| Home | Trees | Indices | Help |
|
|---|
|
|
1 # Copyright (c) 2009-2010, Mario Vilas
2 # All rights reserved.
3 #
4 # Redistribution and use in source and binary forms, with or without
5 # modification, are permitted provided that the following conditions are met:
6 #
7 # * Redistributions of source code must retain the above copyright notice,
8 # this list of conditions and the following disclaimer.
9 # * Redistributions in binary form must reproduce the above copyright
10 # notice,this list of conditions and the following disclaimer in the
11 # documentation and/or other materials provided with the distribution.
12 # * Neither the name of the copyright holder nor the names of its
13 # contributors may be used to endorse or promote products derived from
14 # this software without specific prior written permission.
15 #
16 # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
17 # AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
18 # IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
19 # ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE
20 # LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
21 # CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
22 # SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
23 # INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
24 # CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
25 # ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
26 # POSSIBILITY OF SUCH DAMAGE.
27
28 """
29 Wrapper for dbghelp.dll in ctypes.
30 """
31
32 __revision__ = "$Id: dbghelp.py 668 2010-04-25 15:55:23Z qvasimodo $"
33
34 from defines import *
35 from kernel32 import *
36
37 # SymGetHomeDirectory "type" values
38 hdBase = 0
39 hdSym = 1
40 hdSrc = 2
41
42 UNDNAME_32_BIT_DECODE = 0x0800
43 UNDNAME_COMPLETE = 0x0000
44 UNDNAME_NAME_ONLY = 0x1000
45 UNDNAME_NO_ACCESS_SPECIFIERS = 0x0080
46 UNDNAME_NO_ALLOCATION_LANGUAGE = 0x0010
47 UNDNAME_NO_ALLOCATION_MODEL = 0x0008
48 UNDNAME_NO_ARGUMENTS = 0x2000
49 UNDNAME_NO_CV_THISTYPE = 0x0040
50 UNDNAME_NO_FUNCTION_RETURNS = 0x0004
51 UNDNAME_NO_LEADING_UNDERSCORES = 0x0001
52 UNDNAME_NO_MEMBER_TYPE = 0x0200
53 UNDNAME_NO_MS_KEYWORDS = 0x0002
54 UNDNAME_NO_MS_THISTYPE = 0x0020
55 UNDNAME_NO_RETURN_UDT_MODEL = 0x0400
56 UNDNAME_NO_SPECIAL_SYMS = 0x4000
57 UNDNAME_NO_THISTYPE = 0x0060
58 UNDNAME_NO_THROW_SIGNATURES = 0x0100
59
60 #--- IMAGEHLP_MODULE structure and related ------------------------------------
61
62 SYMOPT_ALLOW_ABSOLUTE_SYMBOLS = 0x00000800
63 SYMOPT_ALLOW_ZERO_ADDRESS = 0x01000000
64 SYMOPT_AUTO_PUBLICS = 0x00010000
65 SYMOPT_CASE_INSENSITIVE = 0x00000001
66 SYMOPT_DEBUG = 0x80000000
67 SYMOPT_DEFERRED_LOADS = 0x00000004
68 SYMOPT_DISABLE_SYMSRV_AUTODETECT = 0x02000000
69 SYMOPT_EXACT_SYMBOLS = 0x00000400
70 SYMOPT_FAIL_CRITICAL_ERRORS = 0x00000200
71 SYMOPT_FAVOR_COMPRESSED = 0x00800000
72 SYMOPT_FLAT_DIRECTORY = 0x00400000
73 SYMOPT_IGNORE_CVREC = 0x00000080
74 SYMOPT_IGNORE_IMAGEDIR = 0x00200000
75 SYMOPT_IGNORE_NT_SYMPATH = 0x00001000
76 SYMOPT_INCLUDE_32BIT_MODULES = 0x00002000
77 SYMOPT_LOAD_ANYTHING = 0x00000040
78 SYMOPT_LOAD_LINES = 0x00000010
79 SYMOPT_NO_CPP = 0x00000008
80 SYMOPT_NO_IMAGE_SEARCH = 0x00020000
81 SYMOPT_NO_PROMPTS = 0x00080000
82 SYMOPT_NO_PUBLICS = 0x00008000
83 SYMOPT_NO_UNQUALIFIED_LOADS = 0x00000100
84 SYMOPT_OVERWRITE = 0x00100000
85 SYMOPT_PUBLICS_ONLY = 0x00004000
86 SYMOPT_SECURE = 0x00040000
87 SYMOPT_UNDNAME = 0x00000002
88
89 ##SSRVOPT_DWORD
90 ##SSRVOPT_DWORDPTR
91 ##SSRVOPT_GUIDPTR
92 ##
93 ##SSRVOPT_CALLBACK
94 ##SSRVOPT_DOWNSTREAM_STORE
95 ##SSRVOPT_FLAT_DEFAULT_STORE
96 ##SSRVOPT_FAVOR_COMPRESSED
97 ##SSRVOPT_NOCOPY
98 ##SSRVOPT_OVERWRITE
99 ##SSRVOPT_PARAMTYPE
100 ##SSRVOPT_PARENTWIN
101 ##SSRVOPT_PROXY
102 ##SSRVOPT_RESET
103 ##SSRVOPT_SECURE
104 ##SSRVOPT_SETCONTEXT
105 ##SSRVOPT_TRACE
106 ##SSRVOPT_UNATTENDED
107
108 # typedef enum
109 # {
110 # SymNone = 0,
111 # SymCoff,
112 # SymCv,
113 # SymPdb,
114 # SymExport,
115 # SymDeferred,
116 # SymSym,
117 # SymDia,
118 # SymVirtual,
119 # NumSymTypes
120 # } SYM_TYPE;
121 SymNone = 0
122 SymCoff = 1
123 SymCv = 2
124 SymPdb = 3
125 SymExport = 4
126 SymDeferred = 5
127 SymSym = 6
128 SymDia = 7
129 SymVirtual = 8
130 NumSymTypes = 9
131
132 # typedef struct _IMAGEHLP_MODULE64 {
133 # DWORD SizeOfStruct;
134 # DWORD64 BaseOfImage;
135 # DWORD ImageSize;
136 # DWORD TimeDateStamp;
137 # DWORD CheckSum;
138 # DWORD NumSyms;
139 # SYM_TYPE SymType;
140 # TCHAR ModuleName[32];
141 # TCHAR ImageName[256];
142 # TCHAR LoadedImageName[256];
143 # TCHAR LoadedPdbName[256];
144 # DWORD CVSig;
145 # TCHAR CVData[MAX_PATH*3];
146 # DWORD PdbSig;
147 # GUID PdbSig70;
148 # DWORD PdbAge;
149 # BOOL PdbUnmatched;
150 # BOOL DbgUnmatched;
151 # BOOL LineNumbers;
152 # BOOL GlobalSymbols;
153 # BOOL TypeInfo;
154 # BOOL SourceIndexed;
155 # BOOL Publics;
156 # } IMAGEHLP_MODULE64, *PIMAGEHLP_MODULE64;
157
159 _fields_ = [
160 ("SizeOfStruct", DWORD),
161 ("BaseOfImage", DWORD),
162 ("ImageSize", DWORD),
163 ("TimeDateStamp", DWORD),
164 ("CheckSum", DWORD),
165 ("NumSyms", DWORD),
