1 /* 2 * QEMU AVR CPU 3 * 4 * Copyright (c) 2019-2020 Michael Rolnik 5 * 6 * This library is free software; you can redistribute it and/or 7 * modify it under the terms of the GNU Lesser General Public 8 * License as published by the Free Software Foundation; either 9 * version 2.1 of the License, or (at your option) any later version. 10 * 11 * This library is distributed in the hope that it will be useful, 12 * but WITHOUT ANY WARRANTY; without even the implied warranty of 13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 14 * Lesser General Public License for more details. 15 * 16 * You should have received a copy of the GNU Lesser General Public 17 * License along with this library; if not, see 18 * <http://www.gnu.org/licenses/lgpl-2.1.html> 19 */ 20 21 #include "qemu/osdep.h" 22 #include "qemu/qemu-print.h" 23 #include "tcg/tcg.h" 24 #include "cpu.h" 25 #include "exec/exec-all.h" 26 #include "exec/translation-block.h" 27 #include "tcg/tcg-op.h" 28 #include "exec/helper-proto.h" 29 #include "exec/helper-gen.h" 30 #include "exec/log.h" 31 #include "exec/translator.h" 32 #include "exec/target_page.h" 33 34 #define HELPER_H "helper.h" 35 #include "exec/helper-info.c.inc" 36 #undef HELPER_H 37 38 39 /* 40 * Define if you want a BREAK instruction translated to a breakpoint 41 * Active debugging connection is assumed 42 * This is for 43 * https://github.com/seharris/qemu-avr-tests/tree/master/instruction-tests 44 * tests 45 */ 46 #undef BREAKPOINT_ON_BREAK 47 48 static TCGv cpu_pc; 49 50 static TCGv cpu_Cf; 51 static TCGv cpu_Zf; 52 static TCGv cpu_Nf; 53 static TCGv cpu_Vf; 54 static TCGv cpu_Sf; 55 static TCGv cpu_Hf; 56 static TCGv cpu_Tf; 57 static TCGv cpu_If; 58 59 static TCGv cpu_rampD; 60 static TCGv cpu_rampX; 61 static TCGv cpu_rampY; 62 static TCGv cpu_rampZ; 63 64 static TCGv cpu_r[NUMBER_OF_CPU_REGISTERS]; 65 static TCGv cpu_eind; 66 static TCGv cpu_sp; 67 68 static TCGv cpu_skip; 69 70 static const char reg_names[NUMBER_OF_CPU_REGISTERS][8] = { 71 "r0", "r1", "r2", "r3", "r4", "r5", "r6", "r7", 72 "r8", "r9", "r10", "r11", "r12", "r13", "r14", "r15", 73 "r16", "r17", "r18", "r19", "r20", "r21", "r22", "r23", 74 "r24", "r25", "r26", "r27", "r28", "r29", "r30", "r31", 75 }; 76 #define REG(x) (cpu_r[x]) 77 78 #define DISAS_EXIT DISAS_TARGET_0 /* We want return to the cpu main loop. */ 79 #define DISAS_LOOKUP DISAS_TARGET_1 /* We have a variable condition exit. */ 80 #define DISAS_CHAIN DISAS_TARGET_2 /* We have a single condition exit. */ 81 82 typedef struct DisasContext DisasContext; 83 84 /* This is the state at translation time. */ 85 struct DisasContext { 86 DisasContextBase base; 87 88 CPUAVRState *env; 89 CPUState *cs; 90 91 target_long npc; 92 uint32_t opcode; 93 94 /* Routine used to access memory */ 95 int memidx; 96 97 /* 98 * some AVR instructions can make the following instruction to be skipped 99 * Let's name those instructions 100 * A - instruction that can skip the next one 101 * B - instruction that can be skipped. this depends on execution of A 102 * there are two scenarios 103 * 1. A and B belong to the same translation block 104 * 2. A is the last instruction in the translation block and B is the last 105 * 106 * following variables are used to simplify the skipping logic, they are 107 * used in the following manner (sketch) 108 * 109 * TCGLabel *skip_label = NULL; 110 * if (ctx->skip_cond != TCG_COND_NEVER) { 111 * skip_label = gen_new_label(); 112 * tcg_gen_brcond_tl(skip_cond, skip_var0, skip_var1, skip_label); 113 * } 114 * 115 * translate(ctx); 116 * 117 * if (skip_label) { 118 * gen_set_label(skip_label); 119 * } 120 */ 121 TCGv skip_var0; 122 TCGv skip_var1; 123 TCGCond skip_cond; 124 }; 125 126 void avr_cpu_tcg_init(void) 127 { 128 int i; 129 130 #define AVR_REG_OFFS(x) offsetof(CPUAVRState, x) 131 cpu_pc = tcg_global_mem_new_i32(tcg_env, AVR_REG_OFFS(pc_w), "pc"); 132 cpu_Cf = tcg_global_mem_new_i32(tcg_env, AVR_REG_OFFS(sregC), "Cf"); 133 cpu_Zf = tcg_global_mem_new_i32(tcg_env, AVR_REG_OFFS(sregZ), "Zf"); 134 cpu_Nf = tcg_global_mem_new_i32(tcg_env, AVR_REG_OFFS(sregN), "Nf"); 135 cpu_Vf = tcg_global_mem_new_i32(tcg_env, AVR_REG_OFFS(sregV), "Vf"); 136 cpu_Sf = tcg_global_mem_new_i32(tcg_env, AVR_REG_OFFS(sregS), "Sf"); 137 cpu_Hf = tcg_global_mem_new_i32(tcg_env, AVR_REG_OFFS(sregH), "Hf"); 138 cpu_Tf = tcg_global_mem_new_i32(tcg_env, AVR_REG_OFFS(sregT), "Tf"); 139 cpu_If = tcg_global_mem_new_i32(tcg_env, AVR_REG_OFFS(sregI), "If"); 140 cpu_rampD = tcg_global_mem_new_i32(tcg_env, AVR_REG_OFFS(rampD), "rampD"); 141 cpu_rampX = tcg_global_mem_new_i32(tcg_env, AVR_REG_OFFS(rampX), "rampX"); 142 cpu_rampY = tcg_global_mem_new_i32(tcg_env, AVR_REG_OFFS(rampY), "rampY"); 143 cpu_rampZ = tcg_global_mem_new_i32(tcg_env, AVR_REG_OFFS(rampZ), "rampZ"); 144 cpu_eind = tcg_global_mem_new_i32(tcg_env, AVR_REG_OFFS(eind), "eind"); 145 cpu_sp = tcg_global_mem_new_i32(tcg_env, AVR_REG_OFFS(sp), "sp"); 146 cpu_skip = tcg_global_mem_new_i32(tcg_env, AVR_REG_OFFS(skip), "skip"); 147 148 for (i = 0; i < NUMBER_OF_CPU_REGISTERS; i++) { 149 cpu_r[i] = tcg_global_mem_new_i32(tcg_env, AVR_REG_OFFS(r[i]), 150 reg_names[i]); 151 } 152 #undef AVR_REG_OFFS 153 } 154 155 static int to_regs_16_31_by_one(DisasContext *ctx, int indx) 156 { 157 return 16 + (indx % 16); 158 } 159 160 static int to_regs_16_23_by_one(DisasContext *ctx, int indx) 161 { 162 return 16 + (indx % 8); 163 } 164 165 static int to_regs_24_30_by_two(DisasContext *ctx, int indx) 166 { 167 return 24 + (indx % 4) * 2; 168 } 169 170 static int to_regs_00_30_by_two(DisasContext *ctx, int indx) 171 { 172 return (indx % 16) * 2; 173 } 174 175 static uint16_t next_word(DisasContext *ctx) 176 { 177 return translator_lduw(ctx->env, &ctx->base, ctx->npc++ * 2); 178 } 179 180 static int append_16(DisasContext *ctx, int x) 181 { 182 return x << 16 | next_word(ctx); 183 } 184 185 static bool avr_have_feature(DisasContext *ctx, int feature) 186 { 187 if (!avr_feature(ctx->env, feature)) { 188 gen_helper_unsupported(tcg_env); 189 ctx->base.is_jmp = DISAS_NORETURN; 190 return false; 191 } 192 return true; 193 } 194 195 static bool decode_insn(DisasContext *ctx, uint16_t insn); 196 #include "decode-insn.c.inc" 197 198 static void gen_inb(DisasContext *ctx, TCGv data, int port); 199 static void gen_outb(DisasContext *ctx, TCGv data, int port); 200 201 /* 202 * Arithmetic Instructions 203 */ 204 205 /* 206 * Utility functions for updating status registers: 207 * 208 * - gen_add_CHf() 209 * - gen_add_Vf() 210 * - gen_sub_CHf() 211 * - gen_sub_Vf() 212 * - gen_NSf() 213 * - gen_ZNSf() 214 * 215 */ 216 217 static void gen_add_CHf(TCGv R, TCGv Rd, TCGv Rr) 218 { 219 TCGv t1 = tcg_temp_new_i32(); 220 TCGv t2 = tcg_temp_new_i32(); 221 TCGv t3 = tcg_temp_new_i32(); 222 223 tcg_gen_and_tl(t1, Rd, Rr); /* t1 = Rd & Rr */ 224 tcg_gen_andc_tl(t2, Rd, R); /* t2 = Rd & ~R */ 225 tcg_gen_andc_tl(t3, Rr, R); /* t3 = Rr & ~R */ 226 tcg_gen_or_tl(t1, t1, t2); /* t1 = t1 | t2 | t3 */ 227 tcg_gen_or_tl(t1, t1, t3); 228 229 tcg_gen_shri_tl(cpu_Cf, t1, 7); /* Cf = t1(7) */ 230 tcg_gen_shri_tl(cpu_Hf, t1, 3); /* Hf = t1(3) */ 231 tcg_gen_andi_tl(cpu_Hf, cpu_Hf, 1); 232 } 233 234 static void gen_add_Vf(TCGv R, TCGv Rd, TCGv Rr) 235 { 236 TCGv t1 = tcg_temp_new_i32(); 237 TCGv t2 = tcg_temp_new_i32(); 238 239 /* t1 = Rd & Rr & ~R | ~Rd & ~Rr & R */ 240 /* = (Rd ^ R) & ~(Rd ^ Rr) */ 241 tcg_gen_xor_tl(t1, Rd, R); 242 tcg_gen_xor_tl(t2, Rd, Rr); 243 tcg_gen_andc_tl(t1, t1, t2); 244 245 tcg_gen_shri_tl(cpu_Vf, t1, 7); /* Vf = t1(7) */ 246 } 247 248 static void gen_sub_CHf(TCGv R, TCGv Rd, TCGv Rr) 249 { 250 TCGv t1 = tcg_temp_new_i32(); 251 TCGv t2 = tcg_temp_new_i32(); 252 TCGv t3 = tcg_temp_new_i32(); 253 254 tcg_gen_not_tl(t1, Rd); /* t1 = ~Rd */ 255 tcg_gen_and_tl(t2, t1, Rr); /* t2 = ~Rd & Rr */ 256 tcg_gen_or_tl(t3, t1, Rr); /* t3 = (~Rd | Rr) & R */ 257 tcg_gen_and_tl(t3, t3, R); 258 tcg_gen_or_tl(t2, t2, t3); /* t2 = ~Rd & Rr | ~Rd & R | R & Rr */ 259 260 tcg_gen_shri_tl(cpu_Cf, t2, 7); /* Cf = t2(7) */ 261 tcg_gen_shri_tl(cpu_Hf, t2, 3); /* Hf = t2(3) */ 262 tcg_gen_andi_tl(cpu_Hf, cpu_Hf, 1); 263 } 264 265 static void gen_sub_Vf(TCGv R, TCGv Rd, TCGv Rr) 266 { 267 TCGv t1 = tcg_temp_new_i32(); 268 TCGv t2 = tcg_temp_new_i32(); 269 270 /* t1 = Rd & ~Rr & ~R | ~Rd & Rr & R */ 271 /* = (Rd ^ R) & (Rd ^ R) */ 272 tcg_gen_xor_tl(t1, Rd, R); 273 tcg_gen_xor_tl(t2, Rd, Rr); 274 tcg_gen_and_tl(t1, t1, t2); 275 276 tcg_gen_shri_tl(cpu_Vf, t1, 7); /* Vf = t1(7) */ 277 } 278 279 static void gen_NSf(TCGv R) 280 { 281 tcg_gen_shri_tl(cpu_Nf, R, 7); /* Nf = R(7) */ 282 tcg_gen_xor_tl(cpu_Sf, cpu_Nf, cpu_Vf); /* Sf = Nf ^ Vf */ 283 } 284 285 static void gen_ZNSf(TCGv R) 286 { 287 tcg_gen_setcondi_tl(TCG_COND_EQ, cpu_Zf, R, 0); /* Zf = R == 0 */ 288 289 /* update status register */ 290 tcg_gen_shri_tl(cpu_Nf, R, 7); /* Nf = R(7) */ 291 tcg_gen_xor_tl(cpu_Sf, cpu_Nf, cpu_Vf); /* Sf = Nf ^ Vf */ 292 } 293 294 /* 295 * Adds two registers without the C Flag and places the result in the 296 * destination register Rd. 297 */ 298 static bool trans_ADD(DisasContext *ctx, arg_ADD *a) 299 { 300 TCGv Rd = cpu_r[a->rd]; 301 TCGv Rr = cpu_r[a->rr]; 302 TCGv R = tcg_temp_new_i32(); 303 304 tcg_gen_add_tl(R, Rd, Rr); /* Rd = Rd + Rr */ 305 tcg_gen_andi_tl(R, R, 0xff); /* make it 8 bits */ 306 307 /* update status register */ 308 gen_add_CHf(R, Rd, Rr); 309 gen_add_Vf(R, Rd, Rr); 310 gen_ZNSf(R); 311 312 /* update output registers */ 313 tcg_gen_mov_tl(Rd, R); 314 return true; 315 } 316 317 /* 318 * Adds two registers and the contents of the C Flag and places the result in 319 * the destination register Rd. 320 */ 321 static bool trans_ADC(DisasContext *ctx, arg_ADC *a) 322 { 323 TCGv Rd = cpu_r[a->rd]; 324 TCGv Rr = cpu_r[a->rr]; 325 TCGv R = tcg_temp_new_i32(); 326 327 tcg_gen_add_tl(R, Rd, Rr); /* R = Rd + Rr + Cf */ 328 tcg_gen_add_tl(R, R, cpu_Cf); 329 tcg_gen_andi_tl(R, R, 0xff); /* make it 8 bits */ 330 331 /* update status register */ 332 gen_add_CHf(R, Rd, Rr); 333 gen_add_Vf(R, Rd, Rr); 334 gen_ZNSf(R); 335 336 /* update output registers */ 337 tcg_gen_mov_tl(Rd, R); 338 return true; 339 } 340 341 /* 342 * Adds an immediate value (0 - 63) to a register pair and places the result 343 * in the register pair. This instruction operates on the upper four register 344 * pairs, and is well suited for operations on the pointer registers. This 345 * instruction is not available in all devices. Refer to the device specific 346 * instruction set summary. 