Delay process setup

src/analyzer/main.cpp

@@ -56,6 +56,8 @@ namespace
     void watch_system_objects(windows_emulator& win_emu, const std::set<std::string, std::less<>>& modules,
                               const bool verbose)
     {
+        win_emu.setup_process_if_necessary();
+
         (void)win_emu;
         (void)modules;
         (void)verbose;
@@ -264,7 +266,6 @@ namespace
 
         const auto win_emu = setup_emulator(options, args);
         win_emu->log.disable_output(options.concise_logging || options.silent);
-
         context.win_emu = win_emu.get();
 
         // TODO: Move to analysis
@@ -277,10 +278,8 @@ namespace
 
         win_emu->log.log("Using emulator: %s\n", win_emu->emu().get_name().c_str());
 
-        (void)&watch_system_objects;
-        watch_system_objects(*win_emu, options.modules, options.verbose_logging);
-
         register_analysis_callbacks(context);
+        watch_system_objects(*win_emu, options.modules, options.verbose_logging);
 
         const auto& exe = *win_emu->mod_manager.executable;
 

src/windows-emulator/windows_emulator.cpp

@@ -289,7 +289,7 @@ windows_emulator::windows_emulator(std::unique_ptr<x86_64_emulator> emu, applica
     : windows_emulator(std::move(emu), settings, std::move(callbacks), std::move(interfaces))
 {
     fixup_application_settings(app_settings);
-    this->setup_process(app_settings);
+    this->application_settings_ = std::move(app_settings);
 }
 
 windows_emulator::windows_emulator(std::unique_ptr<x86_64_emulator> emu, const emulator_settings& settings,
@@ -328,6 +328,19 @@ windows_emulator::windows_emulator(std::unique_ptr<x86_64_emulator> emu, const e
 
 windows_emulator::~windows_emulator() = default;
 
+void windows_emulator::setup_process_if_necessary()
+{
+    if (!this->application_settings_)
+    {
+        return;
+    }
+
+    auto app_settings = std::move(*this->application_settings_);
+    this->application_settings_ = {};
+
+    this->setup_process(app_settings);
+}
+
 void windows_emulator::setup_process(const application_settings& app_settings)
 {
     const auto& emu = this->emu();
@@ -531,6 +544,7 @@ void windows_emulator::setup_hooks()
 void windows_emulator::start(size_t count)
 {
     this->should_stop = false;
+    this->setup_process_if_necessary();
 
     const auto use_count = count > 0;
     const auto start_instructions = this->executed_instructions_;
@@ -602,9 +616,11 @@ void windows_emulator::register_factories(utils::buffer_deserializer& buffer)
 
 void windows_emulator::serialize(utils::buffer_serializer& buffer) const
 {
+    buffer.write_optional(this->application_settings_);
     buffer.write(this->executed_instructions_);
     buffer.write(this->switch_thread_);
     buffer.write(this->use_relative_time_);
+
     this->emu().serialize_state(buffer, false);
     this->memory.serialize_memory_state(buffer, false);
     this->mod_manager.serialize(buffer);
@@ -616,6 +632,7 @@ void windows_emulator::deserialize(utils::buffer_deserializer& buffer)
 {
     this->register_factories(buffer);
 
+    buffer.read_optional(this->application_settings_);
     buffer.read(this->executed_instructions_);
     buffer.read(this->switch_thread_);
 
@@ -638,13 +655,18 @@ void windows_emulator::deserialize(utils::buffer_deserializer& buffer)
 
 void windows_emulator::save_snapshot()
 {
-    utils::buffer_serializer serializer{};
-    this->emu().serialize_state(serializer, true);
-    this->memory.serialize_memory_state(serializer, true);
-    this->mod_manager.serialize(serializer);
-    this->process.serialize(serializer);
+    utils::buffer_serializer buffer{};
 
-    this->process_snapshot_ = serializer.move_buffer();
+    buffer.write_optional(this->application_settings_);
+    buffer.write(this->executed_instructions_);
+    buffer.write(this->switch_thread_);
+
+    this->emu().serialize_state(buffer, true);
+    this->memory.serialize_memory_state(buffer, true);
+    this->mod_manager.serialize(buffer);
+    this->process.serialize(buffer);
+
+    this->process_snapshot_ = buffer.move_buffer();
 
     // TODO: Make process copyable
     // this->process_snapshot_ = this->process;
@@ -658,13 +680,17 @@ void windows_emulator::restore_snapshot()
         return;
     }
 
-    utils::buffer_deserializer deserializer{this->process_snapshot_};
+    utils::buffer_deserializer buffer{this->process_snapshot_};
 
-    this->register_factories(deserializer);
+    this->register_factories(buffer);
 
-    this->emu().deserialize_state(deserializer, true);
-    this->memory.deserialize_memory_state(deserializer, true);
-    this->mod_manager.deserialize(deserializer);
-    this->process.deserialize(deserializer);
+    buffer.read_optional(this->application_settings_);
+    buffer.read(this->executed_instructions_);
+    buffer.read(this->switch_thread_);
+
+    this->emu().deserialize_state(buffer, true);
+    this->memory.deserialize_memory_state(buffer, true);
+    this->mod_manager.deserialize(buffer);
+    this->process.deserialize(buffer);
     // this->process = *this->process_snapshot_;
 }

src/windows-emulator/windows_emulator.hpp

@@ -28,10 +28,25 @@ struct application_settings
     windows_path application{};
     windows_path working_directory{};
     std::vector<std::u16string> arguments{};
+
+    void serialize(utils::buffer_serializer& buffer) const
+    {
+        buffer.write(this->application);
+        buffer.write(this->working_directory);
+        buffer.write_vector(this->arguments);
+    }
+
+    void deserialize(utils::buffer_deserializer& buffer)
+    {
+        buffer.read(this->application);
+        buffer.read(this->working_directory);
+        buffer.read_vector(this->arguments);
+    }
 };
 
 struct emulator_settings
 {
+    bool disable_logging{false};
     bool use_relative_time{false};
 
     std::filesystem::path emulation_root{};
@@ -50,6 +65,7 @@ struct emulator_interfaces
 class windows_emulator
 {
     uint64_t executed_instructions_{0};
+    std::optional<application_settings> application_settings_{};
 
     std::unique_ptr<x86_64_emulator> emu_{};
     std::unique_ptr<utils::clock> clock_{};
@@ -124,6 +140,8 @@ class windows_emulator
         return this->executed_instructions_;
     }
 
+    void setup_process_if_necessary();
+
     void start(size_t count = 0);
     void stop();
 
@@ -181,7 +199,7 @@ class windows_emulator
 
   private:
     bool switch_thread_{false};
-    bool use_relative_time_{false};
+    bool use_relative_time_{false}; // TODO: Get rid of that
     std::atomic_bool should_stop{false};
 
     std::unordered_map<uint16_t, uint16_t> port_mappings_{};

src/windows-emulator/windows_path.hpp

@@ -75,7 +75,8 @@ class windows_path
 
     template <typename T>
         requires(!std::is_same_v<std::remove_cvref_t<T>, windows_path> &&
-                 !std::is_same_v<std::remove_cvref_t<T>, std::filesystem::path>)
+                 !std::is_same_v<std::remove_cvref_t<T>, std::filesystem::path> &&
+                 !std::is_same_v<std::remove_cvref_t<T>, utils::buffer_deserializer>)
     windows_path(T&& path_like)
         : windows_path(std::filesystem::path(std::forward<T>(path_like)))
     {