LLDB  mainline
EmulateInstructionARM.cpp
Go to the documentation of this file.
1 //===-- EmulateInstructionARM.cpp -------------------------------*- C++ -*-===//
2 //
3 // Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
4 // See https://llvm.org/LICENSE.txt for license information.
5 // SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
6 //
7 //===----------------------------------------------------------------------===//
8 
9 #include <stdlib.h>
10 
11 #include "EmulateInstructionARM.h"
12 #include "EmulationStateARM.h"
13 #include "lldb/Core/Address.h"
14 #include "lldb/Core/PluginManager.h"
15 #include "lldb/Host/PosixApi.h"
16 #include "lldb/Interpreter/OptionValueArray.h"
17 #include "lldb/Interpreter/OptionValueDictionary.h"
18 #include "lldb/Symbol/UnwindPlan.h"
19 #include "lldb/Utility/ArchSpec.h"
20 #include "lldb/Utility/ConstString.h"
21 #include "lldb/Utility/Stream.h"
22 
23 #include "Plugins/Process/Utility/ARMDefines.h"
24 #include "Plugins/Process/Utility/ARMUtils.h"
25 #include "Utility/ARM_DWARF_Registers.h"
26 
27 #include "llvm/ADT/STLExtras.h"
28 #include "llvm/Support/MathExtras.h"
29 
30 using namespace lldb;
31 using namespace lldb_private;
32 
33 // Convenient macro definitions.
34 #define APSR_C Bit32(m_opcode_cpsr, CPSR_C_POS)
35 #define APSR_V Bit32(m_opcode_cpsr, CPSR_V_POS)
36 
37 #define AlignPC(pc_val) (pc_val & 0xFFFFFFFC)
38 
39 //
40 // ITSession implementation
41 //
42 
43 static bool GetARMDWARFRegisterInfo(unsigned reg_num, RegisterInfo &reg_info) {
44  ::memset(&reg_info, 0, sizeof(RegisterInfo));
45  ::memset(reg_info.kinds, LLDB_INVALID_REGNUM, sizeof(reg_info.kinds));
46 
47  if (reg_num >= dwarf_q0 && reg_num <= dwarf_q15) {
48  reg_info.byte_size = 16;
49  reg_info.format = eFormatVectorOfUInt8;
50  reg_info.encoding = eEncodingVector;
51  }
52 
53  if (reg_num >= dwarf_d0 && reg_num <= dwarf_d31) {
54  reg_info.byte_size = 8;
55  reg_info.format = eFormatFloat;
56  reg_info.encoding = eEncodingIEEE754;
57  } else if (reg_num >= dwarf_s0 && reg_num <= dwarf_s31) {
58  reg_info.byte_size = 4;
59  reg_info.format = eFormatFloat;
60  reg_info.encoding = eEncodingIEEE754;
61  } else if (reg_num >= dwarf_f0 && reg_num <= dwarf_f7) {
62  reg_info.byte_size = 12;
63  reg_info.format = eFormatFloat;
64  reg_info.encoding = eEncodingIEEE754;
65  } else {
66  reg_info.byte_size = 4;
67  reg_info.format = eFormatHex;
68  reg_info.encoding = eEncodingUint;
69  }
70 
71  reg_info.kinds[eRegisterKindDWARF] = reg_num;
72 
73  switch (reg_num) {
74  case dwarf_r0:
75  reg_info.name = "r0";
76  break;
77  case dwarf_r1:
78  reg_info.name = "r1";
79  break;
80  case dwarf_r2:
81  reg_info.name = "r2";
82  break;
83  case dwarf_r3:
84  reg_info.name = "r3";
85  break;
86  case dwarf_r4:
87  reg_info.name = "r4";
88  break;
89  case dwarf_r5:
90  reg_info.name = "r5";
91  break;
92  case dwarf_r6:
93  reg_info.name = "r6";
94  break;
95  case dwarf_r7:
96  reg_info.name = "r7";
97  reg_info.kinds[eRegisterKindGeneric] = LLDB_REGNUM_GENERIC_FP;
98  break;
99  case dwarf_r8:
100  reg_info.name = "r8";
101  break;
102  case dwarf_r9:
103  reg_info.name = "r9";
104  break;
105  case dwarf_r10:
106  reg_info.name = "r10";
107  break;
108  case dwarf_r11:
109  reg_info.name = "r11";
110  break;
111  case dwarf_r12:
112  reg_info.name = "r12";
113  break;
114  case dwarf_sp:
115  reg_info.name = "sp";
116  reg_info.alt_name = "r13";
117  reg_info.kinds[eRegisterKindGeneric] = LLDB_REGNUM_GENERIC_SP;
118  break;
119  case dwarf_lr:
120  reg_info.name = "lr";
121  reg_info.alt_name = "r14";
122  reg_info.kinds[eRegisterKindGeneric] = LLDB_REGNUM_GENERIC_RA;
123  break;
124  case dwarf_pc:
125  reg_info.name = "pc";
126  reg_info.alt_name = "r15";
127  reg_info.kinds[eRegisterKindGeneric] = LLDB_REGNUM_GENERIC_PC;
128  break;
129  case dwarf_cpsr:
130  reg_info.name = "cpsr";
131  reg_info.kinds[eRegisterKindGeneric] = LLDB_REGNUM_GENERIC_FLAGS;
132  break;
133 
134  case dwarf_s0:
135  reg_info.name = "s0";
136  break;
137  case dwarf_s1:
138  reg_info.name = "s1";
139  break;
140  case dwarf_s2:
141  reg_info.name = "s2";
142  break;
143  case dwarf_s3:
144  reg_info.name = "s3";
145  break;
146  case dwarf_s4:
147  reg_info.name = "s4";
148  break;
149  case dwarf_s5:
150  reg_info.name = "s5";
151  break;
152  case dwarf_s6:
153  reg_info.name = "s6";
154  break;
155  case dwarf_s7:
156  reg_info.name = "s7";
157  break;
158  case dwarf_s8:
159  reg_info.name = "s8";
160  break;
161  case dwarf_s9:
162  reg_info.name = "s9";
163  break;
164  case dwarf_s10:
165  reg_info.name = "s10";
166  break;
167  case dwarf_s11:
168  reg_info.name = "s11";
169  break;
170  case dwarf_s12:
171  reg_info.name = "s12";
172  break;
173  case dwarf_s13:
174  reg_info.name = "s13";
175  break;
176  case dwarf_s14:
177  reg_info.name = "s14";
178  break;
179  case dwarf_s15:
180  reg_info.name = "s15";
181  break;
182  case dwarf_s16:
183  reg_info.name = "s16";
184  break;
185  case dwarf_s17:
186  reg_info.name = "s17";
187  break;
188  case dwarf_s18:
189  reg_info.name = "s18";
190  break;
191  case dwarf_s19:
192  reg_info.name = "s19";
193  break;
194  case dwarf_s20:
195  reg_info.name = "s20";
196  break;
197  case dwarf_s21:
198  reg_info.name = "s21";
199  break;
200  case dwarf_s22:
201  reg_info.name = "s22";
202  break;
203  case dwarf_s23:
204  reg_info.name = "s23";
205  break;
206  case dwarf_s24:
207  reg_info.name = "s24";
208  break;
209  case dwarf_s25:
210  reg_info.name = "s25";
211  break;
212  case dwarf_s26:
213  reg_info.name = "s26";
214  break;
215  case dwarf_s27:
216  reg_info.name = "s27";
217  break;
218  case dwarf_s28:
219  reg_info.name = "s28";
220  break;
221  case dwarf_s29:
222  reg_info.name = "s29";
223  break;
224  case dwarf_s30:
225  reg_info.name = "s30";
226  break;
227  case dwarf_s31:
228  reg_info.name = "s31";
229  break;
230 
231  // FPA Registers 0-7
232  case dwarf_f0:
233  reg_info.name = "f0";
234  break;
235  case dwarf_f1:
236  reg_info.name = "f1";
237  break;
238  case dwarf_f2:
239  reg_info.name = "f2";
240  break;
241  case dwarf_f3:
242  reg_info.name = "f3";
243  break;
244  case dwarf_f4:
245  reg_info.name = "f4";
246  break;
247  case dwarf_f5:
248  reg_info.name = "f5";
249  break;
250  case dwarf_f6:
251  reg_info.name = "f6";
252  break;
253  case dwarf_f7:
254  reg_info.name = "f7";
255  break;
256 
257  // Intel wireless MMX general purpose registers 0 - 7 XScale accumulator
258  // register 0 - 7 (they do overlap with wCGR0 - wCGR7)
259  case dwarf_wCGR0:
260  reg_info.name = "wCGR0/ACC0";
261  break;
262  case dwarf_wCGR1:
263  reg_info.name = "wCGR1/ACC1";
264  break;
265  case dwarf_wCGR2:
266  reg_info.name = "wCGR2/ACC2";
267  break;
268  case dwarf_wCGR3:
269  reg_info.name = "wCGR3/ACC3";
270  break;
271  case dwarf_wCGR4:
272  reg_info.name = "wCGR4/ACC4";
273  break;
274  case dwarf_wCGR5:
275  reg_info.name = "wCGR5/ACC5";
276  break;
277  case dwarf_wCGR6:
278  reg_info.name = "wCGR6/ACC6";
279  break;
280  case dwarf_wCGR7:
281  reg_info.name = "wCGR7/ACC7";
282  break;
283 
284  // Intel wireless MMX data registers 0 - 15
285  case dwarf_wR0:
286  reg_info.name = "wR0";
287  break;
288  case dwarf_wR1:
289  reg_info.name = "wR1";
290  break;
291  case dwarf_wR2:
292  reg_info.name = "wR2";
293  break;
294  case dwarf_wR3:
295  reg_info.name = "wR3";
296  break;
297  case dwarf_wR4:
298  reg_info.name = "wR4";
299  break;
300  case dwarf_wR5:
301  reg_info.name = "wR5";
302  break;
303  case dwarf_wR6:
304  reg_info.name = "wR6";
305  break;
306  case dwarf_wR7:
307  reg_info.name = "wR7";
308  break;
309  case dwarf_wR8:
310  reg_info.name = "wR8";
311  break;
312  case dwarf_wR9:
313  reg_info.name = "wR9";
314  break;
315  case dwarf_wR10:
316  reg_info.name = "wR10";
317  break;
318  case dwarf_wR11:
319  reg_info.name = "wR11";
320  break;
321  case dwarf_wR12:
322  reg_info.name = "wR12";
323  break;
324  case dwarf_wR13:
325  reg_info.name = "wR13";
326  break;
327  case dwarf_wR14:
328  reg_info.name = "wR14";
329  break;
330  case dwarf_wR15:
331  reg_info.name = "wR15";
332  break;
333 
334  case dwarf_spsr:
335  reg_info.name = "spsr";
336  break;
337  case dwarf_spsr_fiq:
338  reg_info.name = "spsr_fiq";
339  break;
340  case dwarf_spsr_irq:
341  reg_info.name = "spsr_irq";
342  break;
343  case dwarf_spsr_abt:
344  reg_info.name = "spsr_abt";
345  break;
346  case dwarf_spsr_und:
347  reg_info.name = "spsr_und";
348  break;
349  case dwarf_spsr_svc:
350  reg_info.name = "spsr_svc";
351  break;
352 
353  case dwarf_r8_usr:
354  reg_info.name = "r8_usr";
355  break;
356  case dwarf_r9_usr:
357  reg_info.name = "r9_usr";
358  break;
359  case dwarf_r10_usr:
360  reg_info.name = "r10_usr";
361  break;
362  case dwarf_r11_usr:
363  reg_info.name = "r11_usr";
364  break;
365  case dwarf_r12_usr:
366  reg_info.name = "r12_usr";
367  break;
368  case dwarf_r13_usr:
369  reg_info.name = "r13_usr";
370  break;
371  case dwarf_r14_usr:
372  reg_info.name = "r14_usr";
373  break;
374  case dwarf_r8_fiq:
375  reg_info.name = "r8_fiq";
376  break;
377  case dwarf_r9_fiq:
378  reg_info.name = "r9_fiq";
379  break;
380  case dwarf_r10_fiq:
381  reg_info.name = "r10_fiq";
382  break;
383  case dwarf_r11_fiq:
384  reg_info.name = "r11_fiq";
385  break;
386  case dwarf_r12_fiq:
387  reg_info.name = "r12_fiq";
388  break;
389  case dwarf_r13_fiq:
390  reg_info.name = "r13_fiq";
391  break;
392  case dwarf_r14_fiq:
393  reg_info.name = "r14_fiq";
394  break;
395  case dwarf_r13_irq:
396  reg_info.name = "r13_irq";
397  break;
398  case dwarf_r14_irq:
399  reg_info.name = "r14_irq";
400  break;
401  case dwarf_r13_abt:
402  reg_info.name = "r13_abt";
403  break;
404  case dwarf_r14_abt:
405  reg_info.name = "r14_abt";
406  break;
407  case dwarf_r13_und:
408  reg_info.name = "r13_und";
409  break;
410  case dwarf_r14_und:
411  reg_info.name = "r14_und";
412  break;
413  case dwarf_r13_svc:
414  reg_info.name = "r13_svc";
415  break;
416  case dwarf_r14_svc:
417  reg_info.name = "r14_svc";
418  break;
419 
420  // Intel wireless MMX control register in co-processor 0 - 7
421  case dwarf_wC0:
422  reg_info.name = "wC0";
423  break;
424  case dwarf_wC1:
425  reg_info.name = "wC1";
426  break;
427  case dwarf_wC2:
428  reg_info.name = "wC2";
429  break;
430  case dwarf_wC3:
431  reg_info.name = "wC3";
432  break;
433  case dwarf_wC4:
434  reg_info.name = "wC4";
435  break;
436  case dwarf_wC5:
437  reg_info.name = "wC5";
438  break;
439  case dwarf_wC6:
440  reg_info.name = "wC6";
441  break;
442  case dwarf_wC7:
443  reg_info.name = "wC7";
444  break;
445 
446  // VFP-v3/Neon
447  case dwarf_d0:
448  reg_info.name = "d0";
449  break;
450  case dwarf_d1:
451  reg_info.name = "d1";
452  break;
453  case dwarf_d2:
454  reg_info.name = "d2";
455  break;
456  case dwarf_d3:
457  reg_info.name = "d3";
458  break;
459  case dwarf_d4:
460  reg_info.name = "d4";
461  break;
462  case dwarf_d5:
463  reg_info.name = "d5";
464  break;
465  case dwarf_d6:
466  reg_info.name = "d6";
467  break;
468  case dwarf_d7:
469  reg_info.name = "d7";
470  break;
471  case dwarf_d8:
472  reg_info.name = "d8";
473  break;
474  case dwarf_d9:
475  reg_info.name = "d9";
476  break;
477  case dwarf_d10:
478  reg_info.name = "d10";
479  break;
480  case dwarf_d11:
481  reg_info.name = "d11";
482  break;
483  case dwarf_d12:
484  reg_info.name = "d12";
485  break;
486  case dwarf_d13:
487  reg_info.name = "d13";
488  break;
489  case dwarf_d14:
490  reg_info.name = "d14";
491  break;
492  case dwarf_d15:
493  reg_info.name = "d15";
494  break;
495  case dwarf_d16:
496  reg_info.name = "d16";
497  break;
498  case dwarf_d17:
499  reg_info.name = "d17";
500  break;
501  case dwarf_d18:
502  reg_info.name = "d18";
503  break;
504  case dwarf_d19:
505  reg_info.name = "d19";
506  break;
507  case dwarf_d20:
508  reg_info.name = "d20";
509  break;
510  case dwarf_d21:
511  reg_info.name = "d21";
512  break;
513  case dwarf_d22:
514  reg_info.name = "d22";
515  break;
516  case dwarf_d23:
517  reg_info.name = "d23";
518  break;
519  case dwarf_d24:
520  reg_info.name = "d24";
521  break;
522  case dwarf_d25:
523  reg_info.name = "d25";
524  break;
525  case dwarf_d26:
526  reg_info.name = "d26";
527  break;
528  case dwarf_d27:
529  reg_info.name = "d27";
530  break;
531  case dwarf_d28:
532  reg_info.name = "d28";
533  break;
534  case dwarf_d29:
535  reg_info.name = "d29";
536  break;
537  case dwarf_d30:
538  reg_info.name = "d30";
539  break;
540  case dwarf_d31:
541  reg_info.name = "d31";
542  break;
543 
544  // NEON 128-bit vector registers (overlays the d registers)
545  case dwarf_q0:
546  reg_info.name = "q0";
547  break;
548  case dwarf_q1:
549  reg_info.name = "q1";
550  break;
551  case dwarf_q2:
552  reg_info.name = "q2";
553  break;
554  case dwarf_q3:
555  reg_info.name = "q3";
556  break;
557  case dwarf_q4:
558  reg_info.name = "q4";
559  break;
560  case dwarf_q5:
561  reg_info.name = "q5";
562  break;
563  case dwarf_q6:
564  reg_info.name = "q6";
565  break;
566  case dwarf_q7:
567  reg_info.name = "q7";
568  break;
569  case dwarf_q8:
570  reg_info.name = "q8";
571  break;
572  case dwarf_q9:
573  reg_info.name = "q9";
574  break;
575  case dwarf_q10:
576  reg_info.name = "q10";
577  break;
578  case dwarf_q11:
579  reg_info.name = "q11";
580  break;
581  case dwarf_q12:
582  reg_info.name = "q12";
583  break;
584  case dwarf_q13:
585  reg_info.name = "q13";
586  break;
587  case dwarf_q14:
588  reg_info.name = "q14";
589  break;
590  case dwarf_q15:
591  reg_info.name = "q15";
592  break;
593 
594  default:
595  return false;
596  }
597  return true;
598 }
599 
600 // A8.6.50
601 // Valid return values are {1, 2, 3, 4}, with 0 signifying an error condition.
602 static uint32_t CountITSize(uint32_t ITMask) {
603  // First count the trailing zeros of the IT mask.
604  uint32_t TZ = llvm::countTrailingZeros(ITMask);
605  if (TZ > 3) {
606 #ifdef LLDB_CONFIGURATION_DEBUG
607  printf("Encoding error: IT Mask '0000'\n");
608 #endif
609  return 0;
610  }
611  return (4 - TZ);
612 }
613 
614 // Init ITState. Note that at least one bit is always 1 in mask.
615 bool ITSession::InitIT(uint32_t bits7_0) {
616  ITCounter = CountITSize(Bits32(bits7_0, 3, 0));
617  if (ITCounter == 0)
618  return false;
619 
620  // A8.6.50 IT
621  unsigned short FirstCond = Bits32(bits7_0, 7, 4);
622  if (FirstCond == 0xF) {
623 #ifdef LLDB_CONFIGURATION_DEBUG
624  printf("Encoding error: IT FirstCond '1111'\n");
625 #endif
626  return false;
627  }
628  if (FirstCond == 0xE && ITCounter != 1) {
629 #ifdef LLDB_CONFIGURATION_DEBUG
630  printf("Encoding error: IT FirstCond '1110' && Mask != '1000'\n");
631 #endif
632  return false;
633  }
634 
635  ITState = bits7_0;
636  return true;
637 }
638 
639 // Update ITState if necessary.
640 void ITSession::ITAdvance() {
641  // assert(ITCounter);
642  --ITCounter;
643  if (ITCounter == 0)
644  ITState = 0;
645  else {
646  unsigned short NewITState4_0 = Bits32(ITState, 4, 0) << 1;
647  SetBits32(ITState, 4, 0, NewITState4_0);
648  }
649 }
650 
651 // Return true if we're inside an IT Block.
652 bool ITSession::InITBlock() { return ITCounter != 0; }
653 
654 // Return true if we're the last instruction inside an IT Block.
655 bool ITSession::LastInITBlock() { return ITCounter == 1; }
656 
657 // Get condition bits for the current thumb instruction.
658 uint32_t ITSession::GetCond() {
659  if (InITBlock())
660  return Bits32(ITState, 7, 4);
661  else
662  return COND_AL;
663 }
664 
665 // ARM constants used during decoding
666 #define REG_RD 0
667 #define LDM_REGLIST 1
668 #define SP_REG 13
669 #define LR_REG 14
670 #define PC_REG 15
671 #define PC_REGLIST_BIT 0x8000
672 
673 #define ARMv4 (1u << 0)
674 #define ARMv4T (1u << 1)
675 #define ARMv5T (1u << 2)
676 #define ARMv5TE (1u << 3)
677 #define ARMv5TEJ (1u << 4)
678 #define ARMv6 (1u << 5)
679 #define ARMv6K (1u << 6)
680 #define ARMv6T2 (1u << 7)
681 #define ARMv7 (1u << 8)
682 #define ARMv7S (1u << 9)
683 #define ARMv8 (1u << 10)
684 #define ARMvAll (0xffffffffu)
685 
686 #define ARMV4T_ABOVE \
687  (ARMv4T | ARMv5T | ARMv5TE | ARMv5TEJ | ARMv6 | ARMv6K | ARMv6T2 | ARMv7 | \
688  ARMv7S | ARMv8)
689 #define ARMV5_ABOVE \
690  (ARMv5T | ARMv5TE | ARMv5TEJ | ARMv6 | ARMv6K | ARMv6T2 | ARMv7 | ARMv7S | \
691  ARMv8)
692 #define ARMV5TE_ABOVE \
693  (ARMv5TE | ARMv5TEJ | ARMv6 | ARMv6K | ARMv6T2 | ARMv7 | ARMv7S | ARMv8)
694 #define ARMV5J_ABOVE \
695  (ARMv5TEJ | ARMv6 | ARMv6K | ARMv6T2 | ARMv7 | ARMv7S | ARMv8)
696 #define ARMV6_ABOVE (ARMv6 | ARMv6K | ARMv6T2 | ARMv7 | ARMv7S | ARMv8)
697 #define ARMV6T2_ABOVE (ARMv6T2 | ARMv7 | ARMv7S | ARMv8)
698 #define ARMV7_ABOVE (ARMv7 | ARMv7S | ARMv8)
699 
700 #define No_VFP 0
701 #define VFPv1 (1u << 1)
702 #define VFPv2 (1u << 2)
703 #define VFPv3 (1u << 3)
704 #define AdvancedSIMD (1u << 4)
705 
706 #define VFPv1_ABOVE (VFPv1 | VFPv2 | VFPv3 | AdvancedSIMD)
707 #define VFPv2_ABOVE (VFPv2 | VFPv3 | AdvancedSIMD)
708 #define VFPv2v3 (VFPv2 | VFPv3)
709 
710 //
711 // EmulateInstructionARM implementation
712 //
713 
714 void EmulateInstructionARM::Initialize() {
715  PluginManager::RegisterPlugin(GetPluginNameStatic(),
716  GetPluginDescriptionStatic(), CreateInstance);
717 }
718 
719 void EmulateInstructionARM::Terminate() {
720  PluginManager::UnregisterPlugin(CreateInstance);
721 }
722 
723 ConstString EmulateInstructionARM::GetPluginNameStatic() {
724  static ConstString g_name("arm");
725  return g_name;
726 }
727 
728 const char *EmulateInstructionARM::GetPluginDescriptionStatic() {
729  return "Emulate instructions for the ARM architecture.";
730 }
731 
732 EmulateInstruction *
733 EmulateInstructionARM::CreateInstance(const ArchSpec &arch,
734  InstructionType inst_type) {
735  if (EmulateInstructionARM::SupportsEmulatingInstructionsOfTypeStatic(
736  inst_type)) {
737  if (arch.GetTriple().getArch() == llvm::Triple::arm) {
738  std::unique_ptr<EmulateInstructionARM> emulate_insn_up(
739  new EmulateInstructionARM(arch));
740 
741  if (emulate_insn_up)
742  return emulate_insn_up.release();
743  } else if (arch.GetTriple().getArch() == llvm::Triple::thumb) {
744  std::unique_ptr<EmulateInstructionARM> emulate_insn_up(
745  new EmulateInstructionARM(arch));
746 
747  if (emulate_insn_up)
748  return emulate_insn_up.release();
749  }
750  }
751 
752  return NULL;
753 }
754 
755 bool EmulateInstructionARM::SetTargetTriple(const ArchSpec &arch) {
756  if (arch.GetTriple().getArch() == llvm::Triple::arm)
757  return true;
758  else if (arch.GetTriple().getArch() == llvm::Triple::thumb)
759  return true;
760 
761  return false;
762 }
763 
764 // Write "bits (32) UNKNOWN" to memory address "address". Helper function for
765 // many ARM instructions.
766 bool EmulateInstructionARM::WriteBits32UnknownToMemory(addr_t address) {
767  EmulateInstruction::Context context;
768  context.type = EmulateInstruction::eContextWriteMemoryRandomBits;
769  context.SetNoArgs();
770 
771  uint32_t random_data = rand();
772  const uint32_t addr_byte_size = GetAddressByteSize();
773 
774  return MemAWrite(context, address, random_data, addr_byte_size);
775 }
776 
777 // Write "bits (32) UNKNOWN" to register n. Helper function for many ARM
778 // instructions.
779 bool EmulateInstructionARM::WriteBits32Unknown(int n) {
780  EmulateInstruction::Context context;
781  context.type = EmulateInstruction::eContextWriteRegisterRandomBits;
782  context.SetNoArgs();
783 
784  bool success;
785  uint32_t data =
786  ReadRegisterUnsigned(eRegisterKindDWARF, dwarf_r0 + n, 0, &success);
787 
788  if (!success)
789  return false;
790 
791  if (!WriteRegisterUnsigned(context, eRegisterKindDWARF, dwarf_r0 + n, data))
792  return false;
793 
794  return true;
795 }
796 
797 bool EmulateInstructionARM::GetRegisterInfo(lldb::RegisterKind reg_kind,
798  uint32_t reg_num,
799  RegisterInfo &reg_info) {
800  if (reg_kind == eRegisterKindGeneric) {
801  switch (reg_num) {
802  case LLDB_REGNUM_GENERIC_PC:
803  reg_kind = eRegisterKindDWARF;
804  reg_num = dwarf_pc;
805  break;
806  case LLDB_REGNUM_GENERIC_SP:
807  reg_kind = eRegisterKindDWARF;
808  reg_num = dwarf_sp;
809  break;
810  case LLDB_REGNUM_GENERIC_FP:
811  reg_kind = eRegisterKindDWARF;
812  reg_num = dwarf_r7;
813  break;
814  case LLDB_REGNUM_GENERIC_RA:
815  reg_kind = eRegisterKindDWARF;
816  reg_num = dwarf_lr;
817  break;
818  case LLDB_REGNUM_GENERIC_FLAGS:
819  reg_kind = eRegisterKindDWARF;
820  reg_num = dwarf_cpsr;
821  break;
822  default:
823  return false;
824  }
825  }
826 
827  if (reg_kind == eRegisterKindDWARF)
828  return GetARMDWARFRegisterInfo(reg_num, reg_info);
829  return false;
830 }
831 
832 uint32_t EmulateInstructionARM::GetFramePointerRegisterNumber() const {
833  if (m_arch.GetTriple().isAndroid())
834  return LLDB_INVALID_REGNUM; // Don't use frame pointer on android
835  bool is_apple = false;
836  if (m_arch.GetTriple().getVendor() == llvm::Triple::Apple)
837  is_apple = true;
838  switch (m_arch.GetTriple().getOS()) {
839  case llvm::Triple::Darwin:
840  case llvm::Triple::MacOSX:
841  case llvm::Triple::IOS:
842  case llvm::Triple::TvOS:
843  case llvm::Triple::WatchOS:
844  // NEED_BRIDGEOS_TRIPLE case llvm::Triple::BridgeOS:
845  is_apple = true;
846  break;
847  default:
848  break;
849  }
850 
851  /* On Apple iOS et al, the frame pointer register is always r7.
852  * Typically on other ARM systems, thumb code uses r7; arm code uses r11.
853  */
854 
855  uint32_t fp_regnum = 11;
856 
857  if (is_apple)
858  fp_regnum = 7;
859 
860  if (m_opcode_mode == eModeThumb)
861  fp_regnum = 7;
862 
863  return fp_regnum;
864 }
865 
866 uint32_t EmulateInstructionARM::GetFramePointerDWARFRegisterNumber() const {
867  bool is_apple = false;
868  if (m_arch.GetTriple().getVendor() == llvm::Triple::Apple)
869  is_apple = true;
870  switch (m_arch.GetTriple().getOS()) {
871  case llvm::Triple::Darwin:
872  case llvm::Triple::MacOSX:
873  case llvm::Triple::IOS:
874  is_apple = true;
875  break;
876  default:
877  break;
878  }
879 
880  /* On Apple iOS et al, the frame pointer register is always r7.
881  * Typically on other ARM systems, thumb code uses r7; arm code uses r11.
882  */
883 
884  uint32_t fp_regnum = dwarf_r11;
885 
886  if (is_apple)
887  fp_regnum = dwarf_r7;
888 
889  if (m_opcode_mode == eModeThumb)
890  fp_regnum = dwarf_r7;
891 
892  return fp_regnum;
893 }
894 
895 // Push Multiple Registers stores multiple registers to the stack, storing to
896 // consecutive memory locations ending just below the address in SP, and
897 // updates
898 // SP to point to the start of the stored data.
899 bool EmulateInstructionARM::EmulatePUSH(const uint32_t opcode,
900  const ARMEncoding encoding) {
901 #if 0
902  // ARM pseudo code...