347 */ 348 static bool trans_ADIW(DisasContext *ctx, arg_ADIW *a) 349 { 350 if (!avr_have_feature(ctx, AVR_FEATURE_ADIW_SBIW)) { 351 return true; 352 } 353 354 TCGv RdL = cpu_r[a->rd]; 355 TCGv RdH = cpu_r[a->rd + 1]; 356 int Imm = (a->imm); 357 TCGv R = tcg_temp_new_i32(); 358 TCGv Rd = tcg_temp_new_i32(); 359 360 tcg_gen_deposit_tl(Rd, RdL, RdH, 8, 8); /* Rd = RdH:RdL */ 361 tcg_gen_addi_tl(R, Rd, Imm); /* R = Rd + Imm */ 362 tcg_gen_andi_tl(R, R, 0xffff); /* make it 16 bits */ 363 364 /* update status register */ 365 tcg_gen_andc_tl(cpu_Cf, Rd, R); /* Cf = Rd & ~R */ 366 tcg_gen_shri_tl(cpu_Cf, cpu_Cf, 15); 367 tcg_gen_andc_tl(cpu_Vf, R, Rd); /* Vf = R & ~Rd */ 368 tcg_gen_shri_tl(cpu_Vf, cpu_Vf, 15); 369 tcg_gen_setcondi_tl(TCG_COND_EQ, cpu_Zf, R, 0); /* Zf = R == 0 */ 370 tcg_gen_shri_tl(cpu_Nf, R, 15); /* Nf = R(15) */ 371 tcg_gen_xor_tl(cpu_Sf, cpu_Nf, cpu_Vf);/* Sf = Nf ^ Vf */ 372 373 /* update output registers */ 374 tcg_gen_andi_tl(RdL, R, 0xff); 375 tcg_gen_shri_tl(RdH, R, 8); 376 return true; 377 } 378 379 /* 380 * Subtracts two registers and places the result in the destination 381 * register Rd. 382 */ 383 static bool trans_SUB(DisasContext *ctx, arg_SUB *a) 384 { 385 TCGv Rd = cpu_r[a->rd]; 386 TCGv Rr = cpu_r[a->rr]; 387 TCGv R = tcg_temp_new_i32(); 388 389 tcg_gen_sub_tl(R, Rd, Rr); /* R = Rd - Rr */ 390 tcg_gen_andi_tl(R, R, 0xff); /* make it 8 bits */ 391 392 /* update status register */ 393 tcg_gen_andc_tl(cpu_Cf, Rd, R); /* Cf = Rd & ~R */ 394 gen_sub_CHf(R, Rd, Rr); 395 gen_sub_Vf(R, Rd, Rr); 396 gen_ZNSf(R); 397 398 /* update output registers */ 399 tcg_gen_mov_tl(Rd, R); 400 return true; 401 } 402 403 /* 404 * Subtracts a register and a constant and places the result in the 405 * destination register Rd. This instruction is working on Register R16 to R31 406 * and is very well suited for operations on the X, Y, and Z-pointers. 407 */ 408 static bool trans_SUBI(DisasContext *ctx, arg_SUBI *a) 409 { 410 TCGv Rd = cpu_r[a->rd]; 411 TCGv Rr = tcg_constant_i32(a->imm); 412 TCGv R = tcg_temp_new_i32(); 413 414 tcg_gen_sub_tl(R, Rd, Rr); /* R = Rd - Imm */ 415 tcg_gen_andi_tl(R, R, 0xff); /* make it 8 bits */ 416 417 /* update status register */ 418 gen_sub_CHf(R, Rd, Rr); 419 gen_sub_Vf(R, Rd, Rr); 420 gen_ZNSf(R); 421 422 /* update output registers */ 423 tcg_gen_mov_tl(Rd, R); 424 return true; 425 } 426 427 /* 428 * Subtracts two registers and subtracts with the C Flag and places the 429 * result in the destination register Rd. 430 */ 431 static bool trans_SBC(DisasContext *ctx, arg_SBC *a) 432 { 433 TCGv Rd = cpu_r[a->rd]; 434 TCGv Rr = cpu_r[a->rr]; 435 TCGv R = tcg_temp_new_i32(); 436 TCGv zero = tcg_constant_i32(0); 437 438 tcg_gen_sub_tl(R, Rd, Rr); /* R = Rd - Rr - Cf */ 439 tcg_gen_sub_tl(R, R, cpu_Cf); 440 tcg_gen_andi_tl(R, R, 0xff); /* make it 8 bits */ 441 442 /* update status register */ 443 gen_sub_CHf(R, Rd, Rr); 444 gen_sub_Vf(R, Rd, Rr); 445 gen_NSf(R); 446 447 /* 448 * Previous value remains unchanged when the result is zero; 449 * cleared otherwise. 450 */ 451 tcg_gen_movcond_tl(TCG_COND_EQ, cpu_Zf, R, zero, cpu_Zf, zero); 452 453 /* update output registers */ 454 tcg_gen_mov_tl(Rd, R); 455 return true; 456 } 457 458 /* 459 * SBCI -- Subtract Immediate with Carry 460 */ 461 static bool trans_SBCI(DisasContext *ctx, arg_SBCI *a) 462 { 463 TCGv Rd = cpu_r[a->rd]; 464 TCGv Rr = tcg_constant_i32(a->imm); 465 TCGv R = tcg_temp_new_i32(); 466 TCGv zero = tcg_constant_i32(0); 467 468 tcg_gen_sub_tl(R, Rd, Rr); /* R = Rd - Rr - Cf */ 469 tcg_gen_sub_tl(R, R, cpu_Cf); 470 tcg_gen_andi_tl(R, R, 0xff); /* make it 8 bits */ 471 472 /* update status register */ 473 gen_sub_CHf(R, Rd, Rr); 474 gen_sub_Vf(R, Rd, Rr); 475 gen_NSf(R); 476 477 /* 478 * Previous value remains unchanged when the result is zero; 479 * cleared otherwise. 480 */ 481 tcg_gen_movcond_tl(TCG_COND_EQ, cpu_Zf, R, zero, cpu_Zf, zero); 482 483 /* update output registers */ 484 tcg_gen_mov_tl(Rd, R); 485 return true; 486 } 487 488 /* 489 * Subtracts an immediate value (0-63) from a register pair and places the 490 * result in the register pair. This instruction operates on the upper four 491 * register pairs, and is well suited for operations on the Pointer Registers. 492 * This instruction is not available in all devices. Refer to the device 493 * specific instruction set summary. 494 */ 495 static bool trans_SBIW(DisasContext *ctx, arg_SBIW *a) 496 { 497 if (!avr_have_feature(ctx, AVR_FEATURE_ADIW_SBIW)) { 498 return true; 499 } 500 501 TCGv RdL = cpu_r[a->rd]; 502 TCGv RdH = cpu_r[a->rd + 1]; 503 int Imm = (a->imm); 504 TCGv R = tcg_temp_new_i32(); 505 TCGv Rd = tcg_temp_new_i32(); 506 507 tcg_gen_deposit_tl(Rd, RdL, RdH, 8, 8); /* Rd = RdH:RdL */ 508 tcg_gen_subi_tl(R, Rd, Imm); /* R = Rd - Imm */ 509 tcg_gen_andi_tl(R, R, 0xffff); /* make it 16 bits */ 510 511 /* update status register */ 512 tcg_gen_andc_tl(cpu_Cf, R, Rd); 513 tcg_gen_shri_tl(cpu_Cf, cpu_Cf, 15); /* Cf = R & ~Rd */ 514 tcg_gen_andc_tl(cpu_Vf, Rd, R); 515 tcg_gen_shri_tl(cpu_Vf, cpu_Vf, 15); /* Vf = Rd & ~R */ 516 tcg_gen_setcondi_tl(TCG_COND_EQ, cpu_Zf, R, 0); /* Zf = R == 0 */ 517 tcg_gen_shri_tl(cpu_Nf, R, 15); /* Nf = R(15) */ 518 tcg_gen_xor_tl(cpu_Sf, cpu_Nf, cpu_Vf); /* Sf = Nf ^ Vf */ 519 520 /* update output registers */ 521 tcg_gen_andi_tl(RdL, R, 0xff); 522 tcg_gen_shri_tl(RdH, R, 8); 523 return true; 524 } 525 526 /* 527 * Performs the logical AND between the contents of register Rd and register 528 * Rr and places the result in the destination register Rd. 529 */ 530 static bool trans_AND(DisasContext *ctx, arg_AND *a) 531 { 532 TCGv Rd = cpu_r[a->rd]; 533 TCGv Rr = cpu_r[a->rr]; 534 TCGv R = tcg_temp_new_i32(); 535 536 tcg_gen_and_tl(R, Rd, Rr); /* Rd = Rd and Rr */ 537 538 /* update status register */ 539 tcg_gen_movi_tl(cpu_Vf, 0); /* Vf = 0 */ 540 tcg_gen_setcondi_tl(TCG_COND_EQ, cpu_Zf, R, 0); /* Zf = R == 0 */ 541 gen_ZNSf(R); 542 543 /* update output registers */ 544 tcg_gen_mov_tl(Rd, R); 545 return true; 546 } 547 548 /* 549 * Performs the logical AND between the contents of register Rd and a constant 550 * and places the result in the destination register Rd. 551 */ 552 static bool trans_ANDI(DisasContext *ctx, arg_ANDI *a) 553 { 554 TCGv Rd = cpu_r[a->rd]; 555 int Imm = (a->imm); 556 557 tcg_gen_andi_tl(Rd, Rd, Imm); /* Rd = Rd & Imm */ 558 559 /* update status register */ 560 tcg_gen_movi_tl(cpu_Vf, 0x00); /* Vf = 0 */ 561 gen_ZNSf(Rd); 562 563 return true; 564 } 565 566 /* 567 * Performs the logical OR between the contents of register Rd and register 568 * Rr and places the result in the destination register Rd. 569 */ 570 static bool trans_OR(DisasContext *ctx, arg_OR *a) 571 { 572 TCGv Rd = cpu_r[a->rd]; 573 TCGv Rr = cpu_r[a->rr]; 574 TCGv R = tcg_temp_new_i32(); 575 576 tcg_gen_or_tl(R, Rd, Rr); 577 578 /* update status register */ 579 tcg_gen_movi_tl(cpu_Vf, 0); 580 gen_ZNSf(R); 581 582 /* update output registers */ 583 tcg_gen_mov_tl(Rd, R); 584 return true; 585 } 586 587 /* 588 * Performs the logical OR between the contents of register Rd and a 589 * constant and places the result in the destination register Rd. 590 */ 591 static bool trans_ORI(DisasContext *ctx, arg_ORI *a) 592 { 593 TCGv Rd = cpu_r[a->rd]; 594 int Imm = (a->imm); 595 596 tcg_gen_ori_tl(Rd, Rd, Imm); /* Rd = Rd | Imm */ 597 598 /* update status register */ 599 tcg_gen_movi_tl(cpu_Vf, 0x00); /* Vf = 0 */ 600 gen_ZNSf(Rd); 601 602 return true; 603 } 604 605 /* 606 * Performs the logical EOR between the contents of register Rd and 607 * register Rr and places the result in the destination register Rd. 608 */ 609 static bool trans_EOR(DisasContext *ctx, arg_EOR *a) 610 { 611 TCGv Rd = cpu_r[a->rd]; 612 TCGv Rr = cpu_r[a->rr]; 613 614 tcg_gen_xor_tl(Rd, Rd, Rr); 615 616 /* update status register */ 617 tcg_gen_movi_tl(cpu_Vf, 0); 618 gen_ZNSf(Rd); 619 620 return true; 621 } 622 623 /* 624 * Clears the specified bits in register Rd. Performs the logical AND 625 * between the contents of register Rd and the complement of the constant mask 626 * K. The result will be placed in register Rd. 627 */ 628 static bool trans_COM(DisasContext *ctx, arg_COM *a) 629 { 630 TCGv Rd = cpu_r[a->rd]; 631 632 tcg_gen_xori_tl(Rd, Rd, 0xff); 633 634 /* update status register */ 635 tcg_gen_movi_tl(cpu_Cf, 1); /* Cf = 1 */ 636 tcg_gen_movi_tl(cpu_Vf, 0); /* Vf = 0 */ 637 gen_ZNSf(Rd); 638 return true; 639 } 640 641 /* 642 * Replaces the contents of register Rd with its two's complement; the 643 * value $80 is left unchanged. 644 */ 645 static bool trans_NEG(DisasContext *ctx, arg_NEG *a) 646 { 647 TCGv Rd = cpu_r[a->rd]; 648 TCGv t0 = tcg_constant_i32(0); 649 TCGv R = tcg_temp_new_i32(); 650 651 tcg_gen_sub_tl(R, t0, Rd); /* R = 0 - Rd */ 652 tcg_gen_andi_tl(R, R, 0xff); /* make it 8 bits */ 653 654 /* update status register */ 655 gen_sub_CHf(R, t0, Rd); 656 gen_sub_Vf(R, t0, Rd); 657 gen_ZNSf(R); 658 659 /* update output registers */ 660 tcg_gen_mov_tl(Rd, R); 661 return true; 662 } 663 664 /* 665 * Adds one -1- to the contents of register Rd and places the result in the 666 * destination register Rd. The C Flag in SREG is not affected by the 667 * operation, thus allowing the INC instruction to be used on a loop counter in 668 * multiple-precision computations. When operating on unsigned numbers, only 669 * BREQ and BRNE branches can be expected to perform consistently. When 670 * operating on two's complement values, all signed branches are available. 671 */ 672 static bool trans_INC(DisasContext *ctx, arg_INC *a) 673 { 674 TCGv Rd = cpu_r[a->rd]; 675 676 tcg_gen_addi_tl(Rd, Rd, 1); 677 tcg_gen_andi_tl(Rd, Rd, 0xff); 678 679 /* update status register */ 680 tcg_gen_setcondi_tl(TCG_COND_EQ, cpu_Vf, Rd, 0x80); /* Vf = Rd == 0x80 */ 681 gen_ZNSf(Rd); 682 683 return true; 684 } 685 686 /* 687 * Subtracts one -1- from the contents of register Rd and places the result 688 * in the destination register Rd. The C Flag in SREG is not affected by the 689 * operation, thus allowing the DEC instruction to be used on a loop counter in 690 * multiple-precision computations. When operating on unsigned values, only 691 * BREQ and BRNE branches can be expected to perform consistently. When 692 * operating on two's complement values, all signed branches are available. 693 */ 694 static bool trans_DEC(DisasContext *ctx, arg_DEC *a) 695 { 696 TCGv Rd = cpu_r[a->rd]; 697 698 tcg_gen_subi_tl(Rd, Rd, 1); /* Rd = Rd - 1 */ 699 tcg_gen_andi_tl(Rd, Rd, 0xff); /* make it 8 bits */ 700 701 /* update status register */ 702 tcg_gen_setcondi_tl(TCG_COND_EQ, cpu_Vf, Rd, 0x7f); /* Vf = Rd == 0x7f */ 703 gen_ZNSf(Rd); 704 705 return true; 706 } 707 708 /* 709 * This instruction performs 8-bit x 8-bit -> 16-bit unsigned multiplication. 710 */ 711 static bool trans_MUL(DisasContext *ctx, arg_MUL *a) 712 { 713 if (!avr_have_feature(ctx, AVR_FEATURE_MUL)) { 714 return true; 715 } 716 717 TCGv R0 = cpu_r[0]; 718 TCGv R1 = cpu_r[1]; 719 TCGv Rd = cpu_r[a->rd]; 720 TCGv Rr = cpu_r[a->rr]; 721 TCGv R = tcg_temp_new_i32(); 722 723 tcg_gen_mul_tl(R, Rd, Rr); /* R = Rd * Rr */ 724 tcg_gen_andi_tl(R0, R, 0xff); 725 tcg_gen_shri_tl(R1, R, 8); 726 727 /* update status register */ 728 tcg_gen_shri_tl(cpu_Cf, R, 15); /* Cf = R(15) */ 729 tcg_gen_setcondi_tl(TCG_COND_EQ, cpu_Zf, R, 0); /* Zf = R == 0 */ 730 return true; 731 } 732 733 /* 734 * This instruction performs 8-bit x 8-bit -> 16-bit signed multiplication. 735 */ 736 static bool trans_MULS(DisasContext *ctx, arg_MULS *a) 737 { 738 if (!avr_have_feature(ctx, AVR_FEATURE_MUL)) { 739 return true; 740 } 741 742 TCGv R0 = cpu_r[0]; 743 TCGv R1 = cpu_r[1]; 744 TCGv Rd = cpu_r[a->rd]; 745 TCGv Rr = cpu_r[a->rr]; 746 TCGv R = tcg_temp_new_i32(); 747 TCGv t0 = tcg_temp_new_i32(); 748 TCGv t1 = tcg_temp_new_i32(); 749 750 tcg_gen_ext8s_tl(t0, Rd); /* make Rd full 32 bit signed */ 751 tcg_gen_ext8s_tl(t1, Rr); /* make Rr full 32 bit signed */ 752 tcg_gen_mul_tl(R, t0, t1); /* R = Rd * Rr */ 753 tcg_gen_andi_tl(R, R, 0xffff); /* make it 16 bits */ 754 tcg_gen_andi_tl(R0, R, 0xff); 755 tcg_gen_shri_tl(R1, R, 8); 756 757 /* update status register */ 758 tcg_gen_shri_tl(cpu_Cf, R, 15); /* Cf = R(15) */ 759 tcg_gen_setcondi_tl(TCG_COND_EQ, cpu_Zf, R, 0); /* Zf = R == 0 */ 760 return true; 761 } 762 763 /* 764 * This instruction performs 8-bit x 8-bit -> 16-bit multiplication of a 765 * signed and an unsigned number. 