From 9b8ea27a294de47af103f94386f768f966e087ed Mon Sep 17 00:00:00 2001 From: momo5502 Date: Thu, 5 Jun 2025 20:53:38 +0200 Subject: [PATCH] Delay process setup --- src/analyzer/main.cpp | 7 ++- src/windows-emulator/windows_emulator.cpp | 52 +++++++++++++++++------ src/windows-emulator/windows_emulator.hpp | 20 ++++++++- src/windows-emulator/windows_path.hpp | 3 +- 4 files changed, 63 insertions(+), 19 deletions(-) diff --git a/src/analyzer/main.cpp b/src/analyzer/main.cpp index 8aeb172b..3e8de362 100644 --- a/src/analyzer/main.cpp +++ b/src/analyzer/main.cpp @@ -56,6 +56,8 @@ namespace void watch_system_objects(windows_emulator& win_emu, const std::set>& modules, const bool verbose) { + win_emu.setup_process_if_necessary(); + (void)win_emu; (void)modules; (void)verbose; @@ -264,7 +266,6 @@ namespace const auto win_emu = setup_emulator(options, args); win_emu->log.disable_output(options.concise_logging || options.silent); - context.win_emu = win_emu.get(); // TODO: Move to analysis @@ -277,10 +278,8 @@ namespace win_emu->log.log("Using emulator: %s\n", win_emu->emu().get_name().c_str()); - (void)&watch_system_objects; - watch_system_objects(*win_emu, options.modules, options.verbose_logging); - register_analysis_callbacks(context); + watch_system_objects(*win_emu, options.modules, options.verbose_logging); const auto& exe = *win_emu->mod_manager.executable; diff --git a/src/windows-emulator/windows_emulator.cpp b/src/windows-emulator/windows_emulator.cpp index 7961c5f3..79cc0664 100644 --- a/src/windows-emulator/windows_emulator.cpp +++ b/src/windows-emulator/windows_emulator.cpp @@ -289,7 +289,7 @@ windows_emulator::windows_emulator(std::unique_ptr emu, applica : windows_emulator(std::move(emu), settings, std::move(callbacks), std::move(interfaces)) { fixup_application_settings(app_settings); - this->setup_process(app_settings); + this->application_settings_ = std::move(app_settings); } windows_emulator::windows_emulator(std::unique_ptr emu, const emulator_settings& settings, @@ -328,6 +328,19 @@ windows_emulator::windows_emulator(std::unique_ptr emu, const e windows_emulator::~windows_emulator() = default; +void windows_emulator::setup_process_if_necessary() +{ + if (!this->application_settings_) + { + return; + } + + auto app_settings = std::move(*this->application_settings_); + this->application_settings_ = {}; + + this->setup_process(app_settings); +} + void windows_emulator::setup_process(const application_settings& app_settings) { const auto& emu = this->emu(); @@ -531,6 +544,7 @@ void windows_emulator::setup_hooks() void windows_emulator::start(size_t count) { this->should_stop = false; + this->setup_process_if_necessary(); const auto use_count = count > 0; const auto start_instructions = this->executed_instructions_; @@ -602,9 +616,11 @@ void windows_emulator::register_factories(utils::buffer_deserializer& buffer) void windows_emulator::serialize(utils::buffer_serializer& buffer) const { + buffer.write_optional(this->application_settings_); buffer.write(this->executed_instructions_); buffer.write(this->switch_thread_); buffer.write(this->use_relative_time_); + this->emu().serialize_state(buffer, false); this->memory.serialize_memory_state(buffer, false); this->mod_manager.serialize(buffer); @@ -616,6 +632,7 @@ void windows_emulator::deserialize(utils::buffer_deserializer& buffer) { this->register_factories(buffer); + buffer.read_optional(this->application_settings_); buffer.read(this->executed_instructions_); buffer.read(this->switch_thread_); @@ -638,13 +655,18 @@ void windows_emulator::deserialize(utils::buffer_deserializer& buffer) void