166 ("SymType", DWORD), # SYM_TYPE
167 ("ModuleName", CHAR * 32),
168 ("ImageName", CHAR * 256),
169 ("LoadedImageName", CHAR * 256),
170 ]
171 PIMAGEHLP_MODULE = POINTER(IMAGEHLP_MODULE)
172
174 _fields_ = [
175 ("SizeOfStruct", DWORD),
176 ("BaseOfImage", DWORD64),
177 ("ImageSize", DWORD),
178 ("TimeDateStamp", DWORD),
179 ("CheckSum", DWORD),
180 ("NumSyms", DWORD),
181 ("SymType", DWORD), # SYM_TYPE
182 ("ModuleName", CHAR * 32),
183 ("ImageName", CHAR * 256),
184 ("LoadedImageName", CHAR * 256),
185 ("LoadedPdbName", CHAR * 256),
186 ("CVSig", DWORD),
187 ("CVData", CHAR * (MAX_PATH * 3)),
188 ("PdbSig", DWORD),
189 ("PdbSig70", GUID),
190 ("PdbAge", DWORD),
191 ("PdbUnmatched", BOOL),
192 ("DbgUnmatched", BOOL),
193 ("LineNumbers", BOOL),
194 ("GlobalSymbols", BOOL),
195 ("TypeInfo", BOOL),
196 ("SourceIndexed", BOOL),
197 ("Publics", BOOL),
198 ]
199 PIMAGEHLP_MODULE64 = POINTER(IMAGEHLP_MODULE64)
200
202 _fields_ = [
203 ("SizeOfStruct", DWORD),
204 ("BaseOfImage", DWORD),
205 ("ImageSize", DWORD),
206 ("TimeDateStamp", DWORD),
207 ("CheckSum", DWORD),
208 ("NumSyms", DWORD),
209 ("SymType", DWORD), # SYM_TYPE
210 ("ModuleName", WCHAR * 32),
211 ("ImageName", WCHAR * 256),
212 ("LoadedImageName", WCHAR * 256),
213 ]
214 PIMAGEHLP_MODULEW = POINTER(IMAGEHLP_MODULEW)
215
217 _fields_ = [
218 ("SizeOfStruct", DWORD),
219 ("BaseOfImage", DWORD64),
220 ("ImageSize", DWORD),
221 ("TimeDateStamp", DWORD),
222 ("CheckSum", DWORD),
223 ("NumSyms", DWORD),
224 ("SymType", DWORD), # SYM_TYPE
225 ("ModuleName", WCHAR * 32),
226 ("ImageName", WCHAR * 256),
227 ("LoadedImageName", WCHAR * 256),
228 ("LoadedPdbName", WCHAR * 256),
229 ("CVSig", DWORD),
230 ("CVData", WCHAR * (MAX_PATH * 3)),
231 ("PdbSig", DWORD),
232 ("PdbSig70", GUID),
233 ("PdbAge", DWORD),
234 ("PdbUnmatched", BOOL),
235 ("DbgUnmatched", BOOL),
236 ("LineNumbers", BOOL),
237 ("GlobalSymbols", BOOL),
238 ("TypeInfo", BOOL),
239 ("SourceIndexed", BOOL),
240 ("Publics", BOOL),
241 ]
242 PIMAGEHLP_MODULEW64 = POINTER(IMAGEHLP_MODULEW64)
243
244 #--- dbghelp.dll --------------------------------------------------------------
245
246 # XXX the ANSI versions of these functions don't end in "A" as expected!
247
248 # BOOL WINAPI SymInitialize(
249 # __in HANDLE hProcess,
250 # __in_opt PCTSTR UserSearchPath,
251 # __in BOOL fInvadeProcess
252 # );
254 _SymInitialize = windll.dbghelp.SymInitialize
255 _SymInitialize.argtypes = [HANDLE, LPSTR, BOOL]
256 _SymInitialize.restype = bool
257 _SymInitialize.errcheck = RaiseIfZero
258 if not UserSearchPath:
259 UserSearchPath = None
260 _SymInitialize(hProcess, UserSearchPath, fInvadeProcess)
261
262 # BOOL WINAPI SymCleanup(
263 # __in HANDLE hProcess
264 # );
266 _SymCleanup = windll.dbghelp.SymCleanup
267 _SymCleanup.argtypes = [HANDLE]
268 _SymCleanup.restype = bool
269 _SymCleanup.errcheck = RaiseIfZero
270 _SymCleanup(hProcess)
271
272 # BOOL WINAPI SymRefreshModuleList(
273 # __in HANDLE hProcess
274 # );
276 _SymRefreshModuleList = windll.dbghelp.SymRefreshModuleList
277 _SymRefreshModuleList.argtypes = [HANDLE]
278 _SymRefreshModuleList.restype = bool
279 _SymRefreshModuleList.errcheck = RaiseIfZero
280 _SymRefreshModuleList(hProcess)
281
282 # BOOL WINAPI SymSetParentWindow(
283 # __in HWND hwnd
284 # );
286 _SymSetParentWindow = windll.dbghelp.SymSetParentWindow
287 _SymSetParentWindow.argtypes = [HWND]
288 _SymSetParentWindow.restype = bool
289 _SymSetParentWindow.errcheck = RaiseIfZero
290 _SymSetParentWindow(hwnd)
291
292 # DWORD WINAPI SymSetOptions(
293 # __in DWORD SymOptions
294 # );
296 _SymSetOptions = windll.dbghelp.SymSetOptions
297 _SymSetOptions.argtypes = [DWORD]
298 _SymSetOptions.restype = DWORD
299 _SymSetOptions.errcheck = RaiseIfZero
300 _SymSetOptions(SymOptions)
301
302 # DWORD WINAPI SymGetOptions(void);
304 _SymGetOptions = windll.dbghelp.SymGetOptions
305 _SymGetOptions.argtypes = []
306 _SymGetOptions.restype = DWORD
307 return _SymGetOptions()
308
309 # DWORD WINAPI SymLoadModule(
310 # __in HANDLE hProcess,
311 # __in_opt HANDLE hFile,
312 # __in_opt PCSTR ImageName,
313 # __in_opt PCSTR ModuleName,
314 # __in DWORD BaseOfDll,
315 # __in DWORD SizeOfDll
316 # );
317 -def SymLoadModule(hProcess, hFile = None, ImageName = None, ModuleName = None, BaseOfDll = None, SizeOfDll = None):
318 _SymLoadModule = windll.dbghelp.SymLoadModule
319 _SymLoadModule.argtypes = [HANDLE, HANDLE, LPSTR, LPSTR, DWORD, DWORD]
320 _SymLoadModule.restype = DWORD
321
322 if not ImageName:
323 ImageName = None
324 if not ModuleName:
325 ModuleName = None
326 if not BaseOfDll:
327 BaseOfDll = 0
328 if not SizeOfDll:
329 SizeOfDll = 0
330 lpBaseAddress = _SymLoadModule(hProcess, hFile, ImageName, ModuleName, BaseOfDll, SizeOfDll)
331 if lpBaseAddress == NULL:
332 dwErrorCode = GetLastError()
333 if dwErrorCode != ERROR_SUCCESS:
334 raise ctypes.WinError(dwErrorCode)
335 return lpBaseAddress
336
337 # DWORD64 WINAPI SymLoadModule64(
338 # __in HANDLE hProcess,
339 # __in_opt HANDLE hFile,
340 # __in_opt PCSTR ImageName,
341 # __in_opt PCSTR ModuleName,
