Welcome to IDA 9.0

BETA

Downloads

For Windows

For macOS intel

For macOS ARM

For Linux

IDA Home PC for Windows

IDA Home ARM for Linux

IDA Home ARM for macOS intel

IDA Home ARM for macOS ARM

FLAIR

idaclang

idslutils

loadint

tilib

SDK

SDK Docs

Lumina server Activation not available yet

IDAPython Porting Guide (DRAFT)

SDK Porting Guide (DRAFT)

Issues fixed in IDA 9.0 beta 2

IDA Home: cloud decompilers unusable
Replaced every reference to ida.key into ida.hexlic
IDA Linux installer creates a weird directory in the installers's directory
IDA Home: missing IDA Pyton module "ida_mergemod"
missing style dylib on macOS
decompilers: crash on navigation into non-decompilable function
asmtil: interr 918 + crash on filtering a large list of types
idapython: idc.get_ordinal_qty() not usable
added wasm loader and processor module

Known issues for IDA 9.0 beta 1

IDA Teams server (vault) not yet available
IDA floating license server (licsrv) not yet available
Dialogs text in Linux installer not readable on Ubuntu with dark theme active
Linux installer creates empty directory named `***unknown variable uninstallerdirectory***`
iOS18 DSC objc analysis lacking out-of-box (__OBJC_RO has to be loaded manually for now)
IDA can crash on x64 macOS at file load time

Headless processing with IDAlib

With IDAlib, both the C++ and Python APIs can be used from outside IDA to form standalone applications. The resulting program or script doesn't have to be loaded inside IDA, but rather IDA engine is invoked from inside your application.
This makes developing against the IDA API much easier - if configured correctly, you get auto-completion and debugging in your favorite C++/Python IDE
NO RCP or IPC to an external IDA process means you get native speed of execution

WASM Disassembler and File Format Loader

With many apps shifting to client-side browser applications we saw the need of a new disassembler for Web Assembly (WASM).
WASM code is embedded into its own binary file format. Hence we also ship a file loader that decodes the WASM file format

nanoMIPS Disassembler and Decompiler + md1rom Loader

Both the MIPS disassembler and decompiler got added support for nanoMIPS instructions. The nanoMIPS support is included in the classic MIPS (HEXMIPS) decompiler, so there is no need to purchase an extra license.
Firmware compiled for nanoMIPS often ships in md1rom format, which is why we added an md1rom file loader to IDA (which includes parsing and applying of debug symbols, if available)

New RISC-V Decompiler and Disassembler Extensions

New decompilers targeting 32- and 64-bit RISC-V code (HEXRV and HEXRV64) are now available.
We extended the RISC-V processor module to support T-Head extension instructions (used in Xuantie and Allwinner processors)

C++ Exceptions Support in the Decompiler

The decompiler can now emit try / catch blocks. As the first step, we implemented support for the C++ exception scheme in binaries compiled for x64 using Microsoft VC++

IDAPython Improvements

Most IDAPython APIs now have type annotations, making the API less obstructive to use.
Python virtual environments are now supported - simply point $PATH to the directory containing the interpreter inside the virtual environment (done automatically by the activation script).
Objects returned in the Python API are properly zero-initialized.
Auto-completion in IDA's CLI now disregards __magic_methods__ and auto-generated SWIG methods, which reduces noise and helps finding a particular function easier.

FLIRT Updates

We massively updated, modernized and extended the number of FLIRT signatures available for use with IDA. As of this release, we provide (and plan to maintain) signatures for the following operating systems, languages, architectures, and software packages:
Golang:
- Versions: stable versions from 1.10.0 to 1.22.5 and unstable version 1.23.0-rc1/1.23.0-rc2
- Windows: x86, x64, arm, arm64
- Linux: i386, amd64, arm, arm64
- Darwin: amd64, arm64
C/C++
- Windows (MSVC):
  - Architectures: arm, arm64, i386, amd64
  - Packages: ATL, CTL, MFC, Windows SDK 10, Windows SDK 11
- Linux:
  - Distribution: Ubuntu & Debian
  - Architectures: i386, amd64, arm64, armhf, armel, arm, s390x, mips64el, mipsel, mips, ppc64el
  - Packages: libc6, libselinux1, libpcre2, libidn2, libssl, zlib1g, lib32z1, libunistring, libcurl4-gnutls, libcurl4-nss, libcurl4-openssl, libnghttp2, libidn2, librtmp, libssh, libssh-gcrypt, libpsl, libldap, libzstd, libbrotli, libgnutls28, nettle, libgmp, comerr, libsasl2, libbrotli, libtasn1-6, libkeyutils, libffi, uuid, libprotobuf, heimdal-multidev, musl, libplib, libsdl1.2-bundle (libsdl-console, libsdl-sge, libsdl1.2, libsdl-ocaml, libsdl-image1.2, libsdl-kitchensink, libsdl-mixer1.2, libsdl-net1.2, libsdl-sound1.2, libsdl-ttf2.0, libsdl1.2-compat, libsdl-gfx1.2, libsdl-pango), libsdl2-bundle (libsdl2, libsdl2-gfx, libsdl2-image, libsdl2-mixer, libsdl2-net, libsdl2-ttf)
The extra signatures are initially available as separate download

Metadata Descriptors for Plugins

ida-plugin.json now offers a standardized entrypoint for plugins. This enables plugin authors to follow their own plugin directory structure, all they need to do is point IDA to the main plugin entry point. To maintain backward compatibility, IDA will keep loading plugins in the pre-9.0 way for a couple of releases.

With the following directory structure:

plugins
└── ida_greeter
    ├── ida-plugin.json
    └── main.py

A possible ida-plugin.json could look as follows:

{
  "plugin" :
  {
    "name" : "greeter",
    "entryPoint" : "main.py"
  }
}

No more IDA32

We deprecated IDA32 a few versions ago. With IDA 9.0, we’re unifying the IDA binaries targeting 32 or 64 bit code into just one IDA64 binary. This means:
Number of installed files is cut in half
Easier life for native plugin maintainers since only one version (__EA64__) needs to be maintained.
Conversion of IDB files to I64 file format is transparently and automatically performed by IDA64.

UI Improvements

The legacy Enums and Structures views are removed entirely and replaced by Local Types. This also means that struct.hpp and enum.hpp and their counterparts ida_struct and ida_enum disappear from the API. Replacement functionality for both headers/modules is now located (mostly) in typeinf.hpp / ida_typeinf. A porting guide will be available for the release.
The function prototype editor (aka y shortcut on a function name) now can toggle between the classic free-text one-line editor and a new multi-line editor featuring the usual shortcuts and controls. By the same time, we added basic support for UI-based editing of argument locations, to make prototype syntax less of a hassle to remember.
It is now possible to specify fixed size for structures and to enable field packing easily
A refreshed set of shortcuts which better matches the modern OS conventions can now be selected instead of the traditional shortcuts

Full list of changes and new features

Processor modules

ARM: improve detection of targets of indirect jump instructions
ARM: improved prolog analysis to recognize and mark calls to chkstk_darwin
AVR: update missing bit definitions for ATmega640
MIPS: support for NanoMIPS instruction set
RISCV: added support for legacy instruction sfence.vm
RISCV: added support for T-Head custom instructions
wasm: new processor module (Web Assembly)

File formats

ELF: added support for nanoMIPS
ELF: ARM64: added support for R_AARCH64_P32_TLS_TPREL relocation type, used by ILP32
md1img: loader for Mediatek modem firmware images (nanoMIPS and MIPS16e2)
MACHO: support __chain_starts format 5 (DYLD_CHAINED_PTR_32_FIRMWARE)

FLIRT / TILS / IDS

FLAIR: PCF: added support for ARM64 COFF files
pelf: proper handling of ELF32 for AArch64 (ILP32)

Standard plugins

eh_parse: skip leading and trailing zero entries in x64 .pdata for PE files (real binaries have them); improve recognition of exception dispatcher functions in debug builds
eh_parse: x64 exception handlers are standalone functions and not function chunks
eh34: new plugin to handle c++ exceptions for the binaries built by msvc x64
pdb: added an option to only load names (useful with large PDBs when you don't need types)

Kernel/Misc

goodname.cfg: improve simplification of MSVC STL classes
kernel: support for ida-plugin.json
kernel: improved strlit detection (short ones were converted to data items)
noret.cfg: added terminate, std_terminate to the list of non-returning functions
installer: macOS: install all contents into a single .app bundle
licensing: replaced FlexNet licensing server by custom Hex-Rays licensing server (floating licenses only)

Scripting & SDK

IDAPython: added find_binary and find_string
IDAPython: added detection of virtual environments (venv)
IDAPython: Added more pointer wrappers for integer types defined in pro.h
IDAPython: idapyswitch can now be used with read-only IDA installations
IDAPython: Removed __magic_methods__ from CLI auto completion
IDAPython: zero-initialize C++ objects exposed in the Python API
IDAPython: loader_input_t.read() should return an empty bytes object upon read error, not None
SDK: Add Visual Studio templates for plugins and loaders
SDK: added FUNC_UNWIND/FUNC_CATCH function flags to mark exception handlers, they will be ignored in decompilation
SDK: added pipe_process() to launch a process and establish a 2-way communication with it
SDK: added qlist::splice()
SDK: moved node_ordering_t to gdl.hpp
SDK: published basic undo interface (create undo point, undo, redo)
SDK: renamed abstract_graph_t -> drawable_graph_t; mutable_graph_t -> interactive_graph_t

UI

UI: added an option to retain structure size (Fixed size structs)
UI: Added "pack fields" checkbox to control gaps between fields for structs
UI: command palette: fix wrong reports about "command failed"
UI: hadle export/import of Local types to IDC is in a more flexible way. User is able to select the different policies, for example: load the types and skip the equal.
UI: if IDA already has a file open, "Open" opens a file in a new IDA instance
UI: it is now possible to inspect the contents of base type libraries, by double-clicking on them in the "Type libraries" view
UI: new shortcut set better aligned with modern OS conventions
UI: got rid of "Structs" and "Enums" widgets
UI: new shortcuts: Alt- (and CMD-) to jump to a window

Decompilers

decompiler: riscv: added RV32 and RV64 decompilers
decompiler: added try/catch ctree statement
decompiler: improved detection of variadic arg types
decompiler: introduced a new event: hxe_inlining_func
decompiler: published a few graph algorthims (pre/port ordering and dominator calculation)
decompiler: published the control_graph_t class; made it possible for third-party plugins to perform structural analysis
decompiler: arm: added support for VSEL insn (ARMv8-M)
decompiler: impoved structure copy recognition
decompiler: improved cfunc_t cache by introducing "saved_to_idb"; otherwise we were saving all decompiled functions upon each "save_database", again and again
decompiler: improved constant representation in comparisons with binary operators
decompiler: improved hexrays history to support c++ exception handlers
decompiler: improved the error message about the missing license: tell the user what license is missing
decompiler: mips: added support for movtz and movtn (MIPS16e2)

Bugfixes

BUGFIX: ARM: analysis speed could be slow on large 32-bit firmware binaries
BUGFIX: ARM: fixed endless loop which could happen when analysing function chunk before main function entry
BUGFIX: ARM: stop decoding undefined MOV Wx, #imm variants (imm not fitting in 32 bits)
BUGFIX: cvt64: converting an old .idb to .i64 would fail if its path contained a space
BUGFIX: debugger: win32_remote.exe was unnecessarily requiring an API instroduced in Windows Vista and would not run on XP anymore
BUGFIX: decompiler: expressions with variable sized structures could be mishandled
BUGFIX: decompiler: IDA could complain "Could not find a matching license for product" when multiple decompilers were installed
BUGFIX: decompiler: internal errors triggered by UI-related code (e.g. generaing tooltips) could result in "Unknown C++ exception" fatal error
BUGFIX: decompiler: pressing F5 was not refreshing the pseudocode window in some cases; we were discarding the decompilation result
BUGFIX: decompiler: value range optimization could lead to code being wrongly removed
BUGFIX: DSCU: a GAP spanning multiple subcache files would fail to load
BUGFIX: kernel: IDA on Linux had an unnecessary hard dependency on libsecret and would refuse to run without it.
BUGFIX: navigating to a global name which matched a known type name would fail
BUGFIX: objc: NS*Block reference detection error would end up creating incoherent block structures over unrelated data
BUGFIX: PC: alloca_probe / chkstk_ms does not modify rsp or rax in x64 code, unlike x86
BUGFIX: PC: REX prefix could be incorrectly applied to 32-bit instructions
BUGFIX: PC: vmovw instruction was decoded as if using 16-bit registers (it actually uses 32-bit ones)
BUGFIX: PDB: inporting types from some large PDBs would fail with "the maximum recursion level was reached"
BUGFIX: RISCV: fence.i instruction was not decoded
BUGFIX: SDK: fixed a debug/opt build incompatibility in reg_finder_t (std::map member)
BUGFIX: SDK: set_all_bits() and clear_all_bits() would behave wrong on bitmaps with size not a multiple of 8
BUGFIX: sometimes information about newly created range-like entities (segments/functions/...) could be lost during UNDO
BUGFIX: tinfo: xrefs to a deleted enum were not removed
BUGFIX: UI: large amounts of lines in the "Output" window could cause slowdowns
BUGFIX: UI: when using COLOR_INV color code (e.g. in a custom viewer), IDA would use default color for the text instead of the previous background color

Jul	AUG	Sep
	11
2023	2024	2025