1 /* ----------------------------------------------------------------------- *
3 * Copyright 1996-2012 The NASM Authors - All Rights Reserved
4 * See the file AUTHORS included with the NASM distribution for
5 * the specific copyright holders.
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following
11 * * Redistributions of source code must retain the above copyright
12 * notice, this list of conditions and the following disclaimer.
13 * * Redistributions in binary form must reproduce the above
14 * copyright notice, this list of conditions and the following
15 * disclaimer in the documentation and/or other materials provided
16 * with the distribution.
18 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND
19 * CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES,
20 * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
21 * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
22 * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR
23 * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
24 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
25 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
26 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
27 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
28 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
29 * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
30 * EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
32 * ----------------------------------------------------------------------- */
35 * assemble.c code generation for the Netwide Assembler
37 * the actual codes (C syntax, i.e. octal):
38 * \0 - terminates the code. (Unless it's a literal of course.)
39 * \1..\4 - that many literal bytes follow in the code stream
40 * \5 - add 4 to the primary operand number (b, low octdigit)
41 * \6 - add 4 to the secondary operand number (a, middle octdigit)
42 * \7 - add 4 to both the primary and the secondary operand number
43 * \10..\13 - a literal byte follows in the code stream, to be added
44 * to the register value of operand 0..3
45 * \14..\17 - a signed byte immediate operand, from operand 0..3
46 * \20..\23 - a byte immediate operand, from operand 0..3
47 * \24..\27 - an unsigned byte immediate operand, from operand 0..3
48 * \30..\33 - a word immediate operand, from operand 0..3
49 * \34..\37 - select between \3[0-3] and \4[0-3] depending on 16/32 bit
50 * assembly mode or the operand-size override on the operand
51 * \40..\43 - a long immediate operand, from operand 0..3
52 * \44..\47 - select between \3[0-3], \4[0-3] and \5[4-7]
53 * depending on the address size of the instruction.
54 * \50..\53 - a byte relative operand, from operand 0..3
55 * \54..\57 - a qword immediate operand, from operand 0..3
56 * \60..\63 - a word relative operand, from operand 0..3
57 * \64..\67 - select between \6[0-3] and \7[0-3] depending on 16/32 bit
58 * assembly mode or the operand-size override on the operand
59 * \70..\73 - a long relative operand, from operand 0..3
60 * \74..\77 - a word constant, from the _segment_ part of operand 0..3
61 * \1ab - a ModRM, calculated on EA in operand a, with the spare
62 * field the register value of operand b.
63 * \140..\143 - an immediate word or signed byte for operand 0..3
64 * \144..\147 - or 2 (s-field) into opcode byte if operand 0..3
65 * is a signed byte rather than a word. Opcode byte follows.
66 * \150..\153 - an immediate dword or signed byte for operand 0..3
67 * \154..\157 - or 2 (s-field) into opcode byte if operand 0..3
68 * is a signed byte rather than a dword. Opcode byte follows.
69 * \172\ab - the register number from operand a in bits 7..4, with
70 * the 4-bit immediate from operand b in bits 3..0.
71 * \173\xab - the register number from operand a in bits 7..4, with
72 * the value b in bits 3..0.
73 * \174..\177 - the register number from operand 0..3 in bits 7..4, and
74 * an arbitrary value in bits 3..0 (assembled as zero.)
75 * \2ab - a ModRM, calculated on EA in operand a, with the spare
76 * field equal to digit b.
77 * \250..\253 - same as \150..\153, except warn if the 64-bit operand
78 * is not equal to the truncated and sign-extended 32-bit
79 * operand; used for 32-bit immediates in 64-bit mode.
80 * \254..\257 - a signed 32-bit operand to be extended to 64 bits.
81 * \260..\263 - this instruction uses VEX/XOP rather than REX, with the
82 * V field taken from operand 0..3.
83 * \270 - this instruction uses VEX/XOP rather than REX, with the
84 * V field set to 1111b.
86 * VEX/XOP prefixes are followed by the sequence:
87 * \tmm\wlp where mm is the M field; and wlp is:
89 * [l0] ll = 0 for L = 0 (.128, .lz)
90 * [l1] ll = 1 for L = 1 (.256)
91 * [lig] ll = 2 for L don't care (always assembled as 0)
93 * [w0] ww = 0 for W = 0
94 * [w1 ] ww = 1 for W = 1
95 * [wig] ww = 2 for W don't care (always assembled as 0)
96 * [ww] ww = 3 for W used as REX.W
98 * t = 0 for VEX (C4/C5), t = 1 for XOP (8F).
100 * \271 - instruction takes XRELEASE (F3) with or without lock
101 * \272 - instruction takes XACQUIRE/XRELEASE with or without lock
102 * \273 - instruction takes XACQUIRE/XRELEASE with lock only
103 * \274..\277 - a signed byte immediate operand, from operand 0..3,
104 * which is to be extended to the operand size.
105 * \310 - indicates fixed 16-bit address size, i.e. optional 0x67.
106 * \311 - indicates fixed 32-bit address size, i.e. optional 0x67.
107 * \312 - (disassembler only) invalid with non-default address size.
108 * \313 - indicates fixed 64-bit address size, 0x67 invalid.
109 * \314 - (disassembler only) invalid with REX.B
110 * \315 - (disassembler only) invalid with REX.X
111 * \316 - (disassembler only) invalid with REX.R
112 * \317 - (disassembler only) invalid with REX.W
113 * \320 - indicates fixed 16-bit operand size, i.e. optional 0x66.
114 * \321 - indicates fixed 32-bit operand size, i.e. optional 0x66.
115 * \322 - indicates that this instruction is only valid when the
116 * operand size is the default (instruction to disassembler,
117 * generates no code in the assembler)
118 * \323 - indicates fixed 64-bit operand size, REX on extensions only.
119 * \324 - indicates 64-bit operand size requiring REX prefix.
120 * \325 - instruction which always uses spl/bpl/sil/dil
121 * \326 - instruction not valid with 0xF3 REP prefix. Hint for
122 disassembler only; for SSE instructions.
123 * \330 - a literal byte follows in the code stream, to be added
124 * to the condition code value of the instruction.
125 * \331 - instruction not valid with REP prefix. Hint for
126 * disassembler only; for SSE instructions.
127 * \332 - REP prefix (0xF2 byte) used as opcode extension.
128 * \333 - REP prefix (0xF3 byte) used as opcode extension.
129 * \334 - LOCK prefix used as REX.R (used in non-64-bit mode)
130 * \335 - disassemble a rep (0xF3 byte) prefix as repe not rep.
131 * \336 - force a REP(E) prefix (0xF3) even if not specified.
132 * \337 - force a REPNE prefix (0xF2) even if not specified.
133 * \336-\337 are still listed as prefixes in the disassembler.
134 * \340 - reserve <operand 0> bytes of uninitialized storage.
135 * Operand 0 had better be a segmentless constant.
136 * \341 - this instruction needs a WAIT "prefix"
137 * \344,\345 - the PUSH/POP (respectively) codes for CS, DS, ES, SS
138 * (POP is never used for CS) depending on operand 0
139 * \346,\347 - the second byte of PUSH/POP codes for FS, GS, depending
141 * \360 - no SSE prefix (== \364\331)
142 * \361 - 66 SSE prefix (== \366\331)
143 * \362 - F2 SSE prefix (== \364\332)
144 * \363 - F3 SSE prefix (== \364\333)
145 * \364 - operand-size prefix (0x66) not permitted
146 * \365 - address-size prefix (0x67) not permitted
147 * \366 - operand-size prefix (0x66) used as opcode extension
148 * \367 - address-size prefix (0x67) used as opcode extension
149 * \370,\371 - match only if operand 0 meets byte jump criteria.
150 * 370 is used for Jcc, 371 is used for JMP.
151 * \373 - assemble 0x03 if bits==16, 0x05 if bits==32;
152 * used for conditional jump over longer jump
153 * \374 - this instruction takes an XMM VSIB memory EA
154 * \375 - this instruction takes an YMM VSIB memory EA
157 #include "compiler.h"
161 #include <inttypes.h>
165 #include "assemble.h"
171 * Matching errors. These should be sorted so that more specific
172 * errors come later in the sequence.
