Product Overview - News - Support - Downloads - Sales - Processors - Technology - Links - Contacts

IDA Pro 5.7 feature list

HIGHLIGHTS

The detailed changelist is below: 


PROCESSOR MODULES
-----------------

+ 6808: added new instructions from the 68HCS08 (aka 9S08) family
+ ARM: added a switch pattern often found in EPOC files
+ ARM: improved analysis of constant pool items - reduced false positives when converting data to offsets
+ ARM: improved detection of ADRL macros
+ ARM: handle some of the new idioms produced by GCC 4.4.0
+ ARM: added support for NEON (aka Advanced SIMD) instructions, new to ARMv7 architecture
+ ARM: architecture version can now be set; it is configured automatically for Mach-O files and ELF files with EABI attributes.
+ ARM: many other improvements, switch patterns, etc
+ EBC: EFI Byte Code processor module (written in Python)
+ H8: 24-bit address operands were truncated to 16 bits
+ MIPS: added MIPS16e instructions (jrc, jalrc, save, restore etc)
+ MIPS: added ssnop instruction
+ MIPS: more common instruction sequences are simplified
+ MIPS: set proper types (float/double) for operands of FPU instructions - floating-point constants are now recognized and converted
+ MIPS: substantially improved tracking of register values which recovers most of data and code cross-references in typical MIPS binaries
+ MIPS: table-based switches are recognized and labeled
+ MIPS: trace transitions between mips16 and mips32 code for better analysis
+ MSP430: new processor module (written in Python)
+ PC: improved detection of Delphi exception handlers
+ PC: improved parsing of Visual C++ SEH handlers
+ PC: recognize aligned stack prolog produced by GCC 4.x
+ PIC: improved handling of FSRs for the PIC18xx series; added more chip configurations
+ PPC: added G2 core (603e) instructions tlbld and tlbli
+ PPC: more jump tables are recognized
+ SuperH: added support for SH-2A architecture
+ TMS320c54: added support for memory mappings (thanks to Sylvain Munaut)

FILE FORMATS
------------

+ .NET: made output more compatible with MSIL assembler
+ ELF: added support for TLS relocations in x86_64 files
+ ELF: handle MIPS files with mips16 functions
+ ELF: handle more ARM relocations
+ ELF: ARM: if EABI attributes are present (.ARM.attributes section), they're used to set up the ARM architecture options for disassembly
+ Mach-O: rebasing a file (e.g. during debugging) could make some pointers invalid
+ Mach-O: added support for X86_64_RELOC_SIGNED_n relocations
+ Mach-O: added support for ARM BR24 and Thumb BR22 relocations
+ Mach-O: cpusubtype field from the header is used to pre-set the ARM architecture version for disassembly
+ PDB: vtable structures are created and added to class structures if that info is present in the PDB
+ PDB: msdiaNN.dll can now be loaded without being registered, if found in PATH or default VC CRT install path
+ PE: load configuration directory (which includes SEH information) is parsed and commented
+ PE: recognize and load Phar Lap TNT DOS-Extender's 'PL' executables
+ PE: IDA now allows to load corrupted files after a warning instead of aborting
+ XCOFF: added support for weak extern symbols

KERNEL
------

+ added support for scripted processor modules
+ added support for scripted plugins
+ added support for 64-bit offsets with unknown base (they are mainly used in structure fields)
+ added support for appcall with timeouts
+ added support for custom data types and formats
+ added support for locking of area pointers returned by the kernel
+ improved the speed of handling idbs with huge number of segments
+ improved argument propagation algorithm to handle indirect calls, including function pointers stored in stack variables
+ jumping to exported entries will create functions automatically
+ kernel: single-character strings were converted to Unicode too aggressively
+ New command line switch '-t' to run IDA without an input file
+ The "-S" switch now works with any supported script type. Users can pass arguments to scripts and access them via the "ARGV" global variable
+ updated noret.cfg with several no-return functions used in Visual Basic programs (vbaErrorOverflow, vbaGenerateBoundsError etc.)
+ the "Generate IDC" command retains function prototypes
+ added FLIRT signatures for Visual C++ 2010 and C++Builder 2010

