📄 parsecrash.pl
字号:
0xFFFFCB18 KINX_KHEAP ptr to kernel heap array
0xFFFFCB1C KINX_SECTIONS ptr to SectionTable array
0xFFFFCB20 KINX_MEMINFO ptr to system MemoryInfo struct
0xFFFFCB24 KINX_MODULES ptr to module list
0xFFFFCB28 KINX_DLL_LOW lower bound of DLL shared space
0xFFFFCB2C KINX_NUMPAGES total # of RAM pages
0xFFFFCB30 KINX_PTOC ptr to ROM table of contents points to ROMHDR struct
0xFFFFCB34 KINX_KDATA_ADDR kernel mode version of KData
0xFFFFCB38 KINX_GWESHEAPINFO Current amount of gwes heap in use
0xFFFFCB3C KINX_TIMEZONEBIAS Fast timezone bias info
0xFFFFCB40 KINX_PENDEVENTS bit mask for pending interrupt events
0xFFFFCB44 KINX_KERNRESERVE number of kernel reserved pages
0xFFFFCB48 KINX_API_MASK bit mask for registered api sets
0xFFFFCB4C KINX_NLS_CP hiword OEM code page, loword ANSI code page
0xFFFFCB50 KINX_NLS_SYSLOC Default System locale
0xFFFFCB54 KINX_NLS_USERLOC Default User locale
0xFFFFCB58 KINX_HEAP_WASTE Kernel heap wasted space
0xFFFFCB5C KINX_DEBUGGER For use by debugger for protocol communication
0xFFFFCB60 KINX_APISETS APIset pointers
0xFFFFCB64 KINX_MINPAGEFREE water mark of the minimum number of free pages
0xFFFFCB68 KINX_CELOGSTATUS CeLog status flags
0xFFFFCB6C KINX_NKSECTION Address of NKSection
0xFFFFCB70 KINX_PWR_EVTS Events to be set after power on
0xFFFFCB74 KINX_TIMECHANGECOUNT
0xFFFFCB78 KINX_30
0xFFFFCB7C KINX_NKSIG last entry of KINFO -- signature when NK is ready
# 0xFFFFCC00 - disabled for protection (2nd level page table for 0xFFF00000)
# z:/sources/wince500/PUBLIC/COMMON/SDK/INC/kfuncs.h
!handletypes
0x00 SH_WIN32
0x01 SH_CURTHREAD
0x02 SH_CURPROC
0x04 HT_EVENT // Event handle type
0x05 HT_MUTEX // Mutex handle type
0x06 HT_APISET // kernel API set handle type
0x07 HT_FILE // open file handle type
0x08 HT_FIND // FindFirst handle type
0x09 HT_DBFILE // open database handle type
0x0a HT_DBFIND // database find handle type
0x0b HT_SOCKET // WinSock open socket handle type
0x0c HT_INTERFACE
0x0d HT_SEMAPHORE // Semaphore handle type
0x0e HT_FSMAP // mapped files
0x0f HT_WNETENUM // Net Resource Enumeration
0x10 SH_GDI
0x11 SH_WMGR
0x12 SH_WNET
0x13 SH_COMM
0x14 SH_FILESYS_APIS
0x15 SH_SHELL
0x16 SH_DEVMGR_APIS
0x17 SH_TAPI
0x18 SH_PATCHER
0x1a SH_SERVICES
# z:/sources/wince500/PUBLIC/COMMON/OAK/INC/pehdr.h
!e32infotypes
0x00 EXP // Export Directory
0x01 IMP // Import Directory
0x02 RES // Resource Directory
0x03 EXC // Exception Directory
0x04 SEC // Certificates Directory
0x05 FIX // Base Relocation Directory
0x06 DEB // Debug Directory
0x07 IMD // Architecture Directory
0x08 MSP // Global Pointer Directory
0x09 TLS // Thread Storage Directory
0x0a CBK // Load Configuration Directory
0x0b RS1 // Bound Import Directory
0x0c RS2 // Import Address Table Directory
0x0d RS3 // Delay Import Directory
0x0e RS4 // COM Descriptor Directory
