diff --git a/src/analyzer/main.cpp b/src/analyzer/main.cpp index 6e5d73bd..5515c533 100644 --- a/src/analyzer/main.cpp +++ b/src/analyzer/main.cpp @@ -3,6 +3,7 @@ #include #include #include +#include #include "object_watching.hpp" #include "snapshot.hpp" @@ -262,7 +263,7 @@ namespace { // load minidump auto win_emu = create_empty_emulator(options); - win_emu->load_minidump(options.minidump_path); + minidump_loader::load_minidump_into_emulator(*win_emu, options.minidump_path); return win_emu; } diff --git a/src/windows-emulator/minidump_loader.cpp b/src/windows-emulator/minidump_loader.cpp index f052e4dc..05cf2042 100644 --- a/src/windows-emulator/minidump_loader.cpp +++ b/src/windows-emulator/minidump_loader.cpp @@ -9,7 +9,7 @@ #include -namespace +namespace minidump_loader { struct dump_statistics { @@ -679,49 +679,49 @@ namespace exception_info->exception_record.exception_address, exception_info->exception_record.exception_code, exception_info->thread_id); } -} // namespace -void load_minidump_into_emulator(windows_emulator& win_emu, std::filesystem::path minidump_path) -{ - win_emu.log.info("Starting minidump loading process\n"); - win_emu.log.info("Minidump file: %s\n", minidump_path.string().c_str()); - - try + void load_minidump_into_emulator(windows_emulator& win_emu, std::filesystem::path minidump_path) { - std::unique_ptr dump_file; - std::unique_ptr dump_reader; + win_emu.log.info("Starting minidump loading process\n"); + win_emu.log.info("Minidump file: %s\n", minidump_path.string().c_str()); - if (!parse_minidump_file(win_emu, minidump_path, dump_file, dump_reader)) + try { - throw std::runtime_error("Failed to parse minidump file"); - } + std::unique_ptr dump_file; + std::unique_ptr dump_reader; - if (!validate_dump_compatibility(win_emu, dump_file.get())) + if (!parse_minidump_file(win_emu, minidump_path, dump_file, dump_reader)) + { + throw std::runtime_error("Failed to parse minidump file"); + } + + if (!validate_dump_compatibility(win_emu, dump_file.get())) + { + throw std::runtime_error("Minidump compatibility validation failed"); + } + + setup_kusd_from_dump(win_emu, dump_file.get()); + + dump_statistics stats; + log_dump_summary(win_emu, dump_file.get(), stats); + process_streams(win_emu, dump_file.get()); + + // Existing phases + reconstruct_memory_state(win_emu, dump_file.get(), dump_reader.get()); + reconstruct_module_state(win_emu, dump_file.get()); + + // Process state reconstruction phases + setup_peb_from_teb(win_emu, dump_file.get()); + reconstruct_threads(win_emu, dump_file.get(), minidump_path); + reconstruct_handle_table(win_emu, dump_file.get()); + setup_exception_context(win_emu, dump_file.get()); + + win_emu.log.info("Process state reconstruction completed\n"); + } + catch (const std::exception& e) { - throw std::runtime_error("Minidump compatibility validation failed"); + win_emu.log.error("Minidump loading failed: %s\n", e.what()); + throw; } - - setup_kusd_from_dump(win_emu, dump_file.get()); - - dump_statistics stats; - log_dump_summary(win_emu, dump_file.get(), stats); - process_streams(win_emu, dump_file.get()); - - // Existing phases - reconstruct_memory_state(win_emu, dump_file.get(), dump_reader.get()); - reconstruct_module_state(win_emu, dump_file.get()); - - // Process state reconstruction phases - setup_peb_from_teb(win_emu, dump_file.get()); - reconstruct_threads(win_emu, dump_file.get(), minidump_path); - reconstruct_handle_table(win_emu, dump_file.get()); - setup_exception_context(win_emu, dump_file.get()); - - win_emu.log.info("Process state reconstruction completed\n"); } - catch (const std::exception& e) - { - win_emu.log.error("Minidump loading failed: %s\n", e.what()); - throw; - } -} \ No newline at end of file +} // namespace minidump_loader \ No newline at end of file diff --git a/src/windows-emulator/minidump_loader.hpp b/src/windows-emulator/minidump_loader.hpp index 770ad094..351299cd 100644 --- a/src/windows-emulator/minidump_loader.hpp +++ b/src/windows-emulator/minidump_loader.hpp @@ -3,4 +3,7 @@ class windows_emulator; -void load_minidump_into_emulator(windows_emulator& win_emu, std::filesystem::path minidump_path); \ No newline at end of file +namespace minidump_loader +{ + void load_minidump_into_emulator(windows_emulator& win_emu, std::filesystem::path minidump_path); +} \ No newline at end of file diff --git a/src/windows-emulator/windows_emulator.cpp b/src/windows-emulator/windows_emulator.cpp index e4d6f61e..44175c43 100644 --- a/src/windows-emulator/windows_emulator.cpp +++ b/src/windows-emulator/windows_emulator.cpp @@ -12,8 +12,6 @@ #include "network/static_socket_factory.hpp" -#include "minidump_loader.hpp" - constexpr auto MAX_INSTRUCTIONS_PER_TIME_SLICE = 0x20000; namespace @@ -664,8 +662,3 @@ void windows_emulator::restore_snapshot() this->process.deserialize(buffer); // this->process = *this->process_snapshot_; } - -void windows_emulator::load_minidump(const std::filesystem::path& minidump_path) -{ - load_minidump_into_emulator(*this, minidump_path); -} diff --git a/src/windows-emulator/windows_emulator.hpp b/src/windows-emulator/windows_emulator.hpp index 34d17068..c6732a30 100644 --- a/src/windows-emulator/windows_emulator.hpp +++ b/src/windows-emulator/windows_emulator.hpp @@ -164,8 +164,6 @@ class windows_emulator void save_snapshot(); void restore_snapshot(); - void load_minidump(const std::filesystem::path& minidump_path); - uint16_t get_host_port(const uint16_t emulator_port) const { const auto entry = this->port_mappings_.find(emulator_port);