1 //===-- X86MCCodeEmitter.cpp - Convert X86 code to machine code -----------===//
2 //
3 // The LLVM Compiler Infrastructure
4 //
5 // This file is distributed under the University of Illinois Open Source
6 // License. See LICENSE.TXT for details.
7 //
8 //===----------------------------------------------------------------------===//
9 //
10 // This file implements the X86MCCodeEmitter class.
11 //
12 //===----------------------------------------------------------------------===//
13
14 #include "MCTargetDesc/X86MCTargetDesc.h"
15 #include "MCTargetDesc/X86BaseInfo.h"
16 #include "MCTargetDesc/X86FixupKinds.h"
17 #include "llvm/MC/MCCodeEmitter.h"
18 #include "llvm/MC/MCContext.h"
19 #include "llvm/MC/MCExpr.h"
20 #include "llvm/MC/MCInst.h"
21 #include "llvm/MC/MCInstrInfo.h"
22 #include "llvm/MC/MCRegisterInfo.h"
23 #include "llvm/MC/MCSubtargetInfo.h"
24 #include "llvm/MC/MCSymbol.h"
25 #include "llvm/Support/raw_ostream.h"
26
27 #include <keystone/keystone.h>
28
29 using namespace llvm;
30
31 #define DEBUG_TYPE "mccodeemitter"
32
33 namespace {
34 class X86MCCodeEmitter : public MCCodeEmitter {
35 X86MCCodeEmitter(const X86MCCodeEmitter &) = delete;
36 void operator=(const X86MCCodeEmitter &) = delete;
37 const MCInstrInfo &MCII;
38 MCContext &Ctx;
39 public:
X86MCCodeEmitter(const MCInstrInfo & mcii,MCContext & ctx)40 X86MCCodeEmitter(const MCInstrInfo &mcii, MCContext &ctx)
41 : MCII(mcii), Ctx(ctx) {
42 }
43
~X86MCCodeEmitter()44 ~X86MCCodeEmitter() override {}
45
is64BitMode(const MCSubtargetInfo & STI) const46 bool is64BitMode(const MCSubtargetInfo &STI) const {
47 return STI.getFeatureBits()[X86::Mode64Bit];
48 }
49
is32BitMode(const MCSubtargetInfo & STI) const50 bool is32BitMode(const MCSubtargetInfo &STI) const {
51 return STI.getFeatureBits()[X86::Mode32Bit];
52 }
53
is16BitMode(const MCSubtargetInfo & STI) const54 bool is16BitMode(const MCSubtargetInfo &STI) const {
55 return STI.getFeatureBits()[X86::Mode16Bit];
56 }
57
58 /// Is16BitMemOperand - Return true if the specified instruction has
59 /// a 16-bit memory operand. Op specifies the operand # of the memoperand.
Is16BitMemOperand(const MCInst & MI,unsigned Op,const MCSubtargetInfo & STI) const60 bool Is16BitMemOperand(const MCInst &MI, unsigned Op,
61 const MCSubtargetInfo &STI) const {
62 const MCOperand &BaseReg = MI.getOperand(Op+X86::AddrBaseReg);
63 const MCOperand &IndexReg = MI.getOperand(Op+X86::AddrIndexReg);
64 const MCOperand &Disp = MI.getOperand(Op+X86::AddrDisp);
65
66 if (is16BitMode(STI) && BaseReg.getReg() == 0 &&
67 Disp.isImm() && Disp.getImm() < 0x10000)
68 return true;
69 if ((BaseReg.getReg() != 0 &&
70 X86MCRegisterClasses[X86::GR16RegClassID].contains(BaseReg.getReg())) ||
71 (IndexReg.getReg() != 0 &&
72 X86MCRegisterClasses[X86::GR16RegClassID].contains(IndexReg.getReg())))
73 return true;
74 return false;
75 }
76
GetX86RegNum(const MCOperand & MO) const77 unsigned GetX86RegNum(const MCOperand &MO) const {
78 return Ctx.getRegisterInfo()->getEncodingValue(MO.getReg()) & 0x7;
79 }
80
81 // On regular x86, both XMM0-XMM7 and XMM8-XMM15 are encoded in the range
82 // 0-7 and the difference between the 2 groups is given by the REX prefix.
83 // In the VEX prefix, registers are seen sequencially from 0-15 and encoded
84 // in 1's complement form, example:
85 //
86 // ModRM field => XMM9 => 1
87 // VEX.VVVV => XMM9 => ~9
88 //
89 // See table 4-35 of Intel AVX Programming Reference for details.
getVEXRegisterEncoding(const MCInst & MI,unsigned OpNum) const90 unsigned char getVEXRegisterEncoding(const MCInst &MI,
91 unsigned OpNum) const {
92 unsigned SrcReg = MI.getOperand(OpNum).getReg();
93 unsigned SrcRegNum = GetX86RegNum(MI.getOperand(OpNum));
94 if (X86II::isX86_64ExtendedReg(SrcReg))
95 SrcRegNum |= 8;
96
97 // The registers represented through VEX_VVVV should
98 // be encoded in 1's complement form.
99 return (~SrcRegNum) & 0xf;
100 }
101
getWriteMaskRegisterEncoding(const MCInst & MI,unsigned OpNum) const102 unsigned char getWriteMaskRegisterEncoding(const MCInst &MI,
103 unsigned OpNum) const {
104 assert(X86::K0 != MI.getOperand(OpNum).getReg() &&
105 "Invalid mask register as write-mask!");
106 unsigned MaskRegNum = GetX86RegNum(MI.getOperand(OpNum));
107 return MaskRegNum;
108 }
109
EmitByte(unsigned char C,unsigned & CurByte,raw_ostream & OS) const110 void EmitByte(unsigned char C, unsigned &CurByte, raw_ostream &OS) const {
111 OS << (char)C;
112 ++CurByte;
113 }
114
EmitConstant(uint64_t Val,unsigned Size,unsigned & CurByte,raw_ostream & OS) const115 void EmitConstant(uint64_t Val, unsigned Size, unsigned &CurByte,
116 raw_ostream &OS) const {
117 // Output the constant in little endian byte order.
118 for (unsigned i = 0; i != Size; ++i) {
119 EmitByte(Val & 255, CurByte, OS);
120 Val >>= 8;
121 }
122 }
123
124 void EmitImmediate(const MCInst &MI, const MCOperand &Disp, SMLoc Loc,
125 unsigned ImmSize, MCFixupKind FixupKind,
126 unsigned &CurByte, raw_ostream &OS,
127 SmallVectorImpl<MCFixup> &Fixups,
128 unsigned int &KsError,
129 bool is64bit,
130 int ImmOffset = 0, bool RIP_rel = false) const;
131
ModRMByte(unsigned Mod,unsigned RegOpcode,unsigned RM)132 inline static unsigned char ModRMByte(unsigned Mod, unsigned RegOpcode,
133 unsigned RM) {
134 assert(Mod < 4 && RegOpcode < 8 && RM < 8 && "ModRM Fields out of range!");
135 return RM | (RegOpcode << 3) | (Mod << 6);
136 }
137
EmitRegModRMByte(const MCOperand & ModRMReg,unsigned RegOpcodeFld,unsigned & CurByte,raw_ostream & OS) const138 void EmitRegModRMByte(const MCOperand &ModRMReg, unsigned RegOpcodeFld,
139 unsigned &CurByte, raw_ostream &OS) const {
140 EmitByte(ModRMByte(3, RegOpcodeFld, GetX86RegNum(ModRMReg)), CurByte, OS);
141 }
142
EmitSIBByte(unsigned SS,unsigned Index,unsigned Base,unsigned & CurByte,raw_ostream & OS) const143 void EmitSIBByte(unsigned SS, unsigned Index, unsigned Base,
144 unsigned &CurByte, raw_ostream &OS) const {
145 // SIB byte is in the same format as the ModRMByte.
146 EmitByte(ModRMByte(SS, Index, Base), CurByte, OS);
147 }
148
149
150 void EmitMemModRMByte(const MCInst &MI, unsigned Op,
151 unsigned RegOpcodeField,
152 uint64_t TSFlags, unsigned &CurByte, raw_ostream &OS,
153 SmallVectorImpl<MCFixup> &Fixups,
154 const MCSubtargetInfo &STI) const;
155
156 void encodeInstruction(MCInst &MI, raw_ostream &OS,
157 SmallVectorImpl<MCFixup> &Fixups,
158 const MCSubtargetInfo &STI, unsigned int &KsError) const override;
159
160 bool EmitVEXOpcodePrefix(uint64_t TSFlags, unsigned &CurByte, int MemOperand,
161 const MCInst &MI, const MCInstrDesc &Desc,
162 raw_ostream &OS) const;
163
164 bool EmitSegmentOverridePrefix(unsigned &CurByte, unsigned SegOperand,
165 const MCInst &MI, raw_ostream &OS, int BaseReg = 0) const;
166
167 void EmitOpcodePrefix(uint64_t TSFlags, unsigned &CurByte, int MemOperand,
168 const MCInst &MI, const MCInstrDesc &Desc,
169 const MCSubtargetInfo &STI,
170 raw_ostream &OS) const;
171 };
172
173 } // end anonymous namespace
174
createX86MCCodeEmitter(const MCInstrInfo & MCII,const MCRegisterInfo & MRI,MCContext & Ctx)175 MCCodeEmitter *llvm::createX86MCCodeEmitter(const MCInstrInfo &MCII,
176 const MCRegisterInfo &MRI,
177 MCContext &Ctx) {
178 return new X86MCCodeEmitter(MCII, Ctx);
179 }
180
181 /// isDisp8 - Return true if this signed displacement fits in a 8-bit
182 /// sign-extended field.
isDisp8(int Value)183 static bool isDisp8(int Value) {
184 return Value == (signed char)Value;
185 }
186
187 /// isCDisp8 - Return true if this signed displacement fits in a 8-bit
188 /// compressed dispacement field.
isCDisp8(uint64_t TSFlags,int Value,int & CValue)189 static bool isCDisp8(uint64_t TSFlags, int Value, int& CValue) {
190 assert(((TSFlags & X86II::EncodingMask) == X86II::EVEX) &&
191 "Compressed 8-bit displacement is only valid for EVEX inst.");
192
193 unsigned CD8_Scale =
194 (TSFlags & X86II::CD8_Scale_Mask) >> X86II::CD8_Scale_Shift;
195 if (CD8_Scale == 0) {
196 CValue = Value;
197 return isDisp8(Value);
198 }
199
200 unsigned Mask = CD8_Scale - 1;
201 assert((CD8_Scale & Mask) == 0 && "Invalid memory object size.");
202 if (Value & Mask) // Unaligned offset
203 return false;
204 Value /= (int)CD8_Scale;
205 bool Ret = (Value == (signed char)Value);
206
207 if (Ret)
208 CValue = Value;
209 return Ret;
210 }
211
212 /// getImmFixupKind - Return the appropriate fixup kind to use for an immediate
213 /// in an instruction with the specified TSFlags.
getImmFixupKind(uint64_t TSFlags)214 static MCFixupKind getImmFixupKind(uint64_t TSFlags) {
215 unsigned Size = X86II::getSizeOfImm(TSFlags);
216 bool isPCRel = X86II::isImmPCRel(TSFlags);
217
218 if (X86II::isImmSigned(TSFlags)) {
219 switch (Size) {
220 default: llvm_unreachable("Unsupported signed fixup size!");
221 case 4: return MCFixupKind(X86::reloc_signed_4byte);
222 }
223 }
224 return MCFixup::getKindForSize(Size, isPCRel);
225 }
226
227 /// Is32BitMemOperand - Return true if the specified instruction has
228 /// a 32-bit memory operand. Op specifies the operand # of the memoperand.
