4 * Copyright (c) 2003 Fabrice Bellard
6 * This library is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU Lesser General Public
8 * License as published by the Free Software Foundation; either
9 * version 2 of the License, or (at your option) any later version.
11 * This library is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 * Lesser General Public License for more details.
16 * You should have received a copy of the GNU Lesser General Public
17 * License along with this library; if not, write to the Free Software
18 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
32 /* XXX: move that elsewhere */
33 static uint16_t *gen_opc_ptr;
34 static uint32_t *gen_opparam_ptr;
36 #define PREFIX_REPZ 0x01
37 #define PREFIX_REPNZ 0x02
38 #define PREFIX_LOCK 0x04
39 #define PREFIX_DATA 0x08
40 #define PREFIX_ADR 0x10
43 #define X86_64_ONLY(x) x
44 #define X86_64_DEF(x...) x
45 #define CODE64(s) ((s)->code64)
46 #define REX_X(s) ((s)->rex_x)
47 #define REX_B(s) ((s)->rex_b)
48 /* XXX: gcc generates push/pop in some opcodes, so we cannot use them */
50 #define BUGGY_64(x) NULL
53 #define X86_64_ONLY(x) NULL
54 #define X86_64_DEF(x...)
61 static int x86_64_hregs;
64 #ifdef USE_DIRECT_JUMP
67 #define TBPARAM(x) (long)(x)
70 typedef struct DisasContext {
71 /* current insn context */
72 int override; /* -1 if no override */
75 target_ulong pc; /* pc = eip + cs_base */
76 int is_jmp; /* 1 = means jump (stop translation), 2 means CPU
77 static state change (stop translation) */
78 /* current block context */
79 target_ulong cs_base; /* base of CS segment */
80 int pe; /* protected mode */
81 int code32; /* 32 bit code segment */
83 int lma; /* long mode active */
84 int code64; /* 64 bit code segment */
87 int ss32; /* 32 bit stack segment */
88 int cc_op; /* current CC operation */
89 int addseg; /* non zero if either DS/ES/SS have a non zero base */
90 int f_st; /* currently unused */
91 int vm86; /* vm86 mode */
94 int tf; /* TF cpu flag */
95 int singlestep_enabled; /* "hardware" single step enabled */
96 int jmp_opt; /* use direct block chaining for direct jumps */
97 int mem_index; /* select memory access functions */
98 int flags; /* all execution flags */
99 struct TranslationBlock *tb;
100 int popl_esp_hack; /* for correct popl with esp base handling */
101 int rip_offset; /* only used in x86_64, but left for simplicity */
105 static void gen_eob(DisasContext *s);
106 static void gen_jmp(DisasContext *s, target_ulong eip);
107 static void gen_jmp_tb(DisasContext *s, target_ulong eip, int tb_num);
109 /* i386 arith/logic operations */
129 OP_SHL1, /* undocumented */
134 #define DEF(s, n, copy_size) INDEX_op_ ## s,
151 /* I386 int registers */
152 OR_EAX, /* MUST be even numbered */
161 OR_TMP0 = 16, /* temporary operand register */
163 OR_A0, /* temporary register used when doing address evaluation */
168 #define NB_OP_SIZES 4
170 #define DEF_REGS(prefix, suffix) \
171 prefix ## EAX ## suffix,\
172 prefix ## ECX ## suffix,\
173 prefix ## EDX ## suffix,\
174 prefix ## EBX ## suffix,\
175 prefix ## ESP ## suffix,\
176 prefix ## EBP ## suffix,\
177 prefix ## ESI ## suffix,\
178 prefix ## EDI ## suffix,\
179 prefix ## R8 ## suffix,\
180 prefix ## R9 ## suffix,\
181 prefix ## R10 ## suffix,\
182 prefix ## R11 ## suffix,\
183 prefix ## R12 ## suffix,\
184 prefix ## R13 ## suffix,\
185 prefix ## R14 ## suffix,\
186 prefix ## R15 ## suffix,
188 #define DEF_BREGS(prefixb, prefixh, suffix) \
190 static void prefixb ## ESP ## suffix ## _wrapper(void) \
193 prefixb ## ESP ## suffix (); \
195 prefixh ## EAX ## suffix (); \
198 static void prefixb ## EBP ## suffix ## _wrapper(void) \
201 prefixb ## EBP ## suffix (); \
203 prefixh ## ECX ## suffix (); \
206 static void prefixb ## ESI ## suffix ## _wrapper(void) \
209 prefixb ## ESI ## suffix (); \
211 prefixh ## EDX ## suffix (); \
214 static void prefixb ## EDI ## suffix ## _wrapper(void) \
217 prefixb ## EDI ## suffix (); \
219 prefixh ## EBX ## suffix (); \
222 DEF_BREGS(gen_op_movb_, gen_op_movh_, _T0)
223 DEF_BREGS(gen_op_movb_, gen_op_movh_, _T1)
224 DEF_BREGS(gen_op_movl_T0_, gen_op_movh_T0_, )
225 DEF_BREGS(gen_op_movl_T1_, gen_op_movh_T1_, )
227 #else /* !TARGET_X86_64 */
229 #define NB_OP_SIZES 3
231 #define DEF_REGS(prefix, suffix) \
232 prefix ## EAX ## suffix,\
233 prefix ## ECX ## suffix,\
234 prefix ## EDX ## suffix,\
235 prefix ## EBX ## suffix,\
236 prefix ## ESP ## suffix,\
237 prefix ## EBP ## suffix,\
238 prefix ## ESI ## suffix,\
239 prefix ## EDI ## suffix,
241 #endif /* !TARGET_X86_64 */
243 static GenOpFunc *gen_op_mov_reg_T0[NB_OP_SIZES][CPU_NB_REGS] = {
250 gen_op_movb_ESP_T0_wrapper,
251 gen_op_movb_EBP_T0_wrapper,
252 gen_op_movb_ESI_T0_wrapper,
253 gen_op_movb_EDI_T0_wrapper,
270 DEF_REGS(gen_op_movw_, _T0)
273 DEF_REGS(gen_op_movl_, _T0)
277 DEF_REGS(gen_op_movq_, _T0)
282 static GenOpFunc *gen_op_mov_reg_T1[NB_OP_SIZES][CPU_NB_REGS] = {
289 gen_op_movb_ESP_T1_wrapper,
290 gen_op_movb_EBP_T1_wrapper,
291 gen_op_movb_ESI_T1_wrapper,
292 gen_op_movb_EDI_T1_wrapper,
309 DEF_REGS(gen_op_movw_, _T1)
312 DEF_REGS(gen_op_movl_, _T1)
316 DEF_REGS(gen_op_movq_, _T1)
321 static GenOpFunc *gen_op_mov_reg_A0[NB_OP_SIZES - 1][CPU_NB_REGS] = {
323 DEF_REGS(gen_op_movw_, _A0)
326 DEF_REGS(gen_op_movl_, _A0)
330 DEF_REGS(gen_op_movq_, _A0)
335 static GenOpFunc *gen_op_mov_TN_reg[NB_OP_SIZES][2][CPU_NB_REGS] =
344 gen_op_movl_T0_ESP_wrapper,
345 gen_op_movl_T0_EBP_wrapper,
346 gen_op_movl_T0_ESI_wrapper,
347 gen_op_movl_T0_EDI_wrapper,
369 gen_op_movl_T1_ESP_wrapper,
370 gen_op_movl_T1_EBP_wrapper,
371 gen_op_movl_T1_ESI_wrapper,
372 gen_op_movl_T1_EDI_wrapper,
391 DEF_REGS(gen_op_movl_T0_, )
394 DEF_REGS(gen_op_movl_T1_, )
399 DEF_REGS(gen_op_movl_T0_, )
402 DEF_REGS(gen_op_movl_T1_, )
408 DEF_REGS(gen_op_movl_T0_, )
411 DEF_REGS(gen_op_movl_T1_, )
417 static GenOpFunc *gen_op_movl_A0_reg[CPU_NB_REGS] = {
418 DEF_REGS(gen_op_movl_A0_, )
421 static GenOpFunc *gen_op_addl_A0_reg_sN[4][CPU_NB_REGS] = {
423 DEF_REGS(gen_op_addl_A0_, )
426 DEF_REGS(gen_op_addl_A0_, _s1)
429 DEF_REGS(gen_op_addl_A0_, _s2)
432 DEF_REGS(gen_op_addl_A0_, _s3)
437 static GenOpFunc *gen_op_movq_A0_reg[CPU_NB_REGS] = {
438 DEF_REGS(gen_op_movq_A0_, )
441 static GenOpFunc *gen_op_addq_A0_reg_sN[4][CPU_NB_REGS] = {
443 DEF_REGS(gen_op_addq_A0_, )
446 DEF_REGS(gen_op_addq_A0_, _s1)
449 DEF_REGS(gen_op_addq_A0_, _s2)
452 DEF_REGS(gen_op_addq_A0_, _s3)
457 static GenOpFunc *gen_op_cmov_reg_T1_T0[NB_OP_SIZES - 1][CPU_NB_REGS] = {
459 DEF_REGS(gen_op_cmovw_, _T1_T0)
462 DEF_REGS(gen_op_cmovl_, _T1_T0)
466 DEF_REGS(gen_op_cmovq_, _T1_T0)
471 static GenOpFunc *gen_op_arith_T0_T1_cc[8] = {
482 #define DEF_ARITHC(SUFFIX)\
484 gen_op_adcb ## SUFFIX ## _T0_T1_cc,\
485 gen_op_sbbb ## SUFFIX ## _T0_T1_cc,\
488 gen_op_adcw ## SUFFIX ## _T0_T1_cc,\
489 gen_op_sbbw ## SUFFIX ## _T0_T1_cc,\
492 gen_op_adcl ## SUFFIX ## _T0_T1_cc,\
493 gen_op_sbbl ## SUFFIX ## _T0_T1_cc,\
496 X86_64_ONLY(gen_op_adcq ## SUFFIX ## _T0_T1_cc),\
497 X86_64_ONLY(gen_op_sbbq ## SUFFIX ## _T0_T1_cc),\
500 static GenOpFunc *gen_op_arithc_T0_T1_cc[4][2] = {
504 static GenOpFunc *gen_op_arithc_mem_T0_T1_cc[3 * 4][2] = {
506 #ifndef CONFIG_USER_ONLY
512 static const int cc_op_arithb[8] = {
523 #define DEF_CMPXCHG(SUFFIX)\
524 gen_op_cmpxchgb ## SUFFIX ## _T0_T1_EAX_cc,\
525 gen_op_cmpxchgw ## SUFFIX ## _T0_T1_EAX_cc,\
526 gen_op_cmpxchgl ## SUFFIX ## _T0_T1_EAX_cc,\
527 X86_64_ONLY(gen_op_cmpxchgq ## SUFFIX ## _T0_T1_EAX_cc),
529 static GenOpFunc *gen_op_cmpxchg_T0_T1_EAX_cc[4] = {
533 static GenOpFunc *gen_op_cmpxchg_mem_T0_T1_EAX_cc[3 * 4] = {
535 #ifndef CONFIG_USER_ONLY
541 #define DEF_SHIFT(SUFFIX)\
543 gen_op_rolb ## SUFFIX ## _T0_T1_cc,\
544 gen_op_rorb ## SUFFIX ## _T0_T1_cc,\
545 gen_op_rclb ## SUFFIX ## _T0_T1_cc,\
546 gen_op_rcrb ## SUFFIX ## _T0_T1_cc,\
547 gen_op_shlb ## SUFFIX ## _T0_T1_cc,\
548 gen_op_shrb ## SUFFIX ## _T0_T1_cc,\
549 gen_op_shlb ## SUFFIX ## _T0_T1_cc,\
550 gen_op_sarb ## SUFFIX ## _T0_T1_cc,\
553 gen_op_rolw ## SUFFIX ## _T0_T1_cc,\
554 gen_op_rorw ## SUFFIX ## _T0_T1_cc,\
555 gen_op_rclw ## SUFFIX ## _T0_T1_cc,\
556 gen_op_rcrw ## SUFFIX ## _T0_T1_cc,\
557 gen_op_shlw ## SUFFIX ## _T0_T1_cc,\
558 gen_op_shrw ## SUFFIX ## _T0_T1_cc,\
559 gen_op_shlw ## SUFFIX ## _T0_T1_cc,\
560 gen_op_sarw ## SUFFIX ## _T0_T1_cc,\
563 gen_op_roll ## SUFFIX ## _T0_T1_cc,\
564 gen_op_rorl ## SUFFIX ## _T0_T1_cc,\
565 gen_op_rcll ## SUFFIX ## _T0_T1_cc,\
566 gen_op_rcrl ## SUFFIX ## _T0_T1_cc,\
567 gen_op_shll ## SUFFIX ## _T0_T1_cc,\
568 gen_op_shrl ## SUFFIX ## _T0_T1_cc,\
569 gen_op_shll ## SUFFIX ## _T0_T1_cc,\
570 gen_op_sarl ## SUFFIX ## _T0_T1_cc,\
573 X86_64_ONLY(gen_op_rolq ## SUFFIX ## _T0_T1_cc),\
574 X86_64_ONLY(gen_op_rorq ## SUFFIX ## _T0_T1_cc),\
575 X86_64_ONLY(gen_op_rclq ## SUFFIX ## _T0_T1_cc),\
576 X86_64_ONLY(gen_op_rcrq ## SUFFIX ## _T0_T1_cc),\
577 X86_64_ONLY(gen_op_shlq ## SUFFIX ## _T0_T1_cc),\
578 X86_64_ONLY(gen_op_shrq ## SUFFIX ## _T0_T1_cc),\
579 X86_64_ONLY(gen_op_shlq ## SUFFIX ## _T0_T1_cc),\
580 X86_64_ONLY(gen_op_sarq ## SUFFIX ## _T0_T1_cc),\
583 static GenOpFunc *gen_op_shift_T0_T1_cc[4][8] = {
587 static GenOpFunc *gen_op_shift_mem_T0_T1_cc[3 * 4][8] = {
589 #ifndef CONFIG_USER_ONLY
595 #define DEF_SHIFTD(SUFFIX, op)\
601 gen_op_shldw ## SUFFIX ## _T0_T1_ ## op ## _cc,\
602 gen_op_shrdw ## SUFFIX ## _T0_T1_ ## op ## _cc,\
605 gen_op_shldl ## SUFFIX ## _T0_T1_ ## op ## _cc,\
606 gen_op_shrdl ## SUFFIX ## _T0_T1_ ## op ## _cc,\
609 X86_64_DEF(gen_op_shldq ## SUFFIX ## _T0_T1_ ## op ## _cc,\
610 gen_op_shrdq ## SUFFIX ## _T0_T1_ ## op ## _cc,)\
613 static GenOpFunc1 *gen_op_shiftd_T0_T1_im_cc[4][2] = {
617 static GenOpFunc *gen_op_shiftd_T0_T1_ECX_cc[4][2] = {
621 static GenOpFunc1 *gen_op_shiftd_mem_T0_T1_im_cc[3 * 4][2] = {
623 #ifndef CONFIG_USER_ONLY
624 DEF_SHIFTD(_kernel, im)
625 DEF_SHIFTD(_user, im)
629 static GenOpFunc *gen_op_shiftd_mem_T0_T1_ECX_cc[3 * 4][2] = {
630 DEF_SHIFTD(_raw, ECX)
631 #ifndef CONFIG_USER_ONLY
632 DEF_SHIFTD(_kernel, ECX)
633 DEF_SHIFTD(_user, ECX)
637 static GenOpFunc *gen_op_btx_T0_T1_cc[3][4] = {
640 gen_op_btsw_T0_T1_cc,
641 gen_op_btrw_T0_T1_cc,
642 gen_op_btcw_T0_T1_cc,
646 gen_op_btsl_T0_T1_cc,
647 gen_op_btrl_T0_T1_cc,
648 gen_op_btcl_T0_T1_cc,
653 gen_op_btsq_T0_T1_cc,
654 gen_op_btrq_T0_T1_cc,
655 gen_op_btcq_T0_T1_cc,
660 static GenOpFunc *gen_op_add_bit_A0_T1[3] = {
661 gen_op_add_bitw_A0_T1,
662 gen_op_add_bitl_A0_T1,
663 X86_64_ONLY(gen_op_add_bitq_A0_T1),
666 static GenOpFunc *gen_op_bsx_T0_cc[3][2] = {
683 static GenOpFunc *gen_op_lds_T0_A0[3 * 4] = {
684 gen_op_ldsb_raw_T0_A0,
685 gen_op_ldsw_raw_T0_A0,
686 X86_64_ONLY(gen_op_ldsl_raw_T0_A0),
688 #ifndef CONFIG_USER_ONLY
689 gen_op_ldsb_kernel_T0_A0,
690 gen_op_ldsw_kernel_T0_A0,
691 X86_64_ONLY(gen_op_ldsl_kernel_T0_A0),
694 gen_op_ldsb_user_T0_A0,
695 gen_op_ldsw_user_T0_A0,
696 X86_64_ONLY(gen_op_ldsl_user_T0_A0),
701 static GenOpFunc *gen_op_ldu_T0_A0[3 * 4] = {
702 gen_op_ldub_raw_T0_A0,
703 gen_op_lduw_raw_T0_A0,
707 #ifndef CONFIG_USER_ONLY
708 gen_op_ldub_kernel_T0_A0,
709 gen_op_lduw_kernel_T0_A0,
713 gen_op_ldub_user_T0_A0,
714 gen_op_lduw_user_T0_A0,
720 /* sign does not matter, except for lidt/lgdt call (TODO: fix it) */
721 static GenOpFunc *gen_op_ld_T0_A0[3 * 4] = {
722 gen_op_ldub_raw_T0_A0,
723 gen_op_lduw_raw_T0_A0,
724 gen_op_ldl_raw_T0_A0,
725 X86_64_ONLY(gen_op_ldq_raw_T0_A0),
727 #ifndef CONFIG_USER_ONLY
728 gen_op_ldub_kernel_T0_A0,
729 gen_op_lduw_kernel_T0_A0,
730 gen_op_ldl_kernel_T0_A0,
731 X86_64_ONLY(gen_op_ldq_kernel_T0_A0),
733 gen_op_ldub_user_T0_A0,
734 gen_op_lduw_user_T0_A0,
735 gen_op_ldl_user_T0_A0,
736 X86_64_ONLY(gen_op_ldq_user_T0_A0),
740 static GenOpFunc *gen_op_ld_T1_A0[3 * 4] = {
741 gen_op_ldub_raw_T1_A0,
742 gen_op_lduw_raw_T1_A0,
743 gen_op_ldl_raw_T1_A0,
744 X86_64_ONLY(gen_op_ldq_raw_T1_A0),
746 #ifndef CONFIG_USER_ONLY
747 gen_op_ldub_kernel_T1_A0,
748 gen_op_lduw_kernel_T1_A0,
749 gen_op_ldl_kernel_T1_A0,
750 X86_64_ONLY(gen_op_ldq_kernel_T1_A0),
752 gen_op_ldub_user_T1_A0,
753 gen_op_lduw_user_T1_A0,
754 gen_op_ldl_user_T1_A0,
755 X86_64_ONLY(gen_op_ldq_user_T1_A0),
759 static GenOpFunc *gen_op_st_T0_A0[3 * 4] = {
760 gen_op_stb_raw_T0_A0,
761 gen_op_stw_raw_T0_A0,
762 gen_op_stl_raw_T0_A0,
763 X86_64_ONLY(gen_op_stq_raw_T0_A0),
765 #ifndef CONFIG_USER_ONLY
766 gen_op_stb_kernel_T0_A0,
767 gen_op_stw_kernel_T0_A0,
768 gen_op_stl_kernel_T0_A0,
769 X86_64_ONLY(gen_op_stq_kernel_T0_A0),
771 gen_op_stb_user_T0_A0,
772 gen_op_stw_user_T0_A0,
773 gen_op_stl_user_T0_A0,
774 X86_64_ONLY(gen_op_stq_user_T0_A0),
778 static GenOpFunc *gen_op_st_T1_A0[3 * 4] = {
780 gen_op_stw_raw_T1_A0,
781 gen_op_stl_raw_T1_A0,
782 X86_64_ONLY(gen_op_stq_raw_T1_A0),
784 #ifndef CONFIG_USER_ONLY
786 gen_op_stw_kernel_T1_A0,
787 gen_op_stl_kernel_T1_A0,
788 X86_64_ONLY(gen_op_stq_kernel_T1_A0),
791 gen_op_stw_user_T1_A0,
792 gen_op_stl_user_T1_A0,
793 X86_64_ONLY(gen_op_stq_user_T1_A0),
797 static inline void gen_jmp_im(target_ulong pc)
800 if (pc == (uint32_t)pc) {
801 gen_op_movl_eip_im(pc);
802 } else if (pc == (int32_t)pc) {
803 gen_op_movq_eip_im(pc);
805 gen_op_movq_eip_im64(pc >> 32, pc);
808 gen_op_movl_eip_im(pc);
812 static inline void gen_string_movl_A0_ESI(DisasContext *s)
816 override = s->override;
820 gen_op_movq_A0_seg(offsetof(CPUX86State,segs[override].base));
821 gen_op_addq_A0_reg_sN[0][R_ESI]();
823 gen_op_movq_A0_reg[R_ESI]();
829 if (s->addseg && override < 0)
832 gen_op_movl_A0_seg(offsetof(CPUX86State,segs[override].base));
833 gen_op_addl_A0_reg_sN[0][R_ESI]();
835 gen_op_movl_A0_reg[R_ESI]();
838 /* 16 address, always override */
841 gen_op_movl_A0_reg[R_ESI]();
842 gen_op_andl_A0_ffff();
843 gen_op_addl_A0_seg(offsetof(CPUX86State,segs[override].base));
847 static inline void gen_string_movl_A0_EDI(DisasContext *s)
851 gen_op_movq_A0_reg[R_EDI]();
856 gen_op_movl_A0_seg(offsetof(CPUX86State,segs[R_ES].base));
857 gen_op_addl_A0_reg_sN[0][R_EDI]();
859 gen_op_movl_A0_reg[R_EDI]();
862 gen_op_movl_A0_reg[R_EDI]();
863 gen_op_andl_A0_ffff();
864 gen_op_addl_A0_seg(offsetof(CPUX86State,segs[R_ES].base));
868 static GenOpFunc *gen_op_movl_T0_Dshift[4] = {
869 gen_op_movl_T0_Dshiftb,
870 gen_op_movl_T0_Dshiftw,
871 gen_op_movl_T0_Dshiftl,
872 X86_64_ONLY(gen_op_movl_T0_Dshiftq),
875 static GenOpFunc1 *gen_op_jnz_ecx[3] = {
878 X86_64_ONLY(gen_op_jnz_ecxq),
881 static GenOpFunc1 *gen_op_jz_ecx[3] = {
884 X86_64_ONLY(gen_op_jz_ecxq),
887 static GenOpFunc *gen_op_dec_ECX[3] = {
890 X86_64_ONLY(gen_op_decq_ECX),
893 static GenOpFunc1 *gen_op_string_jnz_sub[2][4] = {
898 X86_64_ONLY(gen_op_jnz_subq),
904 X86_64_ONLY(gen_op_jz_subq),
908 static GenOpFunc *gen_op_in_DX_T0[3] = {
914 static GenOpFunc *gen_op_out_DX_T0[3] = {
920 static GenOpFunc *gen_op_in[3] = {
926 static GenOpFunc *gen_op_out[3] = {
932 static GenOpFunc *gen_check_io_T0[3] = {
938 static GenOpFunc *gen_check_io_DX[3] = {
944 static void gen_check_io(DisasContext *s, int ot, int use_dx, target_ulong cur_eip)
946 if (s->pe && (s->cpl > s->iopl || s->vm86)) {
947 if (s->cc_op != CC_OP_DYNAMIC)
948 gen_op_set_cc_op(s->cc_op);
951 gen_check_io_DX[ot]();
953 gen_check_io_T0[ot]();
957 static inline void gen_movs(DisasContext *s, int ot)
959 gen_string_movl_A0_ESI(s);
960 gen_op_ld_T0_A0[ot + s->mem_index]();
