Hi all!,
i’m new here and a newbie with kernel stuffs.
i would like to know how can i dump the content of every GDT in a machine
with multiple cores, i mean, for example, if i have a machine with two
processors, i would like to be able to see the two GDTs, is this possible?.
Thanks in advanced for your questions!.
The first thing you should do is read the first quarter of the help file. It will answer a lot of your questions. It’s a quick read, but you really need to do that first thing.
After that you can read the second quarter of the help file at your leisure. The second half of the help file is predominantly about writing debugger extensions and you probably aren’t concerned with that right now.
Paul
----- Original Message -----
From: “rage”
To: “Kernel Debugging Interest List”
Sent: Friday, February 19, 2010 8:41:52 AM GMT -05:00 US/Canada Eastern
Subject: [windbg] Question about Windbg and GDT
Hi all!,
i’m new here and a newbie with kernel stuffs.
i would like to know how can i dump the content of every GDT in a machine with multiple cores, i mean, for example, if i have a machine with two processors, i would like to be able to see the two GDTs, is this possible?.
Thanks in advanced for your questions!.
— WINDBG is sponsored by OSR For our schedule of WDF, WDM, debugging and other seminars visit: http://www.osr.com/seminars To unsubscribe, visit the List Server section of OSR Online at http://www.osronline.com/page.cfm?name=ListServer
The base address of the GDT is in the GDTR register and the size is in the
GDTL register, so you can view these with @gdtr and @gdtl (respectively).
For example:
0: kd> r @gdtr
gdtr=8003f000
0: kd> r @gdtl
gdtl=000003ff
If you want the base on other processors, you can switch processors with the
~ command and repeat:
0: kd> ~1
1: kd> r @gdtr
gdtr=f8733190
1: kd> r @gdtl
gdtl=000003ff
If you want to start parsing this yourself, the kernel data type for the
entries is nt!_KGDTENTRY. If you want the entries printed out pretty for you
already, you can use the Display Segment command “dg”:
1: kd> r @cs
cs=00000008
1: kd> dg @cs
P Si Gr Pr Lo
Sel Base Limit Type l ze an es ng Flags
0008 00000000 ffffffff Code RE Ac 0 Bg Pg P Nl 00000c9b
HTH and good luck!
-scott
–
Scott Noone
Consulting Associate
OSR Open Systems Resources, Inc.
http://www.osronline.com
“rage” wrote in message news:xxxxx@windbg…
Hi all!,
i’m new here and a newbie with kernel stuffs.
i would like to know how can i dump the content of every GDT in a machine
with multiple cores, i mean, for example, if i have a machine with two
processors, i would like to be able to see the two GDTs, is this possible?.
Thanks in advanced for your questions!.
1 Like
Thank you very much! this is what i’ve been looking for!.
On Fri, Feb 19, 2010 at 12:23 PM, Scott Noone wrote:
> The base address of the GDT is in the GDTR register and the size is in the
> GDTL register, so you can view these with @gdtr and @gdtl (respectively).
> For example:
>
> 0: kd> r @gdtr
> gdtr=8003f000
> 0: kd> r @gdtl
> gdtl=000003ff
>
> If you want the base on other processors, you can switch processors with
> the ~ command and repeat:
>
> 0: kd> ~1
> 1: kd> r @gdtr
> gdtr=f8733190
> 1: kd> r @gdtl
> gdtl=000003ff
>
> If you want to start parsing this yourself, the kernel data type for the
> entries is nt!_KGDTENTRY. If you want the entries printed out pretty for you
> already, you can use the Display Segment command “dg”:
>
> 1: kd> r @cs
> cs=00000008
> 1: kd> dg @cs
> P Si Gr Pr Lo
> Sel Base Limit Type l ze an es ng Flags
> ---- -------- -------- ---------- - – – – – --------
> 0008 00000000 ffffffff Code RE Ac 0 Bg Pg P Nl 00000c9b
>
> HTH and good luck!
