search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
BR 2003451: avoid "forwardness" leaks between operands
[nasm/perl-rewrite.git] / assemble.c
blob73b5a3f165e57921aab45d494199828cdb131abb
1 /* assemble.c code generation for the Netwide Assembler
2 *
3 * The Netwide Assembler is copyright (C) 1996 Simon Tatham and
4 * Julian Hall. All rights reserved. The software is
5 * redistributable under the license given in the file "LICENSE"
6 * distributed in the NASM archive.
7 *
8 * the actual codes (C syntax, i.e. octal):
9 * \0 - terminates the code. (Unless it's a literal of course.)
10 * \1, \2, \3 - that many literal bytes follow in the code stream
11 * \4, \6 - the POP/PUSH (respectively) codes for CS, DS, ES, SS
12 * (POP is never used for CS) depending on operand 0
13 * \5, \7 - the second byte of POP/PUSH codes for FS, GS, depending
14 * on operand 0
15 * \10..\13 - a literal byte follows in the code stream, to be added
16 * to the register value of operand 0..3
17 * \14..\17 - a signed byte immediate operand, from operand 0..3
18 * \20..\23 - a byte immediate operand, from operand 0..3
19 * \24..\27 - an unsigned byte immediate operand, from operand 0..3
20 * \30..\33 - a word immediate operand, from operand 0..3
21 * \34..\37 - select between \3[0-3] and \4[0-3] depending on 16/32 bit
22 * assembly mode or the operand-size override on the operand
23 * \40..\43 - a long immediate operand, from operand 0..3
24 * \44..\47 - select between \3[0-3], \4[0-3] and \5[4-7]
25 * depending on the address size of the instruction.
26 * \50..\53 - a byte relative operand, from operand 0..3
27 * \54..\57 - a qword immediate operand, from operand 0..3
28 * \60..\63 - a word relative operand, from operand 0..3
29 * \64..\67 - select between \6[0-3] and \7[0-3] depending on 16/32 bit
30 * assembly mode or the operand-size override on the operand
31 * \70..\73 - a long relative operand, from operand 0..3
32 * \74..\77 - a word constant, from the _segment_ part of operand 0..3
33 * \1ab - a ModRM, calculated on EA in operand a, with the spare
34 * field the register value of operand b.
35 * \140..\143 - an immediate word or signed byte for operand 0..3
36 * \144..\147 - or 2 (s-field) into opcode byte if operand 0..3
37 * is a signed byte rather than a word. Opcode byte follows.
38 * \150..\153 - an immediate dword or signed byte for operand 0..3
39 * \154..\157 - or 2 (s-field) into opcode byte if operand 0..3
40 * is a signed byte rather than a dword. Opcode byte follows.
41 * \160..\163 - this instruction uses DREX rather than REX, with the
42 * OC0 field set to 0, and the dest field taken from
43 * operand 0..3.
44 * \164..\167 - this instruction uses DREX rather than REX, with the
45 * OC0 field set to 1, and the dest field taken from
46 * operand 0..3.
47 * \171 - placement of DREX suffix in the absence of an EA
48 * \172\ab - the register number from operand a in bits 7..4, with
49 * the 4-bit immediate from operand b in bits 3..0.
50 * \173\xab - the register number from operand a in bits 7..4, with
51 * the value b in bits 3..0.
52 * \174\a - the register number from operand a in bits 7..4, and
53 * an arbitrary value in bits 3..0 (assembled as zero.)
54 * \2ab - a ModRM, calculated on EA in operand a, with the spare
55 * field equal to digit b.
56 * \250..\253 - same as \150..\153, except warn if the 64-bit operand
57 * is not equal to the truncated and sign-extended 32-bit
58 * operand; used for 32-bit immediates in 64-bit mode.
59 * \260..\263 - this instruction uses VEX rather than REX, with the
60 * V field taken from operand 0..3.
61 * \270 - this instruction uses VEX rather than REX, with the
62 * V field set to 1111b.
63 *
64 * VEX prefixes are followed by the sequence:
65 * \mm\wlp where mm is the M field; and wlp is:
66 * 00 0ww lpp
67 * [w0] ww = 0 for W = 0
68 * [w1] ww = 1 for W = 1
69 * [wx] ww = 2 for W don't care (always assembled as 0)
70 * [ww] ww = 3 for W used as REX.W
71 *
72 *
73 * \310 - indicates fixed 16-bit address size, i.e. optional 0x67.
74 * \311 - indicates fixed 32-bit address size, i.e. optional 0x67.
75 * \312 - (disassembler only) marker on LOOP, LOOPxx instructions.
76 * \313 - indicates fixed 64-bit address size, 0x67 invalid.
77 * \314 - (disassembler only) invalid with REX.B
78 * \315 - (disassembler only) invalid with REX.X
79 * \316 - (disassembler only) invalid with REX.R
80 * \317 - (disassembler only) invalid with REX.W
81 * \320 - indicates fixed 16-bit operand size, i.e. optional 0x66.
82 * \321 - indicates fixed 32-bit operand size, i.e. optional 0x66.
83 * \322 - indicates that this instruction is only valid when the
84 * operand size is the default (instruction to disassembler,
85 * generates no code in the assembler)
86 * \323 - indicates fixed 64-bit operand size, REX on extensions only.
87 * \324 - indicates 64-bit operand size requiring REX prefix.
88 * \330 - a literal byte follows in the code stream, to be added
89 * to the condition code value of the instruction.
90 * \331 - instruction not valid with REP prefix. Hint for
91 * disassembler only; for SSE instructions.
92 * \332 - REP prefix (0xF2 byte) used as opcode extension.
93 * \333 - REP prefix (0xF3 byte) used as opcode extension.
94 * \334 - LOCK prefix used instead of REX.R
95 * \335 - disassemble a rep (0xF3 byte) prefix as repe not rep.
96 * \340 - reserve <operand 0> bytes of uninitialized storage.
97 * Operand 0 had better be a segmentless constant.
98 * \360 - no SSE prefix (== \364\331)
99 * \361 - 66 SSE prefix (== \366\331)
100 * \362 - F2 SSE prefix (== \364\332)
101 * \363 - F3 SSE prefix (== \364\333)
102 * \364 - operand-size prefix (0x66) not permitted
103 * \365 - address-size prefix (0x67) not permitted
104 * \366 - operand-size prefix (0x66) used as opcode extension
105 * \367 - address-size prefix (0x67) used as opcode extension
106 * \370,\371,\372 - match only if operand 0 meets byte jump criteria.
107 * 370 is used for Jcc, 371 is used for JMP.
108 * \373 - assemble 0x03 if bits==16, 0x05 if bits==32;
109 * used for conditional jump over longer jump
110 */
111
112 #include "compiler.h"
113
114 #include <stdio.h>
115 #include <string.h>
116 #include <inttypes.h>
117
118 #include "nasm.h"
119 #include "nasmlib.h"
120 #include "assemble.h"
121 #include "insns.h"
122 #include "tables.h"
123
124 /* Initialized to zero by the C standard */
125 static const uint8_t const_zero_buf[256];
126
127 typedef struct {
128 int sib_present; /* is a SIB byte necessary? */
129 int bytes; /* # of bytes of offset needed */
130 int size; /* lazy - this is sib+bytes+1 */
131 uint8_t modrm, sib, rex, rip; /* the bytes themselves */
132 } ea;
133
134 static uint32_t cpu; /* cpu level received from nasm.c */
135 static efunc errfunc;
136 static struct ofmt *outfmt;
137 static ListGen *list;
138
139 static int64_t calcsize(int32_t, int64_t, int, insn *, const uint8_t *);
140 static void gencode(int32_t, int64_t, int, insn *, const uint8_t *, int64_t);
141 static int matches(const struct itemplate *, insn *, int bits);
142 static int32_t regflag(const operand *);
143 static int32_t regval(const operand *);
144 static int rexflags(int, int32_t, int);
145 static int op_rexflags(const operand *, int);
146 static ea *process_ea(operand *, ea *, int, int, int, int32_t);
147 static void add_asp(insn *, int);
148
149 static int has_prefix(insn * ins, enum prefix_pos pos, enum prefixes prefix)
150 {
151 return ins->prefixes[pos] == prefix;
152 }
153
154 static void assert_no_prefix(insn * ins, enum prefix_pos pos)
155 {
156 if (ins->prefixes[pos])
157 errfunc(ERR_NONFATAL, "invalid %s prefix",
158 prefix_name(ins->prefixes[pos]));
159 }
160
161 static const char *size_name(int size)
162 {
163 switch (size) {
164 case 1:
165 return "byte";
166 case 2:
167 return "word";
168 case 4:
169 return "dword";
170 case 8:
171 return "qword";
172 case 10:
173 return "tword";
174 case 16:
175 return "oword";
176 case 32:
177 return "yword";
178 default:
179 return "???";
180 }
181 }
182
183 static void warn_overflow(int size, int64_t data)
184 {
185 if (size < 8) {
186 int64_t lim = ((int64_t)1 << (size*8))-1;
187
188 if (data < ~lim || data > lim)
189 errfunc(ERR_WARNING | ERR_WARN_NOV,
190 "%s data exceeds bounds", size_name(size));
191 }
192 }
193 /*
194 * This routine wrappers the real output format's output routine,
195 * in order to pass a copy of the data off to the listing file
196 * generator at the same time.
197 */
198 static void out(int64_t offset, int32_t segto, const void *data,
199 enum out_type type, uint64_t size,
200 int32_t segment, int32_t wrt)
201 {
202 static int32_t lineno = 0; /* static!!! */
203 static char *lnfname = NULL;
204 uint8_t p[8];
205
206 if (type == OUT_ADDRESS && segment == NO_SEG && wrt == NO_SEG) {
207 /*
208 * This is a non-relocated address, and we're going to
209 * convert it into RAWDATA format.
