pykd/samples/stacks.py

import sys
from pykd import *


def printStack():        


    def printThreadStack( threadPtr ):

        setImplicitThread( threadPtr )
        stackFrames = getCurrentStack()
        for frame in stackFrames: dprintln( findSymbol( frame.instructionOffset ) + "  (%x)" % frame.instructionOffset )
        dprintln("")  


    def printUserStack():

        threadList = getThreadList()

        oldMode = getProcessorMode()

        if oldMode == "X64" and loadModule( "wow64" ) != None:
            setProcessorMode("X86")

        for threadPtr in threadList:
            printThreadStack( threadPtr )

        setProcessorMode(oldMode)


    def printKernelStack():

        process = typedVar( "nt", "_EPROCESS", getCurrentProcess() ) 

        threadList = typedVarList( process.ThreadListHead.getAddress(), "nt", "_ETHREAD", "ThreadListEntry" )

        oldMode = getProcessorMode()

        if is64bitSystem() and process.Wow64Process != 0:
            setProcessorMode("X86")

        for thread in threadList:
            printThreadStack( thread.getAddress() )

        setProcessorMode(oldMode)


    if isKernelDebugging():
        printKernelStack()
    else:
        printUserStack()


if __name__ == "__main__":

    if not isSessionStart():
        createSession()
        loadDump( sys.argv[1] )
        dprintln( sys.argv[1] + " - loaded OK" )

    printStack()
$SND\kernelnet_cp$ [+] added : sample stacks.py git-svn-id: https://pykd.svn.codeplex.com/svn@58074 9b283d60-5439-405e-af05-b73fd8c4d996 2010-11-26 19:47:57 +08:00			`import sys`
			`from pykd import *`


$SND\kernelnet_cp$ [+] added : getCurrentPorcess, setCurrentProcess routines git-svn-id: https://pykd.svn.codeplex.com/svn@58080 9b283d60-5439-405e-af05-b73fd8c4d996 2010-11-26 23:26:00 +08:00			`def printStack():`
$SND\kernelnet_cp$ [+] added : sample stacks.py git-svn-id: https://pykd.svn.codeplex.com/svn@58074 9b283d60-5439-405e-af05-b73fd8c4d996 2010-11-26 19:47:57 +08:00

$SND\kernelnet_cp$ [+] added : getCurrentPorcess, setCurrentProcess routines git-svn-id: https://pykd.svn.codeplex.com/svn@58080 9b283d60-5439-405e-af05-b73fd8c4d996 2010-11-26 23:26:00 +08:00			`def printThreadStack( threadPtr ):`
$SND\kernelnet_cp$ [!] fixed: loadModule return None for non existin module with out outputing error message git-svn-id: https://pykd.svn.codeplex.com/svn@58077 9b283d60-5439-405e-af05-b73fd8c4d996 2010-11-26 22:03:25 +08:00
$SND\kernelnet_cp$ [+] added : sample stacks.py git-svn-id: https://pykd.svn.codeplex.com/svn@58074 9b283d60-5439-405e-af05-b73fd8c4d996 2010-11-26 19:47:57 +08:00			`setImplicitThread( threadPtr )`
			`stackFrames = getCurrentStack()`
			`for frame in stackFrames: dprintln( findSymbol( frame.instructionOffset ) + " (%x)" % frame.instructionOffset )`
$SND\kernelnet_cp$ [+] added : getCurrentPorcess, setCurrentProcess routines git-svn-id: https://pykd.svn.codeplex.com/svn@58080 9b283d60-5439-405e-af05-b73fd8c4d996 2010-11-26 23:26:00 +08:00			`dprintln("")`



			`def printUserStack():`

			`threadList = getThreadList()`

			`oldMode = getProcessorMode()`

			`if oldMode == "X64" and loadModule( "wow64" ) != None:`
			`setProcessorMode("X86")`

			`for threadPtr in threadList:`
			`printThreadStack( threadPtr )`

			`setProcessorMode(oldMode)`



			`def printKernelStack():`

			`process = typedVar( "nt", "_EPROCESS", getCurrentProcess() )`

			`threadList = typedVarList( process.ThreadListHead.getAddress(), "nt", "_ETHREAD", "ThreadListEntry" )`

			`oldMode = getProcessorMode()`

			`if is64bitSystem() and process.Wow64Process != 0:`
			`setProcessorMode("X86")`

			`for thread in threadList:`
			`printThreadStack( thread.getAddress() )`

			`setProcessorMode(oldMode)`


			`if isKernelDebugging():`
			`printKernelStack()`
			`else:`
			`printUserStack()`
$SND\kernelnet_cp$ [+] added : sample stacks.py git-svn-id: https://pykd.svn.codeplex.com/svn@58074 9b283d60-5439-405e-af05-b73fd8c4d996 2010-11-26 19:47:57 +08:00
$SND\kernelnet_cp$ [!] fixed: loadModule return None for non existin module with out outputing error message git-svn-id: https://pykd.svn.codeplex.com/svn@58077 9b283d60-5439-405e-af05-b73fd8c4d996 2010-11-26 22:03:25 +08:00
$SND\kernelnet_cp$ [+] added : sample stacks.py git-svn-id: https://pykd.svn.codeplex.com/svn@58074 9b283d60-5439-405e-af05-b73fd8c4d996 2010-11-26 19:47:57 +08:00
			`if __name__ == "__main__":`

			`if not isSessionStart():`
			`createSession()`
			`loadDump( sys.argv[1] )`
			`dprintln( sys.argv[1] + " - loaded OK" )`

			`printStack()`