#include "../kd/kd.h"

Include dependency graph for kdb.h:

This graph shows which files directly or indirectly include this file:

Classes
struct	_KDB_BREAKPOINT

Typedefs
typedef CONTEXT	KDB_KTRAP_FRAME

typedef CONTEXT *	PKDB_KTRAP_FRAME

typedef enum _KDB_BREAKPOINT_TYPE	KDB_BREAKPOINT_TYPE

typedef enum _KDB_ACCESS_TYPE	KDB_ACCESS_TYPE

typedef struct _KDB_BREAKPOINT	KDB_BREAKPOINT

typedef struct _KDB_BREAKPOINT *	PKDB_BREAKPOINT

typedef enum _KDB_ENTER_CONDITION	KDB_ENTER_CONDITION

typedef enum _KD_CONTINUE_TYPE	KD_CONTINUE_TYPE

Enumerations
enum	_KDB_BREAKPOINT_TYPE { KdbBreakPointNone = 0 , KdbBreakPointSoftware , KdbBreakPointHardware , KdbBreakPointTemporary }

enum	_KDB_ACCESS_TYPE { KdbAccessRead , KdbAccessWrite , KdbAccessReadWrite , KdbAccessExec }

enum	_KDB_ENTER_CONDITION { KdbDoNotEnter , KdbEnterAlways , KdbEnterFromKmode , KdbEnterFromUmode }

enum	_KD_CONTINUE_TYPE { kdContinue = 0 , kdDoNotHandleException , kdHandleException }

Functions
LONG	KdbpDisassemble (IN ULONG_PTR Address, IN ULONG IntelSyntax)

LONG	KdbpGetInstLength (IN ULONG_PTR Address)

VOID NTAPI	KdbpStackSwitchAndCall (IN PVOID NewStack, IN VOID(*Function)(VOID))

NTSTATUS NTAPI	KdbInitialize (_In_ PKD_DISPATCH_TABLE DispatchTable, _In_ ULONG BootPhase)
	Initializes the KDBG debugger.

BOOLEAN NTAPI	KdbRegisterCliCallback (PVOID Callback, BOOLEAN Deregister)

NTSTATUS	KdbpCliInit (VOID)
	Called when KDB is initialized.

VOID	KdbpCliMainLoop (IN BOOLEAN EnteredOnSingleStep)
	KDB Main Loop.

VOID	KdbpCliInterpretInitFile (VOID)
	Interprets the KDBinit file from the \SystemRoot\System32\drivers\etc directory, that has been loaded by KdbpCliInit().

VOID	KdbpCommandHistoryAppend (_In_ PCSTR Command)
	Appends a command to the command history.

PCSTR	KdbGetHistoryEntry (_Inout_ PLONG NextIndex, _In_ BOOLEAN Next)

VOID	KdbpPager (_In_ PCHAR Buffer, _In_ ULONG BufLength)
	Prints the given string with, page by page.

VOID	KdbpPrint (_In_ PSTR Format, _In_ ...)
	Prints the given string with printf-like formatting.

VOID	KdbpPrintUnicodeString (_In_ PCUNICODE_STRING String)

BOOLEAN NTAPI	KdbpGetHexNumber (IN PCHAR pszNum, OUT ULONG_PTR *pulValue)

BOOLEAN	KdbpRpnEvaluateExpression (IN PCHAR Expression, IN PKDB_KTRAP_FRAME TrapFrame, OUT PULONGLONG Result, OUT PLONG ErrOffset OPTIONAL, OUT PCHAR ErrMsg OPTIONAL)
	Evaluates the given expression.

PVOID	KdbpRpnParseExpression (IN PCHAR Expression, OUT PLONG ErrOffset OPTIONAL, OUT PCHAR ErrMsg OPTIONAL)
	Parses the given expression and returns a "handle" to it.

BOOLEAN	KdbpRpnEvaluateParsedExpression (IN PVOID Expression, IN PKDB_KTRAP_FRAME TrapFrame, OUT PULONGLONG Result, OUT PLONG ErrOffset OPTIONAL, OUT PCHAR ErrMsg OPTIONAL)
	Evaluates the given expression and returns the result.

BOOLEAN	KdbpSymFindModule (IN PVOID Address OPTIONAL, IN INT Index OPTIONAL, OUT PLDR_DATA_TABLE_ENTRY *pLdrEntry)
	Find a module...

BOOLEAN	KdbSymPrintAddress (IN PVOID Address, IN PCONTEXT Context)
	Print address...

VOID	KdbSymProcessSymbols (_Inout_ PLDR_DATA_TABLE_ENTRY LdrEntry, _In_ BOOLEAN Load)
	Load symbols from image mapping. If this fails,.

BOOLEAN	KdbSymInit (_In_ ULONG BootPhase)
	Initializes the KDB symbols implementation.

LONG	KdbpGetNextBreakPointNr (IN ULONG Start OPTIONAL)
	Gets the number of the next breakpoint >= Start.

BOOLEAN	KdbpGetBreakPointInfo (IN ULONG BreakPointNr, OUT ULONG_PTR Address OPTIONAL, OUT KDB_BREAKPOINT_TYPE Type OPTIONAL, OUT UCHAR Size OPTIONAL, OUT KDB_ACCESS_TYPE AccessType OPTIONAL, OUT UCHAR DebugReg OPTIONAL, OUT BOOLEAN Enabled OPTIONAL, OUT BOOLEAN Global OPTIONAL, OUT PEPROCESS Process OPTIONAL, OUT PCHAR *ConditionExpression OPTIONAL)
	Returns information of the specified breakpoint.

NTSTATUS	KdbpInsertBreakPoint (IN ULONG_PTR Address, IN KDB_BREAKPOINT_TYPE Type, IN UCHAR Size OPTIONAL, IN KDB_ACCESS_TYPE AccessType OPTIONAL, IN PCHAR ConditionExpression OPTIONAL, IN BOOLEAN Global, OUT PLONG BreakPointNr OPTIONAL)
	Inserts a breakpoint into the breakpoint array.

BOOLEAN	KdbpDeleteBreakPoint (IN LONG BreakPointNr OPTIONAL, IN OUT PKDB_BREAKPOINT BreakPoint OPTIONAL)
	Deletes a breakpoint.

BOOLEAN	KdbpEnableBreakPoint (IN LONG BreakPointNr OPTIONAL, IN OUT PKDB_BREAKPOINT BreakPoint OPTIONAL)
	Enables a breakpoint.

BOOLEAN	KdbpDisableBreakPoint (IN LONG BreakPointNr OPTIONAL, IN OUT PKDB_BREAKPOINT BreakPoint OPTIONAL)
	Disables a breakpoint.

BOOLEAN	KdbpGetEnterCondition (IN LONG ExceptionNr, IN BOOLEAN FirstChance, OUT KDB_ENTER_CONDITION *Condition)
	Gets the first or last chance enter-condition for exception nr. ExceptionNr.

BOOLEAN	KdbpSetEnterCondition (IN LONG ExceptionNr, IN BOOLEAN FirstChance, IN KDB_ENTER_CONDITION Condition)
	Sets the first or last chance enter-condition for exception nr. ExceptionNr.

BOOLEAN	KdbpAttachToThread (PVOID ThreadId)
	Switches to another thread context.

BOOLEAN	KdbpAttachToProcess (PVOID ProcessId)
	Switches to another process/thread context.

VOID	KdbpGetCommandLineSettings (_In_ PCSTR p1)

KD_CONTINUE_TYPE	KdbEnterDebuggerException (IN PEXCEPTION_RECORD64 ExceptionRecord, IN KPROCESSOR_MODE PreviousMode, IN OUT PCONTEXT Context, IN BOOLEAN FirstChance)

BOOLEAN NTAPI	KdpSafeReadMemory (IN ULONG_PTR Addr, IN LONG Len, OUT PVOID Value)

BOOLEAN NTAPI	KdpSafeWriteMemory (IN ULONG_PTR Addr, IN LONG Len, IN ULONGLONG Value)

NTSTATUS	KdbpSafeReadMemory (OUT PVOID Dest, IN PVOID Src, IN ULONG Bytes)

NTSTATUS	KdbpSafeWriteMemory (OUT PVOID Dest, IN PVOID Src, IN ULONG Bytes)

VOID	KbdDisableMouse (VOID)

VOID	KbdEnableMouse (VOID)

VOID	KdbPrintString (_In_ const CSTRING *Output)

USHORT	KdbPromptString (_In_ const CSTRING *PromptString, _Inout_ PSTRING ResponseString)

VOID	KdbPutsN (_In_ PCCH String, _In_ USHORT Length)

VOID	KdbPuts (_In_ PCSTR String)

VOID __cdecl	KdbPrintf (_In_ PCSTR Format,...)

SIZE_T	KdbPrompt (_In_ PCSTR Prompt, _Out_ PCHAR Buffer, _In_ SIZE_T Size)

Variables
volatile PCHAR	KdbInitFileBuffer

PEPROCESS	KdbCurrentProcess

PETHREAD	KdbCurrentThread

LONG	KdbLastBreakPointNr

ULONG	KdbNumSingleSteps

BOOLEAN	KdbSingleStepOver

PKDB_KTRAP_FRAME	KdbCurrentTrapFrame

Typedef Documentation

◆ KD_CONTINUE_TYPE

typedef enum _KD_CONTINUE_TYPE KD_CONTINUE_TYPE

◆ KDB_ACCESS_TYPE

typedef enum _KDB_ACCESS_TYPE KDB_ACCESS_TYPE

◆ KDB_BREAKPOINT

typedef struct _KDB_BREAKPOINT KDB_BREAKPOINT

◆ KDB_BREAKPOINT_TYPE

typedef enum _KDB_BREAKPOINT_TYPE KDB_BREAKPOINT_TYPE

◆ KDB_ENTER_CONDITION

typedef enum _KDB_ENTER_CONDITION KDB_ENTER_CONDITION

◆ KDB_KTRAP_FRAME

typedef CONTEXT KDB_KTRAP_FRAME

Definition at line 7 of file kdb.h.

◆ PKDB_BREAKPOINT

typedef struct _KDB_BREAKPOINT * PKDB_BREAKPOINT

◆ PKDB_KTRAP_FRAME

typedef CONTEXT * PKDB_KTRAP_FRAME

Definition at line 7 of file kdb.h.

Enumeration Type Documentation

◆ _KD_CONTINUE_TYPE

enum _KD_CONTINUE_TYPE

Enumerator
kdContinue
kdDoNotHandleException
kdHandleException

Definition at line 54 of file kdb.h.

{
    kdContinue = 0,
    kdDoNotHandleException,
    kdHandleException
} KD_CONTINUE_TYPE;

◆ _KDB_ACCESS_TYPE

enum _KDB_ACCESS_TYPE

Enumerator
KdbAccessRead
KdbAccessWrite
KdbAccessReadWrite
KdbAccessExec

Definition at line 17 of file kdb.h.