windows_emulator::save_snapshot() { - utils::buffer_serializer serializer{}; - this->emu().serialize_state(serializer, true); - this->memory.serialize_memory_state(serializer, true); - this->mod_manager.serialize(serializer); - this->process.serialize(serializer); + utils::buffer_serializer buffer{}; - this->process_snapshot_ = serializer.move_buffer(); + buffer.write_optional(this->application_settings_); + buffer.write(this->executed_instructions_); + buffer.write(this->switch_thread_); + + this->emu().serialize_state(buffer, true); + this->memory.serialize_memory_state(buffer, true); + this->mod_manager.serialize(buffer); + this->process.serialize(buffer); + + this->process_snapshot_ = buffer.move_buffer(); // TODO: Make process copyable // this->process_snapshot_ = this->process; @@ -658,13 +680,17 @@ void windows_emulator::restore_snapshot() return; } - utils::buffer_deserializer deserializer{this->process_snapshot_}; + utils::buffer_deserializer buffer{this->process_snapshot_}; - this->register_factories(deserializer); + this->register_factories(buffer); - this->emu().deserialize_state(deserializer, true); - this->memory.deserialize_memory_state(deserializer, true); - this->mod_manager.deserialize(deserializer); - this->process.deserialize(deserializer); + buffer.read_optional(this->application_settings_); + buffer.read(this->executed_instructions_); + buffer.read(this->switch_thread_); + + this->emu().deserialize_state(buffer, true); + this->memory.deserialize_memory_state(buffer, true); + this->mod_manager.deserialize(buffer); + this->process.deserialize(buffer); // this->process = *this->process_snapshot_; } diff --git a/src/windows-emulator/windows_emulator.hpp b/src/windows-emulator/windows_emulator.hpp index 1131efe9..50141ad7 100644 --- a/src/windows-emulator/windows_emulator.hpp +++ b/src/windows-emulator/windows_emulator.hpp @@ -28,10 +28,25 @@ struct application_settings windows_path application{}; windows_path working_directory{}; std::vector arguments{}; + + void serialize(utils::buffer_serializer& buffer) const + { + buffer.write(this->application); + buffer.write(this->working_directory); + buffer.write_vector(this->arguments); + } + + void deserialize(utils::buffer_deserializer& buffer) + { + buffer.read(this->application); + buffer.read(this->working_directory); + buffer.read_vector(this->arguments); + } }; struct emulator_settings { + bool disable_logging{false}; bool use_relative_time{false}; std::filesystem::path emulation_root{}; @@ -50,6 +65,7 @@ struct emulator_interfaces class windows_emulator { uint64_t executed_instructions_{0}; + std::optional application_settings_{}; std::unique_ptr emu_{}; std::unique_ptr clock_{}; @@ -124,6 +140,8 @@ class windows_emulator return this->executed_instructions_; } + void setup_process_if_necessary(); + void start(size_t count = 0); void stop(); @@ -181,7 +199,7 @@ class windows_emulator private: bool switch_thread_{false}; - bool use_relative_time_{false}; + bool use_relative_time_{false}; // TODO: Get rid of that std::atomic_bool should_stop{false}; std::unordered_map port_mappings_{}; diff --git a/src/windows-emulator/windows_path.hpp b/src/windows-emulator/windows_path.hpp index e2b10ba0..82315d91 100644 --- a/src/windows-emulator/windows_path.hpp +++ b/src/windows-emulator/windows_path.hpp @@ -75,7 +75,8 @@ class windows_path template requires(!std::is_same_v, windows_path> && - !std::is_same_v, std::filesystem::path>) + !std::is_same_v, std::filesystem::path> && + !std::is_same_v, utils::buffer_deserializer>) windows_path(T&& path_like) : windows_path(std::filesystem::path(std::forward(path_like))) {