1 /* 2 * QEMU AVR CPU 3 * 4 * Copyright (c) 2019-2020 Michael Rolnik 5 * 6 * This library is free software; you can redistribute it and/or 7 * modify it under the terms of the GNU Lesser General Public 8 * License as published by the Free Software Foundation; either 9 * version 2.1 of the License, or (at your option) any later version. 10 * 11 * This library is distributed in the hope that it will be useful, 12 * but WITHOUT ANY WARRANTY; without even the implied warranty of 13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 14 * Lesser General Public License for more details. 15 * 16 * You should have received a copy of the GNU Lesser General Public 17 * License along with this library; if not, see 18 * <http://www.gnu.org/licenses/lgpl-2.1.html> 19 */ 20 21 #include "qemu/osdep.h" 22 #include "qemu/qemu-print.h" 23 #include "tcg/tcg.h" 24 #include "cpu.h" 25 #include "exec/exec-all.h" 26 #include "exec/translation-block.h" 27 #include "tcg/tcg-op.h" 28 #include "exec/helper-proto.h" 29 #include "exec/helper-gen.h" 30 #include "exec/log.h" 31 #include "exec/translator.h" 32 33 #define HELPER_H "helper.h" 34 #include "exec/helper-info.c.inc" 35 #undef HELPER_H 36 37 38 /* 39 * Define if you want a BREAK instruction translated to a breakpoint 40 * Active debugging connection is assumed 41 * This is for 42 * https://github.com/seharris/qemu-avr-tests/tree/master/instruction-tests 43 * tests 44 */ 45 #undef BREAKPOINT_ON_BREAK 46 47 static TCGv cpu_pc; 48 49 static TCGv cpu_Cf; 50 static TCGv cpu_Zf; 51 static TCGv cpu_Nf; 52 static TCGv cpu_Vf; 53 static TCGv cpu_Sf; 54 static TCGv cpu_Hf; 55 static TCGv cpu_Tf; 56 static TCGv cpu_If; 57 58 static TCGv cpu_rampD; 59 static TCGv cpu_rampX; 60 static TCGv cpu_rampY; 61 static TCGv cpu_rampZ; 62 63 static TCGv cpu_r[NUMBER_OF_CPU_REGISTERS]; 64 static TCGv cpu_eind; 65 static TCGv cpu_sp; 66 67 static TCGv cpu_skip; 68 69 static const char reg_names[NUMBER_OF_CPU_REGISTERS][8] = { 70 "r0", "r1", "r2", "r3", "r4", "r5", "r6", "r7", 71 "r8", "r9", "r10", "r11", "r12", "r13", "r14", "r15", 72 "r16", "r17", "r18", "r19", "r20", "r21", "r22", "r23", 73 "r24", "r25", "r26", "r27", "r28", "r29", "r30", "r31", 74 }; 75 #define REG(x) (cpu_r[x]) 76 77 #define DISAS_EXIT DISAS_TARGET_0 /* We want return to the cpu main loop. */ 78 #define DISAS_LOOKUP DISAS_TARGET_1 /* We have a variable condition exit. */ 79 #define DISAS_CHAIN DISAS_TARGET_2 /* We have a single condition exit. */ 80 81 typedef struct DisasContext DisasContext; 82 83 /* This is the state at translation time. */ 84 struct DisasContext { 85 DisasContextBase base; 86 87 CPUAVRState *env; 88 CPUState *cs; 89 90 target_long npc; 91 uint32_t opcode; 92 93 /* Routine used to access memory */ 94 int memidx; 95 96 /* 97 * some AVR instructions can make the following instruction to be skipped 98 * Let's name those instructions 99 * A - instruction that can skip the next one 100 * B - instruction that can be skipped. this depends on execution of A 101 * there are two scenarios 102 * 1. A and B belong to the same translation block 103 * 2. A is the last instruction in the translation block and B is the last 104 * 105 * following variables are used to simplify the skipping logic, they are 106 * used in the following manner (sketch) 107 * 108 * TCGLabel *skip_label = NULL; 109 * if (ctx->skip_cond != TCG_COND_NEVER) { 110 * skip_label = gen_new_label(); 111 * tcg_gen_brcond_tl(skip_cond, skip_var0, skip_var1, skip_label); 112 * } 113 * 114 * translate(ctx); 115 * 116 * if (skip_label) { 117 * gen_set_label(skip_label); 118 * } 119 */ 120 TCGv skip_var0; 121 TCGv skip_var1; 122 TCGCond skip_cond; 123 }; 124 125 void avr_cpu_tcg_init(void) 126 { 127 int i; 128 129 #define AVR_REG_OFFS(x) offsetof(CPUAVRState, x) 130 cpu_pc = tcg_global_mem_new_i32(tcg_env, AVR_REG_OFFS(pc_w), "pc"); 131 cpu_Cf = tcg_global_mem_new_i32(tcg_env, AVR_REG_OFFS(sregC), "Cf"); 132 cpu_Zf = tcg_global_mem_new_i32(tcg_env, AVR_REG_OFFS(sregZ), "Zf"); 133 cpu_Nf = tcg_global_mem_new_i32(tcg_env, AVR_REG_OFFS(sregN), "Nf"); 134 cpu_Vf = tcg_global_mem_new_i32(tcg_env, AVR_REG_OFFS(sregV), "Vf"); 135 cpu_Sf = tcg_global_mem_new_i32(tcg_env, AVR_REG_OFFS(sregS), "Sf"); 136 cpu_Hf = tcg_global_mem_new_i32(tcg_env, AVR_REG_OFFS(sregH), "Hf"); 137 cpu_Tf = tcg_global_mem_new_i32(tcg_env, AVR_REG_OFFS(sregT), "Tf"); 138 cpu_If = tcg_global_mem_new_i32(tcg_env, AVR_REG_OFFS(sregI), "If"); 139 cpu_rampD = tcg_global_mem_new_i32(tcg_env, AVR_REG_OFFS(rampD), "rampD"); 140 cpu_rampX = tcg_global_mem_new_i32(tcg_env, AVR_REG_OFFS(rampX), "rampX"); 141 cpu_rampY = tcg_global_mem_new_i32(tcg_env, AVR_REG_OFFS(rampY), "rampY"); 142 cpu_rampZ = tcg_global_mem_new_i32(tcg_env, AVR_REG_OFFS(rampZ), "rampZ"); 143 cpu_eind = tcg_global_mem_new_i32(tcg_env, AVR_REG_OFFS(eind), "eind"); 144 cpu_sp = tcg_global_mem_new_i32(tcg_env, AVR_REG_OFFS(sp), "sp"); 145 cpu_skip = tcg_global_mem_new_i32(tcg_env, AVR_REG_OFFS(skip), "skip"); 146 147 for (i = 0; i < NUMBER_OF_CPU_REGISTERS; i++) { 148 cpu_r[i] = tcg_global_mem_new_i32(tcg_env, AVR_REG_OFFS(r[i]), 149 reg_names[i]); 150 } 151 #undef AVR_REG_OFFS 152 } 153 154 static int to_regs_16_31_by_one(DisasContext *ctx, int indx) 155 { 156 return 16 + (indx % 16); 157 } 158 159 static int to_regs_16_23_by_one(DisasContext *ctx, int indx) 160 { 161 return 16 + (indx % 8); 162 } 163 164 static int to_regs_24_30_by_two(DisasContext *ctx, int indx) 165 { 166 return 24 + (indx % 4) * 2; 167 } 168 169 static int to_regs_00_30_by_two(DisasContext *ctx, int indx) 170 { 171 return (indx % 16) * 2; 172 } 173 174 static uint16_t next_word(DisasContext *ctx) 175 { 176 return translator_lduw(ctx->env, &ctx->base, ctx->npc++ * 2); 177 } 178 179 static int append_16(DisasContext *ctx, int x) 180 { 181 return x << 16 | next_word(ctx); 182 } 183 184 static bool avr_have_feature(DisasContext *ctx, int feature) 185 { 186 if (!avr_feature(ctx->env, feature)) { 187 gen_helper_unsupported(tcg_env); 188 ctx->base.is_jmp = DISAS_NORETURN; 189 return false; 190 } 191 return true; 192 } 193 194 static bool decode_insn(DisasContext *ctx, uint16_t insn); 195 #include "decode-insn.c.inc" 196 197 static void gen_inb(DisasContext *ctx, TCGv data, int port); 198 static void gen_outb(DisasContext *ctx, TCGv data, int port); 199 200 /* 201 * Arithmetic Instructions 202 */ 203 204 /* 205 * Utility functions for updating status registers: 206 * 207 * - gen_add_CHf() 208 * - gen_add_Vf() 209 * - gen_sub_CHf() 210 * - gen_sub_Vf() 211 * - gen_NSf() 212 * - gen_ZNSf() 213 * 214 */ 215 216 static void gen_add_CHf(TCGv R, TCGv Rd, TCGv Rr) 217 { 218 TCGv t1 = tcg_temp_new_i32(); 219 TCGv t2 = tcg_temp_new_i32(); 220 TCGv t3 = tcg_temp_new_i32(); 221 222 tcg_gen_and_tl(t1, Rd, Rr); /* t1 = Rd & Rr */ 223 tcg_gen_andc_tl(t2, Rd, R); /* t2 = Rd & ~R */ 224 tcg_gen_andc_tl(t3, Rr, R); /* t3 = Rr & ~R */ 225 tcg_gen_or_tl(t1, t1, t2); /* t1 = t1 | t2 | t3 */ 226 tcg_gen_or_tl(t1, t1, t3); 227 228 tcg_gen_shri_tl(cpu_Cf, t1, 7); /* Cf = t1(7) */ 229 tcg_gen_shri_tl(cpu_Hf, t1, 3); /* Hf = t1(3) */ 230 tcg_gen_andi_tl(cpu_Hf, cpu_Hf, 1); 231 } 232 233 static void gen_add_Vf(TCGv R, TCGv Rd, TCGv Rr) 234 { 235 TCGv t1 = tcg_temp_new_i32(); 236 TCGv t2 = tcg_temp_new_i32(); 237 238 /* t1 = Rd & Rr & ~R | ~Rd & ~Rr & R */ 239 /* = (Rd ^ R) & ~(Rd ^ Rr) */ 240 tcg_gen_xor_tl(t1, Rd, R); 241 tcg_gen_xor_tl(t2, Rd, Rr); 242 tcg_gen_andc_tl(t1, t1, t2); 243 244 tcg_gen_shri_tl(cpu_Vf, t1, 7); /* Vf = t1(7) */ 245 } 246 247 static void gen_sub_CHf(TCGv R, TCGv Rd, TCGv Rr) 248 { 249 TCGv t1 = tcg_temp_new_i32(); 250 TCGv t2 = tcg_temp_new_i32(); 251 TCGv t3 = tcg_temp_new_i32(); 252 253 tcg_gen_not_tl(t1, Rd); /* t1 = ~Rd */ 254 tcg_gen_and_tl(t2, t1, Rr); /* t2 = ~Rd & Rr */ 255 tcg_gen_or_tl(t3, t1, Rr); /* t3 = (~Rd | Rr) & R */ 256 tcg_gen_and_tl(t3, t3, R); 257 tcg_gen_or_tl(t2, t2, t3); /* t2 = ~Rd & Rr | ~Rd & R | R & Rr */ 258 259 tcg_gen_shri_tl(cpu_Cf, t2, 7); /* Cf = t2(7) */ 260 tcg_gen_shri_tl(cpu_Hf, t2, 3); /* Hf = t2(3) */ 261 tcg_gen_andi_tl(cpu_Hf, cpu_Hf, 1); 262 } 263 264 static void gen_sub_Vf(TCGv R, TCGv Rd, TCGv Rr) 265 { 266 TCGv t1 = tcg_temp_new_i32(); 267 TCGv t2 = tcg_temp_new_i32(); 268 269 /* t1 = Rd & ~Rr & ~R | ~Rd & Rr & R */ 270 /* = (Rd ^ R) & (Rd ^ R) */ 271 tcg_gen_xor_tl(t1, Rd, R); 272 tcg_gen_xor_tl(t2, Rd, Rr); 273 tcg_gen_and_tl(t1, t1, t2); 274 275 tcg_gen_shri_tl(cpu_Vf, t1, 7); /* Vf = t1(7) */ 276 } 277 278 static void gen_NSf(TCGv R) 279 { 280 tcg_gen_shri_tl(cpu_Nf, R, 7); /* Nf = R(7) */ 281 tcg_gen_xor_tl(cpu_Sf, cpu_Nf, cpu_Vf); /* Sf = Nf ^ Vf */ 282 } 283 284 static void gen_ZNSf(TCGv R) 285 { 286 tcg_gen_setcondi_tl(TCG_COND_EQ, cpu_Zf, R, 0); /* Zf = R == 0 */ 287 288 /* update status register */ 289 tcg_gen_shri_tl(cpu_Nf, R, 7); /* Nf = R(7) */ 290 tcg_gen_xor_tl(cpu_Sf, cpu_Nf, cpu_Vf); /* Sf = Nf ^ Vf */ 291 } 292 293 /* 294 * Adds two registers without the C Flag and places the result in the 295 * destination register Rd. 296 */ 297 static bool trans_ADD(DisasContext *ctx, arg_ADD *a) 298 { 299 TCGv Rd = cpu_r[a->rd]; 300 TCGv Rr = cpu_r[a->rr]; 301 TCGv R = tcg_temp_new_i32(); 302 303 tcg_gen_add_tl(R, Rd, Rr); /* Rd = Rd + Rr */ 304 tcg_gen_andi_tl(R, R, 0xff); /* make it 8 bits */ 305 306 /* update status register */ 307 gen_add_CHf(R, Rd, Rr); 308 gen_add_Vf(R, Rd, Rr); 309 gen_ZNSf(R); 310 311 /* update output registers */ 312 tcg_gen_mov_tl(Rd, R); 313 return true; 314 } 315 316 /* 317 * Adds two registers and the contents of the C Flag and places the result in 318 * the destination register Rd. 319 */ 320 static bool trans_ADC(DisasContext *ctx, arg_ADC *a) 321 { 322 TCGv Rd = cpu_r[a->rd]; 323 TCGv Rr = cpu_r[a->rr]; 324 TCGv R = tcg_temp_new_i32(); 325 326 tcg_gen_add_tl(R, Rd, Rr); /* R = Rd + Rr + Cf */ 327 tcg_gen_add_tl(R, R, cpu_Cf); 328 tcg_gen_andi_tl(R, R, 0xff); /* make it 8 bits */ 329 330 /* update status register */ 331 gen_add_CHf(R, Rd, Rr); 332 gen_add_Vf(R, Rd, Rr); 333 gen_ZNSf(R); 334 335 /* update output registers */ 336 tcg_gen_mov_tl(Rd, R); 337 return true; 338 } 339 340 /* 341 * Adds an immediate value (0 - 63) to a register pair and places the result 342 * in the register pair. This instruction operates on the upper four register 343 * pairs, and is well suited for operations on the pointer registers. This 344 * instruction is not available in all devices. Refer to the device specific 345 * instruction set summary. 