 |
IDAPython 9.0
|
|
IDAPython 9.0
|
Functions that work with the autoanalyzer queue. The autoanalyzer works when IDA is not busy processing the user keystrokes. It has several queues, each queue having its own priority. The analyzer stops when all queues are empty. A queue contains addresses or address ranges. The addresses are kept sorted by their values. The analyzer will process all addresses from the first queue, then switch to the second queue and so on. There are no limitations on the size of the queues. This file also contains functions that deal with the IDA status indicator and the autoanalysis indicator. You may use these functions to change the indicator value.
Classes | |
| class | auto_display_t |
Variables | |
| cvar = _ida_auto.cvar | |
| AU_NONE = cvar.AU_NONE | |
| AU_UNK = cvar.AU_UNK | |
| AU_CODE = cvar.AU_CODE | |
| AU_WEAK = cvar.AU_WEAK | |
| AU_PROC = cvar.AU_PROC | |
| AU_TAIL = cvar.AU_TAIL | |
| AU_FCHUNK = cvar.AU_FCHUNK | |
| AU_USED = cvar.AU_USED | |
| AU_USD2 = cvar.AU_USD2 | |
| AU_TYPE = cvar.AU_TYPE | |
| AU_LIBF = cvar.AU_LIBF | |
| AU_LBF2 = cvar.AU_LBF2 | |
| AU_LBF3 = cvar.AU_LBF3 | |
| AU_CHLB = cvar.AU_CHLB | |
| AU_FINAL = cvar.AU_FINAL | |
| st_Ready = cvar.st_Ready | |
| st_Think = cvar.st_Think | |
| st_Waiting = cvar.st_Waiting | |
| st_Work = cvar.st_Work | |
| None auto_apply_tail | ( | ida_idaapi.ea_t | tail_ea, |
| ida_idaapi.ea_t | parent_ea ) |
Plan to apply the tail_ea chunk to the parent
@param tail_ea: linear address of start of tail
@param parent_ea: linear address within parent. If BADADDR, automatically try to find parent via xrefs.
| None auto_apply_type | ( | ida_idaapi.ea_t | caller, |
| ida_idaapi.ea_t | callee ) |
Plan to apply the callee's type to the calling point.
| None auto_cancel | ( | ida_idaapi.ea_t | ea1, |
| ida_idaapi.ea_t | ea2 ) |
Remove an address range (ea1..ea2) from queues AU_CODE, AU_PROC, AU_USED. To remove an address range from other queues use auto_unmark() function. 'ea1' may be higher than 'ea2', the kernel will swap them in this case. 'ea2' doesn't belong to the range.
| ida_idaapi.ea_t auto_get | ( | 'atype_t *' | type, |
| ida_idaapi.ea_t | lowEA, | ||
| ida_idaapi.ea_t | highEA ) |
Retrieve an address from queues regarding their priority. Returns BADADDR if no addresses not lower than 'lowEA' and less than 'highEA' are found in the queues. Otherwise *type will have queue type.
| bool auto_is_ok | ( | ) |
Are all queues empty? (i.e. has autoanalysis finished?).
| None auto_make_code | ( | ida_idaapi.ea_t | ea | ) |
Plan to make code.
| None auto_make_proc | ( | ida_idaapi.ea_t | ea | ) |
Plan to make code&function.
| bool auto_make_step | ( | ida_idaapi.ea_t | ea1, |
| ida_idaapi.ea_t | ea2 ) |
Analyze one address in the specified range and return true.
@returns if processed anything. false means that there is nothing to process in the specified range.
| None auto_mark | ( | ida_idaapi.ea_t | ea, |
| 'atype_t' | type ) |
Put single address into a queue. Queues keep addresses sorted.
| None auto_mark_range | ( | ida_idaapi.ea_t | start, |
| ida_idaapi.ea_t | end, | ||
| 'atype_t' | type ) |
Put range of addresses into a queue. 'start' may be higher than 'end', the kernel will swap them in this case. 'end' doesn't belong to the range.
| bool auto_postpone_analysis | ( | ida_idaapi.ea_t | ea | ) |
Plan to reanalyze on the second pass The typical usage of this function in emu.cpp is: if ( !auto_postpone_analysis(ea) ) op_offset(ea, 0, ...); (we make an offset only on the second pass)
| int auto_recreate_insn | ( | ida_idaapi.ea_t | ea | ) |
Try to create instruction
@param ea: linear address of callee
@returns the length of the instruction or 0
| None auto_unmark | ( | ida_idaapi.ea_t | start, |
| ida_idaapi.ea_t | end, | ||
| 'atype_t' | type ) |
Remove range of addresses from a queue. 'start' may be higher than 'end', the kernel will swap them in this case. 'end' doesn't belong to the range.
| bool auto_wait | ( | ) |
Process everything in the queues and return true.