{
   KdbAccessRead,
   KdbAccessWrite,
   KdbAccessReadWrite,
   KdbAccessExec
} KDB_ACCESS_TYPE;

◆ _KDB_BREAKPOINT_TYPE

enum _KDB_BREAKPOINT_TYPE

Enumerator
KdbBreakPointNone
KdbBreakPointSoftware
KdbBreakPointHardware
KdbBreakPointTemporary

Definition at line 9 of file kdb.h.

{
   KdbBreakPointNone = 0,
   KdbBreakPointSoftware,
   KdbBreakPointHardware,
   KdbBreakPointTemporary
} KDB_BREAKPOINT_TYPE;

◆ _KDB_ENTER_CONDITION

enum _KDB_ENTER_CONDITION

Enumerator
KdbDoNotEnter
KdbEnterAlways
KdbEnterFromKmode
KdbEnterFromUmode

Definition at line 46 of file kdb.h.

{
   KdbDoNotEnter,
   KdbEnterAlways,
   KdbEnterFromKmode,
   KdbEnterFromUmode
} KDB_ENTER_CONDITION;

Function Documentation

◆ KbdDisableMouse()

VOID KbdDisableMouse ( VOID )

Definition at line 98 of file kdps2kbd.c.

{
    KbdSendCommandToMouse(MOU_DISAB);
}

Referenced by KdbpInternalEnter(), and KdReceivePacket().

◆ KbdEnableMouse()

VOID KbdEnableMouse ( VOID )

Definition at line 93 of file kdps2kbd.c.

{
    KbdSendCommandToMouse(MOU_ENAB);
}

Referenced by KdbpInternalEnter(), and KdReceivePacket().

◆ KdbEnterDebuggerException()

KD_CONTINUE_TYPE KdbEnterDebuggerException	(	IN PEXCEPTION_RECORD64	ExceptionRecord,
		IN KPROCESSOR_MODE	PreviousMode,
		IN OUT PCONTEXT	Context,
		IN BOOLEAN	FirstChance
	)

◆ KdbGetHistoryEntry()

PCSTR KdbGetHistoryEntry	(	_Inout_ PLONG	NextIndex,
		_In_ BOOLEAN	Next
	)

Definition at line 24 of file kdprompt.c.

{
    /* Dummy function */
    return NULL;
}

Referenced by KdIoReadLine().

◆ KdbInitialize()

NTSTATUS NTAPI KdbInitialize	(	_In_ PKD_DISPATCH_TABLE	DispatchTable,
		_In_ ULONG	BootPhase
	)

Initializes the KDBG debugger.

Parameters

[in]	DispatchTable	Pointer to the KD dispatch table.
[in]	BootPhase	Phase of initialization.

Returns: A status value.

Note: Also known as "KdpKdbgInit".

Definition at line 3633 of file kdb_cli.c.

{
    /* Saves the different symbol-loading status across boot phases */
    static ULONG LoadSymbols = 0;
 
    if (BootPhase == 0)
    {
        /* Write out the functions that we support for now */
        DispatchTable->KdpPrintRoutine = KdbDebugPrint;
 
        /* Check if we have a command line */
        if (KeLoaderBlock && KeLoaderBlock->LoadOptions)
        {
            /* Get the KDBG Settings */
            KdbpGetCommandLineSettings(KeLoaderBlock->LoadOptions);
        }
 
        /* Register for BootPhase 1 initialization and as a Provider */
        DispatchTable->KdpInitRoutine = KdbInitialize;
        InsertTailList(&KdProviders, &DispatchTable->KdProvidersList);
    }
    else if (BootPhase == 1)
    {
        /* Register for later BootPhase 2 reinitialization */
        DispatchTable->KdpInitRoutine = KdbInitialize;
 
        /* Initialize Dmesg support */
 
        /* Allocate a buffer for Dmesg log buffer. +1 for terminating null,
         * see kdbp_cli.c:KdbpCmdDmesg()/2 */
        KdpDmesgBuffer = ExAllocatePoolZero(NonPagedPool,
                                            KdpDmesgBufferSize + 1,
                                            TAG_KDBG);
        /* Ignore failure if KdpDmesgBuffer is NULL */
        KdpDmesgFreeBytes = KdpDmesgBufferSize;
        KdbDmesgTotalWritten = 0;
 
        /* Initialize spinlock */
        KeInitializeSpinLock(&KdpDmesgLogSpinLock);
    }
 
    /* Initialize symbols support in BootPhase 0 and 1 */
    if (BootPhase <= 1)
    {
        LoadSymbols <<= 1;
        LoadSymbols |= KdbSymInit(BootPhase);
    }
 
    if (BootPhase == 1)
    {
        /* Announce ourselves */
        CHAR buffer[60];
        RtlStringCbPrintfA(buffer, sizeof(buffer),
                           "   KDBG debugger enabled - %s\r\n",
                           !(LoadSymbols & 0x2) ? "No symbols loaded" :
                           !(LoadSymbols & 0x1) ? "Kernel symbols loaded"
                                                : "Loading symbols");
        HalDisplayString(buffer);
    }
 
    if (BootPhase >= 2)
    {
        /* I/O is now set up for disk access: load the KDBinit file */
        NTSTATUS Status = KdbpCliInit();
 
        /* Schedule an I/O reinitialization if needed */
        if (Status == STATUS_OBJECT_NAME_NOT_FOUND ||
            Status == STATUS_OBJECT_PATH_NOT_FOUND)
        {
            DispatchTable->KdpInitRoutine = KdbInitialize;
        }
    }
 
    return STATUS_SUCCESS;
}

Referenced by KdbInitialize().

◆ KdbpAttachToProcess()

BOOLEAN KdbpAttachToProcess ( PVOID ProcessId )

Switches to another process/thread context.

This function switches to the first thread in the specified process.

Parameters

ProcessId Id of the process to switch to.

Return values

TRUE	Success.
FALSE	Failure (i.e. invalid process id)

Definition at line 1117 of file kdb.c.

{
    PEPROCESS Process = NULL;
    PETHREAD Thread;
    PLIST_ENTRY Entry;
 
    /* Get a pointer to the process */
    if (!NT_SUCCESS(PsLookupProcessByProcessId(ProcessId, &Process)))
    {
        KdbpPrint("Invalid process id: 0x%08x\n", (ULONG_PTR)ProcessId);
        return FALSE;
    }
 
    Entry = Process->ThreadListHead.Flink;
    ObDereferenceObject(Process);
    if (Entry == &KdbCurrentProcess->ThreadListHead)
    {
        KdbpPrint("No threads in process 0x%p, cannot attach to process!\n", ProcessId);
        return FALSE;
    }
 
    Thread = CONTAINING_RECORD(Entry, ETHREAD, ThreadListEntry);
 
    return KdbpAttachToThread(Thread->Cid.UniqueThread);
}

Referenced by KdbpCmdProc().

◆ KdbpAttachToThread()

BOOLEAN KdbpAttachToThread ( PVOID ThreadId )

Switches to another thread context.

Parameters

ThreadId Id of the thread to switch to.

Return values

TRUE	Success.
FALSE	Failure (i.e. invalid thread id)

Definition at line 1036 of file kdb.c.

{
    PETHREAD Thread = NULL;
    PEPROCESS Process;
 
    /* Get a pointer to the thread */
    if (!NT_SUCCESS(PsLookupThreadByThreadId(ThreadId, &Thread)))
    {
        KdbpPrint("Invalid thread id: 0x%08x\n", (ULONG_PTR)ThreadId);
        return FALSE;
    }
    Process = Thread->ThreadsProcess;
 
    if (KeIsExecutingDpc() && Process != KdbCurrentProcess)
    {
        KdbpPrint("Cannot attach to thread within another process while executing a DPC.\n");
        ObDereferenceObject(Thread);
        return FALSE;
    }
 
    /* Save the current thread's context (if we previously attached to a thread) */
    if (KdbCurrentThread != KdbOriginalThread)
    {
        ASSERT(KdbCurrentTrapFrame == &KdbThreadTrapFrame);
        /* Actually, we can't save the context, there's no guarantee that there was a trap frame */
    }
    else
    {
        ASSERT(KdbCurrentTrapFrame == &KdbTrapFrame);
    }
 
    /* Switch to the thread's context */
    if (Thread != KdbOriginalThread)
    {
        /* The thread we're attaching to isn't the thread on which we entered
         * kdb and so the thread we're attaching to is not running. There
         * is no guarantee that it actually has a trap frame. So we have to
         * peek directly at the registers which were saved on the stack when the
         * thread was preempted in the scheduler */
        KdbpKdbTrapFrameFromKernelStack(Thread->Tcb.KernelStack,
                                        &KdbThreadTrapFrame);
        KdbCurrentTrapFrame = &KdbThreadTrapFrame;
    }
    else /* Switching back to original thread */
    {
        KdbCurrentTrapFrame = &KdbTrapFrame;
    }
    KdbCurrentThread = Thread;
 
    /* Attach to the thread's process */
    ASSERT(KdbCurrentProcess == PsGetCurrentProcess());
    if (KdbCurrentProcess != Process)
    {
        if (KdbCurrentProcess != KdbOriginalProcess) /* detach from previously attached process */
        {
            KeUnstackDetachProcess(&KdbApcState);
        }
 
        if (KdbOriginalProcess != Process)
        {
            KeStackAttachProcess(&Process->Pcb, &KdbApcState);
        }
 
        KdbCurrentProcess = Process;
    }
 
    ObDereferenceObject(Thread);
    return TRUE;
}

Referenced by KdbpAttachToProcess(), and KdbpCmdThread().

◆ KdbpCliInit()

NTSTATUS KdbpCliInit ( VOID )

Called when KDB is initialized.

Loads the KDBinit file from the \SystemRoot\System32\drivers\etc directory and interprets it, by calling back into the debugger.

Definition at line 3482 of file kdb_cli.c.

