Source code of Windows XP (NT5)
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
 
 
 
 

4189 lines
99 KiB

/*++
Copyright (c) 1995 Microsoft Corporation
Module Name:
symbols.c
Abstract:
This function implements a generic simple symbol handler.
Author:
Wesley Witt (wesw) 1-Sep-1994
Environment:
User Mode
--*/
#include "private.h"
#include "symbols.h"
#include "globals.h"
#include <dbhpriv.h>
#include "fecache.hpp"
BOOL
IMAGEAPI
SympGetSymNextPrev(
IN HANDLE hProcess,
IN OUT PIMAGEHLP_SYMBOL64 Symbol,
IN int Direction
);
#ifndef _DBGHELP_USER_GENERATED_SYMBOLS_NOTSUPPORTED
PSYMBOL_ENTRY
IMAGEAPI
AllocSym(
IN PMODULE_ENTRY mi,
IN DWORD64 addr,
IN LPSTR name
);
VOID
CompleteSymbolTable(
IN PMODULE_ENTRY mi
);
#endif // !_DBGHELP_USER_GENERATED_SYMBOLS_NOTSUPPORTED
typedef struct _STORE_OLD_CB {
BOOL cb64;
union{
PSYM_ENUMSYMBOLS_CALLBACK UserCallBackRoutine;
PSYM_ENUMSYMBOLS_CALLBACK64 UserCallBackRoutine64;
};
PVOID UserContext;
} STORE_OLD_CB;
BOOL
ImgHlpDummyCB(
PSYMBOL_INFO pSymInfo,
ULONG SymbolSize,
PVOID UserContext
)
{
STORE_OLD_CB *pOld = (STORE_OLD_CB *) UserContext;
if (pSymInfo->Flags & SYMF_REGREL) {
LARGE_INTEGER li;
li.HighPart = pSymInfo->Register;
li.LowPart = (ULONG) pSymInfo->Address;
pSymInfo->Address = li.QuadPart;
}
if (pOld->cb64) {
return (*pOld->UserCallBackRoutine64) (
pSymInfo->Name,
pSymInfo->Address,
SymbolSize,
pOld->UserContext );
} else {
return (*pOld->UserCallBackRoutine) (
pSymInfo->Name,
(ULONG) pSymInfo->Address,
SymbolSize,
pOld->UserContext );
}
}
void
symcpy2(
PSYMBOL_INFO SymInfo,
PSYMBOL_ENTRY SymEntry
)
{
SymInfo->Address = SymEntry->Address;
SymInfo->Flags = SymEntry->Flags;
SymInfo->TypeIndex = SymEntry->TypeIndex;
SymInfo->ModBase = SymEntry->ModBase;
SymInfo->NameLen = SymEntry->NameLength;
SymInfo->Size = SymEntry->Size;
SymInfo->Register = SymEntry->Register;
if (SymEntry->Name &&
(strlen(SymEntry->Name) < SymInfo->MaxNameLen)) {
strcpy(SymInfo->Name, SymEntry->Name);
}
}
BOOL
TestOutputString(
PCHAR sz
)
{
CHAR c;
__try {
c = *sz;
} __except(EXCEPTION_EXECUTE_HANDLER) {
SetLastError(ERROR_INVALID_PARAMETER);
return FALSE;
}
return TRUE;
}
BOOL
InitOutputString(
PCHAR sz
)
{
BOOL rc;
rc = TestOutputString(sz);
if (rc)
*sz = 0;
return rc;
}
BOOL
DoEnumCallback(
PPROCESS_ENTRY pe,
PSYMBOL_INFO pSymInfo,
ULONG SymSize,
PROC EnumCallback,
PVOID UserContext,
BOOL Use64,
BOOL UsesUnicode
)
{
BOOL rc = FALSE;
if (pSymInfo)
{
if (Use64 || (!UsesUnicode))
{
rc = (*(PSYM_ENUMERATESYMBOLS_CALLBACK)EnumCallback) (
pSymInfo,
SymSize,
UserContext);
}
else
{
PWSTR pszTmp = AnsiToUnicode(pSymInfo->Name);
if (pszTmp)
{
strncpy(pSymInfo->Name, (LPSTR) pszTmp,
min(pSymInfo->MaxNameLen, wcslen(pszTmp)));
*((LPWSTR) &pSymInfo->Name[min(pSymInfo->MaxNameLen, wcslen(pszTmp)) - 1 ]) = 0;
rc = (*(PSYM_ENUMERATESYMBOLS_CALLBACK)EnumCallback) (
pSymInfo,
SymSize,
UserContext );
MemFree(pszTmp);
}
}
}
return rc;
}
BOOL
IMAGEAPI
SymInitialize(
IN HANDLE hProcess,
IN LPSTR UserSearchPath,
IN BOOL InvadeProcess
)
/*++
Routine Description:
This function initializes the symbol handler for
a process. The process is identified by the
process handle passed into this function.
Arguments:
hProcess - Process handle. If InvadeProcess is FALSE
then this can be any unique value that identifies
the process to the symbol handler.
UserSearchPath - Pointer to a string of paths separated by semicolons.
These paths are used to search for symbol files.
The value NULL is acceptable.
InvadeProcess - If this is set to TRUE then the process identified
by the process handle is "invaded" and it's loaded
module list is enumerated. Each module is added
to the symbol handler and symbols are attempted
to be loaded.
Return Value:
TRUE - The symbol handler was successfully initialized.
FALSE - The initialization failed. Call GetLastError to
discover the cause of the failure.
--*/
{
PPROCESS_ENTRY pe;
__try {
if (!g.SymInitialized) {
g.SymInitialized = TRUE;
g.cProcessList = 0;
InitializeListHead( &g.ProcessList );
}
*g.DebugToken = 0;
GetEnvironmentVariable(DEBUG_TOKEN, g.DebugToken, sizeof(g.DebugToken) / sizeof(g.DebugToken[0]));
_strlwr(g.DebugToken);
if (FindProcessEntry( hProcess )) {
SetLastError( ERROR_INVALID_HANDLE );
return TRUE;
}
pe = (PPROCESS_ENTRY) MemAlloc( sizeof(PROCESS_ENTRY) );
if (!pe) {
SetLastError( ERROR_NOT_ENOUGH_MEMORY );
return FALSE;
}
ZeroMemory( pe, sizeof(PROCESS_ENTRY) );
pe->hProcess = hProcess;
pe->pid = (int) GetPID(hProcess);
g.cProcessList++;
InitializeListHead( &pe->ModuleList );
InsertTailList( &g.ProcessList, &pe->ListEntry );
if (!SymSetSearchPath( hProcess, UserSearchPath )) {
//
// last error code was set by SymSetSearchPath, so just return
//
SymCleanup( hProcess );
return FALSE;
}
if (!diaInit()) {
SymCleanup( hProcess );
return FALSE;
}
if (InvadeProcess) {
DWORD DosError = GetProcessModules(hProcess, InternalGetModule, NULL);
if (DosError) {
SymCleanup( hProcess );
SetLastError( DosError );
return FALSE;
}
}
} __except (EXCEPTION_EXECUTE_HANDLER) {
ImagepSetLastErrorFromStatus( GetExceptionCode() );
return FALSE;
}
return TRUE;
}
BOOL
IMAGEAPI
SymCleanup(
HANDLE hProcess
)
/*++
Routine Description:
This function cleans up the symbol handler's data structures
for a previously initialized process.
Arguments:
hProcess - Process handle.
Return Value:
TRUE - The symbol handler was successfully cleaned up.
FALSE - The cleanup failed. Call GetLastError to
discover the cause of the failure.
--*/
{
PPROCESS_ENTRY pe;
PLIST_ENTRY next;
PMODULE_ENTRY mi;
BOOL rc = TRUE;
HeapDump("SymCleanup(before cleanup)\n");
__try {
pe = FindProcessEntry(hProcess);
if (!pe) {
SetLastError( ERROR_INVALID_HANDLE );
return FALSE;
}
next = pe->ModuleList.Flink;
if (next) {
while (next != &pe->ModuleList) {
mi = CONTAINING_RECORD(next, MODULE_ENTRY, ListEntry);
next = mi->ListEntry.Flink;
FreeModuleEntry(pe, mi);
}
}
CloseSymbolServer();
if (pe->SymbolSearchPath) {
MemFree(pe->SymbolSearchPath);
}
RemoveEntryList(&pe->ListEntry);
MemFree(pe);
g.cProcessList--;
// Assume that things are shutting down and
// dump all the function entry caches.
ClearFeCaches();
} __except (EXCEPTION_EXECUTE_HANDLER) {
ImagepSetLastErrorFromStatus(GetExceptionCode());
rc = FALSE;
}
HeapDump("SymCleanup(after cleanup)\n");
return rc;
}
DWORD
IMAGEAPI
SymSetOptions(
DWORD UserOptions
)
/*++
Routine Description:
This function changes the symbol handler's option mask.
Arguments:
UserOptions - The new options mask.
Return Value:
The new mask is returned.
--*/
{
g.SymOptions = UserOptions;
SetSymbolServerCallback(g.SymOptions & SYMOPT_DEBUG ? TRUE : FALSE);
DoCallback(NULL, CBA_SET_OPTIONS, &g.SymOptions);
return g.SymOptions;
}
DWORD
IMAGEAPI
SymGetOptions(
VOID
)
/*++
Routine Description:
This function queries the symbol handler's option mask.
Arguments:
None.
Return Value:
The current options mask is returned.
--*/
{
return g.SymOptions;
}
ULONG
IMAGEAPI
SymSetContext(
HANDLE hProcess,
PIMAGEHLP_STACK_FRAME StackFrame,
PIMAGEHLP_CONTEXT Context
)
{
PPROCESS_ENTRY pe;
pe = FindProcessEntry(hProcess);
if (pe) {
pe->pContext = Context;
pe->StackFrame = *StackFrame;
return diaSetModFromIP(pe);
}
return FALSE;
};
BOOL
SympEnumerateModules(
IN HANDLE hProcess,
IN PROC EnumModulesCallback,
IN PVOID UserContext,
IN BOOL Use64
)
/*++
Routine Description:
This is the worker function for the 32 and 64 bit versions.
Arguments:
hProcess - Process handle, must have been previously registered
with SymInitialize.
EnumModulesCallback - Callback pointer that is called once for each
module that is enumerated. If the enum callback
returns FALSE then the enumeration is terminated.
UserContext - This data is simply passed on to the callback function
and is completly user defined.
Use64 - Supplies flag which determines whether to use the 32 bit
or 64 bit callback prototype.
Return Value:
TRUE - The modules were successfully enumerated.
FALSE - The enumeration failed. Call GetLastError to
discover the cause of the failure.
