1 /* i386.c -- Assemble code for the Intel 80386
2    Copyright 1989, 1991, 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999,
3    2000, 2001, 2002, 2003, 2004, 2005
4    Free Software Foundation, Inc.
5 
6    This file is part of GAS, the GNU Assembler.
7 
8    GAS is free software; you can redistribute it and/or modify
9    it under the terms of the GNU General Public License as published by
10    the Free Software Foundation; either version 2, or (at your option)
11    any later version.
12 
13    GAS is distributed in the hope that it will be useful,
14    but WITHOUT ANY WARRANTY; without even the implied warranty of
15    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
16    GNU General Public License for more details.
17 
18    You should have received a copy of the GNU General Public License
19    along with GAS; see the file COPYING.  If not, write to the Free
20    Software Foundation, 51 Franklin Street - Fifth Floor, Boston, MA
21    02110-1301, USA.  */
22 
23 /* Intel 80386 machine specific gas.
24    Written by Eliot Dresselhaus (eliot@mgm.mit.edu).
25    x86_64 support by Jan Hubicka (jh@suse.cz)
26    VIA PadLock support by Michal Ludvig (mludvig@suse.cz)
27    Bugs & suggestions are completely welcome.  This is free software.
28    Please help us make it better.  */
29 
30 #include "as.h"
31 #include "safe-ctype.h"
32 #include "subsegs.h"
33 #include "dwarf2dbg.h"
34 #include "dw2gencfi.h"
35 #include "opcode/i386.h"
36 #include "elf/x86-64.h"
37 
38 #ifndef REGISTER_WARNINGS
39 #define REGISTER_WARNINGS 1
40 #endif
41 
42 #ifndef INFER_ADDR_PREFIX
43 #define INFER_ADDR_PREFIX 1
44 #endif
45 
46 #ifndef SCALE1_WHEN_NO_INDEX
47 /* Specifying a scale factor besides 1 when there is no index is
48    futile.  eg. `mov (%ebx,2),%al' does exactly the same as
49    `mov (%ebx),%al'.  To slavishly follow what the programmer
50    specified, set SCALE1_WHEN_NO_INDEX to 0.  */
51 #define SCALE1_WHEN_NO_INDEX 1
52 #endif
53 
54 #ifndef DEFAULT_ARCH
55 #define DEFAULT_ARCH "i386"
56 #endif
57 
58 #ifndef INLINE
59 #if __GNUC__ >= 2
60 #define INLINE __inline__
61 #else
62 #define INLINE
63 #endif
64 #endif
65 
66 static INLINE unsigned int mode_from_disp_size PARAMS ((unsigned int));
67 static INLINE int fits_in_signed_byte PARAMS ((offsetT));
68 static INLINE int fits_in_unsigned_byte PARAMS ((offsetT));
69 static INLINE int fits_in_unsigned_word PARAMS ((offsetT));
70 static INLINE int fits_in_signed_word PARAMS ((offsetT));
71 static INLINE int fits_in_unsigned_long PARAMS ((offsetT));
72 static INLINE int fits_in_signed_long PARAMS ((offsetT));
73 static int smallest_imm_type PARAMS ((offsetT));
74 static offsetT offset_in_range PARAMS ((offsetT, int));
75 static int add_prefix PARAMS ((unsigned int));
76 static void set_code_flag PARAMS ((int));
77 static void set_16bit_gcc_code_flag PARAMS ((int));
78 static void set_intel_syntax PARAMS ((int));
79 static void set_cpu_arch PARAMS ((int));
80 #ifdef TE_PE
81 static void pe_directive_secrel PARAMS ((int));
82 #endif
83 static char *output_invalid PARAMS ((int c));
84 static int i386_operand PARAMS ((char *operand_string));
85 static int i386_intel_operand PARAMS ((char *operand_string, int got_a_float));
86 static const reg_entry *parse_register PARAMS ((char *reg_string,
87 						char **end_op));
88 static char *parse_insn PARAMS ((char *, char *));
89 static char *parse_operands PARAMS ((char *, const char *));
90 static void swap_operands PARAMS ((void));
91 static void optimize_imm PARAMS ((void));
92 static void optimize_disp PARAMS ((void));
93 static int match_template PARAMS ((void));
94 static int check_string PARAMS ((void));
95 static int process_suffix PARAMS ((void));
96 static int check_byte_reg PARAMS ((void));
97 static int check_long_reg PARAMS ((void));
98 static int check_qword_reg PARAMS ((void));
99 static int check_word_reg PARAMS ((void));
100 static int finalize_imm PARAMS ((void));
101 static int process_operands PARAMS ((void));
102 static const seg_entry *build_modrm_byte PARAMS ((void));
103 static void output_insn PARAMS ((void));
104 static void output_branch PARAMS ((void));
105 static void output_jump PARAMS ((void));
106 static void output_interseg_jump PARAMS ((void));
107 static void output_imm PARAMS ((fragS *insn_start_frag,
108 				offsetT insn_start_off));
109 static void output_disp PARAMS ((fragS *insn_start_frag,
110 				 offsetT insn_start_off));
111 #ifndef I386COFF
112 static void s_bss PARAMS ((int));
113 #endif
114 
115 static const char *default_arch = DEFAULT_ARCH;
116 
117 /* 'md_assemble ()' gathers together information and puts it into a
118    i386_insn.  */
119 
120 union i386_op
121   {
122     expressionS *disps;
123     expressionS *imms;
124     const reg_entry *regs;
125   };
126 
127 struct _i386_insn
128   {
129     /* TM holds the template for the insn were currently assembling.  */
130     template tm;
131 
132     /* SUFFIX holds the instruction mnemonic suffix if given.
133        (e.g. 'l' for 'movl')  */
134     char suffix;
135 
136     /* OPERANDS gives the number of given operands.  */
137     unsigned int operands;
138 
139     /* REG_OPERANDS, DISP_OPERANDS, MEM_OPERANDS, IMM_OPERANDS give the number
140        of given register, displacement, memory operands and immediate
141        operands.  */
142     unsigned int reg_operands, disp_operands, mem_operands, imm_operands;
143 
144     /* TYPES [i] is the type (see above #defines) which tells us how to
145        use OP[i] for the corresponding operand.  */
146     unsigned int types[MAX_OPERANDS];
147 
148     /* Displacement expression, immediate expression, or register for each
149        operand.  */
150     union i386_op op[MAX_OPERANDS];
151 
152     /* Flags for operands.  */
153     unsigned int flags[MAX_OPERANDS];
154 #define Operand_PCrel 1
155 
156     /* Relocation type for operand */
157     enum bfd_reloc_code_real reloc[MAX_OPERANDS];
158 
159     /* BASE_REG, INDEX_REG, and LOG2_SCALE_FACTOR are used to encode
160        the base index byte below.  */
161     const reg_entry *base_reg;
162     const reg_entry *index_reg;
163     unsigned int log2_scale_factor;
164 
165     /* SEG gives the seg_entries of this insn.  They are zero unless
166        explicit segment overrides are given.  */
167     const seg_entry *seg[2];
168 
169     /* PREFIX holds all the given prefix opcodes (usually null).
170        PREFIXES is the number of prefix opcodes.  */
171     unsigned int prefixes;
172     unsigned char prefix[MAX_PREFIXES];
173 
174     /* RM and SIB are the modrm byte and the sib byte where the
175        addressing modes of this insn are encoded.  */
176 
177     modrm_byte rm;
178     rex_byte rex;
179     sib_byte sib;
180   };
181 
182 typedef struct _i386_insn i386_insn;
183 
184 /* List of chars besides those in app.c:symbol_chars that can start an
185    operand.  Used to prevent the scrubber eating vital white-space.  */
186 const char extra_symbol_chars[] = "*%-(["
187 #ifdef LEX_AT
188 	"@"
189 #endif
190 #ifdef LEX_QM
191 	"?"
192 #endif
193 	;
194 
195 #if (defined (TE_I386AIX)				\
196      || ((defined (OBJ_ELF) || defined (OBJ_MAYBE_ELF))	\
197 	 && !defined (TE_LINUX)				\
198  	 && !defined (TE_NETWARE)			\
199 	 && !defined (TE_FreeBSD)			\
200 	 && !defined (TE_NetBSD)))
201 /* This array holds the chars that always start a comment.  If the
202    pre-processor is disabled, these aren't very useful.  */
203 const char comment_chars[] = "#/";
204 #define PREFIX_SEPARATOR '\\'
205 
206 /* This array holds the chars that only start a comment at the beginning of
207    a line.  If the line seems to have the form '# 123 filename'
208    .line and .file directives will appear in the pre-processed output.
209    Note that input_file.c hand checks for '#' at the beginning of the
210    first line of the input file.  This is because the compiler outputs
211    #NO_APP at the beginning of its output.
212    Also note that comments started like this one will always work if
213    '/' isn't otherwise defined.  */
214 const char line_comment_chars[] = "#";
215 
216 #else
217 /* Putting '/' here makes it impossible to use the divide operator.
218    However, we need it for compatibility with SVR4 systems.  */
219 const char comment_chars[] = "#";
220 #define PREFIX_SEPARATOR '/'
221 
222 const char line_comment_chars[] = "/#";
223 #endif
224 
225 const char line_separator_chars[] = ";";
226 
227 /* Chars that can be used to separate mant from exp in floating point
228    nums.  */
229 const char EXP_CHARS[] = "eE";
230 
231 /* Chars that mean this number is a floating point constant
232    As in 0f12.456
233    or    0d1.2345e12.  */
234 const char FLT_CHARS[] = "fFdDxX";
235 
236 /* Tables for lexical analysis.  */
237 static char mnemonic_chars[256];
238 static char register_chars[256];
239 static char operand_chars[256];
240 static char identifier_chars[256];
241 static char digit_chars[256];
242 
243 /* Lexical macros.  */
244 #define is_mnemonic_char(x) (mnemonic_chars[(unsigned char) x])
245 #define is_operand_char(x) (operand_chars[(unsigned char) x])
246 #define is_register_char(x) (register_chars[(unsigned char) x])
247 #define is_space_char(x) ((x) == ' ')
248 #define is_identifier_char(x) (identifier_chars[(unsigned char) x])
249 #define is_digit_char(x) (digit_chars[(unsigned char) x])
250 
251 /* All non-digit non-letter characters that may occur in an operand.  */
252 static char operand_special_chars[] = "%$-+(,)*._~/<>|&^!:[@]";
253 
254 /* md_assemble() always leaves the strings it's passed unaltered.  To
255    effect this we maintain a stack of saved characters that we've smashed
256    with '\0's (indicating end of strings for various sub-fields of the
257    assembler instruction).  */
258 static char save_stack[32];
259 static char *save_stack_p;
260 #define END_STRING_AND_SAVE(s) \
261 	do { *save_stack_p++ = *(s); *(s) = '\0'; } while (0)
262 #define RESTORE_END_STRING(s) \
263 	do { *(s) = *--save_stack_p; } while (0)
264 
265 /* The instruction we're assembling.  */
266 static i386_insn i;
267 
268 /* Possible templates for current insn.  */
269 static const templates *current_templates;
270 
271 /* Per instruction expressionS buffers: 2 displacements & 2 immediate max.  */
272 static expressionS disp_expressions[2], im_expressions[2];
273 
274 /* Current operand we are working on.  */
275 static int this_operand;
276 
277 /* We support four different modes.  FLAG_CODE variable is used to distinguish
278    these.  */
279 
280 enum flag_code {
281 	CODE_32BIT,
282 	CODE_16BIT,
283 	CODE_64BIT };
284 #define NUM_FLAG_CODE ((int) CODE_64BIT + 1)
285 
286 static enum flag_code flag_code;
287 static int use_rela_relocations = 0;
288 
289 /* The names used to print error messages.  */
290 static const char *flag_code_names[] =
291   {
292     "32",
293     "16",
294     "64"
295   };
296 
297 /* 1 for intel syntax,
298    0 if att syntax.  */
299 static int intel_syntax = 0;
300 
301 /* 1 if register prefix % not required.  */
302 static int allow_naked_reg = 0;
303 
304 /* Used in 16 bit gcc mode to add an l suffix to call, ret, enter,
305    leave, push, and pop instructions so that gcc has the same stack
306    frame as in 32 bit mode.  */
307 static char stackop_size = '\0';
308 
309 /* Non-zero to optimize code alignment.  */
310 int optimize_align_code = 1;
311 
312 /* Non-zero to quieten some warnings.  */
313 static int quiet_warnings = 0;
314 
315 /* CPU name.  */
316 static const char *cpu_arch_name = NULL;
317 static const char *cpu_sub_arch_name = NULL;
318 
319 /* CPU feature flags.  */
320 static unsigned int cpu_arch_flags = CpuUnknownFlags | CpuNo64;
321 
322 /* If set, conditional jumps are not automatically promoted to handle
323    larger than a byte offset.  */
324 static unsigned int no_cond_jump_promotion = 0;
325 
326 /* Pre-defined "_GLOBAL_OFFSET_TABLE_".  */
327 static symbolS *GOT_symbol;
328 
329 /* The dwarf2 return column, adjusted for 32 or 64 bit.  */
330 unsigned int x86_dwarf2_return_column;
331 
332 /* The dwarf2 data alignment, adjusted for 32 or 64 bit.  */
333 int x86_cie_data_alignment;
334 
335 /* Interface to relax_segment.
336    There are 3 major relax states for 386 jump insns because the
337    different types of jumps add different sizes to frags when we're
338    figuring out what sort of jump to choose to reach a given label.  */
339 
340 /* Types.  */
341 #define UNCOND_JUMP 0
342 #define COND_JUMP 1
343 #define COND_JUMP86 2
344 
345 /* Sizes.  */
346 #define CODE16	1
347 #define SMALL	0
348 #define SMALL16 (SMALL | CODE16)
349 #define BIG	2
350 #define BIG16	(BIG | CODE16)
351 
352 #ifndef INLINE
353 #ifdef __GNUC__
354 #define INLINE __inline__
355 #else
356 #define INLINE
357 #endif
358 #endif
359 
360 #define ENCODE_RELAX_STATE(type, size) \
361   ((relax_substateT) (((type) << 2) | (size)))
362 #define TYPE_FROM_RELAX_STATE(s) \
363   ((s) >> 2)
364 #define DISP_SIZE_FROM_RELAX_STATE(s) \
365     ((((s) & 3) == BIG ? 4 : (((s) & 3) == BIG16 ? 2 : 1)))
366 
367 /* This table is used by relax_frag to promote short jumps to long
368    ones where necessary.  SMALL (short) jumps may be promoted to BIG
369    (32 bit long) ones, and SMALL16 jumps to BIG16 (16 bit long).  We
370    don't allow a short jump in a 32 bit code segment to be promoted to
371    a 16 bit offset jump because it's slower (requires data size
372    prefix), and doesn't work, unless the destination is in the bottom
373    64k of the code segment (The top 16 bits of eip are zeroed).  */
374 
375 const relax_typeS md_relax_table[] =
376 {
377   /* The fields are:
378      1) most positive reach of this state,
379      2) most negative reach of this state,
380      3) how many bytes this mode will have in the variable part of the frag
381      4) which index into the table to try if we can't fit into this one.  */
382 
383   /* UNCOND_JUMP states.  */
384   {127 + 1, -128 + 1, 1, ENCODE_RELAX_STATE (UNCOND_JUMP, BIG)},
385   {127 + 1, -128 + 1, 1, ENCODE_RELAX_STATE (UNCOND_JUMP, BIG16)},
386   /* dword jmp adds 4 bytes to frag:
387      0 extra opcode bytes, 4 displacement bytes.  */
388   {0, 0, 4, 0},
389   /* word jmp adds 2 byte2 to frag:
390      0 extra opcode bytes, 2 displacement bytes.  */
391   {0, 0, 2, 0},
392 
393   /* COND_JUMP states.  */
394   {127 + 1, -128 + 1, 1, ENCODE_RELAX_STATE (COND_JUMP, BIG)},
395   {127 + 1, -128 + 1, 1, ENCODE_RELAX_STATE (COND_JUMP, BIG16)},
396   /* dword conditionals adds 5 bytes to frag:
397      1 extra opcode byte, 4 displacement bytes.  */
398   {0, 0, 5, 0},
399   /* word conditionals add 3 bytes to frag:
400      1 extra opcode byte, 2 displacement bytes.  */
401   {0, 0, 3, 0},
402 
403   /* COND_JUMP86 states.  */
404   {127 + 1, -128 + 1, 1, ENCODE_RELAX_STATE (COND_JUMP86, BIG)},
405   {127 + 1, -128 + 1, 1, ENCODE_RELAX_STATE (COND_JUMP86, BIG16)},
406   /* dword conditionals adds 5 bytes to frag:
407      1 extra opcode byte, 4 displacement bytes.  */
408   {0, 0, 5, 0},
409   /* word conditionals add 4 bytes to frag:
410      1 displacement byte and a 3 byte long branch insn.  */
411   {0, 0, 4, 0}
412 };
413 
414 static const arch_entry cpu_arch[] = {
415   {"i8086",	Cpu086 },
416   {"i186",	Cpu086|Cpu186 },
417   {"i286",	Cpu086|Cpu186|Cpu286 },
418   {"i386",	Cpu086|Cpu186|Cpu286|Cpu386 },
419   {"i486",	Cpu086|Cpu186|Cpu286|Cpu386|Cpu486 },
420   {"i586",	Cpu086|Cpu186|Cpu286|Cpu386|Cpu486|Cpu586 },
421   {"i686",	Cpu086|Cpu186|Cpu286|Cpu386|Cpu486|Cpu586|Cpu686 },
422   {"pentium",	Cpu086|Cpu186|Cpu286|Cpu386|Cpu486|Cpu586 },
423   {"pentiumpro",Cpu086|Cpu186|Cpu286|Cpu386|Cpu486|Cpu586|Cpu686 },
424   {"pentiumii",	Cpu086|Cpu186|Cpu286|Cpu386|Cpu486|Cpu586|Cpu686|CpuMMX },
425   {"pentiumiii",Cpu086|Cpu186|Cpu286|Cpu386|Cpu486|Cpu586|Cpu686|CpuMMX|CpuMMX2|CpuSSE },
426   {"pentium4",	Cpu086|Cpu186|Cpu286|Cpu386|Cpu486|Cpu586|Cpu686|CpuP4|CpuMMX|CpuMMX2|CpuSSE|CpuSSE2 },
427   {"prescott",	Cpu086|Cpu186|Cpu286|Cpu386|Cpu486|Cpu586|Cpu686|CpuP4|CpuMMX|CpuMMX2|CpuSSE|CpuSSE2|CpuPNI },
428   {"k6",	Cpu086|Cpu186|Cpu286|Cpu386|Cpu486|Cpu586|CpuK6|CpuMMX },
429   {"k6_2",	Cpu086|Cpu186|Cpu286|Cpu386|Cpu486|Cpu586|CpuK6|CpuMMX|Cpu3dnow },
430   {"athlon",	Cpu086|Cpu186|Cpu286|Cpu386|Cpu486|Cpu586|Cpu686|CpuK6|CpuAthlon|CpuMMX|CpuMMX2|Cpu3dnow|Cpu3dnowA },
431   {"sledgehammer",Cpu086|Cpu186|Cpu286|Cpu386|Cpu486|Cpu586|Cpu686|CpuK6|CpuAthlon|CpuSledgehammer|CpuMMX|CpuMMX2|Cpu3dnow|Cpu3dnowA|CpuSSE|CpuSSE2 },
432   {"opteron",	Cpu086|Cpu186|Cpu286|Cpu386|Cpu486|Cpu586|Cpu686|CpuK6|CpuAthlon|CpuSledgehammer|CpuMMX|CpuMMX2|Cpu3dnow|Cpu3dnowA|CpuSSE|CpuSSE2 },
433   {".mmx",	CpuMMX },
434   {".sse",	CpuMMX|CpuMMX2|CpuSSE },
435   {".sse2",	CpuMMX|CpuMMX2|CpuSSE|CpuSSE2 },
436   {".sse3",	CpuMMX|CpuMMX2|CpuSSE|CpuSSE2|CpuSSE3 },
437   {".3dnow",	CpuMMX|Cpu3dnow },
438   {".3dnowa",	CpuMMX|CpuMMX2|Cpu3dnow|Cpu3dnowA },
439   {".padlock",	CpuPadLock },
440   {".pacifica",	CpuSVME },
441   {".svme",	CpuSVME },
442   {NULL, 0 }
443 };
444 
445 const pseudo_typeS md_pseudo_table[] =
446 {
447 #if !defined(OBJ_AOUT) && !defined(USE_ALIGN_PTWO)
448   {"align", s_align_bytes, 0},
449 #else
450   {"align", s_align_ptwo, 0},
451 #endif
452   {"arch", set_cpu_arch, 0},
453 #ifndef I386COFF
454   {"bss", s_bss, 0},
455 #endif
456   {"ffloat", float_cons, 'f'},
457   {"dfloat", float_cons, 'd'},
458   {"tfloat", float_cons, 'x'},
459   {"value", cons, 2},
460   {"noopt", s_ignore, 0},
461   {"optim", s_ignore, 0},
462   {"code16gcc", set_16bit_gcc_code_flag, CODE_16BIT},
463   {"code16", set_code_flag, CODE_16BIT},
464   {"code32", set_code_flag, CODE_32BIT},
465   {"code64", set_code_flag, CODE_64BIT},
466   {"intel_syntax", set_intel_syntax, 1},
467   {"att_syntax", set_intel_syntax, 0},
468   {"file", (void (*) PARAMS ((int))) dwarf2_directive_file, 0},
469   {"loc", dwarf2_directive_loc, 0},
470 #ifdef TE_PE
471   {"secrel32", pe_directive_secrel, 0},
472 #endif
473   {0, 0, 0}
474 };
475 
476 /* For interface with expression ().  */
477 extern char *input_line_pointer;
478 
479 /* Hash table for instruction mnemonic lookup.  */
480 static struct hash_control *op_hash;
481 
482 /* Hash table for register lookup.  */
483 static struct hash_control *reg_hash;
484 
485 void
i386_align_code(fragP,count)486 i386_align_code (fragP, count)
487      fragS *fragP;
488      int count;
489 {
490   /* Various efficient no-op patterns for aligning code labels.
491      Note: Don't try to assemble the instructions in the comments.
492      0L and 0w are not legal.  */
493   static const char f32_1[] =
494     {0x90};					/* nop			*/
495   static const char f32_2[] =
496     {0x89,0xf6};				/* movl %esi,%esi	*/
497   static const char f32_3[] =
498     {0x8d,0x76,0x00};				/* leal 0(%esi),%esi	*/
499   static const char f32_4[] =
500     {0x8d,0x74,0x26,0x00};			/* leal 0(%esi,1),%esi	*/
501   static const char f32_5[] =
502     {0x90,					/* nop			*/
503      0x8d,0x74,0x26,0x00};			/* leal 0(%esi,1),%esi	*/
504   static const char f32_6[] =
505     {0x8d,0xb6,0x00,0x00,0x00,0x00};		/* leal 0L(%esi),%esi	*/
506   static const char f32_7[] =
507     {0x8d,0xb4,0x26,0x00,0x00,0x00,0x00};	/* leal 0L(%esi,1),%esi */
508   static const char f32_8[] =
509     {0x90,					/* nop			*/
510      0x8d,0xb4,0x26,0x00,0x00,0x00,0x00};	/* leal 0L(%esi,1),%esi */
511   static const char f32_9[] =
512     {0x89,0xf6,					/* movl %esi,%esi	*/
513      0x8d,0xbc,0x27,0x00,0x00,0x00,0x00};	/* leal 0L(%edi,1),%edi */
514   static const char f32_10[] =
515     {0x8d,0x76,0x00,				/* leal 0(%esi),%esi	*/
516      0x8d,0xbc,0x27,0x00,0x00,0x00,0x00};	/* leal 0L(%edi,1),%edi */
517   static const char f32_11[] =
518     {0x8d,0x74,0x26,0x00,			/* leal 0(%esi,1),%esi	*/
519      0x8d,0xbc,0x27,0x00,0x00,0x00,0x00};	/* leal 0L(%edi,1),%edi */
520   static const char f32_12[] =
521     {0x8d,0xb6,0x00,0x00,0x00,0x00,		/* leal 0L(%esi),%esi	*/
522      0x8d,0xbf,0x00,0x00,0x00,0x00};		/* leal 0L(%edi),%edi	*/
523   static const char f32_13[] =
524     {0x8d,0xb6,0x00,0x00,0x00,0x00,		/* leal 0L(%esi),%esi	*/
525      0x8d,0xbc,0x27,0x00,0x00,0x00,0x00};	/* leal 0L(%edi,1),%edi */
526   static const char f32_14[] =
527     {0x8d,0xb4,0x26,0x00,0x00,0x00,0x00,	/* leal 0L(%esi,1),%esi */
528      0x8d,0xbc,0x27,0x00,0x00,0x00,0x00};	/* leal 0L(%edi,1),%edi */
529   static const char f32_15[] =
530     {0xeb,0x0d,0x90,0x90,0x90,0x90,0x90,	/* jmp .+15; lotsa nops	*/
531      0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90};
532   static const char f16_3[] =
533     {0x8d,0x74,0x00};				/* lea 0(%esi),%esi	*/
534   static const char f16_4[] =
535     {0x8d,0xb4,0x00,0x00};			/* lea 0w(%si),%si	*/
536   static const char f16_5[] =
537     {0x90,					/* nop			*/
538      0x8d,0xb4,0x00,0x00};			/* lea 0w(%si),%si	*/
539   static const char f16_6[] =
540     {0x89,0xf6,					/* mov %si,%si		*/
541      0x8d,0xbd,0x00,0x00};			/* lea 0w(%di),%di	*/
542   static const char f16_7[] =
543     {0x8d,0x74,0x00,				/* lea 0(%si),%si	*/
544      0x8d,0xbd,0x00,0x00};			/* lea 0w(%di),%di	*/
545   static const char f16_8[] =
546     {0x8d,0xb4,0x00,0x00,			/* lea 0w(%si),%si	*/
547      0x8d,0xbd,0x00,0x00};			/* lea 0w(%di),%di	*/
548   static const char *const f32_patt[] = {
549     f32_1, f32_2, f32_3, f32_4, f32_5, f32_6, f32_7, f32_8,
550     f32_9, f32_10, f32_11, f32_12, f32_13, f32_14, f32_15
551   };
552   static const char *const f16_patt[] = {
553     f32_1, f32_2, f16_3, f16_4, f16_5, f16_6, f16_7, f16_8,
554     f32_15, f32_15, f32_15, f32_15, f32_15, f32_15, f32_15
555   };
556 
557   if (count <= 0 || count > 15)
558     return;
559 
560   /* The recommended way to pad 64bit code is to use NOPs preceded by
561      maximally four 0x66 prefixes.  Balance the size of nops.  */
562   if (flag_code == CODE_64BIT)
563     {
564       int i;
565       int nnops = (count + 3) / 4;
566       int len = count / nnops;
567       int remains = count - nnops * len;
568       int pos = 0;
569 
570       for (i = 0; i < remains; i++)
571 	{
572 	  memset (fragP->fr_literal + fragP->fr_fix + pos, 0x66, len);
573 	  fragP->fr_literal[fragP->fr_fix + pos + len] = 0x90;
574 	  pos += len + 1;
575 	}
576       for (; i < nnops; i++)
577 	{
578 	  memset (fragP->fr_literal + fragP->fr_fix + pos, 0x66, len - 1);
579 	  fragP->fr_literal[fragP->fr_fix + pos + len - 1] = 0x90;
580 	  pos += len;
581 	}
582     }
583   else
584     if (flag_code == CODE_16BIT)
585       {
586 	memcpy (fragP->fr_literal + fragP->fr_fix,
587 		f16_patt[count - 1], count);
588 	if (count > 8)
589 	  /* Adjust jump offset.  */
590 	  fragP->fr_literal[fragP->fr_fix + 1] = count - 2;
591       }
592     else
593       memcpy (fragP->fr_literal + fragP->fr_fix,
594 	      f32_patt[count - 1], count);
595   fragP->fr_var = count;
596 }
597 
598 static INLINE unsigned int
mode_from_disp_size(t)599 mode_from_disp_size (t)
600      unsigned int t;
601 {
602   return (t & Disp8) ? 1 : (t & (Disp16 | Disp32 | Disp32S)) ? 2 : 0;
603 }
604 
605 static INLINE int
fits_in_signed_byte(num)606 fits_in_signed_byte (num)
607      offsetT num;
608 {
609   return (num >= -128) && (num <= 127);
610 }
611 
612 static INLINE int
fits_in_unsigned_byte(num)613 fits_in_unsigned_byte (num)
614      offsetT num;
615 {
616   return (num & 0xff) == num;
617 }
618 
619 static INLINE int
fits_in_unsigned_word(num)620 fits_in_unsigned_word (num)
621      offsetT num;
622 {
623   return (num & 0xffff) == num;
624 }
625 
626 static INLINE int
fits_in_signed_word(num)627 fits_in_signed_word (num)
628      offsetT num;
629 {
630   return (-32768 <= num) && (num <= 32767);
631 }
632 static INLINE int
fits_in_signed_long(num)633 fits_in_signed_long (num)
634      offsetT num ATTRIBUTE_UNUSED;
635 {
636 #ifndef BFD64
637   return 1;
638 #else
639   return (!(((offsetT) -1 << 31) & num)
640 	  || (((offsetT) -1 << 31) & num) == ((offsetT) -1 << 31));
641 #endif
642 }				/* fits_in_signed_long() */
643 static INLINE int
fits_in_unsigned_long(num)644 fits_in_unsigned_long (num)
645      offsetT num ATTRIBUTE_UNUSED;
646 {
647 #ifndef BFD64
648   return 1;
649 #else
650   return (num & (((offsetT) 2 << 31) - 1)) == num;
651 #endif
652 }				/* fits_in_unsigned_long() */
653 
654 static int
smallest_imm_type(num)655 smallest_imm_type (num)
656      offsetT num;
657 {
658   if (cpu_arch_flags != (Cpu086 | Cpu186 | Cpu286 | Cpu386 | Cpu486 | CpuNo64))
659     {
660       /* This code is disabled on the 486 because all the Imm1 forms
661 	 in the opcode table are slower on the i486.  They're the
662 	 versions with the implicitly specified single-position
663 	 displacement, which has another syntax if you really want to
664 	 use that form.  */
665       if (num == 1)
666 	return Imm1 | Imm8 | Imm8S | Imm16 | Imm32 | Imm32S | Imm64;
667     }
668   return (fits_in_signed_byte (num)
669 	  ? (Imm8S | Imm8 | Imm16 | Imm32 | Imm32S | Imm64)
670 	  : fits_in_unsigned_byte (num)
671 	  ? (Imm8 | Imm16 | Imm32 | Imm32S | Imm64)
672 	  : (fits_in_signed_word (num) || fits_in_unsigned_word (num))
673 	  ? (Imm16 | Imm32 | Imm32S | Imm64)
674 	  : fits_in_signed_long (num)
675 	  ? (Imm32 | Imm32S | Imm64)
676 	  : fits_in_unsigned_long (num)
677 	  ? (Imm32 | Imm64)
678 	  : Imm64);
679 }
680 
681 static offsetT
offset_in_range(val,size)682 offset_in_range (val, size)
683      offsetT val;
684      int size;
685 {
686   addressT mask;
687 
688   switch (size)
689     {
690     case 1: mask = ((addressT) 1 <<  8) - 1; break;
691     case 2: mask = ((addressT) 1 << 16) - 1; break;
692     case 4: mask = ((addressT) 2 << 31) - 1; break;
693 #ifdef BFD64
694     case 8: mask = ((addressT) 2 << 63) - 1; break;
695 #endif
696     default: abort ();
697     }
698 
699   /* If BFD64, sign extend val.  */
700   if (!use_rela_relocations)
701     if ((val & ~(((addressT) 2 << 31) - 1)) == 0)
702       val = (val ^ ((addressT) 1 << 31)) - ((addressT) 1 << 31);
703 
704   if ((val & ~mask) != 0 && (val & ~mask) != ~mask)
705     {
706       char buf1[40], buf2[40];
707 
708       sprint_value (buf1, val);
709       sprint_value (buf2, val & mask);
710       as_warn (_("%s shortened to %s"), buf1, buf2);
711     }
712   return val & mask;
713 }
714 
715 /* Returns 0 if attempting to add a prefix where one from the same
716    class already exists, 1 if non rep/repne added, 2 if rep/repne
717    added.  */
718 static int
add_prefix(prefix)719 add_prefix (prefix)
720      unsigned int prefix;
721 {
722   int ret = 1;
723   int q;
724 
725   if (prefix >= REX_OPCODE && prefix < REX_OPCODE + 16
726       && flag_code == CODE_64BIT)
727     q = REX_PREFIX;
728   else
729     switch (prefix)
730       {
731       default:
732 	abort ();
733 
734       case CS_PREFIX_OPCODE:
735       case DS_PREFIX_OPCODE:
736       case ES_PREFIX_OPCODE:
737       case FS_PREFIX_OPCODE:
738       case GS_PREFIX_OPCODE:
739       case SS_PREFIX_OPCODE:
740 	q = SEG_PREFIX;
741 	break;
742 
743       case REPNE_PREFIX_OPCODE:
744       case REPE_PREFIX_OPCODE:
745 	ret = 2;
746 	/* fall thru */
747       case LOCK_PREFIX_OPCODE:
748 	q = LOCKREP_PREFIX;
749 	break;
750 
751       case FWAIT_OPCODE:
752 	q = WAIT_PREFIX;
753 	break;
754 
755       case ADDR_PREFIX_OPCODE:
756 	q = ADDR_PREFIX;
757 	break;
758 
759       case DATA_PREFIX_OPCODE:
760 	q = DATA_PREFIX;
761 	break;
762       }
763 
764   if (i.prefix[q] != 0)
765     {
766       as_bad (_("same type of prefix used twice"));
767       return 0;
768     }
769 
770   i.prefixes += 1;
771   i.prefix[q] = prefix;
772   return ret;
773 }
774 
775 static void
set_code_flag(value)776 set_code_flag (value)
777      int value;
778 {
779   flag_code = value;
780   cpu_arch_flags &= ~(Cpu64 | CpuNo64);
781   cpu_arch_flags |= (flag_code == CODE_64BIT ? Cpu64 : CpuNo64);
782   if (value == CODE_64BIT && !(cpu_arch_flags & CpuSledgehammer))
783     {
784       as_bad (_("64bit mode not supported on this CPU."));
785     }
786   if (value == CODE_32BIT && !(cpu_arch_flags & Cpu386))
787     {
788       as_bad (_("32bit mode not supported on this CPU."));
789     }
790   stackop_size = '\0';
791 }
792 
793 static void
set_16bit_gcc_code_flag(new_code_flag)794 set_16bit_gcc_code_flag (new_code_flag)
795      int new_code_flag;
796 {
797   flag_code = new_code_flag;
798   cpu_arch_flags &= ~(Cpu64 | CpuNo64);
799   cpu_arch_flags |= (flag_code == CODE_64BIT ? Cpu64 : CpuNo64);
800   stackop_size = LONG_MNEM_SUFFIX;
801 }
802 
803 static void
set_intel_syntax(syntax_flag)804 set_intel_syntax (syntax_flag)
805      int syntax_flag;
806 {
807   /* Find out if register prefixing is specified.  */
808   int ask_naked_reg = 0;
809 
810   SKIP_WHITESPACE ();
811   if (!is_end_of_line[(unsigned char) *input_line_pointer])
812     {
813       char *string = input_line_pointer;
814       int e = get_symbol_end ();
815 
816       if (strcmp (string, "prefix") == 0)
817 	ask_naked_reg = 1;
818       else if (strcmp (string, "noprefix") == 0)
819 	ask_naked_reg = -1;
820       else
821 	as_bad (_("bad argument to syntax directive."));
822       *input_line_pointer = e;
823     }
824   demand_empty_rest_of_line ();
825 
826   intel_syntax = syntax_flag;
827 
828   if (ask_naked_reg == 0)
829     allow_naked_reg = (intel_syntax
830 		       && (bfd_get_symbol_leading_char (stdoutput) != '\0'));
831   else
832     allow_naked_reg = (ask_naked_reg < 0);
833 
834   identifier_chars['%'] = intel_syntax && allow_naked_reg ? '%' : 0;
835   identifier_chars['$'] = intel_syntax ? '$' : 0;
836 }
837 
838 static void
set_cpu_arch(dummy)839 set_cpu_arch (dummy)
840      int dummy ATTRIBUTE_UNUSED;
841 {
842   SKIP_WHITESPACE ();
843 
844   if (!is_end_of_line[(unsigned char) *input_line_pointer])
845     {
846       char *string = input_line_pointer;
847       int e = get_symbol_end ();
848       int i;
849 
850       for (i = 0; cpu_arch[i].name; i++)
851 	{
852 	  if (strcmp (string, cpu_arch[i].name) == 0)
853 	    {
854 	      if (*string != '.')