181 * Matching success; the conditional ones first
183 MOK_JUMP, /* Matching OK but needs jmp_match() */
184 MOK_GOOD /* Matching unconditionally OK */
188 enum ea_type type; /* what kind of EA is this? */
189 int sib_present; /* is a SIB byte necessary? */
190 int bytes; /* # of bytes of offset needed */
191 int size; /* lazy - this is sib+bytes+1 */
192 uint8_t modrm, sib, rex, rip; /* the bytes themselves */
195 #define GEN_SIB(scale, index, base) \
196 (((scale) << 6) | ((index) << 3) | ((base)))
198 #define GEN_MODRM(mod, reg, rm) \
199 (((mod) << 6) | (((reg) & 7) << 3) | ((rm) & 7))
201 static uint32_t cpu; /* cpu level received from nasm.c */
202 static efunc errfunc;
203 static struct ofmt *outfmt;
204 static ListGen *list;
206 static int64_t calcsize(int32_t, int64_t, int, insn *,
207 const struct itemplate *);
208 static void gencode(int32_t segment, int64_t offset, int bits,
209 insn * ins, const struct itemplate *temp,
211 static enum match_result find_match(const struct itemplate **tempp,
213 int32_t segment, int64_t offset, int bits);
214 static enum match_result matches(const struct itemplate *, insn *, int bits);
215 static opflags_t regflag(const operand *);
216 static int32_t regval(const operand *);
217 static int rexflags(int, opflags_t, int);
218 static int op_rexflags(const operand *, int);
219 static void add_asp(insn *, int);
221 static enum ea_type process_ea(operand *, ea *, int, int, int, opflags_t);
223 static int has_prefix(insn * ins, enum prefix_pos pos, int prefix)
225 return ins->prefixes[pos] == prefix;
228 static void assert_no_prefix(insn * ins, enum prefix_pos pos)
230 if (ins->prefixes[pos])
231 errfunc(ERR_NONFATAL, "invalid %s prefix",
232 prefix_name(ins->prefixes[pos]));
235 static const char *size_name(int size)
257 static void warn_overflow(int pass, int size)
259 errfunc(ERR_WARNING | pass | ERR_WARN_NOV,
260 "%s data exceeds bounds", size_name(size));
263 static void warn_overflow_const(int64_t data, int size)
265 if (overflow_general(data, size))
266 warn_overflow(ERR_PASS1, size);
269 static void warn_overflow_opd(const struct operand *o, int size)
271 if (o->wrt == NO_SEG && o->segment == NO_SEG) {
272 if (overflow_general(o->offset, size))
273 warn_overflow(ERR_PASS2, size);
278 * This routine wrappers the real output format's output routine,
279 * in order to pass a copy of the data off to the listing file
280 * generator at the same time.
282 static void out(int64_t offset, int32_t segto, const void *data,
283 enum out_type type, uint64_t size,
284 int32_t segment, int32_t wrt)
286 static int32_t lineno = 0; /* static!!! */
287 static char *lnfname = NULL;
290 if (type == OUT_ADDRESS && segment == NO_SEG && wrt == NO_SEG) {
292 * This is a non-relocated address, and we're going to
293 * convert it into RAWDATA format.
298 errfunc(ERR_PANIC, "OUT_ADDRESS with size > 8");
302 WRITEADDR(q, *(int64_t *)data, size);
307 list->output(offset, data, type, size);
310 * this call to src_get determines when we call the
311 * debug-format-specific "linenum" function
312 * it updates lineno and lnfname to the current values
313 * returning 0 if "same as last time", -2 if lnfname
314 * changed, and the amount by which lineno changed,
315 * if it did. thus, these variables must be static
318 if (src_get(&lineno, &lnfname))
319 outfmt->current_dfmt->linenum(lnfname, lineno, segto);
321 outfmt->output(segto, data, type, size, segment, wrt);
324 static bool jmp_match(int32_t segment, int64_t offset, int bits,
325 insn * ins, const struct itemplate *temp)
328 const uint8_t *code = temp->code;
331 if (((c & ~1) != 0370) || (ins->oprs[0].type & STRICT))
335 if (optimizing < 0 && c == 0371)
338 isize = calcsize(segment, offset, bits, ins, temp);
340 if (ins->oprs[0].opflags & OPFLAG_UNKNOWN)
341 /* Be optimistic in pass 1 */
344 if (ins->oprs[0].segment != segment)
347 isize = ins->oprs[0].offset - offset - isize; /* isize is delta */
348 return (isize >= -128 && isize <= 127); /* is it byte size? */
351 int64_t assemble(int32_t segment, int64_t offset, int bits, uint32_t cp,
352 insn * instruction, struct ofmt *output, efunc error,
355 const struct itemplate *temp;
360 int64_t start = offset;
361 int64_t wsize; /* size for DB etc. */
363 errfunc = error; /* to pass to other functions */
365 outfmt = output; /* likewise */
366 list = listgen; /* and again */
368 wsize = idata_bytes(instruction->opcode);
374 int32_t t = instruction->times;
377 "instruction->times < 0 (%ld) in assemble()", t);
379 while (t--) { /* repeat TIMES times */
380 list_for_each(e, instruction->eops) {
381 if (e->type == EOT_DB_NUMBER) {
383 errfunc(ERR_NONFATAL,
384 "integer supplied to a DT, DO or DY"
387 out(offset, segment, &e->offset,
388 OUT_ADDRESS, wsize, e->segment, e->wrt);
391 } else if (e->type == EOT_DB_STRING ||
392 e->type == EOT_DB_STRING_FREE) {
395 out(offset, segment, e->stringval,
396 OUT_RAWDATA, e->stringlen, NO_SEG, NO_SEG);
397 align = e->stringlen % wsize;
400 align = wsize - align;
401 out(offset, segment, zero_buffer,
402 OUT_RAWDATA, align, NO_SEG, NO_SEG);
404 offset += e->stringlen + align;
407 if (t > 0 && t == instruction->times - 1) {
409 * Dummy call to list->output to give the offset to the
412 list->output(offset, NULL, OUT_RAWDATA, 0);
413 list->uplevel(LIST_TIMES);
416 if (instruction->times > 1)
417 list->downlevel(LIST_TIMES);
418 return offset - start;
421 if (instruction->opcode == I_INCBIN) {
422 const char *fname = instruction->eops->stringval;
425 fp = fopen(fname, "rb");
427 error(ERR_NONFATAL, "`incbin': unable to open file `%s'",
429 } else if (fseek(fp, 0L, SEEK_END) < 0) {
430 error(ERR_NONFATAL, "`incbin': unable to seek on file `%s'",
433 static char buf[4096];
434 size_t t = instruction->times;
439 if (instruction->eops->next) {
440 base = instruction->eops->next->offset;
442 if (instruction->eops->next->next &&
443 len > (size_t)instruction->eops->next->next->offset)
444 len = (size_t)instruction->eops->next->next->offset;
447 * Dummy call to list->output to give the offset to the
450 list->output(offset, NULL, OUT_RAWDATA, 0);
451 list->uplevel(LIST_INCBIN);
455 fseek(fp, base, SEEK_SET);
459 m = fread(buf, 1, l > sizeof(buf) ? sizeof(buf) : l, fp);
462 * This shouldn't happen unless the file
463 * actually changes while we are reading
467 "`incbin': unexpected EOF while"
468 " reading file `%s'", fname);
