dr_ir_instr.h File Reference

Functions to create and manipulate instructions. More...

Defines

#define EFLAGS_READ_CF   0x00000001

#define EFLAGS_READ_PF   0x00000002

#define EFLAGS_READ_AF   0x00000004

#define EFLAGS_READ_ZF   0x00000008

#define EFLAGS_READ_SF   0x00000010

#define EFLAGS_READ_TF   0x00000020

#define EFLAGS_READ_IF   0x00000040

#define EFLAGS_READ_DF   0x00000080

#define EFLAGS_READ_OF   0x00000100

#define EFLAGS_READ_NT   0x00000200

#define EFLAGS_READ_RF   0x00000400

#define EFLAGS_WRITE_CF   0x00000800

#define EFLAGS_WRITE_PF   0x00001000

#define EFLAGS_WRITE_AF   0x00002000

#define EFLAGS_WRITE_ZF   0x00004000

#define EFLAGS_WRITE_SF   0x00008000

#define EFLAGS_WRITE_TF   0x00010000

#define EFLAGS_WRITE_IF   0x00020000

#define EFLAGS_WRITE_DF   0x00040000

#define EFLAGS_WRITE_OF   0x00080000

#define EFLAGS_WRITE_NT   0x00100000

#define EFLAGS_WRITE_RF   0x00200000

#define EFLAGS_READ_ALL   0x000007ff

#define EFLAGS_WRITE_ALL   0x003ff800

#define EFLAGS_READ_6   0x0000011f

#define EFLAGS_WRITE_6   0x0008f800

#define EFLAGS_WRITE_TO_READ(x)   ((x) >> 11)

#define EFLAGS_READ_TO_WRITE(x)   ((x) << 11)

#define PREFIX_LOCK   0x1

#define PREFIX_JCC_NOT_TAKEN   0x2

#define PREFIX_JCC_TAKEN   0x4

Enumerations

enum {
  EFLAGS_CF = 0x00000001,
  EFLAGS_PF = 0x00000004,
  EFLAGS_AF = 0x00000010,
  EFLAGS_ZF = 0x00000040,
  EFLAGS_SF = 0x00000080,
  EFLAGS_DF = 0x00000400,
  EFLAGS_OF = 0x00000800
}

Functions

instr_t * instr_create (void *drcontext)

void instr_init (void *drcontext, instr_t *instr)

void instr_free (void *drcontext, instr_t *instr)

void instr_reset (void *drcontext, instr_t *instr)

void instr_reuse (void *drcontext, instr_t *instr)

void instr_destroy (void *drcontext, instr_t *instr)

instr_t * instr_get_next (instr_t *instr)

instr_t * instr_get_prev (instr_t *instr)

void instr_set_next (instr_t *instr, instr_t *next)

void instr_set_prev (instr_t *instr, instr_t *prev)

void * instr_get_note (instr_t *instr)

void instr_set_note (instr_t *instr, void *value)

app_pc instr_get_branch_target_pc (instr_t *cti_instr)

void instr_set_branch_target_pc (instr_t *cti_instr, app_pc pc)

bool instr_is_exit_cti (instr_t *instr)

bool instr_is_interrupt (instr_t *instr)

bool instr_ok_to_mangle (instr_t *instr)

void instr_set_ok_to_mangle (instr_t *instr, bool val)

void instr_set_meta_no_translation (instr_t *instr)

bool instr_ok_to_emit (instr_t *instr)

void instr_set_ok_to_emit (instr_t *instr, bool val)

int instr_length (void *drcontext, instr_t *instr)

bool instr_is_encoding_possible (instr_t *instr)

byte * instr_encode (void *drcontext, instr_t *instr, byte *pc)

int instr_mem_usage (instr_t *instr)

instr_t * instr_clone (void *drcontext, instr_t *orig)

instr_t * instr_build (void *drcontext, int opcode, int num_dsts, int num_srcs)

instr_t * instr_build_bits (void *drcontext, int opcode, uint num_bytes)

bool instr_valid (instr_t *instr)

app_pc instr_get_app_pc (instr_t *instr)

int instr_get_opcode (instr_t *instr)

void instr_set_opcode (instr_t *instr, int opcode)

int instr_num_srcs (instr_t *instr)

int instr_num_dsts (instr_t *instr)

void instr_set_num_opnds (void *drcontext, instr_t *instr, int num_dsts, int num_srcs)

opnd_t instr_get_src (instr_t *instr, uint pos)

opnd_t instr_get_dst (instr_t *instr, uint pos)

void instr_set_src (instr_t *instr, uint pos, opnd_t opnd)

void instr_set_dst (instr_t *instr, uint pos, opnd_t opnd)

opnd_t instr_get_target (instr_t *cti_instr)

void instr_set_target (instr_t *cti_instr, opnd_t target)

bool instr_operands_valid (instr_t *instr)

void instr_set_operands_valid (instr_t *instr, bool valid)

bool instr_opcode_valid (instr_t *instr)

uint instr_get_eflags (instr_t *instr)

uint instr_get_opcode_eflags (int opcode)

uint instr_get_arith_flags (instr_t *instr)

void instr_set_raw_bits (instr_t *instr, byte *addr, uint length)

void instr_set_raw_bits_valid (instr_t *instr, bool valid)

bool instr_raw_bits_valid (instr_t *instr)

bool instr_has_allocated_bits (instr_t *instr)

bool instr_needs_encoding (instr_t *instr)

bool instr_is_meta_may_fault (instr_t *instr)

void instr_set_meta_may_fault (instr_t *instr, bool val)

void instr_allocate_raw_bits (void *drcontext, instr_t *instr, uint num_bytes)

instr_t * instr_set_translation (instr_t *instr, app_pc addr)

void instr_make_persistent (void *drcontext, instr_t *instr)

byte * instr_get_raw_bits (instr_t *instr)

void instr_free_raw_bits (void *drcontext, instr_t *instr)

byte instr_get_raw_byte (instr_t *instr, uint pos)

void instr_set_raw_byte (instr_t *instr, uint pos, byte byte)

void instr_set_raw_bytes (instr_t *instr, byte *start, uint num_bytes)

void instr_set_raw_word (instr_t *instr, uint pos, uint word)

uint instr_get_raw_word (instr_t *instr, uint pos)

instr_t * instr_set_prefix_flag (instr_t *instr, uint prefix)

bool instr_get_prefix_flag (instr_t *instr, uint prefix)

void instr_set_x86_mode (instr_t *instr, bool x86)

bool instr_get_x86_mode (instr_t *instr)

void instr_shrink_to_16_bits (instr_t *instr)

void instr_shrink_to_32_bits (instr_t *instr)

bool instr_uses_reg (instr_t *instr, reg_id_t reg)

bool instr_uses_fp_reg (instr_t *instr)

bool instr_reg_in_src (instr_t *instr, reg_id_t reg)

bool instr_reg_in_dst (instr_t *instr, reg_id_t reg)

bool instr_writes_to_reg (instr_t *instr, reg_id_t reg)

bool instr_reads_from_reg (instr_t *instr, reg_id_t reg)

bool instr_writes_to_exact_reg (instr_t *instr, reg_id_t reg)

bool instr_replace_src_opnd (instr_t *instr, opnd_t old_opnd, opnd_t new_opnd)

bool instr_same (instr_t *instr1, instr_t *instr2)

bool instr_reads_memory (instr_t *instr)

bool instr_writes_memory (instr_t *instr)

bool instr_has_rel_addr_reference (instr_t *instr)

bool instr_get_rel_addr_target (instr_t *instr, app_pc *target)

int instr_get_rel_addr_dst_idx (instr_t *instr)

int instr_get_rel_addr_src_idx (instr_t *instr)

app_pc instr_compute_address (instr_t *instr, dr_mcontext_t *mc)

bool instr_compute_address_ex (instr_t *instr, dr_mcontext_t *mc, uint index, OUT app_pc *addr, OUT bool *write)

uint instr_memory_reference_size (instr_t *instr)

