seccomp-tools 1.5.0 → 1.6.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: fa755fd2e7ed97279b094dfa28bd668aef4ee638005f0b38405066502fc8a30d
-  data.tar.gz: 56b0d51796d97a89f67262c36716833d078ce19ea6b58fbb83c2f8bee88b8685
+  metadata.gz: 898cc2a23df6443f39054c4b9027a576fb929729f74fc804ae82ae3b11c6772e
+  data.tar.gz: 0e07d2d1914ac7185135425d0e34f0dcb1b6100e977176d8bd9ce23f95a3f287
 SHA512:
-  metadata.gz: 027f57a717cb63fadeefd4a60213115a27ed51bb1eb3e6b58251690ed7c1d42335086ff4448b480296b77d395ba2e8718fa662e227394abfddaf80b19b769b74
-  data.tar.gz: f6aca254b4a43d6c60d5df7e6694b976de1e56fbb6d6585bd46fd17c0849820d76c81f25bbc872dc785576e05eeaaab5d0276a3f065b730988973c5073ace761
+  metadata.gz: ec604fca33e16dd6ca77e923e34629338245828abdf3c97e9974d205a2306aa9ae0f3bc074b90e056790a8de86ed6484ab17ce190524b30394f2fda2b5dd9432
+  data.tar.gz: 399e5e77fa99de23f3ad5013c442fc29a800a261d04150ab0bd467744a9302601ca7c60e5570e4e65f423cf4c93e4eb4428ae3f33b97d6a64c223af13b342e47

data/README.md

@@ -1,26 +1,26 @@
 [![Build Status](https://github.com/david942j/seccomp-tools/workflows/build/badge.svg)](https://github.com/david942j/seccomp-tools/actions)
-[![Dependabot Status](https://api.dependabot.com/badges/status?host=github&repo=david942j/seccomp-tools)](https://dependabot.com)
 [![Code Climate](https://codeclimate.com/github/david942j/seccomp-tools/badges/gpa.svg)](https://codeclimate.com/github/david942j/seccomp-tools)
 [![Issue Count](https://codeclimate.com/github/david942j/seccomp-tools/badges/issue_count.svg)](https://codeclimate.com/github/david942j/seccomp-tools)
 [![Test Coverage](https://codeclimate.com/github/david942j/seccomp-tools/badges/coverage.svg)](https://codeclimate.com/github/david942j/seccomp-tools/coverage)
 [![Inline docs](https://inch-ci.org/github/david942j/seccomp-tools.svg?branch=master)](https://inch-ci.org/github/david942j/seccomp-tools)
+[![Yard Docs](http://img.shields.io/badge/yard-docs-blue.svg)](https://www.rubydoc.info/github/david942j/seccomp-tools/)
 [![MIT License](https://img.shields.io/badge/license-MIT-blue.svg)](http://choosealicense.com/licenses/mit/)
 
 # Seccomp Tools
 Provide powerful tools for seccomp analysis.
 
-This project is targeted to (but not limited to) analyze seccomp sandbox in CTF pwn challenges.
-Some features might be CTF-specific, but still useful for analyzing seccomp in real-case.
+This project targets to (but is not limited to) analyze seccomp sandbox in CTF pwn challenges.
+Some features might be CTF-specific, but also useful for analyzing seccomp of real cases.
 
 ## Features
-* Dump - Automatically dumps seccomp-bpf from execution file(s).
-* Disasm - Converts bpf to human readable format.
-  - Simple decompile.
-  - Display syscall names and arguments when possible.
+* Dump - Automatically dumps seccomp BPF from execution file(s).
+* Disasm - Converts seccomp BPF to a human readable format.
+  - With simple decompilation.
+  - With syscall names and arguments whenever possible.
   - Colorful!
-* Asm - Write seccomp rules is so easy!
+* Asm - Makes writing seccomp rules similar to writing codes.
 * Emu - Emulates seccomp rules.
