IDA C++ SDK 9.2
Loading...
Searching...
No Matches
dbg.hpp File Reference

Contains functions to control the debugging of a process. More...

Go to the source code of this file.

Classes

struct  bptaddrs_t
struct  bpt_location_t
 Describes a breakpoint location. More...
struct  bpt_t
 Characteristics of a breakpoint. More...
struct  movbpt_info_t
struct  bpt_visitor_t
 Visit all breakpoints. More...
struct  tev_info_t
 Common information for all trace events. More...
struct  memreg_info_t
 Required typedef for get_insn_tev_reg_mem() More...
struct  tev_reg_value_t
 Structure used for dbg_add_many_tevs() More...
struct  tev_info_reg_t
 Structure used for dbg_add_many_tevs() More...
class  eval_ctx_t
 Execution context. More...
class  source_file_t
 Describes a source file. More...
class  source_item_t
 Describes a subdivision of source information. More...
class  srcinfo_provider_t
 Describes the mechanism used to retrieve source file information. More...

Typedefs

typedef qvector< movbpt_info_tmovbpt_infos_t
typedef qvector< const bpt_t * > bpt_constptr_vec_t
typedef qvector< bpt_t * > bptptr_vec_t
typedef qvector< bpt_tbpt_vec_t
 vector of breakpoints
typedef qvector< movbpt_code_tmovbpt_codes_t
typedef qvector< bptaddrs_tbpteas_t
typedef qvector< debug_event_tdbgevt_vec_t
 vector of debug events
typedef qvector< tev_info_ttevinfo_vec_t
 vector of trace event info objects
typedef qvector< memreg_info_tmemreg_infos_t
typedef qvector< tev_reg_value_ttev_reg_values_t
 vector of trace event reg values
typedef qvector< tev_info_reg_ttevinforeg_vec_t
 vector of trace elements
typedef qrefcnt_t< source_item_tsource_item_ptr
 Maintain a reference count for source items.
typedef qiterator< source_item_ptr_source_item_iterator
 Iterator for source items.
typedef qrefcnt_t< _source_item_iteratorsource_item_iterator
 Maintain a reference count for source item iterators.
typedef qvector< source_item_ptrsource_items_t
 Vector of source items.
typedef qrefcnt_t< source_file_tsource_file_ptr
 Maintain a reference count for source file objects.
typedef qiterator< source_file_ptr_source_file_iterator
 Iterator for source files.
typedef qrefcnt_t< _source_file_iteratorsource_file_iterator
 Maintain a reference count for source file iterators.

Enumerations

enum  dbg_notification_t {
  dbg_null = 0 , dbg_process_start , dbg_process_exit , dbg_process_attach ,
  dbg_process_detach , dbg_thread_start , dbg_thread_exit , dbg_library_load ,
  dbg_library_unload , dbg_information , dbg_exception , dbg_suspend_process ,
  dbg_bpt , dbg_trace , dbg_request_error , dbg_step_into ,
  dbg_step_over , dbg_run_to , dbg_step_until_ret , dbg_bpt_changed ,
  dbg_started_loading_bpts , dbg_finished_loading_bpts , dbg_last
}
 Debugger notification codes. More...
enum  movbpt_code_t { MOVBPT_OK , MOVBPT_NOT_FOUND , MOVBPT_DEST_BUSY , MOVBPT_BAD_TYPE }
enum  bpt_loctype_t { BPLT_ABS , BPLT_REL , BPLT_SYM , BPLT_SRC }
 Breakpoint location types. More...
enum  tev_type_t {
  tev_none = 0 , tev_insn , tev_call , tev_ret ,
  tev_bpt , tev_mem , tev_event , tev_max
}
 Trace event types. More...
enum  save_reg_values_t { SAVE_ALL_VALUES = 0 , SAVE_DIFF , SAVE_NONE }
 Se dbg_add_insn_tev() More...
enum  dbg_event_code_t { DEC_NOTASK = -2 , DEC_ERROR = -1 , DEC_TIMEOUT = 0 }
 Wait for the next debugger event. More...
enum  src_item_kind_t {
  SRCIT_NONE , SRCIT_MODULE , SRCIT_FUNC , SRCIT_STMT ,
  SRCIT_EXPR , SRCIT_STTVAR , SRCIT_LOCVAR
}
 Kinds of source items. More...