Is32BitMemOperand(const MCInst & MI,unsigned Op)229 static bool Is32BitMemOperand(const MCInst &MI, unsigned Op) {
230 const MCOperand &BaseReg = MI.getOperand(Op+X86::AddrBaseReg);
231 const MCOperand &IndexReg = MI.getOperand(Op+X86::AddrIndexReg);
232
233 if ((BaseReg.getReg() != 0 &&
234 X86MCRegisterClasses[X86::GR32RegClassID].contains(BaseReg.getReg())) ||
235 (IndexReg.getReg() != 0 &&
236 X86MCRegisterClasses[X86::GR32RegClassID].contains(IndexReg.getReg())))
237 return true;
238 return false;
239 }
240
241 /// Is64BitMemOperand - Return true if the specified instruction has
242 /// a 64-bit memory operand. Op specifies the operand # of the memoperand.
Is64BitMemOperand(const MCInst & MI,unsigned Op)243 static bool Is64BitMemOperand(const MCInst &MI, unsigned Op) {
244 const MCOperand &BaseReg = MI.getOperand(Op+X86::AddrBaseReg);
245 const MCOperand &IndexReg = MI.getOperand(Op+X86::AddrIndexReg);
246
247 if ((BaseReg.getReg() != 0 &&
248 X86MCRegisterClasses[X86::GR64RegClassID].contains(BaseReg.getReg())) ||
249 (IndexReg.getReg() != 0 &&
250 X86MCRegisterClasses[X86::GR64RegClassID].contains(IndexReg.getReg())))
251 return true;
252 return false;
253 }
254
255 /// StartsWithGlobalOffsetTable - Check if this expression starts with
256 /// _GLOBAL_OFFSET_TABLE_ and if it is of the form
257 /// _GLOBAL_OFFSET_TABLE_-symbol. This is needed to support PIC on ELF
258 /// i386 as _GLOBAL_OFFSET_TABLE_ is magical. We check only simple case that
259 /// are know to be used: _GLOBAL_OFFSET_TABLE_ by itself or at the start
260 /// of a binary expression.
261 enum GlobalOffsetTableExprKind {
262 GOT_None,
263 GOT_Normal,
264 GOT_SymDiff
265 };
266 static GlobalOffsetTableExprKind
StartsWithGlobalOffsetTable(const MCExpr * Expr)267 StartsWithGlobalOffsetTable(const MCExpr *Expr) {
268 const MCExpr *RHS = nullptr;
269 if (Expr->getKind() == MCExpr::Binary) {
270 const MCBinaryExpr *BE = static_cast<const MCBinaryExpr *>(Expr);
271 Expr = BE->getLHS();
272 RHS = BE->getRHS();
273 }
274
275 if (Expr->getKind() != MCExpr::SymbolRef)
276 return GOT_None;
277
278 const MCSymbolRefExpr *Ref = static_cast<const MCSymbolRefExpr*>(Expr);
279 const MCSymbol &S = Ref->getSymbol();
280 if (S.getName() != "_GLOBAL_OFFSET_TABLE_")
281 return GOT_None;
282 if (RHS && RHS->getKind() == MCExpr::SymbolRef)
283 return GOT_SymDiff;
284 return GOT_Normal;
285 }
286
HasSecRelSymbolRef(const MCExpr * Expr)287 static bool HasSecRelSymbolRef(const MCExpr *Expr) {
288 if (Expr->getKind() == MCExpr::SymbolRef) {
289 const MCSymbolRefExpr *Ref = static_cast<const MCSymbolRefExpr*>(Expr);
290 return Ref->getKind() == MCSymbolRefExpr::VK_SECREL;
291 }
292 return false;
293 }
294
295 // return false if Imm value is invalid for a given size
validImmRange(int64_t Imm,unsigned int Size)296 static bool validImmRange(int64_t Imm, unsigned int Size)
297 {
298 if (Imm > 0 && Imm > 0xffffffff)
299 return false;
300
301 return true;
302 }
303
304 void X86MCCodeEmitter::
EmitImmediate(const MCInst & MI,const MCOperand & DispOp,SMLoc Loc,unsigned Size,MCFixupKind FixupKind,unsigned & CurByte,raw_ostream & OS,SmallVectorImpl<MCFixup> & Fixups,unsigned int & KsError,bool is64bit,int ImmOffset,bool RIP_rel) const305 EmitImmediate(const MCInst &MI, const MCOperand &DispOp, SMLoc Loc, unsigned Size,
306 MCFixupKind FixupKind, unsigned &CurByte, raw_ostream &OS,
307 SmallVectorImpl<MCFixup> &Fixups,
308 unsigned int &KsError, bool is64bit,
309 int ImmOffset, bool RIP_rel) const
310 {
311 KsError = 0;
312 const MCExpr *Expr = nullptr;
313 if (DispOp.isImm()) {
314 if (!is64bit && !validImmRange(DispOp.getImm(), Size)) {
315 KsError = KS_ERR_ASM_INVALIDOPERAND;
316 return;
317 }
318 // If this is a simple integer displacement that doesn't require a
319 // relocation, emit it now.
320 if (FixupKind != FK_PCRel_1 &&
321 FixupKind != FK_PCRel_2 &&
322 FixupKind != FK_PCRel_4 &&
323 FixupKind != FK_PCRel_4 &&
324 (FixupKind != MCFixupKind(X86::reloc_riprel_4byte) || !RIP_rel)) {
325 EmitConstant(DispOp.getImm(), Size, CurByte, OS);
326 return;
327 }
328 Expr = MCConstantExpr::create(DispOp.getImm(), Ctx);
329 } else {
330 Expr = DispOp.getExpr();
331 }
332
333 // If we have an immoffset, add it to the expression.
334 if ((FixupKind == FK_Data_4 ||
335 FixupKind == FK_Data_8 ||
336 FixupKind == MCFixupKind(X86::reloc_signed_4byte))) {
337 GlobalOffsetTableExprKind Kind = StartsWithGlobalOffsetTable(Expr);
338 if (Kind != GOT_None) {
339 assert(ImmOffset == 0);
340
341 if (Size == 8) {
342 FixupKind = MCFixupKind(X86::reloc_global_offset_table8);
343 } else {
344 assert(Size == 4);
345 FixupKind = MCFixupKind(X86::reloc_global_offset_table);
346 }
347
348 if (Kind == GOT_Normal)
349 ImmOffset = CurByte;
350 } else if (Expr->getKind() == MCExpr::SymbolRef) {
351 if (HasSecRelSymbolRef(Expr)) {
352 FixupKind = MCFixupKind(FK_SecRel_4);
353 }
354 } else if (Expr->getKind() == MCExpr::Binary) {
355 const MCBinaryExpr *Bin = static_cast<const MCBinaryExpr*>(Expr);
356 if (HasSecRelSymbolRef(Bin->getLHS())
357 || HasSecRelSymbolRef(Bin->getRHS())) {
358 FixupKind = MCFixupKind(FK_SecRel_4);
359 }
360 }
361 }
362
363 // If the fixup is pc-relative, we need to bias the value to be relative to
364 // the start of the field, not the end of the field.
365 if (FixupKind == FK_PCRel_4 ||
366 FixupKind == MCFixupKind(X86::reloc_riprel_4byte) ||
367 FixupKind == MCFixupKind(X86::reloc_riprel_4byte_movq_load))
368 ImmOffset -= 4;
369 if (FixupKind == FK_PCRel_2)
370 ImmOffset -= 2;
371 if (FixupKind == FK_PCRel_1)
372 ImmOffset -= 1;
373
374 if (ImmOffset)
375 Expr = MCBinaryExpr::createAdd(Expr, MCConstantExpr::create(ImmOffset, Ctx),
376 Ctx);
377
378 // Emit a symbolic constant as a fixup and 4 zeros.
379 Fixups.push_back(MCFixup::create(CurByte, Expr, FixupKind, Loc));
380 EmitConstant(0, Size, CurByte, OS);
381 }
382
383 #define ABS_SUB(a, b) (a < b? b - a: a - b)
EmitMemModRMByte(const MCInst & MI,unsigned Op,unsigned RegOpcodeField,uint64_t TSFlags,unsigned & CurByte,raw_ostream & OS,SmallVectorImpl<MCFixup> & Fixups,const MCSubtargetInfo & STI) const384 void X86MCCodeEmitter::EmitMemModRMByte(const MCInst &MI, unsigned Op,
385 unsigned RegOpcodeField,
386 uint64_t TSFlags, unsigned &CurByte,
387 raw_ostream &OS,
388 SmallVectorImpl<MCFixup> &Fixups,
389 const MCSubtargetInfo &STI) const
390 {
391 const MCOperand &Disp = MI.getOperand(Op+X86::AddrDisp);
392 const MCOperand &Base = MI.getOperand(Op+X86::AddrBaseReg);
393 const MCOperand &Scale = MI.getOperand(Op+X86::AddrScaleAmt);
394 const MCOperand &IndexReg = MI.getOperand(Op+X86::AddrIndexReg);
395 unsigned BaseReg = Base.getReg();
396 bool HasEVEX = (TSFlags & X86II::EncodingMask) == X86II::EVEX;
397 unsigned int KsError;
398 bool RIP_rel = false;
399
400 // do we need x64 RIP relative encoding?
