Module `ida_ua`

Functions that deal with the disassembling of program instructions.

There are 2 kinds of functions:

functions that are called from the kernel to disassemble an instruction. These functions call IDP module for it.
functions that are called from IDP module to disassemble an instruction. We will call them 'helper functions'.

Disassembly of an instruction is made in three steps: 1. analysis: ana.cpp 2. emulation: emu.cpp 3. conversion to text: out.cpp

The kernel calls the IDP module to perform these steps. At first, the kernel always calls the analysis. The analyzer must decode the instruction and fill the insn_t instance that it receives through its callback. It must not change anything in the database.

The second step, the emulation, is called for each instruction. This step must make necessary changes to the database, plan analysis of subsequent instructions, track register values, memory contents, etc. Please keep in mind that the kernel may call the emulation step for any address in the program - there is no ordering of addresses. Usually, the emulation is called for consecutive addresses but this is not guaranteed.

The last step, conversion to text, is called each time an instruction is displayed on the screen. The kernel will always call the analysis step before calling the text conversion step. The emulation and the text conversion steps should use the information stored in the insn_t instance they receive. They should not access the bytes of the instruction and decode it again - this should only be done in the analysis step.

Global variables

var BINOPSTATE_DONE: BINOPSTATE_DONE = 524288
var BINOPSTATE_GO: BINOPSTATE_GO = 262144
var BINOPSTATE_NONE: BINOPSTATE_NONE = 0
var COMMSTATE_DONE: COMMSTATE_DONE = 512
var COMMSTATE_GO: COMMSTATE_GO = 256
var COMMSTATE_NONE: COMMSTATE_NONE = 0
var CTXF_BINOP_STATE: CTXF_BINOP_STATE = 786432
var CTXF_BIT_PREFIX: CTXF_BIT_PREFIX = 2097152
var CTXF_CMT_STATE: CTXF_CMT_STATE = 768
var CTXF_CODE: CTXF_CODE = 4
var CTXF_DBLIND_OPND: CTXF_DBLIND_OPND = 131072
var CTXF_DEMANGLED_LABEL: CTXF_DEMANGLED_LABEL = 4096
var CTXF_DEMANGLED_OK: CTXF_DEMANGLED_OK = 16384
var CTXF_GEN_CMT: CTXF_GEN_CMT = 128
var CTXF_GEN_XREFS: CTXF_GEN_XREFS = 16
var CTXF_HIDDEN_ADDR: CTXF_HIDDEN_ADDR = 1048576
var CTXF_LABEL_OK: CTXF_LABEL_OK = 8192
var CTXF_MAIN: CTXF_MAIN = 1
var CTXF_MULTI: CTXF_MULTI = 2
var CTXF_NORMAL_LABEL: CTXF_NORMAL_LABEL = 2048
var CTXF_OUTCTX_T: CTXF_OUTCTX_T = 65536
var CTXF_OVSTORE_PRNT: CTXF_OVSTORE_PRNT = 32768
var CTXF_STACK: CTXF_STACK = 8
var CTXF_VOIDS: CTXF_VOIDS = 1024
var CTXF_XREF_STATE: CTXF_XREF_STATE = 96
var DEFAULT_INDENT: DEFAULT_INDENT = 65535
var FCBF_CONT: don't stop on decoding, or any other kind of error
var FCBF_DELIM: add the 'ash'-specified delimiters around the generated data. Note: if those are not defined and the INFFL_ALLASM is not set, format_charlit() will return an error
var FCBF_ERR_REPL: in case of an error, use a CP_REPLCHAR instead of a hex representation of the problematic byte
var FCBF_FF_LIT: in case of codepoints == 0xFF, use it as-is (i.e., LATIN SMALL LETTER Y WITH DIAERESIS). If both this, and FCBF_REPL are specified, this will take precedence
var GH_BYTESEX_HAS_HIGHBYTE: GH_BYTESEX_HAS_HIGHBYTE = 16
var GH_PRINT_ALL: GH_PRINT_ALL = 15
var GH_PRINT_ALL_BUT_BYTESEX: GH_PRINT_ALL_BUT_BYTESEX = 11
var GH_PRINT_ASM: GH_PRINT_ASM = 2
var GH_PRINT_BYTESEX: GH_PRINT_BYTESEX = 4
var GH_PRINT_HEADER: GH_PRINT_HEADER = 8
var GH_PRINT_PROC: GH_PRINT_PROC = 1
var GH_PRINT_PROC_AND_ASM: GH_PRINT_PROC_AND_ASM = 3
var GH_PRINT_PROC_ASM_AND_BYTESEX: GH_PRINT_PROC_ASM_AND_BYTESEX = 7
var INSN_64BIT: belongs to 64bit segment?
var INSN_MACRO: macro instruction
var INSN_MODMAC: may modify the database to make room for the macro insn
var MAKELINE_BINPREF: MAKELINE_BINPREF = 1
var MAKELINE_NONE: MAKELINE_NONE = 0
var MAKELINE_STACK: MAKELINE_STACK = 4
var MAKELINE_VOID: MAKELINE_VOID = 2
var OF_NO_BASE_DISP: base displacement doesn't exist. meaningful only for o_displ type. if set, base displacement (op_t::addr) doesn't exist.
var OF_NUMBER: the operand can be converted to a number only
var OF_OUTER_DISP: outer displacement exists. meaningful only for o_displ type. if set, outer displacement (op_t::value) exists.
var OF_SHOW: should the operand be displayed?
var OOFS_IFSIGN: output sign if needed
var OOFS_NEEDSIGN: always out sign (+-)
var OOFS_NOSIGN: don't output sign, forbid the user to change the sign
var OOFW_16: 16 bit width
var OOFW_24: 24 bit width
var OOFW_32: 32 bit width
var OOFW_64: 64 bit width
var OOFW_8: 8 bit width
var OOFW_IMM: take from x.dtype
var OOF_ADDR: output x.addr, otherwise x.value
var OOF_ANYSERIAL: if enum: select first available serial
var OOF_LZEROES: print leading zeroes
var OOF_NOBNOT: prohibit use of binary not
var OOF_NO_LZEROES: do not print leading zeroes; if none of OOF_LZEROES and OOF_NO_LZEROES was specified, is_lzero() is used
var OOF_NUMBER: always as a number
var OOF_OUTER: output outer operand
var OOF_SIGNED: output as signed if < 0
var OOF_SIGNMASK: sign symbol (+/-) output
var OOF_SPACES: do not suppress leading spaces; currently works only for floating point numbers
var OOF_WIDTHMASK: width of value in bits
var OOF_ZSTROFF: meaningful only if is_stroff(F); append a struct field name if the field offset is zero? if AFL_ZSTROFF is set, then this flag is ignored.
var PACK_FORM_DEF: packed factor defined. (!o_reg + dt_packreal)
var STKVAR_VALID_SIZE: x.dtype contains correct variable type (for insns like 'lea' this bit must be off). in general, dr_O references do not allow to determine the variable size
var XREFSTATE_DONE: XREFSTATE_DONE = 64
var XREFSTATE_GO: XREFSTATE_GO = 32
var XREFSTATE_NONE: XREFSTATE_NONE = 0
var dt_bitfild: bit field (mc680x0)
var dt_byte: 8 bit integer
var dt_byte16: 128 bit integer
var dt_byte32: 256 bit integer
var dt_byte64: 512 bit integer
var dt_code: ptr to code (not used?)
var dt_double: 8 byte floating point
var dt_dword: 32 bit integer
var dt_float: 4 byte floating point
var dt_fword: 48 bit
var dt_half: 2-byte floating point
var dt_ldbl: long double (which may be different from tbyte)
var dt_packreal: packed real format for mc68040
var dt_qword: 64 bit integer
var dt_string: pointer to asciiz string
var dt_tbyte: variable size ( processor_t::tbyte_size) floating point
var dt_unicode: pointer to unicode string
var dt_void: none
var dt_word: 16 bit integer
var o_displ: Memory Ref [Base Reg + Index Reg + Displacement].

