Petr Beneš

The issue here is that VMWare's backdoor (operating at port 0x5658, both via in/out instructions) has somewhat its own "calling convention". in/out instructions usually operate with rdi/rsi/rax/rdx registers only -...

I've researched this bit more and... boy, does it behave weirdly! First of all, setting up custom I/O VM-exit instruction handler doesn't solve it. Why? Because VMWare Tools execute I/O...

Hi @dxgkrnl, I generated the `struct`s automatically using my other project - https://github.com/wbenny/ia32-doc. In my case, the `36` ended up there because I hardcoded `MAXPHYADDR = 48` before generation. Explanation...

* You can disable padding members with `-p-` switch * This one I've been planning for a long time :) it's really simple change, but one day I hopefully make...

@bugproof There's currently no way without code change.

Hi, I'm sorry, but I have quite hard time to understand some of your points. 1. Why it would be a bug? Also, tor_socket.cpp:447 shows closing parenthesis of `tor_socket::recv_certificates` function....

Can you share the pdb?

Yep, looks like msdia doesn't understand this old format, unfortunatelly. Custom PDB parser implementation would be needed for this. I'll gladly accept pull request :)

You're probably missing `#pragma pack(1)` - which is recommended to use with any structs on ntdiff.

Yup, I've seen that some of the structures in newer Win10 builds are somewhat broken :/ I'll have to look into this.