ARMv6/v7 disassembly accuracy improvements, ARMv7MP ARMv7VE additions

ARMv6.s Add missing conditionals on DBG. Add ERET (v7VE). Add MRS/MSR banked (v7VE), and its funky encoding of the banked register. Check bit 22 of SRS/RFE properly, otherwise some undefined instructions get wrongly decoded as SRS/RFE. CGlue.s Use prefix 'A' for arch warnings, so they can be kept together in the messages file. Debugger.s: Around line 990, refactor up front decoding to pick out NV instruction space like the ARM ARM says to do. This makes subsequent decoding much simpler to follow, and removes lots of backdoor checks on bits 28-31 scattered later on in the decode - fixes problem with CPS #mode being wrong when bit 4 set. Add HVI (v7MP). Note this is a made up pre-UAL form of HVC (cf. SWI->SVC, SMI->SMC) for now. Add PLDW (v7VE). Put back flags preservation on Conditions routine, otherwise TestStr preserves flags if no conditions are wanted, but doesn't if they are - was causing some of the Saturates family to be misclassified as undefined. Test/V6V7tests Add samples of each of the extra instructions. Resources/UK/Messages, Resources/Germany/Messages Messages files updated. Tested with 'testbed' over the 256M EQ condition code, plus 256M NV condition code, with no unexplained mismatches. Version 1.94. Tagged as 'Debugger-1_94'

ARMv6/v7 disassembly accuracy improvements, ARMv7MP ARMv7VE additions
ARMv6.s Add missing conditionals on DBG. Add ERET (v7VE). Add MRS/MSR banked (v7VE), and its funky encoding of the banked register. Check bit 22 of SRS/RFE properly, otherwise some undefined instructions get wrongly decoded as SRS/RFE. CGlue.s Use prefix 'A' for arch warnings, so they can be kept together in the messages file. Debugger.s: Around line 990, refactor up front decoding to pick out NV instruction space like the ARM ARM says to do. This makes subsequent decoding much simpler to follow, and removes lots of backdoor checks on bits 28-31 scattered later on in the decode - fixes problem with CPS #mode being wrong when bit 4 set. Add HVI (v7MP). Note this is a made up pre-UAL form of HVC (cf. SWI->SVC, SMI->SMC) for now. Add PLDW (v7VE). Put back flags preservation on Conditions routine, otherwise TestStr preserves flags if no conditions are wanted, but doesn't if they are - was causing some of the Saturates family to be misclassified as undefined. Test/V6V7tests Add samples of each of the extra instructions. Resources/UK/Messages, Resources/Germany/Messages Messages files updated. Tested with 'testbed' over the 256M EQ condition code, plus 256M NV condition code, with no unexplained mismatches. Version 1.94. Tagged as 'Debugger-1_94'
fb639a5b · Robert Sprowson · 9350c823 · fb639a5b · fb639a5b · fb639a5b
Commit fb639a5b authored 8 years ago by Robert Sprowson
8 changed files
--- a/Resources/Germany/Messages
+++ b/Resources/Germany/Messages
--- a/Resources/UK/Messages
+++ b/Resources/UK/Messages
--- a/Test/V6V7tests
+++ b/Test/V6V7tests
@@ -16,7 +16,6 @@
        GET     Hdr:ListOpts
        GET     Hdr:Macros
        GET     Hdr:System
-        GET     Hdr:Services

        AREA    test,CODE,READONLY

@@ -107,7 +106,7 @@
        ; Misc instructions
        CPSID   i
        CPSIE   f
-        CPSID   aif,#12
+        CPSID   aif,#SVC32_mode
        CPS     12
        DCI     &F100000C               ; Mode != 0, no mode change bit, unpredictable

@@ -243,5 +242,16 @@
        UXTAH   r0, r1, r2
        UXTB16  r0, PC                  ; Not PC
        UXTAB16CC r0, r1, r2, ROR #24
+
+        ; V7 multi processor additions
+        PLDW    [r5, r6]
+
+        ; V7 virtualisation additions
+        MSR     ELR_hyp, r5
+        MSR     R8_fiq, r5
+        MRS     r5, SP_irq
+        MRS     r5, LR_mon
+        ERETNE
+        HVC     &1234
        