IDC & SDK
---------

+ IDC: IDC definitions are not destroyed upon closing the database
+ IDC: Added DbgByte(), DbgWord(), DbgWord() and DbgQword() to read program bytes from the debugger memory
+ IDC: Added GetManyBytes() to read more than a byte from the database or the debugger memory
+ SDK: added find_extlang_by_ext()
+ SDK: added idp_notify::set_proc_options notification for more fine-grained configuration of processor modules
+ SDK: added get_func_by_frame()
+ SDK: added get_varcall_regs() for processors that use registers for vararg calls (like printf)
+ SDK: added init_process/term_process/get_process_exit_code system independent functions
+ SDK: added netnode::supdel_range() to delete range of supval elements
+ SDK: added qfindfirst/qfindnext/qfindclose functions to enumerate files in a system independent way
+ SDK: added qrename() to rename files. qrename() does not fail if the new file exists (unix behavior)
+ SDK: added call_method to extlang
+ SDK: added set_idc_func_ex(); this function makes it possible to register IDC functions that can work without an open idb; set_idc_func() is obsolete now and should not be used
+ SDK: added support for complex offsets with subtraction from the base value (REFINFO_SUBTRACT)
+ SDK: added VarGetClassName() to retrieve the class name of an IDC object
+ SDK: class areaset_t can now be used by plugins and modules
+ SDK: find_func_bounds() supports flag FIND_FUNC_IGNOREFN
+ SDK: MIPS processor module now uses the same instruction numbers for 32-bit and 16-bit instructions. Plugins that rely on those numbers might have to be recompiled.
+ SDK: processor modules that don't have instruction comments in the ida.int database will receive a get_autocmt notification.
+ SDK: renamed all *_const functions to *_enum_member (add_const() is reserved in Visual C++ 2010)
+ SDK: ua_stkvarN and add_stkvarN could fail when adding a stack variable with an odd offset

USER INTERFACE
--------------

+ UI: added "follow pointer" context menu command in hex view
+ UI: added a "jump to cross reference from" command (default shortcut Ctrl-J), useful when navigating large switch statements
+ UI: it is now possible to generate flow and xref graphs in DOT format (see ida.cfg)
+ UI: it is possible to add/delete breakpoints from the module names window
+ UI: "Set callee" plugin (hotkey Alt-F11) now also works for ARM and MIPS processors
+ UI: user can now enter type declaration for instruction operands
+ UI: script boxes (Shift-F2, Alt-8) and other multi-line input boxes in IDA now auto-indent new lines
+ UI: Output window is a ritchtext control. Users can double-click on identifiers / address to jump
+ UI: Output window is now searchable (hotkey Alt-T and Ctrl-T)
+ UI: The environment variable TVHEADLESS can be specified for the graphical version of IDA Pro
+ UI: Set function prototype (shortcut 'y') can also be used if cursor is positioned over a function name
+ UI: Breakpoints window also shows the comment at the breakpoint's address
+ UI: Replaced "File / IDC file" with "File / Script file" allowing the users to run any supported script file

DEBUGGER
--------

+ Bochs debugger can be used under Linux and OS X
+ Bochs debugger supports Bochs 2.4.5
+ added "Jump to module base" to the modules list popup menu
+ added "Analyze module" to the modules list popup menu
+ added support for MMX/XMM registers (XMM regs only under windows)
+ connection to a Windows CE device can be canceled
+ win32 debugger: implemented accessing MSRs using the kernel debugger driver provided by Microsoft. Thanks to Alex Ionescu for the assistance!
+ added support for reading/writing model specific registers (MSRs)
+ WINDBG: changing the current thread using the "~Ns" command is now reflected in the UI
+ WINDBG: Reloading symbols in the debugging engine using ".reload" will also update the debug names in IDA
+ WINDBG: The plugin will propose to launch the dbgsrv.exe if debugging an x64 application
+ WINDBG: Added support for non-invasive debugging

