pykd/samples/um/critlist.py

from pykd import *

def main():
    pass

def listCritSections():

    ntdll = module("ntdll")

    dbglst = ntdll.typedVarList( ntdll.RtlCriticalSectionList, "_RTL_CRITICAL_SECTION_DEBUG", "ProcessLocksList" )
    
    crtlst = [ ntdll.typedVar( "_RTL_CRITICAL_SECTION", x.CriticalSection ) for x in dbglst ]
    
    for crtsec in crtlst:
        dprintln("")
        dprintln( "CRITICAL SECTION  address = %#x ( %s ) " % ( crtsec, findSymbol( crtsec ) ) )
        dprintln( "  Owning thread = %x" % crtsec.OwningThread )
        dprintln( "  Lock count = %d" % crtsec.LockCount )
        

def run():

    while True:

        if isKernelDebugging():
            dprintln( "not a user debugging" )
            break 
        
        listCritSections()        

        break

if __name__ == "__main__":
    run()
$SND\kernelnet_cp$ [0..3.x] added : print typedVar git-svn-id: https://pykd.svn.codeplex.com/svn@84986 9b283d60-5439-405e-af05-b73fd8c4d996 2013-08-26 23:45:22 +08:00			`from pykd import *`

			`def main():`
			`pass`

			`def listCritSections():`

			`ntdll = module("ntdll")`

			`dbglst = ntdll.typedVarList( ntdll.RtlCriticalSectionList, "_RTL_CRITICAL_SECTION_DEBUG", "ProcessLocksList" )`

			`crtlst = [ ntdll.typedVar( "_RTL_CRITICAL_SECTION", x.CriticalSection ) for x in dbglst ]`

			`for crtsec in crtlst:`
			`dprintln("")`
			`dprintln( "CRITICAL SECTION address = %#x ( %s ) " % ( crtsec, findSymbol( crtsec ) ) )`
			`dprintln( " Owning thread = %x" % crtsec.OwningThread )`
			`dprintln( " Lock count = %d" % crtsec.LockCount )`


			`def run():`

			`while True:`

			`if isKernelDebugging():`
			`dprintln( "not a user debugging" )`
			`break`

			`listCritSections()`

			`break`

			`if __name__ == "__main__":`
			`run()`