| blob | 7bd2c49aee39e724f3cce375cd2fa965f9c06718 |
1 /* aarch64-dis.c -- AArch64 disassembler.
2 Copyright (C) 2009-2020 Free Software Foundation, Inc.
3 Contributed by ARM Ltd.
5 This file is part of the GNU opcodes library.
7 This library is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License as published by
9 the Free Software Foundation; either version 3, or (at your option)
10 any later version.
12 It is distributed in the hope that it will be useful, but WITHOUT
13 ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
14 or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public
15 License for more details.
17 You should have received a copy of the GNU General Public License
18 along with this program; see the file COPYING3. If not,
19 see <http://www.gnu.org/licenses/>. */
29 #define INSNLEN 4
31 /* Cached mapping symbol state. */
32 enum map_type
33 {
34 MAP_INSN,
35 MAP_DATA
36 };
43 /* Other options */
46 output as comments. */
48 /* Currently active instruction sequence. */
51 static void
53 {
54 }
56 static void
58 {
59 /* Try to match options that are simple flags */
61 {
64 }
67 {
70 }
73 {
76 }
79 {
82 }
84 #ifdef DEBUG_AARCH64
86 {
89 }
92 /* Invalid option. */
94 }
96 static void
98 {
105 {
106 /* Skip empty options. */
108 {
109 options++;
111 }
113 /* We know that *options is neither NUL or a comma. */
116 option_end++;
120 /* Go on to the next one. If option_end points to a comma, it
121 will be skipped above. */
123 }
124 }
125 \f
126 /* Functions doing the instruction disassembling. */
128 /* The unnamed arguments consist of the number of fields and information about
129 these fields where the VALUE will be extracted from CODE and returned.
130 MASK can be zero or the base mask of the opcode.
132 N.B. the fields are required to be in such an order than the most signficant
133 field for VALUE comes the first, e.g. the <index> in
134 SQDMLAL <Va><d>, <Vb><n>, <Vm>.<Ts>[<index>]
135 is encoded in H:L:M in some cases, the fields H:L:M should be passed in
136 the order of H, L, M. */
138 aarch64_insn
140 {
151 {
156 }
158 }
160 /* Extract the value of all fields in SELF->fields from instruction CODE.
161 The least significant bit comes from the final field. */
163 static aarch64_insn
165 {
166 aarch64_insn value;
172 {
176 }
178 }
180 /* Sign-extend bit I of VALUE. */
183 {
190 }
192 /* N.B. the following inline helpfer functions create a dependency on the
193 order of operand qualifier enumerators. */
195 /* Given VALUE, return qualifier for a general purpose register. */
198 {
203 }
205 /* Given VALUE, return qualifier for a vector register. This does not support
206 decoding instructions that accept the 2H vector type. */
210 {
213 /* Instructions using vector type 2H should not call this function. Skip over
214 the 2H qualifier. */
221 }
223 /* Given VALUE, return qualifier for an FP or AdvSIMD scalar register. */
226 {
232 }
234 /* Given the instruction in *INST which is probably half way through the
235 decoding and our caller wants to know the expected qualifier for operand
236 I. Return such a qualifier if we can establish it; otherwise return
237 AARCH64_OPND_QLF_NIL. */
239 static aarch64_opnd_qualifier_t
241 {
242 aarch64_opnd_qualifier_seq_t qualifiers;
243 /* Should not be called if the qualifier is known. */
248 else
250 }
252 /* Operand extractors. */
254 bfd_boolean
259 {
262 }
264 bfd_boolean
269 {
274 }
276 /* e.g. IC <ic_op>{, <Xt>}. */
277 bfd_boolean
282 {
287 /* This will make the constraint checking happy and more importantly will
288 help the disassembler determine whether this operand is optional or
289 not. */
293 }
295 /* e.g. SQDMLAL <Va><d>, <Vb><n>, <Vm>.<Ts>[<index>]. */
296 bfd_boolean
301 {
302 /* regno */
306 /* Index and/or type. */
309 {
312 {
314 /* index2 for e.g. INS <Vd>.<Ts>[<index1>], <Vn>.<Ts>[<index2>]. */
317 /* Depend on AARCH64_OPND_Ed to determine the qualifier. */
321 }
322 else
323 {
324 /* index and type for e.g. DUP <V><d>, <Vn>.<T>[<index>].
325 imm5<3:0> <V>
326 0000 RESERVED
327 xxx1 B
328 xx10 H
329 x100 S
330 1000 D */
339 }
340 }
342 {
343 /* Need information in other operand(s) to help decoding. */
346 {
349 /* L:H */
355 }
356 }
358 {
359 /* index for e.g. SM3TT2A <Vd>.4S, <Vn>.4S, <Vm>S[<imm2>]. */
361 }
362 else
363 {
364 /* Index only for e.g. SQDMLAL <Va><d>, <Vb><n>, <Vm>.<Ts>[<index>]
365 or SQDMLAL <Va><d>, <Vb><n>, <Vm>.<Ts>[<index>]. */
367 /* Need information in other operand(s) to help decoding. */
370 {
373 {
374 /* h:l:m */
376 FLD_M);
378 }
379 else
380 {
381 /* h:l */
383 }
386 /* h:l */
390 /* H */
395 }
399 {
400 /* Complex operand takes two elements. */
404 }
405 }
408 }
410 bfd_boolean
415 {
416 /* R */
418 /* len */
421 }
423 /* Decode Rt and opcode fields of Vt in AdvSIMD load/store instructions. */
424 bfd_boolean
429 {
430 aarch64_insn value;
431 /* Number of elements in each structure to be loaded/stored. */
434 struct
435 {
451 };
453 /* Rt */
455 /* opcode */
457 /* PR 21595: Check for a bogus value. */
465 }
467 /* Decode Rt and S fields of Vt in AdvSIMD load single structure to all
468 lanes instructions. */
469 bfd_boolean
474 {
475 aarch64_insn value;
477 /* Rt */
479 /* S */
482 /* Number of registers is equal to the number of elements in
483 each structure to be loaded/stored. */
487 /* Except when it is LD1R. */
492 }
494 /* Decode Q, opcode<2:1>, S, size and Rt fields of Vt in AdvSIMD
495 load/store single element instructions. */
496 bfd_boolean
501 {
506 /* Rt */
509 /* Decode the index, opcode<2:1> and size. */
514 {
517 /* Index encoded in "Q:S:size". */
522 /* UND. */
525 /* Index encoded in "Q:S:size<1>". */
530 /* UND. */
533 {
535 /* Index encoded in "Q:S". */
537 }
538 else
539 {
541 /* UND */
544 /* Index encoded in "Q". */
546 }
550 }
554 /* Number of registers is equal to the number of elements in
555 each structure to be loaded/stored. */
560 }
562 /* Decode fields immh:immb and/or Q for e.g.