0x0f RS5 // Reserved Directory
# z:/sources/wince500/PUBLIC/COMMON/SDK/INC/winioctl.h
!file_device_types
0x0001 FILE_DEVICE_BEEP
0x0002 FILE_DEVICE_CD_ROM
0x0003 FILE_DEVICE_CD_ROM_FILE_SYSTEM
0x0004 FILE_DEVICE_CONTROLLER
0x0005 FILE_DEVICE_DATALINK
0x0006 FILE_DEVICE_DFS
0x0007 FILE_DEVICE_DISK
0x0008 FILE_DEVICE_DISK_FILE_SYSTEM
0x0009 FILE_DEVICE_FILE_SYSTEM
0x000a FILE_DEVICE_INPORT_PORT
0x000b FILE_DEVICE_KEYBOARD
0x000c FILE_DEVICE_MAILSLOT
0x000d FILE_DEVICE_MIDI_IN
0x000e FILE_DEVICE_MIDI_OUT
0x000f FILE_DEVICE_MOUSE
0x0010 FILE_DEVICE_MULTI_UNC_PROVIDER
0x0011 FILE_DEVICE_NAMED_PIPE
0x0012 FILE_DEVICE_NETWORK
0x0013 FILE_DEVICE_NETWORK_BROWSER
0x0014 FILE_DEVICE_NETWORK_FILE_SYSTEM
0x0015 FILE_DEVICE_NULL
0x0016 FILE_DEVICE_PARALLEL_PORT
0x0017 FILE_DEVICE_PHYSICAL_NETCARD
0x0018 FILE_DEVICE_PRINTER
0x0019 FILE_DEVICE_SCANNER
0x001a FILE_DEVICE_SERIAL_MOUSE_PORT
0x001b FILE_DEVICE_SERIAL_PORT
0x001c FILE_DEVICE_SCREEN
0x001d FILE_DEVICE_SOUND
0x001e FILE_DEVICE_STREAMS
0x001f FILE_DEVICE_TAPE
0x0020 FILE_DEVICE_TAPE_FILE_SYSTEM
0x0021 FILE_DEVICE_TRANSPORT
0x0022 FILE_DEVICE_UNKNOWN
0x0023 FILE_DEVICE_VIDEO
0x0024 FILE_DEVICE_VIRTUAL_DISK
0x0025 FILE_DEVICE_WAVE_IN
0x0026 FILE_DEVICE_WAVE_OUT
0x0027 FILE_DEVICE_8042_PORT
0x0028 FILE_DEVICE_NETWORK_REDIRECTOR
0x0029 FILE_DEVICE_BATTERY
0x0029 FILE_DEVICE_PARTITION
0x002a FILE_DEVICE_BUS_EXTENDER
0x002b FILE_DEVICE_MODEM
0x002c FILE_DEVICE_VDM
0x002d FILE_DEVICE_MASS_STORAGE
0x002e FILE_DEVICE_SMB
0x002f FILE_DEVICE_KS
0x0030 FILE_DEVICE_CHANGER
0x0030 FILE_DEVICE_STORE
0x0031 FILE_DEVICE_SMARTCARD
0x0032 FILE_DEVICE_ACPI
0x0032 FILE_DEVICE_POWER
0x0033 FILE_DEVICE_DVD
0x0034 FILE_DEVICE_FULLSCREEN_VIDEO
0x0035 FILE_DEVICE_DFS_FILE_SYSTEM
0x0036 FILE_DEVICE_DFS_VOLUME
0x0101 FILE_DEVICE_HAL
0x0102 FILE_DEVICE_CONSOLE
0x0103 FILE_DEVICE_PSL
0x0104 FILE_DEVICE_SERVICE
0x0105 FILE_DEVICE_NLED
0x0106 FILE_DEVICE_NOTIFY
!struct FILETIME
0x00 DWORD ftLow
0x04 DWORD ftHigh
!struct wstr
0x00 wchar@260 str
# z:/sources/wince500/PRIVATE/WINCEOS/COREOS/NK/INC/nkarm.h
!struct CPUCONTEXT
0x0000 DWORD Psr
0x0004 DWORD reg_R0
0x0008 DWORD reg_R1
0x000c DWORD reg_R2
0x0010 DWORD reg_R3
0x0014 DWORD reg_R4
0x0018 DWORD reg_R5
0x001c DWORD reg_R6
0x0020 DWORD reg_R7
0x0024 DWORD reg_R8
0x0028 DWORD reg_R9
0x002c DWORD reg_R10
0x0030 DWORD reg_R11
0x0034 DWORD reg_R12
0x0038 DWORD reg_Sp
0x003c DWORD reg_Lr
0x0040 DWORD reg_Pc
0x0044 DWORD Fpscr
0x0048 DWORD FpExc
0x004c DWORD@33 S
0x00d0 DWORD@8 FpExtra
# z:/sources/wince500/PRIVATE/WINCEOS/COREOS/NK/INC/kernel.h
!struct CALLSTACK
0x0000 *CALLSTACK pcstkNext
0x0004 DWORD retAddr /* return address */
0x0008 *PROCESS pprcLast /* previous process */
0x000c DWORD akyLast /* previous access key */
0x0010 DWORD extra /* extra CPU dependent data */
0x0014 DWORD dwPrevSP /* SP of caller */