342 # __in DWORD64 BaseOfDll,
343 # __in DWORD SizeOfDll
344 # );
345 -def SymLoadModule64(hProcess, hFile = None, ImageName = None, ModuleName = None, BaseOfDll = None, SizeOfDll = None):
346 _SymLoadModule64 = windll.dbghelp.SymLoadModule64
347 _SymLoadModule64.argtypes = [HANDLE, HANDLE, LPSTR, LPSTR, DWORD64, DWORD]
348 _SymLoadModule64.restype = DWORD64
349
350 if not ImageName:
351 ImageName = None
352 if not ModuleName:
353 ModuleName = None
354 if not BaseOfDll:
355 BaseOfDll = 0
356 if not SizeOfDll:
357 SizeOfDll = 0
358 lpBaseAddress = _SymLoadModule64(hProcess, hFile, ImageName, ModuleName, BaseOfDll, SizeOfDll)
359 if lpBaseAddress == NULL:
360 dwErrorCode = GetLastError()
361 if dwErrorCode != ERROR_SUCCESS:
362 raise ctypes.WinError(dwErrorCode)
363 return lpBaseAddress
364
365 # BOOL WINAPI SymUnloadModule(
366 # __in HANDLE hProcess,
367 # __in DWORD BaseOfDll
368 # );
370 _SymUnloadModule = windll.dbghelp.SymUnloadModule
371 _SymUnloadModule.argtypes = [HANDLE, DWORD]
372 _SymUnloadModule.restype = bool
373 _SymUnloadModule.errcheck = RaiseIfZero
374 _SymUnloadModule(hProcess, BaseOfDll)
375
376 # BOOL WINAPI SymUnloadModule64(
377 # __in HANDLE hProcess,
378 # __in DWORD64 BaseOfDll
379 # );
381 _SymUnloadModule64 = windll.dbghelp.SymUnloadModule64
382 _SymUnloadModule64.argtypes = [HANDLE, DWORD64]
383 _SymUnloadModule64.restype = bool
384 _SymUnloadModule64.errcheck = RaiseIfZero
385 _SymUnloadModule64(hProcess, BaseOfDll)
386
387 # BOOL WINAPI SymGetModuleInfo(
388 # __in HANDLE hProcess,
389 # __in DWORD dwAddr,
390 # __out PIMAGEHLP_MODULE ModuleInfo
391 # );
393 _SymGetModuleInfo = windll.dbghelp.SymGetModuleInfo
394 _SymGetModuleInfo.argtypes = [HANDLE, DWORD, PIMAGEHLP_MODULE]
395 _SymGetModuleInfo.restype = bool
396 _SymGetModuleInfo.errcheck = RaiseIfZero
397
398 ModuleInfo = IMAGEHLP_MODULE()
399 ModuleInfo.SizeOfStruct = sizeof(ModuleInfo)
400 _SymGetModuleInfo(hProcess, dwAddr, ctypes.byref(ModuleInfo))
401 return ModuleInfo
402
404 _SymGetModuleInfoW = windll.dbghelp.SymGetModuleInfoW
405 _SymGetModuleInfoW.argtypes = [HANDLE, DWORD, PIMAGEHLP_MODULEW]
406 _SymGetModuleInfoW.restype = bool
407 _SymGetModuleInfoW.errcheck = RaiseIfZero
408
409 ModuleInfo = IMAGEHLP_MODULEW()
410 ModuleInfo.SizeOfStruct = sizeof(ModuleInfo)
411 _SymGetModuleInfoW(hProcess, dwAddr, ctypes.byref(ModuleInfo))
412 return ModuleInfo
413
414 SymGetModuleInfo = GuessStringType(SymGetModuleInfoA, SymGetModuleInfoW)
415
416 # BOOL WINAPI SymGetModuleInfo64(
417 # __in HANDLE hProcess,
418 # __in DWORD64 dwAddr,
419 # __out PIMAGEHLP_MODULE64 ModuleInfo
420 # );
422 _SymGetModuleInfo64 = windll.dbghelp.SymGetModuleInfo64
423 _SymGetModuleInfo64.argtypes = [HANDLE, DWORD64, PIMAGEHLP_MODULE64]
424 _SymGetModuleInfo64.restype = bool
425 _SymGetModuleInfo64.errcheck = RaiseIfZero
426
427 ModuleInfo = IMAGEHLP_MODULE64()
428 ModuleInfo.SizeOfStruct = sizeof(ModuleInfo)
429 _SymGetModuleInfo64(hProcess, dwAddr, ctypes.byref(ModuleInfo))
430 return ModuleInfo
431
433 _SymGetModuleInfo64W = windll.dbghelp.SymGetModuleInfo64W
434 _SymGetModuleInfo64W.argtypes = [HANDLE, DWORD64, PIMAGEHLP_MODULE64W]
435 _SymGetModuleInfo64W.restype = bool
436 _SymGetModuleInfo64W.errcheck = RaiseIfZero
437
438 ModuleInfo = IMAGEHLP_MODULE64W()
439 ModuleInfo.SizeOfStruct = sizeof(ModuleInfo)
440 _SymGetModuleInfo64W(hProcess, dwAddr, ctypes.byref(ModuleInfo))
441 return ModuleInfo
442
443 SymGetModuleInfo64 = GuessStringType(SymGetModuleInfo64A, SymGetModuleInfo64W)
444
445 # BOOL CALLBACK SymEnumerateModulesProc(
446 # __in PCTSTR ModuleName,
447 # __in DWORD BaseOfDll,
448 # __in_opt PVOID UserContext
449 # );
450 PSYM_ENUMMODULES_CALLBACK = WINFUNCTYPE(BOOL, LPSTR, DWORD, PVOID)
451 PSYM_ENUMMODULES_CALLBACKW = WINFUNCTYPE(BOOL, LPWSTR, DWORD, PVOID)
452
453 # BOOL CALLBACK SymEnumerateModulesProc64(
454 # __in PCTSTR ModuleName,
455 # __in DWORD64 BaseOfDll,
456 # __in_opt PVOID UserContext
457 # );
458 PSYM_ENUMMODULES_CALLBACK64 = WINFUNCTYPE(BOOL, LPSTR, DWORD64, PVOID)
459 PSYM_ENUMMODULES_CALLBACKW64 = WINFUNCTYPE(BOOL, LPWSTR, DWORD64, PVOID)
460
461 # BOOL WINAPI SymEnumerateModules(
462 # __in HANDLE hProcess,
463 # __in PSYM_ENUMMODULES_CALLBACK EnumModulesCallback,
464 # __in_opt PVOID UserContext
465 # );
467 _SymEnumerateModules = windll.dbghelp.SymEnumerateModules
468 _SymEnumerateModules.argtypes = [HANDLE, PSYM_ENUMMODULES_CALLBACK, PVOID]
469 _SymEnumerateModules.restype = bool
470 _SymEnumerateModules.errcheck = RaiseIfZero
471
472 EnumModulesCallback = PSYM_ENUMMODULES_CALLBACK(EnumModulesCallback)
473 if UserContext:
474 UserContext = ctypes.pointer(UserContext)
475 else:
476 UserContext = LPVOID(NULL)
477 _SymEnumerateModules(hProcess, EnumModulesCallback, UserContext)
478
480 _SymEnumerateModulesW = windll.dbghelp.SymEnumerateModulesW
481 _SymEnumerateModulesW.argtypes = [HANDLE, PSYM_ENUMMODULES_CALLBACKW, PVOID]
482 _SymEnumerateModulesW.restype = bool
483 _SymEnumerateModulesW.errcheck = RaiseIfZero
484
485 EnumModulesCallback = PSYM_ENUMMODULES_CALLBACKW(EnumModulesCallback)
