);
244 ARMword I1 = (ntBIT (13) ^ S) ? 0 : 1;
245 ARMword I2 = (ntBIT (11) ^ S) ? 0 : 1;
246
247 simm32 = (I1 << 23) | (I2 << 22) | (imm10 << 12) | (imm11 << 1);
248 if (S)
249 simm32 |= -(1 << 24);
250 state->Reg[14] = (pc + 4) | 1;
251 break;
252 }
253 }
254
255 state->Reg[15] = (pc + 4 + simm32);
256 FLUSHPIPE;
257 if (trace_funcs)
258 fprintf (stderr, " pc changed to %x\n", state->Reg[15]);
259 return;
260 }
261
262 switch (tBITS (5,12))
263 {
264 case 0x29: // TST<c>.W <Rn>,<Rm>{,<shift>}
265 {
266 ARMword Rn = tBITS (0, 3);
267 ARMword Rm = ntBITS (0, 3);
268 ARMword type = ntBITS (4, 5);
269 ARMword imm5 = (ntBITS (12, 14) << 2) | ntBITS (6, 7);
270
271 tASSERT (ntBITS (8, 11) == 0xF);
272
273 * ainstr = 0xE1100000;
274 * ainstr |= (Rn << 16);
275 * ainstr |= (Rm);
276 * ainstr |= (type << 5);
277 * ainstr |= (imm5 << 7);
278 * pvalid = t_decoded;
279 break;
280 }
281
282 case 0x46:
283 if (tBIT (4) && ntBITS (5, 15) == 0x780)
284 {
285 // Table Branch
286 ARMword Rn = tBITS (0, 3);
287 ARMword Rm = ntBITS (0, 3);
288 ARMword address, dest;
289
290 if (ntBIT (4))
291 {
292 // TBH
293 address = state->Reg[Rn] + state->Reg[Rm] * 2;
294 dest = ARMul_LoadHalfWord (state, address);
295 }
296 else
297 {
298 // TBB
299 address = state->Reg[Rn] + state->Reg[Rm];
300 dest = ARMul_LoadByte (state, address);
301 }
302
303 state->Reg[15] = (pc + 4 + dest * 2);
304 FLUSHPIPE;
305 * pvalid = t_branch;
306 break;
307 }
308 /* Fall through. */
309 case 0x42:
310 case 0x43:
311 case 0x47:
312 case 0x4A:
313 case 0x4B:
314 case 0x4E: // STRD
315 case 0x4F: // LDRD
316 {
317 ARMword Rn = tBITS (0, 3);
318 ARMword Rt = ntBITS (12, 15);
319 ARMword Rt2 = ntBITS (8, 11);
320 ARMword imm8 = ntBITS (0, 7);
321 ARMword P = tBIT (8);
322 ARMword U = tBIT (7);
323 ARMword W = tBIT (5);
324
325 tASSERT (Rt2 == Rt + 1);
326 imm8 <<= 2;
327 tASSERT (imm8 <= 255);
328 tASSERT (P != 0 || W != 0);
329
330 // Convert into an ARM A1 encoding.
331 if (Rn == 15)
332 {
333 tASSERT (tBIT (4) == 1);
334 // LDRD (literal)
335 // Ignore W even if 1.
336 * ainstr = 0xE14F00D0;
337 }
338 else
339 {
340 if (tBIT (4) == 1)
341 // LDRD (immediate)
342 * ainstr = 0xE04000D0;
343 else
344 {
345 // STRD<c> <Rt>,<Rt2>,[<Rn>{,#+/-<imm8>}]
346 // STRD<c> <Rt>,<Rt2>,[<Rn>],#+/-<imm8>
347 // STRD<c> <Rt>,<Rt2>,[<Rn>,#+/-<imm8>]!
348 * ainstr = 0xE04000F0;
349 }
350 * ainstr |= (Rn << 16);
351 * ainstr |= (P << 24);
352 * ainstr |= (W << 21);
353 }
354
355 * ainstr |= (U << 23);
356 * ainstr |= (Rt << 12);
357 * ainstr |= ((imm8 << 4) & 0xF00);
358 * ainstr |= (imm8 & 0xF);
359 * pvalid = t_decoded;
360 break;
361 }
362
363 case 0x44:
364 case 0x45: // LDMIA
365 {
366 ARMword Rn = tBITS (0, 3);
367 int W = tBIT (5);
368 ARMword list = (ntBIT (15) << 15) | (ntBIT (14) << 14) | ntBITS (0, 12);
369
370 if (Rn == 13)
371 * ainstr = 0xE8BD0000;
372 else
373 {
374 * ainstr = 0xE8900000;
375 * ainstr |= (W << 21);
376 * ainstr |= (Rn << 16);
377 }
378 * ainstr |= list;
379 * pvalid = t_decoded;
380 break;
381 }
382
383 case 0x48:
384 case 0x49: // STMDB
385 {
386 ARMword Rn = tBITS (0, 3);
387 int W = tBIT (5);
388 ARMword list = (ntBIT (14) << 14) | ntBITS (0, 12);
389
390 if (Rn == 13 && W)
391 * ainstr = 0xE92D0000;
392 else
393 {
394 * ainstr = 0xE9000000;
395 * ainstr |= (W << 21);
396 * ainstr |= (Rn << 16);
397 }
398 * ainstr |= list;
399 * pvalid = t_decoded;
400 break;
401 }
402
403 case 0x50:
404 {
405 ARMword Rd = ntBITS (8, 11);
406 ARMword Rn = tBITS (0, 3);
407 ARMword Rm = ntBITS (0, 3);
408 ARMword imm5 = (ntBITS (12, 14) << 2) | ntBITS (6, 7);
409 ARMword type = ntBITS (4, 5);
410
411 tASSERT (ntBIT (15) == 0);
412
413 if (Rd == 15)
414 {
415 tASSERT (tBIT (4) == 1);
416
417 // TST<c>.W <Rn>,<Rm>{,<shift>}
418 * ainstr = 0xE1100000;
419 }
420 else
421 {
422 // AND{S}<c>.W <Rd>,<Rn>,<Rm>{,<shift>}
423 int S = tBIT (4);
424
425 * ainstr = 0xE0000000;
426
427 if (in_IT_block ())
428 S = 0;
429 * ainstr |= (S << 20);
430 }
431
432 * ainstr |= (Rn << 16);
433 * ainstr |= (imm5 << 7);
434 * ainstr |= (type << 5);
435 * ainstr |= (Rm << 0);
436 * pvalid = t_decoded;
437 break;
438 }
439
440 case 0x51: // BIC{S}<c>.W <Rd>,<Rn>,<Rm>{,<shift>}
441 {
442 ARMword Rn = tBITS (0, 3);
443 ARMword S = tBIT(4);
444 ARMword Rm = ntBITS (0, 3);
445 ARMword Rd = ntBITS (8, 11);
446 ARMword imm5 = (ntBITS (12, 14) << 2) | ntBITS (6, 7);
447 ARMword type = ntBITS (4, 5);
448
449 tASSERT (ntBIT (15) == 0);
450
451 * ainstr = 0xE1C00000;
452 * ainstr |= (S << 20);
453 * ainstr |= (Rn << 16);
454 * ainstr |= (Rd << 12);
455 * ainstr |= (imm5 << 7);
456 * ainstr |= (type << 5);
457 * ainstr |= (Rm << 0);
458 * pvalid = t_decoded;
459 break;
460 }
461
462 case 0x52:
463 {
464 ARMword Rn = tBITS (0, 3);
465 ARMword Rd = ntBITS (8, 11);
466 ARMword Rm = ntBITS (0, 3);
467 int S = tBIT (4);
468 ARMword imm5 = (ntBITS (12, 14) << 2) | ntBITS (6, 7);
469 ARMword type = ntBITS (4, 5);
470
471 tASSERT (Rd != 15);
472
473 if (in_IT_block ())
474 S = 0;
475
476 if (Rn == 15)
477 {
478 tASSERT (ntBIT (15) == 0);
479
480 switch (ntBITS (4, 5))
481 {
482 case 0:
483 // LSL{S}<c>.W <Rd>,<Rm>,#<imm5>
484 * ainstr = 0xE1A00000;
485 break;
486 case 1:
487 // LSR{S}<c>.W <Rd>,<Rm>,#<imm>
488 * ainstr = 0xE1A00020;
489 break;
490 case 2:
491 // ASR{S}<c>.W <Rd>,<Rm>,#<imm>
492 * ainstr = 0xE1A00040;
493 break;
494 case 3:
495 // ROR{S}<c> <Rd>,<Rm>,#<imm>
496 * ainstr = 0xE1A00060;
497 break;
498 default:
499 tASSERT (0);
500 * ainstr = 0;
501 }
502 }
503 else
504 {
505 // ORR{S}<c>.W <Rd>,<Rn>,<Rm>{,<shift>}
506 * ainstr = 0xE1800000;
507 * ainstr |= (Rn << 16);
508 * ainstr |= (type << 5);
509 }
510
511 * ainstr |= (Rd << 12);
512 * ainstr |= (S << 20);
513 * ainstr |= (imm5 << 7);
514 * ainstr |= (Rm << 0);
515 * pvalid = t_decoded;
516 break;
517 }
518
519 case 0x53: // MVN{S}<c>.W <Rd>,<Rm>{,<shift>}
520 {
521 ARMword Rd = ntBITS (8, 11);
522 ARMword Rm = ntBITS (0, 3);
523 int S = tBIT (4);
524 ARMword imm5 = (ntBITS (12, 14) << 2) | ntBITS (6, 7);
525 ARMword type = ntBITS (4, 5);
526
527 tASSERT (ntBIT (15) == 0);
528
529 if (in_IT_block ())
530 S = 0;
531
532 * ainstr = 0xE1E00000;
533 * ainstr |= (S << 20);
534 * ainstr |= (Rd << 12);
535 * ainstr |= (imm5 << 7);
536 * ainstr |= (type << 5);
537 * ainstr |= (Rm << 0);
538 * pvalid = t_decoded;
539 break;
540 }
541
542 case 0x54:
543 {
544 ARMword Rn = tBITS (0, 3);
545 ARMword Rd = ntBITS (8, 11);
546 ARMword Rm = ntBITS (0, 3);
547 int S = tBIT (4);
548 ARMword imm5 = (ntBITS (12, 14) << 2) | ntBITS (6, 7);
549 ARMword type = ntBITS (4, 5);
550
551 if (Rd == 15 && S)
552 {
553 // TEQ<c> <Rn>,<Rm>{,<shift>}
554 tASSERT (ntBIT (15) == 0);
555
556 * ainstr = 0xE1300000;
557 }
558 else
559 {
560 // EOR{S}<c>.W <Rd>,<Rn>,<Rm>{,<shift>}
561 if (in_IT_block ())
562 S = 0;
563
564 * ainstr = 0xE0200000;
565 * ainstr |= (S << 20);
566 * ainstr |= (Rd << 8);
567 }
568
569 * ainstr |= (Rn << 16);
570 * ainstr |= (imm5 << 7);
571 * ainstr |= (type << 5);
572 * ainstr |= (Rm << 0);