Functions

bool idaapi run_requests (void)
 Execute requests until all requests are processed or an asynchronous function is called.
ui_notification_t idaapi get_running_request (void)
 Get the current running request.
bool is_request_running (void)
 Is a request currently running?
dbg_notification_t idaapi get_running_notification (void)
 Get the notification associated (if any) with the current running request.
void idaapi clear_requests_queue (void)
 Clear the queue of waiting requests.
int idaapi get_process_state (void)
 Return the state of the currently debugged process.
bool idaapi is_valid_dstate (int state)
int idaapi set_process_state (int newstate, thid_t *p_thid, int dbginv)
 Set new state for the debugged process.
int idaapi invalidate_dbg_state (int dbginv)
 Invalidate cached debugger information.
int idaapi start_process (const char *path=nullptr, const char *args=nullptr, const char *sdir=nullptr)
 Start a process in the debugger.
int idaapi request_start_process (const char *path=nullptr, const char *args=nullptr, const char *sdir=nullptr)
 Post a start_process() request.
bool idaapi suspend_process (void)
 Suspend the process in the debugger.
bool idaapi request_suspend_process (void)
 Post a suspend_process() request.
bool idaapi continue_process (void)
 Continue the execution of the process in the debugger.
bool idaapi request_continue_process (void)
 Post a continue_process() request.
bool idaapi continue_backwards (void)
 Continue the execution of the process in the debugger backwards.
bool idaapi request_continue_backwards (void)
 Post a continue_backwards() request.
bool idaapi exit_process (void)
 Terminate the debugging of the current process.
bool idaapi request_exit_process (void)
 Post an exit_process() request.
ssize_t idaapi get_processes (procinfo_vec_t *proclist)
 Take a snapshot of running processes and return their description.
int idaapi attach_process (pid_t pid=NO_PROCESS, int event_id=-1)
 Attach the debugger to a running process.
int idaapi request_attach_process (pid_t pid, int event_id)
 Post an attach_process() request.
bool idaapi detach_process (void)
 Detach the debugger from the debugged process.
bool idaapi request_detach_process (void)
 Post a detach_process() request.
bool idaapi is_debugger_busy (void)
 Is the debugger busy?
int idaapi get_thread_qty (void)
 Get number of threads.
thid_t idaapi getn_thread (int n)
 Get the ID of a thread.
thid_t idaapi get_current_thread (void)
 Get current thread ID.
const char *idaapi getn_thread_name (int n)
 Get the NAME of a thread.
bool idaapi select_thread (thid_t tid)
 Select the given thread as the current debugged thread.
bool idaapi request_select_thread (thid_t tid)
 Post a select_thread() request.
int idaapi suspend_thread (thid_t tid)
 Suspend thread.
int idaapi request_suspend_thread (thid_t tid)
 Post a suspend_thread() request.
int idaapi resume_thread (thid_t tid)
 Resume thread.
int idaapi request_resume_thread (thid_t tid)
 Post a resume_thread() request.
bool idaapi get_first_module (modinfo_t *modinfo)
bool idaapi get_next_module (modinfo_t *modinfo)
bool idaapi step_into (void)
 Execute one instruction in the current thread.
bool idaapi request_step_into (void)
 Post a step_into() request.
bool idaapi step_over (void)
 Execute one instruction in the current thread, but without entering into functions.
bool idaapi request_step_over (void)
 Post a step_over() request.
bool idaapi step_into_backwards (void)
 Execute one instruction backwards in the current thread.
bool idaapi request_step_into_backwards (void)
 Post a step_into_backwards() request.
bool idaapi step_over_backwards (void)
 Execute one instruction backwards in the current thread, but without entering into functions.
bool idaapi request_step_over_backwards (void)
 Post a step_over_backwards() request.
bool idaapi run_to (ea_t ea, pid_t pid=NO_PROCESS, thid_t tid=NO_THREAD)
 Execute the process until the given address is reached.
bool idaapi request_run_to (ea_t ea, pid_t pid=NO_PROCESS, thid_t tid=NO_THREAD)