        END
--- a/VersionASM
+++ b/VersionASM
@@ -11,13 +11,13 @@
                        GBLS    Module_HelpVersion
                        GBLS    Module_ComponentName
                        GBLS    Module_ComponentPath
-Module_MajorVersion     SETS    "1.93"
-Module_Version          SETA    193
+Module_MajorVersion     SETS    "1.94"
+Module_Version          SETA    194
 Module_MinorVersion     SETS    ""
-Module_Date             SETS    "06 Apr 2016"
-Module_ApplicationDate  SETS    "06-Apr-16"
+Module_Date             SETS    "11 Jun 2016"
+Module_ApplicationDate  SETS    "11-Jun-16"
 Module_ComponentName    SETS    "Debugger"
 Module_ComponentPath    SETS    "castle/RiscOS/Sources/Programmer/Debugger"
-Module_FullVersion      SETS    "1.93"
-Module_HelpVersion      SETS    "1.93 (06 Apr 2016)"
+Module_FullVersion      SETS    "1.94"
+Module_HelpVersion      SETS    "1.94 (11 Jun 2016)"
                        END
--- a/VersionNum
+++ b/VersionNum
-/* (1.93)
+/* (1.94)
 *
 * This file is automatically maintained by srccommit, do not edit manually.
 * Last processed by srccommit version: 1.1.
 *
 */
-#define Module_MajorVersion_CMHG        1.93
+#define Module_MajorVersion_CMHG        1.94
 #define Module_MinorVersion_CMHG        
-#define Module_Date_CMHG                06 Apr 2016
+#define Module_Date_CMHG                11 Jun 2016

-#define Module_MajorVersion             "1.93"
-#define Module_Version                  193
+#define Module_MajorVersion             "1.94"
+#define Module_Version                  194
 #define Module_MinorVersion             ""
-#define Module_Date                     "06 Apr 2016"
+#define Module_Date                     "11 Jun 2016"

-#define Module_ApplicationDate          "06-Apr-16"
+#define Module_ApplicationDate          "11-Jun-16"

 #define Module_ComponentName            "Debugger"
 #define Module_ComponentPath            "castle/RiscOS/Sources/Programmer/Debugger"

-#define Module_FullVersion              "1.93"
-#define Module_HelpVersion              "1.93 (06 Apr 2016)"
-#define Module_LibraryVersionInfo       "1:93"
+#define Module_FullVersion              "1.94"
+#define Module_HelpVersion              "1.94 (11 Jun 2016)"
+#define Module_LibraryVersionInfo       "1:94"
--- a/s/ARMv6
+++ b/s/ARMv6
@@ -229,7 +229,7 @@ Hints ROUT
        MOV     r14, #Mistake_ARMv7     ; DBG
        STR     r14, Mistake
        ]
-        AddStr  DbgH
+        AddStr  DbgH,,conds
 Tab_imm4
        BL      Tab
        AND     r8, r4, #2_1111
@@ -320,7 +320,7 @@ MlsTab  DCB     "MLS", 0

 ; +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

-is_SMI ROUT
+is_SMC ROUT
        ; arrive here with cccc 0001 0110 xxxx xxxx xxxx 0111 xxxx
        ; format is        cccc 0001 0110 0000 0000 0000 0111 iiii
        ;
@@ -344,18 +344,41 @@ SmiTab  DCB     "SMI",0

 ; +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

+is_ERET ROUT
+        ; arrive here with cccc 0001 0xx0 xxxx xxxx xxxx 0110 xxxx
+        ; format is        cccc 0001 0110 0000 0000 0000 0110 1110
+        ;
+        ; ERET{cond}
+        ;
+        ; where cccc = condition
+
+        [ WarnARMv7VE
+        MOV     r14, #Mistake_ARMv7VE   ; Optional in v7VE
+        STR     r14, Mistake
+        ]
+        LDR     r5, =2_0001011000000000000001101110:SHL:4
+        TEQ     r5, r4, LSL #4
+        BNE     Undefined
+        AddStr  ERetTab,,conds
+        BL      Tab
+        B       InstructionEnd
+
+ERetTab DCB     "ERET",0
+        ALIGN
+
+; +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+
 Srs_Or_Rfe ROUT
        ; arrive here with 1111 100x xxxx xxxx xxxx xxxx xxxx xxxx
-        ; format is        cccc 100p uswl nnnn 0000 qqqq 000m mmmm
+        ; format is        cccc 100p uqwq nnnn 0000 qqqq 000m mmmm
        ;
        ; RFE<I|D><A|B> Rn{!}
        ; SRS<I|D><A|B> SP{!},#mode
        ;
-        ; where qqqq = qualifier (1010 = RFE, 0101 = SRS)
+        ; where qqqq = qualifier (0-1-1010 = RFE, 1-0-0101 = SRS)
        ;          p = Pre-indexing/~Post-indexing
        ;          u = Up/~Down
        ;          w = Writeback
-        ;          l = Load/~Store
        ;      mmmmm = mode, or 0 for RFE
        ;       nnnn = Rn

