Module ida_dbg

add_bpt(bpt) -> bool

Add a new breakpoint in the debugged process. \sq{Type, Synchronous function - available as request, Notification, none (synchronous function)}Only one breakpoint can exist at a given address.

Parameters:

• ea - any address in the process memory space. Depending on the architecture, hardware breakpoints always be setup at random address. For example, on x86, hardware breakpoints should be aligned depending on their size. Moreover, on the x86 architecture, it is impossible to setup more than 4 hardware breakpoints. (C++: ea_t)
• size - size of the breakpoint (irrelevant for software breakpoints): As for the address, hardware breakpoints can't always be setup with random size. (C++: asize_t)
• type - type of the breakpoint ( BPT_SOFT for software breakpoint) special case BPT_DEFAULT ( BPT_SOFT | BPT_EXEC ): try to add instruction breakpoint of the appropriate type as follows: software bpt if supported, hwbpt otherwise (C++: bpttype_t)

Returns: bool

Attach the debugger to a running process. \sq{Type, Asynchronous function - available as Request, Notification, 'dbg_process_attach' }This function shouldn't be called as a request if 'NO_PROCESS' is used.

Parameters:

• pid - PID of the process to attach to. If NO_PROCESS , a dialog box will interactively ask the user for the process to attach to. (C++: pid_t)
• event_id, (C++ - int)

Returns: int

Check the breakpoint at the specified address.

Parameters:

• ea, (C++ - ea_t)

Returns: int

one of Breakpoint status codes

Clear the queue of waiting requests. \sq{Type, Synchronous function, Notification, none (synchronous function)}If a request is currently running, this one isn't stopped.

Clear all events in the trace buffer. \sq{Type, Synchronous function - available as request, Notification, none (synchronous function)}

Continue the execution of the process in the debugger. \sq{Type, Synchronous function - available as Request, Notification, none (synchronous function)}The 'continue_process()' function can be called from a notification handler to force the continuation of the process. In this case the request queue will not be examined, IDA will simply resume execution. Usually it makes sense to call 'request_continue_process()' followed by 'run_requests()' , so that IDA will first start a queued request (if any) and then resume the application.

Returns: bool

Create a source code view.

Parameters:

• out_ccv, (C++ - TWidget **)
• parent, (C++ - TWidget *)
• custview, (C++ - TWidget *)
• sf, (C++ - source_file_ptr)
• lines, (C++ - strvec_t *)
• lnnum, (C++ - int)
• colnum, (C++ - int)
• flags, (C++ - int)

Returns: source_view_t *

Add a new breakpoint trace element to the current trace. \sq{Type, Synchronous function, Notification, none (synchronous function)}

Parameters:

• tid, (C++ - thid_t)
• ea, (C++ - ea_t)
• bp, (C++ - ea_t)

Returns: bool

false if the operation failed, true otherwise

Add a new call trace element to the current trace. \sq{Type, Synchronous function, Notification, none (synchronous function)}

Parameters:

• tid, (C++ - thid_t)
• caller, (C++ - ea_t)
• callee, (C++ - ea_t)

Add a new debug event to the current trace. \sq{Type, Synchronous function, Notification, none (synchronous function)}

Parameters:

• event, (C++ - debug_event_t *)

Add a new instruction trace element to the current trace. \sq{Type, Synchronous function, Notification, none (synchronous function)}

Parameters:

• tid, (C++ - thid_t)
• ea, (C++ - ea_t)
• save, (C++ - save_reg_values_t)

Returns: bool

false if the operation failed, true otherwise

Add many new trace elements to the current trace. \sq{Type, Synchronous function, Notification, none (synchronous function)}

Parameters:

• new_tevs, (C++ - tevinforeg_vec_t *)

Returns: bool

false if the operation failed for any tev_info_t object

Add a new return trace element to the current trace. \sq{Type, Synchronous function, Notification, none (synchronous function)}

Parameters:

• tid, (C++ - thid_t)
• ret_insn, (C++ - ea_t)
• return_to, (C++ - ea_t)

Add a new trace element to the current trace. \sq{Type, Synchronous function, Notification, none (synchronous function)}

Parameters:

• type, (C++ - tev_type_t)
• tid, (C++ - thid_t)
• address, (C++ - ea_t)

Add a thread to the current trace. \sq{Type, Synchronous function, Notification, none (synchronous function)}

Parameters:

• tid, (C++ - thid_t)

This function can be used to check if the debugger can be queried:

• debugger is loaded
• process is suspended
• process is not suspended but can take requests. In this case some requests like memory read/write, bpt management succeed and register querying will fail. Check if idaapi.get_process_state() < 0 to tell if the process is suspended

Returns: bool

Boolean

Delete a thread from the current trace. \sq{Type, Synchronous function, Notification, none (synchronous function)}

Parameters:

• tid, (C++ - thid_t)

Checks if a debugger is loaded

Returns: bool

Boolean

Convenience function: define new exception code.