855 		{
856 		  cpu_arch_name = cpu_arch[i].name;
857 		  cpu_sub_arch_name = NULL;
858 		  cpu_arch_flags = (cpu_arch[i].flags
859 				    | (flag_code == CODE_64BIT ? Cpu64 : CpuNo64));
860 		  break;
861 		}
862 	      if ((cpu_arch_flags | cpu_arch[i].flags) != cpu_arch_flags)
863 		{
864 		  cpu_sub_arch_name = cpu_arch[i].name;
865 		  cpu_arch_flags |= cpu_arch[i].flags;
866 		}
867 	      *input_line_pointer = e;
868 	      demand_empty_rest_of_line ();
869 	      return;
870 	    }
871 	}
872       if (!cpu_arch[i].name)
873 	as_bad (_("no such architecture: `%s'"), string);
874 
875       *input_line_pointer = e;
876     }
877   else
878     as_bad (_("missing cpu architecture"));
879 
880   no_cond_jump_promotion = 0;
881   if (*input_line_pointer == ','
882       && !is_end_of_line[(unsigned char) input_line_pointer[1]])
883     {
884       char *string = ++input_line_pointer;
885       int e = get_symbol_end ();
886 
887       if (strcmp (string, "nojumps") == 0)
888 	no_cond_jump_promotion = 1;
889       else if (strcmp (string, "jumps") == 0)
890 	;
891       else
892 	as_bad (_("no such architecture modifier: `%s'"), string);
893 
894       *input_line_pointer = e;
895     }
896 
897   demand_empty_rest_of_line ();
898 }
899 
900 unsigned long
i386_mach()901 i386_mach ()
902 {
903   if (!strcmp (default_arch, "x86_64"))
904     return bfd_mach_x86_64;
905   else if (!strcmp (default_arch, "i386"))
906     return bfd_mach_i386_i386;
907   else
908     as_fatal (_("Unknown architecture"));
909 }
910 
911 void
md_begin()912 md_begin ()
913 {
914   const char *hash_err;
915 
916   /* Initialize op_hash hash table.  */
917   op_hash = hash_new ();
918 
919   {
920     const template *optab;
921     templates *core_optab;
922 
923     /* Setup for loop.  */
924     optab = i386_optab;
925     core_optab = (templates *) xmalloc (sizeof (templates));
926     core_optab->start = optab;
927 
928     while (1)
929       {
930 	++optab;
931 	if (optab->name == NULL
932 	    || strcmp (optab->name, (optab - 1)->name) != 0)
933 	  {
934 	    /* different name --> ship out current template list;
935 	       add to hash table; & begin anew.  */
936 	    core_optab->end = optab;
937 	    hash_err = hash_insert (op_hash,
938 				    (optab - 1)->name,
939 				    (PTR) core_optab);
940 	    if (hash_err)
941 	      {
942 		as_fatal (_("Internal Error:  Can't hash %s: %s"),
943 			  (optab - 1)->name,
944 			  hash_err);
945 	      }
946 	    if (optab->name == NULL)
947 	      break;
948 	    core_optab = (templates *) xmalloc (sizeof (templates));
949 	    core_optab->start = optab;
950 	  }
951       }
952   }
953 
954   /* Initialize reg_hash hash table.  */
955   reg_hash = hash_new ();
956   {
957     const reg_entry *regtab;
958 
959     for (regtab = i386_regtab;
960 	 regtab < i386_regtab + sizeof (i386_regtab) / sizeof (i386_regtab[0]);
961 	 regtab++)
962       {
963 	hash_err = hash_insert (reg_hash, regtab->reg_name, (PTR) regtab);
964 	if (hash_err)
965 	  as_fatal (_("Internal Error:  Can't hash %s: %s"),
966 		    regtab->reg_name,
967 		    hash_err);
968       }
969   }
970 
971   /* Fill in lexical tables:  mnemonic_chars, operand_chars.  */
972   {
973     int c;
974     char *p;
975 
976     for (c = 0; c < 256; c++)
977       {
978 	if (ISDIGIT (c))
979 	  {
980 	    digit_chars[c] = c;
981 	    mnemonic_chars[c] = c;
982 	    register_chars[c] = c;
983 	    operand_chars[c] = c;
984 	  }
985 	else if (ISLOWER (c))
986 	  {
987 	    mnemonic_chars[c] = c;
988 	    register_chars[c] = c;
989 	    operand_chars[c] = c;
990 	  }
991 	else if (ISUPPER (c))
992 	  {
993 	    mnemonic_chars[c] = TOLOWER (c);
994 	    register_chars[c] = mnemonic_chars[c];
995 	    operand_chars[c] = c;
996 	  }
997 
998 	if (ISALPHA (c) || ISDIGIT (c))
999 	  identifier_chars[c] = c;
1000 	else if (c >= 128)
1001 	  {
1002 	    identifier_chars[c] = c;
1003 	    operand_chars[c] = c;
1004 	  }
1005       }
1006 
1007 #ifdef LEX_AT
1008     identifier_chars['@'] = '@';
1009 #endif
1010 #ifdef LEX_QM
1011     identifier_chars['?'] = '?';
1012     operand_chars['?'] = '?';
1013 #endif
1014     digit_chars['-'] = '-';
1015     mnemonic_chars['-'] = '-';
1016     identifier_chars['_'] = '_';
1017     identifier_chars['.'] = '.';
1018 
1019     for (p = operand_special_chars; *p != '\0'; p++)
1020       operand_chars[(unsigned char) *p] = *p;
1021   }
1022 
1023 #if defined (OBJ_ELF) || defined (OBJ_MAYBE_ELF)
1024   if (OUTPUT_FLAVOR == bfd_target_elf_flavour)
1025     {
1026       record_alignment (text_section, 2);
1027       record_alignment (data_section, 2);
1028       record_alignment (bss_section, 2);
1029     }
1030 #endif
1031 
1032   if (flag_code == CODE_64BIT)
1033     {
1034       x86_dwarf2_return_column = 16;
1035       x86_cie_data_alignment = -8;
1036     }
1037   else
1038     {
1039       x86_dwarf2_return_column = 8;
1040       x86_cie_data_alignment = -4;
1041     }
1042 }
1043 
1044 void
i386_print_statistics(file)1045 i386_print_statistics (file)
1046      FILE *file;
1047 {
1048   hash_print_statistics (file, "i386 opcode", op_hash);
1049   hash_print_statistics (file, "i386 register", reg_hash);
1050 }
1051 
1052 #ifdef DEBUG386
1053 
1054 /* Debugging routines for md_assemble.  */
1055 static void pi PARAMS ((char *, i386_insn *));
1056 static void pte PARAMS ((template *));
1057 static void pt PARAMS ((unsigned int));
1058 static void pe PARAMS ((expressionS *));
1059 static void ps PARAMS ((symbolS *));
1060 
1061 static void
pi(line,x)1062 pi (line, x)
1063      char *line;
1064      i386_insn *x;
1065 {
1066   unsigned int i;
1067 
1068   fprintf (stdout, "%s: template ", line);
1069   pte (&x->tm);
1070   fprintf (stdout, "  address: base %s  index %s  scale %x\n",
1071 	   x->base_reg ? x->base_reg->reg_name : "none",
1072 	   x->index_reg ? x->index_reg->reg_name : "none",
1073 	   x->log2_scale_factor);
1074   fprintf (stdout, "  modrm:  mode %x  reg %x  reg/mem %x\n",
1075 	   x->rm.mode, x->rm.reg, x->rm.regmem);
1076   fprintf (stdout, "  sib:  base %x  index %x  scale %x\n",
1077 	   x->sib.base, x->sib.index, x->sib.scale);
1078   fprintf (stdout, "  rex: 64bit %x  extX %x  extY %x  extZ %x\n",
1079 	   (x->rex & REX_MODE64) != 0,
1080 	   (x->rex & REX_EXTX) != 0,
1081 	   (x->rex & REX_EXTY) != 0,
1082 	   (x->rex & REX_EXTZ) != 0);
1083   for (i = 0; i < x->operands; i++)
1084     {
1085       fprintf (stdout, "    #%d:  ", i + 1);
1086       pt (x->types[i]);
1087       fprintf (stdout, "\n");
1088       if (x->types[i]
1089 	  & (Reg | SReg2 | SReg3 | Control | Debug | Test | RegMMX | RegXMM))
1090 	fprintf (stdout, "%s\n", x->op[i].regs->reg_name);
1091       if (x->types[i] & Imm)
1092 	pe (x->op[i].imms);
1093       if (x->types[i] & Disp)
1094 	pe (x->op[i].disps);
1095     }
1096 }
1097 
1098 static void
pte(t)1099 pte (t)
1100      template *t;
1101 {
1102   unsigned int i;
1103   fprintf (stdout, " %d operands ", t->operands);
1104   fprintf (stdout, "opcode %x ", t->base_opcode);
1105   if (t->extension_opcode != None)
1106     fprintf (stdout, "ext %x ", t->extension_opcode);
1107   if (t->opcode_modifier & D)
1108     fprintf (stdout, "D");
1109   if (t->opcode_modifier & W)
1110     fprintf (stdout, "W");
1111   fprintf (stdout, "\n");
1112   for (i = 0; i < t->operands; i++)
1113     {
1114       fprintf (stdout, "    #%d type ", i + 1);
1115       pt (t->operand_types[i]);
1116       fprintf (stdout, "\n");
1117     }
1118 }
1119 
1120 static void
pe(e)1121 pe (e)
1122      expressionS *e;
1123 {
1124   fprintf (stdout, "    operation     %d\n", e->X_op);
1125   fprintf (stdout, "    add_number    %ld (%lx)\n",
1126 	   (long) e->X_add_number, (long) e->X_add_number);
1127   if (e->X_add_symbol)
1128     {
1129       fprintf (stdout, "    add_symbol    ");
1130       ps (e->X_add_symbol);
1131       fprintf (stdout, "\n");
1132     }
1133   if (e->X_op_symbol)
1134     {
1135       fprintf (stdout, "    op_symbol    ");
1136       ps (e->X_op_symbol);
1137       fprintf (stdout, "\n");
1138     }
1139 }
1140 
1141 static void
ps(s)1142 ps (s)
1143      symbolS *s;
1144 {
1145   fprintf (stdout, "%s type %s%s",
1146 	   S_GET_NAME (s),
1147 	   S_IS_EXTERNAL (s) ? "EXTERNAL " : "",
1148 	   segment_name (S_GET_SEGMENT (s)));
1149 }
1150 
1151 struct type_name
1152   {
1153     unsigned int mask;
1154     char *tname;
1155   }
1156 
1157 static const type_names[] =
1158 {
1159   { Reg8, "r8" },
1160   { Reg16, "r16" },
1161   { Reg32, "r32" },
1162   { Reg64, "r64" },
1163   { Imm8, "i8" },
1164   { Imm8S, "i8s" },
1165   { Imm16, "i16" },
1166   { Imm32, "i32" },
1167   { Imm32S, "i32s" },
1168   { Imm64, "i64" },
1169   { Imm1, "i1" },
1170   { BaseIndex, "BaseIndex" },
1171   { Disp8, "d8" },
1172   { Disp16, "d16" },
1173   { Disp32, "d32" },
1174   { Disp32S, "d32s" },
1175   { Disp64, "d64" },
1176   { InOutPortReg, "InOutPortReg" },
1177   { ShiftCount, "ShiftCount" },
1178   { Control, "control reg" },
1179   { Test, "test reg" },
1180   { Debug, "debug reg" },
1181   { FloatReg, "FReg" },
1182   { FloatAcc, "FAcc" },
1183   { SReg2, "SReg2" },
1184   { SReg3, "SReg3" },
1185   { Acc, "Acc" },
1186   { JumpAbsolute, "Jump Absolute" },
1187   { RegMMX, "rMMX" },
1188   { RegXMM, "rXMM" },
1189   { EsSeg, "es" },
1190   { 0, "" }
1191 };
1192 
1193 static void
pt(t)1194 pt (t)
1195      unsigned int t;
1196 {
1197   const struct type_name *ty;
1198 
1199   for (ty = type_names; ty->mask; ty++)
1200     if (t & ty->mask)
1201       fprintf (stdout, "%s, ", ty->tname);
1202   fflush (stdout);
1203 }
1204 
1205 #endif /* DEBUG386 */
1206 
1207 static bfd_reloc_code_real_type reloc
1208   PARAMS ((int, int, int, bfd_reloc_code_real_type));
1209 
1210 static bfd_reloc_code_real_type
reloc(size,pcrel,sign,other)1211 reloc (size, pcrel, sign, other)
1212      int size;
1213      int pcrel;
1214      int sign;
1215      bfd_reloc_code_real_type other;
1216 {
1217   if (other != NO_RELOC)
1218     return other;
1219 
1220   if (pcrel)
1221     {
1222       if (!sign)
1223 	as_bad (_("There are no unsigned pc-relative relocations"));
1224       switch (size)
1225 	{
1226 	case 1: return BFD_RELOC_8_PCREL;
1227 	case 2: return BFD_RELOC_16_PCREL;
1228 	case 4: return BFD_RELOC_32_PCREL;
1229 	case 8: return BFD_RELOC_64_PCREL;
1230 	}
1231       as_bad (_("can not do %d byte pc-relative relocation"), size);
1232     }
1233   else
1234     {
1235       if (sign)
1236 	switch (size)
1237 	  {
1238 	  case 4: return BFD_RELOC_X86_64_32S;
1239 	  }
1240       else
1241 	switch (size)
1242 	  {
1243 	  case 1: return BFD_RELOC_8;
1244 	  case 2: return BFD_RELOC_16;
1245 	  case 4: return BFD_RELOC_32;
1246 	  case 8: return BFD_RELOC_64;
1247 	  }
1248       as_bad (_("can not do %s %d byte relocation"),
1249 	      sign ? "signed" : "unsigned", size);
1250     }
1251 
1252   abort ();
1253   return BFD_RELOC_NONE;
1254 }
1255 
1256 /* Here we decide which fixups can be adjusted to make them relative to
1257    the beginning of the section instead of the symbol.  Basically we need
1258    to make sure that the dynamic relocations are done correctly, so in
1259    some cases we force the original symbol to be used.  */
1260 
1261 int
tc_i386_fix_adjustable(fixP)1262 tc_i386_fix_adjustable (fixP)
1263      fixS *fixP ATTRIBUTE_UNUSED;
1264 {
1265 #if defined (OBJ_ELF) || defined (OBJ_MAYBE_ELF)
1266   if (OUTPUT_FLAVOR != bfd_target_elf_flavour)
1267     return 1;
1268 
1269   /* Don't adjust pc-relative references to merge sections in 64-bit
1270      mode.  */
1271   if (use_rela_relocations
1272       && (S_GET_SEGMENT (fixP->fx_addsy)->flags & SEC_MERGE) != 0
1273       && fixP->fx_pcrel)
1274     return 0;
1275 
1276   /* The x86_64 GOTPCREL are represented as 32bit PCrel relocations
1277      and changed later by validate_fix.  */
1278   if (GOT_symbol && fixP->fx_subsy == GOT_symbol
1279       && fixP->fx_r_type == BFD_RELOC_32_PCREL)
1280     return 0;
1281 
1282   /* adjust_reloc_syms doesn't know about the GOT.  */
1283   if (fixP->fx_r_type == BFD_RELOC_386_GOTOFF
1284       || fixP->fx_r_type == BFD_RELOC_386_PLT32
1285       || fixP->fx_r_type == BFD_RELOC_386_GOT32
1286       || fixP->fx_r_type == BFD_RELOC_386_TLS_GD
1287       || fixP->fx_r_type == BFD_RELOC_386_TLS_LDM
1288       || fixP->fx_r_type == BFD_RELOC_386_TLS_LDO_32
1289       || fixP->fx_r_type == BFD_RELOC_386_TLS_IE_32
1290       || fixP->fx_r_type == BFD_RELOC_386_TLS_IE
1291       || fixP->fx_r_type == BFD_RELOC_386_TLS_GOTIE
1292       || fixP->fx_r_type == BFD_RELOC_386_TLS_LE_32
1293       || fixP->fx_r_type == BFD_RELOC_386_TLS_LE
1294       || fixP->fx_r_type == BFD_RELOC_X86_64_PLT32
1295       || fixP->fx_r_type == BFD_RELOC_X86_64_GOT32
1296       || fixP->fx_r_type == BFD_RELOC_X86_64_GOTPCREL
1297       || fixP->fx_r_type == BFD_RELOC_X86_64_TLSGD
1298       || fixP->fx_r_type == BFD_RELOC_X86_64_TLSLD
1299       || fixP->fx_r_type == BFD_RELOC_X86_64_DTPOFF32
1300       || fixP->fx_r_type == BFD_RELOC_X86_64_DTPOFF64
1301       || fixP->fx_r_type == BFD_RELOC_X86_64_GOTTPOFF
1302       || fixP->fx_r_type == BFD_RELOC_X86_64_TPOFF32
1303       || fixP->fx_r_type == BFD_RELOC_X86_64_TPOFF64
1304       || fixP->fx_r_type == BFD_RELOC_X86_64_GOTOFF64
1305       || fixP->fx_r_type == BFD_RELOC_VTABLE_INHERIT
1306       || fixP->fx_r_type == BFD_RELOC_VTABLE_ENTRY)
1307     return 0;
1308 #endif
1309   return 1;
1310 }
1311 
1312 static int intel_float_operand PARAMS ((const char *mnemonic));
1313 
1314 static int
intel_float_operand(mnemonic)1315 intel_float_operand (mnemonic)
1316      const char *mnemonic;
1317 {
1318   /* Note that the value returned is meaningful only for opcodes with (memory)
1319      operands, hence the code here is free to improperly handle opcodes that
1320      have no operands (for better performance and smaller code). */
1321 
1322   if (mnemonic[0] != 'f')
1323     return 0; /* non-math */
1324 
1325   switch (mnemonic[1])
1326     {
1327     /* fclex, fdecstp, fdisi, femms, feni, fincstp, finit, fsetpm, and
1328        the fs segment override prefix not currently handled because no
1329        call path can make opcodes without operands get here */
1330     case 'i':
1331       return 2 /* integer op */;
1332     case 'l':
1333       if (mnemonic[2] == 'd' && (mnemonic[3] == 'c' || mnemonic[3] == 'e'))
1334 	return 3; /* fldcw/fldenv */
1335       break;
1336     case 'n':
1337       if (mnemonic[2] != 'o' /* fnop */)
1338 	return 3; /* non-waiting control op */
1339       break;
1340     case 'r':
1341       if (mnemonic[2] == 's')
1342 	return 3; /* frstor/frstpm */
1343       break;
1344     case 's':
1345       if (mnemonic[2] == 'a')
1346 	return 3; /* fsave */
1347       if (mnemonic[2] == 't')
1348 	{
1349 	  switch (mnemonic[3])
1350 	    {
1351 	    case 'c': /* fstcw */
1352 	    case 'd': /* fstdw */
1353 	    case 'e': /* fstenv */
1354 	    case 's': /* fsts[gw] */
1355 	      return 3;
1356 	    }
1357 	}
1358       break;
1359     case 'x':
1360       if (mnemonic[2] == 'r' || mnemonic[2] == 's')
1361 	return 0; /* fxsave/fxrstor are not really math ops */
1362       break;
1363     }
1364 
1365   return 1;
1366 }
1367 
1368 /* This is the guts of the machine-dependent assembler.  LINE points to a
1369    machine dependent instruction.  This function is supposed to emit
1370    the frags/bytes it assembles to.  */
1371 
1372 void
md_assemble(line)1373 md_assemble (line)
1374      char *line;
1375 {
1376   int j;
1377   char mnemonic[MAX_MNEM_SIZE];
1378 
1379   /* Initialize globals.  */
1380   memset (&i, '\0', sizeof (i));
1381   for (j = 0; j < MAX_OPERANDS; j++)
1382     i.reloc[j] = NO_RELOC;
1383   memset (disp_expressions, '\0', sizeof (disp_expressions));
1384   memset (im_expressions, '\0', sizeof (im_expressions));
1385   save_stack_p = save_stack;
1386 
1387   /* First parse an instruction mnemonic & call i386_operand for the operands.
1388      We assume that the scrubber has arranged it so that line[0] is the valid
1389      start of a (possibly prefixed) mnemonic.  */
1390 
1391   line = parse_insn (line, mnemonic);
1392   if (line == NULL)
1393     return;
1394 
1395   line = parse_operands (line, mnemonic);
1396   if (line == NULL)
1397     return;
1398 
1399   /* Now we've parsed the mnemonic into a set of templates, and have the
1400      operands at hand.  */
1401 
1402   /* All intel opcodes have reversed operands except for "bound" and
1403      "enter".  We also don't reverse intersegment "jmp" and "call"
1404      instructions with 2 immediate operands so that the immediate segment
1405      precedes the offset, as it does when in AT&T mode.  "enter" and the
1406      intersegment "jmp" and "call" instructions are the only ones that
1407      have two immediate operands.  */
1408   if (intel_syntax && i.operands > 1
1409       && (strcmp (mnemonic, "bound") != 0)
1410       && (strcmp (mnemonic, "invlpga") != 0)
1411       && !((i.types[0] & Imm) && (i.types[1] & Imm)))
1412     swap_operands ();
1413 
1414   if (i.imm_operands)
1415     optimize_imm ();
1416 
1417   /* Don't optimize displacement for movabs since it only takes 64bit
1418      displacement.  */
1419   if (i.disp_operands
1420       && (flag_code != CODE_64BIT
1421 	  || strcmp (mnemonic, "movabs") != 0))
1422     optimize_disp ();
1423 
1424   /* Next, we find a template that matches the given insn,
1425      making sure the overlap of the given operands types is consistent
1426      with the template operand types.  */
1427 
1428   if (!match_template ())
1429     return;
1430 
1431   if (intel_syntax)
1432     {
1433       /* Undo SYSV386_COMPAT brokenness when in Intel mode.  See i386.h  */
1434       if (SYSV386_COMPAT
1435 	  && (i.tm.base_opcode & 0xfffffde0) == 0xdce0)
1436 	i.tm.base_opcode ^= FloatR;
1437 
1438       /* Zap movzx and movsx suffix.  The suffix may have been set from
1439 	 "word ptr" or "byte ptr" on the source operand, but we'll use
1440 	 the suffix later to choose the destination register.  */
1441       if ((i.tm.base_opcode & ~9) == 0x0fb6)
1442 	{
1443 	  if (i.reg_operands < 2
1444 	      && !i.suffix
1445 	      && (~i.tm.opcode_modifier
1446 		  & (No_bSuf
1447 		     | No_wSuf
1448 		     | No_lSuf
1449 		     | No_sSuf
1450 		     | No_xSuf
1451 		     | No_qSuf)))
1452 	    as_bad (_("ambiguous operand size for `%s'"), i.tm.name);
1453 
1454 	  i.suffix = 0;
1455 	}
1456     }
1457 
1458   if (i.tm.opcode_modifier & FWait)
1459     if (!add_prefix (FWAIT_OPCODE))
1460       return;
1461 
1462   /* Check string instruction segment overrides.  */
1463   if ((i.tm.opcode_modifier & IsString) != 0 && i.mem_operands != 0)
1464     {
1465       if (!check_string ())
1466 	return;
1467     }
1468 
1469   if (!process_suffix ())
1470     return;
1471 
1472   /* Make still unresolved immediate matches conform to size of immediate
1473      given in i.suffix.  */
1474   if (!finalize_imm ())
1475     return;
1476 
1477   if (i.types[0] & Imm1)
1478     i.imm_operands = 0;	/* kludge for shift insns.  */
1479   if (i.types[0] & ImplicitRegister)
1480     i.reg_operands--;
1481   if (i.types[1] & ImplicitRegister)
1482     i.reg_operands--;
1483   if (i.types[2] & ImplicitRegister)
1484     i.reg_operands--;
1485 
1486   if (i.tm.opcode_modifier & ImmExt)
1487     {
1488       expressionS *exp;
1489 
1490       if ((i.tm.cpu_flags & CpuPNI) && i.operands > 0)
1491 	{
1492 	  /* These Intel Prescott New Instructions have the fixed
1493 	     operands with an opcode suffix which is coded in the same
1494 	     place as an 8-bit immediate field would be. Here we check
1495 	     those operands and remove them afterwards.  */
1496 	  unsigned int x;
1497 
1498 	  for (x = 0; x < i.operands; x++)
1499 	    if (i.op[x].regs->reg_num != x)
1500 	      as_bad (_("can't use register '%%%s' as operand %d in '%s'."),
1501 			i.op[x].regs->reg_name, x + 1, i.tm.name);
1502 	  i.operands = 0;
1503  	}
1504 
1505       /* These AMD 3DNow! and Intel Katmai New Instructions have an
1506 	 opcode suffix which is coded in the same place as an 8-bit
1507 	 immediate field would be.  Here we fake an 8-bit immediate
1508 	 operand from the opcode suffix stored in tm.extension_opcode.  */
1509 
1510       assert (i.imm_operands == 0 && i.operands <= 2 && 2 < MAX_OPERANDS);
1511 
1512       exp = &im_expressions[i.imm_operands++];
1513       i.op[i.operands].imms = exp;
1514       i.types[i.operands++] = Imm8;
1515       exp->X_op = O_constant;
1516       exp->X_add_number = i.tm.extension_opcode;
1517       i.tm.extension_opcode = None;
1518     }
1519 
1520   /* For insns with operands there are more diddles to do to the opcode.  */
1521   if (i.operands)
1522     {
1523       if (!process_operands ())
1524 	return;
1525     }
1526   else if (!quiet_warnings && (i.tm.opcode_modifier & Ugh) != 0)
1527     {
1528       /* UnixWare fsub no args is alias for fsubp, fadd -> faddp, etc.  */
1529       as_warn (_("translating to `%sp'"), i.tm.name);
1530     }
1531 
1532   /* Handle conversion of 'int $3' --> special int3 insn.  */
1533   if (i.tm.base_opcode == INT_OPCODE && i.op[0].imms->X_add_number == 3)
1534     {
1535       i.tm.base_opcode = INT3_OPCODE;
1536       i.imm_operands = 0;
1537     }
1538 
1539   if ((i.tm.opcode_modifier & (Jump | JumpByte | JumpDword))
1540       && i.op[0].disps->X_op == O_constant)
1541     {
1542       /* Convert "jmp constant" (and "call constant") to a jump (call) to
1543 	 the absolute address given by the constant.  Since ix86 jumps and
1544 	 calls are pc relative, we need to generate a reloc.  */
1545       i.op[0].disps->X_add_symbol = &abs_symbol;
1546       i.op[0].disps->X_op = O_symbol;
1547     }
1548 
1549   if ((i.tm.opcode_modifier & Rex64) != 0)
1550     i.rex |= REX_MODE64;
1551 
1552   /* For 8 bit registers we need an empty rex prefix.  Also if the
1553      instruction already has a prefix, we need to convert old
1554      registers to new ones.  */
1555 
1556   if (((i.types[0] & Reg8) != 0
1557        && (i.op[0].regs->reg_flags & RegRex64) != 0)
1558       || ((i.types[1] & Reg8) != 0
1559 	  && (i.op[1].regs->reg_flags & RegRex64) != 0)
1560       || (((i.types[0] & Reg8) != 0 || (i.types[1] & Reg8) != 0)
1561 	  && i.rex != 0))
1562     {
1563       int x;
1564 
1565       i.rex |= REX_OPCODE;
1566       for (x = 0; x < 2; x++)
1567 	{
1568 	  /* Look for 8 bit operand that uses old registers.  */
1569 	  if ((i.types[x] & Reg8) != 0
1570 	      && (i.op[x].regs->reg_flags & RegRex64) == 0)
1571 	    {
1572 	      /* In case it is "hi" register, give up.  */
1573 	      if (i.op[x].regs->reg_num > 3)
1574 		as_bad (_("can't encode register '%%%s' in an instruction requiring REX prefix."),
1575 			i.op[x].regs->reg_name);
1576 
1577 	      /* Otherwise it is equivalent to the extended register.
1578 		 Since the encoding doesn't change this is merely
1579 		 cosmetic cleanup for debug output.  */
1580 
1581 	      i.op[x].regs = i.op[x].regs + 8;
1582 	    }
1583 	}
1584     }
1585 
1586   if (i.rex != 0)
1587     add_prefix (REX_OPCODE | i.rex);
1588 
1589   /* We are ready to output the insn.  */
1590   output_insn ();
1591 }
1592 
1593 static char *
parse_insn(line,mnemonic)1594 parse_insn (line, mnemonic)
1595      char *line;
1596      char *mnemonic;
1597 {
1598   char *l = line;
1599   char *token_start = l;
1600   char *mnem_p;
1601   int supported;
1602   const template *t;
1603 
1604   /* Non-zero if we found a prefix only acceptable with string insns.  */
1605   const char *expecting_string_instruction = NULL;
1606 
1607   while (1)
1608     {
1609       mnem_p = mnemonic;
1610       while ((*mnem_p = mnemonic_chars[(unsigned char) *l]) != 0)
1611 	{
1612 	  mnem_p++;
1613 	  if (mnem_p >= mnemonic + MAX_MNEM_SIZE)
1614 	    {
1615 	      as_bad (_("no such instruction: `%s'"), token_start);
1616 	      return NULL;
1617 	    }
1618 	  l++;
1619 	}
1620       if (!is_space_char (*l)
1621 	  && *l != END_OF_INSN
1622 	  && (intel_syntax
1623 	      || (*l != PREFIX_SEPARATOR
1624 		  && *l != ',')))
1625 	{
1626 	  as_bad (_("invalid character %s in mnemonic"),
1627 		  output_invalid (*l));
1628 	  return NULL;
1629 	}
1630       if (token_start == l)
1631 	{
1632 	  if (!intel_syntax && *l == PREFIX_SEPARATOR)
1633 	    as_bad (_("expecting prefix; got nothing"));
1634 	  else
1635 	    as_bad (_("expecting mnemonic; got nothing"));
1636 	  return NULL;
1637 	}
1638 
1639       /* Look up instruction (or prefix) via hash table.  */
1640       current_templates = hash_find (op_hash, mnemonic);
1641 
1642       if (*l != END_OF_INSN
1643 	  && (!is_space_char (*l) || l[1] != END_OF_INSN)
1644 	  && current_templates
1645 	  && (current_templates->start->opcode_modifier & IsPrefix))
1646 	{
1647 	  /* If we are in 16-bit mode, do not allow addr16 or data16.