346 */ 347 static bool trans_ADIW(DisasContext *ctx, arg_ADIW *a) 348 { 349 if (!avr_have_feature(ctx, AVR_FEATURE_ADIW_SBIW)) { 350 return true; 351 } 352 353 TCGv RdL = cpu_r[a->rd]; 354 TCGv RdH = cpu_r[a->rd + 1]; 355 int Imm = (a->imm); 356 TCGv R = tcg_temp_new_i32(); 357 TCGv Rd = tcg_temp_new_i32(); 358 359 tcg_gen_deposit_tl(Rd, RdL, RdH, 8, 8); /* Rd = RdH:RdL */ 360 tcg_gen_addi_tl(R, Rd, Imm); /* R = Rd + Imm */ 361 tcg_gen_andi_tl(R, R, 0xffff); /* make it 16 bits */ 362 363 /* update status register */ 364 tcg_gen_andc_tl(cpu_Cf, Rd, R); /* Cf = Rd & ~R */ 365 tcg_gen_shri_tl(cpu_Cf, cpu_Cf, 15); 366 tcg_gen_andc_tl(cpu_Vf, R, Rd); /* Vf = R & ~Rd */ 367 tcg_gen_shri_tl(cpu_Vf, cpu_Vf, 15); 368 tcg_gen_setcondi_tl(TCG_COND_EQ, cpu_Zf, R, 0); /* Zf = R == 0 */ 369 tcg_gen_shri_tl(cpu_Nf, R, 15); /* Nf = R(15) */ 370 tcg_gen_xor_tl(cpu_Sf, cpu_Nf, cpu_Vf);/* Sf = Nf ^ Vf */ 371 372 /* update output registers */ 373 tcg_gen_andi_tl(RdL, R, 0xff); 374 tcg_gen_shri_tl(RdH, R, 8); 375 return true; 376 } 377 378 /* 379 * Subtracts two registers and places the result in the destination 380 * register Rd. 381 */ 382 static bool trans_SUB(DisasContext *ctx, arg_SUB *a) 383 { 384 TCGv Rd = cpu_r[a->rd]; 385 TCGv Rr = cpu_r[a->rr]; 386 TCGv R = tcg_temp_new_i32(); 387 388 tcg_gen_sub_tl(R, Rd, Rr); /* R = Rd - Rr */ 389 tcg_gen_andi_tl(R, R, 0xff); /* make it 8 bits */ 390 391 /* update status register */ 392 tcg_gen_andc_tl(cpu_Cf, Rd, R); /* Cf = Rd & ~R */ 393 gen_sub_CHf(R, Rd, Rr); 394 gen_sub_Vf(R, Rd, Rr); 395 gen_ZNSf(R); 396 397 /* update output registers */ 398 tcg_gen_mov_tl(Rd, R); 399 return true; 400 } 401 402 /* 403 * Subtracts a register and a constant and places the result in the 404 * destination register Rd. This instruction is working on Register R16 to R31 405 * and is very well suited for operations on the X, Y, and Z-pointers. 406 */ 407 static bool trans_SUBI(DisasContext *ctx, arg_SUBI *a) 408 { 409 TCGv Rd = cpu_r[a->rd]; 410 TCGv Rr = tcg_constant_i32(a->imm); 411 TCGv R = tcg_temp_new_i32(); 412 413 tcg_gen_sub_tl(R, Rd, Rr); /* R = Rd - Imm */ 414 tcg_gen_andi_tl(R, R, 0xff); /* make it 8 bits */ 415 416 /* update status register */ 417 gen_sub_CHf(R, Rd, Rr); 418 gen_sub_Vf(R, Rd, Rr); 419 gen_ZNSf(R); 420 421 /* update output registers */ 422 tcg_gen_mov_tl(Rd, R); 423 return true; 424 } 425 426 /* 427 * Subtracts two registers and subtracts with the C Flag and places the 428 * result in the destination register Rd. 429 */ 430 static bool trans_SBC(DisasContext *ctx, arg_SBC *a) 431 { 432 TCGv Rd = cpu_r[a->rd]; 433 TCGv Rr = cpu_r[a->rr]; 434 TCGv R = tcg_temp_new_i32(); 435 TCGv zero = tcg_constant_i32(0); 436 437 tcg_gen_sub_tl(R, Rd, Rr); /* R = Rd - Rr - Cf */ 438 tcg_gen_sub_tl(R, R, cpu_Cf); 439 tcg_gen_andi_tl(R, R, 0xff); /* make it 8 bits */ 440 441 /* update status register */ 442 gen_sub_CHf(R, Rd, Rr); 443 gen_sub_Vf(R, Rd, Rr); 444 gen_NSf(R); 445 446 /* 447 * Previous value remains unchanged when the result is zero; 448 * cleared otherwise. 449 */ 450 tcg_gen_movcond_tl(TCG_COND_EQ, cpu_Zf, R, zero, cpu_Zf, zero); 451 452 /* update output registers */ 453 tcg_gen_mov_tl(Rd, R); 454 return true; 455 } 456 457 /* 458 * SBCI -- Subtract Immediate with Carry 459 */ 460 static bool trans_SBCI(DisasContext *ctx, arg_SBCI *a) 461 { 462 TCGv Rd = cpu_r[a->rd]; 463 TCGv Rr = tcg_constant_i32(a->imm); 464 TCGv R = tcg_temp_new_i32(); 465 TCGv zero = tcg_constant_i32(0); 466 467 tcg_gen_sub_tl(R, Rd, Rr); /* R = Rd - Rr - Cf */ 468 tcg_gen_sub_tl(R, R, cpu_Cf); 469 tcg_gen_andi_tl(R, R, 0xff); /* make it 8 bits */ 470 471 /* update status register */ 472 gen_sub_CHf(R, Rd, Rr); 473 gen_sub_Vf(R, Rd, Rr); 474 gen_NSf(R); 475 476 /* 477 * Previous value remains unchanged when the result is zero; 478 * cleared otherwise. 479 */ 480 tcg_gen_movcond_tl(TCG_COND_EQ, cpu_Zf, R, zero, cpu_Zf, zero); 481 482 /* update output registers */ 483 tcg_gen_mov_tl(Rd, R); 484 return true; 485 } 486 487 /* 488 * Subtracts an immediate value (0-63) from a register pair and places the 489 * result in the register pair. This instruction operates on the upper four 490 * register pairs, and is well suited for operations on the Pointer Registers. 491 * This instruction is not available in all devices. Refer to the device 492 * specific instruction set summary. 493 */ 494 static bool trans_SBIW(DisasContext *ctx, arg_SBIW *a) 495 { 496 if (!avr_have_feature(ctx, AVR_FEATURE_ADIW_SBIW)) { 497 return true; 498 } 499 500 TCGv RdL = cpu_r[a->rd]; 501 TCGv RdH = cpu_r[a->rd + 1]; 502 int Imm = (a->imm); 503 TCGv R = tcg_temp_new_i32(); 504 TCGv Rd = tcg_temp_new_i32(); 505 506 tcg_gen_deposit_tl(Rd, RdL, RdH, 8, 8); /* Rd = RdH:RdL */ 507 tcg_gen_subi_tl(R, Rd, Imm); /* R = Rd - Imm */ 508 tcg_gen_andi_tl(R, R, 0xffff); /* make it 16 bits */ 509 510 /* update status register */ 511 tcg_gen_andc_tl(cpu_Cf, R, Rd); 512 tcg_gen_shri_tl(cpu_Cf, cpu_Cf, 15); /* Cf = R & ~Rd */ 513 tcg_gen_andc_tl(cpu_Vf, Rd, R); 514 tcg_gen_shri_tl(cpu_Vf, cpu_Vf, 15); /* Vf = Rd & ~R */ 515 tcg_gen_setcondi_tl(TCG_COND_EQ, cpu_Zf, R, 0); /* Zf = R == 0 */ 516 tcg_gen_shri_tl(cpu_Nf, R, 15); /* Nf = R(15) */ 517 tcg_gen_xor_tl(cpu_Sf, cpu_Nf, cpu_Vf); /* Sf = Nf ^ Vf */ 518 519 /* update output registers */ 520 tcg_gen_andi_tl(RdL, R, 0xff); 521 tcg_gen_shri_tl(RdH, R, 8); 522 return true; 523 } 524 525 /* 526 * Performs the logical AND between the contents of register Rd and register 527 * Rr and places the result in the destination register Rd. 528 */ 529 static bool trans_AND(DisasContext *ctx, arg_AND *a) 530 { 531 TCGv Rd = cpu_r[a->rd]; 532 TCGv Rr = cpu_r[a->rr]; 533 TCGv R = tcg_temp_new_i32(); 534 535 tcg_gen_and_tl(R, Rd, Rr); /* Rd = Rd and Rr */ 536 537 /* update status register */ 538 tcg_gen_movi_tl(cpu_Vf, 0); /* Vf = 0 */ 539 tcg_gen_setcondi_tl(TCG_COND_EQ, cpu_Zf, R, 0); /* Zf = R == 0 */ 540 gen_ZNSf(R); 541 542 /* update output registers */ 543 tcg_gen_mov_tl(Rd, R); 544 return true; 545 } 546 547 /* 548 * Performs the logical AND between the contents of register Rd and a constant 549 * and places the result in the destination register Rd. 550 */ 551 static bool trans_ANDI(DisasContext *ctx, arg_ANDI *a) 552 { 553 TCGv Rd = cpu_r[a->rd]; 554 int Imm = (a->imm); 555 556 tcg_gen_andi_tl(Rd, Rd, Imm); /* Rd = Rd & Imm */ 557 558 /* update status register */ 559 tcg_gen_movi_tl(cpu_Vf, 0x00); /* Vf = 0 */ 560 gen_ZNSf(Rd); 561 562 return true; 563 } 564 565 /* 566 * Performs the logical OR between the contents of register Rd and register 567 * Rr and places the result in the destination register Rd. 568 */ 569 static bool trans_OR(DisasContext *ctx, arg_OR *a) 570 { 571 TCGv Rd = cpu_r[a->rd]; 572 TCGv Rr = cpu_r[a->rr]; 573 TCGv R = tcg_temp_new_i32(); 574 575 tcg_gen_or_tl(R, Rd, Rr); 576 577 /* update status register */ 578 tcg_gen_movi_tl(cpu_Vf, 0); 579 gen_ZNSf(R); 580 581 /* update output registers */ 582 tcg_gen_mov_tl(Rd, R); 583 return true; 584 } 585 586 /* 587 * Performs the logical OR between the contents of register Rd and a 588 * constant and places the result in the destination register Rd. 589 */ 590 static bool trans_ORI(DisasContext *ctx, arg_ORI *a) 591 { 592 TCGv Rd = cpu_r[a->rd]; 593 int Imm = (a->imm); 594 595 tcg_gen_ori_tl(Rd, Rd, Imm); /* Rd = Rd | Imm */ 596 597 /* update status register */ 598 tcg_gen_movi_tl(cpu_Vf, 0x00); /* Vf = 0 */ 599 gen_ZNSf(Rd); 600 601 return true; 602 } 603 604 /* 605 * Performs the logical EOR between the contents of register Rd and 606 * register Rr and places the result in the destination register Rd. 607 */ 608 static bool trans_EOR(DisasContext *ctx, arg_EOR *a) 609 { 610 TCGv Rd = cpu_r[a->rd]; 611 TCGv Rr = cpu_r[a->rr]; 612 613 tcg_gen_xor_tl(Rd, Rd, Rr); 614 615 /* update status register */ 616 tcg_gen_movi_tl(cpu_Vf, 0); 617 gen_ZNSf(Rd); 618 619 return true; 620 } 621 622 /* 623 * Clears the specified bits in register Rd. Performs the logical AND 624 * between the contents of register Rd and the complement of the constant mask 625 * K. The result will be placed in register Rd. 626 */ 627 static bool trans_COM(DisasContext *ctx, arg_COM *a) 628 { 629 TCGv Rd = cpu_r[a->rd]; 630 631 tcg_gen_xori_tl(Rd, Rd, 0xff); 632 633 /* update status register */ 634 tcg_gen_movi_tl(cpu_Cf, 1); /* Cf = 1 */ 635 tcg_gen_movi_tl(cpu_Vf, 0); /* Vf = 0 */ 636 gen_ZNSf(Rd); 637 return true; 638 } 639 640 /* 641 * Replaces the contents of register Rd with its two's complement; the 642 * value $80 is left unchanged. 643 */ 644 static bool trans_NEG(DisasContext *ctx, arg_NEG *a) 645 { 646 TCGv Rd = cpu_r[a->rd]; 647 TCGv t0 = tcg_constant_i32(0); 648 TCGv R = tcg_temp_new_i32(); 649 650 tcg_gen_sub_tl(R, t0, Rd); /* R = 0 - Rd */ 651 tcg_gen_andi_tl(R, R, 0xff); /* make it 8 bits */ 652 653 /* update status register */ 654 gen_sub_CHf(R, t0, Rd); 655 gen_sub_Vf(R, t0, Rd); 656 gen_ZNSf(R); 657 658 /* update output registers */ 659 tcg_gen_mov_tl(Rd, R); 660 return true; 661 } 662 663 /* 664 * Adds one -1- to the contents of register Rd and places the result in the 665 * destination register Rd. The C Flag in SREG is not affected by the 666 * operation, thus allowing the INC instruction to be used on a loop counter in 667 * multiple-precision computations. When operating on unsigned numbers, only 668 * BREQ and BRNE branches can be expected to perform consistently. When 669 * operating on two's complement values, all signed branches are available. 670 */ 671 static bool trans_INC(DisasContext *ctx, arg_INC *a) 672 { 673 TCGv Rd = cpu_r[a->rd]; 674 675 tcg_gen_addi_tl(Rd, Rd, 1); 676 tcg_gen_andi_tl(Rd, Rd, 0xff); 677 678 /* update status register */ 679 tcg_gen_setcondi_tl(TCG_COND_EQ, cpu_Vf, Rd, 0x80); /* Vf = Rd == 0x80 */ 680 gen_ZNSf(Rd); 681 682 return true; 683 } 684 685 /* 686 * Subtracts one -1- from the contents of register Rd and places the result 687 * in the destination register Rd. The C Flag in SREG is not affected by the 688 * operation, thus allowing the DEC instruction to be used on a loop counter in 689 * multiple-precision computations. When operating on unsigned values, only 690 * BREQ and BRNE branches can be expected to perform consistently. When 691 * operating on two's complement values, all signed branches are available. 692 */ 693 static bool trans_DEC(DisasContext *ctx, arg_DEC *a) 694 { 695 TCGv Rd = cpu_r[a->rd]; 696 697 tcg_gen_subi_tl(Rd, Rd, 1); /* Rd = Rd - 1 */ 698 tcg_gen_andi_tl(Rd, Rd, 0xff); /* make it 8 bits */ 699 700 /* update status register */ 701 tcg_gen_setcondi_tl(TCG_COND_EQ, cpu_Vf, Rd, 0x7f); /* Vf = Rd == 0x7f */ 702 gen_ZNSf(Rd); 703 704 return true; 705 } 706 707 /* 708 * This instruction performs 8-bit x 8-bit -> 16-bit unsigned multiplication. 709 */ 710 static bool trans_MUL(DisasContext *ctx, arg_MUL *a) 711 { 712 if (!avr_have_feature(ctx, AVR_FEATURE_MUL)) { 713 return true; 714 } 715 716 TCGv R0 = cpu_r[0]; 717 TCGv R1 = cpu_r[1]; 718 TCGv Rd = cpu_r[a->rd]; 719 TCGv Rr = cpu_r[a->rr]; 720 TCGv R = tcg_temp_new_i32(); 721 722 tcg_gen_mul_tl(R, Rd, Rr); /* R = Rd * Rr */ 723 tcg_gen_andi_tl(R0, R, 0xff); 724 tcg_gen_shri_tl(R1, R, 8); 725 726 /* update status register */ 727 tcg_gen_shri_tl(cpu_Cf, R, 15); /* Cf = R(15) */ 728 tcg_gen_setcondi_tl(TCG_COND_EQ, cpu_Zf, R, 0); /* Zf = R == 0 */ 729 return true; 730 } 731 732 /* 733 * This instruction performs 8-bit x 8-bit -> 16-bit signed multiplication. 734 */ 735 static bool trans_MULS(DisasContext *ctx, arg_MULS *a) 736 { 737 if (!avr_have_feature(ctx, AVR_FEATURE_MUL)) { 738 return true; 739 } 740 741 TCGv R0 = cpu_r[0]; 742 TCGv R1 = cpu_r[1]; 743 TCGv Rd = cpu_r[a->rd]; 744 TCGv Rr = cpu_r[a->rr]; 745 TCGv R = tcg_temp_new_i32(); 746 TCGv t0 = tcg_temp_new_i32(); 747 TCGv t1 = tcg_temp_new_i32(); 748 749 tcg_gen_ext8s_tl(t0, Rd); /* make Rd full 32 bit signed */ 750 tcg_gen_ext8s_tl(t1, Rr); /* make Rr full 32 bit signed */ 751 tcg_gen_mul_tl(R, t0, t1); /* R = Rd * Rr */ 752 tcg_gen_andi_tl(R, R, 0xffff); /* make it 16 bits */ 753 tcg_gen_andi_tl(R0, R, 0xff); 754 tcg_gen_shri_tl(R1, R, 8); 755 756 /* update status register */ 757 tcg_gen_shri_tl(cpu_Cf, R, 15); /* Cf = R(15) */ 758 tcg_gen_setcondi_tl(TCG_COND_EQ, cpu_Zf, R, 0); /* Zf = R == 0 */ 759 return true; 760 } 761 762 /* 763 * This instruction performs 8-bit x 8-bit -> 16-bit multiplication of a 764 * signed and an unsigned number. 