903  if (ConditionPassed())
904  {
905  EncodingSpecificOperations();
906  NullCheckIfThumbEE(13);
907  address = SP - 4*BitCount(registers);
908 
909  for (i = 0 to 14)
910  {
911  if (registers<i> == '1')
912  {
913  if i == 13 && i != LowestSetBit(registers) // Only possible for encoding A1
914  MemA[address,4] = bits(32) UNKNOWN;
915  else
916  MemA[address,4] = R[i];
917  address = address + 4;
918  }
919  }
920 
921  if (registers<15> == '1') // Only possible for encoding A1 or A2
922  MemA[address,4] = PCStoreValue();
923 
924  SP = SP - 4*BitCount(registers);
925  }
926 #endif
927 
928  bool success = false;
929  if (ConditionPassed(opcode)) {
930  const uint32_t addr_byte_size = GetAddressByteSize();
931  const addr_t sp = ReadCoreReg(SP_REG, &success);
932  if (!success)
933  return false;
934  uint32_t registers = 0;
935  uint32_t Rt; // the source register
936  switch (encoding) {
937  case eEncodingT1:
938  registers = Bits32(opcode, 7, 0);
939  // The M bit represents LR.
940  if (Bit32(opcode, 8))
941  registers |= (1u << 14);
942  // if BitCount(registers) < 1 then UNPREDICTABLE;
943  if (BitCount(registers) < 1)
944  return false;
945  break;
946  case eEncodingT2:
947  // Ignore bits 15 & 13.
948  registers = Bits32(opcode, 15, 0) & ~0xa000;
949  // if BitCount(registers) < 2 then UNPREDICTABLE;
950  if (BitCount(registers) < 2)
951  return false;
952  break;
953  case eEncodingT3:
954  Rt = Bits32(opcode, 15, 12);
955  // if BadReg(t) then UNPREDICTABLE;
956  if (BadReg(Rt))
957  return false;
958  registers = (1u << Rt);
959  break;
960  case eEncodingA1:
961  registers = Bits32(opcode, 15, 0);
962  // Instead of return false, let's handle the following case as well,
963  // which amounts to pushing one reg onto the full descending stacks.
964  // if BitCount(register_list) < 2 then SEE STMDB / STMFD;
965  break;
966  case eEncodingA2:
967  Rt = Bits32(opcode, 15, 12);
968  // if t == 13 then UNPREDICTABLE;
969  if (Rt == dwarf_sp)
970  return false;
971  registers = (1u << Rt);
972  break;
973  default:
974  return false;
975  }
976  addr_t sp_offset = addr_byte_size * BitCount(registers);
977  addr_t addr = sp - sp_offset;
978  uint32_t i;
979 
980  EmulateInstruction::Context context;
981  context.type = EmulateInstruction::eContextPushRegisterOnStack;
982  RegisterInfo reg_info;
983  RegisterInfo sp_reg;
984  GetRegisterInfo(eRegisterKindDWARF, dwarf_sp, sp_reg);
985  for (i = 0; i < 15; ++i) {
986  if (BitIsSet(registers, i)) {
987  GetRegisterInfo(eRegisterKindDWARF, dwarf_r0 + i, reg_info);
988  context.SetRegisterToRegisterPlusOffset(reg_info, sp_reg, addr - sp);
989  uint32_t reg_value = ReadCoreReg(i, &success);
990  if (!success)
991  return false;
992  if (!MemAWrite(context, addr, reg_value, addr_byte_size))
993  return false;
994  addr += addr_byte_size;
995  }
996  }
997 
998  if (BitIsSet(registers, 15)) {
999  GetRegisterInfo(eRegisterKindDWARF, dwarf_pc, reg_info);
1000  context.SetRegisterToRegisterPlusOffset(reg_info, sp_reg, addr - sp);
1001  const uint32_t pc = ReadCoreReg(PC_REG, &success);
1002  if (!success)
1003  return false;
1004  if (!MemAWrite(context, addr, pc, addr_byte_size))
1005  return false;
1006  }
1007 
1008  context.type = EmulateInstruction::eContextAdjustStackPointer;
1009  context.SetImmediateSigned(-sp_offset);
1010 
1011  if (!WriteRegisterUnsigned(context, eRegisterKindGeneric,
1012  LLDB_REGNUM_GENERIC_SP, sp - sp_offset))
1013  return false;
1014  }
1015  return true;
1016 }
1017 
1018 // Pop Multiple Registers loads multiple registers from the stack, loading from
1019 // consecutive memory locations staring at the address in SP, and updates
1020 // SP to point just above the loaded data.
1021 bool EmulateInstructionARM::EmulatePOP(const uint32_t opcode,
1022  const ARMEncoding encoding) {
1023 #if 0
1024  // ARM pseudo code...
1025  if (ConditionPassed())
1026  {
1027  EncodingSpecificOperations(); NullCheckIfThumbEE(13);
1028  address = SP;
1029  for i = 0 to 14
1030  if registers<i> == '1' then
1031  R[i] = if UnalignedAllowed then MemU[address,4] else MemA[address,4]; address = address + 4;
1032  if registers<15> == '1' then
1033  if UnalignedAllowed then
1034  LoadWritePC(MemU[address,4]);
1035  else
1036  LoadWritePC(MemA[address,4]);
1037  if registers<13> == '0' then SP = SP + 4*BitCount(registers);
1038  if registers<13> == '1' then SP = bits(32) UNKNOWN;
1039  }
1040 #endif
1041 
1042  bool success = false;
1043 
1044  if (ConditionPassed(opcode)) {
1045  const uint32_t addr_byte_size = GetAddressByteSize();
1046  const addr_t sp = ReadCoreReg(SP_REG, &success);
1047  if (!success)
1048  return false;
1049  uint32_t registers = 0;
1050  uint32_t Rt; // the destination register
1051  switch (encoding) {
1052  case eEncodingT1:
1053  registers = Bits32(opcode, 7, 0);
1054  // The P bit represents PC.
1055  if (Bit32(opcode, 8))
1056  registers |= (1u << 15);
1057  // if BitCount(registers) < 1 then UNPREDICTABLE;
1058  if (BitCount(registers) < 1)
1059  return false;
1060  break;
1061  case eEncodingT2:
1062  // Ignore bit 13.
1063  registers = Bits32(opcode, 15, 0) & ~0x2000;
1064  // if BitCount(registers) < 2 || (P == '1' && M == '1') then
1065  // UNPREDICTABLE;
1066  if (BitCount(registers) < 2 || (Bit32(opcode, 15) && Bit32(opcode, 14)))
1067  return false;
1068  // if registers<15> == '1' && InITBlock() && !LastInITBlock() then
1069  // UNPREDICTABLE;
1070  if (BitIsSet(registers, 15) && InITBlock() && !LastInITBlock())
1071  return false;
1072  break;
1073  case eEncodingT3:
1074  Rt = Bits32(opcode, 15, 12);
1075  // if t == 13 || (t == 15 && InITBlock() && !LastInITBlock()) then
1076  // UNPREDICTABLE;
1077  if (Rt == 13)
1078  return false;
1079  if (Rt == 15 && InITBlock() && !LastInITBlock())
1080  return false;
1081  registers = (1u << Rt);
1082  break;
1083  case eEncodingA1:
1084  registers = Bits32(opcode, 15, 0);
1085  // Instead of return false, let's handle the following case as well,
1086  // which amounts to popping one reg from the full descending stacks.
1087  // if BitCount(register_list) < 2 then SEE LDM / LDMIA / LDMFD;
1088 
1089  // if registers<13> == '1' && ArchVersion() >= 7 then UNPREDICTABLE;
1090  if (BitIsSet(opcode, 13) && ArchVersion() >= ARMv7)
1091  return false;
1092  break;
1093  case eEncodingA2:
1094  Rt = Bits32(opcode, 15, 12);
1095  // if t == 13 then UNPREDICTABLE;
1096  if (Rt == dwarf_sp)
1097  return false;
1098  registers = (1u << Rt);
1099  break;
1100  default:
1101  return false;
1102  }
1103  addr_t sp_offset = addr_byte_size * BitCount(registers);
1104  addr_t addr = sp;
1105  uint32_t i, data;
1106 
1107  EmulateInstruction::Context context;
1108  context.type = EmulateInstruction::eContextPopRegisterOffStack;
1109 
1110  RegisterInfo sp_reg;
1111  GetRegisterInfo(eRegisterKindDWARF, dwarf_sp, sp_reg);
1112 
1113  for (i = 0; i < 15; ++i) {
1114  if (BitIsSet(registers, i)) {
1115  context.SetAddress(addr);
1116  data = MemARead(context, addr, 4, 0, &success);
1117  if (!success)
1118  return false;
1119  if (!WriteRegisterUnsigned(context, eRegisterKindDWARF, dwarf_r0 + i,
1120  data))
1121  return false;
1122  addr += addr_byte_size;
1123  }
1124  }
1125 
1126  if (BitIsSet(registers, 15)) {
1127  context.SetRegisterPlusOffset(sp_reg, addr - sp);
1128  data = MemARead(context, addr, 4, 0, &success);
1129  if (!success)
1130  return false;
1131  // In ARMv5T and above, this is an interworking branch.
1132  if (!LoadWritePC(context, data))
1133  return false;
1134  // addr += addr_byte_size;
1135  }
1136 
1137  context.type = EmulateInstruction::eContextAdjustStackPointer;
1138  context.SetImmediateSigned(sp_offset);
1139 
1140  if (!WriteRegisterUnsigned(context, eRegisterKindGeneric,
1141  LLDB_REGNUM_GENERIC_SP, sp + sp_offset))
1142  return false;
1143  }
1144  return true;
1145 }
1146 
1147 // Set r7 or ip to point to saved value residing within the stack.
1148 // ADD (SP plus immediate)
1149 bool EmulateInstructionARM::EmulateADDRdSPImm(const uint32_t opcode,
1150  const ARMEncoding encoding) {
1151 #if 0
1152  // ARM pseudo code...
1153  if (ConditionPassed())
1154  {
1155  EncodingSpecificOperations();
1156  (result, carry, overflow) = AddWithCarry(SP, imm32, '0');
1157  if d == 15 then
1158  ALUWritePC(result); // setflags is always FALSE here
1159  else
1160  R[d] = result;
1161  if setflags then
1162  APSR.N = result<31>;
1163  APSR.Z = IsZeroBit(result);
1164  APSR.C = carry;
1165  APSR.V = overflow;
1166  }
1167 #endif
1168 
1169  bool success = false;
1170 
1171  if (ConditionPassed(opcode)) {
1172  const addr_t sp = ReadCoreReg(SP_REG, &success);
1173  if (!success)
1174  return false;
1175  uint32_t Rd; // the destination register
1176  uint32_t imm32;
1177  switch (encoding) {
1178  case eEncodingT1:
1179  Rd = 7;
1180  imm32 = Bits32(opcode, 7, 0) << 2; // imm32 = ZeroExtend(imm8:'00', 32)
1181  break;
1182  case eEncodingA1:
1183  Rd = Bits32(opcode, 15, 12);
1184  imm32 = ARMExpandImm(opcode); // imm32 = ARMExpandImm(imm12)
1185  break;
1186  default:
1187  return false;
1188  }
1189  addr_t sp_offset = imm32;
1190  addr_t addr = sp + sp_offset; // a pointer to the stack area
1191 
1192  EmulateInstruction::Context context;
1193  if (Rd == GetFramePointerRegisterNumber())
1194  context.type = eContextSetFramePointer;
1195  else
1196  context.type = EmulateInstruction::eContextRegisterPlusOffset;
1197  RegisterInfo sp_reg;
1198  GetRegisterInfo(eRegisterKindDWARF, dwarf_sp, sp_reg);
1199  context.SetRegisterPlusOffset(sp_reg, sp_offset);
1200 
1201  if (!WriteRegisterUnsigned(context, eRegisterKindDWARF, dwarf_r0 + Rd,
1202  addr))
1203  return false;
1204  }
1205  return true;
1206 }
1207 
1208 // Set r7 or ip to the current stack pointer.
1209 // MOV (register)
1210 bool EmulateInstructionARM::EmulateMOVRdSP(const uint32_t opcode,
1211  const ARMEncoding encoding) {
1212 #if 0
1213  // ARM pseudo code...
1214  if (ConditionPassed())
1215  {
1216  EncodingSpecificOperations();
1217  result = R[m];
1218  if d == 15 then
1219  ALUWritePC(result); // setflags is always FALSE here
1220  else
1221  R[d] = result;
1222  if setflags then
1223  APSR.N = result<31>;
1224  APSR.Z = IsZeroBit(result);
1225  // APSR.C unchanged
1226  // APSR.V unchanged
1227  }
1228 #endif
1229 
1230  bool success = false;
1231 
1232  if (ConditionPassed(opcode)) {
1233  const addr_t sp = ReadCoreReg(SP_REG, &success);
1234  if (!success)
1235  return false;
1236  uint32_t Rd; // the destination register
1237  switch (encoding) {
1238  case eEncodingT1:
1239  Rd = 7;
1240  break;
1241  case eEncodingA1:
1242  Rd = 12;
1243  break;
1244  default:
1245  return false;
1246  }
1247 
1248  EmulateInstruction::Context context;
1249  if (Rd == GetFramePointerRegisterNumber())
1250  context.type = EmulateInstruction::eContextSetFramePointer;
1251  else
1252  context.type = EmulateInstruction::eContextRegisterPlusOffset;
1253  RegisterInfo sp_reg;
1254  GetRegisterInfo(eRegisterKindDWARF, dwarf_sp, sp_reg);
1255  context.SetRegisterPlusOffset(sp_reg, 0);
1256 
1257  if (!WriteRegisterUnsigned(context, eRegisterKindDWARF, dwarf_r0 + Rd, sp))
1258  return false;
1259  }
1260  return true;
1261 }
1262 
1263 // Move from high register (r8-r15) to low register (r0-r7).
1264 // MOV (register)
1265 bool EmulateInstructionARM::EmulateMOVLowHigh(const uint32_t opcode,
1266  const ARMEncoding encoding) {
1267  return EmulateMOVRdRm(opcode, encoding);
1268 }
1269 
1270 // Move from register to register.
1271 // MOV (register)
1272 bool EmulateInstructionARM::EmulateMOVRdRm(const uint32_t opcode,
1273  const ARMEncoding encoding) {
1274 #if 0
1275  // ARM pseudo code...
1276  if (ConditionPassed())
1277  {
1278  EncodingSpecificOperations();
1279  result = R[m];
1280  if d == 15 then
1281  ALUWritePC(result); // setflags is always FALSE here
1282  else
1283  R[d] = result;
1284  if setflags then
1285  APSR.N = result<31>;
1286  APSR.Z = IsZeroBit(result);
1287  // APSR.C unchanged
1288  // APSR.V unchanged
1289  }
1290 #endif
1291 
1292  bool success = false;
1293 
1294  if (ConditionPassed(opcode)) {
1295  uint32_t Rm; // the source register
1296  uint32_t Rd; // the destination register
1297  bool setflags;
1298  switch (encoding) {
1299  case eEncodingT1:
1300  Rd = Bit32(opcode, 7) << 3 | Bits32(opcode, 2, 0);
1301  Rm = Bits32(opcode, 6, 3);
1302  setflags = false;
1303  if (Rd == 15 && InITBlock() && !LastInITBlock())
1304  return false;
1305  break;
1306  case eEncodingT2:
1307  Rd = Bits32(opcode, 2, 0);
1308  Rm = Bits32(opcode, 5, 3);
1309  setflags = true;
1310  if (InITBlock())
1311  return false;
1312  break;
1313  case eEncodingT3:
1314  Rd = Bits32(opcode, 11, 8);
1315  Rm = Bits32(opcode, 3, 0);
1316  setflags = BitIsSet(opcode, 20);
1317  // if setflags && (BadReg(d) || BadReg(m)) then UNPREDICTABLE;
1318  if (setflags && (BadReg(Rd) || BadReg(Rm)))
1319  return false;
1320  // if !setflags && (d == 15 || m == 15 || (d == 13 && m == 13)) then
1321  // UNPREDICTABLE;
1322  if (!setflags && (Rd == 15 || Rm == 15 || (Rd == 13 && Rm == 13)))
1323  return false;
1324  break;
1325  case eEncodingA1:
1326  Rd = Bits32(opcode, 15, 12);
1327  Rm = Bits32(opcode, 3, 0);
1328  setflags = BitIsSet(opcode, 20);
1329 
1330  // if Rd == '1111' && S == '1' then SEE SUBS PC, LR and related
1331  // instructions;
1332  if (Rd == 15 && setflags)
1333  return EmulateSUBSPcLrEtc(opcode, encoding);
1334  break;
1335  default:
1336  return false;
1337  }
1338  uint32_t result = ReadCoreReg(Rm, &success);
1339  if (!success)
1340  return false;
1341 
1342  // The context specifies that Rm is to be moved into Rd.
1343  EmulateInstruction::Context context;
1344  if (Rd == 13)
1345  context.type = EmulateInstruction::eContextAdjustStackPointer;
1346  else
1347  context.type = EmulateInstruction::eContextRegisterPlusOffset;
1348  RegisterInfo dwarf_reg;
1349  GetRegisterInfo(eRegisterKindDWARF, dwarf_r0 + Rm, dwarf_reg);
1350  context.SetRegisterPlusOffset(dwarf_reg, 0);
1351 
1352  if (!WriteCoreRegOptionalFlags(context, result, Rd, setflags))
1353  return false;
1354  }
1355  return true;
1356 }
1357 
1358 // Move (immediate) writes an immediate value to the destination register. It
1359 // can optionally update the condition flags based on the value.
1360 // MOV (immediate)
1361 bool EmulateInstructionARM::EmulateMOVRdImm(const uint32_t opcode,
1362  const ARMEncoding encoding) {
1363 #if 0
1364  // ARM pseudo code...
1365  if (ConditionPassed())
1366  {
1367  EncodingSpecificOperations();
1368  result = imm32;
1369  if d == 15 then // Can only occur for ARM encoding
1370  ALUWritePC(result); // setflags is always FALSE here
1371  else
1372  R[d] = result;
1373  if setflags then
1374  APSR.N = result<31>;
1375  APSR.Z = IsZeroBit(result);
1376  APSR.C = carry;
1377  // APSR.V unchanged
1378  }
1379 #endif
1380 
1381  if (ConditionPassed(opcode)) {
1382  uint32_t Rd; // the destination register
1383  uint32_t imm32; // the immediate value to be written to Rd
1384  uint32_t carry =
1385  0; // the carry bit after ThumbExpandImm_C or ARMExpandImm_C.
1386  // for setflags == false, this value is a don't care initialized to
1387  // 0 to silence the static analyzer
1388  bool setflags;
1389  switch (encoding) {
1390  case eEncodingT1:
1391  Rd = Bits32(opcode, 10, 8);
1392  setflags = !InITBlock();
1393  imm32 = Bits32(opcode, 7, 0); // imm32 = ZeroExtend(imm8, 32)
1394  carry = APSR_C;
1395 
1396  break;
1397 
1398  case eEncodingT2:
1399  Rd = Bits32(opcode, 11, 8);
1400  setflags = BitIsSet(opcode, 20);
1401  imm32 = ThumbExpandImm_C(opcode, APSR_C, carry);
1402  if (BadReg(Rd))
1403  return false;
1404 
1405  break;
1406 
1407  case eEncodingT3: {
1408  // d = UInt(Rd); setflags = FALSE; imm32 = ZeroExtend(imm4:i:imm3:imm8,
1409  // 32);
1410  Rd = Bits32(opcode, 11, 8);
1411  setflags = false;
1412  uint32_t imm4 = Bits32(opcode, 19, 16);
1413  uint32_t imm3 = Bits32(opcode, 14, 12);
1414  uint32_t i = Bit32(opcode, 26);
1415  uint32_t imm8 = Bits32(opcode, 7, 0);
1416  imm32 = (imm4 << 12) | (i << 11) | (imm3 << 8) | imm8;
1417 
1418  // if BadReg(d) then UNPREDICTABLE;
1419  if (BadReg(Rd))
1420  return false;
1421  } break;
1422 
1423  case eEncodingA1:
1424  // d = UInt(Rd); setflags = (S == '1'); (imm32, carry) =
1425  // ARMExpandImm_C(imm12, APSR.C);
1426  Rd = Bits32(opcode, 15, 12);
1427  setflags = BitIsSet(opcode, 20);
1428  imm32 = ARMExpandImm_C(opcode, APSR_C, carry);
1429 
1430  // if Rd == '1111' && S == '1' then SEE SUBS PC, LR and related
1431  // instructions;
1432  if ((Rd == 15) && setflags)
1433  return EmulateSUBSPcLrEtc(opcode, encoding);
1434 
1435  break;
1436 
1437  case eEncodingA2: {
1438  // d = UInt(Rd); setflags = FALSE; imm32 = ZeroExtend(imm4:imm12, 32);
1439  Rd = Bits32(opcode, 15, 12);
1440  setflags = false;
1441  uint32_t imm4 = Bits32(opcode, 19, 16);
1442  uint32_t imm12 = Bits32(opcode, 11, 0);
1443  imm32 = (imm4 << 12) | imm12;
1444 
1445  // if d == 15 then UNPREDICTABLE;
1446  if (Rd == 15)
1447  return false;
1448  } break;
1449 
1450  default:
1451  return false;
1452  }
1453  uint32_t result = imm32;
1454 
1455  // The context specifies that an immediate is to be moved into Rd.
1456  EmulateInstruction::Context context;
1457  context.type = EmulateInstruction::eContextImmediate;
1458  context.SetNoArgs();
1459 
1460  if (!WriteCoreRegOptionalFlags(context, result, Rd, setflags, carry))
1461  return false;
1462  }
1463  return true;
1464 }
1465 
1466 // MUL multiplies two register values. The least significant 32 bits of the
1467 // result are written to the destination
1468 // register. These 32 bits do not depend on whether the source register values
1469 // are considered to be signed values or unsigned values.
1470 //
1471 // Optionally, it can update the condition flags based on the result. In the
1472 // Thumb instruction set, this option is limited to only a few forms of the
1473 // instruction.
1474 bool EmulateInstructionARM::EmulateMUL(const uint32_t opcode,
1475  const ARMEncoding encoding) {
1476 #if 0
1477  if ConditionPassed() then
1478  EncodingSpecificOperations();
1479  operand1 = SInt(R[n]); // operand1 = UInt(R[n]) produces the same final results
1480  operand2 = SInt(R[m]); // operand2 = UInt(R[m]) produces the same final results
1481  result = operand1 * operand2;
1482  R[d] = result<31:0>;
1483  if setflags then
1484  APSR.N = result<31>;
1485  APSR.Z = IsZeroBit(result);
1486  if ArchVersion() == 4 then
1487  APSR.C = bit UNKNOWN;
1488  // else APSR.C unchanged
1489  // APSR.V always unchanged
1490 #endif
1491 
1492  if (ConditionPassed(opcode)) {
1493  uint32_t d;
1494  uint32_t n;
1495  uint32_t m;
1496  bool setflags;
1497 
1498  // EncodingSpecificOperations();
1499  switch (encoding) {
1500  case eEncodingT1:
1501  // d = UInt(Rdm); n = UInt(Rn); m = UInt(Rdm); setflags = !InITBlock();
1502  d = Bits32(opcode, 2, 0);
1503  n = Bits32(opcode, 5, 3);
1504  m = Bits32(opcode, 2, 0);
1505  setflags = !InITBlock();
1506 
1507  // if ArchVersion() < 6 && d == n then UNPREDICTABLE;
1508  if ((ArchVersion() < ARMv6) && (d == n))
1509  return false;
1510 
1511  break;
1512 
1513  case eEncodingT2:
1514  // d = UInt(Rd); n = UInt(Rn); m = UInt(Rm); setflags = FALSE;
1515  d = Bits32(opcode, 11, 8);
1516  n = Bits32(opcode, 19, 16);
1517  m = Bits32(opcode, 3, 0);
1518  setflags = false;
1519 
1520  // if BadReg(d) || BadReg(n) || BadReg(m) then UNPREDICTABLE;
1521  if (BadReg(d) || BadReg(n) || BadReg(m))
1522  return false;
1523 
1524  break;
1525 
1526  case eEncodingA1:
1527  // d = UInt(Rd); n = UInt(Rn); m = UInt(Rm); setflags = (S == '1');
1528  d = Bits32(opcode, 19, 16);
1529  n = Bits32(opcode, 3, 0);
1530  m = Bits32(opcode, 11, 8);
1531  setflags = BitIsSet(opcode, 20);
1532 
1533  // if d == 15 || n == 15 || m == 15 then UNPREDICTABLE;
1534  if ((d == 15) || (n == 15) || (m == 15))
1535  return false;
1536 
1537  // if ArchVersion() < 6 && d == n then UNPREDICTABLE;
1538  if ((ArchVersion() < ARMv6) && (d == n))
1539  return false;
1540 
1541  break;
1542 
1543  default:
1544  return false;
1545  }
1546 
1547  bool success = false;
1548 
1549  // operand1 = SInt(R[n]); // operand1 = UInt(R[n]) produces the same final
1550  // results
1551  uint64_t operand1 =
1552  ReadRegisterUnsigned(eRegisterKindDWARF, dwarf_r0 + n, 0, &success);
1553  if (!success)
1554  return false;
1555 
1556  // operand2 = SInt(R[m]); // operand2 = UInt(R[m]) produces the same final
1557  // results
1558  uint64_t operand2 =
1559  ReadRegisterUnsigned(eRegisterKindDWARF, dwarf_r0 + m, 0, &success);
1560  if (!success)
1561  return false;
1562 
1563  // result = operand1 * operand2;
1564  uint64_t result = operand1 * operand2;
1565 
1566  // R[d] = result<31:0>;
1567  RegisterInfo op1_reg;
1568  RegisterInfo op2_reg;
1569  GetRegisterInfo(eRegisterKindDWARF, dwarf_r0 + n, op1_reg);
1570  GetRegisterInfo(eRegisterKindDWARF, dwarf_r0 + m, op2_reg);
1571 
1572  EmulateInstruction::Context context;
1573  context.type = eContextArithmetic;
1574  context.SetRegisterRegisterOperands(op1_reg, op2_reg);
1575 
1576  if (!WriteRegisterUnsigned(context, eRegisterKindDWARF, dwarf_r0 + d,
1577  (0x0000ffff & result)))
1578  return false;
1579 
1580  // if setflags then
1581  if (setflags) {
1582  // APSR.N = result<31>;
1583  // APSR.Z = IsZeroBit(result);
1584  m_new_inst_cpsr = m_opcode_cpsr;
1585  SetBit32(m_new_inst_cpsr, CPSR_N_POS, Bit32(result, 31));
1586  SetBit32(m_new_inst_cpsr, CPSR_Z_POS, result == 0 ? 1 : 0);
1587  if (m_new_inst_cpsr != m_opcode_cpsr) {
1588  if (!WriteRegisterUnsigned(context, eRegisterKindGeneric,
1589  LLDB_REGNUM_GENERIC_FLAGS, m_new_inst_cpsr))
1590  return false;
1591  }
1592 
1593  // if ArchVersion() == 4 then
1594  // APSR.C = bit UNKNOWN;
1595  }
1596  }
1597  return true;
1598 }
1599 
1600 // Bitwise NOT (immediate) writes the bitwise inverse of an immediate value to
1601 // the destination register. It can optionally update the condition flags based
1602 // on the value.
1603 bool EmulateInstructionARM::EmulateMVNImm(const uint32_t opcode,
1604  const ARMEncoding encoding) {
1605 #if 0
1606  // ARM pseudo code...
1607  if (ConditionPassed())
1608  {
1609  EncodingSpecificOperations();
1610  result = NOT(imm32);
1611  if d == 15 then // Can only occur for ARM encoding
1612  ALUWritePC(result); // setflags is always FALSE here
1613  else
1614  R[d] = result;
1615  if setflags then
1616  APSR.N = result<31>;
1617  APSR.Z = IsZeroBit(result);
1618  APSR.C = carry;
1619  // APSR.V unchanged
1620  }
1621 #endif
1622 
1623  if (ConditionPassed(opcode)) {
1624  uint32_t Rd; // the destination register
1625  uint32_t imm32; // the output after ThumbExpandImm_C or ARMExpandImm_C
1626  uint32_t carry; // the carry bit after ThumbExpandImm_C or ARMExpandImm_C
1627  bool setflags;
1628  switch (encoding) {
1629  case eEncodingT1:
1630  Rd = Bits32(opcode, 11, 8);
1631  setflags = BitIsSet(opcode, 20);
1632  imm32 = ThumbExpandImm_C(opcode, APSR_C, carry);
1633  break;
1634  case eEncodingA1:
1635  Rd = Bits32(opcode, 15, 12);
1636  setflags = BitIsSet(opcode, 20);
1637  imm32 = ARMExpandImm_C(opcode, APSR_C, carry);
1638 
1639  // if Rd == '1111' && S == '1' then SEE SUBS PC, LR and related
1640  // instructions;
1641  if (Rd == 15 && setflags)
1642  return EmulateSUBSPcLrEtc(opcode, encoding);
1643  break;
1644  default:
1645  return false;
1646  }
1647  uint32_t result = ~imm32;
1648 
1649  // The context specifies that an immediate is to be moved into Rd.
1650  EmulateInstruction::Context context;
1651  context.type = EmulateInstruction::eContextImmediate;
1652  context.SetNoArgs();
1653 
1654  if (!WriteCoreRegOptionalFlags(context, result, Rd, setflags, carry))
1655  return false;
1656  }
1657  return true;
1658 }
1659 
1660 // Bitwise NOT (register) writes the bitwise inverse of a register value to the
1661 // destination register. It can optionally update the condition flags based on
1662 // the result.
1663 bool EmulateInstructionARM::EmulateMVNReg(const uint32_t opcode,
1664  const ARMEncoding encoding) {
1665 #if 0
1666  // ARM pseudo code...
