log_idb_events
summary: react to database events/notifications
- description:
these hooks will be notified about IDB events, and dump their information to the “Output” window
level: intermediate
Attributes
Classes
Module Contents
- class log_idb_events.idb_logger_hooks_t
Bases:
ida_idp.IDB_Hooks- inhibit_log = 0
- allsegs_moved(info)
Program rebasing is complete. This event is generated after series of segm_moved events
- Parameters:
info – (segm_move_infos_t *)
- auto_empty()
Info: all analysis queues are empty. This callback is called once when the initial analysis is finished. If the queue is not empty upon the return from this callback, it will be called later again.
- auto_empty_finally()
Info: all analysis queues are empty definitively. This callback is called only once.
- bookmark_changed(index, pos, desc, op)
Bookmarked position changed.
- byte_patched(ea, old_value)
A byte has been patched.
- Parameters:
ea – (::ea_t)
old_value – (uint32)
- callee_addr_changed(ea, callee)
Callee address has been updated by the user.
- Parameters:
ea – (::ea_t)
callee – (::ea_t)
- changing_cmt(ea, is_repeatable, new_comment)
An item comment is to be changed.
- Parameters:
ea – (::ea_t)
repeatable_cmt – (bool)
newcmt – (const char *)
- changing_op_ti(ea, n, new_type, new_fnames)
An operand typestring (c/c++ prototype) is to be changed.
- changing_op_type(ea, n, opinfo)
An operand type (offset, hex, etc…) is to be changed.
- Parameters:
ea – (::ea_t)
n – (int) eventually or’ed with OPND_OUTER or OPND_ALL
opinfo – (const opinfo_t *) additional operand info
- changing_range_cmt(kind, _range, comment, is_repeatable)
Range comment is to be changed.
- changing_segm_end(segment, new_end, flags)
Segment end address is to be changed.
- Parameters:
s – (segment_t *)
new_end – (::ea_t)
segmod_flags – (int)
- changing_segm_name(segment, old_name)
Segment name is being changed.
- changing_segm_start(segment, new_start, flags)
Segment start address is to be changed.
- Parameters:
s – (segment_t *)
new_start – (::ea_t)
segmod_flags – (int)
- changing_struc_cmt(tid, is_repeatable, comment)
- changing_struc_member(sptr, mptr, flags, ti, nbytes)
- changing_ti(ea, new_type, new_fnames)
An item typestring (c/c++ prototype) is to be changed.
- closebase()
The database will be closed now.
- cmt_changed(ea, is_repeatable)
An item comment has been changed.
- Parameters:
ea – (::ea_t)
repeatable_cmt – (bool)
- compiler_changed(may_adjust_inf_fields)
The kernel has changed the compiler information. ( idainfo::cc structure; get_abi_name)
- Parameters:
adjust_inf_fields – (::bool) may change inf fields?
- deleting_func_tail(pfn, tail)
A function tail chunk is to be removed.
- deleting_segm(start_ea)
A segment is to be deleted.
- Parameters:
start_ea – (::ea_t)
- deleting_tryblks(_range)
About to delete tryblk information in given range
- Parameters:
range – (const range_t *)
- destroyed_items(ea1, ea2, will_disable_range)
Instructions/data have been destroyed in [ea1,ea2).
- Parameters:
ea1 – (::ea_t)
ea2 – (::ea_t)
will_disable_range – (bool)
- determined_main(main)
The main() function has been determined.
- Parameters:
main – (::ea_t) address of the main() function
- dirtree_link(dt, path, is_link)
Dirtree: an item has been linked/unlinked.
- dirtree_mkdir(dt, path)
Dirtree: a directory has been created.
- dirtree_move(dt, _from, to)
Dirtree: a directory or item has been moved.
- dirtree_rank(dt, path, rank)
Dirtree: a directory or item rank has been changed.
- dirtree_rmdir(dt, path)
Dirtree: a directory has been deleted.