{
    NTSTATUS Status;
    OBJECT_ATTRIBUTES ObjectAttributes;
    UNICODE_STRING FileName;
    IO_STATUS_BLOCK Iosb;
    FILE_STANDARD_INFORMATION FileStdInfo;
    HANDLE hFile = NULL;
    ULONG FileSize;
    PCHAR FileBuffer;
 
    /* Don't load the KDBinit file if its buffer is already lying around */
    if (KdbInitFileBuffer)
        return STATUS_SUCCESS;
 
    /* Initialize the object attributes */
    RtlInitUnicodeString(&FileName, L"\\SystemRoot\\System32\\drivers\\etc\\KDBinit");
    InitializeObjectAttributes(&ObjectAttributes,
                               &FileName,
                               OBJ_CASE_INSENSITIVE | OBJ_KERNEL_HANDLE,
                               NULL,
                               NULL);
 
    /* Open the file */
    Status = ZwOpenFile(&hFile, FILE_READ_DATA | SYNCHRONIZE,
                        &ObjectAttributes, &Iosb, 0,
                        FILE_NON_DIRECTORY_FILE | FILE_SYNCHRONOUS_IO_NONALERT |
                        FILE_NO_INTERMEDIATE_BUFFERING);
    if (!NT_SUCCESS(Status))
    {
        DPRINT("Could not open %wZ (Status 0x%lx)\n", &FileName, Status);
        return Status;
    }
 
    /* Get the size of the file */
    Status = ZwQueryInformationFile(hFile, &Iosb,
                                    &FileStdInfo, sizeof(FileStdInfo),
                                    FileStandardInformation);
    if (!NT_SUCCESS(Status))
    {
        ZwClose(hFile);
        DPRINT1("Could not query size of %wZ (Status 0x%lx)\n", &FileName, Status);
        return Status;
    }
    FileSize = FileStdInfo.EndOfFile.u.LowPart;
 
    /* Allocate memory for the file (add 1 byte for terminating NUL) */
    FileBuffer = ExAllocatePool(NonPagedPool, FileSize + 1);
    if (!FileBuffer)
    {
        ZwClose(hFile);
        DPRINT1("Could not allocate %lu bytes for KDBinit file\n", FileSize);
        return Status;
    }
 
    /* Load file into memory */
    Status = ZwReadFile(hFile, NULL, NULL, NULL, &Iosb,
                        FileBuffer, FileSize, NULL, NULL);
    ZwClose(hFile);
 
    if (!NT_SUCCESS(Status) && (Status != STATUS_END_OF_FILE))
    {
        ExFreePool(FileBuffer);
        DPRINT1("Could not read KDBinit file into memory (Status 0x%lx)\n", Status);
        return Status;
    }
 
    FileSize = min(FileSize, (ULONG)Iosb.Information);
    FileBuffer[FileSize] = ANSI_NULL;
 
    /* Interpret the KDBinit file by calling back into the debugger */
    InterlockedExchangePointer((PVOID*)&KdbInitFileBuffer, FileBuffer);
    DbgBreakPointWithStatus(DBG_STATUS_CONTROL_C);
    InterlockedExchangePointer((PVOID*)&KdbInitFileBuffer, NULL);
 
    ExFreePool(FileBuffer);
 
    return STATUS_SUCCESS;
}

Referenced by KdbInitialize().

◆ KdbpCliInterpretInitFile()

VOID KdbpCliInterpretInitFile ( VOID )

Interprets the KDBinit file from the \SystemRoot\System32\drivers\etc directory, that has been loaded by KdbpCliInit().

This function is used to interpret the init file in the debugger context with a trap frame set up. KdbpCliInit() enters the debugger by calling DbgBreakPointWithStatus(DBG_STATUS_CONTROL_C). In turn, this will call KdbEnterDebuggerException() which will finally call this function if KdbInitFileBuffer is not NULL.

Definition at line 3430 of file kdb_cli.c.

{
    PCHAR p1, p2;
 
    p1 = InterlockedExchangePointer((PVOID*)&KdbInitFileBuffer, NULL);
    if (!p1)
        return;
 
    /* Execute the commands in the init file */
    KdbPuts("KDB: Executing KDBinit file...\n");
    while (p1[0] != '\0')
    {
        size_t i = strcspn(p1, "\r\n");
        if (i > 0)
        {
            CHAR c = p1[i];
            p1[i] = '\0';
 
            /* Look for "break" command and comments */
            p2 = p1;
            while (isspace(p2[0]))
                p2++;
 
            if (strncmp(p2, "break", sizeof("break")-1) == 0 &&
                (p2[sizeof("break")-1] == '\0' || isspace(p2[sizeof("break")-1])))
            {
                /* Run the interactive debugger loop */
                KdbpCliMainLoop(FALSE);
            }
            else if (p2[0] != '#' && p2[0] != '\0') /* Ignore empty lines and comments */
            {
                /* Invoke the command */
                KdbpDoCommand(p1);
            }
 
            p1[i] = c;
        }
 
        p1 += i;
        while (p1[0] == '\r' || p1[0] == '\n')
            p1++;
    }
    KdbPuts("KDB: KDBinit executed\n");
}

Referenced by KdbEnterDebuggerException().

◆ KdbpCliMainLoop()

VOID KdbpCliMainLoop ( IN BOOLEAN EnteredOnSingleStep )

KDB Main Loop.

Parameters

EnteredOnSingleStep TRUE if KDB was entered on single step.

Definition at line 3353 of file kdb_cli.c.

{
    BOOLEAN Continue = TRUE;
    static CHAR Command[1024];
    static CHAR LastCommand[1024] = "";
 
// FIXME HACK: SYSREG SUPPORT CORE-19807 -- Emit a backtrace.
// TODO: Remove once SYSREG "bt" command emission is fixed!
#if 1
    KdbpDoCommand("bt");
#endif
 
    if (EnteredOnSingleStep)
    {
        if (!KdbSymPrintAddress((PVOID)KeGetContextPc(KdbCurrentTrapFrame), KdbCurrentTrapFrame))
            KdbPrintf("<%p>", KeGetContextPc(KdbCurrentTrapFrame));
 
        KdbPuts(": ");
        if (KdbpDisassemble(KeGetContextPc(KdbCurrentTrapFrame), KdbUseIntelSyntax) < 0)
            KdbPuts("<INVALID>");
        KdbPuts("\n");
    }
    else
    {
        /* Preceding this message is one of the "Entered debugger..." banners */
        // KdbPuts("\nEntered debugger\n");
        KdbPuts("\nType \"help\" for a list of commands.\n");
    }
 
    /* Main loop */
    while (Continue)
    {
        /*
         * Print the prompt and read a command.
         * Repeat the last one if the user pressed Enter.
         * This reduces the risk of RSI when single-stepping!
         */
        // TEMP HACK! Issue an empty string instead of duplicating "kdb:>"
        SIZE_T CmdLen = KdbPrompt(/*KdbPromptStr.Buffer*/"", Command, sizeof(Command));
        if (CmdLen == 0)
        {
            /* Nothing received but the user didn't press Enter, retry */
            continue;
        }
        else if (CmdLen > 1) // i.e. (*Command != ANSI_NULL)
        {
            /* Save this new last command */
            KdbRepeatLastCommand = TRUE;
            RtlStringCbCopyA(LastCommand, sizeof(LastCommand), Command);
 
            /* Remember it */
            KdbpCommandHistoryAppend(Command);
        }
        else if (KdbRepeatLastCommand)
        {
            /* The user directly pressed Enter */
            RtlStringCbCopyA(Command, sizeof(Command), LastCommand);
        }
 
        /* Invoke the command */
        Continue = KdbpDoCommand(Command);
    }
}

Referenced by KdbpCallMainLoop(), and KdbpCliInterpretInitFile().

◆ KdbpCommandHistoryAppend()

VOID KdbpCommandHistoryAppend ( _In_ PCSTR Command )

Appends a command to the command history.

Parameters

[in] Command Pointer to the command to append to the history.

Definition at line 37 of file kdb_cmdhist.c.

{
    SIZE_T Length1 = strlen(Command) + 1;
    SIZE_T Length2 = 0;
    LONG i;
    PCHAR Buffer;
 
    ASSERT(Length1 <= RTL_NUMBER_OF(KdbCommandHistoryBuffer));
 
    /*
     * Do not append the string if:
     * - it is empty (just the NULL terminator);
     * - or the last command is the same.
     */
    if (Length1 <= 1 ||
        (KdbCommandHistory[KdbCommandHistoryIndex] &&
         strcmp(KdbCommandHistory[KdbCommandHistoryIndex], Command) == 0))
    {
        return;
    }
 
    /* Calculate Length1 and Length2 */
    Buffer = KdbCommandHistoryBuffer + KdbCommandHistoryBufferIndex;
    KdbCommandHistoryBufferIndex += Length1;
    if (KdbCommandHistoryBufferIndex >= (LONG)RTL_NUMBER_OF(KdbCommandHistoryBuffer))
    {
        KdbCommandHistoryBufferIndex -= RTL_NUMBER_OF(KdbCommandHistoryBuffer);
        Length2 = KdbCommandHistoryBufferIndex;
        Length1 -= Length2;
    }
 
    /* Remove previous commands until there is enough space to append the new command */
    for (i = KdbCommandHistoryIndex; KdbCommandHistory[i];)
    {
        if ((Length2 > 0 &&
            (KdbCommandHistory[i] >= Buffer ||
             KdbCommandHistory[i] < (KdbCommandHistoryBuffer + KdbCommandHistoryBufferIndex))) ||
            (Length2 <= 0 &&
             (KdbCommandHistory[i] >= Buffer &&
              KdbCommandHistory[i] < (KdbCommandHistoryBuffer + KdbCommandHistoryBufferIndex))))
        {
            KdbCommandHistory[i] = NULL;
        }
 
        i--;
        if (i < 0)
            i = RTL_NUMBER_OF(KdbCommandHistory) - 1;
 
        if (i == KdbCommandHistoryIndex)
            break;
    }
 
    /* Make sure the new command history entry is free */
    KdbCommandHistoryIndex++;
    KdbCommandHistoryIndex %= RTL_NUMBER_OF(KdbCommandHistory);
    if (KdbCommandHistory[KdbCommandHistoryIndex])
    {
        KdbCommandHistory[KdbCommandHistoryIndex] = NULL;
    }
 
    /* Append command */
    KdbCommandHistory[KdbCommandHistoryIndex] = Buffer;
    ASSERT((KdbCommandHistory[KdbCommandHistoryIndex] + Length1) <= KdbCommandHistoryBuffer + RTL_NUMBER_OF(KdbCommandHistoryBuffer));
    memcpy(KdbCommandHistory[KdbCommandHistoryIndex], Command, Length1);
    if (Length2 > 0)
    {
        memcpy(KdbCommandHistoryBuffer, Command + Length1, Length2);
    }
}

Referenced by KdbpCliMainLoop().

◆ KdbpDeleteBreakPoint()

BOOLEAN KdbpDeleteBreakPoint	(	IN LONG BreakPointNr	OPTIONAL,
		IN OUT PKDB_BREAKPOINT BreakPoint	OPTIONAL
	)

Deletes a breakpoint.

Parameters

BreakPointNr	Number of the breakpoint to delete. Can be -1
BreakPoint	Breakpoint to delete. Can be NULL.

Return values

TRUE	Success.
FALSE	Failure (invalid breakpoint number)

Definition at line 599 of file kdb.c.

{
    if (BreakPointNr < 0)
    {
        ASSERT(BreakPoint);
        BreakPointNr = BreakPoint - KdbBreakPoints;
    }
 
    if (BreakPointNr < 0 || BreakPointNr >= KDB_MAXIMUM_BREAKPOINT_COUNT)
    {
        KdbPrintf("Invalid breakpoint: %d\n", BreakPointNr);
        return FALSE;
    }
 
    if (!BreakPoint)
    {
        BreakPoint = KdbBreakPoints + BreakPointNr;
    }
 
    if (BreakPoint->Type == KdbBreakPointNone)
    {
        KdbPrintf("Invalid breakpoint: %d\n", BreakPointNr);
        return FALSE;
    }
 
    if (BreakPoint->Enabled && !KdbpDisableBreakPoint(-1, BreakPoint))
        return FALSE;
 
    if (BreakPoint->Type != KdbBreakPointTemporary)
        KdbPrintf("Breakpoint %d deleted.\n", BreakPointNr);
 
    BreakPoint->Type = KdbBreakPointNone;
    KdbBreakPointCount--;
 
    return TRUE;
}

Referenced by KdbEnterDebuggerException(), and KdbpCmdEnableDisableClearBreakPoint().

◆ KdbpDisableBreakPoint()

BOOLEAN KdbpDisableBreakPoint	(	IN LONG BreakPointNr	OPTIONAL,
		IN OUT PKDB_BREAKPOINT BreakPoint	OPTIONAL
	)

Disables a breakpoint.

Parameters

BreakPointNr	Number of the breakpoint to disable. Can be -1
BreakPoint	Breakpoint to disable. Can be NULL.

Return values

TRUE	Success.
FALSE	Failure.

See also: KdbpEnableBreakPoint

Definition at line 868 of file kdb.c.

{
    ULONG i;
    NTSTATUS Status;
 
    if (BreakPointNr < 0)
    {
        ASSERT(BreakPoint);
        BreakPointNr = BreakPoint - KdbBreakPoints;
    }
 
    if (BreakPointNr < 0 || BreakPointNr >= KDB_MAXIMUM_BREAKPOINT_COUNT)
    {
        KdbPrintf("Invalid breakpoint: %d\n", BreakPointNr);
        return FALSE;
    }
 
    if (!BreakPoint)
    {
        BreakPoint = KdbBreakPoints + BreakPointNr;
    }
 
    if (BreakPoint->Type == KdbBreakPointNone)
    {
        KdbPrintf("Invalid breakpoint: %d\n", BreakPointNr);
        return FALSE;
    }
 
    if (BreakPoint->Enabled == FALSE)
    {
        KdbPrintf("Breakpoint %d is not enabled.\n", BreakPointNr);
        return TRUE;
    }
 
    if (BreakPoint->Type == KdbBreakPointSoftware ||
        BreakPoint->Type == KdbBreakPointTemporary)
    {
        ASSERT(KdbSwBreakPointCount > 0);
        Status = KdbpOverwriteInstruction(BreakPoint->Process, BreakPoint->Address,
                                          BreakPoint->Data.SavedInstruction, NULL);
 
        if (!NT_SUCCESS(Status))
        {
            KdbPuts("Couldn't restore original instruction.\n");
            return FALSE;
        }
 
        for (i = 0; i < KdbSwBreakPointCount; i++)
        {
            if (KdbSwBreakPoints[i] == BreakPoint)
            {
                KdbSwBreakPoints[i] = KdbSwBreakPoints[--KdbSwBreakPointCount];
                i = -1; /* if the last breakpoint is disabled dont break with i >= KdbSwBreakPointCount */
                break;
            }
        }
 
        if (i != MAXULONG) /* not found */
            ASSERT(0);
    }
    else
    {
        ASSERT(BreakPoint->Type == KdbBreakPointHardware);
 
        /* Clear the breakpoint. */
        KdbTrapFrame.Dr7 &= ~(0x3 << (BreakPoint->Data.Hw.DebugReg * 2));
        if ((KdbTrapFrame.Dr7 & 0xFF) == 0)
        {
            /* If no breakpoints are enabled then clear the exact match flags. */
            KdbTrapFrame.Dr7 &= 0xFFFFFCFF;
        }
 
        for (i = 0; i < KdbHwBreakPointCount; i++)
        {
            if (KdbHwBreakPoints[i] == BreakPoint)
            {
                KdbHwBreakPoints[i] = KdbHwBreakPoints[--KdbHwBreakPointCount];
                i = -1; /* if the last breakpoint is disabled dont break with i >= KdbHwBreakPointCount */
                break;
            }
        }
 
        if (i != MAXULONG) /* not found */
            ASSERT(0);
    }
 
    BreakPoint->Enabled = FALSE;
    if (BreakPoint->Type != KdbBreakPointTemporary)
        KdbPrintf("Breakpoint %d disabled.\n", BreakPointNr);
 
    return TRUE;
}

Referenced by KdbpCmdEnableDisableClearBreakPoint(), and KdbpDeleteBreakPoint().

◆ KdbpDisassemble()

LONG KdbpDisassemble	(	IN ULONG_PTR	Address,
		IN ULONG	IntelSyntax
	)

Definition at line 124 of file i386-dis.c.

{
  disassemble_info info;
 
  info.fprintf_func = KdbpPrintDisasm;
  info.stream = NULL;
  info.application_data = NULL;
  info.flavour = bfd_target_unknown_flavour;
  info.arch = bfd_arch_i386;
  info.mach = IntelSyntax ? bfd_mach_i386_i386_intel_syntax : bfd_mach_i386_i386;
  info.insn_sets = 0;
  info.flags = 0;
  info.read_memory_func = KdbpReadMemory;
  info.memory_error_func = KdbpMemoryError;
  info.print_address_func = KdbpPrintAddressInCode;
  info.symbol_at_address_func = NULL;
  info.buffer = NULL;
  info.buffer_vma = info.buffer_length = 0;
  info.bytes_per_chunk = 0;
  info.display_endian = BIG_ENDIAN_LITTLE;
  info.disassembler_options = NULL;
 
  return(print_insn_i386(Address, &info));
}

Referenced by KdbpCliMainLoop(), and KdbpCmdDisassembleX().

◆ KdbpEnableBreakPoint()

BOOLEAN KdbpEnableBreakPoint	(	IN LONG BreakPointNr	OPTIONAL,
		IN OUT PKDB_BREAKPOINT BreakPoint	OPTIONAL
	)

Enables a breakpoint.

Parameters

BreakPointNr	Number of the breakpoint to enable Can be -1.
BreakPoint	Breakpoint to enable. Can be NULL.

Return values

TRUE	Success.
FALSE	Failure.

See also: KdbpDisableBreakPoint

Definition at line 702 of file kdb.c.

{
    NTSTATUS Status;
    INT i;
    ULONG ul;
 
    if (BreakPointNr < 0)
    {
        ASSERT(BreakPoint);
        BreakPointNr = BreakPoint - KdbBreakPoints;
    }
 
    if (BreakPointNr < 0 || BreakPointNr >= KDB_MAXIMUM_BREAKPOINT_COUNT)
    {
        KdbPrintf("Invalid breakpoint: %d\n", BreakPointNr);
        return FALSE;
    }
 
    if (!BreakPoint)
    {
        BreakPoint = KdbBreakPoints + BreakPointNr;
    }
 
    if (BreakPoint->Type == KdbBreakPointNone)
    {
        KdbPrintf("Invalid breakpoint: %d\n", BreakPointNr);
        return FALSE;
    }
 
    if (BreakPoint->Enabled)
    {
        KdbPrintf("Breakpoint %d is already enabled.\n", BreakPointNr);
        return TRUE;
    }
 
    if (BreakPoint->Type == KdbBreakPointSoftware ||
        BreakPoint->Type == KdbBreakPointTemporary)
    {
        if (KdbSwBreakPointCount >= KDB_MAXIMUM_SW_BREAKPOINT_COUNT)
        {
            KdbPrintf("Maximum number of SW breakpoints (%d) used. "
                      "Disable another breakpoint in order to enable this one.\n",
                      KDB_MAXIMUM_SW_BREAKPOINT_COUNT);
            return FALSE;
        }
 
        Status = KdbpOverwriteInstruction(BreakPoint->Process, BreakPoint->Address,
                                          0xCC, &BreakPoint->Data.SavedInstruction);
        if (!NT_SUCCESS(Status))
        {
            KdbPrintf("Couldn't access memory at 0x%p\n", BreakPoint->Address);
            return FALSE;
        }
 
        KdbSwBreakPoints[KdbSwBreakPointCount++] = BreakPoint;
    }
    else
    {
        if (BreakPoint->Data.Hw.AccessType == KdbAccessExec)
            ASSERT(BreakPoint->Data.Hw.Size == 1);
 
        ASSERT((BreakPoint->Address % BreakPoint->Data.Hw.Size) == 0);
 
        if (KdbHwBreakPointCount >= KDB_MAXIMUM_HW_BREAKPOINT_COUNT)
        {
            KdbPrintf("Maximum number of HW breakpoints (%d) already used. "
                      "Disable another breakpoint in order to enable this one.\n",
                      KDB_MAXIMUM_HW_BREAKPOINT_COUNT);
            return FALSE;
        }
 
        /* Find unused hw breakpoint */
        ASSERT(KDB_MAXIMUM_HW_BREAKPOINT_COUNT == 4);
        for (i = 0; i < KDB_MAXIMUM_HW_BREAKPOINT_COUNT; i++)
        {
            if ((KdbTrapFrame.Dr7 & (0x3 << (i * 2))) == 0)
                break;
        }
 
        ASSERT(i < KDB_MAXIMUM_HW_BREAKPOINT_COUNT);
 
        /* Set the breakpoint address. */
        switch (i)
        {
            case 0:
                KdbTrapFrame.Dr0 = BreakPoint->Address;
                break;
            case 1:
                KdbTrapFrame.Dr1 = BreakPoint->Address;
                break;
            case 2:
                KdbTrapFrame.Dr2 = BreakPoint->Address;
                break;
            case 3:
                KdbTrapFrame.Dr3 = BreakPoint->Address;
                break;
        }
 
        /* Enable the global breakpoint */
        KdbTrapFrame.Dr7 |= (0x2 << (i * 2));
 
        /* Enable the exact match bits. */
        KdbTrapFrame.Dr7 |= 0x00000300;
 
        /* Clear existing state. */
        KdbTrapFrame.Dr7 &= ~(0xF << (16 + (i * 4)));
 
        /* Set the breakpoint type. */
        switch (BreakPoint->Data.Hw.AccessType)
        {
            case KdbAccessExec:
                ul = 0;
                break;
            case KdbAccessWrite:
                ul = 1;
                break;
            case KdbAccessRead:
            case KdbAccessReadWrite:
                ul = 3;
                break;
            default:
                ASSERT(0);
                return TRUE;
                break;
        }
 
        KdbTrapFrame.Dr7 |= (ul << (16 + (i * 4)));
 
        /* Set the breakpoint length. */
        KdbTrapFrame.Dr7 |= ((BreakPoint->Data.Hw.Size - 1) << (18 + (i * 4)));
 
        /* Update KdbCurrentTrapFrame - values are taken from there by the CLI */
        if (&KdbTrapFrame != KdbCurrentTrapFrame)
        {
            KdbCurrentTrapFrame->Dr0 = KdbTrapFrame.Dr0;
            KdbCurrentTrapFrame->Dr1 = KdbTrapFrame.Dr1;
            KdbCurrentTrapFrame->Dr2 = KdbTrapFrame.Dr2;
            KdbCurrentTrapFrame->Dr3 = KdbTrapFrame.Dr3;
            KdbCurrentTrapFrame->Dr6 = KdbTrapFrame.Dr6;
            KdbCurrentTrapFrame->Dr7 = KdbTrapFrame.Dr7;
        }
 
        BreakPoint->Data.Hw.DebugReg = i;
        KdbHwBreakPoints[KdbHwBreakPointCount++] = BreakPoint;
    }
 
    BreakPoint->Enabled = TRUE;
    if (BreakPoint->Type != KdbBreakPointTemporary)
        KdbPrintf("Breakpoint %d enabled.\n", BreakPointNr);
 
    return TRUE;
}

Referenced by KdbpCmdEnableDisableClearBreakPoint(), and KdbpInsertBreakPoint().

◆ KdbpGetBreakPointInfo()

BOOLEAN KdbpGetBreakPointInfo	(	IN ULONG	BreakPointNr,
		OUT ULONG_PTR *Address	OPTIONAL,
		OUT KDB_BREAKPOINT_TYPE *Type	OPTIONAL,
		OUT UCHAR *Size	OPTIONAL,
		OUT KDB_ACCESS_TYPE *AccessType	OPTIONAL,
		OUT UCHAR *DebugReg	OPTIONAL,
		OUT BOOLEAN *Enabled	OPTIONAL,
		OUT BOOLEAN *Global	OPTIONAL,
		OUT PEPROCESS *Process	OPTIONAL,
		OUT PCHAR *ConditionExpression	OPTIONAL
	)

Returns information of the specified breakpoint.

Parameters

BreakPointNr	Number of the breakpoint to return information of.
Address	Receives the address of the breakpoint.
Type	Receives the type of the breakpoint (hardware or software)
Size	Size - for memory breakpoints.
AccessType	Access type - for hardware breakpoints.
DebugReg	Debug register - for enabled hardware breakpoints.
Enabled	Whether the breakpoint is enabled or not.
Process	The owning process of the breakpoint.
ConditionExpression	The expression which was given as condition for the bp.

Returns: NULL on failure, pointer to a KDB_BREAKPOINT struct on success.

Definition at line 409 of file kdb.c.

{
    PKDB_BREAKPOINT bp;
 
    if (BreakPointNr >= RTL_NUMBER_OF(KdbBreakPoints) ||
        KdbBreakPoints[BreakPointNr].Type == KdbBreakPointNone)
    {
        return FALSE;
    }
 
    bp = KdbBreakPoints + BreakPointNr;
    if (Address)
        *Address = bp->Address;
 
    if (Type)
        *Type = bp->Type;
 
    if (bp->Type == KdbBreakPointHardware)
    {
        if (Size)
            *Size = bp->Data.Hw.Size;
 
        if (AccessType)
            *AccessType = bp->Data.Hw.AccessType;
 
        if (DebugReg && bp->Enabled)
            *DebugReg = bp->Data.Hw.DebugReg;
    }
 
    if (Enabled)
        *Enabled = bp->Enabled;
 
    if (Global)
        *Global = bp->Global;
 
    if (Process)
        *Process = bp->Process;
 
    if (ConditionExpression)
        *ConditionExpression = bp->ConditionExpression;
 
    return TRUE;
}

Referenced by KdbpCmdBreakPointList().

◆ KdbpGetCommandLineSettings()

VOID KdbpGetCommandLineSettings ( _In_ PCSTR p1 )

Definition at line 1635 of file kdb.c.

{
#define CONST_STR_LEN(x) (sizeof(x)/sizeof(x[0]) - 1)
 
    while (p1 && *p1)
    {
        /* Skip leading whitespace */
        while (*p1 == ' ') ++p1;
 
        if (!_strnicmp(p1, "FIRSTCHANCE", CONST_STR_LEN("FIRSTCHANCE")))
        {
            p1 += CONST_STR_LEN("FIRSTCHANCE");
            KdbpSetEnterCondition(-1, TRUE, KdbEnterAlways);
        }
 
        /* Move on to the next option */
        p1 = strchr(p1, ' ');
    }
}

Referenced by KdbInitialize().

◆ KdbpGetEnterCondition()

BOOLEAN KdbpGetEnterCondition	(	IN LONG	ExceptionNr,
		IN BOOLEAN	FirstChance,
		OUT KDB_ENTER_CONDITION *	Condition
	)

Gets the first or last chance enter-condition for exception nr. ExceptionNr.

Parameters

ExceptionNr	Number of the exception to get condition of.
FirstChance	Whether to get first or last chance condition.
Condition	Receives the condition setting.

Return values

TRUE	Success.
FALSE	Failure (invalid exception nr)

Definition at line 973 of file kdb.c.

{
    if (ExceptionNr >= (LONG)RTL_NUMBER_OF(KdbEnterConditions))
        return FALSE;
 
    *Condition = KdbEnterConditions[ExceptionNr][FirstChance ? 0 : 1];
    return TRUE;
}

Referenced by KdbpCmdSet().

◆ KdbpGetHexNumber()

BOOLEAN NTAPI KdbpGetHexNumber	(	IN PCHAR	pszNum,
		OUT ULONG_PTR *	pulValue
	)

Definition at line 451 of file kdb_cli.c.

{
    char *endptr;
 
    /* Skip optional '0x' prefix */
    if ((pszNum[0] == '0') && ((pszNum[1] == 'x') || (pszNum[1] == 'X')))
        pszNum += 2;
 
    /* Make a number from the string (hex) */
    *pulValue = strtoul(pszNum, &endptr, 16);
 
    return (*endptr == '\0');
}

◆ KdbpGetInstLength()

LONG KdbpGetInstLength ( IN ULONG_PTR Address )

Definition at line 94 of file i386-dis.c.

{
  disassemble_info info;
 
  info.fprintf_func = KdbpNopPrintDisasm;
  info.stream = NULL;
  info.application_data = NULL;
  info.flavour = bfd_target_unknown_flavour;
  info.arch = bfd_arch_i386;
#ifdef _M_AMD64
  info.mach = bfd_mach_x86_64;
#else
  info.mach = bfd_mach_i386_i386;
#endif
  info.insn_sets = 0;
  info.flags = 0;
  info.read_memory_func = KdbpReadMemory;
  info.memory_error_func = KdbpMemoryError;
  info.print_address_func = KdbpNopPrintAddress;
  info.symbol_at_address_func = NULL;
  info.buffer = NULL;
  info.buffer_vma = info.buffer_length = 0;
  info.bytes_per_chunk = 0;
  info.display_endian = BIG_ENDIAN_LITTLE;
  info.disassembler_options = NULL;
 
  return(print_insn_i386(Address, &info));
}

Referenced by KdbpStepOverInstruction().

◆ KdbpGetNextBreakPointNr()

LONG KdbpGetNextBreakPointNr ( IN ULONG Start OPTIONAL )

Gets the number of the next breakpoint >= Start.

Parameters

Start Breakpoint number to start searching at. -1 if no more breakpoints are found.

Returns: Breakpoint number (-1 if no more breakpoints are found)

Definition at line 382 of file kdb.c.

{
    for (; Start < RTL_NUMBER_OF(KdbBreakPoints); Start++)
    {
        if (KdbBreakPoints[Start].Type != KdbBreakPointNone)
            return Start;
    }
 
    return -1;
}

Referenced by KdbpCmdBreakPointList().

◆ KdbpInsertBreakPoint()

NTSTATUS KdbpInsertBreakPoint	(	IN ULONG_PTR	Address,
		IN KDB_BREAKPOINT_TYPE	Type,
		IN UCHAR Size	OPTIONAL,
		IN KDB_ACCESS_TYPE AccessType	OPTIONAL,
		IN PCHAR ConditionExpression	OPTIONAL,
		IN BOOLEAN	Global,
		OUT PLONG BreakPointNr	OPTIONAL
	)

Inserts a breakpoint into the breakpoint array.

The Process of the breakpoint is set to KdbCurrentProcess

Parameters

Address	Address at which to set the breakpoint.
Type	Type of breakpoint (hardware or software)
Size	Size of breakpoint (for hardware/memory breakpoints)
AccessType	Access type (for hardware breakpoins)
ConditionExpression	Expression which must evaluate to true for conditional breakpoints.
Global	Wether the breakpoint is global or local to a process.
BreakPointNumber	Receives the breakpoint number on success

Returns: NTSTATUS

Definition at line 478 of file kdb.c.

{
    LONG_PTR i;
    PVOID Condition;
    PCHAR ConditionExpressionDup;
    LONG ErrOffset;
    CHAR ErrMsg[128];
 
    ASSERT(Type != KdbBreakPointNone);
 
    if (Type == KdbBreakPointHardware)
    {
        if ((Address % Size) != 0)
        {
            KdbPrintf("Address (0x%p) must be aligned to a multiple of the size (%d)\n", Address, Size);
            return STATUS_UNSUCCESSFUL;
        }
 
        if (AccessType == KdbAccessExec && Size != 1)
        {
            KdbPuts("Size must be 1 for execution breakpoints.\n");
            return STATUS_UNSUCCESSFUL;
        }
    }
 
    if (KdbBreakPointCount == KDB_MAXIMUM_BREAKPOINT_COUNT)
    {
        return STATUS_UNSUCCESSFUL;
    }
 
    /* Parse condition expression string and duplicate it */
    if (ConditionExpression)
    {
        Condition = KdbpRpnParseExpression(ConditionExpression, &ErrOffset, ErrMsg);
        if (!Condition)
        {
            if (ErrOffset >= 0)
                KdbPrintf("Couldn't parse expression: %s at character %d\n", ErrMsg, ErrOffset);
            else
                KdbPrintf("Couldn't parse expression: %s", ErrMsg);
 
            return STATUS_UNSUCCESSFUL;
        }
 
        i = strlen(ConditionExpression) + 1;
        ConditionExpressionDup = ExAllocatePoolWithTag(NonPagedPool, i, TAG_KDBG);
        RtlCopyMemory(ConditionExpressionDup, ConditionExpression, i);
    }
    else
    {
        Condition = NULL;
        ConditionExpressionDup = NULL;
    }
 
    /* Find unused breakpoint */
    if (Type == KdbBreakPointTemporary)
    {
        for (i = RTL_NUMBER_OF(KdbBreakPoints) - 1; i >= 0; i--)
        {
            if (KdbBreakPoints[i].Type == KdbBreakPointNone)
                break;
        }
    }
    else
    {
        for (i = 0; i < (LONG)RTL_NUMBER_OF(KdbBreakPoints); i++)
        {
            if (KdbBreakPoints[i].Type == KdbBreakPointNone)
                break;
        }
    }
 
    ASSERT(i < (LONG)RTL_NUMBER_OF(KdbBreakPoints));
 
    /* Set the breakpoint */
    ASSERT(KdbCurrentProcess);
    KdbBreakPoints[i].Type = Type;
    KdbBreakPoints[i].Address = Address;
    KdbBreakPoints[i].Enabled = FALSE;
    KdbBreakPoints[i].Global = Global;
    KdbBreakPoints[i].Process = KdbCurrentProcess;
    KdbBreakPoints[i].ConditionExpression = ConditionExpressionDup;
    KdbBreakPoints[i].Condition = Condition;
 
    if (Type == KdbBreakPointHardware)
    {
        KdbBreakPoints[i].Data.Hw.Size = Size;
        KdbBreakPoints[i].Data.Hw.AccessType = AccessType;
    }
 
    KdbBreakPointCount++;
 
    if (Type != KdbBreakPointTemporary)
        KdbPrintf("Breakpoint %d inserted.\n", i);
 
    /* Try to enable the breakpoint */
    KdbpEnableBreakPoint(i, NULL);
 
    /* Return the breakpoint number */
    if (BreakPointNr)
        *BreakPointNr = i;
 
    return STATUS_SUCCESS;
}

Referenced by KdbpCmdBreakPoint(), KdbpStepIntoInstruction(), and KdbpStepOverInstruction().

◆ KdbpPager()

VOID KdbpPager	(	_In_ PCHAR	Buffer,
		_In_ ULONG	BufLength
	)

Prints the given string with, page by page.

Parameters

Buffer	Characters buffer to print.
BufferLen	Buffer size.

Note: Doesn't correctly handle \t and terminal escape sequences when calculating the number of lines required to print a single line from the Buffer in the terminal. Maximum length of buffer is limited only by memory size. Uses KdbPrintf internally.

Note: BufLength should be greater than (KdTermSize.cx * KdTermSize.cy).

Definition at line 3142 of file kdb_cli.c.

{
    /* Call the internal function */
    KdbpPagerInternal(Buffer, BufLength, TRUE);
}

Referenced by KdbpCmdDmesg().

◆ KdbpPrint()

VOID KdbpPrint	(	_In_ PSTR	Format,
		_In_ ...
	)

Prints the given string with printf-like formatting.

Parameters

Format	Format of the string/arguments.
...	Variable number of arguments matching the format specified in Format.

Note: Doesn't correctly handle \t and terminal escape sequences when calculating the number of lines required to print a single line from the Buffer in the terminal. Prints maximum 4096 chars, because of its buffer size.

Definition at line 3160 of file kdb_cli.c.

{
    static CHAR Buffer[4096];
    ULONG Length;
    va_list ap;
 
    /* Check if the user has aborted output of the current command */
    if (KdbOutputAborted)
        return;
 
    /* Build the string */
    va_start(ap, Format);
    Length = _vsnprintf(Buffer, sizeof(Buffer) - 1, Format, ap);
    Buffer[Length] = '\0';
    va_end(ap);
 
    /* Actually print it */
    KdbpPagerInternal(Buffer, Length, FALSE);
}

Referenced by KdbpAttachToProcess(), KdbpAttachToThread(), KdbpCmdBackTrace(), KdbpCmdBreakPoint(), KdbpCmdBreakPointList(), KdbpCmdDisassembleX(), KdbpCmdDmesg(), KdbpCmdEnableDisableClearBreakPoint(), KdbpCmdEvalExpression(), KdbpCmdFilter(), KdbpCmdGdtLdtIdt(), KdbpCmdHelp(), KdbpCmdMod(), KdbpCmdPcr(), KdbpCmdProc(), KdbpCmdRegs(), KdbpCmdSet(), KdbpCmdStep(), KdbpCmdThread(), KdbpEvaluateExpression(), and KdbpPrintUnicodeString().

◆ KdbpPrintUnicodeString()

VOID KdbpPrintUnicodeString ( _In_ PCUNICODE_STRING String )

Definition at line 3183 of file kdb_cli.c.

{
    ULONG i;
 
    if ((String == NULL) || (String->Buffer == NULL))
    {
        KdbpPrint("<NULL>");
        return;
    }
 
    for (i = 0; i < String->Length / sizeof(WCHAR); i++)
    {
        KdbpPrint("%c", (CHAR)String->Buffer[i]);
    }
}

Referenced by KdbpCmdMod().

◆ KdbPrintf()

VOID __cdecl KdbPrintf	(	_In_ PCSTR	Format,
			...
	)

Definition at line 160 of file kdb_print.c.

{
    va_list ap;
    SIZE_T Length;
    CHAR Buffer[1024];
 
    /* Format the string */
    va_start(ap, Format);
    Length = _vsnprintf(Buffer,
                        sizeof(Buffer),
                        Format,
                        ap);
    Length = min(Length, MAXUSHORT - sizeof(ANSI_NULL));
    va_end(ap);
 
    /* Send it to the debugger directly */
    KdbPutsN(Buffer, (USHORT)Length);
}

Referenced by KdbEnterDebuggerException(), KdbpCliMainLoop(), KdbpDeleteBreakPoint(), KdbpDisableBreakPoint(), KdbpDoCommand(), KdbpEnableBreakPoint(), KdbpInsertBreakPoint(), KdbpPagerInternal(), KdbpPrintAddressInCode(), KdbpShouldStepOverInstruction(), KdbSymPrintAddress(), KdReceivePacket(), and KdSendPacket().

◆ KdbPrintString()

VOID KdbPrintString ( _In_ const CSTRING * Output )

Definition at line 64 of file kdb_print.c.

{
    DBGKD_DEBUG_IO DebugIo;
    STRING Header, Data;
 
    KdbPrintStringWorker(Output, DbgKdPrintStringApi,
                         &DebugIo, &Header, &Data);
}

Referenced by KdbPutsN().

◆ KdbPrompt()

SIZE_T KdbPrompt	(	_In_ PCSTR	Prompt,
		_Out_ PCHAR	Buffer,
		_In_ SIZE_T	Size
	)

Definition at line 182 of file kdb_print.c.

{
    CSTRING PromptString;
    STRING ResponseBuffer;
 
    PromptString.Buffer = Prompt;
    PromptString.Length = PromptString.MaximumLength =
        (USHORT)strnlen(Prompt, MAXUSHORT - sizeof(ANSI_NULL));
 
    ResponseBuffer.Buffer = Buffer;
    ResponseBuffer.Length = 0;
    ResponseBuffer.MaximumLength = (USHORT)min(Size, MAXUSHORT);
 
    return KdbPromptString(&PromptString, &ResponseBuffer);
}

Referenced by KdbpCliMainLoop().

◆ KdbPromptString()

USHORT KdbPromptString	(	_In_ const CSTRING *	PromptString,
		_Inout_ PSTRING	ResponseString
	)

Definition at line 125 of file kdb_print.c.

{
    /* Enter prompt loop: send the prompt and receive the response */
    ResponseString->Length = 0;
    while (KdbPromptStringWorker(PromptString, ResponseString))
    {
        /* Loop while we need to resend */
    }
    return ResponseString->Length;
}

Referenced by KdbPrompt().

◆ KdbpRpnEvaluateExpression()

BOOLEAN KdbpRpnEvaluateExpression	(	IN PCHAR	Expression,
		IN PKDB_KTRAP_FRAME	TrapFrame,
		OUT PULONGLONG	Result,
		OUT PLONG ErrOffset	OPTIONAL,
		OUT PCHAR ErrMsg	OPTIONAL
	)

Evaluates the given expression.

Parameters

Expression	Expression to evaluate.
TrapFrame	Register values.
Result	Variable which receives the result on success.
ErrOffset	Variable which receives character offset on parse error (-1 on other errors)
ErrMsg	Buffer which receives an error message on failure (128 bytes)

Return values

TRUE	Success.
FALSE	Failure.

Definition at line 1106 of file kdb_expr.c.

{
    PRPN_STACK Stack = (PRPN_STACK)&RpnStack;
 
    ASSERT(Expression);
    ASSERT(TrapFrame);
    ASSERT(Result);
 
    /* Clear the stack and parse the expression */
    RpnpClearStack(Stack);
    if (!RpnpParseExpression(Stack, Expression, NULL, 0, ErrOffset, ErrMsg))
        return FALSE;
 
#ifdef DEBUG_RPN
    RpnpDumpStack(Stack);
#endif
 
    /* Evaluate the stack */
    if (!RpnpEvaluateStack(Stack, TrapFrame, Result, ErrOffset, ErrMsg))
        return FALSE;
 
    return TRUE;
}

Referenced by KdbpEvaluateExpression().

◆ KdbpRpnEvaluateParsedExpression()

BOOLEAN KdbpRpnEvaluateParsedExpression	(	IN PVOID	Expression,
		IN PKDB_KTRAP_FRAME	TrapFrame,
		OUT PULONGLONG	Result,
		OUT PLONG ErrOffset	OPTIONAL,
		OUT PCHAR ErrMsg	OPTIONAL
	)

Evaluates the given expression and returns the result.

Parameters

Expression	Expression "handle" returned by KdbpRpnParseExpression.
TrapFrame	Register values.
Result	Variable which receives the result on success.
ErrOffset	Variable which receives character offset on parse error (-1 on other errors)
ErrMsg	Buffer which receives an error message on failure (128 bytes)

Returns: "Handle" for the expression, NULL on failure.

See also: KdbpRpnParseExpression

Definition at line 1200 of file kdb_expr.c.

{
    PRPN_STACK Stack = (PRPN_STACK)Expression;
 
    ASSERT(Expression);
    ASSERT(TrapFrame);
    ASSERT(Result);
 
    /* Evaluate the stack */
    return RpnpEvaluateStack(Stack, TrapFrame, Result, ErrOffset, ErrMsg);
}

Referenced by KdbEnterDebuggerException().

◆ KdbpRpnParseExpression()

PVOID KdbpRpnParseExpression	(	IN PCHAR	Expression,
		OUT PLONG ErrOffset	OPTIONAL,
		OUT PCHAR ErrMsg	OPTIONAL
	)

Parses the given expression and returns a "handle" to it.

Parameters

Expression	Expression to evaluate.
ErrOffset	Variable which receives character offset on parse error (-1 on other errors)
ErrMsg	Buffer which receives an error message on failure (128 bytes)

Returns: "Handle" for the expression, NULL on failure.

See also: KdbpRpnEvaluateExpression

Definition at line 1146 of file kdb_expr.c.

{
    LONG Size;
    PRPN_STACK Stack = (PRPN_STACK)&RpnStack;
    PRPN_STACK NewStack;
 
    ASSERT(Expression);
 
    /* Clear the stack and parse the expression */
    RpnpClearStack(Stack);
    if (!RpnpParseExpression(Stack, Expression, NULL, 0, ErrOffset, ErrMsg))
        return FALSE;
 
#ifdef DEBUG_RPN
    RpnpDumpStack(Stack);
#endif
 
    /* Duplicate the stack and return a pointer/handle to it */
    ASSERT(Stack->Sp >= 1);
    Size = sizeof (RPN_STACK) + (RTL_FIELD_SIZE(RPN_STACK, Ops[0]) * (Stack->Sp - 1));
    NewStack = ExAllocatePoolWithTag(NonPagedPool, Size, TAG_KDBG);
 
    if (!NewStack)
    {
        CONST_STRCPY(ErrMsg, "Out of memory");
 
        if (ErrOffset)
            *ErrOffset = -1;
 
        return NULL;
    }
 
    memcpy(NewStack, Stack, Size);
    NewStack->Size = NewStack->Sp;
 
    return NewStack;
}

Referenced by KdbpInsertBreakPoint().

◆ KdbpSafeReadMemory()

NTSTATUS KdbpSafeReadMemory	(	OUT PVOID	Dest,
		IN PVOID	Src,
		IN ULONG	Bytes
	)

Definition at line 1657 of file kdb.c.

{
    return KdpCopyMemoryChunks((ULONG64)(ULONG_PTR)Src,
                               Dest,
                               Bytes,
                               0,
                               MMDBG_COPY_UNSAFE,
                               NULL);
}

Referenced by KdbpCmdBackTrace(), KdbpCmdDisassembleX(), KdbpCmdGdtLdtIdt(), KdbpCmdThread(), KdbpOverwriteInstruction(), KdbpReadMemory(), KdbpShouldStepOverInstruction(), KdbpStepIntoInstruction(), and RpnpEvaluateStack().

◆ KdbpSafeWriteMemory()

NTSTATUS KdbpSafeWriteMemory	(	OUT PVOID	Dest,
		IN PVOID	Src,
		IN ULONG	Bytes
	)

Definition at line 1671 of file kdb.c.

{
    return KdpCopyMemoryChunks((ULONG64)(ULONG_PTR)Dest,
                               Src,
                               Bytes,
                               0,
                               MMDBG_COPY_UNSAFE | MMDBG_COPY_WRITE,
                               NULL);
}

Referenced by KdbpOverwriteInstruction().

◆ KdbpSetEnterCondition()

BOOLEAN KdbpSetEnterCondition	(	IN LONG	ExceptionNr,
		IN BOOLEAN	FirstChance,
		IN KDB_ENTER_CONDITION	Condition
	)

Sets the first or last chance enter-condition for exception nr. ExceptionNr.

Parameters

ExceptionNr	Number of the exception to set condition of (-1 for all)
FirstChance	Whether to set first or last chance condition.
Condition	The new condition setting.

Return values

TRUE	Success.
FALSE	Failure (invalid exception nr)

Definition at line 995 of file kdb.c.

{
    if (ExceptionNr < 0)
    {
        for (ExceptionNr = 0; ExceptionNr < (LONG)RTL_NUMBER_OF(KdbEnterConditions); ExceptionNr++)
        {
            if (ExceptionNr == 1 || ExceptionNr == 8 ||
                ExceptionNr == 9 || ExceptionNr == 15) /* Reserved exceptions */
            {
                continue;
            }
 
            KdbEnterConditions[ExceptionNr][FirstChance ? 0 : 1] = Condition;
        }
    }
    else
    {
        if (ExceptionNr >= (LONG)RTL_NUMBER_OF(KdbEnterConditions) ||
            ExceptionNr == 1 || ExceptionNr == 8 || /* Do not allow changing of the debug */
            ExceptionNr == 9 || ExceptionNr == 15)  /* trap or reserved exceptions */
        {
            return FALSE;
        }
 
        KdbEnterConditions[ExceptionNr][FirstChance ? 0 : 1] = Condition;
    }
 
    return TRUE;
}

Referenced by KdbpCmdSet(), and KdbpGetCommandLineSettings().

◆ KdbpStackSwitchAndCall()

VOID NTAPI KdbpStackSwitchAndCall	(	IN PVOID	NewStack,
		IN VOID(*)(VOID)	Function
	)

Referenced by KdbpInternalEnter().

◆ KdbpSymFindModule()

BOOLEAN KdbpSymFindModule	(	IN PVOID Address	OPTIONAL,
		IN INT Index	OPTIONAL,
		OUT PLDR_DATA_TABLE_ENTRY *	pLdrEntry
	)

Find a module...

Parameters

Address	If Address is not NULL the module containing Address is searched.
Name	If Name is not NULL the module named Name will be searched.
Index	If Index is >= 0 the Index'th module will be returned.
pLdrEntry	Pointer to a PLDR_DATA_TABLE_ENTRY which is filled.

Return values

TRUE	Module was found, pLdrEntry was filled.
FALSE	No module was found.

Definition at line 76 of file kdb_symbols.c.

{
    LONG Count = 0;
    PEPROCESS CurrentProcess;
 
    /* First try to look up the module in the kernel module list. */
    KeAcquireSpinLockAtDpcLevel(&PsLoadedModuleSpinLock);
    if(KdbpSymSearchModuleList(PsLoadedModuleList.Flink,
                               &PsLoadedModuleList,
                               &Count,
                               Address,
                               Index,
                               pLdrEntry))
    {
        KeReleaseSpinLockFromDpcLevel(&PsLoadedModuleSpinLock);
        return TRUE;
    }
    KeReleaseSpinLockFromDpcLevel(&PsLoadedModuleSpinLock);
 
    /* That didn't succeed. Try the module list of the current process now. */
    CurrentProcess = PsGetCurrentProcess();
 
    if(!CurrentProcess || !CurrentProcess->Peb || !CurrentProcess->Peb->Ldr)
        return FALSE;
 
    return KdbpSymSearchModuleList(CurrentProcess->Peb->Ldr->InLoadOrderModuleList.Flink,
                                   &CurrentProcess->Peb->Ldr->InLoadOrderModuleList,
                                   &Count,
                                   Address,
                                   Index,
                                   pLdrEntry);
}

Referenced by KdbpCmdMod(), KdbSymPrintAddress(), and KdSendPacket().

◆ KdbPuts()

VOID KdbPuts ( _In_ PCSTR String )

Definition at line 152 of file kdb_print.c.

{
    KdbPutsN(String, (USHORT)strnlen(String, MAXUSHORT - sizeof(ANSI_NULL)));
}

Referenced by KdbEnterDebuggerException(), KdbpCliInterpretInitFile(), KdbpCliMainLoop(), KdbpDisableBreakPoint(), KdbpInsertBreakPoint(), KdbpPagerInternal(), and KdbpPrintDisasm().

◆ KdbPutsN()

VOID KdbPutsN	(	_In_ PCCH	String,
		_In_ USHORT	Length
	)

Definition at line 140 of file kdb_print.c.

{
    CSTRING Output;
 
    Output.Buffer = String;
    Output.Length = Output.MaximumLength = Length;
    KdbPrintString(&Output);
}

Referenced by KdbPrintf(), and KdbPuts().

◆ KdbRegisterCliCallback()

BOOLEAN NTAPI KdbRegisterCliCallback	(	PVOID	Callback,
		BOOLEAN	Deregister
	)

Definition at line 3203 of file kdb_cli.c.

{
    ULONG i;
 
    /* Loop all entries */
    for (i = 0; i < _countof(KdbCliCallbacks); i++)
    {
        /* Check if deregistering was requested */
        if (Deregister)
        {
            /* Check if this entry is the one that was registered */
            if (KdbCliCallbacks[i] == Callback)
            {
                /* Delete it and report success */
                KdbCliCallbacks[i] = NULL;
                return TRUE;
            }
        }
        else
        {
            /* Check if this entry is free */
            if (KdbCliCallbacks[i] == NULL)
            {
                /* Set it and and report success */
                KdbCliCallbacks[i] = Callback;
                return TRUE;
            }
        }
    }
 
    /* Unsuccessful */
    return FALSE;
}

Referenced by KdSystemDebugControl().

◆ KdbSymInit()

BOOLEAN KdbSymInit ( _In_ ULONG BootPhase )

Initializes the KDB symbols implementation.

Parameters

[in] BootPhase Phase of initialization.

Returns: TRUE if symbols are to be loaded at this given BootPhase; FALSE if not.

Definition at line 343 of file kdb_symbols.c.

{
#if 1 // FIXME: This is a workaround HACK!!
    static BOOLEAN OrigLoadSymbols = FALSE;
#endif
 
    DPRINT("KdbSymInit() BootPhase=%d\n", BootPhase);
 
    if (BootPhase == 0)
    {
        PSTR CommandLine;
        SHORT Found = FALSE;
        CHAR YesNo;
 
        /* By default, load symbols in DBG builds, but not in REL builds
           or anything other than x86, because they only work on x86
           and can cause the system to hang on x64. */
#if DBG && defined(_M_IX86)
        LoadSymbols = TRUE;
#else
        LoadSymbols = FALSE;
#endif
 
        /* Check the command line for LOADSYMBOLS, NOLOADSYMBOLS,
         * LOADSYMBOLS={YES|NO}, NOLOADSYMBOLS={YES|NO} */
        ASSERT(KeLoaderBlock);
        CommandLine = KeLoaderBlock->LoadOptions;
        while (*CommandLine)
        {
            /* Skip any whitespace */
            while (isspace(*CommandLine))
                ++CommandLine;
 
            Found = 0;
            if (_strnicmp(CommandLine, "LOADSYMBOLS", 11) == 0)
            {
                Found = +1;
                CommandLine += 11;
            }
            else if (_strnicmp(CommandLine, "NOLOADSYMBOLS", 13) == 0)
            {
                Found = -1;
                CommandLine += 13;
            }
            if (Found != 0)
            {
                if (*CommandLine == '=')
                {
                    ++CommandLine;
                    YesNo = toupper(*CommandLine);
                    if (YesNo == 'N' || YesNo == '0')
                    {
                        Found = -1 * Found;
                    }
                }
                LoadSymbols = (0 < Found);
            }
 
            /* Move on to the next option */
            while (*CommandLine && !isspace(*CommandLine))
                ++CommandLine;
        }
 