573 * pvalid = t_decoded;
574 break;
575 }
576
577 case 0x58: // ADD{S}<c>.W <Rd>,<Rn>,<Rm>{,<shift>}
578 {
579 ARMword Rn = tBITS (0, 3);
580 ARMword Rd = ntBITS (8, 11);
581 ARMword Rm = ntBITS (0, 3);
582 int S = tBIT (4);
583 ARMword imm5 = (ntBITS (12, 14) << 2) | ntBITS (6, 7);
584 ARMword type = ntBITS (4, 5);
585
586 tASSERT (! (Rd == 15 && S));
587
588 if (in_IT_block ())
589 S = 0;
590
591 * ainstr = 0xE0800000;
592 * ainstr |= (S << 20);
593 * ainstr |= (Rn << 16);
594 * ainstr |= (Rd << 12);
595 * ainstr |= (imm5 << 7);
596 * ainstr |= (type << 5);
597 * ainstr |= Rm;
598 * pvalid = t_decoded;
599 break;
600 }
601
602 case 0x5A: // ADC{S}<c>.W <Rd>,<Rn>,<Rm>{,<shift>}
603 tASSERT (ntBIT (15) == 0);
604 * ainstr = 0xE0A00000;
605 if (! in_IT_block ())
606 * ainstr |= (tBIT (4) << 20); // S
607 * ainstr |= (tBITS (0, 3) << 16); // Rn
608 * ainstr |= (ntBITS (8, 11) << 12); // Rd
609 * ainstr |= ((ntBITS (12, 14) << 2) | ntBITS (6, 7)) << 7; // imm5
610 * ainstr |= (ntBITS (4, 5) << 5); // type
611 * ainstr |= ntBITS (0, 3); // Rm
612 * pvalid = t_decoded;
613 break;
614
615 case 0x5B: // SBC{S}<c>.W <Rd>,<Rn>,<Rm>{,<shift>}
616 {
617 ARMword Rn = tBITS (0, 3);
618 ARMword Rd = ntBITS (8, 11);
619 ARMword Rm = ntBITS (0, 3);
620 int S = tBIT (4);
621 ARMword imm5 = (ntBITS (12, 14) << 2) | ntBITS (6, 7);
622 ARMword type = ntBITS (4, 5);
623
624 tASSERT (ntBIT (15) == 0);
625
626 if (in_IT_block ())
627 S = 0;
628
629 * ainstr = 0xE0C00000;
630 * ainstr |= (S << 20);
631 * ainstr |= (Rn << 16);
632 * ainstr |= (Rd << 12);
633 * ainstr |= (imm5 << 7);
634 * ainstr |= (type << 5);
635 * ainstr |= Rm;
636 * pvalid = t_decoded;
637 break;
638 }
639
640 case 0x5E: // RSB{S}<c> <Rd>,<Rn>,<Rm>{,<shift>}
641 case 0x5D: // SUB{S}<c>.W <Rd>,<Rn>,<Rm>{,<shift>}
642 {
643 ARMword Rn = tBITS (0, 3);
644 ARMword Rd = ntBITS (8, 11);
645 ARMword Rm = ntBITS (0, 3);
646 ARMword S = tBIT (4);
647 ARMword type = ntBITS (4, 5);
648 ARMword imm5 = (ntBITS (12, 14) << 2) | ntBITS (6, 7);
649
650 tASSERT (ntBIT(15) == 0);
651
652 if (Rd == 15)
653 {
654 // CMP<c>.W <Rn>, <Rm> {,<shift>}
655 * ainstr = 0xE1500000;
656 Rd = 0;
657 }
658 else if (tBIT (5))
659 * ainstr = 0xE0400000;
660 else
661 * ainstr = 0xE0600000;
662
663 * ainstr |= (S << 20);
664 * ainstr |= (Rn << 16);
665 * ainstr |= (Rd << 12);
666 * ainstr |= (imm5 << 7);
667 * ainstr |= (type << 5);
668 * ainstr |= (Rm << 0);
669 * pvalid = t_decoded;
670 break;
671 }
672
673 case 0x9D: // NOP.W
674 tASSERT (tBITS (0, 15) == 0xF3AF);
675 tASSERT (ntBITS (0, 15) == 0x8000);
676 * pvalid = t_branch;
677 break;
678
679 case 0x80: // AND
680 case 0xA0: // TST
681 {
682 ARMword Rn = tBITS (0, 3);
683 ARMword imm12 = (tBIT(10) << 11) | (ntBITS (12, 14) << 8) | ntBITS (0, 7);
684 ARMword Rd = ntBITS (8, 11);
685 ARMword val;
686 int S = tBIT (4);
687
688 imm12 = ThumbExpandImm (imm12);
689 val = state->Reg[Rn] & imm12;
690
691 if (Rd == 15)
692 {
693 // TST<c> <Rn>,#<const>
694 tASSERT (S == 1);
695 }
696 else
697 {
698 // AND{S}<c> <Rd>,<Rn>,#<const>
699 if (in_IT_block ())
700 S = 0;
701
702 state->Reg[Rd] = val;
703 }
704
705 if (S)
706 ARMul_NegZero (state, val);
707 * pvalid = t_branch;
708 break;
709 }
710
711 case 0xA1:
712 case 0x81: // BIC.W
713 {
714 ARMword Rn = tBITS (0, 3);
715 ARMword Rd = ntBITS (8, 11);
716 ARMword S = tBIT (4);
717 ARMword imm8 = (ntBITS (12, 14) << 8) | ntBITS (0, 7);
718
719 tASSERT (ntBIT (15) == 0);
720
721 imm8 = ThumbExpandImm (imm8);
722 state->Reg[Rd] = state->Reg[Rn] & ~ imm8;
723
724 if (S && ! in_IT_block ())
725 ARMul_NegZero (state, state->Reg[Rd]);
726 * pvalid = t_resolved;
727 break;
728 }
729
730 case 0xA2:
731 case 0x82: // MOV{S}<c>.W <Rd>,#<const>
732 {
733 ARMword val = (tBIT(10) << 11) | (ntBITS (12, 14) << 8) | ntBITS (0, 7);
734 ARMword Rd = ntBITS (8, 11);
735
736 val = ThumbExpandImm (val);
737 state->Reg[Rd] = val;
738
739 if (tBIT (4) && ! in_IT_block ())
740 ARMul_NegZero (state, val);
741 /* Indicate that the instruction has been processed. */
742 * pvalid = t_branch;
743 break;
744 }
745
746 case 0xA3:
747 case 0x83: // MVN{S}<c> <Rd>,#<const>
748 {
749 ARMword val = (tBIT(10) << 11) | (ntBITS (12, 14) << 8) | ntBITS (0, 7);
750 ARMword Rd = ntBITS (8, 11);
751
752 val = ThumbExpandImm (val);
753 val = ~ val;
754 state->Reg[Rd] = val;
755
756 if (tBIT (4) && ! in_IT_block ())
757 ARMul_NegZero (state, val);
758 * pvalid = t_resolved;
759 break;
760 }
761
762 case 0xA4: // EOR
763 case 0x84: // TEQ
764 {
765 ARMword Rn = tBITS (0, 3);
766 ARMword Rd = ntBITS (8, 11);
767 ARMword S = tBIT (4);
768 ARMword imm12 = ((tBIT (10) << 11) | (ntBITS (12, 14) << 8) | ntBITS (0, 7));
769 ARMword result;
770
771 imm12 = ThumbExpandImm (imm12);
772
773 result = state->Reg[Rn] ^ imm12;
774
775 if (Rd == 15 && S)
776 // TEQ<c> <Rn>,#<const>
777 ;
778 else
779 {
780 // EOR{S}<c> <Rd>,<Rn>,#<const>
781 state->Reg[Rd] = result;
782
783 if (in_IT_block ())
784 S = 0;
785 }
786
787 if (S)
788 ARMul_NegZero (state, result);
789 * pvalid = t_resolved;
790 break;
791 }
792
793 case 0xA8: // CMN
794 case 0x88: // ADD
795 {
796 ARMword Rd = ntBITS (8, 11);
797 int S = tBIT (4);
798 ARMword Rn = tBITS (0, 3);
799 ARMword lhs = state->Reg[Rn];
800 ARMword imm12 = (tBIT (10) << 11) | (ntBITS (12, 14) << 8) | ntBITS (0, 7);
801 ARMword rhs = ThumbExpandImm (imm12);
802 ARMword res = lhs + rhs;
803
804 if (Rd == 15 && S)
805 {
806 // CMN<c> <Rn>,#<const>
807 res = lhs - rhs;
808 }
809 else
810 {
811 // ADD{S}<c>.W <Rd>,<Rn>,#<const>
812 res = lhs + rhs;
813
814 if (in_IT_block ())
815 S = 0;
816
817 state->Reg[Rd] = res;
818 }
819
820 if (S)
821 {
822 ARMul_NegZero (state, res);
823
824 if ((lhs | rhs) >> 30)
825 {
826 /* Possible C,V,N to set. */
827 ARMul_AddCarry (state, lhs, rhs, res);
828 ARMul_AddOverflow (state, lhs, rhs, res);
829 }
830 else
831 {
832 CLEARC;
833 CLEARV;
834 }
835 }
836
837 * pvalid = t_branch;
838 break;
839 }
840
841 case 0xAA:
842 case 0x8A: // ADC{S}<c> <Rd>,<Rn>,#<const>
843 {
844 ARMword Rn = tBITS (0, 3);
845 ARMword Rd = ntBITS (8, 11);
846 int S = tBIT (4);
847 ARMword imm12 = (tBIT (10) << 11) | (ntBITS (12, 14) << 8) | ntBITS (0, 7);
848 ARMword lhs = state->Reg[Rn];
849 ARMword rhs = ThumbExpandImm (imm12);
850 ARMword res;
851
852 tASSERT (ntBIT (15) == 0);
853
854 if (CFLAG)
855 rhs += 1;
856
857 res = lhs + rhs;
858 state->Reg[Rd] = res;
859
860 if (in_IT_block ())
861 S = 0;
862
863 if (S)
864 {
865 ARMul_NegZero (state, res);
866
867 if ((lhs >= rhs) || ((rhs | lhs) >> 31))
868 {
869 ARMul_AddCarry (state, lhs, rhs, res);
870 ARMul_AddOverflow (state, lhs, rhs, res);
871 }
872 else
873 {
874 CLEARC;
875 CLEARV;
876 }
877 }
878
879 * pvalid = t_branch;
880 break;
881 }
882
883 case 0xAB:
884 case 0x8B: // SBC{S}<c> <Rd>,<Rn>,#<const>
885 {
886 ARMword Rn = tBITS (0, 3);
887 ARMword Rd = ntBITS (8, 11);
888 int S = tBIT (4);
889 ARMword imm12 = (tBIT (10) << 11) | (ntBITS (12, 14) << 8) | ntBITS (0, 7);
890 ARMword lhs = state->Reg[Rn];
