diff --git a/librz/arch/isa/arm/arm_il32.c b/librz/arch/isa/arm/arm_il32.c index d895222110b..1bc2340bd79 100644 --- a/librz/arch/isa/arm/arm_il32.c +++ b/librz/arch/isa/arm/arm_il32.c @@ -3623,12 +3623,12 @@ RZ_IPI bool rz_arm_cs_is_float_insn(const cs_insn *insn) { switch (group_it) { default: break; - case ARM_FEATURE_HasNEON: - case ARM_FEATURE_HasVFP2: - case ARM_FEATURE_HasVFP3: - case ARM_FEATURE_HasVFP4: - case ARM_FEATURE_HasDPVFP: - case ARM_FEATURE_HasMVEFloat: + case ARM_FEATURE_HASNEON: + case ARM_FEATURE_HASVFP2: + case ARM_FEATURE_HASVFP3: + case ARM_FEATURE_HASVFP4: + case ARM_FEATURE_HASDPVFP: + case ARM_FEATURE_HASMVEFLOAT: return true; } group_it = insn->detail->groups[++i]; @@ -3653,7 +3653,7 @@ static RzILOpEffect *try_as_int_cvt(cs_insn *insn, bool is_thumb, bool *success) ut32 fl_sz = rz_float_get_format_info(is_f2i ? from_fmt : to_fmt, RZ_FLOAT_INFO_TOTAL_LEN); #if CS_NEXT_VERSION >= 6 - if (!rz_arm_cs_is_group_member(insn, ARM_FEATURE_HasNEON)) { + if (!rz_arm_cs_is_group_member(insn, ARM_FEATURE_HASNEON)) { #else if (!rz_arm_cs_is_group_member(insn, ARM_GRP_NEON)) { #endif @@ -3890,7 +3890,7 @@ static RzILOpEffect *vadd(cs_insn *insn, bool is_thumb) { bool is_float_vec = fmt == RZ_FLOAT_UNK ? false : true; #if CS_NEXT_VERSION >= 6 - if (!rz_arm_cs_is_group_member(insn, ARM_FEATURE_HasNEON)) { + if (!rz_arm_cs_is_group_member(insn, ARM_FEATURE_HASNEON)) { #else if (!rz_arm_cs_is_group_member(insn, ARM_GRP_NEON)) { #endif @@ -3941,7 +3941,7 @@ static RzILOpEffect *vsub(cs_insn *insn, bool is_thumb) { bool is_float_vec = fmt == RZ_FLOAT_UNK ? false : true; #if CS_NEXT_VERSION >= 6 - if (!rz_arm_cs_is_group_member(insn, ARM_FEATURE_HasNEON)) { + if (!rz_arm_cs_is_group_member(insn, ARM_FEATURE_HASNEON)) { #else if (!rz_arm_cs_is_group_member(insn, ARM_GRP_NEON)) { #endif @@ -3990,7 +3990,7 @@ static RzILOpEffect *vmul(cs_insn *insn, bool is_thumb) { RzFloatFormat fmt = dt2fmt(dt); #if CS_NEXT_VERSION >= 6 - if (!rz_arm_cs_is_group_member(insn, ARM_FEATURE_HasNEON)) { + if (!rz_arm_cs_is_group_member(insn, ARM_FEATURE_HASNEON)) { #else if (!rz_arm_cs_is_group_member(insn, ARM_GRP_NEON)) { #endif diff --git a/librz/arch/isa/xtensa/xtensa.h b/librz/arch/isa/xtensa/xtensa.h index bac49bba876..edec9923343 100644 --- a/librz/arch/isa/xtensa/xtensa.h +++ b/librz/arch/isa/xtensa/xtensa.h @@ -31,6 +31,7 @@ bool xtensa_open(XtensaContext *ctx, const char *cpu, bool big_endian); bool xtensa_disassemble(XtensaContext *self, const ut8 *buf, int len, ut64 addr); void xtensa_disassemble_fini(XtensaContext *self); void xtensa_analyze_op_esil(XtensaContext *ctx, RzAnalysisOp *op); +void xtensa_analyze_op_rzil(XtensaContext *ctx, RzAnalysisOp *op); static inline cs_xtensa_op_mem *xtensa_op_mem(cs_insn *insn, unsigned int index) { cs_xtensa_op *op = &insn->detail->xtensa.operands[index]; @@ -56,12 +57,13 @@ static inline int32_t xtensa_op_l32r(cs_insn *insn, unsigned int index) { return op->imm; } -#define XOP(I) (ctx->insn->detail->xtensa.operands + I) -#define MEM(I) xtensa_op_mem(ctx->insn, I) -#define REGI(I) xtensa_op_reg(ctx->insn, I) -#define REGN(I) cs_reg_name(ctx->handle, (xtensa_op_reg(ctx->insn, I))) -#define IMM(I) xtensa_op_imm(ctx->insn, I) -#define L32R(I) xtensa_op_l32r(ctx->insn, I) -#define INSN_SIZE (ctx->insn->size) +#define XOP(I) (ctx->insn->detail->xtensa.operands + I) +#define MEM(I) xtensa_op_mem(ctx->insn, I) +#define REGI(I) xtensa_op_reg(ctx->insn, I) +#define REGNAME(I) cs_reg_name(ctx->handle, (I)) +#define REGN(I) REGNAME(REGI((I))) +#define IMM(I) xtensa_op_imm(ctx->insn, I) +#define L32R(I) xtensa_op_l32r(ctx->insn, I) +#define INSN_SIZE (ctx->insn->size) #endif // RZ_XTENSA_H diff --git a/librz/arch/isa/xtensa/xtensa_il.c b/librz/arch/isa/xtensa/xtensa_il.c new file mode 100644 index 00000000000..cc0d3ef4557 --- /dev/null +++ b/librz/arch/isa/xtensa/xtensa_il.c @@ -0,0 +1,1775 @@ +// SPDX-FileCopyrightText: 2024 billow +// SPDX-License-Identifier: LGPL-3.0-only + +#include "xtensa.h" + +static const char *epc_tbl[] = { + NULL, "epc1", "epc2", "epc3", "epc4", "epc5", "epc6", "epc7" +}; +static const char *eps_tbl[] = { + NULL, "eps1", "eps2", "eps3", "eps4", "eps5", "eps6", "eps7" +}; + +#include + +#define FORMAT (ctx->insn->detail->xtensa.format) +#define PC (ctx->insn->address) +#define nextPC (ctx->insn->address + ctx->insn->size) + +#define IREG(I) VARG(REGN(I)) +#define IREGi(I, i) VARG(cs_reg_name(ctx->handle, (REGI(I) + i))) +#define IMEM(I) ADD(VARG(REGNAME(MEM((I))->base)), S32(MEM((I))->disp)) +#define IEPC(I) VARG(epc_tbl[I]) +#define IEPS(I) VARG(eps_tbl[I]) + +#define ABS(X) ITE(SGT(X, S32(0)), X, NEG(X)) +#define V32(X) UNSIGNED(32, (X)) +#define V64(X) UNSIGNED(64, (X)) + +typedef RzAnalysisLiftedILOp (*fn_analyze_op_il)(XtensaContext *ctx); +typedef RzILOpPure *(fn_op2)(RzILOpBool *x, RzILOpBool *y); + +enum { + PS_INTLEVEL, + PS_EXCM, + PS_UM, + PS_RING, + PS_OWB, + PS_CALLINC, + PS_WOE, +}; + +typedef struct { + ut32 field; + ut8 offset; + ut8 width; +} RegField; + +typedef struct { + RegField tbl[64]; + size_t size; + ut8 width; +} RegFieldTbl; + +static const RegFieldTbl ps_field_tbl = { + .tbl = { + { PS_INTLEVEL, 0, 4 }, + { PS_EXCM, 4, 1 }, + { PS_UM, 5, 1 }, + { PS_RING, 6, 2 }, + { PS_OWB, 8, 4 }, + { PS_CALLINC, 16, 2 }, + { PS_WOE, 18, 1 }, + }, + .size = 7, + .width = 32, +}; + +static RzILOpPure *reg_field_set(const RegFieldTbl *tbl, ut32 field, RzILOpPure *orig, RzILOpPure *v) { + for (size_t i = 0; i < tbl->size; ++i) { + const RegField *f = tbl->tbl + i; + if (field == f->field) { + return tbl->width == 32 + ? DEPOSIT32(orig, U32(f->offset), U32(f->width), v) + : DEPOSIT64(orig, U32(f->offset), U32(f->width), v); + } + } + rz_warn_if_reached(); + return NULL; +} + +static RzAnalysisLiftedILOp op_abs(XtensaContext *ctx) { + return SETG(REGN(0), ABS(IREG(1))); +} + +static RzAnalysisLiftedILOp op_abs_s(XtensaContext *ctx) { + return SETG(REGN(0), UNSIGNED(64, F2BV(FABS(FLOATV32(IREG(1)))))); +} + +static RzAnalysisLiftedILOp op_add(XtensaContext *ctx) { + return SETG(REGN(0), ADD(IREG(1), IREG(2))); +} + +static RzAnalysisLiftedILOp op_addi(XtensaContext *ctx) { + return SETG(REGN(0), ADD(IREG(1), S32(IMM(2)))); +} + +// Fixme: statusflags +static RzAnalysisLiftedILOp op_add_s(XtensaContext *ctx) { + return SETG(REGN(0), UNSIGNED(64, F2BV(FADD(RZ_FLOAT_RMODE_RNA, FLOATV32(IREG(1)), FLOATV32(IREG(2)))))); +} + +static RzILOpPure *apply2_range2(RzILOpPure *self, fn_op2 fn, RzILOpPure *x, RzILOpPure *y, + unsigned begin1, unsigned begin2, unsigned length) { + return DEPOSIT64( + self, + U64(begin1), U32(length), + fn(EXTRACT64(x, U64(begin1), U32(length)), EXTRACT64(y, U64(begin2), U32(length)))); +} + +static RzILOpPure *f_add_sub127(RzILOpPure *x, RzILOpPure *y) { + return SUB(ADD(x, y), U64(127)); +} + +static RzAnalysisLiftedILOp op_addexp_s(XtensaContext *ctx) { + return SEQ3( + SETL("FRr", apply2_range2(IREG(0), rz_il_op_new_log_xor, IREG(0), IREG(1), 31, 31, 1)), + SETL("FRr", apply2_range2(VARL("FRr"), f_add_sub127, IREG(0), IREG(1), 23, 23, 8)), + SETG(REGN(0), VARL("FRr"))); +} + +static RzAnalysisLiftedILOp op_addexpm_s(XtensaContext *ctx) { + return SEQ3( + SETL("FRr", apply2_range2(IREG(0), rz_il_op_new_log_xor, IREG(0), IREG(1), 31, 22, 1)), + SETL("FRr", apply2_range2(VARL("FRr"), f_add_sub127, IREG(0), IREG(1), 23, 14, 8)), + SETG(REGN(0), VARL("FRr"))); +} + +static RzAnalysisLiftedILOp op_addx2(XtensaContext *ctx) { + return SETG(REGN(0), ADD(SHIFTL0(IREG(1), U32(1)), IREG(2))); +} + +static RzAnalysisLiftedILOp op_addx4(XtensaContext *ctx) { + return SETG(REGN(0), ADD(SHIFTL0(IREG(1), U32(2)), IREG(2))); +} + +static RzAnalysisLiftedILOp op_addx8(XtensaContext *ctx) { + return SETG(REGN(0), ADD(SHIFTL0(IREG(1), U32(3)), IREG(2))); +} + +static uint8_t RRR_s(XtensaContext *ctx) { + return ctx->insn->bytes[1] & 0xf; +} + +static RzAnalysisLiftedILOp op_binary4(XtensaContext *ctx, fn_op2 f) { + rz_return_val_if_fail(FORMAT == XTENSA_INSN_FORM_RRR && RRR_s(ctx) % 4 == 0, NULL); + return SETG(REGN(0), f(f(f(IREGi(1, 0), IREGi(1, 1)), IREGi(1, 2)), IREGi(1, 3))); +} + +static RzAnalysisLiftedILOp op_binary8(XtensaContext *ctx, fn_op2 f) { + rz_return_val_if_fail(FORMAT == XTENSA_INSN_FORM_RRR && RRR_s(ctx) % 8 == 0, NULL); + return SETG(REGN(0), + f(f(f(f(f(f(f(IREGi(1, 0), IREGi(1, 1)), IREGi(1, 2)), IREGi(1, 3)), IREGi(1, 4)), IREGi(1, 5)), IREGi(1, 6)), IREGi(1, 7))); +} + +static RzAnalysisLiftedILOp op_all4(XtensaContext *ctx) { + return op_binary4(ctx, rz_il_op_new_bool_and); +} + +static RzAnalysisLiftedILOp op_all8(XtensaContext *ctx) { + return op_binary8(ctx, rz_il_op_new_bool_and); +} + +static RzAnalysisLiftedILOp op_any4(XtensaContext *ctx) { + return op_binary4(ctx, rz_il_op_new_bool_or); +} + +static RzAnalysisLiftedILOp op_any8(XtensaContext *ctx) { + return op_binary8(ctx, rz_il_op_new_bool_or); +} + +static RzAnalysisLiftedILOp op_and(XtensaContext *ctx) { + return SETG(REGN(0), LOGAND(IREG(1), IREG(2))); +} + +static RzAnalysisLiftedILOp op_andb(XtensaContext *ctx) { + return SETG(REGN(0), AND(IREG(1), IREG(2))); +} + +static RzAnalysisLiftedILOp op_andbc(XtensaContext *ctx) { + return SETG(REGN(0), AND(IREG(1), INV(IREG(2)))); +} + +static RzAnalysisLiftedILOp op_ball(XtensaContext *ctx) { + return BRANCH( + IS_ZERO(LOGAND(LOGNOT(IREG(0)), IREG(1))), + JMP(U32(PC + IMM(2))), + NOP()); +} + +static RzAnalysisLiftedILOp op_bnall(XtensaContext *ctx) { + return BRANCH( + NON_ZERO(LOGAND(LOGNOT(IREG(0)), IREG(1))), + JMP(U32(PC + IMM(2))), + NOP()); +} + +static RzAnalysisLiftedILOp op_bany(XtensaContext *ctx) { + return BRANCH( + NON_ZERO(LOGAND(IREG(0), IREG(1))), + JMP(U32(PC + IMM(2))), + NOP()); +} + +static RzAnalysisLiftedILOp op_bnone(XtensaContext *ctx) { + return BRANCH( + IS_ZERO(LOGAND(IREG(0), IREG(1))), + JMP(U32(PC + IMM(2))), + NOP()); +} + +static RzILOpPure *msbFirst_n(XtensaContext *ctx, unsigned n) { + bool big_endian = (ctx->mode & CS_MODE_BIG_ENDIAN) == CS_MODE_BIG_ENDIAN; + return big_endian ? U32((1 << n) - 1) : U32(0); +} + +#define msbFirst(n) msbFirst_n(ctx, n) + +static RzAnalysisLiftedILOp op_bbc(XtensaContext *ctx) { + return SEQ2( + SETL("b", LOGXOR(EXTRACT32(IREG(1), U32(0), U32(5)), msbFirst(5))), + BRANCH( + IS_ZERO(EXTRACT32(IREG(0), VARL("b"), U32(1))), + JMP(U32(PC + IMM(2))), + NOP())); +} + +static RzAnalysisLiftedILOp op_bbs(XtensaContext *ctx) { + return SEQ2( + SETL("b", LOGXOR(EXTRACT32(IREG(1), U32(0), U32(5)), msbFirst(5))), + BRANCH( + NON_ZERO(EXTRACT32(IREG(0), VARL("b"), U32(1))), + JMP(U32(PC + IMM(2))), + NOP())); +} + +static RzAnalysisLiftedILOp op_bbci(XtensaContext *ctx) { + return SEQ2( + SETL("b", LOGXOR(U32(IMM(1)), msbFirst(5))), + BRANCH( + IS_ZERO(EXTRACT32(IREG(0), VARL("b"), U32(1))), + JMP(U32(PC + IMM(2))), + NOP())); +} + +static RzAnalysisLiftedILOp op_bbsi(XtensaContext *ctx) { + return SEQ2( + SETL("b", LOGXOR(U32(IMM(1)), msbFirst(5))), + BRANCH( + NON_ZERO(EXTRACT32(IREG(0), VARL("b"), U32(1))), + JMP(U32(PC + IMM(2))), + NOP())); +} + +static RzAnalysisLiftedILOp op_beq(XtensaContext *ctx) { + return BRANCH( + EQ(IREG(0), IREG(1)), + JMP(U32(PC + IMM(2))), + NOP()); +} + +static RzAnalysisLiftedILOp op_bne(XtensaContext *ctx) { + return BRANCH( + NE(IREG(0), IREG(1)), + JMP(U32(PC + IMM(2))), + NOP()); +} + +static RzAnalysisLiftedILOp op_beqi(XtensaContext *ctx) { + return BRANCH( + EQ(IREG(0), U32(IMM(1))), + JMP(U32(PC + IMM(2))), + NOP()); +} + +static RzAnalysisLiftedILOp op_bnei(XtensaContext *ctx) { + return BRANCH( + NE(IREG(0), U32(IMM(1))), + JMP(U32(PC + IMM(2))), + NOP()); +} + +static RzAnalysisLiftedILOp op_beqz(XtensaContext *ctx) { + return BRANCH( + EQ(IREG(0), U32(0)), + JMP(U32(PC + IMM(1))), + NOP()); +} + +static RzAnalysisLiftedILOp op_bnez(XtensaContext *ctx) { + return BRANCH( + NE(IREG(0), U32(0)), + JMP(U32(PC + IMM(1))), + NOP()); +} + +static RzAnalysisLiftedILOp op_bf(XtensaContext *ctx) { + return BRANCH( + IREG(0), + JMP(U32(PC + IMM(1))), + NOP()); +} + +static RzAnalysisLiftedILOp op_bt(XtensaContext *ctx) { + return BRANCH( + INV(IREG(0)), + JMP(U32(PC + IMM(1))), + NOP()); +} + +static RzAnalysisLiftedILOp op_bge(XtensaContext *ctx) { + return BRANCH( + SGE(IREG(0), IREG(1)), + JMP(U32(PC + IMM(2))), + NOP()); +} + +static RzAnalysisLiftedILOp op_blt(XtensaContext *ctx) { + return BRANCH( + SLT(IREG(0), IREG(1)), + JMP(U32(PC + IMM(2))), + NOP()); +} + +static RzAnalysisLiftedILOp op_bgei(XtensaContext *ctx) { + return BRANCH( + SGE(IREG(0), S32(IMM(1))), + JMP(U32(PC + IMM(2))), + NOP()); +} + +static RzAnalysisLiftedILOp op_blti(XtensaContext *ctx) { + return BRANCH( + SLT(IREG(0), S32(IMM(1))), + JMP(U32(PC + IMM(2))), + NOP()); +} + +static RzAnalysisLiftedILOp op_bgeu(XtensaContext *ctx) { + return BRANCH( + UGE(IREG(0), IREG(1)), + JMP(U32(PC + IMM(2))), + NOP()); +} + +static RzAnalysisLiftedILOp op_bltu(XtensaContext *ctx) { + return BRANCH( + ULT(IREG(0), IREG(1)), + JMP(U32(PC + IMM(2))), + NOP()); +} + +static RzAnalysisLiftedILOp op_bgeui(XtensaContext *ctx) { + return BRANCH( + UGE(IREG(0), S32(IMM(1))), + JMP(U32(PC + IMM(2))), + NOP()); +} + +static RzAnalysisLiftedILOp op_bltui(XtensaContext *ctx) { + return BRANCH( + ULT(IREG(0), S32(IMM(1))), + JMP(U32(PC + IMM(2))), + NOP()); +} + +static RzAnalysisLiftedILOp op_bgez(XtensaContext *ctx) { + return BRANCH( + SGE(IREG(0), S32(0)), + JMP(U32(PC + IMM(1))), + NOP()); +} + +static RzAnalysisLiftedILOp op_bltz(XtensaContext *ctx) { + return BRANCH( + SLT(IREG(0), S32(0)), + JMP(U32(PC + IMM(1))), + NOP()); +} + +// Fixme: break +static RzAnalysisLiftedILOp op_break(XtensaContext *ctx) { + return NOP(); +} + +static RzAnalysisLiftedILOp op_call0(XtensaContext *ctx) { + return SEQ2( + SETG("a0", U32(nextPC)), + JMP(U32(PC + IMM(0)))); +} + +// Fixme: WindowCheck +static RzAnalysisLiftedILOp op_call4(XtensaContext *ctx) { + return SEQ2( + SETG("a4", U32(0x40000000 | (nextPC & 0x3fffffff))), + JMP(U32(PC + IMM(0)))); +} + +// Fixme: WindowCheck +static RzAnalysisLiftedILOp op_call8(XtensaContext *ctx) { + return SEQ2( + SETG("a8", U32(0x80000000 | (nextPC & 0x3fffffff))), + JMP(U32(PC + IMM(0)))); +} + +// Fixme: WindowCheck +static RzAnalysisLiftedILOp op_call12(XtensaContext *ctx) { + return SEQ2( + SETG("a12", U32(0xc0000000 | (nextPC & 0x3fffffff))), + JMP(U32(PC + IMM(0)))); +} + +static RzAnalysisLiftedILOp op_callx0(XtensaContext *ctx) { + return SEQ3( + SETL("next", IREG(0)), + SETG("a0", U32(nextPC)), + JMP(VARL("next"))); +} + +// Fixme: WindowCheck +static RzAnalysisLiftedILOp op_callx4(XtensaContext *ctx) { + return SEQ3( + SETL("next", IREG(0)), + SETG("a4", U32(0x1 << 29 | (nextPC & 0x3fffffff))), + JMP(VARL("next"))); +} + +// Fixme: WindowCheck +static RzAnalysisLiftedILOp op_callx8(XtensaContext *ctx) { + return SEQ3( + SETL("next", IREG(0)), + SETG("a8", U32(0x2 << 29 | (nextPC & 0x3fffffff))), + JMP(VARL("next"))); +} + +// Fixme: WindowCheck +static RzAnalysisLiftedILOp op_callx12(XtensaContext *ctx) { + return SEQ3( + SETL("next", IREG(0)), + SETG("a12", U32(0x3 << 29 | (nextPC & 0x3fffffff))), + JMP(VARL("next"))); +} + +// Fixme: statusflags: VI +static RzAnalysisLiftedILOp op_ceil_s(XtensaContext *ctx) { + return SETG(REGN(0), F2INT(32, RZ_FLOAT_RMODE_RNA, FLOATV32(IREG(1)))); +} + +static RzAnalysisLiftedILOp op_clamps(XtensaContext *ctx) { + unsigned t = IMM(2); + return SEQ4( + SETL("low", F32(pow(-2, t))), + SETL("high", F32(pow(2, t) - 1)), + SETL("x", FLOATV32(IREG(1))), + SETG(REGN(0), F2BV(ITE(FGT(VARL("x"), VARL("high")), VARL("high"), ITE(FLT(VARL("x"), VARL("low")), VARL("low"), VARL("x")))))); +} + +static const double const_s_tbl[16] = { + .0, + 1., + 2., + .5, + 0, +}; + +static RzAnalysisLiftedILOp op_const_s(XtensaContext *ctx) { + return SETG(REGN(0), UNSIGNED(64, F2BV(F32(const_s_tbl[IMM(1)])))); +} + +/** + * /see p114 https://www.cadence.com/content/dam/cadence-www/global/en_US/documents/tools/silicon-solutions/compute-ip/isa-summary.pdf + * /brief All single-precision and double-precision divide and reciprocal sequences start with the + * following table lookup approximation: + * + * The row in the table is determined by the first three mantissa bits after the hidden bit in the + * divisor. If the divisor is a denormal, then it is normalized and the row in the table is + * determined by the first three mantissa bits after the ’1’ at the beginning. Which entry in the + * row is determined by the next four mantissa bits. The decimal number in the table is + * converted to an 8-bit value, which determines the first eight bits of the first reciprocal + * approximation, including the hidden bit. This process results in a worst case relative error of + * 2**-7.485. The values in the table cover the range for a single exponent starting at just over a + * power of two and going up to just under the next power of two. + */ +// static const ut8 divide_seq[] = { +// 255, 253, 251, 249, 247, 245, 244, 242, 240, 238, 237, 235, 233, 232, 230, 228, +// 227, 225, 224, 222, 221, 219, 218, 216, 215, 213, 212, 211, 209, 208, 207, 205, +// 204, 203, 202, 200, 199, 198, 197, 196, 194, 193, 192, 191, 190, 189, 188, 187, +// 186, 185, 184, 183, 182, 181, 180, 179, 178, 177, 176, 175, 174, 173, 172, 171, +// 170, 169, 168, 168, 167, 166, 165, 164, 163, 163, 162, 161, 160, 159, 159, 158, +// 157, 156, 156, 155, 154, 153, 153, 152, 151, 151, 150, 149, 149, 148, 147, 147, +// 146, 145, 145, 144, 143, 143, 142, 142, 141, 140, 140, 139, 139, 138, 137, 137, +// 136, 136, 135, 135, 134, 133, 133, 132, 132, 131, 131, 130, 130, 129, 129, 129 +// }; +// FIXME: maybe wrong +static RzAnalysisLiftedILOp op_div0_s(XtensaContext *ctx) { + return SETG(REGN(0), UNSIGNED(64, F2BV(FDIV(RZ_FLOAT_RMODE_RNA, FLOATV32(IREG(0)), FLOATV32(IREG(1)))))); +} + +// FIXME: statusflags +static RzAnalysisLiftedILOp op_divn_s(XtensaContext *ctx) { + return SEQ4( + SETL("fr", FLOATV32(IREG(0))), + SETL("fs", FLOATV32(IREG(1))), + SETL("ft", FLOATV32(IREG(2))), + SETG(REGN(0), UNSIGNED(64, F2BV(FADD(RZ_FLOAT_RMODE_RNA, VARL("fr"), FMUL(RZ_FLOAT_RMODE_RNA, VARL("fs"), FNEG(VARL("ft")))))))); +} + +static RzAnalysisLiftedILOp op_dsync(XtensaContext *ctx) { + return NOP(); +} + +// TODO: windowcheck +static RzAnalysisLiftedILOp op_entry(XtensaContext *ctx) { + return NOP(); +} + +static RzAnalysisLiftedILOp op_esync(XtensaContext *ctx) { + return NOP(); +} + +static RzAnalysisLiftedILOp op_excw(XtensaContext *ctx) { + return NOP(); +} + +static RzAnalysisLiftedILOp op_extui(XtensaContext *ctx) { + rz_return_val_if_fail(IMM(3) <= 0xf, NULL); + ut32 mask = (1 << (IMM(3) + 1)) - 1; + ut32 sa = IMM(2); + return SETG(REGN(0), + LET("at", IREG(1), + LOGAND(U32(mask), LET("at1", DEPOSIT32(VARLP("at"), U32(31), U32(1), U32(0)), SHIFTR0(VARLP("at1"), U32(sa)))))); +} + +static RzAnalysisLiftedILOp op_extw(XtensaContext *ctx) { + return NOP(); +} + +// FIXME: statusflags +static RzAnalysisLiftedILOp op_float_s(XtensaContext *ctx) { + return SETG(REGN(0), + UNSIGNED(64, + F2BV( + INT2F(RZ_FLOAT_IEEE754_BIN_32, RZ_FLOAT_RMODE_RNA, DIV(IREG(1), U32(pow(2, -IMM(2)))))))); +} + +// FIXME: statusflags +static RzAnalysisLiftedILOp op_floor_s(XtensaContext *ctx) { + return SETG(REGN(0), + F2SINT(32, RZ_FLOAT_RMODE_RNA, FMUL(RZ_FLOAT_RMODE_RNA, FLOATV32(IREG(1)), F32(pow(2, IMM(2)))))); +} + +static RzAnalysisLiftedILOp op_isync(XtensaContext *ctx) { + return NOP(); +} + +static RzAnalysisLiftedILOp op_j(XtensaContext *ctx) { + return JMP(U32(PC + IMM(0))); +} + +static RzAnalysisLiftedILOp op_jx(XtensaContext *ctx) { + return JMP(IREG(0)); +} + +static RzAnalysisLiftedILOp op_l8ui(XtensaContext *ctx) { + return SETG(REGN(0), UNSIGNED(32, LOAD(IMEM(1)))); +} + +static RzAnalysisLiftedILOp op_l16si(XtensaContext *ctx) { + return SETG(REGN(0), + LET("mem16", LOADW(16, IMEM(1)), + SEXTRACT32(UNSIGNED(32, VARLP("mem16")), U32(0), U32(16)))); +} + +static RzAnalysisLiftedILOp op_l16ui(XtensaContext *ctx) { + return SETG(REGN(0), + LET("mem16", LOADW(16, IMEM(1)), + UNSIGNED(32, VARLP("mem16")))); +} + +// FIXME: ring? +static RzAnalysisLiftedILOp op_l32e(XtensaContext *ctx) { + return SETG(REGN(0), LOADW(32, ADD(IREG(1), U32(IMM(2))))); +} + +static RzAnalysisLiftedILOp op_l32i(XtensaContext *ctx) { + return SETG(REGN(0), LOADW(32, IMEM(1))); +} + +static RzAnalysisLiftedILOp op_l32r(XtensaContext *ctx) { + return SETG(REGN(0), LOADW(32, U32(L32R(1)))); +} + +static RzAnalysisLiftedILOp op_lddec(XtensaContext *ctx) { + return SEQ3( + SETL("vAddr", SUB(IREG(1), U32(4))), + SETG(REGN(0), LOADW(32, VARL("vAddr"))), + SETG(REGN(1), VARL("vAddr"))); +} + +static RzAnalysisLiftedILOp op_ldinc(XtensaContext *ctx) { + return SEQ3( + SETL("vAddr", ADD(IREG(1), U32(4))), + SETG(REGN(0), LOADW(32, VARL("vAddr"))), + SETG(REGN(1), VARL("vAddr"))); +} + +static RzAnalysisLiftedILOp op_loop(XtensaContext *ctx) { + return SEQ3( + SETG("lcount", SUB(IREG(0), U32(1))), + SETG("lbeg", U32(nextPC)), + SETG("lend", U32(PC + IMM(1)))); +} + +static RzAnalysisLiftedILOp op_loopgtz(XtensaContext *ctx) { + return SEQ2( + op_loop(ctx), + BRANCH(SLE(IREG(0), S32(0)), + JMP(U32(PC + IMM(1))), NOP())); +} + +static RzAnalysisLiftedILOp op_loopnez(XtensaContext *ctx) { + return SEQ2( + op_loop(ctx), + BRANCH(EQ(IREG(0), S32(0)), + JMP(U32(PC + IMM(1))), NOP())); +} + +static RzAnalysisLiftedILOp op_lsi(XtensaContext *ctx) { + return SEQ3( + SETL("vAddr", IMEM(1)), + SETL("memVal", LOADW(32, VARL("vAddr"))), + SETG(REGN(0), UNSIGNED(64, VARL("memVal")))); +} + +static RzAnalysisLiftedILOp op_lsip(XtensaContext *ctx) { + return SEQ4( + SETL("vAddr", IREG(1)), + SETL("memVal", LOADW(32, VARL("vAddr"))), + SETG(REGN(0), UNSIGNED(64, VARL("memVal"))), + SETG(REGN(1), ADD(VARL("vAddr"), U32(IMM(2))))); +} + +static RzAnalysisLiftedILOp op_lsx(XtensaContext *ctx) { + return SEQ3( + SETL("vAddr", ADD(IREG(1), IREG(2))), + SETL("memVal", LOADW(32, VARL("vAddr"))), + SETG(REGN(0), UNSIGNED(64, VARL("memVal")))); +} + +static