📄 windbgkd.h
字号:
/*++ BUILD Version: 0030 // Increment this if a change has global effects
Copyright (c) 1990-1999 Microsoft Corporation
Module Name:
windbgkd.h
Abstract:
This module defines the 32-Bit Windows Kernel Debugger interface.
Revision History:
--*/
#ifndef _WINDBGKD_
#define _WINDBGKD_
//
// NTSTATUS
//
typedef LONG NTSTATUS;
/*lint -save -e624 */ // Don't complain about different typedefs.
typedef NTSTATUS *PNTSTATUS;
/*lint -restore */ // Resume checking for different typedefs.
//
// Status values are 32 bit values layed out as follows:
//
// 3 3 2 2 2 2 2 2 2 2 2 2 1 1 1 1 1 1 1 1 1 1
// 1 0 9 8 7 6 5 4 3 2 1 0 9 8 7 6 5 4 3 2 1 0 9 8 7 6 5 4 3 2 1 0
// +---+-+-------------------------+-------------------------------+
// |Sev|C| Facility | Code |
// +---+-+-------------------------+-------------------------------+
//
// where
//
// Sev - is the severity code
//
// 00 - Success
// 01 - Informational
// 10 - Warning
// 11 - Error
//
// C - is the Customer code flag
//
// Facility - is the facility code
//
// Code - is the facility's status code
//
//
// Generic test for success on any status value (non-negative numbers
// indicate success).
//
#define NT_SUCCESS(Status) ((NTSTATUS)(Status) >= 0)
//
// Generic test for information on any status value.
//
#define NT_INFORMATION(Status) ((ULONG)(Status) >> 30 == 1)
//
// Generic test for warning on any status value.
//
#define NT_WARNING(Status) ((ULONG)(Status) >> 30 == 2)
//
// Generic test for error on any status value.
//
#define NT_ERROR(Status) ((ULONG)(Status) >> 30 == 3)
#ifdef _X86_
//
// DBGKD_CONTROL_REPORT
//
// This structure contains machine specific data passed to the debugger
// when a Wait_State_Change message is sent. Idea is to allow debugger
// to do what it needes without reading any more packets.
// Structure is filled in by KdpSetControlReport
//
#define DBGKD_MAXSTREAM 16
typedef struct _DBGKD_CONTROL_REPORT {
ULONG Dr6;
ULONG Dr7;
USHORT InstructionCount;
USHORT ReportFlags;
UCHAR InstructionStream[DBGKD_MAXSTREAM];
USHORT SegCs;
USHORT SegDs;
USHORT SegEs;
USHORT SegFs;
ULONG EFlags;
} DBGKD_CONTROL_REPORT, *PDBGKD_CONTROL_REPORT;
#define REPORT_INCLUDES_SEGS 0x0001 // this is for backward compatibility
//
// DBGKD_CONTROL_SET
//
// This structure control value the debugger wants to set on every
// continue, and thus sets here to avoid packet traffic.
//
typedef struct _DBGKD_CONTROL_SET {
ULONG TraceFlag; // WARNING: This must NOT be a BOOLEAN,
// or host and target will end
// up with different alignments!
ULONG Dr7;
ULONG CurrentSymbolStart; // Range in which to trace locally
ULONG CurrentSymbolEnd;
} DBGKD_CONTROL_SET, *PDBGKD_CONTROL_SET;
#endif //_X86_
#ifndef _DESCRIPTOR_TABLE_ENTRY_DEFINED
#define _DESCRIPTOR_TABLE_ENTRY_DEFINED
typedef struct _DESCRIPTOR_TABLE_ENTRY {
ULONG Selector;
LDT_ENTRY Descriptor;
} DESCRIPTOR_TABLE_ENTRY, *PDESCRIPTOR_TABLE_ENTRY;
#endif // _DESCRIPTOR_TABLE_ENTRY_DEFINED
#ifdef _ALPHA_
//
// Define Alpha specific kernel debugger information.
//
// The following structure contains machine specific data passed to
// the host system kernel debugger in a wait state change message.
