} // end property IsAbstract
public static DbgFunctionTypeInfo GetFunctionTypeInfo(DbgEngDebugger debugger,
DbgModuleInfo module,
uint typeId)
{
if (null == debugger)
{
throw new ArgumentNullException("debugger");
}
if (null == module)
{
throw new ArgumentNullException("module");
}
RawFuncInfo rfi = DbgHelp.GetFuncInfo(debugger.DebuggerInterface, module.BaseAddress, typeId);
return(new DbgFunctionTypeInfo(debugger,
module,
typeId,
rfi.FuncName,
rfi.FunctionTypeTypeId,
rfi.OwningClassTypeId,
rfi.ChildrenCount,
rfi.Address,
rfi.Length,
rfi.VirtualBaseOffset,
rfi.SymIndex));
} // end GetFunctionTypeInfo()
internal string FindPdbFile(string pdbFilename, Guid id, uint age)
{
return(FindFile(delegate(IntPtr nativePathBuffer) {
return DbgHelp.SymFindFileInPath(base.handle, null, pdbFilename,
id, age, 0, 8, nativePathBuffer, null, IntPtr.Zero);
}));
}
public static bool TryCreateFunction(DbgEngDebugger debugger,
DbgEngContext context,
DEBUG_STACK_FRAME_EX nativeStackFrame,
out DbgFunction function,
out ulong displacement)
{
function = null;
displacement = 0;
DbgSymbol sym = null;
try
{
SymbolInfo si = DbgHelp.SymFromInlineContext(debugger.DebuggerInterface,
nativeStackFrame.InstructionOffset,
nativeStackFrame.InlineFrameContext,
out displacement);
sym = new DbgPublicSymbol(debugger, si, debugger.GetCurrentTarget());
function = new DbgNativeFunction(debugger, context, sym);
return(true);
}
catch (DbgProviderException dpe)
{
// Sometimes the debugger doesn't know. E.g., frame 'e' here (from ntsd):
// 0:000> kn
// # Child-SP RetAddr Call Site
// 00 00000000`0058dff8 00000000`76c02ef8 ntdll!NtRequestWaitReplyPort+0xa
// 01 00000000`0058e000 00000000`76c352d1 kernel32!GetConsoleMode+0xf8
// 02 00000000`0058e030 00000000`76c4a60c kernel32!VerifyConsoleIoHandle+0x281
// 03 00000000`0058e180 000007fe`fae30fe1 kernel32!ReadConsoleW+0xbc
// 04 00000000`0058e260 000007fe`fae1eb88 Microsoft_PowerShell_ConsoleHost_ni+0x70fe1
// 05 00000000`0058e390 000007fe`fae2a7e2 Microsoft_PowerShell_ConsoleHost_ni+0x5eb88
// 06 00000000`0058e410 000007fe`fae29fae Microsoft_PowerShell_ConsoleHost_ni+0x6a7e2
// 07 00000000`0058e4c0 000007fe`fae32bd1 Microsoft_PowerShell_ConsoleHost_ni+0x69fae
// 08 00000000`0058e5b0 000007fe`fae235c6 Microsoft_PowerShell_ConsoleHost_ni+0x72bd1
// 09 00000000`0058e670 000007fe`fae23f27 Microsoft_PowerShell_ConsoleHost_ni+0x635c6
// 0a 00000000`0058e6d0 000007fe`fade5006 Microsoft_PowerShell_ConsoleHost_ni+0x63f27