961 gen_string_movl_A0_EDI(s);
962 gen_op_st_T0_A0[ot + s->mem_index]();
963 gen_op_movl_T0_Dshift[ot]();
966 gen_op_addq_ESI_T0();
967 gen_op_addq_EDI_T0();
971 gen_op_addl_ESI_T0();
972 gen_op_addl_EDI_T0();
974 gen_op_addw_ESI_T0();
975 gen_op_addw_EDI_T0();
979 static inline void gen_update_cc_op(DisasContext *s)
981 if (s->cc_op != CC_OP_DYNAMIC) {
982 gen_op_set_cc_op(s->cc_op);
983 s->cc_op = CC_OP_DYNAMIC;
987 /* XXX: does not work with gdbstub "ice" single step - not a
989 static int gen_jz_ecx_string(DisasContext *s, target_ulong next_eip)
993 l1 = gen_new_label();
994 l2 = gen_new_label();
995 gen_op_jnz_ecx[s->aflag](l1);
997 gen_jmp_tb(s, next_eip, 1);
1002 static inline void gen_stos(DisasContext *s, int ot)
1004 gen_op_mov_TN_reg[OT_LONG][0][R_EAX]();
1005 gen_string_movl_A0_EDI(s);
1006 gen_op_st_T0_A0[ot + s->mem_index]();
1007 gen_op_movl_T0_Dshift[ot]();
1008 #ifdef TARGET_X86_64
1009 if (s->aflag == 2) {
1010 gen_op_addq_EDI_T0();
1014 gen_op_addl_EDI_T0();
1016 gen_op_addw_EDI_T0();
1020 static inline void gen_lods(DisasContext *s, int ot)
1022 gen_string_movl_A0_ESI(s);
1023 gen_op_ld_T0_A0[ot + s->mem_index]();
1024 gen_op_mov_reg_T0[ot][R_EAX]();
1025 gen_op_movl_T0_Dshift[ot]();
1026 #ifdef TARGET_X86_64
1027 if (s->aflag == 2) {
1028 gen_op_addq_ESI_T0();
1032 gen_op_addl_ESI_T0();
1034 gen_op_addw_ESI_T0();
1038 static inline void gen_scas(DisasContext *s, int ot)
1040 gen_op_mov_TN_reg[OT_LONG][0][R_EAX]();
1041 gen_string_movl_A0_EDI(s);
1042 gen_op_ld_T1_A0[ot + s->mem_index]();
1043 gen_op_cmpl_T0_T1_cc();
1044 gen_op_movl_T0_Dshift[ot]();
1045 #ifdef TARGET_X86_64
1046 if (s->aflag == 2) {
1047 gen_op_addq_EDI_T0();
1051 gen_op_addl_EDI_T0();
1053 gen_op_addw_EDI_T0();
1057 static inline void gen_cmps(DisasContext *s, int ot)
1059 gen_string_movl_A0_ESI(s);
1060 gen_op_ld_T0_A0[ot + s->mem_index]();
1061 gen_string_movl_A0_EDI(s);
1062 gen_op_ld_T1_A0[ot + s->mem_index]();
1063 gen_op_cmpl_T0_T1_cc();
1064 gen_op_movl_T0_Dshift[ot]();
1065 #ifdef TARGET_X86_64
1066 if (s->aflag == 2) {
1067 gen_op_addq_ESI_T0();
1068 gen_op_addq_EDI_T0();
1072 gen_op_addl_ESI_T0();
1073 gen_op_addl_EDI_T0();
1075 gen_op_addw_ESI_T0();
1076 gen_op_addw_EDI_T0();
1080 static inline void gen_ins(DisasContext *s, int ot)
1082 gen_string_movl_A0_EDI(s);
1084 gen_op_st_T0_A0[ot + s->mem_index]();
1085 gen_op_in_DX_T0[ot]();
1086 gen_op_st_T0_A0[ot + s->mem_index]();
1087 gen_op_movl_T0_Dshift[ot]();
1088 #ifdef TARGET_X86_64
1089 if (s->aflag == 2) {
1090 gen_op_addq_EDI_T0();
1094 gen_op_addl_EDI_T0();
1096 gen_op_addw_EDI_T0();
1100 static inline void gen_outs(DisasContext *s, int ot)
1102 gen_string_movl_A0_ESI(s);
1103 gen_op_ld_T0_A0[ot + s->mem_index]();
1104 gen_op_out_DX_T0[ot]();
1105 gen_op_movl_T0_Dshift[ot]();
1106 #ifdef TARGET_X86_64
1107 if (s->aflag == 2) {
1108 gen_op_addq_ESI_T0();
1112 gen_op_addl_ESI_T0();
1114 gen_op_addw_ESI_T0();
1118 /* same method as Valgrind : we generate jumps to current or next
1120 #define GEN_REPZ(op) \
1121 static inline void gen_repz_ ## op(DisasContext *s, int ot, \
1122 target_ulong cur_eip, target_ulong next_eip) \
1125 gen_update_cc_op(s); \
1126 l2 = gen_jz_ecx_string(s, next_eip); \
1127 gen_ ## op(s, ot); \
1128 gen_op_dec_ECX[s->aflag](); \
1129 /* a loop would cause two single step exceptions if ECX = 1 \
1130 before rep string_insn */ \
1132 gen_op_jz_ecx[s->aflag](l2); \
1133 gen_jmp(s, cur_eip); \
1136 #define GEN_REPZ2(op) \
1137 static inline void gen_repz_ ## op(DisasContext *s, int ot, \
1138 target_ulong cur_eip, \
1139 target_ulong next_eip, \
1143 gen_update_cc_op(s); \
1144 l2 = gen_jz_ecx_string(s, next_eip); \
1145 gen_ ## op(s, ot); \
1146 gen_op_dec_ECX[s->aflag](); \
1147 gen_op_set_cc_op(CC_OP_SUBB + ot); \
1148 gen_op_string_jnz_sub[nz][ot](l2);\
1150 gen_op_jz_ecx[s->aflag](l2); \
1151 gen_jmp(s, cur_eip); \
1173 static GenOpFunc1 *gen_jcc_sub[4][8] = {
1204 #ifdef TARGET_X86_64
1207 BUGGY_64(gen_op_jb_subq),
1209 BUGGY_64(gen_op_jbe_subq),
1212 BUGGY_64(gen_op_jl_subq),
1213 BUGGY_64(gen_op_jle_subq),
1217 static GenOpFunc1 *gen_op_loop[3][4] = {
1228 #ifdef TARGET_X86_64
1237 static GenOpFunc *gen_setcc_slow[8] = {
1248 static GenOpFunc *gen_setcc_sub[4][8] = {
1251 gen_op_setb_T0_subb,
1252 gen_op_setz_T0_subb,
1253 gen_op_setbe_T0_subb,
1254 gen_op_sets_T0_subb,
1256 gen_op_setl_T0_subb,
1257 gen_op_setle_T0_subb,
1261 gen_op_setb_T0_subw,
1262 gen_op_setz_T0_subw,
1263 gen_op_setbe_T0_subw,
1264 gen_op_sets_T0_subw,
1266 gen_op_setl_T0_subw,
1267 gen_op_setle_T0_subw,
1271 gen_op_setb_T0_subl,
1272 gen_op_setz_T0_subl,
1273 gen_op_setbe_T0_subl,
1274 gen_op_sets_T0_subl,
1276 gen_op_setl_T0_subl,
1277 gen_op_setle_T0_subl,
1279 #ifdef TARGET_X86_64
1282 gen_op_setb_T0_subq,
1283 gen_op_setz_T0_subq,
1284 gen_op_setbe_T0_subq,
1285 gen_op_sets_T0_subq,
1287 gen_op_setl_T0_subq,
1288 gen_op_setle_T0_subq,
1293 static GenOpFunc *gen_op_fp_arith_ST0_FT0[8] = {
1294 gen_op_fadd_ST0_FT0,
1295 gen_op_fmul_ST0_FT0,
1296 gen_op_fcom_ST0_FT0,
1297 gen_op_fcom_ST0_FT0,
1298 gen_op_fsub_ST0_FT0,
1299 gen_op_fsubr_ST0_FT0,
1300 gen_op_fdiv_ST0_FT0,
1301 gen_op_fdivr_ST0_FT0,
1304 /* NOTE the exception in "r" op ordering */
1305 static GenOpFunc1 *gen_op_fp_arith_STN_ST0[8] = {
1306 gen_op_fadd_STN_ST0,
1307 gen_op_fmul_STN_ST0,
1310 gen_op_fsubr_STN_ST0,
1311 gen_op_fsub_STN_ST0,
1312 gen_op_fdivr_STN_ST0,
1313 gen_op_fdiv_STN_ST0,
1316 /* if d == OR_TMP0, it means memory operand (address in A0) */
1317 static void gen_op(DisasContext *s1, int op, int ot, int d)
1319 GenOpFunc *gen_update_cc;
1322 gen_op_mov_TN_reg[ot][0][d]();
1324 gen_op_ld_T0_A0[ot + s1->mem_index]();
1329 if (s1->cc_op != CC_OP_DYNAMIC)
1330 gen_op_set_cc_op(s1->cc_op);
1332 gen_op_arithc_T0_T1_cc[ot][op - OP_ADCL]();
1333 gen_op_mov_reg_T0[ot][d]();
1335 gen_op_arithc_mem_T0_T1_cc[ot + s1->mem_index][op - OP_ADCL]();
1337 s1->cc_op = CC_OP_DYNAMIC;
1340 gen_op_addl_T0_T1();
1341 s1->cc_op = CC_OP_ADDB + ot;
1342 gen_update_cc = gen_op_update2_cc;
1345 gen_op_subl_T0_T1();
1346 s1->cc_op = CC_OP_SUBB + ot;
1347 gen_update_cc = gen_op_update2_cc;
1353 gen_op_arith_T0_T1_cc[op]();
1354 s1->cc_op = CC_OP_LOGICB + ot;
1355 gen_update_cc = gen_op_update1_cc;
1358 gen_op_cmpl_T0_T1_cc();
1359 s1->cc_op = CC_OP_SUBB + ot;
1360 gen_update_cc = NULL;
1363 if (op != OP_CMPL) {
1365 gen_op_mov_reg_T0[ot][d]();
1367 gen_op_st_T0_A0[ot + s1->mem_index]();
1369 /* the flags update must happen after the memory write (precise
1370 exception support) */
1376 /* if d == OR_TMP0, it means memory operand (address in A0) */
1377 static void gen_inc(DisasContext *s1, int ot, int d, int c)
1380 gen_op_mov_TN_reg[ot][0][d]();
1382 gen_op_ld_T0_A0[ot + s1->mem_index]();
1383 if (s1->cc_op != CC_OP_DYNAMIC)
1384 gen_op_set_cc_op(s1->cc_op);
1387 s1->cc_op = CC_OP_INCB + ot;
1390 s1->cc_op = CC_OP_DECB + ot;
1393 gen_op_mov_reg_T0[ot][d]();
1395 gen_op_st_T0_A0[ot + s1->mem_index]();
1396 gen_op_update_inc_cc();
1399 static void gen_shift(DisasContext *s1, int op, int ot, int d, int s)
1402 gen_op_mov_TN_reg[ot][0][d]();
1404 gen_op_ld_T0_A0[ot + s1->mem_index]();
1406 gen_op_mov_TN_reg[ot][1][s]();
1407 /* for zero counts, flags are not updated, so must do it dynamically */
1408 if (s1->cc_op != CC_OP_DYNAMIC)
1409 gen_op_set_cc_op(s1->cc_op);
1412 gen_op_shift_T0_T1_cc[ot][op]();
1414 gen_op_shift_mem_T0_T1_cc[ot + s1->mem_index][op]();
1416 gen_op_mov_reg_T0[ot][d]();
1417 s1->cc_op = CC_OP_DYNAMIC; /* cannot predict flags after */
1420 static void gen_shifti(DisasContext *s1, int op, int ot, int d, int c)
1422 /* currently not optimized */
1423 gen_op_movl_T1_im(c);
1424 gen_shift(s1, op, ot, d, OR_TMP1);
1427 static void gen_lea_modrm(DisasContext *s, int modrm, int *reg_ptr, int *offset_ptr)
1435 int mod, rm, code, override, must_add_seg;
1437 override = s->override;
1438 must_add_seg = s->addseg;
1441 mod = (modrm >> 6) & 3;
1453 code = ldub_code(s->pc++);
1454 scale = (code >> 6) & 3;
1455 index = ((code >> 3) & 7) | REX_X(s);
1462 if ((base & 7) == 5) {
1464 disp = (int32_t)ldl_code(s->pc);
1466 if (CODE64(s) && !havesib) {
1467 disp += s->pc + s->rip_offset;
1474 disp = (int8_t)ldub_code(s->pc++);
1478 disp = ldl_code(s->pc);
1484 /* for correct popl handling with esp */
1485 if (base == 4 && s->popl_esp_hack)
1486 disp += s->popl_esp_hack;
1487 #ifdef TARGET_X86_64
1488 if (s->aflag == 2) {
1489 gen_op_movq_A0_reg[base]();
1491 if ((int32_t)disp == disp)
1492 gen_op_addq_A0_im(disp);
1494 gen_op_addq_A0_im64(disp >> 32, disp);
1499 gen_op_movl_A0_reg[base]();
1501 gen_op_addl_A0_im(disp);
1504 #ifdef TARGET_X86_64
1505 if (s->aflag == 2) {
1506 if ((int32_t)disp == disp)
1507 gen_op_movq_A0_im(disp);
1509 gen_op_movq_A0_im64(disp >> 32, disp);
1513 gen_op_movl_A0_im(disp);
1516 /* XXX: index == 4 is always invalid */
1517 if (havesib && (index != 4 || scale != 0)) {
1518 #ifdef TARGET_X86_64
1519 if (s->aflag == 2) {
1520 gen_op_addq_A0_reg_sN[scale][index]();
1524 gen_op_addl_A0_reg_sN[scale][index]();
1529 if (base == R_EBP || base == R_ESP)
1534 #ifdef TARGET_X86_64
1535 if (s->aflag == 2) {
1536 gen_op_addq_A0_seg(offsetof(CPUX86State,segs[override].base));
1540 gen_op_addl_A0_seg(offsetof(CPUX86State,segs[override].base));
1547 disp = lduw_code(s->pc);
1549 gen_op_movl_A0_im(disp);
1550 rm = 0; /* avoid SS override */
1557 disp = (int8_t)ldub_code(s->pc++);
1561 disp = lduw_code(s->pc);
1567 gen_op_movl_A0_reg[R_EBX]();
1568 gen_op_addl_A0_reg_sN[0][R_ESI]();
1571 gen_op_movl_A0_reg[R_EBX]();
1572 gen_op_addl_A0_reg_sN[0][R_EDI]();
1575 gen_op_movl_A0_reg[R_EBP]();
1576 gen_op_addl_A0_reg_sN[0][R_ESI]();
1579 gen_op_movl_A0_reg[R_EBP]();
1580 gen_op_addl_A0_reg_sN[0][R_EDI]();
1583 gen_op_movl_A0_reg[R_ESI]();
1586 gen_op_movl_A0_reg[R_EDI]();
1589 gen_op_movl_A0_reg[R_EBP]();
1593 gen_op_movl_A0_reg[R_EBX]();
1597 gen_op_addl_A0_im(disp);
1598 gen_op_andl_A0_ffff();
1602 if (rm == 2 || rm == 3 || rm == 6)
1607 gen_op_addl_A0_seg(offsetof(CPUX86State,segs[override].base));
1617 /* used for LEA and MOV AX, mem */
1618 static void gen_add_A0_ds_seg(DisasContext *s)
1620 int override, must_add_seg;
1621 must_add_seg = s->addseg;
1623 if (s->override >= 0) {
1624 override = s->override;
1630 #ifdef TARGET_X86_64
1632 gen_op_addq_A0_seg(offsetof(CPUX86State,segs[override].base));
1636 gen_op_addl_A0_seg(offsetof(CPUX86State,segs[override].base));
1641 /* generate modrm memory load or store of 'reg'. TMP0 is used if reg !=
1643 static void gen_ldst_modrm(DisasContext *s, int modrm, int ot, int reg, int is_store)
1645 int mod, rm, opreg, disp;
1647 mod = (modrm >> 6) & 3;
1648 rm = (modrm & 7) | REX_B(s);
1652 gen_op_mov_TN_reg[ot][0][reg]();
1653 gen_op_mov_reg_T0[ot][rm]();
1655 gen_op_mov_TN_reg[ot][0][rm]();
1657 gen_op_mov_reg_T0[ot][reg]();
1660 gen_lea_modrm(s, modrm, &opreg, &disp);
1663 gen_op_mov_TN_reg[ot][0][reg]();
1664 gen_op_st_T0_A0[ot + s->mem_index]();
1666 gen_op_ld_T0_A0[ot + s->mem_index]();
1668 gen_op_mov_reg_T0[ot][reg]();
1673 static inline uint32_t insn_get(DisasContext *s, int ot)
1679 ret = ldub_code(s->pc);
1683 ret = lduw_code(s->pc);
1688 ret = ldl_code(s->pc);
1695 static inline int insn_const_size(unsigned int ot)
1703 static inline void gen_goto_tb(DisasContext *s, int tb_num, target_ulong eip)
1705 TranslationBlock *tb;
1708 pc = s->cs_base + eip;
1710 /* NOTE: we handle the case where the TB spans two pages here */
1711 if ((pc & TARGET_PAGE_MASK) == (tb->pc & TARGET_PAGE_MASK) ||
1712 (pc & TARGET_PAGE_MASK) == ((s->pc - 1) & TARGET_PAGE_MASK)) {
1713 /* jump to same page: we can use a direct jump */
1715 gen_op_goto_tb0(TBPARAM(tb));
1717 gen_op_goto_tb1(TBPARAM(tb));
1719 gen_op_movl_T0_im((long)tb + tb_num);
1722 /* jump to another page: currently not optimized */
1728 static inline void gen_jcc(DisasContext *s, int b,
1729 target_ulong val, target_ulong next_eip)
1731 TranslationBlock *tb;
1738 jcc_op = (b >> 1) & 7;
1742 /* we optimize the cmp/jcc case */
1747 func = gen_jcc_sub[s->cc_op - CC_OP_SUBB][jcc_op];
1750 /* some jumps are easy to compute */
1792 func = gen_jcc_sub[(s->cc_op - CC_OP_ADDB) % 4][jcc_op];
1795 func = gen_jcc_sub[(s->cc_op - CC_OP_ADDB) % 4][jcc_op];
1807 if (s->cc_op != CC_OP_DYNAMIC) {
1808 gen_op_set_cc_op(s->cc_op);
1809 s->cc_op = CC_OP_DYNAMIC;
1813 gen_setcc_slow[jcc_op]();
1814 func = gen_op_jnz_T0_label;
1824 l1 = gen_new_label();
1827 gen_goto_tb(s, 0, next_eip);
1830 gen_goto_tb(s, 1, val);
1835 if (s->cc_op != CC_OP_DYNAMIC) {
1836 gen_op_set_cc_op(s->cc_op);
1837 s->cc_op = CC_OP_DYNAMIC;
1839 gen_setcc_slow[jcc_op]();
1845 l1 = gen_new_label();
1846 l2 = gen_new_label();
1847 gen_op_jnz_T0_label(l1);
1848 gen_jmp_im(next_eip);
1849 gen_op_jmp_label(l2);
1857 static void gen_setcc(DisasContext *s, int b)
1863 jcc_op = (b >> 1) & 7;
1865 /* we optimize the cmp/jcc case */
1870 func = gen_setcc_sub[s->cc_op - CC_OP_SUBB][jcc_op];
1875 /* some jumps are easy to compute */
1902 func = gen_setcc_sub[(s->cc_op - CC_OP_ADDB) % 4][jcc_op];
1905 func = gen_setcc_sub[(s->cc_op - CC_OP_ADDB) % 4][jcc_op];
1913 if (s->cc_op != CC_OP_DYNAMIC)
1914 gen_op_set_cc_op(s->cc_op);
1915 func = gen_setcc_slow[jcc_op];
1924 /* move T0 to seg_reg and compute if the CPU state may change. Never
1925 call this function with seg_reg == R_CS */
1926 static void gen_movl_seg_T0(DisasContext *s, int seg_reg, target_ulong cur_eip)
1928 if (s->pe && !s->vm86) {
1929 /* XXX: optimize by finding processor state dynamically */
1930 if (s->cc_op != CC_OP_DYNAMIC)
1931 gen_op_set_cc_op(s->cc_op);
1932 gen_jmp_im(cur_eip);
1933 gen_op_movl_seg_T0(seg_reg);
1934 /* abort translation because the addseg value may change or
1935 because ss32 may change. For R_SS, translation must always
1936 stop as a special handling must be done to disable hardware
1937 interrupts for the next instruction */
1938 if (seg_reg == R_SS || (s->code32 && seg_reg < R_FS))
1941 gen_op_movl_seg_T0_vm(offsetof(CPUX86State,segs[seg_reg]));
1942 if (seg_reg == R_SS)
1947 static inline void gen_stack_update(DisasContext *s, int addend)
1949 #ifdef TARGET_X86_64
1952 gen_op_addq_ESP_8();
1954 gen_op_addq_ESP_im(addend);
1959 gen_op_addl_ESP_2();
1960 else if (addend == 4)
1961 gen_op_addl_ESP_4();
1963 gen_op_addl_ESP_im(addend);
1966 gen_op_addw_ESP_2();
1967 else if (addend == 4)
1968 gen_op_addw_ESP_4();
1970 gen_op_addw_ESP_im(addend);
1974 /* generate a push. It depends on ss32, addseg and dflag */
1975 static void gen_push_T0(DisasContext *s)
1977 #ifdef TARGET_X86_64
1979 gen_op_movq_A0_reg[R_ESP]();
1982 gen_op_st_T0_A0[OT_QUAD + s->mem_index]();
1985 gen_op_st_T0_A0[OT_WORD + s->mem_index]();
1987 gen_op_movq_ESP_A0();
1991 gen_op_movl_A0_reg[R_ESP]();
1998 gen_op_movl_T1_A0();
1999 gen_op_addl_A0_SS();
2002 gen_op_andl_A0_ffff();
2003 gen_op_movl_T1_A0();
2004 gen_op_addl_A0_SS();
2006 gen_op_st_T0_A0[s->dflag + 1 + s->mem_index]();
2007 if (s->ss32 && !s->addseg)
2008 gen_op_movl_ESP_A0();
2010 gen_op_mov_reg_T1[s->ss32 + 1][R_ESP]();
2014 /* generate a push. It depends on ss32, addseg and dflag */
2015 /* slower version for T1, only used for call Ev */
2016 static void gen_push_T1(DisasContext *s)
2018 #ifdef TARGET_X86_64
2020 gen_op_movq_A0_reg[R_ESP]();
2023 gen_op_st_T1_A0[OT_QUAD + s->mem_index]();
