Bitdefender Hypervisor Memory Introspection
winbugcheck.h
Go to the documentation of this file.
1
/*
2
* Copyright (c) 2020 Bitdefender
3
* SPDX-License-Identifier: Apache-2.0
4
*/
16
17
#ifndef _WINBUGCHECK_H_
18
#define _WINBUGCHECK_H_
19
20
#include "
introtypes.h
"
21
22
#define BUGCHECK_IRQL_NOT_LESS_OR_EQUAL 0x0000000A
23
#define BUGCHECK_BAD_POOL_HEADER 0x00000019
24
#define BUGCHECK_MEMORY_MANAGEMENT 0x0000001A
25
#define BUGCHECK_KMODE_EXCEPTION_NOT_HANDLED 0x0000001E
26
#define BUGCHECK_SYSTEM_SERVICE_EXCEPTION 0x0000003B
27
#define BUGCHECK_PFN_LIST_CORRUPT 0x0000004E
28
#define BUGCHECK_PAGE_FAULT_IN_NONPAGED_AREA 0x00000050
29
#define BUGCHECK_PROCESS_INITIALIZATION_FAILED 0x00000060
30
#define BUGCHECK_KERNEL_STACK_INPAGE_ERROR 0x00000077
31
#define BUGCHECK_KERNEL_DATA_INPAGE_ERROR 0x0000007A
32
#define BUGCHECK_INACCESSIBLE_BOOT_DEVICE 0x0000007C
33
#define BUGCHECK_SYSTEM_THREAD_EXCEPTION_NOT_HANDLED 0x0000007E
34
#define BUGCHECK_UNEXPECTED_KERNEL_MODE_TRAP 0x0000007F
35
#define BUGCHECK_KERNEL_MODE_EXCEPTION_NOT_HANDLED 0x0000008E
36
#define BUGCHECK_CRITICAL_PROCESS_DIED 0x000000EF
37
#define BUGCHEDCK_CRITICAL_STRUCTURE_CORRUPTION 0x00000109
38
42
typedef
union
_EFLAGS
43
{
44
DWORD
Raw
;
45
struct
46
{
47
DWORD
CF
: 1;
48
DWORD
Unused5
: 1;
49
DWORD
PF
: 1;
50
DWORD
Unused4
: 1;
51
DWORD
AF
: 1;
52
DWORD
Unused3
: 1;
53
DWORD
ZF
: 1;
54
DWORD
SF
: 1;
55
DWORD
TF
: 1;
56
DWORD
IF
: 1;
57
DWORD
DF
: 1;
58
DWORD
OF
: 1;
59
DWORD
IOPL
: 2;
60
DWORD
NT
: 1;
61
DWORD
Unused2
: 1;
62
DWORD
RF
: 1;
63
DWORD
VF
: 1;
64
DWORD
AC
: 1;
65
DWORD
VIF
: 1;
66
DWORD
VIP
: 1;
67
DWORD
ID
: 1;
68
DWORD
Unused1
: 10;
69
};
70
}
EFLAGS
, *
PEFLAGS
;
71
72
INTSTATUS
73
IntWinBcHandleBugCheck
(
74
_In_
void
const
*Detour
75
);
76
77
#endif
_EFLAGS::RF
DWORD RF
Definition:
winbugcheck.h:62
_EFLAGS::VIP
DWORD VIP
Definition:
winbugcheck.h:66
_In_
#define _In_
Definition:
intro_sal.h:21
EFLAGS
union _EFLAGS EFLAGS
The layout of the EFLAGS register.
_EFLAGS::SF
DWORD SF
Definition:
winbugcheck.h:54
_EFLAGS::Raw
DWORD Raw
Raw register value.
Definition:
winbugcheck.h:44
INTSTATUS
int INTSTATUS
The status data type.
Definition:
introstatus.h:24
_EFLAGS::DF
DWORD DF
Definition:
winbugcheck.h:57
_EFLAGS::IF
DWORD IF
Definition:
winbugcheck.h:56
_EFLAGS::OF
DWORD OF
Definition:
winbugcheck.h:58
_EFLAGS::IOPL
DWORD IOPL
Definition:
winbugcheck.h:59
_EFLAGS::CF
DWORD CF
Definition:
winbugcheck.h:47
_EFLAGS::VIF
DWORD VIF
Definition:
winbugcheck.h:65
_EFLAGS::Unused5
DWORD Unused5
Definition:
winbugcheck.h:48
_EFLAGS::Unused1
DWORD Unused1
Definition:
winbugcheck.h:68
_EFLAGS::TF
DWORD TF
Definition:
winbugcheck.h:55
introtypes.h
_EFLAGS::AF
DWORD AF
Definition:
winbugcheck.h:51
_EFLAGS
The layout of the EFLAGS register.
Definition:
winbugcheck.h:42
_EFLAGS::NT
DWORD NT
Definition:
winbugcheck.h:60
IntWinBcHandleBugCheck
INTSTATUS IntWinBcHandleBugCheck(void const *Detour)
Handles a Windows OS crash.This is the detour handle for the KeBugCheck2 32-bit Windows kernel API an...
Definition:
winbugcheck.c:932
_EFLAGS::Unused2
DWORD Unused2
Definition:
winbugcheck.h:61
_EFLAGS::Unused3
DWORD Unused3
Definition:
winbugcheck.h:52
DWORD
uint32_t DWORD
Definition:
intro_types.h:49
_EFLAGS::Unused4
DWORD Unused4
Definition:
winbugcheck.h:50
_EFLAGS::PF
DWORD PF
Definition:
winbugcheck.h:49
_EFLAGS::ID
DWORD ID
Definition:
winbugcheck.h:67
PEFLAGS
union _EFLAGS * PEFLAGS
_EFLAGS::VF
DWORD VF
Definition:
winbugcheck.h:63
_EFLAGS::ZF
DWORD ZF
Definition:
winbugcheck.h:53
_EFLAGS::AC
DWORD AC
Definition:
winbugcheck.h:64
introcore
include
winbugcheck.h
Generated by
1.8.13
1.8.13 1.8.13