Expand description
Low-level, unsafe Rust bindings for the Capstone disassembly library.
We recommend against using this crate directly. Instead, consider using capstone-rs, which provides a high-level, safe, “Rusty” interface.
§Supported disassembly architectures
arm: ARMarm64: ARM64 (also known as AArch64)mips: MIPSppc: PowerPCsparc: SPARCsysz: System zx86: x86 family (includes 16, 32, and 64 bit modes)xcore: XCore
For each architecture, at least the following types are defined (replace ARCH with
architecture names shown above):
enum ARCH_insn: instruction idsenum ARCH_insn_group: architecture-specific group idsenum ARCH_op_type: instruction operand types idsenum ARCH_reg1: register idsstruct ARCH_op_mem: operand referring to memorystruct cs_ARCH_op: instruction operandstruct cs_ARCH: instruction
Note: documentation for functions/types was taken directly from Capstone C headers.
1: Defined as a “constified” enum modules because discriminant values are not unique. Rust requires discriminant values to be unique.
Modules§
- arm64_
insn_ group - arm64_
reg - arm_
insn_ group - arm_reg
- cs_err
- cs_
group_ type - cs_
opt_ value - evm_
insn_ group - m68k_
reg - m680x_
reg - mips_
insn_ group - mips_
reg - ppc_
insn_ group - ppc_reg
- riscv_
insn_ group - riscv_
reg - sparc_
insn_ group - sparc_
reg - sysz_
insn_ group - sysz_
reg - tms320c64x_
insn_ group - tms320c64x_
reg - x86_
insn_ group - x86_reg
- xcore_
insn_ group - xcore_
reg
Structs§
- Capstone
Arch Info - Information specific to architecture
- __
va_ list_ tag - arm64_
op_ mem - Instruction’s operand referring to memory This is associated with ARM64_OP_MEM operand type above
- arm_
op_ mem - Instruction’s operand referring to memory This is associated with ARM_OP_MEM operand type above
- bpf_
op_ mem - Instruction’s operand referring to memory This is associated with BPF_OP_MEM operand type above
- cs_
ac_ type - Common instruction operand access types - to be consistent across all architectures. It is possible to combine access types, for example: CS_AC_READ | CS_AC_WRITE
- cs_arm
- Instruction structure
- cs_
arm64 - Instruction structure
- cs_
arm64_ op - Instruction operand
- cs_
arm64_ op__ bindgen_ ty_ 1 - cs_
arm_ op - Instruction operand
- cs_
arm_ op__ bindgen_ ty_ 1 - cs_bpf
- Instruction structure
- cs_
bpf_ op - Instruction operand
- cs_
detail - NOTE: All information in cs_detail is only available when CS_OPT_DETAIL = CS_OPT_ON Initialized as memset(., 0, offsetof(cs_detail, ARCH)+sizeof(cs_ARCH)) by ARCH_getInstruction in arch/ARCH/ARCHDisassembler.c if cs_detail changes, in particular if a field is added after the union, then update arch/ARCH/ARCHDisassembler.c accordingly
- cs_evm
- Instruction structure
- cs_insn
- Detail information of disassembled instruction
- cs_m68k
- The M68K instruction and it’s operands
- cs_
m68k_ op - Instruction operand
- cs_
m68k_ op_ reg_ pair - Register pair in one operand.
- cs_
m680x - The M680X instruction and it’s operands
- cs_
m680x_ op - Instruction operand
- cs_mips
- Instruction structure
- cs_
mips_ op - Instruction operand
- cs_mode
- Mode type
- cs_
mos65xx - The MOS65XX address mode and it’s operands
- cs_
mos65xx_ op - Instruction operand
- cs_
opt_ mem - User-defined dynamic memory related functions: malloc/calloc/realloc/free/vsnprintf() By default, Capstone uses system’s malloc(), calloc(), realloc(), free() & vsnprintf().
