search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Fix buffer overflow in preproc.c (BR 1942146)
[nasm.git] / assemble.c
blobc5f8172e4701a2a227d41ee12fd2c99a89ef93f0
1 /* assemble.c code generation for the Netwide Assembler
2 *
3 * The Netwide Assembler is copyright (C) 1996 Simon Tatham and
4 * Julian Hall. All rights reserved. The software is
5 * redistributable under the license given in the file "LICENSE"
6 * distributed in the NASM archive.
7 *
8 * the actual codes (C syntax, i.e. octal):
9 * \0 - terminates the code. (Unless it's a literal of course.)
10 * \1, \2, \3 - that many literal bytes follow in the code stream
11 * \4, \6 - the POP/PUSH (respectively) codes for CS, DS, ES, SS
12 * (POP is never used for CS) depending on operand 0
13 * \5, \7 - the second byte of POP/PUSH codes for FS, GS, depending
14 * on operand 0
15 * \10..\13 - a literal byte follows in the code stream, to be added
16 * to the register value of operand 0..3
17 * \14..\17 - a signed byte immediate operand, from operand 0..3
18 * \20..\23 - a byte immediate operand, from operand 0..3
19 * \24..\27 - an unsigned byte immediate operand, from operand 0..3
20 * \30..\33 - a word immediate operand, from operand 0..3
21 * \34..\37 - select between \3[0-3] and \4[0-3] depending on 16/32 bit
22 * assembly mode or the operand-size override on the operand
23 * \40..\43 - a long immediate operand, from operand 0..3
24 * \44..\47 - select between \3[0-3], \4[0-3] and \5[4-7]
25 * depending on the address size of the instruction.
26 * \50..\53 - a byte relative operand, from operand 0..3
27 * \54..\57 - a qword immediate operand, from operand 0..3
28 * \60..\63 - a word relative operand, from operand 0..3
29 * \64..\67 - select between \6[0-3] and \7[0-3] depending on 16/32 bit
30 * assembly mode or the operand-size override on the operand
31 * \70..\73 - a long relative operand, from operand 0..3
32 * \74..\77 - a word constant, from the _segment_ part of operand 0..3
33 * \1ab - a ModRM, calculated on EA in operand a, with the spare
34 * field the register value of operand b.
35 * \140..\143 - an immediate word or signed byte for operand 0..3
36 * \144..\147 - or 2 (s-field) into opcode byte if operand 0..3
37 * is a signed byte rather than a word. Opcode byte follows.
38 * \150..\153 - an immediate dword or signed byte for operand 0..3
39 * \154..\157 - or 2 (s-field) into opcode byte if operand 0..3
40 * is a signed byte rather than a dword. Opcode byte follows.
41 * \160..\163 - this instruction uses DREX rather than REX, with the
42 * OC0 field set to 0, and the dest field taken from
43 * operand 0..3.
44 * \164..\167 - this instruction uses DREX rather than REX, with the
45 * OC0 field set to 1, and the dest field taken from
46 * operand 0..3.
47 * \171 - placement of DREX suffix in the absence of an EA
48 * \172\ab - the register number from operand a in bits 7..4, with
49 * the 4-bit immediate from operand b in bits 3..0.
50 * \173\xab - the register number from operand a in bits 7..4, with
51 * the value b in bits 3..0.
52 * \174\a - the register number from operand a in bits 7..4, and
53 * an arbitrary value in bits 3..0 (assembled as zero.)
54 * \2ab - a ModRM, calculated on EA in operand a, with the spare
55 * field equal to digit b.
56 * \250..\253 - same as \150..\153, except warn if the 64-bit operand
57 * is not equal to the truncated and sign-extended 32-bit
58 * operand; used for 32-bit immediates in 64-bit mode.
59 * \260..\263 - this instruction uses VEX rather than REX, with the
60 * V field taken from operand 0..3.
61 * \270 - this instruction uses VEX rather than REX, with the
62 * V field set to 1111b.
63 *
64 * VEX prefixes are followed by the sequence:
65 * \mm\wlp where mm is the M field; and wlp is:
66 * 00 0ww lpp
67 * ww = 0 for W = 0
68 * ww = 1 for W = 1
69 * ww = 2 for W used as REX.W
70 *
71 * \310 - indicates fixed 16-bit address size, i.e. optional 0x67.
72 * \311 - indicates fixed 32-bit address size, i.e. optional 0x67.
73 * \312 - (disassembler only) marker on LOOP, LOOPxx instructions.
74 * \313 - indicates fixed 64-bit address size, 0x67 invalid.
75 * \314 - (disassembler only) invalid with REX.B
76 * \315 - (disassembler only) invalid with REX.X
77 * \316 - (disassembler only) invalid with REX.R
78 * \317 - (disassembler only) invalid with REX.W
79 * \320 - indicates fixed 16-bit operand size, i.e. optional 0x66.
80 * \321 - indicates fixed 32-bit operand size, i.e. optional 0x66.
81 * \322 - indicates that this instruction is only valid when the
82 * operand size is the default (instruction to disassembler,
83 * generates no code in the assembler)
84 * \323 - indicates fixed 64-bit operand size, REX on extensions only.
85 * \324 - indicates 64-bit operand size requiring REX prefix.
86 * \330 - a literal byte follows in the code stream, to be added
87 * to the condition code value of the instruction.
88 * \331 - instruction not valid with REP prefix. Hint for
89 * disassembler only; for SSE instructions.
90 * \332 - REP prefix (0xF2 byte) used as opcode extension.
91 * \333 - REP prefix (0xF3 byte) used as opcode extension.
92 * \334 - LOCK prefix used instead of REX.R
93 * \335 - disassemble a rep (0xF3 byte) prefix as repe not rep.
94 * \340 - reserve <operand 0> bytes of uninitialized storage.
95 * Operand 0 had better be a segmentless constant.
96 * \360 - no SSE prefix (== \364\331)
97 * \361 - 66 SSE prefix (== \366\331)
98 * \362 - F2 SSE prefix (== \364\332)
99 * \363 - F3 SSE prefix (== \364\333)
100 * \364 - operand-size prefix (0x66) not permitted
101 * \365 - address-size prefix (0x67) not permitted
102 * \366 - operand-size prefix (0x66) used as opcode extension
103 * \367 - address-size prefix (0x67) used as opcode extension
104 * \370,\371,\372 - match only if operand 0 meets byte jump criteria.
105 * 370 is used for Jcc, 371 is used for JMP.
106 * \373 - assemble 0x03 if bits==16, 0x05 if bits==32;
107 * used for conditional jump over longer jump
108 */
109
110 #include "compiler.h"
111
112 #include <stdio.h>
113 #include <string.h>
114 #include <inttypes.h>
115
116 #include "nasm.h"
117 #include "nasmlib.h"
118 #include "assemble.h"
119 #include "insns.h"
120 #include "preproc.h"
121 #include "tables.h"
122
123 /* Initialized to zero by the C standard */
124 static const uint8_t const_zero_buf[256];
125
126 typedef struct {
127 int sib_present; /* is a SIB byte necessary? */
128 int bytes; /* # of bytes of offset needed */
129 int size; /* lazy - this is sib+bytes+1 */
130 uint8_t modrm, sib, rex, rip; /* the bytes themselves */
131 } ea;
132
133 static uint32_t cpu; /* cpu level received from nasm.c */
134 static efunc errfunc;
135 static struct ofmt *outfmt;
136 static ListGen *list;
137
138 static int64_t calcsize(int32_t, int64_t, int, insn *, const uint8_t *);
139 static void gencode(int32_t, int64_t, int, insn *, const uint8_t *, int64_t);
140 static int matches(const struct itemplate *, insn *, int bits);
141 static int32_t regflag(const operand *);
142 static int32_t regval(const operand *);
143 static int rexflags(int, int32_t, int);
144 static int op_rexflags(const operand *, int);
145 static ea *process_ea(operand *, ea *, int, int, int, int32_t, int);
146 static void add_asp(insn *, int);
147
148 static int has_prefix(insn * ins, enum prefix_pos pos, enum prefixes prefix)
149 {
150 return ins->prefixes[pos] == prefix;
151 }
152
153 static void assert_no_prefix(insn * ins, enum prefix_pos pos)
154 {
155 if (ins->prefixes[pos])
156 errfunc(ERR_NONFATAL, "invalid %s prefix",
157 prefix_name(ins->prefixes[pos]));
158 }
159
160 static const char *size_name(int size)
161 {
162 switch (size) {
163 case 1:
164 return "byte";
165 case 2:
166 return "word";
167 case 4:
168 return "dword";
169 case 8:
170 return "qword";
171 case 10:
172 return "tword";
173 case 16:
174 return "oword";
175 case 32:
176 return "yword";
177 default:
178 return "???";
179 }
180 }
181
182 static void warn_overflow(int size, int64_t data)
183 {
184 if (size < 8) {
185 int64_t lim = ((int64_t)1 << (size*8))-1;
186
187 if (data < ~lim || data > lim)
188 errfunc(ERR_WARNING | ERR_WARN_NOV,
189 "%s data exceeds bounds", size_name(size));
190 }
191 }
192 /*
193 * This routine wrappers the real output format's output routine,
194 * in order to pass a copy of the data off to the listing file
195 * generator at the same time.
196 */
197 static void out(int64_t offset, int32_t segto, const void *data,
198 enum out_type type, uint64_t size,
199 int32_t segment, int32_t wrt)
200 {
201 static int32_t lineno = 0; /* static!!! */
202 static char *lnfname = NULL;
203 uint8_t p[8];
204
205 if (type == OUT_ADDRESS && segment == NO_SEG && wrt == NO_SEG) {
206 /*
207 * This is a non-relocated address, and we're going to
208 * convert it into RAWDATA format.