1648 	     Similarly, in 32-bit mode, do not allow addr32 or data32.  */
1649 	  if ((current_templates->start->opcode_modifier & (Size16 | Size32))
1650 	      && flag_code != CODE_64BIT
1651 	      && (((current_templates->start->opcode_modifier & Size32) != 0)
1652 		  ^ (flag_code == CODE_16BIT)))
1653 	    {
1654 	      as_bad (_("redundant %s prefix"),
1655 		      current_templates->start->name);
1656 	      return NULL;
1657 	    }
1658 	  /* Add prefix, checking for repeated prefixes.  */
1659 	  switch (add_prefix (current_templates->start->base_opcode))
1660 	    {
1661 	    case 0:
1662 	      return NULL;
1663 	    case 2:
1664 	      expecting_string_instruction = current_templates->start->name;
1665 	      break;
1666 	    }
1667 	  /* Skip past PREFIX_SEPARATOR and reset token_start.  */
1668 	  token_start = ++l;
1669 	}
1670       else
1671 	break;
1672     }
1673 
1674   if (!current_templates)
1675     {
1676       /* See if we can get a match by trimming off a suffix.  */
1677       switch (mnem_p[-1])
1678 	{
1679 	case WORD_MNEM_SUFFIX:
1680 	  if (intel_syntax && (intel_float_operand (mnemonic) & 2))
1681 	    i.suffix = SHORT_MNEM_SUFFIX;
1682 	  else
1683 	case BYTE_MNEM_SUFFIX:
1684 	case QWORD_MNEM_SUFFIX:
1685 	  i.suffix = mnem_p[-1];
1686 	  mnem_p[-1] = '\0';
1687 	  current_templates = hash_find (op_hash, mnemonic);
1688 	  break;
1689 	case SHORT_MNEM_SUFFIX:
1690 	case LONG_MNEM_SUFFIX:
1691 	  if (!intel_syntax)
1692 	    {
1693 	      i.suffix = mnem_p[-1];
1694 	      mnem_p[-1] = '\0';
1695 	      current_templates = hash_find (op_hash, mnemonic);
1696 	    }
1697 	  break;
1698 
1699 	  /* Intel Syntax.  */
1700 	case 'd':
1701 	  if (intel_syntax)
1702 	    {
1703 	      if (intel_float_operand (mnemonic) == 1)
1704 		i.suffix = SHORT_MNEM_SUFFIX;
1705 	      else
1706 		i.suffix = LONG_MNEM_SUFFIX;
1707 	      mnem_p[-1] = '\0';
1708 	      current_templates = hash_find (op_hash, mnemonic);
1709 	    }
1710 	  break;
1711 	}
1712       if (!current_templates)
1713 	{
1714 	  as_bad (_("no such instruction: `%s'"), token_start);
1715 	  return NULL;
1716 	}
1717     }
1718 
1719   if (current_templates->start->opcode_modifier & (Jump | JumpByte))
1720     {
1721       /* Check for a branch hint.  We allow ",pt" and ",pn" for
1722 	 predict taken and predict not taken respectively.
1723 	 I'm not sure that branch hints actually do anything on loop
1724 	 and jcxz insns (JumpByte) for current Pentium4 chips.  They
1725 	 may work in the future and it doesn't hurt to accept them
1726 	 now.  */
1727       if (l[0] == ',' && l[1] == 'p')
1728 	{
1729 	  if (l[2] == 't')
1730 	    {
1731 	      if (!add_prefix (DS_PREFIX_OPCODE))
1732 		return NULL;
1733 	      l += 3;
1734 	    }
1735 	  else if (l[2] == 'n')
1736 	    {
1737 	      if (!add_prefix (CS_PREFIX_OPCODE))
1738 		return NULL;
1739 	      l += 3;
1740 	    }
1741 	}
1742     }
1743   /* Any other comma loses.  */
1744   if (*l == ',')
1745     {
1746       as_bad (_("invalid character %s in mnemonic"),
1747 	      output_invalid (*l));
1748       return NULL;
1749     }
1750 
1751   /* Check if instruction is supported on specified architecture.  */
1752   supported = 0;
1753   for (t = current_templates->start; t < current_templates->end; ++t)
1754     {
1755       if (!((t->cpu_flags & ~(Cpu64 | CpuNo64))
1756 	    & ~(cpu_arch_flags & ~(Cpu64 | CpuNo64))))
1757 	  supported |= 1;
1758       if (!(t->cpu_flags & (flag_code == CODE_64BIT ? CpuNo64 : Cpu64)))
1759 	  supported |= 2;
1760     }
1761   if (!(supported & 2))
1762     {
1763       as_bad (flag_code == CODE_64BIT
1764 	      ? _("`%s' is not supported in 64-bit mode")
1765 	      : _("`%s' is only supported in 64-bit mode"),
1766 	      current_templates->start->name);
1767       return NULL;
1768     }
1769   if (!(supported & 1))
1770     {
1771       as_warn (_("`%s' is not supported on `%s%s'"),
1772 	       current_templates->start->name,
1773 	       cpu_arch_name,
1774 	       cpu_sub_arch_name ? cpu_sub_arch_name : "");
1775     }
1776   else if ((Cpu386 & ~cpu_arch_flags) && (flag_code != CODE_16BIT))
1777     {
1778       as_warn (_("use .code16 to ensure correct addressing mode"));
1779     }
1780 
1781   /* Check for rep/repne without a string instruction.  */
1782   if (expecting_string_instruction)
1783     {
1784       static templates override;
1785 
1786       for (t = current_templates->start; t < current_templates->end; ++t)
1787 	if (t->opcode_modifier & IsString)
1788 	  break;
1789       if (t >= current_templates->end)
1790 	{
1791 	  as_bad (_("expecting string instruction after `%s'"),
1792 	        expecting_string_instruction);
1793 	  return NULL;
1794 	}
1795       for (override.start = t; t < current_templates->end; ++t)
1796 	if (!(t->opcode_modifier & IsString))
1797 	  break;
1798       override.end = t;
1799       current_templates = &override;
1800     }
1801 
1802   return l;
1803 }
1804 
1805 static char *
parse_operands(l,mnemonic)1806 parse_operands (l, mnemonic)
1807      char *l;
1808      const char *mnemonic;
1809 {
1810   char *token_start;
1811 
1812   /* 1 if operand is pending after ','.  */
1813   unsigned int expecting_operand = 0;
1814 
1815   /* Non-zero if operand parens not balanced.  */
1816   unsigned int paren_not_balanced;
1817 
1818   while (*l != END_OF_INSN)
1819     {
1820       /* Skip optional white space before operand.  */
1821       if (is_space_char (*l))
1822 	++l;
1823       if (!is_operand_char (*l) && *l != END_OF_INSN)
1824 	{
1825 	  as_bad (_("invalid character %s before operand %d"),
1826 		  output_invalid (*l),
1827 		  i.operands + 1);
1828 	  return NULL;
1829 	}
1830       token_start = l;	/* after white space */
1831       paren_not_balanced = 0;
1832       while (paren_not_balanced || *l != ',')
1833 	{
1834 	  if (*l == END_OF_INSN)
1835 	    {
1836 	      if (paren_not_balanced)
1837 		{
1838 		  if (!intel_syntax)
1839 		    as_bad (_("unbalanced parenthesis in operand %d."),
1840 			    i.operands + 1);
1841 		  else
1842 		    as_bad (_("unbalanced brackets in operand %d."),
1843 			    i.operands + 1);
1844 		  return NULL;
1845 		}
1846 	      else
1847 		break;	/* we are done */
1848 	    }
1849 	  else if (!is_operand_char (*l) && !is_space_char (*l))
1850 	    {
1851 	      as_bad (_("invalid character %s in operand %d"),
1852 		      output_invalid (*l),
1853 		      i.operands + 1);
1854 	      return NULL;
1855 	    }
1856 	  if (!intel_syntax)
1857 	    {
1858 	      if (*l == '(')
1859 		++paren_not_balanced;
1860 	      if (*l == ')')
1861 		--paren_not_balanced;
1862 	    }
1863 	  else
1864 	    {
1865 	      if (*l == '[')
1866 		++paren_not_balanced;
1867 	      if (*l == ']')
1868 		--paren_not_balanced;
1869 	    }
1870 	  l++;
1871 	}
1872       if (l != token_start)
1873 	{			/* Yes, we've read in another operand.  */
1874 	  unsigned int operand_ok;
1875 	  this_operand = i.operands++;
1876 	  if (i.operands > MAX_OPERANDS)
1877 	    {
1878 	      as_bad (_("spurious operands; (%d operands/instruction max)"),
1879 		      MAX_OPERANDS);
1880 	      return NULL;
1881 	    }
1882 	  /* Now parse operand adding info to 'i' as we go along.  */
1883 	  END_STRING_AND_SAVE (l);
1884 
1885 	  if (intel_syntax)
1886 	    operand_ok =
1887 	      i386_intel_operand (token_start,
1888 				  intel_float_operand (mnemonic));
1889 	  else
1890 	    operand_ok = i386_operand (token_start);
1891 
1892 	  RESTORE_END_STRING (l);
1893 	  if (!operand_ok)
1894 	    return NULL;
1895 	}
1896       else
1897 	{
1898 	  if (expecting_operand)
1899 	    {
1900 	    expecting_operand_after_comma:
1901 	      as_bad (_("expecting operand after ','; got nothing"));
1902 	      return NULL;
1903 	    }
1904 	  if (*l == ',')
1905 	    {
1906 	      as_bad (_("expecting operand before ','; got nothing"));
1907 	      return NULL;
1908 	    }
1909 	}
1910 
1911       /* Now *l must be either ',' or END_OF_INSN.  */
1912       if (*l == ',')
1913 	{
1914 	  if (*++l == END_OF_INSN)
1915 	    {
1916 	      /* Just skip it, if it's \n complain.  */
1917 	      goto expecting_operand_after_comma;
1918 	    }
1919 	  expecting_operand = 1;
1920 	}
1921     }
1922   return l;
1923 }
1924 
1925 static void
swap_operands()1926 swap_operands ()
1927 {
1928   union i386_op temp_op;
1929   unsigned int temp_type;
1930   enum bfd_reloc_code_real temp_reloc;
1931   int xchg1 = 0;
1932   int xchg2 = 0;
1933 
1934   if (i.operands == 2)
1935     {
1936       xchg1 = 0;
1937       xchg2 = 1;
1938     }
1939   else if (i.operands == 3)
1940     {
1941       xchg1 = 0;
1942       xchg2 = 2;
1943     }
1944   temp_type = i.types[xchg2];
1945   i.types[xchg2] = i.types[xchg1];
1946   i.types[xchg1] = temp_type;
1947   temp_op = i.op[xchg2];
1948   i.op[xchg2] = i.op[xchg1];
1949   i.op[xchg1] = temp_op;
1950   temp_reloc = i.reloc[xchg2];
1951   i.reloc[xchg2] = i.reloc[xchg1];
1952   i.reloc[xchg1] = temp_reloc;
1953 
1954   if (i.mem_operands == 2)
1955     {
1956       const seg_entry *temp_seg;
1957       temp_seg = i.seg[0];
1958       i.seg[0] = i.seg[1];
1959       i.seg[1] = temp_seg;
1960     }
1961 }
1962 
1963 /* Try to ensure constant immediates are represented in the smallest
1964    opcode possible.  */
1965 static void
optimize_imm()1966 optimize_imm ()
1967 {
1968   char guess_suffix = 0;
1969   int op;
1970 
1971   if (i.suffix)
1972     guess_suffix = i.suffix;
1973   else if (i.reg_operands)
1974     {
1975       /* Figure out a suffix from the last register operand specified.
1976 	 We can't do this properly yet, ie. excluding InOutPortReg,
1977 	 but the following works for instructions with immediates.
1978 	 In any case, we can't set i.suffix yet.  */
1979       for (op = i.operands; --op >= 0;)
1980 	if (i.types[op] & Reg)
1981 	  {
1982 	    if (i.types[op] & Reg8)
1983 	      guess_suffix = BYTE_MNEM_SUFFIX;
1984 	    else if (i.types[op] & Reg16)
1985 	      guess_suffix = WORD_MNEM_SUFFIX;
1986 	    else if (i.types[op] & Reg32)
1987 	      guess_suffix = LONG_MNEM_SUFFIX;
1988 	    else if (i.types[op] & Reg64)
1989 	      guess_suffix = QWORD_MNEM_SUFFIX;
1990 	    break;
1991 	  }
1992     }
1993   else if ((flag_code == CODE_16BIT) ^ (i.prefix[DATA_PREFIX] != 0))
1994     guess_suffix = WORD_MNEM_SUFFIX;
1995 
1996   for (op = i.operands; --op >= 0;)
1997     if (i.types[op] & Imm)
1998       {
1999 	switch (i.op[op].imms->X_op)
2000 	  {
2001 	  case O_constant:
2002 	    /* If a suffix is given, this operand may be shortened.  */
2003 	    switch (guess_suffix)
2004 	      {
2005 	      case LONG_MNEM_SUFFIX:
2006 		i.types[op] |= Imm32 | Imm64;
2007 		break;
2008 	      case WORD_MNEM_SUFFIX:
2009 		i.types[op] |= Imm16 | Imm32S | Imm32 | Imm64;
2010 		break;
2011 	      case BYTE_MNEM_SUFFIX:
2012 		i.types[op] |= Imm16 | Imm8 | Imm8S | Imm32S | Imm32 | Imm64;
2013 		break;
2014 	      }
2015 
2016 	    /* If this operand is at most 16 bits, convert it
2017 	       to a signed 16 bit number before trying to see
2018 	       whether it will fit in an even smaller size.
2019 	       This allows a 16-bit operand such as $0xffe0 to
2020 	       be recognised as within Imm8S range.  */
2021 	    if ((i.types[op] & Imm16)
2022 		&& (i.op[op].imms->X_add_number & ~(offsetT) 0xffff) == 0)
2023 	      {
2024 		i.op[op].imms->X_add_number =
2025 		  (((i.op[op].imms->X_add_number & 0xffff) ^ 0x8000) - 0x8000);
2026 	      }
2027 	    if ((i.types[op] & Imm32)
2028 		&& ((i.op[op].imms->X_add_number & ~(((offsetT) 2 << 31) - 1))
2029 		    == 0))
2030 	      {
2031 		i.op[op].imms->X_add_number = ((i.op[op].imms->X_add_number
2032 						^ ((offsetT) 1 << 31))
2033 					       - ((offsetT) 1 << 31));
2034 	      }
2035 	    i.types[op] |= smallest_imm_type (i.op[op].imms->X_add_number);
2036 
2037 	    /* We must avoid matching of Imm32 templates when 64bit
2038 	       only immediate is available.  */
2039 	    if (guess_suffix == QWORD_MNEM_SUFFIX)
2040 	      i.types[op] &= ~Imm32;
2041 	    break;
2042 
2043 	  case O_absent:
2044 	  case O_register:
2045 	    abort ();
2046 
2047 	    /* Symbols and expressions.  */
2048 	  default:
2049 	    /* Convert symbolic operand to proper sizes for matching.  */
2050 	    switch (guess_suffix)
2051 	      {
2052 	      case QWORD_MNEM_SUFFIX:
2053 		i.types[op] = Imm64 | Imm32S;
2054 		break;
2055 	      case LONG_MNEM_SUFFIX:
2056 		i.types[op] = Imm32;
2057 		break;
2058 	      case WORD_MNEM_SUFFIX:
2059 		i.types[op] = Imm16;
2060 		break;
2061 	      case BYTE_MNEM_SUFFIX:
2062 		i.types[op] = Imm8 | Imm8S;
2063 		break;
2064 	      }
2065 	    break;
2066 	  }
2067       }
2068 }
2069 
2070 /* Try to use the smallest displacement type too.  */
2071 static void
optimize_disp()2072 optimize_disp ()
2073 {
2074   int op;
2075 
2076   for (op = i.operands; --op >= 0;)
2077     if (i.types[op] & Disp)
2078       {
2079 	if (i.op[op].disps->X_op == O_constant)
2080 	  {
2081 	    offsetT disp = i.op[op].disps->X_add_number;
2082 
2083 	    if ((i.types[op] & Disp16)
2084 		&& (disp & ~(offsetT) 0xffff) == 0)
2085 	      {
2086 		/* If this operand is at most 16 bits, convert
2087 		   to a signed 16 bit number and don't use 64bit
2088 		   displacement.  */
2089 		disp = (((disp & 0xffff) ^ 0x8000) - 0x8000);
2090 		i.types[op] &= ~Disp64;
2091 	      }
2092 	    if ((i.types[op] & Disp32)
2093 		&& (disp & ~(((offsetT) 2 << 31) - 1)) == 0)
2094 	      {
2095 		/* If this operand is at most 32 bits, convert
2096 		   to a signed 32 bit number and don't use 64bit
2097 		   displacement.  */
2098 		disp &= (((offsetT) 2 << 31) - 1);
2099 		disp = (disp ^ ((offsetT) 1 << 31)) - ((addressT) 1 << 31);
2100 		i.types[op] &= ~Disp64;
2101 	      }
2102 	    if (!disp && (i.types[op] & BaseIndex))
2103 	      {
2104 		i.types[op] &= ~Disp;
2105 		i.op[op].disps = 0;
2106 		i.disp_operands--;
2107 	      }
2108 	    else if (flag_code == CODE_64BIT)
2109 	      {
2110 		if (fits_in_signed_long (disp))
2111 		  i.types[op] |= Disp32S;
2112 		if (fits_in_unsigned_long (disp))
2113 		  i.types[op] |= Disp32;
2114 	      }
2115 	    if ((i.types[op] & (Disp32 | Disp32S | Disp16))
2116 		&& fits_in_signed_byte (disp))
2117 	      i.types[op] |= Disp8;
2118 	  }
2119 	else
2120 	  /* We only support 64bit displacement on constants.  */
2121 	  i.types[op] &= ~Disp64;
2122       }
2123 }
2124 
2125 static int
match_template()2126 match_template ()
2127 {
2128   /* Points to template once we've found it.  */
2129   const template *t;
2130   unsigned int overlap0, overlap1, overlap2;
2131   unsigned int found_reverse_match;
2132   int suffix_check;
2133 
2134 #define MATCH(overlap, given, template)				\
2135   ((overlap & ~JumpAbsolute)					\
2136    && (((given) & (BaseIndex | JumpAbsolute))			\
2137        == ((overlap) & (BaseIndex | JumpAbsolute))))
2138 
2139   /* If given types r0 and r1 are registers they must be of the same type
2140      unless the expected operand type register overlap is null.
2141      Note that Acc in a template matches every size of reg.  */
2142 #define CONSISTENT_REGISTER_MATCH(m0, g0, t0, m1, g1, t1)	\
2143   (((g0) & Reg) == 0 || ((g1) & Reg) == 0			\
2144    || ((g0) & Reg) == ((g1) & Reg)				\
2145    || ((((m0) & Acc) ? Reg : (t0)) & (((m1) & Acc) ? Reg : (t1)) & Reg) == 0 )
2146 
2147   overlap0 = 0;
2148   overlap1 = 0;
2149   overlap2 = 0;
2150   found_reverse_match = 0;
2151   suffix_check = (i.suffix == BYTE_MNEM_SUFFIX
2152 		  ? No_bSuf
2153 		  : (i.suffix == WORD_MNEM_SUFFIX
2154 		     ? No_wSuf
2155 		     : (i.suffix == SHORT_MNEM_SUFFIX
2156 			? No_sSuf
2157 			: (i.suffix == LONG_MNEM_SUFFIX
2158 			   ? No_lSuf
2159 			   : (i.suffix == QWORD_MNEM_SUFFIX
2160 			      ? No_qSuf
2161 			      : (i.suffix == LONG_DOUBLE_MNEM_SUFFIX
2162 				 ? No_xSuf : 0))))));
2163 
2164   t = current_templates->start;
2165   if (i.suffix == QWORD_MNEM_SUFFIX
2166       && flag_code != CODE_64BIT
2167       && (intel_syntax
2168 	  ? !(t->opcode_modifier & IgnoreSize)
2169 	    && !intel_float_operand (t->name)
2170 	  : intel_float_operand (t->name) != 2)
2171       && (!(t->operand_types[0] & (RegMMX | RegXMM))
2172 	  || !(t->operand_types[t->operands > 1] & (RegMMX | RegXMM)))
2173       && (t->base_opcode != 0x0fc7
2174 	  || t->extension_opcode != 1 /* cmpxchg8b */))
2175     t = current_templates->end;
2176   for (; t < current_templates->end; t++)
2177     {
2178       /* Must have right number of operands.  */
2179       if (i.operands != t->operands)
2180 	continue;
2181 
2182       /* Check the suffix, except for some instructions in intel mode.  */
2183       if ((t->opcode_modifier & suffix_check)
2184 	  && !(intel_syntax
2185 	       && (t->opcode_modifier & IgnoreSize)))
2186 	continue;
2187 
2188       /* Do not verify operands when there are none.  */
2189       else if (!t->operands)
2190 	{
2191 	  if (t->cpu_flags & ~cpu_arch_flags)
2192 	    continue;
2193 	  /* We've found a match; break out of loop.  */
2194 	  break;
2195 	}
2196 
2197       overlap0 = i.types[0] & t->operand_types[0];
2198       switch (t->operands)
2199 	{
2200 	case 1:
2201 	  if (!MATCH (overlap0, i.types[0], t->operand_types[0]))
2202 	    continue;
2203 	  break;
2204 	case 2:
2205 	case 3:
2206 	  overlap1 = i.types[1] & t->operand_types[1];
2207 	  if (!MATCH (overlap0, i.types[0], t->operand_types[0])
2208 	      || !MATCH (overlap1, i.types[1], t->operand_types[1])
2209 	      || !CONSISTENT_REGISTER_MATCH (overlap0, i.types[0],
2210 					     t->operand_types[0],
2211 					     overlap1, i.types[1],
2212 					     t->operand_types[1]))
2213 	    {
2214 	      /* Check if other direction is valid ...  */
2215 	      if ((t->opcode_modifier & (D | FloatD)) == 0)
2216 		continue;
2217 
2218 	      /* Try reversing direction of operands.  */
2219 	      overlap0 = i.types[0] & t->operand_types[1];
2220 	      overlap1 = i.types[1] & t->operand_types[0];
2221 	      if (!MATCH (overlap0, i.types[0], t->operand_types[1])
2222 		  || !MATCH (overlap1, i.types[1], t->operand_types[0])
2223 		  || !CONSISTENT_REGISTER_MATCH (overlap0, i.types[0],
2224 						 t->operand_types[1],
2225 						 overlap1, i.types[1],
2226 						 t->operand_types[0]))
2227 		{
2228 		  /* Does not match either direction.  */
2229 		  continue;
2230 		}
2231 	      /* found_reverse_match holds which of D or FloatDR
2232 		 we've found.  */
2233 	      found_reverse_match = t->opcode_modifier & (D | FloatDR);
2234 	    }
2235 	  /* Found a forward 2 operand match here.  */
2236 	  else if (t->operands == 3)
2237 	    {
2238 	      /* Here we make use of the fact that there are no
2239 		 reverse match 3 operand instructions, and all 3
2240 		 operand instructions only need to be checked for
2241 		 register consistency between operands 2 and 3.  */
2242 	      overlap2 = i.types[2] & t->operand_types[2];
2243 	      if (!MATCH (overlap2, i.types[2], t->operand_types[2])
2244 		  || !CONSISTENT_REGISTER_MATCH (overlap1, i.types[1],
2245 						 t->operand_types[1],
2246 						 overlap2, i.types[2],
2247 						 t->operand_types[2]))
2248 
2249 		continue;
2250 	    }
2251 	  /* Found either forward/reverse 2 or 3 operand match here:
2252 	     slip through to break.  */
2253 	}
2254       if (t->cpu_flags & ~cpu_arch_flags)
2255 	{
2256 	  found_reverse_match = 0;
2257 	  continue;
2258 	}
2259       /* We've found a match; break out of loop.  */
2260       break;
2261     }
2262 
2263   if (t == current_templates->end)
2264     {
2265       /* We found no match.  */
2266       as_bad (_("suffix or operands invalid for `%s'"),
2267 	      current_templates->start->name);
2268       return 0;
2269     }
2270 
2271   if (!quiet_warnings)
2272     {
2273       if (!intel_syntax
2274 	  && ((i.types[0] & JumpAbsolute)
2275 	      != (t->operand_types[0] & JumpAbsolute)))
2276 	{
2277 	  as_warn (_("indirect %s without `*'"), t->name);
2278 	}
2279 
2280       if ((t->opcode_modifier & (IsPrefix | IgnoreSize))
2281 	  == (IsPrefix | IgnoreSize))
2282 	{
2283 	  /* Warn them that a data or address size prefix doesn't
2284 	     affect assembly of the next line of code.  */
2285 	  as_warn (_("stand-alone `%s' prefix"), t->name);
2286 	}
2287     }
2288 
2289   /* Copy the template we found.  */
2290   i.tm = *t;
2291   if (found_reverse_match)
2292     {
2293       /* If we found a reverse match we must alter the opcode
2294 	 direction bit.  found_reverse_match holds bits to change
2295 	 (different for int & float insns).  */
2296 
2297       i.tm.base_opcode ^= found_reverse_match;
2298 
2299       i.tm.operand_types[0] = t->operand_types[1];
2300       i.tm.operand_types[1] = t->operand_types[0];
2301     }
2302 
2303   return 1;
2304 }
2305 
2306 static int
check_string()2307 check_string ()
2308 {
2309   int mem_op = (i.types[0] & AnyMem) ? 0 : 1;
2310   if ((i.tm.operand_types[mem_op] & EsSeg) != 0)
2311     {
2312       if (i.seg[0] != NULL && i.seg[0] != &es)
2313 	{
2314 	  as_bad (_("`%s' operand %d must use `%%es' segment"),
2315 		  i.tm.name,
2316 		  mem_op + 1);
2317 	  return 0;
2318 	}
2319       /* There's only ever one segment override allowed per instruction.