2026 gen_op_st_T0_A0[OT_WORD + s->mem_index]();
2028 gen_op_movq_ESP_A0();
2032 gen_op_movl_A0_reg[R_ESP]();
2039 gen_op_addl_A0_SS();
2042 gen_op_andl_A0_ffff();
2043 gen_op_addl_A0_SS();
2045 gen_op_st_T1_A0[s->dflag + 1 + s->mem_index]();
2047 if (s->ss32 && !s->addseg)
2048 gen_op_movl_ESP_A0();
2050 gen_stack_update(s, (-2) << s->dflag);
2054 /* two step pop is necessary for precise exceptions */
2055 static void gen_pop_T0(DisasContext *s)
2057 #ifdef TARGET_X86_64
2059 gen_op_movq_A0_reg[R_ESP]();
2060 gen_op_ld_T0_A0[(s->dflag ? OT_QUAD : OT_WORD) + s->mem_index]();
2064 gen_op_movl_A0_reg[R_ESP]();
2067 gen_op_addl_A0_SS();
2069 gen_op_andl_A0_ffff();
2070 gen_op_addl_A0_SS();
2072 gen_op_ld_T0_A0[s->dflag + 1 + s->mem_index]();
2076 static void gen_pop_update(DisasContext *s)
2078 #ifdef TARGET_X86_64
2079 if (CODE64(s) && s->dflag) {
2080 gen_stack_update(s, 8);
2084 gen_stack_update(s, 2 << s->dflag);
2088 static void gen_stack_A0(DisasContext *s)
2090 gen_op_movl_A0_ESP();
2092 gen_op_andl_A0_ffff();
2093 gen_op_movl_T1_A0();
2095 gen_op_addl_A0_seg(offsetof(CPUX86State,segs[R_SS].base));
2098 /* NOTE: wrap around in 16 bit not fully handled */
2099 static void gen_pusha(DisasContext *s)
2102 gen_op_movl_A0_ESP();
2103 gen_op_addl_A0_im(-16 << s->dflag);
2105 gen_op_andl_A0_ffff();
2106 gen_op_movl_T1_A0();
2108 gen_op_addl_A0_seg(offsetof(CPUX86State,segs[R_SS].base));
2109 for(i = 0;i < 8; i++) {
2110 gen_op_mov_TN_reg[OT_LONG][0][7 - i]();
2111 gen_op_st_T0_A0[OT_WORD + s->dflag + s->mem_index]();
2112 gen_op_addl_A0_im(2 << s->dflag);
2114 gen_op_mov_reg_T1[OT_WORD + s->ss32][R_ESP]();
2117 /* NOTE: wrap around in 16 bit not fully handled */
2118 static void gen_popa(DisasContext *s)
2121 gen_op_movl_A0_ESP();
2123 gen_op_andl_A0_ffff();
2124 gen_op_movl_T1_A0();
2125 gen_op_addl_T1_im(16 << s->dflag);
2127 gen_op_addl_A0_seg(offsetof(CPUX86State,segs[R_SS].base));
2128 for(i = 0;i < 8; i++) {
2129 /* ESP is not reloaded */
2131 gen_op_ld_T0_A0[OT_WORD + s->dflag + s->mem_index]();
2132 gen_op_mov_reg_T0[OT_WORD + s->dflag][7 - i]();
2134 gen_op_addl_A0_im(2 << s->dflag);
2136 gen_op_mov_reg_T1[OT_WORD + s->ss32][R_ESP]();
2139 static void gen_enter(DisasContext *s, int esp_addend, int level)
2144 #ifdef TARGET_X86_64
2146 ot = s->dflag ? OT_QUAD : OT_WORD;
2149 gen_op_movl_A0_ESP();
2150 gen_op_addq_A0_im(-opsize);
2151 gen_op_movl_T1_A0();
2154 gen_op_mov_TN_reg[OT_LONG][0][R_EBP]();
2155 gen_op_st_T0_A0[ot + s->mem_index]();
2157 gen_op_enter64_level(level, (ot == OT_QUAD));
2159 gen_op_mov_reg_T1[ot][R_EBP]();
2160 gen_op_addl_T1_im( -esp_addend + (-opsize * level) );
2161 gen_op_mov_reg_T1[OT_QUAD][R_ESP]();
2165 ot = s->dflag + OT_WORD;
2166 opsize = 2 << s->dflag;
2168 gen_op_movl_A0_ESP();
2169 gen_op_addl_A0_im(-opsize);
2171 gen_op_andl_A0_ffff();
2172 gen_op_movl_T1_A0();
2174 gen_op_addl_A0_seg(offsetof(CPUX86State,segs[R_SS].base));
2176 gen_op_mov_TN_reg[OT_LONG][0][R_EBP]();
2177 gen_op_st_T0_A0[ot + s->mem_index]();
2179 gen_op_enter_level(level, s->dflag);
2181 gen_op_mov_reg_T1[ot][R_EBP]();
2182 gen_op_addl_T1_im( -esp_addend + (-opsize * level) );
2183 gen_op_mov_reg_T1[OT_WORD + s->ss32][R_ESP]();
2187 static void gen_exception(DisasContext *s, int trapno, target_ulong cur_eip)
2189 if (s->cc_op != CC_OP_DYNAMIC)
2190 gen_op_set_cc_op(s->cc_op);
2191 gen_jmp_im(cur_eip);
2192 gen_op_raise_exception(trapno);
2196 /* an interrupt is different from an exception because of the
2197 priviledge checks */
2198 static void gen_interrupt(DisasContext *s, int intno,
2199 target_ulong cur_eip, target_ulong next_eip)
2201 if (s->cc_op != CC_OP_DYNAMIC)
2202 gen_op_set_cc_op(s->cc_op);
2203 gen_jmp_im(cur_eip);
2204 gen_op_raise_interrupt(intno, (int)(next_eip - cur_eip));
2208 static void gen_debug(DisasContext *s, target_ulong cur_eip)
2210 if (s->cc_op != CC_OP_DYNAMIC)
2211 gen_op_set_cc_op(s->cc_op);
2212 gen_jmp_im(cur_eip);
2217 /* generate a generic end of block. Trace exception is also generated
2219 static void gen_eob(DisasContext *s)
2221 if (s->cc_op != CC_OP_DYNAMIC)
2222 gen_op_set_cc_op(s->cc_op);
2223 if (s->tb->flags & HF_INHIBIT_IRQ_MASK) {
2224 gen_op_reset_inhibit_irq();
2226 if (s->singlestep_enabled) {
2229 gen_op_raise_exception(EXCP01_SSTP);
2237 /* generate a jump to eip. No segment change must happen before as a
2238 direct call to the next block may occur */
2239 static void gen_jmp_tb(DisasContext *s, target_ulong eip, int tb_num)
2242 if (s->cc_op != CC_OP_DYNAMIC) {
2243 gen_op_set_cc_op(s->cc_op);
2244 s->cc_op = CC_OP_DYNAMIC;
2246 gen_goto_tb(s, tb_num, eip);
2254 static void gen_jmp(DisasContext *s, target_ulong eip)
2256 gen_jmp_tb(s, eip, 0);
2259 static void gen_movtl_T0_im(target_ulong val)
2261 #ifdef TARGET_X86_64
2262 if ((int32_t)val == val) {
2263 gen_op_movl_T0_im(val);
2265 gen_op_movq_T0_im64(val >> 32, val);
2268 gen_op_movl_T0_im(val);
2272 static void gen_movtl_T1_im(target_ulong val)
2274 #ifdef TARGET_X86_64
2275 if ((int32_t)val == val) {
2276 gen_op_movl_T1_im(val);
2278 gen_op_movq_T1_im64(val >> 32, val);
2281 gen_op_movl_T1_im(val);
2285 static void gen_add_A0_im(DisasContext *s, int val)
2287 #ifdef TARGET_X86_64
2289 gen_op_addq_A0_im(val);
2292 gen_op_addl_A0_im(val);
2295 static GenOpFunc1 *gen_ldq_env_A0[3] = {
2296 gen_op_ldq_raw_env_A0,
2297 #ifndef CONFIG_USER_ONLY
2298 gen_op_ldq_kernel_env_A0,
2299 gen_op_ldq_user_env_A0,
2303 static GenOpFunc1 *gen_stq_env_A0[3] = {
2304 gen_op_stq_raw_env_A0,
2305 #ifndef CONFIG_USER_ONLY
2306 gen_op_stq_kernel_env_A0,
2307 gen_op_stq_user_env_A0,
2311 static GenOpFunc1 *gen_ldo_env_A0[3] = {
2312 gen_op_ldo_raw_env_A0,
2313 #ifndef CONFIG_USER_ONLY
2314 gen_op_ldo_kernel_env_A0,
2315 gen_op_ldo_user_env_A0,
2319 static GenOpFunc1 *gen_sto_env_A0[3] = {
2320 gen_op_sto_raw_env_A0,
2321 #ifndef CONFIG_USER_ONLY
2322 gen_op_sto_kernel_env_A0,
2323 gen_op_sto_user_env_A0,
2327 #define SSE_SPECIAL ((GenOpFunc2 *)1)
2329 #define MMX_OP2(x) { gen_op_ ## x ## _mmx, gen_op_ ## x ## _xmm }
2330 #define SSE_FOP(x) { gen_op_ ## x ## ps, gen_op_ ## x ## pd, \
2331 gen_op_ ## x ## ss, gen_op_ ## x ## sd, }
2333 static GenOpFunc2 *sse_op_table1[256][4] = {
2334 /* pure SSE operations */
2335 [0x10] = { SSE_SPECIAL, SSE_SPECIAL, SSE_SPECIAL, SSE_SPECIAL }, /* movups, movupd, movss, movsd */
2336 [0x11] = { SSE_SPECIAL, SSE_SPECIAL, SSE_SPECIAL, SSE_SPECIAL }, /* movups, movupd, movss, movsd */
2337 [0x12] = { SSE_SPECIAL, SSE_SPECIAL, SSE_SPECIAL, SSE_SPECIAL }, /* movlps, movlpd, movsldup, movddup */
2338 [0x13] = { SSE_SPECIAL, SSE_SPECIAL }, /* movlps, movlpd */
2339 [0x14] = { gen_op_punpckldq_xmm, gen_op_punpcklqdq_xmm },
2340 [0x15] = { gen_op_punpckhdq_xmm, gen_op_punpckhqdq_xmm },
2341 [0x16] = { SSE_SPECIAL, SSE_SPECIAL, SSE_SPECIAL }, /* movhps, movhpd, movshdup */
2342 [0x17] = { SSE_SPECIAL, SSE_SPECIAL }, /* movhps, movhpd */
2344 [0x28] = { SSE_SPECIAL, SSE_SPECIAL }, /* movaps, movapd */
2345 [0x29] = { SSE_SPECIAL, SSE_SPECIAL }, /* movaps, movapd */
2346 [0x2a] = { SSE_SPECIAL, SSE_SPECIAL, SSE_SPECIAL, SSE_SPECIAL }, /* cvtpi2ps, cvtpi2pd, cvtsi2ss, cvtsi2sd */
2347 [0x2b] = { SSE_SPECIAL, SSE_SPECIAL }, /* movntps, movntpd */
2348 [0x2c] = { SSE_SPECIAL, SSE_SPECIAL, SSE_SPECIAL, SSE_SPECIAL }, /* cvttps2pi, cvttpd2pi, cvttsd2si, cvttss2si */
2349 [0x2d] = { SSE_SPECIAL, SSE_SPECIAL, SSE_SPECIAL, SSE_SPECIAL }, /* cvtps2pi, cvtpd2pi, cvtsd2si, cvtss2si */
2350 [0x2e] = { gen_op_ucomiss, gen_op_ucomisd },
2351 [0x2f] = { gen_op_comiss, gen_op_comisd },
2352 [0x50] = { SSE_SPECIAL, SSE_SPECIAL }, /* movmskps, movmskpd */
2353 [0x51] = SSE_FOP(sqrt),
2354 [0x52] = { gen_op_rsqrtps, NULL, gen_op_rsqrtss, NULL },
2355 [0x53] = { gen_op_rcpps, NULL, gen_op_rcpss, NULL },
2356 [0x54] = { gen_op_pand_xmm, gen_op_pand_xmm }, /* andps, andpd */
2357 [0x55] = { gen_op_pandn_xmm, gen_op_pandn_xmm }, /* andnps, andnpd */
2358 [0x56] = { gen_op_por_xmm, gen_op_por_xmm }, /* orps, orpd */
2359 [0x57] = { gen_op_pxor_xmm, gen_op_pxor_xmm }, /* xorps, xorpd */
2360 [0x58] = SSE_FOP(add),
2361 [0x59] = SSE_FOP(mul),
2362 [0x5a] = { gen_op_cvtps2pd, gen_op_cvtpd2ps,
2363 gen_op_cvtss2sd, gen_op_cvtsd2ss },
2364 [0x5b] = { gen_op_cvtdq2ps, gen_op_cvtps2dq, gen_op_cvttps2dq },
2365 [0x5c] = SSE_FOP(sub),
2366 [0x5d] = SSE_FOP(min),
2367 [0x5e] = SSE_FOP(div),
2368 [0x5f] = SSE_FOP(max),
2370 [0xc2] = SSE_FOP(cmpeq),
2371 [0xc6] = { (GenOpFunc2 *)gen_op_shufps, (GenOpFunc2 *)gen_op_shufpd },
2373 /* MMX ops and their SSE extensions */
2374 [0x60] = MMX_OP2(punpcklbw),
2375 [0x61] = MMX_OP2(punpcklwd),
2376 [0x62] = MMX_OP2(punpckldq),
2377 [0x63] = MMX_OP2(packsswb),
2378 [0x64] = MMX_OP2(pcmpgtb),
2379 [0x65] = MMX_OP2(pcmpgtw),
2380 [0x66] = MMX_OP2(pcmpgtl),
2381 [0x67] = MMX_OP2(packuswb),
2382 [0x68] = MMX_OP2(punpckhbw),
2383 [0x69] = MMX_OP2(punpckhwd),
2384 [0x6a] = MMX_OP2(punpckhdq),
2385 [0x6b] = MMX_OP2(packssdw),
2386 [0x6c] = { NULL, gen_op_punpcklqdq_xmm },
2387 [0x6d] = { NULL, gen_op_punpckhqdq_xmm },
2388 [0x6e] = { SSE_SPECIAL, SSE_SPECIAL }, /* movd mm, ea */
2389 [0x6f] = { SSE_SPECIAL, SSE_SPECIAL, SSE_SPECIAL }, /* movq, movdqa, , movqdu */
2390 [0x70] = { (GenOpFunc2 *)gen_op_pshufw_mmx,
2391 (GenOpFunc2 *)gen_op_pshufd_xmm,
2392 (GenOpFunc2 *)gen_op_pshufhw_xmm,
2393 (GenOpFunc2 *)gen_op_pshuflw_xmm },
2394 [0x71] = { SSE_SPECIAL, SSE_SPECIAL }, /* shiftw */
2395 [0x72] = { SSE_SPECIAL, SSE_SPECIAL }, /* shiftd */
2396 [0x73] = { SSE_SPECIAL, SSE_SPECIAL }, /* shiftq */
2397 [0x74] = MMX_OP2(pcmpeqb),
2398 [0x75] = MMX_OP2(pcmpeqw),
2399 [0x76] = MMX_OP2(pcmpeql),
2400 [0x77] = { SSE_SPECIAL }, /* emms */
2401 [0x7c] = { NULL, gen_op_haddpd, NULL, gen_op_haddps },
2402 [0x7d] = { NULL, gen_op_hsubpd, NULL, gen_op_hsubps },
2403 [0x7e] = { SSE_SPECIAL, SSE_SPECIAL, SSE_SPECIAL }, /* movd, movd, , movq */
2404 [0x7f] = { SSE_SPECIAL, SSE_SPECIAL, SSE_SPECIAL }, /* movq, movdqa, movdqu */
2405 [0xc4] = { SSE_SPECIAL, SSE_SPECIAL }, /* pinsrw */
2406 [0xc5] = { SSE_SPECIAL, SSE_SPECIAL }, /* pextrw */
2407 [0xd0] = { NULL, gen_op_addsubpd, NULL, gen_op_addsubps },
2408 [0xd1] = MMX_OP2(psrlw),
2409 [0xd2] = MMX_OP2(psrld),
2410 [0xd3] = MMX_OP2(psrlq),
2411 [0xd4] = MMX_OP2(paddq),
2412 [0xd5] = MMX_OP2(pmullw),
2413 [0xd6] = { NULL, SSE_SPECIAL, SSE_SPECIAL, SSE_SPECIAL },
2414 [0xd7] = { SSE_SPECIAL, SSE_SPECIAL }, /* pmovmskb */
2415 [0xd8] = MMX_OP2(psubusb),
2416 [0xd9] = MMX_OP2(psubusw),
2417 [0xda] = MMX_OP2(pminub),
2418 [0xdb] = MMX_OP2(pand),
2419 [0xdc] = MMX_OP2(paddusb),
2420 [0xdd] = MMX_OP2(paddusw),
2421 [0xde] = MMX_OP2(pmaxub),
2422 [0xdf] = MMX_OP2(pandn),
2423 [0xe0] = MMX_OP2(pavgb),
2424 [0xe1] = MMX_OP2(psraw),
2425 [0xe2] = MMX_OP2(psrad),
2426 [0xe3] = MMX_OP2(pavgw),
2427 [0xe4] = MMX_OP2(pmulhuw),
2428 [0xe5] = MMX_OP2(pmulhw),
2429 [0xe6] = { NULL, gen_op_cvttpd2dq, gen_op_cvtdq2pd, gen_op_cvtpd2dq },
2430 [0xe7] = { SSE_SPECIAL , SSE_SPECIAL }, /* movntq, movntq */
2431 [0xe8] = MMX_OP2(psubsb),
2432 [0xe9] = MMX_OP2(psubsw),
2433 [0xea] = MMX_OP2(pminsw),
2434 [0xeb] = MMX_OP2(por),
2435 [0xec] = MMX_OP2(paddsb),
2436 [0xed] = MMX_OP2(paddsw),
2437 [0xee] = MMX_OP2(pmaxsw),
2438 [0xef] = MMX_OP2(pxor),
2439 [0xf0] = { NULL, NULL, NULL, SSE_SPECIAL }, /* lddqu */
2440 [0xf1] = MMX_OP2(psllw),
2441 [0xf2] = MMX_OP2(pslld),
2442 [0xf3] = MMX_OP2(psllq),
2443 [0xf4] = MMX_OP2(pmuludq),
2444 [0xf5] = MMX_OP2(pmaddwd),
2445 [0xf6] = MMX_OP2(psadbw),
2446 [0xf7] = MMX_OP2(maskmov),
2447 [0xf8] = MMX_OP2(psubb),
2448 [0xf9] = MMX_OP2(psubw),
2449 [0xfa] = MMX_OP2(psubl),
2450 [0xfb] = MMX_OP2(psubq),
2451 [0xfc] = MMX_OP2(paddb),
2452 [0xfd] = MMX_OP2(paddw),
2453 [0xfe] = MMX_OP2(paddl),
2456 static GenOpFunc2 *sse_op_table2[3 * 8][2] = {
2457 [0 + 2] = MMX_OP2(psrlw),
2458 [0 + 4] = MMX_OP2(psraw),
2459 [0 + 6] = MMX_OP2(psllw),
2460 [8 + 2] = MMX_OP2(psrld),
2461 [8 + 4] = MMX_OP2(psrad),
2462 [8 + 6] = MMX_OP2(pslld),
2463 [16 + 2] = MMX_OP2(psrlq),
2464 [16 + 3] = { NULL, gen_op_psrldq_xmm },
2465 [16 + 6] = MMX_OP2(psllq),
2466 [16 + 7] = { NULL, gen_op_pslldq_xmm },
2469 static GenOpFunc1 *sse_op_table3[4 * 3] = {
2472 X86_64_ONLY(gen_op_cvtsq2ss),
2473 X86_64_ONLY(gen_op_cvtsq2sd),
2477 X86_64_ONLY(gen_op_cvttss2sq),
2478 X86_64_ONLY(gen_op_cvttsd2sq),
2482 X86_64_ONLY(gen_op_cvtss2sq),
2483 X86_64_ONLY(gen_op_cvtsd2sq),
2486 static GenOpFunc2 *sse_op_table4[8][4] = {
2497 static void gen_sse(DisasContext *s, int b, target_ulong pc_start, int rex_r)
2499 int b1, op1_offset, op2_offset, is_xmm, val, ot;
2500 int modrm, mod, rm, reg, reg_addr, offset_addr;
2501 GenOpFunc2 *sse_op2;
2502 GenOpFunc3 *sse_op3;
2505 if (s->prefix & PREFIX_DATA)
2507 else if (s->prefix & PREFIX_REPZ)
2509 else if (s->prefix & PREFIX_REPNZ)
2513 sse_op2 = sse_op_table1[b][b1];
2516 if (b <= 0x5f || b == 0xc6 || b == 0xc2) {
2526 /* simple MMX/SSE operation */
2527 if (s->flags & HF_TS_MASK) {
2528 gen_exception(s, EXCP07_PREX, pc_start - s->cs_base);
2531 if (s->flags & HF_EM_MASK) {
2533 gen_exception(s, EXCP06_ILLOP, pc_start - s->cs_base);
2536 if (is_xmm && !(s->flags & HF_OSFXSR_MASK))
2543 /* prepare MMX state (XXX: optimize by storing fptt and fptags in
2544 the static cpu state) */
2549 modrm = ldub_code(s->pc++);
2550 reg = ((modrm >> 3) & 7);
2553 mod = (modrm >> 6) & 3;
2554 if (sse_op2 == SSE_SPECIAL) {
2557 case 0x0e7: /* movntq */
2560 gen_lea_modrm(s, modrm, ®_addr, &offset_addr);
2561 gen_stq_env_A0[s->mem_index >> 2](offsetof(CPUX86State,fpregs[reg].mmx));
2563 case 0x1e7: /* movntdq */
2564 case 0x02b: /* movntps */
2565 case 0x12b: /* movntps */
2566 case 0x3f0: /* lddqu */
2569 gen_lea_modrm(s, modrm, ®_addr, &offset_addr);
2570 gen_sto_env_A0[s->mem_index >> 2](offsetof(CPUX86State,xmm_regs[reg]));
2572 case 0x6e: /* movd mm, ea */
2573 gen_ldst_modrm(s, modrm, OT_LONG, OR_TMP0, 0);
2574 gen_op_movl_mm_T0_mmx(offsetof(CPUX86State,fpregs[reg].mmx));
2576 case 0x16e: /* movd xmm, ea */
2577 gen_ldst_modrm(s, modrm, OT_LONG, OR_TMP0, 0);
2578 gen_op_movl_mm_T0_xmm(offsetof(CPUX86State,xmm_regs[reg]));
2580 case 0x6f: /* movq mm, ea */
2582 gen_lea_modrm(s, modrm, ®_addr, &offset_addr);
2583 gen_ldq_env_A0[s->mem_index >> 2](offsetof(CPUX86State,fpregs[reg].mmx));
2586 gen_op_movq(offsetof(CPUX86State,fpregs[reg].mmx),
2587 offsetof(CPUX86State,fpregs[rm].mmx));
2590 case 0x010: /* movups */
2591 case 0x110: /* movupd */
2592 case 0x028: /* movaps */
2593 case 0x128: /* movapd */
2594 case 0x16f: /* movdqa xmm, ea */
2595 case 0x26f: /* movdqu xmm, ea */
2597 gen_lea_modrm(s, modrm, ®_addr, &offset_addr);
2598 gen_ldo_env_A0[s->mem_index >> 2](offsetof(CPUX86State,xmm_regs[reg]));
2600 rm = (modrm & 7) | REX_B(s);
2601 gen_op_movo(offsetof(CPUX86State,xmm_regs[reg]),
2602 offsetof(CPUX86State,xmm_regs[rm]));
2605 case 0x210: /* movss xmm, ea */
2607 gen_lea_modrm(s, modrm, ®_addr, &offset_addr);
2608 gen_op_ld_T0_A0[OT_LONG + s->mem_index]();
2609 gen_op_movl_env_T0(offsetof(CPUX86State,xmm_regs[reg].XMM_L(0)));
2611 gen_op_movl_env_T0(offsetof(CPUX86State,xmm_regs[reg].XMM_L(1)));
2612 gen_op_movl_env_T0(offsetof(CPUX86State,xmm_regs[reg].XMM_L(2)));
2613 gen_op_movl_env_T0(offsetof(CPUX86State,xmm_regs[reg].XMM_L(3)));
2615 rm = (modrm & 7) | REX_B(s);