765 */ 766 static bool trans_MULSU(DisasContext *ctx, arg_MULSU *a) 767 { 768 if (!avr_have_feature(ctx, AVR_FEATURE_MUL)) { 769 return true; 770 } 771 772 TCGv R0 = cpu_r[0]; 773 TCGv R1 = cpu_r[1]; 774 TCGv Rd = cpu_r[a->rd]; 775 TCGv Rr = cpu_r[a->rr]; 776 TCGv R = tcg_temp_new_i32(); 777 TCGv t0 = tcg_temp_new_i32(); 778 779 tcg_gen_ext8s_tl(t0, Rd); /* make Rd full 32 bit signed */ 780 tcg_gen_mul_tl(R, t0, Rr); /* R = Rd * Rr */ 781 tcg_gen_andi_tl(R, R, 0xffff); /* make R 16 bits */ 782 tcg_gen_andi_tl(R0, R, 0xff); 783 tcg_gen_shri_tl(R1, R, 8); 784 785 /* update status register */ 786 tcg_gen_shri_tl(cpu_Cf, R, 15); /* Cf = R(15) */ 787 tcg_gen_setcondi_tl(TCG_COND_EQ, cpu_Zf, R, 0); /* Zf = R == 0 */ 788 return true; 789 } 790 791 /* 792 * This instruction performs 8-bit x 8-bit -> 16-bit unsigned 793 * multiplication and shifts the result one bit left. 794 */ 795 static bool trans_FMUL(DisasContext *ctx, arg_FMUL *a) 796 { 797 if (!avr_have_feature(ctx, AVR_FEATURE_MUL)) { 798 return true; 799 } 800 801 TCGv R0 = cpu_r[0]; 802 TCGv R1 = cpu_r[1]; 803 TCGv Rd = cpu_r[a->rd]; 804 TCGv Rr = cpu_r[a->rr]; 805 TCGv R = tcg_temp_new_i32(); 806 807 tcg_gen_mul_tl(R, Rd, Rr); /* R = Rd * Rr */ 808 809 /* update status register */ 810 tcg_gen_shri_tl(cpu_Cf, R, 15); /* Cf = R(15) */ 811 tcg_gen_setcondi_tl(TCG_COND_EQ, cpu_Zf, R, 0); /* Zf = R == 0 */ 812 813 /* update output registers */ 814 tcg_gen_shli_tl(R, R, 1); 815 tcg_gen_andi_tl(R0, R, 0xff); 816 tcg_gen_shri_tl(R1, R, 8); 817 tcg_gen_andi_tl(R1, R1, 0xff); 818 return true; 819 } 820 821 /* 822 * This instruction performs 8-bit x 8-bit -> 16-bit signed multiplication 823 * and shifts the result one bit left. 824 */ 825 static bool trans_FMULS(DisasContext *ctx, arg_FMULS *a) 826 { 827 if (!avr_have_feature(ctx, AVR_FEATURE_MUL)) { 828 return true; 829 } 830 831 TCGv R0 = cpu_r[0]; 832 TCGv R1 = cpu_r[1]; 833 TCGv Rd = cpu_r[a->rd]; 834 TCGv Rr = cpu_r[a->rr]; 835 TCGv R = tcg_temp_new_i32(); 836 TCGv t0 = tcg_temp_new_i32(); 837 TCGv t1 = tcg_temp_new_i32(); 838 839 tcg_gen_ext8s_tl(t0, Rd); /* make Rd full 32 bit signed */ 840 tcg_gen_ext8s_tl(t1, Rr); /* make Rr full 32 bit signed */ 841 tcg_gen_mul_tl(R, t0, t1); /* R = Rd * Rr */ 842 tcg_gen_andi_tl(R, R, 0xffff); /* make it 16 bits */ 843 844 /* update status register */ 845 tcg_gen_shri_tl(cpu_Cf, R, 15); /* Cf = R(15) */ 846 tcg_gen_setcondi_tl(TCG_COND_EQ, cpu_Zf, R, 0); /* Zf = R == 0 */ 847 848 /* update output registers */ 849 tcg_gen_shli_tl(R, R, 1); 850 tcg_gen_andi_tl(R0, R, 0xff); 851 tcg_gen_shri_tl(R1, R, 8); 852 tcg_gen_andi_tl(R1, R1, 0xff); 853 return true; 854 } 855 856 /* 857 * This instruction performs 8-bit x 8-bit -> 16-bit signed multiplication 858 * and shifts the result one bit left. 859 */ 860 static bool trans_FMULSU(DisasContext *ctx, arg_FMULSU *a) 861 { 862 if (!avr_have_feature(ctx, AVR_FEATURE_MUL)) { 863 return true; 864 } 865 866 TCGv R0 = cpu_r[0]; 867 TCGv R1 = cpu_r[1]; 868 TCGv Rd = cpu_r[a->rd]; 869 TCGv Rr = cpu_r[a->rr]; 870 TCGv R = tcg_temp_new_i32(); 871 TCGv t0 = tcg_temp_new_i32(); 872 873 tcg_gen_ext8s_tl(t0, Rd); /* make Rd full 32 bit signed */ 874 tcg_gen_mul_tl(R, t0, Rr); /* R = Rd * Rr */ 875 tcg_gen_andi_tl(R, R, 0xffff); /* make it 16 bits */ 876 877 /* update status register */ 878 tcg_gen_shri_tl(cpu_Cf, R, 15); /* Cf = R(15) */ 879 tcg_gen_setcondi_tl(TCG_COND_EQ, cpu_Zf, R, 0); /* Zf = R == 0 */ 880 881 /* update output registers */ 882 tcg_gen_shli_tl(R, R, 1); 883 tcg_gen_andi_tl(R0, R, 0xff); 884 tcg_gen_shri_tl(R1, R, 8); 885 tcg_gen_andi_tl(R1, R1, 0xff); 886 return true; 887 } 888 889 /* 890 * The module is an instruction set extension to the AVR CPU, performing 891 * DES iterations. The 64-bit data block (plaintext or ciphertext) is placed in 892 * the CPU register file, registers R0-R7, where LSB of data is placed in LSB 893 * of R0 and MSB of data is placed in MSB of R7. The full 64-bit key (including 894 * parity bits) is placed in registers R8- R15, organized in the register file 895 * with LSB of key in LSB of R8 and MSB of key in MSB of R15. Executing one DES 896 * instruction performs one round in the DES algorithm. Sixteen rounds must be 897 * executed in increasing order to form the correct DES ciphertext or 898 * plaintext. Intermediate results are stored in the register file (R0-R15) 899 * after each DES instruction. The instruction's operand (K) determines which 900 * round is executed, and the half carry flag (H) determines whether encryption 901 * or decryption is performed. The DES algorithm is described in 902 * "Specifications for the Data Encryption Standard" (Federal Information 903 * Processing Standards Publication 46). Intermediate results in this 904 * implementation differ from the standard because the initial permutation and 905 * the inverse initial permutation are performed each iteration. This does not 906 * affect the result in the final ciphertext or plaintext, but reduces 907 * execution time. 908 */ 909 static bool trans_DES(DisasContext *ctx, arg_DES *a) 910 { 911 /* TODO */ 912 if (!avr_have_feature(ctx, AVR_FEATURE_DES)) { 913 return true; 914 } 915 916 qemu_log_mask(LOG_UNIMP, "%s: not implemented\n", __func__); 917 918 return true; 919 } 920 921 /* 922 * Branch Instructions 923 */ 924 static void gen_jmp_ez(DisasContext *ctx) 925 { 926 tcg_gen_deposit_tl(cpu_pc, cpu_r[30], cpu_r[31], 8, 8); 927 tcg_gen_or_tl(cpu_pc, cpu_pc, cpu_eind); 928 ctx->base.is_jmp = DISAS_LOOKUP; 929 } 930 931 static void gen_jmp_z(DisasContext *ctx) 932 { 933 tcg_gen_deposit_tl(cpu_pc, cpu_r[30], cpu_r[31], 8, 8); 934 ctx->base.is_jmp = DISAS_LOOKUP; 935 } 936 937 static void gen_push_ret(DisasContext *ctx, int ret) 938 { 939 if (avr_feature(ctx->env, AVR_FEATURE_1_BYTE_PC)) { 940 TCGv t0 = tcg_constant_i32(ret & 0x0000ff); 941 942 tcg_gen_qemu_st_tl(t0, cpu_sp, MMU_DATA_IDX, MO_UB); 943 tcg_gen_subi_tl(cpu_sp, cpu_sp, 1); 944 } else if (avr_feature(ctx->env, AVR_FEATURE_2_BYTE_PC)) { 945 TCGv t0 = tcg_constant_i32(ret & 0x00ffff); 946 947 tcg_gen_subi_tl(cpu_sp, cpu_sp, 1); 948 tcg_gen_qemu_st_tl(t0, cpu_sp, MMU_DATA_IDX, MO_BEUW); 949 tcg_gen_subi_tl(cpu_sp, cpu_sp, 1); 950 } else if (avr_feature(ctx->env, AVR_FEATURE_3_BYTE_PC)) { 951 TCGv lo = tcg_constant_i32(ret & 0x0000ff); 952 TCGv hi = tcg_constant_i32((ret & 0xffff00) >> 8); 953 954 tcg_gen_qemu_st_tl(lo, cpu_sp, MMU_DATA_IDX, MO_UB); 955 tcg_gen_subi_tl(cpu_sp, cpu_sp, 2); 956 tcg_gen_qemu_st_tl(hi, cpu_sp, MMU_DATA_IDX, MO_BEUW); 957 tcg_gen_subi_tl(cpu_sp, cpu_sp, 1); 958 } 959 } 960 961 static void gen_pop_ret(DisasContext *ctx, TCGv ret) 962 { 963 if (avr_feature(ctx->env, AVR_FEATURE_1_BYTE_PC)) { 964 tcg_gen_addi_tl(cpu_sp, cpu_sp, 1); 965 tcg_gen_qemu_ld_tl(ret, cpu_sp, MMU_DATA_IDX, MO_UB); 966 } else if (avr_feature(ctx->env, AVR_FEATURE_2_BYTE_PC)) { 967 tcg_gen_addi_tl(cpu_sp, cpu_sp, 1); 968 tcg_gen_qemu_ld_tl(ret, cpu_sp, MMU_DATA_IDX, MO_BEUW); 969 tcg_gen_addi_tl(cpu_sp, cpu_sp, 1); 970 } else if (avr_feature(ctx->env, AVR_FEATURE_3_BYTE_PC)) { 971 TCGv lo = tcg_temp_new_i32(); 972 TCGv hi = tcg_temp_new_i32(); 973 974 tcg_gen_addi_tl(cpu_sp, cpu_sp, 1); 975 tcg_gen_qemu_ld_tl(hi, cpu_sp, MMU_DATA_IDX, MO_BEUW); 976 977 tcg_gen_addi_tl(cpu_sp, cpu_sp, 2); 978 tcg_gen_qemu_ld_tl(lo, cpu_sp, MMU_DATA_IDX, MO_UB); 979 980 tcg_gen_deposit_tl(ret, lo, hi, 8, 16); 981 } 982 } 983 984 static void gen_goto_tb(DisasContext *ctx, int n, target_ulong dest) 985 { 986 const TranslationBlock *tb = ctx->base.tb; 987 988 if (translator_use_goto_tb(&ctx->base, dest)) { 989 tcg_gen_goto_tb(n); 990 tcg_gen_movi_i32(cpu_pc, dest); 991 tcg_gen_exit_tb(tb, n); 992 } else { 993 tcg_gen_movi_i32(cpu_pc, dest); 994 tcg_gen_lookup_and_goto_ptr(); 995 } 996 ctx->base.is_jmp = DISAS_NORETURN; 997 } 998 999 /* 1000 * Relative jump to an address within PC - 2K +1 and PC + 2K (words). For 1001 * AVR microcontrollers with Program memory not exceeding 4K words (8KB) this 1002 * instruction can address the entire memory from every address location. See 1003 * also JMP. 1004 */ 1005 static bool trans_RJMP(DisasContext *ctx, arg_RJMP *a) 1006 { 1007 int dst = ctx->npc + a->imm; 1008 1009 gen_goto_tb(ctx, 0, dst); 1010 1011 return true; 1012 } 1013 1014 /* 1015 * Indirect jump to the address pointed to by the Z (16 bits) Pointer 1016 * Register in the Register File. The Z-pointer Register is 16 bits wide and 1017 * allows jump within the lowest 64K words (128KB) section of Program memory. 1018 * This instruction is not available in all devices. Refer to the device 1019 * specific instruction set summary. 1020 */ 1021 static bool trans_IJMP(DisasContext *ctx, arg_IJMP *a) 1022 { 1023 if (!avr_have_feature(ctx, AVR_FEATURE_IJMP_ICALL)) { 1024 return true; 1025 } 1026 1027 gen_jmp_z(ctx); 1028 1029 return true; 1030 } 1031 1032 /* 1033 * Indirect jump to the address pointed to by the Z (16 bits) Pointer 1034 * Register in the Register File and the EIND Register in the I/O space. This 1035 * instruction allows for indirect jumps to the entire 4M (words) Program 1036 * memory space. See also IJMP. This instruction is not available in all 1037 * devices. Refer to the device specific instruction set summary. 1038 */ 1039 static bool trans_EIJMP(DisasContext *ctx, arg_EIJMP *a) 1040 { 1041 if (!avr_have_feature(ctx, AVR_FEATURE_EIJMP_EICALL)) { 1042 return true; 1043 } 1044 1045 gen_jmp_ez(ctx); 1046 return true; 1047 } 1048 1049 /* 1050 * Jump to an address within the entire 4M (words) Program memory. See also 1051 * RJMP. This instruction is not available in all devices. Refer to the device 1052 * specific instruction set summary.0 1053 */ 1054 static bool trans_JMP(DisasContext *ctx, arg_JMP *a) 1055 { 1056 if (!avr_have_feature(ctx, AVR_FEATURE_JMP_CALL)) { 1057 return true; 1058 } 1059 1060 gen_goto_tb(ctx, 0, a->imm); 1061 1062 return true; 1063 } 1064 1065 /* 1066 * Relative call to an address within PC - 2K + 1 and PC + 2K (words). The 1067 * return address (the instruction after the RCALL) is stored onto the Stack. 1068 * See also CALL. For AVR microcontrollers with Program memory not exceeding 4K 1069 * words (8KB) this instruction can address the entire memory from every 1070 * address location. The Stack Pointer uses a post-decrement scheme during 1071 * RCALL. 1072 */ 1073 static bool trans_RCALL(DisasContext *ctx, arg_RCALL *a) 1074 { 1075 int ret = ctx->npc; 1076 int dst = ctx->npc + a->imm; 1077 1078 gen_push_ret(ctx, ret); 1079 gen_goto_tb(ctx, 0, dst); 1080 1081 return true; 1082 } 1083 1084 /* 1085 * Calls to a subroutine within the entire 4M (words) Program memory. The 1086 * return address (to the instruction after the CALL) will be stored onto the 1087 * Stack. See also RCALL. The Stack Pointer uses a post-decrement scheme during 1088 * CALL. This instruction is not available in all devices. Refer to the device 1089 * specific instruction set summary. 