0x0018 DWORD dwPrcInfo /* information about the caller (mode, callback?, etc) */
# z:/sources/wince500/PRIVATE/WINCEOS/COREOS/NK/INC/kernel.h
!struct THREAD
0x0000 WORD wInfo; /* 00: various info about thread, see above */
0x0002 BYTE bSuspendCnt; /* 02: thread suspend count */
0x0003 BYTE bWaitState; /* 03: state of waiting loop */
0x0004 *PROXY pProxList; /* 04: list of proxies to threads blocked on this thread */
0x0008 *THREAD pNextInProc; /* 08: next thread in this process */
0x000c *PROCESS pProc; /* 0C: pointer to current process */
0x0010 *PROCESS pOwnerProc; /* 10: pointer to owner process */
0x0014 DWORD aky; /* 14: keys used by thread to access memory & handles */
0x0018 *CALLSTACK pcstkTop; /* 18: current api call info */
0x001c DWORD dwOrigBase; /* 1C: Original stack base */
0x0020 DWORD dwOrigStkSize; /* 20: Size of the original thread stack */
0x0024 *DWORD tlsPtr; /* 24: tls pointer */
0x0028 DWORD dwWakeupTime; /* 28: sleep count, also pending sleepcnt on waitmult */
0x002c *DWORD tlsSecure; /* 2c: TLS for secure stack */
0x0030 *DWORD tlsNonSecure; /* 30: TLS for non-secure stack */
0x0034 *PROXY lpProxy; /* 34: first proxy this thread is blocked on */
0x0038 DWORD dwLastError; /* 38: last error */
0x003c DWORD hTh; /* 3C: Handle to this thread, needed by NextThread */
0x0040 BYTE bBPrio; /* 40: base priority */
0x0041 BYTE bCPrio; /* 41: curr priority */
0x0042 WORD wCount; /* 42: nonce for blocking lists */
0x0044 *THREAD pPrevInProc; /* 44: previous thread in this process */
0x0048 DWORD pThrdDbg; /* 48: pointer to thread debug structure, if any */
0x004c DWORD pSwapStack; /* 4c */
0x0050 DWORD ftCreate_dwLowDateTime; /* 50: time thread is created */
0x0054 DWORD ftCreate_dwHighDateTime;
0x0058 DWORD lpce; /* 58: cleanevent for unqueueing blocking lists */ - used to be 'CLEANEVENT'
0x005c DWORD dwStartAddr; /* 5c: thread PC at creation, used to get thread name */
0x0060 CPUCONTEXT ctx; /* 60: thread's cpu context information */
0x0150 *THREAD pNextSleepRun; /* ??: next sleeping thread, if sleeping, else next on runq if runnable */
0x0154 *THREAD pPrevSleepRun; /* ??: back pointer if sleeping or runnable */
0x0158 *THREAD pUpRun; /* ??: up run pointer (circulaar) */
0x015c *THREAD pDownRun; /* ??: down run pointer (circular) */
0x0160 *THREAD pUpSleep; /* ??: up sleep pointer (null terminated) */
0x0164 *THREAD pDownSleep; /* ??: down sleep pointer (null terminated) */
0x0168 DWORD pOwnedList; /* ??: list of crits and mutexes for priority inversion */
0x016c DWORD@32 pOwnedHash;
0x01ec DWORD dwQuantum; /* ??: thread quantum */
0x01f0 DWORD dwQuantLeft; /* ??: quantum left */
0x01f4 *PROXY lpCritProxy; /* ??: proxy from last critical section block, in case stolen back */
0x01f8 *PROXY lpPendProxy; /* ??: pending proxies for queueing */