1667  if (ConditionPassed())
1668  {
1669  EncodingSpecificOperations();
1670  (shifted, carry) = Shift_C(R[m], shift_t, shift_n, APSR.C);
1671  result = NOT(shifted);
1672  if d == 15 then // Can only occur for ARM encoding
1673  ALUWritePC(result); // setflags is always FALSE here
1674  else
1675  R[d] = result;
1676  if setflags then
1677  APSR.N = result<31>;
1678  APSR.Z = IsZeroBit(result);
1679  APSR.C = carry;
1680  // APSR.V unchanged
1681  }
1682 #endif
1683 
1684  if (ConditionPassed(opcode)) {
1685  uint32_t Rm; // the source register
1686  uint32_t Rd; // the destination register
1687  ARM_ShifterType shift_t;
1688  uint32_t shift_n; // the shift applied to the value read from Rm
1689  bool setflags;
1690  uint32_t carry; // the carry bit after the shift operation
1691  switch (encoding) {
1692  case eEncodingT1:
1693  Rd = Bits32(opcode, 2, 0);
1694  Rm = Bits32(opcode, 5, 3);
1695  setflags = !InITBlock();
1696  shift_t = SRType_LSL;
1697  shift_n = 0;
1698  if (InITBlock())
1699  return false;
1700  break;
1701  case eEncodingT2:
1702  Rd = Bits32(opcode, 11, 8);
1703  Rm = Bits32(opcode, 3, 0);
1704  setflags = BitIsSet(opcode, 20);
1705  shift_n = DecodeImmShiftThumb(opcode, shift_t);
1706  // if (BadReg(d) || BadReg(m)) then UNPREDICTABLE;
1707  if (BadReg(Rd) || BadReg(Rm))
1708  return false;
1709  break;
1710  case eEncodingA1:
1711  Rd = Bits32(opcode, 15, 12);
1712  Rm = Bits32(opcode, 3, 0);
1713  setflags = BitIsSet(opcode, 20);
1714  shift_n = DecodeImmShiftARM(opcode, shift_t);
1715  break;
1716  default:
1717  return false;
1718  }
1719  bool success = false;
1720  uint32_t value = ReadCoreReg(Rm, &success);
1721  if (!success)
1722  return false;
1723 
1724  uint32_t shifted =
1725  Shift_C(value, shift_t, shift_n, APSR_C, carry, &success);
1726  if (!success)
1727  return false;
1728  uint32_t result = ~shifted;
1729 
1730  // The context specifies that an immediate is to be moved into Rd.
1731  EmulateInstruction::Context context;
1732  context.type = EmulateInstruction::eContextImmediate;
1733  context.SetNoArgs();
1734 
1735  if (!WriteCoreRegOptionalFlags(context, result, Rd, setflags, carry))
1736  return false;
1737  }
1738  return true;
1739 }
1740 
1741 // PC relative immediate load into register, possibly followed by ADD (SP plus
1742 // register).
1743 // LDR (literal)
1744 bool EmulateInstructionARM::EmulateLDRRtPCRelative(const uint32_t opcode,
1745  const ARMEncoding encoding) {
1746 #if 0
1747  // ARM pseudo code...
1748  if (ConditionPassed())
1749  {
1750  EncodingSpecificOperations(); NullCheckIfThumbEE(15);
1751  base = Align(PC,4);
1752  address = if add then (base + imm32) else (base - imm32);
1753  data = MemU[address,4];
1754  if t == 15 then
1755  if address<1:0> == '00' then LoadWritePC(data); else UNPREDICTABLE;
1756  elsif UnalignedSupport() || address<1:0> = '00' then
1757  R[t] = data;
1758  else // Can only apply before ARMv7
1759  if CurrentInstrSet() == InstrSet_ARM then
1760  R[t] = ROR(data, 8*UInt(address<1:0>));
1761  else
1762  R[t] = bits(32) UNKNOWN;
1763  }
1764 #endif
1765 
1766  if (ConditionPassed(opcode)) {
1767  bool success = false;
1768  const uint32_t pc = ReadCoreReg(PC_REG, &success);
1769  if (!success)
1770  return false;
1771 
1772  // PC relative immediate load context
1773  EmulateInstruction::Context context;
1774  context.type = EmulateInstruction::eContextRegisterPlusOffset;
1775  RegisterInfo pc_reg;
1776  GetRegisterInfo(eRegisterKindDWARF, dwarf_pc, pc_reg);
1777  context.SetRegisterPlusOffset(pc_reg, 0);
1778 
1779  uint32_t Rt; // the destination register
1780  uint32_t imm32; // immediate offset from the PC
1781  bool add; // +imm32 or -imm32?
1782  addr_t base; // the base address
1783  addr_t address; // the PC relative address
1784  uint32_t data; // the literal data value from the PC relative load
1785  switch (encoding) {
1786  case eEncodingT1:
1787  Rt = Bits32(opcode, 10, 8);
1788  imm32 = Bits32(opcode, 7, 0) << 2; // imm32 = ZeroExtend(imm8:'00', 32);
1789  add = true;
1790  break;
1791  case eEncodingT2:
1792  Rt = Bits32(opcode, 15, 12);
1793  imm32 = Bits32(opcode, 11, 0) << 2; // imm32 = ZeroExtend(imm12, 32);
1794  add = BitIsSet(opcode, 23);
1795  if (Rt == 15 && InITBlock() && !LastInITBlock())
1796  return false;
1797  break;
1798  default:
1799  return false;
1800  }
1801 
1802  base = Align(pc, 4);
1803  if (add)
1804  address = base + imm32;
1805  else
1806  address = base - imm32;
1807 
1808  context.SetRegisterPlusOffset(pc_reg, address - base);
1809  data = MemURead(context, address, 4, 0, &success);
1810  if (!success)
1811  return false;
1812 
1813  if (Rt == 15) {
1814  if (Bits32(address, 1, 0) == 0) {
1815  // In ARMv5T and above, this is an interworking branch.
1816  if (!LoadWritePC(context, data))
1817  return false;
1818  } else
1819  return false;
1820  } else if (UnalignedSupport() || Bits32(address, 1, 0) == 0) {
1821  if (!WriteRegisterUnsigned(context, eRegisterKindDWARF, dwarf_r0 + Rt,
1822  data))
1823  return false;
1824  } else // We don't handle ARM for now.
1825  return false;
1826  }
1827  return true;
1828 }
1829 
1830 // An add operation to adjust the SP.
1831 // ADD (SP plus immediate)
1832 bool EmulateInstructionARM::EmulateADDSPImm(const uint32_t opcode,
1833  const ARMEncoding encoding) {
1834 #if 0
1835  // ARM pseudo code...
1836  if (ConditionPassed())
1837  {
1838  EncodingSpecificOperations();
1839  (result, carry, overflow) = AddWithCarry(SP, imm32, '0');
1840  if d == 15 then // Can only occur for ARM encoding
1841  ALUWritePC(result); // setflags is always FALSE here
1842  else
1843  R[d] = result;
1844  if setflags then
1845  APSR.N = result<31>;
1846  APSR.Z = IsZeroBit(result);
1847  APSR.C = carry;
1848  APSR.V = overflow;
1849  }
1850 #endif
1851 
1852  bool success = false;
1853 
1854  if (ConditionPassed(opcode)) {
1855  const addr_t sp = ReadCoreReg(SP_REG, &success);
1856  if (!success)
1857  return false;
1858  uint32_t imm32; // the immediate operand
1859  uint32_t d;
1860  bool setflags;
1861  switch (encoding) {
1862  case eEncodingT1:
1863  // d = UInt(Rd); setflags = FALSE; imm32 = ZeroExtend(imm8:'00', 32);
1864  d = Bits32(opcode, 10, 8);
1865  imm32 = (Bits32(opcode, 7, 0) << 2);
1866  setflags = false;
1867  break;
1868 
1869  case eEncodingT2:
1870  // d = 13; setflags = FALSE; imm32 = ZeroExtend(imm7:'00', 32);
1871  d = 13;
1872  imm32 = ThumbImm7Scaled(opcode); // imm32 = ZeroExtend(imm7:'00', 32)
1873  setflags = false;
1874  break;
1875 
1876  case eEncodingT3:
1877  // d = UInt(Rd); setflags = (S == "1"); imm32 =
1878  // ThumbExpandImm(i:imm3:imm8);
1879  d = Bits32(opcode, 11, 8);
1880  imm32 = ThumbExpandImm(opcode);
1881  setflags = Bit32(opcode, 20);
1882 
1883  // if Rd == "1111" && S == "1" then SEE CMN (immediate);
1884  if (d == 15 && setflags == 1)
1885  return false; // CMN (immediate) not yet supported
1886 
1887  // if d == 15 && S == "0" then UNPREDICTABLE;
1888  if (d == 15 && setflags == 0)
1889  return false;
1890  break;
1891 
1892  case eEncodingT4: {
1893  // if Rn == '1111' then SEE ADR;
1894  // d = UInt(Rd); setflags = FALSE; imm32 = ZeroExtend(i:imm3:imm8, 32);
1895  d = Bits32(opcode, 11, 8);
1896  setflags = false;
1897  uint32_t i = Bit32(opcode, 26);
1898  uint32_t imm3 = Bits32(opcode, 14, 12);
1899  uint32_t imm8 = Bits32(opcode, 7, 0);
1900  imm32 = (i << 11) | (imm3 << 8) | imm8;
1901 
1902  // if d == 15 then UNPREDICTABLE;
1903  if (d == 15)
1904  return false;
1905  } break;
1906 
1907  default:
1908  return false;
1909  }
1910  // (result, carry, overflow) = AddWithCarry(R[n], imm32, '0');
1911  AddWithCarryResult res = AddWithCarry(sp, imm32, 0);
1912 
1913  EmulateInstruction::Context context;
1914  if (d == 13)
1915  context.type = EmulateInstruction::eContextAdjustStackPointer;
1916  else
1917  context.type = EmulateInstruction::eContextRegisterPlusOffset;
1918 
1919  RegisterInfo sp_reg;
1920  GetRegisterInfo(eRegisterKindDWARF, dwarf_sp, sp_reg);
1921  context.SetRegisterPlusOffset(sp_reg, res.result - sp);
1922 
1923  if (d == 15) {
1924  if (!ALUWritePC(context, res.result))
1925  return false;
1926  } else {
1927  // R[d] = result;
1928  // if setflags then
1929  // APSR.N = result<31>;
1930  // APSR.Z = IsZeroBit(result);
1931  // APSR.C = carry;
1932  // APSR.V = overflow;
1933  if (!WriteCoreRegOptionalFlags(context, res.result, d, setflags,
1934  res.carry_out, res.overflow))
1935  return false;
1936  }
1937  }
1938  return true;
1939 }
1940 
1941 // An add operation to adjust the SP.
1942 // ADD (SP plus register)
1943 bool EmulateInstructionARM::EmulateADDSPRm(const uint32_t opcode,
1944  const ARMEncoding encoding) {
1945 #if 0
1946  // ARM pseudo code...
1947  if (ConditionPassed())
1948  {
1949  EncodingSpecificOperations();
1950  shifted = Shift(R[m], shift_t, shift_n, APSR.C);
1951  (result, carry, overflow) = AddWithCarry(SP, shifted, '0');
1952  if d == 15 then
1953  ALUWritePC(result); // setflags is always FALSE here
1954  else
1955  R[d] = result;
1956  if setflags then
1957  APSR.N = result<31>;
1958  APSR.Z = IsZeroBit(result);
1959  APSR.C = carry;
1960  APSR.V = overflow;
1961  }
1962 #endif
1963 
1964  bool success = false;
1965 
1966  if (ConditionPassed(opcode)) {
1967  const addr_t sp = ReadCoreReg(SP_REG, &success);
1968  if (!success)
1969  return false;
1970  uint32_t Rm; // the second operand
1971  switch (encoding) {
1972  case eEncodingT2:
1973  Rm = Bits32(opcode, 6, 3);
1974  break;
1975  default:
1976  return false;
1977  }
1978  int32_t reg_value = ReadCoreReg(Rm, &success);
1979  if (!success)
1980  return false;
1981 
1982  addr_t addr = (int32_t)sp + reg_value; // the adjusted stack pointer value
1983 
1984  EmulateInstruction::Context context;
1985  context.type = eContextArithmetic;
1986  RegisterInfo sp_reg;
1987  GetRegisterInfo(eRegisterKindDWARF, dwarf_sp, sp_reg);
1988 
1989  RegisterInfo other_reg;
1990  GetRegisterInfo(eRegisterKindDWARF, dwarf_r0 + Rm, other_reg);
1991  context.SetRegisterRegisterOperands(sp_reg, other_reg);
1992 
1993  if (!WriteRegisterUnsigned(context, eRegisterKindGeneric,
1994  LLDB_REGNUM_GENERIC_SP, addr))
1995  return false;
1996  }
1997  return true;
1998 }
1999 
2000 // Branch with Link and Exchange Instruction Sets (immediate) calls a
2001 // subroutine at a PC-relative address, and changes instruction set from ARM to
2002 // Thumb, or from Thumb to ARM.
2003 // BLX (immediate)
2004 bool EmulateInstructionARM::EmulateBLXImmediate(const uint32_t opcode,
2005  const ARMEncoding encoding) {
2006 #if 0
2007  // ARM pseudo code...
2008  if (ConditionPassed())
2009  {
2010  EncodingSpecificOperations();
2011  if CurrentInstrSet() == InstrSet_ARM then
2012  LR = PC - 4;
2013  else
2014  LR = PC<31:1> : '1';
2015  if targetInstrSet == InstrSet_ARM then
2016  targetAddress = Align(PC,4) + imm32;
2017  else
2018  targetAddress = PC + imm32;
2019  SelectInstrSet(targetInstrSet);
2020  BranchWritePC(targetAddress);
2021  }
2022 #endif
2023 
2024  bool success = true;
2025 
2026  if (ConditionPassed(opcode)) {
2027  EmulateInstruction::Context context;
2028  context.type = EmulateInstruction::eContextRelativeBranchImmediate;
2029  const uint32_t pc = ReadCoreReg(PC_REG, &success);
2030  if (!success)
2031  return false;
2032  addr_t lr; // next instruction address
2033  addr_t target; // target address
2034  int32_t imm32; // PC-relative offset
2035  switch (encoding) {
2036  case eEncodingT1: {
2037  lr = pc | 1u; // return address
2038  uint32_t S = Bit32(opcode, 26);
2039  uint32_t imm10 = Bits32(opcode, 25, 16);
2040  uint32_t J1 = Bit32(opcode, 13);
2041  uint32_t J2 = Bit32(opcode, 11);
2042  uint32_t imm11 = Bits32(opcode, 10, 0);
2043  uint32_t I1 = !(J1 ^ S);
2044  uint32_t I2 = !(J2 ^ S);
2045  uint32_t imm25 =
2046  (S << 24) | (I1 << 23) | (I2 << 22) | (imm10 << 12) | (imm11 << 1);
2047  imm32 = llvm::SignExtend32<25>(imm25);
2048  target = pc + imm32;
2049  SelectInstrSet(eModeThumb);
2050  context.SetISAAndImmediateSigned(eModeThumb, 4 + imm32);
2051  if (InITBlock() && !LastInITBlock())
2052  return false;
2053  break;
2054  }
2055  case eEncodingT2: {
2056  lr = pc | 1u; // return address
2057  uint32_t S = Bit32(opcode, 26);
2058  uint32_t imm10H = Bits32(opcode, 25, 16);
2059  uint32_t J1 = Bit32(opcode, 13);
2060  uint32_t J2 = Bit32(opcode, 11);
2061  uint32_t imm10L = Bits32(opcode, 10, 1);
2062  uint32_t I1 = !(J1 ^ S);
2063  uint32_t I2 = !(J2 ^ S);
2064  uint32_t imm25 =
2065  (S << 24) | (I1 << 23) | (I2 << 22) | (imm10H << 12) | (imm10L << 2);
2066  imm32 = llvm::SignExtend32<25>(imm25);
2067  target = Align(pc, 4) + imm32;
2068  SelectInstrSet(eModeARM);
2069  context.SetISAAndImmediateSigned(eModeARM, 4 + imm32);
2070  if (InITBlock() && !LastInITBlock())
2071  return false;
2072  break;
2073  }
2074  case eEncodingA1:
2075  lr = pc - 4; // return address
2076  imm32 = llvm::SignExtend32<26>(Bits32(opcode, 23, 0) << 2);
2077  target = Align(pc, 4) + imm32;
2078  SelectInstrSet(eModeARM);
2079  context.SetISAAndImmediateSigned(eModeARM, 8 + imm32);
2080  break;
2081  case eEncodingA2:
2082  lr = pc - 4; // return address
2083  imm32 = llvm::SignExtend32<26>(Bits32(opcode, 23, 0) << 2 |
2084  Bits32(opcode, 24, 24) << 1);
2085  target = pc + imm32;
2086  SelectInstrSet(eModeThumb);
2087  context.SetISAAndImmediateSigned(eModeThumb, 8 + imm32);
2088  break;
2089  default:
2090  return false;
2091  }
2092  if (!WriteRegisterUnsigned(context, eRegisterKindGeneric,
2093  LLDB_REGNUM_GENERIC_RA, lr))
2094  return false;
2095  if (!BranchWritePC(context, target))
2096  return false;
2097  if (m_opcode_cpsr != m_new_inst_cpsr)
2098  if (!WriteRegisterUnsigned(context, eRegisterKindGeneric,
2099  LLDB_REGNUM_GENERIC_FLAGS, m_new_inst_cpsr))
2100  return false;
2101  }
2102  return true;
2103 }
2104 
2105 // Branch with Link and Exchange (register) calls a subroutine at an address
2106 // and instruction set specified by a register.
2107 // BLX (register)
2108 bool EmulateInstructionARM::EmulateBLXRm(const uint32_t opcode,
2109  const ARMEncoding encoding) {
2110 #if 0
2111  // ARM pseudo code...
2112  if (ConditionPassed())
2113  {
2114  EncodingSpecificOperations();
2115  target = R[m];
2116  if CurrentInstrSet() == InstrSet_ARM then
2117  next_instr_addr = PC - 4;
2118  LR = next_instr_addr;
2119  else
2120  next_instr_addr = PC - 2;
2121  LR = next_instr_addr<31:1> : '1';
2122  BXWritePC(target);
2123  }
2124 #endif
2125 
2126  bool success = false;
2127 
2128  if (ConditionPassed(opcode)) {
2129  EmulateInstruction::Context context;
2130  context.type = EmulateInstruction::eContextAbsoluteBranchRegister;
2131  const uint32_t pc = ReadCoreReg(PC_REG, &success);
2132  addr_t lr; // next instruction address
2133  if (!success)
2134  return false;
2135  uint32_t Rm; // the register with the target address
2136  switch (encoding) {
2137  case eEncodingT1:
2138  lr = (pc - 2) | 1u; // return address
2139  Rm = Bits32(opcode, 6, 3);
2140  // if m == 15 then UNPREDICTABLE;
2141  if (Rm == 15)
2142  return false;
2143  if (InITBlock() && !LastInITBlock())
2144  return false;
2145  break;
2146  case eEncodingA1:
2147  lr = pc - 4; // return address
2148  Rm = Bits32(opcode, 3, 0);
2149  // if m == 15 then UNPREDICTABLE;
2150  if (Rm == 15)
2151  return false;
2152  break;
2153  default:
2154  return false;
2155  }
2156  addr_t target = ReadCoreReg(Rm, &success);
2157  if (!success)
2158  return false;
2159  RegisterInfo dwarf_reg;
2160  GetRegisterInfo(eRegisterKindDWARF, dwarf_r0 + Rm, dwarf_reg);
2161  context.SetRegister(dwarf_reg);
2162  if (!WriteRegisterUnsigned(context, eRegisterKindGeneric,
2163  LLDB_REGNUM_GENERIC_RA, lr))
2164  return false;
2165  if (!BXWritePC(context, target))
2166  return false;
2167  }
2168  return true;
2169 }
2170 
2171 // Branch and Exchange causes a branch to an address and instruction set
2172 // specified by a register.
2173 bool EmulateInstructionARM::EmulateBXRm(const uint32_t opcode,
2174  const ARMEncoding encoding) {
2175 #if 0
2176  // ARM pseudo code...
2177  if (ConditionPassed())
2178  {
2179  EncodingSpecificOperations();
2180  BXWritePC(R[m]);
2181  }
2182 #endif
2183 
2184  if (ConditionPassed(opcode)) {
2185  EmulateInstruction::Context context;
2186  context.type = EmulateInstruction::eContextAbsoluteBranchRegister;
2187  uint32_t Rm; // the register with the target address
2188  switch (encoding) {
2189  case eEncodingT1:
2190  Rm = Bits32(opcode, 6, 3);
2191  if (InITBlock() && !LastInITBlock())
2192  return false;
2193  break;
2194  case eEncodingA1:
2195  Rm = Bits32(opcode, 3, 0);
2196  break;
2197  default:
2198  return false;
2199  }
2200  bool success = false;
2201  addr_t target = ReadCoreReg(Rm, &success);
2202  if (!success)
2203  return false;
2204 
2205  RegisterInfo dwarf_reg;
2206  GetRegisterInfo(eRegisterKindDWARF, dwarf_r0 + Rm, dwarf_reg);
2207  context.SetRegister(dwarf_reg);
2208  if (!BXWritePC(context, target))
2209  return false;
2210  }
2211  return true;
2212 }
2213 
2214 // Branch and Exchange Jazelle attempts to change to Jazelle state. If the
2215 // attempt fails, it branches to an address and instruction set specified by a
2216 // register as though it were a BX instruction.
2217 //
2218 // TODO: Emulate Jazelle architecture?
2219 // We currently assume that switching to Jazelle state fails, thus
2220 // treating BXJ as a BX operation.
2221 bool EmulateInstructionARM::EmulateBXJRm(const uint32_t opcode,
2222  const ARMEncoding encoding) {
2223 #if 0
2224  // ARM pseudo code...
2225  if (ConditionPassed())
2226  {
2227  EncodingSpecificOperations();
2228  if JMCR.JE == '0' || CurrentInstrSet() == InstrSet_ThumbEE then
2229  BXWritePC(R[m]);
2230  else
2231  if JazelleAcceptsExecution() then
2232  SwitchToJazelleExecution();
2233  else
2234  SUBARCHITECTURE_DEFINED handler call;
2235  }
2236 #endif
2237 
2238  if (ConditionPassed(opcode)) {
2239  EmulateInstruction::Context context;
2240  context.type = EmulateInstruction::eContextAbsoluteBranchRegister;
2241  uint32_t Rm; // the register with the target address
2242  switch (encoding) {
2243  case eEncodingT1:
2244  Rm = Bits32(opcode, 19, 16);
2245  if (BadReg(Rm))
2246  return false;
2247  if (InITBlock() && !LastInITBlock())
2248  return false;
2249  break;
2250  case eEncodingA1:
2251  Rm = Bits32(opcode, 3, 0);
2252  if (Rm == 15)
2253  return false;
2254  break;
2255  default:
2256  return false;
2257  }
2258  bool success = false;
2259  addr_t target = ReadCoreReg(Rm, &success);
2260  if (!success)
2261  return false;
2262 
2263  RegisterInfo dwarf_reg;
2264  GetRegisterInfo(eRegisterKindDWARF, dwarf_r0 + Rm, dwarf_reg);
2265  context.SetRegister(dwarf_reg);
2266  if (!BXWritePC(context, target))
2267  return false;
2268  }
2269  return true;
2270 }
2271 
2272 // Set r7 to point to some ip offset.
2273 // SUB (immediate)
2274 bool EmulateInstructionARM::EmulateSUBR7IPImm(const uint32_t opcode,
2275  const ARMEncoding encoding) {
2276 #if 0
2277  // ARM pseudo code...
2278  if (ConditionPassed())
2279  {
2280  EncodingSpecificOperations();
2281  (result, carry, overflow) = AddWithCarry(SP, NOT(imm32), '1');
2282  if d == 15 then // Can only occur for ARM encoding
2283  ALUWritePC(result); // setflags is always FALSE here
2284  else
2285  R[d] = result;
2286  if setflags then
2287  APSR.N = result<31>;
2288  APSR.Z = IsZeroBit(result);
2289  APSR.C = carry;
2290  APSR.V = overflow;
2291  }
2292 #endif
2293 
2294  if (ConditionPassed(opcode)) {
2295  bool success = false;
2296  const addr_t ip = ReadCoreReg(12, &success);
2297  if (!success)
2298  return false;
2299  uint32_t imm32;
2300  switch (encoding) {
2301  case eEncodingA1:
2302  imm32 = ARMExpandImm(opcode); // imm32 = ARMExpandImm(imm12)
2303  break;
2304  default:
2305  return false;
2306  }
2307  addr_t ip_offset = imm32;
2308  addr_t addr = ip - ip_offset; // the adjusted ip value
2309 
2310  EmulateInstruction::Context context;
2311  context.type = EmulateInstruction::eContextRegisterPlusOffset;
2312  RegisterInfo dwarf_reg;
2313  GetRegisterInfo(eRegisterKindDWARF, dwarf_r12, dwarf_reg);
2314  context.SetRegisterPlusOffset(dwarf_reg, -ip_offset);
2315 
2316  if (!WriteRegisterUnsigned(context, eRegisterKindDWARF, dwarf_r7, addr))
2317  return false;
2318  }
2319  return true;
2320 }
2321 
2322 // Set ip to point to some stack offset.
2323 // SUB (SP minus immediate)
2324 bool EmulateInstructionARM::EmulateSUBIPSPImm(const uint32_t opcode,
2325  const ARMEncoding encoding) {
2326 #if 0
2327  // ARM pseudo code...
2328  if (ConditionPassed())
2329  {
2330  EncodingSpecificOperations();
2331  (result, carry, overflow) = AddWithCarry(SP, NOT(imm32), '1');
2332  if d == 15 then // Can only occur for ARM encoding
2333  ALUWritePC(result); // setflags is always FALSE here
2334  else
2335  R[d] = result;
2336  if setflags then
2337  APSR.N = result<31>;
2338  APSR.Z = IsZeroBit(result);
2339  APSR.C = carry;
2340  APSR.V = overflow;
2341  }
2342 #endif
2343 
2344  if (ConditionPassed(opcode)) {
2345  bool success = false;
2346  const addr_t sp = ReadCoreReg(SP_REG, &success);
2347  if (!success)
2348  return false;
2349  uint32_t imm32;
2350  switch (encoding) {
2351  case eEncodingA1:
2352  imm32 = ARMExpandImm(opcode); // imm32 = ARMExpandImm(imm12)
2353  break;
2354  default:
2355  return false;
2356  }
2357  addr_t sp_offset = imm32;
2358  addr_t addr = sp - sp_offset; // the adjusted stack pointer value
2359 
2360  EmulateInstruction::Context context;
2361  context.type = EmulateInstruction::eContextRegisterPlusOffset;
2362  RegisterInfo dwarf_reg;
2363  GetRegisterInfo(eRegisterKindGeneric, LLDB_REGNUM_GENERIC_SP, dwarf_reg);
2364  context.SetRegisterPlusOffset(dwarf_reg, -sp_offset);
2365 
2366  if (!WriteRegisterUnsigned(context, eRegisterKindDWARF, dwarf_r12, addr))
2367  return false;
2368  }
2369  return true;
2370 }
2371 
2372 // This instruction subtracts an immediate value from the SP value, and writes
2373 // the result to the destination register.
2374 //
2375 // If Rd == 13 => A sub operation to adjust the SP -- allocate space for local
2376 // storage.
2377 bool EmulateInstructionARM::EmulateSUBSPImm(const uint32_t opcode,
2378  const ARMEncoding encoding) {
2379 #if 0
2380  // ARM pseudo code...
2381  if (ConditionPassed())
2382  {
2383  EncodingSpecificOperations();
2384  (result, carry, overflow) = AddWithCarry(SP, NOT(imm32), '1');
2385  if d == 15 then // Can only occur for ARM encoding
2386  ALUWritePC(result); // setflags is always FALSE here
2387  else
2388  R[d] = result;
2389  if setflags then
2390  APSR.N = result<31>;
2391  APSR.Z = IsZeroBit(result);
2392  APSR.C = carry;
2393  APSR.V = overflow;
2394  }
2395 #endif
2396 
2397  bool success = false;
2398  if (ConditionPassed(opcode)) {
2399  const addr_t sp = ReadCoreReg(SP_REG, &success);
2400  if (!success)
2401  return false;
2402 
2403  uint32_t Rd;
2404  bool setflags;
2405  uint32_t imm32;
2406  switch (encoding) {
2407  case eEncodingT1:
2408  Rd = 13;
2409  setflags = false;
2410  imm32 = ThumbImm7Scaled(opcode); // imm32 = ZeroExtend(imm7:'00', 32)
2411  break;
2412  case eEncodingT2:
2413  Rd = Bits32(opcode, 11, 8);
2414  setflags = BitIsSet(opcode, 20);
2415  imm32 = ThumbExpandImm(opcode); // imm32 = ThumbExpandImm(i:imm3:imm8)
2416  if (Rd == 15 && setflags)
2417  return EmulateCMPImm(opcode, eEncodingT2);
2418  if (Rd == 15 && !setflags)
2419  return false;
2420  break;
2421  case eEncodingT3:
2422  Rd = Bits32(opcode, 11, 8);
2423  setflags = false;
2424  imm32 = ThumbImm12(opcode); // imm32 = ZeroExtend(i:imm3:imm8, 32)
2425  if (Rd == 15)
2426  return false;
2427  break;
2428  case eEncodingA1:
2429  Rd = Bits32(opcode, 15, 12);
2430  setflags = BitIsSet(opcode, 20);
2431  imm32 = ARMExpandImm(opcode); // imm32 = ARMExpandImm(imm12)
2432 
2433  // if Rd == '1111' && S == '1' then SEE SUBS PC, LR and related
2434  // instructions;
2435  if (Rd == 15 && setflags)
2436  return EmulateSUBSPcLrEtc(opcode, encoding);
2437  break;
2438  default:
2439  return false;
2440  }
2441  AddWithCarryResult res = AddWithCarry(sp, ~imm32, 1);
2442 
2443  EmulateInstruction::Context context;
2444  if (Rd == 13) {
2445  uint64_t imm64 = imm32; // Need to expand it to 64 bits before attempting
2446  // to negate it, or the wrong
2447  // value gets passed down to context.SetImmediateSigned.