- cs_
opt_ mnem - Customize mnemonic for instructions with alternative name. To reset existing customized instruction to its default mnemonic, call cs_option(CS_OPT_MNEMONIC) again with the same @id and NULL value for @mnemonic.
- cs_
opt_ skipdata - User-customized setup for SKIPDATA option
- cs_ppc
- Instruction structure
- cs_
ppc_ op - Instruction operand
- cs_
riscv - cs_
riscv_ op - cs_
sparc - Instruction structure
- cs_
sparc_ op - Instruction operand
- cs_sysz
- cs_
sysz_ op - Instruction operand
- cs_
tms320c64x - cs_
tms320c64x__ bindgen_ ty_ 1 - cs_
tms320c64x__ bindgen_ ty_ 2 - cs_
tms320c64x_ op - cs_wasm
- Instruction structure
- cs_
wasm_ brtable - cs_
wasm_ op - cs_x86
- Instruction structure
- cs_
x86_ encoding - cs_
x86_ op - Instruction operand
- cs_
xcore - Instruction structure
- cs_
xcore_ op - Instruction operand
- m68k_
op_ br_ disp - m68k_
op_ mem - Instruction’s operand referring to memory This is associated with M68K_OP_MEM operand type above
- m68k_
op_ size - Operation size of the current instruction (NOT the actually size of instruction)
- m680x_
op_ ext - Instruction’s operand referring to extended addressing
- m680x_
op_ idx - Instruction’s operand referring to indexed addressing
- m680x_
op_ rel - Instruction’s memory operand referring to relative addressing (Bcc/LBcc)
- mips_
op_ mem - Instruction’s operand referring to memory This is associated with MIPS_OP_MEM operand type above
- ppc_
op_ crx - ppc_
op_ mem - Instruction’s operand referring to memory This is associated with PPC_OP_MEM operand type above
- riscv_
op_ mem - sparc_
op_ mem - Instruction’s operand referring to memory This is associated with SPARC_OP_MEM operand type above
- sysz_
op_ mem - Instruction’s operand referring to memory This is associated with SYSZ_OP_MEM operand type above
- tms320c64x_
op_ mem - x86_
op_ mem - Instruction’s operand referring to memory This is associated with X86_OP_MEM operand type above
- xcore_
op_ mem - Instruction’s operand referring to memory This is associated with XCORE_OP_MEM operand type above
Enums§
- arm64_
barrier_ op - Memory barrier operands
- arm64_
cc - ARM64 condition code
- arm64_
extender - ARM64 extender type
- arm64_
insn - ARM64 instruction
- arm64_
op_ type - Operand type for instruction’s operands
- arm64_
prefetch_ op - Prefetch operations (PRFM)
- arm64_
pstate - System PState Field (MSR instruction)
- arm64_
shifter - ARM64 shift type
- arm64_
sys_ op - SYS operands (IC/DC/AC/TLBI)
- arm64_
sysreg - System registers
- arm64_
vas - Vector arrangement specifier (for FloatingPoint/Advanced SIMD insn)
- arm_cc
- ARM condition code
- arm_
cpsflag_ type - Operand type for SETEND instruction
- arm_
cpsmode_ type - arm_
insn - ARM instruction
- arm_
mem_ barrier - The memory barrier constants map directly to the 4-bit encoding of the option field for Memory Barrier operations.
- arm_
op_ type - Operand type for instruction’s operands
- arm_
setend_ type - Operand type for SETEND instruction
- arm_
shifter - ARM shift type
- arm_
sysreg - arm_
vectordata_ type - Data type for elements of vector instructions.
- bpf_
op_ type - Operand type for instruction’s operands
- bpf_reg
- BPF registers
- cs_arch
- Architecture type
- cs_
op_ type - Common instruction operand types - to be consistent across all architectures.
