I'm working with PYKD, doing dump analysis. The PYKD library is used in the heap_stat script, and I'd like to use PYKD library in a more interactive way, like this:
Windbg prompt>!py
Input>dbgCommand("x /2 *!CStringArray*vftable*")
This is working fine (I know this is useless, I just want to show that it works).
However, the heap_stat script contains following piece of source code:
try:
vftable_candidate = ptrPtr(ptr) # which pointer value is present on that spot in memory?
dprintln("DDS vftable_candidate [%08x], ptr value [%d], ptr pointer [%08x]" % (vftable_candidate, ptr, ptr))
except:
continue
When I try this interactively, this seems not to work:
Windbg prompt>!py
Input>ptrPtr(48806712)
This gives following error, throwing me out of the Python session:
File "<console>", line 1
Traceback (most recent call last):
File "<string>", line 1, in <module>
File "C:\Python27\Lib\code.py", line 243, in interact
more = self.push(line)
File "C:\Python27\Lib\code.py", line 265, in push
more = self.runsource(source, self.filename)
File "C:\Python27\Lib\code.py", line 79, in runsource
self.showsyntaxerror(filename)
File "C:\Python27\Lib\code.py", line 139, in showsyntaxerror
map(self.write, list)
File "C:\Python27\Lib\code.py", line 171, in write
sys.stderr.write(data)
UnicodeDecodeError: 'ascii' codec can't decode byte 0xe2 in position 11: ordinal not in range(128)
This is ok: there's a reason for wrapping this function call inside of a try..except clause, so let's now try to wrap this function inside of a try..except clause in the interactive Python session:
Windbg prompt>!py
Input>try: ptrPtr(48806712) except: continue
=> This gives the same error, I get thrown out of the Python session again despite of the try..except. Most probably this is due to the wrong indentation, but on the other hand the interactive Windbg Python session does not allow multiline, so I can't use Python indentation.
Is there a way to use try..except clauses in Windbg PYKD Python session?
Thanks in advance
P.s. for your understanding: this behaviour (being kicked out of the interactive session) seems to be typical for Windbg PYKD, as you can see in following command prompt Python session:
Windows Prompt>python
Python 2.7.10 (default, May 23 2015, 09:40:32) [MSC v.1500 32 bit (Intel)] on win32
Type "help", "copyright", "credits" or "license" for more information.
>>> print 1/0
Traceback (most recent call last):
File "<stdin>", line 1, in <module>
ZeroDivisionError: integer division or modulo by zero
>>>
As you can see, the exception is thrown, but I don't get kicked out of the Python session (watch the >>> prompt).
It seems you use copy/paste and your input string conatains unicode symbols and python can not decode it. Try to retype 'ptrPtr(48806712)'