Parameters:

• code - exception code (cannot be 0) (C++: uint)
• name - exception name (cannot be empty or NULL) (C++: const char *)
• desc - exception description (maybe NULL) (C++: const char *)
• flags - combination of Exception info flags (C++: int)

Returns: char const *

failure message or NULL. You must call store_exceptions() if this function succeeds

del_bpt(bptloc) -> bool

Delete an existing breakpoint in the debugged process. \sq{Type, Synchronous function - available as request, Notification, none (synchronous function)}

Parameters:

• ea - any address in the breakpoint range (C++: ea_t)

Returns: bool

Detach the debugger from the debugged process. \sq{Type, Asynchronous function - available as Request, Notification, 'dbg_process_detach' }

Returns: bool

Does a breakpoint exist at the given location?

Parameters:

• ea, (C++ - ea_t)

Returns: bool

Terminate the debugging of the current process. \sq{Type, Asynchronous function - available as Request, Notification, 'dbg_process_exit' }

Returns: bool

Find a breakpoint by location. \sq{Type, Synchronous function - available as request, Notification, none (synchronous function)}

Parameters:

• bptloc - Breakpoint location (C++: const bpt_location_t &)
• bpt - bpt is filled if the breakpoint was found (C++: bpt_t *)

Returns: bool

Get current basic block tracing options. Also see 'BT_LOG_INSTS' \sq{Type, Synchronous function, Notification, none (synchronous function)}

Returns: int

Get the characteristics of a breakpoint. \sq{Type, Synchronous function, Notification, none (synchronous function)}

Parameters:

• ea - any address in the breakpoint range (C++: ea_t)
• bpt - if not NULL, is filled with the characteristics. (C++: bpt_t *)

Returns: bool

false if no breakpoint exists

Get number of breakpoints. \sq{Type, Synchronous function, Notification, none (synchronous function)}

Returns: int

Get the address associated to a read, read/write or execution trace event. \sq{Type, Synchronous function, Notification, none (synchronous function)}Usually, a breakpoint is associated with a read, read/write or execution trace event. However, the returned address could be any address in the range of this breakpoint. If the breakpoint was deleted after the trace event, the address no longer corresponds to a valid breakpoint.

Parameters:

• n - number of trace event, is in range 0.. get_bpt_qty() -1. 0 represents the latest added trace event. (C++: int)

Returns: ea_t

BADADDR if not a read, read/write or execution trace event.

Helper function for 'bpt_location_t' .

Parameters:

• i, (C++ - int)

Returns: char const *

Get the called function from a function call trace event. \sq{Type, Synchronous function, Notification, none (synchronous function)}

Parameters:

• n - number of trace event, is in range 0.. get_bpt_qty() -1. 0 represents the latest added trace event. (C++: int)

Returns: ea_t

BADADDR if not a function call event.

Get current thread ID. \sq{Type, Synchronous function, Notification, none (synchronous function)}

Returns: thid_t

Get one byte of the debugged process memory.

Parameters:

• x - pointer to byte value (C++: uint32 *)
• ea - linear address (C++: ea_t)

Returns: bool

true success

Get register information \sq{Type, Synchronous function, Notification, none (synchronous function)}

Parameters:

• regname, (C++ - const char *)
• ri, (C++ - register_info_t *)

Returns: bool

Get current function tracing options. Also see 'FT_LOG_RET' \sq{Type, Synchronous function, Notification, none (synchronous function)}

Returns: int

Read the memory pointed by register values from an instruction trace event. \sq{Type, Synchronous function, Notification, none (synchronous function)}

Parameters:

• n - number of trace event, is in range 0.. get_bpt_qty() -1. 0 represents the latest added trace event. (C++: int)
• memmap - result (C++: memreg_infos_t *)

Returns: bool

false if not an instruction event or no memory is available

Read the resulting register value from an instruction trace event. \sq{Type, Synchronous function, Notification, none (synchronous function)}

Parameters:

• n - number of trace event, is in range 0.. get_bpt_qty() -1. 0 represents the latest added trace event. (C++: int)
• regname - name of desired register (C++: const char *)
• regval - result (C++: regval_t *)

Returns: bool

false if not an instruction trace event or register wasn't modified.