563 SSHR <Vd>.<T>, <Vn>.<T>, #<shift>
564 or SSHR <V><d>, <V><n>, #<shift>. */
566 bfd_boolean
571 {
581 /* Get highest set bit in immh. */
590 {
592 /* immh Q <T>
593 0000 x SEE AdvSIMD modified immediate
594 0001 0 8B
595 0001 1 16B
596 001x 0 4H
597 001x 1 8H
598 01xx 0 2S
599 01xx 1 4S
600 1xxx 0 RESERVED
601 1xxx 1 2D */
604 }
605 else
609 /* immh <shift>
610 0000 SEE AdvSIMD modified immediate
611 0001 (16-UInt(immh:immb))
612 001x (32-UInt(immh:immb))
613 01xx (64-UInt(immh:immb))
614 1xxx (128-UInt(immh:immb)) */
616 else
617 /* immh:immb
618 immh <shift>
619 0000 SEE AdvSIMD modified immediate
620 0001 (UInt(immh:immb)-8)
621 001x (UInt(immh:immb)-16)
622 01xx (UInt(immh:immb)-32)
623 1xxx (UInt(immh:immb)-64) */
627 }
629 /* Decode shift immediate for e.g. sshr (imm). */
630 bfd_boolean
635 {
637 aarch64_insn val;
640 {
645 }
648 }
650 /* Decode imm for e.g. BFM <Wd>, <Wn>, #<immr>, #<imms>.
651 value in the field(s) will be extracted as unsigned immediate value. */
652 bfd_boolean
657 {
675 }
677 /* Decode imm and its shifter for e.g. MOVZ <Wd>, #<imm16>{, LSL #<shift>}. */
678 bfd_boolean
683 {
688 }
690 /* Decode cmode and "a:b:c:d:e:f:g:h" for e.g.
691 MOVI <Vd>.<T>, #<imm8> {, LSL #<amount>}. */
692 bfd_boolean
698 {
708 /* a:b:c:d:e:f:g:h */
711 {
712 /* Either MOVI <Dd>, #<imm>
713 or MOVI <Vd>.2D, #<imm>.
714 <imm> is a 64-bit immediate
715 'aaaaaaaabbbbbbbbccccccccddddddddeeeeeeeeffffffffgggggggghhhhhhhh',
716 encoded in "a:b:c:d:e:f:g:h". */
722 }
725 /* cmode */
728 {
730 /* no shift */
734 /* shift zeros */
737 {
742 }
743 /* 00: 0; 01: 8; 10:16; 11:24. */
747 /* shift ones */
755 }
758 }
760 /* Decode an 8-bit floating-point immediate. */
761 bfd_boolean
766 {
770 }
772 /* Decode a 1-bit rotate immediate (#90 or #270). */
773 bfd_boolean
778 {
783 }
785 /* Decode a 2-bit rotate immediate (#0, #90, #180 or #270). */
786 bfd_boolean
791 {
796 }
798 /* Decode scale for e.g. SCVTF <Dd>, <Wn>, #<fbits>. */
799 bfd_boolean
804 {
807 }
809 /* Decode arithmetic immediate for e.g.
810 SUBS <Wd>, <Wn|WSP>, #<imm> {, <shift>}. */
811 bfd_boolean
816 {
817 aarch64_insn value;
820 /* shift */
825 /* imm12 (unsigned) */
829 }
831 /* Return true if VALUE is a valid logical immediate encoding, storing the
832 decoded value in *RESULT if so. ESIZE is the number of bytes in the
833 decoded immediate. */
834 static bfd_boolean
836 {
841 /* value is N:immr:imms. */
846 /* The immediate value is S+1 bits to 1, left rotated by SIMDsize - R
847 (in other words, right rotated by R), then replicated. */
849 {
852 }
853 else
854 {
856 {
863 }
865 /* Top bits are IGNORED. */
867 }
872 /* NOTE: if S = simd_size - 1 we get 0xf..f which is rejected. */
875 /* S+1 consecutive bits to 1. */
876 /* NOTE: S can't be 63 due to detection above. */
878 /* Rotate to the left by simd_size - R. */
881 /* Replicate the value according to SIMD size. */
883 {
885 /* Fall through. */
887 /* Fall through. */
889 /* Fall through. */
891 /* Fall through. */
893 /* Fall through. */
896 }
901 }
903 /* Decode a logical immediate for e.g. ORR <Wd|WSP>, <Wn>, #<imm>. */
904 bfd_boolean
909 {
911 aarch64_insn value;
917 }
919 /* Decode a logical immediate for the BIC alias of AND (etc.). */
920 bfd_boolean
925 {
930 }
932 /* Decode Ft for e.g. STR <Qt>, [<Xn|SP>, <R><m>{, <extend> {<amount>}}]
933 or LDP <Qt1>, <Qt2>, [<Xn|SP>], #<imm>. */
934 bfd_boolean
939 {
940 aarch64_insn value;
942 /* Rt */
945 /* size */
951 {
954 {
959 }
961 }
962 else
963 {
964 /* opc1:size */
969 }
972 }
974 /* Decode the address operand for e.g. STXRB <Ws>, <Wt>, [<Xn|SP>{,#0}]. */
975 bfd_boolean
978 aarch64_insn code,
981 {
982 /* Rn */
985 }
987 /* Decode the address operand for e.g.