RzAnalysisLiftedILOp op_lsxp(XtensaContext *ctx) { + return SEQ4( + SETL("vAddr", IREG(1)), + SETL("memVal", LOADW(32, VARL("vAddr"))), + SETG(REGN(0), UNSIGNED(64, VARL("memVal"))), + SETG(REGN(1), ADD(VARL("vAddr"), IREG(2)))); +} + +// FIXME: statusflags +static RzAnalysisLiftedILOp op_madd_s(XtensaContext *ctx) { + return SEQ5( + SETL("fr", FLOATV32(IREG(0))), + SETL("fs", FLOATV32(IREG(1))), + SETL("ft", FLOATV32(IREG(2))), + SETL("fres", FADD(RZ_FLOAT_RMODE_RNA, VARL("fr"), FMUL(RZ_FLOAT_RMODE_RNA, VARL("fs"), VARL("ft")))), + SETG(REGN(0), UNSIGNED(64, F2BV(VARL("fres"))))); +} + +// FIXME: statusflags +static RzAnalysisLiftedILOp op_msub_s(XtensaContext *ctx) { + return SEQ5( + SETL("fr", FLOATV32(IREG(0))), + SETL("fs", FLOATV32(IREG(1))), + SETL("ft", FLOATV32(IREG(2))), + SETL("fres", FSUB(RZ_FLOAT_RMODE_RNA, VARL("fr"), FMUL(RZ_FLOAT_RMODE_RNA, VARL("fs"), VARL("ft")))), + SETG(REGN(0), UNSIGNED(64, F2BV(VARL("fres"))))); +} + +static RzAnalysisLiftedILOp op_max(XtensaContext *ctx) { + return SETG(REGN(0), ITE(SLT(IREG(1), IREG(2)), IREG(2), IREG(1))); +} + +static RzAnalysisLiftedILOp op_maxu(XtensaContext *ctx) { + return SETG(REGN(0), ITE(ULT(IREG(1), IREG(2)), IREG(2), IREG(1))); +} + +static RzAnalysisLiftedILOp op_min(XtensaContext *ctx) { + return SETG(REGN(0), ITE(SGT(IREG(1), IREG(2)), IREG(2), IREG(1))); +} + +static RzAnalysisLiftedILOp op_minu(XtensaContext *ctx) { + return SETG(REGN(0), ITE(UGT(IREG(1), IREG(2)), IREG(2), IREG(1))); +} + +static RzAnalysisLiftedILOp op_memw(XtensaContext *ctx) { + return NOP(); +} + +// TODO: float +static RzAnalysisLiftedILOp op_mkdadj_s(XtensaContext *ctx) { + return NOP(); +} + +// TODO: float +static RzAnalysisLiftedILOp op_mksadj_s(XtensaContext *ctx) { + return NOP(); +} + +static RzAnalysisLiftedILOp op_moveqz(XtensaContext *ctx) { + return BRANCH( + EQ(IREG(2), U32(0)), + SETG(REGN(0), IREG(1)), + NOP()); +} + +static RzAnalysisLiftedILOp op_movnez(XtensaContext *ctx) { + return BRANCH( + NE(IREG(2), U32(0)), + SETG(REGN(0), IREG(1)), + NOP()); +} + +// FIXME: windowcheck +static RzAnalysisLiftedILOp op_movsp(XtensaContext *ctx) { + return SETG(REGN(0), IREG(1)); +} + +static RzAnalysisLiftedILOp op_movt(XtensaContext *ctx) { + return BRANCH( + IREG(2), + SETG(REGN(0), IREG(1)), + NOP()); +} + +static RzAnalysisLiftedILOp op_movf(XtensaContext *ctx) { + return BRANCH( + INV(IREG(2)), + SETG(REGN(0), IREG(1)), + NOP()); +} + +static RzAnalysisLiftedILOp op_movgez(XtensaContext *ctx) { + return BRANCH( + SGE(IREG(2), S32(0)), + SETG(REGN(0), IREG(1)), + NOP()); +} + +static RzAnalysisLiftedILOp op_movi(XtensaContext *ctx) { + return SETG(REGN(0), U32(IMM(1))); +} + +static RzAnalysisLiftedILOp op_movltz(XtensaContext *ctx) { + return BRANCH( + SLT(IREG(2), S32(0)), + SETG(REGN(0), IREG(1)), + NOP()); +} + +#define LO4(x) EXTRACT32(x, U32(0), U32(4)) +#define HI4(x) EXTRACT32(x, U32(4), U32(4)) +#define LO8(x) EXTRACT32(x, U32(0), U32(8)) +#define HI8(x) EXTRACT32(x, U32(8), U32(8)) +#define LO16(x) EXTRACT32(x, U32(0), U32(16)) +#define HI16(x) EXTRACT32(x, U32(16), U32(16)) +#define LO32(x) EXTRACT64(x, U32(0), U32(32)) +#define HI32(x) EXTRACT64(x, U32(32), U32(32)) + +static ut8 RRR_half(XtensaContext *ctx) { + rz_warn_if_fail(FORMAT == XTENSA_INSN_FORM_RRR); + return ctx->insn->bytes[2] & 0x3; +} + +static RzAnalysisLiftedILOp ACC_set(RzILOpPure *v) { + return SEQ3( + SETL("acc", v), + SETG("acclo", UNSIGNED(32, LO32(VARL("acc")))), + SETG("acchi", UNSIGNED(32, HI32(VARL("acc"))))); +} + +static RzILOpPure *ACC_val() { + return APPEND(VARG("acchi"), VARG("acclo")); +} + +static RzAnalysisLiftedILOp op_mul_aa(XtensaContext *ctx) { + ut8 half = RRR_half(ctx); + return SEQ3( + SETG("m1", half & 0x1 ? HI16(IREG(0)) : LO16(IREG(0))), + SETG("m2", half & 0x2 ? HI16(IREG(1)) : LO16(IREG(1))), + ACC_set(LET("sm1", SEXTRACT64(VARG("m1"), U32(0), U32(16)), + LET("sm2", SEXTRACT64(VARG("m2"), U32(0), U32(16)), + MUL(VARLP("sm1"), VARLP("sm2")))))); +} + +static RzAnalysisLiftedILOp f_mula__(XtensaContext *ctx, RzILOpPure *r0, RzILOpPure *r1) { + ut8 half = RRR_half(ctx); + return SEQ4( + SETG("m1", half & 0x1 ? HI16(r0) : LO16(DUP(r0))), + SETG("m2", half & 0x2 ? HI16(r1) : LO16(DUP(r1))), + SETL("acc", ACC_val()), + ACC_set(LET("sm1", SEXTRACT64(VARG("m1"), U32(0), U32(16)), + LET("sm2", SEXTRACT64(VARG("m2"), U32(0), U32(16)), + ADD(VARL("acc"), MUL(VARLP("sm1"), VARLP("sm2"))))))); +} + +static RzAnalysisLiftedILOp op_mula_aa(XtensaContext *ctx) { + return f_mula__(ctx, IREG(0), IREG(1)); +} + +static RzAnalysisLiftedILOp op_mula_da_lddec(XtensaContext *ctx) { + return SEQ2(f_mula__(ctx, IREG(2), IREG(3)), + op_lddec(ctx)); +} + +static RzAnalysisLiftedILOp op_mula_da_ldinc(XtensaContext *ctx) { + return SEQ2(f_mula__(ctx, IREG(2), IREG(3)), + op_ldinc(ctx)); +} + +// FIXME: statusflags +static RzAnalysisLiftedILOp op_mul_s(XtensaContext *ctx) { + return SEQ3( + SETL("frs", FLOATV32(IREG(1))), + SETL("frt", FLOATV32(IREG(2))), + SETG(REGN(0), UNSIGNED(64, F2BV(FMUL(RZ_FLOAT_RMODE_RNA, VARL("frs"), VARL("frt")))))); +} + +static RzAnalysisLiftedILOp op_mul16s(XtensaContext *ctx) { + return SEQ3( + SETL("ars", SEXTRACT32(IREG(1), U32(0), U32(16))), + SETL("art", SEXTRACT32(IREG(2), U32(0), U32(16))), + SETG(REGN(0), MUL(VARL("ars"), VARL("art")))); +} + +static RzAnalysisLiftedILOp op_mul16u(XtensaContext *ctx) { + return SEQ3( + SETL("ars", LO16(IREG(1))), + SETL("art", LO16(IREG(2))), + SETG(REGN(0), MUL(VARL("ars"), VARL("art")))); +} + +static RzAnalysisLiftedILOp op_mull(XtensaContext *ctx) { + return SEQ3( + SETL("ars", UNSIGNED(64, IREG(1))), + SETL("art", UNSIGNED(64, IREG(2))), + SETG(REGN(0), UNSIGNED(32, MUL(VARL("ars"), VARL("art"))))); +} + +static RzAnalysisLiftedILOp f_muls__(XtensaContext *ctx, RzILOpPure *r0, RzILOpPure *r1) { + ut8 half = RRR_half(ctx); + return SEQ4( + SETG("m1", half & 0x1 ? HI16(r0) : LO16(DUP(r0))), + SETG("m2", half & 0x2 ? HI16(r1) : LO16(DUP(r1))), + SETL("acc", ACC_val()), + ACC_set(LET("sm1", SEXTRACT64(VARG("m1"), U32(0), U32(16)), + LET("sm2", SEXTRACT64(VARG("m2"), U32(0), U32(16)), + SUB(VARL("acc"), MUL(VARLP("sm1"), VARLP("sm2"))))))); +} + +static RzAnalysisLiftedILOp op_muls_aa(XtensaContext *ctx) { + return f_muls__(ctx, IREG(0), IREG(1)); +} + +static RzAnalysisLiftedILOp op_mulsh(XtensaContext *ctx) { + return SEQ4( + SETL("ars", SEXTRACT64(IREG(1), U32(0), U32(32))), + SETL("art", SEXTRACT64(IREG(2), U32(0), U32(32))), + SETL("tp", MUL(VARL("ars"), VARL("art"))), + SETG(REGN(0), UNSIGNED(32, SHIFTR0(VARL("tp"), U32(32))))); +} + +static RzAnalysisLiftedILOp op_muluh(XtensaContext *ctx) { + return SEQ4( + SETL("ars", UNSIGNED(64, IREG(1))), + SETL("art", UNSIGNED(64, IREG(2))), + SETL("tp", MUL(VARL("ars"), VARL("art"))), + SETG(REGN(0), UNSIGNED(32, SHIFTR0(VARL("tp"), U32(32))))); +} + +static RzAnalysisLiftedILOp op_neg(XtensaContext *ctx) { + return SETG(REGN(0), NEG(IREG(1))); +} + +static RzAnalysisLiftedILOp op_neg_s(XtensaContext *ctx) { + return SETG(REGN(0), UNSIGNED(64, F2BV(FNEG(FLOATV32(IREG(1)))))); +} + +#define BV2BOOL(N, BV) (ITE(EQ(BV, UN(N, 0)), IL_FALSE, IL_TRUE)) + +static RzAnalysisLiftedILOp op_nexp01_s(XtensaContext *ctx) { + return SEQ5( + SETL("rs", IREG(1)), + SETL("frs", FLOATV32(VARL("rs"))), + SETL("frs64", FCONVERT(RZ_FLOAT_IEEE754_BIN_64, RZ_FLOAT_RMODE_RNA, VARL("frs"))), + SETL("rs31", SHIFTL0(BOOL_TO_BV(INV(BV2BOOL(64, EXTRACT64(VARL("rs"), U32(31), U32(1)))), 64), U32(31))), + SETG(REGN(0), + ITE(EQ(EXTRACT64(VARL("rs"), U32(23), U32(8)), U64(0xff)), + LOGOR(EXTRACT64(VARL("rs"), U32(0), U32(23)), + LOGOR(U64(0x7f << 23), + VARL("rs31"))), + ITE(EQ(EXTRACT64(VARL("rs"), U32(0), U32(31)), U64(0)), + LOGOR(U64(1 << 30), VARL("rs31")), + // FIXME: LOG2? + LET("N", FDIV(RZ_FLOAT_RMODE_RNA, FABS(VARL("frs64")), F64(2.)), + F2BV(FNEG(FDIV(RZ_FLOAT_RMODE_RNA, VARL("frs64"), FPOW(RZ_FLOAT_RMODE_RNA, F64(4.), VARLP("N")))))))))); +} + +static RzAnalysisLiftedILOp op_nop(XtensaContext *ctx) { + return NOP(); +} + +static RzAnalysisLiftedILOp op_nsa(XtensaContext *ctx) { + return SEQ3( + SETL("ars", IREG(1)), + SETL("sign", EXTRACT32(VARL("ars"), U32(31), U32(1))), + SETG(REGN(0), + ITE(EQ(VARL("sign"), EXTRACT32(VARL("ars"), U32(0), U32(31))), U32(31), + LET("b4", EQ(VARL("sign"), EXTRACT32(VARL("ars"), U32(16), U32(15))), + LET("t3", ITE(VARLP("b4"), LO16(VARL("ars")), HI16(VARL("ars"))), + LET("b3", EQ(VARL("sign"), EXTRACT32(VARLP("t3"), U32(8), U32(8))), + LET("t2", ITE(VARLP("b3"), LO8(VARLP("t3")), HI8(VARLP("t3"))), + LET("b2", EQ(VARL("sign"), EXTRACT32(VARLP("t2"), U32(4), U32(4))), + LET("t1", ITE(VARLP("b2"), LO4(VARLP("t2")), HI4(VARLP("t2"))), + LET("b1", EQ(VARL("sign"), EXTRACT32(VARLP("t1"), U32(2), U32(2))), + LET("b0", ITE(VARLP("b1"), EQ(EXTRACT32(VARLP("t1"), U32(0), U32(1)), VARL("sign")), EQ(EXTRACT32(VARLP("t1"), U32(3), U32(1)), VARL("sign"))), + SUB(LOGOR( + SHIFTL0(BOOL_TO_BV(VARLP("b4"), 32), U32(4)), + LOGOR(SHIFTL0(BOOL_TO_BV(VARLP("b3"), 32), U32(3)), + LOGOR(SHIFTL0(BOOL_TO_BV(VARLP("b2"), 32), U32(2)), + LOGOR(SHIFTL0(BOOL_TO_BV(VARLP("b1"), 32), U32(1)), + BOOL_TO_BV(VARLP("b0"), 32))))), + U32(1))))))))))))); +} + +static RzAnalysisLiftedILOp op_nsau(XtensaContext *ctx) { + return SEQ3( + SETL("ars", IREG(1)), + SETL("sign", U32(0)), + SETG(REGN(0), + ITE(EQ(VARL("sign"), VARL("ars")), U32(32), + LET("b4", EQ(VARL("sign"), EXTRACT32(VARL("ars"), U32(16), U32(16))), + LET("t3", ITE(VARLP("b4"), LO16(VARL("ars")), HI16(VARL("ars"))), + LET("b3", EQ(VARL("sign"), EXTRACT32(VARLP("t3"), U32(8), U32(8))), + LET("t2", ITE(VARLP("b3"), LO8(VARLP("t3")), HI8(VARLP("t3"))), + LET("b2", EQ(VARL("sign"), EXTRACT32(VARLP("t2"), U32(4), U32(4))), + LET("t1", ITE(VARLP("b2"), LO4(VARLP("t2")), HI4(VARLP("t2"))), + LET("b1", EQ(VARL("sign"), EXTRACT32(VARLP("t1"), U32(2), U32(2))), + LET("b0", ITE(VARLP("b1"), EQ(EXTRACT32(VARLP("t1"), U32(0), U32(1)), VARL("sign")), EQ(EXTRACT32(VARLP("t1"), U32(3), U32(1)), VARL("sign"))), + LOGOR(SHIFTL0(BOOL_TO_BV(VARLP("b4"), 32), U32(4)), + LOGOR(SHIFTL0(BOOL_TO_BV(VARLP("b3"), 32), U32(3)), + LOGOR(SHIFTL0(BOOL_TO_BV(VARLP("b2"), 32), U32(2)), + LOGOR(SHIFTL0(BOOL_TO_BV(VARLP("b1"), 32), U32(1)), + BOOL_TO_BV(VARLP("b0"), 32)))))))))))))))); +} + +// FIXME: statusflags +static RzAnalysisLiftedILOp op_oeq_s(XtensaContext *ctx) { + return SETG(REGN(0), FEQ(FLOATV32(IREG(1)), FLOATV32(IREG(2)))); +} + +// FIXME: statusflags +static RzAnalysisLiftedILOp op_ole_s(XtensaContext *ctx) { + return SETG(REGN(0), FLE(FLOATV32(IREG(1)), FLOATV32(IREG(2)))); +} + +// FIXME: statusflags +static RzAnalysisLiftedILOp op_olt_s(XtensaContext *ctx) { + return SETG(REGN(0), FLT(FLOATV32(IREG(1)), FLOATV32(IREG(2)))); +} + +static RzAnalysisLiftedILOp op_or(XtensaContext *ctx) { + return SETG(REGN(0), LOGOR(IREG(1), IREG(2))); +} + +static RzAnalysisLiftedILOp op_orb(XtensaContext *ctx) { + return SETG(REGN(0), OR(IREG(1), IREG(2))); +} + +static RzAnalysisLiftedILOp op_orbc(XtensaContext *ctx) { + return SETG(REGN(0), OR(IREG(1), INV(IREG(2)))); +} + +static RzAnalysisLiftedILOp op_quos(XtensaContext *ctx) { + return SETG(REGN(0), SDIV(IREG(1), IREG(2))); +} + +static RzAnalysisLiftedILOp op_quou(XtensaContext *ctx) { + return SETG(REGN(0), DIV(IREG(1), IREG(2))); +} + +// TODO: see Divide and Square Root Sequences +static RzAnalysisLiftedILOp op_recip0_s(XtensaContext *ctx) { + return NOP(); +} + +static RzAnalysisLiftedILOp op_rems(XtensaContext *ctx) { + return SETG(REGN(0), SMOD(IREG(1), IREG(2))); +} + +static RzAnalysisLiftedILOp op_remu(XtensaContext *ctx) { + return SETG(REGN(0), MOD(IREG(1), IREG(2))); +} + +static RzAnalysisLiftedILOp op_ret(XtensaContext *ctx) { + return JMP(VARG("a0")); +} + +// TODO: windowcheck +static RzAnalysisLiftedILOp op_retw(XtensaContext *ctx) { + return NOP(); +} + +static RzAnalysisLiftedILOp op_rfde(XtensaContext *ctx) { + return JMP(ITE(VARG("ndepc"), VARG("depc"), IEPC(1))); +} + +#define PS_field_set(F, V) SETG("ps", reg_field_set(&ps_field_tbl, (F), VARG("ps"), (V))) +#define PS_EXCM_CLEAR PS_field_set(PS_EXCM, U32(0)) + +static RzAnalysisLiftedILOp op_rfe(XtensaContext *ctx) { + return SEQ2( + PS_EXCM_CLEAR, + JMP(IEPC(1))); +} + +static RzAnalysisLiftedILOp op_rfi(XtensaContext *ctx) { + return SEQ2( + SETG("ps", IEPS(IMM(0))), + JMP(IEPC(IMM(0)))); +} + +static RzAnalysisLiftedILOp op_rfr(XtensaContext *ctx) { + return SETG(REGN(0), UNSIGNED(32, IREG(1))); +} + +// TODO: windowcheck +static RzAnalysisLiftedILOp op_rfwo(XtensaContext *ctx) { + return SEQ2( + PS_EXCM_CLEAR, + JMP(IEPC(1))); +} + +// TODO: windowcheck +static RzAnalysisLiftedILOp op_rfwu(XtensaContext *ctx) { + return SEQ2( + PS_EXCM_CLEAR, + JMP(IEPC(1))); +} + +// TODO: window +static RzAnalysisLiftedILOp op_rotw(XtensaContext *ctx) { + return NOP(); +} + +// FIXME: statusflags +static RzAnalysisLiftedILOp op_round_s(XtensaContext *ctx) { + return SETG(REGN(0), + F2BV(FROUND(RZ_FLOAT_RMODE_RNA, FMUL(RZ_FLOAT_RMODE_RNA, FLOATV32(IREG(1)), F32(pow(2, IMM(2))))))); +} + +static RzAnalysisLiftedILOp op_rsil(XtensaContext *ctx) { + return SEQ2(SETG(REGN(0), VARG("ps")), + PS_field_set(PS_INTLEVEL, U32(IMM(1)))); +} + +// FIXME: statusflags+reciprocal_square_root_approximation +static RzAnalysisLiftedILOp op_rsqrt0_s(XtensaContext *ctx) { + return NOP(); +} + +static RzAnalysisLiftedILOp op_rsr(XtensaContext *ctx) { + return SETG(REGN(0), IREG(1)); +} + +static RzAnalysisLiftedILOp op_rsync(XtensaContext *ctx) { + return NOP(); +} + +#define RUR_IMPL(S) \ + static RzAnalysisLiftedILOp op_rur_##S(XtensaContext *ctx) { \ + return SETG(REGN(0), VARG(#S)); \ + } +#define RUR_AE_IMPL(S) \ + static RzAnalysisLiftedILOp op_rur_ae_##S(XtensaContext *ctx) { \ + return SETG(REGN(0), VARG(#S)); \ + } + +RUR_IMPL(accx_0); +RUR_IMPL(accx_1); +RUR_AE_IMPL(bithead); +RUR_AE_IMPL(bitptr); +RUR_AE_IMPL(bitsused); +RUR_AE_IMPL(cbegin0); +RUR_AE_IMPL(cend0); +RUR_AE_IMPL(cwrap); +RUR_AE_IMPL(cw_sd_no); +RUR_AE_IMPL(first_ts); +RUR_AE_IMPL(nextoffset); +RUR_AE_IMPL(overflow); +RUR_AE_IMPL(ovf_sar); +RUR_AE_IMPL(sar); +RUR_AE_IMPL(searchdone); +RUR_AE_IMPL(tablesize); +RUR_AE_IMPL(ts_fts_bu_bp); +RUR_IMPL(fft_bit_width); +RUR_IMPL(gpio_out); +RUR_IMPL(qacc_h_0); +RUR_IMPL(qacc_h_1); +RUR_IMPL(qacc_h_2); +RUR_IMPL(qacc_h_3); +RUR_IMPL(qacc_h_4); +RUR_IMPL(qacc_l_0); +RUR_IMPL(qacc_l_1); +RUR_IMPL(qacc_l_2); +RUR_IMPL(qacc_l_3); +RUR_IMPL(qacc_l_4); +RUR_IMPL(sar_byte); +RUR_IMPL(ua_state_0); +RUR_IMPL(ua_state_1); +RUR_IMPL(ua_state_2); +RUR_IMPL(ua_state_3); + +static RzAnalysisLiftedILOp op_s16i(XtensaContext *ctx) { + return SEQ2( + SETL("vAddr", IMEM(1)), + STOREW(VARL("vAddr"), UNSIGNED(16, IREG(0)))); +} + +static RzAnalysisLiftedILOp op_s32c1i(XtensaContext *ctx) { + return SEQ4( + SETL("vAddr", IMEM(1)), + SETL("mem", LOADW(32, VARL("vAddr"))), + BRANCH(EQ(VARL("mem"), VARG("scompare1")), + STOREW(VARL("vAddr"), IREG(0)), + NOP()), + SETG(REGN(0), VARL("mem"))); +} + +// FIXME: ring +static RzAnalysisLiftedILOp op_s32e(XtensaContext *ctx) { + return SEQ2( + SETL("vAddr", ADD(IREG(1), S32(IMM(2)))), + STOREW(VARL("vAddr"), IREG(0))); +} + +static RzAnalysisLiftedILOp op_s32i(XtensaContext *ctx) { + return SEQ2( + SETL("vAddr", IMEM(1)), + STOREW(VARL("vAddr"), IREG(0))); +} + +static RzAnalysisLiftedILOp op_s8i(XtensaContext *ctx) { + return SEQ2( + SETL("vAddr", IMEM(1)), + STORE(VARL("vAddr"), UNSIGNED(8, IREG(0)))); +} + +static RzAnalysisLiftedILOp op_sext(XtensaContext *ctx) { + return SETG(REGN(0), SEXTRACT32(IREG(1), U32(0), U32(IMM(2)))); +} + +static RzAnalysisLiftedILOp op_simcall(XtensaContext *ctx) { + return NOP(); +} + +static RzAnalysisLiftedILOp op_sll(XtensaContext *ctx) { + return SEQ2( + SETL("sa", EXTRACT32(VARG("sar"), U32(0), U32(5))), + SETG(REGN(0), SHIFTL0(IREG(1), VARL("sa")))); +} + +static RzAnalysisLiftedILOp op_slli(XtensaContext *ctx) { + return SEQ2( + SETL("sa", U32(IMM(2))), + SETG(REGN(0), SHIFTL0(IREG(1), VARL("sa")))); +} + +// TODO: see Divide and Square Root Sequences on page 110. +static RzAnalysisLiftedILOp op_sqrt0_s(XtensaContext *ctx) { + return NOP(); +} + +static RzAnalysisLiftedILOp op_sra(XtensaContext *ctx) { + return SEQ2( + SETL("sa", EXTRACT32(VARG("sar"), U32(0), U32(5))), + SETG(REGN(0), SHIFTRA(IREG(1), VARL("sa")))); +} + +static RzAnalysisLiftedILOp op_srai(XtensaContext *ctx) { + return SEQ2( + SETL("sa", U32(IMM(2))), + SETG(REGN(0), SHIFTRA(IREG(1), VARL("sa")))); +} + +static RzAnalysisLiftedILOp op_src(XtensaContext *ctx) { + return SEQ2( + SETL("sa", EXTRACT32(VARG("sar"), U32(0), U32(5))), + SETG(REGN(0), UNSIGNED(32, SHIFTR0(APPEND(IREG(1), IREG(2)), VARL("sa"))))); +} + +static RzAnalysisLiftedILOp op_srl(XtensaContext *ctx) { + return SEQ2( + SETL("sa", EXTRACT32(VARG("sar"), U32(0), U32(5))), + SETG(REGN(0), SHIFTR0(IREG(1), VARL("sa")))); +} + +static RzAnalysisLiftedILOp op_srli(XtensaContext *ctx) { + return SEQ2( + SETL("sa", U32(IMM(2))), + SETG(REGN(0), SHIFTR0(IREG(1), VARL("sa")))); +} + +static RzAnalysisLiftedILOp op_ssa8l(XtensaContext *ctx) { + return SETG("sar", SHIFTL0(EXTRACT32(IREG(0), U32(0), U32(2)), U32(3))); +} + +static RzAnalysisLiftedILOp op_ssai(XtensaContext *ctx) { + return SETG("sar", U32(IMM(0))); +} + +static RzAnalysisLiftedILOp op_ssi(XtensaContext *ctx) { + return SEQ2( + SETL("vAddr", IMEM(1)), + STOREW(VARL("vAddr"), UNSIGNED(32, IREG(0)))); +} + +static RzAnalysisLiftedILOp op_ssip(XtensaContext *ctx) { + return SEQ3( + SETL("vAddr", IREG(1)), + STOREW(VARL("vAddr"), IREG(0)), + SETG(REGN(1), U32(IMM(2)))); +} + +static RzAnalysisLiftedILOp op_ssl(XtensaContext *ctx) { + return SEQ2( + SETL("sa", UNSIGNED(5, IREG(0))), + SETG("sar", SUB(U32(32), V32(VARL("sa"))))); +} + +static RzAnalysisLiftedILOp op_ssr(XtensaContext *ctx) { + return SEQ2( + SETL("sa", UNSIGNED(5, IREG(0))), + SETG("sar", V32(VARL("sa")))); +} + +static RzAnalysisLiftedILOp op_ssx(XtensaContext *ctx) { + return SEQ2( + SETL("vAddr", ADD(IREG(1), IREG(2))), + STOREW(VARL("vAddr"), V32(IREG(0)))); +} + +static RzAnalysisLiftedILOp op_ssxp(XtensaContext *ctx) { + return SEQ3( + SETL("vAddr", IREG(1)), + STOREW(VARL("vAddr"), V32(IREG(0))), + SETG(REGN(1), ADD(VARL("vAddr"), IREG(2)))); +} + +static RzAnalysisLiftedILOp op_sub(XtensaContext *ctx) { + return SETG(REGN(0), SUB(IREG(1), IREG(2))); +} + +static RzAnalysisLiftedILOp op_subx2(XtensaContext *ctx) { + return SETG(REGN(0), SUB(SHIFTL0(IREG(1), U32(1)), IREG(2))); +} + +static RzAnalysisLiftedILOp op_subx4(XtensaContext *ctx) { + return SETG(REGN(0), SUB(SHIFTL0(IREG(1), U32(2)), IREG(2))); +} + +static RzAnalysisLiftedILOp op_subx8(XtensaContext *ctx) { + return SETG(REGN(0), SUB(SHIFTL0(IREG(1), U32(3)), IREG(2))); +} + +// FIXME: statusflags +static RzAnalysisLiftedILOp op_sub_s(XtensaContext *ctx) { + return SETG(REGN(0), SUB(IREG(1), IREG(2))); +} + +static RzAnalysisLiftedILOp op_syscall(XtensaContext *ctx) { + return NOP(); +} + +// FIXME: statusflags +static RzAnalysisLiftedILOp op_trunc_s(XtensaContext *ctx) { + return SETG(REGN(0), + F2SINT(32, RZ_FLOAT_RMODE_RNA, FMUL(RZ_FLOAT_RMODE_RNA, FLOATV32(IREG(1)), F32(pow(2, IMM(2)))))); +} + +// FIXME: statusflags +static RzAnalysisLiftedILOp op_ueq_s(XtensaContext *ctx) { + return SETG(REGN(0), FEQ(FLOATV32(IREG(1)), FLOATV32(IREG(2)))); +} + +// FIXME: statusflags +static RzAnalysisLiftedILOp op_ufloat_s(XtensaContext *ctx) { + return SEQ2( + SETL("fs", FMUL(RZ_FLOAT_RMODE_RNA, INT2F(RZ_FLOAT_IEEE754_BIN_32, RZ_FLOAT_RMODE_RNA, IREG(1)), F32(pow(2, -IMM(IMM(2)))))), + SETG(REGN(0), UNSIGNED(64, F2BV(VARL("fs"))))); +} + +// FIXME: statusflags +static RzAnalysisLiftedILOp op_ule_s(XtensaContext *ctx) { + return SETG(REGN(0), FLE(FLOATV32(IREG(1)), FLOATV32(IREG(2)))); +} + +// FIXME: statusflags +static RzAnalysisLiftedILOp op_ult_s(XtensaContext *ctx) { + return SETG(REGN(0), FLT(FLOATV32(IREG(1)), FLOATV32(IREG(2)))); +} + +static RzAnalysisLiftedILOp op_umul_aa(XtensaContext *ctx) { + ut8 half = RRR_half(ctx); + return SEQ3( + SETG("m1", half & 0x1 ? HI16(IREG(0)) : LO16(IREG(0))), + SETG("m2", half & 0x2 ? HI16(IREG(1)) : LO16(IREG(1))), + ACC_set(MUL(V64(VARG("m1")), V64(VARG("m2"))))); +} + +// FIXME: statusflags +static RzAnalysisLiftedILOp op_un_s(XtensaContext *ctx) { + return SETG(REGN(0), OR(IS_FNAN(FLOATV32(IREG(1))), IS_FNAN(FLOATV32(IREG(2))))); +} + +// FIXME: statusflags +static RzAnalysisLiftedILOp op_utrunc_s(XtensaContext *ctx) { + return SETG(REGN(0), + F2INT(32, RZ_FLOAT_RMODE_RNA, FMUL(RZ_FLOAT_RMODE_RNA, FLOATV32(IREG(1)), F32(pow(2, IMM(2)))))); +} + +// TODO: interrupt +static RzAnalysisLiftedILOp op_waiti(XtensaContext *ctx) { + return NOP(); +} + +// TODO: datatlb +static RzAnalysisLiftedILOp op_wdtlb(XtensaContext *ctx) { + return NOP(); +} + +static RzAnalysisLiftedILOp op_wer(XtensaContext *ctx) { + return NOP(); +} + +static RzAnalysisLiftedILOp op_wfr(XtensaContext *ctx) { + return SETG(REGN(0), V64(IREG(1))); +} + +// TODO: datatlb +static RzAnalysisLiftedILOp op_witlb(XtensaContext *ctx) { + return NOP(); +} + +static RzAnalysisLiftedILOp op_wsr(XtensaContext *ctx) { + return SETG(REGN(0), IREG(1)); +} + +#define WUR_IMPL(S) \ + static RzAnalysisLiftedILOp op_wur_##S(XtensaContext *ctx) { \ + return SETG(#S, IREG(0)); \ + } +#define WUR_AE_IMPL(S) \ + static RzAnalysisLiftedILOp op_wur_ae_##S(XtensaContext *ctx) { \ + return SETG(#S, IREG(0)); \ + } + +WUR_IMPL(accx_0); +WUR_IMPL(accx_1); +WUR_AE_IMPL(bithead); +WUR_AE_IMPL(bitptr); +WUR_AE_IMPL(bitsused); +WUR_AE_IMPL(cbegin0); +WUR_AE_IMPL(cend0); +WUR_AE_IMPL(cwrap); +WUR_AE_IMPL(cw_sd_no); +WUR_AE_IMPL(first_ts); +WUR_AE_IMPL(nextoffset); +WUR_AE_IMPL(overflow); +WUR_AE_IMPL(ovf_sar); +WUR_AE_IMPL(sar); +WUR_AE_IMPL(searchdone); +WUR_AE_IMPL(tablesize); +WUR_AE_IMPL(ts_fts_bu_bp); +WUR_IMPL(fcr); +WUR_IMPL(fft_bit_width); +WUR_IMPL(fsr); +WUR_IMPL(gpio_out); +WUR_IMPL(qacc_h_0); +WUR_IMPL(qacc_h_1); +WUR_IMPL(qacc_h_2); +WUR_IMPL(qacc_h_3); +WUR_IMPL(qacc_h_4); +WUR_IMPL(qacc_l_0); +WUR_IMPL(qacc_l_1); +WUR_IMPL(qacc_l_2); +WUR_IMPL(qacc_l_3); +WUR_IMPL(qacc_l_4); +WUR_IMPL(sar_byte); +WUR_IMPL(ua_state_0); +WUR_IMPL(ua_state_1); +WUR_IMPL(ua_state_2); +WUR_IMPL(ua_state_3); + +static