210 */
211 uint8_t *q = p;
212
213 if (size > 8) {
214 errfunc(ERR_PANIC, "OUT_ADDRESS with size > 8");
215 return;
216 }
217
218 WRITEADDR(q, *(int64_t *)data, size);
219 data = p;
220 type = OUT_RAWDATA;
221 }
222
223 list->output(offset, data, type, size);
224
225 /*
226 * this call to src_get determines when we call the
227 * debug-format-specific "linenum" function
228 * it updates lineno and lnfname to the current values
229 * returning 0 if "same as last time", -2 if lnfname
230 * changed, and the amount by which lineno changed,
231 * if it did. thus, these variables must be static
232 */
233
234 if (src_get(&lineno, &lnfname)) {
235 outfmt->current_dfmt->linenum(lnfname, lineno, segto);
236 }
237
238 outfmt->output(segto, data, type, size, segment, wrt);
239 }
240
241 static int jmp_match(int32_t segment, int64_t offset, int bits,
242 insn * ins, const uint8_t *code)
243 {
244 int64_t isize;
245 uint8_t c = code[0];
246
247 if (c != 0370 && c != 0371)
248 return 0;
249 if (ins->oprs[0].opflags & OPFLAG_FORWARD) {
250 if ((optimizing < 0 || (ins->oprs[0].type & STRICT))
251 && c == 0370)
252 return 1;
253 else
254 return (pass0 == 0); /* match a forward reference */
255 }
256 isize = calcsize(segment, offset, bits, ins, code);
257 if (ins->oprs[0].segment != segment)
258 return 0;
259 isize = ins->oprs[0].offset - offset - isize; /* isize is now the delta */
260 if (isize >= -128L && isize <= 127L)
261 return 1; /* it is byte size */
262
263 return 0;
264 }
265
266 int64_t assemble(int32_t segment, int64_t offset, int bits, uint32_t cp,
267 insn * instruction, struct ofmt *output, efunc error,
268 ListGen * listgen)
269 {
270 const struct itemplate *temp;
271 int j;
272 int size_prob;
273 int64_t insn_end;
274 int32_t itimes;
275 int64_t start = offset;
276 int64_t wsize = 0; /* size for DB etc. */
277
278 errfunc = error; /* to pass to other functions */
279 cpu = cp;
280 outfmt = output; /* likewise */
281 list = listgen; /* and again */
282
283 switch (instruction->opcode) {
284 case -1:
285 return 0;
286 case I_DB:
287 wsize = 1;
288 break;
289 case I_DW:
290 wsize = 2;
291 break;
292 case I_DD:
293 wsize = 4;
294 break;
295 case I_DQ:
296 wsize = 8;
297 break;
298 case I_DT:
299 wsize = 10;
300 break;
301 case I_DO:
302 wsize = 16;
303 break;
304 case I_DY:
305 wsize = 32;
306 break;
307 default:
308 break;
309 }
310
311 if (wsize) {
312 extop *e;
313 int32_t t = instruction->times;
314 if (t < 0)
315 errfunc(ERR_PANIC,
316 "instruction->times < 0 (%ld) in assemble()", t);
317
318 while (t--) { /* repeat TIMES times */
319 for (e = instruction->eops; e; e = e->next) {
320 if (e->type == EOT_DB_NUMBER) {
321 if (wsize == 1) {
322 if (e->segment != NO_SEG)
323 errfunc(ERR_NONFATAL,
324 "one-byte relocation attempted");
325 else {
326 uint8_t out_byte = e->offset;
327 out(offset, segment, &out_byte,
328 OUT_RAWDATA, 1, NO_SEG, NO_SEG);
329 }
330 } else if (wsize > 8) {
331 errfunc(ERR_NONFATAL,
332 "integer supplied to a DT, DO or DY"
333 " instruction");
334 } else
335 out(offset, segment, &e->offset,
336 OUT_ADDRESS, wsize, e->segment, e->wrt);
337 offset += wsize;
338 } else if (e->type == EOT_DB_STRING ||
339 e->type == EOT_DB_STRING_FREE) {
340 int align;
341
342 out(offset, segment, e->stringval,
343 OUT_RAWDATA, e->stringlen, NO_SEG, NO_SEG);
344 align = e->stringlen % wsize;
345
346 if (align) {
347 align = wsize - align;
348 out(offset, segment, const_zero_buf,
349 OUT_RAWDATA, align, NO_SEG, NO_SEG);
350 }
351 offset += e->stringlen + align;
352 }
353 }
354 if (t > 0 && t == instruction->times - 1) {
355 /*
356 * Dummy call to list->output to give the offset to the
357 * listing module.
358 */
359 list->output(offset, NULL, OUT_RAWDATA, 0);
360 list->uplevel(LIST_TIMES);
361 }
362 }
363 if (instruction->times > 1)
364 list->downlevel(LIST_TIMES);
365 return offset - start;
366 }
367
368 if (instruction->opcode == I_INCBIN) {
369 const char *fname = instruction->eops->stringval;
370 FILE *fp;
371
372 fp = fopen(fname, "rb");
373 if (!fp) {
374 error(ERR_NONFATAL, "`incbin': unable to open file `%s'",
375 fname);
376 } else if (fseek(fp, 0L, SEEK_END) < 0) {
377 error(ERR_NONFATAL, "`incbin': unable to seek on file `%s'",
378 fname);
379 } else {
380 static char buf[4096];
381 size_t t = instruction->times;
382 size_t base = 0;
383 size_t len;
384
385 len = ftell(fp);
386 if (instruction->eops->next) {
387 base = instruction->eops->next->offset;
388 len -= base;
389 if (instruction->eops->next->next &&
390 len > (size_t)instruction->eops->next->next->offset)
391 len = (size_t)instruction->eops->next->next->offset;
392 }
393 /*
394 * Dummy call to list->output to give the offset to the
395 * listing module.
396 */
397 list->output(offset, NULL, OUT_RAWDATA, 0);
398 list->uplevel(LIST_INCBIN);
399 while (t--) {
400 size_t l;
401
402 fseek(fp, base, SEEK_SET);
403 l = len;
404 while (l > 0) {
405 int32_t m =
406 fread(buf, 1, (l > (int32_t) sizeof(buf) ? (int32_t) sizeof(buf) : l),
407 fp);
408 if (!m) {
409 /*
410 * This shouldn't happen unless the file
411 * actually changes while we are reading
412 * it.
413 */
414 error(ERR_NONFATAL,
415 "`incbin': unexpected EOF while"
416 " reading file `%s'", fname);
417 t = 0; /* Try to exit cleanly */
418 break;
419 }
420 out(offset, segment, buf, OUT_RAWDATA, m,
421 NO_SEG, NO_SEG);
422 l -= m;
423 }
424 }
425 list->downlevel(LIST_INCBIN);
426 if (instruction->times > 1) {
427 /*
428 * Dummy call to list->output to give the offset to the
429 * listing module.
430 */
431 list->output(offset, NULL, OUT_RAWDATA, 0);
432 list->uplevel(LIST_TIMES);
433 list->downlevel(LIST_TIMES);
434 }
435 fclose(fp);
436 return instruction->times * len;
437 }
438 return 0; /* if we're here, there's an error */
439 }
440
441 /* Check to see if we need an address-size prefix */
442 add_asp(instruction, bits);
443
444 size_prob = false;
445
446 for (temp = nasm_instructions[instruction->opcode]; temp->opcode != -1; temp++){
447 int m = matches(temp, instruction, bits);
448
449 if (m == 99)
450 m += jmp_match(segment, offset, bits, instruction, temp->code);
451
452 if (m == 100) { /* matches! */
453 const uint8_t *codes = temp->code;
454 int64_t insn_size = calcsize(segment, offset, bits,
455 instruction, codes);
456 itimes = instruction->times;
457 if (insn_size < 0) /* shouldn't be, on pass two */
458 error(ERR_PANIC, "errors made it through from pass one");
459 else
460 while (itimes--) {
461 for (j = 0; j < MAXPREFIX; j++) {
462 uint8_t c = 0;
463 switch (instruction->prefixes[j]) {
464 case P_LOCK:
465 c = 0xF0;
466 break;
467 case P_REPNE:
468 case P_REPNZ:
469 c = 0xF2;
470 break;
471 case P_REPE:
472 case P_REPZ:
473 case P_REP:
474 c = 0xF3;
475 break;
476 case R_CS:
477 if (bits == 64) {
478 error(ERR_WARNING,
479 "cs segment base generated, but will be ignored in 64-bit mode");
480 }
481 c = 0x2E;
482 break;
483 case R_DS:
484 if (bits == 64) {
485 error(ERR_WARNING,
486 "ds segment base generated, but will be ignored in 64-bit mode");
487 }
488 c = 0x3E;
489 break;
490 case R_ES:
491 if (bits == 64) {
492 error(ERR_WARNING,
493 "es segment base generated, but will be ignored in 64-bit mode");
494 }
495 c = 0x26;
496 break;
497 case R_FS:
498 c = 0x64;
499 break;
500 case R_GS:
501 c = 0x65;
502 break;
503 case R_SS:
504 if (bits == 64) {
505 error(ERR_WARNING,
506 "ss segment base generated, but will be ignored in 64-bit mode");
507 }
508 c = 0x36;
509 break;
510 case R_SEGR6:
511 case R_SEGR7:
512 error(ERR_NONFATAL,
513 "segr6 and segr7 cannot be used as prefixes");
514 break;
515 case P_A16:
516 if (bits == 64) {
517 error(ERR_NONFATAL,
518 "16-bit addressing is not supported "
519 "in 64-bit mode");
520 } else if (bits != 16)
521 c = 0x67;
522 break;
523 case P_A32:
524 if (bits != 32)
525 c = 0x67;
526 break;
527 case P_A64:
528 if (bits != 64) {
529 error(ERR_NONFATAL,
530 "64-bit addressing is only supported "
531 "in 64-bit mode");
532 }
533 break;
534 case P_ASP:
535 c = 0x67;
536 break;
537 case P_O16:
538 if (bits != 16)
539 c = 0x66;
540 break;
541 case P_O32:
542 if (bits == 16)
543 c = 0x66;
544 break;
545 case P_O64:
546 /* REX.W */
547 break;
548 case P_OSP:
549 c = 0x66;
550 break;
551 case P_none:
552 break;
553 default:
554 error(ERR_PANIC, "invalid instruction prefix");
555 }
556 if (c != 0) {
557 out(offset, segment, &c, OUT_RAWDATA, 1,
558 NO_SEG, NO_SEG);
559 offset++;
560 }
561 }
562 insn_end = offset + insn_size;
563 gencode(segment, offset, bits, instruction, codes,
564 insn_end);
565 offset += insn_size;
566 if (itimes > 0 && itimes == instruction->times - 1) {
567 /*
568 * Dummy call to list->output to give the offset to the
569 * listing module.
