Rizin
unix-like reverse engineering framework and cli tools
Classes | Macros | Typedefs | Enumerations | Functions | Variables
windows_debug.h File Reference
#include <rz_types.h>
#include <rz_debug.h>
#include <rz_windows.h>
#include <tlhelp32.h>
#include <psapi.h>
#include <winternl.h>
#include <tchar.h>
#include <w32dbg_wrap.h>

Go to the source code of this file.

Classes

struct  _SYSTEM_HANDLE
 
struct  _SYSTEM_HANDLE_INFORMATION
 
struct  _OBJECT_TYPE_INFORMATION
 
struct  THREAD_ITEM
 
struct  LIB_ITEM
 

Macros

#define XSTATE_GSSE   2
 
#define XSTATE_LEGACY_SSE   1
 
#define XSTATE_MASK_GSSE   (1LLU << (XSTATE_GSSE))
 
#define CONTEXT_XSTATE   (0x00010040)
 
#define XSTATE_AVX   (XSTATE_GSSE)
 
#define XSTATE_MASK_AVX   (XSTATE_MASK_GSSE)
 
#define CONTEXT_ALL   1048607
 

Typedefs

typedef struct _SYSTEM_HANDLE SYSTEM_HANDLE
 
typedef struct _SYSTEM_HANDLEPSYSTEM_HANDLE
 
typedef struct _SYSTEM_HANDLE_INFORMATION SYSTEM_HANDLE_INFORMATION
 
typedef struct _SYSTEM_HANDLE_INFORMATIONPSYSTEM_HANDLE_INFORMATION
 
typedef enum _POOL_TYPE POOL_TYPE
 
typedef enum _POOL_TYPEPPOOL_TYPE
 
typedef struct _OBJECT_TYPE_INFORMATION OBJECT_TYPE_INFORMATION
 
typedef struct _OBJECT_TYPE_INFORMATIONPOBJECT_TYPE_INFORMATION
 
typedef struct THREAD_ITEMPTHREAD_ITEM
 
typedef struct LIB_ITEMPLIB_ITEM
 

Enumerations

enum  _POOL_TYPE {
  NonPagedPool , PagedPool , NonPagedPoolMustSucceed , DontUseThisType ,
  NonPagedPoolCacheAligned , PagedPoolCacheAligned , NonPagedPoolCacheAlignedMustS
}
 

Functions

 ut64 (WINAPI *w32_GetEnabledXStateFeatures)()
 
int w32_init (RzDebug *dbg)
 
int w32_reg_read (RzDebug *dbg, int type, ut8 *buf, int size)
 
int w32_reg_write (RzDebug *dbg, int type, const ut8 *buf, int size)
 
int w32_attach (RzDebug *dbg, int pid)
 
int w32_detach (RzDebug *dbg, int pid)
 
int w32_attach_new_process (RzDebug *dbg, int pid)
 
int w32_select (RzDebug *dbg, int pid, int tid)
 
int w32_kill (RzDebug *dbg, int pid, int tid, int sig)
 
void w32_break_process (void *user)
 
int w32_dbg_wait (RzDebug *dbg, int pid)
 
int w32_step (RzDebug *dbg)
 
int w32_continue (RzDebug *dbg, int pid, int tid, int sig)
 
RzDebugMapw32_map_alloc (RzDebug *dbg, ut64 addr, int size)
 
int w32_map_dealloc (RzDebug *dbg, ut64 addr, int size)
 
int w32_map_protect (RzDebug *dbg, ut64 addr, int size, int perms)
 
RzListw32_thread_list (RzDebug *dbg, int pid, RzList *list)
 
RzDebugInfow32_info (RzDebug *dbg, const char *arg)
 
RzListw32_pid_list (RzDebug *dbg, int pid, RzList *list)
 
RzListw32_desc_list (int pid)
 

Variables

 DWORD
 
DWORDHANDLE
 
DWORD LPWSTR
 
DWORD PDWORD
 
 ULONG
 
 PVOID
 
 PULONG
 
 PHANDLE
 
 ACCESS_MASK
 
PCONTEXT Context
 
PCONTEXT PDWORD64
 
PCONTEXT DWORD64
 

Macro Definition Documentation

◆ CONTEXT_ALL

#define CONTEXT_ALL   1048607

Definition at line 43 of file windows_debug.h.

◆ CONTEXT_XSTATE

#define CONTEXT_XSTATE   (0x00010040)

Definition at line 38 of file windows_debug.h.

◆ XSTATE_AVX

#define XSTATE_AVX   (XSTATE_GSSE)

Definition at line 40 of file windows_debug.h.

◆ XSTATE_GSSE

#define XSTATE_GSSE   2

Definition at line 23 of file windows_debug.h.

◆ XSTATE_LEGACY_SSE

#define XSTATE_LEGACY_SSE   1

Definition at line 27 of file windows_debug.h.

◆ XSTATE_MASK_AVX

#define XSTATE_MASK_AVX   (XSTATE_MASK_GSSE)

Definition at line 41 of file windows_debug.h.

◆ XSTATE_MASK_GSSE

#define XSTATE_MASK_GSSE   (1LLU << (XSTATE_GSSE))

Definition at line 31 of file windows_debug.h.

Typedef Documentation

◆ OBJECT_TYPE_INFORMATION

typedef struct _OBJECT_TYPE_INFORMATION OBJECT_TYPE_INFORMATION

◆ PLIB_ITEM

typedef struct LIB_ITEM * PLIB_ITEM

◆ POBJECT_TYPE_INFORMATION

typedef struct _OBJECT_TYPE_INFORMATION * POBJECT_TYPE_INFORMATION

◆ POOL_TYPE

typedef enum _POOL_TYPE POOL_TYPE

◆ PPOOL_TYPE

typedef enum _POOL_TYPE * PPOOL_TYPE

◆ PSYSTEM_HANDLE

typedef struct _SYSTEM_HANDLE * PSYSTEM_HANDLE

◆ PSYSTEM_HANDLE_INFORMATION

typedef struct _SYSTEM_HANDLE_INFORMATION * PSYSTEM_HANDLE_INFORMATION

◆ PTHREAD_ITEM

typedef struct THREAD_ITEM * PTHREAD_ITEM

◆ SYSTEM_HANDLE

typedef struct _SYSTEM_HANDLE SYSTEM_HANDLE

◆ SYSTEM_HANDLE_INFORMATION

typedef struct _SYSTEM_HANDLE_INFORMATION SYSTEM_HANDLE_INFORMATION

Enumeration Type Documentation

◆ _POOL_TYPE

enum _POOL_TYPE
Enumerator
NonPagedPool 
PagedPool 
NonPagedPoolMustSucceed 
DontUseThisType 
NonPagedPoolCacheAligned 
PagedPoolCacheAligned 
NonPagedPoolCacheAlignedMustS 

Definition at line 60 of file windows_debug.h.

60  {
61  NonPagedPool,
62  PagedPool,
63  NonPagedPoolMustSucceed,
64  DontUseThisType,
65  NonPagedPoolCacheAligned,
66  PagedPoolCacheAligned,
67  NonPagedPoolCacheAlignedMustS
68 } POOL_TYPE,
PagedPoolCacheAligned
@ PagedPoolCacheAligned
Definition: windows_debug.h:66
NonPagedPoolCacheAligned
@ NonPagedPoolCacheAligned
Definition: windows_debug.h:65
NonPagedPoolCacheAlignedMustS
@ NonPagedPoolCacheAlignedMustS
Definition: windows_debug.h:67
NonPagedPool
@ NonPagedPool
Definition: windows_debug.h:61
DontUseThisType
@ DontUseThisType
Definition: windows_debug.h:64
NonPagedPoolMustSucceed
@ NonPagedPoolMustSucceed
Definition: windows_debug.h:63
PagedPool
@ PagedPool
Definition: windows_debug.h:62
POOL_TYPE
enum _POOL_TYPE POOL_TYPE

Function Documentation

◆ ut64()

ut64 ( WINAPI *  w32_GetEnabledXStateFeatures)

