IDA 7.4

IDA 7.4.191011 October 11, 2019

Highlights

Welcome to IDA 7.4! We are happy to announce that the new version of IDA is available!

Python 3 support
As previously announced, IDA 7.4 comes with Python 3 support out of the box. Since the vast majority of existing scripts and plugins were written for Python 2, it is still supported and remains the default. However, you don't have to be stuck with one version: it is possible to switch between Python 2 and Python 3 and even between different versions of Python 3 without reinstalling IDA.
We have prepared a porting guide for switching to Python 3 for anyone who elects to go with Python 3, and might have to do some adjustments to their scripts.
Python 2: 6.95 compatibility APIs OFF by default
IDA 7.4 also turns off 6.95 API compatibility by default. We have written a porting guide for helping with this as well.
New processor modules:
S390(z/Architecture)
Renesas M16C/80, M32C and R32C.
IDA's processor list keeps expanding. Are we missing something that you often deal with? Let us know!
New structure editor
This editor is available in the Local Types window and lets you easily see offsets and sizes of structure members.
Simplified C++ names
C++ symbols can be notoriously long, especially with all the default template parameters expanded. We have added some simple rules to collapse such names back to their simplified form (currently covering most STL containers). You can also add your own rules by editing goodname.cfg.
expanded GDB support
Tricore, 68K, RH850 are now supported via the GDB protocol. This can be useful for debugging code in a simulator like QEMU or TRACE32.
Decompiler improvements
In addition to the constant improvements to the decompiler engine (see comparison) we also keep tweaking the UI based on the customers' feedback. Just a few examples from this release:
- matching parentheses/brackets are now highlighted in the pseudocode and you can quickly jump between them (default hotkey: '%')
- local variable declarations can be collapsed by default
- shifted pointers can be easily created in the "Convert to struct *" dialog
- "Global cross-references" list is available in the pseudocode view for structure members and enums (of course, the results will vary depending on how well your database is populated with types). Results are shown as decompiled code lines unlike standard xrefs which show disassembly. The default hotkey is Shift-X.