--*/
{
PPROCESS_ENTRY pe;
PMODULE_ENTRY mi;
PLIST_ENTRY Next;
__try {
pe = FindProcessEntry( hProcess );
if (!pe) {
SetLastError( ERROR_INVALID_HANDLE );
return FALSE;
}
Next = pe->ModuleList.Flink;
if (Next) {
while (Next != &pe->ModuleList) {
mi = CONTAINING_RECORD( Next, MODULE_ENTRY, ListEntry );
Next = mi->ListEntry.Flink;
if (Use64) {
if ( !(*(PSYM_ENUMMODULES_CALLBACK64)EnumModulesCallback) (
mi->ModuleName,
mi->BaseOfDll,
UserContext
)) {
break;
}
} else {
if ( !(*(PSYM_ENUMMODULES_CALLBACK)EnumModulesCallback) (
mi->ModuleName,
(DWORD)mi->BaseOfDll,
UserContext
)) {
break;
}
}
}
}
} __except (EXCEPTION_EXECUTE_HANDLER) {
ImagepSetLastErrorFromStatus( GetExceptionCode() );
return FALSE;
}
return TRUE;
}
BOOL
dbhfnModSymInfo(
IN HANDLE hp,
IN OUT PDBH_MODSYMINFO p
)
{
PMODULE_ENTRY mi;
PPROCESS_ENTRY pe;
assert(p->function == dbhModSymInfo);
pe = FindProcessEntry(hp);
if (!pe) {
SetLastError( ERROR_INVALID_HANDLE );
return FALSE;
}
if (p->sizeofstruct != sizeof(DBH_MODSYMINFO)) {
SetLastError(ERROR_INVALID_PARAMETER);
return FALSE;
}
mi = GetModuleForPC(pe, p->addr, FALSE);
if (!mi) {
SetLastError(ERROR_MOD_NOT_FOUND);
return FALSE;
}
p->type = mi->SymType;
*p->file = 0;
switch (p->type)
{
case SymPdb:
case SymDia:
if (mi->LoadedPdbName)
strcpy(p->file, mi->LoadedPdbName);
break;
default:
if (mi->LoadedImageName)
strcpy(p->file, mi->LoadedImageName);
break;
}
return TRUE;
}
BOOL
dbhfnDiaVersion(
IN OUT PDBH_DIAVERSION p
)
{
PMODULE_ENTRY mi;
assert(p->function == dbhDiaVersion);
if (p->sizeofstruct != sizeof(DBH_DIAVERSION)) {
SetLastError(ERROR_INVALID_PARAMETER);
return FALSE;
}
p->ver = diaVersion();
return TRUE;
}
BOOL
IMAGEAPI
dbghelp(
IN HANDLE hp,
IN OUT PVOID data
)
{
DWORD *function;
if (!data) {
SetLastError(ERROR_INVALID_PARAMETER);
return FALSE;
}
__try {
function = (DWORD *)data;
switch (*function)
{
case dbhModSymInfo:
return dbhfnModSymInfo(hp, (PDBH_MODSYMINFO)data);
case dbhDiaVersion:
return dbhfnDiaVersion((PDBH_DIAVERSION)data);
default:
SetLastError(ERROR_INVALID_PARAMETER);
return FALSE;
}
} __except (EXCEPTION_EXECUTE_HANDLER) {
ImagepSetLastErrorFromStatus(GetExceptionCode());
return FALSE;
}
return FALSE;
}
BOOL
IMAGEAPI
SymEnumerateModules(
IN HANDLE hProcess,
IN PSYM_ENUMMODULES_CALLBACK EnumModulesCallback,
IN PVOID UserContext
)
/*++
Routine Description:
This function enumerates all of the modules that are currently
loaded into the symbol handler. This is the 32 bit wrapper.
Arguments:
hProcess - Process handle, must have been previously registered
with SymInitialize.
EnumModulesCallback - Callback pointer that is called once for each
module that is enumerated. If the enum callback
returns FALSE then the enumeration is terminated.
UserContext - This data is simply passed on to the callback function
and is completly user defined.
Return Value:
TRUE - The modules were successfully enumerated.
FALSE - The enumeration failed. Call GetLastError to
discover the cause of the failure.
--*/
{
return SympEnumerateModules(hProcess, (PROC)EnumModulesCallback, UserContext, FALSE);
}
BOOL
IMAGEAPI
SymEnumerateModules64(
IN HANDLE hProcess,
IN PSYM_ENUMMODULES_CALLBACK64 EnumModulesCallback,
IN PVOID UserContext
)
/*++
Routine Description:
This function enumerates all of the modules that are currently
loaded into the symbol handler. This is the 64 bit wrapper.
Arguments:
hProcess - Process handle, must have been previously registered
with SymInitialize.
EnumModulesCallback - Callback pointer that is called once for each
module that is enumerated. If the enum callback
returns FALSE then the enumeration is terminated.
UserContext - This data is simply passed on to the callback function
and is completly user defined.
Return Value:
TRUE - The modules were successfully enumerated.
FALSE - The enumeration failed. Call GetLastError to
discover the cause of the failure.
--*/
{
return SympEnumerateModules(hProcess, (PROC)EnumModulesCallback, UserContext, TRUE);
}
DWORD
CalcItemSize(
PDWORD64 pAddr,
PDWORD64 pAddrsBase,
UINT_PTR count
)
{
PDWORD64 p;
PDWORD64 pAddrEnd;
if (!pAddr)
return 0;
pAddrEnd = pAddrsBase + count;
for (p = pAddr + 1; p <= pAddrEnd; p++) {
if (*p != *pAddr)
return (DWORD)(*p - *pAddr);
}
return 0;
}
BOOL
MatchModuleName(
PMODULE_ENTRY mi,
LPSTR mask
)
{
if (!strcmpre(mi->AliasName, mask, FALSE))
return TRUE;
if (!strcmpre(mi->ModuleName, mask, FALSE))
return TRUE;
return FALSE;
}
BOOL
SympEnumerateSymbols(
IN HANDLE hProcess,
IN ULONG64 BaseOfDll,
IN LPSTR Mask,
IN PROC EnumSymbolsCallback,
IN PVOID UserContext,
IN BOOL Use64,
IN BOOL CallBackUsesUnicode
)
/*++
Routine Description:
This function enumerates all of the symbols contained the module
specified by the BaseOfDll argument.
Arguments:
hProcess - Process handle, must have been previously registered
with SymInitialize
BaseOfDll - Base address of the DLL that symbols are to be
enumerated for
EnumSymbolsCallback - User specified callback routine for enumeration
notification
UserContext - Pass thru variable, this is simply passed thru to the
callback function
Use64 - Supplies flag which determines whether to use the 32 bit
or 64 bit callback prototype.
Return Value:
TRUE - The symbols were successfully enumerated.
FALSE - The enumeration failed. Call GetLastError to
discover the cause of the failure.
--*/
{
PPROCESS_ENTRY pe;
PLIST_ENTRY Next;
PMODULE_ENTRY mi;
DWORD i;
PSYMBOL_ENTRY sym;
LPSTR szSymName;
SYMBOL_ENTRY SymEntry={0};
CHAR Buffer[2500];
LPSTR p;
CHAR modmask[200];
BOOL rc;
int pass;
BOOL fCase;
static DWORD flags[2] = {LS_JUST_TEST, LS_QUALIFIED | LS_FAIL_IF_LOADED};
__try {
pe = FindProcessEntry( hProcess );
if (!pe) {
SetLastError( ERROR_INVALID_HANDLE );
return FALSE;
}
p = 0;
modmask[0] = 0;
if (Mask)
p = strchr(Mask, '!');
if (p > Mask) {
memcpy(modmask, Mask, (int)(p - Mask));
modmask[p-Mask] = 0;
Mask = p + 1;
} else if (!BaseOfDll) {
rc = diaEnumerateSymbols(pe,
NULL,
Mask,
EnumSymbolsCallback,
UserContext,
Use64,
CallBackUsesUnicode);
if (!rc && pe->ipmi && pe->ipmi->code == ERROR_CANCELLED) {
pe->ipmi->code = 0;
return TRUE;
}
return rc;
}
for (pass = 0; pass < 2; pass++) {
Next = pe->ModuleList.Flink;
if (Next) {
while (Next != &pe->ModuleList) {
mi = CONTAINING_RECORD( Next, MODULE_ENTRY, ListEntry );
Next = mi->ListEntry.Flink;
if (BaseOfDll) {
if (mi->BaseOfDll != BaseOfDll)
continue;
} else if (!MatchModuleName(mi, modmask)) {
continue;
}
if (!LoadSymbols(hProcess, mi, flags[pass]))
continue;
if (mi->dia) {
rc = diaEnumerateSymbols(pe,
mi,
Mask,
EnumSymbolsCallback,
UserContext,
Use64,
CallBackUsesUnicode);
if (!rc) {
if (mi->code == ERROR_CANCELLED) {
mi->code = 0;
return TRUE;
}
return rc;
}
continue;
}
fCase = (g.SymOptions & SYMOPT_CASE_INSENSITIVE) ? FALSE : TRUE;
for (i = 0; i < mi->numsyms; i++) {
PSYMBOL_INFO SymInfo = (PSYMBOL_INFO) &Buffer[0];
sym = &mi->symbolTable[i];
if (Mask && *Mask && strcmpre(sym->Name, Mask, fCase))
continue;
mi->TmpSym.Name[0] = 0;
strncat( mi->TmpSym.Name, sym->Name, TMP_SYM_LEN );
SymEntry = *sym;
SymEntry.Name = mi->TmpSym.Name;
SymInfo->MaxNameLen = sizeof(Buffer) - sizeof(SYMBOL_INFO);
symcpy2(SymInfo, &SymEntry);
SymInfo->ModBase = mi->BaseOfDll;
if (!DoEnumCallback(
pe,
SymInfo,
sym->Size,
EnumSymbolsCallback,
UserContext,
Use64,
CallBackUsesUnicode)) {
break;
}
}
break;
}
}
}
} __except (EXCEPTION_EXECUTE_HANDLER) {
ImagepSetLastErrorFromStatus( GetExceptionCode() );
return FALSE;
}
return TRUE;
}
BOOL
IMAGEAPI
SymEnumerateSymbols(
IN HANDLE hProcess,
IN ULONG BaseOfDll,
IN PSYM_ENUMSYMBOLS_CALLBACK EnumSymbolsCallback,
IN PVOID UserContext
)
/*++
Routine Description:
This function enumerates all of the symbols contained the module
specified by the BaseOfDll argument.
Arguments:
hProcess - Process handle, must have been previously registered
with SymInitialize
BaseOfDll - Base address of the DLL that symbols are to be
enumerated for
EnumSymbolsCallback - User specified callback routine for enumeration
notification
UserContext - Pass thru variable, this is simply passed thru to the
callback function
Return Value:
TRUE - The symbols were successfully enumerated.
FALSE - The enumeration failed. Call GetLastError to
discover the cause of the failure.
--*/
{
STORE_OLD_CB OldCB;
OldCB.UserCallBackRoutine = EnumSymbolsCallback;
OldCB.UserContext = UserContext;
OldCB.cb64 = FALSE;
return SympEnumerateSymbols(hProcess,
BaseOfDll,
NULL,
(PROC) (EnumSymbolsCallback ? &ImgHlpDummyCB : NULL),
(PVOID) &OldCB,
FALSE,
FALSE);
}
BOOL
IMAGEAPI
SymEnumerateSymbolsW(
IN HANDLE hProcess,
IN ULONG BaseOfDll,
IN PSYM_ENUMSYMBOLS_CALLBACKW EnumSymbolsCallback,
IN PVOID UserContext
)
{
STORE_OLD_CB OldCB;
OldCB.UserCallBackRoutine = (PSYM_ENUMSYMBOLS_CALLBACK) EnumSymbolsCallback;
OldCB.UserContext = UserContext;
OldCB.cb64 = FALSE;
return SympEnumerateSymbols(hProcess,
BaseOfDll,
NULL,
(PROC) (EnumSymbolsCallback ? &ImgHlpDummyCB : NULL),
(PVOID) &OldCB,
FALSE,
FALSE);
}
BOOL
IMAGEAPI
SymEnumerateSymbols64(
IN HANDLE hProcess,
IN ULONG64 BaseOfDll,
IN PSYM_ENUMSYMBOLS_CALLBACK64 EnumSymbolsCallback,
IN PVOID UserContext
)
{
STORE_OLD_CB OldCB;
OldCB.UserCallBackRoutine64 = EnumSymbolsCallback;
OldCB.UserContext = UserContext;
OldCB.cb64 = TRUE;
return SympEnumerateSymbols(hProcess,
BaseOfDll,
NULL,
(PROC) (EnumSymbolsCallback ? &ImgHlpDummyCB : NULL),
(PVOID) &OldCB,
FALSE,
FALSE);
}
BOOL
IMAGEAPI
SymEnumerateSymbolsW64(
IN HANDLE hProcess,
IN ULONG64 BaseOfDll,
IN PSYM_ENUMSYMBOLS_CALLBACK64W EnumSymbolsCallback,
IN PVOID UserContext
)
{
STORE_OLD_CB OldCB;
OldCB.UserCallBackRoutine64 = (PSYM_ENUMSYMBOLS_CALLBACK64) EnumSymbolsCallback;
OldCB.UserContext = UserContext;
OldCB.cb64 = TRUE;
return SympEnumerateSymbols(hProcess,
BaseOfDll,
NULL,
(PROC) (EnumSymbolsCallback ? &ImgHlpDummyCB : NULL),
(PVOID) &OldCB,
FALSE,
FALSE);
}
BOOL
SympGetSymFromAddr(
IN HANDLE hProcess,
IN DWORD64 Address,
OUT PDWORD64 Displacement,
OUT PSYMBOL_ENTRY SymRet
)
/*++
Routine Description:
This function finds an entry in the symbol table based on an address.
This is the common worker function for the 32 and 64 bit API.
Arguments:
hProcess - Process handle, must have been previously registered
with SymInitialize.
Address - Address of the desired symbol.
Displacement - This value is set to the offset from the beginning
of the symbol.
sym - Returns the found symbol
Return Value:
TRUE - The symbol was located.
FALSE - The symbol was not found. Call GetLastError to
discover the cause of the failure.
