1
2 /*---------------------------------------------------------------*/
3 /*--- begin guest_arm64_helpers.c ---*/
4 /*---------------------------------------------------------------*/
5
6 /*
7 This file is part of Valgrind, a dynamic binary instrumentation
8 framework.
9
10 Copyright (C) 2013-2015 OpenWorks
11 info@open-works.net
12
13 This program is free software; you can redistribute it and/or
14 modify it under the terms of the GNU General Public License as
15 published by the Free Software Foundation; either version 2 of the
16 License, or (at your option) any later version.
17
18 This program is distributed in the hope that it will be useful, but
19 WITHOUT ANY WARRANTY; without even the implied warranty of
20 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
21 General Public License for more details.
22
23 You should have received a copy of the GNU General Public License
24 along with this program; if not, write to the Free Software
25 Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
26 02110-1301, USA.
27
28 The GNU General Public License is contained in the file COPYING.
29 */
30
31 #include "libvex_basictypes.h"
32 #include "libvex_emnote.h"
33 #include "libvex_guest_arm64.h"
34 #include "libvex_ir.h"
35 #include "libvex.h"
36
37 #include "main_util.h"
38 #include "main_globals.h"
39 #include "guest_generic_bb_to_IR.h"
40 #include "guest_arm64_defs.h"
41
42
43 /* This file contains helper functions for arm guest code. Calls to
44 these functions are generated by the back end. These calls are of
45 course in the host machine code and this file will be compiled to
46 host machine code, so that all makes sense.
47
48 Only change the signatures of these helper functions very
49 carefully. If you change the signature here, you'll have to change
50 the parameters passed to it in the IR calls constructed by
51 guest_arm64_toIR.c.
52 */
53
54
55 /* Set to 1 to get detailed profiling info about individual N, Z, C
56 and V flag evaluation. */
57 #define PROFILE_NZCV_FLAGS 0
58
59 #if PROFILE_NZCV_FLAGS
60
61 static UInt tab_eval[ARM64G_CC_OP_NUMBER][16];
62 static UInt initted = 0;
63 static UInt tot_evals = 0;
64
initCounts(void)65 static void initCounts ( void )
66 {
67 UInt i, j;
68 for (i = 0; i < ARM64G_CC_OP_NUMBER; i++) {
69 for (j = 0; j < 16; j++) {
70 tab_eval[i][j] = 0;
71 }
72 }
73 initted = 1;
74 }
75
showCounts(void)76 static void showCounts ( void )
77 {
78 const HChar* nameCC[16]
79 = { "EQ", "NE", "CS", "CC", "MI", "PL", "VS", "VC",
80 "HI", "LS", "GE", "LT", "GT", "LE", "AL", "NV" };
81 UInt i, j;
82 ULong sum = 0;
83 vex_printf("\nCC_OP 0 1 2 3 "
84 " 4 5 6\n");
85 vex_printf( "--------------------------------------------------"
86 "--------------------------\n");
87 for (j = 0; j < 16; j++) {
88 vex_printf("%2d %s ", j, nameCC[j]);
89 for (i = 0; i < ARM64G_CC_OP_NUMBER; i++) {
90 vex_printf("%9d ", tab_eval[i][j]);
91 sum += tab_eval[i][j];
92 }
93 vex_printf("\n");
94 }
95 vex_printf("(In total %llu calls)\n", sum);
96 }
97
98 #define NOTE_EVAL(_cc_op, _cond) \
99 do { \
100 if (!initted) initCounts(); \
101 vassert( ((UInt)(_cc_op)) < ARM64G_CC_OP_NUMBER); \
102 vassert( ((UInt)(_cond)) < 16); \
103 tab_eval[(UInt)(_cc_op)][(UInt)(cond)]++; \
104 tot_evals++; \
105 if (0 == (tot_evals & 0x7FFF)) \
106 showCounts(); \
107 } while (0)
108
109 #endif /* PROFILE_NZCV_FLAGS */
110
111
112 /* Calculate the N flag from the supplied thunk components, in the
113 least significant bit of the word. Returned bits 63:1 are zero. */
114 static
arm64g_calculate_flag_n(ULong cc_op,ULong cc_dep1,ULong cc_dep2,ULong cc_dep3)115 ULong arm64g_calculate_flag_n ( ULong cc_op, ULong cc_dep1,
116 ULong cc_dep2, ULong cc_dep3 )
117 {
118 switch (cc_op) {
119 case ARM64G_CC_OP_COPY: {
120 /* (nzcv:28x0, unused, unused) */
121 ULong nf = (cc_dep1 >> ARM64G_CC_SHIFT_N) & 1;
122 return nf;
123 }
124 case ARM64G_CC_OP_ADD32: {
125 /* (argL, argR, unused) */
126 UInt argL = (UInt)cc_dep1;
127 UInt argR = (UInt)cc_dep2;
128 UInt res = argL + argR;
129 ULong nf = (ULong)(res >> 31);
130 return nf;
131 }
132 case ARM64G_CC_OP_ADD64: {
133 /* (argL, argR, unused) */
134 ULong argL = cc_dep1;
135 ULong argR = cc_dep2;
136 ULong res = argL + argR;
137 ULong nf = (ULong)(res >> 63);
138 return nf;
139 }
140 case ARM64G_CC_OP_SUB32: {
141 /* (argL, argR, unused) */
142 UInt argL = (UInt)cc_dep1;
143 UInt argR = (UInt)cc_dep2;
144 UInt res = argL - argR;
145 ULong nf = (ULong)(res >> 31);
146 return nf;
147 }
148 case ARM64G_CC_OP_SUB64: {
149 /* (argL, argR, unused) */
150 ULong argL = cc_dep1;
151 ULong argR = cc_dep2;
152 ULong res = argL - argR;
153 ULong nf = res >> 63;
154 return nf;
155 }
156 case ARM64G_CC_OP_ADC32: {
157 /* (argL, argR, oldC) */
158 UInt argL = cc_dep1;
159 UInt argR = cc_dep2;
160 UInt oldC = cc_dep3;
161 vassert((oldC & ~1) == 0);
162 UInt res = argL + argR + oldC;
163 ULong nf = (ULong)(res >> 31);
164 return nf;
165 }
166 case ARM64G_CC_OP_ADC64: {
167 /* (argL, argR, oldC) */
168 ULong argL = cc_dep1;
169 ULong argR = cc_dep2;
170 ULong oldC = cc_dep3;
171 vassert((oldC & ~1) == 0);
172 ULong res = argL + argR + oldC;
173 ULong nf = res >> 63;
174 return nf;
175 }
176 case ARM64G_CC_OP_SBC32: {
177 /* (argL, argR, oldC) */
178 UInt argL = cc_dep1;
179 UInt argR = cc_dep2;
180 UInt oldC = cc_dep3;
181 vassert((oldC & ~1) == 0);
182 UInt res = argL - argR - (oldC ^ 1);
183 ULong nf = (ULong)(res >> 31);
184 return nf;
185 }
186 case ARM64G_CC_OP_SBC64: {
187 /* (argL, argR, oldC) */
188 ULong argL = cc_dep1;
189 ULong argR = cc_dep2;
190 ULong oldC = cc_dep3;
191 vassert((oldC & ~1) == 0);
192 ULong res = argL - argR - (oldC ^ 1);
193 ULong nf = res >> 63;
194 return nf;
195 }
196 case ARM64G_CC_OP_LOGIC32: {
197 /* (res, unused, unused) */
198 UInt res = (UInt)cc_dep1;
199 ULong nf = res >> 31;
200 return nf;