570 */
571 list->output(offset, NULL, OUT_RAWDATA, 0);
572 list->uplevel(LIST_TIMES);
573 }
574 }
575 if (instruction->times > 1)
576 list->downlevel(LIST_TIMES);
577 return offset - start;
578 } else if (m > 0 && m > size_prob) {
579 size_prob = m;
580 }
581 // temp++;
582 }
583
584 if (temp->opcode == -1) { /* didn't match any instruction */
585 switch (size_prob) {
586 case 1:
587 error(ERR_NONFATAL, "operation size not specified");
588 break;
589 case 2:
590 error(ERR_NONFATAL, "mismatch in operand sizes");
591 break;
592 case 3:
593 error(ERR_NONFATAL, "no instruction for this cpu level");
594 break;
595 case 4:
596 error(ERR_NONFATAL, "instruction not supported in 64-bit mode");
597 break;
598 default:
599 error(ERR_NONFATAL,
600 "invalid combination of opcode and operands");
601 break;
602 }
603 }
604 return 0;
605 }
606
607 int64_t insn_size(int32_t segment, int64_t offset, int bits, uint32_t cp,
608 insn * instruction, efunc error)
609 {
610 const struct itemplate *temp;
611
612 errfunc = error; /* to pass to other functions */
613 cpu = cp;
614
615 if (instruction->opcode == -1)
616 return 0;
617
618 if (instruction->opcode == I_DB || instruction->opcode == I_DW ||
619 instruction->opcode == I_DD || instruction->opcode == I_DQ ||
620 instruction->opcode == I_DT || instruction->opcode == I_DO ||
621 instruction->opcode == I_DY) {
622 extop *e;
623 int32_t isize, osize, wsize = 0; /* placate gcc */
624
625 isize = 0;
626 switch (instruction->opcode) {
627 case I_DB:
628 wsize = 1;
629 break;
630 case I_DW:
631 wsize = 2;
632 break;
633 case I_DD:
634 wsize = 4;
635 break;
636 case I_DQ:
637 wsize = 8;
638 break;
639 case I_DT:
640 wsize = 10;
641 break;
642 case I_DO:
643 wsize = 16;
644 break;
645 case I_DY:
646 wsize = 32;
647 break;
648 default:
649 break;
650 }
651
652 for (e = instruction->eops; e; e = e->next) {
653 int32_t align;
654
655 osize = 0;
656 if (e->type == EOT_DB_NUMBER)
657 osize = 1;
658 else if (e->type == EOT_DB_STRING ||
659 e->type == EOT_DB_STRING_FREE)
660 osize = e->stringlen;
661
662 align = (-osize) % wsize;
663 if (align < 0)
664 align += wsize;
665 isize += osize + align;
666 }
667 return isize * instruction->times;
668 }
669
670 if (instruction->opcode == I_INCBIN) {
671 const char *fname = instruction->eops->stringval;
672 FILE *fp;
673 size_t len;
674
675 fp = fopen(fname, "rb");
676 if (!fp)
677 error(ERR_NONFATAL, "`incbin': unable to open file `%s'",
678 fname);
679 else if (fseek(fp, 0L, SEEK_END) < 0)
680 error(ERR_NONFATAL, "`incbin': unable to seek on file `%s'",
681 fname);
682 else {
683 len = ftell(fp);
684 fclose(fp);
685 if (instruction->eops->next) {
686 len -= instruction->eops->next->offset;
687 if (instruction->eops->next->next &&
688 len > (size_t)instruction->eops->next->next->offset) {
689 len = (size_t)instruction->eops->next->next->offset;
690 }
691 }
692 return instruction->times * len;
693 }
694 return 0; /* if we're here, there's an error */
695 }
696
697 /* Check to see if we need an address-size prefix */
698 add_asp(instruction, bits);
699
700 for (temp = nasm_instructions[instruction->opcode]; temp->opcode != -1; temp++) {
701 int m = matches(temp, instruction, bits);
702 if (m == 99)
703 m += jmp_match(segment, offset, bits, instruction, temp->code);
704
705 if (m == 100) {
706 /* we've matched an instruction. */
707 int64_t isize;
708 const uint8_t *codes = temp->code;
709 int j;
710
711 isize = calcsize(segment, offset, bits, instruction, codes);
712 if (isize < 0)
713 return -1;
714 for (j = 0; j < MAXPREFIX; j++) {
715 switch (instruction->prefixes[j]) {
716 case P_A16:
717 if (bits != 16)
718 isize++;
719 break;
720 case P_A32:
721 if (bits != 32)
722 isize++;
723 break;
724 case P_O16:
725 if (bits != 16)
726 isize++;
727 break;
728 case P_O32:
729 if (bits == 16)
730 isize++;
731 break;
732 case P_A64:
733 case P_O64:
734 case P_none:
735 break;
736 default:
737 isize++;
738 break;
739 }
740 }
741 return isize * instruction->times;
742 }
743 }
744 return -1; /* didn't match any instruction */
745 }
746
747 static bool possible_sbyte(operand *o)
748 {
749 return !(o->opflags & OPFLAG_FORWARD) &&
750 optimizing >= 0 && !(o->type & STRICT) &&
751 o->wrt == NO_SEG && o->segment == NO_SEG;
752 }
753
754 /* check that opn[op] is a signed byte of size 16 or 32 */
755 static bool is_sbyte16(operand *o)
756 {
757 int16_t v;
758
759 if (!possible_sbyte(o))
760 return false;
761
762 v = o->offset;
763 return v >= -128 && v <= 127;
764 }
765
766 static bool is_sbyte32(operand *o)
767 {
768 int32_t v;
769
770 if (!possible_sbyte(o))
771 return false;
772
773 v = o->offset;
774 return v >= -128 && v <= 127;
775 }
776
777 /* check that opn[op] is a signed byte of size 32; warn if this is not
778 the original value when extended to 64 bits */
779 static bool is_sbyte64(operand *o)
780 {
781 int64_t v64;
782 int32_t v32;
783
784 /* dead in the water on forward reference or External */
785 if (!possible_sbyte(o))
786 return false;
787
788 v64 = o->offset;
789 v32 = (int32_t)v64;
790
791 warn_overflow(32, v64);
792
793 return v32 >= -128 && v32 <= 127;
794 }
795 static int64_t calcsize(int32_t segment, int64_t offset, int bits,
796 insn * ins, const uint8_t *codes)
797 {
798 int64_t length = 0;
799 uint8_t c;
800 int rex_mask = ~0;
801 struct operand *opx;
802
803 ins->rex = 0; /* Ensure REX is reset */
804
805 if (ins->prefixes[PPS_OSIZE] == P_O64)
806 ins->rex |= REX_W;
807
808 (void)segment; /* Don't warn that this parameter is unused */
809 (void)offset; /* Don't warn that this parameter is unused */
810
811 while (*codes) {
812 c = *codes++;
813 opx = &ins->oprs[c & 3];
814 switch (c) {
815 case 01:
816 case 02:
817 case 03:
818 codes += c, length += c;
819 break;
820 case 04:
821 case 05:
822 case 06:
823 case 07:
824 length++;
825 break;
826 case 010:
827 case 011:
828 case 012:
829 case 013:
830 ins->rex |=
831 op_rexflags(opx, REX_B|REX_H|REX_P|REX_W);
832 codes++, length++;
833 break;
834 case 014:
835 case 015:
836 case 016:
837 case 017:
838 length++;
839 break;
840 case 020:
841 case 021:
842 case 022:
843 case 023:
844 length++;
845 break;
846 case 024:
847 case 025:
848 case 026:
849 case 027:
850 length++;
851 break;
852 case 030:
853 case 031:
854 case 032:
855 case 033:
856 length += 2;
857 break;
858 case 034:
859 case 035:
860 case 036:
861 case 037:
862 if (opx->type & (BITS16 | BITS32 | BITS64))
863 length += (opx->type & BITS16) ? 2 : 4;
864 else
865 length += (bits == 16) ? 2 : 4;
866 break;
867 case 040:
868 case 041:
869 case 042:
870 case 043:
871 length += 4;
872 break;
873 case 044:
874 case 045:
875 case 046:
876 case 047:
877 length += ins->addr_size >> 3;
878 break;
879 case 050:
880 case 051:
881 case 052:
882 case 053:
883 length++;
884 break;
885 case 054:
886 case 055:
887 case 056:
888 case 057:
889 length += 8; /* MOV reg64/imm */
890 break;
891 case 060:
892 case 061:
893 case 062:
894 case 063:
895 length += 2;
896 break;
897 case 064:
898 case 065:
899 case 066:
900 case 067:
901 if (opx->type & (BITS16 | BITS32 | BITS64))
902 length += (opx->type & BITS16) ? 2 : 4;
903 else
904 length += (bits == 16) ? 2 : 4;
905 break;
906 case 070:
907 case 071:
908 case 072:
909 case 073:
910 length += 4;
911 break;
912 case 074:
913 case 075:
914 case 076:
915 case 077:
916 length += 2;
917 break;
918 case 0140:
919 case 0141:
920 case 0142:
921 case 0143:
922 length += is_sbyte16(opx) ? 1 : 2;
