5 #define WIN32_NO_STATUS
7 #include "../../common_windows.h"
14 #define SystemHandleInformation 16
18 if (!OpenProcessToken(GetCurrentProcess(), TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY, &tok)) {
23 if (LookupPrivilegeValue(
NULL, SE_DEBUG_NAME, &luid)) {
25 tp.PrivilegeCount = 1;
26 tp.Privileges[0].Luid = luid;
27 tp.Privileges[0].Attributes =
b ? SE_PRIVILEGE_ENABLED : 0;
30 ret = GetLastError() == ERROR_SUCCESS;
47 HMODULE lib = GetModuleHandleW(
L"kernel32");
53 w32_ProcessIdToSessionId = (BOOL(WINAPI *)(
DWORD,
DWORD *))
54 GetProcAddress(lib,
"ProcessIdToSessionId");
57 GetProcAddress(lib,
"QueryFullProcessImageNameW");
60 w32_GetEnabledXStateFeatures = (
ut64(WINAPI *)())
61 GetProcAddress(lib,
"GetEnabledXStateFeatures");
64 GetProcAddress(lib,
"InitializeContext");
66 w32_GetXStateFeaturesMask = (BOOL(WINAPI *)(PCONTEXT
Context,
PDWORD64))
67 GetProcAddress(lib,
"GetXStateFeaturesMask");
70 GetProcAddress(lib,
"LocateXStateFeature");
72 w32_SetXStateFeaturesMask = (BOOL(WINAPI *)(PCONTEXT
Context,
DWORD64))
73 GetProcAddress(lib,
"SetXStateFeaturesMask");
75 lib = GetModuleHandleW(
L"ntdll.dll");
77 eprintf(
"Cannot load ntdll.dll. Aborting\n");
81 GetProcAddress(lib,
"NtQuerySystemInformation");
84 GetProcAddress(lib,
"NtDuplicateObject");
87 GetProcAddress(lib,
"NtQueryObject");
90 GetProcAddress(lib,
"NtQueryInformationThread");
96 return (
int)!(*tid == th->
tid);
112 if (!lpStartAddress) {
113 w32_NtQueryInformationThread(hThread, 9, &lpStartAddress,
sizeof(LPVOID),
NULL);
141 if ((ret = SuspendThread(th)) == -1) {
149 if ((ret = ResumeThread(th)) == -1) {
168 if (SuspendThread(th->
hThread) != -1) {
180 if (!GetExitCodeProcess(
ph, &
code)) {
181 GetExitCodeThread(
ph, &
code);
183 return code == STILL_ACTIVE;
193 if (!(ret = SetThreadContext(th, &
ctx))) {
203 ctx.ContextFlags = context_flags;
204 if (GetThreadContext(th, &
ctx)) {
218 #if __i386__ || __x86_64__
234 int nregs = 0, index = 0;
236 DWORD featurelen = 0;
237 ut64 featuremask = 0;
242 if (!w32_GetEnabledXStateFeatures) {
246 featuremask = w32_GetEnabledXStateFeatures();
264 if (!GetThreadContext(th,
ctx)) {
267 if (w32_GetXStateFeaturesMask(
ctx, &featuremask)) {
271 nregs = featurelen /
sizeof(*newxmm);
272 for (index = 0; index < nregs; index++) {
278 if (newxmm !=
NULL) {
279 for (index = 0; index < nregs; index++) {
280 xmm[index].
High = newxmm[index].
High;
281 xmm[index].
Low = newxmm[index].
Low;
290 for (index = 0; index < nregs; index++) {
291 ymm[index].
High = newymm[index].
High;
292 ymm[index].
Low = newymm[index].