2448  context.type = EmulateInstruction::eContextAdjustStackPointer;
2449  context.SetImmediateSigned(-imm64); // the stack pointer offset
2450  } else {
2451  context.type = EmulateInstruction::eContextImmediate;
2452  context.SetNoArgs();
2453  }
2454 
2455  if (!WriteCoreRegOptionalFlags(context, res.result, Rd, setflags,
2456  res.carry_out, res.overflow))
2457  return false;
2458  }
2459  return true;
2460 }
2461 
2462 // A store operation to the stack that also updates the SP.
2463 bool EmulateInstructionARM::EmulateSTRRtSP(const uint32_t opcode,
2464  const ARMEncoding encoding) {
2465 #if 0
2466  // ARM pseudo code...
2467  if (ConditionPassed())
2468  {
2469  EncodingSpecificOperations();
2470  offset_addr = if add then (R[n] + imm32) else (R[n] - imm32);
2471  address = if index then offset_addr else R[n];
2472  MemU[address,4] = if t == 15 then PCStoreValue() else R[t];
2473  if wback then R[n] = offset_addr;
2474  }
2475 #endif
2476 
2477  bool success = false;
2478  if (ConditionPassed(opcode)) {
2479  const uint32_t addr_byte_size = GetAddressByteSize();
2480  const addr_t sp = ReadCoreReg(SP_REG, &success);
2481  if (!success)
2482  return false;
2483  uint32_t Rt; // the source register
2484  uint32_t imm12;
2485  uint32_t
2486  Rn; // This function assumes Rn is the SP, but we should verify that.
2487 
2488  bool index;
2489  bool add;
2490  bool wback;
2491  switch (encoding) {
2492  case eEncodingA1:
2493  Rt = Bits32(opcode, 15, 12);
2494  imm12 = Bits32(opcode, 11, 0);
2495  Rn = Bits32(opcode, 19, 16);
2496 
2497  if (Rn != 13) // 13 is the SP reg on ARM. Verify that Rn == SP.
2498  return false;
2499 
2500  index = BitIsSet(opcode, 24);
2501  add = BitIsSet(opcode, 23);
2502  wback = (BitIsClear(opcode, 24) || BitIsSet(opcode, 21));
2503 
2504  if (wback && ((Rn == 15) || (Rn == Rt)))
2505  return false;
2506  break;
2507  default:
2508  return false;
2509  }
2510  addr_t offset_addr;
2511  if (add)
2512  offset_addr = sp + imm12;
2513  else
2514  offset_addr = sp - imm12;
2515 
2516  addr_t addr;
2517  if (index)
2518  addr = offset_addr;
2519  else
2520  addr = sp;
2521 
2522  EmulateInstruction::Context context;
2523  context.type = EmulateInstruction::eContextPushRegisterOnStack;
2524  RegisterInfo sp_reg;
2525  RegisterInfo dwarf_reg;
2526 
2527  GetRegisterInfo(eRegisterKindDWARF, dwarf_sp, sp_reg);
2528  GetRegisterInfo(eRegisterKindDWARF, dwarf_r0 + Rt, dwarf_reg);
2529  context.SetRegisterToRegisterPlusOffset(dwarf_reg, sp_reg, addr - sp);
2530  if (Rt != 15) {
2531  uint32_t reg_value = ReadCoreReg(Rt, &success);
2532  if (!success)
2533  return false;
2534  if (!MemUWrite(context, addr, reg_value, addr_byte_size))
2535  return false;
2536  } else {
2537  const uint32_t pc = ReadCoreReg(PC_REG, &success);
2538  if (!success)
2539  return false;
2540  if (!MemUWrite(context, addr, pc, addr_byte_size))
2541  return false;
2542  }
2543 
2544  if (wback) {
2545  context.type = EmulateInstruction::eContextAdjustStackPointer;
2546  context.SetImmediateSigned(addr - sp);
2547  if (!WriteRegisterUnsigned(context, eRegisterKindGeneric,
2548  LLDB_REGNUM_GENERIC_SP, offset_addr))
2549  return false;
2550  }
2551  }
2552  return true;
2553 }
2554 
2555 // Vector Push stores multiple extension registers to the stack. It also
2556 // updates SP to point to the start of the stored data.
2557 bool EmulateInstructionARM::EmulateVPUSH(const uint32_t opcode,
2558  const ARMEncoding encoding) {
2559 #if 0
2560  // ARM pseudo code...
2561  if (ConditionPassed())
2562  {
2563  EncodingSpecificOperations(); CheckVFPEnabled(TRUE); NullCheckIfThumbEE(13);
2564  address = SP - imm32;
2565  SP = SP - imm32;
2566  if single_regs then
2567  for r = 0 to regs-1
2568  MemA[address,4] = S[d+r]; address = address+4;
2569  else
2570  for r = 0 to regs-1
2571  // Store as two word-aligned words in the correct order for
2572  // current endianness.
2573  MemA[address,4] = if BigEndian() then D[d+r]<63:32> else D[d+r]<31:0>;
2574  MemA[address+4,4] = if BigEndian() then D[d+r]<31:0> else D[d+r]<63:32>;
2575  address = address+8;
2576  }
2577 #endif
2578 
2579  bool success = false;
2580  if (ConditionPassed(opcode)) {
2581  const uint32_t addr_byte_size = GetAddressByteSize();
2582  const addr_t sp = ReadCoreReg(SP_REG, &success);
2583  if (!success)
2584  return false;
2585  bool single_regs;
2586  uint32_t d; // UInt(D:Vd) or UInt(Vd:D) starting register
2587  uint32_t imm32; // stack offset
2588  uint32_t regs; // number of registers
2589  switch (encoding) {
2590  case eEncodingT1:
2591  case eEncodingA1:
2592  single_regs = false;
2593  d = Bit32(opcode, 22) << 4 | Bits32(opcode, 15, 12);
2594  imm32 = Bits32(opcode, 7, 0) * addr_byte_size;
2595  // If UInt(imm8) is odd, see "FSTMX".
2596  regs = Bits32(opcode, 7, 0) / 2;
2597  // if regs == 0 || regs > 16 || (d+regs) > 32 then UNPREDICTABLE;
2598  if (regs == 0 || regs > 16 || (d + regs) > 32)
2599  return false;
2600  break;
2601  case eEncodingT2:
2602  case eEncodingA2:
2603  single_regs = true;
2604  d = Bits32(opcode, 15, 12) << 1 | Bit32(opcode, 22);
2605  imm32 = Bits32(opcode, 7, 0) * addr_byte_size;
2606  regs = Bits32(opcode, 7, 0);
2607  // if regs == 0 || regs > 16 || (d+regs) > 32 then UNPREDICTABLE;
2608  if (regs == 0 || regs > 16 || (d + regs) > 32)
2609  return false;
2610  break;
2611  default:
2612  return false;
2613  }
2614  uint32_t start_reg = single_regs ? dwarf_s0 : dwarf_d0;
2615  uint32_t reg_byte_size = single_regs ? addr_byte_size : addr_byte_size * 2;
2616  addr_t sp_offset = imm32;
2617  addr_t addr = sp - sp_offset;
2618  uint32_t i;
2619 
2620  EmulateInstruction::Context context;
2621  context.type = EmulateInstruction::eContextPushRegisterOnStack;
2622 
2623  RegisterInfo dwarf_reg;
2624  RegisterInfo sp_reg;
2625  GetRegisterInfo(eRegisterKindDWARF, dwarf_sp, sp_reg);
2626  for (i = 0; i < regs; ++i) {
2627  GetRegisterInfo(eRegisterKindDWARF, start_reg + d + i, dwarf_reg);
2628  context.SetRegisterToRegisterPlusOffset(dwarf_reg, sp_reg, addr - sp);
2629  // uint64_t to accommodate 64-bit registers.
2630  uint64_t reg_value = ReadRegisterUnsigned(&dwarf_reg, 0, &success);
2631  if (!success)
2632  return false;
2633  if (!MemAWrite(context, addr, reg_value, reg_byte_size))
2634  return false;
2635  addr += reg_byte_size;
2636  }
2637 
2638  context.type = EmulateInstruction::eContextAdjustStackPointer;
2639  context.SetImmediateSigned(-sp_offset);
2640 
2641  if (!WriteRegisterUnsigned(context, eRegisterKindGeneric,
2642  LLDB_REGNUM_GENERIC_SP, sp - sp_offset))
2643  return false;
2644  }
2645  return true;
2646 }
2647 
2648 // Vector Pop loads multiple extension registers from the stack. It also
2649 // updates SP to point just above the loaded data.
2650 bool EmulateInstructionARM::EmulateVPOP(const uint32_t opcode,
2651  const ARMEncoding encoding) {
2652 #if 0
2653  // ARM pseudo code...
2654  if (ConditionPassed())
2655  {
2656  EncodingSpecificOperations(); CheckVFPEnabled(TRUE); NullCheckIfThumbEE(13);
2657  address = SP;
2658  SP = SP + imm32;
2659  if single_regs then
2660  for r = 0 to regs-1
2661  S[d+r] = MemA[address,4]; address = address+4;
2662  else
2663  for r = 0 to regs-1
2664  word1 = MemA[address,4]; word2 = MemA[address+4,4]; address = address+8;
2665  // Combine the word-aligned words in the correct order for
2666  // current endianness.
2667  D[d+r] = if BigEndian() then word1:word2 else word2:word1;
2668  }
2669 #endif
2670 
2671  bool success = false;
2672  if (ConditionPassed(opcode)) {
2673  const uint32_t addr_byte_size = GetAddressByteSize();
2674  const addr_t sp = ReadCoreReg(SP_REG, &success);
2675  if (!success)
2676  return false;
2677  bool single_regs;
2678  uint32_t d; // UInt(D:Vd) or UInt(Vd:D) starting register
2679  uint32_t imm32; // stack offset
2680  uint32_t regs; // number of registers
2681  switch (encoding) {
2682  case eEncodingT1:
2683  case eEncodingA1:
2684  single_regs = false;
2685  d = Bit32(opcode, 22) << 4 | Bits32(opcode, 15, 12);
2686  imm32 = Bits32(opcode, 7, 0) * addr_byte_size;
2687  // If UInt(imm8) is odd, see "FLDMX".
2688  regs = Bits32(opcode, 7, 0) / 2;
2689  // if regs == 0 || regs > 16 || (d+regs) > 32 then UNPREDICTABLE;
2690  if (regs == 0 || regs > 16 || (d + regs) > 32)
2691  return false;
2692  break;
2693  case eEncodingT2:
2694  case eEncodingA2:
2695  single_regs = true;
2696  d = Bits32(opcode, 15, 12) << 1 | Bit32(opcode, 22);
2697  imm32 = Bits32(opcode, 7, 0) * addr_byte_size;
2698  regs = Bits32(opcode, 7, 0);
2699  // if regs == 0 || regs > 16 || (d+regs) > 32 then UNPREDICTABLE;
2700  if (regs == 0 || regs > 16 || (d + regs) > 32)
2701  return false;
2702  break;
2703  default:
2704  return false;
2705  }
2706  uint32_t start_reg = single_regs ? dwarf_s0 : dwarf_d0;
2707  uint32_t reg_byte_size = single_regs ? addr_byte_size : addr_byte_size * 2;
2708  addr_t sp_offset = imm32;
2709  addr_t addr = sp;
2710  uint32_t i;
2711  uint64_t data; // uint64_t to accommodate 64-bit registers.
2712 
2713  EmulateInstruction::Context context;
2714  context.type = EmulateInstruction::eContextPopRegisterOffStack;
2715 
2716  RegisterInfo dwarf_reg;
2717  RegisterInfo sp_reg;
2718  GetRegisterInfo(eRegisterKindDWARF, dwarf_sp, sp_reg);
2719  for (i = 0; i < regs; ++i) {
2720  GetRegisterInfo(eRegisterKindDWARF, start_reg + d + i, dwarf_reg);
2721  context.SetAddress(addr);
2722  data = MemARead(context, addr, reg_byte_size, 0, &success);
2723  if (!success)
2724  return false;
2725  if (!WriteRegisterUnsigned(context, &dwarf_reg, data))
2726  return false;
2727  addr += reg_byte_size;
2728  }
2729 
2730  context.type = EmulateInstruction::eContextAdjustStackPointer;
2731  context.SetImmediateSigned(sp_offset);
2732 
2733  if (!WriteRegisterUnsigned(context, eRegisterKindGeneric,
2734  LLDB_REGNUM_GENERIC_SP, sp + sp_offset))
2735  return false;
2736  }
2737  return true;
2738 }
2739 
2740 // SVC (previously SWI)
2741 bool EmulateInstructionARM::EmulateSVC(const uint32_t opcode,
2742  const ARMEncoding encoding) {
2743 #if 0
2744  // ARM pseudo code...
2745  if (ConditionPassed())
2746  {
2747  EncodingSpecificOperations();
2748  CallSupervisor();
2749  }
2750 #endif
2751 
2752  bool success = false;
2753 
2754  if (ConditionPassed(opcode)) {
2755  const uint32_t pc = ReadCoreReg(PC_REG, &success);
2756  addr_t lr; // next instruction address
2757  if (!success)
2758  return false;
2759  uint32_t imm32; // the immediate constant
2760  uint32_t mode; // ARM or Thumb mode
2761  switch (encoding) {
2762  case eEncodingT1:
2763  lr = (pc + 2) | 1u; // return address
2764  imm32 = Bits32(opcode, 7, 0);
2765  mode = eModeThumb;
2766  break;
2767  case eEncodingA1:
2768  lr = pc + 4; // return address
2769  imm32 = Bits32(opcode, 23, 0);
2770  mode = eModeARM;
2771  break;
2772  default:
2773  return false;
2774  }
2775 
2776  EmulateInstruction::Context context;
2777  context.type = EmulateInstruction::eContextSupervisorCall;
2778  context.SetISAAndImmediate(mode, imm32);
2779  if (!WriteRegisterUnsigned(context, eRegisterKindGeneric,
2780  LLDB_REGNUM_GENERIC_RA, lr))
2781  return false;
2782  }
2783  return true;
2784 }
2785 
2786 // If Then makes up to four following instructions (the IT block) conditional.
2787 bool EmulateInstructionARM::EmulateIT(const uint32_t opcode,
2788  const ARMEncoding encoding) {
2789 #if 0
2790  // ARM pseudo code...
2791  EncodingSpecificOperations();
2792  ITSTATE.IT<7:0> = firstcond:mask;
2793 #endif
2794 
2795  m_it_session.InitIT(Bits32(opcode, 7, 0));
2796  return true;
2797 }
2798 
2799 bool EmulateInstructionARM::EmulateNop(const uint32_t opcode,
2800  const ARMEncoding encoding) {
2801  // NOP, nothing to do...
2802  return true;
2803 }
2804 
2805 // Branch causes a branch to a target address.
2806 bool EmulateInstructionARM::EmulateB(const uint32_t opcode,
2807  const ARMEncoding encoding) {
2808 #if 0
2809  // ARM pseudo code...
2810  if (ConditionPassed())
2811  {
2812  EncodingSpecificOperations();
2813  BranchWritePC(PC + imm32);
2814  }
2815 #endif
2816 
2817  bool success = false;
2818 
2819  if (ConditionPassed(opcode)) {
2820  EmulateInstruction::Context context;
2821  context.type = EmulateInstruction::eContextRelativeBranchImmediate;
2822  const uint32_t pc = ReadCoreReg(PC_REG, &success);
2823  if (!success)
2824  return false;
2825  addr_t target; // target address
2826  int32_t imm32; // PC-relative offset
2827  switch (encoding) {
2828  case eEncodingT1:
2829  // The 'cond' field is handled in EmulateInstructionARM::CurrentCond().
2830  imm32 = llvm::SignExtend32<9>(Bits32(opcode, 7, 0) << 1);
2831  target = pc + imm32;
2832  context.SetISAAndImmediateSigned(eModeThumb, 4 + imm32);
2833  break;
2834  case eEncodingT2:
2835  imm32 = llvm::SignExtend32<12>(Bits32(opcode, 10, 0) << 1);
2836  target = pc + imm32;
2837  context.SetISAAndImmediateSigned(eModeThumb, 4 + imm32);
2838  break;
2839  case eEncodingT3:
2840  // The 'cond' field is handled in EmulateInstructionARM::CurrentCond().
2841  {
2842  if (Bits32(opcode, 25, 23) == 7)
2843  return false; // See Branches and miscellaneous control on page
2844  // A6-235.
2845 
2846  uint32_t S = Bit32(opcode, 26);
2847  uint32_t imm6 = Bits32(opcode, 21, 16);
2848  uint32_t J1 = Bit32(opcode, 13);
2849  uint32_t J2 = Bit32(opcode, 11);
2850  uint32_t imm11 = Bits32(opcode, 10, 0);
2851  uint32_t imm21 =
2852  (S << 20) | (J2 << 19) | (J1 << 18) | (imm6 << 12) | (imm11 << 1);
2853  imm32 = llvm::SignExtend32<21>(imm21);
2854  target = pc + imm32;
2855  context.SetISAAndImmediateSigned(eModeThumb, 4 + imm32);
2856  break;
2857  }
2858  case eEncodingT4: {
2859  uint32_t S = Bit32(opcode, 26);
2860  uint32_t imm10 = Bits32(opcode, 25, 16);
2861  uint32_t J1 = Bit32(opcode, 13);
2862  uint32_t J2 = Bit32(opcode, 11);
2863  uint32_t imm11 = Bits32(opcode, 10, 0);
2864  uint32_t I1 = !(J1 ^ S);
2865  uint32_t I2 = !(J2 ^ S);
2866  uint32_t imm25 =
2867  (S << 24) | (I1 << 23) | (I2 << 22) | (imm10 << 12) | (imm11 << 1);
2868  imm32 = llvm::SignExtend32<25>(imm25);
2869  target = pc + imm32;
2870  context.SetISAAndImmediateSigned(eModeThumb, 4 + imm32);
2871  break;
2872  }
2873  case eEncodingA1:
2874  imm32 = llvm::SignExtend32<26>(Bits32(opcode, 23, 0) << 2);
2875  target = pc + imm32;
2876  context.SetISAAndImmediateSigned(eModeARM, 8 + imm32);
2877  break;
2878  default:
2879  return false;
2880  }
2881  if (!BranchWritePC(context, target))
2882  return false;
2883  }
2884  return true;
2885 }
2886 
2887 // Compare and Branch on Nonzero and Compare and Branch on Zero compare the
2888 // value in a register with zero and conditionally branch forward a constant
2889 // value. They do not affect the condition flags. CBNZ, CBZ
2890 bool EmulateInstructionARM::EmulateCB(const uint32_t opcode,
2891  const ARMEncoding encoding) {
2892 #if 0
2893  // ARM pseudo code...
2894  EncodingSpecificOperations();
2895  if nonzero ^ IsZero(R[n]) then
2896  BranchWritePC(PC + imm32);
2897 #endif
2898 
2899  bool success = false;
2900 
2901  // Read the register value from the operand register Rn.
2902  uint32_t reg_val = ReadCoreReg(Bits32(opcode, 2, 0), &success);
2903  if (!success)
2904  return false;
2905 
2906  EmulateInstruction::Context context;
2907  context.type = EmulateInstruction::eContextRelativeBranchImmediate;
2908  const uint32_t pc = ReadCoreReg(PC_REG, &success);
2909  if (!success)
2910  return false;
2911 
2912  addr_t target; // target address
2913  uint32_t imm32; // PC-relative offset to branch forward
2914  bool nonzero;
2915  switch (encoding) {
2916  case eEncodingT1:
2917  imm32 = Bit32(opcode, 9) << 6 | Bits32(opcode, 7, 3) << 1;
2918  nonzero = BitIsSet(opcode, 11);
2919  target = pc + imm32;
2920  context.SetISAAndImmediateSigned(eModeThumb, 4 + imm32);
2921  break;
2922  default:
2923  return false;
2924  }
2925  if (m_ignore_conditions || (nonzero ^ (reg_val == 0)))
2926  if (!BranchWritePC(context, target))
2927  return false;
2928 
2929  return true;
2930 }
2931 
2932 // Table Branch Byte causes a PC-relative forward branch using a table of
2933 // single byte offsets.
2934 // A base register provides a pointer to the table, and a second register
2935 // supplies an index into the table.
2936 // The branch length is twice the value of the byte returned from the table.
2937 //
2938 // Table Branch Halfword causes a PC-relative forward branch using a table of
2939 // single halfword offsets.
2940 // A base register provides a pointer to the table, and a second register
2941 // supplies an index into the table.
2942 // The branch length is twice the value of the halfword returned from the
2943 // table. TBB, TBH
2944 bool EmulateInstructionARM::EmulateTB(const uint32_t opcode,
2945  const ARMEncoding encoding) {
2946 #if 0
2947  // ARM pseudo code...
2948  EncodingSpecificOperations(); NullCheckIfThumbEE(n);
2949  if is_tbh then
2950  halfwords = UInt(MemU[R[n]+LSL(R[m],1), 2]);
2951  else
2952  halfwords = UInt(MemU[R[n]+R[m], 1]);
2953  BranchWritePC(PC + 2*halfwords);
2954 #endif
2955 
2956  bool success = false;
2957 
2958  if (ConditionPassed(opcode)) {
2959  uint32_t Rn; // the base register which contains the address of the table of
2960  // branch lengths
2961  uint32_t Rm; // the index register which contains an integer pointing to a
2962  // byte/halfword in the table
2963  bool is_tbh; // true if table branch halfword
2964  switch (encoding) {
2965  case eEncodingT1:
2966  Rn = Bits32(opcode, 19, 16);
2967  Rm = Bits32(opcode, 3, 0);
2968  is_tbh = BitIsSet(opcode, 4);
2969  if (Rn == 13 || BadReg(Rm))
2970  return false;
2971  if (InITBlock() && !LastInITBlock())
2972  return false;
2973  break;
2974  default:
2975  return false;
2976  }
2977 
2978  // Read the address of the table from the operand register Rn. The PC can
2979  // be used, in which case the table immediately follows this instruction.
2980  uint32_t base = ReadCoreReg(Rn, &success);
2981  if (!success)
2982  return false;
2983 
2984  // the table index
2985  uint32_t index = ReadCoreReg(Rm, &success);
2986  if (!success)
2987  return false;
2988 
2989  // the offsetted table address
2990  addr_t addr = base + (is_tbh ? index * 2 : index);
2991 
2992  // PC-relative offset to branch forward
2993  EmulateInstruction::Context context;
2994  context.type = EmulateInstruction::eContextTableBranchReadMemory;
2995  uint32_t offset = MemURead(context, addr, is_tbh ? 2 : 1, 0, &success) * 2;
2996  if (!success)
2997  return false;
2998 
2999  const uint32_t pc = ReadCoreReg(PC_REG, &success);
3000  if (!success)
3001  return false;
3002 
3003  // target address
3004  addr_t target = pc + offset;
3005  context.type = EmulateInstruction::eContextRelativeBranchImmediate;
3006  context.SetISAAndImmediateSigned(eModeThumb, 4 + offset);
3007 
3008  if (!BranchWritePC(context, target))
3009  return false;
3010  }
3011 
3012  return true;
3013 }
3014 
3015 // This instruction adds an immediate value to a register value, and writes the
3016 // result to the destination register. It can optionally update the condition
3017 // flags based on the result.
3018 bool EmulateInstructionARM::EmulateADDImmThumb(const uint32_t opcode,
3019  const ARMEncoding encoding) {
3020 #if 0
3021  if ConditionPassed() then
3022  EncodingSpecificOperations();
3023  (result, carry, overflow) = AddWithCarry(R[n], imm32, '0');
3024  R[d] = result;
3025  if setflags then
3026  APSR.N = result<31>;
3027  APSR.Z = IsZeroBit(result);
3028  APSR.C = carry;
3029  APSR.V = overflow;
3030 #endif
3031 
3032  bool success = false;
3033 
3034  if (ConditionPassed(opcode)) {
3035  uint32_t d;
3036  uint32_t n;
3037  bool setflags;
3038  uint32_t imm32;
3039  uint32_t carry_out;
3040 
3041  // EncodingSpecificOperations();
3042  switch (encoding) {
3043  case eEncodingT1:
3044  // d = UInt(Rd); n = UInt(Rn); setflags = !InITBlock(); imm32 =
3045  // ZeroExtend(imm3, 32);
3046  d = Bits32(opcode, 2, 0);
3047  n = Bits32(opcode, 5, 3);
3048  setflags = !InITBlock();
3049  imm32 = Bits32(opcode, 8, 6);
3050 
3051  break;
3052 
3053  case eEncodingT2:
3054  // d = UInt(Rdn); n = UInt(Rdn); setflags = !InITBlock(); imm32 =
3055  // ZeroExtend(imm8, 32);
3056  d = Bits32(opcode, 10, 8);
3057  n = Bits32(opcode, 10, 8);
3058  setflags = !InITBlock();
3059  imm32 = Bits32(opcode, 7, 0);
3060 
3061  break;
3062 
3063  case eEncodingT3:
3064  // if Rd == '1111' && S == '1' then SEE CMN (immediate);
3065  // d = UInt(Rd); n = UInt(Rn); setflags = (S == '1'); imm32 =
3066  // ThumbExpandImm(i:imm3:imm8);
3067  d = Bits32(opcode, 11, 8);
3068  n = Bits32(opcode, 19, 16);
3069  setflags = BitIsSet(opcode, 20);
3070  imm32 = ThumbExpandImm_C(opcode, APSR_C, carry_out);
3071 
3072  // if Rn == '1101' then SEE ADD (SP plus immediate);
3073  if (n == 13)
3074  return EmulateADDSPImm(opcode, eEncodingT3);
3075 
3076  // if BadReg(d) || n == 15 then UNPREDICTABLE;
3077  if (BadReg(d) || (n == 15))
3078  return false;
3079 
3080  break;
3081 
3082  case eEncodingT4: {
3083  // if Rn == '1111' then SEE ADR;
3084  // d = UInt(Rd); n = UInt(Rn); setflags = FALSE; imm32 =
3085  // ZeroExtend(i:imm3:imm8, 32);
3086  d = Bits32(opcode, 11, 8);
3087  n = Bits32(opcode, 19, 16);
3088  setflags = false;
3089  uint32_t i = Bit32(opcode, 26);
3090  uint32_t imm3 = Bits32(opcode, 14, 12);
3091  uint32_t imm8 = Bits32(opcode, 7, 0);
3092  imm32 = (i << 11) | (imm3 << 8) | imm8;
3093 
3094  // if Rn == '1101' then SEE ADD (SP plus immediate);
3095  if (n == 13)
3096  return EmulateADDSPImm(opcode, eEncodingT4);
3097 
3098  // if BadReg(d) then UNPREDICTABLE;
3099  if (BadReg(d))
3100  return false;
3101 
3102  break;
3103  }
3104 
3105  default:
3106  return false;
3107  }
3108 
3109  uint64_t Rn =
3110  ReadRegisterUnsigned(eRegisterKindDWARF, dwarf_r0 + n, 0, &success);
3111  if (!success)
3112  return false;
3113 
3114  //(result, carry, overflow) = AddWithCarry(R[n], imm32, '0');
3115  AddWithCarryResult res = AddWithCarry(Rn, imm32, 0);
3116 
3117  RegisterInfo reg_n;
3118  GetRegisterInfo(eRegisterKindDWARF, dwarf_r0 + n, reg_n);
3119 
3120  EmulateInstruction::Context context;
3121  context.type = eContextArithmetic;
3122  context.SetRegisterPlusOffset(reg_n, imm32);
3123 
3124  // R[d] = result;
3125  // if setflags then
3126  // APSR.N = result<31>;
3127  // APSR.Z = IsZeroBit(result);
3128  // APSR.C = carry;
3129  // APSR.V = overflow;
3130  if (!WriteCoreRegOptionalFlags(context, res.result, d, setflags,
3131  res.carry_out, res.overflow))
3132  return false;
3133  }
3134  return true;
3135 }
3136 
3137 // This instruction adds an immediate value to a register value, and writes the
3138 // result to the destination register. It can optionally update the condition
3139 // flags based on the result.
3140 bool EmulateInstructionARM::EmulateADDImmARM(const uint32_t opcode,
3141  const ARMEncoding encoding) {
3142 #if 0
3143  // ARM pseudo code...
3144  if ConditionPassed() then
3145  EncodingSpecificOperations();
3146  (result, carry, overflow) = AddWithCarry(R[n], imm32, '0');
3147  if d == 15 then
3148  ALUWritePC(result); // setflags is always FALSE here
3149  else
3150  R[d] = result;
3151  if setflags then
3152  APSR.N = result<31>;
3153  APSR.Z = IsZeroBit(result);
3154  APSR.C = carry;
3155  APSR.V = overflow;
3156 #endif
3157 
3158  bool success = false;
3159 
3160  if (ConditionPassed(opcode)) {
3161  uint32_t Rd, Rn;
3162  uint32_t
3163  imm32; // the immediate value to be added to the value obtained from Rn
3164  bool setflags;
3165  switch (encoding) {
3166  case eEncodingA1:
3167  Rd = Bits32(opcode, 15, 12);
3168  Rn = Bits32(opcode, 19, 16);
3169  setflags = BitIsSet(opcode, 20);
3170  imm32 = ARMExpandImm(opcode); // imm32 = ARMExpandImm(imm12)
3171  break;
3172  default:
3173  return false;
3174  }
3175 
3176  // Read the first operand.