Referenced by __analysis_esil_function(), __analysis_fcn_check_bp_use(), __bb_addr_cmp(), __break_points_cb(), __core_analysis_fcn(), __core_cmd_search_asm_infinite(), __core_visual_gogo(), __create_iter_sections(), __cursor_up(), __desc_cache_cleanup_cb(), __desc_cache_commit_cb(), __desc_cache_list_cb(), __disasm(), __esil_step(), __esil_step_range_cb(), __find_symbol_by_paddr(), __handle_mouse_on_panel(), __handleComment(), __init_panel_param(), __io_maps(), __jmp_to_cursor_addr(), __lseek(), __max_end(), __ne_get_resources(), __opaddr(), __panels_check_stackbase(), __panels_process(), __parse_string_on_cursor(), __print_disassembly_cb(), __print_hexdump_cb(), __printPattern(), __read(), __read_nonnull_str_at(), __rebase_everything(), __rebase_flags(), __seek_cursor(), __system(), __watch_points_cb(), __write(), _cb_hit(), _CbInRangeSearchV(), _extract_flags(), _fill_bin_symbol(), _luac_build_info(), _parse_resource_directory(), _patch_reloc(), _pointer_table(), _processControlPacket(), _sendResponsePacket(), _server_handle_M(), _server_handle_m(), _server_handle_z(), _store_resource_sdb(), add_class_bases(), add_map(), add_map_reg(), add_new_bin_string(), add_new_func_symbol(), add_reg_change(), add_seek_history(), add_window_to_table(), addptr(), adjust_class(), adjust_directions(), adr(), adrp(), agraph_refresh(), align_upper(), all_intersect(), amd29k_instr_print(), analBars(), analop_esil(), analPaths(), analysis_block_cb(), analysis_class_print(), analysis_class_print_to_json(), analysis_fcn_data(), analysis_fcn_data_gaps(), analysis_FOR_ITER(), analysis_graph_to(), analysis_SETUP_ASYNC_WITH(), analysis_SETUP_EXCEPT(), analysis_SETUP_FINALLY(), analysis_SETUP_LOOP(), analysis_SETUP_WITH(), analyze_noreturn_function(), annotated_hexdump(), anop(), anop32(), anop64(), anop_esil(), apply_bank(), apply_case(), apply_maps_as_flags(), ar_open_all(), ar_open_file(), ar_parse_header(), arcompact_genops_jmp(), arg(), arm64math(), arm_assemble(), array_add(), asciiart_backtrace(), asn1_parse_header(), assemble(), assign_reg(), automerge_get_predecessors_cb(), automerge_predecessor_successor_cb(), avr_custom_des(), avr_custom_spm_page_erase(), avr_custom_spm_page_fill(), avr_custom_spm_page_write(), backref(), backtrace_fuzzy(), backtrace_generic(), backtrace_vars(), backtrace_windows_x64(), backtrace_x86_64(), backtrace_x86_64_analysis(), baddr(), base36_decode(), basefind_create_array_of_addresses(), basefind_create_pointer_map(), basefind_pointer_map_iter(), basefind_thread_runner(), bb_info_print(), bbget(), bflt_load_relocs(), bfm(), bfvm_maps(), bfvm_show_regs(), bin_elf_versioninfo_verneed(), bin_elf_versioninfo_versym(), bin_pe_get_actual_checksum(), bin_pe_get_overlay(), bin_pe_init_imports(), bin_pe_init_overlay(), bin_pe_init_rich_info(), bin_pe_init_sections(), bin_pe_parse_imports(), bin_pe_parse_resource(), bin_pe_va_to_rva(), binsym(), block_store(), bootimg_header_load(), branch(), bsd_thread_list(), buf_bytes_read(), buf_file_get_size(), buf_format(), buf_fwd_checksum(), buf_move_back(), buf_read(), buf_ref_init(), buf_ref_resize(), buf_sparse_read(), buf_sparse_seek(), buf_sparse_size(), buffer_read_64_signed(), bytecode_snprint(), calculate_decrypt(), calculate_encrypt(), calculate_hash(), calculate_luhn(), carve_deps_at_address(), carve_kexts(), cb_binmaxstrbuf(), check_buffer(), check_buffer_jmp(), check_buffer_rjmp(), checkEntrypointBuffer(), checkHeader(), classdump_cpp(), classes(), clear_bb_vars(), cmask64(), cmd_address_info(), cmd_aea(), cmd_analysis_esil(), cmd_analysis_graph(), cmd_analysis_trampoline(), cmd_dcu(), cmd_debug_backtrace(), cmd_debug_current_modules(), cmd_pCd(), cmd_pCD(), cmd_pCx(), cmd_print_bars(), cmd_print_blocks(), cmd_print_pv(), cmd_print_pxA(), cmd_pxr(), cmd_search_bin(), cmd_write_bits(), cmp(), common_write_value_handler(), compareSize(), compute_baddr_from_phdr(), compute_boffset_from_phdr(), compute_symbols_from_segment(), consume_locals_r(), consume_r(), consume_str_r(), core_analysis_bytes_desc(), core_analysis_bytes_esil(), core_analysis_bytes_size(), core_analysis_followptr(), core_analysis_graph_label(), core_disassembly(), core_file_do_load_for_debug(), core_perform_auto_analysis(), core_recover_golang_functions_go_1_16(), core_recover_golang_functions_go_1_18(), core_recover_golang_functions_go_1_2(), core_walk_function_blocks(), count_blocks(), count_cb(), cqcheck(), create(), create_cache_bins(), create_initterm_syms(), create_path_to_index(), create_section_plt(), cursor_prevrow(), cvt_64(), dalvik_disassemble(), dalvik_op(), debug_gdb_write_at(), decode_bcond(), decode_buffer(), decode_call(), decode_index64(), decode_jmp(), decode_ldr_set_addr(), decode_movi(), decode_movrel(), decompress(), DEFINE_HANDLE_TS_FCN_AND_SYMBOL(), del(), desc_list_json_cb(), desc_list_visual_cb(), deserialize_memory_cb(), deserialize_registers_cb(), dex_access_flags_to_bin_flags(), dex_class_def_new(), dex_field_to_bin_field(), dex_new_encoded_field(), dex_new_encoded_method(), dex_parse(), dex_string_new(), diff_hexdump_line(), disarm_12bit_offset(), disarm_8bit_offset(), disasm_strings(), disassemble(), disassemble_till_return_is_found(), disassembly_as_table(), dmp_open(), dmp_read(), dmp_write(), do_analysis_search(), do_asm_search(), do_debug_trace_calls(), do_esil_search(), do_iter_offsets(), do_iter_sections(), do_ref_search(), do_section_search(), do_string_search(), do_syscall_search(), drx_get(), drx_get_at(), drx_list(), ds_build_op_str(), ds_disassemble(), ds_init(), ds_pre_emulation(), ds_print_core_vmode(), ds_print_data_type(), ds_print_esil_analysis(), ds_print_meta_infos(), ds_print_offset(), ds_print_ptr(), ds_show_flags(), ds_show_xrefs(), ds_sub_jumps(), dumb_ctzll(), dump_maps(), dwarf_read_address(), dwarf_read_initial_length(), dwarf_read_offset(), ebc_analysis_jmp(), Elf_(), elf_is_bind_now(), encodeBitMasksWithSize(), ensure_fcn_range(), entries(), entries_initfini_print(), es_add_ck(), esil_add(), esil_addeq(), esil_addrinfo(), esil_and(), esil_andeq(), esil_asr(), esil_asreq(), esil_bf(), esil_bigger(), esil_bigger_equal(), esil_bits(), esil_cf(), esil_cmp(), esil_dec(), esil_deceq(), esil_div(), esil_diveq(), esil_eq(), esil_goto(), esil_if(), esil_inc(), esil_inceq(), esil_interrupt(), esil_lsl(), esil_lsleq(), esil_lsr(), esil_lsreq(), esil_mem_addeq_n(), esil_mem_andeq_n(), esil_mem_deceq_n(), esil_mem_diveq_n(), esil_mem_inceq_n(), esil_mem_lsleq_n(), esil_mem_lsreq_n(), esil_mem_modeq_n(), esil_mem_muleq_n(), esil_mem_oreq_n(), esil_mem_subeq_n(), esil_mem_xoreq_n(), esil_mod(), esil_modeq(), esil_mul(), esil_muleq(), esil_neg(), esil_negeq(), esil_num(), esil_of(), esil_or(), esil_oreq(), esil_peek_n(), esil_peek_some(), esil_pf(), esil_poke_n(), esil_poke_some(), esil_repeat(), esil_rol(), esil_ror(), esil_set_delay_slot(), esil_set_jump_target(), esil_set_jump_target_set(), esil_sf(), esil_signed_div(), esil_signed_mod(), esil_smaller(), esil_smaller_equal(), esil_sub(), esil_subeq(), esil_trap(), esil_weak_eq(), esil_xor(), esil_xoreq(), esilbreak_mem_read(), esilbreak_reg_write(), estimate_slide(), exprmatch(), exprmatchreg(), extract_addr_from_code(), extract_arg(), extract_binobj(), extract_slice(), fcn_get_refs(), fcn_takeover_block_recursive_followthrough_cb(), fields(), file_mdump(), file_resize(), file_strncmp(), fill_dt_dynamic(), fill_hist_offset(), filter(), filterFlags(), find_largest_loc_range(), find_longest_match(), find_matching_bracket(), find_next_diff(), findClassBounds(), findMethodBounds(), flag_relocate_foreach(), flagbar_foreach(), flags_to_json(), flirt_node_shorten_pattern(), fold_asm_trace(), follow_ref(), foreach_pairs(), foreach_reg_set_or_clear(), foreachOffset(), format_output(), format_reg_value(), func_walk_blocks(), function_list_print(), gb_custom_daa(), gb_parse_arith1(), gb_parse_cb2(), gb_parse_ld2(), gb_parse_ld3(), gbAsm(), gdbr_exec_file_read(), gdbr_get_baddr(), gdbr_parse_target_xml(), gdbr_read_feature(), gdbr_read_file(), gdbr_read_memory_page(), gdbr_read_osdata(), gdbr_read_processes_xml(), gdbr_read_target_xml(), gdbr_write_memory(), gdbr_write_registers(), genmask(), get_base_from_maps(), get_bb_body(), get_bbnodes(), get_bbupdate(), get_buf_val(), get_cbs(), get_cf_offset(), get_class_name(), get_class_ro_t(), get_class_t(), get_code_object_addr(), get_current_process_and_thread(), get_die_size(), get_dispatchmessage_offset(), get_dt_info(), get_dynamic_elf_symbols(), get_elf_intrp(), get_entries_from_section(), get_entrypoint(), get_esil_stack_name(), get_float64(), get_frame_base(), get_gnu_verneed(), get_gnu_versym(), get_got_entry(), get_graphtrace_node(), get_immed_sgnext(), get_import_addr(), get_import_addr_arm(), get_import_addr_aux(), get_import_addr_mips(), get_import_addr_ppc(), get_import_addr_riscv(), get_import_addr_sparc(), get_import_addr_x86(), get_import_addr_x86_manual(), get_insn_args(), get_kernel_base(), get_main(), get_main_offset_arm64(), get_main_offset_arm_glibc_thumb(), get_main_offset_linux_64_pie(), get_main_offset_mips(), get_main_offset_x86_gcc(), get_main_offset_x86_non_pie(), get_main_offset_x86_pie(), get_next_i(), get_note_file(), get_numeric_val(), get_plt_name(), get_ptr(), get_ptr_ble(), get_rebase_info(), get_rebase_infos(), get_relocs(), get_relocs_entry(), get_relocs_entry_from_dt_dynamic(), get_relocs_entry_from_dt_dynamic_aux(), get_relocs_entry_from_sections(), get_section_elf_symbols(), get_sections(), get_sections_from_dt_dynamic(), get_segments(), get_segments_from_phdr(), get_spec_die_type(), get_st64(), get_targets_map_base_from_sections(), get_targets_map_base_from_segments(), get_verneed_entry_sdb(), get_versym_entry_sdb_from_verdef(), get_versym_entry_sdb_from_verneed(), get_virtual_files(), get_whole_buf(), get_xrefs(), getarg(), getarg2(), GetHeapBlocks(), GetHeapGlobalsOffset(), getnum(), getnumbang(), getpcfromstack(), getref(), getRefPtr(), getthimmed12(), getvalue(), global_var_load_cb(), global_var_node_cmp(), go_data(), go_offset(), go_string(), go_string_from_table(), go_uvariant(), goto_asmqjmps(), gprobe_frame_sp(), gprobe_getinformation(), gprobe_send_request_sp(), graph_breakpoint(), handle_arm_hint(), handle_arm_special_symbol(), handle_exception_message(), handle_forward_disassemble(), handle_stack_canary(), handle_var_stack_access(), handleMidFlags(), hash_context_compare_hashes(), header(), hex_get_stale_pkt(), hexdump(), hint_node_cmp(), hints_load_cb(), ihex_write(), inBetween(), init_desc_list_visual_cb(), init_dt_dynamic(), init_dynstr_aux(), init_items(), init_module_runtime_functions(), initialize_stack(), initializeEsil(), INST_HANDLER(), int_cmp(), interact(), interact_break_cmd(), io_create_mem_map(), io_memory_lseek(), io_read_va_at(), iob_net_write(), is_delta_pointer_table(), is_filtered_flag(), is_number(), is_pc_inside_module(), is_pc_inside_windmodule(), is_pclntab_valid(), is_pointer(), is_string_at(), iter_dbt_commands(), iterate_rebase_list(), java_access_flags_to_bin_flags(), java_analysis(), java_class_parse(), java_disassemble(), java_field_new(), java_method_new(), jemalloc_get_bins(), jemalloc_get_chunks(), jemalloc_print_narenas(), jmp_dest(), kexts_from_load_commands(), lang_byte_array_c_cpp(), ldr(), le_get_entries(), le_get_modname_by_ord(), le_read_nonnull_str_at(), libs(), lines(), linux_handle_signals(), linux_thread_list(), list_all_functions_at_vtable_offset(), list_vars(), load_all_omf_records(), load_buffer(), loadGP(), lua_load_integer(), lua_load_number(), lua_parse_body_53(), lua_parse_body_54(), lua_parse_code(), lua_parse_const_entry(), lua_parse_consts(), lua_parse_debug(), lua_parse_header_53(), lua_parse_header_54(), lua_parse_line_defined(), lua_parse_protos(), lua_parse_string(), lua_parse_upvalue_entry(), lua_parse_upvalues(), luac_build_info(), MACH0_(), mach0_info_new(), mach_headerfields(), magic_int_within(), magiccheck(), map_multi_dex(), map_p2v(), maps(), mask64(), mconvert(), mem(), meta_function_comment_remove(), meta_load_cb(), meta_string_guess_add(), mips_op(), mipsTweak(), module_match_buffer(), mov(), movk(), movn(), mprint(), myregwrite(), n_oper_to_addr(), name_from_table(), next_append(), node_match_functions(), node_max(), noreturn_recurse(), Nsetf(), num_callback(), objc_build_refs(), objc_find_refs(), offset_comp(), offset_len(), on_fcn_delete(), on_fcn_new(), on_fcn_rename(), on_map_skyline(), on_rebase_pointer(), op_at_phys(), opcall(), open_core_file(), opex(), opex64(), oplea(), opmask(), opmov(), opmovabs(), oprep(), paddr_to_vaddr(), parse(), parse_abbrev_raw(), parse_abstract_origin(), parse_aranges_raw(), parse_atomic_type(), parse_categories(), parse_chained_fixups(), parse_classes(), parse_comp_unit(), parse_dbi_stream(), parse_die(), parse_dwarf_location(), parse_enumerate(), parse_expire(), parse_ext_opcode(), parse_go_build_info(), parse_grep_expression(), parse_hash_algorithms(), parse_import_stub(), parse_line_header_source(), parse_line_raw(), parse_loc_raw(), parse_note_file(), parse_relocation_info(), parse_segments(), parse_signature(), parse_size(), parse_struct_member(), parse_symbol_table(), parse_symtab(), parse_thread(), parse_type_numeric(), parse_typedef(), parse_union_member(), parse_value(), parseCodeDirectory(), parseDragons(), parseMod(), parseOperand(), patch_relocs(), path_walker(), pdb_set_symbols(), PE_(), Pe_r_bin_pe_parse_version_info(), perform_mapped_file_yank(), place_nodes(), place_original(), populate_cache_headers(), populate_cache_maps(), populate_imports(), populate_symbols(), pr_bb(), prepend_current_pc(), prevop_addr(), prevOpcode(), print_addr(), print_arena_stats(), print_cmd_analysis_after_traps_print(), print_debug_maps_ascii_art(), print_double_linked_list_bin_graph(), print_double_linked_list_bin_simple(), print_format_values(), print_fpu(), print_heap_bin(), print_heap_chunk(), print_heap_chunk_simple(), print_heap_fastbin(), print_hint_tree(), print_inst_minfo(), print_largebin_description(), print_log(), print_loop(), print_malloc_states(), print_new_results(), print_rop(), print_smallbin_description(), print_state(), print_string(), print_tcache_content(), print_unsortedbin_description(), proc_mem_img(), process_constructors(), process_kmod_init_term(), process_one_string(), process_reference_noreturn_cb(), propagate_types_among_used_variables(), prune_hits_in_hit_range(), pyc_op(), qnxr_read_memory(), qnxr_write_memory(), rabin_do_operation(), ranged_hint_record_cmp(), rasm_disasm(), raw_rtti_parse(), rax(), read_ahead(), read_at_kernel_virtual(), read_cache_accel(), read_cache_header(), read_cache_images(), read_cache_imgextra(), read_desc(), read_dos_header(), read_ehdr_other(), read_gnu_hash_table(), read_hash_table(), read_hdr(), read_i64_leb128(), read_le_header_aux(), read_memory64_list(), read_module_aux(), read_n_bits(), read_node_bytes(), read_node_variant_mask(), read_nt_headers(), read_u64_leb128(), ReadMemory(), rebase_buffer(), rebase_bytes_v1(), rebase_bytes_v2(), rebase_bytes_v3(), rebase_info_populate(), rebase_offset_to_paddr(), reconstruct_chained_fixup(), recovery_analysis_complete_object_locator(), recovery_apply_bases(), recovery_apply_vtable(), references_handler(), reg_has_changed(), regs_to_flags(), relocation_function_process_noreturn(), relocs_foreach(), reopen_in_malloc_cb(), replace(), resize_helper(), resolve_mig_subsystem(), resolve_syscalls(), revert_cdiv_magic(), riscv_disassemble(), riscv_op(), rjmp_dest(), rop_classify_arithmetic(), rop_classify_arithmetic_const(), rop_classify_constant(), rop_classify_mov(), rtti_itanium_class_type_info_init(), rtti_itanium_read_type_name(), rtti_itanium_read_type_name_custom(), rtti_itanium_si_class_type_info_init(), rtti_itanium_type_info_new(), rtti_itanium_vmi_class_type_info_init(), rtti_msvc_print_complete_object_locator_recurse(), rtti_msvc_read_base_class_array(), rtti_msvc_read_base_class_descriptor(), rtti_msvc_read_type_descriptor(), run_basic_block_analysis(), run_old_command(), rz_analysis_add_device_peripheral_map(), rz_analysis_aefa(), rz_analysis_appcall_handler(), rz_analysis_basic_block_find_paths_handler(), rz_analysis_basic_block_list_handler(), rz_analysis_block_analyze_ops(), rz_analysis_block_automerge(), rz_analysis_block_chop_noreturn(), rz_analysis_block_op_starts_at(), rz_analysis_class_rename_flag(), rz_analysis_class_unique_attr_id_raw(), rz_analysis_class_vtable_lookup_handler(), rz_analysis_data(), rz_analysis_dwarf_integrate_functions(), rz_analysis_esil_condition(), rz_analysis_esil_init_mem_handler(), rz_analysis_esil_init_mem_remove_handler(), rz_analysis_esil_reg_read(), rz_analysis_esil_signext(), rz_analysis_extract_rarg(), rz_analysis_function_all_opcode_stat_handler(), rz_analysis_function_analyze_jmptable_handler(), rz_analysis_function_blocks_add_handler(), rz_analysis_function_blocks_color_handler(), rz_analysis_function_blocks_edge_handler(), rz_analysis_function_blocks_switch_type_handler(), rz_analysis_function_cost(), rz_analysis_function_del_handler(), rz_analysis_function_delete_label(), rz_analysis_function_get_label(), rz_analysis_function_realsize(), rz_analysis_function_resize(), rz_analysis_function_size_sum_handler(), rz_analysis_function_type_matching_handler(), rz_analysis_function_until_handler(), rz_analysis_function_vars_bp_getref_handler(), rz_analysis_function_vars_bp_setref_handler(), rz_analysis_function_vars_dis_refs_handler(), rz_analysis_function_vars_regs_getref_handler(), rz_analysis_function_vars_regs_setref_handler(), rz_analysis_function_vars_sp_getref_handler(), rz_analysis_function_vars_sp_setref_handler(), rz_analysis_function_vars_stackframe_handler(), rz_analysis_function_xrefs_handler(), rz_analysis_functions_map_handler(), rz_analysis_functions_merge_handler(), rz_analysis_get_delta_jmptbl_info(), rz_analysis_get_jmptbl_info(), rz_analysis_global_variable_add_handler(), rz_analysis_global_variable_delete_byaddr_handler(), rz_analysis_hint_del_handler(), rz_analysis_hint_set_bits_handler(), rz_analysis_hint_set_fail_handler(), rz_analysis_hint_set_immbase_handler(), rz_analysis_hint_set_jump_handler(), rz_analysis_hint_set_ptr_handler(), rz_analysis_hint_set_ret_handler(), rz_analysis_hint_set_size_handler(), rz_analysis_hint_set_stackframe_handler(), rz_analysis_hint_set_val_handler(), rz_analysis_il_vm_step(), rz_analysis_list_struct_offsets_handler(), rz_analysis_list_vtables(), rz_analysis_noreturn_drop(), rz_analysis_reflines_get(), rz_analysis_rtti_msvc_recover_all(), rz_analysis_try_get_fcn(), rz_analysis_update_analysis_range(), rz_analysis_value_free(), rz_analysis_value_set_ut64(), rz_analysis_value_to_ut64(), rz_analysis_var_clear_accesses(), rz_analysis_var_get_dst_var(), rz_analysis_var_global_get_byaddr_in(), rz_analysis_var_remove_access_at(), rz_analysis_var_resolve_overlaps(), rz_analysis_var_set_access(), rz_analysis_vtable_info_get_size(), rz_analysis_vtable_parse_at(), rz_analysis_vtable_search(), rz_analysis_walkthrough_arm_jmptbl_style(), rz_analysis_walkthrough_casetbl(), rz_analysis_walkthrough_jmptbl(), rz_analysis_xrefs_copy_handler(), rz_analysis_xrefs_count(), rz_analysis_xrefs_del_handler(), rz_analysis_xrefs_to_graph_cmd_handler(), rz_analyze_all_consecutive_functions_in_section_handler(), rz_analyze_function_linked_offsets_handler(), rz_annotated_code_line_offsets(), rz_arm_cs_analysis_op_32_esil(), rz_arm_cs_analysis_op_64_esil(), rz_arm_it_apply_cond(), rz_asm_massemble(), rz_asm_mdisassemble(), rz_asm_mdisassemble_hexstr(), rz_asm_pseudo_intN(), rz_asn1_stringify_bits(), rz_asn1_stringify_bytes(), rz_asn1_stringify_integer(), rz_asn1_stringify_oid(), rz_axml_decode(), rz_basefind(), rz_bflt_get_data_base(), rz_bin_coff_init_scn_hdr(), rz_bin_coff_init_scn_va(), rz_bin_coff_init_symtable(), rz_bin_dmp64_init_bmp_header(), rz_bin_dmp64_init_bmp_pages(), rz_bin_dmp64_init_memory_runs(), rz_bin_dmp64_init_triage_drivers(), rz_bin_elf_add_addr(), rz_bin_elf_add_off(), rz_bin_elf_dt_dynamic_new(), rz_bin_elf_get_bits(), rz_bin_elf_get_compiler(), rz_bin_elf_get_e_entry_as_string(), rz_bin_elf_get_e_phoff_as_string(), rz_bin_elf_get_e_shoff_as_string(), rz_bin_elf_get_entry_offset(), rz_bin_elf_get_fini_offset(), rz_bin_elf_get_gnu_hash_table(), rz_bin_elf_get_hash_table(), rz_bin_elf_get_init_offset(), rz_bin_elf_get_libs(), rz_bin_elf_get_main_offset(), rz_bin_elf_get_num_relocs_dynamic_plt(), rz_bin_elf_get_number_of_symbols_from_gnu_hash_table(), rz_bin_elf_get_targets_map_base(), rz_bin_elf_mul_addr(), rz_bin_elf_mul_off(), rz_bin_elf_read_addr(), rz_bin_elf_read_off(), rz_bin_elf_read_xword(), rz_bin_elf_sections_new(), rz_bin_file_compute_hashes(), rz_bin_file_delete_all(), rz_bin_file_object_new_from_xtr_data(), rz_bin_file_strings(), rz_bin_file_xtr_load_buffer(), rz_bin_filter_name(), rz_bin_get_section_at(), rz_bin_java_class_as_sections(), rz_bin_java_class_entrypoints(), rz_bin_java_class_methods_as_symbols(), rz_bin_java_class_new(), rz_bin_java_class_resolve_symbol(), rz_bin_le_get_entrypoints(), rz_bin_le_get_imports(), rz_bin_le_get_libs(), rz_bin_le_get_relocs(), rz_bin_le_get_sections(), rz_bin_le_get_symbols(), rz_bin_le_new_buf(), rz_bin_mdmp_get_paddr(), rz_bin_mdmp_init_directory(), rz_bin_mdmp_init_directory_entry(), rz_bin_mdmp_init_pe_bins(), rz_bin_mdmp_patch_pe_headers(), rz_bin_mdmp_pe_get_entrypoint(), rz_bin_mdmp_pe_get_imports(), rz_bin_mdmp_pe_get_sections(), rz_bin_mdmp_pe_get_symbols(), rz_bin_mz_get_entrypoint(), rz_bin_mz_get_main_vaddr(), rz_bin_mz_get_segments(), rz_bin_ne_buf_init(), rz_bin_ne_get_entrypoints(), rz_bin_ne_get_imports(), rz_bin_ne_get_relocs(), rz_bin_ne_get_segments(), rz_bin_ne_get_symbols(), rz_bin_object_get_map_at(), rz_bin_object_get_maps_at(), rz_bin_object_new(), rz_bin_object_p2v_all(), rz_bin_object_v2p(), rz_bin_omf_get_paddr_sym(), rz_bin_pdb_parse_from_buf(), rz_bin_pe_check_sections(), rz_bin_pe_get_entrypoint(), rz_bin_pe_get_image_base(), rz_bin_pe_get_imports(), rz_bin_pe_get_libs(), rz_bin_pe_get_sections(), rz_bin_pemixed_init_dos(), rz_bin_reloc_target_builder_get_target(), rz_bin_relocs_patch_find_targets_map_base(), rz_bin_relocs_patch_maps(), rz_bin_set_baddr(), rz_bin_strpurge(), rz_bin_te_get_image_base(), rz_bin_te_get_main_paddr(), rz_bin_te_init_hdr(), rz_bin_wasm_get_custom_name_entries(), rz_bin_wasm_get_sections(), rz_bin_wasm_get_start(), rz_block_decrease_handler(), rz_block_handler(), rz_block_increase_handler(), rz_block_max_handler(), rz_bp_traptrace_add(), rz_buf_append_buf(), rz_buf_dump(), rz_buf_fwd_scan(), rz_buf_new_slurp(), rz_buf_new_with_buf(), rz_buf_new_with_string(), rz_buf_sleb128(), rz_buf_to_string(), rz_buf_uleb128(), rz_bv_set_from_bytes_le(), rz_bv_set_from_st64(), rz_bv_set_to_bytes_be(), rz_bv_set_to_bytes_le(), rz_bv_to_ut64(), rz_calculate_luhn_value(), rz_cmd_alias(), rz_cmd_analysis(), rz_cmd_arena_print_handler(), rz_cmd_cmp_bytes_handler(), rz_cmd_cmp_hex_block_handler(), rz_cmd_cmp_hex_diff_lines_handler(), rz_cmd_debug(), rz_cmd_debug_add_bp_module_handler(), rz_cmd_debug_allocate_maps_handler(), rz_cmd_debug_continue_mapped_io_handler(), rz_cmd_debug_deallocate_map_handler(), rz_cmd_debug_dmi(), rz_cmd_debug_dml_handler(), rz_cmd_debug_dmL_handler(), rz_cmd_debug_dmS_handler(), rz_cmd_debug_map_current_handler(), rz_cmd_debug_remove_bp_index_handler(), rz_cmd_debug_step_prog_handler(), rz_cmd_debug_trace_add_addrs_handler(), rz_cmd_debug_trace_calls_handler(), rz_cmd_disassemble_recursively_no_function_handler(), rz_cmd_disassemble_ropchain_handler(), rz_cmd_disassemble_summarize_block_handler(), rz_cmd_disassemble_summarize_n_bytes_handler(), rz_cmd_disassembly_all_methods_class_handler(), rz_cmd_disassembly_all_possible_opcodes_handler(), rz_cmd_disassembly_all_possible_opcodes_treeview_handler(), rz_cmd_disassembly_function_handler(), rz_cmd_disassembly_function_summary_handler(), rz_cmd_disassembly_n_instrs_as_text_json_handler(), rz_cmd_heap_chunk_print_handler(), rz_cmd_heap_chunks_print_handler(), rz_cmd_help(), rz_cmd_info_hashes_handler(), rz_cmd_macro_break(), rz_cmd_print(), rz_cmd_print_timestamp_dos_handler(), rz_cmd_print_timestamp_hfs_handler(), rz_cmd_print_timestamp_ntfs_handler(), rz_cmd_print_timestamp_unix_handler(), rz_cmd_search(), rz_cmd_sizes_of_n_instructions_handler(), rz_coff_get_reloc_targets_map_base(), rz_coff_get_reloc_targets_vfile_size(), rz_config_get_i(), rz_config_set(), rz_config_set_b(), rz_config_set_i(), rz_cons_break_timeout(), rz_core_add_asmqjmp(), rz_core_agraph_print_interactive(), rz_core_analysis_address(), rz_core_analysis_all(), rz_core_analysis_bytes(), rz_core_analysis_callgraph(), rz_core_analysis_calls(), rz_core_analysis_continue_until_call(), rz_core_analysis_continue_until_syscall(), rz_core_analysis_coverage_count(), rz_core_analysis_cycles(), rz_core_analysis_data(), rz_core_analysis_esil(), rz_core_analysis_esil_default(), rz_core_analysis_esil_emulate(), rz_core_analysis_esil_init_mem(), rz_core_analysis_esil_init_mem_p(), rz_core_analysis_esil_references_all_functions(), rz_core_analysis_esil_step_over(), rz_core_analysis_everything(), rz_core_analysis_fcn_merge(), rz_core_analysis_fcn_returns(), rz_core_analysis_function_until(), rz_core_analysis_get_stats(), rz_core_analysis_graph(), rz_core_analysis_hasrefs_to_depth(), rz_core_analysis_hint_print(), rz_core_analysis_hint_set_offset(), rz_core_analysis_importxrefs(), rz_core_analysis_name(), rz_core_analysis_optype_colorfor(), rz_core_analysis_propagate_noreturn(), rz_core_analysis_refs(), rz_core_analysis_rename(), rz_core_analysis_search(), rz_core_analysis_search_xrefs(), rz_core_analysis_sigdb_apply(), rz_core_analysis_sigdb_print(), rz_core_analysis_type_match(), rz_core_analysis_types_propagation(), rz_core_analysis_value_pointers(), rz_core_annotated_code_print(), rz_core_annotated_code_print_json(), rz_core_arg_get(), rz_core_asm_back_disassemble(), rz_core_asm_back_disassemble_all(), rz_core_asm_bwdisassemble(), rz_core_asm_strsearch(), rz_core_bin_apply_all_info(), rz_core_bin_apply_entry(), rz_core_bin_apply_imports(), rz_core_bin_apply_main(), rz_core_bin_apply_maps(), rz_core_bin_apply_relocs(), rz_core_bin_apply_resources(), rz_core_bin_apply_sections(), rz_core_bin_apply_strings(), rz_core_bin_apply_symbols(), rz_core_bin_classes_print(), rz_core_bin_dwarf_print_loc(), rz_core_bin_export_info(), rz_core_bin_imports_print(), rz_core_bin_info_print(), rz_core_bin_load(), rz_core_bin_main_print(), rz_core_bin_method_flags_str(), rz_core_bin_pdb_gvars_as_string(), rz_core_bin_print_source_line_sample(), rz_core_bin_relocs_print(), rz_core_bin_size_print(), rz_core_cmd_foreach(), rz_core_cmd_foreach3(), rz_core_cmd_lastcmd_repeat(), rz_core_cmd_subst(), rz_core_cmd_subst_i(), rz_core_dbg_follow_seek_register(), rz_core_debug_continue_until(), rz_core_debug_esil(), rz_core_debug_print_status(), rz_core_debug_step_one(), rz_core_debug_step_over(), rz_core_debug_step_skip(), rz_core_debug_step_until_frame(), rz_core_debug_sync_bits(), rz_core_diff_show(), rz_core_disasm_pde(), rz_core_disasm_pdi(), rz_core_disasm_pdi_with_buf(), rz_core_dump(), rz_core_esil_step(), rz_core_file_info_print(), rz_core_file_open(), rz_core_file_open_many(), rz_core_file_print(), rz_core_file_reopen(), rz_core_file_reopen_debug(), rz_core_file_reopen_remote_debug(), rz_core_flirt_convert_file(), rz_core_flirt_create_file(), rz_core_get_boundaries_prot(), rz_core_get_func_args(), rz_core_get_section_name(), rz_core_get_stacksz(), rz_core_graph_print(), rz_core_handle_backwards_disasm(), rz_core_init(), rz_core_io_cache_print(), rz_core_io_file_open(), rz_core_link_stroff(), rz_core_loadlibs(), rz_core_loadlibs_init(), rz_core_magic(), rz_core_magic_at(), rz_core_meta_pascal_string_add(), rz_core_meta_string_add(), rz_core_pdb_info_print(), rz_core_pdb_load_info(), rz_core_print_disasm(), rz_core_print_disasm_instructions(), rz_core_print_disasm_instructions_with_buf(), rz_core_print_disasm_json(), rz_core_print_examine(), rz_core_print_func_args(), rz_core_print_hexdump_byline_str(), rz_core_print_hexdump_or_hexdiff_str(), rz_core_print_scrollbar(), rz_core_print_scrollbar_bottom(), rz_core_print_string_c_cpp(), rz_core_reg_print_diff(), rz_core_rtr_gdb_cb(), rz_core_rtr_gdb_run(), rz_core_rtr_http_run(), rz_core_search_cb(), rz_core_search_prelude(), rz_core_search_preludes(), rz_core_search_rop(), rz_core_search_value_in_range(), rz_core_seek_base(), rz_core_seek_bb_instruction(), rz_core_seek_delta(), rz_core_seek_next(), rz_core_seek_opcode_backward(), rz_core_seek_prev(), rz_core_seek_to_register(), rz_core_serve(), rz_core_setup_debugger(), rz_core_shift_block(), rz_core_syscall_as_string(), rz_core_transform_op(), rz_core_types_struct_print(), rz_core_types_union_print(), rz_core_visual(), rz_core_visual_analysis(), rz_core_visual_analysis_refresh(), rz_core_visual_analysis_refresh_column(), rz_core_visual_bit_editor(), rz_core_visual_cmd(), rz_core_visual_comments(), rz_core_visual_debugtraces(), rz_core_visual_define(), rz_core_visual_esil(), rz_core_visual_graph(), rz_core_visual_hudclasses(), rz_core_visual_hudstuff(), rz_core_visual_jump(), rz_core_visual_offset(), rz_core_visual_prevopsz(), rz_core_visual_prompt_input(), rz_core_visual_title(), rz_core_visual_trackflags(), rz_core_visual_view_rop(), rz_core_visual_xrefs(), rz_core_write_seq_at(), rz_core_write_value_at(), rz_core_write_value_inc_at(), rz_core_yank(), rz_core_yank_print(), rz_core_yank_string(), rz_coresym_cache_element_new(), rz_debug_add_checkpoint(), rz_debug_bochs_breakpoint(), rz_debug_bochs_reg_read(), rz_debug_bp_add(), rz_debug_bp_rebase(), rz_debug_continue_kill(), rz_debug_continue_until_internal(), rz_debug_continue_until_optype(), rz_debug_dmp_attach(), rz_debug_dmp_frames(), rz_debug_dmp_init(), rz_debug_dmp_pids(), rz_debug_dmp_reg_read(), rz_debug_drx_handler(), rz_debug_execute(), rz_debug_gdb_map_get(), rz_debug_get_baddr(), rz_debug_map_dealloc(), rz_debug_memory_permission_handler(), rz_debug_qnx_reg_write(), rz_debug_select(), rz_debug_step_over(), rz_debug_step_soft(), rz_debug_trace_ins_after(), rz_debug_trace_ins_before(), rz_debug_trace_op(), rz_debug_wait(), rz_debug_winkd_select(), rz_des_permute_key_inv(), rz_diff_draw_tui(), rz_diff_graphs_files(), rz_diff_hex_visual(), rz_diff_parse_arguments(), rz_diff_resize_buffer(), rz_dyld_locsym_new(), rz_dyldcache_get_objc_opt_info(), rz_dyldcache_symbols_from_locsym(), rz_dyldcache_va2pa(), rz_egg_finalize(), rz_egg_include(), rz_egg_run(), rz_egg_run_rop(), rz_egg_shellcode(), rz_entropy_final(), rz_event_send(), rz_event_unhook(), rz_file_deflate(), rz_file_hexdump(), rz_file_inflate(), rz_file_size(), rz_flag_add_handler(), rz_flag_append_handler(), rz_flag_base_handler(), rz_flag_describe_closest_handler(), rz_flag_get_by_spaces(), rz_flag_hexdump_handler(), rz_flag_move_handler(), rz_flag_range_handler(), rz_flag_relocate_handler(), rz_flag_zone_around(), rz_fletcher64_final(), rz_get_size(), rz_heap_arenas_list(), rz_heap_bin_content(), rz_heap_blocks_list(), rz_heap_chunk_wrapper(), rz_heap_chunks_list(), rz_heap_debug_block_win(), rz_heap_fastbin_content(), rz_heap_list(), rz_heap_list_w32(), rz_heap_tcache_content(), rz_il_step_over_until_addr_handler(), rz_il_step_skip_until_addr_handler(), rz_il_step_until_addr_handler(), rz_il_validate_global_context_add_mem(), rz_il_vm_status_handler(), rz_il_vm_step_handler(), rz_il_vm_step_until_addr_handler(), rz_il_vm_step_with_events_handler(), rz_io_ar_lseek(), rz_io_cache_read(), rz_io_cache_write(), rz_io_desc_cache_list(), rz_io_desc_cache_read(), rz_io_desc_cache_write(), rz_io_desc_read(), rz_io_desc_seek(), rz_io_desc_size(), rz_io_extend_at(), rz_io_fd_seek(), rz_io_map_location(), rz_io_map_next_address(), rz_io_map_next_available(), rz_io_map_remap(), rz_io_map_resize(), rz_io_open_at(), rz_io_open_buffer(), rz_io_plugin_write(), rz_io_resize(), rz_io_shift(), rz_io_zip_alloc_zipfileobj(), rz_io_zip_flush_file(), rz_io_zip_get_by_file_idx(), rz_io_zip_get_files(), rz_io_zip_lseek(), rz_is_heap(), rz_is_valid_input_num_value(), rz_itv_contain(), rz_itv_include(), rz_itv_intersect(), rz_itv_overlap(), rz_json_get_path(), rz_main_rizin(), rz_main_rz_asm(), rz_main_rz_ax(), rz_main_rz_bin(), rz_main_rz_gg(), rz_md4_update(), rz_meta_data_at_handler(), rz_meta_data_handler(), rz_meta_data_remove_handler(), rz_meta_format_handler(), rz_meta_get_all_intersect(), rz_meta_get_size(), rz_meta_hidden_handler(), rz_meta_magic_handler(), rz_meta_rebase(), rz_meta_set_with_subtype(), rz_meta_string_8bit_handler(), rz_meta_string_at_handler(), rz_meta_string_handler(), rz_meta_string_utf8_handler(), rz_meta_string_wide16_handler(), rz_meta_string_wide32_handler(), rz_num_align_delta(), rz_num_as_string(), rz_num_between(), rz_num_bitmask(), rz_num_chs(), rz_num_conditional(), rz_num_dup(), rz_num_get(), rz_num_get_input_value(), rz_num_is_valid_input(), rz_num_math(), rz_num_minmax_swap(), rz_num_minmax_swap_i(), rz_num_tail(), rz_num_tail_base(), rz_num_tailff(), rz_open_binary_add_handler(), rz_open_handler(), rz_open_maps_map_fd_handler(), rz_open_maps_map_handler(), rz_open_maps_relocate_current_handler(), rz_open_maps_relocate_handler(), rz_open_maps_resize_handler(), rz_open_nobin_handler(), rz_open_nobin_write_handler(), rz_open_write_handler(), RZ_PACKED(), rz_platform_profile_resolve_extended_register(), rz_platform_profile_resolve_mmio(), rz_print_areas_no_functions_handler(), rz_print_byte_bitstream_handler(), rz_print_commands_after_traps_handler(), rz_print_delta_pointer_table_handler(), rz_print_fill(), rz_print_hexdump_bits_handler(), rz_print_hexdump_str(), rz_print_json_path(), rz_print_jsondump_str(), rz_print_rangebar(), rz_print_utf16be_handler(), rz_print_utf16le_handler(), rz_print_utf32be_handler(), rz_print_utf32le_handler(), rz_ptr(), rz_range_add_from_string(), rz_range_list(), rz_range_percent(), rz_range_size(), rz_read_be64(), rz_read_be_double(), rz_read_ble(), rz_read_le64(), rz_read_le_double(), rz_read_me64(), rz_read_me_double(), rz_rebase_handler(), rz_rebase_info_new_from_mach0(), rz_reg_flags_handler(), rz_reg_get_bvalue(), rz_reg_get_pack(), rz_reg_get_value(), rz_reg_get_value_big(), rz_reg_set_bvalue(), rz_regs_show_valgroup(), rz_reopen_debug_file_handler(), rz_resize_handler(), rz_resize_human_handler(), rz_resolve_jemalloc(), rz_scan_strings(), rz_scan_strings_raw(), rz_search_deltakey_update(), rz_search_mybinparse_update(), rz_search_pattern(), rz_search_strings_update(), rz_seek_asz_handler(), rz_seek_begin_handler(), rz_seek_end_handler(), rz_seek_function_handler(), rz_seek_handler(), rz_seek_offset(), rz_seek_search(), rz_serialize_analysis_diff_save(), rz_serialize_analysis_meta_save(), rz_serialize_analysis_switch_op_load(), rz_serialize_analysis_var_load(), rz_serialize_core_load(), rz_sha1_update(), rz_sign_flirt_node_new(), rz_sign_flirt_write_compressed_pattern_to_buffer(), rz_skyline_add(), rz_skyline_get_item_intersect(), rz_socket_rap_server_continue(), rz_str_bits_from_string(), rz_str_djb2_hash(), rz_str_range_in(), rz_str_strchr(), rz_strpool_alloc(), rz_table_filter(), rz_table_tojson(), rz_table_visual_list(), rz_test_load_asm_test_file(), rz_test_load_cmd_test_file(), rz_test_load_json_test_file(), rz_test_main(), rz_test_run_cmd_test(), rz_test_run_test(), rz_th_set_affinity(), rz_time_date_now_to_string(), rz_time_now(), rz_time_now_mono(), rz_type_db_struct_bitsize(), rz_type_db_struct_member_packed_offset(), rz_type_db_union_bitsize(), rz_type_format_10bytes(), rz_type_format_data_internal(), rz_type_format_double(), rz_type_format_float(), rz_type_format_hex(), rz_type_format_hexflag(), rz_type_format_int(), rz_type_format_nulltermstring(), rz_type_format_num(), rz_type_format_octal(), rz_type_format_quadword(), rz_type_format_string(), rz_type_format_time(), rz_type_format_u128(), rz_type_format_uleb(), rz_type_format_word(), rz_type_link_del_handler(), rz_type_link_handler(), rz_type_link_show_handler(), rz_type_list_noreturn_handler(), rz_type_path_by_offset(), rz_type_print_handler(), rz_type_xrefs_function_handler(), rz_uleb128(), rz_uleb128_decode(), rz_uleb128_encode(), rz_w32_add_winmsg_breakpoint(), rz_w32_dbg_maps(), rz_w32_dbg_modules(), rz_w32_identify_window(), rz_write_be_double(), rz_write_cache_commit_handler(), rz_write_cache_remove_handler(), rz_write_debruijn_find_handler(), rz_write_duplicate_handler(), rz_write_extend_hexbytes_handler(), rz_write_extend_shift_handler(), rz_write_extend_zero_handler(), rz_write_from_file_handler(), rz_write_from_io_handler(), rz_write_from_io_xchg_handler(), rz_write_from_socket_handler(), rz_write_le_double(), rz_write_me_double(), rz_write_op_sequence_handler(), rz_write_unified_patch_handler(), rz_write_zero_handler(), rz_xnu_kernelcache_buf_is_kernelcache(), rz_yank_to_handler(), rzfind_open_file(), sadd16(), sadd8(), sanitize_size(), saturate_unsigned(), sbfx(), scan_go_build_info(), sdb_array_add_sorted(), sdb_array_pop_num(), sdb_array_remove_num(), sdb_array_sort_num(), sdb_atoi(), sdb_const_get_len(), sdb_fmt_array_num(), sdb_fmt_init(), sdb_fmt_tobin(), sdb_fmt_tostr(), sdb_load_arch_profile(), sdb_load_platform_profile(), sdb_load_sysregs(), sdb_now(), sdb_num_dec(), sdb_num_inc(), sdb_ptr_set(), sdb_querys(), search_collisions(), search_hash(), search_similar_pattern_in(), search_string_thread_runner(), sections(), sections_print_json(), sections_print_table(), sep64_xtr_ctx_get_slice(), sep64_xtr_ctx_new(), set_b(), set_bin_relocs(), set_note_segment(), set_xref(), sh_op_movl_param_bits(), SHA256_Final(), SHA384_Final(), SHA512_Final(), SHA512_Last(), SHA512_Transform(), SHA512_Update(), shifted_reg64_append(), show_regs_handler(), show_syscall(), showreg(), simulate_op(), size(), sparse_write(), spc700_disas(), spc700_resolve_relative(), step_line(), step_until(), step_until_flag(), step_until_inst(), step_until_optype(), string_scan_range(), string_scan_range_cfstring(), strings_print(), structured_member_walker(), subprocess_wait(), subvar(), swap8(), swap_big_regs(), symbols(), symbols_from_stubs(), symbols_print(), system_common_handler(), thumb_assemble(), thumb_selector(), trycatch(), type_format_print_variable(), type_match(), type_pos_hit(), typelinks_load_sdb(), types_enum_member_find(), types_enum_member_find_all(), unwind_function(), update_varz_analysisysis(), updateAddr(), ut64join(), v_writebuf(), va2pa(), vaddr_to_paddr(), valgroup_regcb(), valgroup_regcmp(), VALIDATOR_EFFECT(), VALIDATOR_PURE(), var_accesses_list(), var_add_structure_fields_to_list(), var_functions_show(), var_variables_show(), variable_rename(), virtual_files(), visual_comma(), visual_nkey(), visual_refresh(), vtable_is_addr_vtable_start_itanium(), vtable_is_value_in_text_section(), w32_hwbp_arm_add(), w32_hwbp_arm_del(), w32_init(), w32_list_heaps_blocks(), w32_map_alloc(), w32_thread_list(), walk_exports(), walkSymbols(), wasm_dis(), windbg_map_get(), winkd_get_sp(), winkd_get_target_base(), winkd_get_thread_at(), winkd_list_modules(), winkd_list_process(), winkd_list_threads(), winkd_op_at_uva(), winkd_read_ver(), winkd_va_to_pa(), winkd_walk_vadtree(), winkd_write_reg(), write_n_bits(), xnu_collect_thread_state(), xnu_dbg_maps(), xnu_dbg_modules(), xnu_map_alloc(), xnu_write_mem_maps_to_buffer(), xrefs_load_cb(), and xrefs_set().

