Many processors (especially RISC based) use instruction sets with fixed size (most commonly 4 bytes). Among examples are ARM, PPC, MIPS and a few others. This is also obvious in the disassembly when observing the instructions’ addresses – they increase by a fixed amount:
However, occasionally you may come across larger instructions:
What is this? Does A64 ISA have 8-byte instructions?
In fact, if you check ARM’s documentation, you’ll discover that ADRL is a pseudo-instruction which generates two machine instructions, ADRP
and ADD
. IDA combines them to provide more compact disassembly and improve cross-references.
In IDA’s terminology, a pseudo-instruction which replaces several simpler instructions is called a macro instruction.
Disabling macros
If you prefer to see the actual instructions, you can disable macros. This can be done in the Kernel Options 3 group of settings:
And now IDA no longer uses ADRL:
As can be seen in this example, it can produce misleading disassembly (ADRP can only use page-aligned addresses which is why it seems to refer to some unrelated string)
Simplified instructions
In addition to macros, sometimes IDA may transform single instructions to improve readability or make their behavior more obvious. For example, on ARM some instructions have preferred disassembly form and by default IDA uses it.
Instruction simplification feature is usually controlled by a processor-specific option.
Other disassembly improvements
Some processor modules may have other options which may change disassembly to improve readability even if it sometimes means the resulting listing is not strictly conforming. For example, MIPS has an option to simplify instructions which use the global register $gp
which usually has a fixed value and using it makes disassembly much easier to read:
If you are curious about what the options in the dialog do, clicking “Help” shows a short explanation:
See also:
Igor’s Tip of the Week #137: Processor modes and segment registers
Igor’s tip of the week #98: Analysis options