RzAnalysisLiftedILOp op_xor(XtensaContext *ctx) { + return SETG(REGN(0), LOGXOR(IREG(1), IREG(2))); +} + +static RzAnalysisLiftedILOp op_xorb(XtensaContext *ctx) { + return SETG(REGN(0), XOR(IREG(1), IREG(2))); +} + +static RzAnalysisLiftedILOp op_xsr(XtensaContext *ctx) { + return SEQ3( + SETL("t0", IREG(0)), + SETG(REGN(0), IREG(1)), + SETG(REGN(1), VARL("t0"))); +} + +#include + +static const fn_analyze_op_il fn_tbl[] = { + [XTENSA_INS_ABS] = op_abs, + [XTENSA_INS_ABS_S] = op_abs_s, + [XTENSA_INS_ADD] = op_add, + [XTENSA_INS_ADD_N] = op_add, + [XTENSA_INS_ADD_S] = op_add_s, + [XTENSA_INS_ADDEXP_S] = op_addexp_s, + [XTENSA_INS_ADDEXPM_S] = op_addexpm_s, + [XTENSA_INS_ADDI] = op_addi, + [XTENSA_INS_ADDI_N] = op_addi, + [XTENSA_INS_ADDMI] = op_addi, + [XTENSA_INS_ADDX2] = op_addx2, + [XTENSA_INS_ADDX4] = op_addx4, + [XTENSA_INS_ADDX8] = op_addx8, + [XTENSA_INS_ALL4] = op_all4, + [XTENSA_INS_ALL8] = op_all8, + [XTENSA_INS_AND] = op_and, + [XTENSA_INS_ANDB] = op_andb, + [XTENSA_INS_ANDBC] = op_andbc, + [XTENSA_INS_ANY4] = op_any4, + [XTENSA_INS_ANY8] = op_any8, + [XTENSA_INS_BALL] = op_ball, + [XTENSA_INS_BNALL] = op_bnall, + [XTENSA_INS_BANY] = op_bany, + [XTENSA_INS_BNONE] = op_bnone, + [XTENSA_INS_BBC] = op_bbc, + [XTENSA_INS_BBS] = op_bbs, + [XTENSA_INS_BBCI] = op_bbci, + [XTENSA_INS_BBSI] = op_bbsi, + [XTENSA_INS_BEQ] = op_beq, + [XTENSA_INS_BNE] = op_bne, + [XTENSA_INS_BEQI] = op_beqi, + [XTENSA_INS_BNEI] = op_bnei, + [XTENSA_INS_BEQZ] = op_beqz, + [XTENSA_INS_BNEZ] = op_bnez, + [XTENSA_INS_BF] = op_bf, + [XTENSA_INS_BT] = op_bt, + [XTENSA_INS_BGE] = op_bge, + [XTENSA_INS_BLT] = op_blt, + [XTENSA_INS_BGEI] = op_bgei, + [XTENSA_INS_BLTI] = op_blti, + [XTENSA_INS_BGEU] = op_bgeu, + [XTENSA_INS_BLTU] = op_bltu, + [XTENSA_INS_BGEUI] = op_bgeui, + [XTENSA_INS_BLTUI] = op_bltui, + [XTENSA_INS_BGEZ] = op_bgez, + [XTENSA_INS_BLTZ] = op_bltz, + [XTENSA_INS_BREAK] = op_break, + [XTENSA_INS_BREAK_N] = op_break, + [XTENSA_INS_CALL0] = op_call0, + [XTENSA_INS_CALL4] = op_call4, + [XTENSA_INS_CALL8] = op_call8, + [XTENSA_INS_CALL12] = op_call12, + [XTENSA_INS_CALLX0] = op_callx0, + [XTENSA_INS_CALLX4] = op_callx4, + [XTENSA_INS_CALLX8] = op_callx8, + [XTENSA_INS_CALLX12] = op_callx12, + [XTENSA_INS_CEIL_S] = op_ceil_s, + [XTENSA_INS_CLAMPS] = op_clamps, + [XTENSA_INS_CONST_S] = op_const_s, + [XTENSA_INS_DIV0_S] = op_div0_s, + [XTENSA_INS_DIVN_S] = op_divn_s, + [XTENSA_INS_DSYNC] = op_dsync, + [XTENSA_INS_ENTRY] = op_entry, + [XTENSA_INS_ESYNC] = op_esync, + [XTENSA_INS_EXCW] = op_excw, + [XTENSA_INS_EXTUI] = op_extui, + [XTENSA_INS_EXTW] = op_extw, + [XTENSA_INS_FLOAT_S] = op_float_s, + [XTENSA_INS_FLOOR_S] = op_floor_s, + [XTENSA_INS_ISYNC] = op_isync, + [XTENSA_INS_J] = op_j, + [XTENSA_INS_JX] = op_jx, + [XTENSA_INS_L8UI] = op_l8ui, + [XTENSA_INS_L16SI] = op_l16si, + [XTENSA_INS_L16UI] = op_l16ui, + [XTENSA_INS_L32E] = op_l32e, + [XTENSA_INS_L32I] = op_l32i, + [XTENSA_INS_L32I_N] = op_l32i, + [XTENSA_INS_L32R] = op_l32r, + [XTENSA_INS_LDDEC] = op_lddec, + [XTENSA_INS_LDINC] = op_ldinc, + [XTENSA_INS_LOOP] = op_loop, + [XTENSA_INS_LOOPGTZ] = op_loopgtz, + [XTENSA_INS_LOOPNEZ] = op_loopnez, + [XTENSA_INS_LSI] = op_lsi, + [XTENSA_INS_LSIP] = op_lsip, + [XTENSA_INS_LSX] = op_lsx, + [XTENSA_INS_LSXP] = op_lsxp, + [XTENSA_INS_MADD_S] = op_madd_s, + [XTENSA_INS_MADDN_S] = op_madd_s, + [XTENSA_INS_MAX] = op_max, + [XTENSA_INS_MAXU] = op_maxu, + [XTENSA_INS_MEMW] = op_memw, + [XTENSA_INS_MIN] = op_min, + [XTENSA_INS_MINU] = op_minu, + [XTENSA_INS_MKDADJ_S] = op_mkdadj_s, + [XTENSA_INS_MKSADJ_S] = op_mksadj_s, + [XTENSA_INS_MOVEQZ] = op_moveqz, + [XTENSA_INS_MOVEQZ_S] = op_moveqz, + [XTENSA_INS_MOVF] = op_movf, + [XTENSA_INS_MOVF_S] = op_movf, + [XTENSA_INS_MOVGEZ] = op_movgez, + [XTENSA_INS_MOVGEZ_S] = op_movgez, + [XTENSA_INS_MOVI] = op_movi, + [XTENSA_INS_MOVI_N] = op_movi, + [XTENSA_INS_MOVLTZ] = op_movltz, + [XTENSA_INS_MOVLTZ_S] = op_movltz, + [XTENSA_INS_MOVNEZ] = op_movnez, + [XTENSA_INS_MOVNEZ_S] = op_movnez, + [XTENSA_INS_MOVSP] = op_movsp, + [XTENSA_INS_MOVT] = op_movt, + [XTENSA_INS_MOVT_S] = op_movt, + [XTENSA_INS_MSUB_S] = op_msub_s, + [XTENSA_INS_MUL_AA_LL] = op_mul_aa, + [XTENSA_INS_MUL_AA_LH] = op_mul_aa, + [XTENSA_INS_MUL_AA_HL] = op_mul_aa, + [XTENSA_INS_MUL_AA_HH] = op_mul_aa, + [XTENSA_INS_MUL_AD_LL] = op_mul_aa, + [XTENSA_INS_MUL_AD_LH] = op_mul_aa, + [XTENSA_INS_MUL_AD_HL] = op_mul_aa, + [XTENSA_INS_MUL_AD_HH] = op_mul_aa, + [XTENSA_INS_MUL_DD_LL] = op_mul_aa, + [XTENSA_INS_MUL_DD_LH] = op_mul_aa, + [XTENSA_INS_MUL_DD_HL] = op_mul_aa, + [XTENSA_INS_MUL_DD_HH] = op_mul_aa, + [XTENSA_INS_MUL_S] = op_mul_s, + [XTENSA_INS_MUL16S] = op_mul16s, + [XTENSA_INS_MUL16U] = op_mul16u, + [XTENSA_INS_MULA_AA_LL] = op_mula_aa, + [XTENSA_INS_MULA_AA_LH] = op_mula_aa, + [XTENSA_INS_MULA_AA_HL] = op_mula_aa, + [XTENSA_INS_MULA_AA_HH] = op_mula_aa, + [XTENSA_INS_MULA_AD_LL] = op_mula_aa, + [XTENSA_INS_MULA_AD_LH] = op_mula_aa, + [XTENSA_INS_MULA_AD_HL] = op_mula_aa, + [XTENSA_INS_MULA_AD_HH] = op_mula_aa, + [XTENSA_INS_MULA_DA_LL] = op_mula_aa, + [XTENSA_INS_MULA_DA_LH] = op_mula_aa, + [XTENSA_INS_MULA_DA_HL] = op_mula_aa, + [XTENSA_INS_MULA_DA_HH] = op_mula_aa, + [XTENSA_INS_MULA_DD_LL] = op_mula_aa, + [XTENSA_INS_MULA_DD_LH] = op_mula_aa, + [XTENSA_INS_MULA_DD_HL] = op_mula_aa, + [XTENSA_INS_MULA_DD_HH] = op_mula_aa, + [XTENSA_INS_MULA_DA_LL_LDDEC] = op_mula_da_lddec, + [XTENSA_INS_MULA_DA_LH_LDDEC] = op_mula_da_lddec, + [XTENSA_INS_MULA_DA_HL_LDDEC] = op_mula_da_lddec, + [XTENSA_INS_MULA_DA_HH_LDDEC] = op_mula_da_lddec, + [XTENSA_INS_MULA_DA_LL_LDINC] = op_mula_da_ldinc, + [XTENSA_INS_MULA_DA_LH_LDINC] = op_mula_da_ldinc, + [XTENSA_INS_MULA_DA_HL_LDINC] = op_mula_da_ldinc, + [XTENSA_INS_MULA_DA_HH_LDINC] = op_mula_da_ldinc, + [XTENSA_INS_MULA_DD_LL_LDDEC] = op_mula_da_lddec, + [XTENSA_INS_MULA_DD_LH_LDDEC] = op_mula_da_lddec, + [XTENSA_INS_MULA_DD_HL_LDDEC] = op_mula_da_lddec, + [XTENSA_INS_MULA_DD_HH_LDDEC] = op_mula_da_lddec, + [XTENSA_INS_MULA_DD_LL_LDINC] = op_mula_da_ldinc, + [XTENSA_INS_MULA_DD_LH_LDINC] = op_mula_da_ldinc, + [XTENSA_INS_MULA_DD_HL_LDINC] = op_mula_da_ldinc, + [XTENSA_INS_MULA_DD_HH_LDINC] = op_mula_da_ldinc, + [XTENSA_INS_MULL] = op_mull, + [XTENSA_INS_MULS_AA_LL] = op_muls_aa, + [XTENSA_INS_MULS_AA_LH] = op_muls_aa, + [XTENSA_INS_MULS_AA_HL] = op_muls_aa, + [XTENSA_INS_MULS_AA_HH] = op_muls_aa, + [XTENSA_INS_MULS_AD_LL] = op_muls_aa, + [XTENSA_INS_MULS_AD_LH] = op_muls_aa, + [XTENSA_INS_MULS_AD_HL] = op_muls_aa, + [XTENSA_INS_MULS_AD_HH] = op_muls_aa, + [XTENSA_INS_MULS_DA_LL] = op_muls_aa, + [XTENSA_INS_MULS_DA_LH] = op_muls_aa, + [XTENSA_INS_MULS_DA_HL] = op_muls_aa, + [XTENSA_INS_MULS_DA_HH] = op_muls_aa, + [XTENSA_INS_MULS_DD_LL] = op_muls_aa, + [XTENSA_INS_MULS_DD_LH] = op_muls_aa, + [XTENSA_INS_MULS_DD_HL] = op_muls_aa, + [XTENSA_INS_MULS_DD_HH] = op_muls_aa, + [XTENSA_INS_MULSH] = op_mulsh, + [XTENSA_INS_MULUH] = op_muluh, + [XTENSA_INS_NEG] = op_neg, + [XTENSA_INS_NEG_S] = op_neg_s, + [XTENSA_INS_NEXP01_S] = op_nexp01_s, + [XTENSA_INS_NOP] = op_nop, + [XTENSA_INS_NSA] = op_nsa, + [XTENSA_INS_NSAU] = op_nsau, + [XTENSA_INS_OEQ_S] = op_oeq_s, + [XTENSA_INS_OLE_S] = op_ole_s, + [XTENSA_INS_OLT_S] = op_olt_s, + [XTENSA_INS_OR] = op_or, + [XTENSA_INS_ORB] = op_orb, + [XTENSA_INS_ORBC] = op_orbc, + [XTENSA_INS_QUOS] = op_quos, + [XTENSA_INS_QUOU] = op_quou, + [XTENSA_INS_RECIP0_S] = op_recip0_s, + [XTENSA_INS_REMS] = op_rems, + [XTENSA_INS_REMU] = op_remu, + [XTENSA_INS_RER] = op_nop, + [XTENSA_INS_RET] = op_ret, + [XTENSA_INS_RETW] = op_retw, + [XTENSA_INS_RETW_N] = op_retw, + [XTENSA_INS_RET_N] = op_ret, + [XTENSA_INS_RFDE] = op_rfde, + [XTENSA_INS_RFE] = op_rfe, + [XTENSA_INS_RFI] = op_rfi, + [XTENSA_INS_RFR] = op_rfr, + [XTENSA_INS_RFWO] = op_rfwo, + [XTENSA_INS_RFWU] = op_rfwu, + [XTENSA_INS_ROTW] = op_rotw, + [XTENSA_INS_ROUND_S] = op_round_s, + [XTENSA_INS_RSIL] = op_rsil, + [XTENSA_INS_RSQRT0_S] = op_rsqrt0_s, + [XTENSA_INS_RSR] = op_rsr, + [XTENSA_INS_RSYNC] = op_rsync, + [XTENSA_INS_RUR_ACCX_0] = op_rur_accx_0, + [XTENSA_INS_RUR_ACCX_1] = op_rur_accx_1, + [XTENSA_INS_RUR_AE_BITHEAD] = op_rur_ae_bithead, + [XTENSA_INS_RUR_AE_BITPTR] = op_rur_ae_bitptr, + [XTENSA_INS_RUR_AE_BITSUSED] = op_rur_ae_bitsused, + [XTENSA_INS_RUR_AE_CBEGIN0] = op_rur_ae_cbegin0, + [XTENSA_INS_RUR_AE_CEND0] = op_rur_ae_cend0, + [XTENSA_INS_RUR_AE_CWRAP] = op_rur_ae_cwrap, + [XTENSA_INS_RUR_AE_CW_SD_NO] = op_rur_ae_cw_sd_no, + [XTENSA_INS_RUR_AE_FIRST_TS] = op_rur_ae_first_ts, + [XTENSA_INS_RUR_AE_NEXTOFFSET] = op_rur_ae_nextoffset, + [XTENSA_INS_RUR_AE_OVERFLOW] = op_rur_ae_overflow, + [XTENSA_INS_RUR_AE_OVF_SAR] = op_rur_ae_ovf_sar, + [XTENSA_INS_RUR_AE_SAR] = op_rur_ae_sar, + [XTENSA_INS_RUR_AE_SEARCHDONE] = op_rur_ae_searchdone, + [XTENSA_INS_RUR_AE_TABLESIZE] = op_rur_ae_tablesize, + [XTENSA_INS_RUR_AE_TS_FTS_BU_BP] = op_rur_ae_ts_fts_bu_bp, + [XTENSA_INS_RUR_FFT_BIT_WIDTH] = op_rur_fft_bit_width, + [XTENSA_INS_RUR_GPIO_OUT] = op_rur_gpio_out, + [XTENSA_INS_RUR_QACC_H_0] = op_rur_qacc_h_0, + [XTENSA_INS_RUR_QACC_H_1] = op_rur_qacc_h_1, + [XTENSA_INS_RUR_QACC_H_2] = op_rur_qacc_h_2, + [XTENSA_INS_RUR_QACC_H_3] = op_rur_qacc_h_3, + [XTENSA_INS_RUR_QACC_H_4] = op_rur_qacc_h_4, + [XTENSA_INS_RUR_QACC_L_0] = op_rur_qacc_l_0, + [XTENSA_INS_RUR_QACC_L_1] = op_rur_qacc_l_1, + [XTENSA_INS_RUR_QACC_L_2] = op_rur_qacc_l_2, + [XTENSA_INS_RUR_QACC_L_3] = op_rur_qacc_l_3, + [XTENSA_INS_RUR_QACC_L_4] = op_rur_qacc_l_4, + [XTENSA_INS_RUR_SAR_BYTE] = op_rur_sar_byte, + [XTENSA_INS_RUR_UA_STATE_0] = op_rur_ua_state_0, + [XTENSA_INS_RUR_UA_STATE_1] = op_rur_ua_state_1, + [XTENSA_INS_RUR_UA_STATE_2] = op_rur_ua_state_2, + [XTENSA_INS_RUR_UA_STATE_3] = op_rur_ua_state_3, + [XTENSA_INS_S16I] = op_s16i, + [XTENSA_INS_S32C1I] = op_s32c1i, + [XTENSA_INS_S32E] = op_s32e, + [XTENSA_INS_S32I] = op_s32i, + [XTENSA_INS_S32I_N] = op_s32i, + [XTENSA_INS_S8I] = op_s8i, + [XTENSA_INS_SEXT] = op_sext, + [XTENSA_INS_SIMCALL] = op_simcall, + [XTENSA_INS_SLL] = op_sll, + [XTENSA_INS_SLLI] = op_slli, + [XTENSA_INS_SQRT0_S] = op_sqrt0_s, + [XTENSA_INS_SRA] = op_sra, + [XTENSA_INS_SRAI] = op_srai, + [XTENSA_INS_SRC] = op_src, + [XTENSA_INS_SRL] = op_srl, + [XTENSA_INS_SRLI] = op_srli, + [XTENSA_INS_SSA8L] = op_ssa8l, + [XTENSA_INS_SSAI] = op_ssai, + [XTENSA_INS_SSI] = op_ssi, + [XTENSA_INS_SSIP] = op_ssip, + [XTENSA_INS_SSL] = op_ssl, + [XTENSA_INS_SSR] = op_ssr, + [XTENSA_INS_SSX] = op_ssx, + [XTENSA_INS_SSXP] = op_ssxp, + [XTENSA_INS_SUB] = op_sub, + [XTENSA_INS_SUBX2] = op_subx2, + [XTENSA_INS_SUBX4] = op_subx4, + [XTENSA_INS_SUBX8] = op_subx8, + [XTENSA_INS_SUB_S] = op_sub_s, + [XTENSA_INS_SYSCALL] = op_syscall, + [XTENSA_INS_TRUNC_S] = op_trunc_s, + [XTENSA_INS_UEQ_S] = op_ueq_s, + [XTENSA_INS_UFLOAT_S] = op_ufloat_s, + [XTENSA_INS_ULE_S] = op_ule_s, + [XTENSA_INS_ULT_S] = op_ult_s, + [XTENSA_INS_UMUL_AA_HH] = op_umul_aa, + [XTENSA_INS_UMUL_AA_HL] = op_umul_aa, + [XTENSA_INS_UMUL_AA_LH] = op_umul_aa, + [XTENSA_INS_UMUL_AA_LL] = op_umul_aa, + [XTENSA_INS_UN_S] = op_un_s, + [XTENSA_INS_UTRUNC_S] = op_utrunc_s, + [XTENSA_INS_WAITI] = op_waiti, + [XTENSA_INS_WDTLB] = op_wdtlb, + [XTENSA_INS_WER] = op_wer, + [XTENSA_INS_WFR] = op_wfr, + [XTENSA_INS_WITLB] = op_witlb, + [XTENSA_INS_WSR] = op_wsr, + [XTENSA_INS_WUR_ACCX_0] = op_wur_accx_0, + [XTENSA_INS_WUR_ACCX_1] = op_wur_accx_1, + [XTENSA_INS_WUR_AE_BITHEAD] = op_wur_ae_bithead, + [XTENSA_INS_WUR_AE_BITPTR] = op_wur_ae_bitptr, + [XTENSA_INS_WUR_AE_BITSUSED] = op_wur_ae_bitsused, + [XTENSA_INS_WUR_AE_CBEGIN0] = op_wur_ae_cbegin0, + [XTENSA_INS_WUR_AE_CEND0] = op_wur_ae_cend0, + [XTENSA_INS_WUR_AE_CWRAP] = op_wur_ae_cwrap, + [XTENSA_INS_WUR_AE_CW_SD_NO] = op_wur_ae_cw_sd_no, + [XTENSA_INS_WUR_AE_FIRST_TS] = op_wur_ae_first_ts, + [XTENSA_INS_WUR_AE_NEXTOFFSET] = op_wur_ae_nextoffset, + [XTENSA_INS_WUR_AE_OVERFLOW] = op_wur_ae_overflow, + [XTENSA_INS_WUR_AE_OVF_SAR] = op_wur_ae_ovf_sar, + [XTENSA_INS_WUR_AE_SAR] = op_wur_ae_sar, + [XTENSA_INS_WUR_AE_SEARCHDONE] = op_wur_ae_searchdone, + [XTENSA_INS_WUR_AE_TABLESIZE] = op_wur_ae_tablesize, + [XTENSA_INS_WUR_AE_TS_FTS_BU_BP] = op_wur_ae_ts_fts_bu_bp, + [XTENSA_INS_WUR_FCR] = op_wur_fcr, + [XTENSA_INS_WUR_FFT_BIT_WIDTH] = op_wur_fft_bit_width, + [XTENSA_INS_WUR_FSR] = op_wur_fsr, + [XTENSA_INS_WUR_GPIO_OUT] = op_wur_gpio_out, + [XTENSA_INS_WUR_QACC_H_0] = op_wur_qacc_h_0, + [XTENSA_INS_WUR_QACC_H_1] = op_wur_qacc_h_1, + [XTENSA_INS_WUR_QACC_H_2] = op_wur_qacc_h_2, + [XTENSA_INS_WUR_QACC_H_3] = op_wur_qacc_h_3, + [XTENSA_INS_WUR_QACC_H_4] = op_wur_qacc_h_4, + [XTENSA_INS_WUR_QACC_L_0] = op_wur_qacc_l_0, + [XTENSA_INS_WUR_QACC_L_1] = op_wur_qacc_l_1, + [XTENSA_INS_WUR_QACC_L_2] = op_wur_qacc_l_2, + [XTENSA_INS_WUR_QACC_L_3] = op_wur_qacc_l_3, + [XTENSA_INS_WUR_QACC_L_4] = op_wur_qacc_l_4, + [XTENSA_INS_WUR_SAR_BYTE] = op_wur_sar_byte, + [XTENSA_INS_WUR_UA_STATE_0] = op_wur_ua_state_0, + [XTENSA_INS_WUR_UA_STATE_1] = op_wur_ua_state_1, + [XTENSA_INS_WUR_UA_STATE_2] = op_wur_ua_state_2, + [XTENSA_INS_WUR_UA_STATE_3] = op_wur_ua_state_3, + [XTENSA_INS_XOR] = op_xor, + [XTENSA_INS_XORB] = op_xorb, + [XTENSA_INS_XSR] = op_xsr, + + [XTENSA_INS__L32I] = op_l32i, + [XTENSA_INS__L32I_N] = op_l32i, + [XTENSA_INS__MOVI] = op_movi, + [XTENSA_INS__S32I] = op_s32i, + [XTENSA_INS__S32I_N] = op_s32i, + [XTENSA_INS__SLLI] = op_slli, + [XTENSA_INS__SRLI] = op_srli, + [XTENSA_INS_MV_QR] = op_nop, +}; + +void xtensa_analyze_op_rzil(XtensaContext *ctx, RzAnalysisOp *op) { + unsigned id = ctx->insn->id; + if (id >= RZ_ARRAY_SIZE(fn_tbl)) { + return; + } + + fn_analyze_op_il fn = fn_tbl[id]; + if (!fn) { + return; + } + op->il_op = fn(ctx); +} diff --git a/librz/arch/meson.build b/librz/arch/meson.build index ad531c23411..d03a269324c 100644 --- a/librz/arch/meson.build +++ b/librz/arch/meson.build @@ -338,6 +338,7 @@ if capstone_dep.version() == 'next' arch_isa_sources += [ 'isa/xtensa/xtensa.c', 'isa/xtensa/xtensa_esil.c', + 'isa/xtensa/xtensa_il.c', ] endif diff --git a/librz/arch/p/analysis/analysis_arm_cs.c b/librz/arch/p/analysis/analysis_arm_cs.c index 4a2cee72a14..91da755601c 100644 --- a/librz/arch/p/analysis/analysis_arm_cs.c +++ b/librz/arch/p/analysis/analysis_arm_cs.c @@ -1292,20 +1292,20 @@ static void anop32(RzAnalysis *a, csh handle, RzAnalysisOp *op, cs_insn *insn, b /* grab family */ #if CS_NEXT_VERSION >= 6 - if (cs_insn_group(handle, insn, ARM_FEATURE_HasAES)) { + if (cs_insn_group(handle, insn, ARM_FEATURE_HASAES)) { op->family = RZ_ANALYSIS_OP_FAMILY_CRYPTO; - } else if (cs_insn_group(handle, insn, ARM_FEATURE_HasCRC)) { + } else if (cs_insn_group(handle, insn, ARM_FEATURE_HASCRC)) { op->family = RZ_ANALYSIS_OP_FAMILY_CRYPTO; } else if (cs_insn_group(handle, insn, ARM_GRP_PRIVILEGE)) { op->family = RZ_ANALYSIS_OP_FAMILY_PRIV; - } else if (cs_insn_group(handle, insn, ARM_FEATURE_HasVirtualization)) { + } else if (cs_insn_group(handle, insn, ARM_FEATURE_HASVIRTUALIZATION)) { op->family = RZ_ANALYSIS_OP_FAMILY_VIRT; - } else if (cs_insn_group(handle, insn, ARM_FEATURE_HasNEON)) { + } else if (cs_insn_group(handle, insn, ARM_FEATURE_HASNEON)) { op->family = RZ_ANALYSIS_OP_FAMILY_MMX; - } else if (cs_insn_group(handle, insn, ARM_FEATURE_HasFPARMv8)) { + } else if (cs_insn_group(handle, insn, ARM_FEATURE_HASFPARMV8)) { op->family = RZ_ANALYSIS_OP_FAMILY_FPU; - } else if (cs_insn_group(handle, insn, ARM_FEATURE_HasDSP) && - cs_insn_group(handle, insn, ARM_FEATURE_HasDSP)) { + } else if (cs_insn_group(handle, insn, ARM_FEATURE_HASDSP) && + cs_insn_group(handle, insn, ARM_FEATURE_HASDSP)) { op->family = RZ_ANALYSIS_OP_FAMILY_MMX; } else { op->family = RZ_ANALYSIS_OP_FAMILY_CPU; diff --git a/librz/arch/p/analysis/analysis_xtensa_cs.c b/librz/arch/p/analysis/analysis_xtensa_cs.c index e3ef2f40eb5..47f5ad00006 100644 --- a/librz/arch/p/analysis/analysis_xtensa_cs.c +++ b/librz/arch/p/analysis/analysis_xtensa_cs.c @@ -7,6 +7,14 @@ #include #include +RzAnalysisILConfig *xtensa_il_config(RzAnalysis *a) { + rz_return_val_if_fail(a, NULL); + + RzAnalysisILConfig *cfg = rz_analysis_il_config_new(32, a->big_endian, 32); + // cfg->reg_bindings = xtensa_registers; + return cfg; +} + static int xtensa_archinfo(RzAnalysis *a, RzAnalysisInfoType query) { switch (query) { case RZ_ANALYSIS_ARCHINFO_MIN_OP_SIZE: @@ -58,6 +66,160 @@ static char *xtensa_get_reg_profile(RzAnalysis *analysis) { "gpr a14 .32 60 0\n" "gpr a15 .32 64 0\n" + "gpr f0 .64 76 0\n" + "gpr f1 .64 84 0\n" + "gpr f2 .64 92 0\n" + "gpr f3 .64 100 0\n" + "gpr f4 .64 108 0\n" + "gpr f5 .64 116 0\n" + "gpr f6 .64 124 0\n" + "gpr f7 .64 132 0\n" + "gpr f8 .64 140 0\n" + "gpr f9 .64 148 0\n" + "gpr f10 .64 156 0\n" + "gpr f11 .64 164 0\n" + "gpr f12 .64 172 0\n" + "gpr f13 .64 180 0\n" + "gpr f14 .64 188 0\n" + "gpr f15 .64 196 0\n" + + "gpr b0 .1 210 0\n" + "gpr b1 .1 211 0\n" + "gpr b2 .1 212 0\n" + "gpr b3 .1 213 0\n" + "gpr b4 .1 214 0\n" + "gpr b5 .1 215 0\n" + "gpr b6 .1 216 0\n" + "gpr b7 .1 217 0\n" + "gpr b8 .1 218 0\n" + "gpr b9 .1 219 0\n" + "gpr b10 .1 220 0\n" + "gpr b11 .1 221 0\n" + "gpr b12 .1 222 0\n" + "gpr b13 .1 223 0\n" + "gpr b14 .1 224 0\n" + "gpr b15 .1 225 0\n" + + /*Special Registers*/ + /*0*/ "gpr lbeg .32 226 0\n" + /*1*/ "gpr lend .32 230 0\n" + /*2*/ "gpr lcount .32 234 0\n" + /*3*/ "gpr sar .32 238 0\n" + /*4*/ "gpr br .32 242 0\n" + /*5*/ "gpr litbase .32 246 0\n" + /*12*/ "gpr scompare1 .32 274 0\n" + /*16*/ "gpr acclo .32 290 0\n" + /*17*/ "gpr acchi .32 294 0\n" + /*32*/ "gpr m0 .32 354 0\n" + /*33*/ "gpr m1 .32 358 0\n" + /*34*/ "gpr m2 .32 362 0\n" + /*35*/ "gpr m3 .32 366 0\n" + /*72*/ "gpr windowbase .32 514 0\n" + /*73*/ "gpr windowstart .32 518 0\n" + /*83*/ "gpr ptevaddr .32 546 0\n" + /*90*/ "gpr rasid .32 570 0\n" + /*91*/ "gpr itlbcfg .32 574 0\n" + /*92*/ "gpr dtlbcfg .32 578 0\n" + /*95*/ "gpr eracess .32 586 0\n" + /*96*/ "gpr ibreakenable .32 590 0\n" + /*97*/ "gpr memctl .32 594 0\n" + /*99*/ "gpr atomctl .32 602 0\n" + /*104*/ "gpr ddr .32 618 0\n" + /*106*/ "gpr mepc .32 626 0\n" + /*107*/ "gpr meps .32 630 0\n" + /*108*/ "gpr mesave .32 634 0\n" + /*109*/ "gpr mesr .32 638 0\n" + /*110*/ "gpr mecr .32 642 0\n" + /*111*/ "gpr mevaddr .32 646 0\n" + /*128*/ "gpr ibreaka0 .32 690 0\n" + /*129*/ "gpr ibreaka1 .32 694 0\n" + /*144*/ "gpr dbreaka0 .32 738 0\n" + /*145*/ "gpr dbreaka1 .32 742 0\n" + /*160*/ "gpr dbreakc0 .32 786 0\n" + /*161*/ "gpr dbreakc1 .32 790 0\n" + /*177*/ "gpr epc1 .32 934 0\n" + /*178*/ "gpr epc2 .32 938 0\n" + /*179*/ "gpr epc3 .32 942 0\n" + /*180*/ "gpr epc4 .32 946 0\n" + /*181*/ "gpr epc5 .32 950 0\n" + /*182*/ "gpr epc6 .32 954 0\n" + /*183*/ "gpr epc7 .32 958 0\n" + /*192*/ "gpr depc .32 994 0\n" + /*193*/ "gpr eps1 .32 998 0\n" + /*194*/ "gpr eps2 .32 1002 0\n" + /*195*/ "gpr eps3 .32 1006 0\n" + /*196*/ "gpr eps4 .32 1010 0\n" + /*197*/ "gpr eps5 .32 1014 0\n" + /*198*/ "gpr eps6 .32 1018 0\n" + /*199*/ "gpr eps7 .32 1022 0\n" + /*209*/ "gpr excsave1 .32 1062 0\n" + /*210*/ "gpr excsave2 .32 1066 0\n" + /*211*/ "gpr excsave3 .32 1070 0\n" + /*212*/ "gpr excsave4 .32 1074 0\n" + /*213*/ "gpr excsave5 .32 1078 0\n" + /*214*/ "gpr excsave6 .32 1082 0\n" + /*215*/ "gpr excsave7 .32 1086 0\n" + /*224*/ "gpr cpenable .32 1122 0\n" + /*226*/ "gpr interrupt .32 1126 0\n" + /*227*/ "gpr intclear .32 1130 0\n" + /*228*/ "gpr intenable .32 1134 0\n" + /*230*/ "gpr ps .32 1138 0\n" + /*231*/ "gpr vecbase .32 1142 0\n" + /*232*/ "gpr exccause .32 1146 0\n" + /*233*/ "gpr debugcause .32 1150 0\n" + /*234*/ "gpr ccount .32 1154 0\n" + /*235*/ "gpr prid .32 1158 0\n" + /*236*/ "gpr icount .32 1162 0\n" + /*237*/ "gpr icountlevel .32 1166 0\n" + /*238*/ "gpr excvaddr .32 1170 0\n" + /*240*/ "gpr ccompare0 .32 1178 0\n" + /*241*/ "gpr ccompare1 .32 1182 0\n" + /*242*/ "gpr ccompare2 .32 1186 0\n" + /*244*/ "gpr misc0 .32 1190 0\n" + /*245*/ "gpr misc1 .32 1194 0\n" + /*246*/ "gpr misc2 .32 1198 0\n" + /*247*/ "gpr misc3 .32 1202 0\n" + + "gpr ndepc .1 2000 0\n" + "gpr ResetVector .32 2004 0\n" + "gpr UserExceptionVector .32 2008 0\n" + "gpr KernelExceptionVector .32 2012 0\n" + "gpr DoubleExceptionVector .32 2016 0\n" + "gpr accx_0 .32 3000 0\n" + "gpr accx_1 .32 3004 0\n" + "gpr bithead .32 3008 0\n" + "gpr bitptr .32 3012 0\n" + "gpr bitsused .32 3016 0\n" + "gpr cbegin0 .32 3020 0\n" + "gpr cend0 .32 3024 0\n" + "gpr cwrap .32 3028 0\n" + "gpr cw_sd_no .32 3032 0\n" + "gpr first_ts .32 3036 0\n" + "gpr nextoffset .32 3040 0\n" + "gpr overflow .32 3044 0\n" + "gpr ovf_sar .32 3048 0\n" + "gpr sar .32 3052 0\n" + "gpr searchdone .32 3056 0\n" + "gpr tablesize .32 3060 0\n" + "gpr ts_fts_bu_bp .32 3064 0\n" + "gpr fft_bit_width .32 3068 0\n" + "gpr gpio_out .32 3072 0\n" + "gpr qacc_h_0 .32 3076 0\n" + "gpr qacc_h_1 .32 3080 0\n" + "gpr qacc_h_2 .32 3084 0\n" + "gpr qacc_h_3 .32 3088 0\n" + "gpr qacc_h_4 .32 3092 0\n" + "gpr qacc_l_0 .32 3096 0\n" + "gpr qacc_l_1 .32 3100 0\n" + "gpr qacc_l_2 .32 3104 0\n" + "gpr qacc_l_3 .32 3108 0\n" + "gpr qacc_l_4 .32 3112 0\n" + "gpr sar_byte .32 3116 0\n" + "gpr ua_state_0 .32 3120 0\n" + "gpr ua_state_1 .32 3124 0\n" + "gpr ua_state_2 .32 3128 0\n" + "gpr ua_state_3 .32 3132 0\n" + // pc "gpr pc .32 68 0\n" @@ -339,6 +501,10 @@ static int xtensa_op(RzAnalysis *analysis, RzAnalysisOp *op, ut64 addr, const ut xtensa_analyze_op_esil(ctx, op); } + if (mask & RZ_ANALYSIS_OP_MASK_IL) { + xtensa_analyze_op_rzil(ctx, op); + } + op->size = ctx->insn->size; op->id = ctx->insn->id; op->addr = addr; @@ -359,6 +525,7 @@ RzAnalysisPlugin rz_analysis_plugin_xtensa_cs = { .bits = 8, .op = xtensa_op, .esil = true, + .il_config = xtensa_il_config, .archinfo = xtensa_archinfo, .get_reg_profile = xtensa_get_reg_profile, .init = xtensa_init, diff --git a/librz/arch/p/asm/asm_arm_cs.c b/librz/arch/p/asm/asm_arm_cs.c index f875e3186c1..c0d13b8ace4 100644 --- a/librz/arch/p/asm/asm_arm_cs.c +++ b/librz/arch/p/asm/asm_arm_cs.c @@ -41,9 +41,9 @@ static bool check_features(RzAsm *a, cs_insn *insn) { int id = insn->detail->groups[i]; switch (id) { #if CS_NEXT_VERSION >= 6 - case ARM_FEATURE_IsARM: - case ARM_FEATURE_IsThumb: - case ARM_FEATURE_IsThumb2: + case ARM_FEATURE_ISARM: + case ARM_FEATURE_ISTHUMB: + case ARM_FEATURE_ISTHUMB2: #else case ARM_GRP_ARM: case ARM_GRP_THUMB: diff --git a/subprojects/capstone-next.wrap b/subprojects/capstone-next.wrap index 7c7ae21ede8..5c792a71734 100644 --- a/subprojects/capstone-next.wrap +++ b/subprojects/capstone-next.wrap @@ -1,6 +1,6 @@ [wrap-git] -url = https://github.com/capstone-engine/capstone.git -revision = 1ecfb5b04235539e0d94cc67b8984347be2f6a73 +url = https://github.com/Rot127/capstone.git +revision = cd14f76504568b6cbadbdecd581281e3404e1b0a directory = capstone-next patch_directory = capstone-next depth = 1 diff --git a/test/db/asm/xtensa b/test/db/asm/xtensa new file mode 100644 index 00000000000..6937bac8bb2 --- /dev/null +++ b/test/db/asm/xtensa @@ -0,0 +1,323 @@ +d "abs a1, a0" 001160 0x0 (set a1 (ite (! (sle (var a0) (bv 32 0x0))) (var a0) (~- (var a0)))) +d "abs.s f1, f2" 1012fa 0x0 (set f1 (cast 64 false (fbits (fpos (float 0 (var f2) ))))) +d "add a0, a0, a0" 000080 0x0 (set a0 (+ (var a0) (var a0))) +d "add.s f0, f0, f0" 00000a 0x0 (set f0 (cast 64 false (fbits (+. rna (float 0 (var f0) ) (float 0 (var f0) ))))) +d "add.n a0, a0, a0" 0a00 0x0 (set a0 (+ (var a0) (var a0))) +d "addexp.s f0, f1" e001fa 0x0 (seq (set FRr (| (& (var f0) (~ (<< (>> (bv 64 0xffffffffffffffff) (- (bv 32 0x40) (bv 32 0x1)) false) (bv 64 0x1f) false))) (& (<< (^ (& (>> (var f0) (bv 64 0x1f) false) (>> (bv 64 0xffffffffffffffff) (- (bv 32 0x40) (bv 32 0x1)) false)) (& (>> (var f1) (bv 64 0x1f) false) (>> (bv 64 0xffffffffffffffff) (- (bv 32 0x40) (bv 32 0x1)) false))) (bv 64 0x1f) false) (<< (>> (bv 64 0xffffffffffffffff) (- (bv 32 0x40) (bv 32 0x1)) false) (bv 64 0x1f) false)))) (set FRr (| (& (var FRr) (~ (<< (>> (bv 64 0xffffffffffffffff) (- (bv 32 0x40) (bv 32 0x8)) false) (bv 64 0x17) false))) (& (<< (- (+ (& (>> (var f0) (bv 64 0x17) false) (>> (bv 64 0xffffffffffffffff) (- (bv 32 0x40) (bv 32 0x8)) false)) (& (>> (var f1) (bv 64 0x17) false) (>> (bv 64 0xffffffffffffffff) (- (bv 32 0x40) (bv 32 0x8)) false))) (bv 64 0x7f)) (bv 64 0x17) false) (<< (>> (bv 64 0xffffffffffffffff) (- (bv 32 0x40) (bv 32 0x8)) false) (bv 64 0x17) false)))) (set f0 (var FRr))) +d "addexpm.s f1, f2" f012fa 0x0 (seq (set FRr (| (& (var f1) (~ (<< (>> (bv 64 0xffffffffffffffff) (- (bv 32 0x40) (bv 32 0x1)) false) (bv 64 0x1f) false))) (& (<< (^ (& (>> (var f1) (bv 64 0x1f) false) (>> (bv 64 0xffffffffffffffff) (- (bv 32 0x40) (bv 32 0x1)) false)) (& (>> (var f2) (bv 64 0x16) false) (>> (bv 64 0xffffffffffffffff) (- (bv 32 0x40) (bv 32 0x1)) false))) (bv 64 0x1f) false) (<< (>> (bv 64 0xffffffffffffffff) (- (bv 32 0x40) (bv 32 0x1)) false) (bv 64 0x1f) false)))) (set FRr (| (& (var FRr) (~ (<< (>> (bv 64 0xffffffffffffffff) (- (bv 32 0x40) (bv 32 0x8)) false) (bv 64 0x17) false))) (& (<< (- (+ (& (>> (var f1) (bv 64 0x17) false) (>> (bv 64 0xffffffffffffffff) (- (bv 32 0x40) (bv 32 0x8)) false)) (& (>> (var f2) (bv 64 0xe) false) (>> (bv 64 0xffffffffffffffff) (- (bv 32 0x40) (bv 32 0x8)) false))) (bv 64 0x7f)) (bv 64 0x17) false) (<< (>> (bv 64 0xffffffffffffffff) (- (bv 32 0x40) (bv 32 0x8)) false) (bv 64 0x17) false)))) (set f1 (var FRr))) +d "addi a3, a4, -1" 32c4ff 0x0 (set a3 (+ (var a4) (bv 32 0xffffffff))) +d "addi.n a2, a3, 1" 1b23 0x0 (set a2 (+ (var a3) (bv 32 0x1))) +d "addmi a3, a4, -0x100" 32d4ff 0x0 (set a3 (+ (var a4) (bv 32 0xffffff00))) +d "addx2 a2, a3, a1" 102390 0x0 (set a2 (+ (<< (var a3) (bv 32 0x1) false) (var a1))) +d "addx4 a2, a3, a1" 1023a0 0x0 (set a2 (+ (<< (var a3) (bv 32 0x2) false) (var a1))) +d "addx8 a2, a3, a1" 1023b0 0x0 (set a2 (+ (<< (var a3) (bv 32 0x3) false) (var a1))) +d "all4 b1, b4" 109400 0x0 (set b1 (&& (&& (&& (var b4) (var b5)) (var b6)) (var b7))) +d "all8 b1, b8" 10b800 0x0 (set b1 (&& (&& (&& (&& (&& (&& (&& (var b8) (var b9)) (var b10)) (var b11)) (var b12)) (var b13)) (var b14)) (var b15))) +d "and a2, a3, a1" 102310 0x0 (set a2 (& (var a3) (var a1))) +d "andb b2, b3, b1" 102302 0x0 (set b2 (&& (var b3) (var b1))) +d "andbc b2, b3, b1" 102312 0x0 (set b2 (&& (var b3) (! (var b1)))) +d "any4 b2, b4" 208400 0x0 (set b2 (|| (|| (|| (var b4) (var b5)) (var b6)) (var b7))) +d "any8 b2, b8" 20a800 0x0 (set b2 (|| (|| (|| (|| (|| (|| (|| (var b8) (var b9)) (var b10)) (var b11)) (var b12)) (var b13)) (var b14)) (var b15))) +d "ball a2, a1, . +3" 1742ff 0x0 (branch (is_zero (& (~ (var a2)) (var a1))) (jmp (bv 32 0x3)) nop) +d "bany a2, a1, . +3" 1782ff 0x0 (branch (! (is_zero (& (var a2) (var a1)))) (jmp (bv 32 0x3)) nop) +d "ball a2, a1, . +3" 1742ff 0x40000 (branch (is_zero (& (~ (var a2)) (var a1))) (jmp (bv 32 0x40003)) nop) +d "bany a2, a1, . +3" 1782ff 0x40000 (branch (! (is_zero (& (var a2) (var a1)))) (jmp (bv 32 0x40003)) nop) +d "bbc a2, a1, . +3" 1752ff 0x0 (seq (set b (^ (& (>> (var a1) (bv 32 0x0) false) (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x5)) false)) (bv 32 0x0))) (branch (is_zero (& (>> (var a2) (var b) false) (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x1)) false))) (jmp (bv 32 0x3)) nop)) +d "bbc a2, a1, . +3" 1752ff 0x40000 (seq (set b (^ (& (>> (var a1) (bv 32 0x0) false) (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x5)) false)) (bv 32 0x0))) (branch (is_zero (& (>> (var a2) (var b) false) (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x1)) false))) (jmp (bv 32 0x40003)) nop)) +d "bbci a2, 1, . +3" 1762ff 0x0 (seq (set b (^ (bv 32 0x1) (bv 32 0x0))) (branch (is_zero (& (>> (var a2) (var b) false) (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x1)) false))) (jmp (bv 32 0x3)) nop)) +d "bbci a2, 1, . +3" 1762ff 0x40000 (seq (set b (^ (bv 32 0x1) (bv 32 0x0))) (branch (is_zero (& (>> (var a2) (var b) false) (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x1)) false))) (jmp (bv 32 0x40003)) nop)) +d "beq a3, a2, . +3" 2713ff 0x0 (branch (== (var a3) (var a2)) (jmp (bv 32 0x3)) nop) +d "beq a3, a2, . +3" 2713ff 0x40000 (branch (== (var a3) (var a2)) (jmp (bv 32 0x40003)) nop) +d "beqi a4, 3, . +3" 2634ff 0x0 (branch (== (var a4) (bv 32 0x3)) (jmp (bv 32 0x3)) nop) +d "beqi a4, 3, . +3" 2634ff 0x40000 (branch (== (var a4) (bv 32 0x3)) (jmp (bv 32 0x40003)) nop) +d "beqz a2, . +3" 16f2ff 0x0 (branch (== (var a2) (bv 32 0x0)) (jmp (bv 32 0x3)) nop) +d "beqz a2, . +3" 16f2ff 0x40000 (branch (== (var a2) (bv 32 0x0)) (jmp (bv 32 0x40003)) nop) +d "bf b1, . +3" 7601ff 0x0 (branch (var b1) (jmp (bv 32 0x3)) nop) +d "bf b1, . +3" 7601ff 0x40000 (branch (var b1) (jmp (bv 32 0x40003)) nop) +d "bge a2, a1, . +3" 17a2ff 0x0 (branch (|| (! (sle (var a2) (var a1))) (== (var a2) (var a1))) (jmp (bv 32 0x3)) nop) +d "bge a2, a1, . +3" 17a2ff 0x40000 (branch (|| (! (sle (var a2) (var a1))) (== (var a2) (var a1))) (jmp (bv 32 0x40003)) nop) +d "bgei a2, 1, . +3" e612ff 0x0 (branch (|| (! (sle (var a2) (bv 32 0x1))) (== (var a2) (bv 32 0x1))) (jmp (bv 32 0x3)) nop) +d "bgei a2, 1, . +3" e612ff 0x40000 (branch (|| (! (sle (var a2) (bv 32 0x1))) (== (var a2) (bv 32 0x1))) (jmp (bv 32 0x40003)) nop) +d "bgeu a2, a1, . +3" 17b2ff 0x0 (branch (|| (! (ule (var a2) (var a1))) (== (var a2) (var a1))) (jmp (bv 32 0x3)) nop) +d "bgeu a2, a1, . +3" 17b2ff 0x40000 (branch (|| (! (ule (var a2) (var a1))) (== (var a2) (var a1))) (jmp (bv 32 0x40003)) nop) +d "bgeui a2, 0x10000, . +3" f612ff 0x0 (branch (|| (! (ule (var a2) (bv 32 0x10000))) (== (var a2) (bv 32 0x10000))) (jmp (bv 32 0x3)) nop) +d "bgeui a2, 0x10000, . +3" f612ff 0x40000 (branch (|| (! (ule (var a2) (bv 32 0x10000))) (== (var a2) (bv 32 0x10000))) (jmp (bv 32 0x40003)) nop) +d "bgez a1, . +3" d6f1ff 0x0 (branch (|| (! (sle (var a1) (bv 32 0x0))) (== (var a1) (bv 32 0x0))) (jmp (bv 32 0x3)) nop) +d "bgez a1, . +3" d6f1ff 0x40000 (branch (|| (! (sle (var a1) (bv 32 0x0))) (== (var a1) (bv 32 0x0))) (jmp (bv 32 0x40003)) nop) +d "bnall a2, a1, . +3" 17c2ff 0x0 (branch (! (is_zero (& (~ (var a2)) (var a1)))) (jmp (bv 32 0x3)) nop) +d "bnall a2, a1, . +3" 17c2ff 0x40000 (branch (! (is_zero (& (~ (var a2)) (var a1)))) (jmp (bv 32 0x40003)) nop) +d "bnone a2, a1, . +3" 1702ff 0x0 (branch (is_zero (& (var a2) (var a1))) (jmp (bv 32 0x3)) nop) +d "bnone a2, a1, . +3" 1702ff 0x40000 (branch (is_zero (& (var a2) (var a1))) (jmp (bv 32 0x40003)) nop) +d "call0 . 0" c5ffff 0x0 (seq (set a0 (bv 32 0x3)) (jmp (bv 32 0x0))) +d "call4 . 0" d5ffff 0x0 (seq (set a4 (bv 32 0x40000003)) (jmp (bv 32 0x0))) +d "call8 . 0" e5ffff 0x0 (seq (set a8 (bv 32 0x80000003)) (jmp (bv 32 0x0))) +d "call12 . 0" f5ffff 0x0 (seq (set a12 (bv 32 0xc0000003)) (jmp (bv 32 0x0))) +d "call0 . 0" c5ffff 0x40000 (seq (set a0 (bv 32 0x40003)) (jmp (bv 32 0x40000))) +d "call4 . 0" d5ffff 0x40000 (seq (set a4 (bv 32 0x40040003)) (jmp (bv 32 0x40000))) +d "call8 . 0" e5ffff 0x40000 (seq (set a8 (bv 32 0x80040003)) (jmp (bv 32 0x40000))) +d "call12 . 0" f5ffff 0x40000 (seq (set a12 (bv 32 0xc0040003)) (jmp (bv 32 0x40000))) +d "callx12 a1" f00100 0x0 (seq (set next (var a1)) (set a12 (bv 32 0x60000003)) (jmp (var next))) +d "callx8 a1" e00100 0x0 (seq (set next (var a1)) (set a8 (bv 32 0x40000003)) (jmp (var next))) +d "callx4 a1" d00100 0x0 (seq (set next (var a1)) (set a4 (bv 32 0x20000003)) (jmp (var next))) +d "callx0 a1" c00100 0x0 (seq (set next (var a1)) (set a0 (bv 32 0x3)) (jmp (var next))) +d "callx12 a1" f00100 0x40000 (seq (set next (var a1)) (set a12 (bv 32 0x60040003)) (jmp (var next))) +d "callx8 a1" e00100 0x40000 (seq (set next (var a1)) (set a8 (bv 32 0x40040003)) (jmp (var next))) +d "callx4 a1" d00100 0x40000 (seq (set next (var a1)) (set a4 (bv 32 0x20040003)) (jmp (var next))) +d "callx0 a1" c00100 0x40000 (seq (set next (var a1)) (set a0 (bv 32 0x40003)) (jmp (var next))) +d "ceil.s a1, f2, 0xf" f012ba 0x0 (set a1 (fcast_int 32 rna (float 0 (var f2) ))) +d "clamps a2, a3, 8" 102333 0x0 (seq (set low (float 0 (bv 32 0x43800000) )) (set high (float 0 (bv 32 0x437f0000) )) (set x (float 0 (var a3) )) (set a2 (fbits (ite (&& (! (|| (is_nan (var x)) (is_nan (var high)))) (<. (var high) (var x))) (var high) (ite (&& (! (|| (is_nan (var x)) (is_nan (var low)))) (<. (var x) (var low))) (var low) (var x)))))) +d "const.s f4, 3" 3043fa 0x0 (set f4 (cast 64 false (fbits (float 0 (bv 32 0x3f000000) )))) +d "div0.s f1, f2" 7012fa 0x0 (set f1 (cast 64 false (fbits (/. rna (float 0 (var f1) ) (float 0 (var f2) ))))) +d "divn.s f2, f3, f1" 10237a 0x0 (seq (set fr (float 0 (var f2) )) (set fs (float 0 (var f3) )) (set ft (float 0 (var f1) )) (set f2 (cast 64 false (fbits (+. rna (var fr) (*. rna (var fs) (fneg (var ft)))))))) +d "dsync" 302000 0x0 nop +d "entry a1, 0x7ff8" 36f1ff 0x0 nop +d "esync" 202000 0x0 nop +d "excw" 802000 0x0 nop +d "extui a2, a1, 0x13, 5" 102345 0x0 (set a2 (let at (var a1) (& (bv 32 0x3f) (let at1 (| (& (var at) (~ (<< (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x1)) false) (bv 32 0x1f) false))) (& (<< (bv 32 0x0) (bv 32 0x1f) false) (<< (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x1)) false) (bv 32 0x1f) false))) (>> (var at1) (bv 32 0x13) false))))) +d "extw" d02000 0x0 nop +d "float.s f2, a3, 1" 1023ca 0x0 (set f2 (cast 64 false (fbits (fcast_float ieee754-bin32 rna (div (var a3) (bv 32 0x0)))))) +d "floor.s a2, f3, 1" 1023aa 0x0 (set a2 (fcast_sint 32 rna (*. rna (float 0 (var f3) ) (float 0 (bv 32 0x40000000) )))) +d "isync" 002000 0x0 nop +d "jx a1" a00100 0x0 (jmp (var a1)) +d "j . +3" c6ffff 0x0 (jmp (bv 32 0x3)) +d "j . +3" c6ffff 0x40000 (jmp (bv 32 0x40003)) +d "l8ui a1, a3, 0xff" 1203ff 0x0 (set a1 (cast 32 false (load 0 (+ (var a3) (bv 32 0xff))))) +d "l16si a1, a3, 0x1fe" 1293ff 0x0 (set a1 (let mem16 (loadw 0 16 (+ (var a3) (bv 32 0x1fe))) (>> (cast 32 false (<< (cast 32 false (var mem16)) (- (- (bv 32 0x20) (bv 32 0x10)) (bv 32 0x0)) false)) (- (bv 32 0x20) (bv 32 0x10)) (msb (cast 32 false (<< (cast 32 false (var mem16)) (- (- (bv 32 0x20) (bv 32 0x10)) (bv 32 0x0)) false)))))) +d "l16ui a1, a3, 0x1fe" 1213ff 0x0 (set a1 (let mem16 (loadw 0 16 (+ (var a3) (bv 32 0x1fe))) (cast 32 false (var mem16)))) +d "l32r a2, . -4" 21ffff 0x0 (set a2 (loadw 0 32 (bv 32 0xfffffffc))) +d "l32i.n a2, a2, 0x3c" 28f2 0x0 (set a2 (loadw 0 32 (+ (var a2) (bv 32 0x3c)))) +d "l32i a1, a3, 0x3fc" 1223ff 0x0 (set a1 (loadw 0 32 (+ (var a3) (bv 32 0x3fc)))) +d "l32e a1, a3, -0x38" 102309 0x0 (set a1 (loadw 0 32 (+ (var a3) (bv 32 0xffffffc8)))) +d "lddec m3, a2" 043290 0x0 (seq (set vAddr (- (var a2) (bv 32 0x4))) (set m3 (loadw 0 32 (var vAddr))) (set a2 (var vAddr))) +d "ldinc m2, a1" 042180 0x0 (seq (set vAddr (+ (var a1) (bv 32 0x4))) (set m2 (loadw 0 32 (var vAddr))) (set a1 (var vAddr))) +d "loop a1, . +0x103" 7681ff 0x0 (seq (set lcount (- (var a1) (bv 32 0x1))) (set lbeg (bv 32 0x3)) (set lend (bv 32 0x103))) +d "loopgtz a1, . +0x103" 76a1ff 0x0 (seq (set lcount (- (var a1) (bv 32 0x1))) (set lbeg (bv 32 0x3)) (set lend (bv 32 0x103)) (branch (sle (var a1) (bv 32 0x0)) (jmp (bv 32 0x103)) nop)) +d "loopnez a1, . +0x103" 7691ff 0x0 (seq (set lcount (- (var a1) (bv 32 0x1))) (set lbeg (bv 32 0x3)) (set lend (bv 32 0x103)) (branch (== (var a1) (bv 32 0x0)) (jmp (bv 32 0x103)) nop)) +d "lsi f1, a2, 0x3fc" 1302ff 0x0 (seq (set vAddr (+ (var a2) (bv 32 0x3fc))) (set memVal (loadw 0 32 (var vAddr))) (set f1 (cast 64 false (var memVal)))) +d "lsip f1, a2, 0x3fc" 1382ff 0x0 (seq (set vAddr (var a2)) (set memVal (loadw 0 32 (var vAddr))) (set f1 (cast 64 false (var memVal))) (set a2 (+ (var vAddr) (bv 32 0x3fc)))) +d "lsx f2, a3, a1" 102308 0x0 (seq (set vAddr (+ (var a3) (var a1))) (set memVal (loadw 0 32 (var vAddr))) (set f2 (cast 64 false (var memVal)))) +d "lsxp f2, a3, a1" 102318 0x0 (seq (set vAddr (var a3)) (set memVal (loadw 0 32 (var vAddr))) (set f2 (cast 64 false (var memVal))) (set a3 (+ (var vAddr) (var a1)))) +d "maddn.s f2, f3, f1" 10236a 0x0 (seq (set fr (float 0 (var f2) )) (set fs (float 0 (var f3) )) (set ft (float 0 (var f1) )) (set fres (+. rna (var fr) (*. rna (var fs) (var ft)))) (set f2 (cast 64 false (fbits (var fres))))) +d "madd.s f2, f3, f1" 10234a 0x0 (seq (set fr (float 0 (var f2) )) (set fs (float 0 (var f3) )) (set ft (float 0 (var f1) )) (set fres (+. rna (var fr) (*. rna (var fs) (var ft)))) (set f2 (cast 64 false (fbits (var fres))))) +d "max a2, a3, a1" 102353 0x0 (set a2 (ite (&& (sle (var a3) (var a1)) (! (== (var a3) (var a1)))) (var a1) (var a3))) +d "maxu a2, a3, a1" 102373 0x0 (set a2 (ite (&& (ule (var a3) (var a1)) (! (== (var a3) (var a1)))) (var a1) (var a3))) +d "min a2, a3, a1" 102343 0x0 (set a2 (ite (! (sle (var a3) (var a1))) (var a1) (var a3))) +d "minu a2, a3, a1" 102363 0x0 (set a2 (ite (! (ule (var a3) (var a1))) (var a1) (var a3))) +d "memw" c02000 0x0 nop +d "moveqz a2, a3, a1" 102383 0x0 (branch (== (var a1) (bv 32 0x0)) (set a2 (var a3)) nop) +d "moveqz.s f2, f3, a1" 10238b 0x0 (branch (== (var a1) (bv 32 0x0)) (set f2 (var f3)) nop) +d "movf a2, a3, b1" 1023c3 0x0 (branch (! (var b1)) (set a2 (var a3)) nop) +d "movf.s f2, f3, b1" 1023cb 0x0 (branch (! (var b1)) (set f2 (var f3)) nop) +d "movgez a2, a3, a1" 1023b3 0x0 (branch (|| (! (sle (var a1) (bv 32 0x0))) (== (var a1) (bv 32 0x0))) (set a2 (var a3)) nop) +d "movgez.s f2, f3, a1" 1023bb 0x0 (branch (|| (! (sle (var a1) (bv 32 0x0))) (== (var a1) (bv 32 0x0))) (set f2 (var f3)) nop) +d "movi a1, -1" 12afff 0x0 (set a1 (bv 32 0xffffffff)) +d "movi.n a1, 0x3f" 3cf1 0x0 (set a1 (bv 32 0x3f)) +d "movltz a2, a3, a1" 1023a3 0x0 (branch (&& (sle (var a1) (bv 32 0x0)) (! (== (var a1) (bv 32 0x0)))) (set a2 (var a3)) nop) +d "movltz.s f2, f3, a1" 1023ab 0x0 (branch (&& (sle (var a1) (bv 32 0x0)) (! (== (var a1) (bv 32 0x0)))) (set f2 (var f3)) nop) +d "movnez a2, a3, a1" 102393 0x0 (branch (! (== (var a1) (bv 32 0x0))) (set a2 (var a3)) nop) +d "movnez.s f2, f3, a1" 10239b 0x0 (branch (! (== (var a1) (bv 32 0x0))) (set f2 (var f3)) nop) +d "movsp a1, a2" 101200 0x0 (set a1 (var a2)) +d "movt a2, a3, b1" 1023d3 0x0 (branch (var b1) (set a2 (var a3)) nop) +d "movt.s f2, f3, b1" 1023db 0x0 (branch (var b1) (set f2 (var f3)) nop) +d "msub.s f2, f3, f1" 10235a 0x0 (seq (set fr (float 0 (var f2) )) (set fs (float 0 (var f3) )) (set ft (float 0 (var f1) )) (set fres (-. rna (var fr) (*. rna (var fs) (var ft)))) (set f2 (cast 64 false (fbits (var fres))))) +d "mul.aa.ll a2, a1" 140274 0x0 (seq (set m1 (& (>> (var a2) (bv 32 0x0) false) (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x10)) false))) (set m2 (& (>> (var a1) (bv 32 0x0) false) (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x10)) false))) (set acc (let sm1 (>> (cast 64 false (<< (var m1) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)) (- (bv 32 0x40) (bv 32 0x10)) (msb (cast 64 false (<< (var m1) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)))) (let sm2 (>> (cast 64 false (<< (var m2) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)) (- (bv 32 0x40) (bv 32 0x10)) (msb (cast 64 false (<< (var m2) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)))) (* (var sm1) (var sm2))))) (set acclo (cast 32 false (& (>> (var acc) (bv 32 0x0) false) (>> (bv 64 0xffffffffffffffff) (- (bv 32 0x40) (bv 32 0x20)) false)))) (set acchi (cast 32 false (& (>> (var acc) (bv 32 0x20) false) (>> (bv 64 0xffffffffffffffff) (- (bv 32 0x40) (bv 32 0x20)) false))))) +d "mul.aa.hl a2, a1" 140275 0x0 (seq (set m1 (& (>> (var a2) (bv 32 0x10) false) (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x10)) false))) (set m2 (& (>> (var a1) (bv 32 0x0) false) (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x10)) false))) (set acc (let sm1 (>> (cast 64 false (<< (var m1) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)) (- (bv 32 0x40) (bv 32 0x10)) (msb (cast 64 false (<< (var m1) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)))) (let sm2 (>> (cast 64 false (<< (var m2) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)) (- (bv 32 0x40) (bv 32 0x10)) (msb (cast 64 false (<< (var m2) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)))) (* (var sm1) (var sm2))))) (set acclo (cast 32 false (& (>> (var acc) (bv 32 0x0) false) (>> (bv 64 0xffffffffffffffff) (- (bv 32 0x40) (bv 32 0x20)) false)))) (set acchi (cast 32 false (& (>> (var acc) (bv 32 0x20) false) (>> (bv 64 0xffffffffffffffff) (- (bv 32 0x40) (bv 32 0x20)) false))))) +d "mul.aa.lh a2, a1" 140276 0x0 (seq (set m1 (& (>> (var a2) (bv 32 0x0) false) (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x10)) false))) (set m2 (& (>> (var a1) (bv 32 0x10) false) (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x10)) false))) (set acc (let sm1 (>> (cast 64 false (<< (var m1) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)) (- (bv 32 0x40) (bv 32 0x10)) (msb (cast 64 false (<< (var m1) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)))) (let sm2 (>> (cast 64 false (<< (var m2) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)) (- (bv 32 0x40) (bv 32 0x10)) (msb (cast 64 false (<< (var m2) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)))) (* (var sm1) (var sm2))))) (set acclo (cast 32 false (& (>> (var acc) (bv 32 0x0) false) (>> (bv 64 0xffffffffffffffff) (- (bv 32 0x40) (bv 32 0x20)) false)))) (set acchi (cast 32 false (& (>> (var acc) (bv 32 0x20) false) (>> (bv 64 0xffffffffffffffff) (- (bv 32 0x40) (bv 32 0x20)) false))))) +d "mul.aa.hh a2, a1" 140277 0x0 (seq (set m1 (& (>> (var a2) (bv 32 0x10) false) (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x10)) false))) (set m2 (& (>> (var a1) (bv 32 0x10) false) (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x10)) false))) (set acc (let sm1 (>> (cast 64 false (<< (var m1) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)) (- (bv 32 0x40) (bv 32 0x10)) (msb (cast 64 false (<< (var m1) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)))) (let sm2 (>> (cast 64 false (<< (var m2) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)) (- (bv 32 0x40) (bv 32 0x10)) (msb (cast 64 false (<< (var m2) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)))) (* (var sm1) (var sm2))))) (set acclo (cast 32 false (& (>> (var acc) (bv 32 0x0) false) (>> (bv 64 0xffffffffffffffff) (- (bv 32 0x40) (bv 32 0x20)) false)))) (set acchi (cast 32 false (& (>> (var acc) (bv 32 0x20) false) (>> (bv 64 0xffffffffffffffff) (- (bv 32 0x40) (bv 32 0x20)) false))))) +d "mul.ad.ll a2, m3" 440234 0x0 (seq (set m1 (& (>> (var a2) (bv 32 0x0) false) (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x10)) false))) (set m2 (& (>> (var m3) (bv 32 0x0) false) (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x10)) false))) (set acc (let sm1 (>> (cast 64 false (<< (var m1) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)) (- (bv 32 0x40) (bv 32 0x10)) (msb (cast 64 false (<< (var m1) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)))) (let sm2 (>> (cast 64 false (<< (var m2) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)) (- (bv 32 0x40) (bv 32 0x10)) (msb (cast 64 false (<< (var m2) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)))) (* (var sm1) (var sm2))))) (set acclo (cast 32 false (& (>> (var acc) (bv 32 0x0) false) (>> (bv 64 0xffffffffffffffff) (- (bv 32 0x40) (bv 32 0x20)) false)))) (set acchi (cast 32 false (& (>> (var acc) (bv 32 0x20) false) (>> (bv 64 0xffffffffffffffff) (- (bv 32 0x40) (bv 32 0x20)) false))))) +d "mul.ad.hl a2, m3" 440235 0x0 (seq (set m1 (& (>> (var a2) (bv 32 0x10) false) (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x10)) false))) (set m2 (& (>> (var m3) (bv 32 0x0) false) (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x10)) false))) (set acc (let sm1 (>> (cast 64 false (<< (var m1) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)) (- (bv 32 0x40) (bv 32 0x10)) (msb (cast 64 false (<< (var m1) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)))) (let