--*/
{
PPROCESS_ENTRY pe;
PMODULE_ENTRY mi;
PSYMBOL_ENTRY psym;
__try {
pe = FindProcessEntry( hProcess );
if (!pe) {
SetLastError( ERROR_INVALID_HANDLE );
return FALSE;
}
mi = GetModuleForPC( pe, Address, FALSE );
if (mi == NULL) {
SetLastError( ERROR_MOD_NOT_FOUND );
return FALSE;
}
if (!LoadSymbols(hProcess, mi, 0)) {
SetLastError( ERROR_MOD_NOT_FOUND );
return FALSE;
}
psym = GetSymFromAddr( Address, Displacement, mi );
if (psym) {
*SymRet = *psym;
} else {
SetLastError( ERROR_INVALID_ADDRESS );
return FALSE;
}
} __except (EXCEPTION_EXECUTE_HANDLER) {
ImagepSetLastErrorFromStatus( GetExceptionCode() );
return FALSE;
}
return TRUE;
}
BOOL
IMAGEAPI
SymGetSymFromAddr64(
IN HANDLE hProcess,
IN DWORD64 Address,
OUT PDWORD64 Displacement,
OUT PIMAGEHLP_SYMBOL64 Symbol
)
/*++
Routine Description:
This function finds an entry in the symbol table based on an address.
Arguments:
hProcess - Process handle, must have been previously registered
with SymInitialize.
Address - Address of the desired symbol.
Displacement - This value is set to the offset from the beginning
of the symbol.
Symbol - Returns the found symbol
Return Value:
TRUE - The symbol was located.
FALSE - The symbol was not found. Call GetLastError to
discover the cause of the failure.
--*/
{
SYMBOL_ENTRY sym;
if (SympGetSymFromAddr(hProcess, Address, Displacement, &sym)) {
symcpy64(Symbol, &sym);
return TRUE;
} else {
return FALSE;
}
}
BOOL
IMAGEAPI
SymGetSymFromAddr(
IN HANDLE hProcess,
IN DWORD Address,
OUT PDWORD Displacement,
OUT PIMAGEHLP_SYMBOL Symbol
)
/*++
Routine Description:
This function finds an entry in the symbol table based on an address.
Arguments:
hProcess - Process handle, must have been previously registered
with SymInitialize.
Address - Address of the desired symbol.
Displacement - This value is set to the offset from the beginning
of the symbol.
Symbol - Returns the found symbol
Return Value:
TRUE - The symbol was located.
FALSE - The symbol was not found. Call GetLastError to
discover the cause of the failure.
--*/
{
SYMBOL_ENTRY sym;
DWORD64 qDisplacement;
if (SympGetSymFromAddr(hProcess, Address, &qDisplacement, &sym)) {
symcpy32(Symbol, &sym);
if (Displacement) {
*Displacement = (DWORD)qDisplacement;
}
return TRUE;
} else {
return FALSE;
}
}
#ifndef _DBGHELP_USER_GENERATED_SYMBOLS_NOTSUPPORTED
#if 0
VOID
DumpMiSymbolTable(
PMODULE_ENTRY mi
)
{
PSYMBOL_ENTRY sym;
if ( !mi )
return;
sym = mi->symbolTable;
for ( sym = mi->symbolTable; sym < &mi->symbolTable[mi->numsyms] ; sym++ ) {
dprint("sym: %40s 0x%I64x %ld\n", sym->Name, sym->Address, sym->Size );
}
return;
} // DumpMiSymbolTable()
#endif // 0
#ifdef __cplusplus
extern "C"
#endif
BOOL
SymSetSymWithAddr64(
IN HANDLE hProcess,
IN DWORD64 Address,
IN LPSTR SymString,
OUT PIMAGEHLP_SYMBOL64 Symbol
)
/*++
Routine Description:
This function allocates an entry in the symbol table based on an address.
Arguments:
hProcess - Process handle, must have been previously registered
with SymInitialize.
Address - Address of the desired symbol.
SymString - Symbol name.
Return Value:
TRUE - The symbol was allocated.
FALSE - The symbol was not allocated. all GetLastError to
discover the cause of the failure.
--*/
{
PPROCESS_ENTRY pe;
PMODULE_ENTRY mi;
PSYMBOL_ENTRY psym;
BOOL ret;
DWORD64 displacement;
if ( !SymString ) {
SetLastError( ERROR_INVALID_PARAMETER );
return FALSE;
}
ret = TRUE;
__try {
pe = FindProcessEntry( hProcess );
if (!pe) {
SetLastError( ERROR_INVALID_HANDLE ), ret = FALSE;
__leave;
}
mi = GetModuleForPC( pe, Address, FALSE );
if (mi == NULL) {
SetLastError( ERROR_MOD_NOT_FOUND ), ret = FALSE;
__leave;
}
if (!LoadSymbols(hProcess, mi, 0)) {
SetLastError( ERROR_MOD_NOT_FOUND ), ret = FALSE;
__leave;
}
//
// Let's verify that this address is not already used...
// If yes, returns FALSE. The caller could parse the LastError.
//
psym = GetSymFromAddr( Address, &displacement, mi );
if ( psym ) {
pprint(pe, "SymSetSymWithAddr64: symbol %s already exists at this address 0x%I64x\n", psym->Name, Address );
SetLastError( ERROR_ALREADY_EXISTS ), ret = FALSE;
__leave;
}
//
// Allocate a new entry.
// This allocation is under imagehlp rules.
// Meaning that if the symbols table has overflow,
// we will not allocate an entry. This implementation]
// does not use a specific bucket of entries.
//
psym = AllocSym( mi, Address, SymString );
if ( !psym ) {
SetLastError( ERROR_INVALID_ADDRESS ), ret = FALSE;
__leave;
}
psym->Flags |= SYMF_USER_GENERATED;
symcpy64(Symbol, psym);
CompleteSymbolTable( mi );
} __except (EXCEPTION_EXECUTE_HANDLER) {
ImagepSetLastErrorFromStatus( GetExceptionCode() );
ret = FALSE;
}
return ret;
} // SymSetSymWithAddr64()
#endif // !_DBGHELP_USER_GENERATED_SYMBOLS_NOTSUPPORTED
BOOL
SympGetSymFromName(
IN HANDLE hProcess,
IN LPSTR Name,
OUT PSYMBOL_ENTRY SymRet
)
/*++
Routine Description:
This function finds an entry in the symbol table based on a name.
Arguments:
hProcess - Process handle, must have been previously registered
with SymInitialize.
SymName - A string containing the symbol name.
sym - Returns the located symbol
Return Value:
TRUE - The symbol was located.
FALSE - The symbol was not found. Call GetLastError to
discover the cause of the failure.
--*/
{
LPSTR p;
PPROCESS_ENTRY pe;
PMODULE_ENTRY mi = NULL;
PLIST_ENTRY Next;
PSYMBOL_ENTRY psym;
IMAGEHLP_DEFERRED_SYMBOL_LOAD64 idsl64;
int pass;
static DWORD flags[2] = {LS_JUST_TEST, LS_QUALIFIED};
__try {
pe = FindProcessEntry( hProcess );
if (!pe) {
SetLastError( ERROR_INVALID_HANDLE );
return FALSE;
}
// first check for fully qualified symbol name I.E. mod!sym
p = strchr( Name, '!' );
if (p > Name) {
LPSTR ModName = (LPSTR)MemAlloc(p - Name + 1);
if (!ModName) {
SetLastError( ERROR_NOT_ENOUGH_MEMORY );
return FALSE;
}
memcpy(ModName, Name, (int)(p - Name));
ModName[p-Name] = 0;
//
// the caller wants to look in a specific module
//
mi = FindModule(hProcess, pe, ModName, TRUE);
MemFree(ModName);
if (mi != NULL) {
psym = FindSymbolByName( pe, mi, p+1 );
if (psym) {
*SymRet = *psym;
return TRUE;
}
}
SetLastError( ERROR_MOD_NOT_FOUND );
return FALSE;
}
// now check, using context information
psym = FindSymbolByName( pe, NULL, Name );
if (psym) {
*SymRet = *psym;
return TRUE;
}
// now just look in every module
for (pass = 0; pass < 2; pass++) {
Next = pe->ModuleList.Flink;
while (Next != &pe->ModuleList) {
mi = CONTAINING_RECORD( Next, MODULE_ENTRY, ListEntry );
Next = mi->ListEntry.Flink;
if (pass && DoSymbolCallback(pe,
CBA_DEFERRED_SYMBOL_LOAD_CANCEL,
mi,
&idsl64,
NULL))
{
break;
}
if (!LoadSymbols(hProcess, mi, flags[pass]))
continue;
psym = FindSymbolByName( pe, mi, Name );
if (psym) {
*SymRet = *psym;
return TRUE;
}
}
}
SetLastError( ERROR_MOD_NOT_FOUND );
return FALSE;
} __except (EXCEPTION_EXECUTE_HANDLER) {
ImagepSetLastErrorFromStatus( GetExceptionCode() );
return FALSE;
}
SetLastError( ERROR_INVALID_FUNCTION );
return FALSE;
}
BOOL
IMAGEAPI
SymGetSymFromName64(
IN HANDLE hProcess,
IN LPSTR Name,
OUT PIMAGEHLP_SYMBOL64 Symbol
)
/*++
Routine Description:
This function finds an entry in the symbol table based on a name.
Arguments:
hProcess - Process handle, must have been previously registered
with SymInitialize.
SymName - A string containing the symbol name.
Symbol - Returns found symbol
Return Value:
TRUE - The symbol was located.
FALSE - The symbol was not found. Call GetLastError to
discover the cause of the failure.
--*/
{
SYMBOL_ENTRY sym;
if (SympGetSymFromName(hProcess, Name, &sym)) {
symcpy64(Symbol, &sym);
return TRUE;
} else {
return FALSE;
}
}
BOOL
IMAGEAPI
SymGetSymFromName(
IN HANDLE hProcess,
IN LPSTR Name,
OUT PIMAGEHLP_SYMBOL Symbol
)
/*++
Routine Description:
This function finds an entry in the symbol table based on a name.
Arguments:
hProcess - Process handle, must have been previously registered
with SymInitialize.
SymName - A string containing the symbol name.
Symbol - Returns found symbol
Return Value:
TRUE - The symbol was located.
FALSE - The symbol was not found. Call GetLastError to
discover the cause of the failure.
--*/
{
SYMBOL_ENTRY sym;
if (SympGetSymFromName(hProcess, Name, &sym)) {
symcpy32(Symbol, &sym);
return TRUE;
} else {
return FALSE;
}
}
BOOL
IMAGEAPI
SymGetSymNext(
IN HANDLE hProcess,
IN OUT PIMAGEHLP_SYMBOL Symbol32
)
/*++
Routine Description:
This function finds the next symbol in the symbol table that falls
sequentially after the symbol passed in.
Arguments:
hProcess - Process handle, must have been previously registered
with SymInitialize.
Symbol - Starting symbol.
Return Value:
Non NULL pointer - The symbol was located.
NULL pointer - The symbol was not found. Call GetLastError to
discover the cause of the failure.
--*/
{
PIMAGEHLP_SYMBOL64 Symbol64;
BOOL r = FALSE;
Symbol64 = (PIMAGEHLP_SYMBOL64)MemAlloc(sizeof(IMAGEHLP_SYMBOL64) + Symbol32->MaxNameLength);
if (Symbol64) {
SympConvertSymbol32To64(Symbol32, Symbol64);
if (SympGetSymNextPrev(hProcess, Symbol64, 1)) {
SympConvertSymbol64To32(Symbol64, Symbol32);
r = TRUE;
}
MemFree(Symbol64);
}
return r;
}
BOOL
IMAGEAPI
SymGetSymNext64(
IN HANDLE hProcess,
IN OUT PIMAGEHLP_SYMBOL64 Symbol
)
/*++
Routine Description:
This function finds the next symbol in the symbol table that falls
sequentially after the symbol passed in.
Arguments:
hProcess - Process handle, must have been previously registered
with SymInitialize.
Symbol - Starting symbol.
Return Value:
Non NULL pointer - The symbol was located.
NULL pointer - The symbol was not found. Call GetLastError to
discover the cause of the failure.
--*/
{
return SympGetSymNextPrev(hProcess, Symbol, 1);
}
BOOL
IMAGEAPI
SymGetSymPrev(
IN HANDLE hProcess,
IN OUT PIMAGEHLP_SYMBOL Symbol32
)
/*++
Routine Description:
This function finds the next symbol in the symbol table that falls
sequentially after the symbol passed in.