469 t = 0; /* Try to exit cleanly */
472 out(offset, segment, buf, OUT_RAWDATA, m,
477 list->downlevel(LIST_INCBIN);
478 if (instruction->times > 1) {
480 * Dummy call to list->output to give the offset to the
483 list->output(offset, NULL, OUT_RAWDATA, 0);
484 list->uplevel(LIST_TIMES);
485 list->downlevel(LIST_TIMES);
488 return instruction->times * len;
490 return 0; /* if we're here, there's an error */
493 /* Check to see if we need an address-size prefix */
494 add_asp(instruction, bits);
496 m = find_match(&temp, instruction, segment, offset, bits);
500 int64_t insn_size = calcsize(segment, offset, bits, instruction, temp);
501 itimes = instruction->times;
502 if (insn_size < 0) /* shouldn't be, on pass two */
503 error(ERR_PANIC, "errors made it through from pass one");
506 for (j = 0; j < MAXPREFIX; j++) {
508 switch (instruction->prefixes[j]) {
528 error(ERR_WARNING | ERR_PASS2,
529 "cs segment base generated, but will be ignored in 64-bit mode");
535 error(ERR_WARNING | ERR_PASS2,
536 "ds segment base generated, but will be ignored in 64-bit mode");
542 error(ERR_WARNING | ERR_PASS2,
543 "es segment base generated, but will be ignored in 64-bit mode");
555 error(ERR_WARNING | ERR_PASS2,
556 "ss segment base generated, but will be ignored in 64-bit mode");
563 "segr6 and segr7 cannot be used as prefixes");
568 "16-bit addressing is not supported "
570 } else if (bits != 16)
580 "64-bit addressing is only supported "
604 error(ERR_PANIC, "invalid instruction prefix");
607 out(offset, segment, &c, OUT_RAWDATA, 1,
612 insn_end = offset + insn_size;
613 gencode(segment, offset, bits, instruction,
616 if (itimes > 0 && itimes == instruction->times - 1) {
618 * Dummy call to list->output to give the offset to the
621 list->output(offset, NULL, OUT_RAWDATA, 0);
622 list->uplevel(LIST_TIMES);
625 if (instruction->times > 1)
626 list->downlevel(LIST_TIMES);
627 return offset - start;
631 case MERR_OPSIZEMISSING:
632 error(ERR_NONFATAL, "operation size not specified");
634 case MERR_OPSIZEMISMATCH:
635 error(ERR_NONFATAL, "mismatch in operand sizes");
638 error(ERR_NONFATAL, "no instruction for this cpu level");
641 error(ERR_NONFATAL, "instruction not supported in %d-bit mode",
646 "invalid combination of opcode and operands");
653 int64_t insn_size(int32_t segment, int64_t offset, int bits, uint32_t cp,
654 insn * instruction, efunc error)
656 const struct itemplate *temp;
659 errfunc = error; /* to pass to other functions */
662 if (instruction->opcode == I_none)
665 if (instruction->opcode == I_DB || instruction->opcode == I_DW ||
666 instruction->opcode == I_DD || instruction->opcode == I_DQ ||
667 instruction->opcode == I_DT || instruction->opcode == I_DO ||
668 instruction->opcode == I_DY) {
670 int32_t isize, osize, wsize;
673 wsize = idata_bytes(instruction->opcode);
675 list_for_each(e, instruction->eops) {
679 if (e->type == EOT_DB_NUMBER) {
681 warn_overflow_const(e->offset, wsize);
682 } else if (e->type == EOT_DB_STRING ||
683 e->type == EOT_DB_STRING_FREE)
684 osize = e->stringlen;
686 align = (-osize) % wsize;
689 isize += osize + align;
691 return isize * instruction->times;
694 if (instruction->opcode == I_INCBIN) {
695 const char *fname = instruction->eops->stringval;
700 fp = fopen(fname, "rb");
702 error(ERR_NONFATAL, "`incbin': unable to open file `%s'",
704 else if (fseek(fp, 0L, SEEK_END) < 0)
705 error(ERR_NONFATAL, "`incbin': unable to seek on file `%s'",
709 if (instruction->eops->next) {
710 len -= instruction->eops->next->offset;
711 if (instruction->eops->next->next &&
712 len > (size_t)instruction->eops->next->next->offset) {
713 len = (size_t)instruction->eops->next->next->offset;
716 val = instruction->times * len;
723 /* Check to see if we need an address-size prefix */
724 add_asp(instruction, bits);
726 m = find_match(&temp, instruction, segment, offset, bits);
728 /* we've matched an instruction. */
732 isize = calcsize(segment, offset, bits, instruction, temp);
735 for (j = 0; j < MAXPREFIX; j++) {
736 switch (instruction->prefixes[j]) {
762 return isize * instruction->times;
764 return -1; /* didn't match any instruction */
768 static bool possible_sbyte(operand *o)
770 return o->wrt == NO_SEG && o->segment == NO_SEG &&
771 !(o->opflags & OPFLAG_UNKNOWN) &&
772 optimizing >= 0 && !(o->type & STRICT);
775 /* check that opn[op] is a signed byte of size 16 or 32 */
776 static bool is_sbyte16(operand *o)
780 if (!possible_sbyte(o))
784 return v >= -128 && v <= 127;
787 static bool is_sbyte32(operand *o)
791 if (!possible_sbyte(o))
795 return v >= -128 && v <= 127;
798 static void bad_hle_warn(const insn * ins, uint8_t hleok)
800 enum prefixes rep_pfx = ins->prefixes[PPS_REP];
801 enum whatwarn { w_none, w_lock, w_inval } ww;
802 static const enum whatwarn warn[2][4] =
804 { w_inval, w_inval, w_none, w_lock }, /* XACQUIRE */
805 { w_inval, w_none, w_none, w_lock }, /* XRELEASE */
809 n = (unsigned int)rep_pfx - P_XACQUIRE;
811 return; /* Not XACQUIRE/XRELEASE */
814 if (!is_class(MEMORY, ins->oprs[0].type))
815 ww = w_inval; /* HLE requires operand 0 to be memory */
822 if (ins->prefixes[PPS_LOCK] != P_LOCK) {
823 errfunc(ERR_WARNING | ERR_WARN_HLE | ERR_PASS2,
824 "%s with this instruction requires lock",
825 prefix_name(rep_pfx));
830 errfunc(ERR_WARNING | ERR_WARN_HLE | ERR_PASS2,
831 "%s invalid with this instruction",
832 prefix_name(rep_pfx));
837 /* Common construct */
838 #define case4(x) case (x): case (x)+1: case (x)+2: case (x)+3
840 static int64_t calcsize(int32_t segment, int64_t offset, int bits,
841 insn * ins, const struct itemplate *temp)
843 const uint8_t *codes = temp->code;
852 bool lockcheck = true;
854 ins->rex = 0; /* Ensure REX is reset */
855 eat = EA_SCALAR; /* Expect a scalar EA */
857 if (ins->prefixes[PPS_OSIZE] == P_O64)
860 (void)segment; /* Don't warn that this parameter is unused */
861 (void)offset; /* Don't warn that this parameter is unused */
865 op1 = (c & 3) + ((opex & 1) << 2);
866 op2 = ((c >> 3) & 3) + ((opex & 2) << 1);
867 opx = &ins->oprs[op1];
868 opex = 0; /* For the next iteration */
875 codes += c, length += c;
886 op_rexflags(opx, REX_B|REX_H|REX_P|REX_W);
901 if (opx->type & (BITS16 | BITS32 | BITS64))
902 length += (opx->type & BITS16) ? 2 : 4;
904 length += (bits == 16) ? 2 : 4;
912 length += ins->addr_size >> 3;
920 length += 8; /* MOV reg64/imm */