2616 gen_op_movl(offsetof(CPUX86State,xmm_regs[reg].XMM_L(0)),
2617 offsetof(CPUX86State,xmm_regs[rm].XMM_L(0)));
2620 case 0x310: /* movsd xmm, ea */
2622 gen_lea_modrm(s, modrm, ®_addr, &offset_addr);
2623 gen_ldq_env_A0[s->mem_index >> 2](offsetof(CPUX86State,xmm_regs[reg].XMM_Q(0)));
2625 gen_op_movl_env_T0(offsetof(CPUX86State,xmm_regs[reg].XMM_L(2)));
2626 gen_op_movl_env_T0(offsetof(CPUX86State,xmm_regs[reg].XMM_L(3)));
2628 rm = (modrm & 7) | REX_B(s);
2629 gen_op_movq(offsetof(CPUX86State,xmm_regs[reg].XMM_Q(0)),
2630 offsetof(CPUX86State,xmm_regs[rm].XMM_Q(0)));
2633 case 0x012: /* movlps */
2634 case 0x112: /* movlpd */
2636 gen_lea_modrm(s, modrm, ®_addr, &offset_addr);
2637 gen_ldq_env_A0[s->mem_index >> 2](offsetof(CPUX86State,xmm_regs[reg].XMM_Q(0)));
2640 rm = (modrm & 7) | REX_B(s);
2641 gen_op_movq(offsetof(CPUX86State,xmm_regs[reg].XMM_Q(0)),
2642 offsetof(CPUX86State,xmm_regs[rm].XMM_Q(1)));
2645 case 0x212: /* movsldup */
2647 gen_lea_modrm(s, modrm, ®_addr, &offset_addr);
2648 gen_ldo_env_A0[s->mem_index >> 2](offsetof(CPUX86State,xmm_regs[reg]));
2650 rm = (modrm & 7) | REX_B(s);
2651 gen_op_movl(offsetof(CPUX86State,xmm_regs[reg].XMM_L(0)),
2652 offsetof(CPUX86State,xmm_regs[rm].XMM_L(0)));
2653 gen_op_movl(offsetof(CPUX86State,xmm_regs[reg].XMM_L(2)),
2654 offsetof(CPUX86State,xmm_regs[rm].XMM_L(2)));
2656 gen_op_movl(offsetof(CPUX86State,xmm_regs[reg].XMM_L(1)),
2657 offsetof(CPUX86State,xmm_regs[reg].XMM_L(0)));
2658 gen_op_movl(offsetof(CPUX86State,xmm_regs[reg].XMM_L(3)),
2659 offsetof(CPUX86State,xmm_regs[reg].XMM_L(2)));
2661 case 0x312: /* movddup */
2663 gen_lea_modrm(s, modrm, ®_addr, &offset_addr);
2664 gen_ldq_env_A0[s->mem_index >> 2](offsetof(CPUX86State,xmm_regs[reg].XMM_Q(0)));
2666 rm = (modrm & 7) | REX_B(s);
2667 gen_op_movq(offsetof(CPUX86State,xmm_regs[reg].XMM_Q(0)),
2668 offsetof(CPUX86State,xmm_regs[rm].XMM_Q(0)));
2670 gen_op_movq(offsetof(CPUX86State,xmm_regs[reg].XMM_Q(1)),
2671 offsetof(CPUX86State,xmm_regs[reg].XMM_Q(0)));
2673 case 0x016: /* movhps */
2674 case 0x116: /* movhpd */
2676 gen_lea_modrm(s, modrm, ®_addr, &offset_addr);
2677 gen_ldq_env_A0[s->mem_index >> 2](offsetof(CPUX86State,xmm_regs[reg].XMM_Q(1)));
2680 rm = (modrm & 7) | REX_B(s);
2681 gen_op_movq(offsetof(CPUX86State,xmm_regs[reg].XMM_Q(1)),
2682 offsetof(CPUX86State,xmm_regs[rm].XMM_Q(0)));
2685 case 0x216: /* movshdup */
2687 gen_lea_modrm(s, modrm, ®_addr, &offset_addr);
2688 gen_ldo_env_A0[s->mem_index >> 2](offsetof(CPUX86State,xmm_regs[reg]));
2690 rm = (modrm & 7) | REX_B(s);
2691 gen_op_movl(offsetof(CPUX86State,xmm_regs[reg].XMM_L(1)),
2692 offsetof(CPUX86State,xmm_regs[rm].XMM_L(1)));
2693 gen_op_movl(offsetof(CPUX86State,xmm_regs[reg].XMM_L(3)),
2694 offsetof(CPUX86State,xmm_regs[rm].XMM_L(3)));
2696 gen_op_movl(offsetof(CPUX86State,xmm_regs[reg].XMM_L(0)),
2697 offsetof(CPUX86State,xmm_regs[reg].XMM_L(1)));
2698 gen_op_movl(offsetof(CPUX86State,xmm_regs[reg].XMM_L(2)),
2699 offsetof(CPUX86State,xmm_regs[reg].XMM_L(3)));
2701 case 0x7e: /* movd ea, mm */
2702 gen_op_movl_T0_mm_mmx(offsetof(CPUX86State,fpregs[reg].mmx));
2703 gen_ldst_modrm(s, modrm, OT_LONG, OR_TMP0, 1);
2705 case 0x17e: /* movd ea, xmm */
2706 gen_op_movl_T0_mm_xmm(offsetof(CPUX86State,xmm_regs[reg]));
2707 gen_ldst_modrm(s, modrm, OT_LONG, OR_TMP0, 1);
2709 case 0x27e: /* movq xmm, ea */
2711 gen_lea_modrm(s, modrm, ®_addr, &offset_addr);
2712 gen_ldq_env_A0[s->mem_index >> 2](offsetof(CPUX86State,xmm_regs[reg].XMM_Q(0)));
2714 rm = (modrm & 7) | REX_B(s);
2715 gen_op_movq(offsetof(CPUX86State,xmm_regs[reg].XMM_Q(0)),
2716 offsetof(CPUX86State,xmm_regs[rm].XMM_Q(0)));
2718 gen_op_movq_env_0(offsetof(CPUX86State,xmm_regs[reg].XMM_Q(1)));
2720 case 0x7f: /* movq ea, mm */
2722 gen_lea_modrm(s, modrm, ®_addr, &offset_addr);
2723 gen_stq_env_A0[s->mem_index >> 2](offsetof(CPUX86State,fpregs[reg].mmx));
2726 gen_op_movq(offsetof(CPUX86State,fpregs[rm].mmx),
2727 offsetof(CPUX86State,fpregs[reg].mmx));
2730 case 0x011: /* movups */
2731 case 0x111: /* movupd */
2732 case 0x029: /* movaps */
2733 case 0x129: /* movapd */
2734 case 0x17f: /* movdqa ea, xmm */
2735 case 0x27f: /* movdqu ea, xmm */
2737 gen_lea_modrm(s, modrm, ®_addr, &offset_addr);
2738 gen_sto_env_A0[s->mem_index >> 2](offsetof(CPUX86State,xmm_regs[reg]));
2740 rm = (modrm & 7) | REX_B(s);
2741 gen_op_movo(offsetof(CPUX86State,xmm_regs[rm]),
2742 offsetof(CPUX86State,xmm_regs[reg]));
2745 case 0x211: /* movss ea, xmm */
2747 gen_lea_modrm(s, modrm, ®_addr, &offset_addr);
2748 gen_op_movl_T0_env(offsetof(CPUX86State,xmm_regs[reg].XMM_L(0)));
2749 gen_op_st_T0_A0[OT_LONG + s->mem_index]();
2751 rm = (modrm & 7) | REX_B(s);
2752 gen_op_movl(offsetof(CPUX86State,xmm_regs[rm].XMM_L(0)),
2753 offsetof(CPUX86State,xmm_regs[reg].XMM_L(0)));
2756 case 0x311: /* movsd ea, xmm */
2758 gen_lea_modrm(s, modrm, ®_addr, &offset_addr);
2759 gen_stq_env_A0[s->mem_index >> 2](offsetof(CPUX86State,xmm_regs[reg].XMM_Q(0)));
2761 rm = (modrm & 7) | REX_B(s);
2762 gen_op_movq(offsetof(CPUX86State,xmm_regs[rm].XMM_Q(0)),
2763 offsetof(CPUX86State,xmm_regs[reg].XMM_Q(0)));
2766 case 0x013: /* movlps */
2767 case 0x113: /* movlpd */
2769 gen_lea_modrm(s, modrm, ®_addr, &offset_addr);
2770 gen_stq_env_A0[s->mem_index >> 2](offsetof(CPUX86State,xmm_regs[reg].XMM_Q(0)));
2775 case 0x017: /* movhps */
2776 case 0x117: /* movhpd */
2778 gen_lea_modrm(s, modrm, ®_addr, &offset_addr);
2779 gen_stq_env_A0[s->mem_index >> 2](offsetof(CPUX86State,xmm_regs[reg].XMM_Q(1)));
2784 case 0x71: /* shift mm, im */
2787 case 0x171: /* shift xmm, im */
2790 val = ldub_code(s->pc++);
2792 gen_op_movl_T0_im(val);
2793 gen_op_movl_env_T0(offsetof(CPUX86State,xmm_t0.XMM_L(0)));
2795 gen_op_movl_env_T0(offsetof(CPUX86State,xmm_t0.XMM_L(1)));
2796 op1_offset = offsetof(CPUX86State,xmm_t0);
2798 gen_op_movl_T0_im(val);
2799 gen_op_movl_env_T0(offsetof(CPUX86State,mmx_t0.MMX_L(0)));
2801 gen_op_movl_env_T0(offsetof(CPUX86State,mmx_t0.MMX_L(1)));
2802 op1_offset = offsetof(CPUX86State,mmx_t0);
2804 sse_op2 = sse_op_table2[((b - 1) & 3) * 8 + (((modrm >> 3)) & 7)][b1];
2808 rm = (modrm & 7) | REX_B(s);
2809 op2_offset = offsetof(CPUX86State,xmm_regs[rm]);
2812 op2_offset = offsetof(CPUX86State,fpregs[rm].mmx);
2814 sse_op2(op2_offset, op1_offset);
2816 case 0x050: /* movmskps */
2817 rm = (modrm & 7) | REX_B(s);
2818 gen_op_movmskps(offsetof(CPUX86State,xmm_regs[rm]));
2819 gen_op_mov_reg_T0[OT_LONG][reg]();
2821 case 0x150: /* movmskpd */
2822 rm = (modrm & 7) | REX_B(s);
2823 gen_op_movmskpd(offsetof(CPUX86State,xmm_regs[rm]));
2824 gen_op_mov_reg_T0[OT_LONG][reg]();
2826 case 0x02a: /* cvtpi2ps */
2827 case 0x12a: /* cvtpi2pd */
2830 gen_lea_modrm(s, modrm, ®_addr, &offset_addr);
2831 op2_offset = offsetof(CPUX86State,mmx_t0);
2832 gen_ldq_env_A0[s->mem_index >> 2](op2_offset);
2835 op2_offset = offsetof(CPUX86State,fpregs[rm].mmx);
2837 op1_offset = offsetof(CPUX86State,xmm_regs[reg]);
2840 gen_op_cvtpi2ps(op1_offset, op2_offset);
2844 gen_op_cvtpi2pd(op1_offset, op2_offset);
2848 case 0x22a: /* cvtsi2ss */
2849 case 0x32a: /* cvtsi2sd */
2850 ot = (s->dflag == 2) ? OT_QUAD : OT_LONG;
2851 gen_ldst_modrm(s, modrm, ot, OR_TMP0, 0);
2852 op1_offset = offsetof(CPUX86State,xmm_regs[reg]);
2853 sse_op_table3[(s->dflag == 2) * 2 + ((b >> 8) - 2)](op1_offset);
2855 case 0x02c: /* cvttps2pi */
2856 case 0x12c: /* cvttpd2pi */
2857 case 0x02d: /* cvtps2pi */
2858 case 0x12d: /* cvtpd2pi */
2861 gen_lea_modrm(s, modrm, ®_addr, &offset_addr);
2862 op2_offset = offsetof(CPUX86State,xmm_t0);
2863 gen_ldo_env_A0[s->mem_index >> 2](op2_offset);
2865 rm = (modrm & 7) | REX_B(s);
2866 op2_offset = offsetof(CPUX86State,xmm_regs[rm]);
2868 op1_offset = offsetof(CPUX86State,fpregs[reg & 7].mmx);
2871 gen_op_cvttps2pi(op1_offset, op2_offset);
2874 gen_op_cvttpd2pi(op1_offset, op2_offset);
2877 gen_op_cvtps2pi(op1_offset, op2_offset);
2880 gen_op_cvtpd2pi(op1_offset, op2_offset);
2884 case 0x22c: /* cvttss2si */
2885 case 0x32c: /* cvttsd2si */
2886 case 0x22d: /* cvtss2si */
2887 case 0x32d: /* cvtsd2si */
2888 ot = (s->dflag == 2) ? OT_QUAD : OT_LONG;
2890 gen_lea_modrm(s, modrm, ®_addr, &offset_addr);
2892 gen_ldq_env_A0[s->mem_index >> 2](offsetof(CPUX86State,xmm_t0.XMM_Q(0)));
2894 gen_op_ld_T0_A0[OT_LONG + s->mem_index]();
2895 gen_op_movl_env_T0(offsetof(CPUX86State,xmm_t0.XMM_L(0)));
2897 op2_offset = offsetof(CPUX86State,xmm_t0);
2899 rm = (modrm & 7) | REX_B(s);
2900 op2_offset = offsetof(CPUX86State,xmm_regs[rm]);
2902 sse_op_table3[(s->dflag == 2) * 2 + ((b >> 8) - 2) + 4 +
2903 (b & 1) * 4](op2_offset);
2904 gen_op_mov_reg_T0[ot][reg]();
2906 case 0xc4: /* pinsrw */
2908 gen_ldst_modrm(s, modrm, OT_WORD, OR_TMP0, 0);
2909 val = ldub_code(s->pc++);
2912 gen_op_pinsrw_xmm(offsetof(CPUX86State,xmm_regs[reg]), val);
2915 gen_op_pinsrw_mmx(offsetof(CPUX86State,fpregs[reg].mmx), val);
2918 case 0xc5: /* pextrw */
2922 val = ldub_code(s->pc++);
2925 rm = (modrm & 7) | REX_B(s);
2926 gen_op_pextrw_xmm(offsetof(CPUX86State,xmm_regs[rm]), val);
2930 gen_op_pextrw_mmx(offsetof(CPUX86State,fpregs[rm].mmx), val);
2932 reg = ((modrm >> 3) & 7) | rex_r;
2933 gen_op_mov_reg_T0[OT_LONG][reg]();
2935 case 0x1d6: /* movq ea, xmm */
2937 gen_lea_modrm(s, modrm, ®_addr, &offset_addr);
2938 gen_stq_env_A0[s->mem_index >> 2](offsetof(CPUX86State,xmm_regs[reg].XMM_Q(0)));
2940 rm = (modrm & 7) | REX_B(s);
2941 gen_op_movq(offsetof(CPUX86State,xmm_regs[rm].XMM_Q(0)),
2942 offsetof(CPUX86State,xmm_regs[reg].XMM_Q(0)));
2943 gen_op_movq_env_0(offsetof(CPUX86State,xmm_regs[rm].XMM_Q(1)));
2946 case 0x2d6: /* movq2dq */
2948 rm = (modrm & 7) | REX_B(s);
2949 gen_op_movq(offsetof(CPUX86State,xmm_regs[rm].XMM_Q(0)),
2950 offsetof(CPUX86State,fpregs[reg & 7].mmx));
2951 gen_op_movq_env_0(offsetof(CPUX86State,xmm_regs[rm].XMM_Q(1)));
2953 case 0x3d6: /* movdq2q */
2956 gen_op_movq(offsetof(CPUX86State,fpregs[rm].mmx),
2957 offsetof(CPUX86State,xmm_regs[reg].XMM_Q(0)));
2959 case 0xd7: /* pmovmskb */
2964 rm = (modrm & 7) | REX_B(s);
2965 gen_op_pmovmskb_xmm(offsetof(CPUX86State,xmm_regs[rm]));
2968 gen_op_pmovmskb_mmx(offsetof(CPUX86State,fpregs[rm].mmx));
2970 reg = ((modrm >> 3) & 7) | rex_r;
2971 gen_op_mov_reg_T0[OT_LONG][reg]();
2977 /* generic MMX or SSE operation */
2979 /* maskmov : we must prepare A0 */
2982 #ifdef TARGET_X86_64
2983 if (s->aflag == 2) {
2984 gen_op_movq_A0_reg[R_EDI]();
2988 gen_op_movl_A0_reg[R_EDI]();
2990 gen_op_andl_A0_ffff();
2992 gen_add_A0_ds_seg(s);
2995 op1_offset = offsetof(CPUX86State,xmm_regs[reg]);
2997 gen_lea_modrm(s, modrm, ®_addr, &offset_addr);
2998 op2_offset = offsetof(CPUX86State,xmm_t0);
2999 if (b1 >= 2 && ((b >= 0x50 && b <= 0x5f) ||
3001 /* specific case for SSE single instructions */
3004 gen_op_ld_T0_A0[OT_LONG + s->mem_index]();
3005 gen_op_movl_env_T0(offsetof(CPUX86State,xmm_t0.XMM_L(0)));
3008 gen_ldq_env_A0[s->mem_index >> 2](offsetof(CPUX86State,xmm_t0.XMM_D(0)));
3011 gen_ldo_env_A0[s->mem_index >> 2](op2_offset);
3014 rm = (modrm & 7) | REX_B(s);
3015 op2_offset = offsetof(CPUX86State,xmm_regs[rm]);
3018 op1_offset = offsetof(CPUX86State,fpregs[reg].mmx);
3020 gen_lea_modrm(s, modrm, ®_addr, &offset_addr);
3021 op2_offset = offsetof(CPUX86State,mmx_t0);
3022 gen_ldq_env_A0[s->mem_index >> 2](op2_offset);
3025 op2_offset = offsetof(CPUX86State,fpregs[rm].mmx);
3029 case 0x70: /* pshufx insn */
3030 case 0xc6: /* pshufx insn */
3031 val = ldub_code(s->pc++);
3032 sse_op3 = (GenOpFunc3 *)sse_op2;
3033 sse_op3(op1_offset, op2_offset, val);
3037 val = ldub_code(s->pc++);
3040 sse_op2 = sse_op_table4[val][b1];
3041 sse_op2(op1_offset, op2_offset);
3044 sse_op2(op1_offset, op2_offset);
3047 if (b == 0x2e || b == 0x2f) {
3048 s->cc_op = CC_OP_EFLAGS;
3054 /* convert one instruction. s->is_jmp is set if the translation must
3055 be stopped. Return the next pc value */
3056 static target_ulong disas_insn(DisasContext *s, target_ulong pc_start)
3058 int b, prefixes, aflag, dflag;
3060 int modrm, reg, rm, mod, reg_addr, op, opreg, offset_addr, val;
3061 target_ulong next_eip, tval;
3071 #ifdef TARGET_X86_64
3076 s->rip_offset = 0; /* for relative ip address */
3078 b = ldub_code(s->pc);
3080 /* check prefixes */
3081 #ifdef TARGET_X86_64
3085 prefixes |= PREFIX_REPZ;
3088 prefixes |= PREFIX_REPNZ;
3091 prefixes |= PREFIX_LOCK;
3112 prefixes |= PREFIX_DATA;
3115 prefixes |= PREFIX_ADR;
3119 rex_w = (b >> 3) & 1;
3120 rex_r = (b & 0x4) << 1;
3121 s->rex_x = (b & 0x2) << 2;
3122 REX_B(s) = (b & 0x1) << 3;
3123 x86_64_hregs = 1; /* select uniform byte register addressing */
3127 /* 0x66 is ignored if rex.w is set */
3130 if (prefixes & PREFIX_DATA)
3133 if (!(prefixes & PREFIX_ADR))
3140 prefixes |= PREFIX_REPZ;
3143 prefixes |= PREFIX_REPNZ;
3146 prefixes |= PREFIX_LOCK;
3167 prefixes |= PREFIX_DATA;
3170 prefixes |= PREFIX_ADR;
3173 if (prefixes & PREFIX_DATA)
3175 if (prefixes & PREFIX_ADR)
3179 s->prefix = prefixes;
3183 /* lock generation */
3184 if (prefixes & PREFIX_LOCK)
3187 /* now check op code */
3191 /**************************/
3192 /* extended op code */
3193 b = ldub_code(s->pc++) | 0x100;
3196 /**************************/
3214 ot = dflag + OT_WORD;
3217 case 0: /* OP Ev, Gv */
3218 modrm = ldub_code(s->pc++);
3219 reg = ((modrm >> 3) & 7) | rex_r;
3220 mod = (modrm >> 6) & 3;
3221 rm = (modrm & 7) | REX_B(s);
3223 gen_lea_modrm(s, modrm, ®_addr, &offset_addr);
3225 } else if (op == OP_XORL && rm == reg) {
3227 /* xor reg, reg optimisation */
3229 s->cc_op = CC_OP_LOGICB + ot;
3230 gen_op_mov_reg_T0[ot][reg]();
3231 gen_op_update1_cc();
3236 gen_op_mov_TN_reg[ot][1][reg]();
3237 gen_op(s, op, ot, opreg);
3239 case 1: /* OP Gv, Ev */
3240 modrm = ldub_code(s->pc++);
3241 mod = (modrm >> 6) & 3;
3242 reg = ((modrm >> 3) & 7) | rex_r;
3243 rm = (modrm & 7) | REX_B(s);
3245 gen_lea_modrm(s, modrm, ®_addr, &offset_addr);
3246 gen_op_ld_T1_A0[ot + s->mem_index]();
3247 } else if (op == OP_XORL && rm == reg) {
3250 gen_op_mov_TN_reg[ot][1][rm]();
3252 gen_op(s, op, ot, reg);
3254 case 2: /* OP A, Iv */
3255 val = insn_get(s, ot);
3256 gen_op_movl_T1_im(val);
3257 gen_op(s, op, ot, OR_EAX);
3263 case 0x80: /* GRP1 */
3273 ot = dflag + OT_WORD;
3275 modrm = ldub_code(s->pc++);
3276 mod = (modrm >> 6) & 3;
3277 rm = (modrm & 7) | REX_B(s);
3278 op = (modrm >> 3) & 7;
3284 s->rip_offset = insn_const_size(ot);
3285 gen_lea_modrm(s, modrm, ®_addr, &offset_addr);
3296 val = insn_get(s, ot);
3299 val = (int8_t)insn_get(s, OT_BYTE);
3302 gen_op_movl_T1_im(val);
3303 gen_op(s, op, ot, opreg);
3307 /**************************/
3308 /* inc, dec, and other misc arith */
3309 case 0x40 ... 0x47: /* inc Gv */
3310 ot = dflag ? OT_LONG : OT_WORD;
3311 gen_inc(s, ot, OR_EAX + (b & 7), 1);
3313 case 0x48 ... 0x4f: /* dec Gv */
3314 ot = dflag ? OT_LONG : OT_WORD;
3315 gen_inc(s, ot, OR_EAX + (b & 7), -1);
3317 case 0xf6: /* GRP3 */
3322 ot = dflag + OT_WORD;
3324 modrm = ldub_code(s->pc++);
3325 mod = (modrm >> 6) & 3;
3326 rm = (modrm & 7) | REX_B(s);
3327 op = (modrm >> 3) & 7;
3330 s->rip_offset = insn_const_size(ot);
3331 gen_lea_modrm(s, modrm, ®_addr, &offset_addr);
3332 gen_op_ld_T0_A0[ot + s->mem_index]();
3334 gen_op_mov_TN_reg[ot][0][rm]();
3339 val = insn_get(s, ot);
3340 gen_op_movl_T1_im(val);
3341 gen_op_testl_T0_T1_cc();
3342 s->cc_op = CC_OP_LOGICB + ot;