3177  uint32_t val1 = ReadCoreReg(Rn, &success);
3178  if (!success)
3179  return false;
3180 
3181  AddWithCarryResult res = AddWithCarry(val1, imm32, 0);
3182 
3183  EmulateInstruction::Context context;
3184  if (Rd == 13)
3185  context.type = EmulateInstruction::eContextAdjustStackPointer;
3186  else if (Rd == GetFramePointerRegisterNumber())
3187  context.type = EmulateInstruction::eContextSetFramePointer;
3188  else
3189  context.type = EmulateInstruction::eContextRegisterPlusOffset;
3190 
3191  RegisterInfo dwarf_reg;
3192  GetRegisterInfo(eRegisterKindDWARF, Rn, dwarf_reg);
3193  context.SetRegisterPlusOffset(dwarf_reg, imm32);
3194 
3195  if (!WriteCoreRegOptionalFlags(context, res.result, Rd, setflags,
3196  res.carry_out, res.overflow))
3197  return false;
3198  }
3199  return true;
3200 }
3201 
3202 // This instruction adds a register value and an optionally-shifted register
3203 // value, and writes the result to the destination register. It can optionally
3204 // update the condition flags based on the result.
3205 bool EmulateInstructionARM::EmulateADDReg(const uint32_t opcode,
3206  const ARMEncoding encoding) {
3207 #if 0
3208  // ARM pseudo code...
3209  if ConditionPassed() then
3210  EncodingSpecificOperations();
3211  shifted = Shift(R[m], shift_t, shift_n, APSR.C);
3212  (result, carry, overflow) = AddWithCarry(R[n], shifted, '0');
3213  if d == 15 then
3214  ALUWritePC(result); // setflags is always FALSE here
3215  else
3216  R[d] = result;
3217  if setflags then
3218  APSR.N = result<31>;
3219  APSR.Z = IsZeroBit(result);
3220  APSR.C = carry;
3221  APSR.V = overflow;
3222 #endif
3223 
3224  bool success = false;
3225 
3226  if (ConditionPassed(opcode)) {
3227  uint32_t Rd, Rn, Rm;
3228  ARM_ShifterType shift_t;
3229  uint32_t shift_n; // the shift applied to the value read from Rm
3230  bool setflags;
3231  switch (encoding) {
3232  case eEncodingT1:
3233  Rd = Bits32(opcode, 2, 0);
3234  Rn = Bits32(opcode, 5, 3);
3235  Rm = Bits32(opcode, 8, 6);
3236  setflags = !InITBlock();
3237  shift_t = SRType_LSL;
3238  shift_n = 0;
3239  break;
3240  case eEncodingT2:
3241  Rd = Rn = Bit32(opcode, 7) << 3 | Bits32(opcode, 2, 0);
3242  Rm = Bits32(opcode, 6, 3);
3243  setflags = false;
3244  shift_t = SRType_LSL;
3245  shift_n = 0;
3246  if (Rn == 15 && Rm == 15)
3247  return false;
3248  if (Rd == 15 && InITBlock() && !LastInITBlock())
3249  return false;
3250  break;
3251  case eEncodingA1:
3252  Rd = Bits32(opcode, 15, 12);
3253  Rn = Bits32(opcode, 19, 16);
3254  Rm = Bits32(opcode, 3, 0);
3255  setflags = BitIsSet(opcode, 20);
3256  shift_n = DecodeImmShiftARM(opcode, shift_t);
3257  break;
3258  default:
3259  return false;
3260  }
3261 
3262  // Read the first operand.
3263  uint32_t val1 = ReadCoreReg(Rn, &success);
3264  if (!success)
3265  return false;
3266 
3267  // Read the second operand.
3268  uint32_t val2 = ReadCoreReg(Rm, &success);
3269  if (!success)
3270  return false;
3271 
3272  uint32_t shifted = Shift(val2, shift_t, shift_n, APSR_C, &success);
3273  if (!success)
3274  return false;
3275  AddWithCarryResult res = AddWithCarry(val1, shifted, 0);
3276 
3277  EmulateInstruction::Context context;
3278  context.type = eContextArithmetic;
3279  RegisterInfo op1_reg;
3280  RegisterInfo op2_reg;
3281  GetRegisterInfo(eRegisterKindDWARF, dwarf_r0 + Rn, op1_reg);
3282  GetRegisterInfo(eRegisterKindDWARF, dwarf_r0 + Rm, op2_reg);
3283  context.SetRegisterRegisterOperands(op1_reg, op2_reg);
3284 
3285  if (!WriteCoreRegOptionalFlags(context, res.result, Rd, setflags,
3286  res.carry_out, res.overflow))
3287  return false;
3288  }
3289  return true;
3290 }
3291 
3292 // Compare Negative (immediate) adds a register value and an immediate value.
3293 // It updates the condition flags based on the result, and discards the result.
3294 bool EmulateInstructionARM::EmulateCMNImm(const uint32_t opcode,
3295  const ARMEncoding encoding) {
3296 #if 0
3297  // ARM pseudo code...
3298  if ConditionPassed() then
3299  EncodingSpecificOperations();
3300  (result, carry, overflow) = AddWithCarry(R[n], imm32, '0');
3301  APSR.N = result<31>;
3302  APSR.Z = IsZeroBit(result);
3303  APSR.C = carry;
3304  APSR.V = overflow;
3305 #endif
3306 
3307  bool success = false;
3308 
3309  uint32_t Rn; // the first operand
3310  uint32_t imm32; // the immediate value to be compared with
3311  switch (encoding) {
3312  case eEncodingT1:
3313  Rn = Bits32(opcode, 19, 16);
3314  imm32 = ThumbExpandImm(opcode); // imm32 = ThumbExpandImm(i:imm3:imm8)
3315  if (Rn == 15)
3316  return false;
3317  break;
3318  case eEncodingA1:
3319  Rn = Bits32(opcode, 19, 16);
3320  imm32 = ARMExpandImm(opcode); // imm32 = ARMExpandImm(imm12)
3321  break;
3322  default:
3323  return false;
3324  }
3325  // Read the register value from the operand register Rn.
3326  uint32_t reg_val = ReadCoreReg(Rn, &success);
3327  if (!success)
3328  return false;
3329 
3330  AddWithCarryResult res = AddWithCarry(reg_val, imm32, 0);
3331 
3332  EmulateInstruction::Context context;
3333  context.type = EmulateInstruction::eContextImmediate;
3334  context.SetNoArgs();
3335  return WriteFlags(context, res.result, res.carry_out, res.overflow);
3336 }
3337 
3338 // Compare Negative (register) adds a register value and an optionally-shifted
3339 // register value. It updates the condition flags based on the result, and
3340 // discards the result.
3341 bool EmulateInstructionARM::EmulateCMNReg(const uint32_t opcode,
3342  const ARMEncoding encoding) {
3343 #if 0
3344  // ARM pseudo code...
3345  if ConditionPassed() then
3346  EncodingSpecificOperations();
3347  shifted = Shift(R[m], shift_t, shift_n, APSR.C);
3348  (result, carry, overflow) = AddWithCarry(R[n], shifted, '0');
3349  APSR.N = result<31>;
3350  APSR.Z = IsZeroBit(result);
3351  APSR.C = carry;
3352  APSR.V = overflow;
3353 #endif
3354 
3355  bool success = false;
3356 
3357  uint32_t Rn; // the first operand
3358  uint32_t Rm; // the second operand
3359  ARM_ShifterType shift_t;
3360  uint32_t shift_n; // the shift applied to the value read from Rm
3361  switch (encoding) {
3362  case eEncodingT1:
3363  Rn = Bits32(opcode, 2, 0);
3364  Rm = Bits32(opcode, 5, 3);
3365  shift_t = SRType_LSL;
3366  shift_n = 0;
3367  break;
3368  case eEncodingT2:
3369  Rn = Bits32(opcode, 19, 16);
3370  Rm = Bits32(opcode, 3, 0);
3371  shift_n = DecodeImmShiftThumb(opcode, shift_t);
3372  // if n == 15 || BadReg(m) then UNPREDICTABLE;
3373  if (Rn == 15 || BadReg(Rm))
3374  return false;
3375  break;
3376  case eEncodingA1:
3377  Rn = Bits32(opcode, 19, 16);
3378  Rm = Bits32(opcode, 3, 0);
3379  shift_n = DecodeImmShiftARM(opcode, shift_t);
3380  break;
3381  default:
3382  return false;
3383  }
3384  // Read the register value from register Rn.
3385  uint32_t val1 = ReadCoreReg(Rn, &success);
3386  if (!success)
3387  return false;
3388 
3389  // Read the register value from register Rm.
3390  uint32_t val2 = ReadCoreReg(Rm, &success);
3391  if (!success)
3392  return false;
3393 
3394  uint32_t shifted = Shift(val2, shift_t, shift_n, APSR_C, &success);
3395  if (!success)
3396  return false;
3397  AddWithCarryResult res = AddWithCarry(val1, shifted, 0);
3398 
3399  EmulateInstruction::Context context;
3400  context.type = EmulateInstruction::eContextImmediate;
3401  context.SetNoArgs();
3402  return WriteFlags(context, res.result, res.carry_out, res.overflow);
3403 }
3404 
3405 // Compare (immediate) subtracts an immediate value from a register value. It
3406 // updates the condition flags based on the result, and discards the result.
3407 bool EmulateInstructionARM::EmulateCMPImm(const uint32_t opcode,
3408  const ARMEncoding encoding) {
3409 #if 0
3410  // ARM pseudo code...
3411  if ConditionPassed() then
3412  EncodingSpecificOperations();
3413  (result, carry, overflow) = AddWithCarry(R[n], NOT(imm32), '1');
3414  APSR.N = result<31>;
3415  APSR.Z = IsZeroBit(result);
3416  APSR.C = carry;
3417  APSR.V = overflow;
3418 #endif
3419 
3420  bool success = false;
3421 
3422  uint32_t Rn; // the first operand
3423  uint32_t imm32; // the immediate value to be compared with
3424  switch (encoding) {
3425  case eEncodingT1:
3426  Rn = Bits32(opcode, 10, 8);
3427  imm32 = Bits32(opcode, 7, 0);
3428  break;
3429  case eEncodingT2:
3430  Rn = Bits32(opcode, 19, 16);
3431  imm32 = ThumbExpandImm(opcode); // imm32 = ThumbExpandImm(i:imm3:imm8)
3432  if (Rn == 15)
3433  return false;
3434  break;
3435  case eEncodingA1:
3436  Rn = Bits32(opcode, 19, 16);
3437  imm32 = ARMExpandImm(opcode); // imm32 = ARMExpandImm(imm12)
3438  break;
3439  default:
3440  return false;
3441  }
3442  // Read the register value from the operand register Rn.
3443  uint32_t reg_val = ReadCoreReg(Rn, &success);
3444  if (!success)
3445  return false;
3446 
3447  AddWithCarryResult res = AddWithCarry(reg_val, ~imm32, 1);
3448 
3449  EmulateInstruction::Context context;
3450  context.type = EmulateInstruction::eContextImmediate;
3451  context.SetNoArgs();
3452  return WriteFlags(context, res.result, res.carry_out, res.overflow);
3453 }
3454 
3455 // Compare (register) subtracts an optionally-shifted register value from a
3456 // register value. It updates the condition flags based on the result, and
3457 // discards the result.
3458 bool EmulateInstructionARM::EmulateCMPReg(const uint32_t opcode,
3459  const ARMEncoding encoding) {
3460 #if 0
3461  // ARM pseudo code...
3462  if ConditionPassed() then
3463  EncodingSpecificOperations();
3464  shifted = Shift(R[m], shift_t, shift_n, APSR.C);
3465  (result, carry, overflow) = AddWithCarry(R[n], NOT(shifted), '1');
3466  APSR.N = result<31>;
3467  APSR.Z = IsZeroBit(result);
3468  APSR.C = carry;
3469  APSR.V = overflow;
3470 #endif
3471 
3472  bool success = false;
3473 
3474  uint32_t Rn; // the first operand
3475  uint32_t Rm; // the second operand
3476  ARM_ShifterType shift_t;
3477  uint32_t shift_n; // the shift applied to the value read from Rm
3478  switch (encoding) {
3479  case eEncodingT1:
3480  Rn = Bits32(opcode, 2, 0);
3481  Rm = Bits32(opcode, 5, 3);
3482  shift_t = SRType_LSL;
3483  shift_n = 0;
3484  break;
3485  case eEncodingT2:
3486  Rn = Bit32(opcode, 7) << 3 | Bits32(opcode, 2, 0);
3487  Rm = Bits32(opcode, 6, 3);
3488  shift_t = SRType_LSL;
3489  shift_n = 0;
3490  if (Rn < 8 && Rm < 8)
3491  return false;
3492  if (Rn == 15 || Rm == 15)
3493  return false;
3494  break;
3495  case eEncodingT3:
3496  Rn = Bits32(opcode, 19, 16);
3497  Rm = Bits32(opcode, 3, 0);
3498  shift_n = DecodeImmShiftThumb(opcode, shift_t);
3499  if (Rn == 15 || BadReg(Rm))
3500  return false;
3501  break;
3502  case eEncodingA1:
3503  Rn = Bits32(opcode, 19, 16);
3504  Rm = Bits32(opcode, 3, 0);
3505  shift_n = DecodeImmShiftARM(opcode, shift_t);
3506  break;
3507  default:
3508  return false;
3509  }
3510  // Read the register value from register Rn.
3511  uint32_t val1 = ReadCoreReg(Rn, &success);
3512  if (!success)
3513  return false;
3514 
3515  // Read the register value from register Rm.
3516  uint32_t val2 = ReadCoreReg(Rm, &success);
3517  if (!success)
3518  return false;
3519 
3520  uint32_t shifted = Shift(val2, shift_t, shift_n, APSR_C, &success);
3521  if (!success)
3522  return false;
3523  AddWithCarryResult res = AddWithCarry(val1, ~shifted, 1);
3524 
3525  EmulateInstruction::Context context;
3526  context.type = EmulateInstruction::eContextImmediate;
3527  context.SetNoArgs();
3528  return WriteFlags(context, res.result, res.carry_out, res.overflow);
3529 }
3530 
3531 // Arithmetic Shift Right (immediate) shifts a register value right by an
3532 // immediate number of bits, shifting in copies of its sign bit, and writes the
3533 // result to the destination register. It can optionally update the condition
3534 // flags based on the result.
3535 bool EmulateInstructionARM::EmulateASRImm(const uint32_t opcode,
3536  const ARMEncoding encoding) {
3537 #if 0
3538  // ARM pseudo code...
3539  if ConditionPassed() then
3540  EncodingSpecificOperations();
3541  (result, carry) = Shift_C(R[m], SRType_ASR, shift_n, APSR.C);
3542  if d == 15 then // Can only occur for ARM encoding
3543  ALUWritePC(result); // setflags is always FALSE here
3544  else
3545  R[d] = result;
3546  if setflags then
3547  APSR.N = result<31>;
3548  APSR.Z = IsZeroBit(result);
3549  APSR.C = carry;
3550  // APSR.V unchanged
3551 #endif
3552 
3553  return EmulateShiftImm(opcode, encoding, SRType_ASR);
3554 }
3555 
3556 // Arithmetic Shift Right (register) shifts a register value right by a
3557 // variable number of bits, shifting in copies of its sign bit, and writes the
3558 // result to the destination register. The variable number of bits is read from
3559 // the bottom byte of a register. It can optionally update the condition flags
3560 // based on the result.
3561 bool EmulateInstructionARM::EmulateASRReg(const uint32_t opcode,
3562  const ARMEncoding encoding) {
3563 #if 0
3564  // ARM pseudo code...
3565  if ConditionPassed() then
3566  EncodingSpecificOperations();
3567  shift_n = UInt(R[m]<7:0>);
3568  (result, carry) = Shift_C(R[m], SRType_ASR, shift_n, APSR.C);
3569  R[d] = result;
3570  if setflags then
3571  APSR.N = result<31>;
3572  APSR.Z = IsZeroBit(result);
3573  APSR.C = carry;
3574  // APSR.V unchanged
3575 #endif
3576 
3577  return EmulateShiftReg(opcode, encoding, SRType_ASR);
3578 }
3579 
3580 // Logical Shift Left (immediate) shifts a register value left by an immediate
3581 // number of bits, shifting in zeros, and writes the result to the destination
3582 // register. It can optionally update the condition flags based on the result.
3583 bool EmulateInstructionARM::EmulateLSLImm(const uint32_t opcode,
3584  const ARMEncoding encoding) {
3585 #if 0
3586  // ARM pseudo code...
3587  if ConditionPassed() then
3588  EncodingSpecificOperations();
3589  (result, carry) = Shift_C(R[m], SRType_LSL, shift_n, APSR.C);
3590  if d == 15 then // Can only occur for ARM encoding
3591  ALUWritePC(result); // setflags is always FALSE here
3592  else
3593  R[d] = result;
3594  if setflags then
3595  APSR.N = result<31>;
3596  APSR.Z = IsZeroBit(result);
3597  APSR.C = carry;
3598  // APSR.V unchanged
3599 #endif
3600 
3601  return EmulateShiftImm(opcode, encoding, SRType_LSL);
3602 }
3603 
3604 // Logical Shift Left (register) shifts a register value left by a variable
3605 // number of bits, shifting in zeros, and writes the result to the destination
3606 // register. The variable number of bits is read from the bottom byte of a
3607 // register. It can optionally update the condition flags based on the result.
3608 bool EmulateInstructionARM::EmulateLSLReg(const uint32_t opcode,
3609  const ARMEncoding encoding) {
3610 #if 0
3611  // ARM pseudo code...
3612  if ConditionPassed() then
3613  EncodingSpecificOperations();
3614  shift_n = UInt(R[m]<7:0>);
3615  (result, carry) = Shift_C(R[m], SRType_LSL, shift_n, APSR.C);
3616  R[d] = result;
3617  if setflags then
3618  APSR.N = result<31>;
3619  APSR.Z = IsZeroBit(result);
3620  APSR.C = carry;
3621  // APSR.V unchanged
3622 #endif
3623 
3624  return EmulateShiftReg(opcode, encoding, SRType_LSL);
3625 }
3626 
3627 // Logical Shift Right (immediate) shifts a register value right by an
3628 // immediate number of bits, shifting in zeros, and writes the result to the
3629 // destination register. It can optionally update the condition flags based on
3630 // the result.
3631 bool EmulateInstructionARM::EmulateLSRImm(const uint32_t opcode,
3632  const ARMEncoding encoding) {
3633 #if 0
3634  // ARM pseudo code...
3635  if ConditionPassed() then
3636  EncodingSpecificOperations();
3637  (result, carry) = Shift_C(R[m], SRType_LSR, shift_n, APSR.C);
3638  if d == 15 then // Can only occur for ARM encoding
3639  ALUWritePC(result); // setflags is always FALSE here
3640  else
3641  R[d] = result;
3642  if setflags then
3643  APSR.N = result<31>;
3644  APSR.Z = IsZeroBit(result);
3645  APSR.C = carry;
3646  // APSR.V unchanged
3647 #endif
3648 
3649  return EmulateShiftImm(opcode, encoding, SRType_LSR);
3650 }
3651 
3652 // Logical Shift Right (register) shifts a register value right by a variable
3653 // number of bits, shifting in zeros, and writes the result to the destination
3654 // register. The variable number of bits is read from the bottom byte of a
3655 // register. It can optionally update the condition flags based on the result.
3656 bool EmulateInstructionARM::EmulateLSRReg(const uint32_t opcode,
3657  const ARMEncoding encoding) {
3658 #if 0
3659  // ARM pseudo code...
3660  if ConditionPassed() then
3661  EncodingSpecificOperations();
3662  shift_n = UInt(R[m]<7:0>);
3663  (result, carry) = Shift_C(R[m], SRType_LSR, shift_n, APSR.C);
3664  R[d] = result;
3665  if setflags then
3666  APSR.N = result<31>;
3667  APSR.Z = IsZeroBit(result);
3668  APSR.C = carry;
3669  // APSR.V unchanged
3670 #endif
3671 
3672  return EmulateShiftReg(opcode, encoding, SRType_LSR);
3673 }
3674 
3675 // Rotate Right (immediate) provides the value of the contents of a register
3676 // rotated by a constant value. The bits that are rotated off the right end are
3677 // inserted into the vacated bit positions on the left. It can optionally
3678 // update the condition flags based on the result.
3679 bool EmulateInstructionARM::EmulateRORImm(const uint32_t opcode,
3680  const ARMEncoding encoding) {
3681 #if 0
3682  // ARM pseudo code...
3683  if ConditionPassed() then
3684  EncodingSpecificOperations();
3685  (result, carry) = Shift_C(R[m], SRType_ROR, shift_n, APSR.C);
3686  if d == 15 then // Can only occur for ARM encoding
3687  ALUWritePC(result); // setflags is always FALSE here
3688  else
3689  R[d] = result;
3690  if setflags then
3691  APSR.N = result<31>;
3692  APSR.Z = IsZeroBit(result);
3693  APSR.C = carry;
3694  // APSR.V unchanged
3695 #endif
3696 
3697  return EmulateShiftImm(opcode, encoding, SRType_ROR);
3698 }
3699 
3700 // Rotate Right (register) provides the value of the contents of a register
3701 // rotated by a variable number of bits. The bits that are rotated off the
3702 // right end are inserted into the vacated bit positions on the left. The
3703 // variable number of bits is read from the bottom byte of a register. It can
3704 // optionally update the condition flags based on the result.
3705 bool EmulateInstructionARM::EmulateRORReg(const uint32_t opcode,
3706  const ARMEncoding encoding) {
3707 #if 0
3708  // ARM pseudo code...
3709  if ConditionPassed() then
3710  EncodingSpecificOperations();
3711  shift_n = UInt(R[m]<7:0>);
3712  (result, carry) = Shift_C(R[m], SRType_ROR, shift_n, APSR.C);
3713  R[d] = result;
3714  if setflags then
3715  APSR.N = result<31>;
3716  APSR.Z = IsZeroBit(result);
3717  APSR.C = carry;
3718  // APSR.V unchanged
3719 #endif
3720 
3721  return EmulateShiftReg(opcode, encoding, SRType_ROR);
3722 }
3723 
3724 // Rotate Right with Extend provides the value of the contents of a register
3725 // shifted right by one place, with the carry flag shifted into bit [31].
3726 //
3727 // RRX can optionally update the condition flags based on the result.
3728 // In that case, bit [0] is shifted into the carry flag.
3729 bool EmulateInstructionARM::EmulateRRX(const uint32_t opcode,
3730  const ARMEncoding encoding) {
3731 #if 0
3732  // ARM pseudo code...
3733  if ConditionPassed() then
3734  EncodingSpecificOperations();
3735  (result, carry) = Shift_C(R[m], SRType_RRX, 1, APSR.C);
3736  if d == 15 then // Can only occur for ARM encoding
3737  ALUWritePC(result); // setflags is always FALSE here
3738  else
3739  R[d] = result;
3740  if setflags then
3741  APSR.N = result<31>;
3742  APSR.Z = IsZeroBit(result);
3743  APSR.C = carry;
3744  // APSR.V unchanged
3745 #endif
3746 
3747  return EmulateShiftImm(opcode, encoding, SRType_RRX);
3748 }
3749 
3750 bool EmulateInstructionARM::EmulateShiftImm(const uint32_t opcode,
3751  const ARMEncoding encoding,
3752  ARM_ShifterType shift_type) {
3753  // assert(shift_type == SRType_ASR
3754  // || shift_type == SRType_LSL
3755  // || shift_type == SRType_LSR
3756  // || shift_type == SRType_ROR
3757  // || shift_type == SRType_RRX);
3758 
3759  bool success = false;
3760 
3761  if (ConditionPassed(opcode)) {
3762  uint32_t Rd; // the destination register
3763  uint32_t Rm; // the first operand register
3764  uint32_t imm5; // encoding for the shift amount
3765  uint32_t carry; // the carry bit after the shift operation
3766  bool setflags;
3767 
3768  // Special case handling!
3769  // A8.6.139 ROR (immediate) -- Encoding T1
3770  ARMEncoding use_encoding = encoding;
3771  if (shift_type == SRType_ROR && use_encoding == eEncodingT1) {
3772  // Morph the T1 encoding from the ARM Architecture Manual into T2
3773  // encoding to have the same decoding of bit fields as the other Thumb2
3774  // shift operations.
3775  use_encoding = eEncodingT2;
3776  }
3777 
3778  switch (use_encoding) {
3779  case eEncodingT1:
3780  // Due to the above special case handling!
3781  if (shift_type == SRType_ROR)
3782  return false;
3783 
3784  Rd = Bits32(opcode, 2, 0);
3785  Rm = Bits32(opcode, 5, 3);
3786  setflags = !InITBlock();
3787  imm5 = Bits32(opcode, 10, 6);
3788  break;
3789  case eEncodingT2:
3790  // A8.6.141 RRX
3791  // There's no imm form of RRX instructions.
3792  if (shift_type == SRType_RRX)
3793  return false;
3794 
3795  Rd = Bits32(opcode, 11, 8);
3796  Rm = Bits32(opcode, 3, 0);
3797  setflags = BitIsSet(opcode, 20);
3798  imm5 = Bits32(opcode, 14, 12) << 2 | Bits32(opcode, 7, 6);
3799  if (BadReg(Rd) || BadReg(Rm))
3800  return false;
3801  break;
3802  case eEncodingA1:
3803  Rd = Bits32(opcode, 15, 12);
3804  Rm = Bits32(opcode, 3, 0);
3805  setflags = BitIsSet(opcode, 20);
3806  imm5 = Bits32(opcode, 11, 7);
3807  break;
3808  default:
3809  return false;
3810  }
3811 
3812  // A8.6.139 ROR (immediate)
3813  if (shift_type == SRType_ROR && imm5 == 0)
3814  shift_type = SRType_RRX;
3815 
3816  // Get the first operand.
3817  uint32_t value = ReadCoreReg(Rm, &success);
3818  if (!success)
3819  return false;
3820 
3821  // Decode the shift amount if not RRX.
3822  uint32_t amt =
3823  (shift_type == SRType_RRX ? 1 : DecodeImmShift(shift_type, imm5));
3824 
3825  uint32_t result = Shift_C(value, shift_type, amt, APSR_C, carry, &success);
3826  if (!success)
3827  return false;
3828 
3829  // The context specifies that an immediate is to be moved into Rd.
3830  EmulateInstruction::Context context;
3831  context.type = EmulateInstruction::eContextImmediate;
3832  context.SetNoArgs();
3833 
3834  if (!WriteCoreRegOptionalFlags(context, result, Rd, setflags, carry))
3835  return false;
3836  }
3837  return true;
3838 }
3839 
3840 bool EmulateInstructionARM::EmulateShiftReg(const uint32_t opcode,
3841  const ARMEncoding encoding,
3842  ARM_ShifterType shift_type) {
3843  // assert(shift_type == SRType_ASR
3844  // || shift_type == SRType_LSL
3845  // || shift_type == SRType_LSR
3846  // || shift_type == SRType_ROR);
3847 
3848  bool success = false;
3849 
3850  if (ConditionPassed(opcode)) {
3851  uint32_t Rd; // the destination register
3852  uint32_t Rn; // the first operand register
3853  uint32_t
3854  Rm; // the register whose bottom byte contains the amount to shift by
3855  uint32_t carry; // the carry bit after the shift operation
3856  bool setflags;
3857  switch (encoding) {
3858  case eEncodingT1:
3859  Rd = Bits32(opcode, 2, 0);
3860  Rn = Rd;
3861  Rm = Bits32(opcode, 5, 3);
3862  setflags = !InITBlock();
3863  break;
3864  case eEncodingT2:
3865  Rd = Bits32(opcode, 11, 8);
3866  Rn = Bits32(opcode, 19, 16);
3867  Rm = Bits32(opcode, 3, 0);
3868  setflags = BitIsSet(opcode, 20);
3869  if (BadReg(Rd) || BadReg(Rn) || BadReg(Rm))
3870  return false;
3871  break;
3872  case eEncodingA1:
3873  Rd = Bits32(opcode, 15, 12);
3874  Rn = Bits32(opcode, 3, 0);
3875  Rm = Bits32(opcode, 11, 8);
3876  setflags = BitIsSet(opcode, 20);
3877  if (Rd == 15 || Rn == 15 || Rm == 15)
3878  return false;
3879  break;
3880  default:
3881  return false;
3882  }
3883 
3884  // Get the first operand.
3885  uint32_t value = ReadCoreReg(Rn, &success);
3886  if (!success)
3887  return false;
3888  // Get the Rm register content.
3889  uint32_t val = ReadCoreReg(Rm, &success);
3890  if (!success)
3891  return false;
3892 
3893  // Get the shift amount.
3894  uint32_t amt = Bits32(val, 7, 0);
3895 
3896  uint32_t result = Shift_C(value, shift_type, amt, APSR_C, carry, &success);
3897  if (!success)
3898  return false;
3899 
3900  // The context specifies that an immediate is to be moved into Rd.
3901  EmulateInstruction::Context context;
3902  context.type = EmulateInstruction::eContextImmediate;
3903  context.SetNoArgs();
3904 
3905  if (!WriteCoreRegOptionalFlags(context, result, Rd, setflags, carry))
3906  return false;
3907  }
3908  return true;
3909 }
3910 
3911 // LDM loads multiple registers from consecutive memory locations, using an
3912 // address from a base register. Optionally the address just above the highest
3913 // of those locations can be written back to the base register.
3914 bool EmulateInstructionARM::EmulateLDM(const uint32_t opcode,
3915  const ARMEncoding encoding) {
3916 #if 0
3917  // ARM pseudo code...