BUGFIXES
--------

BUGFIX: AddHotKey() was broken under *nix
BUGFIX: ARM: operand order for XScale MRA/MAR instructions was wrong
BUGFIX: ARM: some instructions with PC-relative operand were decoded incorrectly in Thumb mode
BUGFIX: ARM: some PC-relative load and store instructions were decoded incorrectly in Thumb mode
BUGFIX: ARM: specifying a register pair in a function prototype would crash ida
BUGFIX: ARM: Thumb-2 STRD instruction was sometimes decoded as LDRD
BUGFIX: ELF: Solaris files with special values in sh_link field of section headers were not loaded correctly
BUGFIX: nec850: jr was not stopping execution flow
BUGFIX: PIC: 12F629 and 12F675 are 14-bit devices and so should be in pic14.cfg
BUGFIX: Bochs plugin in disk image operation mode could not retrieve segment register base properly in Bochs 2.4.2
BUGFIX: changing the storage type from sparse to regular could convert some zero-initialized bytes to uninitialized bytes
BUGFIX: coff files with more than 0x8000 segments were loaded incorrectly (some symbols could not be resolved)
BUGFIX: custom_viewer callbacks were getting wrong shift state information (should be 1-shift, 2-ctrl, 4-alt)
BUGFIX: dbg_step_into and similar events were not generated if the operation was invoked interactively by the user (not from a plugin)
BUGFIX: debug names were sent over the network repeatedly (remote debugging)
BUGFIX: debugger: Linux debugger did not handle well programs which created a lot of short-lived threads
BUGFIX: disabled menu items with shortcuts could appear in IDA after loading a new idb; this could lead to minor problems (like Esc not working in the decompiler)
BUGFIX: disassembly lines for structure members that are arrays with some repeating values would be truncated
BUGFIX: double clicking on a user-defined graph would lead to inconsistent idag state and create problems with focusing/unfocusing windows
BUGFIX: TDS plugin: choosing CANCEL in instant debugging mode would crash IDA
BUGFIX: Edit,Segment,Move current segment was doing nothing in some cases
BUGFIX: editing a breakpoint could lead to a crash during remote debugging session
BUGFIX: ELF (MIPS): in some cases HI16/LO16 relocation pairs were processed incorrectly
BUGFIX: elf files were rebased incorrectly
BUGFIX: even if the user requested octal represention of a number, IDA could still use decimal representation for values 8 and 9
BUGFIX: fixed an integer overflow bug in the qnx file loader (thanks to Jason Geffner)
BUGFIX: GDB debugger: ARM breakpoints were not working when connecting to OpenOCD
BUGFIX: gdb plugin was crashing on empty reply from monitor command
BUGFIX: get_prev_area() was broken
BUGFIX: GUI: Floating forms could cause IDA GUI to crash if opened and closed many times
BUGFIX: GUI: Hotkeys Alt-0 to Alt-9 (used to switch to a window) were not usuable even if no window was open and occupying that hotkey
BUGFIX: IDA could crash trying to evaluate "eax++" (illegal postfix operation on a register)
BUGFIX: IDA could crash while performing sp-analysis
BUGFIX: IDA could crash with memory corruption
BUGFIX: IDA could endlessly loop on corrupted databases
BUGFIX: IDA could hang when instruction tracing is used with debuggers with the DBG_FLAG_DONT_DISTURB flag
BUGFIX: IDA could hang when trying to display a type referring to itself
BUGFIX: IDA could sometimes refuse to modify the stack pointer while the background analysis was on
BUGFIX: IDA kernel was ignoring the "options" value set by the scriptable loaders in their accept_file()
BUGFIX: IDA was not allowing names with dummy prefixes (like byte_...) for structure members; removed this limitation
BUGFIX: IDA was setting 'use dup' checkbox while creating new arrays; now it remembers the last used value
BUGFIX: IDA would try to continue to interact with the remote debugger server after network timeouts; now it immediately closes the connection because the protocol state is lost
BUGFIX: idal could erronously complain about a corrupted configuration file
BUGFIX: IDAPython: GetCharPrm(INF_PROCNAME) was broken
BUGFIX: IDC DecodeInstruction() was not returning cmd.size attribute
BUGFIX: IDC: SetHashLong() was broken