3347 gen_op_st_T0_A0[ot + s->mem_index]();
3349 gen_op_mov_reg_T0[ot][rm]();
3355 gen_op_st_T0_A0[ot + s->mem_index]();
3357 gen_op_mov_reg_T0[ot][rm]();
3359 gen_op_update_neg_cc();
3360 s->cc_op = CC_OP_SUBB + ot;
3365 gen_op_mulb_AL_T0();
3366 s->cc_op = CC_OP_MULB;
3369 gen_op_mulw_AX_T0();
3370 s->cc_op = CC_OP_MULW;
3374 gen_op_mull_EAX_T0();
3375 s->cc_op = CC_OP_MULL;
3377 #ifdef TARGET_X86_64
3379 gen_op_mulq_EAX_T0();
3380 s->cc_op = CC_OP_MULQ;
3388 gen_op_imulb_AL_T0();
3389 s->cc_op = CC_OP_MULB;
3392 gen_op_imulw_AX_T0();
3393 s->cc_op = CC_OP_MULW;
3397 gen_op_imull_EAX_T0();
3398 s->cc_op = CC_OP_MULL;
3400 #ifdef TARGET_X86_64
3402 gen_op_imulq_EAX_T0();
3403 s->cc_op = CC_OP_MULQ;
3411 gen_jmp_im(pc_start - s->cs_base);
3412 gen_op_divb_AL_T0();
3415 gen_jmp_im(pc_start - s->cs_base);
3416 gen_op_divw_AX_T0();
3420 gen_jmp_im(pc_start - s->cs_base);
3421 gen_op_divl_EAX_T0();
3423 #ifdef TARGET_X86_64
3425 gen_jmp_im(pc_start - s->cs_base);
3426 gen_op_divq_EAX_T0();
3434 gen_jmp_im(pc_start - s->cs_base);
3435 gen_op_idivb_AL_T0();
3438 gen_jmp_im(pc_start - s->cs_base);
3439 gen_op_idivw_AX_T0();
3443 gen_jmp_im(pc_start - s->cs_base);
3444 gen_op_idivl_EAX_T0();
3446 #ifdef TARGET_X86_64
3448 gen_jmp_im(pc_start - s->cs_base);
3449 gen_op_idivq_EAX_T0();
3459 case 0xfe: /* GRP4 */
3460 case 0xff: /* GRP5 */
3464 ot = dflag + OT_WORD;
3466 modrm = ldub_code(s->pc++);
3467 mod = (modrm >> 6) & 3;
3468 rm = (modrm & 7) | REX_B(s);
3469 op = (modrm >> 3) & 7;
3470 if (op >= 2 && b == 0xfe) {
3474 if (op == 2 || op == 4) {
3475 /* operand size for jumps is 64 bit */
3477 } else if (op == 3 || op == 5) {
3478 /* for call calls, the operand is 16 or 32 bit, even
3480 ot = dflag ? OT_LONG : OT_WORD;
3481 } else if (op == 6) {
3482 /* default push size is 64 bit */
3483 ot = dflag ? OT_QUAD : OT_WORD;
3487 gen_lea_modrm(s, modrm, ®_addr, &offset_addr);
3488 if (op >= 2 && op != 3 && op != 5)
3489 gen_op_ld_T0_A0[ot + s->mem_index]();
3491 gen_op_mov_TN_reg[ot][0][rm]();
3495 case 0: /* inc Ev */
3500 gen_inc(s, ot, opreg, 1);
3502 case 1: /* dec Ev */
3507 gen_inc(s, ot, opreg, -1);
3509 case 2: /* call Ev */
3510 /* XXX: optimize if memory (no 'and' is necessary) */
3512 gen_op_andl_T0_ffff();
3513 next_eip = s->pc - s->cs_base;
3514 gen_movtl_T1_im(next_eip);
3519 case 3: /* lcall Ev */
3520 gen_op_ld_T1_A0[ot + s->mem_index]();
3521 gen_add_A0_im(s, 1 << (ot - OT_WORD + 1));
3522 gen_op_ldu_T0_A0[OT_WORD + s->mem_index]();
3524 if (s->pe && !s->vm86) {
3525 if (s->cc_op != CC_OP_DYNAMIC)
3526 gen_op_set_cc_op(s->cc_op);
3527 gen_jmp_im(pc_start - s->cs_base);
3528 gen_op_lcall_protected_T0_T1(dflag, s->pc - pc_start);
3530 gen_op_lcall_real_T0_T1(dflag, s->pc - s->cs_base);
3534 case 4: /* jmp Ev */
3536 gen_op_andl_T0_ffff();
3540 case 5: /* ljmp Ev */
3541 gen_op_ld_T1_A0[ot + s->mem_index]();
3542 gen_add_A0_im(s, 1 << (ot - OT_WORD + 1));
3543 gen_op_ldu_T0_A0[OT_WORD + s->mem_index]();
3545 if (s->pe && !s->vm86) {
3546 if (s->cc_op != CC_OP_DYNAMIC)
3547 gen_op_set_cc_op(s->cc_op);
3548 gen_jmp_im(pc_start - s->cs_base);
3549 gen_op_ljmp_protected_T0_T1(s->pc - pc_start);
3551 gen_op_movl_seg_T0_vm(offsetof(CPUX86State,segs[R_CS]));
3552 gen_op_movl_T0_T1();
3557 case 6: /* push Ev */
3565 case 0x84: /* test Ev, Gv */
3570 ot = dflag + OT_WORD;
3572 modrm = ldub_code(s->pc++);
3573 mod = (modrm >> 6) & 3;
3574 rm = (modrm & 7) | REX_B(s);
3575 reg = ((modrm >> 3) & 7) | rex_r;
3577 gen_ldst_modrm(s, modrm, ot, OR_TMP0, 0);
3578 gen_op_mov_TN_reg[ot][1][reg]();
3579 gen_op_testl_T0_T1_cc();
3580 s->cc_op = CC_OP_LOGICB + ot;
3583 case 0xa8: /* test eAX, Iv */
3588 ot = dflag + OT_WORD;
3589 val = insn_get(s, ot);
3591 gen_op_mov_TN_reg[ot][0][OR_EAX]();
3592 gen_op_movl_T1_im(val);
3593 gen_op_testl_T0_T1_cc();
3594 s->cc_op = CC_OP_LOGICB + ot;
3597 case 0x98: /* CWDE/CBW */
3598 #ifdef TARGET_X86_64
3600 gen_op_movslq_RAX_EAX();
3604 gen_op_movswl_EAX_AX();
3606 gen_op_movsbw_AX_AL();
3608 case 0x99: /* CDQ/CWD */
3609 #ifdef TARGET_X86_64
3611 gen_op_movsqo_RDX_RAX();
3615 gen_op_movslq_EDX_EAX();
3617 gen_op_movswl_DX_AX();
3619 case 0x1af: /* imul Gv, Ev */
3620 case 0x69: /* imul Gv, Ev, I */
3622 ot = dflag + OT_WORD;
3623 modrm = ldub_code(s->pc++);
3624 reg = ((modrm >> 3) & 7) | rex_r;
3626 s->rip_offset = insn_const_size(ot);
3629 gen_ldst_modrm(s, modrm, ot, OR_TMP0, 0);
3631 val = insn_get(s, ot);
3632 gen_op_movl_T1_im(val);
3633 } else if (b == 0x6b) {
3634 val = (int8_t)insn_get(s, OT_BYTE);
3635 gen_op_movl_T1_im(val);
3637 gen_op_mov_TN_reg[ot][1][reg]();
3640 #ifdef TARGET_X86_64
3641 if (ot == OT_QUAD) {
3642 gen_op_imulq_T0_T1();
3645 if (ot == OT_LONG) {
3646 gen_op_imull_T0_T1();
3648 gen_op_imulw_T0_T1();
3650 gen_op_mov_reg_T0[ot][reg]();
3651 s->cc_op = CC_OP_MULB + ot;
3654 case 0x1c1: /* xadd Ev, Gv */
3658 ot = dflag + OT_WORD;
3659 modrm = ldub_code(s->pc++);
3660 reg = ((modrm >> 3) & 7) | rex_r;
3661 mod = (modrm >> 6) & 3;
3663 rm = (modrm & 7) | REX_B(s);
3664 gen_op_mov_TN_reg[ot][0][reg]();
3665 gen_op_mov_TN_reg[ot][1][rm]();
3666 gen_op_addl_T0_T1();
3667 gen_op_mov_reg_T1[ot][reg]();
3668 gen_op_mov_reg_T0[ot][rm]();
3670 gen_lea_modrm(s, modrm, ®_addr, &offset_addr);
3671 gen_op_mov_TN_reg[ot][0][reg]();
3672 gen_op_ld_T1_A0[ot + s->mem_index]();
3673 gen_op_addl_T0_T1();
3674 gen_op_st_T0_A0[ot + s->mem_index]();
3675 gen_op_mov_reg_T1[ot][reg]();
3677 gen_op_update2_cc();
3678 s->cc_op = CC_OP_ADDB + ot;
3681 case 0x1b1: /* cmpxchg Ev, Gv */
3685 ot = dflag + OT_WORD;
3686 modrm = ldub_code(s->pc++);
3687 reg = ((modrm >> 3) & 7) | rex_r;
3688 mod = (modrm >> 6) & 3;
3689 gen_op_mov_TN_reg[ot][1][reg]();
3691 rm = (modrm & 7) | REX_B(s);
3692 gen_op_mov_TN_reg[ot][0][rm]();
3693 gen_op_cmpxchg_T0_T1_EAX_cc[ot]();
3694 gen_op_mov_reg_T0[ot][rm]();
3696 gen_lea_modrm(s, modrm, ®_addr, &offset_addr);
3697 gen_op_ld_T0_A0[ot + s->mem_index]();
3698 gen_op_cmpxchg_mem_T0_T1_EAX_cc[ot + s->mem_index]();
3700 s->cc_op = CC_OP_SUBB + ot;
3702 case 0x1c7: /* cmpxchg8b */
3703 modrm = ldub_code(s->pc++);
3704 mod = (modrm >> 6) & 3;
3707 if (s->cc_op != CC_OP_DYNAMIC)
3708 gen_op_set_cc_op(s->cc_op);
3709 gen_lea_modrm(s, modrm, ®_addr, &offset_addr);
3711 s->cc_op = CC_OP_EFLAGS;
3714 /**************************/
3716 case 0x50 ... 0x57: /* push */
3717 gen_op_mov_TN_reg[OT_LONG][0][(b & 7) | REX_B(s)]();
3720 case 0x58 ... 0x5f: /* pop */
3722 ot = dflag ? OT_QUAD : OT_WORD;
3724 ot = dflag + OT_WORD;
3727 /* NOTE: order is important for pop %sp */
3729 gen_op_mov_reg_T0[ot][(b & 7) | REX_B(s)]();
3731 case 0x60: /* pusha */
3736 case 0x61: /* popa */
3741 case 0x68: /* push Iv */
3744 ot = dflag ? OT_QUAD : OT_WORD;
3746 ot = dflag + OT_WORD;
3749 val = insn_get(s, ot);
3751 val = (int8_t)insn_get(s, OT_BYTE);
3752 gen_op_movl_T0_im(val);
3755 case 0x8f: /* pop Ev */
3757 ot = dflag ? OT_QUAD : OT_WORD;
3759 ot = dflag + OT_WORD;
3761 modrm = ldub_code(s->pc++);
3762 mod = (modrm >> 6) & 3;
3765 /* NOTE: order is important for pop %sp */
3767 rm = (modrm & 7) | REX_B(s);
3768 gen_op_mov_reg_T0[ot][rm]();
3770 /* NOTE: order is important too for MMU exceptions */
3771 s->popl_esp_hack = 1 << ot;
3772 gen_ldst_modrm(s, modrm, ot, OR_TMP0, 1);
3773 s->popl_esp_hack = 0;
3777 case 0xc8: /* enter */
3780 val = lduw_code(s->pc);
3782 level = ldub_code(s->pc++);
3783 gen_enter(s, val, level);
3786 case 0xc9: /* leave */
3787 /* XXX: exception not precise (ESP is updated before potential exception) */
3789 gen_op_mov_TN_reg[OT_QUAD][0][R_EBP]();
3790 gen_op_mov_reg_T0[OT_QUAD][R_ESP]();
3791 } else if (s->ss32) {
3792 gen_op_mov_TN_reg[OT_LONG][0][R_EBP]();
3793 gen_op_mov_reg_T0[OT_LONG][R_ESP]();
3795 gen_op_mov_TN_reg[OT_WORD][0][R_EBP]();
3796 gen_op_mov_reg_T0[OT_WORD][R_ESP]();
3800 ot = dflag ? OT_QUAD : OT_WORD;
3802 ot = dflag + OT_WORD;
3804 gen_op_mov_reg_T0[ot][R_EBP]();
3807 case 0x06: /* push es */
3808 case 0x0e: /* push cs */
3809 case 0x16: /* push ss */
3810 case 0x1e: /* push ds */
3813 gen_op_movl_T0_seg(b >> 3);
3816 case 0x1a0: /* push fs */
3817 case 0x1a8: /* push gs */
3818 gen_op_movl_T0_seg((b >> 3) & 7);
3821 case 0x07: /* pop es */
3822 case 0x17: /* pop ss */
3823 case 0x1f: /* pop ds */
3828 gen_movl_seg_T0(s, reg, pc_start - s->cs_base);
3831 /* if reg == SS, inhibit interrupts/trace. */
3832 /* If several instructions disable interrupts, only the
3834 if (!(s->tb->flags & HF_INHIBIT_IRQ_MASK))
3835 gen_op_set_inhibit_irq();
3839 gen_jmp_im(s->pc - s->cs_base);
3843 case 0x1a1: /* pop fs */
3844 case 0x1a9: /* pop gs */
3846 gen_movl_seg_T0(s, (b >> 3) & 7, pc_start - s->cs_base);
3849 gen_jmp_im(s->pc - s->cs_base);
3854 /**************************/
3857 case 0x89: /* mov Gv, Ev */
3861 ot = dflag + OT_WORD;
3862 modrm = ldub_code(s->pc++);
3863 reg = ((modrm >> 3) & 7) | rex_r;
3865 /* generate a generic store */
3866 gen_ldst_modrm(s, modrm, ot, reg, 1);
3869 case 0xc7: /* mov Ev, Iv */
3873 ot = dflag + OT_WORD;
3874 modrm = ldub_code(s->pc++);
3875 mod = (modrm >> 6) & 3;
3877 s->rip_offset = insn_const_size(ot);
3878 gen_lea_modrm(s, modrm, ®_addr, &offset_addr);
3880 val = insn_get(s, ot);
3881 gen_op_movl_T0_im(val);
3883 gen_op_st_T0_A0[ot + s->mem_index]();
3885 gen_op_mov_reg_T0[ot][(modrm & 7) | REX_B(s)]();
3888 case 0x8b: /* mov Ev, Gv */
3892 ot = OT_WORD + dflag;
3893 modrm = ldub_code(s->pc++);
3894 reg = ((modrm >> 3) & 7) | rex_r;
3896 gen_ldst_modrm(s, modrm, ot, OR_TMP0, 0);
3897 gen_op_mov_reg_T0[ot][reg]();
3899 case 0x8e: /* mov seg, Gv */
3900 modrm = ldub_code(s->pc++);
3901 reg = (modrm >> 3) & 7;
3902 if (reg >= 6 || reg == R_CS)
3904 gen_ldst_modrm(s, modrm, OT_WORD, OR_TMP0, 0);
3905 gen_movl_seg_T0(s, reg, pc_start - s->cs_base);
3907 /* if reg == SS, inhibit interrupts/trace */
3908 /* If several instructions disable interrupts, only the
3910 if (!(s->tb->flags & HF_INHIBIT_IRQ_MASK))
3911 gen_op_set_inhibit_irq();
3915 gen_jmp_im(s->pc - s->cs_base);
3919 case 0x8c: /* mov Gv, seg */
3920 modrm = ldub_code(s->pc++);
3921 reg = (modrm >> 3) & 7;
3922 mod = (modrm >> 6) & 3;
3925 gen_op_movl_T0_seg(reg);
3927 ot = OT_WORD + dflag;
3930 gen_ldst_modrm(s, modrm, ot, OR_TMP0, 1);
3933 case 0x1b6: /* movzbS Gv, Eb */
3934 case 0x1b7: /* movzwS Gv, Eb */
3935 case 0x1be: /* movsbS Gv, Eb */
3936 case 0x1bf: /* movswS Gv, Eb */
3939 /* d_ot is the size of destination */
3940 d_ot = dflag + OT_WORD;
3941 /* ot is the size of source */
3942 ot = (b & 1) + OT_BYTE;
3943 modrm = ldub_code(s->pc++);
3944 reg = ((modrm >> 3) & 7) | rex_r;
3945 mod = (modrm >> 6) & 3;
3946 rm = (modrm & 7) | REX_B(s);
3949 gen_op_mov_TN_reg[ot][0][rm]();
3950 switch(ot | (b & 8)) {
3952 gen_op_movzbl_T0_T0();
3955 gen_op_movsbl_T0_T0();
3958 gen_op_movzwl_T0_T0();
3962 gen_op_movswl_T0_T0();
3965 gen_op_mov_reg_T0[d_ot][reg]();
3967 gen_lea_modrm(s, modrm, ®_addr, &offset_addr);
3969 gen_op_lds_T0_A0[ot + s->mem_index]();
3971 gen_op_ldu_T0_A0[ot + s->mem_index]();
3973 gen_op_mov_reg_T0[d_ot][reg]();
3978 case 0x8d: /* lea */
3979 ot = dflag + OT_WORD;
3980 modrm = ldub_code(s->pc++);
3981 mod = (modrm >> 6) & 3;
3984 reg = ((modrm >> 3) & 7) | rex_r;
3985 /* we must ensure that no segment is added */
3989 gen_lea_modrm(s, modrm, ®_addr, &offset_addr);
3991 gen_op_mov_reg_A0[ot - OT_WORD][reg]();
3994 case 0xa0: /* mov EAX, Ov */
3996 case 0xa2: /* mov Ov, EAX */
3999 target_ulong offset_addr;
4004 ot = dflag + OT_WORD;
4005 #ifdef TARGET_X86_64
4006 if (s->aflag == 2) {
4007 offset_addr = ldq_code(s->pc);
4009 if (offset_addr == (int32_t)offset_addr)
4010 gen_op_movq_A0_im(offset_addr);
4012 gen_op_movq_A0_im64(offset_addr >> 32, offset_addr);
4017 offset_addr = insn_get(s, OT_LONG);
4019 offset_addr = insn_get(s, OT_WORD);
4021 gen_op_movl_A0_im(offset_addr);
4023 gen_add_A0_ds_seg(s);
4025 gen_op_ld_T0_A0[ot + s->mem_index]();
4026 gen_op_mov_reg_T0[ot][R_EAX]();
4028 gen_op_mov_TN_reg[ot][0][R_EAX]();
4029 gen_op_st_T0_A0[ot + s->mem_index]();
4033 case 0xd7: /* xlat */
4034 #ifdef TARGET_X86_64
4035 if (s->aflag == 2) {
4036 gen_op_movq_A0_reg[R_EBX]();
4037 gen_op_addq_A0_AL();
4041 gen_op_movl_A0_reg[R_EBX]();
4042 gen_op_addl_A0_AL();
4044 gen_op_andl_A0_ffff();
4046 gen_add_A0_ds_seg(s);
4047 gen_op_ldu_T0_A0[OT_BYTE + s->mem_index]();
4048 gen_op_mov_reg_T0[OT_BYTE][R_EAX]();
4050 case 0xb0 ... 0xb7: /* mov R, Ib */
4051 val = insn_get(s, OT_BYTE);
4052 gen_op_movl_T0_im(val);
4053 gen_op_mov_reg_T0[OT_BYTE][(b & 7) | REX_B(s)]();
4055 case 0xb8 ... 0xbf: /* mov R, Iv */
4056 #ifdef TARGET_X86_64
4060 tmp = ldq_code(s->pc);
4062 reg = (b & 7) | REX_B(s);
4063 gen_movtl_T0_im(tmp);
4064 gen_op_mov_reg_T0[OT_QUAD][reg]();
4068 ot = dflag ? OT_LONG : OT_WORD;
4069 val = insn_get(s, ot);
4070 reg = (b & 7) | REX_B(s);
4071 gen_op_movl_T0_im(val);
4072 gen_op_mov_reg_T0[ot][reg]();
4076 case 0x91 ... 0x97: /* xchg R, EAX */
4077 ot = dflag + OT_WORD;
4078 reg = (b & 7) | REX_B(s);
4082 case 0x87: /* xchg Ev, Gv */
4086 ot = dflag + OT_WORD;
4087 modrm = ldub_code(s->pc++);
4088 reg = ((modrm >> 3) & 7) | rex_r;
4089 mod = (modrm >> 6) & 3;
4091 rm = (modrm & 7) | REX_B(s);
4093 gen_op_mov_TN_reg[ot][0][reg]();
4094 gen_op_mov_TN_reg[ot][1][rm]();
4095 gen_op_mov_reg_T0[ot][rm]();
4096 gen_op_mov_reg_T1[ot][reg]();
4098 gen_lea_modrm(s, modrm, ®_addr, &offset_addr);
4099 gen_op_mov_TN_reg[ot][0][reg]();
4100 /* for xchg, lock is implicit */
4101 if (!(prefixes & PREFIX_LOCK))
4103 gen_op_ld_T1_A0[ot + s->mem_index]();
4104 gen_op_st_T0_A0[ot + s->mem_index]();
4105 if (!(prefixes & PREFIX_LOCK))
4107 gen_op_mov_reg_T1[ot][reg]();
4110 case 0xc4: /* les Gv */
4115 case 0xc5: /* lds Gv */
4120 case 0x1b2: /* lss Gv */
4123 case 0x1b4: /* lfs Gv */
4126 case 0x1b5: /* lgs Gv */
4129 ot = dflag ? OT_LONG : OT_WORD;
4130 modrm = ldub_code(s->pc++);
4131 reg = ((modrm >> 3) & 7) | rex_r;
4132 mod = (modrm >> 6) & 3;
4135 gen_lea_modrm(s, modrm, ®_addr, &offset_addr);
4136 gen_op_ld_T1_A0[ot + s->mem_index]();
4137 gen_add_A0_im(s, 1 << (ot - OT_WORD + 1));
4138 /* load the segment first to handle exceptions properly */
4139 gen_op_ldu_T0_A0[OT_WORD + s->mem_index]();
4140 gen_movl_seg_T0(s, op, pc_start - s->cs_base);
4141 /* then put the data */
4142 gen_op_mov_reg_T1[ot][reg]();
4144 gen_jmp_im(s->pc - s->cs_base);
4149 /************************/
4160 ot = dflag + OT_WORD;
4162 modrm = ldub_code(s->pc++);
4163 mod = (modrm >> 6) & 3;
4164 op = (modrm >> 3) & 7;
4170 gen_lea_modrm(s, modrm, ®_addr, &offset_addr);
4173 opreg = (modrm & 7) | REX_B(s);
4178 gen_shift(s, op, ot, opreg, OR_ECX);
4181 shift = ldub_code(s->pc++);
4183 gen_shifti(s, op, ot, opreg, shift);
4198 case 0x1a4: /* shld imm */
4202 case 0x1a5: /* shld cl */
4206 case 0x1ac: /* shrd imm */
4210 case 0x1ad: /* shrd cl */
4214 ot = dflag + OT_WORD;
4215 modrm = ldub_code(s->pc++);
4216 mod = (modrm >> 6) & 3;
4217 rm = (modrm & 7) | REX_B(s);
4218 reg = ((modrm >> 3) & 7) | rex_r;
4221 gen_lea_modrm(s, modrm, ®_addr, &offset_addr);
4222 gen_op_ld_T0_A0[ot + s->mem_index]();
4224 gen_op_mov_TN_reg[ot][0][rm]();
4226 gen_op_mov_TN_reg[ot][1][reg]();
4229 val = ldub_code(s->pc++);
4236 gen_op_shiftd_T0_T1_im_cc[ot][op](val);
4238 gen_op_shiftd_mem_T0_T1_im_cc[ot + s->mem_index][op](val);