401 if (BaseReg == 0 && is64BitMode(STI) && IndexReg.getReg() == 0 && Disp.isImm()) {
402 if (ABS_SUB(MI.getAddress(), (uint64_t)Disp.getImm()) < 2 * (1UL << 30))
403 RIP_rel = true;
404 }
405
406 // Handle %rip relative addressing.
407 if (RIP_rel || BaseReg == X86::RIP) { // [disp32+RIP] in X86-64 mode
408 assert(is64BitMode(STI) && "Rip-relative addressing requires 64-bit mode");
409 assert(IndexReg.getReg() == 0 && "Invalid rip-relative address");
410 EmitByte(ModRMByte(0, RegOpcodeField, 5), CurByte, OS);
411
412 unsigned FixupKind = X86::reloc_riprel_4byte;
413
414 // movq loads are handled with a special relocation form which allows the
415 // linker to eliminate some loads for GOT references which end up in the
416 // same linkage unit.
417 if (MI.getOpcode() == X86::MOV64rm)
418 FixupKind = X86::reloc_riprel_4byte_movq_load;
419
420 // rip-relative addressing is actually relative to the *next* instruction.
421 // Since an immediate can follow the mod/rm byte for an instruction, this
422 // means that we need to bias the immediate field of the instruction with
423 // the size of the immediate field. If we have this case, add it into the
424 // expression to emit.
425 int ImmSize = X86II::hasImm(TSFlags) ? X86II::getSizeOfImm(TSFlags) : 0;
426
427 EmitImmediate(MI, Disp, MI.getLoc(), 4, MCFixupKind(FixupKind),
428 CurByte, OS, Fixups, KsError, is64BitMode(STI), -ImmSize, RIP_rel);
429
430 return;
431 }
432
433 unsigned BaseRegNo = BaseReg ? GetX86RegNum(Base) : -1U;
434 //printf(">> BaseReg = %u, BaseRegNo = %u\n", BaseReg, BaseRegNo);
435 //printf(">> CurByte = %u\n", CurByte);
436
437 // 16-bit addressing forms of the ModR/M byte have a different encoding for
438 // the R/M field and are far more limited in which registers can be used.
439 if (Is16BitMemOperand(MI, Op, STI)) {
440 if (BaseReg) {
441 // For 32-bit addressing, the row and column values in Table 2-2 are
442 // basically the same. It's AX/CX/DX/BX/SP/BP/SI/DI in that order, with
443 // some special cases. And GetX86RegNum reflects that numbering.
444 // For 16-bit addressing it's more fun, as shown in the SDM Vol 2A,
445 // Table 2-1 "16-Bit Addressing Forms with the ModR/M byte". We can only
446 // use SI/DI/BP/BX, which have "row" values 4-7 in no particular order,
447 // while values 0-3 indicate the allowed combinations (base+index) of
448 // those: 0 for BX+SI, 1 for BX+DI, 2 for BP+SI, 3 for BP+DI.
449 //
450 // R16Table[] is a lookup from the normal RegNo, to the row values from
451 // Table 2-1 for 16-bit addressing modes. Where zero means disallowed.
452 static const unsigned R16Table[] = { 0, 0, 0, 7, 0, 6, 4, 5 };
453 unsigned RMfield = R16Table[BaseRegNo];
454
455 assert(RMfield && "invalid 16-bit base register");
456
457 if (IndexReg.getReg()) {
458 unsigned IndexReg16 = R16Table[GetX86RegNum(IndexReg)];
459
460 assert(IndexReg16 && "invalid 16-bit index register");
461 // We must have one of SI/DI (4,5), and one of BP/BX (6,7).
462 assert(((IndexReg16 ^ RMfield) & 2) &&
463 "invalid 16-bit base/index register combination");
464 assert(Scale.getImm() == 1 &&
465 "invalid scale for 16-bit memory reference");
466
467 // Allow base/index to appear in either order (although GAS doesn't).
468 if (IndexReg16 & 2)
469 RMfield = (RMfield & 1) | ((7 - IndexReg16) << 1);
470 else
471 RMfield = (IndexReg16 & 1) | ((7 - RMfield) << 1);
472 }
473
474 if (Disp.isImm() && isDisp8(Disp.getImm())) {
475 if (Disp.getImm() == 0 && BaseRegNo != N86::EBP) {
476 // There is no displacement; just the register.
477 EmitByte(ModRMByte(0, RegOpcodeField, RMfield), CurByte, OS);
478 return;
479 }
480 // Use the [REG]+disp8 form, including for [BP] which cannot be encoded.
481 EmitByte(ModRMByte(1, RegOpcodeField, RMfield), CurByte, OS);
482 EmitImmediate(MI, Disp, MI.getLoc(), 1, FK_Data_1, CurByte, OS, Fixups, KsError,
483 is64BitMode(STI));
484 return;
485 }
486 // This is the [REG]+disp16 case.
487 EmitByte(ModRMByte(2, RegOpcodeField, RMfield), CurByte, OS);
488 } else {
489 // There is no BaseReg; this is the plain [disp16] case.
490 EmitByte(ModRMByte(0, RegOpcodeField, 6), CurByte, OS);
491 }
492
493 // Emit 16-bit displacement for plain disp16 or [REG]+disp16 cases.
494 EmitImmediate(MI, Disp, MI.getLoc(), 2, FK_Data_2, CurByte, OS, Fixups, KsError,
495 is64BitMode(STI));
496 return;
497 }
498
499 // Determine whether a SIB byte is needed.
500 // If no BaseReg, issue a RIP relative instruction only if the MCE can
501 // resolve addresses on-the-fly, otherwise use SIB (Intel Manual 2A, table
502 // 2-7) and absolute references.
503
504 if (// The SIB byte must be used if there is an index register.
505 IndexReg.getReg() == 0 &&
506 // The SIB byte must be used if the base is ESP/RSP/R12, all of which
507 // encode to an R/M value of 4, which indicates that a SIB byte is
508 // present.
509 BaseRegNo != N86::ESP &&
510 // If there is no base register and we're in 64-bit mode, we need a SIB
511 // byte to emit an addr that is just 'disp32' (the non-RIP relative form).
512 (!is64BitMode(STI) || BaseReg != 0)) {
513
514 if (BaseReg == 0) { // [disp32] in X86-32 mode
515 EmitByte(ModRMByte(0, RegOpcodeField, 5), CurByte, OS);
516 EmitImmediate(MI, Disp, MI.getLoc(), 4, FK_Data_4, CurByte, OS, Fixups, KsError,
517 is64BitMode(STI));
518 return;
519 }
520
521 // If the base is not EBP/ESP and there is no displacement, use simple
522 // indirect register encoding, this handles addresses like [EAX]. The
523 // encoding for [EBP] with no displacement means [disp32] so we handle it
524 // by emitting a displacement of 0 below.
525 if (Disp.isImm() && Disp.getImm() == 0 && BaseRegNo != N86::EBP) {
526 EmitByte(ModRMByte(0, RegOpcodeField, BaseRegNo), CurByte, OS);
527 return;
528 }
529
530 // Otherwise, if the displacement fits in a byte, encode as [REG+disp8].
531 if (Disp.isImm()) {
532 if (!HasEVEX && isDisp8(Disp.getImm())) {
533 EmitByte(ModRMByte(1, RegOpcodeField, BaseRegNo), CurByte, OS);
534 EmitImmediate(MI, Disp, MI.getLoc(), 1, FK_Data_1, CurByte, OS, Fixups, KsError,
535 is64BitMode(STI));
536 return;
537 }
538 // Try EVEX compressed 8-bit displacement first; if failed, fall back to
539 // 32-bit displacement.
540 int CDisp8 = 0;
541 if (HasEVEX && isCDisp8(TSFlags, Disp.getImm(), CDisp8)) {
542 EmitByte(ModRMByte(1, RegOpcodeField, BaseRegNo), CurByte, OS);
543 EmitImmediate(MI, Disp, MI.getLoc(), 1, FK_Data_1, CurByte, OS, Fixups,
544 KsError, is64BitMode(STI), CDisp8 - Disp.getImm());
545 return;
546 }
547 }
548
549 // Otherwise, emit the most general non-SIB encoding: [REG+disp32]
550 EmitByte(ModRMByte(2, RegOpcodeField, BaseRegNo), CurByte, OS);
551 EmitImmediate(MI, Disp, MI.getLoc(), 4, MCFixupKind(X86::reloc_signed_4byte),
552 CurByte, OS, Fixups, KsError, is64BitMode(STI));
553 return;
554 }
555
556 // We need a SIB byte, so start by outputting the ModR/M byte first
557 assert(IndexReg.getReg() != X86::ESP &&
558 IndexReg.getReg() != X86::RSP && "Cannot use ESP as index reg!");
559
560 //printf(">> 22\n");
561 //printf(">> CurByte = %u\n", CurByte);
562 bool ForceDisp32 = false;
563 bool ForceDisp8 = false;
564 int CDisp8 = 0;
565 int ImmOffset = 0;
566 if (BaseReg == 0) {
567 // If there is no base register, we emit the special case SIB byte with
568 // MOD=0, BASE=5, to JUST get the index, scale, and displacement.
569 EmitByte(ModRMByte(0, RegOpcodeField, 4), CurByte, OS);
570 ForceDisp32 = true;
571 } else if (!Disp.isImm()) {
572 // Emit the normal disp32 encoding.
573 EmitByte(ModRMByte(2, RegOpcodeField, 4), CurByte, OS);
574 ForceDisp32 = true;
575 } else if (Disp.getImm() == 0 &&
576 // Base reg can't be anything that ends up with '5' as the base
577 // reg, it is the magic [*] nomenclature that indicates no base.
578 BaseRegNo != N86::EBP) {
579 // Emit no displacement ModR/M byte
580 EmitByte(ModRMByte(0, RegOpcodeField, 4), CurByte, OS);
581 } else if (!HasEVEX && isDisp8(Disp.getImm())) {
582 //printf(">> 55\n");
583 // Emit the disp8 encoding.
584 EmitByte(ModRMByte(1, RegOpcodeField, 4), CurByte, OS);
585 ForceDisp8 = true; // Make sure to force 8 bit disp if Base=EBP
586 } else if (HasEVEX && isCDisp8(TSFlags, Disp.getImm(), CDisp8)) {
587 // Emit the disp8 encoding.
