 |
IDAPython 8.4
|
|
IDAPython 8.4
|
Functions that work with the autoanalyzer queue. The autoanalyzer works when IDA is not busy processing the user keystrokes. It has several queues, each queue having its own priority. The analyzer stops when all queues are empty. A queue contains addresses or address ranges. The addresses are kept sorted by their values. The analyzer will process all addresses from the first queue, then switch to the second queue and so on. There are no limitations on the size of the queues. This file also contains functions that deal with the IDA status indicator and the autoanalysis indicator. You may use these functions to change the indicator value.
Classes | |
| class | auto_display_t |
| Proxy of C++ auto_display_t class. More... | |
Functions | |
| "atype_t" | get_auto_state (*args) |
| get_auto_state() -> atype_t Get current state of autoanalyzer. | |
| "atype_t" | set_auto_state (*args) |
| set_auto_state(new_state) -> atype_t Set current state of autoanalyzer. | |
| "bool" | get_auto_display (*args) |
| get_auto_display(auto_display) -> bool Get structure which holds the autoanalysis indicator contents. | |
| "void" | show_auto (*args) |
| show_auto(ea, type=AU_NONE) Change autoanalysis indicator value. | |
| "void" | show_addr (*args) |
| show_addr(ea) Show an address on the autoanalysis indicator. | |
| "idastate_t" | set_ida_state (*args) |
| set_ida_state(st) -> idastate_t Change IDA status indicator value | |
| "bool" | may_create_stkvars (*args) |
| may_create_stkvars() -> bool Is it allowed to create stack variables automatically?. | |
| "bool" | may_trace_sp (*args) |
| may_trace_sp() -> bool Is it allowed to trace stack pointer automatically?. | |
| "void" | auto_mark_range (*args) |
| auto_mark_range(start, end, type) Put range of addresses into a queue. | |
| "void" | auto_mark (*args) |
| auto_mark(ea, type) Put single address into a queue. | |
| "void" | auto_unmark (*args) |
| auto_unmark(start, end, type) Remove range of addresses from a queue. | |
| "void" | plan_ea (*args) |
| plan_ea(ea) Plan to perform reanalysis. | |
| "void" | plan_range (*args) |
| plan_range(sEA, eEA) Plan to perform reanalysis. | |
| "void" | auto_make_code (*args) |
| auto_make_code(ea) Plan to make code. | |
| "void" | auto_make_proc (*args) |
| auto_make_proc(ea) Plan to make code&function. | |
| "bool" | auto_postpone_analysis (*args) |
| auto_postpone_analysis(ea) -> bool Plan to reanalyze on the second pass The typical usage of this function in emu.cpp is: if ( !auto_postpone_analysis(ea) ) op_offset(ea, 0, ...); (we make an offset only on the second pass) | |
| "void" | reanalyze_callers (*args) |
| reanalyze_callers(ea, noret) Plan to reanalyze callers of the specified address. | |
| "void" | revert_ida_decisions (*args) |
| revert_ida_decisions(ea1, ea2) Delete all analysis info that IDA generated for for the given range. | |
| "void" | auto_apply_type (*args) |
| auto_apply_type(caller, callee) Plan to apply the callee's type to the calling point. | |
| "void" | auto_apply_tail (*args) |
| auto_apply_tail(tail_ea, parent_ea) Plan to apply the tail_ea chunk to the parent | |
| "int" | plan_and_wait (*args) |
| plan_and_wait(ea1, ea2, final_pass=True) -> int Analyze the specified range. | |
| "bool" | auto_wait (*args) |
| auto_wait() -> bool Process everything in the queues and return true. | |
| "ssize_t" | auto_wait_range (*args) |
| auto_wait_range(ea1, ea2) -> ssize_t Process everything in the specified range and return true. | |
| "bool" | auto_make_step (*args) |
| auto_make_step(ea1, ea2) -> bool Analyze one address in the specified range and return true. | |
| "void" | auto_cancel (*args) |
| auto_cancel(ea1, ea2) Remove an address range (ea1..ea2) from queues AU_CODE, AU_PROC, AU_USED. | |
| "bool" | auto_is_ok (*args) |
| auto_is_ok() -> bool Are all queues empty? (i.e. | |
| "ea_t" | peek_auto_queue (*args) |
| peek_auto_queue(low_ea, type) -> ea_t Peek into a queue 'type' for an address not lower than 'low_ea'. | |
| "ea_t" | auto_get (*args) |
| auto_get(type, lowEA, highEA) -> ea_t Retrieve an address from queues regarding their priority. | |
| "int" | auto_recreate_insn (*args) |
| auto_recreate_insn(ea) -> int Try to create instruction | |
| "bool" | is_auto_enabled (*args) |
| is_auto_enabled() -> bool Get autoanalyzer state. | |
| "bool" | enable_auto (*args) |
| enable_auto(enable) -> bool Temporarily enable/disable autoanalyzer. | |
Variables | |
| cvar = _ida_auto.cvar | |
| AU_NONE = cvar.AU_NONE | |
| AU_UNK = cvar.AU_UNK | |
| AU_CODE = cvar.AU_CODE | |
| AU_WEAK = cvar.AU_WEAK | |
| AU_PROC = cvar.AU_PROC | |
| AU_TAIL = cvar.AU_TAIL | |
| AU_FCHUNK = cvar.AU_FCHUNK | |
| AU_USED = cvar.AU_USED | |
| AU_USD2 = cvar.AU_USD2 | |
| AU_TYPE = cvar.AU_TYPE | |
| AU_LIBF = cvar.AU_LIBF | |
| AU_LBF2 = cvar.AU_LBF2 | |
| AU_LBF3 = cvar.AU_LBF3 | |
| AU_CHLB = cvar.AU_CHLB | |
| AU_FINAL = cvar.AU_FINAL | |
| st_Ready = cvar.st_Ready | |
| st_Think = cvar.st_Think | |
| st_Waiting = cvar.st_Waiting | |
| st_Work = cvar.st_Work | |
| "void" auto_apply_tail | ( | * | args | ) |
| tail_ea | (C++: ea_t) linear address of start of tail |
| parent_ea | (C++: ea_t) linear address within parent. If BADADDR, automatically try to find parent via xrefs. |
| "void" auto_apply_type | ( | * | args | ) |
| caller | (C++: ea_t) |
| callee | (C++: ea_t) |
| "void" auto_cancel | ( | * | args | ) |
To remove an address range from other queues use auto_unmark() function. 'ea1' may be higher than 'ea2', the kernel will swap them in this case. 'ea2' doesn't belong to the range.
| ea1 | (C++: ea_t) |
| ea2 | (C++: ea_t) |
| "ea_t" auto_get | ( | * | args | ) |
Returns BADADDR if no addresses not lower than 'lowEA' and less than 'highEA' are found in the queues. Otherwise *type will have queue type.
| type | (C++: atype_t *) |
| lowEA | (C++: ea_t) |
| highEA | (C++: ea_t) |
| "bool" auto_is_ok | ( | * | args | ) |
has autoanalysis finished?).
| "void" auto_make_code | ( | * | args | ) |
| ea | (C++: ea_t) |
| "void" auto_make_proc | ( | * | args | ) |
| ea | (C++: ea_t) |
| "bool" auto_make_step | ( | * | args | ) |
| ea1 | (C++: ea_t) |
| ea2 | (C++: ea_t) |
| "void" auto_mark | ( | * | args | ) |
Queues keep addresses sorted.
| ea | (C++: ea_t) |
| type | (C++: atype_t) |
| "void" auto_mark_range | ( | * | args | ) |
'start' may be higher than 'end', the kernel will swap them in this case. 'end' doesn't belong to the range.
| start | (C++: ea_t) |
| end | (C++: ea_t) |
| type | (C++: atype_t) |
| "bool" auto_postpone_analysis | ( | * | args | ) |
| ea | (C++: ea_t) |
| "int" auto_recreate_insn | ( | * | args | ) |
| ea | (C++: ea_t) linear address of callee |
| "void" auto_unmark | ( | * | args | ) |
'start' may be higher than 'end', the kernel will swap them in this case. 'end' doesn't belong to the range.
| start | (C++: ea_t) |
| end | (C++: ea_t) |
| type | (C++: atype_t) |
| "bool" auto_wait | ( | * | args | ) |
| "ssize_t" auto_wait_range | ( | * | args | ) |
| ea1 | (C++: ea_t) |
| ea2 | (C++: ea_t) |
| "bool" enable_auto | ( | * | args | ) |
Not user-facing, but rather because IDA sometimes need to turn AA on/off regardless of inf.s_genflags:INFFL_AUTO
| enable | (C++: bool) |
| "bool" get_auto_display | ( | * | args | ) |
| auto_display | (C++: auto_display_t *) |
| "atype_t" get_auto_state | ( | * | args | ) |
If auto_state == AU_NONE, IDA is currently not running the analysis (it could be temporarily interrupted to perform the user's requests, for example).
| "bool" is_auto_enabled | ( | * | args | ) |
| "bool" may_create_stkvars | ( | * | args | ) |
This function should be used by IDP modules before creating stack vars.
| "bool" may_trace_sp | ( | * | args | ) |
This function should be used by IDP modules before tracing sp.
| "ea_t" peek_auto_queue | ( | * | args | ) |
Do not remove address from the queue.
| low_ea | (C++: ea_t) |
| type | (C++: atype_t) |
| "int" plan_and_wait | ( | * | args | ) |
Try to create instructions where possible. Make the final pass over the specified range if specified. This function doesn't return until the range is analyzed.
| 1 | ok |
| 0 | Ctrl-Break was pressed |
| ea1 | (C++: ea_t) |
| ea2 | (C++: ea_t) |
| final_pass | (C++: bool) |
| "void" plan_ea | ( | * | args | ) |
| ea | (C++: ea_t) |
| "void" plan_range | ( | * | args | ) |
| sEA | (C++: ea_t) |
| eEA | (C++: ea_t) |
| "void" reanalyze_callers | ( | * | args | ) |
This function will add to AU_USED queue all instructions that call (not jump to) the specified address.
| ea | (C++: ea_t) linear address of callee |
| noret | (C++: bool) !=0: the callee doesn't return, mark to undefine subsequent instructions in the caller. 0: do nothing. |
| "void" revert_ida_decisions | ( | * | args | ) |
| ea1 | (C++: ea_t) |
| ea2 | (C++: ea_t) |
| "atype_t" set_auto_state | ( | * | args | ) |
| new_state | (C++: atype_t) new state of autoanalyzer |
| "idastate_t" set_ida_state | ( | * | args | ) |
| st | (C++: idastate_t) - new indicator status |
| "void" show_addr | ( | * | args | ) |
The address is displayed in the form " @:12345678".
| ea | (C++: ea_t) - linear address to display |
| "void" show_auto | ( | * | args | ) |
| ea | (C++: ea_t) linear address being analyzed |
| type | (C++: atype_t) autoanalysis type (see Autoanalysis queues) |
| AU_CHLB = cvar.AU_CHLB |
| AU_CODE = cvar.AU_CODE |
| AU_FCHUNK = cvar.AU_FCHUNK |
| AU_FINAL = cvar.AU_FINAL |
| AU_LBF2 = cvar.AU_LBF2 |
| AU_LBF3 = cvar.AU_LBF3 |
| AU_LIBF = cvar.AU_LIBF |
| AU_NONE = cvar.AU_NONE |
| AU_PROC = cvar.AU_PROC |
| AU_TAIL = cvar.AU_TAIL |
| AU_TYPE = cvar.AU_TYPE |
| AU_UNK = cvar.AU_UNK |
| AU_USD2 = cvar.AU_USD2 |
| AU_USED = cvar.AU_USED |
| AU_WEAK = cvar.AU_WEAK |
| cvar = _ida_auto.cvar |
| st_Ready = cvar.st_Ready |
| st_Think = cvar.st_Think |
| st_Waiting = cvar.st_Waiting |
| st_Work = cvar.st_Work |
1.12.0