From 1d25e61d027865f0c9251ed3dd40d7613376e4b0 Mon Sep 17 00:00:00 2001 From: "SND\\kernelnet_cp" Date: Thu, 3 Dec 2015 07:21:29 +0000 Subject: [PATCH] [0.3.x] added : removeBp routine ( Remove breakpoint by index ) git-svn-id: https://pykd.svn.codeplex.com/svn@90875 9b283d60-5439-405e-af05-b73fd8c4d996 --- pykd/pyeventhandler.cpp | 10 +++++++ pykd/pyeventhandler.h | 2 ++ pykd/pykdver.h | 2 +- pykd/pymod.cpp | 2 ++ snippets/stkwalk.py | 53 +++++++++++++++++++++++++++----------- test/scripts/breakpoint.py | 6 +++++ test/scripts/typedvar.py | 6 +---- 7 files changed, 60 insertions(+), 21 deletions(-) diff --git a/pykd/pyeventhandler.cpp b/pykd/pyeventhandler.cpp index 67ac4ac..83707e2 100644 --- a/pykd/pyeventhandler.cpp +++ b/pykd/pyeventhandler.cpp @@ -690,6 +690,16 @@ Breakpoint* Breakpoint::getBreakpointByIndex(unsigned long index) ///////////////////////////////////////////////////////////////////////////////// +void Breakpoint::removeBreakpointByIndex(unsigned long index) +{ + AutoRestorePyState pystate; + kdlib::BreakpointPtr bp; + bp = kdlib::getBreakpointByIndex(index); + bp->remove(); +} + +///////////////////////////////////////////////////////////////////////////////// + } // end namespace pykd diff --git a/pykd/pyeventhandler.h b/pykd/pyeventhandler.h index 692b6e9..2d7e716 100644 --- a/pykd/pyeventhandler.h +++ b/pykd/pyeventhandler.h @@ -64,6 +64,8 @@ public: static Breakpoint* getBreakpointByIndex(unsigned long index); + static void removeBreakpointByIndex(unsigned long index); + public: explicit Breakpoint(kdlib::BreakpointPtr bp, bool weakbp = true); diff --git a/pykd/pykdver.h b/pykd/pykdver.h index 77516d9..12fc414 100644 --- a/pykd/pykdver.h +++ b/pykd/pykdver.h @@ -2,7 +2,7 @@ #define PYKD_VERSION_MAJOR 0 #define PYKD_VERSION_MINOR 3 #define PYKD_VERSION_SUBVERSION 0 -#define PYKD_VERSION_BUILDNO 34 +#define PYKD_VERSION_BUILDNO 35 #define __VER_STR2__(x) #x #define __VER_STR1__(x) __VER_STR2__(x) diff --git a/pykd/pymod.cpp b/pykd/pymod.cpp index e95a92e..f3bdc62 100644 --- a/pykd/pymod.cpp +++ b/pykd/pymod.cpp @@ -393,6 +393,8 @@ BOOST_PYTHON_MODULE( pykd ) "Return number of breakpoints in the current process" ); python::def( "getBp", &Breakpoint::getBreakpointByIndex, python::return_value_policy(), "Return breakpoint object by index"); + python::def("removeBp", &Breakpoint::removeBreakpointByIndex, + "Remove breakpoint by index"); // processes and threads python::def ( "getNumberProcesses", pykd::getNumberProcesses, diff --git a/snippets/stkwalk.py b/snippets/stkwalk.py index 5256eec..b487683 100644 --- a/snippets/stkwalk.py +++ b/snippets/stkwalk.py @@ -5,29 +5,36 @@ from optparse import OptionParser from fnmatch import fnmatch import traceback import sys +import datetime nt = None EPROCESS = None ETHREAD = None +Tick = None def setupGlobalObject(): - global nt, EPROCESS, ETHREAD + global nt, EPROCESS, ETHREAD, Tick try: nt = module("nt") EPROCESS = nt.type("_EPROCESS") ETHREAD = nt.type("_ETHREAD") + if is64bitSystem(): + Tick = int(typedVar("nt!_LARGE_INTEGER", 0xFFFFF78000000320).QuadPart) + else: + Tick = int(ptrDWord(nt.KeTickCount)) + except DbgException: dprintln("check symbol paths") - + class PrintOptions: def __init__(self): self.ignoreNotActiveThread = True self.ignoreNotActiveProcess = True - self.showWow64stack = is64bitSystem() + self.showWow64stack = False self.showIP = True self.showSP = True self.showUnique = False @@ -80,15 +87,30 @@ def getStackSymbols(stk): symbols.append(sym) return symbols +def isWow64Process(process): + result = False + if is64bitSystem() == False: + return result + try: + if hasattr(process, "WoW64Process"): + return process.WoW64Process != 0 + elif hasattr(process, "Wow64Process"): + return process.Wow64Process != 0 + except: + pass + + return result -def