3918  if ConditionPassed()
3919  EncodingSpecificOperations(); NullCheckIfThumbEE (n);
3920  address = R[n];
3921 
3922  for i = 0 to 14
3923  if registers<i> == '1' then
3924  R[i] = MemA[address, 4]; address = address + 4;
3925  if registers<15> == '1' then
3926  LoadWritePC (MemA[address, 4]);
3927 
3928  if wback && registers<n> == '0' then R[n] = R[n] + 4 * BitCount (registers);
3929  if wback && registers<n> == '1' then R[n] = bits(32) UNKNOWN; // Only possible for encoding A1
3930 
3931 #endif
3932 
3933  bool success = false;
3934  if (ConditionPassed(opcode)) {
3935  uint32_t n;
3936  uint32_t registers = 0;
3937  bool wback;
3938  const uint32_t addr_byte_size = GetAddressByteSize();
3939  switch (encoding) {
3940  case eEncodingT1:
3941  // n = UInt(Rn); registers = '00000000':register_list; wback =
3942  // (registers<n> == '0');
3943  n = Bits32(opcode, 10, 8);
3944  registers = Bits32(opcode, 7, 0);
3945  registers = registers & 0x00ff; // Make sure the top 8 bits are zeros.
3946  wback = BitIsClear(registers, n);
3947  // if BitCount(registers) < 1 then UNPREDICTABLE;
3948  if (BitCount(registers) < 1)
3949  return false;
3950  break;
3951  case eEncodingT2:
3952  // if W == '1' && Rn == '1101' then SEE POP;
3953  // n = UInt(Rn); registers = P:M:'0':register_list; wback = (W == '1');
3954  n = Bits32(opcode, 19, 16);
3955  registers = Bits32(opcode, 15, 0);
3956  registers = registers & 0xdfff; // Make sure bit 13 is zero.
3957  wback = BitIsSet(opcode, 21);
3958 
3959  // if n == 15 || BitCount(registers) < 2 || (P == '1' && M == '1') then
3960  // UNPREDICTABLE;
3961  if ((n == 15) || (BitCount(registers) < 2) ||
3962  (BitIsSet(opcode, 14) && BitIsSet(opcode, 15)))
3963  return false;
3964 
3965  // if registers<15> == '1' && InITBlock() && !LastInITBlock() then
3966  // UNPREDICTABLE;
3967  if (BitIsSet(registers, 15) && InITBlock() && !LastInITBlock())
3968  return false;
3969 
3970  // if wback && registers<n> == '1' then UNPREDICTABLE;
3971  if (wback && BitIsSet(registers, n))
3972  return false;
3973  break;
3974 
3975  case eEncodingA1:
3976  n = Bits32(opcode, 19, 16);
3977  registers = Bits32(opcode, 15, 0);
3978  wback = BitIsSet(opcode, 21);
3979  if ((n == 15) || (BitCount(registers) < 1))
3980  return false;
3981  break;
3982  default:
3983  return false;
3984  }
3985 
3986  int32_t offset = 0;
3987  const addr_t base_address =
3988  ReadRegisterUnsigned(eRegisterKindDWARF, dwarf_r0 + n, 0, &success);
3989  if (!success)
3990  return false;
3991 
3992  EmulateInstruction::Context context;
3993  context.type = EmulateInstruction::eContextRegisterPlusOffset;
3994  RegisterInfo dwarf_reg;
3995  GetRegisterInfo(eRegisterKindDWARF, dwarf_r0 + n, dwarf_reg);
3996  context.SetRegisterPlusOffset(dwarf_reg, offset);
3997 
3998  for (int i = 0; i < 14; ++i) {
3999  if (BitIsSet(registers, i)) {
4000  context.type = EmulateInstruction::eContextRegisterPlusOffset;
4001  context.SetRegisterPlusOffset(dwarf_reg, offset);
4002  if (wback && (n == 13)) // Pop Instruction
4003  {
4004  context.type = EmulateInstruction::eContextPopRegisterOffStack;
4005  context.SetAddress(base_address + offset);
4006  }
4007 
4008  // R[i] = MemA [address, 4]; address = address + 4;
4009  uint32_t data = MemARead(context, base_address + offset, addr_byte_size,
4010  0, &success);
4011  if (!success)
4012  return false;
4013 
4014  if (!WriteRegisterUnsigned(context, eRegisterKindDWARF, dwarf_r0 + i,
4015  data))
4016  return false;
4017 
4018  offset += addr_byte_size;
4019  }
4020  }
4021 
4022  if (BitIsSet(registers, 15)) {
4023  // LoadWritePC (MemA [address, 4]);
4024  context.type = EmulateInstruction::eContextRegisterPlusOffset;
4025  context.SetRegisterPlusOffset(dwarf_reg, offset);
4026  uint32_t data =
4027  MemARead(context, base_address + offset, addr_byte_size, 0, &success);
4028  if (!success)
4029  return false;
4030  // In ARMv5T and above, this is an interworking branch.
4031  if (!LoadWritePC(context, data))
4032  return false;
4033  }
4034 
4035  if (wback && BitIsClear(registers, n)) {
4036  // R[n] = R[n] + 4 * BitCount (registers)
4037  int32_t offset = addr_byte_size * BitCount(registers);
4038  context.type = EmulateInstruction::eContextAdjustBaseRegister;
4039  context.SetRegisterPlusOffset(dwarf_reg, offset);
4040 
4041  if (!WriteRegisterUnsigned(context, eRegisterKindDWARF, dwarf_r0 + n,
4042  base_address + offset))
4043  return false;
4044  }
4045  if (wback && BitIsSet(registers, n))
4046  // R[n] bits(32) UNKNOWN;
4047  return WriteBits32Unknown(n);
4048  }
4049  return true;
4050 }
4051 
4052 // LDMDA loads multiple registers from consecutive memory locations using an
4053 // address from a base register.
4054 // The consecutive memory locations end at this address and the address just
4055 // below the lowest of those locations can optionally be written back to the
4056 // base register.
4057 bool EmulateInstructionARM::EmulateLDMDA(const uint32_t opcode,
4058  const ARMEncoding encoding) {
4059 #if 0
4060  // ARM pseudo code...
4061  if ConditionPassed() then
4062  EncodingSpecificOperations();
4063  address = R[n] - 4*BitCount(registers) + 4;
4064 
4065  for i = 0 to 14
4066  if registers<i> == '1' then
4067  R[i] = MemA[address,4]; address = address + 4;
4068 
4069  if registers<15> == '1' then
4070  LoadWritePC(MemA[address,4]);
4071 
4072  if wback && registers<n> == '0' then R[n] = R[n] - 4*BitCount(registers);
4073  if wback && registers<n> == '1' then R[n] = bits(32) UNKNOWN;
4074 #endif
4075 
4076  bool success = false;
4077 
4078  if (ConditionPassed(opcode)) {
4079  uint32_t n;
4080  uint32_t registers = 0;
4081  bool wback;
4082  const uint32_t addr_byte_size = GetAddressByteSize();
4083 
4084  // EncodingSpecificOperations();
4085  switch (encoding) {
4086  case eEncodingA1:
4087  // n = UInt(Rn); registers = register_list; wback = (W == '1');
4088  n = Bits32(opcode, 19, 16);
4089  registers = Bits32(opcode, 15, 0);
4090  wback = BitIsSet(opcode, 21);
4091 
4092  // if n == 15 || BitCount(registers) < 1 then UNPREDICTABLE;
4093  if ((n == 15) || (BitCount(registers) < 1))
4094  return false;
4095 
4096  break;
4097 
4098  default:
4099  return false;
4100  }
4101  // address = R[n] - 4*BitCount(registers) + 4;
4102 
4103  int32_t offset = 0;
4104  addr_t Rn = ReadCoreReg(n, &success);
4105 
4106  if (!success)
4107  return false;
4108 
4109  addr_t address =
4110  Rn - (addr_byte_size * BitCount(registers)) + addr_byte_size;
4111 
4112  EmulateInstruction::Context context;
4113  context.type = EmulateInstruction::eContextRegisterPlusOffset;
4114  RegisterInfo dwarf_reg;
4115  GetRegisterInfo(eRegisterKindDWARF, dwarf_r0 + n, dwarf_reg);
4116  context.SetRegisterPlusOffset(dwarf_reg, offset);
4117 
4118  // for i = 0 to 14
4119  for (int i = 0; i < 14; ++i) {
4120  // if registers<i> == '1' then
4121  if (BitIsSet(registers, i)) {
4122  // R[i] = MemA[address,4]; address = address + 4;
4123  context.SetRegisterPlusOffset(dwarf_reg, Rn - (address + offset));
4124  uint32_t data =
4125  MemARead(context, address + offset, addr_byte_size, 0, &success);
4126  if (!success)
4127  return false;
4128  if (!WriteRegisterUnsigned(context, eRegisterKindDWARF, dwarf_r0 + i,
4129  data))
4130  return false;
4131  offset += addr_byte_size;
4132  }
4133  }
4134 
4135  // if registers<15> == '1' then
4136  // LoadWritePC(MemA[address,4]);
4137  if (BitIsSet(registers, 15)) {
4138  context.SetRegisterPlusOffset(dwarf_reg, offset);
4139  uint32_t data =
4140  MemARead(context, address + offset, addr_byte_size, 0, &success);
4141  if (!success)
4142  return false;
4143  // In ARMv5T and above, this is an interworking branch.
4144  if (!LoadWritePC(context, data))
4145  return false;
4146  }
4147 
4148  // if wback && registers<n> == '0' then R[n] = R[n] - 4*BitCount(registers);
4149  if (wback && BitIsClear(registers, n)) {
4150  if (!success)
4151  return false;
4152 
4153  offset = (addr_byte_size * BitCount(registers)) * -1;
4154  context.type = EmulateInstruction::eContextAdjustBaseRegister;
4155  context.SetImmediateSigned(offset);
4156  addr_t addr = Rn + offset;
4157  if (!WriteRegisterUnsigned(context, eRegisterKindDWARF, dwarf_r0 + n,
4158  addr))
4159  return false;
4160  }
4161 
4162  // if wback && registers<n> == '1' then R[n] = bits(32) UNKNOWN;
4163  if (wback && BitIsSet(registers, n))
4164  return WriteBits32Unknown(n);
4165  }
4166  return true;
4167 }
4168 
4169 // LDMDB loads multiple registers from consecutive memory locations using an
4170 // address from a base register. The
4171 // consecutive memory locations end just below this address, and the address of
4172 // the lowest of those locations can be optionally written back to the base
4173 // register.
4174 bool EmulateInstructionARM::EmulateLDMDB(const uint32_t opcode,
4175  const ARMEncoding encoding) {
4176 #if 0
4177  // ARM pseudo code...
4178  if ConditionPassed() then
4179  EncodingSpecificOperations(); NullCheckIfThumbEE(n);
4180  address = R[n] - 4*BitCount(registers);
4181 
4182  for i = 0 to 14
4183  if registers<i> == '1' then
4184  R[i] = MemA[address,4]; address = address + 4;
4185  if registers<15> == '1' then
4186  LoadWritePC(MemA[address,4]);
4187 
4188  if wback && registers<n> == '0' then R[n] = R[n] - 4*BitCount(registers);
4189  if wback && registers<n> == '1' then R[n] = bits(32) UNKNOWN; // Only possible for encoding A1
4190 #endif
4191 
4192  bool success = false;
4193 
4194  if (ConditionPassed(opcode)) {
4195  uint32_t n;
4196  uint32_t registers = 0;
4197  bool wback;
4198  const uint32_t addr_byte_size = GetAddressByteSize();
4199  switch (encoding) {
4200  case eEncodingT1:
4201  // n = UInt(Rn); registers = P:M:'0':register_list; wback = (W == '1');
4202  n = Bits32(opcode, 19, 16);
4203  registers = Bits32(opcode, 15, 0);
4204  registers = registers & 0xdfff; // Make sure bit 13 is a zero.
4205  wback = BitIsSet(opcode, 21);
4206 
4207  // if n == 15 || BitCount(registers) < 2 || (P == '1' && M == '1') then
4208  // UNPREDICTABLE;
4209  if ((n == 15) || (BitCount(registers) < 2) ||
4210  (BitIsSet(opcode, 14) && BitIsSet(opcode, 15)))
4211  return false;
4212 
4213  // if registers<15> == '1' && InITBlock() && !LastInITBlock() then
4214  // UNPREDICTABLE;
4215  if (BitIsSet(registers, 15) && InITBlock() && !LastInITBlock())
4216  return false;
4217 
4218  // if wback && registers<n> == '1' then UNPREDICTABLE;
4219  if (wback && BitIsSet(registers, n))
4220  return false;
4221 
4222  break;
4223 
4224  case eEncodingA1:
4225  // n = UInt(Rn); registers = register_list; wback = (W == '1');
4226  n = Bits32(opcode, 19, 16);
4227  registers = Bits32(opcode, 15, 0);
4228  wback = BitIsSet(opcode, 21);
4229 
4230  // if n == 15 || BitCount(registers) < 1 then UNPREDICTABLE;
4231  if ((n == 15) || (BitCount(registers) < 1))
4232  return false;
4233 
4234  break;
4235 
4236  default:
4237  return false;
4238  }
4239 
4240  // address = R[n] - 4*BitCount(registers);
4241 
4242  int32_t offset = 0;
4243  addr_t Rn =
4244  ReadRegisterUnsigned(eRegisterKindDWARF, dwarf_r0 + n, 0, &success);
4245 
4246  if (!success)
4247  return false;
4248 
4249  addr_t address = Rn - (addr_byte_size * BitCount(registers));
4250  EmulateInstruction::Context context;
4251  context.type = EmulateInstruction::eContextRegisterPlusOffset;
4252  RegisterInfo dwarf_reg;
4253  GetRegisterInfo(eRegisterKindDWARF, dwarf_r0 + n, dwarf_reg);
4254  context.SetRegisterPlusOffset(dwarf_reg, Rn - address);
4255 
4256  for (int i = 0; i < 14; ++i) {
4257  if (BitIsSet(registers, i)) {
4258  // R[i] = MemA[address,4]; address = address + 4;
4259  context.SetRegisterPlusOffset(dwarf_reg, Rn - (address + offset));
4260  uint32_t data =
4261  MemARead(context, address + offset, addr_byte_size, 0, &success);
4262  if (!success)
4263  return false;
4264 
4265  if (!WriteRegisterUnsigned(context, eRegisterKindDWARF, dwarf_r0 + i,
4266  data))
4267  return false;
4268 
4269  offset += addr_byte_size;
4270  }
4271  }
4272 
4273  // if registers<15> == '1' then
4274  // LoadWritePC(MemA[address,4]);
4275  if (BitIsSet(registers, 15)) {
4276  context.SetRegisterPlusOffset(dwarf_reg, offset);
4277  uint32_t data =
4278  MemARead(context, address + offset, addr_byte_size, 0, &success);
4279  if (!success)
4280  return false;
4281  // In ARMv5T and above, this is an interworking branch.
4282  if (!LoadWritePC(context, data))
4283  return false;
4284  }
4285 
4286  // if wback && registers<n> == '0' then R[n] = R[n] - 4*BitCount(registers);
4287  if (wback && BitIsClear(registers, n)) {
4288  if (!success)
4289  return false;
4290 
4291  offset = (addr_byte_size * BitCount(registers)) * -1;
4292  context.type = EmulateInstruction::eContextAdjustBaseRegister;
4293  context.SetImmediateSigned(offset);
4294  addr_t addr = Rn + offset;
4295  if (!WriteRegisterUnsigned(context, eRegisterKindDWARF, dwarf_r0 + n,
4296  addr))
4297  return false;
4298  }
4299 
4300  // if wback && registers<n> == '1' then R[n] = bits(32) UNKNOWN; // Only
4301  // possible for encoding A1
4302  if (wback && BitIsSet(registers, n))
4303  return WriteBits32Unknown(n);
4304  }
4305  return true;
4306 }
4307 
4308 // LDMIB loads multiple registers from consecutive memory locations using an
4309 // address from a base register. The
4310 // consecutive memory locations start just above this address, and thea ddress
4311 // of the last of those locations can optinoally be written back to the base
4312 // register.
4313 bool EmulateInstructionARM::EmulateLDMIB(const uint32_t opcode,
4314  const ARMEncoding encoding) {
4315 #if 0
4316  if ConditionPassed() then
4317  EncodingSpecificOperations();
4318  address = R[n] + 4;
4319 
4320  for i = 0 to 14
4321  if registers<i> == '1' then
4322  R[i] = MemA[address,4]; address = address + 4;
4323  if registers<15> == '1' then
4324  LoadWritePC(MemA[address,4]);
4325 
4326  if wback && registers<n> == '0' then R[n] = R[n] + 4*BitCount(registers);
4327  if wback && registers<n> == '1' then R[n] = bits(32) UNKNOWN;
4328 #endif
4329 
4330  bool success = false;
4331 
4332  if (ConditionPassed(opcode)) {
4333  uint32_t n;
4334  uint32_t registers = 0;
4335  bool wback;
4336  const uint32_t addr_byte_size = GetAddressByteSize();
4337  switch (encoding) {
4338  case eEncodingA1:
4339  // n = UInt(Rn); registers = register_list; wback = (W == '1');
4340  n = Bits32(opcode, 19, 16);
4341  registers = Bits32(opcode, 15, 0);
4342  wback = BitIsSet(opcode, 21);
4343 
4344  // if n == 15 || BitCount(registers) < 1 then UNPREDICTABLE;
4345  if ((n == 15) || (BitCount(registers) < 1))
4346  return false;
4347 
4348  break;
4349  default:
4350  return false;
4351  }
4352  // address = R[n] + 4;
4353 
4354  int32_t offset = 0;
4355  addr_t Rn =
4356  ReadRegisterUnsigned(eRegisterKindDWARF, dwarf_r0 + n, 0, &success);
4357 
4358  if (!success)
4359  return false;
4360 
4361  addr_t address = Rn + addr_byte_size;
4362 
4363  EmulateInstruction::Context context;
4364  context.type = EmulateInstruction::eContextRegisterPlusOffset;
4365  RegisterInfo dwarf_reg;
4366  GetRegisterInfo(eRegisterKindDWARF, dwarf_r0 + n, dwarf_reg);
4367  context.SetRegisterPlusOffset(dwarf_reg, offset);
4368 
4369  for (int i = 0; i < 14; ++i) {
4370  if (BitIsSet(registers, i)) {
4371  // R[i] = MemA[address,4]; address = address + 4;
4372 
4373  context.SetRegisterPlusOffset(dwarf_reg, offset + addr_byte_size);
4374  uint32_t data =
4375  MemARead(context, address + offset, addr_byte_size, 0, &success);
4376  if (!success)
4377  return false;
4378 
4379  if (!WriteRegisterUnsigned(context, eRegisterKindDWARF, dwarf_r0 + i,
4380  data))
4381  return false;
4382 
4383  offset += addr_byte_size;
4384  }
4385  }
4386 
4387  // if registers<15> == '1' then
4388  // LoadWritePC(MemA[address,4]);
4389  if (BitIsSet(registers, 15)) {
4390  context.SetRegisterPlusOffset(dwarf_reg, offset);
4391  uint32_t data =
4392  MemARead(context, address + offset, addr_byte_size, 0, &success);
4393  if (!success)
4394  return false;
4395  // In ARMv5T and above, this is an interworking branch.
4396  if (!LoadWritePC(context, data))
4397  return false;
4398  }
4399 
4400  // if wback && registers<n> == '0' then R[n] = R[n] + 4*BitCount(registers);
4401  if (wback && BitIsClear(registers, n)) {
4402  if (!success)
4403  return false;
4404 
4405  offset = addr_byte_size * BitCount(registers);
4406  context.type = EmulateInstruction::eContextAdjustBaseRegister;
4407  context.SetImmediateSigned(offset);
4408  addr_t addr = Rn + offset;
4409  if (!WriteRegisterUnsigned(context, eRegisterKindDWARF, dwarf_r0 + n,
4410  addr))
4411  return false;
4412  }
4413 
4414  // if wback && registers<n> == '1' then R[n] = bits(32) UNKNOWN; // Only
4415  // possible for encoding A1
4416  if (wback && BitIsSet(registers, n))
4417  return WriteBits32Unknown(n);
4418  }
4419  return true;
4420 }
4421 
4422 // Load Register (immediate) calculates an address from a base register value
4423 // and an immediate offset, loads a word from memory, and writes to a register.
4424 // LDR (immediate, Thumb)
4425 bool EmulateInstructionARM::EmulateLDRRtRnImm(const uint32_t opcode,
4426  const ARMEncoding encoding) {
4427 #if 0
4428  // ARM pseudo code...
4429  if (ConditionPassed())
4430  {
4431  EncodingSpecificOperations(); NullCheckIfThumbEE(15);
4432  offset_addr = if add then (R[n] + imm32) else (R[n] - imm32);
4433  address = if index then offset_addr else R[n];
4434  data = MemU[address,4];
4435  if wback then R[n] = offset_addr;
4436  if t == 15 then
4437  if address<1:0> == '00' then LoadWritePC(data); else UNPREDICTABLE;
4438  elsif UnalignedSupport() || address<1:0> = '00' then
4439  R[t] = data;
4440  else R[t] = bits(32) UNKNOWN; // Can only apply before ARMv7
4441  }
4442 #endif
4443 
4444  bool success = false;
4445 
4446  if (ConditionPassed(opcode)) {
4447  uint32_t Rt; // the destination register
4448  uint32_t Rn; // the base register
4449  uint32_t imm32; // the immediate offset used to form the address
4450  addr_t offset_addr; // the offset address
4451  addr_t address; // the calculated address
4452  uint32_t data; // the literal data value from memory load
4453  bool add, index, wback;
4454  switch (encoding) {
4455  case eEncodingT1:
4456  Rt = Bits32(opcode, 2, 0);
4457  Rn = Bits32(opcode, 5, 3);
4458  imm32 = Bits32(opcode, 10, 6) << 2; // imm32 = ZeroExtend(imm5:'00', 32);
4459  // index = TRUE; add = TRUE; wback = FALSE
4460  add = true;
4461  index = true;
4462  wback = false;
4463 
4464  break;
4465 
4466  case eEncodingT2:
4467  // t = UInt(Rt); n = 13; imm32 = ZeroExtend(imm8:'00', 32);
4468  Rt = Bits32(opcode, 10, 8);
4469  Rn = 13;
4470  imm32 = Bits32(opcode, 7, 0) << 2;
4471 
4472  // index = TRUE; add = TRUE; wback = FALSE;
4473  index = true;
4474  add = true;
4475  wback = false;
4476 
4477  break;
4478 
4479  case eEncodingT3:
4480  // if Rn == '1111' then SEE LDR (literal);
4481  // t = UInt(Rt); n = UInt(Rn); imm32 = ZeroExtend(imm12, 32);
4482  Rt = Bits32(opcode, 15, 12);
4483  Rn = Bits32(opcode, 19, 16);
4484  imm32 = Bits32(opcode, 11, 0);
4485 
4486  // index = TRUE; add = TRUE; wback = FALSE;
4487  index = true;
4488  add = true;
4489  wback = false;
4490 
4491  // if t == 15 && InITBlock() && !LastInITBlock() then UNPREDICTABLE;
4492  if ((Rt == 15) && InITBlock() && !LastInITBlock())
4493  return false;
4494 
4495  break;
4496 
4497  case eEncodingT4:
4498  // if Rn == '1111' then SEE LDR (literal);
4499  // if P == '1' && U == '1' && W == '0' then SEE LDRT;
4500  // if Rn == '1101' && P == '0' && U == '1' && W == '1' && imm8 ==
4501  // '00000100' then SEE POP;
4502  // if P == '0' && W == '0' then UNDEFINED;
4503  if (BitIsClear(opcode, 10) && BitIsClear(opcode, 8))
4504  return false;
4505 
4506  // t = UInt(Rt); n = UInt(Rn); imm32 = ZeroExtend(imm8, 32);
4507  Rt = Bits32(opcode, 15, 12);
4508  Rn = Bits32(opcode, 19, 16);
4509  imm32 = Bits32(opcode, 7, 0);
4510 
4511  // index = (P == '1'); add = (U == '1'); wback = (W == '1');
4512  index = BitIsSet(opcode, 10);
4513  add = BitIsSet(opcode, 9);
4514  wback = BitIsSet(opcode, 8);
4515 
4516  // if (wback && n == t) || (t == 15 && InITBlock() && !LastInITBlock())
4517  // then UNPREDICTABLE;
4518  if ((wback && (Rn == Rt)) ||
4519  ((Rt == 15) && InITBlock() && !LastInITBlock()))
4520  return false;
4521 
4522  break;
4523 
4524  default:
4525  return false;
4526  }
4527  uint32_t base = ReadCoreReg(Rn, &success);
4528  if (!success)
4529  return false;
4530  if (add)
4531  offset_addr = base + imm32;
4532  else
4533  offset_addr = base - imm32;
4534 
4535  address = (index ? offset_addr : base);
4536 
4537  RegisterInfo base_reg;
4538  GetRegisterInfo(eRegisterKindDWARF, dwarf_r0 + Rn, base_reg);
4539  if (wback) {
4540  EmulateInstruction::Context ctx;
4541  if (Rn == 13) {
4542  ctx.type = eContextAdjustStackPointer;
4543  ctx.SetImmediateSigned((int32_t)(offset_addr - base));
4544  } else if (Rn == GetFramePointerRegisterNumber()) {
4545  ctx.type = eContextSetFramePointer;
4546  ctx.SetRegisterPlusOffset(base_reg, (int32_t)(offset_addr - base));
4547  } else {
4548  ctx.type = EmulateInstruction::eContextAdjustBaseRegister;
4549  ctx.SetRegisterPlusOffset(base_reg, (int32_t)(offset_addr - base));
4550  }
4551 
4552  if (!WriteRegisterUnsigned(ctx, eRegisterKindDWARF, dwarf_r0 + Rn,
4553  offset_addr))
4554  return false;
4555  }
4556 
4557  // Prepare to write to the Rt register.
4558  EmulateInstruction::Context context;
4559  context.type = EmulateInstruction::eContextRegisterLoad;
4560  context.SetRegisterPlusOffset(base_reg, (int32_t)(offset_addr - base));
4561 
4562  // Read memory from the address.
4563  data = MemURead(context, address, 4, 0, &success);
4564  if (!success)
4565  return false;
4566 
4567  if (Rt == 15) {
4568  if (Bits32(address, 1, 0) == 0) {
4569  if (!LoadWritePC(context, data))
4570  return false;
4571  } else
4572  return false;
4573  } else if (UnalignedSupport() || Bits32(address, 1, 0) == 0) {
4574  if (!WriteRegisterUnsigned(context, eRegisterKindDWARF, dwarf_r0 + Rt,
4575  data))
4576  return false;
4577  } else
4578  WriteBits32Unknown(Rt);
4579  }
4580  return true;
4581 }
4582 
4583 // STM (Store Multiple Increment After) stores multiple registers to consecutive
4584 // memory locations using an address
4585 // from a base register. The consecutive memory locations start at this
4586 // address, and the address just above the last of those locations can
4587 // optionally be written back to the base register.
4588 bool EmulateInstructionARM::EmulateSTM(const uint32_t opcode,
4589  const ARMEncoding encoding) {
4590 #if 0
4591  if ConditionPassed() then
4592  EncodingSpecificOperations(); NullCheckIfThumbEE(n);
4593  address = R[n];
4594 
4595  for i = 0 to 14
4596  if registers<i> == '1' then
4597  if i == n && wback && i != LowestSetBit(registers) then
4598  MemA[address,4] = bits(32) UNKNOWN; // Only possible for encodings T1 and A1
4599  else
4600  MemA[address,4] = R[i];
4601  address = address + 4;
4602 
4603  if registers<15> == '1' then // Only possible for encoding A1
4604  MemA[address,4] = PCStoreValue();
4605  if wback then R[n] = R[n] + 4*BitCount(registers);
4606 #endif
4607 
4608  bool success = false;
4609 
4610  if (ConditionPassed(opcode)) {
4611  uint32_t n;
4612  uint32_t registers = 0;
4613  bool wback;
4614  const uint32_t addr_byte_size = GetAddressByteSize();
4615 
4616  // EncodingSpecificOperations(); NullCheckIfThumbEE(n);
4617  switch (encoding) {
4618  case eEncodingT1:
4619  // n = UInt(Rn); registers = '00000000':register_list; wback = TRUE;
4620  n = Bits32(opcode, 10, 8);
4621  registers = Bits32(opcode, 7, 0);
4622  registers = registers & 0x00ff; // Make sure the top 8 bits are zeros.
4623  wback = true;
4624 
4625  // if BitCount(registers) < 1 then UNPREDICTABLE;
4626  if (BitCount(registers) < 1)
4627  return false;
4628 
4629  break;
4630 
4631  case eEncodingT2:
4632  // n = UInt(Rn); registers = '0':M:'0':register_list; wback = (W == '1');
4633  n = Bits32(opcode, 19, 16);
4634  registers = Bits32(opcode, 15, 0);
4635  registers = registers & 0x5fff; // Make sure bits 15 & 13 are zeros.
