HyperDbg Debugger
Loading...
Searching...
No Matches
Events.h
Go to the documentation of this file.
1
12#pragma once
13
15// System Events //
17
67
69// Callback Enums //
71
85
87// Event Details //
89
94typedef enum _VMM_EVENT_TYPE_ENUM
95{
96
97 //
98 // EPT Memory Monitoring Events
99 //
100 HIDDEN_HOOK_READ_AND_WRITE_AND_EXECUTE,
101 HIDDEN_HOOK_READ_AND_WRITE,
102 HIDDEN_HOOK_READ_AND_EXECUTE,
103 HIDDEN_HOOK_WRITE_AND_EXECUTE,
104 HIDDEN_HOOK_READ,
105 HIDDEN_HOOK_WRITE,
106 HIDDEN_HOOK_EXECUTE,
107
108 //
109 // EPT Hook Events
110 //
111 HIDDEN_HOOK_EXEC_DETOURS,
112 HIDDEN_HOOK_EXEC_CC,
113
114 //
115 // System-call Events
116 //
117 SYSCALL_HOOK_EFER_SYSCALL,
118 SYSCALL_HOOK_EFER_SYSRET,
119
120 //
121 // CPUID Instruction Execution Events
122 //
123 CPUID_INSTRUCTION_EXECUTION,
124
125 //
126 // Model-Specific Registers (MSRs) Reads/Modifications Events
127 //
128 RDMSR_INSTRUCTION_EXECUTION,
129 WRMSR_INSTRUCTION_EXECUTION,
130
131 //
132 // PMIO Events
133 //
134 IN_INSTRUCTION_EXECUTION,
135 OUT_INSTRUCTION_EXECUTION,
136
137 //
138 // Interrupts/Exceptions/Faults Events
139 //
140 EXCEPTION_OCCURRED,
141 EXTERNAL_INTERRUPT_OCCURRED,
142
143 //
144 // Debug Registers Events
145 //
146 DEBUG_REGISTERS_ACCESSED,
147
148 //
149 // Timing & Performance Events
150 //
151 TSC_INSTRUCTION_EXECUTION,
152 PMC_INSTRUCTION_EXECUTION,
153
154 //
155 // VMCALL Instruction Execution Events
156 //
157 VMCALL_INSTRUCTION_EXECUTION,
158
159 //
160 // Control Registers Events
161 //
162 CONTROL_REGISTER_MODIFIED,
163 CONTROL_REGISTER_READ,
164 CONTROL_REGISTER_3_MODIFIED,
165
166 //
167 // Execution Trap Events
168 //
169 TRAP_EXECUTION_MODE_CHANGED,
170 TRAP_EXECUTION_INSTRUCTION_TRACE,
171
172} VMM_EVENT_TYPE_ENUM;
173
185
196
197#define SIZEOF_DEBUGGER_MODIFY_EVENTS sizeof(DEBUGGER_MODIFY_EVENTS)
198
211
224
236
241typedef struct _DEBUGGER_MODIFY_EVENTS
242{
243 UINT64 Tag; // Tag of the target event that we want to modify
244 UINT64 KernelStatus; // Kernel put the status in this field
245 DEBUGGER_MODIFY_EVENTS_TYPE
246 TypeOfAction; // Determines what's the action (enable | disable | clear)
247 BOOLEAN IsEnabled; // Determines what's the action (enable | disable | clear)
248
249} DEBUGGER_MODIFY_EVENTS, *PDEBUGGER_MODIFY_EVENTS;
250
255typedef struct _DEBUGGER_SHORT_CIRCUITING_EVENT
256{
257 UINT64 KernelStatus; // Kernel put the status in this field
258 BOOLEAN IsShortCircuiting; // Determines whether to perform short circuting (on | off)
259
260} DEBUGGER_SHORT_CIRCUITING_EVENT, *PDEBUGGER_SHORT_CIRCUITING_EVENT;
261
263// Event Options //
265
270typedef struct _DEBUGGER_EVENT_OPTIONS
271{
272 UINT64 OptionalParam1; // Optional parameter
273 UINT64 OptionalParam2; // Optional parameter
274 UINT64 OptionalParam3; // Optional parameter
275 UINT64 OptionalParam4; // Optional parameter
276 UINT64 OptionalParam5; // Optional parameter
277 UINT64 OptionalParam6; // Optional parameter
278
279} DEBUGGER_EVENT_OPTIONS, *PDEBUGGER_EVENT_OPTIONS;
280
282// Enums For Event And Debugger Resources //
284
289typedef enum _PROTECTED_HV_RESOURCES_PASSING_OVERS
290{
291 //
292 // for exception bitmap
293 //
294 PASSING_OVER_NONE = 0,