Low;
306 int x, nxmm = 0, nymm = 0;
308 eprintf(
"ControlWord = %08x StatusWord = %08x\n",
ctx->FltSave.ControlWord,
ctx->FltSave.StatusWord);
309 eprintf(
"MxCsr = %08lx TagWord = %08x\n",
ctx->MxCsr,
ctx->FltSave.TagWord);
310 eprintf(
"ErrorOffset = %08lx DataOffset = %08lx\n",
ctx->FltSave.ErrorOffset,
ctx->FltSave.DataOffset);
311 eprintf(
"ErrorSelector = %08x DataSelector = %08x\n",
ctx->FltSave.ErrorSelector,
ctx->FltSave.DataSelector);
312 for (
x = 0;
x < 8;
x++) {
313 st[
x].
Low =
ctx->FltSave.FloatRegisters[
x].Low;
316 top = (
ctx->FltSave.StatusWord & 0x3fff) >> 11;
317 for (
x = 0;
x < 8;
x++) {
318 mm[top] =
ctx->FltSave.FloatRegisters[
x].Low;
324 for (
x = 0;
x < 16;
x++) {
325 xmm[
x].
High =
ctx->FltSave.XmmRegisters[
x].High;
326 xmm[
x].
Low =
ctx->FltSave.XmmRegisters[
x].Low;
330 eprintf(
"ControlWord = %08x StatusWord = %08x\n", (
ut32)
ctx->FloatSave.ControlWord, (
ut32)
ctx->FloatSave.StatusWord);
331 eprintf(
"MxCsr = %08x TagWord = %08x\n", *(
ut32 *)&
ctx->ExtendedRegisters[24], (
ut32)
ctx->FloatSave.TagWord);
332 eprintf(
"ErrorOffset = %08x DataOffset = %08x\n", (
ut32)
ctx->FloatSave.ErrorOffset, (
ut32)
ctx->FloatSave.DataOffset);
333 eprintf(
"ErrorSelector = %08x DataSelector = %08x\n", (
ut32)
ctx->FloatSave.ErrorSelector, (
ut32)
ctx->FloatSave.DataSelector);
334 for (
x = 0;
x < 8;
x++) {
338 top = (
ctx->FloatSave.StatusWord & 0x3fff) >> 11;
339 for (
x = 0;
x < 8;
x++) {
340 mm[top] = *((
ut64 *)&
ctx->FloatSave.RegisterArea[
x * 10]);
346 for (
x = 0;
x < 8;
x++) {
347 xmm[
x] = *((
ut128 *)&
ctx->ExtendedRegisters[(10 +
x) * 16]);
352 for (
x = 0;
x < 8;
x++) {
358 eprintf(
"ST%i %04x %016" PFMT64x " (%f)\n",
x, st[
x].High, st[
x].Low, (
double)(*((
long double *)&st[
x])));
360 for (
x = 0;
x < 8;
x++) {
363 for (
x = 0;
x < nxmm;
x++) {
367 nymm = get_avx(th, xmm, ymm);
369 for (
x = 0;
x < nymm;
x++) {
378 CONTEXT *new_ctx = (CONTEXT *)
buf;
379 size_t drx_size =
offsetof(CONTEXT, Dr7) -
offsetof(CONTEXT, Dr0) +
sizeof(new_ctx->Dr7);
380 memcpy(&cur_ctx.Dr0, &new_ctx->Dr0, drx_size);
402 const ut32 bas = 0xF << 5;
403 const ut32 priv = 1 << 2;
404 const ut32 enable = 1;
410 const unsigned int offset = address % 8;
412 const ut32 priv = 1 << 2;
413 const ut32 enable = 1;
426 *
control = byte_mask << 5 | load_store << 3 | priv | enable;
461 eprintf(
"Too many hardware watchpoints\n");
475 eprintf(
"Too many hardware breakpoints\n");
533 if (wrap->
pi.dwThreadId == tid) {
534 th = wrap->
pi.hThread;
545 bool showfpu =
false;
595 return wrap->
pi.hProcess && wrap->
pi.dwProcessId ==
pid && wrap->
pi.dwThreadId;
601 return wrap->
pi.dwThreadId;
604 CloseHandle(wrap->
pi.hProcess);
607 wrap->
pi.dwProcessId =
pid;
614 wrap->
pi.dwProcessId = 0;
619 return wrap->
pi.dwThreadId;
641 wrap->
pi.dwProcessId =
pid;
652 DWORD file_size_high = 0;
654 DWORD file_size_low = GetFileSize(handle_file, &file_size_high);
656 if (file_size_low == 0 && file_size_high == 0) {
659 handle_file_map = CreateFileMappingW(handle_file,
NULL, PAGE_READONLY, 0, 1,
NULL);
660 if (!handle_file_map) {
661 goto err_get_file_name_from_handle;
665 goto err_get_file_name_from_handle;
668 map = MapViewOfFile(handle_file_map, FILE_MAP_READ, 0, 0, 1);
669 if (!