891 ARMword rhs = ThumbExpandImm (imm12);
892 ARMword res;
893
894 tASSERT (ntBIT (15) == 0);
895
896 if (! CFLAG)
897 rhs += 1;
898
899 res = lhs - rhs;
900 state->Reg[Rd] = res;
901
902 if (in_IT_block ())
903 S = 0;
904
905 if (S)
906 {
907 ARMul_NegZero (state, res);
908
909 if ((lhs >= rhs) || ((rhs | lhs) >> 31))
910 {
911 ARMul_SubCarry (state, lhs, rhs, res);
912 ARMul_SubOverflow (state, lhs, rhs, res);
913 }
914 else
915 {
916 CLEARC;
917 CLEARV;
918 }
919 }
920
921 * pvalid = t_branch;
922 break;
923 }
924
925 case 0xAD:
926 case 0x8D: // SUB
927 {
928 ARMword Rn = tBITS (0, 3);
929 ARMword Rd = ntBITS (8, 11);
930 int S = tBIT (4);
931 ARMword imm12 = (tBIT (10) << 11) | (ntBITS (12, 14) << 8) | ntBITS (0, 7);
932 ARMword lhs = state->Reg[Rn];
933 ARMword rhs = ThumbExpandImm (imm12);
934 ARMword res = lhs - rhs;
935
936 if (Rd == 15 && S)
937 {
938 // CMP<c>.W <Rn>,#<const>
939 tASSERT (S);
940 }
941 else
942 {
943 // SUB{S}<c>.W <Rd>,<Rn>,#<const>
944 if (in_IT_block ())
945 S = 0;
946
947 state->Reg[Rd] = res;
948 }
949
950 if (S)
951 {
952 ARMul_NegZero (state, res);
953
954 if ((lhs >= rhs) || ((rhs | lhs) >> 31))
955 {
956 ARMul_SubCarry (state, lhs, rhs, res);
957 ARMul_SubOverflow (state, lhs, rhs, res);
958 }
959 else
960 {
961 CLEARC;
962 CLEARV;
963 }
964 }
965
966 * pvalid = t_branch;
967 break;
968 }
969
970 case 0xAE:
971 case 0x8E: // RSB{S}<c>.W <Rd>,<Rn>,#<const>
972 {
973 ARMword Rn = tBITS (0, 3);
974 ARMword Rd = ntBITS (8, 11);
975 ARMword imm12 = (tBIT (10) << 11) | (ntBITS (12, 14) << 8) | ntBITS (0, 7);
976 int S = tBIT (4);
977 ARMword lhs = imm12;
978 ARMword rhs = state->Reg[Rn];
979 ARMword res = lhs - rhs;
980
981 tASSERT (ntBIT (15) == 0);
982
983 state->Reg[Rd] = res;
984
985 if (S)
986 {
987 ARMul_NegZero (state, res);
988
989 if ((lhs >= rhs) || ((rhs | lhs) >> 31))
990 {
991 ARMul_SubCarry (state, lhs, rhs, res);
992 ARMul_SubOverflow (state, lhs, rhs, res);
993 }
994 else
995 {
996 CLEARC;
997 CLEARV;
998 }
999 }
1000
1001 * pvalid = t_branch;
1002 break;
1003 }
1004
1005 case 0xB0:
1006 case 0x90: // ADDW<c> <Rd>,<Rn>,#<imm12>
1007 {
1008 ARMword Rn = tBITS (0, 3);
1009 ARMword Rd = ntBITS (8, 11);
1010 ARMword imm12 = (tBIT (10) << 11) | (ntBITS (12, 14) << 8) | ntBITS (0, 7);
1011
1012 tASSERT (tBIT (4) == 0);
1013 tASSERT (ntBIT (15) == 0);
1014
1015 state->Reg[Rd] = state->Reg[Rn] + imm12;
1016 * pvalid = t_branch;
1017 break;
1018 }
1019
1020 case 0xB2:
1021 case 0x92: // MOVW<c> <Rd>,#<imm16>
1022 {
1023 ARMword Rd = ntBITS (8, 11);
1024 ARMword imm = (tBITS (0, 3) << 12) | (tBIT (10) << 11) | (ntBITS (12, 14) << 8) | ntBITS (0, 7);
1025
1026 state->Reg[Rd] = imm;
1027 /* Indicate that the instruction has been processed. */
1028 * pvalid = t_branch;
1029 break;
1030 }
1031
1032 case 0xb5:
1033 case 0x95:// SUBW<c> <Rd>,<Rn>,#<imm12>
1034 {
1035 ARMword Rd = ntBITS (8, 11);
1036 ARMword Rn = tBITS (0, 3);
1037 ARMword imm12 = (tBIT (10) << 11) | (ntBITS (12, 14) << 8) | ntBITS (0, 7);
1038
1039 tASSERT (tBIT (4) == 0);
1040 tASSERT (ntBIT (15) == 0);
1041
1042 /* Note the ARM ARM indicates special cases for Rn == 15 (ADR)
1043 and Rn == 13 (SUB SP minus immediate), but these are implemented
1044 in exactly the same way as the normal SUBW insn. */
1045 state->Reg[Rd] = state->Reg[Rn] - imm12;
1046
1047 * pvalid = t_resolved;
1048 break;
1049 }
1050
1051 case 0xB6:
1052 case 0x96: // MOVT<c> <Rd>,#<imm16>
1053 {
1054 ARMword Rd = ntBITS (8, 11);
1055 ARMword imm = (tBITS (0, 3) << 12) | (tBIT (10) << 11) | (ntBITS (12, 14) << 8) | ntBITS (0, 7);
1056
1057 state->Reg[Rd] &= 0xFFFF;
1058 state->Reg[Rd] |= (imm << 16);
1059 * pvalid = t_resolved;
1060 break;
1061 }
1062
1063 case 0x9A: // SBFXc> <Rd>,<Rn>,#<lsb>,#<width>
1064 tASSERT (tBIT (4) == 0);
1065 tASSERT (ntBIT (15) == 0);
1066 tASSERT (ntBIT (5) == 0);
1067 * ainstr = 0xE7A00050;
1068 * ainstr |= (ntBITS (0, 4) << 16); // widthm1
1069 * ainstr |= (ntBITS (8, 11) << 12); // Rd
1070 * ainstr |= (((ntBITS (12, 14) << 2) | ntBITS (6, 7)) << 7); // lsb
1071 * ainstr |= tBITS (0, 3); // Rn
1072 * pvalid = t_decoded;
1073 break;
1074
1075 case 0x9B:
1076 {
1077 ARMword Rd = ntBITS (8, 11);
1078 ARMword Rn = tBITS (0, 3);
1079 ARMword msbit = ntBITS (0, 5);
1080 ARMword lsbit = (ntBITS (12, 14) << 2) | ntBITS (6, 7);
1081 ARMword mask = -(1 << lsbit);
1082
1083 tASSERT (tBIT (4) == 0);
1084 tASSERT (ntBIT (15) == 0);
1085 tASSERT (ntBIT (5) == 0);
1086
1087 mask &= ((1 << (msbit + 1)) - 1);
1088
1089 if (lsbit > msbit)
1090 ; // UNPREDICTABLE
1091 else if (Rn == 15)
1092 {
1093 // BFC<c> <Rd>,#<lsb>,#<width>
1094 state->Reg[Rd] &= ~ mask;
1095 }
1096 else
1097 {
1098 // BFI<c> <Rd>,<Rn>,#<lsb>,#<width>
1099 ARMword val = state->Reg[Rn] & (mask >> lsbit);
1100
1101 val <<= lsbit;
1102 state->Reg[Rd] &= ~ mask;
1103 state->Reg[Rd] |= val;
1104 }
1105
1106 * pvalid = t_resolved;
1107 break;
1108 }
1109
1110 case 0x9E: // UBFXc> <Rd>,<Rn>,#<lsb>,#<width>
1111 tASSERT (tBIT (4) == 0);
1112 tASSERT (ntBIT (15) == 0);
1113 tASSERT (ntBIT (5) == 0);
1114 * ainstr = 0xE7E00050;
1115 * ainstr |= (ntBITS (0, 4) << 16); // widthm1
1116 * ainstr |= (ntBITS (8, 11) << 12); // Rd
1117 * ainstr |= (((ntBITS (12, 14) << 2) | ntBITS (6, 7)) << 7); // lsb
1118 * ainstr |= tBITS (0, 3); // Rn
1119 * pvalid = t_decoded;
1120 break;
1121
1122 case 0xC0: // STRB
1123 case 0xC4: // LDRB
1124 {
1125 ARMword Rn = tBITS (0, 3);
1126 ARMword Rt = ntBITS (12, 15);
1127
1128 if (tBIT (4))
1129 {
1130 if (Rn == 15)
1131 {
1132 tASSERT (Rt != 15);
1133
1134 /* LDRB<c> <Rt>,<label> => 1111 1000 U001 1111 */
1135 * ainstr = 0xE55F0000;
1136 * ainstr |= (tBIT (7) << 23);
1137 * ainstr |= ntBITS (0, 11);
1138 }
1139 else if (tBIT (7))
1140 {
1141 /* LDRB<c>.W <Rt>,[<Rn>{,#<imm12>}] => 1111 1000 1001 rrrr */
1142 * ainstr = 0xE5D00000;
1143 * ainstr |= ntBITS (0, 11);
1144 }
1145 else if (ntBIT (11) == 0)
1146 {
1147 /* LDRB<c>.W <Rt>,[<Rn>,<Rm>{,LSL #<imm2>}] => 1111 1000 0001 rrrr */
1148 * ainstr = 0xE7D00000;
1149 * ainstr |= (ntBITS (4, 5) << 7);
1150 * ainstr |= ntBITS (0, 3);
1151 }
1152 else
1153 {
1154 int P = ntBIT (10);
1155 int U = ntBIT (9);
1156 int W = ntBIT (8);
1157
1158 tASSERT (! (Rt == 15 && P && !U && !W));
1159 tASSERT (! (P && U && !W));
1160
1161 /* LDRB<c> <Rt>,[<Rn>,#-<imm8>] => 1111 1000 0001 rrrr
1162 LDRB<c> <Rt>,[<Rn>],#+/-<imm8> => 1111 1000 0001 rrrr
1163 LDRB<c> <Rt>,[<Rn>,#+/-<imm8>]! => 1111 1000 0001 rrrr */
1164 * ainstr = 0xE4500000;
1165 * ainstr |= (P << 24);
1166 * ainstr |= (U << 23);
1167 * ainstr |= (W << 21);
1168 * ainstr |= ntBITS (0, 7);
1169 }
1170 }
1171 else
1172 {
1173 if (tBIT (7) == 1)
1174 {
1175 // STRB<c>.W <Rt>,[<Rn>,#<imm12>]
1176 ARMword imm12 = ntBITS (0, 11);
1177
1178 ARMul_StoreByte (state, state->Reg[Rn] + imm12, state->Reg [Rt]);
1179 * pvalid = t_branch;
1180 break;
1181 }
1182 else if (ntBIT (11))
1183 {
1184 // STRB<c> <Rt>,[<Rn>,#-<imm8>]
1185 // STRB<c> <Rt>,[<Rn>],#+/-<imm8>
1186 // STRB<c> <Rt>,[<Rn>,#+/-<imm8>]!