923 break;
924 case 0144:
925 case 0145:
926 case 0146:
927 case 0147:
928 codes++;
929 length++;
930 break;
931 case 0150:
932 case 0151:
933 case 0152:
934 case 0153:
935 length += is_sbyte32(opx) ? 1 : 4;
936 break;
937 case 0154:
938 case 0155:
939 case 0156:
940 case 0157:
941 codes++;
942 length++;
943 break;
944 case 0160:
945 case 0161:
946 case 0162:
947 case 0163:
948 length++;
949 ins->rex |= REX_D;
950 ins->drexdst = regval(opx);
951 break;
952 case 0164:
953 case 0165:
954 case 0166:
955 case 0167:
956 length++;
957 ins->rex |= REX_D|REX_OC;
958 ins->drexdst = regval(opx);
959 break;
960 case 0171:
961 break;
962 case 0172:
963 case 0173:
964 case 0174:
965 codes++;
966 length++;
967 break;
968 case 0250:
969 case 0251:
970 case 0252:
971 case 0253:
972 length += is_sbyte64(opx) ? 1 : 4;
973 break;
974 case 0260:
975 case 0261:
976 case 0262:
977 case 0263:
978 length += 2;
979 ins->rex |= REX_V;
980 ins->drexdst = regval(opx);
981 ins->vex_m = *codes++;
982 ins->vex_wlp = *codes++;
983 break;
984 case 0270:
985 length += 2;
986 ins->rex |= REX_V;
987 ins->drexdst = 0;
988 ins->vex_m = *codes++;
989 ins->vex_wlp = *codes++;
990 break;
991 case 0300:
992 case 0301:
993 case 0302:
994 case 0303:
995 break;
996 case 0310:
997 if (bits == 64)
998 return -1;
999 length += (bits != 16) && !has_prefix(ins, PPS_ASIZE, P_A16);
1000 break;
1001 case 0311:
1002 length += (bits != 32) && !has_prefix(ins, PPS_ASIZE, P_A32);
1003 break;
1004 case 0312:
1005 break;
1006 case 0313:
1007 if (bits != 64 || has_prefix(ins, PPS_ASIZE, P_A16) ||
1008 has_prefix(ins, PPS_ASIZE, P_A32))
1009 return -1;
1010 break;
1011 case 0314:
1012 case 0315:
1013 case 0316:
1014 case 0317:
1015 break;
1016 case 0320:
1017 length += (bits != 16);
1018 break;
1019 case 0321:
1020 length += (bits == 16);
1021 break;
1022 case 0322:
1023 break;
1024 case 0323:
1025 rex_mask &= ~REX_W;
1026 break;
1027 case 0324:
1028 ins->rex |= REX_W;
1029 break;
1030 case 0330:
1031 codes++, length++;
1032 break;
1033 case 0331:
1034 break;
1035 case 0332:
1036 case 0333:
1037 length++;
1038 break;
1039 case 0334:
1040 ins->rex |= REX_L;
1041 break;
1042 case 0335:
1043 break;
1044 case 0340:
1045 if (ins->oprs[0].segment != NO_SEG)
1046 errfunc(ERR_NONFATAL, "attempt to reserve non-constant"
1047 " quantity of BSS space");
1048 else
1049 length += ins->oprs[0].offset;
1050 break;
1051 case 0360:
1052 break;
1053 case 0361:
1054 case 0362:
1055 case 0363:
1056 length++;
1057 break;
1058 case 0364:
1059 case 0365:
1060 break;
1061 case 0366:
1062 case 0367:
1063 length++;
1064 break;
1065 case 0370:
1066 case 0371:
1067 case 0372:
1068 break;
1069 case 0373:
1070 length++;
1071 break;
1072 default: /* can't do it by 'case' statements */
1073 if (c >= 0100 && c <= 0277) { /* it's an EA */
1074 ea ea_data;
1075 int rfield;
1076 int32_t rflags;
1077 ea_data.rex = 0; /* Ensure ea.REX is initially 0 */
1078
1079 if (c <= 0177) {
1080 /* pick rfield from operand b */
1081 rflags = regflag(&ins->oprs[c & 7]);
1082 rfield = nasm_regvals[ins->oprs[c & 7].basereg];
1083 } else {
1084 rflags = 0;
1085 rfield = c & 7;
1086 }
1087
1088 if (!process_ea
1089 (&ins->oprs[(c >> 3) & 7], &ea_data, bits,
1090 ins->addr_size, rfield, rflags)) {
1091 errfunc(ERR_NONFATAL, "invalid effective address");
1092 return -1;
1093 } else {
1094 ins->rex |= ea_data.rex;
1095 length += ea_data.size;
1096 }
1097 } else {
1098 errfunc(ERR_PANIC, "internal instruction table corrupt"
1099 ": instruction code 0x%02X given", c);
1100 }
1101 }
1102 }
1103
1104 ins->rex &= rex_mask;
1105
1106 if (ins->rex & REX_V) {
1107 int bad32 = REX_R|REX_W|REX_X|REX_B;
1108
1109 if (ins->rex & REX_H) {
1110 errfunc(ERR_NONFATAL, "cannot use high register in vex instruction");
1111 return -1;
1112 }
1113 switch (ins->vex_wlp & 030) {
1114 case 000:
1115 case 020:
1116 ins->rex &= ~REX_W;
1117 break;
1118 case 010:
1119 ins->rex |= REX_W;
1120 bad32 &= ~REX_W;
1121 break;
1122 case 030:
1123 /* Follow REX_W */
1124 break;
1125 }
1126
1127 if (bits != 64 && ((ins->rex & bad32) || ins->drexdst > 7)) {
1128 errfunc(ERR_NONFATAL, "invalid operands in non-64-bit mode");
1129 return -1;
1130 }
1131 if (ins->vex_m != 1 || (ins->rex & (REX_W|REX_R|REX_B)))
1132 length += 3;
1133 else
1134 length += 2;
1135 } else if (ins->rex & REX_D) {
1136 if (ins->rex & REX_H) {
1137 errfunc(ERR_NONFATAL, "cannot use high register in drex instruction");
1138 return -1;
1139 }
1140 if (bits != 64 && ((ins->rex & (REX_R|REX_W|REX_X|REX_B)) ||
1141 ins->drexdst > 7)) {
1142 errfunc(ERR_NONFATAL, "invalid operands in non-64-bit mode");
1143 return -1;
1144 }
1145 length++;
1146 } else if (ins->rex & REX_REAL) {
1147 if (ins->rex & REX_H) {
1148 errfunc(ERR_NONFATAL, "cannot use high register in rex instruction");
1149 return -1;
1150 } else if (bits == 64) {
1151 length++;
1152 } else if ((ins->rex & REX_L) &&
1153 !(ins->rex & (REX_P|REX_W|REX_X|REX_B)) &&
1154 cpu >= IF_X86_64) {
1155 /* LOCK-as-REX.R */
1156 assert_no_prefix(ins, PPS_LREP);
1157 length++;
1158 } else {
1159 errfunc(ERR_NONFATAL, "invalid operands in non-64-bit mode");
1160 return -1;
1161 }
1162 }
1163
1164 return length;
1165 }
1166
1167 #define EMIT_REX() \
1168 if (!(ins->rex & (REX_D|REX_V)) && (ins->rex & REX_REAL) && (bits == 64)) { \
1169 ins->rex = (ins->rex & REX_REAL)|REX_P; \
1170 out(offset, segment, &ins->rex, OUT_RAWDATA, 1, NO_SEG, NO_SEG); \
1171 ins->rex = 0; \
1172 offset += 1; \
1173 }
1174
1175 static void gencode(int32_t segment, int64_t offset, int bits,
1176 insn * ins, const uint8_t *codes, int64_t insn_end)
1177 {
1178 static char condval[] = { /* conditional opcodes */
1179 0x7, 0x3, 0x2, 0x6, 0x2, 0x4, 0xF, 0xD, 0xC, 0xE, 0x6, 0x2,
1180 0x3, 0x7, 0x3, 0x5, 0xE, 0xC, 0xD, 0xF, 0x1, 0xB, 0x9, 0x5,
1181 0x0, 0xA, 0xA, 0xB, 0x8, 0x4
1182 };
1183 uint8_t c;
1184 uint8_t bytes[4];
1185 int64_t size;
1186 int64_t data;
1187 struct operand *opx;
1188
1189 while (*codes) {
1190 c = *codes++;
1191 opx = &ins->oprs[c & 3];
1192 switch (c) {
1193 case 01:
1194 case 02:
1195 case 03:
1196 EMIT_REX();
1197 out(offset, segment, codes, OUT_RAWDATA, c, NO_SEG, NO_SEG);
1198 codes += c;
1199 offset += c;
1200 break;
1201
1202 case 04:
1203 case 06:
1204 switch (ins->oprs[0].basereg) {
1205 case R_CS:
1206 bytes[0] = 0x0E + (c == 0x04 ? 1 : 0);
1207 break;
1208 case R_DS:
1209 bytes[0] = 0x1E + (c == 0x04 ? 1 : 0);
1210 break;
1211 case R_ES:
1212 bytes[0] = 0x06 + (c == 0x04 ? 1 : 0);
1213 break;
1214 case R_SS:
1215 bytes[0] = 0x16 + (c == 0x04 ? 1 : 0);
1216 break;
1217 default:
1218 errfunc(ERR_PANIC,
1219 "bizarre 8086 segment register received");
1220 }
1221 out(offset, segment, bytes, OUT_RAWDATA, 1, NO_SEG, NO_SEG);
1222 offset++;
1223 break;
1224
1225 case 05:
1226 case 07:
1227 switch (ins->oprs[0].basereg) {
1228 case R_FS:
1229 bytes[0] = 0xA0 + (c == 0x05 ? 1 : 0);
1230 break;
1231 case R_GS:
1232 bytes[0] = 0xA8 + (c == 0x05 ? 1 : 0);
1233 break;
1234 default:
1235 errfunc(ERR_PANIC,
1236 "bizarre 386 segment register received");
1237 }
1238 out(offset, segment, bytes, OUT_RAWDATA, 1, NO_SEG, NO_SEG);
1239 offset++;
1240 break;
1241
1242 case 010:
1243 case 011:
1244 case 012:
1245 case 013:
1246 EMIT_REX();
1247 bytes[0] = *codes++ + ((regval(opx)) & 7);
1248 out(offset, segment, bytes, OUT_RAWDATA, 1, NO_SEG, NO_SEG);
1249 offset += 1;
1250 break;
1251
1252 case 014:
1253 case 015:
1254 case 016:
1255 case 017:
1256 /* XXX: warns for legitimate optimizer actions */
1257 if (opx->offset < -128 || opx->offset > 127) {
1258 errfunc(ERR_WARNING | ERR_WARN_NOV,
1259 "signed byte value exceeds bounds");
1260 }
1261
1262 if (opx->segment != NO_SEG) {
1263 data = opx->offset;
1264 out(offset, segment, &data, OUT_ADDRESS, 1,
1265 opx->segment, opx->wrt);
1266 } else {
1267 bytes[0] = opx->offset;
1268 out(offset, segment, bytes, OUT_RAWDATA, 1, NO_SEG,
1269 NO_SEG);
1270 }
1271 offset += 1;
1272 break;
1273
1274 case 020:
1275 case 021:
1276 case 022:
1277 case 023:
1278 if (opx->offset < -256 || opx->offset > 255) {
1279 errfunc(ERR_WARNING | ERR_WARN_NOV,
1280 "byte value exceeds bounds");
1281 }
1282 if (opx->segment != NO_SEG) {
1283 data = opx->offset;
1284 out(offset, segment, &data, OUT_ADDRESS, 1,
1285 opx->segment, opx->wrt);
1286 } else {
1287 bytes[0] = opx->offset;
1288 out(offset, segment, bytes, OUT_RAWDATA, 1, NO_SEG,
1289 NO_SEG);
1290 }
1291 offset += 1;
1292 break;
1293
1294 case 024:
1295 case 025:
1296 case 026:
1297 case 027:
1298 if (opx->offset < 0 || opx->offset > 255)
1299 errfunc(ERR_WARNING | ERR_WARN_NOV,
1300 "unsigned byte value exceeds bounds");
1301 if (opx->segment != NO_SEG) {
1302 data = opx->offset;
1303 out(offset, segment, &data, OUT_ADDRESS, 1,
1304 opx->segment, opx->wrt);
1305 } else {
1306 bytes[0] = opx->offset;
1307 out(offset, segment, bytes, OUT_RAWDATA, 1, NO_SEG,
1308 NO_SEG);
1309 }
1310 offset += 1;
1311 break;
1312
1313 case 030:
1314 case 031:
1315 case 032:
1316 case 033:
1317 data = opx->offset;
1318 if (opx->segment == NO_SEG && opx->wrt == NO_SEG)
1319 warn_overflow(2, data);
1320 out(offset, segment, &data, OUT_ADDRESS, 2,
1321 opx->segment, opx->wrt);
1322 offset += 2;
1323 break;
1324
1325 case 034:
1326 case 035:
1327 case 036:
1328 case 037:
1329 if (opx->type & (BITS16 | BITS32))
1330 size = (opx->type & BITS16) ? 2 : 4;
1331 else
1332 size = (bits == 16) ? 2 : 4;
1333 data = opx->offset;
1334 if (opx->segment == NO_SEG && opx->wrt == NO_SEG)
1335 warn_overflow(size, data);
1336 out(offset, segment, &data, OUT_ADDRESS, size,
1337 opx->segment, opx->wrt);
1338 offset += size;
1339 break;
1340
1341 case 040:
1342 case 041:
1343 case 042:
1344 case 043:
1345 data = opx->offset;
1346 if (opx->segment == NO_SEG && opx->wrt == NO_SEG)
1347 warn_overflow(4, data);
1348 out(offset, segment, &data, OUT_ADDRESS, 4,
1349 opx->segment, opx->wrt);
1350 offset += 4;
1351 break;
1352
1353 case 044:
1354 case 045:
1355 case 046:
1356 case 047:
1357 data = opx->offset;
1358 size = ins->addr_size >> 3;
1359 if (opx->segment == NO_SEG &&
1360 opx->wrt == NO_SEG)
1361 warn_overflow(size, data);
1362 out(offset, segment, &data, OUT_ADDRESS, size,
1363 opx->segment, opx->wrt);
1364 offset += size;
1365 break;
1366
1367 case 050:
1368 case 051:
1369 case 052:
1370 case 053:
1371 if (opx->segment != segment)
1372 errfunc(ERR_NONFATAL,
1373 "short relative jump outside segment");
1374 data = opx->offset - insn_end;
1375 if (data > 127 || data < -128)
1376 errfunc(ERR_NONFATAL, "short jump is out of range");
1377 bytes[0] = data;
1378 out(offset, segment, bytes, OUT_RAWDATA, 1, NO_SEG, NO_SEG);
1379 offset += 1;
1380 break;
1381
1382 case 054:
1383 case 055:
1384 case 056:
1385 case 057:
1386 data = (int64_t)opx->offset;
1387 out(offset, segment, &data, OUT_ADDRESS, 8,
1388 opx->segment, opx->wrt);
1389 offset += 8;
1390 break;
1391
1392 case 060:
1393 case 061:
1394 case 062:
1395 case 063:
1396 if (opx->segment != segment) {
1397 data = opx->offset;
1398 out(offset, segment, &data,
1399 OUT_REL2ADR, insn_end - offset,
1400 opx->segment, opx->wrt);
1401 } else {
1402 data = opx->offset - insn_end;
1403 out(offset, segment, &data,
1404 OUT_ADDRESS, 2, NO_SEG, NO_SEG);
1405 }
1406 offset += 2;
1407 break;
1408
1409 case 064:
1410 case 065:
1411 case 066:
1412 case 067:
1413 if (opx->type & (BITS16 | BITS32 | BITS64))
1414 size = (opx->type & BITS16) ? 2 : 4;
1415 else
1416 size = (bits == 16) ? 2 : 4;
1417 if (opx->segment != segment) {
1418 data = opx->offset;
1419 out(offset, segment, &data,
1420 size == 2 ? OUT_REL2ADR : OUT_REL4ADR,
1421 insn_end - offset, opx->segment, opx->wrt);
1422 } else {
1423 data = opx->offset - insn_end;
1424 out(offset, segment, &data,
1425 OUT_ADDRESS, size, NO_SEG, NO_SEG);
1426 }
1427 offset += size;
1428 break;
1429
1430 case 070:
1431 case 071:
1432 case 072:
1433 case 073:
1434 if (opx->segment != segment) {
1435 data = opx->offset;
1436 out(offset, segment, &data,
1437 OUT_REL4ADR, insn_end - offset,
1438 opx->segment, opx->wrt);
1439 } else {
1440 data = opx->offset - insn_end;
1441 out(offset, segment, &data,
1442 OUT_ADDRESS, 4, NO_SEG, NO_SEG);
1443 }
1444 offset += 4;
1445 break;
1446
1447 case 074:
1448 case 075:
1449 case 076:
1450 case 077:
1451 if (opx->segment == NO_SEG)
1452 errfunc(ERR_NONFATAL, "value referenced by FAR is not"
1453 " relocatable");
1454 data = 0;
1455 out(offset, segment, &data, OUT_ADDRESS, 2,
1456 outfmt->segbase(1 + opx->segment),
1457 opx->wrt);
1458 offset += 2;
1459 break;
1460
1461 case 0140:
1462 case 0141:
1463 case 0142:
1464 case 0143:
1465 data = opx->offset;
1466 if (is_sbyte16(opx)) {
1467 bytes[0] = data;
1468 out(offset, segment, bytes, OUT_RAWDATA, 1, NO_SEG,
1469 NO_SEG);
1470 offset++;
1471 } else {
1472 if (opx->segment == NO_SEG &&
1473 opx->wrt == NO_SEG)
1474 warn_overflow(2, data);
1475 out(offset, segment, &data, OUT_ADDRESS, 2,
1476 opx->segment, opx->wrt);
1477 offset += 2;
1478 }
1479 break;
1480
1481 case 0144:
1482 case 0145:
1483 case 0146:
1484 case 0147:
1485 EMIT_REX();
1486 bytes[0] = *codes++;
1487 if (is_sbyte16(opx))
1488 bytes[0] |= 2; /* s-bit */
1489 out(offset, segment, bytes, OUT_RAWDATA, 1, NO_SEG, NO_SEG);
1490 offset++;
1491 break;
1492
1493 case 0150:
1494 case 0151:
1495 case 0152:
1496 case 0153:
1497 data = opx->offset;
1498 if (is_sbyte32(opx)) {
1499 bytes[0] = data;
1500 out(offset, segment, bytes, OUT_RAWDATA, 1, NO_SEG,
1501 NO_SEG);
1502 offset++;
1503 } else {
1504 out(offset, segment, &data, OUT_ADDRESS, 4,
1505 opx->segment, opx->wrt);
1506 offset += 4;
1507 }
1508 break;
1509
1510 case 0154:
1511 case 0155:
1512 case 0156:
1513 case 0157:
1514 EMIT_REX();
1515 bytes[0] = *codes++;
1516 if (is_sbyte32(opx))
1517 bytes[0] |= 2; /* s-bit */
1518 out(offset, segment, bytes, OUT_RAWDATA, 1, NO_SEG, NO_SEG);
1519 offset++;
1520 break;
1521
1522 case 0160:
1523 case 0161:
1524 case 0162:
1525 case 0163:
1526 case 0164:
1527 case 0165:
1528 case 0166:
1529 case 0167:
1530 break;
1531
1532 case 0171:
1533 bytes[0] =
1534 (ins->drexdst << 4) |
1535 (ins->rex & REX_OC ? 0x08 : 0) |
1536 (ins->rex & (REX_R|REX_X|REX_B));
1537 ins->rex = 0;
1538 out(offset, segment, bytes, OUT_RAWDATA, 1, NO_SEG, NO_SEG);
1539 offset++;
1540 break;
1541
1542 case 0172:
1543 c = *codes++;
1544 opx = &ins->oprs[c >> 3];
1545 bytes[0] = nasm_regvals[opx->basereg] << 4;
1546 opx = &ins->oprs[c & 7];
1547 if (opx->segment != NO_SEG || opx->wrt != NO_SEG) {
1548 errfunc(ERR_NONFATAL,
1549 "non-absolute expression not permitted as argument %d",
1550 c & 7);
1551 } else {
1552 if (opx->offset & ~15) {
1553 errfunc(ERR_WARNING | ERR_WARN_NOV,
1554 "four-bit argument exceeds bounds");
1555 }
1556 bytes[0] |= opx->offset & 15;
1557 }
1558 out(offset, segment, bytes, OUT_RAWDATA, 1, NO_SEG, NO_SEG);
1559 offset++;
1560 break;
1561
1562 case 0173:
1563 c = *codes++;
1564 opx = &ins->oprs[c >> 4];
1565 bytes[0] = nasm_regvals[opx->basereg] << 4;
1566 bytes[0] |= c & 15;
1567 out(offset, segment, bytes, OUT_RAWDATA, 1, NO_SEG, NO_SEG);
1568 offset++;
1569 break;
1570
1571 case 0174:
1572 c = *codes++;
1573 opx = &ins->oprs[c];
1574 bytes[0] = nasm_regvals[opx->basereg] << 4;
1575 out(offset, segment, bytes, OUT_RAWDATA, 1, NO_SEG, NO_SEG);
1576 offset++;
1577 break;
1578
1579 case 0250:
1580 case 0251:
1581 case 0252:
1582 case 0253:
1583 data = opx->offset;
1584 /* is_sbyte32() is right here, we have already warned */
1585 if (is_sbyte32(opx)) {
1586 bytes[0] = data;
1587 out(offset, segment, bytes, OUT_RAWDATA, 1, NO_SEG,
1588 NO_SEG);
1589 offset++;
1590 } else {
1591 out(offset, segment, &data, OUT_ADDRESS, 4,
1592 opx->segment, opx->wrt);
1593 offset += 4;
1594 }
1595 break;
1596
1597 case 0260:
1598 case 0261:
1599 case 0262:
1600 case 0263:
1601 case 0270:
1602 codes += 2;
1603 if (ins->vex_m != 1 || (ins->rex & (REX_W|REX_X|REX_B))) {
1604 bytes[0] = 0xc4;
1605 bytes[1] = ins->vex_m | ((~ins->rex & 7) << 5);
1606 bytes[2] = ((ins->rex & REX_W) << (7-3)) |
1607 ((~ins->drexdst & 15)<< 3) | (ins->vex_wlp & 07);
1608 out(offset, segment, &bytes, OUT_RAWDATA, 3, NO_SEG, NO_SEG);
1609 offset += 3;
1610 } else {
1611 bytes[0] = 0xc5;
1612 bytes[1] = ((~ins->rex & REX_R) << (7-2)) |
1613 ((~ins->drexdst & 15) << 3) | (ins->vex_wlp & 07);
1614 out(offset, segment, &bytes, OUT_RAWDATA, 2, NO_SEG, NO_SEG);
1615 offset += 2;
1616 }
1617 break;
1618
1619 case 0300:
1620 case 0301:
1621 case 0302:
1622 case 0303:
1623 break;
1624
1625 case 0310:
1626 if (bits == 32 && !has_prefix(ins, PPS_ASIZE, P_A16)) {
1627 *bytes = 0x67;
1628 out(offset, segment, bytes, OUT_RAWDATA, 1, NO_SEG, NO_SEG);
1629 offset += 1;
1630 } else
1631 offset += 0;
1632 break;
1633
1634 case 0311:
1635 if (bits != 32 && !has_prefix(ins, PPS_ASIZE, P_A32)) {
1636 *bytes = 0x67;
1637 out(offset, segment, bytes, OUT_RAWDATA, 1, NO_SEG, NO_SEG);
1638 offset += 1;
1639 } else
1640 offset += 0;
1641 break;
1642
1643 case 0312:
1644 break;
1645
1646 case 0313:
1647 ins->rex = 0;
1648 break;
1649
1650 case 0314:
1651 case 0315:
1652 case 0316:
1653 case 0317:
1654 break;
1655
1656 case 0320:
1657 if (bits != 16) {
1658 *bytes = 0x66;
1659 out(offset, segment, bytes, OUT_RAWDATA, 1, NO_SEG, NO_SEG);
1660 offset += 1;
1661 } else
1662 offset += 0;
1663 break;
1664
1665 case 0321:
1666 if (bits == 16) {
1667 *bytes = 0x66;
1668 out(offset, segment, bytes, OUT_RAWDATA, 1, NO_SEG, NO_SEG);
1669 offset += 1;
1670 } else
1671 offset += 0;
1672 break;
1673
1674 case 0322:
1675 case 0323:
1676 break;
1677
1678 case 0324:
1679 ins->rex |= REX_W;
1680 break;
1681
1682 case 0330:
1683 *bytes = *codes++ ^ condval[ins->condition];
1684 out(offset, segment, bytes, OUT_RAWDATA, 1, NO_SEG, NO_SEG);
1685 offset += 1;
1686 break;
1687
1688 case 0331:
1689 break;
1690
1691 case 0332:
1692 case 0333:
1693 *bytes = c - 0332 + 0xF2;
1694 out(offset, segment, bytes, OUT_RAWDATA, 1, NO_SEG, NO_SEG);
1695 offset += 1;
1696 break;
1697
1698 case 0334:
1699 if (ins->rex & REX_R) {
1700 *bytes = 0xF0;
1701 out(offset, segment, bytes, OUT_RAWDATA, 1, NO_SEG, NO_SEG);
1702 offset += 1;
1703 }
1704 ins->rex &= ~(REX_L|REX_R);
1705 break;
1706
1707 case 0335:
1708 break;
1709
1710 case 0340:
1711 if (ins->oprs[0].segment != NO_SEG)
1712 errfunc(ERR_PANIC, "non-constant BSS size in pass two");
1713 else {
1714 int64_t size = ins->oprs[0].offset;
1715 if (size > 0)
1716 out(offset, segment, NULL,
1717 OUT_RESERVE, size, NO_SEG, NO_SEG);
1718 offset += size;
1719 }
1720 break;
1721
1722 case 0360:
1723 break;
1724
1725 case 0361:
1726 bytes[0] = 0x66;
1727 out(offset, segment, bytes, OUT_RAWDATA, 1, NO_SEG, NO_SEG);
1728 offset += 1;
1729 break;
1730
1731 case 0362:
1732 case 0363:
1733 bytes[0] = c - 0362 + 0xf2;
1734 out(offset, segment, bytes, OUT_RAWDATA, 1, NO_SEG, NO_SEG);
1735 offset += 1;
1736 break;
1737
1738 case 0364:
1739 case 0365:
1740 break;
1741
1742 case 0366:
1743 case 0367:
1744 *bytes = c - 0366 + 0x66;
1745 out(offset, segment, bytes, OUT_RAWDATA, 1, NO_SEG, NO_SEG);
1746 offset += 1;
1747 break;
1748
1749 case 0370:
1750 case 0371:
1751 case 0372:
1752 break;
1753
1754 case 0373:
1755 *bytes = bits == 16 ? 3 : 5;
1756 out(offset, segment, bytes, OUT_RAWDATA, 1, NO_SEG, NO_SEG);
1757 offset += 1;
1758 break;
1759
1760 default: /* can't do it by 'case' statements */
1761 if (c >= 0100 && c <= 0277) { /* it's an EA */
1762 ea ea_data;
1763 int rfield;
1764 int32_t rflags;
1765 uint8_t *p;
1766 int32_t s;
1767
1768 if (c <= 0177) {
1769 /* pick rfield from operand b */
1770 rflags = regflag(&ins->oprs[c & 7]);
1771 rfield = nasm_regvals[ins->oprs[c & 7].basereg];
1772 } else {
1773 /* rfield is constant */
1774 rflags = 0;
1775 rfield = c & 7;
1776 }
1777
1778 if (!process_ea
1779 (&ins->oprs[(c >> 3) & 7], &ea_data, bits,
1780 ins->addr_size, rfield, rflags)) {
1781 errfunc(ERR_NONFATAL, "invalid effective address");
1782 }
1783
1784
1785 p = bytes;
1786 *p++ = ea_data.modrm;
1787 if (ea_data.sib_present)
1788 *p++ = ea_data.sib;
1789
1790 /* DREX suffixes come between the SIB and the displacement */
1791 if (ins->rex & REX_D) {
1792 *p++ =
1793 (ins->drexdst << 4) |
1794 (ins->rex & REX_OC ? 0x08 : 0) |
1795 (ins->rex & (REX_R|REX_X|REX_B));
1796 ins->rex = 0;
1797 }
1798
1799 s = p - bytes;
1800 out(offset, segment, bytes, OUT_RAWDATA, s, NO_SEG, NO_SEG);
1801
1802 switch (ea_data.bytes) {
1803 case 0:
1804 break;
1805 case 1:
1806 if (ins->oprs[(c >> 3) & 7].segment != NO_SEG) {
1807 data = ins->oprs[(c >> 3) & 7].offset;
1808 out(offset, segment, &data, OUT_ADDRESS, 1,
1809 ins->oprs[(c >> 3) & 7].segment,
1810 ins->oprs[(c >> 3) & 7].wrt);
1811 } else {
1812 *bytes = ins->oprs[(c >> 3) & 7].offset;
1813 out(offset, segment, bytes, OUT_RAWDATA, 1,
1814 NO_SEG, NO_SEG);
1815 }
1816 s++;
1817 break;
1818 case 8:
1819 case 2:
1820 case 4:
1821 data = ins->oprs[(c >> 3) & 7].offset;
1822 warn_overflow(ea_data.bytes, data);
1823 out(offset, segment, &data,
1824 ea_data.rip ? OUT_REL4ADR : OUT_ADDRESS,
1825 ea_data.bytes,
1826 ins->oprs[(c >> 3) & 7].segment,
1827 ins->oprs[(c >> 3) & 7].wrt);
1828 s += ea_data.bytes;
1829 break;
1830 }
1831 offset += s;
1832 } else {
1833 errfunc(ERR_PANIC, "internal instruction table corrupt"
1834 ": instruction code 0x%02X given", c);
1835 }
1836 }
1837 }
1838 }
1839
1840 static int32_t regflag(const operand * o)
1841 {
1842 if (o->basereg < EXPR_REG_START || o->basereg >= REG_ENUM_LIMIT) {
1843 errfunc(ERR_PANIC, "invalid operand passed to regflag()");
1844 }
1845 return nasm_reg_flags[o->basereg];
1846 }
1847
1848 static int32_t regval(const operand * o)
1849 {
1850 if (o->basereg < EXPR_REG_START || o->basereg >= REG_ENUM_LIMIT) {
1851 errfunc(ERR_PANIC, "invalid operand passed to regval()");
1852 }
1853 return nasm_regvals[o->basereg];
1854 }
1855
1856 static int op_rexflags(const operand * o, int mask)
1857 {
1858 int32_t flags;
1859 int val;
1860
1861 if (o->basereg < EXPR_REG_START || o->basereg >= REG_ENUM_LIMIT) {
1862 errfunc(ERR_PANIC, "invalid operand passed to op_rexflags()");
1863 }
1864
1865 flags = nasm_reg_flags[o->basereg];
1866 val = nasm_regvals[o->basereg];
1867
1868 return rexflags(val, flags, mask);
1869 }
1870
1871 static int rexflags(int val, int32_t flags, int mask)
1872 {
1873 int rex = 0;
1874
1875 if (val >= 8)
1876 rex |= REX_B|REX_X|REX_R;
