Proximity view

Starting from IDA v6.2, the callgraph of a program can be displayed in a graph form.

In the proximity view, the current address, the callers and the callees are represented as a collection of nodes linked together with edges. Nodes represent functions and data references (global variables, strings, etc..) and edges represent code or data cross-references between them.

To open the proximity view press the '-' key to zoom out and switch to the callgraph of the address under cursor.

Only the address names (function names or data labels) are displayed in the proximity view, but not the disassembly, nonetheless, hovering the mouse over a node will display brief disassembly listing in a resizable hint window. To see the complete disassembly listing switch to text or graph mode by pressing '+' or Space respectively.

When disassembling new files, IDA will display a dialog offering to switch to proximity view when applicable. It is possible to turn off this dialog and not show it again.

In the proximity view there are 3 types of nodes: Function nodes, data nodes and auxiliar nodes. Function nodes are rectangular and they have a toolbar. Those nodes are used to display the callers or callees of the current central node (or any of his parents or children). Data nodes are rectangular nodes (without a toolbar) and they are used to display the data references (global variables, strings, etc...) to/from the current central node or any of his parents and children.

Please select one of the following topic to learn more about graphs:

Selections in graphs

Many graph operations are applied to the selected nodes. The current node is considered to be part of the node selection for all operations.

The graph nodes can be selected using the mouse. To select many nodes at once, press and hold the Ctrl key during the mouse operation. The Alt key removes nodes from the current selection.

Internally, IDA keeps track of the selected nodes and edge layout points. Edge layout points are the points where edges are bent. If the current selection is moved in the graph, the selected edge layout points are moved too.

The default color for the title of the selected nodes is light gray. Other node titles are displayed with white color. 

Zooming graphs

The graph can be zoomed in and out. There are several ways of zooming the graph:

- Use Ctrl-Wheel. The current mouse position will be the zoom center
  point (i.e. this point will not move during the zoom operation)
- Use the predefined 'Zoom 100%' and 'Fit window' commands. They are
  available from the right-click menu or by their shortcuts: '1' and
  'W' respectively. The current mouse position is the zoom center
  point for the 'zoom 100%' command.
- Use Ctrl-KeypadPlus or Ctrl-KeypadMinus keys. The current keyboard
  cursor is the zoom center for these commands.
- Use Ctrl-Shift-drag. This lets you draw a rectangle to which IDA
  will zoom.

There are two options linked to the graph zooming:

- Auto fit graph to window: will fit the current graph to the window
  size. Default: off
- Fit window max zoom level 100%: the 'fit window' command does not
  use zoom levels higher than 100%. Default: on

The zoom level is never greater than 1000% and less than 1%. IDA remembers the current zoom level for each location in the navigation history. 

Scrolling graphs

The user can pan (shift) the graph by clicking with the left mouse button on the graph background and dragging it. In the rare case when there is no graph background visible on the screen, the Shift-click can be used to move the graph. This can happen on very high zoom levels, when the current node occupies the whole window.

The mouse wheel scrolls the graph vertically. If the Alt key is pressed, it will scroll the graph horizontally.

The Page Up and Page Down keys scroll the graph vertically. The keyboard arrows can scroll the graph if they reach the node border and cannot jump to another node in the specified direction.

Scrolling the graph does not change the keyboard cursor position. As soon as the graph is refreshed on the screen, IDA will scroll the graph so that the keyboard cursor becomes visible. 

Graph overview window

IDA has a small graph overview window. It displays the whole graph in the zoom out form and gives the user an idea about which part of the graph is visualized on the main window.

Clicking on the graph overview window visualizes different parts of the graph in the main window. It is also possible to click and drag the focus frame - the main window will be refreshed accordingly.

The graph overview window is visible only in the graph view node. As soon as another non-modal window gets focus, the graph overview is closed. It automatically opens when a graph view is activated.

The graph overview is displayed by default. To hide it, right click on the main toolbar background and select Navigation, Graph overview menu item.

The graph overview window can be resized to accommodate really huge graphs. 

Graph colors

Graph edges can have several colors. In graph view:

- Blue: a normal edge
- Green: if the jump is taken (its condition is satisfied)
- Red: if the jump is not taken
- Blinking: when in the debugger, the edge that will be followed blinks

And, in proximity view:

- Blue: Code cross-reference edge
- Gray: Data cross-reference edge

IDA highlights the current mouse items. If the mouse is hovered over an edge, it is highlighted. If the mouse is hovered over a node, all adjacent edges are highlighted. To turn off the highlighting, specify the 'current edge' color as an undefined custom color.

The 'highlighted edge' and 'foreign node' colors are not used yet. 

Graph options

Use graph view by default

       IDA switches to graph mode for each 'jump' command.

Enable graph animation

       Animate the graph layout, movement, and group collapsing/uncollapsing.
       While animation takes time, it gives the user some idea what's going on.

Draw node shadows

       Display shadows for each graph node. Shadows are not displayed
       for really huge or ridiculously small nodes.

Auto fit graph into window

       Zoom the graph so that it occupies the whole window.

Fit window max zoom level 100%

       The 'fit window' command maximal zoom level is 100%.

Re-layout graph if nodes overlap

       IDA recomputes the graph layout if a node overlap is detected.
       The presence of a custom layout (if the user has displaced
       some graph nodes) effectively turns off this option.

Re-layout graph uopn screen refresh

       IDA recomputes the graph layout at each screen refresh.
       Turning this option off accelerates IDA but then
       a manual layout might be required after some operations.

Truncate at the right margin

       All nodes at truncated at the right margin. The right margin
       is specified in the Options, General, Disassembly tab.
       This option narrows the graph but hides some information
       by truncating long lines.

Lock graph layout

       Locks the graph layout by ignoring attempts to displace
       nodes. This prevents the creation of custom layouts that might lead
       to ugly graph layouts when nodes change their sizes.

PROXIMITY VIEW

Show data references

       Show data cross-referenced items in proximity view.

Hide library functions

       Do not show data or code cross-references to library functions,
       only show cross-referenced local functions.

Unlimited children recursion

       Recurse until there are no more callees (children) of the currently
       selected central node and all of his children.

Recurse into library functions

       Displays children data or code cross-references from library
       functions.

Max parents recursion

       Maximum recursion level for displaying parents of the currently
       selected central node. The value '0' disables parents recursion.

Max children recursion

       Maximum recursion level for displaying children of the currently
       selected central node. The value '0' means no maximum recursion
       level.

Max nodes per level

       Maximum number of nodes to show per level of children and parents.