 Post a run_to() request.
bool idaapi run_to_backwards (ea_t ea, pid_t pid=NO_PROCESS, thid_t tid=NO_THREAD)
 Execute the process backwards until the given address is reached.
bool idaapi request_run_to_backwards (ea_t ea, pid_t pid=NO_PROCESS, thid_t tid=NO_THREAD)
 Post a run_to_backwards() request.
bool idaapi step_until_ret (void)
 Execute instructions in the current thread until a function return instruction is executed (aka "step out").
bool idaapi request_step_until_ret (void)
 Post a step_until_ret() request.
bool idaapi set_resume_mode (thid_t tid, resume_mode_t mode)
 How to resume the application.
bool idaapi request_set_resume_mode (thid_t tid, resume_mode_t mode)
 Post a set_resume_mode() request.
bool idaapi get_dbg_reg_info (const char *regname, register_info_t *ri)
 Get register information.
bool idaapi get_reg_val (const char *regname, regval_t *regval)
 Read a register value from the current thread.
bool idaapi get_reg_val (const char *regname, uint64 *ival)
 Get register value as an unsigned 64-bit int.
bool idaapi get_sp_val (ea_t *out)
 Get value of the SP register for the current thread.
bool idaapi get_ip_val (ea_t *out)
 Get value of the IP (program counter) register for the current thread.
bool idaapi set_reg_val (const char *regname, const regval_t *regval)
 Write a register value to the current thread.
bool idaapi set_reg_val (const char *regname, uint64 ival)
 Write a register value to the current thread.
bool idaapi request_set_reg_val (const char *regname, const regval_t *regval)
 Post a set_reg_val() request.
bool idaapi is_reg_integer (const char *regname)
 Does a register contain an integer value?
bool idaapi is_reg_float (const char *regname)
 Does a register contain a floating point value?
bool idaapi is_reg_custom (const char *regname)
 Does a register contain a value of a custom data type?
int idaapi set_bptloc_string (const char *s)
const char *idaapi get_bptloc_string (int i)
 DECLARE_TYPE_AS_MOVABLE (bpt_location_t)
 DECLARE_TYPE_AS_MOVABLE (bpt_t)
 DECLARE_TYPE_AS_MOVABLE (movbpt_info_t)
int idaapi get_bpt_qty (void)
 Get number of breakpoints.
bool idaapi getn_bpt (int n, bpt_t *bpt)
 Get the characteristics of a breakpoint.
bool idaapi get_bpt (ea_t ea, bpt_t *bpt)
 Get the characteristics of a breakpoint.
bool exist_bpt (ea_t ea)
 Does a breakpoint exist at the given location?
bool idaapi add_bpt (ea_t ea, asize_t size=0, bpttype_t type=BPT_DEFAULT)
 Add a new breakpoint in the debugged process.
bool idaapi request_add_bpt (ea_t ea, asize_t size=0, bpttype_t type=BPT_DEFAULT)
 Post an add_bpt(ea_t, asize_t, bpttype_t) request.
bool idaapi add_bpt (const bpt_t &bpt)
 Add a new breakpoint in the debugged process.
bool idaapi request_add_bpt (const bpt_t &bpt)
 Post an add_bpt(const bpt_t &) request.
bool idaapi del_bpt (ea_t ea)
 Delete an existing breakpoint in the debugged process.
bool idaapi request_del_bpt (ea_t ea)
 Post a del_bpt(ea_t) request.
bool idaapi del_bpt (const bpt_location_t &bptloc)
 Delete an existing breakpoint in the debugged process.
bool idaapi request_del_bpt (const bpt_location_t &bptloc)
 Post a del_bpt(const bpt_location_t &) request.
bool idaapi update_bpt (const bpt_t *bpt)
 Update modifiable characteristics of an existing breakpoint.
bool idaapi find_bpt (const bpt_location_t &bptloc, bpt_t *bpt)
 Find a breakpoint by location.
int idaapi change_bptlocs (const movbpt_infos_t &movinfo, movbpt_codes_t *codes=nullptr, bool del_hindering_bpts=true)
 Move breakpoint(s) from one location to another.
int idaapi check_bpt (ea_t ea)
 Check the breakpoint at the specified address.
bool idaapi set_trace_size (int size)
 Specify the new size of the circular buffer.
void idaapi clear_trace (void)
 Clear all events in the trace buffer.
void idaapi request_clear_trace (void)
 Post a clear_trace() request.
bool idaapi is_step_trace_enabled (void)
 Get current state of step tracing.
int idaapi get_step_trace_options (void)
 Get current step tracing options.
void idaapi set_step_trace_options (int options)
 Modify step tracing options.