bool instr_is_mov (instr_t *instr)

bool instr_is_call (instr_t *instr)

bool instr_is_call_direct (instr_t *instr)

bool instr_is_call_indirect (instr_t *instr)

bool instr_is_return (instr_t *instr)

bool instr_is_cti (instr_t *instr)

bool instr_is_cti_short (instr_t *instr)

bool instr_is_cti_loop (instr_t *instr)

bool instr_is_cti_short_rewrite (instr_t *instr, byte *pc)

bool instr_is_cbr (instr_t *instr)

bool instr_is_mbr (instr_t *instr)

bool instr_is_ubr (instr_t *instr)

bool instr_is_far_cti (instr_t *instr)

bool instr_is_far_abs_cti (instr_t *instr)

bool instr_is_syscall (instr_t *instr)

bool instr_is_wow64_syscall (instr_t *instr)

bool instr_is_prefetch (instr_t *instr)

bool instr_is_mov_constant (instr_t *instr, ptr_int_t *value)

bool instr_is_floating (instr_t *instr)

bool instr_is_mmx (instr_t *instr)

bool instr_is_sse_or_sse2 (instr_t *instr)

bool instr_is_mov_imm_to_tos (instr_t *instr)

bool instr_is_label (instr_t *instr)

bool instr_is_undefined (instr_t *instr)

int instr_get_interrupt_number (instr_t *instr)

void instr_invert_cbr (instr_t *instr)

instr_t * instr_convert_short_meta_jmp_to_long (void *drcontext, instrlist_t *ilist, instr_t *instr)

bool instr_jcc_taken (instr_t *instr, reg_t eflags)

int instr_cmovcc_to_jcc (int cmovcc_opcode)

bool instr_cmovcc_triggered (instr_t *instr, reg_t eflags)

bool instr_is_nop (instr_t *instr)

instr_t * instr_create_0dst_0src (void *drcontext, int opcode)

instr_t * instr_create_0dst_1src (void *drcontext, int opcode, opnd_t src)

instr_t * instr_create_0dst_2src (void *drcontext, int opcode, opnd_t src1, opnd_t src2)

instr_t * instr_create_0dst_3src (void *drcontext, int opcode, opnd_t src1, opnd_t src2, opnd_t src3)

instr_t * instr_create_1dst_0src (void *drcontext, int opcode, opnd_t dst)

instr_t * instr_create_1dst_1src (void *drcontext, int opcode, opnd_t dst, opnd_t src)

instr_t * instr_create_1dst_2src (void *drcontext, int opcode, opnd_t dst, opnd_t src1, opnd_t src2)

instr_t * instr_create_1dst_3src (void *drcontext, int opcode, opnd_t dst, opnd_t src1, opnd_t src2, opnd_t src3)

instr_t * instr_create_1dst_5src (void *drcontext, int opcode, opnd_t dst, opnd_t src1, opnd_t src2, opnd_t src3, opnd_t src4, opnd_t src5)

instr_t * instr_create_2dst_0src (void *drcontext, int opcode, opnd_t dst1, opnd_t dst2)

instr_t * instr_create_2dst_1src (void *drcontext, int opcode, opnd_t dst1, opnd_t dst2, opnd_t src)

instr_t * instr_create_2dst_2src (void *drcontext, int opcode, opnd_t dst1, opnd_t dst2, opnd_t src1, opnd_t src2)

instr_t * instr_create_2dst_3src (void *drcontext, int opcode, opnd_t dst1, opnd_t dst2, opnd_t src1, opnd_t src2, opnd_t src3)

instr_t * instr_create_2dst_4src (void *drcontext, int opcode, opnd_t dst1, opnd_t dst2, opnd_t src1, opnd_t src2, opnd_t src3, opnd_t src4)

instr_t * instr_create_3dst_0src (void *drcontext, int opcode, opnd_t dst1, opnd_t dst2, opnd_t dst3)

instr_t * instr_create_3dst_3src (void *drcontext, int opcode, opnd_t dst1, opnd_t dst2, opnd_t dst3, opnd_t src1, opnd_t src2, opnd_t src3)

instr_t * instr_create_3dst_4src (void *drcontext, int opcode, opnd_t dst1, opnd_t dst2, opnd_t dst3, opnd_t src1, opnd_t src2, opnd_t src3, opnd_t src4)

instr_t * instr_create_3dst_5src (void *drcontext, int opcode, opnd_t dst1, opnd_t dst2, opnd_t dst3, opnd_t src1, opnd_t src2, opnd_t src3, opnd_t src4, opnd_t src5)

instr_t * instr_create_4dst_1src (void *drcontext, int opcode, opnd_t dst1, opnd_t dst2, opnd_t dst3, opnd_t dst4, opnd_t src)

instr_t * instr_create_4dst_4src (void *drcontext, int opcode, opnd_t dst1, opnd_t dst2, opnd_t dst3, opnd_t dst4, opnd_t src1, opnd_t src2, opnd_t src3, opnd_t src4)

instr_t * instr_create_popa (void *drcontext)

instr_t * instr_create_pusha (void *drcontext)

void instr_disassemble (void *drcontext, instr_t *instr, file_t outfile)

Detailed Description

Functions to create and manipulate instructions.

Define Documentation

#define EFLAGS_READ_6 0x0000011f

Reads all 6 arithmetic flags (CF, PF, AF, ZF, SF, OF).

#define EFLAGS_READ_AF 0x00000004

Reads AF (Auxiliary Carry Flag).

#define EFLAGS_READ_ALL 0x000007ff

Reads all flags.

#define EFLAGS_READ_CF 0x00000001

Reads CF (Carry Flag).

#define EFLAGS_READ_DF 0x00000080

Reads DF (Direction Flag).

#define EFLAGS_READ_IF 0x00000040

Reads IF (Interrupt Enable Flag).

#define EFLAGS_READ_NT 0x00000200

Reads NT (Nested Task).

#define EFLAGS_READ_OF 0x00000100

Reads OF (Overflow Flag).

#define EFLAGS_READ_PF 0x00000002

Reads PF (Parity Flag).

#define EFLAGS_READ_RF 0x00000400

Reads RF (Resume Flag).

#define EFLAGS_READ_SF 0x00000010

Reads SF (Sign Flag).

#define EFLAGS_READ_TF 0x00000020

Reads TF (Trap Flag).

#define EFLAGS_READ_TO_WRITE ( x ) ((x) << 11)

Converts an EFLAGS_READ_* value to the corresponding EFLAGS_WRITE_* value.

#define EFLAGS_READ_ZF 0x00000008

Reads ZF (Zero Flag).

#define EFLAGS_WRITE_6 0x0008f800

Writes all 6 arithmetic flags (CF, PF, AF, ZF, SF, OF).

#define EFLAGS_WRITE_AF 0x00002000

Writes AF (Auxiliary Carry Flag).

#define EFLAGS_WRITE_ALL 0x003ff800

Writes all flags.

#define EFLAGS_WRITE_CF 0x00000800

Writes CF (Carry Flag).

#define EFLAGS_WRITE_DF 0x00040000

Writes DF (Direction Flag).

#define EFLAGS_WRITE_IF 0x00020000

Writes IF (Interrupt Enable Flag).

#define EFLAGS_WRITE_NT 0x00100000

Writes NT (Nested Task).

#define EFLAGS_WRITE_OF 0x00080000

Writes OF (Overflow Flag).

#define EFLAGS_WRITE_PF 0x00001000

Writes PF (Parity Flag).

#define EFLAGS_WRITE_RF 0x00200000

Writes RF (Resume Flag).

#define EFLAGS_WRITE_SF 0x00008000

Writes SF (Sign Flag).

#define EFLAGS_WRITE_TF 0x00010000

Writes TF (Trap Flag).

#define EFLAGS_WRITE_TO_READ ( x ) ((x) >> 11)

Converts an EFLAGS_WRITE_* value to the corresponding EFLAGS_READ_* value.

#define EFLAGS_WRITE_ZF 0x00004000

Writes ZF (Zero Flag).