588 EmitByte(ModRMByte(1, RegOpcodeField, 4), CurByte, OS);
589 ForceDisp8 = true; // Make sure to force 8 bit disp if Base=EBP
590 ImmOffset = CDisp8 - Disp.getImm();
591 } else {
592 // Emit the normal disp32 encoding.
593 EmitByte(ModRMByte(2, RegOpcodeField, 4), CurByte, OS);
594 }
595
596 //printf(">> 88\n");
597 //printf(">> CurByte = %u\n", CurByte);
598 // Calculate what the SS field value should be...
599 static const unsigned SSTable[] = { ~0U, 0, 1, ~0U, 2, ~0U, ~0U, ~0U, 3 };
600 unsigned SS = SSTable[Scale.getImm()];
601
602 //printf(">> 99\n");
603 if (BaseReg == 0) {
604 // Handle the SIB byte for the case where there is no base, see Intel
605 // Manual 2A, table 2-7. The displacement has already been output.
606 unsigned IndexRegNo;
607 if (IndexReg.getReg())
608 IndexRegNo = GetX86RegNum(IndexReg);
609 else // Examples: [ESP+1*<noreg>+4] or [scaled idx]+disp32 (MOD=0,BASE=5)
610 IndexRegNo = 4;
611 EmitSIBByte(SS, IndexRegNo, 5, CurByte, OS);
612 } else {
613 unsigned IndexRegNo;
614 if (IndexReg.getReg())
615 IndexRegNo = GetX86RegNum(IndexReg);
616 else
617 IndexRegNo = 4; // For example [ESP+1*<noreg>+4]
618 //printf(">> 10\n");
619 //printf(">> CurByte = %u\n", CurByte);
620 EmitSIBByte(SS, IndexRegNo, GetX86RegNum(Base), CurByte, OS);
621 }
622 //printf(">> ++ CurByte = %u\n", CurByte);
623
624 // Do we need to output a displacement?
625 if (ForceDisp8)
626 EmitImmediate(MI, Disp, MI.getLoc(), 1, FK_Data_1, CurByte, OS, Fixups, KsError, is64BitMode(STI), ImmOffset);
627 else if (ForceDisp32 || Disp.getImm() != 0)
628 EmitImmediate(MI, Disp, MI.getLoc(), 4, MCFixupKind(X86::reloc_signed_4byte),
629 CurByte, OS, Fixups, KsError, is64BitMode(STI));
630 }
631
632 /// EmitVEXOpcodePrefix - AVX instructions are encoded using a opcode prefix
633 /// called VEX.
EmitVEXOpcodePrefix(uint64_t TSFlags,unsigned & CurByte,int MemOperand,const MCInst & MI,const MCInstrDesc & Desc,raw_ostream & OS) const634 bool X86MCCodeEmitter::EmitVEXOpcodePrefix(uint64_t TSFlags, unsigned &CurByte,
635 int MemOperand, const MCInst &MI,
636 const MCInstrDesc &Desc,
637 raw_ostream &OS) const
638 {
639 assert(!(TSFlags & X86II::LOCK) && "Can't have LOCK VEX.");
640
641 uint64_t Encoding = TSFlags & X86II::EncodingMask;
642 bool HasEVEX_K = TSFlags & X86II::EVEX_K;
643 bool HasVEX_4V = TSFlags & X86II::VEX_4V;
644 bool HasVEX_4VOp3 = TSFlags & X86II::VEX_4VOp3;
645 bool HasMemOp4 = TSFlags & X86II::MemOp4;
646 bool HasEVEX_RC = TSFlags & X86II::EVEX_RC;
647
648 // VEX_R: opcode externsion equivalent to REX.R in
649 // 1's complement (inverted) form
650 //
651 // 1: Same as REX_R=0 (must be 1 in 32-bit mode)
652 // 0: Same as REX_R=1 (64 bit mode only)
653 //
654 unsigned char VEX_R = 0x1;
655 unsigned char EVEX_R2 = 0x1;
656
657 // VEX_X: equivalent to REX.X, only used when a
658 // register is used for index in SIB Byte.
659 //
660 // 1: Same as REX.X=0 (must be 1 in 32-bit mode)
661 // 0: Same as REX.X=1 (64-bit mode only)
662 unsigned char VEX_X = 0x1;
663
664 // VEX_B:
665 //
666 // 1: Same as REX_B=0 (ignored in 32-bit mode)
667 // 0: Same as REX_B=1 (64 bit mode only)
668 //
669 unsigned char VEX_B = 0x1;
670
671 // VEX_W: opcode specific (use like REX.W, or used for
672 // opcode extension, or ignored, depending on the opcode byte)
673 unsigned char VEX_W = 0;
674
675 // VEX_5M (VEX m-mmmmm field):
676 //
677 // 0b00000: Reserved for future use
678 // 0b00001: implied 0F leading opcode
679 // 0b00010: implied 0F 38 leading opcode bytes
680 // 0b00011: implied 0F 3A leading opcode bytes
681 // 0b00100-0b11111: Reserved for future use
682 // 0b01000: XOP map select - 08h instructions with imm byte
683 // 0b01001: XOP map select - 09h instructions with no imm byte
684 // 0b01010: XOP map select - 0Ah instructions with imm dword
685 unsigned char VEX_5M = 0;
686
687 // VEX_4V (VEX vvvv field): a register specifier
688 // (in 1's complement form) or 1111 if unused.
689 unsigned char VEX_4V = 0xf;
690 unsigned char EVEX_V2 = 0x1;
691
692 // VEX_L (Vector Length):
693 //
694 // 0: scalar or 128-bit vector
695 // 1: 256-bit vector
696 //
697 unsigned char VEX_L = 0;
698 unsigned char EVEX_L2 = 0;
699
700 // VEX_PP: opcode extension providing equivalent
701 // functionality of a SIMD prefix
702 //
703 // 0b00: None
704 // 0b01: 66
705 // 0b10: F3
706 // 0b11: F2
707 //
708 unsigned char VEX_PP = 0;
709
710 // EVEX_U
711 unsigned char EVEX_U = 1; // Always '1' so far
712
713 // EVEX_z
714 unsigned char EVEX_z = 0;
715
716 // EVEX_b
717 unsigned char EVEX_b = 0;
718
719 // EVEX_rc
720 unsigned char EVEX_rc = 0;
721
722 // EVEX_aaa
723 unsigned char EVEX_aaa = 0;
724
725 bool EncodeRC = false;
726
727 if (TSFlags & X86II::VEX_W)
728 VEX_W = 1;
729
730 if (TSFlags & X86II::VEX_L)
731 VEX_L = 1;
732 if (TSFlags & X86II::EVEX_L2)
733 EVEX_L2 = 1;
734
735 if (HasEVEX_K && (TSFlags & X86II::EVEX_Z))
736 EVEX_z = 1;
737
738 if ((TSFlags & X86II::EVEX_B))
739 EVEX_b = 1;
740
741 switch (TSFlags & X86II::OpPrefixMask) {
742 default: break; // VEX_PP already correct
743 case X86II::PD: VEX_PP = 0x1; break; // 66
744 case X86II::XS: VEX_PP = 0x2; break; // F3
745 case X86II::XD: VEX_PP = 0x3; break; // F2
746 }
747
748 switch (TSFlags & X86II::OpMapMask) {
749 default: llvm_unreachable("Invalid prefix!");
750 case X86II::TB: VEX_5M = 0x1; break; // 0F
751 case X86II::T8: VEX_5M = 0x2; break; // 0F 38
752 case X86II::TA: VEX_5M = 0x3; break; // 0F 3A
753 case X86II::XOP8: VEX_5M = 0x8; break;
754 case X86II::XOP9: VEX_5M = 0x9; break;
755 case X86II::XOPA: VEX_5M = 0xA; break;
756 }
757
758 // Classify VEX_B, VEX_4V, VEX_R, VEX_X
759 unsigned NumOps = Desc.getNumOperands();
760 unsigned CurOp = X86II::getOperandBias(Desc);
761
762 switch (TSFlags & X86II::FormMask) {
763 default: llvm_unreachable("Unexpected form in EmitVEXOpcodePrefix!");
764 case X86II::RawFrm:
765 break;
766 case X86II::MRMDestMem: {
767 // MRMDestMem instructions forms:
768 // MemAddr, src1(ModR/M)
769 // MemAddr, src1(VEX_4V), src2(ModR/M)
770 // MemAddr, src1(ModR/M), imm8
771 //
772 if (X86II::isX86_64ExtendedReg(MI.getOperand(MemOperand +
773 X86::AddrBaseReg).getReg()))
774 VEX_B = 0x0;
775 if (X86II::isX86_64ExtendedReg(MI.getOperand(MemOperand +
776 X86::AddrIndexReg).getReg()))
777 VEX_X = 0x0;
778 if (X86II::is32ExtendedReg(MI.getOperand(MemOperand +
779 X86::AddrIndexReg).getReg()))
780 EVEX_V2 = 0x0;
781
782 CurOp += X86::AddrNumOperands;
783
784 if (HasEVEX_K)
785 EVEX_aaa = getWriteMaskRegisterEncoding(MI, CurOp++);
786
787 if (HasVEX_4V) {
788 VEX_4V = getVEXRegisterEncoding(MI, CurOp);
789 if (X86II::is32ExtendedReg(MI.getOperand(CurOp).getReg()))
790 EVEX_V2 = 0x0;
791 CurOp++;
792 }
793
794 const MCOperand &MO = MI.getOperand(CurOp);
795 if (MO.isReg()) {
796 if (X86II::isX86_64ExtendedReg(MO.getReg()))
797 VEX_R = 0x0;
798 if (X86II::is32ExtendedReg(MO.getReg()))
799 EVEX_R2 = 0x0;
800 }
801 break;
802 }
803 case X86II::MRMSrcMem:
804 // MRMSrcMem instructions forms:
805 // src1(ModR/M), MemAddr
806 // src1(ModR/M), src2(VEX_4V), MemAddr
807 // src1(ModR/M), MemAddr, imm8
808 // src1(ModR/M), MemAddr, src2(VEX_I8IMM)
809 //
810 // FMA4:
811 // dst(ModR/M.reg), src1(VEX_4V), src2(ModR/M), src3(VEX_I8IMM)
812 // dst(ModR/M.reg), src1(VEX_4V), src2(VEX_I8IMM), src3(ModR/M),
813 if (X86II::isX86_64ExtendedReg(MI.getOperand(CurOp).getReg()))
814 VEX_R = 0x0;
815 if (X86II::is32ExtendedReg(MI.getOperand(CurOp).getReg()))
816 EVEX_R2 = 0x0;
817 CurOp++;
818
819 if (HasEVEX_K)
820 EVEX_aaa = getWriteMaskRegisterEncoding(MI, CurOp++);
821
822 if (HasVEX_4V) {
823 VEX_4V = getVEXRegisterEncoding(MI, CurOp);
824 if (X86II::is32ExtendedReg(MI.getOperand(CurOp).getReg()))
825 EVEX_V2 = 0x0;
826 CurOp++;
827 }
828
829 if (X86II::isX86_64ExtendedReg(
830 MI.getOperand(MemOperand+X86::AddrBaseReg).getReg()))
831 VEX_B = 0x0;
832 if (X86II::isX86_64ExtendedReg(
833 MI.getOperand(MemOperand+X86::AddrIndexReg).getReg()))
834 VEX_X = 0x0;
835 if (X86II::is32ExtendedReg(MI.getOperand(MemOperand +
836 X86::AddrIndexReg).getReg()))
837 EVEX_V2 = 0x0;
838
839 if (HasVEX_4VOp3)
840 // Instruction format for 4VOp3:
841 // src1(ModR/M), MemAddr, src3(VEX_4V)
842 // CurOp points to start of the MemoryOperand,
843 // it skips TIED_TO operands if exist, then increments past src1.
