1 /* 2 * Copyright (c) 2018 Virtuozzo International GmbH 3 * 4 * This work is licensed under the terms of the GNU GPL, version 2 or later. 5 * 6 */ 7 8 #ifndef KDBG_H 9 #define KDBG_H 10 11 typedef struct DBGKD_GET_VERSION64 { 12 uint16_t MajorVersion; 13 uint16_t MinorVersion; 14 uint8_t ProtocolVersion; 15 uint8_t KdSecondaryVersion; 16 uint16_t Flags; 17 uint16_t MachineType; 18 uint8_t MaxPacketType; 19 uint8_t MaxStateChange; 20 uint8_t MaxManipulate; 21 uint8_t Simulation; 22 uint16_t Unused[1]; 23 uint64_t KernBase; 24 uint64_t PsLoadedModuleList; 25 uint64_t DebuggerDataList; 26 } DBGKD_GET_VERSION64; 27 28 typedef struct DBGKD_DEBUG_DATA_HEADER64 { 29 struct LIST_ENTRY64 { 30 struct LIST_ENTRY64 *Flink; 31 struct LIST_ENTRY64 *Blink; 32 } List; 33 uint32_t OwnerTag; 34 uint32_t Size; 35 } DBGKD_DEBUG_DATA_HEADER64; 36 37 typedef struct KDDEBUGGER_DATA64 { 38 DBGKD_DEBUG_DATA_HEADER64 Header; 39 40 uint64_t KernBase; 41 uint64_t BreakpointWithStatus; 42 uint64_t SavedContext; 43 uint16_t ThCallbackStack; 44 uint16_t NextCallback; 45 uint16_t FramePointer; 46 uint16_t PaeEnabled:1; 47 uint64_t KiCallUserMode; 48 uint64_t KeUserCallbackDispatcher; 49 uint64_t PsLoadedModuleList; 50 uint64_t PsActiveProcessHead; 51 uint64_t PspCidTable; 52 uint64_t ExpSystemResourcesList; 53 uint64_t ExpPagedPoolDescriptor; 54 uint64_t ExpNumberOfPagedPools; 55 uint64_t KeTimeIncrement; 56 uint64_t KeBugCheckCallbackListHead; 57 uint64_t KiBugcheckData; 58 uint64_t IopErrorLogListHead; 59 uint64_t ObpRootDirectoryObject; 60 uint64_t ObpTypeObjectType; 61 uint64_t MmSystemCacheStart; 62 uint64_t MmSystemCacheEnd; 63 uint64_t MmSystemCacheWs; 64 uint64_t MmPfnDatabase; 65 uint64_t MmSystemPtesStart; 66 uint64_t MmSystemPtesEnd; 67 uint64_t MmSubsectionBase; 68 uint64_t MmNumberOfPagingFiles; 69 uint64_t MmLowestPhysicalPage; 70 uint64_t MmHighestPhysicalPage; 71 uint64_t MmNumberOfPhysicalPages; 72 uint64_t MmMaximumNonPagedPoolInBytes; 73 uint64_t MmNonPagedSystemStart; 74 uint64_t MmNonPagedPoolStart; 75 uint64_t MmNonPagedPoolEnd; 76 uint64_t MmPagedPoolStart; 77 uint64_t MmPagedPoolEnd; 78 uint64_t MmPagedPoolInformation; 79 uint64_t MmPageSize; 80 uint64_t MmSizeOfPagedPoolInBytes; 81 uint64_t MmTotalCommitLimit; 82 uint64_t MmTotalCommittedPages; 83 uint64_t MmSharedCommit; 84 uint64_t MmDriverCommit; 85 uint64_t MmProcessCommit; 86 uint64_t MmPagedPoolCommit; 87 uint64_t MmExtendedCommit; 88 uint64_t MmZeroedPageListHead; 89 uint64_t MmFreePageListHead; 90 uint64_t MmStandbyPageListHead; 91 uint64_t MmModifiedPageListHead; 92 uint64_t MmModifiedNoWritePageListHead; 93 uint64_t MmAvailablePages; 94 uint64_t MmResidentAvailablePages; 95 uint64_t PoolTrackTable; 96 uint64_t NonPagedPoolDescriptor; 97 uint64_t MmHighestUserAddress; 98 uint64_t MmSystemRangeStart; 99 uint64_t MmUserProbeAddress; 100 uint64_t KdPrintCircularBuffer; 101 uint64_t KdPrintCircularBufferEnd; 102 uint64_t KdPrintWritePointer; 103 uint64_t KdPrintRolloverCount; 104 uint64_t MmLoadedUserImageList; 105 106 /* NT 5.1 Addition */ 107 108 uint64_t NtBuildLab; 109 uint64_t KiNormalSystemCall; 110 111 /* NT 5.0 hotfix addition */ 112 113 uint64_t KiProcessorBlock; 114 uint64_t MmUnloadedDrivers; 115 uint64_t MmLastUnloadedDriver; 116 uint64_t MmTriageActionTaken; 117 uint64_t MmSpecialPoolTag; 118 uint64_t KernelVerifier; 119 uint64_t MmVerifierData; 120 uint64_t MmAllocatedNonPagedPool; 121 uint64_t MmPeakCommitment; 122 uint64_t MmTotalCommitLimitMaximum; 123 uint64_t CmNtCSDVersion; 124 125 /* NT 5.1 Addition */ 126 127 uint64_t MmPhysicalMemoryBlock; 128 uint64_t MmSessionBase; 129 uint64_t MmSessionSize; 130 uint64_t MmSystemParentTablePage; 131 132 /* Server 2003 addition */ 133 134 uint64_t MmVirtualTranslationBase; 135 uint16_t OffsetKThreadNextProcessor; 136 uint16_t OffsetKThreadTeb; 137 uint16_t OffsetKThreadKernelStack; 138 uint16_t OffsetKThreadInitialStack; 139 uint16_t OffsetKThreadApcProcess; 140 uint16_t OffsetKThreadState; 141 uint16_t OffsetKThreadBStore; 142 uint16_t OffsetKThreadBStoreLimit; 143 uint16_t SizeEProcess; 144 uint16_t OffsetEprocessPeb; 145 uint16_t OffsetEprocessParentCID; 146 uint16_t OffsetEprocessDirectoryTableBase; 147 uint16_t SizePrcb; 148 uint16_t OffsetPrcbDpcRoutine; 149 uint16_t OffsetPrcbCurrentThread; 150 uint16_t OffsetPrcbMhz; 151 uint16_t OffsetPrcbCpuType; 152 uint16_t OffsetPrcbVendorString; 153 uint16_t OffsetPrcbProcStateContext; 154 uint16_t OffsetPrcbNumber; 155 uint16_t SizeEThread; 156 uint64_t KdPrintCircularBufferPtr; 157 uint64_t KdPrintBufferSize; 158 uint64_t KeLoaderBlock; 159 uint16_t SizePcr; 160 uint16_t OffsetPcrSelfPcr; 161 uint16_t OffsetPcrCurrentPrcb; 162 uint16_t OffsetPcrContainedPrcb; 163 uint16_t OffsetPcrInitialBStore; 164 uint16_t OffsetPcrBStoreLimit; 165 uint16_t OffsetPcrInitialStack; 166 uint16_t OffsetPcrStackLimit; 167 uint16_t OffsetPrcbPcrPage; 168 uint16_t OffsetPrcbProcStateSpecialReg; 169 uint16_t GdtR0Code; 170 uint16_t GdtR0Data; 171 uint16_t GdtR0Pcr; 172 uint16_t GdtR3Code; 173 uint16_t GdtR3Data; 174 uint16_t GdtR3Teb; 175 uint16_t GdtLdt; 176 uint16_t GdtTss; 177 uint16_t Gdt64R3CmCode; 178 uint16_t Gdt64R3CmTeb; 179 uint64_t IopNumTriageDumpDataBlocks; 180 uint64_t IopTriageDumpDataBlocks; 181 182 /* Longhorn addition */ 183 184 uint64_t VfCrashDataBlock; 185 uint64_t MmBadPagesDetected; 186 uint64_t MmZeroedPageSingleBitErrorsDetected; 187 188 /* Windows 7 addition */ 189 190 uint64_t EtwpDebuggerData; 191 uint16_t OffsetPrcbContext; 192 } KDDEBUGGER_DATA64; 193 194 #endif /* KDBG_H */ 195