#include <rz_windows.h>
#include <DbgHelp.h>
#include <w32dbg_wrap.h>

Macros
#define	DEF_PROC(proc) static proc##_t *w32_##proc

#define	GET_PROC(proc)

Typedefs
typedef BOOL __stdcall	SymInitialize_t(_In_ HANDLE hProcess, _In_opt_ PCSTR UserSearchPath, _In_ BOOL fInvadeProcess)

typedef BOOL __stdcall	SymCleanup_t(_In_ HANDLE hProcess)

typedef PVOID __stdcall	SymFunctionTableAccess64_t(_In_ HANDLE hProcess, _In_ DWORD64 AddrBase)

typedef DWORD64 __stdcall	SymGetModuleBase64_t(_In_ HANDLE hProcess, _In_ DWORD64 qwAddr)

typedef BOOL __stdcall	StackWalk64_t(_In_ DWORD MachineType, _In_ HANDLE hProcess, _In_ HANDLE hThread, _Inout_ LPSTACKFRAME64 StackFrame, _Inout_ PVOID ContextRecord, _In_opt_ PREAD_PROCESS_MEMORY_ROUTINE64 ReadMemoryRoutine, _In_opt_ PFUNCTION_TABLE_ACCESS_ROUTINE64 FunctionTableAccessRoutine, _In_opt_ PGET_MODULE_BASE_ROUTINE64 GetModuleBaseRoutine, _In_opt_ PTRANSLATE_ADDRESS_ROUTINE64 TranslateAddress)

Functions
	DEF_PROC (SymInitialize)

	DEF_PROC (SymCleanup)

	DEF_PROC (SymFunctionTableAccess64)

	DEF_PROC (SymGetModuleBase64)

	DEF_PROC (StackWalk64)

static bool	initialize_sym_api (void)

static RzList *	backtrace_windows (RzDebug *dbg, ut64 at)

Macro Definition Documentation

◆ DEF_PROC

#define DEF_PROC ( proc ) static proc##_t *w32_##proc

Definition at line 8 of file windows-all.c.

◆ GET_PROC

#define GET_PROC ( proc )

Value:

    w32_##proc = (proc##_t *)GetProcAddress(dbghelp, #proc); \
    if (!w32_##proc) { \
        return false; \
    }

Definition at line 9 of file windows-all.c.

Typedef Documentation

◆ StackWalk64_t

typedef BOOL __stdcall StackWalk64_t(_In_ DWORD MachineType, _In_ HANDLE hProcess, _In_ HANDLE hThread, _Inout_ LPSTACKFRAME64 StackFrame, _Inout_ PVOID ContextRecord, _In_opt_ PREAD_PROCESS_MEMORY_ROUTINE64 ReadMemoryRoutine, _In_opt_ PFUNCTION_TABLE_ACCESS_ROUTINE64 FunctionTableAccessRoutine, _In_opt_ PGET_MODULE_BASE_ROUTINE64 GetModuleBaseRoutine, _In_opt_ PTRANSLATE_ADDRESS_ROUTINE64 TranslateAddress)

Definition at line 31 of file windows-all.c.

◆ SymCleanup_t

typedef BOOL __stdcall SymCleanup_t(_In_ HANDLE hProcess)

Definition at line 20 of file windows-all.c.

◆ SymFunctionTableAccess64_t

typedef PVOID __stdcall SymFunctionTableAccess64_t(_In_ HANDLE hProcess, _In_ DWORD64 AddrBase)

Definition at line 23 of file windows-all.c.

◆ SymGetModuleBase64_t

typedef DWORD64 __stdcall SymGetModuleBase64_t(_In_ HANDLE hProcess, _In_ DWORD64 qwAddr)

Definition at line 27 of file windows-all.c.

◆ SymInitialize_t

typedef BOOL __stdcall SymInitialize_t(_In_ HANDLE hProcess, _In_opt_ PCSTR UserSearchPath, _In_ BOOL fInvadeProcess)

Definition at line 15 of file windows-all.c.

Function Documentation

◆ backtrace_windows()

static RzList* backtrace_windows	(	RzDebug *	dbg,
		ut64	at
	)

static

Definition at line 66 of file windows-all.c.