sm2 (>> (cast 64 false (<< (var m2) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)) (- (bv 32 0x40) (bv 32 0x10)) (msb (cast 64 false (<< (var m2) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)))) (* (var sm1) (var sm2))))) (set acclo (cast 32 false (& (>> (var acc) (bv 32 0x0) false) (>> (bv 64 0xffffffffffffffff) (- (bv 32 0x40) (bv 32 0x20)) false)))) (set acchi (cast 32 false (& (>> (var acc) (bv 32 0x20) false) (>> (bv 64 0xffffffffffffffff) (- (bv 32 0x40) (bv 32 0x20)) false))))) +d "mul.ad.lh a2, m3" 440236 0x0 (seq (set m1 (& (>> (var a2) (bv 32 0x0) false) (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x10)) false))) (set m2 (& (>> (var m3) (bv 32 0x10) false) (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x10)) false))) (set acc (let sm1 (>> (cast 64 false (<< (var m1) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)) (- (bv 32 0x40) (bv 32 0x10)) (msb (cast 64 false (<< (var m1) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)))) (let sm2 (>> (cast 64 false (<< (var m2) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)) (- (bv 32 0x40) (bv 32 0x10)) (msb (cast 64 false (<< (var m2) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)))) (* (var sm1) (var sm2))))) (set acclo (cast 32 false (& (>> (var acc) (bv 32 0x0) false) (>> (bv 64 0xffffffffffffffff) (- (bv 32 0x40) (bv 32 0x20)) false)))) (set acchi (cast 32 false (& (>> (var acc) (bv 32 0x20) false) (>> (bv 64 0xffffffffffffffff) (- (bv 32 0x40) (bv 32 0x20)) false))))) +d "mul.ad.hh a2, m3" 440237 0x0 (seq (set m1 (& (>> (var a2) (bv 32 0x10) false) (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x10)) false))) (set m2 (& (>> (var m3) (bv 32 0x10) false) (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x10)) false))) (set acc (let sm1 (>> (cast 64 false (<< (var m1) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)) (- (bv 32 0x40) (bv 32 0x10)) (msb (cast 64 false (<< (var m1) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)))) (let sm2 (>> (cast 64 false (<< (var m2) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)) (- (bv 32 0x40) (bv 32 0x10)) (msb (cast 64 false (<< (var m2) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)))) (* (var sm1) (var sm2))))) (set acclo (cast 32 false (& (>> (var acc) (bv 32 0x0) false) (>> (bv 64 0xffffffffffffffff) (- (bv 32 0x40) (bv 32 0x20)) false)))) (set acchi (cast 32 false (& (>> (var acc) (bv 32 0x20) false) (>> (bv 64 0xffffffffffffffff) (- (bv 32 0x40) (bv 32 0x20)) false))))) +d "mul.ad.ll a2, m2" 040234 0x0 (seq (set m1 (& (>> (var a2) (bv 32 0x0) false) (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x10)) false))) (set m2 (& (>> (var m2) (bv 32 0x0) false) (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x10)) false))) (set acc (let sm1 (>> (cast 64 false (<< (var m1) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)) (- (bv 32 0x40) (bv 32 0x10)) (msb (cast 64 false (<< (var m1) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)))) (let sm2 (>> (cast 64 false (<< (var m2) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)) (- (bv 32 0x40) (bv 32 0x10)) (msb (cast 64 false (<< (var m2) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)))) (* (var sm1) (var sm2))))) (set acclo (cast 32 false (& (>> (var acc) (bv 32 0x0) false) (>> (bv 64 0xffffffffffffffff) (- (bv 32 0x40) (bv 32 0x20)) false)))) (set acchi (cast 32 false (& (>> (var acc) (bv 32 0x20) false) (>> (bv 64 0xffffffffffffffff) (- (bv 32 0x40) (bv 32 0x20)) false))))) +d "mul.ad.hl a2, m2" 040235 0x0 (seq (set m1 (& (>> (var a2) (bv 32 0x10) false) (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x10)) false))) (set m2 (& (>> (var m2) (bv 32 0x0) false) (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x10)) false))) (set acc (let sm1 (>> (cast 64 false (<< (var m1) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)) (- (bv 32 0x40) (bv 32 0x10)) (msb (cast 64 false (<< (var m1) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)))) (let sm2 (>> (cast 64 false (<< (var m2) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)) (- (bv 32 0x40) (bv 32 0x10)) (msb (cast 64 false (<< (var m2) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)))) (* (var sm1) (var sm2))))) (set acclo (cast 32 false (& (>> (var acc) (bv 32 0x0) false) (>> (bv 64 0xffffffffffffffff) (- (bv 32 0x40) (bv 32 0x20)) false)))) (set acchi (cast 32 false (& (>> (var acc) (bv 32 0x20) false) (>> (bv 64 0xffffffffffffffff) (- (bv 32 0x40) (bv 32 0x20)) false))))) +d "mul.ad.lh a2, m2" 040236 0x0 (seq (set m1 (& (>> (var a2) (bv 32 0x0) false) (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x10)) false))) (set m2 (& (>> (var m2) (bv 32 0x10) false) (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x10)) false))) (set acc (let sm1 (>> (cast 64 false (<< (var m1) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)) (- (bv 32 0x40) (bv 32 0x10)) (msb (cast 64 false (<< (var m1) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)))) (let sm2 (>> (cast 64 false (<< (var m2) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)) (- (bv 32 0x40) (bv 32 0x10)) (msb (cast 64 false (<< (var m2) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)))) (* (var sm1) (var sm2))))) (set acclo (cast 32 false (& (>> (var acc) (bv 32 0x0) false) (>> (bv 64 0xffffffffffffffff) (- (bv 32 0x40) (bv 32 0x20)) false)))) (set acchi (cast 32 false (& (>> (var acc) (bv 32 0x20) false) (>> (bv 64 0xffffffffffffffff) (- (bv 32 0x40) (bv 32 0x20)) false))))) +d "mul.ad.hh a2, m2" 040237 0x0 (seq (set m1 (& (>> (var a2) (bv 32 0x10) false) (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x10)) false))) (set m2 (& (>> (var m2) (bv 32 0x10) false) (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x10)) false))) (set acc (let sm1 (>> (cast 64 false (<< (var m1) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)) (- (bv 32 0x40) (bv 32 0x10)) (msb (cast 64 false (<< (var m1) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)))) (let sm2 (>> (cast 64 false (<< (var m2) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)) (- (bv 32 0x40) (bv 32 0x10)) (msb (cast 64 false (<< (var m2) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)))) (* (var sm1) (var sm2))))) (set acclo (cast 32 false (& (>> (var acc) (bv 32 0x0) false) (>> (bv 64 0xffffffffffffffff) (- (bv 32 0x40) (bv 32 0x20)) false)))) (set acchi (cast 32 false (& (>> (var acc) (bv 32 0x20) false) (>> (bv 64 0xffffffffffffffff) (- (bv 32 0x40) (bv 32 0x20)) false))))) +d "mul.dd.ll m0, m2" 040024 0x0 (seq (set m1 (& (>> (var m0) (bv 32 0x0) false) (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x10)) false))) (set m2 (& (>> (var m2) (bv 32 0x0) false) (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x10)) false))) (set acc (let sm1 (>> (cast 64 false (<< (var m1) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)) (- (bv 32 0x40) (bv 32 0x10)) (msb (cast 64 false (<< (var m1) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)))) (let sm2 (>> (cast 64 false (<< (var m2) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)) (- (bv 32 0x40) (bv 32 0x10)) (msb (cast 64 false (<< (var m2) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)))) (* (var sm1) (var sm2))))) (set acclo (cast 32 false (& (>> (var acc) (bv 32 0x0) false) (>> (bv 64 0xffffffffffffffff) (- (bv 32 0x40) (bv 32 0x20)) false)))) (set acchi (cast 32 false (& (>> (var acc) (bv 32 0x20) false) (>> (bv 64 0xffffffffffffffff) (- (bv 32 0x40) (bv 32 0x20)) false))))) +d "mul.dd.hl m0, m2" 040025 0x0 (seq (set m1 (& (>> (var m0) (bv 32 0x10) false) (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x10)) false))) (set m2 (& (>> (var m2) (bv 32 0x0) false) (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x10)) false))) (set acc (let sm1 (>> (cast 64 false (<< (var m1) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)) (- (bv 32 0x40) (bv 32 0x10)) (msb (cast 64 false (<< (var m1) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)))) (let sm2 (>> (cast 64 false (<< (var m2) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)) (- (bv 32 0x40) (bv 32 0x10)) (msb (cast 64 false (<< (var m2) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)))) (* (var sm1) (var sm2))))) (set acclo (cast 32 false (& (>> (var acc) (bv 32 0x0) false) (>> (bv 64 0xffffffffffffffff) (- (bv 32 0x40) (bv 32 0x20)) false)))) (set acchi (cast 32 false (& (>> (var acc) (bv 32 0x20) false) (>> (bv 64 0xffffffffffffffff) (- (bv 32 0x40) (bv 32 0x20)) false))))) +d "mul.dd.lh m0, m2" 040026 0x0 (seq (set m1 (& (>> (var m0) (bv 32 0x0) false) (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x10)) false))) (set m2 (& (>> (var m2) (bv 32 0x10) false) (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x10)) false))) (set acc (let sm1 (>> (cast 64 false (<< (var m1) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)) (- (bv 32 0x40) (bv 32 0x10)) (msb (cast 64 false (<< (var m1) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)))) (let sm2 (>> (cast 64 false (<< (var m2) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)) (- (bv 32 0x40) (bv 32 0x10)) (msb (cast 64 false (<< (var m2) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)))) (* (var sm1) (var sm2))))) (set acclo (cast 32 false (& (>> (var acc) (bv 32 0x0) false) (>> (bv 64 0xffffffffffffffff) (- (bv 32 0x40) (bv 32 0x20)) false)))) (set acchi (cast 32 false (& (>> (var acc) (bv 32 0x20) false) (>> (bv 64 0xffffffffffffffff) (- (bv 32 0x40) (bv 32 0x20)) false))))) +d "mul.dd.hh m0, m2" 040027 0x0 (seq (set m1 (& (>> (var m0) (bv 32 0x10) false) (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x10)) false))) (set m2 (& (>> (var m2) (bv 32 0x10) false) (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x10)) false))) (set acc (let sm1 (>> (cast 64 false (<< (var m1) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)) (- (bv 32 0x40) (bv 32 0x10)) (msb (cast 64 false (<< (var m1) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)))) (let sm2 (>> (cast 64 false (<< (var m2) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)) (- (bv 32 0x40) (bv 32 0x10)) (msb (cast 64 false (<< (var m2) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)))) (* (var sm1) (var sm2))))) (set acclo (cast 32 false (& (>> (var acc) (bv 32 0x0) false) (>> (bv 64 0xffffffffffffffff) (- (bv 32 0x40) (bv 32 0x20)) false)))) (set acchi (cast 32 false (& (>> (var acc) (bv 32 0x20) false) (>> (bv 64 0xffffffffffffffff) (- (bv 32 0x40) (bv 32 0x20)) false))))) +d "mul.dd.ll m1, m3" 444024 0x0 (seq (set m1 (& (>> (var m1) (bv 32 0x0) false) (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x10)) false))) (set m2 (& (>> (var m3) (bv 32 0x0) false) (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x10)) false))) (set acc (let sm1 (>> (cast 64 false (<< (var m1) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)) (- (bv 32 0x40) (bv 32 0x10)) (msb (cast 64 false (<< (var m1) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)))) (let sm2 (>> (cast 64 false (<< (var m2) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)) (- (bv 32 0x40) (bv 32 0x10)) (msb (cast 64 false (<< (var m2) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)))) (* (var sm1) (var sm2))))) (set acclo (cast 32 false (& (>> (var acc) (bv 32 0x0) false) (>> (bv 64 0xffffffffffffffff) (- (bv 32 0x40) (bv 32 0x20)) false)))) (set acchi (cast 32 false (& (>> (var acc) (bv 32 0x20) false) (>> (bv 64 0xffffffffffffffff) (- (bv 32 0x40) (bv 32 0x20)) false))))) +d "mul.dd.hl m1, m3" 444025 0x0 (seq (set m1 (& (>> (var m1) (bv 32 0x10) false) (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x10)) false))) (set m2 (& (>> (var m3) (bv 32 0x0) false) (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x10)) false))) (set acc (let sm1 (>> (cast 64 false (<< (var m1) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)) (- (bv 32 0x40) (bv 32 0x10)) (msb (cast 64 false (<< (var m1) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)))) (let sm2 (>> (cast 64 false (<< (var m2) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)) (- (bv 32 0x40) (bv 32 0x10)) (msb (cast 64 false (<< (var m2) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)))) (* (var sm1) (var sm2))))) (set acclo (cast 32 false (& (>> (var acc) (bv 32 0x0) false) (>> (bv 64 0xffffffffffffffff) (- (bv 32 0x40) (bv 32 0x20)) false)))) (set acchi (cast 32 false (& (>> (var acc) (bv 32 0x20) false) (>> (bv 64 0xffffffffffffffff) (- (bv 32 0x40) (bv 32 0x20)) false))))) +d "mul.dd.lh m1, m3" 444026 0x0 (seq (set m1 (& (>> (var m1) (bv 32 0x0) false) (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x10)) false))) (set m2 (& (>> (var m3) (bv 32 0x10) false) (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x10)) false))) (set acc (let sm1 (>> (cast 64 false (<< (var m1) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)) (- (bv 32 0x40) (bv 32 0x10)) (msb (cast 64 false (<< (var m1) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)))) (let sm2 (>> (cast 64 false (<< (var m2) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)) (- (bv 32 0x40) (bv 32 0x10)) (msb (cast 64 false (<< (var m2) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)))) (* (var sm1) (var sm2))))) (set acclo (cast 32 false (& (>> (var acc) (bv 32 0x0) false) (>> (bv 64 0xffffffffffffffff) (- (bv 32 0x40) (bv 32 0x20)) false)))) (set acchi (cast 32 false (& (>> (var acc) (bv 32 0x20) false) (>> (bv 64 0xffffffffffffffff) (- (bv 32 0x40) (bv 32 0x20)) false))))) +d "mul.dd.hh m1, m3" 444027 0x0 (seq (set m1 (& (>> (var m1) (bv 32 0x10) false) (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x10)) false))) (set m2 (& (>> (var m3) (bv 32 0x10) false) (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x10)) false))) (set acc (let sm1 (>> (cast 64 false (<< (var m1) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)) (- (bv 32 0x40) (bv 32 0x10)) (msb (cast 64 false (<< (var m1) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)))) (let sm2 (>> (cast 64 false (<< (var m2) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)) (- (bv 32 0x40) (bv 32 0x10)) (msb (cast 64 false (<< (var m2) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)))) (* (var sm1) (var sm2))))) (set acclo (cast 32 false (& (>> (var acc) (bv 32 0x0) false) (>> (bv 64 0xffffffffffffffff) (- (bv 32 0x40) (bv 32 0x20)) false)))) (set acchi (cast 32 false (& (>> (var acc) (bv 32 0x20) false) (>> (bv 64 0xffffffffffffffff) (- (bv 32 0x40) (bv 32 0x20)) false))))) +d "mul.s f2, f3, f1" 10232a 0x0 (seq (set frs (float 0 (var f3) )) (set frt (float 0 (var f1) )) (set f2 (cast 64 false (fbits (*. rna (var frs) (var frt)))))) +d "mul16u a2, a3, a1" 1023c1 0x0 (seq (set ars (& (>> (var a3) (bv 32 0x0) false) (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x10)) false))) (set art (& (>> (var a1) (bv 32 0x0) false) (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x10)) false))) (set a2 (* (var ars) (var art)))) +d "mul16s a2, a3, a1" 1023d1 0x0 (seq (set ars (>> (cast 32 false (<< (var a3) (- (- (bv 32 0x20) (bv 32 0x10)) (bv 32 0x0)) false)) (- (bv 32 0x20) (bv 32 0x10)) (msb (cast 32 false (<< (var a3) (- (- (bv 32 0x20) (bv 32 0x10)) (bv 32 0x0)) false))))) (set art (>> (cast 32 false (<< (var a1) (- (- (bv 32 0x20) (bv 32 0x10)) (bv 32 0x0)) false)) (- (bv 32 0x20) (bv 32 0x10)) (msb (cast 32 false (<< (var a1) (- (- (bv 32 0x20) (bv 32 0x10)) (bv 32 0x0)) false))))) (set a2 (* (var ars) (var art)))) +d "mula.aa.ll a2, a1" 140278 0x0 (seq (set m1 (& (>> (var a2) (bv 32 0x0) false) (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x10)) false))) (set m2 (& (>> (var a1) (bv 32 0x0) false) (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x10)) false))) (set acc (append (var acchi) (var acclo))) (set acc (let sm1 (>> (cast 64 false (<< (var m1) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)) (- (bv 32 0x40) (bv 32 0x10)) (msb (cast 64 false (<< (var m1) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)))) (let sm2 (>> (cast 64 false (<< (var m2) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)) (- (bv 32 0x40) (bv 32 0x10)) (msb (cast 64 false (<< (var m2) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)))) (+ (var acc) (* (var sm1) (var sm2)))))) (set acclo (cast 32 false (& (>> (var acc) (bv 32 0x0) false) (>> (bv 64 0xffffffffffffffff) (- (bv 32 0x40) (bv 32 0x20)) false)))) (set acchi (cast 32 false (& (>> (var acc) (bv 32 0x20) false) (>> (bv 64 0xffffffffffffffff) (- (bv 32 0x40) (bv 32 0x20)) false))))) +d "mula.aa.hl a2, a1" 140279 0x0 (seq (set m1 (& (>> (var a2) (bv 32 0x10) false) (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x10)) false))) (set m2 (& (>> (var a1) (bv 32 0x0) false) (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x10)) false))) (set acc (append (var acchi) (var acclo))) (set acc (let sm1 (>> (cast 64 false (<< (var m1) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)) (- (bv 32 0x40) (bv 32 0x10)) (msb (cast 64 false (<< (var m1) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)))) (let sm2 (>> (cast 64 false (<< (var m2) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)) (- (bv 32 0x40) (bv 32 0x10)) (msb (cast 64 false (<< (var m2) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)))) (+ (var acc) (* (var sm1) (var sm2)))))) (set acclo (cast 32 false (& (>> (var acc) (bv 32 0x0) false) (>> (bv 64 0xffffffffffffffff) (- (bv 32 0x40) (bv 32 0x20)) false)))) (set acchi (cast 32 false (& (>> (var acc) (bv 32 0x20) false) (>> (bv 64 0xffffffffffffffff) (- (bv 32 0x40) (bv 32 0x20)) false))))) +d "mula.aa.lh a2, a1" 14027a 0x0 (seq (set m1 (& (>> (var a2) (bv 32 0x0) false) (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x10)) false))) (set m2 (& (>> (var a1) (bv 32 0x10) false) (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x10)) false))) (set acc (append (var acchi) (var acclo))) (set acc (let sm1 (>> (cast 64 false (<< (var m1) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)) (- (bv 32 0x40) (bv 32 0x10)) (msb (cast 64 false (<< (var m1) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)))) (let sm2 (>> (cast 64 false (<< (var m2) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)) (- (bv 32 0x40) (bv 32 0x10)) (msb (cast 64 false (<< (var m2) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)))) (+ (var acc) (* (var sm1) (var sm2)))))) (set acclo (cast 32 false (& (>> (var acc) (bv 32 0x0) false) (>> (bv 64 0xffffffffffffffff) (- (bv 32 0x40) (bv 32 0x20)) false)))) (set acchi (cast 32 false (& (>> (var acc) (bv 32 0x20) false) (>> (bv 64 0xffffffffffffffff) (- (bv 32 0x40) (bv 32 0x20)) false))))) +d "mula.aa.hh a2, a1" 14027b 0x0 (seq (set m1 (& (>> (var a2) (bv 32 0x10) false) (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x10)) false))) (set m2 (& (>> (var a1) (bv 32 0x10) false) (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x10)) false))) (set acc (append (var acchi) (var acclo))) (set acc (let sm1 (>> (cast 64 false (<< (var m1) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)) (- (bv 32 0x40) (bv 32 0x10)) (msb (cast 64 false (<< (var m1) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)))) (let sm2 (>> (cast 64 false (<< (var m2) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)) (- (bv 32 0x40) (bv 32 0x10)) (msb (cast 64 false (<< (var m2) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)))) (+ (var acc) (* (var sm1) (var sm2)))))) (set acclo (cast 32 false (& (>> (var acc) (bv 32 0x0) false) (>> (bv 64 0xffffffffffffffff) (- (bv 32 0x40) (bv 32 0x20)) false)))) (set acchi (cast 32 false (& (>> (var acc) (bv 32 0x20) false) (>> (bv 64 0xffffffffffffffff) (- (bv 32 0x40) (bv 32 0x20)) false))))) +d "mula.ad.ll a0, m2" 040038 0x0 (seq (set m1 (& (>> (var a0) (bv 32 0x0) false) (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x10)) false))) (set m2 (& (>> (var m2) (bv 32 0x0) false) (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x10)) false))) (set acc (append (var acchi) (var acclo))) (set acc (let sm1 (>> (cast 64 false (<< (var m1) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)) (- (bv 32 0x40) (bv 32 0x10)) (msb (cast 64 false (<< (var m1) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)))) (let sm2 (>> (cast 64 false (<< (var m2) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)) (- (bv 32 0x40) (bv 32 0x10)) (msb (cast 64 false (<< (var m2) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)))) (+ (var acc) (* (var sm1) (var sm2)))))) (set acclo (cast 32 false (& (>> (var acc) (bv 32 0x0) false) (>> (bv 64 0xffffffffffffffff) (- (bv 32 0x40) (bv 32 0x20)) false)))) (set acchi (cast 32 false (& (>> (var acc) (bv 32 0x20) false) (>> (bv 64 0xffffffffffffffff) (- (bv 32 0x40) (bv 32 0x20)) false))))) +d "mula.ad.hl a0, m2" 040039 0x0 (seq (set m1 (& (>> (var a0) (bv 32 0x10) false) (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x10)) false))) (set m2 (& (>> (var m2) (bv 32 0x0) false) (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x10)) false))) (set acc (append (var acchi) (var acclo))) (set acc (let sm1 (>> (cast 64 false (<< (var m1) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)) (- (bv 32 0x40) (bv 32 0x10)) (msb (cast 64 false (<< (var m1) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)))) (let sm2 (>> (cast 64 false (<< (var m2) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)) (- (bv 32 0x40) (bv 32 0x10)) (msb (cast 64 false (<< (var m2) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)))) (+ (var acc) (* (var sm1) (var sm2)))))) (set acclo (cast 32 false (& (>> (var acc) (bv 32 0x0) false) (>> (bv 64 0xffffffffffffffff) (- (bv 32 0x40) (bv 32 0x20)) false)))) (set acchi (cast 32 false (& (>> (var acc) (bv 32 0x20) false) (>> (bv 64 0xffffffffffffffff) (- (bv 32 0x40) (bv 32 0x20)) false))))) +d "mula.ad.lh a0, m2" 04003a 0x0 (seq (set m1 (& (>> (var a0) (bv 32 