Module ida_ua
Functions that deal with the disassembling of program instructions.
There are 2 kinds of functions:
- functions that are called from the kernel to disassemble an instruction. These functions call IDP module for it.
- functions that are called from IDP module to disassemble an instruction. We will call them 'helper functions'.
Disassembly of an instruction is made in three steps:
1. analysis: ana.cpp
2. emulation: emu.cpp
3. conversion to text: out.cpp
The kernel calls the IDP module to perform these steps. At first, the kernel
always calls the analysis. The analyzer must decode the instruction and fill the
insn_t instance that it receives through its callback. It must not change
anything in the database.
The second step, the emulation, is called for each instruction. This step must
make necessary changes to the database, plan analysis of subsequent
instructions, track register values, memory contents, etc. Please keep in mind
that the kernel may call the emulation step for any address in the program -
there is no ordering of addresses. Usually, the emulation is called for
consecutive addresses but this is not guaranteed.
The last step, conversion to text, is called each time an instruction is
displayed on the screen. The kernel will always call the analysis step before
calling the text conversion step. The emulation and the text conversion steps
should use the information stored in the insn_t instance they receive. They
should not access the bytes of the instruction and decode it again - this should
only be done in the analysis step.
Global variables
var BINOPSTATE_DONE
-
BINOPSTATE_DONE = 524288
var BINOPSTATE_GO
-
BINOPSTATE_GO = 262144
var BINOPSTATE_NONE
-
BINOPSTATE_NONE = 0
var COMMSTATE_DONE
-
COMMSTATE_DONE = 512
var COMMSTATE_GO
-
COMMSTATE_GO = 256
var COMMSTATE_NONE
-
COMMSTATE_NONE = 0
var CTXF_BINOP_STATE
-
CTXF_BINOP_STATE = 786432
var CTXF_BIT_PREFIX
-
CTXF_BIT_PREFIX = 2097152
var CTXF_CMT_STATE
-
CTXF_CMT_STATE = 768
var CTXF_CODE
-
CTXF_CODE = 4
var CTXF_DBLIND_OPND
-
CTXF_DBLIND_OPND = 131072
var CTXF_DEMANGLED_LABEL
-
CTXF_DEMANGLED_LABEL = 4096
var CTXF_DEMANGLED_OK
-
CTXF_DEMANGLED_OK = 16384
var CTXF_GEN_CMT
-
CTXF_GEN_CMT = 128
var CTXF_GEN_XREFS
-
CTXF_GEN_XREFS = 16
var CTXF_HIDDEN_ADDR
-
CTXF_HIDDEN_ADDR = 1048576
var CTXF_LABEL_OK
-
CTXF_LABEL_OK = 8192
var CTXF_MAIN
-
CTXF_MAIN = 1
var CTXF_MULTI
-
CTXF_MULTI = 2
var CTXF_NORMAL_LABEL
-
CTXF_NORMAL_LABEL = 2048
var CTXF_OUTCTX_T
-
CTXF_OUTCTX_T = 65536
var CTXF_OVSTORE_PRNT
-
CTXF_OVSTORE_PRNT = 32768
var CTXF_STACK
-
CTXF_STACK = 8
var CTXF_VOIDS
-
CTXF_VOIDS = 1024
var CTXF_XREF_STATE
-
CTXF_XREF_STATE = 96
var DEFAULT_INDENT
-
DEFAULT_INDENT = 65535
var FCBF_CONT
-
don't stop on decoding, or any other kind of error
var FCBF_DELIM
-
add the 'ash'-specified delimiters around the generated data. Note: if those are not defined and the INFFL_ALLASM is not set, format_charlit() will return an error
var FCBF_ERR_REPL
-
in case of an error, use a CP_REPLCHAR instead of a hex representation of the problematic byte
var FCBF_FF_LIT
-
in case of codepoints == 0xFF, use it as-is (i.e., LATIN SMALL LETTER Y WITH DIAERESIS). If both this, and FCBF_REPL are specified, this will take precedence
var GH_BYTESEX_HAS_HIGHBYTE
-
GH_BYTESEX_HAS_HIGHBYTE = 16
var GH_PRINT_ALL
-
GH_PRINT_ALL = 15
var GH_PRINT_ALL_BUT_BYTESEX
-
GH_PRINT_ALL_BUT_BYTESEX = 11
var GH_PRINT_ASM
-
GH_PRINT_ASM = 2
var GH_PRINT_BYTESEX
-
GH_PRINT_BYTESEX = 4
var GH_PRINT_HEADER
-
GH_PRINT_HEADER = 8
var GH_PRINT_PROC
-
GH_PRINT_PROC = 1
var GH_PRINT_PROC_AND_ASM
-
GH_PRINT_PROC_AND_ASM = 3
var GH_PRINT_PROC_ASM_AND_BYTESEX
-
GH_PRINT_PROC_ASM_AND_BYTESEX = 7
var INSN_64BIT
-
belongs to 64bit segment?