- cs_
opt_ type - Runtime option for the disassembled engine
- evm_
insn - EVM instruction
- m68k_
address_ mode - M68K Addressing Modes
- m68k_
cpu_ size - Operation size of the CPU instructions
- m68k_
fpu_ size - Operation size of the FPU instructions (Notice that FPU instruction can also use CPU sizes if needed)
- m68k_
group_ type - Group of M68K instructions
- m68k_
insn - M68K instruction
- m68k_
op_ br_ disp_ size - Operand type for instruction’s operands
- m68k_
op_ type - Operand type for instruction’s operands
- m68k_
size_ type - Type of size that is being used for the current instruction
- m680x_
group_ type - Group of M680X instructions
- m680x_
insn - M680X instruction IDs
- m680x_
op_ type - Operand type for instruction’s operands
- mips_
insn - MIPS instruction
- mips_
op_ type - Operand type for instruction’s operands
- mos65xx_
address_ mode - MOS65XX Addressing Modes
- mos65xx_
op_ type - Operand type for instruction’s operands
- mos65xx_
reg - MOS65XX registers and special registers
- ppc_bc
- PPC branch codes for some branch instructions
- ppc_bh
- PPC branch hint for some branch instructions
- ppc_
insn - PPC instruction
- ppc_
op_ type - Operand type for instruction’s operands
- riscv_
insn - riscv_
op_ type - sparc_
cc - Enums corresponding to Sparc condition codes, both icc’s and fcc’s.
- sparc_
hint - Branch hint
- sparc_
insn - SPARC instruction
- sparc_
op_ type - Operand type for instruction’s operands
- sysz_cc
- Enums corresponding to SystemZ condition codes
- sysz_
insn - SystemZ instruction
- sysz_
op_ type - Operand type for instruction’s operands
- tms320c64x_
funit - tms320c64x_
insn - tms320c64x_
mem_ dir - tms320c64x_
mem_ disp - tms320c64x_
mem_ mod - tms320c64x_
op_ type - wasm_
op_ type - x86_
avx_ bcast - AVX broadcast type
- x86_
avx_ cc - AVX Code Condition type
- x86_
avx_ rm - AVX static rounding mode type
- x86_
insn - X86 instructions
- x86_
op_ type - Operand type for instruction’s operands
- x86_
prefix - Instruction prefixes - to be used in cs_x86.prefix[]
- x86_
sse_ cc - SSE Code Condition type
- x86_
xop_ cc - XOP Code Condition type
- xcore_
insn - XCore instruction
- xcore_
op_ type - Operand type for instruction’s operands
Constants§
- ARM64_
SYSREG_ DBGDTRTX_ EL0 - CS_
AC_ INVALID - < Uninitialized/invalid access type.
- CS_
AC_ READ - < Operand read from memory or register.
- CS_
AC_ WRITE - < Operand write to memory or register.
- CS_
MODE_ 16 - < 16-bit mode (X86)
- CS_
MODE_ 32 - < 32-bit mode (X86)
- CS_
MODE_ 64 - < 64-bit mode (X86, PPC)
- CS_
MODE_ ARM - < 32-bit ARM
- CS_
MODE_ BIG_ ENDIAN - < big-endian mode
- CS_
MODE_ BOOKE - < Book-E mode (PPC)
- CS_
MODE_ BPF_ CLASSIC - < Classic BPF mode (default)
- CS_
MODE_ BPF_ EXTENDED - < Extended BPF mode
- CS_
MODE_ LITTLE_ ENDIAN - < little-endian mode (default mode)
- CS_
MODE_ M68K_ 000 - < M68K 68000 mode
- CS_
MODE_ M68K_ 010 - < M68K 68010 mode
- CS_
MODE_ M68K_ 020 - < M68K 68020 mode
- CS_
MODE_ M68K_ 030 - < M68K 68030 mode
- CS_
MODE_ M68K_ 040 - < M68K 68040 mode
- CS_
MODE_ M68K_ 060 - < M68K 68060 mode
- CS_
MODE_ M680X_ 6301 - < M680X Hitachi 6301,6303 mode
- CS_
MODE_ M680X_ 6309 - < M680X Hitachi 6309 mode
- CS_
