Merge remote-tracking branch 'origin/Ghidra_12.0'

(Closes #8524)

CONTRIBUTING.md

@@ -29,98 +29,106 @@ Patches should be submitted in the form of Pull Requests to the Ghidra
 [repository] on GitHub. But first, consider the following tips to ensure a
 smooth process when submitting a patch:
 
-- Ensure that the patch compiles and does not break any build-time tests.
+- Ensure that the patch compiles and runs in at least our development environment, and ideally our
-- Be understanding, patient, and friendly; developers may need time to review
+  full build too. Even the most trivial change done in the GitHub editor has a chance to cause
-  your submissions before they can take action or respond. This does not mean
+  problems in the full development environment for unexpected reasons.
-  your contribution is not valued. If your contribution has not received a
+- If using "AI" to assist in development, please apply extra scrutity to its suggestions, in terms
-  response in a reasonable time, consider commenting with a polite inquiry for
+  of both correctness and adherence to our [legal](#legal) requirements.
-  an update.
+- Be understanding, patient, and friendly; developers may need time to review your submissions 
-- Limit your patches to the smallest reasonable change to achieve your intended
+  before they can take action or respond. This does not mean your contribution is not valued. If 
-  goal. For example, do not make unnecessary indentation changes; but don't go
+  your contribution has not received a response in a reasonable time, consider commenting with a 
-  out of your way to make the patch so minimal that it isn't easy to read,
+  polite inquiry for an update.
-  either. Consider the reviewer's perspective.
+- Limit your patches to the smallest reasonable change to achieve your intended goal. For example, 
-- Unless previously authorized by the Ghidra team, repackaging, renaming, and 
+  do not make unnecessary indentation changes; but don't go out of your way to make the patch so 
-  other refactoring should not be part of any pull request. These types of 
+  minimal that it isn't easy to read, either. Consider the reviewer's perspective.
-  changes are difficult to review, pollute the git history making it harder 
+- Unless previously authorized by the Ghidra team, repackaging, renaming, and other refactoring 
-  to do git forensics on regressions, and will likely conflict with other 
+  should not be part of any pull request. These types of changes are difficult to review, pollute 
-  changes that the Ghidra team is making internally.
+  the git history making it harder to do git forensics on regressions, and will likely conflict with
-- Avoid "find and replace" changes in your pull request.  While it may be 
+  other changes that the Ghidra team is making internally.
-  tempting to globally replace calls to deprecated methods or change the style
+- Avoid "find and replace" changes in your pull request. While it may be  tempting to globally 
-  of the code to fit your personal preference, these types of seemingly trivial
+  replace calls to deprecated methods or change the style of the code to fit your personal 
-  changes have likely not already been performed by the Ghidra team for good 
+  preference, these types of seemingly trivial changes have likely not already been performed by the
-  reason.
+  Ghidra team for good reason.
-- Focus your patches on bug fixes that were discovered through real-world
+- Focus your patches on bug fixes that were discovered through real-world usage and testing, and on
-  usage and testing, and on improvements that clearly satisfy a need in 
+  improvements that clearly satisfy a need in Ghidra's functionality. Before you begin 
-  Ghidra's functionality.  Before you begin implementing, consider first
+  implementing, consider first opening a dialogue with the Ghidra team to ensure that your efforts
-  opening a dialogue with the Ghidra team to ensure that your efforts will 
+  will align with the goals of the project. This will significantly improve the odds that your 
-  align with the goals of the project.  This will significantly improve the odds
+  patch gets accepted.
-  that your patch gets accepted.
+- Unless it addresses a critical security update, avoid pull requests that update jars or other 3rd
-- Unless it addresses a critical security update, avoid pull requests that update 
+  party libraries. It is preferred that these changes are made internally by the team. If you have
-  jars or other 3rd party libraries.  It is preferred that these changes are made
+  a need for an updated library, please submit an issue with your request instead of a pull request.
-  internally by the team.  If you have a need for an updated library, please
+- Before submission, please squash your commits to using a message that starts with the issue number
-  submit an issue with your request instead of a pull request.
+  and a description of the changes.
-- Before submission, please squash your commits to using a message that starts
+- Isolate multiple patches from each other. If you wish to make several independent patches, do so 
-  with the issue number and a description of the changes.
+  in separate, smaller pull requests that can be reviewed more easily.
-- Isolate multiple patches from each other. If you wish to make several
+- Avoid submitting self-generated binary files as part of your pull request. Despite your best 
-  independent patches, do so in separate, smaller pull requests that can be
+  intentions, our policy forbids accepting them because we cannot effectively review and validate 
-  reviewed more easily.
+  their content.
-- Be prepared to answer questions from reviewers. They may have further
+- Be prepared to answer questions from reviewers. They may have further questions before accepting
-  questions before accepting your patch, and may even propose changes. Please
+  your patch, and may even propose changes. Please accept this feedback constructively, and not as a
-  accept this feedback constructively, and not as a rejection of your proposed
+  rejection of your proposed change.
-  change.
 
 ## Review
 
-- We welcome code reviews from anyone. A committer is required to formally
+- We welcome code reviews from anyone. A committer is required to formally accept and merge the 
-  accept and merge the changes.
+  changes.
-- Reviewers will be looking for things like threading issues, performance
+- Reviewers will be looking for things like threading issues, performance implications, API design,
-  implications, API design, duplication of existing functionality, readability
+  duplication of existing functionality, readability and code style, avoidance of bloat 
-  and code style, avoidance of bloat (scope-creep), etc.
+  (scope-creep), etc.
 - Reviewers will likely ask questions to better understand your change.
 - Reviewers will make comments about changes to your patch:
     - MUST means that the change is required
-    - SHOULD means that the change is suggested, further discussion on the
+    - SHOULD means that the change is suggested, further discussion on the subject may be required
-      subject may be required
     - COULD means that the change is optional
 
 ## Getting Started
 
-Once available, please see the [developer's guide][devguide] for instructions to set up a suitable development environment.
+Once available, please see the [developer's guide][devguide] for instructions to set up a suitable 
+development environment.
 
 ## Timeline and Managing Expectations
 
-As we continue to engage contributors and learn best practices for running a successful open source project, our processes 
+As we continue to engage contributors and learn best practices for running a successful open source 
-and guidance will likely evolve. We will try to communicate expectations as we are able and to always be responsive. We 
+project, our processes and guidance will likely evolve. We will try to communicate expectations as 
-hope that the community will share their suggestions for improving this engagement.  Based on the level of initial interest 
+we are able to and be responsive. We hope that the community will share their suggestions for
-we receive and the availability of resources to evaluate contributions, we anticipate the following:
+improving this engagement. Based on the level of initial interest we receive and the availability 
+of resources to evaluate contributions, we anticipate the following:
 
-- We will initially prioritize pull requests that include small bug fixes and code that addresses potential vulnerabilities   
+- We will initially prioritize pull requests that include small bug fixes and code that addresses 
-  as well as pull requests that include improvements for processor language specifications because these require a 
+  potential vulnerabilities as well as pull requests that include improvements for processor 
-  reasonable amount of effort to evaluate and will help us exercise and revise our process for accepting contributions.  In 
+  language specifications because these require a reasonable amount of effort to evaluate and will
-  other words, we are going to start small in order to work out the kinks first.
+  help us exercise and revise our process for accepting contributions. In other words, we are going
-- We are committed to maintaining the integrity and security of our code base.  In addition to the careful review the 
+  to start small in order to work out the kinks first.
-  maintainers will give to code contributions to make sure they do not introduce new bugs or vulnerabilities, we will be 
+- We are committed to maintaining the integrity and security of our code base. In addition to the
-  trying to identify best practices to incorporate with our open source project so that contributors can have more control 
+  careful review the maintainers will give to code contributions to make sure they do not introduce
-  over whether their contributions are accepted. These might include things like style guides and requirements for tests and 
+  new bugs or vulnerabilities, we will be trying to identify best practices to incorporate with our
-  documentation to accompany some code contributions.  As a result, it may take a long time for some contributions to be 
+  open source project so that contributors can have more control over whether their contributions 
-  accepted.  This does not mean we are ignoring them.
+  are accepted. These might include things like style guides and requirements for tests and 
-- We are committed to integrating this GitHub project with our team's regular development work flow so that the open source 
+  documentation to accompany some code contributions. As a result, it may take a long time for some
-  project remains dynamic and relevant.  This may  affect our responsiveness and ability to accept pull requests 
+  contributions to be accepted. This does not mean we are ignoring them.
-  quickly.  This does not mean we are ignoring them.
+- We are committed to integrating this GitHub project with our team's regular development work flow
-- Not all innovative ideas need to be accepted as pull requests into this GitHub project to be valuable to the community.        
+  so that the open source project remains dynamic and relevant. This may  affect our responsiveness
-  There may be times when we recommend that you just share your code for some enhancement to Ghidra from your own 
+  and ability to accept pull requests quickly. This does not mean we are ignoring them.
-  repository. As we identify and recognize extensions that are of general interest to the reverse engineering community, we 
+- Not all innovative ideas need to be accepted as pull requests into this GitHub project to be 
-  may seek to incorporate them with our baseline.
+  valuable to the community. There may be times when we recommend that you just share your code for
+  some enhancement to Ghidra from your own repository. As we identify and recognize extensions that
+  are of general interest to the reverse engineering community, we may seek to incorporate them with
+  our baseline.
 
 ## Legal
 
-Consistent with Section D.6. of the GitHub Terms of Service as of 2019, and Section 5. of the Apache License, Version 2.0, the project maintainer for this project accepts contributions using the inbound=outbound model.
+Consistent with Section D.6. of the GitHub Terms of Service as of 2019, and Section 5. of the Apache
-When you submit a pull request to this repository (inbound), you are agreeing to license your contribution under the same terms as specified in [LICENSE] (outbound).
+License, Version 2.0, the project maintainer for this project accepts contributions using the 
+inbound=outbound model. When you submit a pull request to this repository (inbound), you are 
+agreeing to license your contribution under the same terms as specified in [LICENSE] (outbound).
 
-This is an open source project.
+This is an open source project. Contributions you make to this public U.S. Government ("USG") 
-Contributions you make to this public U.S. Government ("USG") repository are completely voluntary.
+repository are completely voluntary. When you submit an issue, bug report, question, enhancement, 
-When you submit an issue, bug report, question, enhancement, pull request, etc., you are offering your contribution without expectation of payment, you expressly waive any future pay claims against the USG related to your contribution, and you acknowledge that this does not create an obligation on the part of the USG of any kind.
+pull request, etc., you are offering your contribution without expectation of payment, you expressly
-Furthermore, your contributing to this project does not create an employer-employee relationship between the United States ("U.S.") Government and the contributor.
+waive any future pay claims against the USG related to your contribution, and you acknowledge that
+this does not create an obligation on the part of the USG of any kind. Furthermore, your 
+contributing to this project does not create an employer-employee relationship between the United 
+States ("U.S.") Government and the contributor.
 
 [issues]: https://github.com/NationalSecurityAgency/ghidra/issues
 [repository]: https://github.com/NationalSecurityAgency/ghidra/

DevGuide.md

@@ -41,6 +41,12 @@ will be stored at `$HOME/.gradle/`.
 gradle prepdev
 ```
 
+Clean up repository build files.  In rare circumstances this may be necessary after a `git pull` to
+fix unexplainable compilation errors.
+```
+gradle clean
+```
+
 Generate nested Eclipse project files which can then be imported into Eclipse as "existing 
 projects".
 ```
@@ -354,6 +360,53 @@ We also provide out-of-the-box QEMU integration via GDB.
 
 When submitting help tickets and pull requests, please tag those related to the debugger with "Debugger" so that we can triage them more quickly.
 
+## Troubleshooting and Help
+
+### Eclipse Issues
+After pulling or syncing with the latest Ghidra source repository, you might run into the following
+issues in Eclipse:
+
+* __Problem:__ _There are Eclipse compilation errors that I don't know how to deal with...I give up!_
+  * __Solution:__
+    * From Eclipse, collapse all projects in the _Package Explorer_ or _Project Explorer_ by
+      clicking the `⊟` icon in that frame
+    * Locate any projects in the _Package Explorer_ or _Project Explorer_ that have little `?` icons
+      on them (these projects should no longer be in source control)
+    * Right-click on __only them__, and then click _Delete_.
+    * __CHECK__ the _"Delete project contents on disk"_ checkbox.
+    * Click _OK_ (confirm git does not contain any new unstaged files for delete)
+    * Select all projects in the _Package Explorer_ or _Project Explorer_
+    * Right-click on them, and then click _Delete_ (this may not work if projects are not collapsed)
+    * Leave _"Delete project contents on disk"_ checkbox __UNCHECKED__
+    * Click _OK_.  You should now have an empty _Package Explorer_ or _Project Explorer_.
+    * `gradle -I gradle/support/fetchDependencies.gradle`
+    * `gradle prepdev cleanEclipse eclipse buildNatives`
+    * From Eclipse, _File -> Import..._
+    * _General | Existing Projects into Workspace_
+    * Select root directory to be your downloaded or cloned ghidra source repository
+    * Check _"Search for nested projects"_
+    * Click _Finish_
+    
+    This should get Eclipse back to a fresh state. There should never be a need to re-clone the
+    repository.
+
+* __Problem:__ _The Ghidra run configurations (launchers) are missing_.
+  * __Solution:__
+    The Ghidra run configurations are kept under source control in various modules' `.launch/` 
+    directories (i.e., `Ghidra/Features/Base/.launch/`). As long as the corresponding module 
+    project is imported into Eclipse (i.e., `Features Base`), the run configurations should be
+    available in Eclipse under _Run -> Run Configurations_.  If they aren't there and the 
+    projects are imported, try closing and reopening Eclipse. 
+    
+    __NOTE:__ Sometimes you have to launch Ghidra via the _Run -> Run Configurations..._ window one
+    time for the run configuration to show up under the favorites menu in the main Eclipse button 
+    bar.
+    
+    __NOTE:__ Never address missing run configurations by manually importing them via _File -> 
+    Import... -> Run/Debug -> Launch Configurations._ This avoids the real issue and will 
+    inevitably result in duplicate run configurations showing up one day, which can cause
+    additional confusion.
+
 ## Known Issues
 * There is a known issue in Gradle that can prevent it from discovering native toolchains on Linux 
   if a non-English system locale is being used. As a workaround, set the following environment 
@@ -363,7 +416,7 @@ When submitting help tickets and pull requests, please tag those related to the
 
 [java]: https://dev.java
 [cpp]: https://isocpp.org
-[sleigh]: https://htmlpreview.github.io/?https://github.com/NationalSecurityAgency/ghidra/blob/master/GhidraDocs/languages/index.html
+[sleigh]: https://htmlpreview.github.io/?https://github.com/NationalSecurityAgency/ghidra/blob/stable/GhidraDocs/languages/index.html
 [python]: https://www.python.org
 [venv]: https://docs.python.org/3/tutorial/venv.html
 [jython]: https://www.jython.org

GPL/DMG/src/dmg/java/mobiledevices/dmg/ghidra/GDataConverterBE.java

@@ -13,9 +13,6 @@ package mobiledevices.dmg.ghidra;
 public class GDataConverterBE implements GDataConverter {
 	public static final GDataConverterBE INSTANCE = new GDataConverterBE();
 
-	/**
-	 * 
-	 */
 	private static final long serialVersionUID = 1L;
 
 	/**
@@ -27,6 +24,7 @@ public class GDataConverterBE implements GDataConverter {
 	/**
 	 * @see GDataConverter#getShort(byte[])
 	 */
+	@Override
 	public final short getShort(byte[] b) {
 		return getShort(b, 0);
 	}
@@ -34,6 +32,7 @@ public class GDataConverterBE implements GDataConverter {
 	/**
 	 * @see GDataConverter#getShort(byte[], int)
 	 */
+	@Override
 	public short getShort(byte[] b, int offset) {
 		return (short) (((b[offset] & 0xff) << 8) | (b[offset + 1] & 0xff));
 	}
@@ -41,6 +40,7 @@ public class GDataConverterBE implements GDataConverter {
 	/**
 	 * @see GDataConverter#getInt(byte[])
 	 */
+	@Override
 	public final int getInt(byte[] b) {
 		return getInt(b, 0);
 	}
@@ -48,6 +48,7 @@ public class GDataConverterBE implements GDataConverter {
 	/**
 	 * @see GDataConverter#getInt(byte[], int)
 	 */
+	@Override
 	public int getInt(byte[] b, int offset) {
 		int v = b[offset];
 		for (int i = 1; i < 4; i++) {
@@ -59,6 +60,7 @@ public class GDataConverterBE implements GDataConverter {
 	/**
 	 * @see GDataConverter#getLong(byte[])
 	 */
+	@Override
 	public final long getLong(byte[] b) {
 		return getLong(b, 0);
 	}
@@ -66,6 +68,7 @@ public class GDataConverterBE implements GDataConverter {
 	/**
 	 * @see GDataConverter#getLong(byte[], int)
 	 */
+	@Override
 	public long getLong(byte[] b, int offset) {
 		long v = b[offset];
 		for (int i = 1; i < 8; i++) {
@@ -77,6 +80,7 @@ public class GDataConverterBE implements GDataConverter {
 	/**
 	 * @see GDataConverter.util.DataConverter#getValue(byte[], int)
 	 */
+	@Override
 	public long getValue(byte[] b, int size) {
 		return getValue(b, 0, size);
 	}
@@ -84,6 +88,7 @@ public class GDataConverterBE implements GDataConverter {
 	/**
 	 * @see GDataConverter.util.DataConverter#getValue(byte[], int, int)
 	 */
+	@Override
 	public long getValue(byte[] b, int offset, int size) {
 		if (size > 8) {
 			throw new IndexOutOfBoundsException("size exceeds sizeof long: " + size);
@@ -98,6 +103,7 @@ public class GDataConverterBE implements GDataConverter {
 	/**
 	 * @see GDataConverter#getBytes(short, byte[])
 	 */
+	@Override
 	public final void getBytes(short value, byte[] b) {
 		getBytes(value, b, 0);
 	}
@@ -105,6 +111,7 @@ public class GDataConverterBE implements GDataConverter {
 	/**
 	 * @see GDataConverter#getBytes(short, byte[], int)
 	 */
+	@Override
 	public void getBytes(short value, byte[] b, int offset) {
 		b[offset] = (byte) (value >> 8);
 		b[offset + 1] = (byte) (value & 0xff);
@@ -113,6 +120,7 @@ public class GDataConverterBE implements GDataConverter {
 	/**
 	 * @see GDataConverter#getBytes(int, byte[])
 	 */
+	@Override
 	public final void getBytes(int value, byte[] b) {
 		getBytes(value, b, 0);
 	}
@@ -120,6 +128,7 @@ public class GDataConverterBE implements GDataConverter {
 	/**
 	 * @see GDataConverter#getBytes(int, byte[], int)
 	 */
+	@Override
 	public void getBytes(int value, byte[] b, int offset) {
 		b[offset + 3] = (byte) (value);
 		for (int i = 2; i >= 0; i--) {
@@ -131,6 +140,7 @@ public class GDataConverterBE implements GDataConverter {
 	/**
 	 * @see GDataConverter#getBytes(long, byte[])
 	 */
+	@Override
 	public final void getBytes(long value, byte[] b) {
 		getBytes(value, 8, b, 0);
 	}
@@ -138,6 +148,7 @@ public class GDataConverterBE implements GDataConverter {
 	/**
 	 * @see GDataConverter#getBytes(long, byte[], int)
 	 */
+	@Override
 	public void getBytes(long value, byte[] b, int offset) {
 		getBytes(value, 8, b, offset);
 	}
@@ -145,6 +156,7 @@ public class GDataConverterBE implements GDataConverter {
 	/**
 	 * @see GDataConverter.util.DataConverter#getBytes(long, int, byte[], int)
 	 */
+	@Override
 	public void getBytes(long value, int size, byte[] b, int offset) {
 		for (int i = size - 1; i >= 0; i--) {
 			b[offset + i] = (byte) value;
@@ -155,6 +167,7 @@ public class GDataConverterBE implements GDataConverter {
 	/**
 	 * @see GDataConverter.util.DataConverter#putInt(byte[], int, int)
 	 */
+	@Override
 	public final void putInt(byte[] b, int offset, int value) {
 		getBytes(value, b, offset);
 	}
@@ -162,6 +175,7 @@ public class GDataConverterBE implements GDataConverter {
 	/**
 	 * @see GDataConverter.util.DataConverter#putInt(byte[], int)
 	 */
+	@Override
 	public final void putInt(byte[] b, int value) {
 		getBytes(value, b);
 	}
@@ -169,6 +183,7 @@ public class GDataConverterBE implements GDataConverter {
 	/**
 	 * @see GDataConverter.util.DataConverter#putLong(byte[], int, long)
 	 */
+	@Override
 	public final void putLong(byte[] b, int offset, long value) {
 		getBytes(value, b, offset);
 	}
@@ -176,6 +191,7 @@ public class GDataConverterBE implements GDataConverter {
 	/**
 	 * @see GDataConverter.util.DataConverter#putLong(byte[], long)
 	 */
+	@Override
 	public final void putLong(byte[] b, long value) {
 		getBytes(value, b);
 	}
@@ -183,6 +199,7 @@ public class GDataConverterBE implements GDataConverter {
 	/**
 	 * @see GDataConverter.util.DataConverter#putShort(byte[], int, short)
 	 */
+	@Override
 	public final void putShort(byte[] b, int offset, short value) {
 		getBytes(value, b, offset);
 	}
@@ -190,6 +207,7 @@ public class GDataConverterBE implements GDataConverter {
 	/**
 	 * @see GDataConverter.util.DataConverter#putShort(byte[], short)
 	 */
+	@Override
 	public final void putShort(byte[] b, short value) {
 		getBytes(value, b);
 	}
@@ -197,6 +215,7 @@ public class GDataConverterBE implements GDataConverter {
 	/**
 	 * @see GDataConverter.util.DataConverter#getBytes(int)
 	 */
+	@Override
 	public byte[] getBytes(int value) {
 		byte[] bytes = new byte[4];
 		getBytes(value, bytes);
@@ -206,6 +225,7 @@ public class GDataConverterBE implements GDataConverter {
 	/**
 	 * @see GDataConverter.util.DataConverter#getBytes(long)
 	 */
+	@Override
 	public byte[] getBytes(long value) {
 		byte[] bytes = new byte[8];
 		getBytes(value, bytes);
@@ -215,6 +235,7 @@ public class GDataConverterBE implements GDataConverter {
 	/**
 	 * @see GDataConverter.util.DataConverter#getBytes(short)
 	 */
+	@Override
 	public byte[] getBytes(short value) {
 		byte[] bytes = new byte[2];
 		getBytes(value, bytes);

GPL/DMG/src/dmg/java/mobiledevices/dmg/ghidra/GDataConverterLE.java

@@ -11,9 +11,7 @@ package mobiledevices.dmg.ghidra;
 
 public class GDataConverterLE implements GDataConverter {
 	public static GDataConverterLE INSTANCE = new GDataConverterLE();
-	/**
+
-	 * 
-	 */
 	private static final long serialVersionUID = 1L;
 
 	/**
@@ -25,6 +23,7 @@ public class GDataConverterLE implements GDataConverter {
 	/**
 	 * @see GDataConverter#getShort(byte[])
 	 */
+	@Override
 	public final short getShort(byte[] b) {
 		return getShort(b, 0);
 	}
@@ -32,6 +31,7 @@ public class GDataConverterLE implements GDataConverter {
 	/**
 	 * @see GDataConverter#getShort(byte[], int)
 	 */
+	@Override
 	public short getShort(byte[] b, int offset) {
 		return (short) (((b[offset + 1] & 0xff) << 8) | (b[offset] & 0xff));
 	}
@@ -39,6 +39,7 @@ public class GDataConverterLE implements GDataConverter {
 	/**
 	 * @see GDataConverter#getInt(byte[])
 	 */
+	@Override
 	public final int getInt(byte[] b) {
 		return getInt(b, 0);
 	}
@@ -46,6 +47,7 @@ public class GDataConverterLE implements GDataConverter {
 	/**
 	 * @see GDataConverter#getInt(byte[], int)
 	 */
+	@Override
 	public int getInt(byte[] b, int offset) {
 		int v = b[offset + 3];
 		for (int i = 2; i >= 0; i--) {
@@ -57,6 +59,7 @@ public class GDataConverterLE implements GDataConverter {
 	/**
 	 * @see GDataConverter#getLong(byte[])
 	 */
+	@Override
 	public final long getLong(byte[] b) {
 		return getLong(b, 0);
 	}
@@ -64,6 +67,7 @@ public class GDataConverterLE implements GDataConverter {
 	/**
 	 * @see GDataConverter#getLong(byte[], int)
 	 */
+	@Override
 	public long getLong(byte[] b, int offset) {
 		long v = b[offset + 7];
 		for (int i = 6; i >= 0; i--) {
@@ -75,6 +79,7 @@ public class GDataConverterLE implements GDataConverter {
 	/**
 	 * @see ghidra.util.GDataConverter#getValue(byte[], int)
 	 */
+	@Override
 	public long getValue(byte[] b, int size) {
 		return getValue(b, 0, size);
 	}
@@ -82,6 +87,7 @@ public class GDataConverterLE implements GDataConverter {
 	/**
 	 * @see ghidra.util.GDataConverter#getValue(byte[], int, int)
 	 */
+	@Override
 	public long getValue(byte[] b, int offset, int size) {
 		if (size > 8) {
 			throw new IndexOutOfBoundsException("size exceeds sizeof long: " + size);
@@ -96,6 +102,7 @@ public class GDataConverterLE implements GDataConverter {
 	/**
 	 * @see GDataConverter#getBytes(short, byte[])
 	 */
+	@Override
 	public final void getBytes(short value, byte[] b) {
 		getBytes(value, b, 0);
 	}
@@ -103,6 +110,7 @@ public class GDataConverterLE implements GDataConverter {
 	/**
 	 * @see GDataConverter#getBytes(short, byte[], int)
 	 */
+	@Override
 	public void getBytes(short value, byte[] b, int offset) {
 		b[offset + 1] = (byte) (value >> 8);
 		b[offset] = (byte) (value & 0xff);
@@ -111,6 +119,7 @@ public class GDataConverterLE implements GDataConverter {
 	/**
 	 * @see GDataConverter#getBytes(int, byte[])
 	 */
+	@Override
 	public final void getBytes(int value, byte[] b) {
 		getBytes(value, b, 0);
 	}
@@ -118,6 +127,7 @@ public class GDataConverterLE implements GDataConverter {
 	/**
 	 * @see GDataConverter#getBytes(int, byte[], int)
 	 */
+	@Override
 	public void getBytes(int value, byte[] b, int offset) {
 		b[offset] = (byte) (value);
 		for (int i = 1; i < 4; i++) {
@@ -129,6 +139,7 @@ public class GDataConverterLE implements GDataConverter {
 	/**
 	 * @see GDataConverter#getBytes(long, byte[])
 	 */
+	@Override
 	public final void getBytes(long value, byte[] b) {
 		getBytes(value, 8, b, 0);
 	}
@@ -136,6 +147,7 @@ public class GDataConverterLE implements GDataConverter {
 	/**
 	 * @see GDataConverter#getBytes(long, byte[], int)
 	 */
+	@Override
 	public void getBytes(long value, byte[] b, int offset) {
 		getBytes(value, 8, b, offset);
 	}
@@ -143,6 +155,7 @@ public class GDataConverterLE implements GDataConverter {
 	/**
 	 * @see ghidra.util.GDataConverter#getBytes(long, int, byte[], int)
 	 */
+	@Override
 	public void getBytes(long value, int size, byte[] b, int offset) {
 		for (int i = 0; i < size; i++) {
 			b[offset + i] = (byte) value;
@@ -153,6 +166,7 @@ public class GDataConverterLE implements GDataConverter {
 	/**
 	 * @see ghidra.util.GDataConverter#putInt(byte[], int, int)
 	 */
+	@Override
 	public final void putInt(byte[] b, int offset, int value) {
 		getBytes(value, b, offset);
 	}
@@ -160,6 +174,7 @@ public class GDataConverterLE implements GDataConverter {
 	/**
 	 * @see ghidra.util.GDataConverter#putInt(byte[], int)
 	 */
+	@Override
 	public final void putInt(byte[] b, int value) {
 		getBytes(value, b);
 	}
@@ -167,6 +182,7 @@ public class GDataConverterLE implements GDataConverter {
 	/**
 	 * @see ghidra.util.GDataConverter#putLong(byte[], int, long)
 	 */
+	@Override
 	public final void putLong(byte[] b, int offset, long value) {
 		getBytes(value, b, offset);
 	}
@@ -174,6 +190,7 @@ public class GDataConverterLE implements GDataConverter {
 	/**
 	 * @see ghidra.util.GDataConverter#putLong(byte[], long)
 	 */
+	@Override
 	public final void putLong(byte[] b, long value) {
 		getBytes(value, b);
 	}
@@ -181,6 +198,7 @@ public class GDataConverterLE implements GDataConverter {
 	/**
 	 * @see ghidra.util.GDataConverter#putShort(byte[], int, short)
 	 */
+	@Override
 	public final void putShort(byte[] b, int offset, short value) {
 		getBytes(value, b, offset);
 	}
@@ -188,6 +206,7 @@ public class GDataConverterLE implements GDataConverter {
 	/**
 	 * @see ghidra.util.GDataConverter#putShort(byte[], short)
 	 */
+	@Override
 	public final void putShort(byte[] b, short value) {
 		getBytes(value, b);
 	}
@@ -195,6 +214,7 @@ public class GDataConverterLE implements GDataConverter {
 	/**
 	 * @see ghidra.util.GDataConverter#getBytes(int)
 	 */
+	@Override
 	public byte[] getBytes(int value) {
 		byte[] bytes = new byte[4];
 		getBytes(value, bytes);
@@ -204,6 +224,7 @@ public class GDataConverterLE implements GDataConverter {
 	/**
 	 * @see ghidra.util.GDataConverter#getBytes(long)
 	 */
+	@Override
 	public byte[] getBytes(long value) {
 		byte[] bytes = new byte[8];
 		getBytes(value, bytes);
@@ -213,6 +234,7 @@ public class GDataConverterLE implements GDataConverter {
 	/**
 	 * @see ghidra.util.GDataConverter#getBytes(short)
 	 */
+	@Override
 	public byte[] getBytes(short value) {
 		byte[] bytes = new byte[2];
 		getBytes(value, bytes);

GPL/DemanglerGnu/build.gradle

@@ -35,8 +35,8 @@ def srcVersion24 = "src/demangler_gnu_v2_24"
  */
 task zipBuildableSource(type:Zip) {
 
-	group 'private'
+	group = 'private'
-	description "Collects the source files needed to build this module."
+	description = "Collects the source files needed to build this module."
 	archiveBaseName = project.name + "-src-for-build"
 	archiveExtension = 'zip'
 		

GPL/GnuDisassembler/buildGdis.gradle

@@ -76,8 +76,8 @@ gradle.taskGraph.whenReady {
  * Task to unpack the standard binutils zip file
  *******************************************************************************************/
 task binutilsUnpack {
-	description "Unpack binutils (for building gdis)"
+	description = "Unpack binutils (for building gdis)"
-	group "Native Build Dependencies"
+	group = "Native Build Dependencies"
 	outputs.file { binutilsUnpackDir }
 	onlyIf { !binutilsUnpackDir.exists() }
 	
@@ -104,8 +104,8 @@ supportedPlatforms.each { platform ->
 	def artifactsDir = file("build/binutils/${platform}")
 		
 	task(buildName) {
-		description "Configure and make binutils for $platform (for building gdis)"
+		description ="Configure and make binutils for $platform (for building gdis)"
-		group "Native Prebuild Dependencies"
+		group = "Native Prebuild Dependencies"
 		
 		onlyIf { !configDir.exists() }
 		
@@ -122,21 +122,21 @@ supportedPlatforms.each { platform ->
 			println "Configuring binutils - config directory: $configDir"
 			println "${binutilsDir}/configure --prefix=\"${configDir}\" --enable-targets=all --with-zlib=no --disable-nls --disable-werror"
 			configDir.mkdirs();
-			exec {
+			providers.exec {
 				workingDir configDir
 				commandLine "${binutilsDir}/configure", "--prefix=${configDir}", "--enable-targets=all", "--with-zlib=no", "--disable-nls",  "--disable-werror"
-			}
+			}.result.get()
 			
 			println "Building binutils - config directory: $configDir"
-			exec {
+			providers.exec {
 				commandLine "make", "-C", "${configDir}", "all"
-			}
+			}.result.get()
 		}	
 	}
 	
 	task(postBuildName, type: Copy) {
-		description "Copy binutil artifcacts for $platform (for building gdis)"
+		description = "Copy binutil artifcacts for $platform (for building gdis)"
-		group "Native Prebuild Dependencies"
+		group = "Native Prebuild Dependencies"
 		
 		dependsOn buildName
 		

GPL/nativeBuildProperties.gradle

@@ -34,39 +34,25 @@ model {
 		}
 	}	
 
-	// The toolChains block is needed because Gradle doesn't find gcc/clang on ARM-based Linux
+	// The toolChains block is needed because Gradle doesn't find the native toolchain in various
-	// and macOS platforms without explicitly declaring their targets.  Might be a bug in the 
+	// scenarios. These checks, can be removed when Gradle fixes them, and we advertise a
-	// native Gradle plugin. 
+	// minimum Gradle version that includes the fix.
 	toolChains {
-		if (isCurrentLinux()) {
+		def current = getCurrentPlatformName()
-			gcc(Gcc) {
+		if (isLinux(current)) {
-				if (isCurrentArm_64()) {
+			// https://github.com/gradle/gradle/issues/17660 (fixed in Gradle 8.11)
-					target("linux_arm_64")
+			gcc(Gcc).target(current)
+			clang(Clang).target(current)
 		}
+		if (isFreeBSD(current)) {
+			// https://github.com/gradle/gradle/issues/32895
+			gcc(Gcc).target(current)
+			clang(Clang).target(current)
 		}
-		}
+		if (isWindows(current) && VISUAL_STUDIO_INSTALL_DIR) {
-		if (isCurrentMac()) {
+			// https://github.com/gradle/gradle-native/issues/617#issuecomment-575735288
-			clang(Clang) {
-				if (isCurrentArm_64()) {
-					target("mac_arm_64")
-				}
-			}
-		}
-		if (isCurrentFreeBSD()) {
-			gcc(Gcc) {
-				if (isCurrentArm_64()) {
-					target("freebsd_arm_64")
-				} 
-				else {
-					target("freebsd_x86_64")
-				}
-			}
-		}
-		if (isCurrentWindows() && VISUAL_STUDIO_INSTALL_DIR) {
-			// specify installDir because Gradle doesn't find VS Build Tools.
-			// See https://github.com/gradle/gradle-native/issues/617#issuecomment-575735288
 			visualCpp(VisualCpp) {
-				installDir VISUAL_STUDIO_INSTALL_DIR
+				installDir = VISUAL_STUDIO_INSTALL_DIR
 			}
 		}
 	}
@@ -121,6 +107,9 @@ def isNativeBinaryMakeTask(Task task, String platform) {
  *
  ******************************************************************************************/
 def shouldSkipNative(task) {
+	if (rootProject.hasProperty("skipAllNatives")) {
+		return true;
+	}
 	return task.ext.has("skipNative") && task.ext.get("skipNative")
 }
 

GPL/vsconfig.gradle

@@ -34,7 +34,7 @@ def configureVisualStudio() {
 			println "  -> To manually specify the location of vswhere.exe, add \"-PvswherePath=<vswhere path>\" to the Gradle command line arguments"
 			return
 		}
-		def vswhereProcess = "\"${vswherePath}\" -products * -latest -requires Microsoft.VisualStudio.Component.VC.Tools.x86.x64 -format json -utf8".execute()
+		def vswhereProcess = "\"${vswherePath}\" -products * -sort -prerelease -requires Microsoft.VisualStudio.Component.VC.Tools.x86.x64 -format json -utf8".execute()
 		def vswhereOutput = vswhereProcess.text.trim()
 		def vswhereExit = vswhereProcess.exitValue()
 		if (vswhereExit != 0) {
@@ -45,15 +45,31 @@ def configureVisualStudio() {
 				println "  -> Visual Studio vswhere.exe returned an error code (${vswhereExit})!"
 			}
 			println "  -> Please confirm ${vswherePath} is version 2.5 or later."
-			println "  -> Please check README.md or InstallationGuide.html to verify you are using a supported version of Visual Studio." 
+			println "  -> Please check README.md or GettingStarted.md to verify you are using a supported version of Visual Studio." 
 			return
 		}
 		def vswhereJson = new groovy.json.JsonSlurper().parseText(vswhereOutput);
-		if (vswhereJson.isEmpty()) {
+		def usePrerelease = project.hasProperty("vswherePrerelease")
+		def i = -1
+		println "  -> Searching for Visual Studio installations..."
+		vswhereJson.eachWithIndex { item, index ->
+			def isPrerelease = item.get("isPrerelease")
+			def name = item.get("displayName") + (isPrerelease ? " Prerelease" : "")
+			if (i == -1) {
+				if (usePrerelease || !isPrerelease) {
+					i = index
+				}
+			}
+			println "     ${index + 1}: ${name}" + 
+				(i == index ? " (selected)" : "") +
+				(isPrerelease && !usePrerelease ? " (enable with -PvswherePrerelease)" : "")
+		}
+		if (i == -1) {
 			println "  -> Visual Studio not found!"
 			return
 		}
-		def vsInstallDir = vswhereJson[0].installationPath
+		
+		def vsInstallDir = vswhereJson[i].installationPath
 		println "  -> Installation Directory: ${vsInstallDir}"
 
 		// Use vcvarsall.bat to determine the latest Visual Studio's default SDK and tool versions

Ghidra/Configurations/Public_Release/src/global/docs/WhatsNew.md

@@ -5,7 +5,7 @@ to analyze compiled code on a variety of platforms including Windows, MacOS, and
 include disassembly, assembly, decompilation, debugging, emulation, graphing, and scripting, along
 with hundreds of other features.  Ghidra supports a wide variety of processor instruction sets and
 executable formats and can be run in both user-interactive and automated modes.  Users may also
-develop their own Ghidra plug-in components and/or scripts using the exposed API.  In addition there
+develop their own Ghidra plug-in components and/or scripts using the exposed API.  In addition, there
 are numerous ways to extend Ghidra such as new processors, loaders/exporters, automated analyzers,
 and new visualizations.
 
@@ -15,17 +15,17 @@ applied Ghidra SRE capabilities to a variety of problems that involve analyzing
 generating deep insights for NSA analysts who seek a better understanding of potential
 vulnerabilities in networks and systems.
 
-# What's New in Ghidra 11.3
+# What's New in Ghidra 12.0
 This release includes new features, enhancements, performance improvements, quite a few bug fixes,
 and many pull-request contributions. Thanks to all those who have contributed their time, thoughts,
 and code. The Ghidra user community thanks you too!
 	
 ### The not-so-fine print: Please Read!
-Ghidra 11.3 is fully backward compatible with project data from previous releases. However, programs
+Ghidra 12.0 is fully backward compatible with project data from previous releases. However, programs
-and data type archives which are created or modified in 11.3 will not be usable by an earlier Ghidra
+and data type archives which are created or modified in 12.0 will not be usable by an earlier Ghidra
 version.
 
-**IMPORTANT:** Ghidra 11.3 requires at minimum JDK 21 to run.
+**IMPORTANT:** Ghidra 12.0 requires, at minimum, JDK 21 to run.
 
 **IMPORTANT:** To use the Debugger or do a full source distribution build, you will need Python3
 (3.9 to 3.13 supported) installed on your system.
@@ -35,18 +35,23 @@ for `CVE-2024-31083` in X.org software in April 2024 introduced a regression, wh
 in xwayland 23.2.6 and xorg-server 21.1.13.  If you experience any crashing of Ghidra, most likely
 causing a full logout, check if your xorg-server has been updated to at least the noted version.
 
-**NOTE:** Each build distribution will include native components (e.g., decompiler) for at least one
+**NOTE:** Each build distribution will include native components (e.g., Decompiler) for at least one
 platform (e.g., Windows x86-64). If you have another platform that is not included in the build
 distribution, you can build native components for your platform directly from the distribution.
-See the *Installation Guide* for additional information. Users running with older shared libraries
+See the *Getting Started* document for additional information. Users running with older shared 
-and operating systems (e.g., CentOS 7.x) may also run into compatibility errors when launching 
+libraries and operating systems (e.g., CentOS 7.x) may also run into compatibility errors when 
-native executables such as the Decompiler and GNU Demangler which may necessitate a rebuild of 
+launching native executables such as the Decompiler and GNU Demangler which may necessitate a 
-native components.
+rebuild of native components.
 
-**NOTE:** Ghidra Server: The Ghidra 11.x server is compatible with Ghidra 9.2 and later Ghidra
+**NOTE:** Ghidra Server: The Ghidra 12.0 server is compatible with Ghidra 9.2 and later Ghidra
-clients. Ghidra 11.x clients are compatible with all 10.x and 9.x servers.  Although, due to
+clients, although the presence of any newer link-files within a repository may not be handled properly
-potential Java version differences, it is recommended that Ghidra Server installations older than 
+by client versions prior to 12.0 which lack support for the new storage format.  Ghidra 12.0 clients
-10.2 be upgraded.  Those using 10.2 and newer should not need a server upgrade.
+that introduce new link-files into a project will not be able to add such files into version 
+control if connected to older Ghidra Server versions.  
+
+**NOTE:** Ghidra Server: Due to potential Java version differences, it is 
+recommended that Ghidra Server installations older than 10.2 be upgraded. Those using 10.2 and newer
+should not need a server upgrade unless they need to work with link-files within a shared repository.
 	
 **NOTE:** Programs imported with a Ghidra beta version or code built directly from source code
 outside of a release tag may not be compatible, and may have flaws that won't be corrected by using
@@ -59,111 +64,85 @@ process that will provide better results than prior Ghidra versions.  You might
 fresh import of any program you will continue to reverse engineer to see if the latest Ghidra 
 provides better results.
 
+## Project Link Files
+Support for link-files within a Ghidra Project has been significantly expanded with this release and
+with it a new file storage type has been introduced which can create some incompatibilities if
+projects and repositories containing such files are used by older version of Ghidra or the Ghidra 
+Server.
+
+Previously only external folder and file links were supported through the use of a Ghidra URL. With
+12.0 the ability to establish internal folder and file links has been introduced.  The new storage 
+format avoids the use of a database and relies only on a light-weight property file. Internal 
+project links also allow for either absolute or relative links.  Due to the fact that Ghidra allows 
+a folder or file to have the same pathname, some ambiguities can result.  It is highly recommended 
+that the use of conflicting folder and file pathnames be avoided.
+
+The use of internally linked folders and files allows batch import processing to more accurately
+reflect the native file-system and its use of symbolic links which allow for the same content to
+be referenced by multiple paths.  Allowing this within a Ghidra project can avoid the potential for
+importing content multiple times with the different paths and simply import once with additional 
+link-files which reference it.  How best to leverage links very much depends on the end-user's 
+needs and project file management preferences.  Special care must be taken when defining or 
+traversing link-files to avoid external and circular references.
+
+Additional Ghidra API methods have been provided or refined on the following classes to leverage 
+link-files: `DomainFolder`, `DomainFile`, `LinkFile`, `LinkHandler`, `DomainFileFilter`, 
+`DomainFileIterator`, etc.
+
+...TO BE CONTINUED...
+
+## Filesystem Mirroring
+An option has been added to mirror the local filesystem when importing programs and their libraries.
+Programs and libraries that exist on the local filesystem as symbolic links will have both their 
+corresponding link file and resolved program file mirrored in the project. Filesystem mirroring
+can also be used in headless mode with the new `-mirror` command line option.
+
 ## PyGhidra
-The PyGhidra Python library, originally developed by the Department of Defense Cyber Crime Center 
+PyGhidra 3.0.0 (compatible with Ghidra 12.0 and later) introduces many new Python-specific API 
-(DC3) under the name *Pyhidra*, is a Python library that provides direct access to the Ghidra API 
+methods with the goal of making the most common Ghidra tasks quick and easy, such as opening a 
-within a native CPython 3 interpreter using JPype. PyGhidra contains some conveniences for setting 
+project, getting a program, and running a GhidraScript. Legacy API functions such as 
-up analysis on a given sample and running a Ghidra script locally. It also contains a Ghidra plugin 
+`pyghidra.open_program()` and `pyghidra_run_script()` have been deprecated in favor of the new 
-to allow the use of CPython 3 from the Ghidra GUI.
+methods, which are outlined at https://pypi.org/project/pyghidra.
 
-To launch Ghidra in PyGhidra mode, run `./support/pyghidra` (or `support\pyghidra.bat`). See the
+The default Python scripting engine has been changed in Ghidra 12.0 from Jython to PyGhidra.
-*"PyGhidra Mode"* section of the *Installation Guide* and `Ghidra/Features/PyGhidra/README.html`
+Existing Jython scripts will need to include the `# @runtime Jython` script header in order to
-for more information.
+continue running within the Jython environment.
 
-## Visual Studio Code
+## Z3 Concolic Emulation and Symbolic Summary
-Ghidra 11.2 introduced a `VSCodeProjectScript.java` GhidraScript to assist in setting up Visual Studio Code
+We've added an experimental Z3-based symbolic emulator, which runs as an "auxiliary" domain to the 
-project folders for Ghidra module development and debugging. This GhidraScript has been replaced in 
+concrete emulator, effectively constructing what is commonly called a "concolic" emulator. The 
-Ghidra 11.3 by 2 new actions, accessible from a *CodeBrowser* tool:
+symbolic emulator creates Z3 expressions and branching constraints, but it only follows the path 
-+ *Tools -> Create VSCode Module Project...*
+determined by concrete emulation. This is most easily accessed by installing the "SymbolicSummaryZ3"
-+ "*Edit Script with Visual Studio Code*" button in the Script Manager
+extension (**File** -> **Install Extensions**) and then enabling the `Z3SummaryPlugin` in the 
+Debugger or Emulator tool, which includes a GUI for viewing and sorting through the results. The Z3
+emulator requires z3-4.13.0, available from https://github.com/Z3Prover/z3. Other versions may work,
+but our current test configuration uses 4.13.0. Depending on the release and your platform, the
+required libraries may be missing or incompatible. If this is the case, you will need to download
+Z3, or build it from source with Java bindings, and install the libraries into 
+`Ghidra/Extensions/SymbolicSummaryZ3/os/<platform>/`.
 
-The "*Create VSCode Module Project...*" action provides the same capability as the old
+## Emulation API
-`VSCodeProjectScript.java` GhidraScript, creating a Visual Studio Code project folder that contains a
+The `PcodeEmulator` and related API has undergone substantial changes in preparation for integrating
-skeleton module which can be used to build a variety of different Ghidra extension points
+our JIT-accelerated emulator into the GUI. Please see the **Notable API Changes** section of our 
-(Plugins, Analyzers, Loaders, etc). Launchers are also provided to run and debug the module in
+[Change History](ChangeHistory.md). The goal is to facilitate integration by composition; whereas, 
-Ghidra, as well as a Gradle task to export the module as a distributable Ghidra extension zip file.
+it had previously required inheritance, which is now considered poor design. Essentially, we've 
+introduced a set of callbacks that integrators can use to detect when certain things have happened
+in emulation, as well as offer some control of machine-state behavior; e.g., to facilitate lazily 
+loading from a snapshot.
 
-The "*Edit Script with Visual Studio Code*" button in the Script Manager enables quick editing and
+Extensions that currently integrate via inheritance can continue to do so, but will still need to
-debugging of the selected script in a Visual Studio Code workspace that is automatically created
+apply some minimal changes to satisfy interface and constructor changes. The developers of such
-behind the scenes in Ghidra's user settings directory. This provides a much snappier and modern
+extensions ought to consider porting their integrations to the compositional/callback-based
-alternative to Eclipse, while maintaining all of the core fuctionality you would expect from an IDE
+mechanism. A careful assessment may be required depending on the nature of the extension. Extensions
-(auto complete, hover, navigation, etc).
+that merely integrate with emulation should consider the compositional/callback-based mechanism. 
-
+Extensions that incorporate new domains (e.g. Z3) or novel behaviors (e.g. JIT) should continue 
-Ghidra will do its best to automatically locate your Visual Studio Code installation, but if cannot
+using inheritance.
-find it, it can be set via the Front-End GUI at *Edit -> Tool Options -> Visual Studio Code
-Integration*.
-
-## Debugger
-The old "IN-VM" and "GADP" launchers and connectors have been removed, as their replacement
-TraceRmi-based implementations have been satisfactorily completed. On that same note, the entire API
-and supporting code base for IN-VM and GADP connectors have been removed.
-
-We've begun to explore more kernel-level debugging. Our lldb connector can now debug the macOS 
-kernel, and our dbgeng connector can now debug a Windows kernel running in a VM via eXDI.
-
-## Emulator
-We have introduced a new accelerated p-code emulator that uses Jit-in-Time translation (JIT). 
-This is *not* currently integrated in the UI but is available for scripting and plugin developers. 
-Its implementation is named `JitPcodeEmulator`, and it's a near drop-in replacement for `PcodeEmulator`. 
-See its javadoc for usage and implementation details. The JIT emulator is very new, so there may 
-still be many bugs.
-
-## Source File Information
-Source file and line information can now be added to Ghidra using a Program's SourceFileManager. 
-The DWARF, PDB, and Go analyzers now record this information by default. Source information can also
-be added programmatically; see the example scripts in the *SourceMapping* script category. 
-Source information can be viewed in the *"Source Map"* Listing Field or the `SourceFilesTablePlugin`, 
-which is accessible from the Code Browser via *Window -> Source Files and Transforms*.
-
-The *"View Source..."* Listing action, enabled on addresses with source file information, opens a 
-source file at the correct line in either Eclipse or Visual Studio Code (there is a *"Source Files 
-and Transforms"* tool option to determine the viewer). The SourceFilesTablePlugin can be used to 
-modify the source file paths stored in the SourceFileManager before sending them to Eclipse or 
-Visual Studio Code.
-
-## Function Graph
-The Function Graph has had a number of improvements:
-+ Added new *"Flow Chart"* layouts
-+ Position of the satellite view can be configured
-+ Ctrl-Space toggles between the Listing and the Function Graph (starting fully zoomed in vs. fully
-  zoomed out is controlled by a Function Graph option)
-
-## String Translation and Text Search
-+ String translation has an additional translator available using the LibreTranslate service.
-  The LibreTranslate project (currently hosted at libretranslate.com) is an independent project
-  that provides an open source translation package that can be self-hosted, meaning you can translate
-  strings without sending them to a second party to translate, using an existing LibreTranslate server.
-  For more information search for LibreTranslate in the online Ghidra help pages.
-  **NOTE:** The LibreTranslate plugin is not enabled by default, and is added in the 
-  *File -> Configure* menu.
-
-+ The ability to search the text of all decompiled functions has been added.  Decompilation during
-  search occurs on the fly, so the latest decompilation results of all functions are used for the
-  search.  The search can take some time depending on the number and size of functions in your binary.
-  The new action can be found at *Search -> Decompiled Text...*.
-
-## Processors
-+ The x86 EVEX instruction write and read masking has been implemented for all AVX-512 instructions.
-  The handling of the mask is necessary as semantics are added for individual AVX-512 instructions.
-+ TI_MSP430 decompilation has been improved through numerous changes to the processor's compiler
-  specifications file.
-+ Corrected ARM VFPv2 instructions which were not disassembling correctly.
 
 ## Other Improvements
-+ Much of Ghidra's standalone documentation has been modernized to the Markdown format. Generated 
+ + Added the ability to toggle the displaying of function variables (parameters and locals) that are 
-  HTML versions are provided alongside the Markdown files for convenience. Converting all relevant
+   normally displayed just below the function signature. The variables display can be turned on/off 
-  documents to Markdown remains an ongoing process.  **NOTE:** There are no plans to convert the
+   globally or individually per function.
-  internal Ghidra help system to Markdown, as the Java Help library does not support it.
-+ Libraries can now be loaded into an already-imported program with the *File -> Load Libraries...*
-  action.
-+ The CParser macro pre-processing will now halt on *"#error"* directives.  This change had a ripple
-  effect and uncovered a myriad of bugs which have been addressed.  In addition, the interim parsing
-  output has been improved to allow easier diagnosis when problems in parsing occur due to incorrect
-  define values or other header file issues.
-+ Finally, a new `CreateUEFIGDTArchivesScript.java` parsing script has been added to parse UEFI header files
-  available from `github.com/tianocore/edk2`.  Using a script vice released pre-parsed GDT files allows the
-  end user to parse the correct version with a configuration fitting their needs.
 
 ## Additional Bug Fixes and Enhancements
 Numerous other new features, improvements, and bug fixes are fully listed in the 
-[Change History](ChangeHistory.html) file.
+[Change History](ChangeHistory.md) file.