486 if UserContext:
487 UserContext = ctypes.pointer(UserContext)
488 else:
489 UserContext = LPVOID(NULL)
490 _SymEnumerateModulesW(hProcess, EnumModulesCallback, UserContext)
491
492 SymEnumerateModules = GuessStringType(SymEnumerateModulesA, SymEnumerateModulesW)
493
494 # BOOL WINAPI SymEnumerateModules64(
495 # __in HANDLE hProcess,
496 # __in PSYM_ENUMMODULES_CALLBACK64 EnumModulesCallback,
497 # __in_opt PVOID UserContext
498 # );
500 _SymEnumerateModules64 = windll.dbghelp.SymEnumerateModules64
501 _SymEnumerateModules64.argtypes = [HANDLE, PSYM_ENUMMODULES_CALLBACK64, PVOID]
502 _SymEnumerateModules64.restype = bool
503 _SymEnumerateModules64.errcheck = RaiseIfZero
504
505 EnumModulesCallback = PSYM_ENUMMODULES_CALLBACK64(EnumModulesCallback)
506 if UserContext:
507 UserContext = ctypes.pointer(UserContext)
508 else:
509 UserContext = LPVOID(NULL)
510 _SymEnumerateModules64(hProcess, EnumModulesCallback, UserContext)
511
513 _SymEnumerateModules64W = windll.dbghelp.SymEnumerateModules64W
514 _SymEnumerateModules64W.argtypes = [HANDLE, PSYM_ENUMMODULES_CALLBACK64W, PVOID]
515 _SymEnumerateModules64W.restype = bool
516 _SymEnumerateModules64W.errcheck = RaiseIfZero
517
518 EnumModulesCallback = PSYM_ENUMMODULES_CALLBACK64W(EnumModulesCallback)
519 if UserContext:
520 UserContext = ctypes.pointer(UserContext)
521 else:
522 UserContext = LPVOID(NULL)
523 _SymEnumerateModules64W(hProcess, EnumModulesCallback, UserContext)
524
525 SymEnumerateModules64 = GuessStringType(SymEnumerateModules64A, SymEnumerateModules64W)
526
527 # BOOL CALLBACK SymEnumerateSymbolsProc(
528 # __in PCTSTR SymbolName,
529 # __in DWORD SymbolAddress,
530 # __in ULONG SymbolSize,
531 # __in_opt PVOID UserContext
532 # );
533 PSYM_ENUMSYMBOLS_CALLBACK = WINFUNCTYPE(BOOL, LPSTR, DWORD, ULONG, PVOID)
534 PSYM_ENUMSYMBOLS_CALLBACKW = WINFUNCTYPE(BOOL, LPWSTR, DWORD, ULONG, PVOID)
535
536 # BOOL CALLBACK SymEnumerateSymbolsProc64(
537 # __in PCTSTR SymbolName,
538 # __in DWORD64 SymbolAddress,
539 # __in ULONG SymbolSize,
540 # __in_opt PVOID UserContext
541 # );
542 PSYM_ENUMSYMBOLS_CALLBACK64 = WINFUNCTYPE(BOOL, LPSTR, DWORD64, ULONG, PVOID)
543 PSYM_ENUMSYMBOLS_CALLBACKW64 = WINFUNCTYPE(BOOL, LPWSTR, DWORD64, ULONG, PVOID)
544
545 # BOOL WINAPI SymEnumerateSymbols(
546 # __in HANDLE hProcess,
547 # __in ULONG BaseOfDll,
548 # __in PSYM_ENUMSYMBOLS_CALLBACK EnumSymbolsCallback,
549 # __in_opt PVOID UserContext
550 # );
552 _SymEnumerateSymbols = windll.dbghelp.SymEnumerateSymbols
553 _SymEnumerateSymbols.argtypes = [HANDLE, ULONG, PSYM_ENUMSYMBOLS_CALLBACK, PVOID]
554 _SymEnumerateSymbols.restype = bool
555 _SymEnumerateSymbols.errcheck = RaiseIfZero
556
557 EnumSymbolsCallback = PSYM_ENUMSYMBOLS_CALLBACK(EnumSymbolsCallback)
558 if UserContext:
559 UserContext = ctypes.pointer(UserContext)
560 else:
561 UserContext = LPVOID(NULL)
562 _SymEnumerateSymbols(hProcess, BaseOfDll, EnumSymbolsCallback, UserContext)
563
565 _SymEnumerateSymbolsW = windll.dbghelp.SymEnumerateSymbolsW
566 _SymEnumerateSymbolsW.argtypes = [HANDLE, ULONG, PSYM_ENUMSYMBOLS_CALLBACKW, PVOID]
567 _SymEnumerateSymbolsW.restype = bool
568 _SymEnumerateSymbolsW.errcheck = RaiseIfZero
569
570 EnumSymbolsCallback = PSYM_ENUMSYMBOLS_CALLBACKW(EnumSymbolsCallback)
571 if UserContext:
572 UserContext = ctypes.pointer(UserContext)
573 else:
574 UserContext = LPVOID(NULL)
575 _SymEnumerateSymbolsW(hProcess, BaseOfDll, EnumSymbolsCallback, UserContext)
576
577 SymEnumerateSymbols = GuessStringType(SymEnumerateSymbolsA, SymEnumerateSymbolsW)
578
579 # BOOL WINAPI SymEnumerateSymbols64(
580 # __in HANDLE hProcess,
581 # __in ULONG64 BaseOfDll,
582 # __in PSYM_ENUMSYMBOLS_CALLBACK64 EnumSymbolsCallback,
583 # __in_opt PVOID UserContext
584 # );
586 _SymEnumerateSymbols64 = windll.dbghelp.SymEnumerateSymbols64
587 _SymEnumerateSymbols64.argtypes = [HANDLE, ULONG64, PSYM_ENUMSYMBOLS_CALLBACK64, PVOID]
588 _SymEnumerateSymbols64.restype = bool
589 _SymEnumerateSymbols64.errcheck = RaiseIfZero
590
591 EnumSymbolsCallback = PSYM_ENUMSYMBOLS_CALLBACK64(EnumSymbolsCallback)
592 if UserContext:
593 UserContext = ctypes.pointer(UserContext)
594 else:
595 UserContext = LPVOID(NULL)
596 _SymEnumerateSymbols64(hProcess, BaseOfDll, EnumSymbolsCallback, UserContext)
597
599 _SymEnumerateSymbols64W = windll.dbghelp.SymEnumerateSymbols64W
600 _SymEnumerateSymbols64W.argtypes = [HANDLE, ULONG64, PSYM_ENUMSYMBOLS_CALLBACK64W, PVOID]
601 _SymEnumerateSymbols64W.restype = bool
602 _SymEnumerateSymbols64W.errcheck = RaiseIfZero
603
604 EnumSymbolsCallback = PSYM_ENUMSYMBOLS_CALLBACK64W(EnumSymbolsCallback)
605 if UserContext:
606 UserContext = ctypes.pointer(UserContext)
607 else:
608 UserContext = LPVOID(NULL)
609 _SymEnumerateSymbols64W(hProcess, BaseOfDll, EnumSymbolsCallback, UserContext)
610
611 SymEnumerateSymbols64 = GuessStringType(SymEnumerateSymbols64A, SymEnumerateSymbols64W)
612
613 # DWORD WINAPI UnDecorateSymbolName(
614 # __in PCTSTR DecoratedName,
615 # __out PTSTR UnDecoratedName,
616 # __in DWORD UndecoratedLength,