A memory reference using register contents with displacement. The displacement should be stored in the op_t::addr field. The rest of information is stored the same way as in o_phrase.
var o_far: Immediate Far Address (CODE).

If the current processor has a special addressing mode for inter-segment references, then this operand type should be used instead of o_near. If you want, you may use PR_CHK_XREF in processor_t::flag to disable inter-segment calls if o_near operand type is used. Currently only IBM PC uses this flag.
var o_idpspec0: processor specific type.
var o_idpspec1: processor specific type.
var o_idpspec2: processor specific type.
var o_idpspec3: processor specific type.
var o_idpspec4: processor specific type.
var o_idpspec5: processor specific type. (there can be more processor specific types)
var o_imm: Immediate Value.

Any operand consisting of only a number is represented by this operand type. The value should be stored in op_t::value. You may sign extend short (1-2 byte) values. In any case don't forget to specify op_t::dtype (should be set for all operand types).
var o_mem: Direct Memory Reference (DATA).

A direct memory data reference whose target address is known at compilation time. The target virtual address is stored in op_t::addr and the full address is calculated as to_ea( insn_t::cs, op_t::addr ). For the processors with complex memory organization the final address can be calculated using other segment registers. For flat memories, op_t::addr is the final address and insn_t::cs is usually equal to zero. In any case, the address within the segment should be stored in op_t::addr.
var o_near: Immediate Near Address (CODE).

A direct memory code reference whose target address is known at the compilation time. The target virtual address is stored in op_t::addr and the final address is always to_ea( insn_t::cs, op_t::addr). Usually this operand type is used for the branches and calls whose target address is known. If the current processor has 2 different types of references for inter-segment and intra-segment references, then this should be used only for intra-segment references.

If the above operand types do not cover all possible addressing modes, then use o_idpspec... operand types.
var o_phrase: Memory Ref [Base Reg + Index Reg].

A memory reference using register contents. Indexed, register based, and other addressing modes can be represented with the operand type. This addressing mode cannot contain immediate values (use o_displ instead). The phrase number should be stored in op_t::phrase. To denote the pre-increment and similar features please use additional operand fields like op_t::specflag... Usually op_t::phrase contains the register number and additional information is stored in op_t::specflags... Please note that this operand type cannot contain immediate values (except the scaling coefficients).
var o_reg: General Register (al,ax,es,ds...).

The register number should be stored in op_t::reg. All processor registers, including special registers, can be represented by this operand type.
var o_void: No Operand.

Functions

def calc_dataseg(*args) ‑> ea_t: calc_dataseg(insn, n=-1, rgnum=-1) -> ea_t
Get data segment for the instruction operand. 'opnum' and 'rgnum' are meaningful only if the processor has segment registers.

insn: (C++: const insn_t &) an ida_ua.insn_t, or an address (C++: const insn_t &)

n: (C++: int)

rgnum: (C++: int)
def can_decode(*args) ‑> bool: can_decode(ea) -> bool
Can the bytes at address 'ea' be decoded as instruction?

ea: (C++: ea_t) linear address

return: whether or not the contents at that address could be a valid
instruction
def construct_macro(*args) ‑> bool: construct_macro(insn, enable, build_macro) -> bool
See ua.hpp's construct_macro().

insn: insn_t &

enable: bool

build_macro: PyObject *
def construct_macro2(*args) ‑> bool: construct_macro2(_this, insn, enable) -> bool
_this: macro_constructor_t *

insn: insn_t *

enable: bool
def create_insn(*args) ‑> int: create_insn(ea, out=None) -> int
Create an instruction at the specified address. This function checks if an instruction is present at the specified address and will try to create one if there is none. It will fail if there is a data item or other items hindering the creation of the new instruction. This function will also fill the 'out' structure.

ea: (C++: ea_t) linear address

out: (C++: insn_t *) the resulting instruction

return: the length of the instruction or 0
def create_outctx(*args) ‑> outctx_base_t *: create_outctx(ea, F=0, suspop=0) -> outctx_base_t
Create a new output context. To delete it, just use "delete pctx"

ea: (C++: ea_t)

F: (C++: flags64_t)

suspop: (C++: int)
def decode_insn(*args) ‑> int: decode_insn(out, ea) -> int
Analyze the specified address and fill 'out'. This function does not modify the database. It just tries to interpret the specified address as an instruction and fills the 'out' structure.

out: (C++: insn_t *) the resulting instruction

ea: (C++: ea_t) linear address

return: the length of the (possible) instruction or 0
def decode_preceding_insn(*args) ‑> PyObject *: decode_preceding_insn(out, ea) -> (int, int)
Decodes the preceding instruction. Please check ua.hpp / decode_preceding_insn()

out: instruction storage

ea: current ea

return: tuple(preceeding_ea or BADADDR, farref = Boolean)
def decode_prev_insn(*args) ‑> ea_t: decode_prev_insn(out, ea) -> ea_t
Decode previous instruction if it exists, fill 'out'.

out: (C++: insn_t *) the resulting instruction

ea: (C++: ea_t) the address to decode the previous instruction from

return: the previous instruction address (BADADDR-no such insn)
def get_dtype_by_size(*args) ‑> int: get_dtype_by_size(size) -> int
Get op_t::dtype from size.

size: (C++: asize_t)
def get_dtype_flag(*args) ‑> flags64_t: get_dtype_flag(dtype) -> flags64_t
Get flags for op_t::dtype field.

dtype: (C++: op_dtype_t)
def get_dtype_size(*args) ‑> size_t: get_dtype_size(dtype) -> size_t
Get size of opt_::dtype field.

dtype: (C++: op_dtype_t)
def get_immvals(*args) ‑> PyObject *: get_immvals(ea, n, F=0) -> [int, ...]
Get immediate values at the specified address. This function decodes instruction at the specified address or inspects the data item. It finds immediate values and copies them to 'out'. This function will store the original value of the operands in 'out', unless the last bits of 'F' are "...0 11111111", in which case the transformed values (as needed for printing) will be stored instead.

ea: (C++: ea_t) address to analyze

n: (C++: int) 0..UA_MAXOP-1 operand number, OPND_ALL all the operands

F: (C++: flags64_t) flags for the specified address

return: number of immediate values (0..2*UA_MAXOP)
def get_lookback(*args) ‑> int: get_lookback() -> int
Number of instructions to look back. This variable is not used by the kernel. Its value may be specified in ida.cfg: LOOKBACK = <number>. IDP may use it as you like it. (TMS module uses it)
def get_printable_immvals(*args) ‑> PyObject *: get_printable_immvals(ea, n, F=0) -> PyObject *
Get immediate ready-to-print values at the specified address

ea: (C++: ea_t) address to analyze

n: (C++: int) 0..UA_MAXOP-1 operand number, OPND_ALL all the operands

F: (C++: flags64_t) flags for the specified address

return: number of immediate values (0..2*UA_MAXOP)
def insn_add_cref(*args) ‑> void: insn_add_cref(insn, to, opoff, type)
insn: an ida_ua.insn_t, or an address (C++: const insn_t &)

to: ea_t

opoff: int

type: enum cref_t
def insn_add_dref(*args) ‑> void: insn_add_dref(insn, to, opoff, type)
insn: an ida_ua.insn_t, or an address (C++: const insn_t &)

to: ea_t

opoff: int

type: enum dref_t
def insn_add_off_drefs(*args) ‑> ea_t: insn_add_off_drefs(insn, x, type, outf) -> ea_t
insn: an ida_ua.insn_t, or an address (C++: const insn_t &)

x: op_t const &

type: enum dref_t

outf: int
def insn_create_stkvar(*args) ‑> bool: insn_create_stkvar(insn, x, v, flags) -> bool
insn: an ida_ua.insn_t, or an address (C++: const insn_t &)

x: op_t const &

v: adiff_t

flags: int
def insn_t__from_ptrval__(*args) ‑> insn_t *: insn_t__from_ptrval__(ptrval) -> insn_t
ptrval: size_t
def is_floating_dtype(*args) ‑> bool: is_floating_dtype(dtype) -> bool
Is a floating type operand?

dtype: (C++: op_dtype_t)
def map_code_ea(*args) ‑> ea_t: map_code_ea(insn, addr, opnum) -> ea_t
insn: an ida_ua.insn_t, or an address (C++: const insn_t &)

addr: ea_t

opnum: int

map_code_ea(insn, op) -> ea_t
insn: an ida_ua.insn_t, or an address (C++: const insn_t &)

op: op_t const &
def map_data_ea(*args) ‑> ea_t: map_data_ea(insn, addr, opnum=-1) -> ea_t
insn: an ida_ua.insn_t, or an address (C++: const insn_t &)

addr: ea_t

opnum: int

map_data_ea(insn, op) -> ea_t
insn: an ida_ua.insn_t, or an address (C++: const insn_t &)

op: op_t const &
def map_ea(*args) ‑> ea_t: map_ea(insn, op, iscode) -> ea_t
insn: an ida_ua.insn_t, or an address (C++: const insn_t &)

op: op_t const &

iscode: bool

map_ea(insn, addr, opnum, iscode) -> ea_t
insn: an ida_ua.insn_t, or an address (C++: const insn_t &)

addr: ea_t

opnum: int

iscode: bool
def op_t__from_ptrval__(*args) ‑> op_t *: op_t__from_ptrval__(ptrval) -> op_t
ptrval: size_t
def outctx_base_t__from_ptrval__(*args) ‑> outctx_base_t *: outctx_base_t__from_ptrval__(ptrval) -> outctx_base_t
ptrval: size_t
def outctx_t__from_ptrval__(*args) ‑> outctx_t *: outctx_t__from_ptrval__(ptrval) -> outctx_t
ptrval: size_t
def print_insn_mnem(*args) ‑> qstring *: print_insn_mnem(ea) -> str
Print instruction mnemonics.

ea: (C++: ea_t) linear address of the instruction

return: success
def print_operand(*args) ‑> qstring *: print_operand(ea, n, getn_flags=0, newtype=None) -> str
Generate text representation for operand #n. This function will generate the text representation of the specified operand (includes color codes.)

ea: (C++: ea_t) the item address (instruction or data)

n: (C++: int) 0..UA_MAXOP-1 operand number, meaningful only for instructions

getn_flags: (C++: int) Name expression flags Currently only GETN_NODUMMY is
accepted.

newtype: (C++: struct printop_t *) if specified, print the operand using the specified type

return: success
def ua_mnem(*args) ‑> qstring *: print_insn_mnem(ea) -> str
Print instruction mnemonics.

ea: (C++: ea_t) linear address of the instruction

return: success

Classes

class insn_t (*args)

Proxy of C++ insn_t class.

__init__(self) -> insn_t

Instance variables

var Op1
var Op2
var Op3
var Op4
var Op5
var Op6
var Op7
var Op8
var auxpref : uint32: processor dependent field
var auxpref_u16: auxpref_u16
var auxpref_u8: auxpref_u8
var cs: Current segment base paragraph. Initialized by the kernel.
var ea: Linear address of the instruction. Initialized by the kernel.
var flags: Instruction flags
var insnpref: processor dependent field
var ip: Virtual address of the instruction (address within the segment). Initialized by the kernel.
var itype: Internal code of instruction (only for canonical insns - not user defined!). IDP should define its own instruction codes. These codes are usually defined in ins.hpp. The array of instruction names and features (ins.cpp) is accessed using this code.
var ops : wrapped_array_t< op_t,8 >: array of operands
var segpref: processor dependent field
var size: Size of instruction in bytes. The analyzer should put here the actual size of the instruction.

Methods

def add_cref(self, *args) ‑> void: add_cref(self, to, opoff, type)
Add a code cross-reference from the instruction.

to: (C++: ea_t) target linear address

opoff: (C++: int) offset of the operand from the start of instruction. if the offset
is unknown, then 0.

type: (C++: cref_t) type of xref
def add_dref(self, *args) ‑> void: add_dref(self, to, opoff, type)
Add a data cross-reference from the instruction. See add_off_drefs() - usually it can be used in most cases.

to: (C++: ea_t) target linear address

opoff: (C++: int) offset of the operand from the start of instruction if the offset
is unknown, then 0

type: (C++: dref_t) type of xref
def add_off_drefs(self, *args) ‑> ea_t: add_off_drefs(self, x, type, outf) -> ea_t
Add xrefs for an operand of the instruction. This function creates all cross references for 'enum', 'offset' and 'structure offset' operands. Use add_off_drefs() in the presence of negative offsets.

x: (C++: const op_t &) reference to operand

type: (C++: dref_t) type of xref

outf: (C++: int) out_value() flags. These flags should match the flags used to
output the operand

return: if is_off(): the reference target address (the same as
calc_reference_data). if is_stroff(): BADADDR because for stroffs the target address is unknown else: BADADDR because enums do not represent addresses
def assign(self, *args) ‑> void: assign(self, other)
other: an ida_ua.insn_t, or an address (C++: const insn_t &)
def create_op_data(self, *args) ‑> bool: create_op_data(self, ea_, opoff, dtype) -> bool
Convenient alias.

ea_: (C++: ea_t)

opoff: int

dtype: op_dtype_t

create_op_data(self, ea_, op) -> bool
ea_: ea_t

op: op_t const &
def create_stkvar(self, *args) ‑> bool: create_stkvar(self, x, v, flags_) -> bool
Create or modify a stack variable in the function frame. The emulator could use this function to create stack variables in the function frame before converting the operand to a stack variable. Please check with may_create_stkvars() before calling this function.

x: (C++: const op_t &) operand (used to determine the addressing type)

v: (C++: adiff_t) a displacement in the operand

flags_: (C++: int) Stack variable flags

retval 1: ok, a stack variable exists now

retval 0: no, couldn't create stack variable
def get_canon_feature(self, *args) ‑> uint32: get_canon_feature(self, ph) -> uint32
see instruc_t::feature

ph: (C++: const processor_t &) processor_t const &

get_canon_feature(self) -> uint32
def get_canon_mnem(self, *args) ‑> char const *: get_canon_mnem(self, ph) -> char const
see instruc_t::name

ph: (C++: const processor_t &) processor_t const &

get_canon_mnem(self) -> char const *
def get_next_byte(self, *args) ‑> uint8: get_next_byte(self) -> uint8
def get_next_dword(self, *args) ‑> uint32: get_next_dword(self) -> uint32
def get_next_qword(self, *args) ‑> uint64: get_next_qword(self) -> uint64
def get_next_word(self, *args) ‑> uint16: get_next_word(self) -> uint16
def is_64bit(self, *args) ‑> bool: is_64bit(self) -> bool
Belongs to a 64bit segment?
def is_canon_insn(self, *args) ‑> bool: is_canon_insn(self, ph) -> bool
see processor_t::is_canon_insn()

ph: (C++: const processor_t &) processor_t const &

is_canon_insn(self) -> bool
def is_macro(self, *args) ‑> bool: is_macro(self) -> bool
Is a macro instruction?

class macro_constructor_t (*args)

Proxy of C++ macro_constructor_t class.

__init__(self) -> macro_constructor_t

self: PyObject *

Instance variables

var reserved: reserved

Methods

def build_macro(self, *args) ‑> bool: build_macro(self, insn, may_go_forward) -> bool
Try to extend the instruction.

insn: (C++: insn_t *) Instruction to modify, usually the first instruction of the macro

may_go_forward: (C++: bool) Is it ok to consider the next instruction for the macro?
This argument may be false, for example, if there is a cross reference to the end of INSN. In this case creating a macro is not desired. However, it may still be useful to perform minor tweaks to the instruction using the information about the surrounding instructions.

return: true if created an macro instruction. This function may modify 'insn'
and return false; these changes will be accepted by the kernel but the instruction will not be considered as a macro.

class op_t (*args)

Proxy of C++ op_t class.

__init__(self) -> op_t

Instance variables

var addr : ea_t: virtual address pointed or used by the operand. (o_mem,o_displ,o_far,o_near)
var dtype: Type of operand value (see Operand value types). Usually first 9 types are used. This is the type of the operand itself, not the size of the addressing mode. for example, byte ptr [epb+32_bit_offset] will have dt_byte type.
var flags: Operand flags
var n: Number of operand (0,1,2). Initialized once at the start of work. You have no right to change its value.
var offb: Offset of operand value from the instruction start (0 means unknown). Of course this field is meaningful only for certain types of operands. Leave it equal to zero if the operand has no offset. This offset should point to the 'interesting' part of operand. For example, it may point to the address of a function in call func or it may point to bytes holding '5' in mov ax, [bx+5] Usually bytes pointed to this offset are relocated (have fixup information).
var offo: Same as offb (some operands have 2 numeric values used to form an operand). This field is used for the second part of operand if it exists. Currently this field is used only for outer offsets of Motorola processors. Leave it equal to zero if the operand has no offset.
var phrase : uint16: number of register phrase (o_phrase,o_displ). you yourself define numbers of phrases as you like
var reg : uint16: number of register (o_reg)
var specflag1: specflag1
var specflag2: specflag2
var specflag3: specflag3
var specflag4: specflag4
var specval : ea_t: This field may be used as you want.
var type: Type of operand (see Operand types)
var value : ea_t: operand value (o_imm) or outer displacement (o_displ+OF_OUTER_DISP). integer values should be in IDA's (little-endian) order. when using ieee_realcvt(), floating point values should be in the processor's native byte order. dt_double and dt_qword values take up 8 bytes (value and addr fields for 32-bit modules). NB: in case a dt_dword/dt_qword immediate is forced to float by user, the kernel converts it to processor's native order before calling FP conversion routines.
var value64 : uint64: __get_value64__(self) -> uint64

Methods

def assign(self, *args) ‑> void: assign(self, other)
other: op_t const &
def clr_shown(self, *args) ‑> void: clr_shown(self)
Set operand to hidden.
def has_reg(self, r): Checks if the operand accesses the given processor register
def is_imm(self, *args) ‑> bool: is_imm(self, v) -> bool
Is immediate operand?

v: (C++: uval_t)
def is_reg(self, *args) ‑> bool: is_reg(self, r) -> bool
Is register operand?

r: (C++: int)
def set_shown(self, *args) ‑> void: set_shown(self)
Set operand to be shown.
def shown(self, *args) ‑> bool: shown(self) -> bool
Is operand set to be shown?

class operands_array (*args)

Proxy of C++ wrapped_array_t< op_t,8 > class.

__init__(self, data) -> operands_array

data: op_t (&)[8]

Instance variables

var bytes : bytevec_t: _get_bytes(self) -> bytevec_t
var data: data

class outctx_base_t (*args, **kwargs)

Proxy of C++ outctx_base_t class.

Subclasses

outctx_t

Instance variables

var F32: F32
var default_lnnum: default_lnnum
var insn_ea: insn_ea
var outbuf: outbuf

Methods

def close_comment(self, *args) ‑> void

close_comment(self)

def clr_gen_label(self, *args) ‑> void

clr_gen_label(self)

def display_voids(self, *args) ‑> bool

display_voids(self) -> bool

def flush_buf(self, *args) ‑> bool

flush_buf(self, buf, indent=-1) -> bool

Append contents of 'buf' to the line array. Behaves like flush_outbuf but accepts an arbitrary buffer

buf: (C++: const char *) char const *

indent: (C++: int)

def flush_outbuf(self, *args) ‑> bool

flush_outbuf(self, indent=-1) -> bool

Functions to populate the output line array (lnar) Move the contents of the output buffer to the line array (outbuf->lnar) The kernel augments the outbuf contents with additional text like the line prefix, user-defined comments, xrefs, etc at this call.

indent: (C++: int)

def forbid_annotations(self, *args) ‑> int

forbid_annotations(self) -> int

def force_code(self, *args) ‑> bool

force_code(self) -> bool

def gen_block_cmt(self, *args) ‑> bool

gen_block_cmt(self, cmt, color) -> bool

Generate big non-indented comment lines.

cmt: (C++: const char *) comment text. may contain \n characters to denote new lines. should

not contain comment character (;)

color: (C++: color_t) color of comment text (one of Color tags)

return: overflow, lnar_maxsize has been reached

def gen_border_line(self, *args) ‑> bool

gen_border_line(self, solid=False) -> bool

Generate thin border line. This function does nothing if generation of border lines is disabled.

solid: (C++: bool) generate solid border line (with =), otherwise with -

return: overflow, lnar_maxsize has been reached

def gen_cmt_line(self, *args) ‑> bool

gen_cmt_line(self, format) -> bool

Generate one non-indented comment line, colored with COLOR_AUTOCMT.

format: (C++: const char *) printf() style format line. The resulting comment line should not

include comment character (;)

return: overflow, lnar_maxsize has been reached

def gen_collapsed_line(self, *args) ‑> bool

gen_collapsed_line(self, format) -> bool

Generate one non-indented comment line, colored with COLOR_COLLAPSED.

format: (C++: const char *) printf() style format line. The resulting comment line should not

include comment character (;)

return: overflow, lnar_maxsize has been reached

def gen_empty_line(self, *args) ‑> bool

gen_empty_line(self) -> bool

Generate empty line. This function does nothing if generation of empty lines is disabled.

return: overflow, lnar_maxsize has been reached

def gen_empty_line_without_annotations(self, *args) ‑> void

gen_empty_line_without_annotations(self)

def gen_printf(self, *args) ‑> bool

gen_printf(self, indent, format) -> bool

printf-like function to add lines to the line array.

indent: (C++: int) indention of the line. if indent == -1, the kernel will indent

the line at idainfo::indent. if indent < 0, -indent will be used for indention. The first line printed with indent < 0 is considered as the most important line at the current address. Usually it is the line with the instruction itself. This line will be displayed in the cross-reference lists and other places. If you need to output an additional line before the main line then pass DEFAULT_INDENT instead of -1. The kernel will know that your line is not the most important one.

format: (C++: const char *) printf style colored line to generate

return: overflow, lnar_maxsize has been reached

def gen_xref_lines(self, *args) ‑> bool

gen_xref_lines(self) -> bool

def getF(self, *args) ‑> flags64_t

getF(self) -> flags64_t

def get_stkvar(self, *args) ‑> member_t *

get_stkvar(self, arg2, arg3, arg4, arg5) -> member_t *

arg2: op_t const &

arg3: uval_t

arg4: sval_t *

arg5: int *

def init_lines_array(self, *args) ‑> void

init_lines_array(self, answers, maxsize)

answers: qstrvec_t *

maxsize: int

def multiline(self, *args) ‑> bool

multiline(self) -> bool

def only_main_line(self, *args) ‑> bool

only_main_line(self) -> bool

def out_addr_tag(self, *args) ‑> void

out_addr_tag(self, ea)

Output "address" escape sequence.

ea: (C++: ea_t)

def out_btoa(self, *args) ‑> void

out_btoa(self, Word, radix=0)

Output a number with the specified base (binary, octal, decimal, hex) The number is output without color codes. see also out_long()

Word: (C++: uval_t)

radix: (C++: char)

def out_char(self, *args) ‑> void

out_char(self, c)

Output one character. The character is output without color codes. see also

out_symbol()

c: (C++: char)

def out_chars(self, *args) ‑> void

out_chars(self, c, n)

Append a character multiple times.

c: (C++: char)

n: (C++: int)

def out_colored_register_line(self, *args) ‑> void

out_colored_register_line(self, str)

Output a colored line with register names in it. The register names will be substituted by user-defined names (regvar_t) Please note that out_tagoff tries to make substitutions too (when called with COLOR_REG)

str: (C++: const char *) char const *

def out_keyword(self, *args) ‑> void

out_keyword(self, str)

Output a string with COLOR_KEYWORD color.

str: (C++: const char *) char const *

def out_line(self, *args) ‑> void

out_line(self, str, color=0)

Output a string with the specified color.

str: (C++: const char *) char const *

color: (C++: color_t)

def out_long(self, *args) ‑> void

out_long(self, v, radix)

Output a number with appropriate color. Low level function. Use out_value() if you can. if 'suspop' is set then this function uses COLOR_VOIDOP instead of COLOR_NUMBER. 'suspop' is initialized:

in out_one_operand()
in ..\ida\gl.cpp (before calling processor_t::d_out())

v: (C++: sval_t) value to output

radix: (C++: char) base (2,8,10,16)

def out_name_expr(self, *args) ‑> bool

out_name_expr(self, x, ea, off=BADADDR) -> bool

Output a name expression.

x: (C++: const op_t &) instruction operand referencing the name expression

ea: (C++: ea_t) address to convert to name expression

off: (C++: adiff_t) the value of name expression. this parameter is used only to check

that the name expression will have the wanted value. You may pass BADADDR for this parameter but I discourage it because it prohibits checks.

return: true if the name expression has been produced

def out_printf(self, *args) ‑> size_t

out_printf(self, format) -> size_t

Functions to append text to the current output buffer (outbuf) Append a formatted string to the output string.

format: (C++: const char *) char const *

return: the number of characters appended

def out_register(self, *args) ‑> void

out_register(self, str)

Output a character with COLOR_REG color.

str: (C++: const char *) char const *

def out_spaces(self, *args) ‑> void

out_spaces(self, len)

Appends spaces to outbuf until its tag_strlen becomes 'len'.

len: (C++: ssize_t)

def out_symbol(self, *args) ‑> void

out_symbol(self, c)

Output a character with COLOR_SYMBOL color.

c: (C++: char)

def out_tagoff(self, *args) ‑> void

out_tagoff(self, tag)

Output "turn color off" escape sequence.

tag: (C++: color_t)

def out_tagon(self, *args) ‑> void

out_tagon(self, tag)

Output "turn color on" escape sequence.

tag: (C++: color_t)

def out_value(self, *args) ‑> flags64_t

out_value(self, x, outf=0) -> flags64_t

Output immediate value. Try to use this function to output all constants of instruction operands. This function outputs a number from x.addr or x.value in the form determined by F. It outputs colored text.

x: (C++: const op_t &) value to output

outf: (C++: int) Output value flags

return: flags of the output value, otherwise: -1 if printed a number with

COLOR_ERROR 0 if printed a nice number or character or segment or enum

def print_label_now(self, *args) ‑> bool

print_label_now(self) -> bool

def restore_ctxflags(self, *args) ‑> void

restore_ctxflags(self, saved_flags)

saved_flags: int

def retrieve_cmt(self, *args) ‑> ssize_t

retrieve_cmt(self) -> ssize_t

def retrieve_name(self, *args) ‑> ssize_t

retrieve_name(self, arg2, arg3) -> ssize_t

arg2: qstring *

arg3: color_t *

def set_comment_addr(self, *args) ‑> void

set_comment_addr(self, ea)

ea: ea_t

def set_dlbind_opnd(self, *args) ‑> void

set_dlbind_opnd(self)

def set_gen_cmt(self, *args) ‑> void

set_gen_cmt(self, on=True)

on: bool

def set_gen_demangled_label(self, *args) ‑> void

set_gen_demangled_label(self)

def set_gen_label(self, *args) ‑> void

set_gen_label(self)

def set_gen_xrefs(self, *args) ‑> void

set_gen_xrefs(self, on=True)

on: bool

def setup_outctx(self, *args) ‑> void

setup_outctx(self, prefix, makeline_flags)

Initialization; normally used only by the kernel.

prefix: (C++: const char *) char const *

makeline_flags: (C++: int)

def stack_view(self, *args) ‑> bool

stack_view(self) -> bool

def term_outctx(self, *args) ‑> int

term_outctx(self, prefix=None) -> int

Finalize the output context.

prefix: (C++: const char *) char const *

return: the number of generated lines.

class outctx_t (*args, **kwargs)

Proxy of C++ outctx_t class.

Ancestors

outctx_base_t

Instance variables

var ash: ash
var bin_ea: bin_ea
var bin_state: bin_state
var bin_width: bin_width
var curlabel: curlabel
var gl_bpsize: gl_bpsize
var insn: insn
var next_line_ea: next_line_ea
var ph: ph
var prefix_ea: prefix_ea
var procmod: procmod
var saved_immvals: saved_immvals
var wif: wif

Methods

def gen_func_footer(self, *args) ‑> void: gen_func_footer(self, pfn)
pfn: func_t const *
def gen_func_header(self, *args) ‑> void: gen_func_header(self, pfn)
pfn: func_t *
def gen_header(self, *args) ‑> void: gen_header(self, flags=((1 << 0)|(1 << 1)), proc_name=None, proc_flavour=None)

flags: int

proc_name: char const *

proc_flavour: char const *
def gen_header_extra(self, *args) ‑> void: gen_header_extra(self)
def out_custom_mnem(self, *args) ‑> void: out_custom_mnem(self, mnem, width=8, postfix=None)
Output custom mnemonic for 'insn'. E.g. if it should differ from the one in 'ph.instruc'. This function outputs colored text. See out_mnem

mnem: (C++: const char *) custom mnemonic

width: (C++: int) width of field with mnemonic. if < 0, then 'postfix' will be
output before the mnemonic, i.e. as a prefix

postfix: (C++: const char *) optional postfix added to 'mnem'
def out_data(self, *args) ‑> void: out_data(self, analyze_only)
analyze_only: bool
def out_fcref_names(self, *args) ‑> void: out_fcref_names(self)
Print addresses referenced *from* the specified address as commented symbolic names. This function is used to show, for example, multiple callees of an indirect call. This function outputs colored text.
def out_immchar_cmts(self, *args) ‑> void: out_immchar_cmts(self)
Print all operand values as commented character constants. This function is used to comment void operands with their representation in the form of character constants. This function outputs colored text.
def out_mnem(self, *args) ‑> void: out_mnem(self, width=8, postfix=None)
Output instruction mnemonic for 'insn' using information in 'ph.instruc' array. This function outputs colored text. It should be called from processor_t::ev_out_insn() or processor_t::ev_out_mnem() handler. It will output at least one space after the instruction. mnemonic even if the specified 'width' is not enough.

width: (C++: int) width of field with mnemonic. if < 0, then 'postfix' will be
output before the mnemonic, i.e. as a prefix

postfix: (C++: const char *) optional postfix added to the instruction mnemonic
def out_mnemonic(self, *args) ‑> void: out_mnemonic(self)
Output instruction mnemonic using information in 'insn'. It should be called from processor_t::ev_out_insn() and it will call processor_t::ev_out_mnem() or out_mnem. This function outputs colored text.
def out_one_operand(self, *args) ‑> bool: out_one_operand(self, n) -> bool
Use this function to output an operand of an instruction. This function checks for the existence of a manually defined operand and will output it if it exists. It should be called from processor_t::ev_out_insn() and it will call processor_t::ev_out_operand(). This function outputs colored text.

n: (C++: int) 0..UA_MAXOP-1 operand number

retval 1: operand is displayed

retval 0: operand is hidden
def out_specea(self, *args) ‑> bool: out_specea(self, segtype) -> bool
segtype: uchar
def set_bin_state(self, *args) ‑> void: set_bin_state(self, value)
value: int
def setup_outctx(self, *args) ‑> void: setup_outctx(self, prefix, flags)
Initialization; normally used only by the kernel.

prefix: (C++: const char *) char const *

flags: int

Inherited members

outctx_base_t:
- F32
- close_comment
- clr_gen_label
- default_lnnum
- display_voids
- flush_buf
- flush_outbuf
- forbid_annotations
- force_code
- gen_block_cmt
- gen_border_line
- gen_cmt_line
- gen_collapsed_line
- gen_empty_line
- gen_empty_line_without_annotations
- gen_printf
- gen_xref_lines
- getF
- get_stkvar
- init_lines_array
- insn_ea
- multiline
- only_main_line
- out_addr_tag
- out_btoa
- out_char
- out_chars
- out_colored_register_line
- out_keyword
- out_line
- out_long
- out_name_expr
- out_printf
- out_register
- out_spaces
- out_symbol
- out_tagoff
- out_tagon
- out_value
- outbuf
- print_label_now
- restore_ctxflags
- retrieve_cmt
- retrieve_name
- set_comment_addr
- set_dlbind_opnd
- set_gen_cmt
- set_gen_demangled_label
- set_gen_label
- set_gen_xrefs
- stack_view
- term_outctx