xref: /haiku/headers/libs/zydis/Zydis/Disassembler.h (revision 1003e004e6c97eb60657a98928dd334e141c59ee) 
1*1003e004SJérôme Duval /***************************************************************************************************
2*1003e004SJérôme Duval 
3*1003e004SJérôme Duval   Zyan Disassembler Library (Zydis)
4*1003e004SJérôme Duval 
5*1003e004SJérôme Duval   Original Author : Joel Hoener
6*1003e004SJérôme Duval 
7*1003e004SJérôme Duval  * Permission is hereby granted, free of charge, to any person obtaining a copy
8*1003e004SJérôme Duval  * of this software and associated documentation files (the "Software"), to deal
9*1003e004SJérôme Duval  * in the Software without restriction, including without limitation the rights
10*1003e004SJérôme Duval  * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
11*1003e004SJérôme Duval  * copies of the Software, and to permit persons to whom the Software is
12*1003e004SJérôme Duval  * furnished to do so, subject to the following conditions:
13*1003e004SJérôme Duval  *
14*1003e004SJérôme Duval  * The above copyright notice and this permission notice shall be included in all
15*1003e004SJérôme Duval  * copies or substantial portions of the Software.
16*1003e004SJérôme Duval  *
17*1003e004SJérôme Duval  * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
18*1003e004SJérôme Duval  * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
19*1003e004SJérôme Duval  * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
20*1003e004SJérôme Duval  * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
21*1003e004SJérôme Duval  * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
22*1003e004SJérôme Duval  * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
23*1003e004SJérôme Duval  * SOFTWARE.
24*1003e004SJérôme Duval 
25*1003e004SJérôme Duval ***************************************************************************************************/
26*1003e004SJérôme Duval 
27*1003e004SJérôme Duval /**
28*1003e004SJérôme Duval  * @file
29*1003e004SJérôme Duval  * All-in-one convenience function providing the simplest possible way to use Zydis.
30*1003e004SJérôme Duval  */
31*1003e004SJérôme Duval 
32*1003e004SJérôme Duval #ifndef ZYDIS_DISASSEMBLER_H
33*1003e004SJérôme Duval #define ZYDIS_DISASSEMBLER_H
34*1003e004SJérôme Duval 
35*1003e004SJérôme Duval #include <Zydis/Decoder.h>
36*1003e004SJérôme Duval #include <Zydis/Formatter.h>
37*1003e004SJérôme Duval 
38*1003e004SJérôme Duval #ifdef __cplusplus
39*1003e004SJérôme Duval extern "C" {
40*1003e004SJérôme Duval #endif
41*1003e004SJérôme Duval 
42*1003e004SJérôme Duval /* ============================================================================================== */
43*1003e004SJérôme Duval /* Types                                                                                          */
44*1003e004SJérôme Duval /* ============================================================================================== */
45*1003e004SJérôme Duval 
46*1003e004SJérôme Duval /**
47*1003e004SJérôme Duval  * All commonly used information about a decoded instruction that Zydis can provide.
48*1003e004SJérôme Duval  *
49*1003e004SJérôme Duval  * This structure is filled in by calling `ZydisDisassembleIntel` or `ZydisDisassembleATT`.
50*1003e004SJérôme Duval  */
51*1003e004SJérôme Duval typedef struct ZydisDisassembledInstruction_
52*1003e004SJérôme Duval {
53*1003e004SJérôme Duval     /**
54*1003e004SJérôme Duval      * The runtime address that was passed when disassembling the instruction.
55*1003e004SJérôme Duval      */
56*1003e004SJérôme Duval     ZyanU64 runtime_address;
57*1003e004SJérôme Duval     /**
58*1003e004SJérôme Duval      * General information about the decoded instruction in machine-readable format.
59*1003e004SJérôme Duval      */
60*1003e004SJérôme Duval     ZydisDecodedInstruction info;
61*1003e004SJérôme Duval     /**
62*1003e004SJérôme Duval      * The operands of the decoded instruction in a machine-readable format.
63*1003e004SJérôme Duval      *
64*1003e004SJérôme Duval      * The amount of actual operands can be determined by inspecting the corresponding fields
65*1003e004SJérôme Duval      * in the `info` member of this struct. Inspect `operand_count_visible` if you care about
66*1003e004SJérôme Duval      * visible operands (those that are printed by the formatter) or `operand_count` if you're
67*1003e004SJérôme Duval      * also interested in implicit operands (for example the registers implicitly accessed by
68*1003e004SJérôme Duval      * `pushad`). Unused entries are zeroed.
69*1003e004SJérôme Duval      */
70*1003e004SJérôme Duval     ZydisDecodedOperand operands[ZYDIS_MAX_OPERAND_COUNT];
71*1003e004SJérôme Duval     /**
72*1003e004SJérôme Duval      * The textual, human-readable representation of the instruction.
73*1003e004SJérôme Duval      *
74*1003e004SJérôme Duval      * Guaranteed to be zero-terminated.
75*1003e004SJérôme Duval      */
76*1003e004SJérôme Duval     char text[96];
77*1003e004SJérôme Duval } ZydisDisassembledInstruction;
78*1003e004SJérôme Duval 
79*1003e004SJérôme Duval /* ============================================================================================== */
80*1003e004SJérôme Duval /* Exported functions                                                                             */
81*1003e004SJérôme Duval /* ============================================================================================== */
82*1003e004SJérôme Duval 
83*1003e004SJérôme Duval /**
84*1003e004SJérôme Duval  * Disassemble an instruction and format it to human-readable text in a single step (Intel syntax).
85*1003e004SJérôme Duval  *
86*1003e004SJérôme Duval  * @param machine_mode      The machine mode to assume when disassembling. When in doubt, pass
87*1003e004SJérôme Duval  *                          `ZYDIS_MACHINE_MODE_LONG_64` for what is typically referred to as
88*1003e004SJérôme Duval  *                          "64-bit mode" or `ZYDIS_MACHINE_MODE_LEGACY_32` for "32-bit mode".
89*1003e004SJérôme Duval  * @param runtime_address   The program counter (`eip` / `rip`) to assume when formatting the
90*1003e004SJérôme Duval  *                          instruction. Many instructions behave differently depending on the
91*1003e004SJérôme Duval  *                          address they are located at.
92*1003e004SJérôme Duval  * @param buffer            A pointer to the raw instruction bytes that you wish to decode.
93*1003e004SJérôme Duval  * @param length            The length of the input buffer. Note that this can be bigger than the
94*1003e004SJérôme Duval  *                          actual size of the instruction -- you don't have to know the size up
95*1003e004SJérôme Duval  *                          front. This length is merely used to prevent Zydis from doing
96*1003e004SJérôme Duval  *                          out-of-bounds reads on your buffer.
97*1003e004SJérôme Duval  * @param instruction       A pointer to receive the decoded instruction information. Can be
98*1003e004SJérôme Duval  *                          uninitialized and reused on later calls.
99*1003e004SJérôme Duval  *
100*1003e004SJérôme Duval  * This is a convenience function intended as a quick path for getting started with using Zydis.
101*1003e004SJérôme Duval  * It internally calls a range of other more advanced functions to obtain all commonly needed
102*1003e004SJérôme Duval  * information about the instruction. It is likely that you won't need most of this information in
103*1003e004SJérôme Duval  * practice, so it is advisable to instead call these more advanced functions directly if you're
104*1003e004SJérôme Duval  * concerned about performance.
105*1003e004SJérôme Duval  *
106*1003e004SJérôme Duval  * This function essentially combines the following more advanced functions into a single call:
107*1003e004SJérôme Duval  *
108*1003e004SJérôme Duval  *   - `ZydisDecoderInit`
109*1003e004SJérôme Duval  *   - `ZydisDecoderDecodeInstruction`
110*1003e004SJérôme Duval  *   - `ZydisDecoderDecodeOperands`
111*1003e004SJérôme Duval  *   - `ZydisFormatterInit`
112*1003e004SJérôme Duval  *   - `ZydisFormatterFormatInstruction`
113*1003e004SJérôme Duval  *
114*1003e004SJérôme Duval  * @return  A zyan status code.
115*1003e004SJérôme Duval  */
116*1003e004SJérôme Duval ZYDIS_EXPORT ZyanStatus ZydisDisassembleIntel(ZydisMachineMode machine_mode,
117*1003e004SJérôme Duval     ZyanU64 runtime_address, const void* buffer, ZyanUSize length,
118*1003e004SJérôme Duval     ZydisDisassembledInstruction *instruction);
119*1003e004SJérôme Duval 
120*1003e004SJérôme Duval /**
121*1003e004SJérôme Duval  * Disassemble an instruction and format it to human-readable text in a single step (AT&T syntax).
122*1003e004SJérôme Duval  *
123*1003e004SJérôme Duval  * @copydetails ZydisDisassembleIntel
124*1003e004SJérôme Duval  */
125*1003e004SJérôme Duval ZYDIS_EXPORT ZyanStatus ZydisDisassembleATT(ZydisMachineMode machine_mode,
126*1003e004SJérôme Duval     ZyanU64 runtime_address, const void* buffer, ZyanUSize length,
127*1003e004SJérôme Duval     ZydisDisassembledInstruction *instruction);
128*1003e004SJérôme Duval 
129*1003e004SJérôme Duval /* ============================================================================================== */
130*1003e004SJérôme Duval 
131*1003e004SJérôme Duval #ifdef __cplusplus
132*1003e004SJérôme Duval }
133*1003e004SJérôme Duval #endif
134*1003e004SJérôme Duval 
135*1003e004SJérôme Duval #endif /* ZYDIS_DISASSEMBLER_H */
136