201 }
202 case ARM64G_CC_OP_LOGIC64: {
203 /* (res, unused, unused) */
204 ULong res = cc_dep1;
205 ULong nf = res >> 63;
206 return nf;
207 }
208 //ZZ case ARMG_CC_OP_MUL: {
209 //ZZ /* (res, unused, oldC:oldV) */
210 //ZZ UInt res = cc_dep1;
211 //ZZ UInt nf = res >> 31;
212 //ZZ return nf;
213 //ZZ }
214 //ZZ case ARMG_CC_OP_MULL: {
215 //ZZ /* (resLo32, resHi32, oldC:oldV) */
216 //ZZ UInt resHi32 = cc_dep2;
217 //ZZ UInt nf = resHi32 >> 31;
218 //ZZ return nf;
219 //ZZ }
220 default:
221 /* shouldn't really make these calls from generated code */
222 vex_printf("arm64g_calculate_flag_n"
223 "( op=%llu, dep1=0x%llx, dep2=0x%llx, dep3=0x%llx )\n",
224 cc_op, cc_dep1, cc_dep2, cc_dep3 );
225 vpanic("arm64g_calculate_flag_n");
226 }
227 }
228
229
230 /* Calculate the Z flag from the supplied thunk components, in the
231 least significant bit of the word. Returned bits 63:1 are zero. */
232 static
arm64g_calculate_flag_z(ULong cc_op,ULong cc_dep1,ULong cc_dep2,ULong cc_dep3)233 ULong arm64g_calculate_flag_z ( ULong cc_op, ULong cc_dep1,
234 ULong cc_dep2, ULong cc_dep3 )
235 {
236 switch (cc_op) {
237 case ARM64G_CC_OP_COPY: {
238 /* (nzcv:28x0, unused, unused) */
239 ULong zf = (cc_dep1 >> ARM64G_CC_SHIFT_Z) & 1;
240 return zf;
241 }
242 case ARM64G_CC_OP_ADD32: {
243 /* (argL, argR, unused) */
244 UInt argL = (UInt)cc_dep1;
245 UInt argR = (UInt)cc_dep2;
246 UInt res = argL + argR;
247 ULong zf = res == 0;
248 return zf;
249 }
250 case ARM64G_CC_OP_ADD64: {
251 /* (argL, argR, unused) */
252 ULong argL = cc_dep1;
253 ULong argR = cc_dep2;
254 ULong res = argL + argR;
255 ULong zf = res == 0;
256 return zf;
257 }
258 case ARM64G_CC_OP_SUB32: {
259 /* (argL, argR, unused) */
260 UInt argL = (UInt)cc_dep1;
261 UInt argR = (UInt)cc_dep2;
262 UInt res = argL - argR;
263 ULong zf = res == 0;
264 return zf;
265 }
266 case ARM64G_CC_OP_SUB64: {
267 /* (argL, argR, unused) */
268 ULong argL = cc_dep1;
269 ULong argR = cc_dep2;
270 ULong res = argL - argR;
271 ULong zf = res == 0;
272 return zf;
273 }
274 case ARM64G_CC_OP_ADC32: {
275 /* (argL, argR, oldC) */
276 UInt argL = cc_dep1;
277 UInt argR = cc_dep2;
278 UInt oldC = cc_dep3;
279 vassert((oldC & ~1) == 0);
280 UInt res = argL + argR + oldC;
281 ULong zf = res == 0;
282 return zf;
283 }
284 case ARM64G_CC_OP_ADC64: {
285 /* (argL, argR, oldC) */
286 ULong argL = cc_dep1;
287 ULong argR = cc_dep2;
288 ULong oldC = cc_dep3;
289 vassert((oldC & ~1) == 0);
290 ULong res = argL + argR + oldC;
291 ULong zf = res == 0;
292 return zf;
293 }
294 case ARM64G_CC_OP_SBC32: {
295 /* (argL, argR, oldC) */
296 UInt argL = cc_dep1;
297 UInt argR = cc_dep2;
298 UInt oldC = cc_dep3;
299 vassert((oldC & ~1) == 0);
300 UInt res = argL - argR - (oldC ^ 1);
301 ULong zf = res == 0;
302 return zf;
303 }
304 case ARM64G_CC_OP_SBC64: {
305 /* (argL, argR, oldC) */
306 ULong argL = cc_dep1;
307 ULong argR = cc_dep2;
308 ULong oldC = cc_dep3;
309 vassert((oldC & ~1) == 0);
310 ULong res = argL - argR - (oldC ^ 1);
311 ULong zf = res == 0;
312 return zf;
313 }
314 case ARM64G_CC_OP_LOGIC32: {
315 /* (res, unused, unused) */
316 UInt res = (UInt)cc_dep1;
317 ULong zf = res == 0;
318 return zf;
319 }
320 case ARM64G_CC_OP_LOGIC64: {
321 /* (res, unused, unused) */
322 ULong res = cc_dep1;
323 ULong zf = res == 0;
324 return zf;
325 }
326 //ZZ case ARMG_CC_OP_MUL: {
327 //ZZ /* (res, unused, oldC:oldV) */
328 //ZZ UInt res = cc_dep1;
329 //ZZ UInt zf = res == 0;
330 //ZZ return zf;
331 //ZZ }
332 //ZZ case ARMG_CC_OP_MULL: {
333 //ZZ /* (resLo32, resHi32, oldC:oldV) */
334 //ZZ UInt resLo32 = cc_dep1;
335 //ZZ UInt resHi32 = cc_dep2;
336 //ZZ UInt zf = (resHi32|resLo32) == 0;
337 //ZZ return zf;
338 //ZZ }
339 default:
340 /* shouldn't really make these calls from generated code */
341 vex_printf("arm64g_calculate_flag_z"
342 "( op=%llu, dep1=0x%llx, dep2=0x%llx, dep3=0x%llx )\n",
343 cc_op, cc_dep1, cc_dep2, cc_dep3 );
344 vpanic("arm64g_calculate_flag_z");
345 }
346 }
347
348
349 /* CALLED FROM GENERATED CODE: CLEAN HELPER */
350 /* Calculate the C flag from the supplied thunk components, in the
351 least significant bit of the word. Returned bits 63:1 are zero. */
arm64g_calculate_flag_c(ULong cc_op,ULong cc_dep1,ULong cc_dep2,ULong cc_dep3)352 ULong arm64g_calculate_flag_c ( ULong cc_op, ULong cc_dep1,
353 ULong cc_dep2, ULong cc_dep3 )
354 {
355 switch (cc_op) {
356 case ARM64G_CC_OP_COPY: {
357 /* (nzcv:28x0, unused, unused) */
358 ULong cf = (cc_dep1 >> ARM64G_CC_SHIFT_C) & 1;
359 return cf;
360 }
361 case ARM64G_CC_OP_ADD32: {
362 /* (argL, argR, unused) */
363 UInt argL = (UInt)cc_dep1;
364 UInt argR = (UInt)cc_dep2;
365 UInt res = argL + argR;
366 ULong cf = res < argL;
367 return cf;
368 }
369 case ARM64G_CC_OP_ADD64: {
370 /* (argL, argR, unused) */
371 ULong argL = cc_dep1;
372 ULong argR = cc_dep2;
373 ULong res = argL + argR;
374 ULong cf = res < argL;
375 return cf;
376 }
377 case ARM64G_CC_OP_SUB32: {
378 /* (argL, argR, unused) */
379 UInt argL = (UInt)cc_dep1;
380 UInt argR = (UInt)cc_dep2;
381 ULong cf = argL >= argR;
382 return cf;
383 }
384 case ARM64G_CC_OP_SUB64: {
385 /* (argL, argR, unused) */
386 ULong argL = cc_dep1;
387 ULong argR = cc_dep2;
388 ULong cf = argL >= argR;
389 return cf;
390 }
391 case ARM64G_CC_OP_ADC32: {
392 /* (argL, argR, oldC) */
393 UInt argL = cc_dep1;
394 UInt argR = cc_dep2;
395 UInt oldC = cc_dep3;
396 vassert((oldC & ~1) == 0);
397 UInt res = argL + argR + oldC;
398 ULong cf = oldC ? (res <= argL) : (res < argL);
399 return cf;
400 }
401 case ARM64G_CC_OP_ADC64: {
402 /* (argL, argR, oldC) */
403 ULong argL = cc_dep1;
404 ULong argR = cc_dep2;
405 ULong oldC = cc_dep3;
406 vassert((oldC & ~1) == 0);
407 ULong res = argL + argR + oldC;
408 ULong cf = oldC ? (res <= argL) : (res < argL);
409 return cf;
410 }
411 case ARM64G_CC_OP_SBC32: {
412 /* (argL, argR, oldC) */