1187 int P = ntBIT (10);
1188 int U = ntBIT (9);
1189 int W = ntBIT (8);
1190 ARMword imm8 = ntBITS (0, 7);
1191
1192 tASSERT (! (P && U && !W));
1193 tASSERT (! (Rn == 13 && P && !U && W && imm8 == 4));
1194
1195 * ainstr = 0xE4000000;
1196 * ainstr |= (P << 24);
1197 * ainstr |= (U << 23);
1198 * ainstr |= (W << 21);
1199 * ainstr |= imm8;
1200 }
1201 else
1202 {
1203 // STRB<c>.W <Rt>,[<Rn>,<Rm>{,LSL #<imm2>}]
1204 tASSERT (ntBITS (6, 11) == 0);
1205
1206 * ainstr = 0xE7C00000;
1207 * ainstr |= (ntBITS (4, 5) << 7);
1208 * ainstr |= ntBITS (0, 3);
1209 }
1210 }
1211
1212 * ainstr |= (Rn << 16);
1213 * ainstr |= (Rt << 12);
1214 * pvalid = t_decoded;
1215 break;
1216 }
1217
1218 case 0xC2: // LDR, STR
1219 {
1220 ARMword Rn = tBITS (0, 3);
1221 ARMword Rt = ntBITS (12, 15);
1222 ARMword imm8 = ntBITS (0, 7);
1223 ARMword P = ntBIT (10);
1224 ARMword U = ntBIT (9);
1225 ARMword W = ntBIT (8);
1226
1227 tASSERT (Rn != 15);
1228
1229 if (tBIT (4))
1230 {
1231 if (Rn == 15)
1232 {
1233 // LDR<c>.W <Rt>,<label>
1234 * ainstr = 0xE51F0000;
1235 * ainstr |= ntBITS (0, 11);
1236 }
1237 else if (ntBIT (11))
1238 {
1239 tASSERT (! (P && U && ! W));
1240 tASSERT (! (!P && U && W && Rn == 13 && imm8 == 4 && ntBIT (11) == 0));
1241 tASSERT (! (P && !U && W && Rn == 13 && imm8 == 4 && ntBIT (11)));
1242
1243 // LDR<c> <Rt>,[<Rn>,#-<imm8>]
1244 // LDR<c> <Rt>,[<Rn>],#+/-<imm8>
1245 // LDR<c> <Rt>,[<Rn>,#+/-<imm8>]!
1246 if (!P && W)
1247 W = 0;
1248 * ainstr = 0xE4100000;
1249 * ainstr |= (P << 24);
1250 * ainstr |= (U << 23);
1251 * ainstr |= (W << 21);
1252 * ainstr |= imm8;
1253 }
1254 else
1255 {
1256 // LDR<c>.W <Rt>,[<Rn>,<Rm>{,LSL #<imm2>}]
1257
1258 tASSERT (ntBITS (6, 11) == 0);
1259
1260 * ainstr = 0xE7900000;
1261 * ainstr |= ntBITS (4, 5) << 7;
1262 * ainstr |= ntBITS (0, 3);
1263 }
1264 }
1265 else
1266 {
1267 if (ntBIT (11))
1268 {
1269 tASSERT (! (P && U && ! W));
1270 if (Rn == 13 && P && !U && W && imm8 == 4)
1271 {
1272 // PUSH<c>.W <register>
1273 tASSERT (ntBITS (0, 11) == 0xD04);
1274 tASSERT (tBITS (0, 4) == 0x0D);
1275
1276 * ainstr = 0xE92D0000;
1277 * ainstr |= (1 << Rt);
1278
1279 Rt = Rn = 0;
1280 }
1281 else
1282 {
1283 tASSERT (! (P && U && !W));
1284 if (!P && W)
1285 W = 0;
1286 // STR<c> <Rt>,[<Rn>,#-<imm8>]
1287 // STR<c> <Rt>,[<Rn>],#+/-<imm8>
1288 // STR<c> <Rt>,[<Rn>,#+/-<imm8>]!
1289 * ainstr = 0xE4000000;
1290 * ainstr |= (P << 24);
1291 * ainstr |= (U << 23);
1292 * ainstr |= (W << 21);
1293 * ainstr |= imm8;
1294 }
1295 }
1296 else
1297 {
1298 // STR<c>.W <Rt>,[<Rn>,<Rm>{,LSL #<imm2>}]
1299 tASSERT (ntBITS (6, 11) == 0);
1300
1301 * ainstr = 0xE7800000;
1302 * ainstr |= ntBITS (4, 5) << 7;
1303 * ainstr |= ntBITS (0, 3);
1304 }
1305 }
1306
1307 * ainstr |= (Rn << 16);
1308 * ainstr |= (Rt << 12);
1309 * pvalid = t_decoded;
1310 break;
1311 }
1312
1313 case 0xC1: // STRH
1314 case 0xC5: // LDRH
1315 {
1316 ARMword Rn = tBITS (0, 3);
1317 ARMword Rt = ntBITS (12, 15);
1318 ARMword address;
1319
1320 tASSERT (Rn != 15);
1321
1322 if (tBIT (4) == 1)
1323 {
1324 if (tBIT (7))
1325 {
1326 // LDRH<c>.W <Rt>,[<Rn>{,#<imm12>}]
1327 ARMword imm12 = ntBITS (0, 11);
1328 address = state->Reg[Rn] + imm12;
1329 }
1330 else if (ntBIT (11))
1331 {
1332 // LDRH<c> <Rt>,[<Rn>,#-<imm8>]
1333 // LDRH<c> <Rt>,[<Rn>],#+/-<imm8>
1334 // LDRH<c> <Rt>,[<Rn>,#+/-<imm8>]!
1335 ARMword P = ntBIT (10);
1336 ARMword U = ntBIT (9);
1337 ARMword W = ntBIT (8);
1338 ARMword imm8 = ntBITS (0, 7);
1339
1340 tASSERT (Rn != 15);
1341 tASSERT (! (P && U && !W));
1342
1343 * ainstr = 0xE05000B0;
1344 * ainstr |= (P << 24);
1345 * ainstr |= (U << 23);
1346 * ainstr |= (W << 21);
1347 * ainstr |= (Rn << 16);
1348 * ainstr |= (Rt << 12);
1349 * ainstr |= ((imm8 & 0xF0) << 4);
1350 * ainstr |= (imm8 & 0xF);
1351 * pvalid = t_decoded;
1352 break;
1353 }
1354 else
1355 {
1356 // LDRH<c>.W <Rt>,[<Rn>,<Rm>{,LSL #<imm2>}]
1357 ARMword Rm = ntBITS (0, 3);
1358 ARMword imm2 = ntBITS (4, 5);
1359
1360 tASSERT (ntBITS (6, 10) == 0);
1361
1362 address = state->Reg[Rn] + (state->Reg[Rm] << imm2);
1363 }
1364
1365 state->Reg[Rt] = ARMul_LoadHalfWord (state, address);
1366 }
1367 else
1368 {
1369 if (tBIT (7))
1370 {
1371 // STRH<c>.W <Rt>,[<Rn>{,#<imm12>}]
1372 ARMword imm12 = ntBITS (0, 11);
1373
1374 address = state->Reg[Rn] + imm12;
1375 }
1376 else if (ntBIT (11))
1377 {
1378 // STRH<c> <Rt>,[<Rn>,#-<imm8>]
1379 // STRH<c> <Rt>,[<Rn>],#+/-<imm8>
1380 // STRH<c> <Rt>,[<Rn>,#+/-<imm8>]!
1381 ARMword P = ntBIT (10);
1382 ARMword U = ntBIT (9);
1383 ARMword W = ntBIT (8);
1384 ARMword imm8 = ntBITS (0, 7);
1385
1386 tASSERT (! (P && U && !W));
1387
1388 * ainstr = 0xE04000B0;
1389 * ainstr |= (P << 24);
1390 * ainstr |= (U << 23);
1391 * ainstr |= (W << 21);
1392 * ainstr |= (Rn << 16);
1393 * ainstr |= (Rt << 12);
1394 * ainstr |= ((imm8 & 0xF0) << 4);
1395 * ainstr |= (imm8 & 0xF);
1396 * pvalid = t_decoded;
1397 break;
1398 }
1399 else
1400 {
1401 // STRH<c>.W <Rt>,[<Rn>,<Rm>{,LSL #<imm2>}]
1402 ARMword Rm = ntBITS (0, 3);
1403 ARMword imm2 = ntBITS (4, 5);
1404
1405 tASSERT (ntBITS (6, 10) == 0);
1406
1407 address = state->Reg[Rn] + (state->Reg[Rm] << imm2);
1408 }
1409
1410 ARMul_StoreHalfWord (state, address, state->Reg [Rt]);
1411 }
1412 * pvalid = t_branch;
1413 break;
1414 }
1415
1416 case 0xC6: // LDR.W/STR.W
1417 {
1418 ARMword Rn = tBITS (0, 3);
1419 ARMword Rt = ntBITS (12, 15);
1420 ARMword imm12 = ntBITS (0, 11);
1421 ARMword address = state->Reg[Rn];
1422
1423 if (Rn == 15)
1424 {
1425 // LDR<c>.W <Rt>,<label>
1426 tASSERT (tBIT (4) == 1);
1427 // tASSERT (tBIT (7) == 1)
1428 }
1429
1430 address += imm12;
1431 if (tBIT (4) == 1)
1432 state->Reg[Rt] = ARMul_LoadWordN (state, address);
1433 else
1434 ARMul_StoreWordN (state, address, state->Reg [Rt]);
1435
1436 * pvalid = t_resolved;
1437 break;
1438 }
1439
1440 case 0xC8:
1441 case 0xCC: // LDRSB
1442 {
1443 ARMword Rt = ntBITS (12, 15);
1444 ARMword Rn = tBITS (0, 3);
1445 ARMword U = tBIT (7);
1446 ARMword address = state->Reg[Rn];
1447
1448 tASSERT (tBIT (4) == 1);
1449 tASSERT (Rt != 15); // PLI
1450
1451 if (Rn == 15)
1452 {
1453 // LDRSB<c> <Rt>,<label>
1454 ARMword imm12 = ntBITS (0, 11);
1455 address += (U ? imm12 : - imm12);
1456 }
1457 else if (U)
1458 {
1459 // LDRSB<c> <Rt>,[<Rn>,#<imm12>]
1460 ARMword imm12 = ntBITS (0, 11);
1461 address += imm12;
1462 }
1463 else if (ntBIT (11))
1464 {
1465 // LDRSB<c> <Rt>,[<Rn>,#-<imm8>]
1466 // LDRSB<c> <Rt>,[<Rn>],#+/-<imm8>
1467 // LDRSB<c> <Rt>,[<Rn>,#+/-<imm8>]!
1468 * ainstr = 0xE05000D0;
1469 * ainstr |= ntBIT (10) << 24; // P
1470 * ainstr |= ntBIT (9) << 23; // U
1471 * ainstr |= ntBIT (8) << 21; // W
1472 * ainstr |= Rn << 16;
1473 * ainstr |= Rt << 12;
1474 * ainstr |= ntBITS (4, 7) << 8;
1475 * ainstr |= ntBITS (0, 3);
1476 * pvalid = t_decoded;
1477 break;
1478 }
1479 else
1480 {
1481 // LDRSB<c>.W <Rt>,[<Rn>,<Rm>{,LSL #<imm2>}]
1482 ARMword Rm = ntBITS (0, 3);
1483 ARMword imm2 = ntBITS (4,5);
1484
1485 tASSERT (ntBITS (6, 11) == 0);
1486
1487 address += (state->Reg[Rm] << imm2);
1488 }
1489
1490 state->Reg[Rt] = ARMul_LoadByte (state, address);
1491 if (state->Reg[Rt] & 0x80)
1492 state->Reg[Rt] |= -(1 << 8);
1493
1494 * pvalid = t_resolved;
1495 break;
1496 }
1497
1498 case 0xC9:
1499 case 0xCD:// LDRSH
1500 {
1501 ARMword Rt = ntBITS (12, 15);
1502 ARMword Rn = tBITS (0, 3);
1503 ARMword U = tBIT (7);
1504 ARMword address = state->Reg[Rn];
1505
1506 tASSERT (tBIT (4) == 1);
1507
1508 if (Rn == 15 || U == 1)
1509 {
1510 // Rn==15 => LDRSH<c> <Rt>,<label>
1511 // Rn!=15 => LDRSH<c> <Rt>,[<Rn>,#<imm12>]
1512 ARMword imm12 = ntBITS (0, 11);
1513
1514 address += (U ? imm12 : - imm12);
1515 }
1516 else if (ntBIT (11))
1517 {
1518 // LDRSH<c> <Rt>,[<Rn>,#-<imm8>]
1519 // LDRSH<c> <Rt>,[<Rn>],#+/-<imm8>
1520 // LDRSH<c> <Rt>,[<Rn>,#+/-<imm8>]!