4636  wback = BitIsSet(opcode, 21);
4637 
4638  // if n == 15 || BitCount(registers) < 2 then UNPREDICTABLE;
4639  if ((n == 15) || (BitCount(registers) < 2))
4640  return false;
4641 
4642  // if wback && registers<n> == '1' then UNPREDICTABLE;
4643  if (wback && BitIsSet(registers, n))
4644  return false;
4645 
4646  break;
4647 
4648  case eEncodingA1:
4649  // n = UInt(Rn); registers = register_list; wback = (W == '1');
4650  n = Bits32(opcode, 19, 16);
4651  registers = Bits32(opcode, 15, 0);
4652  wback = BitIsSet(opcode, 21);
4653 
4654  // if n == 15 || BitCount(registers) < 1 then UNPREDICTABLE;
4655  if ((n == 15) || (BitCount(registers) < 1))
4656  return false;
4657 
4658  break;
4659 
4660  default:
4661  return false;
4662  }
4663 
4664  // address = R[n];
4665  int32_t offset = 0;
4666  const addr_t address =
4667  ReadRegisterUnsigned(eRegisterKindDWARF, dwarf_r0 + n, 0, &success);
4668  if (!success)
4669  return false;
4670 
4671  EmulateInstruction::Context context;
4672  context.type = EmulateInstruction::eContextRegisterStore;
4673  RegisterInfo base_reg;
4674  GetRegisterInfo(eRegisterKindDWARF, dwarf_r0 + n, base_reg);
4675 
4676  // for i = 0 to 14
4677  uint32_t lowest_set_bit = 14;
4678  for (uint32_t i = 0; i < 14; ++i) {
4679  // if registers<i> == '1' then
4680  if (BitIsSet(registers, i)) {
4681  if (i < lowest_set_bit)
4682  lowest_set_bit = i;
4683  // if i == n && wback && i != LowestSetBit(registers) then
4684  if ((i == n) && wback && (i != lowest_set_bit))
4685  // MemA[address,4] = bits(32) UNKNOWN; // Only possible for encodings
4686  // T1 and A1
4687  WriteBits32UnknownToMemory(address + offset);
4688  else {
4689  // MemA[address,4] = R[i];
4690  uint32_t data = ReadRegisterUnsigned(eRegisterKindDWARF, dwarf_r0 + i,
4691  0, &success);
4692  if (!success)
4693  return false;
4694 
4695  RegisterInfo data_reg;
4696  GetRegisterInfo(eRegisterKindDWARF, dwarf_r0 + i, data_reg);
4697  context.SetRegisterToRegisterPlusOffset(data_reg, base_reg, offset);
4698  if (!MemAWrite(context, address + offset, data, addr_byte_size))
4699  return false;
4700  }
4701 
4702  // address = address + 4;
4703  offset += addr_byte_size;
4704  }
4705  }
4706 
4707  // if registers<15> == '1' then // Only possible for encoding A1
4708  // MemA[address,4] = PCStoreValue();
4709  if (BitIsSet(registers, 15)) {
4710  RegisterInfo pc_reg;
4711  GetRegisterInfo(eRegisterKindDWARF, dwarf_pc, pc_reg);
4712  context.SetRegisterPlusOffset(pc_reg, 8);
4713  const uint32_t pc = ReadCoreReg(PC_REG, &success);
4714  if (!success)
4715  return false;
4716 
4717  if (!MemAWrite(context, address + offset, pc, addr_byte_size))
4718  return false;
4719  }
4720 
4721  // if wback then R[n] = R[n] + 4*BitCount(registers);
4722  if (wback) {
4723  offset = addr_byte_size * BitCount(registers);
4724  context.type = EmulateInstruction::eContextAdjustBaseRegister;
4725  context.SetImmediateSigned(offset);
4726  addr_t data = address + offset;
4727  if (!WriteRegisterUnsigned(context, eRegisterKindDWARF, dwarf_r0 + n,
4728  data))
4729  return false;
4730  }
4731  }
4732  return true;
4733 }
4734 
4735 // STMDA (Store Multiple Decrement After) stores multiple registers to
4736 // consecutive memory locations using an address from a base register. The
4737 // consecutive memory locations end at this address, and the address just below
4738 // the lowest of those locations can optionally be written back to the base
4739 // register.
4740 bool EmulateInstructionARM::EmulateSTMDA(const uint32_t opcode,
4741  const ARMEncoding encoding) {
4742 #if 0
4743  if ConditionPassed() then
4744  EncodingSpecificOperations();
4745  address = R[n] - 4*BitCount(registers) + 4;
4746 
4747  for i = 0 to 14
4748  if registers<i> == '1' then
4749  if i == n && wback && i != LowestSetBit(registers) then
4750  MemA[address,4] = bits(32) UNKNOWN;
4751  else
4752  MemA[address,4] = R[i];
4753  address = address + 4;
4754 
4755  if registers<15> == '1' then
4756  MemA[address,4] = PCStoreValue();
4757 
4758  if wback then R[n] = R[n] - 4*BitCount(registers);
4759 #endif
4760 
4761  bool success = false;
4762 
4763  if (ConditionPassed(opcode)) {
4764  uint32_t n;
4765  uint32_t registers = 0;
4766  bool wback;
4767  const uint32_t addr_byte_size = GetAddressByteSize();
4768 
4769  // EncodingSpecificOperations();
4770  switch (encoding) {
4771  case eEncodingA1:
4772  // n = UInt(Rn); registers = register_list; wback = (W == '1');
4773  n = Bits32(opcode, 19, 16);
4774  registers = Bits32(opcode, 15, 0);
4775  wback = BitIsSet(opcode, 21);
4776 
4777  // if n == 15 || BitCount(registers) < 1 then UNPREDICTABLE;
4778  if ((n == 15) || (BitCount(registers) < 1))
4779  return false;
4780  break;
4781  default:
4782  return false;
4783  }
4784 
4785  // address = R[n] - 4*BitCount(registers) + 4;
4786  int32_t offset = 0;
4787  addr_t Rn = ReadCoreReg(n, &success);
4788  if (!success)
4789  return false;
4790 
4791  addr_t address = Rn - (addr_byte_size * BitCount(registers)) + 4;
4792 
4793  EmulateInstruction::Context context;
4794  context.type = EmulateInstruction::eContextRegisterStore;
4795  RegisterInfo base_reg;
4796  GetRegisterInfo(eRegisterKindDWARF, dwarf_r0 + n, base_reg);
4797 
4798  // for i = 0 to 14
4799  uint32_t lowest_bit_set = 14;
4800  for (uint32_t i = 0; i < 14; ++i) {
4801  // if registers<i> == '1' then
4802  if (BitIsSet(registers, i)) {
4803  if (i < lowest_bit_set)
4804  lowest_bit_set = i;
4805  // if i == n && wback && i != LowestSetBit(registers) then
4806  if ((i == n) && wback && (i != lowest_bit_set))
4807  // MemA[address,4] = bits(32) UNKNOWN;
4808  WriteBits32UnknownToMemory(address + offset);
4809  else {
4810  // MemA[address,4] = R[i];
4811  uint32_t data = ReadRegisterUnsigned(eRegisterKindDWARF, dwarf_r0 + i,
4812  0, &success);
4813  if (!success)
4814  return false;
4815 
4816  RegisterInfo data_reg;
4817  GetRegisterInfo(eRegisterKindDWARF, dwarf_r0 + i, data_reg);
4818  context.SetRegisterToRegisterPlusOffset(data_reg, base_reg,
4819  Rn - (address + offset));
4820  if (!MemAWrite(context, address + offset, data, addr_byte_size))
4821  return false;
4822  }
4823 
4824  // address = address + 4;
4825  offset += addr_byte_size;
4826  }
4827  }
4828 
4829  // if registers<15> == '1' then
4830  // MemA[address,4] = PCStoreValue();
4831  if (BitIsSet(registers, 15)) {
4832  RegisterInfo pc_reg;
4833  GetRegisterInfo(eRegisterKindDWARF, dwarf_pc, pc_reg);
4834  context.SetRegisterPlusOffset(pc_reg, 8);
4835  const uint32_t pc = ReadCoreReg(PC_REG, &success);
4836  if (!success)
4837  return false;
4838 
4839  if (!MemAWrite(context, address + offset, pc, addr_byte_size))
4840  return false;
4841  }
4842 
4843  // if wback then R[n] = R[n] - 4*BitCount(registers);
4844  if (wback) {
4845  offset = (addr_byte_size * BitCount(registers)) * -1;
4846  context.type = EmulateInstruction::eContextAdjustBaseRegister;
4847  context.SetImmediateSigned(offset);
4848  addr_t data = Rn + offset;
4849  if (!WriteRegisterUnsigned(context, eRegisterKindDWARF, dwarf_r0 + n,
4850  data))
4851  return false;
4852  }
4853  }
4854  return true;
4855 }
4856 
4857 // STMDB (Store Multiple Decrement Before) stores multiple registers to
4858 // consecutive memory locations using an address from a base register. The
4859 // consecutive memory locations end just below this address, and the address of
4860 // the first of those locations can optionally be written back to the base
4861 // register.
4862 bool EmulateInstructionARM::EmulateSTMDB(const uint32_t opcode,
4863  const ARMEncoding encoding) {
4864 #if 0
4865  if ConditionPassed() then
4866  EncodingSpecificOperations(); NullCheckIfThumbEE(n);
4867  address = R[n] - 4*BitCount(registers);
4868 
4869  for i = 0 to 14
4870  if registers<i> == '1' then
4871  if i == n && wback && i != LowestSetBit(registers) then
4872  MemA[address,4] = bits(32) UNKNOWN; // Only possible for encoding A1
4873  else
4874  MemA[address,4] = R[i];
4875  address = address + 4;
4876 
4877  if registers<15> == '1' then // Only possible for encoding A1
4878  MemA[address,4] = PCStoreValue();
4879 
4880  if wback then R[n] = R[n] - 4*BitCount(registers);
4881 #endif
4882 
4883  bool success = false;
4884 
4885  if (ConditionPassed(opcode)) {
4886  uint32_t n;
4887  uint32_t registers = 0;
4888  bool wback;
4889  const uint32_t addr_byte_size = GetAddressByteSize();
4890 
4891  // EncodingSpecificOperations(); NullCheckIfThumbEE(n);
4892  switch (encoding) {
4893  case eEncodingT1:
4894  // if W == '1' && Rn == '1101' then SEE PUSH;
4895  if ((BitIsSet(opcode, 21)) && (Bits32(opcode, 19, 16) == 13)) {
4896  // See PUSH
4897  }
4898  // n = UInt(Rn); registers = '0':M:'0':register_list; wback = (W == '1');
4899  n = Bits32(opcode, 19, 16);
4900  registers = Bits32(opcode, 15, 0);
4901  registers = registers & 0x5fff; // Make sure bits 15 & 13 are zeros.
4902  wback = BitIsSet(opcode, 21);
4903  // if n == 15 || BitCount(registers) < 2 then UNPREDICTABLE;
4904  if ((n == 15) || BitCount(registers) < 2)
4905  return false;
4906  // if wback && registers<n> == '1' then UNPREDICTABLE;
4907  if (wback && BitIsSet(registers, n))
4908  return false;
4909  break;
4910 
4911  case eEncodingA1:
4912  // if W == '1' && Rn == '1101' && BitCount(register_list) >= 2 then SEE
4913  // PUSH;
4914  if (BitIsSet(opcode, 21) && (Bits32(opcode, 19, 16) == 13) &&
4915  BitCount(Bits32(opcode, 15, 0)) >= 2) {
4916  // See Push
4917  }
4918  // n = UInt(Rn); registers = register_list; wback = (W == '1');
4919  n = Bits32(opcode, 19, 16);
4920  registers = Bits32(opcode, 15, 0);
4921  wback = BitIsSet(opcode, 21);
4922  // if n == 15 || BitCount(registers) < 1 then UNPREDICTABLE;
4923  if ((n == 15) || BitCount(registers) < 1)
4924  return false;
4925  break;
4926 
4927  default:
4928  return false;
4929  }
4930 
4931  // address = R[n] - 4*BitCount(registers);
4932 
4933  int32_t offset = 0;
4934  addr_t Rn =
4935  ReadRegisterUnsigned(eRegisterKindDWARF, dwarf_r0 + n, 0, &success);
4936  if (!success)
4937  return false;
4938 
4939  addr_t address = Rn - (addr_byte_size * BitCount(registers));
4940 
4941  EmulateInstruction::Context context;
4942  context.type = EmulateInstruction::eContextRegisterStore;
4943  RegisterInfo base_reg;
4944  GetRegisterInfo(eRegisterKindDWARF, dwarf_r0 + n, base_reg);
4945 
4946  // for i = 0 to 14
4947  uint32_t lowest_set_bit = 14;
4948  for (uint32_t i = 0; i < 14; ++i) {
4949  // if registers<i> == '1' then
4950  if (BitIsSet(registers, i)) {
4951  if (i < lowest_set_bit)
4952  lowest_set_bit = i;
4953  // if i == n && wback && i != LowestSetBit(registers) then
4954  if ((i == n) && wback && (i != lowest_set_bit))
4955  // MemA[address,4] = bits(32) UNKNOWN; // Only possible for encoding
4956  // A1
4957  WriteBits32UnknownToMemory(address + offset);
4958  else {
4959  // MemA[address,4] = R[i];
4960  uint32_t data = ReadRegisterUnsigned(eRegisterKindDWARF, dwarf_r0 + i,
4961  0, &success);
4962  if (!success)
4963  return false;
4964 
4965  RegisterInfo data_reg;
4966  GetRegisterInfo(eRegisterKindDWARF, dwarf_r0 + i, data_reg);
4967  context.SetRegisterToRegisterPlusOffset(data_reg, base_reg,
4968  Rn - (address + offset));
4969  if (!MemAWrite(context, address + offset, data, addr_byte_size))
4970  return false;
4971  }
4972 
4973  // address = address + 4;
4974  offset += addr_byte_size;
4975  }
4976  }
4977 
4978  // if registers<15> == '1' then // Only possible for encoding A1
4979  // MemA[address,4] = PCStoreValue();
4980  if (BitIsSet(registers, 15)) {
4981  RegisterInfo pc_reg;
4982  GetRegisterInfo(eRegisterKindDWARF, dwarf_pc, pc_reg);
4983  context.SetRegisterPlusOffset(pc_reg, 8);
4984  const uint32_t pc = ReadCoreReg(PC_REG, &success);
4985  if (!success)
4986  return false;
4987 
4988  if (!MemAWrite(context, address + offset, pc, addr_byte_size))
4989  return false;
4990  }
4991 
4992  // if wback then R[n] = R[n] - 4*BitCount(registers);
4993  if (wback) {
4994  offset = (addr_byte_size * BitCount(registers)) * -1;
4995  context.type = EmulateInstruction::eContextAdjustBaseRegister;
4996  context.SetImmediateSigned(offset);
4997  addr_t data = Rn + offset;
4998  if (!WriteRegisterUnsigned(context, eRegisterKindDWARF, dwarf_r0 + n,
4999  data))
5000  return false;
5001  }
5002  }
5003  return true;
5004 }
5005 
5006 // STMIB (Store Multiple Increment Before) stores multiple registers to
5007 // consecutive memory locations using an address from a base register. The
5008 // consecutive memory locations start just above this address, and the address
5009 // of the last of those locations can optionally be written back to the base
5010 // register.
5011 bool EmulateInstructionARM::EmulateSTMIB(const uint32_t opcode,
5012  const ARMEncoding encoding) {
5013 #if 0
5014  if ConditionPassed() then
5015  EncodingSpecificOperations();
5016  address = R[n] + 4;
5017 
5018  for i = 0 to 14
5019  if registers<i> == '1' then
5020  if i == n && wback && i != LowestSetBit(registers) then
5021  MemA[address,4] = bits(32) UNKNOWN;
5022  else
5023  MemA[address,4] = R[i];
5024  address = address + 4;
5025 
5026  if registers<15> == '1' then
5027  MemA[address,4] = PCStoreValue();
5028 
5029  if wback then R[n] = R[n] + 4*BitCount(registers);
5030 #endif
5031 
5032  bool success = false;
5033 
5034  if (ConditionPassed(opcode)) {
5035  uint32_t n;
5036  uint32_t registers = 0;
5037  bool wback;
5038  const uint32_t addr_byte_size = GetAddressByteSize();
5039 
5040  // EncodingSpecificOperations();
5041  switch (encoding) {
5042  case eEncodingA1:
5043  // n = UInt(Rn); registers = register_list; wback = (W == '1');
5044  n = Bits32(opcode, 19, 16);
5045  registers = Bits32(opcode, 15, 0);
5046  wback = BitIsSet(opcode, 21);
5047 
5048  // if n == 15 || BitCount(registers) < 1 then UNPREDICTABLE;
5049  if ((n == 15) && (BitCount(registers) < 1))
5050  return false;
5051  break;
5052  default:
5053  return false;
5054  }
5055  // address = R[n] + 4;
5056 
5057  int32_t offset = 0;
5058  addr_t Rn = ReadCoreReg(n, &success);
5059  if (!success)
5060  return false;
5061 
5062  addr_t address = Rn + addr_byte_size;
5063 
5064  EmulateInstruction::Context context;
5065  context.type = EmulateInstruction::eContextRegisterStore;
5066  RegisterInfo base_reg;
5067  GetRegisterInfo(eRegisterKindDWARF, dwarf_r0 + n, base_reg);
5068 
5069  uint32_t lowest_set_bit = 14;
5070  // for i = 0 to 14
5071  for (uint32_t i = 0; i < 14; ++i) {
5072  // if registers<i> == '1' then
5073  if (BitIsSet(registers, i)) {
5074  if (i < lowest_set_bit)
5075  lowest_set_bit = i;
5076  // if i == n && wback && i != LowestSetBit(registers) then
5077  if ((i == n) && wback && (i != lowest_set_bit))
5078  // MemA[address,4] = bits(32) UNKNOWN;
5079  WriteBits32UnknownToMemory(address + offset);
5080  // else
5081  else {
5082  // MemA[address,4] = R[i];
5083  uint32_t data = ReadRegisterUnsigned(eRegisterKindDWARF, dwarf_r0 + i,
5084  0, &success);
5085  if (!success)
5086  return false;
5087 
5088  RegisterInfo data_reg;
5089  GetRegisterInfo(eRegisterKindDWARF, dwarf_r0 + i, data_reg);
5090  context.SetRegisterToRegisterPlusOffset(data_reg, base_reg,
5091  offset + addr_byte_size);
5092  if (!MemAWrite(context, address + offset, data, addr_byte_size))
5093  return false;
5094  }
5095 
5096  // address = address + 4;
5097  offset += addr_byte_size;
5098  }
5099  }
5100 
5101  // if registers<15> == '1' then
5102  // MemA[address,4] = PCStoreValue();
5103  if (BitIsSet(registers, 15)) {
5104  RegisterInfo pc_reg;
5105  GetRegisterInfo(eRegisterKindDWARF, dwarf_pc, pc_reg);
5106  context.SetRegisterPlusOffset(pc_reg, 8);
5107  const uint32_t pc = ReadCoreReg(PC_REG, &success);
5108  if (!success)
5109  return false;
5110 
5111  if (!MemAWrite(context, address + offset, pc, addr_byte_size))
5112  return false;
5113  }
5114 
5115  // if wback then R[n] = R[n] + 4*BitCount(registers);
5116  if (wback) {
5117  offset = addr_byte_size * BitCount(registers);
5118  context.type = EmulateInstruction::eContextAdjustBaseRegister;
5119  context.SetImmediateSigned(offset);
5120  addr_t data = Rn + offset;
5121  if (!WriteRegisterUnsigned(context, eRegisterKindDWARF, dwarf_r0 + n,
5122  data))
5123  return false;
5124  }
5125  }
5126  return true;
5127 }
5128 
5129 // STR (store immediate) calculates an address from a base register value and an
5130 // immediate offset, and stores a word
5131 // from a register to memory. It can use offset, post-indexed, or pre-indexed
5132 // addressing.
5133 bool EmulateInstructionARM::EmulateSTRThumb(const uint32_t opcode,
5134  const ARMEncoding encoding) {
5135 #if 0
5136  if ConditionPassed() then
5137  EncodingSpecificOperations(); NullCheckIfThumbEE(n);
5138  offset_addr = if add then (R[n] + imm32) else (R[n] - imm32);
5139  address = if index then offset_addr else R[n];
5140  if UnalignedSupport() || address<1:0> == '00' then
5141  MemU[address,4] = R[t];
5142  else // Can only occur before ARMv7
5143  MemU[address,4] = bits(32) UNKNOWN;
5144  if wback then R[n] = offset_addr;
5145 #endif
5146 
5147  bool success = false;
5148 
5149  if (ConditionPassed(opcode)) {
5150  const uint32_t addr_byte_size = GetAddressByteSize();
5151 
5152  uint32_t t;
5153  uint32_t n;
5154  uint32_t imm32;
5155  bool index;
5156  bool add;
5157  bool wback;
5158  // EncodingSpecificOperations (); NullCheckIfThumbEE(n);
5159  switch (encoding) {
5160  case eEncodingT1:
5161  // t = UInt(Rt); n = UInt(Rn); imm32 = ZeroExtend(imm5:'00', 32);
5162  t = Bits32(opcode, 2, 0);
5163  n = Bits32(opcode, 5, 3);
5164  imm32 = Bits32(opcode, 10, 6) << 2;
5165 
5166  // index = TRUE; add = TRUE; wback = FALSE;
5167  index = true;
5168  add = false;
5169  wback = false;
5170  break;
5171 
5172  case eEncodingT2:
5173  // t = UInt(Rt); n = 13; imm32 = ZeroExtend(imm8:'00', 32);
5174  t = Bits32(opcode, 10, 8);
5175  n = 13;
5176  imm32 = Bits32(opcode, 7, 0) << 2;
5177 
5178  // index = TRUE; add = TRUE; wback = FALSE;
5179  index = true;
5180  add = true;
5181  wback = false;
5182  break;
5183 
5184  case eEncodingT3:
5185  // if Rn == '1111' then UNDEFINED;
5186  if (Bits32(opcode, 19, 16) == 15)
5187  return false;
5188 
5189  // t = UInt(Rt); n = UInt(Rn); imm32 = ZeroExtend(imm12, 32);
5190  t = Bits32(opcode, 15, 12);
5191  n = Bits32(opcode, 19, 16);
5192  imm32 = Bits32(opcode, 11, 0);
5193 
5194  // index = TRUE; add = TRUE; wback = FALSE;
5195  index = true;
5196  add = true;
5197  wback = false;
5198 
5199  // if t == 15 then UNPREDICTABLE;
5200  if (t == 15)
5201  return false;
5202  break;
5203 
5204  case eEncodingT4:
5205  // if P == '1' && U == '1' && W == '0' then SEE STRT;
5206  // if Rn == '1101' && P == '1' && U == '0' && W == '1' && imm8 ==
5207  // '00000100' then SEE PUSH;
5208  // if Rn == '1111' || (P == '0' && W == '0') then UNDEFINED;
5209  if ((Bits32(opcode, 19, 16) == 15) ||
5210  (BitIsClear(opcode, 10) && BitIsClear(opcode, 8)))
5211  return false;
5212 
5213  // t = UInt(Rt); n = UInt(Rn); imm32 = ZeroExtend(imm8, 32);
5214  t = Bits32(opcode, 15, 12);
5215  n = Bits32(opcode, 19, 16);
5216  imm32 = Bits32(opcode, 7, 0);
5217 
5218  // index = (P == '1'); add = (U == '1'); wback = (W == '1');
5219  index = BitIsSet(opcode, 10);
5220  add = BitIsSet(opcode, 9);
5221  wback = BitIsSet(opcode, 8);
5222 
5223  // if t == 15 || (wback && n == t) then UNPREDICTABLE;
5224  if ((t == 15) || (wback && (n == t)))
5225  return false;
5226  break;
5227 
5228  default:
5229  return false;
5230  }
5231 
5232  addr_t offset_addr;
5233  addr_t address;
5234 
5235  // offset_addr = if add then (R[n] + imm32) else (R[n] - imm32);
5236  uint32_t base_address = ReadCoreReg(n, &success);
5237  if (!success)
5238  return false;
5239 
5240  if (add)
5241  offset_addr = base_address + imm32;
5242  else
5243  offset_addr = base_address - imm32;
5244 
5245  // address = if index then offset_addr else R[n];
5246  if (index)
5247  address = offset_addr;
5248  else
5249  address = base_address;
5250 
5251  EmulateInstruction::Context context;
5252  if (n == 13)
5253  context.type = eContextPushRegisterOnStack;
5254  else
5255  context.type = eContextRegisterStore;
5256 
5257  RegisterInfo base_reg;
5258  GetRegisterInfo(eRegisterKindDWARF, dwarf_r0 + n, base_reg);
5259 
5260  // if UnalignedSupport() || address<1:0> == '00' then
5261  if (UnalignedSupport() ||
5262  (BitIsClear(address, 1) && BitIsClear(address, 0))) {
5263  // MemU[address,4] = R[t];
5264  uint32_t data =
5265  ReadRegisterUnsigned(eRegisterKindDWARF, dwarf_r0 + t, 0, &success);
5266  if (!success)
5267  return false;
5268 
5269  RegisterInfo data_reg;
5270  GetRegisterInfo(eRegisterKindDWARF, dwarf_r0 + t, data_reg);
5271  int32_t offset = address - base_address;
5272  context.SetRegisterToRegisterPlusOffset(data_reg, base_reg, offset);
5273  if (!MemUWrite(context, address, data, addr_byte_size))
5274  return false;
5275  } else {
5276  // MemU[address,4] = bits(32) UNKNOWN;
5277  WriteBits32UnknownToMemory(address);
5278  }
5279 
5280  // if wback then R[n] = offset_addr;
5281  if (wback) {
5282  if (n == 13)
5283  context.type = eContextAdjustStackPointer;
5284  else
5285  context.type = eContextAdjustBaseRegister;
5286  context.SetAddress(offset_addr);
5287 
5288  if (!WriteRegisterUnsigned(context, eRegisterKindDWARF, dwarf_r0 + n,
5289  offset_addr))
5290  return false;
5291  }
5292  }
5293  return true;
5294 }
5295 
5296 // STR (Store Register) calculates an address from a base register value and an
5297 // offset register value, stores a
5298 // word from a register to memory. The offset register value can optionally
5299 // be shifted.