2320 	 This instruction possibly has a legal segment override on the
2321 	 second operand, so copy the segment to where non-string
2322 	 instructions store it, allowing common code.  */
2323       i.seg[0] = i.seg[1];
2324     }
2325   else if ((i.tm.operand_types[mem_op + 1] & EsSeg) != 0)
2326     {
2327       if (i.seg[1] != NULL && i.seg[1] != &es)
2328 	{
2329 	  as_bad (_("`%s' operand %d must use `%%es' segment"),
2330 		  i.tm.name,
2331 		  mem_op + 2);
2332 	  return 0;
2333 	}
2334     }
2335   return 1;
2336 }
2337 
2338 static int
process_suffix(void)2339 process_suffix (void)
2340 {
2341   /* If matched instruction specifies an explicit instruction mnemonic
2342      suffix, use it.  */
2343   if (i.tm.opcode_modifier & (Size16 | Size32 | Size64))
2344     {
2345       if (i.tm.opcode_modifier & Size16)
2346 	i.suffix = WORD_MNEM_SUFFIX;
2347       else if (i.tm.opcode_modifier & Size64)
2348 	i.suffix = QWORD_MNEM_SUFFIX;
2349       else
2350 	i.suffix = LONG_MNEM_SUFFIX;
2351     }
2352   else if (i.reg_operands)
2353     {
2354       /* If there's no instruction mnemonic suffix we try to invent one
2355 	 based on register operands.  */
2356       if (!i.suffix)
2357 	{
2358 	  /* We take i.suffix from the last register operand specified,
2359 	     Destination register type is more significant than source
2360 	     register type.  */
2361 	  int op;
2362 
2363 	  for (op = i.operands; --op >= 0;)
2364 	    if ((i.types[op] & Reg)
2365 		&& !(i.tm.operand_types[op] & InOutPortReg))
2366 	      {
2367 		i.suffix = ((i.types[op] & Reg8) ? BYTE_MNEM_SUFFIX :
2368 			    (i.types[op] & Reg16) ? WORD_MNEM_SUFFIX :
2369 			    (i.types[op] & Reg64) ? QWORD_MNEM_SUFFIX :
2370 			    LONG_MNEM_SUFFIX);
2371 		break;
2372 	      }
2373 	}
2374       else if (i.suffix == BYTE_MNEM_SUFFIX)
2375 	{
2376 	  if (!check_byte_reg ())
2377 	    return 0;
2378 	}
2379       else if (i.suffix == LONG_MNEM_SUFFIX)
2380 	{
2381 	  if (!check_long_reg ())
2382 	    return 0;
2383 	}
2384       else if (i.suffix == QWORD_MNEM_SUFFIX)
2385 	{
2386 	  if (!check_qword_reg ())
2387 	    return 0;
2388 	}
2389       else if (i.suffix == WORD_MNEM_SUFFIX)
2390 	{
2391 	  if (!check_word_reg ())
2392 	    return 0;
2393 	}
2394       else if (intel_syntax && (i.tm.opcode_modifier & IgnoreSize))
2395 	/* Do nothing if the instruction is going to ignore the prefix.  */
2396 	;
2397       else
2398 	abort ();
2399     }
2400   else if ((i.tm.opcode_modifier & DefaultSize)
2401 	   && !i.suffix
2402 	   /* exclude fldenv/frstor/fsave/fstenv */
2403 	   && (i.tm.opcode_modifier & No_sSuf))
2404     {
2405       i.suffix = stackop_size;
2406     }
2407   else if (intel_syntax
2408 	   && !i.suffix
2409 	   && ((i.tm.operand_types[0] & JumpAbsolute)
2410 	    || (i.tm.opcode_modifier & (JumpByte|JumpInterSegment))
2411 	    || (i.tm.base_opcode == 0x0f01 /* [ls][gi]dt */
2412 		&& i.tm.extension_opcode <= 3)))
2413     {
2414       switch (flag_code)
2415 	{
2416 	case CODE_64BIT:
2417 	  if (!(i.tm.opcode_modifier & No_qSuf))
2418 	    {
2419 	      i.suffix = QWORD_MNEM_SUFFIX;
2420 	      break;
2421 	    }
2422 	case CODE_32BIT:
2423 	  if (!(i.tm.opcode_modifier & No_lSuf))
2424 	    i.suffix = LONG_MNEM_SUFFIX;
2425 	  break;
2426 	case CODE_16BIT:
2427 	  if (!(i.tm.opcode_modifier & No_wSuf))
2428 	    i.suffix = WORD_MNEM_SUFFIX;
2429 	  break;
2430 	}
2431     }
2432 
2433   if (!i.suffix)
2434     {
2435       if (!intel_syntax)
2436 	{
2437 	  if (i.tm.opcode_modifier & W)
2438 	    {
2439 	      as_bad (_("no instruction mnemonic suffix given and no register operands; can't size instruction"));
2440 	      return 0;
2441 	    }
2442 	}
2443       else
2444 	{
2445 	  unsigned int suffixes = ~i.tm.opcode_modifier
2446 				  & (No_bSuf
2447 				     | No_wSuf
2448 				     | No_lSuf
2449 				     | No_sSuf
2450 				     | No_xSuf
2451 				     | No_qSuf);
2452 
2453 	  if ((i.tm.opcode_modifier & W)
2454 	      || ((suffixes & (suffixes - 1))
2455 		  && !(i.tm.opcode_modifier & (DefaultSize | IgnoreSize))))
2456 	    {
2457 	      as_bad (_("ambiguous operand size for `%s'"), i.tm.name);
2458 	      return 0;
2459 	    }
2460 	}
2461     }
2462 
2463   /* Change the opcode based on the operand size given by i.suffix;
2464      We don't need to change things for byte insns.  */
2465 
2466   if (i.suffix && i.suffix != BYTE_MNEM_SUFFIX)
2467     {
2468       /* It's not a byte, select word/dword operation.  */
2469       if (i.tm.opcode_modifier & W)
2470 	{
2471 	  if (i.tm.opcode_modifier & ShortForm)
2472 	    i.tm.base_opcode |= 8;
2473 	  else
2474 	    i.tm.base_opcode |= 1;
2475 	}
2476 
2477       /* Now select between word & dword operations via the operand
2478 	 size prefix, except for instructions that will ignore this
2479 	 prefix anyway.  */
2480       if (i.suffix != QWORD_MNEM_SUFFIX
2481 	  && i.suffix != LONG_DOUBLE_MNEM_SUFFIX
2482 	  && !(i.tm.opcode_modifier & (IgnoreSize | FloatMF))
2483 	  && ((i.suffix == LONG_MNEM_SUFFIX) == (flag_code == CODE_16BIT)
2484 	      || (flag_code == CODE_64BIT
2485 		  && (i.tm.opcode_modifier & JumpByte))))
2486 	{
2487 	  unsigned int prefix = DATA_PREFIX_OPCODE;
2488 
2489 	  if (i.tm.opcode_modifier & JumpByte) /* jcxz, loop */
2490 	    prefix = ADDR_PREFIX_OPCODE;
2491 
2492 	  if (!add_prefix (prefix))
2493 	    return 0;
2494 	}
2495 
2496       /* Set mode64 for an operand.  */
2497       if (i.suffix == QWORD_MNEM_SUFFIX
2498 	  && flag_code == CODE_64BIT
2499 	  && (i.tm.opcode_modifier & NoRex64) == 0)
2500 	i.rex |= REX_MODE64;
2501 
2502       /* Size floating point instruction.  */
2503       if (i.suffix == LONG_MNEM_SUFFIX)
2504 	if (i.tm.opcode_modifier & FloatMF)
2505 	  i.tm.base_opcode ^= 4;
2506     }
2507 
2508   return 1;
2509 }
2510 
2511 static int
check_byte_reg(void)2512 check_byte_reg (void)
2513 {
2514   int op;
2515 
2516   for (op = i.operands; --op >= 0;)
2517     {
2518       /* If this is an eight bit register, it's OK.  If it's the 16 or
2519 	 32 bit version of an eight bit register, we will just use the
2520 	 low portion, and that's OK too.  */
2521       if (i.types[op] & Reg8)
2522 	continue;
2523 
2524       /* movzx and movsx should not generate this warning.  */
2525       if (intel_syntax
2526 	  && (i.tm.base_opcode == 0xfb7
2527 	      || i.tm.base_opcode == 0xfb6
2528 	      || i.tm.base_opcode == 0x63
2529 	      || i.tm.base_opcode == 0xfbe
2530 	      || i.tm.base_opcode == 0xfbf))
2531 	continue;
2532 
2533       if ((i.types[op] & WordReg) && i.op[op].regs->reg_num < 4)
2534 	{
2535 	  /* Prohibit these changes in the 64bit mode, since the
2536 	     lowering is more complicated.  */
2537 	  if (flag_code == CODE_64BIT
2538 	      && (i.tm.operand_types[op] & InOutPortReg) == 0)
2539 	    {
2540 	      as_bad (_("Incorrect register `%%%s' used with `%c' suffix"),
2541 		      i.op[op].regs->reg_name,
2542 		      i.suffix);
2543 	      return 0;
2544 	    }
2545 #if REGISTER_WARNINGS
2546 	  if (!quiet_warnings
2547 	      && (i.tm.operand_types[op] & InOutPortReg) == 0)
2548 	    as_warn (_("using `%%%s' instead of `%%%s' due to `%c' suffix"),
2549 		     (i.op[op].regs + (i.types[op] & Reg16
2550 				       ? REGNAM_AL - REGNAM_AX
2551 				       : REGNAM_AL - REGNAM_EAX))->reg_name,
2552 		     i.op[op].regs->reg_name,
2553 		     i.suffix);
2554 #endif
2555 	  continue;
2556 	}
2557       /* Any other register is bad.  */
2558       if (i.types[op] & (Reg | RegMMX | RegXMM
2559 			 | SReg2 | SReg3
2560 			 | Control | Debug | Test
2561 			 | FloatReg | FloatAcc))
2562 	{
2563 	  as_bad (_("`%%%s' not allowed with `%s%c'"),
2564 		  i.op[op].regs->reg_name,
2565 		  i.tm.name,
2566 		  i.suffix);
2567 	  return 0;
2568 	}
2569     }
2570   return 1;
2571 }
2572 
2573 static int
check_long_reg()2574 check_long_reg ()
2575 {
2576   int op;
2577 
2578   for (op = i.operands; --op >= 0;)
2579     /* Reject eight bit registers, except where the template requires
2580        them. (eg. movzb)  */
2581     if ((i.types[op] & Reg8) != 0
2582 	&& (i.tm.operand_types[op] & (Reg16 | Reg32 | Acc)) != 0)
2583       {
2584 	as_bad (_("`%%%s' not allowed with `%s%c'"),
2585 		i.op[op].regs->reg_name,
2586 		i.tm.name,
2587 		i.suffix);
2588 	return 0;
2589       }
2590   /* Warn if the e prefix on a general reg is missing.  */
2591     else if ((!quiet_warnings || flag_code == CODE_64BIT)
2592 	     && (i.types[op] & Reg16) != 0
2593 	     && (i.tm.operand_types[op] & (Reg32 | Acc)) != 0)
2594       {
2595 	/* Prohibit these changes in the 64bit mode, since the
2596 	   lowering is more complicated.  */
2597 	if (flag_code == CODE_64BIT)
2598 	  {
2599 	    as_bad (_("Incorrect register `%%%s' used with `%c' suffix"),
2600 		    i.op[op].regs->reg_name,
2601 		    i.suffix);
2602 	    return 0;
2603 	  }
2604 #if REGISTER_WARNINGS
2605 	else
2606 	  as_warn (_("using `%%%s' instead of `%%%s' due to `%c' suffix"),
2607 		   (i.op[op].regs + REGNAM_EAX - REGNAM_AX)->reg_name,
2608 		   i.op[op].regs->reg_name,
2609 		   i.suffix);
2610 #endif
2611       }
2612   /* Warn if the r prefix on a general reg is missing.  */
2613     else if ((i.types[op] & Reg64) != 0
2614 	     && (i.tm.operand_types[op] & (Reg32 | Acc)) != 0)
2615       {
2616 	as_bad (_("Incorrect register `%%%s' used with `%c' suffix"),
2617 		i.op[op].regs->reg_name,
2618 		i.suffix);
2619 	return 0;
2620       }
2621   return 1;
2622 }
2623 
2624 static int
check_qword_reg()2625 check_qword_reg ()
2626 {
2627   int op;
2628 
2629   for (op = i.operands; --op >= 0; )
2630     /* Reject eight bit registers, except where the template requires
2631        them. (eg. movzb)  */
2632     if ((i.types[op] & Reg8) != 0
2633 	&& (i.tm.operand_types[op] & (Reg16 | Reg32 | Acc)) != 0)
2634       {
2635 	as_bad (_("`%%%s' not allowed with `%s%c'"),
2636 		i.op[op].regs->reg_name,
2637 		i.tm.name,
2638 		i.suffix);
2639 	return 0;
2640       }
2641   /* Warn if the e prefix on a general reg is missing.  */
2642     else if (((i.types[op] & Reg16) != 0
2643 	      || (i.types[op] & Reg32) != 0)
2644 	     && (i.tm.operand_types[op] & (Reg32 | Acc)) != 0)
2645       {
2646 	/* Prohibit these changes in the 64bit mode, since the
2647 	   lowering is more complicated.  */
2648 	as_bad (_("Incorrect register `%%%s' used with `%c' suffix"),
2649 		i.op[op].regs->reg_name,
2650 		i.suffix);
2651 	return 0;
2652       }
2653   return 1;
2654 }
2655 
2656 static int
check_word_reg()2657 check_word_reg ()
2658 {
2659   int op;
2660   for (op = i.operands; --op >= 0;)
2661     /* Reject eight bit registers, except where the template requires
2662        them. (eg. movzb)  */
2663     if ((i.types[op] & Reg8) != 0
2664 	&& (i.tm.operand_types[op] & (Reg16 | Reg32 | Acc)) != 0)
2665       {
2666 	as_bad (_("`%%%s' not allowed with `%s%c'"),
2667 		i.op[op].regs->reg_name,
2668 		i.tm.name,
2669 		i.suffix);
2670 	return 0;
2671       }
2672   /* Warn if the e prefix on a general reg is present.  */
2673     else if ((!quiet_warnings || flag_code == CODE_64BIT)
2674 	     && (i.types[op] & Reg32) != 0
2675 	     && (i.tm.operand_types[op] & (Reg16 | Acc)) != 0)
2676       {
2677 	/* Prohibit these changes in the 64bit mode, since the
2678 	   lowering is more complicated.  */
2679 	if (flag_code == CODE_64BIT)
2680 	  {
2681 	    as_bad (_("Incorrect register `%%%s' used with `%c' suffix"),
2682 		    i.op[op].regs->reg_name,
2683 		    i.suffix);
2684 	    return 0;
2685 	  }
2686 	else
2687 #if REGISTER_WARNINGS
2688 	  as_warn (_("using `%%%s' instead of `%%%s' due to `%c' suffix"),
2689 		   (i.op[op].regs + REGNAM_AX - REGNAM_EAX)->reg_name,
2690 		   i.op[op].regs->reg_name,
2691 		   i.suffix);
2692 #endif
2693       }
2694   return 1;
2695 }
2696 
2697 static int
finalize_imm()2698 finalize_imm ()
2699 {
2700   unsigned int overlap0, overlap1, overlap2;
2701 
2702   overlap0 = i.types[0] & i.tm.operand_types[0];
2703   if ((overlap0 & (Imm8 | Imm8S | Imm16 | Imm32 | Imm32S | Imm64))
2704       && overlap0 != Imm8 && overlap0 != Imm8S
2705       && overlap0 != Imm16 && overlap0 != Imm32S
2706       && overlap0 != Imm32 && overlap0 != Imm64)
2707     {
2708       if (i.suffix)
2709 	{
2710 	  overlap0 &= (i.suffix == BYTE_MNEM_SUFFIX
2711 		       ? Imm8 | Imm8S
2712 		       : (i.suffix == WORD_MNEM_SUFFIX
2713 			  ? Imm16
2714 			  : (i.suffix == QWORD_MNEM_SUFFIX
2715 			     ? Imm64 | Imm32S
2716 			     : Imm32)));
2717 	}
2718       else if (overlap0 == (Imm16 | Imm32S | Imm32)
2719 	       || overlap0 == (Imm16 | Imm32)
2720 	       || overlap0 == (Imm16 | Imm32S))
2721 	{
2722 	  overlap0 = ((flag_code == CODE_16BIT) ^ (i.prefix[DATA_PREFIX] != 0)
2723 		      ? Imm16 : Imm32S);
2724 	}
2725       if (overlap0 != Imm8 && overlap0 != Imm8S
2726 	  && overlap0 != Imm16 && overlap0 != Imm32S
2727 	  && overlap0 != Imm32 && overlap0 != Imm64)
2728 	{
2729 	  as_bad (_("no instruction mnemonic suffix given; can't determine immediate size"));
2730 	  return 0;
2731 	}
2732     }
2733   i.types[0] = overlap0;
2734 
2735   overlap1 = i.types[1] & i.tm.operand_types[1];
2736   if ((overlap1 & (Imm8 | Imm8S | Imm16 | Imm32S | Imm32 | Imm64))
2737       && overlap1 != Imm8 && overlap1 != Imm8S
2738       && overlap1 != Imm16 && overlap1 != Imm32S
2739       && overlap1 != Imm32 && overlap1 != Imm64)
2740     {
2741       if (i.suffix)
2742 	{
2743 	  overlap1 &= (i.suffix == BYTE_MNEM_SUFFIX
2744 		       ? Imm8 | Imm8S
2745 		       : (i.suffix == WORD_MNEM_SUFFIX
2746 			  ? Imm16
2747 			  : (i.suffix == QWORD_MNEM_SUFFIX
2748 			     ? Imm64 | Imm32S
2749 			     : Imm32)));
2750 	}
2751       else if (overlap1 == (Imm16 | Imm32 | Imm32S)
2752 	       || overlap1 == (Imm16 | Imm32)
2753 	       || overlap1 == (Imm16 | Imm32S))
2754 	{
2755 	  overlap1 = ((flag_code == CODE_16BIT) ^ (i.prefix[DATA_PREFIX] != 0)
2756 		      ? Imm16 : Imm32S);
2757 	}
2758       if (overlap1 != Imm8 && overlap1 != Imm8S
2759 	  && overlap1 != Imm16 && overlap1 != Imm32S
2760 	  && overlap1 != Imm32 && overlap1 != Imm64)
2761 	{
2762 	  as_bad (_("no instruction mnemonic suffix given; can't determine immediate size %x %c"),overlap1, i.suffix);
2763 	  return 0;
2764 	}
2765     }
2766   i.types[1] = overlap1;
2767 
2768   overlap2 = i.types[2] & i.tm.operand_types[2];
2769   assert ((overlap2 & Imm) == 0);
2770   i.types[2] = overlap2;
2771 
2772   return 1;
2773 }
2774 
2775 static int
process_operands()2776 process_operands ()
2777 {
2778   /* Default segment register this instruction will use for memory
2779      accesses.  0 means unknown.  This is only for optimizing out
2780      unnecessary segment overrides.  */
2781   const seg_entry *default_seg = 0;
2782 
2783   /* The imul $imm, %reg instruction is converted into
2784      imul $imm, %reg, %reg, and the clr %reg instruction
2785      is converted into xor %reg, %reg.  */
2786   if (i.tm.opcode_modifier & regKludge)
2787     {
2788       unsigned int first_reg_op = (i.types[0] & Reg) ? 0 : 1;
2789       /* Pretend we saw the extra register operand.  */
2790       assert (i.op[first_reg_op + 1].regs == 0);
2791       i.op[first_reg_op + 1].regs = i.op[first_reg_op].regs;
2792       i.types[first_reg_op + 1] = i.types[first_reg_op];
2793       i.reg_operands = 2;
2794     }
2795 
2796   if (i.tm.opcode_modifier & ShortForm)
2797     {
2798       /* The register or float register operand is in operand 0 or 1.  */
2799       unsigned int op = (i.types[0] & (Reg | FloatReg)) ? 0 : 1;
2800       /* Register goes in low 3 bits of opcode.  */
2801       i.tm.base_opcode |= i.op[op].regs->reg_num;
2802       if ((i.op[op].regs->reg_flags & RegRex) != 0)
2803 	i.rex |= REX_EXTZ;
2804       if (!quiet_warnings && (i.tm.opcode_modifier & Ugh) != 0)
2805 	{
2806 	  /* Warn about some common errors, but press on regardless.
2807 	     The first case can be generated by gcc (<= 2.8.1).  */
2808 	  if (i.operands == 2)
2809 	    {
2810 	      /* Reversed arguments on faddp, fsubp, etc.  */
2811 	      as_warn (_("translating to `%s %%%s,%%%s'"), i.tm.name,
2812 		       i.op[1].regs->reg_name,
2813 		       i.op[0].regs->reg_name);
2814 	    }
2815 	  else
2816 	    {
2817 	      /* Extraneous `l' suffix on fp insn.  */
2818 	      as_warn (_("translating to `%s %%%s'"), i.tm.name,
2819 		       i.op[0].regs->reg_name);
2820 	    }
2821 	}
2822     }
2823   else if (i.tm.opcode_modifier & Modrm)
2824     {
2825       /* The opcode is completed (modulo i.tm.extension_opcode which
2826 	 must be put into the modrm byte).  Now, we make the modrm and
2827 	 index base bytes based on all the info we've collected.  */
2828 
2829       default_seg = build_modrm_byte ();
2830     }
2831   else if (i.tm.opcode_modifier & (Seg2ShortForm | Seg3ShortForm))
2832     {
2833       if (i.tm.base_opcode == POP_SEG_SHORT
2834 	  && i.op[0].regs->reg_num == 1)
2835 	{
2836 	  as_bad (_("you can't `pop %%cs'"));
2837 	  return 0;
2838 	}
2839       i.tm.base_opcode |= (i.op[0].regs->reg_num << 3);
2840       if ((i.op[0].regs->reg_flags & RegRex) != 0)
2841 	i.rex |= REX_EXTZ;
2842     }
2843   else if ((i.tm.base_opcode & ~(D | W)) == MOV_AX_DISP32)
2844     {
2845       default_seg = &ds;
2846     }
2847   else if ((i.tm.opcode_modifier & IsString) != 0)
2848     {
2849       /* For the string instructions that allow a segment override
2850 	 on one of their operands, the default segment is ds.  */
2851       default_seg = &ds;
2852     }
2853 
2854   if ((i.tm.base_opcode == 0x8d /* lea */
2855        || (i.tm.cpu_flags & CpuSVME))
2856       && i.seg[0] && !quiet_warnings)
2857     as_warn (_("segment override on `%s' is ineffectual"), i.tm.name);
2858 
2859   /* If a segment was explicitly specified, and the specified segment
2860      is not the default, use an opcode prefix to select it.  If we
2861      never figured out what the default segment is, then default_seg
2862      will be zero at this point, and the specified segment prefix will
2863      always be used.  */
2864   if ((i.seg[0]) && (i.seg[0] != default_seg))
2865     {
2866       if (!add_prefix (i.seg[0]->seg_prefix))
2867 	return 0;
2868     }
2869   return 1;
2870 }
2871 
2872 static const seg_entry *
build_modrm_byte()2873 build_modrm_byte ()
2874 {
2875   const seg_entry *default_seg = 0;
2876 
2877   /* i.reg_operands MUST be the number of real register operands;
2878      implicit registers do not count.  */
2879   if (i.reg_operands == 2)
2880     {
2881       unsigned int source, dest;
2882       source = ((i.types[0]
2883 		 & (Reg | RegMMX | RegXMM
2884 		    | SReg2 | SReg3
2885 		    | Control | Debug | Test))
2886 		? 0 : 1);
2887       dest = source + 1;
2888 
2889       i.rm.mode = 3;
2890       /* One of the register operands will be encoded in the i.tm.reg
2891 	 field, the other in the combined i.tm.mode and i.tm.regmem
2892 	 fields.  If no form of this instruction supports a memory
2893 	 destination operand, then we assume the source operand may
2894 	 sometimes be a memory operand and so we need to store the
2895 	 destination in the i.rm.reg field.  */
2896       if ((i.tm.operand_types[dest] & AnyMem) == 0)
2897 	{
2898 	  i.rm.reg = i.op[dest].regs->reg_num;
2899 	  i.rm.regmem = i.op[source].regs->reg_num;
2900 	  if ((i.op[dest].regs->reg_flags & RegRex) != 0)
2901 	    i.rex |= REX_EXTX;
2902 	  if ((i.op[source].regs->reg_flags & RegRex) != 0)
2903 	    i.rex |= REX_EXTZ;
2904 	}
2905       else
2906 	{
2907 	  i.rm.reg = i.op[source].regs->reg_num;
2908 	  i.rm.regmem = i.op[dest].regs->reg_num;
2909 	  if ((i.op[dest].regs->reg_flags & RegRex) != 0)
2910 	    i.rex |= REX_EXTZ;
2911 	  if ((i.op[source].regs->reg_flags & RegRex) != 0)
2912 	    i.rex |= REX_EXTX;
2913 	}
2914       if (flag_code != CODE_64BIT && (i.rex & (REX_EXTX | REX_EXTZ)))
2915 	{
2916 	  if (!((i.types[0] | i.types[1]) & Control))
2917 	    abort ();
2918 	  i.rex &= ~(REX_EXTX | REX_EXTZ);
2919 	  add_prefix (LOCK_PREFIX_OPCODE);
2920 	}
2921     }
2922   else
2923     {			/* If it's not 2 reg operands...  */
2924       if (i.mem_operands)
2925 	{
2926 	  unsigned int fake_zero_displacement = 0;
2927 	  unsigned int op = ((i.types[0] & AnyMem)
2928 			     ? 0
2929 			     : (i.types[1] & AnyMem) ? 1 : 2);
2930 
2931 	  default_seg = &ds;
2932 
2933 	  if (i.base_reg == 0)
2934 	    {
2935 	      i.rm.mode = 0;
2936 	      if (!i.disp_operands)
2937 		fake_zero_displacement = 1;
2938 	      if (i.index_reg == 0)
2939 		{
2940 		  /* Operand is just <disp>  */
2941 		  if (flag_code == CODE_64BIT)
2942 		    {
2943 		      /* 64bit mode overwrites the 32bit absolute
2944 			 addressing by RIP relative addressing and
2945 			 absolute addressing is encoded by one of the
2946 			 redundant SIB forms.  */
2947 		      i.rm.regmem = ESCAPE_TO_TWO_BYTE_ADDRESSING;
2948 		      i.sib.base = NO_BASE_REGISTER;
2949 		      i.sib.index = NO_INDEX_REGISTER;
2950 		      i.types[op] = ((i.prefix[ADDR_PREFIX] == 0) ? Disp32S : Disp32);
2951 		    }
2952 		  else if ((flag_code == CODE_16BIT) ^ (i.prefix[ADDR_PREFIX] != 0))
2953 		    {
2954 		      i.rm.regmem = NO_BASE_REGISTER_16;
2955 		      i.types[op] = Disp16;
2956 		    }
2957 		  else
2958 		    {
2959 		      i.rm.regmem = NO_BASE_REGISTER;
2960 		      i.types[op] = Disp32;
2961 		    }
2962 		}
2963 	      else /* !i.base_reg && i.index_reg  */
2964 		{
2965 		  i.sib.index = i.index_reg->reg_num;
2966 		  i.sib.base = NO_BASE_REGISTER;
2967 		  i.sib.scale = i.log2_scale_factor;
2968 		  i.rm.regmem = ESCAPE_TO_TWO_BYTE_ADDRESSING;
2969 		  i.types[op] &= ~Disp;
2970 		  if (flag_code != CODE_64BIT)
2971 		    i.types[op] |= Disp32;	/* Must be 32 bit */
2972 		  else
2973 		    i.types[op] |= Disp32S;
2974 		  if ((i.index_reg->reg_flags & RegRex) != 0)
2975 		    i.rex |= REX_EXTY;
2976 		}
2977 	    }
2978 	  /* RIP addressing for 64bit mode.  */
2979 	  else if (i.base_reg->reg_type == BaseIndex)
2980 	    {
2981 	      i.rm.regmem = NO_BASE_REGISTER;
2982 	      i.types[op] &= ~ Disp;
2983 	      i.types[op] |= Disp32S;
2984 	      i.flags[op] = Operand_PCrel;
2985 	      if (! i.disp_operands)
2986 		fake_zero_displacement = 1;
2987 	    }
2988 	  else if (i.base_reg->reg_type & Reg16)
2989 	    {
2990 	      switch (i.base_reg->reg_num)
2991 		{
2992 		case 3: /* (%bx)  */
2993 		  if (i.index_reg == 0)
2994 		    i.rm.regmem = 7;
2995 		  else /* (%bx,%si) -> 0, or (%bx,%di) -> 1  */
2996 		    i.rm.regmem = i.index_reg->reg_num - 6;
2997 		  break;
2998 		case 5: /* (%bp)  */
2999 		  default_seg = &ss;
3000 		  if (i.index_reg == 0)
3001 		    {
3002 		      i.rm.regmem = 6;
3003 		      if ((i.types[op] & Disp) == 0)
3004 			{
3005 			  /* fake (%bp) into 0(%bp)  */
3006 			  i.types[op] |= Disp8;
3007 			  fake_zero_displacement = 1;
3008 			}
3009 		    }
3010 		  else /* (%bp,%si) -> 2, or (%bp,%di) -> 3  */
3011 		    i.rm.regmem = i.index_reg->reg_num - 6 + 2;
3012 		  break;
3013 		default: /* (%si) -> 4 or (%di) -> 5  */
3014 		  i.rm.regmem = i.base_reg->reg_num - 6 + 4;
3015 		}
3016 	      i.rm.mode = mode_from_disp_size (i.types[op]);
3017 	    }
3018 	  else /* i.base_reg and 32/64 bit mode  */
3019 	    {
3020 	      if (flag_code == CODE_64BIT
3021 		  && (i.types[op] & Disp))
3022 		i.types[op] = (i.types[op] & Disp8) | (i.prefix[ADDR_PREFIX] == 0 ? Disp32S : Disp32);
3023 
3024 	      i.rm.regmem = i.base_reg->reg_num;
3025 	      if ((i.base_reg->reg_flags & RegRex) != 0)
3026 		i.rex |= REX_EXTZ;
3027 	      i.sib.base = i.base_reg->reg_num;
3028 	      /* x86-64 ignores REX prefix bit here to avoid decoder
3029 		 complications.  */
3030 	      if ((i.base_reg->reg_num & 7) == EBP_REG_NUM)
3031 		{
3032 		  default_seg = &ss;
3033 		  if (i.disp_operands == 0)
3034 		    {
3035 		      fake_zero_displacement = 1;
3036 		      i.types[op] |= Disp8;
3037 		    }
3038 		}
3039 	      else if (i.base_reg->reg_num == ESP_REG_NUM)
3040 		{
3041 		  default_seg = &ss;
3042 		}
3043 	      i.sib.scale = i.log2_scale_factor;
3044 	      if (i.index_reg == 0)
3045 		{
3046 		  /* <disp>(%esp) becomes two byte modrm with no index
3047 		     register.  We've already stored the code for esp
3048 		     in i.rm.regmem ie. ESCAPE_TO_TWO_BYTE_ADDRESSING.
3049 		     Any base register besides %esp will not use the
3050 		     extra modrm byte.  */
3051 		  i.sib.index = NO_INDEX_REGISTER;
3052 #if !SCALE1_WHEN_NO_INDEX
3053 		  /* Another case where we force the second modrm byte.  */
3054 		  if (i.log2_scale_factor)
3055 		    i.rm.regmem = ESCAPE_TO_TWO_BYTE_ADDRESSING;
3056 #endif
3057 		}
3058 	      else
3059 		{
3060 		  i.sib.index = i.index_reg->reg_num;
3061 		  i.rm.regmem = ESCAPE_TO_TWO_BYTE_ADDRESSING;
3062 		  if ((i.index_reg->reg_flags & RegRex) != 0)
3063 		    i.rex |= REX_EXTY;
3064 		}
3065 	      i.rm.mode = mode_from_disp_size (i.types[op]);
3066 	    }
3067 
3068 	  if (fake_zero_displacement)
3069 	    {
3070 	      /* Fakes a zero displacement assuming that i.types[op]
3071 		 holds the correct displacement size.  */
3072 	      expressionS *exp;
3073 
3074 	      assert (i.op[op].disps == 0);
3075 	      exp = &disp_expressions[i.disp_operands++];
3076 	      i.op[op].disps = exp;
3077 	      exp->X_op = O_constant;
3078 	      exp->X_add_number = 0;
3079 	      exp->X_add_symbol = (symbolS *) 0;
3080 	      exp->X_op_symbol = (symbolS *) 0;
3081 	    }
3082 	}
3083 
3084       /* Fill in i.rm.reg or i.rm.regmem field with register operand
3085 	 (if any) based on i.tm.extension_opcode.  Again, we must be
3086 	 careful to make sure that segment/control/debug/test/MMX
3087 	 registers are coded into the i.rm.reg field.  */
3088       if (i.reg_operands)
3089 	{
3090 	  unsigned int op =
3091 	    ((i.types[0]
3092 	      & (Reg | RegMMX | RegXMM
3093 		 | SReg2 | SReg3
3094 		 | Control | Debug | Test))
3095 	     ? 0
3096 	     : ((i.types[1]
3097 		 & (Reg | RegMMX | RegXMM
3098 		    | SReg2 | SReg3
3099 		    | Control | Debug | Test))
3100 		? 1
3101 		: 2));
3102 	  /* If there is an extension opcode to put here, the register
3103 	     number must be put into the regmem field.  */
3104 	  if (i.tm.extension_opcode != None)
3105 	    {
3106 	      i.rm.regmem = i.op[op].regs->reg_num;
3107 	      if ((i.op[op].regs->reg_flags & RegRex) != 0)
3108 		i.rex |= REX_EXTZ;
3109 	    }
3110 	  else
3111 	    {
3112 	      i.rm.reg = i.op[op].regs->reg_num;
3113 	      if ((i.op[op].regs->reg_flags & RegRex) != 0)
3114 		i.rex |= REX_EXTX;
3115 	    }
3116 
3117 	  /* Now, if no memory operand has set i.rm.mode = 0, 1, 2 we
3118 	     must set it to 3 to indicate this is a register operand
3119 	     in the regmem field.  */
3120 	  if (!i.mem_operands)
3121 	    i.rm.mode = 3;
3122 	}
3123 
3124       /* Fill in i.rm.reg field with extension opcode (if any).  */
3125       if (i.tm.extension_opcode != None)
3126 	i.rm.reg = i.tm.extension_opcode;
3127     }
3128   return default_seg;
3129 }
3130 
3131 static void
output_branch()3132 output_branch ()
3133 {
3134   char *p;
3135   int code16;
3136   int prefix;
3137   relax_substateT subtype;
3138   symbolS *sym;
3139   offsetT off;
3140 
3141   code16 = 0;
3142   if (flag_code == CODE_16BIT)
3143     code16 = CODE16;
3144 
3145   prefix = 0;
3146   if (i.prefix[DATA_PREFIX] != 0)
3147     {
3148       prefix = 1;
3149       i.prefixes -= 1;
3150       code16 ^= CODE16;
3151     }
3152   /* Pentium4 branch hints.  */
3153   if (i.prefix[SEG_PREFIX] == CS_PREFIX_OPCODE /* not taken */
3154       || i.prefix[SEG_PREFIX] == DS_PREFIX_OPCODE /* taken */)
3155     {
3156       prefix++;
3157       i.prefixes--;
3158     }
3159   if (i.prefix[REX_PREFIX] != 0)
3160     {
3161       prefix++;
3162       i.prefixes--;
3163     }
3164 
3165   if (i.prefixes != 0 && !intel_syntax)
3166     as_warn (_("skipping prefixes on this instruction"));
3167 
3168   /* It's always a symbol;  End frag & setup for relax.
3169      Make sure there is enough room in this frag for the largest
3170      instruction we may generate in md_convert_frag.  This is 2
3171      bytes for the opcode and room for the prefix and largest
3172      displacement.  */
3173   frag_grow (prefix + 2 + 4);
3174   /* Prefix and 1 opcode byte go in fr_fix.  */
3175   p = frag_more (prefix + 1);
3176   if (i.prefix[DATA_PREFIX] != 0)
3177     *p++ = DATA_PREFIX_OPCODE;
3178   if (i.prefix[SEG_PREFIX] == CS_PREFIX_OPCODE
3179       || i.prefix[SEG_PREFIX] == DS_PREFIX_OPCODE)
3180     *p++ = i.prefix[SEG_PREFIX];
3181   if (i.prefix[REX_PREFIX] != 0)
3182     *p++ = i.prefix[REX_PREFIX];
3183   *p = i.tm.base_opcode;
3184 
3185   if ((unsigned char) *p == JUMP_PC_RELATIVE)
3186     subtype = ENCODE_RELAX_STATE (UNCOND_JUMP, SMALL);
3187   else if ((cpu_arch_flags & Cpu386) != 0)
3188     subtype = ENCODE_RELAX_STATE (COND_JUMP, SMALL);
3189   else
3190     subtype = ENCODE_RELAX_STATE (COND_JUMP86, SMALL);
3191   subtype |= code16;
3192 
3193   sym = i.op[0].disps->X_add_symbol;
3194   off = i.op[0].disps->X_add_number;
3195 
3196   if (i.op[0].disps->X_op != O_constant
3197       && i.op[0].disps->X_op != O_symbol)
3198     {
3199       /* Handle complex expressions.  */
3200       sym = make_expr_symbol (i.op[0].disps);
3201       off = 0;
3202     }
3203 
3204   /* 1 possible extra opcode + 4 byte displacement go in var part.
3205      Pass reloc in fr_var.  */
3206   frag_var (rs_machine_dependent, 5, i.reloc[0], subtype, sym, off, p);
3207 }
3208 
3209 static void
output_jump()3210 output_jump ()
3211 {
3212   char *p;
3213   int size;
3214   fixS *fixP;
3215 
3216   if (i.tm.opcode_modifier & JumpByte)
3217     {
3218       /* This is a loop or jecxz type instruction.  */
3219       size = 1;
3220       if (i.prefix[ADDR_PREFIX] != 0)
3221 	{
3222 	  FRAG_APPEND_1_CHAR (ADDR_PREFIX_OPCODE);
3223 	  i.prefixes -= 1;
3224 	}
3225       /* Pentium4 branch hints.  */
3226       if (i.prefix[SEG_PREFIX] == CS_PREFIX_OPCODE /* not taken */
3227 	  || i.prefix[SEG_PREFIX] == DS_PREFIX_OPCODE /* taken */)
3228 	{
3229 	  FRAG_APPEND_1_CHAR (i.prefix[SEG_PREFIX]);
3230 	  i.prefixes--;
3231 	}
3232     }
3233   else
3234     {
3235       int code16;
3236 
3237       code16 = 0;
3238       if (flag_code == CODE_16BIT)
3239 	code16 = CODE16;
3240 
3241       if (i.prefix[DATA_PREFIX] != 0)
3242 	{
3243 	  FRAG_APPEND_1_CHAR (DATA_PREFIX_OPCODE);
3244 	  i.prefixes -= 1;
3245 	  code16 ^= CODE16;
3246 	}
3247 
3248       size = 4;
3249       if (code16)
3250 	size = 2;
3251     }
3252 
3253   if (i.prefix[REX_PREFIX] != 0)
3254     {
3255       FRAG_APPEND_1_CHAR (i.prefix[REX_PREFIX]);
3256       i.prefixes -= 1;
3257     }
3258 
3259   if (i.prefixes != 0 && !intel_syntax)
3260     as_warn (_("skipping prefixes on this instruction"));
3261 
3262   p = frag_more (1 + size);
3263   *p++ = i.tm.base_opcode;
3264 
3265   fixP = fix_new_exp (frag_now, p - frag_now->fr_literal, size,
3266 		      i.op[0].disps, 1, reloc (size, 1, 1, i.reloc[0]));
3267 
3268   /* All jumps handled here are signed, but don't use a signed limit
3269      check for 32 and 16 bit jumps as we want to allow wrap around at
3270      4G and 64k respectively.  */
3271   if (size == 1)
3272     fixP->fx_signed = 1;
3273 }
3274 
3275 static void
output_interseg_jump()3276 output_interseg_jump ()
3277 {
3278   char *p;
3279   int size;
3280   int prefix;
3281   int code16;
3282 
3283   code16 = 0;
3284   if (flag_code == CODE_16BIT)
3285     code16 = CODE16;
3286 
3287   prefix = 0;
3288   if (i.prefix[DATA_PREFIX] != 0)
3289     {
3290       prefix = 1;
3291       i.prefixes -= 1;
3292       code16 ^= CODE16;
3293     }
3294   if (i.prefix[REX_PREFIX] != 0)
3295     {
3296       prefix++;
3297       i.prefixes -= 1;
3298     }
3299 
3300   size = 4;
3301   if (code16)
3302     size = 2;
3303 
3304   if (i.prefixes != 0 && !intel_syntax)
3305     as_warn (_("skipping prefixes on this instruction"));
3306 
3307   /* 1 opcode; 2 segment; offset  */
3308   p = frag_more (prefix + 1 + 2 + size);
3309 
3310   if (i.prefix[DATA_PREFIX] != 0)
3311     *p++ = DATA_PREFIX_OPCODE;
3312 
3313   if (i.prefix[REX_PREFIX] != 0)
3314     *p++ = i.prefix[REX_PREFIX];
3315 
3316   *p++ = i.tm.base_opcode;
3317   if (i.op[1].imms->X_op == O_constant)
3318     {
3319       offsetT n = i.op[1].imms->X_add_number;
3320 
3321       if (size == 2
3322 	  && !fits_in_unsigned_word (n)
3323 	  && !fits_in_signed_word (n))
3324 	{
3325 	  as_bad (_("16-bit jump out of range"));
3326 	  return;
3327 	}
3328       md_number_to_chars (p, n, size);
3329     }
3330   else
3331     fix_new_exp (frag_now, p - frag_now->fr_literal, size,
3332 		 i.op[1].imms, 0, reloc (size, 0, 0, i.reloc[1]));
3333   if (i.op[0].imms->X_op != O_constant)
3334     as_bad (_("can't handle non absolute segment in `%s'"),
3335 	    i.tm.name);
3336   md_number_to_chars (p + size, (valueT) i.op[0].imms->X_add_number, 2);
3337 }
3338 
3339 static void
output_insn()3340 output_insn ()
3341 {
3342   fragS *insn_start_frag;
3343   offsetT insn_start_off;
3344 
3345   /* Tie dwarf2 debug info to the address at the start of the insn.