Ghidra/Configurations/Public_Release/src/main/resources/defaultTools/CodeBrowser.tool

@@ -9,6 +9,7 @@
             <INCLUDE CLASS="ghidra.app.plugin.core.interpreter.InterpreterPanelPlugin" />
             <INCLUDE CLASS="ghidra.app.plugin.core.editor.TextEditorManagerPlugin" />
         </PACKAGE>
+	<PACKAGE NAME="BSim" />
         <ROOT_NODE X_POS="409" Y_POS="179" WIDTH="1637" HEIGHT="931" EX_STATE="0" FOCUSED_OWNER="CodeBrowserPlugin" FOCUSED_NAME="Listing" FOCUSED_TITLE="Listing: ">
             <SPLIT_NODE WIDTH="1621" HEIGHT="816" DIVIDER_LOCATION="148" ORIENTATION="VERTICAL">
                 <COMPONENT_NODE TOP_INFO="0">

Ghidra/Debug/Debugger-agent-dbgeng/build.gradle

@@ -13,6 +13,9 @@
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
+// Not technically a Java project, but required to be a Help project
+apply from: "${rootProject.projectDir}/gradle/javaProject.gradle"
+apply from: "${rootProject.projectDir}/gradle/helpProject.gradle"
 apply from: "$rootProject.projectDir/gradle/distributableGhidraModule.gradle"
 apply from: "$rootProject.projectDir/gradle/nativeProject.gradle"
 apply from: "$rootProject.projectDir/gradle/hasPythonPackage.gradle"
@@ -20,20 +23,36 @@ apply from: "$rootProject.projectDir/gradle/hasPythonPackage.gradle"
 apply plugin: 'eclipse'
 eclipse.project.name = 'Debug Debugger-agent-dbgeng'
 
-ext.tlb = file("build/os/win_x86_64/dbgmodel.tlb")
+dependencies {
+	// Only for Help :/
+	api project(':Debugger-rmi-trace')
+}
 
-if ("win_x86_64".equals(getCurrentPlatformName())) {
+def tlb = file("build/os/win_x86_64/dbgmodel.tlb")
+def depsFile = file("${DEPS_DIR}/Debugger-agent-dbgeng/dbgmodel.tlb")
+def binRepoFile = file("${BIN_REPO}/${getGhidraRelativePath(project)}/os/win_x86_64/dbgmodel.tlb")
+
+tasks.assemblePyPackage {
+	def prebuiltTlb = depsFile.exists() ? depsFile : (binRepoFile.exists() ? binRepoFile : null)
+	assert prebuiltTlb != null : "Failed to locate prebuilt TLB file"
+
+	from(prebuiltTlb) {
+		into("src/ghidradbg/dbgmodel/tlb")
+	}
+}
+
+task buildTlb(type: Exec) {
+
+	def tmpBatch = file("build/buildTlb.bat")
+	def idl = file("src/main/py/src/ghidradbg/dbgmodel/DbgModel.idl")
 	
-	String makeName = "win_x86_64DbgmodelTlbMake"
-	task(type: Exec, makeName) {
-		ext.tmpBatch = file("build/buildTlb.bat")
-		ext.idl = file("src/main/py/src/ghidradbg/dbgmodel/DbgModel.idl")
 	inputs.file(idl)
 	outputs.file(tlb)
 
 	doFirst {
+		assert isCurrentX86_64() && isCurrentWindows() : "Can only build TLB on Windows x86"
 		file(tlb).parentFile.mkdirs()
-			def midlCmd = "midl /tlb ${tlb} ${idl}"
+		def midlCmd = "midl /tlb \"${tlb}\" \"${idl}\""
 		println "Executing: " + midlCmd
 
 		tmpBatch.withWriter { out ->
@@ -41,6 +60,7 @@ if ("win_x86_64".equals(getCurrentPlatformName())) {
 			out.println midlCmd
 		}
 	}
+
 	doLast {
 		assert file(tlb).exists() : "Failed to build dbgmodel.tlb"
 	}
@@ -48,33 +68,16 @@ if ("win_x86_64".equals(getCurrentPlatformName())) {
 	commandLine "cmd", "/c", tmpBatch
 }
 
-	tasks.assemblePyPackage {
+task prebuildTlb(type: Copy) {
-		from(tasks."$makeName") {
+
-			into("src/ghidradbg/dbgmodel/tlb")
+	dependsOn buildTlb
-		}
+
-	}	
+	from tlb
-}
+	into binRepoFile.parentFile
-else if (file(tlb).exists()) {
+
-	// required for multi-platform build
+	doFirst {
-	tasks.assemblePyPackage {
+		assert file(BIN_REPO).exists() : "Bin repo doesn't exist"
-		from(tlb) {
+		file(binRepoFile).parentFile.mkdirs()
-			println "Copying existing tlb build artifact: " + tlb
-			into("src/ghidradbg/dbgmodel/tlb")
-		}
-	}
-}
-else {
-	def prebuiltTlb = new File(rootProject.BIN_REPO + '/' + getGhidraRelativePath(project) + "/os/win_x86_64/dbgmodel.tlb")
-	if (prebuiltTlb.exists()) {
-		println "Copying prebuilt dbgmodel.tlb"
-		tasks.assemblePyPackage {
-			from(rootProject.BIN_REPO + '/' + getGhidraRelativePath(project) + "/os/win_x86_64/dbgmodel.tlb") {
-				into("src/ghidradbg/dbgmodel/tlb")
-			}
-		}
-	}
-	else {
-		println "WARNING: dbgmodel.tlb omitted from ghidradbg python package"
 	}
 }
 

Ghidra/Debug/Debugger-agent-dbgeng/certification.manifest

@@ -3,17 +3,13 @@
 ##MODULE IP: MIT
 Module.manifest||GHIDRA||||END|
 README.md||GHIDRA||||END|
-data/debugger-launchers/kernel-dbgeng.bat||GHIDRA||||END|
+src/main/help/help/TOC_Source.xml||GHIDRA||||END|
-data/debugger-launchers/local-dbgeng-attach.bat||GHIDRA||||END|
+src/main/help/help/topics/dbgeng/dbgeng.html||GHIDRA||||END|
-data/debugger-launchers/local-dbgeng-ext.bat||GHIDRA||||END|
-data/debugger-launchers/local-dbgeng.bat||GHIDRA||||END|
-data/debugger-launchers/local-ttd.bat||GHIDRA||||END|
-data/debugger-launchers/remote-dbgeng.bat||GHIDRA||||END|
 src/main/py/LICENSE||GHIDRA||||END|
 src/main/py/MANIFEST.in||GHIDRA||||END|
 src/main/py/README.md||GHIDRA||||END|
 src/main/py/pyproject.toml||GHIDRA||||END|
 src/main/py/src/ghidradbg/dbgmodel/DbgModel.idl||GHIDRA||||END|
+src/main/py/src/ghidradbg/py.typed||GHIDRA||||END|
 src/main/py/src/ghidradbg/schema.xml||GHIDRA||||END|
 src/main/py/src/ghidradbg/schema_exdi.xml||GHIDRA||||END|
-src/main/py/src/ghidrattd/schema.xml||GHIDRA||||END|

Ghidra/Debug/Debugger-agent-dbgeng/data/debugger-launchers/kernel-dbgeng.bat

@@ -1,4 +1,19 @@
-::@title dbgeng-kernel
+:: ###
+:: IP: GHIDRA
+::
+:: Licensed under the Apache License, Version 2.0 (the "License");
+:: you may not use this file except in compliance with the License.
+:: You may obtain a copy of the License at
+::
+::      http://www.apache.org/licenses/LICENSE-2.0
+::
+:: Unless required by applicable law or agreed to in writing, software
+:: distributed under the License is distributed on an "AS IS" BASIS,
+:: WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+:: See the License for the specific language governing permissions and
+:: limitations under the License.
+:: ##
+::@title dbgeng kernel
 ::@desc <html><body width="300px">
 ::@desc   <h3>Kernel debugging using <tt>dbgeng</tt> (in a Python interpreter)</h3>
 ::@desc   <p>
@@ -6,13 +21,14 @@
 ::@desc     For setup instructions, press <b>F1</b>.
 ::@desc   </p>
 ::@desc </body></html>
-::@menu-group local
+::@menu-group dbgeng
 ::@icon icon.debugger
-::@help TraceRmiLauncherServicePlugin#dbgeng_kernel
+::@help dbgeng#win_kernel
+::@depends Debugger-rmi-trace
 ::@enum Connection:str Remote Local EXDI
 ::@env OPT_PYTHON_EXE:file!="python" "Python command" "The path to the Python 3 interpreter. Omit the full path to resolve using the system PATH."
 :: Use env instead of args, because "all args except first" is terrible to implement in batch
-::@env OPT_TARGET_ARGS:str="" "Arguments" "Connection-string arguments (a la .server)"
+::@env OPT_KCONNECT_STRING:str="" "Arguments" "Connection-string arguments (a la .server)"
 ::@env OPT_TARGET_FLAGS:Connection="Remote" "Type" "Type/flags for connection (Remote/Local/EXDI)."
 ::@env OPT_USE_DBGMODEL:bool=true "Use dbgmodel" "Load and use dbgmodel.dll if it is available."
 ::@env WINDBG_DIR:dir="" "Path to dbgeng.dll directory" "Path containing dbgeng and associated DLLS (if not Windows Kits)."

Ghidra/Debug/Debugger-agent-dbgeng/data/debugger-launchers/local-dbgeng-attach.bat

@@ -1,4 +1,19 @@
-::@title dbgeng-attach
+:: ###
+:: IP: GHIDRA
+::
+:: Licensed under the Apache License, Version 2.0 (the "License");
+:: you may not use this file except in compliance with the License.
+:: You may obtain a copy of the License at
+::
+::      http://www.apache.org/licenses/LICENSE-2.0
+::
+:: Unless required by applicable law or agreed to in writing, software
+:: distributed under the License is distributed on an "AS IS" BASIS,
+:: WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+:: See the License for the specific language governing permissions and
+:: limitations under the License.
+:: ##
+::@title dbgeng attach
 ::@desc <html><body width="300px">
 ::@desc   <h3>Attach with <tt>dbgeng</tt> (in a Python interpreter)</h3>
 ::@desc   <p>
@@ -6,9 +21,10 @@
 ::@desc     For setup instructions, press <b>F1</b>.
 ::@desc   </p>
 ::@desc </body></html>
-::@menu-group local
+::@menu-group dbgeng
 ::@icon icon.debugger
-::@help TraceRmiLauncherServicePlugin#dbgeng_attach
+::@help dbgeng#attach
+::@depends Debugger-rmi-trace
 ::@env OPT_PYTHON_EXE:file!="python" "Python command" "The path to the Python 3 interpreter. Omit the full path to resolve using the system PATH."
 ::@env OPT_TARGET_PID:int=0 "Process id" "The target process id"
 ::@env OPT_ATTACH_FLAGS:int=0 "Attach flags" "Attach flags"

Ghidra/Debug/Debugger-agent-dbgeng/data/debugger-launchers/local-dbgeng-ext.bat

@@ -1,4 +1,19 @@
-::@title dbgeng-ext
+:: ###
+:: IP: GHIDRA
+::
+:: Licensed under the Apache License, Version 2.0 (the "License");
+:: you may not use this file except in compliance with the License.
+:: You may obtain a copy of the License at
+::
+::      http://www.apache.org/licenses/LICENSE-2.0
+::
+:: Unless required by applicable law or agreed to in writing, software
+:: distributed under the License is distributed on an "AS IS" BASIS,
+:: WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+:: See the License for the specific language governing permissions and
+:: limitations under the License.
+:: ##
+::@title dbgeng extra options
 ::@image-opt env:OPT_TARGET_IMG
 ::@desc <html><body width="300px">
 ::@desc   <h3>Launch with <tt>dbgeng</tt> (in a Python interpreter)</h3>
@@ -7,12 +22,13 @@
 ::@desc     For setup instructions, press <b>F1</b>.
 ::@desc   </p>
 ::@desc </body></html>
-::@menu-group local
+::@menu-group dbgeng
 ::@icon icon.debugger
-::@help TraceRmiLauncherServicePlugin#dbgeng_ext
+::@help dbgeng#ext
+::@depends Debugger-rmi-trace
 ::@env OPT_PYTHON_EXE:file!="python" "Python command" "The path to the Python 3 interpreter. Omit the full path to resolve using the system PATH."
 :: Use env instead of args, because "all args except first" is terrible to implement in batch
-::@env OPT_TARGET_IMG:file!="" "Image" "The target binary executable image"
+::@env OPT_TARGET_IMG:file="" "Image" "The target binary executable image"
 ::@env OPT_TARGET_ARGS:str="" "Arguments" "Command-line arguments to pass to the target"
 ::@env OPT_USE_DBGMODEL:bool=true "Use dbgmodel" "Load and use dbgmodel.dll if it is available."
 ::@env WINDBG_DIR:dir="" "Path to dbgeng.dll directory" "Path containing dbgeng and associated DLLS (if not Windows Kits)."
@@ -21,6 +37,7 @@
 ::@env OPT_CREATE_FLAGS:int="1" "Create flags" "Creation flags"
 ::@env OPT_CREATE_ENGFLAGS:int="0" "Create flags (Engine)" "Engine-specific creation flags"
 ::@env OPT_VERIFIER_FLAGS:int="0" "Verifier flags" "Verifier flags"
+::@env OPT_ENG_OPTIONS:int="0x20" "Engine options" "Options for AddEngineOptions (e.g. INITIAL_BREAK=0x20)"
 
 @echo off
 

Ghidra/Debug/Debugger-agent-dbgeng/data/debugger-launchers/local-dbgeng-trace.bat

@@ -0,0 +1,37 @@
+:: ###
+:: IP: GHIDRA
+::
+:: Licensed under the Apache License, Version 2.0 (the "License");
+:: you may not use this file except in compliance with the License.
+:: You may obtain a copy of the License at
+::
+::      http://www.apache.org/licenses/LICENSE-2.0
+::
+:: Unless required by applicable law or agreed to in writing, software
+:: distributed under the License is distributed on an "AS IS" BASIS,
+:: WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+:: See the License for the specific language governing permissions and
+:: limitations under the License.
+:: ##
+::@title dbgeng TTD
+::@desc <html><body width="300px">
+::@desc   <h3>Open trace with <tt>dbgeng</tt> (in a Python interpreter)</h3>
+::@desc   <p>
+::@desc     This will open a WinDbg TTD trace of the target on the local machine using <tt>dbgeng.dll</tt>.
+::@desc     For setup instructions, press <b>F1</b>.
+::@desc   </p>
+::@desc </body></html>
+::@menu-group dbgeng
+::@icon icon.debugger
+::@help dbgeng#ttd
+::@depends Debugger-rmi-trace
+::@env OPT_PYTHON_EXE:file!="python" "Python command" "The path to the Python 3 interpreter. Omit the full path to resolve using the system PATH."
+:: Use env instead of args, because "all args except first" is terrible to implement in batch
+::@env OPT_TARGET_TRACE:file="" "Trace (.run)" "The target trace image"
+::@env OPT_USE_DBGMODEL:bool=true "Use dbgmodel" "Load and use dbgmodel.dll if it is available."
+::@env WINDBG_DIR:dir="" "Path to dbgeng.dll directory" "Path containing dbgeng and associated DLLS (if not Windows Kits)."
+
+@echo off
+
+set USE_TTD=true
+"%OPT_PYTHON_EXE%" -i ..\support\local-dbgeng-trace.py

Ghidra/Debug/Debugger-agent-dbgeng/data/debugger-launchers/local-dbgeng.bat

@@ -1,3 +1,18 @@
+:: ###
+:: IP: GHIDRA
+::
+:: Licensed under the Apache License, Version 2.0 (the "License");
+:: you may not use this file except in compliance with the License.
+:: You may obtain a copy of the License at
+::
+::      http://www.apache.org/licenses/LICENSE-2.0
+::
+:: Unless required by applicable law or agreed to in writing, software
+:: distributed under the License is distributed on an "AS IS" BASIS,
+:: WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+:: See the License for the specific language governing permissions and
+:: limitations under the License.
+:: ##
 ::@title dbgeng
 ::@image-opt env:OPT_TARGET_IMG
 ::@desc <html><body width="300px">
@@ -7,12 +22,13 @@
 ::@desc     For setup instructions, press <b>F1</b>.
 ::@desc   </p>
 ::@desc </body></html>
-::@menu-group local
+::@menu-group dbgeng
 ::@icon icon.debugger
-::@help TraceRmiLauncherServicePlugin#dbgeng
+::@help dbgeng#local
+::@depends Debugger-rmi-trace
 ::@env OPT_PYTHON_EXE:file!="python" "Python command" "The path to the Python 3 interpreter. Omit the full path to resolve using the system PATH."
 :: Use env instead of args, because "all args except first" is terrible to implement in batch
-::@env OPT_TARGET_IMG:file!="" "Image" "The target binary executable image"
+::@env OPT_TARGET_IMG:file="" "Image" "The target binary executable image"
 ::@env OPT_TARGET_ARGS:str="" "Arguments" "Command-line arguments to pass to the target"
 ::@env OPT_USE_DBGMODEL:bool=true "Use dbgmodel" "Load and use dbgmodel.dll if it is available."
 ::@env WINDBG_DIR:dir="" "Path to dbgeng.dll directory" "Path containing dbgeng and associated DLLS (if not Windows Kits)."

Ghidra/Debug/Debugger-agent-dbgeng/data/debugger-launchers/local-ttd.bat

@@ -1,21 +0,0 @@
-::@title ttd
-::@desc <html><body width="300px">
-::@desc   <h3>Launch with <tt>ttd</tt> (in a Python interpreter)</h3>
-::@desc   <p>
-::@desc     This will launch the target on the local machine for time-travel debugging.
-::@desc     For setup instructions, press <b>F1</b>.
-::@desc   </p>
-::@desc </body></html>
-::@menu-group local
-::@icon icon.debugger
-::@help TraceRmiLauncherServicePlugin#dbgeng_ttd
-::@env OPT_PYTHON_EXE:file!="python" "Python command" "The path to the Python 3 interpreter. Omit the full path to resolve using the system PATH."
-:: Use env instead of args, because "all args except first" is terrible to implement in batch
-::@env OPT_TARGET_IMG:file!="" "Trace (.run)" "A trace associated with the target binary executable"
-::@env OPT_TARGET_ARGS:str="" "Arguments" "Command-line arguments to pass to the target"
-::@env OPT_USE_DBGMODEL:bool=true "Use dbgmodel" "Load and use dbgmodel.dll if it is available."
-::@env OPT_DBGMODEL_PATH:dir="" "Path to dbgeng.dll & \\ttd" "Path containing dbgeng and associated DLLS (if not Windows Kits)."
-
-@echo off
-
-"%OPT_PYTHON_EXE%" -i ..\support\local-ttd.py

Ghidra/Debug/Debugger-agent-dbgeng/data/debugger-launchers/remote-dbgeng.bat

@@ -1,21 +1,32 @@
-::@title dbgeng-remote
+:: ###
-::@image-opt env:OPT_TARGET_IMG
+:: IP: GHIDRA
+::
+:: Licensed under the Apache License, Version 2.0 (the "License");
+:: you may not use this file except in compliance with the License.
+:: You may obtain a copy of the License at
+::
+::      http://www.apache.org/licenses/LICENSE-2.0
+::
+:: Unless required by applicable law or agreed to in writing, software
+:: distributed under the License is distributed on an "AS IS" BASIS,
+:: WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+:: See the License for the specific language governing permissions and
+:: limitations under the License.
+:: ##
+::@title dbgeng remote
 ::@desc <html><body width="300px">
-::@desc   <h3>Launch with <tt>dbgeng</tt> remotely (in a Python interpreter)</h3>
+::@desc   <h3>Connect to a remote debugger (via the .server interface)</h3>
 ::@desc   <p>
-::@desc     This will launch the target on a remote machine using <tt>dbgeng.dll</tt>.
+::@desc     This will connect to a remote machine using the .server interface.
 ::@desc     For setup instructions, press <b>F1</b>.
 ::@desc   </p>
 ::@desc </body></html>
-::@menu-group local
+::@menu-group dbgeng
 ::@icon icon.debugger
-::@help TraceRmiLauncherServicePlugin#dbgeng_remote
+::@help dbgeng#remote
+::@depends Debugger-rmi-trace
 ::@env OPT_PYTHON_EXE:file!="python" "Python command" "The path to the Python 3 interpreter. Omit the full path to resolve using the system PATH."
-:: Use env instead of args, because "all args except first" is terrible to implement in batch
+::@env OPT_CONNECT_STRING:str="" "Connection" "Connection-string arguments (a la .server)"
-::@env OPT_TARGET_IMG:str!="" "Image" "The target binary executable image"
-::@env OPT_TARGET_ARGS:str="" "Arguments" "Command-line arguments to pass to the target"
-::@env OPT_CONNECT_STRING:str="" "Connection" "Connection-string arguments (a la dbgsrv args)"
-::@env OPT_USE_DBGMODEL:bool=true "Use dbgmodel" "Load and use dbgmodel.dll if it is available."
 ::@env WINDBG_DIR:dir="" "Path to dbgeng.dll directory" "Path containing dbgeng and associated DLLS (if not Windows Kits)."
 
 @echo off

Ghidra/Debug/Debugger-agent-dbgeng/data/debugger-launchers/svrcx-dbgeng.bat

@@ -0,0 +1,39 @@
+:: ###
+:: IP: GHIDRA
+::
+:: Licensed under the Apache License, Version 2.0 (the "License");
+:: you may not use this file except in compliance with the License.
+:: You may obtain a copy of the License at
+::
+::      http://www.apache.org/licenses/LICENSE-2.0
+::
+:: Unless required by applicable law or agreed to in writing, software
+:: distributed under the License is distributed on an "AS IS" BASIS,
+:: WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+:: See the License for the specific language governing permissions and
+:: limitations under the License.
+:: ##
+::@title dbgeng svrcx
+::@image-opt env:OPT_TARGET_IMG
+::@desc <html><body width="300px">
+::@desc   <h3>Connect to a remote <tt>dbgeng</tt> connection server and launch the target (in a Python interpreter)</h3>
+::@desc   <p>
+::@desc     This will launch the target via a connection server on a remote machine.
+::@desc     For setup instructions, press <b>F1</b>.
+::@desc   </p>
+::@desc </body></html>
+::@menu-group dbgeng
+::@icon icon.debugger
+::@help dbgeng#svrcx
+::@depends Debugger-rmi-trace
+::@env OPT_PYTHON_EXE:file!="python" "Python command" "The path to the Python 3 interpreter. Omit the full path to resolve using the system PATH."
+:: Use env instead of args, because "all args except first" is terrible to implement in batch
+::@env OPT_TARGET_IMG:str="" "Image" "The target binary executable image"
+::@env OPT_TARGET_ARGS:str="" "Arguments" "Command-line arguments to pass to the target"
+::@env OPT_CONNECT_STRING:str="" "Connection" "Connection-string arguments (a la dbgsrv args)"
+::@env OPT_USE_DBGMODEL:bool=true "Use dbgmodel" "Load and use dbgmodel.dll if it is available."
+::@env WINDBG_DIR:dir="" "Path to dbgeng.dll directory" "Path containing dbgeng and associated DLLS (if not Windows Kits)."
+
+@echo off
+
+"%OPT_PYTHON_EXE%" -i ..\support\svrcx-dbgeng.py

Ghidra/Debug/Debugger-agent-dbgeng/data/support/kernel-dbgeng.py

@@ -17,25 +17,17 @@
 import os
 import sys
 
-home = os.getenv('GHIDRA_HOME')
 
-if os.path.isdir(f'{home}\\ghidra\\.git'):
+def append_paths():
     sys.path.append(
-        f'{home}\\ghidra\\Ghidra\\Debug\\Debugger-agent-dbgeng\\build\\pypkg\\src')
+        f"{os.getenv('MODULE_Debugger_rmi_trace_HOME')}/data/support")
-    sys.path.append(
+    from gmodutils import ghidra_module_pypath
-        f'{home}\\ghidra\\Ghidra\\Debug\\Debugger-rmi-trace\\build\\pypkg\\src')
+    sys.path.append(ghidra_module_pypath("Debugger-rmi-trace"))
-elif os.path.isdir(f'{home}\\.git'):
+    sys.path.append(ghidra_module_pypath())
-    sys.path.append(
-        f'{home}\\Ghidra\\Debug\\Debugger-agent-dbgeng\\build\\pypkg\\src')
-    sys.path.append(
-        f'{home}\\Ghidra\\Debug\\Debugger-rmi-trace\\build\\pypkg\\src')
-else:
-    sys.path.append(
-        f'{home}\\Ghidra\\Debug\\Debugger-agent-dbgeng\\pypkg\\src')
-    sys.path.append(f'{home}\\Ghidra\\Debug\\Debugger-rmi-trace\\pypkg\\src')
 
 
 def main():
+    append_paths()
     # Delay these imports until sys.path is patched
     from ghidradbg import commands as cmd
     from ghidradbg import util
@@ -57,7 +49,7 @@ def main():
         print(f"RegMapFile: {os.getenv('EXDI_SYSTEM_REGISTERS_MAP_XML_FILE')}")
         util.set_convenience_variable('output-radix', 16)
         flags = 2
-    args = os.getenv('OPT_TARGET_ARGS')
+    args = os.getenv('OPT_KCONNECT_STRING')
     cmd.ghidra_trace_attach_kernel(args, flags, start_trace=False)
 
     # TODO: HACK
@@ -70,9 +62,14 @@ def main():
     cmd.ghidra_trace_start("System")
     cmd.ghidra_trace_sync_enable()
 
-    on_state_changed(DbgEng.DEBUG_CES_EXECUTION_STATUS, DbgEng.DEBUG_STATUS_BREAK)
+    on_state_changed(DbgEng.DEBUG_CES_EXECUTION_STATUS,
+                     DbgEng.DEBUG_STATUS_BREAK)
     cmd.repl()
 
 
 if __name__ == '__main__':
+    try:
         main()
+    except SystemExit as x:
+        if x.code != 0:
+            print(f"Exited with code {x.code}")

Ghidra/Debug/Debugger-agent-dbgeng/data/support/local-dbgeng-attach.py

@@ -18,25 +18,16 @@ import os
 import sys
 
 
-home = os.getenv('GHIDRA_HOME')
+def append_paths():
-
-if os.path.isdir(f'{home}\\ghidra\\.git'):
     sys.path.append(
-        f'{home}\\ghidra\\Ghidra\\Debug\\Debugger-agent-dbgeng\\build\\pypkg\\src')
+        f"{os.getenv('MODULE_Debugger_rmi_trace_HOME')}/data/support")
-    sys.path.append(
+    from gmodutils import ghidra_module_pypath
-        f'{home}\\ghidra\\Ghidra\\Debug\\Debugger-rmi-trace\\build\\pypkg\\src')
+    sys.path.append(ghidra_module_pypath("Debugger-rmi-trace"))
-elif os.path.isdir(f'{home}\\.git'):
+    sys.path.append(ghidra_module_pypath())
-    sys.path.append(
-        f'{home}\\Ghidra\\Debug\\Debugger-agent-dbgeng\\build\\pypkg\\src')
-    sys.path.append(
-        f'{home}\\Ghidra\\Debug\\Debugger-rmi-trace\\build\\pypkg\\src')
-else:
-    sys.path.append(
-        f'{home}\\Ghidra\\Debug\\Debugger-agent-dbgeng\\pypkg\\src')
-    sys.path.append(f'{home}\\Ghidra\\Debug\\Debugger-rmi-trace\\pypkg\\src')
 
 
 def main():
+    append_paths()
     # Delay these imports until sys.path is patched
     from ghidradbg import commands as cmd
     from pybag.dbgeng import core as DbgEng
@@ -61,9 +52,14 @@ def main():
     cmd.ghidra_trace_start(os.getenv('OPT_TARGET_IMG'))
     cmd.ghidra_trace_sync_enable()
 
-    on_state_changed(DbgEng.DEBUG_CES_EXECUTION_STATUS, DbgEng.DEBUG_STATUS_BREAK)
+    on_state_changed(DbgEng.DEBUG_CES_EXECUTION_STATUS,
+                     DbgEng.DEBUG_STATUS_BREAK)
     cmd.repl()
 
 
 if __name__ == '__main__':
+    try:
         main()
+    except SystemExit as x:
+        if x.code != 0:
+            print(f"Exited with code {x.code}")

Ghidra/Debug/Debugger-agent-dbgeng/data/support/local-dbgeng-ext.py

@@ -18,25 +18,16 @@ import os
 import sys
 
 
-home = os.getenv('GHIDRA_HOME')
+def append_paths():
-
-if os.path.isdir(f'{home}\\ghidra\\.git'):
     sys.path.append(
-        f'{home}\\ghidra\\Ghidra\\Debug\\Debugger-agent-dbgeng\\build\\pypkg\\src')
+        f"{os.getenv('MODULE_Debugger_rmi_trace_HOME')}/data/support")
-    sys.path.append(
+    from gmodutils import ghidra_module_pypath
-        f'{home}\\ghidra\\Ghidra\\Debug\\Debugger-rmi-trace\\build\\pypkg\\src')
+    sys.path.append(ghidra_module_pypath("Debugger-rmi-trace"))
-elif os.path.isdir(f'{home}\\.git'):
+    sys.path.append(ghidra_module_pypath())
-    sys.path.append(
-        f'{home}\\Ghidra\\Debug\\Debugger-agent-dbgeng\\build\\pypkg\\src')
-    sys.path.append(
-        f'{home}\\Ghidra\\Debug\\Debugger-rmi-trace\\build\\pypkg\\src')
-else:
-    sys.path.append(
-        f'{home}\\Ghidra\\Debug\\Debugger-agent-dbgeng\\pypkg\\src')
-    sys.path.append(f'{home}\\Ghidra\\Debug\\Debugger-rmi-trace\\pypkg\\src')
 
 
 def main():
+    append_paths()
     # Delay these imports until sys.path is patched
     from ghidradbg import commands as cmd
     from pybag.dbgeng import core as DbgEng
@@ -51,13 +42,20 @@ def main():
     args = os.getenv('OPT_TARGET_ARGS')
     if args:
         args = ' ' + args
+    target = os.getenv('OPT_TARGET_IMG')
+    if target is None or target == "":
+        print("dbgeng requires a target image - please try again.")
+        cmd.ghidra_trace_disconnect()
+        return
+
     cmd.ghidra_trace_create_ext(
-        os.getenv('OPT_TARGET_IMG') + args, 
+        target + args,
         os.getenv('OPT_TARGET_DIR'),
         os.getenv('OPT_TARGET_ENV'),
         os.getenv('OPT_CREATE_FLAGS'),
         os.getenv('OPT_CREATE_ENGFLAGS'),
         os.getenv('OPT_VERIFIER_FLAGS'),
+        os.getenv('OPT_ENG_OPTIONS'),
         start_trace=False)
 
     # TODO: HACK
@@ -66,12 +64,17 @@ def main():
     except KeyboardInterrupt as ki:
         dbg.interrupt()
 
-    cmd.ghidra_trace_start(os.getenv('OPT_TARGET_IMG'))
+    cmd.ghidra_trace_start(target)
     cmd.ghidra_trace_sync_enable()
 
-    on_state_changed(DbgEng.DEBUG_CES_EXECUTION_STATUS, DbgEng.DEBUG_STATUS_BREAK)
+    on_state_changed(DbgEng.DEBUG_CES_EXECUTION_STATUS,
+                     DbgEng.DEBUG_STATUS_BREAK)
     cmd.repl()
 
 
 if __name__ == '__main__':
+    try:
         main()
+    except SystemExit as x:
+        if x.code != 0:
+            print(f"Exited with code {x.code}")

Ghidra/Debug/Debugger-agent-dbgeng/data/support/local-dbgeng-trace.py

@@ -0,0 +1,71 @@
+## ###
+# IP: GHIDRA
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+##
+
+import os
+import sys
+
+
+def append_paths():
+    sys.path.append(
+        f"{os.getenv('MODULE_Debugger_rmi_trace_HOME')}/data/support")
+    from gmodutils import ghidra_module_pypath
+    sys.path.append(ghidra_module_pypath("Debugger-rmi-trace"))
+    sys.path.append(ghidra_module_pypath())
+
+
+def main():
+    append_paths()
+    # Delay these imports until sys.path is patched
+    from ghidradbg import commands as cmd
+    from pybag.dbgeng import core as DbgEng
+    from ghidradbg.hooks import on_state_changed
+    from ghidradbg.util import dbg
+
+    # So that the user can re-enter by typing repl()
+    global repl
+    repl = cmd.repl
+
+    cmd.ghidra_trace_connect(os.getenv('GHIDRA_TRACE_RMI_ADDR'))
+    target = os.getenv('OPT_TARGET_TRACE')
+    if target is None or target == "":
+        print("dbgeng requires a target trace - please try again.")
+        cmd.ghidra_trace_disconnect()
+        return
+
+    cmd.ghidra_trace_open(target, start_trace=False)
+
+    # TODO: HACK
+    # Also, the wait() must precede sync_enable() or else PROC_STATE will
+    # contain the wrong PID, and later events will get snuffed
+    try:
+        dbg.wait()
+    except KeyboardInterrupt as ki:
+        dbg.interrupt()
+
+    cmd.ghidra_trace_start(target)
+    cmd.ghidra_trace_sync_enable()
+
+    on_state_changed(DbgEng.DEBUG_CES_EXECUTION_STATUS,
+                     DbgEng.DEBUG_STATUS_BREAK)
+    cmd.repl()
+
+
+if __name__ == '__main__':
+    try:
+        main()
+    except SystemExit as x:
+        if x.code != 0:
+            print(f"Exited with code {x.code}")

Ghidra/Debug/Debugger-agent-dbgeng/data/support/local-dbgeng.py

@@ -18,25 +18,16 @@ import os
 import sys
 
 
-home = os.getenv('GHIDRA_HOME')
+def append_paths():
-
-if os.path.isdir(f'{home}\\ghidra\\.git'):
     sys.path.append(
-        f'{home}\\ghidra\\Ghidra\\Debug\\Debugger-agent-dbgeng\\build\\pypkg\\src')
+        f"{os.getenv('MODULE_Debugger_rmi_trace_HOME')}/data/support")
-    sys.path.append(
+    from gmodutils import ghidra_module_pypath
-        f'{home}\\ghidra\\Ghidra\\Debug\\Debugger-rmi-trace\\build\\pypkg\\src')
+    sys.path.append(ghidra_module_pypath("Debugger-rmi-trace"))
-elif os.path.isdir(f'{home}\\.git'):
+    sys.path.append(ghidra_module_pypath())
-    sys.path.append(
-        f'{home}\\Ghidra\\Debug\\Debugger-agent-dbgeng\\build\\pypkg\\src')
-    sys.path.append(
-        f'{home}\\Ghidra\\Debug\\Debugger-rmi-trace\\build\\pypkg\\src')
-else:
-    sys.path.append(
-        f'{home}\\Ghidra\\Debug\\Debugger-agent-dbgeng\\pypkg\\src')
-    sys.path.append(f'{home}\\Ghidra\\Debug\\Debugger-rmi-trace\\pypkg\\src')
 
 
 def main():
+    append_paths()
     # Delay these imports until sys.path is patched
     from ghidradbg import commands as cmd
     from pybag.dbgeng import core as DbgEng
@@ -51,8 +42,13 @@ def main():
     args = os.getenv('OPT_TARGET_ARGS')
     if args:
         args = ' ' + args
-    cmd.ghidra_trace_create(
+    target = os.getenv('OPT_TARGET_IMG')
-        os.getenv('OPT_TARGET_IMG') + args, start_trace=False)
+    if target is None or target == "":
+        print("dbgeng requires a target image - please try again.")
+        cmd.ghidra_trace_disconnect()
+        return
+
+    cmd.ghidra_trace_create(target + args, start_trace=False)
 
     # TODO: HACK
     try:
@@ -60,12 +56,17 @@ def main():
     except KeyboardInterrupt as ki:
         dbg.interrupt()
 
-    cmd.ghidra_trace_start(os.getenv('OPT_TARGET_IMG'))
+    cmd.ghidra_trace_start(target)
     cmd.ghidra_trace_sync_enable()
 
-    on_state_changed(DbgEng.DEBUG_CES_EXECUTION_STATUS, DbgEng.DEBUG_STATUS_BREAK)
+    on_state_changed(DbgEng.DEBUG_CES_EXECUTION_STATUS,
+                     DbgEng.DEBUG_STATUS_BREAK)
     cmd.repl()
 
 
 if __name__ == '__main__':
+    try:
         main()
+    except SystemExit as x:
+        if x.code != 0:
+            print(f"Exited with code {x.code}")

Ghidra/Debug/Debugger-agent-dbgeng/data/support/local-ttd.py

@@ -1,58 +0,0 @@
-## ###
-#  IP: GHIDRA
-# 
-#  Licensed under the Apache License, Version 2.0 (the "License");
-#  you may not use this file except in compliance with the License.
-#  You may obtain a copy of the License at
-#  
-#       http://www.apache.org/licenses/LICENSE-2.0
-#  
-#  Unless required by applicable law or agreed to in writing, software
-#  distributed under the License is distributed on an "AS IS" BASIS,
-#  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-#  See the License for the specific language governing permissions and
-#  limitations under the License.
-##
-
-import os
-import sys
-
-
-home = os.getenv('GHIDRA_HOME')
-
-if os.path.isdir(f'{home}\\ghidra\\.git'):
-    sys.path.append(
-        f'{home}\\ghidra\\Ghidra\\Debug\\Debugger-agent-dbgeng\\build\\pypkg\\src')
-    sys.path.append(
-        f'{home}\\ghidra\\Ghidra\\Debug\\Debugger-rmi-trace\\build\\pypkg\\src')
-elif os.path.isdir(f'{home}\\.git'):
-    sys.path.append(
-        f'{home}\\Ghidra\\Debug\\Debugger-agent-dbgeng\\build\\pypkg\\src')
-    sys.path.append(
-        f'{home}\\Ghidra\\Debug\\Debugger-rmi-trace\\build\\pypkg\\src')
-else:
-    sys.path.append(
-        f'{home}\\Ghidra\\Debug\\Debugger-agent-dbgeng\\pypkg\\src')
-    sys.path.append(f'{home}\\Ghidra\\Debug\\Debugger-rmi-trace\\pypkg\\src')
-
-
-def main():
-    # Delay these imports until sys.path is patched
-    from ghidrattd import commands as cmd
-    from ghidrattd import hooks
-    ###from ghidrattd.util import dbg
-
-    cmd.ghidra_trace_connect(os.getenv('GHIDRA_TRACE_RMI_ADDR'))
-    args = os.getenv('OPT_TARGET_ARGS')
-    if args:
-        args = ' ' + args
-    cmd.ghidra_trace_create(
-        os.getenv('OPT_TARGET_IMG') + args, start_trace=True)
-    cmd.ghidra_trace_sync_enable()
-    hooks.on_stop()
-
-    cmd.repl()
-
-
-if __name__ == '__main__':
-    main()

Ghidra/Debug/Debugger-agent-dbgeng/data/support/remote-dbgeng.py

@@ -18,25 +18,16 @@ import os
 import sys
 
 
-home = os.getenv('GHIDRA_HOME')
+def append_paths():
-
-if os.path.isdir(f'{home}\\ghidra\\.git'):
     sys.path.append(
-        f'{home}\\ghidra\\Ghidra\\Debug\\Debugger-agent-dbgeng\\build\\pypkg\\src')
+        f"{os.getenv('MODULE_Debugger_rmi_trace_HOME')}/data/support")
-    sys.path.append(
+    from gmodutils import ghidra_module_pypath
-        f'{home}\\ghidra\\Ghidra\\Debug\\Debugger-rmi-trace\\build\\pypkg\\src')
+    sys.path.append(ghidra_module_pypath("Debugger-rmi-trace"))
-elif os.path.isdir(f'{home}\\.git'):
+    sys.path.append(ghidra_module_pypath())
-    sys.path.append(
-        f'{home}\\Ghidra\\Debug\\Debugger-agent-dbgeng\\build\\pypkg\\src')
-    sys.path.append(
-        f'{home}\\Ghidra\\Debug\\Debugger-rmi-trace\\build\\pypkg\\src')
-else:
-    sys.path.append(
-        f'{home}\\Ghidra\\Debug\\Debugger-agent-dbgeng\\pypkg\\src')
-    sys.path.append(f'{home}\\Ghidra\\Debug\\Debugger-rmi-trace\\pypkg\\src')
 
 
 def main():
+    append_paths()
     # Delay these imports until sys.path is patched
     from ghidradbg import commands as cmd
     from pybag.dbgeng import core as DbgEng
@@ -48,26 +39,20 @@ def main():
     repl = cmd.repl
 
     cmd.ghidra_trace_connect(os.getenv('GHIDRA_TRACE_RMI_ADDR'))
-    args = os.getenv('OPT_TARGET_ARGS')
-    if args:
-        args = ' ' + args
-    cmd.ghidra_trace_connect_server(os.getenv('OPT_CONNECT_STRING'))
-    img = os.getenv('OPT_TARGET_IMG')
-    if img is not None and img != "":
-        cmd.ghidra_trace_create(img + args, start_trace=False)
 
-    # TODO: HACK
+    os.environ['OPT_USE_DBGMODEL'] = "false"
-    try:
+    cmd.ghidra_trace_start("Remote")
-        dbg.wait()
+    cmd.ghidra_trace_sync_enable()
-    except KeyboardInterrupt as ki:
     dbg.interrupt()
 
-    cmd.ghidra_trace_start(os.getenv('OPT_TARGET_IMG'))
+    on_state_changed(DbgEng.DEBUG_CES_EXECUTION_STATUS,
-    cmd.ghidra_trace_sync_enable()
+                     DbgEng.DEBUG_STATUS_BREAK)
-    
-    on_state_changed(DbgEng.DEBUG_CES_EXECUTION_STATUS, DbgEng.DEBUG_STATUS_BREAK)
     cmd.repl()
 
 
 if __name__ == '__main__':
+    try:
         main()
+    except SystemExit as x:
+        if x.code != 0:
+            print(f"Exited with code {x.code}")

Ghidra/Debug/Debugger-agent-dbgeng/data/support/standalone_listener.py

@@ -0,0 +1,76 @@
+## ###
+# IP: GHIDRA
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+##
+
+# TO LAUNCH:  py -i standalone_listener.py  "path_to_target.exe"
+
+import os
+import sys
+
+
+def append_paths():
+    sys.path.append(
+        f"{os.getenv('MODULE_Debugger_rmi_trace_HOME')}/data/support")
+    from gmodutils import ghidra_module_pypath
+    sys.path.append(ghidra_module_pypath("Debugger-rmi-trace"))
+    sys.path.append(ghidra_module_pypath())
+
+
+def main():
+    append_paths()
+    # Delay these imports until sys.path is patched
+    from ghidradbg import commands as cmd
+    from pybag.dbgeng import core as DbgEng
+    from ghidradbg.hooks import on_state_changed
+    from ghidradbg.util import dbg
+
+    # So that the user can re-enter by typing repl()
+    global repl
+    repl = cmd.repl
+
+    cmd.ghidra_trace_listen()
+    args = os.getenv('OPT_TARGET_ARGS')
+    if args:
+        args = ' ' + args
+    else:
+        args = ''
+    target = sys.argv[1]
+    if target is None or target == "":
+        print("dbgeng requires a target image - please try again.")
+        cmd.ghidra_trace_disconnect()
+        return
+
+    cmd.ghidra_trace_create(target + args, start_trace=False)
+
+    # TODO: HACK
+    try:
+        dbg.wait()
+    except KeyboardInterrupt as ki:
+        dbg.interrupt()
+
+    cmd.ghidra_trace_start(target)
+    cmd.ghidra_trace_sync_enable()
+
+    on_state_changed(DbgEng.DEBUG_CES_EXECUTION_STATUS,
+                     DbgEng.DEBUG_STATUS_BREAK)
+    cmd.repl()
+
+
+if __name__ == '__main__':
+    try:
+        main()
+    except SystemExit as x:
+        if x.code != 0:
+            print(f"Exited with code {x.code}")

Ghidra/Debug/Debugger-agent-dbgeng/data/support/svrcx-dbgeng.py

@@ -0,0 +1,69 @@
+## ###
+# IP: GHIDRA
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+##
+
+import os
+import sys
+
+
+def append_paths():
+    sys.path.append(
+        f"{os.getenv('MODULE_Debugger_rmi_trace_HOME')}/data/support")
+    from gmodutils import ghidra_module_pypath
+    sys.path.append(ghidra_module_pypath("Debugger-rmi-trace"))
+    sys.path.append(ghidra_module_pypath())
+
+
+def main():
+    append_paths()
+    # Delay these imports until sys.path is patched
+    from ghidradbg import commands as cmd
+    from pybag.dbgeng import core as DbgEng
+    from ghidradbg.hooks import on_state_changed
+    from ghidradbg.util import dbg
+
+    # So that the user can re-enter by typing repl()
+    global repl
+    repl = cmd.repl
+
+    cmd.ghidra_trace_connect(os.getenv('GHIDRA_TRACE_RMI_ADDR'))
+    args = os.getenv('OPT_TARGET_ARGS')
+    if args:
+        args = ' ' + args
+    cmd.ghidra_trace_connect_server(os.getenv('OPT_CONNECT_STRING'))
+    img = os.getenv('OPT_TARGET_IMG')
+    if img is not None and img != "":
+        cmd.ghidra_trace_create(img + args, start_trace=False)
+
+    # TODO: HACK
+    try:
+        dbg.wait()
+    except KeyboardInterrupt as ki:
+        dbg.interrupt()
+
+    cmd.ghidra_trace_start(os.getenv('OPT_TARGET_IMG'))
+    cmd.ghidra_trace_sync_enable()
+
+    on_state_changed(DbgEng.DEBUG_CES_EXECUTION_STATUS,
+                     DbgEng.DEBUG_STATUS_BREAK)
+    cmd.repl()
+
+
+if __name__ == '__main__':
+    try:
+        main()
+    except SystemExit as x:
+        if x.code != 0:
+            print(f"Exited with code {x.code}")

Ghidra/Debug/Debugger-agent-dbgeng/src/main/help/help/TOC_Source.xml

@@ -0,0 +1,31 @@
+<?xml version='1.0' encoding='ISO-8859-1'?>
+<!-- See Base's TOC_Source.xml for help -->
+<tocroot>
+	<tocref id="TraceRmiLauncherServicePlugin">
+		<tocdef id="dbgeng" text="WinDbg (dbgeng.dll) Integration"
+			target="help/topics/dbgeng/dbgeng.html">
+
+			<tocdef id="dbgeng_local" text="Local"
+				target="help/topics/dbgeng/dbgeng.html#local" />
+
+			<tocdef id="dbgeng_ext" text="Extended Local"
+				target="help/topics/dbgeng/dbgeng.html#ext" />
+
+			<tocdef id="dbgeng_attach" text="Attach"
+				target="help/topics/dbgeng/dbgeng.html#attach" />
+
+			<tocdef id="dbgeng_remote" text="Remote"
+				target="help/topics/dbgeng/dbgeng.html#remote" />
+
+			<tocdef id="dbgeng_svrcx" text="Process Server"
+				target="help/topics/dbgeng/dbgeng.html#svrcx" />
+
+			<tocdef id="dbgeng_win_kenel" text="Windows Kernel"
+				target="help/topics/dbgeng/dbgeng.html#win_kernel" />
+
+			<tocdef id="dbgeng_ttd" text="TTD (Time-Travel Debugging)"
+				target="help/topics/dbgeng/dbgeng.html#ttd" />
+
+		</tocdef>
+	</tocref>
+</tocroot>

Ghidra/Debug/Debugger-agent-dbgeng/src/main/help/help/topics/dbgeng/dbgeng.html

@@ -0,0 +1,297 @@
+<!DOCTYPE doctype PUBLIC "-//W3C//DTD HTML 4.0 Frameset//EN">
+
+<HTML>
+  <HEAD>
+    <META name="generator" content=
+    "HTML Tidy for Java (vers. 2009-12-01), see jtidy.sourceforge.net">
+
+    <TITLE>Debugger Launchers: Windows Debugger (WinDbg, dbgeng.dll)</TITLE>
+    <META http-equiv="Content-Type" content="text/html; charset=windows-1252">
+    <LINK rel="stylesheet" type="text/css" href="help/shared/DefaultStyle.css">
+  </HEAD>
+
+  <BODY lang="EN-US">
+    <H1>Debugger Launchers: Windows Debugger (WinDbg, dbgeng.dll)</H1>
+
+    <P>Integration with WinDbg is achieved by implementing a console debugger in Python 3 based on
+    <TT>dbgeng.dll</TT> (via pybag). This DLL represents the Microsoft Windows Debugger engine, and
+    so is best suited for debugging Windows user-space targets. This DLL also backs WinDbg and
+    several other debuggers on Windows. By default, the launcher will search for this DLL in an
+    installation of the Windows Debugging Kits version 10. If it does not find it there, it will
+    probably crash with a message in the Terminal.</P>
+
+    <P>The following launchers based on Microsoft's <TT>dbgeng.dll</TT> are included out of the
+    box:</P>
+
+    <H2><A name="local"></A>Local</H2>
+
+    <P>The plain "<TT>dbgeng</TT>" defaults to launching the current program as a user-mode process
+    on the local system. If there is no current program, this launcher cannot be used. Clearing the
+    <B>Image</B> option will cause this launcher to fail.</P>
+
+    <P>Please note on some system configurations, one of the debugger's dependencies
+    <TT>dbghelp.dll</TT> may get loaded from the system directory instead of from the WinDbg
+    installation, usually because a security product has pre-loaded it into the Python process. You
+    might work around this by copying the affected DLLs from your WinDbg installation into your
+    Python installation.</P>
+
+    <H3><A name="setup"></A>Setup</H3>
+
+    <P>Installing WinDbg is highly recommended. If you wish to forego installing WinDbg, you can
+    use the DLL provided with Windows, which is substantially less capable, by manually pointing
+    this connector to <TT>C:\Windows\system32</TT>. If you do this, some commands, e.g.
+    <TT>.server</TT>, will not be available.</P>
+
+    <P>If you have access to PyPI, setting up your Python 3 environment is done using Pip. Please
+    note the version specifier for Protobuf.</P>
+
+    <UL style="list-style-type: none">
+      <LI>
+<PRE>
+python3 -m pip install pybag protobuf==3.20.3
+</PRE>
+      </LI>
+    </UL>
+
+    <P>If you are offline, or would like to use our provided packages, we still use Pip, but with a
+    more complicated invocation:</P>
+
+    <UL style="list-style-type: none">
+      <LI>
+<PRE>
+cd C:\path\to\ghidra_<EM>
+version</EM>\Ghidra\Debug
+python3 -m pip install --no-index -f Debugger-rmi-trace\pypkg\dist -f Debugger-agent-dbgeng\pypkg\dist pybag protobuf
+</PRE>
+      </LI>
+    </UL>
+
+    <P>If you get an import error regarding <TT>distutils</TT>, it is due to a transitive
+    dependency on a buggy version of <TT>capstone</TT>. Work around it by installing
+    <TT>setuptools</TT>.</P>
+
+    <H3>Options</H3>
+
+    <UL>
+      <LI><B><TT>python</TT> command</B>: This is the command or path to the Python interpreter. It
+      must be version 3. Python 2 is not supported.</LI>
+
+      <LI><B>Image</B>: This is the path to the target binary image (EXE file). Ghidra will try to
+      fill this in based on information gathered when the current program was imported. If the file
+      exists and is executable on the local machine, it will be filled in automatically. Otherwise,
+      it is up to you to locate it. <B>NOTE:</B> If you have patched the current program database,
+      these changes are <EM>not</EM> applied to the target. You can either 1) apply the same
+      patches to the target once it is running, or 2) export a patched copy of your image and
+      direct this launcher to run it.</LI>
+
+      <LI><B>Arguments</B>: These are the command-line arguments to pass into the target process.
+      These are passed as is into WinDbg's "<TT>CreateProcess</TT>" function.</LI>
+
+      <LI><B>Use <TT>dbgmodel</TT></B>: If <TT>dbgmodel.dll</TT> is available on the system, this
+      launcher will use it to populate the trace's object model. Without that DLL, the launcher
+      will invent its own model, roughly approximating the same, using just the information
+      available from <TT>dbgeng.dll</TT>. Disabling this option will prevent the launcher from
+      using <TT>dbgmodel.dll</TT>, even when it is available.</LI>
+
+      <LI><B>Path to <TT>dbgeng.dll</TT> directory</B>: By default, the launcher allows the
+      underlying <TT>pybag</TT> package to locate the Windows Debugger DLLs. This is typically
+      found by examining the registry for a Windows Kits 10 installation. Otherwise, it may check
+      its typical installation directory. This will <EM>not</EM> search the Windows system
+      directory, but you can configure it manually here. This option allows you to override this
+      search. For example, if you have installed WinDbg Preview or later from the Microsoft Store
+      and wish to use its DLLs, you will need to fill in this option.</LI>
+    </UL>
+
+    <P>Once running, you are presented with a command-line interface in Ghidra's Terminal. This CLI
+    accepts your usual WinDbg (kd) commands. You can escape from this CLI and enter a Python 3 REPL
+    by entering "<TT>.exit</TT>". This is not an actual kd command, but our implementation
+    understands this to mean exit the kd REPL. From the Python 3 REPL, you can access the
+    underlying Python-based API <TT>pybag</TT>. This is an uncommon need, but may be useful for
+    diagnostics and/or workarounds. To re-enter the kd REPL, enter "<TT>repl()</TT>".
+    Alternatively, if you are trying to quit, but typed "<TT>.exit</TT>", just type
+    "<TT>quit()</TT>" to terminate the session.</P>
+
+    <H2><A name="ext"></A>Extended Local</H2>
+
+    <P>The "<TT>dbgeng-ext</TT>" launcher extends the base <TT>dbgeng</TT> launcher adding extra
+    options (a la <TT>IDebugClient</TT>'s <TT>CreateProcess2</TT>).</P>
+
+    <H3>Options</H3>
+
+    <UL>
+      <LI><B>Dir</B>: This is the starting directory for the process.</LI>
+
+      <LI><B>Env</B>: This is a composite string containg Environment Variable entries delineated
+      by '/0' separators. For example, you could redefine USERNAME and USERPROFILE with the entry
+      'USERNAME=SomeUser/0USERPROFILE=C:\Users\SomeUser'.</LI>
+
+      <LI><B>CreateFlags</B>: Flags used when creating the process, typically either
+      DEBUG_PROCESS(1) or DEBUG_ONLY_THIS_PROCESS(2) if you do not wish to follow spawned
+      processes. Other possible values are defined by processes.h's
+      CreateProcessCreationFlags.</LI>
+
+      <LI><B>CreateFlags (Engine)</B>: Engine-specific flags used when creating the process
+      (defined in dbgeng.h). Typically, these are set to 0.</LI>
+
+      <LI><B>VerifierFlags (Engine)</B>: Flags used by the Application Verifier. Typically unused,
+      but, if desired, CreateEngineFlags must include
+      DEBUG_ECREATE_PROCESS_USE_VERIFIER_FLAGS(2).</LI>
+    </UL>
+
+    <H2><A name="attach"></A>Attach</H2>
+
+    <P>This launcher allows the user to attach to a local running process. Options are the same as
+    those for the base dbgeng, except for ProcessId and AttachFlags</P>
+
+    <H3>Options</H3>
+
+    <UL>
+      <LI><B>ProcessId</B>: The pid of the process you wish to attach to.</LI>
+
+      <LI><B>AttachFlags</B>: Flags used when attaching to the target process, typically
+      DEBUG_ATTACH_PROCESS(0). Other possible values are defined in dbgeng.h and determine whether
+      the attach should be invasive or not and the status of the process after attaching.</LI>
+    </UL>
+
+    <H2><A name="remote"></A>Remote</H2>
+
+    <P>This launcher connects to a remote debugger that has opened a port for remote control.</P>
+
+    <H3>Options</H3>
+
+    <UL>
+      <LI>
+        <B>Connection</B>: This is the connection string specifying the transport options for
+        communicating with the remote debugger. A typical example might be
+        'tcp:port=12345,server=192.168.0.2' for a debugger that has issued the command 
+<PRE>
+.server tcp:port=12345
+</PRE>
+      </LI>
+    </UL>
+
+    <H2><A name="svrcx"></A>Process Server</H2>
+
+    <P>The "<TT>dbgeng-svrcx</TT>" launcher extends the base dbgeng launcher adding an option for
+    connecting through a remote process server.</P>
+
+    <H3>Options</H3>
+
+    <UL>
+      <LI>
+        <B>Connection</B>: This is the connection string specifying the transport options for
+        communicating with the remote server. A typical example might be
+        'tcp:port=12345,server=192.168.0.2' for a process server launched on the machine at
+        192.168.0.2 using: 
+<PRE>
+        dbgsrv -t tcp:port=12345
+       
+</PRE>
+      </LI>
+    </UL>
+
+    <H2><A name="win_kernel"></A>Windows Kernel</H2>
+
+    <P>This version of the dbgeng should be used for kernel-debugging of a remote machine. Options
+    are the same as the base dbgeng, except for the connection-string arguments. For remote
+    debugging, the target machine should be booted with the appropriate options, set using BCDEDIT
+    or the equivalent, such as:</P>
+
+    <UL style='list-style-type: none'>
+      <LI>
+<PRE>
+bcdedit /debug ON
+bdcedit /dbgsettings NET HOSTIP:IP PORT:54321 KEY:1.1.1.1
+</PRE>
+      </LI>
+    </UL>
+
+    <P>where IP= the address of the machine runing Ghidra.</P>
+
+    <H3>Options</H3>
+
+    <UL>
+      <LI><B>Arguments</B>: This is the connection string specifying the transport options for
+      communicating with the remote target. A typical example might be
+      'net:port=54321,key=1.1.1.1'.'</LI>
+    </UL>
+
+    <UL>
+      <LI><B>Type</B>: The type of kernel connection, either "Remote", "Local", or "EXDI".
+      "Remote", the most common type, indicates two-machine debugging over various possible
+      connection media, e.g. Ethernet, serial, USB, etc. "Local" is used for limited introspection
+      into the target on which the debugger is running. "EXDI" is arguably the most exotic type -
+      it essentially simulates the normal "Remote" connection using the gdb Remote Serial Protocol.
+      It can be used when connecting to gdbstubs in platforms, such as QEMU, VMWare, Trace32,
+      etc.</LI>
+    </UL>
+
+    <H3>EXDI</H3>
+
+    <P>Setup for EXDI connections is fairly complicated and difficult to get correct. The argument
+    string typically should be something like:</P>
+
+    <UL style='list-style-type: none'>
+      <LI>
+<PRE>
+exdi:CLSID={29f9906e-9dbe-4d4b-b0fb-6acf7fb6d014},Kd=Guess,DataBreaks=Exdi
+</PRE>
+      </LI>
+    </UL>
+
+    <P>The CLSID here should match the CLSID in the <B>exdiConfigData.xml</B> file in the debugger
+    architectural directory. If windbg has been run using EXDI at some point, there will also be an
+    entry in the System Registry for this CLSID. The InprocServer32 subentry for this CLSID in the
+    Registry should point to a copy of ExdiGdbSrv.dll, typically the one in the same directory.
+    This DLL must reside somewhere that the debugger has permission to load from, i.e. not in the
+    WindowsApps directory tree. The <B>exdiConfigData</B> file should be configured for the target
+    you're using. We heavily recommend using <B>displayCommPackets==yes</B>, as many of the tasks
+    take considerable time, and this is the only indicator of progress.</P>
+
+    <P>The <B>Kd=Guess</B> parameter causes the underlying engine to scan memory for the kernel's
+    base address, which will probably not be provided by the gdbstub. (<B>Kd=NtBaseAddr</B> is also
+    a valid option, as is eliminating the parameter, but, currently, we have no idea how to point
+    the configuration at a correct value. Using this option will cause the load to spin
+    pointlessly.) If you can, we highly recommend breaking the target near the base address, as the
+    search proceeds down through memory starting at the current program counter. If the difference
+    between the PC and the base address is large, the loading process will punt before useful
+    values are detected. If anyone understand how to extend this search (or knows how to set the
+    base address to sidestep the scan), we would really love some guidance.</P>
+
+    <H2><A name="ttd"></A>TTD (Time-Travel Debugging)</H2>
+
+    <P>This is an extension to our launcher for the Windows Debugger to support TTD. WinDbg TTD
+    uses <CODE>event:ticks</CODE> to denote its times. This corresponds well to Ghidra's
+    <CODE>snapshot:steps</CODE> syntax, when we let snapshot be an event and ticks count the number
+    of instruction steps. Upon expanding the "Events" node in the Model tree, we create a snapshot
+    for every TTD event, including thread create/terminate, module load/unload, syscall, and other
+    asynchronous changes. Then, when Ghidra navigates to a schedule of the form
+    <CODE>snapshot:steps</CODE>, we command WinDbg to navigate to the corresponding
+    <CODE>event:ticks</CODE> instead of using Ghidra's emulator. Conversely, time navigation from
+    the WinDbg CLI will correspondingly navigate Ghidra. Thus, the two are synchronized in time. We
+    also add <EM>reverse</EM> variants of the <B>Go</B> and <B>Step</B> control commands.</P>
+
+    <H3>Options</H3>
+
+    <P>This launcher has basically the same options as the WinDbg launcher, except that arguments
+    are not included and the DLL path must contain <TT>TTDReplay.dll</TT> and the scripts that
+    implement TTD. These are most easily obtained by installing WinDbg Preview or later.</P>
+
+    <H3>Setup</H3>
+
+    <P>Depending on how you acquire WinDbg TTD, you may need to copy the installation to a
+    directory Ghidra is allowed to access. It's best not to try cherry-picking files. Just
+    copy/unpack the entire WinDbg installation. Point the launch dialog to the directory containing
+    <TT>dbgeng.dll</TT> as usual.</P>
+
+    <P><B>NOTE:</B> It's possible, especially if you have anti-virus software installed, that
+    <TT>dbghelp.dll</TT> is forcefully loaded into the Python process before our connector package
+    tries to load <TT>dbgeng.dll</TT>. This can cause <TT>dbghelp.dll</TT> to be loaded from
+    <TT>System32</TT>, but <TT>dbgeng.dll</TT> to be loaded from the WinDbg installation, often
+    leading to DLL compatibility problems. This usually manifests in module load and/or Python
+    import errors. The only real way to be sure is to use a system utility and inspect the DLLs
+    loaded by the <TT>python.exe</TT> process. You may be able to work around the issue by copying
+    <TT>dbghelp.dll</TT> (and any other affected WinDbg DLLs) from the WinDbg installation into
+    your Python installation, e.g., <TT>C:\Python313\dbghelp.dll</TT>.</P>
+  </BODY>
+</HTML>

Ghidra/Debug/Debugger-agent-dbgeng/src/main/py/pyproject.toml

@@ -4,20 +4,20 @@ build-backend = "setuptools.build_meta"
 
 [project]
 name = "ghidradbg"
-version = "11.3"
+version = "11.5"
 authors = [
   { name="Ghidra Development Team" },
 ]
 description = "Ghidra's Plugin for dbgeng"
 readme = "README.md"
-requires-python = ">=3.7"
+requires-python = ">=3.9"
 classifiers = [
     "Programming Language :: Python :: 3",
     "License :: OSI Approved :: Apache Software License",
     "Operating System :: OS Independent",
 ]
 dependencies = [
-    "ghidratrace==11.3",
+    "ghidratrace==11.5",
     "pybag>=2.2.12"
 ]
 
@@ -26,7 +26,7 @@ dependencies = [
 "Bug Tracker" = "https://github.com/NationalSecurityAgency/ghidra/issues"
 
 [tool.setuptools.package-data]
-ghidradbg = ["*.tlb"]
+ghidradbg = ["*.tlb", "py.typed"]
 
 [tool.setuptools]
 include-package-data = true

Ghidra/Debug/Debugger-agent-dbgeng/src/main/py/src/ghidradbg/__init__.py

@@ -14,6 +14,11 @@
 # limitations under the License.
 ##
 
-# NOTE: libraries must precede EVERYTHING, esp pybag and DbgMod
+try:
+    import pybag
+except Exception as e:
+    from ghidratrace.setuputils import prompt_and_mitigate_dependencies
+    prompt_and_mitigate_dependencies("<SELF>")
 
+# NOTE: libraries must precede EVERYTHING, esp pybag and DbgMod
 from . import libraries, util, commands, methods, hooks

Ghidra/Debug/Debugger-agent-dbgeng/src/main/py/src/ghidradbg/arch.py

@@ -13,13 +13,15 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 ##
+from typing import Dict, List, Optional, Tuple
+
 from ghidratrace.client import Address, RegVal
-from pybag import pydbg
+from pybag import pydbg # type: ignore
 
 from . import util
 
 
-language_map = {
+language_map: Dict[str, List[str]] = {
     'AARCH64': ['AARCH64:LE:64:AppleSilicon'],
     'ARM': ['ARM:LE:32:v8'],
     'Itanium': [],
@@ -31,25 +33,25 @@ language_map = {
     'SH4': ['SuperH4:LE:32:default'],
 }
 
-data64_compiler_map = {
+data64_compiler_map: Dict[Optional[str], str] = {
     None: 'pointer64',
 }
 
-x86_compiler_map = {
+x86_compiler_map: Dict[Optional[str], str] = {
     'windows': 'windows',
     'Cygwin': 'windows',
     'default': 'windows',
 }
 
-default_compiler_map = {
+default_compiler_map: Dict[Optional[str], str] = {
     'windows': 'default',
 }
 
-windows_compiler_map = {
+windows_compiler_map: Dict[Optional[str], str] = {
     'windows': 'windows',
 }
 
-compiler_map = {
+compiler_map : Dict[str, Dict[Optional[str], str]]= {
     'DATA:BE:64:default': data64_compiler_map,
     'DATA:LE:64:default': data64_compiler_map,
     'x86:LE:32:default': x86_compiler_map,
@@ -62,11 +64,11 @@ compiler_map = {
 }
 
 
-def get_arch():
+def get_arch() -> str:
     try:
         type = util.dbg.get_actual_processor_type()
-    except Exception:
+    except Exception as e:
-        print("Error getting actual processor type.")
+        print(f"Error getting actual processor type: {e}")
         return "Unknown"
     if type is None:
         return "x86_64"
@@ -129,14 +131,14 @@ def get_arch():
     return "Unknown"
 
 
-def get_endian():
+def get_endian() -> str:
     parm = util.get_convenience_variable('endian')
     if parm != 'auto':
         return parm
     return 'little'
 
 
-def get_osabi():
+def get_osabi() -> str:
     parm = util.get_convenience_variable('osabi')
     if not parm in ['auto', 'default']:
         return parm
@@ -150,7 +152,7 @@ def get_osabi():
     return "windows"
 
 
-def compute_ghidra_language():
+def compute_ghidra_language() -> str:
     # First, check if the parameter is set
     lang = util.get_convenience_variable('ghidra-language')
     if lang != 'auto':
@@ -175,7 +177,7 @@ def compute_ghidra_language():
     return 'DATA' + lebe + '64:default'
 
 
-def compute_ghidra_compiler(lang):
+def compute_ghidra_compiler(lang: str) -> str:
     # First, check if the parameter is set
     comp = util.get_convenience_variable('ghidra-compiler')
     if comp != 'auto':
@@ -197,7 +199,7 @@ def compute_ghidra_compiler(lang):
     return 'default'
 
 
-def compute_ghidra_lcsp():
+def compute_ghidra_lcsp() -> Tuple[str, str]:
     lang = compute_ghidra_language()
     comp = compute_ghidra_compiler(lang)
     return lang, comp
@@ -205,10 +207,10 @@ def compute_ghidra_lcsp():
 
 class DefaultMemoryMapper(object):
 
-    def __init__(self, defaultSpace):
+    def __init__(self, defaultSpace: str) -> None:
         self.defaultSpace = defaultSpace
 
-    def map(self, proc: int, offset: int):
+    def map(self, proc: int, offset: int) -> Tuple[str, Address]:
         space = self.defaultSpace
         return self.defaultSpace, Address(space, offset)
 
@@ -220,10 +222,10 @@ class DefaultMemoryMapper(object):
 
 DEFAULT_MEMORY_MAPPER = DefaultMemoryMapper('ram')
 
-memory_mappers = {}
+memory_mappers: Dict[str, DefaultMemoryMapper] = {}
 
 
-def compute_memory_mapper(lang):
+def compute_memory_mapper(lang: str) -> DefaultMemoryMapper:
     if not lang in memory_mappers:
         return DEFAULT_MEMORY_MAPPER
     return memory_mappers[lang]
@@ -231,16 +233,15 @@ def compute_memory_mapper(lang):
 
 class DefaultRegisterMapper(object):
 
-    def __init__(self, byte_order):
+    def __init__(self, byte_order: str) -> None:
         if not byte_order in ['big', 'little']:
             raise ValueError("Invalid byte_order: {}".format(byte_order))
         self.byte_order = byte_order
-        self.union_winners = {}
 
-    def map_name(self, proc, name):
+    def map_name(self, proc: int, name: str):
         return name
 
-    def map_value(self, proc, name, value):
+    def map_value(self, proc: int, name: str, value: int):
         try:
             # TODO: this seems half-baked
             av = value.to_bytes(8, "big")
@@ -249,10 +250,10 @@ class DefaultRegisterMapper(object):
                              .format(name, value, type(value)))
         return RegVal(self.map_name(proc, name), av)
 
-    def map_name_back(self, proc, name):
+    def map_name_back(self, proc: int, name: str) -> str:
         return name
 
-    def map_value_back(self, proc, name, value):
+    def map_value_back(self, proc: int, name: str, value: bytes):
         return RegVal(self.map_name_back(proc, name), value)
 
 
@@ -290,7 +291,7 @@ register_mappers = {
 }
 
 
-def compute_register_mapper(lang):
+def compute_register_mapper(lang: str)-> DefaultRegisterMapper:
     if not lang in register_mappers:
         if ':BE:' in lang:
             return DEFAULT_BE_REGISTER_MAPPER

Ghidra/Debug/Debugger-agent-dbgeng/src/main/py/src/ghidradbg/dbgmodel/idebughost.py

@@ -18,7 +18,6 @@ from ctypes import *
 from comtypes.gen import DbgMod
 from comtypes.hresult import S_OK, S_FALSE
 from pybag.dbgeng import exception
-from pybag.dbgeng import win32
 
 
 class DebugHost(object):

Ghidra/Debug/Debugger-agent-dbgeng/src/main/py/src/ghidradbg/dbgmodel/imodeliterator.py

@@ -26,6 +26,7 @@ from . import imodelobject as mo
 class ModelIterator(object):
     def __init__(self, iter):
         self._iter = iter
+        self._index = 0
         iter.AddRef()
 
     # ModelIterator
@@ -39,10 +40,17 @@ class ModelIterator(object):
                                byref(indexer), byref(metadata))
         except COMError as ce:
             return None
+        if "ptr=0x0" in str(indexer):
+            next = (self._index, mo.ModelObject(object))
+            self._index += 1
+            return next
+
         index = mo.ModelObject(indexer)
         ival = index.GetIntrinsicValue()
         if ival is None:
-            return (0, mo.ModelObject(object))
+            next = (self._index, mo.ModelObject(object))
+            self._index += 1
+            return next
         return (ival.value, mo.ModelObject(object))
 
     def Reset(self):

Ghidra/Debug/Debugger-agent-dbgeng/src/main/py/src/ghidradbg/dbgmodel/imodelmethod.py

@@ -0,0 +1,44 @@
+## ###
+# IP: GHIDRA
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+##
+from ctypes import *
+
+from comtypes import COMError
+from comtypes.gen import DbgMod
+from comtypes.hresult import S_OK, S_FALSE
+from pybag.dbgeng import exception
+
+from . import imodelobject as mo
+
+
+class ModelMethod(object):
+    def __init__(self, method):
+        self._method = method
+        method.AddRef()
+
+    # ModelMethod
+
+    def Call(self, object, argcount=0, arguments=None):
+        if argcount == 0:
+            arguments = POINTER(DbgMod.IModelObject)()
+        result = POINTER(DbgMod.IModelObject)()
+        metadata = POINTER(DbgMod.IKeyStore)()
+        try:
+            self._method.Call(byref(object), argcount, byref(arguments),
+                              byref(result), byref(metadata))
+        except COMError as ce:
+            return None
+
+        return mo.ModelObject(result)

Ghidra/Debug/Debugger-agent-dbgeng/src/main/py/src/ghidradbg/dbgmodel/imodelobject.py

@@ -342,7 +342,6 @@ class ModelObject(object):
             #    print(f"{element} not found")
         return next
 
-
     def GetValue(self):
         value = self.GetIntrinsicValue()
         if value is None:
@@ -350,4 +349,3 @@ class ModelObject(object):
         if value.vt == 0xd:
             return None
         return value.value
-

Ghidra/Debug/Debugger-agent-dbgeng/src/main/py/src/ghidradbg/dbgmodel/irawenumerator.py

@@ -35,7 +35,7 @@ class RawEnumerator(object):
             self._keys = None
         return cnt
 
-    # KeyEnumerator
+    # RawEnumerator
 
     def GetNext(self):
         key = BSTR()

Ghidra/Debug/Debugger-agent-dbgeng/src/main/py/src/ghidradbg/exdi/exdi_commands.py

@@ -13,12 +13,12 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 ##
+from ghidradbg import arch, commands, util
 from ghidratrace import sch
-from ghidratrace.client import Client, Address, AddressRange, TraceObject
+from ghidratrace.client import Client, Address, AddressRange, Trace, TraceObject
 
 PAGE_SIZE = 4096
 
-from ghidradbg import arch, commands, util
 
 SESSION_PATH = 'Sessions[0]'
 PROCESSES_PATH = SESSION_PATH + '.ExdiProcesses'
@@ -42,73 +42,64 @@ SECTIONS_ADD_PATTERN = '.Sections'
 SECTION_KEY_PATTERN = '[{secname}]'
 SECTION_ADD_PATTERN = SECTIONS_ADD_PATTERN + SECTION_KEY_PATTERN
 
+
 @util.dbg.eng_thread
-def ghidra_trace_put_processes_exdi():
+def ghidra_trace_put_processes_exdi() -> None:
-    """
+    """Put the list of processes into the trace's processes list."""
-    Put the list of processes into the trace's processes list.
-    """
 
     radix = util.get_convenience_variable('output-radix')
-    commands.STATE.require_tx()
+    trace, tx = commands.STATE.require_tx()
-    with commands.STATE.client.batch() as b:
+    with trace.client.batch() as b:
-        put_processes_exdi(commands.STATE, radix)
+        put_processes_exdi(trace, radix)
 
 
 @util.dbg.eng_thread
-def ghidra_trace_put_regions_exdi():
+def ghidra_trace_put_regions_exdi() -> None:
-    """
+    """Read the memory map, if applicable, and write to the trace's Regions."""
-    Read the memory map, if applicable, and write to the trace's Regions
-    """
 
-    commands.STATE.require_tx()
+    trace, tx = commands.STATE.require_tx()
-    with commands.STATE.client.batch() as b:
+    with trace.client.batch() as b:
-        put_regions_exdi(commands.STATE)
+        put_regions_exdi(trace)
 
 
 @util.dbg.eng_thread
-def ghidra_trace_put_kmodules_exdi():
+def ghidra_trace_put_kmodules_exdi() -> None:
-    """
+    """Gather object files, if applicable, and write to the trace's Modules."""
-    Gather object files, if applicable, and write to the trace's Modules
-    """
 
-    commands.STATE.require_tx()
+    trace, tx = commands.STATE.require_tx()
-    with commands.STATE.client.batch() as b:
+    with trace.client.batch() as b:
-        put_kmodules_exdi(commands.STATE)
+        put_kmodules_exdi(trace)
 
 
 @util.dbg.eng_thread
-def ghidra_trace_put_threads_exdi(pid):
+def ghidra_trace_put_threads_exdi(pid: int) -> None:
-    """
+    """Put the current process's threads into the Ghidra trace."""
-    Put the current process's threads into the Ghidra trace
-    """
 
     radix = util.get_convenience_variable('output-radix')
-    commands.STATE.require_tx()
+    trace, tx = commands.STATE.require_tx()
-    with commands.STATE.client.batch() as b:
+    with trace.client.batch() as b:
-        put_threads_exdi(commands.STATE, pid, radix)
+        put_threads_exdi(trace, pid, radix)
 
 
 @util.dbg.eng_thread
-def ghidra_trace_put_all_exdi():
+def ghidra_trace_put_all_exdi() -> None:
-    """
+    """Put everything currently selected into the Ghidra trace."""
-    Put everything currently selected into the Ghidra trace
-    """
 
     radix = util.get_convenience_variable('output-radix')
-    commands.STATE.require_tx()
+    trace, tx = commands.STATE.require_tx()
-    with commands.STATE.client.batch() as b:
+    with trace.client.batch() as b:
         if util.dbg.use_generics == False:
-            put_processes_exdi(commands.STATE, radix)
+            put_processes_exdi(trace, radix)
-        put_regions_exdi(commands.STATE)
+        put_regions_exdi(trace)
-        put_kmodules_exdi(commands.STATE)
+        put_kmodules_exdi(trace)
 
 
 @util.dbg.eng_thread
-def put_processes_exdi(state, radix):
+def put_processes_exdi(trace: Trace, radix: int) -> None:
     radix = util.get_convenience_variable('output-radix')
     keys = []
     result = util.dbg._base.cmd("!process 0 0")
-    lines = result.split("\n")
+    lines = list(x for x in result.splitlines() if "DeepFreeze" not in x)
     count = int((len(lines)-2)/5)
     for i in range(0, count):
         l1 = lines[i*5+1].strip().split()  # PROCESS
@@ -118,7 +109,7 @@ def put_processes_exdi(state, radix):
         id = int(l2[3], 16)
         name = l4[1]
         ppath = PROCESS_PATTERN.format(pid=id)
-        procobj = state.trace.create_object(ppath)
+        procobj = trace.create_object(ppath)
         keys.append(PROCESS_KEY_PATTERN.format(pid=id))
         pidstr = ('0x{:x}' if radix ==
                   16 else '0{:o}' if radix == 8 else '{}').format(id)
@@ -126,22 +117,22 @@ def put_processes_exdi(state, radix):
         procobj.set_value('Name', name)
         procobj.set_value('_display', '[{}] {}'.format(pidstr, name))
         (base, addr) = commands.map_address(int(l1[1], 16))
-        procobj.set_value('EPROCESS', addr, schema="ADDRESS")
+        procobj.set_value('EPROCESS', addr, schema=sch.ADDRESS)
         (base, addr) = commands.map_address(int(l2[5], 16))
-        procobj.set_value('PEB', addr, schema="ADDRESS")
+        procobj.set_value('PEB', addr, schema=sch.ADDRESS)
         (base, addr) = commands.map_address(int(l3[1], 16))
-        procobj.set_value('DirBase', addr, schema="ADDRESS")
+        procobj.set_value('DirBase', addr, schema=sch.ADDRESS)
         (base, addr) = commands.map_address(int(l3[3], 16))
-        procobj.set_value('ObjectTable', addr, schema="ADDRESS")
+        procobj.set_value('ObjectTable', addr, schema=sch.ADDRESS)
         # procobj.set_value('ObjectTable', l3[3])
-        tcobj = state.trace.create_object(ppath+".Threads")
+        tcobj = trace.create_object(ppath+".Threads")
         procobj.insert()
         tcobj.insert()
-    state.trace.proxy_object_path(PROCESSES_PATH).retain_values(keys)
+    trace.proxy_object_path(PROCESSES_PATH).retain_values(keys)
 
 
 @util.dbg.eng_thread
-def put_regions_exdi(state):
+def put_regions_exdi(trace: Trace) -> None:
     radix = util.get_convenience_variable('output-radix')
     keys = []
     result = util.dbg._base.cmd("!address")
@@ -165,8 +156,8 @@ def put_regions_exdi(state):
         rng = saddr.extend(int(length, 16))
         rpath = REGION_PATTERN.format(start=start)
         keys.append(REGION_KEY_PATTERN.format(start=start))
-        regobj = state.trace.create_object(rpath)
+        regobj = trace.create_object(rpath)
-        regobj.set_value('Range', rng, schema="RANGE")
+        regobj.set_value('Range', rng, schema=sch.RANGE)
         regobj.set_value('Size', length)
         regobj.set_value('Type', type)
         regobj.set_value('_readable', True)
@@ -175,11 +166,11 @@ def put_regions_exdi(state):
         regobj.set_value('_display', '[{}] {}'.format(
             start, type))
         regobj.insert()
-    state.trace.proxy_object_path(MEMORY_PATH).retain_values(keys)
+    trace.proxy_object_path(MEMORY_PATH).retain_values(keys)
 
 
 @util.dbg.eng_thread
-def put_kmodules_exdi(state):
+def put_kmodules_exdi(trace: Trace) -> None:
     radix = util.get_convenience_variable('output-radix')
     keys = []
     result = util.dbg._base.cmd("lm")
@@ -203,19 +194,20 @@ def put_kmodules_exdi(state):
         rng = saddr.extend(sz)
         mpath = KMODULE_PATTERN.format(modpath=sname)
         keys.append(KMODULE_KEY_PATTERN.format(modpath=sname))
-        modobj = commands.STATE.trace.create_object(mpath)
+        modobj = trace.create_object(mpath)
         modobj.set_value('Name', name)
-        modobj.set_value('Base', saddr, schema="ADDRESS")
+        modobj.set_value('Base', saddr, schema=sch.ADDRESS)
-        modobj.set_value('Range', rng, schema="RANGE")
+        modobj.set_value('Range', rng, schema=sch.RANGE)
         modobj.set_value('Size', hex(sz))
         modobj.insert()
-    state.trace.proxy_object_path(KMODULES_PATH).retain_values(keys)
+    trace.proxy_object_path(KMODULES_PATH).retain_values(keys)
 
 
 @util.dbg.eng_thread
-def put_threads_exdi(state, pid, radix):
+def put_threads_exdi(trace: Trace, pid: int, radix: int) -> None:
     radix = util.get_convenience_variable('output-radix')
-    pidstr = ('0x{:x}' if radix == 16 else '0{:o}' if radix == 8 else '{}').format(pid)
+    pidstr = ('0x{:x}' if radix == 16 else '0{:o}' if radix ==
+              8 else '{}').format(pid)
     keys = []
     result = util.dbg._base.cmd("!process "+hex(pid)+" 4")
     lines = result.split("\n")
@@ -229,9 +221,9 @@ def put_threads_exdi(state, pid, radix):
         tidstr = ('0x{:x}' if radix ==
                   16 else '0{:o}' if radix == 8 else '{}').format(tid)
         tpath = THREAD_PATTERN.format(pid=pid, tnum=tid)
-        tobj = commands.STATE.trace.create_object(tpath)
+        tobj = trace.create_object(tpath)
         keys.append(THREAD_KEY_PATTERN.format(tnum=tidstr))
-        tobj = state.trace.create_object(tpath)
+        tobj = trace.create_object(tpath)
         tobj.set_value('PID', pidstr)
         tobj.set_value('TID', tidstr)
         tobj.set_value('_display', '[{}]'.format(tidstr))
@@ -240,5 +232,5 @@ def put_threads_exdi(state, pid, radix):
         tobj.set_value('Win32Thread', fields[7])
         tobj.set_value('State', fields[8])
         tobj.insert()
-    commands.STATE.trace.proxy_object_path(
+    trace.proxy_object_path(THREADS_PATTERN.format(
-        THREADS_PATTERN.format(pid=pidstr)).retain_values(keys)
+        pid=pidstr)).retain_values(keys)

Ghidra/Debug/Debugger-agent-dbgeng/src/main/py/src/ghidradbg/exdi/exdi_methods.py

@@ -16,15 +16,17 @@
 import re
 
 from ghidratrace import sch
-from ghidratrace.client import MethodRegistry, ParamDesc, Address, AddressRange
+from ghidratrace.client import (MethodRegistry, ParamDesc, Address,
+                                AddressRange, TraceObject)
 from ghidradbg import util, commands, methods
 from ghidradbg.methods import REGISTRY, SESSIONS_PATTERN, SESSION_PATTERN, extre
 
 from . import exdi_commands
 
-XPROCESSES_PATTERN = extre(SESSION_PATTERN, '\.ExdiProcesses')
+XPROCESSES_PATTERN = extre(SESSION_PATTERN, '\\.ExdiProcesses')
-XPROCESS_PATTERN = extre(XPROCESSES_PATTERN, '\[(?P<procnum>\\d*)\]')
+XPROCESS_PATTERN = extre(XPROCESSES_PATTERN, '\\[(?P<procnum>\\d*)\\]')
-XTHREADS_PATTERN = extre(XPROCESS_PATTERN, '\.Threads')
+XTHREADS_PATTERN = extre(XPROCESS_PATTERN, '\\.Threads')
+
 
 def find_pid_by_pattern(pattern, object, err_msg):
     mat = pattern.fullmatch(object.path)
@@ -38,16 +40,23 @@ def find_pid_by_obj(object):
     return find_pid_by_pattern(XTHREADS_PATTERN, object, "an ExdiThreadsContainer")
 
 
+class ExdiProcessContainer(TraceObject):
+    pass
+
+
+class ExdiThreadContainer(TraceObject):
+    pass
+
 
 @REGISTRY.method(action='refresh', display="Refresh Target Processes")
-def refresh_exdi_processes(node: sch.Schema('ExdiProcessContainer')):
+def refresh_exdi_processes(node: ExdiProcessContainer) -> None:
     """Refresh the list of processes in the target kernel."""
     with commands.open_tracked_tx('Refresh Processes'):
         exdi_commands.ghidra_trace_put_processes_exdi()
 
 
 @REGISTRY.method(action='refresh', display="Refresh Process Threads")
-def refresh_exdi_threads(node: sch.Schema('ExdiThreadContainer')):
+def refresh_exdi_threads(node: ExdiThreadContainer) -> None:
     """Refresh the list of threads in the process."""
     pid = find_pid_by_obj(node)
     with commands.open_tracked_tx('Refresh Threads'):

Ghidra/Debug/Debugger-agent-dbgeng/src/main/py/src/ghidradbg/hooks.py

@@ -13,18 +13,23 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 ##
+from bisect import bisect_left, bisect_right
+from dataclasses import dataclass, field
 import functools
 import sys
 import threading
 import time
 import traceback
+from typing import Any, Callable, Collection, Dict, Optional, TypeVar, cast
 
-from comtypes.hresult import S_OK
+from comtypes.hresult import S_OK  # type: ignore
-from pybag import pydbg
+from pybag import pydbg  # type: ignore
-from pybag.dbgeng import core as DbgEng
+from pybag.dbgeng import core as DbgEng  # type: ignore
-from pybag.dbgeng import exception
+from pybag.dbgeng import exception  # type: ignore
-from pybag.dbgeng.callbacks import EventHandler
+from pybag.dbgeng.callbacks import EventHandler  # type: ignore
-from pybag.dbgeng.idebugbreakpoint import DebugBreakpoint
+from pybag.dbgeng.idebugbreakpoint import DebugBreakpoint  # type: ignore
+
+from ghidratrace.client import Schedule
 
 from . import commands, util
 from .exdi import exdi_commands
@@ -33,36 +38,33 @@ from .exdi import exdi_commands
 ALL_EVENTS = 0xFFFF
 
 
-class HookState(object):
+@dataclass(frozen=False)
-    __slots__ = ('installed', 'mem_catchpoint')
+class HookState:
-
+    installed = False
-    def __init__(self):
+    mem_catchpoint = None
-        self.installed = False
-        self.mem_catchpoint = None
 
 
-class ProcessState(object):
+@dataclass(frozen=False)
-    __slots__ = ('first', 'regions', 'modules', 'threads',
+class ProcessState:
-                 'breaks', 'watches', 'visited', 'waiting')
+    first = True
-
-    def __init__(self):
-        self.first = True
     # For things we can detect changes to between stops
-        self.regions = False
+    regions = False
-        self.modules = False
+    modules = False
-        self.threads = False
+    threads = False
-        self.breaks = False
+    breaks = False
-        self.watches = False
+    watches = False
     # For frames and threads that have already been synced since last stop
-        self.visited = set()
+    visited: set[Any] = field(default_factory=set)
-        self.waiting = False
+    waiting = False
 
-    def record(self, description=None):
+    def record(self, description: Optional[str] = None,
+               time: Optional[Schedule] = None) -> None:
         # print("RECORDING")
         first = self.first
         self.first = False
+        trace = commands.STATE.require_trace()
         if description is not None:
-            commands.STATE.trace.snapshot(description)
+            trace.snapshot(description, time=time)
         if first:
             if util.is_kernel():
                 commands.create_generic("Sessions")
@@ -71,6 +73,9 @@ class ProcessState(object):
             commands.put_processes()
             commands.put_environment()
             commands.put_threads()
+            if util.is_trace():
+                commands.init_ttd()
+                # commands.put_events()
         if self.threads:
             commands.put_threads()
             self.threads = False
@@ -90,46 +95,48 @@ class ProcessState(object):
                 self.visited.add(hashable_frame)
         if first or self.regions:
             if util.is_exdi():
-                exdi_commands.put_regions_exdi(commands.STATE)
+                exdi_commands.put_regions_exdi(trace)
             commands.put_regions()
             self.regions = False
         if first or self.modules:
             if util.is_exdi():
-                exdi_commands.put_kmodules_exdi(commands.STATE)
+                exdi_commands.put_kmodules_exdi(trace)
             commands.put_modules()
             self.modules = False
         if first or self.breaks:
             commands.put_breakpoints()
+            commands.put_events()
+            commands.put_exceptions()
             self.breaks = False
 
-    def record_continued(self):
+    def record_continued(self) -> None:
         commands.put_processes(running=True)
         commands.put_threads(running=True)
 
-    def record_exited(self, exit_code, description=None):
+    def record_exited(self, exit_code: int, description: Optional[str] = None,
+                      time: Optional[Schedule] = None) -> None:
         # print("RECORD_EXITED")
+        trace = commands.STATE.require_trace()
         if description is not None:
-            commands.STATE.trace.snapshot(description)
+            trace.snapshot(description, time=time)
         proc = util.selected_process()
         ipath = commands.PROCESS_PATTERN.format(procnum=proc)
-        procobj = commands.STATE.trace.proxy_object_path(ipath)
+        procobj = trace.proxy_object_path(ipath)
         procobj.set_value('Exit Code', exit_code)
         procobj.set_value('State', 'TERMINATED')
 
 
-class BrkState(object):
+@dataclass(frozen=False)
-    __slots__ = ('break_loc_counts',)
+class BrkState:
+    break_loc_counts: Dict[int, int] = field(default_factory=dict)
 
-    def __init__(self):
+    def update_brkloc_count(self, b: DebugBreakpoint, count: int) -> None:
-        self.break_loc_counts = {}
-
-    def update_brkloc_count(self, b, count):
         self.break_loc_counts[b.GetID()] = count
 
-    def get_brkloc_count(self, b):
+    def get_brkloc_count(self, b: DebugBreakpoint) -> int:
         return self.break_loc_counts.get(b.GetID(), 0)
 
-    def del_brkloc_count(self, b):
+    def del_brkloc_count(self, b: DebugBreakpoint) -> int:
         if b not in self.break_loc_counts:
             return 0  # TODO: Print a warning?
         count = self.break_loc_counts[b.GetID()]
@@ -139,35 +146,37 @@ class BrkState(object):
 
 HOOK_STATE = HookState()
 BRK_STATE = BrkState()
-PROC_STATE = {}
+PROC_STATE: Dict[int, ProcessState] = {}
 
 
-def log_errors(func):
+C = TypeVar('C', bound=Callable)
-    '''
+
-    Wrap a function in a try-except that prints and reraises the
+
-    exception.
+def log_errors(func: C) -> C:
+    """Wrap a function in a try-except that prints and reraises the exception.
 
     This is needed because pybag and/or the COM wrappers do not print
     exceptions that occur during event callbacks.
-    '''
+    """
     @functools.wraps(func)
-    def _func(*args, **kwargs):
+    def _func(*args, **kwargs) -> Any:
         try:
             return func(*args, **kwargs)
         except:
             traceback.print_exc()
             raise
-    return _func
+    return cast(C, _func)
 
 
 @log_errors
-def on_state_changed(*args):
+def on_state_changed(*args) -> int:
-    # print("ON_STATE_CHANGED")
+    # print(f"---ON_STATE_CHANGED:{args}---")
-    # print(args)
     if args[0] == DbgEng.DEBUG_CES_CURRENT_THREAD:
-        return on_thread_selected(args)
+        on_thread_selected(args)
+        return S_OK
     elif args[0] == DbgEng.DEBUG_CES_BREAKPOINTS:
-        return on_breakpoint_modified(args)
+        on_breakpoint_modified(args)
+        return S_OK
     elif args[0] == DbgEng.DEBUG_CES_RADIX:
         util.set_convenience_variable('output-radix', args[1])
         return S_OK
@@ -182,21 +191,24 @@ def on_state_changed(*args):
         if proc in PROC_STATE:
             # Process may have exited (so deleted) first.
             PROC_STATE[proc].waiting = False
-        trace = commands.STATE.trace
+        trace = commands.STATE.require_trace()
-        with commands.STATE.client.batch():
+        with trace.client.batch():
             with trace.open_tx("State changed proc {}".format(proc)):
                 commands.put_state(proc)
         if args[1] == DbgEng.DEBUG_STATUS_BREAK:
-            return on_stop(args)
+            on_stop(args)
+            return S_OK
         elif args[1] == DbgEng.DEBUG_STATUS_NO_DEBUGGEE:
-            return on_exited(proc)
+            on_exited(proc)
+            return S_OK
         else:
-            return on_cont(args)
+            on_cont(args)
+            return S_OK
     return S_OK
 
 
 @log_errors
-def on_debuggee_changed(*args):
+def on_debuggee_changed(*args) -> int:
     # print("ON_DEBUGGEE_CHANGED: args={}".format(args))
     # sys.stdout.flush()
     trace = commands.STATE.trace
@@ -210,20 +222,20 @@ def on_debuggee_changed(*args):
 
 
 @log_errors
-def on_session_status_changed(*args):
+def on_session_status_changed(*args) -> None:
     # print("ON_STATUS_CHANGED: args={}".format(args))
     trace = commands.STATE.trace
     if trace is None:
         return
     if args[0] == DbgEng.DEBUG_SESSION_ACTIVE or args[0] == DbgEng.DEBUG_SESSION_REBOOT:
-        with commands.STATE.client.batch():
+        with trace.client.batch():
             with trace.open_tx("New Session {}".format(util.selected_process())):
                 commands.put_processes()
                 return DbgEng.DEBUG_STATUS_GO
 
 
 @log_errors
-def on_symbol_state_changed(*args):
+def on_symbol_state_changed(*args) -> None:
     # print("ON_SYMBOL_STATE_CHANGED")
     proc = util.selected_process()
     if proc not in PROC_STATE:
@@ -237,31 +249,31 @@ def on_symbol_state_changed(*args):
 
 
 @log_errors
-def on_system_error(*args):
+def on_system_error(*args) -> None:
     print("ON_SYSTEM_ERROR: args={}".format(args))
     # print(hex(args[0]))
     trace = commands.STATE.trace
     if trace is None:
         return
-    with commands.STATE.client.batch():
+    with trace.client.batch():
         with trace.open_tx("System Error {}".format(util.selected_process())):
             commands.put_processes()
     return DbgEng.DEBUG_STATUS_BREAK
 
 
 @log_errors
-def on_new_process(*args):
+def on_new_process(*args) -> None:
     # print("ON_NEW_PROCESS")
     trace = commands.STATE.trace
     if trace is None:
         return
-    with commands.STATE.client.batch():
+    with trace.client.batch():
         with trace.open_tx("New Process {}".format(util.selected_process())):
             commands.put_processes()
     return DbgEng.DEBUG_STATUS_BREAK
 
 
-def on_process_selected():
+def on_process_selected() -> None:
     # print("PROCESS_SELECTED")
     proc = util.selected_process()
     if proc not in PROC_STATE:
@@ -269,14 +281,14 @@ def on_process_selected():
     trace = commands.STATE.trace
     if trace is None:
         return
-    with commands.STATE.client.batch():
+    with trace.client.batch():
         with trace.open_tx("Process {} selected".format(proc)):
             PROC_STATE[proc].record()
             commands.activate()
 
 
 @log_errors
-def on_process_deleted(*args):
+def on_process_deleted(*args) -> None:
     # print("ON_PROCESS_DELETED")
     exit_code = args[0]
     proc = util.selected_process()
@@ -286,14 +298,14 @@ def on_process_deleted(*args):
     trace = commands.STATE.trace
     if trace is None:
         return
-    with commands.STATE.client.batch():
+    with trace.client.batch():
         with trace.open_tx("Process {} deleted".format(proc)):
             commands.put_processes()  # TODO: Could just delete the one....
     return DbgEng.DEBUG_STATUS_BREAK
 
 
 @log_errors
-def on_threads_changed(*args):
+def on_threads_changed(*args) -> None:
     # print("ON_THREADS_CHANGED")
     proc = util.selected_process()
     if proc not in PROC_STATE:
@@ -302,7 +314,7 @@ def on_threads_changed(*args):
     return DbgEng.DEBUG_STATUS_GO
 
 
-def on_thread_selected(*args):
+def on_thread_selected(*args) -> None:
     # print("THREAD_SELECTED: args={}".format(args))
     # sys.stdout.flush()
     nthrd = args[0][1]
@@ -312,7 +324,7 @@ def on_thread_selected(*args):
     trace = commands.STATE.trace
     if trace is None:
         return
-    with commands.STATE.client.batch():
+    with trace.client.batch():
         with trace.open_tx("Thread {}.{} selected".format(nproc, nthrd)):
             commands.put_state(nproc)
             state = PROC_STATE[nproc]
@@ -323,7 +335,7 @@ def on_thread_selected(*args):
                 commands.activate()
 
 
-def on_register_changed(regnum):
+def on_register_changed(regnum) -> None:
     # print("REGISTER_CHANGED")
     proc = util.selected_process()
     if proc not in PROC_STATE:
@@ -331,13 +343,13 @@ def on_register_changed(regnum):
     trace = commands.STATE.trace
     if trace is None:
         return
-    with commands.STATE.client.batch():
+    with trace.client.batch():
         with trace.open_tx("Register {} changed".format(regnum)):
             commands.putreg()
             commands.activate()
 
 
-def on_memory_changed(space):
+def on_memory_changed(space) -> None:
     if space != DbgEng.DEBUG_DATA_SPACE_VIRTUAL:
         return
     proc = util.selected_process()
@@ -349,12 +361,12 @@ def on_memory_changed(space):
     # Not great, but invalidate the whole space
     # UI will only re-fetch what it needs
     # But, some observations will not be recovered
-    with commands.STATE.client.batch():
+    with trace.client.batch():
         with trace.open_tx("Memory changed"):
             commands.putmem_state(0, 2**64, 'unknown')
 
 
-def on_cont(*args):
+def on_cont(*args) -> None:
     # print("ON CONT")
     proc = util.selected_process()
     if proc not in PROC_STATE:
@@ -363,32 +375,55 @@ def on_cont(*args):
     if trace is None:
         return
     state = PROC_STATE[proc]
-    with commands.STATE.client.batch():
+    with trace.client.batch():
         with trace.open_tx("Continued"):
             state.record_continued()
     return DbgEng.DEBUG_STATUS_GO
 
 
-def on_stop(*args):
+def on_stop(*args) -> None:
-    # print("ON STOP")
     proc = util.selected_process()
     if proc not in PROC_STATE:
-        # print("not in state")
         return
     trace = commands.STATE.trace
     if trace is None:
-        # print("no trace")
         return
     state = PROC_STATE[proc]
     state.visited.clear()
-    with commands.STATE.client.batch():
+    time = update_position()
+    with trace.client.batch():
         with trace.open_tx("Stopped"):
-            state.record("Stopped")
+            description = util.compute_description(time, "Stopped")
+            state.record(description, time)
             commands.put_event_thread()
             commands.activate()
 
 
-def on_exited(proc):
+def update_position() -> Optional[Schedule]:
+    """Update the position."""
+    posobj = util.get_object("State.DebuggerVariables.curthread.TTD.Position")
+    if posobj is None:
+        return None
+    pos = util.pos2split(posobj)
+    lpos = util.get_last_position()
+    if lpos is None:
+        return util.split2schedule(pos)
+
+    minpos, maxpos = (lpos, pos) if lpos < pos else (pos, lpos)
+    evts = list(util.ttd.evttypes.keys())
+    minidx = bisect_left(evts, minpos)
+    maxidx = bisect_right(evts, maxpos)
+    types = set(util.ttd.evttypes[p] for p in evts[minidx:maxidx])
+    if "modload" in types or "modunload" in types:
+        on_modules_changed()
+    if "threadcreated" in types or "threadterm" in types:
+        on_threads_changed()
+
+    util.set_last_position(pos)
+    return util.split2schedule(pos)
+
+
+def on_exited(proc) -> None:
     # print("ON EXITED")
     if proc not in PROC_STATE:
         # print("not in state")
@@ -400,14 +435,14 @@ def on_exited(proc):
     state.visited.clear()
     exit_code = util.GetExitCode()
     description = "Exited with code {}".format(exit_code)
-    with commands.STATE.client.batch():
+    with trace.client.batch():
         with trace.open_tx(description):
             state.record_exited(exit_code, description)
             commands.activate()
 
 
 @log_errors
-def on_modules_changed(*args):
+def on_modules_changed(*args) -> None:
     # print("ON_MODULES_CHANGED")
     proc = util.selected_process()
     if proc not in PROC_STATE:
@@ -416,7 +451,7 @@ def on_modules_changed(*args):
     return DbgEng.DEBUG_STATUS_GO
 
 
-def on_breakpoint_created(bp):
+def on_breakpoint_created(bp) -> None:
     # print("ON_BREAKPOINT_CREATED")
     proc = util.selected_process()
     if proc not in PROC_STATE:
@@ -426,15 +461,14 @@ def on_breakpoint_created(bp):
     if trace is None:
         return
     ibpath = commands.PROC_BREAKS_PATTERN.format(procnum=proc)
-    with commands.STATE.client.batch():
+    with trace.client.batch():
         with trace.open_tx("Breakpoint {} created".format(bp.GetId())):
             ibobj = trace.create_object(ibpath)
-            # Do not use retain_values or it'll remove other locs
             commands.put_single_breakpoint(bp, ibobj, proc, [])
             ibobj.insert()
 
 
-def on_breakpoint_modified(*args):
+def on_breakpoint_modified(*args) -> None:
     # print("BREAKPOINT_MODIFIED")
     proc = util.selected_process()
     if proc not in PROC_STATE:
@@ -454,7 +488,7 @@ def on_breakpoint_modified(*args):
     return on_breakpoint_created(bp)
 
 
-def on_breakpoint_deleted(bpid):
+def on_breakpoint_deleted(bpid) -> None:
     proc = util.selected_process()
     if proc not in PROC_STATE:
         return
@@ -463,25 +497,25 @@ def on_breakpoint_deleted(bpid):
     if trace is None:
         return
     bpath = commands.PROC_BREAK_PATTERN.format(procnum=proc, breaknum=bpid)
-    with commands.STATE.client.batch():
+    with trace.client.batch():
         with trace.open_tx("Breakpoint {} deleted".format(bpid)):
             trace.proxy_object_path(bpath).remove(tree=True)
 
 
 @log_errors
-def on_breakpoint_hit(*args):
+def on_breakpoint_hit(*args) -> None:
     # print("ON_BREAKPOINT_HIT: args={}".format(args))
     return DbgEng.DEBUG_STATUS_BREAK
 
 
 @log_errors
-def on_exception(*args):
+def on_exception(*args) -> None:
     # print("ON_EXCEPTION: args={}".format(args))
-    return DbgEng.DEBUG_STATUS_BREAK
+    return DbgEng.DEBUG_STATUS_NO_CHANGE
 
 
 @util.dbg.eng_thread
-def install_hooks():
+def install_hooks() -> None:
     # print("Installing hooks")
     if HOOK_STATE.installed:
         return
@@ -489,6 +523,23 @@ def install_hooks():
 
     events = util.dbg._base.events
 
+    if util.is_remote():
+        events.engine_state(handler=on_state_changed_async)
+        events.debuggee_state(handler=on_debuggee_changed_async)
+        events.session_status(handler=on_session_status_changed_async)
+        events.symbol_state(handler=on_symbol_state_changed_async)
+        events.system_error(handler=on_system_error_async)
+
+        events.create_process(handler=on_new_process_async)
+        events.exit_process(handler=on_process_deleted_async)
+        events.create_thread(handler=on_threads_changed_async)
+        events.exit_thread(handler=on_threads_changed_async)
+        events.module_load(handler=on_modules_changed_async)
+        events.unload_module(handler=on_modules_changed_async)
+
+        events.breakpoint(handler=on_breakpoint_hit_async)
+        events.exception(handler=on_exception_async)
+    else:
         events.engine_state(handler=on_state_changed)
         events.debuggee_state(handler=on_debuggee_changed)
         events.session_status(handler=on_session_status_changed)
@@ -507,7 +558,7 @@ def install_hooks():
 
 
 @util.dbg.eng_thread
-def remove_hooks():
+def remove_hooks() -> None:
     # print("Removing hooks")
     if not HOOK_STATE.installed:
         return
@@ -515,15 +566,70 @@ def remove_hooks():
     util.dbg._base._reset_callbacks()
 
 
-def enable_current_process():
+def enable_current_process() -> None:
     # print("Enable current process")
     proc = util.selected_process()
     # print("proc: {}".format(proc))
     PROC_STATE[proc] = ProcessState()
 
 
-def disable_current_process():
+def disable_current_process() -> None:
     proc = util.selected_process()
     if proc in PROC_STATE:
         # Silently ignore already disabled
         del PROC_STATE[proc]
+
+
+@log_errors
+def on_state_changed_async(*args) -> None:
+    util.dbg.run_async(on_state_changed, *args)
+
+
+@log_errors
+def on_debuggee_changed_async(*args) -> None:
+    util.dbg.run_async(on_debuggee_changed, *args)
+
+
+@log_errors
+def on_session_status_changed_async(*args) -> None:
+    util.dbg.run_async(on_session_status_changed, *args)
+
+
+@log_errors
+def on_symbol_state_changed_async(*args) -> None:
+    util.dbg.run_async(on_symbol_state_changed, *args)
+
+
+@log_errors
+def on_system_error_async(*args) -> None:
+    util.dbg.run_async(on_system_error, *args)
+
+
+@log_errors
+def on_new_process_async(*args) -> None:
+    util.dbg.run_async(on_new_process, *args)
+
+
+@log_errors
+def on_process_deleted_async(*args) -> None:
+    util.dbg.run_async(on_process_deleted, *args)
+
+
+@log_errors
+def on_threads_changed_async(*args) -> None:
+    util.dbg.run_async(on_threads_changed, *args)
+
+
+@log_errors
+def on_modules_changed_async(*args) -> None:
+    util.dbg.run_async(on_modules_changed, *args)
+
+
+@log_errors
+def on_breakpoint_hit_async(*args) -> None:
+    util.dbg.run_async(on_breakpoint_hit, *args)
+
+
+@log_errors
+def on_exception_async(*args) -> None:
+    util.dbg.run_async(on_exception, *args)

Ghidra/Debug/Debugger-agent-dbgeng/src/main/py/src/ghidradbg/libraries.py

@@ -17,8 +17,8 @@ import ctypes
 import os
 import platform
 
-import comtypes
+import comtypes  # type: ignore
-import comtypes.client
+import comtypes.client  # type: ignore
 from ghidradbg import dbgmodel
 
 
@@ -26,9 +26,9 @@ ctypes.windll.kernel32.SetErrorMode(0x0001 | 0x0002 | 0x8000)
 
 
 try:
-    from comtypes.gen import DbgMod
+    from comtypes.gen import DbgMod  # type: ignore
 except:
     tlb = os.path.join(dbgmodel.module_locator(), 'tlb', 'dbgmodel.tlb')
     print(f"Loading TLB: {tlb}")
     comtypes.client.GetModule(tlb)
-    from comtypes.gen import DbgMod
+    from comtypes.gen import DbgMod  # type: ignore

Ghidra/Debug/Debugger-agent-dbgeng/src/main/py/src/ghidradbg/methods.py

@@ -18,11 +18,13 @@ from contextlib import redirect_stdout
 from io import StringIO
 import re
 import sys
+from typing import Annotated, Any, Dict, Optional
 
 from ghidratrace import sch
-from ghidratrace.client import MethodRegistry, ParamDesc, Address, AddressRange
+from ghidratrace.client import (MethodRegistry, ParamDesc, Address,
-from pybag import pydbg
+                                AddressRange, Schedule, TraceObject)
-from pybag.dbgeng import core as DbgEng, exception
+from pybag import pydbg  # type: ignore
+from pybag.dbgeng import core as DbgEng, exception  # type: ignore
 
 from . import util, commands
 
@@ -31,32 +33,43 @@ REGISTRY = MethodRegistry(ThreadPoolExecutor(
     max_workers=1, thread_name_prefix='MethodRegistry'))
 
 
-def extre(base, ext):
+def extre(base: re.Pattern, ext: str) -> re.Pattern:
     return re.compile(base.pattern + ext)
 
 
-AVAILABLE_PATTERN = re.compile('Available\[(?P<pid>\\d*)\]')
+WATCHPOINT_PATTERN = re.compile('Watchpoints\\[(?P<watchnum>\\d*)\\]')
-WATCHPOINT_PATTERN = re.compile('Watchpoints\[(?P<watchnum>\\d*)\]')
+BREAKPOINT_PATTERN = re.compile('Breakpoints\\[(?P<breaknum>\\d*)\\]')
-BREAKPOINT_PATTERN = re.compile('Breakpoints\[(?P<breaknum>\\d*)\]')
+BREAK_LOC_PATTERN = extre(BREAKPOINT_PATTERN, '\\[(?P<locnum>\\d*)\\]')
-BREAK_LOC_PATTERN = extre(BREAKPOINT_PATTERN, '\[(?P<locnum>\\d*)\]')
 SESSIONS_PATTERN = re.compile('Sessions')
-SESSION_PATTERN = extre(SESSIONS_PATTERN, '\[(?P<snum>\\d*)\]')
+SESSION_PATTERN = extre(SESSIONS_PATTERN, '\\[(?P<snum>\\d*)\\]')
-PROCESSES_PATTERN = extre(SESSION_PATTERN, '\.Processes')
+AVAILABLE_PATTERN = extre(SESSION_PATTERN, '\\.Available\\[(?P<pid>\\d*)\\]')
-PROCESS_PATTERN = extre(PROCESSES_PATTERN, '\[(?P<procnum>\\d*)\]')
+PROCESSES_PATTERN = extre(SESSION_PATTERN, '\\.Processes')
-PROC_BREAKS_PATTERN = extre(PROCESS_PATTERN, '\.Debug.Breakpoints')
+PROCESS_PATTERN = extre(PROCESSES_PATTERN, '\\[(?P<procnum>\\d*)\\]')
-PROC_BREAKBPT_PATTERN = extre(PROC_BREAKS_PATTERN, '\[(?P<breaknum>\\d*)\]')
+PROC_DEBUG_PATTERN = extre(PROCESS_PATTERN, '.Debug')
-ENV_PATTERN = extre(PROCESS_PATTERN, '\.Environment')
+PROC_BREAKS_PATTERN = extre(PROC_DEBUG_PATTERN, '\\.Breakpoints')
-THREADS_PATTERN = extre(PROCESS_PATTERN, '\.Threads')
+PROC_BREAKBPT_PATTERN = extre(PROC_BREAKS_PATTERN, '\\[(?P<breaknum>\\d*)\\]')
-THREAD_PATTERN = extre(THREADS_PATTERN, '\[(?P<tnum>\\d*)\]')
+ENV_PATTERN = extre(PROCESS_PATTERN, '\\.Environment')
-STACK_PATTERN = extre(THREAD_PATTERN, '\.Stack.Frames')
+THREADS_PATTERN = extre(PROCESS_PATTERN, '\\.Threads')
-FRAME_PATTERN = extre(STACK_PATTERN, '\[(?P<level>\\d*)\]')
+THREAD_PATTERN = extre(THREADS_PATTERN, '\\[(?P<tnum>\\d*)\\]')
-REGS_PATTERN0 = extre(THREAD_PATTERN, '.Registers')
+STACK_PATTERN = extre(THREAD_PATTERN, '\\.Stack.Frames')
-REGS_PATTERN = extre(FRAME_PATTERN, '.Registers')
+FRAME_PATTERN = extre(STACK_PATTERN, '\\[(?P<level>\\d*)\\]')
-MEMORY_PATTERN = extre(PROCESS_PATTERN, '\.Memory')
+REGS_PATTERN0 = extre(THREAD_PATTERN, '\\.Registers')
-MODULES_PATTERN = extre(PROCESS_PATTERN, '\.Modules')
+REGS_PATTERN = extre(FRAME_PATTERN, '\\.Registers')
+MEMORY_PATTERN = extre(PROCESS_PATTERN, '\\.Memory')
+MODULES_PATTERN = extre(PROCESS_PATTERN, '\\.Modules')
+PROC_EVENTS_PATTERN = extre(PROC_DEBUG_PATTERN, '\\.Events')
+PROC_EVENT_PATTERN = extre(PROC_EVENTS_PATTERN, '\\[(?P<eventnum>\\d*)\\]')
+PROC_EVENT_CONT_PATTERN = extre(PROC_EVENT_PATTERN, '.Cont')
+PROC_EVENT_EXEC_PATTERN = extre(PROC_EVENT_PATTERN, '.Exec')
+PROC_EXCEPTIONS_PATTERN = extre(PROC_DEBUG_PATTERN, '\\.Exceptions')
+PROC_EXCEPTION_PATTERN = extre(
+    PROC_EXCEPTIONS_PATTERN, '\\[(?P<excnum>\\d*)\\]')
+PROC_EXCEPTION_CONT_PATTERN = extre(PROC_EXCEPTION_PATTERN, '.Cont')
+PROC_EXCEPTION_EXEC_PATTERN = extre(PROC_EXCEPTION_PATTERN, '.Exec')
 
 
-def find_availpid_by_pattern(pattern, object, err_msg):
+def find_availpid_by_pattern(pattern: re.Pattern, object: TraceObject,
+                             err_msg: str) -> int:
     mat = pattern.fullmatch(object.path)
     if mat is None:
         raise TypeError(f"{object} is not {err_msg}")
@@ -64,17 +77,18 @@ def find_availpid_by_pattern(pattern, object, err_msg):
     return pid
 
 
-def find_availpid_by_obj(object):
+def find_availpid_by_obj(object: TraceObject) -> int:
-    return find_availpid_by_pattern(AVAILABLE_PATTERN, object, "an Available")
+    return find_availpid_by_pattern(AVAILABLE_PATTERN, object, "an Attachable")
 
 
-def find_proc_by_num(id):
+def find_proc_by_num(id: int) -> int:
     if id != util.selected_process():
         util.select_process(id)
     return util.selected_process()
 
 
-def find_proc_by_pattern(object, pattern, err_msg):
+def find_proc_by_pattern(object: TraceObject, pattern: re.Pattern,
+                         err_msg: str) -> int:
     mat = pattern.fullmatch(object.path)
     if mat is None:
         raise TypeError(f"{object} is not {err_msg}")
@@ -82,43 +96,39 @@ def find_proc_by_pattern(object, pattern, err_msg):
     return find_proc_by_num(procnum)
 
 
-def find_proc_by_obj(object):
+def find_proc_by_obj(object: TraceObject) -> int:
     return find_proc_by_pattern(object, PROCESS_PATTERN, "an Process")
 
 
-def find_proc_by_procbreak_obj(object):
+def find_proc_by_procbreak_obj(object: TraceObject) -> int:
     return find_proc_by_pattern(object, PROC_BREAKS_PATTERN,
                                 "a BreakpointLocationContainer")
 
 
-def find_proc_by_procwatch_obj(object):
+def find_proc_by_env_obj(object: TraceObject) -> int:
-    return find_proc_by_pattern(object, PROC_WATCHES_PATTERN,
-                                "a WatchpointContainer")
-
-
-def find_proc_by_env_obj(object):
     return find_proc_by_pattern(object, ENV_PATTERN, "an Environment")
 
 
-def find_proc_by_threads_obj(object):
+def find_proc_by_threads_obj(object: TraceObject) -> int:
     return find_proc_by_pattern(object, THREADS_PATTERN, "a ThreadContainer")
 
 
-def find_proc_by_mem_obj(object):
+def find_proc_by_mem_obj(object: TraceObject) -> int:
     return find_proc_by_pattern(object, MEMORY_PATTERN, "a Memory")
 
 
-def find_proc_by_modules_obj(object):
+def find_proc_by_modules_obj(object: TraceObject) -> int:
     return find_proc_by_pattern(object, MODULES_PATTERN, "a ModuleContainer")
 
 
-def find_thread_by_num(id):
+def find_thread_by_num(id: int) -> Optional[int]:
     if id != util.selected_thread():
         util.select_thread(id)
     return util.selected_thread()
 
 
-def find_thread_by_pattern(pattern, object, err_msg):
+def find_thread_by_pattern(pattern: re.Pattern, object: TraceObject,
+                           err_msg: str) -> Optional[int]:
     mat = pattern.fullmatch(object.path)
     if mat is None:
         raise TypeError(f"{object} is not {err_msg}")
@@ -128,27 +138,29 @@ def find_thread_by_pattern(pattern, object, err_msg):
     return find_thread_by_num(tnum)
 
 
-def find_thread_by_obj(object):
+def find_thread_by_obj(object: TraceObject) -> Optional[int]:
     return find_thread_by_pattern(THREAD_PATTERN, object, "a Thread")
 
 
-def find_thread_by_stack_obj(object):
+def find_thread_by_stack_obj(object: TraceObject) -> Optional[int]:
     return find_thread_by_pattern(STACK_PATTERN, object, "a Stack")
 
 
-def find_thread_by_regs_obj(object):
+def find_thread_by_regs_obj(object: TraceObject) -> Optional[int]:
-    return find_thread_by_pattern(REGS_PATTERN0, object, "a RegisterValueContainer")
+    return find_thread_by_pattern(REGS_PATTERN0, object,
+                                  "a RegisterValueContainer")
 
 
 @util.dbg.eng_thread
-def find_frame_by_level(level):
+def find_frame_by_level(level: int) -> DbgEng._DEBUG_STACK_FRAME:
     for f in util.dbg._base.backtrace_list():
         if f.FrameNumber == level:
             return f
     # return dbg().backtrace_list()[level]
 
 
-def find_frame_by_pattern(pattern, object, err_msg):
+def find_frame_by_pattern(pattern: re.Pattern, object: TraceObject,
+                          err_msg: str) -> DbgEng._DEBUG_STACK_FRAME:
     mat = pattern.fullmatch(object.path)
     if mat is None:
         raise TypeError(f"{object} is not {err_msg}")
@@ -160,11 +172,11 @@ def find_frame_by_pattern(pattern, object, err_msg):
     return find_frame_by_level(level)
 
 
-def find_frame_by_obj(object):
+def find_frame_by_obj(object: TraceObject) -> DbgEng._DEBUG_STACK_FRAME:
     return find_frame_by_pattern(FRAME_PATTERN, object, "a StackFrame")
 
 
-def find_bpt_by_number(breaknum):
+def find_bpt_by_number(breaknum: int) -> DbgEng.IDebugBreakpoint:
     try:
         bp = dbg()._control.GetBreakpointById(breaknum)
         return bp
@@ -172,7 +184,8 @@ def find_bpt_by_number(breaknum):
         raise KeyError(f"Breakpoints[{breaknum}] does not exist")
 
 
-def find_bpt_by_pattern(pattern, object, err_msg):
+def find_bpt_by_pattern(pattern: re.Pattern, object: TraceObject,
+                        err_msg: str) -> DbgEng.IDebugBreakpoint:
     mat = pattern.fullmatch(object.path)
     if mat is None:
         raise TypeError(f"{object} is not {err_msg}")
@@ -180,14 +193,143 @@ def find_bpt_by_pattern(pattern, object, err_msg):
     return find_bpt_by_number(breaknum)
 
 
-def find_bpt_by_obj(object):
+def find_bpt_by_obj(object: TraceObject) -> DbgEng.IDebugBreakpoint:
     return find_bpt_by_pattern(PROC_BREAKBPT_PATTERN, object, "a BreakpointSpec")
 
 
-shared_globals = dict()
+def find_evt_by_number(eventnum: int) -> DbgEng._DEBUG_SPECIFIC_FILTER_PARAMETERS:
+    try:
+        return util.GetSpecificFilterParameters(eventnum, 1)
+    except exception.E_NOINTERFACE_Error:
+        raise KeyError(f"Events[{eventnum}] does not exist")
 
 
-@REGISTRY.method
+def find_evt_by_pattern(pattern: re.Pattern, object: TraceObject,
+                        err_msg: str) -> DbgEng._DEBUG_SPECIFIC_FILTER_PARAMETERS:
+    mat = pattern.fullmatch(object.path)
+    if mat is None:
+        raise TypeError(f"{object} is not {err_msg}")
+    eventnum = int(mat['eventnum'])
+    return (eventnum, find_evt_by_number(eventnum))
+
+
+def find_evt_cont_by_obj(object: TraceObject) -> DbgEng._DEBUG_SPECIFIC_FILTER_PARAMETERS:
+    return find_evt_by_pattern(PROC_EVENT_CONT_PATTERN, object, "as Event")
+
+
+def find_evt_exec_by_obj(object: TraceObject) -> DbgEng._DEBUG_SPECIFIC_FILTER_PARAMETERS:
+    return find_evt_by_pattern(PROC_EVENT_EXEC_PATTERN, object, "as Event")
+
+
+def find_exc_by_number(excnum: int) -> DbgEng._DEBUG_EXCEPTION_FILTER_PARAMETERS:
+    try:
+        (n_events, n_spec_exc, n_arb_exc) = util.GetNumberEventFilters()
+        return util.GetExceptionFilterParameters(n_events + excnum, None, 1)
+    except exception.E_NOINTERFACE_Error:
+        raise KeyError(f"Events[{excnum}] does not exist")
+
+
+def find_exc_by_pattern(pattern: re.Pattern, object: TraceObject,
+                        err_msg: str) -> DbgEng._DEBUG_EXCEPTION_FILTER_PARAMETERS:
+    mat = pattern.fullmatch(object.path)
+    if mat is None:
+        raise TypeError(f"{object} is not {err_msg}")
+    excnum = int(mat['excnum'])
+    return (excnum, find_exc_by_number(excnum))
+
+
+def find_exc_cont_by_obj(object: TraceObject) -> DbgEng._DEBUG_SPECIFIC_FILTER_PARAMETERS:
+    return find_exc_by_pattern(PROC_EXCEPTION_CONT_PATTERN, object, "as Exception")
+
+
+def find_exc_exec_by_obj(object: TraceObject) -> DbgEng._DEBUG_SPECIFIC_FILTER_PARAMETERS:
+    return find_exc_by_pattern(PROC_EXCEPTION_EXEC_PATTERN, object, "as Exception")
+
+
+shared_globals: Dict[str, Any] = dict()
+
+
+class Session(TraceObject):
+    pass
+
+
+class AvailableContainer(TraceObject):
+    pass
+
+
+class BreakpointContainer(TraceObject):
+    pass
+
+
+class ProcessContainer(TraceObject):
+    pass
+
+
+class Environment(TraceObject):
+    pass
+
+
+class ThreadContainer(TraceObject):
+    pass
+
+
+class Stack(TraceObject):
+    pass
+
+
+class RegisterValueContainer(TraceObject):
+    pass
+
+
+class Memory(TraceObject):
+    pass
+
+
+class ModuleContainer(TraceObject):
+    pass
+
+
+class State(TraceObject):
+    pass
+
+
+class Process(TraceObject):
+    pass
+
+
+class Thread(TraceObject):
+    pass
+
+
+class StackFrame(TraceObject):
+    pass
+
+
+class Attachable(TraceObject):
+    pass
+
+
+class BreakpointSpec(TraceObject):
+    pass
+
+
+class EventContainer(TraceObject):
+    pass
+
+
+class ExceptionContainer(TraceObject):
+    pass
+
+
+class ContinueOption(TraceObject):
+    pass
+
+
+class ExecutionOption(TraceObject):
+    pass
+
+
+@REGISTRY.method()
 # @util.dbg.eng_thread
 def execute(cmd: str, to_string: bool = False):
     """Execute a Python3 command or script."""
@@ -206,59 +348,110 @@ def execute(cmd: str, to_string: bool=False):
 @REGISTRY.method(action='evaluate', display='Evaluate')
 # @util.dbg.eng_thread
 def evaluate(
-	session: sch.Schema('Session'),
+        session: Session,
- 	expr: ParamDesc(str, display='Expr')):
+        expr: Annotated[str, ParamDesc(display='Expr')]) -> str:
     """Evaluate a Python3 expression."""
     return str(eval(expr, shared_globals))
 
 
-@REGISTRY.method(action='refresh', display="Refresh", condition=util.dbg.use_generics)
+@REGISTRY.method(action='refresh', display="Refresh",
-def refresh_generic(node: sch.OBJECT):
+                 condition=util.dbg.use_generics)
-    """List processes on pydbg's host system."""
+def refresh_generic(node: TraceObject) -> None:
+    """List the children for a generic node."""
     with commands.open_tracked_tx('Refresh Generic'):
         commands.ghidra_trace_put_generic(node)
 
 
 @REGISTRY.method(action='refresh', display='Refresh Available')
-def refresh_available(node: sch.Schema('AvailableContainer')):
+def refresh_available(node: AvailableContainer) -> None:
     """List processes on pydbg's host system."""
     with commands.open_tracked_tx('Refresh Available'):
         commands.ghidra_trace_put_available()
 
 
 @REGISTRY.method(action='refresh', display='Refresh Breakpoints')
-def refresh_breakpoints(node: sch.Schema('BreakpointContainer')):
+def refresh_breakpoints(node: BreakpointContainer) -> None:
-    """
+    """Refresh the list of breakpoints (including locations for the current
-    Refresh the list of breakpoints (including locations for the current
+    process)."""
-    process).
-    """
     with commands.open_tracked_tx('Refresh Breakpoints'):
         commands.ghidra_trace_put_breakpoints()
 
 
+@REGISTRY.method(action='refresh', display='Refresh Events')
+def refresh_events(node: EventContainer) -> None:
+    """
+    Refresh the list of control events.
+    """
+    with commands.open_tracked_tx('Refresh Events'):
+        commands.ghidra_trace_put_events()
+
+
+@REGISTRY.method(action='refresh', display='Refresh Exceptions')
+def refresh_exceptions(node: ExceptionContainer) -> None:
+    """
+    Refresh the list of exceptions.
+    """
+    with commands.open_tracked_tx('Refresh Exceptions'):
+        commands.ghidra_trace_put_exceptions()
+
+
+@REGISTRY.method(action='toggle', display='Toggle Execution Option')
+def toggle_exec(node: ExecutionOption, enabled: bool) -> None:
+    """
+    Toggle the execution option
+    """
+    if "Events" in str(node):
+        (n, events) = find_evt_exec_by_obj(node)
+        with commands.open_tracked_tx('Toggle Execution Option'):
+            commands.toggle_evt_exec_option(n, events)
+            commands.ghidra_trace_put_events()
+    elif "Exceptions" in str(node):
+        (n, events) = find_exc_exec_by_obj(node)
+        with commands.open_tracked_tx('Toggle Execution Option'):
+            commands.toggle_exc_exec_option(n, events)
+            commands.ghidra_trace_put_exceptions()
+
+
+@REGISTRY.method(action='toggle', display='Toggle Continue Option')
+def toggle_cont(node: ContinueOption, enabled: bool) -> None:
+    """
+    Toggle the execution option
+    """
+    if "Events" in str(node):
+        (n, events) = find_evt_cont_by_obj(node)
+        with commands.open_tracked_tx('Toggle Execution Option'):
+            commands.toggle_evt_cont_option(n, events)
+            commands.ghidra_trace_put_events()
+    elif "Exceptions" in str(node):
+        (n, events) = find_exc_cont_by_obj(node)
+        with commands.open_tracked_tx('Toggle Execution Option'):
+            commands.toggle_exc_cont_option(n, events)
+            commands.ghidra_trace_put_exceptions()
+
+
 @REGISTRY.method(action='refresh', display='Refresh Processes')
-def refresh_processes(node: sch.Schema('ProcessContainer')):
+def refresh_processes(node: ProcessContainer) -> None:
     """Refresh the list of processes."""
     with commands.open_tracked_tx('Refresh Processes'):
         commands.ghidra_trace_put_processes()
 
 
 @REGISTRY.method(action='refresh', display='Refresh Environment')
-def refresh_environment(node: sch.Schema('Environment')):
+def refresh_environment(node: Environment) -> None:
     """Refresh the environment descriptors (arch, os, endian)."""
     with commands.open_tracked_tx('Refresh Environment'):
         commands.ghidra_trace_put_environment()
 
 
 @REGISTRY.method(action='refresh', display='Refresh Threads')
-def refresh_threads(node: sch.Schema('ThreadContainer')):
+def refresh_threads(node: ThreadContainer) -> None:
     """Refresh the list of threads in the process."""
     with commands.open_tracked_tx('Refresh Threads'):
         commands.ghidra_trace_put_threads()
 
 
 @REGISTRY.method(action='refresh', display='Refresh Stack')
-def refresh_stack(node: sch.Schema('Stack')):
+def refresh_stack(node: Stack) -> None:
     """Refresh the backtrace for the thread."""
     tnum = find_thread_by_stack_obj(node)
     util.reset_frames()
@@ -269,46 +462,69 @@ def refresh_stack(node: sch.Schema('Stack')):
 
 
 @REGISTRY.method(action='refresh', display='Refresh Registers')
-def refresh_registers(node: sch.Schema('RegisterValueContainer')):
+def refresh_registers(node: RegisterValueContainer) -> None:
-    """Refresh the register values for the selected frame"""
+    """Refresh the register values for the selected frame."""
     tnum = find_thread_by_regs_obj(node)
     with commands.open_tracked_tx('Refresh Registers'):
         commands.ghidra_trace_putreg()
 
 
 @REGISTRY.method(action='refresh', display='Refresh Memory')
-def refresh_mappings(node: sch.Schema('Memory')):
+def refresh_mappings(node: Memory) -> None:
     """Refresh the list of memory regions for the process."""
     with commands.open_tracked_tx('Refresh Memory Regions'):
         commands.ghidra_trace_put_regions()
 
 
 @REGISTRY.method(action='refresh', display='Refresh Modules')
-def refresh_modules(node: sch.Schema('ModuleContainer')):
+def refresh_modules(node: ModuleContainer) -> None:
-    """
+    """Refresh the modules and sections list for the process.
-    Refresh the modules and sections list for the process.
 
-    This will refresh the sections for all modules, not just the selected one.
+    This will refresh the sections for all modules, not just the
+    selected one.
     """
     with commands.open_tracked_tx('Refresh Modules'):
         commands.ghidra_trace_put_modules()
 
 
+@REGISTRY.method(action='refresh', display='Refresh Events')
+def refresh_trace_events(node: State) -> None:
+    """
+    Refresh the events list for a trace.
+    """
+    with commands.open_tracked_tx('Refresh Events'):
+        commands.ghidra_trace_put_trace_events()
+
+
+@util.dbg.eng_thread
+def do_maybe_activate_time(time: Optional[str]) -> None:
+    if time is not None:
+        sch: Schedule = Schedule.parse(time)
+        dbg().cmd(f"!tt " + util.schedule2ss(sch), quiet=False)
+        dbg().wait()
+
+
 @REGISTRY.method(action='activate')
-def activate_process(process: sch.Schema('Process')):
+def activate_process(process: Process,
+                     time: Optional[str] = None) -> None:
     """Switch to the process."""
+    do_maybe_activate_time(time)
     find_proc_by_obj(process)
 
 
 @REGISTRY.method(action='activate')
-def activate_thread(thread: sch.Schema('Thread')):
+def activate_thread(thread: Thread,
+                    time: Optional[str] = None) -> None:
     """Switch to the thread."""
+    do_maybe_activate_time(time)
     find_thread_by_obj(thread)
 
 
 @REGISTRY.method(action='activate')
-def activate_frame(frame: sch.Schema('StackFrame')):
+def activate_frame(frame: StackFrame,
+                   time: Optional[str] = None) -> None:
     """Select the frame."""
+    do_maybe_activate_time(time)
     f = find_frame_by_obj(frame)
     util.select_frame(f.FrameNumber)
     with commands.open_tracked_tx('Refresh Stack'):
@@ -319,7 +535,7 @@ def activate_frame(frame: sch.Schema('StackFrame')):
 
 @REGISTRY.method(action='delete')
 @util.dbg.eng_thread
-def remove_process(process: sch.Schema('Process')):
+def remove_process(process: Process) -> None:
     """Remove the process."""
     find_proc_by_obj(process)
     dbg().detach_proc()
@@ -328,15 +544,15 @@ def remove_process(process: sch.Schema('Process')):
 @REGISTRY.method(action='connect', display='Connect')
 @util.dbg.eng_thread
 def target(
-	session: sch.Schema('Session'), 
+        session: Session,
-	cmd: ParamDesc(str, display='Command')):
+        cmd: Annotated[str, ParamDesc(display='Command')]) -> None:
     """Connect to a target machine or process."""
     dbg().attach_kernel(cmd)
 
 
 @REGISTRY.method(action='attach', display='Attach')
 @util.dbg.eng_thread
-def attach_obj(target: sch.Schema('Attachable')):
+def attach_obj(target: Attachable) -> None:
     """Attach the process to the given target."""
     pid = find_availpid_by_obj(target)
     dbg().attach_proc(pid)
@@ -345,74 +561,90 @@ def attach_obj(target: sch.Schema('Attachable')):
 @REGISTRY.method(action='attach', display='Attach by pid')
 @util.dbg.eng_thread
 def attach_pid(
-	session: sch.Schema('Session'), 
+        session: Session,
-	pid: ParamDesc(str, display='PID')):
+        pid: Annotated[int, ParamDesc(display='PID')]) -> None:
     """Attach the process to the given target."""
-    dbg().attach_proc(int(pid))
+    dbg().attach_proc(pid)
 
 
 @REGISTRY.method(action='attach', display='Attach by name')
 @util.dbg.eng_thread
 def attach_name(
-	session: sch.Schema('Session'), 
+        session: Session,
-	name: ParamDesc(str, display='Name')):
+        name: Annotated[str, ParamDesc(display='Name')]) -> None:
     """Attach the process to the given target."""
     dbg().attach_proc(name)
 
 
 @REGISTRY.method(action='detach', display='Detach')
 @util.dbg.eng_thread
-def detach(process: sch.Schema('Process')):
+def detach(process: Process) -> None:
     """Detach the process's target."""
     dbg().detach_proc()
 
 
 @REGISTRY.method(action='launch', display='Launch')
 def launch_loader(
-		session: sch.Schema('Session'),
+        session: Session,
-        file: ParamDesc(str, display='File'),
+        file: Annotated[str, ParamDesc(display='File')],
-        args: ParamDesc(str, display='Arguments')=''):
+        args: Annotated[str, ParamDesc(display='Arguments')] = '',
-    """
+        timeout: Annotated[int, ParamDesc(display='Timeout')] = -1,
-    Start a native process with the given command line, stopping at the ntdll initial breakpoint.
+        wait: Annotated[bool, ParamDesc(
-    """
+            display='Wait',
+            description='Perform the initial WaitForEvents')] = False) -> None:
+    """Start a native process with the given command line, stopping at the
+    ntdll initial breakpoint."""
     command = file
     if args != None:
         command += " " + args
-    commands.ghidra_trace_create(command=file, start_trace=False)
+    commands.ghidra_trace_create(command=command, start_trace=False,
+                                 timeout=timeout, wait=wait)
 
 
 @REGISTRY.method(action='launch', display='LaunchEx')
 def launch(
-		session: sch.Schema('Session'),
+        session: Session,
-        file: ParamDesc(str, display='File'),
+        file: Annotated[str, ParamDesc(display='File')],
-        args: ParamDesc(str, display='Arguments')='',
+        args: Annotated[str, ParamDesc(display='Arguments')] = '',
-        initial_break: ParamDesc(bool, display='Initial Break')=True,
+        initial_break: Annotated[bool, ParamDesc(
-        timeout: ParamDesc(int, display='Timeout')=-1):
+            display='Initial Break')] = True,
-    """
+        timeout: Annotated[int, ParamDesc(display='Timeout')] = -1,
-    Run a native process with the given command line.
+        wait: Annotated[bool, ParamDesc(
-    """
+            display='Wait',
+            description='Perform the initial WaitForEvents')] = False) -> None:
+    """Run a native process with the given command line."""
     command = file
     if args != None:
         command += " " + args
-    commands.ghidra_trace_create(
+    commands.ghidra_trace_create(command=command, start_trace=False,
-        command, initial_break=initial_break, timeout=timeout, start_trace=False)
+                                 initial_break=initial_break,
+                                 timeout=timeout, wait=wait)
 
 
-@REGISTRY.method
+@REGISTRY.method()
 @util.dbg.eng_thread
-def kill(process: sch.Schema('Process')):
+def kill(process: Process) -> None:
     """Kill execution of the process."""
     commands.ghidra_trace_kill()
 
 
-@REGISTRY.method(action='resume')
+@REGISTRY.method(action='resume', display="Go")
-def go(process: sch.Schema('Process')):
+def go(process: Process) -> None:
     """Continue execution of the process."""
     util.dbg.run_async(lambda: dbg().go())
 
 
-@REGISTRY.method
+@REGISTRY.method(action='step_ext', display='Go (backwards)',
-def interrupt(process: sch.Schema('Process')):
+                 icon='icon.debugger.resume.back', condition=util.dbg.IS_TRACE)
+@util.dbg.eng_thread
+def go_back(process: Process) -> None:
+    """Continue execution of the process backwards."""
+    dbg().cmd("g-")
+    dbg().wait()
+
+
+@REGISTRY.method()
+def interrupt(process: Process) -> None:
     """Interrupt the execution of the debugged program."""
     # SetInterrupt is reentrant, so bypass the thread checks
     util.dbg._protected_base._control.SetInterrupt(
@@ -420,45 +652,80 @@ def interrupt(process: sch.Schema('Process')):
 
 
 @REGISTRY.method(action='step_into')
-def step_into(thread: sch.Schema('Thread'), n: ParamDesc(int, display='N')=1):
+def step_into(thread: Thread,
+              n: Annotated[int, ParamDesc(display='N')] = 1) -> None:
     """Step one instruction exactly."""
     find_thread_by_obj(thread)
     util.dbg.run_async(lambda: dbg().stepi(n))
 
 
 @REGISTRY.method(action='step_over')
-def step_over(thread: sch.Schema('Thread'), n: ParamDesc(int, display='N')=1):
+def step_over(thread: Thread,
+              n: Annotated[int, ParamDesc(display='N')] = 1) -> None:
     """Step one instruction, but proceed through subroutine calls."""
     find_thread_by_obj(thread)
     util.dbg.run_async(lambda: dbg().stepo(n))
 
 
+@REGISTRY.method(action='step_ext', display='Step Into (backwards)',
+                 icon='icon.debugger.step.back.into',
+                 condition=util.dbg.IS_TRACE)
+@util.dbg.eng_thread
+def step_back_into(thread: Thread,
+                   n: Annotated[int, ParamDesc(display='N')] = 1) -> None:
+    """Step one instruction backward exactly."""
+    dbg().cmd("t- " + str(n))
+    dbg().wait()
+
+
+@REGISTRY.method(action='step_ext', display='Step Over (backwards)',
+                 icon='icon.debugger.step.back.over',
+                 condition=util.dbg.IS_TRACE)
+@util.dbg.eng_thread
+def step_back_over(thread: Thread,
+                   n: Annotated[int, ParamDesc(display='N')] = 1) -> None:
+    """Step one instruction backward, but proceed through subroutine calls."""
+    dbg().cmd("p- " + str(n))
+    dbg().wait()
+
+
 @REGISTRY.method(action='step_out')
-def step_out(thread: sch.Schema('Thread')):
+def step_out(thread: Thread) -> None:
     """Execute until the current stack frame returns."""
     find_thread_by_obj(thread)
     util.dbg.run_async(lambda: dbg().stepout())
 
 
 @REGISTRY.method(action='step_to', display='Step To')
-def step_to(thread: sch.Schema('Thread'), address: Address, max=None):
+def step_to(thread: Thread, address: Address,
+            max: Optional[int] = None) -> None:
     """Continue execution up to the given address."""
     find_thread_by_obj(thread)
     # TODO: The address may need mapping.
     util.dbg.run_async(lambda: dbg().stepto(address.offset, max))
 
 
+@REGISTRY.method(action='go_to_time', display='Go To (event)',
+                 condition=util.dbg.IS_TRACE)
+@util.dbg.eng_thread
+def go_to_time(node: State,
+               evt: Annotated[str, ParamDesc(display='Event')]) -> None:
+    """Reset the trace to a specific time."""
+    dbg().cmd("!tt " + evt)
+    dbg().wait()
+
+
 @REGISTRY.method(action='break_sw_execute')
 @util.dbg.eng_thread
-def break_address(process: sch.Schema('Process'), address: Address):
+def break_address(process: Process, address: Address) -> None:
     """Set a breakpoint."""
     find_proc_by_obj(process)
     dbg().bp(expr=address.offset)
 
 
-@REGISTRY.method(action='break_sw_execute')
+@REGISTRY.method(action='break_ext', display='Set Breakpoint')
 @util.dbg.eng_thread
-def break_expression(expression: str):
+def break_expression(expression: str) -> None:
     """Set a breakpoint."""
     # TODO: Escape?
     dbg().bp(expr=expression)
@@ -466,68 +733,71 @@ def break_expression(expression: str):
 
 @REGISTRY.method(action='break_hw_execute')
 @util.dbg.eng_thread
-def break_hw_address(process: sch.Schema('Process'), address: Address):
+def break_hw_address(process: Process, address: Address) -> None:
     """Set a hardware-assisted breakpoint."""
     find_proc_by_obj(process)
     dbg().ba(expr=address.offset)
 
 
-@REGISTRY.method(action='break_hw_execute')
+@REGISTRY.method(action='break_ext', display='Set Hardware Breakpoint')
 @util.dbg.eng_thread
-def break_hw_expression(expression: str):
+def break_hw_expression(expression: str) -> None:
     """Set a hardware-assisted breakpoint."""
     dbg().ba(expr=expression)
 
 
 @REGISTRY.method(action='break_read')
 @util.dbg.eng_thread
-def break_read_range(process: sch.Schema('Process'), range: AddressRange):
+def break_read_range(process: Process, range: AddressRange) -> None:
-    """Set a read watchpoint."""
+    """Set a read breakpoint."""
     find_proc_by_obj(process)
-    dbg().ba(expr=range.min, size=range.length(), access=DbgEng.DEBUG_BREAK_READ)
+    dbg().ba(expr=range.min, size=range.length(),
+             access=DbgEng.DEBUG_BREAK_READ)
 
 
-@REGISTRY.method(action='break_read')
+@REGISTRY.method(action='break_ext', display='Set Read Breakpoint')
 @util.dbg.eng_thread
-def break_read_expression(expression: str):
+def break_read_expression(expression: str) -> None:
-    """Set a read watchpoint."""
+    """Set a read breakpoint."""
     dbg().ba(expr=expression, access=DbgEng.DEBUG_BREAK_READ)
 
 
 @REGISTRY.method(action='break_write')
 @util.dbg.eng_thread
-def break_write_range(process: sch.Schema('Process'), range: AddressRange):
+def break_write_range(process: Process, range: AddressRange) -> None:
-    """Set a watchpoint."""
+    """Set a write breakpoint."""
     find_proc_by_obj(process)
-    dbg().ba(expr=range.min, size=range.length(), access=DbgEng.DEBUG_BREAK_WRITE)
+    dbg().ba(expr=range.min, size=range.length(),
+             access=DbgEng.DEBUG_BREAK_WRITE)
 
 
-@REGISTRY.method(action='break_write')
+@REGISTRY.method(action='break_ext', display='Set Write Breakpoint')
 @util.dbg.eng_thread
-def break_write_expression(expression: str):
+def break_write_expression(expression: str) -> None:
-    """Set a watchpoint."""
+    """Set a write breakpoint."""
     dbg().ba(expr=expression, access=DbgEng.DEBUG_BREAK_WRITE)
 
 
 @REGISTRY.method(action='break_access')
 @util.dbg.eng_thread
-def break_access_range(process: sch.Schema('Process'), range: AddressRange):
+def break_access_range(process: Process, range: AddressRange) -> None:
-    """Set an access watchpoint."""
+    """Set an access breakpoint."""
     find_proc_by_obj(process)
     dbg().ba(expr=range.min, size=range.length(),
              access=DbgEng.DEBUG_BREAK_READ | DbgEng.DEBUG_BREAK_WRITE)
 
 
-@REGISTRY.method(action='break_access')
+@REGISTRY.method(action='break_ext', display='Set Access Breakpoint')
 @util.dbg.eng_thread
-def break_access_expression(expression: str):
+def break_access_expression(expression: str) -> None:
-    """Set an access watchpoint."""
+    """Set an access breakpoint."""
-    dbg().ba(expr=expression, access=DbgEng.DEBUG_BREAK_READ | DbgEng.DEBUG_BREAK_WRITE)
+    dbg().ba(expr=expression,
+             access=DbgEng.DEBUG_BREAK_READ | DbgEng.DEBUG_BREAK_WRITE)
 
 
-@REGISTRY.method(action='toggle')
+@REGISTRY.method(action='toggle', display='Toggle Breakpoint')
 @util.dbg.eng_thread
-def toggle_breakpoint(breakpoint: sch.Schema('BreakpointSpec'), enabled: bool):
+def toggle_breakpoint(breakpoint: BreakpointSpec, enabled: bool) -> None:
     """Toggle a breakpoint."""
     bpt = find_bpt_by_obj(breakpoint)
     if enabled:
@@ -536,47 +806,59 @@ def toggle_breakpoint(breakpoint: sch.Schema('BreakpointSpec'), enabled: bool):
         dbg().bd(bpt.GetId())
 
 
-@REGISTRY.method(action='delete')
+@REGISTRY.method(action='delete', display='Delete Breakpoint')
 @util.dbg.eng_thread
-def delete_breakpoint(breakpoint: sch.Schema('BreakpointSpec')):
+def delete_breakpoint(breakpoint: BreakpointSpec) -> None:
     """Delete a breakpoint."""
     bpt = find_bpt_by_obj(breakpoint)
     dbg().cmd("bc {}".format(bpt.GetId()))
 
 
-@REGISTRY.method
+@REGISTRY.method()
 @util.dbg.eng_thread
-def read_mem(process: sch.Schema('Process'), range: AddressRange):
+def read_mem(process: Process, range: AddressRange) -> None:
     """Read memory."""
     # print("READ_MEM: process={}, range={}".format(process, range))
     nproc = find_proc_by_obj(process)
-    offset_start = process.trace.memory_mapper.map_back(
+    offset_start = process.trace.extra.require_mm().map_back(
         nproc, Address(range.space, range.min))
     with commands.open_tracked_tx('Read Memory'):
         result = commands.put_bytes(
-            offset_start, offset_start + range.length() - 1, pages=True, display_result=False)
+            offset_start, offset_start + range.length() - 1, pages=True,
+            display_result=False)
         if result['count'] == 0:
             commands.putmem_state(
                 offset_start, offset_start + range.length() - 1, 'error')
 
 
-@REGISTRY.method
+@REGISTRY.method()
 @util.dbg.eng_thread
-def write_mem(process: sch.Schema('Process'), address: Address, data: bytes):
+def write_mem(process: Process, address: Address, data: bytes) -> None:
     """Write memory."""
     nproc = find_proc_by_obj(process)
-    offset = process.trace.memory_mapper.map_back(nproc, address)
+    offset = process.trace.extra.required_mm().map_back(nproc, address)
     dbg().write(offset, data)
 
 
-@REGISTRY.method
+@REGISTRY.method()
 @util.dbg.eng_thread
-def write_reg(frame: sch.Schema('StackFrame'), name: str, value: bytes):
+def write_reg(frame: StackFrame, name: str, value: bytes) -> None:
     """Write a register."""
-    util.select_frame()
+    f = find_frame_by_obj(frame)
+    util.select_frame(f.FrameNumber)
     nproc = pydbg.selected_process()
     dbg().reg._set_register(name, value)
 
 
+@REGISTRY.method(display='Refresh Events (custom)', condition=util.dbg.IS_TRACE)
+@util.dbg.eng_thread
+def refresh_trace_events_custom(node: State,
+                                cmd: Annotated[str, ParamDesc(display='Cmd')],
+                                prefix: Annotated[str, ParamDesc(display='Prefix')] = "dx -r2 @$cursession.TTD") -> None:
+    """Parse TTD objects generated from a LINQ command."""
+    with commands.open_tracked_tx('Put Events (custom)'):
+        commands.ghidra_trace_put_trace_events_custom(prefix, cmd)
+
+
 def dbg():
     return util.dbg._base

Ghidra/Debug/Debugger-agent-dbgeng/src/main/py/src/ghidradbg/schema.xml

@@ -1,8 +1,9 @@
 <context>
 	<schema name="DbgRoot" canonical="yes" elementResync="NEVER" attributeResync="NEVER">
+		<interface name="EventScope" />
 		<attribute name="Sessions" schema="SessionContainer" required="yes" fixed="yes" />
 		<attribute name="Settings" schema="ANY" />
-		<attribute name="State" schema="ANY" />
+		<attribute name="State" schema="State" />
 		<attribute-alias from="_state" to="State" />
 		<attribute name="Utility" schema="ANY" />
 		<attribute name="_display" schema="STRING" hidden="yes" />
@@ -16,7 +17,6 @@
 	</schema>
 	<schema name="Session" elementResync="NEVER" attributeResync="NEVER">
 		<interface name="Activatable" />
-		<interface name="EventScope" />
 		<interface name="FocusScope" />
 		<interface name="Aggregate" />
 		<element schema="VOID" />
@@ -28,6 +28,11 @@
 		<attribute name="_order" schema="INT" hidden="yes" />
 		<attribute schema="ANY"/>
 	</schema>
+	<schema name="State" canonical="yes" elementResync="NEVER" attributeResync="NEVER">
+		<element schema="VOID" />
+		<attribute name="_order" schema="INT" hidden="yes" />
+		<attribute schema="ANY"/>
+	</schema>
 	<schema name="Selectable" elementResync="NEVER" attributeResync="NEVER">
 		<element schema="OBJECT" />
 		<attribute name="_order" schema="INT" hidden="yes" />
@@ -37,6 +42,8 @@
 		<interface name="Aggregate" />
 		<element schema="VOID" />
 		<attribute name="Breakpoints" schema="BreakpointContainer" required="yes" />
+		<attribute name="Events" schema="EventContainer" required="yes" />
+		<attribute name="Exceptions" schema="ExceptionContainer" required="yes" />
 		<attribute name="_order" schema="INT" hidden="yes" />
 		<attribute schema="VOID" />
 	</schema>
@@ -45,6 +52,42 @@
 		<attribute name="_order" schema="INT" hidden="yes" />
 		<attribute schema="ANY" />
 	</schema>
+	<schema name="EventContainer" canonical="yes" elementResync="NEVER" attributeResync="NEVER">
+		<element schema="Event" />
+		<attribute name="_order" schema="INT" hidden="yes" />
+		<attribute schema="ANY" />
+	</schema>
+	<schema name="Event" canonical="yes" elementResync="NEVER" attributeResync="NEVER">
+		<element schema="ANY" />
+		<attribute name="Cont" schema="ContinueOption" />
+		<attribute name="Exec" schema="ExecutionOption" />
+		<attribute name="_order" schema="INT" hidden="yes" />
+		<attribute schema="ANY" />
+	</schema>
+	<schema name="ExceptionContainer" canonical="yes" elementResync="NEVER" attributeResync="NEVER">
+		<element schema="Exception" />
+		<attribute name="_order" schema="INT" hidden="yes" />
+		<attribute schema="ANY" />
+	</schema>
+	<schema name="Exception" canonical="yes" elementResync="NEVER" attributeResync="NEVER">
+		<element schema="ANY" />
+		<attribute name="Cont" schema="ContinueOption" />
+		<attribute name="Exec" schema="ExecutionOption" />
+		<attribute name="_order" schema="INT" hidden="yes" />
+		<attribute schema="ANY" />
+	</schema>
+	<schema name="ContinueOption" canonical="yes" elementResync="NEVER" attributeResync="NEVER">
+		<interface name="Togglable" />
+		<element schema="VOID" />
+		<attribute name="_order" schema="INT" hidden="yes" />
+		<attribute schema="ANY" />
+	</schema>
+	<schema name="ExecutionOption" canonical="yes" elementResync="NEVER" attributeResync="NEVER">
+		<interface name="Togglable" />
+		<element schema="VOID" />
+		<attribute name="_order" schema="INT" hidden="yes" />
+		<attribute schema="ANY" />
+	</schema>
 	<schema name="AvailableContainer" canonical="yes" elementResync="ALWAYS" attributeResync="NEVER">
 		<element schema="Attachable" />
 		<attribute name="_order" schema="INT" hidden="yes" />

Ghidra/Debug/Debugger-agent-dbgeng/src/main/py/src/ghidradbg/schema_exdi.xml

@@ -1,5 +1,6 @@
 <context>
 	<schema name="DbgRoot" canonical="yes" elementResync="NEVER" attributeResync="NEVER">
+		<interface name="EventScope" />
 		<attribute name="Sessions" schema="SessionContainer" required="yes" fixed="yes" />
 		<attribute name="Settings" schema="ANY" />
 		<attribute name="State" schema="ANY" />
@@ -16,7 +17,6 @@
 	</schema>
 	<schema name="Session" elementResync="NEVER" attributeResync="NEVER">
 		<interface name="Activatable" />
-		<interface name="EventScope" />
 		<interface name="FocusScope" />
 		<interface name="Aggregate" />
 		<element schema="VOID" />

Ghidra/Debug/Debugger-agent-dbgeng/src/main/py/src/ghidradbg/util.py

@@ -13,10 +13,16 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 ##
+from comtypes.automation import VARIANT  # type: ignore
+
+from ghidratrace.client import Schedule
+from .dbgmodel.imodelobject import ModelObject
+from capstone import CsInsn  # type: ignore
+from _winapi import STILL_ACTIVE
 from collections import namedtuple
 from concurrent.futures import Future
 import concurrent.futures
-from ctypes import *
+from ctypes import POINTER, byref, c_ulong, c_ulonglong, create_string_buffer
 import functools
 import io
 import os
@@ -25,20 +31,22 @@ import re
 import sys
 import threading
 import traceback
+from typing import Any, Callable, Dict, Iterable, List, Optional, Sequence, Tuple, TypeVar, Union, cast
 
-from comtypes import CoClass, GUID
+from comtypes import CoClass, GUID  # type: ignore
-import comtypes
+import comtypes  # type: ignore
-from comtypes.gen import DbgMod
+from comtypes.gen import DbgMod  # type: ignore
-from comtypes.hresult import S_OK
+from comtypes.hresult import S_OK, S_FALSE  # type: ignore
-from pybag import pydbg, userdbg, kerneldbg, crashdbg
-from pybag.dbgeng import core as DbgEng
-from pybag.dbgeng import exception
-from pybag.dbgeng import util as DbgUtil
-from pybag.dbgeng.callbacks import DbgEngCallbacks
-
 from ghidradbg.dbgmodel.ihostdatamodelaccess import HostDataModelAccess
-from _winapi import STILL_ACTIVE
+from ghidradbg.dbgmodel.imodelmethod import ModelMethod
+from pybag import pydbg, userdbg, kerneldbg, crashdbg  # type: ignore
+from pybag.dbgeng import core as DbgEng  # type: ignore
+from pybag.dbgeng import exception  # type: ignore
+from pybag.dbgeng import util as DbgUtil  # type: ignore
+from pybag.dbgeng.callbacks import DbgEngCallbacks  # type: ignore
+from pybag.dbgeng.idebugclient import DebugClient  # type: ignore
 
+DESCRIPTION_PATTERN = '[{major:X}:{minor:X}] {type}'
 
 DbgVersion = namedtuple('DbgVersion', ['full', 'name', 'dotted', 'arch'])
 
@@ -80,6 +88,7 @@ class StdInputCallbacks(CoClass):
 
 
 class _Worker(threading.Thread):
+
     def __init__(self, new_base, work_queue, dispatch):
         super().__init__(name='DbgWorker', daemon=True)
         self.new_base = new_base
@@ -108,6 +117,7 @@ class _Worker(threading.Thread):
 # https://github.com/python/cpython/blob/main/Lib/concurrent/futures/thread.py
 # accessed 9 Jan 2024
 class _WorkItem(object):
+
     def __init__(self, future, fn, args, kwargs):
         self.future = future
         self.fn = fn
@@ -129,30 +139,35 @@ class DebuggeeRunningException(BaseException):
     pass
 
 
+T = TypeVar('T')
+
+
 class DbgExecutor(object):
-    def __init__(self, ghidra_dbg):
+
+    def __init__(self, ghidra_dbg: 'GhidraDbg') -> None:
         self._ghidra_dbg = ghidra_dbg
-        self._work_queue = queue.SimpleQueue()
+        self._work_queue: queue.SimpleQueue = queue.SimpleQueue()
         self._thread = _Worker(ghidra_dbg._new_base,
                                self._work_queue, ghidra_dbg._dispatch_events)
         self._thread.start()
         self._executing = False
 
-    def submit(self, fn, /, *args, **kwargs):
+    def submit(self, fn: Callable[..., T], /, *args, **kwargs) -> Future[T]:
         f = self._submit_no_exit(fn, *args, **kwargs)
         self._ghidra_dbg.exit_dispatch()
         return f
 
-    def _submit_no_exit(self, fn, /, *args, **kwargs):
+    def _submit_no_exit(self, fn: Callable[..., T], /,
-        f = Future()
+                        *args, **kwargs) -> Future[T]:
-        if self._executing:
+        f: Future[T] = Future()
+        if self._executing and self._ghidra_dbg.IS_REMOTE == False:
             f.set_exception(DebuggeeRunningException("Debuggee is Running"))
             return f
         w = _WorkItem(f, fn, args, kwargs)
         self._work_queue.put(w)
         return f
 
-    def _clear_queue(self):
+    def _clear_queue(self) -> None:
         while True:
             try:
                 work_item = self._work_queue.get_nowait()
@@ -161,11 +176,12 @@ class DbgExecutor(object):
             work_item.future.set_exception(
                 DebuggeeRunningException("Debuggee is Running"))
 
-    def _state_execute(self):
+    def _state_execute(self) -> None:
         self._executing = True
+        if self._ghidra_dbg.IS_REMOTE == False:
             self._clear_queue()
 
-    def _state_break(self):
+    def _state_break(self) -> None:
         self._executing = False
 
 
@@ -196,8 +212,12 @@ class AllDbg(pydbg.DebuggerBase):
     load_dump = crashdbg.CrashDbg.load_dump
 
 
+C = TypeVar('C', bound=Callable[..., Any])
+
+
 class GhidraDbg(object):
-    def __init__(self):
+
+    def __init__(self) -> None:
         self._queue = DbgExecutor(self)
         self._thread = self._queue._thread
         # Wait for the executor to be operational before getting base
@@ -239,18 +259,33 @@ class GhidraDbg(object):
             setattr(self, name, self.eng_thread(getattr(base, name)))
         self.IS_KERNEL = False
         self.IS_EXDI = False
+        self.IS_REMOTE: bool = os.getenv('OPT_CONNECT_STRING') is not None
+        self.IS_TRACE: bool = os.getenv('USE_TTD') == "true"
 
-    def _new_base(self):
+    def _new_base(self) -> None:
+        remote = os.getenv('OPT_CONNECT_STRING')
+        if remote is not None:
+            remote_client = DbgEng.DebugConnect(remote)
+            debug_client = self._generate_client(remote_client)
+            self._protected_base = AllDbg(client=debug_client)
+        else:
             self._protected_base = AllDbg()
 
+    def _generate_client(self, original: DebugClient) -> DebugClient:
+        cli = POINTER(DbgEng.IDebugClient)()
+        cliptr = POINTER(POINTER(DbgEng.IDebugClient))(cli)
+        hr = original.CreateClient(cliptr)
+        exception.check_err(hr)
+        return DebugClient(client=cli)
+
     @property
-    def _base(self):
+    def _base(self) -> AllDbg:
         if threading.current_thread() is not self._thread:
             raise WrongThreadException("Was {}. Want {}".format(
                 threading.current_thread(), self._thread))
         return self._protected_base
 
-    def run(self, fn, *args, **kwargs):
+    def run(self, fn: Callable[..., T], *args, **kwargs) -> T:
         # TODO: Remove this check?
         if hasattr(self, '_thread') and threading.current_thread() is self._thread:
             raise WrongThreadException()
@@ -262,59 +297,60 @@ class GhidraDbg(object):
             except concurrent.futures.TimeoutError:
                 pass
 
-    def run_async(self, fn, *args, **kwargs):
+    def run_async(self, fn: Callable[..., T], *args, **kwargs) -> Future[T]:
         return self._queue.submit(fn, *args, **kwargs)
 
     @staticmethod
-    def check_thread(func):
+    def check_thread(func: C) -> C:
-        '''
+        """For methods inside of GhidraDbg, ensure it runs on the dbgeng
-        For methods inside of GhidraDbg, ensure it runs on the dbgeng
+        thread."""
-        thread
+
-        '''
         @functools.wraps(func)
-        def _func(self, *args, **kwargs):
+        def _func(self, *args, **kwargs) -> Any:
             if threading.current_thread() is self._thread:
                 return func(self, *args, **kwargs)
             else:
                 return self.run(func, self, *args, **kwargs)
-        return _func
 
-    def eng_thread(self, func):
+        return cast(C, _func)
-        '''
+
-        For methods and functions outside of GhidraDbg, ensure it
+    def eng_thread(self, func: C) -> C:
-        runs on this GhidraDbg's dbgeng thread
+        """For methods and functions outside of GhidraDbg, ensure it runs on
-        '''
+        this GhidraDbg's dbgeng thread."""
+
         @functools.wraps(func)
-        def _func(*args, **kwargs):
+        def _func(*args, **kwargs) -> Any:
             if threading.current_thread() is self._thread:
                 return func(*args, **kwargs)
             else:
                 return self.run(func, *args, **kwargs)
-        return _func
 
-    def _ces_exec_status(self, argument):
+        return cast(C, _func)
+
+    def _ces_exec_status(self, argument: int):
         if argument & 0xfffffff == DbgEng.DEBUG_STATUS_BREAK:
             self._queue._state_break()
         else:
             self._queue._state_execute()
 
     @check_thread
-    def _install_stdin(self):
+    def _install_stdin(self) -> None:
         self.input = StdInputCallbacks(self)
         self._base._client.SetInputCallbacks(self.input)
 
     # Manually decorated to preserve undecorated
-    def _dispatch_events(self, timeout=DbgEng.WAIT_INFINITE):
+    def _dispatch_events(self, timeout: int = DbgEng.WAIT_INFINITE) -> None:
         # NB: pybag's impl doesn't heed standalone
         self._protected_base._client.DispatchCallbacks(timeout)
+
     dispatch_events = check_thread(_dispatch_events)
 
     # no check_thread. Must allow reentry
-    def exit_dispatch(self):
+    def exit_dispatch(self) -> None:
         self._protected_base._client.ExitDispatch()
 
     @check_thread
-    def cmd(self, cmdline, quiet=True):
+    def cmd(self, cmdline: str, quiet: bool = True) -> str:
         # NB: pybag's impl always captures.
         # Here, we let it print without capture if quiet is False
         if quiet:
@@ -330,20 +366,20 @@ class GhidraDbg(object):
             return self._base._control.Execute(cmdline)
 
     @check_thread
-    def return_input(self, input):
+    def return_input(self, input: str) -> None:
         # TODO: Contribute fix upstream (check_hr -> check_err)
         # return self._base._control.ReturnInput(input.encode())
         hr = self._base._control._ctrl.ReturnInput(input.encode())
         exception.check_err(hr)
 
-    def interrupt(self):
+    def interrupt(self) -> None:
         # Contribute upstream?
         # NOTE: This can be called from any thread
         self._protected_base._control.SetInterrupt(
             DbgEng.DEBUG_INTERRUPT_ACTIVE)
 
     @check_thread
-    def get_current_system_id(self):
+    def get_current_system_id(self) -> int:
         # TODO: upstream?
         sys_id = c_ulong()
         hr = self._base._systems._sys.GetCurrentSystemId(byref(sys_id))
@@ -351,7 +387,7 @@ class GhidraDbg(object):
         return sys_id.value
 
     @check_thread
-    def get_prompt_text(self):
+    def get_prompt_text(self) -> str:
         # TODO: upstream?
         size = c_ulong()
         hr = self._base._control._ctrl.GetPromptText(None, 0, byref(size))
@@ -360,12 +396,12 @@ class GhidraDbg(object):
         return prompt_buf.value.decode()
 
     @check_thread
-    def get_actual_processor_type(self):
+    def get_actual_processor_type(self) -> int:
         return self._base._control.GetActualProcessorType()
 
     @property
     @check_thread
-    def pid(self):
+    def pid(self) -> Optional[int]:
         try:
             if is_kernel():
                 return 0
@@ -375,20 +411,31 @@ class GhidraDbg(object):
             return None
 
 
+class TTDState(object):
+
+    def __init__(self) -> None:
+        self._first: Optional[Tuple[int, int]] = None
+        self._last: Optional[Tuple[int, int]] = None
+        self._lastpos: Optional[Tuple[int, int]] = None
+        self.evttypes: Dict[Tuple[int, int], str] = {}
+        self.MAX_STEP: int
+
+
 dbg = GhidraDbg()
+ttd = TTDState()
 
 
 @dbg.eng_thread
-def compute_pydbg_ver():
+def compute_pydbg_ver() -> DbgVersion:
     pat = re.compile(
         '(?P<name>.*Debugger.*) Version (?P<dotted>[\\d\\.]*) (?P<arch>\\w*)')
     blurb = dbg.cmd('version')
-    matches = [pat.match(l) for l in blurb.splitlines() if pat.match(l)]
+    matches_opt = [pat.match(l) for l in blurb.splitlines()]
+    matches = [m for m in matches_opt if m is not None]
     if len(matches) == 0:
         return DbgVersion('Unknown', 'Unknown', '0', 'Unknown')
     m = matches[0]
     return DbgVersion(full=m.group(), **m.groupdict())
-    name, dotted_and_arch = full.split(' Version ')
 
 
 DBG_VERSION = compute_pydbg_ver()
@@ -399,26 +446,27 @@ def get_target():
 
 
 @dbg.eng_thread
-def disassemble1(addr):
+def disassemble1(addr: int) -> CsInsn:
-    return DbgUtil.disassemble_instruction(dbg._base.bitness(), addr, dbg.read(addr, 15))
+    data = dbg.read(addr, 15)  # type:ignore
+    return DbgUtil.disassemble_instruction(dbg._base.bitness(), addr, data)
 
 
-def get_inst(addr):
+def get_inst(addr: int) -> str:
     return str(disassemble1(addr))
 
 
-def get_inst_sz(addr):
+def get_inst_sz(addr: int) -> int:
     return int(disassemble1(addr).size)
 
 
 @dbg.eng_thread
-def get_breakpoints():
+def get_breakpoints() -> Iterable[Tuple[str, str, str, str, str]]:
     ids = [bpid for bpid in dbg._base.breakpoints]
-    offset_set = []
+    offset_set: List[str] = []
-    expr_set = []
+    expr_set: List[str] = []
-    prot_set = []
+    prot_set: List[str] = []
-    width_set = []
+    width_set: List[str] = []
-    stat_set = []
+    stat_set: List[str] = []
     for bpid in ids:
         try:
             bp = dbg._base._control.GetBreakpointById(bpid)
@@ -454,7 +502,7 @@ def get_breakpoints():
 
 
 @dbg.eng_thread
-def selected_process():
+def selected_process() -> int:
     try:
         if is_exdi():
             return 0
@@ -462,7 +510,8 @@ def selected_process():
             do = dbg._base._systems.GetCurrentProcessDataOffset()
             id = c_ulong()
             offset = c_ulonglong(do)
-            nproc = dbg._base._systems._sys.GetProcessIdByDataOffset(offset, byref(id))
+            nproc = dbg._base._systems._sys.GetProcessIdByDataOffset(
+                offset, byref(id))
             return id.value
         if dbg.use_generics:
             return dbg._base._systems.GetCurrentProcessSystemId()
@@ -473,7 +522,7 @@ def selected_process():
 
 
 @dbg.eng_thread
-def selected_process_space():
+def selected_process_space() -> int:
     try:
         if is_exdi():
             return 0
@@ -486,7 +535,7 @@ def selected_process_space():
 
 
 @dbg.eng_thread
-def selected_thread():
+def selected_thread() -> Optional[int]:
     try:
         if is_kernel():
             return 0
@@ -498,7 +547,7 @@ def selected_thread():
 
 
 @dbg.eng_thread
-def selected_frame():
+def selected_frame() -> Optional[int]:
     try:
         line = dbg.cmd('.frame').strip()
         if not line:
@@ -511,40 +560,47 @@ def selected_frame():
         return None
 
 
+def require(t: Optional[T]) -> T:
+    if t is None:
+        raise ValueError("Unexpected None")
+    return t
+
+
 @dbg.eng_thread
-def select_process(id: int):
+def select_process(id: int) -> None:
     if is_kernel():
         # TODO: Ideally this should get the data offset from the id and then call
         #  SetImplicitProcessDataOffset
         return
     if dbg.use_generics:
-        id = get_proc_id(id)
+        id = require(get_proc_id(id))
     return dbg._base._systems.SetCurrentProcessId(id)
 
 
 @dbg.eng_thread
-def select_thread(id: int):
+def select_thread(id: int) -> None:
     if is_kernel():
         # TODO: Ideally this should get the data offset from the id and then call
         #  SetImplicitThreadDataOffset
         return
     if dbg.use_generics:
-        id = get_thread_id(id)
+        id = require(get_thread_id(id))
     return dbg._base._systems.SetCurrentThreadId(id)
 
 
 @dbg.eng_thread
-def select_frame(id: int):
+def select_frame(id: int) -> str:
     return dbg.cmd('.frame /c {}'.format(id))
 
 
 @dbg.eng_thread
-def reset_frames():
+def reset_frames() -> str:
     return dbg.cmd('.cxr')
 
 
 @dbg.eng_thread
-def parse_and_eval(expr, type=None):
+def parse_and_eval(expr: Union[str, int],
+                   type: Optional[int] = None) -> Union[int, float, bytes]:
     if isinstance(expr, int):
         return expr
     # TODO: This could be contributed upstream
@@ -575,20 +631,22 @@ def parse_and_eval(expr, type=None):
         return value.u.F82Bytes
     if type == DbgEng.DEBUG_VALUE_FLOAT128:
         return value.u.F128Bytes
+    raise ValueError(
+        f"Could not evaluate '{expr}' or convert result '{value}'")
 
 
 @dbg.eng_thread
-def get_pc():
+def get_pc() -> int:
     return dbg._base.reg.get_pc()
 
 
 @dbg.eng_thread
-def get_sp():
+def get_sp() -> int:
     return dbg._base.reg.get_sp()
 
 
 @dbg.eng_thread
-def GetProcessIdsByIndex(count=0):
+def GetProcessIdsByIndex(count: int = 0) -> Tuple[List[int], List[int]]:
     # TODO: This could be contributed upstream?
     if count == 0:
         try:
@@ -601,11 +659,11 @@ def GetProcessIdsByIndex(count=0):
         hr = dbg._base._systems._sys.GetProcessIdsByIndex(
             0, count, ids, sysids)
         exception.check_err(hr)
-    return (tuple(ids), tuple(sysids))
+    return (list(ids), list(sysids))
 
 
 @dbg.eng_thread
-def GetCurrentProcessExecutableName():
+def GetCurrentProcessExecutableName() -> str:
     # TODO: upstream?
     _dbg = dbg._base
     size = c_ulong()
@@ -617,17 +675,15 @@ def GetCurrentProcessExecutableName():
     size = exesize
     hr = _dbg._systems._sys.GetCurrentProcessExecutableName(buffer, size, None)
     exception.check_err(hr)
-    buffer = buffer[:size.value]
+    return buffer.value.decode()
-    buffer = buffer.rstrip(b'\x00')
-    return buffer
 
 
 @dbg.eng_thread
-def GetCurrentProcessPeb():
+def GetCurrentProcessPeb() -> int:
     # TODO: upstream?
     _dbg = dbg._base
     offset = c_ulonglong()
-    if dbg.is_kernel():
+    if is_kernel():
         hr = _dbg._systems._sys.GetCurrentProcessDataOffset(byref(offset))
     else:
         hr = _dbg._systems._sys.GetCurrentProcessPeb(byref(offset))
@@ -636,7 +692,7 @@ def GetCurrentProcessPeb():
 
 
 @dbg.eng_thread
-def GetCurrentThreadTeb():
+def GetCurrentThreadTeb() -> int:
     # TODO: upstream?
     _dbg = dbg._base
     offset = c_ulonglong()
@@ -649,18 +705,120 @@ def GetCurrentThreadTeb():
 
 
 @dbg.eng_thread
-def GetExitCode():
+def GetExitCode() -> int:
     # TODO: upstream?
     if is_kernel():
         return STILL_ACTIVE
     exit_code = c_ulong()
     hr = dbg._base._client._cli.GetExitCode(byref(exit_code))
+    # DebugConnect targets return E_UNEXPECTED but the target is STILL_ACTIVE
+    if hr != S_OK and hr != S_FALSE:
+        return STILL_ACTIVE
     return exit_code.value
 
 
 @dbg.eng_thread
-def process_list(running=False):
+def GetNumberEventFilters() -> Tuple[int, int, int]:
-    """Get the list of all processes"""
+    n_events = c_ulong()
+    n_spec_exc = c_ulong()
+    n_arb_exc = c_ulong()
+    hr = dbg._base._control._ctrl.GetNumberEventFilters(
+        byref(n_events), byref(n_spec_exc), byref(n_arb_exc))
+    exception.check_err(hr)
+    return (n_events.value, n_spec_exc.value, n_arb_exc.value)
+
+
+@dbg.eng_thread
+def GetEventFilterText(index: int, sz: int) -> str:
+    if sz == 0:
+        return "Unknown"
+    len = c_ulong()
+    val = create_string_buffer(sz)
+    hr = dbg._base._control._ctrl.GetEventFilterText(
+        index, val, sz, byref(len))
+    # exception.check_err(hr)
+    if hr != 0:
+        return "Unknown"
+    return val.value[:len.value].decode()
+
+
+@dbg.eng_thread
+def GetEventFilterCommand(index: int, sz: int) -> Union[str, None]:
+    if sz == 0:
+        return None
+    len = c_ulong()
+    val = create_string_buffer(sz)
+    hr = dbg._base._control._ctrl.GetEventFilterCommand(
+        index, val, sz, byref(len))
+    exception.check_err(hr)
+    return val.value[:len.value].decode()
+
+
+@dbg.eng_thread
+def GetExceptionFilterSecondCommand(index: int, sz: int) -> Union[str, None]:
+    if sz == 0:
+        return None
+    len = c_ulong()
+    val = create_string_buffer(sz)
+    hr = dbg._base._control._ctrl.GetExceptionFilterSecondCommand(
+        index, val, sz, byref(len))
+    exception.check_err(hr)
+    return val.value[:len.value].decode()
+
+
+@dbg.eng_thread
+def GetSpecificFilterArgument(index: int, sz: int) -> Union[str, None]:
+    if sz == 0:
+        return None
+    len = c_ulong()
+    val = create_string_buffer(sz)
+    hr = dbg._base._control._ctrl.GetSpecificFilterArgument(
+        index, val, sz, byref(len))
+    exception.check_err(hr)
+    return val.value[:len.value].decode()
+
+
+execution_options = ['enabled', 'disabled', 'output', 'ignore']
+continue_options = ['handled', 'not handled', 'unknown']
+
+
+@dbg.eng_thread
+def GetSpecificFilterParameters(start: int, count: int) -> List[DbgEng._DEBUG_SPECIFIC_FILTER_PARAMETERS]:
+    # For reference, this is how you pass an array of structures!
+    params = (DbgEng._DEBUG_SPECIFIC_FILTER_PARAMETERS * count)()
+    hr = dbg._base._control._ctrl.GetSpecificFilterParameters(
+        start, count, params)
+    exception.check_err(hr)
+    return params
+
+
+@dbg.eng_thread
+def SetSpecificFilterParameters(start: int, count: int, parray: List[DbgEng._DEBUG_SPECIFIC_FILTER_PARAMETERS]) -> None:
+    hr = dbg._base._control._ctrl.SetSpecificFilterParameters(
+        start, count, parray)
+    exception.check_err(hr)
+
+
+@dbg.eng_thread
+def GetExceptionFilterParameters(start: int, codes, count: int) -> List[DbgEng._DEBUG_EXCEPTION_FILTER_PARAMETERS]:
+    # For reference, this is how you pass an array of structures!
+    params = (DbgEng._DEBUG_EXCEPTION_FILTER_PARAMETERS * count)()
+    hr = dbg._base._control._ctrl.GetExceptionFilterParameters(
+        count, codes, start, params)
+    exception.check_err(hr)
+    return params
+
+
+@dbg.eng_thread
+def SetExceptionFilterParameters(count: int, parray: List[DbgEng._DEBUG_EXCEPTION_FILTER_PARAMETERS]) -> None:
+    hr = dbg._base._control._ctrl.SetExceptionFilterParameters(count, parray)
+    exception.check_err(hr)
+
+
+@dbg.eng_thread
+def process_list(running: bool = False) -> Union[
+        Iterable[Tuple[int, str, int]], Iterable[Tuple[int]]]:
+    """Get the list of all processes."""
     _dbg = dbg._base
     ids, sysids = GetProcessIdsByIndex()
     pebs = []
@@ -680,12 +838,16 @@ def process_list(running=False):
         return zip(sysids)
     finally:
         if not running and curid is not None:
+            try:
                 _dbg._systems.SetCurrentProcessId(curid)
+            except Exception as e:
+                print(f"Couldn't restore current process: {e}")
 
 
 @dbg.eng_thread
-def thread_list(running=False):
+def thread_list(running: bool = False) -> Union[
-    """Get the list of all threads"""
+        Iterable[Tuple[int, int, str]], Iterable[Tuple[int]]]:
+    """Get the list of all threads."""
     _dbg = dbg._base
     try:
         ids, sysids = _dbg._systems.GetThreadIdsByIndex()
@@ -713,8 +875,8 @@ def thread_list(running=False):
 
 
 @dbg.eng_thread
-def get_proc_id(pid):
+def get_proc_id(pid: int) -> Optional[int]:
-    """Get the list of all processes"""
+    """Get the id for the given system process id."""
     # TODO: Implement GetProcessIdBySystemId and replace this logic
     _dbg = dbg._base
     map = {}
@@ -728,24 +890,18 @@ def get_proc_id(pid):
     return None
 
 
-def full_mem():
+def full_mem() -> List[DbgEng._MEMORY_BASIC_INFORMATION64]:
-    sizeptr = 64; #int(gdb.parse_and_eval('sizeof(void*)')) * 8
+    info = DbgEng._MEMORY_BASIC_INFORMATION64()
-    infoLow = DbgEng._MEMORY_BASIC_INFORMATION64()
+    info.BaseAddress = 0
-    infoLow.BaseAddress = 0
+    info.RegionSize = (1 << 64) - 1
-    infoLow.RegionSize = (1 << (sizeptr-1))
+    info.Protect = 0xFFF
-    infoLow.Protect = 0xFFF
+    info.Name = "full memory"
-    infoLow.Name = "UMEM"
+    return [info]
-    infoHigh = DbgEng._MEMORY_BASIC_INFORMATION64()
-    infoHigh.BaseAddress = 1 << (sizeptr-1)
-    infoHigh.RegionSize = (1 << (sizeptr-1))
-    infoHigh.Protect = 0xFFF
-    infoHigh.Name = "KMEM"
-    return [ infoLow, infoHigh ]
 
 
 @dbg.eng_thread
-def get_thread_id(tid):
+def get_thread_id(tid: int) -> Optional[int]:
-    """Get the list of all threads"""
+    """Get the id for the given system thread id."""
     # TODO: Implement GetThreadIdBySystemId and replace this logic
     _dbg = dbg._base
     map = {}
@@ -759,7 +915,17 @@ def get_thread_id(tid):
     return None
 
 
-def split_path(pathString):
+@dbg.eng_thread
+def open_trace_or_dump(filename: Union[str, bytes]) -> None:
+    """Open a trace or dump file."""
+    _cli = dbg._base._client._cli
+    if isinstance(filename, str):
+        filename = filename.encode()
+    hr = _cli.OpenDumpFile(filename)
+    exception.check_err(hr)
+
+
+def split_path(pathString: str) -> List[str]:
     list = []
     segs = pathString.split(".")
     for s in segs:
@@ -774,18 +940,23 @@ def split_path(pathString):
     return list
 
 
-def IHostDataModelAccess():
+def IHostDataModelAccess() -> HostDataModelAccess:
-    return HostDataModelAccess(
+    return HostDataModelAccess(dbg._base._client._cli.QueryInterface(
-        dbg._base._client._cli.QueryInterface(interface=DbgMod.IHostDataModelAccess))
+        interface=DbgMod.IHostDataModelAccess))
+
+
+def IModelMethod(method_ptr) -> ModelMethod:
+    return ModelMethod(method_ptr.GetIntrinsicValue().value.QueryInterface(
+        interface=DbgMod.IModelMethod))
 
 
 @dbg.eng_thread
-def get_object(relpath):
+def get_object(relpath: str) -> Optional[ModelObject]:
-    """Get the list of all threads"""
+    """Get the model object at the given path."""
     _cli = dbg._base._client._cli
     access = HostDataModelAccess(_cli.QueryInterface(
         interface=DbgMod.IHostDataModelAccess))
-    (mgr, host) = access.GetDataModel()
+    mgr, host = access.GetDataModel()
     root = mgr.GetRootNamespace()
     pathstr = "Debugger"
     if relpath != '':
@@ -796,24 +967,41 @@ def get_object(relpath):
 
 
 @dbg.eng_thread
-def get_attributes(obj):
+def get_method(context_path: str, method_name: str) -> Optional[ModelMethod]:
-    """Get the list of attributes"""
+    """Get method for the given object (path) and name."""
+    obj = get_object(context_path)
+    if obj is None:
+        return None
+    keys = obj.EnumerateKeys()
+    k, v = keys.GetNext()
+    while k is not None:
+        if k.value == method_name:
+            break
+        (k, v) = keys.GetNext()
+    if k is None:
+        return None
+    return IModelMethod(v)
+
+
+@dbg.eng_thread
+def get_attributes(obj: ModelObject) -> Dict[str, ModelObject]:
+    """Get the list of attributes."""
     if obj is None:
         return None
     return obj.GetAttributes()
 
 
 @dbg.eng_thread
-def get_elements(obj):
+def get_elements(obj: ModelObject) -> List[Tuple[int, ModelObject]]:
-    """Get the list of all threads"""
+    """Get the list of elements."""
     if obj is None:
         return None
     return obj.GetElements()
 
 
 @dbg.eng_thread
-def get_kind(obj):
+def get_kind(obj) -> Optional[int]:
-    """Get the list of all threads"""
+    """Get the kind."""
     if obj is None:
         return None
     kind = obj.GetKind()
@@ -822,65 +1010,66 @@ def get_kind(obj):
     return obj.GetKind().value
 
 
-@dbg.eng_thread
+# DOESN'T WORK YET
-def get_type(obj):
+# @dbg.eng_thread
-    """Get the list of all threads"""
+# def get_type(obj: ModelObject):
-    if obj is None:
+#    """Get the type."""
-        return None
+#    if obj is None:
-    return obj.GetTypeKind()
+#        return None
+#    return obj.GetTypeKind()
 
 
 @dbg.eng_thread
-def get_value(obj):
+def get_value(obj: ModelObject) -> Any:
-    """Get the list of all threads"""
+    """Get the value."""
     if obj is None:
         return None
     return obj.GetValue()
 
 
 @dbg.eng_thread
-def get_intrinsic_value(obj):
+def get_intrinsic_value(obj: ModelObject) -> VARIANT:
-    """Get the list of all threads"""
+    """Get the intrinsic value."""
     if obj is None:
         return None
     return obj.GetIntrinsicValue()
 
 
 @dbg.eng_thread
-def get_target_info(obj):
+def get_target_info(obj: ModelObject) -> ModelObject:
-    """Get the list of all threads"""
+    """Get the target info."""
     if obj is None:
         return None
     return obj.GetTargetInfo()
 
 
 @dbg.eng_thread
-def get_type_info(obj):
+def get_type_info(obj: ModelObject) -> ModelObject:
-    """Get the list of all threads"""
+    """Get the type info."""
     if obj is None:
         return None
     return obj.GetTypeInfo()
 
 
 @dbg.eng_thread
-def get_name(obj):
+def get_name(obj: ModelObject) -> str:
-    """Get the list of all threads"""
+    """Get the name."""
     if obj is None:
         return None
     return obj.GetName().value
 
 
 @dbg.eng_thread
-def to_display_string(obj):
+def to_display_string(obj: ModelObject) -> str:
-    """Get the list of all threads"""
+    """Get the display string."""
     if obj is None:
         return None
     return obj.ToDisplayString()
 
 
 @dbg.eng_thread
-def get_location(obj):
+def get_location(obj: ModelObject) -> Optional[str]:
-    """Get the list of all threads"""
+    """Get the location."""
     if obj is None:
         return None
     try:
@@ -892,10 +1081,10 @@ def get_location(obj):
         return None
 
 
-conv_map = {}
+conv_map: Dict[str, str] = {}
 
 
-def get_convenience_variable(id):
+def get_convenience_variable(id: str) -> Any:
     if id not in conv_map:
         return "auto"
     val = conv_map[id]
@@ -904,19 +1093,89 @@ def get_convenience_variable(id):
     return val
 
 
-def set_convenience_variable(id, value):
+def get_last_position() -> Optional[Tuple[int, int]]:
+    return ttd._lastpos
+
+
+def set_last_position(pos: Tuple[int, int]) -> None:
+    ttd._lastpos = pos
+
+
+def get_event_type(pos: Tuple[int, int]) -> Optional[str]:
+    if ttd.evttypes.__contains__(pos):
+        return ttd.evttypes[pos]
+    return None
+
+
+def split2schedule(pos: Tuple[int, int]) -> Schedule:
+    major, minor = pos
+    return mm2schedule(major, minor)
+
+
+def schedule2split(time: Schedule) -> Tuple[int, int]:
+    return time.snap, time.steps
+
+
+def mm2schedule(major: int, minor: int) -> Schedule:
+    index = int(major)
+    if index < 0 or hasattr(ttd, 'MAX_STEP') and index >= ttd.MAX_STEP:
+        return Schedule(require(ttd._last)[0])
+    if index >= 1 << 63:
+        return Schedule((1 << 63) - 1)
+    return Schedule(index, minor)
+
+
+def pos2split(pos: ModelObject) -> Tuple[int, int]:
+    pmap = get_attributes(pos)
+    major = get_value(pmap["Sequence"])
+    minor = get_value(pmap["Steps"])
+    return (major, minor)
+
+
+def schedule2ss(time: Schedule) -> str:
+    return f'{time.snap:x}:{time.steps:x}'
+
+
+def compute_description(time: Optional[Schedule], fallback: str) -> str:
+    if time is None:
+        return fallback
+    evt_type = get_event_type(schedule2split(time))
+    evt_str = evt_type or fallback
+    return DESCRIPTION_PATTERN.format(major=time.snap, minor=time.steps,
+                                      type=evt_str)
+
+
+def set_convenience_variable(id: str, value: Any) -> None:
     conv_map[id] = value
 
 
-def set_kernel(value):
+def set_kernel(value: bool) -> None:
     dbg.IS_KERNEL = value
 
 
-def is_kernel():
+def is_kernel() -> bool:
     return dbg.IS_KERNEL
 
-def set_exdi(value):
+
+def set_exdi(value: bool) -> None:
     dbg.IS_EXDI = value
 
-def is_exdi():
+
+def is_exdi() -> bool:
     return dbg.IS_EXDI
+
+
+def set_remote(value: bool) -> None:
+    dbg.IS_REMOTE = value
+
+
+def is_remote() -> bool:
+    return dbg.IS_REMOTE
+
+
+def set_trace(value: bool) -> None:
+    dbg.IS_TRACE = value
+
+
+def is_trace() -> bool:
+    return dbg.IS_TRACE

Ghidra/Debug/Debugger-agent-dbgeng/src/main/py/src/ghidrattd/arch.py

@@ -1,212 +0,0 @@
-## ###
-#  IP: GHIDRA
-# 
-#  Licensed under the Apache License, Version 2.0 (the "License");
-#  you may not use this file except in compliance with the License.
-#  You may obtain a copy of the License at
-#  
-#       http://www.apache.org/licenses/LICENSE-2.0
-#  
-#  Unless required by applicable law or agreed to in writing, software
-#  distributed under the License is distributed on an "AS IS" BASIS,
-#  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-#  See the License for the specific language governing permissions and
-#  limitations under the License.
-##
-from ghidratrace.client import Address, RegVal
-
-from pybag import pydbg
-
-from . import util
-
-language_map = {
-    'ARM': ['AARCH64:BE:64:v8A', 'AARCH64:LE:64:AppleSilicon', 'AARCH64:LE:64:v8A', 'ARM:BE:64:v8', 'ARM:LE:64:v8'],
-    'Itanium': [],
-    'x86': ['x86:LE:32:default'],
-    'x86_64': ['x86:LE:64:default'],
-    'EFI': ['x86:LE:64:default'],
-}
-
-data64_compiler_map = {
-    None: 'pointer64',
-}
-
-x86_compiler_map = {
-    'windows': 'windows',
-    'Cygwin': 'windows',
-}
-
-arm_compiler_map = {
-    'windows': 'windows',
-}
-
-compiler_map = {
-    'DATA:BE:64:default': data64_compiler_map,
-    'DATA:LE:64:default': data64_compiler_map,
-    'x86:LE:32:default': x86_compiler_map,
-    'x86:LE:64:default': x86_compiler_map,
-    'AARCH64:BE:64:v8A': arm_compiler_map,
-    'AARCH64:LE:64:AppleSilicon': arm_compiler_map,
-    'AARCH64:LE:64:v8A': arm_compiler_map,
-    'ARM:BE:64:v8': arm_compiler_map,
-    'ARM:LE:64:v8': arm_compiler_map,
-}
-
-
-def get_arch():
-    return "x86_64"
-
-
-def get_endian():
-    return 'little'
-
-
-def get_osabi():
-    return "windows"
-
-
-def compute_ghidra_language():
-    # First, check if the parameter is set
-    lang = util.get_convenience_variable('ghidra-language')
-    if lang != 'auto':
-        return lang
-
-    # Get the list of possible languages for the arch. We'll need to sift
-    # through them by endian and probably prefer default/simpler variants. The
-    # heuristic for "simpler" will be 'default' then shortest variant id.
-    arch = get_arch()
-    endian = get_endian()
-    lebe = ':BE:' if endian == 'big' else ':LE:'
-    if not arch in language_map:
-        return 'DATA' + lebe + '64:default'
-    langs = language_map[arch]
-    matched_endian = sorted(
-        (l for l in langs if lebe in l),
-        key=lambda l: 0 if l.endswith(':default') else len(l)
-    )
-    if len(matched_endian) > 0:
-        return matched_endian[0]
-    # NOTE: I'm disinclined to fall back to a language match with wrong endian.
-    return 'DATA' + lebe + '64:default'
-
-
-def compute_ghidra_compiler(lang):
-    # First, check if the parameter is set
-    comp = util.get_convenience_variable('ghidra-compiler')
-    if comp != 'auto':
-        return comp
-
-    # Check if the selected lang has specific compiler recommendations
-    if not lang in compiler_map:
-        return 'default'
-    comp_map = compiler_map[lang]
-    osabi = get_osabi()
-    if osabi in comp_map:
-        return comp_map[osabi]
-    if None in comp_map:
-        return comp_map[None]
-    return 'default'
-
-
-def compute_ghidra_lcsp():
-    lang = compute_ghidra_language()
-    comp = compute_ghidra_compiler(lang)
-    return lang, comp
-
-
-class DefaultMemoryMapper(object):
-
-    def __init__(self, defaultSpace):
-        self.defaultSpace = defaultSpace
-
-    def map(self, proc: int, offset: int):
-        space = self.defaultSpace
-        return self.defaultSpace, Address(space, offset)
-
-    def map_back(self, proc: int, address: Address) -> int:
-        if address.space == self.defaultSpace:
-            return address.offset
-        raise ValueError(f"Address {address} is not in process {proc.GetProcessID()}")
-
-
-DEFAULT_MEMORY_MAPPER = DefaultMemoryMapper('ram')
-
-memory_mappers = {}
-
-
-def compute_memory_mapper(lang):
-    if not lang in memory_mappers:
-        return DEFAULT_MEMORY_MAPPER
-    return memory_mappers[lang]
-
-
-class DefaultRegisterMapper(object):
-
-    def __init__(self, byte_order):
-        if not byte_order in ['big', 'little']:
-            raise ValueError("Invalid byte_order: {}".format(byte_order))
-        self.byte_order = byte_order
-        self.union_winners = {}
-
-    def map_name(self, proc, name):
-        return name
-
-
-    def map_value(self, proc, name, value):
-        try:
-            ### TODO: this seems half-baked
-            av = value.to_bytes(8, "big")
-        except Exception:
-            raise ValueError("Cannot convert {}'s value: '{}', type: '{}'"
-                                .format(name, value, type(value)))
-        return RegVal(self.map_name(proc, name), av)
-
-    def map_name_back(self, proc, name):
-        return name
-
-    def map_value_back(self, proc, name, value):
-        return RegVal(self.map_name_back(proc, name), value)
-
-
-class Intel_x86_64_RegisterMapper(DefaultRegisterMapper):
-
-    def __init__(self):
-        super().__init__('little')
-
-    def map_name(self, proc, name):
-        if name is None:
-            return 'UNKNOWN'
-        if name == 'efl':
-            return 'rflags'
-        if name.startswith('zmm'):
-            # Ghidra only goes up to ymm, right now
-            return 'ymm' + name[3:]
-        return super().map_name(proc, name)
-
-    def map_value(self, proc, name, value):
-        rv = super().map_value(proc, name, value)
-        if rv.name.startswith('ymm') and len(rv.value) > 32:
-            return RegVal(rv.name, rv.value[-32:])
-        return rv
-
-    def map_name_back(self, proc, name):
-        if name == 'rflags':
-            return 'eflags'
-
-
-DEFAULT_BE_REGISTER_MAPPER = DefaultRegisterMapper('big')
-DEFAULT_LE_REGISTER_MAPPER = DefaultRegisterMapper('little')
-
-register_mappers = {
-    'x86:LE:64:default': Intel_x86_64_RegisterMapper()
-}
-
-
-def compute_register_mapper(lang):
-    if not lang in register_mappers:
-        if ':BE:' in lang:
-            return DEFAULT_BE_REGISTER_MAPPER
-        if ':LE:' in lang:
-            return DEFAULT_LE_REGISTER_MAPPER
-    return register_mappers[lang]
-    

Ghidra/Debug/Debugger-agent-dbgeng/src/main/py/src/ghidrattd/hooks.py

@@ -1,441 +0,0 @@
-## ###
-#  IP: GHIDRA
-# 
-#  Licensed under the Apache License, Version 2.0 (the "License");
-#  you may not use this file except in compliance with the License.
-#  You may obtain a copy of the License at
-#  
-#       http://www.apache.org/licenses/LICENSE-2.0
-#  
-#  Unless required by applicable law or agreed to in writing, software
-#  distributed under the License is distributed on an "AS IS" BASIS,
-#  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-#  See the License for the specific language governing permissions and
-#  limitations under the License.
-##
-import sys
-import time
-import threading
-
-from pybag import pydbg
-from pybag.dbgeng.callbacks import EventHandler
-from pybag.dbgeng import core as DbgEng
-from pybag.dbgeng import exception
-from pybag.dbgeng.idebugbreakpoint import DebugBreakpoint
-
-from . import commands, util
-
-ALL_EVENTS = 0xFFFF
-
-class HookState(object):
-    __slots__ = ('installed', 'mem_catchpoint')
-
-    def __init__(self):
-        self.installed = False
-        self.mem_catchpoint = None
-
-
-class ProcessState(object):
-    __slots__ = ('first', 'regions', 'modules', 'threads', 'breaks', 'watches', 'visited', 'waiting')
-
-    def __init__(self):
-        self.first = True
-        # For things we can detect changes to between stops
-        self.regions = False
-        self.modules = False
-        self.threads = False
-        self.breaks = False
-        self.watches = False
-        # For frames and threads that have already been synced since last stop
-        self.visited = set()
-        self.waiting = True
-
-    def record(self, description=None, snap=None):
-        first = self.first
-        self.first = False
-        if description is not None:
-            commands.STATE.trace.snapshot(description, snap=snap)
-        if first:
-            commands.put_processes()
-            commands.put_environment()
-        if self.threads:
-            commands.put_threads()
-            self.threads = False
-        thread = util.selected_thread()
-        if thread is not None:
-            if first or thread not in self.visited:
-                commands.putreg()
-                commands.putmem("$pc", "1", display_result=False)
-                commands.putmem("$sp", "1", display_result=False)
-                #commands.put_frames()
-                self.visited.add(thread)
-            #frame = util.selected_frame()
-            #hashable_frame = (thread, frame)
-            #if first or hashable_frame not in self.visited:
-            #    self.visited.add(hashable_frame)
-        if first or self.regions:
-            commands.put_regions()
-            self.regions = False
-        if first or self.modules:
-            commands.put_modules()
-            self.modules = False
-        if first or self.breaks:
-            commands.put_breakpoints()
-            self.breaks = False
-
-    def record_continued(self):
-        commands.put_processes(running=True)
-        commands.put_threads(running=True)
-
-    def record_exited(self, exit_code, description=None, snap=None):
-        if description is not None:
-            commands.STATE.trace.snapshot(description, snap)
-        proc = util.selected_process()
-        ipath = commands.PROCESS_PATTERN.format(procnum=proc)
-        commands.STATE.trace.proxy_object_path(
-            ipath).set_value('Exit Code', exit_code)
-
-
-class BrkState(object):
-    __slots__ = ('break_loc_counts',)
-
-    def __init__(self):
-        self.break_loc_counts = {}
-
-    def update_brkloc_count(self, b, count):
-        self.break_loc_counts[b.GetID()] = count
-
-    def get_brkloc_count(self, b):
-        return self.break_loc_counts.get(b.GetID(), 0)
-
-    def del_brkloc_count(self, b):
-        if b not in self.break_loc_counts:
-            return 0  # TODO: Print a warning?
-        count = self.break_loc_counts[b.GetID()]
-        del self.break_loc_counts[b.GetID()]
-        return count
-
-
-HOOK_STATE = HookState()
-BRK_STATE = BrkState()
-PROC_STATE = {}
-
-
-def on_state_changed(*args):
-    #print("ON_STATE_CHANGED")
-    if args[0] == DbgEng.DEBUG_CES_CURRENT_THREAD:
-        return on_thread_selected(args)
-    elif args[0] == DbgEng.DEBUG_CES_BREAKPOINTS:
-        return on_breakpoint_modified(args)
-    elif args[0] == DbgEng.DEBUG_CES_RADIX:
-        util.set_convenience_variable('output-radix', args[1])
-        return DbgEng.DEBUG_STATUS_GO
-    elif args[0] == DbgEng.DEBUG_CES_EXECUTION_STATUS:
-        proc = util.selected_process()
-        if args[1] & DbgEng.DEBUG_STATUS_INSIDE_WAIT:
-            PROC_STATE[proc].waiting = True
-            return DbgEng.DEBUG_STATUS_GO
-        PROC_STATE[proc].waiting = False
-        commands.put_state(proc)
-        if args[1] == DbgEng.DEBUG_STATUS_BREAK:
-            return on_stop(args)
-        else:
-            return on_cont(args)
-    return DbgEng.DEBUG_STATUS_GO
-
-
-def on_debuggee_changed(*args):
-    #print("ON_DEBUGGEE_CHANGED")
-    trace = commands.STATE.trace
-    if trace is None:
-        return
-    if args[1] == DbgEng.DEBUG_CDS_REGISTERS:
-        on_register_changed(args[0][1])
-    #if args[1] == DbgEng.DEBUG_CDS_DATA:
-    #    on_memory_changed(args[0][1])
-    return DbgEng.DEBUG_STATUS_GO
-
-
-def on_session_status_changed(*args):
-    #print("ON_STATUS_CHANGED")
-    trace = commands.STATE.trace
-    if trace is None:
-        return
-    if args[0] == DbgEng.DEBUG_SESSION_ACTIVE or args[0] == DbgEng.DEBUG_SSESION_REBOOT:
-        with commands.STATE.client.batch():
-            with trace.open_tx("New Process {}".format(util.selected_process())):
-                commands.put_processes() 
-                return DbgEng.DEBUG_STATUS_GO   
-
-
-def on_symbol_state_changed(*args):
-    #print("ON_SYMBOL_STATE_CHANGED")
-    trace = commands.STATE.trace
-    if trace is None:
-        return
-    if args[0] == 1 or args[0] == 2:
-        PROC_STATE[proc].modules = True
-    return DbgEng.DEBUG_STATUS_GO
-
-
-def on_system_error(*args):
-    print("ON_SYSTEM_ERROR")
-    print(hex(args[0]))
-    trace = commands.STATE.trace
-    if trace is None:
-        return
-    with commands.STATE.client.batch():
-        with trace.open_tx("New Process {}".format(util.selected_process())):
-            commands.put_processes() 
-    return DbgEng.DEBUG_STATUS_BREAK
-
-
-def on_new_process(*args):
-    #print("ON_NEW_PROCESS")
-    trace = commands.STATE.trace
-    if trace is None:
-        return
-    with commands.STATE.client.batch():
-        with trace.open_tx("New Process {}".format(util.selected_process())):
-            commands.put_processes() 
-    return DbgEng.DEBUG_STATUS_BREAK
-
-
-def on_process_selected():
-    #print("PROCESS_SELECTED")
-    proc = util.selected_process()
-    if proc not in PROC_STATE:
-        return
-    trace = commands.STATE.trace
-    if trace is None:
-        return
-    with commands.STATE.client.batch():
-        with trace.open_tx("Process {} selected".format(proc)):
-            PROC_STATE[proc].record()
-            commands.activate()
-
-
-def on_process_deleted(*args):
-    #print("ON_PROCESS_DELETED")
-    proc = args[0]
-    on_exited(proc)
-    if proc in PROC_STATE:
-        del PROC_STATE[proc]
-    trace = commands.STATE.trace
-    if trace is None:
-        return
-    with commands.STATE.client.batch():
-        with trace.open_tx("Process {} deleted".format(proc)):
-            commands.put_processes()  # TODO: Could just delete the one....
-    return DbgEng.DEBUG_STATUS_BREAK
-
-
-def on_threads_changed(*args):
-    #print("ON_THREADS_CHANGED")
-    proc = util.selected_process()
-    if proc not in PROC_STATE:
-        return DbgEng.DEBUG_STATUS_GO
-    PROC_STATE[proc].threads = True
-    return DbgEng.DEBUG_STATUS_GO
-
-
-def on_thread_selected(*args):
-    #print("THREAD_SELECTED")
-    nthrd = args[0][1]
-    nproc = util.selected_process()
-    if nproc not in PROC_STATE:
-        return
-    trace = commands.STATE.trace
-    if trace is None:
-        return
-    with commands.STATE.client.batch():
-        with trace.open_tx("Thread {}.{} selected".format(nproc, nthrd)):
-            commands.put_state(nproc)
-            state = PROC_STATE[nproc]
-            if state.waiting:
-                state.record_continued()
-            else:
-                state.record()
-                commands.activate()
-
-
-def on_register_changed(regnum):
-    #print("REGISTER_CHANGED")
-    proc = util.selected_process()
-    if proc not in PROC_STATE:
-        return
-    trace = commands.STATE.trace
-    if trace is None:
-        return
-    with commands.STATE.client.batch():
-        with trace.open_tx("Register {} changed".format(regnum)):
-            commands.putreg()
-            commands.activate()
-
-
-def on_cont(*args):
-    proc = util.selected_process()
-    if proc not in PROC_STATE:
-        return
-    trace = commands.STATE.trace
-    if trace is None:
-        return
-    state = PROC_STATE[proc]
-    with commands.STATE.client.batch():
-        with trace.open_tx("Continued"):
-            state.record_continued()
-    return DbgEng.DEBUG_STATUS_GO
-
-
-def on_stop(*args):
-    proc = util.selected_process()
-    if proc not in PROC_STATE:
-        print("not in state")
-        return
-    trace = commands.STATE.trace
-    if trace is None:
-        print("no trace")
-        return
-    state = PROC_STATE[proc]
-    state.visited.clear()
-    pos = dbg().get_position()
-    rng = range(pos.major, util.lastpos.major)
-    if pos.major > util.lastpos.major:
-        rng = range(util.lastpos.major, pos.major)
-    for i in rng:
-        if util.evttypes.__contains__(i):
-            type = util.evttypes[i]
-            if type == "modload" or type == "modunload":
-                on_modules_changed()
-            if type == "threadcreated" or type == "threadterm":
-                on_threads_changed()
-    util.lastpos = pos
-    with commands.STATE.client.batch():
-        with trace.open_tx("Stopped"):
-            state.record("Stopped", util.pos2snap(pos))
-            commands.put_state(proc)
-            commands.put_event_thread()
-            commands.activate()
-
-
-def on_exited(proc):
-    if proc not in PROC_STATE:
-        print("not in state")
-        return
-    trace = commands.STATE.trace
-    if trace is None:
-        return
-    state = PROC_STATE[proc]
-    state.visited.clear()
-    exit_code = util.GetExitCode()
-    description = "Exited with code {}".format(exit_code)
-    with commands.STATE.client.batch():
-        with trace.open_tx(description):
-            state.record_exited(exit_code, description)
-            commands.activate()
-
-
-def on_modules_changed(*args):
-    #print("ON_MODULES_CHANGED")
-    proc = util.selected_process()
-    if proc not in PROC_STATE:
-        return DbgEng.DEBUG_STATUS_GO
-    PROC_STATE[proc].modules = True
-    return DbgEng.DEBUG_STATUS_GO
-
-
-def on_breakpoint_created(bp):
-    proc = util.selected_process()
-    if proc not in PROC_STATE:
-        return
-    PROC_STATE[proc].breaks = True
-    trace = commands.STATE.trace
-    if trace is None:
-        return
-    ibpath = commands.PROC_BREAKS_PATTERN.format(procnum=proc)
-    with commands.STATE.client.batch():
-        with trace.open_tx("Breakpoint {} created".format(bp.id)):
-            ibobj = trace.create_object(ibpath)
-            # Do not use retain_values or it'll remove other locs
-            commands.put_single_breakpoint(bp, ibobj, proc, [])
-            ibobj.insert()
-
-
-def on_breakpoint_modified(*args):
-    #print("BREAKPOINT_MODIFIED")
-    proc = util.selected_process()
-    if proc not in PROC_STATE:
-        return
-    PROC_STATE[proc].breaks = True
-    trace = commands.STATE.trace
-    if trace is None:
-        return
-    ibpath = commands.PROC_BREAKS_PATTERN.format(procnum=proc)
-    ibobj = trace.create_object(ibpath)
-    bpid = args[0][1]
-    try:
-        bp = dbg()._control.GetBreakpointById(bpid)
-    except exception.E_NOINTERFACE_Error:
-        dbg().breakpoints._remove_stale(bpid)
-        return on_breakpoint_deleted(bpid)
-    return on_breakpoint_created(bp)
-
-
-def on_breakpoint_deleted(bpt):
-    proc = util.selected_process()
-    if proc not in PROC_STATE:
-        return
-    PROC_STATE[proc].breaks = True
-    trace = commands.STATE.trace
-    if trace is None:
-        return
-    bpath = commands.PROC_BREAK_PATTERN.format(procnum=proc, breaknum=bpt.id)
-    with commands.STATE.client.batch():
-        with trace.open_tx("Breakpoint {} deleted".format(bpt.id)):
-            trace.proxy_object_path(bpath).remove(tree=True)
-
-
-def on_breakpoint_hit(*args):
-    trace = commands.STATE.trace
-    if trace is None:
-        return
-    with commands.STATE.client.batch():
-        with trace.open_tx("New Process {}".format(util.selected_process())):
-            commands.put_processes() 
-    return DbgEng.DEBUG_STATUS_GO
-
-
-def on_exception(*args):
-    trace = commands.STATE.trace
-    if trace is None:
-        return
-    with commands.STATE.client.batch():
-        with trace.open_tx("New Process {}".format(util.selected_process())):
-            commands.put_processes() 
-    return DbgEng.DEBUG_STATUS_GO
-
-
-def install_hooks():
-    if HOOK_STATE.installed:
-        return
-    HOOK_STATE.installed = True
-
-def remove_hooks():
-    if not HOOK_STATE.installed:
-        return
-    HOOK_STATE.installed = False
-
-
-def enable_current_process():
-    proc = util.selected_process()
-    PROC_STATE[proc] = ProcessState()
-
-
-def disable_current_process():
-    proc = util.selected_process()
-    if proc in PROC_STATE:
-        # Silently ignore already disabled
-        del PROC_STATE[proc]
-
-def dbg():
-    return util.get_debugger()

Ghidra/Debug/Debugger-agent-dbgeng/src/main/py/src/ghidrattd/libraries.py

@@ -1,78 +0,0 @@
-## ###
-#  IP: GHIDRA
-# 
-#  Licensed under the Apache License, Version 2.0 (the "License");
-#  you may not use this file except in compliance with the License.
-#  You may obtain a copy of the License at
-#  
-#       http://www.apache.org/licenses/LICENSE-2.0
-#  
-#  Unless required by applicable law or agreed to in writing, software
-#  distributed under the License is distributed on an "AS IS" BASIS,
-#  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-#  See the License for the specific language governing permissions and
-#  limitations under the License.
-##
-import ctypes
-import os
-import platform
-
-import comtypes
-import comtypes.client
-
-
-ctypes.windll.kernel32.SetErrorMode(0x0001 | 0x0002 | 0x8000)
-
-if platform.architecture()[0] == '64bit':
-    dbgdirs = [os.getenv('OPT_DBGMODEL_PATH'),
-               r'C:\Program Files\Windows Kits\10\Debuggers\x64',
-               r'C:\Program Files (x86)\Windows Kits\10\Debuggers\x64']
-else:
-    dbgdirs = [os.getenv('OPT_DBGMODEL_PATH'),
-               r'C:\Program Files\Windows Kits\10\Debuggers\x86',
-               r'C:\Program Files (x86)\Windows Kits\10\Debuggers\x86']
-dbgdir = None
-for _dir in dbgdirs:
-    if _dir is not None and os.path.exists(_dir):
-        dbgdir = _dir
-        break
-
-if not dbgdir:
-    raise RuntimeError("Windbg install directory not found!")
-
-print(f"Loading dbgeng and friends from {dbgdir}")
-
-# preload these to get correct DLLs loaded
-try:
-    ctypes.windll.LoadLibrary(os.path.join(dbgdir, 'dbghelp.dll'))
-except Exception as exc:
-    print(fr"LoadLibrary failed: {dbgdir}\dbghelp.dll {exc}")
-    pass
-try:
-    ctypes.windll.LoadLibrary(os.path.join(dbgdir, 'dbgeng.dll'))
-except Exception as exc:
-    print(fr"LoadLibrary failed: {dbgdir}\dbgeng.dll {exc}")
-    pass
-try:
-    ctypes.windll.LoadLibrary(os.path.join(dbgdir, 'DbgModel.dll'))
-except Exception as exc:
-    print(fr"LoadLibrary failed: {dbgdir}\dbgmodel.dll {exc}")
-    pass
-try:
-    ctypes.windll.LoadLibrary(os.path.join(dbgdir, 'ttd/TTDReplay.dll'))
-except Exception as exc:
-    print(fr"LoadLibrary failed: {dbgdir}\ttd\TTDReplay.dll {exc}")
-    pass
-try:
-    ctypes.windll.LoadLibrary(os.path.join(dbgdir, 'ttd/TTDReplayCPU.dll'))
-except Exception as exc:
-    print(fr"LoadLibrary failed: {dbgdir}\ttd\TTDReplayCPU.dll {exc}")
-    pass
-
-try:
-    from comtypes.gen import DbgMod
-except:
-    tlb = os.path.join(dbgmodel.module_locator(), 'tlb', 'dbgmodel.tlb')
-    print(f"Loading TLB: {tlb}")
-    comtypes.client.GetModule(tlb)
-    from comtypes.gen import DbgMod

Ghidra/Debug/Debugger-agent-dbgeng/src/main/py/src/ghidrattd/methods.py

@@ -1,538 +0,0 @@
-## ###
-# IP: GHIDRA
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#      http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-##
-from concurrent.futures import Future, ThreadPoolExecutor
-import re
-import sys
-
-from ghidratrace import sch
-from ghidratrace.client import MethodRegistry, ParamDesc, Address, AddressRange
-
-from pyttd import pyTTD
-#from pybag import pydbg
-#from pybag.dbgeng import core as DbgEng
-
-from . import util, commands, hooks
-from contextlib import redirect_stdout
-from io import StringIO
-
-
-REGISTRY = MethodRegistry(ThreadPoolExecutor(max_workers=1))
-
-
-def extre(base, ext):
-    return re.compile(base.pattern + ext)
-
-
-AVAILABLE_PATTERN = re.compile('Available\[(?P<pid>\\d*)\]')
-WATCHPOINT_PATTERN = re.compile('Watchpoints\[(?P<watchnum>\\d*)\]')
-BREAKPOINT_PATTERN = re.compile('Breakpoints\[(?P<breaknum>\\d*)\]')
-BREAK_LOC_PATTERN = extre(BREAKPOINT_PATTERN, '\[(?P<locnum>\\d*)\]')
-PROCESS_PATTERN = re.compile('Processes\[(?P<procnum>\\d*)\]')
-PROC_BREAKS_PATTERN = extre(PROCESS_PATTERN, '\.Breakpoints')
-PROC_BREAKBPT_PATTERN = extre(PROC_BREAKS_PATTERN, '\[(?P<breaknum>\\d*)\]')
-ENV_PATTERN = extre(PROCESS_PATTERN, '\.Environment')
-THREADS_PATTERN = extre(PROCESS_PATTERN, '\.Threads')
-THREAD_PATTERN = extre(THREADS_PATTERN, '\[(?P<tnum>\\d*)\]')
-STACK_PATTERN = extre(THREAD_PATTERN, '\.Stack')
-FRAME_PATTERN = extre(STACK_PATTERN, '\[(?P<level>\\d*)\]')
-REGS_PATTERN0 = extre(THREAD_PATTERN, '.Registers')
-REGS_PATTERN = extre(FRAME_PATTERN, '.Registers')
-MEMORY_PATTERN = extre(PROCESS_PATTERN, '\.Memory')
-MODULES_PATTERN = extre(PROCESS_PATTERN, '\.Modules')
-
-
-def find_availpid_by_pattern(pattern, object, err_msg):
-    mat = pattern.fullmatch(object.path)
-    if mat is None:
-        raise TypeError(f"{object} is not {err_msg}")
-    pid = int(mat['pid'])
-    return pid
-
-
-def find_availpid_by_obj(object):
-    return find_availpid_by_pattern(AVAILABLE_PATTERN, object, "an Available")
-
-
-def find_proc_by_num(id):
-    if id != util.selected_process():
-        util.select_process(id)
-    return util.selected_process()
-
-
-def find_proc_by_pattern(object, pattern, err_msg):
-    mat = pattern.fullmatch(object.path)
-    if mat is None:
-        raise TypeError(f"{object} is not {err_msg}")
-    procnum = int(mat['procnum'])
-    return find_proc_by_num(procnum)
-
-
-def find_proc_by_obj(object):
-    return find_proc_by_pattern(object, PROCESS_PATTERN, "an Process")
-
-
-def find_proc_by_procbreak_obj(object):
-    return find_proc_by_pattern(object, PROC_BREAKS_PATTERN,
-                                "a BreakpointLocationContainer")
-
-
-def find_proc_by_procwatch_obj(object):
-    return find_proc_by_pattern(object, PROC_WATCHES_PATTERN,
-                                "a WatchpointContainer")
-
-
-def find_proc_by_env_obj(object):
-    return find_proc_by_pattern(object, ENV_PATTERN, "an Environment")
-
-
-def find_proc_by_threads_obj(object):
-    return find_proc_by_pattern(object, THREADS_PATTERN, "a ThreadContainer")
-
-
-def find_proc_by_mem_obj(object):
-    return find_proc_by_pattern(object, MEMORY_PATTERN, "a Memory")
-
-
-def find_proc_by_modules_obj(object):
-    return find_proc_by_pattern(object, MODULES_PATTERN, "a ModuleContainer")
-
-
-def find_thread_by_num(id):
-    if id != util.selected_thread():
-        util.select_thread(id)
-    return util.selected_thread()
-
-
-def find_thread_by_pattern(pattern, object, err_msg):
-    mat = pattern.fullmatch(object.path)
-    if mat is None:
-        raise TypeError(f"{object} is not {err_msg}")
-    pnum = int(mat['procnum'])
-    tnum = int(mat['tnum'])
-    find_proc_by_num(pnum)
-    return find_thread_by_num(tnum)
-
-
-def find_thread_by_obj(object):
-    return find_thread_by_pattern(THREAD_PATTERN, object, "a Thread")
-
-
-def find_thread_by_stack_obj(object):
-    return find_thread_by_pattern(STACK_PATTERN, object, "a Stack")
-
-
-def find_thread_by_regs_obj(object):
-    return find_thread_by_pattern(REGS_PATTERN0, object, "a RegisterValueContainer")
-
-
-def find_frame_by_level(level):
-    return dbg().backtrace_list()[level]
-
-
-def find_frame_by_pattern(pattern, object, err_msg):
-    mat = pattern.fullmatch(object.path)
-    if mat is None:
-        raise TypeError(f"{object} is not {err_msg}")
-    pnum = int(mat['procnum'])
-    tnum = int(mat['tnum'])
-    level = int(mat['level'])
-    find_proc_by_num(pnum)
-    find_thread_by_num(tnum)
-    return find_frame_by_level(level)
-
-
-def find_frame_by_obj(object):
-    return find_frame_by_pattern(FRAME_PATTERN, object, "a StackFrame")
-
-
-def find_bpt_by_number(breaknum):
-    try:
-        bp = util.breakpoints[breaknum]
-        return bp
-    except exception.E_NOINTERFACE_Error:
-        raise KeyError(f"Breakpoints[{breaknum}] does not exist")
-
-
-def find_bpt_by_pattern(pattern, object, err_msg):
-    mat = pattern.fullmatch(object.path)
-    if mat is None:
-        raise TypeError(f"{object} is not {err_msg}")
-    breaknum = int(mat['breaknum'])
-    return find_bpt_by_number(breaknum)
-
-
-def find_bpt_by_obj(object):
-    return find_bpt_by_pattern(PROC_BREAKBPT_PATTERN, object, "a BreakpointSpec")
-
-
-shared_globals = dict()
-
-
-@REGISTRY.method
-def execute(cmd: str, to_string: bool=False):
-    """Execute a CLI command."""
-    # print("***{}***".format(cmd))
-    # sys.stderr.flush()
-    # sys.stdout.flush()
-    if to_string:
-        data = StringIO()
-        with redirect_stdout(data):
-            exec("{}".format(cmd), shared_globals)
-        return data.getvalue()
-    else:
-        exec("{}".format(cmd), shared_globals)
-
-
-@REGISTRY.method(action='evaluate', display='Evaluate')
-def evaluate(
-	session: sch.Schema('Session'),
- 	expr: ParamDesc(str, display='Expr')):
-    """Execute a CLI command."""
-    return str(eval("{}".format(expr), shared_globals))
-
-
-@REGISTRY.method(action='refresh')
-def refresh_available(node: sch.Schema('AvailableContainer')):
-    """List processes on pydbg's host system."""
-    with commands.open_tracked_tx('Refresh Available'):
-        commands.ghidra_trace_put_available()
-
-
-@REGISTRY.method(action='refresh')
-def refresh_breakpoints(node: sch.Schema('BreakpointContainer')):
-    """
-    Refresh the list of breakpoints (including locations for the current
-    process).
-    """
-    with commands.open_tracked_tx('Refresh Breakpoints'):
-        commands.ghidra_trace_put_breakpoints()
-
-
-@REGISTRY.method(action='refresh')
-def refresh_processes(node: sch.Schema('ProcessContainer')):
-    """Refresh the list of processes."""
-    with commands.open_tracked_tx('Refresh Processes'):
-        commands.ghidra_trace_put_threads()
-
-
-def refresh_environment(node: sch.Schema('Environment')):
-    """Refresh the environment descriptors (arch, os, endian)."""
-    with commands.open_tracked_tx('Refresh Environment'):
-        commands.ghidra_trace_put_environment()
-
-
-@REGISTRY.method(action='refresh')
-def refresh_threads(node: sch.Schema('ThreadContainer')):
-    """Refresh the list of threads in the process."""
-    with commands.open_tracked_tx('Refresh Threads'):
-        commands.ghidra_trace_put_threads()
-
-
-@REGISTRY.method(action='refresh')
-def refresh_stack(node: sch.Schema('Stack')):
-    """Refresh the backtrace for the thread."""
-    tnum = find_thread_by_stack_obj(node)
-    with commands.open_tracked_tx('Refresh Stack'):
-        commands.ghidra_trace_put_frames()
-
-
-@REGISTRY.method(action='refresh')
-def refresh_registers(node: sch.Schema('RegisterValueContainer')):
-    """Refresh the register values for the frame."""
-    tnum = find_thread_by_regs_obj(node)
-    with commands.open_tracked_tx('Refresh Registers'):
-        commands.ghidra_trace_putreg()
-
-
-@REGISTRY.method(action='refresh')
-def refresh_mappings(node: sch.Schema('Memory')):
-    """Refresh the list of memory regions for the process."""
-    with commands.open_tracked_tx('Refresh Memory Regions'):
-        commands.ghidra_trace_put_regions()
-
-
-@REGISTRY.method(action='refresh')
-def refresh_modules(node: sch.Schema('ModuleContainer')):
-    """
-    Refresh the modules and sections list for the process.
-
-    This will refresh the sections for all modules, not just the selected one.
-    """
-    with commands.open_tracked_tx('Refresh Modules'):
-        commands.ghidra_trace_put_modules()
-
-
-@REGISTRY.method(action='activate')
-def activate_process(process: sch.Schema('Process')):
-    """Switch to the process."""
-    find_proc_by_obj(process)
-
-
-@REGISTRY.method(action='activate')
-def activate_thread(thread: sch.Schema('Thread')):
-    """Switch to the thread."""
-    find_thread_by_obj(thread)
-
-
-@REGISTRY.method(action='activate')
-def activate_frame(frame: sch.Schema('StackFrame')):
-    """Select the frame."""
-    find_frame_by_obj(frame)
-
-
-@REGISTRY.method(action='delete')
-def remove_process(process: sch.Schema('Process')):
-    """Remove the process."""
-    find_proc_by_obj(process)
-    dbg().detach()
-
-
-@REGISTRY.method(action='connect', display='Connect')
-@util.dbg.eng_thread
-def target(
-	session: sch.Schema('Session'), 
-	cmd: ParamDesc(str, display='Command')):
-    """Connect to a target machine or process."""
-    dbg().attach_kernel(cmd)
-
-
-@REGISTRY.method(action='attach', display='Attach')
-@util.dbg.eng_thread
-def attach_obj(target: sch.Schema('Attachable')):
-    """Attach the process to the given target."""
-    pid = find_availpid_by_obj(target)
-    dbg().attach(pid)
-
-
-@REGISTRY.method(action='attach', display='Attach by pid')
-@util.dbg.eng_thread
-def attach_pid(
-	session: sch.Schema('Session'), 
-	pid: ParamDesc(str, display='PID')):
-    """Attach the process to the given target."""
-    dbg().attach_proc(int(pid))
-
-
-@REGISTRY.method(action='attach', display='Attach by name')
-@util.dbg.eng_thread
-def attach_name(
-	session: sch.Schema('Session'), 
-	name: ParamDesc(str, display='Name')):
-    """Attach the process to the given target."""
-    dbg().attach_proc(name)
-
-
-@REGISTRY.method(action='detach', display='Detach')
-@util.dbg.eng_thread
-def detach(process: sch.Schema('Process')):
-    """Detach the process's target."""
-    dbg().detach()
-
-
-@REGISTRY.method(action='launch', display='Launch')
-def launch_loader(
-		session: sch.Schema('Session'),
-        file: ParamDesc(str, display='File'),
-        args: ParamDesc(str, display='Arguments')=''):
-    """
-    Start a native process with the given command line, stopping at the ntdll initial breakpoint.
-    """
-    command = file
-    if args != None:
-        command += " "+args
-    commands.ghidra_trace_create(command=file, start_trace=False)
-
-
-@REGISTRY.method(action='launch', display='LaunchEx')
-def launch(
-		session: sch.Schema('Session'),
-        file: ParamDesc(str, display='File'),
-        args: ParamDesc(str, display='Arguments')='',
-        initial_break: ParamDesc(bool, display='Initial Break')=True,
-        timeout: ParamDesc(int, display='Timeout')=-1):
-    """
-    Run a native process with the given command line.
-    """
-    command = file
-    if args != None:
-        command += " "+args
-    commands.ghidra_trace_create(
-        command, initial_break=initial_break, timeout=timeout, start_trace=False)
-
-
-@REGISTRY.method
-def kill(process: sch.Schema('Process')):
-    """Kill execution of the process."""
-    dbg().terminate()
-
-
-@REGISTRY.method(name='continue', action='resume')
-def _continue(process: sch.Schema('Process')):
-    """Continue execution of the process."""
-    dbg().replay_forward(pyTTD.MAX_STEP, util.last)
-    hooks.on_stop()
-
-
-@REGISTRY.method
-def interrupt(process: sch.Schema('Process')):
-    """Interrupt the execution of the debugged program."""
-    print("'interrupt' is unsupported for TTD")
-
-
-@REGISTRY.method(action='step_into')
-def step_into(thread: sch.Schema('Thread'), n: ParamDesc(int, display='N')=1):
-    """Step one instruction exactly."""
-    # find_thread_by_obj(thread)
-    dbg().replay_forward(n, util.last)
-    hooks.on_stop()
-
-
-@REGISTRY.method(action='step_over')
-def step_over(thread: sch.Schema('Thread'), n: ParamDesc(int, display='N')=1):
-    """Step one instruction, but proceed through subroutine calls."""
-    # find_thread_by_obj(thread)
-    dbg().replay_backward(n, util.first)
-    hooks.on_stop()
-
-
-@REGISTRY.method(action='step_out')
-def step_out(thread: sch.Schema('Thread')):
-    """Execute until the current stack frame returns."""
-    dbg().replay_backward(pyTTD.MAX_STEP, util.first)
-    hooks.on_stop()
-
-
-@REGISTRY.method(action='step_to', display='Step To')
-def step_to(thread: sch.Schema('Thread'), address: Address, max=None):
-    """Continue execution up to the given address."""
-    find_thread_by_obj(thread)
-    return dbg().stepto(address.offset, max)
-
-
-def gen_bpt(offset: int, size: int, flags: int):
-    bp = pyTTD.MemoryWatchpointData(addr=offset, size=size, flags=flags)
-    dbg().add_memory_watchpoint(bp)
-    bpt = util.Watchpoint(offset, size, flags, len(util.breakpoints), bp)
-    util.breakpoints.append(bpt)
-    hooks.on_breakpoint_created(bpt)
-
-
-@REGISTRY.method(action='break_sw_execute')
-def break_address(process: sch.Schema('Process'), address: Address):
-    """Set a breakpoint."""
-    gen_bpt(offset=address.offset, size=4, flags=pyTTD.BP_FLAGS.EXEC)
-
-
-@REGISTRY.method(action='break_sw_execute')
-def break_expression(expression: str):
-    """Set a breakpoint."""
-    # TODO: Escape?
-    dbg().bp(expr=expression)
-
-
-@REGISTRY.method(action='break_hw_execute')
-def break_hw_address(process: sch.Schema('Process'), address: Address):
-    """Set a hardware-assisted breakpoint."""
-    gen_bpt(offset=address.offset, size=4, flags=pyTTD.BP_FLAGS.EXEC)
-
-
-@REGISTRY.method(action='break_hw_execute')
-def break_hw_expression(expression: str):
-    """Set a hardware-assisted breakpoint."""
-    dbg().ba(expr=expression)
-
-
-@REGISTRY.method(action='break_read')
-def break_read_range(process: sch.Schema('Process'), range: AddressRange):
-    """Set a read watchpoint."""
-    gen_bpt(offset=range.min, size=range.length(), flags=pyTTD.BP_FLAGS.READ)
-
-
-@REGISTRY.method(action='break_read')
-def break_read_expression(expression: str):
-    """Set a read watchpoint."""
-    dbg().ba(expr=expression, access=DbgEng.DEBUG_BREAK_READ)
-
-
-@REGISTRY.method(action='break_write')
-def break_write_range(process: sch.Schema('Process'), range: AddressRange):
-    """Set a watchpoint."""
-    gen_bpt(offset=range.min, size=range.length(), flags=pyTTD.BP_FLAGS.WRITE)
-
-
-@REGISTRY.method(action='break_write')
-def break_write_expression(expression: str):
-    """Set a watchpoint."""
-    dbg().ba(expr=expression, access=DbgEng.DEBUG_BREAK_WRITE)
-
-
-@REGISTRY.method(action='break_access')
-def break_access_range(process: sch.Schema('Process'), range: AddressRange):
-    """Set an access watchpoint."""
-    find_proc_by_obj(process)
-    break_read_range(process, range)
-    break_write_range(process, range)
-
-
-@REGISTRY.method(action='break_access')
-def break_access_expression(expression: str):
-    """Set an access watchpoint."""
-    dbg().ba(expr=expression, access=DbgEng.DEBUG_BREAK_READ | DbgEng.DEBUG_BREAK_WRITE)
-
-
-@REGISTRY.method(action='toggle')
-def toggle_breakpoint(breakpoint: sch.Schema('BreakpointSpec'), enabled: bool):
-    """Toggle a breakpoint."""
-    bpt = find_bpt_by_obj(breakpoint)
-    if enabled:
-        dbg().be(bpt.GetId())
-    else:
-        dbg().bd(bpt.GetId())
-
-
-@REGISTRY.method(action='delete')
-def delete_breakpoint(breakpoint: sch.Schema('BreakpointSpec')):
-    """Delete a breakpoint."""
-    bpt = find_bpt_by_obj(breakpoint)
-    dbg().remove_memory_watchpoint(bpt.bp)
-    util.breakpoints.remove(bpt)
-    hooks.on_breakpoint_deleted(bpt)
-
-
-@REGISTRY.method
-def read_mem(process: sch.Schema('Process'), range: AddressRange):
-    """Read memory."""
-    nproc = find_proc_by_obj(process)
-    offset_start = process.trace.memory_mapper.map_back(
-        nproc, Address(range.space, range.min))
-    with commands.open_tracked_tx('Read Memory'):
-        dbg().read_mem(range.min, range.length())
-
-
-@REGISTRY.method
-def write_mem(process: sch.Schema('Process'), address: Address, data: bytes):
-    """Write memory."""
-    print("'write_mem' is unsupported for TTD")
-
-
-@REGISTRY.method
-def write_reg(frame: sch.Schema('StackFrame'), name: str, value: bytes):
-    """Write a register."""
-    print("'write_reg' is unsupported for TTD")
-
-
-def dbg():
-    return util.get_debugger()

Ghidra/Debug/Debugger-agent-dbgeng/src/main/py/src/ghidrattd/util.py

@@ -1,204 +0,0 @@
-## ###
-#  IP: GHIDRA
-# 
-#  Licensed under the Apache License, Version 2.0 (the "License");
-#  you may not use this file except in compliance with the License.
-#  You may obtain a copy of the License at
-#  
-#       http://www.apache.org/licenses/LICENSE-2.0
-#  
-#  Unless required by applicable law or agreed to in writing, software
-#  distributed under the License is distributed on an "AS IS" BASIS,
-#  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-#  See the License for the specific language governing permissions and
-#  limitations under the License.
-##
-from collections import namedtuple
-import os
-import re
-import sys
-
-from ctypes import *
-
-from pyttd import pyTTD
-
-#from pybag import pydbg
-#from pybag.dbgeng import core as DbgEng
-#from pybag.dbgeng import exception
-#from pybag.dbgeng import util as DbgUtil
-
-base = False
-eng = False
-first = False
-last = False
-breakpoints = []
-events = {}
-evttypes = {}
-starts = {}
-stops = {}
-lastpos = False
-DbgVersion = namedtuple('DbgVersion', ['full', 'major', 'minor'])
-
-
-class Watchpoint(object):
-    def __init__(self, addr, size, flags, id, bp):
-        self.addr = addr
-        self.size = size
-        self.flags = flags
-        self.id = id
-        self.bp = bp
-        self.expr = None
-
-
-def _compute_pydbg_ver():
-    blurb = "" #get_debugger()._control.GetActualProcessorType()
-    full = ""
-    major = 0
-    minor = 0
-    return DbgVersion(full, int(major), int(minor))
-
-
-DBG_VERSION = _compute_pydbg_ver()
-
-
-def get_debugger():
-    return base
-
-
-def get_target():
-    return 0  # get_debugger()._systems.GetCurrentSystemId()
-
-
-def get_inst(addr):
-    dbg = get_debugger()
-    ins = DbgUtil.disassemble_instruction(
-        dbg.bitness(), addr, dbg.read_mem(addr, 15))
-    return str(ins)
-
-
-def get_inst_sz(addr):
-    dbg = get_debugger()
-    ins = DbgUtil.disassemble_instruction(
-        dbg.bitness(), addr, dbg.read_mem(addr, 15))
-    return str(ins.size)
-
-
-def get_breakpoints():
-    return None
-
-
-def selected_process():
-    try:
-        return 0
-        # return current_process
-    except Exception:
-        return None
-
-
-def selected_thread():
-    try:
-        dbg = get_debugger()
-        current = dbg.get_thread_info()
-        return current.threadid
-    except Exception:
-        return None
-
-
-def selected_frame():
-    return 0  # selected_thread().GetSelectedFrame()
-
-
-def select_process(id: int):
-    return None
-
-
-def select_thread(id: int):
-    return None
-
-
-def select_frame(id: int):
-    # TODO: this needs to be fixed
-    return None
-
-
-def parse_and_eval(expr):
-    dbg = get_debugger()
-    if expr == "$pc":
-        return dbg.get_program_counter()
-    if expr == "$sp":
-        return dbg.get_context_x86_64().rsp
-    return int(expr)
-
-
-def get_eval(expr, type=None):
-    ctrl = get_debugger()._control._ctrl
-    ctrl.SetExpressionSyntax(1)
-    value = DbgEng._DEBUG_VALUE()
-    index = c_ulong()
-    if type == None:
-        type = DbgEng.DEBUG_VALUE_INT64
-    hr = ctrl.Evaluate(Expression="{}".format(expr).encode(
-    ), DesiredType=type, Value=byref(value), RemainderIndex=byref(index))
-    exception.check_err(hr)
-    if type == DbgEng.DEBUG_VALUE_INT8:
-        return value.u.I8
-    if type == DbgEng.DEBUG_VALUE_INT16:
-        return value.u.I16
-    if type == DbgEng.DEBUG_VALUE_INT32:
-        return value.u.I32
-    if type == DbgEng.DEBUG_VALUE_INT64:
-        return value.u.I64.I64
-    if type == DbgEng.DEBUG_VALUE_FLOAT32:
-        return value.u.F32
-    if type == DbgEng.DEBUG_VALUE_FLOAT64:
-        return value.u.F64
-    if type == DbgEng.DEBUG_VALUE_FLOAT80:
-        return value.u.F80Bytes
-    if type == DbgEng.DEBUG_VALUE_FLOAT82:
-        return value.u.F82Bytes
-    if type == DbgEng.DEBUG_VALUE_FLOAT128:
-        return value.u.F128Bytes
-
-
-def process_list(running=False):
-    """process_list() -> list of all processes"""
-    sysids = [0]
-    return sysids
-
-
-def thread_list():
-    """thread_list() -> list of all threads"""
-    dbg = get_debugger()
-    return dbg.get_thread_list()
-
-
-def module_list():
-    """thread_list() -> list of all threads"""
-    dbg = get_debugger()
-    return dbg.get_module_list()
-
-
-conv_map = {}
-
-
-def get_convenience_variable(id):
-    #val = get_target().GetEnvironment().Get(id)
-    if id not in conv_map:
-        return "auto"
-    val = conv_map[id]
-    if val is None:
-        return "auto"
-    return val
-
-
-def set_convenience_variable(id, value):
-    #env = get_target().GetEnvironment()
-    # return env.Set(id, value, True)
-    conv_map[id] = value
-
-
-def pos2snap(pos: int):
-    index = int(pos.major)
-    if index < 0 or index >= pyTTD.MAX_STEP:
-        return int(last.major)*1000
-    return index*1000+int(pos.minor)

Ghidra/Debug/Debugger-agent-drgn/README.md

@@ -0,0 +1 @@
+# Debugger-agent-drgn

Ghidra/Debug/Debugger-agent-drgn/build.gradle

@@ -0,0 +1,28 @@
+/* ###
+ * IP: GHIDRA
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+// Not technically a Java project, but required to be a Help project
+apply from: "${rootProject.projectDir}/gradle/javaProject.gradle"
+apply from: "${rootProject.projectDir}/gradle/helpProject.gradle"
+apply from: "$rootProject.projectDir/gradle/distributableGhidraModule.gradle"
+apply from: "$rootProject.projectDir/gradle/hasPythonPackage.gradle"
+
+apply plugin: 'eclipse'
+eclipse.project.name = 'Debug Debugger-agent-drgn'
+
+dependencies {
+	// Only for Help :/
+	api project(':Debugger-rmi-trace')
+}

Ghidra/Debug/Debugger-agent-drgn/certification.manifest

@@ -0,0 +1,13 @@
+##VERSION: 2.0
+##MODULE IP: Apache License 2.0
+##MODULE IP: Apache License 2.0 with LLVM Exceptions
+Module.manifest||GHIDRA||||END|
+README.md||GHIDRA||||END|
+build.gradle||GHIDRA||||END|
+src/main/help/help/TOC_Source.xml||GHIDRA||||END|
+src/main/help/help/topics/drgn/drgn.html||GHIDRA||||END|
+src/main/py/LICENSE||GHIDRA||||END|
+src/main/py/MANIFEST.in||GHIDRA||||END|
+src/main/py/README.md||GHIDRA||||END|
+src/main/py/pyproject.toml||GHIDRA||||END|
+src/main/py/src/ghidradrgn/schema.xml||GHIDRA||||END|

Ghidra/Debug/Debugger-agent-drgn/data/debugger-launchers/core-drgn.sh

@@ -0,0 +1,33 @@
+#!/usr/bin/env bash
+## ###
+# IP: GHIDRA
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+##
+#@title drgn core
+#@desc <html><body width="300px">
+#@desc   <h3>Launch with <tt>drgn-core</tt></h3>
+#@desc   <p>
+#@desc     This will attach to an existing core dump using <tt>drgn</tt>.
+#@desc     For setup instructions, press <b>F1</b>.
+#@desc   </p>
+#@desc </body></html>
+#@menu-group drgn
+#@icon icon.debugger
+#@help drgn#core
+#@depends Debugger-rmi-trace
+#@env OPT_TARGET_IMG:file!="" "Core dump" "The target core dump"
+
+export OPT_TARGET_KIND="coredump" 
+drgn -c "$OPT_TARGET_IMG" ../support/local-drgn.py
+

Ghidra/Debug/Debugger-agent-drgn/data/debugger-launchers/kernel-drgn.sh

@@ -0,0 +1,32 @@
+#!/usr/bin/env bash
+## ###
+# IP: GHIDRA
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+##
+#@title drgn kernel
+#@desc <html><body width="300px">
+#@desc   <h3>Launch with <tt>drgn-kernel</tt></h3>
+#@desc   <p>
+#@desc     This will attach to the local machine's kernel using <tt>drgn</tt>.
+#@desc     For setup instructions, press <b>F1</b>.
+#@desc   </p>
+#@desc </body></html>
+#@menu-group drgn
+#@icon icon.debugger
+#@help drgn#linux_kernel
+#@depends Debugger-rmi-trace
+
+export OPT_TARGET_KIND="kernel" 
+sudo -E drgn ../support/local-drgn.py
+

Ghidra/Debug/Debugger-agent-drgn/data/debugger-launchers/local-drgn.sh

@@ -0,0 +1,35 @@
+#!/usr/bin/env bash
+## ###
+# IP: GHIDRA
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+##
+#@title drgn
+#@desc <html><body width="300px">
+#@desc   <h3>Launch with <tt>drgn</tt></h3>
+#@desc   <p>
+#@desc     This will attach to a target running on the local machine using <tt>drgn</tt>.
+#@desc     For setup instructions, press <b>F1</b>.
+#@desc   </p>
+#@desc </body></html>
+#@menu-group drgn
+#@icon icon.debugger
+#@help drgn#attach
+#@depends Debugger-rmi-trace
+#@env OPT_TARGET_PID:int=44068 "PID" "The target's process id"
+
+export OPT_TARGET_KIND="user" 
+# sudo -E drgn -p "$OPT_TARGET_PID" ../support/local-drgn.py
+# or 'echo 0 > /proc/sys/kernel/yama/ptrace_scope'
+drgn -p "$OPT_TARGET_PID" ../support/local-drgn.py
+

Ghidra/Debug/Debugger-agent-drgn/data/support/local-drgn.py

@@ -0,0 +1,48 @@
+## ###
+# IP: GHIDRA
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+##
+
+# From drgn:
+# EASY-INSTALL-ENTRY-SCRIPT: 'drgn==0.0.24','console_scripts','drgn'
+import os
+import re
+import sys
+
+import drgn.cli
+
+
+def append_paths():
+    sys.path.append(
+        f"{os.getenv('MODULE_Debugger_rmi_trace_HOME')}/data/support")
+    from gmodutils import ghidra_module_pypath
+    sys.path.append(ghidra_module_pypath("Debugger-rmi-trace"))
+    sys.path.append(ghidra_module_pypath())
+
+
+def main():
+    append_paths()
+
+    from ghidradrgn import commands as cmd
+    cmd.ghidra_trace_connect(address=os.getenv('GHIDRA_TRACE_RMI_ADDR'))
+    cmd.ghidra_trace_create(start_trace=True)
+    cmd.ghidra_trace_txstart()
+    cmd.ghidra_trace_put_all()
+    cmd.ghidra_trace_txcommit()
+    cmd.ghidra_trace_activate()
+    drgn.cli.run_interactive(cmd.prog)
+
+
+if __name__ == '__main__':
+    main()

Ghidra/Debug/Debugger-agent-drgn/src/main/help/help/TOC_Source.xml

@@ -0,0 +1,19 @@
+<?xml version='1.0' encoding='ISO-8859-1'?>
+<!-- See Base's TOC_Source.xml for help -->
+<tocroot>
+	<tocref id="TraceRmiLauncherServicePlugin">
+		<tocdef id="drgn" text="drgn Integration"
+			target="help/topics/drgn/drgn.html">
+
+			<tocdef id="drgn_attach" text="Attach"
+				target="help/topics/drgn/drgn.html#attach" />
+
+			<tocdef id="drgn_core" text="Core Dump"
+				target="help/topics/drgn/drgn.html#attach" />
+
+			<tocdef id="linux_kernel" text="Linux Kernel"
+				target="help/topics/drgn/drgn.html#attach" />
+
+		</tocdef>
+	</tocref>
+</tocroot>

Ghidra/Debug/Debugger-agent-drgn/src/main/help/help/topics/drgn/drgn.html

@@ -0,0 +1,78 @@
+<!DOCTYPE doctype PUBLIC "-//W3C//DTD HTML 4.0 Frameset//EN">
+
+<HTML>
+  <HEAD>
+    <META name="generator" content=
+    "HTML Tidy for Java (vers. 2009-12-01), see jtidy.sourceforge.net">
+
+    <TITLE>Debugger Launchers: drgn</TITLE>
+    <META http-equiv="Content-Type" content="text/html; charset=windows-1252">
+    <LINK rel="stylesheet" type="text/css" href="help/shared/DefaultStyle.css">
+  </HEAD>
+
+  <BODY lang="EN-US">
+    <H1><A name="plugin"></A>Debugger Launchers: drgn</H1>
+
+    <P>The following launchers uses Meta's <B>drgn</B> engine to explore various targets:</P>
+
+    <H2><A name="attach"></A>Attach</H2>
+
+    <P>The "<TT>drgn</TT>" launcher attaches to a running process via the Linux "/proc/pid"
+    interface.</P>
+
+    <H3>Setup</H3>
+
+    <P>You must have Meta's <B>drgn</B> installed on the local system. The default behavior assumes
+    you do NOT need root access to attach to a running process, i.e. it assumes you have run the
+    command:</P>
+
+    <UL style="list-style-type: none">
+      <LI>
+<PRE>
+echo 0 &gt; /proc/sys/kernel/yama/ptrace_scope
+</PRE>
+      </LI>
+    </UL>
+
+    <P>using root privileges at some point. Alternately, you can prepend "sudo -E" to the drgn
+    invocation line in "local-drgn.sh"". Note: <B>drgn</B> does not currently support stack
+    unwinding or register access for user-mode access to running processes.</P>
+
+    <H3>Options</H3>
+
+    <UL>
+      <LI><B>PID</B>: The running process's id</LI>
+    </UL>
+
+    <H2><A name="core"></A>Core Dump</H2>
+
+    <P>This launcher loads a Linux core dump.</P>
+
+    <H3>Setup</H3>
+
+    <P>You must have Meta's <B>drgn</B> installed on the local system. No other setup is required.
+    Note: Core dumps may or may not include memory, so the Dynamic Listing may or may not be
+    populated.</P>
+
+    <H3>Options</H3>
+
+    <UL>
+      <LI><B>Core dump</B>: The core-dump file</LI>
+    </UL>
+
+    <H2><A name="linux_kernel"></A>Linux Kernel</H2>
+
+    <P>This launcher attaches to a Linux kernel via the "/proc/kcore" interface.</P>
+
+    <H3>Setup</H3>
+
+    <P>You must have Meta's <B>drgn</B> installed on the local system. No other setup is required.
+    Note: requires root access - you will be prompted for a password in the Terminal.</P>
+
+    <H3>Options</H3>
+
+    <UL>
+      <LI><B>None</B></LI>
+    </UL>
+  </BODY>
+</HTML>

Ghidra/Debug/Debugger-agent-drgn/src/main/py/LICENSE

@@ -0,0 +1,11 @@
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+     http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.

Ghidra/Debug/Debugger-agent-drgn/src/main/py/MANIFEST.in

@@ -0,0 +1 @@
+include src/ghidradrgn/schema.xml

Ghidra/Debug/Debugger-agent-drgn/src/main/py/README.md

@@ -0,0 +1,3 @@
+# Ghidra Trace RMI for drgn
+
+Package for connecting drgn to Ghidra via Trace RMI.

Ghidra/Debug/Debugger-agent-drgn/src/main/py/pyproject.toml

@@ -0,0 +1,25 @@
+[build-system]
+requires = ["setuptools"]
+build-backend = "setuptools.build_meta"
+
+[project]
+name = "ghidradrgn"
+version = "11.5"
+authors = [
+  { name="Ghidra Development Team" },
+]
+description = "Ghidra's Plugin for drgn"
+readme = "README.md"
+requires-python = ">=3.9"
+classifiers = [
+    "Programming Language :: Python :: 3",
+    "License :: OSI Approved :: Apache Software License",
+    "Operating System :: OS Independent",
+]
+dependencies = [
+    "ghidratrace==11.5",
+]
+
+[project.urls]
+"Homepage" = "https://github.com/NationalSecurityAgency/ghidra"
+"Bug Tracker" = "https://github.com/NationalSecurityAgency/ghidra/issues"

Ghidra/Debug/Debugger-agent-drgn/src/main/py/src/ghidradrgn/__init__.py

@@ -13,7 +13,4 @@
 #  See the License for the specific language governing permissions and
 #  limitations under the License.
 ##
-
+from . import util, commands
-# NOTE: libraries must precede EVERYTHING, esp pybag and DbgMod
-
-from . import libraries, util, commands, methods, hooks

Ghidra/Debug/Debugger-agent-drgn/src/main/py/src/ghidradrgn/arch.py

@@ -0,0 +1,211 @@
+## ###
+# IP: GHIDRA
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+##
+from typing import Dict, List, Literal, Optional, Tuple
+
+from ghidratrace.client import Address, RegVal
+import drgn
+
+from . import util
+
+
+# NOTE: This map is derived from the ldefs using a script
+language_map: Dict[str, List[str]] = {
+    'AARCH64': ['AARCH64:BE:64:v8A', 'AARCH64:LE:64:AppleSilicon', 'AARCH64:LE:64:v8A'],
+    'ARM': ['ARM:BE:32:v8', 'ARM:BE:32:v8T', 'ARM:LE:32:v8', 'ARM:LE:32:v8T'],
+    'PPC64': ['PowerPC:BE:64:4xx', 'PowerPC:LE:64:4xx'],
+    'S390': [],
+    'S390X': [],
+    'I386': ['x86:LE:32:default'],
+    'X86_64': ['x86:LE:64:default'],
+    'UNKNOWN': ['DATA:LE:64:default', 'DATA:LE:64:default'],
+}
+
+data64_compiler_map: Dict[Optional[str], str] = {
+    None: 'pointer64',
+}
+
+default_compiler_map: Dict[Optional[str], str] = {
+    'Language.C': 'default',
+}
+
+x86_compiler_map: Dict[Optional[str], str] = {
+    'Language.C': 'gcc',
+}
+
+compiler_map: Dict[str, Dict[Optional[str], str]] = {
+    'DATA:BE:64:': data64_compiler_map,
+    'DATA:LE:64:': data64_compiler_map,
+    'x86:LE:32:': x86_compiler_map,
+    'x86:LE:64:': x86_compiler_map,
+    'AARCH64:LE:64:': default_compiler_map,
+    'ARM:BE:32:': default_compiler_map,
+    'ARM:LE:32:': default_compiler_map,
+    'PowerPC:BE:64:': default_compiler_map,
+    'PowerPC:LE:64:': default_compiler_map,
+}
+
+
+def get_arch() -> str:
+    platform = drgn.host_platform
+    return platform.arch.name
+
+
+def get_endian() -> Literal['little', 'big']:
+    parm = util.get_convenience_variable('endian')
+    if parm != 'auto':
+        return parm
+    platform = drgn.host_platform
+    order = platform.flags.IS_LITTLE_ENDIAN
+    if order.value > 0:
+        return 'little'
+    else:
+        return 'big'
+
+
+def get_size() -> str:
+    parm = util.get_convenience_variable('size')
+    if parm != 'auto':
+        return parm
+    platform = drgn.host_platform
+    order = platform.flags.IS_64_BIT
+    if order.value > 0:
+        return '64'
+    else:
+        return '32'
+
+
+def get_osabi() -> str:
+    return "Language.C"
+
+
+def compute_ghidra_language() -> str:
+    # First, check if the parameter is set
+    lang = util.get_convenience_variable('ghidra-language')
+    if lang != 'auto':
+        return lang
+
+    # Get the list of possible languages for the arch. We'll need to sift
+    # through them by endian and probably prefer default/simpler variants. The
+    # heuristic for "simpler" will be 'default' then shortest variant id.
+    arch = get_arch()
+    endian = get_endian()
+    sz = get_size()
+    lebe = ':BE:' if endian == 'big' else ':LE:'
+    if not arch in language_map:
+        return 'DATA' + lebe + sz + ':default'
+    langs = language_map[arch]
+    matched_endian = sorted(
+        (l for l in langs if lebe in l),
+        key=lambda l: 0 if l.endswith(':default') else len(l)
+    )
+    if len(matched_endian) > 0:
+        return matched_endian[0]
+    # NOTE: I'm disinclined to fall back to a language match with wrong endian.
+    return 'DATA' + lebe + sz + ':default'
+
+
+def compute_ghidra_compiler(lang: str) -> str:
+    # First, check if the parameter is set
+    comp = util.get_convenience_variable('ghidra-compiler')
+    if comp != 'auto':
+        return comp
+
+    # Check if the selected lang has specific compiler recommendations
+    matched_lang = sorted(
+        (l for l in compiler_map if l in lang),
+        #        key=lambda l: compiler_map[l]
+    )
+    if len(matched_lang) == 0:
+        print(f"{lang} not found in compiler map - using default compiler")
+        return 'default'
+
+    comp_map = compiler_map[matched_lang[0]]
+    if comp_map == data64_compiler_map:
+        print(f"Using the DATA64 compiler map")
+    osabi = get_osabi()
+    if osabi in comp_map:
+        return comp_map[osabi]
+    if lang.startswith("X86:"):
+        print(f"{osabi} not found in compiler map - using gcc")
+        return 'gcc'
+    if None in comp_map:
+        return comp_map[None]
+    print(f"{osabi} not found in compiler map - using default compiler")
+    return 'default'
+
+
+def compute_ghidra_lcsp() -> Tuple[str, str]:
+    lang = compute_ghidra_language()
+    comp = compute_ghidra_compiler(lang)
+    return lang, comp
+
+
+class DefaultMemoryMapper(object):
+
+    def __init__(self, defaultSpace: str) -> None:
+        self.defaultSpace = defaultSpace
+
+    def map(self, proc: int, offset: int) -> Tuple[str, Address]:
+        space = self.defaultSpace
+        return self.defaultSpace, Address(space, offset)
+
+    def map_back(self, proc: int, address: Address) -> int:
+        if address.space == self.defaultSpace:
+            return address.offset
+        raise ValueError(
+            f"Address {address} is not in process {proc}")
+
+
+DEFAULT_MEMORY_MAPPER = DefaultMemoryMapper('ram')
+
+memory_mappers: Dict[str, DefaultMemoryMapper] = {}
+
+
+def compute_memory_mapper(lang: str) -> DefaultMemoryMapper:
+    if not lang in memory_mappers:
+        return DEFAULT_MEMORY_MAPPER
+    return memory_mappers[lang]
+
+
+class DefaultRegisterMapper(object):
+
+    def __init__(self, byte_order: str) -> None:
+        if not byte_order in ['big', 'little']:
+            raise ValueError("Invalid byte_order: {}".format(byte_order))
+        self.byte_order = byte_order
+
+    def map_name(self, proc: int, name: str) -> str:
+        return name
+
+    def map_value(self, proc: int, name: str, value: bytes):
+        return RegVal(self.map_name(proc, name), value)
+
+    def map_name_back(self, proc: int, name: str):
+        return name
+
+    def map_value_back(self, proc: int, name: str, value: bytes):
+        return RegVal(self.map_name_back(proc, name), value)
+
+
+DEFAULT_BE_REGISTER_MAPPER = DefaultRegisterMapper('big')
+DEFAULT_LE_REGISTER_MAPPER = DefaultRegisterMapper('little')
+
+
+def compute_register_mapper(lang: str) -> DefaultRegisterMapper:
+    if ':BE:' in lang:
+        return DEFAULT_BE_REGISTER_MAPPER
+    else:
+        return DEFAULT_LE_REGISTER_MAPPER

Ghidra/Debug/Debugger-agent-drgn/src/main/py/src/ghidradrgn/hooks.py

@@ -0,0 +1,221 @@
+## ###
+# IP: GHIDRA
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+##
+from dataclasses import dataclass, field
+import threading
+import time
+
+import drgn
+
+from typing import Any, Callable, Collection, Dict, Optional, TypeVar, cast
+
+from . import commands, util
+
+
+ALL_EVENTS = 0xFFFF
+
+
+@dataclass(frozen=False)
+class HookState(object):
+    installed = False
+
+
+@dataclass(frozen=False)
+class ProcessState(object):
+    first = True
+    # For things we can detect changes to between stops
+    regions = False
+    modules = False
+    threads = False
+    breaks = False
+    watches = False
+    # For frames and threads that have already been synced since last stop
+    visited: set[Any] = field(default_factory=set)
+
+    def record(self, description: Optional[str] = None) -> None:
+        first = self.first
+        self.first = False
+        trace = commands.STATE.require_trace()
+        if description is not None:
+            trace.snapshot(description)
+        if first:
+            commands.put_processes()
+            commands.put_environment()
+        if self.threads:
+            commands.put_threads()
+            self.threads = False
+        nthrd = util.selected_thread()
+        if nthrd is not None:
+            if first or nthrd not in self.visited:
+                commands.put_frames()
+                self.visited.add(nthrd)
+            level = util.selected_frame()
+            hashable_frame = (nthrd, level)
+            if first or hashable_frame not in self.visited:
+                commands.putreg()
+                try:
+                    commands.putmem(commands.get_pc(), 1, True, True)
+                except BaseException as e:
+                    print(f"Couldn't record page with PC: {e}")
+                try:
+                    commands.putmem(commands.get_sp(), 1, True, True)
+                except BaseException as e:
+                    print(f"Couldn't record page with SP: {e}")
+                self.visited.add(hashable_frame)
+        if first or self.regions or self.modules:
+            # Sections, memory syscalls, or stack allocations
+            commands.put_regions()
+            self.regions = False
+        if first or self.modules:
+            commands.put_modules()
+            self.modules = False
+
+    def record_continued(self) -> None:
+        commands.put_processes()
+        commands.put_threads()
+
+    def record_exited(self, exit_code: int) -> None:
+        trace = commands.STATE.require_trace()
+        nproc = util.selected_process()
+        ipath = commands.PROCESS_PATTERN.format(procnum=nproc)
+        procobj = trace.proxy_object_path(ipath)
+        procobj.set_value('Exit Code', exit_code)
+        procobj.set_value('State', 'TERMINATED')
+
+
+HOOK_STATE = HookState()
+PROC_STATE: Dict[int, ProcessState] = {}
+
+
+def on_new_process(id: int) -> None:
+    trace = commands.STATE.trace
+    if trace is None:
+        return
+    with trace.client.batch():
+        with trace.open_tx("New Process {}".format(id)):
+            commands.put_processes()  # TODO: Could put just the one....
+
+
+def on_process_selected() -> None:
+    nproc = util.selected_process()
+    if nproc not in PROC_STATE:
+        return
+    trace = commands.STATE.trace
+    if trace is None:
+        return
+    with trace.client.batch():
+        with trace.open_tx("Process {} selected".format(nproc)):
+            PROC_STATE[nproc].record()
+            commands.activate()
+
+
+def on_new_thread() -> None:
+    nproc = util.selected_process()
+    if nproc not in PROC_STATE:
+        return
+    PROC_STATE[nproc].threads = True
+
+
+def on_thread_selected() -> None:
+    nproc = util.selected_process()
+    if nproc not in PROC_STATE:
+        return
+    trace = commands.STATE.trace
+    if trace is None:
+        return
+    nthrd = util.selected_thread()
+    with trace.client.batch():
+        with trace.open_tx("Thread {}.{} selected".format(nproc, nthrd)):
+            PROC_STATE[nproc].record()
+            commands.put_threads()
+            commands.activate()
+
+
+def on_frame_selected() -> None:
+    nproc = util.selected_process()
+    if nproc not in PROC_STATE:
+        return
+    trace = commands.STATE.trace
+    if trace is None:
+        return
+    nthrd = util.selected_thread()
+    level = util.selected_frame()
+    with trace.client.batch():
+        with trace.open_tx("Frame {}.{}.{} selected".format(nproc, nthrd, level)):
+            PROC_STATE[nproc].record()
+            commands.put_threads()
+            commands.put_frames()
+            commands.activate()
+
+
+def on_cont() -> None:
+    nproc = util.selected_process()
+    if nproc not in PROC_STATE:
+        return
+    trace = commands.STATE.trace
+    if trace is None:
+        return
+    state = PROC_STATE[nproc]
+    with trace.client.batch():
+        with trace.open_tx("Continued"):
+            state.record_continued()
+
+
+def on_stop() -> None:
+    nproc = util.selected_process()
+    if nproc not in PROC_STATE:
+        PROC_STATE[nproc] = ProcessState()
+    trace = commands.STATE.trace
+    if trace is None:
+        print("no trace")
+        return
+    state = PROC_STATE[nproc]
+    state.visited.clear()
+    with trace.client.batch():
+        with trace.open_tx("Stopped"):
+            state.record("Stopped")
+            commands.put_threads()
+            commands.put_frames()
+            commands.activate()
+
+
+def modules_changed() -> None:
+    nproc = util.selected_process()
+    if nproc not in PROC_STATE:
+        return
+    PROC_STATE[nproc].modules = True
+
+
+def install_hooks() -> None:
+    if HOOK_STATE.installed:
+        return
+    HOOK_STATE.installed = True
+
+
+def remove_hooks() -> None:
+    if not HOOK_STATE.installed:
+        return
+    HOOK_STATE.installed = False
+
+
+def enable_current_process() -> None:
+    nproc = util.selected_process()
+    PROC_STATE[nproc] = ProcessState()
+
+
+def disable_current_process() -> None:
+    nproc = util.selected_process()
+    if nproc in PROC_STATE:
+        del PROC_STATE[nproc]

Ghidra/Debug/Debugger-agent-drgn/src/main/py/src/ghidradrgn/methods.py

@@ -0,0 +1,432 @@
+## ###
+# IP: GHIDRA
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+##
+from concurrent.futures import Future, ThreadPoolExecutor
+from contextlib import redirect_stdout
+from io import StringIO
+import re
+import sys
+import time
+from typing import Annotated, Any, Dict, Optional, Tuple
+
+import drgn
+import drgn.cli
+from drgn import StackFrame
+try:
+    from drgn import Module  # type: ignore
+except Exception as e:
+    class Module:
+        pass  # not supported on older versions
+
+from ghidratrace import sch
+from ghidratrace.client import (
+    MethodRegistry, ParamDesc, Address, AddressRange, TraceObject)
+
+from . import util, commands, hooks
+
+
+REGISTRY = MethodRegistry(ThreadPoolExecutor(
+    max_workers=1, thread_name_prefix='MethodRegistry'))
+
+
+def extre(base, ext) -> re.Pattern:
+    return re.compile(base.pattern + ext)
+
+
+PROCESSES_PATTERN = re.compile('Processes')
+PROCESS_PATTERN = extre(PROCESSES_PATTERN, '\\[(?P<procnum>\\d*)\\]')
+ENV_PATTERN = extre(PROCESS_PATTERN, '\\.Environment')
+THREADS_PATTERN = extre(PROCESS_PATTERN, '\\.Threads')
+THREAD_PATTERN = extre(THREADS_PATTERN, '\\[(?P<tnum>\\d*)\\]')
+STACK_PATTERN = extre(THREAD_PATTERN, '\\.Stack')
+FRAME_PATTERN = extre(STACK_PATTERN, '\\[(?P<level>\\d*)\\]')
+REGS_PATTERN = extre(FRAME_PATTERN, '.Registers')
+LOCALS_PATTERN = extre(FRAME_PATTERN, '.Locals')
+MEMORY_PATTERN = extre(PROCESS_PATTERN, '\\.Memory')
+MODULES_PATTERN = extre(PROCESS_PATTERN, '\\.Modules')
+MODULE_PATTERN = extre(MODULES_PATTERN, '\\[(?P<modbase>.*)\\]')
+
+
+class Environment(TraceObject):
+    pass
+
+
+class LocalsContainer(TraceObject):
+    pass
+
+
+class Memory(TraceObject):
+    pass
+
+
+class ModuleContainer(TraceObject):
+    pass
+
+
+class Process(TraceObject):
+    pass
+
+
+class ProcessContainer(TraceObject):
+    pass
+
+
+class Stack(TraceObject):
+    pass
+
+
+class RegisterValueContainer(TraceObject):
+    pass
+
+
+class SymbolContainer(TraceObject):
+    pass
+
+
+class Thread(TraceObject):
+    pass
+
+
+class ThreadContainer(TraceObject):
+    pass
+
+
+def find_proc_by_num(id: int) -> int:
+    if id != util.selected_process():
+        util.select_process(id)
+    return util.selected_process()
+
+
+def find_proc_by_pattern(object: TraceObject, pattern: re.Pattern,
+                         err_msg: str) -> int:
+    mat = pattern.fullmatch(object.path)
+    if mat is None:
+        raise TypeError(f"{object} is not {err_msg}")
+    procnum = int(mat['procnum'])
+    return find_proc_by_num(procnum)
+
+
+def find_proc_by_obj(object: TraceObject) -> int:
+    return find_proc_by_pattern(object, PROCESS_PATTERN, "an Process")
+
+
+def find_proc_by_env_obj(object: TraceObject) -> int:
+    return find_proc_by_pattern(object, ENV_PATTERN, "an Environment")
+
+
+def find_proc_by_threads_obj(object: TraceObject) -> int:
+    return find_proc_by_pattern(object, THREADS_PATTERN, "a ThreadContainer")
+
+
+def find_proc_by_mem_obj(object: TraceObject) -> int:
+    return find_proc_by_pattern(object, MEMORY_PATTERN, "a Memory")
+
+
+def find_proc_by_modules_obj(object: TraceObject) -> int:
+    return find_proc_by_pattern(object, MODULES_PATTERN, "a ModuleContainer")
+
+
+def find_thread_by_num(id: int) -> Optional[int]:
+    if id != util.selected_thread():
+        util.select_thread(id)
+    return util.selected_thread()
+
+
+def find_thread_by_pattern(pattern: re.Pattern, object: TraceObject,
+                           err_msg: str) -> Optional[int]:
+    mat = pattern.fullmatch(object.path)
+    if mat is None:
+        raise TypeError(f"{object} is not {err_msg}")
+    pnum = int(mat['procnum'])
+    tnum = int(mat['tnum'])
+    find_proc_by_num(pnum)
+    return find_thread_by_num(tnum)
+
+
+def find_thread_by_obj(object: TraceObject) -> Optional[int]:
+    return find_thread_by_pattern(THREAD_PATTERN, object, "a Thread")
+
+
+def find_thread_by_stack_obj(object: TraceObject) -> Optional[int]:
+    return find_thread_by_pattern(STACK_PATTERN, object, "a Stack")
+
+
+def find_thread_by_regs_obj(object: TraceObject) -> Optional[int]:
+    return find_thread_by_pattern(REGS_PATTERN, object, "a RegisterValueContainer")
+
+
+def find_frame_by_level(level: int) -> Optional[Tuple[int, StackFrame]]:
+    tnum = util.selected_thread()
+    thread = commands.prog.thread(tnum)
+    try:
+        frames = thread.stack_trace()
+    except Exception as e:
+        print(e)
+        return None
+
+    for i, f in enumerate(frames):
+        if i == level:
+            if i != util.selected_frame():
+                util.select_frame(i)
+            return i, f
+    return None
+
+
+def find_frame_by_pattern(pattern: re.Pattern, object: TraceObject,
+                          err_msg: str) -> Optional[Tuple[int, StackFrame]]:
+    mat = pattern.fullmatch(object.path)
+    if mat is None:
+        raise TypeError(f"{object} is not {err_msg}")
+    pnum = int(mat['procnum'])
+    tnum = int(mat['tnum'])
+    level = int(mat['level'])
+    find_proc_by_num(pnum)
+    find_thread_by_num(tnum)
+    return find_frame_by_level(level)
+
+
+def find_frame_by_obj(object: TraceObject) -> Optional[Tuple[int, StackFrame]]:
+    return find_frame_by_pattern(FRAME_PATTERN, object, "a StackFrame")
+
+
+def find_frame_by_regs_obj(object: TraceObject) -> Optional[Tuple[int, StackFrame]]:
+    return find_frame_by_pattern(REGS_PATTERN, object, "a RegisterValueContainer")
+
+
+def find_frame_by_locals_obj(object: TraceObject) -> Optional[Tuple[int, StackFrame]]:
+    return find_frame_by_pattern(LOCALS_PATTERN, object, "a LocalsContainer")
+
+
+def find_module_by_base(modbase: TraceObject) -> Module:
+    for m in commands.prog.modules():  # type: ignore
+        if modbase == str(hex(m.address_range[0])):
+            return m
+
+
+def find_module_by_pattern(pattern: re.Pattern, object: TraceObject,
+                           err_msg: str) -> int:
+    mat = pattern.fullmatch(object.path)
+    if mat is None:
+        raise TypeError(f"{object} is not {err_msg}")
+    pnum = int(mat['procnum'])
+    modbase = mat['modbase']
+    find_proc_by_num(pnum)
+    return find_module_by_base(modbase)
+
+
+def find_module_by_obj(object: TraceObject) -> int:
+    return find_module_by_pattern(MODULE_PATTERN, object, "a Module")
+
+
+shared_globals: Dict[str, Any] = dict()
+
+
+@REGISTRY.method()
+def execute(cmd: str, to_string: bool = False) -> Optional[str]:
+    """Execute a Python3 command or script."""
+    if to_string:
+        data = StringIO()
+        with redirect_stdout(data):
+            exec(cmd, shared_globals)
+        return data.getvalue()
+    else:
+        exec(cmd, shared_globals)
+        return None
+
+
+@REGISTRY.method(action='refresh', display='Refresh Processes')
+def refresh_processes(node: ProcessContainer) -> None:
+    """Refresh the list of processes."""
+    with commands.open_tracked_tx('Refresh Processes'):
+        commands.ghidra_trace_put_processes()
+
+
+@REGISTRY.method(action='refresh', display='Refresh Environment')
+def refresh_environment(node: Environment) -> None:
+    """Refresh the environment descriptors (arch, os, endian)."""
+    with commands.open_tracked_tx('Refresh Environment'):
+        commands.ghidra_trace_put_environment()
+
+
+@REGISTRY.method(action='refresh', display='Refresh Threads')
+def refresh_threads(node: ThreadContainer) -> None:
+    """Refresh the list of threads in the process."""
+    with commands.open_tracked_tx('Refresh Threads'):
+        commands.ghidra_trace_put_threads()
+
+
+# @REGISTRY.method(action='refresh', display='Refresh Symbols')
+# def refresh_symbols(node: SymbolContainer) -> None:
+#    """Refresh the list of symbols in the process."""
+#    with commands.open_tracked_tx('Refresh Symbols'):
+#        commands.ghidra_trace_put_symbols()
+
+
+@REGISTRY.method(action='show_symbol', display='Retrieve Symbols')
+def retrieve_symbols(
+        conainer: SymbolContainer,
+        pattern: Annotated[str, ParamDesc(display='Pattern')]) -> None:
+    """Load the symbol set matching the pattern."""
+    with commands.open_tracked_tx('Retrieve Symbols'):
+        commands.put_symbols(pattern)
+
+
+@REGISTRY.method(action='refresh', display='Refresh Stack')
+def refresh_stack(node: Stack) -> None:
+    """Refresh the backtrace for the thread."""
+    tnum = find_thread_by_stack_obj(node)
+    with commands.open_tracked_tx('Refresh Stack'):
+        commands.ghidra_trace_put_frames()
+
+
+@REGISTRY.method(action='refresh', display='Refresh Registers')
+def refresh_registers(node: RegisterValueContainer) -> None:
+    """Refresh the register values for the selected frame."""
+    level = find_frame_by_regs_obj(node)
+    with commands.open_tracked_tx('Refresh Registers'):
+        commands.ghidra_trace_putreg()
+
+
+@REGISTRY.method(action='refresh', display='Refresh Locals')
+def refresh_locals(node: LocalsContainer) -> None:
+    """Refresh the local values for the selected frame."""
+    level = find_frame_by_locals_obj(node)
+    with commands.open_tracked_tx('Refresh Registers'):
+        commands.ghidra_trace_put_locals()
+
+
+@REGISTRY.method(action='refresh', display='Refresh Memory',
+                 condition=hasattr(drgn, 'RelocatableModule'))
+def refresh_mappings(node: Memory) -> None:
+    """Refresh the list of memory regions for the process."""
+    with commands.open_tracked_tx('Refresh Memory Regions'):
+        commands.ghidra_trace_put_regions()
+
+
+@REGISTRY.method(action='refresh', display='Refresh Modules',
+                 condition=hasattr(drgn, 'RelocatableModule'))
+def refresh_modules(node: ModuleContainer) -> None:
+    """Refresh the modules list for the process."""
+    with commands.open_tracked_tx('Refresh Modules'):
+        commands.ghidra_trace_put_modules()
+
+
+@REGISTRY.method(action='activate')
+def activate_process(process: Process) -> None:
+    """Switch to the process."""
+    find_proc_by_obj(process)
+
+
+@REGISTRY.method(action='activate')
+def activate_thread(thread: Thread) -> None:
+    """Switch to the thread."""
+    find_thread_by_obj(thread)
+
+
+@REGISTRY.method(action='activate')
+def activate_frame(frame: TraceObject) -> None:
+    """Select the frame."""
+    res = find_frame_by_obj(frame)
+    if res is None:
+        return
+    i, f = res
+    util.select_frame(i)
+    with commands.open_tracked_tx('Refresh Stack'):
+        commands.ghidra_trace_put_frames()
+    with commands.open_tracked_tx('Refresh Registers'):
+        commands.ghidra_trace_putreg()
+
+
+@REGISTRY.method()
+def read_mem(process: Process, range: AddressRange) -> None:
+    """Read memory."""
+    # print("READ_MEM: process={}, range={}".format(process, range))
+    nproc = find_proc_by_obj(process)
+    offset_start = process.trace.extra.require_mm().map_back(
+        nproc, Address(range.space, range.min))
+    with commands.open_tracked_tx('Read Memory'):
+        result = commands.put_bytes(
+            offset_start, offset_start + range.length() - 1, pages=True, display_result=False)
+        if result['count'] == 0:
+            commands.putmem_state(
+                offset_start, offset_start+range.length() - 1, 'error')
+
+
+@REGISTRY.method(action='attach', display='Attach by pid')
+def attach_pid(processes: ProcessContainer,
+               pid: Annotated[str, ParamDesc(display='PID')]) -> None:
+    """Attach the process to the given target."""
+    prog = drgn.Program()
+    prog.set_pid(int(pid))
+    util.selected_pid = int(pid)
+    util.selected_tid = prog.main_thread().tid
+    default_symbols = {"default": True, "main": True}
+    try:
+        prog.load_debug_info(None, **default_symbols)
+    except drgn.MissingDebugInfoError as e:
+        print(e)
+    # commands.ghidra_trace_start(pid)
+    commands.PROGRAMS[pid] = prog
+    commands.prog = prog
+    with commands.open_tracked_tx('Refresh Processes'):
+        commands.ghidra_trace_put_processes()
+
+
+@REGISTRY.method(action='attach', display='Attach core dump')
+def attach_core(processes: ProcessContainer,
+                core: Annotated[str, ParamDesc(display='Core dump')]) -> None:
+    """Attach the process to the given target."""
+    prog = drgn.Program()
+    prog.set_core_dump(core)
+    default_symbols = {"default": True, "main": True}
+    try:
+        prog.load_debug_info(None, **default_symbols)
+    except drgn.MissingDebugInfoError as e:
+        print(e)
+
+    util.selected_pid += 1
+    commands.PROGRAMS[util.selected_pid] = prog
+    commands.prog = prog
+    with commands.open_tracked_tx('Refresh Processes'):
+        commands.ghidra_trace_put_processes()
+
+
+@REGISTRY.method(action='step_into')
+def step_into(thread: Thread,
+              n: Annotated[int, ParamDesc(display='N')] = 1) -> None:
+    """Step one instruction exactly."""
+    find_thread_by_obj(thread)
+    time.sleep(1)
+    hooks.on_stop()
+
+
+# @REGISTRY.method
+# def kill(process: Process) -> None:
+#     """Kill execution of the process."""
+#     commands.ghidra_trace_kill()
+
+
+# @REGISTRY.method(action='resume')
+# def go(process: Process) -> None:
+#     """Continue execution of the process."""
+#     util.dbg.run_async(lambda: dbg().go())
+
+
+# @REGISTRY.method
+# def interrupt(process: Process) -> None:
+#     """Interrupt the execution of the debugged program."""
+#     # SetInterrupt is reentrant, so bypass the thread checks
+#     util.dbg._protected_base._control.SetInterrupt(
+#         DbgEng.DEBUG_INTERRUPT_ACTIVE)

Ghidra/Debug/Debugger-agent-drgn/src/main/py/src/ghidradrgn/schema.xml

@@ -1,67 +1,21 @@
 <context>
-	<schema name="TTDSession" elementResync="NEVER" attributeResync="NEVER">
+	<schema name="DrgnRoot" canonical="yes" elementResync="NEVER" attributeResync="NEVER">
-		<interface name="EventScope" />
-		<interface name="FocusScope" />
-		<interface name="Aggregate" />
-		<element schema="VOID" />
 		<attribute name="Processes" schema="ProcessContainer" required="yes" fixed="yes" />
-		<attribute name="Available" schema="AvailableContainer" required="yes" fixed="yes" />
+		<attribute name="State" schema="ANY" />
-		<attribute name="_event_thread" schema="OBJECT" hidden="yes" />
+		<attribute-alias from="_state" to="State" />
-		<attribute name="_focus" schema="Selectable" required="yes" hidden="yes" />
 		<attribute name="_display" schema="STRING" hidden="yes" />
 		<attribute name="_order" schema="INT" hidden="yes" />
-		<attribute schema="VOID" />
+		<attribute schema="ANY"/>
 	</schema>
 	<schema name="Selectable" elementResync="NEVER" attributeResync="NEVER">
 		<element schema="OBJECT" />
 		<attribute name="_order" schema="INT" hidden="yes" />
 		<attribute schema="VOID" />
 	</schema>
-	<schema name="BreakpointContainer" canonical="yes" elementResync="NEVER" attributeResync="NEVER">
-		<element schema="BreakpointSpec" />
-		<attribute name="_order" schema="INT" hidden="yes" />
-		<attribute schema="VOID" />
-	</schema>
-	<schema name="AvailableContainer" canonical="yes" elementResync="ALWAYS" attributeResync="NEVER">
-		<element schema="Attachable" />
-		<attribute name="_order" schema="INT" hidden="yes" />
-		<attribute schema="VOID" />
-	</schema>
 	<schema name="ProcessContainer" canonical="yes" elementResync="NEVER" attributeResync="NEVER">
 		<element schema="Process" />
 		<attribute name="_order" schema="INT" hidden="yes" />
-		<attribute schema="VOID" />
+		<attribute schema="ANY" />
-	</schema>
-	<schema name="BreakpointSpec" canonical="yes" elementResync="NEVER" attributeResync="NEVER">
-		<interface name="BreakpointSpec" />
-		<interface name="BreakpointLocation" />
-		<interface name="Togglable" />
-		<element schema="VOID" />
-		<attribute name="Expression" schema="STRING" required="yes" hidden="yes" />
-		<attribute-alias from="_expression" to="Expression" />
-		<attribute name="Kinds" schema="STRING" required="yes" hidden="yes" />
-		<attribute-alias from="_kinds" to="Kinds" />
-		<attribute name="_display" schema="STRING" hidden="yes" />
-		<attribute name="_order" schema="INT" hidden="yes" />
-		<attribute name="Range" schema="RANGE" />
-		<attribute-alias from="_range" to="Range" />
-		<attribute name="_enabled" schema="BOOL" required="yes" hidden="yes" />
-		<attribute name="Commands" schema="STRING" />
-		<attribute name="Condition" schema="STRING" />
-		<attribute name="Hit Count" schema="INT" />
-		<attribute name="Ignore Count" schema="INT" />
-		<attribute name="Pending" schema="BOOL" />
-		<attribute name="Silent" schema="BOOL" />
-		<attribute name="Temporary" schema="BOOL" />
-		<attribute schema="VOID" />
-	</schema>
-	<schema name="Attachable" elementResync="NEVER" attributeResync="NEVER">
-		<element schema="VOID" />
-		<attribute name="PID" schema="LONG" />
-		<attribute-alias from="_pid" to="PID" />
-		<attribute name="_display" schema="STRING" hidden="yes" />
-		<attribute name="_order" schema="INT" hidden="yes" />
-		<attribute schema="VOID" />
 	</schema>
 	<schema name="Process" elementResync="NEVER" attributeResync="NEVER">
 		<interface name="Activatable" />
@@ -70,12 +24,14 @@
 		<interface name="ExecutionStateful" />
 		<element schema="VOID" />
 		<attribute name="Threads" schema="ThreadContainer" required="yes" fixed="yes" />
-		<attribute name="Breakpoints" schema="BreakpointContainer" required="yes" fixed="yes" />
+		<attribute name="Symbols" schema="SymbolContainer" required="yes" fixed="yes" />
 		<attribute name="Exit Code" schema="LONG" />
 		<attribute-alias from="_exit_code" to="Exit Code" />
 		<attribute name="Environment" schema="Environment" required="yes" fixed="yes" />
 		<attribute name="Memory" schema="Memory" required="yes" fixed="yes" />
 		<attribute name="Modules" schema="ModuleContainer" required="yes" fixed="yes" />
+		<attribute name="Handle" schema="STRING" fixed="yes" />
+		<attribute name="Id" schema="STRING" fixed="yes" />
 		<attribute name="PID" schema="LONG" hidden="yes" />
 		<attribute-alias from="_pid" to="PID" />
 		<attribute name="State" schema="EXECUTION_STATE" required="yes" hidden="yes" />
@@ -83,7 +39,7 @@
 		<attribute name="_display" schema="STRING" hidden="yes" />
 		<attribute name="_short_display" schema="STRING" hidden="yes" />
 		<attribute name="_order" schema="INT" hidden="yes" />
-		<attribute schema="VOID" />
+		<attribute schema="ANY" />
 	</schema>
 	<schema name="Environment" elementResync="NEVER" attributeResync="NEVER">
 		<interface name="Environment" />
@@ -102,7 +58,7 @@
 	<schema name="ModuleContainer" canonical="yes" elementResync="ONCE" attributeResync="NEVER">
 		<element schema="Module" />
 		<attribute name="_order" schema="INT" hidden="yes" />
-		<attribute schema="VOID" />
+		<attribute schema="ANY" />
 	</schema>
 	<schema name="Memory" canonical="yes" elementResync="NEVER" attributeResync="NEVER">
 		<interface name="Memory" />
@@ -113,15 +69,7 @@
 	<schema name="ThreadContainer" canonical="yes" elementResync="NEVER" attributeResync="NEVER">
 		<element schema="Thread" />
 		<attribute name="_order" schema="INT" hidden="yes" />
-		<attribute schema="VOID" />
+		<attribute schema="ANY" />
-	</schema>
-	<schema name="Method" elementResync="NEVER" attributeResync="NEVER">
-		<interface name="Method" />
-		<element schema="VOID" />
-		<attribute name="_display" schema="STRING" required="yes" fixed="yes" hidden="yes" />
-		<attribute name="_return_type" schema="TYPE" required="yes" fixed="yes" hidden="yes" />
-		<attribute name="_parameters" schema="MAP_PARAMETERS" required="yes" fixed="yes" hidden="yes" />
-		<attribute schema="VOID" fixed="yes" hidden="yes" />
 	</schema>
 	<schema name="Thread" elementResync="NEVER" attributeResync="NEVER">
 		<interface name="Activatable" />
@@ -130,7 +78,8 @@
 		<interface name="Aggregate" />
 		<element schema="VOID" />
 		<attribute name="Stack" schema="Stack" required="yes" fixed="yes" />
-		<attribute name="Registers" schema="RegisterValueContainer" required="yes" fixed="yes" />
+		<attribute name="Environment" schema="ANY" fixed="yes" />
+		<attribute name="Id" schema="STRING" fixed="yes" />
 		<attribute name="TID" schema="LONG" />
 		<attribute-alias from="_tid" to="TID" />
 		<attribute name="State" schema="EXECUTION_STATE" required="yes" hidden="yes" />
@@ -138,8 +87,7 @@
 		<attribute name="_display" schema="STRING" hidden="yes" />
 		<attribute name="_short_display" schema="STRING" hidden="yes" />
 		<attribute name="_order" schema="INT" hidden="yes" />
-		<attribute name="Advance" schema="Method" required="yes" fixed="yes" hidden="yes" />
+		<attribute schema="ANY" />
-		<attribute schema="VOID" />
 	</schema>
 	<schema name="Module" elementResync="NEVER" attributeResync="NEVER">
 		<interface name="Module" />
@@ -152,17 +100,17 @@
 		<attribute-alias from="_range" to="Range" />
 		<attribute name="_display" schema="STRING" hidden="yes" />
 		<attribute name="_order" schema="INT" hidden="yes" />
-		<attribute schema="VOID" />
+		<attribute name="ToDisplayString" schema="BOOL" hidden="yes" />
+		<attribute schema="ANY" />
 	</schema>
 	<schema name="MemoryRegion" elementResync="NEVER" attributeResync="NEVER">
 		<interface name="MemoryRegion" />
 		<element schema="VOID" />
-		<attribute name="Base" schema="LONG" required="yes" fixed="yes" />
 		<attribute name="Object File" schema="STRING" fixed="yes" />
 		<attribute name="_readable" schema="BOOL" required="yes" hidden="yes" />
 		<attribute name="_writable" schema="BOOL" required="yes" hidden="yes" />
 		<attribute name="_executable" schema="BOOL" required="yes" hidden="yes" />
-		<attribute name="Range" schema="RANGE" required="yes" hidden="yes" />
+		<attribute name="Range" schema="RANGE" required="yes" />
 		<attribute-alias from="_range" to="Range" />
 		<attribute name="_display" schema="STRING" hidden="yes" />
 		<attribute name="_order" schema="INT" hidden="yes" />
@@ -176,8 +124,9 @@
 	<schema name="Stack" canonical="yes" elementResync="NEVER" attributeResync="NEVER">
 		<interface name="Stack" />
 		<element schema="StackFrame" />
+		<attribute name="_display" schema="STRING" hidden="yes" />
 		<attribute name="_order" schema="INT" hidden="yes" />
-		<attribute schema="VOID" />
+		<attribute schema="ANY" />
 	</schema>
 	<schema name="SymbolContainer" canonical="yes" elementResync="ONCE" attributeResync="NEVER">
 		<element schema="Symbol" />
@@ -197,12 +146,11 @@
 		<element schema="VOID" />
 		<attribute name="Function" schema="STRING" hidden="yes" />
 		<attribute-alias from="_function" to="Function" />
+		<attribute name="PC" schema="ADDRESS" required="yes" />
+		<attribute-alias from="_pc" to="PC" />
+		<attribute name="SP" schema="ADDRESS" />
 		<attribute name="Registers" schema="RegisterValueContainer" required="yes" fixed="yes" />
-		<attribute name="Instruction Offset" schema="ADDRESS" required="yes" />
+		<attribute name="Locals" schema="LocalsContainer" required="yes" fixed="yes" />
-		<attribute-alias from="_pc" to="Instruction Offset" />
-		<attribute name="Stack Offset" schema="ADDRESS" />
-		<attribute name="Return Offset" schema="ADDRESS" />
-		<attribute name="Frame Offset" schema="ADDRESS" />
 		<attribute name="_display" schema="STRING" hidden="yes" />
 		<attribute name="_order" schema="INT" hidden="yes" />
 		<attribute schema="ANY" />
@@ -219,15 +167,17 @@
 	</schema>
 	<schema name="RegisterValueContainer" attributeResync="ONCE">
 		<interface name="RegisterContainer" />
-		<attribute name="General Purpose Registers" schema="RegisterBank" />
-		<attribute name="Floating Point Registers" schema="RegisterBank" />
-		<attribute name="Advanced Vector Extensions" schema="RegisterBank" />
-		<attribute name="Memory Protection Extensions" schema="RegisterBank" />
 		<attribute name="_order" schema="INT" hidden="yes" />
 		<attribute schema="VOID" />
 	</schema>
-	<schema name="RegisterBank" canonical="yes" elementResync="ONCE" attributeResync="NEVER">
+	<schema name="LocalsContainer" attributeResync="ONCE">
 		<attribute name="_order" schema="INT" hidden="yes" />
-		<attribute schema="VOID" />
+		<attribute schema="Local" />
+	</schema>
+	<schema name="Local" attributeResync="ONCE">
+		<attribute name="Address" schema="ADDRESS" />
+		<attribute name="Kind" schema="ANY" hidden="yes" />
+		<attribute name="_order" schema="INT" hidden="yes" />
+		<attribute schema="ANY" />
 	</schema>
 </context>

Ghidra/Debug/Debugger-agent-drgn/src/main/py/src/ghidradrgn/util.py

@@ -0,0 +1,119 @@
+## ###
+# IP: GHIDRA
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+##
+from collections import namedtuple
+from dataclasses import dataclass
+import os
+import re
+import sys
+from typing import Any, Callable, Dict, List, Optional, Set, Tuple, Union
+
+import drgn
+import drgn.cli
+
+
+DrgnVersion = namedtuple('DrgnVersion', ['display', 'full'])
+
+selected_pid = 0
+selected_tid = 0
+selected_level = 0
+
+
+def _compute_drgn_ver() -> DrgnVersion:
+    blurb = drgn.cli.version_header()
+    top = blurb.split('\n')[0]
+    full = top.split()[1]    # "drgn x.y.z"
+    return DrgnVersion(top, full)
+
+
+DRGN_VERSION = _compute_drgn_ver()
+
+
+@dataclass(frozen=True)
+class Region:
+    start: int
+    end: int
+    offset: int
+    perms: Optional[str]
+    objfile: str
+
+
+def full_mem(self) -> Region:
+    return Region(0, 1 << 64, 0, None, 'full memory')
+
+
+def get_debugger():
+    return drgn
+
+
+def selected_process() -> int:
+    return selected_pid
+
+
+def selected_thread() -> int:
+    return selected_tid
+
+
+def selected_frame() -> int:
+    return selected_level
+
+
+def select_process(id: int) -> int:
+    global selected_pid
+    selected_pid = id
+    return selected_pid
+
+
+def select_thread(id: int) -> int:
+    global selected_tid
+    selected_tid = id
+    return selected_tid
+
+
+def select_frame(id: int) -> int:
+    global selected_level
+    selected_level = id
+    return selected_level
+
+
+conv_map: Dict[str, Any] = {}
+
+
+def get_convenience_variable(id: str):
+    # val = get_target().GetEnvironment().Get(id)
+    if id not in conv_map:
+        return "auto"
+    val = conv_map[id]
+    if val is None:
+        return "auto"
+    return val
+
+
+def set_convenience_variable(id: str, value: Any) -> None:
+    # env = get_target().GetEnvironment()
+    # return env.Set(id, value, True)
+    conv_map[id] = value
+
+
+def escape_ansi(line: str) -> str:
+    ansi_escape = re.compile(r'(\x9B|\x1B\[)[0-?]*[ -\/]*[@-~]')
+    return ansi_escape.sub('', line)
+
+
+def debracket(init: str) -> str:
+    val = init
+    val = val.replace("[", "(")
+    val = val.replace("]", ")")
+    return val

Ghidra/Debug/Debugger-agent-gdb/build.gradle

@@ -13,8 +13,16 @@
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
+// Not technically a Java project, but required to be a Help project
+apply from: "${rootProject.projectDir}/gradle/javaProject.gradle"
+apply from: "${rootProject.projectDir}/gradle/helpProject.gradle"
 apply from: "$rootProject.projectDir/gradle/distributableGhidraModule.gradle"
 apply from: "$rootProject.projectDir/gradle/hasPythonPackage.gradle"
 
 apply plugin: 'eclipse'
 eclipse.project.name = 'Debug Debugger-agent-gdb'
+
+dependencies {
+	// Only for Help :/
+	api project(':Debugger-rmi-trace')
+}

Ghidra/Debug/Debugger-agent-gdb/certification.manifest

@@ -2,18 +2,17 @@
 ##MODULE IP: JSch License
 Module.manifest||GHIDRA||||END|
 README.md||GHIDRA||||END|
-data/debugger-launchers/local-gdb.bat||GHIDRA||||END|
-data/debugger-launchers/qemu-sys-gdb.bat||GHIDRA||||END|
-data/debugger-launchers/remote-gdb.bat||GHIDRA||||END|
-data/debugger-launchers/ssh-gdb.bat||GHIDRA||||END|
-data/debugger-launchers/ssh-gdbserver.bat||GHIDRA||||END|
 data/scripts/fallback_info_proc_mappings.gdb||GHIDRA||||END|
 data/scripts/fallback_maintenance_info_sections.gdb||GHIDRA||||END|
 data/scripts/getpid-linux-i386.gdb||GHIDRA||||END|
 data/scripts/wine32_info_proc_mappings.gdb||GHIDRA||||END|
+src/main/help/help/TOC_Source.xml||GHIDRA||||END|
+src/main/help/help/topics/gdb/gdb.html||GHIDRA||||END|
+src/main/help/help/topics/gdb/images/GdbLauncher.png||GHIDRA||||END|
 src/main/py/LICENSE||GHIDRA||||END|
 src/main/py/MANIFEST.in||GHIDRA||||END|
 src/main/py/README.md||GHIDRA||||END|
 src/main/py/pyproject.toml||GHIDRA||||END|
+src/main/py/src/ghidragdb/py.typed||GHIDRA||||END|
 src/main/py/src/ghidragdb/schema.xml||GHIDRA||||END|
 src/main/py/tests/EMPTY||GHIDRA||||END|

Ghidra/Debug/Debugger-agent-gdb/data/debugger-launchers/local-gdb.bat

@@ -1,67 +0,0 @@
-::@title gdb
-::@image-opt env:OPT_TARGET_IMG
-::@desc <html><body width="300px">
-::@desc   <h3>Launch with <tt>gdb</tt></h3>
-::@desc   <p>
-::@desc     This will launch the target on the local machine using <tt>gdb</tt>.
-::@desc     For setup instructions, press <b>F1</b>.
-::@desc   </p>
-::@desc </body></html>
-::@menu-group local
-::@icon icon.debugger
-::@help TraceRmiLauncherServicePlugin#gdb
-::@enum StartCmd:str run start starti
-::@enum Endian:str auto big little
-::@env OPT_TARGET_IMG:file="" "Image" "The target binary executable image"
-::@env OPT_TARGET_ARGS:str="" "Arguments" "Command-line arguments to pass to the target"
-::@env OPT_GDB_PATH:file="gdb" "gdb command" "The path to gdb. Omit the full path to resolve using the system PATH."
-::@env OPT_START_CMD:StartCmd="starti" "Run command" "The gdb command to actually run the target."
-::@env OPT_ARCH:str="auto" "Architecture" "Target architecture"
-::@env OPT_ENDIAN:Endian="auto" "Endian" "Target byte order"
-
-
-@echo off
-set PYTHONPATH0=%GHIDRA_HOME%\Ghidra\Debug\Debugger-agent-gdb\pypkg\src
-set PYTHONPATH1=%GHIDRA_HOME%\Ghidra\Debug\Debugger-rmi-trace\pypkg\src
-IF EXIST %GHIDRA_HOME%\.git (
-  set PYTHONPATH0=%GHIDRA_HOME%\Ghidra\Debug\Debugger-agent-gdb\build\pypkg\src
-  set PYTHONPATH1=%GHIDRA_HOME%\Ghidra\Debug\Debugger-rmi-trace\build\pypkg\src
-)
-IF EXIST %GHIDRA_HOME%\ghidra\.git (
-  set PYTHONPATH0=%GHIDRA_HOME%\ghidra\Ghidra\Debug\Debugger-agent-gdb\build\pypkg\src
-  set PYTHONPATH1=%GHIDRA_HOME%\ghidra\Ghidra\Debug\Debugger-rmi-trace\build\pypkg\src
-)
-set PYTHONPATH=%PYTHONPATH1%;%PYTHONPATH0%;%PYTHONPATH%
-
-IF "%OPT_TARGET_IMG%"=="" (
-  "%OPT_GDB_PATH%" ^
-    -q ^
-    -ex "set pagination off" ^
-    -ex "set confirm off" ^
-    -ex "show version" ^
-    -ex "python import ghidragdb" ^
-    -ex "set architecture %OPT_ARCH%" ^
-    -ex "set endian %OPT_ENDIAN%" ^
-    -ex "ghidra trace connect '%GHIDRA_TRACE_RMI_ADDR%'" ^
-    -ex "ghidra trace start" ^
-    -ex "ghidra trace sync-enable" ^
-    -ex "set confirm on" ^
-    -ex "set pagination on"
-) ELSE (
-  "%OPT_GDB_PATH%" ^
-    -q ^
-    -ex "set pagination off" ^
-    -ex "set confirm off" ^
-    -ex "show version" ^
-    -ex "python import ghidragdb" ^
-    -ex "set architecture %OPT_ARCH%" ^
-    -ex "set endian %OPT_ENDIAN%" ^
-    -ex "target exec %OPT_TARGET_IMG%" ^
-    -ex "set args %OPT_TARGET_ARGS%" ^
-    -ex "ghidra trace connect '%GHIDRA_TRACE_RMI_ADDR%'" ^
-    -ex "ghidra trace start" ^
-    -ex "ghidra trace sync-enable" ^
-    -ex "%OPT_START_CMD%" ^
-    -ex "set confirm on" ^
-    -ex "set pagination on"
-)

Ghidra/Debug/Debugger-agent-gdb/data/debugger-launchers/local-gdb.ps1

@@ -0,0 +1,49 @@
+## ###
+# IP: GHIDRA
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+##
+#@title gdb
+#@image-opt arg:1
+#@desc <html><body width="300px">
+#@desc   <h3>Launch with <tt>gdb</tt></h3>
+#@desc   <p>
+#@desc     This will launch the target on the local machine using <tt>gdb</tt>.
+#@desc     For setup instructions, press <b>F1</b>.
+#@desc   </p>
+#@desc </body></html>
+#@menu-group gdb
+#@icon icon.debugger
+#@help gdb#local
+#@depends Debugger-rmi-trace
+#@enum StartCmd:str run start starti
+#@enum Endian:str auto big little
+#@arg :file "Image" "The target binary executable image"
+#@env OPT_TARGET_ARGS:str="" "Arguments" "Command-line arguments to pass to the target"
+#@env OPT_GDB_PATH:file="gdb" "gdb command" "The path to gdb. Omit the full path to resolve using the system PATH."
+#@env OPT_START_CMD:StartCmd="starti" "Run command" "The gdb command to actually run the target."
+#@env OPT_ARCH:str="auto" "Architecture" "Target architecture"
+#@env OPT_ENDIAN:Endian="auto" "Endian" "Target byte order"
+
+. ..\support\gdbsetuputils.ps1
+
+$pypathTrace = Ghidra-Module-PyPath "Debugger-rmi-trace"
+$pypathGdb = Ghidra-Module-PyPath
+$Env:PYTHONPATH = "$pypathGdb;$pypathTrace;$Env:PYTHONPATH"
+
+$arglist = Compute-Gdb-Usermode-Args `
+	-TargetImage $args[0] `
+	-RmiAddress "$Env:GHIDRA_TRACE_RMI_ADDR"
+
+Start-Process -FilePath $arglist[0] -ArgumentList $arglist[1..$arglist.Count] `
+	-NoNewWindow -Wait

Ghidra/Debug/Debugger-agent-gdb/data/debugger-launchers/local-gdb.sh

@@ -1,4 +1,4 @@
-#!/usr/bin/bash
+#!/usr/bin/env bash
 ## ###
 # IP: GHIDRA
 #
@@ -23,9 +23,10 @@
 #@desc     For setup instructions, press <b>F1</b>.
 #@desc   </p>
 #@desc </body></html>
-#@menu-group local
+#@menu-group gdb
 #@icon icon.debugger
-#@help TraceRmiLauncherServicePlugin#gdb
+#@help gdb#local
+#@depends Debugger-rmi-trace
 #@enum StartCmd:str run start starti
 #@enum Endian:str auto big little
 #@arg :file "Image" "The target binary executable image, empty for no target"
@@ -37,57 +38,19 @@
 #@env OPT_EXTRA_TTY:bool=false "Inferior TTY" "Provide a separate terminal emulator for the target."
 #@tty TTY_TARGET if env:OPT_EXTRA_TTY
 
-if [ -d ${GHIDRA_HOME}/ghidra/.git ]
+. ../support/gdbsetuputils.sh
-then
+
-  export PYTHONPATH=$GHIDRA_HOME/ghidra/Ghidra/Debug/Debugger-agent-gdb/build/pypkg/src:$PYTHONPATH
+pypathTrace=$(ghidra-module-pypath "Debugger-rmi-trace")
-  export PYTHONPATH=$GHIDRA_HOME/ghidra/Ghidra/Debug/Debugger-rmi-trace/build/pypkg/src:$PYTHONPATH
+pypathGdb=$(ghidra-module-pypath)
-elif [ -d ${GHIDRA_HOME}/.git ]
+export PYTHONPATH=$pypathGdb:$pypathTrace:$PYTHONPATH
-then 
-  export PYTHONPATH=$GHIDRA_HOME/Ghidra/Debug/Debugger-agent-gdb/build/pypkg/src:$PYTHONPATH
-  export PYTHONPATH=$GHIDRA_HOME/Ghidra/Debug/Debugger-rmi-trace/build/pypkg/src:$PYTHONPATH
-else
-  export PYTHONPATH=$GHIDRA_HOME/Ghidra/Debug/Debugger-agent-gdb/pypkg/src:$PYTHONPATH
-  export PYTHONPATH=$GHIDRA_HOME/Ghidra/Debug/Debugger-rmi-trace/pypkg/src:$PYTHONPATH
-fi
 
 target_image="$1"
 shift
-target_args="$@"
 
-# Ghidra will leave TTY_TARGET empty when OPT_EXTRA_TTY is false. Gdb takes empty to mean the same terminal.
+function launch-gdb() {
+	local -a args
+	compute-gdb-usermode-args "$target_image" "$GHIDRA_TRACE_RMI_ADDR" "$@"
 
-if [ -z "$target_image" ]
+	"${args[@]}"
-then
+}
-  "$OPT_GDB_PATH" \
+launch-gdb "$@"
-    -q \
-    -ex "set pagination off" \
-    -ex "set confirm off" \
-    -ex "show version" \
-    -ex "python import ghidragdb" \
-    -ex "set architecture $OPT_ARCH" \
-    -ex "set endian $OPT_ENDIAN" \
-    -ex "set inferior-tty $TTY_TARGET" \
-    -ex "ghidra trace connect \"$GHIDRA_TRACE_RMI_ADDR\"" \
-    -ex "ghidra trace start" \
-    -ex "ghidra trace sync-enable" \
-    -ex "set confirm on" \
-    -ex "set pagination on"
-else
-  "$OPT_GDB_PATH" \
-    -q \
-    -ex "set pagination off" \
-    -ex "set confirm off" \
-    -ex "show version" \
-    -ex "python import ghidragdb" \
-    -ex "set architecture $OPT_ARCH" \
-    -ex "set endian $OPT_ENDIAN" \
-    -ex "file \"$target_image\"" \
-    -ex "set args $target_args" \
-    -ex "set inferior-tty $TTY_TARGET" \
-    -ex "ghidra trace connect \"$GHIDRA_TRACE_RMI_ADDR\"" \
-    -ex "ghidra trace start" \
-    -ex "ghidra trace sync-enable" \
-    -ex "$OPT_START_CMD" \
-    -ex "set confirm on" \
-    -ex "set pagination on"
-fi

Ghidra/Debug/Debugger-agent-gdb/data/debugger-launchers/local-rr.sh

@@ -0,0 +1,66 @@
+#!/usr/bin/env bash
+## ###
+# IP: GHIDRA
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+##
+#@title gdb-rr
+#@desc <html><body width="300px">
+#@desc   <h3>Launch with <tt>rr/gdb</tt></h3>
+#@desc   <p>
+#@desc     This will open a trace of a target on the local machine using <tt>rr/gdb</tt>.
+#@desc     For setup instructions, press <b>F1</b>.
+#@desc   </p>
+#@desc </body></html>
+#@menu-group gdb
+#@icon icon.debugger
+#@help gdb#rr
+#@depends Debugger-rmi-trace
+#@enum StartCmd:str run start starti
+#@enum Endian:str auto big little
+#@arg :file "Trace Dir" "The target trace directory (e.g. .local/share/rr/trace)"
+#@env OPT_RR_PATH:file="rr" "rr command" "The path to rr. Omit the full path to resolve using the system PATH."
+#@env OPT_ARCH:str="i386:x86-64" "Architecture" "Target architecture"
+#@env OPT_ENDIAN:Endian="auto" "Endian" "Target byte order"
+#@env OPT_EXTRA_TTY:bool=false "Inferior TTY" "Provide a separate terminal emulator for the target."
+#@tty TTY_TARGET if env:OPT_EXTRA_TTY
+
+. ../support/gdbsetuputils.sh
+
+pypathTrace=$(ghidra-module-pypath "Debugger-rmi-trace")
+pypathGdb=$(ghidra-module-pypath)
+export PYTHONPATH=$pypathGdb:$pypathTrace:$PYTHONPATH
+
+target_trace="$1"
+
+# Ghidra will leave TTY_TARGET empty when OPT_EXTRA_TTY is false. Gdb takes empty to mean the same terminal.
+
+RRINIT=$(mktemp)
+echo '
+set pagination off
+set confirm off
+set $use_trace="true"
+show version
+python import ghidragdb
+set architecture ' $OPT_ARCH '
+set endian ' $OPT_ENDIAN '
+set inferior-tty ' $TTY_TARGET '
+ghidra trace connect ' $GHIDRA_TRACE_RMI_ADDR '
+ghidra trace start
+ghidra trace sync-enable 
+set confirm on
+set pagination on
+' > $RRINIT
+
+"$OPT_RR_PATH" replay -x $RRINIT "$target_trace"
+

Ghidra/Debug/Debugger-agent-gdb/data/debugger-launchers/qemu-gdb.sh

@@ -1,4 +1,4 @@
-#!/usr/bin/bash
+#!/usr/bin/env bash
 ## ###
 # IP: GHIDRA
 #
@@ -14,7 +14,7 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 ##
-#@title qemu + gdb
+#@title gdb + qemu
 #@image-opt arg:1
 #@desc <html><body width="300px">
 #@desc   <h3>Launch with <tt>qemu</tt> and connect with <tt>gdb</tt></h3>
@@ -24,9 +24,10 @@
 #@desc     For setup instructions, press <b>F1</b>.
 #@desc   </p>
 #@desc </body></html>
-#@menu-group cross
+#@menu-group gdb
 #@icon icon.debugger
-#@help TraceRmiLauncherServicePlugin#gdb_qemu
+#@help gdb#qemu
+#@depends Debugger-rmi-trace
 #@enum Endian:str auto big little
 #@arg :file! "Image" "The target binary executable image"
 #@args "Arguments" "Command-line arguments to pass to the target"
@@ -40,58 +41,33 @@
 #@env OPT_PULL_ALL_SECTIONS:bool=false "Pull all section mappings" "Force gdb to send all mappings to Ghidra. This can be costly (see help)."
 #@tty TTY_TARGET if env:OPT_EXTRA_TTY
 
-if [ -d ${GHIDRA_HOME}/ghidra/.git ]
+. ../support/gdbsetuputils.sh
-then
+
-  export PYTHONPATH=$GHIDRA_HOME/ghidra/Ghidra/Debug/Debugger-agent-gdb/build/pypkg/src:$PYTHONPATH
+pypathTrace=$(ghidra-module-pypath "Debugger-rmi-trace")
-  export PYTHONPATH=$GHIDRA_HOME/ghidra/Ghidra/Debug/Debugger-rmi-trace/build/pypkg/src:$PYTHONPATH
+pypathGdb=$(ghidra-module-pypath)
-elif [ -d ${GHIDRA_HOME}/.git ]
+export PYTHONPATH=$pypathGdb:$pypathTrace:$PYTHONPATH
-then 
-  export PYTHONPATH=$GHIDRA_HOME/Ghidra/Debug/Debugger-agent-gdb/build/pypkg/src:$PYTHONPATH
-  export PYTHONPATH=$GHIDRA_HOME/Ghidra/Debug/Debugger-rmi-trace/build/pypkg/src:$PYTHONPATH
-else
-  export PYTHONPATH=$GHIDRA_HOME/Ghidra/Debug/Debugger-agent-gdb/pypkg/src:$PYTHONPATH
-  export PYTHONPATH=$GHIDRA_HOME/Ghidra/Debug/Debugger-rmi-trace/pypkg/src:$PYTHONPATH
-fi
 
 target_image="$1"
 
 # No need to put QEMU_GDB on command line. It's already a recognized environment variable.
 if [ -z "$TTY_TARGET" ]
 then
-  "$GHIDRA_LANG_EXTTOOL_qemu" $OPT_EXTRA_QEMU_ARGS $@ &
+	"$GHIDRA_LANG_EXTTOOL_qemu" $OPT_EXTRA_QEMU_ARGS "$@" &
 else
-  "$GHIDRA_LANG_EXTTOOL_qemu" $OPT_EXTRA_QEMU_ARGS $@ <$TTY_TARGET >$TTY_TARGET 2>&1 &
+	"$GHIDRA_LANG_EXTTOOL_qemu" $OPT_EXTRA_QEMU_ARGS "$@" <$TTY_TARGET >$TTY_TARGET 2>&1 &
 fi
 
 # Give QEMU a moment to open the socket
 sleep 0.1
 
-gdb_args=(
+function launch-gdb() {
-    -q
+	local -a args
-    -ex "set pagination off"
+	compute-gdb-remote-args "$target_image" "remote localhost:$QEMU_GDB" "$GHIDRA_TRACE_RMI_ADDR"
-    -ex "set confirm off"
-    -ex "show version"
-    -ex "python import ghidragdb"
-    -ex "set architecture $OPT_ARCH"
-    -ex "set endian $OPT_ENDIAN"
-    -ex "file \"$target_image\""
-    -ex "ghidra trace connect \"$GHIDRA_TRACE_RMI_ADDR\""
-    -ex "ghidra trace start"
-    -ex "ghidra trace sync-enable"
-    -ex "target remote localhost:$QEMU_GDB"
-    -ex "set confirm on"
-    -ex "set pagination on"
-)
 	
-# If using OPT_PULL_ALL_SECTIONS, append instructions to push all sections from qemu
+	if [ "$OPT_PULL_ALL_SECTIONS" = "true" ]; then
-if [ "$OPT_PULL_ALL_SECTIONS" = "true" ]
+		args+=(-ex "ghidra trace tx-open 'Put Sections' 'ghidra trace put-sections -all-objects'")
-then
-  gdb_args+=(
-    -ex "ghidra trace tx-start put-all-sections"
-    -ex "ghidra trace put-sections -all-objects"
-    -ex "ghidra trace tx-commit"
-  )
 	fi
 
-IFS=""
+	"${args[@]}"
-"$OPT_GDB_PATH" ${gdb_args[*]}
+}
+launch-gdb

Ghidra/Debug/Debugger-agent-gdb/data/debugger-launchers/qemu-sys-gdb.bat

@@ -1,60 +0,0 @@
-::@title qemu-system + gdb
-::@image-opt env:OPT_TARGET_IMG
-::@desc <html><body width="300px">
-::@desc   <h3>Launch with <tt>qemu-system</tt> and connect with <tt>gdb</tt></h3>
-::@desc   <p>
-::@desc     This will launch the target on the local machine using <tt>qemu-system</tt>.
-::@desc     Then in a second terminal, it will connect <tt>gdb</tt> to QEMU's GDBstub.
-::@desc     For setup instructions, press <b>F1</b>.
-::@desc   </p>
-::@desc </body></html>
-::@menu-group cross
-::@icon icon.debugger
-::@help TraceRmiLauncherServicePlugin#gdb_qemu
-::@enum Endian:str auto big little
-::@env OPT_TARGET_IMG:file!="" "Image" "The target binary executable image"
-::@env GHIDRA_LANG_EXTTOOL_qemu_system:file="" "QEMU command" "The path to qemu-system for the target architecture."
-::@env QEMU_GDB:int=1234 "QEMU Port" "Port for gdb connection to qemu"
-::@env OPT_EXTRA_QEMU_ARGS:str="" "Extra qemu arguments" "Extra arguments to pass to qemu. Use with care."
-::@env OPT_GDB_PATH:file="gdb-multiarch" "gdb command" "The path to gdb. Omit the full path to resolve using the system PATH."
-::@env OPT_ARCH:str="auto" "Architecture" "Target architecture"
-::@env OPT_ENDIAN:Endian="auto" "Endian" "Target byte order"
-::@env OPT_EXTRA_TTY:bool=false "QEMU TTY" "Provide a separate terminal emulator for qemu."
-
-@echo off
-set PYTHONPATH0=%GHIDRA_HOME%\Ghidra\Debug\Debugger-agent-gdb\pypkg\src
-set PYTHONPATH1=%GHIDRA_HOME%\Ghidra\Debug\Debugger-rmi-trace\pypkg\src
-IF EXIST %GHIDRA_HOME%\.git (
-  set PYTHONPATH0=%GHIDRA_HOME%\Ghidra\Debug\Debugger-agent-gdb\build\pypkg\src
-  set PYTHONPATH1=%GHIDRA_HOME%\Ghidra\Debug\Debugger-rmi-trace\build\pypkg\src
-)
-IF EXIST %GHIDRA_HOME%\ghidra\.git (
-  set PYTHONPATH0=%GHIDRA_HOME%\ghidra\Ghidra\Debug\Debugger-agent-gdb\build\pypkg\src
-  set PYTHONPATH1=%GHIDRA_HOME%\ghidra\Ghidra\Debug\Debugger-rmi-trace\build\pypkg\src
-)
-set PYTHONPATH=%PYTHONPATH1%;%PYTHONPATH0%;%PYTHONPATH%
-
-IF "%OPT_EXTRA_TTY%"=="true" (
-  start "qemu" "%GHIDRA_LANG_EXTTOOL_qemu_system%" %OPT_EXTRA_QEMU_ARGS% -gdb tcp::%QEMU_GDB% -S "%OPT_TARGET_IMG%"
-) ELSE (
-  start /B "qemu" "%GHIDRA_LANG_EXTTOOL_qemu_system%" %OPT_EXTRA_QEMU_ARGS% -gdb tcp::%QEMU_GDB% -S "%OPT_TARGET_IMG%"
-)
-
-:: Give QEMU a moment to open the socket
-powershell -nop -c "& {sleep -m 100}"
-
-"%OPT_GDB_PATH%" ^
-  -q ^
-  -ex "set pagination off" ^
-  -ex "set confirm off" ^
-  -ex "show version" ^
-  -ex "python import ghidragdb" ^
-   ex "set architecture %OPT_ARCH%" ^
-   ex "set endian %OPT_ENDIAN%" ^
-  -ex "target exec '%OPT_TARGET_IMG%'" ^
-  -ex "ghidra trace connect '%GHIDRA_TRACE_RMI_ADDR%'" ^
-  -ex "ghidra trace start" ^
-  -ex "ghidra trace sync-enable" ^
-  -ex "target remote localhost:%QEMU_GDB%" ^
-  -ex "set confirm on" ^
-  -ex "set pagination on"

Ghidra/Debug/Debugger-agent-gdb/data/debugger-launchers/qemu-sys-gdb.ps1

@@ -0,0 +1,68 @@
+## ###
+# IP: GHIDRA
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+##
+#@title gdb + qemu-system
+#@image-opt env:OPT_TARGET_IMG
+#@desc <html><body width="300px">
+#@desc   <h3>Launch with <tt>qemu-system</tt> and connect with <tt>gdb</tt></h3>
+#@desc   <p>
+#@desc     This will launch the target on the local machine using <tt>qemu-system</tt>.
+#@desc     Then in a second terminal, it will connect <tt>gdb</tt> to QEMU's GDBstub.
+#@desc     For setup instructions, press <b>F1</b>.
+#@desc   </p>
+#@desc </body></html>
+#@menu-group gdb
+#@icon icon.debugger
+#@help gdb#qemu
+#@depends Debugger-rmi-trace
+#@enum Endian:str auto big little
+#@env OPT_TARGET_IMG:file!="" "Image" "The target binary executable image"
+#@env GHIDRA_LANG_EXTTOOL_qemu_system:file="" "QEMU command" "The path to qemu-system for the target architecture."
+#@env QEMU_GDB:int=1234 "QEMU Port" "Port for gdb connection to qemu"
+#@env OPT_EXTRA_QEMU_ARGS:str="" "Extra qemu arguments" "Extra arguments to pass to qemu. Use with care."
+#@env OPT_GDB_PATH:file="gdb-multiarch" "gdb command" "The path to gdb. Omit the full path to resolve using the system PATH."
+#@env OPT_ARCH:str="auto" "Architecture" "Target architecture"
+#@env OPT_ENDIAN:Endian="auto" "Endian" "Target byte order"
+#@env OPT_EXTRA_TTY:bool=false "QEMU TTY" "Provide a separate terminal emulator for qemu."
+
+. ..\support\gdbsetuputils.ps1
+
+$pypathTrace = Ghidra-Module-PyPath "Debugger-rmi-trace"
+$pypathGdb = Ghidra-Module-PyPath
+$Env:PYTHONPATH = "$pypathGdb;$pypathTrace;$Env:PYTHONPATH"
+
+$qemuargs = @("`"$Env:GHIDRA_LANG_EXTTOOL_qemu_system`"")
+if ("$Env:OPT_EXTRA_QEMU_ARGS" -ne "") {
+	$qemuargs+=("$Env:OPT_EXTRA_QEMU_ARGS")
+}
+$qemuargs+=("-gdb", "tcp::$Env:QEMU_GDB", "-S")
+$qemuargs+=("`"$Env:OPT_TARGET_IMG`"")
+
+if ("$Env:OPT_EXTRA_TTY" -eq "true") {
+	Start-Process -FilePath $qemuargs[0] -ArgumentList $qemuargs[1..$qemuargs.Count]
+}
+else {
+	Start-Process -FilePath $qemuargs[0] -ArgumentList $qemuargs[1..$qemuargs.Count] -NoNewWindow
+}
+
+# Give QEMU a moment to open the socket
+sleep -m 100
+
+$arglist = Compute-Gdb-Remote-Args `
+	-TargetImage $args[0] `
+	-TargetCx "remote localhost:$Env:QEMU_GDB" `
+	-RmiAddress "$Env:GHIDRA_TRACE_RMI_ADDR"
+
+Start-Process -FilePath $arglist[0] -ArgumentList $arglist[1..$arglist.Count] -NoNewWindow -Wait

Ghidra/Debug/Debugger-agent-gdb/data/debugger-launchers/qemu-sys-gdb.sh

@@ -1,4 +1,4 @@
-#!/usr/bin/bash
+#!/usr/bin/env bash
 ## ###
 # IP: GHIDRA
 #
@@ -14,7 +14,7 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 ##
-#@title qemu-system + gdb
+#@title gdb + qemu-system
 #@image-opt arg:1
 #@desc <html><body width="300px">
 #@desc   <h3>Launch with <tt>qemu-system</tt> and connect with <tt>gdb</tt></h3>
@@ -24,9 +24,10 @@
 #@desc     For setup instructions, press <b>F1</b>.
 #@desc   </p>
 #@desc </body></html>
-#@menu-group cross
+#@menu-group gdb
 #@icon icon.debugger
-#@help TraceRmiLauncherServicePlugin#gdb_qemu
+#@help gdb#qemu
+#@depends Debugger-rmi-trace
 #@enum Endian:str auto big little
 #@arg :file! "Image" "The target binary executable image"
 #@env GHIDRA_LANG_EXTTOOL_qemu_system:file="" "QEMU command" "The path to qemu-system for the target architecture."
@@ -39,57 +40,32 @@
 #@env OPT_PULL_ALL_SECTIONS:bool=false "Pull all section mappings" "Force gdb to send all mappings to Ghidra. This can be costly (see help)."
 #@tty TTY_TARGET if env:OPT_EXTRA_TTY
 
-if [ -d ${GHIDRA_HOME}/ghidra/.git ]
+. ../support/gdbsetuputils.sh
-then
+
-  export PYTHONPATH=$GHIDRA_HOME/ghidra/Ghidra/Debug/Debugger-agent-gdb/build/pypkg/src:$PYTHONPATH
+pypathTrace=$(ghidra-module-pypath "Debugger-rmi-trace")
-  export PYTHONPATH=$GHIDRA_HOME/ghidra/Ghidra/Debug/Debugger-rmi-trace/build/pypkg/src:$PYTHONPATH
+pypathGdb=$(ghidra-module-pypath)
-elif [ -d ${GHIDRA_HOME}/.git ]
+export PYTHONPATH=$pypathGdb:$pypathTrace:$PYTHONPATH
-then 
-  export PYTHONPATH=$GHIDRA_HOME/Ghidra/Debug/Debugger-agent-gdb/build/pypkg/src:$PYTHONPATH
-  export PYTHONPATH=$GHIDRA_HOME/Ghidra/Debug/Debugger-rmi-trace/build/pypkg/src:$PYTHONPATH
-else
-  export PYTHONPATH=$GHIDRA_HOME/Ghidra/Debug/Debugger-agent-gdb/pypkg/src:$PYTHONPATH
-  export PYTHONPATH=$GHIDRA_HOME/Ghidra/Debug/Debugger-rmi-trace/pypkg/src:$PYTHONPATH
-fi
 
 target_image="$1"
 
 if [ -z "$TTY_TARGET" ]
 then
-  "$GHIDRA_LANG_EXTTOOL_qemu_system" $OPT_EXTRA_QEMU_ARGS -gdb tcp::$QEMU_GDB -S $1 &
+	"$GHIDRA_LANG_EXTTOOL_qemu_system" $OPT_EXTRA_QEMU_ARGS -gdb tcp::$QEMU_GDB -S $target_image &
 else
-  "$GHIDRA_LANG_EXTTOOL_qemu_system" $OPT_EXTRA_QEMU_ARGS -gdb tcp::$QEMU_GDB -S $1 <$TTY_TARGET >$TTY_TARGET 2>&1 &
+	"$GHIDRA_LANG_EXTTOOL_qemu_system" $OPT_EXTRA_QEMU_ARGS -gdb tcp::$QEMU_GDB -S $target_image <$TTY_TARGET >$TTY_TARGET 2>&1 &
 fi
 
 # Give QEMU a moment to open the socket
 sleep 0.1
 
-gdb_args=(
+function launch-gdb() {
-    -q
+	local -a args
-    -ex "set pagination off"
+	compute-gdb-remote-args "$target_image" "remote localhost:$QEMU_GDB" "$GHIDRA_TRACE_RMI_ADDR"
-    -ex "set confirm off"
-    -ex "show version"
-    -ex "python import ghidragdb"
-    -ex "set architecture $OPT_ARCH"
-    -ex "set endian $OPT_ENDIAN"
-    -ex "file \"$target_image\""
-    -ex "ghidra trace connect \"$GHIDRA_TRACE_RMI_ADDR\""
-    -ex "ghidra trace start"
-    -ex "ghidra trace sync-enable"
-    -ex "target remote localhost:$QEMU_GDB"
-    -ex "set confirm on"
-    -ex "set pagination on"
-)
 
-# If using OPT_PULL_ALL_SECTIONS, append instructions to push all sections from qemu
+	if [ "$OPT_PULL_ALL_SECTIONS" = "true" ]; then
-if [ "$OPT_PULL_ALL_SECTIONS" = "true" ]
+		args+=(-ex "ghidra trace tx-open 'Put Sections' 'ghidra trace put-sections -all-objects'")
-then
-  gdb_args+=(
-    -ex "ghidra trace tx-start put-all-sections"
-    -ex "ghidra trace put-sections -all-objects"
-    -ex "ghidra trace tx-commit"
-  )
 	fi
 
-IFS=""
+	"${args[@]}"
-"$OPT_GDB_PATH" ${gdb_args[*]}
+}
+launch-gdb

Ghidra/Debug/Debugger-agent-gdb/data/debugger-launchers/remote-gdb.bat

@@ -1,49 +0,0 @@
-::@title remote gdb
-::@desc <html><body width="300px">
-::@desc   <h3>Launch with local <tt>gdb</tt> and connect to a stub (e.g., <tt>gdbserver</tt>)</h3>
-::@desc   <p>
-::@desc     This will start <tt>gdb</tt> on the local system and then use it to connect to the remote system. 
-::@desc     For setup instructions, press <b>F1</b>. 
-::@desc   </p>
-::@desc </body></html>
-::@menu-group remote
-::@icon icon.debugger
-::@help TraceRmiLauncherServicePlugin#gdb_remote
-::@enum TargetType:str remote extended-remote
-::@enum Endian:str auto big little
-::@env OPT_TARGET_TYPE:TargetType="remote" "Target" "The type of remote target"
-::@env OPT_HOST:str="localhost" "Host" "The hostname of the target"
-::@env OPT_PORT:int=9999 "Port" "The host's listening port"
-::@env OPT_GDB_PATH:file="gdb" "gdb command" "The path to gdb on the local system. Omit the full path to resolve using the system PATH."
-::@env OPT_ARCH:str="auto" "Architecture" "Target architecture override"
-::@env OPT_ENDIAN:Endian="auto" "Endian" "Target byte order"
-
-@echo off
-set PYTHONPATH0=%GHIDRA_HOME%\Ghidra\Debug\Debugger-agent-gdb\pypkg\src
-set PYTHONPATH1=%GHIDRA_HOME%\Ghidra\Debug\Debugger-rmi-trace\pypkg\src
-IF EXIST %GHIDRA_HOME%\.git (
-  set PYTHONPATH0=%GHIDRA_HOME%\Ghidra\Debug\Debugger-agent-gdb\build\pypkg\src
-  set PYTHONPATH1=%GHIDRA_HOME%\Ghidra\Debug\Debugger-rmi-trace\build\pypkg\src
-)
-IF EXIST %GHIDRA_HOME%\ghidra\.git (
-  set PYTHONPATH0=%GHIDRA_HOME%\ghidra\Ghidra\Debug\Debugger-agent-gdb\build\pypkg\src
-  set PYTHONPATH1=%GHIDRA_HOME%\ghidra\Ghidra\Debug\Debugger-rmi-trace\build\pypkg\src
-)
-set PYTHONPATH=%PYTHONPATH1%;%PYTHONPATH0%;%PYTHONPATH%
-
-"%OPT_GDB_PATH%" ^
-  -q ^
-  -ex "set pagination off" ^
-  -ex "set confirm off" ^
-  -ex "show version" ^
-  -ex "python import ghidragdb" ^
-  -ex "set architecture %OPT_ARCH%" ^
-   ex "set endian %OPT_ENDIAN%" ^
-  -ex "echo Connecting to %OPT_HOST%:%OPT_PORT%... " ^
-  -ex "target %OPT_TARGET_TYPE% %OPT_HOST%:%OPT_PORT%" ^
-  -ex "ghidra trace connect '%GHIDRA_TRACE_RMI_ADDR%'" ^
-  -ex "ghidra trace start" ^
-  -ex "ghidra trace sync-enable" ^
-  -ex "ghidra trace sync-synth-stopped" ^
-  -ex "set confirm on" ^
-  -ex "set pagination on"

Ghidra/Debug/Debugger-agent-gdb/data/debugger-launchers/remote-gdb.ps1

@@ -0,0 +1,50 @@
+## ###
+# IP: GHIDRA
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+##
+#@title gdb remote
+#@image-opt arg:1
+#@desc <html><body width="300px">
+#@desc   <h3>Launch with local <tt>gdb</tt> and connect to a stub (e.g., <tt>gdbserver</tt>)</h3>
+#@desc   <p>
+#@desc     This will start <tt>gdb</tt> on the local system and then use it to connect to the remote system. 
+#@desc     For setup instructions, press <b>F1</b>. 
+#@desc   </p>
+#@desc </body></html>
+#@menu-group gdb
+#@icon icon.debugger
+#@help gdb#remote
+#@depends Debugger-rmi-trace
+#@enum TargetType:str remote extended-remote
+#@enum Endian:str auto big little
+#@arg :file "Image" "The target binary executable image (a copy on the local system)"
+#@env OPT_TARGET_TYPE:TargetType="remote" "Target" "The type of remote target"
+#@env OPT_HOST:str="localhost" "Host" "The hostname of the target"
+#@env OPT_PORT:int=9999 "Port" "The host's listening port"
+#@env OPT_GDB_PATH:file="gdb" "gdb command" "The path to gdb on the local system. Omit the full path to resolve using the system PATH."
+#@env OPT_ARCH:str="auto" "Architecture" "Target architecture override"
+#@env OPT_ENDIAN:Endian="auto" "Endian" "Target byte order"
+
+. ..\support\gdbsetuputils.ps1
+
+$pypathTrace = Ghidra-Module-PyPath "Debugger-rmi-trace"
+$pypathGdb = Ghidra-Module-PyPath
+$Env:PYTHONPATH = "$pypathGdb;$pypathTrace;$Env:PYTHONPATH"
+
+$arglist = Compute-Gdb-Remote-Args `
+    -TargetImage $args[0] `
+    -TargetCx "$Env:OPT_TARGET_TYPE $Env:OPT_HOST`:$Env:OPT_PORT" `
+    -RmiAddress "$Env:GHIDRA_TRACE_RMI_ADDR"
+
+Start-Process -FilePath $arglist[0] -ArgumentList $arglist[1..$arglist.Count] -NoNewWindow -Wait

Ghidra/Debug/Debugger-agent-gdb/data/debugger-launchers/remote-gdb.sh

@@ -14,7 +14,8 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 ##
-#@title remote gdb
+#@title gdb remote
+#@image-opt arg:1
 #@desc <html><body width="300px">
 #@desc   <h3>Launch with local <tt>gdb</tt> and connect to a stub (e.g., <tt>gdbserver</tt>)</h3>
 #@desc   <p>
@@ -22,11 +23,13 @@
 #@desc     For setup instructions, press <b>F1</b>. 
 #@desc   </p>
 #@desc </body></html>
-#@menu-group remote
+#@menu-group gdb
 #@icon icon.debugger
-#@help TraceRmiLauncherServicePlugin#gdb_remote
+#@help gdb#remote
+#@depends Debugger-rmi-trace
 #@enum TargetType:str remote extended-remote
 #@enum Endian:str auto big little
+#@arg :file "Image" "The target binary executable image (a copy on the local system)"
 #@env OPT_TARGET_TYPE:TargetType="remote" "Target" "The type of remote target"
 #@env OPT_HOST:str="localhost" "Host" "The hostname of the target"
 #@env OPT_PORT:int=9999 "Port" "The host's listening port"
@@ -34,32 +37,18 @@
 #@env OPT_ARCH:str="auto" "Architecture" "Target architecture override"
 #@env OPT_ENDIAN:Endian="auto" "Endian" "Target byte order"
 
-if [ -d ${GHIDRA_HOME}/ghidra/.git ]
+. ../support/gdbsetuputils.sh
-then
-  export PYTHONPATH=$GHIDRA_HOME/ghidra/Ghidra/Debug/Debugger-agent-gdb/build/pypkg/src:$PYTHONPATH
-  export PYTHONPATH=$GHIDRA_HOME/ghidra/Ghidra/Debug/Debugger-rmi-trace/build/pypkg/src:$PYTHONPATH
-elif [ -d ${GHIDRA_HOME}/.git ]
-then 
-  export PYTHONPATH=$GHIDRA_HOME/Ghidra/Debug/Debugger-agent-gdb/build/pypkg/src:$PYTHONPATH
-  export PYTHONPATH=$GHIDRA_HOME/Ghidra/Debug/Debugger-rmi-trace/build/pypkg/src:$PYTHONPATH
-else
-  export PYTHONPATH=$GHIDRA_HOME/Ghidra/Debug/Debugger-agent-gdb/pypkg/src:$PYTHONPATH
-  export PYTHONPATH=$GHIDRA_HOME/Ghidra/Debug/Debugger-rmi-trace/pypkg/src:$PYTHONPATH
-fi
 
-"$OPT_GDB_PATH" \
+pypathTrace=$(ghidra-module-pypath "Debugger-rmi-trace")
-  -q \
+pypathGdb=$(ghidra-module-pypath)
-  -ex "set pagination off" \
+export PYTHONPATH=$pypathGdb:$pypathTrace:$PYTHONPATH
-  -ex "set confirm off" \
+
-  -ex "show version" \
+target_image="$1"
-  -ex "python import ghidragdb" \
+
-  -ex "set architecture $OPT_ARCH" \
+function launch-gdb() {
-  -ex "set endian $OPT_ENDIAN" \
+	local -a args
-  -ex "echo Connecting to $OPT_HOST:$OPT_PORT... " \
+	compute-gdb-remote-args "$target_image" "$OPT_TARGET_TYPE $OPT_HOST:$OPT_PORT" "$GHIDRA_TRACE_RMI_ADDR"
-  -ex "target $OPT_TARGET_TYPE $OPT_HOST:$OPT_PORT" \
+
-  -ex "ghidra trace connect \"$GHIDRA_TRACE_RMI_ADDR\"" \
+	"${args[@]}"
-  -ex "ghidra trace start" \
+}
-  -ex "ghidra trace sync-enable" \
+launch-gdb
-  -ex "ghidra trace sync-synth-stopped" \
-  -ex "set confirm on" \
-  -ex "set pagination on"

Ghidra/Debug/Debugger-agent-gdb/data/debugger-launchers/ssh-gdb.bat

@@ -1,62 +0,0 @@
-::@timeout 60000
-::@title gdb via ssh
-::@image-opt env:OPT_TARGET_IMG
-::@desc <html><body width="300px">
-::@desc   <h3>Launch with <tt>gdb</tt> via <tt>ssh</tt></h3>
-::@desc   <p>
-::@desc     This will launch the target on a remote machine using <tt>gdb</tt> via <tt>ssh</tt>.
-::@desc     For setup instructions, press <b>F1</b>.
-::@desc   </p>
-::@desc </body></html>
-::@menu-group remote
-::@icon icon.debugger
-::@help TraceRmiLauncherServicePlugin#gdb_ssh
-::@enum StartCmd:str run start starti
-::@enum Endian:str auto big little
-::@env OPT_TARGET_IMG:str="" "Image" "The target binary executable image on the remote system"
-::@env OPT_TARGET_ARGS:str="" "Arguments" "Command-line arguments to pass to the target"
-::@env OPT_SSH_PATH:file="ssh" "ssh command" "The path to ssh on the local system. Omit the full path to resolve using the system PATH."
-::@env OPT_HOST:str="localhost" "[User@]Host" "The hostname or user@host"
-::@env OPT_REMOTE_PORT:int=12345 "Remote Trace RMI Port" "A free port on the remote end to receive and forward the Trace RMI connection."
-::@env OPT_EXTRA_SSH_ARGS:str="" "Extra ssh arguments" "Extra arguments to pass to ssh. Use with care."
-::@env OPT_GDB_PATH:str="gdb" "gdb command" "The path to gdb on the remote system. Omit the full path to resolve using the system PATH."
-::@env OPT_START_CMD:StartCmd="starti" "Run command" "The gdb command to actually run the target."
-::@env OPT_ARCH:str="i386:x86-64" "Architecture" "Target architecture"
-::@env OPT_ENDIAN:Endian="auto" "Endian" "Target byte order"
-
-@echo off
-
-IF "%OPT_TARGET_IMG%" == "" (
-  set cmd=TERM='%TERM%' '%OPT_GDB_PATH%' ^
-    -q ^
-    -ex 'set pagination off' ^
-    -ex 'set confirm off' ^
-    -ex 'show version' ^
-    -ex 'python import ghidragdb' ^
-    -ex 'set architecture %OPT_ARCH%' ^
-     ex 'set endian %OPT_ENDIAN%' ^
-    -ex 'ghidra trace connect \"localhost:%OPT_REMOTE_PORT%\"' ^
-    -ex 'ghidra trace start' ^
-    -ex 'ghidra trace sync-enable' ^
-    -ex 'set confirm on' ^
-    -ex 'set pagination on'
-) ELSE (
-  set cmd=TERM='%TERM%' '%OPT_GDB_PATH%' ^
-    -q ^
-    -ex 'set pagination off' ^
-    -ex 'set confirm off' ^
-    -ex 'show version' ^
-    -ex 'python import ghidragdb' ^
-    -ex 'set architecture %OPT_ARCH%' ^
-     ex 'set endian %OPT_ENDIAN%' ^
-    -ex 'file \"%OPT_TARGET_IMG%\"' ^
-    -ex 'set args %OPT_TARGET_ARGS%' ^
-    -ex 'ghidra trace connect \"localhost:%OPT_REMOTE_PORT%\"' ^
-    -ex 'ghidra trace start' ^
-    -ex 'ghidra trace sync-enable' ^
-    -ex '%OPT_START_CMD%' ^
-    -ex 'set confirm on' ^
-    -ex 'set pagination on'
-)
-
-"%OPT_SSH_PATH%" "-R%OPT_REMOTE_PORT%:%GHIDRA_TRACE_RMI_ADDR%" -t %OPT_EXTRA_SSH_ARGS% "%OPT_HOST%" "%cmd%"

Ghidra/Debug/Debugger-agent-gdb/data/debugger-launchers/ssh-gdb.ps1

@@ -0,0 +1,85 @@
+## ###
+# IP: GHIDRA
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+##
+#@title gdb via ssh
+#@image-opt arg:1
+#@desc <html><body width="300px">
+#@desc   <h3>Launch with <tt>gdb</tt> via <tt>ssh</tt></h3>
+#@desc   <p>
+#@desc     This will launch the target on a remote machine using <tt>gdb</tt> via <tt>ssh</tt>.
+#@desc     For setup instructions, press <b>F1</b>.
+#@desc   </p>
+#@desc </body></html>
+#@menu-group gdb
+#@icon icon.debugger
+#@help gdb#ssh
+#@depends Debugger-rmi-trace
+#@enum StartCmd:str run start starti
+#@enum Endian:str auto big little
+#@arg :str "Image" "The target binary executable image on the remote system"
+#@env OPT_TARGET_ARGS:str="" "Arguments" "Command-line arguments to pass to the target"
+#@env OPT_SSH_PATH:file="ssh" "ssh command" "The path to ssh on the local system. Omit the full path to resolve using the system PATH."
+#@env OPT_HOST:str="localhost" "[User@]Host" "The hostname or user@host"
+#@env OPT_REMOTE_PORT:int=12345 "Remote Trace RMI Port" "A free port on the remote end to receive and forward the Trace RMI connection."
+#@env OPT_EXTRA_SSH_ARGS:str="" "Extra ssh arguments" "Extra arguments to pass to ssh. Use with care."
+#@env OPT_GDB_PATH:str="gdb" "gdb command" "The path to gdb on the remote system. Omit the full path to resolve using the system PATH."
+#@env OPT_START_CMD:StartCmd="starti" "Run command" "The gdb command to actually run the target."
+#@env OPT_ARCH:str="i386:x86-64" "Architecture" "Target architecture"
+#@env OPT_ENDIAN:Endian="auto" "Endian" "Target byte order"
+
+. ..\support\gdbsetuputils.ps1
+
+$arglist = Compute-Gdb-Usermode-Args -TargetImage $args[0] -RmiAddress "localhost:$Env:OPT_REMOTE_PORT"
+$sshargs = Compute-Ssh-Args $arglist True
+
+$sshproc = Start-Process -FilePath $sshargs[0] -ArgumentList $sshargs[1..$sshargs.Count] -NoNewWindow -Wait -PassThru
+
+$version = Get-Ghidra-Version
+$answer = Check-Result-And-Prompt-Mitigation $sshproc @"
+It appears ghidragdb is missing from the remote system. This can happen if you
+forgot to install the required package. This can also happen if you installed
+the packages to a different Python environment than is being used by the
+remote's gdb.
+
+This script is about to offer automatic resolution. If you'd like to resolve
+this manually, answer no to the next question and then see Ghidra's help by
+pressing F1 in the dialog of launch parameters.
+
+WARNING: Answering yes to the next question will invoke pip to try to install
+missing or incorrectly-versioned dependencies. It may attempt to find packages
+from the PyPI mirror configured on the REMOTE system. If you have not configured
+one, it will connect to the official one.
+
+WARNING: We invoke pip with the --break-system-packages flag, because some
+debuggers that embed Python (gdb, lldb) may not support virtual environments,
+and so the packages must be installed to your user environment.
+
+NOTE: This will copy Python wheels into the HOME directory of the user on the
+remote system. You may be prompted to authenticate a few times while packages
+are copied and installed.
+
+NOTE: Automatic resolution will cause this session to terminate. When it has
+finished, try launching again.
+"@ "Would you like to install 'ghidragdb>=$version'?"
+
+if ($answer) {
+	Write-Host "Copying Wheels to $Env:OPT_HOST"
+	Mitigate-Scp-PyModules "Debugger-rmi-trace" "<SELF>"
+
+	Write-Host "Installing Wheels into GDB's embedded Python"
+	$arglist = Compute-Gdb-PipInstall-Args "'-f'" "os.environ['HOME']" "'ghidragdb>=$version'"
+	$sshargs = Compute-Ssh-Args $arglist False
+	Start-Process -FilePath $sshargs[0] -ArgumentList $sshargs[1..$sshargs.Count] -NoNewWindow -Wait
+}

Ghidra/Debug/Debugger-agent-gdb/data/debugger-launchers/ssh-gdb.sh

@@ -1,4 +1,4 @@
-#!/usr/bin/bash
+#!/usr/bin/env bash
 ## ###
 # IP: GHIDRA
 #
@@ -14,7 +14,6 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 ##
-#@timeout 60000
 #@title gdb via ssh
 #@image-opt arg:1
 #@desc <html><body width="300px">
@@ -24,9 +23,10 @@
 #@desc     For setup instructions, press <b>F1</b>.
 #@desc   </p>
 #@desc </body></html>
-#@menu-group remote
+#@menu-group gdb
 #@icon icon.debugger
-#@help TraceRmiLauncherServicePlugin#gdb_ssh
+#@help gdb#ssh
+#@depends Debugger-rmi-trace
 #@enum StartCmd:str run start starti
 #@enum Endian:str auto big little
 #@arg :str "Image" "The target binary executable image on the remote system"
@@ -40,40 +40,61 @@
 #@env OPT_ARCH:str="i386:x86-64" "Architecture" "Target architecture"
 #@env OPT_ENDIAN:Endian="auto" "Endian" "Target byte order"
 
+. ../support/gdbsetuputils.sh
+
 target_image="$1"
 shift
-target_args="$@"
 
-if [ -z "$target_image" ]
+function launch-gdb-ssh() {
-then
+	local -a args
-  "$OPT_SSH_PATH" "-R$OPT_REMOTE_PORT:$GHIDRA_TRACE_RMI_ADDR" -t $OPT_EXTRA_SSH_ARGS "$OPT_HOST" "TERM='$TERM' '$OPT_GDB_PATH' \
+	compute-gdb-usermode-args "$target_image" "localhost:$OPT_REMOTE_PORT" "$@"
-    -q \
+	local -a sshargs
-    -ex 'set pagination off' \
+	compute-ssh-args true "${args[@]}"
-    -ex 'set confirm off' \
+
-    -ex 'show version' \
+	"${sshargs[@]}"
-    -ex 'python import ghidragdb' \
+}
-    -ex 'set architecture $OPT_ARCH' \
+version=$(get-ghidra-version)
-    -ex 'set endian $OPT_ENDIAN' \
+
-    -ex 'ghidra trace connect \"localhost:$OPT_REMOTE_PORT\"' \
+function do-installation() {
-    -ex 'ghidra trace start' \
+	local -a pipargs
-    -ex 'ghidra trace sync-enable' \
+	compute-gdb-pipinstall-args "'-f'" "os.environ['HOME']" "'ghidragdb>=$version'"
-    -ex 'set confirm on' \
+	local -a sshargs
-    -ex 'set pagination on'"
+	compute-ssh-args false "${pipargs[@]}"
-else
+
-  "$OPT_SSH_PATH" "-R$OPT_REMOTE_PORT:$GHIDRA_TRACE_RMI_ADDR" -t $OPT_EXTRA_SSH_ARGS "$OPT_HOST" "TERM='$TERM' '$OPT_GDB_PATH' \
+	"${sshargs[@]}"
-    -q \
+}
-    -ex 'set pagination off' \
+
-    -ex 'set confirm off' \
+launch-gdb-ssh "$@"
-    -ex 'show version' \
+if check-result-and-prompt-mitigation $? "
-    -ex 'python import ghidragdb' \
+It appears ghidragdb is missing from the remote system. This can happen if you
-    -ex 'set architecture $OPT_ARCH' \
+forgot to install the required package. This can also happen if you installed
-    -ex 'set endian $OPT_ENDIAN' \
+the packages to a different Python environment than is being used by the
-    -ex 'file \"$target_image\"' \
+remote's gdb.
-    -ex 'set args $target_args' \
+
-    -ex 'ghidra trace connect \"localhost:$OPT_REMOTE_PORT\"' \
+This script is about to offer automatic resolution. If you'd like to resolve
-    -ex 'ghidra trace start' \
+this manually, answer no to the next question and then see Ghidra's help by
-    -ex 'ghidra trace sync-enable' \
+pressing F1 in the dialog of launch parameters.
-    -ex '$OPT_START_CMD' \
+
-    -ex 'set confirm on' \
+WARNING: Answering yes to the next question will invoke pip to try to install
-    -ex 'set pagination on'"
+missing or incorrectly-versioned dependencies. It may attempt to find packages
+from the PyPI mirror configured on the REMOTE system. If you have not configured
+one, it will connect to the official one.
+
+WARNING: We invoke pip with the --break-system-packages flag, because some
+debuggers that embed Python (gdb, lldb) may not support virtual environments,
+and so the packages must be installed to your user environment.
+
+NOTE: This will copy Python wheels into the HOME directory of the user on the
+remote system. You may be prompted to authenticate a few times while packages
+are copied and installed.
+
+NOTE: Automatic resolution will cause this session to terminate. When it has
+finished, try launching again.
+" "Would you like to install 'ghidragdb>=$version'?"; then
+
+	echo "Copying Wheels to $OPT_HOST"
+	mitigate-scp-pymodules "Debugger-rmi-trace" "<SELF>"
+
+	echo "Installing Wheels into GDB's embedded Python"
+	do-installation
 fi

Ghidra/Debug/Debugger-agent-gdb/data/debugger-launchers/ssh-gdbserver.bat

@@ -1,53 +0,0 @@
-::@timeout 60000
-::@title gdb + gdbserver via ssh
-::@image-opt env:OPT_TARGET_IMG
-::@desc <html><body width="300px">
-::@desc   <h3>Launch with local <tt>gdb</tt> and <tt>gdbserver</tt> via <tt>ssh</tt></h3>
-::@desc   <p>
-::@desc     This will start <tt>gdb</tt> on the local system and then use it to connect and launch the target in <tt>gdbserver</tt> on the remote system via <tt>ssh</tt>.
-::@desc     For setup instructions, press <b>F1</b>.
-::@desc   </p>
-::@desc </body></html>
-::@menu-group remote
-::@icon icon.debugger
-::@help TraceRmiLauncherServicePlugin#gdb_gdbserver_ssh
-::@enum Endian:str auto big little
-::@env OPT_TARGET_IMG:str!="" "Image" "The target binary executable image on the remote system"
-::@env OPT_TARGET_ARGS:str="" "Arguments" "Command-line arguments to pass to the target"
-::@env OPT_SSH_PATH:file="ssh" "ssh command" "The path to ssh on the local system. Omit the full path to resolve using the system PATH."
-::@env OPT_HOST:str="localhost" "[User@]Host" "The hostname or user@host"
-::@env OPT_EXTRA_SSH_ARGS:str="" "Extra ssh arguments" "Extra arguments to pass to ssh. Use with care."
-::@env OPT_GDBSERVER_PATH:str="gdbserver" "gdbserver command (remote)" "The path to gdbserver on the remote system. Omit the full path to resolve using the system PATH."
-::@env OPT_EXTRA_GDBSERVER_ARGS:str="" "Extra gdbserver arguments" "Extra arguments to pass to gdbserver. Use with care."
-::@env OPT_GDB_PATH:file="gdb" "gdb command" "The path to gdb on the local system. Omit the full path to resolve using the system PATH."
-::@env OPT_ARCH:str="auto" "Architecture" "Target architecture"
-::@env OPT_ENDIAN:Endian="auto" "Endian" "Target byte order"
-
-@echo off
-set PYTHONPATH0=%GHIDRA_HOME%\Ghidra\Debug\Debugger-agent-gdb\pypkg\src
-set PYTHONPATH1=%GHIDRA_HOME%\Ghidra\Debug\Debugger-rmi-trace\pypkg\src
-IF EXIST %GHIDRA_HOME%\.git (
-  set PYTHONPATH0=%GHIDRA_HOME%\Ghidra\Debug\Debugger-agent-gdb\build\pypkg\src
-  set PYTHONPATH1=%GHIDRA_HOME%\Ghidra\Debug\Debugger-rmi-trace\build\pypkg\src
-)
-IF EXIST %GHIDRA_HOME%\ghidra\.git (
-  set PYTHONPATH0=%GHIDRA_HOME%\ghidra\Ghidra\Debug\Debugger-agent-gdb\build\pypkg\src
-  set PYTHONPATH1=%GHIDRA_HOME%\ghidra\Ghidra\Debug\Debugger-rmi-trace\build\pypkg\src
-)
-set PYTHONPATH=%PYTHONPATH1%;%PYTHONPATH0%;%PYTHONPATH%
-
-"%OPT_GDB_PATH%" ^
-  -q ^
-  -ex "set pagination off" ^
-  -ex "set confirm off" ^
-  -ex "show version" ^
-  -ex "python import ghidragdb" ^
-  -ex "set architecture %OPT_ARCH%" ^
-   ex "set endian %OPT_ENDIAN%" ^
-  -ex "target remote | '%OPT_SSH_PATH%' %OPT_EXTRA_SSH_ARGS% '%OPT_HOST%' '%OPT_GDBSERVER_PATH%' %OPT_EXTRA_GDBSERVER_ARGS% - '%OPT_TARGET_IMG%' %OPT_TARGET_ARGS%" ^
-  -ex "ghidra trace connect '%GHIDRA_TRACE_RMI_ADDR%'" ^
-  -ex "ghidra trace start" ^
-  -ex "ghidra trace sync-enable" ^
-  -ex "ghidra trace sync-synth-stopped" ^
-  -ex "set confirm on" ^
-  -ex "set pagination on"

Ghidra/Debug/Debugger-agent-gdb/data/debugger-launchers/ssh-gdbserver.ps1

@@ -0,0 +1,52 @@
+## ###
+# IP: GHIDRA
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+##
+#@title gdb + gdbserver via ssh
+#@image-opt arg:1
+#@desc <html><body width="300px">
+#@desc   <h3>Launch with local <tt>gdb</tt> and <tt>gdbserver</tt> via <tt>ssh</tt></h3>
+#@desc   <p>
+#@desc     This will start <tt>gdb</tt> on the local system and then use it to connect and launch the target in <tt>gdbserver</tt> on the remote system via <tt>ssh</tt>.
+#@desc     For setup instructions, press <b>F1</b>.
+#@desc   </p>
+#@desc </body></html>
+#@menu-group gdb
+#@icon icon.debugger
+#@help gdb#gdbserver_ssh
+#@depends Debugger-rmi-trace
+#@enum Endian:str auto big little
+#@arg :str! "Image" "The target binary executable image on the remote system"
+#@env OPT_TARGET_ARGS:str="" "Arguments" "Command-line arguments to pass to the target"
+#@env OPT_SSH_PATH:file="ssh" "ssh command" "The path to ssh on the local system. Omit the full path to resolve using the system PATH."
+#@env OPT_HOST:str="localhost" "[User@]Host" "The hostname or user@host"
+#@env OPT_EXTRA_SSH_ARGS:str="" "Extra ssh arguments" "Extra arguments to pass to ssh. Use with care."
+#@env OPT_GDBSERVER_PATH:str="gdbserver" "gdbserver command (remote)" "The path to gdbserver on the remote system. Omit the full path to resolve using the system PATH."
+#@env OPT_EXTRA_GDBSERVER_ARGS:str="" "Extra gdbserver arguments" "Extra arguments to pass to gdbserver. Use with care."
+#@env OPT_GDB_PATH:file="gdb" "gdb command" "The path to gdb on the local system. Omit the full path to resolve using the system PATH."
+#@env OPT_ARCH:str="auto" "Architecture" "Target architecture"
+#@env OPT_ENDIAN:Endian="auto" "Endian" "Target byte order"
+
+. ..\support\gdbsetuputils.ps1
+
+$pypathTrace = Ghidra-Module-PyPath "Debugger-rmi-trace"
+$pypathGdb = Ghidra-Module-PyPath
+$Env:PYTHONPATH = "$pypathGdb;$pypathTrace;$Env:PYTHONPATH"
+
+$arglist = Compute-Gdb-Remote-Args `
+	-TargetImage $args[0] `
+	-TargetCx "remote | '$Env:OPT_SSH_PATH' $Env:OPT_EXTRA_SSH_ARGS '$Env:OPT_HOST' '$Env:OPT_GDBSERVER_PATH' $Env:OPT_EXTRA_GDBSERVER_ARGS - '$($args[0])' $Env:OPT_TARGET_ARGS" `
+	-RmiAddress "$Env:GHIDRA_TRACE_RMI_ADDR"
+
+Start-Process -FilePath $arglist[0] -ArgumentList $arglist[1..$arglist.Count] -NoNewWindow -Wait

Ghidra/Debug/Debugger-agent-gdb/data/debugger-launchers/ssh-gdbserver.sh

@@ -1,4 +1,4 @@
-#!/usr/bin/bash
+#!/usr/bin/env bash
 ## ###
 # IP: GHIDRA
 #
@@ -14,7 +14,6 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 ##
-#@timeout 60000
 #@title gdb + gdbserver via ssh
 #@image-opt arg:1
 #@desc <html><body width="300px">
@@ -24,9 +23,10 @@
 #@desc     For setup instructions, press <b>F1</b>.
 #@desc   </p>
 #@desc </body></html>
-#@menu-group remote
+#@menu-group gdb
 #@icon icon.debugger
-#@help TraceRmiLauncherServicePlugin#gdb_gdbserver_ssh
+#@help gdb#gdbserver_ssh
+#@depends Debugger-rmi-trace
 #@enum Endian:str auto big little
 #@arg :str! "Image" "The target binary executable image on the remote system"
 #@args "Arguments" "Command-line arguments to pass to the target"
@@ -39,31 +39,21 @@
 #@env OPT_ARCH:str="auto" "Architecture" "Target architecture"
 #@env OPT_ENDIAN:Endian="auto" "Endian" "Target byte order"
 
-if [ -d ${GHIDRA_HOME}/ghidra/.git ]
+. ../support/gdbsetuputils.sh
-then
-  export PYTHONPATH=$GHIDRA_HOME/ghidra/Ghidra/Debug/Debugger-agent-gdb/build/pypkg/src:$PYTHONPATH
-  export PYTHONPATH=$GHIDRA_HOME/ghidra/Ghidra/Debug/Debugger-rmi-trace/build/pypkg/src:$PYTHONPATH
-elif [ -d ${GHIDRA_HOME}/.git ]
-then 
-  export PYTHONPATH=$GHIDRA_HOME/Ghidra/Debug/Debugger-agent-gdb/build/pypkg/src:$PYTHONPATH
-  export PYTHONPATH=$GHIDRA_HOME/Ghidra/Debug/Debugger-rmi-trace/build/pypkg/src:$PYTHONPATH
-else
-  export PYTHONPATH=$GHIDRA_HOME/Ghidra/Debug/Debugger-agent-gdb/pypkg/src:$PYTHONPATH
-  export PYTHONPATH=$GHIDRA_HOME/Ghidra/Debug/Debugger-rmi-trace/pypkg/src:$PYTHONPATH
-fi
 
-"$OPT_GDB_PATH" \
+pypathTrace=$(ghidra-module-pypath "Debugger-rmi-trace")
-  -q \
+pypathGdb=$(ghidra-module-pypath)
-  -ex "set pagination off" \
+export PYTHONPATH=$pypathGdb:$pypathTrace:$PYTHONPATH
-  -ex "set confirm off" \
+
-  -ex "show version" \
+target_image="$1"
-  -ex "python import ghidragdb" \
+shift
-  -ex "set architecture $OPT_ARCH" \
+
-  -ex "set endian $OPT_ENDIAN" \
+function launch-gdb() {
-  -ex "target remote | '$OPT_SSH_PATH' $OPT_EXTRA_SSH_ARGS '$OPT_HOST' '$OPT_GDBSERVER_PATH' $OPT_EXTRA_GDBSERVER_ARGS - $@" \
+	local qargs
-  -ex "ghidra trace connect \"$GHIDRA_TRACE_RMI_ADDR\"" \
+	printf -v qargs '%q ' "$@"
-  -ex "ghidra trace start" \
+	local -a args
-  -ex "ghidra trace sync-enable" \
+	compute-gdb-remote-args "$target_image" "remote | '$OPT_SSH_PATH' $OPT_EXTRA_SSH_ARGS '$OPT_HOST' '$OPT_GDBSERVER_PATH' $OPT_EXTRA_GDBSERVER_ARGS - '$target_image' $qargs" "$GHIDRA_TRACE_RMI_ADDR"
-  -ex "ghidra trace sync-synth-stopped" \
+
-  -ex "set confirm on" \
+	"${args[@]}"
-  -ex "set pagination on"
+}
+launch-gdb "$@"

Ghidra/Debug/Debugger-agent-gdb/data/debugger-launchers/wine-gdb.sh

@@ -1,4 +1,4 @@
-#!/usr/bin/bash
+#!/usr/bin/env bash
 ## ###
 # IP: GHIDRA
 #
@@ -14,7 +14,7 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 ##
-#@title wine + gdb
+#@title gdb + wine
 #@image-opt arg:1
 #@desc <html><body width="300px">
 #@desc   <h3>Launch with <tt>gdb</tt> and <tt>wine</tt></h3>
@@ -23,9 +23,10 @@
 #@desc     For setup instructions, press <b>F1</b>.
 #@desc   </p>
 #@desc </body></html>
-#@menu-group cross
+#@menu-group gdb
 #@icon icon.debugger
-#@help TraceRmiLauncherServicePlugin#gdb_wine
+#@help gdb#wine
+#@depends Debugger-rmi-trace
 #@enum Endian:str auto big little
 #@arg :file! "Image" "The target binary executable image"
 #@args "Arguments" "Command-line arguments to pass to the target"
@@ -36,37 +37,20 @@
 #@env OPT_EXTRA_TTY:bool=false "Inferior TTY" "Provide a separate terminal emulator for the target."
 #@tty TTY_TARGET if env:OPT_EXTRA_TTY
 
-if [ -d ${GHIDRA_HOME}/ghidra/.git ]
-then
-  export PYTHONPATH=$GHIDRA_HOME/ghidra/Ghidra/Debug/Debugger-agent-gdb/build/pypkg/src:$PYTHONPATH
-  export PYTHONPATH=$GHIDRA_HOME/ghidra/Ghidra/Debug/Debugger-rmi-trace/build/pypkg/src:$PYTHONPATH
-elif [ -d ${GHIDRA_HOME}/.git ]
-then 
-  export PYTHONPATH=$GHIDRA_HOME/Ghidra/Debug/Debugger-agent-gdb/build/pypkg/src:$PYTHONPATH
-  export PYTHONPATH=$GHIDRA_HOME/Ghidra/Debug/Debugger-rmi-trace/build/pypkg/src:$PYTHONPATH
-else
-  export PYTHONPATH=$GHIDRA_HOME/Ghidra/Debug/Debugger-agent-gdb/pypkg/src:$PYTHONPATH
-  export PYTHONPATH=$GHIDRA_HOME/Ghidra/Debug/Debugger-rmi-trace/pypkg/src:$PYTHONPATH
-fi
 
-# NOTE: Ghidra will leave TTY_TARGET empty, which gdb takes for the same terminal.
+. ../support/gdbsetuputils.sh
 
-"$OPT_GDB_PATH" \
+pypathTrace=$(ghidra-module-pypath "Debugger-rmi-trace")
-  -q \
+pypathGdb=$(ghidra-module-pypath)
-  -ex "set pagination off" \
+export PYTHONPATH=$pypathGdb:$pypathTrace:$PYTHONPATH
-  -ex "set confirm off" \
+
-  -ex "show version" \
+target_image="$1"
-  -ex "python import ghidragdb.wine" \
+shift
-  -ex "set architecture $OPT_ARCH" \
+
-  -ex "set endian $OPT_ENDIAN" \
+function launch-gdb() {
-  -ex "file \"$OPT_WINE_PATH\"" \
+	local -a args
-  -ex "set args $@" \
+	compute-gdb-wine-args "$target_image" "$GHIDRA_TRACE_RMI_ADDR" "$@"
-  -ex "set inferior-tty $TTY_TARGET" \
+
-  -ex "starti" \
+	"${args[@]}"
-  -ex "ghidra wine run-to-image \"$1\"" \
+}
-  -ex "ghidra trace connect \"$GHIDRA_TRACE_RMI_ADDR\"" \
+launch-gdb "$@"
-  -ex "ghidra trace start \"$1\"" \
-  -ex "ghidra trace sync-enable" \
-  -ex "ghidra trace sync-synth-stopped" \
-  -ex "set confirm on" \
-  -ex "set pagination on"

Ghidra/Debug/Debugger-agent-gdb/data/support/gdbsetuputils.ps1

@@ -0,0 +1,106 @@
+## ###
+# IP: GHIDRA
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+##
+. $Env:MODULE_Debugger_rmi_trace_HOME\data\support\setuputils.ps1
+
+function Add-Gdb-Init-Args {
+	param([ref]$ArgList)
+
+	$ArgList.Value+=("-q")
+	$ArgList.Value+=("-ex", "`"set pagination off`"")
+	$ArgList.Value+=("-ex", "`"set confirm off`"")
+	$ArgList.Value+=("-ex", "`"show version`"")
+	$ArgList.Value+=("-ex", "`"python import ghidragdb`"")
+	$ArgList.Value+=("-ex", "`"python if not 'ghidragdb' in locals(): exit(253)`"")
+	$ArgList.Value+=("-ex", "`"set architecture $Env:OPT_ARCH`"")
+	$ArgList.Value+=("-ex", "`"set endian $Env:OPT_ENDIAN`"")
+}
+
+function Add-Gdb-Image-And-Args {
+	param([ref]$ArgList, $TargetImage, $TargetArgs)
+
+	if ("$TargetImage" -ne "") {
+		$image = $TargetImage -replace "\\", "\\\\"
+		$ArgList.Value+=("-ex", "`"file '$image'`"")
+	}
+	if ("$TargetArgs" -ne "") {
+		$tgtargs = $TargetArgs -replace "`"", "\`""
+		# Escaping parentheses in the arguments is no longer necessary in powershell vs cmd
+		$ArgList.Value+=("-ex", "`"set args $tgtargs`"")
+	}
+}
+
+function Add-Gdb-Connect-And-Sync {
+	param([ref]$ArgList, $Address)
+
+	$ArgList.Value+=("-ex", "`"ghidra trace connect '$Address'`"")
+	$ArgList.Value+=("-ex", "`"ghidra trace start`"")
+	$ArgList.Value+=("-ex", "`"ghidra trace sync-enable`"")
+}
+
+function Add-Gdb-Start-If-Image {
+	param([ref]$ArgList, $TargetImage)
+
+	if ("$TargetImage" -ne "") {
+		$ArgList.Value+=("-ex", "`"$Env:OPT_START_CMD`"")
+	}
+}
+
+function Add-Gdb-Tail-Args {
+	param([ref]$ArgList)
+
+	$ArgList.Value+=("-ex", "`"set confirm on`"")
+#	$ArgList.Value+=("-ex", "`"set pagination on`"")
+}
+
+function Compute-Gdb-Usermode-Args {
+	param($TargetImage, $RmiAddress)
+
+	$arglist = @("`"$Env:OPT_GDB_PATH`"")
+	Add-Gdb-Init-Args -ArgList ([ref]$arglist)
+	Add-Gdb-Image-And-Args -ArgList ([ref]$arglist) -TargetImage $TargetImage -TargetArgs $Env:OPT_TARGET_ARGS
+	Add-Gdb-Connect-And-Sync -ArgList ([ref]$arglist) -Address $RmiAddress
+	Add-Gdb-Start-If-Image -ArgList ([ref]$arglist) -TargetImage $TargetImage
+	Add-Gdb-Tail-Args -ArgList ([ref]$arglist)
+
+	return $arglist
+}
+
+function Compute-Gdb-Remote-Args {
+	param($TargetImage, $TargetCx, $RmiAddress)
+
+	$arglist = @("`"$Env:OPT_GDB_PATH`"")
+	Add-Gdb-Init-Args -ArgList ([ref]$arglist)
+	Add-Gdb-Image-And-Args -ArgList ([ref]$arglist) -TargetImge $TargetImage -TargetArgs ""
+	$arglist+=("-ex", "`"echo Connecting to $TargetCx\n`"")
+	$arglist+=("-ex", "`"target $TargetCx`"")
+	Add-Gdb-Connect-And-Sync -ArgList ([ref]$arglist) -Address $RmiAddress
+	$arglist+=("-ex", "`"ghidra trace sync-synth-stopped`"")
+	Add-Gdb-Tail-Args -ArgList ([ref]$arglist)
+
+	return $arglist
+}
+
+function Compute-Gdb-PipInstall-Args {
+	$argvpart = $args -join ", "
+	$arglist = @("`"$Env:OPT_GDB_PATH`"")
+	$arglist+=("-ex", "`"set pagination off`"")
+	$arglist+=("-ex", "`"python import os, sys, runpy`"")
+	$arglist+=("-ex", "`"python sys.argv=['pip', 'install', '--force-reinstall', $argvpart]`"")
+	$arglist+=("-ex", "`"python os.environ['PIP_BREAK_SYSTEM_PACKAGE']='1'`"")
+	$arglist+=("-ex", "`"python runpy.run_module('pip', run_name='__main__')`"")
+
+	return $arglist
+}

Ghidra/Debug/Debugger-agent-gdb/data/support/gdbsetuputils.sh

@@ -0,0 +1,127 @@
+## ###
+# IP: GHIDRA
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+##
+. $MODULE_Debugger_rmi_trace_HOME/data/support/setuputils.sh
+
+add-gdb-init-args() {
+	args+=(-q)
+	args+=(-ex "set pagination off")
+	args+=(-ex "set confirm off")
+	args+=(-ex "show version")
+	args+=(-ex "python import ghidragdb")
+	args+=(-ex "python if not 'ghidragdb' in locals(): exit(253)")
+	args+=(-ex "set architecture $OPT_ARCH")
+	args+=(-ex "set endian $OPT_ENDIAN")
+}
+
+add-gdb-image-and-args() {
+	target_image=$1
+	shift
+
+	if [ -n "$target_image" ]; then
+		args+=(-ex "file '$target_image'")
+	fi
+	if [ "$#" -ne 0 ]; then
+		local qargs
+		printf -v qargs '%q ' "$@"
+		args+=(-ex "set args $qargs")
+	fi
+}
+
+add-gdb-inferior-tty() {
+	# Ghidra will leave TTY_TARGET empty when OPT_EXTRA_TTY is false.
+	# Gdb takes empty to mean the same terminal.
+	args+=(-ex "set inferior-tty $TTY_TARGET")
+}
+
+add-gdb-connect-and-sync() {
+	address=$1
+
+	args+=(-ex "ghidra trace connect '$address'")
+	args+=(-ex "ghidra trace start")
+	args+=(-ex "ghidra trace sync-enable")
+}
+
+add-gdb-start-if-image() {
+	target_image=$1
+
+	if [ -n "$target_image" ]; then
+		args+=(-ex "$OPT_START_CMD")
+	fi
+}
+
+add-gdb-tail-args() {
+	args+=(-ex "set confirm on")
+#	args+=(-ex "set pagination on")
+}
+
+compute-gdb-usermode-args() {
+	target_image=$1
+	rmi_address=$2
+	shift
+	shift
+
+	args+=("$OPT_GDB_PATH")
+	add-gdb-init-args
+	add-gdb-image-and-args "$target_image" "$@"
+	add-gdb-inferior-tty
+	add-gdb-connect-and-sync "$rmi_address"
+	add-gdb-start-if-image "$target_image"
+	add-gdb-tail-args
+}
+
+compute-gdb-wine-args() {
+	target_image=$1
+	rmi_address=$2
+	shift
+	shift
+
+	args+=("$OPT_GDB_PATH")
+	add-gdb-init-args
+	add-gdb-image-and-args "$OPT_WINE_PATH" "$target_image" "$@"
+	add-gdb-inferior-tty
+	gdb+=(-ex "starti")
+	gdb+=(-ex "ghidra wine run-to-image '$target_image'")
+	add-gdb-connect-and-sync "$rmi_address"
+	gdb+=(-ex "ghidra trace sync-synth-stopped")
+	add-gdb-tail-args
+}
+
+compute-gdb-remote-args() {
+	target_image=$1
+	target_cx=$2
+	rmi_address=$3
+
+	args+=("$OPT_GDB_PATH")
+	add-gdb-init-args
+	add-gdb-image-and-args "$target_image"
+	args+=(-ex "echo Connecting to $target_cx\n")
+	args+=(-ex "target $target_cx")
+	add-gdb-connect-and-sync "$rmi_address"
+	args+=(-ex "ghidra trace sync-synth-stopped")
+	add-gdb-tail-args
+}
+
+compute-gdb-pipinstall-args() {
+	local argvpart
+	printf -v argvpart ", %s" "$@"
+	pipargs=("$OPT_GDB_PATH")
+	pipargs+=(-q)
+	pipargs+=(-ex "set pagination off")
+	pipargs+=(-ex "python import os, sys, runpy")
+	pipargs+=(-ex "python sys.argv=['pip', 'install', '--force-reinstall'$argvpart]")
+	pipargs+=(-ex "python os.environ['PIP_BREAK_SYSTEM_PACKAGE']='1'")
+	pipargs+=(-ex "python runpy.run_module('pip', run_name='__main__')")
+}

Ghidra/Debug/Debugger-agent-gdb/src/main/help/help/TOC_Source.xml

@@ -0,0 +1,31 @@
+<?xml version='1.0' encoding='ISO-8859-1'?>
+<!-- See Base's TOC_Source.xml for help -->
+<tocroot>
+	<tocref id="TraceRmiLauncherServicePlugin">
+		<tocdef id="gdb" text="GDB Integration"
+			target="help/topics/gdb/gdb.html">
+
+			<tocdef id="gdb_local" text="Local"
+				target="help/topics/gdb/gdb.html#local" />
+
+			<tocdef id="gdb_ssh" text="Via SSH"
+				target="help/topics/gdb/gdb.html#ssh" />
+
+			<tocdef id="gdb_gdbserver_ssh" text="gdbserver via SSH"
+				target="help/topics/gdb/gdb.html#gdbserver_ssh" />
+
+			<tocdef id="gdb_qemu" text="QEMU"
+				target="help/topics/gdb/gdb.html#qemu" />
+
+			<tocdef id="gdb_wine" text="Wine"
+				target="help/topics/gdb/gdb.html#wine" />
+
+			<tocdef id="gdb_remote" text="Remote"
+				target="help/topics/gdb/gdb.html#remote" />
+
+			<tocdef id="gdb_rr" text="rr"
+				target="help/topics/gdb/gdb.html#rr" />
+
+		</tocdef>
+	</tocref>
+</tocroot>