413 UInt argL = cc_dep1;
414 UInt argR = cc_dep2;
415 UInt oldC = cc_dep3;
416 vassert((oldC & ~1) == 0);
417 ULong cf = oldC ? (argL >= argR) : (argL > argR);
418 return cf;
419 }
420 case ARM64G_CC_OP_SBC64: {
421 /* (argL, argR, oldC) */
422 ULong argL = cc_dep1;
423 ULong argR = cc_dep2;
424 ULong oldC = cc_dep3;
425 vassert((oldC & ~1) == 0);
426 ULong cf = oldC ? (argL >= argR) : (argL > argR);
427 return cf;
428 }
429 case ARM64G_CC_OP_LOGIC32:
430 case ARM64G_CC_OP_LOGIC64: {
431 /* (res, unused, unused) */
432 return 0; // C after logic is zero on arm64
433 }
434 //ZZ case ARMG_CC_OP_MUL: {
435 //ZZ /* (res, unused, oldC:oldV) */
436 //ZZ UInt oldC = (cc_dep3 >> 1) & 1;
437 //ZZ vassert((cc_dep3 & ~3) == 0);
438 //ZZ UInt cf = oldC;
439 //ZZ return cf;
440 //ZZ }
441 //ZZ case ARMG_CC_OP_MULL: {
442 //ZZ /* (resLo32, resHi32, oldC:oldV) */
443 //ZZ UInt oldC = (cc_dep3 >> 1) & 1;
444 //ZZ vassert((cc_dep3 & ~3) == 0);
445 //ZZ UInt cf = oldC;
446 //ZZ return cf;
447 //ZZ }
448 default:
449 /* shouldn't really make these calls from generated code */
450 vex_printf("arm64g_calculate_flag_c"
451 "( op=%llu, dep1=0x%llx, dep2=0x%llx, dep3=0x%llx )\n",
452 cc_op, cc_dep1, cc_dep2, cc_dep3 );
453 vpanic("arm64g_calculate_flag_c");
454 }
455 }
456
457
458 /* CALLED FROM GENERATED CODE: CLEAN HELPER */
459 /* Calculate the V flag from the supplied thunk components, in the
460 least significant bit of the word. Returned bits 63:1 are zero. */
461 static
arm64g_calculate_flag_v(ULong cc_op,ULong cc_dep1,ULong cc_dep2,ULong cc_dep3)462 ULong arm64g_calculate_flag_v ( ULong cc_op, ULong cc_dep1,
463 ULong cc_dep2, ULong cc_dep3 )
464 {
465 switch (cc_op) {
466 case ARM64G_CC_OP_COPY: {
467 /* (nzcv:28x0, unused, unused) */
468 ULong vf = (cc_dep1 >> ARM64G_CC_SHIFT_V) & 1;
469 return vf;
470 }
471 case ARM64G_CC_OP_ADD32: {
472 /* (argL, argR, unused) */
473 UInt argL = (UInt)cc_dep1;
474 UInt argR = (UInt)cc_dep2;
475 UInt res = argL + argR;
476 ULong vf = (ULong)(((res ^ argL) & (res ^ argR)) >> 31);
477 return vf;
478 }
479 case ARM64G_CC_OP_ADD64: {
480 /* (argL, argR, unused) */
481 ULong argL = cc_dep1;
482 ULong argR = cc_dep2;
483 ULong res = argL + argR;
484 ULong vf = ((res ^ argL) & (res ^ argR)) >> 63;
485 return vf;
486 }
487 case ARM64G_CC_OP_SUB32: {
488 /* (argL, argR, unused) */
489 UInt argL = (UInt)cc_dep1;
490 UInt argR = (UInt)cc_dep2;
491 UInt res = argL - argR;
492 ULong vf = (ULong)(((argL ^ argR) & (argL ^ res)) >> 31);
493 return vf;
494 }
495 case ARM64G_CC_OP_SUB64: {
496 /* (argL, argR, unused) */
497 ULong argL = cc_dep1;
498 ULong argR = cc_dep2;
499 ULong res = argL - argR;
500 ULong vf = (((argL ^ argR) & (argL ^ res))) >> 63;
501 return vf;
502 }
503 case ARM64G_CC_OP_ADC32: {
504 /* (argL, argR, oldC) */
505 UInt argL = cc_dep1;
506 UInt argR = cc_dep2;
507 UInt oldC = cc_dep3;
508 vassert((oldC & ~1) == 0);
509 UInt res = argL + argR + oldC;
510 ULong vf = (ULong)(((res ^ argL) & (res ^ argR)) >> 31);
511 return vf;
512 }
513 case ARM64G_CC_OP_ADC64: {
514 /* (argL, argR, oldC) */
515 ULong argL = cc_dep1;
516 ULong argR = cc_dep2;
517 ULong oldC = cc_dep3;
518 vassert((oldC & ~1) == 0);
519 ULong res = argL + argR + oldC;
520 ULong vf = ((res ^ argL) & (res ^ argR)) >> 63;
521 return vf;
522 }
523 case ARM64G_CC_OP_SBC32: {
524 /* (argL, argR, oldC) */
525 UInt argL = cc_dep1;
526 UInt argR = cc_dep2;
527 UInt oldC = cc_dep3;
528 vassert((oldC & ~1) == 0);
529 UInt res = argL - argR - (oldC ^ 1);
530 ULong vf = (ULong)(((argL ^ argR) & (argL ^ res)) >> 31);
531 return vf;
532 }
533 case ARM64G_CC_OP_SBC64: {
534 /* (argL, argR, oldC) */
535 ULong argL = cc_dep1;
536 ULong argR = cc_dep2;
537 ULong oldC = cc_dep3;
538 vassert((oldC & ~1) == 0);
539 ULong res = argL - argR - (oldC ^ 1);
540 ULong vf = ((argL ^ argR) & (argL ^ res)) >> 63;
541 return vf;
542 }
543 case ARM64G_CC_OP_LOGIC32:
544 case ARM64G_CC_OP_LOGIC64: {
545 /* (res, unused, unused) */
546 return 0; // V after logic is zero on arm64
547 }
548 //ZZ case ARMG_CC_OP_MUL: {
549 //ZZ /* (res, unused, oldC:oldV) */
550 //ZZ UInt oldV = (cc_dep3 >> 0) & 1;
551 //ZZ vassert((cc_dep3 & ~3) == 0);
552 //ZZ UInt vf = oldV;
553 //ZZ return vf;
554 //ZZ }
555 //ZZ case ARMG_CC_OP_MULL: {
556 //ZZ /* (resLo32, resHi32, oldC:oldV) */
557 //ZZ UInt oldV = (cc_dep3 >> 0) & 1;
558 //ZZ vassert((cc_dep3 & ~3) == 0);
559 //ZZ UInt vf = oldV;
560 //ZZ return vf;
561 //ZZ }
562 default:
563 /* shouldn't really make these calls from generated code */
564 vex_printf("arm64g_calculate_flag_v"
565 "( op=%llu, dep1=0x%llx, dep2=0x%llx, dep3=0x%llx )\n",
566 cc_op, cc_dep1, cc_dep2, cc_dep3 );
567 vpanic("arm64g_calculate_flag_v");
568 }
569 }
570
571
572 /* CALLED FROM GENERATED CODE: CLEAN HELPER */
573 /* Calculate NZCV from the supplied thunk components, in the positions
574 they appear in the CPSR, viz bits 31:28 for N Z C V respectively.
575 Returned bits 27:0 are zero. */
arm64g_calculate_flags_nzcv(ULong cc_op,ULong cc_dep1,ULong cc_dep2,ULong cc_dep3)576 ULong arm64g_calculate_flags_nzcv ( ULong cc_op, ULong cc_dep1,
577 ULong cc_dep2, ULong cc_dep3 )
578 {
579 ULong f;
580 ULong res = 0;
581 f = 1 & arm64g_calculate_flag_n(cc_op, cc_dep1, cc_dep2, cc_dep3);
582 res |= (f << ARM64G_CC_SHIFT_N);
583 f = 1 & arm64g_calculate_flag_z(cc_op, cc_dep1, cc_dep2, cc_dep3);
584 res |= (f << ARM64G_CC_SHIFT_Z);
585 f = 1 & arm64g_calculate_flag_c(cc_op, cc_dep1, cc_dep2, cc_dep3);
586 res |= (f << ARM64G_CC_SHIFT_C);
587 f = 1 & arm64g_calculate_flag_v(cc_op, cc_dep1, cc_dep2, cc_dep3);
588 res |= (f << ARM64G_CC_SHIFT_V);
589 return res;
590 }
591
592 //ZZ
593 //ZZ /* CALLED FROM GENERATED CODE: CLEAN HELPER */
594 //ZZ /* Calculate the QC flag from the arguments, in the lowest bit
595 //ZZ of the word (bit 0). Urr, having this out of line is bizarre.