map || !GetMappedFileNameW(GetCurrentProcess(),
map,
filename, MAX_PATH)) {
671 goto err_get_file_name_from_handle;
673 WCHAR temp_buffer[512];
675 if (!GetLogicalDriveStringsW(_countof(temp_buffer) - 1, temp_buffer)) {
676 goto err_get_file_name_from_handle;
678 WCHAR
name[MAX_PATH];
679 WCHAR drive[3] =
L" :";
680 LPWSTR cur_drive = temp_buffer;
684 if (QueryDosDeviceW(drive,
name, MAX_PATH)) {
685 size_t name_length = wcslen(
name);
687 if (name_length < MAX_PATH) {
689 WCHAR temp_filename[MAX_PATH];
690 _snwprintf_s(temp_filename, MAX_PATH, _TRUNCATE,
L"%s%s",
693 wcslen(temp_filename) + 1);
701 err_get_file_name_from_handle:
703 UnmapViewOfFile(
map);
705 if (handle_file_map) {
706 CloseHandle(handle_file_map);
709 char *ret = rz_sys_conv_win_to_utf8(
filename);
718 const DWORD maxlength = MAX_PATH;
743 WCHAR device[MAX_PATH];
745 for (WCHAR drv[] =
L"A:"; drv[0] <=
L'Z'; drv[0]++) {
746 if (QueryDosDeviceW(drv, device, maxlength) > 0) {
748 WCHAR
path[MAX_PATH];
749 _snwprintf(
path, maxlength,
L"%s%s", drv,
tmp);
750 ret = rz_utf16_to_utf8(
path);
763 CloseHandle(lib_item->
hFile);
792 rz_list_foreach (
lib_list, it, lib) {
904 if (TerminateProcess(wrap->
pi.hProcess, 1)) {
918 if (!DebugBreakProcess(wrap->
pi.hProcess)) {
920 eprintf(
"Could not interrupt program, attempt to press Ctrl-C in the program's console.\n");
930 int tid, next_event = 0;
931 char *dllname =
NULL;
933 static int exited_already = 0;
940 if (exited_already ==
pid) {
943 memset(&de, 0,
sizeof(DEBUG_EVENT));
974 dbg->
tid = tid = de.dwThreadId;
978 switch (de.dwDebugEventCode) {
979 case CREATE_PROCESS_DEBUG_EVENT:
980 CloseHandle(de.u.CreateProcessInfo.hFile);
981 add_thread(
dbg,
pid, tid, de.u.CreateProcessInfo.hThread, de.u.CreateProcessInfo.lpThreadLocalBase, de.u.CreateProcessInfo.lpStartAddress,
FALSE);
982 wrap->
pi.hProcess = de.u.CreateProcessInfo.hProcess;
983 wrap->
pi.hThread = de.u.CreateProcessInfo.hThread;
984 wrap->
winbase = (ULONG_PTR)de.u.CreateProcessInfo.lpBaseOfImage;
988 case CREATE_THREAD_DEBUG_EVENT:
989 add_thread(
dbg,
pid, tid, de.u.CreateThread.hThread, de.u.CreateThread.lpThreadLocalBase, de.u.CreateThread.lpStartAddress,
FALSE);
996 case EXIT_PROCESS_DEBUG_EVENT:
997 case EXIT_THREAD_DEBUG_EVENT: {
