[VB] SYMBOL_INFO structure (from dbghelp.dll)

Merrion

I am trying to enumerate the symbols of a VB 6.0 application which I have compiled using the [x] Create Symbolic Debug Info option.

The header file (dbgHelp.h) has the following declaration:

typedef struct _SYMBOL_INFO {
    ULONG       SizeOfStruct;
    ULONG       TypeIndex;        // Type Index of symbol
    ULONG64     Reserved[2];
    ULONG       Index;
    ULONG       Size;
    ULONG64     ModBase;          // Base Address of module comtaining
this symbol
    ULONG       Flags;
    ULONG64     Value;            // Value of symbol, ValuePresent
should be 1
    ULONG64     Address;          // Address of symbol including base
address of module
    ULONG       Register;         // register holding value or pointer
to value
    ULONG       Scope;            // scope of the symbol
    ULONG       Tag;              // pdb classification
    ULONG       NameLen;          // Actual length of name
    ULONG       MaxNameLen;
    CHAR        Name[1];          // Name of symbol
} SYMBOL_INFO, *PSYMBOL_INFO;

Which I have translated to a VB type thus:

Public Type SYMBOL_INFO
  SizeOfStruct As Long
  TypeIndex As Long
  Reserved(1 To 2) As Currency
  Index As Long
  size As Long
  ModBase As Currency
  Flags As Long
  Value As Currency
  Address As Currency
  Register As Long
  Scope As Long
  Tag As Long
  NameLen As Long
  MaxNameLen As Long
End Type

and I am enumerating the symbols using the "SymEnumSymbols" API declared thus:

'BOOL SymEnumSymbols(
' IN HANDLE                       hProcess,
' IN ULONG64                      BaseOfDll,
' IN PCSTR                        Mask,
' IN PSYM_ENUMERATESYMBOLS_CALLBACK    EnumSymbolsCallback,
' IN PVOID                        UserContext   );
Public Declare Function SymEnumSymbols Lib "dbghelp.dll" ( _
                     ByVal hProcess As Long, _
                     ByVal ModBase As Currency, _
                     ByVal Mask As String, _
                     ByVal EnumSymbolsCallback As Long, _
                     ByVal UserContext As Long) As Long

However there are a couple of anomalies in the SYMBOL_INFO structure as passed to the callback:
Firstly the .SizeOfStruct member holds 88 - whereas the structure is only 84 bytes
Secondly the .Flags member is always zero so I can't get the info
about the symbol from:

Public Enum CV_SymbolInfoFlags '\\ Used in SYMBOL_INFO.Flags
    IMAGEHLP_SYMBOL_INFO_VALUEPRESENT = &H1
    IMAGEHLP_SYMBOL_INFO_REGISTER = &H8
    IMAGEHLP_SYMBOL_INFO_REGRELATIVE = &H10
    IMAGEHLP_SYMBOL_INFO_FRAMERELATIVE = &H20
    IMAGEHLP_SYMBOL_INFO_PARAMETER = &H40
    IMAGEHLP_SYMBOL_INFO_LOCAL = &H80
    IMAGEHLP_SYMBOL_INFO_CONSTANT = &H100
    IMAGEHLP_SYMBOL_FUNCTION = &H800
    IMAGEHLP_SYMBOL_VIRTUAL = &H1000
    IMAGEHLP_SYMBOL_THUNK = &H2000
    IMAGEHLP_SYMBOL_TLSREL = &H4000
    IMAGEHLP_SYMBOL_SLOT = &H8000
    IMAGEHLP_SYMBOL_ILREL = &H10000
    IMAGEHLP_SYMBOL_METADATA = &H20000
    IMAGEHLP_SYMBOL_CLR_TOKEN = &H40000
End Enum

Thirdly the .Register member always holds 9? (don't know what this means)

The .ModBase property matches the expected value and the symbol name looks correct so it isn't that I am reading completely the wrong memory...any ideas at all?

Thanks in advance,
Duncan

Further info:
OS : Windows NT V4
Dbghelp.dll version 6.3.0017.0 (DbgBuild.040415-1850)

Merrion

Was due to C using 8 byte packing whereas VB uses 4 byte packing. Inserting a padding long integer before .Flags fixed it.