@returns false if the user clicked cancel. (the wait box must be displayed by the caller if desired)
| 'ssize_t' auto_wait_range | ( | ida_idaapi.ea_t | ea1, |
| ida_idaapi.ea_t | ea2 ) |
Process everything in the specified range and return true.
@returns number of autoanalysis steps made. -1 if the user clicked cancel. (the wait box must be displayed by the caller if desired)
| bool enable_auto | ( | bool | enable | ) |
Temporarily enable/disable autoanalyzer. Not user-facing, but rather because IDA sometimes need to turn AA on/off regardless of inf.s_genflags:INFFL_AUTO
@returns old state
| bool get_auto_display | ( | 'auto_display_t' | auto_display | ) |
Get structure which holds the autoanalysis indicator contents.
| 'atype_t' get_auto_state | ( | ) |
Get current state of autoanalyzer. If auto_state == AU_NONE, IDA is currently not running the analysis (it could be temporarily interrupted to perform the user's requests, for example).
| bool is_auto_enabled | ( | ) |
Get autoanalyzer state.
| bool may_create_stkvars | ( | ) |
Is it allowed to create stack variables automatically?. This function should be used by IDP modules before creating stack vars.
| bool may_trace_sp | ( | ) |
Is it allowed to trace stack pointer automatically?. This function should be used by IDP modules before tracing sp.
| ida_idaapi.ea_t peek_auto_queue | ( | ida_idaapi.ea_t | low_ea, |
| 'atype_t' | type ) |
Peek into a queue 'type' for an address not lower than 'low_ea'. Do not remove address from the queue.
@returns the address or BADADDR
| int plan_and_wait | ( | ida_idaapi.ea_t | ea1, |
| ida_idaapi.ea_t | ea2, | ||
| bool | final_pass = True ) |
Analyze the specified range. Try to create instructions where possible. Make the final pass over the specified range if specified. This function doesn't return until the range is analyzed.
@retval 1: ok
@retval 0: Ctrl-Break was pressed
| None plan_ea | ( | ida_idaapi.ea_t | ea | ) |
Plan to perform reanalysis.
| None plan_range | ( | ida_idaapi.ea_t | sEA, |
| ida_idaapi.ea_t | eEA ) |
Plan to perform reanalysis.
| None reanalyze_callers | ( | ida_idaapi.ea_t | ea, |
| bool | noret ) |
Plan to reanalyze callers of the specified address. This function will add to AU_USED queue all instructions that call (not jump to) the specified address.
@param ea: linear address of callee
@param noret: !=0: the callee doesn't return, mark to undefine subsequent instructions in the caller. 0: do nothing.
| None revert_ida_decisions | ( | ida_idaapi.ea_t | ea1, |
| ida_idaapi.ea_t | ea2 ) |
Delete all analysis info that IDA generated for for the given range.
| 'atype_t' set_auto_state | ( | 'atype_t' | new_state | ) |
Set current state of autoanalyzer.
@param new_state: new state of autoanalyzer
@returns previous state
| 'idastate_t' set_ida_state | ( | 'idastate_t' | st | ) |
Change IDA status indicator value
@param st: - new indicator status
@returns old indicator status
| None show_addr | ( | ida_idaapi.ea_t | ea | ) |
Show an address on the autoanalysis indicator. The address is displayed in the form " @:12345678".
@param ea: - linear address to display
| None show_auto | ( | * | args | ) |
Change autoanalysis indicator value.
@param ea: linear address being analyzed
@param type: autoanalysis type (see Autoanalysis queues)
| AU_CHLB = cvar.AU_CHLB |
| AU_CODE = cvar.AU_CODE |
| AU_FCHUNK = cvar.AU_FCHUNK |
| AU_FINAL = cvar.AU_FINAL |
| AU_LBF2 = cvar.AU_LBF2 |
| AU_LBF3 = cvar.AU_LBF3 |
| AU_LIBF = cvar.AU_LIBF |
| AU_NONE = cvar.AU_NONE |
| AU_PROC = cvar.AU_PROC |
| AU_TAIL = cvar.AU_TAIL |
| AU_TYPE = cvar.AU_TYPE |
| AU_UNK = cvar.AU_UNK |
| AU_USD2 = cvar.AU_USD2 |
| AU_USED = cvar.AU_USED |
| AU_WEAK = cvar.AU_WEAK |
| cvar = _ida_auto.cvar |
| st_Ready = cvar.st_Ready |
| st_Think = cvar.st_Think |
| st_Waiting = cvar.st_Waiting |
| st_Work = cvar.st_Work |
1.12.0