617 # __in DWORD Flags
618 # );
620 _UnDecorateSymbolNameA = windll.dbghelp.UnDecorateSymbolName
621 _UnDecorateSymbolNameA.argtypes = [LPSTR, LPSTR, DWORD, DWORD]
622 _UnDecorateSymbolNameA.restype = DWORD
623 _UnDecorateSymbolNameA.errcheck = RaiseIfZero
624
625 UndecoratedLength = _UnDecorateSymbolNameA(DecoratedName, None, 0, Flags)
626 UnDecoratedName = ctypes.create_string_buffer('', UndecoratedLength + 1)
627 _UnDecorateSymbolNameA(DecoratedName, UnDecoratedName, UndecoratedLength, Flags)
628 return UnDecoratedName.value
629
631 _UnDecorateSymbolNameW = windll.dbghelp.UnDecorateSymbolNameW
632 _UnDecorateSymbolNameW.argtypes = [LPWSTR, LPWSTR, DWORD, DWORD]
633 _UnDecorateSymbolNameW.restype = DWORD
634 _UnDecorateSymbolNameW.errcheck = RaiseIfZero
635
636 UndecoratedLength = _UnDecorateSymbolNameW(DecoratedName, None, 0, Flags)
637 UnDecoratedName = ctypes.create_unicode_buffer(u'', UndecoratedLength + 1)
638 _UnDecorateSymbolNameW(DecoratedName, UnDecoratedName, UndecoratedLength, Flags)
639 return UnDecoratedName.value
640
641 UnDecorateSymbolName = GuessStringType(UnDecorateSymbolNameA, UnDecorateSymbolNameW)
642
643 # BOOL WINAPI SymGetSearchPath(
644 # __in HANDLE hProcess,
645 # __out PTSTR SearchPath,
646 # __in DWORD SearchPathLength
647 # );
649 _SymGetSearchPath = windll.dbghelp.SymGetSearchPath
650 _SymGetSearchPath.argtypes = [HANDLE, LPSTR, DWORD]
651 _SymGetSearchPath.restype = bool
652 _SymGetSearchPath.errcheck = RaiseIfZero
653
654 SearchPathLength = MAX_PATH
655 SearchPath = ctypes.create_string_buffer("", SearchPathLength)
656 _SymGetSearchPath(hProcess, SearchPath, SearchPathLength)
657 return SearchPath.value
658
660 _SymGetSearchPathW = windll.dbghelp.SymGetSearchPathW
661 _SymGetSearchPathW.argtypes = [HANDLE, LPWSTR, DWORD]
662 _SymGetSearchPathW.restype = bool
663 _SymGetSearchPathW.errcheck = RaiseIfZero
664
665 SearchPathLength = MAX_PATH
666 SearchPath = ctypes.create_unicode_buffer(u"", SearchPathLength)
667 _SymGetSearchPathW(hProcess, SearchPath, SearchPathLength)
668 return SearchPath.value
669
670 SymGetSearchPath = GuessStringType(SymGetSearchPathA, SymGetSearchPathW)
671
672 # BOOL WINAPI SymSetSearchPath(
673 # __in HANDLE hProcess,
674 # __in_opt PCTSTR SearchPath
675 # );
677 _SymSetSearchPath = windll.dbghelp.SymSetSearchPath
678 _SymSetSearchPath.argtypes = [HANDLE, LPSTR]
679 _SymSetSearchPath.restype = bool
680 _SymSetSearchPath.errcheck = RaiseIfZero
681 if not SearchPath:
682 SearchPath = None
683 _SymSetSearchPath(hProcess, SearchPath)
684
686 _SymSetSearchPathW = windll.dbghelp.SymSetSearchPathW
687 _SymSetSearchPathW.argtypes = [HANDLE, LPWSTR]
688 _SymSetSearchPathW.restype = bool
689 _SymSetSearchPathW.errcheck = RaiseIfZero
690 if not SearchPath:
691 SearchPath = None
692 _SymSetSearchPathW(hProcess, SearchPath)
693
694 SymSetSearchPath = GuessStringType(SymSetSearchPathA, SymSetSearchPathW)
695
696 # PTCHAR WINAPI SymGetHomeDirectory(
697 # __in DWORD type,
698 # __out PTSTR dir,
699 # __in size_t size
700 # );
702 _SymGetHomeDirectoryA = windll.dbghelp.SymGetHomeDirectoryA
703 _SymGetHomeDirectoryA.argtypes = [DWORD, LPSTR, SIZE_T]
704 _SymGetHomeDirectoryA.restype = LPSTR
705 _SymGetHomeDirectoryA.errcheck = RaiseIfZero
706
707 size = MAX_PATH
708 dir = ctypes.create_string_buffer("", size)
709 _SymGetHomeDirectoryA(type, dir, size)
710 return dir.value
711
713 _SymGetHomeDirectoryW = windll.dbghelp.SymGetHomeDirectoryW
714 _SymGetHomeDirectoryW.argtypes = [DWORD, LPWSTR, SIZE_T]
715 _SymGetHomeDirectoryW.restype = LPWSTR
716 _SymGetHomeDirectoryW.errcheck = RaiseIfZero
717
718 size = MAX_PATH
719 dir = ctypes.create_unicode_buffer(u"", size)
720 _SymGetHomeDirectoryW(type, dir, size)
721 return dir.value
722
723 SymGetHomeDirectory = GuessStringType(SymGetHomeDirectoryA, SymGetHomeDirectoryW)
724
725 # PTCHAR WINAPI SymSetHomeDirectory(
726 # __in HANDLE hProcess,
727 # __in_opt PCTSTR dir
728 # );
730 _SymSetHomeDirectoryA = windll.dbghelp.SymSetHomeDirectoryA
731 _SymSetHomeDirectoryA.argtypes = [HANDLE, LPSTR]
732 _SymSetHomeDirectoryA.restype = LPSTR
733 _SymSetHomeDirectoryA.errcheck = RaiseIfZero
734 if not dir:
735 dir = None
736 _SymSetHomeDirectoryA(hProcess, dir)
737 return dir
738
740 _SymSetHomeDirectoryW = windll.dbghelp.SymSetHomeDirectoryW
741 _SymSetHomeDirectoryW.argtypes = [HANDLE, LPWSTR]
742 _SymSetHomeDirectoryW.restype = LPWSTR
743 _SymSetHomeDirectoryW.errcheck = RaiseIfZero
744 if not dir:
745 dir = None
746 _SymSetHomeDirectoryW(hProcess, dir)
747 return dir
748
749 SymSetHomeDirectory = GuessStringType(SymSetHomeDirectoryA, SymSetHomeDirectoryW)
750
751 #--- DbgHelp 5+ support, patch by Neitsa --------------------------------------
752
753 # XXX TODO
754 # + use the GuessStringType decorator for ANSI/Wide versions
755 # + replace hardcoded struct sizes with sizeof() calls
756 # + StackWalk64 should raise on error, but something has to be done about it
757 # not setting the last error code (maybe we should call SetLastError
758 # ourselves with a default error code?)