1521 * ainstr = 0xE05000F0;
1522 * ainstr |= ntBIT (10) << 24; // P
1523 * ainstr |= ntBIT (9) << 23; // U
1524 * ainstr |= ntBIT (8) << 21; // W
1525 * ainstr |= Rn << 16;
1526 * ainstr |= Rt << 12;
1527 * ainstr |= ntBITS (4, 7) << 8;
1528 * ainstr |= ntBITS (0, 3);
1529 * pvalid = t_decoded;
1530 break;
1531 }
1532 else /* U == 0 */
1533 {
1534 // LDRSH<c>.W <Rt>,[<Rn>,<Rm>{,LSL #<imm2>}]
1535 ARMword Rm = ntBITS (0, 3);
1536 ARMword imm2 = ntBITS (4,5);
1537
1538 tASSERT (ntBITS (6, 11) == 0);
1539
1540 address += (state->Reg[Rm] << imm2);
1541 }
1542
1543 state->Reg[Rt] = ARMul_LoadHalfWord (state, address);
1544 if (state->Reg[Rt] & 0x8000)
1545 state->Reg[Rt] |= -(1 << 16);
1546
1547 * pvalid = t_branch;
1548 break;
1549 }
1550
1551 case 0x0D0:
1552 {
1553 ARMword Rm = ntBITS (0, 3);
1554 ARMword Rd = ntBITS (8, 11);
1555
1556 tASSERT (ntBITS (12, 15) == 15);
1557
1558 if (ntBIT (7) == 1)
1559 {
1560 // SXTH<c>.W <Rd>,<Rm>{,<rotation>}
1561 ARMword ror = ntBITS (4, 5) << 3;
1562 ARMword val;
1563
1564 val = state->Reg[Rm];
1565 val = (val >> ror) | (val << (32 - ror));
1566 if (val & 0x8000)
1567 val |= -(1 << 16);
1568 state->Reg[Rd] = val;
1569 }
1570 else
1571 {
1572 // LSL{S}<c>.W <Rd>,<Rn>,<Rm>
1573 ARMword Rn = tBITS (0, 3);
1574
1575 tASSERT (ntBITS (4, 6) == 0);
1576
1577 state->Reg[Rd] = state->Reg[Rn] << (state->Reg[Rm] & 0xFF);
1578 if (tBIT (4))
1579 ARMul_NegZero (state, state->Reg[Rd]);
1580 }
1581 * pvalid = t_branch;
1582 break;
1583 }
1584
1585 case 0x0D1: // LSR{S}<c>.W <Rd>,<Rn>,<Rm>
1586 {
1587 ARMword Rd = ntBITS (8, 11);
1588 ARMword Rn = tBITS (0, 3);
1589 ARMword Rm = ntBITS (0, 3);
1590
1591 tASSERT (ntBITS (12, 15) == 15);
1592 tASSERT (ntBITS (4, 7) == 0);
1593
1594 state->Reg[Rd] = state->Reg[Rn] >> (state->Reg[Rm] & 0xFF);
1595 if (tBIT (4))
1596 ARMul_NegZero (state, state->Reg[Rd]);
1597 * pvalid = t_resolved;
1598 break;
1599 }
1600
1601 case 0xD2:
1602 tASSERT (ntBITS (12, 15) == 15);
1603 if (ntBIT (7))
1604 {
1605 tASSERT (ntBIT (6) == 0);
1606 // UXTB<c>.W <Rd>,<Rm>{,<rotation>}
1607 * ainstr = 0xE6EF0070;
1608 * ainstr |= (ntBITS (4, 5) << 10); // rotate
1609 * ainstr |= ntBITS (0, 3); // Rm
1610 }
1611 else
1612 {
1613 // ASR{S}<c>.W <Rd>,<Rn>,<Rm>
1614 tASSERT (ntBITS (4, 7) == 0);
1615 * ainstr = 0xE1A00050;
1616 if (! in_IT_block ())
1617 * ainstr |= (tBIT (4) << 20);
1618 * ainstr |= (ntBITS (0, 3) << 8); // Rm
1619 * ainstr |= tBITS (0, 3); // Rn
1620 }
1621
1622 * ainstr |= (ntBITS (8, 11) << 12); // Rd
1623 * pvalid = t_decoded;
1624 break;
1625
1626 case 0xD3: // ROR{S}<c>.W <Rd>,<Rn>,<Rm>
1627 tASSERT (ntBITS (12, 15) == 15);
1628 tASSERT (ntBITS (4, 7) == 0);
1629 * ainstr = 0xE1A00070;
1630 if (! in_IT_block ())
1631 * ainstr |= (tBIT (4) << 20);
1632 * ainstr |= (ntBITS (8, 11) << 12); // Rd
1633 * ainstr |= (ntBITS (0, 3) << 8); // Rm
1634 * ainstr |= (tBITS (0, 3) << 0); // Rn
1635 * pvalid = t_decoded;
1636 break;
1637
1638 case 0xD4:
1639 {
1640 ARMword Rn = tBITS (0, 3);
1641 ARMword Rd = ntBITS (8, 11);
1642 ARMword Rm = ntBITS (0, 3);
1643
1644 tASSERT (ntBITS (12, 15) == 15);
1645
1646 if (ntBITS (4, 7) == 8)
1647 {
1648 // REV<c>.W <Rd>,<Rm>
1649 ARMword val = state->Reg[Rm];
1650
1651 tASSERT (Rm == Rn);
1652
1653 state->Reg [Rd] =
1654 (val >> 24)
1655 | ((val >> 8) & 0xFF00)
1656 | ((val << 8) & 0xFF0000)
1657 | (val << 24);
1658 * pvalid = t_resolved;
1659 }
1660 else
1661 {
1662 tASSERT (ntBITS (4, 7) == 4);
1663
1664 if (tBIT (4) == 1)
1665 // UADD8<c> <Rd>,<Rn>,<Rm>
1666 * ainstr = 0xE6500F10;
1667 else
1668 // UADD16<c> <Rd>,<Rn>,<Rm>
1669 * ainstr = 0xE6500F90;
1670
1671 * ainstr |= (Rn << 16);
1672 * ainstr |= (Rd << 12);
1673 * ainstr |= (Rm << 0);
1674 * pvalid = t_decoded;
1675 }
1676 break;
1677 }
1678
1679 case 0xD5:
1680 {
1681 ARMword Rn = tBITS (0, 3);
1682 ARMword Rd = ntBITS (8, 11);
1683 ARMword Rm = ntBITS (0, 3);
1684
1685 tASSERT (ntBITS (12, 15) == 15);
1686 tASSERT (ntBITS (4, 7) == 8);
1687
1688 if (tBIT (4))
1689 {
1690 // CLZ<c> <Rd>,<Rm>
1691 tASSERT (Rm == Rn);
1692 * ainstr = 0xE16F0F10;
1693 }
1694 else
1695 {
1696 // SEL<c> <Rd>,<Rn>,<Rm>
1697 * ainstr = 0xE6800FB0;
1698 * ainstr |= (Rn << 16);
1699 }
1700
1701 * ainstr |= (Rd << 12);
1702 * ainstr |= (Rm << 0);
1703 * pvalid = t_decoded;
1704 break;
1705 }
1706
1707 case 0xD8: // MUL
1708 {
1709 ARMword Rn = tBITS (0, 3);
1710 ARMword Rm = ntBITS (0, 3);
1711 ARMword Rd = ntBITS (8, 11);
1712 ARMword Ra = ntBITS (12, 15);
1713
1714 if (tBIT (4))
1715 {
1716 // SMLA<x><y><c> <Rd>,<Rn>,<Rm>,<Ra>
1717 ARMword nval = state->Reg[Rn];
1718 ARMword mval = state->Reg[Rm];
1719 ARMword res;
1720
1721 tASSERT (ntBITS (6, 7) == 0);
1722 tASSERT (Ra != 15);
1723
1724 if (ntBIT (5))
1725 nval >>= 16;
1726 else
1727 nval &= 0xFFFF;
1728
1729 if (ntBIT (4))
1730 mval >>= 16;
1731 else
1732 mval &= 0xFFFF;
1733
1734 res = nval * mval;
1735 res += state->Reg[Ra];
1736 // FIXME: Test and clear/set the Q bit.
1737 state->Reg[Rd] = res;
1738 }
1739 else
1740 {
1741 if (ntBITS (4, 7) == 1)
1742 {
1743 // MLS<c> <Rd>,<Rn>,<Rm>,<Ra>
1744 state->Reg[Rd] = state->Reg[Ra] - (state->Reg[Rn] * state->Reg[Rm]);
1745 }
1746 else
1747 {
1748 tASSERT (ntBITS (4, 7) == 0);
1749
1750 if (Ra == 15)
1751 // MUL<c> <Rd>,<Rn>,<Rm>
1752 state->Reg[Rd] = state->Reg[Rn] * state->Reg[Rm];
1753 else
1754 // MLA<c> <Rd>,<Rn>,<Rm>,<Ra>
1755 state->Reg[Rd] = state->Reg[Rn] * state->Reg[Rm] + state->Reg[Ra];
1756 }
1757 }
1758 * pvalid = t_resolved;
1759 break;
1760 }
1761
1762 case 0xDC: // SMULL
1763 tASSERT (tBIT (4) == 0);
1764 tASSERT (ntBITS (4, 7) == 0);
1765 * ainstr = 0xE0C00090;
1766 * ainstr |= (ntBITS (8, 11) << 16); // RdHi
1767 * ainstr |= (ntBITS (12, 15) << 12); // RdLo
1768 * ainstr |= (ntBITS (0, 3) << 8); // Rm
1769 * ainstr |= tBITS (0, 3); // Rn
1770 * pvalid = t_decoded;
1771 break;
1772
1773 case 0xDD: // UMULL
1774 tASSERT (tBIT (4) == 0);
1775 tASSERT (ntBITS (4, 7) == 0);
1776 * ainstr = 0xE0800090;
1777 * ainstr |= (ntBITS (8, 11) << 16); // RdHi
1778 * ainstr |= (ntBITS (12, 15) << 12); // RdLo
1779 * ainstr |= (ntBITS (0, 3) << 8); // Rm
1780 * ainstr |= tBITS (0, 3); // Rn
1781 * pvalid = t_decoded;
1782 break;
1783
1784 case 0xDF: // UMLAL
1785 tASSERT (tBIT (4) == 0);
1786 tASSERT (ntBITS (4, 7) == 0);
1787 * ainstr = 0xE0A00090;
1788 * ainstr |= (ntBITS (8, 11) << 16); // RdHi
1789 * ainstr |= (ntBITS (12, 15) << 12); // RdLo
1790 * ainstr |= (ntBITS (0, 3) << 8); // Rm
1791 * ainstr |= tBITS (0, 3); // Rn
1792 * pvalid = t_decoded;
1793 break;
1794
1795 default:
1796 fprintf (stderr, "(op = %x) ", tBITS (5,12));
1797 tASSERT (0);
1798 return;
1799 }
1800
1801 /* Tell the Thumb decoder to skip the next 16-bit insn - it was
1802 part of this insn - unless this insn has changed the PC. */
1803 skipping_32bit_thumb = pc + 2;
1804 }
1805
1806 /* Attempt to emulate an ARMv6 instruction.