Complete changelist

Processor Modules
- + 68K: allow using special labels A5BASE and A4BASE for a5- and a4-relative addressing in any file format, not just Palm PRC
- + ARM: add PLDW A32/T32 instruction
- + ARM: add support for A32 and T32 instructions from ARMv8 Cryptographic Extension
- + ARM: implemented ARMv8 FPU instructions for AArch32 state (floating-point conditional select etc.)
- + ARM: implement ARMv8 SIMD instructions for AArch32
- + ARM: ARMv8.1 AArch32 rdma extension support (VQRDMLAH/VQRDMLSH)
- + ARM: assume that BRK stops execution on iOS
- + ARM: support for new A64 switch variation from iOS 13
- + ARM: support AArch64 ILP32 files (A64 code in ELF32 container)
- + PC: added option that controls recognition of thunk functions
- + PPC: added support for Power ISA Version 3.0 B
- + PPC: support switches that use e_slwi instruction
- + PPC: support switches that use 'lr' register instead of 'ctr' for branching
- + S390: new processor module for the IBM S/390 and z/Architecture processors (only ELF format is supported for now)
- + M16C/80: new processor family from the Renesas M16C series
- + R32C: new processor family from the Renesas M16C series
File Formats
- + ELF: added basic support for MSP430 files (no handling of e_flags, no relocations)
- + PDB: automatically fallback to MSDIA for old MSF 2.0 PDB files (Windows only)
- + Amiga: load hunk files to 0x10000 by default since area around 0 is used by the OS
- + MACHO: mark sections of the __DATA_CONST segment as read-only
Debugger
- + DEBUGGER: added support for Motorola 68K processors
- + DEBUGGER: added support for Renesas RH850 processors
- + DEBUGGER: added support for Tricore processors
- + DEBUGGER: GDB: added support for Lauterbach's TRACE32 simulator
- + DEBUGGER: iOS: added support for iPadOS 13
Kernel/Misc
- + kernel: improved data coagulation
- + kernel: improved function recognition
- + kernel: producing HTML will now put the colors in CSS classes rather than hardcoding them for each element
- + kernel: the function with a tail cannot be a thunk function
- + kernel: use NaN, +Inf or -Inf for floating-point numbers
- + kernel: use regular expressions to beautify the IDA names (e.g. STL template names). See cfg/goodname.cfg for details
- + kernel: added new ABI bit ABI_HUGEARG_ALIGN: use natural type alignment for an argument even if its alignment exceeds double native word size
- + FLAIR: PCF: support more TMS320C55 COFF relocations
- + FLAIR: removed support for parsing omf166 files
- + FLIRT: Added signatures for vc1422, vc1423 (Visual Studio 2019.2, 2019.3)
- + FLIRT: Added MFC signatures for vc1422,vc1423 (Visual Studio 2019.2, 2019.3)
User Interface
- + ui/qt: added "Clone" command to the "Execute script" widget
- + ui/qt: added get_custom_viewer_location() to retrieve locations that are suitable to be used with custom_viewer_jump()
- + ui/qt: added user-contributed 'darcula' theme
- + ui/qt: mouse Ctrl+clicking in the navigation band will cause IDA to add an entry to the navigation history
- + ui/qt: mouse Shift+clicking in the navigation band will cause IDA to select text in the disassembly listing
- + ui/qt: pressing <Alt+Enter> in choosers with addresses will jump to that address in a new disassembly view
- + ui/qt: refactored both the "Edit", and the context menu for setting custom data types and formats
- + ui/qt: the 'Colors' dialog now provides an "Apply" button, making it easier to see the real impact of changes on the application's widgets
- + ui/qt: Local Types editor now shows sizes and offsets of structure and its fields during editing
- + ui: by default do not ask for a confirmation of actions which can be easily reverted by Undo, e.g. ('detach function tail', 'Undefine' and 'Set function end').
- + ui: log "Don't display this message again" messages into the Output Window
Scripts & SDK
- + IDAPython: added support for Python 3.x (default is still 2.7)
- + IDAPython: Python script and plugin samples are now shipped with IDA in "python/examples" subdirectory
- + IDAPython: added an example how to use show_wait_box()/hide_wait_box()
- + IDAPython: exposed place_t::serialize() & place_t::deserialize()
- + IDAPython: the IDA < 7.0 compatibility layer is now turned off by default; please see here for more information
- SDK: added HIF_NOCASE to set_highlight() for programmatically setting a case-insensitive highlight.
Decompilers
- + hexrays: added 'show global xrefs'; it works for struct and enum members
- + hexrays: added support for highlighting matching parentheses pairs
- + hexrays: added shortcut "%" to jump to the matching parenthesis or (curly/square) bracket in the pseudocode window
- + hexrays: added config var COLLAPSE_LVARS to collapse local variables declarations by default
- + hexrays: added support for the "format" attribute when parsing ellipsis args for called functions
- + hexrays: added support for _m_prefetch, _m_prefetchw intrinsics
- + hexrays: added support for the _InterlockedCompareExchange64 intrinsic
- + hexrays: added support for more software floating-point helpers (floatdidf etc.)
