From 662db697a772f1084ed7c535446b04a1abe143e6 Mon Sep 17 00:00:00 2001 From: momo5502 Date: Sat, 19 Apr 2025 08:13:31 +0200 Subject: [PATCH 1/4] Watch system objects everywhere --- src/analyzer/main.cpp | 6 ------ 1 file changed, 6 deletions(-) diff --git a/src/analyzer/main.cpp b/src/analyzer/main.cpp index 96fb1a67..353682e4 100644 --- a/src/analyzer/main.cpp +++ b/src/analyzer/main.cpp @@ -56,11 +56,6 @@ namespace void watch_system_objects(windows_emulator& win_emu, const std::set>& modules, const bool cache_logging) { - (void)win_emu; - (void)modules; - (void)cache_logging; - -#ifdef OS_WINDOWS watch_object(win_emu, modules, *win_emu.current_thread().teb, cache_logging); watch_object(win_emu, modules, win_emu.process.peb, cache_logging); watch_object(win_emu, modules, emulator_object{win_emu.emu(), kusd_mmio::address()}, @@ -84,7 +79,6 @@ namespace params_hook = watch_object(win_emu, modules, obj, cache_logging); } }); -#endif } bool read_yes_no_answer() From 2d7aecc3f40646d765209850bc698b5fd24cc323 Mon Sep 17 00:00:00 2001 From: momo5502 Date: Sat, 19 Apr 2025 08:25:47 +0200 Subject: [PATCH 2/4] Fix warnings --- src/analyzer/object_watching.hpp | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/analyzer/object_watching.hpp b/src/analyzer/object_watching.hpp index 4d700d4c..79f94614 100644 --- a/src/analyzer/object_watching.hpp +++ b/src/analyzer/object_watching.hpp @@ -32,8 +32,8 @@ emulator_hook* watch_object(windows_emulator& emu, const std::set(offset)).c_str(), rip, + "Object access: %s - 0x%" PRIx64 " (%s) at 0x" PRIx64 " (%s)\n", i.get_type_name().c_str(), + offset, i.get_member_name(static_cast(offset)).c_str(), rip, mod ? mod->name.c_str() : ""); }); } From b5c37e6a928fa366ed1e580b596b2761d71f1b27 Mon Sep 17 00:00:00 2001 From: momo5502 Date: Sat, 19 Apr 2025 08:25:58 +0200 Subject: [PATCH 3/4] Disable object watching for GCC --- src/analyzer/main.cpp | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/src/analyzer/main.cpp b/src/analyzer/main.cpp index 353682e4..ec943fa0 100644 --- a/src/analyzer/main.cpp +++ b/src/analyzer/main.cpp @@ -56,6 +56,11 @@ namespace void watch_system_objects(windows_emulator& win_emu, const std::set>& modules, const bool cache_logging) { + (void)win_emu; + (void)modules; + (void)cache_logging; + +#if !defined(__GNUC__) || defined(__clang__) watch_object(win_emu, modules, *win_emu.current_thread().teb, cache_logging); watch_object(win_emu, modules, win_emu.process.peb, cache_logging); watch_object(win_emu, modules, emulator_object{win_emu.emu(), kusd_mmio::address()}, @@ -79,6 +84,7 @@ namespace params_hook = watch_object(win_emu, modules, obj, cache_logging); } }); +#endif } bool read_yes_no_answer() From 3e53325c03481a2f6cc146bb4c88c2385bfa9ebd Mon Sep 17 00:00:00 2001 From: momo5502 Date: Sat, 19 Apr 2025 08:35:50 +0200 Subject: [PATCH 4/4] Fix compilation --- src/analyzer/object_watching.hpp | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/src/analyzer/object_watching.hpp b/src/analyzer/object_watching.hpp index 79f94614..dd77c4b3 100644 --- a/src/analyzer/object_watching.hpp +++ b/src/analyzer/object_watching.hpp @@ -2,6 +2,7 @@ #include "reflect_type_info.hpp" #include +#include template emulator_hook* watch_object(windows_emulator& emu, const std::set>& modules, @@ -31,9 +32,12 @@ emulator_hook* watch_object(windows_emulator& emu, const std::setname.c_str() : ""; + const auto& type_name = i.get_type_name(); + const auto member_name = i.get_member_name(static_cast(offset)); + emu.log.print(is_main_access ? color::green : color::dark_gray, - "Object access: %s - 0x%" PRIx64 " (%s) at 0x" PRIx64 " (%s)\n", i.get_type_name().c_str(), - offset, i.get_member_name(static_cast(offset)).c_str(), rip, - mod ? mod->name.c_str() : ""); + "Object access: %s - 0x%" PRIx64 " (%s) at 0x%" PRIx64 " (%s)\n", type_name.c_str(), offset, + member_name.c_str(), rip, mod_name); }); }