-* Supports multi-architectures.
+* Supports multi-architecture.
 
 ## Installation
 
@@ -76,8 +76,8 @@ $ seccomp-tools dump --help
 
 ### dump
 
-Dumps the seccomp bpf from an execution file.
-This work is done by the `ptrace` syscall.
+Dumps the seccomp BPF from an execution file.
+This work is done by utilizing the `ptrace` syscall.
 
 NOTICE: beware of the execution file will be executed.
 ```bash
@@ -124,7 +124,7 @@ $ seccomp-tools dump spec/binary/twctf-2016-diary -f raw | xxd
 
 ### disasm
 
-Disassembles the seccomp from raw bpf.
+Disassembles the seccomp from raw BPF.
 ```bash
 $ xxd spec/data/twctf-2016-diary.bpf | head -n 3
 # 00000000: 2000 0000 0000 0000 1500 0001 0200 0000   ...............
@@ -170,7 +170,7 @@ $ seccomp-tools asm
 #     -f, --format FORMAT              Output format. FORMAT can only be one of <inspect|raw|c_array|c_source|assembly>.
 #                                      Default: inspect
 #     -a, --arch ARCH                  Specify architecture.
-#                                      Supported architectures are <aarch64|amd64|i386>.
+#                                      Supported architectures are <aarch64|amd64|i386|s390x>.
 #                                      Default: amd64
 
 # Input file for asm
@@ -259,6 +259,83 @@ $ seccomp-tools asm spec/data/libseccomp.asm -f raw | seccomp-tools disasm -
 
 ```
 
+Since v1.6.0 [not released yet], `asm` has switched to using a yacc-based syntax parser, hence supports more flexible and intuitive syntax!
+
+```bash
+$ cat spec/data/example.asm
+# # An example of supported assembly syntax
+# if (A == X)
+#   goto next # 'next' is a reserved label, means the next statement ("A = args[0]" in this example)
+# else
+#   goto err_label # custom defined label
+# A = args[0]
+# if (
+#   A # put a comment here is also valid
+#     == 0x123
+#   ) goto disallow
+# if (! (A & 0x1337)) # support bang in if-conditions
+#   goto 0 # equivalent to 'goto next'
+# else goto 2 # goto $ + 2, 'mem[0] = A' in this example
+# A = sys_number
+# A = instruction_pointer >> 32
+# mem[0] = A
+# A = data[4] # equivalent to 'A = arch'
+# err_label: return ERRNO(1337)
+# disallow:
+# return KILL
+
+$ seccomp-tools asm spec/data/example.asm -f raw | seccomp-tools disasm -
+#  line  CODE  JT   JF      K
+# =================================
+#  0000: 0x1d 0x00 0x07 0x00000000  if (A != X) goto 0008
+#  0001: 0x20 0x00 0x00 0x00000010  A = args[0]
+#  0002: 0x15 0x06 0x00 0x00000123  if (A == 0x123) goto 0009
+#  0003: 0x45 0x02 0x00 0x00001337  if (A & 0x1337) goto 0006
+#  0004: 0x20 0x00 0x00 0x00000000  A = sys_number
+#  0005: 0x20 0x00 0x00 0x0000000c  A = instruction_pointer >> 32
+#  0006: 0x02 0x00 0x00 0x00000000  mem[0] = A
+#  0007: 0x20 0x00 0x00 0x00000004  A = arch
+#  0008: 0x06 0x00 0x00 0x00050539  return ERRNO(1337)
+#  0009: 0x06 0x00 0x00 0x00000000  return KILL
+
+```
+
+The output of `seccomp-tools disasm <file> --asm-able` is a valid input of `asm`:
+```bash
+$ seccomp-tools disasm spec/data/x32.bpf --asm-able
+# 0000: A = arch
+# 0001: if (A != ARCH_X86_64) goto 0011
+# 0002: A = sys_number
+# 0003: if (A < 0x40000000) goto 0011
+# 0004: if (A == x32_read) goto 0011
+# 0005: if (A == x32_write) goto 0011
+# 0006: if (A == x32_iopl) goto 0011
+# 0007: if (A != x32_mmap) goto 0011
+# 0008: A = args[0]
+# 0009: if (A == 0x0) goto 0011
+# 0010: return ERRNO(5)
+# 0011: return ALLOW
+
+
+# disasm then asm then disasm!
+$ seccomp-tools disasm spec/data/x32.bpf --asm-able | seccomp-tools asm - -f raw | seccomp-tools disasm -
+#  line  CODE  JT   JF      K
+# =================================
+#  0000: 0x20 0x00 0x00 0x00000004  A = arch
+#  0001: 0x15 0x00 0x09 0xc000003e  if (A != ARCH_X86_64) goto 0011
+#  0002: 0x20 0x00 0x00 0x00000000  A = sys_number
+#  0003: 0x35 0x00 0x07 0x40000000  if (A < 0x40000000) goto 0011
+#  0004: 0x15 0x06 0x00 0x40000000  if (A == x32_read) goto 0011
+#  0005: 0x15 0x05 0x00 0x40000001  if (A == x32_write) goto 0011
+#  0006: 0x15 0x04 0x00 0x400000ac  if (A == x32_iopl) goto 0011
+#  0007: 0x15 0x00 0x03 0x40000009  if (A != x32_mmap) goto 0011
+#  0008: 0x20 0x00 0x00 0x00000010  A = addr # x32_mmap(addr, len, prot, flags, fd, pgoff)
+#  0009: 0x15 0x01 0x00 0x00000000  if (A == 0x0) goto 0011
+#  0010: 0x06 0x00 0x00 0x00050005  return ERRNO(5)
+#  0011: 0x06 0x00 0x00 0x7fff0000  return ALLOW
+
+```
+
 ### Emu
 
 Emulates seccomp given `sys_nr`, `arg0`, `arg1`, etc.
@@ -268,7 +345,7 @@ $ seccomp-tools emu --help
 #
 # Usage: seccomp-tools emu [options] BPF_FILE [sys_nr [arg0 [arg1 ... arg5]]]
 #     -a, --arch ARCH                  Specify architecture.
-#                                      Supported architectures are <aarch64|amd64|i386>.
+#                                      Supported architectures are <aarch64|amd64|i386|s390x>.
 #                                      Default: amd64
 #     -q, --[no-]quiet                 Run quietly, only show emulation result.
 
@@ -301,12 +378,15 @@ $ seccomp-tools emu spec/data/libseccomp.bpf write 0x3
 
 ![emu](https://github.com/david942j/seccomp-tools/blob/master/examples/emu-amigo.png?raw=true)
 
-## Architecture Supported
+## Supported Architectures
 
 - [x] x86_64
 - [x] x32
 - [x] x86
-- [x] arm64 (Thanks to @saagarjha!)
+- [x] arm64 (@saagarjha)
+- [x] s390x (@iii-i)
+
+Pull Requests of adding more architectures support are welcome!
 
 ## Development
 
@@ -327,6 +407,6 @@ I recommend to use [rbenv](https://github.com/rbenv/rbenv) for your Ruby environ
 
 ## I Need You
 
-Any suggestion or feature request is welcome!
-Feel free to file an issue or send a pull request.
+Any suggestions or feature requests are welcome!
+Feel free to file issues or send pull requests.
 And, if you like this work, I'll be happy to be [starred](https://github.com/david942j/seccomp-tools/stargazers) :grimacing:

data/lib/seccomp-tools/asm/asm.rb

@@ -10,16 +10,18 @@ module SeccompTools
 
     # Assembler of seccomp bpf.
     # @param [String] str
-    # @param [:amd64, :i386] arch
+    # @param [String] filename
+    #   Only used for error messages.
+    # @param [Symbol?] arch
     # @return [String]
-    #   Raw bpf bytes.
+    #   Raw BPF bytes.
     # @example
     #   SeccompTools::Asm.asm(<<-EOS)
     #     # lines start with '#' are comments
     #     A = sys_number                # here's a comment, too
     #     A >= 0x40000000 ? dead : next # 'next' is a keyword, denote the next instruction
     #     A == read ? ok : next         # custom defined label 'dead' and 'ok'
-    #     A == 1 ? ok : next            # SYS_write = 1 in amd64
+    #     A == 1 ? ok : next            # SYS_write = 1 on amd64
     #     return ERRNO(1)
     #     dead:
     #     return KILL
@@ -27,10 +29,10 @@ module SeccompTools
     #     return ALLOW
     #   EOS
     #   #=> <raw binary bytes>
-    def asm(str, arch: nil)
+    def asm(str, filename: '-', arch: nil)
+      filename = nil if filename == '-'
       arch = Util.system_arch if arch.nil?
-      compiler = Compiler.new(arch)
-      str.lines.each { |l| compiler.process(l) }
+      compiler = Compiler.new(str, filename, arch)
       compiler.compile!.map(&:asm).join
     end
   end

data/lib/seccomp-tools/asm/compiler.rb

@@ -1,8 +1,10 @@
 # frozen_string_literal: true
 
-require 'seccomp-tools/asm/tokenizer'
+require 'seccomp-tools/asm/sasm.tab'
+require 'seccomp-tools/asm/scalar'
+require 'seccomp-tools/asm/scanner'
 require 'seccomp-tools/bpf'
-require 'seccomp-tools/const'
+require 'seccomp-tools/error'
 
 module SeccompTools
   module Asm
@@ -12,74 +14,99 @@ module SeccompTools
     class Compiler
       # Instantiate a {Compiler} object.
       #
+      # @param [String] source
+      #   Input string.
+      # @param [String?] filename
+      #   Only used in error messages.
       # @param [Symbol] arch
       #   Architecture.
-      def initialize(arch)
+      def initialize(source, filename, arch)
+        @scanner = Scanner.new(source, arch, filename: filename)
         @arch = arch
-        @insts = []
-        @labels = {}
-        @insts_linenum = {}
-        @input = []
-      end
-
-      # Before compile assembly codes, process each lines.
-      #
-      # With this we can support label in seccomp rules.
-      # @param [String] line
-      #   One line of seccomp rule.
-      # @return [void]
-      def process(line)
-        @input << line.strip
-        line = remove_comment(line)
-        @token = Tokenizer.new(line)
-        return if line.empty?
-
-        begin
-          res = case line
-                when /\?/ then cmp
-                when /^#{Tokenizer::LABEL_REGEXP}:/ then define_label
-                when /^return/ then ret
-                when /^A\s*=\s*-A/ then alu_neg
-                when /^(A|X)\s*=[^=]/ then assign
-                when /^mem\[\d+\]\s*=\s*(A|X)/ then store
-                when /^A\s*.{1,2}=/ then alu
-                when /^(goto|jmp|jump)/ then jmp_abs
-                end
-        rescue ArgumentError => e
-          invalid(@input.size - 1, e.message)
-        end
-        invalid(@input.size - 1) if res.nil?
-        if res.first == :label
-          @labels[res.last] = @insts.size
-        else
-          @insts << res
-          @insts_linenum[@insts.size - 1] = @input.size - 1
-        end
+        @symbols = {}
       end
 
       # Compiles the processed instructions.
       #
       # @return [Array<SeccompTools::BPF>]
       #   Returns the compiled {BPF} array.
-      # @raise [ArgumentError]
+      # @raise [SeccompTools::Error]
       #   Raises the error found during compilation.
       def compile!
-        @insts.map.with_index do |inst, idx|
+        @scanner.validate!
+        statements = SeccompAsmParser.new(@scanner).parse
+        fixup_symbols(statements)
+        resolve_symbols(statements)
+
+        statements.map.with_index do |s, idx|
           @line = idx
-          case inst.first
-          when :assign then compile_assign(inst[1], inst[2])
-          when :alu then compile_alu(inst[1], inst[2])
-          when :ret then compile_ret(inst[1])
-          when :cmp then compile_cmp(inst[1], inst[2], inst[3], inst[4])
-          when :jmp_abs then compile_jmp_abs(inst[1])
+          case s.type
+          when :alu then emit_alu(*s.data)
+          when :assign then emit_assign(*s.data)
+          when :if then emit_cmp(*s.data)
+          when :ret then emit_ret(*s.data)
           end
         end
-      rescue ArgumentError => e
-        invalid(@insts_linenum[@line], e.message)
       end
 
       private
 
+      def fixup_symbols(statements)
+        statements.each_with_index do |statement, idx|
+          statement.symbols.uniq(&:str).each do |s|
+            if @symbols[s.str]
+              msg = @scanner.format_error(s, "duplicate label '#{s.str}'")
+              msg += @scanner.format_error(@symbols[s.str][0], 'previously defined here')
+              raise SeccompTools::DuplicateLabelError, msg
+            end
+
+            @symbols[s.str] = [s, idx]
+          end
+        end
+      end
+
+      def resolve_symbols(statements)
+        statements.each_with_index do |statement, idx|
+          next if statement.type != :if
+
+          jt = resolve_symbol(idx, statement.data[1])
+          jf = resolve_symbol(idx, statement.data[2])
+          statement.data[1] = jt
+          statement.data[2] = jf
+        end
+      end
+
+      # The farthest distance of a relative jump in BPF.
+      JUMP_DISTANCE_MAX = 255
+
+      # @param [Integer] index
+      # @param [SeccompTools::Asm::Token, :next] sym
+      def resolve_symbol(index, sym)
+        return 0 if sym.is_a?(Symbol) && sym == :next
+
+        str = sym.str
+        return 0 if str == 'next'
+
+        if @symbols[str].nil?
+          # special case - goto <n> can be considered as $+1+<n>
+          return str.to_i if str == str.to_i.to_s && str.to_i <= JUMP_DISTANCE_MAX
+
+          raise SeccompTools::UndefinedLabelError,
+                @scanner.format_error(sym, "Cannot find label '#{str}'")
+        end
+
+        (@symbols[str][1] - index - 1).tap do |dis|
+          if dis.negative?
+            raise SeccompTools::BackwardJumpError,
+                  @scanner.format_error(sym, "Does not support backward jumping to '#{str}'")
+          end
+          if dis > JUMP_DISTANCE_MAX
+            raise SeccompTools::LongJumpError,
+                  @scanner.format_error(sym, "Does not support jumping farther than #{JUMP_DISTANCE_MAX}, got: #{dis}")
+          end
+        end
+      end
+
       # Emits a raw BPF object.
       #
       # @return [BPF]
@@ -98,201 +125,80 @@ module SeccompTools
         BPF.new({ code: code, k: k, jt: jt, jf: jf }, @arch, @line)
       end
 
+      # A = -A
       # A = X / X = A
       # mem[i] = <A|X>
-      # <A|X> = 123|sys_const
       # A = len
-      # <A|X> = mem[i]
-      # A = args_h[i]|args[i]|sys_number|arch
-      # A = data[4 * i]
-      def compile_assign(dst, src)
+      # <A|X> = <immi|mem[i]|data[i]>
+      def emit_assign(dst, src)
+        return emit(:alu, :neg) if src.is_a?(Symbol) && src == :neg
         # misc txa / tax
-        return compile_assign_misc(dst, src) if (dst == :a && src == :x) || (dst == :x && src == :a)
+        return emit(:misc, dst.a? ? :txa : :tax) if (dst.a? && src.x?) || (dst.x? && src.a?)
         # case of st / stx
-        return emit(src == :x ? :stx : :st, k: dst.last) if dst.is_a?(Array) && dst.first == :mem
-
-        src = evaluate(src)
-        ld = dst == :x ? :ldx : :ld
-        # <A|X> = <immi>
-        return emit(ld, :imm, k: src) if src.is_a?(Integer)
-        # now src must be in form [:len/:mem/:data, num]
-        return emit(ld, src.first, k: src.last) if src.first == :mem || src.first == :len
-        # check if num is multiple of 4
-        raise ArgumentError, 'Index of data[] must be a multiple of 4' if src.last % 4 != 0
+        return emit(src.x? ? :stx : :st, k: dst.val) if dst.mem?
 
-        emit(ld, :abs, k: src.last)
+        emit_ld(dst, src)
       end
 
-      def compile_assign_misc(dst, _src)
-        emit(:misc, dst == :a ? :txa : :tax)
+      def emit_ld(dst, src)
+        ld = dst.x? ? :ldx : :ld
+        return emit(ld, :len, k: 0) if src.len?
+        return emit(ld, :imm, k: src.to_i) if src.const?
+        return emit(ld, :mem, k: src.val) if src.mem?
+
+        emit(ld, :abs, k: src.val) if src.data?
       end
 
-      def compile_alu(op, val)
-        return emit(:alu, :neg) if op == :neg
+      def emit_alu(op, val)
+        src, k = val.x? ? [:x, 0] : [:k, val.to_i]
+        emit(:alu, convert_alu_op(op), src, k: k)
+      end
 
-        val = evaluate(val)
-        src = val == :x ? :x : :k
-        val = 0 if val == :x
-        emit(:alu, op, src, k: val)
+      def convert_alu_op(op)
+        {
+          '+' => :add,
+          '-' => :sub,
+          '*' => :mul,
+          '/' => :div,
+          '|' => :or,
+          '&' => :and,
+          '<<' => :lsh,
+          '>>' => :rsh,
+          '^' => :xor
+        }[op[0..-2]]
       end
 
-      def compile_ret(val)
-        if val == :a
+      def emit_ret(val)
+        if val.a?
           src = :a
           val = 0
         end
-        emit(:ret, src, k: val)
-      end
-
-      def compile_jmp_abs(target)
-        targ = label_offset(target)
-        emit(:jmp, :ja, k: targ)
-      end
-
-      # Compiles comparison.
-      def compile_cmp(op, val, jt, jf)
-        jt = label_offset(jt)
-        jf = label_offset(jf)
-        val = evaluate(val)
-        src = val == :x ? :x : :k
-        val = 0 if val == :x
-        emit(:jmp, op, src, jt: jt, jf: jf, k: val)
+        emit(:ret, src, k: val.to_i)
       end
 
-      def label_offset(label)
-        return label if label.is_a?(Integer)
-        return 0 if label == 'next'
-        raise ArgumentError, "Undefined label #{label.inspect}" if @labels[label].nil?
-        raise ArgumentError, "Does not support backward jumping to #{label.inspect}" if @labels[label] < @line
+      def emit_cmp(cmp, jt, jf)
+        jop, jt, jf = convert_jmp_op(cmp, jt, jf)
+        return emit(:jmp, jop, 0, jt: 0, jf: 0, k: jt) if jop == :ja || jt == jf
 
-        @labels[label] - @line - 1
+        val = cmp[1]
+        src = val.x? ? :x : :k
+        k = val.x? ? 0 : val.to_i
+        emit(:jmp, jop, src, jt: jt, jf: jf, k: k)
       end
 
-      def evaluate(val)
-        return val if val.is_a?(Integer) || val == :x || val == :a
-
-        # keywords
-        val = case val
-              when 'sys_number' then [:data, 0]
-              when 'arch' then [:data, 4]
-              when 'len' then [:len, 0]
-              else val
-              end
-        return eval_constants(val) if val.is_a?(String)
-
-        # remains are [:mem/:data/:args/:args_h, <num>]
-        # first convert args to data
-        val = [:data, val.last * 8 + 16] if val.first == :args
-        val = [:data, val.last * 8 + 20] if val.first == :args_h
-        val
-      end
+      # == != >= <= > < &
+      def convert_jmp_op(cmp, jt, jf)
+        return [:ja, jt, jf] if cmp.nil?
 
-      def eval_constants(str)
-        Const::Syscall.const_get(@arch.upcase.to_sym)[str.to_sym] ||
-          Const::Audit::ARCH[str] ||
-          raise(ArgumentError, "Invalid constant: #{str.inspect}")
-      end
-
-      attr_reader :token
-
-      # <goto|jmp|jump> <label|Integer>
-      def jmp_abs
-        token.fetch('goto') ||
-          token.fetch('jmp') ||
-          token.fetch('jump') ||
-          raise(ArgumentError, "Invalid jump alias: #{token.cur.inspect}")
-        target = token.fetch!(:goto)
-        [:jmp_abs, target]
-      end
-
-      # A <comparison> <sys_str|X|Integer> ? <label|Integer> : <label|Integer>
-      def cmp
-        token.fetch!('A')
-        op = token.fetch!(:comparison)
-        dst = token.fetch!(:sys_num_x)
-        token.fetch!('?')
-        jt = token.fetch!(:goto)
-        token.fetch!(':')
-        jf = token.fetch!(:goto)
-        convert = {
-          :< => :>=,
-          :<= => :>,
-          :!= => :==
-        }
-        if convert[op]
-          op = convert[op]
-          jt, jf = jf, jt
+        case cmp[0]
+        when '==' then [:jeq, jt, jf]
+        when '!=' then [:jeq, jf, jt]
+        when '>=' then [:jge, jt, jf]
+        when '<=' then [:jgt, jf, jt]
+        when '>' then [:jgt, jt, jf]
+        when '<' then [:jge, jf, jt]
+        when '&' then [:jset, jt, jf]
         end
-        op = {
-          :>= => :jge,
-          :> => :jgt,
-          :== => :jeq
-        }[op]
-        [:cmp, op, dst, jt, jf]
-      end
-
-      def ret
-        token.fetch!('return')
-        [:ret, token.fetch!(:ret)]
-      end
-
-      # possible types after '=':
-      #   A = X
-      #   X = A
-      #   A = 123
-      #   A = data[i]
-      #   A = mem[i]
-      #   A = args[i]
-      #   A = sys_number|arch
-      #   A = len
-      def assign
-        dst = token.fetch!(:ax)
-        token.fetch!('=')
-        src = token.fetch(:ax) ||
-              token.fetch(:sys_num_x) ||
-              token.fetch(:ary) ||
-              token.fetch('sys_number') ||
-              token.fetch('arch') ||
-              token.fetch('len') ||
-              raise(ArgumentError, "Invalid source: #{token.cur.inspect}")
-        [:assign, dst, src]
-      end
-
-      # returns same format as assign
-      def store
-        [:assign, token.fetch!(:ary), token.fetch!('=') && token.fetch!(:ax)]
-      end
-
-      def define_label
-        name = token.fetch!(:goto)
-        token.fetch(':')
-        [:label, name]
-      end
-
-      # A op= sys_num_x
-      def alu
-        token.fetch!('A')
-        op = token.fetch!(:alu_op)
-        token.fetch!('=')
-        src = token.fetch!(:sys_num_x)
-        [:alu, op, src]
-      end
-
-      # A = -A
-      def alu_neg
-        %i[alu neg]
-      end
-
-      def remove_comment(line)
-        line = line.to_s.dup
-        line.slice!(/#.*\Z/m)
-        line.strip
-      end
-
-      def invalid(line, extra_msg = nil)
-        message = "Invalid instruction at line #{line + 1}: #{@input[line].inspect}"
-        message += "\nError: #{extra_msg}" if extra_msg
-        raise ArgumentError, message
       end
     end
   end