1090 */ 1091 static bool trans_ICALL(DisasContext *ctx, arg_ICALL *a) 1092 { 1093 if (!avr_have_feature(ctx, AVR_FEATURE_IJMP_ICALL)) { 1094 return true; 1095 } 1096 1097 int ret = ctx->npc; 1098 1099 gen_push_ret(ctx, ret); 1100 gen_jmp_z(ctx); 1101 1102 return true; 1103 } 1104 1105 /* 1106 * Indirect call of a subroutine pointed to by the Z (16 bits) Pointer 1107 * Register in the Register File and the EIND Register in the I/O space. This 1108 * instruction allows for indirect calls to the entire 4M (words) Program 1109 * memory space. See also ICALL. The Stack Pointer uses a post-decrement scheme 1110 * during EICALL. This instruction is not available in all devices. Refer to 1111 * the device specific instruction set summary. 1112 */ 1113 static bool trans_EICALL(DisasContext *ctx, arg_EICALL *a) 1114 { 1115 if (!avr_have_feature(ctx, AVR_FEATURE_EIJMP_EICALL)) { 1116 return true; 1117 } 1118 1119 int ret = ctx->npc; 1120 1121 gen_push_ret(ctx, ret); 1122 gen_jmp_ez(ctx); 1123 return true; 1124 } 1125 1126 /* 1127 * Calls to a subroutine within the entire Program memory. The return 1128 * address (to the instruction after the CALL) will be stored onto the Stack. 1129 * (See also RCALL). The Stack Pointer uses a post-decrement scheme during 1130 * CALL. This instruction is not available in all devices. Refer to the device 1131 * specific instruction set summary. 1132 */ 1133 static bool trans_CALL(DisasContext *ctx, arg_CALL *a) 1134 { 1135 if (!avr_have_feature(ctx, AVR_FEATURE_JMP_CALL)) { 1136 return true; 1137 } 1138 1139 int Imm = a->imm; 1140 int ret = ctx->npc; 1141 1142 gen_push_ret(ctx, ret); 1143 gen_goto_tb(ctx, 0, Imm); 1144 1145 return true; 1146 } 1147 1148 /* 1149 * Returns from subroutine. The return address is loaded from the STACK. 1150 * The Stack Pointer uses a preincrement scheme during RET. 1151 */ 1152 static bool trans_RET(DisasContext *ctx, arg_RET *a) 1153 { 1154 gen_pop_ret(ctx, cpu_pc); 1155 1156 ctx->base.is_jmp = DISAS_LOOKUP; 1157 return true; 1158 } 1159 1160 /* 1161 * Returns from interrupt. The return address is loaded from the STACK and 1162 * the Global Interrupt Flag is set. Note that the Status Register is not 1163 * automatically stored when entering an interrupt routine, and it is not 1164 * restored when returning from an interrupt routine. This must be handled by 1165 * the application program. The Stack Pointer uses a pre-increment scheme 1166 * during RETI. 1167 */ 1168 static bool trans_RETI(DisasContext *ctx, arg_RETI *a) 1169 { 1170 gen_pop_ret(ctx, cpu_pc); 1171 tcg_gen_movi_tl(cpu_If, 1); 1172 1173 /* Need to return to main loop to re-evaluate interrupts. */ 1174 ctx->base.is_jmp = DISAS_EXIT; 1175 return true; 1176 } 1177 1178 /* 1179 * This instruction performs a compare between two registers Rd and Rr, and 1180 * skips the next instruction if Rd = Rr. 1181 */ 1182 static bool trans_CPSE(DisasContext *ctx, arg_CPSE *a) 1183 { 1184 ctx->skip_cond = TCG_COND_EQ; 1185 ctx->skip_var0 = cpu_r[a->rd]; 1186 ctx->skip_var1 = cpu_r[a->rr]; 1187 return true; 1188 } 1189 1190 /* 1191 * This instruction performs a compare between two registers Rd and Rr. 1192 * None of the registers are changed. All conditional branches can be used 1193 * after this instruction. 1194 */ 1195 static bool trans_CP(DisasContext *ctx, arg_CP *a) 1196 { 1197 TCGv Rd = cpu_r[a->rd]; 1198 TCGv Rr = cpu_r[a->rr]; 1199 TCGv R = tcg_temp_new_i32(); 1200 1201 tcg_gen_sub_tl(R, Rd, Rr); /* R = Rd - Rr */ 1202 tcg_gen_andi_tl(R, R, 0xff); /* make it 8 bits */ 1203 1204 /* update status register */ 1205 gen_sub_CHf(R, Rd, Rr); 1206 gen_sub_Vf(R, Rd, Rr); 1207 gen_ZNSf(R); 1208 return true; 1209 } 1210 1211 /* 1212 * This instruction performs a compare between two registers Rd and Rr and 1213 * also takes into account the previous carry. None of the registers are 1214 * changed. All conditional branches can be used after this instruction. 1215 */ 1216 static bool trans_CPC(DisasContext *ctx, arg_CPC *a) 1217 { 1218 TCGv Rd = cpu_r[a->rd]; 1219 TCGv Rr = cpu_r[a->rr]; 1220 TCGv R = tcg_temp_new_i32(); 1221 TCGv zero = tcg_constant_i32(0); 1222 1223 tcg_gen_sub_tl(R, Rd, Rr); /* R = Rd - Rr - Cf */ 1224 tcg_gen_sub_tl(R, R, cpu_Cf); 1225 tcg_gen_andi_tl(R, R, 0xff); /* make it 8 bits */ 1226 /* update status register */ 1227 gen_sub_CHf(R, Rd, Rr); 1228 gen_sub_Vf(R, Rd, Rr); 1229 gen_NSf(R); 1230 1231 /* 1232 * Previous value remains unchanged when the result is zero; 1233 * cleared otherwise. 1234 */ 1235 tcg_gen_movcond_tl(TCG_COND_EQ, cpu_Zf, R, zero, cpu_Zf, zero); 1236 return true; 1237 } 1238 1239 /* 1240 * This instruction performs a compare between register Rd and a constant. 1241 * The register is not changed. All conditional branches can be used after this 1242 * instruction. 1243 */ 1244 static bool trans_CPI(DisasContext *ctx, arg_CPI *a) 1245 { 1246 TCGv Rd = cpu_r[a->rd]; 1247 int Imm = a->imm; 1248 TCGv Rr = tcg_constant_i32(Imm); 1249 TCGv R = tcg_temp_new_i32(); 1250 1251 tcg_gen_sub_tl(R, Rd, Rr); /* R = Rd - Rr */ 1252 tcg_gen_andi_tl(R, R, 0xff); /* make it 8 bits */ 1253 1254 /* update status register */ 1255 gen_sub_CHf(R, Rd, Rr); 1256 gen_sub_Vf(R, Rd, Rr); 1257 gen_ZNSf(R); 1258 return true; 1259 } 1260 1261 /* 1262 * This instruction tests a single bit in a register and skips the next 1263 * instruction if the bit is cleared. 1264 */ 1265 static bool trans_SBRC(DisasContext *ctx, arg_SBRC *a) 1266 { 1267 TCGv Rr = cpu_r[a->rr]; 1268 1269 ctx->skip_cond = TCG_COND_EQ; 1270 ctx->skip_var0 = tcg_temp_new(); 1271 1272 tcg_gen_andi_tl(ctx->skip_var0, Rr, 1 << a->bit); 1273 return true; 1274 } 1275 1276 /* 1277 * This instruction tests a single bit in a register and skips the next 1278 * instruction if the bit is set. 1279 */ 1280 static bool trans_SBRS(DisasContext *ctx, arg_SBRS *a) 1281 { 1282 TCGv Rr = cpu_r[a->rr]; 1283 1284 ctx->skip_cond = TCG_COND_NE; 1285 ctx->skip_var0 = tcg_temp_new(); 1286 1287 tcg_gen_andi_tl(ctx->skip_var0, Rr, 1 << a->bit); 1288 return true; 1289 } 1290 1291 /* 1292 * This instruction tests a single bit in an I/O Register and skips the 1293 * next instruction if the bit is cleared. This instruction operates on the 1294 * lower 32 I/O Registers -- addresses 0-31. 1295 */ 1296 static bool trans_SBIC(DisasContext *ctx, arg_SBIC *a) 1297 { 1298 TCGv data = tcg_temp_new_i32(); 1299 1300 gen_inb(ctx, data, a->reg); 1301 tcg_gen_andi_tl(data, data, 1 << a->bit); 1302 ctx->skip_cond = TCG_COND_EQ; 1303 ctx->skip_var0 = data; 1304 1305 return true; 1306 } 1307 1308 /* 1309 * This instruction tests a single bit in an I/O Register and skips the 1310 * next instruction if the bit is set. This instruction operates on the lower 1311 * 32 I/O Registers -- addresses 0-31. 1312 */ 1313 static bool trans_SBIS(DisasContext *ctx, arg_SBIS *a) 1314 { 1315 TCGv data = tcg_temp_new_i32(); 1316 1317 gen_inb(ctx, data, a->reg); 1318 tcg_gen_andi_tl(data, data, 1 << a->bit); 1319 ctx->skip_cond = TCG_COND_NE; 1320 ctx->skip_var0 = data; 1321 1322 return true; 1323 } 1324 1325 /* 1326 * Conditional relative branch. Tests a single bit in SREG and branches 1327 * relatively to PC if the bit is cleared. This instruction branches relatively 1328 * to PC in either direction (PC - 63 < = destination <= PC + 64). The 1329 * parameter k is the offset from PC and is represented in two's complement 1330 * form. 1331 */ 1332 static bool trans_BRBC(DisasContext *ctx, arg_BRBC *a) 1333 { 1334 TCGLabel *not_taken = gen_new_label(); 1335 1336 TCGv var; 1337 1338 switch (a->bit) { 1339 case 0x00: 1340 var = cpu_Cf; 1341 break; 1342 case 0x01: 1343 var = cpu_Zf; 1344 break; 1345 case 0x02: 1346 var = cpu_Nf; 1347 break; 1348 case 0x03: 1349 var = cpu_Vf; 1350 break; 1351 case 0x04: 1352 var = cpu_Sf; 1353 break; 1354 case 0x05: 1355 var = cpu_Hf; 1356 break; 1357 case 0x06: 1358 var = cpu_Tf; 1359 break; 1360 case 0x07: 1361 var = cpu_If; 1362 break; 1363 default: 1364 g_assert_not_reached(); 1365 } 1366 1367 tcg_gen_brcondi_i32(TCG_COND_NE, var, 0, not_taken); 1368 gen_goto_tb(ctx, 0, ctx->npc + a->imm); 1369 gen_set_label(not_taken); 1370 1371 ctx->base.is_jmp = DISAS_CHAIN; 1372 return true; 1373 } 1374 1375 /* 1376 * Conditional relative branch. Tests a single bit in SREG and branches 1377 * relatively to PC if the bit is set. This instruction branches relatively to 1378 * PC in either direction (PC - 63 < = destination <= PC + 64). The parameter k 1379 * is the offset from PC and is represented in two's complement form. 1380 */ 1381 static bool trans_BRBS(DisasContext *ctx, arg_BRBS *a) 1382 { 1383 TCGLabel *not_taken = gen_new_label(); 1384 1385 TCGv var; 1386 1387 switch (a->bit) { 1388 case 0x00: 1389 var = cpu_Cf; 1390 break; 1391 case 0x01: 1392 var = cpu_Zf; 1393 break; 1394 case 0x02: 1395 var = cpu_Nf; 1396 break; 1397 case 0x03: 1398 var = cpu_Vf; 1399 break; 1400 case 0x04: 1401 var = cpu_Sf; 1402 break; 1403 case 0x05: 1404 var = cpu_Hf; 1405 break; 1406 case 0x06: 1407 var = cpu_Tf; 1408 break; 1409 case 0x07: 1410 var = cpu_If; 1411 break; 1412 default: 1413 g_assert_not_reached(); 1414 } 1415 1416 tcg_gen_brcondi_i32(TCG_COND_EQ, var, 0, not_taken); 1417 gen_goto_tb(ctx, 0, ctx->npc + a->imm); 1418 gen_set_label(not_taken); 1419 1420 ctx->base.is_jmp = DISAS_CHAIN; 1421 return true; 1422 } 1423 1424 /* 1425 * Data Transfer Instructions 1426 */ 1427 1428 /* 1429 * in the gen_set_addr & gen_get_addr functions 1430 * H assumed to be in 0x00ff0000 format 1431 * M assumed to be in 0x000000ff format 1432 * L assumed to be in 0x000000ff format 1433 */ 1434 static void gen_set_addr(TCGv addr, TCGv H, TCGv M, TCGv L) 1435 { 1436 1437 tcg_gen_andi_tl(L, addr, 0x000000ff); 1438 1439 tcg_gen_andi_tl(M, addr, 0x0000ff00); 1440 tcg_gen_shri_tl(M, M, 8); 1441 1442 tcg_gen_andi_tl(H, addr, 0x00ff0000); 1443 } 1444 1445 static void gen_set_xaddr(TCGv addr) 1446 { 1447 gen_set_addr(addr, cpu_rampX, cpu_r[27], cpu_r[26]); 1448 } 1449 1450 static void gen_set_yaddr(TCGv addr) 1451 { 1452 gen_set_addr(addr, cpu_rampY, cpu_r[29], cpu_r[28]); 1453 } 1454 1455 static void gen_set_zaddr(TCGv addr) 1456 { 1457 gen_set_addr(addr, cpu_rampZ, cpu_r[31], cpu_r[30]); 1458 } 1459 1460 static TCGv gen_get_addr(TCGv H, TCGv M, TCGv L) 1461 { 1462 TCGv addr = tcg_temp_new_i32(); 1463 1464 tcg_gen_deposit_tl(addr, M, H, 8, 8); 1465 tcg_gen_deposit_tl(addr, L, addr, 8, 16); 1466 1467 return addr; 1468 } 1469 1470 static TCGv gen_get_xaddr(void) 1471 { 1472 return gen_get_addr(cpu_rampX, cpu_r[27], cpu_r[26]); 1473 } 1474 1475 static TCGv gen_get_yaddr(void) 1476 { 1477 return gen_get_addr(cpu_rampY, cpu_r[29], cpu_r[28]); 1478 } 1479 1480 static TCGv gen_get_zaddr(void) 1481 { 1482 return gen_get_addr(cpu_rampZ, cpu_r[31], cpu_r[30]); 1483 } 1484 1485 /* 1486 * Load one byte indirect from data space to register and stores an clear 1487 * the bits in data space specified by the register. The instruction can only 1488 * be used towards internal SRAM. The data location is pointed to by the Z (16 1489 * bits) Pointer Register in the Register File. Memory access is limited to the 1490 * current data segment of 64KB. To access another data segment in devices with 1491 * more than 64KB data space, the RAMPZ in register in the I/O area has to be 1492 * changed. The Z-pointer Register is left unchanged by the operation. This 1493 * instruction is especially suited for clearing status bits stored in SRAM. 1494 */ 1495 static void gen_data_store(DisasContext *ctx, TCGv data, TCGv addr) 1496 { 1497 if (ctx->base.tb->flags & TB_FLAGS_FULL_ACCESS) { 1498 gen_helper_fullwr(tcg_env, data, addr); 1499 } else { 1500 tcg_gen_qemu_st_tl(data, addr, MMU_DATA_IDX, MO_UB); 1501 } 1502 } 1503 1504 static void gen_data_load(DisasContext *ctx, TCGv data, TCGv addr) 1505 { 1506 tcg_gen_qemu_ld_tl(data, addr, MMU_DATA_IDX, MO_UB); 1507 } 1508 1509 static void gen_inb(DisasContext *ctx, TCGv data, int port) 1510 { 1511 gen_data_load(ctx, data, tcg_constant_i32(port + NUMBER_OF_CPU_REGISTERS)); 1512 } 1513 1514 static void gen_outb(DisasContext *ctx, TCGv data, int port) 1515 { 1516 gen_helper_fullwr(tcg_env, data, 1517 tcg_constant_i32(port + NUMBER_OF_CPU_REGISTERS)); 1518 } 1519 1520 /* 1521 * This instruction makes a copy of one register into another. The source 1522 * register Rr is left unchanged, while the destination register Rd is loaded 1523 * with a copy of Rr. 1524 */ 1525 static bool trans_MOV(DisasContext *ctx, arg_MOV *a) 1526 { 1527 TCGv Rd = cpu_r[a->rd]; 1528 TCGv Rr = cpu_r[a->rr]; 1529 1530 tcg_gen_mov_tl(Rd, Rr); 1531 1532 return true; 1533 } 1534 1535 /* 1536 * This instruction makes a copy of one register pair into another register 1537 * pair. The source register pair Rr+1:Rr is left unchanged, while the 1538 * destination register pair Rd+1:Rd is loaded with a copy of Rr + 1:Rr. This 1539 * instruction is not available in all devices. Refer to the device specific 1540 * instruction set summary. 