- dirtree_rminode(dt, inode)
Dirtree: an inode became unavailable.
- Parameters:
dt – (dirtree_t *)
inode – (inode_t)
- dirtree_segm_moved(dt)
Dirtree: inodes were changed due to a segment movement or a program rebasing
- Parameters:
dt – (dirtree_t *)
- dirtree_ordering_changed(dt, diridx, natural)
Dirtree: a directory’s “natural” ordering changed
- Parameters:
dt – (dirtree_t *)
diridx – (diridx_t)
natural – (::bool)
- dirtree_bulk_move(dt, sources, moved_items, dstdir, dstrank)
Dirtree: many items have been moved.
- extlang_changed(kind, el, idx)
The list of extlangs or the default extlang was changed.
- Parameters:
kind – (int) 0: extlang installed 1: extlang removed 2: default extlang changed
el – (extlang_t *) pointer to the extlang affected
idx – (int) extlang index
- extra_cmt_changed(ea, line_idx, comment)
An extra comment has been changed.
- Parameters:
ea – (::ea_t)
line_idx – (int)
cmt – (const char *)
- flow_chart_created(fc)
Gui has retrieved a function flow chart. Plugins may modify the flow chart in this callback.
- Parameters:
fc – (qflow_chart_t *)
- frame_deleted(pfn)
The kernel has deleted a function frame.
- Parameters:
pfn – (func_t *) idb_event::frame_created
- func_deleted(func_ea)
A function has been deleted.
- Parameters:
func_ea – (::ea_t)
- func_tail_appended(pfn, tail)
A function tail chunk has been appended.
- func_tail_deleted(pfn, tail_ea)
A function tail chunk has been removed.
- Parameters:
pfn – (func_t *)
tail_ea – (::ea_t)
- idasgn_loaded(sig_name)
FLIRT signature has been loaded for normal processing (not for recognition of startup sequences).
- Parameters:
short_sig_name – (const char *)
- idasgn_matched_ea(ea, name, lib)
A FLIRT match has been found
- item_color_changed(ea, color)
An item color has been changed.
- Parameters:
ea – (::ea_t)
color – (bgcolor_t) if color==DEFCOLOR, the color is deleted.
- kernel_config_loaded(pass_number)
This event is issued when ida.cfg is parsed.
- Parameters:
pass_number – (int)
- loader_finished(li, neflags, filetypename)
External file loader finished its work. Use this event to augment the existing loader functionality.
- local_types_changed(ltc, ordinal, name)
Local types have been changed
- Parameters:
ltc – (local_type_change_t)
ordinal – (uint32) 0 means ordinal is unknown
name – (const char *) nullptr means name is unknown
- local_type_renamed(ordinal, oldname, newname)
Local type has been renamed
- make_code(insn)
An instruction is being created.
- Parameters:
insn – (const insn_t*)
- make_data(ea, flags, tid, _len)
A data item is being created.
- Parameters:
ea – (::ea_t)
flags – (flags64_t)
tid – (tid_t)
len – (::asize_t)
- op_ti_changed(ea, n, _type, fnames)
An operand typestring (c/c++ prototype) has been changed.
- op_type_changed(ea, n)
An operand type (offset, hex, etc…) has been set or deleted.
- Parameters:
ea – (::ea_t)
n – (int) eventually or’ed with OPND_OUTER or OPND_ALL
- range_cmt_changed(kind, _range, comment, is_repeatable)
Range comment has been changed.
- renamed(ea, new_name, is_local_name, old_name)
The kernel has renamed a byte. See also the rename event
- savebase()
The database is being saved.
- segm_added(segment)
A new segment has been created.
- Parameters:
s – (segment_t *) See also adding_segm
- segm_attrs_updated(segment)
Segment attributes has been changed.
- Parameters:
s – (segment_t *) This event is generated for secondary segment attributes (examples: color, permissions, etc)
- segm_class_changed(segment, sclass)
Segment class has been changed.
- segm_deleted(start_ea, end_ea, flags)
A segment has been deleted.
- Parameters:
start_ea – (::ea_t)
end_ea – (::ea_t)
flags – (int)
- segm_end_changed(segment, old_end)
Segment end address has been changed.
- Parameters:
s – (segment_t *)
oldend – (::ea_t)
- segm_moved(_from, to, size, changed_netmap)
Segment has been moved.
- Parameters:
to – (::ea_t)
size – (::asize_t)
changed_netmap – (bool) See also idb_event::allsegs_moved
- segm_name_changed(segment, name)
Segment name has been changed.
- segm_start_changed(segment, old_start)
Segment start address has been changed.
- Parameters:
s – (segment_t *)
oldstart – (::ea_t)
- set_func_end(pfn, new_end)
Function chunk end address will be changed.
- Parameters:
pfn – (func_t *)
new_end – (::ea_t)
- set_func_start(pfn, new_start)
Function chunk start address will be changed.
- Parameters:
pfn – (func_t *)
new_start – (::ea_t)
- sgr_changed(start_ea, end_ea, regnum, value, old_value, tag)
The kernel has changed a segment register value.
- Parameters:
start_ea – (::ea_t)
end_ea – (::ea_t)
regnum – (int)
value – (::sel_t)
old_value – (::sel_t)
tag – (uchar) Segment register range tags
- sgr_deleted(start_ea, end_ea, regnum)
The kernel has deleted a segment register value.
- Parameters:
start_ea – (::ea_t)
end_ea – (::ea_t)
regnum – (int)
- struc_member_changed(sptr, mptr)
- tail_owner_changed(tail, owner_func, old_owner)
A tail chunk owner has been changed.
- Parameters:
tail – (func_t *)
owner_func – (::ea_t)
old_owner – (::ea_t)
- ti_changed(ea, _type, fnames)
An item typestring (c/c++ prototype) has been changed.
- upgraded(_from)
The database has been upgraded and the receiver can upgrade its info as well
- lt_udm_created(udt_name, udm)
local type udt member has been added
- lt_udm_deleted(udt_name, udm_tid, udm)
local type udt member has been deleted
- lt_udm_renamed(udt_name, udm, oldname)
local type udt member has been renamed
- lt_udm_changed(udt_name, tid, old, new)
local type udt member has been changed
- lt_udt_expanded(udt_name, udm_tid, delta)
A structure type has been expanded/shrank.
- Parameters:
udtname – (::const char *)
udm_tid – (tid_t) the gap was added/removed before this member
delta – (::adiff_t) number of added/removed bytes
- frame_created(func_ea)
A function frame has been created.
- Parameters:
func_ea – (::ea_t) idb_event::frame_deleted
- frame_udm_created(func_ea, udm)
Frame member has been added.
- Parameters:
func_ea – (::ea_t)
udm – (::const udm_t *)
- frame_udm_deleted(func_ea, udm_tid, udm)
Frame member has been deleted.
- Parameters:
func_ea – (::ea_t)
udm_tid – (tid_t)
udm – (::const udm_t *)
- frame_udm_renamed(func_ea, udm, oldname)
Frame member has been renamed.
- frame_udm_changed(func_ea, udm_tid, udm_old, udm_new)
Frame member has been changed.
- frame_expanded(func_ea, udm_tid, delta)
A frame type has been expanded/shrank.
- Parameters:
func_ea – (::ea_t)
udm_tid – (tid_t) the gap was added/removed before this member
delta – (::adiff_t) number of added/removed bytes
- lt_edm_created(enumname, edm)
local type enum member has been added
- lt_edm_deleted(enumname, tid, edm)
local type enum member has been deleted
- lt_edm_renamed(enumname, edm, oldname)
local type enum member has been renamed
- log_idb_events.idb_hooks