Instruction (B2R2)

Instruction Type

Namespace: B2R2.FrontEnd.BinLifter
Assembly: B2R2.FrontEnd.BinLifter.Core.dll
Base Type: obj

A high-level class representing a single machine instruction in a platform-independent manner. It provides useful methods for accessing useful information about the instruction.

Constructors

Constructor Description

Constructor	Description
`Instruction(addr, len, wordSize)` Full Usage: `Instruction(addr, len, wordSize)` Parameters: addr : `Addr` len : `uint32` wordSize : `WordSize` Returns: `Instruction`	addr : `Addr` len : `uint32` wordSize : `WordSize` Returns: `Instruction`


                
                  
                    
                      Instruction(addr, len, wordSize)

Full Usage: Instruction(addr, len, wordSize)

Parameters:

addr : Addr

len : uint32

wordSize : WordSize

Returns: Instruction

addr : Addr
len : uint32
wordSize : WordSize

Returns: Instruction

Instance members

Instance member	Description
`this.Address` Full Usage: `this.Address` Returns: `Addr`	The address of this instruction. Returns: `Addr`
`this.Decompose(arg1)` Full Usage: `this.Decompose(arg1)` Parameters: arg0 : `bool` Returns: `AsmWord[]` Returns an array of AsmWords. Modifiers: abstract	Decompose this instruction into AsmWords. arg0 : `bool` Returns: `AsmWord[]` Returns an array of AsmWords.
`this.DirectBranchTarget(addr)` Full Usage: `this.DirectBranchTarget(addr)` Parameters: addr : `byref<Addr>` Returns: `bool` Returns true if a target address exists. Otherwise, returns false. Modifiers: abstract	Return a branch target address if we can directly compute it, i.e., for direct branches. addr : `byref<Addr>` Returns: `bool` Returns true if a target address exists. Otherwise, returns false.
`this.Disasm()` Full Usage: `this.Disasm()` Returns: `string` Returns a disassembled string. Modifiers: abstract	Disassemble this instruction without resolving symbols. Returns: `string` Returns a disassembled string.
`this.Disasm(showAddr, resolveSymbol, disasmHelper)` Full Usage: `this.Disasm(showAddr, resolveSymbol, disasmHelper)` Parameters: showAddr : `bool` - Whether to show the instruction address in the resulting disassembly. resolveSymbol : `bool` - Whether to resolve symbols while disassembling the instruction. For example, when there is a call target, we the disassembled string will show the target function name if this parameter is true, and the symbol information exists. disasmHelper : `DisasmHelper` - The helper allows our disassembler to resolve symbols. Returns: `string` Returns a disassembled string. Modifiers: abstract	Disassemble this instruction. showAddr : `bool` Whether to show the instruction address in the resulting disassembly. resolveSymbol : `bool` Whether to resolve symbols while disassembling the instruction. For example, when there is a call target, we the disassembled string will show the target function name if this parameter is true, and the symbol information exists. disasmHelper : `DisasmHelper` The helper allows our disassembler to resolve symbols. Returns: `string` Returns a disassembled string.
`this.GetNextInstrAddrs()` Full Usage: `this.GetNextInstrAddrs()` Returns: `seq<Addr * ArchOperationMode>` Modifiers: abstract	Return a sequence of possible next instruction addresses along with their ArchOperationMode. For branch instructions, the returned sequence includes jump target(s). For regular instructions, the sequence is a singleton of the fall-through address. This function does not resolve indirect branch targets. Returns: `seq<Addr * ArchOperationMode>`
`this.Immediate(v)` Full Usage: `this.Immediate(v)` Parameters: v : `byref<int64>` Returns: `bool` Returns true if an immediate exists. Otherwise, returns false. Modifiers: abstract	Return an integer immediate value of the instruction if there is one. This function will ignore floating-point immediate values. v : `byref<int64>` Returns: `bool` Returns true if an immediate exists. Otherwise, returns false.
`this.IndirectTrampolineAddr(addr)` Full Usage: `this.IndirectTrampolineAddr(addr)` Parameters: addr : `byref<Addr>` Returns: `bool` Returns true if a trampoline address exists. Otherwise, returns false. Modifiers: abstract	Return a trampoline address of an indirect branch instruction if we can directly compute the address. For example, `JMP [RIP + 0x42]` is an indirect branch instruction, but we can compute the trampoline address as RIP is statically known anyways when PIC is off. addr : `byref<Addr>` Returns: `bool` Returns true if a trampoline address exists. Otherwise, returns false.
`this.InterruptNum(num)` Full Usage: `this.InterruptNum(num)` Parameters: num : `byref<int64>` Returns: `bool` Modifiers: abstract	Return the interrupt number if this is an interrupt instruction. num : `byref<int64>` Returns: `bool`
`this.IsBBLEnd()` Full Usage: `this.IsBBLEnd()` Returns: `bool` Returns true if this instruction should be at the end of the corresponding basic block. Modifiers: abstract	Does this instruction end a basic block? For example, this function returns true for branch instructions and exit instructions. We also consider system call instructions as an end of basic blocks. Returns: `bool` Returns true if this instruction should be at the end of the corresponding basic block.
`this.IsBranch()` Full Usage: `this.IsBranch()` Returns: `bool` Returns true if this is a branch instruction. Modifiers: abstract	Is this a branch instruction? A branch instruction includes any kinds of jump instructions, such as CALL/RET instructions, indirect/direct jump instructions, and conditional jump instructions. Returns: `bool` Returns true if this is a branch instruction.
`this.IsCJmpOnTrue()` Full Usage: `this.IsCJmpOnTrue()` Returns: `bool` Returns true if this is a conditional branch instruction, and jumps to the target when the predicate is true. Modifiers: abstract	Is this a conditional branch instruction, and it jumps to the branch target when the predicate is true? For example, this method returns true for `JE` instructions of Intel, but false for `JNE` instructions. Returns: `bool` Returns true if this is a conditional branch instruction, and jumps to the target when the predicate is true.
`this.IsCall()` Full Usage: `this.IsCall()` Returns: `bool` Returns true if this is a call instruction. Modifiers: abstract	Is this a call instruction? Returns: `bool` Returns true if this is a call instruction.
`this.IsCondBranch()` Full Usage: `this.IsCondBranch()` Returns: `bool` Returns true if this is a conditional branch instruction. Modifiers: abstract	Is this a conditional branch instruction? Returns: `bool` Returns true if this is a conditional branch instruction.
`this.IsDirectBranch()` Full Usage: `this.IsDirectBranch()` Returns: `bool` Returns true if this is a direct branch instruction. Modifiers: abstract	Is this a direct branch instruction? A direct branch instruction is a branch instruction with a concrete jump target, which is inscribed in its operand. For example, `CALL ECX` is not a direct branch instruction, but `JMP +10` is. Returns: `bool` Returns true if this is a direct branch instruction.
`this.IsExit()` Full Usage: `this.IsExit()` Returns: `bool` Returns true if this instruction should be at the end of the corresponding basic block. Modifiers: abstract	Does this instruction exits the program execution? For example, this function returns true for the `HLT` instruction of Intel. We also consider returning from kernel mode to user mode (e.g. `SYSEXIT` instruction of Intel) as an exit. Returns: `bool` Returns true if this instruction should be at the end of the corresponding basic block.
`this.IsIndirectBranch()` Full Usage: `this.IsIndirectBranch()` Returns: `bool` Returns true if this is an indirect branch instruction. Modifiers: abstract	Is this an indirect branch instruction? An indirect branch instruction is a branch instruction with a symbolic jump target. Thus, the jump target is only computed at runtime. Returns: `bool` Returns true if this is an indirect branch instruction.
`this.IsInlinedAssembly()` Full Usage: `this.IsInlinedAssembly()` Returns: `bool` Modifiers: abstract	Returns: `bool`
`this.IsInterrupt()` Full Usage: `this.IsInterrupt()` Returns: `bool` Returns true if this is an interrupt instruction Modifiers: abstract	Does this instruction involve an interrupt? Returns: `bool` Returns true if this is an interrupt instruction
`this.IsModeChanging()` Full Usage: `this.IsModeChanging()` Returns: `bool` Returns true if this is a mode-changing instruction. Modifiers: abstract	Is this a mode-changing instruction? In ARMv7, BLX is such an instruction. Returns: `bool` Returns true if this is a mode-changing instruction.
`this.IsNop()` Full Usage: `this.IsNop()` Returns: `bool` Returns true if this instruction is a NO-OP. Modifiers: abstract	Is this a NO-OP instruction? Returns: `bool` Returns true if this instruction is a NO-OP.
`this.IsRET()` Full Usage: `this.IsRET()` Returns: `bool` Returns true if this is a return instruction. Modifiers: abstract	Is this a return instruction? Returns: `bool` Returns true if this is a return instruction.
`this.Length` Full Usage: `this.Length` Returns: `uint32`	The length of this instruction in bytes. Returns: `uint32`
`this.Translate(ctxt)` Full Usage: `this.Translate(ctxt)` Parameters: ctxt : `TranslationContext` - Translation context. Returns: `Stmt[]` Returns an array of LowUIR statements. Modifiers: abstract	Lift this instruction into a LowUIR given a translation context. ctxt : `TranslationContext` Translation context. Returns: `Stmt[]` Returns an array of LowUIR statements.
`this.WordSize` Full Usage: `this.WordSize` Returns: `WordSize`	The word size used for translating this instruction. Some architectures have several representations of their instruction sets depending on the word size. For example, Intel can be represented as either x86 or x86-64 depending on the word size used. We store this information per instruction to distinguish specific instruction sets used. Returns: `WordSize`