@@ -363,12 +386,12 @@ Srs_Or_Rfe ROUT
        MOV     r14, #Mistake_ARMv6
        STR     r14, Mistake
        ]
-        LDR     r5,  =2_100001111111111111111
+        LDR     r5,  =2_10100001111111111111111
        AND     r5, r4, r5
-        LDR     r14, =2_100000000101000000000 ; RFE
+        LDR     r14, =2_00100000000101000000000 ; RFE
        TEQ     r5, r14
        BICNE   r5, r5, #2_000000000000011111 ; Let any mode through
-        LDRNE   r14, =2_000000000010100000000 ; SRS
+        LDRNE   r14, =2_10000000000010100000000 ; SRS
        TEQNE   r5, r14
        BNE     Undefined

@@ -460,12 +483,139 @@ Umaal   DCB     "UMAAL", 0

 ; +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

-ControlExtension_uncond
-        ; arrive here with 1111 00i1 0xx0 xxxx xxxx xxxx rxxs xxxx
-        ; (irs != 011)
+MRS_banked
+        ; arrive here with cccc 0001 0x00 xxxx xxxx 001x 0000 0000
+        ;
+        ; format is        cccc 0001 0r00 mmmm dddd 001m 0000 0000
+        ;
+        ; MRS{cond} Rd, <banked_reg>
+        ; where cccc = condition
+        ;       dddd = Rd
+        ;      mmmmm = mode
+        ;          r = 1 for SPSR, 0 for reg
+        [ WarnARMv7VE
+        MOV     r14, #Mistake_ARMv7VE   ; Optional in v7VE
+        STR     r14, Mistake
+        ]
+        ADRL    r10, MrsTAB
+        BL      SaveStringConditions
+        MOV     r5, r4, LSR #12
+        BL      Tab_Dis_Register
+        TEQ     r5, #15                 ; PC unpredictable
+        MOVEQ   r14, #Mistake_R15
+        STREQ   r14, Mistake
+        BL      AddComma
+        BL      Dis_Banked_Register
+        B       InstructionEnd
+
+MSR_banked
+        ; arrive here with cccc 0001 0x10 xxxx 1111 001x 0000 xxxx
        ;
+        ; format is        cccc 0001 0r00 mmmm 1111 001m 0000 nnnn
+        ;
+        ; MSR{cond} <banked_reg>, Rn
+        ; where cccc = condition
+        ;       nnnn = Rn
+        ;      mmmmm = mode
+        ;          r = 1 for SPSR, 0 for reg
+        [ WarnARMv7VE
+        MOV     r14, #Mistake_ARMv7VE   ; Optional in v7VE
+        STR     r14, Mistake
+        ]
+        ADRL    r10, MsrTAB
+        BL      SaveStringConditions
+        BL      Tab
+        BL      Dis_Banked_Register
+        MOV     r5, r4
+        BL      Comma_Dis_Register
+        CMP     r5, #13
+        MOVCS   r14, #Mistake_Unpred    ; R13-R15 unpredictable
+        STRCS   r14, Mistake
+        B       InstructionEnd
+
+Dis_Banked_Register
+        ; From DDI 0406C, B9.2.3
+        Push    "lr"
+        MOV     r2, r4, LSL #12
+        MOV     r2, r2, LSR #32 - 4
+        TestBit 8
+        ORRNE   r2, r2, #1:SHL:4        ; r2 := SYSm
+        TestBit 22
+        BNE     %FT30                   ; Banked SPSR
+
+        LDR     r14, UnpredBReg
+        MOV     r5, #1
+        MOV     r5, r5, LSL r2          ; 2^SYSm
+        TST     r14, r5
+        MOVNE   r14, #Mistake_Unpred
+        STRNE   r14, Mistake
+
+        ; Special case exception LR (don't want "ER14")
+        TEQ     r2, #2_11110
+        AddStr  ExcLRTAB,EQ
+        BEQ     %FT40
+
+        ; When SYSm[4:3] is 2_10 or 2_11 they're pairs of LR/SR
+        CMP     r2, #2_10000
+        ANDCC   r5, r2, #7
+        ADDCC   r5, r5, #8              ; R8-R15
+        BCC     %FT20
+        TST     r2, #1
+        MOVNE   r5, #13                 ; SP
+        MOVEQ   r5, #14                 ; LR
+20
+        BL      Dis_Register
+        B       %FT40
+30
+        ADRL    r10, spsr_tab
+        BL      SaveString
+        LDR     r14, UnpredBSPSR
+        MOV     r5, #1
+        MOV     r5, r5, LSL r2          ; 2^SYSm
+        TST     r14, r5
+        MOVNE   r14, #Mistake_Unpred
+        STRNE   r14, Mistake
+40
+        AddChar "_"
+        ADR     r14, SYSmSuffixTAB
+        LDRB    r14, [r14, r2, LSR #1]
+        ADR     r10, BankedModeSuffixes
+        ADD     r10, r10, r14, LSL #2
+        BL      SaveString
+        Pull    "pc"
+
+ExcLRTAB
+        DCB     "ELR", 0
+        ALIGN
+UnpredBReg
+        ;         11----->10----->01----->00----->
+        DCD     2_00001111000000001000000010000000
+UnpredBSPSR
+        ;         11----->10----->01----->00----->
+        DCD     2_10101111101010101011111111111111
+SYSmSuffixTAB
+        ; Both register/SPSR use follow the same pairs of mode suffixes
+        DCD     &00000000               ; SYSm[4:3] = 2_00
+        DCD     &01010101               ; SYSm[4:3] = 2_01
+        DCD     &05040302               ; SYSm[4:3] = 2_10
+        DCD     &07060000               ; SYSm[4:3] = 2_11
+BankedModeSuffixes
+        DCB     "usr", 0                ; 0
+        DCB     "fiq", 0                ; 1
+        DCB     "irq", 0                ; 2
+        DCB     "svc", 0                ; 3
+        DCB     "abt", 0                ; 4
+        DCB     "und", 0                ; 5
+        DCB     "mon", 0                ; 6
+        DCB     "hyp", 0                ; 7
+        ALIGN
+
+; +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+
+ControlExtension_uncond
+        ; arrive here with 1111 0001 xxxx xxxx xxxx xxxx xxxx xxxx
        TSTS    r4, #2_11111100:SHL:8
-        TSTEQS  r4, #2_00101111:SHL:20
+        TSTEQS  r4, #2_1111:SHL:20
        BNE     Undefined