928 if (opx->type & (BITS16 | BITS32 | BITS64))
929 length += (opx->type & BITS16) ? 2 : 4;
931 length += (bits == 16) ? 2 : 4;
943 length += is_sbyte16(opx) ? 1 : 2;
952 length += is_sbyte32(opx) ? 1 : 4;
971 length += is_sbyte32(opx) ? 1 : 4;
980 ins->vexreg = regval(opx);
981 ins->vex_cm = *codes++;
982 ins->vex_wlp = *codes++;
988 ins->vex_cm = *codes++;
989 ins->vex_wlp = *codes++;
1008 length += (bits != 16) && !has_prefix(ins, PPS_ASIZE, P_A16);
1012 length += (bits != 32) && !has_prefix(ins, PPS_ASIZE, P_A32);
1019 if (bits != 64 || has_prefix(ins, PPS_ASIZE, P_A16) ||
1020 has_prefix(ins, PPS_ASIZE, P_A32))
1029 enum prefixes pfx = ins->prefixes[PPS_OSIZE];
1033 errfunc(ERR_WARNING | ERR_PASS2, "invalid operand size prefix");
1035 ins->prefixes[PPS_OSIZE] = P_O16;
1041 enum prefixes pfx = ins->prefixes[PPS_OSIZE];
1045 errfunc(ERR_WARNING | ERR_PASS2, "invalid operand size prefix");
1047 ins->prefixes[PPS_OSIZE] = P_O32;
1089 if (!ins->prefixes[PPS_REP])
1090 ins->prefixes[PPS_REP] = P_REP;
1094 if (!ins->prefixes[PPS_REP])
1095 ins->prefixes[PPS_REP] = P_REPNE;
1099 if (ins->oprs[0].segment != NO_SEG)
1100 errfunc(ERR_NONFATAL, "attempt to reserve non-constant"
1101 " quantity of BSS space");
1103 length += ins->oprs[0].offset;
1107 if (!ins->prefixes[PPS_WAIT])
1108 ins->prefixes[PPS_WAIT] = P_WAIT;
1166 struct operand *opy = &ins->oprs[op2];
1168 ea_data.rex = 0; /* Ensure ea.REX is initially 0 */
1171 /* pick rfield from operand b (opx) */
1172 rflags = regflag(opx);
1173 rfield = nasm_regvals[opx->basereg];
1178 if (process_ea(opy, &ea_data, bits,ins->addr_size,
1179 rfield, rflags) != eat) {
1180 errfunc(ERR_NONFATAL, "invalid effective address");
1183 ins->rex |= ea_data.rex;
1184 length += ea_data.size;
1190 errfunc(ERR_PANIC, "internal instruction table corrupt"
1191 ": instruction code \\%o (0x%02X) given", c, c);
1196 ins->rex &= rex_mask;
1198 if (ins->rex & REX_NH) {
1199 if (ins->rex & REX_H) {
1200 errfunc(ERR_NONFATAL, "instruction cannot use high registers");
1203 ins->rex &= ~REX_P; /* Don't force REX prefix due to high reg */
1206 if (ins->rex & REX_V) {
1207 int bad32 = REX_R|REX_W|REX_X|REX_B;
1209 if (ins->rex & REX_H) {
1210 errfunc(ERR_NONFATAL, "cannot use high register in vex instruction");
1213 switch (ins->vex_wlp & 060) {
1227 if (bits != 64 && ((ins->rex & bad32) || ins->vexreg > 7)) {
1228 errfunc(ERR_NONFATAL, "invalid operands in non-64-bit mode");
1231 if (ins->vex_cm != 1 || (ins->rex & (REX_W|REX_X|REX_B)))
1235 } else if (ins->rex & REX_REAL) {
1236 if (ins->rex & REX_H) {
1237 errfunc(ERR_NONFATAL, "cannot use high register in rex instruction");
1239 } else if (bits == 64) {
1241 } else if ((ins->rex & REX_L) &&
1242 !(ins->rex & (REX_P|REX_W|REX_X|REX_B)) &&
1245 assert_no_prefix(ins, PPS_LOCK);
1246 lockcheck = false; /* Already errored, no need for warning */
1249 errfunc(ERR_NONFATAL, "invalid operands in non-64-bit mode");
1254 if (has_prefix(ins, PPS_LOCK, P_LOCK) && lockcheck &&
1255 (!(temp->flags & IF_LOCK) || !is_class(MEMORY, ins->oprs[0].type))) {
1256 errfunc(ERR_WARNING | ERR_WARN_LOCK | ERR_PASS2 ,
1257 "instruction is not lockable");
1260 bad_hle_warn(ins, hleok);
1265 #define EMIT_REX() \
1266 if (!(ins->rex & REX_V) && (ins->rex & REX_REAL) && (bits == 64)) { \
1267 ins->rex = (ins->rex & REX_REAL)|REX_P; \
1268 out(offset, segment, &ins->rex, OUT_RAWDATA, 1, NO_SEG, NO_SEG); \
1273 static void gencode(int32_t segment, int64_t offset, int bits,
1274 insn * ins, const struct itemplate *temp,
1277 static const char condval[] = { /* conditional opcodes */
1278 0x7, 0x3, 0x2, 0x6, 0x2, 0x4, 0xF, 0xD, 0xC, 0xE, 0x6, 0x2,
1279 0x3, 0x7, 0x3, 0x5, 0xE, 0xC, 0xD, 0xF, 0x1, 0xB, 0x9, 0x5,
1280 0x0, 0xA, 0xA, 0xB, 0x8, 0x4
1287 struct operand *opx;
1288 const uint8_t *codes = temp->code;
1290 enum ea_type eat = EA_SCALAR;
1294 op1 = (c & 3) + ((opex & 1) << 2);
1295 op2 = ((c >> 3) & 3) + ((opex & 2) << 1);
1296 opx = &ins->oprs[op1];
1297 opex = 0; /* For the next iteration */
1305 out(offset, segment, codes, OUT_RAWDATA, c, NO_SEG, NO_SEG);
1318 bytes[0] = *codes++ + (regval(opx) & 7);
1319 out(offset, segment, bytes, OUT_RAWDATA, 1, NO_SEG, NO_SEG);
1325 * The test for BITS8 and SBYTE here is intended to avoid
1326 * warning on optimizer actions due to SBYTE, while still
1327 * warn on explicit BYTE directives. Also warn, obviously,
1328 * if the optimizer isn't enabled.
1330 if (((opx->type & BITS8) ||
1331 !(opx->type & temp->opd[op1] & BYTENESS)) &&
1332 (opx->offset < -128 || opx->offset > 127)) {
1333 errfunc(ERR_WARNING | ERR_PASS2 | ERR_WARN_NOV,
1334 "signed byte value exceeds bounds");
1336 if (opx->segment != NO_SEG) {
1338 out(offset, segment, &data, OUT_ADDRESS, 1,
1339 opx->segment, opx->wrt);
1341 bytes[0] = opx->offset;
1342 out(offset, segment, bytes, OUT_RAWDATA, 1, NO_SEG,
1349 if (opx->offset < -256 || opx->offset > 255) {
1350 errfunc(ERR_WARNING | ERR_PASS2 | ERR_WARN_NOV,
1351 "byte value exceeds bounds");
1353 if (opx->segment != NO_SEG) {
1355 out(offset, segment, &data, OUT_ADDRESS, 1,
1356 opx->segment, opx->wrt);
1358 bytes[0] = opx->offset;
1359 out(offset, segment, bytes, OUT_RAWDATA, 1, NO_SEG,
1366 if (opx->offset < 0 || opx->offset > 255)
1367 errfunc(ERR_WARNING | ERR_PASS2 | ERR_WARN_NOV,
1368 "unsigned byte value exceeds bounds");
1369 if (opx->segment != NO_SEG) {
1371 out(offset, segment, &data, OUT_ADDRESS, 1,
1372 opx->segment, opx->wrt);
1374 bytes[0] = opx->offset;
1375 out(offset, segment, bytes, OUT_RAWDATA, 1, NO_SEG,
1382 warn_overflow_opd(opx, 2);
1384 out(offset, segment, &data, OUT_ADDRESS, 2,
1385 opx->segment, opx->wrt);
1390 if (opx->type & (BITS16 | BITS32))
1391 size = (opx->type & BITS16) ? 2 : 4;
1393 size = (bits == 16) ? 2 : 4;
1394 warn_overflow_opd(opx, size);
1396 out(offset, segment, &data, OUT_ADDRESS, size,
1397 opx->segment, opx->wrt);
1402 warn_overflow_opd(opx, 4);
1404 out(offset, segment, &data, OUT_ADDRESS, 4,
1405 opx->segment, opx->wrt);
1411 size = ins->addr_size >> 3;
1412 warn_overflow_opd(opx, size);
1413 out(offset, segment, &data, OUT_ADDRESS, size,
1414 opx->segment, opx->wrt);
1419 if (opx->segment != segment) {
1421 out(offset, segment, &data,
1422 OUT_REL1ADR, insn_end - offset,
1423 opx->segment, opx->wrt);
1425 data = opx->offset - insn_end;
1426 if (data > 127 || data < -128)
1427 errfunc(ERR_NONFATAL, "short jump is out of range");