                                                         {
     initialize_sym_api();
     static RzThreadLock *lock = NULL;
     if (!lock) {
         lock = rz_th_lock_new(false);
         if (!lock) {
             return NULL;
         }
     }
     W32DbgWInst *wrap = dbg->plugin_data;
 #if __arm64__
     DWORD machine_type = IMAGE_FILE_MACHINE_ARM64;
 #elif __arm__
     DWORD machine_type = IMAGE_FILE_MACHINE_ARMNT;
 #elif __x86_64__
     DWORD machine_type = IMAGE_FILE_MACHINE_AMD64;
 #else
     DWORD machine_type = IMAGE_FILE_MACHINE_I386;
 #endif
     STACKFRAME64 stack = { 0 };
     stack.AddrFrame.Mode = AddrModeFlat;
     stack.AddrFrame.Offset = rz_reg_getv(dbg->reg, rz_reg_get_name(dbg->reg, RZ_REG_NAME_BP));
     stack.AddrStack.Mode = AddrModeFlat;
     stack.AddrStack.Offset = rz_reg_getv(dbg->reg, rz_reg_get_name(dbg->reg, RZ_REG_NAME_SP));
     stack.AddrPC.Mode = AddrModeFlat;
     stack.AddrPC.Offset = rz_reg_getv(dbg->reg, rz_reg_get_name(dbg->reg, RZ_REG_NAME_PC));
  
     RzList *list = rz_list_newf(free);
     if (!list) {
         return NULL;
     }
     CONTEXT *ctx = (CONTEXT *)rz_reg_arena_peek(dbg->reg);
     rz_th_lock_enter(lock);
     w32_SymInitialize(wrap->pi.hProcess, NULL, TRUE);
     while (w32_StackWalk64(machine_type, wrap->pi.hProcess, wrap->pi.hThread, &stack, ctx, NULL, w32_SymFunctionTableAccess64, w32_SymGetModuleBase64, NULL)) {
         RzDebugFrame *frame = RZ_NEW0(RzDebugFrame);
         if (!frame) {
             break;
         }
         frame->addr = stack.AddrPC.Offset;
         frame->bp = stack.AddrFrame.Offset;
         frame->sp = stack.AddrStack.Offset;
         frame->size = frame->bp - frame->sp;
         if (!rz_list_append(list, frame)) {
             free(frame);
             break;
         }
     }
     w32_SymCleanup(wrap->pi.hProcess);
     rz_th_lock_leave(lock);
     free(ctx);
     return list;
 }

References rz_debug_frame_t::addr, rz_debug_frame_t::bp, dbg, DWORD, free(), IMAGE_FILE_MACHINE_ARM64, initialize_sym_api(), list(), lock(), NULL, W32DbgWInst::pi, rz_debug_t::plugin_data, rz_debug_t::reg, rz_list_append(), rz_list_newf(), RZ_NEW0, rz_reg_arena_peek(), rz_reg_get_name(), rz_reg_getv(), RZ_REG_NAME_BP, RZ_REG_NAME_PC, RZ_REG_NAME_SP, rz_th_lock_enter(), rz_th_lock_leave(), rz_th_lock_new(), rz_debug_frame_t::size, rz_debug_frame_t::sp, and TRUE.

Referenced by rz_debug_native_frames().

◆ DEF_PROC() [1/5]

DEF_PROC ( StackWalk64 )

◆ DEF_PROC() [2/5]

DEF_PROC ( SymCleanup )

◆ DEF_PROC() [3/5]

DEF_PROC ( SymFunctionTableAccess64 )

◆ DEF_PROC() [4/5]

DEF_PROC ( SymGetModuleBase64 )

◆ DEF_PROC() [5/5]

DEF_PROC ( SymInitialize )

◆ initialize_sym_api()

static bool initialize_sym_api ( void )

inlinestatic

Definition at line 48 of file windows-all.c.

                                             {
     static bool initialized = false;
     if (initialized) {
         return true;
     }
     HMODULE dbghelp = LoadLibrary(TEXT("DbgHelp"));
     if (!dbghelp) {
         return false;
     }
     GET_PROC(SymInitialize);
     GET_PROC(SymCleanup);
     GET_PROC(SymFunctionTableAccess64);
     GET_PROC(SymGetModuleBase64);
     GET_PROC(StackWalk64);
     initialized = true;
     return true;
 }

References GET_PROC, and initialized.

Referenced by backtrace_windows().

Macros

Typedefs

Functions