1541 */ 1542 static bool trans_MOVW(DisasContext *ctx, arg_MOVW *a) 1543 { 1544 if (!avr_have_feature(ctx, AVR_FEATURE_MOVW)) { 1545 return true; 1546 } 1547 1548 TCGv RdL = cpu_r[a->rd]; 1549 TCGv RdH = cpu_r[a->rd + 1]; 1550 TCGv RrL = cpu_r[a->rr]; 1551 TCGv RrH = cpu_r[a->rr + 1]; 1552 1553 tcg_gen_mov_tl(RdH, RrH); 1554 tcg_gen_mov_tl(RdL, RrL); 1555 1556 return true; 1557 } 1558 1559 /* 1560 * Loads an 8 bit constant directly to register 16 to 31. 1561 */ 1562 static bool trans_LDI(DisasContext *ctx, arg_LDI *a) 1563 { 1564 TCGv Rd = cpu_r[a->rd]; 1565 int imm = a->imm; 1566 1567 tcg_gen_movi_tl(Rd, imm); 1568 1569 return true; 1570 } 1571 1572 /* 1573 * Loads one byte from the data space to a register. For parts with SRAM, 1574 * the data space consists of the Register File, I/O memory and internal SRAM 1575 * (and external SRAM if applicable). For parts without SRAM, the data space 1576 * consists of the register file only. The EEPROM has a separate address space. 1577 * A 16-bit address must be supplied. Memory access is limited to the current 1578 * data segment of 64KB. The LDS instruction uses the RAMPD Register to access 1579 * memory above 64KB. To access another data segment in devices with more than 1580 * 64KB data space, the RAMPD in register in the I/O area has to be changed. 1581 * This instruction is not available in all devices. Refer to the device 1582 * specific instruction set summary. 1583 */ 1584 static bool trans_LDS(DisasContext *ctx, arg_LDS *a) 1585 { 1586 TCGv Rd = cpu_r[a->rd]; 1587 TCGv addr = tcg_temp_new_i32(); 1588 TCGv H = cpu_rampD; 1589 1590 tcg_gen_mov_tl(addr, H); /* addr = H:M:L */ 1591 tcg_gen_shli_tl(addr, addr, 16); 1592 tcg_gen_ori_tl(addr, addr, a->imm); 1593 1594 gen_data_load(ctx, Rd, addr); 1595 return true; 1596 } 1597 1598 /* 1599 * Loads one byte indirect from the data space to a register. For parts 1600 * with SRAM, the data space consists of the Register File, I/O memory and 1601 * internal SRAM (and external SRAM if applicable). For parts without SRAM, the 1602 * data space consists of the Register File only. In some parts the Flash 1603 * Memory has been mapped to the data space and can be read using this command. 1604 * The EEPROM has a separate address space. The data location is pointed to by 1605 * the X (16 bits) Pointer Register in the Register File. Memory access is 1606 * limited to the current data segment of 64KB. To access another data segment 1607 * in devices with more than 64KB data space, the RAMPX in register in the I/O 1608 * area has to be changed. The X-pointer Register can either be left unchanged 1609 * by the operation, or it can be post-incremented or predecremented. These 1610 * features are especially suited for accessing arrays, tables, and Stack 1611 * Pointer usage of the X-pointer Register. Note that only the low byte of the 1612 * X-pointer is updated in devices with no more than 256 bytes data space. For 1613 * such devices, the high byte of the pointer is not used by this instruction 1614 * and can be used for other purposes. The RAMPX Register in the I/O area is 1615 * updated in parts with more than 64KB data space or more than 64KB Program 1616 * memory, and the increment/decrement is added to the entire 24-bit address on 1617 * such devices. Not all variants of this instruction is available in all 1618 * devices. Refer to the device specific instruction set summary. In the 1619 * Reduced Core tinyAVR the LD instruction can be used to achieve the same 1620 * operation as LPM since the program memory is mapped to the data memory 1621 * space. 1622 */ 1623 static bool trans_LDX1(DisasContext *ctx, arg_LDX1 *a) 1624 { 1625 TCGv Rd = cpu_r[a->rd]; 1626 TCGv addr = gen_get_xaddr(); 1627 1628 gen_data_load(ctx, Rd, addr); 1629 return true; 1630 } 1631 1632 static bool trans_LDX2(DisasContext *ctx, arg_LDX2 *a) 1633 { 1634 TCGv Rd = cpu_r[a->rd]; 1635 TCGv addr = gen_get_xaddr(); 1636 1637 gen_data_load(ctx, Rd, addr); 1638 tcg_gen_addi_tl(addr, addr, 1); /* addr = addr + 1 */ 1639 1640 gen_set_xaddr(addr); 1641 return true; 1642 } 1643 1644 static bool trans_LDX3(DisasContext *ctx, arg_LDX3 *a) 1645 { 1646 TCGv Rd = cpu_r[a->rd]; 1647 TCGv addr = gen_get_xaddr(); 1648 1649 tcg_gen_subi_tl(addr, addr, 1); /* addr = addr - 1 */ 1650 gen_data_load(ctx, Rd, addr); 1651 gen_set_xaddr(addr); 1652 return true; 1653 } 1654 1655 /* 1656 * Loads one byte indirect with or without displacement from the data space 1657 * to a register. For parts with SRAM, the data space consists of the Register 1658 * File, I/O memory and internal SRAM (and external SRAM if applicable). For 1659 * parts without SRAM, the data space consists of the Register File only. In 1660 * some parts the Flash Memory has been mapped to the data space and can be 1661 * read using this command. The EEPROM has a separate address space. The data 1662 * location is pointed to by the Y (16 bits) Pointer Register in the Register 1663 * File. Memory access is limited to the current data segment of 64KB. To 1664 * access another data segment in devices with more than 64KB data space, the 1665 * RAMPY in register in the I/O area has to be changed. The Y-pointer Register 1666 * can either be left unchanged by the operation, or it can be post-incremented 1667 * or predecremented. These features are especially suited for accessing 1668 * arrays, tables, and Stack Pointer usage of the Y-pointer Register. Note that 1669 * only the low byte of the Y-pointer is updated in devices with no more than 1670 * 256 bytes data space. For such devices, the high byte of the pointer is not 1671 * used by this instruction and can be used for other purposes. The RAMPY 1672 * Register in the I/O area is updated in parts with more than 64KB data space 1673 * or more than 64KB Program memory, and the increment/decrement/displacement 1674 * is added to the entire 24-bit address on such devices. Not all variants of 1675 * this instruction is available in all devices. Refer to the device specific 1676 * instruction set summary. In the Reduced Core tinyAVR the LD instruction can 1677 * be used to achieve the same operation as LPM since the program memory is 1678 * mapped to the data memory space. 1679 */ 1680 static bool trans_LDY2(DisasContext *ctx, arg_LDY2 *a) 1681 { 1682 TCGv Rd = cpu_r[a->rd]; 1683 TCGv addr = gen_get_yaddr(); 1684 1685 gen_data_load(ctx, Rd, addr); 1686 tcg_gen_addi_tl(addr, addr, 1); /* addr = addr + 1 */ 1687 1688 gen_set_yaddr(addr); 1689 return true; 1690 } 1691 1692 static bool trans_LDY3(DisasContext *ctx, arg_LDY3 *a) 1693 { 1694 TCGv Rd = cpu_r[a->rd]; 1695 TCGv addr = gen_get_yaddr(); 1696 1697 tcg_gen_subi_tl(addr, addr, 1); /* addr = addr - 1 */ 1698 gen_data_load(ctx, Rd, addr); 1699 gen_set_yaddr(addr); 1700 return true; 1701 } 1702 1703 static bool trans_LDDY(DisasContext *ctx, arg_LDDY *a) 1704 { 1705 TCGv Rd = cpu_r[a->rd]; 1706 TCGv addr = gen_get_yaddr(); 1707 1708 tcg_gen_addi_tl(addr, addr, a->imm); /* addr = addr + q */ 1709 gen_data_load(ctx, Rd, addr); 1710 return true; 1711 } 1712 1713 /* 1714 * Loads one byte indirect with or without displacement from the data space 1715 * to a register. For parts with SRAM, the data space consists of the Register 1716 * File, I/O memory and internal SRAM (and external SRAM if applicable). For 1717 * parts without SRAM, the data space consists of the Register File only. In 1718 * some parts the Flash Memory has been mapped to the data space and can be 1719 * read using this command. The EEPROM has a separate address space. The data 1720 * location is pointed to by the Z (16 bits) Pointer Register in the Register 1721 * File. Memory access is limited to the current data segment of 64KB. To 1722 * access another data segment in devices with more than 64KB data space, the 1723 * RAMPZ in register in the I/O area has to be changed. The Z-pointer Register 1724 * can either be left unchanged by the operation, or it can be post-incremented 1725 * or predecremented. These features are especially suited for Stack Pointer 1726 * usage of the Z-pointer Register, however because the Z-pointer Register can 1727 * be used for indirect subroutine calls, indirect jumps and table lookup, it 1728 * is often more convenient to use the X or Y-pointer as a dedicated Stack 1729 * Pointer. Note that only the low byte of the Z-pointer is updated in devices 1730 * with no more than 256 bytes data space. For such devices, the high byte of 1731 * the pointer is not used by this instruction and can be used for other 1732 * purposes. The RAMPZ Register in the I/O area is updated in parts with more 1733 * than 64KB data space or more than 64KB Program memory, and the 1734 * increment/decrement/displacement is added to the entire 24-bit address on 1735 * such devices. Not all variants of this instruction is available in all 1736 * devices. Refer to the device specific instruction set summary. In the 1737 * Reduced Core tinyAVR the LD instruction can be used to achieve the same 1738 * operation as LPM since the program memory is mapped to the data memory 1739 * space. For using the Z-pointer for table lookup in Program memory see the 1740 * LPM and ELPM instructions. 1741 */ 1742 static bool trans_LDZ2(DisasContext *ctx, arg_LDZ2 *a) 1743 { 1744 TCGv Rd = cpu_r[a->rd]; 1745 TCGv addr = gen_get_zaddr(); 1746 1747 gen_data_load(ctx, Rd, addr); 1748 tcg_gen_addi_tl(addr, addr, 1); /* addr = addr + 1 */ 1749 1750 gen_set_zaddr(addr); 1751 return true; 1752 } 1753 1754 static bool trans_LDZ3(DisasContext *ctx, arg_LDZ3 *a) 1755 { 1756 TCGv Rd = cpu_r[a->rd]; 1757 TCGv addr = gen_get_zaddr(); 1758 1759 tcg_gen_subi_tl(addr, addr, 1); /* addr = addr - 1 */ 1760 gen_data_load(ctx, Rd, addr); 1761 1762 gen_set_zaddr(addr); 1763 return true; 1764 } 1765 1766 static bool trans_LDDZ(DisasContext *ctx, arg_LDDZ *a) 1767 { 1768 TCGv Rd = cpu_r[a->rd]; 1769 TCGv addr = gen_get_zaddr(); 1770 1771 tcg_gen_addi_tl(addr, addr, a->imm); /* addr = addr + q */ 1772 gen_data_load(ctx, Rd, addr); 1773 return true; 1774 } 1775 1776 /* 1777 * Stores one byte from a Register to the data space. For parts with SRAM, 1778 * the data space consists of the Register File, I/O memory and internal SRAM 1779 * (and external SRAM if applicable). For parts without SRAM, the data space 1780 * consists of the Register File only. The EEPROM has a separate address space. 1781 * A 16-bit address must be supplied. Memory access is limited to the current 1782 * data segment of 64KB. The STS instruction uses the RAMPD Register to access 1783 * memory above 64KB. To access another data segment in devices with more than 1784 * 64KB data space, the RAMPD in register in the I/O area has to be changed. 1785 * This instruction is not available in all devices. Refer to the device 1786 * specific instruction set summary. 1787 */ 1788 static bool trans_STS(DisasContext *ctx, arg_STS *a) 1789 { 1790 TCGv Rd = cpu_r[a->rd]; 1791 TCGv addr = tcg_temp_new_i32(); 1792 TCGv H = cpu_rampD; 1793 1794 tcg_gen_mov_tl(addr, H); /* addr = H:M:L */ 1795 tcg_gen_shli_tl(addr, addr, 16); 1796 tcg_gen_ori_tl(addr, addr, a->imm); 1797 gen_data_store(ctx, Rd, addr); 1798 return true; 1799 } 1800 1801 /* 1802 * Stores one byte indirect from a register to data space. For parts with SRAM, 1803 * the data space consists of the Register File, I/O memory, and internal SRAM 1804 * (and external SRAM if applicable). For parts without SRAM, the data space 1805 * consists of the Register File only. The EEPROM has a separate address space. 1806 * 1807 * The data location is pointed to by the X (16 bits) Pointer Register in the 1808 * Register File. Memory access is limited to the current data segment of 64KB. 1809 * To access another data segment in devices with more than 64KB data space, the 1810 * RAMPX in register in the I/O area has to be changed. 1811 * 1812 * The X-pointer Register can either be left unchanged by the operation, or it 1813 * can be post-incremented or pre-decremented. These features are especially 1814 * suited for accessing arrays, tables, and Stack Pointer usage of the 1815 * X-pointer Register. Note that only the low byte of the X-pointer is updated 1816 * in devices with no more than 256 bytes data space. For such devices, the high 1817 * byte of the pointer is not used by this instruction and can be used for other 1818 * purposes. The RAMPX Register in the I/O area is updated in parts with more 1819 * than 64KB data space or more than 64KB Program memory, and the increment / 1820 * decrement is added to the entire 24-bit address on such devices. 1821 */ 1822 static bool trans_STX1(DisasContext *ctx, arg_STX1 *a) 1823 { 1824 TCGv Rd = cpu_r[a->rr]; 1825 TCGv addr = gen_get_xaddr(); 1826 1827 gen_data_store(ctx, Rd, addr); 1828 return true; 1829 } 1830 1831 static bool trans_STX2(DisasContext *ctx, arg_STX2 *a) 1832 { 1833 TCGv Rd = cpu_r[a->rr]; 1834 TCGv addr = gen_get_xaddr(); 1835 1836 gen_data_store(ctx, Rd, addr); 1837 tcg_gen_addi_tl(addr, addr, 1); /* addr = addr + 1 */ 1838 gen_set_xaddr(addr); 1839 return true; 1840 } 1841 1842 static bool trans_STX3(DisasContext *ctx, arg_STX3 *a) 1843 { 1844 TCGv Rd = cpu_r[a->rr]; 1845 TCGv addr = gen_get_xaddr(); 1846 1847 tcg_gen_subi_tl(addr, addr, 1); /* addr = addr - 1 */ 1848 gen_data_store(ctx, Rd, addr); 1849 gen_set_xaddr(addr); 1850 return true; 1851 } 1852 1853 /* 1854 * Stores one byte indirect with or without displacement from a register to data 1855 * space. For parts with SRAM, the data space consists of the Register File, I/O 1856 * memory, and internal SRAM (and external SRAM if applicable). For parts 1857 * without SRAM, the data space consists of the Register File only. The EEPROM 1858 * has a separate address space. 1859 * 1860 * The data location is pointed to by the Y (16 bits) Pointer Register in the 1861 * Register File. Memory access is limited to the current data segment of 64KB. 1862 * To access another data segment in devices with more than 64KB data space, the 1863 * RAMPY in register in the I/O area has to be changed. 1864 * 1865 * The Y-pointer Register can either be left unchanged by the operation, or it 1866 * can be post-incremented or pre-decremented. These features are especially 1867 * suited for accessing arrays, tables, and Stack Pointer usage of the Y-pointer 1868 * Register. Note that only the low byte of the Y-pointer is updated in devices 1869 * with no more than 256 bytes data space. For such devices, the high byte of 1870 * the pointer is not used by this instruction and can be used for other 1871 * purposes. The RAMPY Register in the I/O area is updated in parts with more 1872 * than 64KB data space or more than 64KB Program memory, and the increment / 1873 * decrement / displacement is added to the entire 24-bit address on such 1874 * devices. 1875 */ 1876 static bool trans_STY2(DisasContext *ctx, arg_STY2 *a) 1877 { 1878 TCGv Rd = cpu_r[a->rd]; 1879 TCGv addr = gen_get_yaddr(); 1880 1881 gen_data_store(ctx, Rd, addr); 1882 tcg_gen_addi_tl(addr, addr, 1); /* addr = addr + 1 */ 1883 gen_set_yaddr(addr); 1884 return true; 1885 } 1886 1887 static bool trans_STY3(DisasContext *ctx, arg_STY3 *a) 1888 { 1889 TCGv Rd = cpu_r[a->rd]; 1890 TCGv addr = gen_get_yaddr(); 1891 1892 tcg_gen_subi_tl(addr, addr, 1); /* addr = addr - 1 */ 1893 gen_data_store(ctx, Rd, addr); 1894 gen_set_yaddr(addr); 1895 return true; 1896 } 1897 1898 static bool trans_STDY(DisasContext *ctx, arg_STDY *a) 1899 { 1900 TCGv Rd = cpu_r[a->rd]; 1901 TCGv addr = gen_get_yaddr(); 1902 1903 tcg_gen_addi_tl(addr, addr, a->imm); /* addr = addr + q */ 1904 gen_data_store(ctx, Rd, addr); 1905 return true; 1906 } 1907 1908 /* 1909 * Stores one byte indirect with or without displacement from a register to data 1910 * space. For parts with SRAM, the data space consists of the Register File, I/O 1911 * memory, and internal SRAM (and external SRAM if applicable). For parts 1912 * without SRAM, the data space consists of the Register File only. The EEPROM 1913 * has a separate address space. 1914 * 1915 * The data location is pointed to by the Y (16 bits) Pointer Register in the 1916 * Register File. Memory access is limited to the current data segment of 64KB. 1917 * To access another data segment in devices with more than 64KB data space, the 1918 * RAMPY in register in the I/O area has to be changed. 1919 * 1920 * The Y-pointer Register can either be left unchanged by the operation, or it 1921 * can be post-incremented or pre-decremented. These features are especially 1922 * suited for accessing arrays, tables, and Stack Pointer usage of the Y-pointer 1923 * Register. Note that only the low byte of the Y-pointer is updated in devices 1924 * with no more than 256 bytes data space. For such devices, the high byte of 1925 * the pointer is not used by this instruction and can be used for other 1926 * purposes. The RAMPY Register in the I/O area is updated in parts with more 1927 * than 64KB data space or more than 64KB Program memory, and the increment / 1928 * decrement / displacement is added to the entire 24-bit address on such 1929 * devices. 1930 */ 1931 static bool trans_STZ2(DisasContext *ctx, arg_STZ2 *a) 1932 { 1933 TCGv Rd = cpu_r[a->rd]; 1934 TCGv addr = gen_get_zaddr(); 1935 1936 gen_data_store(ctx, Rd, addr); 1937 tcg_gen_addi_tl(addr, addr, 1); /* addr = addr + 1 */ 1938 1939 gen_set_zaddr(addr); 1940 return true; 1941 } 1942 1943 static bool trans_STZ3(DisasContext *ctx, arg_STZ3 *a) 1944 { 1945 TCGv Rd = cpu_r[a->rd]; 1946 TCGv addr = gen_get_zaddr(); 1947 1948 tcg_gen_subi_tl(addr, addr, 1); /* addr = addr - 1 */ 1949 gen_data_store(ctx, Rd, addr); 1950 1951 gen_set_zaddr(addr); 1952 return true; 1953 } 1954 1955 static bool trans_STDZ(DisasContext *ctx, arg_STDZ *a) 1956 { 1957 TCGv Rd = cpu_r[a->rd]; 1958 TCGv addr = gen_get_zaddr(); 1959 1960 tcg_gen_addi_tl(addr, addr, a->imm); /* addr = addr + q */ 1961 gen_data_store(ctx, Rd, addr); 1962 return true; 1963 } 1964 1965 /* 1966 * Loads one byte pointed to by the Z-register into the destination 1967 * register Rd. This instruction features a 100% space effective constant 1968 * initialization or constant data fetch. The Program memory is organized in 1969 * 16-bit words while the Z-pointer is a byte address. Thus, the least 1970 * significant bit of the Z-pointer selects either low byte (ZLSB = 0) or high 1971 * byte (ZLSB = 1). This instruction can address the first 64KB (32K words) of 1972 * Program memory. The Zpointer Register can either be left unchanged by the 1973 * operation, or it can be incremented. The incrementation does not apply to 1974 * the RAMPZ Register. 1975 * 1976 * Devices with Self-Programming capability can use the LPM instruction to read 1977 * the Fuse and Lock bit values. 1978 */ 1979 static bool trans_LPM1(DisasContext *ctx, arg_LPM1 *a) 1980 { 1981 if (!avr_have_feature(ctx, AVR_FEATURE_LPM)) { 1982 return true; 1983 } 1984 1985 TCGv Rd = cpu_r[0]; 1986 TCGv addr = tcg_temp_new_i32(); 1987 TCGv H = cpu_r[31]; 1988 TCGv L = cpu_r[30]; 1989 1990 tcg_gen_shli_tl(addr, H, 8); /* addr = H:L */ 1991 tcg_gen_or_tl(addr, addr, L); 1992 tcg_gen_qemu_ld_tl(Rd, addr, MMU_CODE_IDX, MO_UB); 1993 return true; 1994 } 1995 1996 static bool trans_LPM2(DisasContext *ctx, arg_LPM2 *a) 1997 { 1998 if (!avr_have_feature(ctx, AVR_FEATURE_LPM)) { 1999 return true; 2000 } 2001 2002 TCGv Rd = cpu_r[a->rd]; 2003 TCGv addr = tcg_temp_new_i32(); 2004 TCGv H = cpu_r[31]; 2005 TCGv L = cpu_r[30]; 2006 2007 tcg_gen_shli_tl(addr, H, 8); /* addr = H:L */ 2008 tcg_gen_or_tl(addr, addr, L); 2009 tcg_gen_qemu_ld_tl(Rd, addr, MMU_CODE_IDX, MO_UB); 2010 return true; 2011 } 2012 2013 static bool trans_LPMX(DisasContext *ctx, arg_LPMX *a) 2014 { 2015 if (!avr_have_feature(ctx, AVR_FEATURE_LPMX)) { 2016 return true; 2017 } 2018 2019 TCGv Rd = cpu_r[a->rd]; 2020 TCGv addr = tcg_temp_new_i32(); 2021 TCGv H = cpu_r[31]; 2022 TCGv L = cpu_r[30]; 2023 2024 tcg_gen_shli_tl(addr, H, 8); /* addr = H:L */ 2025 tcg_gen_or_tl(addr, addr, L); 2026 tcg_gen_qemu_ld_tl(Rd, addr, MMU_CODE_IDX, MO_UB); 2027 tcg_gen_addi_tl(addr, addr, 1); /* addr = addr + 1 */ 2028 tcg_gen_andi_tl(L, addr, 0xff); 2029 tcg_gen_shri_tl(addr, addr, 8); 2030 tcg_gen_andi_tl(H, addr, 0xff); 2031 return true; 2032 } 2033 2034 /* 2035 * Loads one byte pointed to by the Z-register and the RAMPZ Register in 2036 * the I/O space, and places this byte in the destination register Rd. This 2037 * instruction features a 100% space effective constant initialization or 2038 * constant data fetch. The Program memory is organized in 16-bit words while 2039 * the Z-pointer is a byte address. Thus, the least significant bit of the 2040 * Z-pointer selects either low byte (ZLSB = 0) or high byte (ZLSB = 1). This 2041 * instruction can address the entire Program memory space. The Z-pointer 2042 * Register can either be left unchanged by the operation, or it can be 2043 * incremented. The incrementation applies to the entire 24-bit concatenation 2044 * of the RAMPZ and Z-pointer Registers. 2045 * 2046 * Devices with Self-Programming capability can use the ELPM instruction to 2047 * read the Fuse and Lock bit value. 