766 */ 767 static bool trans_MULSU(DisasContext *ctx, arg_MULSU *a) 768 { 769 if (!avr_have_feature(ctx, AVR_FEATURE_MUL)) { 770 return true; 771 } 772 773 TCGv R0 = cpu_r[0]; 774 TCGv R1 = cpu_r[1]; 775 TCGv Rd = cpu_r[a->rd]; 776 TCGv Rr = cpu_r[a->rr]; 777 TCGv R = tcg_temp_new_i32(); 778 TCGv t0 = tcg_temp_new_i32(); 779 780 tcg_gen_ext8s_tl(t0, Rd); /* make Rd full 32 bit signed */ 781 tcg_gen_mul_tl(R, t0, Rr); /* R = Rd * Rr */ 782 tcg_gen_andi_tl(R, R, 0xffff); /* make R 16 bits */ 783 tcg_gen_andi_tl(R0, R, 0xff); 784 tcg_gen_shri_tl(R1, R, 8); 785 786 /* update status register */ 787 tcg_gen_shri_tl(cpu_Cf, R, 15); /* Cf = R(15) */ 788 tcg_gen_setcondi_tl(TCG_COND_EQ, cpu_Zf, R, 0); /* Zf = R == 0 */ 789 return true; 790 } 791 792 /* 793 * This instruction performs 8-bit x 8-bit -> 16-bit unsigned 794 * multiplication and shifts the result one bit left. 795 */ 796 static bool trans_FMUL(DisasContext *ctx, arg_FMUL *a) 797 { 798 if (!avr_have_feature(ctx, AVR_FEATURE_MUL)) { 799 return true; 800 } 801 802 TCGv R0 = cpu_r[0]; 803 TCGv R1 = cpu_r[1]; 804 TCGv Rd = cpu_r[a->rd]; 805 TCGv Rr = cpu_r[a->rr]; 806 TCGv R = tcg_temp_new_i32(); 807 808 tcg_gen_mul_tl(R, Rd, Rr); /* R = Rd * Rr */ 809 810 /* update status register */ 811 tcg_gen_shri_tl(cpu_Cf, R, 15); /* Cf = R(15) */ 812 tcg_gen_setcondi_tl(TCG_COND_EQ, cpu_Zf, R, 0); /* Zf = R == 0 */ 813 814 /* update output registers */ 815 tcg_gen_shli_tl(R, R, 1); 816 tcg_gen_andi_tl(R0, R, 0xff); 817 tcg_gen_shri_tl(R1, R, 8); 818 tcg_gen_andi_tl(R1, R1, 0xff); 819 return true; 820 } 821 822 /* 823 * This instruction performs 8-bit x 8-bit -> 16-bit signed multiplication 824 * and shifts the result one bit left. 825 */ 826 static bool trans_FMULS(DisasContext *ctx, arg_FMULS *a) 827 { 828 if (!avr_have_feature(ctx, AVR_FEATURE_MUL)) { 829 return true; 830 } 831 832 TCGv R0 = cpu_r[0]; 833 TCGv R1 = cpu_r[1]; 834 TCGv Rd = cpu_r[a->rd]; 835 TCGv Rr = cpu_r[a->rr]; 836 TCGv R = tcg_temp_new_i32(); 837 TCGv t0 = tcg_temp_new_i32(); 838 TCGv t1 = tcg_temp_new_i32(); 839 840 tcg_gen_ext8s_tl(t0, Rd); /* make Rd full 32 bit signed */ 841 tcg_gen_ext8s_tl(t1, Rr); /* make Rr full 32 bit signed */ 842 tcg_gen_mul_tl(R, t0, t1); /* R = Rd * Rr */ 843 tcg_gen_andi_tl(R, R, 0xffff); /* make it 16 bits */ 844 845 /* update status register */ 846 tcg_gen_shri_tl(cpu_Cf, R, 15); /* Cf = R(15) */ 847 tcg_gen_setcondi_tl(TCG_COND_EQ, cpu_Zf, R, 0); /* Zf = R == 0 */ 848 849 /* update output registers */ 850 tcg_gen_shli_tl(R, R, 1); 851 tcg_gen_andi_tl(R0, R, 0xff); 852 tcg_gen_shri_tl(R1, R, 8); 853 tcg_gen_andi_tl(R1, R1, 0xff); 854 return true; 855 } 856 857 /* 858 * This instruction performs 8-bit x 8-bit -> 16-bit signed multiplication 859 * and shifts the result one bit left. 860 */ 861 static bool trans_FMULSU(DisasContext *ctx, arg_FMULSU *a) 862 { 863 if (!avr_have_feature(ctx, AVR_FEATURE_MUL)) { 864 return true; 865 } 866 867 TCGv R0 = cpu_r[0]; 868 TCGv R1 = cpu_r[1]; 869 TCGv Rd = cpu_r[a->rd]; 870 TCGv Rr = cpu_r[a->rr]; 871 TCGv R = tcg_temp_new_i32(); 872 TCGv t0 = tcg_temp_new_i32(); 873 874 tcg_gen_ext8s_tl(t0, Rd); /* make Rd full 32 bit signed */ 875 tcg_gen_mul_tl(R, t0, Rr); /* R = Rd * Rr */ 876 tcg_gen_andi_tl(R, R, 0xffff); /* make it 16 bits */ 877 878 /* update status register */ 879 tcg_gen_shri_tl(cpu_Cf, R, 15); /* Cf = R(15) */ 880 tcg_gen_setcondi_tl(TCG_COND_EQ, cpu_Zf, R, 0); /* Zf = R == 0 */ 881 882 /* update output registers */ 883 tcg_gen_shli_tl(R, R, 1); 884 tcg_gen_andi_tl(R0, R, 0xff); 885 tcg_gen_shri_tl(R1, R, 8); 886 tcg_gen_andi_tl(R1, R1, 0xff); 887 return true; 888 } 889 890 /* 891 * The module is an instruction set extension to the AVR CPU, performing 892 * DES iterations. The 64-bit data block (plaintext or ciphertext) is placed in 893 * the CPU register file, registers R0-R7, where LSB of data is placed in LSB 894 * of R0 and MSB of data is placed in MSB of R7. The full 64-bit key (including 895 * parity bits) is placed in registers R8- R15, organized in the register file 896 * with LSB of key in LSB of R8 and MSB of key in MSB of R15. Executing one DES 897 * instruction performs one round in the DES algorithm. Sixteen rounds must be 898 * executed in increasing order to form the correct DES ciphertext or 899 * plaintext. Intermediate results are stored in the register file (R0-R15) 900 * after each DES instruction. The instruction's operand (K) determines which 901 * round is executed, and the half carry flag (H) determines whether encryption 902 * or decryption is performed. The DES algorithm is described in 903 * "Specifications for the Data Encryption Standard" (Federal Information 904 * Processing Standards Publication 46). Intermediate results in this 905 * implementation differ from the standard because the initial permutation and 906 * the inverse initial permutation are performed each iteration. This does not 907 * affect the result in the final ciphertext or plaintext, but reduces 908 * execution time. 909 */ 910 static bool trans_DES(DisasContext *ctx, arg_DES *a) 911 { 912 /* TODO */ 913 if (!avr_have_feature(ctx, AVR_FEATURE_DES)) { 914 return true; 915 } 916 917 qemu_log_mask(LOG_UNIMP, "%s: not implemented\n", __func__); 918 919 return true; 920 } 921 922 /* 923 * Branch Instructions 924 */ 925 static void gen_jmp_ez(DisasContext *ctx) 926 { 927 tcg_gen_deposit_tl(cpu_pc, cpu_r[30], cpu_r[31], 8, 8); 928 tcg_gen_or_tl(cpu_pc, cpu_pc, cpu_eind); 929 ctx->base.is_jmp = DISAS_LOOKUP; 930 } 931 932 static void gen_jmp_z(DisasContext *ctx) 933 { 934 tcg_gen_deposit_tl(cpu_pc, cpu_r[30], cpu_r[31], 8, 8); 935 ctx->base.is_jmp = DISAS_LOOKUP; 936 } 937 938 static void gen_push_ret(DisasContext *ctx, int ret) 939 { 940 if (avr_feature(ctx->env, AVR_FEATURE_1_BYTE_PC)) { 941 TCGv t0 = tcg_constant_i32(ret & 0x0000ff); 942 943 tcg_gen_qemu_st_tl(t0, cpu_sp, MMU_DATA_IDX, MO_UB); 944 tcg_gen_subi_tl(cpu_sp, cpu_sp, 1); 945 } else if (avr_feature(ctx->env, AVR_FEATURE_2_BYTE_PC)) { 946 TCGv t0 = tcg_constant_i32(ret & 0x00ffff); 947 948 tcg_gen_subi_tl(cpu_sp, cpu_sp, 1); 949 tcg_gen_qemu_st_tl(t0, cpu_sp, MMU_DATA_IDX, MO_BEUW); 950 tcg_gen_subi_tl(cpu_sp, cpu_sp, 1); 951 } else if (avr_feature(ctx->env, AVR_FEATURE_3_BYTE_PC)) { 952 TCGv lo = tcg_constant_i32(ret & 0x0000ff); 953 TCGv hi = tcg_constant_i32((ret & 0xffff00) >> 8); 954 955 tcg_gen_qemu_st_tl(lo, cpu_sp, MMU_DATA_IDX, MO_UB); 956 tcg_gen_subi_tl(cpu_sp, cpu_sp, 2); 957 tcg_gen_qemu_st_tl(hi, cpu_sp, MMU_DATA_IDX, MO_BEUW); 958 tcg_gen_subi_tl(cpu_sp, cpu_sp, 1); 959 } 960 } 961 962 static void gen_pop_ret(DisasContext *ctx, TCGv ret) 963 { 964 if (avr_feature(ctx->env, AVR_FEATURE_1_BYTE_PC)) { 965 tcg_gen_addi_tl(cpu_sp, cpu_sp, 1); 966 tcg_gen_qemu_ld_tl(ret, cpu_sp, MMU_DATA_IDX, MO_UB); 967 } else if (avr_feature(ctx->env, AVR_FEATURE_2_BYTE_PC)) { 968 tcg_gen_addi_tl(cpu_sp, cpu_sp, 1); 969 tcg_gen_qemu_ld_tl(ret, cpu_sp, MMU_DATA_IDX, MO_BEUW); 970 tcg_gen_addi_tl(cpu_sp, cpu_sp, 1); 971 } else if (avr_feature(ctx->env, AVR_FEATURE_3_BYTE_PC)) { 972 TCGv lo = tcg_temp_new_i32(); 973 TCGv hi = tcg_temp_new_i32(); 974 975 tcg_gen_addi_tl(cpu_sp, cpu_sp, 1); 976 tcg_gen_qemu_ld_tl(hi, cpu_sp, MMU_DATA_IDX, MO_BEUW); 977 978 tcg_gen_addi_tl(cpu_sp, cpu_sp, 2); 979 tcg_gen_qemu_ld_tl(lo, cpu_sp, MMU_DATA_IDX, MO_UB); 980 981 tcg_gen_deposit_tl(ret, lo, hi, 8, 16); 982 } 983 } 984 985 static void gen_goto_tb(DisasContext *ctx, int n, target_ulong dest) 986 { 987 const TranslationBlock *tb = ctx->base.tb; 988 989 if (translator_use_goto_tb(&ctx->base, dest)) { 990 tcg_gen_goto_tb(n); 991 tcg_gen_movi_i32(cpu_pc, dest); 992 tcg_gen_exit_tb(tb, n); 993 } else { 994 tcg_gen_movi_i32(cpu_pc, dest); 995 tcg_gen_lookup_and_goto_ptr(); 996 } 997 ctx->base.is_jmp = DISAS_NORETURN; 998 } 999 1000 /* 1001 * Relative jump to an address within PC - 2K +1 and PC + 2K (words). For 1002 * AVR microcontrollers with Program memory not exceeding 4K words (8KB) this 1003 * instruction can address the entire memory from every address location. See 1004 * also JMP. 1005 */ 1006 static bool trans_RJMP(DisasContext *ctx, arg_RJMP *a) 1007 { 1008 int dst = ctx->npc + a->imm; 1009 1010 gen_goto_tb(ctx, 0, dst); 1011 1012 return true; 1013 } 1014 1015 /* 1016 * Indirect jump to the address pointed to by the Z (16 bits) Pointer 1017 * Register in the Register File. The Z-pointer Register is 16 bits wide and 1018 * allows jump within the lowest 64K words (128KB) section of Program memory. 1019 * This instruction is not available in all devices. Refer to the device 1020 * specific instruction set summary. 1021 */ 1022 static bool trans_IJMP(DisasContext *ctx, arg_IJMP *a) 1023 { 1024 if (!avr_have_feature(ctx, AVR_FEATURE_IJMP_ICALL)) { 1025 return true; 1026 } 1027 1028 gen_jmp_z(ctx); 1029 1030 return true; 1031 } 1032 1033 /* 1034 * Indirect jump to the address pointed to by the Z (16 bits) Pointer 1035 * Register in the Register File and the EIND Register in the I/O space. This 1036 * instruction allows for indirect jumps to the entire 4M (words) Program 1037 * memory space. See also IJMP. This instruction is not available in all 1038 * devices. Refer to the device specific instruction set summary. 1039 */ 1040 static bool trans_EIJMP(DisasContext *ctx, arg_EIJMP *a) 1041 { 1042 if (!avr_have_feature(ctx, AVR_FEATURE_EIJMP_EICALL)) { 1043 return true; 1044 } 1045 1046 gen_jmp_ez(ctx); 1047 return true; 1048 } 1049 1050 /* 1051 * Jump to an address within the entire 4M (words) Program memory. See also 1052 * RJMP. This instruction is not available in all devices. Refer to the device 1053 * specific instruction set summary.0 1054 */ 1055 static bool trans_JMP(DisasContext *ctx, arg_JMP *a) 1056 { 1057 if (!avr_have_feature(ctx, AVR_FEATURE_JMP_CALL)) { 1058 return true; 1059 } 1060 1061 gen_goto_tb(ctx, 0, a->imm); 1062 1063 return true; 1064 } 1065 1066 /* 1067 * Relative call to an address within PC - 2K + 1 and PC + 2K (words). The 1068 * return address (the instruction after the RCALL) is stored onto the Stack. 1069 * See also CALL. For AVR microcontrollers with Program memory not exceeding 4K 1070 * words (8KB) this instruction can address the entire memory from every 1071 * address location. The Stack Pointer uses a post-decrement scheme during 1072 * RCALL. 1073 */ 1074 static bool trans_RCALL(DisasContext *ctx, arg_RCALL *a) 1075 { 1076 int ret = ctx->npc; 1077 int dst = ctx->npc + a->imm; 1078 1079 gen_push_ret(ctx, ret); 1080 gen_goto_tb(ctx, 0, dst); 1081 1082 return true; 1083 } 1084 1085 /* 1086 * Calls to a subroutine within the entire 4M (words) Program memory. The 1087 * return address (to the instruction after the CALL) will be stored onto the 1088 * Stack. See also RCALL. The Stack Pointer uses a post-decrement scheme during 1089 * CALL. This instruction is not available in all devices. Refer to the device 1090 * specific instruction set summary. 