ReactOS 0.4.15-dev-7788-g1ad9096
kdb.c
Go to the documentation of this file.
1/*
2 * COPYRIGHT: See COPYING in the top level directory
3 * PROJECT: ReactOS kernel
4 * FILE: ntoskrnl/kdbg/kdb.c
5 * PURPOSE: Kernel Debugger
6 *
7 * PROGRAMMERS: Gregor Anich
8 */
9
10/* INCLUDES ******************************************************************/
11
12#include <ntoskrnl.h>
13#include "kdb.h"
14
15/* TYPES *********************************************************************/
16
17/* DEFINES *******************************************************************/
18
19#define KDB_STACK_SIZE (4096*3)
20#ifdef _M_AMD64
21#define KDB_STACK_ALIGN 16
22#define KDB_STACK_RESERVE (5 * sizeof(PVOID)) /* Home space + return address */
23#else
24#define KDB_STACK_ALIGN 4
25#define KDB_STACK_RESERVE sizeof(ULONG) /* Return address */
26#endif
27#define KDB_MAXIMUM_BREAKPOINT_COUNT 256
28#define KDB_MAXIMUM_HW_BREAKPOINT_COUNT 4
29#define KDB_MAXIMUM_SW_BREAKPOINT_COUNT 256
30
31#define __STRING(x) #x
32#define _STRING(x) __STRING(x)
33
34/* GLOBALS *******************************************************************/
35
38
39static ULONG KdbBreakPointCount = 0; /* Number of used breakpoints in the array */
40static KDB_BREAKPOINT KdbBreakPoints[KDB_MAXIMUM_BREAKPOINT_COUNT] = {{0}}; /* Breakpoint array */
41static ULONG KdbSwBreakPointCount = 0; /* Number of enabled software breakpoints */
42static ULONG KdbHwBreakPointCount = 0; /* Number of enabled hardware breakpoints */
43static PKDB_BREAKPOINT KdbSwBreakPoints[KDB_MAXIMUM_SW_BREAKPOINT_COUNT]; /* Enabled software breakpoints, orderless */
44static PKDB_BREAKPOINT KdbHwBreakPoints[KDB_MAXIMUM_HW_BREAKPOINT_COUNT]; /* Enabled hardware breakpoints, orderless */
45static PKDB_BREAKPOINT KdbBreakPointToReenable = NULL; /* Set to a breakpoint struct when single stepping after
46 a software breakpoint was hit, to reenable it */
48LONG KdbLastBreakPointNr = -1; /* Index of the breakpoint which cause KDB to be entered */
49ULONG KdbNumSingleSteps = 0; /* How many single steps to do */
50BOOLEAN KdbSingleStepOver = FALSE; /* Whether to step over calls/reps. */
51static BOOLEAN KdbEnteredOnSingleStep = FALSE; /* Set to true when KDB was entered because of single step */
52PEPROCESS KdbCurrentProcess = NULL; /* The current process context in which KDB runs */
53PEPROCESS KdbOriginalProcess = NULL; /* The process in whichs context KDB was intered */
54PETHREAD KdbCurrentThread = NULL; /* The current thread context in which KDB runs */
55PETHREAD KdbOriginalThread = NULL; /* The thread in whichs context KDB was entered */
56PKDB_KTRAP_FRAME KdbCurrentTrapFrame = NULL; /* Pointer to the current trapframe */
57static KDB_KTRAP_FRAME KdbTrapFrame = { 0 }; /* The trapframe which was passed to KdbEnterDebuggerException */
58static KDB_KTRAP_FRAME KdbThreadTrapFrame = { 0 }; /* The trapframe of the current thread (KdbCurrentThread) */
61
62/* Array of conditions when to enter KDB */
64{
65 /* First chance Last chance */
66 { KdbDoNotEnter, KdbEnterFromKmode }, /* 0: Zero divide */
67 { KdbEnterFromKmode, KdbDoNotEnter }, /* 1: Debug trap */
68 { KdbDoNotEnter, KdbEnterAlways }, /* 2: NMI */
69 { KdbEnterFromKmode, KdbDoNotEnter }, /* 3: INT3 */
70 { KdbDoNotEnter, KdbEnterFromKmode }, /* 4: Overflow */
71 { KdbDoNotEnter, KdbEnterFromKmode }, /* 5: BOUND range exceeded */
72 { KdbDoNotEnter, KdbEnterFromKmode }, /* 6: Invalid opcode */
73 { KdbDoNotEnter, KdbEnterFromKmode }, /* 7: No math coprocessor fault */
74 { KdbEnterAlways, KdbEnterAlways }, /* 8: Double Fault */
75 { KdbEnterAlways, KdbEnterAlways }, /* 9: Unknown(9) */
76 { KdbDoNotEnter, KdbEnterFromKmode }, /* 10: Invalid TSS */
77 { KdbDoNotEnter, KdbEnterFromKmode }, /* 11: Segment Not Present */
78 { KdbDoNotEnter, KdbEnterFromKmode }, /* 12: Stack fault */
79 { KdbDoNotEnter, KdbEnterFromKmode }, /* 13: General protection fault */
80 { KdbDoNotEnter, KdbEnterFromKmode }, /* 14: Page fault */
81 { KdbEnterAlways, KdbEnterAlways }, /* 15: Reserved (15) */
82 { KdbDoNotEnter, KdbEnterFromKmode }, /* 16: FPU fault */
83 { KdbDoNotEnter, KdbEnterFromKmode }, /* 17: Alignment Check */
84 { KdbDoNotEnter, KdbEnterFromKmode }, /* 18: Machine Check */
85 { KdbDoNotEnter, KdbEnterFromKmode }, /* 19: SIMD fault */
86 { KdbEnterFromKmode, KdbDoNotEnter }, /* 20: Assertion failure */
87 { KdbDoNotEnter, KdbEnterFromKmode } /* Last entry: used for unknown exceptions */
88};
89
90/* Exception descriptions */
91static const CHAR *ExceptionNrToString[] =
92{
93 "Divide Error",
94 "Debug Trap",
95 "NMI",
96 "Breakpoint",
97 "Overflow",
98 "BOUND range exceeded",
99 "Invalid Opcode",
100 "No Math Coprocessor",
101 "Double Fault",
102 "Unknown(9)",
103 "Invalid TSS",
104 "Segment Not Present",
105 "Stack Segment Fault",
106 "General Protection",
107 "Page Fault",
108 "Reserved(15)",
109 "Math Fault",
110 "Alignment Check",
111 "Machine Check",
112 "SIMD Fault",
113 "Assertion Failure"
114};
115
116/* FUNCTIONS *****************************************************************/
117
118static VOID
120 PVOID KernelStack,
122{
123 ULONG_PTR *StackPtr;
124
126 StackPtr = (ULONG_PTR *) KernelStack;
127#ifdef _M_IX86
128 KdbTrapFrame->Ebp = StackPtr[3];
129 KdbTrapFrame->Edi = StackPtr[4];
130 KdbTrapFrame->Esi = StackPtr[5];
131 KdbTrapFrame->Ebx = StackPtr[6];
132 KdbTrapFrame->Eip = StackPtr[7];
133 KdbTrapFrame->Esp = (ULONG) (StackPtr + 8);
139#endif
140
141 /* FIXME: what about the other registers??? */
142}
143
154static NTSTATUS
158 IN UCHAR NewInst,
159 OUT PUCHAR OldInst OPTIONAL)
160{
163 PEPROCESS CurrentProcess = PsGetCurrentProcess();
165
166 /* Get the protection for the address. */
168
169 /* Return if that page isn't present. */
171 {
173 }
174
175 /* Attach to the process */
176 if (CurrentProcess != Process)
177 {
179 }
180
181 /* Make the page writeable if it is read only. */
183 {
186 }
187
188 /* Copy the old instruction back to the caller. */
189 if (OldInst)
190 {
191 Status = KdbpSafeReadMemory(OldInst, (PUCHAR)Address, 1);
192 if (!NT_SUCCESS(Status))
193 {
195 {
197 }
198
199 /* Detach from process */
200 if (CurrentProcess != Process)
201 {
203 }
204
205 return Status;
206 }
207 }
208
209 /* Copy the new instruction in its place. */
210 Status = KdbpSafeWriteMemory((PUCHAR)Address, &NewInst, 1);
211
212 /* Restore the page protection. */
214 {
216 }
217
218 /* Detach from process */
219 if (CurrentProcess != Process)