#if 1 // FIXME: This is a workaround HACK!!
// Save the actual value of LoadSymbols but disable it for BootPhase 0.
        OrigLoadSymbols = LoadSymbols;
        LoadSymbols = FALSE;
        return OrigLoadSymbols;
#endif
    }
    else if (BootPhase == 1)
    {
        HANDLE Thread;
        NTSTATUS Status;
        KIRQL OldIrql;
        PLIST_ENTRY ListEntry;
 
#if 1 // FIXME: This is a workaround HACK!!
// Now, restore the actual value of LoadSymbols.
        LoadSymbols = OrigLoadSymbols;
#endif
 
        /* Do not continue loading symbols if we have less than 96MB of RAM */
        if (MmNumberOfPhysicalPages < (96 * 1024 * 1024 / PAGE_SIZE))
            LoadSymbols = FALSE;
 
        /* Continue this phase only if we need to load symbols */
        if (!LoadSymbols)
            return LoadSymbols;
 
        /* Launch our worker thread */
        InitializeListHead(&SymbolsToLoad);
        KeInitializeSpinLock(&SymbolsToLoadLock);
        KeInitializeEvent(&SymbolsToLoadEvent, SynchronizationEvent, FALSE);
 
        Status = PsCreateSystemThread(&Thread,
                                      THREAD_ALL_ACCESS,
                                      NULL, NULL, NULL,
                                      LoadSymbolsRoutine,
                                      NULL);
        if (!NT_SUCCESS(Status))
        {
            DPRINT1("Failed starting symbols loader thread: 0x%08x\n", Status);
            LoadSymbols = FALSE;
            return LoadSymbols;
        }
 
        RosSymInitKernelMode();
 
        KeAcquireSpinLock(&PsLoadedModuleSpinLock, &OldIrql);
 
        for (ListEntry = PsLoadedModuleList.Flink;
             ListEntry != &PsLoadedModuleList;
             ListEntry = ListEntry->Flink)
        {
            PLDR_DATA_TABLE_ENTRY LdrEntry = CONTAINING_RECORD(ListEntry, LDR_DATA_TABLE_ENTRY, InLoadOrderLinks);
            KdbSymProcessSymbols(LdrEntry, TRUE);
        }
 
        KeReleaseSpinLock(&PsLoadedModuleSpinLock, OldIrql);
    }
 
    return LoadSymbols;
}

Referenced by KdbInitialize().

◆ KdbSymPrintAddress()

BOOLEAN KdbSymPrintAddress	(	IN PVOID	Address,
		IN PCONTEXT	Context
	)

Print address...

Tries to lookup line number, file name and function name for the given address and prints it. If no such information is found the address is printed in the format <module: offset>, otherwise the format will be <module: offset (filename:linenumber (functionname))>

Return values

TRUE	Module containing Address was found, Address was printed.
FALSE	No module containing Address was found, nothing was printed.

Definition at line 149 of file kdb_symbols.c.

{
    PLDR_DATA_TABLE_ENTRY LdrEntry;
    ULONG_PTR RelativeAddress;
    BOOLEAN Printed = FALSE;
    CHAR ModuleNameAnsi[64];
 
    if (!KdbpSymFindModule(Address, -1, &LdrEntry))
        return FALSE;
 
    RelativeAddress = (ULONG_PTR)Address - (ULONG_PTR)LdrEntry->DllBase;
 
    KdbpSymUnicodeToAnsi(&LdrEntry->BaseDllName,
                        ModuleNameAnsi,
                        sizeof(ModuleNameAnsi));
 
    if (LdrEntry->PatchInformation)
    {
        ULONG LineNumber;
        CHAR FileName[256];
        CHAR FunctionName[256];
 
        if (RosSymGetAddressInformation(LdrEntry->PatchInformation,
                                        RelativeAddress,
                                        &LineNumber,
                                        FileName,
                                        FunctionName))
        {
            KdbPrintf("<%s:%x (%s:%d (%s))>",
                      ModuleNameAnsi, RelativeAddress,
                      FileName, LineNumber, FunctionName);
            Printed = TRUE;
        }
    }
 
    if (!Printed)
    {
        /* Just print module & address */
        KdbPrintf("<%s:%x>", ModuleNameAnsi, RelativeAddress);
    }
 
    return TRUE;
}

Referenced by KdbpCliMainLoop(), KdbpCmdBackTrace(), KdbpCmdDisassembleX(), KdbpPrintAddressInCode(), and KeRosDumpStackFrameArray().

◆ KdbSymProcessSymbols()

VOID KdbSymProcessSymbols	(	_Inout_ PLDR_DATA_TABLE_ENTRY	LdrEntry,
		_In_ BOOLEAN	Load
	)

Load symbols from image mapping. If this fails,.

Parameters

LdrEntry The entry to load symbols from

Definition at line 297 of file kdb_symbols.c.

{
    if (!LoadSymbols)
        return;
 
    /* Check if this is unload */
    if (!Load)
    {
        /* Did we process it */
        if (LdrEntry->PatchInformation)
        {
            RosSymDelete(LdrEntry->PatchInformation);
            LdrEntry->PatchInformation = NULL;
        }
        return;
    }
 
    if (RosSymCreateFromMem(LdrEntry->DllBase, LdrEntry->SizeOfImage, (PROSSYM_INFO*)&LdrEntry->PatchInformation))
    {
        return;
    }
 
    /* Add a ref until we really process it */
    LdrEntry->LoadCount++;
 
    /* Tell our worker thread to read from it */
    KeAcquireSpinLockAtDpcLevel(&SymbolsToLoadLock);
    InsertTailList(&SymbolsToLoad, &LdrEntry->InInitializationOrderLinks);
    KeReleaseSpinLockFromDpcLevel(&SymbolsToLoadLock);
 
    KeSetEvent(&SymbolsToLoadEvent, IO_NO_INCREMENT, FALSE);
}

Referenced by KdbSymInit(), and KdSendPacket().

◆ KdpSafeReadMemory()

BOOLEAN NTAPI KdpSafeReadMemory	(	IN ULONG_PTR	Addr,
		IN LONG	Len,
		OUT PVOID	Value
	)

◆ KdpSafeWriteMemory()

BOOLEAN NTAPI KdpSafeWriteMemory	(	IN ULONG_PTR	Addr,
		IN LONG	Len,
		IN ULONGLONG	Value
	)

Variable Documentation

◆ KdbCurrentProcess

PEPROCESS KdbCurrentProcess

extern

Definition at line 52 of file kdb.c.

Referenced by KdbEnterDebuggerException(), KdbpAttachToProcess(), KdbpAttachToThread(), KdbpCmdProc(), KdbpCmdThread(), and KdbpInsertBreakPoint().

◆ KdbCurrentThread

PETHREAD KdbCurrentThread

extern

Definition at line 54 of file kdb.c.

Referenced by KdbEnterDebuggerException(), KdbpAttachToThread(), KdbpCmdProc(), and KdbpCmdThread().

◆ KdbCurrentTrapFrame

PKDB_KTRAP_FRAME KdbCurrentTrapFrame

extern

Definition at line 56 of file kdb.c.

Referenced by KdbEnterDebuggerException(), KdbpAttachToThread(), KdbpCliMainLoop(), KdbpCmdBackTrace(), KdbpCmdDisassembleX(), KdbpCmdRegs(), KdbpEnableBreakPoint(), KdbpEvaluateExpression(), and KdbpStepIntoInstruction().

◆ KdbInitFileBuffer

volatile PCHAR KdbInitFileBuffer

extern

Definition at line 137 of file kdb_cli.c.

Referenced by KdbEnterDebuggerException(), KdbpCliInit(), and KdbpCliInterpretInitFile().

◆ KdbLastBreakPointNr

LONG KdbLastBreakPointNr

extern

Definition at line 48 of file kdb.c.

Referenced by KdbEnterDebuggerException(), and KdbpCmdBreakPointList().

◆ KdbNumSingleSteps

ULONG KdbNumSingleSteps

extern

Definition at line 49 of file kdb.c.

Referenced by KdbEnterDebuggerException(), and KdbpCmdStep().

◆ KdbSingleStepOver

BOOLEAN KdbSingleStepOver

extern

Definition at line 50 of file kdb.c.

Referenced by KdbEnterDebuggerException(), and KdbpCmdStep().

Classes

Typedefs

Enumerations

Functions

Variables

Typedef Documentation

◆ KD_CONTINUE_TYPE

◆ KDB_ACCESS_TYPE

◆ KDB_BREAKPOINT

◆ KDB_BREAKPOINT_TYPE

◆ KDB_ENTER_CONDITION

◆ KDB_KTRAP_FRAME

◆ PKDB_BREAKPOINT

◆ PKDB_KTRAP_FRAME

Enumeration Type Documentation

◆ _KD_CONTINUE_TYPE

◆ _KDB_ACCESS_TYPE

◆ _KDB_BREAKPOINT_TYPE

◆ _KDB_ENTER_CONDITION

Function Documentation

◆ KbdDisableMouse()

◆ KbdEnableMouse()

◆ KdbEnterDebuggerException()

◆ KdbGetHistoryEntry()

◆ KdbInitialize()

◆ KdbpAttachToProcess()

◆ KdbpAttachToThread()

◆ KdbpCliInit()

◆ KdbpCliInterpretInitFile()

◆ KdbpCliMainLoop()

◆ KdbpCommandHistoryAppend()

◆ KdbpDeleteBreakPoint()

◆ KdbpDisableBreakPoint()

◆ KdbpDisassemble()

◆ KdbpEnableBreakPoint()

◆ KdbpGetBreakPointInfo()

◆ KdbpGetCommandLineSettings()

◆ KdbpGetEnterCondition()

◆ KdbpGetHexNumber()

◆ KdbpGetInstLength()

◆ KdbpGetNextBreakPointNr()

◆ KdbpInsertBreakPoint()

◆ KdbpPager()

◆ KdbpPrint()

◆ KdbpPrintUnicodeString()

◆ KdbPrintf()

◆ KdbPrintString()

◆ KdbPrompt()

◆ KdbPromptString()

◆ KdbpRpnEvaluateExpression()

◆ KdbpRpnEvaluateParsedExpression()

◆ KdbpRpnParseExpression()

◆ KdbpSafeReadMemory()

◆ KdbpSafeWriteMemory()

◆ KdbpSetEnterCondition()

◆ KdbpStackSwitchAndCall()

◆ KdbpSymFindModule()

◆ KdbPuts()

◆ KdbPutsN()

◆ KdbRegisterCliCallback()

◆ KdbSymInit()

◆ KdbSymPrintAddress()

◆ KdbSymProcessSymbols()

◆ KdpSafeReadMemory()

◆ KdpSafeWriteMemory()

Variable Documentation

◆ KdbCurrentProcess

◆ KdbCurrentThread

◆ KdbCurrentTrapFrame

◆ KdbInitFileBuffer

◆ KdbLastBreakPointNr

◆ KdbNumSingleSteps

◆ KdbSingleStepOver