        [ WarnARMv6

--- a/s/CGlue
+++ b/s/CGlue
@@ -133,26 +133,26 @@ warnmessages
        = "M85", 0 ; WARN_PC_POSTINDEXED

 archwarnings
-        = "M68", 0 ; ARMv5Tstar
-        = "M69", 0 ; ARMv5TEstar
-        = "M70", 0 ; ARMv6star
+        = "A00", 0 ; ARMv5Tstar
+        = "A01", 0 ; ARMv5TEstar
+        = "A02", 0 ; ARMv6star
        = "M00", 0 ; ARMv6Tstar (impossible with VFP-only build)
-        = "M71", 0 ; ARMv6K
-        = "M72", 0 ; ARMv6T2
-        = "M73", 0 ; ARMv7
-        = "M00", 0 ; ARMv7MP (impossible with VFP-only build)
+        = "A03", 0 ; ARMv6K
+        = "A04", 0 ; ARMv6T2
+        = "A05", 0 ; ARMv7
+        = "A16", 0 ; ARMv7MP
        = "M00", 0 ; ARMv7VE (impossible with VFP-only build)
        = "M00", 0 ; ARMv7opt (impossible with VFP-only build)
        = "M00", 0 ; SecExt (impossible with VFP-only build)
-        = "M94", 0 ; VFP_ASIMD_common
-        = "M74", 0 ; VFPv2
-        = "M77", 0 ; VFPv3
-        = "M78", 0 ; VFPv3HP
-        = "M79", 0 ; VFPv4
-        = "M90", 0 ; ASIMD
-        = "M91", 0 ; ASIMDHFP
-        = "M92", 0 ; ASIMDFP
-        = "M93", 0 ; ASIMDv2FP
+        = "A14", 0 ; VFP_ASIMD_common
+        = "A06", 0 ; VFPv2
+        = "A07", 0 ; VFPv3
+        = "A08", 0 ; VFPv3HP
+        = "A09", 0 ; VFPv4
+        = "A10", 0 ; ASIMD
+        = "A11", 0 ; ASIMDHFP
+        = "A12", 0 ; ASIMDFP
+        = "A13", 0 ; ASIMDv2FP
        = "M00", 0 ; FPA (impossible with VFP-only build)
        = "M00", 0 ; XScaleDSP (impossible with VFP-only build)


--- a/s/Debugger
+++ b/s/Debugger
@@ -286,6 +286,12 @@ WarnARMv6T2     SETL    {TRUE}          ; Indicate ARMv6T2 or later instructions
                GBLL    WarnARMv7
 WarnARMv7       SETL    {TRUE}          ; Indicate ARMv7 or later instructions

+                GBLL    WarnARMv7VE
+WarnARMv7VE     SETL    {TRUE}          ; Indicate ARMv7VE or later instructions
+
+                GBLL    WarnARMv7MP
+WarnARMv7MP     SETL    {TRUE}          ; Indicate ARMv7MP or later instructions
+
                GBLL    Thumbv6
 Thumbv6         SETL    {TRUE}          ; Don't do Thumbv6 yet until complete

@@ -437,6 +443,8 @@ Mistake_ARMv6   #       1
 Mistake_ARMv6K  #       1
 Mistake_ARMv6T2 #       1
 Mistake_ARMv7   #       1
+Mistake_ARMv7VE #       1
+Mistake_ARMv7MP #       1
 Mistake_BaseOdd #       1

                ^       -1
@@ -982,15 +990,13 @@ Instruction Entry "r0, r3-r9"
        BPL     %BT00
 ]

+        ADDS    r14, r4, #1:SHL:28      ;  C := unconditional space
        MOV     r3, r4, LSR #24         ; r3 := primary instruction nibble
-      [ UseCVFPNEON
-        TEQ     r3, #2_11110100
-        TSTEQ   r4, #1:SHL:20
-        TEQNE   r3, #2_11110010
-        TEQNE   r3, #2_11110011
-        BEQ     ASIMD                   ; All the unconditional ASIMD instructions
-      ]
        AND     r3, r3, #2_00001111     ; remove condition codes
+        BCS     %FT10
+
+        ; arrive here with cccc xxxx xxxx xxxx xxxx xxxx xxxx xxxx
+        ; (cccc != 1111)
        TEQS    r3, #&0F
        BEQ     Swi                     ; [software interrupt = 0F]

@@ -1006,7 +1012,37 @@ Instruction Entry "r0, r3-r9"
        CMP     r3, #&04
        BHS     LdrStr                  ; [load/store register = 04..07]

-        B       DataProcessing          ; [data processing = 00.03]
+        B       DataProcessing          ; [data processing = 00..03]
+10
+        ; arrive here with 1111 xxxx xxxx xxxx xxxx xxxx xxxx xxxx
+        TEQS    r3, #&0F
+        BEQ     Undefined               ; [undefined = 0F]
+
+        CMP     r3, #&0E
+        BEQ     Co_Operations           ; [coprocessor = 0E]
+
+        CMP     r3, #&0C
+        BHS     Co_Transfer             ; [coprocessor = 0C,0D]
+
+        CMP     r3, #&0A
+        BHS     BLX_offset              ; [BLX = 0A,0B]
+
+        CMP     r3, #&08
+        BHS     Srs_Or_Rfe              ; [SRS or RFE = 08,09]
+
+        CMP     r3, #&04
+        BHS     Preload                 ; [preload = 04..07]
+
+        CMP     r3, #&02
+      [ UseCVFPNEON
+        BHS     ASIMD                   ; [ASIMD data processing = 02,03]
+      |
+        BHS     Undefined
+      ]
+
+        CMP     r3, #&01
+        BEQ     ControlExtension_uncond ; [CPS & SETEND = 01]
+        ; Fall through...

 ; .............................................................................

@@ -1172,10 +1208,6 @@ str_xos_undefined

 Branch ROUT

-        MOV     r14, r4, LSR #28        ; if "NV" condition code
-        TEQ     r14, #15
-        BEQ     BLX_offset              ; then it's BLX
-
        AddChar "B"
        TestBit 24,"L"

@@ -1240,9 +1272,6 @@ W_Back  DCB     "!,{", 0
        ;       rrrr = register list
 LdmStm ROUT

-        CMP     R4, #2_1111:SHL:28      ; 'NV' condition code
-        BCS     Srs_Or_Rfe              ; means something else
-
        ANDS    R5, R4, #&7F00
        BLNE    checkreg                ; error if R8-R14 in list

@@ -1426,10 +1455,6 @@ LdrStr  ROUT
        TSTNE   r4, #1 :SHL: 4          ; then that was xxR Rd,[Rn,Rm,SHF Rs]
        BNE     UndefinedExtension      ; but ARM2 doesn't do that anymore

-        MOV     r14, r4, LSR #28
-        TEQ     r14, #15
-        BEQ     Preload
-
        TestStr 20,Ldr,Str,conds        ; Load/~Store bit

        MOV     r5, r4, LSR #12         ; Rd
@@ -1588,56 +1613,6 @@ Close_B DCB     "],", 0

 ; +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

-Preload ROUT
-        ; Preload
-        ; arrive here with 1111 01xx xxxx xxxx xxxx xxxx xxxx xxxx
-        ; format is        1111 010h u101 nnnn 1111 iiii iiii iiii
-        ;        or        1111 011h u101 nnnn 1111 rrrr rtt0 mmmm
-        ;
-        ; PL<D|I> [Rn,#offset]
-        ;         [Rn,{+|-}Rm{,shift}]
-        ;
-        ; where    h = PLD/~PLI hint
-        ;          u = Up/~Down
-        ;       nnnn = Rn
-        ;      rrrrr = shift amount
-        ;         tt = shift type (LSL, LSR, ASR or ROR)
-        ;       mmmm = Rm
-        ;       iiii = 12-bit unsigned immediate offset
-
-        LDR     r14, =&F57FF0           ; Bits 8-31 of a group of 16 unconditionals
-        TEQ     r14, r4, LSR #8
-        BEQ     Maintenance_uncond
-
-      [ WarnARMv5E :LOR: WarnARMv7
-        TestBit 24
-        [ WarnARMv5E
-        MOVNE   r14, #Mistake_ARMv5E
-        |
-        MOVNE   r14, #0
-        ]
-        [ WarnARMv7
-        MOVEQ   r14, #Mistake_ARMv7
-        |
-        MOVEQ   r14, #0
-        ]
-        STR     r14, Mistake
-      ]
-
-        AddStr  Pload
-        TestBit 24, "D", "I"
-        BL      Tab
-        AND     r5, r4, #2_10111:SHL:20
-        TEQ     r5, #2_10101:SHL:20
-        TEQNE   r5, #2_00101:SHL:20     ; PLI
-        ORREQ   r4, r4, #1:SHL:24       ; Sidestep PC writeback warning
-        ANDEQ   r5, r4, #2_1111:SHL:12
-        TEQEQ   r5, #2_1111:SHL:12
-        BEQ     DataTransfer_Common_NoComma
-        B       Undefined
-
-; +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
-
 Mull    DCB     "MULL",0
        ALIGN
 Mlal    DCB     "MLAL",0
@@ -1645,7 +1620,6 @@ Mlal    DCB     "MLAL",0
 Mul     DCB     "MUL", 0
 Mla     DCB     "MLA", 0
 aswp    DCB     "SWP", 0
-Pload   DCB     "PL", 0

 UndefinedDataProcessing ROUT
        ; Arrive here with cccc 000x xxxx xxxx xxxx xxxx 1xx1 xxxx
@@ -2046,6 +2020,70 @@ ldrstrh_reg
        TestBit 21,"!"                  ; Writeback bit
        B       InstructionEnd

+; +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+
+Preload ROUT
+        ; Preload
+        ; arrive here with 1111 01xx xxxx xxxx xxxx xxxx xxxx xxxx
+        ; format is        1111 010h uw01 nnnn 1111 iiii iiii iiii
+        ;        or        1111 011h uw01 nnnn 1111 rrrr rtt0 mmmm
+        ;
+        ; PL<D|I><W> [Rn,#offset]
+        ;            [Rn,{+|-}Rm{,shift}]
+        ;
+        ; where    h = PLD/~PLI hint
+        ;          u = Up/~Down
+        ;          w = Read/~Write intent
+        ;       nnnn = Rn
+        ;      rrrrr = shift amount
+        ;         tt = shift type (LSL, LSR, ASR or ROR)
+        ;       mmmm = Rm
+        ;       iiii = 12-bit unsigned immediate offset
+
+      [ UseCVFPNEON
+        TestBit 20
+        BEQ     ASIMD                   ; ASIMD element or structure load/store
+      ]
+
+        LDR     r14, =&F57FF0           ; Bits 8-31 of a group of 16 unconditionals
+        TEQ     r14, r4, LSR #8
+        BEQ     Maintenance_uncond
+
+        TST     r4, #1:SHL:25
+        TSTNE   r4, #1:SHL:4            ; Register form needs bit 4 clear
+        BNE     Undefined
+
+        TestBit 24
+        [ WarnARMv5E
+        MOVNE   r14, #Mistake_ARMv5E
+        ]
+        [ WarnARMv7
+        MOVEQ   r14, #Mistake_ARMv7
+        ]
+        [ WarnARMv5E :LOR: WarnARMv7
+        STR     r14, Mistake
+        ]
+
+        AddStr  Pload
+        TestBit 24, "D", "I"
+        TestBit 22
+        AddChar "W",EQ
+        [ WarnARMv7MP
+        MOVEQ   r14, #Mistake_ARMv7MP
+        STREQ   r14, Mistake
+        ]
+        BL      Tab      ; huw01
+        AND     r5, r4, #2_10011:SHL:20
+        TEQ     r5,     #2_10001:SHL:20 ; PLD
+        TEQNE   r5,     #2_00001:SHL:20 ; PLI
+        ORREQ   r4, r4, #1:SHL:24       ; Sidestep PC writeback warning
+        ANDEQ   r5, r4, #2_1111:SHL:12
+        TEQEQ   r5, #2_1111:SHL:12
+        BEQ     DataTransfer_Common_NoComma
+        B       Undefined
+
+Pload   DCB     "PL", 0
+        ALIGN

 ; +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
 ; Data processing opcodes
@@ -2243,10 +2281,6 @@ ControlExtension
        ; take is to first split between register and immediate,
        ; then split the register form up by bits 4:7.

-        MOV     r5, r4, LSR #28
-        TEQ     r5, #15
-        BEQ     ControlExtension_uncond
-
        TestBit 25
        BNE     ControlExtension_immediate

@@ -2259,10 +2293,13 @@ ControlExtension
        TEQ     r5, #2_0101 :SHL: 4             ; 5 = QADD etc
        BEQ     SaturatingArithmetic

-        TEQ     r5, #2_0111 :SHL: 4             ; 7 = BKPT
-        BEQ     is_BKPT
+        TEQ     r5, #2_0110 :SHL: 4             ; 6 = ERET
+        BEQ     is_ERET
+
+        TEQ     r5, #2_0111 :SHL: 4             ; 7 = BKPT, HVC, SMI
+        BEQ     MonitorCalls

-        CMP     r5, #2_1000 :SHL: 4             ; 2,4,6 undefined
+        CMP     r5, #2_1000 :SHL: 4             ; 2,4 undefined
        BLO     Undefined

        TST     r5, #2_0001 :SHL: 4             ; 8,10,12,14 = SMUL etc
@@ -2280,13 +2317,13 @@ ControlExtension_immediate
        TEQ     r5, r3
        BNE     Undefined
        TST     r4, #2_01001111:SHL:16
-        BNE     is_MSR
+        BNE     MSR_immediate
        B       Hints

 MRS_MSR_reg
        ; arrive here with cccc 0001 0xx0 xxxx xxxx xxxx 0000 xxxx
        TestBit 21
-        BNE     is_MSR
+        BNE     MSR_reg

 is_MRS  ; arrive here with cccc 0001 0x00 xxxx xxxx xxxx 0000 xxxx
        ;
@@ -2296,7 +2333,12 @@ is_MRS  ; arrive here with cccc 0001 0x00 xxxx xxxx xxxx 0000 xxxx
        ; where cccc = condition
        ;          r = 1 for SPSR, 0 for CPSR
        MOVS    r5, r4, LSL #20            ; bottom 12 bits should be 0
-        BNE     Undefined
+        BEQ     %FT10
+        TEQ     r5, #2_10:SHL:(8+20)
+        TEQNE   r5, #2_11:SHL:(8+20)
+        BEQ     MRS_banked
+        B       Undefined
+10
        AND     r14, r4, #2_1111 :SHL: 16  ; bits 16-19 should be 1
        TEQS    r14, #2_1111 :SHL: 16
        BNE     Undefined
@@ -2332,11 +2374,18 @@ BxjTAB  DCB     "BXJ",0
        ALIGN

 AdrTAB  DCB     "ADR",0
-BkptTAB DCB     "BKPT",0
-
        ALIGN

-is_MSR  ; arrive here with cccc 0001 0x10 xxxx xxxx xxxx 0000 xxxx
+MSR_reg ; arrive here with cccc 0001 0x10 xxxx xxxx xxxx 0000 xxxx
+        TST     r4, #2_11111111:SHL:4 ; if register, bits 4-11 must be 0
+        BEQ     %FT01
+        AND     r5, r4, #2_11111110:SHL:8
+        TEQ     r5, #2_11110010:SHL:8
+        BEQ     MSR_banked
+        B       Undefined
+
+MSR_immediate
+01      ; arrive here with cccc 0001 0x10 xxxx xxxx 0000 0000 xxxx
        ;               or cccc 0011 0x10 xxxx 1111 xxxx xxxx xxxx
        ;
        ; format is        cccc 0001 0r10 fsxc 1111 0000 0000 mmmm
@@ -2350,16 +2399,6 @@ is_MSR  ; arrive here with cccc 0001 0x10 xxxx xxxx xxxx 0000 xxxx
        ;       rrrr = rotate amount (/2)
        ;       iiii = immediate
        ;       mmmm = Rm
-        TestBit 25                    ; if register, bits 4-11 must be 0
-        BNE     %FT01
-
-        TST     r4, #2_11111111 :SHL: 4
-        BNE     Undefined
-
-01      AND     r10, r4, #2_1111 :SHL: 12
-        TEQ     r10, #2_1111 :SHL: 12
-        BNE     Undefined
-
 05      ADR     r10, MsrTAB
        BL      SaveStringConditions
        BL      Tab
@@ -2469,31 +2508,46 @@ is_CLZ  ; arrive here with cccc 0001 01x0 xxxx xxxx xxxx 00xx xxxx
        BL      Comma_Dis_Register
        B       InstructionEnd

-is_BKPT ; arrive here with cccc 0001 0xx0 xxxx xxxx xxxx 0111 xxxx
-        ;
-        ; format is        1110 0001 0010 nnnn nnnn nnnn 0111 nnnn
+MonitorCalls
+        ; arrive here with cccc 0001 0xx0 xxxx xxxx xxxx 0111 xxxx
        ;
-        ; BKPT <number>     (note conditional not permitted)
+        ; format is        cccc 0001 0oo0 xxxx xxxx xxxx 0111 xxxx
        ;
-        ; where nnnn = number
-        AND     r5, r4, #2_11:SHL:21
-        TEQ     r5, #2_11:SHL:21
-        BEQ     is_SMI
+        ; where oo = op per DDI 0406C, A5.2.12
+        ANDS    r5, r4, #2_11:SHL:21
+        BEQ     Undefined               ; 00 undefined still

-        TEQ     r5, #2_01:SHL:21
-        BNE     Undefined
+        TEQ     r5, #2_11:SHL:21
+        BEQ     is_SMC                  ; 11 (SMC)
+        ; Fall through                  ; 01 (BKPT) and 10 (HVC)

+BKPT_or_HVC
+        ; arrive here with cccc 0001 0qq0 xxxx xxxx xxxx 0111 xxxx
+        ; (qq != 00, qq != 11)
+        ;
+        ; format is        1110 0001 0qq0 nnnn nnnn nnnn 0111 nnnn
+        ;
+        ; BKPT <number>
+        ; HVI  <number>
+        ;
+        ; where nnnn = number
+        ;         qq = qualifier (01 = BKPT, 10 = HVC)
        AND     r5, r4, #2_1111:SHL:28
        TEQ     r5, #2_1110:SHL:28
-        BNE     Undefined
+        BNE     Undefined               ; Note conditional is unpredictable

+        TestBit 22
        [ WarnARMv5
-        MOV     r10, #Mistake_ARMv5
+        MOVEQ   r10, #Mistake_ARMv5
+        ]
+        [ WarnARMv7VE
+        MOVNE   r10, #Mistake_ARMv7VE
+        ]
+        [ WarnARMv5 :LOR: WarnARMv7VE
        STR     r10, Mistake
        ]

-        ADR     r10, BkptTAB
-        BL      SaveString
+        TestStr 22,HvcTAB,BkptTAB
        BL      Tab

        MOV     r8, r4, LSR #8
@@ -2504,6 +2558,10 @@ is_BKPT ; arrive here with cccc 0001 0xx0 xxxx xxxx xxxx 0111 xxxx
        BL      StoreHex
        B       InstructionEnd

+BkptTAB DCB     "BKPT",0
+HvcTAB  DCB     "HVI",0
+        ALIGN
+
 SaturatingArithmetic
        ; arrive here with cccc 0001 0xx0 xxxx xxxx xxxx 0101 xxxx
        ; format is        cccc 0001 0ds0 nnnn dddd 0000 0101 mmmm
@@ -3108,21 +3166,19 @@ SaveString EntryS

 ; Out   r0++ with condition codes appended

-Conditions Entry "r1, r10"
+Conditions EntryS "r1, r10"

 10      MOV     r1, r4, LSR #28
        CMPS    r1, #14
-        EXIT    EQ                      ; 14 = AL (no code printed)
-        ADRLO   r10, CondSym            ; 15 was NV, now undefined
+        EXITS   HS                      ; 14 = AL (no code printed)
+                                        ; 15 was NV, now decoded upfront
+        ADRLO   r10, CondSym
        ADDLO   r1, r10, r1, LSL #1
        LDRLOB  r10, [r1], #1
        STRLOB  r10, [r0], #1
        LDRLOB  r10, [r1], #1
        STRLOB  r10, [r0], #1
-        EXIT    LO
-        PullEnv
-        B       Undefined
-
+        EXITS

 CondSym DCB     "EQ"                    ; 0
        DCB     "NE"                    ; 1
@@ -3163,7 +3219,7 @@ SaveStringConditions2 ALTENTRY
        STRLE   r10, Mistake
        ]
        AddChar "2"
-        EXIT
+        EXITS

 ; +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
 ; Pad with spaces to operand field or comment field
@@ -3236,12 +3292,14 @@ Silly
        =       "M64",0         ; Rn in list
        =       "M66",0         ; Rd=Rm
        =       "M67",0         ; Only 1 reg on SA-110 rev 2
-        =       "M68",0         ; ARMv5 or later
-        =       "M69",0         ; ARMv5E or later
-        =       "M70",0         ; ARMv6 or later
-        =       "M71",0         ; ARMv6K or later
-        =       "M72",0         ; ARMv6T2 or later
-        =       "M73",0         ; ARMv7 or later
+        =       "A00",0         ; ARMv5 or later
+        =       "A01",0         ; ARMv5E or later
+        =       "A02",0         ; ARMv6 or later
+        =       "A03",0         ; ARMv6K or later
+        =       "A04",0         ; ARMv6T2 or later
+        =       "A05",0         ; ARMv7 or later
+        =       "A15",0         ; ARMv7VE or later
+        =       "A16",0         ; ARMv7MP or later
        =       "M49",0         ; Odd base of pair

        ALIGN