var INSN_MACRO
-
macro instruction
var INSN_MODMAC
-
may modify the database to make room for the macro insn
var MAKELINE_BINPREF
-
MAKELINE_BINPREF = 1
var MAKELINE_NONE
-
MAKELINE_NONE = 0
var MAKELINE_STACK
-
MAKELINE_STACK = 4
var MAKELINE_VOID
-
MAKELINE_VOID = 2
var OF_NO_BASE_DISP
-
base displacement doesn't exist. meaningful only for o_displ type. if set, base displacement (op_t::addr) doesn't exist.
var OF_NUMBER
-
the operand can be converted to a number only
var OF_OUTER_DISP
-
outer displacement exists. meaningful only for o_displ type. if set, outer displacement (op_t::value) exists.
var OF_SHOW
-
should the operand be displayed?
var OOFS_IFSIGN
-
output sign if needed
var OOFS_NEEDSIGN
-
always out sign (+-)
var OOFS_NOSIGN
-
don't output sign, forbid the user to change the sign
var OOFW_16
-
16 bit width
var OOFW_24
-
24 bit width
var OOFW_32
-
32 bit width
var OOFW_64
-
64 bit width
var OOFW_8
-
8 bit width
var OOFW_IMM
-
take from x.dtype
var OOF_ADDR
-
output x.addr, otherwise x.value
var OOF_ANYSERIAL
-
if enum: select first available serial
var OOF_LZEROES
-
print leading zeroes
var OOF_NOBNOT
-
prohibit use of binary not
var OOF_NO_LZEROES
-
do not print leading zeroes; if none of OOF_LZEROES and OOF_NO_LZEROES was specified, is_lzero() is used
var OOF_NUMBER
-
always as a number
var OOF_OUTER
-
output outer operand
var OOF_SIGNED
-
output as signed if < 0
var OOF_SIGNMASK
-
sign symbol (+/-) output
var OOF_SPACES
-
do not suppress leading spaces; currently works only for floating point numbers
var OOF_WIDTHMASK
-
width of value in bits
var OOF_ZSTROFF
-
meaningful only if is_stroff(F); append a struct field name if the field offset is zero? if AFL_ZSTROFF is set, then this flag is ignored.
var PACK_FORM_DEF
-
packed factor defined. (!o_reg + dt_packreal)
var STKVAR_VALID_SIZE
-
x.dtype contains correct variable type (for insns like 'lea' this bit must be off). in general, dr_O references do not allow to determine the variable size
var XREFSTATE_DONE
-
XREFSTATE_DONE = 64
var XREFSTATE_GO
-
XREFSTATE_GO = 32
var XREFSTATE_NONE
-
XREFSTATE_NONE = 0
var dt_bitfild
-
bit field (mc680x0)
var dt_byte
-
8 bit integer
var dt_byte16
-
128 bit integer
var dt_byte32
-
256 bit integer
var dt_byte64
-
512 bit integer
var dt_code
-
ptr to code (not used?)
var dt_double
-
8 byte floating point
var dt_dword
-
32 bit integer
var dt_float
-
4 byte floating point
var dt_fword
-
48 bit
var dt_half
-
2-byte floating point
var dt_ldbl
-
long double (which may be different from tbyte)
var dt_packreal
-
packed real format for mc68040
var dt_qword
-
64 bit integer
var dt_string
-
pointer to asciiz string
var dt_tbyte
-
variable size ( processor_t::tbyte_size) floating point
var dt_unicode
-
pointer to unicode string
var dt_void
-
none
var dt_word
-
16 bit integer
var o_displ
-
Memory Ref [Base Reg + Index Reg + Displacement].A memory reference using register contents with displacement. The displacement should be stored in the op_t::addr field. The rest of information is stored the same way as in o_phrase.
var o_far
-
Immediate Far Address (CODE).If the current processor has a special addressing mode for inter-segment references, then this operand type should be used instead of o_near. If you want, you may use PR_CHK_XREF in processor_t::flag to disable inter-segment calls if o_near operand type is used. Currently only IBM PC uses this flag.
var o_idpspec0
-
processor specific type.
var o_idpspec1
-
processor specific type.
var o_idpspec2
-
processor specific type.
var o_idpspec3
-
processor specific type.
var o_idpspec4
-
processor specific type.
var o_idpspec5
-
processor specific type. (there can be more processor specific types)
var o_imm
-
Immediate Value.Any operand consisting of only a number is represented by this operand type. The value should be stored in op_t::value. You may sign extend short (1-2 byte) values. In any case don't forget to specify op_t::dtype (should be set for all operand types).
var o_mem
-
Direct Memory Reference (DATA).A direct memory data reference whose target address is known at compilation time. The target virtual address is stored in op_t::addr and the full address is calculated as to_ea( insn_t::cs, op_t::addr ). For the processors with complex memory organization the final address can be calculated using other segment registers. For flat memories, op_t::addr is the final address and insn_t::cs is usually equal to zero. In any case, the address within the segment should be stored in op_t::addr.
var o_near
-
Immediate Near Address (CODE).A direct memory code reference whose target address is known at the compilation time. The target virtual address is stored in op_t::addr and the final address is always to_ea( insn_t::cs, op_t::addr). Usually this operand type is used for the branches and calls whose target address is known. If the current processor has 2 different types of references for inter-segment and intra-segment references, then this should be used only for intra-segment references.If the above operand types do not cover all possible addressing modes, then use o_idpspec... operand types.
var o_phrase
-
Memory Ref [Base Reg + Index Reg].A memory reference using register contents. Indexed, register based, and other addressing modes can be represented with the operand type. This addressing mode cannot contain immediate values (use o_displ instead). The phrase number should be stored in op_t::phrase. To denote the pre-increment and similar features please use additional operand fields like op_t::specflag... Usually op_t::phrase contains the register number and additional information is stored in op_t::specflags... Please note that this operand type cannot contain immediate values (except the scaling coefficients).
var o_reg
-
General Register (al,ax,es,ds...).The register number should be stored in op_t::reg. All processor registers, including special registers, can be represented by this operand type.
var o_void
-
No Operand.