596 //ZZ Push back inline. */
597 //ZZ UInt armg_calculate_flag_qc ( UInt resL1, UInt resL2,
598 //ZZ UInt resR1, UInt resR2 )
599 //ZZ {
600 //ZZ if (resL1 != resR1 || resL2 != resR2)
601 //ZZ return 1;
602 //ZZ else
603 //ZZ return 0;
604 //ZZ }
605
606 /* CALLED FROM GENERATED CODE: CLEAN HELPER */
607 /* Calculate the specified condition from the thunk components, in the
608 lowest bit of the word (bit 0). Returned bits 63:1 are zero. */
arm64g_calculate_condition(ULong cond_n_op,ULong cc_dep1,ULong cc_dep2,ULong cc_dep3)609 ULong arm64g_calculate_condition ( /* ARM64Condcode << 4 | cc_op */
610 ULong cond_n_op ,
611 ULong cc_dep1,
612 ULong cc_dep2, ULong cc_dep3 )
613 {
614 ULong cond = cond_n_op >> 4;
615 ULong cc_op = cond_n_op & 0xF;
616 ULong inv = cond & 1;
617 ULong nf, zf, vf, cf;
618
619 # if PROFILE_NZCV_FLAGS
620 NOTE_EVAL(cc_op, cond);
621 # endif
622
623 // vex_printf("XXXXXXXX %llx %llx %llx %llx\n",
624 // cond_n_op, cc_dep1, cc_dep2, cc_dep3);
625
626 switch (cond) {
627 case ARM64CondEQ: // Z=1 => z
628 case ARM64CondNE: // Z=0
629 zf = arm64g_calculate_flag_z(cc_op, cc_dep1, cc_dep2, cc_dep3);
630 return inv ^ zf;
631
632 case ARM64CondCS: // C=1 => c
633 case ARM64CondCC: // C=0
634 cf = arm64g_calculate_flag_c(cc_op, cc_dep1, cc_dep2, cc_dep3);
635 return inv ^ cf;
636
637 case ARM64CondMI: // N=1 => n
638 case ARM64CondPL: // N=0
639 nf = arm64g_calculate_flag_n(cc_op, cc_dep1, cc_dep2, cc_dep3);
640 return inv ^ nf;
641
642 case ARM64CondVS: // V=1 => v
643 case ARM64CondVC: // V=0
644 vf = arm64g_calculate_flag_v(cc_op, cc_dep1, cc_dep2, cc_dep3);
645 return inv ^ vf;
646
647 case ARM64CondHI: // C=1 && Z=0 => c & ~z
648 case ARM64CondLS: // C=0 || Z=1
649 cf = arm64g_calculate_flag_c(cc_op, cc_dep1, cc_dep2, cc_dep3);
650 zf = arm64g_calculate_flag_z(cc_op, cc_dep1, cc_dep2, cc_dep3);
651 return inv ^ (1 & (cf & ~zf));
652
653 case ARM64CondGE: // N=V => ~(n^v)
654 case ARM64CondLT: // N!=V
655 nf = arm64g_calculate_flag_n(cc_op, cc_dep1, cc_dep2, cc_dep3);
656 vf = arm64g_calculate_flag_v(cc_op, cc_dep1, cc_dep2, cc_dep3);
657 return inv ^ (1 & ~(nf ^ vf));
658
659 case ARM64CondGT: // Z=0 && N=V => ~z & ~(n^v) => ~(z | (n^v))
660 case ARM64CondLE: // Z=1 || N!=V
661 nf = arm64g_calculate_flag_n(cc_op, cc_dep1, cc_dep2, cc_dep3);
662 vf = arm64g_calculate_flag_v(cc_op, cc_dep1, cc_dep2, cc_dep3);
663 zf = arm64g_calculate_flag_z(cc_op, cc_dep1, cc_dep2, cc_dep3);
664 return inv ^ (1 & ~(zf | (nf ^ vf)));
665
666 case ARM64CondAL: // 1
667 case ARM64CondNV: // 1
668 return 1;
669
670 default:
671 /* shouldn't really make these calls from generated code */
672 vex_printf("arm64g_calculate_condition(ARM64)"
673 "( %llu, %llu, 0x%llx, 0x%llx, 0x%llx )\n",
674 cond, cc_op, cc_dep1, cc_dep2, cc_dep3 );
675 vpanic("armg_calculate_condition(ARM64)");
676 }
677 }
678
679
680 /* CALLED FROM GENERATED CODE */
681 /* DIRTY HELPER (non-referentially-transparent) */
682 /* Horrible hack. On non-arm64 platforms, return 0. */
arm64g_dirtyhelper_MRS_CNTVCT_EL0(void)683 ULong arm64g_dirtyhelper_MRS_CNTVCT_EL0 ( void )
684 {
685 # if defined(__aarch64__) && !defined(__arm__)
686 ULong w = 0x5555555555555555ULL; /* overwritten */
687 __asm__ __volatile__("mrs %0, cntvct_el0" : "=r"(w));
688 return w;
689 # else
690 return 0ULL;
691 # endif
692 }
693
694
695 /*---------------------------------------------------------------*/
696 /*--- Flag-helpers translation-time function specialisers. ---*/
697 /*--- These help iropt specialise calls the above run-time ---*/
698 /*--- flags functions. ---*/
699 /*---------------------------------------------------------------*/
700
701 /* Used by the optimiser to try specialisations. Returns an
702 equivalent expression, or NULL if none. */
703
isU64(IRExpr * e,ULong n)704 static Bool isU64 ( IRExpr* e, ULong n )
705 {
706 return
707 toBool( e->tag == Iex_Const
708 && e->Iex.Const.con->tag == Ico_U64
709 && e->Iex.Const.con->Ico.U64 == n );
710 }
711
guest_arm64_spechelper(const HChar * function_name,IRExpr ** args,IRStmt ** precedingStmts,Int n_precedingStmts)712 IRExpr* guest_arm64_spechelper ( const HChar* function_name,
713 IRExpr** args,
714 IRStmt** precedingStmts,
715 Int n_precedingStmts )
716 {
717 # define unop(_op,_a1) IRExpr_Unop((_op),(_a1))
718 # define binop(_op,_a1,_a2) IRExpr_Binop((_op),(_a1),(_a2))
719 # define mkU64(_n) IRExpr_Const(IRConst_U64(_n))
720 # define mkU8(_n) IRExpr_Const(IRConst_U8(_n))
721
722 Int i, arity = 0;
723 for (i = 0; args[i]; i++)
724 arity++;
725 //ZZ # if 0
726 //ZZ vex_printf("spec request:\n");
727 //ZZ vex_printf(" %s ", function_name);
728 //ZZ for (i = 0; i < arity; i++) {
729 //ZZ vex_printf(" ");
730 //ZZ ppIRExpr(args[i]);
731 //ZZ }
732 //ZZ vex_printf("\n");
733 //ZZ # endif
734
735 /* --------- specialising "arm64g_calculate_condition" --------- */
736
737 if (vex_streq(function_name, "arm64g_calculate_condition")) {
738
739 /* specialise calls to the "arm64g_calculate_condition" function.