- + hexrays: try to automatically convert numbers to symbolic constants in expressions involving enum types
- + hexrays: better removal of the references to __security cookie
- + hexrays: create arrays more agressively using heuristic rules
- + hexrays: now we try to rename the variables that receive the return value of GetProcAddress
- + hexrays: decompiler may automatically create variable mapping in simple cases (e.g. for copies of input arguments)
- + hexrays: sdk: added DECOMP_ALL_BLKS to include unreachable blocks in the microcode
- + hexrays: sdk: added modify_user_lvar_info()
- + hexrays: stop hiding read accesses to fs:0
- + hexrays: user may enter pointer shift delta in "Convert to struct *..." action to prepare the shifted pointer
- + hexrays: x86: int 3/__debugbreak() now only stops execution flow in case it happens in disassembly (controlled by the "Analyze int 3 instructions" processor-specific options)
BUGFIXES
- BUGFIX: 6816: IDA could crash when opening saved IDBs for the 6816 processor (and potentially some others)
- BUGFIX: ARC: function arguments initialized in delay slots were not commented properly
- BUGFIX: ARM64: in some cases invalid instructions could be erroneously decoded as SMOV/UMOV
- BUGFIX: ARM: analysis could loop endlessly if a location could be interpreted as both an offset and an OWORD. This was common in iOS 13.1 kernelcaches.
- BUGFIX: ARM: registers S0-S31 could not be used in __usercall function prototypes
- BUGFIX: EBC: IDA could fail to disassemble some EBC instructions
- BUGFIX: M16C: PUSHC instruction was not changing the stack pointer value as it should
- BUGFIX: MIPS: ABI selection could be set incorrectly on reopening a saved database
- BUGFIX: MIPS: mftr/mttr instructions could be decoded incorrectly
- BUGFIX: MSP430: function flow graphs were wrong because call instructions were not marked as such
- BUGFIX: MSP430: instructions with .rpt prefix could not be decoded
- BUGFIX: MSP430: suba and incda instructions were not handled properly when tracking SP changes
- BUGFIX: PIC16: relative jump/call destination address was being truncated to 16 bits
- BUGFIX: PPC: fixed incorrect value of LR after the VLE call in the regtracker
- BUGFIX: PPC: ida was creating 16-bit stack variables instead of 8-bit stack variables in some cases; the difference in the listings is very minor
- BUGFIX: DWARF: IDA could fail to determine the proper type for some prototypes arguments
- BUGFIX: DWARF: IDA could INTERR with code 30304 with certain types of constructs in the debug information
- BUGFIX: PDB: IDA could crash when parsing a debug entry with size 0
- BUGFIX: PE: IDA could complain about "invalid unwind data" in valid files (such as Windows kernel)
- BUGFIX: SWIFT: IDA would fail to demangle names with "j_" prefixes and "_N" suffixes
- BUGFIX: DBG: gdb: check for network error when setting the resume mode
- BUGFIX: DBG: ios,xnu debuggers used incorrect flag names for arm64 CPSR register
- BUGFIX: DBG: linux_server could crash (nullptr dereference) because of a malicious client
- BUGFIX: DBG: linux_server would crash if a malicious copy of ida would send 'close_file' request on an unopened channel
- BUGFIX: DBG: malicious copy of ida could crash the debugger server
- BUGFIX: DBG: password protected debug server could crash if a malicious copy of IDA was sending a packet without a password
- BUGFIX: kernel: IDA (32-bit) could hang when analyzing data close to the maximum address (0xFFFFFFFF)
- BUGFIX: kernel: IDA could generate too many empty lines for an unnamed entry in a special segment
- BUGFIX: kernel: IDA could truncate Delphi strings representation
- BUGFIX: kernel: now we delete info about patched bytes when segment bounds were changed and addresses disabled
- BUGFIX: kernel: on an updgrade from a pre-7.0 database, Unicode strings in structures would be converted incorrectly
- BUGFIX: kernel: saving more than 65535 segment selectors was impossible
- BUGFIX: idat: cursor was positioned wrongly on a chooser line when using fast search
- BUGFIX: idat: disassembly listing was not refreshed after changing the listing options
- BUGFIX: idat: ida was truncating the beginning of all too long names in choosers, but this logic should be applied only to file paths
- BUFGIX: UI: "Switch debugger" dialog would not show up if only one debugger was available for current database (in fact it can be also used to set "No debugger" as the default)
- BUGFIX: UI: the Functions window could reload unnecessarily when dealing with collapsed functions
- BUGFIX: ui/qt: "hints" background color, and "highlight" color were not converted from IDA 7.2's registry to IDA 7.3 CSS
- BUGFIX: ui/qt: chooser actions would not be updated when context menu was invoked
- BUGFIX: ui/qt: depending on where the cursor was placed on a line, switching to the graph view could cause an animation to be triggered, even when not justified
- BUGFIX: ui/qt: double-clicking on an entry in "Local types" to synchronize it with the IDB, was not undo-able
- BUGFIX: ui/qt: dragging around a widget that was previously in a splitter could crash IDA