1091 */ 1092 static bool trans_ICALL(DisasContext *ctx, arg_ICALL *a) 1093 { 1094 if (!avr_have_feature(ctx, AVR_FEATURE_IJMP_ICALL)) { 1095 return true; 1096 } 1097 1098 int ret = ctx->npc; 1099 1100 gen_push_ret(ctx, ret); 1101 gen_jmp_z(ctx); 1102 1103 return true; 1104 } 1105 1106 /* 1107 * Indirect call of a subroutine pointed to by the Z (16 bits) Pointer 1108 * Register in the Register File and the EIND Register in the I/O space. This 1109 * instruction allows for indirect calls to the entire 4M (words) Program 1110 * memory space. See also ICALL. The Stack Pointer uses a post-decrement scheme 1111 * during EICALL. This instruction is not available in all devices. Refer to 1112 * the device specific instruction set summary. 1113 */ 1114 static bool trans_EICALL(DisasContext *ctx, arg_EICALL *a) 1115 { 1116 if (!avr_have_feature(ctx, AVR_FEATURE_EIJMP_EICALL)) { 1117 return true; 1118 } 1119 1120 int ret = ctx->npc; 1121 1122 gen_push_ret(ctx, ret); 1123 gen_jmp_ez(ctx); 1124 return true; 1125 } 1126 1127 /* 1128 * Calls to a subroutine within the entire Program memory. The return 1129 * address (to the instruction after the CALL) will be stored onto the Stack. 1130 * (See also RCALL). The Stack Pointer uses a post-decrement scheme during 1131 * CALL. This instruction is not available in all devices. Refer to the device 1132 * specific instruction set summary. 1133 */ 1134 static bool trans_CALL(DisasContext *ctx, arg_CALL *a) 1135 { 1136 if (!avr_have_feature(ctx, AVR_FEATURE_JMP_CALL)) { 1137 return true; 1138 } 1139 1140 int Imm = a->imm; 1141 int ret = ctx->npc; 1142 1143 gen_push_ret(ctx, ret); 1144 gen_goto_tb(ctx, 0, Imm); 1145 1146 return true; 1147 } 1148 1149 /* 1150 * Returns from subroutine. The return address is loaded from the STACK. 1151 * The Stack Pointer uses a preincrement scheme during RET. 1152 */ 1153 static bool trans_RET(DisasContext *ctx, arg_RET *a) 1154 { 1155 gen_pop_ret(ctx, cpu_pc); 1156 1157 ctx->base.is_jmp = DISAS_LOOKUP; 1158 return true; 1159 } 1160 1161 /* 1162 * Returns from interrupt. The return address is loaded from the STACK and 1163 * the Global Interrupt Flag is set. Note that the Status Register is not 1164 * automatically stored when entering an interrupt routine, and it is not 1165 * restored when returning from an interrupt routine. This must be handled by 1166 * the application program. The Stack Pointer uses a pre-increment scheme 1167 * during RETI. 1168 */ 1169 static bool trans_RETI(DisasContext *ctx, arg_RETI *a) 1170 { 1171 gen_pop_ret(ctx, cpu_pc); 1172 tcg_gen_movi_tl(cpu_If, 1); 1173 1174 /* Need to return to main loop to re-evaluate interrupts. */ 1175 ctx->base.is_jmp = DISAS_EXIT; 1176 return true; 1177 } 1178 1179 /* 1180 * This instruction performs a compare between two registers Rd and Rr, and 1181 * skips the next instruction if Rd = Rr. 1182 */ 1183 static bool trans_CPSE(DisasContext *ctx, arg_CPSE *a) 1184 { 1185 ctx->skip_cond = TCG_COND_EQ; 1186 ctx->skip_var0 = cpu_r[a->rd]; 1187 ctx->skip_var1 = cpu_r[a->rr]; 1188 return true; 1189 } 1190 1191 /* 1192 * This instruction performs a compare between two registers Rd and Rr. 1193 * None of the registers are changed. All conditional branches can be used 1194 * after this instruction. 1195 */ 1196 static bool trans_CP(DisasContext *ctx, arg_CP *a) 1197 { 1198 TCGv Rd = cpu_r[a->rd]; 1199 TCGv Rr = cpu_r[a->rr]; 1200 TCGv R = tcg_temp_new_i32(); 1201 1202 tcg_gen_sub_tl(R, Rd, Rr); /* R = Rd - Rr */ 1203 tcg_gen_andi_tl(R, R, 0xff); /* make it 8 bits */ 1204 1205 /* update status register */ 1206 gen_sub_CHf(R, Rd, Rr); 1207 gen_sub_Vf(R, Rd, Rr); 1208 gen_ZNSf(R); 1209 return true; 1210 } 1211 1212 /* 1213 * This instruction performs a compare between two registers Rd and Rr and 1214 * also takes into account the previous carry. None of the registers are 1215 * changed. All conditional branches can be used after this instruction. 1216 */ 1217 static bool trans_CPC(DisasContext *ctx, arg_CPC *a) 1218 { 1219 TCGv Rd = cpu_r[a->rd]; 1220 TCGv Rr = cpu_r[a->rr]; 1221 TCGv R = tcg_temp_new_i32(); 1222 TCGv zero = tcg_constant_i32(0); 1223 1224 tcg_gen_sub_tl(R, Rd, Rr); /* R = Rd - Rr - Cf */ 1225 tcg_gen_sub_tl(R, R, cpu_Cf); 1226 tcg_gen_andi_tl(R, R, 0xff); /* make it 8 bits */ 1227 /* update status register */ 1228 gen_sub_CHf(R, Rd, Rr); 1229 gen_sub_Vf(R, Rd, Rr); 1230 gen_NSf(R); 1231 1232 /* 1233 * Previous value remains unchanged when the result is zero; 1234 * cleared otherwise. 1235 */ 1236 tcg_gen_movcond_tl(TCG_COND_EQ, cpu_Zf, R, zero, cpu_Zf, zero); 1237 return true; 1238 } 1239 1240 /* 1241 * This instruction performs a compare between register Rd and a constant. 1242 * The register is not changed. All conditional branches can be used after this 1243 * instruction. 1244 */ 1245 static bool trans_CPI(DisasContext *ctx, arg_CPI *a) 1246 { 1247 TCGv Rd = cpu_r[a->rd]; 1248 int Imm = a->imm; 1249 TCGv Rr = tcg_constant_i32(Imm); 1250 TCGv R = tcg_temp_new_i32(); 1251 1252 tcg_gen_sub_tl(R, Rd, Rr); /* R = Rd - Rr */ 1253 tcg_gen_andi_tl(R, R, 0xff); /* make it 8 bits */ 1254 1255 /* update status register */ 1256 gen_sub_CHf(R, Rd, Rr); 1257 gen_sub_Vf(R, Rd, Rr); 1258 gen_ZNSf(R); 1259 return true; 1260 } 1261 1262 /* 1263 * This instruction tests a single bit in a register and skips the next 1264 * instruction if the bit is cleared. 1265 */ 1266 static bool trans_SBRC(DisasContext *ctx, arg_SBRC *a) 1267 { 1268 TCGv Rr = cpu_r[a->rr]; 1269 1270 ctx->skip_cond = TCG_COND_EQ; 1271 ctx->skip_var0 = tcg_temp_new(); 1272 1273 tcg_gen_andi_tl(ctx->skip_var0, Rr, 1 << a->bit); 1274 return true; 1275 } 1276 1277 /* 1278 * This instruction tests a single bit in a register and skips the next 1279 * instruction if the bit is set. 1280 */ 1281 static bool trans_SBRS(DisasContext *ctx, arg_SBRS *a) 1282 { 1283 TCGv Rr = cpu_r[a->rr]; 1284 1285 ctx->skip_cond = TCG_COND_NE; 1286 ctx->skip_var0 = tcg_temp_new(); 1287 1288 tcg_gen_andi_tl(ctx->skip_var0, Rr, 1 << a->bit); 1289 return true; 1290 } 1291 1292 /* 1293 * This instruction tests a single bit in an I/O Register and skips the 1294 * next instruction if the bit is cleared. This instruction operates on the 1295 * lower 32 I/O Registers -- addresses 0-31. 1296 */ 1297 static bool trans_SBIC(DisasContext *ctx, arg_SBIC *a) 1298 { 1299 TCGv data = tcg_temp_new_i32(); 1300 1301 gen_inb(ctx, data, a->reg); 1302 tcg_gen_andi_tl(data, data, 1 << a->bit); 1303 ctx->skip_cond = TCG_COND_EQ; 1304 ctx->skip_var0 = data; 1305 1306 return true; 1307 } 1308 1309 /* 1310 * This instruction tests a single bit in an I/O Register and skips the 1311 * next instruction if the bit is set. This instruction operates on the lower 1312 * 32 I/O Registers -- addresses 0-31. 1313 */ 1314 static bool trans_SBIS(DisasContext *ctx, arg_SBIS *a) 1315 { 1316 TCGv data = tcg_temp_new_i32(); 1317 1318 gen_inb(ctx, data, a->reg); 1319 tcg_gen_andi_tl(data, data, 1 << a->bit); 1320 ctx->skip_cond = TCG_COND_NE; 1321 ctx->skip_var0 = data; 1322 1323 return true; 1324 } 1325 1326 /* 1327 * Conditional relative branch. Tests a single bit in SREG and branches 1328 * relatively to PC if the bit is cleared. This instruction branches relatively 1329 * to PC in either direction (PC - 63 < = destination <= PC + 64). The 1330 * parameter k is the offset from PC and is represented in two's complement 1331 * form. 1332 */ 1333 static bool trans_BRBC(DisasContext *ctx, arg_BRBC *a) 1334 { 1335 TCGLabel *not_taken = gen_new_label(); 1336 1337 TCGv var; 1338 1339 switch (a->bit) { 1340 case 0x00: 1341 var = cpu_Cf; 1342 break; 1343 case 0x01: 1344 var = cpu_Zf; 1345 break; 1346 case 0x02: 1347 var = cpu_Nf; 1348 break; 1349 case 0x03: 1350 var = cpu_Vf; 1351 break; 1352 case 0x04: 1353 var = cpu_Sf; 1354 break; 1355 case 0x05: 1356 var = cpu_Hf; 1357 break; 1358 case 0x06: 1359 var = cpu_Tf; 1360 break; 1361 case 0x07: 1362 var = cpu_If; 1363 break; 1364 default: 1365 g_assert_not_reached(); 1366 } 1367 1368 tcg_gen_brcondi_i32(TCG_COND_NE, var, 0, not_taken); 1369 gen_goto_tb(ctx, 0, ctx->npc + a->imm); 1370 gen_set_label(not_taken); 1371 1372 ctx->base.is_jmp = DISAS_CHAIN; 1373 return true; 1374 } 1375 1376 /* 1377 * Conditional relative branch. Tests a single bit in SREG and branches 1378 * relatively to PC if the bit is set. This instruction branches relatively to 1379 * PC in either direction (PC - 63 < = destination <= PC + 64). The parameter k 1380 * is the offset from PC and is represented in two's complement form. 1381 */ 1382 static bool trans_BRBS(DisasContext *ctx, arg_BRBS *a) 1383 { 1384 TCGLabel *not_taken = gen_new_label(); 1385 1386 TCGv var; 1387 1388 switch (a->bit) { 1389 case 0x00: 1390 var = cpu_Cf; 1391 break; 1392 case 0x01: 1393 var = cpu_Zf; 1394 break; 1395 case 0x02: 1396 var = cpu_Nf; 1397 break; 1398 case 0x03: 1399 var = cpu_Vf; 1400 break; 1401 case 0x04: 1402 var = cpu_Sf; 1403 break; 1404 case 0x05: 1405 var = cpu_Hf; 1406 break; 1407 case 0x06: 1408 var = cpu_Tf; 1409 break; 1410 case 0x07: 1411 var = cpu_If; 1412 break; 1413 default: 1414 g_assert_not_reached(); 1415 } 1416 1417 tcg_gen_brcondi_i32(TCG_COND_EQ, var, 0, not_taken); 1418 gen_goto_tb(ctx, 0, ctx->npc + a->imm); 1419 gen_set_label(not_taken); 1420 1421 ctx->base.is_jmp = DISAS_CHAIN; 1422 return true; 1423 } 1424 1425 /* 1426 * Data Transfer Instructions 1427 */ 1428 1429 /* 1430 * in the gen_set_addr & gen_get_addr functions 1431 * H assumed to be in 0x00ff0000 format 1432 * M assumed to be in 0x000000ff format 1433 * L assumed to be in 0x000000ff format 1434 */ 1435 static void gen_set_addr(TCGv addr, TCGv H, TCGv M, TCGv L) 1436 { 1437 1438 tcg_gen_andi_tl(L, addr, 0x000000ff); 1439 1440 tcg_gen_andi_tl(M, addr, 0x0000ff00); 1441 tcg_gen_shri_tl(M, M, 8); 1442 1443 tcg_gen_andi_tl(H, addr, 0x00ff0000); 1444 } 1445 1446 static void gen_set_xaddr(TCGv addr) 1447 { 1448 gen_set_addr(addr, cpu_rampX, cpu_r[27], cpu_r[26]); 1449 } 1450 1451 static void gen_set_yaddr(TCGv addr) 1452 { 1453 gen_set_addr(addr, cpu_rampY, cpu_r[29], cpu_r[28]); 1454 } 1455 1456 static void gen_set_zaddr(TCGv addr) 1457 { 1458 gen_set_addr(addr, cpu_rampZ, cpu_r[31], cpu_r[30]); 1459 } 1460 1461 static TCGv gen_get_addr(TCGv H, TCGv M, TCGv L) 1462 { 1463 TCGv addr = tcg_temp_new_i32(); 1464 1465 tcg_gen_deposit_tl(addr, M, H, 8, 8); 1466 tcg_gen_deposit_tl(addr, L, addr, 8, 16); 1467 1468 return addr; 1469 } 1470 1471 static TCGv gen_get_xaddr(void) 1472 { 1473 return gen_get_addr(cpu_rampX, cpu_r[27], cpu_r[26]); 1474 } 1475 1476 static TCGv gen_get_yaddr(void) 1477 { 1478 return gen_get_addr(cpu_rampY, cpu_r[29], cpu_r[28]); 1479 } 1480 1481 static TCGv gen_get_zaddr(void) 1482 { 1483 return gen_get_addr(cpu_rampZ, cpu_r[31], cpu_r[30]); 1484 } 1485 1486 /* 1487 * Load one byte indirect from data space to register and stores an clear 1488 * the bits in data space specified by the register. The instruction can only 1489 * be used towards internal SRAM. The data location is pointed to by the Z (16 1490 * bits) Pointer Register in the Register File. Memory access is limited to the 1491 * current data segment of 64KB. To access another data segment in devices with 1492 * more than 64KB data space, the RAMPZ in register in the I/O area has to be 1493 * changed. The Z-pointer Register is left unchanged by the operation. This 1494 * instruction is especially suited for clearing status bits stored in SRAM. 1495 */ 1496 static void gen_data_store(DisasContext *ctx, TCGv data, TCGv addr) 1497 { 1498 if (ctx->base.tb->flags & TB_FLAGS_FULL_ACCESS) { 1499 gen_helper_fullwr(tcg_env, data, addr); 1500 } else { 1501 tcg_gen_qemu_st_tl(data, addr, MMU_DATA_IDX, MO_UB); 1502 } 1503 } 1504 1505 static void gen_data_load(DisasContext *ctx, TCGv data, TCGv addr) 1506 { 1507 tcg_gen_qemu_ld_tl(data, addr, MMU_DATA_IDX, MO_UB); 1508 } 1509 1510 static void gen_inb(DisasContext *ctx, TCGv data, int port) 1511 { 1512 gen_data_load(ctx, data, tcg_constant_i32(port + NUMBER_OF_CPU_REGISTERS)); 1513 } 1514 1515 static void gen_outb(DisasContext *ctx, TCGv data, int port) 1516 { 1517 gen_helper_fullwr(tcg_env, data, 1518 tcg_constant_i32(port + NUMBER_OF_CPU_REGISTERS)); 1519 } 1520 1521 /* 1522 * This instruction makes a copy of one register into another. The source 1523 * register Rr is left unchanged, while the destination register Rd is loaded 1524 * with a copy of Rr. 1525 */ 1526 static bool trans_MOV(DisasContext *ctx, arg_MOV *a) 1527 { 1528 TCGv Rd = cpu_r[a->rd]; 1529 TCGv Rr = cpu_r[a->rr]; 1530 1531 tcg_gen_mov_tl(Rd, Rr); 1532 1533 return true; 1534 } 1535 1536 /* 1537 * This instruction makes a copy of one register pair into another register 1538 * pair. The source register pair Rr+1:Rr is left unchanged, while the 1539 * destination register pair Rd+1:Rd is loaded with a copy of Rr + 1:Rr. This 1540 * instruction is not available in all devices. Refer to the device specific 1541 * instruction set summary. 