Read a register value from an instruction trace event. \sq{Type, Synchronous function, Notification, none (synchronous function)}This is the value of the register before the execution of the instruction.

Parameters:

• n - number of trace event, is in range 0.. get_bpt_qty() -1. 0 represents the latest added trace event. (C++: int)
• regname - name of desired register (C++: const char *)
• regval - result (C++: regval_t *)

Returns: bool

false if not an instruction event.

Get current instruction tracing options. Also see 'IT_LOG_SAME_IP' \sq{Type, Synchronous function, Notification, none (synchronous function)}

Returns: int

Get value of the IP (program counter) register for the current thread. Requires a suspended debugger.

Returns: bool

get_manual_regions() -> PyObject *

Returns the manual memory regions

Returns:

list(start_ea, end_ea, name, sclass, sbase, bitness, perm)

Get process options. Any of the arguments may be NULL

Parameters:

• path, (C++ - qstring *)
• args, (C++ - qstring *)
• sdir, (C++ - qstring *)
• host, (C++ - qstring *)
• port, (C++ - int *)

Return the state of the currently debugged process. \sq{Type, Synchronous function, Notification, none (synchronous function)}

Returns: int

one of Debugged process states

Take a snapshot of running processes and return their description. \sq{Type, Synchronous function, Notification, none (synchronous function)}

Parameters:

• proclist, (C++ - procinfo_vec_t *)

Returns: ssize_t

number of processes or -1 on error

get_reg_val(regname, ival) -> bool get_reg_val(regname) -> PyObject *

Read a register value from the current thread. \sq{Type, Synchronous function, Notification, none (synchronous function)}

Parameters:

• regname, (C++ - const char *)
• regval, (C++ - regval_t *)

Returns: bool

Get the return address from a function return trace event. \sq{Type, Synchronous function, Notification, none (synchronous function)}

Parameters:

• n - number of trace event, is in range 0.. get_bpt_qty() -1. 0 represents the latest added trace event. (C++: int)

Returns: ea_t

BADADDR if not a function return event.

Get the notification associated (if any) with the current running request. \sq{Type, Synchronous function, Notification, none (synchronous function)}

Returns: dbg_notification_t

dbg_null if no running request

Get the current running request. \sq{Type, Synchronous function, Notification, none (synchronous function)}

Returns: ui_notification_t

ui_null if no running request

Get value of the SP register for the current thread. Requires a suspended debugger.

Returns: bool

Get current step tracing options. \sq{Type, Synchronous function, Notification, none (synchronous function)}

Returns: int

Step trace options

Get the corresponding debug event, if any, for the specified tev object. \sq{Type, Synchronous function, Notification, none (synchronous function)}

Parameters:

• n - number of trace event, is in range 0.. get_bpt_qty() -1. 0 represents the latest added trace event. (C++: int)
• d - result (C++: debug_event_t *)

Returns: bool

false if the tev_t object doesn't have any associated debug event, true otherwise, with the debug event in "d".

Get main information about a trace event. \sq{Type, Synchronous function, Notification, none (synchronous function)}

Parameters:

• n - number of trace event, is in range 0.. get_bpt_qty() -1. 0 represents the latest added trace event. (C++: int)
• tev_info - result (C++: tev_info_t *)

Returns: bool

success

Get the memory layout, if any, for the specified tev object. \sq{Type, Synchronous function, Notification, none (synchronous function)}

Parameters:

• n - number of trace event, is in range 0.. get_bpt_qty() -1. 0 represents the latest added trace event. (C++: int)
• mi - result (C++: meminfo_vec_t *)

Returns: bool

false if the tev_t object is not of type tev_mem , true otherwise, with the new memory layout in "mi".

Get number of trace events available in trace buffer. \sq{Type, Synchronous function, Notification, none (synchronous function)}

Returns: int

Get number of threads. \sq{Type, Synchronous function, Notification, none (synchronous function)}

Returns: int

Get the base address of the current trace. \sq{Type, Synchronous function, Notification, none (synchronous function)}

Returns: ea_t

the base address of the currently loaded trace

Get the file header of the specified trace file.