844 // CurOp + X86::AddrNumOperands will point to src3.
845 VEX_4V = getVEXRegisterEncoding(MI, CurOp+X86::AddrNumOperands);
846 break;
847 case X86II::MRM0m: case X86II::MRM1m:
848 case X86II::MRM2m: case X86II::MRM3m:
849 case X86II::MRM4m: case X86II::MRM5m:
850 case X86II::MRM6m: case X86II::MRM7m: {
851 // MRM[0-9]m instructions forms:
852 // MemAddr
853 // src1(VEX_4V), MemAddr
854 if (HasVEX_4V) {
855 VEX_4V = getVEXRegisterEncoding(MI, CurOp);
856 if (X86II::is32ExtendedReg(MI.getOperand(CurOp).getReg()))
857 EVEX_V2 = 0x0;
858 CurOp++;
859 }
860
861 if (HasEVEX_K)
862 EVEX_aaa = getWriteMaskRegisterEncoding(MI, CurOp++);
863
864 if (X86II::isX86_64ExtendedReg(
865 MI.getOperand(MemOperand+X86::AddrBaseReg).getReg()))
866 VEX_B = 0x0;
867 if (X86II::isX86_64ExtendedReg(
868 MI.getOperand(MemOperand+X86::AddrIndexReg).getReg()))
869 VEX_X = 0x0;
870 break;
871 }
872 case X86II::MRMSrcReg:
873 // MRMSrcReg instructions forms:
874 // dst(ModR/M), src1(VEX_4V), src2(ModR/M), src3(VEX_I8IMM)
875 // dst(ModR/M), src1(ModR/M)
876 // dst(ModR/M), src1(ModR/M), imm8
877 //
878 // FMA4:
879 // dst(ModR/M.reg), src1(VEX_4V), src2(ModR/M), src3(VEX_I8IMM)
880 // dst(ModR/M.reg), src1(VEX_4V), src2(VEX_I8IMM), src3(ModR/M),
881 if (X86II::isX86_64ExtendedReg(MI.getOperand(CurOp).getReg()))
882 VEX_R = 0x0;
883 if (X86II::is32ExtendedReg(MI.getOperand(CurOp).getReg()))
884 EVEX_R2 = 0x0;
885 CurOp++;
886
887 if (HasEVEX_K)
888 EVEX_aaa = getWriteMaskRegisterEncoding(MI, CurOp++);
889
890 if (HasVEX_4V) {
891 VEX_4V = getVEXRegisterEncoding(MI, CurOp);
892 if (X86II::is32ExtendedReg(MI.getOperand(CurOp).getReg()))
893 EVEX_V2 = 0x0;
894 CurOp++;
895 }
896
897 if (HasMemOp4) // Skip second register source (encoded in I8IMM)
898 CurOp++;
899
900 if (X86II::isX86_64ExtendedReg(MI.getOperand(CurOp).getReg()))
901 VEX_B = 0x0;
902 if (X86II::is32ExtendedReg(MI.getOperand(CurOp).getReg()))
903 VEX_X = 0x0;
904 CurOp++;
905 if (HasVEX_4VOp3)
906 VEX_4V = getVEXRegisterEncoding(MI, CurOp++);
907 if (EVEX_b) {
908 if (HasEVEX_RC) {
909 unsigned RcOperand = NumOps-1;
910 //assert(RcOperand >= CurOp);
911 if (RcOperand < CurOp || !MI.getOperand(RcOperand).isImm())
912 return true;
913 EVEX_rc = MI.getOperand(RcOperand).getImm() & 0x3;
914 }
915 EncodeRC = true;
916 }
917 break;
918 case X86II::MRMDestReg:
919 // MRMDestReg instructions forms:
920 // dst(ModR/M), src(ModR/M)
921 // dst(ModR/M), src(ModR/M), imm8
922 // dst(ModR/M), src1(VEX_4V), src2(ModR/M)
923 if (X86II::isX86_64ExtendedReg(MI.getOperand(CurOp).getReg()))
924 VEX_B = 0x0;
925 if (X86II::is32ExtendedReg(MI.getOperand(CurOp).getReg()))
926 VEX_X = 0x0;
927 CurOp++;
928
929 if (HasEVEX_K)
930 EVEX_aaa = getWriteMaskRegisterEncoding(MI, CurOp++);
931
932 if (HasVEX_4V) {
933 VEX_4V = getVEXRegisterEncoding(MI, CurOp);
934 if (X86II::is32ExtendedReg(MI.getOperand(CurOp).getReg()))
935 EVEX_V2 = 0x0;
936 CurOp++;
937 }
938
939 if (X86II::isX86_64ExtendedReg(MI.getOperand(CurOp).getReg()))
940 VEX_R = 0x0;
941 if (X86II::is32ExtendedReg(MI.getOperand(CurOp).getReg()))
942 EVEX_R2 = 0x0;
943 if (EVEX_b)
944 EncodeRC = true;
945 break;
946 case X86II::MRM0r: case X86II::MRM1r:
947 case X86II::MRM2r: case X86II::MRM3r:
948 case X86II::MRM4r: case X86II::MRM5r:
949 case X86II::MRM6r: case X86II::MRM7r:
950 // MRM0r-MRM7r instructions forms:
951 // dst(VEX_4V), src(ModR/M), imm8
952 if (HasVEX_4V) {
953 VEX_4V = getVEXRegisterEncoding(MI, CurOp);
954 if (X86II::is32ExtendedReg(MI.getOperand(CurOp).getReg()))
955 EVEX_V2 = 0x0;
956 CurOp++;
957 }
958 if (HasEVEX_K)
959 EVEX_aaa = getWriteMaskRegisterEncoding(MI, CurOp++);
960
961 if (X86II::isX86_64ExtendedReg(MI.getOperand(CurOp).getReg()))
962 VEX_B = 0x0;
963 if (X86II::is32ExtendedReg(MI.getOperand(CurOp).getReg()))
964 VEX_X = 0x0;
965 break;
966 }
967
968 if (Encoding == X86II::VEX || Encoding == X86II::XOP) {
969 // VEX opcode prefix can have 2 or 3 bytes
970 //
971 // 3 bytes:
972 // +-----+ +--------------+ +-------------------+
973 // | C4h | | RXB | m-mmmm | | W | vvvv | L | pp |
974 // +-----+ +--------------+ +-------------------+
975 // 2 bytes:
976 // +-----+ +-------------------+
977 // | C5h | | R | vvvv | L | pp |
978 // +-----+ +-------------------+
979 //
980 // XOP uses a similar prefix:
981 // +-----+ +--------------+ +-------------------+
982 // | 8Fh | | RXB | m-mmmm | | W | vvvv | L | pp |
983 // +-----+ +--------------+ +-------------------+
984 unsigned char LastByte = VEX_PP | (VEX_L << 2) | (VEX_4V << 3);
985
986 // Can we use the 2 byte VEX prefix?
987 if (Encoding == X86II::VEX && VEX_B && VEX_X && !VEX_W && (VEX_5M == 1)) {
988 EmitByte(0xC5, CurByte, OS);
989 EmitByte(LastByte | (VEX_R << 7), CurByte, OS);
990 return false;
991 }
992
993 // 3 byte VEX prefix
994 EmitByte(Encoding == X86II::XOP ? 0x8F : 0xC4, CurByte, OS);
995 EmitByte(VEX_R << 7 | VEX_X << 6 | VEX_B << 5 | VEX_5M, CurByte, OS);
996 EmitByte(LastByte | (VEX_W << 7), CurByte, OS);
997 } else {
998 assert(Encoding == X86II::EVEX && "unknown encoding!");
999 // EVEX opcode prefix can have 4 bytes
1000 //
1001 // +-----+ +--------------+ +-------------------+ +------------------------+
1002 // | 62h | | RXBR' | 00mm | | W | vvvv | U | pp | | z | L'L | b | v' | aaa |
1003 // +-----+ +--------------+ +-------------------+ +------------------------+
1004 assert((VEX_5M & 0x3) == VEX_5M
1005 && "More than 2 significant bits in VEX.m-mmmm fields for EVEX!");
1006
1007 VEX_5M &= 0x3;
1008
1009 EmitByte(0x62, CurByte, OS);
1010 EmitByte((VEX_R << 7) |
1011 (VEX_X << 6) |
1012 (VEX_B << 5) |
1013 (EVEX_R2 << 4) |
1014 VEX_5M, CurByte, OS);
1015 EmitByte((VEX_W << 7) |
1016 (VEX_4V << 3) |
1017 (EVEX_U << 2) |
1018 VEX_PP, CurByte, OS);
1019 if (EncodeRC)
1020 EmitByte((EVEX_z << 7) |
1021 (EVEX_rc << 5) |
1022 (EVEX_b << 4) |
1023 (EVEX_V2 << 3) |
1024 EVEX_aaa, CurByte, OS);
1025 else
1026 EmitByte((EVEX_z << 7) |
1027 (EVEX_L2 << 6) |
1028 (VEX_L << 5) |
1029 (EVEX_b << 4) |
1030 (EVEX_V2 << 3) |
1031 EVEX_aaa, CurByte, OS);
1032 }
1033
1034 return false;
1035 }
1036
1037 /// DetermineREXPrefix - Determine if the MCInst has to be encoded with a X86-64
1038 /// REX prefix which specifies 1) 64-bit instructions, 2) non-default operand
1039 /// size, and 3) use of X86-64 extended registers.