3346      We can't do this after the insn has been output as the current
3347      frag may have been closed off.  eg. by frag_var.  */
3348   dwarf2_emit_insn (0);
3349 
3350   insn_start_frag = frag_now;
3351   insn_start_off = frag_now_fix ();
3352 
3353   /* Output jumps.  */
3354   if (i.tm.opcode_modifier & Jump)
3355     output_branch ();
3356   else if (i.tm.opcode_modifier & (JumpByte | JumpDword))
3357     output_jump ();
3358   else if (i.tm.opcode_modifier & JumpInterSegment)
3359     output_interseg_jump ();
3360   else
3361     {
3362       /* Output normal instructions here.  */
3363       char *p;
3364       unsigned char *q;
3365 
3366       /* All opcodes on i386 have either 1 or 2 bytes.  We may use one
3367 	 more higher byte to specify a prefix the instruction
3368 	 requires.  */
3369       if ((i.tm.base_opcode & 0xff0000) != 0)
3370 	{
3371 	  if ((i.tm.cpu_flags & CpuPadLock) != 0)
3372 	    {
3373 	      unsigned int prefix;
3374 	      prefix = (i.tm.base_opcode >> 16) & 0xff;
3375 
3376 	      if (prefix != REPE_PREFIX_OPCODE
3377 		  || i.prefix[LOCKREP_PREFIX] != REPE_PREFIX_OPCODE)
3378 		add_prefix (prefix);
3379 	    }
3380 	  else
3381 	    add_prefix ((i.tm.base_opcode >> 16) & 0xff);
3382 	}
3383 
3384       /* The prefix bytes.  */
3385       for (q = i.prefix;
3386 	   q < i.prefix + sizeof (i.prefix) / sizeof (i.prefix[0]);
3387 	   q++)
3388 	{
3389 	  if (*q)
3390 	    {
3391 	      p = frag_more (1);
3392 	      md_number_to_chars (p, (valueT) *q, 1);
3393 	    }
3394 	}
3395 
3396       /* Now the opcode; be careful about word order here!  */
3397       if (fits_in_unsigned_byte (i.tm.base_opcode))
3398 	{
3399 	  FRAG_APPEND_1_CHAR (i.tm.base_opcode);
3400 	}
3401       else
3402 	{
3403 	  p = frag_more (2);
3404 
3405 	  /* Put out high byte first: can't use md_number_to_chars!  */
3406 	  *p++ = (i.tm.base_opcode >> 8) & 0xff;
3407 	  *p = i.tm.base_opcode & 0xff;
3408 	}
3409 
3410       /* Now the modrm byte and sib byte (if present).  */
3411       if (i.tm.opcode_modifier & Modrm)
3412 	{
3413 	  p = frag_more (1);
3414 	  md_number_to_chars (p,
3415 			      (valueT) (i.rm.regmem << 0
3416 					| i.rm.reg << 3
3417 					| i.rm.mode << 6),
3418 			      1);
3419 	  /* If i.rm.regmem == ESP (4)
3420 	     && i.rm.mode != (Register mode)
3421 	     && not 16 bit
3422 	     ==> need second modrm byte.  */
3423 	  if (i.rm.regmem == ESCAPE_TO_TWO_BYTE_ADDRESSING
3424 	      && i.rm.mode != 3
3425 	      && !(i.base_reg && (i.base_reg->reg_type & Reg16) != 0))
3426 	    {
3427 	      p = frag_more (1);
3428 	      md_number_to_chars (p,
3429 				  (valueT) (i.sib.base << 0
3430 					    | i.sib.index << 3
3431 					    | i.sib.scale << 6),
3432 				  1);
3433 	    }
3434 	}
3435 
3436       if (i.disp_operands)
3437 	output_disp (insn_start_frag, insn_start_off);
3438 
3439       if (i.imm_operands)
3440 	output_imm (insn_start_frag, insn_start_off);
3441     }
3442 
3443 #ifdef DEBUG386
3444   if (flag_debug)
3445     {
3446       pi (line, &i);
3447     }
3448 #endif /* DEBUG386  */
3449 }
3450 
3451 static void
output_disp(insn_start_frag,insn_start_off)3452 output_disp (insn_start_frag, insn_start_off)
3453     fragS *insn_start_frag;
3454     offsetT insn_start_off;
3455 {
3456   char *p;
3457   unsigned int n;
3458 
3459   for (n = 0; n < i.operands; n++)
3460     {
3461       if (i.types[n] & Disp)
3462 	{
3463 	  if (i.op[n].disps->X_op == O_constant)
3464 	    {
3465 	      int size;
3466 	      offsetT val;
3467 
3468 	      size = 4;
3469 	      if (i.types[n] & (Disp8 | Disp16 | Disp64))
3470 		{
3471 		  size = 2;
3472 		  if (i.types[n] & Disp8)
3473 		    size = 1;
3474 		  if (i.types[n] & Disp64)
3475 		    size = 8;
3476 		}
3477 	      val = offset_in_range (i.op[n].disps->X_add_number,
3478 				     size);
3479 	      p = frag_more (size);
3480 	      md_number_to_chars (p, val, size);
3481 	    }
3482 	  else
3483 	    {
3484 	      enum bfd_reloc_code_real reloc_type;
3485 	      int size = 4;
3486 	      int sign = 0;
3487 	      int pcrel = (i.flags[n] & Operand_PCrel) != 0;
3488 
3489 	      /* The PC relative address is computed relative
3490 		 to the instruction boundary, so in case immediate
3491 		 fields follows, we need to adjust the value.  */
3492 	      if (pcrel && i.imm_operands)
3493 		{
3494 		  int imm_size = 4;
3495 		  unsigned int n1;
3496 
3497 		  for (n1 = 0; n1 < i.operands; n1++)
3498 		    if (i.types[n1] & Imm)
3499 		      {
3500 			if (i.types[n1] & (Imm8 | Imm8S | Imm16 | Imm64))
3501 			  {
3502 			    imm_size = 2;
3503 			    if (i.types[n1] & (Imm8 | Imm8S))
3504 			      imm_size = 1;
3505 			    if (i.types[n1] & Imm64)
3506 			      imm_size = 8;
3507 			  }
3508 			break;
3509 		      }
3510 		  /* We should find the immediate.  */
3511 		  if (n1 == i.operands)
3512 		    abort ();
3513 		  i.op[n].disps->X_add_number -= imm_size;
3514 		}
3515 
3516 	      if (i.types[n] & Disp32S)
3517 		sign = 1;
3518 
3519 	      if (i.types[n] & (Disp16 | Disp64))
3520 		{
3521 		  size = 2;
3522 		  if (i.types[n] & Disp64)
3523 		    size = 8;
3524 		}
3525 
3526 	      p = frag_more (size);
3527 	      reloc_type = reloc (size, pcrel, sign, i.reloc[n]);
3528 	      if (GOT_symbol
3529 		  && GOT_symbol == i.op[n].disps->X_add_symbol
3530 		  && (((reloc_type == BFD_RELOC_32
3531 			|| reloc_type == BFD_RELOC_X86_64_32S)
3532 		       && (i.op[n].disps->X_op == O_symbol
3533 			   || (i.op[n].disps->X_op == O_add
3534 			       && ((symbol_get_value_expression
3535 				    (i.op[n].disps->X_op_symbol)->X_op)
3536 				   == O_subtract))))
3537 		      || reloc_type == BFD_RELOC_32_PCREL))
3538 		{
3539 		  offsetT add;
3540 
3541 		  if (insn_start_frag == frag_now)
3542 		    add = (p - frag_now->fr_literal) - insn_start_off;
3543 		  else
3544 		    {
3545 		      fragS *fr;
3546 
3547 		      add = insn_start_frag->fr_fix - insn_start_off;
3548 		      for (fr = insn_start_frag->fr_next;
3549 			   fr && fr != frag_now; fr = fr->fr_next)
3550 			add += fr->fr_fix;
3551 		      add += p - frag_now->fr_literal;
3552 		    }
3553 
3554 		  if (flag_code != CODE_64BIT)
3555 		    reloc_type = BFD_RELOC_386_GOTPC;
3556 		  else
3557 		    reloc_type = BFD_RELOC_X86_64_GOTPC32;
3558 		  i.op[n].disps->X_add_number += add;
3559 		}
3560 	      fix_new_exp (frag_now, p - frag_now->fr_literal, size,
3561 			   i.op[n].disps, pcrel, reloc_type);
3562 	    }
3563 	}
3564     }
3565 }
3566 
3567 static void
output_imm(insn_start_frag,insn_start_off)3568 output_imm (insn_start_frag, insn_start_off)
3569     fragS *insn_start_frag;
3570     offsetT insn_start_off;
3571 {
3572   char *p;
3573   unsigned int n;
3574 
3575   for (n = 0; n < i.operands; n++)
3576     {
3577       if (i.types[n] & Imm)
3578 	{
3579 	  if (i.op[n].imms->X_op == O_constant)
3580 	    {
3581 	      int size;
3582 	      offsetT val;
3583 
3584 	      size = 4;
3585 	      if (i.types[n] & (Imm8 | Imm8S | Imm16 | Imm64))
3586 		{
3587 		  size = 2;
3588 		  if (i.types[n] & (Imm8 | Imm8S))
3589 		    size = 1;
3590 		  else if (i.types[n] & Imm64)
3591 		    size = 8;
3592 		}
3593 	      val = offset_in_range (i.op[n].imms->X_add_number,
3594 				     size);
3595 	      p = frag_more (size);
3596 	      md_number_to_chars (p, val, size);
3597 	    }
3598 	  else
3599 	    {
3600 	      /* Not absolute_section.
3601 		 Need a 32-bit fixup (don't support 8bit
3602 		 non-absolute imms).  Try to support other
3603 		 sizes ...  */
3604 	      enum bfd_reloc_code_real reloc_type;
3605 	      int size = 4;
3606 	      int sign = 0;
3607 
3608 	      if ((i.types[n] & (Imm32S))
3609 		  && (i.suffix == QWORD_MNEM_SUFFIX
3610 		      || (!i.suffix && (i.tm.opcode_modifier & No_lSuf))))
3611 		sign = 1;
3612 	      if (i.types[n] & (Imm8 | Imm8S | Imm16 | Imm64))
3613 		{
3614 		  size = 2;
3615 		  if (i.types[n] & (Imm8 | Imm8S))
3616 		    size = 1;
3617 		  if (i.types[n] & Imm64)
3618 		    size = 8;
3619 		}
3620 
3621 	      p = frag_more (size);
3622 	      reloc_type = reloc (size, 0, sign, i.reloc[n]);
3623 
3624 	      /*   This is tough to explain.  We end up with this one if we
3625 	       * have operands that look like
3626 	       * "_GLOBAL_OFFSET_TABLE_+[.-.L284]".  The goal here is to
3627 	       * obtain the absolute address of the GOT, and it is strongly
3628 	       * preferable from a performance point of view to avoid using
3629 	       * a runtime relocation for this.  The actual sequence of
3630 	       * instructions often look something like:
3631 	       *
3632 	       *	call	.L66
3633 	       * .L66:
3634 	       *	popl	%ebx
3635 	       *	addl	$_GLOBAL_OFFSET_TABLE_+[.-.L66],%ebx
3636 	       *
3637 	       *   The call and pop essentially return the absolute address
3638 	       * of the label .L66 and store it in %ebx.  The linker itself
3639 	       * will ultimately change the first operand of the addl so
3640 	       * that %ebx points to the GOT, but to keep things simple, the
3641 	       * .o file must have this operand set so that it generates not
3642 	       * the absolute address of .L66, but the absolute address of
3643 	       * itself.  This allows the linker itself simply treat a GOTPC
3644 	       * relocation as asking for a pcrel offset to the GOT to be
3645 	       * added in, and the addend of the relocation is stored in the
3646 	       * operand field for the instruction itself.
3647 	       *
3648 	       *   Our job here is to fix the operand so that it would add
3649 	       * the correct offset so that %ebx would point to itself.  The
3650 	       * thing that is tricky is that .-.L66 will point to the
3651 	       * beginning of the instruction, so we need to further modify
3652 	       * the operand so that it will point to itself.  There are
3653 	       * other cases where you have something like:
3654 	       *
3655 	       *	.long	$_GLOBAL_OFFSET_TABLE_+[.-.L66]
3656 	       *
3657 	       * and here no correction would be required.  Internally in
3658 	       * the assembler we treat operands of this form as not being
3659 	       * pcrel since the '.' is explicitly mentioned, and I wonder
3660 	       * whether it would simplify matters to do it this way.  Who
3661 	       * knows.  In earlier versions of the PIC patches, the
3662 	       * pcrel_adjust field was used to store the correction, but
3663 	       * since the expression is not pcrel, I felt it would be
3664 	       * confusing to do it this way.  */
3665 
3666 	      if ((reloc_type == BFD_RELOC_32
3667 		   || reloc_type == BFD_RELOC_X86_64_32S)
3668 		  && GOT_symbol
3669 		  && GOT_symbol == i.op[n].imms->X_add_symbol
3670 		  && (i.op[n].imms->X_op == O_symbol
3671 		      || (i.op[n].imms->X_op == O_add
3672 			  && ((symbol_get_value_expression
3673 			       (i.op[n].imms->X_op_symbol)->X_op)
3674 			      == O_subtract))))
3675 		{
3676 		  offsetT add;
3677 
3678 		  if (insn_start_frag == frag_now)
3679 		    add = (p - frag_now->fr_literal) - insn_start_off;
3680 		  else
3681 		    {
3682 		      fragS *fr;
3683 
3684 		      add = insn_start_frag->fr_fix - insn_start_off;
3685 		      for (fr = insn_start_frag->fr_next;
3686 			   fr && fr != frag_now; fr = fr->fr_next)
3687 			add += fr->fr_fix;
3688 		      add += p - frag_now->fr_literal;
3689 		    }
3690 
3691 		  if (flag_code != CODE_64BIT)
3692 		    reloc_type = BFD_RELOC_386_GOTPC;
3693 		  else
3694 		    reloc_type = BFD_RELOC_X86_64_GOTPC32;
3695 		  i.op[n].imms->X_add_number += add;
3696 		}
3697 	      fix_new_exp (frag_now, p - frag_now->fr_literal, size,
3698 			   i.op[n].imms, 0, reloc_type);
3699 	    }
3700 	}
3701     }
3702 }
3703 
3704 #ifndef LEX_AT
3705 static char *lex_got PARAMS ((enum bfd_reloc_code_real *, int *));
3706 
3707 /* Parse operands of the form
3708    <symbol>@GOTOFF+<nnn>
3709    and similar .plt or .got references.
3710 
3711    If we find one, set up the correct relocation in RELOC and copy the
3712    input string, minus the `@GOTOFF' into a malloc'd buffer for
3713    parsing by the calling routine.  Return this buffer, and if ADJUST
3714    is non-null set it to the length of the string we removed from the
3715    input line.  Otherwise return NULL.  */
3716 static char *
lex_got(reloc,adjust)3717 lex_got (reloc, adjust)
3718      enum bfd_reloc_code_real *reloc;
3719      int *adjust;
3720 {
3721   static const char * const mode_name[NUM_FLAG_CODE] = { "32", "16", "64" };
3722   static const struct {
3723     const char *str;
3724     const enum bfd_reloc_code_real rel[NUM_FLAG_CODE];
3725   } gotrel[] = {
3726     { "PLT",      { BFD_RELOC_386_PLT32,      0, BFD_RELOC_X86_64_PLT32    } },
3727     { "GOTOFF",   { BFD_RELOC_386_GOTOFF,     0, BFD_RELOC_X86_64_GOTOFF64 } },
3728     { "GOTPCREL", { 0,                        0, BFD_RELOC_X86_64_GOTPCREL } },
3729     { "TLSGD",    { BFD_RELOC_386_TLS_GD,     0, BFD_RELOC_X86_64_TLSGD    } },
3730     { "TLSLDM",   { BFD_RELOC_386_TLS_LDM,    0, 0                         } },
3731     { "TLSLD",    { 0,                        0, BFD_RELOC_X86_64_TLSLD    } },
3732     { "GOTTPOFF", { BFD_RELOC_386_TLS_IE_32,  0, BFD_RELOC_X86_64_GOTTPOFF } },
3733     { "TPOFF",    { BFD_RELOC_386_TLS_LE_32,  0, BFD_RELOC_X86_64_TPOFF32  } },
3734     { "NTPOFF",   { BFD_RELOC_386_TLS_LE,     0, 0                         } },
3735     { "DTPOFF",   { BFD_RELOC_386_TLS_LDO_32, 0, BFD_RELOC_X86_64_DTPOFF32 } },
3736     { "GOTNTPOFF",{ BFD_RELOC_386_TLS_GOTIE,  0, 0                         } },
3737     { "INDNTPOFF",{ BFD_RELOC_386_TLS_IE,     0, 0                         } },
3738     { "GOT",      { BFD_RELOC_386_GOT32,      0, BFD_RELOC_X86_64_GOT32    } }
3739   };
3740   char *cp;
3741   unsigned int j;
3742 
3743   for (cp = input_line_pointer; *cp != '@'; cp++)
3744     if (is_end_of_line[(unsigned char) *cp])
3745       return NULL;
3746 
3747   for (j = 0; j < sizeof (gotrel) / sizeof (gotrel[0]); j++)
3748     {
3749       int len;
3750 
3751       len = strlen (gotrel[j].str);
3752       if (strncasecmp (cp + 1, gotrel[j].str, len) == 0)
3753 	{
3754 	  if (gotrel[j].rel[(unsigned int) flag_code] != 0)
3755 	    {
3756 	      int first, second;
3757 	      char *tmpbuf, *past_reloc;
3758 
3759 	      *reloc = gotrel[j].rel[(unsigned int) flag_code];
3760 	      if (adjust)
3761 		*adjust = len;
3762 
3763 	      if (GOT_symbol == NULL)
3764 		GOT_symbol = symbol_find_or_make (GLOBAL_OFFSET_TABLE_NAME);
3765 
3766 	      /* Replace the relocation token with ' ', so that
3767 		 errors like foo@GOTOFF1 will be detected.  */
3768 
3769 	      /* The length of the first part of our input line.  */
3770 	      first = cp - input_line_pointer;
3771 
3772 	      /* The second part goes from after the reloc token until
3773 		 (and including) an end_of_line char.  Don't use strlen
3774 		 here as the end_of_line char may not be a NUL.  */
3775 	      past_reloc = cp + 1 + len;
3776 	      for (cp = past_reloc; !is_end_of_line[(unsigned char) *cp++]; )
3777 		;
3778 	      second = cp - past_reloc;
3779 
3780 	      /* Allocate and copy string.  The trailing NUL shouldn't
3781 		 be necessary, but be safe.  */
3782 	      tmpbuf = xmalloc (first + second + 2);
3783 	      memcpy (tmpbuf, input_line_pointer, first);
3784 	      tmpbuf[first] = ' ';
3785 	      memcpy (tmpbuf + first + 1, past_reloc, second);
3786 	      tmpbuf[first + second + 1] = '\0';
3787 	      return tmpbuf;
3788 	    }
3789 
3790 	  as_bad (_("@%s reloc is not supported in %s bit mode"),
3791 		  gotrel[j].str, mode_name[(unsigned int) flag_code]);
3792 	  return NULL;
3793 	}
3794     }
3795 
3796   /* Might be a symbol version string.  Don't as_bad here.  */
3797   return NULL;
3798 }
3799 
3800 /* x86_cons_fix_new is called via the expression parsing code when a
3801    reloc is needed.  We use this hook to get the correct .got reloc.  */
3802 static enum bfd_reloc_code_real got_reloc = NO_RELOC;
3803 
3804 void
x86_cons_fix_new(frag,off,len,exp)3805 x86_cons_fix_new (frag, off, len, exp)
3806      fragS *frag;
3807      unsigned int off;
3808      unsigned int len;
3809      expressionS *exp;
3810 {
3811   enum bfd_reloc_code_real r = reloc (len, 0, 0, got_reloc);
3812   got_reloc = NO_RELOC;
3813   fix_new_exp (frag, off, len, exp, 0, r);
3814 }
3815 
3816 void
x86_cons(exp,size)3817 x86_cons (exp, size)
3818      expressionS *exp;
3819      int size;
3820 {
3821   if (size == 4 || (flag_code == CODE_64BIT && size == 8))
3822     {
3823       /* Handle @GOTOFF and the like in an expression.  */
3824       char *save;
3825       char *gotfree_input_line;
3826       int adjust;
3827 
3828       save = input_line_pointer;
3829       gotfree_input_line = lex_got (&got_reloc, &adjust);
3830       if (gotfree_input_line)
3831 	input_line_pointer = gotfree_input_line;
3832 
3833       expression (exp);
3834 
3835       if (gotfree_input_line)
3836 	{
3837 	  /* expression () has merrily parsed up to the end of line,
3838 	     or a comma - in the wrong buffer.  Transfer how far
3839 	     input_line_pointer has moved to the right buffer.  */
3840 	  input_line_pointer = (save
3841 				+ (input_line_pointer - gotfree_input_line)
3842 				+ adjust);
3843 	  free (gotfree_input_line);
3844 	}
3845     }
3846   else
3847     expression (exp);
3848 }
3849 #endif
3850 
3851 #ifdef TE_PE
3852 
3853 void
x86_pe_cons_fix_new(frag,off,len,exp)3854 x86_pe_cons_fix_new (frag, off, len, exp)
3855      fragS *frag;
3856      unsigned int off;
3857      unsigned int len;
3858      expressionS *exp;
3859 {
3860   enum bfd_reloc_code_real r = reloc (len, 0, 0, NO_RELOC);
3861 
3862   if (exp->X_op == O_secrel)
3863     {
3864       exp->X_op = O_symbol;
3865       r = BFD_RELOC_32_SECREL;
3866     }
3867 
3868   fix_new_exp (frag, off, len, exp, 0, r);
3869 }
3870 
3871 static void
pe_directive_secrel(dummy)3872 pe_directive_secrel (dummy)
3873      int dummy ATTRIBUTE_UNUSED;
3874 {
3875   expressionS exp;
3876 
3877   do
3878     {
3879       expression (&exp);
3880       if (exp.X_op == O_symbol)
3881 	exp.X_op = O_secrel;
3882 
3883       emit_expr (&exp, 4);
3884     }
3885   while (*input_line_pointer++ == ',');
3886 
3887   input_line_pointer--;
3888   demand_empty_rest_of_line ();
3889 }
3890 
3891 #endif
3892 
3893 static int i386_immediate PARAMS ((char *));
3894 
3895 static int
i386_immediate(imm_start)3896 i386_immediate (imm_start)
3897      char *imm_start;
3898 {
3899   char *save_input_line_pointer;
3900 #ifndef LEX_AT
3901   char *gotfree_input_line;
3902 #endif
3903   segT exp_seg = 0;
3904   expressionS *exp;
3905 
3906   if (i.imm_operands == MAX_IMMEDIATE_OPERANDS)
3907     {
3908       as_bad (_("only 1 or 2 immediate operands are allowed"));
3909       return 0;
3910     }
3911 
3912   exp = &im_expressions[i.imm_operands++];
3913   i.op[this_operand].imms = exp;
3914 
3915   if (is_space_char (*imm_start))
3916     ++imm_start;
3917 
3918   save_input_line_pointer = input_line_pointer;
3919   input_line_pointer = imm_start;
3920 
3921 #ifndef LEX_AT
3922   gotfree_input_line = lex_got (&i.reloc[this_operand], NULL);
3923   if (gotfree_input_line)
3924     input_line_pointer = gotfree_input_line;
3925 #endif
3926 
3927   exp_seg = expression (exp);
3928 
3929   SKIP_WHITESPACE ();
3930   if (*input_line_pointer)
3931     as_bad (_("junk `%s' after expression"), input_line_pointer);
3932 
3933   input_line_pointer = save_input_line_pointer;
3934 #ifndef LEX_AT
3935   if (gotfree_input_line)
3936     free (gotfree_input_line);
3937 #endif
3938 
3939   if (exp->X_op == O_absent || exp->X_op == O_big)
3940     {
3941       /* Missing or bad expr becomes absolute 0.  */
3942       as_bad (_("missing or invalid immediate expression `%s' taken as 0"),
3943 	      imm_start);
3944       exp->X_op = O_constant;
3945       exp->X_add_number = 0;
3946       exp->X_add_symbol = (symbolS *) 0;
3947       exp->X_op_symbol = (symbolS *) 0;
3948     }
3949   else if (exp->X_op == O_constant)
3950     {
3951       /* Size it properly later.  */
3952       i.types[this_operand] |= Imm64;
3953       /* If BFD64, sign extend val.  */
3954       if (!use_rela_relocations)
3955 	if ((exp->X_add_number & ~(((addressT) 2 << 31) - 1)) == 0)
3956 	  exp->X_add_number = (exp->X_add_number ^ ((addressT) 1 << 31)) - ((addressT) 1 << 31);
3957     }
3958 #if (defined (OBJ_AOUT) || defined (OBJ_MAYBE_AOUT))
3959   else if (OUTPUT_FLAVOR == bfd_target_aout_flavour
3960 	   && exp_seg != absolute_section
3961 	   && exp_seg != text_section
3962 	   && exp_seg != data_section
3963 	   && exp_seg != bss_section
3964 	   && exp_seg != undefined_section
3965 	   && !bfd_is_com_section (exp_seg))
3966     {
3967       as_bad (_("unimplemented segment %s in operand"), exp_seg->name);
3968       return 0;
3969     }
3970 #endif
3971   else
3972     {
3973       /* This is an address.  The size of the address will be
3974 	 determined later, depending on destination register,
3975 	 suffix, or the default for the section.  */
3976       i.types[this_operand] |= Imm8 | Imm16 | Imm32 | Imm32S | Imm64;
3977     }
3978 
3979   return 1;
3980 }
3981 
3982 static char *i386_scale PARAMS ((char *));
3983 
3984 static char *
i386_scale(scale)3985 i386_scale (scale)
3986      char *scale;
3987 {
3988   offsetT val;
3989   char *save = input_line_pointer;
3990 
3991   input_line_pointer = scale;
3992   val = get_absolute_expression ();
3993 
3994   switch (val)
3995     {
3996     case 1:
3997       i.log2_scale_factor = 0;
3998       break;
3999     case 2:
4000       i.log2_scale_factor = 1;
4001       break;
4002     case 4:
4003       i.log2_scale_factor = 2;
4004       break;
4005     case 8:
4006       i.log2_scale_factor = 3;
4007       break;
4008     default:
4009       {
4010 	char sep = *input_line_pointer;
4011 
4012 	*input_line_pointer = '\0';
4013 	as_bad (_("expecting scale factor of 1, 2, 4, or 8: got `%s'"),
4014 		scale);
4015 	*input_line_pointer = sep;
4016 	input_line_pointer = save;
4017 	return NULL;
4018       }
4019     }
4020   if (i.log2_scale_factor != 0 && i.index_reg == 0)
4021     {
4022       as_warn (_("scale factor of %d without an index register"),
4023 	       1 << i.log2_scale_factor);
4024 #if SCALE1_WHEN_NO_INDEX
4025       i.log2_scale_factor = 0;
4026 #endif
4027     }
4028   scale = input_line_pointer;
4029   input_line_pointer = save;
4030   return scale;
4031 }
4032 
4033 static int i386_displacement PARAMS ((char *, char *));
4034 
4035 static int
i386_displacement(disp_start,disp_end)4036 i386_displacement (disp_start, disp_end)
4037      char *disp_start;
4038      char *disp_end;
4039 {
4040   expressionS *exp;
4041   segT exp_seg = 0;
4042   char *save_input_line_pointer;
4043 #ifndef LEX_AT
4044   char *gotfree_input_line;
4045 #endif
4046   int bigdisp = Disp32;
4047 
4048   if (flag_code == CODE_64BIT)
4049     {
4050       if (i.prefix[ADDR_PREFIX] == 0)
4051 	bigdisp = Disp64;
4052     }
4053   else if ((flag_code == CODE_16BIT) ^ (i.prefix[ADDR_PREFIX] != 0))
4054     bigdisp = Disp16;
4055   i.types[this_operand] |= bigdisp;
4056 
4057   exp = &disp_expressions[i.disp_operands];
4058   i.op[this_operand].disps = exp;
4059   i.disp_operands++;
4060   save_input_line_pointer = input_line_pointer;
4061   input_line_pointer = disp_start;
4062   END_STRING_AND_SAVE (disp_end);
4063 
4064 #ifndef GCC_ASM_O_HACK
4065 #define GCC_ASM_O_HACK 0
4066 #endif
4067 #if GCC_ASM_O_HACK
4068   END_STRING_AND_SAVE (disp_end + 1);
4069   if ((i.types[this_operand] & BaseIndex) != 0
4070       && displacement_string_end[-1] == '+')
4071     {
4072       /* This hack is to avoid a warning when using the "o"
4073 	 constraint within gcc asm statements.
4074 	 For instance:
4075 
4076 	 #define _set_tssldt_desc(n,addr,limit,type) \
4077 	 __asm__ __volatile__ ( \
4078 	 "movw %w2,%0\n\t" \
4079 	 "movw %w1,2+%0\n\t" \
4080 	 "rorl $16,%1\n\t" \
4081 	 "movb %b1,4+%0\n\t" \
4082 	 "movb %4,5+%0\n\t" \
4083 	 "movb $0,6+%0\n\t" \
4084 	 "movb %h1,7+%0\n\t" \
4085 	 "rorl $16,%1" \
4086 	 : "=o"(*(n)) : "q" (addr), "ri"(limit), "i"(type))
4087 
4088 	 This works great except that the output assembler ends
4089 	 up looking a bit weird if it turns out that there is
4090 	 no offset.  You end up producing code that looks like:
4091 
4092 	 #APP
4093 	 movw $235,(%eax)
4094 	 movw %dx,2+(%eax)
4095 	 rorl $16,%edx
4096 	 movb %dl,4+(%eax)
4097 	 movb $137,5+(%eax)
4098 	 movb $0,6+(%eax)
4099 	 movb %dh,7+(%eax)
4100 	 rorl $16,%edx
4101 	 #NO_APP
4102 
4103 	 So here we provide the missing zero.  */
4104 
4105       *displacement_string_end = '0';
4106     }
4107 #endif
4108 #ifndef LEX_AT
4109   gotfree_input_line = lex_got (&i.reloc[this_operand], NULL);
4110   if (gotfree_input_line)
4111     input_line_pointer = gotfree_input_line;
4112 #endif
4113 
4114   exp_seg = expression (exp);
4115 
4116   SKIP_WHITESPACE ();
4117   if (*input_line_pointer)
4118     as_bad (_("junk `%s' after expression"), input_line_pointer);
4119 #if GCC_ASM_O_HACK
4120   RESTORE_END_STRING (disp_end + 1);
4121 #endif
4122   RESTORE_END_STRING (disp_end);
4123   input_line_pointer = save_input_line_pointer;
4124 #ifndef LEX_AT
4125   if (gotfree_input_line)
4126     free (gotfree_input_line);
4127 #endif
4128 
4129   /* We do this to make sure that the section symbol is in
4130      the symbol table.  We will ultimately change the relocation
4131      to be relative to the beginning of the section.  */
4132   if (i.reloc[this_operand] == BFD_RELOC_386_GOTOFF
4133       || i.reloc[this_operand] == BFD_RELOC_X86_64_GOTPCREL
4134       || i.reloc[this_operand] == BFD_RELOC_X86_64_GOTOFF64)
4135     {
4136       if (exp->X_op != O_symbol)
4137 	{
4138 	  as_bad (_("bad expression used with @%s"),
4139 		  (i.reloc[this_operand] == BFD_RELOC_X86_64_GOTPCREL
4140 		   ? "GOTPCREL"
4141 		   : "GOTOFF"));
4142 	  return 0;
4143 	}
4144 
4145       if (S_IS_LOCAL (exp->X_add_symbol)
4146 	  && S_GET_SEGMENT (exp->X_add_symbol) != undefined_section)
4147 	section_symbol (S_GET_SEGMENT (exp->X_add_symbol));
4148       exp->X_op = O_subtract;
4149       exp->X_op_symbol = GOT_symbol;
4150       if (i.reloc[this_operand] == BFD_RELOC_X86_64_GOTPCREL)
4151 	i.reloc[this_operand] = BFD_RELOC_32_PCREL;
4152       else if (i.reloc[this_operand] == BFD_RELOC_X86_64_GOTOFF64)
4153 	i.reloc[this_operand] = BFD_RELOC_64;
4154       else
4155 	i.reloc[this_operand] = BFD_RELOC_32;
4156     }
4157 
4158   if (exp->X_op == O_absent || exp->X_op == O_big)
4159     {
4160       /* Missing or bad expr becomes absolute 0.  */
4161       as_bad (_("missing or invalid displacement expression `%s' taken as 0"),
4162 	      disp_start);
4163       exp->X_op = O_constant;
4164       exp->X_add_number = 0;
4165       exp->X_add_symbol = (symbolS *) 0;
4166       exp->X_op_symbol = (symbolS *) 0;
4167     }
4168 
4169 #if (defined (OBJ_AOUT) || defined (OBJ_MAYBE_AOUT))
4170   if (exp->X_op != O_constant
4171       && OUTPUT_FLAVOR == bfd_target_aout_flavour
4172       && exp_seg != absolute_section
4173       && exp_seg != text_section
4174       && exp_seg != data_section
4175       && exp_seg != bss_section
4176       && exp_seg != undefined_section
4177       && !bfd_is_com_section (exp_seg))
4178     {
4179       as_bad (_("unimplemented segment %s in operand"), exp_seg->name);
4180       return 0;
4181     }
4182 #endif
4183   else if (flag_code == CODE_64BIT)
4184     i.types[this_operand] |= Disp32S | Disp32;
4185   return 1;
4186 }
4187 
4188 static int i386_index_check PARAMS ((const char *));
4189 
4190 /* Make sure the memory operand we've been dealt is valid.