Arguments:
hProcess - Process handle, must have been previously registered
with SymInitialize.
Symbol - Starting symbol.
Return Value:
Non NULL pointer - The symbol was located.
NULL pointer - The symbol was not found. Call GetLastError to
discover the cause of the failure.
--*/
{
PIMAGEHLP_SYMBOL64 Symbol64;
BOOL r = FALSE;
Symbol64 = (PIMAGEHLP_SYMBOL64)MemAlloc(sizeof(IMAGEHLP_SYMBOL64) + Symbol32->MaxNameLength);
if (Symbol64) {
SympConvertSymbol32To64(Symbol32, Symbol64);
if (SympGetSymNextPrev(hProcess, Symbol64, -1)) {
SympConvertSymbol64To32(Symbol64, Symbol32);
r = TRUE;
}
MemFree(Symbol64);
}
return r;
}
BOOL
IMAGEAPI
SymGetSymPrev64(
IN HANDLE hProcess,
IN OUT PIMAGEHLP_SYMBOL64 Symbol
)
/*++
Routine Description:
This function finds the next symbol in the symbol table that falls
sequentially after the symbol passed in.
Arguments:
hProcess - Process handle, must have been previously registered
with SymInitialize.
Symbol - Starting symbol.
Return Value:
Non NULL pointer - The symbol was located.
NULL pointer - The symbol was not found. Call GetLastError to
discover the cause of the failure.
--*/
{
return SympGetSymNextPrev(hProcess, Symbol, -1);
}
BOOL
SympGetSymNextPrev(
IN HANDLE hProcess,
IN OUT PIMAGEHLP_SYMBOL64 Symbol,
IN int Direction
)
/*++
Routine Description:
Common code for SymGetSymNext and SymGetSymPrev.
Arguments:
hProcess - Process handle, must have been previously registered
with SymInitialize.
Symbol - Starting symbol.
Dir - Supplies direction to search
Return Value:
Non NULL pointer - The symbol was located.
NULL pointer - The symbol was not found. Call GetLastError to
discover the cause of the failure.
--*/
{
PPROCESS_ENTRY pe;
PMODULE_ENTRY mi;
ULONG64 Displacement;
PSYMBOL_ENTRY sym;
SYMBOL_ENTRY SymEntry = {0};
__try {
pe = FindProcessEntry( hProcess );
if (!pe) {
SetLastError( ERROR_INVALID_HANDLE );
return FALSE;
}
mi = GetModuleForPC( pe, Symbol->Address, FALSE );
if (mi == NULL) {
SetLastError( ERROR_MOD_NOT_FOUND );
return FALSE;
}
if (!LoadSymbols(hProcess, mi, 0)) {
SetLastError( ERROR_MOD_NOT_FOUND );
return FALSE;
}
if (mi->dia) {
sym = diaGetSymNextPrev(mi, Symbol->Address, Direction);
if (!sym) {
SetLastError( ERROR_INVALID_ADDRESS );
return FALSE;
}
symcpy64(Symbol, sym);
} else {
sym = GetSymFromAddr( Symbol->Address, &Displacement, mi );
if (!sym) {
SetLastError( ERROR_INVALID_ADDRESS );
return FALSE;
}
if (Direction > 0 && sym+1 >= mi->symbolTable+mi->numsyms) {
SetLastError( ERROR_INVALID_ADDRESS );
return FALSE;
} else if (Direction < 0 && sym-1 < mi->symbolTable) {
SetLastError( ERROR_INVALID_ADDRESS );
return FALSE;
}
symcpy64( Symbol, sym + Direction);
}
return TRUE;
} __except (EXCEPTION_EXECUTE_HANDLER) {
ImagepSetLastErrorFromStatus( GetExceptionCode() );
return FALSE;
}
return FALSE;
}
BOOL
IMAGEAPI
SymGetLineFromAddr64(
IN HANDLE hProcess,
IN DWORD64 dwAddr,
OUT PDWORD pdwDisplacement,
OUT PIMAGEHLP_LINE64 Line
)
/*++
Routine Description:
This function finds a source file and line number entry for the
line closest to the given address.
Arguments:
hProcess - Process handle, must have been previously registered
with SymInitialize.
dwAddr - Supplies an address for which a line is to be
located.
pdwDisplacement - Returns the offset between the given address
and the first instruction of the line.
Line - Returns the line and file information.
Return Value:
TRUE - A line was located.
FALSE - The line was not found. Call GetLastError to
discover the cause of the failure.
--*/
{
PPROCESS_ENTRY pe;
PMODULE_ENTRY mi;
__try {
if (Line->SizeOfStruct != sizeof(IMAGEHLP_LINE64)) {
SetLastError(ERROR_INVALID_PARAMETER);
return FALSE;
}
pe = FindProcessEntry( hProcess );
if (!pe) {
SetLastError( ERROR_INVALID_HANDLE );
return FALSE;
}
mi = GetModuleForPC( pe, dwAddr, FALSE );
if (mi == NULL) {
SetLastError( ERROR_MOD_NOT_FOUND );
return FALSE;
}
if (!LoadSymbols(hProcess, mi, 0)) {
SetLastError( ERROR_MOD_NOT_FOUND );
return FALSE;
}
if (!GetLineFromAddr(mi, dwAddr, pdwDisplacement, Line)) {
SetLastError( ERROR_INVALID_ADDRESS );
return FALSE;
}
} __except (EXCEPTION_EXECUTE_HANDLER) {
ImagepSetLastErrorFromStatus( GetExceptionCode() );
return FALSE;
}
return TRUE;
}
BOOL
IMAGEAPI
SymGetLineFromAddr(
IN HANDLE hProcess,
IN DWORD dwAddr,
OUT PDWORD pdwDisplacement,
OUT PIMAGEHLP_LINE Line32
)
{
IMAGEHLP_LINE64 Line64;
Line64.SizeOfStruct = sizeof(Line64);
if (SymGetLineFromAddr64(hProcess, dwAddr, pdwDisplacement, &Line64)) {
SympConvertLine64To32(&Line64, Line32);
return TRUE;
} else {
return FALSE;
}
}
BOOL
IMAGEAPI
SymGetLineFromName64(
IN HANDLE hProcess,
IN LPSTR ModuleName,
IN LPSTR FileName,
IN DWORD dwLineNumber,
OUT PLONG plDisplacement,
IN OUT PIMAGEHLP_LINE64 Line
)
/*++
Routine Description:
This function finds an entry in the source file and line-number
information based on a particular filename and line number.
A module name can be given if the search is to be restricted to
a specific module.
The filename can be omitted if a pure line number search is desired,
in which case Line must be a previously filled out line number
struct. The module and file that Line->Address lies in is used
to look up the new line number. This cannot be used when a module
name is given.
Arguments:
hProcess - Process handle, must have been previously registered
with SymInitialize.
ModuleName - Module name or NULL.
FileName - File name or NULL.
dwLineNumber - Line number of interest.
plDisplacement - Difference between requested line number and
returned line number.
Line - Line information input and return.
Return Value:
TRUE - A line was located.
FALSE - A line was not found. Call GetLastError to
discover the cause of the failure.
--*/
{
PPROCESS_ENTRY pe;
PMODULE_ENTRY mi = NULL;
PLIST_ENTRY Next;
IMAGEHLP_DEFERRED_SYMBOL_LOAD64 idsl64;
int pass;
static DWORD flags[2] = {LS_JUST_TEST, LS_QUALIFIED | LS_LOAD_LINES};
__try {
if (Line->SizeOfStruct != sizeof(IMAGEHLP_LINE64)) {
SetLastError(ERROR_INVALID_PARAMETER);
return FALSE;
}
pe = FindProcessEntry( hProcess );
if (!pe) {
SetLastError( ERROR_INVALID_HANDLE );
return FALSE;
}
if (ModuleName != NULL) {
//
// The caller wants to look in a specific module.
// A filename must be given in this case because it doesn't
// make sense to do an address-driven search when a module
// is explicitly specified since the address also specifies
// a module.
//
if (FileName == NULL) {
SetLastError(ERROR_INVALID_PARAMETER);
return FALSE;
}
mi = FindModule(hProcess, pe, ModuleName, TRUE);
if (mi != NULL &&
FindLineByName( mi, FileName, dwLineNumber, plDisplacement, Line )) {
return TRUE;
}
SetLastError( ERROR_MOD_NOT_FOUND );
return FALSE;
}
if (FileName == NULL) {
// Only a line number has been given, implying that
// it's a line in the same file as the given line is currently in.
mi = GetModuleForPC( pe, Line->Address, FALSE );
if (mi == NULL) {
SetLastError( ERROR_MOD_NOT_FOUND );
return FALSE;
}
if (!LoadSymbols(hProcess, mi, LS_LOAD_LINES)) {
SetLastError( ERROR_MOD_NOT_FOUND );
return FALSE;
}
if (FindLineByName( mi, FileName, dwLineNumber,
plDisplacement, Line )) {
return TRUE;
}
SetLastError( ERROR_MOD_NOT_FOUND );
return FALSE;
}
Next = pe->ModuleList.Flink;
if (!Next) {
SetLastError( ERROR_MOD_NOT_FOUND );
return FALSE;
}
for (pass = 0; pass < 2; pass++) {
Next = pe->ModuleList.Flink;
while (Next != &pe->ModuleList) {
mi = CONTAINING_RECORD( Next, MODULE_ENTRY, ListEntry );
Next = mi->ListEntry.Flink;
if (pass && DoSymbolCallback(pe,
CBA_DEFERRED_SYMBOL_LOAD_CANCEL,
mi,
&idsl64,
NULL))
{
break;
}
if (!LoadSymbols(hProcess, mi, flags[pass]))
continue;
if (FindLineByName( mi, FileName, dwLineNumber, plDisplacement, Line ))
return TRUE;
}
}
SetLastError( ERROR_MOD_NOT_FOUND );
return FALSE;
} __except (EXCEPTION_EXECUTE_HANDLER) {
ImagepSetLastErrorFromStatus( GetExceptionCode() );
return FALSE;
}
SetLastError( ERROR_INVALID_FUNCTION );
return FALSE;
}
BOOL
IMAGEAPI
SymGetLineFromName(
IN HANDLE hProcess,
IN LPSTR ModuleName,
IN LPSTR FileName,
IN DWORD dwLineNumber,
OUT PLONG plDisplacement,
IN OUT PIMAGEHLP_LINE Line32
)
{
IMAGEHLP_LINE64 Line64;
Line64.SizeOfStruct = sizeof(Line64);
SympConvertLine32To64(Line32, &Line64);
if (SymGetLineFromName64(hProcess,
ModuleName,
FileName,
dwLineNumber,
plDisplacement,
&Line64)) {
return SympConvertLine64To32(&Line64, Line32);
} else {
return FALSE;
}
}
BOOL
IMAGEAPI
SymGetLineNext64(
IN HANDLE hProcess,
IN OUT PIMAGEHLP_LINE64 Line
)
/*++
Routine Description:
This function returns line address information for the line immediately
following the line given.
Arguments:
hProcess - Process handle, must have been previously registered
with SymInitialize.
Line - Supplies line number information for the line
prior to the one being located.
Return Value:
TRUE - A line was located. The Key, LineNumber and Address
of Line are updated.
FALSE - No such line exists. Call GetLastError to
discover the cause of the failure.
--*/
{
PPROCESS_ENTRY pe;
PMODULE_ENTRY mi;
PSOURCE_LINE SrcLine;
PSOURCE_ENTRY Src;
__try {
if (Line->SizeOfStruct != sizeof(IMAGEHLP_LINE64)) {
SetLastError(ERROR_INVALID_PARAMETER);
return FALSE;
}
pe = FindProcessEntry( hProcess );
if (!pe) {
SetLastError( ERROR_INVALID_HANDLE );
return FALSE;
}
mi = GetModuleForPC( pe, Line->Address, FALSE );
if (mi == NULL) {
SetLastError( ERROR_MOD_NOT_FOUND );
return FALSE;
}
if (!LoadSymbols(hProcess, mi, 0)) {
SetLastError( ERROR_MOD_NOT_FOUND );
return FALSE;
}
if (mi->dia)
return diaGetLineNext(mi, Line);
// Use existing information to look up module and then
// locate the file information. The key could be extended
// to make this unnecessary but it's done as a validation step
// more than as a way to save a DWORD.