void idaapi request_set_step_trace_options (int options)
 Post a set_step_trace_options() request.
bool idaapi is_insn_trace_enabled (void)
 Get current state of instruction tracing.
int idaapi get_insn_trace_options (void)
 Get current instruction tracing options.
void idaapi set_insn_trace_options (int options)
 Modify instruction tracing options.
void idaapi request_set_insn_trace_options (int options)
 Post a set_insn_trace_options() request.
bool idaapi is_func_trace_enabled (void)
 Get current state of functions tracing.
int idaapi get_func_trace_options (void)
 Get current function tracing options.
void idaapi set_func_trace_options (int options)
 Modify function tracing options.
void idaapi request_set_func_trace_options (int options)
 Post a set_func_trace_options() request.
int idaapi get_bblk_trace_options (void)
 Get current basic block tracing options.
void idaapi set_bblk_trace_options (int options)
 Modify basic block tracing options (see #BT_LOG_INSTS)
void idaapi request_set_bblk_trace_options (int options)
 Post a set_bblk_trace_options() request.
 DECLARE_TYPE_AS_MOVABLE (memreg_info_t)
int idaapi get_tev_qty (void)
 Get number of trace events available in trace buffer.
bool idaapi get_tev_info (int n, tev_info_t *tev_info)
 Get main information about a trace event.
bool idaapi get_insn_tev_reg_val (int n, const char *regname, regval_t *regval)
 Read a register value from an instruction trace event.
bool idaapi get_insn_tev_reg_val (int n, const char *regname, uint64 *ival)
bool idaapi get_insn_tev_reg_mem (int n, memreg_infos_t *memmap)
 Read the memory pointed by register values from an instruction trace event.
bool idaapi get_insn_tev_reg_result (int n, const char *regname, regval_t *regval)
 Read the resulting register value from an instruction trace event.
bool idaapi get_insn_tev_reg_result (int n, const char *regname, uint64 *ival)
ea_t idaapi get_call_tev_callee (int n)
 Get the called function from a function call trace event.
ea_t idaapi get_ret_tev_return (int n)
 Get the return address from a function return trace event.
ea_t idaapi get_bpt_tev_ea (int n)
 Get the address associated to a read, read/write or execution trace event.
bool idaapi get_tev_memory_info (int n, meminfo_vec_t *mi)
 Get the memory layout, if any, for the specified tev object.
bool idaapi get_tev_event (int n, debug_event_t *d)
 Get the corresponding debug event, if any, for the specified tev object.
ea_t idaapi get_trace_base_address (void)
 Get the base address of the current trace.
void idaapi set_trace_base_address (ea_t ea)
 Set the base address of the current trace.
void idaapi dbg_add_thread (thid_t tid)
 Add a thread to the current trace.
void idaapi dbg_del_thread (thid_t tid)
 Delete a thread from the current trace.
void idaapi dbg_add_tev (tev_type_t type, thid_t tid, ea_t address)
 Add a new trace element to the current trace.
 DECLARE_TYPE_AS_MOVABLE (tev_reg_value_t)
 DECLARE_TYPE_AS_MOVABLE (tev_info_reg_t)
bool idaapi dbg_add_many_tevs (tevinforeg_vec_t *new_tevs)
 Add many new trace elements to the current trace.
bool idaapi dbg_add_insn_tev (thid_t tid, ea_t ea, save_reg_values_t save=SAVE_DIFF)
 Add a new instruction trace element to the current trace.
bool idaapi dbg_add_bpt_tev (thid_t tid, ea_t ea, ea_t bp)
 Add a new breakpoint trace element to the current trace.
void idaapi dbg_add_call_tev (thid_t tid, ea_t caller, ea_t callee)
 Add a new call trace element to the current trace.
void idaapi dbg_add_ret_tev (thid_t tid, ea_t ret_insn, ea_t return_to)
 Add a new return trace element to the current trace.
void idaapi dbg_add_debug_event (debug_event_t *event)
 Add a new debug event to the current trace.
bool idaapi load_trace_file (qstring *buf, const char *filename)
 Load a recorded trace file in the 'Tracing' window.
bool idaapi save_trace_file (const char *filename, const char *description)
 Save the current trace in the specified file.
bool idaapi is_valid_trace_file (const char *filename)
 Is the specified file a valid trace file for the current database?