4191    Return 1 on success, 0 on a failure.  */
4192 
4193 static int
i386_index_check(operand_string)4194 i386_index_check (operand_string)
4195      const char *operand_string;
4196 {
4197   int ok;
4198 #if INFER_ADDR_PREFIX
4199   int fudged = 0;
4200 
4201  tryprefix:
4202 #endif
4203   ok = 1;
4204   if ((current_templates->start->cpu_flags & CpuSVME)
4205       && current_templates->end[-1].operand_types[0] == AnyMem)
4206     {
4207       /* Memory operands of SVME insns are special in that they only allow
4208 	 rAX as their memory address and ignore any segment override.  */
4209       unsigned RegXX;
4210 
4211       /* SKINIT is even more restrictive: it always requires EAX.  */
4212       if (strcmp (current_templates->start->name, "skinit") == 0)
4213 	RegXX = Reg32;
4214       else if (flag_code == CODE_64BIT)
4215 	RegXX = i.prefix[ADDR_PREFIX] == 0 ? Reg64 : Reg32;
4216       else
4217 	RegXX = (flag_code == CODE_16BIT) ^ (i.prefix[ADDR_PREFIX] != 0)
4218 		? Reg16
4219 		: Reg32;
4220       if (!i.base_reg
4221 	  || !(i.base_reg->reg_type & Acc)
4222 	  || !(i.base_reg->reg_type & RegXX)
4223 	  || i.index_reg
4224 	  || (i.types[0] & Disp))
4225 	ok = 0;
4226     }
4227   else if (flag_code == CODE_64BIT)
4228      {
4229        unsigned RegXX = (i.prefix[ADDR_PREFIX] == 0 ? Reg64 : Reg32);
4230 
4231        if ((i.base_reg
4232 	    && ((i.base_reg->reg_type & RegXX) == 0)
4233 	    && (i.base_reg->reg_type != BaseIndex
4234 		|| i.index_reg))
4235 	   || (i.index_reg
4236 	       && ((i.index_reg->reg_type & (RegXX | BaseIndex))
4237 		   != (RegXX | BaseIndex))))
4238 	 ok = 0;
4239     }
4240   else
4241     {
4242       if ((flag_code == CODE_16BIT) ^ (i.prefix[ADDR_PREFIX] != 0))
4243 	{
4244 	  /* 16bit checks.  */
4245 	  if ((i.base_reg
4246 	       && ((i.base_reg->reg_type & (Reg16 | BaseIndex | RegRex))
4247 		   != (Reg16 | BaseIndex)))
4248 	      || (i.index_reg
4249 		  && (((i.index_reg->reg_type & (Reg16 | BaseIndex))
4250 		       != (Reg16 | BaseIndex))
4251 		      || !(i.base_reg
4252 			   && i.base_reg->reg_num < 6
4253 			   && i.index_reg->reg_num >= 6
4254 			   && i.log2_scale_factor == 0))))
4255 	    ok = 0;
4256 	}
4257       else
4258 	{
4259 	  /* 32bit checks.  */
4260 	  if ((i.base_reg
4261 	       && (i.base_reg->reg_type & (Reg32 | RegRex)) != Reg32)
4262 	      || (i.index_reg
4263 		  && ((i.index_reg->reg_type & (Reg32 | BaseIndex | RegRex))
4264 		      != (Reg32 | BaseIndex))))
4265 	    ok = 0;
4266 	}
4267     }
4268   if (!ok)
4269     {
4270 #if INFER_ADDR_PREFIX
4271       if (i.prefix[ADDR_PREFIX] == 0)
4272 	{
4273 	  i.prefix[ADDR_PREFIX] = ADDR_PREFIX_OPCODE;
4274 	  i.prefixes += 1;
4275 	  /* Change the size of any displacement too.  At most one of
4276 	     Disp16 or Disp32 is set.
4277 	     FIXME.  There doesn't seem to be any real need for separate
4278 	     Disp16 and Disp32 flags.  The same goes for Imm16 and Imm32.
4279 	     Removing them would probably clean up the code quite a lot.  */
4280 	  if (flag_code != CODE_64BIT && (i.types[this_operand] & (Disp16 | Disp32)))
4281 	     i.types[this_operand] ^= (Disp16 | Disp32);
4282 	  fudged = 1;
4283 	  goto tryprefix;
4284 	}
4285       if (fudged)
4286 	as_bad (_("`%s' is not a valid base/index expression"),
4287 		operand_string);
4288       else
4289 #endif
4290 	as_bad (_("`%s' is not a valid %s bit base/index expression"),
4291 		operand_string,
4292 		flag_code_names[flag_code]);
4293     }
4294   return ok;
4295 }
4296 
4297 /* Parse OPERAND_STRING into the i386_insn structure I.  Returns non-zero
4298    on error.  */
4299 
4300 static int
i386_operand(operand_string)4301 i386_operand (operand_string)
4302      char *operand_string;
4303 {
4304   const reg_entry *r;
4305   char *end_op;
4306   char *op_string = operand_string;
4307 
4308   if (is_space_char (*op_string))
4309     ++op_string;
4310 
4311   /* We check for an absolute prefix (differentiating,
4312      for example, 'jmp pc_relative_label' from 'jmp *absolute_label'.  */
4313   if (*op_string == ABSOLUTE_PREFIX)
4314     {
4315       ++op_string;
4316       if (is_space_char (*op_string))
4317 	++op_string;
4318       i.types[this_operand] |= JumpAbsolute;
4319     }
4320 
4321   /* Check if operand is a register.  */
4322   if ((*op_string == REGISTER_PREFIX || allow_naked_reg)
4323       && (r = parse_register (op_string, &end_op)) != NULL)
4324     {
4325       /* Check for a segment override by searching for ':' after a
4326 	 segment register.  */
4327       op_string = end_op;
4328       if (is_space_char (*op_string))
4329 	++op_string;
4330       if (*op_string == ':' && (r->reg_type & (SReg2 | SReg3)))
4331 	{
4332 	  switch (r->reg_num)
4333 	    {
4334 	    case 0:
4335 	      i.seg[i.mem_operands] = &es;
4336 	      break;
4337 	    case 1:
4338 	      i.seg[i.mem_operands] = &cs;
4339 	      break;
4340 	    case 2:
4341 	      i.seg[i.mem_operands] = &ss;
4342 	      break;
4343 	    case 3:
4344 	      i.seg[i.mem_operands] = &ds;
4345 	      break;
4346 	    case 4:
4347 	      i.seg[i.mem_operands] = &fs;
4348 	      break;
4349 	    case 5:
4350 	      i.seg[i.mem_operands] = &gs;
4351 	      break;
4352 	    }
4353 
4354 	  /* Skip the ':' and whitespace.  */
4355 	  ++op_string;
4356 	  if (is_space_char (*op_string))
4357 	    ++op_string;
4358 
4359 	  if (!is_digit_char (*op_string)
4360 	      && !is_identifier_char (*op_string)
4361 	      && *op_string != '('
4362 	      && *op_string != ABSOLUTE_PREFIX)
4363 	    {
4364 	      as_bad (_("bad memory operand `%s'"), op_string);
4365 	      return 0;
4366 	    }
4367 	  /* Handle case of %es:*foo.  */
4368 	  if (*op_string == ABSOLUTE_PREFIX)
4369 	    {
4370 	      ++op_string;
4371 	      if (is_space_char (*op_string))
4372 		++op_string;
4373 	      i.types[this_operand] |= JumpAbsolute;
4374 	    }
4375 	  goto do_memory_reference;
4376 	}
4377       if (*op_string)
4378 	{
4379 	  as_bad (_("junk `%s' after register"), op_string);
4380 	  return 0;
4381 	}
4382       i.types[this_operand] |= r->reg_type & ~BaseIndex;
4383       i.op[this_operand].regs = r;
4384       i.reg_operands++;
4385     }
4386   else if (*op_string == REGISTER_PREFIX)
4387     {
4388       as_bad (_("bad register name `%s'"), op_string);
4389       return 0;
4390     }
4391   else if (*op_string == IMMEDIATE_PREFIX)
4392     {
4393       ++op_string;
4394       if (i.types[this_operand] & JumpAbsolute)
4395 	{
4396 	  as_bad (_("immediate operand illegal with absolute jump"));
4397 	  return 0;
4398 	}
4399       if (!i386_immediate (op_string))
4400 	return 0;
4401     }
4402   else if (is_digit_char (*op_string)
4403 	   || is_identifier_char (*op_string)
4404 	   || *op_string == '(')
4405     {
4406       /* This is a memory reference of some sort.  */
4407       char *base_string;
4408 
4409       /* Start and end of displacement string expression (if found).  */
4410       char *displacement_string_start;
4411       char *displacement_string_end;
4412 
4413     do_memory_reference:
4414       if ((i.mem_operands == 1
4415 	   && (current_templates->start->opcode_modifier & IsString) == 0)
4416 	  || i.mem_operands == 2)
4417 	{
4418 	  as_bad (_("too many memory references for `%s'"),
4419 		  current_templates->start->name);
4420 	  return 0;
4421 	}
4422 
4423       /* Check for base index form.  We detect the base index form by
4424 	 looking for an ')' at the end of the operand, searching
4425 	 for the '(' matching it, and finding a REGISTER_PREFIX or ','
4426 	 after the '('.  */
4427       base_string = op_string + strlen (op_string);
4428 
4429       --base_string;
4430       if (is_space_char (*base_string))
4431 	--base_string;
4432 
4433       /* If we only have a displacement, set-up for it to be parsed later.  */
4434       displacement_string_start = op_string;
4435       displacement_string_end = base_string + 1;
4436 
4437       if (*base_string == ')')
4438 	{
4439 	  char *temp_string;
4440 	  unsigned int parens_balanced = 1;
4441 	  /* We've already checked that the number of left & right ()'s are
4442 	     equal, so this loop will not be infinite.  */
4443 	  do
4444 	    {
4445 	      base_string--;
4446 	      if (*base_string == ')')
4447 		parens_balanced++;
4448 	      if (*base_string == '(')
4449 		parens_balanced--;
4450 	    }
4451 	  while (parens_balanced);
4452 
4453 	  temp_string = base_string;
4454 
4455 	  /* Skip past '(' and whitespace.  */
4456 	  ++base_string;
4457 	  if (is_space_char (*base_string))
4458 	    ++base_string;
4459 
4460 	  if (*base_string == ','
4461 	      || ((*base_string == REGISTER_PREFIX || allow_naked_reg)
4462 		  && (i.base_reg = parse_register (base_string, &end_op)) != NULL))
4463 	    {
4464 	      displacement_string_end = temp_string;
4465 
4466 	      i.types[this_operand] |= BaseIndex;
4467 
4468 	      if (i.base_reg)
4469 		{
4470 		  base_string = end_op;
4471 		  if (is_space_char (*base_string))
4472 		    ++base_string;
4473 		}
4474 
4475 	      /* There may be an index reg or scale factor here.  */
4476 	      if (*base_string == ',')
4477 		{
4478 		  ++base_string;
4479 		  if (is_space_char (*base_string))
4480 		    ++base_string;
4481 
4482 		  if ((*base_string == REGISTER_PREFIX || allow_naked_reg)
4483 		      && (i.index_reg = parse_register (base_string, &end_op)) != NULL)
4484 		    {
4485 		      base_string = end_op;
4486 		      if (is_space_char (*base_string))
4487 			++base_string;
4488 		      if (*base_string == ',')
4489 			{
4490 			  ++base_string;
4491 			  if (is_space_char (*base_string))
4492 			    ++base_string;
4493 			}
4494 		      else if (*base_string != ')')
4495 			{
4496 			  as_bad (_("expecting `,' or `)' after index register in `%s'"),
4497 				  operand_string);
4498 			  return 0;
4499 			}
4500 		    }
4501 		  else if (*base_string == REGISTER_PREFIX)
4502 		    {
4503 		      as_bad (_("bad register name `%s'"), base_string);
4504 		      return 0;
4505 		    }
4506 
4507 		  /* Check for scale factor.  */
4508 		  if (*base_string != ')')
4509 		    {
4510 		      char *end_scale = i386_scale (base_string);
4511 
4512 		      if (!end_scale)
4513 			return 0;
4514 
4515 		      base_string = end_scale;
4516 		      if (is_space_char (*base_string))
4517 			++base_string;
4518 		      if (*base_string != ')')
4519 			{
4520 			  as_bad (_("expecting `)' after scale factor in `%s'"),
4521 				  operand_string);
4522 			  return 0;
4523 			}
4524 		    }
4525 		  else if (!i.index_reg)
4526 		    {
4527 		      as_bad (_("expecting index register or scale factor after `,'; got '%c'"),
4528 			      *base_string);
4529 		      return 0;
4530 		    }
4531 		}
4532 	      else if (*base_string != ')')
4533 		{
4534 		  as_bad (_("expecting `,' or `)' after base register in `%s'"),
4535 			  operand_string);
4536 		  return 0;
4537 		}
4538 	    }
4539 	  else if (*base_string == REGISTER_PREFIX)
4540 	    {
4541 	      as_bad (_("bad register name `%s'"), base_string);
4542 	      return 0;
4543 	    }
4544 	}
4545 
4546       /* If there's an expression beginning the operand, parse it,
4547 	 assuming displacement_string_start and
4548 	 displacement_string_end are meaningful.  */
4549       if (displacement_string_start != displacement_string_end)
4550 	{
4551 	  if (!i386_displacement (displacement_string_start,
4552 				  displacement_string_end))
4553 	    return 0;
4554 	}
4555 
4556       /* Special case for (%dx) while doing input/output op.  */
4557       if (i.base_reg
4558 	  && i.base_reg->reg_type == (Reg16 | InOutPortReg)
4559 	  && i.index_reg == 0
4560 	  && i.log2_scale_factor == 0
4561 	  && i.seg[i.mem_operands] == 0
4562 	  && (i.types[this_operand] & Disp) == 0)
4563 	{
4564 	  i.types[this_operand] = InOutPortReg;
4565 	  return 1;
4566 	}
4567 
4568       if (i386_index_check (operand_string) == 0)
4569 	return 0;
4570       i.mem_operands++;
4571     }
4572   else
4573     {
4574       /* It's not a memory operand; argh!  */
4575       as_bad (_("invalid char %s beginning operand %d `%s'"),
4576 	      output_invalid (*op_string),
4577 	      this_operand + 1,
4578 	      op_string);
4579       return 0;
4580     }
4581   return 1;			/* Normal return.  */
4582 }
4583 
4584 /* md_estimate_size_before_relax()
4585 
4586    Called just before relax() for rs_machine_dependent frags.  The x86
4587    assembler uses these frags to handle variable size jump
4588    instructions.
4589 
4590    Any symbol that is now undefined will not become defined.
4591    Return the correct fr_subtype in the frag.
4592    Return the initial "guess for variable size of frag" to caller.
4593    The guess is actually the growth beyond the fixed part.  Whatever
4594    we do to grow the fixed or variable part contributes to our
4595    returned value.  */
4596 
4597 int
md_estimate_size_before_relax(fragP,segment)4598 md_estimate_size_before_relax (fragP, segment)
4599      fragS *fragP;
4600      segT segment;
4601 {
4602   /* We've already got fragP->fr_subtype right;  all we have to do is
4603      check for un-relaxable symbols.  On an ELF system, we can't relax
4604      an externally visible symbol, because it may be overridden by a
4605      shared library.  */
4606   if (S_GET_SEGMENT (fragP->fr_symbol) != segment
4607 #if defined (OBJ_ELF) || defined (OBJ_MAYBE_ELF)
4608       || (OUTPUT_FLAVOR == bfd_target_elf_flavour
4609 	  && (S_IS_EXTERNAL (fragP->fr_symbol)
4610 	      || S_IS_WEAK (fragP->fr_symbol)))
4611 #endif
4612       )
4613     {
4614       /* Symbol is undefined in this segment, or we need to keep a
4615 	 reloc so that weak symbols can be overridden.  */
4616       int size = (fragP->fr_subtype & CODE16) ? 2 : 4;
4617       enum bfd_reloc_code_real reloc_type;
4618       unsigned char *opcode;
4619       int old_fr_fix;
4620 
4621       if (fragP->fr_var != NO_RELOC)
4622 	reloc_type = fragP->fr_var;
4623       else if (size == 2)
4624 	reloc_type = BFD_RELOC_16_PCREL;
4625       else
4626 	reloc_type = BFD_RELOC_32_PCREL;
4627 
4628       old_fr_fix = fragP->fr_fix;
4629       opcode = (unsigned char *) fragP->fr_opcode;
4630 
4631       switch (TYPE_FROM_RELAX_STATE (fragP->fr_subtype))
4632 	{
4633 	case UNCOND_JUMP:
4634 	  /* Make jmp (0xeb) a (d)word displacement jump.  */
4635 	  opcode[0] = 0xe9;
4636 	  fragP->fr_fix += size;
4637 	  fix_new (fragP, old_fr_fix, size,
4638 		   fragP->fr_symbol,
4639 		   fragP->fr_offset, 1,
4640 		   reloc_type);
4641 	  break;
4642 
4643 	case COND_JUMP86:
4644 	  if (size == 2
4645 	      && (!no_cond_jump_promotion || fragP->fr_var != NO_RELOC))
4646 	    {
4647 	      /* Negate the condition, and branch past an
4648 		 unconditional jump.  */
4649 	      opcode[0] ^= 1;
4650 	      opcode[1] = 3;
4651 	      /* Insert an unconditional jump.  */
4652 	      opcode[2] = 0xe9;
4653 	      /* We added two extra opcode bytes, and have a two byte
4654 		 offset.  */
4655 	      fragP->fr_fix += 2 + 2;
4656 	      fix_new (fragP, old_fr_fix + 2, 2,
4657 		       fragP->fr_symbol,
4658 		       fragP->fr_offset, 1,
4659 		       reloc_type);
4660 	      break;
4661 	    }
4662 	  /* Fall through.  */
4663 
4664 	case COND_JUMP:
4665 	  if (no_cond_jump_promotion && fragP->fr_var == NO_RELOC)
4666 	    {
4667 	      fixS *fixP;
4668 
4669 	      fragP->fr_fix += 1;
4670 	      fixP = fix_new (fragP, old_fr_fix, 1,
4671 			      fragP->fr_symbol,
4672 			      fragP->fr_offset, 1,
4673 			      BFD_RELOC_8_PCREL);
4674 	      fixP->fx_signed = 1;
4675 	      break;
4676 	    }
4677 
4678 	  /* This changes the byte-displacement jump 0x7N
4679 	     to the (d)word-displacement jump 0x0f,0x8N.  */
4680 	  opcode[1] = opcode[0] + 0x10;
4681 	  opcode[0] = TWO_BYTE_OPCODE_ESCAPE;
4682 	  /* We've added an opcode byte.  */
4683 	  fragP->fr_fix += 1 + size;
4684 	  fix_new (fragP, old_fr_fix + 1, size,
4685 		   fragP->fr_symbol,
4686 		   fragP->fr_offset, 1,
4687 		   reloc_type);
4688 	  break;
4689 
4690 	default:
4691 	  BAD_CASE (fragP->fr_subtype);
4692 	  break;
4693 	}
4694       frag_wane (fragP);
4695       return fragP->fr_fix - old_fr_fix;
4696     }
4697 
4698   /* Guess size depending on current relax state.  Initially the relax
4699      state will correspond to a short jump and we return 1, because
4700      the variable part of the frag (the branch offset) is one byte
4701      long.  However, we can relax a section more than once and in that
4702      case we must either set fr_subtype back to the unrelaxed state,
4703      or return the value for the appropriate branch.  */
4704   return md_relax_table[fragP->fr_subtype].rlx_length;
4705 }
4706 
4707 /* Called after relax() is finished.
4708 
4709    In:	Address of frag.
4710 	fr_type == rs_machine_dependent.
4711 	fr_subtype is what the address relaxed to.
4712 
4713    Out:	Any fixSs and constants are set up.
4714 	Caller will turn frag into a ".space 0".  */
4715 
4716 void
md_convert_frag(abfd,sec,fragP)4717 md_convert_frag (abfd, sec, fragP)
4718      bfd *abfd ATTRIBUTE_UNUSED;
4719      segT sec ATTRIBUTE_UNUSED;
4720      fragS *fragP;
4721 {
4722   unsigned char *opcode;
4723   unsigned char *where_to_put_displacement = NULL;
4724   offsetT target_address;
4725   offsetT opcode_address;
4726   unsigned int extension = 0;
4727   offsetT displacement_from_opcode_start;
4728 
4729   opcode = (unsigned char *) fragP->fr_opcode;
4730 
4731   /* Address we want to reach in file space.  */
4732   target_address = S_GET_VALUE (fragP->fr_symbol) + fragP->fr_offset;
4733 
4734   /* Address opcode resides at in file space.  */
4735   opcode_address = fragP->fr_address + fragP->fr_fix;
4736 
4737   /* Displacement from opcode start to fill into instruction.  */
4738   displacement_from_opcode_start = target_address - opcode_address;
4739 
4740   if ((fragP->fr_subtype & BIG) == 0)
4741     {
4742       /* Don't have to change opcode.  */
4743       extension = 1;		/* 1 opcode + 1 displacement  */
4744       where_to_put_displacement = &opcode[1];
4745     }
4746   else
4747     {
4748       if (no_cond_jump_promotion
4749 	  && TYPE_FROM_RELAX_STATE (fragP->fr_subtype) != UNCOND_JUMP)
4750 	as_warn_where (fragP->fr_file, fragP->fr_line, _("long jump required"));
4751 
4752       switch (fragP->fr_subtype)
4753 	{
4754 	case ENCODE_RELAX_STATE (UNCOND_JUMP, BIG):
4755 	  extension = 4;		/* 1 opcode + 4 displacement  */
4756 	  opcode[0] = 0xe9;
4757 	  where_to_put_displacement = &opcode[1];
4758 	  break;
4759 
4760 	case ENCODE_RELAX_STATE (UNCOND_JUMP, BIG16):
4761 	  extension = 2;		/* 1 opcode + 2 displacement  */
4762 	  opcode[0] = 0xe9;
4763 	  where_to_put_displacement = &opcode[1];
4764 	  break;
4765 
4766 	case ENCODE_RELAX_STATE (COND_JUMP, BIG):
4767 	case ENCODE_RELAX_STATE (COND_JUMP86, BIG):
4768 	  extension = 5;		/* 2 opcode + 4 displacement  */
4769 	  opcode[1] = opcode[0] + 0x10;
4770 	  opcode[0] = TWO_BYTE_OPCODE_ESCAPE;
4771 	  where_to_put_displacement = &opcode[2];
4772 	  break;
4773 
4774 	case ENCODE_RELAX_STATE (COND_JUMP, BIG16):
4775 	  extension = 3;		/* 2 opcode + 2 displacement  */
4776 	  opcode[1] = opcode[0] + 0x10;
4777 	  opcode[0] = TWO_BYTE_OPCODE_ESCAPE;
4778 	  where_to_put_displacement = &opcode[2];
4779 	  break;
4780 
4781 	case ENCODE_RELAX_STATE (COND_JUMP86, BIG16):
4782 	  extension = 4;
4783 	  opcode[0] ^= 1;
4784 	  opcode[1] = 3;
4785 	  opcode[2] = 0xe9;
4786 	  where_to_put_displacement = &opcode[3];
4787 	  break;
4788 
4789 	default:
4790 	  BAD_CASE (fragP->fr_subtype);
4791 	  break;
4792 	}
4793     }
4794 
4795   /* Now put displacement after opcode.  */
4796   md_number_to_chars ((char *) where_to_put_displacement,
4797 		      (valueT) (displacement_from_opcode_start - extension),
4798 		      DISP_SIZE_FROM_RELAX_STATE (fragP->fr_subtype));
4799   fragP->fr_fix += extension;
4800 }
4801 
4802 /* Size of byte displacement jmp.  */
4803 int md_short_jump_size = 2;
4804 
4805 /* Size of dword displacement jmp.  */
4806 int md_long_jump_size = 5;
4807 
4808 /* Size of relocation record.  */
4809 const int md_reloc_size = 8;
4810 
4811 void
md_create_short_jump(ptr,from_addr,to_addr,frag,to_symbol)4812 md_create_short_jump (ptr, from_addr, to_addr, frag, to_symbol)
4813      char *ptr;
4814      addressT from_addr, to_addr;
4815      fragS *frag ATTRIBUTE_UNUSED;
4816      symbolS *to_symbol ATTRIBUTE_UNUSED;
4817 {
4818   offsetT offset;
4819 
4820   offset = to_addr - (from_addr + 2);
4821   /* Opcode for byte-disp jump.  */
4822   md_number_to_chars (ptr, (valueT) 0xeb, 1);
4823   md_number_to_chars (ptr + 1, (valueT) offset, 1);
4824 }
4825 
4826 void
md_create_long_jump(ptr,from_addr,to_addr,frag,to_symbol)4827 md_create_long_jump (ptr, from_addr, to_addr, frag, to_symbol)
4828      char *ptr;
4829      addressT from_addr, to_addr;
4830      fragS *frag ATTRIBUTE_UNUSED;
4831      symbolS *to_symbol ATTRIBUTE_UNUSED;
4832 {
4833   offsetT offset;
4834 
4835   offset = to_addr - (from_addr + 5);
4836   md_number_to_chars (ptr, (valueT) 0xe9, 1);
4837   md_number_to_chars (ptr + 1, (valueT) offset, 4);
4838 }
4839 
4840 /* Apply a fixup (fixS) to segment data, once it has been determined
4841    by our caller that we have all the info we need to fix it up.
4842 
4843    On the 386, immediates, displacements, and data pointers are all in
4844    the same (little-endian) format, so we don't need to care about which
4845    we are handling.  */
4846 
4847 void
md_apply_fix(fixP,valP,seg)4848 md_apply_fix (fixP, valP, seg)
4849      /* The fix we're to put in.  */
4850      fixS *fixP;
4851      /* Pointer to the value of the bits.  */
4852      valueT *valP;
4853      /* Segment fix is from.  */
4854      segT seg ATTRIBUTE_UNUSED;
4855 {
4856   char *p = fixP->fx_where + fixP->fx_frag->fr_literal;
4857   valueT value = *valP;
4858 
4859 #if !defined (TE_Mach)
4860   if (fixP->fx_pcrel)
4861     {
4862       switch (fixP->fx_r_type)
4863 	{
4864 	default:
4865 	  break;
4866 
4867 	case BFD_RELOC_64:
4868 	  fixP->fx_r_type = BFD_RELOC_64_PCREL;
4869 	  break;
4870 	case BFD_RELOC_32:
4871 	case BFD_RELOC_X86_64_32S:
4872 	  fixP->fx_r_type = BFD_RELOC_32_PCREL;
4873 	  break;
4874 	case BFD_RELOC_16:
4875 	  fixP->fx_r_type = BFD_RELOC_16_PCREL;
4876 	  break;
4877 	case BFD_RELOC_8:
4878 	  fixP->fx_r_type = BFD_RELOC_8_PCREL;
4879 	  break;
4880 	}
4881     }
4882 
4883   if (fixP->fx_addsy != NULL
4884       && (fixP->fx_r_type == BFD_RELOC_32_PCREL
4885 	  || fixP->fx_r_type == BFD_RELOC_64_PCREL
4886 	  || fixP->fx_r_type == BFD_RELOC_16_PCREL
4887 	  || fixP->fx_r_type == BFD_RELOC_8_PCREL)
4888       && !use_rela_relocations)
4889     {
4890       /* This is a hack.  There should be a better way to handle this.
4891 	 This covers for the fact that bfd_install_relocation will
4892 	 subtract the current location (for partial_inplace, PC relative
4893 	 relocations); see more below.  */
4894 #ifndef OBJ_AOUT
4895       if (OUTPUT_FLAVOR == bfd_target_elf_flavour
4896 #ifdef TE_PE
4897 	  || OUTPUT_FLAVOR == bfd_target_coff_flavour
4898 #endif
4899 	  )
4900 	value += fixP->fx_where + fixP->fx_frag->fr_address;
4901 #endif
4902 #if defined (OBJ_ELF) || defined (OBJ_MAYBE_ELF)
4903       if (OUTPUT_FLAVOR == bfd_target_elf_flavour)
4904 	{
4905 	  segT sym_seg = S_GET_SEGMENT (fixP->fx_addsy);
4906 
4907 	  if ((sym_seg == seg
4908 	       || (symbol_section_p (fixP->fx_addsy)
4909 		   && sym_seg != absolute_section))
4910 	      && !generic_force_reloc (fixP))
4911 	    {
4912 	      /* Yes, we add the values in twice.  This is because
4913 		 bfd_install_relocation subtracts them out again.  I think
4914 		 bfd_install_relocation is broken, but I don't dare change
4915 		 it.  FIXME.  */
4916 	      value += fixP->fx_where + fixP->fx_frag->fr_address;
4917 	    }
4918 	}
4919 #endif
4920 #if defined (OBJ_COFF) && defined (TE_PE)
4921       /* For some reason, the PE format does not store a
4922 	 section address offset for a PC relative symbol.  */
4923       if (S_GET_SEGMENT (fixP->fx_addsy) != seg
4924 #if defined(BFD_ASSEMBLER) || defined(S_IS_WEAK)
4925 	  || S_IS_WEAK (fixP->fx_addsy)
4926 #endif
4927 	  )
4928 	value += md_pcrel_from (fixP);
4929 #endif
4930     }
4931 
4932   /* Fix a few things - the dynamic linker expects certain values here,
4933      and we must not disappoint it.  */
4934 #if defined (OBJ_ELF) || defined (OBJ_MAYBE_ELF)
4935   if (OUTPUT_FLAVOR == bfd_target_elf_flavour
4936       && fixP->fx_addsy)
4937     switch (fixP->fx_r_type)
4938       {
4939       case BFD_RELOC_386_PLT32:
4940       case BFD_RELOC_X86_64_PLT32:
4941 	/* Make the jump instruction point to the address of the operand.  At
4942 	   runtime we merely add the offset to the actual PLT entry.  */
4943 	value = -4;
4944 	break;
4945 
4946       case BFD_RELOC_386_TLS_GD:
4947       case BFD_RELOC_386_TLS_LDM:
4948       case BFD_RELOC_386_TLS_IE_32:
4949       case BFD_RELOC_386_TLS_IE:
4950       case BFD_RELOC_386_TLS_GOTIE:
4951       case BFD_RELOC_X86_64_TLSGD:
4952       case BFD_RELOC_X86_64_TLSLD:
4953       case BFD_RELOC_X86_64_GOTTPOFF:
4954 	value = 0; /* Fully resolved at runtime.  No addend.  */
4955 	/* Fallthrough */
4956       case BFD_RELOC_386_TLS_LE:
4957       case BFD_RELOC_386_TLS_LDO_32:
4958       case BFD_RELOC_386_TLS_LE_32:
4959       case BFD_RELOC_X86_64_DTPOFF32:
4960       case BFD_RELOC_X86_64_DTPOFF64:
4961       case BFD_RELOC_X86_64_TPOFF32:
4962       case BFD_RELOC_X86_64_TPOFF64:
4963 	S_SET_THREAD_LOCAL (fixP->fx_addsy);
4964 	break;
4965 
4966       case BFD_RELOC_386_GOT32:
4967       case BFD_RELOC_X86_64_GOT32:
4968 	value = 0; /* Fully resolved at runtime.  No addend.  */
4969 	break;
4970 
4971       case BFD_RELOC_VTABLE_INHERIT:
4972       case BFD_RELOC_VTABLE_ENTRY:
4973 	fixP->fx_done = 0;
4974 	return;
4975 
4976       default:
4977 	break;
4978       }
4979 #endif /* defined (OBJ_ELF) || defined (OBJ_MAYBE_ELF)  */
4980   *valP = value;
4981 #endif /* !defined (TE_Mach)  */
4982 
4983   /* Are we finished with this relocation now?  */
4984   if (fixP->fx_addsy == NULL)
4985     fixP->fx_done = 1;
4986   else if (use_rela_relocations)
4987     {
4988       fixP->fx_no_overflow = 1;
4989       /* Remember value for tc_gen_reloc.  */
4990       fixP->fx_addnumber = value;
4991       value = 0;
4992     }
4993 
4994   md_number_to_chars (p, value, fixP->fx_size);
4995 }
4996 
4997 #define MAX_LITTLENUMS 6
4998 
4999 /* Turn the string pointed to by litP into a floating point constant
5000    of type TYPE, and emit the appropriate bytes.  The number of
5001    LITTLENUMS emitted is stored in *SIZEP.  An error message is
5002    returned, or NULL on OK.  */
5003 
5004 char *
md_atof(type,litP,sizeP)5005 md_atof (type, litP, sizeP)
5006      int type;
5007      char *litP;
5008      int *sizeP;
5009 {
5010   int prec;
5011   LITTLENUM_TYPE words[MAX_LITTLENUMS];
5012   LITTLENUM_TYPE *wordP;
5013   char *t;
5014 
5015   switch (type)
5016     {
5017     case 'f':
5018     case 'F':
5019       prec = 2;
5020       break;
5021 
5022     case 'd':
5023     case 'D':
5024       prec = 4;
5025       break;
5026 
5027     case 'x':
5028     case 'X':
5029       prec = 5;
5030       break;
5031 
5032     default:
5033       *sizeP = 0;
5034       return _("Bad call to md_atof ()");
5035     }
5036   t = atof_ieee (input_line_pointer, type, words);
5037   if (t)
5038     input_line_pointer = t;
5039 
5040   *sizeP = prec * sizeof (LITTLENUM_TYPE);
5041   /* This loops outputs the LITTLENUMs in REVERSE order; in accord with
5042      the bigendian 386.  */
5043   for (wordP = words + prec - 1; prec--;)
5044     {
5045       md_number_to_chars (litP, (valueT) (*wordP--), sizeof (LITTLENUM_TYPE));
5046       litP += sizeof (LITTLENUM_TYPE);
5047     }
5048   return 0;
5049 }
5050 
5051 static char output_invalid_buf[8];
5052 
5053 static char *
output_invalid(c)5054 output_invalid (c)
5055      int c;
5056 {
5057   if (ISPRINT (c))
5058     sprintf (output_invalid_buf, "'%c'", c);
5059   else
5060     sprintf (output_invalid_buf, "(0x%x)", (unsigned) c);
5061   return output_invalid_buf;
5062 }
5063 
5064 /* REG_STRING starts *before* REGISTER_PREFIX.  */
5065 
5066 static const reg_entry *
parse_register(reg_string,end_op)5067 parse_register (reg_string, end_op)
5068      char *reg_string;
5069      char **end_op;
5070 {
5071   char *s = reg_string;
5072   char *p;
5073   char reg_name_given[MAX_REG_NAME_SIZE + 1];
5074   const reg_entry *r;
5075 
5076   /* Skip possible REGISTER_PREFIX and possible whitespace.  */
5077   if (*s == REGISTER_PREFIX)
5078     ++s;
5079 
5080   if (is_space_char (*s))
5081     ++s;
5082 
5083   p = reg_name_given;
5084   while ((*p++ = register_chars[(unsigned char) *s]) != '\0')
5085     {
5086       if (p >= reg_name_given + MAX_REG_NAME_SIZE)
5087 	return (const reg_entry *) NULL;
5088       s++;
5089     }
5090 
5091   /* For naked regs, make sure that we are not dealing with an identifier.