Parameters:

• filename, (C++ - const char *)

Returns: str

Get the characteristics of a breakpoint. \sq{Type, Synchronous function, Notification, none (synchronous function)}

Parameters:

• n - number of breakpoint, is in range 0.. get_bpt_qty() -1 (C++: int)
• bpt - filled with the characteristics. (C++: bpt_t *)

Returns: bool

false if no breakpoint exists

Get the ID of a thread. \sq{Type, Synchronous function, Notification, none (synchronous function)}

Parameters:

• n - number of thread, is in range 0.. get_thread_qty() -1 (C++: int)

Returns: thid_t

NO_THREAD if the thread doesn't exist.

Get the NAME of a thread \sq{Type, Synchronous function, Notification, none (synchronous function)}

Parameters:

• n - number of thread, is in range 0.. get_thread_qty() -1 or -1 for the current thread (C++: int)

Returns: char const *

thread name or NULL if the thread doesn't exist.

Get the sreg base, for the given thread.

Returns: ea_t

The sreg base, or BADADDR on failure.

Invalidate cached debugger information. \sq{Type, Synchronous function, Notification, none (synchronous function)}

Parameters:

• dbginv - Debugged process invalidation options (C++: int)

Returns: int

current debugger state (one of Debugged process states )

Invalidate the debugged process memory configuration. Call this function if the debugged process might have changed its memory layout (allocated more memory, for example)

Invalidate the debugged process memory contents. Call this function each time the process has been stopped or the process memory is modified. If ea == 'BADADDR' , then the whole memory contents will be invalidated

Parameters:

• ea, (C++ - ea_t)
• size, (C++ - asize_t)

Is the debugger busy?. Some debuggers do not accept any commands while the debugged application is running. For such a debugger, it is unsafe to do anything with the database (even simple queries like get_byte may lead to undesired consequences). Returns: true if the debugged application is running under such a debugger

Returns: bool

Is the address mapped to debugger memory?

Parameters:

• ea, (C++ - ea_t)

Returns: bool

Get current state of functions tracing. \sq{Type, Synchronous function, Notification, none (synchronous function)}

Returns: bool

Get current state of instructions tracing. \sq{Type, Synchronous function, Notification, none (synchronous function)}

Returns: bool

Does a register contain a value of a custom data type? \sq{Type, Synchronous function, Notification, none (synchronous function)}

Parameters:

• regname, (C++ - const char *)

Returns: bool

Does a register contain a floating point value? \sq{Type, Synchronous function, Notification, none (synchronous function)}

Parameters:

• regname, (C++ - const char *)

Returns: bool

Does a register contain an integer value? \sq{Type, Synchronous function, Notification, none (synchronous function)}

Parameters:

• regname, (C++ - const char *)

Returns: bool

Get current state of step tracing. \sq{Type, Synchronous function, Notification, none (synchronous function)}

Returns: bool

Is the specified file a valid trace file for the current database?

Parameters:

• filename, (C++ - const char *)

Returns: bool

Load a recorded trace file in the trace window. If the call succeeds and 'buf' is not null, the description of the trace stored in the binary trace file will be returned in 'buf'

Parameters:

• filename, (C++ - const char *)

Returns: str

Change one byte of the debugged process memory.

Parameters:

• ea - linear address (C++: ea_t)
• x - byte value (C++: uint32)

Returns: bool

true if the process memory has been modified

Refreshes the debugger memory

Returns: PyObject *

Nothing

request_add_bpt(bpt) -> bool

Post an 'add_bpt(ea_t, asize_t, bpttype_t)' request.

Parameters:

• ea, (C++ - ea_t)
• size, (C++ - asize_t)
• type, (C++ - bpttype_t)

Returns: bool

Post an 'attach_process()' request.

Parameters:

• pid, (C++ - pid_t)
• event_id, (C++ - int)

Returns: int

request_del_bpt(bptloc) -> bool

Post a 'del_bpt(ea_t)' request.

Parameters:

• ea, (C++ - ea_t)

Returns: bool

Post a 'resume_thread()' request.

Parameters:

• tid, (C++ - thid_t)

Returns: int

Post a 'run_to()' request.

Parameters:

• ea, (C++ - ea_t)
• pid, (C++ - pid_t)
• tid, (C++ - thid_t)

Returns: bool

Post a 'select_thread()' request.

Parameters:

• tid, (C++ - thid_t)

Returns: bool

Post a 'set_bblk_trace_options()' request.

Parameters:

• options, (C++ - int)

Post a 'set_func_trace_options()' request.

Parameters:

• options, (C++ - int)

Post a 'set_insn_trace_options()' request.

