xref: /llvm-project/bolt/lib/Target/X86/X86MCPlusBuilder.cpp (revision 933df2a460edd1a9f5a82ca5ea21c89140e51dd7)
1 //===-- X86MCPlusBuilder.cpp ------------------------------------------===//
2 //
3 // Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
4 // See https://llvm.org/LICENSE.txt for license information.
5 // SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
6 //
7 //===----------------------------------------------------------------------===//
8 //
9 // This file provides X86-specific MC+ builder.
10 //
11 //===----------------------------------------------------------------------===//
12 
13 #include "MCTargetDesc/X86BaseInfo.h"
14 #include "MCTargetDesc/X86MCTargetDesc.h"
15 #include "bolt/Core/MCPlusBuilder.h"
16 #include "llvm/MC/MCContext.h"
17 #include "llvm/MC/MCFixupKindInfo.h"
18 #include "llvm/MC/MCInstBuilder.h"
19 #include "llvm/MC/MCInstrInfo.h"
20 #include "llvm/MC/MCRegisterInfo.h"
21 #include "llvm/Support/DataExtractor.h"
22 #include "llvm/Support/Debug.h"
23 #include "llvm/Support/Errc.h"
24 #include "llvm/Support/ErrorHandling.h"
25 #include "llvm/Support/ErrorOr.h"
26 #include <set>
27 
28 #define DEBUG_TYPE "bolt-x86"
29 
30 using namespace llvm;
31 using namespace bolt;
32 
33 namespace {
34 
35 unsigned getShortBranchOpcode(unsigned Opcode) {
36   switch (Opcode) {
37   default:
38     return Opcode;
39   case X86::JMP_2: return X86::JMP_1;
40   case X86::JMP_4: return X86::JMP_1;
41   case X86::JCC_2: return X86::JCC_1;
42   case X86::JCC_4: return X86::JCC_1;
43   }
44 }
45 
46 unsigned getShortArithOpcode(unsigned Opcode) {
47   switch (Opcode) {
48   default:
49     return Opcode;
50 
51   // IMUL
52   case X86::IMUL16rri:   return X86::IMUL16rri8;
53   case X86::IMUL16rmi:   return X86::IMUL16rmi8;
54   case X86::IMUL32rri:   return X86::IMUL32rri8;
55   case X86::IMUL32rmi:   return X86::IMUL32rmi8;
56   case X86::IMUL64rri32: return X86::IMUL64rri8;
57   case X86::IMUL64rmi32: return X86::IMUL64rmi8;
58 
59   // OR
60   case X86::OR16ri:    return X86::OR16ri8;
61   case X86::OR16mi:    return X86::OR16mi8;
62   case X86::OR32ri:    return X86::OR32ri8;
63   case X86::OR32mi:    return X86::OR32mi8;
64   case X86::OR64ri32:  return X86::OR64ri8;
65   case X86::OR64mi32:  return X86::OR64mi8;
66 
67   // AND
68   case X86::AND16ri:   return X86::AND16ri8;
69   case X86::AND16mi:   return X86::AND16mi8;
70   case X86::AND32ri:   return X86::AND32ri8;
71   case X86::AND32mi:   return X86::AND32mi8;
72   case X86::AND64ri32: return X86::AND64ri8;
73   case X86::AND64mi32: return X86::AND64mi8;
74 
75   // XOR
76   case X86::XOR16ri:   return X86::XOR16ri8;
77   case X86::XOR16mi:   return X86::XOR16mi8;
78   case X86::XOR32ri:   return X86::XOR32ri8;
79   case X86::XOR32mi:   return X86::XOR32mi8;
80   case X86::XOR64ri32: return X86::XOR64ri8;
81   case X86::XOR64mi32: return X86::XOR64mi8;
82 
83   // ADD
84   case X86::ADD16ri:   return X86::ADD16ri8;
85   case X86::ADD16mi:   return X86::ADD16mi8;
86   case X86::ADD32ri:   return X86::ADD32ri8;
87   case X86::ADD32mi:   return X86::ADD32mi8;
88   case X86::ADD64ri32: return X86::ADD64ri8;
89   case X86::ADD64mi32: return X86::ADD64mi8;
90 
91   // SUB
92   case X86::SUB16ri:   return X86::SUB16ri8;
93   case X86::SUB16mi:   return X86::SUB16mi8;
94   case X86::SUB32ri:   return X86::SUB32ri8;
95   case X86::SUB32mi:   return X86::SUB32mi8;
96   case X86::SUB64ri32: return X86::SUB64ri8;
97   case X86::SUB64mi32: return X86::SUB64mi8;
98 
99   // CMP
100   case X86::CMP16ri:   return X86::CMP16ri8;
101   case X86::CMP16mi:   return X86::CMP16mi8;
102   case X86::CMP32ri:   return X86::CMP32ri8;
103   case X86::CMP32mi:   return X86::CMP32mi8;
104   case X86::CMP64ri32: return X86::CMP64ri8;
105   case X86::CMP64mi32: return X86::CMP64mi8;
106 
107   // PUSH
108   case X86::PUSHi32:    return X86::PUSH32i8;
109   case X86::PUSHi16:    return X86::PUSH16i8;
110   case X86::PUSH64i32:  return X86::PUSH64i8;
111   }
112 }
113 
114 bool isADD(unsigned Opcode) {
115   switch (Opcode) {
116   default:
117     return false;
118   case X86::ADD16i16:
119   case X86::ADD16mi:
120   case X86::ADD16mi8:
121   case X86::ADD16mr:
122   case X86::ADD16ri:
123   case X86::ADD16ri8:
124   case X86::ADD16ri8_DB:
125   case X86::ADD16ri_DB:
126   case X86::ADD16rm:
127   case X86::ADD16rr:
128   case X86::ADD16rr_DB:
129   case X86::ADD16rr_REV:
130   case X86::ADD32i32:
131   case X86::ADD32mi:
132   case X86::ADD32mi8:
133   case X86::ADD32mr:
134   case X86::ADD32ri:
135   case X86::ADD32ri8:
136   case X86::ADD32ri8_DB:
137   case X86::ADD32ri_DB:
138   case X86::ADD32rm:
139   case X86::ADD32rr:
140   case X86::ADD32rr_DB:
141   case X86::ADD32rr_REV:
142   case X86::ADD64i32:
143   case X86::ADD64mi32:
144   case X86::ADD64mi8:
145   case X86::ADD64mr:
146   case X86::ADD64ri32:
147   case X86::ADD64ri32_DB:
148   case X86::ADD64ri8:
149   case X86::ADD64ri8_DB:
150   case X86::ADD64rm:
151   case X86::ADD64rr:
152   case X86::ADD64rr_DB:
153   case X86::ADD64rr_REV:
154   case X86::ADD8i8:
155   case X86::ADD8mi:
156   case X86::ADD8mi8:
157   case X86::ADD8mr:
158   case X86::ADD8ri:
159   case X86::ADD8ri8:
160   case X86::ADD8rm:
161   case X86::ADD8rr:
162   case X86::ADD8rr_REV:
163     return true;
164   }
165 }
166 
167 bool isAND(unsigned Opcode) {
168   switch (Opcode) {
169   default:
170     return false;
171   case X86::AND16i16:
172   case X86::AND16mi:
173   case X86::AND16mi8:
174   case X86::AND16mr:
175   case X86::AND16ri:
176   case X86::AND16ri8:
177   case X86::AND16rm:
178   case X86::AND16rr:
179   case X86::AND16rr_REV:
180   case X86::AND32i32:
181   case X86::AND32mi:
182   case X86::AND32mi8:
183   case X86::AND32mr:
184   case X86::AND32ri:
185   case X86::AND32ri8:
186   case X86::AND32rm:
187   case X86::AND32rr:
188   case X86::AND32rr_REV:
189   case X86::AND64i32:
190   case X86::AND64mi32:
191   case X86::AND64mi8:
192   case X86::AND64mr:
193   case X86::AND64ri32:
194   case X86::AND64ri8:
195   case X86::AND64rm:
196   case X86::AND64rr:
197   case X86::AND64rr_REV:
198   case X86::AND8i8:
199   case X86::AND8mi:
200   case X86::AND8mi8:
201   case X86::AND8mr:
202   case X86::AND8ri:
203   case X86::AND8ri8:
204   case X86::AND8rm:
205   case X86::AND8rr:
206   case X86::AND8rr_REV:
207     return true;
208   }
209 }
210 
211 bool isCMP(unsigned Opcode) {
212   switch (Opcode) {
213   default:
214     return false;
215   case X86::CMP16i16:
216   case X86::CMP16mi:
217   case X86::CMP16mi8:
218   case X86::CMP16mr:
219   case X86::CMP16ri:
220   case X86::CMP16ri8:
221   case X86::CMP16rm:
222   case X86::CMP16rr:
223   case X86::CMP16rr_REV:
224   case X86::CMP32i32:
225   case X86::CMP32mi:
226   case X86::CMP32mi8:
227   case X86::CMP32mr:
228   case X86::CMP32ri:
229   case X86::CMP32ri8:
230   case X86::CMP32rm:
231   case X86::CMP32rr:
232   case X86::CMP32rr_REV:
233   case X86::CMP64i32:
234   case X86::CMP64mi32:
235   case X86::CMP64mi8:
236   case X86::CMP64mr:
237   case X86::CMP64ri32:
238   case X86::CMP64ri8:
239   case X86::CMP64rm:
240   case X86::CMP64rr:
241   case X86::CMP64rr_REV:
242   case X86::CMP8i8:
243   case X86::CMP8mi:
244   case X86::CMP8mi8:
245   case X86::CMP8mr:
246   case X86::CMP8ri:
247   case X86::CMP8ri8:
248   case X86::CMP8rm:
249   case X86::CMP8rr:
250   case X86::CMP8rr_REV:
251     return true;
252   }
253 }
254 
255 bool isDEC(unsigned Opcode) {
256   switch (Opcode) {
257   default:
258     return false;
259   case X86::DEC16m:
260   case X86::DEC16r:
261   case X86::DEC16r_alt:
262   case X86::DEC32m:
263   case X86::DEC32r:
264   case X86::DEC32r_alt:
265   case X86::DEC64r:
266   case X86::DEC64m:
267   case X86::DEC8m:
268   case X86::DEC8r:
269     return true;
270   }
271 }
272 
273 bool isINC(unsigned Opcode) {
274   switch (Opcode) {
275   default:
276     return false;
277   case X86::INC16m:
278   case X86::INC16r:
279   case X86::INC16r_alt:
280   case X86::INC32m:
281   case X86::INC32r:
282   case X86::INC32r_alt:
283   case X86::INC64r:
284   case X86::INC64m:
285   case X86::INC8m:
286   case X86::INC8r:
287     return true;
288   }
289 }
290 
291 bool isSUB(unsigned Opcode) {
292   switch (Opcode) {
293   default:
294     return false;
295   case X86::SUB16i16:
296   case X86::SUB16mi:
297   case X86::SUB16mi8:
298   case X86::SUB16mr:
299   case X86::SUB16ri:
300   case X86::SUB16ri8:
301   case X86::SUB16rm:
302   case X86::SUB16rr:
303   case X86::SUB16rr_REV:
304   case X86::SUB32i32:
305   case X86::SUB32mi:
306   case X86::SUB32mi8:
307   case X86::SUB32mr:
308   case X86::SUB32ri:
309   case X86::SUB32ri8:
310   case X86::SUB32rm:
311   case X86::SUB32rr:
312   case X86::SUB32rr_REV:
313   case X86::SUB64i32:
314   case X86::SUB64mi32:
315   case X86::SUB64mi8:
316   case X86::SUB64mr:
317   case X86::SUB64ri32:
318   case X86::SUB64ri8:
319   case X86::SUB64rm:
320   case X86::SUB64rr:
321   case X86::SUB64rr_REV:
322   case X86::SUB8i8:
323   case X86::SUB8mi:
324   case X86::SUB8mi8:
325   case X86::SUB8mr:
326   case X86::SUB8ri:
327   case X86::SUB8ri8:
328   case X86::SUB8rm:
329   case X86::SUB8rr:
330   case X86::SUB8rr_REV:
331     return true;
332   }
333 }
334 
335 bool isTEST(unsigned Opcode) {
336   switch (Opcode) {
337   default:
338     return false;
339   case X86::TEST16i16:
340   case X86::TEST16mi:
341   case X86::TEST16mr:
342   case X86::TEST16ri:
343   case X86::TEST16rr:
344   case X86::TEST32i32:
345   case X86::TEST32mi:
346   case X86::TEST32mr:
347   case X86::TEST32ri:
348   case X86::TEST32rr:
349   case X86::TEST64i32:
350   case X86::TEST64mi32:
351   case X86::TEST64mr:
352   case X86::TEST64ri32:
353   case X86::TEST64rr:
354   case X86::TEST8i8:
355   case X86::TEST8mi:
356   case X86::TEST8mr:
357   case X86::TEST8ri:
358   case X86::TEST8rr:
359     return true;
360   }
361 }
362 
363 class X86MCPlusBuilder : public MCPlusBuilder {
364 public:
365   X86MCPlusBuilder(const MCInstrAnalysis *Analysis, const MCInstrInfo *Info,
366                        const MCRegisterInfo *RegInfo)
367     : MCPlusBuilder(Analysis, Info, RegInfo) {}
368 
369   bool isBranch(const MCInst &Inst) const override {
370     return Analysis->isBranch(Inst) && !isTailCall(Inst);
371   }
372 
373   bool isUnconditionalBranch(const MCInst &Inst) const override {
374     return Analysis->isUnconditionalBranch(Inst) && !isTailCall(Inst);
375   }
376 
377   bool isNoop(const MCInst &Inst) const override {
378     switch (Inst.getOpcode()) {
379     case X86::NOOP:
380     case X86::NOOPL:
381     case X86::NOOPLr:
382     case X86::NOOPQ:
383     case X86::NOOPQr:
384     case X86::NOOPW:
385     case X86::NOOPWr:
386       return true;
387     }
388     return false;
389   }
390 
391   unsigned getCondCode(const MCInst &Inst) const override {
392     switch (Inst.getOpcode()) {
393     default:
394       return X86::COND_INVALID;
395     case X86::JCC_1:
396     case X86::JCC_2:
397     case X86::JCC_4:
398       return Inst.getOperand(Info->get(Inst.getOpcode()).NumOperands - 1)
399           .getImm();
400     }
401   }
402 
403   unsigned getInvertedCondCode(unsigned CC) const override {
404     switch (CC) {
405     default: return X86::COND_INVALID;
406     case X86::COND_E:  return X86::COND_NE;
407     case X86::COND_NE: return X86::COND_E;
408     case X86::COND_L:  return X86::COND_GE;
409     case X86::COND_LE: return X86::COND_G;
410     case X86::COND_G:  return X86::COND_LE;
411     case X86::COND_GE: return X86::COND_L;
412     case X86::COND_B:  return X86::COND_AE;
413     case X86::COND_BE: return X86::COND_A;
414     case X86::COND_A:  return X86::COND_BE;
415     case X86::COND_AE: return X86::COND_B;
416     case X86::COND_S:  return X86::COND_NS;
417     case X86::COND_NS: return X86::COND_S;
418     case X86::COND_P:  return X86::COND_NP;
419     case X86::COND_NP: return X86::COND_P;
420     case X86::COND_O:  return X86::COND_NO;
421     case X86::COND_NO: return X86::COND_O;
422     }
423   }
424 
425   unsigned getCondCodesLogicalOr(unsigned CC1, unsigned CC2) const override {
426     enum DecodedCondCode : uint8_t {
427       DCC_EQUAL = 0x1,
428       DCC_GREATER = 0x2,
429       DCC_LESSER = 0x4,
430       DCC_GREATER_OR_LESSER = 0x6,
431       DCC_UNSIGNED = 0x8,
432       DCC_SIGNED = 0x10,
433       DCC_INVALID = 0x20,
434     };
435 
436     auto decodeCondCode = [&](unsigned CC) -> uint8_t {
437       switch (CC) {
438       default: return DCC_INVALID;
439       case X86::COND_E: return DCC_EQUAL;
440       case X86::COND_NE: return DCC_GREATER | DCC_LESSER;
441       case X86::COND_L: return DCC_LESSER | DCC_SIGNED;
442       case X86::COND_LE: return DCC_EQUAL | DCC_LESSER | DCC_SIGNED;
443       case X86::COND_G: return DCC_GREATER | DCC_SIGNED;
444       case X86::COND_GE: return DCC_GREATER | DCC_EQUAL | DCC_SIGNED;
445       case X86::COND_B: return DCC_LESSER | DCC_UNSIGNED;
446       case X86::COND_BE: return DCC_EQUAL | DCC_LESSER | DCC_UNSIGNED;
447       case X86::COND_A: return DCC_GREATER | DCC_UNSIGNED;
448       case X86::COND_AE: return DCC_GREATER | DCC_EQUAL | DCC_UNSIGNED;
449       }
450     };
451 
452     uint8_t DCC = decodeCondCode(CC1) | decodeCondCode(CC2);
453 
454     if (DCC & DCC_INVALID)
455       return X86::COND_INVALID;
456 
457     if (DCC & DCC_SIGNED && DCC & DCC_UNSIGNED)
458       return X86::COND_INVALID;
459 
460     switch (DCC) {
461       default: return X86::COND_INVALID;
462       case DCC_EQUAL | DCC_LESSER | DCC_SIGNED: return X86::COND_LE;
463       case DCC_EQUAL | DCC_LESSER | DCC_UNSIGNED: return X86::COND_BE;
464       case DCC_EQUAL | DCC_GREATER | DCC_SIGNED: return X86::COND_GE;
465       case DCC_EQUAL | DCC_GREATER | DCC_UNSIGNED: return X86::COND_AE;
466       case DCC_GREATER | DCC_LESSER | DCC_SIGNED: return X86::COND_NE;
467       case DCC_GREATER | DCC_LESSER | DCC_UNSIGNED: return X86::COND_NE;
468       case DCC_GREATER | DCC_LESSER: return X86::COND_NE;
469       case DCC_EQUAL | DCC_SIGNED: return X86::COND_E;
470       case DCC_EQUAL | DCC_UNSIGNED: return X86::COND_E;
471       case DCC_EQUAL: return X86::COND_E;
472       case DCC_LESSER | DCC_SIGNED: return X86::COND_L;
473       case DCC_LESSER | DCC_UNSIGNED: return X86::COND_B;
474       case DCC_GREATER | DCC_SIGNED: return X86::COND_G;
475       case DCC_GREATER | DCC_UNSIGNED: return X86::COND_A;
476     }
477   }
478 
479   bool isValidCondCode(unsigned CC) const override {
480     return (CC != X86::COND_INVALID);
481   }
482 
483   bool isBreakpoint(const MCInst &Inst) const override {
484     return Inst.getOpcode() == X86::INT3;
485   }
486 
487   bool isPrefix(const MCInst &Inst) const override {
488     switch (Inst.getOpcode()) {
489     case X86::LOCK_PREFIX:
490     case X86::REPNE_PREFIX:
491     case X86::REP_PREFIX:
492       return true;
493     }
494     return false;
495   }
496 
497   bool isRep(const MCInst &Inst) const override {
498     return Inst.getFlags() == X86::IP_HAS_REPEAT;
499   }
500 
501   bool deleteREPPrefix(MCInst &Inst) const override {
502     if (Inst.getFlags() == X86::IP_HAS_REPEAT) {
503       Inst.setFlags(0);
504       return true;
505     }
506     return false;
507   }
508 
509   // FIXME: For compatibility with old LLVM only!