1542 */ 1543 static bool trans_MOVW(DisasContext *ctx, arg_MOVW *a) 1544 { 1545 if (!avr_have_feature(ctx, AVR_FEATURE_MOVW)) { 1546 return true; 1547 } 1548 1549 TCGv RdL = cpu_r[a->rd]; 1550 TCGv RdH = cpu_r[a->rd + 1]; 1551 TCGv RrL = cpu_r[a->rr]; 1552 TCGv RrH = cpu_r[a->rr + 1]; 1553 1554 tcg_gen_mov_tl(RdH, RrH); 1555 tcg_gen_mov_tl(RdL, RrL); 1556 1557 return true; 1558 } 1559 1560 /* 1561 * Loads an 8 bit constant directly to register 16 to 31. 1562 */ 1563 static bool trans_LDI(DisasContext *ctx, arg_LDI *a) 1564 { 1565 TCGv Rd = cpu_r[a->rd]; 1566 int imm = a->imm; 1567 1568 tcg_gen_movi_tl(Rd, imm); 1569 1570 return true; 1571 } 1572 1573 /* 1574 * Loads one byte from the data space to a register. For parts with SRAM, 1575 * the data space consists of the Register File, I/O memory and internal SRAM 1576 * (and external SRAM if applicable). For parts without SRAM, the data space 1577 * consists of the register file only. The EEPROM has a separate address space. 1578 * A 16-bit address must be supplied. Memory access is limited to the current 1579 * data segment of 64KB. The LDS instruction uses the RAMPD Register to access 1580 * memory above 64KB. To access another data segment in devices with more than 1581 * 64KB data space, the RAMPD in register in the I/O area has to be changed. 1582 * This instruction is not available in all devices. Refer to the device 1583 * specific instruction set summary. 1584 */ 1585 static bool trans_LDS(DisasContext *ctx, arg_LDS *a) 1586 { 1587 TCGv Rd = cpu_r[a->rd]; 1588 TCGv addr = tcg_temp_new_i32(); 1589 TCGv H = cpu_rampD; 1590 1591 tcg_gen_mov_tl(addr, H); /* addr = H:M:L */ 1592 tcg_gen_shli_tl(addr, addr, 16); 1593 tcg_gen_ori_tl(addr, addr, a->imm); 1594 1595 gen_data_load(ctx, Rd, addr); 1596 return true; 1597 } 1598 1599 /* 1600 * Loads one byte indirect from the data space to a register. For parts 1601 * with SRAM, the data space consists of the Register File, I/O memory and 1602 * internal SRAM (and external SRAM if applicable). For parts without SRAM, the 1603 * data space consists of the Register File only. In some parts the Flash 1604 * Memory has been mapped to the data space and can be read using this command. 1605 * The EEPROM has a separate address space. The data location is pointed to by 1606 * the X (16 bits) Pointer Register in the Register File. Memory access is 1607 * limited to the current data segment of 64KB. To access another data segment 1608 * in devices with more than 64KB data space, the RAMPX in register in the I/O 1609 * area has to be changed. The X-pointer Register can either be left unchanged 1610 * by the operation, or it can be post-incremented or predecremented. These 1611 * features are especially suited for accessing arrays, tables, and Stack 1612 * Pointer usage of the X-pointer Register. Note that only the low byte of the 1613 * X-pointer is updated in devices with no more than 256 bytes data space. For 1614 * such devices, the high byte of the pointer is not used by this instruction 1615 * and can be used for other purposes. The RAMPX Register in the I/O area is 1616 * updated in parts with more than 64KB data space or more than 64KB Program 1617 * memory, and the increment/decrement is added to the entire 24-bit address on 1618 * such devices. Not all variants of this instruction is available in all 1619 * devices. Refer to the device specific instruction set summary. In the 1620 * Reduced Core tinyAVR the LD instruction can be used to achieve the same 1621 * operation as LPM since the program memory is mapped to the data memory 1622 * space. 1623 */ 1624 static bool trans_LDX1(DisasContext *ctx, arg_LDX1 *a) 1625 { 1626 TCGv Rd = cpu_r[a->rd]; 1627 TCGv addr = gen_get_xaddr(); 1628 1629 gen_data_load(ctx, Rd, addr); 1630 return true; 1631 } 1632 1633 static bool trans_LDX2(DisasContext *ctx, arg_LDX2 *a) 1634 { 1635 TCGv Rd = cpu_r[a->rd]; 1636 TCGv addr = gen_get_xaddr(); 1637 1638 gen_data_load(ctx, Rd, addr); 1639 tcg_gen_addi_tl(addr, addr, 1); /* addr = addr + 1 */ 1640 1641 gen_set_xaddr(addr); 1642 return true; 1643 } 1644 1645 static bool trans_LDX3(DisasContext *ctx, arg_LDX3 *a) 1646 { 1647 TCGv Rd = cpu_r[a->rd]; 1648 TCGv addr = gen_get_xaddr(); 1649 1650 tcg_gen_subi_tl(addr, addr, 1); /* addr = addr - 1 */ 1651 gen_data_load(ctx, Rd, addr); 1652 gen_set_xaddr(addr); 1653 return true; 1654 } 1655 1656 /* 1657 * Loads one byte indirect with or without displacement from the data space 1658 * to a register. For parts with SRAM, the data space consists of the Register 1659 * File, I/O memory and internal SRAM (and external SRAM if applicable). For 1660 * parts without SRAM, the data space consists of the Register File only. In 1661 * some parts the Flash Memory has been mapped to the data space and can be 1662 * read using this command. The EEPROM has a separate address space. The data 1663 * location is pointed to by the Y (16 bits) Pointer Register in the Register 1664 * File. Memory access is limited to the current data segment of 64KB. To 1665 * access another data segment in devices with more than 64KB data space, the 1666 * RAMPY in register in the I/O area has to be changed. The Y-pointer Register 1667 * can either be left unchanged by the operation, or it can be post-incremented 1668 * or predecremented. These features are especially suited for accessing 1669 * arrays, tables, and Stack Pointer usage of the Y-pointer Register. Note that 1670 * only the low byte of the Y-pointer is updated in devices with no more than 1671 * 256 bytes data space. For such devices, the high byte of the pointer is not 1672 * used by this instruction and can be used for other purposes. The RAMPY 1673 * Register in the I/O area is updated in parts with more than 64KB data space 1674 * or more than 64KB Program memory, and the increment/decrement/displacement 1675 * is added to the entire 24-bit address on such devices. Not all variants of 1676 * this instruction is available in all devices. Refer to the device specific 1677 * instruction set summary. In the Reduced Core tinyAVR the LD instruction can 1678 * be used to achieve the same operation as LPM since the program memory is 1679 * mapped to the data memory space. 1680 */ 1681 static bool trans_LDY2(DisasContext *ctx, arg_LDY2 *a) 1682 { 1683 TCGv Rd = cpu_r[a->rd]; 1684 TCGv addr = gen_get_yaddr(); 1685 1686 gen_data_load(ctx, Rd, addr); 1687 tcg_gen_addi_tl(addr, addr, 1); /* addr = addr + 1 */ 1688 1689 gen_set_yaddr(addr); 1690 return true; 1691 } 1692 1693 static bool trans_LDY3(DisasContext *ctx, arg_LDY3 *a) 1694 { 1695 TCGv Rd = cpu_r[a->rd]; 1696 TCGv addr = gen_get_yaddr(); 1697 1698 tcg_gen_subi_tl(addr, addr, 1); /* addr = addr - 1 */ 1699 gen_data_load(ctx, Rd, addr); 1700 gen_set_yaddr(addr); 1701 return true; 1702 } 1703 1704 static bool trans_LDDY(DisasContext *ctx, arg_LDDY *a) 1705 { 1706 TCGv Rd = cpu_r[a->rd]; 1707 TCGv addr = gen_get_yaddr(); 1708 1709 tcg_gen_addi_tl(addr, addr, a->imm); /* addr = addr + q */ 1710 gen_data_load(ctx, Rd, addr); 1711 return true; 1712 } 1713 1714 /* 1715 * Loads one byte indirect with or without displacement from the data space 1716 * to a register. For parts with SRAM, the data space consists of the Register 1717 * File, I/O memory and internal SRAM (and external SRAM if applicable). For 1718 * parts without SRAM, the data space consists of the Register File only. In 1719 * some parts the Flash Memory has been mapped to the data space and can be 1720 * read using this command. The EEPROM has a separate address space. The data 1721 * location is pointed to by the Z (16 bits) Pointer Register in the Register 1722 * File. Memory access is limited to the current data segment of 64KB. To 1723 * access another data segment in devices with more than 64KB data space, the 1724 * RAMPZ in register in the I/O area has to be changed. The Z-pointer Register 1725 * can either be left unchanged by the operation, or it can be post-incremented 1726 * or predecremented. These features are especially suited for Stack Pointer 1727 * usage of the Z-pointer Register, however because the Z-pointer Register can 1728 * be used for indirect subroutine calls, indirect jumps and table lookup, it 1729 * is often more convenient to use the X or Y-pointer as a dedicated Stack 1730 * Pointer. Note that only the low byte of the Z-pointer is updated in devices 1731 * with no more than 256 bytes data space. For such devices, the high byte of 1732 * the pointer is not used by this instruction and can be used for other 1733 * purposes. The RAMPZ Register in the I/O area is updated in parts with more 1734 * than 64KB data space or more than 64KB Program memory, and the 1735 * increment/decrement/displacement is added to the entire 24-bit address on 1736 * such devices. Not all variants of this instruction is available in all 1737 * devices. Refer to the device specific instruction set summary. In the 1738 * Reduced Core tinyAVR the LD instruction can be used to achieve the same 1739 * operation as LPM since the program memory is mapped to the data memory 1740 * space. For using the Z-pointer for table lookup in Program memory see the 1741 * LPM and ELPM instructions. 1742 */ 1743 static bool trans_LDZ2(DisasContext *ctx, arg_LDZ2 *a) 1744 { 1745 TCGv Rd = cpu_r[a->rd]; 1746 TCGv addr = gen_get_zaddr(); 1747 1748 gen_data_load(ctx, Rd, addr); 1749 tcg_gen_addi_tl(addr, addr, 1); /* addr = addr + 1 */ 1750 1751 gen_set_zaddr(addr); 1752 return true; 1753 } 1754 1755 static bool trans_LDZ3(DisasContext *ctx, arg_LDZ3 *a) 1756 { 1757 TCGv Rd = cpu_r[a->rd]; 1758 TCGv addr = gen_get_zaddr(); 1759 1760 tcg_gen_subi_tl(addr, addr, 1); /* addr = addr - 1 */ 1761 gen_data_load(ctx, Rd, addr); 1762 1763 gen_set_zaddr(addr); 1764 return true; 1765 } 1766 1767 static bool trans_LDDZ(DisasContext *ctx, arg_LDDZ *a) 1768 { 1769 TCGv Rd = cpu_r[a->rd]; 1770 TCGv addr = gen_get_zaddr(); 1771 1772 tcg_gen_addi_tl(addr, addr, a->imm); /* addr = addr + q */ 1773 gen_data_load(ctx, Rd, addr); 1774 return true; 1775 } 1776 1777 /* 1778 * Stores one byte from a Register to the data space. For parts with SRAM, 1779 * the data space consists of the Register File, I/O memory and internal SRAM 1780 * (and external SRAM if applicable). For parts without SRAM, the data space 1781 * consists of the Register File only. The EEPROM has a separate address space. 