Detailed changelog (since v2.0.3)
Decoder
- Improved legacy prefix decoding
- Fixed gather register check for
VGATHERPF0{D|Q}{PS|PD}instruction - Fixed some incorrect assert conditions
- Fixed check for invalid
BOUNDregisters - Fixed incorrect value of
ZydisDecodedInstruction.raw.prefixes[n].typein some edge cases
Formatter
- Implemented
AT&Tformatter-style - Implemented
MASMformatter-style - Implemented tokenization feature to the instruction
ZydisFormatterTokenizeInstruction/ZydisFormatterTokenizeInstructionExandZydisFormatterTokenizeOperand/ZydisFormatterTokenizeOperandExgenerates a token-list instead of a simple string- Each token has a type (like
MNEMONIC,REGISTER,DELIMITER) and contains a string - Tokenization allows users to receive the formatted instructions as a stream of tokens with annotations of their purpose, allowing for easier implementation of features such as syntax highlighting
- Numeric base (decimal, hexadecimal), signedness and padding can now be independently configured for all numeric types (addresses, displacements and immediates)
- Added "detailed prefixes" mode
- Prints all instruction prefixes instead of only the effective ones
- Replaced the
ZYDIS_FORMATTER_PROP_UPPERCASEproperty with more granular options- Allows configuration of the letter-case individually for
prefixes,mnemonics,registers,typecastsanddecorators
- Allows configuration of the letter-case individually for
- Implemented more formatter options
ZYDIS_FORMATTER_PROP_FORCE_RELATIVE_BRANCHES- Prints relative addresses instead of absolute ones for branch instructions
ZYDIS_FORMATTER_PROP_FORCE_RELATIVE_RIPREL- Prints relative addresses instead of absolute ones for
EIP/RIP-relative instructions
- Prints relative addresses instead of absolute ones for
ZYDIS_FORMATTER_PROP_PRINT_BRANCH_SIZE- Prints the size of branch instructions (
short/near)
- Prints the size of branch instructions (
Database
- Added
BF16instructions - Added
vp2intersect{d|q}instructions - Added
enqcmdandenqcmdsinstructions - Added AMD
rdpruinstruction - Added
PADLOCKinstructions - Added
CLDEMOTE,MOVDIRandWAITPKGextensions - Added implicit
PKRUregister to theRDPKRU/WRPKRUinstructions - Fixed exception-class of
v4fmaddss,v4fnmaddssandvcvtps2ph - Fixed
KNLgather/scatter memory operand width - Fixed mask-mode for some EVEX instructions
- Fixed element size of
VP4DPWSSDSmemory operand - Fixed
MONITOR,MONITORX,MWAITandMWAITXoperands - Fixed
CLRSSBSYmemory operand is read-write - Fixed
VMREADdestination operand is write-only - Fixed decoding of
nop(0F 1C) with66prefix - Fixed decoding of
rdrandandrdseedwith66prefix - Fixed decoding of
xstorewith66prefix - Adjusted element-type for auto generated
FLAGS/EFLAGS/RFLAGSandX87STATUSoperands - Updated
movsxdsource register width - Introduced a new element-type for condition-codes
- This allows generic detection of condition-code operands without hardcoding any instruction mnemonics (e.g. used by
CMPPS,VCMPPD, ...)
- This allows generic detection of condition-code operands without hardcoding any instruction mnemonics (e.g. used by
- Added support for non-default address-size configurations
- Some instructions (e.g.
ENCLSorBNDCL) are using non-default address-size configurations like ignoring the address-size override prefix or forcing the address size to certain values
- Some instructions (e.g.
- Use
MODRM_RMinstead ofMODRM_REGfor the destination register ofEXTRQ - Removed
W0filter fromLLWPCB/SLWPCB(is allowed to have 64-bit operand-size) - Added new attributes for instructions that access CPU/FPU/XMM state
ZYDIS_ATTRIB_CPU_STATE_{CR|CW}for general CPU-state accessZYDIS_ATTRIB_FPU_STATE_{CR|CW}for FPU-state (x87 and MMX) accessZYDIS_ATTRIB_XMM_STATE_{CR|CW}for XMM-state access
- Fixed CPU-flag actions for instructions that
TESTandMODIFIYcertain flags at the same time- Introduced a new CPU-flag action called
TESTED_MODIFIED
- Introduced a new CPU-flag action called
- Added
ZYDIS_ATTRIB_CPU_STATE_{CR|CW}attribute toiret{d|q} - Added implicit writes for the
CSandSSregisters tosyscallandsysret
Misc
- Implemented color support (VT100) and syntax highlighting for the
ZydisInfotool - Added
ZydisGetInstructionSegmentshelper function- Returns a list that maps the different instruction segments (like
OPCODE,MODRM, ...) to an offset-size pair - The
ZydisInfotool now prints the hexadecimal instruction bytes using different colors considering the instruction segment
- Returns a list that maps the different instruction segments (like
- Added
ZydisCalcAbsoluteAddressExwhich takes an additional register-context argument to allow calculation of addresses depending on runtime register values - Introduced
ZYDIS_MINIMAL_MODECMake option- Forces
ZYDIS_DECODER_MODE_MINIMAL - Reduces file size by excluding unused code and data-tables
- Forces
- Improved MSVC project