4239 if (op == 0 && ot != OT_WORD)
4240 s->cc_op = CC_OP_SHLB + ot;
4242 s->cc_op = CC_OP_SARB + ot;
4245 if (s->cc_op != CC_OP_DYNAMIC)
4246 gen_op_set_cc_op(s->cc_op);
4248 gen_op_shiftd_T0_T1_ECX_cc[ot][op]();
4250 gen_op_shiftd_mem_T0_T1_ECX_cc[ot + s->mem_index][op]();
4251 s->cc_op = CC_OP_DYNAMIC; /* cannot predict flags after */
4254 gen_op_mov_reg_T0[ot][rm]();
4258 /************************/
4261 if (s->flags & (HF_EM_MASK | HF_TS_MASK)) {
4262 /* if CR0.EM or CR0.TS are set, generate an FPU exception */
4263 /* XXX: what to do if illegal op ? */
4264 gen_exception(s, EXCP07_PREX, pc_start - s->cs_base);
4267 modrm = ldub_code(s->pc++);
4268 mod = (modrm >> 6) & 3;
4270 op = ((b & 7) << 3) | ((modrm >> 3) & 7);
4273 gen_lea_modrm(s, modrm, ®_addr, &offset_addr);
4275 case 0x00 ... 0x07: /* fxxxs */
4276 case 0x10 ... 0x17: /* fixxxl */
4277 case 0x20 ... 0x27: /* fxxxl */
4278 case 0x30 ... 0x37: /* fixxx */
4285 gen_op_flds_FT0_A0();
4288 gen_op_fildl_FT0_A0();
4291 gen_op_fldl_FT0_A0();
4295 gen_op_fild_FT0_A0();
4299 gen_op_fp_arith_ST0_FT0[op1]();
4301 /* fcomp needs pop */
4306 case 0x08: /* flds */
4307 case 0x0a: /* fsts */
4308 case 0x0b: /* fstps */
4309 case 0x18 ... 0x1b: /* fildl, fisttpl, fistl, fistpl */
4310 case 0x28 ... 0x2b: /* fldl, fisttpll, fstl, fstpl */
4311 case 0x38 ... 0x3b: /* filds, fisttps, fists, fistps */
4316 gen_op_flds_ST0_A0();
4319 gen_op_fildl_ST0_A0();
4322 gen_op_fldl_ST0_A0();
4326 gen_op_fild_ST0_A0();
4333 gen_op_fisttl_ST0_A0();
4336 gen_op_fisttll_ST0_A0();
4340 gen_op_fistt_ST0_A0();
4347 gen_op_fsts_ST0_A0();
4350 gen_op_fistl_ST0_A0();
4353 gen_op_fstl_ST0_A0();
4357 gen_op_fist_ST0_A0();
4365 case 0x0c: /* fldenv mem */
4366 gen_op_fldenv_A0(s->dflag);
4368 case 0x0d: /* fldcw mem */
4371 case 0x0e: /* fnstenv mem */
4372 gen_op_fnstenv_A0(s->dflag);
4374 case 0x0f: /* fnstcw mem */
4377 case 0x1d: /* fldt mem */
4378 gen_op_fldt_ST0_A0();
4380 case 0x1f: /* fstpt mem */
4381 gen_op_fstt_ST0_A0();
4384 case 0x2c: /* frstor mem */
4385 gen_op_frstor_A0(s->dflag);
4387 case 0x2e: /* fnsave mem */
4388 gen_op_fnsave_A0(s->dflag);
4390 case 0x2f: /* fnstsw mem */
4393 case 0x3c: /* fbld */
4394 gen_op_fbld_ST0_A0();
4396 case 0x3e: /* fbstp */
4397 gen_op_fbst_ST0_A0();
4400 case 0x3d: /* fildll */
4401 gen_op_fildll_ST0_A0();
4403 case 0x3f: /* fistpll */
4404 gen_op_fistll_ST0_A0();
4411 /* register float ops */
4415 case 0x08: /* fld sti */
4417 gen_op_fmov_ST0_STN((opreg + 1) & 7);
4419 case 0x09: /* fxchg sti */
4420 case 0x29: /* fxchg4 sti, undocumented op */
4421 case 0x39: /* fxchg7 sti, undocumented op */
4422 gen_op_fxchg_ST0_STN(opreg);
4424 case 0x0a: /* grp d9/2 */
4427 /* check exceptions (FreeBSD FPU probe) */
4428 if (s->cc_op != CC_OP_DYNAMIC)
4429 gen_op_set_cc_op(s->cc_op);
4430 gen_jmp_im(pc_start - s->cs_base);
4437 case 0x0c: /* grp d9/4 */
4447 gen_op_fcom_ST0_FT0();
4456 case 0x0d: /* grp d9/5 */
4465 gen_op_fldl2t_ST0();
4469 gen_op_fldl2e_ST0();
4477 gen_op_fldlg2_ST0();
4481 gen_op_fldln2_ST0();
4492 case 0x0e: /* grp d9/6 */
4503 case 3: /* fpatan */
4506 case 4: /* fxtract */
4509 case 5: /* fprem1 */
4512 case 6: /* fdecstp */
4516 case 7: /* fincstp */
4521 case 0x0f: /* grp d9/7 */
4526 case 1: /* fyl2xp1 */
4532 case 3: /* fsincos */
4535 case 5: /* fscale */
4538 case 4: /* frndint */
4550 case 0x00: case 0x01: case 0x04 ... 0x07: /* fxxx st, sti */
4551 case 0x20: case 0x21: case 0x24 ... 0x27: /* fxxx sti, st */
4552 case 0x30: case 0x31: case 0x34 ... 0x37: /* fxxxp sti, st */
4558 gen_op_fp_arith_STN_ST0[op1](opreg);
4562 gen_op_fmov_FT0_STN(opreg);
4563 gen_op_fp_arith_ST0_FT0[op1]();
4567 case 0x02: /* fcom */
4568 case 0x22: /* fcom2, undocumented op */
4569 gen_op_fmov_FT0_STN(opreg);
4570 gen_op_fcom_ST0_FT0();
4572 case 0x03: /* fcomp */
4573 case 0x23: /* fcomp3, undocumented op */
4574 case 0x32: /* fcomp5, undocumented op */
4575 gen_op_fmov_FT0_STN(opreg);
4576 gen_op_fcom_ST0_FT0();
4579 case 0x15: /* da/5 */
4581 case 1: /* fucompp */
4582 gen_op_fmov_FT0_STN(1);
4583 gen_op_fucom_ST0_FT0();
4593 case 0: /* feni (287 only, just do nop here) */
4595 case 1: /* fdisi (287 only, just do nop here) */
4600 case 3: /* fninit */
4603 case 4: /* fsetpm (287 only, just do nop here) */
4609 case 0x1d: /* fucomi */
4610 if (s->cc_op != CC_OP_DYNAMIC)
4611 gen_op_set_cc_op(s->cc_op);
4612 gen_op_fmov_FT0_STN(opreg);
4613 gen_op_fucomi_ST0_FT0();
4614 s->cc_op = CC_OP_EFLAGS;
4616 case 0x1e: /* fcomi */
4617 if (s->cc_op != CC_OP_DYNAMIC)
4618 gen_op_set_cc_op(s->cc_op);
4619 gen_op_fmov_FT0_STN(opreg);
4620 gen_op_fcomi_ST0_FT0();
4621 s->cc_op = CC_OP_EFLAGS;
4623 case 0x28: /* ffree sti */
4624 gen_op_ffree_STN(opreg);
4626 case 0x2a: /* fst sti */
4627 gen_op_fmov_STN_ST0(opreg);
4629 case 0x2b: /* fstp sti */
4630 case 0x0b: /* fstp1 sti, undocumented op */
4631 case 0x3a: /* fstp8 sti, undocumented op */
4632 case 0x3b: /* fstp9 sti, undocumented op */
4633 gen_op_fmov_STN_ST0(opreg);
4636 case 0x2c: /* fucom st(i) */
4637 gen_op_fmov_FT0_STN(opreg);
4638 gen_op_fucom_ST0_FT0();
4640 case 0x2d: /* fucomp st(i) */
4641 gen_op_fmov_FT0_STN(opreg);
4642 gen_op_fucom_ST0_FT0();
4645 case 0x33: /* de/3 */
4647 case 1: /* fcompp */
4648 gen_op_fmov_FT0_STN(1);
4649 gen_op_fcom_ST0_FT0();
4657 case 0x38: /* ffreep sti, undocumented op */
4658 gen_op_ffree_STN(opreg);
4661 case 0x3c: /* df/4 */
4664 gen_op_fnstsw_EAX();
4670 case 0x3d: /* fucomip */
4671 if (s->cc_op != CC_OP_DYNAMIC)
4672 gen_op_set_cc_op(s->cc_op);
4673 gen_op_fmov_FT0_STN(opreg);
4674 gen_op_fucomi_ST0_FT0();
4676 s->cc_op = CC_OP_EFLAGS;
4678 case 0x3e: /* fcomip */
4679 if (s->cc_op != CC_OP_DYNAMIC)
4680 gen_op_set_cc_op(s->cc_op);
4681 gen_op_fmov_FT0_STN(opreg);
4682 gen_op_fcomi_ST0_FT0();
4684 s->cc_op = CC_OP_EFLAGS;
4686 case 0x10 ... 0x13: /* fcmovxx */
4690 const static uint8_t fcmov_cc[8] = {
4696 op1 = fcmov_cc[op & 3] | ((op >> 3) & 1);
4698 gen_op_fcmov_ST0_STN_T0(opreg);
4705 #ifdef USE_CODE_COPY
4706 s->tb->cflags |= CF_TB_FP_USED;
4709 /************************/
4712 case 0xa4: /* movsS */
4717 ot = dflag + OT_WORD;
4719 if (prefixes & (PREFIX_REPZ | PREFIX_REPNZ)) {
4720 gen_repz_movs(s, ot, pc_start - s->cs_base, s->pc - s->cs_base);
4726 case 0xaa: /* stosS */
4731 ot = dflag + OT_WORD;
4733 if (prefixes & (PREFIX_REPZ | PREFIX_REPNZ)) {
4734 gen_repz_stos(s, ot, pc_start - s->cs_base, s->pc - s->cs_base);
4739 case 0xac: /* lodsS */
4744 ot = dflag + OT_WORD;
4745 if (prefixes & (PREFIX_REPZ | PREFIX_REPNZ)) {
4746 gen_repz_lods(s, ot, pc_start - s->cs_base, s->pc - s->cs_base);
4751 case 0xae: /* scasS */
4756 ot = dflag + OT_WORD;
4757 if (prefixes & PREFIX_REPNZ) {
4758 gen_repz_scas(s, ot, pc_start - s->cs_base, s->pc - s->cs_base, 1);
4759 } else if (prefixes & PREFIX_REPZ) {
4760 gen_repz_scas(s, ot, pc_start - s->cs_base, s->pc - s->cs_base, 0);
4763 s->cc_op = CC_OP_SUBB + ot;
4767 case 0xa6: /* cmpsS */
4772 ot = dflag + OT_WORD;
4773 if (prefixes & PREFIX_REPNZ) {
4774 gen_repz_cmps(s, ot, pc_start - s->cs_base, s->pc - s->cs_base, 1);
4775 } else if (prefixes & PREFIX_REPZ) {
4776 gen_repz_cmps(s, ot, pc_start - s->cs_base, s->pc - s->cs_base, 0);
4779 s->cc_op = CC_OP_SUBB + ot;
4782 case 0x6c: /* insS */
4787 ot = dflag ? OT_LONG : OT_WORD;
4788 gen_check_io(s, ot, 1, pc_start - s->cs_base);
4789 if (prefixes & (PREFIX_REPZ | PREFIX_REPNZ)) {
4790 gen_repz_ins(s, ot, pc_start - s->cs_base, s->pc - s->cs_base);
4795 case 0x6e: /* outsS */
4800 ot = dflag ? OT_LONG : OT_WORD;
4801 gen_check_io(s, ot, 1, pc_start - s->cs_base);
4802 if (prefixes & (PREFIX_REPZ | PREFIX_REPNZ)) {
4803 gen_repz_outs(s, ot, pc_start - s->cs_base, s->pc - s->cs_base);
4809 /************************/
4816 ot = dflag ? OT_LONG : OT_WORD;
4817 val = ldub_code(s->pc++);
4818 gen_op_movl_T0_im(val);
4819 gen_check_io(s, ot, 0, pc_start - s->cs_base);
4821 gen_op_mov_reg_T1[ot][R_EAX]();
4828 ot = dflag ? OT_LONG : OT_WORD;
4829 val = ldub_code(s->pc++);
4830 gen_op_movl_T0_im(val);
4831 gen_check_io(s, ot, 0, pc_start - s->cs_base);
4832 gen_op_mov_TN_reg[ot][1][R_EAX]();
4840 ot = dflag ? OT_LONG : OT_WORD;
4841 gen_op_mov_TN_reg[OT_WORD][0][R_EDX]();
4842 gen_op_andl_T0_ffff();
4843 gen_check_io(s, ot, 0, pc_start - s->cs_base);
4845 gen_op_mov_reg_T1[ot][R_EAX]();
4852 ot = dflag ? OT_LONG : OT_WORD;
4853 gen_op_mov_TN_reg[OT_WORD][0][R_EDX]();
4854 gen_op_andl_T0_ffff();
4855 gen_check_io(s, ot, 0, pc_start - s->cs_base);
4856 gen_op_mov_TN_reg[ot][1][R_EAX]();
4860 /************************/
4862 case 0xc2: /* ret im */
4863 val = ldsw_code(s->pc);
4866 if (CODE64(s) && s->dflag)
4868 gen_stack_update(s, val + (2 << s->dflag));
4870 gen_op_andl_T0_ffff();
4874 case 0xc3: /* ret */
4878 gen_op_andl_T0_ffff();
4882 case 0xca: /* lret im */
4883 val = ldsw_code(s->pc);
4886 if (s->pe && !s->vm86) {
4887 if (s->cc_op != CC_OP_DYNAMIC)
4888 gen_op_set_cc_op(s->cc_op);
4889 gen_jmp_im(pc_start - s->cs_base);
4890 gen_op_lret_protected(s->dflag, val);
4894 gen_op_ld_T0_A0[1 + s->dflag + s->mem_index]();
4896 gen_op_andl_T0_ffff();
4897 /* NOTE: keeping EIP updated is not a problem in case of
4901 gen_op_addl_A0_im(2 << s->dflag);
4902 gen_op_ld_T0_A0[1 + s->dflag + s->mem_index]();
4903 gen_op_movl_seg_T0_vm(offsetof(CPUX86State,segs[R_CS]));
4904 /* add stack offset */
4905 gen_stack_update(s, val + (4 << s->dflag));
4909 case 0xcb: /* lret */
4912 case 0xcf: /* iret */
4915 gen_op_iret_real(s->dflag);
4916 s->cc_op = CC_OP_EFLAGS;
4917 } else if (s->vm86) {
4919 gen_exception(s, EXCP0D_GPF, pc_start - s->cs_base);
4921 gen_op_iret_real(s->dflag);
4922 s->cc_op = CC_OP_EFLAGS;
4925 if (s->cc_op != CC_OP_DYNAMIC)
4926 gen_op_set_cc_op(s->cc_op);
4927 gen_jmp_im(pc_start - s->cs_base);
4928 gen_op_iret_protected(s->dflag, s->pc - s->cs_base);
4929 s->cc_op = CC_OP_EFLAGS;
4933 case 0xe8: /* call im */
4936 tval = (int32_t)insn_get(s, OT_LONG);
4938 tval = (int16_t)insn_get(s, OT_WORD);
4939 next_eip = s->pc - s->cs_base;
4943 gen_movtl_T0_im(next_eip);
4948 case 0x9a: /* lcall im */
4950 unsigned int selector, offset;
4954 ot = dflag ? OT_LONG : OT_WORD;
4955 offset = insn_get(s, ot);
4956 selector = insn_get(s, OT_WORD);
4958 gen_op_movl_T0_im(selector);
4959 gen_op_movl_T1_imu(offset);
4962 case 0xe9: /* jmp im */
4964 tval = (int32_t)insn_get(s, OT_LONG);
4966 tval = (int16_t)insn_get(s, OT_WORD);
4967 tval += s->pc - s->cs_base;
4972 case 0xea: /* ljmp im */
4974 unsigned int selector, offset;
4978 ot = dflag ? OT_LONG : OT_WORD;
4979 offset = insn_get(s, ot);
4980 selector = insn_get(s, OT_WORD);
4982 gen_op_movl_T0_im(selector);
4983 gen_op_movl_T1_imu(offset);
4986 case 0xeb: /* jmp Jb */
4987 tval = (int8_t)insn_get(s, OT_BYTE);
4988 tval += s->pc - s->cs_base;
4993 case 0x70 ... 0x7f: /* jcc Jb */
4994 tval = (int8_t)insn_get(s, OT_BYTE);
4996 case 0x180 ... 0x18f: /* jcc Jv */
4998 tval = (int32_t)insn_get(s, OT_LONG);
5000 tval = (int16_t)insn_get(s, OT_WORD);
5003 next_eip = s->pc - s->cs_base;
5007 gen_jcc(s, b, tval, next_eip);
5010 case 0x190 ... 0x19f: /* setcc Gv */
5011 modrm = ldub_code(s->pc++);
5013 gen_ldst_modrm(s, modrm, OT_BYTE, OR_TMP0, 1);
5015 case 0x140 ... 0x14f: /* cmov Gv, Ev */
5016 ot = dflag + OT_WORD;
5017 modrm = ldub_code(s->pc++);
5018 reg = ((modrm >> 3) & 7) | rex_r;
5019 mod = (modrm >> 6) & 3;
5022 gen_lea_modrm(s, modrm, ®_addr, &offset_addr);
5023 gen_op_ld_T1_A0[ot + s->mem_index]();
5025 rm = (modrm & 7) | REX_B(s);
5026 gen_op_mov_TN_reg[ot][1][rm]();
5028 gen_op_cmov_reg_T1_T0[ot - OT_WORD][reg]();
5031 /************************/
5033 case 0x9c: /* pushf */
5034 if (s->vm86 && s->iopl != 3) {
5035 gen_exception(s, EXCP0D_GPF, pc_start - s->cs_base);
5037 if (s->cc_op != CC_OP_DYNAMIC)
5038 gen_op_set_cc_op(s->cc_op);
5039 gen_op_movl_T0_eflags();
5043 case 0x9d: /* popf */
5044 if (s->vm86 && s->iopl != 3) {
5045 gen_exception(s, EXCP0D_GPF, pc_start - s->cs_base);
5050 gen_op_movl_eflags_T0_cpl0();
5052 gen_op_movw_eflags_T0_cpl0();
5055 if (s->cpl <= s->iopl) {
5057 gen_op_movl_eflags_T0_io();
5059 gen_op_movw_eflags_T0_io();
5063 gen_op_movl_eflags_T0();
5065 gen_op_movw_eflags_T0();
5070 s->cc_op = CC_OP_EFLAGS;
5071 /* abort translation because TF flag may change */
5072 gen_jmp_im(s->pc - s->cs_base);
5076 case 0x9e: /* sahf */
5079 gen_op_mov_TN_reg[OT_BYTE][0][R_AH]();
5080 if (s->cc_op != CC_OP_DYNAMIC)
5081 gen_op_set_cc_op(s->cc_op);
5082 gen_op_movb_eflags_T0();
5083 s->cc_op = CC_OP_EFLAGS;
5085 case 0x9f: /* lahf */
5088 if (s->cc_op != CC_OP_DYNAMIC)
5089 gen_op_set_cc_op(s->cc_op);
5090 gen_op_movl_T0_eflags();
5091 gen_op_mov_reg_T0[OT_BYTE][R_AH]();
5093 case 0xf5: /* cmc */
5094 if (s->cc_op != CC_OP_DYNAMIC)
5095 gen_op_set_cc_op(s->cc_op);
5097 s->cc_op = CC_OP_EFLAGS;
5099 case 0xf8: /* clc */
5100 if (s->cc_op != CC_OP_DYNAMIC)
5101 gen_op_set_cc_op(s->cc_op);
5103 s->cc_op = CC_OP_EFLAGS;
5105 case 0xf9: /* stc */
5106 if (s->cc_op != CC_OP_DYNAMIC)
5107 gen_op_set_cc_op(s->cc_op);
5109 s->cc_op = CC_OP_EFLAGS;
5111 case 0xfc: /* cld */
5114 case 0xfd: /* std */
5118 /************************/
5119 /* bit operations */
5120 case 0x1ba: /* bt/bts/btr/btc Gv, im */
5121 ot = dflag + OT_WORD;
5122 modrm = ldub_code(s->pc++);
5123 op = (modrm >> 3) & 7;
5124 mod = (modrm >> 6) & 3;
5125 rm = (modrm & 7) | REX_B(s);
5128 gen_lea_modrm(s, modrm, ®_addr, &offset_addr);
5129 gen_op_ld_T0_A0[ot + s->mem_index]();
5131 gen_op_mov_TN_reg[ot][0][rm]();
5134 val = ldub_code(s->pc++);
5135 gen_op_movl_T1_im(val);
5139 gen_op_btx_T0_T1_cc[ot - OT_WORD][op]();
5140 s->cc_op = CC_OP_SARB + ot;
5143 gen_op_st_T0_A0[ot + s->mem_index]();
5145 gen_op_mov_reg_T0[ot][rm]();
5146 gen_op_update_bt_cc();
5149 case 0x1a3: /* bt Gv, Ev */
5152 case 0x1ab: /* bts */
5155 case 0x1b3: /* btr */
5158 case 0x1bb: /* btc */
5161 ot = dflag + OT_WORD;
5162 modrm = ldub_code(s->pc++);
5163 reg = ((modrm >> 3) & 7) | rex_r;
5164 mod = (modrm >> 6) & 3;
5165 rm = (modrm & 7) | REX_B(s);
5166 gen_op_mov_TN_reg[OT_LONG][1][reg]();
5168 gen_lea_modrm(s, modrm, ®_addr, &offset_addr);
5169 /* specific case: we need to add a displacement */
5170 gen_op_add_bit_A0_T1[ot - OT_WORD]();
5171 gen_op_ld_T0_A0[ot + s->mem_index]();
5173 gen_op_mov_TN_reg[ot][0][rm]();
5175 gen_op_btx_T0_T1_cc[ot - OT_WORD][op]();
5176 s->cc_op = CC_OP_SARB + ot;
5179 gen_op_st_T0_A0[ot + s->mem_index]();
5181 gen_op_mov_reg_T0[ot][rm]();
5182 gen_op_update_bt_cc();
5185 case 0x1bc: /* bsf */
5186 case 0x1bd: /* bsr */
5187 ot = dflag + OT_WORD;
5188 modrm = ldub_code(s->pc++);
5189 reg = ((modrm >> 3) & 7) | rex_r;
5190 gen_ldst_modrm(s, modrm, ot, OR_TMP0, 0);
5191 /* NOTE: in order to handle the 0 case, we must load the
5192 result. It could be optimized with a generated jump */
5193 gen_op_mov_TN_reg[ot][1][reg]();
5194 gen_op_bsx_T0_cc[ot - OT_WORD][b & 1]();
5195 gen_op_mov_reg_T1[ot][reg]();
5196 s->cc_op = CC_OP_LOGICB + ot;
5198 /************************/
5200 case 0x27: /* daa */
5203 if (s->cc_op != CC_OP_DYNAMIC)
5204 gen_op_set_cc_op(s->cc_op);
5206 s->cc_op = CC_OP_EFLAGS;
5208 case 0x2f: /* das */
5211 if (s->cc_op != CC_OP_DYNAMIC)
5212 gen_op_set_cc_op(s->cc_op);
5214 s->cc_op = CC_OP_EFLAGS;
5216 case 0x37: /* aaa */
5219 if (s->cc_op != CC_OP_DYNAMIC)