1877 if (flags & BITS64)
1878 rex |= REX_W;
1879 if (!(REG_HIGH & ~flags)) /* AH, CH, DH, BH */
1880 rex |= REX_H;
1881 else if (!(REG8 & ~flags) && val >= 4) /* SPL, BPL, SIL, DIL */
1882 rex |= REX_P;
1883
1884 return rex & mask;
1885 }
1886
1887 static int matches(const struct itemplate *itemp, insn * instruction, int bits)
1888 {
1889 int i, size[MAX_OPERANDS], asize, oprs, ret;
1890
1891 ret = 100;
1892
1893 /*
1894 * Check the opcode
1895 */
1896 if (itemp->opcode != instruction->opcode)
1897 return 0;
1898
1899 /*
1900 * Count the operands
1901 */
1902 if (itemp->operands != instruction->operands)
1903 return 0;
1904
1905 /*
1906 * Check that no spurious colons or TOs are present
1907 */
1908 for (i = 0; i < itemp->operands; i++)
1909 if (instruction->oprs[i].type & ~itemp->opd[i] & (COLON | TO))
1910 return 0;
1911
1912 /*
1913 * Process size flags
1914 */
1915 if (itemp->flags & IF_ARMASK) {
1916 memset(size, 0, sizeof size);
1917
1918 i = ((itemp->flags & IF_ARMASK) >> IF_ARSHFT) - 1;
1919
1920 switch (itemp->flags & IF_SMASK) {
1921 case IF_SB:
1922 size[i] = BITS8;
1923 break;
1924 case IF_SW:
1925 size[i] = BITS16;
1926 break;
1927 case IF_SD:
1928 size[i] = BITS32;
1929 break;
1930 case IF_SQ:
1931 size[i] = BITS64;
1932 break;
1933 case IF_SO:
1934 size[i] = BITS128;
1935 break;
1936 case IF_SY:
1937 size[i] = BITS256;
1938 break;
1939 case IF_SZ:
1940 switch (bits) {
1941 case 16:
1942 size[i] = BITS16;
1943 break;
1944 case 32:
1945 size[i] = BITS32;
1946 break;
1947 case 64:
1948 size[i] = BITS64;
1949 break;
1950 }
1951 break;
1952 default:
1953 break;
1954 }
1955 } else {
1956 asize = 0;
1957 switch (itemp->flags & IF_SMASK) {
1958 case IF_SB:
1959 asize = BITS8;
1960 break;
1961 case IF_SW:
1962 asize = BITS16;
1963 break;
1964 case IF_SD:
1965 asize = BITS32;
1966 break;
1967 case IF_SQ:
1968 asize = BITS64;
1969 break;
1970 case IF_SO:
1971 asize = BITS128;
1972 break;
1973 case IF_SY:
1974 asize = BITS256;
1975 break;
1976 case IF_SZ:
1977 switch (bits) {
1978 case 16:
1979 asize = BITS16;
1980 break;
1981 case 32:
1982 asize = BITS32;
1983 break;
1984 case 64:
1985 asize = BITS64;
1986 break;
1987 }
1988 break;
1989 default:
1990 break;
1991 }
1992 for (i = 0; i < MAX_OPERANDS; i++)
1993 size[i] = asize;
1994 }
1995
1996 /*
1997 * Check that the operand flags all match up
1998 */
1999 for (i = 0; i < itemp->operands; i++) {
2000 int32_t type = instruction->oprs[i].type;
2001 if (!(type & SIZE_MASK))
2002 type |= size[i];
2003
2004 if (itemp->opd[i] & SAME_AS) {
2005 int j = itemp->opd[i] & ~SAME_AS;
2006 if (type != instruction->oprs[j].type ||
2007 instruction->oprs[i].basereg != instruction->oprs[j].basereg)
2008 return 0;
2009 } else if (itemp->opd[i] & ~type ||
2010 ((itemp->opd[i] & SIZE_MASK) &&
2011 ((itemp->opd[i] ^ type) & SIZE_MASK))) {
2012 if ((itemp->opd[i] & ~type & ~SIZE_MASK) ||
2013 (type & SIZE_MASK))
2014 return 0;
2015 else
2016 return 1;
2017 }
2018 }
2019
2020 /*
2021 * Check operand sizes
2022 */
2023 if (itemp->flags & (IF_SM | IF_SM2)) {
2024 oprs = (itemp->flags & IF_SM2 ? 2 : itemp->operands);
2025 asize = 0;
2026 for (i = 0; i < oprs; i++) {
2027 if ((asize = itemp->opd[i] & SIZE_MASK) != 0) {
2028 int j;
2029 for (j = 0; j < oprs; j++)
2030 size[j] = asize;
2031 break;
2032 }
2033 }
2034 } else {
2035 oprs = itemp->operands;
2036 }
2037
2038 for (i = 0; i < itemp->operands; i++) {
2039 if (!(itemp->opd[i] & SIZE_MASK) &&
2040 (instruction->oprs[i].type & SIZE_MASK & ~size[i]))
2041 return 2;
2042 }
2043
2044 /*
2045 * Check template is okay at the set cpu level
2046 */
2047 if (((itemp->flags & IF_PLEVEL) > cpu))
2048 return 3;
2049
2050 /*
2051 * Check if instruction is available in long mode
2052 */
2053 if ((itemp->flags & IF_NOLONG) && (bits == 64))
2054 return 4;
2055
2056 /*
2057 * Check if special handling needed for Jumps
2058 */
2059 if ((uint8_t)(itemp->code[0]) >= 0370)
2060 return 99;
2061
2062 return ret;
2063 }
2064
2065 static ea *process_ea(operand * input, ea * output, int bits,
2066 int addrbits, int rfield, int32_t rflags)
2067 {
2068 bool forw_ref = !!(input->opflags & OPFLAG_FORWARD);
2069
2070 output->rip = false;
2071
2072 /* REX flags for the rfield operand */
2073 output->rex |= rexflags(rfield, rflags, REX_R|REX_P|REX_W|REX_H);
2074
2075 if (!(REGISTER & ~input->type)) { /* register direct */
2076 int i;
2077 int32_t f;
2078
2079 if (input->basereg < EXPR_REG_START /* Verify as Register */
2080 || input->basereg >= REG_ENUM_LIMIT)
2081 return NULL;
2082 f = regflag(input);
2083 i = nasm_regvals[input->basereg];
2084
2085 if (REG_EA & ~f)
2086 return NULL; /* Invalid EA register */
2087
2088 output->rex |= op_rexflags(input, REX_B|REX_P|REX_W|REX_H);
2089
2090 output->sib_present = false; /* no SIB necessary */
2091 output->bytes = 0; /* no offset necessary either */
2092 output->modrm = 0xC0 | ((rfield & 7) << 3) | (i & 7);
2093 } else { /* it's a memory reference */
2094 if (input->basereg == -1
2095 && (input->indexreg == -1 || input->scale == 0)) {
2096 /* it's a pure offset */
2097 if (bits == 64 && (~input->type & IP_REL)) {
2098 int scale, index, base;
2099 output->sib_present = true;
2100 scale = 0;
2101 index = 4;
2102 base = 5;
2103 output->sib = (scale << 6) | (index << 3) | base;
2104 output->bytes = 4;
2105 output->modrm = 4 | ((rfield & 7) << 3);
2106 output->rip = false;
2107 } else {
2108 output->sib_present = false;
2109 output->bytes = (addrbits != 16 ? 4 : 2);
2110 output->modrm = (addrbits != 16 ? 5 : 6) | ((rfield & 7) << 3);
2111 output->rip = bits == 64;
2112 }
2113 } else { /* it's an indirection */
2114 int i = input->indexreg, b = input->basereg, s = input->scale;
2115 int32_t o = input->offset, seg = input->segment;
2116 int hb = input->hintbase, ht = input->hinttype;
2117 int t;
2118 int it, bt;
2119 int32_t ix, bx; /* register flags */
2120
2121 if (s == 0)
2122 i = -1; /* make this easy, at least */
2123
2124 if (i >= EXPR_REG_START && i < REG_ENUM_LIMIT) {
2125 it = nasm_regvals[i];
2126 ix = nasm_reg_flags[i];
2127 } else {
2128 it = -1;
2129 ix = 0;
2130 }
2131
2132 if (b >= EXPR_REG_START && b < REG_ENUM_LIMIT) {
2133 bt = nasm_regvals[b];
2134 bx = nasm_reg_flags[b];
2135 } else {
2136 bt = -1;
2137 bx = 0;
2138 }
2139
2140 /* check for a 32/64-bit memory reference... */
2141 if ((ix|bx) & (BITS32|BITS64)) {
2142 /* it must be a 32/64-bit memory reference. Firstly we have
2143 * to check that all registers involved are type E/Rxx. */
2144 int32_t sok = BITS32|BITS64;
2145
2146 if (it != -1) {
2147 if (!(REG64 & ~ix) || !(REG32 & ~ix))
2148 sok &= ix;
2149 else
2150 return NULL;
2151 }
2152
2153 if (bt != -1) {
2154 if (REG_GPR & ~bx)
2155 return NULL; /* Invalid register */
2156 if (~sok & bx & SIZE_MASK)
2157 return NULL; /* Invalid size */
2158 sok &= bx;
2159 }
2160
2161 /* While we're here, ensure the user didn't specify
2162 WORD or QWORD. */
2163 if (input->disp_size == 16 || input->disp_size == 64)
2164 return NULL;
2165
2166 if (addrbits == 16 ||
2167 (addrbits == 32 && !(sok & BITS32)) ||
2168 (addrbits == 64 && !(sok & BITS64)))
2169 return NULL;
2170
2171 /* now reorganize base/index */
2172 if (s == 1 && bt != it && bt != -1 && it != -1 &&
2173 ((hb == b && ht == EAH_NOTBASE)
2174 || (hb == i && ht == EAH_MAKEBASE))) {
2175 /* swap if hints say so */
2176 t = bt, bt = it, it = t;
2177 t = bx, bx = ix, ix = t;
2178 }
2179 if (bt == it) /* convert EAX+2*EAX to 3*EAX */