DetermineREXPrefix(const MCInst & MI,uint64_t TSFlags,const MCInstrDesc & Desc)1040 static unsigned DetermineREXPrefix(const MCInst &MI, uint64_t TSFlags,
1041 const MCInstrDesc &Desc) {
1042 unsigned REX = 0;
1043 bool UsesHighByteReg = false;
1044
1045 if (TSFlags & X86II::REX_W)
1046 REX |= 1 << 3; // set REX.W
1047
1048 if (MI.getNumOperands() == 0) return REX;
1049
1050 unsigned NumOps = MI.getNumOperands();
1051 // FIXME: MCInst should explicitize the two-addrness.
1052 bool isTwoAddr = NumOps > 1 &&
1053 Desc.getOperandConstraint(1, MCOI::TIED_TO) != -1;
1054
1055 // If it accesses SPL, BPL, SIL, or DIL, then it requires a 0x40 REX prefix.
1056 unsigned i = isTwoAddr ? 1 : 0;
1057 for (; i != NumOps; ++i) {
1058 const MCOperand &MO = MI.getOperand(i);
1059 if (!MO.isReg()) continue;
1060 unsigned Reg = MO.getReg();
1061 if (Reg == X86::AH || Reg == X86::BH || Reg == X86::CH || Reg == X86::DH)
1062 UsesHighByteReg = true;
1063 if (!X86II::isX86_64NonExtLowByteReg(Reg)) continue;
1064 // FIXME: The caller of DetermineREXPrefix slaps this prefix onto anything
1065 // that returns non-zero.
1066 REX |= 0x40; // REX fixed encoding prefix
1067 break;
1068 }
1069
1070 switch (TSFlags & X86II::FormMask) {
1071 case X86II::MRMSrcReg:
1072 if (MI.getOperand(0).isReg() &&
1073 X86II::isX86_64ExtendedReg(MI.getOperand(0).getReg()))
1074 REX |= 1 << 2; // set REX.R
1075 i = isTwoAddr ? 2 : 1;
1076 for (; i != NumOps; ++i) {
1077 const MCOperand &MO = MI.getOperand(i);
1078 if (MO.isReg() && X86II::isX86_64ExtendedReg(MO.getReg()))
1079 REX |= 1 << 0; // set REX.B
1080 }
1081 break;
1082 case X86II::MRMSrcMem: {
1083 if (MI.getOperand(0).isReg() &&
1084 X86II::isX86_64ExtendedReg(MI.getOperand(0).getReg()))
1085 REX |= 1 << 2; // set REX.R
1086 unsigned Bit = 0;
1087 i = isTwoAddr ? 2 : 1;
1088 for (; i != NumOps; ++i) {
1089 const MCOperand &MO = MI.getOperand(i);
1090 if (MO.isReg()) {
1091 if (X86II::isX86_64ExtendedReg(MO.getReg()))
1092 REX |= 1 << Bit; // set REX.B (Bit=0) and REX.X (Bit=1)
1093 Bit++;
1094 }
1095 }
1096 break;
1097 }
1098 case X86II::MRMXm:
1099 case X86II::MRM0m: case X86II::MRM1m:
1100 case X86II::MRM2m: case X86II::MRM3m:
1101 case X86II::MRM4m: case X86II::MRM5m:
1102 case X86II::MRM6m: case X86II::MRM7m:
1103 case X86II::MRMDestMem: {
1104 unsigned e = (isTwoAddr ? X86::AddrNumOperands+1 : X86::AddrNumOperands);
1105 i = isTwoAddr ? 1 : 0;
1106 if (NumOps > e && MI.getOperand(e).isReg() &&
1107 X86II::isX86_64ExtendedReg(MI.getOperand(e).getReg()))
1108 REX |= 1 << 2; // set REX.R
1109 unsigned Bit = 0;
1110 for (; i != e; ++i) {
1111 const MCOperand &MO = MI.getOperand(i);
1112 if (MO.isReg()) {
1113 if (X86II::isX86_64ExtendedReg(MO.getReg()))
1114 REX |= 1 << Bit; // REX.B (Bit=0) and REX.X (Bit=1)
1115 Bit++;
1116 }
1117 }
1118 break;
1119 }
1120 default:
1121 if (MI.getOperand(0).isReg() &&
1122 X86II::isX86_64ExtendedReg(MI.getOperand(0).getReg()))
1123 REX |= 1 << 0; // set REX.B
1124 i = isTwoAddr ? 2 : 1;
1125 for (unsigned e = NumOps; i != e; ++i) {
1126 const MCOperand &MO = MI.getOperand(i);
1127 if (MO.isReg() && X86II::isX86_64ExtendedReg(MO.getReg()))
1128 REX |= 1 << 2; // set REX.R
1129 }
1130 break;
1131 }
1132 if (REX && UsesHighByteReg)
1133 report_fatal_error("Cannot encode high byte register in REX-prefixed instruction");
1134
1135 return REX;
1136 }
1137
1138 /// EmitSegmentOverridePrefix - Emit segment override opcode prefix as needed
1139 // return true on error
EmitSegmentOverridePrefix(unsigned & CurByte,unsigned SegOperand,const MCInst & MI,raw_ostream & OS,int BaseReg) const1140 bool X86MCCodeEmitter::EmitSegmentOverridePrefix(unsigned &CurByte,
1141 unsigned SegOperand,
1142 const MCInst &MI,
1143 raw_ostream &OS,
1144 int BaseReg) const
1145 {
1146 if (!MI.getOperand(SegOperand).isReg())
1147 return true;
1148
1149 // Check for explicit segment override on memory operand.
1150 switch (MI.getOperand(SegOperand).getReg()) {
1151 default: return true;
1152 case 0: break;
1153 case X86::CS: EmitByte(0x2E, CurByte, OS); break;
1154 case X86::SS:
1155 // SS is the default segment register for stack memory operand
1156 if (BaseReg != X86::ESP && BaseReg != X86::EBP)
1157 EmitByte(0x36, CurByte, OS);
1158 break;
1159 case X86::DS: /* ignore default segment DS */ break;
1160 case X86::ES: EmitByte(0x26, CurByte, OS); break;
1161 case X86::FS: EmitByte(0x64, CurByte, OS); break;
1162 case X86::GS: EmitByte(0x65, CurByte, OS); break;
1163 }
1164
1165 return false;
1166 }
1167
1168 /// EmitOpcodePrefix - Emit all instruction prefixes prior to the opcode.
1169 ///
1170 /// MemOperand is the operand # of the start of a memory operand if present. If
1171 /// Not present, it is -1.
EmitOpcodePrefix(uint64_t TSFlags,unsigned & CurByte,int MemOperand,const MCInst & MI,const MCInstrDesc & Desc,const MCSubtargetInfo & STI,raw_ostream & OS) const1172 void X86MCCodeEmitter::EmitOpcodePrefix(uint64_t TSFlags, unsigned &CurByte,
1173 int MemOperand, const MCInst &MI,
1174 const MCInstrDesc &Desc,
1175 const MCSubtargetInfo &STI,
1176 raw_ostream &OS) const
1177 {
1178 // Emit the operand size opcode prefix as needed.
1179 if ((TSFlags & X86II::OpSizeMask) == (is16BitMode(STI) ? X86II::OpSize32
1180 : X86II::OpSize16)) {
1181 if (MI.getOpcode() != X86::MOV16sm)
1182 EmitByte(0x66, CurByte, OS);
1183 }
1184
1185 // Emit the LOCK opcode prefix.
1186 if (TSFlags & X86II::LOCK)
1187 EmitByte(0xF0, CurByte, OS);
1188
1189 switch (TSFlags & X86II::OpPrefixMask) {
1190 case X86II::PD: // 66
1191 EmitByte(0x66, CurByte, OS);
1192 break;
1193 case X86II::XS: // F3
1194 EmitByte(0xF3, CurByte, OS);
1195 break;
1196 case X86II::XD: // F2
1197 EmitByte(0xF2, CurByte, OS);
1198 break;
1199 }
1200
1201 // Handle REX prefix.
1202 // FIXME: Can this come before F2 etc to simplify emission?
1203 if (is64BitMode(STI)) {
1204 if (unsigned REX = DetermineREXPrefix(MI, TSFlags, Desc))
1205 EmitByte(0x40 | REX, CurByte, OS);
1206 }
1207
1208 // 0x0F escape code must be emitted just before the opcode.
1209 switch (TSFlags & X86II::OpMapMask) {
1210 case X86II::TB: // Two-byte opcode map
1211 case X86II::T8: // 0F 38
1212 case X86II::TA: // 0F 3A
1213 EmitByte(0x0F, CurByte, OS);
1214 break;
1215 }
1216
1217 switch (TSFlags & X86II::OpMapMask) {
1218 case X86II::T8: // 0F 38
1219 EmitByte(0x38, CurByte, OS);
1220 break;
1221 case X86II::TA: // 0F 3A
1222 EmitByte(0x3A, CurByte, OS);
1223 break;
1224 }
1225 }
1226
1227 void X86MCCodeEmitter::
encodeInstruction(MCInst & MI,raw_ostream & OS,SmallVectorImpl<MCFixup> & Fixups,const MCSubtargetInfo & STI,unsigned int & KsError) const1228 encodeInstruction(MCInst &MI, raw_ostream &OS,
1229 SmallVectorImpl<MCFixup> &Fixups,
1230 const MCSubtargetInfo &STI, unsigned int &KsError) const
1231 {
1232 unsigned Opcode = MI.getOpcode();
1233 const MCInstrDesc &Desc = MCII.get(Opcode);
1234 uint64_t TSFlags = Desc.TSFlags;
1235
1236 KsError = 0;
1237
1238 // Pseudo instructions don't get encoded.
1239 if ((TSFlags & X86II::FormMask) == X86II::Pseudo)
1240 return;
1241
1242 unsigned NumOps = Desc.getNumOperands();
1243 unsigned CurOp = X86II::getOperandBias(Desc);
1244
1245 // Keep track of the current byte being emitted.
1246 unsigned CurByte = 0;
1247
1248 // Encoding type for this instruction.
1249 uint64_t Encoding = TSFlags & X86II::EncodingMask;
1250
1251 // It uses the VEX.VVVV field?
1252 bool HasVEX_4V = TSFlags & X86II::VEX_4V;
1253 bool HasVEX_4VOp3 = TSFlags & X86II::VEX_4VOp3;
1254 bool HasMemOp4 = TSFlags & X86II::MemOp4;
1255 const unsigned MemOp4_I8IMMOperand = 2;
1256 unsigned BaseReg = 0;
1257 unsigned SegReg = 0;
1258
1259 // It uses the EVEX.aaa field?
1260 bool HasEVEX_K = TSFlags & X86II::EVEX_K;
1261 bool HasEVEX_RC = TSFlags & X86II::EVEX_RC;
1262
1263 // Determine where the memory operand starts, if present.
1264 int MemoryOperand = X86II::getMemoryOperandNo(TSFlags, Opcode);
1265 if (MemoryOperand != -1) MemoryOperand += CurOp;
1266
1267 // Emit segment override opcode prefix as needed.
1268 if (MemoryOperand >= 0) {
1269 const MCOperand &Base = MI.getOperand(MemoryOperand + X86::AddrBaseReg);
1270 const MCOperand &Seg = MI.getOperand(MemoryOperand + X86::AddrSegmentReg);
1271
1272 BaseReg = Base.getReg();
1273 SegReg = Seg.getReg();
1274
1275 if ((SegReg != X86::SS) || (BaseReg != X86::ESP && BaseReg != X86::EBP)) {
1276 if (EmitSegmentOverridePrefix(CurByte, MemoryOperand+X86::AddrSegmentReg,
1277 MI, OS)) {
1278 KsError = KS_ERR_ASM_INVALIDOPERAND;
1279 return;
1280 }
1281 }
1282 }
1283
1284 // Emit the repeat opcode prefix as needed.
1285 if (TSFlags & X86II::REP)
1286 EmitByte(0xF3, CurByte, OS);
1287
1288 // Emit the address size opcode prefix as needed.
1289 bool need_address_override;
1290 uint64_t AdSize = TSFlags & X86II::AdSizeMask;
1291 if ((is16BitMode(STI) && AdSize == X86II::AdSize32) ||
1292 (is32BitMode(STI) && AdSize == X86II::AdSize16) ||
1293 (is64BitMode(STI) && AdSize == X86II::AdSize32)) {
1294 need_address_override = true;
1295 } else if (MemoryOperand < 0) {
1296 need_address_override = false;
1297 } else if (is64BitMode(STI)) {
1298 //assert(!Is16BitMemOperand(MI, MemoryOperand, STI));
1299 if (Is16BitMemOperand(MI, MemoryOperand, STI)) {
1300 KsError = KS_ERR_ASM_INSN_UNSUPPORTED;
1301 return;
1302 }
1303 need_address_override = Is32BitMemOperand(MI, MemoryOperand);
1304 } else if (is32BitMode(STI)) {
1305 //assert(!Is64BitMemOperand(MI, MemoryOperand));
1306 if (Is64BitMemOperand(MI, MemoryOperand)) {
1307 KsError = KS_ERR_ASM_INSN_UNSUPPORTED;
1308 return;
1309 }
1310 need_address_override = Is16BitMemOperand(MI, MemoryOperand, STI);
1311 } else {
1312 //assert(is16BitMode(STI));
1313 //assert(!Is64BitMemOperand(MI, MemoryOperand));
1314 if (!is16BitMode(STI) || Is64BitMemOperand(MI, MemoryOperand)) {
1315 KsError = KS_ERR_ASM_INSN_UNSUPPORTED;
1316 return;
1317 }
1318 need_address_override = !Is16BitMemOperand(MI, MemoryOperand, STI);
1319 }
1320
1321 if (need_address_override)
1322 EmitByte(0x67, CurByte, OS);
1323
1324 if (Encoding == 0)
1325 EmitOpcodePrefix(TSFlags, CurByte, MemoryOperand, MI, Desc, STI, OS);
1326 else {
1327 if (EmitVEXOpcodePrefix(TSFlags, CurByte, MemoryOperand, MI, Desc, OS)) {
1328 KsError = KS_ERR_ASM_INVALIDOPERAND;
1329 return;
1330 }
1331 }
1332
1333 unsigned char BaseOpcode = X86II::getBaseOpcodeFor(TSFlags);
1334
1335 if (TSFlags & X86II::Has3DNow0F0FOpcode)
1336 BaseOpcode = 0x0F; // Weird 3DNow! encoding.
1337
1338 unsigned SrcRegNum = 0;
1339 switch (TSFlags & X86II::FormMask) {
1340 default: errs() << "FORM: " << (TSFlags & X86II::FormMask) << "\n";
1341 llvm_unreachable("Unknown FormMask value in X86MCCodeEmitter!");
1342 case X86II::Pseudo:
1343 llvm_unreachable("Pseudo instruction shouldn't be emitted");
1344 case X86II::RawFrmDstSrc: {
1345 //printf(">> aa\n");
1346 unsigned siReg = MI.getOperand(1).getReg();
1347 //assert(((siReg == X86::SI && MI.getOperand(0).getReg() == X86::DI) ||
1348 // (siReg == X86::ESI && MI.getOperand(0).getReg() == X86::EDI) ||
1349 // (siReg == X86::RSI && MI.getOperand(0).getReg() == X86::RDI)) &&
1350 // "SI and DI register sizes do not match");
1351 if (!(siReg == X86::SI && MI.getOperand(0).getReg() == X86::DI) &&
1352 !(siReg == X86::ESI && MI.getOperand(0).getReg() == X86::EDI) &&
1353 !(siReg == X86::RSI && MI.getOperand(0).getReg() == X86::RDI)) {
1354 KsError = KS_ERR_ASM_INSN_UNSUPPORTED;
1355 return;
1356 }
1357 // Emit segment override opcode prefix as needed (not for %ds).
1358 if (MI.getOperand(2).getReg() != X86::DS)
1359 EmitSegmentOverridePrefix(CurByte, 2, MI, OS);
1360 // Emit AdSize prefix as needed.
1361 if ((!is32BitMode(STI) && siReg == X86::ESI) ||
1362 (is32BitMode(STI) && siReg == X86::SI))
1363 EmitByte(0x67, CurByte, OS);
1364 CurOp += 3; // Consume operands.
1365 EmitByte(BaseOpcode, CurByte, OS);
1366 break;
1367 }
1368 case X86II::RawFrmSrc: {
1369 //printf(">> bb\n");
1370 unsigned siReg = MI.getOperand(0).getReg();
1371 // Emit segment override opcode prefix as needed (not for %ds).
1372 if (MI.getOperand(1).getReg() != X86::DS)
1373 EmitSegmentOverridePrefix(CurByte, 1, MI, OS);
1374 // Emit AdSize prefix as needed.
1375 if ((!is32BitMode(STI) && siReg == X86::ESI) ||
1376 (is32BitMode(STI) && siReg == X86::SI))
1377 EmitByte(0x67, CurByte, OS);
1378 CurOp += 2; // Consume operands.
1379 EmitByte(BaseOpcode, CurByte, OS);
1380 break;
1381 }
1382 case X86II::RawFrmDst: {
1383 //printf(">> cc\n");
1384 unsigned siReg = MI.getOperand(0).getReg();
1385 // Emit AdSize prefix as needed.
1386 if ((!is32BitMode(STI) && siReg == X86::EDI) ||
1387 (is32BitMode(STI) && siReg == X86::DI))
1388 EmitByte(0x67, CurByte, OS);
1389 ++CurOp; // Consume operand.
1390 EmitByte(BaseOpcode, CurByte, OS);
1391 break;
1392 }
1393 case X86II::RawFrm:
1394 //printf(">> dd\n");
1395 EmitByte(BaseOpcode, CurByte, OS);
1396 break;
1397 case X86II::RawFrmMemOffs:
1398 //printf(">> ee\n");
1399 // Emit segment override opcode prefix as needed.