740 Not sure whether this is strictly necessary, but: the
741 replacement IR must produce only the values 0 or 1. Bits
742 63:1 are required to be zero. */
743 IRExpr *cond_n_op, *cc_dep1, *cc_dep2 ; //, *cc_ndep;
744 vassert(arity == 4);
745 cond_n_op = args[0]; /* (ARM64Condcode << 4) | ARM64G_CC_OP_* */
746 cc_dep1 = args[1];
747 cc_dep2 = args[2];
748 //cc_ndep = args[3];
749
750 /*---------------- SUB64 ----------------*/
751
752 /* 0, 1 */
753 if (isU64(cond_n_op, (ARM64CondEQ << 4) | ARM64G_CC_OP_SUB64)) {
754 /* EQ after SUB --> test argL == argR */
755 return unop(Iop_1Uto64,
756 binop(Iop_CmpEQ64, cc_dep1, cc_dep2));
757 }
758 if (isU64(cond_n_op, (ARM64CondNE << 4) | ARM64G_CC_OP_SUB64)) {
759 /* NE after SUB --> test argL != argR */
760 return unop(Iop_1Uto64,
761 binop(Iop_CmpNE64, cc_dep1, cc_dep2));
762 }
763
764 /* 2, 3 */
765 if (isU64(cond_n_op, (ARM64CondCS << 4) | ARM64G_CC_OP_SUB64)) {
766 /* CS after SUB --> test argL >=u argR
767 --> test argR <=u argL */
768 return unop(Iop_1Uto64,
769 binop(Iop_CmpLE64U, cc_dep2, cc_dep1));
770 }
771 if (isU64(cond_n_op, (ARM64CondCC << 4) | ARM64G_CC_OP_SUB64)) {
772 /* CC after SUB --> test argL <u argR */
773 return unop(Iop_1Uto64,
774 binop(Iop_CmpLT64U, cc_dep1, cc_dep2));
775 }
776
777 /* 8, 9 */
778 if (isU64(cond_n_op, (ARM64CondLS << 4) | ARM64G_CC_OP_SUB64)) {
779 /* LS after SUB --> test argL <=u argR */
780 return unop(Iop_1Uto64,
781 binop(Iop_CmpLE64U, cc_dep1, cc_dep2));
782 }
783 if (isU64(cond_n_op, (ARM64CondHI << 4) | ARM64G_CC_OP_SUB64)) {
784 /* HI after SUB --> test argL >u argR
785 --> test argR <u argL */
786 return unop(Iop_1Uto64,
787 binop(Iop_CmpLT64U, cc_dep2, cc_dep1));
788 }
789
790 /* 10, 11 */
791 if (isU64(cond_n_op, (ARM64CondLT << 4) | ARM64G_CC_OP_SUB64)) {
792 /* LT after SUB --> test argL <s argR */
793 return unop(Iop_1Uto64,
794 binop(Iop_CmpLT64S, cc_dep1, cc_dep2));
795 }
796 if (isU64(cond_n_op, (ARM64CondGE << 4) | ARM64G_CC_OP_SUB64)) {
797 /* GE after SUB --> test argL >=s argR
798 --> test argR <=s argL */
799 return unop(Iop_1Uto64,
800 binop(Iop_CmpLE64S, cc_dep2, cc_dep1));
801 }
802
803 /* 12, 13 */
804 if (isU64(cond_n_op, (ARM64CondGT << 4) | ARM64G_CC_OP_SUB64)) {
805 /* GT after SUB --> test argL >s argR
806 --> test argR <s argL */
807 return unop(Iop_1Uto64,
808 binop(Iop_CmpLT64S, cc_dep2, cc_dep1));
809 }
810 if (isU64(cond_n_op, (ARM64CondLE << 4) | ARM64G_CC_OP_SUB64)) {
811 /* LE after SUB --> test argL <=s argR */
812 return unop(Iop_1Uto64,
813 binop(Iop_CmpLE64S, cc_dep1, cc_dep2));
814 }
815
816 /*---------------- SUB32 ----------------*/
817
818 /* 0, 1 */
819 if (isU64(cond_n_op, (ARM64CondEQ << 4) | ARM64G_CC_OP_SUB32)) {
820 /* EQ after SUB --> test argL == argR */
821 return unop(Iop_1Uto64,
822 binop(Iop_CmpEQ32, unop(Iop_64to32, cc_dep1),
823 unop(Iop_64to32, cc_dep2)));
824 }
825 if (isU64(cond_n_op, (ARM64CondNE << 4) | ARM64G_CC_OP_SUB32)) {
826 /* NE after SUB --> test argL != argR */
827 return unop(Iop_1Uto64,
828 binop(Iop_CmpNE32, unop(Iop_64to32, cc_dep1),
829 unop(Iop_64to32, cc_dep2)));
830 }
831
832 /* 2, 3 */
833 if (isU64(cond_n_op, (ARM64CondCS << 4) | ARM64G_CC_OP_SUB32)) {
834 /* CS after SUB --> test argL >=u argR
835 --> test argR <=u argL */
836 return unop(Iop_1Uto64,
837 binop(Iop_CmpLE32U, unop(Iop_64to32, cc_dep2),
838 unop(Iop_64to32, cc_dep1)));
839 }
840 if (isU64(cond_n_op, (ARM64CondCC << 4) | ARM64G_CC_OP_SUB32)) {
841 /* CC after SUB --> test argL <u argR */
842 return unop(Iop_1Uto64,
843 binop(Iop_CmpLT32U, unop(Iop_64to32, cc_dep1),
844 unop(Iop_64to32, cc_dep2)));
845 }
846
847 /* 8, 9 */
848 if (isU64(cond_n_op, (ARM64CondLS << 4) | ARM64G_CC_OP_SUB32)) {
849 /* LS after SUB --> test argL <=u argR */
850 return unop(Iop_1Uto64,
851 binop(Iop_CmpLE32U, unop(Iop_64to32, cc_dep1),
852 unop(Iop_64to32, cc_dep2)));
853 }
854 if (isU64(cond_n_op, (ARM64CondHI << 4) | ARM64G_CC_OP_SUB32)) {
855 /* HI after SUB --> test argL >u argR
856 --> test argR <u argL */
857 return unop(Iop_1Uto64,
858 binop(Iop_CmpLT32U, unop(Iop_64to32, cc_dep2),
859 unop(Iop_64to32, cc_dep1)));
860 }
861
862 /* 10, 11 */
863 if (isU64(cond_n_op, (ARM64CondLT << 4) | ARM64G_CC_OP_SUB32)) {
864 /* LT after SUB --> test argL <s argR */
865 return unop(Iop_1Uto64,
866 binop(Iop_CmpLT32S, unop(Iop_64to32, cc_dep1),
867 unop(Iop_64to32, cc_dep2)));
868 }
869 if (isU64(cond_n_op, (ARM64CondGE << 4) | ARM64G_CC_OP_SUB32)) {
870 /* GE after SUB --> test argL >=s argR
871 --> test argR <=s argL */
872 return unop(Iop_1Uto64,
873 binop(Iop_CmpLE32S, unop(Iop_64to32, cc_dep2),
874 unop(Iop_64to32, cc_dep1)));
875 }
876
877 /* 12, 13 */
878 if (isU64(cond_n_op, (ARM64CondGT << 4) | ARM64G_CC_OP_SUB32)) {
879 /* GT after SUB --> test argL >s argR
880 --> test argR <s argL */
881 return unop(Iop_1Uto64,
882 binop(Iop_CmpLT32S, unop(Iop_64to32, cc_dep2),
883 unop(Iop_64to32, cc_dep1)));
884 }
885 if (isU64(cond_n_op, (ARM64CondLE << 4) | ARM64G_CC_OP_SUB32)) {
886 /* LE after SUB --> test argL <=s argR */
887 return unop(Iop_1Uto64,
888 binop(Iop_CmpLE32S, unop(Iop_64to32, cc_dep1),
889 unop(Iop_64to32, cc_dep2)));
890 }
891
892 //ZZ /*---------------- SBB ----------------*/
893 //ZZ
894 //ZZ if (isU32(cond_n_op, (ARMCondHS << 4) | ARMG_CC_OP_SBB)) {
895 //ZZ /* This seems to happen a lot in softfloat code, eg __divdf3+140 */
896 //ZZ /* thunk is: (dep1=argL, dep2=argR, ndep=oldC) */
897 //ZZ /* HS after SBB (same as C after SBB below)
898 //ZZ --> oldC ? (argL >=u argR) : (argL >u argR)
899 //ZZ --> oldC ? (argR <=u argL) : (argR <u argL)
900 //ZZ */
901 //ZZ return
902 //ZZ IRExpr_ITE(
903 //ZZ binop(Iop_CmpNE32, cc_ndep, mkU32(0)),
904 //ZZ /* case oldC != 0 */
905 //ZZ unop(Iop_1Uto32, binop(Iop_CmpLE32U, cc_dep2, cc_dep1)),
906 //ZZ /* case oldC == 0 */
907 //ZZ unop(Iop_1Uto32, binop(Iop_CmpLT32U, cc_dep2, cc_dep1))
908 //ZZ );
909 //ZZ }
910 //ZZ
911 //ZZ /*---------------- LOGIC ----------------*/
912 //ZZ
913 //ZZ if (isU32(cond_n_op, (ARMCondEQ << 4) | ARMG_CC_OP_LOGIC)) {
914 //ZZ /* EQ after LOGIC --> test res == 0 */
915 //ZZ return unop(Iop_1Uto32,
916 //ZZ binop(Iop_CmpEQ32, cc_dep1, mkU32(0)));
917 //ZZ }
918 //ZZ if (isU32(cond_n_op, (ARMCondNE << 4) | ARMG_CC_OP_LOGIC)) {
919 //ZZ /* NE after LOGIC --> test res != 0 */
920 //ZZ return unop(Iop_1Uto32,
921 //ZZ binop(Iop_CmpNE32, cc_dep1, mkU32(0)));
922 //ZZ }
923 //ZZ
924 //ZZ if (isU32(cond_n_op, (ARMCondPL << 4) | ARMG_CC_OP_LOGIC)) {
925 //ZZ /* PL after LOGIC --> test (res >> 31) == 0 */
926 //ZZ return unop(Iop_1Uto32,
927 //ZZ binop(Iop_CmpEQ32,
928 //ZZ binop(Iop_Shr32, cc_dep1, mkU8(31)),
929 //ZZ mkU32(0)));
930 //ZZ }
931 //ZZ if (isU32(cond_n_op, (ARMCondMI << 4) | ARMG_CC_OP_LOGIC)) {
932 //ZZ /* MI after LOGIC --> test (res >> 31) == 1 */
933 //ZZ return unop(Iop_1Uto32,
934 //ZZ binop(Iop_CmpEQ32,
935 //ZZ binop(Iop_Shr32, cc_dep1, mkU8(31)),
936 //ZZ mkU32(1)));
937 //ZZ }
938
939 /*---------------- COPY ----------------*/
940
941 if (isU64(cond_n_op, (ARM64CondEQ << 4) | ARM64G_CC_OP_COPY)) {
942 /* EQ after COPY --> (cc_dep1 >> ARM64G_CC_SHIFT_Z) & 1 */
943 return binop(Iop_And64,
944 binop(Iop_Shr64, cc_dep1,
945 mkU8(ARM64G_CC_SHIFT_Z)),
946 mkU64(1));
947 }
948 if (isU64(cond_n_op, (ARM64CondNE << 4) | ARM64G_CC_OP_COPY)) {
949 /* NE after COPY --> ((cc_dep1 >> ARM64G_CC_SHIFT_Z) ^ 1) & 1 */
950 return binop(Iop_And64,
951 binop(Iop_Xor64,
952 binop(Iop_Shr64, cc_dep1,
953 mkU8(ARM64G_CC_SHIFT_Z)),
954 mkU64(1)),
955 mkU64(1));
956 }
957
958 //ZZ /*----------------- AL -----------------*/
959 //ZZ
960 //ZZ /* A critically important case for Thumb code.