1807 Stores t_branch into PVALUE upon success or t_undefined otherwise. */
1808
1809 static void
1810 handle_v6_thumb_insn (ARMul_State * state,
1811 ARMword tinstr,
1812 ARMword next_instr,
1813 ARMword pc,
1814 ARMword * ainstr,
1815 tdstate * pvalid)
1816 {
1817 if (! state->is_v6)
1818 {
1819 * pvalid = t_undefined;
1820 return;
1821 }
1822
1823 if (tBITS (12, 15) == 0xB
1824 && tBIT (10) == 0
1825 && tBIT (8) == 1)
1826 {
1827 // Conditional branch forwards.
1828 ARMword Rn = tBITS (0, 2);
1829 ARMword imm5 = tBIT (9) << 5 | tBITS (3, 7);
1830
1831 if (tBIT (11))
1832 {
1833 if (state->Reg[Rn] != 0)
1834 {
1835 state->Reg[15] = (pc + 4 + imm5 * 2);
1836 FLUSHPIPE;
1837 }
1838 }
1839 else
1840 {
1841 if (state->Reg[Rn] == 0)
1842 {
1843 state->Reg[15] = (pc + 4 + imm5 * 2);
1844 FLUSHPIPE;
1845 }
1846 }
1847 * pvalid = t_branch;
1848 return;
1849 }
1850
1851 switch (tinstr & 0xFFC0)
1852 {
1853 case 0x4400:
1854 case 0x4480:
1855 case 0x4440:
1856 case 0x44C0: // ADD
1857 {
1858 ARMword Rd = (tBIT (7) << 3) | tBITS (0, 2);
1859 ARMword Rm = tBITS (3, 6);
1860 state->Reg[Rd] += state->Reg[Rm];
1861 break;
1862 }
1863
1864 case 0x4600: // MOV<c> <Rd>,<Rm>
1865 {
1866 // instr [15, 8] = 0100 0110
1867 // instr [7] = Rd<high>
1868 // instr [6,3] = Rm
1869 // instr [2,0] = Rd<low>
1870 ARMword Rd = (tBIT(7) << 3) | tBITS (0, 2);
1871 // FIXME: Check for Rd == 15 and ITblock.
1872 state->Reg[Rd] = state->Reg[tBITS (3, 6)];
1873 break;
1874 }
1875
1876 case 0xBF00:
1877 case 0xBF40:
1878 case 0xBF80:
1879 case 0xBFC0:
1880 handle_IT_block (state, tinstr, pvalid);
1881 return;
1882
1883 case 0xE840:
1884 case 0xE880: // LDMIA
1885 case 0xE8C0:
1886 case 0xE900: // STM
1887 case 0xE940:
1888 case 0xE980:
1889 case 0xE9C0: // LDRD
1890 case 0xEA00: // BIC
1891 case 0xEA40: // ORR
1892 case 0xEA80: // EOR
1893 case 0xEAC0:
1894 case 0xEB00: // ADD
1895 case 0xEB40: // SBC
1896 case 0xEB80: // SUB
1897 case 0xEBC0: // RSB
1898 case 0xFA80: // UADD, SEL
1899 handle_T2_insn (state, tinstr, next_instr, pc, ainstr, pvalid);
1900 return;
1901
1902 case 0xba00: /* rev */
1903 {
1904 ARMword val = state->Reg[tBITS (3, 5)];
1905 state->Reg [tBITS (0, 2)] =
1906 (val >> 24)
1907 | ((val >> 8) & 0xFF00)
1908 | ((val << 8) & 0xFF0000)
1909 | (val << 24);
1910 break;
1911 }
1912
1913 case 0xba40: /* rev16 */
1914 {
1915 ARMword val = state->Reg[tBITS (3, 5)];
1916 state->Reg [tBITS (0, 2)] = (val >> 16) | (val << 16);
1917 break;
1918 }
1919
1920 case 0xb660: /* cpsie */
1921 case 0xb670: /* cpsid */
1922 case 0xbac0: /* revsh */
1923 case 0xb650: /* setend */
1924 default:
1925 printf ("Unhandled v6 thumb insn: %04x\n", tinstr);
1926 * pvalid = t_undefined;
1927 return;
1928
1929 case 0xb200: /* sxth */
1930 {
1931 ARMword Rm = state->Reg [(tinstr & 0x38) >> 3];
1932
1933 if (Rm & 0x8000)
1934 state->Reg [(tinstr & 0x7)] = (Rm & 0xffff) | 0xffff0000;
1935 else
1936 state->Reg [(tinstr & 0x7)] = Rm & 0xffff;
1937 break;
1938 }
1939
1940 case 0xb240: /* sxtb */
1941 {
1942 ARMword Rm = state->Reg [(tinstr & 0x38) >> 3];
1943
1944 if (Rm & 0x80)
1945 state->Reg [(tinstr & 0x7)] = (Rm & 0xff) | 0xffffff00;
1946 else
1947 state->Reg [(tinstr & 0x7)] = Rm & 0xff;
1948 break;
1949 }
1950
1951 case 0xb280: /* uxth */
1952 {
1953 ARMword Rm = state->Reg [(tinstr & 0x38) >> 3];
1954
1955 state->Reg [(tinstr & 0x7)] = Rm & 0xffff;
1956 break;
1957 }
1958
1959 case 0xb2c0: /* uxtb */
1960 {
1961 ARMword Rm = state->Reg [(tinstr & 0x38) >> 3];
1962
1963 state->Reg [(tinstr & 0x7)] = Rm & 0xff;
1964 break;
1965 }
1966 }
1967 /* Indicate that the instruction has been processed. */
1968 * pvalid = t_branch;
1969 }
1970
1971 /* Decode a 16bit Thumb instruction. The instruction is in the low
1972 16-bits of the tinstr field, with the following Thumb instruction
1973 held in the high 16-bits. Passing in two Thumb instructions allows
1974 easier simulation of the special dual BL instruction. */
1975
1976 tdstate
1977 ARMul_ThumbDecode (ARMul_State * state,
1978 ARMword pc,
1979 ARMword tinstr,
1980 ARMword * ainstr)
1981 {
1982 tdstate valid = t_decoded; /* default assumes a valid instruction */
1983 ARMword next_instr;
1984 ARMword old_tinstr = tinstr;
1985
1986 if (skipping_32bit_thumb == pc)
1987 {
1988 skipping_32bit_thumb = 0;
1989 return t_branch;
1990 }
1991 skipping_32bit_thumb = 0;
1992
1993 if (state->bigendSig)
1994 {
1995 next_instr = tinstr & 0xFFFF;
1996 tinstr >>= 16;
1997 }
1998 else
1999 {
2000 next_instr = tinstr >> 16;
2001 tinstr &= 0xFFFF;
2002 }
2003
2004 if (! IT_block_allow (state))
2005 {
2006 if ( tBITS (11, 15) == 0x1F
2007 || tBITS (11, 15) == 0x1E
2008 || tBITS (11, 15) == 0x1D)
2009 {
2010 if (trace)
2011 fprintf (stderr, "pc: %x, SKIP instr: %04x|%04x\n",
2012 pc & ~1, tinstr, next_instr);
2013 skipping_32bit_thumb = pc + 2;
2014 }
2015 else if (trace)
2016 fprintf (stderr, "pc: %x, SKIP instr: %04x\n", pc & ~1, tinstr);
2017
2018 return t_branch;
2019 }
2020
2021 old_tinstr = tinstr;
2022 if (trace)
2023 fprintf (stderr, "pc: %x, Thumb instr: %x", pc & ~1, tinstr);
2024
2025 #if 1 /* debugging to catch non updates */
2026 *ainstr = 0xDEADC0DE;
2027 #endif
2028
2029 switch ((tinstr & 0xF800) >> 11)
2030 {
2031 case 0: /* LSL */
2032 case 1: /* LSR */
2033 case 2: /* ASR */
2034 /* Format 1 */
2035 *ainstr = 0xE1B00000 /* base opcode */
2036 | ((tinstr & 0x1800) >> (11 - 5)) /* shift type */
2037 | ((tinstr & 0x07C0) << (7 - 6)) /* imm5 */
2038 | ((tinstr & 0x0038) >> 3) /* Rs */
2039 | ((tinstr & 0x0007) << 12); /* Rd */
2040 break;
2041 case 3: /* ADD/SUB */
2042 /* Format 2 */
2043 {
2044 ARMword subset[4] =
2045 {
2046 0xE0900000, /* ADDS Rd,Rs,Rn */
2047 0xE0500000, /* SUBS Rd,Rs,Rn */
2048 0xE2900000, /* ADDS Rd,Rs,#imm3 */
2049 0xE2500000 /* SUBS Rd,Rs,#imm3 */
2050 };
2051 /* It is quicker indexing into a table, than performing switch
2052 or conditionals: */
2053 *ainstr = subset[(tinstr & 0x0600) >> 9] /* base opcode */
2054 | ((tinstr & 0x01C0) >> 6) /* Rn or imm3 */
2055 | ((tinstr & 0x0038) << (16 - 3)) /* Rs */
2056 | ((tinstr & 0x0007) << (12 - 0)); /* Rd */
2057
2058 if (in_IT_block ())
2059 *ainstr &= ~ (1 << 20);
2060 }
2061 break;
2062 case 4:
2063 * ainstr = 0xE3A00000; /* MOV Rd,#imm8 */
2064 if (! in_IT_block ())
2065 * ainstr |= (1 << 20);
2066 * ainstr |= tBITS (8, 10) << 12;
2067 * ainstr |= tBITS (0, 7);
2068 break;
2069
2070 case 5:
2071 * ainstr = 0xE3500000; /* CMP Rd,#imm8 */
2072 * ainstr |= tBITS (8, 10) << 16;
2073 * ainstr |= tBITS (0, 7);
2074 break;
2075
2076 case 6:
2077 case 7:
2078 * ainstr = tBIT (11)
2079 ? 0xE2400000 /* SUB Rd,Rd,#imm8 */
2080 : 0xE2800000; /* ADD Rd,Rd,#imm8 */
2081 if (! in_IT_block ())
2082 * ainstr |= (1 << 20);
2083 * ainstr |= tBITS (8, 10) << 12;
2084 * ainstr |= tBITS (8, 10) << 16;
2085 * ainstr |= tBITS (0, 7);
2086 break;
2087
2088 case 8: /* Arithmetic and high register transfers */
2089 /* TODO: Since the subsets for both Format 4 and Format 5
2090 instructions are made up of different ARM encodings, we could
2091 save the following conditional, and just have one large
2092 subset. */
2093 if ((tinstr & (1 << 10)) == 0)
2094 {
2095 /* Format 4 */
2096 struct
2097 {
2098 ARMword opcode;
2099 enum
2100 { t_norm, t_shift, t_neg, t_mul }
2101 otype;
2102 }
2103 subset[16] =
2104 {
2105 { 0xE0100000, t_norm}, /* ANDS Rd,Rd,Rs */
2106 { 0xE0300000, t_norm}, /* EORS Rd,Rd,Rs */
2107 { 0xE1B00010, t_shift}, /* MOVS Rd,Rd,LSL Rs */
2108 { 0xE1B00030, t_shift}, /* MOVS Rd,Rd,LSR Rs */
2109 { 0xE1B00050, t_shift}, /* MOVS Rd,Rd,ASR Rs */
2110 { 0xE0B00000, t_norm}, /* ADCS Rd,Rd,Rs */
2111 { 0xE0D00000, t_norm}, /* SBCS Rd,Rd,Rs */
2112 { 0xE1B00070, t_shift}, /* MOVS Rd,Rd,ROR Rs */
2113 { 0xE1100000, t_norm}, /* TST Rd,Rs */
2114 { 0xE2700000, t_neg}, /* RSBS Rd,Rs,#0 */
2115 { 0xE1500000, t_norm}, /* CMP Rd,Rs */
2116 { 0xE1700000, t_norm}, /* CMN Rd,Rs */
2117 { 0xE1900000, t_norm}, /* ORRS Rd,Rd,Rs */
2118 { 0xE0100090, t_mul} , /* MULS Rd,Rd,Rs */