988 stlur <Xt>, [<Xn|SP>{, <amount>}]. */
989 bfd_boolean
994 {
997 /* Rn */
1000 /* simm9 */
1006 }
1008 }
1010 /* Decode the address operand for e.g.
1011 STR <Qt>, [<Xn|SP>, <R><m>{, <extend> {<amount>}}]. */
1012 bfd_boolean
1017 {
1020 /* Rn */
1022 /* Rm */
1024 /* option */
1028 /* Fix-up the shifter kind; although the table-driven approach is
1029 efficient, it is slightly inflexible, thus needing this fix-up. */
1032 /* S */
1035 {
1038 }
1039 else
1040 {
1042 /* Need information in other operand(s) to help achieve the decoding
1043 from 'S' field. */
1045 /* Get the size of the data element that is accessed, which may be
1046 different from that of the source register size, e.g. in strb/ldrb. */
1050 }
1053 }
1055 /* Decode the address operand for e.g. LDRSW <Xt>, [<Xn|SP>], #<simm>. */
1056 bfd_boolean
1060 {
1061 aarch64_insn imm;
1064 /* Rn */
1066 /* simm (imm9 or imm7) */
1071 /* scaled immediate in ld/st pair instructions. */
1073 /* qualifier */
1079 else
1080 {
1081 /* pre/post- index */
1085 else
1087 }
1090 }
1092 /* Decode the address operand for e.g. LDRSW <Xt>, [<Xn|SP>{, #<simm>}]. */
1093 bfd_boolean
1095 aarch64_insn code,
1098 {
1102 /* Rn */
1104 /* uimm12 */
1107 }
1109 /* Decode the address operand for e.g. LDRAA <Xt>, [<Xn|SP>{, #<simm>}]. */
1110 bfd_boolean
1112 aarch64_insn code,
1115 {
1116 aarch64_insn imm;
1119 /* Rn */
1121 /* simm10 */
1127 }
1129 }
1131 /* Decode the address operand for e.g.
1132 LD1 {<Vt>.<T>, <Vt2>.<T>, <Vt3>.<T>}, [<Xn|SP>], <Xm|#<amount>>. */
1133 bfd_boolean
1138 {
1139 /* The opcode dependent area stores the number of elements in
1140 each structure to be loaded/stored. */
1143 /* Rn */
1145 /* Rm | #<amount> */
1148 {
1150 /* Special handling of loading single structure to all lane. */
1154 else
1158 }
1159 else
1164 }
1166 /* Decode the condition operand for e.g. CSEL <Xd>, <Xn>, <Xm>, <cond>. */
1167 bfd_boolean
1172 {
1173 aarch64_insn value;
1174 /* cond */
1178 }
1180 /* Decode the system register operand for e.g. MRS <Xt>, <systemreg>. */
1181 bfd_boolean
1184 aarch64_insn code,
1187 {
1188 /* op0:op1:CRn:CRm:op2 */
1193 /* If a system instruction, check which restrictions should be on the register
1194 value during decoding, these will be enforced then. */
1196 {
1197 /* Check to see if it's read-only, else check if it's write only.
1198 if it's both or unspecified don't care. */
1204 }
1207 }
1209 /* Decode the PSTATE field operand for e.g. MSR <pstatefield>, #<imm>. */
1210 bfd_boolean
1215 {
1217 /* op1:op2 */
1222 /* Reserved value in <pstatefield>. */
1224 }
1226 /* Decode the system instruction op operand for e.g. AT <at_op>, <Xt>. */
1227 bfd_boolean
1230 aarch64_insn code,
1233 {
1235 aarch64_insn value;
1237 /* op0:op1:CRn:CRm:op2 */
1243 {
1250 /* Let's remove op2 for rctx. Refer to comments in the definition of
1251 aarch64_sys_regs_sr[]. */
1255 }
1259 {
1266 }
1269 }
1271 /* Decode the memory barrier option operand for e.g. DMB <option>|#<imm>. */
1273 bfd_boolean
1276 aarch64_insn code,
1279 {
1280 /* CRm */
1283 }
1285 /* Decode the prefetch operation option operand for e.g.
1286 PRFM <prfop>, [<Xn|SP>{, #<pimm>}]. */
1288 bfd_boolean
1293 {
1294 /* prfop in Rt */
1297 }
1299 /* Decode the hint number for an alias taking an operand. Set info->hint_option
1300 to the matching name/value pair in aarch64_hint_options. */
1302 bfd_boolean
1305 aarch64_insn code,
1308 {
1309 /* CRm:op2. */
1316 {
1318 {
1321 }
1322 }
1325 }
1327 /* Decode the extended register operand for e.g.
1328 STR <Qt>, [<Xn|SP>, <R><m>{, <extend> {<amount>}}]. */
1329 bfd_boolean
1332 aarch64_insn code,
1335 {
1336 aarch64_insn value;
1338 /* Rm */
1340 /* option */
1344 /* imm3 */
1347 /* This makes the constraint checking happy. */
1350 /* Assume inst->operands[0].qualifier has been resolved. */
1359 }
1361 /* Decode the shifted register operand for e.g.
1362 SUBS <Xd>, <Xn>, <Xm> {, <shift> #<amount>}. */
1363 bfd_boolean
1366 aarch64_insn code,
1369 {
1370 aarch64_insn value;
1372 /* Rm */
1374 /* shift */
1380 /* ROR is not available for the shifted register operand in arithmetic
1381 instructions. */
1383 /* imm6 */
1386 /* This makes the constraint checking happy. */
1390 }
1392 /* Decode an SVE address [<base>, #<offset>*<factor>, MUL VL],
1393 where <offset> is given by the OFFSET parameter and where <factor> is
1394 1 plus SELF's operand-dependent value. fields[0] specifies the field
1395 that holds <base>. */
1396 static bfd_boolean
1400 {
1412 }
1414 /* Decode an SVE address [<base>, #<simm4>*<factor>, MUL VL],
1415 where <simm4> is a 4-bit signed value and where <factor> is 1 plus
1416 SELF's operand-dependent value. fields[0] specifies the field that
1417 holds <base>. <simm4> is encoded in the SVE_imm4 field. */
1418 bfd_boolean
1423 {
1429 }
1431 /* Decode an SVE address [<base>, #<simm6>*<factor>, MUL VL],
1432 where <simm6> is a 6-bit signed value and where <factor> is 1 plus
1433 SELF's operand-dependent value. fields[0] specifies the field that
1434 holds <base>. <simm6> is encoded in the SVE_imm6 field. */
1435 bfd_boolean
1440 {
1446 }
1448 /* Decode an SVE address [<base>, #<simm9>*<factor>, MUL VL],
1449 where <simm9> is a 9-bit signed value and where <factor> is 1 plus
1450 SELF's operand-dependent value. fields[0] specifies the field that
1451 holds <base>. <simm9> is encoded in the concatenation of the SVE_imm6
1452 and imm3 fields, with imm3 being the less-significant part. */
1453 bfd_boolean
1456 aarch64_insn code,
1459 {
1465 }
1467 /* Decode an SVE address [<base>, #<offset> << <shift>], where <offset>
1468 is given by the OFFSET parameter and where <shift> is SELF's operand-
1469 dependent value. fields[0] specifies the base register field <base>. */
1470 static bfd_boolean
1474 {
1483 }
1485 /* Decode an SVE address [X<n>, #<SVE_imm4> << <shift>], where <SVE_imm4>
1486 is a 4-bit signed number and where <shift> is SELF's operand-dependent
1487 value. fields[0] specifies the base register field. */
1488 bfd_boolean
1493 {
1496 }
1498 /* Decode an SVE address [X<n>, #<SVE_imm6> << <shift>], where <SVE_imm6>
1499 is a 6-bit unsigned number and where <shift> is SELF's operand-dependent
1500 value. fields[0] specifies the base register field. */
1501 bfd_boolean
1506 {
1509 }
1511 /* Decode an SVE address [X<n>, X<m>{, LSL #<shift>}], where <shift>
1512 is SELF's operand-dependent value. fields[0] specifies the base
1513 register field and fields[1] specifies the offset register field. */
1514 bfd_boolean
1519 {
1536 }
1538 /* Decode an SVE address [X<n>, Z<m>.<T>, (S|U)XTW {#<shift>}], where
1539 <shift> is SELF's operand-dependent value. fields[0] specifies the
1540 base register field, fields[1] specifies the offset register field and
1541 fields[2] is a single-bit field that selects SXTW over UXTW. */
1542 bfd_boolean
1547 {
1555 else
1561 }
1563 /* Decode an SVE address [Z<n>.<T>, #<imm5> << <shift>], where <imm5> is a
1564 5-bit unsigned number and where <shift> is SELF's operand-dependent value.
1565 fields[0] specifies the base register field. */
1566 bfd_boolean
1571 {
1574 }
1576 /* Decode an SVE address [Z<n>.<T>, Z<m>.<T>{, <modifier> {#<msz>}}],
1577 where <modifier> is given by KIND and where <msz> is a 2-bit unsigned
1578 number. fields[0] specifies the base register field and fields[1]
1579 specifies the offset register field. */
1580 static bfd_boolean
1583 {
1595 }
1597 /* Decode an SVE address [Z<n>.<T>, Z<m>.<T>{, LSL #<msz>}], where
1598 <msz> is a 2-bit unsigned number. fields[0] specifies the base register
1599 field and fields[1] specifies the offset register field. */
1600 bfd_boolean
1605 {
1607 }
1609 /* Decode an SVE address [Z<n>.<T>, Z<m>.<T>, SXTW {#<msz>}], where
1610 <msz> is a 2-bit unsigned number. fields[0] specifies the base register
1611 field and fields[1] specifies the offset register field. */
1612 bfd_boolean
1617 {
1619 }
1621 /* Decode an SVE address [Z<n>.<T>, Z<m>.<T>, UXTW {#<msz>}], where
1622 <msz> is a 2-bit unsigned number. fields[0] specifies the base register
1623 field and fields[1] specifies the offset register field. */
1624 bfd_boolean
1629 {
1631 }
1633 /* Finish decoding an SVE arithmetic immediate, given that INFO already
1634 has the raw field value and that the low 8 bits decode to VALUE. */
1635 static bfd_boolean
1637 {
1641 {
1643 /* Decode 0x100 as #0, LSL #8. */
1645 else
1647 }
1652 }
1654 /* Decode an SVE ADD/SUB immediate. */
1655 bfd_boolean
1660 {
1663 }
1665 /* Decode an SVE CPY/DUP immediate. */
1666 bfd_boolean
1671 {
1674 }
1676 /* Decode a single-bit immediate that selects between #0.5 and #1.0.
1677 The fields array specifies which field to use. */
1678 bfd_boolean
1683 {
1686 else
1690 }
1692 /* Decode a single-bit immediate that selects between #0.5 and #2.0.
1693 The fields array specifies which field to use. */
1694 bfd_boolean
1699 {
1702 else
1706 }
1708 /* Decode a single-bit immediate that selects between #0.0 and #1.0.
1709 The fields array specifies which field to use. */
1710 bfd_boolean
1715 {
1718 else
1722 }
1724 /* Decode Zn[MM], where MM has a 7-bit triangular encoding. The fields
1725 array specifies which field to use for Zn. MM is encoded in the
1726 concatenation of imm5 and SVE_tszh, with imm5 being the less
1727 significant part. */
1728 bfd_boolean
1733 {
1744 }
1746 /* Decode a logical immediate for the MOV alias of SVE DUPM. */
1747 bfd_boolean
1752 {
1756 }
1758 /* Decode Zn[MM], where Zn occupies the least-significant part of the field
1759 and where MM occupies the most-significant part. The operand-dependent
1760 value specifies the number of bits in Zn. */
1761 bfd_boolean
1766 {
1772 }
1774 /* Decode {Zn.<T> - Zm.<T>}. The fields array specifies which field
1775 to use for Zn. The opcode-dependent value specifies the number
1776 of registers in the list. */
1777 bfd_boolean
1782 {
1786 }
1788 /* Decode <pattern>{, MUL #<amount>}. The fields array specifies which
1789 fields to use for <pattern>. <amount> - 1 is encoded in the SVE_imm4
1790 field. */
1791 bfd_boolean
1795 {
1806 }
1808 /* Return the top set bit in VALUE, which is expected to be relatively
1809 small. */
1810 static uint64_t
1812 {
1816 }
1818 /* Decode an SVE shift-left immediate. */
1819 bfd_boolean
1823 {
1830 }
1832 /* Decode an SVE shift-right immediate. */
1833 bfd_boolean
1837 {
1844 }
1845 \f
1846 /* Bitfields that are commonly used to encode certain operands' information
1847 may be partially used as part of the base opcode in some instructions.
1848 For example, the bit 1 of the field 'size' in
1849 FCVTXN <Vb><d>, <Va><n>
1850 is actually part of the base opcode, while only size<0> is available
1851 for encoding the register type. Another example is the AdvSIMD
1852 instruction ORR (register), in which the field 'size' is also used for
1853 the base opcode, leaving only the field 'Q' available to encode the
1854 vector register arrangement specifier '8B' or '16B'.
1856 This function tries to deduce the qualifier from the value of partially
1857 constrained field(s). Given the VALUE of such a field or fields, the
1858 qualifiers CANDIDATES and the MASK (indicating which bits are valid for
1859 operand encoding), the function returns the matching qualifier or
1860 AARCH64_OPND_QLF_NIL if nothing matches.
1862 N.B. CANDIDATES is a group of possible qualifiers that are valid for
1863 one operand; it has a maximum of AARCH64_MAX_QLF_SEQ_NUM qualifiers and
1864 may end with AARCH64_OPND_QLF_NIL. */
1866 static enum aarch64_opnd_qualifier
1869 candidates,
1870 aarch64_insn mask)
1871 {
1875 {
1876 aarch64_insn standard_value;
1882 }
1884 }
1886 /* Given a list of qualifier sequences, return all possible valid qualifiers
1887 for operand IDX in QUALIFIERS.
1888 Assume QUALIFIERS is an array whose length is large enough. */
1890 static void
1894 {
1899 }
1901 /* Decode the size Q field for e.g. SHADD.
1902 We tag one operand with the qualifer according to the code;
1903 whether the qualifier is valid for this opcode or not, it is the
1904 duty of the semantic checking. */
1906 static int
1908 {
1911 aarch64_insn code;
1921 else
1926 /* Obtain the info that which bits of fields Q and size are actually
1927 available for operand encoding. Opcodes like FMAXNM and FMLA have
1928 size[1] unavailable. */
1931 /* The index of the operand we are going to tag a qualifier and the qualifer
1932 itself are reasoned from the value of the size and Q fields and the
1933 possible valid qualifier lists. */
1937 /* For most related instruciton, size:Q are fully available for operand
1938 encoding. */
1940 {
1943 }
1946 candidates);
1947 #ifdef DEBUG_AARCH64
1949 {
1956 }
1966 }
1968 /* Decode size[0]:Q, i.e. bit 22 and bit 30, for
1969 e.g. FCVTN<Q> <Vd>.<Tb>, <Vn>.<Ta>. */
1971 static int
1973 {
1975 aarch64_insn value;
1983 {
1986 /* FCVTN<Q> <Vd>.<Tb>, <Vn>.<Ta>. */
1991 /* FCVTL<Q> <Vd>.<Ta>, <Vn>.<Tb>. */
1997 }
2000 }
2002 /* Decode size[0], i.e. bit 22, for
2003 e.g. FCVTXN <Vb><d>, <Va><n>. */
2005 static int
2007 {
2014 }
2016 /* Decode the 'opc' field for e.g. FCVT <Dd>, <Sn>. */
2017 static int
2019 {
2021 aarch64_insn value;
2024 /* opc dstsize */
2027 {
2032 }
2036 }
2038 /* Do miscellaneous decodings that are not common enough to be driven by
2039 flags. */
2041 static int
2043 {
2046 {
2070 /* Index must be zero. */
2079 /* Index must be nonzero. */
2099 }
2100 }
2102 /* Opcodes that have fields shared by multiple operands are usually flagged
2103 with flags. In this function, we detect such flags, decode the related
2104 field(s) and store the information in one of the related operands. The
2105 'one' operand is not any operand but one of the operands that can
2106 accommadate all the information that has been decoded. */
2108 static int
2110 {
2112 aarch64_insn value;
2113 /* Condition for truly conditional executed instructions, e.g. b.cond. */
2115 {
2118 }
2119 /* 'sf' field. */
2121 {
2128 }
2129 /* 'sf' field. */
2131 {
2135 }
2136 /* size:Q fields. */
2141 {
2145 {
2150 }
2151 }
2154 {
2155 /* N.B. some opcodes like FCMGT <V><d>, <V><n>, #0 have the size[1] as part
2156 of the base opcode. */
2157 aarch64_insn mask;
2162 /* For most related instruciton, the 'size' field is fully available for
2163 operand encoding. */
2166 else
2167 {
2169 candidates);
2172 }
2173 }
2176 {
2177 /* Num of consecutive '0's on the right side of imm5<3:0>. */
2182 /* imm5<3:0> q <t>
2183 0000 x reserved
2184 xxx1 0 8b
2185 xxx1 1 16b
2186 xx10 0 4h
2187 xx10 1 8h
2188 x100 0 2s
2189 x100 1 4s
2190 1000 0 reserved
2191 1000 1 2d */
2200 }
2203 {
2204 /* Use Rt to encode in the case of e.g.