//
#define DBGKD_MAXSTREAM 16
typedef struct _DBGKD_CONTROL_REPORT {
ULONG InstructionCount;
UCHAR InstructionStream[DBGKD_MAXSTREAM];
} DBGKD_CONTROL_REPORT, *PDBGKD_CONTROL_REPORT;
//
// The following structure contains information that the host system
// kernel debugger wants to set on every continue operation and avoids
// the need to send extra packets of information.
//
typedef ULONG DBGKD_CONTROL_SET, *PDBGKD_CONTROL_SET;
#endif // _ALPHA_
#ifdef _IA64_
//
// Define IA64 specific kernel debugger information.
//
// The following structure contains machine specific data passed to
// the host system kernel debugger in a wait state change message.
//
#define DBGKD_MAXSTREAM 16
typedef struct _DBGKD_CONTROL_REPORT {
ULONG InstructionCount;
UCHAR InstructionStream[DBGKD_MAXSTREAM];
} DBGKD_CONTROL_REPORT, *PDBGKD_CONTROL_REPORT;
//
// The following structure contains information that the host system
// kernel debugger wants to set on every continue operation and avoids
// the need to send extra packets of information.
//
typedef ULONG DBGKD_CONTROL_SET, *PDBGKD_CONTROL_SET;
#endif // _IA64_
#ifndef _DESCRIPTOR_TABLE_ENTRY_DEFINED
#define _DESCRIPTOR_TABLE_ENTRY_DEFINED
typedef struct _DESCRIPTOR_TABLE_ENTRY {
ULONG Selector;
LDT_ENTRY Descriptor;
} DESCRIPTOR_TABLE_ENTRY, *PDESCRIPTOR_TABLE_ENTRY;
#endif // _DESCRIPTOR_TABLE_ENTRY_DEFINED
#ifdef _X86_
//
// Special Registers for i386
//
typedef struct _DESCRIPTOR {
USHORT Pad;
USHORT Limit;
ULONG Base;
} KDESCRIPTOR, *PKDESCRIPTOR;
typedef struct _KSPECIAL_REGISTERS {
ULONG Cr0;
ULONG Cr2;
ULONG Cr3;
ULONG Cr4;
ULONG KernelDr0;
ULONG KernelDr1;
ULONG KernelDr2;
ULONG KernelDr3;
ULONG KernelDr6;
ULONG KernelDr7;
KDESCRIPTOR Gdtr;
KDESCRIPTOR Idtr;
USHORT Tr;
USHORT Ldtr;
ULONG Reserved[6];
} KSPECIAL_REGISTERS, *PKSPECIAL_REGISTERS;
//
// Processor State frame: Before a processor freezes itself, it
// dumps the processor state to the processor state frame for
// debugger to examine.
//
typedef struct _KPROCESSOR_STATE {
struct _CONTEXT ContextFrame;
struct _KSPECIAL_REGISTERS SpecialRegisters;
} KPROCESSOR_STATE, *PKPROCESSOR_STATE;
#endif // _X86_
#ifdef _IA64_
// begin_nthal
//
// Stack Registers for IA64
//
typedef struct _STACK_REGISTERS {
// Please contact INTEL to get IA64-specific information
} STACK_REGISTERS, *PSTACK_REGISTERS;
// Please contact INTEL to get IA64-specific information
// end_nthal
#endif // _IA64_
//
// The following are explicitly sized versions of common system
// structures which appear in the kernel debugger API.
//
// All of the debugger structures which are exposed to both
// sides of the KD API are declared below in explicitly sized
// versions as well, with inline converter functions.