Parameters:

• options, (C++ - int)

Post a 'set_reg_val()' request.

Parameters:

• regname, (C++ - const char *)

Returns: PyObject *

Post a 'set_resume_mode()' request.

Parameters:

• tid, (C++ - thid_t)
• mode, (C++ - resume_mode_t)

Returns: bool

Post a 'set_step_trace_options()' request.

Parameters:

• options, (C++ - int)

Post a 'start_process()' request.

Parameters:

• path, (C++ - const char *)
• args, (C++ - const char *)
• sdir, (C++ - const char *)

Returns: int

Post a 'suspend_thread()' request.

Parameters:

• tid, (C++ - thid_t)

Returns: int

Resume thread. \sq{Type, Synchronous function - available as request, Notification, none (synchronous function)}

Parameters:

• tid - thread id (C++: thid_t)

Returns: int

Retrieve the exception information. You may freely modify the returned vector and add/edit/delete exceptions You must call 'store_exceptions()' after any modifications Note: exceptions with code zero, multiple exception codes or names are prohibited

Returns: excvec_t

Execute requests until all requests are processed or an asynchronous function is called. \sq{Type, Synchronous function, Notification, none (synchronous function)}If called from a notification handler, the execution of requests will be postponed to the end of the execution of all notification handlers.

Returns: bool

false if not all requests could be processed (indicates an asynchronous function was started)

Execute the process until the given address is reached. If no process is active, a new process is started. Technically, the debugger sets up a temporary breakpoint at the given address, and continues (or starts) the execution of the whole process. So, all threads continue their execution! \sq{Type, Asynchronous function - available as Request, Notification, 'dbg_run_to' }

Parameters:

• ea - target address (C++: ea_t)
• pid - not used yet. please do not specify this parameter. (C++: pid_t)
• tid - not used yet. please do not specify this parameter. (C++: thid_t)

Returns: bool

Save the current trace in the specified file.

Parameters:

• filename, (C++ - const char *)
• description, (C++ - const char *)

Returns: bool

Select the given thread as the current debugged thread. All thread related execution functions will work on this thread. The process must be suspended to select a new thread. \sq{Type, Synchronous function - available as request, Notification, none (synchronous function)}

Parameters:

• tid - ID of the thread to select (C++: thid_t)

Returns: bool

false if the thread doesn't exist.

Send a direct command to the debugger backend, and retrieve the result as a string.

Note: any double-quotes in 'command' must be backslash-escaped. Note: this only works with some debugger backends: Bochs, WinDbg, GDB.

Returns: (True, <result string>) on success, or (False, <Error message string>) on failure

Modify basic block tracing options (see 'BT_LOG_INSTS' )

Parameters:

• options, (C++ - int)

Helper function for 'bpt_location_t' .

Parameters:

• s, (C++ - const char *)

Returns: int

Set debugger options. Replaces debugger options with the specification combination 'Debugger options'

Parameters:

• options, (C++ - uint)

Returns: uint

the old debugger options

Modify function tracing options. \sq{Type, Synchronous function - available as request, Notification, none (synchronous function)}

Parameters:

• options, (C++ - int)

Set highlight trace parameters.

Parameters:

• hilight, (C++ - bool)
• color, (C++ - bgcolor_t)
• diff, (C++ - bgcolor_t)

Modify instruction tracing options. \sq{Type, Synchronous function - available as request, Notification, none (synchronous function)}

Parameters:

• options, (C++ - int)

Set process options. Any of the arguments may be NULL, which means 'do not modify'

Parameters:

• path, (C++ - const char *)
• args, (C++ - const char *)
• sdir, (C++ - const char *)
• host, (C++ - const char *)
• port, (C++ - int)

Set new state for the debugged process. Notifies the IDA kernel about the change of the debugged process state. For example, a debugger module could call this function when it knows that the process is suspended for a short period of time. Some IDA API calls can be made only when the process is suspended. The process state is usually restored before returning control to the caller. You must know that it is ok to change the process state, doing it at arbitrary moments may crash the application or IDA. \sq{Type, Synchronous function, Notification, none (synchronous function)}

Parameters:

• newstate - new process state (one of Debugged process states ) if DSTATE_NOTASK is passed then the state is not changed (C++: int)
• p_thid - ptr to new thread id. may be NULL or pointer to NO_THREAD . the pointed variable will contain the old thread id upon return (C++: thid_t *)
• dbginv - Debugged process invalidation options (C++: int)

Returns: int

old debugger state (one of Debugged process states )

set_reg_val(tid, regidx, o) -> PyObject *

Write a register value to the current thread. \sq{Type, Synchronous function - available as Request, Notification, none (synchronous function)}

Parameters:

• regname, (C++ - const char *)

Returns: PyObject

Set remote debugging options. Should be used before starting the debugger.