5300 bool EmulateInstructionARM::EmulateSTRRegister(const uint32_t opcode,
5301  const ARMEncoding encoding) {
5302 #if 0
5303  if ConditionPassed() then
5304  EncodingSpecificOperations(); NullCheckIfThumbEE(n);
5305  offset = Shift(R[m], shift_t, shift_n, APSR.C);
5306  offset_addr = if add then (R[n] + offset) else (R[n] - offset);
5307  address = if index then offset_addr else R[n];
5308  if t == 15 then // Only possible for encoding A1
5309  data = PCStoreValue();
5310  else
5311  data = R[t];
5312  if UnalignedSupport() || address<1:0> == '00' || CurrentInstrSet() == InstrSet_ARM then
5313  MemU[address,4] = data;
5314  else // Can only occur before ARMv7
5315  MemU[address,4] = bits(32) UNKNOWN;
5316  if wback then R[n] = offset_addr;
5317 #endif
5318 
5319  bool success = false;
5320 
5321  if (ConditionPassed(opcode)) {
5322  const uint32_t addr_byte_size = GetAddressByteSize();
5323 
5324  uint32_t t;
5325  uint32_t n;
5326  uint32_t m;
5327  ARM_ShifterType shift_t;
5328  uint32_t shift_n;
5329  bool index;
5330  bool add;
5331  bool wback;
5332 
5333  // EncodingSpecificOperations (); NullCheckIfThumbEE(n);
5334  switch (encoding) {
5335  case eEncodingT1:
5336  // if CurrentInstrSet() == InstrSet_ThumbEE then SEE "Modified operation
5337  // in ThumbEE";
5338  // t = UInt(Rt); n = UInt(Rn); m = UInt(Rm);
5339  t = Bits32(opcode, 2, 0);
5340  n = Bits32(opcode, 5, 3);
5341  m = Bits32(opcode, 8, 6);
5342 
5343  // index = TRUE; add = TRUE; wback = FALSE;
5344  index = true;
5345  add = true;
5346  wback = false;
5347 
5348  // (shift_t, shift_n) = (SRType_LSL, 0);
5349  shift_t = SRType_LSL;
5350  shift_n = 0;
5351  break;
5352 
5353  case eEncodingT2:
5354  // if Rn == '1111' then UNDEFINED;
5355  if (Bits32(opcode, 19, 16) == 15)
5356  return false;
5357 
5358  // t = UInt(Rt); n = UInt(Rn); m = UInt(Rm);
5359  t = Bits32(opcode, 15, 12);
5360  n = Bits32(opcode, 19, 16);
5361  m = Bits32(opcode, 3, 0);
5362 
5363  // index = TRUE; add = TRUE; wback = FALSE;
5364  index = true;
5365  add = true;
5366  wback = false;
5367 
5368  // (shift_t, shift_n) = (SRType_LSL, UInt(imm2));
5369  shift_t = SRType_LSL;
5370  shift_n = Bits32(opcode, 5, 4);
5371 
5372  // if t == 15 || BadReg(m) then UNPREDICTABLE;
5373  if ((t == 15) || (BadReg(m)))
5374  return false;
5375  break;
5376 
5377  case eEncodingA1: {
5378  // if P == '0' && W == '1' then SEE STRT;
5379  // t = UInt(Rt); n = UInt(Rn); m = UInt(Rm);
5380  t = Bits32(opcode, 15, 12);
5381  n = Bits32(opcode, 19, 16);
5382  m = Bits32(opcode, 3, 0);
5383 
5384  // index = (P == '1'); add = (U == '1'); wback = (P == '0') ||
5385  // (W == '1');
5386  index = BitIsSet(opcode, 24);
5387  add = BitIsSet(opcode, 23);
5388  wback = (BitIsClear(opcode, 24) || BitIsSet(opcode, 21));
5389 
5390  // (shift_t, shift_n) = DecodeImmShift(type, imm5);
5391  uint32_t typ = Bits32(opcode, 6, 5);
5392  uint32_t imm5 = Bits32(opcode, 11, 7);
5393  shift_n = DecodeImmShift(typ, imm5, shift_t);
5394 
5395  // if m == 15 then UNPREDICTABLE;
5396  if (m == 15)
5397  return false;
5398 
5399  // if wback && (n == 15 || n == t) then UNPREDICTABLE;
5400  if (wback && ((n == 15) || (n == t)))
5401  return false;
5402 
5403  break;
5404  }
5405  default:
5406  return false;
5407  }
5408 
5409  addr_t offset_addr;
5410  addr_t address;
5411  int32_t offset = 0;
5412 
5413  addr_t base_address =
5414  ReadRegisterUnsigned(eRegisterKindDWARF, dwarf_r0 + n, 0, &success);
5415  if (!success)
5416  return false;
5417 
5418  uint32_t Rm_data =
5419  ReadRegisterUnsigned(eRegisterKindDWARF, dwarf_r0 + m, 0, &success);
5420  if (!success)
5421  return false;
5422 
5423  // offset = Shift(R[m], shift_t, shift_n, APSR.C);
5424  offset = Shift(Rm_data, shift_t, shift_n, APSR_C, &success);
5425  if (!success)
5426  return false;
5427 
5428  // offset_addr = if add then (R[n] + offset) else (R[n] - offset);
5429  if (add)
5430  offset_addr = base_address + offset;
5431  else
5432  offset_addr = base_address - offset;
5433 
5434  // address = if index then offset_addr else R[n];
5435  if (index)
5436  address = offset_addr;
5437  else
5438  address = base_address;
5439 
5440  uint32_t data;
5441  // if t == 15 then // Only possible for encoding A1
5442  if (t == 15)
5443  // data = PCStoreValue();
5444  data = ReadCoreReg(PC_REG, &success);
5445  else
5446  // data = R[t];
5447  data =
5448  ReadRegisterUnsigned(eRegisterKindDWARF, dwarf_r0 + t, 0, &success);
5449 
5450  if (!success)
5451  return false;
5452 
5453  EmulateInstruction::Context context;
5454  context.type = eContextRegisterStore;
5455 
5456  // if UnalignedSupport() || address<1:0> == '00' || CurrentInstrSet() ==
5457  // InstrSet_ARM then
5458  if (UnalignedSupport() ||
5459  (BitIsClear(address, 1) && BitIsClear(address, 0)) ||
5460  CurrentInstrSet() == eModeARM) {
5461  // MemU[address,4] = data;
5462 
5463  RegisterInfo base_reg;
5464  GetRegisterInfo(eRegisterKindDWARF, dwarf_r0 + n, base_reg);
5465 
5466  RegisterInfo data_reg;
5467  GetRegisterInfo(eRegisterKindDWARF, dwarf_r0 + t, data_reg);
5468 
5469  context.SetRegisterToRegisterPlusOffset(data_reg, base_reg,
5470  address - base_address);
5471  if (!MemUWrite(context, address, data, addr_byte_size))
5472  return false;
5473 
5474  } else
5475  // MemU[address,4] = bits(32) UNKNOWN;
5476  WriteBits32UnknownToMemory(address);
5477 
5478  // if wback then R[n] = offset_addr;
5479  if (wback) {
5480  context.type = eContextRegisterLoad;
5481  context.SetAddress(offset_addr);
5482  if (!WriteRegisterUnsigned(context, eRegisterKindDWARF, dwarf_r0 + n,
5483  offset_addr))
5484  return false;
5485  }
5486  }
5487  return true;
5488 }
5489 
5490 bool EmulateInstructionARM::EmulateSTRBThumb(const uint32_t opcode,
5491  const ARMEncoding encoding) {
5492 #if 0
5493  if ConditionPassed() then
5494  EncodingSpecificOperations(); NullCheckIfThumbEE(n);
5495  offset_addr = if add then (R[n] + imm32) else (R[n] - imm32);
5496  address = if index then offset_addr else R[n];
5497  MemU[address,1] = R[t]<7:0>;
5498  if wback then R[n] = offset_addr;
5499 #endif
5500 
5501  bool success = false;
5502 
5503  if (ConditionPassed(opcode)) {
5504  uint32_t t;
5505  uint32_t n;
5506  uint32_t imm32;
5507  bool index;
5508  bool add;
5509  bool wback;
5510  // EncodingSpecificOperations(); NullCheckIfThumbEE(n);
5511  switch (encoding) {
5512  case eEncodingT1:
5513  // t = UInt(Rt); n = UInt(Rn); imm32 = ZeroExtend(imm5, 32);
5514  t = Bits32(opcode, 2, 0);
5515  n = Bits32(opcode, 5, 3);
5516  imm32 = Bits32(opcode, 10, 6);
5517 
5518  // index = TRUE; add = TRUE; wback = FALSE;
5519  index = true;
5520  add = true;
5521  wback = false;
5522  break;
5523 
5524  case eEncodingT2:
5525  // if Rn == '1111' then UNDEFINED;
5526  if (Bits32(opcode, 19, 16) == 15)
5527  return false;
5528 
5529  // t = UInt(Rt); n = UInt(Rn); imm32 = ZeroExtend(imm12, 32);
5530  t = Bits32(opcode, 15, 12);
5531  n = Bits32(opcode, 19, 16);
5532  imm32 = Bits32(opcode, 11, 0);
5533 
5534  // index = TRUE; add = TRUE; wback = FALSE;
5535  index = true;
5536  add = true;
5537  wback = false;
5538 
5539  // if BadReg(t) then UNPREDICTABLE;
5540  if (BadReg(t))
5541  return false;
5542  break;
5543 
5544  case eEncodingT3:
5545  // if P == '1' && U == '1' && W == '0' then SEE STRBT;
5546  // if Rn == '1111' || (P == '0' && W == '0') then UNDEFINED;
5547  if (Bits32(opcode, 19, 16) == 15)
5548  return false;
5549 
5550  // t = UInt(Rt); n = UInt(Rn); imm32 = ZeroExtend(imm8, 32);
5551  t = Bits32(opcode, 15, 12);
5552  n = Bits32(opcode, 19, 16);
5553  imm32 = Bits32(opcode, 7, 0);
5554 
5555  // index = (P == '1'); add = (U == '1'); wback = (W == '1');
5556  index = BitIsSet(opcode, 10);
5557  add = BitIsSet(opcode, 9);
5558  wback = BitIsSet(opcode, 8);
5559 
5560  // if BadReg(t) || (wback && n == t) then UNPREDICTABLE
5561  if ((BadReg(t)) || (wback && (n == t)))
5562  return false;
5563  break;
5564 
5565  default:
5566  return false;
5567  }
5568 
5569  addr_t offset_addr;
5570  addr_t address;
5571  addr_t base_address =
5572  ReadRegisterUnsigned(eRegisterKindDWARF, dwarf_r0 + n, 0, &success);
5573  if (!success)
5574  return false;
5575 
5576  // offset_addr = if add then (R[n] + imm32) else (R[n] - imm32);
5577  if (add)
5578  offset_addr = base_address + imm32;
5579  else
5580  offset_addr = base_address - imm32;
5581 
5582  // address = if index then offset_addr else R[n];
5583  if (index)
5584  address = offset_addr;
5585  else
5586  address = base_address;
5587 
5588  // MemU[address,1] = R[t]<7:0>
5589  RegisterInfo base_reg;
5590  GetRegisterInfo(eRegisterKindDWARF, dwarf_r0 + n, base_reg);
5591 
5592  RegisterInfo data_reg;
5593  GetRegisterInfo(eRegisterKindDWARF, dwarf_r0 + t, data_reg);
5594 
5595  EmulateInstruction::Context context;
5596  context.type = eContextRegisterStore;
5597  context.SetRegisterToRegisterPlusOffset(data_reg, base_reg,
5598  address - base_address);
5599 
5600  uint32_t data =
5601  ReadRegisterUnsigned(eRegisterKindDWARF, dwarf_r0 + t, 0, &success);
5602  if (!success)
5603  return false;
5604 
5605  data = Bits32(data, 7, 0);
5606 
5607  if (!MemUWrite(context, address, data, 1))
5608  return false;
5609 
5610  // if wback then R[n] = offset_addr;
5611  if (wback) {
5612  context.type = eContextRegisterLoad;
5613  context.SetAddress(offset_addr);
5614  if (!WriteRegisterUnsigned(context, eRegisterKindDWARF, dwarf_r0 + n,
5615  offset_addr))
5616  return false;
5617  }
5618  }
5619 
5620  return true;
5621 }
5622 
5623 // STRH (register) calculates an address from a base register value and an
5624 // offset register value, and stores a
5625 // halfword from a register to memory. The offset register value can be
5626 // shifted left by 0, 1, 2, or 3 bits.
5627 bool EmulateInstructionARM::EmulateSTRHRegister(const uint32_t opcode,
5628  const ARMEncoding encoding) {
5629 #if 0
5630  if ConditionPassed() then
5631  EncodingSpecificOperations(); NullCheckIfThumbEE(n);
5632  offset = Shift(R[m], shift_t, shift_n, APSR.C);
5633  offset_addr = if add then (R[n] + offset) else (R[n] - offset);
5634  address = if index then offset_addr else R[n];
5635  if UnalignedSupport() || address<0> == '0' then
5636  MemU[address,2] = R[t]<15:0>;
5637  else // Can only occur before ARMv7
5638  MemU[address,2] = bits(16) UNKNOWN;
5639  if wback then R[n] = offset_addr;
5640 #endif
5641 
5642  bool success = false;
5643 
5644  if (ConditionPassed(opcode)) {
5645  uint32_t t;
5646  uint32_t n;
5647  uint32_t m;
5648  bool index;
5649  bool add;
5650  bool wback;
5651  ARM_ShifterType shift_t;
5652  uint32_t shift_n;
5653 
5654  // EncodingSpecificOperations(); NullCheckIfThumbEE(n);
5655  switch (encoding) {
5656  case eEncodingT1:
5657  // if CurrentInstrSet() == InstrSet_ThumbEE then SEE "Modified operation
5658  // in ThumbEE";
5659  // t = UInt(Rt); n = UInt(Rn); m = UInt(Rm);
5660  t = Bits32(opcode, 2, 0);
5661  n = Bits32(opcode, 5, 3);
5662  m = Bits32(opcode, 8, 6);
5663 
5664  // index = TRUE; add = TRUE; wback = FALSE;
5665  index = true;
5666  add = true;
5667  wback = false;
5668 
5669  // (shift_t, shift_n) = (SRType_LSL, 0);
5670  shift_t = SRType_LSL;
5671  shift_n = 0;
5672 
5673  break;
5674 
5675  case eEncodingT2:
5676  // if Rn == '1111' then UNDEFINED;
5677  // t = UInt(Rt); n = UInt(Rn); m = UInt(Rm);
5678  t = Bits32(opcode, 15, 12);
5679  n = Bits32(opcode, 19, 16);
5680  m = Bits32(opcode, 3, 0);
5681  if (n == 15)
5682  return false;
5683 
5684  // index = TRUE; add = TRUE; wback = FALSE;
5685  index = true;
5686  add = true;
5687  wback = false;
5688 
5689  // (shift_t, shift_n) = (SRType_LSL, UInt(imm2));
5690  shift_t = SRType_LSL;
5691  shift_n = Bits32(opcode, 5, 4);
5692 
5693  // if BadReg(t) || BadReg(m) then UNPREDICTABLE;
5694  if (BadReg(t) || BadReg(m))
5695  return false;
5696 
5697  break;
5698 
5699  case eEncodingA1:
5700  // if P == '0' && W == '1' then SEE STRHT;
5701  // t = UInt(Rt); n = UInt(Rn); m = UInt(Rm);
5702  t = Bits32(opcode, 15, 12);
5703  n = Bits32(opcode, 19, 16);
5704  m = Bits32(opcode, 3, 0);
5705 
5706  // index = (P == '1'); add = (U == '1'); wback = (P == '0') ||
5707  // (W == '1');
5708  index = BitIsSet(opcode, 24);
5709  add = BitIsSet(opcode, 23);
5710  wback = (BitIsClear(opcode, 24) || BitIsSet(opcode, 21));
5711 
5712  // (shift_t, shift_n) = (SRType_LSL, 0);
5713  shift_t = SRType_LSL;
5714  shift_n = 0;
5715 
5716  // if t == 15 || m == 15 then UNPREDICTABLE;
5717  if ((t == 15) || (m == 15))
5718  return false;
5719 
5720  // if wback && (n == 15 || n == t) then UNPREDICTABLE;
5721  if (wback && ((n == 15) || (n == t)))
5722  return false;
5723 
5724  break;
5725 
5726  default:
5727  return false;
5728  }
5729 
5730  uint32_t Rm = ReadCoreReg(m, &success);
5731  if (!success)
5732  return false;
5733 
5734  uint32_t Rn = ReadCoreReg(n, &success);
5735  if (!success)
5736  return false;
5737 
5738  // offset = Shift(R[m], shift_t, shift_n, APSR.C);
5739  uint32_t offset = Shift(Rm, shift_t, shift_n, APSR_C, &success);
5740  if (!success)
5741  return false;
5742 
5743  // offset_addr = if add then (R[n] + offset) else (R[n] - offset);
5744  addr_t offset_addr;
5745  if (add)
5746  offset_addr = Rn + offset;
5747  else
5748  offset_addr = Rn - offset;
5749 
5750  // address = if index then offset_addr else R[n];
5751  addr_t address;
5752  if (index)
5753  address = offset_addr;
5754  else
5755  address = Rn;
5756 
5757  EmulateInstruction::Context context;
5758  context.type = eContextRegisterStore;
5759  RegisterInfo base_reg;
5760  GetRegisterInfo(eRegisterKindDWARF, dwarf_r0 + n, base_reg);
5761  RegisterInfo offset_reg;
5762  GetRegisterInfo(eRegisterKindDWARF, dwarf_r0 + m, offset_reg);
5763 
5764  // if UnalignedSupport() || address<0> == '0' then
5765  if (UnalignedSupport() || BitIsClear(address, 0)) {
5766  // MemU[address,2] = R[t]<15:0>;
5767  uint32_t Rt = ReadCoreReg(t, &success);
5768  if (!success)
5769  return false;
5770 
5771  EmulateInstruction::Context context;
5772  context.type = eContextRegisterStore;
5773  RegisterInfo base_reg;
5774  GetRegisterInfo(eRegisterKindDWARF, dwarf_r0 + n, base_reg);
5775  RegisterInfo offset_reg;
5776  GetRegisterInfo(eRegisterKindDWARF, dwarf_r0 + m, offset_reg);
5777  RegisterInfo data_reg;
5778  GetRegisterInfo(eRegisterKindDWARF, dwarf_r0 + t, data_reg);
5779  context.SetRegisterToRegisterPlusIndirectOffset(base_reg, offset_reg,
5780  data_reg);
5781 
5782  if (!MemUWrite(context, address, Bits32(Rt, 15, 0), 2))
5783  return false;
5784  } else // Can only occur before ARMv7
5785  {
5786  // MemU[address,2] = bits(16) UNKNOWN;
5787  }
5788 
5789  // if wback then R[n] = offset_addr;
5790  if (wback) {
5791  context.type = eContextAdjustBaseRegister;
5792  context.SetAddress(offset_addr);
5793  if (!WriteRegisterUnsigned(context, eRegisterKindDWARF, dwarf_r0 + n,
5794  offset_addr))
5795  return false;
5796  }
5797  }
5798 
5799  return true;
5800 }
5801 
5802 // Add with Carry (immediate) adds an immediate value and the carry flag value
5803 // to a register value, and writes the result to the destination register. It
5804 // can optionally update the condition flags based on the result.
5805 bool EmulateInstructionARM::EmulateADCImm(const uint32_t opcode,
5806  const ARMEncoding encoding) {
5807 #if 0
5808  // ARM pseudo code...
5809  if ConditionPassed() then
5810  EncodingSpecificOperations();
5811  (result, carry, overflow) = AddWithCarry(R[n], imm32, APSR.C);
5812  if d == 15 then // Can only occur for ARM encoding
5813  ALUWritePC(result); // setflags is always FALSE here
5814  else
5815  R[d] = result;
5816  if setflags then
5817  APSR.N = result<31>;
5818  APSR.Z = IsZeroBit(result);
5819  APSR.C = carry;
5820  APSR.V = overflow;
5821 #endif
5822 
5823  bool success = false;
5824 
5825  if (ConditionPassed(opcode)) {
5826  uint32_t Rd, Rn;
5827  uint32_t
5828  imm32; // the immediate value to be added to the value obtained from Rn
5829  bool setflags;
5830  switch (encoding) {
5831  case eEncodingT1:
5832  Rd = Bits32(opcode, 11, 8);
5833  Rn = Bits32(opcode, 19, 16);
5834  setflags = BitIsSet(opcode, 20);
5835  imm32 = ThumbExpandImm(opcode); // imm32 = ThumbExpandImm(i:imm3:imm8)
5836  if (BadReg(Rd) || BadReg(Rn))
5837  return false;
5838  break;
5839  case eEncodingA1:
5840  Rd = Bits32(opcode, 15, 12);
5841  Rn = Bits32(opcode, 19, 16);
5842  setflags = BitIsSet(opcode, 20);
5843  imm32 = ARMExpandImm(opcode); // imm32 = ARMExpandImm(imm12)
5844 
5845  if (Rd == 15 && setflags)
5846  return EmulateSUBSPcLrEtc(opcode, encoding);
5847  break;
5848  default:
5849  return false;
5850  }
5851 
5852  // Read the first operand.
5853  int32_t val1 = ReadCoreReg(Rn, &success);
5854  if (!success)
5855  return false;
5856 
5857  AddWithCarryResult res = AddWithCarry(val1, imm32, APSR_C);
5858 
5859  EmulateInstruction::Context context;
5860  context.type = EmulateInstruction::eContextImmediate;
5861  context.SetNoArgs();
5862 
5863  if (!WriteCoreRegOptionalFlags(context, res.result, Rd, setflags,
5864  res.carry_out, res.overflow))
5865  return false;
5866  }
5867  return true;
5868 }
5869 
5870 // Add with Carry (register) adds a register value, the carry flag value, and
5871 // an optionally-shifted register value, and writes the result to the
5872 // destination register. It can optionally update the condition flags based on
5873 // the result.
5874 bool EmulateInstructionARM::EmulateADCReg(const uint32_t opcode,
5875  const ARMEncoding encoding) {
5876 #if 0
5877  // ARM pseudo code...
5878  if ConditionPassed() then
5879  EncodingSpecificOperations();
5880  shifted = Shift(R[m], shift_t, shift_n, APSR.C);
5881  (result, carry, overflow) = AddWithCarry(R[n], shifted, APSR.C);
5882  if d == 15 then // Can only occur for ARM encoding
5883  ALUWritePC(result); // setflags is always FALSE here
5884  else
5885  R[d] = result;
5886  if setflags then
5887  APSR.N = result<31>;
5888  APSR.Z = IsZeroBit(result);
5889  APSR.C = carry;
5890  APSR.V = overflow;
5891 #endif
5892 
5893  bool success = false;
5894 
5895  if (ConditionPassed(opcode)) {
5896  uint32_t Rd, Rn, Rm;
5897  ARM_ShifterType shift_t;
5898  uint32_t shift_n; // the shift applied to the value read from Rm
5899  bool setflags;
5900  switch (encoding) {
5901  case eEncodingT1:
5902  Rd = Rn = Bits32(opcode, 2, 0);
5903  Rm = Bits32(opcode, 5, 3);
5904  setflags = !InITBlock();
5905  shift_t = SRType_LSL;
5906  shift_n = 0;
5907  break;
5908  case eEncodingT2:
5909  Rd = Bits32(opcode, 11, 8);
5910  Rn = Bits32(opcode, 19, 16);
5911  Rm = Bits32(opcode, 3, 0);
5912  setflags = BitIsSet(opcode, 20);
5913  shift_n = DecodeImmShiftThumb(opcode, shift_t);
5914  if (BadReg(Rd) || BadReg(Rn) || BadReg(Rm))
5915  return false;
5916  break;
5917  case eEncodingA1:
5918  Rd = Bits32(opcode, 15, 12);
5919  Rn = Bits32(opcode, 19, 16);
5920  Rm = Bits32(opcode, 3, 0);
5921  setflags = BitIsSet(opcode, 20);
5922  shift_n = DecodeImmShiftARM(opcode, shift_t);
5923 
5924  if (Rd == 15 && setflags)
5925  return EmulateSUBSPcLrEtc(opcode, encoding);
5926  break;
5927  default:
5928  return false;
5929  }
5930 
5931  // Read the first operand.
5932  int32_t val1 = ReadCoreReg(Rn, &success);
5933  if (!success)
5934  return false;
5935 
5936  // Read the second operand.
5937  int32_t val2 = ReadCoreReg(Rm, &success);
5938  if (!success)
5939  return false;
5940 
5941  uint32_t shifted = Shift(val2, shift_t, shift_n, APSR_C, &success);
5942  if (!success)
5943  return false;
5944  AddWithCarryResult res = AddWithCarry(val1, shifted, APSR_C);
5945 
5946  EmulateInstruction::Context context;
5947  context.type = EmulateInstruction::eContextImmediate;
5948  context.SetNoArgs();
5949 
5950  if (!WriteCoreRegOptionalFlags(context, res.result, Rd, setflags,
5951  res.carry_out, res.overflow))
5952  return false;
5953  }
5954  return true;
5955 }
5956 
5957 // This instruction adds an immediate value to the PC value to form a PC-
5958 // relative address, and writes the result to the destination register.
5959 bool EmulateInstructionARM::EmulateADR(const uint32_t opcode,
5960  const ARMEncoding encoding) {
5961 #if 0
5962  // ARM pseudo code...
5963  if ConditionPassed() then
5964  EncodingSpecificOperations();
5965  result = if add then (Align(PC,4) + imm32) else (Align(PC,4) - imm32);
5966  if d == 15 then // Can only occur for ARM encodings
5967  ALUWritePC(result);
5968  else
5969  R[d] = result;
5970 #endif
5971 
5972  bool success = false;
5973 
5974  if (ConditionPassed(opcode)) {
5975  uint32_t Rd;
5976  uint32_t imm32; // the immediate value to be added/subtracted to/from the PC
5977  bool add;
5978  switch (encoding) {
5979  case eEncodingT1:
5980  Rd = Bits32(opcode, 10, 8);
5981  imm32 = ThumbImm8Scaled(opcode); // imm32 = ZeroExtend(imm8:'00', 32)
5982  add = true;
5983  break;
5984  case eEncodingT2:
5985  case eEncodingT3:
5986  Rd = Bits32(opcode, 11, 8);
5987  imm32 = ThumbImm12(opcode); // imm32 = ZeroExtend(i:imm3:imm8, 32)
5988  add = (Bits32(opcode, 24, 21) == 0); // 0b0000 => ADD; 0b0101 => SUB
5989  if (BadReg(Rd))
5990  return false;
5991  break;
5992  case eEncodingA1:
5993  case eEncodingA2:
5994  Rd = Bits32(opcode, 15, 12);
5995  imm32 = ARMExpandImm(opcode); // imm32 = ARMExpandImm(imm12)
5996  add = (Bits32(opcode, 24, 21) == 0x4); // 0b0100 => ADD; 0b0010 => SUB
5997  break;
5998  default:
5999  return false;
6000  }
6001 
6002  // Read the PC value.
6003  uint32_t pc = ReadCoreReg(PC_REG, &success);
6004  if (!success)
6005  return false;
6006 
6007  uint32_t result = (add ? Align(pc, 4) + imm32 : Align(pc, 4) - imm32);
6008 
6009  EmulateInstruction::Context context;
6010  context.type = EmulateInstruction::eContextImmediate;
6011  context.SetNoArgs();
6012 
6013  if (!WriteCoreReg(context, result, Rd))
6014  return false;
6015  }
6016  return true;
6017 }
6018 
6019 // This instruction performs a bitwise AND of a register value and an immediate
6020 // value, and writes the result to the destination register. It can optionally
6021 // update the condition flags based on the result.
6022 bool EmulateInstructionARM::EmulateANDImm(const uint32_t opcode,
6023  const ARMEncoding encoding) {
6024 #if 0
6025  // ARM pseudo code...
6026  if ConditionPassed() then
6027  EncodingSpecificOperations();
6028  result = R[n] AND imm32;
6029  if d == 15 then // Can only occur for ARM encoding
6030  ALUWritePC(result); // setflags is always FALSE here
6031  else
6032  R[d] = result;
6033  if setflags then
6034  APSR.N = result<31>;
6035  APSR.Z = IsZeroBit(result);
6036  APSR.C = carry;
6037  // APSR.V unchanged
6038 #endif
6039 
6040  bool success = false;
6041 
6042  if (ConditionPassed(opcode)) {
6043  uint32_t Rd, Rn;
6044  uint32_t
6045  imm32; // the immediate value to be ANDed to the value obtained from Rn
6046  bool setflags;
6047  uint32_t carry; // the carry bit after ARM/Thumb Expand operation
6048  switch (encoding) {
6049  case eEncodingT1:
6050  Rd = Bits32(opcode, 11, 8);
6051  Rn = Bits32(opcode, 19, 16);
6052  setflags = BitIsSet(opcode, 20);
6053  imm32 = ThumbExpandImm_C(
6054  opcode, APSR_C,
6055  carry); // (imm32, carry) = ThumbExpandImm(i:imm3:imm8, APSR.C)
6056  // if Rd == '1111' && S == '1' then SEE TST (immediate);
6057  if (Rd == 15 && setflags)
6058  return EmulateTSTImm(opcode, eEncodingT1);
6059  if (Rd == 13 || (Rd == 15 && !setflags) || BadReg(Rn))
6060  return false;
6061  break;
6062  case eEncodingA1:
6063  Rd = Bits32(opcode, 15, 12);
6064  Rn = Bits32(opcode, 19, 16);
6065  setflags = BitIsSet(opcode, 20);
6066  imm32 =
6067  ARMExpandImm_C(opcode, APSR_C,
6068  carry); // (imm32, carry) = ARMExpandImm(imm12, APSR.C)
6069 
6070  if (Rd == 15 && setflags)
6071  return EmulateSUBSPcLrEtc(opcode, encoding);
6072  break;
6073  default:
6074  return false;
6075  }
6076 
6077  // Read the first operand.
6078  uint32_t val1 = ReadCoreReg(Rn, &success);
6079  if (!success)
6080  return false;
6081 
6082  uint32_t result = val1 & imm32;
6083 
6084  EmulateInstruction::Context context;
6085  context.type = EmulateInstruction::eContextImmediate;
6086  context.SetNoArgs();
6087 
6088  if (!WriteCoreRegOptionalFlags(context, result, Rd, setflags, carry))
6089  return false;
6090  }
6091  return true;
6092 }
6093 
6094 // This instruction performs a bitwise AND of a register value and an
6095 // optionally-shifted register value, and writes the result to the destination
6096 // register. It can optionally update the condition flags based on the result.
6097 bool EmulateInstructionARM::EmulateANDReg(const uint32_t opcode,
6098  const ARMEncoding encoding) {
6099 #if 0
6100  // ARM pseudo code...
6101  if ConditionPassed() then
6102  EncodingSpecificOperations();
6103  (shifted, carry) = Shift_C(R[m], shift_t, shift_n, APSR.C);
6104  result = R[n] AND shifted;
6105  if d == 15 then // Can only occur for ARM encoding
6106  ALUWritePC(result); // setflags is always FALSE here
6107  else
6108  R[d] = result;
6109  if setflags then
6110  APSR.N = result<31>;
6111  APSR.Z = IsZeroBit(result);
6112  APSR.C = carry;
6113  // APSR.V unchanged
6114 #endif
6115 
6116  bool success = false;
6117 
6118  if (ConditionPassed(opcode)) {
6119  uint32_t Rd, Rn, Rm;
6120  ARM_ShifterType shift_t;
6121  uint32_t shift_n; // the shift applied to the value read from Rm
6122  bool setflags;
6123  uint32_t carry;
6124  switch (encoding) {
6125  case eEncodingT1:
6126  Rd = Rn = Bits32(opcode, 2, 0);
6127  Rm = Bits32(opcode, 5, 3);
6128  setflags = !InITBlock();
6129  shift_t = SRType_LSL;
6130  shift_n = 0;
6131  break;
6132  case eEncodingT2:
6133  Rd = Bits32(opcode, 11, 8);
6134  Rn = Bits32(opcode, 19, 16);
6135  Rm = Bits32(opcode, 3, 0);
6136  setflags = BitIsSet(opcode, 20);
6137  shift_n = DecodeImmShiftThumb(opcode, shift_t);
6138  // if Rd == '1111' && S == '1' then SEE TST (register);
6139  if (Rd == 15 && setflags)
6140  return EmulateTSTReg(opcode, eEncodingT2);
6141  if (Rd == 13 || (Rd == 15 && !setflags) || BadReg(Rn) || BadReg(Rm))
6142  return false;
6143  break;
6144  case eEncodingA1:
6145  Rd = Bits32(opcode, 15, 12);
6146  Rn = Bits32(opcode, 19, 16);
6147  Rm = Bits32(opcode, 3, 0);
6148  setflags = BitIsSet(opcode, 20);
6149  shift_n = DecodeImmShiftARM(opcode, shift_t);
6150 
6151  if (Rd == 15 && setflags)
6152  return EmulateSUBSPcLrEtc(opcode, encoding);
6153  break;
6154  default:
6155  return false;
6156  }
6157 
6158  // Read the first operand.
6159  uint32_t val1 = ReadCoreReg(Rn, &success);
6160  if (!success)
6161  return false;
6162 
6163  // Read the second operand.
6164  uint32_t val2 = ReadCoreReg(Rm, &success);
6165  if (!success)
6166  return false;
6167 
6168  uint32_t shifted = Shift_C(val2, shift_t, shift_n, APSR_C, carry, &success);
6169  if (!success)
6170  return false;
6171  uint32_t result = val1 & shifted;
6172 
6173  EmulateInstruction::Context context;
6174  context.type = EmulateInstruction::eContextImmediate;
6175  context.SetNoArgs();
6176 
6177  if (!WriteCoreRegOptionalFlags(context, result, Rd, setflags, carry))
6178  return