Lightemerald/windows-user-space-emulator
2
0
Fork 0
mirror of https://github.com/momo5502/emulator.git synced 2026-01-11 16:46:16 +00:00
Code Issues Packages Projects Releases Wiki Activity

Support skipping syscall logging

Browse Source
This commit is contained in:
momo5502
2025-12-22 16:13:58 +01:00
parent 66cfe980d7
commit 5ebf2dfd81
3 changed files with 15 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
src/analyzer/analysis.cpp
View File

@@ -472,15 +472,18 @@ namespace
}
else if (mod->contains(previous_ip))
{
const auto rsp = emu.read_stack_pointer();
if (!c.settings->skip_syscalls)
{
const auto rsp = emu.read_stack_pointer();
uint64_t return_address{};
emu.try_read_memory(rsp, &return_address, sizeof(return_address));
uint64_t return_address{};
emu.try_read_memory(rsp, &return_address, sizeof(return_address));
const auto* caller_mod_name = win_emu.mod_manager.find_name(return_address);
const auto* caller_mod_name = win_emu.mod_manager.find_name(return_address);
win_emu.log.print(color::dark_gray, "Executing syscall: %.*s (0x%X) at 0x%" PRIx64 " via 0x%" PRIx64 " (%s)\n",
STR_VIEW_VA(syscall_name), syscall_id, address, return_address, caller_mod_name);
win_emu.log.print(color::dark_gray, "Executing syscall: %.*s (0x%X) at 0x%" PRIx64 " via 0x%" PRIx64 " (%s)\n",
STR_VIEW_VA(syscall_name), syscall_id, address, return_address, caller_mod_name);
}
}
else
{

1
src/analyzer/analysis.hpp
View File

@@ -17,6 +17,7 @@ struct analysis_settings
bool silent{false};
bool buffer_stdout{false};
bool instruction_summary{false};
bool skip_syscalls{false};
string_set modules{};
string_set ignored_functions{};

5
src/analyzer/main.cpp
View File

@@ -650,6 +650,7 @@ namespace
printf(" -p, --path <src> <dst> Map Windows path to host path\n");
printf(" -r, --registry <path> Set registry path (default: ./registry)\n\n");
printf(" -is, --inst-summary Print a summary of executed instructions of the analyzed modules\n");
printf(" -ss, --skip-syscalls Skip the logging of regular syscalls\n");
printf("Examples:\n");
printf(" analyzer -v -e path/to/root myapp.exe\n");
printf(" analyzer -e path/to/root -p c:/analysis-sample.exe /path/to/sample.exe c:/analysis-sample.exe\n");
@@ -706,6 +707,10 @@ namespace
{
options.instruction_summary = true;
}
else if (arg == "-ss" || arg == "--skip-syscalls")
{
options.skip_syscalls = true;
}
else if (arg == "-m" || arg == "--module")
{
if (args.size() < 2)