209 */
210 uint8_t *q = p;
211
212 if (size > 8) {
213 errfunc(ERR_PANIC, "OUT_ADDRESS with size > 8");
214 return;
215 }
216
217 WRITEADDR(q, *(int64_t *)data, size);
218 data = p;
219 type = OUT_RAWDATA;
220 }
221
222 list->output(offset, data, type, size);
223
224 /*
225 * this call to src_get determines when we call the
226 * debug-format-specific "linenum" function
227 * it updates lineno and lnfname to the current values
228 * returning 0 if "same as last time", -2 if lnfname
229 * changed, and the amount by which lineno changed,
230 * if it did. thus, these variables must be static
231 */
232
233 if (src_get(&lineno, &lnfname)) {
234 outfmt->current_dfmt->linenum(lnfname, lineno, segto);
235 }
236
237 outfmt->output(segto, data, type, size, segment, wrt);
238 }
239
240 static int jmp_match(int32_t segment, int64_t offset, int bits,
241 insn * ins, const uint8_t *code)
242 {
243 int64_t isize;
244 uint8_t c = code[0];
245
246 if (c != 0370 && c != 0371)
247 return 0;
248 if (ins->oprs[0].opflags & OPFLAG_FORWARD) {
249 if ((optimizing < 0 || (ins->oprs[0].type & STRICT))
250 && c == 0370)
251 return 1;
252 else
253 return (pass0 == 0); /* match a forward reference */
254 }
255 isize = calcsize(segment, offset, bits, ins, code);
256 if (ins->oprs[0].segment != segment)
257 return 0;
258 isize = ins->oprs[0].offset - offset - isize; /* isize is now the delta */
259 if (isize >= -128L && isize <= 127L)
260 return 1; /* it is byte size */
261
262 return 0;
263 }
264
265 int64_t assemble(int32_t segment, int64_t offset, int bits, uint32_t cp,
266 insn * instruction, struct ofmt *output, efunc error,
267 ListGen * listgen)
268 {
269 const struct itemplate *temp;
270 int j;
271 int size_prob;
272 int64_t insn_end;
273 int32_t itimes;
274 int64_t start = offset;
275 int64_t wsize = 0; /* size for DB etc. */
276
277 errfunc = error; /* to pass to other functions */
278 cpu = cp;
279 outfmt = output; /* likewise */
280 list = listgen; /* and again */
281
282 switch (instruction->opcode) {
283 case -1:
284 return 0;
285 case I_DB:
286 wsize = 1;
287 break;
288 case I_DW:
289 wsize = 2;
290 break;
291 case I_DD:
292 wsize = 4;
293 break;
294 case I_DQ:
295 wsize = 8;
296 break;
297 case I_DT:
298 wsize = 10;
299 break;
300 case I_DO:
301 wsize = 16;
302 break;
303 case I_DY:
304 wsize = 32;
305 break;
306 default:
307 break;
308 }
309
310 if (wsize) {
311 extop *e;
312 int32_t t = instruction->times;
313 if (t < 0)
314 errfunc(ERR_PANIC,
315 "instruction->times < 0 (%ld) in assemble()", t);
316
317 while (t--) { /* repeat TIMES times */
318 for (e = instruction->eops; e; e = e->next) {
319 if (e->type == EOT_DB_NUMBER) {
320 if (wsize == 1) {
321 if (e->segment != NO_SEG)
322 errfunc(ERR_NONFATAL,
323 "one-byte relocation attempted");
324 else {
325 uint8_t out_byte = e->offset;
326 out(offset, segment, &out_byte,
327 OUT_RAWDATA, 1, NO_SEG, NO_SEG);
328 }
329 } else if (wsize > 8) {
330 errfunc(ERR_NONFATAL,
331 "integer supplied to a DT, DO or DY"
332 " instruction");
333 } else
334 out(offset, segment, &e->offset,
335 OUT_ADDRESS, wsize, e->segment, e->wrt);
336 offset += wsize;
337 } else if (e->type == EOT_DB_STRING) {
338 int align;
339
340 out(offset, segment, e->stringval,
341 OUT_RAWDATA, e->stringlen, NO_SEG, NO_SEG);
342 align = e->stringlen % wsize;
343
344 if (align) {
345 align = wsize - align;
346 out(offset, segment, const_zero_buf,
347 OUT_RAWDATA, align, NO_SEG, NO_SEG);
348 }
349 offset += e->stringlen + align;
350 }
351 }
352 if (t > 0 && t == instruction->times - 1) {
353 /*
354 * Dummy call to list->output to give the offset to the
355 * listing module.
356 */
357 list->output(offset, NULL, OUT_RAWDATA, 0);
358 list->uplevel(LIST_TIMES);
359 }
360 }
361 if (instruction->times > 1)
362 list->downlevel(LIST_TIMES);
363 return offset - start;
364 }
365
366 if (instruction->opcode == I_INCBIN) {
367 static char fname[FILENAME_MAX];
368 FILE *fp;
369 int32_t len;
370 char *prefix = "", *combine;
371 char **pPrevPath = NULL;
372
373 len = FILENAME_MAX - 1;
374 if (len > instruction->eops->stringlen)
375 len = instruction->eops->stringlen;
376 strncpy(fname, instruction->eops->stringval, len);
377 fname[len] = '\0';
378
379 while (1) { /* added by alexfru: 'incbin' uses include paths */
380 combine = nasm_malloc(strlen(prefix) + len + 1);
381 strcpy(combine, prefix);
382 strcat(combine, fname);
383
384 if ((fp = fopen(combine, "rb")) != NULL) {
385 nasm_free(combine);
386 break;
387 }
388
389 nasm_free(combine);
390 pPrevPath = pp_get_include_path_ptr(pPrevPath);
391 if (pPrevPath == NULL)
392 break;
393 prefix = *pPrevPath;
394 }
395
396 if (fp == NULL)
397 error(ERR_NONFATAL, "`incbin': unable to open file `%s'",
398 fname);
399 else if (fseek(fp, 0L, SEEK_END) < 0)
400 error(ERR_NONFATAL, "`incbin': unable to seek on file `%s'",
401 fname);
402 else {
403 static char buf[2048];
404 int32_t t = instruction->times;
405 int32_t base = 0;
406
407 len = ftell(fp);
408 if (instruction->eops->next) {
409 base = instruction->eops->next->offset;
410 len -= base;
411 if (instruction->eops->next->next &&
412 len > instruction->eops->next->next->offset)
413 len = instruction->eops->next->next->offset;
414 }
415 /*
416 * Dummy call to list->output to give the offset to the
417 * listing module.
418 */
419 list->output(offset, NULL, OUT_RAWDATA, 0);
420 list->uplevel(LIST_INCBIN);
421 while (t--) {
422 int32_t l;
423
424 fseek(fp, base, SEEK_SET);
425 l = len;
426 while (l > 0) {
427 int32_t m =
428 fread(buf, 1, (l > (int32_t) sizeof(buf) ? (int32_t) sizeof(buf) : l),
429 fp);
430 if (!m) {
431 /*
432 * This shouldn't happen unless the file
433 * actually changes while we are reading
434 * it.
435 */
436 error(ERR_NONFATAL,
437 "`incbin': unexpected EOF while"
438 " reading file `%s'", fname);
439 t = 0; /* Try to exit cleanly */
440 break;
441 }
442 out(offset, segment, buf, OUT_RAWDATA, m,
443 NO_SEG, NO_SEG);
444 l -= m;
445 }
446 }
447 list->downlevel(LIST_INCBIN);
448 if (instruction->times > 1) {
449 /*
450 * Dummy call to list->output to give the offset to the
451 * listing module.
452 */
453 list->output(offset, NULL, OUT_RAWDATA, 0);
454 list->uplevel(LIST_TIMES);
455 list->downlevel(LIST_TIMES);
456 }
457 fclose(fp);
458 return instruction->times * len;
459 }
460 return 0; /* if we're here, there's an error */
461 }
462
463 /* Check to see if we need an address-size prefix */
464 add_asp(instruction, bits);
465
466 size_prob = false;
467
468 for (temp = nasm_instructions[instruction->opcode]; temp->opcode != -1; temp++){
469 int m = matches(temp, instruction, bits);
470
471 if (m == 99)
472 m += jmp_match(segment, offset, bits, instruction, temp->code);
473
474 if (m == 100) { /* matches! */
475 const uint8_t *codes = temp->code;
476 int64_t insn_size = calcsize(segment, offset, bits,
477 instruction, codes);
478 itimes = instruction->times;
479 if (insn_size < 0) /* shouldn't be, on pass two */
480 error(ERR_PANIC, "errors made it through from pass one");
481 else
482 while (itimes--) {
483 for (j = 0; j < MAXPREFIX; j++) {
484 uint8_t c = 0;
485 switch (instruction->prefixes[j]) {
486 case P_LOCK:
487 c = 0xF0;
488 break;
489 case P_REPNE:
490 case P_REPNZ:
491 c = 0xF2;
492 break;
493 case P_REPE:
494 case P_REPZ:
495 case P_REP:
496 c = 0xF3;
497 break;
498 case R_CS:
499 if (bits == 64) {
500 error(ERR_WARNING,
501 "cs segment base generated, but will be ignored in 64-bit mode");
502 }
503 c = 0x2E;
504 break;
505 case R_DS:
506 if (bits == 64) {
507 error(ERR_WARNING,
508 "ds segment base generated, but will be ignored in 64-bit mode");
509 }
510 c = 0x3E;
511 break;
512 case R_ES:
513 if (bits == 64) {
514 error(ERR_WARNING,
515 "es segment base generated, but will be ignored in 64-bit mode");
516 }
517 c = 0x26;
518 break;
519 case R_FS:
520 c = 0x64;
521 break;
522 case R_GS:
523 c = 0x65;
524 break;
525 case R_SS:
526 if (bits == 64) {
527 error(ERR_WARNING,
528 "ss segment base generated, but will be ignored in 64-bit mode");
529 }
530 c = 0x36;
531 break;
532 case R_SEGR6:
533 case R_SEGR7:
534 error(ERR_NONFATAL,
535 "segr6 and segr7 cannot be used as prefixes");
536 break;
537 case P_A16:
538 if (bits == 64) {
539 error(ERR_NONFATAL,
540 "16-bit addressing is not supported "
541 "in 64-bit mode");
542 } else if (bits != 16)
543 c = 0x67;
544 break;
545 case P_A32:
546 if (bits != 32)
547 c = 0x67;
548 break;
549 case P_A64:
550 if (bits != 64) {
551 error(ERR_NONFATAL,
552 "64-bit addressing is only supported "
553 "in 64-bit mode");
554 }
555 break;
556 case P_ASP:
557 c = 0x67;
558 break;
559 case P_O16:
560 if (bits != 16)
561 c = 0x66;
562 break;
563 case P_O32:
564 if (bits == 16)
565 c = 0x66;
566 break;
567 case P_O64:
568 /* REX.W */
569 break;
570 case P_OSP:
571 c = 0x66;
572 break;
573 case P_none:
574 break;
575 default:
576 error(ERR_PANIC, "invalid instruction prefix");
577 }
578 if (c != 0) {
579 out(offset, segment, &c, OUT_RAWDATA, 1,
580 NO_SEG, NO_SEG);
581 offset++;
582 }
583 }
584 insn_end = offset + insn_size;
585 gencode(segment, offset, bits, instruction, codes,
586 insn_end);
587 offset += insn_size;
588 if (itimes > 0 && itimes == instruction->times - 1) {
589 /*
590 * Dummy call to list->output to give the offset to the
591 * listing module.