220 {
222 }
223
224 return Status;
225}
226
235 ULONG_PTR Eip)
236{
237 UCHAR Mem[3];
238 ULONG i = 0;
239
240 if (!NT_SUCCESS(KdbpSafeReadMemory(Mem, (PVOID)Eip, sizeof (Mem))))
241 {
242 KdbPrintf("Couldn't access memory at 0x%p\n", Eip);
243 return FALSE;
244 }
245
246 /* Check if the current instruction is a call. */
247 while ((i < sizeof (Mem)) && (Mem[i] == 0x66 || Mem[i] == 0x67))
248 i++;
249
250 if (i == sizeof (Mem))
251 return FALSE;
252
253 if (Mem[i] == 0xE8 || Mem[i] == 0x9A || Mem[i] == 0xF2 || Mem[i] == 0xF3 ||
254 (((i + 1) < sizeof (Mem)) && Mem[i] == 0xFF && (Mem[i+1] & 0x38) == 0x10))
255 {
256 return TRUE;
257 }
258
259 return FALSE;
260}
261
273 ULONG_PTR Eip)
274{
275 LONG InstLen;
276
278 return FALSE;
279
280 InstLen = KdbpGetInstLength(Eip);
281 if (InstLen < 1)
282 return FALSE;
283
285 return FALSE;
286
287 return TRUE;
288}
289
301 ULONG_PTR Eip)
302{
303 KDESCRIPTOR Idtr = {0};
304 UCHAR Mem[2];
305 INT IntVect;
306 ULONG IntDesc[2];
307 ULONG_PTR TargetEip;
308
309 /* Read memory */
310 if (!NT_SUCCESS(KdbpSafeReadMemory(Mem, (PVOID)Eip, sizeof (Mem))))
311 {
312 // KdbPrintf("Couldn't access memory at 0x%p\n", Eip);
313 return FALSE;
314 }
315
316 /* Check for INT instruction */
317 /* FIXME: Check for iret */
318 if (Mem[0] == 0xcc)
319 IntVect = 3;
320 else if (Mem[0] == 0xcd)
321 IntVect = Mem[1];
322 else if (Mem[0] == 0xce && KdbCurrentTrapFrame->EFlags & (1<<11)) /* 1 << 11 is the overflow flag */
323 IntVect = 4;
324 else
325 return FALSE;
326
327 if (IntVect < 32) /* We should be informed about interrupts < 32 by the kernel, no need to breakpoint them */
328 {
329 return FALSE;
330 }
331
332 /* Read the interrupt descriptor table register */
333 __sidt(&Idtr.Limit);
334 if (IntVect >= (Idtr.Limit + 1) / 8)
335 {
336 // KdbPrintf("IDT does not contain interrupt vector %d.\n", IntVect);
337 return TRUE;
338 }
339
340 /* Get the interrupt descriptor */
341 if (!NT_SUCCESS(KdbpSafeReadMemory(IntDesc, (PVOID)((ULONG_PTR)Idtr.Base + (IntVect * 8)), sizeof(IntDesc))))
342 {
343 // KdbPrintf("Couldn't access memory at 0x%p\n", (ULONG_PTR)Idtr.Base + (IntVect * 8));
344 return FALSE;
345 }
346
347 /* Check descriptor and get target eip (16 bit interrupt/trap gates not supported) */
348 if ((IntDesc[1] & (1 << 15)) == 0) /* not present */
349 {
350 return FALSE;
351 }
352 if ((IntDesc[1] & 0x1f00) == 0x0500) /* Task gate */
353 {
354 /* FIXME: Task gates not supported */
355 return FALSE;
356 }
357 else if (((IntDesc[1] & 0x1fe0) == 0x0e00) || /* 32 bit Interrupt gate */
358 ((IntDesc[1] & 0x1fe0) == 0x0f00)) /* 32 bit Trap gate */
359 {
360 /* FIXME: Should the segment selector of the interrupt gate be checked? */
361 TargetEip = (IntDesc[1] & 0xffff0000) | (IntDesc[0] & 0x0000ffff);
362 }
363 else
364 {
365 return FALSE;
366 }
367
368 /* Insert breakpoint */
370 return FALSE;
371
372 return TRUE;
373}
374
381LONG
384{
385 for (; Start < RTL_NUMBER_OF(KdbBreakPoints); Start++)
386 {
387 if (KdbBreakPoints[Start].Type != KdbBreakPointNone)
388 return Start;
389 }
390
391 return -1;
392}
393
410 IN ULONG BreakPointNr,
414 OUT KDB_ACCESS_TYPE *AccessType OPTIONAL,
415 OUT UCHAR *DebugReg OPTIONAL,
419 OUT PCHAR *ConditionExpression OPTIONAL)
420{
422
423 if (BreakPointNr >= RTL_NUMBER_OF(KdbBreakPoints) ||
424 KdbBreakPoints[BreakPointNr].Type == KdbBreakPointNone)
425 {
426 return FALSE;
427 }
428
429 bp = KdbBreakPoints + BreakPointNr;
430 if (Address)
431 *Address = bp->Address;
432
433 if (Type)
434 *Type = bp->Type;
435
436 if (bp->Type == KdbBreakPointHardware)
437 {
438 if (Size)
439 *Size = bp->Data.Hw.Size;
440
441 if (AccessType)
442 *AccessType = bp->Data.Hw.AccessType;
443
444 if (DebugReg && bp->Enabled)
445 *DebugReg = bp->Data.Hw.DebugReg;
446 }
447
448 if (Enabled)
449 *Enabled = bp->Enabled;
450
451 if (Global)
452 *Global = bp->Global;
453
454 if (Process)
455 *Process = bp->Process;
456
457 if (ConditionExpression)
458 *ConditionExpression = bp->ConditionExpression;
459
460 return TRUE;
461}
462
482 IN KDB_ACCESS_TYPE AccessType OPTIONAL,
483 IN PCHAR ConditionExpression OPTIONAL,
485 OUT PLONG BreakPointNr OPTIONAL)
486{
487 LONG_PTR i;
489 PCHAR ConditionExpressionDup;
490 LONG ErrOffset;
491 CHAR ErrMsg[128];
492
494
496 {
497 if ((Address % Size) != 0)
498 {
499 KdbPrintf("Address (0x%p) must be aligned to a multiple of the size (%d)\n", Address, Size);
500 return STATUS_UNSUCCESSFUL;
501 }
502
503 if (AccessType == KdbAccessExec && Size != 1)
504 {
505 KdbPuts("Size must be 1 for execution breakpoints.\n");
506 return STATUS_UNSUCCESSFUL;
507 }
508 }
509
510 if (KdbBreakPointCount == KDB_MAXIMUM_BREAKPOINT_COUNT)
511 {
512 return STATUS_UNSUCCESSFUL;
513 }
514
515 /* Parse condition expression string and duplicate it */
516 if (ConditionExpression)
517 {
518 Condition = KdbpRpnParseExpression(ConditionExpression, &ErrOffset, ErrMsg);
519 if (!Condition)
520 {
521 if (ErrOffset >= 0)
522 KdbPrintf("Couldn't parse expression: %s at character %d\n", ErrMsg, ErrOffset);
523 else
524 KdbPrintf("Couldn't parse expression: %s", ErrMsg);
525
526 return STATUS_UNSUCCESSFUL;
527 }
528
529 i = strlen(ConditionExpression) + 1;
530 ConditionExpressionDup = ExAllocatePoolWithTag(NonPagedPool, i, TAG_KDBG);
531 RtlCopyMemory(ConditionExpressionDup, ConditionExpression, i);
532 }
533 else
534 {
535 Condition = NULL;
536 ConditionExpressionDup = NULL;
537 }
538
539 /* Find unused breakpoint */
541 {
542 for (i = RTL_NUMBER_OF(KdbBreakPoints) - 1; i >= 0; i--)
543 {
544 if (KdbBreakPoints[i].Type == KdbBreakPointNone)
545 break;
546 }
547 }
548 else
549 {
550 for (i = 0; i < (LONG)RTL_NUMBER_OF(KdbBreakPoints); i++)
551 {
552 if (KdbBreakPoints[i].Type == KdbBreakPointNone)
553 break;
554 }
555 }
556
557 ASSERT(i < (LONG)RTL_NUMBER_OF(KdbBreakPoints));
558
559 /* Set the breakpoint */
561 KdbBreakPoints[i].Type = Type;
562 KdbBreakPoints[i].Address = Address;
563 KdbBreakPoints[i].Enabled = FALSE;
564 KdbBreakPoints[i].Global = Global;
565 KdbBreakPoints[i].Process = KdbCurrentProcess;
566 KdbBreakPoints[i].ConditionExpression = ConditionExpressionDup;
567 KdbBreakPoints[i].Condition = Condition;
568
570 {
571 KdbBreakPoints[i].Data.Hw.Size = Size;
572 KdbBreakPoints[i].Data.Hw.AccessType = AccessType;
573 }
574
575 KdbBreakPointCount++;
576
578 KdbPrintf("Breakpoint %d inserted.\n", i);
579
580 /* Try to enable the breakpoint */
582
583 /* Return the breakpoint number */
584 if (BreakPointNr)
585 *BreakPointNr = i;
586
587 return STATUS_SUCCESS;
588}
589
600 IN LONG BreakPointNr OPTIONAL,
601 IN OUT PKDB_BREAKPOINT BreakPoint OPTIONAL)
602{
603 if (BreakPointNr < 0)
604 {
605 ASSERT(BreakPoint);
606 BreakPointNr = BreakPoint - KdbBreakPoints;
607 }
608
609 if (BreakPointNr < 0 || BreakPointNr >= KDB_MAXIMUM_BREAKPOINT_COUNT)
610 {
611 KdbPrintf("Invalid breakpoint: %d\n", BreakPointNr);
612 return FALSE;
613 }
614
615 if (!BreakPoint)
616 {
617 BreakPoint = KdbBreakPoints + BreakPointNr;
618 }
619
620 if (BreakPoint->Type == KdbBreakPointNone)
621 {
622 KdbPrintf("Invalid breakpoint: %d\n", BreakPointNr);
623 return FALSE;
624 }
625
626 if (BreakPoint->Enabled && !KdbpDisableBreakPoint(-1, BreakPoint))
627 return FALSE;
628
629 if (BreakPoint->Type != KdbBreakPointTemporary)
630 KdbPrintf("Breakpoint %d deleted.\n", BreakPointNr);
631
632 BreakPoint->Type = KdbBreakPointNone;
633 KdbBreakPointCount--;
634
635 return TRUE;
636}
637
648static LONG
652{
653 ULONG i;
655
656 if (ExceptionCode == STATUS_BREAKPOINT) /* Software interrupt */
657 {
658 ULONG_PTR BpPc = KeGetContextPc(Context) - 1; /* Get EIP of INT3 instruction */
659 for (i = 0; i < KdbSwBreakPointCount; i++)
660 {
664
665 if (KdbSwBreakPoints[i]->Address == BpPc)
666 {
667 return KdbSwBreakPoints[i] - KdbBreakPoints;
668 }
669 }
670 }
671 else if (ExceptionCode == STATUS_SINGLE_STEP) /* Hardware interrupt */
672 {
673 UCHAR DebugReg;
674
675 for (i = 0; i < KdbHwBreakPointCount; i++)
676 {
679 DebugReg = KdbHwBreakPoints[i]->Data.Hw.DebugReg;
680
681 if ((Context->Dr6 & ((ULONG_PTR)1 << DebugReg)) != 0)
682 {
683 return KdbHwBreakPoints[i] - KdbBreakPoints;
684 }
685 }
686 }
687
688 return -1;
689}
690
703 IN LONG BreakPointNr OPTIONAL,
704 IN OUT PKDB_BREAKPOINT BreakPoint OPTIONAL)
705{
707 INT i;
708 ULONG ul;
709
710 if (BreakPointNr < 0)
711 {
712 ASSERT(BreakPoint);
713 BreakPointNr = BreakPoint - KdbBreakPoints;
714 }
715
716 if (BreakPointNr < 0 || BreakPointNr >= KDB_MAXIMUM_BREAKPOINT_COUNT)
717 {
718 KdbPrintf("Invalid breakpoint: %d\n", BreakPointNr);
719 return FALSE;
720 }
721
722 if (!BreakPoint)
723 {
724 BreakPoint = KdbBreakPoints + BreakPointNr;
725 }
726
727 if (BreakPoint->Type == KdbBreakPointNone)
728 {
729 KdbPrintf("Invalid breakpoint: %d\n", BreakPointNr);
730 return FALSE;
731 }
732
733 if (BreakPoint->Enabled)
734 {
735 KdbPrintf("Breakpoint %d is already enabled.\n", BreakPointNr);
736 return TRUE;
737 }
738
739 if (BreakPoint->Type == KdbBreakPointSoftware ||
740 BreakPoint->Type == KdbBreakPointTemporary)
741 {
743 {
744 KdbPrintf("Maximum number of SW breakpoints (%d) used. "
745 "Disable another breakpoint in order to enable this one.\n",
747 return FALSE;
748 }
749
750 Status = KdbpOverwriteInstruction(BreakPoint->Process, BreakPoint->Address,
751 0xCC, &BreakPoint->Data.SavedInstruction);
752 if (!NT_SUCCESS(Status))
753 {
754 KdbPrintf("Couldn't access memory at 0x%p\n", BreakPoint->Address);
755 return FALSE;
756 }
757
759 }
760 else
761 {
762 if (BreakPoint->Data.Hw.AccessType == KdbAccessExec)
763 ASSERT(BreakPoint->Data.Hw.Size == 1);
764
765 ASSERT((BreakPoint->Address % BreakPoint->Data.Hw.Size) == 0);
766
768 {
769 KdbPrintf("Maximum number of HW breakpoints (%d) already used. "
770 "Disable another breakpoint in order to enable this one.\n",
772 return FALSE;
773 }
774
775 /* Find unused hw breakpoint */
777 for (i = 0; i < KDB_MAXIMUM_HW_BREAKPOINT_COUNT; i++)
778 {
779 if ((KdbTrapFrame.Dr7 & (0x3 << (i * 2))) == 0)
780 break;
781 }
782
784
785 /* Set the breakpoint address. */
786 switch (i)
787 {
788 case 0:
789 KdbTrapFrame.Dr0 = BreakPoint->Address;
790 break;
791 case 1:
792 KdbTrapFrame.Dr1 = BreakPoint->Address;
793 break;
794 case 2:
795 KdbTrapFrame.Dr2 = BreakPoint->Address;
796 break;
797 case 3:
798 KdbTrapFrame.Dr3 = BreakPoint->Address;
799 break;
800 }
801
802 /* Enable the global breakpoint */
803 KdbTrapFrame.Dr7 |= (0x2 << (i * 2));
804
805 /* Enable the exact match bits. */
806 KdbTrapFrame.Dr7 |= 0x00000300;
807
808 /* Clear existing state. */
809 KdbTrapFrame.Dr7 &= ~(0xF << (16 + (i * 4)));
810
811 /* Set the breakpoint type. */
812 switch (BreakPoint->Data.Hw.AccessType)
813 {
814 case KdbAccessExec:
815 ul = 0;
816 break;
817 case KdbAccessWrite:
818 ul = 1;
819 break;
820 case KdbAccessRead:
822 ul = 3;
823 break;
824 default:
825 ASSERT(0);
826 return TRUE;
827 break;
828 }
829
830 KdbTrapFrame.Dr7 |= (ul << (16 + (i * 4)));
831
832 /* Set the breakpoint length. */
833 KdbTrapFrame.Dr7 |= ((BreakPoint->Data.Hw.Size - 1) << (18 + (i * 4)));
834
835 /* Update KdbCurrentTrapFrame - values are taken from there by the CLI */
837 {
844 }
845
846 BreakPoint->Data.Hw.DebugReg = i;
848 }
849
850 BreakPoint->Enabled = TRUE;
851 if (BreakPoint->Type != KdbBreakPointTemporary)
852 KdbPrintf("Breakpoint %d enabled.\n", BreakPointNr);
853
854 return TRUE;
855}
856
869 IN LONG BreakPointNr OPTIONAL,
870 IN OUT PKDB_BREAKPOINT BreakPoint OPTIONAL)
871{
872 ULONG i;
874
875 if (BreakPointNr < 0)
876 {
877 ASSERT(BreakPoint);
878 BreakPointNr = BreakPoint - KdbBreakPoints;
879 }
880
881 if (BreakPointNr < 0 || BreakPointNr >= KDB_MAXIMUM_BREAKPOINT_COUNT)
882 {
883 KdbPrintf("Invalid breakpoint: %d\n", BreakPointNr);
884 return FALSE;
885 }
886
887 if (!BreakPoint)
888 {
889 BreakPoint = KdbBreakPoints + BreakPointNr;
890 }
891
892 if (BreakPoint->Type == KdbBreakPointNone)
893 {
894 KdbPrintf("Invalid breakpoint: %d\n", BreakPointNr);
895 return FALSE;
896 }
897
898 if (BreakPoint->Enabled == FALSE)
899 {
900 KdbPrintf("Breakpoint %d is not enabled.\n", BreakPointNr);
901 return TRUE;
902 }
903
904 if (BreakPoint->Type == KdbBreakPointSoftware ||
905 BreakPoint->Type == KdbBreakPointTemporary)
906 {
908 Status = KdbpOverwriteInstruction(BreakPoint->Process, BreakPoint->Address,
909 BreakPoint->Data.SavedInstruction, NULL);
910
911 if (!NT_SUCCESS(Status))
912 {
913 KdbPuts("Couldn't restore original instruction.\n");
914 return FALSE;
915 }
916
917 for (i = 0; i < KdbSwBreakPointCount; i++)
918 {
919 if (KdbSwBreakPoints[i] == BreakPoint)
920 {
922 i = -1; /* if the last breakpoint is disabled dont break with i >= KdbSwBreakPointCount */
923 break;
924 }
925 }
926
927 if (i != MAXULONG) /* not found */
928 ASSERT(0);
929 }
930 else
931 {
932 ASSERT(BreakPoint->Type == KdbBreakPointHardware);
933