1428 out(offset, segment, &data,
1429 OUT_ADDRESS, 1, NO_SEG, NO_SEG);
1435 data = (int64_t)opx->offset;
1436 out(offset, segment, &data, OUT_ADDRESS, 8,
1437 opx->segment, opx->wrt);
1442 if (opx->segment != segment) {
1444 out(offset, segment, &data,
1445 OUT_REL2ADR, insn_end - offset,
1446 opx->segment, opx->wrt);
1448 data = opx->offset - insn_end;
1449 out(offset, segment, &data,
1450 OUT_ADDRESS, 2, NO_SEG, NO_SEG);
1456 if (opx->type & (BITS16 | BITS32 | BITS64))
1457 size = (opx->type & BITS16) ? 2 : 4;
1459 size = (bits == 16) ? 2 : 4;
1460 if (opx->segment != segment) {
1462 out(offset, segment, &data,
1463 size == 2 ? OUT_REL2ADR : OUT_REL4ADR,
1464 insn_end - offset, opx->segment, opx->wrt);
1466 data = opx->offset - insn_end;
1467 out(offset, segment, &data,
1468 OUT_ADDRESS, size, NO_SEG, NO_SEG);
1474 if (opx->segment != segment) {
1476 out(offset, segment, &data,
1477 OUT_REL4ADR, insn_end - offset,
1478 opx->segment, opx->wrt);
1480 data = opx->offset - insn_end;
1481 out(offset, segment, &data,
1482 OUT_ADDRESS, 4, NO_SEG, NO_SEG);
1488 if (opx->segment == NO_SEG)
1489 errfunc(ERR_NONFATAL, "value referenced by FAR is not"
1492 out(offset, segment, &data, OUT_ADDRESS, 2,
1493 outfmt->segbase(1 + opx->segment),
1500 warn_overflow_opd(opx, 2);
1501 if (is_sbyte16(opx)) {
1503 out(offset, segment, bytes, OUT_RAWDATA, 1, NO_SEG,
1507 out(offset, segment, &data, OUT_ADDRESS, 2,
1508 opx->segment, opx->wrt);
1515 bytes[0] = *codes++;
1516 if (is_sbyte16(opx))
1517 bytes[0] |= 2; /* s-bit */
1518 out(offset, segment, bytes, OUT_RAWDATA, 1, NO_SEG, NO_SEG);
1524 warn_overflow_opd(opx, 4);
1525 if (is_sbyte32(opx)) {
1527 out(offset, segment, bytes, OUT_RAWDATA, 1, NO_SEG,
1531 out(offset, segment, &data, OUT_ADDRESS, 4,
1532 opx->segment, opx->wrt);
1539 bytes[0] = *codes++;
1540 if (is_sbyte32(opx))
1541 bytes[0] |= 2; /* s-bit */
1542 out(offset, segment, bytes, OUT_RAWDATA, 1, NO_SEG, NO_SEG);
1548 opx = &ins->oprs[c >> 3];
1549 bytes[0] = nasm_regvals[opx->basereg] << 4;
1550 opx = &ins->oprs[c & 7];
1551 if (opx->segment != NO_SEG || opx->wrt != NO_SEG) {
1552 errfunc(ERR_NONFATAL,
1553 "non-absolute expression not permitted as argument %d",
1556 if (opx->offset & ~15) {
1557 errfunc(ERR_WARNING | ERR_PASS2 | ERR_WARN_NOV,
1558 "four-bit argument exceeds bounds");
1560 bytes[0] |= opx->offset & 15;
1562 out(offset, segment, bytes, OUT_RAWDATA, 1, NO_SEG, NO_SEG);
1568 opx = &ins->oprs[c >> 4];
1569 bytes[0] = nasm_regvals[opx->basereg] << 4;
1571 out(offset, segment, bytes, OUT_RAWDATA, 1, NO_SEG, NO_SEG);
1576 bytes[0] = nasm_regvals[opx->basereg] << 4;
1577 out(offset, segment, bytes, OUT_RAWDATA, 1, NO_SEG, NO_SEG);
1583 if (opx->wrt == NO_SEG && opx->segment == NO_SEG &&
1584 (int32_t)data != (int64_t)data) {
1585 errfunc(ERR_WARNING | ERR_PASS2 | ERR_WARN_NOV,
1586 "signed dword immediate exceeds bounds");
1588 if (is_sbyte32(opx)) {
1590 out(offset, segment, bytes, OUT_RAWDATA, 1, NO_SEG,
1594 out(offset, segment, &data, OUT_ADDRESS, 4,
1595 opx->segment, opx->wrt);
1602 if (opx->wrt == NO_SEG && opx->segment == NO_SEG &&
1603 (int32_t)data != (int64_t)data) {
1604 errfunc(ERR_WARNING | ERR_PASS2 | ERR_WARN_NOV,
1605 "signed dword immediate exceeds bounds");
1607 out(offset, segment, &data, OUT_ADDRESS, 4,
1608 opx->segment, opx->wrt);
1615 if (ins->vex_cm != 1 || (ins->rex & (REX_W|REX_X|REX_B))) {
1616 bytes[0] = (ins->vex_cm >> 6) ? 0x8f : 0xc4;
1617 bytes[1] = (ins->vex_cm & 31) | ((~ins->rex & 7) << 5);
1618 bytes[2] = ((ins->rex & REX_W) << (7-3)) |
1619 ((~ins->vexreg & 15)<< 3) | (ins->vex_wlp & 07);
1620 out(offset, segment, &bytes, OUT_RAWDATA, 3, NO_SEG, NO_SEG);
1624 bytes[1] = ((~ins->rex & REX_R) << (7-2)) |
1625 ((~ins->vexreg & 15) << 3) | (ins->vex_wlp & 07);
1626 out(offset, segment, &bytes, OUT_RAWDATA, 2, NO_SEG, NO_SEG);
1641 if (ins->rex & REX_W)
1643 else if (ins->prefixes[PPS_OSIZE] == P_O16)
1645 else if (ins->prefixes[PPS_OSIZE] == P_O32)
1650 um = (uint64_t)2 << (s-1);
1653 if (uv > 127 && uv < (uint64_t)-128 &&
1654 (uv < um-128 || uv > um-1)) {
1655 errfunc(ERR_WARNING | ERR_PASS2 | ERR_WARN_NOV,
1656 "signed byte value exceeds bounds");
1658 if (opx->segment != NO_SEG) {
1660 out(offset, segment, &data, OUT_ADDRESS, 1,
1661 opx->segment, opx->wrt);
1664 out(offset, segment, bytes, OUT_RAWDATA, 1, NO_SEG,
1675 if (bits == 32 && !has_prefix(ins, PPS_ASIZE, P_A16)) {
1677 out(offset, segment, bytes, OUT_RAWDATA, 1, NO_SEG, NO_SEG);
1684 if (bits != 32 && !has_prefix(ins, PPS_ASIZE, P_A32)) {
1686 out(offset, segment, bytes, OUT_RAWDATA, 1, NO_SEG, NO_SEG);
1721 *bytes = *codes++ ^ condval[ins->condition];
1722 out(offset, segment, bytes, OUT_RAWDATA, 1, NO_SEG, NO_SEG);
1731 *bytes = c - 0332 + 0xF2;
1732 out(offset, segment, bytes, OUT_RAWDATA, 1, NO_SEG, NO_SEG);
1737 if (ins->rex & REX_R) {
1739 out(offset, segment, bytes, OUT_RAWDATA, 1, NO_SEG, NO_SEG);
1742 ins->rex &= ~(REX_L|REX_R);
1753 if (ins->oprs[0].segment != NO_SEG)
1754 errfunc(ERR_PANIC, "non-constant BSS size in pass two");
1756 int64_t size = ins->oprs[0].offset;
1758 out(offset, segment, NULL,
1759 OUT_RESERVE, size, NO_SEG, NO_SEG);
1770 switch (ins->oprs[0].basereg) {
1785 "bizarre 8086 segment register received");
1787 out(offset, segment, bytes, OUT_RAWDATA, 1, NO_SEG, NO_SEG);
1794 switch (ins->oprs[0].basereg) {
1803 "bizarre 386 segment register received");
1805 out(offset, segment, bytes, OUT_RAWDATA, 1, NO_SEG, NO_SEG);
1814 out(offset, segment, bytes, OUT_RAWDATA, 1, NO_SEG, NO_SEG);
1820 bytes[0] = c - 0362 + 0xf2;
1821 out(offset, segment, bytes, OUT_RAWDATA, 1, NO_SEG, NO_SEG);
1831 *bytes = c - 0366 + 0x66;
1832 out(offset, segment, bytes, OUT_RAWDATA, 1, NO_SEG, NO_SEG);
1841 *bytes = bits == 16 ? 3 : 5;
1842 out(offset, segment, bytes, OUT_RAWDATA, 1, NO_SEG, NO_SEG);
1872 struct operand *opy = &ins->oprs[op2];
1875 /* pick rfield from operand b (opx) */
1876 rflags = regflag(opx);
1877 rfield = nasm_regvals[opx->basereg];
1879 /* rfield is constant */
1884 if (process_ea(opy, &ea_data, bits, ins->addr_size,
1885 rfield, rflags) != eat)
1886 errfunc(ERR_NONFATAL, "invalid effective address");
1889 *p++ = ea_data.modrm;
1890 if (ea_data.sib_present)
1894 out(offset, segment, bytes, OUT_RAWDATA, s, NO_SEG, NO_SEG);
1897 * Make sure the address gets the right offset in case
1898 * the line breaks in the .lst file (BR 1197827)
