pykd/samples/stacks.py

import sys
from pykd import *


def printStack():        


    def printThreadStack( threadPtr ):

        setImplicitThread( threadPtr )
        stackFrames = getCurrentStack()
        for frame in stackFrames: dprintln( findSymbol( frame.instructionOffset ) + "  (%x)" % frame.instructionOffset )
        dprintln("")  



    def printUserStack():

        threadList = getThreadList()

        oldMode = getProcessorMode()

        if oldMode == "X64" and loadModule( "wow64" ) != None:
            setProcessorMode("X86")

        for threadPtr in threadList:
            printThreadStack( threadPtr )

        setProcessorMode(oldMode)



    def printKernelStack():

        process = typedVar( "nt", "_EPROCESS", getCurrentProcess() ) 

        threadList = typedVarList( process.ThreadListHead.getAddress(), "nt", "_ETHREAD", "ThreadListEntry" )

        oldMode = getProcessorMode()

        if is64bitSystem() and process.Wow64Process != 0:
            setProcessorMode("X86")

        for thread in threadList:
            printThreadStack( thread.getAddress() )

        setProcessorMode(oldMode)


    if isKernelDebugging():
        printKernelStack()
    else:
        printUserStack()



if __name__ == "__main__":

    if not isSessionStart():
        createSession()
        loadDump( sys.argv[1] )
        dprintln( sys.argv[1] + " - loaded OK" )

    printStack()