2048 */ 2049 static bool trans_ELPM1(DisasContext *ctx, arg_ELPM1 *a) 2050 { 2051 if (!avr_have_feature(ctx, AVR_FEATURE_ELPM)) { 2052 return true; 2053 } 2054 2055 TCGv Rd = cpu_r[0]; 2056 TCGv addr = gen_get_zaddr(); 2057 2058 tcg_gen_qemu_ld_tl(Rd, addr, MMU_CODE_IDX, MO_UB); 2059 return true; 2060 } 2061 2062 static bool trans_ELPM2(DisasContext *ctx, arg_ELPM2 *a) 2063 { 2064 if (!avr_have_feature(ctx, AVR_FEATURE_ELPM)) { 2065 return true; 2066 } 2067 2068 TCGv Rd = cpu_r[a->rd]; 2069 TCGv addr = gen_get_zaddr(); 2070 2071 tcg_gen_qemu_ld_tl(Rd, addr, MMU_CODE_IDX, MO_UB); 2072 return true; 2073 } 2074 2075 static bool trans_ELPMX(DisasContext *ctx, arg_ELPMX *a) 2076 { 2077 if (!avr_have_feature(ctx, AVR_FEATURE_ELPMX)) { 2078 return true; 2079 } 2080 2081 TCGv Rd = cpu_r[a->rd]; 2082 TCGv addr = gen_get_zaddr(); 2083 2084 tcg_gen_qemu_ld_tl(Rd, addr, MMU_CODE_IDX, MO_UB); 2085 tcg_gen_addi_tl(addr, addr, 1); /* addr = addr + 1 */ 2086 gen_set_zaddr(addr); 2087 return true; 2088 } 2089 2090 /* 2091 * SPM can be used to erase a page in the Program memory, to write a page 2092 * in the Program memory (that is already erased), and to set Boot Loader Lock 2093 * bits. In some devices, the Program memory can be written one word at a time, 2094 * in other devices an entire page can be programmed simultaneously after first 2095 * filling a temporary page buffer. In all cases, the Program memory must be 2096 * erased one page at a time. When erasing the Program memory, the RAMPZ and 2097 * Z-register are used as page address. When writing the Program memory, the 2098 * RAMPZ and Z-register are used as page or word address, and the R1:R0 2099 * register pair is used as data(1). When setting the Boot Loader Lock bits, 2100 * the R1:R0 register pair is used as data. Refer to the device documentation 2101 * for detailed description of SPM usage. This instruction can address the 2102 * entire Program memory. 2103 * 2104 * The SPM instruction is not available in all devices. Refer to the device 2105 * specific instruction set summary. 2106 * 2107 * Note: 1. R1 determines the instruction high byte, and R0 determines the 2108 * instruction low byte. 2109 */ 2110 static bool trans_SPM(DisasContext *ctx, arg_SPM *a) 2111 { 2112 /* TODO */ 2113 if (!avr_have_feature(ctx, AVR_FEATURE_SPM)) { 2114 return true; 2115 } 2116 2117 return true; 2118 } 2119 2120 static bool trans_SPMX(DisasContext *ctx, arg_SPMX *a) 2121 { 2122 /* TODO */ 2123 if (!avr_have_feature(ctx, AVR_FEATURE_SPMX)) { 2124 return true; 2125 } 2126 2127 return true; 2128 } 2129 2130 /* 2131 * Loads data from the I/O Space (Ports, Timers, Configuration Registers, 2132 * etc.) into register Rd in the Register File. 2133 */ 2134 static bool trans_IN(DisasContext *ctx, arg_IN *a) 2135 { 2136 TCGv Rd = cpu_r[a->rd]; 2137 2138 gen_inb(ctx, Rd, a->imm); 2139 return true; 2140 } 2141 2142 /* 2143 * Stores data from register Rr in the Register File to I/O Space (Ports, 2144 * Timers, Configuration Registers, etc.). 2145 */ 2146 static bool trans_OUT(DisasContext *ctx, arg_OUT *a) 2147 { 2148 TCGv Rd = cpu_r[a->rd]; 2149 2150 gen_outb(ctx, Rd, a->imm); 2151 return true; 2152 } 2153 2154 /* 2155 * This instruction stores the contents of register Rr on the STACK. The 2156 * Stack Pointer is post-decremented by 1 after the PUSH. This instruction is 2157 * not available in all devices. Refer to the device specific instruction set 2158 * summary. 2159 */ 2160 static bool trans_PUSH(DisasContext *ctx, arg_PUSH *a) 2161 { 2162 TCGv Rd = cpu_r[a->rd]; 2163 2164 gen_data_store(ctx, Rd, cpu_sp); 2165 tcg_gen_subi_tl(cpu_sp, cpu_sp, 1); 2166 2167 return true; 2168 } 2169 2170 /* 2171 * This instruction loads register Rd with a byte from the STACK. The Stack 2172 * Pointer is pre-incremented by 1 before the POP. This instruction is not 2173 * available in all devices. Refer to the device specific instruction set 2174 * summary. 2175 */ 2176 static bool trans_POP(DisasContext *ctx, arg_POP *a) 2177 { 2178 /* 2179 * Using a temp to work around some strange behaviour: 2180 * tcg_gen_addi_tl(cpu_sp, cpu_sp, 1); 2181 * gen_data_load(ctx, Rd, cpu_sp); 2182 * seems to cause the add to happen twice. 2183 * This doesn't happen if either the add or the load is removed. 2184 */ 2185 TCGv t1 = tcg_temp_new_i32(); 2186 TCGv Rd = cpu_r[a->rd]; 2187 2188 tcg_gen_addi_tl(t1, cpu_sp, 1); 2189 gen_data_load(ctx, Rd, t1); 2190 tcg_gen_mov_tl(cpu_sp, t1); 2191 2192 return true; 2193 } 2194 2195 /* 2196 * Exchanges one byte indirect between register and data space. The data 2197 * location is pointed to by the Z (16 bits) Pointer Register in the Register 2198 * File. Memory access is limited to the current data segment of 64KB. To 2199 * access another data segment in devices with more than 64KB data space, the 2200 * RAMPZ in register in the I/O area has to be changed. 2201 * 2202 * The Z-pointer Register is left unchanged by the operation. This instruction 2203 * is especially suited for writing/reading status bits stored in SRAM. 2204 */ 2205 static bool trans_XCH(DisasContext *ctx, arg_XCH *a) 2206 { 2207 if (!avr_have_feature(ctx, AVR_FEATURE_RMW)) { 2208 return true; 2209 } 2210 2211 TCGv Rd = cpu_r[a->rd]; 2212 TCGv t0 = tcg_temp_new_i32(); 2213 TCGv addr = gen_get_zaddr(); 2214 2215 gen_data_load(ctx, t0, addr); 2216 gen_data_store(ctx, Rd, addr); 2217 tcg_gen_mov_tl(Rd, t0); 2218 return true; 2219 } 2220 2221 /* 2222 * Load one byte indirect from data space to register and set bits in data 2223 * space specified by the register. The instruction can only be used towards 2224 * internal SRAM. The data location is pointed to by the Z (16 bits) Pointer 2225 * Register in the Register File. Memory access is limited to the current data 2226 * segment of 64KB. To access another data segment in devices with more than 2227 * 64KB data space, the RAMPZ in register in the I/O area has to be changed. 2228 * 2229 * The Z-pointer Register is left unchanged by the operation. This instruction 2230 * is especially suited for setting status bits stored in SRAM. 2231 */ 2232 static bool trans_LAS(DisasContext *ctx, arg_LAS *a) 2233 { 2234 if (!avr_have_feature(ctx, AVR_FEATURE_RMW)) { 2235 return true; 2236 } 2237 2238 TCGv Rr = cpu_r[a->rd]; 2239 TCGv addr = gen_get_zaddr(); 2240 TCGv t0 = tcg_temp_new_i32(); 2241 TCGv t1 = tcg_temp_new_i32(); 2242 2243 gen_data_load(ctx, t0, addr); /* t0 = mem[addr] */ 2244 tcg_gen_or_tl(t1, t0, Rr); 2245 tcg_gen_mov_tl(Rr, t0); /* Rr = t0 */ 2246 gen_data_store(ctx, t1, addr); /* mem[addr] = t1 */ 2247 return true; 2248 } 2249 2250 /* 2251 * Load one byte indirect from data space to register and stores and clear 2252 * the bits in data space specified by the register. The instruction can 2253 * only be used towards internal SRAM. The data location is pointed to by 2254 * the Z (16 bits) Pointer Register in the Register File. Memory access is 2255 * limited to the current data segment of 64KB. To access another data 2256 * segment in devices with more than 64KB data space, the RAMPZ in register 2257 * in the I/O area has to be changed. 2258 * 2259 * The Z-pointer Register is left unchanged by the operation. This instruction 2260 * is especially suited for clearing status bits stored in SRAM. 2261 */ 2262 static bool trans_LAC(DisasContext *ctx, arg_LAC *a) 2263 { 2264 if (!avr_have_feature(ctx, AVR_FEATURE_RMW)) { 2265 return true; 2266 } 2267 2268 TCGv Rr = cpu_r[a->rd]; 2269 TCGv addr = gen_get_zaddr(); 2270 TCGv t0 = tcg_temp_new_i32(); 2271 TCGv t1 = tcg_temp_new_i32(); 2272 2273 gen_data_load(ctx, t0, addr); /* t0 = mem[addr] */ 2274 tcg_gen_andc_tl(t1, t0, Rr); /* t1 = t0 & (0xff - Rr) = t0 & ~Rr */ 2275 tcg_gen_mov_tl(Rr, t0); /* Rr = t0 */ 2276 gen_data_store(ctx, t1, addr); /* mem[addr] = t1 */ 2277 return true; 2278 } 2279 2280 2281 /* 2282 * Load one byte indirect from data space to register and toggles bits in 2283 * the data space specified by the register. The instruction can only be used 2284 * towards SRAM. The data location is pointed to by the Z (16 bits) Pointer 2285 * Register in the Register File. Memory access is limited to the current data 2286 * segment of 64KB. To access another data segment in devices with more than 2287 * 64KB data space, the RAMPZ in register in the I/O area has to be changed. 2288 * 2289 * The Z-pointer Register is left unchanged by the operation. This instruction 2290 * is especially suited for changing status bits stored in SRAM. 2291 */ 2292 static bool trans_LAT(DisasContext *ctx, arg_LAT *a) 2293 { 2294 if (!avr_have_feature(ctx, AVR_FEATURE_RMW)) { 2295 return true; 2296 } 2297 2298 TCGv Rd = cpu_r[a->rd]; 2299 TCGv addr = gen_get_zaddr(); 2300 TCGv t0 = tcg_temp_new_i32(); 2301 TCGv t1 = tcg_temp_new_i32(); 2302 2303 gen_data_load(ctx, t0, addr); /* t0 = mem[addr] */ 2304 tcg_gen_xor_tl(t1, t0, Rd); 2305 tcg_gen_mov_tl(Rd, t0); /* Rd = t0 */ 2306 gen_data_store(ctx, t1, addr); /* mem[addr] = t1 */ 2307 return true; 2308 } 2309 2310 /* 2311 * Bit and Bit-test Instructions 2312 */ 2313 static void gen_rshift_ZNVSf(TCGv R) 2314 { 2315 tcg_gen_setcondi_tl(TCG_COND_EQ, cpu_Zf, R, 0); /* Zf = R == 0 */ 2316 tcg_gen_shri_tl(cpu_Nf, R, 7); /* Nf = R(7) */ 2317 tcg_gen_xor_tl(cpu_Vf, cpu_Nf, cpu_Cf); 2318 tcg_gen_xor_tl(cpu_Sf, cpu_Nf, cpu_Vf); /* Sf = Nf ^ Vf */ 2319 } 2320 2321 /* 2322 * Shifts all bits in Rd one place to the right. Bit 7 is cleared. Bit 0 is 2323 * loaded into the C Flag of the SREG. This operation effectively divides an 2324 * unsigned value by two. The C Flag can be used to round the result. 2325 */ 2326 static bool trans_LSR(DisasContext *ctx, arg_LSR *a) 2327 { 2328 TCGv Rd = cpu_r[a->rd]; 2329 2330 tcg_gen_andi_tl(cpu_Cf, Rd, 1); 2331 tcg_gen_shri_tl(Rd, Rd, 1); 2332 2333 /* update status register */ 2334 tcg_gen_setcondi_tl(TCG_COND_EQ, cpu_Zf, Rd, 0); /* Zf = Rd == 0 */ 2335 tcg_gen_movi_tl(cpu_Nf, 0); 2336 tcg_gen_mov_tl(cpu_Vf, cpu_Cf); 2337 tcg_gen_mov_tl(cpu_Sf, cpu_Vf); 2338 2339 return true; 2340 } 2341 2342 /* 2343 * Shifts all bits in Rd one place to the right. The C Flag is shifted into 2344 * bit 7 of Rd. Bit 0 is shifted into the C Flag. This operation, combined 2345 * with ASR, effectively divides multi-byte signed values by two. Combined with 2346 * LSR it effectively divides multi-byte unsigned values by two. The Carry Flag 2347 * can be used to round the result. 2348 */ 2349 static bool trans_ROR(DisasContext *ctx, arg_ROR *a) 2350 { 2351 TCGv Rd = cpu_r[a->rd]; 2352 TCGv t0 = tcg_temp_new_i32(); 2353 2354 tcg_gen_shli_tl(t0, cpu_Cf, 7); 2355 2356 /* update status register */ 2357 tcg_gen_andi_tl(cpu_Cf, Rd, 1); 2358 2359 /* update output register */ 2360 tcg_gen_shri_tl(Rd, Rd, 1); 2361 tcg_gen_or_tl(Rd, Rd, t0); 2362 2363 /* update status register */ 2364 gen_rshift_ZNVSf(Rd); 2365 return true; 2366 } 2367 2368 /* 2369 * Shifts all bits in Rd one place to the right. Bit 7 is held constant. Bit 0 2370 * is loaded into the C Flag of the SREG. This operation effectively divides a 2371 * signed value by two without changing its sign. The Carry Flag can be used to 2372 * round the result. 