#define PREFIX_JCC_NOT_TAKEN 0x2

Branch hint: conditional branch is taken.

#define PREFIX_JCC_TAKEN 0x4

Branch hint: conditional branch is not taken.

#define PREFIX_LOCK 0x1

Makes the instruction's memory accesses atomic.

Enumeration Type Documentation

anonymous enum

The actual bits in the eflags register that we care about:

   11 10  9  8  7  6  5  4  3  2  1  0
   OF DF       SF ZF    AF    PF    CF

Enumerator:

EFLAGS_CF	The bit in the eflags register of CF (Carry Flag).
EFLAGS_PF	The bit in the eflags register of PF (Parity Flag).
EFLAGS_AF	The bit in the eflags register of AF (Aux Carry Flag).
EFLAGS_ZF	The bit in the eflags register of ZF (Zero Flag).
EFLAGS_SF	The bit in the eflags register of SF (Sign Flag).
EFLAGS_DF	The bit in the eflags register of DF (Direction Flag).
EFLAGS_OF	The bit in the eflags register of OF (Overflow Flag).

Function Documentation

void instr_allocate_raw_bits	(	void *	drcontext,
		instr_t *	instr,
		uint	num_bytes
	)

Allocates num_bytes of memory for instr's raw bits. If instr currently points to raw bits, the allocated memory is initialized with the bytes pointed to. instr is then set to point to the allocated memory.

instr_t* instr_build	(	void *	drcontext,
		int	opcode,
		int	num_dsts,
		int	num_srcs
	)

Convenience routine: calls

instr_create(dcontext)
instr_set_opcode(opcode)
instr_set_num_opnds(dcontext, instr, num_dsts, num_srcs)

and returns the resulting instr_t.

instr_t* instr_build_bits	(	void *	drcontext,
		int	opcode,
		uint	num_bytes
	)

Convenience routine: calls

instr_create(dcontext)
instr_set_opcode(instr, opcode)
instr_allocate_raw_bits(dcontext, instr, num_bytes)

and returns the resulting instr_t.

instr_t* instr_clone	(	void *	drcontext,
		instr_t *	orig
	)

Returns a copy of orig with separately allocated memory for operands and raw bytes if they were present in orig.

int instr_cmovcc_to_jcc ( int cmovcc_opcode )

Converts a cmovcc opcode cmovcc_opcode to the OP_jcc opcode that tests the same bits in eflags.

bool instr_cmovcc_triggered	(	instr_t *	instr,
		reg_t	eflags
	)

Given eflags, returns whether or not the conditional move instruction instr would execute the move. The conditional move can be an OP_cmovcc or an OP_fcmovcc instruction.

app_pc instr_compute_address	(	instr_t *	instr,
		dr_mcontext_t *	mc
	)

Returns NULL if none of instr's operands is a memory reference. Otherwise, returns the effective address of the first memory operand when the operands are considered in this order: destinations and then sources. The address is computed using the passed-in registers.

bool instr_compute_address_ex	(	instr_t *	instr,
		dr_mcontext_t *	mc,
		uint	index,
		OUT app_pc *	addr,
		OUT bool *	write
	)

Performs address calculation in the same manner as instr_compute_address() but handles multiple memory operands. The index parameter should be initially set to 0 and then incremented with each successive call until this routine returns false, which indicates that there are no more memory operands. The address of each is computed in the same manner as instr_compute_address() and returned in addr; whether it is a write is returned in is_write. Either or both OUT variables can be NULL.

instr_t* instr_convert_short_meta_jmp_to_long	(	void *	drcontext,
		instrlist_t *	ilist,
		instr_t *	instr
	)

Assumes that instr is a meta instruction (!instr_ok_to_mangle()) and an instr_is_cti_short() (8-bit reach). Converts instr's opcode to a long form (32-bit reach). If instr's opcode is OP_loop* or OP_jecxz, converts it to a sequence of multiple instructions (which is different from instr_is_cti_short_rewrite()). Each added instruction is marked !instr_ok_to_mangle(). Returns the long form of the instruction, which is identical to instr unless instr is OP_loop* or OP_jecxz, in which case the return value is the final instruction in the sequence, the one that has long reach.

Note:: DR automatically converts non-meta short ctis to long form.

instr_t* instr_create ( void * drcontext )

Returns an initialized instr_t allocated on the thread-local heap. Sets the x86/x64 mode of the returned instr_t to the mode of dcontext.

instr_t* instr_create_0dst_0src	(	void *	drcontext,
		int	opcode
	)

Convenience routine that returns an initialized instr_t allocated on the thread-local heap with opcode opcode and no sources or destinations.

instr_t* instr_create_0dst_1src	(	void *	drcontext,
		int	opcode,
		opnd_t	src
	)

Convenience routine that returns an initialized instr_t allocated on the thread-local heap with opcode opcode and a single source (src).

instr_t* instr_create_0dst_2src	(	void *	drcontext,
		int	opcode,
		opnd_t	src1,
		opnd_t	src2
	)

Convenience routine that returns an initialized instr_t allocated on the thread-local heap with opcode opcode and two sources (src1, src2).

instr_t* instr_create_0dst_3src	(	void *	drcontext,
		int	opcode,
		opnd_t	src1,
		opnd_t	src2,
		opnd_t	src3
	)

Convenience routine that returns an initialized instr_t allocated on the thread-local heap with opcode opcode and three sources (src1, src2, src3).

instr_t* instr_create_1dst_0src	(	void *	drcontext,
		int	opcode,
		opnd_t	dst
	)

Convenience routine that returns an initialized instr_t allocated on the thread-local heap with opcode opcode and one destination (dst).

instr_t* instr_create_1dst_1src	(	void *	drcontext,
		int	opcode,
		opnd_t	dst,
		opnd_t	src
	)

Convenience routine that returns an initialized instr_t allocated on the thread-local heap with opcode opcode, one destination(dst), and one source (src).

instr_t* instr_create_1dst_2src	(	void *	drcontext,
		int	opcode,
		opnd_t	dst,
		opnd_t	src1,
		opnd_t	src2
	)

Convenience routine that returns an initialized instr_t allocated on the thread-local heap with opcode opcode, one destination (dst), and two sources (src1, src2).

instr_t* instr_create_1dst_3src	(	void *	drcontext,
		int	opcode,
		opnd_t	dst,
		opnd_t	src1,
		opnd_t	src2,
		opnd_t	src3
	)

Convenience routine that returns an initialized instr_t allocated on the thread-local heap with opcode opcode, one destination (dst), and three sources (src1, src2, src3).

instr_t* instr_create_1dst_5src	(	void *	drcontext,
		int	opcode,
		opnd_t	dst,
		opnd_t	src1,
		opnd_t	src2,
		opnd_t	src3,
		opnd_t	src4,
		opnd_t	src5
	)

Convenience routine that returns an initialized instr_t allocated on the thread-local heap with opcode opcode, one destination (dst), and five sources (src1, src2, src3, src4, src5).

instr_t* instr_create_2dst_0src	(	void *	drcontext,
		int	opcode,
		opnd_t	dst1,
		opnd_t	dst2
	)

Convenience routine that returns an initialized instr_t allocated on the thread-local heap with opcode opcode, two destinations (dst1, dst2) and no sources.

instr_t* instr_create_2dst_1src	(	void *	drcontext,
		int	opcode,
		opnd_t	dst1,
		opnd_t	dst2,
		opnd_t	src
	)

Convenience routine that returns an initialized instr_t allocated on the thread-local heap with opcode opcode, two destinations (dst1, dst2) and one source (src).

instr_t* instr_create_2dst_2src	(	void *	drcontext,
		int	opcode,
		opnd_t	dst1,
		opnd_t	dst2,
		opnd_t	src1,
		opnd_t	src2
	)

Convenience routine that returns an initialized instr_t allocated on the thread-local heap with opcode opcode, two destinations (dst1, dst2) and two sources (src1, src2).