◆ w32_attach()

int w32_attach ( RzDebug dbg,
int  pid 
)

Definition at line 598 of file windows_debug.c.

598  {
599  W32DbgWInst *wrap = dbg->plugin_data;
600  if (already_attached(wrap, pid)) {
601  return wrap->pi.dwThreadId;
602  }
603  if (wrap->pi.hProcess && wrap->pi.hProcess != INVALID_HANDLE_VALUE) {
604  CloseHandle(wrap->pi.hProcess);
605  }
606  dbg->main_pid = pid;
607  wrap->pi.dwProcessId = pid;
608  wrap->params.type = W32_ATTACH;
609  w32dbg_wrap_wait_ret(wrap);
610  if (!wrap->params.ret) {
611  w32dbgw_err(wrap);
612  rz_sys_perror("DebugActiveProcess");
613  wrap->pi.hProcess = NULL;
614  wrap->pi.dwProcessId = 0;
615  return -1;
616  }
617  dbg->cur->wait(dbg, pid);
618  rz_debug_continue(dbg);
619  return wrap->pi.dwThreadId;
620 }
NULL
#define NULL
Definition: cris-opc.c:27
dbg
RzDebug * dbg
Definition: desil.c:30
INVALID_HANDLE_VALUE
#define INVALID_HANDLE_VALUE
Definition: iowin32.c:21
rz_debug_continue
RZ_API int rz_debug_continue(RzDebug *dbg)
Definition: debug.c:1332
pid
static static fork const void static count static fd const char const char static newpath char char char static envp time_t static t const char static mode static whence const char static dir time_t static t unsigned static seconds const char struct utimbuf static buf static inc pid
Definition: sflib.h:64
rz_sys_perror
#define rz_sys_perror(x)
Definition: rz_types.h:336
W32DbgWInst::params
W32DbgWParams params
Definition: w32dbg_wrap.h:36
W32DbgWInst::pi
PROCESS_INFORMATION pi
Definition: w32dbg_wrap.h:40
W32DbgWParams::type
w32dbg_wrap_req type
Definition: w32dbg_wrap.h:18
rz_debug_plugin_t::wait
RzDebugReasonType(* wait)(RzDebug *dbg, int pid)
Definition: rz_debug.h:384
rz_debug_t::cur
struct rz_debug_plugin_t * cur
Definition: rz_debug.h:295
rz_debug_t::plugin_data
void * plugin_data
Definition: rz_debug.h:296
rz_debug_t::main_pid
int main_pid
Definition: rz_debug.h:246
W32_ATTACH
@ W32_ATTACH
Definition: w32dbg_wrap.h:10
w32dbg_wrap_wait_ret
int w32dbg_wrap_wait_ret(W32DbgWInst *inst)
Definition: w32dbg_wrap.c:71
w32dbgw_err
#define w32dbgw_err(inst)
Definition: w32dbg_wrap.h:46
already_attached
static bool already_attached(W32DbgWInst *wrap, int pid)
Definition: windows_debug.c:594

References already_attached(), rz_debug_t::cur, dbg, INVALID_HANDLE_VALUE, rz_debug_t::main_pid, NULL, W32DbgWInst::params, W32DbgWInst::pi, pid, rz_debug_t::plugin_data, W32DbgWParams::ret, rz_debug_continue(), rz_sys_perror, W32DbgWParams::type, W32_ATTACH, w32dbg_wrap_wait_ret(), w32dbgw_err, and rz_debug_plugin_t::wait.

Referenced by w32_attach_new_process().

◆ w32_attach_new_process()

int w32_attach_new_process ( RzDebug dbg,
int  pid 
)

Definition at line 817 of file windows_debug.c.

817  {
818  int tid = -1;
819 
820  if (!w32_detach(dbg, dbg->pid)) {
821  eprintf("Failed to detach from (%d)\n", dbg->pid);
822  return -1;
823  }
824 
825  if ((tid = w32_attach(dbg, pid)) < 0) {
826  eprintf("Failed to attach to (%d)\n", pid);
827  return -1;
828  }
829 
830  dbg->tid = tid;
831  dbg->pid = pid;
832  // Call select to sync the new pid's data
833  rz_debug_select(dbg, pid, tid);
834  return dbg->tid;
835 }
rz_debug_select
RZ_API bool rz_debug_select(RzDebug *dbg, int pid, int tid)
Definition: debug.c:595
eprintf
#define eprintf(x, y...)
Definition: rlcc.c:7
rz_debug_t::tid
int tid
Definition: rz_debug.h:248
rz_debug_t::pid
int pid
Definition: rz_debug.h:247
w32_attach
int w32_attach(RzDebug *dbg, int pid)
Definition: windows_debug.c:598
w32_detach
int w32_detach(RzDebug *dbg, int pid)
Definition: windows_debug.c:622

References dbg, eprintf, rz_debug_t::pid, pid, rz_debug_select(), rz_debug_t::tid, w32_attach(), and w32_detach().

Referenced by w32_select().

◆ w32_break_process()

void w32_break_process ( void *  user)

Definition at line 912 of file windows_debug.c.

912  {
913  RzDebug *dbg = (RzDebug *)user;
914  W32DbgWInst *wrap = dbg->plugin_data;
915  if (dbg->corebind.cfggeti(dbg->corebind.core, "dbg.threads")) {
916  w32_select(dbg, wrap->pi.dwProcessId, -1); // Suspend all threads
917  } else {
918  if (!DebugBreakProcess(wrap->pi.hProcess)) {
919  rz_sys_perror("DebugBreakProcess");
920  eprintf("Could not interrupt program, attempt to press Ctrl-C in the program's console.\n");
921  }
922  }
923 
924  breaked = true;
925 }
rz_core_bind_t::core
void * core
Definition: rz_bind.h:31
rz_core_bind_t::cfggeti
RzCoreConfigGetI cfggeti
Definition: rz_bind.h:43
rz_debug_t
Definition: rz_debug.h:241
rz_debug_t::corebind
RzCoreBind corebind
Definition: rz_debug.h:314
breaked
static bool breaked
Definition: windows_debug.c:815
w32_select
int w32_select(RzDebug *dbg, int pid, int tid)
Definition: windows_debug.c:837

References breaked, rz_core_bind_t::cfggeti, rz_core_bind_t::core, rz_debug_t::corebind, dbg, eprintf, W32DbgWInst::pi, rz_debug_t::plugin_data, rz_sys_perror, and w32_select().

Referenced by w32_dbg_wait().

◆ w32_continue()

int w32_continue ( RzDebug dbg,
int  pid,
int  tid,
int  sig 
)

Definition at line 1144 of file windows_debug.c.

1144  {
1145  if (tid != dbg->tid) {
1146  dbg->tid = w32_select(dbg, pid, tid);
1147  }
1148  // Don't continue with a thread that wasn't requested
1149  if (dbg->tid != tid) {
1150  return -1;
1151  }
1152 
1153  if (breaked) {
1154  breaked = false;
1155  return -1;
1156  }
1157 
1158  PTHREAD_ITEM th = find_thread(dbg, tid);
1159  if (th && th->hThread != INVALID_HANDLE_VALUE && th->bSuspended) {
1160  continue_thread(th->hThread);
1161  th->bSuspended = false;
1162  }
1163 
1164  W32DbgWInst *wrap = dbg->plugin_data;
1165  wrap->params.type = W32_CONTINUE;
1166 
1167  /* Honor the Windows-specific signal that instructs threads to process exceptions */
1168  wrap->params.continue_status = (sig == DBG_EXCEPTION_NOT_HANDLED)
1169  ? DBG_EXCEPTION_NOT_HANDLED
1170  : DBG_EXCEPTION_HANDLED;
1171 
1172  w32dbg_wrap_wait_ret(wrap);
1173  if (!w32dbgw_ret(wrap)) {
1174  w32dbgw_err(wrap);
1175  rz_sys_perror("ContinueDebugEvent");
1176  return -1;
1177  }
1178 
1179  if (th && th->bFinished) {
1180  rz_list_delete_data(dbg->threads, th);
1181  }
1182 
1183  return tid;
1184 }
rz_list_delete_data
RZ_API bool rz_list_delete_data(RZ_NONNULL RzList *list, void *ptr)
Deletes an entry in the list by searching for a pointer.
Definition: list.c:148
THREAD_ITEM
Definition: windows_debug.h:97
THREAD_ITEM::bSuspended
bool bSuspended
Definition: windows_debug.h:101
THREAD_ITEM::bFinished
bool bFinished
Definition: windows_debug.h:100
THREAD_ITEM::hThread
HANDLE hThread
Definition: windows_debug.h:102
W32DbgWParams::continue_status
DWORD continue_status
Definition: w32dbg_wrap.h:20
rz_debug_t::threads
RzList * threads
Definition: rz_debug.h:251
W32_CONTINUE
@ W32_CONTINUE
Definition: w32dbg_wrap.h:9
w32dbgw_ret
#define w32dbgw_ret(inst)
Definition: w32dbg_wrap.h:45
find_thread
static PTHREAD_ITEM find_thread(RzDebug *dbg, int tid)
Definition: windows_debug.c:99
continue_thread
static void continue_thread(HANDLE th)
Definition: windows_debug.c:155

References THREAD_ITEM::bFinished, breaked, THREAD_ITEM::bSuspended, W32DbgWParams::continue_status, continue_thread(), dbg, find_thread(), THREAD_ITEM::hThread, INVALID_HANDLE_VALUE, W32DbgWInst::params, pid, rz_debug_t::plugin_data, rz_list_delete_data(), rz_sys_perror, rz_debug_t::threads, rz_debug_t::tid, W32DbgWParams::type, W32_CONTINUE, w32_select(), w32dbg_wrap_wait_ret(), w32dbgw_err, and w32dbgw_ret.

Referenced by w32_dbg_wait().

◆ w32_dbg_wait()

int w32_dbg_wait ( RzDebug dbg,
int  pid 
)

Definition at line 927 of file windows_debug.c.

927  {
928  W32DbgWInst *wrap = dbg->plugin_data;
929  DEBUG_EVENT de;
930  int tid, next_event = 0;
931  char *dllname = NULL;
932  int ret = RZ_DEBUG_REASON_UNKNOWN;
933  static int exited_already = 0;
934 
935  rz_cons_break_push(w32_break_process, dbg);
936 
937  /* handle debug events */
938  do {
939  /* do not continue when already exited but still open for examination */
940  if (exited_already == pid) {
941  return RZ_DEBUG_REASON_DEAD;
942  }
943  memset(&de, 0, sizeof(DEBUG_EVENT));
944  do {
945  wrap->params.type = W32_WAIT;
946  wrap->params.wait.de = &de;
947  wrap->params.wait.wait_time = wait_time;
948  void *bed = rz_cons_sleep_begin();
949  w32dbg_wrap_wait_ret(wrap);
950  rz_cons_sleep_end(bed);
951  if (!w32dbgw_ret(wrap)) {
952  if (w32dbgw_err(wrap) != ERROR_SEM_TIMEOUT) {
953  rz_sys_perror("WaitForDebugEvent");
954  ret = -1;
955  goto end;
956  }
957  if (!is_thread_alive(dbg, dbg->tid)) {
958  ret = w32_select(dbg, dbg->pid, dbg->tid);
959  if (ret == -1) {
960  ret = RZ_DEBUG_REASON_DEAD;
961  goto end;
962  }
963  }
964  } else {
965  break;
966  }
967  } while (!breaked);
968 
969  if (breaked) {
970  ret = RZ_DEBUG_REASON_USERSUSP;
971  breaked = false;
972  }
973 
974  dbg->tid = tid = de.dwThreadId;
975  dbg->pid = pid = de.dwProcessId;
976 
977  /* TODO: DEBUG_CONTROL_C */
978  switch (de.dwDebugEventCode) {
979  case CREATE_PROCESS_DEBUG_EVENT:
980  CloseHandle(de.u.CreateProcessInfo.hFile);
981  add_thread(dbg, pid, tid, de.u.CreateProcessInfo.hThread, de.u.CreateProcessInfo.lpThreadLocalBase, de.u.CreateProcessInfo.lpStartAddress, FALSE);
982  wrap->pi.hProcess = de.u.CreateProcessInfo.hProcess;
983  wrap->pi.hThread = de.u.CreateProcessInfo.hThread;
984  wrap->winbase = (ULONG_PTR)de.u.CreateProcessInfo.lpBaseOfImage;
985  ret = RZ_DEBUG_REASON_NEW_PID;
986  next_event = 0;
987  break;
988  case CREATE_THREAD_DEBUG_EVENT:
989  add_thread(dbg, pid, tid, de.u.CreateThread.hThread, de.u.CreateThread.lpThreadLocalBase, de.u.CreateThread.lpStartAddress, FALSE);
990  if (ret != RZ_DEBUG_REASON_USERSUSP) {
991  ret = RZ_DEBUG_REASON_NEW_TID;
992  }
993  dbg->corebind.cmdf(dbg->corebind.core, "f teb.%d @ 0x%p", tid, de.u.CreateThread.lpThreadLocalBase);
994  next_event = 0;
995  break;
996  case EXIT_PROCESS_DEBUG_EVENT:
997  case EXIT_THREAD_DEBUG_EVENT: {
998  PTHREAD_ITEM th = find_thread(dbg, tid);
999  if (th) {
1000  th->bFinished = TRUE;
1001  th->dwExitCode = de.u.ExitThread.dwExitCode;
1002  } else {
1003  rz_warn_if_reached();
1004  }
1005  dbg->corebind.cmdf(dbg->corebind.core, "f- teb.%d", tid);
1006  if (de.dwDebugEventCode == EXIT_PROCESS_DEBUG_EVENT) {
1007  exited_already = pid;
1008  w32_continue(dbg, pid, tid, DBG_CONTINUE);
1009  ret = pid == dbg->main_pid ? RZ_DEBUG_REASON_DEAD : RZ_DEBUG_REASON_EXIT_PID;
1010  } else {
1011  ret = RZ_DEBUG_REASON_EXIT_TID;
1012  }
1013  next_event = 0;
1014  break;
1015  }
1016  case LOAD_DLL_DEBUG_EVENT:
1017  dllname = resolve_path(wrap->pi.hProcess, de.u.LoadDll.hFile);
1018  if (dllname) {
1019  add_library(pid, de.u.LoadDll.lpBaseOfDll, de.u.LoadDll.hFile, dllname);
1020  free(dllname);
1021  }
1022  ret = RZ_DEBUG_REASON_NEW_LIB;
1023  next_event = 0;
1024  break;
1025  case UNLOAD_DLL_DEBUG_EVENT: {
1026  PLIB_ITEM lib = (PLIB_ITEM)find_library(de.u.UnloadDll.lpBaseOfDll);
1027  if (lib) {
1028  remove_library(lib);
1029  }
1030  ret = RZ_DEBUG_REASON_EXIT_LIB;
1031  next_event = 0;
1032  break;
1033  }
1034  case OUTPUT_DEBUG_STRING_EVENT: {
1035  char *str = calloc(de.u.DebugString.nDebugStringLength, sizeof(WCHAR));
1036  ReadProcessMemory(wrap->pi.hProcess, de.u.DebugString.lpDebugStringData, str, de.u.DebugString.nDebugStringLength, NULL);
1037  char *tmp = de.u.DebugString.fUnicode
1038  ? rz_utf16_to_utf8((wchar_t *)str)
1039  : rz_acp_to_utf8(str);
1040  if (tmp) {
1041  free(str);
1042  str = tmp;
1043  }
1044  eprintf("(%d) Debug string: %s\n", pid, str);
1045  free(str);
1046  w32_continue(dbg, pid, tid, DBG_EXCEPTION_NOT_HANDLED);
1047  next_event = 1;
1048  break;
1049  }
1050  case RIP_EVENT:
1051  eprintf("(%d) RIP event\n", pid);
1052  w32_continue(dbg, pid, tid, -1);
1053  next_event = 1;
1054  // XXX unknown ret = RZ_DEBUG_REASON_TRAP;
1055  break;
1056  case EXCEPTION_DEBUG_EVENT:
1057  dbg->reason.signum = DBG_EXCEPTION_NOT_HANDLED;
1058  switch (de.u.Exception.ExceptionRecord.ExceptionCode) {
1059  case DBG_CONTROL_C:
1060  eprintf("Received CTRL+C, suspending execution\n");
1061  ret = RZ_DEBUG_REASON_SIGNAL;
1062  next_event = 0;
1063  break;
1064 #if _WIN64
1065  case 0x4000001f: /* STATUS_WX86_BREAKPOINT */
1066 #endif
1067  case EXCEPTION_BREAKPOINT:
1068  ret = RZ_DEBUG_REASON_BREAKPOINT;
1069  next_event = 0;
1070  break;
1071 #if _WIN64
1072  case 0x4000001e: /* STATUS_WX86_SINGLE_STEP */
1073 #endif
1074  case EXCEPTION_SINGLE_STEP:
1075  ret = RZ_DEBUG_REASON_STEP;
1076  next_event = 0;
1077  break;
1078  default:
1079  if (rz_bp_get_at(dbg->bp, (size_t)de.u.Exception.ExceptionRecord.ExceptionAddress)) {
1080  ret = RZ_DEBUG_REASON_BREAKPOINT;
1081  next_event = 0;
1082  break;
1083  }
1084  EXCEPTION_DEBUG_INFO *exp = &de.u.Exception;
1085  windows_print_exception_event(de.dwProcessId, de.dwThreadId, exp->ExceptionRecord.ExceptionCode, exp->dwFirstChance);
1086  if (windows_is_exception_fatal(de.u.Exception.ExceptionRecord.ExceptionCode)) {
1087  next_event = 0;
1088  dbg->reason.type = windows_exception_to_reason(de.u.Exception.ExceptionRecord.ExceptionCode);
1089  dbg->reason.tid = de.dwThreadId;
1090  dbg->reason.addr = (size_t)de.u.Exception.ExceptionRecord.ExceptionAddress;
1091  dbg->reason.timestamp = rz_time_now();
1092  ret = dbg->reason.type;
1093  } else {
1094  w32_continue(dbg, pid, tid, DBG_EXCEPTION_NOT_HANDLED);
1095  next_event = 1;
1096  }
1097  }
1098  break;
1099  default:
1100  // This case might be reached if break doesn't trigger an event
1101  if (ret != RZ_DEBUG_REASON_USERSUSP) {
1102  eprintf("(%d) unknown event: %lu\n", pid, de.dwDebugEventCode);
1103  ret = -1;
1104  }
1105  next_event = 0;
1106  }
1107  } while (next_event);
1108 
1109  if (ret != RZ_DEBUG_REASON_DEAD) {
1110  PTHREAD_ITEM th = find_thread(dbg, tid);
1111  if (th) {
1112  wrap->pi.hThread = th->hThread;
1113  } else {
1114  rz_warn_if_reached();
1115  }
1116  }
1117 #if __arm__ || __arm64__
1118  if (ret != RZ_DEBUG_REASON_EXIT_TID) {
1119  CONTEXT ctx;
1120  suspend_thread(wrap->pi.hThread);
1121  get_thread_context(wrap->pi.hThread, (ut8 *)&ctx, sizeof(ctx), CONTEXT_CONTROL);
1122  resume_thread(wrap->pi.hThread);
1123  if (ctx.Cpsr & 0x20) {
1124  dbg->bits = RZ_SYS_BITS_16;
1125  } else {
1126 #if __arm__
1127  dbg->bits = RZ_SYS_BITS_32;
1128 #else
1129  dbg->bits = RZ_SYS_BITS_64;
1130 #endif
1131  }
1132  }
1133 #endif
1134 end:
1135  if (ret == RZ_DEBUG_REASON_DEAD) {
1136  w32_detach(dbg, dbg->pid);
1137  rz_list_purge(dbg->threads);
1138  rz_list_purge(lib_list);
1139  }
1140  rz_cons_break_pop();
1141  return ret;
1142 }
rz_bp_get_at
RZ_API RZ_BORROW RzBreakpointItem * rz_bp_get_at(RZ_NONNULL RzBreakpoint *bp, ut64 addr)
Get the breakpoint at exactly addr.
Definition: bp.c:102
EXCEPTION_SINGLE_STEP
#define EXCEPTION_SINGLE_STEP
Definition: common_windows.c:9
windows_exception_to_reason
RzDebugReasonType windows_exception_to_reason(ut32 exception_code)
Definition: common_windows.c:33
EXCEPTION_BREAKPOINT
#define EXCEPTION_BREAKPOINT
Definition: common_windows.c:8
windows_print_exception_event
void windows_print_exception_event(ut32 pid, ut32 tid, ut32 exception_code, bool second_chance)
Definition: common_windows.c:115
windows_is_exception_fatal
bool windows_is_exception_fatal(ut32 exception_code)
Definition: common_windows.c:97
rz_cons_sleep_begin
RZ_API void * rz_cons_sleep_begin(void)
Definition: cons.c:443
rz_cons_break_pop
RZ_API void rz_cons_break_pop(void)
Definition: cons.c:361
rz_cons_break_push
RZ_API void rz_cons_break_push(RzConsBreak cb, void *user)
Definition: cons.c:357
rz_cons_sleep_end
RZ_API void rz_cons_sleep_end(void *user)
Definition: cons.c:450
free
RZ_API void Ht_() free(HtName_(Ht) *ht)
Definition: ht_inc.c:130
ut8
uint8_t ut8
Definition: lh5801.h:11
memset
return memset(p, 0, total)
rz_list_purge
RZ_API void rz_list_purge(RZ_NONNULL RzList *list)
Empties the list without freeing the list pointer.
Definition: list.c:120
calloc
void * calloc(size_t number, size_t size)
Definition: malloc.c:102
TRUE
#define TRUE
Definition: mybfd.h:103
FALSE
#define FALSE
Definition: mybfd.h:102
autogen_x86imm.tmp
tmp
Definition: autogen_x86imm.py:12
cmd_descs_generate.str
str
Definition: cmd_descs_generate.py:785
test_evm.end
end
Definition: test_evm.py:20
rz_warn_if_reached
#define rz_warn_if_reached()
Definition: rz_assert.h:29
RZ_DEBUG_REASON_NEW_TID
@ RZ_DEBUG_REASON_NEW_TID
Definition: rz_debug.h:106
RZ_DEBUG_REASON_DEAD
@ RZ_DEBUG_REASON_DEAD
Definition: rz_debug.h:90
RZ_DEBUG_REASON_STEP
@ RZ_DEBUG_REASON_STEP
Definition: rz_debug.h:98
RZ_DEBUG_REASON_UNKNOWN
@ RZ_DEBUG_REASON_UNKNOWN
Definition: rz_debug.h:103
RZ_DEBUG_REASON_BREAKPOINT
@ RZ_DEBUG_REASON_BREAKPOINT
Definition: rz_debug.h:94
RZ_DEBUG_REASON_USERSUSP
@ RZ_DEBUG_REASON_USERSUSP
Definition: rz_debug.h:115
RZ_DEBUG_REASON_NEW_LIB
@ RZ_DEBUG_REASON_NEW_LIB
Definition: rz_debug.h:107
RZ_DEBUG_REASON_EXIT_LIB
@ RZ_DEBUG_REASON_EXIT_LIB
Definition: rz_debug.h:110
RZ_DEBUG_REASON_NEW_PID
@ RZ_DEBUG_REASON_NEW_PID
Definition: rz_debug.h:105
RZ_DEBUG_REASON_EXIT_PID
@ RZ_DEBUG_REASON_EXIT_PID
Definition: rz_debug.h:108
RZ_DEBUG_REASON_EXIT_TID
@ RZ_DEBUG_REASON_EXIT_TID
Definition: rz_debug.h:109
RZ_DEBUG_REASON_SIGNAL
@ RZ_DEBUG_REASON_SIGNAL
Definition: rz_debug.h:92
RZ_SYS_BITS_32
@ RZ_SYS_BITS_32
Definition: rz_sys.h:20
RZ_SYS_BITS_64
@ RZ_SYS_BITS_64
Definition: rz_sys.h:21
RZ_SYS_BITS_16
@ RZ_SYS_BITS_16
Definition: rz_sys.h:19
rz_time_now
RZ_API ut64 rz_time_now(void)
Returns the current time in microseconds.
Definition: time.c:88
size_t
int size_t
Definition: sftypes.h:40
LIB_ITEM
Definition: windows_debug.h:109
THREAD_ITEM::dwExitCode
DWORD dwExitCode
Definition: windows_debug.h:106
W32DbgWInst::winbase
ULONG_PTR winbase
Definition: w32dbg_wrap.h:39
W32DbgWParams::wait
struct W32DbgWParams::@606::@608 wait
rz_core_bind_t::cmdf
RzCoreCmdF cmdf
Definition: rz_bind.h:33
rz_debug_reason_t::tid
int tid
Definition: rz_debug.h:128
rz_debug_reason_t::addr
ut64 addr
Definition: rz_debug.h:132
rz_debug_reason_t::timestamp
ut64 timestamp
Definition: rz_debug.h:131
rz_debug_reason_t::type
int type
Definition: rz_debug.h:127
rz_debug_reason_t::signum
int signum
Definition: rz_debug.h:129
rz_debug_t::reason
RzDebugReason reason
Definition: rz_debug.h:276
rz_debug_t::bits
int bits
Definition: rz_debug.h:243
rz_debug_t::bp
RzBreakpoint * bp
Definition: rz_debug.h:288
W32_WAIT
@ W32_WAIT
Definition: w32dbg_wrap.h:12
resolve_path
static char * resolve_path(HANDLE ph, HANDLE mh)
Definition: windows_debug.c:716
add_library
static void add_library(DWORD pid, LPVOID lpBaseOfDll, HANDLE hFile, char *dllname)
Definition: windows_debug.c:782
wait_time
const DWORD wait_time
Definition: windows_debug.c:11
w32_break_process
void w32_break_process(void *user)
Definition: windows_debug.c:912
remove_library
static void remove_library(PLIB_ITEM library)
Definition: windows_debug.c:778
get_thread_context
static int get_thread_context(HANDLE th, ut8 *buf, int size, DWORD context_flags)
Definition: windows_debug.c:199
add_thread
static PTHREAD_ITEM add_thread(RzDebug *dbg, DWORD pid, DWORD tid, HANDLE hThread, LPVOID lpThreadLocalBase, LPVOID lpStartAddress, BOOL bFinished)
Definition: windows_debug.c:107
is_thread_alive
static bool is_thread_alive(RzDebug *dbg, int tid)
Definition: windows_debug.c:162
w32_continue
int w32_continue(RzDebug *dbg, int pid, int tid, int sig)
Definition: windows_debug.c:1144
lib_list
static RzList * lib_list
Definition: windows_debug.c:12
resume_thread
static int resume_thread(HANDLE th)
Definition: windows_debug.c:147
suspend_thread
static int suspend_thread(HANDLE th)
Definition: windows_debug.c:139
find_library
static void * find_library(void *BaseOfDll)
Definition: windows_debug.c:773
PLIB_ITEM
struct LIB_ITEM * PLIB_ITEM

References add_library(), add_thread(), rz_debug_reason_t::addr, THREAD_ITEM::bFinished, rz_debug_t::bits, rz_debug_t::bp, breaked, calloc(), rz_core_bind_t::cmdf, rz_core_bind_t::core, rz_debug_t::corebind, dbg, THREAD_ITEM::dwExitCode, test_evm::end, eprintf, EXCEPTION_BREAKPOINT, EXCEPTION_SINGLE_STEP, FALSE, find_library(), find_thread(), free(), get_thread_context(), THREAD_ITEM::hThread, is_thread_alive(), lib_list, rz_debug_t::main_pid, memset(), NULL, W32DbgWInst::params, W32DbgWInst::pi, rz_debug_t::pid, pid, rz_debug_t::plugin_data, rz_debug_t::reason, remove_library(), resolve_path(), resume_thread(), rz_bp_get_at(), rz_cons_break_pop(), rz_cons_break_push(), rz_cons_sleep_begin(), rz_cons_sleep_end(), RZ_DEBUG_REASON_BREAKPOINT, RZ_DEBUG_REASON_DEAD, RZ_DEBUG_REASON_EXIT_LIB, RZ_DEBUG_REASON_EXIT_PID, RZ_DEBUG_REASON_EXIT_TID, RZ_DEBUG_REASON_NEW_LIB, RZ_DEBUG_REASON_NEW_PID, RZ_DEBUG_REASON_NEW_TID, RZ_DEBUG_REASON_SIGNAL, RZ_DEBUG_REASON_STEP, RZ_DEBUG_REASON_UNKNOWN, RZ_DEBUG_REASON_USERSUSP, rz_list_purge(), RZ_SYS_BITS_16, RZ_SYS_BITS_32, RZ_SYS_BITS_64, rz_sys_perror, rz_time_now(), rz_warn_if_reached, rz_debug_reason_t::signum, cmd_descs_generate::str, suspend_thread(), rz_debug_t::threads, rz_debug_reason_t::tid, rz_debug_t::tid, rz_debug_reason_t::timestamp, autogen_x86imm::tmp, TRUE, rz_debug_reason_t::type, W32DbgWParams::type, w32_break_process(), w32_continue(), w32_detach(), w32_select(), W32_WAIT, w32dbg_wrap_wait_ret(), w32dbgw_err, w32dbgw_ret, W32DbgWParams::wait, wait_time, W32DbgWInst::winbase, windows_exception_to_reason(), windows_is_exception_fatal(), and windows_print_exception_event().

◆ w32_desc_list()

RzList* w32_desc_list ( int  pid)

Definition at line 1471 of file windows_debug.c.

1471  {
1472  HANDLE ph;
1473  if (!(ph = OpenProcess(PROCESS_DUP_HANDLE, FALSE, pid))) {
1474  return NULL;
1475  }
1476  ULONG handleInfoSize = 0x10000;
1477  POBJECT_TYPE_INFORMATION objectTypeInfo = malloc(0x1000);
1478  if (!objectTypeInfo) {
1479  CloseHandle(ph);
1480  return NULL;
1481  }
1482  RzDebugDesc *desc;
1483  NTSTATUS status;
1484  PSYSTEM_HANDLE_INFORMATION handleInfo = NULL;
1485  PVOID objectNameInfo = NULL;
1486  RzList *ret = rz_list_newf((RzListFree)rz_debug_desc_free);
1487  if (!ret) {
1488  goto beach;
1489  }
1490  handleInfo = (PSYSTEM_HANDLE_INFORMATION)malloc(handleInfoSize);
1491  while ((status = w32_NtQuerySystemInformation(SystemHandleInformation, handleInfo, handleInfoSize, NULL)) == STATUS_INFO_LENGTH_MISMATCH) {
1492  handleInfoSize *= 2;
1493  void *tmp = realloc(handleInfo, (size_t)handleInfoSize);
1494  if (tmp) {
1495  handleInfo = (PSYSTEM_HANDLE_INFORMATION)tmp;
1496  } else {
1497  goto beach;
1498  }
1499  }
1500  if (status) {
1501  rz_sys_perror("NtQuerySystemInformation");
1502  goto beach;
1503  }
1504  size_t objectNameInfo_sz = 0x1000;
1505  objectNameInfo = malloc(objectNameInfo_sz);
1506  if (!objectNameInfo) {
1507  goto beach;
1508  }
1509  int i;
1510  for (i = 0; i < handleInfo->HandleCount; i++) {
1511  SYSTEM_HANDLE handle = handleInfo->Handles[i];
1512  HANDLE dupHandle = NULL;
1513  ULONG returnLength;
1514  int perms = 0;
1515  if (handle.ProcessId != pid) {
1516  continue;
1517  }
1518  if (w32_NtDuplicateObject(ph, (HANDLE)(size_t)handle.Handle, GetCurrentProcess(), &dupHandle, 0, 0, 0)) {
1519  continue;
1520  }
1521  if (w32_NtQueryObject(dupHandle, 2, objectTypeInfo, 0x1000, NULL)) {
1522  CloseHandle(dupHandle);
1523  continue;
1524  }
1525  if (wcscmp(objectTypeInfo->Name.Buffer, L"File")) {
1526  CloseHandle(dupHandle);
1527  continue;
1528  }
1529  GENERIC_MAPPING *gm = &objectTypeInfo->GenericMapping;
1530  if ((handle.GrantedAccess & gm->GenericRead) == gm->GenericRead) {
1531  perms |= RZ_PERM_R;
1532  }
1533  if ((handle.GrantedAccess & gm->GenericWrite) == gm->GenericWrite) {
1534  perms |= RZ_PERM_W;
1535  }
1536  if ((handle.GrantedAccess & gm->GenericExecute) == gm->GenericExecute) {
1537  perms |= RZ_PERM_X;
1538  }
1539  if (w32_NtQueryObject(dupHandle, 1, objectNameInfo, objectNameInfo_sz, &returnLength)) {
1540  void *tmp = realloc(objectNameInfo, returnLength);
1541  if (tmp) {
1542  objectNameInfo = tmp;
1543  objectNameInfo_sz = returnLength;
1544  }
1545  if (w32_NtQueryObject(dupHandle, 1, objectNameInfo, objectNameInfo_sz, NULL)) {
1546  CloseHandle(dupHandle);
1547  continue;
1548  }
1549  }
1550  PUNICODE_STRING objectName = objectNameInfo;
1551  if (objectName->Length) {
1552  char *name = rz_utf16_to_utf8_l(objectName->Buffer, objectName->Length / 2);
1553  desc = rz_debug_desc_new(handle.Handle, name, perms, '?', 0);
1554  if (!desc) {
1555  free(name);
1556  break;
1557  }
1558  rz_list_append(ret, desc);
1559  free(name);
1560  } else {
1561  char *name = rz_utf16_to_utf8_l(objectTypeInfo->Name.Buffer, objectTypeInfo->Name.Length / 2);
1562  desc = rz_debug_desc_new(handle.Handle, name, perms, '?', 0);
1563  if (!desc) {
1564  free(name);
1565  break;
1566  }
1567  rz_list_append(ret, desc);
1568  free(name);
1569  }
1570  CloseHandle(dupHandle);
1571  }
1572 beach:
1573  free(objectNameInfo);
1574  free(objectTypeInfo);
1575  free(handleInfo);
1576  CloseHandle(ph);
1577  return ret;
1578 }
i
lzma_index ** i
Definition: index.h:629
handle
static mcore_handle handle
Definition: asm_mcore.c:8
desc
const char * desc
Definition: bin_vsf.c:19
rz_debug_desc_new
RZ_API RzDebugDesc * rz_debug_desc_new(int fd, char *path, int perm, int type, int off)
Definition: ddesc.c:8
rz_debug_desc_free
RZ_API void rz_debug_desc_free(RzDebugDesc *p)
Definition: ddesc.c:20
rz_list_newf
RZ_API RZ_OWN RzList * rz_list_newf(RzListFree f)
Returns a new initialized RzList pointer and sets the free method.
Definition: list.c:248
rz_list_append
RZ_API RZ_BORROW RzListIter * rz_list_append(RZ_NONNULL RzList *list, void *data)
Appends at the end of the list a new element.
Definition: list.c:288
realloc
void * realloc(void *ptr, size_t size)
Definition: malloc.c:144
malloc
void * malloc(size_t size)
Definition: malloc.c:123
status
static const char struct stat static buf struct stat static buf static vhangup int status
Definition: sflib.h:145
ph
#define ph(a_type)
Definition: ph.h:27
RzListFree
void(* RzListFree)(void *ptr)
Definition: rz_list.h:11
RZ_PERM_R
#define RZ_PERM_R
Definition: rz_types.h:93
RZ_PERM_W
#define RZ_PERM_W
Definition: rz_types.h:94
RZ_PERM_X
#define RZ_PERM_X
Definition: rz_types.h:95
_OBJECT_TYPE_INFORMATION
Definition: windows_debug.h:71
_OBJECT_TYPE_INFORMATION::Name
UNICODE_STRING Name
Definition: windows_debug.h:72
_OBJECT_TYPE_INFORMATION::GenericMapping
GENERIC_MAPPING GenericMapping
Definition: windows_debug.h:86
_SYSTEM_HANDLE_INFORMATION
Definition: windows_debug.h:55
_SYSTEM_HANDLE_INFORMATION::HandleCount
ULONG HandleCount
Definition: windows_debug.h:56
_SYSTEM_HANDLE_INFORMATION::Handles
SYSTEM_HANDLE Handles[1]
Definition: windows_debug.h:57
_SYSTEM_HANDLE
Definition: windows_debug.h:46
_UNICODE_STRING
Definition: winapi.h:4115
_UNICODE_STRING::Length
USHORT Length
Definition: winapi.h:4116
_UNICODE_STRING::Buffer
PWSTR Buffer
Definition: winapi.h:4118
name
Definition: z80asm.h:102
rz_debug_desc_t
Definition: rz_debug.h:154
rz_list_t
Definition: rz_list.h:18
NTSTATUS
LONG NTSTATUS
Definition: win.h:198
STATUS_INFO_LENGTH_MISMATCH
#define STATUS_INFO_LENGTH_MISMATCH
Definition: winapi.h:692
SystemHandleInformation
#define SystemHandleInformation
Definition: windows_debug.c:14
PSYSTEM_HANDLE_INFORMATION
struct _SYSTEM_HANDLE_INFORMATION * PSYSTEM_HANDLE_INFORMATION
HANDLE
DWORD * HANDLE
Definition: windows_debug.h:119
ULONG
ULONG
Definition: windows_debug.h:124
PVOID
PVOID
Definition: windows_debug.h:124
L
#define L
Definition: zip_err_str.c:7

References _UNICODE_STRING::Buffer, desc, FALSE, free(), _OBJECT_TYPE_INFORMATION::GenericMapping, handle, HANDLE, _SYSTEM_HANDLE_INFORMATION::HandleCount, _SYSTEM_HANDLE_INFORMATION::Handles, i, L, _UNICODE_STRING::Length, malloc(), _OBJECT_TYPE_INFORMATION::Name, NULL, ph, pid, PVOID, realloc(), rz_debug_desc_free(), rz_debug_desc_new(), rz_list_append(), rz_list_newf(), RZ_PERM_R, RZ_PERM_W, RZ_PERM_X, rz_sys_perror, status, STATUS_INFO_LENGTH_MISMATCH, SystemHandleInformation, autogen_x86imm::tmp, and ULONG.

◆ w32_detach()

int w32_detach ( RzDebug dbg,
int  pid 
)

Definition at line 622 of file windows_debug.c.

622  {
623  if (pid == -1 || dbg->pid != pid) {
624  return false;
625  }
626 
627  // Resume suspended threads
628  RzListIter *it;
629  PTHREAD_ITEM th;
630  rz_list_foreach (dbg->threads, it, th) {
631  if (th->bSuspended && !th->bFinished) {
632  resume_thread(th->hThread);
633  }
634  }
635  rz_list_purge(dbg->threads);
636  if (lib_list) {
637  rz_list_purge(lib_list);
638  }
639  W32DbgWInst *wrap = dbg->plugin_data;
640  bool ret = false;
641  wrap->pi.dwProcessId = pid;
642  wrap->params.type = W32_DETACH;
643  w32dbg_wrap_wait_ret(wrap);
644  ret = wrap->params.ret;
645  memset(&wrap->pi, 0, sizeof(wrap->pi));
646  return ret;
647 }
rz_list_iter_t
Definition: rz_list.h:13
W32_DETACH
@ W32_DETACH
Definition: w32dbg_wrap.h:11

References THREAD_ITEM::bFinished, THREAD_ITEM::bSuspended, dbg, THREAD_ITEM::hThread, lib_list, memset(), W32DbgWInst::params, W32DbgWInst::pi, rz_debug_t::pid, pid, rz_debug_t::plugin_data, resume_thread(), W32DbgWParams::ret, rz_list_purge(), rz_debug_t::threads, W32DbgWParams::type, W32_DETACH, and w32dbg_wrap_wait_ret().

Referenced by w32_attach_new_process(), and w32_dbg_wait().

◆ w32_info()

RzDebugInfo* w32_info ( RzDebug dbg,
const char *  arg 
)

Definition at line 1404 of file windows_debug.c.

1404  {
1405  RzDebugInfo *rdi = RZ_NEW0(RzDebugInfo);
1406  if (!rdi) {
1407  return NULL;
1408  }
1409  rdi->status = RZ_DBG_PROC_SLEEP; // TODO: Fix this
1410  rdi->pid = dbg->pid;
1411  rdi->tid = dbg->tid;
1412  rdi->lib = last_library();
1413  rdi->thread = find_thread(dbg, dbg->tid);
1414  rdi->uid = -1;
1415  rdi->gid = -1;
1416  rdi->cwd = NULL;
1417  rdi->exe = NULL;
1418  rdi->cmdline = NULL;
1419  rdi->libname = NULL;
1420  w32_info_user(dbg, rdi);
1421  w32_info_exe(dbg, rdi);
1422  return rdi;
1423 }
RZ_DBG_PROC_SLEEP
@ RZ_DBG_PROC_SLEEP
Definition: rz_debug.h:62
RZ_NEW0
#define RZ_NEW0(x)
Definition: rz_types.h:284
rz_debug_info_t
Definition: rz_debug.h:336
w32_info_exe
static void w32_info_exe(RzDebug *dbg, RzDebugInfo *rdi)
Definition: windows_debug.c:1396
last_library
static void * last_library(void)
Definition: windows_debug.c:811
w32_info_user
static void w32_info_user(RzDebug *dbg, RzDebugInfo *rdi)
Definition: windows_debug.c:1339

References dbg, find_thread(), last_library(), NULL, rz_debug_t::pid, rdi, RZ_DBG_PROC_SLEEP, RZ_NEW0, rz_debug_t::tid, w32_info_exe(), and w32_info_user().