2205 STXP <Ws>, <Xt1>, <Xt2>, [<Xn|SP>{,#0}]. */
2208 {
2209 /* Otherwise use the result operand, which has to be a integer
2210 register. */
2214 }
2218 }
2221 {
2229 }
2231 /* Miscellaneous decoding; done as the last step. */
2236 }
2238 /* Converters converting a real opcode instruction to its alias form. */
2240 /* ROR <Wd>, <Ws>, #<shift>
2241 is equivalent to:
2242 EXTR <Wd>, <Ws>, <Ws>, #<shift>. */
2243 static int
2245 {
2247 {
2251 }
2253 }
2255 /* UXTL<Q> <Vd>.<Ta>, <Vn>.<Tb>
2256 is equivalent to:
2257 USHLL<Q> <Vd>.<Ta>, <Vn>.<Tb>, #0. */
2258 static int
2260 {
2262 {
2265 }
2267 }
2269 /* Convert
2270 UBFM <Xd>, <Xn>, #<shift>, #63.
2271 to
2272 LSR <Xd>, <Xn>, #<shift>. */
2273 static int
2275 {
2281 {
2284 }
2287 }
2289 /* Convert MOV to ORR. */
2290 static int
2292 {
2293 /* MOV <Vd>.<T>, <Vn>.<T>
2294 is equivalent to:
2295 ORR <Vd>.<T>, <Vn>.<T>, <Vn>.<T>. */
2297 {
2300 }
2302 }
2304 /* When <imms> >= <immr>, the instruction written:
2305 SBFX <Xd>, <Xn>, #<lsb>, #<width>
2306 is equivalent to:
2307 SBFM <Xd>, <Xn>, #<lsb>, #(<lsb>+<width>-1). */
2309 static int
2311 {
2317 {
2321 /* The two opcodes have different qualifiers for
2322 the immediate operands; reset to help the checking. */
2326 }
2329 }
2331 /* When <imms> < <immr>, the instruction written:
2332 SBFIZ <Xd>, <Xn>, #<lsb>, #<width>
2333 is equivalent to:
2334 SBFM <Xd>, <Xn>, #((64-<lsb>)&0x3f), #(<width>-1). */
2336 static int
2338 {
2345 {
2348 /* The two opcodes have different qualifiers for
2349 the immediate operands; reset to help the checking. */
2353 }
2356 }
2358 /* The instruction written:
2359 BFC <Xd>, #<lsb>, #<width>
2360 is equivalent to:
2361 BFM <Xd>, XZR, #((64-<lsb>)&0x3f), #(<width>-1). */
2363 static int
2365 {
2368 /* Should have been assured by the base opcode value. */
2375 {
2376 /* Drop XZR from the second operand. */
2381 /* Recalculate the immediates. */
2385 /* The two opcodes have different qualifiers for the operands; reset to
2386 help the checking. */
2392 }
2395 }
2397 /* The instruction written:
2398 LSL <Xd>, <Xn>, #<shift>
2399 is equivalent to:
2400 UBFM <Xd>, <Xn>, #((64-<shift>)&0x3f), #(63-<shift>). */
2402 static int
2404 {
2407 int64_t val
2411 {
2415 }
2418 }
2420 /* CINC <Wd>, <Wn>, <cond>
2421 is equivalent to:
2422 CSINC <Wd>, <Wn>, <Wn>, invert(<cond>)
2423 where <cond> is not AL or NV. */
2425 static int
2427 {
2430 {
2435 }
2437 }
2439 /* CSET <Wd>, <cond>
2440 is equivalent to:
2441 CSINC <Wd>, WZR, WZR, invert(<cond>)
2442 where <cond> is not AL or NV. */
2444 static int
2446 {
2450 {
2456 }
2458 }
2460 /* MOV <Wd>, #<imm>
2461 is equivalent to:
2462 MOVZ <Wd>, #<imm16>, LSL #<shift>.
2464 A disassembler may output ORR, MOVZ and MOVN as a MOV mnemonic, except when
2465 ORR has an immediate that could be generated by a MOVZ or MOVN instruction,
2466 or where a MOVN has an immediate that could be encoded by MOVZ, or where
2467 MOVZ/MOVN #0 have a shift amount other than LSL #0, in which case the
2468 machine-instruction mnemonic must be used. */
2470 static int
2472 {
2474 /* MOVZ/MOVN #0 have a shift amount other than LSL #0. */
2480 /* As an alias convertor, it has to be clear that the INST->OPCODE
2481 is the opcode of the real instruction. */
2483 {
2486 /* A MOVN has an immediate that could be encoded by MOVZ. */
2489 }
2493 }
2495 /* MOV <Wd>, #<imm>
2496 is equivalent to:
2497 ORR <Wd>, WZR, #<imm>.
2499 A disassembler may output ORR, MOVZ and MOVN as a MOV mnemonic, except when
2500 ORR has an immediate that could be generated by a MOVZ or MOVN instruction,
2501 or where a MOVN has an immediate that could be encoded by MOVZ, or where
2502 MOVZ/MOVN #0 have a shift amount other than LSL #0, in which case the
2503 machine-instruction mnemonic must be used. */
2505 static int
2507 {
2511 /* Should have been assured by the base opcode value. */
2517 /* ORR has an immediate that could be generated by a MOVZ or MOVN
2518 instruction. */
2526 }
2528 /* Some alias opcodes are disassembled by being converted from their real-form.
2529 N.B. INST->OPCODE is the real opcode rather than the alias. */
2531 static int
2533 {
2535 {
2574 }
2575 }
2577 static bfd_boolean
2581 /* Given the instruction information in *INST, check if the instruction has
2582 any alias form that can be used to represent *INST. If the answer is yes,
2583 update *INST to be in the form of the determined alias. */
2585 /* In the opcode description table, the following flags are used in opcode
2586 entries to help establish the relations between the real and alias opcodes:
2588 F_ALIAS: opcode is an alias
2589 F_HAS_ALIAS: opcode has alias(es)
2590 F_P1
2591 F_P2
2592 F_P3: Disassembly preference priority 1-3 (the larger the
2593 higher). If nothing is specified, it is the priority
2594 0 by default, i.e. the lowest priority.
2596 Although the relation between the machine and the alias instructions are not
2597 explicitly described, it can be easily determined from the base opcode
2598 values, masks and the flags F_ALIAS and F_HAS_ALIAS in their opcode
2599 description entries:
2601 The mask of an alias opcode must be equal to or a super-set (i.e. more
2602 constrained) of that of the aliased opcode; so is the base opcode value.
2604 if (opcode_has_alias (real) && alias_opcode_p (opcode)
2605 && (opcode->mask & real->mask) == real->mask
2606 && (real->mask & opcode->opcode) == (real->mask & real->opcode))
2607 then OPCODE is an alias of, and only of, the REAL instruction
2609 The alias relationship is forced flat-structured to keep related algorithm
2610 simple; an opcode entry cannot be flagged with both F_ALIAS and F_HAS_ALIAS.
2612 During the disassembling, the decoding decision tree (in
2613 opcodes/aarch64-dis-2.c) always returns an machine instruction opcode entry;
2614 if the decoding of such a machine instruction succeeds (and -Mno-aliases is
2615 not specified), the disassembler will check whether there is any alias
2616 instruction exists for this real instruction. If there is, the disassembler
2617 will try to disassemble the 32-bit binary again using the alias's rule, or
2618 try to convert the IR to the form of the alias. In the case of the multiple
2619 aliases, the aliases are tried one by one from the highest priority
2620 (currently the flag F_P3) to the lowest priority (no priority flag), and the
2621 first succeeds first adopted.
2623 You may ask why there is a need for the conversion of IR from one form to
2624 another in handling certain aliases. This is because on one hand it avoids
2625 adding more operand code to handle unusual encoding/decoding; on other
2626 hand, during the disassembling, the conversion is an effective approach to
2627 check the condition of an alias (as an alias may be adopted only if certain
2628 conditions are met).
2630 In order to speed up the alias opcode lookup, aarch64-gen has preprocessed
2631 aarch64_opcode_table and generated aarch64_find_alias_opcode and
2632 aarch64_find_next_alias_opcode (in opcodes/aarch64-dis-2.c) to help. */
2634 static void
2637 {
2643 /* This opcode does not have an alias, so use itself. */
2650 #ifdef DEBUG_AARCH64
2652 {
2656 {
2659 }
2661 }
2665 {
2669 /* An alias can be a pseudo opcode which will never be used in the
2670 disassembly, e.g. BIC logical immediate is such a pseudo opcode
2671 aliasing AND. */
2673 {
2676 }
2679 {
2682 }
2683 /* No need to do any complicated transformation on operands, if the alias
2684 opcode does not have any operand. */
2686 {
2690 }
2692 {
2693 aarch64_inst copy;
2695 /* ALIAS is the preference as long as the instruction can be
2696 successfully converted to the form of ALIAS. */
2698 {
2704 }
2705 }
2706 else
2707 {
2708 /* Directly decode the alias opcode. */
2709 aarch64_inst temp;
2712 {
2716 }
2717 }
2718 }
2719 }
2721 /* Some instructions (including all SVE ones) use the instruction class
2722 to describe how a qualifiers_list index is represented in the instruction
2723 encoding. If INST is such an instruction, decode the appropriate fields
2724 and fill in the operand qualifiers accordingly. Return true if no
2725 problems are found. */
2727 static bfd_boolean
2729 {
2734 {
2744 {
2747 }
2751 /* Pick the smallest applicable element size. */
2758 else
2763 /* sve_misc instructions have only a single variant. */
2776 sve_shift:
2780 {
2783 }
2824 /* Ignore low bit of this field since that is set in the opcode for
2825 instructions of this iclass. */
2835 {
2838 }
2846 {
2851 }
2859 {
2862 }
2866 /* No mapping between instruction class and qualifiers. */
2868 }
2873 }
2874 /* Decode the CODE according to OPCODE; fill INST. Return 0 if the decoding
2875 fails, which meanes that CODE is not an instruction of OPCODE; otherwise
2876 return 1.
2878 If OPCODE has alias(es) and NOALIASES_P is 0, an alias opcode may be
2879 determined and used to disassemble CODE; this is done just before the
2880 return. */
2882 static bfd_boolean
2886 {
2893 /* Clear inst. */
2896 /* Check the base opcode. */
2898 {
2901 }
2906 /* Assign operand codes and indexes. */
2908 {
2913 }
2915 /* Call the opcode decoder indicated by flags. */
2917 {
2920 }
2922 /* Possibly use the instruction class to determine the correct
2923 qualifier. */
2925 {
2928 }
2930 /* Call operand decoders. */
2932 {
2942 errors)))
2943 {
2946 }
2947 }
2949 /* If the opcode has a verifier, then check it now. */
2952 {
2955 }
2957 /* Match the qualifiers. */
2959 {
2960 /* Arriving here, the CODE has been determined as a valid instruction
2961 of OPCODE and *INST has been filled with information of this OPCODE
2962 instruction. Before the return, check if the instruction has any
2963 alias and should be disassembled in the form of its alias instead.
2964 If the answer is yes, *INST will be updated. */
2969 }
2970 else
2971 {
2973 }
2975 decode_fail:
2977 }
2978 \f
2979 /* This does some user-friendly fix-up to *INST. It is currently focus on
2980 the adjustment of qualifiers to help the printed instruction
2981 recognized/understood more easily. */
2983 static void
2985 {
2987 {
2989 /* TBNZ Xn|Wn, #uimm6, label
2990 Test and Branch Not Zero: conditionally jumps to label if bit number
2991 uimm6 in register Xn is not zero. The bit number implies the width of
2992 the register, which may be written and should be disassembled as Wn if
2993 uimm is less than 32. Limited to a branch offset range of +/- 32KiB.
2994 */
2999 }
3000 }
3002 /* Decode INSN and fill in *INST the instruction information. An alias
3003 opcode may be filled in *INSN if NOALIASES_P is FALSE. Return zero on
3004 success. */
3006 enum err_type
3008 bfd_boolean noaliases_p,
3010 {
3013 #ifdef DEBUG_AARCH64
3015 {
3020 {
3023 }
3024 }
3027 /* A list of opcodes may have been found, as aarch64_opcode_lookup cannot
3028 distinguish some opcodes, e.g. SSHR and MOVI, which almost share the same
3029 opcode field and value, apart from the difference that one of them has an
3030 extra field as part of the opcode, but such a field is used for operand
3031 encoding in other opcode(s) ('immh' in the case of the example). */
3033 {
3034 /* But only one opcode can be decoded successfully for, as the
3035 decoding routine will check the constraint carefully. */
3039 }
3042 }
3044 /* Print operands. */
3046 static void
3050 {
3054 {
3056 /* We regard the opcode operand info more, however we also look into
3057 the inst->operands to support the disassembling of the optional
3058 operand.
3059 The two operand code should be the same in all cases, apart from
3060 when the operand can be optional. */
3065 /* Generate the operand string in STR. */
3069 /* Print the delimiter (taking account of omitted operand(s)). */
3074 /* Print the operand. */
3077 else
3079 }
3082 {
3085 }
3086 }
3088 /* Set NAME to a copy of INST's mnemonic with the "." suffix removed. */
3090 static void
3092 {
3102 }
3104 /* Print the instruction mnemonic name. */
3106 static void
3108 {
3110 {
3111 /* For instructions that are truly conditionally executed, e.g. b.cond,
3112 prepare the full mnemonic name with the corresponding condition
3113 suffix. */
3118 }
3119 else
3121 }
3123 /* Decide whether we need to print a comment after the operands of
3124 instruction INST. */
3126 static void
3128 {
3130 {
3140 }
3141 }
3143 /* Build notes from verifiers into a string for printing. */
3145 static void
3148 {
3152 /* The output of the verifier cannot be a fatal error, otherwise the assembly
3153 would not have succeeded. We can safely ignore these. */
3157 /* If there are multiple verifier messages, concat them up to 1k. */
3161 }
3163 /* Print the instruction according to *INST. */
3165 static void
3170 {
3177 /* We've already printed a note, not enough space to print more so exit.
3178 Usually notes shouldn't overlap so it shouldn't happen that we have a note
3179 from a register and instruction at the same time. */
3183 /* Always run constraint verifiers, this is needed because constraints need to
3184 maintain a global state regardless of whether the instruction has the flag
3185 set or not. */
3189 {
3199 }
3200 }
3202 /* Entry-point of the instruction disassembler and printer. */
3204 static void
3209 {
3211 {
3216 };
3219 aarch64_inst inst;
3228 /* If the instruction has a reloc associated with it, then
3229 the offset field in the instruction will actually be the
3230 addend for the reloc. (If we are using REL type relocs).
3231 In such cases, we can ignore the pc when computing
3232 addresses, since the addend is not currently pc-relative. */
3238 {
3239 /* RESERVED for ALES. */
3242 }
3245 {
3249 /* Handle undefined instructions. */
3260 }
3261 }
3263 /* Disallow mapping symbols ($x, $d etc) from
3264 being displayed in symbol relative addresses. */
3266 bfd_boolean
3269 {
3277 return name
3281 }
3283 /* Print data bytes on INFO->STREAM. */
3285 static void
3290 {
3292 {
3304 }
3305 }
3307 /* Try to infer the code or data type from a symbol.
3308 Returns nonzero if *MAP_TYPE was set. */
3310 static int
3313 {
3318 /* If the symbol is in a different section, ignore it. */
3325 /* If the symbol has function type then use that. */
3327 {
3330 }
3332 /* Check for mapping symbols. */
3337 {
3340 }
3343 }
3345 /* Entry-point of the AArch64 disassembler. */
3347 int
3350 {
3354 aarch64_operand_error *);
3358 aarch64_operand_error errors;
3361 {
3366 /* To avoid repeated parsing of these options, we remove them here. */
3368 }
3370 /* Aarch64 instructions are always little-endian */
3373 /* Default to DATA. A text section is required by the ABI to contain an
3374 INSN mapping symbol at the start. A data section has no such
3375 requirement, hence if no mapping symbol is found the section must
3376 contain only data. This however isn't very useful if the user has
3377 fully stripped the binaries. If this is the case use the section
3378 attributes to determine the default. If we have no section default to
3379 INSN as well, as we may be disassembling some raw bytes on a baremetal
3380 HEX file or similar. */
3385 /* First check the full symtab for a mapping symbol, even if there
3386 are no usable non-mapping symbols for this address. */
3389 {
3392 bfd_boolean can_use_search_opt_p;
3398 /* Start scanning at the start of the function, or wherever
3399 we finished last time. */
3402 /* If the last stop offset is different from the current one it means we
3403 are disassembling a different glob of bytes. As such the optimization
3404 would not be safe and we should start over. */
3411 /* Look down while we haven't passed the location being disassembled.
3412 The reason for this is that there's no defined order between a symbol
3413 and an mapping symbol that may be at the same address. We may have to
3414 look at least one position ahead. */
3416 {
3421 {
3424 }
3425 }
3428 {
3433 /* No mapping symbol found at this address. Look backwards
3434 for a preceeding one, but don't go pass the section start
3435 otherwise a data section with no mapping symbol can pick up
3436 a text mapping symbol of a preceeding section. The documentation
3437 says section can be NULL, in which case we will seek up all the
3438 way to the top. */
3443 {
3449 {
3453 }
3454 }
3455 }
3461 /* Look a little bit ahead to see if we should print out
3462 less than four bytes of data. If there's a symbol,
3463 mapping or otherwise, after two bytes then don't
3464 print more. */
3466 {
3469 {
3472 {
3476 }
3477 }
3478 /* If the next symbol is after three bytes, we need to
3479 print only part of the data, so that we can use either
3480 .byte or .short. */
3483 }
3484 }
3485 else
3488 /* PR 10263: Disassemble data if requested to do so by the user. */
3490 {
3491 /* size was set above. */
3495 }
3496 else
3497 {
3501 }
3505 {
3508 }
3516 }
3517 \f
3518 void
3520 {
3537 #ifdef DEBUG_AARCH64
3543 }