Functions
def calc_dataseg(*args) ‑> ea_t
-
calc_dataseg(insn, n=-1, rgnum=-1) -> ea_tGet data segment for the instruction operand. 'opnum' and 'rgnum' are meaningful only if the processor has segment registers.insn: (C++: const insn_t &) an ida_ua.insn_t, or an address (C++: const insn_t &)n: (C++: int)rgnum: (C++: int)
def can_decode(*args) ‑> bool
-
can_decode(ea) -> boolCan the bytes at address 'ea' be decoded as instruction?ea: (C++: ea_t) linear addressreturn: whether or not the contents at that address could be a validinstruction
def construct_macro(*args) ‑> bool
-
construct_macro(insn, enable, build_macro) -> boolSee ua.hpp's construct_macro().insn: insn_t &enable: boolbuild_macro: PyObject *
def construct_macro2(*args) ‑> bool
-
construct_macro2(_this, insn, enable) -> bool_this: macro_constructor_t *insn: insn_t *enable: bool
def create_insn(*args) ‑> int
-
create_insn(ea, out=None) -> intCreate an instruction at the specified address. This function checks if an instruction is present at the specified address and will try to create one if there is none. It will fail if there is a data item or other items hindering the creation of the new instruction. This function will also fill the 'out' structure.ea: (C++: ea_t) linear addressout: (C++: insn_t *) the resulting instructionreturn: the length of the instruction or 0
def create_outctx(*args) ‑> outctx_base_t *
-
create_outctx(ea, F=0, suspop=0) -> outctx_base_tCreate a new output context. To delete it, just use "delete pctx"ea: (C++: ea_t)F: (C++: flags64_t)suspop: (C++: int)
def decode_insn(*args) ‑> int
-
decode_insn(out, ea) -> intAnalyze the specified address and fill 'out'. This function does not modify the database. It just tries to interpret the specified address as an instruction and fills the 'out' structure.out: (C++: insn_t *) the resulting instructionea: (C++: ea_t) linear addressreturn: the length of the (possible) instruction or 0
def decode_preceding_insn(*args) ‑> PyObject *
-
decode_preceding_insn(out, ea) -> (int, int)Decodes the preceding instruction. Please check ua.hpp / decode_preceding_insn()out: instruction storageea: current eareturn: tuple(preceeding_ea or BADADDR, farref = Boolean)
def decode_prev_insn(*args) ‑> ea_t
-
decode_prev_insn(out, ea) -> ea_tDecode previous instruction if it exists, fill 'out'.out: (C++: insn_t *) the resulting instructionea: (C++: ea_t) the address to decode the previous instruction fromreturn: the previous instruction address (BADADDR-no such insn)
def get_dtype_by_size(*args) ‑> int
-
get_dtype_by_size(size) -> intGet op_t::dtype from size.size: (C++: asize_t)
def get_dtype_flag(*args) ‑> flags64_t
-
get_dtype_flag(dtype) -> flags64_tGet flags for op_t::dtype field.dtype: (C++: op_dtype_t)
def get_dtype_size(*args) ‑> size_t
-
get_dtype_size(dtype) -> size_tGet size of opt_::dtype field.dtype: (C++: op_dtype_t)
def get_immvals(*args) ‑> PyObject *
-
get_immvals(ea, n, F=0) -> [int, ...]Get immediate values at the specified address. This function decodes instruction at the specified address or inspects the data item. It finds immediate values and copies them to 'out'. This function will store the original value of the operands in 'out', unless the last bits of 'F' are "...0 11111111", in which case the transformed values (as needed for printing) will be stored instead.ea: (C++: ea_t) address to analyzen: (C++: int) 0..UA_MAXOP-1 operand number, OPND_ALL all the operandsF: (C++: flags64_t) flags for the specified addressreturn: number of immediate values (0..2*UA_MAXOP)
def get_lookback(*args) ‑> int
-
get_lookback() -> intNumber of instructions to look back. This variable is not used by the kernel. Its value may be specified in ida.cfg: LOOKBACK = <number>. IDP may use it as you like it. (TMS module uses it)
def get_printable_immvals(*args) ‑> PyObject *
-
get_printable_immvals(ea, n, F=0) -> PyObject *Get immediate ready-to-print values at the specified addressea: (C++: ea_t) address to analyzen: (C++: int) 0..UA_MAXOP-1 operand number, OPND_ALL all the operandsF: (C++: flags64_t) flags for the specified addressreturn: number of immediate values (0..2*UA_MAXOP)