961 //ZZ
962 //ZZ What we're trying to spot is the case where cond_n_op is an
963 //ZZ expression of the form Or32(..., 0xE0) since that means the
964 //ZZ caller is asking for CondAL and we can simply return 1
965 //ZZ without caring what the ... part is. This is a potentially
966 //ZZ dodgy kludge in that it assumes that the ... part has zeroes
967 //ZZ in bits 7:4, so that the result of the Or32 is guaranteed to
968 //ZZ be 0xE in bits 7:4. Given that the places where this first
969 //ZZ arg are constructed (in guest_arm_toIR.c) are very
970 //ZZ constrained, we can get away with this. To make this
971 //ZZ guaranteed safe would require to have a new primop, Slice44
972 //ZZ or some such, thusly
973 //ZZ
974 //ZZ Slice44(arg1, arg2) = 0--(24)--0 arg1[7:4] arg2[3:0]
975 //ZZ
976 //ZZ and we would then look for Slice44(0xE0, ...)
977 //ZZ which would give the required safety property.
978 //ZZ
979 //ZZ It would be infeasibly expensive to scan backwards through
980 //ZZ the entire block looking for an assignment to the temp, so
981 //ZZ just look at the previous 16 statements. That should find it
982 //ZZ if it is an interesting case, as a result of how the
983 //ZZ boilerplate guff at the start of each Thumb insn translation
984 //ZZ is made.
985 //ZZ */
986 //ZZ if (cond_n_op->tag == Iex_RdTmp) {
987 //ZZ Int j;
988 //ZZ IRTemp look_for = cond_n_op->Iex.RdTmp.tmp;
989 //ZZ Int limit = n_precedingStmts - 16;
990 //ZZ if (limit < 0) limit = 0;
991 //ZZ if (0) vex_printf("scanning %d .. %d\n", n_precedingStmts-1, limit);
992 //ZZ for (j = n_precedingStmts - 1; j >= limit; j--) {
993 //ZZ IRStmt* st = precedingStmts[j];
994 //ZZ if (st->tag == Ist_WrTmp
995 //ZZ && st->Ist.WrTmp.tmp == look_for
996 //ZZ && st->Ist.WrTmp.data->tag == Iex_Binop
997 //ZZ && st->Ist.WrTmp.data->Iex.Binop.op == Iop_Or32
998 //ZZ && isU32(st->Ist.WrTmp.data->Iex.Binop.arg2, (ARMCondAL << 4)))
999 //ZZ return mkU32(1);
1000 //ZZ }
1001 //ZZ /* Didn't find any useful binding to the first arg
1002 //ZZ in the previous 16 stmts. */
1003 //ZZ }
1004 }
1005
1006 //ZZ /* --------- specialising "armg_calculate_flag_c" --------- */
1007 //ZZ
1008 //ZZ else
1009 //ZZ if (vex_streq(function_name, "armg_calculate_flag_c")) {
1010 //ZZ
1011 //ZZ /* specialise calls to the "armg_calculate_flag_c" function.
1012 //ZZ Note that the returned value must be either 0 or 1; nonzero
1013 //ZZ bits 31:1 are not allowed. In turn, incoming oldV and oldC
1014 //ZZ values (from the thunk) are assumed to have bits 31:1
1015 //ZZ clear. */
1016 //ZZ IRExpr *cc_op, *cc_dep1, *cc_dep2, *cc_ndep;
1017 //ZZ vassert(arity == 4);
1018 //ZZ cc_op = args[0]; /* ARMG_CC_OP_* */
1019 //ZZ cc_dep1 = args[1];
1020 //ZZ cc_dep2 = args[2];
1021 //ZZ cc_ndep = args[3];
1022 //ZZ
1023 //ZZ if (isU32(cc_op, ARMG_CC_OP_LOGIC)) {
1024 //ZZ /* Thunk args are (result, shco, oldV) */
1025 //ZZ /* C after LOGIC --> shco */
1026 //ZZ return cc_dep2;
1027 //ZZ }
1028 //ZZ
1029 //ZZ if (isU32(cc_op, ARMG_CC_OP_SUB)) {
1030 //ZZ /* Thunk args are (argL, argR, unused) */
1031 //ZZ /* C after SUB --> argL >=u argR
1032 //ZZ --> argR <=u argL */
1033 //ZZ return unop(Iop_1Uto32,
1034 //ZZ binop(Iop_CmpLE32U, cc_dep2, cc_dep1));
1035 //ZZ }
1036 //ZZ
1037 //ZZ if (isU32(cc_op, ARMG_CC_OP_SBB)) {
1038 //ZZ /* This happens occasionally in softfloat code, eg __divdf3+140 */
1039 //ZZ /* thunk is: (dep1=argL, dep2=argR, ndep=oldC) */
1040 //ZZ /* C after SBB (same as HS after SBB above)
1041 //ZZ --> oldC ? (argL >=u argR) : (argL >u argR)
1042 //ZZ --> oldC ? (argR <=u argL) : (argR <u argL)
1043 //ZZ */
1044 //ZZ return
1045 //ZZ IRExpr_ITE(
1046 //ZZ binop(Iop_CmpNE32, cc_ndep, mkU32(0)),
1047 //ZZ /* case oldC != 0 */
1048 //ZZ unop(Iop_1Uto32, binop(Iop_CmpLE32U, cc_dep2, cc_dep1)),
1049 //ZZ /* case oldC == 0 */
1050 //ZZ unop(Iop_1Uto32, binop(Iop_CmpLT32U, cc_dep2, cc_dep1))
1051 //ZZ );
1052 //ZZ }
1053 //ZZ
1054 //ZZ }
1055 //ZZ
1056 //ZZ /* --------- specialising "armg_calculate_flag_v" --------- */
1057 //ZZ
1058 //ZZ else
1059 //ZZ if (vex_streq(function_name, "armg_calculate_flag_v")) {
1060 //ZZ
1061 //ZZ /* specialise calls to the "armg_calculate_flag_v" function.