MODE_ M680X_ 6800 - < M680X Motorola 6800,6802 mode
- CS_
MODE_ M680X_ 6801 - < M680X Motorola 6801,6803 mode
- CS_
MODE_ M680X_ 6805 - < M680X Motorola/Freescale 6805 mode
- CS_
MODE_ M680X_ 6808 - < M680X Motorola/Freescale/NXP 68HC08 mode
- CS_
MODE_ M680X_ 6809 - < M680X Motorola 6809 mode
- CS_
MODE_ M680X_ 6811 - < M680X Motorola/Freescale/NXP 68HC11 mode
- CS_
MODE_ M680X_ CPU12 - < M680X Motorola/Freescale/NXP CPU12 < used on M68HC12/HCS12
- CS_
MODE_ M680X_ HCS08 - < M680X Freescale/NXP HCS08 mode
- CS_
MODE_ MCLASS - < ARM’s Cortex-M series
- CS_
MODE_ MICRO - < MicroMips mode (MIPS)
- CS_
MODE_ MIPS2 - < Mips II ISA
- CS_
MODE_ MIPS3 - < Mips III ISA
- CS_
MODE_ MIPS32 - < Mips32 ISA (Mips)
- CS_
MODE_ MIPS64 - < Mips64 ISA (Mips)
- CS_
MODE_ MIPS32 R6 - < Mips32r6 ISA
- CS_
MODE_ MOS65XX_ 65C02 - < MOS65XXX WDC 65c02
- CS_
MODE_ MOS65XX_ 6502 - < MOS65XXX MOS 6502
- CS_
MODE_ MOS65XX_ 65816 - < MOS65XXX WDC 65816, 8-bit m/x
- CS_
MODE_ MOS65XX_ 65816_ LONG_ M - < MOS65XXX WDC 65816, 16-bit m, 8-bit x
- CS_
MODE_ MOS65XX_ 65816_ LONG_ MX - CS_
MODE_ MOS65XX_ 65816_ LONG_ X - < MOS65XXX WDC 65816, 8-bit m, 16-bit x
- CS_
MODE_ MOS65XX_ W65C02 - < MOS65XXX WDC W65c02
- CS_
MODE_ QPX - < Quad Processing eXtensions mode (PPC)
- CS_
MODE_ RISC V32 - < RISCV RV32G
- CS_
MODE_ RISC V64 - < RISCV RV64G
- CS_
MODE_ RISCVC - < RISCV compressed instructure mode
- CS_
MODE_ SPE - < Signal Processing Engine mode (PPC)
- CS_
MODE_ THUMB - < ARM’s Thumb mode, including Thumb-2
- CS_
MODE_ V8 - < ARMv8 A32 encodings for ARM
- CS_
MODE_ V9 - < SparcV9 mode (Sparc)
- CS_
SUPPORT_ DIET - CS_
SUPPORT_ X86_ REDUCE - X86_
PREFIX_ REPE
Statics§
Functions§
- cs_
close ⚠ - Close CS handle: MUST do to release the handle when it is not used anymore. NOTE: this must be only called when there is no longer usage of Capstone, not even access to cs_insn array. The reason is the this API releases some cached memory, thus access to any Capstone API after cs_close() might crash your application.
- cs_
disasm ⚠ - Disassemble binary code, given the code buffer, size, address and number of instructions to be decoded. This API dynamically allocate memory to contain disassembled instruction. Resulting instructions will be put into @*insn
- cs_
disasm_ ⚠iter - Fast API to disassemble binary code, given the code buffer, size, address and number of instructions to be decoded. This API puts the resulting instruction into a given cache in @insn. See tests/test_iter.c for sample code demonstrating this API.
- cs_
errno ⚠ - Report the last error number when some API function fail. Like glibc’s errno, cs_errno might not retain its old value once accessed.
- cs_free⚠
- Free memory allocated by cs_malloc() or cs_disasm() (argument @insn)
- cs_
group_ ⚠name - Return friendly name of a group id (that an instruction can belong to) Find the group id from header file of corresponding architecture (arm.h for ARM, x86.h for X86, …)
- cs_
insn_ ⚠group - Check if a disassembled instruction belong to a particular group. Find the group id from header file of corresponding architecture (arm.h for ARM, x86.h for X86, …) Internally, this simply verifies if @group_id matches any member of insn->groups array.