1782 * A 16-bit address must be supplied. Memory access is limited to the current 1783 * data segment of 64KB. The STS instruction uses the RAMPD Register to access 1784 * memory above 64KB. To access another data segment in devices with more than 1785 * 64KB data space, the RAMPD in register in the I/O area has to be changed. 1786 * This instruction is not available in all devices. Refer to the device 1787 * specific instruction set summary. 1788 */ 1789 static bool trans_STS(DisasContext *ctx, arg_STS *a) 1790 { 1791 TCGv Rd = cpu_r[a->rd]; 1792 TCGv addr = tcg_temp_new_i32(); 1793 TCGv H = cpu_rampD; 1794 1795 tcg_gen_mov_tl(addr, H); /* addr = H:M:L */ 1796 tcg_gen_shli_tl(addr, addr, 16); 1797 tcg_gen_ori_tl(addr, addr, a->imm); 1798 gen_data_store(ctx, Rd, addr); 1799 return true; 1800 } 1801 1802 /* 1803 * Stores one byte indirect from a register to data space. For parts with SRAM, 1804 * the data space consists of the Register File, I/O memory, and internal SRAM 1805 * (and external SRAM if applicable). For parts without SRAM, the data space 1806 * consists of the Register File only. The EEPROM has a separate address space. 1807 * 1808 * The data location is pointed to by the X (16 bits) Pointer Register in the 1809 * Register File. Memory access is limited to the current data segment of 64KB. 1810 * To access another data segment in devices with more than 64KB data space, the 1811 * RAMPX in register in the I/O area has to be changed. 1812 * 1813 * The X-pointer Register can either be left unchanged by the operation, or it 1814 * can be post-incremented or pre-decremented. These features are especially 1815 * suited for accessing arrays, tables, and Stack Pointer usage of the 1816 * X-pointer Register. Note that only the low byte of the X-pointer is updated 1817 * in devices with no more than 256 bytes data space. For such devices, the high 1818 * byte of the pointer is not used by this instruction and can be used for other 1819 * purposes. The RAMPX Register in the I/O area is updated in parts with more 1820 * than 64KB data space or more than 64KB Program memory, and the increment / 1821 * decrement is added to the entire 24-bit address on such devices. 1822 */ 1823 static bool trans_STX1(DisasContext *ctx, arg_STX1 *a) 1824 { 1825 TCGv Rd = cpu_r[a->rr]; 1826 TCGv addr = gen_get_xaddr(); 1827 1828 gen_data_store(ctx, Rd, addr); 1829 return true; 1830 } 1831 1832 static bool trans_STX2(DisasContext *ctx, arg_STX2 *a) 1833 { 1834 TCGv Rd = cpu_r[a->rr]; 1835 TCGv addr = gen_get_xaddr(); 1836 1837 gen_data_store(ctx, Rd, addr); 1838 tcg_gen_addi_tl(addr, addr, 1); /* addr = addr + 1 */ 1839 gen_set_xaddr(addr); 1840 return true; 1841 } 1842 1843 static bool trans_STX3(DisasContext *ctx, arg_STX3 *a) 1844 { 1845 TCGv Rd = cpu_r[a->rr]; 1846 TCGv addr = gen_get_xaddr(); 1847 1848 tcg_gen_subi_tl(addr, addr, 1); /* addr = addr - 1 */ 1849 gen_data_store(ctx, Rd, addr); 1850 gen_set_xaddr(addr); 1851 return true; 1852 } 1853 1854 /* 1855 * Stores one byte indirect with or without displacement from a register to data 1856 * space. For parts with SRAM, the data space consists of the Register File, I/O 1857 * memory, and internal SRAM (and external SRAM if applicable). For parts 1858 * without SRAM, the data space consists of the Register File only. The EEPROM 1859 * has a separate address space. 1860 * 1861 * The data location is pointed to by the Y (16 bits) Pointer Register in the 1862 * Register File. Memory access is limited to the current data segment of 64KB. 1863 * To access another data segment in devices with more than 64KB data space, the 1864 * RAMPY in register in the I/O area has to be changed. 1865 * 1866 * The Y-pointer Register can either be left unchanged by the operation, or it 1867 * can be post-incremented or pre-decremented. These features are especially 1868 * suited for accessing arrays, tables, and Stack Pointer usage of the Y-pointer 1869 * Register. Note that only the low byte of the Y-pointer is updated in devices 1870 * with no more than 256 bytes data space. For such devices, the high byte of 1871 * the pointer is not used by this instruction and can be used for other 1872 * purposes. The RAMPY Register in the I/O area is updated in parts with more 1873 * than 64KB data space or more than 64KB Program memory, and the increment / 1874 * decrement / displacement is added to the entire 24-bit address on such 1875 * devices. 1876 */ 1877 static bool trans_STY2(DisasContext *ctx, arg_STY2 *a) 1878 { 1879 TCGv Rd = cpu_r[a->rd]; 1880 TCGv addr = gen_get_yaddr(); 1881 1882 gen_data_store(ctx, Rd, addr); 1883 tcg_gen_addi_tl(addr, addr, 1); /* addr = addr + 1 */ 1884 gen_set_yaddr(addr); 1885 return true; 1886 } 1887 1888 static bool trans_STY3(DisasContext *ctx, arg_STY3 *a) 1889 { 1890 TCGv Rd = cpu_r[a->rd]; 1891 TCGv addr = gen_get_yaddr(); 1892 1893 tcg_gen_subi_tl(addr, addr, 1); /* addr = addr - 1 */ 1894 gen_data_store(ctx, Rd, addr); 1895 gen_set_yaddr(addr); 1896 return true; 1897 } 1898 1899 static bool trans_STDY(DisasContext *ctx, arg_STDY *a) 1900 { 1901 TCGv Rd = cpu_r[a->rd]; 1902 TCGv addr = gen_get_yaddr(); 1903 1904 tcg_gen_addi_tl(addr, addr, a->imm); /* addr = addr + q */ 1905 gen_data_store(ctx, Rd, addr); 1906 return true; 1907 } 1908 1909 /* 1910 * Stores one byte indirect with or without displacement from a register to data 1911 * space. For parts with SRAM, the data space consists of the Register File, I/O 1912 * memory, and internal SRAM (and external SRAM if applicable). For parts 1913 * without SRAM, the data space consists of the Register File only. The EEPROM 1914 * has a separate address space. 1915 * 1916 * The data location is pointed to by the Y (16 bits) Pointer Register in the 1917 * Register File. Memory access is limited to the current data segment of 64KB. 1918 * To access another data segment in devices with more than 64KB data space, the 1919 * RAMPY in register in the I/O area has to be changed. 1920 * 1921 * The Y-pointer Register can either be left unchanged by the operation, or it 1922 * can be post-incremented or pre-decremented. These features are especially 1923 * suited for accessing arrays, tables, and Stack Pointer usage of the Y-pointer 1924 * Register. Note that only the low byte of the Y-pointer is updated in devices 1925 * with no more than 256 bytes data space. For such devices, the high byte of 1926 * the pointer is not used by this instruction and can be used for other 1927 * purposes. The RAMPY Register in the I/O area is updated in parts with more 1928 * than 64KB data space or more than 64KB Program memory, and the increment / 1929 * decrement / displacement is added to the entire 24-bit address on such 1930 * devices. 1931 */ 1932 static bool trans_STZ2(DisasContext *ctx, arg_STZ2 *a) 1933 { 1934 TCGv Rd = cpu_r[a->rd]; 1935 TCGv addr = gen_get_zaddr(); 1936 1937 gen_data_store(ctx, Rd, addr); 1938 tcg_gen_addi_tl(addr, addr, 1); /* addr = addr + 1 */ 1939 1940 gen_set_zaddr(addr); 1941 return true; 1942 } 1943 1944 static bool trans_STZ3(DisasContext *ctx, arg_STZ3 *a) 1945 { 1946 TCGv Rd = cpu_r[a->rd]; 1947 TCGv addr = gen_get_zaddr(); 1948 1949 tcg_gen_subi_tl(addr, addr, 1); /* addr = addr - 1 */ 1950 gen_data_store(ctx, Rd, addr); 1951 1952 gen_set_zaddr(addr); 1953 return true; 1954 } 1955 1956 static bool trans_STDZ(DisasContext *ctx, arg_STDZ *a) 1957 { 1958 TCGv Rd = cpu_r[a->rd]; 1959 TCGv addr = gen_get_zaddr(); 1960 1961 tcg_gen_addi_tl(addr, addr, a->imm); /* addr = addr + q */ 1962 gen_data_store(ctx, Rd, addr); 1963 return true; 1964 } 1965 1966 /* 1967 * Loads one byte pointed to by the Z-register into the destination 1968 * register Rd. This instruction features a 100% space effective constant 1969 * initialization or constant data fetch. The Program memory is organized in 1970 * 16-bit words while the Z-pointer is a byte address. Thus, the least 1971 * significant bit of the Z-pointer selects either low byte (ZLSB = 0) or high 1972 * byte (ZLSB = 1). This instruction can address the first 64KB (32K words) of 1973 * Program memory. The Zpointer Register can either be left unchanged by the 1974 * operation, or it can be incremented. The incrementation does not apply to 1975 * the RAMPZ Register. 1976 * 1977 * Devices with Self-Programming capability can use the LPM instruction to read 1978 * the Fuse and Lock bit values. 1979 */ 1980 static bool trans_LPM1(DisasContext *ctx, arg_LPM1 *a) 1981 { 1982 if (!avr_have_feature(ctx, AVR_FEATURE_LPM)) { 1983 return true; 1984 } 1985 1986 TCGv Rd = cpu_r[0]; 1987 TCGv addr = tcg_temp_new_i32(); 1988 TCGv H = cpu_r[31]; 1989 TCGv L = cpu_r[30]; 1990 1991 tcg_gen_shli_tl(addr, H, 8); /* addr = H:L */ 1992 tcg_gen_or_tl(addr, addr, L); 1993 tcg_gen_qemu_ld_tl(Rd, addr, MMU_CODE_IDX, MO_UB); 1994 return true; 1995 } 1996 1997 static bool trans_LPM2(DisasContext *ctx, arg_LPM2 *a) 1998 { 1999 if (!avr_have_feature(ctx, AVR_FEATURE_LPM)) { 2000 return true; 2001 } 2002 2003 TCGv Rd = cpu_r[a->rd]; 2004 TCGv addr = tcg_temp_new_i32(); 2005 TCGv H = cpu_r[31]; 2006 TCGv L = cpu_r[30]; 2007 2008 tcg_gen_shli_tl(addr, H, 8); /* addr = H:L */ 2009 tcg_gen_or_tl(addr, addr, L); 2010 tcg_gen_qemu_ld_tl(Rd, addr, MMU_CODE_IDX, MO_UB); 2011 return true; 2012 } 2013 2014 static bool trans_LPMX(DisasContext *ctx, arg_LPMX *a) 2015 { 2016 if (!avr_have_feature(ctx, AVR_FEATURE_LPMX)) { 2017 return true; 2018 } 2019 2020 TCGv Rd = cpu_r[a->rd]; 2021 TCGv addr = tcg_temp_new_i32(); 2022 TCGv H = cpu_r[31]; 2023 TCGv L = cpu_r[30]; 2024 2025 tcg_gen_shli_tl(addr, H, 8); /* addr = H:L */ 2026 tcg_gen_or_tl(addr, addr, L); 2027 tcg_gen_qemu_ld_tl(Rd, addr, MMU_CODE_IDX, MO_UB); 2028 tcg_gen_addi_tl(addr, addr, 1); /* addr = addr + 1 */ 2029 tcg_gen_andi_tl(L, addr, 0xff); 2030 tcg_gen_shri_tl(addr, addr, 8); 2031 tcg_gen_andi_tl(H, addr, 0xff); 2032 return true; 2033 } 2034 2035 /* 2036 * Loads one byte pointed to by the Z-register and the RAMPZ Register in 2037 * the I/O space, and places this byte in the destination register Rd. This 2038 * instruction features a 100% space effective constant initialization or 2039 * constant data fetch. The Program memory is organized in 16-bit words while 2040 * the Z-pointer is a byte address. Thus, the least significant bit of the 2041 * Z-pointer selects either low byte (ZLSB = 0) or high byte (ZLSB = 1). This 2042 * instruction can address the entire Program memory space. The Z-pointer 2043 * Register can either be left unchanged by the operation, or it can be 2044 * incremented. The incrementation applies to the entire 24-bit concatenation 2045 * of the RAMPZ and Z-pointer Registers. 2046 * 2047 * Devices with Self-Programming capability can use the ELPM instruction to 2048 * read the Fuse and Lock bit value. 2049 */ 2050 static bool trans_ELPM1(DisasContext *ctx, arg_ELPM1 *a) 2051 { 2052 if (!avr_have_feature(ctx, AVR_FEATURE_ELPM)) { 2053 return true; 2054 } 2055 2056 TCGv Rd = cpu_r[0]; 2057 TCGv addr = gen_get_zaddr(); 2058 2059 tcg_gen_qemu_ld_tl(Rd, addr, MMU_CODE_IDX, MO_UB); 2060 return true; 2061 } 2062 2063 static bool trans_ELPM2(DisasContext *ctx, arg_ELPM2 *a) 2064 { 2065 if (!avr_have_feature(ctx, AVR_FEATURE_ELPM)) { 2066 return true; 2067 } 2068 2069 TCGv Rd = cpu_r[a->rd]; 2070 TCGv addr = gen_get_zaddr(); 2071 2072 tcg_gen_qemu_ld_tl(Rd, addr, MMU_CODE_IDX, MO_UB); 2073 return true; 2074 } 2075 2076 static bool trans_ELPMX(DisasContext *ctx, arg_ELPMX *a) 2077 { 2078 if (!avr_have_feature(ctx, AVR_FEATURE_ELPMX)) { 2079 return true; 2080 } 2081 2082 TCGv Rd = cpu_r[a->rd]; 2083 TCGv addr = gen_get_zaddr(); 2084 2085 tcg_gen_qemu_ld_tl(Rd, addr, MMU_CODE_IDX, MO_UB); 2086 tcg_gen_addi_tl(addr, addr, 1); /* addr = addr + 1 */ 2087 gen_set_zaddr(addr); 2088 return true; 2089 } 2090 2091 /* 2092 * SPM can be used to erase a page in the Program memory, to write a page 2093 * in the Program memory (that is already erased), and to set Boot Loader Lock 2094 * bits. In some devices, the Program memory can be written one word at a time, 2095 * in other devices an entire page can be programmed simultaneously after first 2096 * filling a temporary page buffer. In all cases, the Program memory must be 2097 * erased one page at a time. When erasing the Program memory, the RAMPZ and 2098 * Z-register are used as page address. When writing the Program memory, the 2099 * RAMPZ and Z-register are used as page or word address, and the R1:R0 2100 * register pair is used as data(1). When setting the Boot Loader Lock bits, 2101 * the R1:R0 register pair is used as data. Refer to the device documentation 2102 * for detailed description of SPM usage. This instruction can address the 2103 * entire Program memory. 2104 * 2105 * The SPM instruction is not available in all devices. Refer to the device 2106 * specific instruction set summary. 2107 * 2108 * Note: 1. R1 determines the instruction high byte, and R0 determines the 2109 * instruction low byte. 2110 */ 2111 static bool trans_SPM(DisasContext *ctx, arg_SPM *a) 2112 { 2113 /* TODO */ 2114 if (!avr_have_feature(ctx, AVR_FEATURE_SPM)) { 2115 return true; 2116 } 2117 2118 return true; 2119 } 2120 2121 static bool trans_SPMX(DisasContext *ctx, arg_SPMX *a) 2122 { 2123 /* TODO */ 2124 if (!avr_have_feature(ctx, AVR_FEATURE_SPMX)) { 2125 return true; 2126 } 2127 2128 return true; 2129 } 2130 2131 /* 2132 * Loads data from the I/O Space (Ports, Timers, Configuration Registers, 2133 * etc.) into register Rd in the Register File. 2134 */ 2135 static bool trans_IN(DisasContext *ctx, arg_IN *a) 2136 { 2137 TCGv Rd = cpu_r[a->rd]; 2138 2139 gen_inb(ctx, Rd, a->imm); 2140 return true; 2141 } 2142 2143 /* 2144 * Stores data from register Rr in the Register File to I/O Space (Ports, 2145 * Timers, Configuration Registers, etc.). 2146 */ 2147 static bool trans_OUT(DisasContext *ctx, arg_OUT *a) 2148 { 2149 TCGv Rd = cpu_r[a->rd]; 2150 2151 gen_outb(ctx, Rd, a->imm); 2152 return true; 2153 } 2154 2155 /* 2156 * This instruction stores the contents of register Rr on the STACK. The 2157 * Stack Pointer is post-decremented by 1 after the PUSH. This instruction is 2158 * not available in all devices. Refer to the device specific instruction set 2159 * summary. 2160 */ 2161 static bool trans_PUSH(DisasContext *ctx, arg_PUSH *a) 2162 { 2163 TCGv Rd = cpu_r[a->rd]; 2164 2165 gen_data_store(ctx, Rd, cpu_sp); 2166 tcg_gen_subi_tl(cpu_sp, cpu_sp, 1); 2167 2168 return true; 2169 } 2170 2171 /* 2172 * This instruction loads register Rd with a byte from the STACK. The Stack 2173 * Pointer is pre-incremented by 1 before the POP. This instruction is not 2174 * available in all devices. Refer to the device specific instruction set 2175 * summary. 2176 */ 2177 static bool trans_POP(DisasContext *ctx, arg_POP *a) 2178 { 2179 /* 2180 * Using a temp to work around some strange behaviour: 2181 * tcg_gen_addi_tl(cpu_sp, cpu_sp, 1); 2182 * gen_data_load(ctx, Rd, cpu_sp); 2183 * seems to cause the add to happen twice. 2184 * This doesn't happen if either the add or the load is removed. 2185 */ 2186 TCGv t1 = tcg_temp_new_i32(); 2187 TCGv Rd = cpu_r[a->rd]; 2188 2189 tcg_gen_addi_tl(t1, cpu_sp, 1); 2190 gen_data_load(ctx, Rd, t1); 2191 tcg_gen_mov_tl(cpu_sp, t1); 2192 2193 return true; 2194 } 2195 2196 /* 2197 * Exchanges one byte indirect between register and data space. The data 2198 * location is pointed to by the Z (16 bits) Pointer Register in the Register 2199 * File. Memory access is limited to the current data segment of 64KB. To 2200 * access another data segment in devices with more than 64KB data space, the 2201 * RAMPZ in register in the I/O area has to be changed. 2202 * 2203 * The Z-pointer Register is left unchanged by the operation. This instruction 2204 * is especially suited for writing/reading status bits stored in SRAM. 2205 */ 2206 static bool trans_XCH(DisasContext *ctx, arg_XCH *a) 2207 { 2208 if (!avr_have_feature(ctx, AVR_FEATURE_RMW)) { 2209 return true; 2210 } 2211 2212 TCGv Rd = cpu_r[a->rd]; 2213 TCGv t0 = tcg_temp_new_i32(); 2214 TCGv addr = gen_get_zaddr(); 2215 2216 gen_data_load(ctx, t0, addr); 2217 gen_data_store(ctx, Rd, addr); 2218 tcg_gen_mov_tl(Rd, t0); 2219 return true; 2220 } 2221 2222 /* 2223 * Load one byte indirect from data space to register and set bits in data 2224 * space specified by the register. The instruction can only be used towards 2225 * internal SRAM. The data location is pointed to by the Z (16 bits) Pointer 2226 * Register in the Register File. Memory access is limited to the current data 2227 * segment of 64KB. To access another data segment in devices with more than 2228 * 64KB data space, the RAMPZ in register in the I/O area has to be changed. 2229 * 2230 * The Z-pointer Register is left unchanged by the operation. This instruction 2231 * is especially suited for setting status bits stored in SRAM. 2232 */ 2233 static bool trans_LAS(DisasContext *ctx, arg_LAS *a) 2234 { 2235 if (!avr_have_feature(ctx, AVR_FEATURE_RMW)) { 2236 return true; 2237 } 2238 2239 TCGv Rr = cpu_r[a->rd]; 2240 TCGv addr = gen_get_zaddr(); 2241 TCGv t0 = tcg_temp_new_i32(); 2242 TCGv t1 = tcg_temp_new_i32(); 2243 2244 gen_data_load(ctx, t0, addr); /* t0 = mem[addr] */ 2245 tcg_gen_or_tl(t1, t0, Rr); 2246 tcg_gen_mov_tl(Rr, t0); /* Rr = t0 */ 2247 gen_data_store(ctx, t1, addr); /* mem[addr] = t1 */ 2248 return true; 2249 } 2250 2251 /* 2252 * Load one byte indirect from data space to register and stores and clear 2253 * the bits in data space specified by the register. The instruction can 2254 * only be used towards internal SRAM. The data location is pointed to by 2255 * the Z (16 bits) Pointer Register in the Register File. Memory access is 2256 * limited to the current data segment of 64KB. To access another data 2257 * segment in devices with more than 64KB data space, the RAMPZ in register 2258 * in the I/O area has to be changed. 2259 * 2260 * The Z-pointer Register is left unchanged by the operation. This instruction 2261 * is especially suited for clearing status bits stored in SRAM. 2262 */ 2263 static bool trans_LAC(DisasContext *ctx, arg_LAC *a) 2264 { 2265 if (!avr_have_feature(ctx, AVR_FEATURE_RMW)) { 2266 return true; 2267 } 2268 2269 TCGv Rr = cpu_r[a->rd]; 2270 TCGv addr = gen_get_zaddr(); 2271 TCGv t0 = tcg_temp_new_i32(); 2272 TCGv t1 = tcg_temp_new_i32(); 2273 2274 gen_data_load(ctx, t0, addr); /* t0 = mem[addr] */ 2275 tcg_gen_andc_tl(t1, t0, Rr); /* t1 = t0 & (0xff - Rr) = t0 & ~Rr */ 2276 tcg_gen_mov_tl(Rr, t0); /* Rr = t0 */ 2277 gen_data_store(ctx, t1, addr); /* mem[addr] = t1 */ 2278 return true; 2279 } 2280 2281 2282 /* 2283 * Load one byte indirect from data space to register and toggles bits in 2284 * the data space specified by the register. The instruction can only be used 2285 * towards SRAM. The data location is pointed to by the Z (16 bits) Pointer 2286 * Register in the Register File. Memory access is limited to the current data 2287 * segment of 64KB. To access another data segment in devices with more than 2288 * 64KB data space, the RAMPZ in register in the I/O area has to be changed. 2289 * 2290 * The Z-pointer Register is left unchanged by the operation. This instruction 2291 * is especially suited for changing status bits stored in SRAM. 2292 */ 2293 static bool trans_LAT(DisasContext *ctx, arg_LAT *a) 2294 { 2295 if (!avr_have_feature(ctx, AVR_FEATURE_RMW)) { 2296 return true; 2297 } 2298 2299 TCGv Rd = cpu_r[a->rd]; 2300 TCGv addr = gen_get_zaddr(); 2301 TCGv t0 = tcg_temp_new_i32(); 2302 TCGv t1 = tcg_temp_new_i32(); 2303 2304 gen_data_load(ctx, t0, addr); /* t0 = mem[addr] */ 2305 tcg_gen_xor_tl(t1, t0, Rd); 2306 tcg_gen_mov_tl(Rd, t0); /* Rd = t0 */ 2307 gen_data_store(ctx, t1, addr); /* mem[addr] = t1 */ 2308 return true; 2309 } 2310 2311 /* 2312 * Bit and Bit-test Instructions 2313 */ 2314 static void gen_rshift_ZNVSf(TCGv R) 2315 { 2316 tcg_gen_setcondi_tl(TCG_COND_EQ, cpu_Zf, R, 0); /* Zf = R == 0 */ 2317 tcg_gen_shri_tl(cpu_Nf, R, 7); /* Nf = R(7) */ 2318 tcg_gen_xor_tl(cpu_Vf, cpu_Nf, cpu_Cf); 2319 tcg_gen_xor_tl(cpu_Sf, cpu_Nf, cpu_Vf); /* Sf = Nf ^ Vf */ 2320 } 2321 2322 /* 2323 * Shifts all bits in Rd one place to the right. Bit 7 is cleared. Bit 0 is 2324 * loaded into the C Flag of the SREG. This operation effectively divides an 2325 * unsigned value by two. The C Flag can be used to round the result. 2326 */ 2327 static bool trans_LSR(DisasContext *ctx, arg_LSR *a) 2328 { 2329 TCGv Rd = cpu_r[a->rd]; 2330 2331 tcg_gen_andi_tl(cpu_Cf, Rd, 1); 2332 tcg_gen_shri_tl(Rd, Rd, 1); 2333 2334 /* update status register */ 2335 tcg_gen_setcondi_tl(TCG_COND_EQ, cpu_Zf, Rd, 0); /* Zf = Rd == 0 */ 2336 tcg_gen_movi_tl(cpu_Nf, 0); 2337 tcg_gen_mov_tl(cpu_Vf, cpu_Cf); 2338 tcg_gen_mov_tl(cpu_Sf, cpu_Vf); 2339 2340 return true; 2341 } 2342 2343 /* 2344 * Shifts all bits in Rd one place to the right. The C Flag is shifted into 2345 * bit 7 of Rd. Bit 0 is shifted into the C Flag. This operation, combined 2346 * with ASR, effectively divides multi-byte signed values by two. Combined with 2347 * LSR it effectively divides multi-byte unsigned values by two. The Carry Flag 2348 * can be used to round the result. 2349 */ 2350 static bool trans_ROR(DisasContext *ctx, arg_ROR *a) 2351 { 2352 TCGv Rd = cpu_r[a->rd]; 2353 TCGv t0 = tcg_temp_new_i32(); 2354 2355 tcg_gen_shli_tl(t0, cpu_Cf, 7); 2356 2357 /* update status register */ 2358 tcg_gen_andi_tl(cpu_Cf, Rd, 1); 2359 2360 /* update output register */ 2361 tcg_gen_shri_tl(Rd, Rd, 1); 2362 tcg_gen_or_tl(Rd, Rd, t0); 2363 2364 /* update status register */ 2365 gen_rshift_ZNVSf(Rd); 2366 return true; 2367 } 2368 2369 /* 2370 * Shifts all bits in Rd one place to the right. Bit 7 is held constant. Bit 0 2371 * is loaded into the C Flag of the SREG. This operation effectively divides a 2372 * signed value by two without changing its sign. The Carry Flag can be used to 2373 * round the result. 2374 */ 2375 static bool trans_ASR(DisasContext *ctx, arg_ASR *a) 2376 { 2377 TCGv Rd = cpu_r[a->rd]; 2378 TCGv t0 = tcg_temp_new_i32(); 2379 2380 /* update status register */ 2381 tcg_gen_andi_tl(cpu_Cf, Rd, 1); /* Cf = Rd(0) */ 2382 2383 /* update output register */ 2384 tcg_gen_andi_tl(t0, Rd, 0x80); /* Rd = (Rd & 0x80) | (Rd >> 1) */ 2385 tcg_gen_shri_tl(Rd, Rd, 1); 2386 tcg_gen_or_tl(Rd, Rd, t0); 2387 2388 /* update status register */ 2389 gen_rshift_ZNVSf(Rd); 2390 return true; 2391 } 2392 2393 /* 2394 * Swaps high and low nibbles in a register. 2395 */ 2396 static bool trans_SWAP(DisasContext *ctx, arg_SWAP *a) 2397 { 2398 TCGv Rd = cpu_r[a->rd]; 2399 TCGv t0 = tcg_temp_new_i32(); 2400 TCGv t1 = tcg_temp_new_i32(); 2401 2402 tcg_gen_andi_tl(t0, Rd, 0x0f); 2403 tcg_gen_shli_tl(t0, t0, 4); 2404 tcg_gen_andi_tl(t1, Rd, 0xf0); 2405 tcg_gen_shri_tl(t1, t1, 4); 2406 tcg_gen_or_tl(Rd, t0, t1); 2407 return true; 2408 } 2409 2410 /* 2411 * Sets a specified bit in an I/O Register. This instruction operates on 2412 * the lower 32 I/O Registers -- addresses 0-31. 2413 */ 2414 static bool trans_SBI(DisasContext *ctx, arg_SBI *a) 2415 { 2416 TCGv data = tcg_temp_new_i32(); 2417 2418 gen_inb(ctx, data, a->reg); 2419 tcg_gen_ori_tl(data, data, 1 << a->bit); 2420 gen_outb(ctx, data, a->reg); 2421 return true; 2422 } 2423 2424 /* 2425 * Clears a specified bit in an I/O Register. This instruction operates on 2426 * the lower 32 I/O Registers -- addresses 0-31. 2427 */ 2428 static bool trans_CBI(DisasContext *ctx, arg_CBI *a) 2429 { 2430 TCGv data = tcg_temp_new_i32(); 2431 2432 gen_inb(ctx, data, a->reg); 2433 tcg_gen_andi_tl(data, data, ~(1 << a->bit)); 2434 gen_outb(ctx, data, a->reg); 2435 return true; 2436 } 2437 2438 /* 2439 * Stores bit b from Rd to the T Flag in SREG (Status Register). 2440 */ 2441 static bool trans_BST(DisasContext *ctx, arg_BST *a) 2442 { 2443 TCGv Rd = cpu_r[a->rd]; 2444 2445 tcg_gen_andi_tl(cpu_Tf, Rd, 1 << a->bit); 2446 tcg_gen_shri_tl(cpu_Tf, cpu_Tf, a->bit); 2447 2448 return true; 2449 } 2450 2451 /* 2452 * Copies the T Flag in the SREG (Status Register) to bit b in register Rd. 2453 */ 2454 static bool trans_BLD(DisasContext *ctx, arg_BLD *a) 2455 { 2456 TCGv Rd = cpu_r[a->rd]; 2457 TCGv t1 = tcg_temp_new_i32(); 2458 2459 tcg_gen_andi_tl(Rd, Rd, ~(1u << a->bit)); /* clear bit */ 2460 tcg_gen_shli_tl(t1, cpu_Tf, a->bit); /* create mask */ 2461 tcg_gen_or_tl(Rd, Rd, t1); 2462 return true; 2463 } 2464 2465 /* 2466 * Sets a single Flag or bit in SREG. 2467 */ 2468 static bool trans_BSET(DisasContext *ctx, arg_BSET *a) 2469 { 2470 switch (a->bit) { 2471 case 0x00: 2472 tcg_gen_movi_tl(cpu_Cf, 0x01); 2473 break; 2474 case 0x01: 2475 tcg_gen_movi_tl(cpu_Zf, 0x01); 2476 break; 2477 case 0x02: 2478 tcg_gen_movi_tl(cpu_Nf, 0x01); 2479 break; 2480 case 0x03: 2481 tcg_gen_movi_tl(cpu_Vf, 0x01); 2482 break; 2483 case 0x04: 2484 tcg_gen_movi_tl(cpu_Sf, 0x01); 2485 break; 2486 case 0x05: 2487 tcg_gen_movi_tl(cpu_Hf, 0x01); 2488 break; 2489 case 0x06: 2490 tcg_gen_movi_tl(cpu_Tf, 0x01); 2491 break; 2492 case 0x07: 2493 tcg_gen_movi_tl(cpu_If, 0x01); 2494 break; 2495 } 2496 2497 return true; 2498 } 2499 2500 /* 2501 * Clears a single Flag in SREG. 2502 */ 2503 static bool trans_BCLR(DisasContext *ctx, arg_BCLR *a) 2504 { 2505 switch (a->bit) { 2506 case 0x00: 2507 tcg_gen_movi_tl(cpu_Cf, 0x00); 2508 break; 2509 case 0x01: 2510 tcg_gen_movi_tl(cpu_Zf, 0x00); 2511 break; 2512 case 0x02: 2513 tcg_gen_movi_tl(cpu_Nf, 0x00); 2514 break; 2515 case 0x03: 2516 tcg_gen_movi_tl(cpu_Vf, 0x00); 2517 break; 2518 case 0x04: 2519 tcg_gen_movi_tl(cpu_Sf, 0x00); 2520 break; 2521 case 0x05: 2522 tcg_gen_movi_tl(cpu_Hf, 0x00); 2523 break; 2524 case 0x06: 2525 tcg_gen_movi_tl(cpu_Tf, 0x00); 2526 break; 2527 case 0x07: 2528 tcg_gen_movi_tl(cpu_If, 0x00); 2529 break; 2530 } 2531 2532 return true; 2533 } 2534 2535 /* 2536 * MCU Control Instructions 2537 */ 2538 2539 /* 2540 * The BREAK instruction is used by the On-chip Debug system, and is 2541 * normally not used in the application software. When the BREAK instruction is 2542 * executed, the AVR CPU is set in the Stopped Mode. This gives the On-chip 2543 * Debugger access to internal resources. If any Lock bits are set, or either 2544 * the JTAGEN or OCDEN Fuses are unprogrammed, the CPU will treat the BREAK 2545 * instruction as a NOP and will not enter the Stopped mode. This instruction 2546 * is not available in all devices. Refer to the device specific instruction 2547 * set summary. 2548 */ 2549 static bool trans_BREAK(DisasContext *ctx, arg_BREAK *a) 2550 { 2551 if (!avr_have_feature(ctx, AVR_FEATURE_BREAK)) { 2552 return true; 2553 } 2554 2555 #ifdef BREAKPOINT_ON_BREAK 2556 tcg_gen_movi_tl(cpu_pc, ctx->npc - 1); 2557 gen_helper_debug(tcg_env); 2558 ctx->base.is_jmp = DISAS_EXIT; 2559 #else 2560 /* NOP */ 2561 #endif 2562 2563 return true; 2564 } 2565 2566 /* 2567 * This instruction performs a single cycle No Operation. 2568 */ 2569 static bool trans_NOP(DisasContext *ctx, arg_NOP *a) 2570 { 2571 2572 /* NOP */ 2573 2574 return true; 2575 } 2576 2577 /* 2578 * This instruction sets the circuit in sleep mode defined by the MCU 2579 * Control Register. 2580 */ 2581 static bool trans_SLEEP(DisasContext *ctx, arg_SLEEP *a) 2582 { 2583 gen_helper_sleep(tcg_env); 2584 ctx->base.is_jmp = DISAS_NORETURN; 2585 return true; 2586 } 2587 2588 /* 2589 * This instruction resets the Watchdog Timer. This instruction must be 2590 * executed within a limited time given by the WD prescaler. See the Watchdog 2591 * Timer hardware specification. 2592 */ 2593 static bool trans_WDR(DisasContext *ctx, arg_WDR *a) 2594 { 2595 gen_helper_wdr(tcg_env); 2596 2597 return true; 2598 } 2599 2600 /* 2601 * Core translation mechanism functions: 2602 * 2603 * - translate() 2604 * - canonicalize_skip() 2605 * - translate_code() 2606 * - restore_state_to_opc() 2607 * 2608 */ 2609 static void translate(DisasContext *ctx) 2610 { 2611 uint32_t opcode = next_word(ctx); 2612 2613 if (!decode_insn(ctx, opcode)) { 2614 gen_helper_unsupported(tcg_env); 2615 ctx->base.is_jmp = DISAS_NORETURN; 2616 } 2617 } 2618 2619 /* Standardize the cpu_skip condition to NE. */ 2620 static bool canonicalize_skip(DisasContext *ctx) 2621 { 2622 switch (ctx->skip_cond) { 2623 case TCG_COND_NEVER: 2624 /* Normal case: cpu_skip is known to be false. */ 2625 return false; 2626 2627 case TCG_COND_ALWAYS: 2628 /* 2629 * Breakpoint case: cpu_skip is known to be true, via TB_FLAGS_SKIP. 2630 * The breakpoint is on the instruction being skipped, at the start 2631 * of the TranslationBlock. No need to update. 2632 */ 2633 return false; 2634 2635 case TCG_COND_NE: 2636 if (ctx->skip_var1 == NULL) { 2637 tcg_gen_mov_tl(cpu_skip, ctx->skip_var0); 2638 } else { 2639 tcg_gen_xor_tl(cpu_skip, ctx->skip_var0, ctx->skip_var1); 2640 ctx->skip_var1 = NULL; 2641 } 2642 break; 2643 2644 default: 2645 /* Convert to a NE condition vs 0. */ 2646 if (ctx->skip_var1 == NULL) { 2647 tcg_gen_setcondi_tl(ctx->skip_cond, cpu_skip, ctx->skip_var0, 0); 2648 } else { 2649 tcg_gen_setcond_tl(ctx->skip_cond, cpu_skip, 2650 ctx->skip_var0, ctx->skip_var1); 2651 ctx->skip_var1 = NULL; 2652 } 2653 ctx->skip_cond = TCG_COND_NE; 2654 break; 2655 } 2656 ctx->skip_var0 = cpu_skip; 2657 return true; 2658 } 2659 2660 static void avr_tr_init_disas_context(DisasContextBase *dcbase, CPUState *cs) 2661 { 2662 DisasContext *ctx = container_of(dcbase, DisasContext, base); 2663 uint32_t tb_flags = ctx->base.tb->flags; 2664 2665 ctx->cs = cs; 2666 ctx->env = cpu_env(cs); 2667 ctx->npc = ctx->base.pc_first / 2; 2668 2669 ctx->skip_cond = TCG_COND_NEVER; 2670 if (tb_flags & TB_FLAGS_SKIP) { 2671 ctx->skip_cond = TCG_COND_ALWAYS; 2672 ctx->skip_var0 = cpu_skip; 2673 } 2674 2675 if (tb_flags & TB_FLAGS_FULL_ACCESS) { 2676 /* 2677 * This flag is set by ST/LD instruction we will regenerate it ONLY 2678 * with mem/cpu memory access instead of mem access 2679 */ 2680 ctx->base.max_insns = 1; 2681 } 2682 } 2683 2684 static void avr_tr_tb_start(DisasContextBase *db, CPUState *cs) 2685 { 2686 } 2687 2688 static void avr_tr_insn_start(DisasContextBase *dcbase, CPUState *cs) 2689 { 2690 DisasContext *ctx = container_of(dcbase, DisasContext, base); 2691 2692 tcg_gen_insn_start(ctx->npc); 2693 } 2694 2695 static void avr_tr_translate_insn(DisasContextBase *dcbase, CPUState *cs) 2696 { 2697 DisasContext *ctx = container_of(dcbase, DisasContext, base); 2698 TCGLabel *skip_label = NULL; 2699 2700 /* Conditionally skip the next instruction, if indicated. */ 2701 if (ctx->skip_cond != TCG_COND_NEVER) { 2702 skip_label = gen_new_label(); 2703 if (ctx->skip_var0 == cpu_skip) { 2704 /* 2705 * Copy cpu_skip so that we may zero it before the branch. 2706 * This ensures that cpu_skip is non-zero after the label 2707 * if and only if the skipped insn itself sets a skip. 2708 */ 2709 ctx->skip_var0 = tcg_temp_new(); 2710 tcg_gen_mov_tl(ctx->skip_var0, cpu_skip); 2711 tcg_gen_movi_tl(cpu_skip, 0); 2712 } 2713 if (ctx->skip_var1 == NULL) { 2714 tcg_gen_brcondi_tl(ctx->skip_cond, ctx->skip_var0, 0, skip_label); 2715 } else { 2716 tcg_gen_brcond_tl(ctx->skip_cond, ctx->skip_var0, 2717 ctx->skip_var1, skip_label); 2718 ctx->skip_var1 = NULL; 2719 } 2720 ctx->skip_cond = TCG_COND_NEVER; 2721 ctx->skip_var0 = NULL; 2722 } 2723 2724 translate(ctx); 2725 2726 ctx->base.pc_next = ctx->npc * 2; 2727 2728 if (skip_label) { 2729 canonicalize_skip(ctx); 2730 gen_set_label(skip_label); 2731 2732 switch (ctx->base.is_jmp) { 2733 case DISAS_NORETURN: 2734 ctx->base.is_jmp = DISAS_CHAIN; 2735 break; 2736 case DISAS_NEXT: 2737 if (ctx->base.tb->flags & TB_FLAGS_SKIP) { 2738 ctx->base.is_jmp = DISAS_TOO_MANY; 2739 } 2740 break; 2741 default: 2742 break; 2743 } 2744 } 2745 2746 if (ctx->base.is_jmp == DISAS_NEXT) { 2747 target_ulong page_first = ctx->base.pc_first & TARGET_PAGE_MASK; 2748 2749 if ((ctx->base.pc_next - page_first) >= TARGET_PAGE_SIZE - 4) { 2750 ctx->base.is_jmp = DISAS_TOO_MANY; 2751 } 2752 } 2753 } 2754 2755 static void avr_tr_tb_stop(DisasContextBase *dcbase, CPUState *cs) 2756 { 2757 DisasContext *ctx = container_of(dcbase, DisasContext, base); 2758 bool nonconst_skip = canonicalize_skip(ctx); 2759 /* 2760 * Because we disable interrupts while env->skip is set, 2761 * we must return to the main loop to re-evaluate afterward. 2762 */ 2763 bool force_exit = ctx->base.tb->flags & TB_FLAGS_SKIP; 2764 2765 switch (ctx->base.is_jmp) { 2766 case DISAS_NORETURN: 2767 assert(!nonconst_skip); 2768 break; 2769 case DISAS_NEXT: 2770 case DISAS_TOO_MANY: 2771 case DISAS_CHAIN: 2772 if (!nonconst_skip && !force_exit) { 2773 /* Note gen_goto_tb checks singlestep. */ 2774 gen_goto_tb(ctx, 1, ctx->npc); 2775 break; 2776 } 2777 tcg_gen_movi_tl(cpu_pc, ctx->npc); 2778 /* fall through */ 2779 case DISAS_LOOKUP: 2780 if (!force_exit) { 2781 tcg_gen_lookup_and_goto_ptr(); 2782 break; 2783 } 2784 /* fall through */ 2785 case DISAS_EXIT: 2786 tcg_gen_exit_tb(NULL, 0); 2787 break; 2788 default: 2789 g_assert_not_reached(); 2790 } 2791 } 2792 2793 static const TranslatorOps avr_tr_ops = { 2794 .init_disas_context = avr_tr_init_disas_context, 2795 .tb_start = avr_tr_tb_start, 2796 .insn_start = avr_tr_insn_start, 2797 .translate_insn = avr_tr_translate_insn, 2798 .tb_stop = avr_tr_tb_stop, 2799 }; 2800 2801 void avr_cpu_translate_code(CPUState *cs, TranslationBlock *tb, 2802 int *max_insns, vaddr pc, void *host_pc) 2803 { 2804 DisasContext dc = { }; 2805 translator_loop(cs, tb, max_insns, pc, host_pc, &avr_tr_ops, &dc.base); 2806 } 2807