295 PASSING_OVER_UD_EXCEPTIONS_FOR_SYSCALL_SYSRET_HOOK = 1,
296 PASSING_OVER_EXCEPTION_EVENTS,
297
298 //
299 // for external interupts-exitings
300 //
301 PASSING_OVER_INTERRUPT_EVENTS,
302
303 //
304 // for external rdtsc/p exitings
305 //
306 PASSING_OVER_TSC_EVENTS,
307
308 //
309 // for external mov to hardware debug registers exitings
310 //
311 PASSING_OVER_MOV_TO_HW_DEBUG_REGS_EVENTS,
312
313 //
314 // for external mov to control registers exitings
315 //
316 PASSING_OVER_MOV_TO_CONTROL_REGS_EVENTS,
317
318} PROTECTED_HV_RESOURCES_PASSING_OVERS;
319
339
341// Event Details //
343
349typedef struct _DEBUGGER_GENERAL_EVENT_DETAIL
350{
351 LIST_ENTRY
352 CommandsEventList; // Linked-list of commands list (used for tracing purpose
353 // in user mode)
354
355 time_t CreationTime; // Date of creating this event
356
357 UINT32 CoreId; // determines the core index to apply this event to, if it's
358 // 0xffffffff means that we have to apply it to all cores
359
360 UINT32 ProcessId; // determines the process id to apply this to
361 // only that 0xffffffff means that we have to
362 // apply it to all processes
363
364 BOOLEAN IsEnabled;
365
366 BOOLEAN EnableShortCircuiting; // indicates whether the short-circuiting event
367 // is enabled or not for this event
368
369 VMM_CALLBACK_EVENT_CALLING_STAGE_TYPE EventStage; // reveals the calling stage of the event
370 // (whether it's a all- pre- or post- event)
371
372 BOOLEAN HasCustomOutput; // Shows whether this event has a custom output
373 // source or not
374
375 UINT64
376 OutputSourceTags
377 [DebuggerOutputSourceMaximumRemoteSourceForSingleEvent]; // tags of
378 // multiple
379 // sources which
380 // can be used to
381 // send the event
382 // results of
383 // scripts to
384 // remote sources
385
386 UINT32 CountOfActions;
387
388 UINT64 Tag; // is same as operation code
389 VMM_EVENT_TYPE_ENUM EventType;
390
391 DEBUGGER_EVENT_OPTIONS Options;
392
393 PVOID CommandStringBuffer;
394
395 UINT32 ConditionBufferSize;
396
397} DEBUGGER_GENERAL_EVENT_DETAIL, *PDEBUGGER_GENERAL_EVENT_DETAIL;
398
417
428
429#define SIZEOF_REGISTER_EVENT sizeof(REGISTER_NOTIFY_BUFFER)
BOOLEAN
UCHAR BOOLEAN
Definition BasicTypes.h:39
UINT64
unsigned __int64 UINT64
Definition BasicTypes.h:21
UINT32
unsigned int UINT32
Definition BasicTypes.h:48
DebuggerOutputSourceMaximumRemoteSourceForSingleEvent
#define DebuggerOutputSourceMaximumRemoteSourceForSingleEvent
Determines how many sources a debugger can have for a single event.
Definition Constants.h:243
VMM_CALLBACK_EVENT_CALLING_STAGE_TYPE
enum _VMM_CALLBACK_EVENT_CALLING_STAGE_TYPE VMM_CALLBACK_EVENT_CALLING_STAGE_TYPE
Type of calling the event.
EXCEPTION_VECTORS
enum _EXCEPTION_VECTORS EXCEPTION_VECTORS
Exceptions enum.
PROTECTED_HV_RESOURCES_TYPE
enum _PROTECTED_HV_RESOURCES_TYPE PROTECTED_HV_RESOURCES_TYPE
Type of protected (multi-used) resources.
PDEBUGGER_SHORT_CIRCUITING_EVENT
struct _DEBUGGER_SHORT_CIRCUITING_EVENT * PDEBUGGER_SHORT_CIRCUITING_EVENT
VMM_CALLBACK_TRIGGERING_EVENT_STATUS_TYPE
enum _VMM_CALLBACK_TRIGGERING_EVENT_STATUS_TYPE VMM_CALLBACK_TRIGGERING_EVENT_STATUS_TYPE
The status of triggering events.
_VMM_CALLBACK_TRIGGERING_EVENT_STATUS_TYPE
_VMM_CALLBACK_TRIGGERING_EVENT_STATUS_TYPE
The status of triggering events.
Definition Events.h:77
VMM_CALLBACK_TRIGGERING_EVENT_STATUS_SUCCESSFUL_IGNORE_EVENT
@ VMM_CALLBACK_TRIGGERING_EVENT_STATUS_SUCCESSFUL_IGNORE_EVENT
Definition Events.h:80
VMM_CALLBACK_TRIGGERING_EVENT_STATUS_SUCCESSFUL
@ VMM_CALLBACK_TRIGGERING_EVENT_STATUS_SUCCESSFUL
Definition Events.h:79
VMM_CALLBACK_TRIGGERING_EVENT_STATUS_DEBUGGER_NOT_ENABLED
@ VMM_CALLBACK_TRIGGERING_EVENT_STATUS_DEBUGGER_NOT_ENABLED
Definition Events.h:81
VMM_CALLBACK_TRIGGERING_EVENT_STATUS_SUCCESSFUL_NO_INITIALIZED
@ VMM_CALLBACK_TRIGGERING_EVENT_STATUS_SUCCESSFUL_NO_INITIALIZED
Definition Events.h:78
VMM_CALLBACK_TRIGGERING_EVENT_STATUS_INVALID_EVENT_TYPE
@ VMM_CALLBACK_TRIGGERING_EVENT_STATUS_INVALID_EVENT_TYPE
Definition Events.h:82
_DEBUGGER_EVENT_TRACE_TYPE
_DEBUGGER_EVENT_TRACE_TYPE
Type of tracing events.
Definition Events.h:217
DEBUGGER_EVENT_TRACE_TYPE_INVALID
@ DEBUGGER_EVENT_TRACE_TYPE_INVALID
Definition Events.h:218
DEBUGGER_EVENT_TRACE_TYPE_INSTRUMENTATION_STEP_IN
@ DEBUGGER_EVENT_TRACE_TYPE_INSTRUMENTATION_STEP_IN
Definition Events.h:221
DEBUGGER_EVENT_TRACE_TYPE_STEP_IN
@ DEBUGGER_EVENT_TRACE_TYPE_STEP_IN
Definition Events.h:219
DEBUGGER_EVENT_TRACE_TYPE_STEP_OUT
@ DEBUGGER_EVENT_TRACE_TYPE_STEP_OUT
Definition Events.h:220
_VMM_EVENT_TYPE_ENUM
_VMM_EVENT_TYPE_ENUM
enum to show type of all HyperDbg events
Definition Events.h:95
SYSCALL_HOOK_EFER_SYSCALL
@ SYSCALL_HOOK_EFER_SYSCALL
Definition Events.h:117
DEBUG_REGISTERS_ACCESSED
@ DEBUG_REGISTERS_ACCESSED
Definition Events.h:146
OUT_INSTRUCTION_EXECUTION
@ OUT_INSTRUCTION_EXECUTION
Definition Events.h:135
CPUID_INSTRUCTION_EXECUTION
@ CPUID_INSTRUCTION_EXECUTION
Definition Events.h:123
EXTERNAL_INTERRUPT_OCCURRED
@ EXTERNAL_INTERRUPT_OCCURRED
Definition Events.h:141
EXCEPTION_OCCURRED
@ EXCEPTION_OCCURRED
Definition Events.h:140
HIDDEN_HOOK_WRITE_AND_EXECUTE
@ HIDDEN_HOOK_WRITE_AND_EXECUTE
Definition Events.h:103
TRAP_EXECUTION_INSTRUCTION_TRACE
@ TRAP_EXECUTION_INSTRUCTION_TRACE
Definition Events.h:170
RDMSR_INSTRUCTION_EXECUTION
@ RDMSR_INSTRUCTION_EXECUTION
Definition Events.h:128
CONTROL_REGISTER_READ
@ CONTROL_REGISTER_READ
Definition Events.h:163
IN_INSTRUCTION_EXECUTION
@ IN_INSTRUCTION_EXECUTION
Definition Events.h:134
HIDDEN_HOOK_EXEC_DETOURS
@ HIDDEN_HOOK_EXEC_DETOURS
Definition Events.h:111
CONTROL_REGISTER_3_MODIFIED
@ CONTROL_REGISTER_3_MODIFIED
Definition Events.h:164
TSC_INSTRUCTION_EXECUTION
@ TSC_INSTRUCTION_EXECUTION
Definition Events.h:151
WRMSR_INSTRUCTION_EXECUTION
@ WRMSR_INSTRUCTION_EXECUTION
Definition Events.h:129
CONTROL_REGISTER_MODIFIED
@ CONTROL_REGISTER_MODIFIED
Definition Events.h:162
PMC_INSTRUCTION_EXECUTION
@ PMC_INSTRUCTION_EXECUTION