2373 */ 2374 static bool trans_ASR(DisasContext *ctx, arg_ASR *a) 2375 { 2376 TCGv Rd = cpu_r[a->rd]; 2377 TCGv t0 = tcg_temp_new_i32(); 2378 2379 /* update status register */ 2380 tcg_gen_andi_tl(cpu_Cf, Rd, 1); /* Cf = Rd(0) */ 2381 2382 /* update output register */ 2383 tcg_gen_andi_tl(t0, Rd, 0x80); /* Rd = (Rd & 0x80) | (Rd >> 1) */ 2384 tcg_gen_shri_tl(Rd, Rd, 1); 2385 tcg_gen_or_tl(Rd, Rd, t0); 2386 2387 /* update status register */ 2388 gen_rshift_ZNVSf(Rd); 2389 return true; 2390 } 2391 2392 /* 2393 * Swaps high and low nibbles in a register. 2394 */ 2395 static bool trans_SWAP(DisasContext *ctx, arg_SWAP *a) 2396 { 2397 TCGv Rd = cpu_r[a->rd]; 2398 TCGv t0 = tcg_temp_new_i32(); 2399 TCGv t1 = tcg_temp_new_i32(); 2400 2401 tcg_gen_andi_tl(t0, Rd, 0x0f); 2402 tcg_gen_shli_tl(t0, t0, 4); 2403 tcg_gen_andi_tl(t1, Rd, 0xf0); 2404 tcg_gen_shri_tl(t1, t1, 4); 2405 tcg_gen_or_tl(Rd, t0, t1); 2406 return true; 2407 } 2408 2409 /* 2410 * Sets a specified bit in an I/O Register. This instruction operates on 2411 * the lower 32 I/O Registers -- addresses 0-31. 2412 */ 2413 static bool trans_SBI(DisasContext *ctx, arg_SBI *a) 2414 { 2415 TCGv data = tcg_temp_new_i32(); 2416 2417 gen_inb(ctx, data, a->reg); 2418 tcg_gen_ori_tl(data, data, 1 << a->bit); 2419 gen_outb(ctx, data, a->reg); 2420 return true; 2421 } 2422 2423 /* 2424 * Clears a specified bit in an I/O Register. This instruction operates on 2425 * the lower 32 I/O Registers -- addresses 0-31. 2426 */ 2427 static bool trans_CBI(DisasContext *ctx, arg_CBI *a) 2428 { 2429 TCGv data = tcg_temp_new_i32(); 2430 2431 gen_inb(ctx, data, a->reg); 2432 tcg_gen_andi_tl(data, data, ~(1 << a->bit)); 2433 gen_outb(ctx, data, a->reg); 2434 return true; 2435 } 2436 2437 /* 2438 * Stores bit b from Rd to the T Flag in SREG (Status Register). 2439 */ 2440 static bool trans_BST(DisasContext *ctx, arg_BST *a) 2441 { 2442 TCGv Rd = cpu_r[a->rd]; 2443 2444 tcg_gen_andi_tl(cpu_Tf, Rd, 1 << a->bit); 2445 tcg_gen_shri_tl(cpu_Tf, cpu_Tf, a->bit); 2446 2447 return true; 2448 } 2449 2450 /* 2451 * Copies the T Flag in the SREG (Status Register) to bit b in register Rd. 2452 */ 2453 static bool trans_BLD(DisasContext *ctx, arg_BLD *a) 2454 { 2455 TCGv Rd = cpu_r[a->rd]; 2456 TCGv t1 = tcg_temp_new_i32(); 2457 2458 tcg_gen_andi_tl(Rd, Rd, ~(1u << a->bit)); /* clear bit */ 2459 tcg_gen_shli_tl(t1, cpu_Tf, a->bit); /* create mask */ 2460 tcg_gen_or_tl(Rd, Rd, t1); 2461 return true; 2462 } 2463 2464 /* 2465 * Sets a single Flag or bit in SREG. 2466 */ 2467 static bool trans_BSET(DisasContext *ctx, arg_BSET *a) 2468 { 2469 switch (a->bit) { 2470 case 0x00: 2471 tcg_gen_movi_tl(cpu_Cf, 0x01); 2472 break; 2473 case 0x01: 2474 tcg_gen_movi_tl(cpu_Zf, 0x01); 2475 break; 2476 case 0x02: 2477 tcg_gen_movi_tl(cpu_Nf, 0x01); 2478 break; 2479 case 0x03: 2480 tcg_gen_movi_tl(cpu_Vf, 0x01); 2481 break; 2482 case 0x04: 2483 tcg_gen_movi_tl(cpu_Sf, 0x01); 2484 break; 2485 case 0x05: 2486 tcg_gen_movi_tl(cpu_Hf, 0x01); 2487 break; 2488 case 0x06: 2489 tcg_gen_movi_tl(cpu_Tf, 0x01); 2490 break; 2491 case 0x07: 2492 tcg_gen_movi_tl(cpu_If, 0x01); 2493 break; 2494 } 2495 2496 return true; 2497 } 2498 2499 /* 2500 * Clears a single Flag in SREG. 2501 */ 2502 static bool trans_BCLR(DisasContext *ctx, arg_BCLR *a) 2503 { 2504 switch (a->bit) { 2505 case 0x00: 2506 tcg_gen_movi_tl(cpu_Cf, 0x00); 2507 break; 2508 case 0x01: 2509 tcg_gen_movi_tl(cpu_Zf, 0x00); 2510 break; 2511 case 0x02: 2512 tcg_gen_movi_tl(cpu_Nf, 0x00); 2513 break; 2514 case 0x03: 2515 tcg_gen_movi_tl(cpu_Vf, 0x00); 2516 break; 2517 case 0x04: 2518 tcg_gen_movi_tl(cpu_Sf, 0x00); 2519 break; 2520 case 0x05: 2521 tcg_gen_movi_tl(cpu_Hf, 0x00); 2522 break; 2523 case 0x06: 2524 tcg_gen_movi_tl(cpu_Tf, 0x00); 2525 break; 2526 case 0x07: 2527 tcg_gen_movi_tl(cpu_If, 0x00); 2528 break; 2529 } 2530 2531 return true; 2532 } 2533 2534 /* 2535 * MCU Control Instructions 2536 */ 2537 2538 /* 2539 * The BREAK instruction is used by the On-chip Debug system, and is 2540 * normally not used in the application software. When the BREAK instruction is 2541 * executed, the AVR CPU is set in the Stopped Mode. This gives the On-chip 2542 * Debugger access to internal resources. If any Lock bits are set, or either 2543 * the JTAGEN or OCDEN Fuses are unprogrammed, the CPU will treat the BREAK 2544 * instruction as a NOP and will not enter the Stopped mode. This instruction 2545 * is not available in all devices. Refer to the device specific instruction 2546 * set summary. 2547 */ 2548 static bool trans_BREAK(DisasContext *ctx, arg_BREAK *a) 2549 { 2550 if (!avr_have_feature(ctx, AVR_FEATURE_BREAK)) { 2551 return true; 2552 } 2553 2554 #ifdef BREAKPOINT_ON_BREAK 2555 tcg_gen_movi_tl(cpu_pc, ctx->npc - 1); 2556 gen_helper_debug(tcg_env); 2557 ctx->base.is_jmp = DISAS_EXIT; 2558 #else 2559 /* NOP */ 2560 #endif 2561 2562 return true; 2563 } 2564 2565 /* 2566 * This instruction performs a single cycle No Operation. 2567 */ 2568 static bool trans_NOP(DisasContext *ctx, arg_NOP *a) 2569 { 2570 2571 /* NOP */ 2572 2573 return true; 2574 } 2575 2576 /* 2577 * This instruction sets the circuit in sleep mode defined by the MCU 2578 * Control Register. 2579 */ 2580 static bool trans_SLEEP(DisasContext *ctx, arg_SLEEP *a) 2581 { 2582 gen_helper_sleep(tcg_env); 2583 ctx->base.is_jmp = DISAS_NORETURN; 2584 return true; 2585 } 2586 2587 /* 2588 * This instruction resets the Watchdog Timer. This instruction must be 2589 * executed within a limited time given by the WD prescaler. See the Watchdog 2590 * Timer hardware specification. 2591 */ 2592 static bool trans_WDR(DisasContext *ctx, arg_WDR *a) 2593 { 2594 gen_helper_wdr(tcg_env); 2595 2596 return true; 2597 } 2598 2599 /* 2600 * Core translation mechanism functions: 2601 * 2602 * - translate() 2603 * - canonicalize_skip() 2604 * - translate_code() 2605 * - restore_state_to_opc() 2606 * 2607 */ 2608 static void translate(DisasContext *ctx) 2609 { 2610 uint32_t opcode = next_word(ctx); 2611 2612 if (!decode_insn(ctx, opcode)) { 2613 gen_helper_unsupported(tcg_env); 2614 ctx->base.is_jmp = DISAS_NORETURN; 2615 } 2616 } 2617 2618 /* Standardize the cpu_skip condition to NE. */ 2619 static bool canonicalize_skip(DisasContext *ctx) 2620 { 2621 switch (ctx->skip_cond) { 2622 case TCG_COND_NEVER: 2623 /* Normal case: cpu_skip is known to be false. */ 2624 return false; 2625 2626 case TCG_COND_ALWAYS: 2627 /* 2628 * Breakpoint case: cpu_skip is known to be true, via TB_FLAGS_SKIP. 2629 * The breakpoint is on the instruction being skipped, at the start 2630 * of the TranslationBlock. No need to update. 2631 */ 2632 return false; 2633 2634 case TCG_COND_NE: 2635 if (ctx->skip_var1 == NULL) { 2636 tcg_gen_mov_tl(cpu_skip, ctx->skip_var0); 2637 } else { 2638 tcg_gen_xor_tl(cpu_skip, ctx->skip_var0, ctx->skip_var1); 2639 ctx->skip_var1 = NULL; 2640 } 2641 break; 2642 2643 default: 2644 /* Convert to a NE condition vs 0. */ 2645 if (ctx->skip_var1 == NULL) { 2646 tcg_gen_setcondi_tl(ctx->skip_cond, cpu_skip, ctx->skip_var0, 0); 2647 } else { 2648 tcg_gen_setcond_tl(ctx->skip_cond, cpu_skip, 2649 ctx->skip_var0, ctx->skip_var1); 2650 ctx->skip_var1 = NULL; 2651 } 2652 ctx->skip_cond = TCG_COND_NE; 2653 break; 2654 } 2655 ctx->skip_var0 = cpu_skip; 2656 return true; 2657 } 2658 2659 static void avr_tr_init_disas_context(DisasContextBase *dcbase, CPUState *cs) 2660 { 2661 DisasContext *ctx = container_of(dcbase, DisasContext, base); 2662 uint32_t tb_flags = ctx->base.tb->flags; 2663 2664 ctx->cs = cs; 2665 ctx->env = cpu_env(cs); 2666 ctx->npc = ctx->base.pc_first / 2; 2667 2668 ctx->skip_cond = TCG_COND_NEVER; 2669 if (tb_flags & TB_FLAGS_SKIP) { 2670 ctx->skip_cond = TCG_COND_ALWAYS; 2671 ctx->skip_var0 = cpu_skip; 2672 } 2673 2674 if (tb_flags & TB_FLAGS_FULL_ACCESS) { 2675 /* 2676 * This flag is set by ST/LD instruction we will regenerate it ONLY 2677 * with mem/cpu memory access instead of mem access 2678 */ 2679 ctx->base.max_insns = 1; 2680 } 2681 } 2682 2683 static void avr_tr_tb_start(DisasContextBase *db, CPUState *cs) 2684 { 2685 } 2686 2687 static void avr_tr_insn_start(DisasContextBase *dcbase, CPUState *cs) 2688 { 2689 DisasContext *ctx = container_of(dcbase, DisasContext, base); 2690 2691 tcg_gen_insn_start(ctx->npc); 2692 } 2693 2694 static void avr_tr_translate_insn(DisasContextBase *dcbase, CPUState *cs) 2695 { 2696 DisasContext *ctx = container_of(dcbase, DisasContext, base); 2697 TCGLabel *skip_label = NULL; 2698 2699 /* Conditionally skip the next instruction, if indicated. */ 2700 if (ctx->skip_cond != TCG_COND_NEVER) { 2701 skip_label = gen_new_label(); 2702 if (ctx->skip_var0 == cpu_skip) { 2703 /* 2704 * Copy cpu_skip so that we may zero it before the branch. 2705 * This ensures that cpu_skip is non-zero after the label 2706 * if and only if the skipped insn itself sets a skip. 2707 */ 2708 ctx->skip_var0 = tcg_temp_new(); 2709 tcg_gen_mov_tl(ctx->skip_var0, cpu_skip); 2710 tcg_gen_movi_tl(cpu_skip, 0); 2711 } 2712 if (ctx->skip_var1 == NULL) { 2713 tcg_gen_brcondi_tl(ctx->skip_cond, ctx->skip_var0, 0, skip_label); 2714 } else { 2715 tcg_gen_brcond_tl(ctx->skip_cond, ctx->skip_var0, 2716 ctx->skip_var1, skip_label); 2717 ctx->skip_var1 = NULL; 2718 } 2719 ctx->skip_cond = TCG_COND_NEVER; 2720 ctx->skip_var0 = NULL; 2721 } 2722 2723 translate(ctx); 2724 2725 ctx->base.pc_next = ctx->npc * 2; 2726 2727 if (skip_label) { 2728 canonicalize_skip(ctx); 2729 gen_set_label(skip_label); 2730 2731 switch (ctx->base.is_jmp) { 2732 case DISAS_NORETURN: 2733 ctx->base.is_jmp = DISAS_CHAIN; 2734 break; 2735 case DISAS_NEXT: 2736 if (ctx->base.tb->flags & TB_FLAGS_SKIP) { 2737 ctx->base.is_jmp = DISAS_TOO_MANY; 2738 } 2739 break; 2740 default: 2741 break; 2742 } 2743 } 2744 2745 if (ctx->base.is_jmp == DISAS_NEXT) { 2746 target_ulong page_first = ctx->base.pc_first & TARGET_PAGE_MASK; 2747 2748 if ((ctx->base.pc_next - page_first) >= TARGET_PAGE_SIZE - 4) { 2749 ctx->base.is_jmp = DISAS_TOO_MANY; 2750 } 2751 } 2752 } 2753 2754 static void avr_tr_tb_stop(DisasContextBase *dcbase, CPUState *cs) 2755 { 2756 DisasContext *ctx = container_of(dcbase, DisasContext, base); 2757 bool nonconst_skip = canonicalize_skip(ctx); 2758 /* 2759 * Because we disable interrupts while env->skip is set, 2760 * we must return to the main loop to re-evaluate afterward. 2761 */ 2762 bool force_exit = ctx->base.tb->flags & TB_FLAGS_SKIP; 2763 2764 switch (ctx->base.is_jmp) { 2765 case DISAS_NORETURN: 2766 assert(!nonconst_skip); 2767 break; 2768 case DISAS_NEXT: 2769 case DISAS_TOO_MANY: 2770 case DISAS_CHAIN: 2771 if (!nonconst_skip && !force_exit) { 2772 /* Note gen_goto_tb checks singlestep. */ 2773 gen_goto_tb(ctx, 1, ctx->npc); 2774 break; 2775 } 2776 tcg_gen_movi_tl(cpu_pc, ctx->npc); 2777 /* fall through */ 2778 case DISAS_LOOKUP: 2779 if (!force_exit) { 2780 tcg_gen_lookup_and_goto_ptr(); 2781 break; 2782 } 2783 /* fall through */ 2784 case DISAS_EXIT: 2785 tcg_gen_exit_tb(NULL, 0); 2786 break; 2787 default: 2788 g_assert_not_reached(); 2789 } 2790 } 2791 2792 static const TranslatorOps avr_tr_ops = { 2793 .init_disas_context = avr_tr_init_disas_context, 2794 .tb_start = avr_tr_tb_start, 2795 .insn_start = avr_tr_insn_start, 2796 .translate_insn = avr_tr_translate_insn, 2797 .tb_stop = avr_tr_tb_stop, 2798 }; 2799 2800 void avr_cpu_translate_code(CPUState *cs, TranslationBlock *tb, 2801 int *max_insns, vaddr pc, void *host_pc) 2802 { 2803 DisasContext dc = { }; 2804 translator_loop(cs, tb, max_insns, pc, host_pc, &avr_tr_ops, &dc.base); 2805 } 2806