934 /* Clear the breakpoint. */
935 KdbTrapFrame.Dr7 &= ~(0x3 << (BreakPoint->Data.Hw.DebugReg * 2));
936 if ((KdbTrapFrame.Dr7 & 0xFF) == 0)
937 {
938 /* If no breakpoints are enabled then clear the exact match flags. */
939 KdbTrapFrame.Dr7 &= 0xFFFFFCFF;
940 }
941
942 for (i = 0; i < KdbHwBreakPointCount; i++)
943 {
944 if (KdbHwBreakPoints[i] == BreakPoint)
945 {
947 i = -1; /* if the last breakpoint is disabled dont break with i >= KdbHwBreakPointCount */
948 break;
949 }
950 }
951
952 if (i != MAXULONG) /* not found */
953 ASSERT(0);
954 }
955
956 BreakPoint->Enabled = FALSE;
957 if (BreakPoint->Type != KdbBreakPointTemporary)
958 KdbPrintf("Breakpoint %d disabled.\n", BreakPointNr);
959
960 return TRUE;
961}
962
974 IN LONG ExceptionNr,
975 IN BOOLEAN FirstChance,
977{
978 if (ExceptionNr >= (LONG)RTL_NUMBER_OF(KdbEnterConditions))
979 return FALSE;
980
981 *Condition = KdbEnterConditions[ExceptionNr][FirstChance ? 0 : 1];
982 return TRUE;
983}
984
996 IN LONG ExceptionNr,
997 IN BOOLEAN FirstChance,
999{
1000 if (ExceptionNr < 0)
1001 {
1002 for (ExceptionNr = 0; ExceptionNr < (LONG)RTL_NUMBER_OF(KdbEnterConditions); ExceptionNr++)
1003 {
1004 if (ExceptionNr == 1 || ExceptionNr == 8 ||
1005 ExceptionNr == 9 || ExceptionNr == 15) /* Reserved exceptions */
1006 {
1007 continue;
1008 }
1009
1010 KdbEnterConditions[ExceptionNr][FirstChance ? 0 : 1] = Condition;
1011 }
1012 }
1013 else
1014 {
1015 if (ExceptionNr >= (LONG)RTL_NUMBER_OF(KdbEnterConditions) ||
1016 ExceptionNr == 1 || ExceptionNr == 8 || /* Do not allow changing of the debug */
1017 ExceptionNr == 9 || ExceptionNr == 15) /* trap or reserved exceptions */
1018 {
1019 return FALSE;
1020 }
1021
1022 KdbEnterConditions[ExceptionNr][FirstChance ? 0 : 1] = Condition;
1023 }
1024
1025 return TRUE;
1026}
1027
1035BOOLEAN
1037 PVOID ThreadId)
1038{
1041
1042 /* Get a pointer to the thread */
1043 if (!NT_SUCCESS(PsLookupThreadByThreadId(ThreadId, &Thread)))
1044 {
1045 KdbpPrint("Invalid thread id: 0x%08x\n", (ULONG_PTR)ThreadId);
1046 return FALSE;
1047 }
1048 Process = Thread->ThreadsProcess;
1049
1051 {
1052 KdbpPrint("Cannot attach to thread within another process while executing a DPC.\n");
1054 return FALSE;
1055 }
1056
1057 /* Save the current thread's context (if we previously attached to a thread) */
1059 {
1061 /* Actually, we can't save the context, there's no guarantee that there was a trap frame */
1062 }
1063 else
1064 {
1066 }
1067
1068 /* Switch to the thread's context */
1070 {
1071 /* The thread we're attaching to isn't the thread on which we entered
1072 * kdb and so the thread we're attaching to is not running. There
1073 * is no guarantee that it actually has a trap frame. So we have to
1074 * peek directly at the registers which were saved on the stack when the
1075 * thread was preempted in the scheduler */
1079 }
1080 else /* Switching back to original thread */
1081 {
1083 }
1085
1086 /* Attach to the thread's process */
1089 {
1090 if (KdbCurrentProcess != KdbOriginalProcess) /* detach from previously attached process */
1091 {
1093 }
1094
1096 {
1098 }
1099
1101 }
1102
1104 return TRUE;
1105}
1106
1116BOOLEAN
1119{
1123
1124 /* Get a pointer to the process */
1126 {
1127 KdbpPrint("Invalid process id: 0x%08x\n", (ULONG_PTR)ProcessId);
1128 return FALSE;
1129 }
1130
1131 Entry = Process->ThreadListHead.Flink;
1134 {
1135 KdbpPrint("No threads in process 0x%p, cannot attach to process!\n", ProcessId);
1136 return FALSE;
1137 }
1138
1139 Thread = CONTAINING_RECORD(Entry, ETHREAD, ThreadListEntry);
1140
1142}
1143
1146static VOID
1148{
1150}
1151
1156static VOID
1158{
1160 PVOID SavedInitialStack, SavedStackBase, SavedKernelStack;
1161 ULONG SavedStackLimit;
1162
1164
1165 /* Take control of the display */
1166 if (KdpDebugMode.Screen)
1168
1169 /* Call the interface's main loop on a different stack */
1171 SavedInitialStack = Thread->Tcb.InitialStack;
1172 SavedStackBase = Thread->Tcb.StackBase;
1173 SavedStackLimit = Thread->Tcb.StackLimit;
1174 SavedKernelStack = Thread->Tcb.KernelStack;
1175 Thread->Tcb.InitialStack = Thread->Tcb.StackBase = (char*)KdbStack + KDB_STACK_SIZE;
1176 Thread->Tcb.StackLimit = (ULONG_PTR)KdbStack;
1177 Thread->Tcb.KernelStack = (char*)KdbStack + KDB_STACK_SIZE;
1178
1179 // KdbPrintf("Switching to KDB stack 0x%08x-0x%08x (Current Stack is 0x%08x)\n", Thread->Tcb.StackLimit, Thread->Tcb.StackBase, Esp);
1180
1182
1183 Thread->Tcb.InitialStack = SavedInitialStack;
1184 Thread->Tcb.StackBase = SavedStackBase;
1185 Thread->Tcb.StackLimit = SavedStackLimit;
1186 Thread->Tcb.KernelStack = SavedKernelStack;
1187
1188 /* Release the display */
1189 if (KdpDebugMode.Screen)
1191
1193}
1194
1195static ULONG
1198{
1199 ULONG Ret;
1200
1201 switch (ExceptionCode)
1202 {
1204 Ret = 0;
1205 break;
1206 case STATUS_SINGLE_STEP:
1207 Ret = 1;
1208 break;
1209 case STATUS_BREAKPOINT:
1210 Ret = 3;
1211 break;
1213 Ret = 4;
1214 break;
1216 Ret = 5;
1217 break;
1219 Ret = 6;
1220 break;
1222 Ret = 7;
1223 break;
1225 Ret = 12;
1226 break;
1228 Ret = 14;
1229 break;
1231 Ret = 17;
1232 break;
1234 Ret = 18;
1235 break;
1237 Ret = 20;
1238 break;
1239
1240 default:
1242 break;
1243 }
1244
1245 return Ret;
1246}
1247
1263 IN PEXCEPTION_RECORD64 ExceptionRecord,
1266 IN BOOLEAN FirstChance)
1267{
1268 KDB_ENTER_CONDITION EnterCondition;
1269 KD_CONTINUE_TYPE ContinueType = kdHandleException;
1270 PKDB_BREAKPOINT BreakPoint;
1271 ULONG ExpNr;
1272 ULONGLONG ull;
1273 BOOLEAN Resume = FALSE;
1274 BOOLEAN EnterConditionMet = TRUE;
1275 ULONG OldEflags;
1276 KIRQL OldIrql;
1278
1279 ExceptionCode = (ExceptionRecord ? ExceptionRecord->ExceptionCode : STATUS_BREAKPOINT);
1280
1282
1283 /* Set continue type to kdContinue for single steps and breakpoints */
1287 {
1288 ContinueType = kdContinue;
1289 }
1290
1291 /* Check if we should handle the exception. */
1292 /* FIXME - won't get all exceptions here :( */
1294 EnterCondition = KdbEnterConditions[ExpNr][FirstChance ? 0 : 1];
1295 if (EnterCondition == KdbDoNotEnter ||
1296 (EnterCondition == KdbEnterFromUmode && PreviousMode == KernelMode) ||
1297 (EnterCondition == KdbEnterFromKmode && PreviousMode != KernelMode))
1298 {
1299 EnterConditionMet = FALSE;
1300 }
1301
1302 /* If we stopped on one of our breakpoints then let the user know */
1305
1306 if (FirstChance && (ExceptionCode == STATUS_SINGLE_STEP || ExceptionCode == STATUS_BREAKPOINT) &&
1308 {
1309 BreakPoint = KdbBreakPoints + KdbLastBreakPointNr;
1310
1312 {
1313 /* ... and restore the original instruction */
1315 BreakPoint->Data.SavedInstruction, NULL)))
1316 {
1317 KdbPuts("Couldn't restore original instruction after INT3! Cannot continue execution.\n");
1318 KeBugCheck(0); // FIXME: Proper bugcode!
1319 }
1320
1321 /* Also since we are past the int3 now, decrement EIP in the
1322 TrapFrame. This is only needed because KDBG insists on working
1323 with the TrapFrame instead of with the Context, as it is supposed
1324 to do. The context has already EIP point to the int3, since
1325 KiDispatchException accounts for that. Whatever we do here with
1326 the TrapFrame does not matter anyway, since KiDispatchException
1327 will overwrite it with the values from the Context! */
1329 }
1330
1331 if ((BreakPoint->Type == KdbBreakPointHardware) &&
1332 (BreakPoint->Data.Hw.AccessType == KdbAccessExec))
1333 {
1334 Resume = TRUE; /* Set the resume flag when continuing execution */
1335 }
1336
1337 /*
1338 * When a temporary breakpoint is hit we have to make sure that we are
1339 * in the same context in which it was set, otherwise it could happen
1340 * that another process/thread hits it before and it gets deleted.
1341 */
1342 else if (BreakPoint->Type == KdbBreakPointTemporary &&
1343 BreakPoint->Process == KdbCurrentProcess)
1344 {
1345 ASSERT((Context->EFlags & EFLAGS_TF) == 0);
1346
1347 /* Delete the temporary breakpoint which was used to step over or into the instruction */
1348 KdbpDeleteBreakPoint(-1, BreakPoint);
1349
1350 if (--KdbNumSingleSteps > 0)
1351 {
1354 {
1355 Context->EFlags |= EFLAGS_TF;
1356 }
1357
1358 goto continue_execution; /* return */
1359 }
1360
1362 }
1363
1364 /*
1365 * If we hit a breakpoint set by the debugger we set the single step flag,
1366 * ignore the next single step and reenable the breakpoint.
1367 */
1368 else if (BreakPoint->Type == KdbBreakPointSoftware ||
1369 BreakPoint->Type == KdbBreakPointTemporary)
1370 {
1372 Context->EFlags |= EFLAGS_TF;
1373 KdbBreakPointToReenable = BreakPoint;
1374 }
1375
1376 /* Make sure that the breakpoint should be triggered in this context */
1377 if (!BreakPoint->Global && BreakPoint->Process != KdbCurrentProcess)
1378 {
1379 goto continue_execution; /* return */
1380 }
1381
1382 /* Check if the condition for the breakpoint is met. */
1383 if (BreakPoint->Condition)
1384 {
1385 /* Setup the KDB trap frame */
1387
1388 ull = 0;
1390 {
1391 /* FIXME: Print warning? */
1392 }
1393 else if (ull == 0) /* condition is not met */
1394 {
1395 goto continue_execution; /* return */
1396 }
1397 }
1398
1399 if (BreakPoint->Type == KdbBreakPointSoftware)
1400 {
1401 KdbPrintf("\nEntered debugger on breakpoint #%d: EXEC 0x%04x:0x%p\n",
1403 }
1404 else if (BreakPoint->Type == KdbBreakPointHardware)
1405 {
1406 KdbPrintf("\nEntered debugger on breakpoint #%d: %s 0x%08x\n",
1408 (BreakPoint->Data.Hw.AccessType == KdbAccessRead) ? "READ" :
1409 ((BreakPoint->Data.Hw.AccessType == KdbAccessWrite) ? "WRITE" :
1410 ((BreakPoint->Data.Hw.AccessType == KdbAccessReadWrite) ? "RDWR" : "EXEC")),
1411 BreakPoint->Address);
1412 }
1413 }
1415 {
1416 /* Silently ignore a debugger initiated single step. */
1417 if ((Context->Dr6 & 0xf) == 0 && KdbBreakPointToReenable)
1418 {
1419 /* FIXME: Make sure that the breakpoint was really hit (check bp->Address vs. tf->Eip) */
1420 BreakPoint = KdbBreakPointToReenable;
1422 ASSERT(BreakPoint->Type == KdbBreakPointSoftware ||
1423 BreakPoint->Type == KdbBreakPointTemporary);
1424
1425 /*
1426 * Reenable the breakpoint we disabled to execute the breakpointed
1427 * instruction.
1428 */
1430 &BreakPoint->Data.SavedInstruction)))
1431 {
1432 KdbPrintf("Warning: Couldn't reenable breakpoint %d\n",
1433 BreakPoint - KdbBreakPoints);
1434 }
1435
1436 /* Unset TF if we are no longer single stepping. */
1437 if (KdbNumSingleSteps == 0)
1438 Context->EFlags &= ~EFLAGS_TF;
1439
1441 {
1442 goto continue_execution; /* return */
1443 }
1444 }
1445
1446 /* Quoth the raven, 'Nevermore!' */
1448
1449 /* Check if we expect a single step */
1450 if ((Context->Dr6 & 0xf) == 0 && KdbNumSingleSteps > 0)
1451 {
1452 /*ASSERT((Context->Eflags & EFLAGS_TF) != 0);*/
1453 if (--KdbNumSingleSteps > 0)
1454 {
1457 {
1458 Context->EFlags &= ~EFLAGS_TF;
1459 }
1460 else
1461 {
1462 Context->EFlags |= EFLAGS_TF;
1463 }
1464
1465 goto continue_execution; /* return */
1466 }
1467 else
1468 {
1469 Context->EFlags &= ~EFLAGS_TF;
1471 }
1472 }
1473 else
1474 {
1475 if (!EnterConditionMet)
1476 {
1477 return kdHandleException;
1478 }
1479
1480 KdbPuts("\nEntered debugger on unexpected debug trap!\n");
1481 }
1482 }
1483 else if (ExceptionCode == STATUS_BREAKPOINT)
1484 {
1486 {
1488 EnterConditionMet = FALSE;
1489 }
1490 if (!EnterConditionMet)
1491 {
1492 return kdHandleException;
1493 }
1494
1495 KdbPrintf("\nEntered debugger on embedded INT3 at 0x%04x:0x%p.\n",
1496 Context->SegCs & 0xffff, KeGetContextPc(Context));
1497 }
1498 else
1499 {
1500 const CHAR *ExceptionString = (ExpNr < RTL_NUMBER_OF(ExceptionNrToString)) ?