592 */
593 list->output(offset, NULL, OUT_RAWDATA, 0);
594 list->uplevel(LIST_TIMES);
595 }
596 }
597 if (instruction->times > 1)
598 list->downlevel(LIST_TIMES);
599 return offset - start;
600 } else if (m > 0 && m > size_prob) {
601 size_prob = m;
602 }
603 // temp++;
604 }
605
606 if (temp->opcode == -1) { /* didn't match any instruction */
607 switch (size_prob) {
608 case 1:
609 error(ERR_NONFATAL, "operation size not specified");
610 break;
611 case 2:
612 error(ERR_NONFATAL, "mismatch in operand sizes");
613 break;
614 case 3:
615 error(ERR_NONFATAL, "no instruction for this cpu level");
616 break;
617 case 4:
618 error(ERR_NONFATAL, "instruction not supported in 64-bit mode");
619 break;
620 default:
621 error(ERR_NONFATAL,
622 "invalid combination of opcode and operands");
623 break;
624 }
625 }
626 return 0;
627 }
628
629 int64_t insn_size(int32_t segment, int64_t offset, int bits, uint32_t cp,
630 insn * instruction, efunc error)
631 {
632 const struct itemplate *temp;
633
634 errfunc = error; /* to pass to other functions */
635 cpu = cp;
636
637 if (instruction->opcode == -1)
638 return 0;
639
640 if (instruction->opcode == I_DB || instruction->opcode == I_DW ||
641 instruction->opcode == I_DD || instruction->opcode == I_DQ ||
642 instruction->opcode == I_DT || instruction->opcode == I_DO ||
643 instruction->opcode == I_DY) {
644 extop *e;
645 int32_t isize, osize, wsize = 0; /* placate gcc */
646
647 isize = 0;
648 switch (instruction->opcode) {
649 case I_DB:
650 wsize = 1;
651 break;
652 case I_DW:
653 wsize = 2;
654 break;
655 case I_DD:
656 wsize = 4;
657 break;
658 case I_DQ:
659 wsize = 8;
660 break;
661 case I_DT:
662 wsize = 10;
663 break;
664 case I_DO:
665 wsize = 16;
666 break;
667 case I_DY:
668 wsize = 32;
669 break;
670 default:
671 break;
672 }
673
674 for (e = instruction->eops; e; e = e->next) {
675 int32_t align;
676
677 osize = 0;
678 if (e->type == EOT_DB_NUMBER)
679 osize = 1;
680 else if (e->type == EOT_DB_STRING)
681 osize = e->stringlen;
682
683 align = (-osize) % wsize;
684 if (align < 0)
685 align += wsize;
686 isize += osize + align;
687 }
688 return isize * instruction->times;
689 }
690
691 if (instruction->opcode == I_INCBIN) {
692 char fname[FILENAME_MAX];
693 FILE *fp;
694 int32_t len;
695 char *prefix = "", *combine;
696 char **pPrevPath = NULL;
697
698 len = FILENAME_MAX - 1;
699 if (len > instruction->eops->stringlen)
700 len = instruction->eops->stringlen;
701 strncpy(fname, instruction->eops->stringval, len);
702 fname[len] = '\0';
703
704 /* added by alexfru: 'incbin' uses include paths */
705 while (1) {
706 combine = nasm_malloc(strlen(prefix) + len + 1);
707 strcpy(combine, prefix);
708 strcat(combine, fname);
709
710 if ((fp = fopen(combine, "rb")) != NULL) {
711 nasm_free(combine);
712 break;
713 }
714
715 nasm_free(combine);
716 pPrevPath = pp_get_include_path_ptr(pPrevPath);
717 if (pPrevPath == NULL)
718 break;
719 prefix = *pPrevPath;
720 }
721
722 if (fp == NULL)
723 error(ERR_NONFATAL, "`incbin': unable to open file `%s'",
724 fname);
725 else if (fseek(fp, 0L, SEEK_END) < 0)
726 error(ERR_NONFATAL, "`incbin': unable to seek on file `%s'",
727 fname);
728 else {
729 len = ftell(fp);
730 fclose(fp);
731 if (instruction->eops->next) {
732 len -= instruction->eops->next->offset;
733 if (instruction->eops->next->next &&
734 len > instruction->eops->next->next->offset) {
735 len = instruction->eops->next->next->offset;
736 }
737 }
738 return instruction->times * len;
739 }
740 return 0; /* if we're here, there's an error */
741 }
742
743 /* Check to see if we need an address-size prefix */
744 add_asp(instruction, bits);
745
746 for (temp = nasm_instructions[instruction->opcode]; temp->opcode != -1; temp++) {
747 int m = matches(temp, instruction, bits);
748 if (m == 99)
749 m += jmp_match(segment, offset, bits, instruction, temp->code);
750
751 if (m == 100) {
752 /* we've matched an instruction. */
753 int64_t isize;
754 const uint8_t *codes = temp->code;
755 int j;
756
757 isize = calcsize(segment, offset, bits, instruction, codes);
758 if (isize < 0)
759 return -1;
760 for (j = 0; j < MAXPREFIX; j++) {
761 switch (instruction->prefixes[j]) {
762 case P_A16:
763 if (bits != 16)
764 isize++;
765 break;
766 case P_A32:
767 if (bits != 32)
768 isize++;
769 break;
770 case P_O16:
771 if (bits != 16)
772 isize++;
773 break;
774 case P_O32:
775 if (bits == 16)
776 isize++;
777 break;
778 case P_A64:
779 case P_O64:
780 case P_none:
781 break;
782 default:
783 isize++;
784 break;
785 }
786 }
787 return isize * instruction->times;
788 }
789 }
790 return -1; /* didn't match any instruction */
791 }
792
793 static bool possible_sbyte(insn * ins, int op)
794 {
795 return !(ins->forw_ref && ins->oprs[op].opflags) &&
796 optimizing >= 0 &&
797 !(ins->oprs[op].type & STRICT) &&
798 ins->oprs[op].wrt == NO_SEG && ins->oprs[op].segment == NO_SEG;
799 }
800
801 /* check that opn[op] is a signed byte of size 16 or 32 */
802 static bool is_sbyte16(insn * ins, int op)
803 {
804 int16_t v;
805
806 if (!possible_sbyte(ins, op))
807 return false;
808
809 v = ins->oprs[op].offset;
810 return v >= -128 && v <= 127;
811 }
812
813 static bool is_sbyte32(insn * ins, int op)
814 {
815 int32_t v;
816
817 if (!possible_sbyte(ins, op))
818 return false;
819
820 v = ins->oprs[op].offset;
821 return v >= -128 && v <= 127;
822 }
823
824 /* check that opn[op] is a signed byte of size 32; warn if this is not
825 the original value when extended to 64 bits */
826 static bool is_sbyte64(insn * ins, int op)
827 {
828 int64_t v64;
829 int32_t v32;
830
831 /* dead in the water on forward reference or External */
832 if (!possible_sbyte(ins, op))
833 return false;
834
835 v64 = ins->oprs[op].offset;
836 v32 = (int32_t)v64;
837
838 warn_overflow(32, v64);
839
840 return v32 >= -128 && v32 <= 127;
841 }
842 static int64_t calcsize(int32_t segment, int64_t offset, int bits,
843 insn * ins, const uint8_t *codes)
844 {
845 int64_t length = 0;
846 uint8_t c;
847 int rex_mask = ~0;
848 struct operand *opx;
849
850 ins->rex = 0; /* Ensure REX is reset */
851
852 if (ins->prefixes[PPS_OSIZE] == P_O64)
853 ins->rex |= REX_W;
854
855 (void)segment; /* Don't warn that this parameter is unused */
856 (void)offset; /* Don't warn that this parameter is unused */
857
858 while (*codes) {
859 c = *codes++;
860 opx = &ins->oprs[c & 3];
861 switch (c) {
862 case 01:
863 case 02:
864 case 03:
865 codes += c, length += c;
866 break;
867 case 04:
868 case 05:
869 case 06:
870 case 07:
871 length++;
872 break;
873 case 010:
874 case 011:
875 case 012:
876 case 013:
877 ins->rex |=
878 op_rexflags(opx, REX_B|REX_H|REX_P|REX_W);
879 codes++, length++;
880 break;
881 case 014:
882 case 015:
883 case 016:
884 case 017:
885 length++;
886 break;
887 case 020:
888 case 021:
889 case 022:
890 case 023:
891 length++;
892 break;
893 case 024:
894 case 025:
895 case 026:
896 case 027:
897 length++;
898 break;
899 case 030:
900 case 031:
901 case 032:
902 case 033:
903 length += 2;
904 break;
905 case 034:
906 case 035:
907 case 036:
908 case 037:
909 if (opx->type & (BITS16 | BITS32 | BITS64))
910 length += (opx->type & BITS16) ? 2 : 4;
911 else
912 length += (bits == 16) ? 2 : 4;
913 break;
914 case 040:
915 case 041:
916 case 042:
917 case 043:
918 length += 4;
919 break;
920 case 044:
921 case 045:
922 case 046:
923 case 047:
924 length += ins->addr_size >> 3;
925 break;
926 case 050:
927 case 051:
928 case 052:
929 case 053:
930 length++;
931 break;
932 case 054:
933 case 055:
934 case 056:
935 case 057:
936 length += 8; /* MOV reg64/imm */
937 break;
938 case 060:
939 case 061:
940 case 062:
941 case 063:
942 length += 2;
943 break;
944 case 064:
945 case 065:
946 case 066:
947 case 067:
948 if (opx->type & (BITS16 | BITS32 | BITS64))
949 length += (opx->type & BITS16) ? 2 : 4;
950 else
951 length += (bits == 16) ? 2 : 4;
952 break;
953 case 070:
954 case 071:
955 case 072:
956 case 073:
957 length += 4;
958 break;
959 case 074:
960 case 075:
961 case 076:
962 case 077:
963 length += 2;
964 break;
965 case 0140:
966 case 0141:
967 case 0142:
968 case 0143:
969 length += is_sbyte16(ins, c & 3) ? 1 : 2;
970 break;
971 case 0144:
972 case 0145:
973 case 0146:
974 case 0147:
975 codes++;
976 length++;
977 break;
978 case 0150:
979 case 0151:
980 case 0152:
981 case 0153:
982 length += is_sbyte32(ins, c & 3) ? 1 : 4;
983 break;
984 case 0154:
985 case 0155:
986 case 0156:
987 case 0157:
988 codes++;
989 length++;
990 break;
991 case 0160:
992 case 0161:
993 case 0162:
994 case 0163:
995 length++;
996 ins->rex |= REX_D;
997 ins->drexdst = regval(opx);
998 break;
999 case 0164:
1000 case 0165:
1001 case 0166:
1002 case 0167:
1003 length++;
1004 ins->rex |= REX_D|REX_OC;
1005 ins->drexdst = regval(opx);
1006 break;
1007 case 0171:
1008 break;
1009 case 0172:
1010 case 0173:
1011 case 0174:
1012 codes++;
1013 length++;
1014 break;
1015 case 0250:
1016 case 0251:
1017 case 0252:
1018 case 0253:
1019 length += is_sbyte64(ins, c & 3) ? 1 : 4;
1020 break;
1021 case 0260:
1022 case 0261:
1023 case 0262:
1024 case 0263:
1025 length += 2;
1026 ins->rex |= REX_V;
1027 ins->drexdst = regval(opx);
1028 ins->vex_m = *codes++;
1029 ins->vex_wlp = *codes++;
1030 break;
1031 case 0270:
1032 length += 2;
1033 ins->rex |= REX_V;
1034 ins->drexdst = 0;
1035 ins->vex_m = *codes++;
1036 ins->vex_wlp = *codes++;
1037 break;
1038 case 0300:
1039 case 0301:
1040 case 0302:
1041 case 0303:
1042 break;
1043 case 0310:
1044 if (bits == 64)
1045 return -1;
1046 length += (bits != 16) && !has_prefix(ins, PPS_ASIZE, P_A16);
1047 break;
1048 case 0311:
1049 length += (bits != 32) && !has_prefix(ins, PPS_ASIZE, P_A32);
1050 break;
1051 case 0312:
1052 break;
1053 case 0313:
1054 if (bits != 64 || has_prefix(ins, PPS_ASIZE, P_A16) ||
1055 has_prefix(ins, PPS_ASIZE, P_A32))
1056 return -1;
1057 break;
1058 case 0314:
1059 case 0315:
1060 case 0316:
1061 case 0317:
1062 break;
1063 case 0320:
1064 length += (bits != 16);
1065 break;
1066 case 0321:
1067 length += (bits == 16);
1068 break;
1069 case 0322:
1070 break;
1071 case 0323:
1072 rex_mask &= ~REX_W;
1073 break;
1074 case 0324:
1075 ins->rex |= REX_W;
1076 break;
1077 case 0330:
1078 codes++, length++;
1079 break;
1080 case 0331:
1081 break;
1082 case 0332:
1083 case 0333:
1084 length++;
1085 break;
1086 case 0334:
1087 ins->rex |= REX_L;
1088 break;
1089 case 0335:
1090 break;
1091 case 0340:
1092 if (ins->oprs[0].segment != NO_SEG)
1093 errfunc(ERR_NONFATAL, "attempt to reserve non-constant"
1094 " quantity of BSS space");
1095 else
1096 length += ins->oprs[0].offset;
1097 break;
1098 case 0360:
1099 break;
1100 case 0361:
1101 case 0362:
1102 case 0363:
1103 length++;
1104 break;
1105 case 0364:
1106 case 0365:
1107 break;
1108 case 0366:
1109 case 0367:
1110 length++;
1111 break;
1112 case 0370:
1113 case 0371:
1114 case 0372:
1115 break;
1116 case 0373:
1117 length++;
1118 break;
1119 default: /* can't do it by 'case' statements */
1120 if (c >= 0100 && c <= 0277) { /* it's an EA */
1121 ea ea_data;
1122 int rfield;
1123 int32_t rflags;
1124 ea_data.rex = 0; /* Ensure ea.REX is initially 0 */
1125
1126 if (c <= 0177) {
1127 /* pick rfield from operand b */
1128 rflags = regflag(&ins->oprs[c & 7]);
1129 rfield = nasm_regvals[ins->oprs[c & 7].basereg];
1130 } else {
1131 rflags = 0;
1132 rfield = c & 7;
1133 }
1134
1135 if (!process_ea
1136 (&ins->oprs[(c >> 3) & 7], &ea_data, bits,
1137 ins->addr_size, rfield, rflags, ins->forw_ref)) {
1138 errfunc(ERR_NONFATAL, "invalid effective address");
1139 return -1;
1140 } else {
1141 ins->rex |= ea_data.rex;
1142 length += ea_data.size;
1143 }
1144 } else {
1145 errfunc(ERR_PANIC, "internal instruction table corrupt"
1146 ": instruction code 0x%02X given", c);
1147 }
1148 }
1149 }
1150
1151 ins->rex &= rex_mask;
1152
1153 if (ins->rex & REX_V) {
1154 int bad32 = REX_R|REX_W|REX_X|REX_B;
1155
1156 if (ins->rex & REX_H) {
1157 errfunc(ERR_NONFATAL, "cannot use high register in vex instruction");
1158 return -1;
1159 }
1160 switch (ins->vex_wlp & 030) {
1161 case 000:
1162 ins->rex &= ~REX_W;
1163 break;
1164 case 010:
1165 ins->rex |= REX_W;
1166 bad32 &= ~REX_W;
1167 break;
1168 default:
1169 /* Follow REX_W */
1170 break;
1171 }
1172
1173 if (bits != 64 && ((ins->rex & bad32) || ins->drexdst > 7)) {
1174 errfunc(ERR_NONFATAL, "invalid operands in non-64-bit mode");
1175 return -1;
1176 }
1177 if (ins->vex_m != 1 || (ins->rex & (REX_W|REX_R|REX_B)))
1178 length += 3;
1179 else
1180 length += 2;
1181 } else if (ins->rex & REX_D) {
1182 if (ins->rex & REX_H) {
1183 errfunc(ERR_NONFATAL, "cannot use high register in drex instruction");
1184 return -1;
1185 }
1186 if (bits != 64 && ((ins->rex & (REX_R|REX_W|REX_X|REX_B)) ||
1187 ins->drexdst > 7)) {
1188 errfunc(ERR_NONFATAL, "invalid operands in non-64-bit mode");
1189 return -1;
1190 }
1191 length++;
1192 } else if (ins->rex & REX_REAL) {
1193 if (ins->rex & REX_H) {
1194 errfunc(ERR_NONFATAL, "cannot use high register in rex instruction");
1195 return -1;
1196 } else if (bits == 64) {
1197 length++;
1198 } else if ((ins->rex & REX_L) &&
1199 !(ins->rex & (REX_P|REX_W|REX_X|REX_B)) &&
1200 cpu >= IF_X86_64) {
1201 /* LOCK-as-REX.R */
1202 assert_no_prefix(ins, PPS_LREP);
1203 length++;
1204 } else {
1205 errfunc(ERR_NONFATAL, "invalid operands in non-64-bit mode");
1206 return -1;
1207 }
1208 }
1209
1210 return length;
1211 }
1212
1213 #define EMIT_REX() \
1214 if (!(ins->rex & (REX_D|REX_V)) && (ins->rex & REX_REAL) && (bits == 64)) { \
1215 ins->rex = (ins->rex & REX_REAL)|REX_P; \
1216 out(offset, segment, &ins->rex, OUT_RAWDATA, 1, NO_SEG, NO_SEG); \
1217 ins->rex = 0; \
1218 offset += 1; \
1219 }
1220
1221 static void gencode(int32_t segment, int64_t offset, int bits,
1222 insn * ins, const uint8_t *codes, int64_t insn_end)
1223 {
1224 static char condval[] = { /* conditional opcodes */
1225 0x7, 0x3, 0x2, 0x6, 0x2, 0x4, 0xF, 0xD, 0xC, 0xE, 0x6, 0x2,
1226 0x3, 0x7, 0x3, 0x5, 0xE, 0xC, 0xD, 0xF, 0x1, 0xB, 0x9, 0x5,
1227 0x0, 0xA, 0xA, 0xB, 0x8, 0x4
1228 };
1229 uint8_t c;
1230 uint8_t bytes[4];
1231 int64_t size;
1232 int64_t data;
1233 struct operand *opx;
1234
1235 while (*codes) {
1236 c = *codes++;
1237 opx = &ins->oprs[c & 3];
1238 switch (c) {
1239 case 01:
1240 case 02:
1241 case 03:
1242 EMIT_REX();
1243 out(offset, segment, codes, OUT_RAWDATA, c, NO_SEG, NO_SEG);
1244 codes += c;
1245 offset += c;
1246 break;
1247
1248 case 04:
1249 case 06:
1250 switch (ins->oprs[0].basereg) {
1251 case R_CS:
1252 bytes[0] = 0x0E + (c == 0x04 ? 1 : 0);
1253 break;
1254 case R_DS:
1255 bytes[0] = 0x1E + (c == 0x04 ? 1 : 0);
1256 break;
1257 case R_ES:
1258 bytes[0] = 0x06 + (c == 0x04 ? 1 : 0);
1259 break;
1260 case R_SS:
1261 bytes[0] = 0x16 + (c == 0x04 ? 1 : 0);
1262 break;
1263 default:
1264 errfunc(ERR_PANIC,
1265 "bizarre 8086 segment register received");
1266 }
1267 out(offset, segment, bytes, OUT_RAWDATA, 1, NO_SEG, NO_SEG);
1268 offset++;
1269 break;
1270
1271 case 05:
1272 case 07:
1273 switch (ins->oprs[0].basereg) {
1274 case R_FS:
1275 bytes[0] = 0xA0 + (c == 0x05 ? 1 : 0);
1276 break;
1277 case R_GS:
1278 bytes[0] = 0xA8 + (c == 0x05 ? 1 : 0);
1279 break;
1280 default:
1281 errfunc(ERR_PANIC,
1282 "bizarre 386 segment register received");
1283 }
1284 out(offset, segment, bytes, OUT_RAWDATA, 1, NO_SEG, NO_SEG);
1285 offset++;
1286 break;
1287
1288 case 010:
1289 case 011:
1290 case 012:
1291 case 013:
1292 EMIT_REX();
1293 bytes[0] = *codes++ + ((regval(opx)) & 7);
1294 out(offset, segment, bytes, OUT_RAWDATA, 1, NO_SEG, NO_SEG);
1295 offset += 1;
1296 break;
1297
1298 case 014:
1299 case 015:
1300 case 016:
1301 case 017:
1302 /* XXX: warns for legitimate optimizer actions */
1303 if (opx->offset < -128 || opx->offset > 127) {
1304 errfunc(ERR_WARNING | ERR_WARN_NOV,
1305 "signed byte value exceeds bounds");
1306 }
1307
1308 if (opx->segment != NO_SEG) {
1309 data = opx->offset;
1310 out(offset, segment, &data, OUT_ADDRESS, 1,
1311 opx->segment, opx->wrt);
1312 } else {
1313 bytes[0] = opx->offset;
1314 out(offset, segment, bytes, OUT_RAWDATA, 1, NO_SEG,
1315 NO_SEG);
1316 }
1317 offset += 1;
1318 break;
1319
1320 case 020:
1321 case 021:
1322 case 022:
1323 case 023:
1324 if (opx->offset < -256 || opx->offset > 255) {
1325 errfunc(ERR_WARNING | ERR_WARN_NOV,
1326 "byte value exceeds bounds");
1327 }
1328 if (opx->segment != NO_SEG) {
1329 data = opx->offset;
1330 out(offset, segment, &data, OUT_ADDRESS, 1,
1331 opx->segment, opx->wrt);
1332 } else {
1333 bytes[0] = opx->offset;
1334 out(offset, segment, bytes, OUT_RAWDATA, 1, NO_SEG,
1335 NO_SEG);
1336 }
1337 offset += 1;
1338 break;
1339
1340 case 024:
1341 case 025:
1342 case 026:
1343 case 027:
1344 if (opx->offset < 0 || opx->offset > 255)
1345 errfunc(ERR_WARNING | ERR_WARN_NOV,
1346 "unsigned byte value exceeds bounds");
1347 if (opx->segment != NO_SEG) {
1348 data = opx->offset;
1349 out(offset, segment, &data, OUT_ADDRESS, 1,
1350 opx->segment, opx->wrt);
1351 } else {
1352 bytes[0] = opx->offset;
1353 out(offset, segment, bytes, OUT_RAWDATA, 1, NO_SEG,
1354 NO_SEG);
1355 }
1356 offset += 1;
1357 break;
1358
1359 case 030:
1360 case 031:
1361 case 032:
1362 case 033:
1363 data = opx->offset;
1364 if (opx->segment == NO_SEG && opx->wrt == NO_SEG)
1365 warn_overflow(2, data);
1366 out(offset, segment, &data, OUT_ADDRESS, 2,
1367 opx->segment, opx->wrt);
1368 offset += 2;
1369 break;
1370
1371 case 034:
1372 case 035:
1373 case 036:
1374 case 037:
1375 if (opx->type & (BITS16 | BITS32))
1376 size = (opx->type & BITS16) ? 2 : 4;
1377 else
1378 size = (bits == 16) ? 2 : 4;
1379 data = opx->offset;
1380 if (opx->segment == NO_SEG && opx->wrt == NO_SEG)
1381 warn_overflow(size, data);
1382 out(offset, segment, &data, OUT_ADDRESS, size,
1383 opx->segment, opx->wrt);
1384 offset += size;
1385 break;
1386
1387 case 040:
1388 case 041:
1389 case 042:
1390 case 043:
1391 data = opx->offset;
1392 if (opx->segment == NO_SEG && opx->wrt == NO_SEG)
1393 warn_overflow(4, data);
1394 out(offset, segment, &data, OUT_ADDRESS, 4,
1395 opx->segment, opx->wrt);
1396 offset += 4;
1397 break;
1398
1399 case 044:
1400 case 045:
1401 case 046:
1402 case 047:
1403 data = opx->offset;
1404 size = ins->addr_size >> 3;
1405 if (opx->segment == NO_SEG &&
1406 opx->wrt == NO_SEG)
1407 warn_overflow(size, data);
1408 out(offset, segment, &data, OUT_ADDRESS, size,
1409 opx->segment, opx->wrt);
1410 offset += size;
1411 break;
1412
1413 case 050:
1414 case 051:
1415 case 052:
1416 case 053:
1417 if (opx->segment != segment)
1418 errfunc(ERR_NONFATAL,
1419 "short relative jump outside segment");
1420 data = opx->offset - insn_end;
1421 if (data > 127 || data < -128)
1422 errfunc(ERR_NONFATAL, "short jump is out of range");
1423 bytes[0] = data;
1424 out(offset, segment, bytes, OUT_RAWDATA, 1, NO_SEG, NO_SEG);
1425 offset += 1;
1426 break;
1427
1428 case 054:
1429 case 055:
1430 case 056:
1431 case 057:
1432 data = (int64_t)opx->offset;
1433 out(offset, segment, &data, OUT_ADDRESS, 8,
1434 opx->segment, opx->wrt);
1435 offset += 8;
1436 break;
1437
1438 case 060:
1439 case 061:
1440 case 062:
1441 case 063:
1442 if (opx->segment != segment) {
1443 data = opx->offset;
1444 out(offset, segment, &data,
1445 OUT_REL2ADR, insn_end - offset,
1446 opx->segment, opx->wrt);
1447 } else {
1448 data = opx->offset - insn_end;
1449 out(offset, segment, &data,
1450 OUT_ADDRESS, 2, NO_SEG, NO_SEG);
1451 }
1452 offset += 2;
1453 break;
1454
1455 case 064:
1456 case 065:
1457 case 066:
1458 case 067:
1459 if (opx->type & (BITS16 | BITS32 | BITS64))
1460 size = (opx->type & BITS16) ? 2 : 4;
1461 else
1462 size = (bits == 16) ? 2 : 4;
1463 if (opx->segment != segment) {
1464 data = opx->offset;
1465 out(offset, segment, &data,
1466 size == 2 ? OUT_REL2ADR : OUT_REL4ADR,
1467 insn_end - offset, opx->segment, opx->wrt);
1468 } else {
1469 data = opx->offset - insn_end;
1470 out(offset, segment, &data,
1471 OUT_ADDRESS, size, NO_SEG, NO_SEG);
1472 }
1473 offset += size;
1474 break;
1475
1476 case 070:
1477 case 071:
1478 case 072:
1479 case 073:
1480 if (opx->segment != segment) {
1481 data = opx->offset;
1482 out(offset, segment, &data,
1483 OUT_REL4ADR, insn_end - offset,
1484 opx->segment, opx->wrt);
1485 } else {
1486 data = opx->offset - insn_end;
1487 out(offset, segment, &data,
1488 OUT_ADDRESS, 4, NO_SEG, NO_SEG);
1489 }
1490 offset += 4;
1491 break;
1492
1493 case 074:
1494 case 075:
1495 case 076:
1496 case 077:
1497 if (opx->segment == NO_SEG)
1498 errfunc(ERR_NONFATAL, "value referenced by FAR is not"
1499 " relocatable");
1500 data = 0;
1501 out(offset, segment, &data, OUT_ADDRESS, 2,
1502 outfmt->segbase(1 + opx->segment),
1503 opx->wrt);
1504 offset += 2;
1505 break;
1506
1507 case 0140:
1508 case 0141:
1509 case 0142:
1510 case 0143:
1511 data = opx->offset;
1512 if (is_sbyte16(ins, c & 3)) {
1513 bytes[0] = data;
1514 out(offset, segment, bytes, OUT_RAWDATA, 1, NO_SEG,
1515 NO_SEG);
1516 offset++;
1517 } else {
1518 if (opx->segment == NO_SEG &&
1519 opx->wrt == NO_SEG)
1520 warn_overflow(2, data);
1521 out(offset, segment, &data, OUT_ADDRESS, 2,
1522 opx->segment, opx->wrt);
1523 offset += 2;
1524 }
1525 break;
1526
1527 case 0144:
1528 case 0145:
1529 case 0146:
1530 case 0147:
1531 EMIT_REX();
1532 bytes[0] = *codes++;
1533 if (is_sbyte16(ins, c & 3))
1534 bytes[0] |= 2; /* s-bit */
1535 out(offset, segment, bytes, OUT_RAWDATA, 1, NO_SEG, NO_SEG);
1536 offset++;
1537 break;
1538
1539 case 0150:
1540 case 0151:
1541 case 0152:
1542 case 0153:
1543 data = opx->offset;
1544 if (is_sbyte32(ins, c & 3)) {
1545 bytes[0] = data;
1546 out(offset, segment, bytes, OUT_RAWDATA, 1, NO_SEG,
1547 NO_SEG);
1548 offset++;
1549 } else {
1550 out(offset, segment, &data, OUT_ADDRESS, 4,
1551 opx->segment, opx->wrt);
1552 offset += 4;
1553 }
1554 break;
1555
1556 case 0154:
1557 case 0155:
1558 case 0156:
1559 case 0157:
1560 EMIT_REX();
1561 bytes[0] = *codes++;
1562 if (is_sbyte32(ins, c & 3))
1563 bytes[0] |= 2; /* s-bit */
1564 out(offset, segment, bytes, OUT_RAWDATA, 1, NO_SEG, NO_SEG);
1565 offset++;
1566 break;
1567
1568 case 0160:
1569 case 0161:
1570 case 0162:
1571 case 0163:
1572 case 0164:
1573 case 0165:
1574 case 0166:
1575 case 0167:
1576 break;
1577
1578 case 0171:
1579 bytes[0] =
1580 (ins->drexdst << 4) |
1581 (ins->rex & REX_OC ? 0x08 : 0) |
1582 (ins->rex & (REX_R|REX_X|REX_B));
1583 ins->rex = 0;
1584 out(offset, segment, bytes, OUT_RAWDATA, 1, NO_SEG, NO_SEG);
1585 offset++;
1586 break;
1587
1588 case 0172:
1589 c = *codes++;
1590 opx = &ins->oprs[c >> 3];
1591 bytes[0] = nasm_regvals[opx->basereg] << 4;
1592 opx = &ins->oprs[c & 7];
1593 if (opx->segment != NO_SEG || opx->wrt != NO_SEG) {