Parameters:

• host - If empty, IDA will use local debugger. If NULL, the host will not be set. (C++: const char *)
• port - If -1, the default port number will be used (C++: int)

How to resume the application. Set resume mode but do not resume process.

Parameters:

• tid, (C++ - thid_t)
• mode, (C++ - resume_mode_t)

Returns: bool

Modify step tracing options. \sq{Type, Synchronous function - available as request, Notification, none (synchronous function)}

Parameters:

• options, (C++ - int)

Set the base address of the current trace. \sq{Type, Synchronous function, Notification, none (synchronous function)}

Parameters:

• ea, (C++ - ea_t)

Change the description of the specified trace file.

Parameters:

• filename, (C++ - const char *)
• description, (C++ - const char *)

Returns: bool

Set platform name of current trace.

Parameters:

• platform, (C++ - const char *)

Specify the new size of the circular buffer. \sq{Type, Synchronous function, Notification, none (synchronous function)}If you specify 0, all available memory can be quickly used !!!

Parameters:

• size - if 0, buffer isn't circular and events are never removed. If the new size is smaller than the existing number of trace events, a corresponding number of trace events are removed. (C++: int)

Returns: bool

Start a process in the debugger. \sq{Type, Asynchronous function - available as Request, Notification, 'dbg_process_start' }You can also use the 'run_to()' function to easily start the execution of a process until a given address is reached.For all parameters, a NULL value indicates the debugger will take the value from the defined Process Options.

Parameters:

• path - path to the executable to start (C++: const char *)
• args - arguments to pass to process (C++: const char *)
• sdir - starting directory for the process (C++: const char *)

Returns: int

Execute one instruction in the current thread. Other threads are kept suspended. \sq{Type, Asynchronous function - available as Request, Notification, 'dbg_step_into' }

Returns: bool

Execute one instruction in the current thread, but without entering into functions. Others threads keep suspended. \sq{Type, Asynchronous function - available as Request, Notification, 'dbg_step_over' }

Returns: bool

Execute instructions in the current thread until a function return instruction is executed (aka "step out"). Other threads are kept suspended. \sq{Type, Asynchronous function - available as Request, Notification, 'dbg_step_until_ret' }

Returns: bool

Suspend the process in the debugger. \sq{ Type,Synchronous function (if in a notification handler)Asynchronous function (everywhere else)available as Request, Notification,none (if in a notification handler) 'dbg_suspend_process' (everywhere else) }The 'suspend_process()' function can be called from a notification handler to force the stopping of the process. In this case, no notification will be generated. When you suspend a process, the running command is always aborted.

Returns: bool

Suspend thread. Suspending a thread may deadlock the whole application if the suspended was owning some synchronization objects. \sq{Type, Synchronous function - available as request, Notification, none (synchronous function)}

Parameters:

• tid - thread id (C++: thid_t)

Returns: int

Update modifiable characteristics of an existing breakpoint. To update the breakpoint location, use 'change_bptlocs()' \sq{Type, Synchronous function, Notification, none (synchronous function)}Only the following fields can be modified: 'bpt_t::cndbody' 'bpt_t::pass_count' 'bpt_t::flags' 'bpt_t::size' 'bpt_t::type' Changing some properties will require removing and then re-adding the breakpoint to the process memory (or the debugger backend), which can lead to race conditions (i.e., breakpoint(s) can be missed) in case the process is not suspended. Here are a list of scenarios that will require the breakpoint to be removed & then re-added: 'bpt_t::size' is modified 'bpt_t::type' is modified 'bpt_t::flags' 's BPT_ENABLED is modified 'bpt_t::flags' 's BPT_LOWCND is changed 'bpt_t::flags' 's BPT_LOWCND remains set, but cndbody changed

Parameters:

• bpt, (C++ - const bpt_t *)

Returns: bool

Wait for the next event.This function (optionally) resumes the process execution, and waits for a debugger event until a possible timeout occurs.

Parameters:

• wfne - combination of Wait for debugger event flags constants (C++: int)
• timeout - number of seconds to wait, -1-infinity (C++: int)

Returns: dbg_event_code_t

either an event_id_t (if > 0), or a dbg_event_code_t (if <= 0)