1062 //ZZ Note that the returned value must be either 0 or 1; nonzero
1063 //ZZ bits 31:1 are not allowed. In turn, incoming oldV and oldC
1064 //ZZ values (from the thunk) are assumed to have bits 31:1
1065 //ZZ clear. */
1066 //ZZ IRExpr *cc_op, *cc_dep1, *cc_dep2, *cc_ndep;
1067 //ZZ vassert(arity == 4);
1068 //ZZ cc_op = args[0]; /* ARMG_CC_OP_* */
1069 //ZZ cc_dep1 = args[1];
1070 //ZZ cc_dep2 = args[2];
1071 //ZZ cc_ndep = args[3];
1072 //ZZ
1073 //ZZ if (isU32(cc_op, ARMG_CC_OP_LOGIC)) {
1074 //ZZ /* Thunk args are (result, shco, oldV) */
1075 //ZZ /* V after LOGIC --> oldV */
1076 //ZZ return cc_ndep;
1077 //ZZ }
1078 //ZZ
1079 //ZZ if (isU32(cc_op, ARMG_CC_OP_SUB)) {
1080 //ZZ /* Thunk args are (argL, argR, unused) */
1081 //ZZ /* V after SUB
1082 //ZZ --> let res = argL - argR
1083 //ZZ in ((argL ^ argR) & (argL ^ res)) >> 31
1084 //ZZ --> ((argL ^ argR) & (argL ^ (argL - argR))) >> 31
1085 //ZZ */
1086 //ZZ IRExpr* argL = cc_dep1;
1087 //ZZ IRExpr* argR = cc_dep2;
1088 //ZZ return
1089 //ZZ binop(Iop_Shr32,
1090 //ZZ binop(Iop_And32,
1091 //ZZ binop(Iop_Xor32, argL, argR),
1092 //ZZ binop(Iop_Xor32, argL, binop(Iop_Sub32, argL, argR))
1093 //ZZ ),
1094 //ZZ mkU8(31)
1095 //ZZ );
1096 //ZZ }
1097 //ZZ
1098 //ZZ if (isU32(cc_op, ARMG_CC_OP_SBB)) {
1099 //ZZ /* This happens occasionally in softfloat code, eg __divdf3+140 */
1100 //ZZ /* thunk is: (dep1=argL, dep2=argR, ndep=oldC) */
1101 //ZZ /* V after SBB
1102 //ZZ --> let res = argL - argR - (oldC ^ 1)
1103 //ZZ in (argL ^ argR) & (argL ^ res) & 1
1104 //ZZ */
1105 //ZZ return
1106 //ZZ binop(
1107 //ZZ Iop_And32,
1108 //ZZ binop(
1109 //ZZ Iop_And32,
1110 //ZZ // argL ^ argR
1111 //ZZ binop(Iop_Xor32, cc_dep1, cc_dep2),
1112 //ZZ // argL ^ (argL - argR - (oldC ^ 1))
1113 //ZZ binop(Iop_Xor32,
1114 //ZZ cc_dep1,
1115 //ZZ binop(Iop_Sub32,
1116 //ZZ binop(Iop_Sub32, cc_dep1, cc_dep2),
1117 //ZZ binop(Iop_Xor32, cc_ndep, mkU32(1)))
1118 //ZZ )
1119 //ZZ ),
1120 //ZZ mkU32(1)
1121 //ZZ );
1122 //ZZ }
1123 //ZZ
1124 //ZZ }
1125
1126 # undef unop
1127 # undef binop
1128 # undef mkU64
1129 # undef mkU8
1130
1131 return NULL;
1132 }
1133
1134
1135 /*----------------------------------------------*/
1136 /*--- The exported fns .. ---*/
1137 /*----------------------------------------------*/
1138
1139 //ZZ /* VISIBLE TO LIBVEX CLIENT */
1140 //ZZ #if 0
1141 //ZZ void LibVEX_GuestARM_put_flags ( UInt flags_native,
1142 //ZZ /*OUT*/VexGuestARMState* vex_state )
1143 //ZZ {
1144 //ZZ vassert(0); // FIXME
1145 //ZZ
1146 //ZZ /* Mask out everything except N Z V C. */
1147 //ZZ flags_native
1148 //ZZ &= (ARMG_CC_MASK_N | ARMG_CC_MASK_Z | ARMG_CC_MASK_V | ARMG_CC_MASK_C);
1149 //ZZ
1150 //ZZ vex_state->guest_CC_OP = ARMG_CC_OP_COPY;
1151 //ZZ vex_state->guest_CC_DEP1 = flags_native;
1152 //ZZ vex_state->guest_CC_DEP2 = 0;
1153 //ZZ vex_state->guest_CC_NDEP = 0;
1154 //ZZ }
1155 //ZZ #endif
1156
1157 /* VISIBLE TO LIBVEX CLIENT */
LibVEX_GuestARM64_get_nzcv(const VexGuestARM64State * vex_state)1158 ULong LibVEX_GuestARM64_get_nzcv ( /*IN*/const VexGuestARM64State* vex_state )
1159 {
1160 ULong nzcv = 0;
1161 // NZCV
1162 nzcv |= arm64g_calculate_flags_nzcv(
1163 vex_state->guest_CC_OP,
1164 vex_state->guest_CC_DEP1,
1165 vex_state->guest_CC_DEP2,
1166 vex_state->guest_CC_NDEP
1167 );
1168 vassert(0 == (nzcv & 0xFFFFFFFF0FFFFFFFULL));
1169 //ZZ // Q
1170 //ZZ if (vex_state->guest_QFLAG32 > 0)
1171 //ZZ cpsr |= (1 << 27);
1172 //ZZ // GE
1173 //ZZ if (vex_state->guest_GEFLAG0 > 0)
1174 //ZZ cpsr |= (1 << 16);
1175 //ZZ if (vex_state->guest_GEFLAG1 > 0)
1176 //ZZ cpsr |= (1 << 17);
1177 //ZZ if (vex_state->guest_GEFLAG2 > 0)
1178 //ZZ cpsr |= (1 << 18);
1179 //ZZ if (vex_state->guest_GEFLAG3 > 0)
1180 //ZZ cpsr |= (1 << 19);
1181 //ZZ // M
1182 //ZZ cpsr |= (1 << 4); // 0b10000 means user-mode
1183 //ZZ // J,T J (bit 24) is zero by initialisation above
1184 //ZZ // T we copy from R15T[0]
1185 //ZZ if (vex_state->guest_R15T & 1)
1186 //ZZ cpsr |= (1 << 5);
1187 //ZZ // ITSTATE we punt on for the time being. Could compute it
1188 //ZZ // if needed though.
1189 //ZZ // E, endianness, 0 (littleendian) from initialisation above
1190 //ZZ // A,I,F disable some async exceptions. Not sure about these.
1191 //ZZ // Leave as zero for the time being.