- BUGFIX: ui/qt: file dialogs were broken for ida64.app on macOS 10.15
- BUGFIX: ui/qt: IDA could crash when "IDA View-A" and "Pseudocode-A" were synchronized
- BUGFIX: ui/qt: IDA could crash when switching desktops
- BUGFIX: ui/qt: IDA could sometimes hang upon "Desktop reset"
- BUGFIX: ui/qt: in the "Output window" Ctrl+Left/Right was not navigating through words as it should have
- BUGFIX: ui/qt: initial autoanalysis could take significantly longer than in previous versions of IDA, for the same file
- BUGFIX: ui/qt: on OSX IDA could crash if very fast drag & drop operations were performed on tabbed widgets
- BUGFIX: ui/qt: snippets view: we have to save the current script before running it, otherwise undo will destroy it
- BUGFIX: ui/qt: The color buttons could be missing a 'reset' companion button once a color was set
- BUGFIX: ui/qt: The "Load file" dialog could be misplaced, especially when opening a new file in an existing IDA instance.
- BUGFIX: ui/qt: the "Output window" could jump to the wrong place when navigating to the end, or when selecting (and with long lines, the problem was even more visible)
- BUGFIX: ui/qt: the "Output window" could jump when selection was going beyond bounds
- BUGFIX: ui/qt: the "Output window" would always come up visible after restoring a desktop where it was not visible
- BUGFIX: ui/qt: the dark theme would cause regular tabular views to hide their vertical header (on the left)
- BUGFIX: ui/qt: undoing an action would erroneously reset the navbar zoom level
- BUGFIX: ui/qt: when creating choosers, IDA could ignore some columns properties in case the chooser was modified earlier and the database was saved
- BUGFIX: ui/qt: when creating modal choosers, IDA could miscompute the best size, and make a horizontal scrollbar visible even when not needed
- BUGFIX: ui/qt: when docking widgets around, it could happen that some widget end up unexpectedly scrolled to the right
- BUGFIX: ui/qt: when selecting with the mouse in the "Output window", the cursor wouldn't scroll the view if the selection was going out of the viewport
- BUGFIX: ui/qt: IDA would unnecessarily ask for Accessibility permissions on OSX 10.14 Mojave
- BUGFIX: ui: after returning a borrowed license, IDA would complain about a failure to connect to the license server; change behavior so that IDA exits immediately after returning the license (since it doesn't have a license anymore)
- BUGFIX: ui: clicking "OK" instead of using Enter when trying to detach a function chunk with multiple parents would not work
- BUGFIX: ui: signed enums members were printed as unsigned numbers in the Enums window
- BUGFIX: IDAPython: in custom graphs, it was impossible to reset the selection
- BUGFIX: IDAPython: do not trigger the "Running Python script" wait dialog when the script itself has already called show_wait_box()
- BUGFIX: IDAPython: GraphViewer.SetNodeInfos could trigger errors if the 'node_info_t.ea' field was not set
- BUGFIX: IDAPython: keeping references of the type field of udt_member_t could crash IDA
- BUGFIX: IDAPython: mbl_array_t.deserialize() was unusable
- BUGFIX: IDAPython: some return types in the SWiG-generated docstrings were wrong
- BUGFIX: IDAPython: using argloc_t::consume_scattered() could crash IDA
- BUGFIX: IDAPython: when some attributes were missing from a ida_kernwin.Choose instance, the Show() method could return -1 without indicating what the error was
- BUGFIX: IDC: idc.idc had wrong definitions of dt_ldbl, dt_byte32, dt_byte64
- BUGFIX: hexrays: an explicitly unsynchronized "Pseudocode" view, could re-synchronize itself with a "IDA View-A" the next time <Tab> was pressed (if PSEUDOCODE_SYNCED was set to YES)
- BUGFIX: hexrays: arm: fixed incorrect decompilation of CDP, CDP2 instructions (CRd was erroneously represented as Rd in the intrinsic function call)
- BUGFIX: hexrays: arm64: fixed incorrect translation of instruction CSINV
- BUGFIX: hexrays: decompiler could crash when browsing the pseudocode
- BUGFIX: hexrays: decompiler could erroneously convert into _cdecl functions with scattered register arguments
- BUGFIX: hexrays: fixed a division by zero
- BUGFIX: hexrays: fixed interr 50194 (happened when a shifted pointer is a member of a structure)
- BUGFIX: hexrays: fixed mbl_array_t serialization bugs
- BUGFIX: hexrays: fixed the value of the 'ea' field of some cexpr_t objects
- BUGFIX: hexrays: hxe_curpos was generated too early, and 'vdui_t::cpos' could hold outdated information
- BUGFIX: hexrays: in some cases inlined 'strcpy' could be incorrectly combined on Big Endian platforms
- BUGFIX: hexrays: in some cases the switch value was miscalculated
- BUGFIX: hexrays: leave 64-bit negated constant as is, output it as unsigned
- BUGFIX: hexrays: some undefined variables were not marked as such
- BUGFIX: hexrays: when using Hexrays_Hooks, returning code 2 from 'create_hint' (to instruct the decompiler to append its own hints) would fail to display any hint at all in case the decompiler didn't add its own
- BUGFIX: hexrays: some push/pop sequences could be wrongly optimized away

Last updated 1 month ago

Highlights

Welcome to IDA 7.4! We are happy to announce that the new version of IDA is available!

Python 3 support

As previously announced, IDA 7.4 comes with Python 3 support out of the box. Since the vast majority of existing scripts and plugins were written for Python 2, it is still supported and remains the default. However, you don't have to be stuck with one version: it is possible to switch between Python 2 and Python 3 and even between different versions of Python 3 without reinstalling IDA.

We have prepared a porting guide for switching to Python 3 for anyone who elects to go with Python 3, and might have to do some adjustments to their scripts.

Python 2: 6.95 compatibility APIs OFF by default

IDA 7.4 also turns off 6.95 API compatibility by default. We have written a porting guide for helping with this as well.

New processor modules:

S390(z/Architecture)

Renesas M16C/80, M32C and R32C.

IDA's processor list keeps expanding. Are we missing something that you often deal with? Let us know!

New structure editor

This editor is available in the Local Types window and lets you easily see offsets and sizes of structure members.

Simplified C++ names

C++ symbols can be notoriously long, especially with all the default template parameters expanded. We have added some simple rules to collapse such names back to their simplified form (currently covering most STL containers). You can also add your own rules by editing goodname.cfg.

expanded GDB support

Tricore, 68K, RH850 are now supported via the GDB protocol. This can be useful for debugging code in a simulator like QEMU or TRACE32.

Decompiler improvements

In addition to the constant improvements to the decompiler engine (see comparison) we also keep tweaking the UI based on the customers' feedback. Just a few examples from this release:

matching parentheses/brackets are now highlighted in the pseudocode and you can quickly jump between them (default hotkey: '%')
local variable declarations can be collapsed by default
shifted pointers can be easily created in the "Convert to struct *" dialog
"Global cross-references" list is available in the pseudocode view for structure members and enums (of course, the results will vary depending on how well your database is populated with types). Results are shown as decompiled code lines unlike standard xrefs which show disassembly. The default hotkey is Shift-X.

Complete changelist

Processor Modules

+ 68K: allow using special labels A5BASE and A4BASE for a5- and a4-relative addressing in any file format, not just Palm PRC
+ ARM: add PLDW A32/T32 instruction
+ ARM: add support for A32 and T32 instructions from ARMv8 Cryptographic Extension
+ ARM: implemented ARMv8 FPU instructions for AArch32 state (floating-point conditional select etc.)
+ ARM: implement ARMv8 SIMD instructions for AArch32
+ ARM: ARMv8.1 AArch32 rdma extension support (VQRDMLAH/VQRDMLSH)
+ ARM: assume that BRK stops execution on iOS
+ ARM: support for new A64 switch variation from iOS 13
+ ARM: support AArch64 ILP32 files (A64 code in ELF32 container)
+ PC: added option that controls recognition of thunk functions
+ PPC: added support for Power ISA Version 3.0 B
+ PPC: support switches that use e_slwi instruction
+ PPC: support switches that use 'lr' register instead of 'ctr' for branching
+ S390: new processor module for the IBM S/390 and z/Architecture processors (only ELF format is supported for now)
+ M16C/80: new processor family from the Renesas M16C series
+ R32C: new processor family from the Renesas M16C series

File Formats

+ ELF: added basic support for MSP430 files (no handling of e_flags, no relocations)
+ PDB: automatically fallback to MSDIA for old MSF 2.0 PDB files (Windows only)
+ Amiga: load hunk files to 0x10000 by default since area around 0 is used by the OS
+ MACHO: mark sections of the __DATA_CONST segment as read-only

Debugger

+ DEBUGGER: added support for Motorola 68K processors
+ DEBUGGER: added support for Renesas RH850 processors
+ DEBUGGER: added support for Tricore processors
+ DEBUGGER: GDB: added support for Lauterbach's TRACE32 simulator
+ DEBUGGER: iOS: added support for iPadOS 13

Kernel/Misc

+ kernel: improved data coagulation
+ kernel: improved function recognition
+ kernel: producing HTML will now put the colors in CSS classes rather than hardcoding them for each element
+ kernel: the function with a tail cannot be a thunk function
+ kernel: use NaN, +Inf or -Inf for floating-point numbers
+ kernel: use regular expressions to beautify the IDA names (e.g. STL template names). See cfg/goodname.cfg for details
+ kernel: added new ABI bit ABI_HUGEARG_ALIGN: use natural type alignment for an argument even if its alignment exceeds double native word size
+ FLAIR: PCF: support more TMS320C55 COFF relocations
+ FLAIR: removed support for parsing omf166 files
+ FLIRT: Added signatures for vc1422, vc1423 (Visual Studio 2019.2, 2019.3)
+ FLIRT: Added MFC signatures for vc1422,vc1423 (Visual Studio 2019.2, 2019.3)

User Interface

+ ui/qt: added "Clone" command to the "Execute script" widget
+ ui/qt: added get_custom_viewer_location() to retrieve locations that are suitable to be used with custom_viewer_jump()
+ ui/qt: added user-contributed 'darcula' theme
+ ui/qt: mouse Ctrl+clicking in the navigation band will cause IDA to add an entry to the navigation history
+ ui/qt: mouse Shift+clicking in the navigation band will cause IDA to select text in the disassembly listing
+ ui/qt: pressing <Alt+Enter> in choosers with addresses will jump to that address in a new disassembly view
+ ui/qt: refactored both the "Edit", and the context menu for setting custom data types and formats
+ ui/qt: the 'Colors' dialog now provides an "Apply" button, making it easier to see the real impact of changes on the application's widgets
+ ui/qt: Local Types editor now shows sizes and offsets of structure and its fields during editing
+ ui: by default do not ask for a confirmation of actions which can be easily reverted by Undo, e.g. ('detach function tail', 'Undefine' and 'Set function end').
+ ui: log "Don't display this message again" messages into the Output Window

Scripts & SDK

+ IDAPython: added support for Python 3.x (default is still 2.7)
+ IDAPython: Python script and plugin samples are now shipped with IDA in "python/examples" subdirectory
+ IDAPython: added an example how to use show_wait_box()/hide_wait_box()
+ IDAPython: exposed place_t::serialize() & place_t::deserialize()
+ IDAPython: the IDA < 7.0 compatibility layer is now turned off by default; please see here for more information
SDK: added HIF_NOCASE to set_highlight() for programmatically setting a case-insensitive highlight.

Decompilers

+ hexrays: added 'show global xrefs'; it works for struct and enum members
+ hexrays: added support for highlighting matching parentheses pairs
+ hexrays: added shortcut "%" to jump to the matching parenthesis or (curly/square) bracket in the pseudocode window
+ hexrays: added config var COLLAPSE_LVARS to collapse local variables declarations by default
+ hexrays: added support for the "format" attribute when parsing ellipsis args for called functions
+ hexrays: added support for _m_prefetch, _m_prefetchw intrinsics
+ hexrays: added support for the _InterlockedCompareExchange64 intrinsic
+ hexrays: added support for more software floating-point helpers (floatdidf etc.)
+ hexrays: try to automatically convert numbers to symbolic constants in expressions involving enum types
+ hexrays: better removal of the references to __security cookie
+ hexrays: create arrays more agressively using heuristic rules
+ hexrays: now we try to rename the variables that receive the return value of GetProcAddress
+ hexrays: decompiler may automatically create variable mapping in simple cases (e.g. for copies of input arguments)
+ hexrays: sdk: added DECOMP_ALL_BLKS to include unreachable blocks in the microcode
+ hexrays: sdk: added modify_user_lvar_info()
+ hexrays: stop hiding read accesses to fs:0
+ hexrays: user may enter pointer shift delta in "Convert to struct *..." action to prepare the shifted pointer
+ hexrays: x86: int 3/__debugbreak() now only stops execution flow in case it happens in disassembly (controlled by the "Analyze int 3 instructions" processor-specific options)

BUGFIXES

BUGFIX: 6816: IDA could crash when opening saved IDBs for the 6816 processor (and potentially some others)
BUGFIX: ARC: function arguments initialized in delay slots were not commented properly
BUGFIX: ARM64: in some cases invalid instructions could be erroneously decoded as SMOV/UMOV
BUGFIX: ARM: analysis could loop endlessly if a location could be interpreted as both an offset and an OWORD. This was common in iOS 13.1 kernelcaches.
BUGFIX: ARM: registers S0-S31 could not be used in __usercall function prototypes
BUGFIX: EBC: IDA could fail to disassemble some EBC instructions
BUGFIX: M16C: PUSHC instruction was not changing the stack pointer value as it should
BUGFIX: MIPS: ABI selection could be set incorrectly on reopening a saved database
BUGFIX: MIPS: mftr/mttr instructions could be decoded incorrectly
BUGFIX: MSP430: function flow graphs were wrong because call instructions were not marked as such
BUGFIX: MSP430: instructions with .rpt prefix could not be decoded
BUGFIX: MSP430: suba and incda instructions were not handled properly when tracking SP changes
BUGFIX: PIC16: relative jump/call destination address was being truncated to 16 bits
BUGFIX: PPC: fixed incorrect value of LR after the VLE call in the regtracker
BUGFIX: PPC: ida was creating 16-bit stack variables instead of 8-bit stack variables in some cases; the difference in the listings is very minor
BUGFIX: DWARF: IDA could fail to determine the proper type for some prototypes arguments
BUGFIX: DWARF: IDA could INTERR with code 30304 with certain types of constructs in the debug information
BUGFIX: PDB: IDA could crash when parsing a debug entry with size 0
BUGFIX: PE: IDA could complain about "invalid unwind data" in valid files (such as Windows kernel)
BUGFIX: SWIFT: IDA would fail to demangle names with "j_" prefixes and "_N" suffixes
BUGFIX: DBG: gdb: check for network error when setting the resume mode
BUGFIX: DBG: ios,xnu debuggers used incorrect flag names for arm64 CPSR register
BUGFIX: DBG: linux_server could crash (nullptr dereference) because of a malicious client
BUGFIX: DBG: linux_server would crash if a malicious copy of ida would send 'close_file' request on an unopened channel
BUGFIX: DBG: malicious copy of ida could crash the debugger server
BUGFIX: DBG: password protected debug server could crash if a malicious copy of IDA was sending a packet without a password
BUGFIX: kernel: IDA (32-bit) could hang when analyzing data close to the maximum address (0xFFFFFFFF)
BUGFIX: kernel: IDA could generate too many empty lines for an unnamed entry in a special segment
BUGFIX: kernel: IDA could truncate Delphi strings representation
BUGFIX: kernel: now we delete info about patched bytes when segment bounds were changed and addresses disabled
BUGFIX: kernel: on an updgrade from a pre-7.0 database, Unicode strings in structures would be converted incorrectly
BUGFIX: kernel: saving more than 65535 segment selectors was impossible
BUGFIX: idat: cursor was positioned wrongly on a chooser line when using fast search
BUGFIX: idat: disassembly listing was not refreshed after changing the listing options
BUGFIX: idat: ida was truncating the beginning of all too long names in choosers, but this logic should be applied only to file paths
BUFGIX: UI: "Switch debugger" dialog would not show up if only one debugger was available for current database (in fact it can be also used to set "No debugger" as the default)
BUGFIX: UI: the Functions window could reload unnecessarily when dealing with collapsed functions
BUGFIX: ui/qt: "hints" background color, and "highlight" color were not converted from IDA 7.2's registry to IDA 7.3 CSS
BUGFIX: ui/qt: chooser actions would not be updated when context menu was invoked
BUGFIX: ui/qt: depending on where the cursor was placed on a line, switching to the graph view could cause an animation to be triggered, even when not justified
BUGFIX: ui/qt: double-clicking on an entry in "Local types" to synchronize it with the IDB, was not undo-able
BUGFIX: ui/qt: dragging around a widget that was previously in a splitter could crash IDA
BUGFIX: ui/qt: file dialogs were broken for ida64.app on macOS 10.15
BUGFIX: ui/qt: IDA could crash when "IDA View-A" and "Pseudocode-A" were synchronized
BUGFIX: ui/qt: IDA could crash when switching desktops
BUGFIX: ui/qt: IDA could sometimes hang upon "Desktop reset"
BUGFIX: ui/qt: in the "Output window" Ctrl+Left/Right was not navigating through words as it should have
BUGFIX: ui/qt: initial autoanalysis could take significantly longer than in previous versions of IDA, for the same file
BUGFIX: ui/qt: on OSX IDA could crash if very fast drag & drop operations were performed on tabbed widgets
BUGFIX: ui/qt: snippets view: we have to save the current script before running it, otherwise undo will destroy it
BUGFIX: ui/qt: The color buttons could be missing a 'reset' companion button once a color was set
BUGFIX: ui/qt: The "Load file" dialog could be misplaced, especially when opening a new file in an existing IDA instance.
BUGFIX: ui/qt: the "Output window" could jump to the wrong place when navigating to the end, or when selecting (and with long lines, the problem was even more visible)
BUGFIX: ui/qt: the "Output window" could jump when selection was going beyond bounds
BUGFIX: ui/qt: the "Output window" would always come up visible after restoring a desktop where it was not visible
BUGFIX: ui/qt: the dark theme would cause regular tabular views to hide their vertical header (on the left)
BUGFIX: ui/qt: undoing an action would erroneously reset the navbar zoom level
BUGFIX: ui/qt: when creating choosers, IDA could ignore some columns properties in case the chooser was modified earlier and the database was saved
BUGFIX: ui/qt: when creating modal choosers, IDA could miscompute the best size, and make a horizontal scrollbar visible even when not needed
BUGFIX: ui/qt: when docking widgets around, it could happen that some widget end up unexpectedly scrolled to the right
BUGFIX: ui/qt: when selecting with the mouse in the "Output window", the cursor wouldn't scroll the view if the selection was going out of the viewport
BUGFIX: ui/qt: IDA would unnecessarily ask for Accessibility permissions on OSX 10.14 Mojave
BUGFIX: ui: after returning a borrowed license, IDA would complain about a failure to connect to the license server; change behavior so that IDA exits immediately after returning the license (since it doesn't have a license anymore)
BUGFIX: ui: clicking "OK" instead of using Enter when trying to detach a function chunk with multiple parents would not work
BUGFIX: ui: signed enums members were printed as unsigned numbers in the Enums window
BUGFIX: IDAPython: in custom graphs, it was impossible to reset the selection
BUGFIX: IDAPython: do not trigger the "Running Python script" wait dialog when the script itself has already called show_wait_box()
BUGFIX: IDAPython: GraphViewer.SetNodeInfos could trigger errors if the 'node_info_t.ea' field was not set
BUGFIX: IDAPython: keeping references of the type field of udt_member_t could crash IDA
BUGFIX: IDAPython: mbl_array_t.deserialize() was unusable
BUGFIX: IDAPython: some return types in the SWiG-generated docstrings were wrong
BUGFIX: IDAPython: using argloc_t::consume_scattered() could crash IDA
BUGFIX: IDAPython: when some attributes were missing from a ida_kernwin.Choose instance, the Show() method could return -1 without indicating what the error was
BUGFIX: IDC: idc.idc had wrong definitions of dt_ldbl, dt_byte32, dt_byte64
BUGFIX: hexrays: an explicitly unsynchronized "Pseudocode" view, could re-synchronize itself with a "IDA View-A" the next time <Tab> was pressed (if PSEUDOCODE_SYNCED was set to YES)
BUGFIX: hexrays: arm: fixed incorrect decompilation of CDP, CDP2 instructions (CRd was erroneously represented as Rd in the intrinsic function call)
BUGFIX: hexrays: arm64: fixed incorrect translation of instruction CSINV
BUGFIX: hexrays: decompiler could crash when browsing the pseudocode
BUGFIX: hexrays: decompiler could erroneously convert into _cdecl functions with scattered register arguments
BUGFIX: hexrays: fixed a division by zero
BUGFIX: hexrays: fixed interr 50194 (happened when a shifted pointer is a member of a structure)
BUGFIX: hexrays: fixed mbl_array_t serialization bugs
BUGFIX: hexrays: fixed the value of the 'ea' field of some cexpr_t objects
BUGFIX: hexrays: hxe_curpos was generated too early, and 'vdui_t::cpos' could hold outdated information
BUGFIX: hexrays: in some cases inlined 'strcpy' could be incorrectly combined on Big Endian platforms
BUGFIX: hexrays: in some cases the switch value was miscalculated
BUGFIX: hexrays: leave 64-bit negated constant as is, output it as unsigned
BUGFIX: hexrays: some undefined variables were not marked as such
BUGFIX: hexrays: when using Hexrays_Hooks, returning code 2 from 'create_hint' (to instruct the decompiler to append its own hints) would fail to display any hint at all in case the decompiler didn't add its own
BUGFIX: hexrays: some push/pop sequences could be wrongly optimized away