- cs_
insn_ ⚠name - Return friendly name of an instruction in a string. Find the instruction id from header file of corresponding architecture (arm.h for ARM, x86.h for X86, …)
- cs_
malloc ⚠ - Allocate memory for 1 instruction to be used by cs_disasm_iter().
- cs_
op_ ⚠count - Count the number of operands of a given type. Find the operand type in header file of corresponding architecture (arm.h for ARM, x86.h for X86, …)
- cs_
op_ ⚠index - Retrieve the position of operand of given type in
.operands[] array. Later, the operand can be accessed using the returned position. Find the operand type in header file of corresponding architecture (arm.h for ARM, x86.h for X86, …) - cs_open⚠
- Initialize CS handle: this must be done before any usage of CS.
- cs_
option ⚠ - Set option for disassembling engine at runtime
- cs_
reg_ ⚠name - Return friendly name of register in a string. Find the instruction id from header file of corresponding architecture (arm.h for ARM, x86.h for X86, …)
- cs_
reg_ ⚠read - Check if a disassembled instruction IMPLICITLY used a particular register. Find the register id from header file of corresponding architecture (arm.h for ARM, x86.h for X86, …) Internally, this simply verifies if @reg_id matches any member of insn->regs_read array.
- cs_
reg_ ⚠write - Check if a disassembled instruction IMPLICITLY modified a particular register. Find the register id from header file of corresponding architecture (arm.h for ARM, x86.h for X86, …) Internally, this simply verifies if @reg_id matches any member of insn->regs_write array.
- cs_
regs_ ⚠access - Retrieve all the registers accessed by an instruction, either explicitly or implicitly.
- cs_
strerror ⚠ - Return a string describing given error code.
- cs_
support ⚠ - This API can be used to either ask for archs supported by this library, or check to see if the library was compile with ‘diet’ option (or called in ‘diet’ mode).
- cs_
version ⚠ - Return combined API version & major and minor version numbers.
Type Aliases§
- __
builtin_ va_ list - __
int8_ t - __
int16_ t - __
int32_ t - __
int64_ t - __
uint8_ t - __
uint16_ t - __
uint32_ t - __
uint64_ t - cs_
calloc_ t - cs_
free_ t - cs_
malloc_ t - cs_
realloc_ t - cs_regs
- Type of array to keep the list of registers
- cs_
skipdata_ cb_ t - User-defined callback function for SKIPDATA option. See tests/test_skipdata.c for sample code demonstrating this API.
- cs_
vsnprintf_ t - csh
- va_list
Unions§
- cs_
arm64_ op__ bindgen_ ty_ 2 - cs_
arm_ op__ bindgen_ ty_ 2 - cs_
bpf_ op__ bindgen_ ty_ 1 - cs_
detail__ bindgen_ ty_ 1 - Architecture-specific instruction info
- cs_
m68k_ op__ bindgen_ ty_ 1 - cs_
m680x_ op__ bindgen_ ty_ 1 - cs_
mips_ op__ bindgen_ ty_ 1 - cs_
mos65xx_ op__ bindgen_ ty_ 1 - cs_
ppc_ op__ bindgen_ ty_ 1 - cs_
riscv_ op__ bindgen_ ty_ 1 - cs_
sparc_ op__ bindgen_ ty_ 1 - cs_
sysz_ op__ bindgen_ ty_ 1 - cs_
tms320c64x_ op__ bindgen_ ty_ 1 - cs_
wasm_ op__ bindgen_ ty_ 1 - cs_
x86__ bindgen_ ty_ 1 - cs_
x86_ op__ bindgen_ ty_ 1 - cs_
xcore_ op__ bindgen_ ty_ 1 - m68k_
op_ size__ bindgen_ ty_ 1