◆ w32_init()

int w32_init ( RzDebug dbg)

Definition at line 37 of file windows_debug.c.

37  {
38  if (!dbg->plugin_data) {
39  dbg->plugin_data = dbg->iob.get_w32dbg_wrap(dbg->iob.io);
40  if (!dbg->plugin_data) {
41  return 0;
42  }
43  }
44  // escalate privs (required for win7/vista)
45  setup_debug_privileges(true);
46 
47  HMODULE lib = GetModuleHandleW(L"kernel32"); // Always loaded
48  if (!lib) {
49  return false;
50  }
51  // lookup function pointers for portability
52  // only windows vista :(
53  w32_ProcessIdToSessionId = (BOOL(WINAPI *)(DWORD, DWORD *))
54  GetProcAddress(lib, "ProcessIdToSessionId");
55 
56  w32_QueryFullProcessImageNameW = (BOOL(WINAPI *)(HANDLE, DWORD, LPWSTR, PDWORD))
57  GetProcAddress(lib, "QueryFullProcessImageNameW");
58 
59  // api to retrieve YMM from w7 sp1
60  w32_GetEnabledXStateFeatures = (ut64(WINAPI *)())
61  GetProcAddress(lib, "GetEnabledXStateFeatures");
62 
63  w32_InitializeContext = (BOOL(WINAPI *)(PVOID, DWORD, PCONTEXT *, PDWORD))
64  GetProcAddress(lib, "InitializeContext");
65 
66  w32_GetXStateFeaturesMask = (BOOL(WINAPI *)(PCONTEXT Context, PDWORD64))
67  GetProcAddress(lib, "GetXStateFeaturesMask");
68 
69  w32_LocateXStateFeature = (PVOID(WINAPI *)(PCONTEXT Context, DWORD, PDWORD))
70  GetProcAddress(lib, "LocateXStateFeature");
71 
72  w32_SetXStateFeaturesMask = (BOOL(WINAPI *)(PCONTEXT Context, DWORD64))
73  GetProcAddress(lib, "SetXStateFeaturesMask");
74 
75  lib = GetModuleHandleW(L"ntdll.dll");
76  if (!lib) {
77  eprintf("Cannot load ntdll.dll. Aborting\n");
78  return false;
79  }
80  w32_NtQuerySystemInformation = (NTSTATUS(WINAPI *)(ULONG, PVOID, ULONG, PULONG))
81  GetProcAddress(lib, "NtQuerySystemInformation");
82 
83  w32_NtDuplicateObject = (NTSTATUS(WINAPI *)(HANDLE, HANDLE, HANDLE, PHANDLE, ACCESS_MASK, ULONG, ULONG))
84  GetProcAddress(lib, "NtDuplicateObject");
85 
86  w32_NtQueryObject = (NTSTATUS(WINAPI *)(HANDLE, ULONG, PVOID, ULONG, PULONG))
87  GetProcAddress(lib, "NtQueryObject");
88 
89  w32_NtQueryInformationThread = (NTSTATUS(WINAPI *)(HANDLE, ULONG, PVOID, ULONG, PULONG))
90  GetProcAddress(lib, "NtQueryInformationThread");
91 
92  return true;
93 }
Context
struct dwarf_parse_context_t Context
Definition: windows_debug.h:138
rz_debug_t::iob
RzIOBind iob
Definition: rz_debug.h:293
rz_io_bind_t::io
RzIO * io
Definition: rz_io.h:232
setup_debug_privileges
bool setup_debug_privileges(bool b)
Definition: windows_debug.c:16
LPWSTR
DWORD LPWSTR
Definition: windows_debug.h:121
ACCESS_MASK
ACCESS_MASK
Definition: windows_debug.h:128
PDWORD
DWORD PDWORD
Definition: windows_debug.h:121
ut64
ut64(WINAPI *w32_GetEnabledXStateFeatures)()
PHANDLE
PHANDLE
Definition: windows_debug.h:128
PDWORD64
PCONTEXT PDWORD64
Definition: windows_debug.h:136
DWORD64
PCONTEXT DWORD64
Definition: windows_debug.h:140
DWORD
DWORD
Definition: windows_debug.h:119
PULONG
PULONG
Definition: windows_debug.h:124

References ACCESS_MASK, dbg, DWORD, DWORD64, eprintf, HANDLE, rz_io_bind_t::io, rz_debug_t::iob, L, LPWSTR, PDWORD, PDWORD64, PHANDLE, rz_debug_t::plugin_data, PULONG, PVOID, setup_debug_privileges(), ULONG, and ut64().

◆ w32_kill()

int w32_kill ( RzDebug dbg,
int  pid,
int  tid,
int  sig 
)

Definition at line 890 of file windows_debug.c.

890  {
891  W32DbgWInst *wrap = dbg->plugin_data;
892 
893  if (sig == 0) {
894  if (rz_list_empty(dbg->threads)) {
895  if (lib_list) {
896  rz_list_purge(lib_list);
897  }
898  return false;
899  }
900  return true;
901  }
902 
903  bool ret = false;
904  if (TerminateProcess(wrap->pi.hProcess, 1)) {
905  ret = true;
906  }
907  wrap->pi.hProcess = NULL;
908  wrap->pi.hThread = NULL;
909  return ret;
910 }

References dbg, lib_list, NULL, W32DbgWInst::pi, rz_debug_t::plugin_data, rz_list_purge(), and rz_debug_t::threads.

◆ w32_map_alloc()

RzDebugMap* w32_map_alloc ( RzDebug dbg,
ut64  addr,
int  size 
)

Definition at line 1186 of file windows_debug.c.

1186  {
1187  W32DbgWInst *wrap = dbg->plugin_data;
1188  LPVOID base = VirtualAllocEx(wrap->pi.hProcess, (LPVOID)addr, (SIZE_T)size, MEM_COMMIT, PAGE_READWRITE);
1189  if (!base) {
1190  rz_sys_perror("VirtualAllocEx");
1191  return NULL;
1192  }
1193  rz_debug_map_sync(dbg);
1194  return rz_debug_map_get(dbg, (ut64)base);
1195 }
rz_debug_map_get
RZ_API RzDebugMap * rz_debug_map_get(RzDebug *dbg, ut64 addr)
Definition: dmap.c:65
rz_debug_map_sync
RZ_API bool rz_debug_map_sync(RzDebug *dbg)
Definition: dmap.c:33
size
voidpf void uLong size
Definition: ioapi.h:138
addr
static int addr
Definition: z80asm.c:58

References addr, dbg, NULL, W32DbgWInst::pi, rz_debug_t::plugin_data, rz_debug_map_get(), rz_debug_map_sync(), rz_sys_perror, and ut64().

◆ w32_map_dealloc()

int w32_map_dealloc ( RzDebug dbg,
ut64  addr,
int  size 
)

Definition at line 1197 of file windows_debug.c.

1197  {
1198  W32DbgWInst *wrap = dbg->plugin_data;
1199  if (!VirtualFreeEx(wrap->pi.hProcess, (LPVOID)addr, 0, MEM_RELEASE)) {
1200  rz_sys_perror("VirtualFreeEx");
1201  return false;
1202  }
1203  return true;
1204 }

References addr, dbg, W32DbgWInst::pi, rz_debug_t::plugin_data, and rz_sys_perror.

◆ w32_map_protect()

int w32_map_protect ( RzDebug dbg,
ut64  addr,
int  size,
int  perms 
)

Definition at line 1229 of file windows_debug.c.

1229  {
1230  DWORD old;
1231  W32DbgWInst *wrap = dbg->plugin_data;
1232  return VirtualProtectEx(wrap->pi.hProcess, (LPVOID)(size_t)addr,
1233  size, io_perms_to_prot(perms), &old);
1234 }
io_perms_to_prot
static int io_perms_to_prot(int io_perms)
Definition: windows_debug.c:1206

References addr, dbg, DWORD, io_perms_to_prot(), W32DbgWInst::pi, and rz_debug_t::plugin_data.

◆ w32_pid_list()

RzList* w32_pid_list ( RzDebug dbg,
int  pid,
RzList list 
)

Definition at line 1443 of file windows_debug.c.

1443  {
1444  W32DbgWInst *wrap = dbg->plugin_data;
1445  HANDLE sh = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, pid);
1446  if (sh == INVALID_HANDLE_VALUE) {
1447  rz_sys_perror("CreateToolhelp32Snapshot");
1448  return list;
1449  }
1450  PROCESSENTRY32W pe;
1451  pe.dwSize = sizeof(pe);
1452  if (Process32FirstW(sh, &pe)) {
1453  bool all = pid == 0;
1454  do {
1455  if (all || pe.th32ProcessID == pid || pe.th32ParentProcessID == pid) {
1456  // Returns NULL if process is inaccessible unless if its a child process of debugged process
1457  RzDebugPid *dbg_pid = build_debug_pid(pe.th32ProcessID, pe.th32ParentProcessID,
1458  dbg->pid == pe.th32ProcessID ? wrap->pi.hProcess : NULL, pe.szExeFile);
1459  if (dbg_pid) {
1460  rz_list_append(list, dbg_pid);
1461  }
1462  }
1463  } while (Process32NextW(sh, &pe));
1464  } else {
1465  rz_sys_perror("Process32First");
1466  }
1467  CloseHandle(sh);
1468  return list;
1469 }
list
static void list(RzEgg *egg)
Definition: rz-gg.c:52
test_group_name.all
int all
Definition: test_group_name.py:241
rz_debug_pid_t
Definition: rz_debug.h:408
build_debug_pid
static RzDebugPid * build_debug_pid(int pid, int ppid, HANDLE ph, const WCHAR *name)
Definition: windows_debug.c:1425

References test_group_name::all, build_debug_pid(), dbg, HANDLE, INVALID_HANDLE_VALUE, list(), NULL, W32DbgWInst::pi, rz_debug_t::pid, pid, rz_debug_t::plugin_data, rz_list_append(), and rz_sys_perror.

◆ w32_reg_read()

int w32_reg_read ( RzDebug dbg,
int  type,
ut8 buf,
int  size 
)

Definition at line 544 of file windows_debug.c.

544  {
545  bool showfpu = false;
546  if (type < -1) {
547  showfpu = true; // hack for debugging
548  type = -type;
549  }
550  bool alive = is_thread_alive(dbg, dbg->tid);
551  HANDLE th = get_thread_handle_from_tid(dbg, dbg->tid);
552  if (!th || th == INVALID_HANDLE_VALUE) {
553  return 0;
554  }
555  // Always suspend
556  if (alive && suspend_thread(th) == -1) {
557  return 0;
558  }
559  size = get_thread_context(th, buf, size, CONTEXT_ALL);
560  if (showfpu) {
561  print_fpu_context(th, (CONTEXT *)buf);
562  }
563  // Always resume
564  if (alive && resume_thread(th) == -1) {
565  size = 0;
566  }
567  return size;
568 }
buf
voidpf void * buf
Definition: ioapi.h:138
type
int type
Definition: mipsasm.c:17
get_thread_handle_from_tid
static HANDLE get_thread_handle_from_tid(RzDebug *dbg, int tid)
Definition: windows_debug.c:529
print_fpu_context
static void print_fpu_context(HANDLE th, CONTEXT *buf)
Definition: windows_debug.c:391
CONTEXT_ALL
#define CONTEXT_ALL
Definition: windows_debug.h:43

References CONTEXT_ALL, dbg, get_thread_context(), get_thread_handle_from_tid(), HANDLE, INVALID_HANDLE_VALUE, is_thread_alive(), print_fpu_context(), resume_thread(), suspend_thread(), rz_debug_t::tid, and type.

Referenced by w32_thread_list().

◆ w32_reg_write()

int w32_reg_write ( RzDebug dbg,
int  type,
const ut8 buf,
int  size 
)

Definition at line 570 of file windows_debug.c.

570  {
571  bool alive = is_thread_alive(dbg, dbg->tid);
572  if (!alive) {
573  return false;
574  }
575  HANDLE th = get_thread_handle_from_tid(dbg, dbg->tid);
576  if (!th || th == INVALID_HANDLE_VALUE) {
577  return 0;
578  }
579  // Always suspend
580  if (suspend_thread(th) == -1) {
581  return false;
582  }
583  if (type == RZ_REG_TYPE_DRX) {
584  transfer_drx(dbg, buf);
585  }
586  bool ret = set_thread_context(th, buf, size);
587  // Always resume
588  if (resume_thread(th) == -1) {
589  ret = false;
590  }
591  return ret;
592 }
RZ_REG_TYPE_DRX
@ RZ_REG_TYPE_DRX
Definition: rz_reg.h:22
set_thread_context
static int set_thread_context(HANDLE th, const ut8 *buf, int size)
Definition: windows_debug.c:188
transfer_drx
static void transfer_drx(RzDebug *dbg, const ut8 *buf)
Definition: windows_debug.c:387

References dbg, get_thread_handle_from_tid(), HANDLE, INVALID_HANDLE_VALUE, is_thread_alive(), resume_thread(), RZ_REG_TYPE_DRX, set_thread_context(), suspend_thread(), rz_debug_t::tid, transfer_drx(), and type.

◆ w32_select()

int w32_select ( RzDebug dbg,
int  pid,
int  tid 
)

Definition at line 837 of file windows_debug.c.

837  {
838  RzListIter *it;
839  W32DbgWInst *wrap = dbg->plugin_data;
840 
841  // Re-attach to a different pid
842  if (dbg->pid > -1 && dbg->pid != pid) {
843  return w32_attach_new_process(dbg, pid);
844  }
845 
846  if (dbg->tid == -1) {
847  return tid;
848  }
849 
850  if (!dbg->threads) {
851  dbg->threads = rz_list_newf(free);
852  return tid;
853  }
854 
855  if (rz_list_empty(dbg->threads)) {
856  return tid;
857  }
858 
859  PTHREAD_ITEM th = find_thread(dbg, tid);
860 
861  int selected = 0;
862  if (th && is_thread_alive(dbg, th->tid)) {
863  wrap->pi.hThread = th->hThread;
864  selected = tid;
865  } else if (tid) {
866  // If thread is dead, search for another one
867  rz_list_foreach (dbg->threads, it, th) {
868  if (!is_thread_alive(dbg, th->tid)) {
869  continue;
870  }
871  wrap->pi.hThread = th->hThread;
872  selected = th->tid;
873  break;
874  }
875  }
876 
877  if (dbg->corebind.cfggeti(dbg->corebind.core, "dbg.threads")) {
878  // Suspend all other threads
879  rz_list_foreach (dbg->threads, it, th) {
880  if (!th->bFinished && !th->bSuspended && th->tid != selected) {
881  suspend_thread(th->hThread);
882  th->bSuspended = true;
883  }
884  }
885  }
886 
887  return selected;
888 }
THREAD_ITEM::tid
int tid
Definition: windows_debug.h:99
w32_attach_new_process
int w32_attach_new_process(RzDebug *dbg, int pid)
Definition: windows_debug.c:817

References THREAD_ITEM::bFinished, THREAD_ITEM::bSuspended, rz_core_bind_t::cfggeti, rz_core_bind_t::core, rz_debug_t::corebind, dbg, find_thread(), free(), THREAD_ITEM::hThread, is_thread_alive(), W32DbgWInst::pi, rz_debug_t::pid, pid, rz_debug_t::plugin_data, rz_list_newf(), suspend_thread(), rz_debug_t::threads, THREAD_ITEM::tid, rz_debug_t::tid, and w32_attach_new_process().

Referenced by w32_break_process(), w32_continue(), and w32_dbg_wait().

◆ w32_step()

int w32_step ( RzDebug dbg)

Definition at line 395 of file windows_debug.c.

395  {
396  // Do nothing (not supported)
397  return 0;
398 }

◆ w32_thread_list()

RzList* w32_thread_list ( RzDebug dbg,
int  pid,
RzList list 
)

Definition at line 1280 of file windows_debug.c.

1280  {
1281  // pid is not respected for TH32CS_SNAPTHREAD flag
1282  HANDLE th = CreateToolhelp32Snapshot(TH32CS_SNAPTHREAD, 0);
1283  if (th == INVALID_HANDLE_VALUE) {
1284  rz_sys_perror("CreateToolhelp32Snapshot");
1285  return list;
1286  }
1287  THREADENTRY32 te;
1288  te.dwSize = sizeof(te);
1289  HANDLE ph = OpenProcess(PROCESS_QUERY_INFORMATION | PROCESS_VM_READ, FALSE, pid);
1290  if (Thread32First(th, &te)) {
1291  // TODO: export this code to its own function?
1292  char *path = NULL;
1293  int uid = -1;
1294  if (!te.th32ThreadID) {
1295  path = get_process_path(ph, pid);
1296  DWORD sid;
1297  if (w32_ProcessIdToSessionId && w32_ProcessIdToSessionId(pid, &sid)) {
1298  uid = sid;
1299  }
1300  }
1301  if (!path) {
1302  // TODO: enum processes to get binary's name
1303  path = strdup("???");
1304  }
1305  int saved_tid = dbg->tid;
1306  do {
1307  char status = RZ_DBG_PROC_SLEEP;
1308  if (te.th32OwnerProcessID == pid) {
1309  ut64 pc = 0;
1310  if (dbg->pid == pid) {
1311  CONTEXT ctx = { 0 };
1312  dbg->tid = te.th32ThreadID;
1313  w32_reg_read(dbg, RZ_REG_TYPE_GPR, (ut8 *)&ctx, sizeof(ctx));
1314  // TODO: is needed check context for x32 and x64??
1315  pc = pc_from_context(&ctx);
1316  PTHREAD_ITEM pthread = find_thread(dbg, te.th32ThreadID);
1317  if (pthread) {
1318  if (pthread->bFinished) {
1319  status = RZ_DBG_PROC_DEAD;
1320  } else if (pthread->bSuspended) {
1321  status = RZ_DBG_PROC_SLEEP;
1322  } else {
1323  status = RZ_DBG_PROC_RUN; // TODO: Get more precise thread status
1324  }
1325  }
1326  }
1327  rz_list_append(list, rz_debug_pid_new(path, te.th32ThreadID, uid, status, pc));
1328  }
1329  } while (Thread32Next(th, &te));
1330  dbg->tid = saved_tid;
1331  free(path);
1332  } else {
1333  rz_sys_perror("Thread32First");
1334  }
1335  CloseHandle(th);
1336  return list;
1337 }
path
static static fork const void static count static fd const char const char static newpath const char static path const char path
Definition: sflib.h:35
strdup
return strdup("=SP r13\n" "=LR r14\n" "=PC r15\n" "=A0 r0\n" "=A1 r1\n" "=A2 r2\n" "=A3 r3\n" "=ZF zf\n" "=SF nf\n" "=OF vf\n" "=CF cf\n" "=SN or0\n" "gpr lr .32 56 0\n" "gpr pc .32 60 0\n" "gpr cpsr .32 64 0 ____tfiae_________________qvczn\n" "gpr or0 .32 68 0\n" "gpr tf .1 64.5 0 thumb\n" "gpr ef .1 64.9 0 endian\n" "gpr jf .1 64.24 0 java\n" "gpr qf .1 64.27 0 sticky_overflow\n" "gpr vf .1 64.28 0 overflow\n" "gpr cf .1 64.29 0 carry\n" "gpr zf .1 64.30 0 zero\n" "gpr nf .1 64.31 0 negative\n" "gpr itc .4 64.10 0 if_then_count\n" "gpr gef .4 64.16 0 great_or_equal\n" "gpr r0 .32 0 0\n" "gpr r1 .32 4 0\n" "gpr r2 .32 8 0\n" "gpr r3 .32 12 0\n" "gpr r4 .32 16 0\n" "gpr r5 .32 20 0\n" "gpr r6 .32 24 0\n" "gpr r7 .32 28 0\n" "gpr r8 .32 32 0\n" "gpr r9 .32 36 0\n" "gpr r10 .32 40 0\n" "gpr r11 .32 44 0\n" "gpr r12 .32 48 0\n" "gpr r13 .32 52 0\n" "gpr r14 .32 56 0\n" "gpr r15 .32 60 0\n" "gpr r16 .32 64 0\n" "gpr r17 .32 68 0\n")
rz_debug_pid_new
RZ_API RzDebugPid * rz_debug_pid_new(const char *path, int pid, int uid, char status, ut64 pc)
Definition: pid.c:6
RZ_DBG_PROC_RUN
@ RZ_DBG_PROC_RUN
Definition: rz_debug.h:61
RZ_DBG_PROC_DEAD
@ RZ_DBG_PROC_DEAD
Definition: rz_debug.h:64
RZ_REG_TYPE_GPR
@ RZ_REG_TYPE_GPR
Definition: rz_reg.h:21
get_process_path
static char * get_process_path(HANDLE ph, int pid)
Definition: windows_debug.c:1249
pc_from_context
static ut64 pc_from_context(CONTEXT *ctx)
Definition: windows_debug.c:1236
w32_reg_read
int w32_reg_read(RzDebug *dbg, int type, ut8 *buf, int size)
Definition: windows_debug.c:544

References THREAD_ITEM::bFinished, THREAD_ITEM::bSuspended, dbg, DWORD, FALSE, find_thread(), free(), get_process_path(), HANDLE, INVALID_HANDLE_VALUE, list(), NULL, path, pc, pc_from_context(), ph, rz_debug_t::pid, pid, RZ_DBG_PROC_DEAD, RZ_DBG_PROC_RUN, RZ_DBG_PROC_SLEEP, rz_debug_pid_new(), rz_list_append(), RZ_REG_TYPE_GPR, rz_sys_perror, status, strdup(), rz_debug_t::tid, ut64(), and w32_reg_read().

Variable Documentation

◆ ACCESS_MASK

ACCESS_MASK

Definition at line 128 of file windows_debug.h.

Referenced by w32_init().

◆ Context

PCONTEXT Context

Definition at line 136 of file windows_debug.h.

◆ DWORD

PCONTEXT DWORD

Definition at line 119 of file windows_debug.h.

Referenced by __lfh_segment_loop(), _zip_win32_named_op_commit_write(), _zip_win32_named_op_create_temp_output(), _zip_win32_named_op_stat(), _zip_win32_named_op_write(), _zip_win32_op_read(), _zip_win32_op_seek(), backtrace_windows(), bochs_cmd_stop(), bochs_send_cmd(), bochs_wait(), build_debug_pid(), DecodeLFHEntry(), fs__access(), fs__capture_path(), fs__create_junction(), fs__ftruncate(), fs__link(), fs__mkdtemp_func(), fs__mkstemp_func(), fs__open(), fs__read(), fs__readlink_handle(), fs__realpath_handle(), fs__stat_impl(), fs__stat_impl_from_path(), fs__statfs(), fs__unlink(), fs__utime_impl(), fs__utime_impl_from_path(), fs__write(), get_file_name_from_handle(), get_process_path(), get_windows(), GetMsecSincePerfCounter(), GetSingleBlock(), GetSingleSegmentBlock(), GetSystemModules(), initialize_windows_ntdll_query_api_functions(), is_process_alive(), lang_pipe_run(), main(), make_program_args(), make_program_env(), MySetFilePointerEx(), pipe_connect_thread_proc(), proc_mem_map(), ReadKernelMemory(), resolve_path(), rz_cons_enable_mouse(), rz_cons_set_raw(), rz_cons_show_cursor(), rz_file_tmpdir(), rz_heap_blocks_list(), rz_mem_protect(), rz_path_realpath(), rz_sys_getenv(), rz_sys_info(), rz_sys_open(), rz_sys_perror_str(), rz_sys_pid_to_path(), rz_test_main(), rz_w32_add_winmsg_breakpoint(), rz_w32_dbg_modules(), rzpipe_read(), rzpipe_write(), search_path_join_test(), sp_blocking_read(), sp_blocking_write(), sp_open(), uv__cancel_read_console(), uv__convert_utf16_to_utf8(), uv__create_stdio_pipe_pair(), uv__determine_vterm_state(), uv__dlerror(), uv__fast_poll_process_poll_req(), uv__getpwuid_r(), uv__kill(), uv__once_inner(), uv__pipe_get_ipc_remote_pid(), uv__pipe_read_data(), uv__pipe_read_exactly(), uv__pipe_read_ipc(), uv__pipe_write_data(), uv__poll(), uv__poll_wine(), uv__send(), uv__slow_poll_thread_proc(), uv__stdio_create(), uv__tcp_try_write(), uv__tty_console_resize_message_loop_thread(), uv__tty_try_write(), uv__udp_init_ex(), uv__udp_try_send(), uv_cond_timedwait(), uv_cpu_info(), uv_cwd(), uv_fs_event_start(), uv_get_extension_function(), uv_guess_handle(), uv_if_indextoname(), uv_msafd_poll(), uv_ntstatus_to_winsock_error(), uv_os_getenv(), uv_os_getppid(), uv_os_tmpdir(), uv_os_uname(), uv_pipe_connect(), uv_pipe_endgame(), uv_pipe_open(), uv_pipe_writefile_thread_proc(), uv_pipe_zero_readfile_thread_proc(), uv_poll_close(), uv_poll_init_socket(), uv_process_fs_event_req(), uv_process_pipe_read_req(), uv_process_proc_exit(), uv_process_tcp_read_req(), uv_process_tty_read_line_req(), uv_process_tty_read_raw_req(), uv_process_udp_recv_req(), uv_run(), uv_rwlock_rdlock(), uv_rwlock_tryrdlock(), uv_rwlock_trywrlock(), uv_rwlock_wrlock(), uv_sem_trywait(), uv_set_pipe_handle(), uv_spawn(), uv_split_path(), uv_tcp_init_ex(), uv_tcp_queue_accept(), uv_tcp_queue_read(), uv_tcp_set_socket(), uv_tcp_try_bind(), uv_tcp_try_cancel_io(), uv_tcp_try_connect(), uv_tcp_write(), uv_tty_clear(), uv_tty_emit_text(), uv_tty_init(), uv_tty_line_read_thread(), uv_tty_read_stop(), uv_tty_reset(), uv_tty_set_mode(), uv_tty_write(), uv_tty_write_bufs(), uv_udp_maybe_bind(), uv_udp_queue_recv(), uv_udp_set_socket(), uv_uptime(), uv_wsarecv_workaround(), uv_wsarecvfrom_workaround(), w32_info_user(), w32_init(), w32_list_heaps_blocks(), w32_map_protect(), w32_thread_list(), win32_named_open(), win32_open64_file_func(), win32_open64_file_funcA(), win32_open64_file_funcW(), win32_open_file_func(), win32_read_file_func(), win32_seek64_file_func(), win32_seek_file_func(), win32_tell64_file_func(), win32_tell_file_func(), win32_write_file_func(), windbg_open(), windbg_reg_read(), and WriteKernelMemory().

◆ DWORD64

PCONTEXT DWORD64

Definition at line 140 of file windows_debug.h.

Referenced by w32_init().

◆ HANDLE

HANDLE

Definition at line 121 of file windows_debug.h.

Referenced by _zip_win32_named_op_commit_write(), _zip_win32_named_op_create_temp_output(), _zip_win32_named_op_open(), _zip_win32_named_op_rollback_write(), _zip_win32_named_op_write(), _zip_win32_op_close(), _zip_win32_op_read(), _zip_win32_op_seek(), _zip_win32_op_stat(), _zip_win32_op_tell(), apprentice_load(), change_file_date(), fs__create_junction(), fs__fchmod(), fs__fstat(), fs__ftruncate(), fs__futime(), fs__mkstemp_func(), fs__open(), fs__read(), fs__readlink(), fs__realpath(), fs__scandir(), fs__stat_impl_from_path(), fs__unlink(), fs__utime_impl_from_path(), fs__write(), get_file_name_from_handle(), get_thread_handle_from_tid(), GetHeapBlocks(), GetSingleBlock(), InitHeapInfo(), initialize_windows_ntdll_query_api_functions(), InstallService(), lang_pipe_run(), open_named_pipe(), pipe_connect_thread_proc(), RemoveService(), rz_cons_enable_mouse(), rz_cons_isatty(), rz_cons_set_raw(), rz_cons_show_cursor(), rz_lib_opendir(), rz_line_readline_cb(), rz_sys_dir(), rz_sys_open(), rz_sys_pid_to_path(), rz_test_main(), rz_w32_dbg_modules(), setfiletime(), setup_debug_privileges(), StartStopService(), uv__cancel_read_console(), uv__create_nul_handle(), uv__create_stdio_pipe_pair(), uv__duplicate_fd(), uv__duplicate_handle(), uv__fast_poll_create_peer_socket(), uv__fast_poll_submit_poll_req(), uv__get_osfhandle(), uv__getpwuid_r(), uv__init_overlapped_dummy(), uv__once_inner(), uv__pipe_interrupt_read(), uv__pipe_write_data(), uv__stdio_create(), uv__stdio_destroy(), uv__stdio_noinherit(), uv_disable_stdio_inheritance(), uv_guess_handle(), uv_kill(), uv_msafd_poll(), uv_os_getppid(), uv_os_getpriority(), uv_os_setpriority(), uv_pipe_cleanup(), uv_pipe_connect(), uv_pipe_open(), uv_pipe_queue_read(), uv_pipe_zero_readfile_thread_proc(), uv_poll_close(), uv_resident_set_memory(), uv_rwlock_init(), uv_stdio_pipe_server(), uv_tcp_queue_accept(), uv_tcp_queue_read(), uv_tcp_set_socket(), uv_tcp_try_cancel_io(), uv_tcp_write(), uv_thread_create_ex(), uv_tty_init(), uv_tty_line_read_thread(), uv_udp_set_socket(), uv_wsarecv_workaround(), uv_wsarecvfrom_workaround(), w32_desc_list(), w32_info_user(), w32_init(), w32_pid_list(), w32_reg_read(), w32_reg_write(), w32_thread_list(), win32_close_file_func(), win32_named_open(), win32_open64_file_func(), win32_open64_file_funcA(), win32_open64_file_funcW(), win32_open_file_func(), win32_read_file_func(), win32_seek64_file_func(), win32_seek_file_func(), win32_tell64_file_func(), win32_tell_file_func(), win32_write_file_func(), and windbg_init().

◆ LPWSTR

DWORD LPWSTR

Definition at line 121 of file windows_debug.h.

Referenced by create_remote_context(), get_file_name_from_handle(), rz_file_mkstemp(), rz_file_rm(), rz_file_tmpdir(), rz_sys_setenv(), w32_info_user(), and w32_init().

◆ PDWORD

PCONTEXT PDWORD

Definition at line 121 of file windows_debug.h.

Referenced by w32_init().

◆ PDWORD64

PCONTEXT PDWORD64

Definition at line 136 of file windows_debug.h.

Referenced by w32_init().

◆ PHANDLE

PHANDLE

Definition at line 128 of file windows_debug.h.

Referenced by w32_init().

◆ PULONG

PULONG

Definition at line 124 of file windows_debug.h.

Referenced by initialize_windows_ntdll_query_api_functions(), w32_init(), windbg_breakpoint(), windbg_threads(), and windbg_wait().

◆ PVOID

PVOID

Definition at line 124 of file windows_debug.h.

Referenced by create_context(), create_remote_context(), GetHeapBlocks(), GetLFHKey(), GetListOfHeaps(), GetSegmentHeapBlocks(), GetSingleBlock(), GetSingleSegmentBlock(), initialize_windows_ntdll_query_api_functions(), uv_os_uname(), w32_desc_list(), w32_init(), windbg_map_get(), windbg_read(), windbg_reg_read(), windbg_reg_write(), and windbg_write().

◆ ULONG

ULONG

Definition at line 124 of file windows_debug.h.

Referenced by _zip_crypto_aes_encrypt_block(), _zip_crypto_aes_new(), _zip_crypto_hmac(), _zip_crypto_hmac_new(), _zip_crypto_pbkdf2(), GetListOfHeaps(), initialize_windows_ntdll_query_api_functions(), is_target_kernel(), rz_heap_list(), rz_heap_list_w32(), uv__poll(), uv_cpu_info(), uv_interface_addresses(), w32_desc_list(), w32_init(), windbg_attach(), windbg_breakpoint(), windbg_frames(), windbg_getpid(), windbg_gettid(), windbg_kill(), windbg_map_get(), windbg_modules_get(), windbg_pids(), windbg_read(), windbg_reg_profile(), windbg_reg_read(), windbg_select(), windbg_threads(), windbg_wait(), and windbg_write().