2180 bt = -1, bx = 0, s++;
2181 if (bt == -1 && s == 1 && !(hb == it && ht == EAH_NOTBASE)) {
2182 /* make single reg base, unless hint */
2183 bt = it, bx = ix, it = -1, ix = 0;
2184 }
2185 if (((s == 2 && it != REG_NUM_ESP
2186 && !(input->eaflags & EAF_TIMESTWO)) || s == 3
2187 || s == 5 || s == 9) && bt == -1)
2188 bt = it, bx = ix, s--; /* convert 3*EAX to EAX+2*EAX */
2189 if (it == -1 && (bt & 7) != REG_NUM_ESP
2190 && (input->eaflags & EAF_TIMESTWO))
2191 it = bt, ix = bx, bt = -1, bx = 0, s = 1;
2192 /* convert [NOSPLIT EAX] to sib format with 0x0 displacement */
2193 if (s == 1 && it == REG_NUM_ESP) {
2194 /* swap ESP into base if scale is 1 */
2195 t = it, it = bt, bt = t;
2196 t = ix, ix = bx, bx = t;
2197 }
2198 if (it == REG_NUM_ESP
2199 || (s != 1 && s != 2 && s != 4 && s != 8 && it != -1))
2200 return NULL; /* wrong, for various reasons */
2201
2202 output->rex |= rexflags(it, ix, REX_X);
2203 output->rex |= rexflags(bt, bx, REX_B);
2204
2205 if (it == -1 && (bt & 7) != REG_NUM_ESP) {
2206 /* no SIB needed */
2207 int mod, rm;
2208
2209 if (bt == -1) {
2210 rm = 5;
2211 mod = 0;
2212 } else {
2213 rm = (bt & 7);
2214 if (rm != REG_NUM_EBP && o == 0 &&
2215 seg == NO_SEG && !forw_ref &&
2216 !(input->eaflags &
2217 (EAF_BYTEOFFS | EAF_WORDOFFS)))
2218 mod = 0;
2219 else if (input->eaflags & EAF_BYTEOFFS ||
2220 (o >= -128 && o <= 127 && seg == NO_SEG
2221 && !forw_ref
2222 && !(input->eaflags & EAF_WORDOFFS)))
2223 mod = 1;
2224 else
2225 mod = 2;
2226 }
2227
2228 output->sib_present = false;
2229 output->bytes = (bt == -1 || mod == 2 ? 4 : mod);
2230 output->modrm = (mod << 6) | ((rfield & 7) << 3) | rm;
2231 } else {
2232 /* we need a SIB */
2233 int mod, scale, index, base;
2234
2235 if (it == -1)
2236 index = 4, s = 1;
2237 else
2238 index = (it & 7);
2239
2240 switch (s) {
2241 case 1:
2242 scale = 0;
2243 break;
2244 case 2:
2245 scale = 1;
2246 break;
2247 case 4:
2248 scale = 2;
2249 break;
2250 case 8:
2251 scale = 3;
2252 break;
2253 default: /* then what the smeg is it? */
2254 return NULL; /* panic */
2255 }
2256
2257 if (bt == -1) {
2258 base = 5;
2259 mod = 0;
2260 } else {
2261 base = (bt & 7);
2262 if (base != REG_NUM_EBP && o == 0 &&
2263 seg == NO_SEG && !forw_ref &&
2264 !(input->eaflags &
2265 (EAF_BYTEOFFS | EAF_WORDOFFS)))
2266 mod = 0;
2267 else if (input->eaflags & EAF_BYTEOFFS ||
2268 (o >= -128 && o <= 127 && seg == NO_SEG
2269 && !forw_ref
2270 && !(input->eaflags & EAF_WORDOFFS)))
2271 mod = 1;
2272 else
2273 mod = 2;
2274 }
2275
2276 output->sib_present = true;
2277 output->bytes = (bt == -1 || mod == 2 ? 4 : mod);
2278 output->modrm = (mod << 6) | ((rfield & 7) << 3) | 4;
2279 output->sib = (scale << 6) | (index << 3) | base;
2280 }
2281 } else { /* it's 16-bit */
2282 int mod, rm;
2283
2284 /* check for 64-bit long mode */
2285 if (addrbits == 64)
2286 return NULL;
2287
2288 /* check all registers are BX, BP, SI or DI */
2289 if ((b != -1 && b != R_BP && b != R_BX && b != R_SI
2290 && b != R_DI) || (i != -1 && i != R_BP && i != R_BX
2291 && i != R_SI && i != R_DI))
2292 return NULL;
2293
2294 /* ensure the user didn't specify DWORD/QWORD */
2295 if (input->disp_size == 32 || input->disp_size == 64)
2296 return NULL;
2297
2298 if (s != 1 && i != -1)
2299 return NULL; /* no can do, in 16-bit EA */
2300 if (b == -1 && i != -1) {
2301 int tmp = b;
2302 b = i;
2303 i = tmp;
2304 } /* swap */
2305 if ((b == R_SI || b == R_DI) && i != -1) {
2306 int tmp = b;
2307 b = i;
2308 i = tmp;
2309 }
2310 /* have BX/BP as base, SI/DI index */
2311 if (b == i)
2312 return NULL; /* shouldn't ever happen, in theory */
2313 if (i != -1 && b != -1 &&
2314 (i == R_BP || i == R_BX || b == R_SI || b == R_DI))
2315 return NULL; /* invalid combinations */
2316 if (b == -1) /* pure offset: handled above */
2317 return NULL; /* so if it gets to here, panic! */
2318
2319 rm = -1;
2320 if (i != -1)
2321 switch (i * 256 + b) {
2322 case R_SI * 256 + R_BX:
2323 rm = 0;
2324 break;
2325 case R_DI * 256 + R_BX:
2326 rm = 1;
2327 break;
2328 case R_SI * 256 + R_BP:
2329 rm = 2;
2330 break;
2331 case R_DI * 256 + R_BP:
2332 rm = 3;
2333 break;
2334 } else
2335 switch (b) {
2336 case R_SI:
2337 rm = 4;
2338 break;
2339 case R_DI:
2340 rm = 5;
2341 break;
2342 case R_BP:
2343 rm = 6;
2344 break;
2345 case R_BX:
2346 rm = 7;
2347 break;
2348 }
2349 if (rm == -1) /* can't happen, in theory */
2350 return NULL; /* so panic if it does */
2351
2352 if (o == 0 && seg == NO_SEG && !forw_ref && rm != 6 &&
2353 !(input->eaflags & (EAF_BYTEOFFS | EAF_WORDOFFS)))
2354 mod = 0;
2355 else if (input->eaflags & EAF_BYTEOFFS ||
2356 (o >= -128 && o <= 127 && seg == NO_SEG
2357 && !forw_ref
2358 && !(input->eaflags & EAF_WORDOFFS)))
2359 mod = 1;
2360 else
2361 mod = 2;
2362
2363 output->sib_present = false; /* no SIB - it's 16-bit */
2364 output->bytes = mod; /* bytes of offset needed */
2365 output->modrm = (mod << 6) | ((rfield & 7) << 3) | rm;
2366 }
2367 }
2368 }
2369
2370 output->size = 1 + output->sib_present + output->bytes;
2371 return output;
2372 }
2373
2374 static void add_asp(insn *ins, int addrbits)
2375 {
2376 int j, valid;
2377 int defdisp;
2378
2379 valid = (addrbits == 64) ? 64|32 : 32|16;
2380
2381 switch (ins->prefixes[PPS_ASIZE]) {
2382 case P_A16:
2383 valid &= 16;
2384 break;
2385 case P_A32:
2386 valid &= 32;
2387 break;
2388 case P_A64:
2389 valid &= 64;
2390 break;
2391 case P_ASP:
2392 valid &= (addrbits == 32) ? 16 : 32;
2393 break;
2394 default:
2395 break;
2396 }
2397
2398 for (j = 0; j < ins->operands; j++) {
2399 if (!(MEMORY & ~ins->oprs[j].type)) {
2400 int32_t i, b;
2401
2402 /* Verify as Register */
2403 if (ins->oprs[j].indexreg < EXPR_REG_START
2404 || ins->oprs[j].indexreg >= REG_ENUM_LIMIT)
2405 i = 0;
2406 else
2407 i = nasm_reg_flags[ins->oprs[j].indexreg];
2408
2409 /* Verify as Register */
2410 if (ins->oprs[j].basereg < EXPR_REG_START
2411 || ins->oprs[j].basereg >= REG_ENUM_LIMIT)
2412 b = 0;
2413 else
2414 b = nasm_reg_flags[ins->oprs[j].basereg];
2415
2416 if (ins->oprs[j].scale == 0)
2417 i = 0;
2418
2419 if (!i && !b) {
2420 int ds = ins->oprs[j].disp_size;
2421 if ((addrbits != 64 && ds > 8) ||
2422 (addrbits == 64 && ds == 16))
2423 valid &= ds;
2424 } else {
2425 if (!(REG16 & ~b))
2426 valid &= 16;
2427 if (!(REG32 & ~b))
2428 valid &= 32;
2429 if (!(REG64 & ~b))
2430 valid &= 64;
2431
2432 if (!(REG16 & ~i))
2433 valid &= 16;
2434 if (!(REG32 & ~i))
2435 valid &= 32;
2436 if (!(REG64 & ~i))
2437 valid &= 64;
2438 }
2439 }
2440 }
2441
2442 if (valid & addrbits) {
2443 ins->addr_size = addrbits;
2444 } else if (valid & ((addrbits == 32) ? 16 : 32)) {
2445 /* Add an address size prefix */
2446 enum prefixes pref = (addrbits == 32) ? P_A16 : P_A32;
2447 ins->prefixes[PPS_ASIZE] = pref;
2448 ins->addr_size = (addrbits == 32) ? 16 : 32;
2449 } else {
2450 /* Impossible... */
2451 errfunc(ERR_NONFATAL, "impossible combination of address sizes");
2452 ins->addr_size = addrbits; /* Error recovery */
2453 }
2454
2455 defdisp = ins->addr_size == 16 ? 16 : 32;
2456
2457 for (j = 0; j < ins->operands; j++) {
2458 if (!(MEM_OFFS & ~ins->oprs[j].type) &&
2459 (ins->oprs[j].disp_size ? ins->oprs[j].disp_size : defdisp)
2460 != ins->addr_size) {
2461 /* mem_offs sizes must match the address size; if not,
2462 strip the MEM_OFFS bit and match only EA instructions */
2463 ins->oprs[j].type &= ~(MEM_OFFS & ~MEMORY);
2464 }
2465 }
2466 }
rewrite Perl files