1594 errfunc(ERR_NONFATAL,
1595 "non-absolute expression not permitted as argument %d",
1596 c & 7);
1597 } else {
1598 if (opx->offset & ~15) {
1599 errfunc(ERR_WARNING | ERR_WARN_NOV,
1600 "four-bit argument exceeds bounds");
1601 }
1602 bytes[0] |= opx->offset & 15;
1603 }
1604 out(offset, segment, bytes, OUT_RAWDATA, 1, NO_SEG, NO_SEG);
1605 offset++;
1606 break;
1607
1608 case 0173:
1609 c = *codes++;
1610 opx = &ins->oprs[c >> 4];
1611 bytes[0] = nasm_regvals[opx->basereg] << 4;
1612 bytes[0] |= c & 15;
1613 out(offset, segment, bytes, OUT_RAWDATA, 1, NO_SEG, NO_SEG);
1614 offset++;
1615 break;
1616
1617 case 0174:
1618 c = *codes++;
1619 opx = &ins->oprs[c];
1620 bytes[0] = nasm_regvals[opx->basereg] << 4;
1621 out(offset, segment, bytes, OUT_RAWDATA, 1, NO_SEG, NO_SEG);
1622 offset++;
1623 break;
1624
1625 case 0250:
1626 case 0251:
1627 case 0252:
1628 case 0253:
1629 data = opx->offset;
1630 /* is_sbyte32() is right here, we have already warned */
1631 if (is_sbyte32(ins, c & 3)) {
1632 bytes[0] = data;
1633 out(offset, segment, bytes, OUT_RAWDATA, 1, NO_SEG,
1634 NO_SEG);
1635 offset++;
1636 } else {
1637 out(offset, segment, &data, OUT_ADDRESS, 4,
1638 opx->segment, opx->wrt);
1639 offset += 4;
1640 }
1641 break;
1642
1643 case 0260:
1644 case 0261:
1645 case 0262:
1646 case 0263:
1647 case 0270:
1648 codes += 2;
1649 if (ins->vex_m != 1 || (ins->rex & (REX_W|REX_X|REX_B))) {
1650 bytes[0] = 0xc4;
1651 bytes[1] = ins->vex_m | ((~ins->rex & 7) << 5);
1652 bytes[2] = ((ins->rex & REX_W) << (7-3)) |
1653 ((~ins->drexdst & 15)<< 3) | (ins->vex_wlp & 07);
1654 out(offset, segment, &bytes, OUT_RAWDATA, 3, NO_SEG, NO_SEG);
1655 offset += 3;
1656 } else {
1657 bytes[0] = 0xc5;
1658 bytes[1] = ((~ins->rex & REX_R) << (7-2)) |
1659 ((~ins->drexdst & 15) << 3) | (ins->vex_wlp & 07);
1660 out(offset, segment, &bytes, OUT_RAWDATA, 2, NO_SEG, NO_SEG);
1661 offset += 2;
1662 }
1663 break;
1664
1665 case 0300:
1666 case 0301:
1667 case 0302:
1668 case 0303:
1669 break;
1670
1671 case 0310:
1672 if (bits == 32 && !has_prefix(ins, PPS_ASIZE, P_A16)) {
1673 *bytes = 0x67;
1674 out(offset, segment, bytes, OUT_RAWDATA, 1, NO_SEG, NO_SEG);
1675 offset += 1;
1676 } else
1677 offset += 0;
1678 break;
1679
1680 case 0311:
1681 if (bits != 32 && !has_prefix(ins, PPS_ASIZE, P_A32)) {
1682 *bytes = 0x67;
1683 out(offset, segment, bytes, OUT_RAWDATA, 1, NO_SEG, NO_SEG);
1684 offset += 1;
1685 } else
1686 offset += 0;
1687 break;
1688
1689 case 0312:
1690 break;
1691
1692 case 0313:
1693 ins->rex = 0;
1694 break;
1695
1696 case 0314:
1697 case 0315:
1698 case 0316:
1699 case 0317:
1700 break;
1701
1702 case 0320:
1703 if (bits != 16) {
1704 *bytes = 0x66;
1705 out(offset, segment, bytes, OUT_RAWDATA, 1, NO_SEG, NO_SEG);
1706 offset += 1;
1707 } else
1708 offset += 0;
1709 break;
1710
1711 case 0321:
1712 if (bits == 16) {
1713 *bytes = 0x66;
1714 out(offset, segment, bytes, OUT_RAWDATA, 1, NO_SEG, NO_SEG);
1715 offset += 1;
1716 } else
1717 offset += 0;
1718 break;
1719
1720 case 0322:
1721 case 0323:
1722 break;
1723
1724 case 0324:
1725 ins->rex |= REX_W;
1726 break;
1727
1728 case 0330:
1729 *bytes = *codes++ ^ condval[ins->condition];
1730 out(offset, segment, bytes, OUT_RAWDATA, 1, NO_SEG, NO_SEG);
1731 offset += 1;
1732 break;
1733
1734 case 0331:
1735 break;
1736
1737 case 0332:
1738 case 0333:
1739 *bytes = c - 0332 + 0xF2;
1740 out(offset, segment, bytes, OUT_RAWDATA, 1, NO_SEG, NO_SEG);
1741 offset += 1;
1742 break;
1743
1744 case 0334:
1745 if (ins->rex & REX_R) {
1746 *bytes = 0xF0;
1747 out(offset, segment, bytes, OUT_RAWDATA, 1, NO_SEG, NO_SEG);
1748 offset += 1;
1749 }
1750 ins->rex &= ~(REX_L|REX_R);
1751 break;
1752
1753 case 0335:
1754 break;
1755
1756 case 0340:
1757 if (ins->oprs[0].segment != NO_SEG)
1758 errfunc(ERR_PANIC, "non-constant BSS size in pass two");
1759 else {
1760 int64_t size = ins->oprs[0].offset;
1761 if (size > 0)
1762 out(offset, segment, NULL,
1763 OUT_RESERVE, size, NO_SEG, NO_SEG);
1764 offset += size;
1765 }
1766 break;
1767
1768 case 0360:
1769 break;
1770
1771 case 0361:
1772 bytes[0] = 0x66;
1773 out(offset, segment, bytes, OUT_RAWDATA, 1, NO_SEG, NO_SEG);
1774 offset += 1;
1775 break;
1776
1777 case 0362:
1778 case 0363:
1779 bytes[0] = c - 0362 + 0xf2;
1780 out(offset, segment, bytes, OUT_RAWDATA, 1, NO_SEG, NO_SEG);
1781 offset += 1;
1782 break;
1783
1784 case 0364:
1785 case 0365:
1786 break;
1787
1788 case 0366:
1789 case 0367:
1790 *bytes = c - 0366 + 0x66;
1791 out(offset, segment, bytes, OUT_RAWDATA, 1, NO_SEG, NO_SEG);
1792 offset += 1;
1793 break;
1794
1795 case 0370:
1796 case 0371:
1797 case 0372:
1798 break;
1799
1800 case 0373:
1801 *bytes = bits == 16 ? 3 : 5;
1802 out(offset, segment, bytes, OUT_RAWDATA, 1, NO_SEG, NO_SEG);
1803 offset += 1;
1804 break;
1805
1806 default: /* can't do it by 'case' statements */
1807 if (c >= 0100 && c <= 0277) { /* it's an EA */
1808 ea ea_data;
1809 int rfield;
1810 int32_t rflags;
1811 uint8_t *p;
1812 int32_t s;
1813
1814 if (c <= 0177) {
1815 /* pick rfield from operand b */
1816 rflags = regflag(&ins->oprs[c & 7]);
1817 rfield = nasm_regvals[ins->oprs[c & 7].basereg];
1818 } else {
1819 /* rfield is constant */
1820 rflags = 0;
1821 rfield = c & 7;
1822 }
1823
1824 if (!process_ea
1825 (&ins->oprs[(c >> 3) & 7], &ea_data, bits,
1826 ins->addr_size, rfield, rflags, ins->forw_ref)) {
1827 errfunc(ERR_NONFATAL, "invalid effective address");
1828 }
1829
1830
1831 p = bytes;
1832 *p++ = ea_data.modrm;
1833 if (ea_data.sib_present)
1834 *p++ = ea_data.sib;
1835
1836 /* DREX suffixes come between the SIB and the displacement */
1837 if (ins->rex & REX_D) {
1838 *p++ =
1839 (ins->drexdst << 4) |
1840 (ins->rex & REX_OC ? 0x08 : 0) |
1841 (ins->rex & (REX_R|REX_X|REX_B));
1842 ins->rex = 0;
1843 }
1844
1845 s = p - bytes;
1846 out(offset, segment, bytes, OUT_RAWDATA, s, NO_SEG, NO_SEG);
1847
1848 switch (ea_data.bytes) {
1849 case 0:
1850 break;
1851 case 1:
1852 if (ins->oprs[(c >> 3) & 7].segment != NO_SEG) {
1853 data = ins->oprs[(c >> 3) & 7].offset;
1854 out(offset, segment, &data, OUT_ADDRESS, 1,
1855 ins->oprs[(c >> 3) & 7].segment,
1856 ins->oprs[(c >> 3) & 7].wrt);
1857 } else {
1858 *bytes = ins->oprs[(c >> 3) & 7].offset;
1859 out(offset, segment, bytes, OUT_RAWDATA, 1,
1860 NO_SEG, NO_SEG);
1861 }
1862 s++;
1863 break;
1864 case 8:
1865 case 2:
1866 case 4:
1867 data = ins->oprs[(c >> 3) & 7].offset;
1868 warn_overflow(ea_data.bytes, data);
1869 out(offset, segment, &data,
1870 ea_data.rip ? OUT_REL4ADR : OUT_ADDRESS,
1871 ea_data.bytes,
1872 ins->oprs[(c >> 3) & 7].segment,
1873 ins->oprs[(c >> 3) & 7].wrt);
1874 s += ea_data.bytes;
1875 break;
1876 }
1877 offset += s;
1878 } else {
1879 errfunc(ERR_PANIC, "internal instruction table corrupt"
1880 ": instruction code 0x%02X given", c);
1881 }
1882 }
1883 }
1884 }
1885
1886 static int32_t regflag(const operand * o)
1887 {
1888 if (o->basereg < EXPR_REG_START || o->basereg >= REG_ENUM_LIMIT) {
1889 errfunc(ERR_PANIC, "invalid operand passed to regflag()");
1890 }
1891 return nasm_reg_flags[o->basereg];
1892 }
1893
1894 static int32_t regval(const operand * o)
1895 {
1896 if (o->basereg < EXPR_REG_START || o->basereg >= REG_ENUM_LIMIT) {
1897 errfunc(ERR_PANIC, "invalid operand passed to regval()");
1898 }
1899 return nasm_regvals[o->basereg];
1900 }
1901
1902 static int op_rexflags(const operand * o, int mask)
1903 {
1904 int32_t flags;
1905 int val;
1906
1907 if (o->basereg < EXPR_REG_START || o->basereg >= REG_ENUM_LIMIT) {
1908 errfunc(ERR_PANIC, "invalid operand passed to op_rexflags()");
1909 }
1910
1911 flags = nasm_reg_flags[o->basereg];
1912 val = nasm_regvals[o->basereg];
1913
1914 return rexflags(val, flags, mask);
1915 }
1916
1917 static int rexflags(int val, int32_t flags, int mask)
1918 {
1919 int rex = 0;
1920
1921 if (val >= 8)
1922 rex |= REX_B|REX_X|REX_R;
1923 if (flags & BITS64)
1924 rex |= REX_W;
1925 if (!(REG_HIGH & ~flags)) /* AH, CH, DH, BH */
1926 rex |= REX_H;
1927 else if (!(REG8 & ~flags) && val >= 4) /* SPL, BPL, SIL, DIL */
1928 rex |= REX_P;
1929
1930 return rex & mask;
1931 }
1932
1933 static int matches(const struct itemplate *itemp, insn * instruction, int bits)
1934 {
1935 int i, size[MAX_OPERANDS], asize, oprs, ret;
1936
1937 ret = 100;
1938
1939 /*
1940 * Check the opcode
1941 */
1942 if (itemp->opcode != instruction->opcode)
1943 return 0;
1944
1945 /*
1946 * Count the operands
1947 */
1948 if (itemp->operands != instruction->operands)
1949 return 0;
1950
1951 /*
1952 * Check that no spurious colons or TOs are present
1953 */
1954 for (i = 0; i < itemp->operands; i++)
1955 if (instruction->oprs[i].type & ~itemp->opd[i] & (COLON | TO))
1956 return 0;
1957
1958 /*
1959 * Process size flags
1960 */
1961 if (itemp->flags & IF_ARMASK) {
1962 memset(size, 0, sizeof size);
1963
1964 i = ((itemp->flags & IF_ARMASK) >> IF_ARSHFT) - 1;
1965
1966 switch (itemp->flags & IF_SMASK) {
1967 case IF_SB:
1968 size[i] = BITS8;
1969 break;
1970 case IF_SW:
1971 size[i] = BITS16;
1972 break;
1973 case IF_SD:
1974 size[i] = BITS32;
1975 break;
1976 case IF_SQ:
1977 size[i] = BITS64;
1978 break;
1979 case IF_SO:
1980 size[i] = BITS128;
1981 break;
1982 case IF_SY:
1983 size[i] = BITS256;
1984 break;
1985 case IF_SZ:
1986 switch (bits) {
1987 case 16:
1988 size[i] = BITS16;
1989 break;
1990 case 32:
1991 size[i] = BITS32;
1992 break;
1993 case 64:
1994 size[i] = BITS64;
1995 break;
1996 }
1997 break;
1998 default:
1999 break;
2000 }
2001 } else {
2002 asize = 0;
2003 switch (itemp->flags & IF_SMASK) {
2004 case IF_SB:
2005 asize = BITS8;
2006 break;
2007 case IF_SW:
2008 asize = BITS16;
2009 break;
2010 case IF_SD:
2011 asize = BITS32;
2012 break;
2013 case IF_SQ:
2014 asize = BITS64;
2015 break;
2016 case IF_SO:
2017 asize = BITS128;
2018 break;
2019 case IF_SY:
2020 asize = BITS256;
2021 break;
2022 case IF_SZ:
2023 switch (bits) {
2024 case 16:
2025 asize = BITS16;
2026 break;
2027 case 32:
2028 asize = BITS32;
2029 break;
2030 case 64:
2031 asize = BITS64;
2032 break;
2033 }
2034 break;
2035 default:
2036 break;
2037 }
2038 for (i = 0; i < MAX_OPERANDS; i++)
2039 size[i] = asize;
2040 }
2041
2042 /*
2043 * Check that the operand flags all match up
2044 */
2045 for (i = 0; i < itemp->operands; i++) {
2046 int32_t type = instruction->oprs[i].type;
2047 if (!(type & SIZE_MASK))
2048 type |= size[i];
2049
2050 if (itemp->opd[i] & SAME_AS) {
2051 int j = itemp->opd[i] & ~SAME_AS;
2052 if (type != instruction->oprs[j].type ||
2053 instruction->oprs[i].basereg != instruction->oprs[j].basereg)
2054 return 0;
2055 } else if (itemp->opd[i] & ~type ||
2056 ((itemp->opd[i] & SIZE_MASK) &&
2057 ((itemp->opd[i] ^ type) & SIZE_MASK))) {
2058 if ((itemp->opd[i] & ~type & ~SIZE_MASK) ||
2059 (type & SIZE_MASK))
2060 return 0;
2061 else
2062 return 1;
2063 }
2064 }
2065
2066 /*
2067 * Check operand sizes
2068 */
2069 if (itemp->flags & (IF_SM | IF_SM2)) {
2070 oprs = (itemp->flags & IF_SM2 ? 2 : itemp->operands);
2071 asize = 0;
2072 for (i = 0; i < oprs; i++) {
2073 if ((asize = itemp->opd[i] & SIZE_MASK) != 0) {
2074 int j;
2075 for (j = 0; j < oprs; j++)
2076 size[j] = asize;
2077 break;
2078 }
2079 }
2080 } else {
2081 oprs = itemp->operands;
2082 }
2083
2084 for (i = 0; i < itemp->operands; i++) {
2085 if (!(itemp->opd[i] & SIZE_MASK) &&
2086 (instruction->oprs[i].type & SIZE_MASK & ~size[i]))
2087 return 2;
2088 }
2089
2090 /*
2091 * Check template is okay at the set cpu level
2092 */
2093 if (((itemp->flags & IF_PLEVEL) > cpu))
2094 return 3;
2095
2096 /*
2097 * Check if instruction is available in long mode
2098 */
2099 if ((itemp->flags & IF_NOLONG) && (bits == 64))
2100 return 4;
2101
2102 /*
2103 * Check if special handling needed for Jumps
2104 */
2105 if ((uint8_t)(itemp->code[0]) >= 0370)
2106 return 99;
2107
2108 return ret;
2109 }
2110
2111 static ea *process_ea(operand * input, ea * output, int bits,
2112 int addrbits, int rfield, int32_t rflags, int forw_ref)
2113 {
2114 output->rip = false;
2115
2116 /* REX flags for the rfield operand */
2117 output->rex |= rexflags(rfield, rflags, REX_R|REX_P|REX_W|REX_H);
2118
2119 if (!(REGISTER & ~input->type)) { /* register direct */
2120 int i;
2121 int32_t f;
2122
2123 if (input->basereg < EXPR_REG_START /* Verify as Register */
2124 || input->basereg >= REG_ENUM_LIMIT)
2125 return NULL;
2126 f = regflag(input);
2127 i = nasm_regvals[input->basereg];
2128
2129 if (REG_EA & ~f)
2130 return NULL; /* Invalid EA register */
2131
2132 output->rex |= op_rexflags(input, REX_B|REX_P|REX_W|REX_H);
2133
2134 output->sib_present = false; /* no SIB necessary */
2135 output->bytes = 0; /* no offset necessary either */
2136 output->modrm = 0xC0 | ((rfield & 7) << 3) | (i & 7);
2137 } else { /* it's a memory reference */
2138 if (input->basereg == -1
2139 && (input->indexreg == -1 || input->scale == 0)) {
2140 /* it's a pure offset */
2141 if (bits == 64 && (~input->type & IP_REL)) {
2142 int scale, index, base;
2143 output->sib_present = true;
2144 scale = 0;
2145 index = 4;
2146 base = 5;
2147 output->sib = (scale << 6) | (index << 3) | base;
2148 output->bytes = 4;
2149 output->modrm = 4 | ((rfield & 7) << 3);
2150 output->rip = false;
2151 } else {
2152 output->sib_present = false;
2153 output->bytes = (addrbits != 16 ? 4 : 2);
2154 output->modrm = (addrbits != 16 ? 5 : 6) | ((rfield & 7) << 3);
2155 output->rip = bits == 64;
2156 }
2157 } else { /* it's an indirection */
2158 int i = input->indexreg, b = input->basereg, s = input->scale;
2159 int32_t o = input->offset, seg = input->segment;
2160 int hb = input->hintbase, ht = input->hinttype;
2161 int t;
2162 int it, bt;
2163 int32_t ix, bx; /* register flags */
2164
2165 if (s == 0)
2166 i = -1; /* make this easy, at least */
2167
2168 if (i >= EXPR_REG_START && i < REG_ENUM_LIMIT) {
2169 it = nasm_regvals[i];
2170 ix = nasm_reg_flags[i];
2171 } else {
2172 it = -1;
2173 ix = 0;
2174 }
2175
2176 if (b >= EXPR_REG_START && b < REG_ENUM_LIMIT) {
2177 bt = nasm_regvals[b];
2178 bx = nasm_reg_flags[b];
2179 } else {
2180 bt = -1;
2181 bx = 0;
2182 }
2183
2184 /* check for a 32/64-bit memory reference... */
2185 if ((ix|bx) & (BITS32|BITS64)) {
2186 /* it must be a 32/64-bit memory reference. Firstly we have
2187 * to check that all registers involved are type E/Rxx. */
2188 int32_t sok = BITS32|BITS64;
2189
2190 if (it != -1) {
2191 if (!(REG64 & ~ix) || !(REG32 & ~ix))
2192 sok &= ix;
2193 else
2194 return NULL;
2195 }
2196
2197 if (bt != -1) {
2198 if (REG_GPR & ~bx)
2199 return NULL; /* Invalid register */
2200 if (~sok & bx & SIZE_MASK)
2201 return NULL; /* Invalid size */
2202 sok &= bx;
2203 }
2204
2205 /* While we're here, ensure the user didn't specify
2206 WORD or QWORD. */
2207 if (input->disp_size == 16 || input->disp_size == 64)
2208 return NULL;
2209
2210 if (addrbits == 16 ||
2211 (addrbits == 32 && !(sok & BITS32)) ||
2212 (addrbits == 64 && !(sok & BITS64)))
2213 return NULL;
2214
2215 /* now reorganize base/index */
2216 if (s == 1 && bt != it && bt != -1 && it != -1 &&
2217 ((hb == b && ht == EAH_NOTBASE)
2218 || (hb == i && ht == EAH_MAKEBASE))) {
2219 /* swap if hints say so */