0x01fc DWORD dwPendReturn; /* ??: return value from pended wait */
0x0200 DWORD dwPendTime; /* ??: timeout value of wait operation */
0x0204 *THREAD pCrabPth;
0x0208 WORD wCrabCount;
0x020a WORD wCrabDir;
0x020c DWORD dwPendWakeup; /* ??: pending timeout */
0x0210 WORD wCount2; /* ??: nonce for SleepList */
0x0212 BYTE bPendSusp; /* ??: pending suspend count */
0x0213 BYTE bDbgCnt; /* ??: recurse level in debug message */
0x0214 DWORD hLastCrit; /* ??: Last crit taken, cleared by nextthread */
0x0218 CALLSTACK IntrStk;
0x0234 DWORD dwKernTime; /* ??: elapsed kernel time */
0x0238 DWORD dwUserTime; /* ??: elapsed user time */
0x023c DWORD hTok; /* ??: thread token */
# z:/sources/wince500/PRIVATE/WINCEOS/COREOS/NK/INC/kernel.h
!struct openexe_t
0x00 DWORD handle // object store handle
0x04 BYTE filetype
0x05 BYTE bIsOID
0x06 WORD pagemode
0x08 DWORD offset
0x0c *Name name
# z:/sources/wince500/PUBLIC/COMMON/OAK/INC/pehdr.h
!struct info
0x00 DWORD rva /* Virtual relative address of info */
0x04 DWORD size /* Size of information block */
# z:/sources/wince500/PUBLIC/COMMON/OAK/INC/pehdr.h
!struct e32_lite
0x00 WORD e32_objcnt /* Number of memory objects */
0x02 BYTE e32_cevermajor /* version of CE built for */
0x03 BYTE e32_ceverminor /* version of CE built for */
0x04 DWORD e32_stackmax /* Maximum stack size */
0x08 DWORD e32_vbase /* Virtual base address of module */
0x0c DWORD e32_vsize /* Virtual size of the entire image */
0x10 DWORD e32_sect14rva /* section 14 rva */
0x14 DWORD e32_sect14size /* section 14 size */
0x18 DWORD e32_timestamp; /* Time EXE/DLL was created/modified */
0x1c info@7 e32_unit /* Array of extra info units */
# z:/sources/wince500/PUBLIC/COMMON/OAK/INC/pehdr.h
!struct o32_lite
0x00 DWORD o32_vsize
0x04 DWORD o32_rva
0x08 DWORD o32_realaddr
0x0c DWORD o32_access
0x10 DWORD o32_flags
0x14 DWORD o32_psize
0x18 DWORD o32_dataptr
# z:/sources/wince500/PRIVATE/WINCEOS/COREOS/NK/INC/kernel.h
!struct PGPOOL_Q
0x00 WORD idxHead; /* head of the queue */
0x02 WORD idxTail; /* tail of the queue */
# z:/sources/wince500/PRIVATE/WINCEOS/COREOS/NK/INC/kernel.h
!struct PROCESS
0x00 BYTE procnum /* 00: ID of this process [ie: it's slot number] */
0x01 BYTE DbgActive /* 01: ID of process currently DebugActiveProcess'ing this process */
0x02 BYTE bChainDebug /* 02: Did the creator want to debug child processes? */
0x03 BYTE bTrustLevel /* 03: level of trust of this exe */
0x04 *PROXY pProxList /* 04: list of proxies to threads blocked on this process */
0x08 DWORD hProc /* 08: handle for this process, needed only for SC_GetProcFromPtr */
0x0c DWORD dwVMBase /* 0C: base of process's memory section, or 0 if not in use */
0x10 *THREAD pTh /* 10: first thread in this process */
0x14 DWORD aky /* 14: default address space key for process's threads */