1903 switch (ea_data.bytes) {
1913 if (opy->segment == segment) {
1915 if (overflow_signed(data, ea_data.bytes))
1916 warn_overflow(ERR_PASS2, ea_data.bytes);
1917 out(offset, segment, &data, OUT_ADDRESS,
1918 ea_data.bytes, NO_SEG, NO_SEG);
1920 /* overflow check in output/linker? */
1921 out(offset, segment, &data, OUT_REL4ADR,
1922 insn_end - offset, opy->segment, opy->wrt);
1925 if (overflow_general(opy->offset, ins->addr_size >> 3) ||
1926 signed_bits(opy->offset, ins->addr_size) !=
1927 signed_bits(opy->offset, ea_data.bytes * 8))
1928 warn_overflow(ERR_PASS2, ea_data.bytes);
1930 out(offset, segment, &data, OUT_ADDRESS,
1931 ea_data.bytes, opy->segment, opy->wrt);
1937 "Invalid amount of bytes (%d) for offset?!",
1946 errfunc(ERR_PANIC, "internal instruction table corrupt"
1947 ": instruction code \\%o (0x%02X) given", c, c);
1953 static opflags_t regflag(const operand * o)
1955 if (!is_register(o->basereg))
1956 errfunc(ERR_PANIC, "invalid operand passed to regflag()");
1957 return nasm_reg_flags[o->basereg];
1960 static int32_t regval(const operand * o)
1962 if (!is_register(o->basereg))
1963 errfunc(ERR_PANIC, "invalid operand passed to regval()");
1964 return nasm_regvals[o->basereg];
1967 static int op_rexflags(const operand * o, int mask)
1972 if (!is_register(o->basereg))
1973 errfunc(ERR_PANIC, "invalid operand passed to op_rexflags()");
1975 flags = nasm_reg_flags[o->basereg];
1976 val = nasm_regvals[o->basereg];
1978 return rexflags(val, flags, mask);
1981 static int rexflags(int val, opflags_t flags, int mask)
1986 rex |= REX_B|REX_X|REX_R;
1989 if (!(REG_HIGH & ~flags)) /* AH, CH, DH, BH */
1991 else if (!(REG8 & ~flags) && val >= 4) /* SPL, BPL, SIL, DIL */
1997 static enum match_result find_match(const struct itemplate **tempp,
1999 int32_t segment, int64_t offset, int bits)
2001 const struct itemplate *temp;
2002 enum match_result m, merr;
2003 opflags_t xsizeflags[MAX_OPERANDS];
2004 bool opsizemissing = false;
2007 for (i = 0; i < instruction->operands; i++)
2008 xsizeflags[i] = instruction->oprs[i].type & SIZE_MASK;
2010 merr = MERR_INVALOP;
2012 for (temp = nasm_instructions[instruction->opcode];
2013 temp->opcode != I_none; temp++) {
2014 m = matches(temp, instruction, bits);
2015 if (m == MOK_JUMP) {
2016 if (jmp_match(segment, offset, bits, instruction, temp))
2020 } else if (m == MERR_OPSIZEMISSING &&
2021 (temp->flags & IF_SMASK) != IF_SX) {
2023 * Missing operand size and a candidate for fuzzy matching...
2025 for (i = 0; i < temp->operands; i++) {
2026 if ((temp->opd[i] & SAME_AS) == 0)
2027 xsizeflags[i] |= temp->opd[i] & SIZE_MASK;
2029 opsizemissing = true;
2033 if (merr == MOK_GOOD)
2037 /* No match, but see if we can get a fuzzy operand size match... */
2041 for (i = 0; i < instruction->operands; i++) {
2043 * We ignore extrinsic operand sizes on registers, so we should
2044 * never try to fuzzy-match on them. This also resolves the case
2045 * when we have e.g. "xmmrm128" in two different positions.
2047 if (is_class(REGISTER, instruction->oprs[i].type))
2050 /* This tests if xsizeflags[i] has more than one bit set */
2051 if ((xsizeflags[i] & (xsizeflags[i]-1)))
2052 goto done; /* No luck */
2054 instruction->oprs[i].type |= xsizeflags[i]; /* Set the size */
2057 /* Try matching again... */
2058 for (temp = nasm_instructions[instruction->opcode];
2059 temp->opcode != I_none; temp++) {
2060 m = matches(temp, instruction, bits);
2061 if (m == MOK_JUMP) {
2062 if (jmp_match(segment, offset, bits, instruction, temp))
2069 if (merr == MOK_GOOD)
2078 static enum match_result matches(const struct itemplate *itemp,
2079 insn *instruction, int bits)
2081 opflags_t size[MAX_OPERANDS], asize;
2082 bool opsizemissing = false;
2088 if (itemp->opcode != instruction->opcode)
2089 return MERR_INVALOP;
2092 * Count the operands
2094 if (itemp->operands != instruction->operands)
2095 return MERR_INVALOP;
2100 if (!(optimizing > 0) && (itemp->flags & IF_OPT))
2101 return MERR_INVALOP;
2104 * Check that no spurious colons or TOs are present
2106 for (i = 0; i < itemp->operands; i++)
2107 if (instruction->oprs[i].type & ~itemp->opd[i] & (COLON | TO))
2108 return MERR_INVALOP;
2111 * Process size flags
2113 switch (itemp->flags & IF_SMASK) {
2153 if (itemp->flags & IF_ARMASK) {
2154 /* S- flags only apply to a specific operand */
2155 i = ((itemp->flags & IF_ARMASK) >> IF_ARSHFT) - 1;
2156 memset(size, 0, sizeof size);
2159 /* S- flags apply to all operands */
2160 for (i = 0; i < MAX_OPERANDS; i++)
2165 * Check that the operand flags all match up,
2166 * it's a bit tricky so lets be verbose:
2168 * 1) Find out the size of operand. If instruction
2169 * doesn't have one specified -- we're trying to
2170 * guess it either from template (IF_S* flag) or
2173 * 2) If template operand (i) has SAME_AS flag [used for registers only]
2174 * (ie the same operand as was specified somewhere in template, and
2175 * this referred operand index is being achieved via ~SAME_AS)
2176 * we are to be sure that both registers (in template and instruction)
2179 * 3) If template operand do not match the instruction OR
2180 * template has an operand size specified AND this size differ
2181 * from which instruction has (perhaps we got it from code bits)
2183 * a) Check that only size of instruction and operand is differ
2184 * other characteristics do match
2185 * b) Perhaps it's a register specified in instruction so
2186 * for such a case we just mark that operand as "size
2187 * missing" and this will turn on fuzzy operand size
2188 * logic facility (handled by a caller)
2190 for (i = 0; i < itemp->operands; i++) {
2191 opflags_t type = instruction->oprs[i].type;
2192 if (!(type & SIZE_MASK))
2195 if (itemp->opd[i] & SAME_AS) {
2196 int j = itemp->opd[i] & ~SAME_AS;
2197 if (type != instruction->oprs[j].type ||
2198 instruction->oprs[i].basereg != instruction->oprs[j].basereg)
2199 return MERR_INVALOP;
2200 } else if (itemp->opd[i] & ~type ||
2201 ((itemp->opd[i] & SIZE_MASK) &&
2202 ((itemp->opd[i] ^ type) & SIZE_MASK))) {
2203 if ((itemp->opd[i] & ~type & ~SIZE_MASK) || (type & SIZE_MASK)) {
2204 return MERR_INVALOP;
2205 } else if (!is_class(REGISTER, type)) {
2207 * Note: we don't honor extrinsic operand sizes for registers,
2208 * so "missing operand size" for a register should be
2209 * considered a wildcard match rather than an error.