510   bool isTerminator(const MCInst &Inst) const override {
511     if (Info->get(Inst.getOpcode()).isTerminator())
512       return true;
513     switch (Inst.getOpcode()) {
514     default:
515       return false;
516     case X86::TRAP:
517     // Opcodes previously known as X86::UD2B
518     case X86::UD1Wm:
519     case X86::UD1Lm:
520     case X86::UD1Qm:
521     case X86::UD1Wr:
522     case X86::UD1Lr:
523     case X86::UD1Qr:
524       return true;
525     }
526   }
527 
528   bool isIndirectCall(const MCInst &Inst) const override {
529     return isCall(Inst) &&
530            ((getMemoryOperandNo(Inst) != -1) || Inst.getOperand(0).isReg());
531   }
532 
533   bool isPop(const MCInst &Inst) const override {
534     return getPopSize(Inst) == 0 ? false : true;
535   }
536 
537   bool isTerminateBranch(const MCInst &Inst) const override {
538     return Inst.getOpcode() == X86::ENDBR32 || Inst.getOpcode() == X86::ENDBR64;
539   }
540 
541   int getPopSize(const MCInst &Inst) const override {
542     switch (Inst.getOpcode()) {
543     case X86::POP16r:
544     case X86::POP16rmm:
545     case X86::POP16rmr:
546     case X86::POPF16:
547     case X86::POPA16:
548     case X86::POPDS16:
549     case X86::POPES16:
550     case X86::POPFS16:
551     case X86::POPGS16:
552     case X86::POPSS16:
553       return 2;
554     case X86::POP32r:
555     case X86::POP32rmm:
556     case X86::POP32rmr:
557     case X86::POPA32:
558     case X86::POPDS32:
559     case X86::POPES32:
560     case X86::POPF32:
561     case X86::POPFS32:
562     case X86::POPGS32:
563     case X86::POPSS32:
564       return 4;
565     case X86::POP64r:
566     case X86::POP64rmm:
567     case X86::POP64rmr:
568     case X86::POPF64:
569     case X86::POPFS64:
570     case X86::POPGS64:
571       return 8;
572     }
573     return 0;
574   }
575 
576   bool isPush(const MCInst &Inst) const override {
577     return getPushSize(Inst) == 0 ? false : true;
578   }
579 
580   int getPushSize(const MCInst &Inst) const override {
581     switch (Inst.getOpcode()) {
582     case X86::PUSH16i8:
583     case X86::PUSH16r:
584     case X86::PUSH16rmm:
585     case X86::PUSH16rmr:
586     case X86::PUSHA16:
587     case X86::PUSHCS16:
588     case X86::PUSHDS16:
589     case X86::PUSHES16:
590     case X86::PUSHF16:
591     case X86::PUSHFS16:
592     case X86::PUSHGS16:
593     case X86::PUSHSS16:
594     case X86::PUSHi16:
595       return 2;
596     case X86::PUSH32i8:
597     case X86::PUSH32r:
598     case X86::PUSH32rmm:
599     case X86::PUSH32rmr:
600     case X86::PUSHA32:
601     case X86::PUSHCS32:
602     case X86::PUSHDS32:
603     case X86::PUSHES32:
604     case X86::PUSHF32:
605     case X86::PUSHFS32:
606     case X86::PUSHGS32:
607     case X86::PUSHSS32:
608     case X86::PUSHi32:
609       return 4;
610     case X86::PUSH64i32:
611     case X86::PUSH64i8:
612     case X86::PUSH64r:
613     case X86::PUSH64rmm:
614     case X86::PUSH64rmr:
615     case X86::PUSHF64:
616     case X86::PUSHFS64:
617     case X86::PUSHGS64:
618       return 8;
619     }
620     return 0;
621   }
622 
623   bool isADD64rr(const MCInst &Inst) const override {
624     return Inst.getOpcode() == X86::ADD64rr;
625   }
626 
627   bool isSUB(const MCInst &Inst) const override {
628     return ::isSUB(Inst.getOpcode());
629   }
630 
631   bool isADDri(const MCInst &Inst) const {
632     return Inst.getOpcode() == X86::ADD64ri32 ||
633            Inst.getOpcode() == X86::ADD64ri8;
634   }
635 
636   bool isLEA64r(const MCInst &Inst) const override {
637     return Inst.getOpcode() == X86::LEA64r;
638   }
639 
640   bool isMOVSX64rm32(const MCInst &Inst) const override {
641     return Inst.getOpcode() == X86::MOVSX64rm32;
642   }
643 
644   bool isLeave(const MCInst &Inst) const override {
645     return Inst.getOpcode() == X86::LEAVE ||
646            Inst.getOpcode() == X86::LEAVE64;
647   }
648 
649   bool isEnter(const MCInst &Inst) const override {
650     return Inst.getOpcode() == X86::ENTER;
651   }
652 
653   bool isMoveMem2Reg(const MCInst &Inst) const override {
654     switch (Inst.getOpcode()) {
655     case X86::MOV16rm:
656     case X86::MOV32rm:
657     case X86::MOV64rm:
658       return true;
659     }
660     return false;
661   }
662 
663   bool isUnsupportedBranch(unsigned Opcode) const override {
664     switch (Opcode) {
665     default:
666       return false;
667     case X86::LOOP:
668     case X86::LOOPE:
669     case X86::LOOPNE:
670     case X86::JECXZ:
671     case X86::JRCXZ:
672       return true;
673     }
674   }
675 
676   bool isLoad(const MCInst &Inst) const override {
677     if (isPop(Inst))
678       return true;
679 
680     int MemOpNo = getMemoryOperandNo(Inst);
681     const MCInstrDesc &MCII = Info->get(Inst.getOpcode());
682 
683     if (MemOpNo == -1)
684       return false;
685 
686     return MCII.mayLoad();
687   }
688 
689   bool isStore(const MCInst &Inst) const override {
690     if (isPush(Inst))
691       return true;
692 
693     int MemOpNo = getMemoryOperandNo(Inst);
694     const MCInstrDesc &MCII = Info->get(Inst.getOpcode());
695 
696     if (MemOpNo == -1)
697       return false;
698 
699     return MCII.mayStore();
700   }
701 
702   bool isCleanRegXOR(const MCInst &Inst) const override {
703     switch (Inst.getOpcode()) {
704       case X86::XOR16rr:
705       case X86::XOR32rr:
706       case X86::XOR64rr:
707         break;
708       default:
709         return false;
710     }
711     return (Inst.getOperand(0).getReg() ==
712             Inst.getOperand(2).getReg());
713   }
714 
715   bool isPacked(const MCInst &Inst) const override {
716     const MCInstrDesc &Desc = Info->get(Inst.getOpcode());
717     return (Desc.TSFlags & X86II::OpPrefixMask) == X86II::PD;
718   }
719 
720   unsigned getTrapFillValue() const override { return 0xCC; }
721 
722   struct IndJmpMatcherFrag1 : MCInstMatcher {
723     std::unique_ptr<MCInstMatcher> Base;
724     std::unique_ptr<MCInstMatcher> Scale;
725     std::unique_ptr<MCInstMatcher> Index;
726     std::unique_ptr<MCInstMatcher> Offset;
727 
728     IndJmpMatcherFrag1(std::unique_ptr<MCInstMatcher> Base,
729                        std::unique_ptr<MCInstMatcher> Scale,
730                        std::unique_ptr<MCInstMatcher> Index,
731                        std::unique_ptr<MCInstMatcher> Offset)
732         : Base(std::move(Base)), Scale(std::move(Scale)),
733           Index(std::move(Index)), Offset(std::move(Offset)) {}
734 
735     bool match(const MCRegisterInfo &MRI, MCPlusBuilder &MIB,
736                MutableArrayRef<MCInst> InInstrWindow, int OpNum) override {
737       if (!MCInstMatcher::match(MRI, MIB, InInstrWindow, OpNum))
738         return false;
739 
740       if (CurInst->getOpcode() != X86::JMP64m)
741         return false;
742 
743       int MemOpNo = MIB.getMemoryOperandNo(*CurInst);
744       if (MemOpNo == -1)
745         return false;
746 
747       if (!Base->match(MRI, MIB, this->InstrWindow, MemOpNo + X86::AddrBaseReg))
748         return false;
749       if (!Scale->match(MRI, MIB, this->InstrWindow,
750                         MemOpNo + X86::AddrScaleAmt))
751         return false;
752       if (!Index->match(MRI, MIB, this->InstrWindow,
753                         MemOpNo + X86::AddrIndexReg))
754         return false;
755       if (!Offset->match(MRI, MIB, this->InstrWindow, MemOpNo + X86::AddrDisp))
756         return false;
757       return true;
758     }
759 
760     void annotate(MCPlusBuilder &MIB, StringRef Annotation) override {
761       MIB.addAnnotation(*CurInst, Annotation, true);
762       Base->annotate(MIB, Annotation);
763       Scale->annotate(MIB, Annotation);
764       Index->annotate(MIB, Annotation);
765       Offset->annotate(MIB, Annotation);
766     }
767   };
768 
769   std::unique_ptr<MCInstMatcher>
770   matchIndJmp(std::unique_ptr<MCInstMatcher> Base,
771               std::unique_ptr<MCInstMatcher> Scale,
772               std::unique_ptr<MCInstMatcher> Index,
773               std::unique_ptr<MCInstMatcher> Offset) const override {
774     return std::unique_ptr<MCInstMatcher>(
775         new IndJmpMatcherFrag1(std::move(Base), std::move(Scale),
776                                std::move(Index), std::move(Offset)));
777   }
778 
779   struct IndJmpMatcherFrag2 : MCInstMatcher {
780     std::unique_ptr<MCInstMatcher> Reg;
781 
782     IndJmpMatcherFrag2(std::unique_ptr<MCInstMatcher> Reg)
783         : Reg(std::move(Reg)) {}
784 
785     bool match(const MCRegisterInfo &MRI, MCPlusBuilder &MIB,
786                MutableArrayRef<MCInst> InInstrWindow, int OpNum) override {
787       if (!MCInstMatcher::match(MRI, MIB, InInstrWindow, OpNum))
788         return false;
789 
790       if (CurInst->getOpcode() != X86::JMP64r)
791         return false;
792 
793       return Reg->match(MRI, MIB, this->InstrWindow, 0);
794     }
795 
796     void annotate(MCPlusBuilder &MIB, StringRef Annotation) override {
797       MIB.addAnnotation(*CurInst, Annotation, true);
798       Reg->annotate(MIB, Annotation);
799     }
800   };
801 
802   std::unique_ptr<MCInstMatcher>
803   matchIndJmp(std::unique_ptr<MCInstMatcher> Target) const override {
804     return std::unique_ptr<MCInstMatcher>(
805         new IndJmpMatcherFrag2(std::move(Target)));
806   }
807 
808   struct LoadMatcherFrag1 : MCInstMatcher {
809     std::unique_ptr<MCInstMatcher> Base;
810     std::unique_ptr<MCInstMatcher> Scale;
811     std::unique_ptr<MCInstMatcher> Index;
812     std::unique_ptr<MCInstMatcher> Offset;
813 
814     LoadMatcherFrag1(std::unique_ptr<MCInstMatcher> Base,
815                      std::unique_ptr<MCInstMatcher> Scale,
816                      std::unique_ptr<MCInstMatcher> Index,
817                      std::unique_ptr<MCInstMatcher> Offset)
818         : Base(std::move(Base)), Scale(std::move(Scale)),
819           Index(std::move(Index)), Offset(std::move(Offset)) {}
820 
821     bool match(const MCRegisterInfo &MRI, MCPlusBuilder &MIB,
822                MutableArrayRef<MCInst> InInstrWindow, int OpNum) override {
823       if (!MCInstMatcher::match(MRI, MIB, InInstrWindow, OpNum))
824         return false;
825 
826       if (CurInst->getOpcode() != X86::MOV64rm &&
827           CurInst->getOpcode() != X86::MOVSX64rm32)
828         return false;
829 
830       int MemOpNo = MIB.getMemoryOperandNo(*CurInst);
831       if (MemOpNo == -1)
832         return false;
833 
834       if (!Base->match(MRI, MIB, this->InstrWindow, MemOpNo + X86::AddrBaseReg))
835         return false;
836       if (!Scale->match(MRI, MIB, this->InstrWindow,
837                         MemOpNo + X86::AddrScaleAmt))
838         return false;
839       if (!Index->match(MRI, MIB, this->InstrWindow,
840                         MemOpNo + X86::AddrIndexReg))
841         return false;
842       if (!Offset->match(MRI, MIB, this->InstrWindow, MemOpNo + X86::AddrDisp))
843         return false;
844       return true;
845     }
846 
847     void annotate(MCPlusBuilder &MIB, StringRef Annotation) override {
848       MIB.addAnnotation(*CurInst, Annotation, true);
849       Base->annotate(MIB, Annotation);
850       Scale->annotate(MIB, Annotation);
851       Index->annotate(MIB, Annotation);
852       Offset->annotate(MIB, Annotation);
853     }
854   };
855 
856   std::unique_ptr<MCInstMatcher>
857   matchLoad(std::unique_ptr<MCInstMatcher> Base,
858             std::unique_ptr<MCInstMatcher> Scale,
859             std::unique_ptr<MCInstMatcher> Index,
860             std::unique_ptr<MCInstMatcher> Offset) const override {
861     return std::unique_ptr<MCInstMatcher>(
862         new LoadMatcherFrag1(std::move(Base), std::move(Scale),
863                                std::move(Index), std::move(Offset)));
864   }
865 
866   struct AddMatcher : MCInstMatcher {
867     std::unique_ptr<MCInstMatcher> A;
868     std::unique_ptr<MCInstMatcher> B;
869 
870     AddMatcher(std::unique_ptr<MCInstMatcher> A,
871                std::unique_ptr<MCInstMatcher> B)
872         : A(std::move(A)), B(std::move(B)) {}
873 
874     bool match(const MCRegisterInfo &MRI, MCPlusBuilder &MIB,
875                MutableArrayRef<MCInst> InInstrWindow, int OpNum) override {
876       if (!MCInstMatcher::match(MRI, MIB, InInstrWindow, OpNum))
877         return false;
878 
879       if (CurInst->getOpcode() == X86::ADD64rr ||
880           CurInst->getOpcode() == X86::ADD64rr_DB ||
881           CurInst->getOpcode() == X86::ADD64rr_REV) {
882         if (!A->match(MRI, MIB, this->InstrWindow, 1)) {
883           if (!B->match(MRI, MIB, this->InstrWindow, 1))
884             return false;
885           return A->match(MRI, MIB, this->InstrWindow, 2);
886         }
887 
888         if (B->match(MRI, MIB, this->InstrWindow, 2))
889           return true;
890 
891         if (!B->match(MRI, MIB, this->InstrWindow, 1))
892           return false;
893         return A->match(MRI, MIB, this->InstrWindow, 2);
894       }
895 
896       return false;
897     }
898 
899     void annotate(MCPlusBuilder &MIB, StringRef Annotation) override {
900       MIB.addAnnotation(*CurInst, Annotation, true);
901       A->annotate(MIB, Annotation);
902       B->annotate(MIB, Annotation);
903     }
904   };
905 
906   virtual std::unique_ptr<MCInstMatcher>
907   matchAdd(std::unique_ptr<MCInstMatcher> A,
908            std::unique_ptr<MCInstMatcher> B) const override {
909     return std::unique_ptr<MCInstMatcher>(
910         new AddMatcher(std::move(A), std::move(B)));
911   }
912 
913   struct LEAMatcher : MCInstMatcher {
914     std::unique_ptr<MCInstMatcher> Target;
915 
916     LEAMatcher(std::unique_ptr<MCInstMatcher> Target)
917         : Target(std::move(Target)) {}
918 
919     bool match(const MCRegisterInfo &MRI, MCPlusBuilder &MIB,
920                MutableArrayRef<MCInst> InInstrWindow, int OpNum) override {
921       if (!MCInstMatcher::match(MRI, MIB, InInstrWindow, OpNum))
922         return false;
923 
924       if (CurInst->getOpcode() != X86::LEA64r)
925         return false;
926 
927       if (CurInst->getOperand(1 + X86::AddrScaleAmt).getImm() != 1 ||
928           CurInst->getOperand(1 + X86::AddrIndexReg).getReg() !=
929               X86::NoRegister ||
930           (CurInst->getOperand(1 + X86::AddrBaseReg).getReg() !=
931                X86::NoRegister &&
932            CurInst->getOperand(1 + X86::AddrBaseReg).getReg() != X86::RIP))
933         return false;
934 
935       return Target->match(MRI, MIB, this->InstrWindow, 1 + X86::AddrDisp);
936     }
937 
938     void annotate(MCPlusBuilder &MIB, StringRef Annotation) override {
939       MIB.addAnnotation(*CurInst, Annotation, true);
940       Target->annotate(MIB, Annotation);
941     }
942   };
943 
944   virtual std::unique_ptr<MCInstMatcher>
945   matchLoadAddr(std::unique_ptr<MCInstMatcher> Target) const override {
946     return std::unique_ptr<MCInstMatcher>(new LEAMatcher(std::move(Target)));
947   }
948 
949   bool hasPCRelOperand(const MCInst &Inst) const override {
950     for (const MCOperand &Operand : Inst) {
951       if (Operand.isReg() && Operand.getReg() == X86::RIP)
952         return true;
953     }
954     return false;
955   }
956 
957   int getMemoryOperandNo(const MCInst &Inst) const override {
958     unsigned Opcode = Inst.getOpcode();
959     const MCInstrDesc &Desc = Info->get(Opcode);
960     int MemOpNo = X86II::getMemoryOperandNo(Desc.TSFlags);
961     if (MemOpNo >= 0)
962       MemOpNo += X86II::getOperandBias(Desc);
963     return MemOpNo;
964   }
965 
966   bool hasEVEXEncoding(const MCInst &Inst) const override {
967     const MCInstrDesc &Desc = Info->get(Inst.getOpcode());
968     return (Desc.TSFlags & X86II::EncodingMask) == X86II::EVEX;
969   }
970 
971   bool isMacroOpFusionPair(ArrayRef<MCInst> Insts) const override {
972     // FIXME: the macro-op fusion is triggered under different conditions
973     //        on different cores. This implementation is for sandy-bridge+.
974     const auto *I = Insts.begin();
975     while (I != Insts.end() && isPrefix(*I))
976       ++I;
977     if (I == Insts.end())
978       return false;
979 
980     const MCInst &FirstInst = *I;
981     ++I;
982     while (I != Insts.end() && isPrefix(*I))
983       ++I;
984     if (I == Insts.end())
985       return false;
986     const MCInst &SecondInst = *I;
987 
988     if (!isConditionalBranch(SecondInst))
989       return false;
990     // J?CXZ and LOOP cannot be fused
991     if (SecondInst.getOpcode() == X86::LOOP ||
992         SecondInst.getOpcode() == X86::LOOPE ||
993         SecondInst.getOpcode() == X86::LOOPNE ||
994         SecondInst.getOpcode() == X86::JECXZ ||
995         SecondInst.getOpcode() == X86::JRCXZ)
996       return false;
997 
998     // Cannot fuse if first instruction operands are MEM-IMM.
999     const MCInstrDesc &Desc = Info->get(FirstInst.getOpcode());
1000     int MemOpNo = X86II::getMemoryOperandNo(Desc.TSFlags);
1001     if (MemOpNo != -1 && X86II::hasImm(Desc.TSFlags))
1002       return false;
1003 
1004     // Cannot fuse if the first instruction uses RIP-relative memory.
1005     // FIXME: verify that this is true.
1006     if (hasPCRelOperand(FirstInst))
1007       return false;
1008 
1009     // Check instructions against table 3-1 in Intel's Optimization Guide.
1010     unsigned FirstInstGroup = 0;
1011     if (isTEST(FirstInst.getOpcode()) || isAND(FirstInst.getOpcode())) {
1012       FirstInstGroup = 1;
1013     } else if (isCMP(FirstInst.getOpcode()) || isADD(FirstInst.getOpcode()) ||
1014                ::isSUB(FirstInst.getOpcode())) {
1015       FirstInstGroup = 2;
1016     } else if (isINC(FirstInst.getOpcode()) || isDEC(FirstInst.getOpcode())) {
1017       FirstInstGroup = 3;
1018     }
1019     if (FirstInstGroup == 0)
1020       return false;
1021 
1022     const unsigned CondCode =
1023         getCanonicalBranchCondCode(getCondCode(SecondInst));
1024     switch (CondCode) {
1025     default:
1026       llvm_unreachable("unexpected conditional code");
1027       return false;
1028     case X86::COND_E:
1029     case X86::COND_L:
1030     case X86::COND_G:
1031       return true;
1032     case X86::COND_O:
1033     case X86::COND_P:
1034     case X86::COND_S:
1035       if (FirstInstGroup == 1)
1036         return true;
1037       return false;
1038     case X86::COND_A:
1039     case X86::COND_B:
1040       if (FirstInstGroup != 3)
1041         return true;
1042       return false;
1043     }
1044   }
1045 
1046   bool evaluateX86MemoryOperand(const MCInst &Inst,
1047                                 unsigned *BaseRegNum,
1048                                 int64_t *ScaleImm,
1049                                 unsigned *IndexRegNum,
1050                                 int64_t *DispImm,
1051                                 unsigned *SegmentRegNum,
1052                                 const MCExpr **DispExpr = nullptr)
1053                                                                 const override {
1054     assert(BaseRegNum && ScaleImm && IndexRegNum && SegmentRegNum &&
1055            "one of the input pointers is null");
1056     int MemOpNo = getMemoryOperandNo(Inst);
1057     if (MemOpNo < 0)
1058       return false;
1059     unsigned MemOpOffset = static_cast<unsigned>(MemOpNo);
1060 
1061     if (MemOpOffset + X86::AddrSegmentReg >= MCPlus::getNumPrimeOperands(Inst))
1062       return false;
1063 
1064     const MCOperand &Base = Inst.getOperand(MemOpOffset + X86::AddrBaseReg);
1065     const MCOperand &Scale = Inst.getOperand(MemOpOffset + X86::AddrScaleAmt);
1066     const MCOperand &Index = Inst.getOperand(MemOpOffset + X86::AddrIndexReg);
1067     const MCOperand &Disp = Inst.getOperand(MemOpOffset + X86::AddrDisp);
1068     const MCOperand &Segment =
1069         Inst.getOperand(MemOpOffset + X86::AddrSegmentReg);
1070 
1071     // Make sure it is a well-formed memory operand.
1072     if (!Base.isReg() || !Scale.isImm() || !Index.isReg() ||
1073         (!Disp.isImm() && !Disp.isExpr()) || !Segment.isReg())
1074       return false;
1075 
1076     *BaseRegNum = Base.getReg();
1077     *ScaleImm = Scale.getImm();
1078     *IndexRegNum = Index.getReg();
1079     if (Disp.isImm()) {
1080       assert(DispImm && "DispImm needs to be set");
1081       *DispImm = Disp.getImm();
1082       if (DispExpr) {
1083         *DispExpr = nullptr;
1084       }
1085     } else {
1086       assert(DispExpr && "DispExpr needs to be set");
1087       *DispExpr = Disp.getExpr();
1088       if (DispImm) {
1089         *DispImm = 0;
1090       }
1091     }
1092     *SegmentRegNum = Segment.getReg();
1093     return true;
1094   }
1095 
1096   bool evaluateMemOperandTarget(const MCInst &Inst,
1097                                 uint64_t &Target,
1098                                 uint64_t Address,
1099                                 uint64_t Size) const override {
1100     unsigned      BaseRegNum;
1101     int64_t       ScaleValue;
1102     unsigned      IndexRegNum;
1103     int64_t       DispValue;
1104     unsigned      SegRegNum;
1105     const MCExpr *DispExpr = nullptr;
1106     if (!evaluateX86MemoryOperand(Inst, &BaseRegNum, &ScaleValue, &IndexRegNum,
1107                                   &DispValue, &SegRegNum, &DispExpr)) {
1108       return false;
1109     }
1110 
1111     // Make sure it's a well-formed addressing we can statically evaluate.
1112     if ((BaseRegNum != X86::RIP && BaseRegNum != X86::NoRegister) ||
1113         IndexRegNum != X86::NoRegister || SegRegNum != X86::NoRegister ||
1114         DispExpr) {
1115       return false;
1116     }
1117     Target = DispValue;
1118     if (BaseRegNum == X86::RIP) {
1119       assert(Size != 0 && "instruction size required in order to statically "
1120                           "evaluate RIP-relative address");
1121       Target += Address + Size;
1122     }
1123     return true;
1124   }
1125 
1126   MCInst::iterator getMemOperandDisp(MCInst &Inst) const override {
1127     int MemOpNo = getMemoryOperandNo(Inst);
1128     if (MemOpNo < 0)
1129       return Inst.end();
1130     return Inst.begin() + (MemOpNo + X86::AddrDisp);
1131   }
1132 
1133   bool replaceMemOperandDisp(MCInst &Inst, MCOperand Operand) const override {
1134     MCOperand *OI = getMemOperandDisp(Inst);
1135     if (OI == Inst.end())
1136       return false;
1137     *OI = Operand;
1138     return true;
1139   }
1140 
1141   /// Get the registers used as function parameters.
1142   /// This function is specific to the x86_64 abi on Linux.
1143   BitVector getRegsUsedAsParams() const override {
1144     BitVector Regs = BitVector(RegInfo->getNumRegs(), false);
1145     Regs |= getAliases(X86::RSI);
1146     Regs |= getAliases(X86::RDI);
1147     Regs |= getAliases(X86::RDX);
1148     Regs |= getAliases(X86::RCX);
1149     Regs |= getAliases(X86::R8);
1150     Regs |= getAliases(X86::R9);
1151     return Regs;
1152   }
1153 
1154   void getCalleeSavedRegs(BitVector &Regs) const override {
1155     Regs |= getAliases(X86::RBX);
1156     Regs |= getAliases(X86::RBP);
1157     Regs |= getAliases(X86::R12);
1158     Regs |= getAliases(X86::R13);
1159     Regs |= getAliases(X86::R14);
1160     Regs |= getAliases(X86::R15);
1161   }
1162 
1163   void getDefaultDefIn(BitVector &Regs) const override {
1164     assert(Regs.size() >= RegInfo->getNumRegs() &&
1165             "The size of BitVector is less than RegInfo->getNumRegs().");
1166     Regs.set(X86::RAX);
1167     Regs.set(X86::RCX);
1168     Regs.set(X86::RDX);
1169     Regs.set(X86::RSI);
1170     Regs.set(X86::RDI);
1171     Regs.set(X86::R8);
1172     Regs.set(X86::R9);
1173     Regs.set(X86::XMM0);
1174     Regs.set(X86::XMM1);
1175     Regs.set(X86::XMM2);
1176     Regs.set(X86::XMM3);
1177     Regs.set(X86::XMM4);
1178     Regs.set(X86::XMM5);
1179     Regs.set(X86::XMM6);
1180     Regs.set(X86::XMM7);
1181   }
1182 
1183   void getDefaultLiveOut(BitVector &Regs) const override {
1184     assert(Regs.size() >= RegInfo->getNumRegs() &&
1185             "The size of BitVector is less than RegInfo->getNumRegs().");
1186     Regs |= getAliases(X86::RAX);
1187     Regs |= getAliases(X86::RDX);
1188     Regs |= getAliases(X86::RCX);
1189     Regs |= getAliases(X86::XMM0);
1190     Regs |= getAliases(X86::XMM1);
1191   }
1192 
1193   void getGPRegs(BitVector &Regs, bool IncludeAlias) const override {
1194     if (IncludeAlias) {
1195       Regs |= getAliases(X86::RAX);
1196       Regs |= getAliases(X86::RBX);
1197       Regs |= getAliases(X86::RBP);
1198       Regs |= getAliases(X86::RSI);
1199       Regs |= getAliases(X86::RDI);
1200       Regs |= getAliases(X86::RDX);
1201       Regs |= getAliases(X86::RCX);
1202       Regs |= getAliases(X86::R8);
1203       Regs |= getAliases(X86::R9);
1204       Regs |= getAliases(X86::R10);
1205       Regs |= getAliases(X86::R11);
1206       Regs |= getAliases(X86::R12);
1207       Regs |= getAliases(X86::R13);
1208       Regs |= getAliases(X86::R14);
1209       Regs |= getAliases(X86::R15);
1210       return;
1211     }
1212     Regs.set(X86::RAX);
1213     Regs.set(X86::RBX);
1214     Regs.set(X86::RBP);
1215     Regs.set(X86::RSI);
1216     Regs.set(X86::RDI);
1217     Regs.set(X86::RDX);
1218     Regs.set(X86::RCX);
1219     Regs.set(X86::R8);
1220     Regs.set(X86::R9);
1221     Regs.set(X86::R10);
1222     Regs.set(X86::R11);
1223     Regs.set(X86::R12);
1224     Regs.set(X86::R13);
1225     Regs.set(X86::R14);
1226     Regs.set(X86::R15);
1227   }
1228 
1229   void getClassicGPRegs(BitVector &Regs) const override {
1230     Regs |= getAliases(X86::RAX);
1231     Regs |= getAliases(X86::RBX);
1232     Regs |= getAliases(X86::RBP);
1233     Regs |= getAliases(X86::RSI);
1234     Regs |= getAliases(X86::RDI);
1235     Regs |= getAliases(X86::RDX);
1236     Regs |= getAliases(X86::RCX);
1237   }
1238 
1239   void getRepRegs(BitVector &Regs) const override {
1240     Regs |= getAliases(X86::RCX);
1241   }
1242 
1243   MCPhysReg getAliasSized(MCPhysReg Reg, uint8_t Size) const override {
1244     switch (Reg) {
1245       case X86::RAX: case X86::EAX: case X86::AX: case X86::AL: case X86::AH:
1246         switch (Size) {
1247           case 8: return X86::RAX;       case 4: return X86::EAX;
1248           case 2: return X86::AX;        case 1: return X86::AL;
1249           default: llvm_unreachable("Unexpected size");
1250         }
1251       case X86::RBX: case X86::EBX: case X86::BX: case X86::BL: case X86::BH:
1252         switch (Size) {
1253           case 8: return X86::RBX;       case 4: return X86::EBX;
1254           case 2: return X86::BX;        case 1: return X86::BL;
1255           default: llvm_unreachable("Unexpected size");
1256         }
1257       case X86::RDX: case X86::EDX: case X86::DX: case X86::DL: case X86::DH:
1258         switch (Size) {
1259           case 8: return X86::RDX;       case 4: return X86::EDX;
1260           case 2: return X86::DX;        case 1: return X86::DL;
1261           default: llvm_unreachable("Unexpected size");
1262         }
1263       case X86::RDI: case X86::EDI: case X86::DI: case X86::DIL:
1264         switch (Size) {
1265           case 8: return X86::RDI;       case 4: return X86::EDI;
1266           case 2: return X86::DI;        case 1: return X86::DIL;
1267           default: llvm_unreachable("Unexpected size");
1268         }
1269       case X86::RSI: case X86::ESI: case X86::SI: case X86::SIL:
1270         switch (Size) {
1271           case 8: return X86::RSI;       case 4: return X86::ESI;
1272           case 2: return X86::SI;        case 1: return X86::SIL;
1273           default: llvm_unreachable("Unexpected size");
1274         }
1275       case X86::RCX: case X86::ECX: case X86::CX: case X86::CL: case X86::CH:
1276         switch (Size) {
1277           case 8: return X86::RCX;       case 4: return X86::ECX;
1278           case 2: return X86::CX;        case 1: return X86::CL;
1279           default: llvm_unreachable("Unexpected size");
1280         }
1281       case X86::RSP: case X86::ESP: case X86::SP: case X86::SPL:
1282         switch (Size) {
1283           case 8: return X86::RSP;       case 4: return X86::ESP;
1284           case 2: return X86::SP;        case 1: return X86::SPL;
1285           default: llvm_unreachable("Unexpected size");
1286         }
1287       case X86::RBP: case X86::EBP: case X86::BP: case X86::BPL:
1288         switch (Size) {
1289           case 8: return X86::RBP;       case 4: return X86::EBP;
1290           case 2: return X86::BP;        case 1: return X86::BPL;
1291           default: llvm_unreachable("Unexpected size");
1292         }
1293     case X86::R8: case X86::R8D: case X86::R8W: case X86::R8B:
1294         switch (Size) {
1295           case 8: return X86::R8;        case 4: return X86::R8D;
1296           case 2: return X86::R8W;       case 1: return X86::R8B;
1297           default: llvm_unreachable("Unexpected size");
1298         }
1299       case X86::R9: case X86::R9D: case X86::R9W: case X86::R9B:
1300         switch (Size) {
1301           case 8: return X86::R9;        case 4: return X86::R9D;
1302           case 2: return X86::R9W;       case 1: return X86::R9B;
1303           default: llvm_unreachable("Unexpected size");
1304         }
1305       case X86::R10: case X86::R10D: case X86::R10W: case X86::R10B:
1306         switch (Size) {
1307           case 8: return X86::R10;        case 4: return X86::R10D;
1308           case 2: return X86::R10W;       case 1: return X86::R10B;
1309           default: llvm_unreachable("Unexpected size");
1310         }
1311       case X86::R11: case X86::R11D: case X86::R11W: case X86::R11B:
1312         switch (Size) {
1313           case 8: return X86::R11;        case 4: return X86::R11D;
1314           case 2: return X86::R11W;       case 1: return X86::R11B;
1315           default: llvm_unreachable("Unexpected size");
1316         }
1317       case X86::R12: case X86::R12D: case X86::R12W: case X86::R12B:
1318         switch (Size) {
1319           case 8: return X86::R12;        case 4: return X86::R12D;
1320           case 2: return X86::R12W;       case 1: return X86::R12B;
1321           default: llvm_unreachable("Unexpected size");
1322         }
1323       case X86::R13: case X86::R13D: case X86::R13W: case X86::R13B:
1324         switch (Size) {
1325           case 8: return X86::R13;        case 4: return X86::R13D;
1326           case 2: return X86::R13W;       case 1: return X86::R13B;
1327           default: llvm_unreachable("Unexpected size");
1328         }
1329       case X86::R14: case X86::R14D: case X86::R14W: case X86::R14B:
1330         switch (Size) {
1331           case 8: return X86::R14;        case 4: return X86::R14D;
1332           case 2: return X86::R14W;       case 1: return X86::R14B;
1333           default: llvm_unreachable("Unexpected size");
1334         }
1335       case X86::R15: case X86::R15D: case X86::R15W: case X86::R15B:
1336         switch (Size) {
1337           case 8: return X86::R15;        case 4: return X86::R15D;
1338           case 2: return X86::R15W;       case 1: return X86::R15B;
1339           default: llvm_unreachable("Unexpected size");
1340         }
1341       default:
1342         dbgs() << Reg << " (get alias sized)\n";
1343         llvm_unreachable("Unexpected reg number");
1344         break;
1345     }
1346   }
1347 
1348   bool isUpper8BitReg(MCPhysReg Reg) const override {
1349     switch (Reg) {
1350       case X86::AH:  case X86::BH:   case X86::CH:   case X86::DH:
1351         return true;
1352       default:
1353         return false;
1354     }
1355   }
1356 
1357   bool cannotUseREX(const MCInst &Inst) const override {
1358     switch(Inst.getOpcode()) {
1359       case X86::MOV8mr_NOREX:
1360       case X86::MOV8rm_NOREX:
1361       case X86::MOV8rr_NOREX:
1362       case X86::MOVSX32rm8_NOREX:
1363       case X86::MOVSX32rr8_NOREX:
1364       case X86::MOVZX32rm8_NOREX:
1365       case X86::MOVZX32rr8_NOREX:
1366       case X86::MOV8mr:
1367       case X86::MOV8rm:
1368       case X86::MOV8rr:
1369       case X86::MOVSX32rm8:
1370       case X86::MOVSX32rr8:
1371       case X86::MOVZX32rm8:
1372       case X86::MOVZX32rr8:
1373       case X86::TEST8ri:
1374         for (int I = 0, E = MCPlus::getNumPrimeOperands(Inst); I != E; ++I) {
1375           const MCOperand &Operand = Inst.getOperand(I);
1376           if (!Operand.isReg())
1377             continue;
1378           if (isUpper8BitReg(Operand.getReg()))
1379             return true;
1380         }
1381       LLVM_FALLTHROUGH;
1382       default:
1383         return false;
1384     }
1385   }
1386 
1387   bool isStackAccess(const MCInst &Inst, bool &IsLoad, bool &IsStore,
1388                      bool &IsStoreFromReg, MCPhysReg &Reg, int32_t &SrcImm,
1389                      uint16_t &StackPtrReg, int64_t &StackOffset,
1390                      uint8_t &Size, bool &IsSimple,
1391                      bool &IsIndexed) const override {
1392     // Detect simple push/pop cases first
1393     if (int Sz = getPushSize(Inst)) {
1394       IsLoad = false;
1395       IsStore = true;
1396       IsStoreFromReg = true;
1397       StackPtrReg = X86::RSP;
1398       StackOffset = -Sz;
1399       Size = Sz;
1400       IsSimple = true;
1401       if (Inst.getOperand(0).isImm()) {
1402         SrcImm = Inst.getOperand(0).getImm();
1403       } else if (Inst.getOperand(0).isReg()) {
1404         Reg = Inst.getOperand(0).getReg();
1405       } else {
1406         IsSimple = false;
1407       }
1408       return true;
1409     }
1410     if (int Sz = getPopSize(Inst)) {
1411       assert(Inst.getOperand(0).isReg() &&
1412              "Expected register operand for push");
1413       IsLoad = true;
1414       IsStore = false;
1415       Reg = Inst.getOperand(0).getReg();
1416       StackPtrReg = X86::RSP;
1417       StackOffset = 0;
1418       Size = Sz;
1419       IsSimple = true;
1420       return true;
1421     }
1422 
1423     struct InstInfo {
1424       // Size in bytes that Inst loads from memory.
1425       uint8_t DataSize;
1426       bool IsLoad;
1427       bool IsStore;
1428       bool StoreFromReg;
1429       bool Simple;
1430     };
1431 
1432     InstInfo I;
1433     int MemOpNo = getMemoryOperandNo(Inst);
1434     const MCInstrDesc &MCII = Info->get(Inst.getOpcode());
1435     // If it is not dealing with a memory operand, we discard it
1436     if (MemOpNo == -1 || MCII.isCall())
1437       return false;
1438 
1439     switch (Inst.getOpcode()) {
1440     default: {
1441       uint8_t Sz = 0;
1442       bool IsLoad = MCII.mayLoad();
1443       bool IsStore = MCII.mayStore();
1444       // Is it LEA? (deals with memory but is not loading nor storing)
1445       if (!IsLoad && !IsStore)
1446         return false;
1447 
1448       // Try to guess data size involved in the load/store by looking at the
1449       // register size. If there's no reg involved, return 0 as size, meaning
1450       // we don't know.
1451       for (unsigned I = 0, E = MCII.getNumOperands(); I != E; ++I) {
1452         if (MCII.OpInfo[I].OperandType != MCOI::OPERAND_REGISTER)
1453           continue;
1454         if (static_cast<int>(I) >= MemOpNo && I < X86::AddrNumOperands)
1455           continue;
1456         Sz = RegInfo->getRegClass(MCII.OpInfo[I].RegClass).getSizeInBits() / 8;
1457         break;
1458       }
1459       I = {Sz, IsLoad, IsStore, false, false};
1460       break;
1461     }
1462     case X86::MOV16rm: I = {2, true, false, false, true}; break;
1463     case X86::MOV32rm: I = {4, true, false, false, true}; break;
1464     case X86::MOV64rm: I = {8, true, false, false, true}; break;
1465     case X86::MOV16mr: I = {2, false, true, true, true};  break;
1466     case X86::MOV32mr: I = {4, false, true, true, true};  break;
1467     case X86::MOV64mr: I = {8, false, true, true, true};  break;
1468     case X86::MOV16mi: I = {2, false, true, false, true}; break;
1469     case X86::MOV32mi: I = {4, false, true, false, true}; break;
1470     } // end switch (Inst.getOpcode())
1471 
1472     unsigned BaseRegNum;
1473     int64_t ScaleValue;
1474     unsigned IndexRegNum;
1475     int64_t DispValue;
1476     unsigned SegRegNum;
1477     const MCExpr *DispExpr;
1478     if (!evaluateX86MemoryOperand(Inst, &BaseRegNum, &ScaleValue, &IndexRegNum,
1479                                   &DispValue, &SegRegNum, &DispExpr)) {
1480       LLVM_DEBUG(dbgs() << "Evaluate failed on ");
1481       LLVM_DEBUG(Inst.dump());
1482       return false;
1483     }
1484 
1485     // Make sure it's a stack access
1486     if (BaseRegNum != X86::RBP && BaseRegNum != X86::RSP) {
1487       return false;
1488     }
1489 
1490     IsLoad = I.IsLoad;
1491     IsStore = I.IsStore;
1492     IsStoreFromReg = I.StoreFromReg;
1493     Size = I.DataSize;
1494     IsSimple = I.Simple;
1495     StackPtrReg = BaseRegNum;
1496     StackOffset = DispValue;
1497     IsIndexed = IndexRegNum != X86::NoRegister || SegRegNum != X86::NoRegister;
1498 
1499     if (!I.Simple)
1500       return true;
1501 
1502     // Retrieve related register in simple MOV from/to stack operations.
1503     unsigned MemOpOffset = static_cast<unsigned>(MemOpNo);
1504     if (I.IsLoad) {
1505       MCOperand RegOpnd = Inst.getOperand(0);
1506       assert(RegOpnd.isReg() && "unexpected destination operand");
1507       Reg = RegOpnd.getReg();
1508     } else if (I.IsStore) {
1509       MCOperand SrcOpnd =
1510           Inst.getOperand(MemOpOffset + X86::AddrSegmentReg + 1);
1511       if (I.StoreFromReg) {
1512         assert(SrcOpnd.isReg() && "unexpected source operand");
1513         Reg = SrcOpnd.getReg();
1514       } else {
1515         assert(SrcOpnd.isImm() && "unexpected source operand");
1516         SrcImm = SrcOpnd.getImm();
1517       }
1518     }
1519 
1520     return true;
1521   }
1522 
1523   void changeToPushOrPop(MCInst &Inst) const override {
1524     assert(!isPush(Inst) && !isPop(Inst));
1525 
1526     struct InstInfo {
1527       // Size in bytes that Inst loads from memory.
1528       uint8_t DataSize;
1529       bool IsLoad;
1530       bool StoreFromReg;
1531     };
1532 
1533     InstInfo I;
1534     switch (Inst.getOpcode()) {
1535     default: {
1536       llvm_unreachable("Unhandled opcode");
1537       return;
1538     }
1539     case X86::MOV16rm: I = {2, true, false}; break;
1540     case X86::MOV32rm: I = {4, true, false}; break;
1541     case X86::MOV64rm: I = {8, true, false}; break;
1542     case X86::MOV16mr: I = {2, false, true};  break;
1543     case X86::MOV32mr: I = {4, false, true};  break;
1544     case X86::MOV64mr: I = {8, false, true};  break;
1545     case X86::MOV16mi: I = {2, false, false}; break;
1546     case X86::MOV32mi: I = {4, false, false}; break;
1547     } // end switch (Inst.getOpcode())
1548 
1549     unsigned BaseRegNum;
1550     int64_t ScaleValue;
1551     unsigned IndexRegNum;
1552     int64_t DispValue;
1553     unsigned SegRegNum;
1554     const MCExpr *DispExpr;
1555     if (!evaluateX86MemoryOperand(Inst, &BaseRegNum, &ScaleValue, &IndexRegNum,
1556                                   &DispValue, &SegRegNum, &DispExpr)) {
1557       llvm_unreachable("Evaluate failed");
1558       return;
1559     }
1560     // Make sure it's a stack access
1561     if (BaseRegNum != X86::RBP && BaseRegNum != X86::RSP) {
1562       llvm_unreachable("Not a stack access");
1563       return;
1564     }
1565 
1566     unsigned MemOpOffset = getMemoryOperandNo(Inst);
1567     unsigned NewOpcode = 0;
1568     if (I.IsLoad) {
1569       switch (I.DataSize) {
1570         case 2: NewOpcode = X86::POP16r; break;
1571         case 4: NewOpcode = X86::POP32r; break;
1572         case 8: NewOpcode = X86::POP64r; break;
1573         default:
1574           assert(false);
1575       }
1576       unsigned RegOpndNum = Inst.getOperand(0).getReg();
1577       Inst.clear();
1578       Inst.setOpcode(NewOpcode);
1579       Inst.addOperand(MCOperand::createReg(RegOpndNum));
1580     } else {
1581       MCOperand SrcOpnd =
1582           Inst.getOperand(MemOpOffset + X86::AddrSegmentReg + 1);
1583       if (I.StoreFromReg) {
1584         switch (I.DataSize) {
1585           case 2: NewOpcode = X86::PUSH16r; break;
1586           case 4: NewOpcode = X86::PUSH32r; break;
1587           case 8: NewOpcode = X86::PUSH64r; break;
1588           default:
1589             assert(false);
1590         }
1591         assert(SrcOpnd.isReg() && "unexpected source operand");
1592         unsigned RegOpndNum = SrcOpnd.getReg();
1593         Inst.clear();
1594         Inst.setOpcode(NewOpcode);
1595         Inst.addOperand(MCOperand::createReg(RegOpndNum));
1596       } else {
1597         switch (I.DataSize) {
1598           case 2: NewOpcode = X86::PUSH16i8; break;
1599           case 4: NewOpcode = X86::PUSH32i8; break;
1600           case 8: NewOpcode = X86::PUSH64i32; break;
1601           default:
1602             assert(false);
1603         }
1604         assert(SrcOpnd.isImm() && "unexpected source operand");
1605         int64_t SrcImm = SrcOpnd.getImm();
1606         Inst.clear();
1607         Inst.setOpcode(NewOpcode);
1608         Inst.addOperand(MCOperand::createImm(SrcImm));
1609       }
1610     }
1611   }
1612 
1613   bool isStackAdjustment(const MCInst &Inst) const override {
1614     switch (Inst.getOpcode()) {
1615     default:
1616       return false;
1617     case X86::SUB64ri32:
1618     case X86::SUB64ri8:
1619     case X86::ADD64ri32:
1620     case X86::ADD64ri8:
1621     case X86::LEA64r:
1622       break;
1623     }
1624 
1625     const MCInstrDesc &MCII = Info->get(Inst.getOpcode());
1626     for (int I = 0, E = MCII.getNumDefs(); I != E; ++I) {
1627       const MCOperand &Operand = Inst.getOperand(I);
1628       if (Operand.isReg() && Operand.getReg() == X86::RSP) {
1629         return true;
1630       }
1631     }
1632     return false;
1633   }
1634 
1635   bool evaluateSimple(const MCInst &Inst, int64_t &Output,
1636                       std::pair<MCPhysReg, int64_t> Input1,
1637                       std::pair<MCPhysReg, int64_t> Input2) const override {
1638 
1639     auto getOperandVal = [&](MCPhysReg Reg) -> ErrorOr<int64_t> {
1640       if (Reg == Input1.first)
1641         return Input1.second;
1642       if (Reg == Input2.first)
1643         return Input2.second;
1644       return make_error_code(errc::result_out_of_range);
1645     };
1646 
1647     switch (Inst.getOpcode()) {
1648     default:
1649       return false;
1650 
1651     case X86::AND64ri32:
1652     case X86::AND64ri8:
1653       if (!Inst.getOperand(2).isImm())
1654         return false;
1655       if (ErrorOr<int64_t> InputVal =
1656               getOperandVal(Inst.getOperand(1).getReg())) {
1657         Output = *InputVal & Inst.getOperand(2).getImm();
1658       } else {
1659         return false;
1660       }
1661       break;
1662     case X86::SUB64ri32:
1663     case X86::SUB64ri8:
1664       if (!Inst.getOperand(2).isImm())
1665         return false;
1666       if (ErrorOr<int64_t> InputVal =
1667               getOperandVal(Inst.getOperand(1).getReg())) {
1668         Output = *InputVal - Inst.getOperand(2).getImm();
1669       } else {
1670         return false;
1671       }
1672       break;
1673     case X86::ADD64ri32:
1674     case X86::ADD64ri8:
1675       if (!Inst.getOperand(2).isImm())
1676         return false;
1677       if (ErrorOr<int64_t> InputVal =
1678               getOperandVal(Inst.getOperand(1).getReg())) {
1679         Output = *InputVal + Inst.getOperand(2).getImm();
1680       } else {
1681         return false;
1682       }
1683       break;
1684     case X86::ADD64i32:
1685       if (!Inst.getOperand(0).isImm())
1686         return false;
1687       if (ErrorOr<int64_t> InputVal = getOperandVal(X86::RAX)) {
1688         Output = *InputVal + Inst.getOperand(0).getImm();
1689       } else {
1690         return false;
1691       }
1692       break;
1693 
1694     case X86::LEA64r: {
1695       unsigned BaseRegNum;
1696       int64_t ScaleValue;
1697       unsigned IndexRegNum;
1698       int64_t DispValue;
1699       unsigned SegRegNum;
1700       const MCExpr *DispExpr = nullptr;
1701       if (!evaluateX86MemoryOperand(Inst, &BaseRegNum, &ScaleValue,
1702                                     &IndexRegNum, &DispValue, &SegRegNum,
1703                                     &DispExpr)) {
1704         return false;
1705       }
1706 
1707       if (BaseRegNum == X86::NoRegister || IndexRegNum != X86::NoRegister ||
1708           SegRegNum != X86::NoRegister || DispExpr) {
1709         return false;
1710       }
1711 
1712       if (ErrorOr<int64_t> InputVal = getOperandVal(BaseRegNum)) {
1713         Output = *InputVal + DispValue;
1714       } else {
1715         return false;
1716       }
1717 
1718       break;
1719     }
1720     }
1721     return true;
1722   }
1723 
1724   bool isRegToRegMove(const MCInst &Inst, MCPhysReg &From,
1725                       MCPhysReg &To) const override {
1726     switch (Inst.getOpcode()) {
1727     default:
1728       return false;
1729     case X86::LEAVE:
1730     case X86::LEAVE64:
1731       To = getStackPointer();
1732       From = getFramePointer();
1733       return true;
1734     case X86::MOV64rr:
1735       To = Inst.getOperand(0).getReg();
1736       From = Inst.getOperand(1).getReg();
1737       return true;
1738     }
1739   }
1740 
1741   MCPhysReg getStackPointer() const override { return X86::RSP; }
1742   MCPhysReg getFramePointer() const override { return X86::RBP; }
1743   MCPhysReg getFlagsReg() const override { return X86::EFLAGS; }
1744 
1745   bool escapesVariable(const MCInst &Inst, bool HasFramePointer) const override {
1746     int MemOpNo = getMemoryOperandNo(Inst);
1747     const MCInstrDesc &MCII = Info->get(Inst.getOpcode());
1748     const unsigned NumDefs = MCII.getNumDefs();
1749     static BitVector SPBPAliases(BitVector(getAliases(X86::RSP)) |=
1750                                  getAliases(X86::RBP));
1751     static BitVector SPAliases(getAliases(X86::RSP));
1752 
1753     // FIXME: PUSH can be technically a leak, but let's ignore this for now
1754     // because a lot of harmless prologue code will spill SP to the stack.
1755     // Unless push is clearly pushing an object address to the stack as
1756     // demonstrated by having a MemOp.
1757     bool IsPush = isPush(Inst);
1758     if (IsPush && MemOpNo == -1)
1759       return false;
1760 
1761     // We use this to detect LEA (has memop but does not access mem)
1762     bool AccessMem = MCII.mayLoad() || MCII.mayStore();
1763     bool DoesLeak = false;
1764     for (int I = 0, E = MCPlus::getNumPrimeOperands(Inst); I != E; ++I) {
1765       // Ignore if SP/BP is used to dereference memory -- that's fine
1766       if (MemOpNo != -1 && !IsPush && AccessMem && I >= MemOpNo &&
1767           I <= MemOpNo + 5)
1768         continue;
1769       // Ignore if someone is writing to SP/BP
1770       if (I < static_cast<int>(NumDefs))
1771         continue;
1772 
1773       const MCOperand &Operand = Inst.getOperand(I);
1774       if (HasFramePointer && Operand.isReg() && SPBPAliases[Operand.getReg()]) {
1775         DoesLeak = true;
1776         break;
1777       }
1778       if (!HasFramePointer && Operand.isReg() && SPAliases[Operand.getReg()]) {
1779         DoesLeak = true;
1780         break;
1781       }
1782     }
1783 
1784     // If potential leak, check if it is not just writing to itself/sp/bp
1785     if (DoesLeak) {
1786       for (int I = 0, E = NumDefs; I != E; ++I) {
1787         const MCOperand &Operand = Inst.getOperand(I);
1788         if (HasFramePointer && Operand.isReg() &&
1789             SPBPAliases[Operand.getReg()]) {
1790           DoesLeak = false;
1791           break;
1792         }
1793         if (!HasFramePointer && Operand.isReg() &&
1794             SPAliases[Operand.getReg()]) {
1795           DoesLeak = false;
1796           break;
1797         }
1798       }
1799     }
1800     return DoesLeak;
1801   }
1802 
1803   bool addToImm(MCInst &Inst, int64_t &Amt, MCContext *Ctx) const override {
1804     unsigned ImmOpNo = -1U;
1805     int MemOpNo = getMemoryOperandNo(Inst);
1806     if (MemOpNo != -1) {
1807       ImmOpNo = MemOpNo + X86::AddrDisp;
1808     } else {
1809       for (unsigned Index = 0;
1810            Index < MCPlus::getNumPrimeOperands(Inst); ++Index) {
1811         if (Inst.getOperand(Index).isImm()) {
1812           ImmOpNo = Index;
1813         }
1814       }
1815     }
1816     if (ImmOpNo == -1U)
1817       return false;
1818 
1819     MCOperand &Operand = Inst.getOperand(ImmOpNo);
1820     Amt += Operand.getImm();
1821     Operand.setImm(Amt);
1822     // Check for the need for relaxation
1823     if (int64_t(Amt) == int64_t(int8_t(Amt)))
1824       return true;
1825 
1826     // Relax instruction
1827     switch (Inst.getOpcode()) {
1828     case X86::SUB64ri8:
1829       Inst.setOpcode(X86::SUB64ri32);
1830       break;
1831     case X86::ADD64ri8:
1832       Inst.setOpcode(X86::ADD64ri32);
1833       break;
1834     default:
1835       // No need for relaxation
1836       break;
1837     }
1838     return true;
1839   }
1840 
1841   /// TODO: this implementation currently works for the most common opcodes that
1842   /// load from memory. It can be extended to work with memory store opcodes as
1843   /// well as more memory load opcodes.
1844   bool replaceMemOperandWithImm(MCInst &Inst, StringRef ConstantData,
1845                                 uint64_t Offset) const override {
1846     enum CheckSignExt : uint8_t {
1847       NOCHECK = 0,
1848       CHECK8,
1849       CHECK32,
1850     };
1851 
1852     using CheckList = std::vector<std::pair<CheckSignExt, unsigned>>;
1853     struct InstInfo {
1854       // Size in bytes that Inst loads from memory.
1855       uint8_t DataSize;
1856 
1857       // True when the target operand has to be duplicated because the opcode
1858       // expects a LHS operand.
1859       bool HasLHS;
1860 
1861       // List of checks and corresponding opcodes to be used. We try to use the
1862       // smallest possible immediate value when various sizes are available,
1863       // hence we may need to check whether a larger constant fits in a smaller
1864       // immediate.
1865       CheckList Checks;
1866     };
1867 
1868     InstInfo I;
1869 
1870     switch (Inst.getOpcode()) {
1871     default: {
1872       switch (getPopSize(Inst)) {
1873       case 2:            I = {2, false, {{NOCHECK, X86::MOV16ri}}};  break;
1874       case 4:            I = {4, false, {{NOCHECK, X86::MOV32ri}}};  break;
1875       case 8:            I = {8, false, {{CHECK32, X86::MOV64ri32},
1876                                          {NOCHECK, X86::MOV64rm}}};  break;
1877       default:           return false;
1878       }
1879       break;
1880     }
1881 
1882     // MOV
1883     case X86::MOV8rm:      I = {1, false, {{NOCHECK, X86::MOV8ri}}};   break;
1884     case X86::MOV16rm:     I = {2, false, {{NOCHECK, X86::MOV16ri}}};  break;
1885     case X86::MOV32rm:     I = {4, false, {{NOCHECK, X86::MOV32ri}}};  break;
1886     case X86::MOV64rm:     I = {8, false, {{CHECK32, X86::MOV64ri32},
1887                                            {NOCHECK, X86::MOV64rm}}};  break;
1888 
1889     // MOVZX
1890     case X86::MOVZX16rm8:  I = {1, false, {{NOCHECK, X86::MOV16ri}}};  break;
1891     case X86::MOVZX32rm8:  I = {1, false, {{NOCHECK, X86::MOV32ri}}};  break;
1892     case X86::MOVZX32rm16: I = {2, false, {{NOCHECK, X86::MOV32ri}}};  break;
1893 
1894     // CMP
1895     case X86::CMP8rm:      I = {1, false, {{NOCHECK, X86::CMP8ri}}};   break;
1896     case X86::CMP16rm:     I = {2, false, {{CHECK8,  X86::CMP16ri8},
1897                                            {NOCHECK, X86::CMP16ri}}};  break;
1898     case X86::CMP32rm:     I = {4, false, {{CHECK8,  X86::CMP32ri8},
1899                                            {NOCHECK, X86::CMP32ri}}};  break;
1900     case X86::CMP64rm:     I = {8, false, {{CHECK8,  X86::CMP64ri8},
1901                                            {CHECK32, X86::CMP64ri32},
1902                                            {NOCHECK, X86::CMP64rm}}};  break;
1903 
1904     // TEST
1905     case X86::TEST8mr:     I = {1, false, {{NOCHECK, X86::TEST8ri}}};  break;
1906     case X86::TEST16mr:    I = {2, false, {{NOCHECK, X86::TEST16ri}}}; break;
1907     case X86::TEST32mr:    I = {4, false, {{NOCHECK, X86::TEST32ri}}}; break;
1908     case X86::TEST64mr:    I = {8, false, {{CHECK32, X86::TEST64ri32},
1909                                            {NOCHECK, X86::TEST64mr}}}; break;
1910 
1911     // ADD
1912     case X86::ADD8rm:      I = {1, true,  {{NOCHECK, X86::ADD8ri}}};   break;
1913     case X86::ADD16rm:     I = {2, true,  {{CHECK8,  X86::ADD16ri8},
1914                                            {NOCHECK, X86::ADD16ri}}};  break;
1915     case X86::ADD32rm:     I = {4, true,  {{CHECK8,  X86::ADD32ri8},
1916                                            {NOCHECK, X86::ADD32ri}}};  break;
1917     case X86::ADD64rm:     I = {8, true,  {{CHECK8,  X86::ADD64ri8},
1918                                            {CHECK32, X86::ADD64ri32},
1919                                            {NOCHECK, X86::ADD64rm}}};  break;
1920 
1921     // SUB
1922     case X86::SUB8rm:      I = {1, true,  {{NOCHECK, X86::SUB8ri}}};   break;
1923     case X86::SUB16rm:     I = {2, true,  {{CHECK8,  X86::SUB16ri8},
1924                                            {NOCHECK, X86::SUB16ri}}};  break;
1925     case X86::SUB32rm:     I = {4, true,  {{CHECK8,  X86::SUB32ri8},
1926                                            {NOCHECK, X86::SUB32ri}}};  break;
1927     case X86::SUB64rm:     I = {8, true,  {{CHECK8,  X86::SUB64ri8},
1928                                            {CHECK32, X86::SUB64ri32},
1929                                            {NOCHECK, X86::SUB64rm}}};  break;
1930 
1931     // AND
1932     case X86::AND8rm:      I = {1, true,  {{NOCHECK, X86::AND8ri}}};   break;
1933     case X86::AND16rm:     I = {2, true,  {{CHECK8,  X86::AND16ri8},
1934                                            {NOCHECK, X86::AND16ri}}};  break;
1935     case X86::AND32rm:     I = {4, true,  {{CHECK8,  X86::AND32ri8},
1936                                            {NOCHECK, X86::AND32ri}}};  break;
1937     case X86::AND64rm:     I = {8, true,  {{CHECK8,  X86::AND64ri8},
1938                                            {CHECK32, X86::AND64ri32},
1939                                            {NOCHECK, X86::AND64rm}}};  break;
1940 
1941     // OR
1942     case X86::OR8rm:       I = {1, true,  {{NOCHECK, X86::OR8ri}}};    break;
1943     case X86::OR16rm:      I = {2, true,  {{CHECK8,  X86::OR16ri8},
1944                                            {NOCHECK, X86::OR16ri}}};   break;
1945     case X86::OR32rm:      I = {4, true,  {{CHECK8,  X86::OR32ri8},
1946                                            {NOCHECK, X86::OR32ri}}};   break;
1947     case X86::OR64rm:      I = {8, true,  {{CHECK8,  X86::OR64ri8},
1948                                            {CHECK32, X86::OR64ri32},
1949                                            {NOCHECK, X86::OR64rm}}};   break;
1950 
1951     // XOR
1952     case X86::XOR8rm:      I = {1, true,  {{NOCHECK, X86::XOR8ri}}};   break;
1953     case X86::XOR16rm:     I = {2, true,  {{CHECK8,  X86::XOR16ri8},
1954                                            {NOCHECK, X86::XOR16ri}}};  break;
1955     case X86::XOR32rm:     I = {4, true,  {{CHECK8,  X86::XOR32ri8},
1956                                            {NOCHECK, X86::XOR32ri}}};  break;
1957     case X86::XOR64rm:     I = {8, true,  {{CHECK8,  X86::XOR64ri8},
1958                                            {CHECK32, X86::XOR64ri32},
1959                                            {NOCHECK, X86::XOR64rm}}};  break;
1960     }
1961 
1962     // Compute the immediate value.
1963     assert(Offset + I.DataSize <= ConstantData.size() &&
1964            "invalid offset for given constant data");
1965     int64_t ImmVal =
1966       DataExtractor(ConstantData, true, 8).getSigned(&Offset, I.DataSize);
1967 
1968     // Compute the new opcode.
1969     unsigned NewOpcode = 0;
1970     for (const std::pair<CheckSignExt, unsigned> &Check : I.Checks) {
1971       NewOpcode = Check.second;
1972       if (Check.first == NOCHECK)
1973         break;
1974       if (Check.first == CHECK8 &&
1975           ImmVal >= std::numeric_limits<int8_t>::min() &&
1976           ImmVal <= std::numeric_limits<int8_t>::max())
1977         break;
1978       if (Check.first == CHECK32 &&
1979           ImmVal >= std::numeric_limits<int32_t>::min() &&
1980           ImmVal <= std::numeric_limits<int32_t>::max())
1981         break;
1982     }
1983     if (NewOpcode == Inst.getOpcode())
1984       return false;
1985 
1986     // Modify the instruction.
1987     MCOperand ImmOp = MCOperand::createImm(ImmVal);
1988     uint32_t TargetOpNum = 0;
1989     // Test instruction does not follow the regular pattern of putting the
1990     // memory reference of a load (5 MCOperands) last in the list of operands.
1991     // Since it is not modifying the register operand, it is not treated as
1992     // a destination operand and it is not the first operand as it is in the
1993     // other instructions we treat here.
1994     if (NewOpcode == X86::TEST8ri ||
1995         NewOpcode == X86::TEST16ri ||
1996         NewOpcode == X86::TEST32ri ||
1997         NewOpcode == X86::TEST64ri32) {
1998       TargetOpNum = getMemoryOperandNo(Inst) + X86::AddrNumOperands;
1999     }
2000     MCOperand TargetOp = Inst.getOperand(TargetOpNum);
2001     Inst.clear();
2002     Inst.setOpcode(NewOpcode);
2003     Inst.addOperand(TargetOp);
2004     if (I.HasLHS)
2005       Inst.addOperand(TargetOp);
2006     Inst.addOperand(ImmOp);
2007 
2008     return true;
2009   }
2010 
2011   /// TODO: this implementation currently works for the most common opcodes that
2012   /// load from memory. It can be extended to work with memory store opcodes as
2013   /// well as more memory load opcodes.
2014   bool replaceMemOperandWithReg(MCInst &Inst, MCPhysReg RegNum) const override {
2015     unsigned NewOpcode;
2016 
2017     switch (Inst.getOpcode()) {
2018     default: {
2019       switch (getPopSize(Inst)) {
2020       case 2:            NewOpcode = X86::MOV16rr; break;
2021       case 4:            NewOpcode = X86::MOV32rr; break;
2022       case 8:            NewOpcode = X86::MOV64rr; break;
2023       default:           return false;
2024       }
2025       break;
2026     }
2027 
2028     // MOV
2029     case X86::MOV8rm:      NewOpcode = X86::MOV8rr;   break;
2030     case X86::MOV16rm:     NewOpcode = X86::MOV16rr;  break;
2031     case X86::MOV32rm:     NewOpcode = X86::MOV32rr;  break;
2032     case X86::MOV64rm:     NewOpcode = X86::MOV64rr;  break;
2033     }
2034 
2035     // Modify the instruction.
2036     MCOperand RegOp = MCOperand::createReg(RegNum);
2037     MCOperand TargetOp = Inst.getOperand(0);
2038     Inst.clear();
2039     Inst.setOpcode(NewOpcode);
2040     Inst.addOperand(TargetOp);
2041     Inst.addOperand(RegOp);
2042 
2043     return true;
2044   }
2045 
2046   bool isRedundantMove(const MCInst &Inst) const override {
2047     switch (Inst.getOpcode()) {
2048     default:
2049       return false;
2050 
2051     // MOV
2052     case X86::MOV8rr:
2053     case X86::MOV16rr:
2054     case X86::MOV32rr:
2055     case X86::MOV64rr:
2056       break;
2057     }
2058 
2059     assert(Inst.getOperand(0).isReg() && Inst.getOperand(1).isReg());
2060     return Inst.getOperand(0).getReg() == Inst.getOperand(1).getReg();
2061   }
2062 
2063   bool requiresAlignedAddress(const MCInst &Inst) const override {
2064     const MCInstrDesc &Desc = Info->get(Inst.getOpcode());
2065     for (unsigned int I = 0; I < Desc.getNumOperands(); ++I) {
2066       const MCOperandInfo &Op = Desc.OpInfo[I];
2067       if (Op.OperandType != MCOI::OPERAND_REGISTER)
2068         continue;
2069       if (Op.RegClass == X86::VR128RegClassID)
2070         return true;
2071     }
2072     return false;
2073   }
2074 
2075   bool convertJmpToTailCall(MCInst &Inst) override {
2076     if (isTailCall(Inst))
2077       return false;
2078 
2079     int NewOpcode;
2080     switch (Inst.getOpcode()) {
2081     default:
2082       return false;
2083     case X86::JMP_1:
2084     case X86::JMP_2:
2085     case X86::JMP_4:
2086       NewOpcode = X86::JMP_4;
2087       break;
2088     case X86::JMP16m:
2089     case X86::JMP32m:
2090     case X86::JMP64m:
2091       NewOpcode = X86::JMP32m;
2092       break;
2093     case X86::JMP16r:
2094     case X86::JMP32r:
2095     case X86::JMP64r:
2096       NewOpcode = X86::JMP32r;
2097       break;
2098     }
2099 
2100     Inst.setOpcode(NewOpcode);
2101     setTailCall(Inst);
2102     return true;
2103   }
2104 
2105   bool convertTailCallToJmp(MCInst &Inst) override {
2106     int NewOpcode;
2107     switch (Inst.getOpcode()) {
2108     default:
2109       return false;
2110     case X86::JMP_4:
2111       NewOpcode = X86::JMP_1;
2112       break;
2113     case X86::JMP32m:
2114       NewOpcode = X86::JMP64m;
2115       break;
2116     case X86::JMP32r:
2117       NewOpcode = X86::JMP64r;
2118       break;
2119     }
2120 
2121     Inst.setOpcode(NewOpcode);
2122     removeAnnotation(Inst, MCPlus::MCAnnotation::kTailCall);
2123     removeAnnotation(Inst, "Offset");
2124     return true;
2125   }
2126 
2127   bool convertTailCallToCall(MCInst &Inst) override {
2128     int NewOpcode;
2129     switch (Inst.getOpcode()) {
2130     default:
2131       return false;
2132     case X86::JMP_4:
2133       NewOpcode = X86::CALL64pcrel32;
2134       break;
2135     case X86::JMP32m:
2136       NewOpcode = X86::CALL64m;
2137       break;
2138     case X86::JMP32r:
2139       NewOpcode = X86::CALL64r;
2140       break;
2141     }
2142 
2143     Inst.setOpcode(NewOpcode);
2144     removeAnnotation(Inst, MCPlus::MCAnnotation::kTailCall);
2145     return true;
2146   }
2147 
2148   bool convertCallToIndirectCall(MCInst &Inst,
2149                                  const MCSymbol *TargetLocation,
2150                                  MCContext *Ctx) override {
2151     bool IsTailCall = isTailCall(Inst);
2152     assert((Inst.getOpcode() == X86::CALL64pcrel32 ||
2153             (Inst.getOpcode() == X86::JMP_4 && IsTailCall)) &&
2154            "64-bit direct (tail) call instruction expected");
2155     const auto NewOpcode = (Inst.getOpcode() == X86::CALL64pcrel32)
2156       ? X86::CALL64m
2157       : X86::JMP32m;
2158     Inst.setOpcode(NewOpcode);
2159 
2160     // Replace the first operand and preserve auxiliary operands of
2161     // the instruction.
2162     Inst.erase(Inst.begin());
2163     Inst.insert(Inst.begin(),
2164                 MCOperand::createReg(X86::NoRegister)); // AddrSegmentReg
2165     Inst.insert(Inst.begin(),
2166                 MCOperand::createExpr(                  // Displacement
2167                   MCSymbolRefExpr::create(TargetLocation,
2168                                           MCSymbolRefExpr::VK_None,
2169                                           *Ctx)));
2170     Inst.insert(Inst.begin(),
2171                 MCOperand::createReg(X86::NoRegister)); // IndexReg
2172     Inst.insert(Inst.begin(),
2173                 MCOperand::createImm(1));               // ScaleAmt
2174     Inst.insert(Inst.begin(),
2175                 MCOperand::createReg(X86::RIP));        // BaseReg
2176 
2177     return true;
2178   }
2179 
2180   void convertIndirectCallToLoad(MCInst &Inst, MCPhysReg Reg) override {
2181     bool IsTailCall = isTailCall(Inst);
2182     if (IsTailCall)
2183       removeAnnotation(Inst, MCPlus::MCAnnotation::kTailCall);
2184     if (Inst.getOpcode() == X86::CALL64m ||
2185         (Inst.getOpcode() == X86::JMP32m && IsTailCall)) {
2186       Inst.setOpcode(X86::MOV64rm);
2187       Inst.insert(Inst.begin(), MCOperand::createReg(Reg));
2188       return;
2189     }
2190     if (Inst.getOpcode() == X86::CALL64r ||
2191         (Inst.getOpcode() == X86::JMP32r && IsTailCall)) {
2192       Inst.setOpcode(X86::MOV64rr);
2193       Inst.insert(Inst.begin(), MCOperand::createReg(Reg));
2194       return;
2195     }
2196     LLVM_DEBUG(Inst.dump());
2197     llvm_unreachable("not implemented");
2198   }
2199 
2200   bool shortenInstruction(MCInst &Inst) const override {
2201     unsigned OldOpcode = Inst.getOpcode();
2202     unsigned NewOpcode = OldOpcode;
2203 
2204     // Check and remove EIZ/RIZ. These cases represent ambiguous cases where SIB
2205     // byte is present, but no index is used and modrm alone shoud have been
2206     // enough. Converting to NoRegister effectively removes the SIB byte.
2207     int MemOpNo = getMemoryOperandNo(Inst);
2208     if (MemOpNo >= 0) {
2209       MCOperand &IndexOp =
2210           Inst.getOperand(static_cast<unsigned>(MemOpNo) + X86::AddrIndexReg);
2211       if (IndexOp.getReg() == X86::EIZ ||
2212           IndexOp.getReg() == X86::RIZ) {
2213         IndexOp = MCOperand::createReg(X86::NoRegister);
2214       }
2215     }
2216 
2217     if (isBranch(Inst)) {
2218       NewOpcode = getShortBranchOpcode(OldOpcode);
2219     } else if (OldOpcode == X86::MOV64ri) {
2220       if (Inst.getOperand(MCPlus::getNumPrimeOperands(Inst) - 1).isImm()) {
2221         const int64_t Imm =
2222             Inst.getOperand(MCPlus::getNumPrimeOperands(Inst) - 1).getImm();
2223         if (int64_t(Imm) == int64_t(int32_t(Imm))) {
2224           NewOpcode = X86::MOV64ri32;
2225         }
2226       }
2227     } else {
2228       // If it's arithmetic instruction check if signed operand fits in 1 byte.
2229       const unsigned ShortOpcode = getShortArithOpcode(OldOpcode);
2230       if (ShortOpcode != OldOpcode &&
2231           Inst.getOperand(MCPlus::getNumPrimeOperands(Inst) - 1).isImm()) {
2232         int64_t Imm =
2233             Inst.getOperand(MCPlus::getNumPrimeOperands(Inst) - 1).getImm();
2234         if (int64_t(Imm) == int64_t(int8_t(Imm))) {
2235           NewOpcode = ShortOpcode;
2236         }
2237       }
2238     }
2239 
2240     if (NewOpcode == OldOpcode)
2241       return false;
2242 
2243     Inst.setOpcode(NewOpcode);
2244     return true;
2245   }
2246 
2247   bool lowerTailCall(MCInst &Inst) override {
2248     if (Inst.getOpcode() == X86::JMP_4 && isTailCall(Inst)) {
2249       Inst.setOpcode(X86::JMP_1);
2250       removeAnnotation(Inst, MCPlus::MCAnnotation::kTailCall);
2251       return true;
2252     }
2253     return false;
2254   }
2255 
2256   const MCSymbol *getTargetSymbol(const MCInst &Inst,
2257                                   unsigned OpNum = 0) const override {
2258     if (OpNum >= MCPlus::getNumPrimeOperands(Inst))
2259       return nullptr;
2260 
2261     const MCOperand &Op = Inst.getOperand(OpNum);
2262     if (!Op.isExpr())
2263       return nullptr;
2264 
2265     auto *SymExpr = dyn_cast<MCSymbolRefExpr>(Op.getExpr());
2266     if (!SymExpr || SymExpr->getKind() != MCSymbolRefExpr::VK_None)
2267       return nullptr;
2268 
2269     return &SymExpr->getSymbol();
2270   }
2271 
2272   // This is the same as the base class, but since we are overriding one of
2273   // getTargetSymbol's signatures above, we need to override all of them.
2274   const MCSymbol *getTargetSymbol(const MCExpr *Expr) const override {
2275     return &cast<const MCSymbolRefExpr>(Expr)->getSymbol();
2276   }
2277 
2278   bool analyzeBranch(InstructionIterator Begin,
2279                      InstructionIterator End,
2280                      const MCSymbol *&TBB,
2281                      const MCSymbol *&FBB,
2282                      MCInst *&CondBranch,
2283                      MCInst *&UncondBranch) const override {
2284     auto I = End;
2285 
2286     // Bottom-up analysis
2287     while (I != Begin) {
2288       --I;
2289 
2290       // Ignore nops and CFIs
2291       if (isPseudo(*I))
2292         continue;
2293 
2294       // Stop when we find the first non-terminator
2295       if (!isTerminator(*I))
2296         break;
2297 
2298       if (!isBranch(*I))
2299         break;
2300 
2301       // Handle unconditional branches.
2302       if ((I->getOpcode() == X86::JMP_1 ||
2303            I->getOpcode() == X86::JMP_2 ||
2304            I->getOpcode() == X86::JMP_4) &&
2305           !isTailCall(*I)) {
2306         // If any code was seen after this unconditional branch, we've seen
2307         // unreachable code. Ignore them.
2308         CondBranch = nullptr;
2309         UncondBranch = &*I;
2310         const MCSymbol *Sym = getTargetSymbol(*I);
2311         assert(Sym != nullptr &&
2312                "Couldn't extract BB symbol from jump operand");
2313         TBB = Sym;
2314         continue;
2315       }
2316 
2317       // Handle conditional branches and ignore indirect branches
2318       if (!isUnsupportedBranch(I->getOpcode()) &&
2319           getCondCode(*I) == X86::COND_INVALID) {
2320         // Indirect branch
2321         return false;
2322       }
2323 
2324       if (CondBranch == nullptr) {
2325         const MCSymbol *TargetBB = getTargetSymbol(*I);
2326         if (TargetBB == nullptr) {
2327           // Unrecognized branch target
2328           return false;
2329         }
2330         FBB = TBB;
2331         TBB = TargetBB;
2332         CondBranch = &*I;
2333         continue;
2334       }
2335 
2336       llvm_unreachable("multiple conditional branches in one BB");
2337     }
2338     return true;
2339   }
2340 
2341   template <typename Itr>
2342   std::pair<IndirectBranchType, MCInst *>
2343   analyzePICJumpTable(Itr II,
2344                       Itr IE,
2345                       MCPhysReg R1,
2346                       MCPhysReg R2) const {
2347     // Analyze PIC-style jump table code template:
2348     //
2349     //    lea PIC_JUMP_TABLE(%rip), {%r1|%r2}     <- MemLocInstr
2350     //    mov ({%r1|%r2}, %index, 4), {%r2|%r1}
2351     //    add %r2, %r1
2352     //    jmp *%r1
2353     //
2354     // (with any irrelevant instructions in-between)
2355     //
2356     // When we call this helper we've already determined %r1 and %r2, and
2357     // reverse instruction iterator \p II is pointing to the ADD instruction.
2358     //
2359     // PIC jump table looks like following:
2360     //
2361     //   JT:  ----------
2362     //    E1:| L1 - JT  |
2363     //       |----------|
2364     //    E2:| L2 - JT  |
2365     //       |----------|
2366     //       |          |
2367     //          ......
2368     //    En:| Ln - JT  |
2369     //        ----------
2370     //
2371     // Where L1, L2, ..., Ln represent labels in the function.
2372     //
2373     // The actual relocations in the table will be of the form:
2374     //
2375     //   Ln - JT
2376     //    = (Ln - En) + (En - JT)
2377     //    = R_X86_64_PC32(Ln) + En - JT
2378     //    = R_X86_64_PC32(Ln + offsetof(En))
2379     //
2380     LLVM_DEBUG(dbgs() << "Checking for PIC jump table\n");
2381     MCInst *MemLocInstr = nullptr;
2382     const MCInst *MovInstr = nullptr;
2383     while (++II != IE) {
2384       MCInst &Instr = *II;
2385       const MCInstrDesc &InstrDesc = Info->get(Instr.getOpcode());
2386       if (!InstrDesc.hasDefOfPhysReg(Instr, R1, *RegInfo) &&
2387           !InstrDesc.hasDefOfPhysReg(Instr, R2, *RegInfo)) {
2388         // Ignore instructions that don't affect R1, R2 registers.
2389         continue;
2390       } else if (!MovInstr) {
2391         // Expect to see MOV instruction.
2392         if (!isMOVSX64rm32(Instr)) {
2393           LLVM_DEBUG(dbgs() << "MOV instruction expected.\n");
2394           break;
2395         }
2396 
2397         // Check if it's setting %r1 or %r2. In canonical form it sets %r2.
2398         // If it sets %r1 - rename the registers so we have to only check
2399         // a single form.
2400         unsigned MovDestReg = Instr.getOperand(0).getReg();
2401         if (MovDestReg != R2)
2402           std::swap(R1, R2);
2403         if (MovDestReg != R2) {
2404           LLVM_DEBUG(dbgs() << "MOV instruction expected to set %r2\n");
2405           break;
2406         }
2407 
2408         // Verify operands for MOV.
2409         unsigned  BaseRegNum;
2410         int64_t   ScaleValue;
2411         unsigned  IndexRegNum;
2412         int64_t   DispValue;
2413         unsigned  SegRegNum;
2414         if (!evaluateX86MemoryOperand(Instr, &BaseRegNum,
2415                                       &ScaleValue, &IndexRegNum,
2416                                       &DispValue, &SegRegNum))
2417           break;
2418         if (BaseRegNum != R1 ||
2419             ScaleValue != 4 ||
2420             IndexRegNum == X86::NoRegister ||
2421             DispValue != 0 ||
2422             SegRegNum != X86::NoRegister)
2423           break;
2424         MovInstr = &Instr;
2425       } else {
2426         if (!InstrDesc.hasDefOfPhysReg(Instr, R1, *RegInfo))
2427           continue;
2428         if (!isLEA64r(Instr)) {
2429           LLVM_DEBUG(dbgs() << "LEA instruction expected\n");
2430           break;
2431         }
2432         if (Instr.getOperand(0).getReg() != R1) {
2433           LLVM_DEBUG(dbgs() << "LEA instruction expected to set %r1\n");
2434           break;
2435         }
2436 
2437         // Verify operands for LEA.
2438         unsigned      BaseRegNum;
2439         int64_t       ScaleValue;
2440         unsigned      IndexRegNum;
2441         const MCExpr *DispExpr = nullptr;
2442         int64_t       DispValue;
2443         unsigned      SegRegNum;
2444         if (!evaluateX86MemoryOperand(Instr, &BaseRegNum,
2445                                       &ScaleValue, &IndexRegNum,
2446                                       &DispValue, &SegRegNum, &DispExpr))
2447           break;
2448         if (BaseRegNum != RegInfo->getProgramCounter() ||
2449             IndexRegNum != X86::NoRegister ||
2450             SegRegNum != X86::NoRegister ||
2451             DispExpr == nullptr)
2452           break;
2453         MemLocInstr = &Instr;
2454         break;
2455       }
2456     }
2457 
2458     if (!MemLocInstr)
2459       return std::make_pair(IndirectBranchType::UNKNOWN, nullptr);
2460 
2461     LLVM_DEBUG(dbgs() << "checking potential PIC jump table\n");
2462     return std::make_pair(IndirectBranchType::POSSIBLE_PIC_JUMP_TABLE,
2463                           MemLocInstr);
2464   }
2465 
2466   IndirectBranchType analyzeIndirectBranch(
2467      MCInst &Instruction,
2468      InstructionIterator Begin,
2469      InstructionIterator End,
2470      const unsigned PtrSize,
2471      MCInst *&MemLocInstrOut,
2472      unsigned &BaseRegNumOut,
2473      unsigned &IndexRegNumOut,
2474      int64_t &DispValueOut,
2475      const MCExpr *&DispExprOut,
2476      MCInst *&PCRelBaseOut
2477   ) const override {
2478     // Try to find a (base) memory location from where the address for
2479     // the indirect branch is loaded. For X86-64 the memory will be specified
2480     // in the following format:
2481     //
2482     //   {%rip}/{%basereg} + Imm + IndexReg * Scale
2483     //
2484     // We are interested in the cases where Scale == sizeof(uintptr_t) and
2485     // the contents of the memory are presumably an array of pointers to code.
2486     //
2487     // Normal jump table:
2488     //
2489     //    jmp *(JUMP_TABLE, %index, Scale)        <- MemLocInstr
2490     //
2491     //    or
2492     //
2493     //    mov (JUMP_TABLE, %index, Scale), %r1    <- MemLocInstr
2494     //    ...
2495     //    jmp %r1
2496     //
2497     // We handle PIC-style jump tables separately.
2498     //
2499     MemLocInstrOut = nullptr;
2500     BaseRegNumOut = X86::NoRegister;
2501     IndexRegNumOut = X86::NoRegister;
2502     DispValueOut = 0;
2503     DispExprOut = nullptr;
2504 
2505     std::reverse_iterator<InstructionIterator> II(End);
2506     std::reverse_iterator<InstructionIterator> IE(Begin);
2507 
2508     IndirectBranchType Type = IndirectBranchType::UNKNOWN;
2509 
2510     // An instruction referencing memory used by jump instruction (directly or
2511     // via register). This location could be an array of function pointers
2512     // in case of indirect tail call, or a jump table.
2513     MCInst *MemLocInstr = nullptr;
2514 
2515     if (MCPlus::getNumPrimeOperands(Instruction) == 1) {
2516       // If the indirect jump is on register - try to detect if the
2517       // register value is loaded from a memory location.
2518       assert(Instruction.getOperand(0).isReg() && "register operand expected");
2519       const unsigned R1 = Instruction.getOperand(0).getReg();
2520       // Check if one of the previous instructions defines the jump-on register.
2521       for (auto PrevII = II; PrevII != IE; ++PrevII) {
2522         MCInst &PrevInstr = *PrevII;
2523         const MCInstrDesc &PrevInstrDesc = Info->get(PrevInstr.getOpcode());
2524 
2525         if (!PrevInstrDesc.hasDefOfPhysReg(PrevInstr, R1, *RegInfo))
2526           continue;
2527 
2528         if (isMoveMem2Reg(PrevInstr)) {
2529           MemLocInstr = &PrevInstr;
2530           break;
2531         } else if (isADD64rr(PrevInstr)) {
2532           unsigned R2 = PrevInstr.getOperand(2).getReg();
2533           if (R1 == R2)
2534             return IndirectBranchType::UNKNOWN;
2535           std::tie(Type, MemLocInstr) = analyzePICJumpTable(PrevII, IE, R1, R2);
2536           break;
2537         } else {
2538           return IndirectBranchType::UNKNOWN;
2539         }
2540       }
2541       if (!MemLocInstr) {
2542         // No definition seen for the register in this function so far. Could be
2543         // an input parameter - which means it is an external code reference.
2544         // It also could be that the definition happens to be in the code that
2545         // we haven't processed yet. Since we have to be conservative, return
2546         // as UNKNOWN case.
2547         return IndirectBranchType::UNKNOWN;
2548       }
2549     } else {
2550       MemLocInstr = &Instruction;
2551     }
2552 
2553     const MCRegister RIPRegister = RegInfo->getProgramCounter();
2554 
2555     // Analyze the memory location.
2556     unsigned      BaseRegNum, IndexRegNum, SegRegNum;
2557     int64_t       ScaleValue, DispValue;
2558     const MCExpr *DispExpr;
2559 
2560     if (!evaluateX86MemoryOperand(*MemLocInstr, &BaseRegNum,
2561                                   &ScaleValue, &IndexRegNum,
2562                                   &DispValue, &SegRegNum,
2563                                   &DispExpr))
2564       return IndirectBranchType::UNKNOWN;
2565 
2566     BaseRegNumOut = BaseRegNum;
2567     IndexRegNumOut = IndexRegNum;
2568     DispValueOut = DispValue;
2569     DispExprOut = DispExpr;
2570 
2571     if ((BaseRegNum != X86::NoRegister && BaseRegNum != RIPRegister) ||
2572         SegRegNum != X86::NoRegister)
2573       return IndirectBranchType::UNKNOWN;
2574 
2575     if (MemLocInstr == &Instruction &&
2576         (!ScaleValue || IndexRegNum == X86::NoRegister)) {
2577       MemLocInstrOut = MemLocInstr;
2578       return IndirectBranchType::POSSIBLE_FIXED_BRANCH;
2579     }
2580 
2581     if (Type == IndirectBranchType::POSSIBLE_PIC_JUMP_TABLE &&
2582         (ScaleValue != 1 || BaseRegNum != RIPRegister))
2583       return IndirectBranchType::UNKNOWN;
2584 
2585     if (Type != IndirectBranchType::POSSIBLE_PIC_JUMP_TABLE &&
2586         ScaleValue != PtrSize)
2587       return IndirectBranchType::UNKNOWN;
2588 
2589     MemLocInstrOut = MemLocInstr;
2590 
2591     return Type;
2592   }
2593 
2594   /// Analyze a callsite to see if it could be a virtual method call.  This only
2595   /// checks to see if the overall pattern is satisfied, it does not guarantee
2596   /// that the callsite is a true virtual method call.
2597   /// The format of virtual method calls that are recognized is one of the
2598   /// following:
2599   ///
2600   ///  Form 1: (found in debug code)
2601   ///    add METHOD_OFFSET, %VtableReg
2602   ///    mov (%VtableReg), %MethodReg
2603   ///    ...
2604   ///    call or jmp *%MethodReg
2605   ///
2606   ///  Form 2:
2607   ///    mov METHOD_OFFSET(%VtableReg), %MethodReg
2608   ///    ...
2609   ///    call or jmp *%MethodReg
2610   ///
2611   ///  Form 3:
2612   ///    ...
2613   ///    call or jmp *METHOD_OFFSET(%VtableReg)
2614   ///
2615   bool analyzeVirtualMethodCall(InstructionIterator ForwardBegin,
2616                                 InstructionIterator ForwardEnd,
2617                                 std::vector<MCInst *> &MethodFetchInsns,
2618                                 unsigned &VtableRegNum,
2619                                 unsigned &MethodRegNum,
2620                                 uint64_t &MethodOffset) const override {
2621     VtableRegNum = X86::NoRegister;
2622     MethodRegNum = X86::NoRegister;
2623     MethodOffset = 0;
2624 
2625     std::reverse_iterator<InstructionIterator> Itr(ForwardEnd);
2626     std::reverse_iterator<InstructionIterator> End(ForwardBegin);
2627 
2628     MCInst &CallInst = *Itr++;
2629     assert(isIndirectBranch(CallInst) || isCall(CallInst));
2630 
2631     unsigned BaseReg, IndexReg, SegmentReg;
2632     int64_t Scale, Disp;
2633     const MCExpr *DispExpr;
2634 
2635     // The call can just be jmp offset(reg)
2636     if (evaluateX86MemoryOperand(CallInst,
2637                                  &BaseReg,
2638                                  &Scale,
2639                                  &IndexReg,
2640                                  &Disp,
2641                                  &SegmentReg,
2642                                  &DispExpr)) {
2643       if (!DispExpr &&
2644           BaseReg != X86::RIP &&
2645           BaseReg != X86::RBP &&
2646           BaseReg != X86::NoRegister) {
2647         MethodRegNum = BaseReg;
2648         if (Scale == 1 &&
2649             IndexReg == X86::NoRegister &&
2650             SegmentReg == X86::NoRegister) {
2651           VtableRegNum = MethodRegNum;
2652           MethodOffset = Disp;
2653           MethodFetchInsns.push_back(&CallInst);
2654           return true;
2655         }
2656       }
2657       return false;
2658     } else if (CallInst.getOperand(0).isReg()) {
2659       MethodRegNum = CallInst.getOperand(0).getReg();
2660     } else {
2661       return false;
2662     }
2663 
2664     if (MethodRegNum == X86::RIP || MethodRegNum == X86::RBP) {
2665       VtableRegNum = X86::NoRegister;
2666       MethodRegNum = X86::NoRegister;
2667       return false;
2668     }
2669 
2670     // find load from vtable, this may or may not include the method offset
2671     while (Itr != End) {
2672       MCInst &CurInst = *Itr++;
2673       const MCInstrDesc &Desc = Info->get(CurInst.getOpcode());
2674       if (Desc.hasDefOfPhysReg(CurInst, MethodRegNum, *RegInfo)) {
2675         if (isLoad(CurInst) &&
2676             evaluateX86MemoryOperand(CurInst,
2677                                      &BaseReg,
2678                                      &Scale,
2679                                      &IndexReg,
2680                                      &Disp,
2681                                      &SegmentReg,
2682                                      &DispExpr)) {
2683           if (!DispExpr &&
2684               Scale == 1 &&
2685               BaseReg != X86::RIP &&
2686               BaseReg != X86::RBP &&
2687               BaseReg != X86::NoRegister &&
2688               IndexReg == X86::NoRegister &&
2689               SegmentReg == X86::NoRegister &&
2690               BaseReg != X86::RIP) {
2691             VtableRegNum = BaseReg;
2692             MethodOffset = Disp;
2693             MethodFetchInsns.push_back(&CurInst);
2694             if (MethodOffset != 0)
2695               return true;
2696             break;
2697           }
2698         }
2699         return false;
2700       }
2701     }
2702 
2703     if (!VtableRegNum)
2704       return false;
2705 
2706     // look for any adds affecting the method register.
2707     while (Itr != End) {
2708       MCInst &CurInst = *Itr++;
2709       const MCInstrDesc &Desc = Info->get(CurInst.getOpcode());
2710       if (Desc.hasDefOfPhysReg(CurInst, VtableRegNum, *RegInfo)) {
2711         if (isADDri(CurInst)) {
2712           assert(!MethodOffset);
2713           MethodOffset = CurInst.getOperand(2).getImm();
2714           MethodFetchInsns.insert(MethodFetchInsns.begin(), &CurInst);
2715           break;
2716         }
2717       }
2718     }
2719 
2720     return true;
2721   }
2722 
2723   bool createStackPointerIncrement(MCInst &Inst, int Size,
2724                                    bool NoFlagsClobber) const override {
2725     if (NoFlagsClobber) {
2726       Inst.setOpcode(X86::LEA64r);
2727       Inst.clear();
2728       Inst.addOperand(MCOperand::createReg(X86::RSP));
2729       Inst.addOperand(MCOperand::createReg(X86::RSP));        // BaseReg
2730       Inst.addOperand(MCOperand::createImm(1));               // ScaleAmt
2731       Inst.addOperand(MCOperand::createReg(X86::NoRegister)); // IndexReg
2732       Inst.addOperand(MCOperand::createImm(-Size));           // Displacement
2733       Inst.addOperand(MCOperand::createReg(X86::NoRegister)); // AddrSegmentReg
2734       return true;
2735     }
2736     Inst.setOpcode(X86::SUB64ri8);
2737     Inst.clear();
2738     Inst.addOperand(MCOperand::createReg(X86::RSP));
2739     Inst.addOperand(MCOperand::createReg(X86::RSP));
2740     Inst.addOperand(MCOperand::createImm(Size));
2741     return true;
2742   }
2743 
2744   bool createStackPointerDecrement(MCInst &Inst, int Size,
2745                                    bool NoFlagsClobber) const override {
2746     if (NoFlagsClobber) {
2747       Inst.setOpcode(X86::LEA64r);
2748       Inst.clear();
2749       Inst.addOperand(MCOperand::createReg(X86::RSP));
2750       Inst.addOperand(MCOperand::createReg(X86::RSP));        // BaseReg
2751       Inst.addOperand(MCOperand::createImm(1));               // ScaleAmt
2752       Inst.addOperand(MCOperand::createReg(X86::NoRegister)); // IndexReg
2753       Inst.addOperand(MCOperand::createImm(Size));            // Displacement
2754       Inst.addOperand(MCOperand::createReg(X86::NoRegister)); // AddrSegmentReg
2755       return true;
2756     }
2757     Inst.setOpcode(X86::ADD64ri8);
2758     Inst.clear();
2759     Inst.addOperand(MCOperand::createReg(X86::RSP));
2760     Inst.addOperand(MCOperand::createReg(X86::RSP));
2761     Inst.addOperand(MCOperand::createImm(Size));
2762     return true;
2763   }
2764 
2765   bool createSaveToStack(MCInst &Inst, const MCPhysReg &StackReg, int Offset,
2766                          const MCPhysReg &SrcReg, int Size) const override {
2767     unsigned NewOpcode;
2768     switch (Size) {
2769       default:
2770         return false;
2771       case 2:      NewOpcode = X86::MOV16mr; break;
2772       case 4:      NewOpcode = X86::MOV32mr; break;
2773       case 8:      NewOpcode = X86::MOV64mr; break;
2774     }
2775     Inst.setOpcode(NewOpcode);
2776     Inst.clear();
2777     Inst.addOperand(MCOperand::createReg(StackReg)); // BaseReg
2778     Inst.addOperand(MCOperand::createImm(1)); // ScaleAmt
2779     Inst.addOperand(MCOperand::createReg(X86::NoRegister)); // IndexReg
2780     Inst.addOperand(MCOperand::createImm(Offset)); // Displacement
2781     Inst.addOperand(MCOperand::createReg(X86::NoRegister)); // AddrSegmentReg
2782     Inst.addOperand(MCOperand::createReg(SrcReg));
2783     return true;
2784   }
2785 
2786   bool createRestoreFromStack(MCInst &Inst, const MCPhysReg &StackReg,
2787                               int Offset, const MCPhysReg &DstReg,
2788                               int Size) const override {
2789     return createLoad(Inst, StackReg, /*Scale=*/1, /*IndexReg=*/X86::NoRegister,
2790                       Offset, nullptr, /*AddrSegmentReg=*/X86::NoRegister,
2791                       DstReg, Size);
2792   }
2793 
2794   bool createLoad(MCInst &Inst, const MCPhysReg &BaseReg, int64_t Scale,
2795                   const MCPhysReg &IndexReg, int64_t Offset,
2796                   const MCExpr *OffsetExpr, const MCPhysReg &AddrSegmentReg,
2797                   const MCPhysReg &DstReg, int Size) const override {
2798     unsigned NewOpcode;
2799     switch (Size) {
2800       default:
2801         return false;
2802       case 2:      NewOpcode = X86::MOV16rm; break;
2803       case 4:      NewOpcode = X86::MOV32rm; break;
2804       case 8:      NewOpcode = X86::MOV64rm; break;
2805     }
2806     Inst.setOpcode(NewOpcode);
2807     Inst.clear();
2808     Inst.addOperand(MCOperand::createReg(DstReg));
2809     Inst.addOperand(MCOperand::createReg(BaseReg));
2810     Inst.addOperand(MCOperand::createImm(Scale));
2811     Inst.addOperand(MCOperand::createReg(IndexReg));
2812     if (OffsetExpr)
2813       Inst.addOperand(MCOperand::createExpr(OffsetExpr)); // Displacement
2814     else
2815       Inst.addOperand(MCOperand::createImm(Offset)); // Displacement
2816     Inst.addOperand(MCOperand::createReg(AddrSegmentReg)); // AddrSegmentReg
2817     return true;
2818   }
2819 
2820   void createLoadImmediate(MCInst &Inst, const MCPhysReg Dest,
2821                            uint32_t Imm) const override {
2822     Inst.setOpcode(X86::MOV64ri32);
2823     Inst.clear();
2824     Inst.addOperand(MCOperand::createReg(Dest));
2825     Inst.addOperand(MCOperand::createImm(Imm));
2826   }
2827 
2828   bool createIncMemory(MCInst &Inst, const MCSymbol *Target,
2829                        MCContext *Ctx) const override {
2830 
2831     Inst.setOpcode(X86::LOCK_INC64m);
2832     Inst.clear();
2833     Inst.addOperand(MCOperand::createReg(X86::RIP));        // BaseReg
2834     Inst.addOperand(MCOperand::createImm(1));               // ScaleAmt
2835     Inst.addOperand(MCOperand::createReg(X86::NoRegister)); // IndexReg
2836 
2837     Inst.addOperand(MCOperand::createExpr(
2838         MCSymbolRefExpr::create(Target, MCSymbolRefExpr::VK_None,
2839                                 *Ctx)));                    // Displacement
2840     Inst.addOperand(MCOperand::createReg(X86::NoRegister)); // AddrSegmentReg
2841     return true;
2842   }
2843 
2844   bool createIJmp32Frag(SmallVectorImpl<MCInst> &Insts,
2845                         const MCOperand &BaseReg, const MCOperand &Scale,
2846                         const MCOperand &IndexReg, const MCOperand &Offset,
2847                         const MCOperand &TmpReg) const override {
2848     // The code fragment we emit here is:
2849     //
2850     //  mov32 (%base, %index, scale), %tmpreg
2851     //  ijmp *(%tmpreg)
2852     //
2853     MCInst IJmp;
2854     IJmp.setOpcode(X86::JMP64r);
2855     IJmp.addOperand(TmpReg);
2856 
2857     MCInst Load;
2858     Load.setOpcode(X86::MOV32rm);
2859     Load.addOperand(TmpReg);
2860     Load.addOperand(BaseReg);
2861     Load.addOperand(Scale);
2862     Load.addOperand(IndexReg);
2863     Load.addOperand(Offset);
2864     Load.addOperand(MCOperand::createReg(X86::NoRegister));
2865 
2866     Insts.push_back(Load);
2867     Insts.push_back(IJmp);
2868     return true;
2869   }
2870 
2871   bool createNoop(MCInst &Inst) const override {
2872     Inst.setOpcode(X86::NOOP);
2873     return true;
2874   }
2875 
2876   bool createReturn(MCInst &Inst) const override {
2877     Inst.setOpcode(X86::RET64);
2878     return true;
2879   }
2880 
2881   std::vector<MCInst> createInlineMemcpy(bool ReturnEnd) const override {
2882     std::vector<MCInst> Code;
2883     if (ReturnEnd) {
2884       Code.emplace_back(MCInstBuilder(X86::LEA64r)
2885                             .addReg(X86::RAX)
2886                             .addReg(X86::RDI)
2887                             .addImm(1)
2888                             .addReg(X86::RDX)
2889                             .addImm(0)
2890                             .addReg(X86::NoRegister));
2891     } else {
2892       Code.emplace_back(MCInstBuilder(X86::MOV64rr)
2893                             .addReg(X86::RAX)
2894                             .addReg(X86::RDI));
2895     }
2896     Code.emplace_back(MCInstBuilder(X86::MOV32rr)
2897                           .addReg(X86::ECX)
2898                           .addReg(X86::EDX));
2899     Code.emplace_back(MCInstBuilder(X86::REP_MOVSB_64));
2900 
2901     return Code;
2902   }
2903 
2904   std::vector<MCInst> createOneByteMemcpy() const override {
2905     std::vector<MCInst> Code;
2906     Code.emplace_back(MCInstBuilder(X86::MOV8rm)
2907                           .addReg(X86::CL)
2908                           .addReg(X86::RSI)
2909                           .addImm(0)
2910                           .addReg(X86::NoRegister)
2911                           .addImm(0)
2912                           .addReg(X86::NoRegister));
2913     Code.emplace_back(MCInstBuilder(X86::MOV8mr)
2914                           .addReg(X86::RDI)
2915                           .addImm(0)
2916                           .addReg(X86::NoRegister)
2917                           .addImm(0)
2918                           .addReg(X86::NoRegister)
2919                           .addReg(X86::CL));
2920     Code.emplace_back(MCInstBuilder(X86::MOV64rr)
2921                           .addReg(X86::RAX)
2922                           .addReg(X86::RDI));
2923     return Code;
2924   }
2925 
2926   std::vector<MCInst>
2927   createCmpJE(MCPhysReg RegNo, int64_t Imm, const MCSymbol *Target,
2928               MCContext *Ctx) const override {
2929     std::vector<MCInst> Code;
2930     Code.emplace_back(MCInstBuilder(X86::CMP64ri8)
2931                           .addReg(RegNo)
2932                           .addImm(Imm));
2933     Code.emplace_back(MCInstBuilder(X86::JCC_1)
2934                           .addExpr(MCSymbolRefExpr::create(
2935                               Target, MCSymbolRefExpr::VK_None, *Ctx))
2936                           .addImm(X86::COND_E));
2937     return Code;
2938   }
2939 
2940   Optional<Relocation>
2941   createRelocation(const MCFixup &Fixup,
2942                    const MCAsmBackend &MAB) const override {
2943     const MCFixupKindInfo &FKI = MAB.getFixupKindInfo(Fixup.getKind());
2944 
2945     assert(FKI.TargetOffset == 0 && "0-bit relocation offset expected");
2946     const uint64_t RelOffset = Fixup.getOffset();
2947 
2948     uint64_t RelType;
2949     if (FKI.Flags & MCFixupKindInfo::FKF_IsPCRel) {
2950       switch (FKI.TargetSize) {
2951       default:
2952         return NoneType();
2953       case  8: RelType = ELF::R_X86_64_PC8; break;
2954       case 16: RelType = ELF::R_X86_64_PC16; break;
2955       case 32: RelType = ELF::R_X86_64_PC32; break;
2956       case 64: RelType = ELF::R_X86_64_PC64; break;
2957       }
2958     } else {
2959       switch (FKI.TargetSize) {
2960       default:
2961         return NoneType();
2962       case  8: RelType = ELF::R_X86_64_8; break;
2963       case 16: RelType = ELF::R_X86_64_16; break;
2964       case 32: RelType = ELF::R_X86_64_32; break;
2965       case 64: RelType = ELF::R_X86_64_64; break;
2966       }
2967     }
2968 
2969     // Extract a symbol and an addend out of the fixup value expression.
2970     //
2971     // Only the following limited expression types are supported:
2972     //   Symbol + Addend
2973     //   Symbol
2974     uint64_t Addend = 0;
2975     MCSymbol *Symbol = nullptr;
2976     const MCExpr *ValueExpr = Fixup.getValue();
2977     if (ValueExpr->getKind() == MCExpr::Binary) {
2978       const auto *BinaryExpr = cast<MCBinaryExpr>(ValueExpr);
2979       assert(BinaryExpr->getOpcode() == MCBinaryExpr::Add &&
2980              "unexpected binary expression");
2981       const MCExpr *LHS = BinaryExpr->getLHS();
2982       assert(LHS->getKind() == MCExpr::SymbolRef && "unexpected LHS");
2983       Symbol = const_cast<MCSymbol *>(this->getTargetSymbol(LHS));
2984       const MCExpr *RHS = BinaryExpr->getRHS();
2985       assert(RHS->getKind() == MCExpr::Constant && "unexpected RHS");
2986       Addend = cast<MCConstantExpr>(RHS)->getValue();
2987     } else {
2988       assert(ValueExpr->getKind() == MCExpr::SymbolRef && "unexpected value");
2989       Symbol = const_cast<MCSymbol *>(this->getTargetSymbol(ValueExpr));
2990     }
2991 
2992     return Relocation({RelOffset, Symbol, RelType, Addend, 0});
2993   }
2994 
2995   bool replaceImmWithSymbolRef(MCInst &Inst, const MCSymbol *Symbol,
2996                                int64_t Addend, MCContext *Ctx, int64_t &Value,
2997                                uint64_t RelType) const override {
2998     unsigned ImmOpNo = -1U;
2999 
3000     for (unsigned Index = 0;
3001          Index < MCPlus::getNumPrimeOperands(Inst); ++Index) {
3002       if (Inst.getOperand(Index).isImm()) {
3003         ImmOpNo = Index;
3004         // TODO: this is a bit hacky.  It finds the correct operand by
3005         // searching for a specific immediate value.  If no value is
3006         // provided it defaults to the last immediate operand found.
3007         // This could lead to unexpected results if the instruction
3008         // has more than one immediate with the same value.
3009         if (Inst.getOperand(ImmOpNo).getImm() == Value)
3010           break;
3011       }
3012     }
3013 
3014     if (ImmOpNo == -1U)
3015       return false;
3016 
3017     Value = Inst.getOperand(ImmOpNo).getImm();
3018 
3019     setOperandToSymbolRef(Inst, ImmOpNo, Symbol, Addend, Ctx, RelType);
3020 
3021     return true;
3022   }
3023 
3024   bool replaceRegWithImm(MCInst &Inst, unsigned Register,
3025                          int64_t Imm) const override {
3026 
3027     enum CheckSignExt : uint8_t {
3028       NOCHECK = 0,
3029       CHECK8,
3030       CHECK32,
3031     };
3032 
3033     using CheckList = std::vector<std::pair<CheckSignExt, unsigned>>;
3034     struct InstInfo {
3035       // Size in bytes that Inst loads from memory.
3036       uint8_t DataSize;
3037 
3038       // True when the target operand has to be duplicated because the opcode
3039       // expects a LHS operand.
3040       bool HasLHS;
3041 
3042       // List of checks and corresponding opcodes to be used. We try to use the
3043       // smallest possible immediate value when various sizes are available,
3044       // hence we may need to check whether a larger constant fits in a smaller
3045       // immediate.
3046       CheckList Checks;
3047     };
3048 
3049     InstInfo I;
3050 
3051     switch (Inst.getOpcode()) {
3052     default: {
3053       switch (getPushSize(Inst)) {
3054 
3055       case 2: I = {2, false, {{CHECK8, X86::PUSH16i8}, {NOCHECK, X86::PUSHi16}}}; break;
3056       case 4: I = {4, false, {{CHECK8, X86::PUSH32i8}, {NOCHECK, X86::PUSHi32}}}; break;
3057       case 8: I = {8, false, {{CHECK8, X86::PUSH64i8},
3058                               {CHECK32, X86::PUSH64i32},
3059                               {NOCHECK, Inst.getOpcode()}}}; break;
3060       default: return false;
3061       }
3062       break;
3063     }
3064 
3065     // MOV
3066     case X86::MOV8rr:       I = {1, false, {{NOCHECK, X86::MOV8ri}}}; break;
3067     case X86::MOV16rr:      I = {2, false, {{NOCHECK, X86::MOV16ri}}}; break;
3068     case X86::MOV32rr:      I = {4, false, {{NOCHECK, X86::MOV32ri}}}; break;
3069     case X86::MOV64rr:      I = {8, false, {{CHECK32, X86::MOV64ri32},
3070                                             {NOCHECK, X86::MOV64ri}}}; break;
3071 
3072     case X86::MOV8mr:       I = {1, false, {{NOCHECK, X86::MOV8mi}}}; break;
3073     case X86::MOV16mr:      I = {2, false, {{NOCHECK, X86::MOV16mi}}}; break;
3074     case X86::MOV32mr:      I = {4, false, {{NOCHECK, X86::MOV32mi}}}; break;
3075     case X86::MOV64mr:      I = {8, false, {{CHECK32, X86::MOV64mi32},
3076                                             {NOCHECK, X86::MOV64mr}}}; break;
3077 
3078     // MOVZX
3079     case X86::MOVZX16rr8:   I = {1, false, {{NOCHECK, X86::MOV16ri}}}; break;
3080     case X86::MOVZX32rr8:   I = {1, false, {{NOCHECK, X86::MOV32ri}}}; break;
3081     case X86::MOVZX32rr16:  I = {2, false, {{NOCHECK, X86::MOV32ri}}}; break;
3082 
3083     // CMP
3084     case X86::CMP8rr:       I = {1, false, {{NOCHECK, X86::CMP8ri}}}; break;
3085     case X86::CMP16rr:      I = {2, false, {{CHECK8, X86::CMP16ri8},
3086                                             {NOCHECK, X86::CMP16ri}}}; break;
3087     case X86::CMP32rr:      I = {4, false, {{CHECK8, X86::CMP32ri8},
3088                                             {NOCHECK, X86::CMP32ri}}}; break;
3089     case X86::CMP64rr:      I = {8, false, {{CHECK8, X86::CMP64ri8},
3090                                             {CHECK32, X86::CMP64ri32},
3091                                             {NOCHECK, X86::CMP64rr}}}; break;
3092 
3093     // TEST
3094     case X86::TEST8rr:      I = {1, false, {{NOCHECK, X86::TEST8ri}}}; break;
3095     case X86::TEST16rr:     I = {2, false, {{NOCHECK, X86::TEST16ri}}}; break;
3096     case X86::TEST32rr:     I = {4, false, {{NOCHECK, X86::TEST32ri}}}; break;
3097     case X86::TEST64rr:     I = {8, false, {{CHECK32, X86::TEST64ri32},
3098                                             {NOCHECK, X86::TEST64rr}}}; break;
3099 
3100     // ADD
3101     case X86::ADD8rr:       I = {1, true, {{NOCHECK, X86::ADD8ri}}}; break;
3102     case X86::ADD16rr:      I = {2, true, {{CHECK8, X86::ADD16ri8},
3103                                            {NOCHECK, X86::ADD16ri}}}; break;
3104     case X86::ADD32rr:      I = {4, true, {{CHECK8, X86::ADD32ri8},
3105                                            {NOCHECK, X86::ADD32ri}}}; break;
3106     case X86::ADD64rr:      I = {8, true, {{CHECK8, X86::ADD64ri8},
3107                                            {CHECK32, X86::ADD64ri32},
3108                                            {NOCHECK, X86::ADD64rr}}}; break;
3109 
3110     // SUB
3111     case X86::SUB8rr:       I = {1, true, {{NOCHECK, X86::SUB8ri}}}; break;
3112     case X86::SUB16rr:      I = {2, true, {{CHECK8, X86::SUB16ri8},
3113                                            {NOCHECK, X86::SUB16ri}}}; break;
3114     case X86::SUB32rr:      I = {4, true, {{CHECK8, X86::SUB32ri8},
3115                                            {NOCHECK, X86::SUB32ri}}}; break;
3116     case X86::SUB64rr:      I = {8, true, {{CHECK8, X86::SUB64ri8},
3117                                            {CHECK32, X86::SUB64ri32},
3118                                            {NOCHECK, X86::SUB64rr}}}; break;
3119 
3120     // AND
3121     case X86::AND8rr:       I = {1, true, {{NOCHECK, X86::AND8ri}}}; break;
3122     case X86::AND16rr:      I = {2, true, {{CHECK8, X86::AND16ri8},
3123                                            {NOCHECK, X86::AND16ri}}}; break;
3124     case X86::AND32rr:      I = {4, true, {{CHECK8, X86::AND32ri8},
3125                                            {NOCHECK, X86::AND32ri}}}; break;
3126     case X86::AND64rr:      I = {8, true, {{CHECK8, X86::AND64ri8},
3127                                            {CHECK32, X86::AND64ri32},
3128                                            {NOCHECK, X86::AND64rr}}}; break;
3129 
3130     // OR
3131     case X86::OR8rr:        I = {1, true, {{NOCHECK, X86::OR8ri}}}; break;
3132     case X86::OR16rr:       I = {2, true, {{CHECK8, X86::OR16ri8},
3133                                            {NOCHECK, X86::OR16ri}}}; break;
3134     case X86::OR32rr:       I = {4, true, {{CHECK8, X86::OR32ri8},
3135                                            {NOCHECK, X86::OR32ri}}}; break;
3136     case X86::OR64rr:       I = {8, true, {{CHECK8, X86::OR64ri8},
3137                                            {CHECK32, X86::OR64ri32},
3138                                            {NOCHECK, X86::OR64rr}}}; break;
3139 
3140     // XOR
3141     case X86::XOR8rr:       I = {1, true, {{NOCHECK, X86::XOR8ri}}}; break;
3142     case X86::XOR16rr:      I = {2, true, {{CHECK8, X86::XOR16ri8},
3143                                            {NOCHECK, X86::XOR16ri}}}; break;
3144     case X86::XOR32rr:      I = {4, true, {{CHECK8, X86::XOR32ri8},
3145                                            {NOCHECK, X86::XOR32ri}}}; break;
3146     case X86::XOR64rr:      I = {8, true, {{CHECK8, X86::XOR64ri8},
3147                                            {CHECK32, X86::XOR64ri32},
3148                                            {NOCHECK, X86::XOR64rr}}}; break;
3149     }
3150 
3151     // Compute the new opcode.
3152     unsigned NewOpcode = 0;
3153     for (const std::pair<CheckSignExt, unsigned> &Check : I.Checks) {
3154       NewOpcode = Check.second;
3155       if (Check.first == NOCHECK)
3156         break;
3157       if (Check.first == CHECK8 && Imm >= std::numeric_limits<int8_t>::min() &&
3158           Imm <= std::numeric_limits<int8_t>::max())
3159         break;
3160       if (Check.first == CHECK32 &&
3161           Imm >= std::numeric_limits<int32_t>::min() &&
3162           Imm <= std::numeric_limits<int32_t>::max())
3163         break;
3164     }
3165     if (NewOpcode == Inst.getOpcode())
3166       return false;
3167 
3168     const MCInstrDesc &InstDesc = Info->get(Inst.getOpcode());
3169 
3170     unsigned NumFound = 0;
3171     for (unsigned Index = InstDesc.getNumDefs() + (I.HasLHS ? 1 : 0),
3172                   E = InstDesc.getNumOperands(); Index != E; ++Index) {
3173       if (Inst.getOperand(Index).isReg() &&
3174           Inst.getOperand(Index).getReg() == Register)
3175         NumFound++;
3176     }
3177 
3178     if (NumFound != 1)
3179       return false;
3180 
3181     // Iterate backwards to replace the src register before the src/dest
3182     // register as in AND, ADD, and SUB Only iterate through src operands that
3183     // arent also dest operands
3184     for (unsigned Index = InstDesc.getNumOperands() - 1,
3185                   E = InstDesc.getNumDefs() + (I.HasLHS ? 0 : -1);
3186          Index != E; --Index) {
3187       if (!Inst.getOperand(Index).isReg() ||
3188           Inst.getOperand(Index).getReg() != Register)
3189         continue;
3190       MCOperand NewOperand = MCOperand::createImm(Imm);
3191       Inst.getOperand(Index) = NewOperand;
3192       break;
3193     }
3194 
3195     Inst.setOpcode(NewOpcode);
3196 
3197     return true;
3198   }
3199 
3200   bool replaceRegWithReg(MCInst &Inst, unsigned ToReplace,
3201                          unsigned ReplaceWith) const override {
3202 
3203     // Get the HasLHS value so that iteration can be done
3204     bool HasLHS;
3205     if (isAND(Inst.getOpcode()) || isADD(Inst.getOpcode()) || isSUB(Inst)) {
3206       HasLHS = true;
3207     } else if (isPop(Inst) || isPush(Inst) || isCMP(Inst.getOpcode()) ||
3208                isTEST(Inst.getOpcode())) {
3209       HasLHS = false;
3210     } else {
3211       switch (Inst.getOpcode()) {
3212       case X86::MOV8rr:
3213       case X86::MOV8rm:
3214       case X86::MOV8mr:
3215       case X86::MOV8ri:
3216       case X86::MOV16rr:
3217       case X86::MOV16rm:
3218       case X86::MOV16mr:
3219       case X86::MOV16ri:
3220       case X86::MOV32rr:
3221       case X86::MOV32rm:
3222       case X86::MOV32mr:
3223       case X86::MOV32ri:
3224       case X86::MOV64rr:
3225       case X86::MOV64rm:
3226       case X86::MOV64mr:
3227       case X86::MOV64ri:
3228       case X86::MOVZX16rr8:
3229       case X86::MOVZX32rr8:
3230       case X86::MOVZX32rr16:
3231       case X86::MOVSX32rm8:
3232       case X86::MOVSX32rr8:
3233       case X86::MOVSX64rm32:
3234       case X86::LEA64r:
3235         HasLHS = false;
3236         break;
3237       default:
3238         return false;
3239       }
3240     }
3241 
3242     const MCInstrDesc &InstDesc = Info->get(Inst.getOpcode());
3243 
3244     bool FoundOne = false;
3245 
3246     // Iterate only through src operands that arent also dest operands
3247     for (unsigned Index = InstDesc.getNumDefs() + (HasLHS ? 1 : 0),
3248                   E = InstDesc.getNumOperands();
3249          Index != E; ++Index) {
3250       BitVector RegAliases = getAliases(ToReplace, true);
3251       if (!Inst.getOperand(Index).isReg() ||
3252           !RegAliases.test(Inst.getOperand(Index).getReg()))
3253         continue;
3254       // Resize register if needed
3255       unsigned SizedReplaceWith = getAliasSized(
3256           ReplaceWith, getRegSize(Inst.getOperand(Index).getReg()));
3257       MCOperand NewOperand = MCOperand::createReg(SizedReplaceWith);
3258       Inst.getOperand(Index) = NewOperand;
3259       FoundOne = true;
3260     }
3261 
3262     // Return true if at least one operand was replaced
3263     return FoundOne;
3264   }
3265 
3266   bool createUncondBranch(MCInst &Inst, const MCSymbol *TBB,
3267                           MCContext *Ctx) const override {
3268     Inst.setOpcode(X86::JMP_1);
3269     Inst.addOperand(MCOperand::createExpr(
3270         MCSymbolRefExpr::create(TBB, MCSymbolRefExpr::VK_None, *Ctx)));
3271     return true;
3272   }
3273 
3274   bool createCall(MCInst &Inst, const MCSymbol *Target,
3275                   MCContext *Ctx) override {
3276     Inst.setOpcode(X86::CALL64pcrel32);
3277     Inst.addOperand(MCOperand::createExpr(
3278         MCSymbolRefExpr::create(Target, MCSymbolRefExpr::VK_None, *Ctx)));
3279     return true;
3280   }
3281 
3282   bool createIndirectCall(MCInst &Inst, const MCSymbol *TargetLocation,
3283                           MCContext *Ctx, bool IsTailCall) override {
3284     Inst.setOpcode(IsTailCall ? X86::JMP32m : X86::CALL64m);
3285     Inst.addOperand(MCOperand::createReg(X86::RIP));        // BaseReg
3286     Inst.addOperand(MCOperand::createImm(1));               // ScaleAmt
3287     Inst.addOperand(MCOperand::createReg(X86::NoRegister)); // IndexReg
3288     Inst.addOperand(MCOperand::createExpr(                  // Displacement
3289         MCSymbolRefExpr::create(TargetLocation, MCSymbolRefExpr::VK_None,
3290                                 *Ctx)));
3291     Inst.addOperand(MCOperand::createReg(X86::NoRegister)); // AddrSegmentReg
3292     if (IsTailCall)
3293       setTailCall(Inst);
3294     return true;
3295   }
3296 
3297   bool createTailCall(MCInst &Inst, const MCSymbol *Target,
3298                       MCContext *Ctx) override {
3299     return createDirectCall(Inst, Target, Ctx, /*IsTailCall*/ true);
3300   }
3301 
3302   void createLongTailCall(std::vector<MCInst> &Seq, const MCSymbol *Target,
3303                           MCContext *Ctx) override {
3304     Seq.clear();
3305     Seq.emplace_back();
3306     createDirectCall(Seq.back(), Target, Ctx, /*IsTailCall*/ true);
3307   }
3308 
3309   bool createTrap(MCInst &Inst) const override {
3310     Inst.clear();
3311     Inst.setOpcode(X86::TRAP);
3312     return true;
3313   }
3314 
3315   bool reverseBranchCondition(MCInst &Inst, const MCSymbol *TBB,
3316                               MCContext *Ctx) const override {
3317     unsigned InvCC = getInvertedCondCode(getCondCode(Inst));
3318     assert(InvCC != X86::COND_INVALID && "invalid branch instruction");
3319     Inst.getOperand(Info->get(Inst.getOpcode()).NumOperands - 1).setImm(InvCC);
3320     Inst.getOperand(0) = MCOperand::createExpr(
3321         MCSymbolRefExpr::create(TBB, MCSymbolRefExpr::VK_None, *Ctx));
3322     return true;
3323   }
3324 
3325   bool replaceBranchCondition(MCInst &Inst, const MCSymbol *TBB, MCContext *Ctx,
3326                               unsigned CC) const override {
3327     if (CC == X86::COND_INVALID)
3328       return false;
3329     Inst.getOperand(Info->get(Inst.getOpcode()).NumOperands - 1).setImm(CC);
3330     Inst.getOperand(0) = MCOperand::createExpr(
3331         MCSymbolRefExpr::create(TBB, MCSymbolRefExpr::VK_None, *Ctx));
3332     return true;
3333   }
3334 
3335   unsigned getCanonicalBranchCondCode(unsigned CC) const override {
3336     switch (CC) {
3337     default:           return X86::COND_INVALID;
3338 
3339     case X86::COND_E:  return X86::COND_E;
3340     case X86::COND_NE: return X86::COND_E;
3341 
3342     case X86::COND_L:  return X86::COND_L;
3343     case X86::COND_GE: return X86::COND_L;
3344 
3345     case X86::COND_LE: return X86::COND_G;
3346     case X86::COND_G:  return X86::COND_G;
3347 
3348     case X86::COND_B:  return X86::COND_B;
3349     case X86::COND_AE: return X86::COND_B;
3350 
3351     case X86::COND_BE: return X86::COND_A;
3352     case X86::COND_A:  return X86::COND_A;
3353 
3354     case X86::COND_S:  return X86::COND_S;
3355     case X86::COND_NS: return X86::COND_S;
3356 
3357     case X86::COND_P:  return X86::COND_P;
3358     case X86::COND_NP: return X86::COND_P;
3359 
3360     case X86::COND_O:  return X86::COND_O;
3361     case X86::COND_NO: return X86::COND_O;
3362     }
3363   }
3364 
3365   bool replaceBranchTarget(MCInst &Inst, const MCSymbol *TBB,
3366                            MCContext *Ctx) const override {
3367     assert((isCall(Inst) || isBranch(Inst)) && !isIndirectBranch(Inst) &&
3368            "Invalid instruction");
3369     Inst.getOperand(0) = MCOperand::createExpr(
3370         MCSymbolRefExpr::create(TBB, MCSymbolRefExpr::VK_None, *Ctx));
3371     return true;
3372   }
3373 
3374   MCPhysReg getX86R11() const override {
3375     return X86::R11;
3376   }
3377 
3378   MCPhysReg getNoRegister() const override {
3379     return X86::NoRegister;
3380   }
3381 
3382   MCPhysReg getIntArgRegister(unsigned ArgNo) const override {
3383     // FIXME: this should depend on the calling convention.
3384     switch (ArgNo) {
3385     case 0:   return X86::RDI;
3386     case 1:   return X86::RSI;
3387     case 2:   return X86::RDX;
3388     case 3:   return X86::RCX;
3389     case 4:   return X86::R8;
3390     case 5:   return X86::R9;
3391     default:  return getNoRegister();
3392     }
3393   }
3394 
3395   void createPause(MCInst &Inst) const override {
3396     Inst.clear();
3397     Inst.setOpcode(X86::PAUSE);
3398   }
3399 
3400   void createLfence(MCInst &Inst) const override {
3401     Inst.clear();
3402     Inst.setOpcode(X86::LFENCE);
3403   }
3404 
3405   bool createDirectCall(MCInst &Inst, const MCSymbol *Target, MCContext *Ctx,
3406                         bool IsTailCall) override {
3407     Inst.clear();
3408     Inst.setOpcode(IsTailCall ? X86::JMP_4 : X86::CALL64pcrel32);
3409     Inst.addOperand(MCOperand::createExpr(
3410         MCSymbolRefExpr::create(Target, MCSymbolRefExpr::VK_None, *Ctx)));
3411     if (IsTailCall)
3412       setTailCall(Inst);
3413     return true;
3414   }
3415 
3416   void createShortJmp(std::vector<MCInst> &Seq, const MCSymbol *Target,
3417                       MCContext *Ctx, bool IsTailCall) override {
3418     Seq.clear();
3419     MCInst Inst;
3420     Inst.setOpcode(X86::JMP_1);
3421     Inst.addOperand(MCOperand::createExpr(
3422         MCSymbolRefExpr::create(Target, MCSymbolRefExpr::VK_None, *Ctx)));
3423     if (IsTailCall)
3424       setTailCall(Inst);
3425     Seq.emplace_back(Inst);
3426   }
3427 
3428   bool isConditionalMove(const MCInst &Inst) const override {
3429     unsigned OpCode = Inst.getOpcode();
3430     return (OpCode == X86::CMOV16rr || OpCode == X86::CMOV32rr ||
3431             OpCode == X86::CMOV64rr);
3432   }
3433 
3434   bool isBranchOnMem(const MCInst &Inst) const override {
3435     unsigned OpCode = Inst.getOpcode();
3436     if (OpCode == X86::CALL64m || (OpCode == X86::JMP32m && isTailCall(Inst)) ||
3437         OpCode == X86::JMP64m)
3438       return true;
3439 
3440     return false;
3441   }
3442 
3443   bool isBranchOnReg(const MCInst &Inst) const override {
3444     unsigned OpCode = Inst.getOpcode();
3445     if (OpCode == X86::CALL64r || (OpCode == X86::JMP32r && isTailCall(Inst)) ||
3446         OpCode == X86::JMP64r)
3447       return true;
3448 
3449     return false;
3450   }
3451 
3452   void createPushRegister(MCInst &Inst, MCPhysReg Reg,
3453                           unsigned Size) const override {
3454     Inst.clear();
3455     unsigned NewOpcode = 0;
3456     if (Reg == X86::EFLAGS) {
3457       switch (Size) {
3458       case 2: NewOpcode = X86::PUSHF16;  break;
3459       case 4: NewOpcode = X86::PUSHF32;  break;
3460       case 8: NewOpcode = X86::PUSHF64;  break;
3461       default:
3462         assert(false);
3463       }
3464       Inst.setOpcode(NewOpcode);
3465       return;
3466     }
3467     switch (Size) {
3468     case 2: NewOpcode = X86::PUSH16r;  break;
3469     case 4: NewOpcode = X86::PUSH32r;  break;
3470     case 8: NewOpcode = X86::PUSH64r;  break;
3471     default:
3472       assert(false);
3473     }
3474     Inst.setOpcode(NewOpcode);
3475     Inst.addOperand(MCOperand::createReg(Reg));
3476   }
3477 
3478   void createPopRegister(MCInst &Inst, MCPhysReg Reg,
3479                          unsigned Size) const override {
3480     Inst.clear();
3481     unsigned NewOpcode = 0;
3482     if (Reg == X86::EFLAGS) {
3483       switch (Size) {
3484       case 2: NewOpcode = X86::POPF16;  break;
3485       case 4: NewOpcode = X86::POPF32;  break;
3486       case 8: NewOpcode = X86::POPF64;  break;
3487       default:
3488         assert(false);
3489       }
3490       Inst.setOpcode(NewOpcode);
3491       return;
3492     }
3493     switch (Size) {
3494     case 2: NewOpcode = X86::POP16r;  break;
3495     case 4: NewOpcode = X86::POP32r;  break;
3496     case 8: NewOpcode = X86::POP64r;  break;
3497     default:
3498       assert(false);
3499     }
3500     Inst.setOpcode(NewOpcode);
3501     Inst.addOperand(MCOperand::createReg(Reg));
3502   }
3503 
3504   void createPushFlags(MCInst &Inst, unsigned Size) const override {
3505     return createPushRegister(Inst, X86::EFLAGS, Size);
3506   }
3507 
3508   void createPopFlags(MCInst &Inst, unsigned Size) const override {
3509     return createPopRegister(Inst, X86::EFLAGS, Size);
3510   }
3511 
3512   void createAddRegImm(MCInst &Inst, MCPhysReg Reg, int64_t Value,
3513                        unsigned Size) const {
3514     unsigned int Opcode;
3515     switch (Size) {
3516     case 1: Opcode = X86::ADD8ri; break;
3517     case 2: Opcode = X86::ADD16ri; break;
3518     case 4: Opcode = X86::ADD32ri; break;
3519     default:
3520       llvm_unreachable("Unexpected size");
3521     }
3522     Inst.setOpcode(Opcode);
3523     Inst.clear();
3524     Inst.addOperand(MCOperand::createReg(Reg));
3525     Inst.addOperand(MCOperand::createReg(Reg));
3526     Inst.addOperand(MCOperand::createImm(Value));
3527   }
3528 
3529   void createClearRegWithNoEFlagsUpdate(MCInst &Inst, MCPhysReg Reg,
3530                                         unsigned Size) const {
3531     unsigned int Opcode;
3532     switch (Size) {
3533     case 1: Opcode = X86::MOV8ri; break;
3534     case 2: Opcode = X86::MOV16ri; break;
3535     case 4: Opcode = X86::MOV32ri; break;
3536     case 8: Opcode = X86::MOV64ri; break;
3537     default:
3538       llvm_unreachable("Unexpected size");
3539     }
3540     Inst.setOpcode(Opcode);
3541     Inst.clear();
3542     Inst.addOperand(MCOperand::createReg(Reg));
3543     Inst.addOperand(MCOperand::createImm(0));
3544   }
3545 
3546   void createX86SaveOVFlagToRegister(MCInst &Inst, MCPhysReg Reg) const {
3547     Inst.setOpcode(X86::SETCCr);
3548     Inst.clear();
3549     Inst.addOperand(MCOperand::createReg(Reg));
3550     Inst.addOperand(MCOperand::createImm(X86::COND_O));
3551   }
3552 
3553   void createX86Lahf(MCInst &Inst) const {
3554     Inst.setOpcode(X86::LAHF);
3555     Inst.clear();
3556   }
3557 
3558   void createX86Sahf(MCInst &Inst) const {
3559     Inst.setOpcode(X86::SAHF);
3560     Inst.clear();
3561   }
3562 
3563   void createInstrIncMemory(std::vector<MCInst> &Instrs, const MCSymbol *Target,
3564                             MCContext *Ctx, bool IsLeaf) const override {
3565     unsigned int I = 0;
3566 
3567     Instrs.resize(IsLeaf ? 13 : 11);
3568     // Don't clobber application red zone (ABI dependent)
3569     if (IsLeaf)
3570       createStackPointerIncrement(Instrs[I++], 128,
3571                                   /*NoFlagsClobber=*/true);
3572 
3573     // Performance improvements based on the optimization discussed at
3574     // https://reviews.llvm.org/D6629
3575     // LAHF/SAHF are used instead of PUSHF/POPF
3576     // PUSHF
3577     createPushRegister(Instrs[I++], X86::RAX, 8);
3578     createClearRegWithNoEFlagsUpdate(Instrs[I++], X86::RAX, 8);
3579     createX86Lahf(Instrs[I++]);
3580     createPushRegister(Instrs[I++], X86::RAX, 8);
3581     createClearRegWithNoEFlagsUpdate(Instrs[I++], X86::RAX, 8);
3582     createX86SaveOVFlagToRegister(Instrs[I++], X86::AL);
3583     // LOCK INC
3584     createIncMemory(Instrs[I++], Target, Ctx);
3585     // POPF
3586     createAddRegImm(Instrs[I++], X86::AL, 127, 1);
3587     createPopRegister(Instrs[I++], X86::RAX, 8);
3588     createX86Sahf(Instrs[I++]);
3589     createPopRegister(Instrs[I++], X86::RAX, 8);
3590 
3591     if (IsLeaf)
3592       createStackPointerDecrement(Instrs[I], 128,
3593                                   /*NoFlagsClobber=*/true);
3594   }
3595 
3596   void createSwap(MCInst &Inst, MCPhysReg Source, MCPhysReg MemBaseReg,
3597                   int64_t Disp) const {
3598     Inst.setOpcode(X86::XCHG64rm);
3599     Inst.addOperand(MCOperand::createReg(Source));
3600     Inst.addOperand(MCOperand::createReg(Source));
3601     Inst.addOperand(MCOperand::createReg(MemBaseReg));      // BaseReg
3602     Inst.addOperand(MCOperand::createImm(1));               // ScaleAmt
3603     Inst.addOperand(MCOperand::createReg(X86::NoRegister)); // IndexReg
3604     Inst.addOperand(MCOperand::createImm(Disp));            // Displacement
3605     Inst.addOperand(MCOperand::createReg(X86::NoRegister));//AddrSegmentReg
3606   }
3607 
3608   void createIndirectBranch(MCInst &Inst, MCPhysReg MemBaseReg,
3609                             int64_t Disp) const {
3610     Inst.setOpcode(X86::JMP64m);
3611     Inst.addOperand(MCOperand::createReg(MemBaseReg));      // BaseReg
3612     Inst.addOperand(MCOperand::createImm(1));               // ScaleAmt
3613     Inst.addOperand(MCOperand::createReg(X86::NoRegister)); // IndexReg
3614     Inst.addOperand(MCOperand::createImm(Disp));            // Displacement
3615     Inst.addOperand(MCOperand::createReg(X86::NoRegister)); // AddrSegmentReg
3616   }
3617 
3618   std::vector<MCInst>
3619   createInstrumentedIndirectCall(const MCInst &CallInst, bool TailCall,
3620                                  MCSymbol *HandlerFuncAddr, int CallSiteID,
3621                                  MCContext *Ctx) override {
3622     // Check if the target address expression used in the original indirect call
3623     // uses the stack pointer, which we are going to clobber.
3624     static BitVector SPAliases(getAliases(X86::RSP));
3625     bool UsesSP = false;
3626     // Skip defs.
3627     for (unsigned I = Info->get(CallInst.getOpcode()).getNumDefs(),
3628          E = MCPlus::getNumPrimeOperands(CallInst); I != E; ++I) {
3629       const MCOperand &Operand = CallInst.getOperand(I);
3630       if (Operand.isReg() && SPAliases[Operand.getReg()]) {
3631         UsesSP = true;
3632         break;
3633       }
3634     }
3635 
3636     std::vector<MCInst> Insts;
3637     MCPhysReg TempReg = getIntArgRegister(0);
3638     // Code sequence used to enter indirect call instrumentation helper:
3639     //   push %rdi
3640     //   add $8, %rsp       ;; $rsp may be used in target, so fix it to prev val
3641     //   movq target, %rdi  ;; via convertIndirectCallTargetToLoad
3642     //   sub $8, %rsp       ;; restore correct stack value
3643     //   push %rdi
3644     //   movq $CallSiteID, %rdi
3645     //   push %rdi
3646     //   callq/jmp HandlerFuncAddr
3647     Insts.emplace_back();
3648     createPushRegister(Insts.back(), TempReg, 8);
3649     if (UsesSP) { // Only adjust SP if we really need to
3650       Insts.emplace_back();
3651       createStackPointerDecrement(Insts.back(), 8, /*NoFlagsClobber=*/false);
3652     }
3653     Insts.emplace_back(CallInst);
3654     // Insts.back() and CallInst now share the same annotation instruction.
3655     // Strip it from Insts.back(), only preserving tail call annotation.
3656     stripAnnotations(Insts.back(), /*KeepTC=*/true);
3657     convertIndirectCallToLoad(Insts.back(), TempReg);
3658     if (UsesSP) {
3659       Insts.emplace_back();
3660       createStackPointerIncrement(Insts.back(), 8, /*NoFlagsClobber=*/false);
3661     }
3662     Insts.emplace_back();
3663     createPushRegister(Insts.back(), TempReg, 8);
3664     Insts.emplace_back();
3665     createLoadImmediate(Insts.back(), TempReg, CallSiteID);
3666     Insts.emplace_back();
3667     createPushRegister(Insts.back(), TempReg, 8);
3668     Insts.emplace_back();
3669     createDirectCall(Insts.back(), HandlerFuncAddr, Ctx,
3670                      /*TailCall=*/TailCall);
3671     // Carry over metadata
3672     for (int I = MCPlus::getNumPrimeOperands(CallInst),
3673              E = CallInst.getNumOperands();
3674          I != E; ++I) {
3675       Insts.back().addOperand(CallInst.getOperand(I));
3676     }
3677     return Insts;
3678   }
3679 
3680   std::vector<MCInst> createInstrumentedIndCallHandlerExitBB() const override {
3681     const MCPhysReg TempReg = getIntArgRegister(0);
3682     // We just need to undo the sequence created for every ind call in
3683     // instrumentIndirectTarget(), which can be accomplished minimally with:
3684     //   popfq
3685     //   pop %rdi
3686     //   add $16, %rsp
3687     //   xchg (%rsp), %rdi
3688     //   jmp *-8(%rsp)
3689     std::vector<MCInst> Insts(5);
3690     createPopFlags(Insts[0], 8);
3691     createPopRegister(Insts[1], TempReg, 8);
3692     createStackPointerDecrement(Insts[2], 16, /*NoFlagsClobber=*/false);
3693     createSwap(Insts[3], TempReg, X86::RSP, 0);
3694     createIndirectBranch(Insts[4], X86::RSP, -8);
3695     return Insts;
3696   }
3697 
3698   std::vector<MCInst>
3699   createInstrumentedIndTailCallHandlerExitBB() const override {
3700     const MCPhysReg TempReg = getIntArgRegister(0);
3701     // Same thing as above, but for tail calls
3702     //   popfq
3703     //   add $16, %rsp
3704     //   pop %rdi
3705     //   jmp *-16(%rsp)
3706     std::vector<MCInst> Insts(4);
3707     createPopFlags(Insts[0], 8);
3708     createStackPointerDecrement(Insts[1], 16, /*NoFlagsClobber=*/false);
3709     createPopRegister(Insts[2], TempReg, 8);
3710     createIndirectBranch(Insts[3], X86::RSP, -16);
3711     return Insts;
3712   }
3713 
3714   std::vector<MCInst>
3715   createInstrumentedIndCallHandlerEntryBB(const MCSymbol *InstrTrampoline,
3716                                           const MCSymbol *IndCallHandler,
3717                                           MCContext *Ctx) override {
3718     const MCPhysReg TempReg = getIntArgRegister(0);
3719     // Code sequence used to check whether InstrTampoline was initialized
3720     // and call it if so, returns via IndCallHandler.
3721     //   pushfq
3722     //   mov    InstrTrampoline,%rdi
3723     //   cmp    $0x0,%rdi
3724     //   je     IndCallHandler
3725     //   callq  *%rdi
3726     //   jmpq   IndCallHandler
3727     std::vector<MCInst> Insts;
3728     Insts.emplace_back();
3729     createPushFlags(Insts.back(), 8);
3730     Insts.emplace_back();
3731     createMove(Insts.back(), InstrTrampoline, TempReg, Ctx);
3732     std::vector<MCInst> cmpJmp = createCmpJE(TempReg, 0, IndCallHandler, Ctx);
3733     Insts.insert(Insts.end(), cmpJmp.begin(), cmpJmp.end());
3734     Insts.emplace_back();
3735     Insts.back().setOpcode(X86::CALL64r);
3736     Insts.back().addOperand(MCOperand::createReg(TempReg));
3737     Insts.emplace_back();
3738     createDirectCall(Insts.back(), IndCallHandler, Ctx, /*IsTailCall*/ true);
3739     return Insts;
3740   }
3741 
3742   std::vector<MCInst> createNumCountersGetter(MCContext *Ctx) const override {
3743     std::vector<MCInst> Insts(2);
3744     MCSymbol *NumLocs = Ctx->getOrCreateSymbol("__bolt_num_counters");
3745     createMove(Insts[0], NumLocs, X86::EAX, Ctx);
3746     createReturn(Insts[1]);
3747     return Insts;
3748   }
3749 
3750   std::vector<MCInst>
3751   createInstrLocationsGetter(MCContext *Ctx) const override {
3752     std::vector<MCInst> Insts(2);
3753     MCSymbol *Locs = Ctx->getOrCreateSymbol("__bolt_instr_locations");
3754     createLea(Insts[0], Locs, X86::EAX, Ctx);
3755     createReturn(Insts[1]);
3756     return Insts;
3757   }
3758 
3759   std::vector<MCInst> createInstrTablesGetter(MCContext *Ctx) const override {
3760     std::vector<MCInst> Insts(2);
3761     MCSymbol *Locs = Ctx->getOrCreateSymbol("__bolt_instr_tables");
3762     createLea(Insts[0], Locs, X86::EAX, Ctx);
3763     createReturn(Insts[1]);
3764     return Insts;
3765   }
3766 
3767   std::vector<MCInst> createInstrNumFuncsGetter(MCContext *Ctx) const override {
3768     std::vector<MCInst> Insts(2);
3769     MCSymbol *NumFuncs = Ctx->getOrCreateSymbol("__bolt_instr_num_funcs");
3770     createMove(Insts[0], NumFuncs, X86::EAX, Ctx);
3771     createReturn(Insts[1]);
3772     return Insts;
3773   }
3774 
3775   std::vector<MCInst> createSymbolTrampoline(const MCSymbol *TgtSym,
3776                                              MCContext *Ctx) const override {
3777     std::vector<MCInst> Insts(1);
3778     createUncondBranch(Insts[0], TgtSym, Ctx);
3779     return Insts;
3780   }
3781 
3782   std::vector<MCInst> createDummyReturnFunction(MCContext *Ctx) const override {
3783     std::vector<MCInst> Insts(1);
3784     createReturn(Insts[0]);
3785     return Insts;
3786   }
3787 
3788   BlocksVectorTy indirectCallPromotion(
3789     const MCInst &CallInst,
3790     const std::vector<std::pair<MCSymbol *, uint64_t>> &Targets,
3791     const std::vector<std::pair<MCSymbol *, uint64_t>> &VtableSyms,
3792     const std::vector<MCInst *> &MethodFetchInsns,
3793     const bool MinimizeCodeSize,
3794     MCContext *Ctx
3795   ) override {
3796     const bool IsTailCall = isTailCall(CallInst);
3797     const bool IsJumpTable = getJumpTable(CallInst) != 0;
3798     BlocksVectorTy Results;
3799 
3800     // Label for the current code block.
3801     MCSymbol* NextTarget = nullptr;
3802 
3803     // The join block which contains all the instructions following CallInst.
3804     // MergeBlock remains null if CallInst is a tail call.
3805     MCSymbol* MergeBlock = nullptr;
3806 
3807     unsigned FuncAddrReg = X86::R10;
3808 
3809     const bool LoadElim = !VtableSyms.empty();
3810     assert((!LoadElim || VtableSyms.size() == Targets.size()) &&
3811            "There must be a vtable entry for every method "
3812            "in the targets vector.");
3813 
3814     if (MinimizeCodeSize && !LoadElim) {
3815       std::set<unsigned> UsedRegs;
3816 
3817       for (unsigned int I = 0; I < MCPlus::getNumPrimeOperands(CallInst); ++I) {
3818         const MCOperand &Op = CallInst.getOperand(I);
3819         if (Op.isReg()) {
3820           UsedRegs.insert(Op.getReg());
3821         }
3822       }
3823 
3824       if (UsedRegs.count(X86::R10) == 0)
3825         FuncAddrReg = X86::R10;
3826       else if (UsedRegs.count(X86::R11) == 0)
3827         FuncAddrReg = X86::R11;
3828       else
3829         return Results;
3830     }
3831 
3832     const auto jumpToMergeBlock = [&](std::vector<MCInst> &NewCall) {
3833       assert(MergeBlock);
3834       NewCall.push_back(CallInst);
3835       MCInst &Merge = NewCall.back();
3836       Merge.clear();
3837       createUncondBranch(Merge, MergeBlock, Ctx);
3838     };
3839 
3840     for (unsigned int i = 0; i < Targets.size(); ++i) {
3841       Results.emplace_back(NextTarget, std::vector<MCInst>());
3842       std::vector<MCInst>* NewCall = &Results.back().second;
3843 
3844       if (MinimizeCodeSize && !LoadElim) {
3845         // Load the call target into FuncAddrReg.
3846         NewCall->push_back(CallInst);  // Copy CallInst in order to get SMLoc
3847         MCInst &Target = NewCall->back();
3848         Target.clear();
3849         Target.setOpcode(X86::MOV64ri32);
3850         Target.addOperand(MCOperand::createReg(FuncAddrReg));
3851         if (Targets[i].first) {
3852           // Is this OK?
3853           Target.addOperand(
3854             MCOperand::createExpr(
3855               MCSymbolRefExpr::create(Targets[i].first,
3856                                       MCSymbolRefExpr::VK_None,
3857                                       *Ctx)));
3858         } else {
3859           const uint64_t Addr = Targets[i].second;
3860           // Immediate address is out of sign extended 32 bit range.
3861           if (int64_t(Addr) != int64_t(int32_t(Addr))) {
3862             return BlocksVectorTy();
3863           }
3864           Target.addOperand(MCOperand::createImm(Addr));
3865         }
3866 
3867         // Compare current call target to a specific address.
3868         NewCall->push_back(CallInst);
3869         MCInst &Compare = NewCall->back();
3870         Compare.clear();
3871         if (isBranchOnReg(CallInst)) {
3872           Compare.setOpcode(X86::CMP64rr);
3873         } else if (CallInst.getOpcode() == X86::CALL64pcrel32) {
3874           Compare.setOpcode(X86::CMP64ri32);
3875         } else {
3876           Compare.setOpcode(X86::CMP64rm);
3877         }
3878         Compare.addOperand(MCOperand::createReg(FuncAddrReg));
3879 
3880         // TODO: Would be preferable to only load this value once.
3881         for (unsigned i = 0;
3882              i < Info->get(CallInst.getOpcode()).getNumOperands();
3883              ++i) {
3884           if (!CallInst.getOperand(i).isInst())
3885             Compare.addOperand(CallInst.getOperand(i));
3886         }
3887       } else {
3888         // Compare current call target to a specific address.
3889         NewCall->push_back(CallInst);
3890         MCInst &Compare = NewCall->back();
3891         Compare.clear();
3892         if (isBranchOnReg(CallInst)) {
3893           Compare.setOpcode(X86::CMP64ri32);
3894         } else {
3895           Compare.setOpcode(X86::CMP64mi32);
3896         }
3897 
3898         // Original call address.
3899         for (unsigned i = 0;
3900              i < Info->get(CallInst.getOpcode()).getNumOperands();
3901              ++i) {
3902           if (!CallInst.getOperand(i).isInst())
3903             Compare.addOperand(CallInst.getOperand(i));
3904         }
3905 
3906         // Target address.
3907         if (Targets[i].first || LoadElim) {
3908           const MCSymbol *Sym =
3909               LoadElim ? VtableSyms[i].first : Targets[i].first;
3910           const uint64_t Addend = LoadElim ? VtableSyms[i].second : 0;
3911 
3912           const MCExpr *Expr = MCSymbolRefExpr::create(Sym, *Ctx);
3913 
3914           if (Addend) {
3915             Expr = MCBinaryExpr::createAdd(Expr,
3916                                            MCConstantExpr::create(Addend, *Ctx),
3917                                            *Ctx);
3918           }
3919 
3920           Compare.addOperand(MCOperand::createExpr(Expr));
3921         } else {
3922           const uint64_t Addr = Targets[i].second;
3923           // Immediate address is out of sign extended 32 bit range.
3924           if (int64_t(Addr) != int64_t(int32_t(Addr))) {
3925             return BlocksVectorTy();
3926           }
3927           Compare.addOperand(MCOperand::createImm(Addr));
3928         }
3929       }
3930 
3931       // jump to next target compare.
3932       NextTarget =
3933           Ctx->createNamedTempSymbol(); // generate label for the next block
3934       NewCall->push_back(CallInst);
3935 
3936       if (IsJumpTable) {
3937         MCInst &Je = NewCall->back();
3938 
3939         // Jump to next compare if target addresses don't match.
3940         Je.clear();
3941         Je.setOpcode(X86::JCC_1);
3942         if (Targets[i].first) {
3943           Je.addOperand(MCOperand::createExpr(
3944             MCSymbolRefExpr::create(Targets[i].first,
3945                                     MCSymbolRefExpr::VK_None,
3946                                     *Ctx)));
3947         } else {
3948           Je.addOperand(MCOperand::createImm(Targets[i].second));
3949         }
3950         Je.addOperand(MCOperand::createImm(X86::COND_E));
3951         assert(!isInvoke(CallInst));
3952       } else {
3953         MCInst &Jne = NewCall->back();
3954 
3955         // Jump to next compare if target addresses don't match.
3956         Jne.clear();
3957         Jne.setOpcode(X86::JCC_1);
3958         Jne.addOperand(MCOperand::createExpr(MCSymbolRefExpr::create(
3959             NextTarget, MCSymbolRefExpr::VK_None, *Ctx)));
3960         Jne.addOperand(MCOperand::createImm(X86::COND_NE));
3961 
3962         // Call specific target directly.
3963         Results.emplace_back(Ctx->createNamedTempSymbol(),
3964                              std::vector<MCInst>());
3965         NewCall = &Results.back().second;
3966         NewCall->push_back(CallInst);
3967         MCInst &CallOrJmp = NewCall->back();
3968 
3969         CallOrJmp.clear();
3970 
3971         if (MinimizeCodeSize && !LoadElim) {
3972           CallOrJmp.setOpcode(IsTailCall ? X86::JMP32r : X86::CALL64r);
3973           CallOrJmp.addOperand(MCOperand::createReg(FuncAddrReg));
3974         } else {
3975           CallOrJmp.setOpcode(IsTailCall ? X86::JMP_4 : X86::CALL64pcrel32);
3976 
3977           if (Targets[i].first) {
3978             CallOrJmp.addOperand(MCOperand::createExpr(MCSymbolRefExpr::create(
3979                 Targets[i].first, MCSymbolRefExpr::VK_None, *Ctx)));
3980           } else {
3981             CallOrJmp.addOperand(MCOperand::createImm(Targets[i].second));
3982           }
3983         }
3984         if (IsTailCall)
3985           setTailCall(CallOrJmp);
3986 
3987         if (CallOrJmp.getOpcode() == X86::CALL64r ||
3988             CallOrJmp.getOpcode() == X86::CALL64pcrel32) {
3989           if (hasAnnotation(CallInst, "Offset"))
3990             // Annotated as duplicated call
3991             addAnnotation(CallOrJmp, "Offset",
3992                           getAnnotationAs<uint32_t>(CallInst, "Offset"));
3993         }
3994 
3995         if (isInvoke(CallInst) && !isInvoke(CallOrJmp)) {
3996           // Copy over any EH or GNU args size information from the original
3997           // call.
3998           Optional<MCPlus::MCLandingPad> EHInfo = getEHInfo(CallInst);
3999           if (EHInfo)
4000             addEHInfo(CallOrJmp, *EHInfo);
4001           int64_t GnuArgsSize = getGnuArgsSize(CallInst);
4002           if (GnuArgsSize >= 0)
4003             addGnuArgsSize(CallOrJmp, GnuArgsSize);
4004         }
4005 
4006         if (!IsTailCall) {
4007           // The fallthrough block for the most common target should be
4008           // the merge block.
4009           if (i == 0) {
4010             // Fallthrough to merge block.
4011             MergeBlock = Ctx->createNamedTempSymbol();
4012           } else {
4013             // Insert jump to the merge block if we are not doing a fallthrough.
4014             jumpToMergeBlock(*NewCall);
4015           }
4016         }
4017       }
4018     }
4019 
4020     // Cold call block.
4021     Results.emplace_back(NextTarget, std::vector<MCInst>());
4022     std::vector<MCInst> &NewCall = Results.back().second;
4023     for (const MCInst *Inst : MethodFetchInsns) {
4024       if (Inst != &CallInst)
4025         NewCall.push_back(*Inst);
4026     }
4027     NewCall.push_back(CallInst);
4028 
4029     // Jump to merge block from cold call block
4030     if (!IsTailCall && !IsJumpTable) {
4031       jumpToMergeBlock(NewCall);
4032 
4033       // Record merge block
4034       Results.emplace_back(MergeBlock, std::vector<MCInst>());
4035     }
4036 
4037     return Results;
4038   }
4039 
4040   BlocksVectorTy jumpTablePromotion(
4041     const MCInst &IJmpInst,
4042     const std::vector<std::pair<MCSymbol *,uint64_t>> &Targets,
4043     const std::vector<MCInst *> &TargetFetchInsns,
4044     MCContext *Ctx
4045   ) const override {
4046     assert(getJumpTable(IJmpInst) != 0);
4047     uint16_t IndexReg = getAnnotationAs<uint16_t>(IJmpInst, "JTIndexReg");
4048     if (IndexReg == 0)
4049       return BlocksVectorTy();
4050 
4051     BlocksVectorTy Results;
4052 
4053     // Label for the current code block.
4054     MCSymbol* NextTarget = nullptr;
4055 
4056     for (unsigned int i = 0; i < Targets.size(); ++i) {
4057       Results.emplace_back(NextTarget, std::vector<MCInst>());
4058       std::vector<MCInst>* CurBB = &Results.back().second;
4059 
4060       // Compare current index to a specific index.
4061       CurBB->emplace_back(MCInst());
4062       MCInst &CompareInst = CurBB->back();
4063       CompareInst.setLoc(IJmpInst.getLoc());
4064       CompareInst.setOpcode(X86::CMP64ri32);
4065       CompareInst.addOperand(MCOperand::createReg(IndexReg));
4066 
4067       const uint64_t CaseIdx = Targets[i].second;
4068       // Immediate address is out of sign extended 32 bit range.
4069       if (int64_t(CaseIdx) != int64_t(int32_t(CaseIdx))) {
4070         return BlocksVectorTy();
4071       }
4072       CompareInst.addOperand(MCOperand::createImm(CaseIdx));
4073       shortenInstruction(CompareInst);
4074 
4075       // jump to next target compare.
4076       NextTarget =
4077           Ctx->createNamedTempSymbol(); // generate label for the next block
4078       CurBB->push_back(MCInst());
4079 
4080       MCInst &JEInst = CurBB->back();
4081       JEInst.setLoc(IJmpInst.getLoc());
4082 
4083       // Jump to target if indices match
4084       JEInst.setOpcode(X86::JCC_1);
4085       JEInst.addOperand(MCOperand::createExpr(MCSymbolRefExpr::create(
4086           Targets[i].first, MCSymbolRefExpr::VK_None, *Ctx)));
4087       JEInst.addOperand(MCOperand::createImm(X86::COND_E));
4088     }
4089 
4090     // Cold call block.
4091     Results.emplace_back(NextTarget, std::vector<MCInst>());
4092     std::vector<MCInst> &CurBB = Results.back().second;
4093     for (const MCInst *Inst : TargetFetchInsns) {
4094       if (Inst != &IJmpInst)
4095         CurBB.push_back(*Inst);
4096     }
4097     CurBB.push_back(IJmpInst);
4098 
4099     return Results;
4100   }
4101 
4102 private:
4103 
4104   bool createMove(MCInst &Inst, const MCSymbol *Src, unsigned Reg,
4105                   MCContext *Ctx) const {
4106     Inst.setOpcode(X86::MOV64rm);
4107     Inst.addOperand(MCOperand::createReg(Reg));
4108     Inst.addOperand(MCOperand::createReg(X86::RIP));        // BaseReg
4109     Inst.addOperand(MCOperand::createImm(1));               // ScaleAmt
4110     Inst.addOperand(MCOperand::createReg(X86::NoRegister)); // IndexReg
4111     Inst.addOperand(MCOperand::createExpr(
4112         MCSymbolRefExpr::create(Src, MCSymbolRefExpr::VK_None,
4113                                 *Ctx)));                    // Displacement
4114     Inst.addOperand(MCOperand::createReg(X86::NoRegister)); // AddrSegmentReg
4115 
4116     return true;
4117   }
4118 
4119   bool createLea(MCInst &Inst, const MCSymbol *Src, unsigned Reg,
4120                  MCContext *Ctx) const {
4121     Inst.setOpcode(X86::LEA64r);
4122     Inst.addOperand(MCOperand::createReg(Reg));
4123     Inst.addOperand(MCOperand::createReg(X86::RIP));        // BaseReg
4124     Inst.addOperand(MCOperand::createImm(1));               // ScaleAmt
4125     Inst.addOperand(MCOperand::createReg(X86::NoRegister)); // IndexReg
4126     Inst.addOperand(MCOperand::createExpr(
4127         MCSymbolRefExpr::create(Src, MCSymbolRefExpr::VK_None,
4128                                 *Ctx)));                    // Displacement
4129     Inst.addOperand(MCOperand::createReg(X86::NoRegister)); // AddrSegmentReg
4130     return true;
4131   }
4132 };
4133 
4134 }
4135 
4136 namespace llvm {
4137 namespace bolt {
4138 
4139 MCPlusBuilder *createX86MCPlusBuilder(const MCInstrAnalysis *Analysis,
4140                                       const MCInstrInfo *Info,
4141                                       const MCRegisterInfo *RegInfo) {
4142   return new X86MCPlusBuilder(Analysis, Info, RegInfo);
4143 }
4144 
4145 }
4146 }
4147