ReactOS  0.4.15-dev-2964-ge2a8585
ketypes.h
Go to the documentation of this file.
1 /*++ NDK Version: 0098
2 
3 Copyright (c) Alex Ionescu. All rights reserved.
4 
5 Header Name:
6 
7  ketypes.h
8 
9 Abstract:
10 
11  Type definitions for the Kernel services.
12 
13 Author:
14 
15  Alex Ionescu (alexi@tinykrnl.org) - Updated - 27-Feb-2006
16 
17 --*/
18 
19 #ifndef _KETYPES_H
20 #define _KETYPES_H
21 
22 //
23 // Dependencies
24 //
25 #include <umtypes.h>
26 #ifndef NTOS_MODE_USER
27 #include <haltypes.h>
28 #include <potypes.h>
29 #include <ifssupp.h>
30 #endif
31 
32 //
33 // A system call ID is formatted as such:
34 // .________________________________________________________________.
35 // | 14 | 13 | 12 | 11 | 10 | 9 | 8 | 7 | 6 | 5 | 4 | 3 | 2 | 1 | 0 |
36 // |--------------|-------------------------------------------------|
37 // | TABLE NUMBER | TABLE OFFSET |
38 // \----------------------------------------------------------------/
39 //
40 // The table number is then used as an index into the service descriptor table.
41 #define TABLE_NUMBER_BITS 1
42 #define TABLE_OFFSET_BITS 12
43 
44 //
45 // There are 2 tables (kernel and shadow, used by Win32K)
46 //
47 #define NUMBER_SERVICE_TABLES 2
48 #define NTOS_SERVICE_INDEX 0
49 #define WIN32K_SERVICE_INDEX 1
50 
51 //
52 // NB. From assembly code, the table number must be computed as an offset into
53 // the service descriptor table.
54 //
55 // Each entry into the table is 16 bytes long on 32-bit architectures, and
56 // 32 bytes long on 64-bit architectures.
57 //
58 // Thus, Table Number 1 is offset 16 (0x10) on x86, and offset 32 (0x20) on
59 // x64.
60 //
61 #ifdef _WIN64
62 #define BITS_PER_ENTRY 5 // (1 << 5) = 32 bytes
63 #else
64 #define BITS_PER_ENTRY 4 // (1 << 4) = 16 bytes
65 #endif
66 
67 //
68 // We want the table number, but leave some extra bits to we can have the offset
69 // into the descriptor table.
70 //
71 #define SERVICE_TABLE_SHIFT (12 - BITS_PER_ENTRY)
72 
73 //
74 // Now the table number (as an offset) is corrupted with part of the table offset
75 // This mask will remove the extra unwanted bits, and give us the offset into the
76 // descriptor table proper.
77 //
78 #define SERVICE_TABLE_MASK (((1 << TABLE_NUMBER_BITS) - 1) << BITS_PER_ENTRY)
79 
80 //
81 // To get the table offset (ie: the service call number), just keep the 12 bits
82 //
83 #define SERVICE_NUMBER_MASK ((1 << TABLE_OFFSET_BITS) - 1)
84 
85 //
86 // We'll often need to check if this is a graphics call. This is done by comparing
87 // the table number offset with the known Win32K table number offset.