2211 opsizemissing = true;
2217 return MERR_OPSIZEMISSING;
2220 * Check operand sizes
2222 if (itemp->flags & (IF_SM | IF_SM2)) {
2223 oprs = (itemp->flags & IF_SM2 ? 2 : itemp->operands);
2224 for (i = 0; i < oprs; i++) {
2225 asize = itemp->opd[i] & SIZE_MASK;
2227 for (i = 0; i < oprs; i++)
2233 oprs = itemp->operands;
2236 for (i = 0; i < itemp->operands; i++) {
2237 if (!(itemp->opd[i] & SIZE_MASK) &&
2238 (instruction->oprs[i].type & SIZE_MASK & ~size[i]))
2239 return MERR_OPSIZEMISMATCH;
2243 * Check template is okay at the set cpu level
2245 if (((itemp->flags & IF_PLEVEL) > cpu))
2249 * Verify the appropriate long mode flag.
2251 if ((itemp->flags & (bits == 64 ? IF_NOLONG : IF_LONG)))
2252 return MERR_BADMODE;
2255 * If we have a HLE prefix, look for the NOHLE flag
2257 if ((itemp->flags & IF_NOHLE) &&
2258 (has_prefix(instruction, PPS_REP, P_XACQUIRE) ||
2259 has_prefix(instruction, PPS_REP, P_XRELEASE)))
2263 * Check if special handling needed for Jumps
2265 if ((itemp->code[0] & ~1) == 0370)
2271 static enum ea_type process_ea(operand *input, ea *output, int bits,
2272 int addrbits, int rfield, opflags_t rflags)
2274 bool forw_ref = !!(input->opflags & OPFLAG_UNKNOWN);
2276 output->type = EA_SCALAR;
2277 output->rip = false;
2279 /* REX flags for the rfield operand */
2280 output->rex |= rexflags(rfield, rflags, REX_R | REX_P | REX_W | REX_H);
2282 if (is_class(REGISTER, input->type)) {
2284 * It's a direct register.
2288 if (!is_register(input->basereg))
2293 if (!is_class(REG_EA, f))
2296 output->rex |= op_rexflags(input, REX_B | REX_P | REX_W | REX_H);
2297 output->sib_present = false; /* no SIB necessary */
2298 output->bytes = 0; /* no offset necessary either */
2299 output->modrm = GEN_MODRM(3, rfield, nasm_regvals[input->basereg]);
2302 * It's a memory reference.
2304 if (input->basereg == -1 &&
2305 (input->indexreg == -1 || input->scale == 0)) {
2307 * It's a pure offset.
2309 if (bits == 64 && ((input->type & IP_REL) == IP_REL) &&
2310 input->segment == NO_SEG) {
2311 nasm_error(ERR_WARNING | ERR_PASS1, "absolute address can not be RIP-relative");
2312 input->type &= ~IP_REL;
2313 input->type |= MEMORY;
2316 if (input->eaflags & EAF_BYTEOFFS ||
2317 (input->eaflags & EAF_WORDOFFS &&
2318 input->disp_size != (addrbits != 16 ? 32 : 16))) {
2319 nasm_error(ERR_WARNING | ERR_PASS1, "displacement size ignored on absolute address");
2322 if (bits == 64 && (~input->type & IP_REL)) {
2323 output->sib_present = true;
2324 output->sib = GEN_SIB(0, 4, 5);
2326 output->modrm = GEN_MODRM(0, rfield, 4);
2327 output->rip = false;
2329 output->sib_present = false;
2330 output->bytes = (addrbits != 16 ? 4 : 2);
2331 output->modrm = GEN_MODRM(0, rfield, (addrbits != 16 ? 5 : 6));
2332 output->rip = bits == 64;
2336 * It's an indirection.
2338 int i = input->indexreg, b = input->basereg, s = input->scale;
2339 int32_t seg = input->segment;
2340 int hb = input->hintbase, ht = input->hinttype;
2341 int t, it, bt; /* register numbers */
2342 opflags_t x, ix, bx; /* register flags */
2345 i = -1; /* make this easy, at least */
2347 if (is_register(i)) {
2348 it = nasm_regvals[i];
2349 ix = nasm_reg_flags[i];
2355 if (is_register(b)) {
2356 bt = nasm_regvals[b];
2357 bx = nasm_reg_flags[b];
2363 /* if either one are a vector register... */
2364 if ((ix|bx) & (XMMREG|YMMREG) & ~REG_EA) {
2365 opflags_t sok = BITS32 | BITS64;
2366 int32_t o = input->offset;
2367 int mod, scale, index, base;
2370 * For a vector SIB, one has to be a vector and the other,
2371 * if present, a GPR. The vector must be the index operand.
2373 if (it == -1 || (bx & (XMMREG|YMMREG) & ~REG_EA)) {
2379 t = bt, bt = it, it = t;
2380 x = bx, bx = ix, ix = x;
2386 if (!(REG64 & ~bx) || !(REG32 & ~bx))
2393 * While we're here, ensure the user didn't specify
2396 if (input->disp_size == 16 || input->disp_size == 64)
2399 if (addrbits == 16 ||
2400 (addrbits == 32 && !(sok & BITS32)) ||
2401 (addrbits == 64 && !(sok & BITS64)))
2404 output->type = (ix & YMMREG & ~REG_EA)
2405 ? EA_YMMVSIB : EA_XMMVSIB;
2407 output->rex |= rexflags(it, ix, REX_X);
2408 output->rex |= rexflags(bt, bx, REX_B);
2410 index = it & 7; /* it is known to be != -1 */
2425 default: /* then what the smeg is it? */
2426 goto err; /* panic */
2434 if (base != REG_NUM_EBP && o == 0 &&
2435 seg == NO_SEG && !forw_ref &&
2436 !(input->eaflags & (EAF_BYTEOFFS | EAF_WORDOFFS)))
2438 else if (input->eaflags & EAF_BYTEOFFS ||
2439 (o >= -128 && o <= 127 &&
2440 seg == NO_SEG && !forw_ref &&
2441 !(input->eaflags & EAF_WORDOFFS)))
2447 output->sib_present = true;
2448 output->bytes = (bt == -1 || mod == 2 ? 4 : mod);
2449 output->modrm = GEN_MODRM(mod, rfield, 4);
2450 output->sib = GEN_SIB(scale, index, base);
2451 } else if ((ix|bx) & (BITS32|BITS64)) {
2453 * it must be a 32/64-bit memory reference. Firstly we have
2454 * to check that all registers involved are type E/Rxx.