printThread(thread, process): + +def printThread(thread, process, ticks): dprintln("") - dprintln( "Thread %x, Process: %s (%x)" % ( thread, loadCStr( process.ImageFileName ), process ) ) + dprintln( "Thread %x, Process: %s (%x), Ticks: %d" % ( process, thread, thread, loadCStr( process.ImageFileName ), process, ticks ), True ) def printProcess(process,processFilter,threadFilter,moduleFilter,funcFilter,printopt): processName = loadCStr( process.ImageFileName ) + processWow64 = isWow64Process(process) if processFilter and not processFilter(process, process.UniqueProcessId, processName ): return @@ -110,8 +132,9 @@ def printProcess(process,processFilter,threadFilter,moduleFilter,funcFilter,prin stackHashes = set() for thread in threadLst: - - if threadFilter and not threadFilter( thread.Tcb, thread.Cid.UniqueThread ): + + ticks = Tick - thread.Tcb.WaitTime + if threadFilter and not threadFilter( thread.Tcb, thread.Cid.UniqueThread, ticks ): continue try: @@ -121,7 +144,7 @@ def printProcess(process,processFilter,threadFilter,moduleFilter,funcFilter,prin stkNative = getStack() stkWow64 = [] - if printopt.showWow64stack == True: + if processWow64 and printopt.showWow64stack == True: try: switchCPUMode(); @@ -178,14 +201,14 @@ def printProcess(process,processFilter,threadFilter,moduleFilter,funcFilter,prin if not match: continue - printThread( thread, process ) + printThread( thread, process, ticks ) for frame in stk: printFrame(frame, printopt) except DbgException: - printThread( thread, process ) + printThread( thread, process, ticks ) dprintln( "Failed to get stack") @@ -219,8 +242,8 @@ def main(): parser.add_option("-u", "--unique", action="store_true", dest="uniquestack", help="show only unique stacks" ) parser.add_option("-d", "--dump", dest="dumpname", - help="open crach dump" ) - parser.add_option("-w", "--wow64", dest="wow64", + help="open crash dump" ) + parser.add_option("-w", "--wow64", action="store_true", dest="wow64", help="show WOW64 stacks") (options, args) = parser.parse_args() @@ -255,13 +278,13 @@ def main(): funcFilter = lambda name: eval( options.funcfilter) if options.threadfilter: - threadFilter = lambda thread, tid: eval( options.threadfilter) + threadFilter = lambda thread, tid, ticks: eval( options.threadfilter) printopt = PrintOptions() printopt.showUnique = True if options.uniquestack else False - if options.wow64 != None: - printopt.showWow64stack = options.wow64.lower() == 'true' + if options.wow64 == True and is64bitSystem(): + printopt.showWow64stack = True processLst = nt.typedVarList( nt.PsActiveProcessHead, "_EPROCESS", "ActiveProcessLinks.Flink") diff --git a/test/scripts/breakpoint.py b/test/scripts/breakpoint.py index afbef83..ca9f12e 100644 --- a/test/scripts/breakpoint.py +++ b/test/scripts/breakpoint.py @@ -44,6 +44,12 @@ class BreakpointTest( unittest.TestCase ): bp.remove() self.assertEqual( pykd.executionStatus.NoDebuggee, pykd.go() ) + def testRemoveByIndex(self): + bp1 = pykd.setBp( self.targetModule.CdeclFunc ) + bp2 = pykd.getBp(0) + bp2.remove() + self.assertEqual( pykd.executionStatus.NoDebuggee, pykd.go() ) + def disable_testDeleteBp(self): bp = pykd.setBp( self.targetModule.CdeclFunc ) del bp diff --git a/test/scripts/typedvar.py b/test/scripts/typedvar.py index e418489..81f4739 100644 --- a/test/scripts/typedvar.py +++ b/test/scripts/typedvar.py @@ -108,11 +108,7 @@ class TypedVarTest( unittest.TestCase ): self.assertEqual( 3, tv.m_noArrayField ) self.assertNotEqual( -1, tv.m_arrayField[0] ) self.assertNotEqual( 0, tv.m_noArrayField ) - try: - tv.m_arrayField[len(tv.m_arrayField)] - self.assertTrue(False) - except IndexError: - self.assertTrue(True) + tv.m_arrayField[len(tv.m_arrayField)] #def testArrayFieldSlice(self): # tv = target.module.typedVar( "g_structWithArray" )