88 // This is usually index 1, so table number offset 0x10 (x86) or 0x20 (x64)
89 //
90 #define SERVICE_TABLE_TEST (WIN32K_SERVICE_INDEX << BITS_PER_ENTRY)
91 
92 //
93 // Context Record Flags
94 //
95 #define CONTEXT_DEBUGGER (CONTEXT_FULL | CONTEXT_FLOATING_POINT)
96 
97 //
98 // Maximum System Descriptor Table Entries
99 //
100 #define SSDT_MAX_ENTRIES 2
101 
102 //
103 // Processor Architectures
104 //
105 #define PROCESSOR_ARCHITECTURE_INTEL 0
106 #define PROCESSOR_ARCHITECTURE_MIPS 1
107 #define PROCESSOR_ARCHITECTURE_ALPHA 2
108 #define PROCESSOR_ARCHITECTURE_PPC 3
109 #define PROCESSOR_ARCHITECTURE_SHX 4
110 #define PROCESSOR_ARCHITECTURE_ARM 5
111 #define PROCESSOR_ARCHITECTURE_IA64 6
112 #define PROCESSOR_ARCHITECTURE_ALPHA64 7
113 #define PROCESSOR_ARCHITECTURE_MSIL 8
114 #define PROCESSOR_ARCHITECTURE_AMD64 9
115 #define PROCESSOR_ARCHITECTURE_UNKNOWN 0xFFFF
116 
117 //
118 // Object Type Mask for Kernel Dispatcher Objects
119 //
120 #define KOBJECT_TYPE_MASK 0x7F
121 #define KOBJECT_LOCK_BIT 0x80
122 
123 //
124 // Dispatcher Priority increments
125 //
126 #define THREAD_ALERT_INCREMENT 2
127 
128 //
129 // Physical memory offset of KUSER_SHARED_DATA
130 //
131 #define KI_USER_SHARED_DATA_PHYSICAL 0x41000
132 
133 //
134 // Quantum values and decrements
135 //
136 #define MAX_QUANTUM 0x7F
137 #define WAIT_QUANTUM_DECREMENT 1
138 #define CLOCK_QUANTUM_DECREMENT 3
139 
140 //
141 // Kernel Feature Bits
142 //
143 #define KF_V86_VIS 0x00000001
144 #define KF_RDTSC 0x00000002
145 #define KF_CR4 0x00000004
146 #define KF_CMOV 0x00000008
147 #define KF_GLOBAL_PAGE 0x00000010
148 #define KF_LARGE_PAGE 0x00000020
149 #define KF_MTRR 0x00000040
150 #define KF_CMPXCHG8B 0x00000080
151 #define KF_MMX 0x00000100
152 #define KF_WORKING_PTE 0x00000200
153 #define KF_PAT 0x00000400
154 #define KF_FXSR 0x00000800
155 #define KF_FAST_SYSCALL 0x00001000
156 #define KF_XMMI 0x00002000
157 #define KF_3DNOW 0x00004000
158 #define KF_AMDK6MTRR 0x00008000
159 #define KF_XMMI64 0x00010000
160 #define KF_DTS 0x00020000
161 #define KF_BRANCH 0x00020000 // from ksamd64.inc
162 #define KF_SSE3 0x00080000
163 #define KF_CMPXCHG16B 0x00100000
164 #define KF_XSTATE 0x00800000 // from ks386.inc, ksamd64.inc
165 #define KF_NX_BIT 0x20000000
166 #define KF_NX_DISABLED 0x40000000
167 #define KF_NX_ENABLED 0x80000000
168 
169 #define KF_XSAVEOPT_BIT 15
170 #define KF_XSTATE_BIT 23
171 #define KF_RDWRFSGSBASE_BIT 28
172 
173 //
174 // Internal Exception Codes
175 //
176 #define KI_EXCEPTION_INTERNAL 0x10000000
177 #define KI_EXCEPTION_ACCESS_VIOLATION (KI_EXCEPTION_INTERNAL | 0x04)
178 
179 typedef struct _FIBER /* Field offsets: */
180 { /* i386 arm x64 */
181  PVOID FiberData; /* 0x000 0x000 0x000 */
182  struct _EXCEPTION_REGISTRATION_RECORD *ExceptionList;/* 0x004 0x004 0x008 */
183  PVOID StackBase; /* 0x008 0x008 0x010 */
184  PVOID StackLimit; /* 0x00C 0x00C 0x018 */
185  PVOID DeallocationStack; /* 0x010 0x010 0x020 */
186  CONTEXT FiberContext; /* 0x014 0x018 0x030 */
187 #if (NTDDI_VERSION >= NTDDI_LONGHORN)