instr_t* instr_create_2dst_3src	(	void *	drcontext,
		int	opcode,
		opnd_t	dst1,
		opnd_t	dst2,
		opnd_t	src1,
		opnd_t	src2,
		opnd_t	src3
	)

Convenience routine that returns an initialized instr_t allocated on the thread-local heap with opcode opcode, two destinations (dst1, dst2) and three sources (src1, src2, src3).

instr_t* instr_create_2dst_4src	(	void *	drcontext,
		int	opcode,
		opnd_t	dst1,
		opnd_t	dst2,
		opnd_t	src1,
		opnd_t	src2,
		opnd_t	src3,
		opnd_t	src4
	)

Convenience routine that returns an initialized instr_t allocated on the thread-local heap with opcode opcode, two destinations (dst1, dst2) and four sources (src1, src2, src3, src4).

instr_t* instr_create_3dst_0src	(	void *	drcontext,
		int	opcode,
		opnd_t	dst1,
		opnd_t	dst2,
		opnd_t	dst3
	)

Convenience routine that returns an initialized instr_t allocated on the thread-local heap with opcode opcode, three destinations (dst1, dst2, dst3) and no sources.

instr_t* instr_create_3dst_3src	(	void *	drcontext,
		int	opcode,
		opnd_t	dst1,
		opnd_t	dst2,
		opnd_t	dst3,
		opnd_t	src1,
		opnd_t	src2,
		opnd_t	src3
	)

Convenience routine that returns an initialized instr_t allocated on the thread-local heap with opcode opcode, three destinations (dst1, dst2, dst3) and three sources (src1, src2, src3).

instr_t* instr_create_3dst_4src	(	void *	drcontext,
		int	opcode,
		opnd_t	dst1,
		opnd_t	dst2,
		opnd_t	dst3,
		opnd_t	src1,
		opnd_t	src2,
		opnd_t	src3,
		opnd_t	src4
	)

Convenience routine that returns an initialized instr_t allocated on the thread-local heap with opcode opcode, three destinations (dst1, dst2, dst3) and four sources (src1, src2, src3, src4).

instr_t* instr_create_3dst_5src	(	void *	drcontext,
		int	opcode,
		opnd_t	dst1,
		opnd_t	dst2,
		opnd_t	dst3,
		opnd_t	src1,
		opnd_t	src2,
		opnd_t	src3,
		opnd_t	src4,
		opnd_t	src5
	)

Convenience routine that returns an initialized instr_t allocated on the thread-local heap with opcode opcode, three destinations (dst1, dst2, dst3) and five sources (src1, src2, src3, src4, src5).

instr_t* instr_create_4dst_1src	(	void *	drcontext,
		int	opcode,
		opnd_t	dst1,
		opnd_t	dst2,
		opnd_t	dst3,
		opnd_t	dst4,
		opnd_t	src
	)

Convenience routine that returns an initialized instr_t allocated on the thread-local heap with opcode opcode, four destinations (dst1, dst2, dst3, dst4) and 1 source (src).

instr_t* instr_create_4dst_4src	(	void *	drcontext,
		int	opcode,
		opnd_t	dst1,
		opnd_t	dst2,
		opnd_t	dst3,
		opnd_t	dst4,
		opnd_t	src1,
		opnd_t	src2,
		opnd_t	src3,
		opnd_t	src4
	)

Convenience routine that returns an initialized instr_t allocated on the thread-local heap with opcode opcode, four destinations (dst1, dst2, dst3, dst4) and four sources (src1, src2, src3, src4).

instr_t* instr_create_popa ( void * drcontext )

Convenience routine that returns an initialized instr_t for OP_popa.

instr_t* instr_create_pusha ( void * drcontext )

Convenience routine that returns an initialized instr_t for OP_pusha.

void instr_destroy	(	void *	drcontext,
		instr_t *	instr
	)

Performs instr_free() and then deallocates the thread-local heap storage for instr.

void instr_disassemble	(	void *	drcontext,
		instr_t *	instr,
		file_t	outfile
	)

Prints the instruction instr to file outfile. Does not print address-size or data-size prefixes for other than just-decoded instrs, and does not check that the instruction has a valid encoding. Prints each operand with leading zeros indicating the size. The default is to use AT&T-style syntax, unless the -syntax_intel runtime option is specified.

byte* instr_encode	(	void *	drcontext,
		instr_t *	instr,
		byte *	pc
	)

Encodes instr into the memory at pc. Uses the x86/x64 mode stored in instr, not the mode of the current thread. Returns the pc after the encoded instr, or NULL if the encoding failed. If instr is a cti with an instr_t target, the note fields of instr and of the target must be set with the respective offsets of each instr_t! (instrlist_encode does this automatically, if the target is in the list).

void instr_free	(	void *	drcontext,
		instr_t *	instr
	)

Deallocates all memory that was allocated by instr. This includes raw bytes allocated by instr_allocate_raw_bits() and operands allocated by instr_set_num_opnds(). Does not deallocate the storage for instr itself.

void instr_free_raw_bits	(	void *	drcontext,
		instr_t *	instr
	)

If instr has raw bits allocated, frees them.

app_pc instr_get_app_pc ( instr_t * instr )

Get the original application PC of instr if it exists.

uint instr_get_arith_flags ( instr_t * instr )

Returns instr's arithmetic flags (bottom 6 eflags) use as EFLAGS_ constants or'ed together. If instr's eflags behavior has not been calculated yet or is invalid, the entire eflags use is calculated and returned (not just the arithmetic flags).

app_pc instr_get_branch_target_pc ( instr_t * cti_instr )

Return the taken target pc of the (direct branch) instruction.

opnd_t instr_get_dst	(	instr_t *	instr,
		uint	pos
	)

Returns instr's destination operand at position pos (0-based).

uint instr_get_eflags ( instr_t * instr )

Returns instr's eflags use as EFLAGS_ constants or'ed together.

int instr_get_interrupt_number ( instr_t * instr )

Assumes that instr's opcode is OP_int and that either instr's operands or its raw bits are valid. Returns the first source operand if instr's operands are valid, else if instr's raw bits are valid returns the first raw byte.

instr_t* instr_get_next ( instr_t * instr )

Returns the next instr_t in the instrlist_t that contains instr.

Note:: The next pointer for an instr_t is inside the instr_t data structure itself, making it impossible to have on instr_t in two different InstrLists (but removing the need for an extra data structure for each element of the instrlist_t).

void* instr_get_note ( instr_t * instr )

Gets the value of the user-controlled note field in instr.

Note:: Important: is also used when emitting for targets that are other instructions, so make sure to clear or set appropriately the note field prior to emitting.

int instr_get_opcode ( instr_t * instr )

Returns instr's opcode (an OP_ constant).

uint instr_get_opcode_eflags ( int opcode )

Returns the eflags usage of instructions with opcode opcode, as EFLAGS_ constants or'ed together.

bool instr_get_prefix_flag	(	instr_t *	instr,
		uint	prefix
	)

Assumes that prefix is a PREFIX_ constant. Returns true if instr's prefixes contain the flag prefix.

instr_t* instr_get_prev ( instr_t * instr )

Returns the previous instr_t in the instrlist_t that contains instr.

byte* instr_get_raw_bits ( instr_t * instr )

Assumes that instr's raw bits are valid. Returns a pointer to instr's raw bits.

Note:: A freshly-decoded instruction has valid raw bits that point to the address from which it was decoded.

byte instr_get_raw_byte	(	instr_t *	instr,
		uint	pos
	)

Assumes that instr's raw bits are valid and have > pos bytes. Returns a pointer to instr's raw byte at position pos (beginning with 0).

uint instr_get_raw_word	(	instr_t *	instr,
		uint	pos
	)

Assumes that instr's raw bits are valid and have > pos + 3 bytes. Returns the 4 bytes beginning at position pos (0-based).

int instr_get_rel_addr_dst_idx ( instr_t * instr )

If any of instr's destination operands is a rip-relative memory reference, returns the operand position. If there is no such destination operand, returns -1.

Note:: For 64-bit DR builds only.

int instr_get_rel_addr_src_idx ( instr_t * instr )

If any of instr's source operands is a rip-relative memory reference, returns the operand position. If there is no such source operand, returns -1.

Note:: For 64-bit DR builds only.

bool instr_get_rel_addr_target	(	instr_t *	instr,
		app_pc *	target
	)

If any of instr's operands is a rip-relative memory reference, returns the address that reference targets. Else returns false.

Note:: For 64-bit DR builds only.

opnd_t instr_get_src	(	instr_t *	instr,
		uint	pos
	)

Returns instr's source operand at position pos (0-based).

opnd_t instr_get_target ( instr_t * cti_instr )

Assumes that cti_instr is a control transfer instruction Returns the first source operand of cti_instr (its target).

bool instr_get_x86_mode ( instr_t * instr )

Returns true if instr is an x86 instruction (32-bit) and false if instr is an x64 instruction (64-bit).

Note:: For 64-bit DR builds only.

bool instr_has_allocated_bits ( instr_t * instr )

Returns true iff instr has its own allocated memory for raw bits.

bool instr_has_rel_addr_reference ( instr_t * instr )

Returns true iff any of instr's operands is a rip-relative memory reference.

Note:: For 64-bit DR builds only.

void instr_init	(	void *	drcontext,
		instr_t *	instr
	)

Initializes instr. Sets the x86/x64 mode of instr to the mode of dcontext.

void instr_invert_cbr ( instr_t * instr )

Assumes that instr is a conditional branch instruction Reverses the logic of instr's conditional e.g., changes OP_jb to OP_jnb. Works on cti_short_rewrite as well.

bool instr_is_call ( instr_t * instr )

Returns true iff instr's opcode is OP_call, OP_call_far, OP_call_ind, or OP_call_far_ind.

bool instr_is_call_direct ( instr_t * instr )

Returns true iff instr's opcode is OP_call or OP_call_far.

bool instr_is_call_indirect ( instr_t * instr )

Returns true iff instr's opcode is OP_call_ind or OP_call_far_ind.

bool instr_is_cbr ( instr_t * instr )

Returns true iff instr is a conditional branch: OP_jcc, OP_jcc_short, OP_loop*, or OP_jecxz.

bool instr_is_cti ( instr_t * instr )

Returns true iff instr is a control transfer instruction of any kind This includes OP_jcc, OP_jcc_short, OP_loop*, OP_jecxz, OP_call*, and OP_jmp*.

bool instr_is_cti_loop ( instr_t * instr )

Returns true iff instr is one of OP_loop* or OP_jecxz.

bool instr_is_cti_short ( instr_t * instr )

Returns true iff instr is a control transfer instruction that takes an 8-bit offset: OP_loop*, OP_jecxz, OP_jmp_short, or OP_jcc_short

bool instr_is_cti_short_rewrite	(	instr_t *	instr,
		byte *	pc
	)

Returns true iff instr's opcode is OP_loop* or OP_jecxz and instr has been transformed to a sequence of instruction that will allow a 32-bit offset. If pc != NULL, pc is expected to point the the beginning of the encoding of instr, and the following instructions are assumed to be encoded in sequence after instr. Otherwise, the encoding is expected to be found in instr's allocated bits.

bool instr_is_encoding_possible ( instr_t * instr )

Returns true iff instr can be encoding as a valid IA-32 instruction.

bool instr_is_exit_cti ( instr_t * instr )

Returns true iff instr is a conditional branch, unconditional branch, or indirect branch with a program address target (NOT an instr_t address target) and instr is ok to mangle.

bool instr_is_far_abs_cti ( instr_t * instr )

Returns true if instr is an absolute call or jmp that is far.

bool instr_is_far_cti ( instr_t * instr )

Returns true iff instr is a far control transfer instruction: OP_jmp_far, OP_call_far, OP_jmp_far_ind, OP_call_far_ind, OP_ret_far, or OP_iret.

bool instr_is_floating ( instr_t * instr )

Returns true iff instr is a floating point instruction.

bool instr_is_interrupt ( instr_t * instr )

Return true iff instr's opcode is OP_int, OP_into, or OP_int3.

bool instr_is_label ( instr_t * instr )

Returns true iff instr is a label meta-instruction.

bool instr_is_mbr ( instr_t * instr )

Returns true iff instr is a multi-way (indirect) branch: OP_jmp_ind, OP_call_ind, OP_ret, OP_jmp_far_ind, OP_call_far_ind, OP_ret_far, or OP_iret.

bool instr_is_meta_may_fault ( instr_t * instr )

Return true iff instr is not a meta-instruction that can fault (see instr_set_meta_may_fault() for more information).

bool instr_is_mmx ( instr_t * instr )

Returns true iff instr is part of Intel's MMX instructions.

bool instr_is_mov ( instr_t * instr )

Returns true iff instr is an IA-32 "mov" instruction: either OP_mov_st, OP_mov_ld, OP_mov_imm, OP_mov_seg, or OP_mov_priv.

bool instr_is_mov_constant	(	instr_t *	instr,
		ptr_int_t *	value
	)

Tries to identify common cases of moving a constant into either a register or a memory address. Returns true and sets *value to the constant being moved for the following cases: mov_imm, mov_st, and xor where the source equals the destination.

bool instr_is_mov_imm_to_tos ( instr_t * instr )

Returns true iff instr is a "mov $imm -> (%esp)".

bool instr_is_nop ( instr_t * instr )

Returns true if instr is one of a class of common nops. currently checks:

xchg reg, reg
mov reg, reg
lea reg, (reg)

bool instr_is_prefetch ( instr_t * instr )

Returns true iff instr is a prefetch instruction: OP_prefetchnta, OP_prefetchnt0, OP_prefetchnt1, OP_prefetchnt2, OP_prefetch, or OP_prefetchw.

bool instr_is_return ( instr_t * instr )

Returns true iff instr's opcode is OP_ret, OP_ret_far, or OP_iret.

bool instr_is_sse_or_sse2 ( instr_t * instr )

Returns true iff instr is part of Intel's SSE or SSE2 instructions.

bool instr_is_syscall ( instr_t * instr )

Returns true iff instr is used to implement system calls: OP_int with a source operand of 0x80 on linux or 0x2e on windows, or OP_sysenter, or OP_syscall, or instr_is_wow64_syscall() for WOW64.

bool instr_is_ubr ( instr_t * instr )

Returns true iff instr is an unconditional direct branch: OP_jmp, OP_jmp_short, or OP_jmp_far.

bool instr_is_undefined ( instr_t * instr )

Returns true iff instr is an "undefined" instruction (ud2)

bool instr_is_wow64_syscall ( instr_t * instr )

Returns true iff instr is the indirect transfer from the 32-bit ntdll.dll to the wow64 system call emulation layer. This instruction will also return true for instr_is_syscall, as well as appear as an indirect call, so clients modifying indirect calls may want to avoid modifying this type.

Note:: Windows-only

bool instr_jcc_taken	(	instr_t *	instr,
		reg_t	eflags
	)

Given eflags, returns whether or not the conditional branch, instr, would be taken.

int instr_length	(	void *	drcontext,
		instr_t *	instr
	)

Returns the length of instr. As a side effect, if instr_ok_to_mangle(instr) and instr's raw bits are invalid, encodes instr into bytes allocated with instr_allocate_raw_bits(), after which instr is marked as having valid raw bits.

void instr_make_persistent	(	void *	drcontext,
		instr_t *	instr
	)

Calling this function with instr makes it safe to keep the instruction around indefinitely when its raw bits point into the cache. The function allocates memory local to instr to hold a copy of the raw bits. If this was not done, the original raw bits could be deleted at some point. Making an instruction persistent is necessary if you want to keep it beyond returning from the call that produced the instruction.

int instr_mem_usage ( instr_t * instr )

Returns number of bytes of heap used by instr.

uint instr_memory_reference_size ( instr_t * instr )

Calculates the size, in bytes, of the memory read or write of instr. If instr does not reference memory, or is invalid, returns 0. If instr is a repeated string instruction, considers only one iteration.

bool instr_needs_encoding ( instr_t * instr )

Returns true iff instr's raw bits are not a valid encoding of instr.

int instr_num_dsts ( instr_t * instr )

Returns the number of destination operands of instr.

int instr_num_srcs ( instr_t * instr )

Returns the number of source operands of instr.

Note:: Addressing registers used in destination memory references (i.e., base, index, or segment registers) are not separately listed as source operands.

bool instr_ok_to_emit ( instr_t * instr )

Return true iff instr is to be emitted into the cache.

bool instr_ok_to_mangle ( instr_t * instr )

Return true iff instr is not a meta-instruction (see instr_set_ok_to_mangle() for more information).

bool instr_opcode_valid ( instr_t * instr )

Returns true iff instr's opcode is valid. If the opcode is ever set to other than OP_INVALID or OP_UNDECODED it is assumed to be valid. However, calling instr_get_opcode() will attempt to decode a valid opcode, hence the purpose of this routine.

bool instr_operands_valid ( instr_t * instr )

Returns true iff instr's operands are up to date.

bool instr_raw_bits_valid ( instr_t * instr )

Returns true iff instr's raw bits are a valid encoding of instr.

bool instr_reads_from_reg	(	instr_t *	instr,
		reg_id_t	reg
	)

Assumes that reg is a REG_ constant. Returns true iff at least one of instr's operands reads from a register that overlaps reg (checks both source operands and addressing registers used in destination operands).

bool instr_reads_memory ( instr_t * instr )

Returns true iff any of instr's source operands is a memory reference.

bool instr_reg_in_dst	(	instr_t *	instr,
		reg_id_t	reg
	)

Assumes that reg is a REG_ constant. Returns true iff at least one of instr's destination operands references reg.

bool instr_reg_in_src	(	instr_t *	instr,
		reg_id_t	reg
	)

Assumes that reg is a REG_ constant. Returns true iff at least one of instr's source operands references reg.

Note:: Use instr_reads_from_reg() to also consider addressing registers in destination operands.

bool instr_replace_src_opnd	(	instr_t *	instr,
		opnd_t	old_opnd,
		opnd_t	new_opnd
	)

Replaces all instances of old_opnd in instr's source operands with new_opnd (uses opnd_same() to detect sameness).

void instr_reset	(	void *	drcontext,
		instr_t *	instr
	)

Performs both instr_free() and instr_init(). instr must have been initialized.

void instr_reuse	(	void *	drcontext,
		instr_t *	instr
	)

Frees all dynamically allocated storage that was allocated by instr, except for allocated bits. Also zeroes out instr's fields, except for raw bit fields, whether instr is instr_ok_to_mangle(), and the x86 mode of instr. instr must have been initialized.

bool instr_same	(	instr_t *	instr1,
		instr_t *	instr2
	)

Returns true iff instr1 and instr2 have the same opcode, prefixes, and source and destination operands (uses opnd_same() to compare the operands).

void instr_set_branch_target_pc	(	instr_t *	cti_instr,
		app_pc	pc
	)

Set the taken target pc of the (direct branch) instruction.

void instr_set_dst	(	instr_t *	instr,
		uint	pos,
		opnd_t	opnd
	)

Sets instr's destination operand at position pos to be opnd. Also calls instr_set_raw_bits_valid(instr, false) and instr_set_operands_valid(instr, true).

void instr_set_meta_may_fault	(	instr_t *	instr,
		bool	val
	)

Sets instr as a "meta-instruction that can fault" if val is true and clears that property if val is false. This property is only meaningful for instructions that are marked as "ok to mangle" (see instr_set_ok_to_mangle()). Normally such instructions are treated as application instructions (i.e., not as meta-instructions). The "meta-instruction that can fault" property indicates that an instruction should be treated as an application instruction for purposes of fault translation, but not for purposes of mangling. The property should only be set for instructions that do not access application memory and therefore do not need sandboxing to ensure they do not change application code, yet do access client memory and may deliberately fault (usually to move a rare case out of the code path and to a fault-based path).

void instr_set_meta_no_translation ( instr_t * instr )

A convenience routine that calls both instr_set_ok_to_mangle (instr, false) and instr_set_translation (instr, NULL).

void instr_set_next	(	instr_t *	instr,
		instr_t *	next
	)

Sets the next field of instr to point to next.

void instr_set_note	(	instr_t *	instr,
		void *	value
	)

Sets the user-controlled note field in instr to value.

void instr_set_num_opnds	(	void *	drcontext,
		instr_t *	instr,
		int	num_dsts,
		int	num_srcs
	)

Assumes that instr has been initialized but does not have any operands yet. Allocates storage for num_srcs source operands and num_dsts destination operands.

void instr_set_ok_to_emit	(	instr_t *	instr,
		bool	val
	)

Set instr to "ok to emit" if val is true and "not ok to emit" if val is false. An instruction that should not be emitted is treated normally by DR for purposes of exits but is not placed into the cache. It is used for final jumps that are to be elided.

void instr_set_ok_to_mangle	(	instr_t *	instr,
		bool	val
	)

Sets instr to "ok to mangle" if val is true and "not ok to mangle" if val is false. An instruction that is "not ok to mangle" is treated by DR as a "meta-instruction", distinct from normal application instructions, and is not mangled in any way. This is necessary to have DR not create an exit stub for a direct jump. All non-meta instructions that are added to basic blocks or traces should have their translation fields set (via instr_set_translation(), or the convenience routine instr_set_meta_no_translation()) when recreating state at a fault; meta instructions should not fault and are not considered application instructions but rather added instrumentation code (see dr_register_bb_event() for further information on recreating).

Note:: For meta-instructions that can fault but only when accessing client memory and that never access application memory, the "meta-instruction that can fault" property can be set via instr_set_meta_may_fault to avoid incurring the cost of added sandboxing checks that look for changes to application code.

void instr_set_opcode	(	instr_t *	instr,
		int	opcode
	)

Assumes opcode is an OP_ constant and sets it to be instr's opcode.

void instr_set_operands_valid	(	instr_t *	instr,
		bool	valid
	)

Sets instr's operands to be valid if valid is true, invalid otherwise.

instr_t* instr_set_prefix_flag	(	instr_t *	instr,
		uint	prefix
	)

Assumes that prefix is a PREFIX_ constant. Ors instr's prefixes with prefix. Returns the supplied instr (for easy chaining).

void instr_set_prev	(	instr_t *	instr,
		instr_t *	prev
	)

Sets the prev field of instr to point to prev.

void instr_set_raw_bits	(	instr_t *	instr,
		byte *	addr,
		uint	length
	)

Assumes that instr does not currently have any raw bits allocated. Sets instr's raw bits to be length bytes starting at addr. Does not set the operands invalid.

void instr_set_raw_bits_valid	(	instr_t *	instr,
		bool	valid
	)

Sets instr's raw bits to be valid if valid is true, invalid otherwise.

void instr_set_raw_byte	(	instr_t *	instr,
		uint	pos,
		byte	byte
	)

Assumes that instr's raw bits are valid and allocated by instr and have > pos bytes. Sets instr's raw byte at position pos (beginning with 0) to the value byte.

void instr_set_raw_bytes	(	instr_t *	instr,
		byte *	start,
		uint	num_bytes
	)

Assumes that instr's raw bits are valid and allocated by instr and have >= num_bytes bytes. Copies the num_bytes beginning at start to instr's raw bits.

void instr_set_raw_word	(	instr_t *	instr,
		uint	pos,
		uint	word
	)

Assumes that instr's raw bits are valid and allocated by instr and have > pos+3 bytes. Sets the 4 bytes beginning at position pos (0-based) to the value word.

void instr_set_src	(	instr_t *	instr,
		uint	pos,
		opnd_t	opnd
	)

Sets instr's source operand at position pos to be opnd. Also calls instr_set_raw_bits_valid(instr, false) and instr_set_operands_valid(instr, true).

void instr_set_target	(	instr_t *	cti_instr,
		opnd_t	target
	)

Assumes that cti_instr is a control transfer instruction. Sets the first source operand of cti_instr to be target. Also calls instr_set_raw_bits_valid(instr, false) and instr_set_operands_valid(instr, true).

instr_t* instr_set_translation	(	instr_t *	instr,
		app_pc	addr
	)

Sets the translation pointer for instr, used to recreate the application address corresponding to this instruction. When adding or modifying instructions that are to be considered application instructions (i.e., non meta-instructions: see instr_ok_to_mangle), the translation should always be set. Pick the application address that if executed will be equivalent to restarting instr. Returns the supplied instr (for easy chaining). Use instr_get_app_pc to see the current value of the translation.

void instr_set_x86_mode	(	instr_t *	instr,
		bool	x86
	)

Each instruction stores whether it should be interpreted in 32-bit (x86) or 64-bit (x64) mode. This routine sets the mode for instr.

Note:: For 64-bit DR builds only.

void instr_shrink_to_16_bits ( instr_t * instr )

Shrinks all registers not used as addresses, and all immed integer and address sizes, to 16 bits. Does not shrink REG_ESI or REG_EDI used in string instructions.

void instr_shrink_to_32_bits ( instr_t * instr )

Shrinks all registers, including addresses, and all immed integer and address sizes, to 32 bits.

Note:: For 64-bit DR builds only.

bool instr_uses_fp_reg ( instr_t * instr )

Returns true iff at least one of instr's operands references a floating point register.

bool instr_uses_reg	(	instr_t *	instr,
		reg_id_t	reg
	)

Assumes that reg is a REG_ constant. Returns true iff at least one of instr's operands references a register that overlaps reg.

bool instr_valid ( instr_t * instr )

Returns true iff instr's opcode is NOT OP_INVALID. Not to be confused with an invalid opcode, which can be OP_INVALID or OP_UNDECODED. OP_INVALID means an instruction with no valid fields: raw bits (may exist but do not correspond to a valid instr), opcode, eflags, or operands. It could be an uninitialized instruction or the result of decoding an invalid sequence of bytes.

bool instr_writes_memory ( instr_t * instr )

Returns true iff any of instr's destination operands is a memory reference.

bool instr_writes_to_exact_reg	(	instr_t *	instr,
		reg_id_t	reg
	)

Assumes that reg is a REG_ constant. Returns true iff at least one of instr's destination operands is the same register (not enough to just overlap) as reg.

bool instr_writes_to_reg	(	instr_t *	instr,
		reg_id_t	reg
	)

Assumes that reg is a REG_ constant. Returns true iff at least one of instr's destination operands is a register operand for a register that overlaps reg.


Defines
#define	EFLAGS_READ_CF 0x00000001
#define	EFLAGS_READ_PF 0x00000002
#define	EFLAGS_READ_AF 0x00000004
#define	EFLAGS_READ_ZF 0x00000008
#define	EFLAGS_READ_SF 0x00000010
#define	EFLAGS_READ_TF 0x00000020
#define	EFLAGS_READ_IF 0x00000040
#define	EFLAGS_READ_DF 0x00000080
#define	EFLAGS_READ_OF 0x00000100
#define	EFLAGS_READ_NT 0x00000200
#define	EFLAGS_READ_RF 0x00000400
#define	EFLAGS_WRITE_CF 0x00000800
#define	EFLAGS_WRITE_PF 0x00001000
#define	EFLAGS_WRITE_AF 0x00002000
#define	EFLAGS_WRITE_ZF 0x00004000
#define	EFLAGS_WRITE_SF 0x00008000
#define	EFLAGS_WRITE_TF 0x00010000
#define	EFLAGS_WRITE_IF 0x00020000
#define	EFLAGS_WRITE_DF 0x00040000
#define	EFLAGS_WRITE_OF 0x00080000
#define	EFLAGS_WRITE_NT 0x00100000
#define	EFLAGS_WRITE_RF 0x00200000
#define	EFLAGS_READ_ALL 0x000007ff
#define	EFLAGS_WRITE_ALL 0x003ff800
#define	EFLAGS_READ_6 0x0000011f
#define	EFLAGS_WRITE_6 0x0008f800
#define	EFLAGS_WRITE_TO_READ(x) ((x) >> 11)
#define	EFLAGS_READ_TO_WRITE(x) ((x) << 11)
#define	PREFIX_LOCK 0x1
#define	PREFIX_JCC_NOT_TAKEN 0x2
#define	PREFIX_JCC_TAKEN 0x4
Enumerations
enum	{ EFLAGS_CF = 0x00000001, EFLAGS_PF = 0x00000004, EFLAGS_AF = 0x00000010, EFLAGS_ZF = 0x00000040, EFLAGS_SF = 0x00000080, EFLAGS_DF = 0x00000400, EFLAGS_OF = 0x00000800 }
Functions
instr_t *	instr_create (void *drcontext)
void	instr_init (void drcontext, instr_t instr)
void	instr_free (void drcontext, instr_t instr)
void	instr_reset (void drcontext, instr_t instr)
void	instr_reuse (void drcontext, instr_t instr)
void	instr_destroy (void drcontext, instr_t instr)
instr_t *	instr_get_next (instr_t *instr)
instr_t *	instr_get_prev (instr_t *instr)
void	instr_set_next (instr_t instr, instr_t next)
void	instr_set_prev (instr_t instr, instr_t prev)
void *	instr_get_note (instr_t *instr)
void	instr_set_note (instr_t instr, void value)
app_pc	instr_get_branch_target_pc (instr_t *cti_instr)
void	instr_set_branch_target_pc (instr_t *cti_instr, app_pc pc)
bool	instr_is_exit_cti (instr_t *instr)
bool	instr_is_interrupt (instr_t *instr)
bool	instr_ok_to_mangle (instr_t *instr)
void	instr_set_ok_to_mangle (instr_t *instr, bool val)
void	instr_set_meta_no_translation (instr_t *instr)
bool	instr_ok_to_emit (instr_t *instr)
void	instr_set_ok_to_emit (instr_t *instr, bool val)
int	instr_length (void drcontext, instr_t instr)
bool	instr_is_encoding_possible (instr_t *instr)
byte *	instr_encode (void drcontext, instr_t instr, byte *pc)
int	instr_mem_usage (instr_t *instr)
instr_t *	instr_clone (void drcontext, instr_t orig)
instr_t *	instr_build (void *drcontext, int opcode, int num_dsts, int num_srcs)
instr_t *	instr_build_bits (void *drcontext, int opcode, uint num_bytes)
bool	instr_valid (instr_t *instr)
app_pc	instr_get_app_pc (instr_t *instr)
int	instr_get_opcode (instr_t *instr)
void	instr_set_opcode (instr_t *instr, int opcode)
int	instr_num_srcs (instr_t *instr)
int	instr_num_dsts (instr_t *instr)
void	instr_set_num_opnds (void drcontext, instr_t instr, int num_dsts, int num_srcs)
opnd_t	instr_get_src (instr_t *instr, uint pos)
opnd_t	instr_get_dst (instr_t *instr, uint pos)
void	instr_set_src (instr_t *instr, uint pos, opnd_t opnd)
void	instr_set_dst (instr_t *instr, uint pos, opnd_t opnd)
opnd_t	instr_get_target (instr_t *cti_instr)
void	instr_set_target (instr_t *cti_instr, opnd_t target)
bool	instr_operands_valid (instr_t *instr)
void	instr_set_operands_valid (instr_t *instr, bool valid)
bool	instr_opcode_valid (instr_t *instr)
uint	instr_get_eflags (instr_t *instr)
uint	instr_get_opcode_eflags (int opcode)
uint	instr_get_arith_flags (instr_t *instr)
void	instr_set_raw_bits (instr_t instr, byte addr, uint length)
void	instr_set_raw_bits_valid (instr_t *instr, bool valid)
bool	instr_raw_bits_valid (instr_t *instr)
bool	instr_has_allocated_bits (instr_t *instr)
bool	instr_needs_encoding (instr_t *instr)
bool	instr_is_meta_may_fault (instr_t *instr)
void	instr_set_meta_may_fault (instr_t *instr, bool val)
void	instr_allocate_raw_bits (void drcontext, instr_t instr, uint num_bytes)
instr_t *	instr_set_translation (instr_t *instr, app_pc addr)
void	instr_make_persistent (void drcontext, instr_t instr)
byte *	instr_get_raw_bits (instr_t *instr)
void	instr_free_raw_bits (void drcontext, instr_t instr)
byte	instr_get_raw_byte (instr_t *instr, uint pos)
void	instr_set_raw_byte (instr_t *instr, uint pos, byte byte)
void	instr_set_raw_bytes (instr_t instr, byte start, uint num_bytes)
void	instr_set_raw_word (instr_t *instr, uint pos, uint word)
uint	instr_get_raw_word (instr_t *instr, uint pos)
instr_t *	instr_set_prefix_flag (instr_t *instr, uint prefix)
bool	instr_get_prefix_flag (instr_t *instr, uint prefix)
void	instr_set_x86_mode (instr_t *instr, bool x86)
bool	instr_get_x86_mode (instr_t *instr)
void	instr_shrink_to_16_bits (instr_t *instr)
void	instr_shrink_to_32_bits (instr_t *instr)
bool	instr_uses_reg (instr_t *instr, reg_id_t reg)
bool	instr_uses_fp_reg (instr_t *instr)
bool	instr_reg_in_src (instr_t *instr, reg_id_t reg)
bool	instr_reg_in_dst (instr_t *instr, reg_id_t reg)
bool	instr_writes_to_reg (instr_t *instr, reg_id_t reg)
bool	instr_reads_from_reg (instr_t *instr, reg_id_t reg)
bool	instr_writes_to_exact_reg (instr_t *instr, reg_id_t reg)
bool	instr_replace_src_opnd (instr_t *instr, opnd_t old_opnd, opnd_t new_opnd)
bool	instr_same (instr_t instr1, instr_t instr2)
bool	instr_reads_memory (instr_t *instr)
bool	instr_writes_memory (instr_t *instr)
bool	instr_has_rel_addr_reference (instr_t *instr)
bool	instr_get_rel_addr_target (instr_t instr, app_pc target)
int	instr_get_rel_addr_dst_idx (instr_t *instr)
int	instr_get_rel_addr_src_idx (instr_t *instr)
app_pc	instr_compute_address (instr_t instr, dr_mcontext_t mc)
bool	instr_compute_address_ex (instr_t instr, dr_mcontext_t mc, uint index, OUT app_pc addr, OUT bool write)
uint	instr_memory_reference_size (instr_t *instr)
bool	instr_is_mov (instr_t *instr)
bool	instr_is_call (instr_t *instr)
bool	instr_is_call_direct (instr_t *instr)
bool	instr_is_call_indirect (instr_t *instr)
bool	instr_is_return (instr_t *instr)
bool	instr_is_cti (instr_t *instr)
bool	instr_is_cti_short (instr_t *instr)
bool	instr_is_cti_loop (instr_t *instr)
bool	instr_is_cti_short_rewrite (instr_t instr, byte pc)
bool	instr_is_cbr (instr_t *instr)
bool	instr_is_mbr (instr_t *instr)
bool	instr_is_ubr (instr_t *instr)
bool	instr_is_far_cti (instr_t *instr)
bool	instr_is_far_abs_cti (instr_t *instr)
bool	instr_is_syscall (instr_t *instr)
bool	instr_is_wow64_syscall (instr_t *instr)
bool	instr_is_prefetch (instr_t *instr)
bool	instr_is_mov_constant (instr_t instr, ptr_int_t value)
bool	instr_is_floating (instr_t *instr)
bool	instr_is_mmx (instr_t *instr)
bool	instr_is_sse_or_sse2 (instr_t *instr)
bool	instr_is_mov_imm_to_tos (instr_t *instr)
bool	instr_is_label (instr_t *instr)
bool	instr_is_undefined (instr_t *instr)
int	instr_get_interrupt_number (instr_t *instr)
void	instr_invert_cbr (instr_t *instr)
instr_t *	instr_convert_short_meta_jmp_to_long (void drcontext, instrlist_t ilist, instr_t *instr)
bool	instr_jcc_taken (instr_t *instr, reg_t eflags)
int	instr_cmovcc_to_jcc (int cmovcc_opcode)
bool	instr_cmovcc_triggered (instr_t *instr, reg_t eflags)
bool	instr_is_nop (instr_t *instr)
instr_t *	instr_create_0dst_0src (void *drcontext, int opcode)
instr_t *	instr_create_0dst_1src (void *drcontext, int opcode, opnd_t src)
instr_t *	instr_create_0dst_2src (void *drcontext, int opcode, opnd_t src1, opnd_t src2)
instr_t *	instr_create_0dst_3src (void *drcontext, int opcode, opnd_t src1, opnd_t src2, opnd_t src3)
instr_t *	instr_create_1dst_0src (void *drcontext, int opcode, opnd_t dst)
instr_t *	instr_create_1dst_1src (void *drcontext, int opcode, opnd_t dst, opnd_t src)
instr_t *	instr_create_1dst_2src (void *drcontext, int opcode, opnd_t dst, opnd_t src1, opnd_t src2)
instr_t *	instr_create_1dst_3src (void *drcontext, int opcode, opnd_t dst, opnd_t src1, opnd_t src2, opnd_t src3)
instr_t *	instr_create_1dst_5src (void *drcontext, int opcode, opnd_t dst, opnd_t src1, opnd_t src2, opnd_t src3, opnd_t src4, opnd_t src5)
instr_t *	instr_create_2dst_0src (void *drcontext, int opcode, opnd_t dst1, opnd_t dst2)
instr_t *	instr_create_2dst_1src (void *drcontext, int opcode, opnd_t dst1, opnd_t dst2, opnd_t src)
instr_t *	instr_create_2dst_2src (void *drcontext, int opcode, opnd_t dst1, opnd_t dst2, opnd_t src1, opnd_t src2)
instr_t *	instr_create_2dst_3src (void *drcontext, int opcode, opnd_t dst1, opnd_t dst2, opnd_t src1, opnd_t src2, opnd_t src3)
instr_t *	instr_create_2dst_4src (void *drcontext, int opcode, opnd_t dst1, opnd_t dst2, opnd_t src1, opnd_t src2, opnd_t src3, opnd_t src4)
instr_t *	instr_create_3dst_0src (void *drcontext, int opcode, opnd_t dst1, opnd_t dst2, opnd_t dst3)
instr_t *	instr_create_3dst_3src (void *drcontext, int opcode, opnd_t dst1, opnd_t dst2, opnd_t dst3, opnd_t src1, opnd_t src2, opnd_t src3)
instr_t *	instr_create_3dst_4src (void *drcontext, int opcode, opnd_t dst1, opnd_t dst2, opnd_t dst3, opnd_t src1, opnd_t src2, opnd_t src3, opnd_t src4)
instr_t *	instr_create_3dst_5src (void *drcontext, int opcode, opnd_t dst1, opnd_t dst2, opnd_t dst3, opnd_t src1, opnd_t src2, opnd_t src3, opnd_t src4, opnd_t src5)
instr_t *	instr_create_4dst_1src (void *drcontext, int opcode, opnd_t dst1, opnd_t dst2, opnd_t dst3, opnd_t dst4, opnd_t src)
instr_t *	instr_create_4dst_4src (void *drcontext, int opcode, opnd_t dst1, opnd_t dst2, opnd_t dst3, opnd_t dst4, opnd_t src1, opnd_t src2, opnd_t src3, opnd_t src4)
instr_t *	instr_create_popa (void *drcontext)
instr_t *	instr_create_pusha (void *drcontext)
void	instr_disassemble (void drcontext, instr_t instr, file_t outfile)