Rizin
unix-like reverse engineering framework and cli tools
Main Page
Related Pages
Modules
Namespaces
Namespace List
Namespace Members
All
_
a
b
c
d
e
f
g
h
i
k
l
m
n
o
p
r
s
t
u
v
w
x
z
Functions
_
a
b
c
d
e
f
g
h
i
l
m
n
p
r
s
t
u
v
w
Variables
_
a
b
c
d
e
f
g
h
i
k
l
m
n
o
p
r
s
t
u
v
w
x
z
Enumerations
Classes
Class List
Class Index
Class Hierarchy
Class Members
All
_
a
b
c
d
e
f
g
h
i
j
k
l
m
n
o
p
q
r
s
t
u
v
w
x
y
z
~
Functions
_
a
b
c
d
e
f
g
h
i
l
m
o
p
r
s
t
u
v
w
x
z
~
Variables
_
a
b
c
d
e
f
g
h
i
j
k
l
m
n
o
p
q
r
s
t
u
v
w
x
y
z
Enumerations
Enumerator
b
d
e
h
i
k
n
p
r
s
w
Properties
Events
Related Functions
Files
File List
File Members
All
$
.
[
_
a
b
c
d
e
f
g
h
i
j
k
l
m
n
o
p
q
r
s
t
u
v
w
x
y
z
Functions
[
_
a
b
c
d
e
f
g
h
i
j
k
l
m
n
o
p
q
r
s
t
u
v
w
x
y
z
Variables
$
.
_
a
b
c
d
e
f
g
h
i
j
k
l
m
n
o
p
q
r
s
t
u
v
w
x
y
z
Typedefs
_
a
b
c
d
e
f
g
h
i
j
k
l
m
n
o
p
q
r
s
t
u
v
w
x
z
Enumerations
_
a
b
c
d
e
f
g
h
i
j
k
l
m
n
o
p
r
s
t
u
v
w
x
y
z
Enumerator
_
a
b
c
d
e
f
g
h
i
j
k
l
m
n
o
p
q
r
s
t
u
v
w
x
y
z
Macros
_
a
b
c
d
e
f
g
h
i
j
k
l
m
n
o
p
q
r
s
t
u
v
w
x
y
z
▼
Rizin
Clone the Rizin project and keep it updated
Contributor Covenant Code of Conduct
How to report issues
DEVELOPERS
README
AVR (arduino, atmega128, ..)
Brainfuck support for rizin
Calling Conventions profiles
Cross-compilation
Rizin Debugger Internals
Conditional breakpoints
ESIL
FLIRT
Connecting rizin with gdb
What is GProbe?
Packaging
RAP protocol
Release process
RzIL
Command parsing and command handling
SIOL - Simple IO Layer
WinDBG
Install Rizin
README
SDB (string database)
Security Policy
README
Capstone Engine
COMPILE
Xcode Project for Capstone
Rizin libdemangle
cabextract
CONTRIBUTING
Project Maintainers
README
Supported platforms
libzip API changes
INSTALL
NEWS
README
Security Policy
Before next release
Projects for various integrated development environments (IDE)
gen_manual - a program for automatic generation of manual from source code
Meson build system for lz4
Snap Packaging
LZ4 Block Format Description
LZ4 Frame Format Description
LZ4 Streaming API Example : Double Buffer
LZ4 Streaming API Example : Line by Line Text Compression
LZ4 API Example : Dictionary Random Access
LZ4 examples
LZ4 Streaming API Basics
LZ4 Windows binary package
LZ4 - Library Files
lz4(1) – lz4, unlz4, lz4cat - Compress or decompress .lz4 files
Command Line Interface for LZ4 library
LZ4 - Extremely fast compression
Programs and scripts for automated testing of LZ4
LICENSE
ptrace-wrap
rizin-shell-parser
spp
<tt>tree-sitter-config</tt>
<tt>tree-sitter-loader</tt>
Tree-sitter CLI
CONTRIBUTING\ilineb
index\ilineb
section-2-using-parsers\ilineb
section-3-creating-parsers\ilineb
section-4-syntax-highlighting\ilineb
section-5-implementation\ilineb
section-6-contributing\ilineb
section-8-code-navigation-systems\ilineb
<tt>tree-sitter-highlight</tt>
Rust Tree-sitter
Web Tree-sitter
Subdirectories
ICU Parts
tree-sitter
<tt>tree-sitter-tags</tt>
tree-sitter-c
tree-sitter-c
xxHash - Extremely fast hash algorithm
Todo List
►
Modules
►
Namespaces
►
Classes
▼
Files
►
File List
►
File Members
•
All
Classes
Namespaces
Files
Functions
Variables
Typedefs
Enumerations
Enumerator
Properties
Events
Friends
Macros
Modules
Pages
X86Disassembler.h
Go to the documentation of this file.
1
//===-- X86Disassembler.h - Disassembler for x86 and x86_64 -----*- C++ -*-===//
2
//
3
// The LLVM Compiler Infrastructure
4
//
5
// This file is distributed under the University of Illinois Open Source
6
// License. See LICENSE.TXT for details.
7
//
8
//===----------------------------------------------------------------------===//
9
//
10
// The X86 disassembler is a table-driven disassembler for the 16-, 32-, and
11
// 64-bit X86 instruction sets. The main decode sequence for an assembly
12
// instruction in this disassembler is:
13
//
14
// 1. Read the prefix bytes and determine the attributes of the instruction.
15
// These attributes, recorded in enum attributeBits
16
// (X86DisassemblerDecoderCommon.h), form a bitmask. The table CONTEXTS_SYM
17
// provides a mapping from bitmasks to contexts, which are represented by
18
// enum InstructionContext (ibid.).
19
//
20
// 2. Read the opcode, and determine what kind of opcode it is. The
21
// disassembler distinguishes four kinds of opcodes, which are enumerated in
22
// OpcodeType (X86DisassemblerDecoderCommon.h): one-byte (0xnn), two-byte
23
// (0x0f 0xnn), three-byte-38 (0x0f 0x38 0xnn), or three-byte-3a
24
// (0x0f 0x3a 0xnn). Mandatory prefixes are treated as part of the context.
25
//
26
// 3. Depending on the opcode type, look in one of four ClassDecision structures
27
// (X86DisassemblerDecoderCommon.h). Use the opcode class to determine which
28
// OpcodeDecision (ibid.) to look the opcode in. Look up the opcode, to get
29
// a ModRMDecision (ibid.).
30
//
31
// 4. Some instructions, such as escape opcodes or extended opcodes, or even
32
// instructions that have ModRM*Reg / ModRM*Mem forms in LLVM, need the
33
// ModR/M byte to complete decode. The ModRMDecision's type is an entry from
34
// ModRMDecisionType (X86DisassemblerDecoderCommon.h) that indicates if the
35
// ModR/M byte is required and how to interpret it.
36
//
37
// 5. After resolving the ModRMDecision, the disassembler has a unique ID
38
// of type InstrUID (X86DisassemblerDecoderCommon.h). Looking this ID up in
39
// INSTRUCTIONS_SYM yields the name of the instruction and the encodings and
40
// meanings of its operands.
41
//
42
// 6. For each operand, its encoding is an entry from OperandEncoding
43
// (X86DisassemblerDecoderCommon.h) and its type is an entry from
44
// OperandType (ibid.). The encoding indicates how to read it from the
45
// instruction; the type indicates how to interpret the value once it has
46
// been read. For example, a register operand could be stored in the R/M
47
// field of the ModR/M byte, the REG field of the ModR/M byte, or added to
48
// the main opcode. This is orthogonal from its meaning (an GPR or an XMM
49
// register, for instance). Given this information, the operands can be
50
// extracted and interpreted.
51
//
52
// 7. As the last step, the disassembler translates the instruction information
53
// and operands into a format understandable by the client - in this case, an
54
// MCInst for use by the MC infrastructure.
55
//
56
// The disassembler is broken broadly into two parts: the table emitter that
57
// emits the instruction decode tables discussed above during compilation, and
58
// the disassembler itself. The table emitter is documented in more detail in
59
// utils/TableGen/X86DisassemblerEmitter.h.
60
//
61
// X86Disassembler.h contains the public interface for the disassembler,
62
// adhering to the MCDisassembler interface.
63
// X86Disassembler.cpp contains the code responsible for step 7, and for
64
// invoking the decoder to execute steps 1-6.
65
// X86DisassemblerDecoderCommon.h contains the definitions needed by both the
66
// table emitter and the disassembler.
67
// X86DisassemblerDecoder.h contains the public interface of the decoder,
68
// factored out into C for possible use by other projects.
69
// X86DisassemblerDecoder.c contains the source code of the decoder, which is
70
// responsible for steps 1-6.
71
//
72
//===----------------------------------------------------------------------===//
73
74
/* Capstone Disassembly Engine */
75
/* By Nguyen Anh Quynh <aquynh@gmail.com>, 2013-2015 */
76
77
#ifndef CS_X86_DISASSEMBLER_H
78
#define CS_X86_DISASSEMBLER_H
79
80
#include "capstone/capstone.h"
81
82
#include "../../MCInst.h"
83
84
#include "../../MCRegisterInfo.h"
85
#include "
X86DisassemblerDecoderCommon.h
"
86
87
bool
X86_getInstruction
(
csh
handle
,
const
uint8_t
*
code
,
size_t
code_len,
88
MCInst
*instr,
uint16_t
*
size
,
uint64_t
address,
void
*
info
);
89
90
void
X86_init
(
MCRegisterInfo
*MRI);
91
92
#endif
X86DisassemblerDecoderCommon.h
X86_init
void X86_init(MCRegisterInfo *MRI)
X86_getInstruction
bool X86_getInstruction(csh handle, const uint8_t *code, size_t code_len, MCInst *instr, uint16_t *size, uint64_t address, void *info)
handle
static mcore_handle handle
Definition:
asm_mcore.c:8
info
RzBinInfo * info(RzBinFile *bf)
Definition:
bin_ne.c:86
csh
size_t csh
Definition:
capstone.h:71
size
voidpf void uLong size
Definition:
ioapi.h:138
uint16_t
unsigned short uint16_t
Definition:
sftypes.h:30
uint64_t
unsigned long uint64_t
Definition:
sftypes.h:28
uint8_t
unsigned char uint8_t
Definition:
sftypes.h:31
MCInst
Definition:
MCInst.h:88
MCRegisterInfo
Definition:
MCRegisterInfo.h:78
code
Definition:
inftree9.h:24
subprojects
capstone-bundled
arch
X86
X86Disassembler.h
Generated by
1.9.1
1.9.1 