SrcLine = (PSOURCE_LINE)Line->Key;
for (Src = mi->SourceFiles; Src != NULL; Src = Src->Next) {
if (SrcLine >= Src->LineInfo &&
SrcLine < Src->LineInfo+Src->Lines) {
break;
}
}
if (Src == NULL) {
SetLastError(ERROR_INVALID_PARAMETER);
return FALSE;
}
if (SrcLine == Src->LineInfo+Src->Lines-1) {
SetLastError(ERROR_NO_MORE_ITEMS);
return FALSE;
}
SrcLine++;
Line->Key = SrcLine;
Line->LineNumber = SrcLine->Line;
Line->Address = SrcLine->Addr;
} __except (EXCEPTION_EXECUTE_HANDLER) {
ImagepSetLastErrorFromStatus( GetExceptionCode() );
return FALSE;
}
return TRUE;
}
BOOL
IMAGEAPI
SymGetLineNext(
IN HANDLE hProcess,
IN OUT PIMAGEHLP_LINE Line32
)
{
IMAGEHLP_LINE64 Line64;
Line64.SizeOfStruct = sizeof(Line64);
SympConvertLine32To64(Line32, &Line64);
if (SymGetLineNext64(hProcess, &Line64)) {
return SympConvertLine64To32(&Line64, Line32);
} else {
return FALSE;
}
}
BOOL
IMAGEAPI
SymGetLinePrev64(
IN HANDLE hProcess,
IN OUT PIMAGEHLP_LINE64 Line
)
/*++
Routine Description:
This function returns line address information for the line immediately
before the line given.
Arguments:
hProcess - Process handle, must have been previously registered
with SymInitialize.
Line - Supplies line number information for the line
after the one being located.
Return Value:
TRUE - A line was located. The Key, LineNumber and Address
of Line are updated.
FALSE - No such line exists. Call GetLastError to
discover the cause of the failure.
--*/
{
PPROCESS_ENTRY pe;
PMODULE_ENTRY mi;
PSOURCE_LINE SrcLine;
PSOURCE_ENTRY Src;
__try {
if (Line->SizeOfStruct != sizeof(IMAGEHLP_LINE64)) {
SetLastError(ERROR_INVALID_PARAMETER);
return FALSE;
}
pe = FindProcessEntry( hProcess );
if (!pe) {
SetLastError( ERROR_INVALID_HANDLE );
return FALSE;
}
mi = GetModuleForPC( pe, Line->Address, FALSE );
if (mi == NULL) {
SetLastError( ERROR_MOD_NOT_FOUND );
return FALSE;
}
if (!LoadSymbols(hProcess, mi, 0)) {
SetLastError( ERROR_MOD_NOT_FOUND );
return FALSE;
}
if (mi->dia)
return diaGetLinePrev(mi, Line);
// Use existing information to look up module and then
// locate the file information. The key could be extended
// to make this unnecessary but it's done as a validation step
// more than as a way to save a DWORD.
SrcLine = (PSOURCE_LINE)Line->Key;
for (Src = mi->SourceFiles; Src != NULL; Src = Src->Next) {
if (SrcLine >= Src->LineInfo &&
SrcLine < Src->LineInfo+Src->Lines) {
break;
}
}
if (Src == NULL) {
SetLastError(ERROR_INVALID_PARAMETER);
return FALSE;
}
if (SrcLine == Src->LineInfo) {
SetLastError(ERROR_NO_MORE_ITEMS);
return FALSE;
}
SrcLine--;
Line->Key = SrcLine;
Line->LineNumber = SrcLine->Line;
Line->Address = SrcLine->Addr;
} __except (EXCEPTION_EXECUTE_HANDLER) {
ImagepSetLastErrorFromStatus( GetExceptionCode() );
return FALSE;
}
return TRUE;
}
BOOL
IMAGEAPI
SymGetLinePrev(
IN HANDLE hProcess,
IN OUT PIMAGEHLP_LINE Line32
)
{
IMAGEHLP_LINE64 Line64;
Line64.SizeOfStruct = sizeof(Line64);
SympConvertLine32To64(Line32, &Line64);
if (SymGetLinePrev64(hProcess, &Line64)) {
return SympConvertLine64To32(&Line64, Line32);
} else {
return FALSE;
}
}
BOOL
IMAGEAPI
SymMatchFileName(
IN LPSTR FileName,
IN LPSTR Match,
OUT LPSTR *FileNameStop,
OUT LPSTR *MatchStop
)
/*++
Routine Description:
This function attempts to match a string against a filename and path.
The match string is allowed to be a suffix of the complete filename,
so this function is useful for matching a plain filename against
a fully qualified filename.
Matching begins from the end of both strings and proceeds backwards.
Matching is case-insensitive and equates \ with /.
Arguments:
FileName - Filename to match against.
Match - String to match against filename.
FileNameStop - Returns pointer into FileName where matching stopped.
May be one before FileName for full matches.
May be NULL.
MatchStop - Returns pointer info Match where matching stopped.
May be one before Match for full matches.
May be NULL.
Return Value:
TRUE - Match is a matching suffix of FileName.
FALSE - Mismatch.
--*/
{
LPSTR pF, pM;
pF = FileName+strlen(FileName)-1;
pM = Match+strlen(Match)-1;
while (pF >= FileName && pM >= Match) {
int chF, chM;
chF = tolower(*pF);
chF = chF == '\\' ? '/' : chF;
chM = tolower(*pM);
chM = chM == '\\' ? '/' : chM;
if (chF != chM) {
break;
}
pF--;
pM--;
}
if (FileNameStop != NULL) {
*FileNameStop = pF;
}
if (MatchStop != NULL) {
*MatchStop = pM;
}
return pM < Match;
}
BOOL
IMAGEAPI
SymRegisterFunctionEntryCallback(
IN HANDLE hProcess,
IN PSYMBOL_FUNCENTRY_CALLBACK CallbackFunction,
IN PVOID UserContext
)
/*++
Routine Description:
Set the address of a callback routine to access extended function
table entries directly. This function is useful when debugging
Alpha processes where RUNTIME_FUNCTION_ENTRYs are available from
sources other than in the image. Two existing examples are:
1) Access to dynamic function tables for run-time code
2) Access to function tables for ROM images
Arguments:
hProcess - Process handle, must have been previously registered
with SymInitialize.
DirectFunctionTableRoutine - Address of direct function table callback routine.
On alpha this routine must return a pointer to the
RUNTIME_FUNCTION_ENTRY containing the specified address.
If no such entry is available, it must return NULL.
Return Value:
TRUE - The callback was successfully registered
FALSE - The initialization failed. Most likely failure is that
the hProcess parameter is invalid. Call GetLastError()
for specific error codes.
--*/
{
PPROCESS_ENTRY pe = NULL;
__try {
if (!CallbackFunction) {
SetLastError(ERROR_INVALID_PARAMETER);
return FALSE;
}
pe = FindProcessEntry( hProcess );
if (!pe) {
SetLastError(ERROR_INVALID_PARAMETER);
return FALSE;
}
pe->pFunctionEntryCallback32 = CallbackFunction;
pe->pFunctionEntryCallback64 = NULL;
pe->FunctionEntryUserContext = (ULONG64)UserContext;
} __except (EXCEPTION_EXECUTE_HANDLER) {
ImagepSetLastErrorFromStatus( GetExceptionCode() );
return FALSE;
}
return TRUE;
}
BOOL
IMAGEAPI
SymRegisterFunctionEntryCallback64(
IN HANDLE hProcess,
IN PSYMBOL_FUNCENTRY_CALLBACK64 CallbackFunction,
IN ULONG64 UserContext
)
/*++
Routine Description:
See SymRegisterFunctionEntryCallback64
--*/
{
PPROCESS_ENTRY pe = NULL;
__try {
if (!CallbackFunction) {
SetLastError(ERROR_INVALID_PARAMETER);
return FALSE;
}
pe = FindProcessEntry( hProcess );
if (!pe) {
SetLastError(ERROR_INVALID_PARAMETER);
return FALSE;
}
pe->pFunctionEntryCallback32 = NULL;
pe->pFunctionEntryCallback64 = CallbackFunction;
pe->FunctionEntryUserContext = (ULONG64)UserContext;
} __except (EXCEPTION_EXECUTE_HANDLER) {
ImagepSetLastErrorFromStatus( GetExceptionCode() );
return FALSE;
}
return TRUE;
}
LPVOID
IMAGEAPI
SymFunctionTableAccess(
HANDLE hProcess,
DWORD AddrBase
)
{
return SymFunctionTableAccess64(hProcess, EXTEND64(AddrBase));
}
LPVOID
IMAGEAPI
SymFunctionTableAccess64(
HANDLE hProcess,
DWORD64 AddrBase
)
/*++
Routine Description:
This function finds a function table entry or FPO record for an address.
Arguments:
hProcess - Process handle, must have been previously registered
with SymInitialize.
AddrBase - Supplies an address for which a function table entry
or FPO entry is to be located.
Return Value:
Non NULL pointer - The symbol was located.
NULL pointer - The symbol was not found. Call GetLastError to
discover the cause of the failure.
--*/
{
PPROCESS_ENTRY pe;
PMODULE_ENTRY mi;
PVOID rtf;
ULONG_PTR rva;
DWORD bias;
DWORD MachineType;
__try {
pe = FindProcessEntry( hProcess );
if (!pe) {
SetLastError( ERROR_INVALID_HANDLE );
return NULL;
}
// Dynamically generated function table entries
// may not be in a module, so failing to
// find a module is not a fatal error.
mi = GetModuleForPC( pe, AddrBase, FALSE );
if (mi != NULL) {
if (!LoadSymbols(hProcess, mi, 0)) {
SetLastError( ERROR_MOD_NOT_FOUND );
return NULL;
}
MachineType = mi->MachineType;
} else {
// We need to guess what kind of machine we
// should be working with. First see if ntdll
// is loaded and if so use its machine type.
mi = FindModule(hProcess, pe, "ntdll", TRUE);
if (mi != NULL) {
MachineType = mi->MachineType;
} else if (pe->ModuleList.Flink != NULL) {
// Try the first module's type.
mi = CONTAINING_RECORD( pe->ModuleList.Flink,
MODULE_ENTRY, ListEntry );
} else {
// Use the complation machine.