//
//
// Macro for sign extending 32 bit addresses into 64 bits
//
#define COPYSE(p64,p32,f) p64->f = (ULONG64)(LONG64)(LONG)p32->f
__inline
void
ExceptionRecord32To64(
IN PEXCEPTION_RECORD32 Ex32,
OUT PEXCEPTION_RECORD64 Ex64
)
{
ULONG i;
Ex64->ExceptionCode = Ex32->ExceptionCode;
Ex64->ExceptionFlags = Ex32->ExceptionFlags;
Ex64->ExceptionRecord = Ex32->ExceptionRecord;
COPYSE(Ex64,Ex32,ExceptionAddress);
Ex64->NumberParameters = Ex32->NumberParameters;
for (i = 0; i < Ex64->NumberParameters; i++) {
COPYSE(Ex64,Ex32,ExceptionInformation[i]);
}
}
__inline
void
ExceptionRecord64To32(
IN PEXCEPTION_RECORD64 Ex64,
OUT PEXCEPTION_RECORD32 Ex32
)
{
ULONG i;
Ex32->ExceptionCode = Ex64->ExceptionCode;
Ex32->ExceptionFlags = Ex64->ExceptionFlags;
Ex32->ExceptionRecord = (ULONG) Ex64->ExceptionRecord;
Ex32->ExceptionAddress = (ULONG) Ex64->ExceptionAddress;
Ex32->NumberParameters = Ex64->NumberParameters;
for (i = 0; i < Ex32->NumberParameters; i++) {
Ex32->ExceptionInformation[i] = (ULONG) Ex64->ExceptionInformation[i];
}
}
#if !DBG_NO_PORTABLE_TYPES
typedef struct _DBGKM_EXCEPTION {
EXCEPTION_RECORD ExceptionRecord;
ULONG FirstChance;
} DBGKM_EXCEPTION, *PDBGKM_EXCEPTION;
#endif
typedef struct _DBGKM_EXCEPTION32 {
EXCEPTION_RECORD32 ExceptionRecord;
ULONG FirstChance;
} DBGKM_EXCEPTION32, *PDBGKM_EXCEPTION32;
typedef struct _DBGKM_EXCEPTION64 {
EXCEPTION_RECORD64 ExceptionRecord;
ULONG FirstChance;
} DBGKM_EXCEPTION64, *PDBGKM_EXCEPTION64;
__inline
void
DbgkmException32To64(
IN PDBGKM_EXCEPTION32 E32,
OUT PDBGKM_EXCEPTION64 E64
)
{
ExceptionRecord32To64(&E32->ExceptionRecord, &E64->ExceptionRecord);
E64->FirstChance = E32->FirstChance;
}
__inline
void
DbgkmException64To32(
IN PDBGKM_EXCEPTION64 E64,
OUT PDBGKM_EXCEPTION32 E32
)
{
ExceptionRecord64To32(&E64->ExceptionRecord, &E32->ExceptionRecord);
E32->FirstChance = E64->FirstChance;
}
//
// DbgKd APIs are for the portable kernel debugger
//
//
// KD_PACKETS are the low level data format used in KD. All packets
// begin with a packet leader, byte count, packet type. The sequence
// for accepting a packet is:
//
// - read 4 bytes to get packet leader. If read times out (10 seconds)
// with a short read, or if packet leader is incorrect, then retry
// the read.
//
// - next read 2 byte packet type. If read times out (10 seconds) with
// a short read, or if packet type is bad, then start again looking
// for a packet leader.
//
// - next read 4 byte packet Id. If read times out (10 seconds)
// with a short read, or if packet Id is not what we expect, then
// ask for resend and restart again looking for a packet leader.
//
// - next read 2 byte count. If read times out (10 seconds) with
// a short read, or if byte count is greater than PACKET_MAX_SIZE,
// then start again looking for a packet leader.
//
// - next read 4 byte packet data checksum.
//
// - The packet data immediately follows the packet. There should be
// ByteCount bytes following the packet header. Read the packet
// data, if read times out (10 seconds) then start again looking for
// a packet leader.
//
typedef struct _KD_PACKET {
ULONG PacketLeader;
USHORT PacketType;
USHORT ByteCount;
ULONG PacketId;
ULONG Checksum;
} KD_PACKET, *PKD_PACKET;
#define PACKET_MAX_SIZE 4000
#define INITIAL_PACKET_ID 0x80800000 // Don't use 0
#define SYNC_PACKET_ID 0x00000800 // Or in with INITIAL_PACKET_ID
// to force a packet ID reset.
//
// BreakIn packet
//
#define BREAKIN_PACKET 0x62626262
#define BREAKIN_PACKET_BYTE 0x62
//
// Packet lead in sequence
//
#define PACKET_LEADER 0x30303030 //0x77000077
#define PACKET_LEADER_BYTE 0x30
#define CONTROL_PACKET_LEADER 0x69696969
#define CONTROL_PACKET_LEADER_BYTE 0x69
//
// Packet Trailing Byte
//
#define PACKET_TRAILING_BYTE 0xAA
//
// Packet Types
//
#define PACKET_TYPE_UNUSED 0
#define PACKET_TYPE_KD_STATE_CHANGE32 1
#define PACKET_TYPE_KD_STATE_MANIPULATE 2
#define PACKET_TYPE_KD_DEBUG_IO 3
#define PACKET_TYPE_KD_ACKNOWLEDGE 4 // Packet-control type
#define PACKET_TYPE_KD_RESEND 5 // Packet-control type
#define PACKET_TYPE_KD_RESET 6 // Packet-control type
#define PACKET_TYPE_KD_STATE_CHANGE64 7
#define PACKET_TYPE_MAX 8
//
// If the packet type is PACKET_TYPE_KD_STATE_CHANGE, then
// the format of the packet data is as follows:
//
#define DbgKdExceptionStateChange 0x00003030L
#define DbgKdLoadSymbolsStateChange 0x00003031L
//
// Pathname Data follows directly
//
typedef struct _DBGKD_LOAD_SYMBOLS32 {
ULONG PathNameLength;
ULONG BaseOfDll;
ULONG ProcessId;
ULONG CheckSum;
ULONG SizeOfImage;
BOOLEAN UnloadSymbols;
} DBGKD_LOAD_SYMBOLS32, *PDBGKD_LOAD_SYMBOLS32;
typedef struct _DBGKD_LOAD_SYMBOLS64 {
ULONG PathNameLength;
ULONG64 BaseOfDll;
ULONG64 ProcessId;
ULONG CheckSum;
ULONG SizeOfImage;
BOOLEAN UnloadSymbols;
} DBGKD_LOAD_SYMBOLS64, *PDBGKD_LOAD_SYMBOLS64;
__inline
void
DbgkdLoadSymbols32To64(
IN PDBGKD_LOAD_SYMBOLS32 Ls32,
OUT PDBGKD_LOAD_SYMBOLS64 Ls64
)
{
Ls64->PathNameLength = Ls32->PathNameLength;
Ls64->ProcessId = Ls32->ProcessId;
COPYSE(Ls64,Ls32,BaseOfDll);
Ls64->CheckSum = Ls32->CheckSum;
Ls64->SizeOfImage = Ls32->SizeOfImage;
Ls64->UnloadSymbols = Ls32->UnloadSymbols;
}
__inline
void
LoadSymbols64To32(
IN PDBGKD_LOAD_SYMBOLS64 Ls64,
OUT PDBGKD_LOAD_SYMBOLS32 Ls32
)
{
Ls32->PathNameLength = Ls64->PathNameLength;
Ls32->ProcessId = (ULONG)Ls64->ProcessId;
Ls32->BaseOfDll = (ULONG)Ls64->BaseOfDll;
Ls32->CheckSum = Ls64->CheckSum;
Ls32->SizeOfImage = Ls64->SizeOfImage;
Ls32->UnloadSymbols = Ls64->UnloadSymbols;
}
#ifdef _IA64_
#include <pshpck16.h>
#endif
typedef struct _DBGKD_WAIT_STATE_CHANGE32 {
ULONG NewState;
USHORT ProcessorLevel;
USHORT Processor;
ULONG NumberProcessors;
ULONG Thread;
ULONG ProgramCounter;
union {
DBGKM_EXCEPTION32 Exception;
DBGKD_LOAD_SYMBOLS32 LoadSymbols;
} u;
DBGKD_CONTROL_REPORT ControlReport;
CONTEXT Context;
} DBGKD_WAIT_STATE_CHANGE32, *PDBGKD_WAIT_STATE_CHANGE32;
typedef struct _DBGKD_WAIT_STATE_CHANGE64 {
ULONG NewState;
USHORT ProcessorLevel;
USHORT Processor;
ULONG NumberProcessors;
ULONG64 Thread;
ULONG64 ProgramCounter;
union {
DBGKM_EXCEPTION64 Exception;
DBGKD_LOAD_SYMBOLS64 LoadSymbols;
} u;
DBGKD_CONTROL_REPORT ControlReport;
CONTEXT Context;
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -