1 /* ----------------------------------------------------------------------- *
3 * Copyright 1996-2011 The NASM Authors - All Rights Reserved
4 * See the file AUTHORS included with the NASM distribution for
5 * the specific copyright holders.
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following
11 * * Redistributions of source code must retain the above copyright
12 * notice, this list of conditions and the following disclaimer.
13 * * Redistributions in binary form must reproduce the above
14 * copyright notice, this list of conditions and the following
15 * disclaimer in the documentation and/or other materials provided
16 * with the distribution.
18 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND
19 * CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES,
20 * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
21 * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
22 * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR
23 * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
24 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
25 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
26 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
27 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
28 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
29 * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
30 * EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
32 * ----------------------------------------------------------------------- */
35 * assemble.c code generation for the Netwide Assembler
37 * the actual codes (C syntax, i.e. octal):
38 * \0 - terminates the code. (Unless it's a literal of course.)
39 * \1..\4 - that many literal bytes follow in the code stream
40 * \5 - add 4 to the primary operand number (b, low octdigit)
41 * \6 - add 4 to the secondary operand number (a, middle octdigit)
42 * \7 - add 4 to both the primary and the secondary operand number
43 * \10..\13 - a literal byte follows in the code stream, to be added
44 * to the register value of operand 0..3
45 * \14..\17 - a signed byte immediate operand, from operand 0..3
46 * \20..\23 - a byte immediate operand, from operand 0..3
47 * \24..\27 - an unsigned byte immediate operand, from operand 0..3
48 * \30..\33 - a word immediate operand, from operand 0..3
49 * \34..\37 - select between \3[0-3] and \4[0-3] depending on 16/32 bit
50 * assembly mode or the operand-size override on the operand
51 * \40..\43 - a long immediate operand, from operand 0..3
52 * \44..\47 - select between \3[0-3], \4[0-3] and \5[4-7]
53 * depending on the address size of the instruction.
54 * \50..\53 - a byte relative operand, from operand 0..3
55 * \54..\57 - a qword immediate operand, from operand 0..3
56 * \60..\63 - a word relative operand, from operand 0..3
57 * \64..\67 - select between \6[0-3] and \7[0-3] depending on 16/32 bit
58 * assembly mode or the operand-size override on the operand
59 * \70..\73 - a long relative operand, from operand 0..3
60 * \74..\77 - a word constant, from the _segment_ part of operand 0..3
61 * \1ab - a ModRM, calculated on EA in operand a, with the spare
62 * field the register value of operand b.
63 * \140..\143 - an immediate word or signed byte for operand 0..3
64 * \144..\147 - or 2 (s-field) into opcode byte if operand 0..3
65 * is a signed byte rather than a word. Opcode byte follows.
66 * \150..\153 - an immediate dword or signed byte for operand 0..3
67 * \154..\157 - or 2 (s-field) into opcode byte if operand 0..3
68 * is a signed byte rather than a dword. Opcode byte follows.
69 * \172\ab - the register number from operand a in bits 7..4, with
70 * the 4-bit immediate from operand b in bits 3..0.
71 * \173\xab - the register number from operand a in bits 7..4, with
72 * the value b in bits 3..0.
73 * \174..\177 - the register number from operand 0..3 in bits 7..4, and
74 * an arbitrary value in bits 3..0 (assembled as zero.)
75 * \2ab - a ModRM, calculated on EA in operand a, with the spare
76 * field equal to digit b.
77 * \250..\253 - same as \150..\153, except warn if the 64-bit operand
78 * is not equal to the truncated and sign-extended 32-bit
79 * operand; used for 32-bit immediates in 64-bit mode.
80 * \254..\257 - a signed 32-bit operand to be extended to 64 bits.
81 * \260..\263 - this instruction uses VEX/XOP rather than REX, with the
82 * V field taken from operand 0..3.
83 * \270 - this instruction uses VEX/XOP rather than REX, with the
84 * V field set to 1111b.
86 * VEX/XOP prefixes are followed by the sequence:
87 * \tmm\wlp where mm is the M field; and wlp is:
89 * [l0] ll = 0 for L = 0 (.128, .lz)
90 * [l1] ll = 1 for L = 1 (.256)
91 * [lig] ll = 2 for L don't care (always assembled as 0)
93 * [w0] ww = 0 for W = 0
94 * [w1 ] ww = 1 for W = 1
95 * [wig] ww = 2 for W don't care (always assembled as 0)
96 * [ww] ww = 3 for W used as REX.W
98 * t = 0 for VEX (C4/C5), t = 1 for XOP (8F).
100 * \274..\277 - a signed byte immediate operand, from operand 0..3,
101 * which is to be extended to the operand size.
102 * \310 - indicates fixed 16-bit address size, i.e. optional 0x67.
103 * \311 - indicates fixed 32-bit address size, i.e. optional 0x67.
104 * \312 - (disassembler only) invalid with non-default address size.
105 * \313 - indicates fixed 64-bit address size, 0x67 invalid.
106 * \314 - (disassembler only) invalid with REX.B
107 * \315 - (disassembler only) invalid with REX.X
108 * \316 - (disassembler only) invalid with REX.R
109 * \317 - (disassembler only) invalid with REX.W
110 * \320 - indicates fixed 16-bit operand size, i.e. optional 0x66.
111 * \321 - indicates fixed 32-bit operand size, i.e. optional 0x66.
112 * \322 - indicates that this instruction is only valid when the
113 * operand size is the default (instruction to disassembler,
114 * generates no code in the assembler)
115 * \323 - indicates fixed 64-bit operand size, REX on extensions only.
116 * \324 - indicates 64-bit operand size requiring REX prefix.
117 * \325 - instruction which always uses spl/bpl/sil/dil
118 * \330 - a literal byte follows in the code stream, to be added
119 * to the condition code value of the instruction.
120 * \331 - instruction not valid with REP prefix. Hint for
121 * disassembler only; for SSE instructions.
122 * \332 - REP prefix (0xF2 byte) used as opcode extension.
123 * \333 - REP prefix (0xF3 byte) used as opcode extension.
124 * \334 - LOCK prefix used as REX.R (used in non-64-bit mode)
125 * \335 - disassemble a rep (0xF3 byte) prefix as repe not rep.
126 * \336 - force a REP(E) prefix (0xF2) even if not specified.
127 * \337 - force a REPNE prefix (0xF3) even if not specified.
128 * \336-\337 are still listed as prefixes in the disassembler.
129 * \340 - reserve <operand 0> bytes of uninitialized storage.
130 * Operand 0 had better be a segmentless constant.
131 * \341 - this instruction needs a WAIT "prefix"
132 * \344,\345 - the PUSH/POP (respectively) codes for CS, DS, ES, SS
133 * (POP is never used for CS) depending on operand 0
134 * \346,\347 - the second byte of PUSH/POP codes for FS, GS, depending
136 * \360 - no SSE prefix (== \364\331)
137 * \361 - 66 SSE prefix (== \366\331)
138 * \362 - F2 SSE prefix (== \364\332)
139 * \363 - F3 SSE prefix (== \364\333)
140 * \364 - operand-size prefix (0x66) not permitted
141 * \365 - address-size prefix (0x67) not permitted
142 * \366 - operand-size prefix (0x66) used as opcode extension
143 * \367 - address-size prefix (0x67) used as opcode extension
144 * \370,\371,\372 - match only if operand 0 meets byte jump criteria.
145 * 370 is used for Jcc, 371 is used for JMP.
146 * \373 - assemble 0x03 if bits==16, 0x05 if bits==32;
147 * used for conditional jump over longer jump
148 * \374 - this instruction takes an XMM VSIB memory EA
149 * \375 - this instruction takes an YMM VSIB memory EA
152 #include "compiler.h"
156 #include <inttypes.h>
160 #include "assemble.h"
166 * Matching errors. These should be sorted so that more specific
167 * errors come later in the sequence.
175 * Matching success; the conditional ones first
177 MOK_JUMP, /* Matching OK but needs jmp_match() */
178 MOK_GOOD /* Matching unconditionally OK */
182 enum ea_type type; /* what kind of EA is this? */
183 int sib_present; /* is a SIB byte necessary? */
184 int bytes; /* # of bytes of offset needed */
185 int size; /* lazy - this is sib+bytes+1 */
186 uint8_t modrm, sib, rex, rip; /* the bytes themselves */
189 static uint32_t cpu; /* cpu level received from nasm.c */
190 static efunc errfunc;
191 static struct ofmt *outfmt;
192 static ListGen *list;
194 static int64_t calcsize(int32_t, int64_t, int, insn *, const uint8_t *);
195 static void gencode(int32_t segment, int64_t offset, int bits,
196 insn * ins, const struct itemplate *temp,
198 static enum match_result find_match(const struct itemplate **tempp,
200 int32_t segment, int64_t offset, int bits);
201 static enum match_result matches(const struct itemplate *, insn *, int bits);
202 static opflags_t regflag(const operand *);
203 static int32_t regval(const operand *);
204 static int rexflags(int, opflags_t, int);
205 static int op_rexflags(const operand *, int);
206 static void add_asp(insn *, int);
208 static enum ea_type process_ea(operand *, ea *, int, int, int, opflags_t);
210 static int has_prefix(insn * ins, enum prefix_pos pos, enum prefixes prefix)
212 return ins->prefixes[pos] == prefix;
215 static void assert_no_prefix(insn * ins, enum prefix_pos pos)
217 if (ins->prefixes[pos])
218 errfunc(ERR_NONFATAL, "invalid %s prefix",
219 prefix_name(ins->prefixes[pos]));
222 static const char *size_name(int size)
244 static void warn_overflow(int pass, int size)
246 errfunc(ERR_WARNING | pass | ERR_WARN_NOV,
247 "%s data exceeds bounds", size_name(size));
250 static void warn_overflow_const(int64_t data, int size)
252 if (overflow_general(data, size))
253 warn_overflow(ERR_PASS1, size);
256 static void warn_overflow_opd(const struct operand *o, int size)
258 if (o->wrt == NO_SEG && o->segment == NO_SEG) {
259 if (overflow_general(o->offset, size))
260 warn_overflow(ERR_PASS2, size);
265 * This routine wrappers the real output format's output routine,
266 * in order to pass a copy of the data off to the listing file
267 * generator at the same time.
269 static void out(int64_t offset, int32_t segto, const void *data,
270 enum out_type type, uint64_t size,
271 int32_t segment, int32_t wrt)
273 static int32_t lineno = 0; /* static!!! */
274 static char *lnfname = NULL;
277 if (type == OUT_ADDRESS && segment == NO_SEG && wrt == NO_SEG) {
279 * This is a non-relocated address, and we're going to
280 * convert it into RAWDATA format.
285 errfunc(ERR_PANIC, "OUT_ADDRESS with size > 8");
289 WRITEADDR(q, *(int64_t *)data, size);
294 list->output(offset, data, type, size);
297 * this call to src_get determines when we call the
298 * debug-format-specific "linenum" function
299 * it updates lineno and lnfname to the current values
300 * returning 0 if "same as last time", -2 if lnfname
301 * changed, and the amount by which lineno changed,
302 * if it did. thus, these variables must be static
305 if (src_get(&lineno, &lnfname))
306 outfmt->current_dfmt->linenum(lnfname, lineno, segto);
308 outfmt->output(segto, data, type, size, segment, wrt);
311 static bool jmp_match(int32_t segment, int64_t offset, int bits,
312 insn * ins, const uint8_t *code)
317 if ((c != 0370 && c != 0371) || (ins->oprs[0].type & STRICT))
321 if (optimizing < 0 && c == 0371)
324 isize = calcsize(segment, offset, bits, ins, code);
326 if (ins->oprs[0].opflags & OPFLAG_UNKNOWN)
327 /* Be optimistic in pass 1 */
330 if (ins->oprs[0].segment != segment)
333 isize = ins->oprs[0].offset - offset - isize; /* isize is delta */
334 return (isize >= -128 && isize <= 127); /* is it byte size? */
337 int64_t assemble(int32_t segment, int64_t offset, int bits, uint32_t cp,
338 insn * instruction, struct ofmt *output, efunc error,
341 const struct itemplate *temp;
346 int64_t start = offset;
347 int64_t wsize; /* size for DB etc. */
349 errfunc = error; /* to pass to other functions */
351 outfmt = output; /* likewise */
352 list = listgen; /* and again */
354 wsize = idata_bytes(instruction->opcode);
360 int32_t t = instruction->times;
363 "instruction->times < 0 (%ld) in assemble()", t);
365 while (t--) { /* repeat TIMES times */
366 list_for_each(e, instruction->eops) {
367 if (e->type == EOT_DB_NUMBER) {
369 errfunc(ERR_NONFATAL,
370 "integer supplied to a DT, DO or DY"
373 out(offset, segment, &e->offset,
374 OUT_ADDRESS, wsize, e->segment, e->wrt);
377 } else if (e->type == EOT_DB_STRING ||
378 e->type == EOT_DB_STRING_FREE) {
381 out(offset, segment, e->stringval,
382 OUT_RAWDATA, e->stringlen, NO_SEG, NO_SEG);
383 align = e->stringlen % wsize;
386 align = wsize - align;
387 out(offset, segment, zero_buffer,
388 OUT_RAWDATA, align, NO_SEG, NO_SEG);
390 offset += e->stringlen + align;
393 if (t > 0 && t == instruction->times - 1) {
395 * Dummy call to list->output to give the offset to the
398 list->output(offset, NULL, OUT_RAWDATA, 0);
399 list->uplevel(LIST_TIMES);
402 if (instruction->times > 1)
403 list->downlevel(LIST_TIMES);
404 return offset - start;
407 if (instruction->opcode == I_INCBIN) {
408 const char *fname = instruction->eops->stringval;
411 fp = fopen(fname, "rb");
413 error(ERR_NONFATAL, "`incbin': unable to open file `%s'",
415 } else if (fseek(fp, 0L, SEEK_END) < 0) {
416 error(ERR_NONFATAL, "`incbin': unable to seek on file `%s'",
419 static char buf[4096];
420 size_t t = instruction->times;
425 if (instruction->eops->next) {
426 base = instruction->eops->next->offset;
428 if (instruction->eops->next->next &&
429 len > (size_t)instruction->eops->next->next->offset)
430 len = (size_t)instruction->eops->next->next->offset;
433 * Dummy call to list->output to give the offset to the
436 list->output(offset, NULL, OUT_RAWDATA, 0);
437 list->uplevel(LIST_INCBIN);
441 fseek(fp, base, SEEK_SET);
445 m = fread(buf, 1, l > sizeof(buf) ? sizeof(buf) : l, fp);
448 * This shouldn't happen unless the file
449 * actually changes while we are reading
453 "`incbin': unexpected EOF while"
454 " reading file `%s'", fname);
455 t = 0; /* Try to exit cleanly */
458 out(offset, segment, buf, OUT_RAWDATA, m,
463 list->downlevel(LIST_INCBIN);
464 if (instruction->times > 1) {
466 * Dummy call to list->output to give the offset to the
469 list->output(offset, NULL, OUT_RAWDATA, 0);
470 list->uplevel(LIST_TIMES);
471 list->downlevel(LIST_TIMES);
474 return instruction->times * len;
476 return 0; /* if we're here, there's an error */
479 /* Check to see if we need an address-size prefix */
480 add_asp(instruction, bits);
482 m = find_match(&temp, instruction, segment, offset, bits);
486 int64_t insn_size = calcsize(segment, offset, bits,
487 instruction, temp->code);
488 itimes = instruction->times;
489 if (insn_size < 0) /* shouldn't be, on pass two */
490 error(ERR_PANIC, "errors made it through from pass one");
493 for (j = 0; j < MAXPREFIX; j++) {
495 switch (instruction->prefixes[j]) {
513 error(ERR_WARNING | ERR_PASS2,
514 "cs segment base generated, but will be ignored in 64-bit mode");
520 error(ERR_WARNING | ERR_PASS2,
521 "ds segment base generated, but will be ignored in 64-bit mode");
527 error(ERR_WARNING | ERR_PASS2,
528 "es segment base generated, but will be ignored in 64-bit mode");
540 error(ERR_WARNING | ERR_PASS2,
541 "ss segment base generated, but will be ignored in 64-bit mode");
548 "segr6 and segr7 cannot be used as prefixes");
553 "16-bit addressing is not supported "
555 } else if (bits != 16)
565 "64-bit addressing is only supported "
589 error(ERR_PANIC, "invalid instruction prefix");
592 out(offset, segment, &c, OUT_RAWDATA, 1,
597 insn_end = offset + insn_size;
598 gencode(segment, offset, bits, instruction,
601 if (itimes > 0 && itimes == instruction->times - 1) {
603 * Dummy call to list->output to give the offset to the
606 list->output(offset, NULL, OUT_RAWDATA, 0);
607 list->uplevel(LIST_TIMES);
610 if (instruction->times > 1)
611 list->downlevel(LIST_TIMES);
612 return offset - start;
616 case MERR_OPSIZEMISSING:
617 error(ERR_NONFATAL, "operation size not specified");
619 case MERR_OPSIZEMISMATCH:
620 error(ERR_NONFATAL, "mismatch in operand sizes");
623 error(ERR_NONFATAL, "no instruction for this cpu level");
626 error(ERR_NONFATAL, "instruction not supported in %d-bit mode",
631 "invalid combination of opcode and operands");
638 int64_t insn_size(int32_t segment, int64_t offset, int bits, uint32_t cp,
639 insn * instruction, efunc error)
641 const struct itemplate *temp;
644 errfunc = error; /* to pass to other functions */
647 if (instruction->opcode == I_none)
650 if (instruction->opcode == I_DB || instruction->opcode == I_DW ||
651 instruction->opcode == I_DD || instruction->opcode == I_DQ ||
652 instruction->opcode == I_DT || instruction->opcode == I_DO ||
653 instruction->opcode == I_DY) {
655 int32_t isize, osize, wsize;
658 wsize = idata_bytes(instruction->opcode);
660 list_for_each(e, instruction->eops) {
664 if (e->type == EOT_DB_NUMBER) {
666 warn_overflow_const(e->offset, wsize);
667 } else if (e->type == EOT_DB_STRING ||
668 e->type == EOT_DB_STRING_FREE)
669 osize = e->stringlen;
671 align = (-osize) % wsize;
674 isize += osize + align;
676 return isize * instruction->times;
679 if (instruction->opcode == I_INCBIN) {
680 const char *fname = instruction->eops->stringval;
685 fp = fopen(fname, "rb");
687 error(ERR_NONFATAL, "`incbin': unable to open file `%s'",
689 else if (fseek(fp, 0L, SEEK_END) < 0)
690 error(ERR_NONFATAL, "`incbin': unable to seek on file `%s'",
694 if (instruction->eops->next) {
695 len -= instruction->eops->next->offset;
696 if (instruction->eops->next->next &&
697 len > (size_t)instruction->eops->next->next->offset) {
698 len = (size_t)instruction->eops->next->next->offset;
701 val = instruction->times * len;
708 /* Check to see if we need an address-size prefix */
709 add_asp(instruction, bits);
711 m = find_match(&temp, instruction, segment, offset, bits);
713 /* we've matched an instruction. */
715 const uint8_t *codes = temp->code;
718 isize = calcsize(segment, offset, bits, instruction, codes);
721 for (j = 0; j < MAXPREFIX; j++) {
722 switch (instruction->prefixes[j]) {
748 return isize * instruction->times;
750 return -1; /* didn't match any instruction */
754 static bool possible_sbyte(operand *o)
756 return o->wrt == NO_SEG && o->segment == NO_SEG &&
757 !(o->opflags & OPFLAG_UNKNOWN) &&
758 optimizing >= 0 && !(o->type & STRICT);
761 /* check that opn[op] is a signed byte of size 16 or 32 */
762 static bool is_sbyte16(operand *o)
766 if (!possible_sbyte(o))
770 return v >= -128 && v <= 127;
773 static bool is_sbyte32(operand *o)
777 if (!possible_sbyte(o))
781 return v >= -128 && v <= 127;
784 /* Common construct */
785 #define case4(x) case (x): case (x)+1: case (x)+2: case (x)+3
787 static int64_t calcsize(int32_t segment, int64_t offset, int bits,
788 insn * ins, const uint8_t *codes)
798 ins->rex = 0; /* Ensure REX is reset */
799 eat = EA_SCALAR; /* Expect a scalar EA */
801 if (ins->prefixes[PPS_OSIZE] == P_O64)
804 (void)segment; /* Don't warn that this parameter is unused */
805 (void)offset; /* Don't warn that this parameter is unused */
809 op1 = (c & 3) + ((opex & 1) << 2);
810 op2 = ((c >> 3) & 3) + ((opex & 2) << 1);
811 opx = &ins->oprs[op1];
812 opex = 0; /* For the next iteration */
819 codes += c, length += c;
830 op_rexflags(opx, REX_B|REX_H|REX_P|REX_W);
845 if (opx->type & (BITS16 | BITS32 | BITS64))
846 length += (opx->type & BITS16) ? 2 : 4;
848 length += (bits == 16) ? 2 : 4;
856 length += ins->addr_size >> 3;
864 length += 8; /* MOV reg64/imm */
872 if (opx->type & (BITS16 | BITS32 | BITS64))
873 length += (opx->type & BITS16) ? 2 : 4;
875 length += (bits == 16) ? 2 : 4;
887 length += is_sbyte16(opx) ? 1 : 2;
896 length += is_sbyte32(opx) ? 1 : 4;
915 length += is_sbyte32(opx) ? 1 : 4;
924 ins->vexreg = regval(opx);
925 ins->vex_cm = *codes++;
926 ins->vex_wlp = *codes++;
932 ins->vex_cm = *codes++;
933 ins->vex_wlp = *codes++;
946 length += (bits != 16) && !has_prefix(ins, PPS_ASIZE, P_A16);
950 length += (bits != 32) && !has_prefix(ins, PPS_ASIZE, P_A32);
957 if (bits != 64 || has_prefix(ins, PPS_ASIZE, P_A16) ||
958 has_prefix(ins, PPS_ASIZE, P_A32))
967 enum prefixes pfx = ins->prefixes[PPS_OSIZE];
971 errfunc(ERR_WARNING | ERR_PASS2, "invalid operand size prefix");
973 ins->prefixes[PPS_OSIZE] = P_O16;
979 enum prefixes pfx = ins->prefixes[PPS_OSIZE];
983 errfunc(ERR_WARNING | ERR_PASS2, "invalid operand size prefix");
985 ins->prefixes[PPS_OSIZE] = P_O32;
1024 if (!ins->prefixes[PPS_LREP])
1025 ins->prefixes[PPS_LREP] = P_REP;
1029 if (!ins->prefixes[PPS_LREP])
1030 ins->prefixes[PPS_LREP] = P_REPNE;
1034 if (ins->oprs[0].segment != NO_SEG)
1035 errfunc(ERR_NONFATAL, "attempt to reserve non-constant"
1036 " quantity of BSS space");
1038 length += ins->oprs[0].offset;
1042 if (!ins->prefixes[PPS_WAIT])
1043 ins->prefixes[PPS_WAIT] = P_WAIT;
1101 struct operand *opy = &ins->oprs[op2];
1103 ea_data.rex = 0; /* Ensure ea.REX is initially 0 */
1106 /* pick rfield from operand b (opx) */
1107 rflags = regflag(opx);
1108 rfield = nasm_regvals[opx->basereg];
1113 if (process_ea(opy, &ea_data, bits,ins->addr_size,
1114 rfield, rflags) != eat) {
1115 errfunc(ERR_NONFATAL, "invalid effective address");
1118 ins->rex |= ea_data.rex;
1119 length += ea_data.size;
1125 errfunc(ERR_PANIC, "internal instruction table corrupt"
1126 ": instruction code \\%o (0x%02X) given", c, c);
1131 ins->rex &= rex_mask;
1133 if (ins->rex & REX_NH) {
1134 if (ins->rex & REX_H) {
1135 errfunc(ERR_NONFATAL, "instruction cannot use high registers");
1138 ins->rex &= ~REX_P; /* Don't force REX prefix due to high reg */
1141 if (ins->rex & REX_V) {
1142 int bad32 = REX_R|REX_W|REX_X|REX_B;
1144 if (ins->rex & REX_H) {
1145 errfunc(ERR_NONFATAL, "cannot use high register in vex instruction");
1148 switch (ins->vex_wlp & 060) {
1162 if (bits != 64 && ((ins->rex & bad32) || ins->vexreg > 7)) {
1163 errfunc(ERR_NONFATAL, "invalid operands in non-64-bit mode");
1166 if (ins->vex_cm != 1 || (ins->rex & (REX_W|REX_X|REX_B)))
1170 } else if (ins->rex & REX_REAL) {
1171 if (ins->rex & REX_H) {
1172 errfunc(ERR_NONFATAL, "cannot use high register in rex instruction");
1174 } else if (bits == 64) {
1176 } else if ((ins->rex & REX_L) &&
1177 !(ins->rex & (REX_P|REX_W|REX_X|REX_B)) &&
1180 assert_no_prefix(ins, PPS_LREP);
1183 errfunc(ERR_NONFATAL, "invalid operands in non-64-bit mode");
1191 #define EMIT_REX() \
1192 if (!(ins->rex & REX_V) && (ins->rex & REX_REAL) && (bits == 64)) { \
1193 ins->rex = (ins->rex & REX_REAL)|REX_P; \
1194 out(offset, segment, &ins->rex, OUT_RAWDATA, 1, NO_SEG, NO_SEG); \
1199 static void gencode(int32_t segment, int64_t offset, int bits,
1200 insn * ins, const struct itemplate *temp,
1203 static const char condval[] = { /* conditional opcodes */
1204 0x7, 0x3, 0x2, 0x6, 0x2, 0x4, 0xF, 0xD, 0xC, 0xE, 0x6, 0x2,
1205 0x3, 0x7, 0x3, 0x5, 0xE, 0xC, 0xD, 0xF, 0x1, 0xB, 0x9, 0x5,
1206 0x0, 0xA, 0xA, 0xB, 0x8, 0x4
1213 struct operand *opx;
1214 const uint8_t *codes = temp->code;
1216 enum ea_type eat = EA_SCALAR;
1220 op1 = (c & 3) + ((opex & 1) << 2);
1221 op2 = ((c >> 3) & 3) + ((opex & 2) << 1);
1222 opx = &ins->oprs[op1];
1223 opex = 0; /* For the next iteration */
1231 out(offset, segment, codes, OUT_RAWDATA, c, NO_SEG, NO_SEG);
1244 bytes[0] = *codes++ + (regval(opx) & 7);
1245 out(offset, segment, bytes, OUT_RAWDATA, 1, NO_SEG, NO_SEG);
1251 * The test for BITS8 and SBYTE here is intended to avoid
1252 * warning on optimizer actions due to SBYTE, while still
1253 * warn on explicit BYTE directives. Also warn, obviously,
1254 * if the optimizer isn't enabled.
1256 if (((opx->type & BITS8) ||
1257 !(opx->type & temp->opd[op1] & BYTENESS)) &&
1258 (opx->offset < -128 || opx->offset > 127)) {
1259 errfunc(ERR_WARNING | ERR_PASS2 | ERR_WARN_NOV,
1260 "signed byte value exceeds bounds");
1262 if (opx->segment != NO_SEG) {
1264 out(offset, segment, &data, OUT_ADDRESS, 1,
1265 opx->segment, opx->wrt);
1267 bytes[0] = opx->offset;
1268 out(offset, segment, bytes, OUT_RAWDATA, 1, NO_SEG,
1275 if (opx->offset < -256 || opx->offset > 255) {
1276 errfunc(ERR_WARNING | ERR_PASS2 | ERR_WARN_NOV,
1277 "byte value exceeds bounds");
1279 if (opx->segment != NO_SEG) {
1281 out(offset, segment, &data, OUT_ADDRESS, 1,
1282 opx->segment, opx->wrt);
1284 bytes[0] = opx->offset;
1285 out(offset, segment, bytes, OUT_RAWDATA, 1, NO_SEG,
1292 if (opx->offset < 0 || opx->offset > 255)
1293 errfunc(ERR_WARNING | ERR_PASS2 | ERR_WARN_NOV,
1294 "unsigned byte value exceeds bounds");
1295 if (opx->segment != NO_SEG) {
1297 out(offset, segment, &data, OUT_ADDRESS, 1,
1298 opx->segment, opx->wrt);
1300 bytes[0] = opx->offset;
1301 out(offset, segment, bytes, OUT_RAWDATA, 1, NO_SEG,
1308 warn_overflow_opd(opx, 2);
1310 out(offset, segment, &data, OUT_ADDRESS, 2,
1311 opx->segment, opx->wrt);
1316 if (opx->type & (BITS16 | BITS32))
1317 size = (opx->type & BITS16) ? 2 : 4;
1319 size = (bits == 16) ? 2 : 4;
1320 warn_overflow_opd(opx, size);
1322 out(offset, segment, &data, OUT_ADDRESS, size,
1323 opx->segment, opx->wrt);
1328 warn_overflow_opd(opx, 4);
1330 out(offset, segment, &data, OUT_ADDRESS, 4,
1331 opx->segment, opx->wrt);
1337 size = ins->addr_size >> 3;
1338 warn_overflow_opd(opx, size);
1339 out(offset, segment, &data, OUT_ADDRESS, size,
1340 opx->segment, opx->wrt);
1345 if (opx->segment != segment) {
1347 out(offset, segment, &data,
1348 OUT_REL1ADR, insn_end - offset,
1349 opx->segment, opx->wrt);
1351 data = opx->offset - insn_end;
1352 if (data > 127 || data < -128)
1353 errfunc(ERR_NONFATAL, "short jump is out of range");
1354 out(offset, segment, &data,
1355 OUT_ADDRESS, 1, NO_SEG, NO_SEG);
1361 data = (int64_t)opx->offset;
1362 out(offset, segment, &data, OUT_ADDRESS, 8,
1363 opx->segment, opx->wrt);
1368 if (opx->segment != segment) {
1370 out(offset, segment, &data,
1371 OUT_REL2ADR, insn_end - offset,
1372 opx->segment, opx->wrt);
1374 data = opx->offset - insn_end;
1375 out(offset, segment, &data,
1376 OUT_ADDRESS, 2, NO_SEG, NO_SEG);
1382 if (opx->type & (BITS16 | BITS32 | BITS64))
1383 size = (opx->type & BITS16) ? 2 : 4;
1385 size = (bits == 16) ? 2 : 4;
1386 if (opx->segment != segment) {
1388 out(offset, segment, &data,
1389 size == 2 ? OUT_REL2ADR : OUT_REL4ADR,
1390 insn_end - offset, opx->segment, opx->wrt);
1392 data = opx->offset - insn_end;
1393 out(offset, segment, &data,
1394 OUT_ADDRESS, size, NO_SEG, NO_SEG);
1400 if (opx->segment != segment) {
1402 out(offset, segment, &data,
1403 OUT_REL4ADR, insn_end - offset,
1404 opx->segment, opx->wrt);
1406 data = opx->offset - insn_end;
1407 out(offset, segment, &data,
1408 OUT_ADDRESS, 4, NO_SEG, NO_SEG);
1414 if (opx->segment == NO_SEG)
1415 errfunc(ERR_NONFATAL, "value referenced by FAR is not"
1418 out(offset, segment, &data, OUT_ADDRESS, 2,
1419 outfmt->segbase(1 + opx->segment),
1426 warn_overflow_opd(opx, 2);
1427 if (is_sbyte16(opx)) {
1429 out(offset, segment, bytes, OUT_RAWDATA, 1, NO_SEG,
1433 out(offset, segment, &data, OUT_ADDRESS, 2,
1434 opx->segment, opx->wrt);
1441 bytes[0] = *codes++;
1442 if (is_sbyte16(opx))
1443 bytes[0] |= 2; /* s-bit */
1444 out(offset, segment, bytes, OUT_RAWDATA, 1, NO_SEG, NO_SEG);
1450 warn_overflow_opd(opx, 4);
1451 if (is_sbyte32(opx)) {
1453 out(offset, segment, bytes, OUT_RAWDATA, 1, NO_SEG,
1457 out(offset, segment, &data, OUT_ADDRESS, 4,
1458 opx->segment, opx->wrt);
1465 bytes[0] = *codes++;
1466 if (is_sbyte32(opx))
1467 bytes[0] |= 2; /* s-bit */
1468 out(offset, segment, bytes, OUT_RAWDATA, 1, NO_SEG, NO_SEG);
1474 opx = &ins->oprs[c >> 3];
1475 bytes[0] = nasm_regvals[opx->basereg] << 4;
1476 opx = &ins->oprs[c & 7];
1477 if (opx->segment != NO_SEG || opx->wrt != NO_SEG) {
1478 errfunc(ERR_NONFATAL,
1479 "non-absolute expression not permitted as argument %d",
1482 if (opx->offset & ~15) {
1483 errfunc(ERR_WARNING | ERR_PASS2 | ERR_WARN_NOV,
1484 "four-bit argument exceeds bounds");
1486 bytes[0] |= opx->offset & 15;
1488 out(offset, segment, bytes, OUT_RAWDATA, 1, NO_SEG, NO_SEG);
1494 opx = &ins->oprs[c >> 4];
1495 bytes[0] = nasm_regvals[opx->basereg] << 4;
1497 out(offset, segment, bytes, OUT_RAWDATA, 1, NO_SEG, NO_SEG);
1502 bytes[0] = nasm_regvals[opx->basereg] << 4;
1503 out(offset, segment, bytes, OUT_RAWDATA, 1, NO_SEG, NO_SEG);
1509 if (opx->wrt == NO_SEG && opx->segment == NO_SEG &&
1510 (int32_t)data != (int64_t)data) {
1511 errfunc(ERR_WARNING | ERR_PASS2 | ERR_WARN_NOV,
1512 "signed dword immediate exceeds bounds");
1514 if (is_sbyte32(opx)) {
1516 out(offset, segment, bytes, OUT_RAWDATA, 1, NO_SEG,
1520 out(offset, segment, &data, OUT_ADDRESS, 4,
1521 opx->segment, opx->wrt);
1528 if (opx->wrt == NO_SEG && opx->segment == NO_SEG &&
1529 (int32_t)data != (int64_t)data) {
1530 errfunc(ERR_WARNING | ERR_PASS2 | ERR_WARN_NOV,
1531 "signed dword immediate exceeds bounds");
1533 out(offset, segment, &data, OUT_ADDRESS, 4,
1534 opx->segment, opx->wrt);
1541 if (ins->vex_cm != 1 || (ins->rex & (REX_W|REX_X|REX_B))) {
1542 bytes[0] = (ins->vex_cm >> 6) ? 0x8f : 0xc4;
1543 bytes[1] = (ins->vex_cm & 31) | ((~ins->rex & 7) << 5);
1544 bytes[2] = ((ins->rex & REX_W) << (7-3)) |
1545 ((~ins->vexreg & 15)<< 3) | (ins->vex_wlp & 07);
1546 out(offset, segment, &bytes, OUT_RAWDATA, 3, NO_SEG, NO_SEG);
1550 bytes[1] = ((~ins->rex & REX_R) << (7-2)) |
1551 ((~ins->vexreg & 15) << 3) | (ins->vex_wlp & 07);
1552 out(offset, segment, &bytes, OUT_RAWDATA, 2, NO_SEG, NO_SEG);
1562 if (ins->rex & REX_W)
1564 else if (ins->prefixes[PPS_OSIZE] == P_O16)
1566 else if (ins->prefixes[PPS_OSIZE] == P_O32)
1571 um = (uint64_t)2 << (s-1);
1574 if (uv > 127 && uv < (uint64_t)-128 &&
1575 (uv < um-128 || uv > um-1)) {
1576 errfunc(ERR_WARNING | ERR_PASS2 | ERR_WARN_NOV,
1577 "signed byte value exceeds bounds");
1579 if (opx->segment != NO_SEG) {
1581 out(offset, segment, &data, OUT_ADDRESS, 1,
1582 opx->segment, opx->wrt);
1585 out(offset, segment, bytes, OUT_RAWDATA, 1, NO_SEG,
1596 if (bits == 32 && !has_prefix(ins, PPS_ASIZE, P_A16)) {
1598 out(offset, segment, bytes, OUT_RAWDATA, 1, NO_SEG, NO_SEG);
1605 if (bits != 32 && !has_prefix(ins, PPS_ASIZE, P_A32)) {
1607 out(offset, segment, bytes, OUT_RAWDATA, 1, NO_SEG, NO_SEG);
1639 *bytes = *codes++ ^ condval[ins->condition];
1640 out(offset, segment, bytes, OUT_RAWDATA, 1, NO_SEG, NO_SEG);
1649 *bytes = c - 0332 + 0xF2;
1650 out(offset, segment, bytes, OUT_RAWDATA, 1, NO_SEG, NO_SEG);
1655 if (ins->rex & REX_R) {
1657 out(offset, segment, bytes, OUT_RAWDATA, 1, NO_SEG, NO_SEG);
1660 ins->rex &= ~(REX_L|REX_R);
1671 if (ins->oprs[0].segment != NO_SEG)
1672 errfunc(ERR_PANIC, "non-constant BSS size in pass two");
1674 int64_t size = ins->oprs[0].offset;
1676 out(offset, segment, NULL,
1677 OUT_RESERVE, size, NO_SEG, NO_SEG);
1688 switch (ins->oprs[0].basereg) {
1703 "bizarre 8086 segment register received");
1705 out(offset, segment, bytes, OUT_RAWDATA, 1, NO_SEG, NO_SEG);
1712 switch (ins->oprs[0].basereg) {
1721 "bizarre 386 segment register received");
1723 out(offset, segment, bytes, OUT_RAWDATA, 1, NO_SEG, NO_SEG);
1732 out(offset, segment, bytes, OUT_RAWDATA, 1, NO_SEG, NO_SEG);
1738 bytes[0] = c - 0362 + 0xf2;
1739 out(offset, segment, bytes, OUT_RAWDATA, 1, NO_SEG, NO_SEG);
1749 *bytes = c - 0366 + 0x66;
1750 out(offset, segment, bytes, OUT_RAWDATA, 1, NO_SEG, NO_SEG);
1760 *bytes = bits == 16 ? 3 : 5;
1761 out(offset, segment, bytes, OUT_RAWDATA, 1, NO_SEG, NO_SEG);
1792 struct operand *opy = &ins->oprs[op2];
1795 /* pick rfield from operand b (opx) */
1796 rflags = regflag(opx);
1797 rfield = nasm_regvals[opx->basereg];
1799 /* rfield is constant */
1804 if (process_ea(opy, &ea_data, bits, ins->addr_size,
1805 rfield, rflags) != eat) {
1806 errfunc(ERR_NONFATAL, "invalid effective address");
1811 *p++ = ea_data.modrm;
1812 if (ea_data.sib_present)
1816 out(offset, segment, bytes, OUT_RAWDATA, s, NO_SEG, NO_SEG);
1819 * Make sure the address gets the right offset in case
1820 * the line breaks in the .lst file (BR 1197827)
1825 switch (ea_data.bytes) {
1835 if (opy->segment == segment) {
1837 if (overflow_signed(data, ea_data.bytes))
1838 warn_overflow(ERR_PASS2, ea_data.bytes);
1839 out(offset, segment, &data, OUT_ADDRESS,
1840 ea_data.bytes, NO_SEG, NO_SEG);
1842 /* overflow check in output/linker? */
1843 out(offset, segment, &data, OUT_REL4ADR,
1844 insn_end - offset, opy->segment, opy->wrt);
1847 if (overflow_general(opy->offset, ins->addr_size >> 3) ||
1848 signed_bits(opy->offset, ins->addr_size) !=
1849 signed_bits(opy->offset, ea_data.bytes * 8))
1850 warn_overflow(ERR_PASS2, ea_data.bytes);
1853 out(offset, segment, &data, OUT_ADDRESS,
1854 ea_data.bytes, opy->segment, opy->wrt);
1860 "Invalid amount of bytes (%d) for offset?!",
1869 errfunc(ERR_PANIC, "internal instruction table corrupt"
1870 ": instruction code \\%o (0x%02X) given", c, c);
1876 static opflags_t regflag(const operand * o)
1878 if (!is_register(o->basereg))
1879 errfunc(ERR_PANIC, "invalid operand passed to regflag()");
1880 return nasm_reg_flags[o->basereg];
1883 static int32_t regval(const operand * o)
1885 if (!is_register(o->basereg))
1886 errfunc(ERR_PANIC, "invalid operand passed to regval()");
1887 return nasm_regvals[o->basereg];
1890 static int op_rexflags(const operand * o, int mask)
1895 if (!is_register(o->basereg))
1896 errfunc(ERR_PANIC, "invalid operand passed to op_rexflags()");
1898 flags = nasm_reg_flags[o->basereg];
1899 val = nasm_regvals[o->basereg];
1901 return rexflags(val, flags, mask);
1904 static int rexflags(int val, opflags_t flags, int mask)
1909 rex |= REX_B|REX_X|REX_R;
1912 if (!(REG_HIGH & ~flags)) /* AH, CH, DH, BH */
1914 else if (!(REG8 & ~flags) && val >= 4) /* SPL, BPL, SIL, DIL */
1920 static enum match_result find_match(const struct itemplate **tempp,
1922 int32_t segment, int64_t offset, int bits)
1924 const struct itemplate *temp;
1925 enum match_result m, merr;
1926 opflags_t xsizeflags[MAX_OPERANDS];
1927 bool opsizemissing = false;
1930 for (i = 0; i < instruction->operands; i++)
1931 xsizeflags[i] = instruction->oprs[i].type & SIZE_MASK;
1933 merr = MERR_INVALOP;
1935 for (temp = nasm_instructions[instruction->opcode];
1936 temp->opcode != I_none; temp++) {
1937 m = matches(temp, instruction, bits);
1938 if (m == MOK_JUMP) {
1939 if (jmp_match(segment, offset, bits, instruction, temp->code))
1943 } else if (m == MERR_OPSIZEMISSING &&
1944 (temp->flags & IF_SMASK) != IF_SX) {
1946 * Missing operand size and a candidate for fuzzy matching...
1948 for (i = 0; i < temp->operands; i++) {
1949 if ((temp->opd[i] & SAME_AS) == 0)
1950 xsizeflags[i] |= temp->opd[i] & SIZE_MASK;
1952 opsizemissing = true;
1956 if (merr == MOK_GOOD)
1960 /* No match, but see if we can get a fuzzy operand size match... */
1964 for (i = 0; i < instruction->operands; i++) {
1966 * We ignore extrinsic operand sizes on registers, so we should
1967 * never try to fuzzy-match on them. This also resolves the case
1968 * when we have e.g. "xmmrm128" in two different positions.
1970 if (is_class(REGISTER, instruction->oprs[i].type))
1973 /* This tests if xsizeflags[i] has more than one bit set */
1974 if ((xsizeflags[i] & (xsizeflags[i]-1)))
1975 goto done; /* No luck */
1977 instruction->oprs[i].type |= xsizeflags[i]; /* Set the size */
1980 /* Try matching again... */
1981 for (temp = nasm_instructions[instruction->opcode];
1982 temp->opcode != I_none; temp++) {
1983 m = matches(temp, instruction, bits);
1984 if (m == MOK_JUMP) {
1985 if (jmp_match(segment, offset, bits, instruction, temp->code))
1992 if (merr == MOK_GOOD)
2001 static enum match_result matches(const struct itemplate *itemp,
2002 insn *instruction, int bits)
2004 int i, size[MAX_OPERANDS], asize, oprs;
2005 bool opsizemissing = false;
2010 if (itemp->opcode != instruction->opcode)
2011 return MERR_INVALOP;
2014 * Count the operands
2016 if (itemp->operands != instruction->operands)
2017 return MERR_INVALOP;
2022 if (!(optimizing > 0) && (itemp->flags & IF_OPT))
2023 return MERR_INVALOP;
2026 * Check that no spurious colons or TOs are present
2028 for (i = 0; i < itemp->operands; i++)
2029 if (instruction->oprs[i].type & ~itemp->opd[i] & (COLON | TO))
2030 return MERR_INVALOP;
2033 * Process size flags
2035 switch (itemp->flags & IF_SMASK) {
2075 if (itemp->flags & IF_ARMASK) {
2076 /* S- flags only apply to a specific operand */
2077 i = ((itemp->flags & IF_ARMASK) >> IF_ARSHFT) - 1;
2078 memset(size, 0, sizeof size);
2081 /* S- flags apply to all operands */
2082 for (i = 0; i < MAX_OPERANDS; i++)
2087 * Check that the operand flags all match up,
2088 * it's a bit tricky so lets be verbose:
2090 * 1) Find out the size of operand. If instruction
2091 * doesn't have one specified -- we're trying to
2092 * guess it either from template (IF_S* flag) or
2095 * 2) If template operand (i) has SAME_AS flag [used for registers only]
2096 * (ie the same operand as was specified somewhere in template, and
2097 * this referred operand index is being achieved via ~SAME_AS)
2098 * we are to be sure that both registers (in template and instruction)
2101 * 3) If template operand do not match the instruction OR
2102 * template has an operand size specified AND this size differ
2103 * from which instruction has (perhaps we got it from code bits)
2105 * a) Check that only size of instruction and operand is differ
2106 * other characteristics do match
2107 * b) Perhaps it's a register specified in instruction so
2108 * for such a case we just mark that operand as "size
2109 * missing" and this will turn on fuzzy operand size
2110 * logic facility (handled by a caller)
2112 for (i = 0; i < itemp->operands; i++) {
2113 opflags_t type = instruction->oprs[i].type;
2114 if (!(type & SIZE_MASK))
2117 if (itemp->opd[i] & SAME_AS) {
2118 int j = itemp->opd[i] & ~SAME_AS;
2119 if (type != instruction->oprs[j].type ||
2120 instruction->oprs[i].basereg != instruction->oprs[j].basereg)
2121 return MERR_INVALOP;
2122 } else if (itemp->opd[i] & ~type ||
2123 ((itemp->opd[i] & SIZE_MASK) &&
2124 ((itemp->opd[i] ^ type) & SIZE_MASK))) {
2125 if ((itemp->opd[i] & ~type & ~SIZE_MASK) || (type & SIZE_MASK)) {
2126 return MERR_INVALOP;
2127 } else if (!is_class(REGISTER, type)) {
2129 * Note: we don't honor extrinsic operand sizes for registers,
2130 * so "missing operand size" for a register should be
2131 * considered a wildcard match rather than an error.
2133 opsizemissing = true;
2139 return MERR_OPSIZEMISSING;
2142 * Check operand sizes
2144 if (itemp->flags & (IF_SM | IF_SM2)) {
2145 oprs = (itemp->flags & IF_SM2 ? 2 : itemp->operands);
2146 for (i = 0; i < oprs; i++) {
2147 asize = itemp->opd[i] & SIZE_MASK;
2149 for (i = 0; i < oprs; i++)
2155 oprs = itemp->operands;
2158 for (i = 0; i < itemp->operands; i++) {
2159 if (!(itemp->opd[i] & SIZE_MASK) &&
2160 (instruction->oprs[i].type & SIZE_MASK & ~size[i]))
2161 return MERR_OPSIZEMISMATCH;
2165 * Check template is okay at the set cpu level
2167 if (((itemp->flags & IF_PLEVEL) > cpu))
2171 * Verify the appropriate long mode flag.
2173 if ((itemp->flags & (bits == 64 ? IF_NOLONG : IF_LONG)))
2174 return MERR_BADMODE;
2177 * Check if special handling needed for Jumps
2179 if ((itemp->code[0] & 0374) == 0370)
2185 static enum ea_type process_ea(operand * input, ea * output, int bits,
2186 int addrbits, int rfield, opflags_t rflags)
2188 bool forw_ref = !!(input->opflags & OPFLAG_UNKNOWN);
2190 output->type = EA_SCALAR;
2191 output->rip = false;
2193 /* REX flags for the rfield operand */
2194 output->rex |= rexflags(rfield, rflags, REX_R | REX_P | REX_W | REX_H);
2196 if (is_class(REGISTER, input->type)) { /* register direct */
2200 if (!is_register(input->basereg))
2203 i = nasm_regvals[input->basereg];
2208 output->rex |= op_rexflags(input, REX_B | REX_P | REX_W | REX_H);
2210 output->sib_present = false; /* no SIB necessary */
2211 output->bytes = 0; /* no offset necessary either */
2212 output->modrm = 0xC0 | ((rfield & 7) << 3) | (i & 7);
2213 } else { /* it's a memory reference */
2214 if (input->basereg == -1 &&
2215 (input->indexreg == -1 || input->scale == 0)) {
2216 /* it's a pure offset */
2218 if (bits == 64 && ((input->type & IP_REL) == IP_REL) &&
2219 input->segment == NO_SEG) {
2220 nasm_error(ERR_WARNING | ERR_PASS1, "absolute address can not be RIP-relative");
2221 input->type &= ~IP_REL;
2222 input->type |= MEMORY;
2225 if (input->eaflags & EAF_BYTEOFFS ||
2226 (input->eaflags & EAF_WORDOFFS &&
2227 input->disp_size != (addrbits != 16 ? 32 : 16))) {
2228 nasm_error(ERR_WARNING | ERR_PASS1, "displacement size ignored on absolute address");
2231 if (bits == 64 && (~input->type & IP_REL)) {
2232 int scale, index, base;
2233 output->sib_present = true;
2237 output->sib = (scale << 6) | (index << 3) | base;
2239 output->modrm = 4 | ((rfield & 7) << 3);
2240 output->rip = false;
2242 output->sib_present = false;
2243 output->bytes = (addrbits != 16 ? 4 : 2);
2244 output->modrm = (addrbits != 16 ? 5 : 6) | ((rfield & 7) << 3);
2245 output->rip = bits == 64;
2247 } else { /* it's an indirection */
2248 int i = input->indexreg, b = input->basereg, s = input->scale;
2249 int32_t seg = input->segment;
2250 int hb = input->hintbase, ht = input->hinttype;
2251 int t, it, bt; /* register numbers */
2252 opflags_t x, ix, bx; /* register flags */
2255 i = -1; /* make this easy, at least */
2257 if (is_register(i)) {
2258 it = nasm_regvals[i];
2259 ix = nasm_reg_flags[i];
2265 if (is_register(b)) {
2266 bt = nasm_regvals[b];
2267 bx = nasm_reg_flags[b];
2273 /* if either one are a vector register... */
2274 if ((ix|bx) & (XMMREG|YMMREG) & ~REG_EA) {
2275 int32_t sok = BITS32 | BITS64;
2276 int32_t o = input->offset;
2277 int mod, scale, index, base;
2279 printf("bt = %x, bx = %x, it = %x, ix = %x, s = %d\n",
2283 * For a vector SIB, one has to be a vector and the other,
2284 * if present, a GPR. The vector must be the index operand.
2286 if (it == -1 || (bx & (XMMREG|YMMREG) & ~REG_EA)) {
2292 t = bt, bt = it, it = t;
2293 x = bx, bx = ix, ix = x;
2299 if (!(REG64 & ~bx) || !(REG32 & ~bx))
2306 * While we're here, ensure the user didn't specify
2309 if (input->disp_size == 16 || input->disp_size == 64)
2312 if (addrbits == 16 ||
2313 (addrbits == 32 && !(sok & BITS32)) ||
2314 (addrbits == 64 && !(sok & BITS64)))
2317 output->type = (ix & YMMREG & ~REG_EA)
2318 ? EA_YMMVSIB : EA_XMMVSIB;
2320 output->rex |= rexflags(it, ix, REX_X);
2321 output->rex |= rexflags(bt, bx, REX_B);
2323 index = it & 7; /* it is known to be != -1 */
2338 default: /* then what the smeg is it? */
2339 goto err; /* panic */
2347 if (base != REG_NUM_EBP && o == 0 &&
2348 seg == NO_SEG && !forw_ref &&
2349 !(input->eaflags & (EAF_BYTEOFFS | EAF_WORDOFFS)))
2351 else if (input->eaflags & EAF_BYTEOFFS ||
2352 (o >= -128 && o <= 127 &&
2353 seg == NO_SEG && !forw_ref &&
2354 !(input->eaflags & EAF_WORDOFFS)))
2360 output->sib_present = true;
2361 output->bytes = (bt == -1 || mod == 2 ? 4 : mod);
2362 output->modrm = (mod << 6) | ((rfield & 7) << 3) | 4;
2363 output->sib = (scale << 6) | (index << 3) | base;
2364 } else if ((ix|bx) & (BITS32|BITS64)) {
2366 * it must be a 32/64-bit memory reference. Firstly we have
2367 * to check that all registers involved are type E/Rxx.
2369 int32_t sok = BITS32 | BITS64;
2370 int32_t o = input->offset;
2373 if (!(REG64 & ~ix) || !(REG32 & ~ix))
2381 goto err; /* Invalid register */
2382 if (~sok & bx & SIZE_MASK)
2383 goto err; /* Invalid size */
2388 * While we're here, ensure the user didn't specify
2391 if (input->disp_size == 16 || input->disp_size == 64)
2394 if (addrbits == 16 ||
2395 (addrbits == 32 && !(sok & BITS32)) ||
2396 (addrbits == 64 && !(sok & BITS64)))
2399 /* now reorganize base/index */
2400 if (s == 1 && bt != it && bt != -1 && it != -1 &&
2401 ((hb == b && ht == EAH_NOTBASE) ||
2402 (hb == i && ht == EAH_MAKEBASE))) {
2403 /* swap if hints say so */
2404 t = bt, bt = it, it = t;
2405 x = bx, bx = ix, ix = x;
2407 if (bt == it) /* convert EAX+2*EAX to 3*EAX */
2408 bt = -1, bx = 0, s++;
2409 if (bt == -1 && s == 1 && !(hb == it && ht == EAH_NOTBASE)) {
2410 /* make single reg base, unless hint */
2411 bt = it, bx = ix, it = -1, ix = 0;
2413 if (((s == 2 && it != REG_NUM_ESP && !(input->eaflags & EAF_TIMESTWO)) ||
2414 s == 3 || s == 5 || s == 9) && bt == -1)
2415 bt = it, bx = ix, s--; /* convert 3*EAX to EAX+2*EAX */
2416 if (it == -1 && (bt & 7) != REG_NUM_ESP &&
2417 (input->eaflags & EAF_TIMESTWO))
2418 it = bt, ix = bx, bt = -1, bx = 0, s = 1;
2419 /* convert [NOSPLIT EAX] to sib format with 0x0 displacement */
2420 if (s == 1 && it == REG_NUM_ESP) {
2421 /* swap ESP into base if scale is 1 */
2422 t = it, it = bt, bt = t;
2423 x = ix, ix = bx, bx = x;
2425 if (it == REG_NUM_ESP ||
2426 (s != 1 && s != 2 && s != 4 && s != 8 && it != -1))
2427 goto err; /* wrong, for various reasons */
2429 output->rex |= rexflags(it, ix, REX_X);
2430 output->rex |= rexflags(bt, bx, REX_B);
2432 if (it == -1 && (bt & 7) != REG_NUM_ESP) {
2441 if (rm != REG_NUM_EBP && o == 0 &&
2442 seg == NO_SEG && !forw_ref &&
2443 !(input->eaflags & (EAF_BYTEOFFS | EAF_WORDOFFS)))
2445 else if (input->eaflags & EAF_BYTEOFFS ||
2446 (o >= -128 && o <= 127 &&
2447 seg == NO_SEG && !forw_ref &&
2448 !(input->eaflags & EAF_WORDOFFS)))
2454 output->sib_present = false;
2455 output->bytes = (bt == -1 || mod == 2 ? 4 : mod);
2456 output->modrm = (mod << 6) | ((rfield & 7) << 3) | rm;
2459 int mod, scale, index, base;
2479 default: /* then what the smeg is it? */
2480 goto err; /* panic */
2488 if (base != REG_NUM_EBP && o == 0 &&
2489 seg == NO_SEG && !forw_ref &&
2490 !(input->eaflags & (EAF_BYTEOFFS | EAF_WORDOFFS)))
2492 else if (input->eaflags & EAF_BYTEOFFS ||
2493 (o >= -128 && o <= 127 &&
2494 seg == NO_SEG && !forw_ref &&
2495 !(input->eaflags & EAF_WORDOFFS)))
2501 output->sib_present = true;
2502 output->bytes = (bt == -1 || mod == 2 ? 4 : mod);
2503 output->modrm = (mod << 6) | ((rfield & 7) << 3) | 4;
2504 output->sib = (scale << 6) | (index << 3) | base;
2506 } else { /* it's 16-bit */
2508 int16_t o = input->offset;
2510 /* check for 64-bit long mode */
2514 /* check all registers are BX, BP, SI or DI */
2515 if ((b != -1 && b != R_BP && b != R_BX && b != R_SI && b != R_DI) ||
2516 (i != -1 && i != R_BP && i != R_BX && i != R_SI && i != R_DI))
2519 /* ensure the user didn't specify DWORD/QWORD */
2520 if (input->disp_size == 32 || input->disp_size == 64)
2523 if (s != 1 && i != -1)
2524 goto err; /* no can do, in 16-bit EA */
2525 if (b == -1 && i != -1) {
2530 if ((b == R_SI || b == R_DI) && i != -1) {
2535 /* have BX/BP as base, SI/DI index */
2537 goto err; /* shouldn't ever happen, in theory */
2538 if (i != -1 && b != -1 &&
2539 (i == R_BP || i == R_BX || b == R_SI || b == R_DI))
2540 goto err; /* invalid combinations */
2541 if (b == -1) /* pure offset: handled above */
2542 goto err; /* so if it gets to here, panic! */
2546 switch (i * 256 + b) {
2547 case R_SI * 256 + R_BX:
2550 case R_DI * 256 + R_BX:
2553 case R_SI * 256 + R_BP:
2556 case R_DI * 256 + R_BP:
2574 if (rm == -1) /* can't happen, in theory */
2575 goto err; /* so panic if it does */
2577 if (o == 0 && seg == NO_SEG && !forw_ref && rm != 6 &&
2578 !(input->eaflags & (EAF_BYTEOFFS | EAF_WORDOFFS)))
2580 else if (input->eaflags & EAF_BYTEOFFS ||
2581 (o >= -128 && o <= 127 && seg == NO_SEG &&
2582 !forw_ref && !(input->eaflags & EAF_WORDOFFS)))
2587 output->sib_present = false; /* no SIB - it's 16-bit */
2588 output->bytes = mod; /* bytes of offset needed */
2589 output->modrm = (mod << 6) | ((rfield & 7) << 3) | rm;
2594 output->size = 1 + output->sib_present + output->bytes;
2595 return output->type;
2598 return output->type = EA_INVALID;
2601 static void add_asp(insn *ins, int addrbits)
2606 valid = (addrbits == 64) ? 64|32 : 32|16;
2608 switch (ins->prefixes[PPS_ASIZE]) {
2619 valid &= (addrbits == 32) ? 16 : 32;
2625 for (j = 0; j < ins->operands; j++) {
2626 if (is_class(MEMORY, ins->oprs[j].type)) {
2629 /* Verify as Register */
2630 if (!is_register(ins->oprs[j].indexreg))
2633 i = nasm_reg_flags[ins->oprs[j].indexreg];
2635 /* Verify as Register */
2636 if (!is_register(ins->oprs[j].basereg))
2639 b = nasm_reg_flags[ins->oprs[j].basereg];
2641 if (ins->oprs[j].scale == 0)
2645 int ds = ins->oprs[j].disp_size;
2646 if ((addrbits != 64 && ds > 8) ||
2647 (addrbits == 64 && ds == 16))
2667 if (valid & addrbits) {
2668 ins->addr_size = addrbits;
2669 } else if (valid & ((addrbits == 32) ? 16 : 32)) {
2670 /* Add an address size prefix */
2671 enum prefixes pref = (addrbits == 32) ? P_A16 : P_A32;
2672 ins->prefixes[PPS_ASIZE] = pref;
2673 ins->addr_size = (addrbits == 32) ? 16 : 32;
2676 errfunc(ERR_NONFATAL, "impossible combination of address sizes");
2677 ins->addr_size = addrbits; /* Error recovery */
2680 defdisp = ins->addr_size == 16 ? 16 : 32;
2682 for (j = 0; j < ins->operands; j++) {
2683 if (!(MEM_OFFS & ~ins->oprs[j].type) &&
2684 (ins->oprs[j].disp_size ? ins->oprs[j].disp_size : defdisp) != ins->addr_size) {
2686 * mem_offs sizes must match the address size; if not,
2687 * strip the MEM_OFFS bit and match only EA instructions
2689 ins->oprs[j].type &= ~(MEM_OFFS & ~MEMORY);