1501 ExceptionNrToString[ExpNr] :
1502 "Unknown/User defined exception";
1503
1504 if (!EnterConditionMet)
1505 {
1506 return ContinueType;
1507 }
1508
1509 KdbPrintf("\nEntered debugger on %s-chance exception (Exception Code: 0x%x) (%s)\n",
1510 FirstChance ? "first" : "last", ExceptionCode, ExceptionString);
1511
1513 ExceptionRecord && ExceptionRecord->NumberParameters != 0)
1514 {
1515 ULONG_PTR TrapCr2 = __readcr2();
1516 KdbPrintf("Memory at 0x%p could not be accessed\n", TrapCr2);
1517 }
1518 }
1519
1520 /* Once we enter the debugger we do not expect any more single steps to happen */
1522
1523 /* Update the current process pointer */
1527
1528 /* Setup the KDB trap frame */
1530
1531 /* Enter critical section */
1532 OldEflags = __readeflags();
1533 _disable();
1534
1535 /* HACK: Save the current IRQL and pretend we are at dispatch level */
1537 if (OldIrql > DISPATCH_LEVEL)
1539
1540 /* Exception inside the debugger? Game over. */
1542 {
1543 __writeeflags(OldEflags);
1544 return kdHandleException;
1545 }
1546
1547 /* Call the main loop */
1549
1550 /* Check if we should single step */
1551 if (KdbNumSingleSteps > 0)
1552 {
1553 /* Variable explains itself! */
1555
1558 {
1560 /*KdbCurrentTrapFrame->EFlags &= ~EFLAGS_TF;*/
1561 }
1562 else
1563 {
1565 }
1566 }
1567
1568 /* We can't update the current thread's trapframe 'cause it might not have one */
1569
1570 /* Detach from attached process */
1572 {
1574 }
1575
1576 /* Update the exception Context */
1578
1579 /* Decrement the entry count */
1581
1582 /* HACK: Raise back to old IRQL */
1583 if (OldIrql > DISPATCH_LEVEL)
1585
1586 /* Leave critical section */
1587 __writeeflags(OldEflags);
1588
1589 /* Check if user requested a bugcheck */
1591 {
1592 /* Clear the flag and bugcheck the system */
1594 KeBugCheck(MANUALLY_INITIATED_CRASH);
1595 }
1596
1597continue_execution:
1598 /* Clear debug status */
1599 if (ExceptionCode == STATUS_BREAKPOINT) /* FIXME: Why clear DR6 on INT3? */
1600 {
1601 /* Set the RF flag so we don't trigger the same breakpoint again. */
1602 if (Resume)
1603 {
1604 Context->EFlags |= EFLAGS_RF;
1605 }
1606
1607 /* Clear dr6 status flags. */
1608 Context->Dr6 &= ~0x0000e00f;
1609
1611 {
1612 /* Skip the current instruction */
1614 }
1615 }
1616
1617 return ContinueType;
1618}
1619
1620VOID
1622 _In_ PCSTR p1)
1623{
1624#define CONST_STR_LEN(x) (sizeof(x)/sizeof(x[0]) - 1)
1625
1626 while (p1 && *p1)
1627 {
1628 /* Skip leading whitespace */
1629 while (*p1 == ' ') ++p1;
1630
1631 if (!_strnicmp(p1, "FIRSTCHANCE", CONST_STR_LEN("FIRSTCHANCE")))
1632 {
1633 p1 += CONST_STR_LEN("FIRSTCHANCE");
1635 }
1636
1637 /* Move on to the next option */
1638 p1 = strchr(p1, ' ');
1639 }
1640}
1641
1644 OUT PVOID Dest,
1645 IN PVOID Src,
1646 IN ULONG Bytes)
1647{
1649 Dest,
1650 Bytes,
1651 0,
1653 NULL);
1654}
1655
1658 OUT PVOID Dest,
1659 IN PVOID Src,
1660 IN ULONG Bytes)
1661{
1663 Src,
1664 Bytes,
1665 0,
1667 NULL);
1668}
unsigned char BOOLEAN
#define RTL_NUMBER_OF(x)
Definition: RtlRegistry.c:12
Type
Definition: Type.h:7
ACPI_SIZE strlen(const char *String)
Definition: utclib.c:269
char * strchr(const char *String, int ch)
Definition: utclib.c:501
#define InterlockedIncrement
Definition: armddk.h:53
#define InterlockedDecrement
Definition: armddk.h:52
LONG NTSTATUS
Definition: precomp.h:26
DECLSPEC_NORETURN VOID NTAPI KeBugCheck(ULONG BugCheckCode)
Definition: bug.c:1431
_Inout_ PIRP _In_ NTSTATUS ExceptionCode
Definition: cdprocs.h:1774
#define NULL
Definition: types.h:112
#define TRUE
Definition: types.h:120
#define FALSE
Definition: types.h:117
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
#define PAGE_READONLY
Definition: compat.h:138
#define _strnicmp(_String1, _String2, _MaxCount)
Definition: compat.h:23
BOOLEAN NTAPI KeIsExecutingDpc(VOID)
Definition: dpc.c:947
#define ULONG_PTR
Definition: config.h:101
#define ExAllocatePoolWithTag(hernya, size, tag)
Definition: env_spec_w32.h:350
UCHAR KIRQL
Definition: env_spec_w32.h:591
#define PsGetCurrentThread()
Definition: env_spec_w32.h:81
#define KeRaiseIrql(irql, oldIrql)
Definition: env_spec_w32.h:597
#define KeLowerIrql(oldIrql)
Definition: env_spec_w32.h:602
#define KeGetCurrentIrql()
Definition: env_spec_w32.h:706
#define NonPagedPool
Definition: env_spec_w32.h:307
#define DISPATCH_LEVEL
Definition: env_spec_w32.h:696
IN PLARGE_INTEGER IN PLARGE_INTEGER PEPROCESS ProcessId
Definition: fatprocs.h:2711
_In_opt_ PFILE_OBJECT _In_opt_ PETHREAD Thread
Definition: fltkernel.h:2653
_Must_inspect_result_ _In_ PLARGE_INTEGER _In_ PLARGE_INTEGER _In_ ULONG _In_ PFILE_OBJECT _In_ PVOID Process
Definition: fsrtlfuncs.h:223
Status
Definition: gdiplustypes.h:25
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint i
Definition: glfuncs.h:248
LONG KdbpGetInstLength(IN ULONG_PTR Address)
Definition: i386-dis.c:94
void __cdecl _disable(void)
Definition: intrin_arm.h:365
__INTRIN_INLINE void __writeeflags(uintptr_t Value)
Definition: intrin_x86.h:1669
__INTRIN_INLINE uintptr_t __readeflags(void)
Definition: intrin_x86.h:1674
__INTRIN_INLINE unsigned long __readcr2(void)
Definition: intrin_x86.h:1811
__INTRIN_INLINE void __sidt(void *Destination)
Definition: intrin_x86.h:2023
NTSTATUS NTAPI KdpCopyMemoryChunks(_In_ ULONG64 Address, _In_ PVOID Buffer, _In_ ULONG TotalSize, _In_ ULONG ChunkSize, _In_ ULONG Flags, _Out_opt_ PULONG ActualSize)
Definition: kdapi.c:55
KDP_DEBUG_MODE KdpDebugMode
Definition: kdio.c:46
VOID KdpScreenRelease(VOID)
Definition: kdio.c:450
VOID KdpScreenAcquire(VOID)
Definition: kdio.c:431
PEPROCESS KdbCurrentProcess
Definition: kdb.c:52
LONG KdbpGetNextBreakPointNr(IN ULONG Start OPTIONAL)
Gets the number of the next breakpoint >= Start.
Definition: kdb.c:382
static PKDB_BREAKPOINT KdbHwBreakPoints[KDB_MAXIMUM_HW_BREAKPOINT_COUNT]
Definition: kdb.c:44
PETHREAD KdbCurrentThread
Definition: kdb.c:54
KD_CONTINUE_TYPE KdbEnterDebuggerException(IN PEXCEPTION_RECORD64 ExceptionRecord, IN KPROCESSOR_MODE PreviousMode, IN PCONTEXT Context, IN BOOLEAN FirstChance)
KDB Exception filter.
Definition: kdb.c:1262
PETHREAD KdbOriginalThread
Definition: kdb.c:55
static PKDB_BREAKPOINT KdbBreakPointToReenable
Definition: kdb.c:45
PKDB_KTRAP_FRAME KdbCurrentTrapFrame
Definition: kdb.c:56
static LONG KdbpIsBreakPointOurs(IN NTSTATUS ExceptionCode, IN PCONTEXT Context)
Checks if the breakpoint was set by the debugger.
Definition: kdb.c:649
static KDB_KTRAP_FRAME KdbThreadTrapFrame
Definition: kdb.c:58
static KDB_KTRAP_FRAME KdbTrapFrame
Definition: kdb.c:57
static BOOLEAN KdbpEvenThoughWeHaveABreakPointToReenableWeAlsoHaveARealSingleStep
Definition: kdb.c:47
BOOLEAN KdbpSetEnterCondition(IN LONG ExceptionNr, IN BOOLEAN FirstChance, IN KDB_ENTER_CONDITION Condition)
Sets the first or last chance enter-condition for exception nr. ExceptionNr.
Definition: kdb.c:995
PEPROCESS KdbOriginalProcess
Definition: kdb.c:53
BOOLEAN KdbpDisableBreakPoint(IN LONG BreakPointNr OPTIONAL, IN OUT PKDB_BREAKPOINT BreakPoint OPTIONAL)
Disables a breakpoint.
Definition: kdb.c:868
#define KDB_MAXIMUM_HW_BREAKPOINT_COUNT
Definition: kdb.c:28
#define CONST_STR_LEN(x)
BOOLEAN KdbpBugCheckRequested
Definition: kdb_cli.c:137
BOOLEAN KdbpStepIntoInstruction(ULONG_PTR Eip)
Steps into an instruction (interrupts)
Definition: kdb.c:300
static NTSTATUS KdbpOverwriteInstruction(IN PEPROCESS Process, IN ULONG_PTR Address, IN UCHAR NewInst, OUT PUCHAR OldInst OPTIONAL)
Overwrites the instruction at Address with NewInst and stores the old instruction in *OldInst.
Definition: kdb.c:155
BOOLEAN KdbpGetEnterCondition(IN LONG ExceptionNr, IN BOOLEAN FirstChance, OUT KDB_ENTER_CONDITION *Condition)
Gets the first or last chance enter-condition for exception nr. ExceptionNr.
Definition: kdb.c:973
static KDB_ENTER_CONDITION KdbEnterConditions[][2]
Definition: kdb.c:63
static VOID KdbpKdbTrapFrameFromKernelStack(PVOID KernelStack, PKDB_KTRAP_FRAME KdbTrapFrame)
Definition: kdb.c:119
BOOLEAN KdbpAttachToProcess(PVOID ProcessId)
Switches to another process/thread context.
Definition: kdb.c:1117
BOOLEAN KdbpAttachToThread(PVOID ThreadId)
Switches to another thread context.
Definition: kdb.c:1036
#define KDB_MAXIMUM_SW_BREAKPOINT_COUNT
Definition: kdb.c:29
static BOOLEAN KdbEnteredOnSingleStep
Definition: kdb.c:51
#define KDB_STACK_ALIGN
Definition: kdb.c:24
BOOLEAN KdbpEnableBreakPoint(IN LONG BreakPointNr OPTIONAL, IN OUT PKDB_BREAKPOINT BreakPoint OPTIONAL)
Enables a breakpoint.
Definition: kdb.c:702
#define KDB_STACK_RESERVE
Definition: kdb.c:25
static VOID KdbpInternalEnter(VOID)
Internal function to enter KDB.
Definition: kdb.c:1157
LONG KdbLastBreakPointNr
Definition: kdb.c:48
static PKDB_BREAKPOINT KdbSwBreakPoints[KDB_MAXIMUM_SW_BREAKPOINT_COUNT]
Definition: kdb.c:43
NTSTATUS KdbpSafeWriteMemory(OUT PVOID Dest, IN PVOID Src, IN ULONG Bytes)
Definition: kdb.c:1657
#define KDB_MAXIMUM_BREAKPOINT_COUNT
Definition: kdb.c:27
BOOLEAN KdbpShouldStepOverInstruction(ULONG_PTR Eip)
Checks whether the given instruction can be single stepped or has to be stepped over using a temporar...
Definition: kdb.c:234
static LONG KdbEntryCount
Definition: kdb.c:36
BOOLEAN KdbSingleStepOver
Definition: kdb.c:50
BOOLEAN KdbpDeleteBreakPoint(IN LONG BreakPointNr OPTIONAL, IN OUT PKDB_BREAKPOINT BreakPoint OPTIONAL)
Deletes a breakpoint.
Definition: kdb.c:599
ULONG KdbNumSingleSteps
Definition: kdb.c:49
NTSTATUS KdbpInsertBreakPoint(IN ULONG_PTR Address, IN KDB_BREAKPOINT_TYPE Type, IN UCHAR Size OPTIONAL, IN KDB_ACCESS_TYPE AccessType OPTIONAL, IN PCHAR ConditionExpression OPTIONAL, IN BOOLEAN Global, OUT PLONG BreakPointNr OPTIONAL)
Inserts a breakpoint into the breakpoint array.
Definition: kdb.c:478
static const CHAR * ExceptionNrToString[]
Definition: kdb.c:91
NTSTATUS KdbpSafeReadMemory(OUT PVOID Dest, IN PVOID Src, IN ULONG Bytes)
Definition: kdb.c:1643
BOOLEAN KdbpStepOverInstruction(ULONG_PTR Eip)
Steps over an instruction.
Definition: kdb.c:272
static VOID KdbpCallMainLoop(VOID)
Calls the main loop ...
Definition: kdb.c:1147
VOID KdbpGetCommandLineSettings(_In_ PCSTR p1)
Definition: kdb.c:1621
static ULONG KdbSwBreakPointCount
Definition: kdb.c:41
static ULONG KdbpGetExceptionNumberFromStatus(IN NTSTATUS ExceptionCode)
Definition: kdb.c:1196
static KAPC_STATE KdbApcState
Definition: kdb.c:59
#define KDB_STACK_SIZE
Definition: kdb.c:19
BOOLEAN KdbpGetBreakPointInfo(IN ULONG BreakPointNr, OUT ULONG_PTR *Address OPTIONAL, OUT KDB_BREAKPOINT_TYPE *Type OPTIONAL, OUT UCHAR *Size OPTIONAL, OUT KDB_ACCESS_TYPE *AccessType OPTIONAL, OUT UCHAR *DebugReg OPTIONAL, OUT BOOLEAN *Enabled OPTIONAL, OUT BOOLEAN *Global OPTIONAL, OUT PEPROCESS *Process OPTIONAL, OUT PCHAR *ConditionExpression OPTIONAL)
Returns information of the specified breakpoint.
Definition: kdb.c:409
static ULONG KdbHwBreakPointCount
Definition: kdb.c:42
enum _KD_CONTINUE_TYPE KD_CONTINUE_TYPE
enum _KDB_ENTER_CONDITION KDB_ENTER_CONDITION
@ KdbBreakPointSoftware
Definition: kdb.h:12
@ KdbBreakPointNone
Definition: kdb.h:11
@ KdbBreakPointTemporary
Definition: kdb.h:14
@ KdbBreakPointHardware
Definition: kdb.h:13
VOID KdbpCliInterpretInitFile(VOID)
This function is called by KdbEnterDebuggerException...
Definition: kdb_cli.c:3342
PVOID KdbpRpnParseExpression(IN PCHAR Expression, OUT PLONG ErrOffset OPTIONAL, OUT PCHAR ErrMsg OPTIONAL)
Parses the given expression and returns a "handle" to it.
Definition: kdb_expr.c:1146
BOOLEAN KdbpRpnEvaluateParsedExpression(IN PVOID Expression, IN PKDB_KTRAP_FRAME TrapFrame, OUT PULONGLONG Result, OUT PLONG ErrOffset OPTIONAL, OUT PCHAR ErrMsg OPTIONAL)
Evaluates the given expression and returns the result.
Definition: kdb_expr.c:1200
VOID NTAPI KdbpStackSwitchAndCall(IN PVOID NewStack, IN VOID(*Function)(VOID))
@ kdContinue
Definition: kdb.h:56
@ kdHandleException
Definition: kdb.h:58
VOID KdbPuts(_In_ PCSTR String)
Definition: kdb_print.c:152
@ KdbAccessExec
Definition: kdb.h:22
@ KdbAccessRead
Definition: kdb.h:19
@ KdbAccessReadWrite
Definition: kdb.h:21
@ KdbAccessWrite
Definition: kdb.h:20
VOID KdbpPrint(_In_ PSTR Format, _In_ ...)
Prints the given string with printf-like formatting.
Definition: kdb_cli.c:3082
@ KdbDoNotEnter
Definition: kdb.h:48
@ KdbEnterFromUmode
Definition: kdb.h:51
@ KdbEnterAlways
Definition: kdb.h:49
@ KdbEnterFromKmode
Definition: kdb.h:50
VOID __cdecl KdbPrintf(_In_ PCSTR Format,...)
Definition: kdb_print.c:160
PCHAR KdbInitFileBuffer
Definition: kdb_cli.c:136
enum _KDB_ACCESS_TYPE KDB_ACCESS_TYPE
VOID KdbpCliMainLoop(IN BOOLEAN EnteredOnSingleStep)
KDB Main Loop.