Definition Events.h:152
HIDDEN_HOOK_READ_AND_WRITE
@ HIDDEN_HOOK_READ_AND_WRITE
Definition Events.h:101
HIDDEN_HOOK_READ_AND_EXECUTE
@ HIDDEN_HOOK_READ_AND_EXECUTE
Definition Events.h:102
HIDDEN_HOOK_EXEC_CC
@ HIDDEN_HOOK_EXEC_CC
Definition Events.h:112
HIDDEN_HOOK_READ
@ HIDDEN_HOOK_READ
Definition Events.h:104
SYSCALL_HOOK_EFER_SYSRET
@ SYSCALL_HOOK_EFER_SYSRET
Definition Events.h:118
HIDDEN_HOOK_WRITE
@ HIDDEN_HOOK_WRITE
Definition Events.h:105
HIDDEN_HOOK_READ_AND_WRITE_AND_EXECUTE
@ HIDDEN_HOOK_READ_AND_WRITE_AND_EXECUTE
Definition Events.h:100
TRAP_EXECUTION_MODE_CHANGED
@ TRAP_EXECUTION_MODE_CHANGED
Definition Events.h:169
VMCALL_INSTRUCTION_EXECUTION
@ VMCALL_INSTRUCTION_EXECUTION
Definition Events.h:157
HIDDEN_HOOK_EXECUTE
@ HIDDEN_HOOK_EXECUTE
Definition Events.h:106
DEBUGGER_EVENT_TRACE_TYPE
enum _DEBUGGER_EVENT_TRACE_TYPE DEBUGGER_EVENT_TRACE_TYPE
Type of tracing events.
DEBUGGER_GENERAL_EVENT_DETAIL
struct _DEBUGGER_GENERAL_EVENT_DETAIL DEBUGGER_GENERAL_EVENT_DETAIL
Each command is like the following struct, it also used for tracing works in user mode and sending it...
_DEBUGGER_EVENT_SYSCALL_SYSRET_TYPE
_DEBUGGER_EVENT_SYSCALL_SYSRET_TYPE
Type of handling !syscall or !sysret.
Definition Events.h:191
DEBUGGER_EVENT_SYSCALL_SYSRET_SAFE_ACCESS_MEMORY
@ DEBUGGER_EVENT_SYSCALL_SYSRET_SAFE_ACCESS_MEMORY
Definition Events.h:192
DEBUGGER_EVENT_SYSCALL_SYSRET_HANDLE_ALL_UD
@ DEBUGGER_EVENT_SYSCALL_SYSRET_HANDLE_ALL_UD
Definition Events.h:193
DEBUGGER_EVENT_ACTION_TYPE_ENUM
enum _DEBUGGER_EVENT_ACTION_TYPE_ENUM DEBUGGER_EVENT_ACTION_TYPE_ENUM
Type of Actions.
_DEBUGGER_EVENT_MODE_TYPE
_DEBUGGER_EVENT_MODE_TYPE
Type of mode change traps.
Definition Events.h:204
DEBUGGER_EVENT_MODE_TYPE_KERNEL_MODE
@ DEBUGGER_EVENT_MODE_TYPE_KERNEL_MODE
Definition Events.h:207
DEBUGGER_EVENT_MODE_TYPE_USER_MODE_AND_KERNEL_MODE
@ DEBUGGER_EVENT_MODE_TYPE_USER_MODE_AND_KERNEL_MODE
Definition Events.h:205
DEBUGGER_EVENT_MODE_TYPE_INVALID
@ DEBUGGER_EVENT_MODE_TYPE_INVALID
Definition Events.h:208
DEBUGGER_EVENT_MODE_TYPE_USER_MODE
@ DEBUGGER_EVENT_MODE_TYPE_USER_MODE
Definition Events.h:206
_DEBUGGER_MODIFY_EVENTS_TYPE
_DEBUGGER_MODIFY_EVENTS_TYPE
different types of modifying events request (enable/disable/clear)
Definition Events.h:230
DEBUGGER_MODIFY_EVENTS_ENABLE
@ DEBUGGER_MODIFY_EVENTS_ENABLE
Definition Events.h:232
DEBUGGER_MODIFY_EVENTS_DISABLE
@ DEBUGGER_MODIFY_EVENTS_DISABLE
Definition Events.h:233
DEBUGGER_MODIFY_EVENTS_QUERY_STATE
@ DEBUGGER_MODIFY_EVENTS_QUERY_STATE
Definition Events.h:231
DEBUGGER_MODIFY_EVENTS_CLEAR
@ DEBUGGER_MODIFY_EVENTS_CLEAR
Definition Events.h:234
PROTECTED_HV_RESOURCES_PASSING_OVERS
enum _PROTECTED_HV_RESOURCES_PASSING_OVERS PROTECTED_HV_RESOURCES_PASSING_OVERS
Things to consider when applying resources.
