1 /* 2 * Copyright (c) 2018 Virtuozzo International GmbH 3 * 4 * This work is licensed under the terms of the GNU GPL, version 2 or later. 5 * 6 */ 7 8 #ifndef KDBG_H 9 #define KDBG_H 10 11 typedef struct DBGKD_GET_VERSION64 { 12 uint16_t MajorVersion; 13 uint16_t MinorVersion; 14 uint8_t ProtocolVersion; 15 uint8_t KdSecondaryVersion; 16 uint16_t Flags; 17 uint16_t MachineType; 18 uint8_t MaxPacketType; 19 uint8_t MaxStateChange; 20 uint8_t MaxManipulate; 21 uint8_t Simulation; 22 uint16_t Unused[1]; 23 uint64_t KernBase; 24 uint64_t PsLoadedModuleList; 25 uint64_t DebuggerDataList; 26 } DBGKD_GET_VERSION64; 27 28 #ifndef _WIN32 29 typedef struct LIST_ENTRY64 { 30 struct LIST_ENTRY64 *Flink; 31 struct LIST_ENTRY64 *Blink; 32 } LIST_ENTRY64; 33 #endif 34 35 typedef struct DBGKD_DEBUG_DATA_HEADER64 { 36 LIST_ENTRY64 List; 37 uint32_t OwnerTag; 38 uint32_t Size; 39 } DBGKD_DEBUG_DATA_HEADER64; 40 41 typedef struct KDDEBUGGER_DATA64 { 42 DBGKD_DEBUG_DATA_HEADER64 Header; 43 44 uint64_t KernBase; 45 uint64_t BreakpointWithStatus; 46 uint64_t SavedContext; 47 uint16_t ThCallbackStack; 48 uint16_t NextCallback; 49 uint16_t FramePointer; 50 uint16_t PaeEnabled:1; 51 uint64_t KiCallUserMode; 52 uint64_t KeUserCallbackDispatcher; 53 uint64_t PsLoadedModuleList; 54 uint64_t PsActiveProcessHead; 55 uint64_t PspCidTable; 56 uint64_t ExpSystemResourcesList; 57 uint64_t ExpPagedPoolDescriptor; 58 uint64_t ExpNumberOfPagedPools; 59 uint64_t KeTimeIncrement; 60 uint64_t KeBugCheckCallbackListHead; 61 uint64_t KiBugcheckData; 62 uint64_t IopErrorLogListHead; 63 uint64_t ObpRootDirectoryObject; 64 uint64_t ObpTypeObjectType; 65 uint64_t MmSystemCacheStart; 66 uint64_t MmSystemCacheEnd; 67 uint64_t MmSystemCacheWs; 68 uint64_t MmPfnDatabase; 69 uint64_t MmSystemPtesStart; 70 uint64_t MmSystemPtesEnd; 71 uint64_t MmSubsectionBase; 72 uint64_t MmNumberOfPagingFiles; 73 uint64_t MmLowestPhysicalPage; 74 uint64_t MmHighestPhysicalPage; 75 uint64_t MmNumberOfPhysicalPages; 76 uint64_t MmMaximumNonPagedPoolInBytes; 77 uint64_t MmNonPagedSystemStart; 78 uint64_t MmNonPagedPoolStart; 79 uint64_t MmNonPagedPoolEnd; 80 uint64_t MmPagedPoolStart; 81 uint64_t MmPagedPoolEnd; 82 uint64_t MmPagedPoolInformation; 83 uint64_t MmPageSize; 84 uint64_t MmSizeOfPagedPoolInBytes; 85 uint64_t MmTotalCommitLimit; 86 uint64_t MmTotalCommittedPages; 87 uint64_t MmSharedCommit; 88 uint64_t MmDriverCommit; 89 uint64_t MmProcessCommit; 90 uint64_t MmPagedPoolCommit; 91 uint64_t MmExtendedCommit; 92 uint64_t MmZeroedPageListHead; 93 uint64_t MmFreePageListHead; 94 uint64_t MmStandbyPageListHead; 95 uint64_t MmModifiedPageListHead; 96 uint64_t MmModifiedNoWritePageListHead; 97 uint64_t MmAvailablePages; 98 uint64_t MmResidentAvailablePages; 99 uint64_t PoolTrackTable; 100 uint64_t NonPagedPoolDescriptor; 101 uint64_t MmHighestUserAddress; 102 uint64_t MmSystemRangeStart; 103 uint64_t MmUserProbeAddress; 104 uint64_t KdPrintCircularBuffer; 105 uint64_t KdPrintCircularBufferEnd; 106 uint64_t KdPrintWritePointer; 107 uint64_t KdPrintRolloverCount; 108 uint64_t MmLoadedUserImageList; 109 110 /* NT 5.1 Addition */ 111 112 uint64_t NtBuildLab; 113 uint64_t KiNormalSystemCall; 114 115 /* NT 5.0 hotfix addition */ 116 117 uint64_t KiProcessorBlock; 118 uint64_t MmUnloadedDrivers; 119 uint64_t MmLastUnloadedDriver; 120 uint64_t MmTriageActionTaken; 121 uint64_t MmSpecialPoolTag; 122 uint64_t KernelVerifier; 123 uint64_t MmVerifierData; 124 uint64_t MmAllocatedNonPagedPool; 125 uint64_t MmPeakCommitment; 126 uint64_t MmTotalCommitLimitMaximum; 127 uint64_t CmNtCSDVersion; 128 129 /* NT 5.1 Addition */ 130 131 uint64_t MmPhysicalMemoryBlock; 132 uint64_t MmSessionBase; 133 uint64_t MmSessionSize; 134 uint64_t MmSystemParentTablePage; 135 136 /* Server 2003 addition */ 137 138 uint64_t MmVirtualTranslationBase; 139 uint16_t OffsetKThreadNextProcessor; 140 uint16_t OffsetKThreadTeb; 141 uint16_t OffsetKThreadKernelStack; 142 uint16_t OffsetKThreadInitialStack; 143 uint16_t OffsetKThreadApcProcess; 144 uint16_t OffsetKThreadState; 145 uint16_t OffsetKThreadBStore; 146 uint16_t OffsetKThreadBStoreLimit; 147 uint16_t SizeEProcess; 148 uint16_t OffsetEprocessPeb; 149 uint16_t OffsetEprocessParentCID; 150 uint16_t OffsetEprocessDirectoryTableBase; 151 uint16_t SizePrcb; 152 uint16_t OffsetPrcbDpcRoutine; 153 uint16_t OffsetPrcbCurrentThread; 154 uint16_t OffsetPrcbMhz; 155 uint16_t OffsetPrcbCpuType; 156 uint16_t OffsetPrcbVendorString; 157 uint16_t OffsetPrcbProcStateContext; 158 uint16_t OffsetPrcbNumber; 159 uint16_t SizeEThread; 160 uint64_t KdPrintCircularBufferPtr; 161 uint64_t KdPrintBufferSize; 162 uint64_t KeLoaderBlock; 163 uint16_t SizePcr; 164 uint16_t OffsetPcrSelfPcr; 165 uint16_t OffsetPcrCurrentPrcb; 166 uint16_t OffsetPcrContainedPrcb; 167 uint16_t OffsetPcrInitialBStore; 168 uint16_t OffsetPcrBStoreLimit; 169 uint16_t OffsetPcrInitialStack; 170 uint16_t OffsetPcrStackLimit; 171 uint16_t OffsetPrcbPcrPage; 172 uint16_t OffsetPrcbProcStateSpecialReg; 173 uint16_t GdtR0Code; 174 uint16_t GdtR0Data; 175 uint16_t GdtR0Pcr; 176 uint16_t GdtR3Code; 177 uint16_t GdtR3Data; 178 uint16_t GdtR3Teb; 179 uint16_t GdtLdt; 180 uint16_t GdtTss; 181 uint16_t Gdt64R3CmCode; 182 uint16_t Gdt64R3CmTeb; 183 uint64_t IopNumTriageDumpDataBlocks; 184 uint64_t IopTriageDumpDataBlocks; 185 186 /* Longhorn addition */ 187 188 uint64_t VfCrashDataBlock; 189 uint64_t MmBadPagesDetected; 190 uint64_t MmZeroedPageSingleBitErrorsDetected; 191 192 /* Windows 7 addition */ 193 194 uint64_t EtwpDebuggerData; 195 uint16_t OffsetPrcbContext; 196 } KDDEBUGGER_DATA64; 197 198 #endif /* KDBG_H */ 199