0x0) false) (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x10)) false))) (set m2 (& (>> (var m2) (bv 32 0x10) false) (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x10)) false))) (set acc (append (var acchi) (var acclo))) (set acc (let sm1 (>> (cast 64 false (<< (var m1) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)) (- (bv 32 0x40) (bv 32 0x10)) (msb (cast 64 false (<< (var m1) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)))) (let sm2 (>> (cast 64 false (<< (var m2) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)) (- (bv 32 0x40) (bv 32 0x10)) (msb (cast 64 false (<< (var m2) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)))) (+ (var acc) (* (var sm1) (var sm2)))))) (set acclo (cast 32 false (& (>> (var acc) (bv 32 0x0) false) (>> (bv 64 0xffffffffffffffff) (- (bv 32 0x40) (bv 32 0x20)) false)))) (set acchi (cast 32 false (& (>> (var acc) (bv 32 0x20) false) (>> (bv 64 0xffffffffffffffff) (- (bv 32 0x40) (bv 32 0x20)) false))))) +d "mula.ad.hh a0, m2" 04003b 0x0 (seq (set m1 (& (>> (var a0) (bv 32 0x10) false) (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x10)) false))) (set m2 (& (>> (var m2) (bv 32 0x10) false) (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x10)) false))) (set acc (append (var acchi) (var acclo))) (set acc (let sm1 (>> (cast 64 false (<< (var m1) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)) (- (bv 32 0x40) (bv 32 0x10)) (msb (cast 64 false (<< (var m1) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)))) (let sm2 (>> (cast 64 false (<< (var m2) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)) (- (bv 32 0x40) (bv 32 0x10)) (msb (cast 64 false (<< (var m2) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)))) (+ (var acc) (* (var sm1) (var sm2)))))) (set acclo (cast 32 false (& (>> (var acc) (bv 32 0x0) false) (>> (bv 64 0xffffffffffffffff) (- (bv 32 0x40) (bv 32 0x20)) false)))) (set acchi (cast 32 false (& (>> (var acc) (bv 32 0x20) false) (>> (bv 64 0xffffffffffffffff) (- (bv 32 0x40) (bv 32 0x20)) false))))) +d "mula.da.ll m0, a1" 140068 0x0 (seq (set m1 (& (>> (var m0) (bv 32 0x0) false) (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x10)) false))) (set m2 (& (>> (var a1) (bv 32 0x0) false) (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x10)) false))) (set acc (append (var acchi) (var acclo))) (set acc (let sm1 (>> (cast 64 false (<< (var m1) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)) (- (bv 32 0x40) (bv 32 0x10)) (msb (cast 64 false (<< (var m1) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)))) (let sm2 (>> (cast 64 false (<< (var m2) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)) (- (bv 32 0x40) (bv 32 0x10)) (msb (cast 64 false (<< (var m2) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)))) (+ (var acc) (* (var sm1) (var sm2)))))) (set acclo (cast 32 false (& (>> (var acc) (bv 32 0x0) false) (>> (bv 64 0xffffffffffffffff) (- (bv 32 0x40) (bv 32 0x20)) false)))) (set acchi (cast 32 false (& (>> (var acc) (bv 32 0x20) false) (>> (bv 64 0xffffffffffffffff) (- (bv 32 0x40) (bv 32 0x20)) false))))) +d "mula.da.hl m0, a1" 140069 0x0 (seq (set m1 (& (>> (var m0) (bv 32 0x10) false) (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x10)) false))) (set m2 (& (>> (var a1) (bv 32 0x0) false) (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x10)) false))) (set acc (append (var acchi) (var acclo))) (set acc (let sm1 (>> (cast 64 false (<< (var m1) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)) (- (bv 32 0x40) (bv 32 0x10)) (msb (cast 64 false (<< (var m1) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)))) (let sm2 (>> (cast 64 false (<< (var m2) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)) (- (bv 32 0x40) (bv 32 0x10)) (msb (cast 64 false (<< (var m2) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)))) (+ (var acc) (* (var sm1) (var sm2)))))) (set acclo (cast 32 false (& (>> (var acc) (bv 32 0x0) false) (>> (bv 64 0xffffffffffffffff) (- (bv 32 0x40) (bv 32 0x20)) false)))) (set acchi (cast 32 false (& (>> (var acc) (bv 32 0x20) false) (>> (bv 64 0xffffffffffffffff) (- (bv 32 0x40) (bv 32 0x20)) false))))) +d "mula.da.lh m0, a1" 14006a 0x0 (seq (set m1 (& (>> (var m0) (bv 32 0x0) false) (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x10)) false))) (set m2 (& (>> (var a1) (bv 32 0x10) false) (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x10)) false))) (set acc (append (var acchi) (var acclo))) (set acc (let sm1 (>> (cast 64 false (<< (var m1) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)) (- (bv 32 0x40) (bv 32 0x10)) (msb (cast 64 false (<< (var m1) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)))) (let sm2 (>> (cast 64 false (<< (var m2) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)) (- (bv 32 0x40) (bv 32 0x10)) (msb (cast 64 false (<< (var m2) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)))) (+ (var acc) (* (var sm1) (var sm2)))))) (set acclo (cast 32 false (& (>> (var acc) (bv 32 0x0) false) (>> (bv 64 0xffffffffffffffff) (- (bv 32 0x40) (bv 32 0x20)) false)))) (set acchi (cast 32 false (& (>> (var acc) (bv 32 0x20) false) (>> (bv 64 0xffffffffffffffff) (- (bv 32 0x40) (bv 32 0x20)) false))))) +d "mula.da.hh m0, a1" 14006b 0x0 (seq (set m1 (& (>> (var m0) (bv 32 0x10) false) (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x10)) false))) (set m2 (& (>> (var a1) (bv 32 0x10) false) (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x10)) false))) (set acc (append (var acchi) (var acclo))) (set acc (let sm1 (>> (cast 64 false (<< (var m1) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)) (- (bv 32 0x40) (bv 32 0x10)) (msb (cast 64 false (<< (var m1) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)))) (let sm2 (>> (cast 64 false (<< (var m2) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)) (- (bv 32 0x40) (bv 32 0x10)) (msb (cast 64 false (<< (var m2) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)))) (+ (var acc) (* (var sm1) (var sm2)))))) (set acclo (cast 32 false (& (>> (var acc) (bv 32 0x0) false) (>> (bv 64 0xffffffffffffffff) (- (bv 32 0x40) (bv 32 0x20)) false)))) (set acchi (cast 32 false (& (>> (var acc) (bv 32 0x20) false) (>> (bv 64 0xffffffffffffffff) (- (bv 32 0x40) (bv 32 0x20)) false))))) +d "mula.dd.ll m0, m2" 040028 0x0 (seq (set m1 (& (>> (var m0) (bv 32 0x0) false) (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x10)) false))) (set m2 (& (>> (var m2) (bv 32 0x0) false) (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x10)) false))) (set acc (append (var acchi) (var acclo))) (set acc (let sm1 (>> (cast 64 false (<< (var m1) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)) (- (bv 32 0x40) (bv 32 0x10)) (msb (cast 64 false (<< (var m1) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)))) (let sm2 (>> (cast 64 false (<< (var m2) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)) (- (bv 32 0x40) (bv 32 0x10)) (msb (cast 64 false (<< (var m2) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)))) (+ (var acc) (* (var sm1) (var sm2)))))) (set acclo (cast 32 false (& (>> (var acc) (bv 32 0x0) false) (>> (bv 64 0xffffffffffffffff) (- (bv 32 0x40) (bv 32 0x20)) false)))) (set acchi (cast 32 false (& (>> (var acc) (bv 32 0x20) false) (>> (bv 64 0xffffffffffffffff) (- (bv 32 0x40) (bv 32 0x20)) false))))) +d "mula.dd.hl m0, m2" 040029 0x0 (seq (set m1 (& (>> (var m0) (bv 32 0x10) false) (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x10)) false))) (set m2 (& (>> (var m2) (bv 32 0x0) false) (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x10)) false))) (set acc (append (var acchi) (var acclo))) (set acc (let sm1 (>> (cast 64 false (<< (var m1) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)) (- (bv 32 0x40) (bv 32 0x10)) (msb (cast 64 false (<< (var m1) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)))) (let sm2 (>> (cast 64 false (<< (var m2) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)) (- (bv 32 0x40) (bv 32 0x10)) (msb (cast 64 false (<< (var m2) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)))) (+ (var acc) (* (var sm1) (var sm2)))))) (set acclo (cast 32 false (& (>> (var acc) (bv 32 0x0) false) (>> (bv 64 0xffffffffffffffff) (- (bv 32 0x40) (bv 32 0x20)) false)))) (set acchi (cast 32 false (& (>> (var acc) (bv 32 0x20) false) (>> (bv 64 0xffffffffffffffff) (- (bv 32 0x40) (bv 32 0x20)) false))))) +d "mula.dd.lh m0, m2" 04002a 0x0 (seq (set m1 (& (>> (var m0) (bv 32 0x0) false) (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x10)) false))) (set m2 (& (>> (var m2) (bv 32 0x10) false) (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x10)) false))) (set acc (append (var acchi) (var acclo))) (set acc (let sm1 (>> (cast 64 false (<< (var m1) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)) (- (bv 32 0x40) (bv 32 0x10)) (msb (cast 64 false (<< (var m1) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)))) (let sm2 (>> (cast 64 false (<< (var m2) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)) (- (bv 32 0x40) (bv 32 0x10)) (msb (cast 64 false (<< (var m2) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)))) (+ (var acc) (* (var sm1) (var sm2)))))) (set acclo (cast 32 false (& (>> (var acc) (bv 32 0x0) false) (>> (bv 64 0xffffffffffffffff) (- (bv 32 0x40) (bv 32 0x20)) false)))) (set acchi (cast 32 false (& (>> (var acc) (bv 32 0x20) false) (>> (bv 64 0xffffffffffffffff) (- (bv 32 0x40) (bv 32 0x20)) false))))) +d "mula.dd.hh m0, m2" 04002b 0x0 (seq (set m1 (& (>> (var m0) (bv 32 0x10) false) (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x10)) false))) (set m2 (& (>> (var m2) (bv 32 0x10) false) (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x10)) false))) (set acc (append (var acchi) (var acclo))) (set acc (let sm1 (>> (cast 64 false (<< (var m1) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)) (- (bv 32 0x40) (bv 32 0x10)) (msb (cast 64 false (<< (var m1) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)))) (let sm2 (>> (cast 64 false (<< (var m2) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)) (- (bv 32 0x40) (bv 32 0x10)) (msb (cast 64 false (<< (var m2) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)))) (+ (var acc) (* (var sm1) (var sm2)))))) (set acclo (cast 32 false (& (>> (var acc) (bv 32 0x0) false) (>> (bv 64 0xffffffffffffffff) (- (bv 32 0x40) (bv 32 0x20)) false)))) (set acchi (cast 32 false (& (>> (var acc) (bv 32 0x20) false) (>> (bv 64 0xffffffffffffffff) (- (bv 32 0x40) (bv 32 0x20)) false))))) +d "mula.da.ll.lddec m0, a2, m0, a1" 140258 0x0 (seq (set m1 (& (>> (var m0) (bv 32 0x0) false) (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x10)) false))) (set m2 (& (>> (var a1) (bv 32 0x0) false) (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x10)) false))) (set acc (append (var acchi) (var acclo))) (set acc (let sm1 (>> (cast 64 false (<< (var m1) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)) (- (bv 32 0x40) (bv 32 0x10)) (msb (cast 64 false (<< (var m1) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)))) (let sm2 (>> (cast 64 false (<< (var m2) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)) (- (bv 32 0x40) (bv 32 0x10)) (msb (cast 64 false (<< (var m2) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)))) (+ (var acc) (* (var sm1) (var sm2)))))) (set acclo (cast 32 false (& (>> (var acc) (bv 32 0x0) false) (>> (bv 64 0xffffffffffffffff) (- (bv 32 0x40) (bv 32 0x20)) false)))) (set acchi (cast 32 false (& (>> (var acc) (bv 32 0x20) false) (>> (bv 64 0xffffffffffffffff) (- (bv 32 0x40) (bv 32 0x20)) false)))) (set vAddr (- (var a2) (bv 32 0x4))) (set m0 (loadw 0 32 (var vAddr))) (set a2 (var vAddr))) +d "mula.da.hl.lddec m0, a2, m0, a1" 140259 0x0 (seq (set m1 (& (>> (var m0) (bv 32 0x10) false) (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x10)) false))) (set m2 (& (>> (var a1) (bv 32 0x0) false) (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x10)) false))) (set acc (append (var acchi) (var acclo))) (set acc (let sm1 (>> (cast 64 false (<< (var m1) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)) (- (bv 32 0x40) (bv 32 0x10)) (msb (cast 64 false (<< (var m1) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)))) (let sm2 (>> (cast 64 false (<< (var m2) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)) (- (bv 32 0x40) (bv 32 0x10)) (msb (cast 64 false (<< (var m2) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)))) (+ (var acc) (* (var sm1) (var sm2)))))) (set acclo (cast 32 false (& (>> (var acc) (bv 32 0x0) false) (>> (bv 64 0xffffffffffffffff) (- (bv 32 0x40) (bv 32 0x20)) false)))) (set acchi (cast 32 false (& (>> (var acc) (bv 32 0x20) false) (>> (bv 64 0xffffffffffffffff) (- (bv 32 0x40) (bv 32 0x20)) false)))) (set vAddr (- (var a2) (bv 32 0x4))) (set m0 (loadw 0 32 (var vAddr))) (set a2 (var vAddr))) +d "mula.da.lh.lddec m0, a2, m0, a1" 14025a 0x0 (seq (set m1 (& (>> (var m0) (bv 32 0x0) false) (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x10)) false))) (set m2 (& (>> (var a1) (bv 32 0x10) false) (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x10)) false))) (set acc (append (var acchi) (var acclo))) (set acc (let sm1 (>> (cast 64 false (<< (var m1) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)) (- (bv 32 0x40) (bv 32 0x10)) (msb (cast 64 false (<< (var m1) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)))) (let sm2 (>> (cast 64 false (<< (var m2) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)) (- (bv 32 0x40) (bv 32 0x10)) (msb (cast 64 false (<< (var m2) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)))) (+ (var acc) (* (var sm1) (var sm2)))))) (set acclo (cast 32 false (& (>> (var acc) (bv 32 0x0) false) (>> (bv 64 0xffffffffffffffff) (- (bv 32 0x40) (bv 32 0x20)) false)))) (set acchi (cast 32 false (& (>> (var acc) (bv 32 0x20) false) (>> (bv 64 0xffffffffffffffff) (- (bv 32 0x40) (bv 32 0x20)) false)))) (set vAddr (- (var a2) (bv 32 0x4))) (set m0 (loadw 0 32 (var vAddr))) (set a2 (var vAddr))) +d "mula.da.hh.lddec m0, a2, m0, a1" 14025b 0x0 (seq (set m1 (& (>> (var m0) (bv 32 0x10) false) (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x10)) false))) (set m2 (& (>> (var a1) (bv 32 0x10) false) (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x10)) false))) (set acc (append (var acchi) (var acclo))) (set acc (let sm1 (>> (cast 64 false (<< (var m1) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)) (- (bv 32 0x40) (bv 32 0x10)) (msb (cast 64 false (<< (var m1) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)))) (let sm2 (>> (cast 64 false (<< (var m2) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)) (- (bv 32 0x40) (bv 32 0x10)) (msb (cast 64 false (<< (var m2) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)))) (+ (var acc) (* (var sm1) (var sm2)))))) (set acclo (cast 32 false (& (>> (var acc) (bv 32 0x0) false) (>> (bv 64 0xffffffffffffffff) (- (bv 32 0x40) (bv 32 0x20)) false)))) (set acchi (cast 32 false (& (>> (var acc) (bv 32 0x20) false) (>> (bv 64 0xffffffffffffffff) (- (bv 32 0x40) (bv 32 0x20)) false)))) (set vAddr (- (var a2) (bv 32 0x4))) (set m0 (loadw 0 32 (var vAddr))) (set a2 (var vAddr))) +d "mula.da.ll.ldinc m0, a2, m0, a1" 140248 0x0 (seq (set m1 (& (>> (var m0) (bv 32 0x0) false) (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x10)) false))) (set m2 (& (>> (var a1) (bv 32 0x0) false) (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x10)) false))) (set acc (append (var acchi) (var acclo))) (set acc (let sm1 (>> (cast 64 false (<< (var m1) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)) (- (bv 32 0x40) (bv 32 0x10)) (msb (cast 64 false (<< (var m1) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)))) (let sm2 (>> (cast 64 false (<< (var m2) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)) (- (bv 32 0x40) (bv 32 0x10)) (msb (cast 64 false (<< (var m2) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)))) (+ (var acc) (* (var sm1) (var sm2)))))) (set acclo (cast 32 false (& (>> (var acc) (bv 32 0x0) false) (>> (bv 64 0xffffffffffffffff) (- (bv 32 0x40) (bv 32 0x20)) false)))) (set acchi (cast 32 false (& (>> (var acc) (bv 32 0x20) false) (>> (bv 64 0xffffffffffffffff) (- (bv 32 0x40) (bv 32 0x20)) false)))) (set vAddr (+ (var a2) (bv 32 0x4))) (set m0 (loadw 0 32 (var vAddr))) (set a2 (var vAddr))) +d "mula.da.hl.ldinc m0, a2, m0, a1" 140249 0x0 (seq (set m1 (& (>> (var m0) (bv 32 0x10) false) (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x10)) false))) (set m2 (& (>> (var a1) (bv 32 0x0) false) (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x10)) false))) (set acc (append (var acchi) (var acclo))) (set acc (let sm1 (>> (cast 64 false (<< (var m1) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)) (- (bv 32 0x40) (bv 32 0x10)) (msb (cast 64 false (<< (var m1) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)))) (let sm2 (>> (cast 64 false (<< (var m2) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)) (- (bv 32 0x40) (bv 32 0x10)) (msb (cast 64 false (<< (var m2) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)))) (+ (var acc) (* (var sm1) (var sm2)))))) (set acclo (cast 32 false (& (>> (var acc) (bv 32 0x0) false) (>> (bv 64 0xffffffffffffffff) (- (bv 32 0x40) (bv 32 0x20)) false)))) (set acchi (cast 32 false (& (>> (var acc) (bv 32 0x20) false) (>> (bv 64 0xffffffffffffffff) (- (bv 32 0x40) (bv 32 0x20)) false)))) (set vAddr (+ (var a2) (bv 32 0x4))) (set m0 (loadw 0 32 (var vAddr))) (set a2 (var vAddr))) +d "mula.da.lh.ldinc m0, a2, m0, a1" 14024a 0x0 (seq (set m1 (& (>> (var m0) (bv 32 0x0) false) (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x10)) false))) (set m2 (& (>> (var a1) (bv 32 0x10) false) (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x10)) false))) (set acc (append (var acchi) (var acclo))) (set acc (let sm1 (>> (cast 64 false (<< (var m1) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)) (- (bv 32 0x40) (bv 32 0x10)) (msb (cast 64 false (<< (var m1) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)))) (let sm2 (>> (cast 64 false (<< (var m2) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)) (- (bv 32 0x40) (bv 32 0x10)) (msb (cast 64 false (<< (var m2) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)))) (+ (var acc) (* (var sm1) (var sm2)))))) (set acclo (cast 32 false (& (>> (var acc) (bv 32 0x0) false) (>> (bv 64 0xffffffffffffffff) (- (bv 32 0x40) (bv 32 0x20)) false)))) (set acchi (cast 32 false (& (>> (var acc) (bv 32 0x20) false) (>> (bv 64 0xffffffffffffffff) (- (bv 32 0x40) (bv 32 0x20)) false)))) (set vAddr (+ (var a2) (bv 32 0x4))) (set m0 (loadw 0 32 (var vAddr))) (set a2 (var vAddr))) +d "mula.da.hh.ldinc m0, a2, m0, a1" 14024b 0x0 (seq (set m1 (& (>> (var m0) (bv 32 0x10) false) (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x10)) false))) (set m2 (& (>> (var a1) (bv 32 0x10) false) (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x10)) false))) (set acc (append (var acchi) (var acclo))) (set acc (let sm1 (>> (cast 64 false (<< (var m1) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)) (- (bv 32 0x40) (bv 32 0x10)) (msb (cast 64 false (<< (var m1) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)))) (let sm2 (>> (cast 64 false (<< (var m2) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)) (- (bv 32 0x40) (bv 32 0x10)) (msb (cast 64 false (<< (var m2) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)))) (+ (var acc) (* (var sm1) (var sm2)))))) (set acclo (cast 32 false (& (>> (var acc) (bv 32 0x0) false) (>> (bv 64 0xffffffffffffffff) (- (bv 32 0x40) (bv 32 0x20)) false)))) (set acchi (cast 32 false (& (>> (var acc) (bv 32 0x20) false) (>> (bv 64 0xffffffffffffffff) (- (bv 32 0x40) (bv 32 0x20)) false)))) (set vAddr (+ (var a2) (bv 32 0x4))) (set m0 (loadw 0 32 (var vAddr))) (set a2 (var vAddr))) +d "mula.dd.ll.lddec m0, a1, m0, m2" 040118 0x0 (seq (set m1 (& (>> (var m0) (bv 32 0x0) false) (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x10)) false))) (set m2 (& (>> (var m2) (bv 32 0x0) false) (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x10)) false))) (set acc (append (var acchi) (var acclo))) (set acc (let sm1 (>> (cast 64 false (<< (var m1) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)) (- (bv 32 0x40) (bv 32 0x10)) (msb (cast 64 false (<< (var m1) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)))) (let sm2 (>> (cast 64 false (<< (var m2) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)) (- (bv 32 0x40) (bv 32 0x10)) (msb (cast 64 false (<< (var m2) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)))) (+ (var acc) (* (var sm1) (var sm2)))))) (set acclo (cast 32 false (& (>> (var acc) (bv 32 0x0) false) (>> (bv 64 0xffffffffffffffff) (- (bv 32 0x40) (bv 32 0x20)) false)))) (set acchi (cast 32 false (& (>> (var acc) (bv 32 0x20) false) (>> (bv 64 0xffffffffffffffff) (- (bv 32 0x40) (bv 32 0x20)) false)))) (set vAddr (- (var a1) (bv 32 0x4))) (set m0 (loadw 0 32 (var vAddr))) (set a1 (var vAddr))) +d "mula.dd.hl.lddec m0, a1, m0, m2" 040119 0x0 (seq (set m1 (& (>> (var m0) (bv 32 0x10) false) (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x10)) false))) (set m2 (& (>> (var m2) (bv 32 0x0) false) (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x10)) false))) (set acc (append (var acchi) (var acclo))) (set acc (let sm1 (>> (cast 64 false (<< (var m1) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)) (- (bv 32 0x40) (bv 32 0x10)) (msb (cast 64 false (<< (var m1) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)))) (let sm2 (>> (cast 64 false (<< (var m2) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)) (- (bv 32 0x40) (bv 32 0x10)) (msb (cast 64 false (<< (var m2) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)))) (+ (var acc) (* (var sm1) (var sm2)))))) (set acclo (cast 32 false (& (>> (var acc) (bv 32 0x0) false) (>> (bv 64 0xffffffffffffffff) (- (bv 32 0x40) (bv 32 0x20)) false)))) (set acchi (cast 32 false (& (>> (var acc) (bv 32 0x20) false) (>> (bv 64 0xffffffffffffffff) (- (bv 32 0x40) (bv 32 0x20)) false)))) (set vAddr (- (var a1) (bv 32 0x4))) (set m0 (loadw 0 32 (var vAddr))) (set a1 (var vAddr))) +d "mula.dd.lh.lddec m0, a1, m0, m2" 04011a 0x0 (seq (set m1 (& (>> (var m0) (bv 32 0x0) false) (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x10)) false))) (set m2 (& (>> (var m2) (bv 32 0x10) false) (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x10)) false))) (set acc (append (var acchi) (var acclo))) (set acc (let sm1 (>> (cast 64 false (<< (var m1) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)) (- (bv 32 0x40) (bv 32 0x10)) (msb (cast 64 false (<< (var m1) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)))) (let sm2 (>> (cast 64 false (<< (var m2) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)) (- (bv 32 0x40) (bv 32 0x10)) (msb (cast 64 false (<< (var m2) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)))) (+ (var acc) (* (var sm1) (var sm2)))))) (set acclo (cast 32 false (& (>> (var acc) (bv 32 0x0) false) (>> (bv 64 0xffffffffffffffff) (- (bv 32 0x40) (bv 32 0x20)) false)))) (set acchi (cast 32 false (& (>> (var acc) (bv 32 0x20) false) (>> (bv 64 0xffffffffffffffff) (- (bv 32 0x40) (bv 32 0x20)) false)))) (set vAddr (- (var a1) (bv 32 0x4))) (set m0 (loadw 0 32 (var vAddr))) (set a1 (var vAddr))) +d "mula.dd.hh.lddec m0, a1, m0, m2" 04011b 0x0 (seq (set m1 (& (>> (var m0) (bv 32 0x10) false) (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x10)) false))) (set m2 (& (>> (var m2) (bv 32 0x10) false) (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x10)) false))) (set acc (append (var acchi) (var acclo))) (set acc (let sm1 (>> (cast 64 false (<< (var m1) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)) (- (bv 32 0x40) (bv 32 0x10)) (msb (cast 64 false (<< (var m1) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)))) (let sm2 (>> (cast 64 false (<< (var m2) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)) (- (bv 32 0x40) (bv 32 0x10)) (msb (cast 64 false (<< (var m2) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)))) (+ (var acc) (* (var sm1) (var sm2)))))) (set acclo (cast 32 false (& (>> (var acc) (bv 32 0x0) false) (>> (bv 64 0xffffffffffffffff) (- (bv 32 0x40) (bv 32 0x20)) false)))) (set acchi (cast 32 false (& (>> (var acc) (bv 32 0x20) false) (>> (bv 64 0xffffffffffffffff) (- (bv 32 0x40) (bv 32 0x20)) false)))) (set vAddr (- (var a1) (bv 32 0x4))) (set m0 (loadw 0 32 (var vAddr))) (set a1 (var vAddr))) +d "mula.dd.ll.ldinc m0, a1, m0, m2" 040108 0x0 (seq (set m1 (& (>> (var m0) (bv 32 0x0) false) (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x10)) false))) (set m2 (& (>> (var m2) (bv 32 0x0) false) (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x10)) false))) (set acc (append (var acchi) (var acclo))) (set acc (let sm1 (>> (cast 64 false (<< (var m1) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)) (- (bv 32 0x40) (bv 32 0x10)) (msb (cast 64 false (<< (var m1) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)))) (let sm2 (>> (cast 64 false (<< (var m2) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)) (- (bv 32 0x40) (bv 32 0x10)) (msb (cast 64 false (<< (var m2) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)))) (+ (var acc) (* (var sm1) (var sm2)))))) (set acclo (cast 32 false (& (>> (var acc) (bv 32 0x0) false) (>> (bv 64 0xffffffffffffffff) (- (bv 32 0x40) (bv 32 0x20)) false)))) (set acchi (cast 32 false (& (>> (var acc) (bv 32 0x20) false) (>> (bv 64 0xffffffffffffffff) (- (bv 32 0x40) (bv 32 0x20)) false)))) (set vAddr (+ (var a1) (bv 32 0x4))) (set m0 (loadw 0 32 (var vAddr))) (set a1 (var vAddr))) +d "mula.dd.hl.ldinc m0, a1, m0, m2" 040109 0x0 (seq (set m1 (& (>> (var m0) (bv 32 0x10) false) (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x10)) false))) (set m2 (& (>> (var m2) (bv 32 0x0) false) (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x10)) false))) (set acc (append (var acchi) (var acclo))) (set acc (let sm1 (>> (cast 64 false (<< (var m1) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)) (- (bv 32 0x40) (bv 32 0x10)) (msb (cast 64 false (<< (var m1) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)))) (let sm2 (>> (cast 64 false (<< (var m2) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)) (- (bv 32 0x40) (bv 32 0x10)) (msb (cast 64 false (<< (var m2) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)))) (+ (var acc) (* (var sm1) (var sm2)))))) (set acclo (cast 32 false (& (>> (var acc) (bv 32 0x0) false) (>> (bv 64 0xffffffffffffffff) (- (bv 32 0x40) (bv 32 0x20)) false)))) (set acchi (cast 32 false (& (>> (var acc) (bv 32 0x20) false) (>> (bv 64 0xffffffffffffffff) (- (bv 32 0x40) (bv 32 0x20)) false)))) (set vAddr (+ (var a1) (bv 32 0x4))) (set m0 (loadw 0 32 (var vAddr))) (set a1 (var vAddr))) +d "mula.dd.lh.ldinc m0, a1, m0, m2" 04010a 0x0 (seq (set m1 (& (>> (var m0) (bv 32 0x0) false) (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x10)) false))) (set m2 (& (>> (var m2) (bv 32 0x10) false) (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x10)) false))) (set acc (append (var acchi) (var acclo))) (set acc (let sm1 (>> (cast 64 false (<< (var m1) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)) (- (bv 32 0x40) (bv 32 0x10)) (msb (cast 64 false (<< (var m1) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)))) (let sm2 (>> (cast 64 false (<< (var m2) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)) (- (bv 32 0x40) (bv 32 0x10)) (msb (cast 64 false (<< (var m2) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)))) (+ (var acc) (* (var sm1) (var sm2)))))) (set acclo (cast 32 false (& (>> (var acc) (bv 32 0x0) false) (>> (bv 64 0xffffffffffffffff) (- (bv 32 0x40) (bv 32 0x20)) false)))) (set acchi (cast 32 false (& (>> (var acc) (bv 32 0x20) false) (>> (bv 64 0xffffffffffffffff) (- (bv 32 0x40) (bv 32 0x20)) false)))) (set vAddr (+ (var a1) (bv 32 0x4))) (set m0 (loadw 0 32 (var vAddr))) (set a1 (var vAddr))) +d "mula.dd.hh.ldinc m0, a1, m0, m2" 04010b 0x0 (seq (set m1 (& (>> (var m0) (bv 32 0x10) false) (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x10)) false))) (set m2 (& (>> (var m2) (bv 32 0x10) false) (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x10)) false))) (set acc (append (var acchi) (var acclo))) (set acc (let sm1 (>> (cast 64 false (<< (var m1) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)) (- (bv 32 0x40) (bv 32 0x10)) (msb (cast 64 false (<< (var m1) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)))) (let sm2 (>> (cast 64 false (<< (var m2) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)) (- (bv 32 0x40) (bv 32 0x10)) (msb (cast 64 false (<< (var m2) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)))) (+ (var acc) (* (var sm1) (var sm2)))))) (set acclo (cast 32 false (& (>> (var acc) (bv 32 0x0) false) (>> (bv 64 0xffffffffffffffff) (- (bv 32 0x40) (bv 32 0x20)) false)))) (set acchi (cast 32 false (& (>> (var acc) (bv 32 0x20) false) (>> (bv 64 0xffffffffffffffff) (- (bv 32 0x40) (bv 32 0x20)) false)))) (set vAddr (+ (var a1) (bv 32 0x4))) (set m0 (loadw 0 32 (var vAddr))) (set a1 (var vAddr))) +d "mull a2, a3, a1" 102382 0x0 (seq (set ars (cast 64 false (var a3))) (set art (cast 64 false (var a1))) (set a2 (cast 32 false (* (var ars) (var art))))) +d "muls.aa.ll a2, a1" 14027c 0x0 (seq (set m1 (& (>> (var a2) (bv 32 0x0) false) (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x10)) false))) (set m2 (& (>> (var a1) (bv 32 0x0) false) (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x10)) false))) (set acc (append (var acchi) (var acclo))) (set acc (let sm1 (>> (cast 64 false (<< (var m1) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)) (- (bv 32 0x40) (bv 32 0x10)) (msb (cast 64 false (<< (var m1) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)))) (let sm2 (>> (cast 64 false (<< (var m2) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)) (- (bv 32 0x40) (bv 32 0x10)) (msb (cast 64 false (<< (var m2) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)))) (- (var acc) (* (var sm1) (var sm2)))))) (set acclo (cast 32 false (& (>> (var acc) (bv 32 0x0) false) (>> (bv 64 0xffffffffffffffff) (- (bv 32 0x40) (bv 32 0x20)) false)))) (set acchi (cast 32 false (& (>> (var acc) (bv 32 0x20) false) (>> (bv 64 0xffffffffffffffff) (- (bv 32 0x40) (bv 32 0x20)) false))))) +d "muls.aa.hl a2, a1" 14027d 0x0 (seq (set m1 (& (>> (var a2) (bv 32 0x10) false) (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x10)) false))) (set m2 (& (>> (var a1) (bv 32 0x0) false) (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x10)) false))) (set acc (append (var acchi) (var acclo))) (set acc (let sm1 (>> (cast 64 false (<< (var m1) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)) (- (bv 32 0x40) (bv 32 0x10)) (msb (cast 64 false (<< (var m1) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)))) (let sm2 (>> (cast 64 false (<< (var m2) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)) (- (bv 32 0x40) (bv 32 0x10)) (msb (cast 64 false (<< (var m2) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)))) (- (var acc) (* (var sm1) (var sm2)))))) (set acclo (cast 32 false (& (>> (var acc) (bv 32 0x0) false) (>> (bv 64 0xffffffffffffffff) (- (bv 32 0x40) (bv 32 0x20)) false)))) (set acchi (cast 32 false (& (>> (var acc) (bv 32 0x20) false) (>> (bv 64 0xffffffffffffffff) (- (bv 32 0x40) (bv 32 0x20)) false))))) +d "muls.aa.lh a2, a1" 14027e 0x0 (seq (set m1 (& (>> (var a2) (bv 32 0x0) false) (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x10)) false))) (set m2 (& (>> (var a1) (bv 32 0x10) false) (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x10)) false))) (set acc (append (var acchi) (var acclo))) (set acc (let sm1 (>> (cast 64 false (<< (var m1) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)) (- (bv 32 0x40) (bv 32 0x10)) (msb (cast 64 false (<< (var m1) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)))) (let sm2 (>> (cast 64 false (<< (var m2) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)) (- (bv 32 0x40) (bv 32 0x10)) (msb (cast 64 false (<< (var m2) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)))) (- (var acc) (* (var sm1) (var sm2)))))) (set acclo (cast 32 false (& (>> (var acc) (bv 32 0x0) false) (>> (bv 64 0xffffffffffffffff) (- (bv 32 0x40) (bv 32 0x20)) false)))) (set acchi (cast 32 false (& (>> (var acc) (bv 32 0x20) false) (>> (bv 64 0xffffffffffffffff) (- (bv 32 0x40) (bv 32 0x20)) false))))) +d "muls.aa.hh a2, a1" 14027f 0x0 (seq (set m1 (& (>> (var a2) (bv 32 0x10) false) (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x10)) false))) (set m2 (& (>> (var a1) (bv 32 0x10) false) (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x10)) false))) (set acc (append (var acchi) (var acclo))) (set acc (let sm1 (>> (cast 64 false (<< (var m1) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)) (- (bv 32 0x40) (bv 32 0x10)) (msb (cast 64 false (<< (var m1) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)))) (let sm2 (>> (cast 64 false (<< (var m2) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)) (- (bv 32 0x40) (bv 32 0x10)) (msb (cast 64 false (<< (var m2) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)))) (- (var acc) (* (var sm1) (var sm2)))))) (set acclo (cast 32 false (& (>> (var acc) (bv 32 0x0) false) (>> (bv 64 0xffffffffffffffff) (- (bv 32 0x40) (bv 32 0x20)) false)))) (set acchi (cast 32 false (& (>> (var acc) (bv 32 0x20) false) (>> (bv 64 0xffffffffffffffff) (- (bv 32 0x40) (bv 32 0x20)) false))))) +d "muls.ad.ll a2, m2" 04023c 0x0 (seq (set m1 (& (>> (var a2) (bv 32 0x0) false) (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x10)) false))) (set m2 (& (>> (var m2) (bv 32 0x0) false) (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x10)) false))) (set acc (append (var acchi) (var acclo))) (set acc (let sm1 (>> (cast 64 false (<< (var m1) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)) (- (bv 32 0x40) (bv 32 0x10)) (msb (cast 64 false (<< (var m1) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)))) (let sm2 (>> (cast 64 false (<< (var m2) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)) (- (bv 32 0x40) (bv 32 0x10)) (msb (cast 64 false (<< (var m2) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)))) (- (var acc) (* (var sm1) (var sm2)))))) (set acclo (cast 32 false (& (>> (var acc) (bv 32 0x0) false) (>> (bv 64 0xffffffffffffffff) (- (bv 32 0x40) (bv 32 0x20)) false)))) (set acchi (cast 32 false (& (>> (var acc) (bv 32 0x20) false) (>> (bv 64 0xffffffffffffffff) (- (bv 32 0x40) (bv 32 0x20)) false))))) +d "muls.ad.hl a2, m2" 04023d 0x0 (seq (set m1 (& (>> (var a2) (bv 32 0x10) false) (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x10)) false))) (set m2 (& (>> (var m2) (bv 32 0x0) false) (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x10)) false))) (set acc (append (var acchi) (var acclo))) (set acc (let sm1 (>> (cast 64 false (<< (var m1) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)) (- (bv 32 0x40) (bv 32 0x10)) (msb (cast 64 false (<< (var m1) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)))) (let sm2 (>> (cast 64 false (<< (var m2) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)) (- (bv 32 0x40) (bv 32 0x10)) (msb (cast 64 false (<< (var m2) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)))) (- (var acc) (* (var sm1) (var sm2)))))) (set acclo (cast 32 false (& (>> (var acc) (bv 32 0x0) false) (>> (bv 64 0xffffffffffffffff) (- (bv 32 0x40) (bv 32 0x20)) false)))) (set acchi (cast 32 false (& (>> (var acc) (bv 32 0x20) false) (>> (bv 64 0xffffffffffffffff) (- (bv 32 0x40) (bv 32 0x20)) false))))) +d "muls.ad.lh a2, m2" 04023e 0x0 (seq (set m1 (& (>> (var a2) (bv 32 0x0) false) (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x10)) false))) (set m2 (& (>> (var m2) (bv 32 0x10) false) (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x10)) false))) (set acc (append (var acchi) (var acclo))) (set acc (let sm1 (>> (cast 64 false (<< (var m1) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)) (- (bv 32 0x40) (bv 32 0x10)) (msb (cast 64 false (<< (var m1) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)))) (let sm2 (>> (cast 64 false (<< (var m2) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)) (- (bv 32 0x40) (bv 32 0x10)) (msb (cast 64 false (<< (var m2) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)))) (- (var acc) (* (var sm1) (var sm2)))))) (set acclo (cast 32 false (& (>> (var acc) (bv 32 0x0) false) (>> (bv 64 0xffffffffffffffff) (- (bv 32 0x40) (bv 32 0x20)) false)))) (set acchi (cast 32 false (& (>> (var acc) (bv 32 0x20) false) (>> (bv 64 0xffffffffffffffff) (- (bv 32 0x40) (bv 32 0x20)) false))))) +d "muls.ad.hh a2, m2" 04023f 0x0 (seq (set m1 (& (>> (var a2) (bv 32 0x10) false) (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x10)) false))) (set m2 (& (>> (var m2) (bv 32 0x10) false) (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x10)) false))) (set acc (append (var acchi) (var acclo))) (set acc (let sm1 (>> (cast 64 false (<< (var m1) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)) (- (bv 32 0x40) (bv 32 0x10)) (msb (cast 64 false (<< (var m1) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)))) (let sm2 (>> (cast 64 false (<< (var m2) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)) (- (bv 32 0x40) (bv 32 0x10)) (msb (cast 64 false (<< (var m2) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)))) (- (var acc) (* (var sm1) (var sm2)))))) (set acclo (cast 32 false (& (>> (var acc) (bv 32 0x0) false) (>> (bv 64 0xffffffffffffffff) (- (bv 32 0x40) (bv 32 0x20)) false)))) (set acchi (cast 32 false (& (>> (var acc) (bv 32 0x20) false) (>> (bv 64 0xffffffffffffffff) (- (bv 32 0x40) (bv 32 0x20)) false))))) +d "muls.da.ll m0, a1" 14006c 0x0 (seq (set m1 (& (>> (var m0) (bv 32 0x0) false) (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x10)) false))) (set m2 (& (>> (var a1) (bv 32 0x0) false) (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x10)) false))) (set acc (append (var acchi) (var acclo))) (set acc (let sm1 (>> (cast 64 false (<< (var m1) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)) (- (bv 32 0x40) (bv 32 0x10)) (msb (cast 64 false (<< (var m1) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)))) (let sm2 (>> (cast 64 false (<< (var m2) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)) (- (bv 32 0x40) (bv 32 0x10)) (msb (cast 64 false (<< (var m2) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)))) (- (var acc) (* (var sm1) (var sm2)))))) (set acclo (cast 32 false (& (>> (var acc) (bv 32 0x0) false) (>> (bv 64 0xffffffffffffffff) (- (bv 32 0x40) (bv 32 0x20)) false)))) (set acchi (cast 32 false (& (>> (var acc) (bv 32 0x20) false) (>> (bv 64 0xffffffffffffffff) (- (bv 32 0x40) (bv 32 0x20)) false))))) +d "muls.da.hl m0, a1" 14006d 0x0 (seq (set m1 (& (>> (var m0) (bv 32 0x10) false) (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x10)) false))) (set m2 (& (>> (var a1) (bv 32 0x0) false) (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x10)) false))) (set acc (append (var acchi) (var acclo))) (set acc (let sm1 (>> (cast 64 false (<< (var m1) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)) (- (bv 32 0x40) (bv 32 0x10)) (msb (cast 64 false (<< (var m1) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)))) (let sm2 (>> (cast 64 false (<< (var m2) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)) (- (bv 32 0x40) (bv 32 0x10)) (msb (cast 64 false (<< (var m2) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)))) (- (var acc) (* (var sm1) (var sm2)))))) (set acclo (cast 32 false (& (>> (var acc) (bv 32 0x0) false) (>> (bv 64 0xffffffffffffffff) (- (bv 32 0x40) (bv 32 0x20)) false)))) (set acchi (cast 32 false (& (>> (var acc) (bv 32 0x20) false) (>> (bv 64 0xffffffffffffffff) (- (bv 32 0x40) (bv 32 0x20)) false))))) +d "muls.da.lh m0, a1" 14006e 0x0 (seq (set m1 (& (>> (var m0) (bv 32 0x0) false) (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x10)) false))) (set m2 (& (>> (var a1) (bv 32 0x10) false) (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x10)) false))) (set acc (append (var acchi) (var acclo))) (set acc (let sm1 (>> (cast 64 false (<< (var m1) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)) (- (bv 32 0x40) (bv 32 0x10)) (msb (cast 64 false (<< (var m1) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)))) (let sm2 (>> (cast 64 false (<< (var m2) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)) (- (bv 32 0x40) (bv 32 0x10)) (msb (cast 64 false (<< (var m2) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)))) (- (var acc) (* (var sm1) (var sm2)))))) (set acclo (cast 32 false (& (>> (var acc) (bv 32 0x0) false) (>> (bv 64 0xffffffffffffffff) (- (bv 32 0x40) (bv 32 0x20)) false)))) (set acchi (cast 32 false (& (>> (var acc) (bv 32 0x20) false) (>> (bv 64 0xffffffffffffffff) (- (bv 32 0x40) (bv 32 0x20)) false))))) +d "muls.da.hh m0, a1" 14006f 0x0 (seq (set m1 (& (>> (var m0) (bv 32 0x10) false) (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x10)) false))) (set m2 (& (>> (var a1) (bv 32 0x10) false) (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x10)) false))) (set acc (append (var acchi) (var acclo))) (set acc (let sm1 (>> (cast 64 false (<< (var m1) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)) (- (bv 32 0x40) (bv 32 0x10)) (msb (cast 64 false (<< (var m1) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)))) (let sm2 (>> (cast 64 false (<< (var m2) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)) (- (bv 32 0x40) (bv 32 0x10)) (msb (cast 64 false (<< (var m2) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)))) (- (var acc) (* (var sm1) (var sm2)))))) (set acclo (cast 32 false (& (>> (var acc) (bv 32 0x0) false) (>> (bv 64 0xffffffffffffffff) (- (bv 32 0x40) (bv 32 0x20)) false)))) (set acchi (cast 32 false (& (>> (var acc) (bv 32 0x20) false) (>> (bv 64 0xffffffffffffffff) (- (bv 32 0x40) (bv 32 0x20)) false))))) +d "muls.dd.ll m0, m2" 04002c 0x0 (seq (set m1 (& (>> (var m0) (bv 32 0x0) false) (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x10)) false))) (set m2 (& (>> (var m2) (bv 32 0x0) false) (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x10)) false))) (set acc (append (var acchi) (var acclo))) (set acc (let sm1 (>> (cast 64 false (<< (var m1) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)) (- (bv 32 0x40) (bv 32 0x10)) (msb (cast 64 false (<< (var m1) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)))) (let sm2 (>> (cast 64 false (<< (var m2) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)) (- (bv 32 0x40) (bv 32 0x10)) (msb (cast 64 false (<< (var m2) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)))) (- (var acc) (* (var sm1) (var sm2)))))) (set acclo (cast 32 false (& (>> (var acc) (bv 32 0x0) false) (>> (bv 64 0xffffffffffffffff) (- (bv 32 0x40) (bv 32 0x20)) false)))) (set acchi (cast 32 false (& (>> (var acc) (bv 32 0x20) false) (>> (bv 64 0xffffffffffffffff) (- (bv 32 0x40) (bv 32 0x20)) false))))) +d "muls.dd.hl m0, m2" 04002d 0x0 (seq (set m1 (& (>> (var m0) (bv 32 0x10) false) (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x10)) false))) (set m2 (& (>> (var m2) (bv 32 0x0) false) (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x10)) false))) (set acc (append (var acchi) (var acclo))) (set acc (let sm1 (>> (cast 64 false (<< (var m1) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)) (- (bv 32 0x40) (bv 32 0x10)) (msb (cast 64 false (<< (var m1) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)))) (let sm2 (>> (cast 64 false (<< (var m2) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)) (- (bv 32 0x40) (bv 32 0x10)) (msb (cast 64 false (<< (var m2) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)))) (- (var acc) (* (var sm1) (var sm2)))))) (set acclo (cast 32 false (& (>> (var acc) (bv 