>
> -scott
>
>
> –
> Scott Noone
> Consulting Associate
> OSR Open Systems Resources, Inc.
> http://www.osronline.com
>
>
> “rage” wrote in message news:xxxxx@windbg…
>
> Hi all!,
>
> i’m new here and a newbie with kernel stuffs.
>
> i would like to know how can i dump the content of every GDT in a machine
> with multiple cores, i mean, for example, if i have a machine with two
> processors, i would like to be able to see the two GDTs, is this possible?.
>
> Thanks in advanced for your questions!.
>
> —
> WINDBG is sponsored by OSR
>
> For our schedule of WDF, WDM, debugging and other seminars visit:
> http://www.osr.com/seminars
>
> To unsubscribe, visit the List Server section of OSR Online at
> http://www.osronline.com/page.cfm?name=ListServer
>
Hello Paul!,
Surely, i should read the help manual but i asked for a specific question.
Sometimes, we do not have time to read the entire manual to do a job. I was
looking for a concrete answer and scott was very direct to answer.
BR,
~rage
On Fri, Feb 19, 2010 at 11:27 AM, Paul Sanders wrote:
> The first thing you should do is read the first quarter of the help file.
> It will answer a lot of your questions. It’s a quick read, but you really
> need to do that first thing.
>
> After that you can read the second quarter of the help file at your
> leisure. The second half of the help file is predominantly about writing
> debugger extensions and you probably aren’t concerned with that right now.
>
> Paul
>
> ----- Original Message -----
> From: “rage”
> To: “Kernel Debugging Interest List”
> Sent: Friday, February 19, 2010 8:41:52 AM GMT -05:00 US/Canada Eastern
> Subject: [windbg] Question about Windbg and GDT
>
> Hi all!,
>
> i’m new here and a newbie with kernel stuffs.
>
> i would like to know how can i dump the content of every GDT in a machine
> with multiple cores, i mean, for example, if i have a machine with two
> processors, i would like to be able to see the two GDTs, is this possible?.
>
> Thanks in advanced for your questions!.
> — WINDBG is sponsored by OSR For our schedule of WDF, WDM, debugging and
> other seminars visit: http://www.osr.com/seminars To unsubscribe, visit
> the List Server section of OSR Online at
> http://www.osronline.com/page.cfm?name=ListServer
>
> —
> WINDBG is sponsored by OSR
>
> For our schedule of WDF, WDM, debugging and other seminars visit:
> http://www.osr.com/seminars
>
> To unsubscribe, visit the List Server section of OSR Online at
> http://www.osronline.com/page.cfm?name=ListServer
>
rage wrote:
Thank you very much! this is what i’ve been looking for!.
Why?
The question is not meant to be snotty – I’m just wondering what task
you could possibly be working on that requires you to know the value of
GDTR for all processors.
–
Tim Roberts, xxxxx@probo.com
Providenza & Boekelheide, Inc.
Hi Tim!,
I’m just doing some research about descriptor tables to do my own tool. It
is just for fun!.
~rage
On Fri, Feb 19, 2010 at 2:43 PM, Tim Roberts wrote:
> rage wrote:
> > Thank you very much! this is what i’ve been looking for!.
>
> Why?
>
> The question is not meant to be snotty – I’m just wondering what task
> you could possibly be working on that requires you to know the value of
> GDTR for all processors.
>
> –
> Tim Roberts, xxxxx@probo.com
> Providenza & Boekelheide, Inc.
>
>
> —
> WINDBG is sponsored by OSR
>
> For our schedule of WDF, WDM, debugging and other seminars visit:
> http://www.osr.com/seminars
>
> To unsubscribe, visit the List Server section of OSR Online at
> http://www.osronline.com/page.cfm?name=ListServer
>
You know you’re replying to an 11 year old thread, right? And that’s not allowed on this forum?
Hint: START A NEW THREAD if you have a question. Don’t necropost to an old thread.