5220 gen_op_set_cc_op(s->cc_op);
5222 s->cc_op = CC_OP_EFLAGS;
5224 case 0x3f: /* aas */
5227 if (s->cc_op != CC_OP_DYNAMIC)
5228 gen_op_set_cc_op(s->cc_op);
5230 s->cc_op = CC_OP_EFLAGS;
5232 case 0xd4: /* aam */
5235 val = ldub_code(s->pc++);
5237 s->cc_op = CC_OP_LOGICB;
5239 case 0xd5: /* aad */
5242 val = ldub_code(s->pc++);
5244 s->cc_op = CC_OP_LOGICB;
5246 /************************/
5248 case 0x90: /* nop */
5249 /* XXX: xchg + rex handling */
5250 /* XXX: correct lock test for all insn */
5251 if (prefixes & PREFIX_LOCK)
5254 case 0x9b: /* fwait */
5255 if ((s->flags & (HF_MP_MASK | HF_TS_MASK)) ==
5256 (HF_MP_MASK | HF_TS_MASK)) {
5257 gen_exception(s, EXCP07_PREX, pc_start - s->cs_base);
5259 if (s->cc_op != CC_OP_DYNAMIC)
5260 gen_op_set_cc_op(s->cc_op);
5261 gen_jmp_im(pc_start - s->cs_base);
5265 case 0xcc: /* int3 */
5266 gen_interrupt(s, EXCP03_INT3, pc_start - s->cs_base, s->pc - s->cs_base);
5268 case 0xcd: /* int N */
5269 val = ldub_code(s->pc++);
5270 if (s->vm86 && s->iopl != 3) {
5271 gen_exception(s, EXCP0D_GPF, pc_start - s->cs_base);
5273 gen_interrupt(s, val, pc_start - s->cs_base, s->pc - s->cs_base);
5276 case 0xce: /* into */
5279 if (s->cc_op != CC_OP_DYNAMIC)
5280 gen_op_set_cc_op(s->cc_op);
5281 gen_jmp_im(pc_start - s->cs_base);
5282 gen_op_into(s->pc - pc_start);
5284 case 0xf1: /* icebp (undocumented, exits to external debugger) */
5286 gen_debug(s, pc_start - s->cs_base);
5289 tb_flush(cpu_single_env);
5290 cpu_set_log(CPU_LOG_INT | CPU_LOG_TB_IN_ASM);
5293 case 0xfa: /* cli */
5295 if (s->cpl <= s->iopl) {
5298 gen_exception(s, EXCP0D_GPF, pc_start - s->cs_base);
5304 gen_exception(s, EXCP0D_GPF, pc_start - s->cs_base);
5308 case 0xfb: /* sti */
5310 if (s->cpl <= s->iopl) {
5313 /* interruptions are enabled only the first insn after sti */
5314 /* If several instructions disable interrupts, only the
5316 if (!(s->tb->flags & HF_INHIBIT_IRQ_MASK))
5317 gen_op_set_inhibit_irq();
5318 /* give a chance to handle pending irqs */
5319 gen_jmp_im(s->pc - s->cs_base);
5322 gen_exception(s, EXCP0D_GPF, pc_start - s->cs_base);
5328 gen_exception(s, EXCP0D_GPF, pc_start - s->cs_base);
5332 case 0x62: /* bound */
5335 ot = dflag ? OT_LONG : OT_WORD;
5336 modrm = ldub_code(s->pc++);
5337 reg = (modrm >> 3) & 7;
5338 mod = (modrm >> 6) & 3;
5341 gen_op_mov_TN_reg[ot][0][reg]();
5342 gen_lea_modrm(s, modrm, ®_addr, &offset_addr);
5343 gen_jmp_im(pc_start - s->cs_base);
5349 case 0x1c8 ... 0x1cf: /* bswap reg */
5350 reg = (b & 7) | REX_B(s);
5351 #ifdef TARGET_X86_64
5353 gen_op_mov_TN_reg[OT_QUAD][0][reg]();
5355 gen_op_mov_reg_T0[OT_QUAD][reg]();
5359 gen_op_mov_TN_reg[OT_LONG][0][reg]();
5361 gen_op_mov_reg_T0[OT_LONG][reg]();
5364 case 0xd6: /* salc */
5367 if (s->cc_op != CC_OP_DYNAMIC)
5368 gen_op_set_cc_op(s->cc_op);
5371 case 0xe0: /* loopnz */
5372 case 0xe1: /* loopz */
5373 if (s->cc_op != CC_OP_DYNAMIC)
5374 gen_op_set_cc_op(s->cc_op);
5376 case 0xe2: /* loop */
5377 case 0xe3: /* jecxz */
5381 tval = (int8_t)insn_get(s, OT_BYTE);
5382 next_eip = s->pc - s->cs_base;
5387 l1 = gen_new_label();
5388 l2 = gen_new_label();
5391 gen_op_jz_ecx[s->aflag](l1);
5393 gen_op_dec_ECX[s->aflag]();
5396 gen_op_loop[s->aflag][b](l1);
5399 gen_jmp_im(next_eip);
5400 gen_op_jmp_label(l2);
5407 case 0x130: /* wrmsr */
5408 case 0x132: /* rdmsr */
5410 gen_exception(s, EXCP0D_GPF, pc_start - s->cs_base);
5418 case 0x131: /* rdtsc */
5419 gen_jmp_im(pc_start - s->cs_base);
5422 case 0x134: /* sysenter */
5426 gen_exception(s, EXCP0D_GPF, pc_start - s->cs_base);
5428 if (s->cc_op != CC_OP_DYNAMIC) {
5429 gen_op_set_cc_op(s->cc_op);
5430 s->cc_op = CC_OP_DYNAMIC;
5432 gen_jmp_im(pc_start - s->cs_base);
5437 case 0x135: /* sysexit */
5441 gen_exception(s, EXCP0D_GPF, pc_start - s->cs_base);
5443 if (s->cc_op != CC_OP_DYNAMIC) {
5444 gen_op_set_cc_op(s->cc_op);
5445 s->cc_op = CC_OP_DYNAMIC;
5447 gen_jmp_im(pc_start - s->cs_base);
5452 #ifdef TARGET_X86_64
5453 case 0x105: /* syscall */
5454 /* XXX: is it usable in real mode ? */
5455 if (s->cc_op != CC_OP_DYNAMIC) {
5456 gen_op_set_cc_op(s->cc_op);
5457 s->cc_op = CC_OP_DYNAMIC;
5459 gen_jmp_im(pc_start - s->cs_base);
5460 gen_op_syscall(s->pc - pc_start);
5463 case 0x107: /* sysret */
5465 gen_exception(s, EXCP0D_GPF, pc_start - s->cs_base);
5467 if (s->cc_op != CC_OP_DYNAMIC) {
5468 gen_op_set_cc_op(s->cc_op);
5469 s->cc_op = CC_OP_DYNAMIC;
5471 gen_jmp_im(pc_start - s->cs_base);
5472 gen_op_sysret(s->dflag);
5473 /* condition codes are modified only in long mode */
5475 s->cc_op = CC_OP_EFLAGS;
5480 case 0x1a2: /* cpuid */
5483 case 0xf4: /* hlt */
5485 gen_exception(s, EXCP0D_GPF, pc_start - s->cs_base);
5487 if (s->cc_op != CC_OP_DYNAMIC)
5488 gen_op_set_cc_op(s->cc_op);
5489 gen_jmp_im(s->pc - s->cs_base);
5495 modrm = ldub_code(s->pc++);
5496 mod = (modrm >> 6) & 3;
5497 op = (modrm >> 3) & 7;
5500 if (!s->pe || s->vm86)
5502 gen_op_movl_T0_env(offsetof(CPUX86State,ldt.selector));
5506 gen_ldst_modrm(s, modrm, ot, OR_TMP0, 1);
5509 if (!s->pe || s->vm86)
5512 gen_exception(s, EXCP0D_GPF, pc_start - s->cs_base);
5514 gen_ldst_modrm(s, modrm, OT_WORD, OR_TMP0, 0);
5515 gen_jmp_im(pc_start - s->cs_base);
5520 if (!s->pe || s->vm86)
5522 gen_op_movl_T0_env(offsetof(CPUX86State,tr.selector));
5526 gen_ldst_modrm(s, modrm, ot, OR_TMP0, 1);
5529 if (!s->pe || s->vm86)
5532 gen_exception(s, EXCP0D_GPF, pc_start - s->cs_base);
5534 gen_ldst_modrm(s, modrm, OT_WORD, OR_TMP0, 0);
5535 gen_jmp_im(pc_start - s->cs_base);
5541 if (!s->pe || s->vm86)
5543 gen_ldst_modrm(s, modrm, OT_WORD, OR_TMP0, 0);
5544 if (s->cc_op != CC_OP_DYNAMIC)
5545 gen_op_set_cc_op(s->cc_op);
5550 s->cc_op = CC_OP_EFLAGS;
5557 modrm = ldub_code(s->pc++);
5558 mod = (modrm >> 6) & 3;
5559 op = (modrm >> 3) & 7;
5565 gen_lea_modrm(s, modrm, ®_addr, &offset_addr);
5567 gen_op_movl_T0_env(offsetof(CPUX86State,gdt.limit));
5569 gen_op_movl_T0_env(offsetof(CPUX86State,idt.limit));
5570 gen_op_st_T0_A0[OT_WORD + s->mem_index]();
5571 gen_add_A0_im(s, 2);
5573 gen_op_movtl_T0_env(offsetof(CPUX86State,gdt.base));
5575 gen_op_movtl_T0_env(offsetof(CPUX86State,idt.base));
5577 gen_op_andl_T0_im(0xffffff);
5578 gen_op_st_T0_A0[CODE64(s) + OT_LONG + s->mem_index]();
5585 gen_exception(s, EXCP0D_GPF, pc_start - s->cs_base);
5587 gen_lea_modrm(s, modrm, ®_addr, &offset_addr);
5588 gen_op_ld_T1_A0[OT_WORD + s->mem_index]();
5589 gen_add_A0_im(s, 2);
5590 gen_op_ld_T0_A0[CODE64(s) + OT_LONG + s->mem_index]();
5592 gen_op_andl_T0_im(0xffffff);
5594 gen_op_movtl_env_T0(offsetof(CPUX86State,gdt.base));
5595 gen_op_movl_env_T1(offsetof(CPUX86State,gdt.limit));
5597 gen_op_movtl_env_T0(offsetof(CPUX86State,idt.base));
5598 gen_op_movl_env_T1(offsetof(CPUX86State,idt.limit));
5603 gen_op_movl_T0_env(offsetof(CPUX86State,cr[0]));
5604 gen_ldst_modrm(s, modrm, OT_WORD, OR_TMP0, 1);
5608 gen_exception(s, EXCP0D_GPF, pc_start - s->cs_base);
5610 gen_ldst_modrm(s, modrm, OT_WORD, OR_TMP0, 0);
5612 gen_jmp_im(s->pc - s->cs_base);
5616 case 7: /* invlpg */
5618 gen_exception(s, EXCP0D_GPF, pc_start - s->cs_base);
5621 #ifdef TARGET_X86_64
5622 if (CODE64(s) && (modrm & 7) == 0) {
5624 gen_op_movtl_T0_env(offsetof(CPUX86State,segs[R_GS].base));
5625 gen_op_movtl_T1_env(offsetof(CPUX86State,kernelgsbase));
5626 gen_op_movtl_env_T1(offsetof(CPUX86State,segs[R_GS].base));
5627 gen_op_movtl_env_T0(offsetof(CPUX86State,kernelgsbase));
5634 gen_lea_modrm(s, modrm, ®_addr, &offset_addr);
5636 gen_jmp_im(s->pc - s->cs_base);
5645 case 0x108: /* invd */
5646 case 0x109: /* wbinvd */
5648 gen_exception(s, EXCP0D_GPF, pc_start - s->cs_base);
5653 case 0x63: /* arpl or movslS (x86_64) */
5654 #ifdef TARGET_X86_64
5657 /* d_ot is the size of destination */
5658 d_ot = dflag + OT_WORD;
5660 modrm = ldub_code(s->pc++);
5661 reg = ((modrm >> 3) & 7) | rex_r;
5662 mod = (modrm >> 6) & 3;
5663 rm = (modrm & 7) | REX_B(s);
5666 gen_op_mov_TN_reg[OT_LONG][0][rm]();
5668 if (d_ot == OT_QUAD)
5669 gen_op_movslq_T0_T0();
5670 gen_op_mov_reg_T0[d_ot][reg]();
5672 gen_lea_modrm(s, modrm, ®_addr, &offset_addr);
5673 if (d_ot == OT_QUAD) {
5674 gen_op_lds_T0_A0[OT_LONG + s->mem_index]();
5676 gen_op_ld_T0_A0[OT_LONG + s->mem_index]();
5678 gen_op_mov_reg_T0[d_ot][reg]();
5683 if (!s->pe || s->vm86)
5685 ot = dflag ? OT_LONG : OT_WORD;
5686 modrm = ldub_code(s->pc++);
5687 reg = (modrm >> 3) & 7;
5688 mod = (modrm >> 6) & 3;
5691 gen_lea_modrm(s, modrm, ®_addr, &offset_addr);
5692 gen_op_ld_T0_A0[ot + s->mem_index]();
5694 gen_op_mov_TN_reg[ot][0][rm]();
5696 if (s->cc_op != CC_OP_DYNAMIC)
5697 gen_op_set_cc_op(s->cc_op);
5699 s->cc_op = CC_OP_EFLAGS;
5701 gen_op_st_T0_A0[ot + s->mem_index]();
5703 gen_op_mov_reg_T0[ot][rm]();
5705 gen_op_arpl_update();
5708 case 0x102: /* lar */
5709 case 0x103: /* lsl */
5710 if (!s->pe || s->vm86)
5712 ot = dflag ? OT_LONG : OT_WORD;
5713 modrm = ldub_code(s->pc++);
5714 reg = ((modrm >> 3) & 7) | rex_r;
5715 gen_ldst_modrm(s, modrm, ot, OR_TMP0, 0);
5716 gen_op_mov_TN_reg[ot][1][reg]();
5717 if (s->cc_op != CC_OP_DYNAMIC)
5718 gen_op_set_cc_op(s->cc_op);
5723 s->cc_op = CC_OP_EFLAGS;
5724 gen_op_mov_reg_T1[ot][reg]();
5727 modrm = ldub_code(s->pc++);
5728 mod = (modrm >> 6) & 3;
5729 op = (modrm >> 3) & 7;
5731 case 0: /* prefetchnta */
5732 case 1: /* prefetchnt0 */
5733 case 2: /* prefetchnt0 */
5734 case 3: /* prefetchnt0 */
5737 gen_lea_modrm(s, modrm, ®_addr, &offset_addr);
5738 /* nothing more to do */
5744 case 0x120: /* mov reg, crN */
5745 case 0x122: /* mov crN, reg */
5747 gen_exception(s, EXCP0D_GPF, pc_start - s->cs_base);
5749 modrm = ldub_code(s->pc++);
5750 if ((modrm & 0xc0) != 0xc0)
5752 rm = (modrm & 7) | REX_B(s);
5753 reg = ((modrm >> 3) & 7) | rex_r;
5765 gen_op_mov_TN_reg[ot][0][rm]();
5766 gen_op_movl_crN_T0(reg);
5767 gen_jmp_im(s->pc - s->cs_base);
5770 #if !defined(CONFIG_USER_ONLY)
5772 gen_op_movtl_T0_cr8();
5775 gen_op_movtl_T0_env(offsetof(CPUX86State,cr[reg]));
5776 gen_op_mov_reg_T0[ot][rm]();
5784 case 0x121: /* mov reg, drN */
5785 case 0x123: /* mov drN, reg */
5787 gen_exception(s, EXCP0D_GPF, pc_start - s->cs_base);
5789 modrm = ldub_code(s->pc++);
5790 if ((modrm & 0xc0) != 0xc0)
5792 rm = (modrm & 7) | REX_B(s);
5793 reg = ((modrm >> 3) & 7) | rex_r;
5798 /* XXX: do it dynamically with CR4.DE bit */
5799 if (reg == 4 || reg == 5 || reg >= 8)
5802 gen_op_mov_TN_reg[ot][0][rm]();
5803 gen_op_movl_drN_T0(reg);
5804 gen_jmp_im(s->pc - s->cs_base);
5807 gen_op_movtl_T0_env(offsetof(CPUX86State,dr[reg]));
5808 gen_op_mov_reg_T0[ot][rm]();
5812 case 0x106: /* clts */
5814 gen_exception(s, EXCP0D_GPF, pc_start - s->cs_base);
5817 /* abort block because static cpu state changed */
5818 gen_jmp_im(s->pc - s->cs_base);
5822 /* MMX/SSE/SSE2/PNI support */
5823 case 0x1c3: /* MOVNTI reg, mem */
5824 if (!(s->cpuid_features & CPUID_SSE2))
5826 ot = s->dflag == 2 ? OT_QUAD : OT_LONG;
5827 modrm = ldub_code(s->pc++);
5828 mod = (modrm >> 6) & 3;
5831 reg = ((modrm >> 3) & 7) | rex_r;
5832 /* generate a generic store */
5833 gen_ldst_modrm(s, modrm, ot, reg, 1);
5836 modrm = ldub_code(s->pc++);
5837 mod = (modrm >> 6) & 3;
5838 op = (modrm >> 3) & 7;
5840 case 0: /* fxsave */
5841 if (mod == 3 || !(s->cpuid_features & CPUID_FXSR) ||
5842 (s->flags & HF_EM_MASK))
5844 if (s->flags & HF_TS_MASK) {
5845 gen_exception(s, EXCP07_PREX, pc_start - s->cs_base);
5848 gen_lea_modrm(s, modrm, ®_addr, &offset_addr);
5849 gen_op_fxsave_A0((s->dflag == 2));
5851 case 1: /* fxrstor */
5852 if (mod == 3 || !(s->cpuid_features & CPUID_FXSR) ||
5853 (s->flags & HF_EM_MASK))
5855 if (s->flags & HF_TS_MASK) {
5856 gen_exception(s, EXCP07_PREX, pc_start - s->cs_base);
5859 gen_lea_modrm(s, modrm, ®_addr, &offset_addr);
5860 gen_op_fxrstor_A0((s->dflag == 2));
5862 case 2: /* ldmxcsr */
5863 case 3: /* stmxcsr */
5864 if (s->flags & HF_TS_MASK) {
5865 gen_exception(s, EXCP07_PREX, pc_start - s->cs_base);
5868 if ((s->flags & HF_EM_MASK) || !(s->flags & HF_OSFXSR_MASK) ||
5871 gen_lea_modrm(s, modrm, ®_addr, &offset_addr);
5873 gen_op_ld_T0_A0[OT_LONG + s->mem_index]();
5874 gen_op_movl_env_T0(offsetof(CPUX86State, mxcsr));
5876 gen_op_movl_T0_env(offsetof(CPUX86State, mxcsr));
5877 gen_op_st_T0_A0[OT_LONG + s->mem_index]();
5880 case 5: /* lfence */
5881 case 6: /* mfence */
5882 if ((modrm & 0xc7) != 0xc0 || !(s->cpuid_features & CPUID_SSE))
5885 case 7: /* sfence / clflush */
5886 if ((modrm & 0xc7) == 0xc0) {
5888 if (!(s->cpuid_features & CPUID_SSE))
5892 if (!(s->cpuid_features & CPUID_CLFLUSH))
5894 gen_lea_modrm(s, modrm, ®_addr, &offset_addr);
5901 case 0x10d: /* prefetch */
5902 modrm = ldub_code(s->pc++);
5903 gen_lea_modrm(s, modrm, ®_addr, &offset_addr);
5904 /* ignore for now */
5906 case 0x110 ... 0x117:
5907 case 0x128 ... 0x12f:
5908 case 0x150 ... 0x177:
5909 case 0x17c ... 0x17f:
5911 case 0x1c4 ... 0x1c6:
5912 case 0x1d0 ... 0x1fe:
5913 gen_sse(s, b, pc_start, rex_r);
5918 /* lock generation */
5919 if (s->prefix & PREFIX_LOCK)
5923 if (s->prefix & PREFIX_LOCK)
5925 /* XXX: ensure that no lock was generated */
5926 gen_exception(s, EXCP06_ILLOP, pc_start - s->cs_base);
5930 #define CC_OSZAPC (CC_O | CC_S | CC_Z | CC_A | CC_P | CC_C)
5931 #define CC_OSZAP (CC_O | CC_S | CC_Z | CC_A | CC_P)
5933 /* flags read by an operation */
5934 static uint16_t opc_read_flags[NB_OPS] = {
5935 [INDEX_op_aas] = CC_A,
5936 [INDEX_op_aaa] = CC_A,
5937 [INDEX_op_das] = CC_A | CC_C,
5938 [INDEX_op_daa] = CC_A | CC_C,
5940 /* subtle: due to the incl/decl implementation, C is used */
5941 [INDEX_op_update_inc_cc] = CC_C,
5943 [INDEX_op_into] = CC_O,
5945 [INDEX_op_jb_subb] = CC_C,
5946 [INDEX_op_jb_subw] = CC_C,
5947 [INDEX_op_jb_subl] = CC_C,
5949 [INDEX_op_jz_subb] = CC_Z,
5950 [INDEX_op_jz_subw] = CC_Z,
5951 [INDEX_op_jz_subl] = CC_Z,
5953 [INDEX_op_jbe_subb] = CC_Z | CC_C,
5954 [INDEX_op_jbe_subw] = CC_Z | CC_C,
5955 [INDEX_op_jbe_subl] = CC_Z | CC_C,
5957 [INDEX_op_js_subb] = CC_S,
5958 [INDEX_op_js_subw] = CC_S,
5959 [INDEX_op_js_subl] = CC_S,
5961 [INDEX_op_jl_subb] = CC_O | CC_S,
5962 [INDEX_op_jl_subw] = CC_O | CC_S,
5963 [INDEX_op_jl_subl] = CC_O | CC_S,
5965 [INDEX_op_jle_subb] = CC_O | CC_S | CC_Z,
5966 [INDEX_op_jle_subw] = CC_O | CC_S | CC_Z,
5967 [INDEX_op_jle_subl] = CC_O | CC_S | CC_Z,
5969 [INDEX_op_loopnzw] = CC_Z,
5970 [INDEX_op_loopnzl] = CC_Z,
5971 [INDEX_op_loopzw] = CC_Z,
5972 [INDEX_op_loopzl] = CC_Z,
5974 [INDEX_op_seto_T0_cc] = CC_O,
5975 [INDEX_op_setb_T0_cc] = CC_C,
5976 [INDEX_op_setz_T0_cc] = CC_Z,
5977 [INDEX_op_setbe_T0_cc] = CC_Z | CC_C,
5978 [INDEX_op_sets_T0_cc] = CC_S,
5979 [INDEX_op_setp_T0_cc] = CC_P,
5980 [INDEX_op_setl_T0_cc] = CC_O | CC_S,
5981 [INDEX_op_setle_T0_cc] = CC_O | CC_S | CC_Z,
5983 [INDEX_op_setb_T0_subb] = CC_C,
5984 [INDEX_op_setb_T0_subw] = CC_C,
5985 [INDEX_op_setb_T0_subl] = CC_C,
5987 [INDEX_op_setz_T0_subb] = CC_Z,
5988 [INDEX_op_setz_T0_subw] = CC_Z,
5989 [INDEX_op_setz_T0_subl] = CC_Z,
5991 [INDEX_op_setbe_T0_subb] = CC_Z | CC_C,
5992 [INDEX_op_setbe_T0_subw] = CC_Z | CC_C,
5993 [INDEX_op_setbe_T0_subl] = CC_Z | CC_C,
5995 [INDEX_op_sets_T0_subb] = CC_S,
5996 [INDEX_op_sets_T0_subw] = CC_S,
5997 [INDEX_op_sets_T0_subl] = CC_S,
5999 [INDEX_op_setl_T0_subb] = CC_O | CC_S,
6000 [INDEX_op_setl_T0_subw] = CC_O | CC_S,
6001 [INDEX_op_setl_T0_subl] = CC_O | CC_S,