32 0x0) false) (>> (bv 64 0xffffffffffffffff) (- (bv 32 0x40) (bv 32 0x20)) false)))) (set acchi (cast 32 false (& (>> (var acc) (bv 32 0x20) false) (>> (bv 64 0xffffffffffffffff) (- (bv 32 0x40) (bv 32 0x20)) false))))) +d "muls.dd.lh m0, m2" 04002e 0x0 (seq (set m1 (& (>> (var m0) (bv 32 0x0) false) (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x10)) false))) (set m2 (& (>> (var m2) (bv 32 0x10) false) (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x10)) false))) (set acc (append (var acchi) (var acclo))) (set acc (let sm1 (>> (cast 64 false (<< (var m1) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)) (- (bv 32 0x40) (bv 32 0x10)) (msb (cast 64 false (<< (var m1) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)))) (let sm2 (>> (cast 64 false (<< (var m2) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)) (- (bv 32 0x40) (bv 32 0x10)) (msb (cast 64 false (<< (var m2) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)))) (- (var acc) (* (var sm1) (var sm2)))))) (set acclo (cast 32 false (& (>> (var acc) (bv 32 0x0) false) (>> (bv 64 0xffffffffffffffff) (- (bv 32 0x40) (bv 32 0x20)) false)))) (set acchi (cast 32 false (& (>> (var acc) (bv 32 0x20) false) (>> (bv 64 0xffffffffffffffff) (- (bv 32 0x40) (bv 32 0x20)) false))))) +d "muls.dd.hh m0, m2" 04002f 0x0 (seq (set m1 (& (>> (var m0) (bv 32 0x10) false) (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x10)) false))) (set m2 (& (>> (var m2) (bv 32 0x10) false) (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x10)) false))) (set acc (append (var acchi) (var acclo))) (set acc (let sm1 (>> (cast 64 false (<< (var m1) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)) (- (bv 32 0x40) (bv 32 0x10)) (msb (cast 64 false (<< (var m1) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)))) (let sm2 (>> (cast 64 false (<< (var m2) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)) (- (bv 32 0x40) (bv 32 0x10)) (msb (cast 64 false (<< (var m2) (- (- (bv 32 0x40) (bv 32 0x10)) (bv 32 0x0)) false)))) (- (var acc) (* (var sm1) (var sm2)))))) (set acclo (cast 32 false (& (>> (var acc) (bv 32 0x0) false) (>> (bv 64 0xffffffffffffffff) (- (bv 32 0x40) (bv 32 0x20)) false)))) (set acchi (cast 32 false (& (>> (var acc) (bv 32 0x20) false) (>> (bv 64 0xffffffffffffffff) (- (bv 32 0x40) (bv 32 0x20)) false))))) +d "mulsh a2, a3, a1" 1023b2 0x0 (seq (set ars (>> (cast 64 false (<< (var a3) (- (- (bv 32 0x40) (bv 32 0x20)) (bv 32 0x0)) false)) (- (bv 32 0x40) (bv 32 0x20)) (msb (cast 64 false (<< (var a3) (- (- (bv 32 0x40) (bv 32 0x20)) (bv 32 0x0)) false))))) (set art (>> (cast 64 false (<< (var a1) (- (- (bv 32 0x40) (bv 32 0x20)) (bv 32 0x0)) false)) (- (bv 32 0x40) (bv 32 0x20)) (msb (cast 64 false (<< (var a1) (- (- (bv 32 0x40) (bv 32 0x20)) (bv 32 0x0)) false))))) (set tp (* (var ars) (var art))) (set a2 (cast 32 false (>> (var tp) (bv 32 0x20) false)))) +d "muluh a2, a3, a1" 1023a2 0x0 (seq (set ars (cast 64 false (var a3))) (set art (cast 64 false (var a1))) (set tp (* (var ars) (var art))) (set a2 (cast 32 false (>> (var tp) (bv 32 0x20) false)))) +d "neg a2, a1" 102060 0x0 (set a2 (~- (var a1))) +d "neg.s f1, f2" 6012fa 0x0 (set f1 (cast 64 false (fbits (fneg (float 0 (var f2) ))))) +d "nexp01.s f1, f2" b012fa 0x0 (seq (set rs (var f2)) (set frs (float 0 (var rs) )) (set frs64 (fconvert ieee754-bin64 rna (var frs))) (set rs31 (<< (ite (! (ite (== (& (>> (var rs) (bv 32 0x1f) false) (>> (bv 64 0xffffffffffffffff) (- (bv 32 0x40) (bv 32 0x1)) false)) (bv 64 0x0)) false true)) (bv 64 0x1) (bv 64 0x0)) (bv 32 0x1f) false)) (set f1 (ite (== (& (>> (var rs) (bv 32 0x17) false) (>> (bv 64 0xffffffffffffffff) (- (bv 32 0x40) (bv 32 0x8)) false)) (bv 64 0xff)) (| (& (>> (var rs) (bv 32 0x0) false) (>> (bv 64 0xffffffffffffffff) (- (bv 32 0x40) (bv 32 0x17)) false)) (| (bv 64 0x3f800000) (var rs31))) (ite (== (& (>> (var rs) (bv 32 0x0) false) (>> (bv 64 0xffffffffffffffff) (- (bv 32 0x40) (bv 32 0x1f)) false)) (bv 64 0x0)) (| (bv 64 0x40000000) (var rs31)) (let N (/. rna (fpos (var frs64)) (float 1 (bv 64 0x4000000000000000) )) (fbits (fneg (/. rna (var frs64) (pow rna (float 1 (bv 64 0x4010000000000000) ) (var N)))))))))) +d "nop" f02000 0x0 nop +d "nsa a1, a2" 10e240 0x0 (seq (set ars (var a2)) (set sign (& (>> (var ars) (bv 32 0x1f) false) (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x1)) false))) (set a1 (ite (== (var sign) (& (>> (var ars) (bv 32 0x0) false) (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x1f)) false))) (bv 32 0x1f) (let b4 (== (var sign) (& (>> (var ars) (bv 32 0x10) false) (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0xf)) false))) (let t3 (ite (var b4) (& (>> (var ars) (bv 32 0x0) false) (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x10)) false)) (& (>> (var ars) (bv 32 0x10) false) (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x10)) false))) (let b3 (== (var sign) (& (>> (var t3) (bv 32 0x8) false) (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x8)) false))) (let t2 (ite (var b3) (& (>> (var t3) (bv 32 0x0) false) (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x8)) false)) (& (>> (var t3) (bv 32 0x8) false) (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x8)) false))) (let b2 (== (var sign) (& (>> (var t2) (bv 32 0x4) false) (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x4)) false))) (let t1 (ite (var b2) (& (>> (var t2) (bv 32 0x0) false) (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x4)) false)) (& (>> (var t2) (bv 32 0x4) false) (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x4)) false))) (let b1 (== (var sign) (& (>> (var t1) (bv 32 0x2) false) (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x2)) false))) (let b0 (ite (var b1) (== (& (>> (var t1) (bv 32 0x0) false) (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x1)) false)) (var sign)) (== (& (>> (var t1) (bv 32 0x3) false) (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x1)) false)) (var sign))) (- (| (<< (ite (var b4) (bv 32 0x1) (bv 32 0x0)) (bv 32 0x4) false) (| (<< (ite (var b3) (bv 32 0x1) (bv 32 0x0)) (bv 32 0x3) false) (| (<< (ite (var b2) (bv 32 0x1) (bv 32 0x0)) (bv 32 0x2) false) (| (<< (ite (var b1) (bv 32 0x1) (bv 32 0x0)) (bv 32 0x1) false) (ite (var b0) (bv 32 0x1) (bv 32 0x0)))))) (bv 32 0x1))))))))))))) +d "nsau a1, a2" 10f240 0x0 (seq (set ars (var a2)) (set sign (bv 32 0x0)) (set a1 (ite (== (var sign) (var ars)) (bv 32 0x20) (let b4 (== (var sign) (& (>> (var ars) (bv 32 0x10) false) (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x10)) false))) (let t3 (ite (var b4) (& (>> (var ars) (bv 32 0x0) false) (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x10)) false)) (& (>> (var ars) (bv 32 0x10) false) (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x10)) false))) (let b3 (== (var sign) (& (>> (var t3) (bv 32 0x8) false) (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x8)) false))) (let t2 (ite (var b3) (& (>> (var t3) (bv 32 0x0) false) (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x8)) false)) (& (>> (var t3) (bv 32 0x8) false) (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x8)) false))) (let b2 (== (var sign) (& (>> (var t2) (bv 32 0x4) false) (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x4)) false))) (let t1 (ite (var b2) (& (>> (var t2) (bv 32 0x0) false) (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x4)) false)) (& (>> (var t2) (bv 32 0x4) false) (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x4)) false))) (let b1 (== (var sign) (& (>> (var t1) (bv 32 0x2) false) (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x2)) false))) (let b0 (ite (var b1) (== (& (>> (var t1) (bv 32 0x0) false) (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x1)) false)) (var sign)) (== (& (>> (var t1) (bv 32 0x3) false) (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x1)) false)) (var sign))) (| (<< (ite (var b4) (bv 32 0x1) (bv 32 0x0)) (bv 32 0x4) false) (| (<< (ite (var b3) (bv 32 0x1) (bv 32 0x0)) (bv 32 0x3) false) (| (<< (ite (var b2) (bv 32 0x1) (bv 32 0x0)) (bv 32 0x2) false) (| (<< (ite (var b1) (bv 32 0x1) (bv 32 0x0)) (bv 32 0x1) false) (ite (var b0) (bv 32 0x1) (bv 32 0x0))))))))))))))))) +d "oeq.s b2, f3, f1" 10232b 0x0 (set b2 (! (|| (|| (is_nan (float 0 (var f3) )) (is_nan (float 0 (var f1) ))) (|| (<. (float 0 (var f3) ) (float 0 (var f1) )) (<. (float 0 (var f1) ) (float 0 (var f3) )))))) +d "ole.s b2, f3, f1" 10236b 0x0 (set b2 (&& (! (|| (is_nan (float 0 (var f3) )) (is_nan (float 0 (var f1) )))) (! (<. (float 0 (var f1) ) (float 0 (var f3) ))))) +d "olt.s b2, f3, f1" 10234b 0x0 (set b2 (&& (! (|| (is_nan (float 0 (var f3) )) (is_nan (float 0 (var f1) )))) (<. (float 0 (var f3) ) (float 0 (var f1) )))) +d "or a2, a3, a1" 102320 0x0 (set a2 (| (var a3) (var a1))) +d "orb b2, b3, b1" 102322 0x0 (set b2 (|| (var b3) (var b1))) +d "orbc b2, b3, b1" 102332 0x0 (set b2 (|| (var b3) (! (var b1)))) +d "quos a2, a3, a1" 1023d2 0x0 (set a2 (sdiv (var a3) (var a1))) +d "quou a2, a3, a1" 1023c2 0x0 (set a2 (div (var a3) (var a1))) +d "rems a2, a3, a1" 1023f2 0x0 (set a2 (smod (var a3) (var a1))) +d "remu a2, a3, a1" 1023e2 0x0 (set a2 (mod (var a3) (var a1))) +d "rer a1, a2" 106240 0x0 nop +d "ret" 800000 0x0 (jmp (var a0)) +d "ret.n" 0df0 0x0 (jmp (var a0)) +d "retw" 900000 0x0 nop +d "retw.n" 1df0 0x0 nop +d "rfde" 003200 0x0 (jmp (ite (var ndepc) (var depc) (var epc1))) +d "rfe" 003000 0x0 (seq (set ps (| (& (var ps) (~ (<< (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x1)) false) (bv 32 0x4) false))) (& (<< (bv 32 0x0) (bv 32 0x4) false) (<< (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x1)) false) (bv 32 0x4) false)))) (jmp (var epc1))) +d "rfi 2" 103200 0x0 (seq (set ps (var eps2)) (jmp (var epc2))) +d "rfr a1, f2" 4012fa 0x0 (set a1 (cast 32 false (var f2))) +d "rfwo" 003400 0x0 (seq (set ps (| (& (var ps) (~ (<< (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x1)) false) (bv 32 0x4) false))) (& (<< (bv 32 0x0) (bv 32 0x4) false) (<< (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x1)) false) (bv 32 0x4) false)))) (jmp (var epc1))) +d "rfwu" 003500 0x0 (seq (set ps (| (& (var ps) (~ (<< (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x1)) false) (bv 32 0x4) false))) (& (<< (bv 32 0x0) (bv 32 0x4) false) (<< (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x1)) false) (bv 32 0x4) false)))) (jmp (var epc1))) +d "rotw -1" f08040 0x0 nop +d "round.s a2, f3, 1" 10238a 0x0 (set a2 (fbits (fround rna (*. rna (float 0 (var f3) ) (float 0 (bv 32 0x40000000) ))))) +d "rsil a1, 0xf" 106f00 0x0 (seq (set a1 (var ps)) (set ps (| (& (var ps) (~ (<< (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x4)) false) (bv 32 0x0) false))) (& (<< (bv 32 0xf) (bv 32 0x0) false) (<< (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x4)) false) (bv 32 0x0) false))))) +d "rsqrt0.s f1, f2" a012fa 0x0 nop +d "rsr a1, litbase" 100503 0x0 (set a1 (var litbase)) +d "rsync" 102000 0x0 nop +d "rur.accx_0 a0" 0000e3 0x0 (set a0 (var accx_0)) +d "rur.accx_0 a1" 0010e3 0x0 (set a1 (var accx_0)) +d "rur.accx_1 a1" 1010e3 0x0 (set a1 (var accx_1)) +d "rur.qacc_h_0 a1" 2010e3 0x0 (set a1 (var qacc_h_0)) +d "rur.qacc_h_1 a1" 3010e3 0x0 (set a1 (var qacc_h_1)) +d "rur.qacc_h_2 a1" 4010e3 0x0 (set a1 (var qacc_h_2)) +d "rur.qacc_h_3 a1" 5010e3 0x0 (set a1 (var qacc_h_3)) +d "rur.qacc_h_4 a1" 6010e3 0x0 (set a1 (var qacc_h_4)) +d "rur.qacc_l_0 a1" 7010e3 0x0 (set a1 (var qacc_l_0)) +d "rur.qacc_l_1 a1" 8010e3 0x0 (set a1 (var qacc_l_1)) +d "rur.qacc_l_2 a1" 9010e3 0x0 (set a1 (var qacc_l_2)) +d "rur.qacc_l_3 a1" a010e3 0x0 (set a1 (var qacc_l_3)) +d "rur.qacc_l_4 a1" b010e3 0x0 (set a1 (var qacc_l_4)) +d "rur.gpio_out a1" c010e3 0x0 (set a1 (var gpio_out)) +d "rur.sar_byte a1" d010e3 0x0 (set a1 (var sar_byte)) +d "rur.fft_bit_width a1" e010e3 0x0 (set a1 (var fft_bit_width)) +d "rur.ua_state_0 a1" f010e3 0x0 (set a1 (var ua_state_0)) +d "rur.ua_state_1 a1" 0011e3 0x0 (set a1 (var ua_state_1)) +d "rur.ua_state_2 a1" 1011e3 0x0 (set a1 (var ua_state_2)) +d "rur.ua_state_3 a1" 2011e3 0x0 (set a1 (var ua_state_3)) +d "s8i a1, a2, 0xff" 1242ff 0x0 (seq (set vAddr (+ (var a2) (bv 32 0xff))) (store 0 (var vAddr) (cast 8 false (var a1)))) +d "s16i a1, a2, 0x1fe" 1252ff 0x0 (seq (set vAddr (+ (var a2) (bv 32 0x1fe))) (storew 0 (var vAddr) (cast 16 false (var a1)))) +d "s32c1i a1, a2, 0x3fc" 12e2ff 0x0 (seq (set vAddr (+ (var a2) (bv 32 0x3fc))) (set mem (loadw 0 32 (var vAddr))) (branch (== (var mem) (var scompare1)) (storew 0 (var vAddr) (var a1)) nop) (set a1 (var mem))) +d "s32e a1, a3, -0x38" 102349 0x0 (seq (set vAddr (+ (var a3) (bv 32 0xffffffc8))) (storew 0 (var vAddr) (var a1))) +d "s32i a1, a2, 0x3fc" 1262ff 0x0 (seq (set vAddr (+ (var a2) (bv 32 0x3fc))) (storew 0 (var vAddr) (var a1))) +d "sext a2, a3, 8" 102323 0x0 (set a2 (>> (cast 32 false (<< (var a3) (- (- (bv 32 0x20) (bv 32 0x8)) (bv 32 0x0)) false)) (- (bv 32 0x20) (bv 32 0x8)) (msb (cast 32 false (<< (var a3) (- (- (bv 32 0x20) (bv 32 0x8)) (bv 32 0x0)) false))))) +d "simcall" 005100 0x0 nop +d "slli a2, a3, 0x1f" 102301 0x0 (seq (set sa (bv 32 0x1f)) (set a2 (<< (var a3) (var sa) false))) +d "sll a1, a2" 0012a1 0x0 (seq (set sa (& (>> (var sar) (bv 32 0x0) false) (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x5)) false))) (set a1 (<< (var a2) (var sa) false))) +d "sqrt0.s f1, f2" 9012fa 0x0 nop +d "srai a2, a1, 1" 102121 0x0 (seq (set sa (bv 32 0x1)) (set a2 (>> (var a1) (var sa) (msb (var a1))))) +d "sra a2, a1" 1020b1 0x0 (seq (set sa (& (>> (var sar) (bv 32 0x0) false) (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x5)) false))) (set a2 (>> (var a1) (var sa) (msb (var a1))))) +d "src a2, a3, a1" 102381 0x0 (seq (set sa (& (>> (var sar) (bv 32 0x0) false) (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x5)) false))) (set a2 (cast 32 false (>> (append (var a3) (var a1)) (var sa) false)))) +d "srl a2, a1" 102091 0x0 (seq (set sa (& (>> (var sar) (bv 32 0x0) false) (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x5)) false))) (set a2 (>> (var a1) (var sa) false))) +d "srli a2, a1, 1" 102141 0x0 (seq (set sa (bv 32 0x1)) (set a2 (>> (var a1) (var sa) false))) +d "ssai 1" 004140 0x0 (set sar (bv 32 0x1)) +d "ssa8l a1" 002140 0x0 (set sar (<< (& (>> (var a1) (bv 32 0x0) false) (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x2)) false)) (bv 32 0x3) false)) +d "ssip f1, a2, 0x3fc" 13c2ff 0x0 (seq (set vAddr (var a2)) (storew 0 (var vAddr) (var f1)) (set a2 (bv 32 0x3fc))) +d "ssi f1, a2, 0x3fc" 1342ff 0x0 (seq (set vAddr (+ (var a2) (bv 32 0x3fc))) (storew 0 (var vAddr) (cast 32 false (var f1)))) +d "ssxp f2, a3, a1" 102358 0x0 (seq (set vAddr (var a3)) (storew 0 (var vAddr) (cast 32 false (var f2))) (set a3 (+ (var vAddr) (var a1)))) +d "ssx f2, a3, a1" 102348 0x0 (seq (set vAddr (+ (var a3) (var a1))) (storew 0 (var vAddr) (cast 32 false (var f2)))) +d "ssr a1" 000140 0x0 (seq (set sa (cast 5 false (var a1))) (set sar (cast 32 false (var sa)))) +d "ssl a1" 001140 0x0 (seq (set sa (cast 5 false (var a1))) (set sar (- (bv 32 0x20) (cast 32 false (var sa))))) +d "sub a2, a3, a1" 1023c0 0x0 (set a2 (- (var a3) (var a1))) +d "sub.s f2, f3, f1" 10231a 0x0 (set f2 (- (var f3) (var f1))) +d "subx2 a2, a3, a1" 1023d0 0x0 (set a2 (- (<< (var a3) (bv 32 0x1) false) (var a1))) +d "subx4 a2, a3, a1" 1023e0 0x0 (set a2 (- (<< (var a3) (bv 32 0x2) false) (var a1))) +d "subx8 a2, a3, a1" 1023f0 0x0 (set a2 (- (<< (var a3) (bv 32 0x3) false) (var a1))) +d "syscall" 005000 0x0 nop +d "trunc.s a2, f3, 1" 10239a 0x0 (set a2 (fcast_sint 32 rna (*. rna (float 0 (var f3) ) (float 0 (bv 32 0x40000000) )))) +d "ueq.s b2, f3, f1" 10233b 0x0 (set b2 (! (|| (|| (is_nan (float 0 (var f3) )) (is_nan (float 0 (var f1) ))) (|| (<. (float 0 (var f3) ) (float 0 (var f1) )) (<. (float 0 (var f1) ) (float 0 (var f3) )))))) +d "float.s f2, a3, 1" 1023ca 0x0 (set f2 (cast 64 false (fbits (fcast_float ieee754-bin32 rna (div (var a3) (bv 32 0x0)))))) +d "ule.s b2, f3, f1" 10237b 0x0 (set b2 (&& (! (|| (is_nan (float 0 (var f3) )) (is_nan (float 0 (var f1) )))) (! (<. (float 0 (var f1) ) (float 0 (var f3) ))))) +d "ult.s b2, f3, f1" 10235b 0x0 (set b2 (&& (! (|| (is_nan (float 0 (var f3) )) (is_nan (float 0 (var f1) )))) (<. (float 0 (var f3) ) (float 0 (var f1) )))) +d "umul.aa.ll a2, a1" 140270 0x0 (seq (set m1 (& (>> (var a2) (bv 32 0x0) false) (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x10)) false))) (set m2 (& (>> (var a1) (bv 32 0x0) false) (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x10)) false))) (set acc (* (cast 64 false (var m1)) (cast 64 false (var m2)))) (set acclo (cast 32 false (& (>> (var acc) (bv 32 0x0) false) (>> (bv 64 0xffffffffffffffff) (- (bv 32 0x40) (bv 32 0x20)) false)))) (set acchi (cast 32 false (& (>> (var acc) (bv 32 0x20) false) (>> (bv 64 0xffffffffffffffff) (- (bv 32 0x40) (bv 32 0x20)) false))))) +d "umul.aa.hl a2, a1" 140271 0x0 (seq (set m1 (& (>> (var a2) (bv 32 0x10) false) (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x10)) false))) (set m2 (& (>> (var a1) (bv 32 0x0) false) (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x10)) false))) (set acc (* (cast 64 false (var m1)) (cast 64 false (var m2)))) (set acclo (cast 32 false (& (>> (var acc) (bv 32 0x0) false) (>> (bv 64 0xffffffffffffffff) (- (bv 32 0x40) (bv 32 0x20)) false)))) (set acchi (cast 32 false (& (>> (var acc) (bv 32 0x20) false) (>> (bv 64 0xffffffffffffffff) (- (bv 32 0x40) (bv 32 0x20)) false))))) +d "umul.aa.lh a2, a1" 140272 0x0 (seq (set m1 (& (>> (var a2) (bv 32 0x0) false) (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x10)) false))) (set m2 (& (>> (var a1) (bv 32 0x10) false) (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x10)) false))) (set acc (* (cast 64 false (var m1)) (cast 64 false (var m2)))) (set acclo (cast 32 false (& (>> (var acc) (bv 32 0x0) false) (>> (bv 64 0xffffffffffffffff) (- (bv 32 0x40) (bv 32 0x20)) false)))) (set acchi (cast 32 false (& (>> (var acc) (bv 32 0x20) false) (>> (bv 64 0xffffffffffffffff) (- (bv 32 0x40) (bv 32 0x20)) false))))) +d "umul.aa.hh a2, a1" 140273 0x0 (seq (set m1 (& (>> (var a2) (bv 32 0x10) false) (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x10)) false))) (set m2 (& (>> (var a1) (bv 32 0x10) false) (>> (bv 32 0xffffffff) (- (bv 32 0x20) (bv 32 0x10)) false))) (set acc (* (cast 64 false (var m1)) (cast 64 false (var m2)))) (set acclo (cast 32 false (& (>> (var acc) (bv 32 0x0) false) (>> (bv 64 0xffffffffffffffff) (- (bv 32 0x40) (bv 32 0x20)) false)))) (set acchi (cast 32 false (& (>> (var acc) (bv 32 0x20) false) (>> (bv 64 0xffffffffffffffff) (- (bv 32 0x40) (bv 32 0x20)) false))))) +d "utrunc.s a2, f3, 1" 1023ea 0x0 (set a2 (fcast_int 32 rna (*. rna (float 0 (var f3) ) (float 0 (bv 32 0x40000000) )))) +d "un.s b2, f3, f1" 10231b 0x0 (set b2 (|| (is_nan (float 0 (var f3) )) (is_nan (float 0 (var f1) )))) +d "waiti 0xf" 007f00 0x0 nop +d "wdtlb a1, a2" 10e250 0x0 nop +d "wer a1, a2" 107240 0x0 nop +d "wfr f1, a2" 5012fa 0x0 (set f1 (cast 64 false (var a2))) +d "wsr a1, lend" 100113 0x0 (set a1 (var lend)) +d "wsr a1, lcount" 100213 0x0 (set a1 (var lcount)) +d "wsr a1, sar" 100313 0x0 (set a1 (var sar)) +d "wsr a1, br" 100413 0x0 (set a1 (var br)) +d "wsr a1, litbase" 100513 0x0 (set a1 (var litbase)) +d "wsr a1, scompare1" 100c13 0x0 (set a1 (var scompare1)) +d "witlb a1, a2" 106250 0x0 nop +d "wur.accx_1 a1" 1001f3 0x0 (set accx_1 (var a1)) +d "wur.qacc_h_0 a1" 1002f3 0x0 (set qacc_h_0 (var a1)) +d "wur.qacc_h_1 a1" 1003f3 0x0 (set qacc_h_1 (var a1)) +d "wur.qacc_h_2 a1" 1004f3 0x0 (set qacc_h_2 (var a1)) +d "wur.qacc_h_3 a1" 1005f3 0x0 (set qacc_h_3 (var a1)) +d "wur.qacc_h_4 a1" 1006f3 0x0 (set qacc_h_4 (var a1)) +d "wur.qacc_l_0 a1" 1007f3 0x0 (set qacc_l_0 (var a1)) +d "wur.qacc_l_1 a1" 1008f3 0x0 (set qacc_l_1 (var a1)) +d "wur.qacc_l_2 a1" 1009f3 0x0 (set qacc_l_2 (var a1)) +d "wur.qacc_l_3 a1" 100af3 0x0 (set qacc_l_3 (var a1)) +d "wur.qacc_l_4 a1" 100bf3 0x0 (set qacc_l_4 (var a1)) +d "wur.gpio_out a1" 100cf3 0x0 (set gpio_out (var a1)) +d "wur.sar_byte a1" 100df3 0x0 (set sar_byte (var a1)) +d "wur.fft_bit_width a1" 100ef3 0x0 (set fft_bit_width (var a1)) +d "wur.ua_state_0 a1" 100ff3 0x0 (set ua_state_0 (var a1)) +d "xsr a1, lend" 100161 0x0 (seq (set t0 (var a1)) (set a1 (var lend)) (set lend (var t0))) +d "xsr a1, lcount" 100261 0x0 (seq (set t0 (var a1)) (set a1 (var lcount)) (set lcount (var t0))) +d "xsr a1, sar" 100361 0x0 (seq (set t0 (var a1)) (set a1 (var sar)) (set sar (var t0))) +d "xsr a1, br" 100461 0x0 (seq (set t0 (var a1)) (set a1 (var br)) (set br (var t0))) +d "xsr a1, litbase" 100561 0x0 (seq (set t0 (var a1)) (set a1 (var litbase)) (set litbase (var t0))) +d "xsr a1, scompare1" 100c61 0x0 (seq (set t0 (var a1)) (set a1 (var scompare1)) (set scompare1 (var t0))) +d "xor a2, a3, a1" 102330 0x0 (set a2 (^ (var a3) (var a1))) +d "xorb b2, b3, b1" 102342 0x0 (set b2 (^^ (var b3) (var b1))) diff --git a/test/db/cmd/cmd_list b/test/db/cmd/cmd_list index 024eead4c12..d264a8fc67d 100644 --- a/test/db/cmd/cmd_list +++ b/test/db/cmd/cmd_list @@ -445,7 +445,7 @@ a____ 16 32 64 x86.nasm LGPL3 X86 nasm assembler a____ 16 32 64 x86.nz LGPL3 x86 handmade assembler _dA__ 16 xap PD XAP4 RISC (CSR) _dA__ 32 xcore BSD Capstone XCore disassembler (by pancake) -_dAe_ 32 xtensa LGPL3 Capstone Xtensa disassembly plugin (by billow) +_dAeI 32 xtensa LGPL3 Capstone Xtensa disassembly plugin (by billow) adA__ 8 z80 GPL3 Zilog Z80 (by condret) EOF RUN diff --git a/test/db/esil/xtensa_32 b/test/db/esil/xtensa_32 index c5caf8fa18d..7d3c8f8e82b 100644 --- a/test/db/esil/xtensa_32 +++ b/test/db/esil/xtensa_32 @@ -67,18 +67,18 @@ e asm.arch=xtensa e asm.bits=32 wx c5000022a020c00200000000000000008000000000000000000000000000000002a030c00000 aes -ar~pc -ar~a0 +ar~^pc +ar~^a0 aes aes ar~a2 aes -ar~pc -ar~a0 +ar~^pc +ar~^a0 aes aes -ar~pc -ar~a0 +ar~^pc +ar~^a0 EOF EXPECT=<