#if defined(_M_IX86)
MachineType = IMAGE_FILE_MACHINE_I386;
#elif defined(_M_IA64)
MachineType = IMAGE_FILE_MACHINE_IA64;
#elif defined(_M_AXP64)
MachineType = IMAGE_FILE_MACHINE_AXP64;
#elif defined(_M_ALPHA)
MachineType = IMAGE_FILE_MACHINE_ALPHA;
#elif defined(_M_AMD64)
MachineType = IMAGE_FILE_MACHINE_AMD64;
#else
#error( "unknown target machine" );
#endif
}
}
switch (MachineType) {
default:
rtf = NULL;
break;
case IMAGE_FILE_MACHINE_I386:
rtf = NULL;
if (mi == NULL) {
SetLastError( ERROR_MOD_NOT_FOUND );
break;
}
DWORD64 caddr;
if (!mi->pFpoData)
break;
caddr = ConvertOmapToSrc( mi, AddrBase, &bias, TRUE );
if (caddr)
AddrBase = caddr + bias;
rtf = SwSearchFpoData( (ULONG)(AddrBase - mi->BaseOfDll), mi->pFpoData, mi->dwEntries );
if (rtf && mi->cOmapFrom && mi->pFpoDataOmap) {
rva = (ULONG_PTR)rtf - (ULONG_PTR)mi->pFpoData;
rtf = (PBYTE)mi->pFpoDataOmap + rva;
}
break;
case IMAGE_FILE_MACHINE_ALPHA:
rtf = LookupFunctionEntryAxp32(hProcess, (DWORD)AddrBase);
break;
case IMAGE_FILE_MACHINE_IA64:
rtf = LookupFunctionEntryIa64(hProcess, AddrBase);
break;
case IMAGE_FILE_MACHINE_AXP64:
rtf = LookupFunctionEntryAxp64(hProcess, AddrBase);
break;
case IMAGE_FILE_MACHINE_AMD64:
rtf = LookupFunctionEntryAmd64(hProcess, AddrBase);
break;
}
if (!rtf) {
SetLastError( ERROR_INVALID_ADDRESS );
return NULL;
}
} __except (EXCEPTION_EXECUTE_HANDLER) {
ImagepSetLastErrorFromStatus( GetExceptionCode() );
return NULL;
}
return rtf;
}
BOOL
IMAGEAPI
SymGetModuleInfo64(
IN HANDLE hProcess,
IN DWORD64 dwAddr,
OUT PIMAGEHLP_MODULE64 ModuleInfo
)
{
PPROCESS_ENTRY pe;
PMODULE_ENTRY mi;
DWORD SizeOfStruct;
__try {
pe = FindProcessEntry( hProcess );
if (!pe) {
SetLastError( ERROR_INVALID_HANDLE );
return FALSE;
}
mi = GetModuleForPC( pe, dwAddr, FALSE );
if (mi == NULL) {
SetLastError( ERROR_MOD_NOT_FOUND );
return FALSE;
}
SizeOfStruct = ModuleInfo->SizeOfStruct;
if (SizeOfStruct > sizeof(IMAGEHLP_MODULE64)) {
SetLastError( ERROR_INVALID_PARAMETER );
return FALSE;
}
ZeroMemory( ModuleInfo, SizeOfStruct);
ModuleInfo->SizeOfStruct = SizeOfStruct;
ModuleInfo->BaseOfImage = mi->BaseOfDll;
ModuleInfo->ImageSize = mi->DllSize;
ModuleInfo->NumSyms = mi->numsyms;
ModuleInfo->CheckSum = mi->CheckSum;
ModuleInfo->TimeDateStamp = mi->TimeDateStamp;
ModuleInfo->SymType = mi->SymType;
ModuleInfo->ModuleName[0] = 0;
strncat( ModuleInfo->ModuleName, mi->ModuleName,
sizeof(ModuleInfo->ModuleName) - 1 );
if (mi->ImageName) {
strcpy( ModuleInfo->ImageName, mi->ImageName );
}
if (mi->LoadedImageName) {
strcpy( ModuleInfo->LoadedImageName, mi->LoadedImageName );
}
} __except (EXCEPTION_EXECUTE_HANDLER) {
ImagepSetLastErrorFromStatus( GetExceptionCode() );
return FALSE;
}
return TRUE;
}
BOOL
IMAGEAPI
SymGetModuleInfoW(
IN HANDLE hProcess,
IN DWORD dwAddr,
OUT PIMAGEHLP_MODULEW wModInfo
)
{
IMAGEHLP_MODULE aModInfo;
if (wModInfo->SizeOfStruct != sizeof(IMAGEHLP_MODULEW)) {
SetLastError(ERROR_INVALID_PARAMETER);
return FALSE;
}
ZeroMemory(wModInfo, sizeof(IMAGEHLP_MODULEW));
wModInfo->SizeOfStruct = sizeof(IMAGEHLP_MODULEW);
if (!SympConvertUnicodeModule32ToAnsiModule32(
wModInfo, &aModInfo))
{
SetLastError(ERROR_INVALID_PARAMETER);
return FALSE;
}
if (!SymGetModuleInfo(hProcess, dwAddr, &aModInfo)) {
return FALSE;
}
if (!SympConvertAnsiModule32ToUnicodeModule32(
&aModInfo, wModInfo)) {
return FALSE;
}
return TRUE;
}
BOOL
IMAGEAPI
SymGetModuleInfoW64(
IN HANDLE hProcess,
IN DWORD64 dwAddr,
OUT PIMAGEHLP_MODULEW64 wModInfo
)
{
IMAGEHLP_MODULE64 aModInfo;
if (!SympConvertUnicodeModule64ToAnsiModule64(
wModInfo, &aModInfo)) {
return FALSE;
}
if (!SymGetModuleInfo64(hProcess, dwAddr, &aModInfo)) {
return FALSE;
}
if (!SympConvertAnsiModule64ToUnicodeModule64(
&aModInfo, wModInfo)) {
return FALSE;
}
return TRUE;
}
BOOL
IMAGEAPI
SymGetModuleInfo(
IN HANDLE hProcess,
IN DWORD dwAddr,
OUT PIMAGEHLP_MODULE ModuleInfo
)
{
PPROCESS_ENTRY pe;
PMODULE_ENTRY mi;
DWORD SizeOfStruct;
__try {
pe = FindProcessEntry( hProcess );
if (!pe) {
SetLastError( ERROR_INVALID_HANDLE );
return FALSE;
}
mi = GetModuleForPC( pe,
dwAddr == (DWORD)-1 ? (DWORD64)-1 : dwAddr, FALSE );
if (mi == NULL) {
SetLastError( ERROR_MOD_NOT_FOUND );
return FALSE;
}
SizeOfStruct = ModuleInfo->SizeOfStruct;
if (SizeOfStruct > sizeof(IMAGEHLP_MODULE)) {
SetLastError( ERROR_INVALID_PARAMETER );
return FALSE;
}
ZeroMemory( ModuleInfo, SizeOfStruct);
ModuleInfo->SizeOfStruct = SizeOfStruct;
ModuleInfo->BaseOfImage = (DWORD)mi->BaseOfDll;
ModuleInfo->ImageSize = mi->DllSize;
ModuleInfo->NumSyms = mi->numsyms;
ModuleInfo->CheckSum = mi->CheckSum;
ModuleInfo->TimeDateStamp = mi->TimeDateStamp;
ModuleInfo->SymType = mi->SymType;
ModuleInfo->ModuleName[0] = 0;
strncat( ModuleInfo->ModuleName, mi->ModuleName,
sizeof(ModuleInfo->ModuleName) - 1 );
if (mi->ImageName) {
strcpy( ModuleInfo->ImageName, mi->ImageName );
}
if (mi->LoadedImageName) {
strcpy( ModuleInfo->LoadedImageName, mi->LoadedImageName );
}
} __except (EXCEPTION_EXECUTE_HANDLER) {
ImagepSetLastErrorFromStatus( GetExceptionCode() );
return FALSE;
}
return TRUE;
}
DWORD64
IMAGEAPI
SymGetModuleBase64(
IN HANDLE hProcess,
IN DWORD64 dwAddr
)
{
PPROCESS_ENTRY pe;
PMODULE_ENTRY mi;
__try {
pe = FindProcessEntry( hProcess );
if (!pe) {
return 0;
}
mi = GetModuleForPC( pe, dwAddr, FALSE );
if (mi == NULL) {
return 0;
}
} __except (EXCEPTION_EXECUTE_HANDLER) {
ImagepSetLastErrorFromStatus( GetExceptionCode() );
return FALSE;
}
return mi->BaseOfDll;
}
DWORD
IMAGEAPI
SymGetModuleBase(
IN HANDLE hProcess,
IN DWORD dwAddr
)
{
return (ULONG)SymGetModuleBase64(hProcess, dwAddr);
}
BOOL
IMAGEAPI
SymUnloadModule64(
IN HANDLE hProcess,
IN DWORD64 BaseOfDll
)
/*++
Routine Description:
Remove the symbols for an image from a process' symbol table.
Arguments:
hProcess - Supplies the token which refers to the process
BaseOfDll - Supplies the offset to the image as supplies by the
LOAD_DLL_DEBUG_EVENT and UNLOAD_DLL_DEBUG_EVENT.
Return Value:
Returns TRUE if the module's symbols were successfully unloaded.
Returns FALSE if the symbol handler does not recognize hProcess or
no image was loaded at the given offset.
--*/
{
PPROCESS_ENTRY pe;
PLIST_ENTRY next;
PMODULE_ENTRY mi;
__try {
pe = FindProcessEntry(hProcess);
if (!pe) {
return FALSE;
}
next = pe->ModuleList.Flink;
if (next) {
while (next != &pe->ModuleList) {
mi = CONTAINING_RECORD(next, MODULE_ENTRY, ListEntry);
if (mi->BaseOfDll == BaseOfDll) {
RemoveEntryList(next);
FreeModuleEntry(pe, mi);
ZeroMemory(pe->DiaCache, sizeof(pe->DiaCache));
ZeroMemory(pe->DiaLargeData, sizeof(pe->DiaLargeData));
return TRUE;
}
next = mi->ListEntry.Flink;
}
}
} __except (EXCEPTION_EXECUTE_HANDLER) {
ImagepSetLastErrorFromStatus(GetExceptionCode());
return FALSE;
}
return FALSE;
}
BOOL
IMAGEAPI
SymUnloadModule(
IN HANDLE hProcess,
IN DWORD BaseOfDll
)
{
return SymUnloadModule64(hProcess, BaseOfDll);
}
DWORD64
IMAGEAPI
SymLoadModuleEx(
IN HANDLE hProcess,
IN HANDLE hFile,
IN PSTR ImageName,
IN PSTR ModuleName,
IN DWORD64 BaseOfDll,
IN DWORD DllSize,
IN PMODLOAD_DATA Data,
IN DWORD Flags
)
/*++
Routine Description:
Loads the symbols for an image for use by the other Sym functions.
Arguments:
hProcess - Supplies unique process identifier.
hFile -
ImageName - Supplies the name of the image file.
ModuleName - ???? Supplies the module name that will be returned by
enumeration functions ????
BaseOfDll - Supplies loaded base address of image.
DllSize
Return Value:
--*/
{
__try {
return InternalLoadModule( hProcess, ImageName, ModuleName, BaseOfDll, DllSize, hFile, Data, Flags );
} __except (EXCEPTION_EXECUTE_HANDLER) {
ImagepSetLastErrorFromStatus( GetExceptionCode() );
return 0;
}
}
DWORD64
IMAGEAPI
SymLoadModule64(
IN HANDLE hProcess,
IN HANDLE hFile,
IN PSTR ImageName,
IN PSTR ModuleName,
IN DWORD64 BaseOfDll,
IN DWORD DllSize
)
{
return SymLoadModuleEx(hProcess, hFile, ImageName, ModuleName, BaseOfDll, DllSize, NULL, 0);
}
DWORD
IMAGEAPI
SymLoadModule(
IN HANDLE hProcess,
IN HANDLE hFile,
IN PSTR ImageName,
IN PSTR ModuleName,
IN DWORD BaseOfDll,
IN DWORD DllSize
)
{
return (DWORD)SymLoadModule64( hProcess, hFile, ImageName, ModuleName, BaseOfDll, DllSize );
}
BOOL
IMAGEAPI
SymUnDName(
IN PIMAGEHLP_SYMBOL sym,
OUT LPSTR UnDecName,
OUT DWORD UnDecNameLength
)
{
__try {
if (SymUnDNameInternal( UnDecName,
UnDecNameLength-1,
sym->Name,
strlen(sym->Name),
IMAGE_FILE_MACHINE_UNKNOWN,
TRUE )) {
return TRUE;
} else {
return FALSE;
}
} __except (EXCEPTION_EXECUTE_HANDLER) {
ImagepSetLastErrorFromStatus( GetExceptionCode() );
return FALSE;
}
}
BOOL
IMAGEAPI
SymUnDName64(
IN PIMAGEHLP_SYMBOL64 sym,
OUT LPSTR UnDecName,
OUT DWORD UnDecNameLength
)
{
__try {
if (SymUnDNameInternal( UnDecName,
UnDecNameLength-1,
sym->Name,
strlen(sym->Name),
IMAGE_FILE_MACHINE_UNKNOWN,
TRUE )) {
return TRUE;
} else {
return FALSE;
}
} __except (EXCEPTION_EXECUTE_HANDLER) {
ImagepSetLastErrorFromStatus( GetExceptionCode() );
return FALSE;
}
}
BOOL
IMAGEAPI
SymGetSearchPath(
IN HANDLE hProcess,
OUT LPSTR SearchPath,
IN DWORD SearchPathLength
)
/*++
Routine Description:
This function looks up the symbol search path associated with a process.
Arguments:
hProcess - Supplies the token associated with a process.
Return Value:
A pointer to the search path. Returns NULL if the process is not
know to the symbol handler.
--*/
{
PPROCESS_ENTRY pe;
__try {
pe = FindProcessEntry( hProcess );
if (!pe) {
return FALSE;
}
SearchPath[0] = 0;
strncat( SearchPath, pe->SymbolSearchPath, SearchPathLength );
} __except (EXCEPTION_EXECUTE_HANDLER) {
ImagepSetLastErrorFromStatus( GetExceptionCode() );
return FALSE;
}
return TRUE;
}
BOOL
IMAGEAPI
SymSetSearchPath(
HANDLE hProcess,
LPSTR UserSearchPath
)
/*++
Routine Description:
This functions sets the searh path to be used by the symbol loader
for the given process. If UserSearchPath is not supplied, a default
path will be used.
Arguments:
hProcess - Supplies the process token associated with a symbol table.
UserSearchPath - Supplies the new search path to associate with the
process. If this argument is NULL, the following path is generated:
.;%_NT_SYMBOL_PATH%;%_NT_ALTERNATE_SYMBOL_PATH%
It is ok if any or all of the environment variables is missing.