Definition: kdb_cli.c:3268
enum _KDB_BREAKPOINT_TYPE KDB_BREAKPOINT_TYPE
VOID KbdDisableMouse(VOID)
Definition: kdps2kbd.c:98
VOID KbdEnableMouse(VOID)
Definition: kdps2kbd.c:93
_In_ UINT Bytes
Definition: mmcopy.h:9
UNICODE_STRING Global
Definition: symlink.c:37
#define ASSERT(a)
Definition: mode.c:44
unsigned __int64 ULONG64
Definition: imports.h:198
@ Enabled
Definition: mountmgr.h:159
#define _In_
Definition: ms_sal.h:308
__int3264 LONG_PTR
Definition: mstsclib_h.h:276
#define KernelMode
Definition: asm.h:34
#define EFLAGS_TF
Definition: ketypes.h:186
#define EFLAGS_RF
Definition: ketypes.h:192
#define KGDT_R0_CODE
Definition: ketypes.h:123
#define KGDT_R0_DATA
Definition: ketypes.h:124
#define PAGE_ROUND_DOWN(x)
Definition: mmtypes.h:36
#define PAGE_READWRITE
Definition: nt_native.h:1304
#define PAGE_EXECUTE_READ
Definition: nt_native.h:1307
#define PAGE_EXECUTE
Definition: nt_native.h:1306
#define PAGE_NOACCESS
Definition: nt_native.h:1302
#define DECLSPEC_ALIGN(x)
Definition: ntbasedef.h:251
IN ULONG IN UCHAR Condition
#define KD_BREAKPOINT_SIZE
Definition: ke.h:122
#define KeSetContextPc(Context, ProgramCounter)
Definition: ke.h:34
#define KeGetContextPc(Context)
Definition: ke.h:31
VOID NTAPI MmSetPageProtect(struct _EPROCESS *Process, PVOID Address, ULONG flProtect)
#define MMDBG_COPY_UNSAFE
Definition: mm.h:77
ULONG NTAPI MmGetPageProtect(struct _EPROCESS *Process, PVOID Address)
_Out_ PKAPC_STATE ApcState
Definition: mm.h:1765
#define MMDBG_COPY_WRITE
Definition: mm.h:75
NTSTATUS NTAPI PsLookupProcessByProcessId(IN HANDLE ProcessId, OUT PEPROCESS *Process)
Definition: process.c:919
NTSTATUS NTAPI PsLookupThreadByThreadId(IN HANDLE ThreadId, OUT PETHREAD *Thread)
Definition: thread.c:643
#define STATUS_ILLEGAL_INSTRUCTION
Definition: ntstatus.h:266
#define STATUS_ARRAY_BOUNDS_EXCEEDED
Definition: ntstatus.h:376
#define STATUS_ASSERTION_FAILURE
Definition: ntstatus.h:960
#define STATUS_MEMORY_NOT_ALLOCATED
Definition: ntstatus.h:396
#define STATUS_STACK_OVERFLOW
Definition: ntstatus.h:489
#define STATUS_SINGLE_STEP
Definition: ntstatus.h:185
#define STATUS_BREAKPOINT
Definition: ntstatus.h:184
#define STATUS_FLOAT_MULTIPLE_TRAPS
Definition: ntstatus.h:808
#define STATUS_ACCESS_VIOLATION
Definition: ntstatus.h:242
#define STATUS_FLOAT_INVALID_OPERATION
Definition: ntstatus.h:380
#define STATUS_DATATYPE_MISALIGNMENT
Definition: ntstatus.h:183
#define STATUS_INTEGER_OVERFLOW
Definition: ntstatus.h:385
#define STATUS_INTEGER_DIVIDE_BY_ZERO
Definition: ntstatus.h:384
long LONG
Definition: pedump.c:60
static WCHAR Address[46]
Definition: ping.c:68
VOID NTAPI KeStackAttachProcess(IN PKPROCESS Process, OUT PRKAPC_STATE ApcState)
Definition: procobj.c:704
VOID NTAPI KeUnstackDetachProcess(IN PRKAPC_STATE ApcState)
Definition: procobj.c:756
#define STATUS_SUCCESS
Definition: shellext.h:65
PULONG MinorVersion OPTIONAL
Definition: CrossNt.h:68
base of all file and directory entries
Definition: entries.h:83
HANDLE UniqueThread
Definition: compat.h:826
ULONG Esp
Definition: nt_native.h:1479
ULONG Dr3
Definition: nt_native.h:1437
ULONG Dr1
Definition: nt_native.h:1435
ULONG Esi
Definition: nt_native.h:1464
ULONG Ebp
Definition: nt_native.h:1475
ULONG Dr6
Definition: nt_native.h:1438
ULONG SegSs
Definition: nt_native.h:1480
ULONG Dr0
Definition: nt_native.h:1434
ULONG Eip
Definition: nt_native.h:1476
ULONG SegCs
Definition: nt_native.h:1477
ULONG SegDs
Definition: nt_native.h:1456
ULONG EFlags
Definition: nt_native.h:1478
ULONG SegGs
Definition: nt_native.h:1453
ULONG Dr2
Definition: nt_native.h:1436
ULONG SegEs
Definition: nt_native.h:1455
ULONG Ebx
Definition: nt_native.h:1465
ULONG Edi
Definition: nt_native.h:1463
ULONG Dr7
Definition: nt_native.h:1439
LIST_ENTRY ThreadListHead
Definition: pstypes.h:1329
KTHREAD Tcb
Definition: pstypes.h:1103
CLIENT_ID Cid
Definition: pstypes.h:1128
PVOID Condition
Definition: kdb.h:33
UCHAR SavedInstruction
Definition: kdb.h:36
BOOLEAN Enabled
Definition: kdb.h:28
PCHAR ConditionExpression
Definition: kdb.h:32
ULONG_PTR Address
Definition: kdb.h:29
union _KDB_BREAKPOINT::@1808 Data
PEPROCESS Process
Definition: kdb.h:31
KDB_BREAKPOINT_TYPE Type
Definition: kdb.h:27
struct _KDB_BREAKPOINT::@1808::@1809 Hw
BOOLEAN Global
Definition: kdb.h:30
PVOID Base
Definition: ketypes.h:556
USHORT Limit
Definition: ketypes.h:555
UCHAR Screen
Definition: kd.h:100
PVOID InitialStack
Definition: ketypes.h:1664
PVOID KernelStack
Definition: ketypes.h:1675
PVOID StackBase
Definition: ketypes.h:1666
volatile VOID * StackLimit
Definition: ketypes.h:1665
Definition: typedefs.h:120
#define TAG_KDBG
Definition: tag.h:38
#define MAXULONG
Definition: typedefs.h:251
int32_t INT
Definition: typedefs.h:58
const char * PCSTR
Definition: typedefs.h:52
#define RtlCopyMemory(Destination, Source, Length)
Definition: typedefs.h:263
#define RtlZeroMemory(Destination, Length)
Definition: typedefs.h:262
uint32_t ULONG_PTR
Definition: typedefs.h:65
#define IN
Definition: typedefs.h:39
int32_t * PLONG
Definition: typedefs.h:58
#define CONTAINING_RECORD(address, type, field)
Definition: typedefs.h:260
unsigned char * PUCHAR
Definition: typedefs.h:53
uint32_t ULONG
Definition: typedefs.h:59
uint64_t ULONGLONG
Definition: typedefs.h:67
#define OUT
Definition: typedefs.h:40
char * PCHAR
Definition: typedefs.h:51
#define STATUS_UNSUCCESSFUL
Definition: udferr_usr.h:132
@ Start
Definition: partlist.h:33
_Must_inspect_result_ _In_ WDFDEVICE _In_ PWDF_DEVICE_PROPERTY_DATA _In_ DEVPROPTYPE _In_ ULONG Size
Definition: wdfdevice.h:4533
_Requires_lock_held_ Interrupt _Releases_lock_ Interrupt _In_ _IRQL_restores_ KIRQL OldIrql
Definition: kefuncs.h:778
CCHAR KPROCESSOR_MODE
Definition: ketypes.h:7
KAPC_STATE
Definition: ketypes.h:1409
#define ObDereferenceObject
Definition: obfuncs.h:203
#define PsGetCurrentProcess
Definition: psfuncs.h:17
_In_ KPROCESSOR_MODE PreviousMode
Definition: sefuncs.h:103
unsigned char UCHAR
Definition: xmlstorage.h:181
char CHAR
Definition: xmlstorage.h:175
_In_ HANDLE _Outptr_result_bytebuffer_ ViewSize PVOID _In_ ULONG_PTR _In_ SIZE_T _Inout_opt_ PLARGE_INTEGER _Inout_ PSIZE_T _In_ SECTION_INHERIT _In_ ULONG _In_ ULONG Protect
Definition: zwfuncs.h:221