Fast and lightweight x86/x86-64 disassembler and code generation library
AVX-VNNI-INT16
, SHA512
, SM3
, SM4
and PBNDKB
ISA extensions by @flobernd in https://github.com/zyantific/zydis/pull/449
UD0_COMPAT
decoder mode by @flobernd in https://github.com/zyantific/zydis/pull/477
PCOMMIT
instruction by @flobernd in https://github.com/zyantific/zydis/pull/429
ZydisFeature
enum max value constant by @athre0z in https://github.com/zyantific/zydis/pull/408
CXX
from project
directive by @athre0z in https://github.com/zyantific/zydis/pull/418
ZydisInfo
and ZydisDisasm
by @flobernd in https://github.com/zyantific/zydis/pull/433
(void)
on functions without args by @athre0z in https://github.com/zyantific/zydis/pull/442
ZydisRegisterGetLargestEnclosing
by @flobernd in https://github.com/zyantific/zydis/pull/456
Full Changelog: https://github.com/zyantific/zydis/compare/v4.0.0...v4.1.0
Minimum required Zycore version: v1.5.0
Check out our corresponding blog article for details and examples!
We offer a porting guide for the breaking changes from v3
to v4
.
AMX
instructions by @flobernd in #271
accessed_flags
flags field from ZydisDecodedInstruction
by @flobernd in #262
st0
operand visibility as specified by SDM by @athre0z in #331
ZydisEncoderNopFill
by @mappzor in #376
ZydisRegister
and ZydisRegisterClass
by @flobernd in #283
ZydisInfo
by @flobernd in #285
MASM
style disassembly by @flobernd in #298
Full Changelog: https://github.com/zyantific/zydis/compare/v3.2.1...v4.0.0
We offer a porting guide for the breaking changes from v3
to v4
.
AMX
instructions by @flobernd in #271
accessed_flags
flags field from ZydisDecodedInstruction
by @flobernd in #262
st0
operand visibility as specified by SDM by @athre0z in #331
ZydisEncoderNopFill
by @mappzor in #376
ZydisRegister
and ZydisRegisterClass
by @flobernd in #283
ZydisInfo
by @flobernd in #285
MASM
style disassembly by @flobernd in #298
Full Changelog: https://github.com/zyantific/zydis/compare/v3.2.1...v4.0.0
This is a security update.
This version is both API and ABI compatible with v3.2.0
.
Note: This was already published previously. If you just got a second notification for this, it's because something went wrong when placing the original tag on the right commit, and the corresponding release was deleted by GitHub when the tag was adjusted. No action is required and if you previously pulled from the old tag, you still have the latest released code. Sorry for the inconvenience!
flags_read
and flags_written
masks to ZydisDecodedInstruction
for more intuitive and performant access4FMAPS
multisource operandsCET
no-track prefixMVEX
rounding mode decodingXOP
/VEX
/EVEX
is invalid in 16-bit real modeSP
/BP
memory operands by stack- instead of address-sizeZYDIS_ATTRIB_ACCEPTS_SEGMENT
for non legacy instructions*1
PTR
operands{sae}
/{rc}
formattingMIB
operands{z}
decorator for instructions with control-maskingjmp
/call
address (AT&T)FP16
instructionsVNNI
instructionsHRESET
instructionsKEYLOCKER
instructionsTDX
instructionsINVLPGB
instructionsmcommit
instructionSERIALIZE
and TSX-LDTRK
instructionsSNP
instructionsAMX
instructionsLODS{B|W|D|Q}
leave
instructioninvlpga
and pvalidate
pseudo memory operand register widthbsf
/bsr
destination operand actionDI
/SI
operand access action for stos{b|w|d|q}
/movs{b|w|d|q}
instructionsCET
/VMX
decoding in real modeECX
scaling for pcmpestri
/vpcmpestri
/pcmpistri
/vpcmpistri
jcxz
/jrcxz
encodingsES
segmentBNDC{L|N|U}
vmrun
and vmsave
invlpgb
with 16-bit address-sizeshort
-> near
for jkzd
/jknzd
CMake
filesZydisInfo
toolLOOP/LOOPE/LOOPNE
as short-branch
(#126)EVEX.B
for vcvtsi2sd
/vcvtusi2sd
EVEX.W = 0
forms (#133)REX.X
for RM
-encoded BND
registers (#133)MIB
operands (e.g. bndldx
/bndstx
) (#133)VGATHERPF0{D|Q}{PS|PD}
instructionBOUND
registersZydisDecodedInstruction.raw.prefixes[n].type
in some edge casesAT&T
formatter-styleMASM
formatter-styleZydisFormatterTokenizeInstruction
/ZydisFormatterTokenizeInstructionEx
and ZydisFormatterTokenizeOperand
/ZydisFormatterTokenizeOperandEx
generates a token-list instead of a simple stringMNEMONIC
, REGISTER
, DELIMITER
) and contains a stringZYDIS_FORMATTER_PROP_UPPERCASE
property with more granular options
prefixes
, mnemonics
, registers
, typecasts
and decorators
ZYDIS_FORMATTER_PROP_FORCE_RELATIVE_BRANCHES
ZYDIS_FORMATTER_PROP_FORCE_RELATIVE_RIPREL
EIP/RIP
-relative instructionsZYDIS_FORMATTER_PROP_PRINT_BRANCH_SIZE
short
/near
)BF16
instructionsvp2intersect{d|q}
instructionsenqcmd
and enqcmds
instructionsrdpru
instructionPADLOCK
instructionsCLDEMOTE
, MOVDIR
and WAITPKG
extensionsPKRU
register to the RDPKRU
/WRPKRU
instructionsv4fmaddss
, v4fnmaddss
and vcvtps2ph
KNL
gather/scatter memory operand widthVP4DPWSSDS
memory operandMONITOR
, MONITORX
, MWAIT
and MWAITX
operandsCLRSSBSY
memory operand is read-writeVMREAD
destination operand is write-onlynop
(0F 1C
) with 66
prefixrdrand
and rdseed
with 66
prefixxstore
with 66
prefixFLAGS/EFLAGS/RFLAGS
and X87STATUS
operandsmovsxd
source register widthCMPPS
, VCMPPD
, ...)ENCLS
or BNDCL
) are using non-default address-size configurations like ignoring the address-size override prefix or forcing the address size to certain valuesMODRM_RM
instead of MODRM_REG
for the destination register of EXTRQ
W0
filter from LLWPCB
/SLWPCB
(is allowed to have 64-bit operand-size)ZYDIS_ATTRIB_CPU_STATE_{CR|CW}
for general CPU-state accessZYDIS_ATTRIB_FPU_STATE_{CR|CW}
for FPU-state (x87 and MMX) accessZYDIS_ATTRIB_XMM_STATE_{CR|CW}
for XMM-state accessTEST
and MODIFIY
certain flags at the same time
TESTED_MODIFIED
ZYDIS_ATTRIB_CPU_STATE_{CR|CW}
attribute to iret{d|q}
CS
and SS
registers to syscall
and sysret
ZydisInfo
toolZydisGetInstructionSegments
helper function
OPCODE
, MODRM
, ...) to an offset-size pairZydisInfo
tool now prints the hexadecimal instruction bytes using different colors considering the instruction segmentZydisCalcAbsoluteAddressEx
which takes an additional register-context argument to allow calculation of addresses depending on runtime register valuesZYDIS_MINIMAL_MODE
CMake option
ZYDIS_DECODER_MODE_MINIMAL
ZydisInfo
and ZydisDisasm
as intendedVGATHERPF0{D|Q}{PS|PD}
instruction0
valuesTEST
and MODIFIY
certain flags at the same time
TESTED_MODIFIED
Improved instruction decoding
IS4
encoded operands in non 64-bit modeImproved formatter
XACQUIRE
/XRELEASE
prefixes (formatter)Fixed some instruction definitions
SCAS
, INS
and STOS
does not allow the default ES
segment to be overridden with a segment override prefixSAVESSP
to SAVEPREVSSP
ENCLS
, ENCLU
and ENCLV
instructionsMisc bugfixes
extern "C"
block in String.h
MOFFS
memory operands to ZYDIS_MEMOP_TYPE_MEM
instead of ZYDIS_MEMOP_TYPE_INVALID