PDEBUGGER_GENERAL_EVENT_DETAIL
struct _DEBUGGER_GENERAL_EVENT_DETAIL * PDEBUGGER_GENERAL_EVENT_DETAIL
_DEBUGGER_EVENT_ACTION_TYPE_ENUM
_DEBUGGER_EVENT_ACTION_TYPE_ENUM
Type of Actions.
Definition Events.h:179
RUN_CUSTOM_CODE
@ RUN_CUSTOM_CODE
Definition Events.h:182
BREAK_TO_DEBUGGER
@ BREAK_TO_DEBUGGER
Definition Events.h:180
RUN_SCRIPT
@ RUN_SCRIPT
Definition Events.h:181
VMM_EVENT_TYPE_ENUM
enum _VMM_EVENT_TYPE_ENUM VMM_EVENT_TYPE_ENUM
enum to show type of all HyperDbg events
PDEBUGGER_MODIFY_EVENTS
struct _DEBUGGER_MODIFY_EVENTS * PDEBUGGER_MODIFY_EVENTS
DEBUGGER_EVENT_MODE_TYPE
enum _DEBUGGER_EVENT_MODE_TYPE DEBUGGER_EVENT_MODE_TYPE
Type of mode change traps.
PDEBUGGER_EVENT_OPTIONS
struct _DEBUGGER_EVENT_OPTIONS * PDEBUGGER_EVENT_OPTIONS
PDEBUGGER_EVENT_AND_ACTION_RESULT
struct _DEBUGGER_EVENT_AND_ACTION_RESULT * PDEBUGGER_EVENT_AND_ACTION_RESULT
_PROTECTED_HV_RESOURCES_PASSING_OVERS
_PROTECTED_HV_RESOURCES_PASSING_OVERS
Things to consider when applying resources.
Definition Events.h:290
PASSING_OVER_INTERRUPT_EVENTS
@ PASSING_OVER_INTERRUPT_EVENTS
Definition Events.h:301
PASSING_OVER_MOV_TO_CONTROL_REGS_EVENTS
@ PASSING_OVER_MOV_TO_CONTROL_REGS_EVENTS
Definition Events.h:316
PASSING_OVER_TSC_EVENTS
@ PASSING_OVER_TSC_EVENTS
Definition Events.h:306
PASSING_OVER_MOV_TO_HW_DEBUG_REGS_EVENTS
@ PASSING_OVER_MOV_TO_HW_DEBUG_REGS_EVENTS
Definition Events.h:311
PASSING_OVER_UD_EXCEPTIONS_FOR_SYSCALL_SYSRET_HOOK
@ PASSING_OVER_UD_EXCEPTIONS_FOR_SYSCALL_SYSRET_HOOK
Definition Events.h:295
PASSING_OVER_NONE
@ PASSING_OVER_NONE
Definition Events.h:294
PASSING_OVER_EXCEPTION_EVENTS
@ PASSING_OVER_EXCEPTION_EVENTS
Definition Events.h:296
DEBUGGER_SHORT_CIRCUITING_EVENT
struct _DEBUGGER_SHORT_CIRCUITING_EVENT DEBUGGER_SHORT_CIRCUITING_EVENT
request for performing a short-circuiting event
DEBUGGER_MODIFY_EVENTS_TYPE
enum _DEBUGGER_MODIFY_EVENTS_TYPE DEBUGGER_MODIFY_EVENTS_TYPE
different types of modifying events request (enable/disable/clear)
_PROTECTED_HV_RESOURCES_TYPE
_PROTECTED_HV_RESOURCES_TYPE
Type of protected (multi-used) resources.
Definition Events.h:325
PROTECTED_HV_RESOURCES_MOV_CONTROL_REGISTER_EXITING
@ PROTECTED_HV_RESOURCES_MOV_CONTROL_REGISTER_EXITING
Definition Events.h:334
PROTECTED_HV_RESOURCES_EXCEPTION_BITMAP
@ PROTECTED_HV_RESOURCES_EXCEPTION_BITMAP
Definition Events.h:326
PROTECTED_HV_RESOURCES_MOV_TO_DEBUG_REGISTER_EXITING
@ PROTECTED_HV_RESOURCES_MOV_TO_DEBUG_REGISTER_EXITING
Definition Events.h:332
PROTECTED_HV_RESOURCES_MOV_TO_CR3_EXITING
@ PROTECTED_HV_RESOURCES_MOV_TO_CR3_EXITING
Definition Events.h:336
PROTECTED_HV_RESOURCES_RDTSC_RDTSCP_EXITING
@ PROTECTED_HV_RESOURCES_RDTSC_RDTSCP_EXITING
Definition Events.h:330
PROTECTED_HV_RESOURCES_EXTERNAL_INTERRUPT_EXITING
@ PROTECTED_HV_RESOURCES_EXTERNAL_INTERRUPT_EXITING
Definition Events.h:328
DEBUGGER_EVENT_SYSCALL_SYSRET_TYPE
enum _DEBUGGER_EVENT_SYSCALL_SYSRET_TYPE DEBUGGER_EVENT_SYSCALL_SYSRET_TYPE
Type of handling !syscall or !sysret.
DEBUGGER_GENERAL_ACTION
struct _DEBUGGER_GENERAL_ACTION DEBUGGER_GENERAL_ACTION
Each event can have multiple actions.
PDEBUGGER_GENERAL_ACTION
struct _DEBUGGER_GENERAL_ACTION * PDEBUGGER_GENERAL_ACTION
DEBUGGER_EVENT_OPTIONS
struct _DEBUGGER_EVENT_OPTIONS DEBUGGER_EVENT_OPTIONS
request for performing a short-circuiting event
DEBUGGER_MODIFY_EVENTS
struct _DEBUGGER_MODIFY_EVENTS DEBUGGER_MODIFY_EVENTS
request for modifying events (enable/disable/clear)
_EXCEPTION_VECTORS
_EXCEPTION_VECTORS
Exceptions enum.
Definition Events.h:23
EXCEPTION_VECTOR_RESERVED11
@ EXCEPTION_VECTOR_RESERVED11
Definition Events.h:54
EXCEPTION_VECTOR_GENERAL_PROTECTION_FAULT
@ EXCEPTION_VECTOR_GENERAL_PROTECTION_FAULT
Definition Events.h:37
EXCEPTION_VECTOR_MATH_FAULT
@ EXCEPTION_VECTOR_MATH_FAULT
Definition Events.h:40
EXCEPTION_VECTOR_STACK_SEGMENT_FAULT
@ EXCEPTION_VECTOR_STACK_SEGMENT_FAULT
Definition Events.h:36
EXCEPTION_VECTOR_INVALID_TASK_SEGMENT_SELECTOR
@ EXCEPTION_VECTOR_INVALID_TASK_SEGMENT_SELECTOR
Definition Events.h:34
EXCEPTION_VECTOR_RESERVED0
@ EXCEPTION_VECTOR_RESERVED0
Definition Events.h:33
EXCEPTION_VECTOR_UNDEFINED_OPCODE
@ EXCEPTION_VECTOR_UNDEFINED_OPCODE
Definition Events.h:30
EXCEPTION_VECTOR_NMI
@ EXCEPTION_VECTOR_NMI
Definition Events.h:26
PMI_INTERRUPT
@ PMI_INTERRUPT
Definition Events.h:64
EXCEPTION_VECTOR_RESERVED10
@ EXCEPTION_VECTOR_RESERVED10
Definition Events.h:53
EXCEPTION_VECTOR_DEBUG_BREAKPOINT
@ EXCEPTION_VECTOR_DEBUG_BREAKPOINT
Definition Events.h:25
EXCEPTION_VECTOR_DIVIDE_ERROR
@ EXCEPTION_VECTOR_DIVIDE_ERROR
Definition Events.h:24
APC_INTERRUPT
@ APC_INTERRUPT
Definition Events.h:60
EXCEPTION_VECTOR_RESERVED8
@ EXCEPTION_VECTOR_RESERVED8
Definition Events.h:51
IPI_INTERRUPT
@ IPI_INTERRUPT
Definition Events.h:63
EXCEPTION_VECTOR_PAGE_FAULT
@ EXCEPTION_VECTOR_PAGE_FAULT
Definition Events.h:38
EXCEPTION_VECTOR_RESERVED9
@ EXCEPTION_VECTOR_RESERVED9