2119 { 0xE1D00000, t_norm}, /* BICS Rd,Rd,Rs */
2120 { 0xE1F00000, t_norm} /* MVNS Rd,Rs */
2121 };
2122 *ainstr = subset[(tinstr & 0x03C0) >> 6].opcode; /* base */
2123
2124 if (in_IT_block ())
2125 {
2126 struct
2127 {
2128 ARMword opcode;
2129 enum
2130 { t_norm, t_shift, t_neg, t_mul }
2131 otype;
2132 }
2133 subset[16] =
2134 {
2135 { 0xE0000000, t_norm}, /* AND Rd,Rd,Rs */
2136 { 0xE0200000, t_norm}, /* EOR Rd,Rd,Rs */
2137 { 0xE1A00010, t_shift}, /* MOV Rd,Rd,LSL Rs */
2138 { 0xE1A00030, t_shift}, /* MOV Rd,Rd,LSR Rs */
2139 { 0xE1A00050, t_shift}, /* MOV Rd,Rd,ASR Rs */
2140 { 0xE0A00000, t_norm}, /* ADC Rd,Rd,Rs */
2141 { 0xE0C00000, t_norm}, /* SBC Rd,Rd,Rs */
2142 { 0xE1A00070, t_shift}, /* MOV Rd,Rd,ROR Rs */
2143 { 0xE1100000, t_norm}, /* TST Rd,Rs */
2144 { 0xE2600000, t_neg}, /* RSB Rd,Rs,#0 */
2145 { 0xE1500000, t_norm}, /* CMP Rd,Rs */
2146 { 0xE1700000, t_norm}, /* CMN Rd,Rs */
2147 { 0xE1800000, t_norm}, /* ORR Rd,Rd,Rs */
2148 { 0xE0000090, t_mul} , /* MUL Rd,Rd,Rs */
2149 { 0xE1C00000, t_norm}, /* BIC Rd,Rd,Rs */
2150 { 0xE1E00000, t_norm} /* MVN Rd,Rs */
2151 };
2152 *ainstr = subset[(tinstr & 0x03C0) >> 6].opcode; /* base */
2153 }
2154
2155 switch (subset[(tinstr & 0x03C0) >> 6].otype)
2156 {
2157 case t_norm:
2158 *ainstr |= ((tinstr & 0x0007) << 16) /* Rn */
2159 | ((tinstr & 0x0007) << 12) /* Rd */
2160 | ((tinstr & 0x0038) >> 3); /* Rs */
2161 break;
2162 case t_shift:
2163 *ainstr |= ((tinstr & 0x0007) << 12) /* Rd */
2164 | ((tinstr & 0x0007) >> 0) /* Rm */
2165 | ((tinstr & 0x0038) << (8 - 3)); /* Rs */
2166 break;
2167 case t_neg:
2168 *ainstr |= ((tinstr & 0x0007) << 12) /* Rd */
2169 | ((tinstr & 0x0038) << (16 - 3)); /* Rn */
2170 break;
2171 case t_mul:
2172 *ainstr |= ((tinstr & 0x0007) << 16) /* Rd */
2173 | ((tinstr & 0x0007) << 8) /* Rs */
2174 | ((tinstr & 0x0038) >> 3); /* Rm */
2175 break;
2176 }
2177 }
2178 else
2179 {
2180 /* Format 5 */
2181 ARMword Rd = ((tinstr & 0x0007) >> 0);
2182 ARMword Rs = ((tinstr & 0x0038) >> 3);
2183 if (tinstr & (1 << 7))
2184 Rd += 8;
2185 if (tinstr & (1 << 6))
2186 Rs += 8;
2187 switch ((tinstr & 0x03C0) >> 6)
2188 {
2189 case 0x1: /* ADD Rd,Rd,Hs */
2190 case 0x2: /* ADD Hd,Hd,Rs */
2191 case 0x3: /* ADD Hd,Hd,Hs */
2192 *ainstr = 0xE0800000 /* base */
2193 | (Rd << 16) /* Rn */
2194 | (Rd << 12) /* Rd */
2195 | (Rs << 0); /* Rm */
2196 break;
2197 case 0x5: /* CMP Rd,Hs */
2198 case 0x6: /* CMP Hd,Rs */
2199 case 0x7: /* CMP Hd,Hs */
2200 *ainstr = 0xE1500000 /* base */
2201 | (Rd << 16) /* Rn */
2202 | (Rd << 12) /* Rd */
2203 | (Rs << 0); /* Rm */
2204 break;
2205 case 0x9: /* MOV Rd,Hs */
2206 case 0xA: /* MOV Hd,Rs */
2207 case 0xB: /* MOV Hd,Hs */
2208 *ainstr = 0xE1A00000 /* base */
2209 | (Rd << 12) /* Rd */
2210 | (Rs << 0); /* Rm */
2211 break;
2212 case 0xC: /* BX Rs */
2213 case 0xD: /* BX Hs */
2214 *ainstr = 0xE12FFF10 /* base */
2215 | ((tinstr & 0x0078) >> 3); /* Rd */
2216 break;
2217 case 0xE: /* UNDEFINED */
2218 case 0xF: /* UNDEFINED */
2219 if (state->is_v5)
2220 {
2221 /* BLX Rs; BLX Hs */
2222 *ainstr = 0xE12FFF30 /* base */
2223 | ((tinstr & 0x0078) >> 3); /* Rd */
2224 break;
2225 }
2226 /* Drop through. */
2227 default:
2228 case 0x0: /* UNDEFINED */
2229 case 0x4: /* UNDEFINED */
2230 case 0x8: /* UNDEFINED */
2231 handle_v6_thumb_insn (state, tinstr, next_instr, pc, ainstr, & valid);
2232 break;
2233 }
2234 }
2235 break;
2236 case 9: /* LDR Rd,[PC,#imm8] */
2237 /* Format 6 */
2238 *ainstr = 0xE59F0000 /* base */
2239 | ((tinstr & 0x0700) << (12 - 8)) /* Rd */
2240 | ((tinstr & 0x00FF) << (2 - 0)); /* off8 */
2241 break;
2242 case 10:
2243 case 11:
2244 /* TODO: Format 7 and Format 8 perform the same ARM encoding, so
2245 the following could be merged into a single subset, saving on
2246 the following boolean: */
2247 if ((tinstr & (1 << 9)) == 0)
2248 {
2249 /* Format 7 */
2250 ARMword subset[4] = {
2251 0xE7800000, /* STR Rd,[Rb,Ro] */
2252 0xE7C00000, /* STRB Rd,[Rb,Ro] */
2253 0xE7900000, /* LDR Rd,[Rb,Ro] */
2254 0xE7D00000 /* LDRB Rd,[Rb,Ro] */
2255 };
2256 *ainstr = subset[(tinstr & 0x0C00) >> 10] /* base */
2257 | ((tinstr & 0x0007) << (12 - 0)) /* Rd */
2258 | ((tinstr & 0x0038) << (16 - 3)) /* Rb */
2259 | ((tinstr & 0x01C0) >> 6); /* Ro */
2260 }
2261 else
2262 {
2263 /* Format 8 */
2264 ARMword subset[4] = {
2265 0xE18000B0, /* STRH Rd,[Rb,Ro] */
2266 0xE19000D0, /* LDRSB Rd,[Rb,Ro] */
2267 0xE19000B0, /* LDRH Rd,[Rb,Ro] */
2268 0xE19000F0 /* LDRSH Rd,[Rb,Ro] */
2269 };
2270 *ainstr = subset[(tinstr & 0x0C00) >> 10] /* base */
2271 | ((tinstr & 0x0007) << (12 - 0)) /* Rd */
2272 | ((tinstr & 0x0038) << (16 - 3)) /* Rb */
2273 | ((tinstr & 0x01C0) >> 6); /* Ro */
2274 }
2275 break;
2276 case 12: /* STR Rd,[Rb,#imm5] */
2277 case 13: /* LDR Rd,[Rb,#imm5] */
2278 case 14: /* STRB Rd,[Rb,#imm5] */
2279 case 15: /* LDRB Rd,[Rb,#imm5] */
2280 /* Format 9 */
2281 {
2282 ARMword subset[4] = {
2283 0xE5800000, /* STR Rd,[Rb,#imm5] */
2284 0xE5900000, /* LDR Rd,[Rb,#imm5] */
2285 0xE5C00000, /* STRB Rd,[Rb,#imm5] */
2286 0xE5D00000 /* LDRB Rd,[Rb,#imm5] */
2287 };
2288 /* The offset range defends on whether we are transferring a
2289 byte or word value: */
2290 *ainstr = subset[(tinstr & 0x1800) >> 11] /* base */
2291 | ((tinstr & 0x0007) << (12 - 0)) /* Rd */
2292 | ((tinstr & 0x0038) << (16 - 3)) /* Rb */
2293 | ((tinstr & 0x07C0) >> (6 - ((tinstr & (1 << 12)) ? 0 : 2))); /* off5 */
2294 }
2295 break;
2296 case 16: /* STRH Rd,[Rb,#imm5] */
2297 case 17: /* LDRH Rd,[Rb,#imm5] */
2298 /* Format 10 */
2299 *ainstr = ((tinstr & (1 << 11)) /* base */
2300 ? 0xE1D000B0 /* LDRH */
2301 : 0xE1C000B0) /* STRH */
2302 | ((tinstr & 0x0007) << (12 - 0)) /* Rd */
2303 | ((tinstr & 0x0038) << (16 - 3)) /* Rb */
2304 | ((tinstr & 0x01C0) >> (6 - 1)) /* off5, low nibble */
2305 | ((tinstr & 0x0600) >> (9 - 8)); /* off5, high nibble */
2306 break;
2307 case 18: /* STR Rd,[SP,#imm8] */
2308 case 19: /* LDR Rd,[SP,#imm8] */
2309 /* Format 11 */
2310 *ainstr = ((tinstr & (1 << 11)) /* base */
2311 ? 0xE59D0000 /* LDR */
2312 : 0xE58D0000) /* STR */
2313 | ((tinstr & 0x0700) << (12 - 8)) /* Rd */
2314 | ((tinstr & 0x00FF) << 2); /* off8 */
2315 break;
2316 case 20: /* ADD Rd,PC,#imm8 */
2317 case 21: /* ADD Rd,SP,#imm8 */
2318 /* Format 12 */
2319 if ((tinstr & (1 << 11)) == 0)
2320 {
2321 /* NOTE: The PC value used here should by word aligned */
2322 /* We encode shift-left-by-2 in the rotate immediate field,
2323 so no shift of off8 is needed. */
2324 *ainstr = 0xE28F0F00 /* base */
2325 | ((tinstr & 0x0700) << (12 - 8)) /* Rd */
2326 | (tinstr & 0x00FF); /* off8 */
2327 }
2328 else
2329 {
2330 /* We encode shift-left-by-2 in the rotate immediate field,
2331 so no shift of off8 is needed. */
2332 *ainstr = 0xE28D0F00 /* base */
2333 | ((tinstr & 0x0700) << (12 - 8)) /* Rd */
2334 | (tinstr & 0x00FF); /* off8 */
2335 }
2336 break;
2337 case 22:
2338 case 23:
2339 switch (tinstr & 0x0F00)
2340 {
2341 case 0x0000:
2342 /* Format 13 */
2343 /* NOTE: The instruction contains a shift left of 2
2344 equivalent (implemented as ROR #30): */
2345 *ainstr = ((tinstr & (1 << 7)) /* base */
2346 ? 0xE24DDF00 /* SUB */
2347 : 0xE28DDF00) /* ADD */
2348 | (tinstr & 0x007F); /* off7 */
2349 break;
2350 case 0x0400:
2351 /* Format 14 - Push */
2352 * ainstr = 0xE92D0000 | (tinstr & 0x00FF);
2353 break;
2354 case 0x0500:
2355 /* Format 14 - Push + LR */
2356 * ainstr = 0xE92D4000 | (tinstr & 0x00FF);
2357 break;
2358 case 0x0c00:
2359 /* Format 14 - Pop */
2360 * ainstr = 0xE8BD0000 | (tinstr & 0x00FF);
2361 break;
2362 case 0x0d00:
2363 /* Format 14 - Pop + PC */
2364 * ainstr = 0xE8BD8000 | (tinstr & 0x00FF);
2365 break;
2366 case 0x0e00:
2367 if (state->is_v5)
2368 {
2369 /* This is normally an undefined instruction. The v5t architecture
2370 defines this particular pattern as a BKPT instruction, for
2371 hardware assisted debugging. We map onto the arm BKPT
2372 instruction. */
2373 if (state->is_v6)
2374 // Map to the SVC instruction instead of the BKPT instruction.