759 # /Mario
760
761 #maximum length of a symbol name
762 MAX_SYM_NAME = 2000
763
765 _fields_ = [
766 ("SizeOfStruct", ULONG),
767 ("TypeIndex", ULONG),
768 ("Reserved", ULONG64 * 2),
769 ("Index", ULONG),
770 ("Size", ULONG),
771 ("ModBase", ULONG64),
772 ("Flags", ULONG),
773 ("Value", ULONG64),
774 ("Address", ULONG64),
775 ("Register", ULONG),
776 ("Scope", ULONG),
777 ("Tag", ULONG),
778 ("NameLen", ULONG),
779 ("MaxNameLen", ULONG),
780 ("Name", CHAR * (MAX_SYM_NAME + 1)),
781 ]
782 PSYM_INFO = POINTER(SYM_INFO)
783
785 _fields_ = [
786 ("SizeOfStruct", ULONG),
787 ("TypeIndex", ULONG),
788 ("Reserved", ULONG64 * 2),
789 ("Index", ULONG),
790 ("Size", ULONG),
791 ("ModBase", ULONG64),
792 ("Flags", ULONG),
793 ("Value", ULONG64),
794 ("Address", ULONG64),
795 ("Register", ULONG),
796 ("Scope", ULONG),
797 ("Tag", ULONG),
798 ("NameLen", ULONG),
799 ("MaxNameLen", ULONG),
800 ("Name", WCHAR * (MAX_SYM_NAME + 1)),
801 ]
802 PSYM_INFOW = POINTER(SYM_INFOW)
803
804 #===============================================================================
805 # BOOL WINAPI SymFromName(
806 # __in HANDLE hProcess,
807 # __in PCTSTR Name,
808 # __inout PSYMBOL_INFO Symbol
809 # );
810 #===============================================================================
812 _SymFromNameA = windll.dbghelp.SymFromName
813 _SymFromNameA.argtypes = [HANDLE, LPSTR, PSYM_INFO]
814 _SymFromNameA.restype = bool
815 _SymFromNameA.errcheck = RaiseIfZero
816
817 SymInfo = SYM_INFO()
818 SymInfo.SizeOfStruct = 88 # *don't modify*: sizeof(SYMBOL_INFO) in C.
819 SymInfo.MaxNameLen = MAX_SYM_NAME
820
821 _SymFromNameA(hProcess, Name, ctypes.byref(SymInfo))
822
823 return SymInfo
824
826 _SymFromNameW = windll.dbghelp.SymFromNameW
827 _SymFromNameW.argtypes = [HANDLE, LPWSTR, PSYM_INFOW]
828 _SymFromNameW.restype = bool
829 _SymFromNameW.errcheck = RaiseIfZero
830
831 SymInfo = SYM_INFOW()
832 SymInfo.SizeOfStruct = 88 # *don't modify*: sizeof(SYMBOL_INFOW) in C.
833 SymInfo.MaxNameLen = MAX_SYM_NAME
834
835 _SymFromNameW(hProcess, Name, ctypes.byref(SymInfo))
836
837 return SymInfo
838
839 #===============================================================================
840 # BOOL WINAPI SymFromAddr(
841 # __in HANDLE hProcess,
842 # __in DWORD64 Address,
843 # __out_opt PDWORD64 Displacement,
844 # __inout PSYMBOL_INFO Symbol
845 # );
846 #===============================================================================
848 _SymFromAddr = windll.dbghelp.SymFromAddr
849 _SymFromAddr.argtypes = [HANDLE, DWORD64, PDWORD64, PSYM_INFO]
850 _SymFromAddr.restype = bool
851 _SymFromAddr.errcheck = RaiseIfZero
852
853 SymInfo = SYM_INFO()
854 SymInfo.SizeOfStruct = 88 # *don't modify*: sizeof(SYMBOL_INFO) in C.
855 SymInfo.MaxNameLen = MAX_SYM_NAME
856
857 Displacement = DWORD64(0)
858 _SymFromAddr(hProcess, Address, ctypes.byref(Displacement), ctypes.byref(SymInfo))
859
860 return (Displacement.value, SymInfo)
861
863 _SymFromAddr = windll.dbghelp.SymFromAddrW
864 _SymFromAddr.argtypes = [HANDLE, DWORD64, PDWORD64, PSYM_INFOW]