1192 return nzcv;
1193 }
1194
1195 /* VISIBLE TO LIBVEX CLIENT */
LibVEX_GuestARM64_get_fpsr(const VexGuestARM64State * vex_state)1196 ULong LibVEX_GuestARM64_get_fpsr ( const VexGuestARM64State* vex_state )
1197 {
1198 UInt w32 = vex_state->guest_QCFLAG[0] | vex_state->guest_QCFLAG[1]
1199 | vex_state->guest_QCFLAG[2] | vex_state->guest_QCFLAG[3];
1200 ULong fpsr = 0;
1201 // QC
1202 if (w32 != 0)
1203 fpsr |= (1 << 27);
1204 return fpsr;
1205 }
1206
LibVEX_GuestARM64_set_fpsr(VexGuestARM64State * vex_state,ULong fpsr)1207 void LibVEX_GuestARM64_set_fpsr ( /*MOD*/VexGuestARM64State* vex_state,
1208 ULong fpsr )
1209 {
1210 // QC
1211 vex_state->guest_QCFLAG[0] = (UInt)((fpsr >> 27) & 1);
1212 vex_state->guest_QCFLAG[1] = 0;
1213 vex_state->guest_QCFLAG[2] = 0;
1214 vex_state->guest_QCFLAG[3] = 0;
1215 }
1216
1217 /* VISIBLE TO LIBVEX CLIENT */
LibVEX_GuestARM64_initialise(VexGuestARM64State * vex_state)1218 void LibVEX_GuestARM64_initialise ( /*OUT*/VexGuestARM64State* vex_state )
1219 {
1220 vex_bzero(vex_state, sizeof(*vex_state));
1221 //ZZ vex_state->host_EvC_FAILADDR = 0;
1222 //ZZ vex_state->host_EvC_COUNTER = 0;
1223 //ZZ
1224 //ZZ vex_state->guest_R0 = 0;
1225 //ZZ vex_state->guest_R1 = 0;
1226 //ZZ vex_state->guest_R2 = 0;
1227 //ZZ vex_state->guest_R3 = 0;
1228 //ZZ vex_state->guest_R4 = 0;
1229 //ZZ vex_state->guest_R5 = 0;
1230 //ZZ vex_state->guest_R6 = 0;
1231 //ZZ vex_state->guest_R7 = 0;
1232 //ZZ vex_state->guest_R8 = 0;
1233 //ZZ vex_state->guest_R9 = 0;
1234 //ZZ vex_state->guest_R10 = 0;
1235 //ZZ vex_state->guest_R11 = 0;
1236 //ZZ vex_state->guest_R12 = 0;
1237 //ZZ vex_state->guest_R13 = 0;
1238 //ZZ vex_state->guest_R14 = 0;
1239 //ZZ vex_state->guest_R15T = 0; /* NB: implies ARM mode */
1240 //ZZ
1241 vex_state->guest_CC_OP = ARM64G_CC_OP_COPY;
1242 //ZZ vex_state->guest_CC_DEP1 = 0;
1243 //ZZ vex_state->guest_CC_DEP2 = 0;
1244 //ZZ vex_state->guest_CC_NDEP = 0;
1245 //ZZ vex_state->guest_QFLAG32 = 0;
1246 //ZZ vex_state->guest_GEFLAG0 = 0;
1247 //ZZ vex_state->guest_GEFLAG1 = 0;
1248 //ZZ vex_state->guest_GEFLAG2 = 0;
1249 //ZZ vex_state->guest_GEFLAG3 = 0;
1250 //ZZ
1251 //ZZ vex_state->guest_EMNOTE = EmNote_NONE;
1252 //ZZ vex_state->guest_CMSTART = 0;
1253 //ZZ vex_state->guest_CMLEN = 0;
1254 //ZZ vex_state->guest_NRADDR = 0;
1255 //ZZ vex_state->guest_IP_AT_SYSCALL = 0;
1256 //ZZ
1257 //ZZ vex_state->guest_D0 = 0;
1258 //ZZ vex_state->guest_D1 = 0;
1259 //ZZ vex_state->guest_D2 = 0;
1260 //ZZ vex_state->guest_D3 = 0;
1261 //ZZ vex_state->guest_D4 = 0;
1262 //ZZ vex_state->guest_D5 = 0;
1263 //ZZ vex_state->guest_D6 = 0;
1264 //ZZ vex_state->guest_D7 = 0;
1265 //ZZ vex_state->guest_D8 = 0;
1266 //ZZ vex_state->guest_D9 = 0;
1267 //ZZ vex_state->guest_D10 = 0;
1268 //ZZ vex_state->guest_D11 = 0;
1269 //ZZ vex_state->guest_D12 = 0;
1270 //ZZ vex_state->guest_D13 = 0;
1271 //ZZ vex_state->guest_D14 = 0;
1272 //ZZ vex_state->guest_D15 = 0;
1273 //ZZ vex_state->guest_D16 = 0;
1274 //ZZ vex_state->guest_D17 = 0;
1275 //ZZ vex_state->guest_D18 = 0;
1276 //ZZ vex_state->guest_D19 = 0;
1277 //ZZ vex_state->guest_D20 = 0;
1278 //ZZ vex_state->guest_D21 = 0;
1279 //ZZ vex_state->guest_D22 = 0;
1280 //ZZ vex_state->guest_D23 = 0;
1281 //ZZ vex_state->guest_D24 = 0;
1282 //ZZ vex_state->guest_D25 = 0;
1283 //ZZ vex_state->guest_D26 = 0;
1284 //ZZ vex_state->guest_D27 = 0;
1285 //ZZ vex_state->guest_D28 = 0;
1286 //ZZ vex_state->guest_D29 = 0;
1287 //ZZ vex_state->guest_D30 = 0;
1288 //ZZ vex_state->guest_D31 = 0;
1289 //ZZ
1290 //ZZ /* ARM encoded; zero is the default as it happens (result flags
1291 //ZZ (NZCV) cleared, FZ disabled, round to nearest, non-vector mode,
1292 //ZZ all exns masked, all exn sticky bits cleared). */
1293 //ZZ vex_state->guest_FPSCR = 0;
1294 //ZZ
1295 //ZZ vex_state->guest_TPIDRURO = 0;
1296 //ZZ
1297 //ZZ /* Not in a Thumb IT block. */
1298 //ZZ vex_state->guest_ITSTATE = 0;
1299 //ZZ
1300 //ZZ vex_state->padding1 = 0;
1301 //ZZ vex_state->padding2 = 0;
1302 //ZZ vex_state->padding3 = 0;
1303 //ZZ vex_state->padding4 = 0;
1304 //ZZ vex_state->padding5 = 0;
1305 }
1306
1307
1308 /*-----------------------------------------------------------*/
1309 /*--- Describing the arm guest state, for the benefit ---*/
1310 /*--- of iropt and instrumenters. ---*/
1311 /*-----------------------------------------------------------*/
1312
1313 /* Figure out if any part of the guest state contained in minoff
1314 .. maxoff requires precise memory exceptions. If in doubt return
1315 True (but this generates significantly slower code).
1316
1317 We enforce precise exns for guest SP, PC, 29(FP), 30(LR).
1318 That might be overkill (for 29 and 30); I don't know.
1319 */
guest_arm64_state_requires_precise_mem_exns(Int minoff,Int maxoff,VexRegisterUpdates pxControl)1320 Bool guest_arm64_state_requires_precise_mem_exns (
1321 Int minoff, Int maxoff, VexRegisterUpdates pxControl
1322 )
1323 {
1324 Int xsp_min = offsetof(VexGuestARM64State, guest_XSP);
1325 Int xsp_max = xsp_min + 8 - 1;
1326 Int pc_min = offsetof(VexGuestARM64State, guest_PC);
1327 Int pc_max = pc_min + 8 - 1;
1328
1329 if (maxoff < xsp_min || minoff > xsp_max) {
1330 /* no overlap with xsp */
1331 if (pxControl == VexRegUpdSpAtMemAccess)
1332 return False; // We only need to check stack pointer.
1333 } else {
1334 return True;
1335 }
1336
1337 if (maxoff < pc_min || minoff > pc_max) {
1338 /* no overlap with pc */
1339 } else {
1340 return True;
1341 }
1342
1343 /* Guessing that we need PX for FP, but I don't really know. */
1344 Int x29_min = offsetof(VexGuestARM64State, guest_X29);
1345 Int x29_max = x29_min + 8 - 1;
1346
1347 if (maxoff < x29_min || minoff > x29_max) {
1348 /* no overlap with x29 */
1349 } else {
1350 return True;
1351 }
1352
1353 /* Guessing that we need PX for LR, but I don't really know. */
1354 Int x30_min = offsetof(VexGuestARM64State, guest_X30);
1355 Int x30_max = x30_min + 8 - 1;
1356
1357 if (maxoff < x30_min || minoff > x30_max) {
1358 /* no overlap with r30 */
1359 } else {
1360 return True;
1361 }
1362
1363 return False;
1364 }
1365
1366
1367 #define ALWAYSDEFD(field) \
1368 { offsetof(VexGuestARM64State, field), \
1369 (sizeof ((VexGuestARM64State*)0)->field) }
1370 VexGuestLayout
1371 arm64Guest_layout
1372 = {
1373 /* Total size of the guest state, in bytes. */
1374 .total_sizeB = sizeof(VexGuestARM64State),
1375
1376 /* Describe the stack pointer. */
1377 .offset_SP = offsetof(VexGuestARM64State,guest_XSP),
1378 .sizeof_SP = 8,
1379
1380 /* Describe the instruction pointer. */
1381 .offset_IP = offsetof(VexGuestARM64State,guest_PC),
1382 .sizeof_IP = 8,
1383
1384 /* Describe any sections to be regarded by Memcheck as
1385 'always-defined'. */
1386 .n_alwaysDefd = 9,
1387
1388 /* flags thunk: OP is always defd, whereas DEP1 and DEP2
1389 have to be tracked. See detailed comment in gdefs.h on
1390 meaning of thunk fields. */
1391 .alwaysDefd
1392 = { /* 0 */ ALWAYSDEFD(guest_PC),
1393 /* 1 */ ALWAYSDEFD(guest_CC_OP),
1394 /* 2 */ ALWAYSDEFD(guest_CC_NDEP),
1395 /* 3 */ ALWAYSDEFD(guest_EMNOTE),
1396 /* 4 */ ALWAYSDEFD(guest_CMSTART),
1397 /* 5 */ ALWAYSDEFD(guest_CMLEN),
1398 /* 6 */ ALWAYSDEFD(guest_NRADDR),
1399 /* 7 */ ALWAYSDEFD(guest_IP_AT_SYSCALL),
1400 /* 8 */ ALWAYSDEFD(guest_TPIDR_EL0)
1401 }
1402 };
1403
1404
1405 /*---------------------------------------------------------------*/
1406 /*--- end guest_arm64_helpers.c ---*/
1407 /*---------------------------------------------------------------*/
1408