Definition Events.h:52
EXCEPTION_VECTOR_RESERVED5
@ EXCEPTION_VECTOR_RESERVED5
Definition Events.h:48
EXCEPTION_VECTOR_ALIGNMENT_CHECK
@ EXCEPTION_VECTOR_ALIGNMENT_CHECK
Definition Events.h:41
EXCEPTION_VECTOR_RESERVED4
@ EXCEPTION_VECTOR_RESERVED4
Definition Events.h:47
EXCEPTION_VECTOR_RESERVED1
@ EXCEPTION_VECTOR_RESERVED1
Definition Events.h:39
EXCEPTION_VECTOR_RESERVED2
@ EXCEPTION_VECTOR_RESERVED2
Definition Events.h:45
CLOCK_INTERRUPT
@ CLOCK_INTERRUPT
Definition Events.h:62
EXCEPTION_VECTOR_MACHINE_CHECK
@ EXCEPTION_VECTOR_MACHINE_CHECK
Definition Events.h:42
EXCEPTION_VECTOR_SIMD_FLOATING_POINT_NUMERIC_ERROR
@ EXCEPTION_VECTOR_SIMD_FLOATING_POINT_NUMERIC_ERROR
Definition Events.h:43
EXCEPTION_VECTOR_NO_MATH_COPROCESSOR
@ EXCEPTION_VECTOR_NO_MATH_COPROCESSOR
Definition Events.h:31
EXCEPTION_VECTOR_VIRTUAL_EXCEPTION
@ EXCEPTION_VECTOR_VIRTUAL_EXCEPTION
Definition Events.h:44
EXCEPTION_VECTOR_RESERVED6
@ EXCEPTION_VECTOR_RESERVED6
Definition Events.h:49
EXCEPTION_VECTOR_RESERVED12
@ EXCEPTION_VECTOR_RESERVED12
Definition Events.h:55
DPC_INTERRUPT
@ DPC_INTERRUPT
Definition Events.h:61
EXCEPTION_VECTOR_BOUND_RANGE_EXCEEDED
@ EXCEPTION_VECTOR_BOUND_RANGE_EXCEEDED
Definition Events.h:29
EXCEPTION_VECTOR_RESERVED3
@ EXCEPTION_VECTOR_RESERVED3
Definition Events.h:46
EXCEPTION_VECTOR_OVERFLOW
@ EXCEPTION_VECTOR_OVERFLOW
Definition Events.h:28
EXCEPTION_VECTOR_SEGMENT_NOT_PRESENT
@ EXCEPTION_VECTOR_SEGMENT_NOT_PRESENT
Definition Events.h:35
EXCEPTION_VECTOR_RESERVED7
@ EXCEPTION_VECTOR_RESERVED7
Definition Events.h:50
EXCEPTION_VECTOR_DOUBLE_FAULT
@ EXCEPTION_VECTOR_DOUBLE_FAULT
Definition Events.h:32
EXCEPTION_VECTOR_BREAKPOINT
@ EXCEPTION_VECTOR_BREAKPOINT
Definition Events.h:27
DEBUGGER_EVENT_AND_ACTION_RESULT
struct _DEBUGGER_EVENT_AND_ACTION_RESULT DEBUGGER_EVENT_AND_ACTION_RESULT
Status of register buffers.
_DEBUGGER_EVENT_AND_ACTION_RESULT
Status of register buffers.
Definition Events.h:423
_DEBUGGER_EVENT_AND_ACTION_RESULT::Error
UINT32 Error
Definition Events.h:425
_DEBUGGER_EVENT_AND_ACTION_RESULT::IsSuccessful
BOOLEAN IsSuccessful
Definition Events.h:424
_DEBUGGER_EVENT_OPTIONS
request for performing a short-circuiting event
Definition Events.h:271
_DEBUGGER_EVENT_OPTIONS::OptionalParam5
UINT64 OptionalParam5
Definition Events.h:276
_DEBUGGER_EVENT_OPTIONS::OptionalParam2
UINT64 OptionalParam2
Definition Events.h:273
_DEBUGGER_EVENT_OPTIONS::OptionalParam3
UINT64 OptionalParam3
Definition Events.h:274
_DEBUGGER_EVENT_OPTIONS::OptionalParam6
UINT64 OptionalParam6
Definition Events.h:277
_DEBUGGER_EVENT_OPTIONS::OptionalParam1
UINT64 OptionalParam1
Definition Events.h:272
_DEBUGGER_EVENT_OPTIONS::OptionalParam4
UINT64 OptionalParam4
Definition Events.h:275
_DEBUGGER_GENERAL_ACTION
Each event can have multiple actions.
Definition Events.h:406
_DEBUGGER_GENERAL_ACTION::CustomCodeBufferSize
UINT32 CustomCodeBufferSize
Definition Events.h:412
_DEBUGGER_GENERAL_ACTION::ScriptBufferSize
UINT32 ScriptBufferSize
Definition Events.h:413
_DEBUGGER_GENERAL_ACTION::ActionType
DEBUGGER_EVENT_ACTION_TYPE_ENUM ActionType
Definition Events.h:408
_DEBUGGER_GENERAL_ACTION::ScriptBufferPointer
UINT32 ScriptBufferPointer
Definition Events.h:414
_DEBUGGER_GENERAL_ACTION::PreAllocatedBuffer
UINT32 PreAllocatedBuffer
Definition Events.h:410
_DEBUGGER_GENERAL_ACTION::ImmediateMessagePassing
BOOLEAN ImmediateMessagePassing
Definition Events.h:409
_DEBUGGER_GENERAL_ACTION::EventTag
UINT64 EventTag
Definition Events.h:407
_DEBUGGER_GENERAL_EVENT_DETAIL
Each command is like the following struct, it also used for tracing works in user mode and sending it...
Definition Events.h:350
_DEBUGGER_GENERAL_EVENT_DETAIL::Options
DEBUGGER_EVENT_OPTIONS Options
Definition Events.h:391
_DEBUGGER_GENERAL_EVENT_DETAIL::EnableShortCircuiting
BOOLEAN EnableShortCircuiting
Definition Events.h:366
_DEBUGGER_GENERAL_EVENT_DETAIL::IsEnabled
BOOLEAN IsEnabled
Definition Events.h:364
_DEBUGGER_GENERAL_EVENT_DETAIL::EventType
VMM_EVENT_TYPE_ENUM EventType
Definition Events.h:389
_DEBUGGER_GENERAL_EVENT_DETAIL::CountOfActions
UINT32 CountOfActions
Definition Events.h:386
_DEBUGGER_GENERAL_EVENT_DETAIL::OutputSourceTags
UINT64 OutputSourceTags[DebuggerOutputSourceMaximumRemoteSourceForSingleEvent]
Definition Events.h:377
_DEBUGGER_GENERAL_EVENT_DETAIL::Tag
UINT64 Tag
Definition Events.h:388
_DEBUGGER_GENERAL_EVENT_DETAIL::HasCustomOutput
BOOLEAN HasCustomOutput
Definition Events.h:372
_DEBUGGER_GENERAL_EVENT_DETAIL::EventStage
VMM_CALLBACK_EVENT_CALLING_STAGE_TYPE EventStage
Definition Events.h:369
_DEBUGGER_GENERAL_EVENT_DETAIL::ConditionBufferSize
UINT32 ConditionBufferSize
Definition Events.h:395
_DEBUGGER_GENERAL_EVENT_DETAIL::ProcessId
UINT32 ProcessId
Definition Events.h:360
_DEBUGGER_GENERAL_EVENT_DETAIL::CoreId
UINT32 CoreId
Definition Events.h:357
_DEBUGGER_GENERAL_EVENT_DETAIL::CommandStringBuffer
PVOID CommandStringBuffer
Definition Events.h:393
_DEBUGGER_GENERAL_EVENT_DETAIL::CommandsEventList
LIST_ENTRY CommandsEventList
Definition Events.h:352
_DEBUGGER_GENERAL_EVENT_DETAIL::CreationTime
time_t CreationTime
Definition Events.h:355
_DEBUGGER_MODIFY_EVENTS
request for modifying events (enable/disable/clear)
Definition Events.h:242
_DEBUGGER_MODIFY_EVENTS::TypeOfAction
DEBUGGER_MODIFY_EVENTS_TYPE TypeOfAction
Definition Events.h:246
_DEBUGGER_MODIFY_EVENTS::IsEnabled
BOOLEAN IsEnabled
Definition Events.h:247
_DEBUGGER_MODIFY_EVENTS::KernelStatus
UINT64 KernelStatus
Definition Events.h:244
_DEBUGGER_MODIFY_EVENTS::Tag
UINT64 Tag
Definition Events.h:243
_DEBUGGER_SHORT_CIRCUITING_EVENT
request for performing a short-circuiting event
Definition Events.h:256
_DEBUGGER_SHORT_CIRCUITING_EVENT::IsShortCircuiting
BOOLEAN IsShortCircuiting
Definition Events.h:258
_DEBUGGER_SHORT_CIRCUITING_EVENT::KernelStatus
UINT64 KernelStatus
Definition Events.h:257