865 _SymFromAddr.restype = bool
866 _SymFromAddr.errcheck = RaiseIfZero
867
868 SymInfo = SYM_INFOW()
869 SymInfo.SizeOfStruct = 88 # *don't modify*: sizeof(SYMBOL_INFOW) in C.
870 SymInfo.MaxNameLen = MAX_SYM_NAME
871
872 Displacement = DWORD64(0)
873 _SymFromAddr(hProcess, Address, ctypes.byref(Displacement), ctypes.byref(SymInfo))
874
875 return (Displacement.value, SymInfo)
876
877 #===============================================================================
878 # typedef struct _IMAGEHLP_SYMBOL64 {
879 # DWORD SizeOfStruct;
880 # DWORD64 Address;
881 # DWORD Size;
882 # DWORD Flags;
883 # DWORD MaxNameLength;
884 # CHAR Name[1];
885 # } IMAGEHLP_SYMBOL64, *PIMAGEHLP_SYMBOL64;
886 #===============================================================================
888 _fields_ = [
889 ("SizeOfStruct", DWORD),
890 ("Address", DWORD64),
891 ("Size", DWORD),
892 ("Flags", DWORD),
893 ("MaxNameLength", DWORD),
894 ("Name", CHAR * (MAX_SYM_NAME + 1)),
895 ]
896 PIMAGEHLP_SYMBOL64 = POINTER(IMAGEHLP_SYMBOL64)
897
898 #===============================================================================
899 # typedef struct _IMAGEHLP_SYMBOLW64 {
900 # DWORD SizeOfStruct;
901 # DWORD64 Address;
902 # DWORD Size;
903 # DWORD Flags;
904 # DWORD MaxNameLength;
905 # WCHAR Name[1];
906 # } IMAGEHLP_SYMBOLW64, *PIMAGEHLP_SYMBOLW64;
907 #===============================================================================
909 _fields_ = [
910 ("SizeOfStruct", DWORD),
911 ("Address", DWORD64),
912 ("Size", DWORD),
913 ("Flags", DWORD),
914 ("MaxNameLength", DWORD),
915 ("Name", WCHAR * (MAX_SYM_NAME + 1)),
916 ]
917 PIMAGEHLP_SYMBOLW64 = POINTER(IMAGEHLP_SYMBOLW64)
918
919 #===============================================================================
920 # BOOL WINAPI SymGetSymFromAddr64(
921 # __in HANDLE hProcess,
922 # __in DWORD64 Address,
923 # __out_opt PDWORD64 Displacement,
924 # __inout PIMAGEHLP_SYMBOL64 Symbol
925 # );
926 #===============================================================================
928 _SymGetSymFromAddr64 = windll.dbghelp.SymGetSymFromAddr64
929 _SymGetSymFromAddr64.argtypes = [HANDLE, DWORD64, PDWORD64, PIMAGEHLP_SYMBOL64]
930 _SymGetSymFromAddr64.restype = bool
931 _SymGetSymFromAddr64.errcheck = RaiseIfZero
932
933 imagehlp_symbol64 = IMAGEHLP_SYMBOL64()
934 imagehlp_symbol64.SizeOfStruct = 32 # *don't modify*: sizeof(IMAGEHLP_SYMBOL64) in C.
935 imagehlp_symbol64.MaxNameLen = MAX_SYM_NAME
936
937 Displacement = DWORD64(0)
938 _SymGetSymFromAddr64(hProcess, Address, ctypes.byref(Displacement), ctypes.byref(imagehlp_symbol64))
939
940 return (Displacement.value, imagehlp_symbol64)
941
942 #TODO: check for the 'W' version of SymGetSymFromAddr64()
943
944
945 #===============================================================================
946 # typedef struct API_VERSION {
947 # USHORT MajorVersion;
948 # USHORT MinorVersion;
949 # USHORT Revision;
950 # USHORT Reserved;
951 # } API_VERSION, *LPAPI_VERSION;
952 #===============================================================================
954 _fields_ = [
955 ("MajorVersion", USHORT),
956 ("MinorVersion", USHORT),
957 ("Revision", USHORT),
958 ("Reserved", USHORT),
959 ]
960 PAPI_VERSION = POINTER(API_VERSION)
961 LPAPI_VERSION = PAPI_VERSION
962
963 #===============================================================================
964 # LPAPI_VERSION WINAPI ImagehlpApiVersion(void);
965 #===============================================================================
967 _ImagehlpApiVersion = windll.dbghelp.ImagehlpApiVersion
968 _ImagehlpApiVersion.restype = LPAPI_VERSION
969
970 api_version = _ImagehlpApiVersion()
971 return api_version.contents
972
973
974 #===============================================================================
975 # LPAPI_VERSION WINAPI ImagehlpApiVersionEx(
976 # __in LPAPI_VERSION AppVersion
977 # );
978 #===============================================================================
980 _ImagehlpApiVersionEx = windll.dbghelp.ImagehlpApiVersionEx
981 _ImagehlpApiVersionEx.argtypes = [LPAPI_VERSION]
982 _ImagehlpApiVersionEx.restype = LPAPI_VERSION
983
984 api_version = API_VERSION(MajorVersion, MinorVersion, Revision, 0)
985
986 ret_api_version = _ImagehlpApiVersionEx(ctypes.byref(api_version))
987
988 return ret_api_version.contents
989
990 #===============================================================================
991 # typedef enum {
992 # AddrMode1616,
993 # AddrMode1632,
994 # AddrModeReal,
995 # AddrModeFlat
996 # } ADDRESS_MODE;
997 #===============================================================================
998 AddrMode1616 = 0
999 AddrMode1632 = 1
1000 AddrModeReal = 2
1001 AddrModeFlat = 3
1002
1003 ADDRESS_MODE = DWORD #needed for the size of an ADDRESS_MODE (see ADDRESS64)
1004
1005 #===============================================================================
1006 # typedef struct _tagADDRESS64 {
1007 # DWORD64 Offset;
1008 # WORD Segment;
1009 # ADDRESS_MODE Mode;
1010 # } ADDRESS64, *LPADDRESS64;
1011 #===============================================================================
1013 _fields_ = [
1014 ("Offset", DWORD64),
1015 ("Segment", WORD),
1016 ("Mode", ADDRESS_MODE), #it's a member of the ADDRESS_MODE enum.
1017 ]
1018 LPADDRESS64 = POINTER(ADDRESS64)
1019
1020 #===============================================================================
1021 # typedef struct _KDHELP64 {
1022 # DWORD64 Thread;
1023 # DWORD ThCallbackStack;
1024 # DWORD ThCallbackBStore;
1025 # DWORD NextCallback;
1026 # DWORD FramePointer;
1027 # DWORD64 KiCallUserMode;
1028 # DWORD64 KeUserCallbackDispatcher;
1029 # DWORD64 SystemRangeStart;
1030 # DWORD64 KiUserExceptionDispatcher;
1031 # DWORD64 StackBase;
1032 # DWORD64 StackLimit;
1033 # DWORD64 Reserved[5];
1034 # } KDHELP64, *PKDHELP64;
1035 #===============================================================================
1037 _fields_ = [
1038 ("Thread", DWORD64),
1039 ("ThCallbackStack", DWORD),
1040 ("ThCallbackBStore", DWORD),
1041 ("NextCallback", DWORD),
1042 ("FramePointer", DWORD),
1043 ("KiCallUserMode", DWORD64),
1044 ("KeUserCallbackDispatcher", DWORD64),
1045 ("SystemRangeStart", DWORD64),
1046 ("KiUserExceptionDispatcher", DWORD64),
1047 ("StackBase", DWORD64),
1048 ("StackLimit", DWORD64),
1049 ("Reserved", DWORD64 * 5),
1050 ]
1051 PKDHELP64 = POINTER(KDHELP64)
1052
1053 #===============================================================================
1054 # typedef struct _tagSTACKFRAME64 {
1055 # ADDRESS64 AddrPC;
1056 # ADDRESS64 AddrReturn;
1057 # ADDRESS64 AddrFrame;
1058 # ADDRESS64 AddrStack;
1059 # ADDRESS64 AddrBStore;
1060 # PVOID FuncTableEntry;
1061 # DWORD64 Params[4];
1062 # BOOL Far;
1063 # BOOL Virtual;
1064 # DWORD64 Reserved[3];
1065 # KDHELP64 KdHelp;
1066 # } STACKFRAME64, *LPSTACKFRAME64;
1067 #===============================================================================
1069 _fields_ = [
1070 ("AddrPC", ADDRESS64),
1071 ("AddrReturn", ADDRESS64),
1072 ("AddrFrame", ADDRESS64),
1073 ("AddrStack", ADDRESS64),
1074 ("AddrBStore", ADDRESS64),
1075 ("FuncTableEntry", PVOID),
1076 ("Params", DWORD64 * 4),
1077 ("Far", BOOL),
1078 ("Virtual", BOOL),
1079 ("Reserved", DWORD64 * 3),
1080 ("KdHelp", KDHELP64),
1081 ]
1082 LPSTACKFRAME64 = POINTER(STACKFRAME64)
1083
1084 #===============================================================================
1085 # BOOL CALLBACK ReadProcessMemoryProc64(
1086 # __in HANDLE hProcess,
1087 # __in DWORD64 lpBaseAddress,
1088 # __out PVOID lpBuffer,
1089 # __in DWORD nSize,
1090 # __out LPDWORD lpNumberOfBytesRead
1091 # );
1092 #===============================================================================
1093 PREAD_PROCESS_MEMORY_ROUTINE64 = WINFUNCTYPE(BOOL, HANDLE, DWORD64, PVOID, DWORD, LPDWORD)
1094
1095 #===============================================================================
1096 # PVOID CALLBACK FunctionTableAccessProc64(
1097 # __in HANDLE hProcess,
1098 # __in DWORD64 AddrBase
1099 # );
1100 #===============================================================================
1101 PFUNCTION_TABLE_ACCESS_ROUTINE64 = WINFUNCTYPE(PVOID, HANDLE, DWORD64)
1102
1103 #===============================================================================
1104 # DWORD64 CALLBACK GetModuleBaseProc64(
1105 # __in HANDLE hProcess,
1106 # __in DWORD64 Address
1107 # );
1108 #===============================================================================
1109 PGET_MODULE_BASE_ROUTINE64 = WINFUNCTYPE(DWORD64, HANDLE, DWORD64)
1110
1111 #===============================================================================
1112 # DWORD64 CALLBACK GetModuleBaseProc64(
1113 # __in HANDLE hProcess,
1114 # __in DWORD64 Address
1115 # );
1116 #===============================================================================
1117 PTRANSLATE_ADDRESS_ROUTINE64 = WINFUNCTYPE(DWORD64, HANDLE, DWORD64)
1118
1119 # Valid machine types for StackWalk64 function
1120 IMAGE_FILE_MACHINE_I386 = 0x014c #Intel x86
1121 IMAGE_FILE_MACHINE_IA64 = 0x0200 #Intel Itanium Processor Family (IPF)
1122 IMAGE_FILE_MACHINE_AMD64 = 0x8664 #x64 (AMD64 or EM64T)
1123
1124 #===============================================================================
1125 # BOOL WINAPI StackWalk64(
1126 # __in DWORD MachineType,
1127 # __in HANDLE hProcess,
1128 # __in HANDLE hThread,
1129 # __inout LPSTACKFRAME64 StackFrame,
1130 # __inout PVOID ContextRecord,
1131 # __in_opt PREAD_PROCESS_MEMORY_ROUTINE64 ReadMemoryRoutine,
1132 # __in_opt PFUNCTION_TABLE_ACCESS_ROUTINE64 FunctionTableAccessRoutine,
1133 # __in_opt PGET_MODULE_BASE_ROUTINE64 GetModuleBaseRoutine,
1134 # __in_opt PTRANSLATE_ADDRESS_ROUTINE64 TranslateAddress
1135 # );
1136 #===============================================================================
1137 -def StackWalk64(MachineType, hProcess, hThread, StackFrame, ContextRecord,
1138 ReadMemoryRoutine = None, FunctionTableAccessRoutine = None,
1139 GetModuleBaseRoutine = None, TranslateAddress = None):
1140 _StackWalk64 = windll.dbghelp.StackWalk64
1141 _StackWalk64.argtypes = [DWORD, HANDLE, HANDLE, LPSTACKFRAME64, PVOID,
1142 PREAD_PROCESS_MEMORY_ROUTINE64,
1143 PFUNCTION_TABLE_ACCESS_ROUTINE64,
1144 PGET_MODULE_BASE_ROUTINE64,
1145 PTRANSLATE_ADDRESS_ROUTINE64]
1146 _StackWalk64.restype = bool
1147
1148 pReadMemoryRoutine = None
1149 if ReadMemoryRoutine:
1150 pReadMemoryRoutine = PREAD_PROCESS_MEMORY_ROUTINE64(ReadMemoryRoutine)
1151 else:
1152 pReadMemoryRoutine = ctypes.cast(None, PREAD_PROCESS_MEMORY_ROUTINE64)
1153
1154 pFunctionTableAccessRoutine = None
1155 if FunctionTableAccessRoutine:
1156 pFunctionTableAccessRoutine = PFUNCTION_TABLE_ACCESS_ROUTINE64(FunctionTableAccessRoutine)
1157 else:
1158 pFunctionTableAccessRoutine = ctypes.cast(None, PFUNCTION_TABLE_ACCESS_ROUTINE64)
1159
1160 pGetModuleBaseRoutine = None
1161 if GetModuleBaseRoutine:
1162 pGetModuleBaseRoutine = PGET_MODULE_BASE_ROUTINE64(GetModuleBaseRoutine)
1163 else:
1164 pGetModuleBaseRoutine = ctypes.cast(None, PGET_MODULE_BASE_ROUTINE64)
1165
1166 pTranslateAddress = None
1167 if TranslateAddress:
1168 pTranslateAddress = PTRANSLATE_ADDRESS_ROUTINE64(TranslateAddress)
1169 else:
1170 pTranslateAddress = ctypes.cast(None, PTRANSLATE_ADDRESS_ROUTINE64)
1171
1172
1173 #this function *DOESN'T* set last error [GetLastError()] properly most of the time.
1174 ret = _StackWalk64(MachineType, hProcess, hThread, StackFrame, ContextRecord,
1175 pReadMemoryRoutine, pFunctionTableAccessRoutine,
1176 pGetModuleBaseRoutine, pTranslateAddress)
1177
1178 return ret
1179
| Home | Trees | Indices | Help |
|
|---|
| Generated by Epydoc 3.0.1 on Tue Jul 20 14:32:31 2010 | http://epydoc.sourceforge.net |