1400 EmitSegmentOverridePrefix(CurByte, 1, MI, OS);
1401 EmitByte(BaseOpcode, CurByte, OS);
1402 EmitImmediate(MI, MI.getOperand(CurOp++), MI.getLoc(),
1403 X86II::getSizeOfImm(TSFlags), getImmFixupKind(TSFlags),
1404 CurByte, OS, Fixups, KsError, is64BitMode(STI));
1405 ++CurOp; // skip segment operand
1406 break;
1407 case X86II::RawFrmImm8:
1408 //printf(">> ff\n");
1409 EmitByte(BaseOpcode, CurByte, OS);
1410 EmitImmediate(MI, MI.getOperand(CurOp++), MI.getLoc(),
1411 X86II::getSizeOfImm(TSFlags), getImmFixupKind(TSFlags),
1412 CurByte, OS, Fixups, KsError, is64BitMode(STI));
1413 EmitImmediate(MI, MI.getOperand(CurOp++), MI.getLoc(), 1, FK_Data_1, CurByte,
1414 OS, Fixups, KsError, is64BitMode(STI));
1415 break;
1416 case X86II::RawFrmImm16:
1417 //printf(">> gg\n");
1418 EmitByte(BaseOpcode, CurByte, OS);
1419 EmitImmediate(MI, MI.getOperand(CurOp++), MI.getLoc(),
1420 X86II::getSizeOfImm(TSFlags), getImmFixupKind(TSFlags),
1421 CurByte, OS, Fixups, KsError, is64BitMode(STI));
1422 EmitImmediate(MI, MI.getOperand(CurOp++), MI.getLoc(), 2, FK_Data_2, CurByte,
1423 OS, Fixups, KsError, is64BitMode(STI));
1424 break;
1425
1426 case X86II::AddRegFrm:
1427 //printf(">> hh = %x\n", BaseOpcode + GetX86RegNum(MI.getOperand(CurOp)));
1428 EmitByte(BaseOpcode + GetX86RegNum(MI.getOperand(CurOp++)), CurByte, OS);
1429 break;
1430
1431 case X86II::MRMDestReg:
1432 //printf(">> jj\n");
1433 EmitByte(BaseOpcode, CurByte, OS);
1434 SrcRegNum = CurOp + 1;
1435
1436 if (HasEVEX_K) // Skip writemask
1437 SrcRegNum++;
1438
1439 if (HasVEX_4V) // Skip 1st src (which is encoded in VEX_VVVV)
1440 ++SrcRegNum;
1441
1442 EmitRegModRMByte(MI.getOperand(CurOp),
1443 GetX86RegNum(MI.getOperand(SrcRegNum)), CurByte, OS);
1444 CurOp = SrcRegNum + 1;
1445 break;
1446
1447 case X86II::MRMDestMem:
1448 //printf(">> kk\n");
1449 EmitByte(BaseOpcode, CurByte, OS);
1450 SrcRegNum = CurOp + X86::AddrNumOperands;
1451
1452 if (HasEVEX_K) // Skip writemask
1453 SrcRegNum++;
1454
1455 if (HasVEX_4V) // Skip 1st src (which is encoded in VEX_VVVV)
1456 ++SrcRegNum;
1457
1458 EmitMemModRMByte(MI, CurOp,
1459 GetX86RegNum(MI.getOperand(SrcRegNum)),
1460 TSFlags, CurByte, OS, Fixups, STI);
1461 CurOp = SrcRegNum + 1;
1462 break;
1463
1464 case X86II::MRMSrcReg:
1465 //printf(">> mm\n");
1466 EmitByte(BaseOpcode, CurByte, OS);
1467 SrcRegNum = CurOp + 1;
1468
1469 if (HasEVEX_K) // Skip writemask
1470 SrcRegNum++;
1471
1472 if (HasVEX_4V) // Skip 1st src (which is encoded in VEX_VVVV)
1473 ++SrcRegNum;
1474
1475 if (HasMemOp4) // Skip 2nd src (which is encoded in I8IMM)
1476 ++SrcRegNum;
1477
1478 EmitRegModRMByte(MI.getOperand(SrcRegNum),
1479 GetX86RegNum(MI.getOperand(CurOp)), CurByte, OS);
1480
1481 // 2 operands skipped with HasMemOp4, compensate accordingly
1482 CurOp = HasMemOp4 ? SrcRegNum : SrcRegNum + 1;
1483 if (HasVEX_4VOp3)
1484 ++CurOp;
1485 // do not count the rounding control operand
1486 if (HasEVEX_RC)
1487 NumOps--;
1488 break;
1489
1490 case X86II::MRMSrcMem: {
1491 //printf(">> nn\n");
1492 int AddrOperands = X86::AddrNumOperands;
1493 unsigned FirstMemOp = CurOp+1;
1494
1495 if (HasEVEX_K) { // Skip writemask
1496 ++AddrOperands;
1497 ++FirstMemOp;
1498 }
1499
1500 if (HasVEX_4V) {
1501 ++AddrOperands;
1502 ++FirstMemOp; // Skip the register source (which is encoded in VEX_VVVV).
1503 }
1504 if (HasMemOp4) // Skip second register source (encoded in I8IMM)
1505 ++FirstMemOp;
1506
1507 EmitByte(BaseOpcode, CurByte, OS);
1508
1509 EmitMemModRMByte(MI, FirstMemOp, GetX86RegNum(MI.getOperand(CurOp)),
1510 TSFlags, CurByte, OS, Fixups, STI);
1511 CurOp += AddrOperands + 1;
1512 if (HasVEX_4VOp3)
1513 ++CurOp;
1514 break;
1515 }
1516
1517 case X86II::MRMXr:
1518 case X86II::MRM0r: case X86II::MRM1r:
1519 case X86II::MRM2r: case X86II::MRM3r:
1520 case X86II::MRM4r: case X86II::MRM5r:
1521 case X86II::MRM6r: case X86II::MRM7r: {
1522 //printf(">> pp\n");
1523 if (HasVEX_4V) // Skip the register dst (which is encoded in VEX_VVVV).
1524 ++CurOp;
1525 if (HasEVEX_K) // Skip writemask
1526 ++CurOp;
1527 EmitByte(BaseOpcode, CurByte, OS);
1528 uint64_t Form = TSFlags & X86II::FormMask;
1529 EmitRegModRMByte(MI.getOperand(CurOp++),
1530 (Form == X86II::MRMXr) ? 0 : Form-X86II::MRM0r,
1531 CurByte, OS);
1532 break;
1533 }
1534
1535 case X86II::MRMXm:
1536 case X86II::MRM0m: case X86II::MRM1m:
1537 case X86II::MRM2m: case X86II::MRM3m:
1538 case X86II::MRM4m: case X86II::MRM5m:
1539 case X86II::MRM6m: case X86II::MRM7m: {
1540 //printf(">> qq\n");
1541 if (HasVEX_4V) // Skip the register dst (which is encoded in VEX_VVVV).
1542 ++CurOp;
1543 if (HasEVEX_K) // Skip writemask
1544 ++CurOp;
1545 EmitByte(BaseOpcode, CurByte, OS);
1546 uint64_t Form = TSFlags & X86II::FormMask;
1547 EmitMemModRMByte(MI, CurOp, (Form == X86II::MRMXm) ? 0 : Form-X86II::MRM0m,
1548 TSFlags, CurByte, OS, Fixups, STI);
1549 CurOp += X86::AddrNumOperands;
1550 break;
1551 }
1552 case X86II::MRM_C0: case X86II::MRM_C1: case X86II::MRM_C2:
1553 case X86II::MRM_C3: case X86II::MRM_C4: case X86II::MRM_C5:
1554 case X86II::MRM_C6: case X86II::MRM_C7: case X86II::MRM_C8:
1555 case X86II::MRM_C9: case X86II::MRM_CA: case X86II::MRM_CB:
1556 case X86II::MRM_CC: case X86II::MRM_CD: case X86II::MRM_CE:
1557 case X86II::MRM_CF: case X86II::MRM_D0: case X86II::MRM_D1:
1558 case X86II::MRM_D2: case X86II::MRM_D3: case X86II::MRM_D4:
1559 case X86II::MRM_D5: case X86II::MRM_D6: case X86II::MRM_D7:
1560 case X86II::MRM_D8: case X86II::MRM_D9: case X86II::MRM_DA:
1561 case X86II::MRM_DB: case X86II::MRM_DC: case X86II::MRM_DD:
1562 case X86II::MRM_DE: case X86II::MRM_DF: case X86II::MRM_E0:
1563 case X86II::MRM_E1: case X86II::MRM_E2: case X86II::MRM_E3:
1564 case X86II::MRM_E4: case X86II::MRM_E5: case X86II::MRM_E6:
1565 case X86II::MRM_E7: case X86II::MRM_E8: case X86II::MRM_E9:
1566 case X86II::MRM_EA: case X86II::MRM_EB: case X86II::MRM_EC:
1567 case X86II::MRM_ED: case X86II::MRM_EE: case X86II::MRM_EF:
1568 case X86II::MRM_F0: case X86II::MRM_F1: case X86II::MRM_F2:
1569 case X86II::MRM_F3: case X86II::MRM_F4: case X86II::MRM_F5:
1570 case X86II::MRM_F6: case X86II::MRM_F7: case X86II::MRM_F8:
1571 case X86II::MRM_F9: case X86II::MRM_FA: case X86II::MRM_FB:
1572 case X86II::MRM_FC: case X86II::MRM_FD: case X86II::MRM_FE:
1573 case X86II::MRM_FF:
1574 //printf(">> ss\n");
1575 EmitByte(BaseOpcode, CurByte, OS);
1576
1577 uint64_t Form = TSFlags & X86II::FormMask;
1578 EmitByte(0xC0 + Form - X86II::MRM_C0, CurByte, OS);
1579 break;
1580 }
1581 //printf(">> tt CurByte = %x\n", CurByte);
1582
1583 // If there is a remaining operand, it must be a trailing immediate. Emit it
1584 // according to the right size for the instruction. Some instructions
1585 // (SSE4a extrq and insertq) have two trailing immediates.
1586 while (CurOp != NumOps && NumOps - CurOp <= 2) {
1587 // The last source register of a 4 operand instruction in AVX is encoded
1588 // in bits[7:4] of a immediate byte.
1589 if (TSFlags & X86II::VEX_I8IMM) {
1590 const MCOperand &MO = MI.getOperand(HasMemOp4 ? MemOp4_I8IMMOperand
1591 : CurOp);
1592 ++CurOp;
1593 unsigned RegNum = GetX86RegNum(MO) << 4;
1594 if (X86II::isX86_64ExtendedReg(MO.getReg()))
1595 RegNum |= 1 << 7;
1596 // If there is an additional 5th operand it must be an immediate, which
1597 // is encoded in bits[3:0]
1598 if (CurOp != NumOps) {
1599 const MCOperand &MIMM = MI.getOperand(CurOp++);
1600 if (MIMM.isImm()) {
1601 unsigned Val = MIMM.getImm();
1602 // assert(Val < 16 && "Immediate operand value out of range");
1603 if (Val >= 16) {
1604 KsError = KS_ERR_ASM_INSN_UNSUPPORTED;
1605 return;
1606 }
1607 RegNum |= Val;
1608 }
1609 }
1610 EmitImmediate(MI, MCOperand::createImm(RegNum), MI.getLoc(), 1, FK_Data_1,
1611 CurByte, OS, Fixups, KsError, is64BitMode(STI));
1612 } else {
1613 //printf(">> vv BaseOpcode = %u, Opcode = %u\n", BaseOpcode, Opcode);
1614 EmitImmediate(MI, MI.getOperand(CurOp++), MI.getLoc(),
1615 X86II::getSizeOfImm(TSFlags), getImmFixupKind(TSFlags),
1616 CurByte, OS, Fixups, KsError, is64BitMode(STI));
1617 if (KsError)
1618 break;
1619 }
1620 }
1621
1622 if (KsError == 0 && TSFlags & X86II::Has3DNow0F0FOpcode)
1623 EmitByte(X86II::getBaseOpcodeFor(TSFlags), CurByte, OS);
1624
1625
1626 // Keystone: update Inst.Address to point to the next instruction
1627 MI.setAddress(MI.getAddress() + CurByte);
1628
1629 #ifndef NDEBUG
1630 // FIXME: Verify.
1631 if (/*!Desc.isVariadic() &&*/ CurOp != NumOps) {
1632 errs() << "Cannot encode all operands of: ";
1633 MI.dump();
1634 errs() << '\n';
1635 abort();
1636 }
1637 #endif
1638 }
1639