2456 opflags_t sok = BITS32 | BITS64;
2457 int32_t o = input->offset;
2460 if (!(REG64 & ~ix) || !(REG32 & ~ix))
2468 goto err; /* Invalid register */
2469 if (~sok & bx & SIZE_MASK)
2470 goto err; /* Invalid size */
2475 * While we're here, ensure the user didn't specify
2478 if (input->disp_size == 16 || input->disp_size == 64)
2481 if (addrbits == 16 ||
2482 (addrbits == 32 && !(sok & BITS32)) ||
2483 (addrbits == 64 && !(sok & BITS64)))
2486 /* now reorganize base/index */
2487 if (s == 1 && bt != it && bt != -1 && it != -1 &&
2488 ((hb == b && ht == EAH_NOTBASE) ||
2489 (hb == i && ht == EAH_MAKEBASE))) {
2490 /* swap if hints say so */
2491 t = bt, bt = it, it = t;
2492 x = bx, bx = ix, ix = x;
2494 if (bt == it) /* convert EAX+2*EAX to 3*EAX */
2495 bt = -1, bx = 0, s++;
2496 if (bt == -1 && s == 1 && !(hb == it && ht == EAH_NOTBASE)) {
2497 /* make single reg base, unless hint */
2498 bt = it, bx = ix, it = -1, ix = 0;
2500 if (((s == 2 && it != REG_NUM_ESP && !(input->eaflags & EAF_TIMESTWO)) ||
2501 s == 3 || s == 5 || s == 9) && bt == -1)
2502 bt = it, bx = ix, s--; /* convert 3*EAX to EAX+2*EAX */
2503 if (it == -1 && (bt & 7) != REG_NUM_ESP &&
2504 (input->eaflags & EAF_TIMESTWO))
2505 it = bt, ix = bx, bt = -1, bx = 0, s = 1;
2506 /* convert [NOSPLIT EAX] to sib format with 0x0 displacement */
2507 if (s == 1 && it == REG_NUM_ESP) {
2508 /* swap ESP into base if scale is 1 */
2509 t = it, it = bt, bt = t;
2510 x = ix, ix = bx, bx = x;
2512 if (it == REG_NUM_ESP ||
2513 (s != 1 && s != 2 && s != 4 && s != 8 && it != -1))
2514 goto err; /* wrong, for various reasons */
2516 output->rex |= rexflags(it, ix, REX_X);
2517 output->rex |= rexflags(bt, bx, REX_B);
2519 if (it == -1 && (bt & 7) != REG_NUM_ESP) {
2528 if (rm != REG_NUM_EBP && o == 0 &&
2529 seg == NO_SEG && !forw_ref &&
2530 !(input->eaflags & (EAF_BYTEOFFS | EAF_WORDOFFS)))
2532 else if (input->eaflags & EAF_BYTEOFFS ||
2533 (o >= -128 && o <= 127 &&
2534 seg == NO_SEG && !forw_ref &&
2535 !(input->eaflags & EAF_WORDOFFS)))
2541 output->sib_present = false;
2542 output->bytes = (bt == -1 || mod == 2 ? 4 : mod);
2543 output->modrm = GEN_MODRM(mod, rfield, rm);
2546 int mod, scale, index, base;
2566 default: /* then what the smeg is it? */
2567 goto err; /* panic */
2575 if (base != REG_NUM_EBP && o == 0 &&
2576 seg == NO_SEG && !forw_ref &&
2577 !(input->eaflags & (EAF_BYTEOFFS | EAF_WORDOFFS)))
2579 else if (input->eaflags & EAF_BYTEOFFS ||
2580 (o >= -128 && o <= 127 &&
2581 seg == NO_SEG && !forw_ref &&
2582 !(input->eaflags & EAF_WORDOFFS)))
2588 output->sib_present = true;
2589 output->bytes = (bt == -1 || mod == 2 ? 4 : mod);
2590 output->modrm = GEN_MODRM(mod, rfield, 4);
2591 output->sib = GEN_SIB(scale, index, base);
2593 } else { /* it's 16-bit */
2595 int16_t o = input->offset;
2597 /* check for 64-bit long mode */
2601 /* check all registers are BX, BP, SI or DI */
2602 if ((b != -1 && b != R_BP && b != R_BX && b != R_SI && b != R_DI) ||
2603 (i != -1 && i != R_BP && i != R_BX && i != R_SI && i != R_DI))
2606 /* ensure the user didn't specify DWORD/QWORD */
2607 if (input->disp_size == 32 || input->disp_size == 64)
2610 if (s != 1 && i != -1)
2611 goto err; /* no can do, in 16-bit EA */
2612 if (b == -1 && i != -1) {
2617 if ((b == R_SI || b == R_DI) && i != -1) {
2622 /* have BX/BP as base, SI/DI index */
2624 goto err; /* shouldn't ever happen, in theory */
2625 if (i != -1 && b != -1 &&
2626 (i == R_BP || i == R_BX || b == R_SI || b == R_DI))
2627 goto err; /* invalid combinations */
2628 if (b == -1) /* pure offset: handled above */
2629 goto err; /* so if it gets to here, panic! */
2633 switch (i * 256 + b) {
2634 case R_SI * 256 + R_BX:
2637 case R_DI * 256 + R_BX:
2640 case R_SI * 256 + R_BP:
2643 case R_DI * 256 + R_BP:
2661 if (rm == -1) /* can't happen, in theory */
2662 goto err; /* so panic if it does */
2664 if (o == 0 && seg == NO_SEG && !forw_ref && rm != 6 &&
2665 !(input->eaflags & (EAF_BYTEOFFS | EAF_WORDOFFS)))
2667 else if (input->eaflags & EAF_BYTEOFFS ||
2668 (o >= -128 && o <= 127 && seg == NO_SEG &&
2669 !forw_ref && !(input->eaflags & EAF_WORDOFFS)))
2674 output->sib_present = false; /* no SIB - it's 16-bit */
2675 output->bytes = mod; /* bytes of offset needed */
2676 output->modrm = GEN_MODRM(mod, rfield, rm);
2681 output->size = 1 + output->sib_present + output->bytes;
2682 return output->type;
2685 return output->type = EA_INVALID;
2688 static void add_asp(insn *ins, int addrbits)
2693 valid = (addrbits == 64) ? 64|32 : 32|16;
2695 switch (ins->prefixes[PPS_ASIZE]) {
2706 valid &= (addrbits == 32) ? 16 : 32;
2712 for (j = 0; j < ins->operands; j++) {
2713 if (is_class(MEMORY, ins->oprs[j].type)) {
2716 /* Verify as Register */
2717 if (!is_register(ins->oprs[j].indexreg))
2720 i = nasm_reg_flags[ins->oprs[j].indexreg];
2722 /* Verify as Register */
2723 if (!is_register(ins->oprs[j].basereg))
2726 b = nasm_reg_flags[ins->oprs[j].basereg];
2728 if (ins->oprs[j].scale == 0)
2732 int ds = ins->oprs[j].disp_size;
2733 if ((addrbits != 64 && ds > 8) ||
2734 (addrbits == 64 && ds == 16))
2754 if (valid & addrbits) {
2755 ins->addr_size = addrbits;
2756 } else if (valid & ((addrbits == 32) ? 16 : 32)) {
2757 /* Add an address size prefix */
2758 ins->prefixes[PPS_ASIZE] = (addrbits == 32) ? P_A16 : P_A32;;
2759 ins->addr_size = (addrbits == 32) ? 16 : 32;
2762 errfunc(ERR_NONFATAL, "impossible combination of address sizes");
2763 ins->addr_size = addrbits; /* Error recovery */
2766 defdisp = ins->addr_size == 16 ? 16 : 32;
2768 for (j = 0; j < ins->operands; j++) {
2769 if (!(MEM_OFFS & ~ins->oprs[j].type) &&
2770 (ins->oprs[j].disp_size ? ins->oprs[j].disp_size : defdisp) != ins->addr_size) {
2772 * mem_offs sizes must match the address size; if not,
2773 * strip the MEM_OFFS bit and match only EA instructions
2775 ins->oprs[j].type &= ~(MEM_OFFS & ~MEMORY);