Return Value:
A pointer to the new search path. The user should not modify this string.
Returns NULL if the process is not known to the symbol handler.
--*/
{
PPROCESS_ENTRY pe;
LPSTR p;
DWORD cbSymPath;
DWORD cb;
char ExpandedSearchPath[MAX_PATH];
__try {
pe = FindProcessEntry( hProcess );
if (!pe) {
return FALSE;
}
if (pe->SymbolSearchPath) {
MemFree(pe->SymbolSearchPath);
}
if (UserSearchPath) {
cbSymPath = ExpandEnvironmentStrings(UserSearchPath,
ExpandedSearchPath,
sizeof(ExpandedSearchPath) / sizeof(ExpandedSearchPath[0]));
if (cbSymPath < sizeof(ExpandedSearchPath)/sizeof(ExpandedSearchPath[0])) {
pe->SymbolSearchPath = StringDup(ExpandedSearchPath);
} else {
pe->SymbolSearchPath = (LPSTR)MemAlloc( cbSymPath );
ExpandEnvironmentStrings(UserSearchPath,
pe->SymbolSearchPath,
cbSymPath );
}
} else {
//
// ".;%_NT_SYMBOL_PATH%;%_NT_ALTERNATE_SYMBOL_PATH%
//
cbSymPath = 3; // ".;" and ";" between env vars.
//
// GetEnvironmentVariable returns the size of the string
// INCLUDING the '\0' in this case.
//
cbSymPath += GetEnvironmentVariable( SYMBOL_PATH, NULL, 0 );
cbSymPath += GetEnvironmentVariable( ALTERNATE_SYMBOL_PATH, NULL, 0 );
p = pe->SymbolSearchPath = (LPSTR) MemAlloc( cbSymPath );
if (!p) {
return FALSE;
}
*p++ = '.';
--cbSymPath;
cb = GetEnvironmentVariable(SYMBOL_PATH, p+1, cbSymPath-1);
if (cb) {
*p = ';';
p += cb+1;
cbSymPath -= cb+1;
}
cb = GetEnvironmentVariable(ALTERNATE_SYMBOL_PATH,
p+1, cbSymPath-1);
if (cb) {
*p = ';';
p += cb+1;
}
*p = 0;
}
} __except (EXCEPTION_EXECUTE_HANDLER) {
ImagepSetLastErrorFromStatus( GetExceptionCode() );
return FALSE;
}
CloseSymbolServer();
return TRUE;
}
BOOL
IMAGEAPI
EnumerateLoadedModules(
IN HANDLE hProcess,
IN PENUMLOADED_MODULES_CALLBACK EnumLoadedModulesCallback,
IN PVOID UserContext
)
{
LOADED_MODULE lm;
DWORD status = NO_ERROR;
__try {
lm.EnumLoadedModulesCallback32 = EnumLoadedModulesCallback;
lm.EnumLoadedModulesCallback64 = NULL;
lm.Context = UserContext;
status = GetProcessModules( hProcess, (PINTERNAL_GET_MODULE)LoadedModuleEnumerator, (PVOID)&lm );
} __except (EXCEPTION_EXECUTE_HANDLER) {
ImagepSetLastErrorFromStatus( GetExceptionCode() );
return FALSE;
}
return (status == NO_ERROR);
}
BOOL
IMAGEAPI
EnumerateLoadedModules64(
IN HANDLE hProcess,
IN PENUMLOADED_MODULES_CALLBACK64 EnumLoadedModulesCallback,
IN PVOID UserContext
)
{
LOADED_MODULE lm;
DWORD status = NO_ERROR;
__try {
lm.EnumLoadedModulesCallback64 = EnumLoadedModulesCallback;
lm.EnumLoadedModulesCallback32 = NULL;
lm.Context = UserContext;
status = GetProcessModules(hProcess,
(PINTERNAL_GET_MODULE)LoadedModuleEnumerator,
(PVOID)&lm );
} __except (EXCEPTION_EXECUTE_HANDLER) {
ImagepSetLastErrorFromStatus( GetExceptionCode() );
return FALSE;
}
return (status == NO_ERROR);
}
BOOL
IMAGEAPI
SymRegisterCallback(
IN HANDLE hProcess,
IN PSYMBOL_REGISTERED_CALLBACK CallbackFunction,
IN PVOID UserContext
)
{
PPROCESS_ENTRY pe = NULL;
__try {
if (!CallbackFunction) {
SetLastError(ERROR_INVALID_PARAMETER);
return FALSE;
}
pe = FindProcessEntry( hProcess );
if (!pe) {
SetLastError(ERROR_INVALID_PARAMETER);
return FALSE;
}
pe->pCallbackFunction32 = CallbackFunction;
pe->pCallbackFunction64 = NULL;
pe->CallbackUserContext = (ULONG64)UserContext;
} __except (EXCEPTION_EXECUTE_HANDLER) {
ImagepSetLastErrorFromStatus( GetExceptionCode() );
return FALSE;
}
return TRUE;
}
BOOL
IMAGEAPI
SymRegisterCallback64(
IN HANDLE hProcess,
IN PSYMBOL_REGISTERED_CALLBACK64 CallbackFunction,
IN ULONG64 UserContext
)
{
PPROCESS_ENTRY pe = NULL;
__try {
if (!CallbackFunction) {
SetLastError(ERROR_INVALID_PARAMETER);
return FALSE;
}
pe = FindProcessEntry( hProcess );
if (!pe) {
SetLastError(ERROR_INVALID_PARAMETER);
return FALSE;
}
pe->pCallbackFunction32 = NULL;
pe->pCallbackFunction64 = CallbackFunction;
pe->CallbackUserContext = UserContext;
} __except (EXCEPTION_EXECUTE_HANDLER) {
ImagepSetLastErrorFromStatus( GetExceptionCode() );
return FALSE;
}
return TRUE;
}
void
InitModuleEntry(
PMODULE_ENTRY mi
)
{
ZeroMemory(mi, sizeof(MODULE_ENTRY));
mi->si.MaxNameLen = 2048;
}
BOOL
SympConvertAnsiModule32ToUnicodeModule32(
PIMAGEHLP_MODULE aMod32,
PIMAGEHLP_MODULEW wMod32
)
{
ZeroMemory(wMod32, sizeof(*wMod32));
wMod32->SizeOfStruct = sizeof(*wMod32);
wMod32->BaseOfImage = aMod32->BaseOfImage;
wMod32->ImageSize = aMod32->ImageSize;
wMod32->TimeDateStamp = aMod32->TimeDateStamp;
wMod32->CheckSum = aMod32->CheckSum;
wMod32->NumSyms = aMod32->NumSyms;
wMod32->SymType = aMod32->SymType;
if (!ansi2wcs(aMod32->ModuleName, wMod32->ModuleName, 256))
return FALSE;
if (!ansi2wcs(aMod32->ImageName, wMod32->ImageName, 256))
return FALSE;
if (!ansi2wcs(aMod32->LoadedImageName, wMod32->LoadedImageName, 256))
return FALSE;
return TRUE;
}
BOOL
SympConvertUnicodeModule32ToAnsiModule32(
PIMAGEHLP_MODULEW wMod32,
PIMAGEHLP_MODULE aMod32
)
{
ZeroMemory(aMod32, sizeof(*aMod32));
aMod32->SizeOfStruct = sizeof(*aMod32);
aMod32->BaseOfImage = wMod32->BaseOfImage;
aMod32->ImageSize = wMod32->ImageSize;
aMod32->TimeDateStamp = wMod32->TimeDateStamp;
aMod32->CheckSum = wMod32->CheckSum;
aMod32->NumSyms = wMod32->NumSyms;
aMod32->SymType = wMod32->SymType;
if (!wcs2ansi(wMod32->ModuleName, aMod32->ModuleName, lengthof(wMod32->ModuleName)))
return FALSE;
if (!wcs2ansi(wMod32->ImageName, aMod32->ImageName, lengthof(wMod32->ImageName)))
return FALSE;
if (!wcs2ansi(wMod32->LoadedImageName, aMod32->LoadedImageName, lengthof(wMod32->LoadedImageName)))
return FALSE;
return TRUE;
}
BOOL
SympConvertAnsiModule64ToUnicodeModule64(
PIMAGEHLP_MODULE64 aMod64,
PIMAGEHLP_MODULEW64 wMod64
)
{
ZeroMemory(wMod64, sizeof(*wMod64));
wMod64->SizeOfStruct = sizeof(*wMod64);
wMod64->BaseOfImage = aMod64->BaseOfImage;
wMod64->ImageSize = aMod64->ImageSize;
wMod64->TimeDateStamp = aMod64->TimeDateStamp;
wMod64->CheckSum = aMod64->CheckSum;
wMod64->NumSyms = aMod64->NumSyms;
wMod64->SymType = aMod64->SymType;
if (!ansi2wcs(aMod64->ModuleName, wMod64->ModuleName, 256))
return FALSE;
if (!ansi2wcs(aMod64->ImageName, wMod64->ImageName, 256))
return FALSE;
if (!ansi2wcs(aMod64->LoadedImageName, wMod64->LoadedImageName, 256))
return FALSE;
return TRUE;
}
BOOL
SympConvertUnicodeModule64ToAnsiModule64(
PIMAGEHLP_MODULEW64 wMod64,
PIMAGEHLP_MODULE64 aMod64
)
{
ZeroMemory(aMod64, sizeof(*aMod64));
aMod64->SizeOfStruct = sizeof(*aMod64);
aMod64->BaseOfImage = wMod64->BaseOfImage;
aMod64->ImageSize = wMod64->ImageSize;
aMod64->TimeDateStamp = wMod64->TimeDateStamp;
aMod64->CheckSum = wMod64->CheckSum;
aMod64->NumSyms = wMod64->NumSyms;
aMod64->SymType = wMod64->SymType;
if (!wcs2ansi(wMod64->ModuleName, aMod64->ModuleName, lengthof(wMod64->ModuleName)))
return FALSE;
if (!wcs2ansi(wMod64->ImageName, aMod64->ImageName, lengthof(wMod64->ImageName)))
return FALSE;
if (!wcs2ansi(wMod64->LoadedImageName, aMod64->LoadedImageName, lengthof(wMod64->LoadedImageName)))
return FALSE;
return TRUE;
}
BOOL
CopySymbolEntryFromSymbolInfo(
PSYMBOL_ENTRY se,
PSYMBOL_INFO si
)
{
se->Size = si->SizeOfStruct;
se->Flags = si->Flags;
se->Address = si->Address;
if (si->Name && se->Name)
strcpy(se->Name, si->Name);
se->NameLength = si->NameLen;
// segment is not used
// offset is not used
se->TypeIndex = si->TypeIndex;
se->ModBase = si->ModBase;
se->Register = si->Register;
if (si->Register) {
((LARGE_INTEGER *) &se->Address)->HighPart = si->Register;
}
return TRUE;
}
BOOL
IMAGEAPI
SymFromAddr(
IN HANDLE hProcess,
IN DWORD64 Address,
OUT PDWORD64 Displacement,
IN OUT PSYMBOL_INFO Symbol
)
{
SYMBOL_ENTRY SymEntry={0};
if (SympGetSymFromAddr(hProcess, Address, Displacement, &SymEntry)) {
symcpy2(Symbol, &SymEntry);
return TRUE;
} else {
return FALSE;
}
}
BOOL
IMAGEAPI
SymFromName(
IN HANDLE hProcess,
IN LPSTR Name,
OUT PSYMBOL_INFO Symbol
)
{
SYMBOL_ENTRY sym;
if (SympGetSymFromName(hProcess, Name, &sym)) {
symcpy2(Symbol, &sym);
return TRUE;
} else {
return FALSE;
}
}
BOOL
IMAGEAPI
SymEnumSymbols(
IN HANDLE hProcess,
IN ULONG64 BaseOfDll,
IN PCSTR Mask,
IN PSYM_ENUMERATESYMBOLS_CALLBACK EnumSymbolsCallback,
IN PVOID UserContext
)
{
return SympEnumerateSymbols(hProcess,
BaseOfDll,
(LPSTR)Mask,
(PROC) EnumSymbolsCallback,
UserContext,
FALSE,
FALSE);
}
BOOL
IMAGEAPI
SymEnumSym(
IN HANDLE hProcess,
IN ULONG64 BaseOfDll,
IN PSYM_ENUMERATESYMBOLS_CALLBACK EnumSymbolsCallback,
IN PVOID UserContext
)
{
return SymEnumSymbols(hProcess,
BaseOfDll,
NULL,
EnumSymbolsCallback,
UserContext);
}
BOOL
IMAGEAPI
SymEnumTypes(
IN HANDLE hProcess,
IN ULONG64 BaseOfDll,
IN PSYM_ENUMERATESYMBOLS_CALLBACK EnumSymbolsCallback,
IN PVOID UserContext
)
{
PPROCESS_ENTRY pe;
PLIST_ENTRY Next;
PMODULE_ENTRY mi;
pe = FindProcessEntry( hProcess );
if (!pe) {
SetLastError( ERROR_INVALID_HANDLE );
return FALSE;
}
mi = NULL;
Next = pe->ModuleList.Flink;
if (Next) {
while (Next != &pe->ModuleList) {
mi = CONTAINING_RECORD( Next, MODULE_ENTRY, ListEntry );
if (!mi)
break;
Next = mi->ListEntry.Flink;
if (mi->BaseOfDll == BaseOfDll)
break;
}
}
if (!mi) {
return FALSE;
}
return diaEnumUDT(mi, "", EnumSymbolsCallback, UserContext);
}
BOOL
IMAGEAPI
SymGetTypeFromName(
IN HANDLE hProcess,
IN ULONG64 BaseOfDll,
IN LPSTR Name,
OUT PSYMBOL_INFO Symbol
)
{
PPROCESS_ENTRY pe;
PLIST_ENTRY Next;
PMODULE_ENTRY mi;
pe = FindProcessEntry( hProcess );
if (!pe) {
SetLastError( ERROR_INVALID_HANDLE );
return FALSE;
}
mi = NULL;
Next = pe->ModuleList.Flink;
if (Next) {
while (Next != &pe->ModuleList) {
mi = CONTAINING_RECORD( Next, MODULE_ENTRY, ListEntry );
if (!mi)
break;
Next = mi->ListEntry.Flink;
if (mi->BaseOfDll == BaseOfDll)
break;
}
}
if (!mi || mi->BaseOfDll != BaseOfDll) {
LPSTR p;
// first check for fully qualified symbol name I.E. mod!sym
p = strchr( Name, '!' );
if (p > Name) {
LPSTR ModName = (LPSTR)MemAlloc(p - Name + 1);
if (!ModName) {
SetLastError( ERROR_NOT_ENOUGH_MEMORY );
return FALSE;
}
memcpy(ModName, Name, (int)(p - Name));
ModName[p-Name] = 0;
//
// the caller wants to look in a specific module
//
mi = FindModule(hProcess, pe, ModName, TRUE);
MemFree(ModName);
if (mi == NULL) {
return FALSE;
}
Name = p+1;
}
}
if (diaGetTiForUDT(mi, Name, Symbol)) {
return TRUE;
} else {
return FALSE;
}
return FALSE;
}
BOOL
strcmpre(
LPSTR pStr,
LPSTR pRE,
BOOL fCase
)
{
DWORD rc;
CHAR sz[MAX_SYM_NAME + 2];
PWSTR wStr = NULL;
PWSTR wRE = NULL;
rc = TRUE;
wStr = AnsiToUnicode(pStr);
if (!wStr)
goto exit;;
wRE = AnsiToUnicode(pRE);
if (!wRE)
goto exit;
rc = CompareRE(wStr, wRE, fCase);
if (rc == S_OK)
rc = FALSE;
else
rc = TRUE;
exit:
if (wStr) MemFree(wStr);
if (wRE) MemFree(wRE);
return (BOOL)rc;
}
BOOL
IMAGEAPI
SymMatchString(
IN LPSTR string,
IN LPSTR expression,
IN BOOL fCase
)
{
return !strcmpre(string, expression, fCase);
}
BOOL
SymEnumSourceFiles(
IN HANDLE hProcess,
IN ULONG64 ModBase,
IN LPSTR Mask,
IN PSYM_ENUMSOURCFILES_CALLBACK cbSrcFiles,
IN PVOID UserContext
)
{
PPROCESS_ENTRY pe;
PLIST_ENTRY Next;
PMODULE_ENTRY mi;
DWORD i;
PSYMBOL_ENTRY sym;
LPSTR szSymName;
SYMBOL_ENTRY SymEntry={0};
CHAR Buffer[2500];
LPSTR p;
CHAR modmask[200];
BOOL rc;
int pass;
BOOL fCase;
static DWORD flags[2] = {LS_JUST_TEST, LS_QUALIFIED | LS_FAIL_IF_LOADED};
if (!cbSrcFiles) {
SetLastError(ERROR_INVALID_PARAMETER);
return FALSE;
}
__try {
pe = FindProcessEntry(hProcess);
if (!pe) {
SetLastError( ERROR_INVALID_HANDLE );
return FALSE;
}
p = 0;
modmask[0] = 0;
if (Mask)
p = strchr(Mask, '!');
if (p > Mask) {
memcpy(modmask, Mask, (int)(p - Mask));
modmask[p-Mask] = 0;
Mask = p + 1;
}
for (pass = 0; pass < 2; pass++) {
Next = pe->ModuleList.Flink;
if (Next) {
while (Next != &pe->ModuleList) {
mi = CONTAINING_RECORD( Next, MODULE_ENTRY, ListEntry );
Next = mi->ListEntry.Flink;
if (ModBase) {
if (mi->BaseOfDll != ModBase)
continue;
} else if (!MatchModuleName(mi, modmask)) {
continue;
}
if (!LoadSymbols(hProcess, mi, flags[pass]))
continue;
if (mi->dia) {
rc = diaEnumSourceFiles(mi, Mask, cbSrcFiles, UserContext);
if (!rc) {
if (mi->code == ERROR_CANCELLED) {
mi->code = 0;
return TRUE;
}
return rc;
}
continue;
}
#if 0
fCase = (g.SymOptions & SYMOPT_CASE_INSENSITIVE) ? FALSE : TRUE;
for (i = 0; i < mi->numsyms; i++) {
PSYMBOL_INFO SymInfo = (PSYMBOL_INFO) &Buffer[0];
sym = &mi->symbolTable[i];
if (Mask && *Mask && strcmpre(sym->Name, Mask, fCase))
continue;
}
#endif
}
}
}
} __except (EXCEPTION_EXECUTE_HANDLER) {
ImagepSetLastErrorFromStatus( GetExceptionCode() );
return FALSE;
}
return TRUE;
}
PWSTR
AnsiToUnicode(
PSTR pszAnsi
)
{
UINT uSizeUnicode;
PWSTR pwszUnicode;
if (!pszAnsi) {
return NULL;
}
uSizeUnicode = (strlen(pszAnsi) + 1) * sizeof(wchar_t);
pwszUnicode = (PWSTR)MemAlloc(uSizeUnicode);
if (*pszAnsi && pwszUnicode) {
ZeroMemory(pwszUnicode, uSizeUnicode);
if (!MultiByteToWideChar(CP_ACP, MB_COMPOSITE,
pszAnsi, strlen(pszAnsi),
pwszUnicode, uSizeUnicode)) {
// Error. Free the string, return NULL.
MemFree(pwszUnicode);
pwszUnicode = NULL;
}
}
return pwszUnicode;
}
BOOL
wcs2ansi(
PWSTR pwsz,
PSTR psz,
DWORD pszlen
)
{
BOOL rc;
int len;
assert(psz && pwsz);
len = wcslen(pwsz);
if (!len) {
*psz = 0;
return TRUE;
}
rc = WideCharToMultiByte(CP_ACP,
WC_SEPCHARS | WC_COMPOSITECHECK,
pwsz,
len,
psz,
pszlen,
NULL,
NULL);
if (!rc)
return FALSE;
psz[len] = 0;
return TRUE;
}
BOOL
ansi2wcs(
PSTR psz,
PWSTR pwsz,
DWORD pwszlen
)
{
BOOL rc;
int len;
assert(psz && pwsz);
len = strlen(psz);
if (!len) {
*pwsz = 0L;
return TRUE;
}
rc = MultiByteToWideChar(CP_ACP,
MB_COMPOSITE,
psz,
len,
pwsz,
pwszlen);
if (!rc)
return FALSE;
pwsz[len] = 0;
return TRUE;
}
PSTR
UnicodeToAnsi(
PWSTR pwszUnicode
)
{
UINT uSizeAnsi;
PSTR pszAnsi;
if (!pwszUnicode) {
return NULL;
}
uSizeAnsi = wcslen(pwszUnicode) + 1;
pszAnsi = (PSTR)MemAlloc(uSizeAnsi);
if (*pwszUnicode && pszAnsi) {
ZeroMemory(pszAnsi, uSizeAnsi);
if (!WideCharToMultiByte(CP_ACP, WC_SEPCHARS | WC_COMPOSITECHECK,
pwszUnicode, wcslen(pwszUnicode),
pszAnsi, uSizeAnsi, NULL, NULL)) {
// Error. Free the string, return NULL.
free(pszAnsi);
pszAnsi = NULL;
}
}
return pszAnsi;
}
#if 0
BOOL
CopyAnsiToUnicode(
PWSTR pszDest,
PSTR pszSrc,
DWORD dwCharCountSizeOfDest
)
{
PWSTR pszTmp = AnsiToUnicode(pszSrc);
if (!pszTmp) {
return FALSE;
} else {
wcsncpy(pszDest, pszTmp, dwCharCountSizeOfDest);
return TRUE;
}
}
BOOL
CopyUnicodeToAnsi(
PSTR pszDest,
PWSTR pszSrc,
DWORD dwCharCountSizeOfDest
)
{
PSTR pszTmp = UnicodeToAnsi(pszSrc);
if (!pszTmp) {
return FALSE;
} else {
strncpy(pszDest, pszTmp, dwCharCountSizeOfDest);
return TRUE;
}
}
#endif
BOOL
IMAGEAPI
SymGetTypeInfo(
IN HANDLE hProcess,
IN DWORD64 ModBase,
IN ULONG TypeId,
IN IMAGEHLP_SYMBOL_TYPE_INFO GetType,
OUT PVOID pInfo
)
{
HRESULT err;
err = diaGetSymbolInfo(hProcess, ModBase, TypeId, GetType, pInfo);
SetLastError((ULONG) err);
return (err==S_OK);
}
//#ifdef _WIN64
#if 0
BOOL __cdecl PDBOpenTpi(PDB* ppdb, const char* szMode, TPI** pptpi) {return FALSE;}
BOOL __cdecl PDBCopyTo(PDB* ppdb, const char* szTargetPdb, DWORD dwCopyFilter, DWORD dwReserved){return FALSE;}
BOOL __cdecl PDBClose(PDB* ppdb) {return FALSE;}
BOOL __cdecl ModQueryImod(Mod* pmod, USHORT* pimod) {return FALSE;}
BOOL __cdecl ModQueryLines(Mod* pmod, BYTE* pbLines, long* pcb) {return FALSE;}
BOOL __cdecl DBIQueryModFromAddr(DBI* pdbi, USHORT isect, long off, Mod** ppmod, USHORT* pisect, long* poff, long* pcb){return FALSE;}
BOOL __cdecl ModClose(Mod* pmod){return FALSE;}
BOOL __cdecl DBIQueryNextMod(DBI* pdbi, Mod* pmod, Mod** ppmodNext) {return FALSE;}
BYTE* __cdecl GSINextSym (GSI* pgsi, BYTE* pbSym) {return NULL;}
BOOL __cdecl PDBOpen(char* szPDB,char* szMode,SIG sigInitial,EC* pec,char szError[cbErrMax],PDB** pppdb) {return FALSE;}
BOOL __cdecl TypesClose(TPI* ptpi){return FALSE;}
BOOL __cdecl GSIClose(GSI* pgsi){return FALSE;}
BOOL __cdecl DBIClose(DBI* pdbi){return FALSE;}
BYTE* __cdecl GSINearestSym (GSI* pgsi, USHORT isect, long off, long* pdisp){return NULL;}
BOOL __cdecl PDBOpenValidate(char* szPDB,char* szPath,char* szMode,SIG sig,AGE age,EC* pec,char szError[cbErrMax],PDB** pppdb){return FALSE;}
BOOL __cdecl PDBOpenDBI(PDB* ppdb, const char* szMode, const char* szTarget, DBI** ppdbi){return FALSE;}
BOOL __cdecl DBIOpenPublics(DBI* pdbi, GSI **ppgsi){return FALSE;}
BOOL __cdecl DBIQuerySecMap(DBI* pdbi, BYTE* pb, long* pcb){return FALSE;}
#endif