Crate capstone_sys

Low-level, unsafe Rust bindings for the Capstone disassembly library.

We recommend against using this crate directly. Instead, consider using capstone-rs, which provides a high-level, safe, “Rusty” interface.

Supported disassembly architectures

• arm: ARM
• arm64: ARM64 (also known as AArch64)
• mips: MIPS
• ppc: PowerPC
• sparc: SPARC
• sysz: System z
• x86: x86 family (includes 16, 32, and 64 bit modes)
• xcore: XCore

For each architecture, at least the following types are defined (replace ARCH with architecture names shown above):

• enum ARCH_insn: instruction ids
• enum ARCH_insn_group: architecture-specific group ids
• enum ARCH_op_type: instruction operand types ids
• enum ARCH_reg¹: register ids
• struct ARCH_op_mem: operand referring to memory
• struct cs_ARCH_op: instruction operand
• struct cs_ARCH: instruction

Note: documentation for functions/types was taken directly from Capstone C headers.

¹: Defined as a “constified” enum modules because discriminant values are not unique. Rust requires discriminant values to be unique.

Modules

• arm64_insn_group
• arm64_reg
• arm_insn_group
• arm_reg
• cs_err
• cs_group_type
• cs_opt_value
• evm_insn_group
• m68k_reg
• m680x_reg
• mips_insn_group
• mips_reg
• ppc_insn_group
• ppc_reg
• riscv_insn_group
• riscv_reg
• sparc_insn_group
• sparc_reg
• sysz_insn_group
• sysz_reg
• tms320c64x_insn_group
• tms320c64x_reg
• x86_insn_group
• x86_reg
• xcore_insn_group
• xcore_reg

Structs

• CapstoneArchInfo
  Information specific to architecture
• __va_list_tag
• arm64_op_mem
  Instruction’s operand referring to memory This is associated with ARM64_OP_MEM operand type above
• arm_op_mem
  Instruction’s operand referring to memory This is associated with ARM_OP_MEM operand type above
• bpf_op_mem
  Instruction’s operand referring to memory This is associated with BPF_OP_MEM operand type above
• cs_ac_type
  Common instruction operand access types - to be consistent across all architectures. It is possible to combine access types, for example: CS_AC_READ | CS_AC_WRITE
• cs_arm
  Instruction structure
• cs_arm64
  Instruction structure
• cs_arm64_op
  Instruction operand
• cs_arm64_op__bindgen_ty_1
• cs_arm_op
  Instruction operand
• cs_arm_op__bindgen_ty_1
• cs_bpf
  Instruction structure
• cs_bpf_op
  Instruction operand
• cs_detail
  NOTE: All information in cs_detail is only available when CS_OPT_DETAIL = CS_OPT_ON Initialized as memset(., 0, offsetof(cs_detail, ARCH)+sizeof(cs_ARCH)) by ARCH_getInstruction in arch/ARCH/ARCHDisassembler.c if cs_detail changes, in particular if a field is added after the union, then update arch/ARCH/ARCHDisassembler.c accordingly
• cs_evm
  Instruction structure
• cs_insn
  Detail information of disassembled instruction
• cs_m68k
  The M68K instruction and it’s operands
• cs_m68k_op
  Instruction operand
• cs_m68k_op_reg_pair
  Register pair in one operand.
• cs_m680x
  The M680X instruction and it’s operands
• cs_m680x_op
  Instruction operand
• cs_mips
  Instruction structure
• cs_mips_op
  Instruction operand
• cs_mode
  Mode type
• cs_mos65xx
  The MOS65XX address mode and it’s operands
• cs_mos65xx_op
  Instruction operand
• cs_opt_mem
  User-defined dynamic memory related functions: malloc/calloc/realloc/free/vsnprintf() By default, Capstone uses system’s malloc(), calloc(), realloc(), free() & vsnprintf().
• cs_opt_mnem
  Customize mnemonic for instructions with alternative name. To reset existing customized instruction to its default mnemonic, call cs_option(CS_OPT_MNEMONIC) again with the same @id and NULL value for @mnemonic.
• cs_opt_skipdata
  User-customized setup for SKIPDATA option
• cs_ppc
  Instruction structure
• cs_ppc_op
  Instruction operand
• cs_riscv
• cs_riscv_op
• cs_sparc
  Instruction structure
• cs_sparc_op
  Instruction operand
• cs_sysz
• cs_sysz_op
  Instruction operand
• cs_tms320c64x
• cs_tms320c64x__bindgen_ty_1
• cs_tms320c64x__bindgen_ty_2
• cs_tms320c64x_op
• cs_wasm
  Instruction structure
• cs_wasm_brtable
• cs_wasm_op
• cs_x86
  Instruction structure
• cs_x86_encoding
• cs_x86_op
  Instruction operand
• cs_xcore
  Instruction structure
• cs_xcore_op
  Instruction operand
• m68k_op_br_disp
• m68k_op_mem
  Instruction’s operand referring to memory This is associated with M68K_OP_MEM operand type above
• m68k_op_size
  Operation size of the current instruction (NOT the actually size of instruction)
• m680x_op_ext
  Instruction’s operand referring to extended addressing
• m680x_op_idx
  Instruction’s operand referring to indexed addressing
• m680x_op_rel
  Instruction’s memory operand referring to relative addressing (Bcc/LBcc)
• mips_op_mem
  Instruction’s operand referring to memory This is associated with MIPS_OP_MEM operand type above
• ppc_op_crx
• ppc_op_mem
  Instruction’s operand referring to memory This is associated with PPC_OP_MEM operand type above
• riscv_op_mem
• sparc_op_mem
  Instruction’s operand referring to memory This is associated with SPARC_OP_MEM operand type above
• sysz_op_mem
  Instruction’s operand referring to memory This is associated with SYSZ_OP_MEM operand type above
• tms320c64x_op_mem
• x86_op_mem
  Instruction’s operand referring to memory This is associated with X86_OP_MEM operand type above
• xcore_op_mem
  Instruction’s operand referring to memory This is associated with XCORE_OP_MEM operand type above

Enums

• arm64_barrier_op
  Memory barrier operands
• arm64_cc
  ARM64 condition code
• arm64_extender
  ARM64 extender type
• arm64_insn
  ARM64 instruction
• arm64_op_type
  Operand type for instruction’s operands
• arm64_prefetch_op
  Prefetch operations (PRFM)
• arm64_pstate
  System PState Field (MSR instruction)
• arm64_shifter
  ARM64 shift type
• arm64_sys_op
  SYS operands (IC/DC/AC/TLBI)
• arm64_sysreg
  System registers
• arm64_vas
  Vector arrangement specifier (for FloatingPoint/Advanced SIMD insn)
• arm_cc
  ARM condition code
• arm_cpsflag_type
  Operand type for SETEND instruction
• arm_cpsmode_type
• arm_insn
  ARM instruction
• arm_mem_barrier
  The memory barrier constants map directly to the 4-bit encoding of the option field for Memory Barrier operations.
• arm_op_type
  Operand type for instruction’s operands
• arm_setend_type
  Operand type for SETEND instruction
• arm_shifter
  ARM shift type
• arm_sysreg
• arm_vectordata_type
  Data type for elements of vector instructions.
• bpf_op_type
  Operand type for instruction’s operands
• bpf_reg
  BPF registers
• cs_arch
  Architecture type
• cs_op_type
  Common instruction operand types - to be consistent across all architectures.
• cs_opt_type
  Runtime option for the disassembled engine
• evm_insn
  EVM instruction
• m68k_address_mode
  M68K Addressing Modes
• m68k_cpu_size
  Operation size of the CPU instructions
• m68k_fpu_size
  Operation size of the FPU instructions (Notice that FPU instruction can also use CPU sizes if needed)
• m68k_group_type
  Group of M68K instructions
• m68k_insn
  M68K instruction
• m68k_op_br_disp_size
  Operand type for instruction’s operands
• m68k_op_type
  Operand type for instruction’s operands
• m68k_size_type
  Type of size that is being used for the current instruction
• m680x_group_type
  Group of M680X instructions
• m680x_insn
  M680X instruction IDs
• m680x_op_type
  Operand type for instruction’s operands
• mips_insn
  MIPS instruction
• mips_op_type
  Operand type for instruction’s operands
• mos65xx_address_mode
  MOS65XX Addressing Modes
• mos65xx_op_type
  Operand type for instruction’s operands
• mos65xx_reg
  MOS65XX registers and special registers
• ppc_bc
  PPC branch codes for some branch instructions
• ppc_bh
  PPC branch hint for some branch instructions
• ppc_insn
  PPC instruction
• ppc_op_type
  Operand type for instruction’s operands
• riscv_insn
• riscv_op_type
• sparc_cc
  Enums corresponding to Sparc condition codes, both icc’s and fcc’s.
• sparc_hint
  Branch hint
• sparc_insn
  SPARC instruction
• sparc_op_type
  Operand type for instruction’s operands
• sysz_cc
  Enums corresponding to SystemZ condition codes
• sysz_insn
  SystemZ instruction
• sysz_op_type
  Operand type for instruction’s operands
• tms320c64x_funit
• tms320c64x_insn
• tms320c64x_mem_dir
• tms320c64x_mem_disp
• tms320c64x_mem_mod
• tms320c64x_op_type
• wasm_op_type
• x86_avx_bcast
  AVX broadcast type
• x86_avx_cc
  AVX Code Condition type
• x86_avx_rm
  AVX static rounding mode type
• x86_insn
  X86 instructions
• x86_op_type
  Operand type for instruction’s operands
• x86_prefix
  Instruction prefixes - to be used in cs_x86.prefix[]
• x86_sse_cc
  SSE Code Condition type
• x86_xop_cc
  XOP Code Condition type
• xcore_insn
  XCore instruction
• xcore_op_type
  Operand type for instruction’s operands

Constants

• ARM64_SYSREG_DBGDTRTX_EL0
• CS_AC_INVALID
  < Uninitialized/invalid access type.
• CS_AC_READ
  < Operand read from memory or register.
• CS_AC_WRITE
  < Operand write to memory or register.
• CS_MODE_16
  < 16-bit mode (X86)
• CS_MODE_32
  < 32-bit mode (X86)
• CS_MODE_64
  < 64-bit mode (X86, PPC)
• CS_MODE_ARM
  < 32-bit ARM
• CS_MODE_BIG_ENDIAN
  < big-endian mode
• CS_MODE_BOOKE
  < Book-E mode (PPC)
• CS_MODE_BPF_CLASSIC
  < Classic BPF mode (default)
• CS_MODE_BPF_EXTENDED
  < Extended BPF mode
• CS_MODE_LITTLE_ENDIAN
  < little-endian mode (default mode)
• CS_MODE_M68K_000
  < M68K 68000 mode
• CS_MODE_M68K_010
  < M68K 68010 mode
• CS_MODE_M68K_020
  < M68K 68020 mode
• CS_MODE_M68K_030
  < M68K 68030 mode
• CS_MODE_M68K_040
  < M68K 68040 mode
• CS_MODE_M68K_060
  < M68K 68060 mode
• CS_MODE_M680X_6301
  < M680X Hitachi 6301,6303 mode
• CS_MODE_M680X_6309
  < M680X Hitachi 6309 mode
• CS_MODE_M680X_6800
  < M680X Motorola 6800,6802 mode
• CS_MODE_M680X_6801
  < M680X Motorola 6801,6803 mode
• CS_MODE_M680X_6805
  < M680X Motorola/Freescale 6805 mode
• CS_MODE_M680X_6808
  < M680X Motorola/Freescale/NXP 68HC08 mode
• CS_MODE_M680X_6809
  < M680X Motorola 6809 mode
• CS_MODE_M680X_6811
  < M680X Motorola/Freescale/NXP 68HC11 mode
• CS_MODE_M680X_CPU12
  < M680X Motorola/Freescale/NXP CPU12 < used on M68HC12/HCS12
• CS_MODE_M680X_HCS08
  < M680X Freescale/NXP HCS08 mode
• CS_MODE_MCLASS
  < ARM’s Cortex-M series
• CS_MODE_MICRO
  < MicroMips mode (MIPS)
• CS_MODE_MIPS2
  < Mips II ISA
• CS_MODE_MIPS3
  < Mips III ISA
• CS_MODE_MIPS32
  < Mips32 ISA (Mips)
• CS_MODE_MIPS32R6
  < Mips32r6 ISA
• CS_MODE_MIPS64
  < Mips64 ISA (Mips)
• CS_MODE_MOS65XX_65C02
  < MOS65XXX WDC 65c02
• CS_MODE_MOS65XX_6502
  < MOS65XXX MOS 6502
• CS_MODE_MOS65XX_65816
  < MOS65XXX WDC 65816, 8-bit m/x
• CS_MODE_MOS65XX_65816_LONG_M
  < MOS65XXX WDC 65816, 16-bit m, 8-bit x
• CS_MODE_MOS65XX_65816_LONG_MX
• CS_MODE_MOS65XX_65816_LONG_X
  < MOS65XXX WDC 65816, 8-bit m, 16-bit x
• CS_MODE_MOS65XX_W65C02
  < MOS65XXX WDC W65c02
• CS_MODE_QPX
  < Quad Processing eXtensions mode (PPC)
• CS_MODE_RISCV32
  < RISCV RV32G
• CS_MODE_RISCV64
  < RISCV RV64G
• CS_MODE_RISCVC
  < RISCV compressed instructure mode
• CS_MODE_SPE
  < Signal Processing Engine mode (PPC)
• CS_MODE_THUMB
  < ARM’s Thumb mode, including Thumb-2
• CS_MODE_V8
  < ARMv8 A32 encodings for ARM
• CS_MODE_V9
  < SparcV9 mode (Sparc)
• CS_SUPPORT_DIET
• CS_SUPPORT_X86_REDUCE
• X86_PREFIX_REPE

Statics

• ARCH_INCLUDES
• BINDINGS_FILE
• BINDINGS_IMPL_FILE

Functions

• cs_close^⚠
  Close CS handle: MUST do to release the handle when it is not used anymore. NOTE: this must be only called when there is no longer usage of Capstone, not even access to cs_insn array. The reason is the this API releases some cached memory, thus access to any Capstone API after cs_close() might crash your application.
• cs_disasm^⚠
  Disassemble binary code, given the code buffer, size, address and number of instructions to be decoded. This API dynamically allocate memory to contain disassembled instruction. Resulting instructions will be put into @*insn
• cs_disasm_iter^⚠
  Fast API to disassemble binary code, given the code buffer, size, address and number of instructions to be decoded. This API puts the resulting instruction into a given cache in @insn. See tests/test_iter.c for sample code demonstrating this API.
• cs_errno^⚠
  Report the last error number when some API function fail. Like glibc’s errno, cs_errno might not retain its old value once accessed.
• cs_free^⚠
  Free memory allocated by cs_malloc() or cs_disasm() (argument @insn)
• cs_group_name^⚠
  Return friendly name of a group id (that an instruction can belong to) Find the group id from header file of corresponding architecture (arm.h for ARM, x86.h for X86, …)
• cs_insn_group^⚠
  Check if a disassembled instruction belong to a particular group. Find the group id from header file of corresponding architecture (arm.h for ARM, x86.h for X86, …) Internally, this simply verifies if @group_id matches any member of insn->groups array.
• cs_insn_name^⚠
  Return friendly name of an instruction in a string. Find the instruction id from header file of corresponding architecture (arm.h for ARM, x86.h for X86, …)
• cs_malloc^⚠
  Allocate memory for 1 instruction to be used by cs_disasm_iter().
• cs_op_count^⚠
  Count the number of operands of a given type. Find the operand type in header file of corresponding architecture (arm.h for ARM, x86.h for X86, …)
• cs_op_index^⚠
  Retrieve the position of operand of given type in .operands[] array. Later, the operand can be accessed using the returned position. Find the operand type in header file of corresponding architecture (arm.h for ARM, x86.h for X86, …)
• cs_open^⚠
  Initialize CS handle: this must be done before any usage of CS.
• cs_option^⚠
  Set option for disassembling engine at runtime
• cs_reg_name^⚠
  Return friendly name of register in a string. Find the instruction id from header file of corresponding architecture (arm.h for ARM, x86.h for X86, …)
• cs_reg_read^⚠
  Check if a disassembled instruction IMPLICITLY used a particular register. Find the register id from header file of corresponding architecture (arm.h for ARM, x86.h for X86, …) Internally, this simply verifies if @reg_id matches any member of insn->regs_read array.
• cs_reg_write^⚠
  Check if a disassembled instruction IMPLICITLY modified a particular register. Find the register id from header file of corresponding architecture (arm.h for ARM, x86.h for X86, …) Internally, this simply verifies if @reg_id matches any member of insn->regs_write array.
• cs_regs_access^⚠
  Retrieve all the registers accessed by an instruction, either explicitly or implicitly.
• cs_strerror^⚠
  Return a string describing given error code.
• cs_support^⚠
  This API can be used to either ask for archs supported by this library, or check to see if the library was compile with ‘diet’ option (or called in ‘diet’ mode).
• cs_version^⚠
  Return combined API version & major and minor version numbers.

Type Aliases

• __builtin_va_list
• __int8_t
• __int16_t
• __int32_t
• __int64_t
• __uint8_t
• __uint16_t
• __uint32_t
• __uint64_t
• cs_calloc_t
• cs_free_t
• cs_malloc_t
• cs_realloc_t
• cs_regs
  Type of array to keep the list of registers
• cs_skipdata_cb_t
  User-defined callback function for SKIPDATA option. See tests/test_skipdata.c for sample code demonstrating this API.
• cs_vsnprintf_t
• csh
• va_list

Unions

• cs_arm64_op__bindgen_ty_2
• cs_arm_op__bindgen_ty_2
• cs_bpf_op__bindgen_ty_1
• cs_detail__bindgen_ty_1
  Architecture-specific instruction info
• cs_m68k_op__bindgen_ty_1
• cs_m680x_op__bindgen_ty_1
• cs_mips_op__bindgen_ty_1
• cs_mos65xx_op__bindgen_ty_1
• cs_ppc_op__bindgen_ty_1
• cs_riscv_op__bindgen_ty_1
• cs_sparc_op__bindgen_ty_1
• cs_sysz_op__bindgen_ty_1
• cs_tms320c64x_op__bindgen_ty_1
• cs_wasm_op__bindgen_ty_1
• cs_x86__bindgen_ty_1
• cs_x86_op__bindgen_ty_1
• cs_xcore_op__bindgen_ty_1
• m68k_op_size__bindgen_ty_1