2375 * ainstr = 0xEF000000 | tBITS (0, 7);
2376 else
2377 * ainstr = 0xE1200070 | ((tinstr & 0xf0) << 4) | (tinstr & 0xf);
2378 break;
2379 }
2380 /* Drop through. */
2381 default:
2382 /* Everything else is an undefined instruction. */
2383 handle_v6_thumb_insn (state, tinstr, next_instr, pc, ainstr, & valid);
2384 break;
2385 }
2386 break;
2387 case 24: /* STMIA */
2388 case 25: /* LDMIA */
2389 /* Format 15 */
2390 *ainstr = ((tinstr & (1 << 11)) /* base */
2391 ? 0xE8B00000 /* LDMIA */
2392 : 0xE8A00000) /* STMIA */
2393 | ((tinstr & 0x0700) << (16 - 8)) /* Rb */
2394 | (tinstr & 0x00FF); /* mask8 */
2395 break;
2396 case 26: /* Bcc */
2397 case 27: /* Bcc/SWI */
2398 if ((tinstr & 0x0F00) == 0x0F00)
2399 {
2400 /* Format 17 : SWI */
2401 *ainstr = 0xEF000000;
2402 /* Breakpoint must be handled specially. */
2403 if ((tinstr & 0x00FF) == 0x18)
2404 *ainstr |= ((tinstr & 0x00FF) << 16);
2405 /* New breakpoint value. See gdb/arm-tdep.c */
2406 else if ((tinstr & 0x00FF) == 0xFE)
2407 *ainstr |= SWI_Breakpoint;
2408 else
2409 *ainstr |= (tinstr & 0x00FF);
2410 }
2411 else if ((tinstr & 0x0F00) != 0x0E00)
2412 {
2413 /* Format 16 */
2414 int doit = FALSE;
2415 /* TODO: Since we are doing a switch here, we could just add
2416 the SWI and undefined instruction checks into this
2417 switch to same on a couple of conditionals: */
2418 switch ((tinstr & 0x0F00) >> 8)
2419 {
2420 case EQ:
2421 doit = ZFLAG;
2422 break;
2423 case NE:
2424 doit = !ZFLAG;
2425 break;
2426 case VS:
2427 doit = VFLAG;
2428 break;
2429 case VC:
2430 doit = !VFLAG;
2431 break;
2432 case MI:
2433 doit = NFLAG;
2434 break;
2435 case PL:
2436 doit = !NFLAG;
2437 break;
2438 case CS:
2439 doit = CFLAG;
2440 break;
2441 case CC:
2442 doit = !CFLAG;
2443 break;
2444 case HI:
2445 doit = (CFLAG && !ZFLAG);
2446 break;
2447 case LS:
2448 doit = (!CFLAG || ZFLAG);
2449 break;
2450 case GE:
2451 doit = ((!NFLAG && !VFLAG) || (NFLAG && VFLAG));
2452 break;
2453 case LT:
2454 doit = ((NFLAG && !VFLAG) || (!NFLAG && VFLAG));
2455 break;
2456 case GT:
2457 doit = ((!NFLAG && !VFLAG && !ZFLAG)
2458 || (NFLAG && VFLAG && !ZFLAG));
2459 break;
2460 case LE:
2461 doit = ((NFLAG && !VFLAG) || (!NFLAG && VFLAG)) || ZFLAG;
2462 break;
2463 }
2464 if (doit)
2465 {
2466 state->Reg[15] = (pc + 4
2467 + (((tinstr & 0x7F) << 1)
2468 | ((tinstr & (1 << 7)) ? 0xFFFFFF00 : 0)));
2469 FLUSHPIPE;
2470 }
2471 valid = t_branch;
2472 }
2473 else
2474 /* UNDEFINED : cc=1110(AL) uses different format. */
2475 handle_v6_thumb_insn (state, tinstr, next_instr, pc, ainstr, & valid);
2476 break;
2477 case 28: /* B */
2478 /* Format 18 */
2479 state->Reg[15] = (pc + 4
2480 + (((tinstr & 0x3FF) << 1)
2481 | ((tinstr & (1 << 10)) ? 0xFFFFF800 : 0)));
2482 FLUSHPIPE;
2483 valid = t_branch;
2484 break;
2485 case 29: /* UNDEFINED */
2486 if (state->is_v6)
2487 {
2488 handle_v6_thumb_insn (state, tinstr, next_instr, pc, ainstr, & valid);
2489 break;
2490 }
2491
2492 if (state->is_v5)
2493 {
2494 if (tinstr & 1)
2495 {
2496 handle_v6_thumb_insn (state, tinstr, next_instr, pc, ainstr, & valid);
2497 break;
2498 }
2499 /* Drop through. */
2500
2501 /* Format 19 */
2502 /* There is no single ARM instruction equivalent for this
2503 instruction. Also, it should only ever be matched with the
2504 fmt19 "BL/BLX instruction 1" instruction. However, we do
2505 allow the simulation of it on its own, with undefined results
2506 if r14 is not suitably initialised. */
2507 {
2508 ARMword tmp = (pc + 2);
2509
2510 state->Reg[15] = ((state->Reg[14] + ((tinstr & 0x07FF) << 1))
2511 & 0xFFFFFFFC);
2512 CLEART;
2513 state->Reg[14] = (tmp | 1);
2514 valid = t_branch;
2515 FLUSHPIPE;
2516 if (trace_funcs)
2517 fprintf (stderr, " pc changed to %x\n", state->Reg[15]);
2518 break;
2519 }
2520 }
2521
2522 handle_v6_thumb_insn (state, tinstr, next_instr, pc, ainstr, & valid);
2523 break;
2524
2525 case 30: /* BL instruction 1 */
2526 if (state->is_v6)
2527 {
2528 handle_T2_insn (state, tinstr, next_instr, pc, ainstr, & valid);
2529 break;
2530 }
2531
2532 /* Format 19 */
2533 /* There is no single ARM instruction equivalent for this Thumb
2534 instruction. To keep the simulation simple (from the user
2535 perspective) we check if the following instruction is the
2536 second half of this BL, and if it is we simulate it
2537 immediately. */
2538 state->Reg[14] = state->Reg[15] \
2539 + (((tinstr & 0x07FF) << 12) \
2540 | ((tinstr & (1 << 10)) ? 0xFF800000 : 0));
2541
2542 valid = t_branch; /* in-case we don't have the 2nd half */
2543 tinstr = next_instr; /* move the instruction down */
2544 pc += 2; /* point the pc at the 2nd half */
2545 if (((tinstr & 0xF800) >> 11) != 31)
2546 {
2547 if (((tinstr & 0xF800) >> 11) == 29)
2548 {
2549 ARMword tmp = (pc + 2);
2550
2551 state->Reg[15] = ((state->Reg[14]
2552 + ((tinstr & 0x07FE) << 1))
2553 & 0xFFFFFFFC);
2554 CLEART;
2555 state->Reg[14] = (tmp | 1);
2556 valid = t_branch;
2557 FLUSHPIPE;
2558 }
2559 else
2560 /* Exit, since not correct instruction. */
2561 pc -= 2;
2562 break;
2563 }
2564 /* else we fall through to process the second half of the BL */
2565 pc += 2; /* point the pc at the 2nd half */
2566 case 31: /* BL instruction 2 */
2567 if (state->is_v6)
2568 {
2569 handle_T2_insn (state, old_tinstr, next_instr, pc, ainstr, & valid);
2570 break;
2571 }
2572
2573 /* Format 19 */
2574 /* There is no single ARM instruction equivalent for this
2575 instruction. Also, it should only ever be matched with the
2576 fmt19 "BL instruction 1" instruction. However, we do allow
2577 the simulation of it on its own, with undefined results if
2578 r14 is not suitably initialised. */
2579 {
2580 ARMword tmp = pc;
2581
2582 state->Reg[15] = (state->Reg[14] + ((tinstr & 0x07FF) << 1));
2583 state->Reg[14] = (tmp | 1);
2584 valid = t_branch;
2585 FLUSHPIPE;
2586 }
2587 break;
2588 }
2589
2590 if (trace && valid != t_decoded)
2591 fprintf (stderr, "\n");
2592
2593 return valid;
2594 }
A mirror of the official binutils-gdb repository