6003 [INDEX_op_setle_T0_subb] = CC_O | CC_S | CC_Z,
6004 [INDEX_op_setle_T0_subw] = CC_O | CC_S | CC_Z,
6005 [INDEX_op_setle_T0_subl] = CC_O | CC_S | CC_Z,
6007 [INDEX_op_movl_T0_eflags] = CC_OSZAPC,
6008 [INDEX_op_cmc] = CC_C,
6009 [INDEX_op_salc] = CC_C,
6011 /* needed for correct flag optimisation before string ops */
6012 [INDEX_op_jnz_ecxw] = CC_OSZAPC,
6013 [INDEX_op_jnz_ecxl] = CC_OSZAPC,
6014 [INDEX_op_jz_ecxw] = CC_OSZAPC,
6015 [INDEX_op_jz_ecxl] = CC_OSZAPC,
6017 #ifdef TARGET_X86_64
6018 [INDEX_op_jb_subq] = CC_C,
6019 [INDEX_op_jz_subq] = CC_Z,
6020 [INDEX_op_jbe_subq] = CC_Z | CC_C,
6021 [INDEX_op_js_subq] = CC_S,
6022 [INDEX_op_jl_subq] = CC_O | CC_S,
6023 [INDEX_op_jle_subq] = CC_O | CC_S | CC_Z,
6025 [INDEX_op_loopnzq] = CC_Z,
6026 [INDEX_op_loopzq] = CC_Z,
6028 [INDEX_op_setb_T0_subq] = CC_C,
6029 [INDEX_op_setz_T0_subq] = CC_Z,
6030 [INDEX_op_setbe_T0_subq] = CC_Z | CC_C,
6031 [INDEX_op_sets_T0_subq] = CC_S,
6032 [INDEX_op_setl_T0_subq] = CC_O | CC_S,
6033 [INDEX_op_setle_T0_subq] = CC_O | CC_S | CC_Z,
6035 [INDEX_op_jnz_ecxq] = CC_OSZAPC,
6036 [INDEX_op_jz_ecxq] = CC_OSZAPC,
6039 #define DEF_READF(SUFFIX)\
6040 [INDEX_op_adcb ## SUFFIX ## _T0_T1_cc] = CC_C,\
6041 [INDEX_op_adcw ## SUFFIX ## _T0_T1_cc] = CC_C,\
6042 [INDEX_op_adcl ## SUFFIX ## _T0_T1_cc] = CC_C,\
6043 X86_64_DEF([INDEX_op_adcq ## SUFFIX ## _T0_T1_cc] = CC_C,)\
6044 [INDEX_op_sbbb ## SUFFIX ## _T0_T1_cc] = CC_C,\
6045 [INDEX_op_sbbw ## SUFFIX ## _T0_T1_cc] = CC_C,\
6046 [INDEX_op_sbbl ## SUFFIX ## _T0_T1_cc] = CC_C,\
6047 X86_64_DEF([INDEX_op_sbbq ## SUFFIX ## _T0_T1_cc] = CC_C,)\
6049 [INDEX_op_rclb ## SUFFIX ## _T0_T1_cc] = CC_C,\
6050 [INDEX_op_rclw ## SUFFIX ## _T0_T1_cc] = CC_C,\
6051 [INDEX_op_rcll ## SUFFIX ## _T0_T1_cc] = CC_C,\
6052 X86_64_DEF([INDEX_op_rclq ## SUFFIX ## _T0_T1_cc] = CC_C,)\
6053 [INDEX_op_rcrb ## SUFFIX ## _T0_T1_cc] = CC_C,\
6054 [INDEX_op_rcrw ## SUFFIX ## _T0_T1_cc] = CC_C,\
6055 [INDEX_op_rcrl ## SUFFIX ## _T0_T1_cc] = CC_C,\
6056 X86_64_DEF([INDEX_op_rcrq ## SUFFIX ## _T0_T1_cc] = CC_C,)
6060 #ifndef CONFIG_USER_ONLY
6066 /* flags written by an operation */
6067 static uint16_t opc_write_flags[NB_OPS] = {
6068 [INDEX_op_update2_cc] = CC_OSZAPC,
6069 [INDEX_op_update1_cc] = CC_OSZAPC,
6070 [INDEX_op_cmpl_T0_T1_cc] = CC_OSZAPC,
6071 [INDEX_op_update_neg_cc] = CC_OSZAPC,
6072 /* subtle: due to the incl/decl implementation, C is used */
6073 [INDEX_op_update_inc_cc] = CC_OSZAPC,
6074 [INDEX_op_testl_T0_T1_cc] = CC_OSZAPC,
6076 [INDEX_op_mulb_AL_T0] = CC_OSZAPC,
6077 [INDEX_op_mulw_AX_T0] = CC_OSZAPC,
6078 [INDEX_op_mull_EAX_T0] = CC_OSZAPC,
6079 X86_64_DEF([INDEX_op_mulq_EAX_T0] = CC_OSZAPC,)
6080 [INDEX_op_imulb_AL_T0] = CC_OSZAPC,
6081 [INDEX_op_imulw_AX_T0] = CC_OSZAPC,
6082 [INDEX_op_imull_EAX_T0] = CC_OSZAPC,
6083 X86_64_DEF([INDEX_op_imulq_EAX_T0] = CC_OSZAPC,)
6084 [INDEX_op_imulw_T0_T1] = CC_OSZAPC,
6085 [INDEX_op_imull_T0_T1] = CC_OSZAPC,
6086 X86_64_DEF([INDEX_op_imulq_T0_T1] = CC_OSZAPC,)
6089 [INDEX_op_ucomiss] = CC_OSZAPC,
6090 [INDEX_op_ucomisd] = CC_OSZAPC,
6091 [INDEX_op_comiss] = CC_OSZAPC,
6092 [INDEX_op_comisd] = CC_OSZAPC,
6095 [INDEX_op_aam] = CC_OSZAPC,
6096 [INDEX_op_aad] = CC_OSZAPC,
6097 [INDEX_op_aas] = CC_OSZAPC,
6098 [INDEX_op_aaa] = CC_OSZAPC,
6099 [INDEX_op_das] = CC_OSZAPC,
6100 [INDEX_op_daa] = CC_OSZAPC,
6102 [INDEX_op_movb_eflags_T0] = CC_S | CC_Z | CC_A | CC_P | CC_C,
6103 [INDEX_op_movw_eflags_T0] = CC_OSZAPC,
6104 [INDEX_op_movl_eflags_T0] = CC_OSZAPC,
6105 [INDEX_op_movw_eflags_T0_io] = CC_OSZAPC,
6106 [INDEX_op_movl_eflags_T0_io] = CC_OSZAPC,
6107 [INDEX_op_movw_eflags_T0_cpl0] = CC_OSZAPC,
6108 [INDEX_op_movl_eflags_T0_cpl0] = CC_OSZAPC,
6109 [INDEX_op_clc] = CC_C,
6110 [INDEX_op_stc] = CC_C,
6111 [INDEX_op_cmc] = CC_C,
6113 [INDEX_op_btw_T0_T1_cc] = CC_OSZAPC,
6114 [INDEX_op_btl_T0_T1_cc] = CC_OSZAPC,
6115 X86_64_DEF([INDEX_op_btq_T0_T1_cc] = CC_OSZAPC,)
6116 [INDEX_op_btsw_T0_T1_cc] = CC_OSZAPC,
6117 [INDEX_op_btsl_T0_T1_cc] = CC_OSZAPC,
6118 X86_64_DEF([INDEX_op_btsq_T0_T1_cc] = CC_OSZAPC,)
6119 [INDEX_op_btrw_T0_T1_cc] = CC_OSZAPC,
6120 [INDEX_op_btrl_T0_T1_cc] = CC_OSZAPC,
6121 X86_64_DEF([INDEX_op_btrq_T0_T1_cc] = CC_OSZAPC,)
6122 [INDEX_op_btcw_T0_T1_cc] = CC_OSZAPC,
6123 [INDEX_op_btcl_T0_T1_cc] = CC_OSZAPC,
6124 X86_64_DEF([INDEX_op_btcq_T0_T1_cc] = CC_OSZAPC,)
6126 [INDEX_op_bsfw_T0_cc] = CC_OSZAPC,
6127 [INDEX_op_bsfl_T0_cc] = CC_OSZAPC,
6128 X86_64_DEF([INDEX_op_bsfq_T0_cc] = CC_OSZAPC,)
6129 [INDEX_op_bsrw_T0_cc] = CC_OSZAPC,
6130 [INDEX_op_bsrl_T0_cc] = CC_OSZAPC,
6131 X86_64_DEF([INDEX_op_bsrq_T0_cc] = CC_OSZAPC,)
6133 [INDEX_op_cmpxchgb_T0_T1_EAX_cc] = CC_OSZAPC,
6134 [INDEX_op_cmpxchgw_T0_T1_EAX_cc] = CC_OSZAPC,
6135 [INDEX_op_cmpxchgl_T0_T1_EAX_cc] = CC_OSZAPC,
6136 X86_64_DEF([INDEX_op_cmpxchgq_T0_T1_EAX_cc] = CC_OSZAPC,)
6138 [INDEX_op_cmpxchg8b] = CC_Z,
6139 [INDEX_op_lar] = CC_Z,
6140 [INDEX_op_lsl] = CC_Z,
6141 [INDEX_op_verr] = CC_Z,
6142 [INDEX_op_verw] = CC_Z,
6143 [INDEX_op_fcomi_ST0_FT0] = CC_Z | CC_P | CC_C,
6144 [INDEX_op_fucomi_ST0_FT0] = CC_Z | CC_P | CC_C,
6146 #define DEF_WRITEF(SUFFIX)\
6147 [INDEX_op_adcb ## SUFFIX ## _T0_T1_cc] = CC_OSZAPC,\
6148 [INDEX_op_adcw ## SUFFIX ## _T0_T1_cc] = CC_OSZAPC,\
6149 [INDEX_op_adcl ## SUFFIX ## _T0_T1_cc] = CC_OSZAPC,\
6150 X86_64_DEF([INDEX_op_adcq ## SUFFIX ## _T0_T1_cc] = CC_OSZAPC,)\
6151 [INDEX_op_sbbb ## SUFFIX ## _T0_T1_cc] = CC_OSZAPC,\
6152 [INDEX_op_sbbw ## SUFFIX ## _T0_T1_cc] = CC_OSZAPC,\
6153 [INDEX_op_sbbl ## SUFFIX ## _T0_T1_cc] = CC_OSZAPC,\
6154 X86_64_DEF([INDEX_op_sbbq ## SUFFIX ## _T0_T1_cc] = CC_OSZAPC,)\
6156 [INDEX_op_rolb ## SUFFIX ## _T0_T1_cc] = CC_O | CC_C,\
6157 [INDEX_op_rolw ## SUFFIX ## _T0_T1_cc] = CC_O | CC_C,\
6158 [INDEX_op_roll ## SUFFIX ## _T0_T1_cc] = CC_O | CC_C,\
6159 X86_64_DEF([INDEX_op_rolq ## SUFFIX ## _T0_T1_cc] = CC_O | CC_C,)\
6160 [INDEX_op_rorb ## SUFFIX ## _T0_T1_cc] = CC_O | CC_C,\
6161 [INDEX_op_rorw ## SUFFIX ## _T0_T1_cc] = CC_O | CC_C,\
6162 [INDEX_op_rorl ## SUFFIX ## _T0_T1_cc] = CC_O | CC_C,\
6163 X86_64_DEF([INDEX_op_rorq ## SUFFIX ## _T0_T1_cc] = CC_O | CC_C,)\
6165 [INDEX_op_rclb ## SUFFIX ## _T0_T1_cc] = CC_O | CC_C,\
6166 [INDEX_op_rclw ## SUFFIX ## _T0_T1_cc] = CC_O | CC_C,\
6167 [INDEX_op_rcll ## SUFFIX ## _T0_T1_cc] = CC_O | CC_C,\
6168 X86_64_DEF([INDEX_op_rclq ## SUFFIX ## _T0_T1_cc] = CC_O | CC_C,)\
6169 [INDEX_op_rcrb ## SUFFIX ## _T0_T1_cc] = CC_O | CC_C,\
6170 [INDEX_op_rcrw ## SUFFIX ## _T0_T1_cc] = CC_O | CC_C,\
6171 [INDEX_op_rcrl ## SUFFIX ## _T0_T1_cc] = CC_O | CC_C,\
6172 X86_64_DEF([INDEX_op_rcrq ## SUFFIX ## _T0_T1_cc] = CC_O | CC_C,)\
6174 [INDEX_op_shlb ## SUFFIX ## _T0_T1_cc] = CC_OSZAPC,\
6175 [INDEX_op_shlw ## SUFFIX ## _T0_T1_cc] = CC_OSZAPC,\
6176 [INDEX_op_shll ## SUFFIX ## _T0_T1_cc] = CC_OSZAPC,\
6177 X86_64_DEF([INDEX_op_shlq ## SUFFIX ## _T0_T1_cc] = CC_OSZAPC,)\
6179 [INDEX_op_shrb ## SUFFIX ## _T0_T1_cc] = CC_OSZAPC,\
6180 [INDEX_op_shrw ## SUFFIX ## _T0_T1_cc] = CC_OSZAPC,\
6181 [INDEX_op_shrl ## SUFFIX ## _T0_T1_cc] = CC_OSZAPC,\
6182 X86_64_DEF([INDEX_op_shrq ## SUFFIX ## _T0_T1_cc] = CC_OSZAPC,)\
6184 [INDEX_op_sarb ## SUFFIX ## _T0_T1_cc] = CC_OSZAPC,\
6185 [INDEX_op_sarw ## SUFFIX ## _T0_T1_cc] = CC_OSZAPC,\
6186 [INDEX_op_sarl ## SUFFIX ## _T0_T1_cc] = CC_OSZAPC,\
6187 X86_64_DEF([INDEX_op_sarq ## SUFFIX ## _T0_T1_cc] = CC_OSZAPC,)\
6189 [INDEX_op_shldw ## SUFFIX ## _T0_T1_ECX_cc] = CC_OSZAPC,\
6190 [INDEX_op_shldl ## SUFFIX ## _T0_T1_ECX_cc] = CC_OSZAPC,\
6191 X86_64_DEF([INDEX_op_shldq ## SUFFIX ## _T0_T1_ECX_cc] = CC_OSZAPC,)\
6192 [INDEX_op_shldw ## SUFFIX ## _T0_T1_im_cc] = CC_OSZAPC,\
6193 [INDEX_op_shldl ## SUFFIX ## _T0_T1_im_cc] = CC_OSZAPC,\
6194 X86_64_DEF([INDEX_op_shldq ## SUFFIX ## _T0_T1_im_cc] = CC_OSZAPC,)\
6196 [INDEX_op_shrdw ## SUFFIX ## _T0_T1_ECX_cc] = CC_OSZAPC,\
6197 [INDEX_op_shrdl ## SUFFIX ## _T0_T1_ECX_cc] = CC_OSZAPC,\
6198 X86_64_DEF([INDEX_op_shrdq ## SUFFIX ## _T0_T1_ECX_cc] = CC_OSZAPC,)\
6199 [INDEX_op_shrdw ## SUFFIX ## _T0_T1_im_cc] = CC_OSZAPC,\
6200 [INDEX_op_shrdl ## SUFFIX ## _T0_T1_im_cc] = CC_OSZAPC,\
6201 X86_64_DEF([INDEX_op_shrdq ## SUFFIX ## _T0_T1_im_cc] = CC_OSZAPC,)\
6203 [INDEX_op_cmpxchgb ## SUFFIX ## _T0_T1_EAX_cc] = CC_OSZAPC,\
6204 [INDEX_op_cmpxchgw ## SUFFIX ## _T0_T1_EAX_cc] = CC_OSZAPC,\
6205 [INDEX_op_cmpxchgl ## SUFFIX ## _T0_T1_EAX_cc] = CC_OSZAPC,\
6206 X86_64_DEF([INDEX_op_cmpxchgq ## SUFFIX ## _T0_T1_EAX_cc] = CC_OSZAPC,)
6211 #ifndef CONFIG_USER_ONLY
6217 /* simpler form of an operation if no flags need to be generated */
6218 static uint16_t opc_simpler[NB_OPS] = {
6219 [INDEX_op_update2_cc] = INDEX_op_nop,
6220 [INDEX_op_update1_cc] = INDEX_op_nop,
6221 [INDEX_op_update_neg_cc] = INDEX_op_nop,
6223 /* broken: CC_OP logic must be rewritten */
6224 [INDEX_op_update_inc_cc] = INDEX_op_nop,
6227 [INDEX_op_shlb_T0_T1_cc] = INDEX_op_shlb_T0_T1,
6228 [INDEX_op_shlw_T0_T1_cc] = INDEX_op_shlw_T0_T1,
6229 [INDEX_op_shll_T0_T1_cc] = INDEX_op_shll_T0_T1,
6230 X86_64_DEF([INDEX_op_shlq_T0_T1_cc] = INDEX_op_shlq_T0_T1,)
6232 [INDEX_op_shrb_T0_T1_cc] = INDEX_op_shrb_T0_T1,
6233 [INDEX_op_shrw_T0_T1_cc] = INDEX_op_shrw_T0_T1,
6234 [INDEX_op_shrl_T0_T1_cc] = INDEX_op_shrl_T0_T1,
6235 X86_64_DEF([INDEX_op_shrq_T0_T1_cc] = INDEX_op_shrq_T0_T1,)
6237 [INDEX_op_sarb_T0_T1_cc] = INDEX_op_sarb_T0_T1,
6238 [INDEX_op_sarw_T0_T1_cc] = INDEX_op_sarw_T0_T1,
6239 [INDEX_op_sarl_T0_T1_cc] = INDEX_op_sarl_T0_T1,
6240 X86_64_DEF([INDEX_op_sarq_T0_T1_cc] = INDEX_op_sarq_T0_T1,)
6242 #define DEF_SIMPLER(SUFFIX)\
6243 [INDEX_op_rolb ## SUFFIX ## _T0_T1_cc] = INDEX_op_rolb ## SUFFIX ## _T0_T1,\
6244 [INDEX_op_rolw ## SUFFIX ## _T0_T1_cc] = INDEX_op_rolw ## SUFFIX ## _T0_T1,\
6245 [INDEX_op_roll ## SUFFIX ## _T0_T1_cc] = INDEX_op_roll ## SUFFIX ## _T0_T1,\
6246 X86_64_DEF([INDEX_op_rolq ## SUFFIX ## _T0_T1_cc] = INDEX_op_rolq ## SUFFIX ## _T0_T1,)\
6248 [INDEX_op_rorb ## SUFFIX ## _T0_T1_cc] = INDEX_op_rorb ## SUFFIX ## _T0_T1,\
6249 [INDEX_op_rorw ## SUFFIX ## _T0_T1_cc] = INDEX_op_rorw ## SUFFIX ## _T0_T1,\
6250 [INDEX_op_rorl ## SUFFIX ## _T0_T1_cc] = INDEX_op_rorl ## SUFFIX ## _T0_T1,\
6251 X86_64_DEF([INDEX_op_rorq ## SUFFIX ## _T0_T1_cc] = INDEX_op_rorq ## SUFFIX ## _T0_T1,)
6255 #ifndef CONFIG_USER_ONLY
6256 DEF_SIMPLER(_kernel)
6261 void optimize_flags_init(void)
6264 /* put default values in arrays */
6265 for(i = 0; i < NB_OPS; i++) {
6266 if (opc_simpler[i] == 0)
6271 /* CPU flags computation optimization: we move backward thru the
6272 generated code to see which flags are needed. The operation is
6273 modified if suitable */
6274 static void optimize_flags(uint16_t *opc_buf, int opc_buf_len)
6277 int live_flags, write_flags, op;
6279 opc_ptr = opc_buf + opc_buf_len;
6280 /* live_flags contains the flags needed by the next instructions
6281 in the code. At the end of the bloc, we consider that all the
6283 live_flags = CC_OSZAPC;
6284 while (opc_ptr > opc_buf) {
6286 /* if none of the flags written by the instruction is used,
6287 then we can try to find a simpler instruction */
6288 write_flags = opc_write_flags[op];
6289 if ((live_flags & write_flags) == 0) {
6290 *opc_ptr = opc_simpler[op];
6292 /* compute the live flags before the instruction */
6293 live_flags &= ~write_flags;
6294 live_flags |= opc_read_flags[op];
6298 /* generate intermediate code in gen_opc_buf and gen_opparam_buf for
6299 basic block 'tb'. If search_pc is TRUE, also generate PC
6300 information for each intermediate instruction. */
6301 static inline int gen_intermediate_code_internal(CPUState *env,
6302 TranslationBlock *tb,
6305 DisasContext dc1, *dc = &dc1;
6306 target_ulong pc_ptr;
6307 uint16_t *gen_opc_end;
6308 int flags, j, lj, cflags;
6309 target_ulong pc_start;
6310 target_ulong cs_base;
6312 /* generate intermediate code */
6314 cs_base = tb->cs_base;
6316 cflags = tb->cflags;
6318 dc->pe = (flags >> HF_PE_SHIFT) & 1;
6319 dc->code32 = (flags >> HF_CS32_SHIFT) & 1;
6320 dc->ss32 = (flags >> HF_SS32_SHIFT) & 1;
6321 dc->addseg = (flags >> HF_ADDSEG_SHIFT) & 1;
6323 dc->vm86 = (flags >> VM_SHIFT) & 1;
6324 dc->cpl = (flags >> HF_CPL_SHIFT) & 3;
6325 dc->iopl = (flags >> IOPL_SHIFT) & 3;
6326 dc->tf = (flags >> TF_SHIFT) & 1;
6327 dc->singlestep_enabled = env->singlestep_enabled;
6328 dc->cc_op = CC_OP_DYNAMIC;
6329 dc->cs_base = cs_base;
6331 dc->popl_esp_hack = 0;
6332 /* select memory access functions */
6334 if (flags & HF_SOFTMMU_MASK) {
6336 dc->mem_index = 2 * 4;
6338 dc->mem_index = 1 * 4;
6340 dc->cpuid_features = env->cpuid_features;
6341 #ifdef TARGET_X86_64
6342 dc->lma = (flags >> HF_LMA_SHIFT) & 1;
6343 dc->code64 = (flags >> HF_CS64_SHIFT) & 1;
6346 dc->jmp_opt = !(dc->tf || env->singlestep_enabled ||
6347 (flags & HF_INHIBIT_IRQ_MASK)
6348 #ifndef CONFIG_SOFTMMU
6349 || (flags & HF_SOFTMMU_MASK)
6353 /* check addseg logic */
6354 if (!dc->addseg && (dc->vm86 || !dc->pe || !dc->code32))
6355 printf("ERROR addseg\n");
6358 gen_opc_ptr = gen_opc_buf;
6359 gen_opc_end = gen_opc_buf + OPC_MAX_SIZE;
6360 gen_opparam_ptr = gen_opparam_buf;
6363 dc->is_jmp = DISAS_NEXT;
6368 if (env->nb_breakpoints > 0) {
6369 for(j = 0; j < env->nb_breakpoints; j++) {
6370 if (env->breakpoints[j] == pc_ptr) {
6371 gen_debug(dc, pc_ptr - dc->cs_base);
6377 j = gen_opc_ptr - gen_opc_buf;
6381 gen_opc_instr_start[lj++] = 0;
6383 gen_opc_pc[lj] = pc_ptr;
6384 gen_opc_cc_op[lj] = dc->cc_op;
6385 gen_opc_instr_start[lj] = 1;
6387 pc_ptr = disas_insn(dc, pc_ptr);
6388 /* stop translation if indicated */
6391 /* if single step mode, we generate only one instruction and
6392 generate an exception */
6393 /* if irq were inhibited with HF_INHIBIT_IRQ_MASK, we clear
6394 the flag and abort the translation to give the irqs a
6395 change to be happen */
6396 if (dc->tf || dc->singlestep_enabled ||
6397 (flags & HF_INHIBIT_IRQ_MASK) ||
6398 (cflags & CF_SINGLE_INSN)) {
6399 gen_jmp_im(pc_ptr - dc->cs_base);
6403 /* if too long translation, stop generation too */
6404 if (gen_opc_ptr >= gen_opc_end ||
6405 (pc_ptr - pc_start) >= (TARGET_PAGE_SIZE - 32)) {
6406 gen_jmp_im(pc_ptr - dc->cs_base);
6411 *gen_opc_ptr = INDEX_op_end;
6412 /* we don't forget to fill the last values */
6414 j = gen_opc_ptr - gen_opc_buf;
6417 gen_opc_instr_start[lj++] = 0;
6421 if (loglevel & CPU_LOG_TB_CPU) {
6422 cpu_dump_state(env, logfile, fprintf, X86_DUMP_CCOP);
6424 if (loglevel & CPU_LOG_TB_IN_ASM) {
6426 fprintf(logfile, "----------------\n");
6427 fprintf(logfile, "IN: %s\n", lookup_symbol(pc_start));
6428 #ifdef TARGET_X86_64
6433 disas_flags = !dc->code32;
6434 target_disas(logfile, pc_start, pc_ptr - pc_start, disas_flags);
6435 fprintf(logfile, "\n");
6436 if (loglevel & CPU_LOG_TB_OP) {
6437 fprintf(logfile, "OP:\n");
6438 dump_ops(gen_opc_buf, gen_opparam_buf);
6439 fprintf(logfile, "\n");
6444 /* optimize flag computations */
6445 optimize_flags(gen_opc_buf, gen_opc_ptr - gen_opc_buf);
6448 if (loglevel & CPU_LOG_TB_OP_OPT) {
6449 fprintf(logfile, "AFTER FLAGS OPT:\n");
6450 dump_ops(gen_opc_buf, gen_opparam_buf);
6451 fprintf(logfile, "\n");
6455 tb->size = pc_ptr - pc_start;
6459 int gen_intermediate_code(CPUState *env, TranslationBlock *tb)
6461 return gen_intermediate_code_internal(env, tb, 0);
6464 int gen_intermediate_code_pc(CPUState *env, TranslationBlock *tb)
6466 return gen_intermediate_code_internal(env, tb, 1);
projects / qemu / blob