Module Variable

In addition to functions we also have module variables like nt!MmPagedPoolCommit in Windows 7:

0: kd> x nt!MmPagedPool*
fffff800`031148d0 nt!MmPagedPoolInfo = <no type information>
fffff800`03092d20 nt!MmPagedPoolCommit = <no type information>
fffff800`031141a0 nt!MmPagedPoolEnd = <no type information>
fffff800`031175c0 nt!MmPagedPoolWs = <no type information>

If we are not sure whether we have a function or a Module Variable we can try to disassemble its address:

0: kd> u nt!MmPagedPoolCommit
nt!MmPagedPoolCommit:
fffff800`03092d20 e3b2 jrcxz nt!MmTotalNonPagedPoolQuota+0x4
(fffff800`03092cd4)
fffff800`03092d22 0000 add byte ptr [rax],al
fffff800`03092d24 0000 add byte ptr [rax],al
fffff800`03092d26 0000 add byte ptr [rax],al
fffff800`03092d28 0000 add byte ptr [rax],al
fffff800`03092d2a 0000 add byte ptr [rax],al
fffff800`03092d2c 0000 add byte ptr [rax],al
fffff800`03092d2e 0000 add byte ptr [rax],al

Here the value is probably in pages so we multiply by 4 to get a value in Kb and compare to the output of !vm command:

0: kd> dp nt!MmPagedPoolCommit
fffff800`03092d20 00000000`0000b2e3 00000000`00000000
fffff800`03092d30 00000000`00000000 00000000`00000000
fffff800`03092d40 00000000`00000001 00000000`00000000
fffff800`03092d50 00000000`00000000 00000000`00060107
fffff800`03092d60 fffff800`03092d60 fffff800`03092d60
fffff800`03092d70 00000000`00000000 00000000`0001e972
fffff800`03092d80 fffff900`c0000000 00000000`00000002
fffff800`03092d90 fffff880`071dc0a8 fffff880`057340a8

0: kd> ? b2e3 * 4
Evaluate expression: 183180 = 00000000`0002cb8c

0: kd> !vm

       *** Virtual Memory Usage ***
Physical Memory:       1035228 ( 4140912 Kb)
Page File:             ??C:pagefile.sys
Current: 4448112 Kb    Free Space: 4448108 Kb
Minimum: 4448112 Kb    Maximum: 12422736 Kb
Unimplemented error for MiSystemVaTypeCount
Available Pages:         594029 (   2376116 Kb)
ResAvail Pages:          889795 (   3559180 Kb)
Locked IO Pages:           0 (            0 Kb)
Free System PTEs:      33556870 ( 134227480 Kb)
Modified Pages:           20079 (     80316 Kb)
Modified PF Pages:        19441 (     77764 Kb)
NonPagedPool Usage:    50865104 ( 203460416 Kb)
NonPagedPoolNx Usage:     28163 (    112652 Kb)
NonPagedPool Max:        763396 (   3053584 Kb)
********** Excessive NonPaged Pool Usage *****
PagedPool 0 Usage:        39420 (    157680 Kb)
PagedPool 1 Usage:         5194 (     20776 Kb)
PagedPool 2 Usage:          367 (      1468 Kb)
PagedPool 3 Usage:          338 (      1352 Kb)
PagedPool 4 Usage:          440 (      1760 Kb)
PagedPool Usage:          45759 (    183036 Kb)
PagedPool Maximum:     33554432 ( 134217728 Kb)
Session Commit:            8112 (     32448 Kb)
Shared Commit:            31802 (    127208 Kb)
Special Pool:                 0 (         0 Kb)
Shared Process:           10765 (     43060 Kb)
PagedPool Commit:         45795 (    183180 Kb)
Driver Commit:            13773 (     55092 Kb)
Committed pages:         540998 (   2163992 Kb)
Commit limit:            146794 (   8587176 Kb)
[...]

Knowledge of available module variables is useful because some of them are not included in WinDbg extension command output. For their list please consult Windows Internals book. Useful variables can also be found in other modules as well, for example, srv!srvcomputername (Volume 1, page 616):

0: kd> dS srv!srvcomputername
fffff8a0`0344b090 "MYNOTEBOOK"