0x18 DWORD BasePtr /* 18: Base pointer of exe load */
0x1c DWORD hDbgrThrd /* 1C: handle of thread debugging this process, if any */
0x20 *wstr lpszProcName /* 20: name of process */
0x24 DWORD tlsLowUsed /* 24: TLS in use bitmask (first 32 slots) */
0x28 DWORD tlsHighUsed /* 28: TLS in use bitmask (second 32 slots) */
0x2c DWORD pfnEH /* 2C: process exception handler */
0x30 DWORD ZonePtr /* 30: Debug zone pointer */
0x34 *THREAD pMainTh /* 34 primary thread in this process*/
0x38 *Module pmodResource /* 38: module that contains the resources */
0x3c *Name@3 pStdNames /* 3C: Pointer to names for stdio */
0x48 *wstr pcmdline /* 48: Pointer to command line */
0x4c DWORD dwDyingThreads /* 4C: number of pending dying threads */
0x50 openexe_t oe /* 50: Pointer to executable file handle */
0x60 e32_lite e32 /* ??: structure containing exe header */
0xb4 *o32_lite o32_ptr /* ??: o32 array pointer for exe */
0xb8 DWORD pExtPdata /* ??: extend pdata */
0xbc BYTE bPrio /* ??: highest priority of all threads of the process */
0xbd BYTE fNoDebug /* ??: this process cannot be debugged */
0xbe WORD wModCount; /* ??: # of modules in pLastModList */
0xc0 PGPOOL_Q pgqueue /* ??: list of the page owned by the process */
0xc4 *MODULELIST pLastModList; /* ??: the list of modules that just loaded/unloaded into the process */
0xc8 DWORD hTok; /* ??: process default token */
0xcc DWORD pShimInfo; /* pointer to shim information */
# z:/sources/wince500/PRIVATE/WINCEOS/COREOS/NK/INC/kernel.h
!struct CINFO
0x00 char@4 acName /* 00: object type ID string */
0x04 BYTE disp /* 04: type of dispatch */
0x05 BYTE type /* 05: api handle type */
0x06 WORD cMethods /* 06: # of methods in dispatch table */
0x08 DWORD ppfnMethods /* 08: ptr to array of methods (in server address space) */
0x0c DWORD pdwSig /* 0C: ptr to array of method signatures */
0x10 *PROCESS pServer /* 10: ptr to server process */
# z:/sources/wince500/PRIVATE/WINCEOS/COREOS/NK/INC/kernel.h
!struct HDATA
0x00 DWORD fwd /* 00: links for active handle list */
0x04 DWORD back
0x08 DWORD hValue /* 08: Current value of handle (nonce) */
0x0c DWORD lock /* 0C: access information */
0x10 DWORD ref /* 10: reference information */
0x14 *CINFO pci /* 14: ptr to object class description structure */
0x18 DWORD pvObj /* 18: ptr to object */
0x1c DWORD dwInfo /* 1C: extra handle info */
!struct FFSDinfo
0x00 *FFSDinfo next
0x04 *FFSDinfo prev
0x08 *FFSDinfo pPartition
0x0c *FFSDinfo pFile1
0x10 *FFSDinfo pFile2
0x14 DWORD hProcess
0x18 DWORD hFile
0x1c *GTGTinfo pGtgtInfo // seems to be gtgt struct only in some cases.
0x20 wchar@8 name
!struct GTGTinfo
0x00 DWORD magic
0x04 DWORD dw1
0x08 *GDGDinfo pdgdginfo
0x0c *wstr pWStrName
0x10 *GTGTinfo pNext
0x14 *GTGTinfo pPrev
0x18 DWORD dw6
0x1c DWORD dw7
!struct GDGDinfo
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -