
>>>>>>>>>>       NEW or IMPROVED FEATURES OF THE 3.5 Version        <<<<<<<<<<

------------------------------------------------------------------------------
(3.5) PENTIUM PRO SUPPORT 

Pentium Pro instructions and loadall (0F,07), icebp (F1) have been added. The
name of this new processor is: 80686p.

------------------------------------------------------------------------------
(3.5) INTEL MULTI-MEDIA EXTENSIONS SUPPORT

MMX instructions have been added.

------------------------------------------------------------------------------
(3.5) MOTOROLA 680x0 SUPPORT

Thanks to Yury Haron's efforts IDA can now disassemble Motorola 680x0 programs.

------------------------------------------------------------------------------
(3.5) STRUCTURES SUPPORT

You may now create/modify/delete structures (all operations) but cannot
yet specify an offset into a structure (to be implemented)

------------------------------------------------------------------------------
(3.5) FUNCTIONS

A  'function'  concept  is  implemented.  IDA automatically determines a
function bounds and its type (far/near).

------------------------------------------------------------------------------
(3.5) OBJ FILE FORMAT SUPPORT

IDA can now disassemble .OBJ files

------------------------------------------------------------------------------

(3.5) FLOATING POINT NUMBERS SUPPORT

Floating point numbers support has been added:

    - they may be used in the calculator and in the IDC language

    - it is possible to define floating point data (temporary hotkey D)
      in the program. The default name prefixes are
      		float		flt_
		double		dbl_

  All floating point arithmetic is written by Yury Haron. It dos not
  use coprocessor and all calculations are made in extra precision.
  (up to 25 decimal digits)

------------------------------------------------------------------------------

(3.5) NEW OUTPUT FILE FORMAT : DIF

IDA  can  now  create  .DIF  files.  Those files contain the differences
between the original executable and executable that you would get  after
applying  all  patches.  You are now able to determine the offset in the
input file, where the current  byte  is  loaded  from.  This  offset  is
displayed in a dialog box when you use 'patch byte/word' commands.

------------------------------------------------------------------------------

(3.5) NEW BEHAVIOUR OF COMMAND MAKE OFFSET

If an area is selected using the [anchor], IDA will perform  'en  masse'
conversion.  IDA will convert the immediate operands of all instructions
in the selected area to offsets. However, IDA will first ask  the  lower
and  upper  limits  of  the immediate operand's value. If the an operand
value is >= lower limit and <= upper limit, then  the  operand  will  be
converted to offset, otherwise it will be left unmodified.

This command greatly enhances the speed of an OS/2 program analysis

------------------------------------------------------------------------------

(3.5) ADJUSTABLE PRIORITY FOR OS/2 Versions

OS/2 : it is now possible to  specify  the  priority  of  IDA  using  the
Options|Background analysis menu item. The default priority is specified
in  the  configuration file IDA.CFG by the parameters PRIORITY_CLASS and
PRIORITY_DELTA. If the user changes the priority through the menu, this
modification only affects the current IDA session.

------------------------------------------------------------------------------

                 ANALYSIS MODIFICATIONS AND IMPROVEMENTS

(3.5) instructions which pass execution to the next instruction are displayed 
with the '$' symbol:

	jmp short $+2
	call $+3

(3.5)  INTEL:  IDA now checks the repeated operand size and address size
modifiers. Unused prefixes are displayed on a separate line as

  	db	66h
  or
  	db	67h

(3.5) If an instruction has only one  modifiable  operand,  IDA  changes
this  operand  regardless of the cursor position when you use an operand
type command (such as 'make offset', 'make number' etc). If there are no
such operands, IDA won't allow to use operand type  commands  (you  will
hear a beep).

(3.5)  IDA  tries  to  give  meaningful  names  for  trivial   functions
consisting of a single instruction

  	jmp	name

  The function name will be j_name.

(3.5) Unnamed entry points in PE DLL are automatically named as
  
  <module>_<ordinal>

(3.5) When  you  rename something, IDA now tries to change this name in
all manual operands too. For example, if we've had a manual operand

  	offset data123 - offset myorg

and you rename 'data123' to  'highmark',  the  manual  operand  will  be
automatically changed to

  	offset highmark - offset myorg

(3.5)  Operand types: each operand has its own type. When you change the
operand type IDA changes the type of the first operand if the cursor  is
located before the separating comma, otherwise IDA changes type of other
operands  (second,  third etc). Please note, that for arrays you have to
specify type of the first element and other elements separately.

(3.5) Array support is enhanced: alignment, number of items on  a  line,
additional information. IDA doesn't discard the element type when you define
an array.

(3.5) New  type  of xrefs: references to the names in manual operands
(Alt-F1,Alt-F2) These xrefs are marked by the character t.

(3.5) INTEL: VMM/VxD function names are now  displayed  in  the  operand
field  (before,  they  were displayed as comments). You have to edit the
output .ASM file to include the appropriate  function  definitions  .INC
file in order to compile it successfully.

(3.5)  INTEL: the LEA instruction creates a reference of OFFSET type and
doesn't define a data byte.

(3.5) The command that change type of the operand (char,hex,dec) work on
the unexplored bytes too, automatically converting them to 'words'.

(3.5) IDA can now load New Executable (NE,LX,LE,PE)  files  without  DOS
stub.

(3.5) IDA now allows manually entered operands to appear in xrefs.

(3.5) The following 80x86 instructions have been added :
setalc, svdc, rsdc, svldt, rsldt, svts, rsts.

(3.05A) Make offset: if this  command  changes  representation  of  both
operands  of  an  instruction,  IDA  fixes  one  of  the operands (using
Alt-F1,Alt-F2) so that only one of them is modified. When you delete  an
offset,  IDA deletes all forced operands. This logic works only when you
use 'make offset' command  from  the  keyboard.  When  an  IDC  function
OpOffset() is called, IDA doesn't make any additional changes.

(3.05A) Automatically generated names: IDA is now able to generate names
such   as   loc_1,loc_2,loc_3   etc.   Look   menu   item   Option|Names
representation...

(3.05) The 'make offset' command may now be applied to LEA instruction.
This command temporarily changes DS for the current instruction.


                   IDC MODIFICATIONS AND IMPROVEMENTS

(3.5) New things in IDC:
	- header file IDC.IDC with the description of internal flags etc.
	- cross-references management functions (add/del/enumerate)
	- search functions (search instr,data, i.e. all the search menu items)
	- function atoa(ea) - returns address in the form 'seg000:1234'
	- prefix and postfix operators ++,-- may now be used.

(3.5) You can use octal numbers and binary constants such as 0b1010101
in the calculator and in IDC

(3.5)  IDC  &  IDA.CFG:  you  can use C preprocessor directives (such as
#define/undef) with the following limitations: 

- the #if directive doesn't  exist (you can use  #ifdef,#ifndef)  
- macros  have  no  arguments  
- __LINE__, __FILE__, #line doesn't exist



                 INTERFACE MODIFICATIONS AND IMPROVEMENTS

(3.5) All IDA views now have vertical scrollbars.

(3.5)  It is now possible to comment functions and segments. In order to
enter a comment for a function you  must  stay  on  the  function  start
address,  cursor  on the function name and to press ';' or ':'. The same
procedure applies to the  segments  (but  you  can  enter  a  repeatable
comment for segments).

(3.5) the indicator at the upper right corner of the screen works like a
traffic light.
  
  when IDA is ready to accept user requests it shows: 
  	READY or THINKING in green

  when IDA is processing a user request it shows:
	BUSY in red

  when IDA is waiting for the input it shows:
	WAITING in yellow

(3.5) View file: you may now search for a text string (Alt-T/Ctrl-T) and
jump to the specified line number (Alt-G).

(3.5)  Checks have been added to function creation/edition. The end
address of a function can now be quickly changed by pressing 'E'.

(3.5) IDA saves the current address in the stack when you  jump  to  the
program start/end.

(3.5)  A  list  of  program  entry points is now available. This list is
available to new databases. The default hotkey is Ctrl-E.

(3.5) Pressing Enter when the cursor  is  at  any  place  of  expression
"offset name" leads to a jump to 'name'.

(3.5) Selectors: IDA now allows to change/modify selectors even if they
are used in the program. Beware, IDA doesn't fully check selectors yet.

(3.5) You can enable/disable the  display  of  function  names  in  line
prefixes  and  cross-references.  See dialog boxes "Text Representation"
and "Cross-references".

(3.5) Cross references are displayed in a new manner. You may now specify the
  number of cross-references to display. In order to work with all xrefs
  you may press Ctrl-X (select a xref from a list and jump) or open a window
  with xrefs (menu View). From within this window you may add/delete xrefs.
  All windows with xrefs and their positions are saved when you exit IDA.
  fix : IDA doesn't delete xrefs defined by the user.

  ATTENTION!
  
  	If you load an old database you will see only ONE xref.
	You can change number of xrefs displayed using menu
	Options|Cross references.

(3.5) Some hotkeys have changed:
 	Alt-M/Ctrl-M	- mark position/jump to marked position
	P/Alt-P/Ctrl-P  - work with functions: add/edit/jump
	F		- show flags

(3.5) A new command: Find a byte not belonging to any function.
The default hotkey is Alt-U.

(3.5) Names like loc_1,loc_2 and stored and kept in a slightly different
format. You need to renumber them when you start to use the new  version
of IDA.

(3.5) The reaction to Home/End keys is slightly changed:
	Home		- start of the current line
	Home Home	- top of window
	Home Home Home	- start of the file
        End             - the same mechanism.

(3.5) New window: selectors. You can add/delete/change selector in this window.

(3.5) Now it is possible to hide all user-defined comments

(3.05) cross-refrence type for the expression dataptr[reg]
 is now (r)ead or (w)rite ; it was (o)ffset before.
  
(3.05B)  Names can now be shown/hidden from the names window. When you
rename a byte you may check a checkbox, indicating appearance  of  the
name in the names window.

(3.05B) The hotkey for "Search next immediate operand" is Ctrl-I now (was 'I')

(3.05B) Operands like [reg+num] where num > "high voids limit" are represented
as [reg-num].

(3.05A)  Many  items were deleted from segments menu, an a new command
named 'EditSegment' was added, it does everything. You may  edit
segment attributes pressing Ctrl-E in the segments window.

(3.05A) In any window with a list (of names, of segments etc) you can:

	Ctrl-E		- edit the current element
	Del		- delete the current element
	Ins		- add a new element
	
For example, pressing Del in the segments windows deletes the segment.
This was done to simplify the user interface, because in the near future
a proper concept for functions and structures will be introduced.

(3.05A) All window positions are saved/restored between sessions. (3.05A)

(3.05)  The cursor is now positioned on the 'start' label when a new file 
is loaded

                 CONFIGURATION FILE MODIFICATIONS


(3.5) The default processor type depends on the input file name extension.
The dependency table is in IDA.CFG, keyword DEFAULT_PROCESSOR

(3.5) New parameters in ida.cfg:

	CHECK_MANUAL_ARGS	Should IDA check manual operands? (Alt-F1,-F2)
				Default: yes.

	SHOW_XREF_VALUES	Show cross-reference addresses?
				If not, IDA shows a string "..." instead
				of addresses. You may access a table of
				addresses by pressing Ctrl-X.
				Default: yes.


(3.5) Several new tables in IDA.CFG:

	XlatAsciiName    - translation table used when building a name 
	                 - for an ascii-string. Useful for national codepages.
			 
	AsciiStringChars - table of characters allowed in ascii-strings
	
	NameChars        - table of characters allowed in names


(3.5) Long comments: can now be edited more easily.
				
(3.5)- IDA.CFG: the cursor type (normal,solid) may now be selected.

(3.05A) OS/2: the number of rows on the screen may be set in ida.cfg 

                     
		     MISCELLANEOUS MODIFICATIONS


(3.5) Z80: Alt-R specifies a temporary data segment for the instruction.

(3.5) The database is now packed using 'deflate' method. The implode
method is retained in this version. Unfortunately 32-bit  DOS  version
doesn't  support the old method. All new databases are packed using the
new method. Thanks to InfoZip Group.

(3.5)  Pressing  Ctrl-Break  during the loading of a new file will stop this
process and delete the database.

(3.05B) 32bit versions: the messages buffer size is now 16k

(3.05) IDA can disassemble  PDP-11  (RT-11)  programs  now.  Yury  Haron
<YJH@urenbank2.msk.su>   wrote  an  IDP  and  kindly  presented  it  for
distribution with IDA.

(3.05A) OS/2: several IDA sessions can now be run simultaneously.

(3.05A) OS/2: IDA does not require the mouse anymore.

(3.05) driver.idc: The chain of devices may now end with 0000:0000.

                      
		      BUG FIXES AND CORRECTIONS

(3.5) Loading of PE files is improved.

(3.5) IDA didn't recognize some NE files and loaded them  as  plain  EXE
files. Thanks to Danil Shubin, 2:50/777.6, who provided an example.

(3.5) 'drop anchor' (hot key Alt-L or Shift-arrows) command selects whole lines
(before it was possible to select part of a line), because all IDA commands
use whole lines.

(3.5) Fixed a bug with F4: the window was not refreshed after this command.

(3.5) Shift-F1: IDA may crash trying to display an error message if you enter
 and bad input line.

(3.5)  Fixed  a  bug  with  LX/LE files: IDA incorrectly resolved 16-bit
relocation records if there  wasn't  flag  "16  bit  alias  required".
Thanks to Rinat Sadretdinow, 2:5020/620.

(3.5)

IBM PC: a sequence 2E 6C was disassembled incorrectly:

	segcs
	insbbyte ptr [dx]

  Proper way:

  	segcs
	insb

(3.5) Z80: IDA/2 crashes trying to disassemble an instruction
 which uses AF register.

(3.5)  If you enter -1 as an array size, IDA produces many warnings
that it is not possible to create such an array. The number of  warnings
might be so big, so it was faster to reboot than to wait. This problem
has been fixed.

(3.5) Fixed a bug with F1: it should show 'help on help'.

(3.5) It was not possible to search a text substring with trailing spaces.

(3.5) IDA did not load PE DLL files  correctly  if  there  were  unnamed
entry points. (the entry points were named incorrectly).

(3.5)  IDA  couldn't  run  if IDA.EXE was located in the root directory.
Thanks to Maxim Berlin who reports this bug again.

(3.5) IDA will only attempt to repair a database once. If it fails, IDA
will propose to repair the database manually and will exit.

(3.5) PDP-11: Fixed a bug with overlays.

(3.5) Z80: fixed a bug with instructions

	ld l,(ix+...)

  (thanks to sergey@inpro.msk.ru)
  
It is now possible to disassemble overlayed programs (when memory banks
are switched on the fly)

(3.5) DOS32: did not exit when you press Ctrl-Break. This problem has
been fixed.

(3.5) Unload database: IDA creates functions small enough to  be  loaded
without any problems.

(3.5)  Fixed a bug which occured when loading databases of the old format
(from v2.09 for example).

(3.5) PC: conditional jump instruction may be SHORT too.

(3.5) PC: instructions with a superfluous segment prefix are disassembled now.

(3.5) Z80: fixed a small bug in data displaying.

(3.5) IDC: for (;;) caused an internal error.

(3.5) Windows LE drivers: VxDjmp/VMMjmp are properly displayed and commented.

(3.5) Mouse: fixed a bug with double click (it has the same effect as Enter)
and context-sensitive menus are added. Those menus appear when the user 
presses the right mouse button.

(3.5) When segments are shrinked/expanded IDA doesn't delete instructions/data 
if the segments being modified have the same base.

(3.05B) OS2 : Z80 under OS/2: fixed a bug with registers (IDA crashed).
Thanks to Andrey Chicherov, 2:5020/375

(3.05B) "create a new segment": if a new segment overlaps some other segment,
the old one was truncated and instructions/data were deleted. Now IDA keeps 
all instructions/data if the new segment has the same base as the old segment.
Also, IDA allows NEAR calls & jumps between segments with the same base.

(3.05B) IDA checks the number of files that can be opened and refuses to
work if there is an insufficient number of free handles.

(3.05B) IDA properly loads pascal overlays even if they are in the EXE file.

(3.05B) IDA didn't disassemble BSWAP instruction if the register was not EAX.
Thanks to Danil Shubin, 2:50/777.6 for the information.

(3.05A) IDA complained that a segment register value can't be changed if
the  instruction  changing the register was the last one in the segment.
(I never have seen such an instruction in real programs)

(3.05A) IDA didn't generate cross-reference for C:

	imul A, B, offset C

(3.05A) DOS16: stack size is increased. Due to the insufficient stack size IDA
could hang while producing the .ASM file.

(3.05A) 8051: fixed bug in the check of the manually entered operands.

(3.05A) 32bit versions: fixed bug with

	dt <number>
	
  The number was shown incorrectly. Thanks to Serge Pashkov, 2:5020/52.43

(3.05) OS/2 version crashed when loading LE files. This has been fixed.

(3.05) Stricter criteria of COFF file format.

(3.05) Fixed bug with Ctrl-N 

(3.05) The 32-bit versions of IDA didn't check the size of the IDC functions.
This could have led to a crash when the function was executed. 

(3.05) Fixed bug with ENDP: sometimes IDA could not find the procedure name
and simply generated 'endp' instead of  'proc endp' 

(3.05 OS/2) The following keys now work as expected : Ctrl-S,Ctrl-P,Ctrl-Q,
Alt-Space.

(3.05 DOS32) The following keys now work as expected now:  Shift-Ins,Ctrl-Ins,
Shift-Del,Ctrl-Del.