bool idaapi set_trace_file_desc (const char *filename, const char *description)
 Change the description of the specified trace file.
bool idaapi get_trace_file_desc (qstring *buf, const char *filename)
 Get the file header of the specified trace file.
bool idaapi choose_trace_file (qstring *buf)
 Show the choose trace dialog.
bool idaapi diff_trace_file (const char *NONNULL filename)
 Show difference between the current trace and the one from 'filename'.
bool idaapi graph_trace (void)
 Show the trace callgraph.
void idaapi set_highlight_trace_options (bool hilight, bgcolor_t color, bgcolor_t diff)
 Set highlight trace parameters.
void idaapi set_trace_platform (const char *platform)
 Set platform name of current trace.
const char *idaapi get_trace_platform ()
 Get platform name of current trace.
void idaapi set_trace_dynamic_register_set (dynamic_register_set_t &idaregs)
 Set dynamic register set of current trace.
void idaapi get_trace_dynamic_register_set (dynamic_register_set_t *idaregs)
 Get dynamic register set of current trace.
dbg_event_code_t idaapi wait_for_next_event (int wfne, int timeout)
 Wait for the next event.
const debug_event_t *idaapi get_debug_event (void)
 Get the current debugger event.
uint idaapi set_debugger_options (uint options)
 Set debugger options.
void idaapi set_remote_debugger (const char *host, const char *pass, int port=-1)
 Set remote debugging options.
void idaapi get_process_options (qstring *path, qstring *args, launch_env_t *out_envs, qstring *sdir, qstring *host, qstring *pass, int *port)
 Get process options.
void idaapi set_process_options (const char *path, const char *args, const launch_env_t *envs, const char *sdir, const char *host, const char *pass, int port)
 Set process options.
excvec_t *idaapi retrieve_exceptions (void)
 Retrieve the exception information.
bool idaapi store_exceptions (void)
 Update the exception information stored in the debugger module by invoking its dbg->set_exception_info callback.
const char *idaapi define_exception (uint code, const char *name, const char *desc, int flags)
 Convenience function: define new exception code.
THREAD_SAFE bool have_set_options (const debugger_t *_dbg)
 Is set_dbg_options() implemented in debugger_t?
const char *idaapi set_dbg_options (debugger_t *_dbg, const char *keyword, int pri, int value_type, const void *value)
 Convenience function to set debugger specific options.
const char *idaapi set_dbg_default_options (debugger_t *_dbg, const char *keyword, int value_type, const void *value)
const char *idaapi set_int_dbg_options (debugger_t *_dbg, const char *keyword, int32 value)
const char *idaapi set_dbg_options (const char *keyword, int pri, int value_type, const void *value)
 Set options for dbg.
const char *idaapi set_dbg_default_options (const char *keyword, int value_type, const void *value)
 Set dbg options with #IDPOPT_PRI_DEFAULT.
const char *idaapi set_int_dbg_options (const char *keyword, int32 value)
 Set an integer value option for dbg.
bool idaapi register_srcinfo_provider (srcinfo_provider_t *sp)
 Register a source information provider.
bool idaapi unregister_srcinfo_provider (srcinfo_provider_t *sp)
 Unregister a source information provider.
source_view_t * create_source_viewer (TWidget **out_ccv, TWidget *parent, TWidget *custview, source_file_ptr sf, strvec_t *lines, int lnnum, int colnum, int flags)
 Create a source code view.
idaman bool ida_export get_dbg_byte (uint32 *out, ea_t ea)
 Get one byte of the debugged process memory.
idaman bool ida_export put_dbg_byte (ea_t ea, uint32 x)
 Change one byte of the debugged process memory.
idaman void ida_export set_dbgmem_source (range_t *(idaapi *dbg_get_memory_config)(int *n), int(idaapi *memory_read)(ea_t ea, void *buffer, int size), int(idaapi *memory_write)(ea_t ea, const void *buffer, int size))
 Set the memory information source for IDA kernel.
idaman void ida_export invalidate_dbgmem_config (void)
 Invalidate the debugged process memory configuration.
idaman void ida_export invalidate_dbgmem_contents (ea_t ea, asize_t size)
 Invalidate the debugged process memory contents.
idaman bool ida_export is_debugger_on (void)
 Is the debugger currently running?
idaman bool ida_export is_debugger_memory (ea_t ea)
 Is the address mapped to debugger memory?
ea_t idaapi get_tev_ea (int n)
int idaapi get_tev_type (int n)
int idaapi get_tev_tid (int n)
void idaapi bring_debugger_to_front (void)
void idaapi get_manual_regions (meminfo_vec_t *ranges)
void idaapi set_manual_regions (const meminfo_vec_t *ranges)
void idaapi edit_manual_regions ()
void idaapi enable_manual_regions (bool enable)
int idaapi handle_debug_event (const debug_event_t *ev, int rqflags)
bool idaapi add_virt_module (const modinfo_t *mod)
bool idaapi del_virt_module (const ea_t base)
int idaapi internal_get_sreg_base (ea_t *answer, thid_t tid, int sreg_value)
int idaapi internal_ioctl (int fn, const void *buf, size_t size, void **poutbuf, ssize_t *poutsize)
int idaapi get_reg_vals (thid_t tid, int clsmask, regval_t *values)
int idaapi set_reg_val (thid_t tid, int regidx, const regval_t *value)
int idaapi get_dbg_memory_info (meminfo_vec_t *ranges)
bool idaapi set_bpt_group (bpt_t &bpt, const char *grp_name)
 Move a bpt into a folder in the breakpoint dirtree if the folder didn't exists, it will be created.
bool idaapi set_bptloc_group (const bpt_location_t &bptloc, const char *grp_name)
 Move a bpt into a folder in the breakpoint dirtree based on the bpt_location find_bpt is called to retrieve the bpt and then set_bpt_group if the folder didn't exists, it will be created.
bool idaapi get_bpt_group (qstring *grp_name, const bpt_location_t &bptloc)
 Retrieve the absolute path to the folder of the bpt based on the bpt_location find_bpt is called to retrieve the bpt.
size_t idaapi list_bptgrps (qstrvec_t *bptgrps)
 Retrieve the list of absolute path of all folders of bpt dirtree.
bool idaapi rename_bptgrp (const char *old_name, const char *new_name)
 Rename a folder of bpt dirtree.
bool idaapi del_bptgrp (const char *name)
 Delete a folder, bpt that were part of this folder are moved to the root folder.
ssize_t idaapi get_grp_bpts (bpt_vec_t *bpts, const char *grp_name)
 Retrieve a copy the bpts stored in a folder.
int idaapi enable_bptgrp (const char *bptgrp_name, bool enable=true)
 Enable (or disable) all bpts in a folder.
bool idaapi get_local_vars (srcinfo_provider_t *prov, ea_t ea, source_items_t *out)
bool idaapi srcdbg_request_step_into (void)
bool idaapi srcdbg_request_step_over (void)
bool idaapi srcdbg_request_step_until_ret (void)
int idaapi internal_cleanup_appcall (thid_t tid)
int idaapi hide_all_bpts (void)
ssize_t idaapi read_dbg_memory (ea_t ea, void *buffer, size_t size)
bool idaapi get_module_info (ea_t ea, modinfo_t *modinfo)
drc_t idaapi dbg_bin_search (ea_t *out, ea_t start_ea, ea_t end_ea, const compiled_binpat_vec_t &data, int srch_flags, qstring *errbuf)
bool idaapi dbg_can_query (debugger_t *_dbg)
bool idaapi dbg_can_query (void)
bool idaapi load_debugger (const char *dbgname, bool use_remote)
bool idaapi collect_stack_trace (thid_t tid, call_stack_t *trace)
bool idaapi get_global_var (srcinfo_provider_t *prov, ea_t ea, const char *name, source_item_ptr *out)
bool idaapi get_local_var (srcinfo_provider_t *prov, ea_t ea, const char *name, source_item_ptr *out)
srcinfo_provider_t *idaapi get_srcinfo_provider (const char *name)
bool idaapi get_current_source_file (qstring *out)
int idaapi get_current_source_line (void)
void idaapi add_path_mapping (const char *src, const char *dst)
bool idaapi srcdbg_step_into (void)
bool idaapi srcdbg_step_over (void)
bool idaapi srcdbg_step_until_ret (void)
ssize_t idaapi write_dbg_memory (ea_t ea, const void *buffer, size_t size)
void idaapi set_debugger_event_cond (const char *NONNULL evcond)
const char *idaapi get_debugger_event_cond (void)
idaman void ida_export lock_dbgmem_config (void)
idaman void ida_export unlock_dbgmem_config (void)
enable/disable breakpoints
TypeSynchronous function - available as request
Notificationnone (synchronous function)

Enable or disable an existing breakpoint. A disabled breakpoint isn't available anymore in the process.

bool idaapi enable_bpt (ea_t ea, bool enable=true)
bool idaapi enable_bpt (const bpt_location_t &bptloc, bool enable=true)
bool disable_bpt (ea_t ea)
bool disable_bpt (const bpt_location_t &bptloc)
bool idaapi request_enable_bpt (ea_t ea, bool enable=true)
bool idaapi request_enable_bpt (const bpt_location_t &bptloc, bool enable=true)
bool request_disable_bpt (ea_t ea)
bool request_disable_bpt (const bpt_location_t &bptloc)
Enable/Disable step tracing

Enable or disable the step tracing

TypeSynchronous function - available as request
Notificationnone (synchronous function)
Parameters
enable
  • 1 : enable step tracing
  • 0 : disable step tracing
  • -1 : temporarily disable step tracing (trace-over breakpoints are conserved: these could re-enable step tracing later)
bool idaapi enable_step_trace (int enable=1)
bool disable_step_trace (void)
bool idaapi request_enable_step_trace (int enable=1)
bool request_disable_step_trace (void)
Enable/Disable instruction tracing
TypeSynchronous function - available as request
Notificationnone (synchronous function)
bool idaapi enable_insn_trace (bool enable=true)
bool disable_insn_trace (void)
bool idaapi request_enable_insn_trace (bool enable=true)
bool request_disable_insn_trace (void)
Enable/Disable functions tracing
TypeSynchronous function - available as request
Notificationnone (synchronous function)
bool idaapi enable_func_trace (bool enable=true)
bool disable_func_trace (void)
bool idaapi request_enable_func_trace (bool enable=true)
bool request_disable_func_trace (void)
Enable/Disable basic blocks tracing
TypeSynchronous function - available as request
Notificationnone (synchronous function)
bool idaapi enable_bblk_trace (bool enable=true)
bool disable_bblk_trace (void)
bool idaapi request_enable_bblk_trace (bool enable=true)
bool request_disable_bblk_trace (void)
bool idaapi is_bblk_trace_enabled (void)

Variables

idaman debugger_t ida_export_datadbg
 This structure contains information about the current debugger.

Detailed Description

Contains functions to control the debugging of a process.

See Debugger functions for a complete explanation of these functions.

These functions are inlined for the kernel. They are not inlined for the user-interfaces.

Enumeration Type Documentation

◆ dbg_notification_t

Debugger notification codes.

A plugin can receive notifications of all major events in the debugger, by calling the hook_event_listener() function with HT_DBG as hook_type_t (see loader.hpp for details about installing and removing such callbacks).

IDA generates two major different types of debugger notifications:

  • debugger event notification: this notification monitors usual events occurring during the execution of a process. These event notifications are always generated for any process. Some of these event notifications are interpreted by IDA (high-level events), while others are directly generated by the debugger module (low-level events). Low-level events always return a debug_event_t structure as an argument.
  • debugger asynchronous function result notification: such a notification occurs only when a debugger properly terminated the execution of an asynchronous function (see Debugger functions)

How to control the process execution (after the execution of all notification handlers) from the notification handler:

  • to force the process to STOP: call suspend_process(). In this case, the current debugger command will be aborted and no new request will be started.
  • to force the process to CONTINUE: call continue_process(). In this case, no new request will be started.
  • to start new debugger command(s): call as many request_COMMAND() as needed, then call run_requests(). In this case, the current debugger command (if any) will be aborted. (see Debugger functions in this file for more details about requests)
  • else, the process execution will depend on the current debugger options or object settings. Some examples:
    • a new loaded library will stop the process depending on the associated debugger option.
    • a breakpoint will stop the process depending on its properties.

A plugin must not call asynchronous debugger functions from the notification handler! Use the REQUEST QUEUE mechanism instead (request_...()).

If the plugin wants to access the process memory from a notification point, it should call invalidate_dbgmem_config() and/or invalidate_dbgmem_contents() functions. The invalidate_dbgmem_config() is really slow, so do not call it unless the process memory config have changed after the last time the process was suspended. The invalidate_dbgmem_contents() is fast and flushes the memory cache in the ida kernel. Without it, functions like get_byte() would return stale values!

Enumerator
dbg_null 
dbg_process_start 
Parameters
event(const debug_event_t *)
Note
This event notification is also an asynchronous function result notification for start_process() !
dbg_process_exit 
Parameters
event(const debug_event_t *)
Note
This event notification is also an asynchronous function result notification for start_process() !
dbg_process_attach 
Parameters
event(const debug_event_t *)
Note
This event notification is also an asynchronous function result notification for start_process() !
dbg_process_detach 
Parameters
event(const debug_event_t *)
Note
This event notification is also an asynchronous function result notification for start_process() !
dbg_thread_start 
Parameters
event(const debug_event_t *)
dbg_thread_exit 
Parameters
event(const debug_event_t *)
dbg_library_load 
Parameters
event(const debug_event_t *)
dbg_library_unload 
Parameters
event(const debug_event_t *)
dbg_information 
Parameters
event(const debug_event_t *)
dbg_exception 
Parameters
event(const debug_event_t *)
[out]warn(int *) filled with:
  • -1: display an exception warning dialog if the process is suspended.
  • 0: never display an exception warning dialog.
  • 1: always display an exception warning dialog.
dbg_suspend_process 

The process is now suspended.

Parameters
event(const debug_event_t *)
Note
This event notification is also an asynchronous function result notification for suspend_process() !
dbg_bpt 

A user defined breakpoint was reached.

Parameters
tid(thid_t)
bptea(ea_t)
[out]warn(int *) filled with:
  • -1: display an exception warning dialog if the process is suspended.
  • 0: never display an exception warning dialog.
  • 1: always display an exception warning dialog.
dbg_trace 

A step occurred (one instruction was executed).

This event notification is only generated if step tracing is enabled.

Parameters
tid(thid_t) thread ID
ip(ea_t) current instruction pointer. usually points after the executed instruction
Return values
1do not log this trace event
0log it
dbg_request_error 

An error occurred during the processing of a request.

Parameters
failed_command(ui_notification_t)
failed_dbg_notification(dbg_notification_t)
dbg_step_into 
Parameters
event(const debug_event_t *)
dbg_step_over 
Parameters
event(const debug_event_t *)
dbg_run_to 
Parameters
event(const debug_event_t *)
dbg_step_until_ret 
Parameters
event(const debug_event_t *)
dbg_bpt_changed 

Breakpoint has been changed.

Parameters
bptev_code(int) Breakpoint modification events
bpt(bpt_t *)
dbg_started_loading_bpts 

Started loading breakpoint info from idb.

dbg_finished_loading_bpts 

Finished loading breakpoint info from idb.

dbg_last 

The last debugger notification code.

Function Documentation

◆ internal_cleanup_appcall()

int idaapi internal_cleanup_appcall ( thid_t tid)
inline

◆ hide_all_bpts()

int idaapi hide_all_bpts ( void )
inline

◆ read_dbg_memory()

ssize_t idaapi read_dbg_memory ( ea_t ea,
void * buffer,
size_t size )
inline

◆ get_module_info()

bool idaapi get_module_info ( ea_t ea,
modinfo_t * modinfo )
inline

◆ dbg_bin_search()

drc_t idaapi dbg_bin_search ( ea_t * out,
ea_t start_ea,
ea_t end_ea,
const compiled_binpat_vec_t & data,
int srch_flags,
qstring * errbuf )
inline

◆ dbg_can_query() [1/2]

bool idaapi dbg_can_query ( debugger_t * _dbg)
inline

◆ dbg_can_query() [2/2]

bool idaapi dbg_can_query ( void )
inline

◆ load_debugger()

bool idaapi load_debugger ( const char * dbgname,
bool use_remote )
inline

◆ collect_stack_trace()

bool idaapi collect_stack_trace ( thid_t tid,
call_stack_t * trace )
inline

◆ get_global_var()

bool idaapi get_global_var ( srcinfo_provider_t * prov,
ea_t ea,
const char * name,
source_item_ptr * out )
inline

◆ get_local_var()

bool idaapi get_local_var ( srcinfo_provider_t * prov,
ea_t ea,
const char * name,
source_item_ptr * out )
inline

◆ get_srcinfo_provider()

srcinfo_provider_t *idaapi get_srcinfo_provider ( const char * name)
inline

◆ get_current_source_file()

bool idaapi get_current_source_file ( qstring * out)
inline

◆ get_current_source_line()

int idaapi get_current_source_line ( void )
inline

◆ add_path_mapping()

void idaapi add_path_mapping ( const char * src,
const char * dst )
inline

◆ srcdbg_step_into()

bool idaapi srcdbg_step_into ( void )
inline

◆ srcdbg_step_over()

bool idaapi srcdbg_step_over ( void )
inline

◆ srcdbg_step_until_ret()

bool idaapi srcdbg_step_until_ret ( void )
inline

◆ write_dbg_memory()

ssize_t idaapi write_dbg_memory ( ea_t ea,
const void * buffer,
size_t size )
inline

◆ set_debugger_event_cond()

void idaapi set_debugger_event_cond ( const char *NONNULL evcond)
inline

◆ get_debugger_event_cond()

const char *idaapi get_debugger_event_cond ( void )
inline

◆ lock_dbgmem_config()

idaman void ida_export lock_dbgmem_config ( void )

◆ unlock_dbgmem_config()

idaman void ida_export unlock_dbgmem_config ( void )

Variable Documentation

◆ dbg

This structure contains information about the current debugger.

(nullptr if no debugger was loaded) - see idd.hpp for details about this structure.

All functions defined in this structure should only be called by the kernel !!!