1006 if (de.dwDebugEventCode == EXIT_PROCESS_DEBUG_EVENT) {
1007 exited_already =
pid;
1016 case LOAD_DLL_DEBUG_EVENT:
1019 add_library(
pid, de.u.LoadDll.lpBaseOfDll, de.u.LoadDll.hFile, dllname);
1025 case UNLOAD_DLL_DEBUG_EVENT: {
1034 case OUTPUT_DEBUG_STRING_EVENT: {
1035 char *
str =
calloc(de.u.DebugString.nDebugStringLength,
sizeof(WCHAR));
1036 ReadProcessMemory(wrap->
pi.hProcess, de.u.DebugString.lpDebugStringData,
str, de.u.DebugString.nDebugStringLength,
NULL);
1037 char *
tmp = de.u.DebugString.fUnicode
1038 ? rz_utf16_to_utf8((
wchar_t *)
str)
1039 : rz_acp_to_utf8(
str);
1056 case EXCEPTION_DEBUG_EVENT:
1058 switch (de.u.Exception.ExceptionRecord.ExceptionCode) {
1060 eprintf(
"Received CTRL+C, suspending execution\n");
1079 if (
rz_bp_get_at(
dbg->
bp, (
size_t)de.u.Exception.ExceptionRecord.ExceptionAddress)) {
1084 EXCEPTION_DEBUG_INFO *exp = &de.u.Exception;
1102 eprintf(
"(%d) unknown event: %lu\n",
pid, de.dwDebugEventCode);
1107 }
while (next_event);
1117 #if __arm__ || __arm64__
1123 if (
ctx.Cpsr & 0x20) {
1169 ? DBG_EXCEPTION_NOT_HANDLED
1170 : DBG_EXCEPTION_HANDLED;
1188 LPVOID base = VirtualAllocEx(wrap->
pi.hProcess, (LPVOID)
addr, (SIZE_T)
size, MEM_COMMIT, PAGE_READWRITE);
1199 if (!VirtualFreeEx(wrap->
pi.hProcess, (LPVOID)
addr, 0, MEM_RELEASE)) {
1210 prot_perms = PAGE_EXECUTE_READWRITE;
1212 prot_perms = PAGE_EXECUTE_READWRITE;
1214 prot_perms = PAGE_EXECUTE_READ;
1216 prot_perms = PAGE_READWRITE;
1218 prot_perms = PAGE_READWRITE;
1220 prot_perms = PAGE_EXECUTE;
1222 prot_perms = PAGE_READONLY;
1224 prot_perms = PAGE_NOACCESS;
1232 return VirtualProtectEx(wrap->
pi.hProcess, (LPVOID)(
size_t)
addr,
1239 #elif __arm__ || __arm64__
1244 #pragma warning("platform not supported")
1250 bool close_handle =
false;
1253 ph = OpenProcess(PROCESS_QUERY_INFORMATION | PROCESS_VM_READ,
FALSE,
pid);
1255 ph = OpenProcess(PROCESS_QUERY_INFORMATION,
FALSE,
pid);
1257 ph = OpenProcess(PROCESS_QUERY_LIMITED_INFORMATION,
FALSE,
pid);
1263 close_handle =
true;
1265 if (w32_QueryFullProcessImageNameW) {
1266 WCHAR
tmp[MAX_PATH + 1];
1267 DWORD sz = MAX_PATH;
1268 if (w32_QueryFullProcessImageNameW(
ph, 0,
tmp, &sz)) {
1282 HANDLE th = CreateToolhelp32Snapshot(TH32CS_SNAPTHREAD, 0);
1288 te.dwSize =
sizeof(te);
1289 HANDLE ph = OpenProcess(PROCESS_QUERY_INFORMATION | PROCESS_VM_READ,
FALSE,
pid);
1290 if (Thread32First(th, &te)) {
1294 if (!te.th32ThreadID) {
1297 if (w32_ProcessIdToSessionId && w32_ProcessIdToSessionId(
pid, &sid)) {
1305 int saved_tid =
dbg->
tid;
1308 if (te.th32OwnerProcessID ==
pid) {
1311 CONTEXT
ctx = { 0 };
1312 dbg->
tid = te.th32ThreadID;
1329 }
while (Thread32Next(th, &te));
1342 PTOKEN_USER tok_usr =
NULL;
1344 DWORD usr_len = 512;
1345 DWORD usr_dom_len = 512;
1346 SID_NAME_USE snu = { 0 };
1349 if (!wrap || !wrap->
pi.hProcess) {
1352 if (!OpenProcessToken(wrap->
pi.hProcess, TOKEN_QUERY, &h_tok)) {
1354 goto err_w32_info_user;
1356 if (!GetTokenInformation(h_tok, TokenUser, (LPVOID)&tok_usr, 0, &tok_len) && GetLastError() != ERROR_INSUFFICIENT_BUFFER) {
1358 goto err_w32_info_user;
1360 tok_usr = (PTOKEN_USER)
malloc(tok_len);
1362 goto err_w32_info_user;
1364 if (!GetTokenInformation(h_tok, TokenUser, (LPVOID)tok_usr, tok_len, &tok_len)) {
1366 goto err_w32_info_user;
1370 goto err_w32_info_user;
1375 goto err_w32_info_user;
1378 if (!LookupAccountSidW(
NULL, tok_usr->User.Sid, usr, &usr_len, usr_dom, &usr_dom_len, &snu)) {
1380 goto err_w32_info_user;
1385 rdi->usr = rz_utf16_to_utf8(usr);
1430 if (w32_ProcessIdToSessionId && w32_ProcessIdToSessionId(
pid, &sid)) {
1445 HANDLE sh = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS,
pid);
1451 pe.dwSize =
sizeof(pe);
1452 if (Process32FirstW(sh, &pe)) {
1455 if (
all || pe.th32ProcessID ==
pid || pe.th32ParentProcessID ==
pid) {
1458 dbg->
pid == pe.th32ProcessID ? wrap->
pi.hProcess :
NULL, pe.szExeFile);
1463 }
while (Process32NextW(sh, &pe));
1473 if (!(
ph = OpenProcess(PROCESS_DUP_HANDLE,
FALSE,
pid))) {
1476 ULONG handleInfoSize = 0x10000;
1478 if (!objectTypeInfo) {
1492 handleInfoSize *= 2;
1493 void *
tmp =
realloc(handleInfo, (
size_t)handleInfoSize);
1504 size_t objectNameInfo_sz = 0x1000;
1505 objectNameInfo =
malloc(objectNameInfo_sz);
1506 if (!objectNameInfo) {
1518 if (w32_NtDuplicateObject(
ph, (
HANDLE)(
size_t)
handle.Handle, GetCurrentProcess(), &dupHandle, 0, 0, 0)) {
1521 if (w32_NtQueryObject(dupHandle, 2, objectTypeInfo, 0x1000,
NULL)) {
1522 CloseHandle(dupHandle);
1525 if (wcscmp(objectTypeInfo->
Name.
Buffer,
L"File")) {
1526 CloseHandle(dupHandle);
1530 if ((
handle.GrantedAccess & gm->GenericRead) == gm->GenericRead) {
1533 if ((
handle.GrantedAccess & gm->GenericWrite) == gm->GenericWrite) {
1536 if ((
handle.GrantedAccess & gm->GenericExecute) == gm->GenericExecute) {
1539 if (w32_NtQueryObject(dupHandle, 1, objectNameInfo, objectNameInfo_sz, &returnLength)) {
1540 void *
tmp =
realloc(objectNameInfo, returnLength);
1542 objectNameInfo =
tmp;
1543 objectNameInfo_sz = returnLength;
1545 if (w32_NtQueryObject(dupHandle, 1, objectNameInfo, objectNameInfo_sz,
NULL)) {
1546 CloseHandle(dupHandle);
1551 if (objectName->
Length) {
1552 char *
name = rz_utf16_to_utf8_l(objectName->
Buffer, objectName->
Length / 2);
1570 CloseHandle(dupHandle);
1573 free(objectNameInfo);
1574 free(objectTypeInfo);
static mcore_handle handle
RZ_API RZ_BORROW RzBreakpointItem * rz_bp_get_at(RZ_NONNULL RzBreakpoint *bp, ut64 addr)
Get the breakpoint at exactly addr.
#define EXCEPTION_SINGLE_STEP
RzDebugReasonType windows_exception_to_reason(ut32 exception_code)
#define EXCEPTION_BREAKPOINT
void windows_print_exception_event(ut32 pid, ut32 tid, ut32 exception_code, bool second_chance)
bool windows_is_exception_fatal(ut32 exception_code)
RZ_API void * rz_cons_sleep_begin(void)
RZ_API void rz_cons_break_pop(void)
RZ_API void rz_cons_break_push(RzConsBreak cb, void *user)
RZ_API void rz_cons_sleep_end(void *user)
static static fork const void static count static fd const char const char static newpath const char static path const char path
static static sync static getppid static getegid const char static filename char static len const char char static bufsiz static mask static vfork const void static prot static getpgrp const char static swapflags static arg static fd static protocol static who struct sockaddr static addrlen static backlog struct timeval struct timezone static tz const struct iovec static count static mode const void const struct sockaddr static tolen const char static pathname void static offset struct stat static buf void long static basep static whence static length const void static len static semflg const void static shmflg const struct timespec struct timespec static rem const char static group const void length
RZ_API RzDebugDesc * rz_debug_desc_new(int fd, char *path, int perm, int type, int off)
RZ_API void rz_debug_desc_free(RzDebugDesc *p)
RZ_API RzDebugMap * rz_debug_map_get(RzDebug *dbg, ut64 addr)
RZ_API bool rz_debug_map_sync(RzDebug *dbg)
struct dwarf_parse_context_t Context
size_t map(int syms, int left, int len)
RZ_API void Ht_() free(HtName_(Ht) *ht)
#define INVALID_HANDLE_VALUE
#define offsetof(type, member)
return memset(p, 0, total)
memcpy(mem, inblock.get(), min(CONTAINING_RECORD(inblock.get(), MEMBLOCK, data) ->size, size))
RZ_API int rz_debug_continue(RzDebug *dbg)
RZ_API bool rz_debug_select(RzDebug *dbg, int pid, int tid)
static void list(RzEgg *egg)
RZ_API RZ_BORROW RzListIter * rz_list_find(RZ_NONNULL const RzList *list, const void *p, RZ_NONNULL RzListComparator cmp)
Returns RzListIter element which matches via the RzListComparator.
RZ_API RZ_OWN RzList * rz_list_newf(RzListFree f)
Returns a new initialized RzList pointer and sets the free method.
RZ_API bool rz_list_delete_data(RZ_NONNULL RzList *list, void *ptr)
Deletes an entry in the list by searching for a pointer.
RZ_API RZ_BORROW RzListIter * rz_list_append(RZ_NONNULL RzList *list, void *data)
Appends at the end of the list a new element.
RZ_API void rz_list_purge(RZ_NONNULL RzList *list)
Empties the list without freeing the list pointer.
void * realloc(void *ptr, size_t size)
void * malloc(size_t size)
void * calloc(size_t number, size_t size)
static static fork const void static count static fd const char const char static newpath char char char static envp time_t static t const char static mode static whence const char static dir time_t static t unsigned static seconds const char struct utimbuf static buf static inc pid
return strdup("=SP r13\n" "=LR r14\n" "=PC r15\n" "=A0 r0\n" "=A1 r1\n" "=A2 r2\n" "=A3 r3\n" "=ZF zf\n" "=SF nf\n" "=OF vf\n" "=CF cf\n" "=SN or0\n" "gpr lr .32 56 0\n" "gpr pc .32 60 0\n" "gpr cpsr .32 64 0 ____tfiae_________________qvczn\n" "gpr or0 .32 68 0\n" "gpr tf .1 64.5 0 thumb\n" "gpr ef .1 64.9 0 endian\n" "gpr jf .1 64.24 0 java\n" "gpr qf .1 64.27 0 sticky_overflow\n" "gpr vf .1 64.28 0 overflow\n" "gpr cf .1 64.29 0 carry\n" "gpr zf .1 64.30 0 zero\n" "gpr nf .1 64.31 0 negative\n" "gpr itc .4 64.10 0 if_then_count\n" "gpr gef .4 64.16 0 great_or_equal\n" "gpr r0 .32 0 0\n" "gpr r1 .32 4 0\n" "gpr r2 .32 8 0\n" "gpr r3 .32 12 0\n" "gpr r4 .32 16 0\n" "gpr r5 .32 20 0\n" "gpr r6 .32 24 0\n" "gpr r7 .32 28 0\n" "gpr r8 .32 32 0\n" "gpr r9 .32 36 0\n" "gpr r10 .32 40 0\n" "gpr r11 .32 44 0\n" "gpr r12 .32 48 0\n" "gpr r13 .32 52 0\n" "gpr r14 .32 56 0\n" "gpr r15 .32 60 0\n" "gpr r16 .32 64 0\n" "gpr r17 .32 68 0\n")
static const char struct stat static buf struct stat static buf static vhangup int status
#define ARM64_MAX_WATCHPOINTS
#define ARM64_MAX_BREAKPOINTS
RZ_API RzDebugPid * rz_debug_pid_new(const char *path, int pid, int uid, char status, ut64 pc)
#define rz_warn_if_reached()
#define rz_return_val_if_fail(expr, val)
@ RZ_DEBUG_REASON_NEW_TID
@ RZ_DEBUG_REASON_UNKNOWN
@ RZ_DEBUG_REASON_BREAKPOINT
@ RZ_DEBUG_REASON_USERSUSP
@ RZ_DEBUG_REASON_NEW_LIB
@ RZ_DEBUG_REASON_EXIT_LIB
@ RZ_DEBUG_REASON_NEW_PID
@ RZ_DEBUG_REASON_EXIT_PID
@ RZ_DEBUG_REASON_EXIT_TID
RZ_API const char * rz_file_basename(const char *path)
void(* RzListFree)(void *ptr)
int(* RzListComparator)(const void *value, const void *list_data)
#define RZ_LOG_ERROR(fmtstr,...)
RZ_API char * rz_str_newf(const char *fmt,...) RZ_PRINTF_CHECK(1
RZ_API ut64 rz_time_now(void)
Returns the current time in microseconds.
struct W32DbgWParams::@606::@608 wait
RzDebugReasonType(* wait)(RzDebug *dbg, int pid)
struct rz_debug_plugin_t * cur
int w32dbg_wrap_wait_ret(W32DbgWInst *inst)
#define w32dbgw_err(inst)
#define w32dbgw_ret(inst)
#define STATUS_INFO_LENGTH_MISMATCH
RzDebugInfo * w32_info(RzDebug *dbg, const char *arg)
int w32_attach_new_process(RzDebug *dbg, int pid)
static bool is_breakpoint(RzBreakpointItem *b)
static PTHREAD_ITEM find_thread(RzDebug *dbg, int tid)
int w32_hwbp_arm_del(RzDebug *dbg, RzBreakpoint *bp, RzBreakpointItem *b)
int w32_attach(RzDebug *dbg, int pid)
static char * resolve_path(HANDLE ph, HANDLE mh)
static int set_thread_context(HANDLE th, const ut8 *buf, int size)
static int w32_findthread_cmp(int *tid, PTHREAD_ITEM th)
static void w32_info_exe(RzDebug *dbg, RzDebugInfo *rdi)
static void add_library(DWORD pid, LPVOID lpBaseOfDll, HANDLE hFile, char *dllname)
static char * get_file_name_from_handle(HANDLE handle_file)
static void transfer_drx(RzDebug *dbg, const ut8 *buf)
static int findlibcmp(void *BaseOfDll, void *lib)
static char * get_process_path(HANDLE ph, int pid)
static RzDebugPid * build_debug_pid(int pid, int ppid, HANDLE ph, const WCHAR *name)
int w32_step(RzDebug *dbg)
bool setup_debug_privileges(bool b)
static void continue_thread(HANDLE th)
static void libfree(void *lib)
int w32_map_protect(RzDebug *dbg, ut64 addr, int size, int perms)
RzList * w32_thread_list(RzDebug *dbg, int pid, RzList *list)
static bool is_watchpoint(RzBreakpointItem *b)
static HANDLE get_thread_handle_from_tid(RzDebug *dbg, int tid)
void w32_break_process(void *user)
int w32_map_dealloc(RzDebug *dbg, ut64 addr, int size)
static void remove_library(PLIB_ITEM library)
static ut64 pc_from_context(CONTEXT *ctx)
int w32_init(RzDebug *dbg)
static void * last_library(void)
static int get_thread_context(HANDLE th, ut8 *buf, int size, DWORD context_flags)
int w32_dbg_wait(RzDebug *dbg, int pid)
RzList * w32_pid_list(RzDebug *dbg, int pid, RzList *list)
static PTHREAD_ITEM add_thread(RzDebug *dbg, DWORD pid, DWORD tid, HANDLE hThread, LPVOID lpThreadLocalBase, LPVOID lpStartAddress, BOOL bFinished)
int w32_kill(RzDebug *dbg, int pid, int tid, int sig)
int w32_reg_read(RzDebug *dbg, int type, ut8 *buf, int size)
static bool is_thread_alive(RzDebug *dbg, int tid)
static void get_arm_hwbp_values(ut64 address, ut32 *control, ut64 *value)
static int io_perms_to_prot(int io_perms)
int w32_hwbp_arm_add(RzDebug *dbg, RzBreakpoint *bp, RzBreakpointItem *b)
static bool is_process_alive(HANDLE ph)
int w32_continue(RzDebug *dbg, int pid, int tid, int sig)
#define SystemHandleInformation
static int resume_thread(HANDLE th)
static bool already_attached(W32DbgWInst *wrap, int pid)
int w32_detach(RzDebug *dbg, int pid)
int w32_select(RzDebug *dbg, int pid, int tid)
static void print_fpu_context(HANDLE th, CONTEXT *buf)
int w32_reg_write(RzDebug *dbg, int type, const ut8 *buf, int size)
RzList * w32_desc_list(int pid)
static void w32_info_user(RzDebug *dbg, RzDebugInfo *rdi)
static void get_arm64_hwwp_values(ut64 address, int size, int rw, ut32 *control, ut64 *value)
static int suspend_thread(HANDLE th)
static void * find_library(void *BaseOfDll)
RzDebugMap * w32_map_alloc(RzDebug *dbg, ut64 addr, int size)
struct LIB_ITEM * PLIB_ITEM
struct _SYSTEM_HANDLE_INFORMATION * PSYSTEM_HANDLE_INFORMATION
ut64(WINAPI *w32_GetEnabledXStateFeatures)()
#define XSTATE_LEGACY_SSE
1.9.1