BUGFIX: if a debugger session was ended with Alt-X, some debugger (and umimportant non-debugger) settings were not saved
BUGFIX: if the network connection was dropped during a debugging session, IDA could crash in some cases
BUGFIX: In rare cases, deleting the last segment could lead to a crash
BUGFIX: in some cases automatic type propagation could overwrite the stack frame's return address field
BUGFIX: it was impossible to connect to 64bit debugger server using 64bit version of IDA without a database
BUGFIX: it was not possible to reload binary files
BUGFIX: it was not possible to set an empty string as connection string for WinDbg debugger, if there was a saved default string.
BUGFIX: it was possible to modify a readonly debugger register from a script
BUGFIX: JAVA: IDA could not load some .class files with corrupted StackMapTable
BUGFIX: MIPS: IDA was creating multi-instruction macros in delay slots, which was incorrect
BUGFIX: MIPS: in some cases 16-bit negative immediate values were displayed as unsigned
BUGFIX: MIPS: jalx was incorrectly stopping execution flow
BUGFIX: normal functions were improperly detected as no-return for some processors with delayed slot instructions (e.g. SuperH)
BUGFIX: only slightly damaged idb files could be repaired by IDA (normally IDA is able to repair badly damaged files too)
BUGFIX: OSX: mac_server could interr in some cases when program exited unexpectedly
BUGFIX: parse c header files: if a type name was used as a local structure member name in a C header file, it would be parsed incorrectly
BUGFIX: parsing "typedef struct x x;" could create a circular dependency
BUGFIX: PC: a wait instruction with prefixes was still lumped together with the next instruction
BUGFIX: PC: assembler could not handle [reg-imm] while [reg+imm] was working ok
BUGFIX: PIC: SFR definitions were not reloaded when opening a previous database
BUGFIX: PowerPC: branch targets were truncated to 32 bits in 64-bit mode
BUGFIX: pressing Cancel while initializing an instant debugger could hang ida
BUGFIX: Python's GetReg and SetReg[Ex] did not work for non-x86 processors
BUGFIX: retrieving objects with circular dependencies from the debugged program to IDC could lead to interr
BUGFIX: SDK: unicode version of qstrlen() was broken
BUGFIX: SDK: request_step_over/step() were not working properly with multithreaded applications
BUGFIX: some SSE instructions were described incorrectly (missing CF_... flags)
BUGFIX: SuperH: basic block boundaries were determined incorrectly, leading to wrong flow graphs
BUGFIX: SuperH: return instructions were not defined correctly for big-endian variants
BUGFIX: text version of IDA could crash at the exit time if all debugger plugins were deleted from the disk
BUGFIX: the calculator could not properly display 64-bit and floating point results
BUGFIX: the screen would not be always refreshed after modifying the very first byte of a segment using the right click menu
BUGFIX: the selector list could not be displayed in the text version
BUGFIX: TMS320C54 module could not display names located in segments with a non-zero segment base
BUGFIX: TMS320C55x: some mov opcodes were decoded incorrectly
BUGFIX: tracing systenter on Windows XP would fail
BUGFIX: TXT: Open/Save file dialog could not list file name with wildcards in Windows
BUGFIX: unmapping all mapped local types and saving the database would corrupt local type storage
BUGFIX: wait_for_next_event() could hang if called without WFNE_SUSP and a suspending event occurred
BUGFIX: win32: it was possible to attach to services and debug them only once; to attach the second time, IDA had to be restarted
BUGFIX: windbg / kernel mode configuration was not being saved
BUGFIX: Windbg plugin (with dump-files) and windmp loader were failing to read certain memory areas
BUGFIX: IDC function xtol() function in IDC could not convert 64-bit values (in 64bit version of ida)
Copyright 2010 Hex-Rays, 2010-06-25
Product Overview - News - Support - Downloads - Sales - Processors - Technology - Links - Contacts
Hex-Rays blvd de la Sauvenière 30, 4000 Liège (Belgium) tel 32-4-222-4300 fax 32-4-222-6500 Please send us your questions or comments.