5092      This prevents confusing an identifier like `eax_var' with register
5093      `eax'.  */
5094   if (allow_naked_reg && identifier_chars[(unsigned char) *s])
5095     return (const reg_entry *) NULL;
5096 
5097   *end_op = s;
5098 
5099   r = (const reg_entry *) hash_find (reg_hash, reg_name_given);
5100 
5101   /* Handle floating point regs, allowing spaces in the (i) part.  */
5102   if (r == i386_regtab /* %st is first entry of table  */)
5103     {
5104       if (is_space_char (*s))
5105 	++s;
5106       if (*s == '(')
5107 	{
5108 	  ++s;
5109 	  if (is_space_char (*s))
5110 	    ++s;
5111 	  if (*s >= '0' && *s <= '7')
5112 	    {
5113 	      r = &i386_float_regtab[*s - '0'];
5114 	      ++s;
5115 	      if (is_space_char (*s))
5116 		++s;
5117 	      if (*s == ')')
5118 		{
5119 		  *end_op = s + 1;
5120 		  return r;
5121 		}
5122 	    }
5123 	  /* We have "%st(" then garbage.  */
5124 	  return (const reg_entry *) NULL;
5125 	}
5126     }
5127 
5128   if (r != NULL
5129       && ((r->reg_flags & (RegRex64 | RegRex)) | (r->reg_type & Reg64)) != 0
5130       && (r->reg_type != Control || !(cpu_arch_flags & CpuSledgehammer))
5131       && flag_code != CODE_64BIT)
5132     return (const reg_entry *) NULL;
5133 
5134   return r;
5135 }
5136 
5137 #if defined (OBJ_ELF) || defined (OBJ_MAYBE_ELF)
5138 const char *md_shortopts = "kVQ:sqn";
5139 #else
5140 const char *md_shortopts = "qn";
5141 #endif
5142 
5143 struct option md_longopts[] = {
5144 #define OPTION_32 (OPTION_MD_BASE + 0)
5145   {"32", no_argument, NULL, OPTION_32},
5146 #if defined (OBJ_ELF) || defined (OBJ_MAYBE_ELF)
5147 #define OPTION_64 (OPTION_MD_BASE + 1)
5148   {"64", no_argument, NULL, OPTION_64},
5149 #endif
5150   {NULL, no_argument, NULL, 0}
5151 };
5152 size_t md_longopts_size = sizeof (md_longopts);
5153 
5154 int
md_parse_option(c,arg)5155 md_parse_option (c, arg)
5156      int c;
5157      char *arg ATTRIBUTE_UNUSED;
5158 {
5159   switch (c)
5160     {
5161     case 'n':
5162       optimize_align_code = 0;
5163       break;
5164 
5165     case 'q':
5166       quiet_warnings = 1;
5167       break;
5168 
5169 #if defined (OBJ_ELF) || defined (OBJ_MAYBE_ELF)
5170       /* -Qy, -Qn: SVR4 arguments controlling whether a .comment section
5171 	 should be emitted or not.  FIXME: Not implemented.  */
5172     case 'Q':
5173       break;
5174 
5175       /* -V: SVR4 argument to print version ID.  */
5176     case 'V':
5177       print_version_id ();
5178       break;
5179 
5180       /* -k: Ignore for FreeBSD compatibility.  */
5181     case 'k':
5182       break;
5183 
5184     case 's':
5185       /* -s: On i386 Solaris, this tells the native assembler to use
5186 	 .stab instead of .stab.excl.  We always use .stab anyhow.  */
5187       break;
5188 
5189     case OPTION_64:
5190       {
5191 	const char **list, **l;
5192 
5193 	list = bfd_target_list ();
5194 	for (l = list; *l != NULL; l++)
5195 	  if (strcmp (*l, "elf64-x86-64") == 0)
5196 	    {
5197 	      default_arch = "x86_64";
5198 	      break;
5199 	    }
5200 	if (*l == NULL)
5201 	  as_fatal (_("No compiled in support for x86_64"));
5202 	free (list);
5203       }
5204       break;
5205 #endif
5206 
5207     case OPTION_32:
5208       default_arch = "i386";
5209       break;
5210 
5211     default:
5212       return 0;
5213     }
5214   return 1;
5215 }
5216 
5217 void
md_show_usage(stream)5218 md_show_usage (stream)
5219      FILE *stream;
5220 {
5221 #if defined (OBJ_ELF) || defined (OBJ_MAYBE_ELF)
5222   fprintf (stream, _("\
5223   -Q                      ignored\n\
5224   -V                      print assembler version number\n\
5225   -k                      ignored\n\
5226   -n                      Do not optimize code alignment\n\
5227   -q                      quieten some warnings\n\
5228   -s                      ignored\n"));
5229 #else
5230   fprintf (stream, _("\
5231   -n                      Do not optimize code alignment\n\
5232   -q                      quieten some warnings\n"));
5233 #endif
5234 }
5235 
5236 #if ((defined (OBJ_MAYBE_COFF) && defined (OBJ_MAYBE_AOUT)) \
5237      || defined (OBJ_ELF) || defined (OBJ_MAYBE_ELF))
5238 
5239 /* Pick the target format to use.  */
5240 
5241 const char *
i386_target_format()5242 i386_target_format ()
5243 {
5244   if (!strcmp (default_arch, "x86_64"))
5245     set_code_flag (CODE_64BIT);
5246   else if (!strcmp (default_arch, "i386"))
5247     set_code_flag (CODE_32BIT);
5248   else
5249     as_fatal (_("Unknown architecture"));
5250   switch (OUTPUT_FLAVOR)
5251     {
5252 #ifdef OBJ_MAYBE_AOUT
5253     case bfd_target_aout_flavour:
5254       return AOUT_TARGET_FORMAT;
5255 #endif
5256 #ifdef OBJ_MAYBE_COFF
5257     case bfd_target_coff_flavour:
5258       return "coff-i386";
5259 #endif
5260 #if defined (OBJ_MAYBE_ELF) || defined (OBJ_ELF)
5261     case bfd_target_elf_flavour:
5262       {
5263 	if (flag_code == CODE_64BIT)
5264 	  use_rela_relocations = 1;
5265 	return flag_code == CODE_64BIT ? "elf64-x86-64" : ELF_TARGET_FORMAT;
5266       }
5267 #endif
5268     default:
5269       abort ();
5270       return NULL;
5271     }
5272 }
5273 
5274 #endif /* OBJ_MAYBE_ more than one  */
5275 
5276 #if (defined (OBJ_ELF) || defined (OBJ_MAYBE_ELF))
i386_elf_emit_arch_note()5277 void i386_elf_emit_arch_note ()
5278 {
5279   if (OUTPUT_FLAVOR == bfd_target_elf_flavour
5280       && cpu_arch_name != NULL)
5281     {
5282       char *p;
5283       asection *seg = now_seg;
5284       subsegT subseg = now_subseg;
5285       Elf_Internal_Note i_note;
5286       Elf_External_Note e_note;
5287       asection *note_secp;
5288       int len;
5289 
5290       /* Create the .note section.  */
5291       note_secp = subseg_new (".note", 0);
5292       bfd_set_section_flags (stdoutput,
5293 			     note_secp,
5294 			     SEC_HAS_CONTENTS | SEC_READONLY);
5295 
5296       /* Process the arch string.  */
5297       len = strlen (cpu_arch_name);
5298 
5299       i_note.namesz = len + 1;
5300       i_note.descsz = 0;
5301       i_note.type = NT_ARCH;
5302       p = frag_more (sizeof (e_note.namesz));
5303       md_number_to_chars (p, (valueT) i_note.namesz, sizeof (e_note.namesz));
5304       p = frag_more (sizeof (e_note.descsz));
5305       md_number_to_chars (p, (valueT) i_note.descsz, sizeof (e_note.descsz));
5306       p = frag_more (sizeof (e_note.type));
5307       md_number_to_chars (p, (valueT) i_note.type, sizeof (e_note.type));
5308       p = frag_more (len + 1);
5309       strcpy (p, cpu_arch_name);
5310 
5311       frag_align (2, 0, 0);
5312 
5313       subseg_set (seg, subseg);
5314     }
5315 }
5316 #endif
5317 
5318 symbolS *
md_undefined_symbol(name)5319 md_undefined_symbol (name)
5320      char *name;
5321 {
5322   if (name[0] == GLOBAL_OFFSET_TABLE_NAME[0]
5323       && name[1] == GLOBAL_OFFSET_TABLE_NAME[1]
5324       && name[2] == GLOBAL_OFFSET_TABLE_NAME[2]
5325       && strcmp (name, GLOBAL_OFFSET_TABLE_NAME) == 0)
5326     {
5327       if (!GOT_symbol)
5328 	{
5329 	  if (symbol_find (name))
5330 	    as_bad (_("GOT already in symbol table"));
5331 	  GOT_symbol = symbol_new (name, undefined_section,
5332 				   (valueT) 0, &zero_address_frag);
5333 	};
5334       return GOT_symbol;
5335     }
5336   return 0;
5337 }
5338 
5339 /* Round up a section size to the appropriate boundary.  */
5340 
5341 valueT
md_section_align(segment,size)5342 md_section_align (segment, size)
5343      segT segment ATTRIBUTE_UNUSED;
5344      valueT size;
5345 {
5346 #if (defined (OBJ_AOUT) || defined (OBJ_MAYBE_AOUT))
5347   if (OUTPUT_FLAVOR == bfd_target_aout_flavour)
5348     {
5349       /* For a.out, force the section size to be aligned.  If we don't do
5350 	 this, BFD will align it for us, but it will not write out the
5351 	 final bytes of the section.  This may be a bug in BFD, but it is
5352 	 easier to fix it here since that is how the other a.out targets
5353 	 work.  */
5354       int align;
5355 
5356       align = bfd_get_section_alignment (stdoutput, segment);
5357       size = ((size + (1 << align) - 1) & ((valueT) -1 << align));
5358     }
5359 #endif
5360 
5361   return size;
5362 }
5363 
5364 /* On the i386, PC-relative offsets are relative to the start of the
5365    next instruction.  That is, the address of the offset, plus its
5366    size, since the offset is always the last part of the insn.  */
5367 
5368 long
md_pcrel_from(fixP)5369 md_pcrel_from (fixP)
5370      fixS *fixP;
5371 {
5372   return fixP->fx_size + fixP->fx_where + fixP->fx_frag->fr_address;
5373 }
5374 
5375 #ifndef I386COFF
5376 
5377 static void
s_bss(ignore)5378 s_bss (ignore)
5379      int ignore ATTRIBUTE_UNUSED;
5380 {
5381   int temp;
5382 
5383 #if defined (OBJ_ELF) || defined (OBJ_MAYBE_ELF)
5384   if (IS_ELF)
5385     obj_elf_section_change_hook ();
5386 #endif
5387   temp = get_absolute_expression ();
5388   subseg_set (bss_section, (subsegT) temp);
5389   demand_empty_rest_of_line ();
5390 }
5391 
5392 #endif
5393 
5394 void
i386_validate_fix(fixp)5395 i386_validate_fix (fixp)
5396      fixS *fixp;
5397 {
5398   if (fixp->fx_subsy && fixp->fx_subsy == GOT_symbol)
5399     {
5400       if (fixp->fx_r_type == BFD_RELOC_32_PCREL)
5401 	{
5402 	  if (flag_code != CODE_64BIT)
5403 	    abort ();
5404 	  fixp->fx_r_type = BFD_RELOC_X86_64_GOTPCREL;
5405 	}
5406       else
5407 	{
5408 	  if (flag_code != CODE_64BIT)
5409 	    fixp->fx_r_type = BFD_RELOC_386_GOTOFF;
5410 	  else
5411 	    fixp->fx_r_type = BFD_RELOC_X86_64_GOTOFF64;
5412 	}
5413       fixp->fx_subsy = 0;
5414     }
5415 }
5416 
5417 arelent *
tc_gen_reloc(section,fixp)5418 tc_gen_reloc (section, fixp)
5419      asection *section ATTRIBUTE_UNUSED;
5420      fixS *fixp;
5421 {
5422   arelent *rel;
5423   bfd_reloc_code_real_type code;
5424 
5425   switch (fixp->fx_r_type)
5426     {
5427     case BFD_RELOC_X86_64_PLT32:
5428     case BFD_RELOC_X86_64_GOT32:
5429     case BFD_RELOC_X86_64_GOTPCREL:
5430     case BFD_RELOC_386_PLT32:
5431     case BFD_RELOC_386_GOT32:
5432     case BFD_RELOC_386_GOTOFF:
5433     case BFD_RELOC_386_GOTPC:
5434     case BFD_RELOC_386_TLS_GD:
5435     case BFD_RELOC_386_TLS_LDM:
5436     case BFD_RELOC_386_TLS_LDO_32:
5437     case BFD_RELOC_386_TLS_IE_32:
5438     case BFD_RELOC_386_TLS_IE:
5439     case BFD_RELOC_386_TLS_GOTIE:
5440     case BFD_RELOC_386_TLS_LE_32:
5441     case BFD_RELOC_386_TLS_LE:
5442     case BFD_RELOC_X86_64_TLSGD:
5443     case BFD_RELOC_X86_64_TLSLD:
5444     case BFD_RELOC_X86_64_DTPOFF32:
5445     case BFD_RELOC_X86_64_DTPOFF64:
5446     case BFD_RELOC_X86_64_GOTTPOFF:
5447     case BFD_RELOC_X86_64_TPOFF32:
5448     case BFD_RELOC_X86_64_TPOFF64:
5449     case BFD_RELOC_X86_64_GOTOFF64:
5450     case BFD_RELOC_X86_64_GOTPC32:
5451     case BFD_RELOC_RVA:
5452     case BFD_RELOC_VTABLE_ENTRY:
5453     case BFD_RELOC_VTABLE_INHERIT:
5454 #ifdef TE_PE
5455     case BFD_RELOC_32_SECREL:
5456 #endif
5457       code = fixp->fx_r_type;
5458       break;
5459     case BFD_RELOC_X86_64_32S:
5460       if (!fixp->fx_pcrel)
5461 	{
5462 	  /* Don't turn BFD_RELOC_X86_64_32S into BFD_RELOC_32.  */
5463 	  code = fixp->fx_r_type;
5464 	  break;
5465 	}
5466     default:
5467       if (fixp->fx_pcrel)
5468 	{
5469 	  switch (fixp->fx_size)
5470 	    {
5471 	    default:
5472 	      as_bad_where (fixp->fx_file, fixp->fx_line,
5473 			    _("can not do %d byte pc-relative relocation"),
5474 			    fixp->fx_size);
5475 	      code = BFD_RELOC_32_PCREL;
5476 	      break;
5477 	    case 1: code = BFD_RELOC_8_PCREL;  break;
5478 	    case 2: code = BFD_RELOC_16_PCREL; break;
5479 	    case 4: code = BFD_RELOC_32_PCREL; break;
5480 #ifdef BFD64
5481 	    case 8: code = BFD_RELOC_64_PCREL; break;
5482 #endif
5483 	    }
5484 	}
5485       else
5486 	{
5487 	  switch (fixp->fx_size)
5488 	    {
5489 	    default:
5490 	      as_bad_where (fixp->fx_file, fixp->fx_line,
5491 			    _("can not do %d byte relocation"),
5492 			    fixp->fx_size);
5493 	      code = BFD_RELOC_32;
5494 	      break;
5495 	    case 1: code = BFD_RELOC_8;  break;
5496 	    case 2: code = BFD_RELOC_16; break;
5497 	    case 4: code = BFD_RELOC_32; break;
5498 #ifdef BFD64
5499 	    case 8: code = BFD_RELOC_64; break;
5500 #endif
5501 	    }
5502 	}
5503       break;
5504     }
5505 
5506   if ((code == BFD_RELOC_32 || code == BFD_RELOC_32_PCREL)
5507       && GOT_symbol
5508       && fixp->fx_addsy == GOT_symbol)
5509     {
5510       if (flag_code != CODE_64BIT)
5511 	code = BFD_RELOC_386_GOTPC;
5512       else
5513 	code = BFD_RELOC_X86_64_GOTPC32;
5514     }
5515 
5516   rel = (arelent *) xmalloc (sizeof (arelent));
5517   rel->sym_ptr_ptr = (asymbol **) xmalloc (sizeof (asymbol *));
5518   *rel->sym_ptr_ptr = symbol_get_bfdsym (fixp->fx_addsy);
5519 
5520   rel->address = fixp->fx_frag->fr_address + fixp->fx_where;
5521 
5522   if (!use_rela_relocations)
5523     {
5524       /* HACK: Since i386 ELF uses Rel instead of Rela, encode the
5525 	 vtable entry to be used in the relocation's section offset.  */
5526       if (fixp->fx_r_type == BFD_RELOC_VTABLE_ENTRY)
5527 	rel->address = fixp->fx_offset;
5528 
5529       rel->addend = 0;
5530     }
5531   /* Use the rela in 64bit mode.  */
5532   else
5533     {
5534       if (!fixp->fx_pcrel)
5535 	rel->addend = fixp->fx_offset;
5536       else
5537 	switch (code)
5538 	  {
5539 	  case BFD_RELOC_X86_64_PLT32:
5540 	  case BFD_RELOC_X86_64_GOT32:
5541 	  case BFD_RELOC_X86_64_GOTPCREL:
5542 	  case BFD_RELOC_X86_64_TLSGD:
5543 	  case BFD_RELOC_X86_64_TLSLD:
5544 	  case BFD_RELOC_X86_64_GOTTPOFF:
5545 	    rel->addend = fixp->fx_offset - fixp->fx_size;
5546 	    break;
5547 	  default:
5548 	    rel->addend = (section->vma
5549 			   - fixp->fx_size
5550 			   + fixp->fx_addnumber
5551 			   + md_pcrel_from (fixp));
5552 	    break;
5553 	  }
5554     }
5555 
5556   rel->howto = bfd_reloc_type_lookup (stdoutput, code);
5557   if (rel->howto == NULL)
5558     {
5559       as_bad_where (fixp->fx_file, fixp->fx_line,
5560 		    _("cannot represent relocation type %s"),
5561 		    bfd_get_reloc_code_name (code));
5562       /* Set howto to a garbage value so that we can keep going.  */
5563       rel->howto = bfd_reloc_type_lookup (stdoutput, BFD_RELOC_32);
5564       assert (rel->howto != NULL);
5565     }
5566 
5567   return rel;
5568 }
5569 
5570 
5571 /* Parse operands using Intel syntax. This implements a recursive descent
5572    parser based on the BNF grammar published in Appendix B of the MASM 6.1
5573    Programmer's Guide.
5574 
5575    FIXME: We do not recognize the full operand grammar defined in the MASM
5576 	  documentation.  In particular, all the structure/union and
5577 	  high-level macro operands are missing.
5578 
5579    Uppercase words are terminals, lower case words are non-terminals.
5580    Objects surrounded by double brackets '[[' ']]' are optional. Vertical
5581    bars '|' denote choices. Most grammar productions are implemented in
5582    functions called 'intel_<production>'.
5583 
5584    Initial production is 'expr'.
5585 
5586     addOp		+ | -
5587 
5588     alpha		[a-zA-Z]
5589 
5590     binOp		& | AND | \| | OR | ^ | XOR
5591 
5592     byteRegister	AL | AH | BL | BH | CL | CH | DL | DH
5593 
5594     constant		digits [[ radixOverride ]]
5595 
5596     dataType		BYTE | WORD | DWORD | FWORD | QWORD | TBYTE | OWORD | XMMWORD
5597 
5598     digits		decdigit
5599 			| digits decdigit
5600 			| digits hexdigit
5601 
5602     decdigit		[0-9]
5603 
5604     e04			e04 addOp e05
5605 			| e05
5606 
5607     e05			e05 binOp e06
5608 			| e06
5609 
5610     e06			e06 mulOp e09
5611 			| e09
5612 
5613     e09			OFFSET e10
5614 			| SHORT e10
5615 			| + e10
5616 			| - e10
5617 			| ~ e10
5618 			| NOT e10
5619 			| e09 PTR e10
5620 			| e09 : e10
5621 			| e10
5622 
5623     e10			e10 [ expr ]
5624 			| e11
5625 
5626     e11			( expr )
5627 			| [ expr ]
5628 			| constant
5629 			| dataType
5630 			| id
5631 			| $
5632 			| register
5633 
5634  => expr		expr cmpOp e04
5635 			| e04
5636 
5637     gpRegister		AX | EAX | BX | EBX | CX | ECX | DX | EDX
5638 			| BP | EBP | SP | ESP | DI | EDI | SI | ESI
5639 
5640     hexdigit		a | b | c | d | e | f
5641 			| A | B | C | D | E | F
5642 
5643     id			alpha
5644 			| id alpha
5645 			| id decdigit
5646 
5647     mulOp		* | / | % | MOD | << | SHL | >> | SHR
5648 
5649     quote		" | '
5650 
5651     register		specialRegister
5652 			| gpRegister
5653 			| byteRegister
5654 
5655     segmentRegister	CS | DS | ES | FS | GS | SS
5656 
5657     specialRegister	CR0 | CR2 | CR3 | CR4
5658 			| DR0 | DR1 | DR2 | DR3 | DR6 | DR7
5659 			| TR3 | TR4 | TR5 | TR6 | TR7
5660 
5661     We simplify the grammar in obvious places (e.g., register parsing is
5662     done by calling parse_register) and eliminate immediate left recursion
5663     to implement a recursive-descent parser.
5664 
5665     expr	e04 expr'
5666 
5667     expr'	cmpOp e04 expr'
5668 		| Empty
5669 
5670     e04		e05 e04'
5671 
5672     e04'	addOp e05 e04'
5673 		| Empty
5674 
5675     e05		e06 e05'
5676 
5677     e05'	binOp e06 e05'
5678 		| Empty
5679 
5680     e06		e09 e06'
5681 
5682     e06'	mulOp e09 e06'
5683 		| Empty
5684 
5685     e09		OFFSET e10 e09'
5686 		| SHORT e10'
5687 		| + e10'
5688 		| - e10'
5689 		| ~ e10'
5690 		| NOT e10'
5691 		| e10 e09'
5692 
5693     e09'	PTR e10 e09'
5694 		| : e10 e09'
5695 		| Empty
5696 
5697     e10		e11 e10'
5698 
5699     e10'	[ expr ] e10'
5700 		| Empty
5701 
5702     e11		( expr )
5703 		| [ expr ]
5704 		| BYTE
5705 		| WORD
5706 		| DWORD
5707 		| FWORD
5708 		| QWORD
5709 		| TBYTE
5710 		| OWORD
5711 		| XMMWORD
5712 		| .
5713 		| $
5714 		| register
5715 		| id
5716 		| constant  */
5717 
5718 /* Parsing structure for the intel syntax parser. Used to implement the
5719    semantic actions for the operand grammar.  */
5720 struct intel_parser_s
5721   {
5722     char *op_string;		/* The string being parsed.  */
5723     int got_a_float;		/* Whether the operand is a float.  */
5724     int op_modifier;		/* Operand modifier.  */
5725     int is_mem;			/* 1 if operand is memory reference.  */
5726     int in_offset;			/* >=1 if parsing operand of offset.  */
5727     int in_bracket;			/* >=1 if parsing operand in brackets.  */
5728     const reg_entry *reg;	/* Last register reference found.  */
5729     char *disp;			/* Displacement string being built.  */
5730     char *next_operand;		/* Resume point when splitting operands.  */
5731   };
5732 
5733 static struct intel_parser_s intel_parser;
5734 
5735 /* Token structure for parsing intel syntax.  */
5736 struct intel_token
5737   {
5738     int code;			/* Token code.  */
5739     const reg_entry *reg;	/* Register entry for register tokens.  */
5740     char *str;			/* String representation.  */
5741   };
5742 
5743 static struct intel_token cur_token, prev_token;
5744 
5745 /* Token codes for the intel parser. Since T_SHORT is already used
5746    by COFF, undefine it first to prevent a warning.  */
5747 #define T_NIL		-1
5748 #define T_CONST		1
5749 #define T_REG		2
5750 #define T_BYTE		3
5751 #define T_WORD		4
5752 #define T_DWORD		5
5753 #define T_FWORD		6
5754 #define T_QWORD		7
5755 #define T_TBYTE		8
5756 #define T_XMMWORD	9
5757 #undef  T_SHORT
5758 #define T_SHORT		10
5759 #define T_OFFSET	11
5760 #define T_PTR		12
5761 #define T_ID		13
5762 #define T_SHL		14
5763 #define T_SHR		15
5764 
5765 /* Prototypes for intel parser functions.  */
5766 static int intel_match_token	PARAMS ((int code));
5767 static void intel_get_token	PARAMS ((void));
5768 static void intel_putback_token	PARAMS ((void));
5769 static int intel_expr		PARAMS ((void));
5770 static int intel_e04		PARAMS ((void));
5771 static int intel_e05		PARAMS ((void));
5772 static int intel_e06		PARAMS ((void));
5773 static int intel_e09		PARAMS ((void));
5774 static int intel_bracket_expr	PARAMS ((void));
5775 static int intel_e10		PARAMS ((void));
5776 static int intel_e11		PARAMS ((void));
5777 
5778 static int
i386_intel_operand(operand_string,got_a_float)5779 i386_intel_operand (operand_string, got_a_float)
5780      char *operand_string;
5781      int got_a_float;
5782 {
5783   int ret;
5784   char *p;
5785 
5786   p = intel_parser.op_string = xstrdup (operand_string);
5787   intel_parser.disp = (char *) xmalloc (strlen (operand_string) + 1);
5788 
5789   for (;;)
5790     {
5791       /* Initialize token holders.  */
5792       cur_token.code = prev_token.code = T_NIL;
5793       cur_token.reg = prev_token.reg = NULL;
5794       cur_token.str = prev_token.str = NULL;
5795 
5796       /* Initialize parser structure.  */
5797       intel_parser.got_a_float = got_a_float;
5798       intel_parser.op_modifier = 0;
5799       intel_parser.is_mem = 0;
5800       intel_parser.in_offset = 0;
5801       intel_parser.in_bracket = 0;
5802       intel_parser.reg = NULL;
5803       intel_parser.disp[0] = '\0';
5804       intel_parser.next_operand = NULL;
5805 
5806       /* Read the first token and start the parser.  */
5807       intel_get_token ();
5808       ret = intel_expr ();
5809 
5810       if (!ret)
5811 	break;
5812 
5813       if (cur_token.code != T_NIL)
5814 	{
5815 	  as_bad (_("invalid operand for '%s' ('%s' unexpected)"),
5816 		  current_templates->start->name, cur_token.str);
5817 	  ret = 0;
5818 	}
5819       /* If we found a memory reference, hand it over to i386_displacement
5820 	 to fill in the rest of the operand fields.  */
5821       else if (intel_parser.is_mem)
5822 	{
5823 	  if ((i.mem_operands == 1
5824 	       && (current_templates->start->opcode_modifier & IsString) == 0)
5825 	      || i.mem_operands == 2)
5826 	    {
5827 	      as_bad (_("too many memory references for '%s'"),
5828 		      current_templates->start->name);
5829 	      ret = 0;
5830 	    }
5831 	  else
5832 	    {
5833 	      char *s = intel_parser.disp;
5834 	      i.mem_operands++;
5835 
5836 	      if (!quiet_warnings && intel_parser.is_mem < 0)
5837 		/* See the comments in intel_bracket_expr.  */
5838 		as_warn (_("Treating `%s' as memory reference"), operand_string);
5839 
5840 	      /* Add the displacement expression.  */
5841 	      if (*s != '\0')
5842 		ret = i386_displacement (s, s + strlen (s));
5843 	      if (ret)
5844 		{
5845 		  /* Swap base and index in 16-bit memory operands like
5846 		     [si+bx]. Since i386_index_check is also used in AT&T
5847 		     mode we have to do that here.  */
5848 		  if (i.base_reg
5849 		      && i.index_reg
5850 		      && (i.base_reg->reg_type & Reg16)
5851 		      && (i.index_reg->reg_type & Reg16)
5852 		      && i.base_reg->reg_num >= 6
5853 		      && i.index_reg->reg_num < 6)
5854 		    {
5855 		      const reg_entry *base = i.index_reg;
5856 
5857 		      i.index_reg = i.base_reg;
5858 		      i.base_reg = base;
5859 		    }
5860 		  ret = i386_index_check (operand_string);
5861 		}
5862 	    }
5863 	}
5864 
5865       /* Constant and OFFSET expressions are handled by i386_immediate.  */
5866       else if ((intel_parser.op_modifier & (1 << T_OFFSET))
5867 	       || intel_parser.reg == NULL)
5868 	ret = i386_immediate (intel_parser.disp);
5869 
5870       if (intel_parser.next_operand && this_operand >= MAX_OPERANDS - 1)
5871         ret = 0;
5872       if (!ret || !intel_parser.next_operand)
5873 	break;
5874       intel_parser.op_string = intel_parser.next_operand;
5875       this_operand = i.operands++;
5876     }
5877 
5878   free (p);
5879   free (intel_parser.disp);
5880 
5881   return ret;
5882 }
5883 
5884 #define NUM_ADDRESS_REGS (!!i.base_reg + !!i.index_reg)
5885 
5886 /* expr	e04 expr'
5887 
5888    expr'  cmpOp e04 expr'
5889 	| Empty  */
5890 static int
intel_expr()5891 intel_expr ()
5892 {
5893   /* XXX Implement the comparison operators.  */
5894   return intel_e04 ();
5895 }
5896 
5897 /* e04	e05 e04'
5898 
5899    e04'	addOp e05 e04'
5900 	| Empty  */
5901 static int
intel_e04()5902 intel_e04 ()
5903 {
5904   int nregs = -1;
5905 
5906   for (;;)
5907     {
5908       if (!intel_e05())
5909 	return 0;
5910 
5911       if (nregs >= 0 && NUM_ADDRESS_REGS > nregs)
5912 	i.base_reg = i386_regtab + REGNAM_AL; /* al is invalid as base */
5913 
5914       if (cur_token.code == '+')
5915 	nregs = -1;
5916       else if (cur_token.code == '-')
5917 	nregs = NUM_ADDRESS_REGS;
5918       else
5919 	return 1;
5920 
5921       strcat (intel_parser.disp, cur_token.str);
5922       intel_match_token (cur_token.code);
5923     }
5924 }
5925 
5926 /* e05	e06 e05'
5927 
5928    e05'	binOp e06 e05'
5929 	| Empty  */
5930 static int
intel_e05()5931 intel_e05 ()
5932 {
5933   int nregs = ~NUM_ADDRESS_REGS;
5934 
5935   for (;;)
5936     {
5937       if (!intel_e06())
5938 	return 0;
5939 
5940       if (cur_token.code == '&' || cur_token.code == '|' || cur_token.code == '^')
5941 	{
5942 	  char str[2];
5943 
5944 	  str[0] = cur_token.code;
5945 	  str[1] = 0;
5946 	  strcat (intel_parser.disp, str);
5947 	}
5948       else
5949 	break;
5950 
5951       intel_match_token (cur_token.code);
5952 
5953       if (nregs < 0)
5954 	nregs = ~nregs;
5955     }
5956   if (nregs >= 0 && NUM_ADDRESS_REGS > nregs)
5957     i.base_reg = i386_regtab + REGNAM_AL + 1; /* cl is invalid as base */
5958   return 1;
5959 }
5960 
5961 /* e06	e09 e06'
5962 
5963    e06'	mulOp e09 e06'
5964 	| Empty  */
5965 static int
intel_e06()5966 intel_e06 ()
5967 {
5968   int nregs = ~NUM_ADDRESS_REGS;
5969 
5970   for (;;)
5971     {
5972       if (!intel_e09())
5973 	return 0;
5974 
5975       if (cur_token.code == '*' || cur_token.code == '/' || cur_token.code == '%')
5976 	{
5977 	  char str[2];
5978 
5979 	  str[0] = cur_token.code;
5980 	  str[1] = 0;
5981 	  strcat (intel_parser.disp, str);
5982 	}
5983       else if (cur_token.code == T_SHL)
5984 	strcat (intel_parser.disp, "<<");
5985       else if (cur_token.code == T_SHR)
5986 	strcat (intel_parser.disp, ">>");
5987       else
5988 	break;
5989 
5990      intel_match_token (cur_token.code);
5991 
5992       if (nregs < 0)
5993 	nregs = ~nregs;
5994     }
5995   if (nregs >= 0 && NUM_ADDRESS_REGS > nregs)
5996     i.base_reg = i386_regtab + REGNAM_AL + 2; /* dl is invalid as base */
5997   return 1;
5998 }
5999 
6000 /* e09	OFFSET e09
6001 	| SHORT e09
6002 	| + e09
6003 	| - e09
6004 	| ~ e09
6005 	| NOT e09
6006 	| e10 e09'
6007 
6008    e09'	PTR e10 e09'
6009 	| : e10 e09'
6010 	| Empty */
6011 static int
intel_e09()6012 intel_e09 ()
6013 {
6014   int nregs = ~NUM_ADDRESS_REGS;
6015   int in_offset = 0;
6016 
6017   for (;;)
6018     {
6019       /* Don't consume constants here.  */
6020       if (cur_token.code == '+' || cur_token.code == '-')
6021 	{
6022 	  /* Need to look one token ahead - if the next token
6023 	     is a constant, the current token is its sign.  */
6024 	  int next_code;
6025 
6026 	  intel_match_token (cur_token.code);
6027 	  next_code = cur_token.code;
6028 	  intel_putback_token ();
6029 	  if (next_code == T_CONST)
6030 	    break;
6031 	}
6032 
6033       /* e09  OFFSET e09  */
6034       if (cur_token.code == T_OFFSET)
6035 	{
6036 	  if (!in_offset++)
6037 	    ++intel_parser.in_offset;
6038 	}
6039 
6040       /* e09  SHORT e09  */
6041       else if (cur_token.code == T_SHORT)
6042 	intel_parser.op_modifier |= 1 << T_SHORT;
6043 
6044       /* e09  + e09  */
6045       else if (cur_token.code == '+')
6046 	strcat (intel_parser.disp, "+");
6047 
6048       /* e09  - e09
6049 	      | ~ e09
6050 	      | NOT e09  */
6051       else if (cur_token.code == '-' || cur_token.code == '~')
6052 	{
6053 	  char str[2];
6054 
6055 	  if (nregs < 0)
6056 	    nregs = ~nregs;
6057 	  str[0] = cur_token.code;
6058 	  str[1] = 0;
6059 	  strcat (intel_parser.disp, str);
6060 	}
6061 
6062       /* e09  e10 e09'  */
6063       else
6064 	break;
6065 
6066       intel_match_token (cur_token.code);
6067     }
6068 
6069   for (;;)
6070     {
6071       if (!intel_e10 ())
6072 	return 0;
6073 
6074       /* e09'  PTR e10 e09' */
6075       if (cur_token.code == T_PTR)
6076 	{
6077 	  char suffix;
6078 
6079 	  if (prev_token.code == T_BYTE)
6080 	    suffix = BYTE_MNEM_SUFFIX;
6081 
6082 	  else if (prev_token.code == T_WORD)
6083 	    {
6084 	      if (current_templates->start->name[0] == 'l'
6085 		  && current_templates->start->name[2] == 's'
6086 		  && current_templates->start->name[3] == 0)
6087 		suffix = BYTE_MNEM_SUFFIX; /* so it will cause an error */
6088 	      else if (intel_parser.got_a_float == 2)	/* "fi..." */
6089 		suffix = SHORT_MNEM_SUFFIX;
6090 	      else
6091 		suffix = WORD_MNEM_SUFFIX;
6092 	    }
6093 
6094 	  else if (prev_token.code == T_DWORD)
6095 	    {
6096 	      if (current_templates->start->name[0] == 'l'
6097 		  && current_templates->start->name[2] == 's'
6098 		  && current_templates->start->name[3] == 0)
6099 		suffix = WORD_MNEM_SUFFIX;
6100 	      else if (flag_code == CODE_16BIT
6101 		       && (current_templates->start->opcode_modifier
6102 			   & (Jump|JumpDword|JumpInterSegment)))
6103 		suffix = LONG_DOUBLE_MNEM_SUFFIX;
6104 	      else if (intel_parser.got_a_float == 1)	/* "f..." */
6105 		suffix = SHORT_MNEM_SUFFIX;
6106 	      else
6107 		suffix = LONG_MNEM_SUFFIX;
6108 	    }
6109 
6110 	  else if (prev_token.code == T_FWORD)
6111 	    {
6112 	      if (current_templates->start->name[0] == 'l'
6113 		  && current_templates->start->name[2] == 's'
6114 		  && current_templates->start->name[3] == 0)
6115 		suffix = LONG_MNEM_SUFFIX;
6116 	      else if (!intel_parser.got_a_float)
6117 		{
6118 		  if (flag_code == CODE_16BIT)
6119 		    add_prefix (DATA_PREFIX_OPCODE);
6120 		  suffix = LONG_DOUBLE_MNEM_SUFFIX;
6121 		}
6122 	      else
6123 		suffix = BYTE_MNEM_SUFFIX; /* so it will cause an error */
6124 	    }
6125 
6126 	  else if (prev_token.code == T_QWORD)
6127 	    {
6128 	      if (intel_parser.got_a_float == 1)	/* "f..." */
6129 		suffix = LONG_MNEM_SUFFIX;
6130 	      else
6131 		suffix = QWORD_MNEM_SUFFIX;
6132 	    }
6133 
6134 	  else if (prev_token.code == T_TBYTE)
6135 	    {
6136 	      if (intel_parser.got_a_float == 1)
6137 		suffix = LONG_DOUBLE_MNEM_SUFFIX;
6138 	      else
6139 		suffix = BYTE_MNEM_SUFFIX; /* so it will cause an error */
6140 	    }
6141 
6142 	  else if (prev_token.code == T_XMMWORD)
6143 	    {
6144 	      /* XXX ignored for now, but accepted since gcc uses it */
6145 	      suffix = 0;
6146 	    }
6147 
6148 	  else
6149 	    {
6150 	      as_bad (_("Unknown operand modifier `%s'"), prev_token.str);
6151 	      return 0;
6152 	    }
6153 
6154 	  if (current_templates->start->base_opcode == 0x8d /* lea */)
6155 	    ;
6156 	  else if (!i.suffix)
6157 	    i.suffix = suffix;
6158 	  else if (i.suffix != suffix)
6159 	    {
6160 	      as_bad (_("Conflicting operand modifiers"));
6161 	      return 0;
6162 	    }
6163 
6164 	}
6165 
6166       /* e09'  : e10 e09'  */
6167       else if (cur_token.code == ':')
6168 	{
6169 	  if (prev_token.code != T_REG)
6170 	    {
6171 	      /* While {call,jmp} SSSS:OOOO is MASM syntax only when SSSS is a
6172 		 segment/group identifier (which we don't have), using comma
6173 		 as the operand separator there is even less consistent, since
6174 		 there all branches only have a single operand.  */
6175 	      if (this_operand != 0
6176 		  || intel_parser.in_offset
6177 		  || intel_parser.in_bracket
6178 		  || (!(current_templates->start->opcode_modifier
6179 			& (Jump|JumpDword|JumpInterSegment))
6180 		      && !(current_templates->start->operand_types[0]
6181 			   & JumpAbsolute)))
6182 		return intel_match_token (T_NIL);
6183 	      /* Remember the start of the 2nd operand and terminate 1st
6184 		 operand here.
