pub unsafe extern "C" fn instrlist_disassemble(
drcontext: *mut c_void,
tag: app_pc,
ilist: *mut instrlist_t,
outfile: file_t,
)Expand description
Prints each instruction in \p ilist in sequence to \p outfile. The default is to use DR’s custom syntax (see disassemble_set_syntax()) with additional information. The first column contains the offset in bytes from the start of the list. Next, each instruction is labeled according to its type, which will typically either be \p L3 for an unchanged application instruction or \p m4 for a tool instruction (the names come from “Level 3” and “meta Level 4”, IR details which are no longer exposed to tools). Tool instructions have their IR heap addresses included (indicated with a leading @ character) to make instruction jump targets easier to identify. The final two columns contain the raw bytes and the actual instruction disassembly.
Below is an example where many tool instructions have been inserted around 3 application instructions, which can be identified by the \p L3 in the 2nd column. The label instructions are referred to by branch and store instructions, as can be seen by searching for the addresses of the labels. \code TAG 0xf77576e6 +0 m4 @0xe7856eb4 64 89 0d 60 00 00 00 mov %ecx -> %fs:0x00000060[4byte] +7 m4 @0xe78574a8 64 8a 0d 52 00 00 00 mov %fs:0x00000052[1byte] -> %cl +14 m4 @0xe7855ad4 64 88 0d 54 00 00 00 mov %cl -> %fs:0x00000054[1byte] +21 L3 83 ee 06 sub $0x00000006 %esi -> %esi +24 m4 @0xe77c3acc 64 80 3d 52 00 00 00 cmp %fs:0x00000052[1byte] $0x00 00 +32 m4 @0xe7855c54 75 fe jnz @0xe7856054[4byte] +34 m4 @0xe7856e28 64 c6 05 54 00 00 00 mov $0x00 -> %fs:0x00000054[1byte] 00 +42 m4 @0xe7856754 eb fe jmp @0xe7857350[4byte] +44 m4 @0xe7856054