This PR introduces an abstraction for ALPC ports to make them easier to
manage in the future, and implements the DNS resolver port, at least
enough to get host address queries working.
There's a lot of code in this PR that I'm not very confident about, so
don't hesitate on the feedback 😄
<img width="1377" height="624" alt="image"
src="https://github.com/user-attachments/assets/4d56b84d-4b87-42ed-9bfa-be04dbbf3735"
/>
# Major Features Implemented
**Core WOW64 Architecture**
1. Full TEB, PEB, and Windows structure implementations for 32-bit
processes
2. Proper thread context switching with 32-bit stack allocation
3. Configurable memory allocation with 32-bit/64-bit address space
handling
4. Automatic WOW64 process identification and handling
5. Heaven's Gate Implementation for handling exceptions
**Enhanced Emulation Features**
1. Fixed GDT setup and segment management for WOW64
2. Multi-architecture PE loading with proper import resolution
3. Segment-aware disassembly with WOW64 debugging capabilities
**Testing & Validation**
**32-bit Test Sample**: Minimal "hello" executable with full ASM source
# TODO
Needs more testing, currently in very early stages.
This PR introduces several enhancements, mainly to the file system
syscalls:
- Implements file renaming via `NtSetInformationFile` by adding a
deferred rename mechanism to `file_handle`. The rename operation occurs
when the file handle is closed.
- Adds support for the `RootDirectory` parameter in
`NtQueryAttributesFile` to handle relative file paths.
- Adds support for opening the console output device (`\\??\\CONOUT$`).
- Stubs out the `NtLockVirtualMemory` syscall.
- Fixes an incorrect assertion in `socket_wrapper` that could fire on
`recvfrom` errors.
In `ntdll!RtlGetSystemTimePrecise`, `kusd.SystemTime` is queried first,
and QPC offset (`QPC() - kusd.BaselineSystemTimeQpc`) is added if it's
larger than 0.
Setting `kusd.BaselineSystemTimeQpc` to `UINT64_MAX` avoids the
adjustment, so incorrect adjustments won't happen.
Alternatively, We can update `kusd.BaselineSystemTimeQpc` to be the QPC
value just when `kusd.SystemTime` changes, but that's not possible,
because we cannot monitor `kusd.SystemTime` for change.
----------
Notes
1. With current values, this misalignment happens only when the system
is up for a long time.
2. Should I leave the comment there, or we can remove it and `git blame`
later instead?
In `ntdll!RtlGetSystemTimePrecise`, `kusd.SystemTime` is queried first, and QPC offset (`QPC() - kusd.BaselineSystemTimeQpc`) is added if it's larger than 0.
Setting `kusd.BaselineSystemTimeQpc` to `UINT64_MAX` avoids the adjustment, so incorrect adjustments won't happen.
Alternatively, We can update `kusd.BaselineSystemTimeQpc` to be the QPC value just when `kusd.SystemTime` changes, but that's not possible, because we cannot monitor `kusd.SystemTime` for change.
Bumps [deps/flatbuffers](https://github.com/google/flatbuffers) from
`881eaab` to `27325e0`.
<details>
<summary>Commits</summary>
<ul>
<li><a
href="27325e002a"><code>27325e0</code></a>
docs: clean up whitespace and fix typo in tutorial.md (<a
href="https://redirect.github.com/google/flatbuffers/issues/8695">#8695</a>)</li>
<li><a
href="1872409707"><code>1872409</code></a>
FlatBuffers Version 25.9.23 (<a
href="https://redirect.github.com/google/flatbuffers/issues/8708">#8708</a>)</li>
<li><a
href="c427e1a65d"><code>c427e1a</code></a>
Bump the npm_and_yarn group across 1 directory with 2 updates (<a
href="https://redirect.github.com/google/flatbuffers/issues/8704">#8704</a>)</li>
<li><a
href="caf3b494db"><code>caf3b49</code></a>
bulk code format fix (<a
href="https://redirect.github.com/google/flatbuffers/issues/8707">#8707</a>)</li>
<li><a
href="0e047869da"><code>0e04786</code></a>
Use the Google Style for clang-format without exceptions (<a
href="https://redirect.github.com/google/flatbuffers/issues/8706">#8706</a>)</li>
<li>See full diff in <a
href="881eaab706...27325e002a">compare
view</a></li>
</ul>
</details>
<br />
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Bumps
[react-resizable-panels](https://github.com/bvaughn/react-resizable-panels)
from 3.0.5 to 3.0.6.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/bvaughn/react-resizable-panels/releases">react-resizable-panels's
releases</a>.</em></p>
<blockquote>
<h2>3.0.6</h2>
<ul>
<li><a
href="https://redirect.github.com/bvaughn/react-resizable-panels/pull/517">#517</a>:
Fixed Firefox bug that caused resizing to be interrupted unexpected</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="43a071df6b"><code>43a071d</code></a>
3.0.5 -> 3.0.6</li>
<li><a
href="2bb5e96943"><code>2bb5e96</code></a>
Fix Firefox drag bug (<a
href="https://redirect.github.com/bvaughn/react-resizable-panels/issues/517">#517</a>)</li>
<li>See full diff in <a
href="https://github.com/bvaughn/react-resizable-panels/compare/3.0.5...3.0.6">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Bumps
[@types/react-dom](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/react-dom)
from 19.1.9 to 19.1.10.
<details>
<summary>Commits</summary>
<ul>
<li>See full diff in <a
href="https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/react-dom">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Bumps [deps/googletest](https://github.com/google/googletest) from
`50b8600` to `9706f75`.
<details>
<summary>Commits</summary>
<ul>
<li><a
href="9706f75b8f"><code>9706f75</code></a>
Automated Code Change</li>
<li>See full diff in <a
href="50b8600c63...9706f75b8f">compare
view</a></li>
</ul>
</details>
<br />
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Bumps [deps/capstone](https://github.com/capstone-engine/capstone) from
`c66f877` to `be9a4d2`.
<details>
<summary>Commits</summary>
<ul>
<li><a
href="be9a4d24b7"><code>be9a4d2</code></a>
Update read/written registers for x87 comparison instructions (<a
href="https://redirect.github.com/capstone-engine/capstone/issues/2784">#2784</a>)</li>
<li>See full diff in <a
href="c66f877464...be9a4d24b7">compare
view</a></li>
</ul>
</details>
<br />
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Bumps
[eslint-plugin-react-refresh](https://github.com/ArnaudBarre/eslint-plugin-react-refresh)
from 0.4.20 to 0.4.22.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/ArnaudBarre/eslint-plugin-react-refresh/releases">eslint-plugin-react-refresh's
releases</a>.</em></p>
<blockquote>
<h2>v0.4.22</h2>
<ul>
<li>Add <code>"viewport"</code> to
<code>allowExportNames</code> in Next config (<a
href="https://redirect.github.com/ArnaudBarre/eslint-plugin-react-refresh/pull/89">#89</a>)</li>
</ul>
<h2>v0.4.21</h2>
<ul>
<li>Add Next config (fixes <a
href="https://redirect.github.com/ArnaudBarre/eslint-plugin-react-refresh/issues/85">#85</a>)</li>
</ul>
<p>This allows exports like <code>fetchCache</code> and
<code>revalidate</code> which are used in Page or Layout components and
don't trigger a full page reload.</p>
<pre lang="js"><code>import reactRefresh from
"eslint-plugin-react-refresh";
<p>export default [
/* Main config */
reactRefresh.configs.next,
];
</code></pre></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/ArnaudBarre/eslint-plugin-react-refresh/blob/main/CHANGELOG.md">eslint-plugin-react-refresh's
changelog</a>.</em></p>
<blockquote>
<h2>0.4.22</h2>
<ul>
<li>Add <code>"viewport"</code> to
<code>allowExportNames</code> in Next config (<a
href="https://redirect.github.com/ArnaudBarre/eslint-plugin-react-refresh/pull/89">#89</a>)</li>
</ul>
<h2>0.4.21</h2>
<ul>
<li>Add Next config (fixes <a
href="https://redirect.github.com/ArnaudBarre/eslint-plugin-react-refresh/issues/85">#85</a>)</li>
</ul>
<p>This allows exports like <code>fetchCache</code> and
<code>revalidate</code> which are used in Page or Layout components and
don't trigger a full page reload.</p>
<pre lang="js"><code>import reactRefresh from
"eslint-plugin-react-refresh";
<p>export default [
/* Main config */
reactRefresh.configs.next,
];
</code></pre></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="3395dda35d"><code>3395dda</code></a>
v0.4.22 [publish]</li>
<li><a
href="2dadd5eb2f"><code>2dadd5e</code></a>
Bump deps</li>
<li><a
href="91f7ebc418"><code>91f7ebc</code></a>
Add viewport to Next.js config allowExportNames (<a
href="https://redirect.github.com/ArnaudBarre/eslint-plugin-react-refresh/issues/89">#89</a>)</li>
<li><a
href="5bf46bf811"><code>5bf46bf</code></a>
Fix publish permissions</li>
<li><a
href="f50af23593"><code>f50af23</code></a>
Use OIDC [publish]</li>
<li><a
href="1b2005b8c8"><code>1b2005b</code></a>
Add Next config [publish] (<a
href="https://redirect.github.com/ArnaudBarre/eslint-plugin-react-refresh/issues/87">#87</a>)</li>
<li>See full diff in <a
href="https://github.com/ArnaudBarre/eslint-plugin-react-refresh/compare/v0.4.20...v0.4.22">compare
view</a></li>
</ul>
</details>
<details>
<summary>Maintainer changes</summary>
<p>This version was pushed to npm by [GitHub Actions](<a
href="https://www.npmjs.com/~GitHub">https://www.npmjs.com/~GitHub</a>
Actions), a new releaser for eslint-plugin-react-refresh since your
current version.</p>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