def insn_add_cref(*args) ‑> void
-
insn_add_cref(insn, to, opoff, type)insn: an ida_ua.insn_t, or an address (C++: const insn_t &)to: ea_topoff: inttype: enum cref_t
def insn_add_dref(*args) ‑> void
-
insn_add_dref(insn, to, opoff, type)insn: an ida_ua.insn_t, or an address (C++: const insn_t &)to: ea_topoff: inttype: enum dref_t
def insn_add_off_drefs(*args) ‑> ea_t
-
insn_add_off_drefs(insn, x, type, outf) -> ea_tinsn: an ida_ua.insn_t, or an address (C++: const insn_t &)x: op_t const &type: enum dref_toutf: int
def insn_create_stkvar(*args) ‑> bool
-
insn_create_stkvar(insn, x, v, flags) -> boolinsn: an ida_ua.insn_t, or an address (C++: const insn_t &)x: op_t const &v: adiff_tflags: int
def insn_t__from_ptrval__(*args) ‑> insn_t *
-
insn_t__from_ptrval__(ptrval) -> insn_tptrval: size_t
def is_floating_dtype(*args) ‑> bool
-
is_floating_dtype(dtype) -> boolIs a floating type operand?dtype: (C++: op_dtype_t)
def map_code_ea(*args) ‑> ea_t
-
map_code_ea(insn, addr, opnum) -> ea_tinsn: an ida_ua.insn_t, or an address (C++: const insn_t &)addr: ea_topnum: intmap_code_ea(insn, op) -> ea_tinsn: an ida_ua.insn_t, or an address (C++: const insn_t &)op: op_t const &
def map_data_ea(*args) ‑> ea_t
-
map_data_ea(insn, addr, opnum=-1) -> ea_tinsn: an ida_ua.insn_t, or an address (C++: const insn_t &)addr: ea_topnum: intmap_data_ea(insn, op) -> ea_tinsn: an ida_ua.insn_t, or an address (C++: const insn_t &)op: op_t const &
def map_ea(*args) ‑> ea_t
-
map_ea(insn, op, iscode) -> ea_tinsn: an ida_ua.insn_t, or an address (C++: const insn_t &)op: op_t const &iscode: boolmap_ea(insn, addr, opnum, iscode) -> ea_tinsn: an ida_ua.insn_t, or an address (C++: const insn_t &)addr: ea_topnum: intiscode: bool
def op_t__from_ptrval__(*args) ‑> op_t *
-
op_t__from_ptrval__(ptrval) -> op_tptrval: size_t
def outctx_base_t__from_ptrval__(*args) ‑> outctx_base_t *
-
outctx_base_t__from_ptrval__(ptrval) -> outctx_base_tptrval: size_t
def outctx_t__from_ptrval__(*args) ‑> outctx_t *
-
outctx_t__from_ptrval__(ptrval) -> outctx_tptrval: size_t
def print_insn_mnem(*args) ‑> qstring *
-
print_insn_mnem(ea) -> strPrint instruction mnemonics.ea: (C++: ea_t) linear address of the instructionreturn: success
def print_operand(*args) ‑> qstring *
-
print_operand(ea, n, getn_flags=0, newtype=None) -> strGenerate text representation for operand #n. This function will generate the text representation of the specified operand (includes color codes.)ea: (C++: ea_t) the item address (instruction or data)n: (C++: int) 0..UA_MAXOP-1 operand number, meaningful only for instructionsgetn_flags: (C++: int) Name expression flags Currently only GETN_NODUMMY isaccepted.newtype: (C++: struct printop_t *) if specified, print the operand using the specified typereturn: success
def ua_mnem(*args) ‑> qstring *
-
print_insn_mnem(ea) -> strPrint instruction mnemonics.ea: (C++: ea_t) linear address of the instructionreturn: success
Classes
class insn_t (*args)
-
Proxy of C++ insn_t class.__init__(self) -> insn_t
Instance variables
var Op1
var Op2
var Op3
var Op4
var Op5
var Op6
var Op7
var Op8
var auxpref : uint32
-
processor dependent field
var auxpref_u16
-
auxpref_u16
var auxpref_u8
-
auxpref_u8
var cs
-
Current segment base paragraph. Initialized by the kernel.
var ea
-
Linear address of the instruction. Initialized by the kernel.
var flags
-
Instruction flags
var insnpref
-
processor dependent field
var ip
-
Virtual address of the instruction (address within the segment). Initialized by the kernel.
var itype
-
Internal code of instruction (only for canonical insns - not user defined!). IDP should define its own instruction codes. These codes are usually defined in ins.hpp. The array of instruction names and features (ins.cpp) is accessed using this code.
var ops : wrapped_array_t< op_t,8 >
-
array of operands
var segpref
-
processor dependent field
var size
-
Size of instruction in bytes. The analyzer should put here the actual size of the instruction.
Methods
def add_cref(self, *args) ‑> void
-
add_cref(self, to, opoff, type)Add a code cross-reference from the instruction.to: (C++: ea_t) target linear addressopoff: (C++: int) offset of the operand from the start of instruction. if the offsetis unknown, then 0.type: (C++: cref_t) type of xref
def add_dref(self, *args) ‑> void
-
add_dref(self, to, opoff, type)Add a data cross-reference from the instruction. See add_off_drefs() - usually it can be used in most cases.to: (C++: ea_t) target linear addressopoff: (C++: int) offset of the operand from the start of instruction if the offsetis unknown, then 0type: (C++: dref_t) type of xref
def add_off_drefs(self, *args) ‑> ea_t
-
add_off_drefs(self, x, type, outf) -> ea_tAdd xrefs for an operand of the instruction. This function creates all cross references for 'enum', 'offset' and 'structure offset' operands. Use add_off_drefs() in the presence of negative offsets.x: (C++: const op_t &) reference to operandtype: (C++: dref_t) type of xrefoutf: (C++: int) out_value() flags. These flags should match the flags used tooutput the operandreturn: if is_off(): the reference target address (the same ascalc_reference_data). if is_stroff(): BADADDR because for stroffs the target address is unknown else: BADADDR because enums do not represent addresses
def assign(self, *args) ‑> void
-
assign(self, other)other: an ida_ua.insn_t, or an address (C++: const insn_t &)
def create_op_data(self, *args) ‑> bool
-
create_op_data(self, ea_, opoff, dtype) -> boolConvenient alias.ea_: (C++: ea_t)opoff: intdtype: op_dtype_tcreate_op_data(self, ea_, op) -> boolea_: ea_top: op_t const &
def create_stkvar(self, *args) ‑> bool
-
create_stkvar(self, x, v, flags_) -> boolCreate or modify a stack variable in the function frame. The emulator could use this function to create stack variables in the function frame before converting the operand to a stack variable. Please check with may_create_stkvars() before calling this function.x: (C++: const op_t &) operand (used to determine the addressing type)v: (C++: adiff_t) a displacement in the operandflags_: (C++: int) Stack variable flagsretval 1: ok, a stack variable exists nowretval 0: no, couldn't create stack variable
def get_canon_feature(self, *args) ‑> uint32
-
get_canon_feature(self, ph) -> uint32see instruc_t::featureph: (C++: const processor_t &) processor_t const &get_canon_feature(self) -> uint32
def get_canon_mnem(self, *args) ‑> char const *
-
get_canon_mnem(self, ph) -> char constsee instruc_t::nameph: (C++: const processor_t &) processor_t const &get_canon_mnem(self) -> char const *
def get_next_byte(self, *args) ‑> uint8
-
get_next_byte(self) -> uint8
def get_next_dword(self, *args) ‑> uint32
-
get_next_dword(self) -> uint32
def get_next_qword(self, *args) ‑> uint64
-
get_next_qword(self) -> uint64
def get_next_word(self, *args) ‑> uint16
-
get_next_word(self) -> uint16
def is_64bit(self, *args) ‑> bool
-
is_64bit(self) -> boolBelongs to a 64bit segment?
def is_canon_insn(self, *args) ‑> bool
-
is_canon_insn(self, ph) -> boolsee processor_t::is_canon_insn()ph: (C++: const processor_t &) processor_t const &is_canon_insn(self) -> bool
def is_macro(self, *args) ‑> bool
-
is_macro(self) -> boolIs a macro instruction?
class macro_constructor_t (*args)
-
Proxy of C++ macro_constructor_t class.__init__(self) -> macro_constructor_tself: PyObject *
Instance variables
var reserved
-
reserved
Methods
def build_macro(self, *args) ‑> bool
-
build_macro(self, insn, may_go_forward) -> boolTry to extend the instruction.insn: (C++: insn_t *) Instruction to modify, usually the first instruction of the macromay_go_forward: (C++: bool) Is it ok to consider the next instruction for the macro?This argument may be false, for example, if there is a cross reference to the end of INSN. In this case creating a macro is not desired. However, it may still be useful to perform minor tweaks to the instruction using the information about the surrounding instructions.return: true if created an macro instruction. This function may modify 'insn'and return false; these changes will be accepted by the kernel but the instruction will not be considered as a macro.
class op_t (*args)
-
Proxy of C++ op_t class.__init__(self) -> op_t
Instance variables
var addr : ea_t
-
virtual address pointed or used by the operand. (o_mem,o_displ,o_far,o_near)
var dtype
-
Type of operand value (see Operand value types). Usually first 9 types are used. This is the type of the operand itself, not the size of the addressing mode. for example, byte ptr [epb+32_bit_offset] will have dt_byte type.
var flags
-
Operand flags
var n
-
Number of operand (0,1,2). Initialized once at the start of work. You have no right to change its value.
var offb
-
Offset of operand value from the instruction start (0 means unknown). Of course this field is meaningful only for certain types of operands. Leave it equal to zero if the operand has no offset. This offset should point to the 'interesting' part of operand. For example, it may point to the address of a function in call func or it may point to bytes holding '5' in mov ax, [bx+5] Usually bytes pointed to this offset are relocated (have fixup information).
var offo
-
Same as offb (some operands have 2 numeric values used to form an operand). This field is used for the second part of operand if it exists. Currently this field is used only for outer offsets of Motorola processors. Leave it equal to zero if the operand has no offset.
var phrase : uint16
-
number of register phrase (o_phrase,o_displ). you yourself define numbers of phrases as you like
var reg : uint16
-
number of register (o_reg)
var specflag1
-
specflag1
var specflag2
-
specflag2
var specflag3
-
specflag3
var specflag4
-
specflag4
var specval : ea_t
-
This field may be used as you want.
var type
-
Type of operand (see Operand types)
var value : ea_t
-
operand value (o_imm) or outer displacement (o_displ+OF_OUTER_DISP). integer values should be in IDA's (little-endian) order. when using ieee_realcvt(), floating point values should be in the processor's native byte order. dt_double and dt_qword values take up 8 bytes (value and addr fields for 32-bit modules). NB: in case a dt_dword/dt_qword immediate is forced to float by user, the kernel converts it to processor's native order before calling FP conversion routines.
var value64 : uint64
-
__get_value64__(self) -> uint64
Methods
def assign(self, *args) ‑> void
-
assign(self, other)other: op_t const &
def clr_shown(self, *args) ‑> void
-
clr_shown(self)Set operand to hidden.
def has_reg(self, r)
-
Checks if the operand accesses the given processor register
def is_imm(self, *args) ‑> bool
-
is_imm(self, v) -> boolIs immediate operand?v: (C++: uval_t)
def is_reg(self, *args) ‑> bool
-
is_reg(self, r) -> boolIs register operand?r: (C++: int)
def set_shown(self, *args) ‑> void
-
set_shown(self)Set operand to be shown.
def shown(self, *args) ‑> bool
-
shown(self) -> boolIs operand set to be shown?
class operands_array (*args)
-
Proxy of C++ wrapped_array_t< op_t,8 > class.__init__(self, data) -> operands_arraydata: op_t (&)[8]
Instance variables
var bytes : bytevec_t
-
_get_bytes(self) -> bytevec_t
var data
-
data
class outctx_base_t (*args, **kwargs)
-
Proxy of C++ outctx_base_t class.
Subclasses
Instance variables
var F32
-
F32
var default_lnnum
-
default_lnnum
var insn_ea
-
insn_ea
var outbuf
-
outbuf
Methods
def close_comment(self, *args) ‑> void
-
close_comment(self)
def clr_gen_label(self, *args) ‑> void
-
clr_gen_label(self)
def display_voids(self, *args) ‑> bool
-
display_voids(self) -> bool
def flush_buf(self, *args) ‑> bool
-
flush_buf(self, buf, indent=-1) -> boolAppend contents of 'buf' to the line array. Behaves like flush_outbuf but accepts an arbitrary bufferbuf: (C++: const char *) char const *indent: (C++: int)
def flush_outbuf(self, *args) ‑> bool
-
flush_outbuf(self, indent=-1) -> boolFunctions to populate the output line array (lnar) Move the contents of the output buffer to the line array (outbuf->lnar) The kernel augments the outbuf contents with additional text like the line prefix, user-defined comments, xrefs, etc at this call.indent: (C++: int)
def forbid_annotations(self, *args) ‑> int
-
forbid_annotations(self) -> int
def force_code(self, *args) ‑> bool
-
force_code(self) -> bool
def gen_block_cmt(self, *args) ‑> bool
-
gen_block_cmt(self, cmt, color) -> boolGenerate big non-indented comment lines.cmt: (C++: const char *) comment text. may contain \n characters to denote new lines. shouldnot contain comment character (;)color: (C++: color_t) color of comment text (one of Color tags)return: overflow, lnar_maxsize has been reached
def gen_border_line(self, *args) ‑> bool
-
gen_border_line(self, solid=False) -> boolGenerate thin border line. This function does nothing if generation of border lines is disabled.solid: (C++: bool) generate solid border line (with =), otherwise with -return: overflow, lnar_maxsize has been reached
def gen_cmt_line(self, *args) ‑> bool
-
gen_cmt_line(self, format) -> boolGenerate one non-indented comment line, colored with COLOR_AUTOCMT.format: (C++: const char *) printf() style format line. The resulting comment line should notinclude comment character (;)return: overflow, lnar_maxsize has been reached
def gen_collapsed_line(self, *args) ‑> bool
-
gen_collapsed_line(self, format) -> boolGenerate one non-indented comment line, colored with COLOR_COLLAPSED.format: (C++: const char *) printf() style format line. The resulting comment line should notinclude comment character (;)return: overflow, lnar_maxsize has been reached
def gen_empty_line(self, *args) ‑> bool
-
gen_empty_line(self) -> boolGenerate empty line. This function does nothing if generation of empty lines is disabled.return: overflow, lnar_maxsize has been reached
def gen_empty_line_without_annotations(self, *args) ‑> void
-
gen_empty_line_without_annotations(self)
def gen_printf(self, *args) ‑> bool
-
gen_printf(self, indent, format) -> boolprintf-like function to add lines to the line array.indent: (C++: int) indention of the line. if indent == -1, the kernel will indentthe line at idainfo::indent. if indent < 0, -indent will be used for indention. The first line printed with indent < 0 is considered as the most important line at the current address. Usually it is the line with the instruction itself. This line will be displayed in the cross-reference lists and other places. If you need to output an additional line before the main line then pass DEFAULT_INDENT instead of -1. The kernel will know that your line is not the most important one.format: (C++: const char *) printf style colored line to generatereturn: overflow, lnar_maxsize has been reached
def gen_xref_lines(self, *args) ‑> bool
-
gen_xref_lines(self) -> bool
def getF(self, *args) ‑> flags64_t
-
getF(self) -> flags64_t
def get_stkvar(self, *args) ‑> member_t *
-
get_stkvar(self, arg2, arg3, arg4, arg5) -> member_t *arg2: op_t const &arg3: uval_targ4: sval_t *arg5: int *
def init_lines_array(self, *args) ‑> void
-
init_lines_array(self, answers, maxsize)answers: qstrvec_t *maxsize: int
def multiline(self, *args) ‑> bool
-
multiline(self) -> bool
def only_main_line(self, *args) ‑> bool
-
only_main_line(self) -> bool
def out_addr_tag(self, *args) ‑> void
-
out_addr_tag(self, ea)Output "address" escape sequence.ea: (C++: ea_t)
def out_btoa(self, *args) ‑> void
-
out_btoa(self, Word, radix=0)Output a number with the specified base (binary, octal, decimal, hex) The number is output without color codes. see also out_long()Word: (C++: uval_t)radix: (C++: char)
def out_char(self, *args) ‑> void
-
out_char(self, c)Output one character. The character is output without color codes. see alsoout_symbol()c: (C++: char)
def out_chars(self, *args) ‑> void
-
out_chars(self, c, n)Append a character multiple times.c: (C++: char)n: (C++: int)
def out_colored_register_line(self, *args) ‑> void
-
out_colored_register_line(self, str)Output a colored line with register names in it. The register names will be substituted by user-defined names (regvar_t) Please note that out_tagoff tries to make substitutions too (when called with COLOR_REG)str: (C++: const char *) char const *
def out_keyword(self, *args) ‑> void
-
out_keyword(self, str)Output a string with COLOR_KEYWORD color.str: (C++: const char *) char const *
def out_line(self, *args) ‑> void
-
out_line(self, str, color=0)Output a string with the specified color.str: (C++: const char *) char const *color: (C++: color_t)
def out_long(self, *args) ‑> void
-
out_long(self, v, radix)Output a number with appropriate color. Low level function. Use out_value() if you can. if 'suspop' is set then this function uses COLOR_VOIDOP instead of COLOR_NUMBER. 'suspop' is initialized:
- in out_one_operand()
- in ..\ida\gl.cpp (before calling processor_t::d_out())
v: (C++: sval_t) value to outputradix: (C++: char) base (2,8,10,16) def out_name_expr(self, *args) ‑> bool
-
out_name_expr(self, x, ea, off=BADADDR) -> boolOutput a name expression.x: (C++: const op_t &) instruction operand referencing the name expressionea: (C++: ea_t) address to convert to name expressionoff: (C++: adiff_t) the value of name expression. this parameter is used only to checkthat the name expression will have the wanted value. You may pass BADADDR for this parameter but I discourage it because it prohibits checks.return: true if the name expression has been produced
def out_printf(self, *args) ‑> size_t
-
out_printf(self, format) -> size_tFunctions to append text to the current output buffer (outbuf) Append a formatted string to the output string.format: (C++: const char *) char const *return: the number of characters appended
def out_register(self, *args) ‑> void
-
out_register(self, str)Output a character with COLOR_REG color.str: (C++: const char *) char const *
def out_spaces(self, *args) ‑> void
-
out_spaces(self, len)Appends spaces to outbuf until its tag_strlen becomes 'len'.len: (C++: ssize_t)
def out_symbol(self, *args) ‑> void
-
out_symbol(self, c)Output a character with COLOR_SYMBOL color.c: (C++: char)
def out_tagoff(self, *args) ‑> void
-
out_tagoff(self, tag)Output "turn color off" escape sequence.tag: (C++: color_t)
def out_tagon(self, *args) ‑> void
-
out_tagon(self, tag)Output "turn color on" escape sequence.tag: (C++: color_t)
def out_value(self, *args) ‑> flags64_t
-
out_value(self, x, outf=0) -> flags64_tOutput immediate value. Try to use this function to output all constants of instruction operands. This function outputs a number from x.addr or x.value in the form determined by F. It outputs colored text.x: (C++: const op_t &) value to outputoutf: (C++: int) Output value flagsreturn: flags of the output value, otherwise: -1 if printed a number withCOLOR_ERROR 0 if printed a nice number or character or segment or enum
def print_label_now(self, *args) ‑> bool
-
print_label_now(self) -> bool
def restore_ctxflags(self, *args) ‑> void
-
restore_ctxflags(self, saved_flags)saved_flags: int
def retrieve_cmt(self, *args) ‑> ssize_t
-
retrieve_cmt(self) -> ssize_t
def retrieve_name(self, *args) ‑> ssize_t
-
retrieve_name(self, arg2, arg3) -> ssize_targ2: qstring *arg3: color_t *
def set_comment_addr(self, *args) ‑> void
-
set_comment_addr(self, ea)ea: ea_t
def set_dlbind_opnd(self, *args) ‑> void
-
set_dlbind_opnd(self)
def set_gen_cmt(self, *args) ‑> void
-
set_gen_cmt(self, on=True)on: bool
def set_gen_demangled_label(self, *args) ‑> void
-
set_gen_demangled_label(self)
def set_gen_label(self, *args) ‑> void
-
set_gen_label(self)
def set_gen_xrefs(self, *args) ‑> void
-
set_gen_xrefs(self, on=True)on: bool
def setup_outctx(self, *args) ‑> void
-
setup_outctx(self, prefix, makeline_flags)Initialization; normally used only by the kernel.prefix: (C++: const char *) char const *makeline_flags: (C++: int)
def stack_view(self, *args) ‑> bool
-
stack_view(self) -> bool
def term_outctx(self, *args) ‑> int
-
term_outctx(self, prefix=None) -> intFinalize the output context.prefix: (C++: const char *) char const *return: the number of generated lines.
class outctx_t (*args, **kwargs)
-
Proxy of C++ outctx_t class.
Ancestors
Instance variables
var ash
-
ash
var bin_ea
-
bin_ea
var bin_state
-
bin_state
var bin_width
-
bin_width
var curlabel
-
curlabel
var gl_bpsize
-
gl_bpsize
var insn
-
insn
var next_line_ea
-
next_line_ea
var ph
-
ph
var prefix_ea
-
prefix_ea
var procmod
-
procmod
var saved_immvals
-
saved_immvals
var wif
-
wif
Methods
-
gen_func_footer(self, pfn)pfn: func_t const *
def gen_func_header(self, *args) ‑> void
-
gen_func_header(self, pfn)pfn: func_t *
def gen_header(self, *args) ‑> void
-
gen_header(self, flags=((1 << 0)|(1 << 1)), proc_name=None, proc_flavour=None)flags: intproc_name: char const *proc_flavour: char const *
def gen_header_extra(self, *args) ‑> void
-
gen_header_extra(self)
def out_custom_mnem(self, *args) ‑> void
-
out_custom_mnem(self, mnem, width=8, postfix=None)Output custom mnemonic for 'insn'. E.g. if it should differ from the one in 'ph.instruc'. This function outputs colored text. See out_mnemmnem: (C++: const char *) custom mnemonicwidth: (C++: int) width of field with mnemonic. if < 0, then 'postfix' will beoutput before the mnemonic, i.e. as a prefixpostfix: (C++: const char *) optional postfix added to 'mnem'
def out_data(self, *args) ‑> void
-
out_data(self, analyze_only)analyze_only: bool
def out_fcref_names(self, *args) ‑> void
-
out_fcref_names(self)Print addresses referenced *from* the specified address as commented symbolic names. This function is used to show, for example, multiple callees of an indirect call. This function outputs colored text.
def out_immchar_cmts(self, *args) ‑> void
-
out_immchar_cmts(self)Print all operand values as commented character constants. This function is used to comment void operands with their representation in the form of character constants. This function outputs colored text.
def out_mnem(self, *args) ‑> void
-
out_mnem(self, width=8, postfix=None)Output instruction mnemonic for 'insn' using information in 'ph.instruc' array. This function outputs colored text. It should be called from processor_t::ev_out_insn() or processor_t::ev_out_mnem() handler. It will output at least one space after the instruction. mnemonic even if the specified 'width' is not enough.width: (C++: int) width of field with mnemonic. if < 0, then 'postfix' will beoutput before the mnemonic, i.e. as a prefixpostfix: (C++: const char *) optional postfix added to the instruction mnemonic
def out_mnemonic(self, *args) ‑> void
-
out_mnemonic(self)Output instruction mnemonic using information in 'insn'. It should be called from processor_t::ev_out_insn() and it will call processor_t::ev_out_mnem() or out_mnem. This function outputs colored text.
def out_one_operand(self, *args) ‑> bool
-
out_one_operand(self, n) -> boolUse this function to output an operand of an instruction. This function checks for the existence of a manually defined operand and will output it if it exists. It should be called from processor_t::ev_out_insn() and it will call processor_t::ev_out_operand(). This function outputs colored text.n: (C++: int) 0..UA_MAXOP-1 operand numberretval 1: operand is displayedretval 0: operand is hidden
def out_specea(self, *args) ‑> bool
-
out_specea(self, segtype) -> boolsegtype: uchar
def set_bin_state(self, *args) ‑> void
-
set_bin_state(self, value)value: int
def setup_outctx(self, *args) ‑> void
-
setup_outctx(self, prefix, flags)Initialization; normally used only by the kernel.prefix: (C++: const char *) char const *flags: int
Inherited members
outctx_base_t
:F32
close_comment
clr_gen_label
default_lnnum
display_voids
flush_buf
flush_outbuf
forbid_annotations
force_code
gen_block_cmt
gen_border_line
gen_cmt_line
gen_collapsed_line
gen_empty_line
gen_empty_line_without_annotations
gen_printf
gen_xref_lines
getF
get_stkvar
init_lines_array
insn_ea
multiline
only_main_line
out_addr_tag
out_btoa
out_char
out_chars
out_colored_register_line
out_keyword
out_line
out_long
out_name_expr
out_printf
out_register
out_spaces
out_symbol
out_tagoff
out_tagon
out_value
outbuf
print_label_now
restore_ctxflags
retrieve_cmt
retrieve_name
set_comment_addr
set_dlbind_opnd
set_gen_cmt
set_gen_demangled_label
set_gen_label
set_gen_xrefs
stack_view
term_outctx