// 0b 00000000`0058e760 000007fe`fade2c1a Microsoft_PowerShell_ConsoleHost_ni+0x25006
// 0c 00000000`0058e7e0 000007fe`fae33588 Microsoft_PowerShell_ConsoleHost_ni+0x22c1a
// 0d 00000000`0058e890 000007fe`97f805de Microsoft_PowerShell_ConsoleHost_ni+0x73588
// 0e 00000000`0058e8f0 000007fe`f777dad3 0x000007fe`97f805de
// 0f 00000000`0058ea80 000007fe`f777d7ae clr!PreBindAssemblyEx+0x13e07
// 10 00000000`0058eac0 000007fe`f777d830 clr!PreBindAssemblyEx+0x13ae2
// 11 00000000`0058eb00 000007fe`f76d0f3b clr!PreBindAssemblyEx+0x13b64
// 12 00000000`0058ecb0 000007fe`f76a9e5a clr!GetHistoryFileDirectory+0x945b
// 13 00000000`0058ee80 000007fe`f76a9d54 clr!InitializeFusion+0x8b12
// 14 00000000`0058f170 000007fe`f76a98ce clr!InitializeFusion+0x8a0c
// 15 00000000`0058f730 000007fe`f76a9826 clr!InitializeFusion+0x8586
// 16 00000000`0058f7a0 000007fe`f76aa078 clr!InitializeFusion+0x84de
// 17 00000000`0058f830 000007fe`f8247b95 clr!CorExeMain+0x14
// 18 00000000`0058f870 000007fe`f82e5b21 mscoreei!CorExeMain+0x5d
// 19 00000000`0058f8c0 00000000`76bf652d mscoree!CorExeMain+0x69
// 1a 00000000`0058f8f0 00000000`772ec521 kernel32!BaseThreadInitThunk+0xd
// 1b 00000000`0058f920 00000000`00000000 ntdll!RtlUserThreadStart+0x21
LogManager.Trace("Could not get symbol for stack frame {0} on thread index {1}. Error: {2}",
nativeStackFrame.FrameNumber,
context.ThreadIndexOrAddress,
Util.GetExceptionMessages(dpe));
}
return(false);
} // end TryCreateFunction()
public static DbgUdtTypeInfo GetUdtTypeInfo(DbgEngDebugger debugger,
DbgModuleInfo module,
uint typeId)
{
if (null == debugger)
{
throw new ArgumentNullException("debugger");
}
if (null == module)
{
throw new ArgumentNullException("module");
}
RawUdtInfo rui = DbgHelp.GetUdtInfo(debugger.DebuggerInterface, module.BaseAddress, typeId);
return(new DbgUdtTypeInfo(debugger,
module,
typeId,
rui.UdtKind,
rui.SymName,
rui.Size,
rui.ChildrenCount,
rui.ClassParentId,
rui.VirtualTableShapeId));
} // end GetUdtTypeInfo()
/// <summary>
/// Looks through the configured symbol paths to find a PDB symbol
/// file matching specified name, GUID and age parameters.
/// </summary>
/// <param name="pdbFileName"></param>
/// <param name="guid"></param>
/// <param name="age"></param>
/// <returns></returns>
/// <remarks>
/// Note how we don't have to have a module loaded to find its PDB,
/// we just look for a PDB file using name, GUID and age. These are
/// the parameters that can be extracted from module's PE header,
/// in the Debug Directory section.
/// </remarks>
public string FindPdbFile(string pdbFileName, Guid guid, int age)
{
DbgHelp.SymSetOptions(DbgHelp.SYMOPT_DEBUG);
var hProcess = new IntPtr(1);
#if TARGET_NET_20
var searchPath = string.Join(";", this.SymbolPaths.ToArray());
#else
var searchPath = string.Join(";", this.SymbolPaths);
#endif
DbgHelp.SymInitialize(hProcess, searchPath, false);
var filePath = new StringBuilder(256);
var guidHandle = GCHandle.Alloc(guid, GCHandleType.Pinned);
try
{
if (!DbgHelp.SymFindFileInPath(hProcess, null, pdbFileName,
guidHandle.AddrOfPinnedObject(), (uint)age, 0,
DbgHelp.SSRVOPT_GUIDPTR, filePath, null, IntPtr.Zero))
{
return(null);
}
}
finally
{
guidHandle.Free();
DbgHelp.SymCleanup(hProcess);
}
return(filePath.ToString());
}
/// <summary>Find a .exe, .dbg or other standard file.</summary>
/// <param name="exeFilename">Name of searched file</param>
/// <param name="datestamp"></param>
/// <param name="size"></param>
/// <returns></returns>
internal string FindExeFile(string exeFilename, uint datestamp, uint size)
{
return(FindFile(delegate(IntPtr nativePathBuffer) {
return DbgHelp.SymFindFileInPath(base.handle, null, exeFilename,
new IntPtr(datestamp), size, 0, 2, nativePathBuffer, null, IntPtr.Zero);
}));
}
private static DbgTypeInfo _LoadTypeInfo(DbgEngDebugger debugger,
DbgModuleInfo module,
uint typeId,
SymTag symTag)
{
if (null == debugger)
{
throw new ArgumentNullException("debugger");
}
if (IsDbgGeneratedType(typeId) &&
!DbgHelp.PeekSyntheticTypeExists(debugger.DebuggerInterface,
module.BaseAddress,
typeId))
{
return(new DbgGeneratedTypeInfo(debugger, module, typeId, symTag));
}
return(debugger.ExecuteOnDbgEngThread(() =>
{
if (((int)symTag) > sm_factories.Length)
{
// In case they extend the SymTag enum and I don't get updated.
Util.Fail("Need to update SymTag enum.");
return _DefaultFactory(debugger, module, typeId, symTag);
}
return sm_factories[(int)symTag](debugger, module, typeId);
}));
} // end _LoadTypeInfo()
private static DbgTypeInfo _LoadTypeInfo(DbgEngDebugger debugger,
DbgModuleInfo module,
uint typeId)
{
if (null == debugger)
{
throw new ArgumentNullException("debugger");
}
if (IsDbgGeneratedType(typeId) &&
!DbgHelp.PeekSyntheticTypeExists(debugger.DebuggerInterface,
module.BaseAddress,
typeId))
{
return(new DbgGeneratedTypeInfo(debugger, module, typeId));
}
return(debugger.ExecuteOnDbgEngThread(() =>
{
var symTag = DbgHelp.GetSymTag(debugger.DebuggerInterface,
module.BaseAddress,
typeId);
return _LoadTypeInfo(debugger, module, typeId, symTag);
}));
}
public static bool LoadModules(IntPtr hProcess, ListModules ModuleType)
{
//Initialize parameters for EPM
uint cbNeeded = 0;
Psapi.EnumProcessModulesEx(hProcess, IntPtr.Zero, 0, out cbNeeded, ModuleType);
long ArraySize = cbNeeded / IntPtr.Size;
IntPtr[] hModules = new IntPtr[ArraySize];
GCHandle GCh = GCHandle.Alloc(hModules, GCHandleType.Pinned); // Don't forget to free this later
IntPtr lphModules = GCh.AddrOfPinnedObject();
uint cb = cbNeeded;
Psapi.EnumProcessModulesEx(hProcess, lphModules, cb, out cbNeeded, ModuleType);
for (int i = 0; i < ArraySize; i++)
{
MODULE_INFO ModInfo = new MODULE_INFO();
System.Text.StringBuilder lpFileName = new System.Text.StringBuilder(256);
System.Text.StringBuilder lpModuleBaseName = new System.Text.StringBuilder(32);
Psapi.GetModuleFileNameExW(hProcess, hModules[i], lpFileName, (uint)(lpFileName.Capacity));
Psapi.GetModuleInformation(hProcess, hModules[i], out ModInfo, (uint)(Marshal.SizeOf(ModInfo)));
Psapi.GetModuleBaseNameW(hProcess, hModules[i], lpModuleBaseName, (uint)(lpModuleBaseName.Capacity));
DbgHelp.SymLoadModuleEx(hProcess, IntPtr.Zero, lpFileName.ToString(), lpModuleBaseName.ToString(),
ModInfo.lpBaseOfDll, (int)ModInfo.SizeOfImage, IntPtr.Zero, 0);
}
GCh.Free();
return(false);
}
} // end GetColorName()
public static DbgFunctionTypeTypeInfo GetFunctionTypeTypeInfo(DbgEngDebugger debugger,
DbgModuleInfo module,
uint typeId)
{
if (null == debugger)
{
throw new ArgumentNullException("debugger");
}
if (null == module)
{
throw new ArgumentNullException("module");
}
var rfti = DbgHelp.GetFuncTypeInfo(debugger.DebuggerInterface,
module.BaseAddress,
typeId);
return(new DbgFunctionTypeTypeInfo(debugger,
module,
typeId,
rfti.ReturnTypeId,
rfti.ClassParentId,
rfti.ThisAdjust,
rfti.CallingConvention,
rfti.Arguments));
} // end GetUdtTypeInfo()
private void Initialize(ICollection <string> pathItems = null)
{
StringBuilder searchPathBuilder = null;
if (null != pathItems)
{
searchPathBuilder = new StringBuilder();
}
int thisHandleValue;
lock (Globals.DebugHelpLock) {
_lastAllocatedHandle += IntPtr.Size;
thisHandleValue = _lastAllocatedHandle;
}
base.SetHandle(new IntPtr(thisHandleValue));
string searchPath = (null == searchPathBuilder) ? null : searchPathBuilder.ToString();
if (!DbgHelp.SymInitialize(base.handle, searchPath, false))
{
Trace.TraceError(
"Failed to create symbol handler for path '{0}'. Error : 0x{1:X8}",
searchPath ?? "<NULL>", Marshal.GetLastWin32Error());
throw new SymbolHandlingException();
}
// Set default, reasonable search path.
this.SearchPath = string.Format(
@"srv*{0}\symbols*https://msdl.microsoft.com/download/symbols",
Environment.GetEnvironmentVariable("SystemDrive") ?? "C:");
// TODO : Also attempt to check the DBGHELP.DLL version.
}
protected override void ProcessRecord()
{
base.ProcessRecord();
WriteObject(DbgHelp.SymFromIndex(Debugger.DebuggerInterface,
ModBase,
SymIndex));
} // end ProcessRecord()
private unsafe static void dumpImportTable(Log log, RemotePtr <byte> mbase, IMAGE.DATA_DIRECTORY dir)
{
if (dir.VirtualAddress == 0)
{
return;
}
log.WriteLine("============================================================");
log.WriteLine(" IMPORT TABLE ");
log.WriteLine("============================================================");
RemotePtr <IMAGE.IMPORT_DESCRIPTOR> pDesc
= (mbase + dir.VirtualAddress).Reinterpret <IMAGE.IMPORT_DESCRIPTOR>();
RemotePtr <IMAGE.IMPORT_DESCRIPTOR> pDescM
= pDesc.Advance((System.IntPtr)dir.Size);
while (pDesc < pDescM)
{
IMAGE.IMPORT_DESCRIPTOR desc = (pDesc++)[0];
log.WriteVar("Importing from", (mbase + (int)desc.pstrName).ReadAnsiString());
log.WriteVar("ForwarderChain", desc.ForwarderChain);
log.WriteVar("TimeDateStamp", desc.TimeDateStamp);
log.WriteVar("FirstThunk", "0x" + desc.FirstThunk.ToString("X8"));
log.WriteVar("OriginalFirstThunk", "0x" + desc.OriginalFirstThunk.ToString("X8"));
if (desc.FirstThunk == 0)
{
continue;
}
RemotePtr <IMAGE.THUNK_DATA32> pIAT = (mbase + (int)desc.FirstThunk).Reinterpret <IMAGE.THUNK_DATA32>();
RemotePtr <IMAGE.THUNK_DATA32> pINT = (mbase + (int)desc.OriginalFirstThunk).Reinterpret <IMAGE.THUNK_DATA32>();
while (true)
{
IMAGE.THUNK_DATA32 iat_item = pIAT++.Value;
IMAGE.THUNK_DATA32 int_item = pINT++.Value;
if (iat_item.Function == 0)
{
break;
}
string name;
if (int_item.IsSnapByOrdinal)
{
name = "#" + int_item.OrdinalValue.ToString();
}
else
{
const int OffsetName = 2; // IMAGE_IMPORT_BY_NAME.Name メンバのオフセット
name = (mbase + int_item.AddressOfData + OffsetName).ReadAnsiString();
if (name[0] == '?')
{
name = DbgHelp.UnDecorateSymbolName(name, DbgHelp.UNDNAME.COMPLETE);
}
}
log.WriteLine("dllimport {0} \t@ 0x{1:X8}", name, iat_item.Function);
}
log.WriteLine("------------------------------------------------------------");
}
}
protected override void ProcessRecord()
{
base.ProcessRecord();
WriteObject(DbgHelp.SymGetTypeInfo(Debugger.DebuggerInterface,
ModBase,
TypeId,
//IMAGEHLP_SYMBOL_TYPE_INFO.TI_GET_SYMINDEX ) );
TypeInfo));
} // end ProcessRecord()
public static string Demangle(string Symbol)
{
//IntPtr CurProc = Process.GetCurrentProcess().Handle;
StringBuilder SB = new StringBuilder(4069);
//DbgHelp.SymInitialize(CurProc, null, false);
DbgHelp.UnDecorateSymbolName(Symbol, SB, SB.Capacity, UndnameFlags.UNDNAME_COMPLETE);
//DbgHelp.SymCleanup(CurProc);
return(SB.ToString().Trim());
}
protected override void ProcessRecord()
{
base.ProcessRecord();
BasicType baseType;
ulong size;
DbgHelp.GetBaseTypeInfo(Debugger.DebuggerInterface, ModBase, TypeId, out baseType, out size);
WriteObject(baseType);
WriteObject(size);
} // end ProcessRecord()
// ポインタ
// ・Box 化不能
// ・型パラメータに指定出来ない (ポインタ配列は出来るのに…)
// ・匿名メソッドの引数に出来ない
/* そもそもポインタは Box 化出来ない… (System.IntPtr に変換して自動的にやってくれても良いのに)
* [afh.Tester.TestMethod]
* public unsafe static void testPointerBoxing(Log log){
* byte* alpha=(byte*)0x400000;
* object o=alpha;
* log.WriteLine("{0}",o is void*);
* }
* //*/
public unsafe static void chkEnumModules(Log log)
{
// Notepad.exe を取得
Diag::Process[] procs = Diag::Process.GetProcessesByName("notepad");
if (procs.Length == 0)
{
log.WriteLine("現在 notepad.exe は動いていません。");
return;
}
Diag::Process proc = procs[0];
for (int i = 1; i < procs.Length; i++)
{
procs[i].Close();
}
log.WriteLine("プロセス notepad.exe を捕まえました");
log.WriteVar("Id", proc.Id.ToString("X8"));
log.WriteVar("Handle", proc.Handle.ToString("X8"));
// Modules
log.WriteLine("Diag::Process.Modules より");
log.Lock();
log.AddIndent();
try{
foreach (Diag::ProcessModule mod in proc.Modules)
{
log.WriteVar("Module-Name", mod.ModuleName);
log.WriteVar("Base-Address", mod.BaseAddress.ToString("X8"));
log.WriteVar("Module-Size", mod.ModuleMemorySize.ToString("X8"));
}
}finally{
log.RemoveIndent();
log.Unlock();
}
// Modules2
log.WriteLine("<DbgHelp>::EnumerateLoadedModules より");
log.Lock();
log.AddIndent();
try{
#pragma warning disable 618
DbgHelp.EnumerateLoadedModules(proc.Handle, delegate(string name, System.IntPtr modbase, uint modsize, System.IntPtr userData){
log.WriteVar("Module-Name", name);
log.WriteVar("Base-Address", modbase.ToString("X8"));
log.WriteVar("Module-Size", modsize.ToString("X8"));
return(true);
}, System.IntPtr.Zero);
#pragma warning restore 618
}finally{
log.RemoveIndent();
log.Unlock();
}
}
public ImportFunction this[int index] {
get{
if (index < 0 || funccount <= index)
{
throw new System.ArgumentOutOfRangeException("index");
}
const int OffsetName = 2; // IMAGE_IMPORT_BY_NAME.Name メンバのオフセット
RemotePtr <FPtr> ppfn;
string name;
if (!pIAT32.IsNull)
{
// 対象が PE32 の場合
ppfn = (pIAT32 + index).Reinterpret <FPtr>();
// ■↑■ 64bit から 32bit の中の FPtr を触ると×
IMAGE.THUNK_DATA32 int32 = pINT32[index];
if (int32.IsSnapByOrdinal)
{
return(new ImportFunction(int32.OrdinalValue, ppfn));
}
else
{
name = (module.mbase + int32.AddressOfData + OffsetName).ReadAnsiString();
}
}
else
{
// 対象が PE32+ の場合
ppfn = (pIAT64 + index).Reinterpret <FPtr>();
IMAGE.THUNK_DATA64 int64 = pINT64[index];
if (int64.IsSnapByOrdinal)
{
return(new ImportFunction(int64.OrdinalValue, ppfn));
}
else
{
name = (module.mbase + int64.AddressOfData + OffsetName).ReadAnsiString();
}
}
// 名前によるインポートの場合
if (name == null)
{
name = "<FAILED TO GET NAME>";
}
else if (name.Length > 1 && name[0] == '?')
{
name = DbgHelp.UnDecorateSymbolName(name, DbgHelp.UNDNAME.COMPLETE);
}
return(new ImportFunction(name, ppfn));
}
}
} // end constructor
public static DbgBaseTypeInfo GetBaseTypeInfo(DbgEngDebugger debugger,
DbgModuleInfo module,
uint typeId)
{
BasicType baseType;
ulong size;
DbgHelp.GetBaseTypeInfo(debugger.DebuggerInterface,
module.BaseAddress,
typeId,
out baseType,
out size);
return(new DbgBaseTypeInfo(debugger, module, typeId, baseType, size));
}
public static DbgBaseClassTypeInfoBase GetBaseClassTypeInfo(DbgEngDebugger debugger,
DbgModuleInfo module,
uint typeId)
{
if (null == debugger)
{
throw new ArgumentNullException("debugger");
}
if (null == module)
{
throw new ArgumentNullException("module");
}
RawBaseClassInfo rbci = DbgHelp.GetBaseClassInfo(debugger.DebuggerInterface, module.BaseAddress, typeId);
if (rbci.IsVirtualBaseClass)
{
return(new DbgVirtualBaseClassTypeInfo(debugger,
module,
typeId,
rbci.UdtKind,
rbci.BaseClassTypeName,
rbci.BaseClassSize,
rbci.ChildrenCount,
rbci.ClassParentId,
rbci.VirtualTableShapeId,
rbci.IsVirtualBaseClass,
rbci.IsIndirectVirtualBaseClass,
rbci.BaseClassTypeId,
rbci.VirtualBaseDispIndex,
rbci.VirtualBasePointerOffset));
}
else
{
return(new DbgBaseClassTypeInfo(debugger,
module,
typeId,
rbci.UdtKind,
rbci.BaseClassTypeName,
rbci.BaseClassSize,
rbci.ChildrenCount,
rbci.ClassParentId,
rbci.VirtualTableShapeId,
rbci.IsVirtualBaseClass,
rbci.IsIndirectVirtualBaseClass,
rbci.BaseClassTypeId,
rbci.Offset));
}
} // end GetBaseClassTypeInfo()
public static DbgEnumTypeInfo GetEnumTypeInfo(DbgEngDebugger debugger,
DbgModuleInfo module,
uint typeId)
{
if (null == debugger)
{
throw new ArgumentNullException("debugger");
}
RawEnumInfo rei = DbgHelp.GetEnumInfo(debugger.DebuggerInterface,
module.BaseAddress,
typeId);
return(new DbgEnumTypeInfo(debugger, module, rei));
} // end GetEnumTypeInfo()
} // end GetNearNameByOffset()
public DbgSymbol GetSymbolByAddress(ulong address, out ulong displacement)
{
// TODO: Should I handle exceptions and return null?
ulong tmpDisplacement = 0xffffffffffffffff;
var retval = Debugger.ExecuteOnDbgEngThread(() =>
{
SymbolInfo si = DbgHelp.SymFromAddr(Debugger.DebuggerInterface, address, out tmpDisplacement);
// TODO: This doesn't seem like a good idea to use whatever the "current" context
// is here... but what can I do? Perhaps I could just get rid of this method.
return(new DbgPublicSymbol(Debugger, si, Debugger.GetCurrentTarget()));
});
displacement = tmpDisplacement;
return(retval);
} // end GetSymbolByAddress()
public static DbgPointerTypeInfo GetPointerTypeInfo(DbgEngDebugger debugger,
DbgModuleInfo module,
uint typeId)
{
uint pointeeTypeId;
ulong size;
bool isReference;
DbgHelp.GetPointerTypeInfo(debugger.DebuggerInterface,
module.BaseAddress,
typeId,
out pointeeTypeId,
out size,
out isReference);
return(new DbgPointerTypeInfo(debugger, module, typeId, pointeeTypeId, size, isReference));
} // end GetPointerTypeInfo()
protected override bool ReleaseHandle()
{
if (IntPtr.Zero == base.handle)
{
return(true);
}
bool success;
lock (Globals.DebugHelpLock) { success = DbgHelp.SymCleanup(handle); }
if (success)
{
return(true);
}
Trace.TraceError("Failed to cleanup a symbol handler. Error: {0}",
Marshal.GetLastWin32Error());
return(false);
}
public static DbgTypedefTypeInfo GetTypedefTypeInfo(DbgEngDebugger debugger,
DbgModuleInfo module,
uint typeId)
{
uint representedTypeId;
string typedefName;
DbgHelp.GetTypedefTypeInfo(debugger.DebuggerInterface,
module.BaseAddress,
typeId,
out representedTypeId,
out typedefName);
return(new DbgTypedefTypeInfo(debugger,
module,
typeId,
representedTypeId,
typedefName));
} // end GetTypedefTypeInfo()
public static void Create(Process process, string filename)
{
using (var s = File.Create(filename))
{
var ptrs = Marshal.GetExceptionPointers();
bool result;
if (ptrs == IntPtr.Zero)
{
result = DbgHelp.MiniDumpWriteDump(
process.Handle,
(uint)process.Id,
s.SafeFileHandle.DangerousGetHandle(),
MiniDumpType.MiniDumpWithFullMemory,
IntPtr.Zero,
IntPtr.Zero,
IntPtr.Zero);
}
else
{
MINIDUMP_EXCEPTION_INFORMATION mei;
mei.ClientPointers = false;
mei.ExceptionPointers = ptrs;
mei.ThreadId = Kernel32.GetCurrentThreadId();
result = DbgHelp.MiniDumpWriteDump(
process.Handle,
(uint)process.Id,
s.SafeFileHandle.DangerousGetHandle(),
MiniDumpType.MiniDumpWithFullMemory,
ref mei,
IntPtr.Zero,
IntPtr.Zero);
}
if (!result)
{
throw new InvalidOperationException(
string.Format("Failed creating memory dump '{0}'.", filename),
new Win32Exception(Marshal.GetLastWin32Error()));
}
}
}
public static IMAGEHLP_SYMBOL64 GetSymbolFromAddress(IntPtr hProcess, ulong Address)
{
//Initialize params for SymGetSymFromAddr64
IMAGEHLP_SYMBOL64 Symbol = new IMAGEHLP_SYMBOL64();
Symbol.SizeOfStruct = (uint)Marshal.SizeOf(Symbol);
Symbol.MaxNameLength = 33;
IntPtr lpSymbol = Marshal.AllocHGlobal(Marshal.SizeOf(Symbol));
Marshal.StructureToPtr(Symbol, lpSymbol, false);
ulong Offset = 0;
DbgHelp.SymGetSymFromAddr64(hProcess, Address, Offset, lpSymbol);
Symbol = (IMAGEHLP_SYMBOL64)Marshal.PtrToStructure(lpSymbol, typeof(IMAGEHLP_SYMBOL64));
Marshal.FreeHGlobal(lpSymbol);
return(Symbol);
}
} // end GetColorName()
public static DbgArrayTypeInfo GetArrayTypeInfo(DbgEngDebugger debugger,
DbgModuleInfo module,
uint typeId)
{
if (null == debugger)
{
throw new ArgumentNullException("debugger");
}
uint arrayTypeId;
uint count;
ulong size;
DbgHelp.GetArrayTypeInfo(debugger.DebuggerInterface,
module.BaseAddress,
typeId,
out arrayTypeId,
out count,
out size);
return(new DbgArrayTypeInfo(debugger, module, typeId, arrayTypeId, count, size));
} // end GetArrayTypeInfo()
internal override object GetConstantValue()
{
if (!IsConstant)
{
return(base.GetConstantValue()); // will throw
}
object rawVal = DbgHelp.SymGetTypeInfo(Debugger.DebuggerInterface,
Module.BaseAddress,
m_symInfo.Index,
IMAGEHLP_SYMBOL_TYPE_INFO.TI_GET_VALUE);
// The raw value might be stored more efficiently than the actual type--for
// instance, a DWORD constant might be stored (and returned from
// SymGetTypeInfo) as a USHORT. So we might need to extend the value to get
// fidelity with the true type of the constant.
Debug.Assert((Type is DbgBaseTypeInfo) || (Type is DbgEnumTypeInfo));
DbgBaseTypeInfo bti;
bti = Type as DbgBaseTypeInfo;
if (null == bti)
{
DbgEnumTypeInfo eti = Type as DbgEnumTypeInfo;
if (null != eti)
{
bti = eti.BaseType;
}
else
{
throw new DbgProviderException(
Util.Sprintf("I don't know how to handle constants with Type: {0}",
Util.GetGenericTypeName(Type)),
"DontKnowHowToHandleConstantType",
System.Management.Automation.ErrorCategory.NotImplemented);
}
}
return(DbgHelp.ReconstituteConstant(rawVal, bti));
}
public static Symbol[] GetSymbols(string DllFile)
{
IntPtr CurProc = Process.GetCurrentProcess().Handle;
DbgHelp.SymInitialize(CurProc, null, false);
if (!File.Exists(DllFile))
{
throw new FileNotFoundException("File not found", DllFile);
}
List <Symbol> Symbols = new List <Symbol>();
ulong DllBase = DbgHelp.SymLoadModuleEx(CurProc, IntPtr.Zero, DllFile, null, 0, 0, IntPtr.Zero, 0);
DbgHelp.SymEnumerateSymbols64(CurProc, DllBase, (Name, Addr, Size, Ctx) => {
Symbols.Add(new Symbol(Name, DllBase - Addr, Size));
return(true);
}, IntPtr.Zero);
DbgHelp.SymCleanup(CurProc);
return(Symbols.ToArray());
}
public static extern bool MiniDumpReadDumpStream(IntPtr BaseOfDump,
DbgHelp.MINIDUMP_STREAM_TYPE StreamNumber,
ref MINIDUMP_DIRECTORY Dir,
ref IntPtr StreamPointer,
ref uint StreamSize);
public static extern bool MiniDumpWriteDump(
IntPtr hProcess,
UInt32 ProcessId, // DWORD is a 32 bit unsigned integer
SafeHandle hFile,
DbgHelp.MINIDUMP_TYPE DumpType,
IntPtr exceptionParam,
IntPtr userStream,
IntPtr callback);