2220 t = bt, bt = it, it = t;
2221 t = bx, bx = ix, ix = t;
2222 }
2223 if (bt == it) /* convert EAX+2*EAX to 3*EAX */
2224 bt = -1, bx = 0, s++;
2225 if (bt == -1 && s == 1 && !(hb == it && ht == EAH_NOTBASE)) {
2226 /* make single reg base, unless hint */
2227 bt = it, bx = ix, it = -1, ix = 0;
2228 }
2229 if (((s == 2 && it != REG_NUM_ESP
2230 && !(input->eaflags & EAF_TIMESTWO)) || s == 3
2231 || s == 5 || s == 9) && bt == -1)
2232 bt = it, bx = ix, s--; /* convert 3*EAX to EAX+2*EAX */
2233 if (it == -1 && (bt & 7) != REG_NUM_ESP
2234 && (input->eaflags & EAF_TIMESTWO))
2235 it = bt, ix = bx, bt = -1, bx = 0, s = 1;
2236 /* convert [NOSPLIT EAX] to sib format with 0x0 displacement */
2237 if (s == 1 && it == REG_NUM_ESP) {
2238 /* swap ESP into base if scale is 1 */
2239 t = it, it = bt, bt = t;
2240 t = ix, ix = bx, bx = t;
2241 }
2242 if (it == REG_NUM_ESP
2243 || (s != 1 && s != 2 && s != 4 && s != 8 && it != -1))
2244 return NULL; /* wrong, for various reasons */
2245
2246 output->rex |= rexflags(it, ix, REX_X);
2247 output->rex |= rexflags(bt, bx, REX_B);
2248
2249 if (it == -1 && (bt & 7) != REG_NUM_ESP) {
2250 /* no SIB needed */
2251 int mod, rm;
2252
2253 if (bt == -1) {
2254 rm = 5;
2255 mod = 0;
2256 } else {
2257 rm = (bt & 7);
2258 if (rm != REG_NUM_EBP && o == 0 &&
2259 seg == NO_SEG && !forw_ref &&
2260 !(input->eaflags &
2261 (EAF_BYTEOFFS | EAF_WORDOFFS)))
2262 mod = 0;
2263 else if (input->eaflags & EAF_BYTEOFFS ||
2264 (o >= -128 && o <= 127 && seg == NO_SEG
2265 && !forw_ref
2266 && !(input->eaflags & EAF_WORDOFFS)))
2267 mod = 1;
2268 else
2269 mod = 2;
2270 }
2271
2272 output->sib_present = false;
2273 output->bytes = (bt == -1 || mod == 2 ? 4 : mod);
2274 output->modrm = (mod << 6) | ((rfield & 7) << 3) | rm;
2275 } else {
2276 /* we need a SIB */
2277 int mod, scale, index, base;
2278
2279 if (it == -1)
2280 index = 4, s = 1;
2281 else
2282 index = (it & 7);
2283
2284 switch (s) {
2285 case 1:
2286 scale = 0;
2287 break;
2288 case 2:
2289 scale = 1;
2290 break;
2291 case 4:
2292 scale = 2;
2293 break;
2294 case 8:
2295 scale = 3;
2296 break;
2297 default: /* then what the smeg is it? */
2298 return NULL; /* panic */
2299 }
2300
2301 if (bt == -1) {
2302 base = 5;
2303 mod = 0;
2304 } else {
2305 base = (bt & 7);
2306 if (base != REG_NUM_EBP && o == 0 &&
2307 seg == NO_SEG && !forw_ref &&
2308 !(input->eaflags &
2309 (EAF_BYTEOFFS | EAF_WORDOFFS)))
2310 mod = 0;
2311 else if (input->eaflags & EAF_BYTEOFFS ||
2312 (o >= -128 && o <= 127 && seg == NO_SEG
2313 && !forw_ref
2314 && !(input->eaflags & EAF_WORDOFFS)))
2315 mod = 1;
2316 else
2317 mod = 2;
2318 }
2319
2320 output->sib_present = true;
2321 output->bytes = (bt == -1 || mod == 2 ? 4 : mod);
2322 output->modrm = (mod << 6) | ((rfield & 7) << 3) | 4;
2323 output->sib = (scale << 6) | (index << 3) | base;
2324 }
2325 } else { /* it's 16-bit */
2326 int mod, rm;
2327
2328 /* check for 64-bit long mode */
2329 if (addrbits == 64)
2330 return NULL;
2331
2332 /* check all registers are BX, BP, SI or DI */
2333 if ((b != -1 && b != R_BP && b != R_BX && b != R_SI
2334 && b != R_DI) || (i != -1 && i != R_BP && i != R_BX
2335 && i != R_SI && i != R_DI))
2336 return NULL;
2337
2338 /* ensure the user didn't specify DWORD/QWORD */
2339 if (input->disp_size == 32 || input->disp_size == 64)
2340 return NULL;
2341
2342 if (s != 1 && i != -1)
2343 return NULL; /* no can do, in 16-bit EA */
2344 if (b == -1 && i != -1) {
2345 int tmp = b;
2346 b = i;
2347 i = tmp;
2348 } /* swap */
2349 if ((b == R_SI || b == R_DI) && i != -1) {
2350 int tmp = b;
2351 b = i;
2352 i = tmp;
2353 }
2354 /* have BX/BP as base, SI/DI index */
2355 if (b == i)
2356 return NULL; /* shouldn't ever happen, in theory */
2357 if (i != -1 && b != -1 &&
2358 (i == R_BP || i == R_BX || b == R_SI || b == R_DI))
2359 return NULL; /* invalid combinations */
2360 if (b == -1) /* pure offset: handled above */
2361 return NULL; /* so if it gets to here, panic! */
2362
2363 rm = -1;
2364 if (i != -1)
2365 switch (i * 256 + b) {
2366 case R_SI * 256 + R_BX:
2367 rm = 0;
2368 break;
2369 case R_DI * 256 + R_BX:
2370 rm = 1;
2371 break;
2372 case R_SI * 256 + R_BP:
2373 rm = 2;
2374 break;
2375 case R_DI * 256 + R_BP:
2376 rm = 3;
2377 break;
2378 } else
2379 switch (b) {
2380 case R_SI:
2381 rm = 4;
2382 break;
2383 case R_DI:
2384 rm = 5;
2385 break;
2386 case R_BP:
2387 rm = 6;
2388 break;
2389 case R_BX:
2390 rm = 7;
2391 break;
2392 }
2393 if (rm == -1) /* can't happen, in theory */
2394 return NULL; /* so panic if it does */
2395
2396 if (o == 0 && seg == NO_SEG && !forw_ref && rm != 6 &&
2397 !(input->eaflags & (EAF_BYTEOFFS | EAF_WORDOFFS)))
2398 mod = 0;
2399 else if (input->eaflags & EAF_BYTEOFFS ||
2400 (o >= -128 && o <= 127 && seg == NO_SEG
2401 && !forw_ref
2402 && !(input->eaflags & EAF_WORDOFFS)))
2403 mod = 1;
2404 else
2405 mod = 2;
2406
2407 output->sib_present = false; /* no SIB - it's 16-bit */
2408 output->bytes = mod; /* bytes of offset needed */
2409 output->modrm = (mod << 6) | ((rfield & 7) << 3) | rm;
2410 }
2411 }
2412 }
2413
2414 output->size = 1 + output->sib_present + output->bytes;
2415 return output;
2416 }
2417
2418 static void add_asp(insn *ins, int addrbits)
2419 {
2420 int j, valid;
2421 int defdisp;
2422
2423 valid = (addrbits == 64) ? 64|32 : 32|16;
2424
2425 switch (ins->prefixes[PPS_ASIZE]) {
2426 case P_A16:
2427 valid &= 16;
2428 break;
2429 case P_A32:
2430 valid &= 32;
2431 break;
2432 case P_A64:
2433 valid &= 64;
2434 break;
2435 case P_ASP:
2436 valid &= (addrbits == 32) ? 16 : 32;
2437 break;
2438 default:
2439 break;
2440 }
2441
2442 for (j = 0; j < ins->operands; j++) {
2443 if (!(MEMORY & ~ins->oprs[j].type)) {
2444 int32_t i, b;
2445
2446 /* Verify as Register */
2447 if (ins->oprs[j].indexreg < EXPR_REG_START
2448 || ins->oprs[j].indexreg >= REG_ENUM_LIMIT)
2449 i = 0;
2450 else
2451 i = nasm_reg_flags[ins->oprs[j].indexreg];
2452
2453 /* Verify as Register */
2454 if (ins->oprs[j].basereg < EXPR_REG_START
2455 || ins->oprs[j].basereg >= REG_ENUM_LIMIT)
2456 b = 0;
2457 else
2458 b = nasm_reg_flags[ins->oprs[j].basereg];
2459
2460 if (ins->oprs[j].scale == 0)
2461 i = 0;
2462
2463 if (!i && !b) {
2464 int ds = ins->oprs[j].disp_size;
2465 if ((addrbits != 64 && ds > 8) ||
2466 (addrbits == 64 && ds == 16))
2467 valid &= ds;
2468 } else {
2469 if (!(REG16 & ~b))
2470 valid &= 16;
2471 if (!(REG32 & ~b))
2472 valid &= 32;
2473 if (!(REG64 & ~b))
2474 valid &= 64;
2475
2476 if (!(REG16 & ~i))
2477 valid &= 16;
2478 if (!(REG32 & ~i))
2479 valid &= 32;
2480 if (!(REG64 & ~i))
2481 valid &= 64;
2482 }
2483 }
2484 }
2485
2486 if (valid & addrbits) {
2487 ins->addr_size = addrbits;
2488 } else if (valid & ((addrbits == 32) ? 16 : 32)) {
2489 /* Add an address size prefix */
2490 enum prefixes pref = (addrbits == 32) ? P_A16 : P_A32;
2491 ins->prefixes[PPS_ASIZE] = pref;
2492 ins->addr_size = (addrbits == 32) ? 16 : 32;
2493 } else {
2494 /* Impossible... */
2495 errfunc(ERR_NONFATAL, "impossible combination of address sizes");
2496 ins->addr_size = addrbits; /* Error recovery */
2497 }
2498
2499 defdisp = ins->addr_size == 16 ? 16 : 32;
2500
2501 for (j = 0; j < ins->operands; j++) {
2502 if (!(MEM_OFFS & ~ins->oprs[j].type) &&
2503 (ins->oprs[j].disp_size ? ins->oprs[j].disp_size : defdisp)
2504 != ins->addr_size) {
2505 /* mem_offs sizes must match the address size; if not,
2506 strip the MEM_OFFS bit and match only EA instructions */
2507 ins->oprs[j].type &= ~(MEM_OFFS & ~MEMORY);
2508 }
2509 }
2510 }
The Netwide Assembler