DkmProcess.ReadMemory C# (CSharp)代码示例

示例#1

0

显示文件

        private void OnBreakpointHit(DkmThread thread)
        {
            CurrentSourceLocation cbp = _currentSourceLocation.Read();

            DebuggerString fileNameDS;

            _process.ReadMemory(cbp.fileName, DkmReadMemoryFlags.None, &fileNameDS, sizeof(DebuggerString));

            char *fileNameBuf = stackalloc char[fileNameDS.length];
            ulong dataOffset  = (ulong)((byte *)fileNameDS.data - (byte *)&fileNameDS);

            _process.ReadMemory(cbp.fileName + dataOffset, DkmReadMemoryFlags.None, fileNameBuf, fileNameDS.length * 2);
            string fileName = new string(fileNameBuf, 0, fileNameDS.length);

            SourceLocation loc = new SourceLocation(fileName, cbp.lineNumber);

            if (!_breakpoints.TryGetValue(loc, out List <DkmRuntimeBreakpoint> bps))
            {
                Debug.Fail("TraceFunc signalled a breakpoint at a location that BreakpointManager does not know about.");
                return;
            }

            foreach (var bp in bps)
            {
                bp.OnHit(thread, false);
            }
        }

示例#2

0

显示文件

        public static unsafe bool WriteMemoryToFile(string fileName, DkmProcess process, long fromAddress, long lengthToRead, FileMode fileMode = FileMode.Create)
        {
            bool bRes = false;

            using (FileStream fs = new FileStream(fileName, fileMode))
            {
                byte[] buffer   = new byte[4096];
                int    nIOBytes = 0;

                long i = 0;

                for (i = 0; (i < lengthToRead); i += nIOBytes)
                {
                    fixed(void *pBuffer = buffer)
                    {
                        nIOBytes = process.ReadMemory((ulong)(fromAddress + i), DkmReadMemoryFlags.None, pBuffer, (int)Math.Min(lengthToRead - i, buffer.Length));
                    }

                    fs.Write(buffer, 0, nIOBytes);
                }

                if (i == lengthToRead)
                {
                    bRes = true;
                }
            }

            return(bRes);
        }

示例#3

0

显示文件

文件： BsonVisualizerWindow.cs 项目： coopci/BsonVisualizer

        private void reload()
        {
            // this.dkmEvalResult.InspectionContext;
            txtOutput.Text = "";
            ulong address = this.dkmEvalResult.Address.Value;

            DkmProcess process = this.dkmEvalResult.InspectionContext.Thread.Process;

            byte[] buffer = new byte[1024];
            process.ReadMemory(
                address,
                DkmReadMemoryFlags.None,
                buffer
                );

            using (BSONIterator it = new BSONIterator(buffer))
            {
                while (it.Next() != BSONType.EOO)
                {
                    BSONValue value = it.FetchCurrentValue();
                    String    s     = value.ToString();

                    txtOutput.Text += s;
                    txtOutput.Text += "\n";
                    continue;
                }
            }

            return;
        }

示例#4

0

显示文件

文件： VSDebuggerProxy.cs 项目： leculver/WinDbgCs

        public byte[] ReadMemory(uint processId, ulong address, uint size)
        {
            return(ExecuteOnDkmInitializedThread(() =>
            {
                DkmProcess process = GetProcess(processId);
                byte[] bytes = new byte[size];

                process.ReadMemory(address, DkmReadMemoryFlags.None, bytes);
                return bytes;
            }));
        }

示例#5

0

显示文件

文件： MemoryReader.cs 项目： lvweiwolf/graphical-debugging

        public static bool ReadBytes(Debugger debugger, ulong address, byte[] buffer)
        {
            if (buffer.Length < 1)
                return true;

            DkmProcess proc = GetDebuggedProcess(debugger);
            if (proc == null)
                return false;

            int bytesRead = proc.ReadMemory(address, DkmReadMemoryFlags.None, buffer);
            return bytesRead == buffer.Length;
        }

示例#6

0

显示文件

文件： DebugHelpers.cs 项目： ridgew/nullc

            internal static short?ReadShortVariable(DkmProcess process, ulong address)
            {
                byte[] variableAddressData = new byte[2];

                // ReadMemory should check for invalid pages, but it still throws an exception on small adresses in practice
                if (address < 0x0001000)
                {
                    return(null);
                }

                if (process.ReadMemory(address, DkmReadMemoryFlags.None, variableAddressData) == 0)
                {
                    return(null);
                }

                return(BitConverter.ToInt16(variableAddressData, 0));
            }

示例#7

0

显示文件

文件： DebugHelpers.cs 项目： ridgew/nullc

            internal static byte?ReadByteVariable(DkmProcess process, ulong address)
            {
                byte[] variableAddressData = new byte[1];

                // ReadMemory should check for invalid pages, but it still throws an exception on small adresses in practice
                if (address < 0x0001000)
                {
                    return(null);
                }

                if (process.ReadMemory(address, DkmReadMemoryFlags.None, variableAddressData) == 0)
                {
                    return(null);
                }

                return(variableAddressData[0]);
            }

示例#8

0

显示文件

        internal static int?ReadIntVariable(DkmProcess process, ulong address)
        {
            byte[] variableAddressData = new byte[4];

            try
            {
                if (process.ReadMemory(address, DkmReadMemoryFlags.None, variableAddressData) == 0)
                {
                    return(null);
                }
            }
            catch (DkmException)
            {
                return(null);
            }

            return(BitConverter.ToInt32(variableAddressData, 0));
        }

示例#9

0

显示文件

        internal static byte?ReadByteVariable(DkmProcess process, ulong address)
        {
            byte[] variableAddressData = new byte[1];

            try
            {
                if (process.ReadMemory(address, DkmReadMemoryFlags.None, variableAddressData) == 0)
                {
                    return(null);
                }
            }
            catch (DkmException)
            {
                return(null);
            }

            return(variableAddressData[0]);
        }

示例#10

0

显示文件

        void createProcessTracer_OnFunctionExited(
            DkmStackWalkFrame frame,
            StackFrameAnalyzer frameAnalyzer)
        {
            try {
                ulong processInfoAddr = Convert.ToUInt64(
                    frameAnalyzer.GetArgumentValue(frame, "lpProcessInformation"));

                // Check the return address first, it should be in EAX.  CreateProcessAsUser and
                // CreateProcess both return 0 on failure.  If the function failed, there is no child to
                // attach to.
                if (0 == frame.VscxGetRegisterValue32(CpuRegister.Eax))
                {
                    return;
                }

                // The process was successfully created.  Extract the PID from the PROCESS_INFORMATION
                // output param.  An attachment request must happend through the EnvDTE, which can only
                // be accessed from the VsPackage, so a request must be sent via a component message.
                DkmProcess process = frame.Process;
                int        size    = Marshal.SizeOf(typeof(PROCESS_INFORMATION));
                byte[]     buffer  = new byte[size];
                process.ReadMemory(processInfoAddr, DkmReadMemoryFlags.None, buffer);
                PROCESS_INFORMATION info          = MarshalUtility.ByteArrayToStructure <PROCESS_INFORMATION>(buffer);
                DkmCustomMessage    attachRequest = DkmCustomMessage.Create(
                    process.Connection,
                    process,
                    PackageServices.VsPackageMessageGuid,
                    (int)VsPackageMessage.AttachToChild,
                    process.LivePart.Id,
                    info.dwProcessId);
                attachRequest.SendToVsService(PackageServices.DkmComponentEventHandler, false);
            } catch (Exception exception) {
                Logger.LogError(
                    exception,
                    "An error occured handling the exit breakpoint.  HR = 0x{0:X}",
                    exception.HResult);
            }
        }

示例#11

0

显示文件

        static public BatchRead Create(DkmProcess process, ulong address, int bytes)
        {
            if (bytes <= 0 || bytes > 8 * 1024 * 1024)
            {
                return(null);
            }

            byte[] data = new byte[bytes];

            try
            {
                if (process.ReadMemory(address, DkmReadMemoryFlags.None, data) == 0)
                {
                    return(null);
                }
            }
            catch (DkmException)
            {
                return(null);
            }

            return(new BatchRead(address, data));
        }

示例#12

0

显示文件

文件： RemoteComponent.cs 项目： ridgew/nullc

            void IDkmProcessExecutionNotification.OnProcessPause(DkmProcess process, DkmProcessExecutionCounters processCounters)
            {
                try
                {
                    ulong?moduleBaseOpt = DebugHelpers.ReadPointerVariable(process, "nullcModuleStartAddress");

                    // Check if nullc is available
                    if (moduleBaseOpt == null)
                    {
                        return;
                    }

                    var processData = DebugHelpers.GetOrCreateDataItem <NullcRemoteProcessDataItem>(process);

                    if (processData.language == null)
                    {
                        processData.compilerId = new DkmCompilerId(DebugHelpers.NullcCompilerGuid, DebugHelpers.NullcLanguageGuid);

                        processData.language = DkmLanguage.Create("nullc", processData.compilerId);
                    }

                    // Create VM runtime and module
                    if (processData.vmRuntimeInstance == null)
                    {
                        DkmRuntimeInstanceId runtimeId = new DkmRuntimeInstanceId(DebugHelpers.NullcVmRuntimeGuid, 0);

                        processData.vmRuntimeInstance = DkmCustomRuntimeInstance.Create(process, runtimeId, null);
                    }

                    if (processData.vmModule == null)
                    {
                        DkmModuleId moduleId = new DkmModuleId(Guid.NewGuid(), DebugHelpers.NullcSymbolProviderGuid);

                        processData.vmModule = DkmModule.Create(moduleId, "nullc.vm.code", processData.compilerId, process.Connection, null);
                    }

                    if (processData.vmModuleInstance == null)
                    {
                        DkmDynamicSymbolFileId symbolFileId = DkmDynamicSymbolFileId.Create(DebugHelpers.NullcSymbolProviderGuid);

                        processData.vmModuleInstance = DkmCustomModuleInstance.Create("nullc_vm", "nullc.vm.code", 0, processData.vmRuntimeInstance, null, symbolFileId, DkmModuleFlags.None, DkmModuleMemoryLayout.Unknown, 0, 1, 0, "nullc vm code", false, null, null, null);

                        processData.vmModuleInstance.SetModule(processData.vmModule, true); // Can use reload?
                    }

                    ulong moduleBase = moduleBaseOpt.GetValueOrDefault(0);

                    uint moduleSize = (uint)(DebugHelpers.ReadPointerVariable(process, "nullcModuleEndAddress").GetValueOrDefault(0) - moduleBase);

                    // Create JiT runtime and module
                    if (moduleBase != 0 && moduleSize != 0)
                    {
                        if (processData.runtimeInstance == null && processData.nativeRuntimeInstance == null)
                        {
                            DkmRuntimeInstanceId runtimeId = new DkmRuntimeInstanceId(DebugHelpers.NullcRuntimeGuid, 0);

                            if (DebugHelpers.useNativeInterfaces)
                            {
                                processData.nativeRuntimeInstance = DebugHelpers.useDefaultRuntimeInstance ? process.GetNativeRuntimeInstance() : DkmNativeRuntimeInstance.Create(process, runtimeId, DkmRuntimeCapabilities.None, process.GetNativeRuntimeInstance(), null);
                            }
                            else
                            {
                                processData.runtimeInstance = DkmCustomRuntimeInstance.Create(process, runtimeId, null);
                            }
                        }

                        if (processData.module == null)
                        {
                            DkmModuleId moduleId = new DkmModuleId(Guid.NewGuid(), DebugHelpers.NullcSymbolProviderGuid);

                            processData.module = DkmModule.Create(moduleId, "nullc.embedded.code", processData.compilerId, process.Connection, null);
                        }

                        if (processData.moduleInstance == null && processData.nativeModuleInstance == null)
                        {
                            DkmDynamicSymbolFileId symbolFileId = DkmDynamicSymbolFileId.Create(DebugHelpers.NullcSymbolProviderGuid);

                            if (DebugHelpers.useNativeInterfaces)
                            {
                                processData.nativeModuleInstance = DkmNativeModuleInstance.Create("nullc", "nullc.embedded.code", 0, null, symbolFileId, DkmModuleFlags.None, DkmModuleMemoryLayout.Unknown, 1, "nullc embedded code", processData.nativeRuntimeInstance, moduleBase, moduleSize, Microsoft.VisualStudio.Debugger.Clr.DkmClrHeaderStatus.NativeBinary, false, null, null, null);

                                processData.nativeModuleInstance.SetModule(processData.module, true); // Can use reload?
                            }
                            else
                            {
                                processData.moduleInstance = DkmCustomModuleInstance.Create("nullc", "nullc.embedded.code", 0, processData.runtimeInstance, null, symbolFileId, DkmModuleFlags.None, DkmModuleMemoryLayout.Unknown, moduleBase, 1, moduleSize, "nullc embedded code", false, null, null, null);

                                processData.moduleInstance.SetModule(processData.module, true); // Can use reload?
                            }
                        }
                    }

                    // Update bytecode
                    var moduleBytecodeVersion = DebugHelpers.ReadPointerVariable(process, "nullcModuleBytecodeVersion").GetValueOrDefault(0);

                    if (processData.moduleBytecodeLocation != 0 && moduleBytecodeVersion != processData.moduleBytecodeVersion)
                    {
                        processData.moduleBytecodeLocation = 0;
                        processData.moduleBytecodeSize     = 0;
                        processData.moduleBytecodeRaw      = null;
                        processData.bytecode = null;
                    }

                    if (processData.moduleBytecodeLocation == 0)
                    {
                        processData.moduleBytecodeLocation = DebugHelpers.ReadPointerVariable(process, "nullcModuleBytecodeLocation").GetValueOrDefault(0);
                        processData.moduleBytecodeSize     = DebugHelpers.ReadPointerVariable(process, "nullcModuleBytecodeSize").GetValueOrDefault(0);
                        processData.moduleBytecodeVersion  = moduleBytecodeVersion;

                        if (processData.moduleBytecodeLocation != 0)
                        {
                            processData.moduleBytecodeRaw = new byte[processData.moduleBytecodeSize];
                            process.ReadMemory(processData.moduleBytecodeLocation, DkmReadMemoryFlags.None, processData.moduleBytecodeRaw);

                            processData.bytecode = new NullcBytecode();
                            processData.bytecode.ReadFrom(processData.moduleBytecodeRaw, DebugHelpers.Is64Bit(process));

                            // Notify local component about bytecode update
                            var message = DkmCustomMessage.Create(process.Connection, process, DebugHelpers.NullcReloadSymbolsMessageGuid, 1, null, null);

                            message.SendHigher();
                        }
                    }
                }
                catch (Exception ex)
                {
                    Console.WriteLine("OnProcessPause failed with: " + ex.ToString());
                }
            }

C# (CSharp) DkmProcess.ReadMemory示例