# Breakpoint handling functions // Get number of breakpoints. // Returns: number of breakpoints long get\_bpt\_qty(); // Get breakpoint address // n - number of breakpoint, is in range 0..get\_bpt\_qty()-1 // returns: address of the breakpoint or BADADDR long get\_bpt\_ea(long n); // Get the characteristics of a breakpoint // address - any address in the breakpoint range // bptattr - the desired attribute code, one of BPTATTR\_... constants // Returns: the desired attribute value or -1 long get\_bpt\_attr(long ea, number bptattr); \#define NO\_PROCESS -1 // invalid process #define NO\_THREAD 0 // invalid thread #define BPTATTR\_EA 1 // starting address of the breakpoint #define BPTATTR\_SIZE 2 // size of the breakpoint (undefined for software breakpoint) #define BPTATTR\_TYPE 3 // type of the breakpoint // Breakpoint types: #define BPT\_WRITE 1 // Hardware: Write access #define BPT\_READ 2 // Hardware: Read access #define BPT\_RDWR 3 // Hardware: Read/write access #define BPT\_SOFT 4 // Software breakpoint #define BPT\_EXEC 8 // Hardware: Execute instruction #define BPT\_DEFAULT (BPT\_SOFT|BPT\_EXEC) // Choose bpt type automatically \#define BPTATTR\_COUNT 4 // number of times the breakpoint is hit before stopping \#define BPTATTR\_FLAGS 5 // Breakpoint attributes: #define BPT\_BRK 0x001 // the debugger stops on this breakpoint #define BPT\_TRACE 0x002 // the debugger adds trace information when // this breakpoint is reached #define BPT\_UPDMEM 0x004 // refresh the memory layout and contents before evaluating bpt condition #define BPT\_ENABLED 0x008 // enabled? #define BPT\_LOWCND 0x010 // condition is calculated at low level (on the server side) #define BPT\_TRACEON 0x020 // enable tracing when the breakpoint is reached #define BPT\_TRACE\_INSN 0x040 // instruction tracing #define BPT\_TRACE\_FUNC 0x080 // function tracing #define BPT\_TRACE\_BBLK 0x100 // basic block tracing \#define BPTATTR\_COND 6 // Breakpoint condition // **NOTE:** the return value is a string in this case #define BPTATTR\_PID 7 // Breakpoint process id #define BPTATTR\_TID 8 // Breakpoint thread id // Breakpoint location type: #define BPLT\_ABS 0 // Absolute address. Attributes: // - locinfo: absolute address \#define BPLT\_REL 1 // Module relative address. Attributes: // - locpath: the module path // - locinfo: offset from the module base address \#define BPLT\_SYM 2 // Symbolic name. The name will be resolved on DLL load/unload // events and on naming an address. Attributes: // - locpath: symbol name // - locinfo: offset from the symbol base address // Breakpoint properties: #define BKPT\_BADBPT 0x01 // failed to write the bpt to the process memory (at least one location) #define BKPT\_LISTBPT 0x02 // include in bpt list (user-defined bpt) #define BKPT\_TRACE 0x04 // trace bpt; should not be deleted when the process gets suspended #define BKPT\_ACTIVE 0x08 // active? #define BKPT\_PARTIAL 0x10 // partially active? (some locations were not written yet) #define BKPT\_CNDREADY 0x20 // condition has been compiled // \*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\* class Breakpoint { // Breakpoint type. One of BPT\_... constants attribute type; ``` // Breakpoint size (for hardware breakpoint) attribute size; // Breakpoint condition (string) attribute condition; // Scripting language of the condition string // "IDC" for IDC, "Python" for Python etc. ('name' field of extlang_t) // if empty, default extlang is assumed attribute elang; // Breakpoint flags. Refer to BPTATTR_FLAGS attribute flags; // Breakpoint properties. Refer to BKPT_... constants attribute props; // Breakpoint pass count attribute pass_count; // Attribute location type. Refer to BPLT_... constants. // Readonly attribute. attribute loctype; // Breakpoint path (depending on the loctype) // Readonly attribute. attribute locpath; // Breakpoint address info (depending on the loctype) // Readonly attribute. attribute locinfo; // Set absolute breakpoint success set_abs_bpt(address); // Set symbolic breakpoint success set_sym_bpt(symbol_name, offset); // Set relative breakpoint success set_rel_bpt(path, offset); }; ``` // Set modifiable characteristics of a breakpoint // address - any address in the breakpoint range // bptattr - the attribute code, one of BPTATTR\_... constants. // BPTATTR\_COND is not allowed, see [Bpts](https://docs.hex-rays.com/8.4/developer-guide/idc/idc-api-reference/alphabetical-list-of-idc-functions/1076) // value - the attribute value // Returns: success success set\_bpt\_attr(long ea, number bptattr, long value); // Set breakpoint condition // address - any address in the breakpoint range // cnd - breakpoint condition // is\_lowcnd- 0:regular condition, 1:low level condition // Returns: success success set\_bpt\_cond(long ea, string cnd, long is\_lowcnd=0); // Add a new breakpoint // ea - any address in the process memory space: // size - size of the breakpoint (irrelevant for software breakpoints): // type - type of the breakpoint (one of BPT\_... constants) // Only one breakpoint can exist at a given address. // Returns: success success add\_bpt(long ea, long size=0, long bpttype=BPT\_DEFAULT); // Delete breakpoint // ea - any address in the process memory space: // Returns: success success del\_bpt(long ea); // Enable/disable breakpoint // ea - any address in the process memory space // Disabled breakpoints are not written to the process memory // To check the state of a breakpoint, use check\_bpt() // Returns: success success enable\_bpt(long ea, long enable); // Check a breakpoint // ea - any address in the process memory space // Returns: one of BPTCK\_... constants long check\_bpt(long ea); \#define BPTCK\_NONE -1 // breakpoint does not exist #define BPTCK\_NO 0 // breakpoint is disabled #define BPTCK\_YES 1 // breakpoint is enabled #define BPTCK\_ACT 2 // breakpoint is active (written to the process)