6185 		 XXX This isn't right, yet (when SSSS:OOOO is right operand of
6186 		 another expression), but it gets at least the simplest case
6187 		 (a plain number or symbol on the left side) right.  */
6188 	      intel_parser.next_operand = intel_parser.op_string;
6189 	      *--intel_parser.op_string = '\0';
6190 	      return intel_match_token (':');
6191 	    }
6192 	}
6193 
6194       /* e09'  Empty  */
6195       else
6196 	break;
6197 
6198       intel_match_token (cur_token.code);
6199 
6200     }
6201 
6202   if (in_offset)
6203     {
6204       --intel_parser.in_offset;
6205       if (nregs < 0)
6206 	nregs = ~nregs;
6207       if (NUM_ADDRESS_REGS > nregs)
6208 	{
6209 	  as_bad (_("Invalid operand to `OFFSET'"));
6210 	  return 0;
6211 	}
6212       intel_parser.op_modifier |= 1 << T_OFFSET;
6213     }
6214 
6215   if (nregs >= 0 && NUM_ADDRESS_REGS > nregs)
6216     i.base_reg = i386_regtab + REGNAM_AL + 3; /* bl is invalid as base */
6217   return 1;
6218 }
6219 
6220 static int
intel_bracket_expr()6221 intel_bracket_expr ()
6222 {
6223   int was_offset = intel_parser.op_modifier & (1 << T_OFFSET);
6224   const char *start = intel_parser.op_string;
6225   int len;
6226 
6227   if (i.op[this_operand].regs)
6228     return intel_match_token (T_NIL);
6229 
6230   intel_match_token ('[');
6231 
6232   /* Mark as a memory operand only if it's not already known to be an
6233      offset expression.  If it's an offset expression, we need to keep
6234      the brace in.  */
6235   if (!intel_parser.in_offset)
6236     {
6237       ++intel_parser.in_bracket;
6238       /* Unfortunately gas always diverged from MASM in a respect that can't
6239 	 be easily fixed without risking to break code sequences likely to be
6240 	 encountered (the testsuite even check for this): MASM doesn't consider
6241 	 an expression inside brackets unconditionally as a memory reference.
6242 	 When that is e.g. a constant, an offset expression, or the sum of the
6243 	 two, this is still taken as a constant load. gas, however, always
6244 	 treated these as memory references. As a compromise, we'll try to make
6245 	 offset expressions inside brackets work the MASM way (since that's
6246 	 less likely to be found in real world code), but make constants alone
6247 	 continue to work the traditional gas way. In either case, issue a
6248 	 warning.  */
6249       intel_parser.op_modifier &= ~was_offset;
6250     }
6251   else
6252       strcat (intel_parser.disp, "[");
6253 
6254   /* Add a '+' to the displacement string if necessary.  */
6255   if (*intel_parser.disp != '\0'
6256       && *(intel_parser.disp + strlen (intel_parser.disp) - 1) != '+')
6257     strcat (intel_parser.disp, "+");
6258 
6259   if (intel_expr ()
6260       && (len = intel_parser.op_string - start - 1,
6261 	  intel_match_token (']')))
6262     {
6263       /* Preserve brackets when the operand is an offset expression.  */
6264       if (intel_parser.in_offset)
6265 	strcat (intel_parser.disp, "]");
6266       else
6267 	{
6268 	  --intel_parser.in_bracket;
6269 	  if (i.base_reg || i.index_reg)
6270 	    intel_parser.is_mem = 1;
6271 	  if (!intel_parser.is_mem)
6272 	    {
6273 	      if (!(intel_parser.op_modifier & (1 << T_OFFSET)))
6274 		/* Defer the warning until all of the operand was parsed.  */
6275 		intel_parser.is_mem = -1;
6276 	      else if (!quiet_warnings)
6277 		as_warn (_("`[%.*s]' taken to mean just `%.*s'"), len, start, len, start);
6278 	    }
6279 	}
6280       intel_parser.op_modifier |= was_offset;
6281 
6282       return 1;
6283     }
6284   return 0;
6285 }
6286 
6287 /* e10	e11 e10'
6288 
6289    e10'	[ expr ] e10'
6290 	| Empty  */
6291 static int
intel_e10()6292 intel_e10 ()
6293 {
6294   if (!intel_e11 ())
6295     return 0;
6296 
6297   while (cur_token.code == '[')
6298     {
6299       if (!intel_bracket_expr ())
6300 	return 0;
6301     }
6302 
6303   return 1;
6304 }
6305 
6306 /* e11	( expr )
6307 	| [ expr ]
6308 	| BYTE
6309 	| WORD
6310 	| DWORD
6311 	| FWORD
6312 	| QWORD
6313 	| TBYTE
6314 	| OWORD
6315 	| XMMWORD
6316 	| $
6317 	| .
6318 	| register
6319 	| id
6320 	| constant  */
6321 static int
intel_e11()6322 intel_e11 ()
6323 {
6324   switch (cur_token.code)
6325     {
6326     /* e11  ( expr ) */
6327     case '(':
6328       intel_match_token ('(');
6329       strcat (intel_parser.disp, "(");
6330 
6331       if (intel_expr () && intel_match_token (')'))
6332 	{
6333 	  strcat (intel_parser.disp, ")");
6334 	  return 1;
6335 	}
6336       return 0;
6337 
6338     /* e11  [ expr ] */
6339     case '[':
6340       /* Operands for jump/call inside brackets denote absolute addresses.
6341 	 XXX This shouldn't be needed anymore (or if it should rather live
6342 	 in intel_bracket_expr).  */
6343       if (current_templates->start->opcode_modifier
6344 	  & (Jump|JumpDword|JumpByte|JumpInterSegment))
6345 	i.types[this_operand] |= JumpAbsolute;
6346 
6347       return intel_bracket_expr ();
6348 
6349     /* e11  $
6350 	    | .  */
6351     case '.':
6352       strcat (intel_parser.disp, cur_token.str);
6353       intel_match_token (cur_token.code);
6354 
6355       /* Mark as a memory operand only if it's not already known to be an
6356 	 offset expression.  */
6357       if (!intel_parser.in_offset)
6358 	intel_parser.is_mem = 1;
6359 
6360       return 1;
6361 
6362     /* e11  register  */
6363     case T_REG:
6364       {
6365 	const reg_entry *reg = intel_parser.reg = cur_token.reg;
6366 
6367 	intel_match_token (T_REG);
6368 
6369 	/* Check for segment change.  */
6370 	if (cur_token.code == ':')
6371 	  {
6372 	    if (!(reg->reg_type & (SReg2 | SReg3)))
6373 	      {
6374 		as_bad (_("`%s' is not a valid segment register"), reg->reg_name);
6375 		return 0;
6376 	      }
6377 	    else if (i.seg[i.mem_operands])
6378 	      as_warn (_("Extra segment override ignored"));
6379 	    else
6380 	      {
6381 		if (!intel_parser.in_offset)
6382 		  intel_parser.is_mem = 1;
6383 		switch (reg->reg_num)
6384 		  {
6385 		  case 0:
6386 		    i.seg[i.mem_operands] = &es;
6387 		    break;
6388 		  case 1:
6389 		    i.seg[i.mem_operands] = &cs;
6390 		    break;
6391 		  case 2:
6392 		    i.seg[i.mem_operands] = &ss;
6393 		    break;
6394 		  case 3:
6395 		    i.seg[i.mem_operands] = &ds;
6396 		    break;
6397 		  case 4:
6398 		    i.seg[i.mem_operands] = &fs;
6399 		    break;
6400 		  case 5:
6401 		    i.seg[i.mem_operands] = &gs;
6402 		    break;
6403 		  }
6404 	      }
6405 	  }
6406 
6407 	/* Not a segment register. Check for register scaling.  */
6408 	else if (cur_token.code == '*')
6409 	  {
6410 	    if (!intel_parser.in_bracket)
6411 	      {
6412 		as_bad (_("Register scaling only allowed in memory operands"));
6413 		return 0;
6414 	      }
6415 
6416 	    if (reg->reg_type & Reg16) /* Disallow things like [si*1]. */
6417 	      reg = i386_regtab + REGNAM_AX + 4; /* sp is invalid as index */
6418 	    else if (i.index_reg)
6419 	      reg = i386_regtab + REGNAM_EAX + 4; /* esp is invalid as index */
6420 
6421 	    /* What follows must be a valid scale.  */
6422 	    intel_match_token ('*');
6423 	    i.index_reg = reg;
6424 	    i.types[this_operand] |= BaseIndex;
6425 
6426 	    /* Set the scale after setting the register (otherwise,
6427 	       i386_scale will complain)  */
6428 	    if (cur_token.code == '+' || cur_token.code == '-')
6429 	      {
6430 		char *str, sign = cur_token.code;
6431 		intel_match_token (cur_token.code);
6432 		if (cur_token.code != T_CONST)
6433 		  {
6434 		    as_bad (_("Syntax error: Expecting a constant, got `%s'"),
6435 			    cur_token.str);
6436 		    return 0;
6437 		  }
6438 		str = (char *) xmalloc (strlen (cur_token.str) + 2);
6439 		strcpy (str + 1, cur_token.str);
6440 		*str = sign;
6441 		if (!i386_scale (str))
6442 		  return 0;
6443 		free (str);
6444 	      }
6445 	    else if (!i386_scale (cur_token.str))
6446 	      return 0;
6447 	    intel_match_token (cur_token.code);
6448 	  }
6449 
6450 	/* No scaling. If this is a memory operand, the register is either a
6451 	   base register (first occurrence) or an index register (second
6452 	   occurrence).  */
6453 	else if (intel_parser.in_bracket && !(reg->reg_type & (SReg2 | SReg3)))
6454 	  {
6455 
6456 	    if (!i.base_reg)
6457 	      i.base_reg = reg;
6458 	    else if (!i.index_reg)
6459 	      i.index_reg = reg;
6460 	    else
6461 	      {
6462 		as_bad (_("Too many register references in memory operand"));
6463 		return 0;
6464 	      }
6465 
6466 	    i.types[this_operand] |= BaseIndex;
6467 	  }
6468 
6469 	/* Offset modifier. Add the register to the displacement string to be
6470 	   parsed as an immediate expression after we're done.  */
6471 	else if (intel_parser.in_offset)
6472 	  {
6473 	    as_warn (_("Using register names in OFFSET expressions is deprecated"));
6474 	    strcat (intel_parser.disp, reg->reg_name);
6475 	  }
6476 
6477 	/* It's neither base nor index nor offset.  */
6478 	else if (!intel_parser.is_mem)
6479 	  {
6480 	    i.types[this_operand] |= reg->reg_type & ~BaseIndex;
6481 	    i.op[this_operand].regs = reg;
6482 	    i.reg_operands++;
6483 	  }
6484 	else
6485 	  {
6486 	    as_bad (_("Invalid use of register"));
6487 	    return 0;
6488 	  }
6489 
6490 	/* Since registers are not part of the displacement string (except
6491 	   when we're parsing offset operands), we may need to remove any
6492 	   preceding '+' from the displacement string.  */
6493 	if (*intel_parser.disp != '\0'
6494 	    && !intel_parser.in_offset)
6495 	  {
6496 	    char *s = intel_parser.disp;
6497 	    s += strlen (s) - 1;
6498 	    if (*s == '+')
6499 	      *s = '\0';
6500 	  }
6501 
6502 	return 1;
6503       }
6504 
6505     /* e11  BYTE
6506 	    | WORD
6507 	    | DWORD
6508 	    | FWORD
6509 	    | QWORD
6510 	    | TBYTE
6511 	    | OWORD
6512 	    | XMMWORD  */
6513     case T_BYTE:
6514     case T_WORD:
6515     case T_DWORD:
6516     case T_FWORD:
6517     case T_QWORD:
6518     case T_TBYTE:
6519     case T_XMMWORD:
6520       intel_match_token (cur_token.code);
6521 
6522       if (cur_token.code == T_PTR)
6523 	return 1;
6524 
6525       /* It must have been an identifier.  */
6526       intel_putback_token ();
6527       cur_token.code = T_ID;
6528       /* FALLTHRU */
6529 
6530     /* e11  id
6531 	    | constant  */
6532     case T_ID:
6533       if (!intel_parser.in_offset && intel_parser.is_mem <= 0)
6534 	{
6535 	  symbolS *symbolP;
6536 
6537 	  /* The identifier represents a memory reference only if it's not
6538 	     preceded by an offset modifier and if it's not an equate.  */
6539 	  symbolP = symbol_find(cur_token.str);
6540 	  if (!symbolP || S_GET_SEGMENT(symbolP) != absolute_section)
6541 	    intel_parser.is_mem = 1;
6542 	}
6543 	/* FALLTHRU */
6544 
6545     case T_CONST:
6546     case '-':
6547     case '+':
6548       {
6549 	char *save_str, sign = 0;
6550 
6551 	/* Allow constants that start with `+' or `-'.  */
6552 	if (cur_token.code == '-' || cur_token.code == '+')
6553 	  {
6554 	    sign = cur_token.code;
6555 	    intel_match_token (cur_token.code);
6556 	    if (cur_token.code != T_CONST)
6557 	      {
6558 		as_bad (_("Syntax error: Expecting a constant, got `%s'"),
6559 			cur_token.str);
6560 		return 0;
6561 	      }
6562 	  }
6563 
6564 	save_str = (char *) xmalloc (strlen (cur_token.str) + 2);
6565 	strcpy (save_str + !!sign, cur_token.str);
6566 	if (sign)
6567 	  *save_str = sign;
6568 
6569 	/* Get the next token to check for register scaling.  */
6570 	intel_match_token (cur_token.code);
6571 
6572 	/* Check if this constant is a scaling factor for an index register.  */
6573 	if (cur_token.code == '*')
6574 	  {
6575 	    if (intel_match_token ('*') && cur_token.code == T_REG)
6576 	      {
6577 		const reg_entry *reg = cur_token.reg;
6578 
6579 		if (!intel_parser.in_bracket)
6580 		  {
6581 		    as_bad (_("Register scaling only allowed in memory operands"));
6582 		    return 0;
6583 		  }
6584 
6585 		if (reg->reg_type & Reg16) /* Disallow things like [1*si]. */
6586 		  reg = i386_regtab + REGNAM_AX + 4; /* sp is invalid as index */
6587 		else if (i.index_reg)
6588 		  reg = i386_regtab + REGNAM_EAX + 4; /* esp is invalid as index */
6589 
6590 		/* The constant is followed by `* reg', so it must be
6591 		   a valid scale.  */
6592 		i.index_reg = reg;
6593 		i.types[this_operand] |= BaseIndex;
6594 
6595 		/* Set the scale after setting the register (otherwise,
6596 		   i386_scale will complain)  */
6597 		if (!i386_scale (save_str))
6598 		  return 0;
6599 		intel_match_token (T_REG);
6600 
6601 		/* Since registers are not part of the displacement
6602 		   string, we may need to remove any preceding '+' from
6603 		   the displacement string.  */
6604 		if (*intel_parser.disp != '\0')
6605 		  {
6606 		    char *s = intel_parser.disp;
6607 		    s += strlen (s) - 1;
6608 		    if (*s == '+')
6609 		      *s = '\0';
6610 		  }
6611 
6612 		free (save_str);
6613 
6614 		return 1;
6615 	      }
6616 
6617 	    /* The constant was not used for register scaling. Since we have
6618 	       already consumed the token following `*' we now need to put it
6619 	       back in the stream.  */
6620 	    intel_putback_token ();
6621 	  }
6622 
6623 	/* Add the constant to the displacement string.  */
6624 	strcat (intel_parser.disp, save_str);
6625 	free (save_str);
6626 
6627 	return 1;
6628       }
6629     }
6630 
6631   as_bad (_("Unrecognized token '%s'"), cur_token.str);
6632   return 0;
6633 }
6634 
6635 /* Match the given token against cur_token. If they match, read the next
6636    token from the operand string.  */
6637 static int
intel_match_token(code)6638 intel_match_token (code)
6639      int code;
6640 {
6641   if (cur_token.code == code)
6642     {
6643       intel_get_token ();
6644       return 1;
6645     }
6646   else
6647     {
6648       as_bad (_("Unexpected token `%s'"), cur_token.str);
6649       return 0;
6650     }
6651 }
6652 
6653 /* Read a new token from intel_parser.op_string and store it in cur_token.  */
6654 static void
intel_get_token()6655 intel_get_token ()
6656 {
6657   char *end_op;
6658   const reg_entry *reg;
6659   struct intel_token new_token;
6660 
6661   new_token.code = T_NIL;
6662   new_token.reg = NULL;
6663   new_token.str = NULL;
6664 
6665   /* Free the memory allocated to the previous token and move
6666      cur_token to prev_token.  */
6667   if (prev_token.str)
6668     free (prev_token.str);
6669 
6670   prev_token = cur_token;
6671 
6672   /* Skip whitespace.  */
6673   while (is_space_char (*intel_parser.op_string))
6674     intel_parser.op_string++;
6675 
6676   /* Return an empty token if we find nothing else on the line.  */
6677   if (*intel_parser.op_string == '\0')
6678     {
6679       cur_token = new_token;
6680       return;
6681     }
6682 
6683   /* The new token cannot be larger than the remainder of the operand
6684      string.  */
6685   new_token.str = (char *) xmalloc (strlen (intel_parser.op_string) + 1);
6686   new_token.str[0] = '\0';
6687 
6688   if (strchr ("0123456789", *intel_parser.op_string))
6689     {
6690       char *p = new_token.str;
6691       char *q = intel_parser.op_string;
6692       new_token.code = T_CONST;
6693 
6694       /* Allow any kind of identifier char to encompass floating point and
6695 	 hexadecimal numbers.  */
6696       while (is_identifier_char (*q))
6697 	*p++ = *q++;
6698       *p = '\0';
6699 
6700       /* Recognize special symbol names [0-9][bf].  */
6701       if (strlen (intel_parser.op_string) == 2
6702 	  && (intel_parser.op_string[1] == 'b'
6703 	      || intel_parser.op_string[1] == 'f'))
6704 	new_token.code = T_ID;
6705     }
6706 
6707   else if ((*intel_parser.op_string == REGISTER_PREFIX || allow_naked_reg)
6708 	   && ((reg = parse_register (intel_parser.op_string, &end_op)) != NULL))
6709     {
6710       new_token.code = T_REG;
6711       new_token.reg = reg;
6712 
6713       if (*intel_parser.op_string == REGISTER_PREFIX)
6714 	{
6715 	  new_token.str[0] = REGISTER_PREFIX;
6716 	  new_token.str[1] = '\0';
6717 	}
6718 
6719       strcat (new_token.str, reg->reg_name);
6720     }
6721 
6722   else if (is_identifier_char (*intel_parser.op_string))
6723     {
6724       char *p = new_token.str;
6725       char *q = intel_parser.op_string;
6726 
6727       /* A '.' or '$' followed by an identifier char is an identifier.
6728 	 Otherwise, it's operator '.' followed by an expression.  */
6729       if ((*q == '.' || *q == '$') && !is_identifier_char (*(q + 1)))
6730 	{
6731 	  new_token.code = '.';
6732 	  new_token.str[0] = '.';
6733 	  new_token.str[1] = '\0';
6734 	}
6735       else
6736 	{
6737 	  while (is_identifier_char (*q) || *q == '@')
6738 	    *p++ = *q++;
6739 	  *p = '\0';
6740 
6741 	  if (strcasecmp (new_token.str, "NOT") == 0)
6742 	    new_token.code = '~';
6743 
6744 	  else if (strcasecmp (new_token.str, "MOD") == 0)
6745 	    new_token.code = '%';
6746 
6747 	  else if (strcasecmp (new_token.str, "AND") == 0)
6748 	    new_token.code = '&';
6749 
6750 	  else if (strcasecmp (new_token.str, "OR") == 0)
6751 	    new_token.code = '|';
6752 
6753 	  else if (strcasecmp (new_token.str, "XOR") == 0)
6754 	    new_token.code = '^';
6755 
6756 	  else if (strcasecmp (new_token.str, "SHL") == 0)
6757 	    new_token.code = T_SHL;
6758 
6759 	  else if (strcasecmp (new_token.str, "SHR") == 0)
6760 	    new_token.code = T_SHR;
6761 
6762 	  else if (strcasecmp (new_token.str, "BYTE") == 0)
6763 	    new_token.code = T_BYTE;
6764 
6765 	  else if (strcasecmp (new_token.str, "WORD") == 0)
6766 	    new_token.code = T_WORD;
6767 
6768 	  else if (strcasecmp (new_token.str, "DWORD") == 0)
6769 	    new_token.code = T_DWORD;
6770 
6771 	  else if (strcasecmp (new_token.str, "FWORD") == 0)
6772 	    new_token.code = T_FWORD;
6773 
6774 	  else if (strcasecmp (new_token.str, "QWORD") == 0)
6775 	    new_token.code = T_QWORD;
6776 
6777 	  else if (strcasecmp (new_token.str, "TBYTE") == 0
6778 		   /* XXX remove (gcc still uses it) */
6779 		   || strcasecmp (new_token.str, "XWORD") == 0)
6780 	    new_token.code = T_TBYTE;
6781 
6782 	  else if (strcasecmp (new_token.str, "XMMWORD") == 0
6783 		   || strcasecmp (new_token.str, "OWORD") == 0)
6784 	    new_token.code = T_XMMWORD;
6785 
6786 	  else if (strcasecmp (new_token.str, "PTR") == 0)
6787 	    new_token.code = T_PTR;
6788 
6789 	  else if (strcasecmp (new_token.str, "SHORT") == 0)
6790 	    new_token.code = T_SHORT;
6791 
6792 	  else if (strcasecmp (new_token.str, "OFFSET") == 0)
6793 	    {
6794 	      new_token.code = T_OFFSET;
6795 
6796 	      /* ??? This is not mentioned in the MASM grammar but gcc
6797 		     makes use of it with -mintel-syntax.  OFFSET may be
6798 		     followed by FLAT:  */
6799 	      if (strncasecmp (q, " FLAT:", 6) == 0)
6800 		strcat (new_token.str, " FLAT:");
6801 	    }
6802 
6803 	  /* ??? This is not mentioned in the MASM grammar.  */
6804 	  else if (strcasecmp (new_token.str, "FLAT") == 0)
6805 	    {
6806 	      new_token.code = T_OFFSET;
6807 	      if (*q == ':')
6808 		strcat (new_token.str, ":");
6809 	      else
6810 		as_bad (_("`:' expected"));
6811 	    }
6812 
6813 	  else
6814 	    new_token.code = T_ID;
6815 	}
6816     }
6817 
6818   else if (strchr ("+-/*%|&^:[]()~", *intel_parser.op_string))
6819     {
6820       new_token.code = *intel_parser.op_string;
6821       new_token.str[0] = *intel_parser.op_string;
6822       new_token.str[1] = '\0';
6823     }
6824 
6825   else if (strchr ("<>", *intel_parser.op_string)
6826 	   && *intel_parser.op_string == *(intel_parser.op_string + 1))
6827     {
6828       new_token.code = *intel_parser.op_string == '<' ? T_SHL : T_SHR;
6829       new_token.str[0] = *intel_parser.op_string;
6830       new_token.str[1] = *intel_parser.op_string;
6831       new_token.str[2] = '\0';
6832     }
6833 
6834   else
6835     as_bad (_("Unrecognized token `%s'"), intel_parser.op_string);
6836 
6837   intel_parser.op_string += strlen (new_token.str);
6838   cur_token = new_token;
6839 }
6840 
6841 /* Put cur_token back into the token stream and make cur_token point to
6842    prev_token.  */
6843 static void
intel_putback_token()6844 intel_putback_token ()
6845 {
6846   if (cur_token.code != T_NIL)
6847     {
6848       intel_parser.op_string -= strlen (cur_token.str);
6849       free (cur_token.str);
6850     }
6851   cur_token = prev_token;
6852 
6853   /* Forget prev_token.  */
6854   prev_token.code = T_NIL;
6855   prev_token.reg = NULL;
6856   prev_token.str = NULL;
6857 }
6858 
6859 int
tc_x86_regname_to_dw2regnum(const char * regname)6860 tc_x86_regname_to_dw2regnum (const char *regname)
6861 {
6862   unsigned int regnum;
6863   unsigned int regnames_count;
6864   static const char *const regnames_32[] =
6865     {
6866       "eax", "ecx", "edx", "ebx",
6867       "esp", "ebp", "esi", "edi",
6868       "eip", "eflags", NULL,
6869       "st0", "st1", "st2", "st3",
6870       "st4", "st5", "st6", "st7",
6871       NULL, NULL,
6872       "xmm0", "xmm1", "xmm2", "xmm3",
6873       "xmm4", "xmm5", "xmm6", "xmm7",
6874       "mm0", "mm1", "mm2", "mm3",
6875       "mm4", "mm5", "mm6", "mm7"
6876     };
6877   static const char *const regnames_64[] =
6878     {
6879       "rax", "rdx", "rcx", "rbx",
6880       "rsi", "rdi", "rbp", "rsp",
6881       "r8",  "r9",  "r10", "r11",
6882       "r12", "r13", "r14", "r15",
6883       "rip",
6884       "xmm0",  "xmm1",  "xmm2",  "xmm3",
6885       "xmm4",  "xmm5",  "xmm6",  "xmm7",
6886       "xmm8",  "xmm9",  "xmm10", "xmm11",
6887       "xmm12", "xmm13", "xmm14", "xmm15",
6888       "st0", "st1", "st2", "st3",
6889       "st4", "st5", "st6", "st7",
6890       "mm0", "mm1", "mm2", "mm3",
6891       "mm4", "mm5", "mm6", "mm7"
6892     };
6893   const char *const *regnames;
6894 
6895   if (flag_code == CODE_64BIT)
6896     {
6897       regnames = regnames_64;
6898       regnames_count = ARRAY_SIZE (regnames_64);
6899     }
6900   else
6901     {
6902       regnames = regnames_32;
6903       regnames_count = ARRAY_SIZE (regnames_32);
6904     }
6905 
6906   for (regnum = 0; regnum < regnames_count; regnum++)
6907     if (regnames[regnum] != NULL
6908 	&& strcmp (regname, regnames[regnum]) == 0)
6909       return regnum;
6910 
6911   return -1;
6912 }
6913 
6914 void
tc_x86_frame_initial_instructions(void)6915 tc_x86_frame_initial_instructions (void)
6916 {
6917   static unsigned int sp_regno;
6918 
6919   if (!sp_regno)
6920     sp_regno = tc_x86_regname_to_dw2regnum (flag_code == CODE_64BIT
6921 					    ? "rsp" : "esp");
6922 
6923   cfi_add_CFA_def_cfa (sp_regno, -x86_cie_data_alignment);
6924   cfi_add_CFA_offset (x86_dwarf2_return_column, x86_cie_data_alignment);
6925 }
6926 
6927 int
i386_elf_section_type(const char * str,size_t len)6928 i386_elf_section_type (const char *str, size_t len)
6929 {
6930   if (flag_code == CODE_64BIT
6931       && len == sizeof ("unwind") - 1
6932       && strncmp (str, "unwind", 6) == 0)
6933     return SHT_X86_64_UNWIND;
6934 
6935   return -1;
6936 }
6937 
6938 #ifdef TE_PE
6939 void
tc_pe_dwarf2_emit_offset(symbolS * symbol,unsigned int size)6940 tc_pe_dwarf2_emit_offset (symbolS *symbol, unsigned int size)
6941 {
6942   expressionS expr;
6943 
6944   expr.X_op = O_secrel;
6945   expr.X_add_symbol = symbol;
6946   expr.X_add_number = 0;
6947   emit_expr (&expr, size);
6948 }
6949 #endif
6950