188  PVOID Wx86Tib; /* 0x2E0 0x1b8 0x500 */
189  struct _ACTIVATION_CONTEXT_STACK *ActivationContextStackPointer; /* 0x2E4 0x1bc 0x508 */
190  PVOID FlsData; /* 0x2E8 0x1c0 0x510 */
191  ULONG GuaranteedStackBytes; /* 0x2EC 0x1c4 0x518 */
192  ULONG TebFlags; /* 0x2F0 0x1c8 0x51C */
193 #else
194  ULONG GuaranteedStackBytes; /* 0x2E0 */
195  PVOID FlsData; /* 0x2E4 */
196  struct _ACTIVATION_CONTEXT_STACK *ActivationContextStackPointer;
197 #endif
198 } FIBER, *PFIBER;
199 
200 #ifndef NTOS_MODE_USER
201 //
202 // Number of dispatch codes supported by KINTERRUPT
203 //
204 #ifdef _M_AMD64
205 #define DISPATCH_LENGTH 4
206 #elif (NTDDI_VERSION >= NTDDI_LONGHORN)
207 #define DISPATCH_LENGTH 135
208 #else
209 #define DISPATCH_LENGTH 106
210 #endif
211 
212 #else
213 
214 //
215 // KPROCESSOR_MODE Type
216 //
217 typedef CCHAR KPROCESSOR_MODE;
218 
219 //
220 // Dereferencable pointer to KUSER_SHARED_DATA in User-Mode
221 //
222 #define SharedUserData ((KUSER_SHARED_DATA *)USER_SHARED_DATA)
223 
224 #ifdef _X86_
225 /* Macros for user-mode run-time checks of X86 system architecture */
226 
227 #ifndef IsNEC_98
228 #define IsNEC_98 (SharedUserData->AlternativeArchitecture == NEC98x86)
229 #endif
230 
231 #ifndef IsNotNEC_98
232 #define IsNotNEC_98 (SharedUserData->AlternativeArchitecture != NEC98x86)
233 #endif
234 
235 /* User-mode cannot override the architecture */
236 #ifndef SetNEC_98
237 #define SetNEC_98
238 #endif
239 
240 /* User-mode cannot override the architecture */
241 #ifndef SetNotNEC_98
242 #define SetNotNEC_98
243 #endif
244 
245 #else // !_X86_
246 /* Correctly define these run-time definitions for non X86 machines */
247 
248 #ifndef IsNEC_98
249 #define IsNEC_98 (FALSE)
250 #endif
251 
252 #ifndef IsNotNEC_98
253 #define IsNotNEC_98 (TRUE)
254 #endif
255 
256 #ifndef SetNEC_98
257 #define SetNEC_98
258 #endif
259 
260 #ifndef SetNotNEC_98
261 #define SetNotNEC_98
262 #endif
263 
264 #endif // _X86_
265 
266 //
267 // Maximum WOW64 Entries in KUSER_SHARED_DATA
268 //
269 #define MAX_WOW64_SHARED_ENTRIES 16
270 
271 //
272 // Maximum Processor Features supported in KUSER_SHARED_DATA
273 //
274 #define PROCESSOR_FEATURE_MAX 64
275 
276 //
277 // Event Types
278 //
279 typedef enum _EVENT_TYPE
280 {
281  NotificationEvent,
282  SynchronizationEvent
283 } EVENT_TYPE;
284 
285 //
286 // Timer Types
287 //
288 typedef enum _TIMER_TYPE
289 {
290  NotificationTimer,
291  SynchronizationTimer
292 } TIMER_TYPE;
293 
294 //
295 // Wait Types
296 //
297 typedef enum _WAIT_TYPE
298 {
299  WaitAll,
300  WaitAny
301 } WAIT_TYPE;
302 
303 //
304 // Processor Execution Modes
305 //
306 typedef enum _MODE
307 {
308  KernelMode,
309  UserMode,
310  MaximumMode
311 } MODE;
312 
313 //
314 // Wait Reasons
315 //
316 typedef enum _KWAIT_REASON
317 {
318  Executive,
319  FreePage,
320  PageIn,
321  PoolAllocation,
322  DelayExecution,
323  Suspended,
324  UserRequest,
325  WrExecutive,
326  WrFreePage,
327  WrPageIn,
328  WrPoolAllocation,
329  WrDelayExecution,
330  WrSuspended,
331  WrUserRequest,
332  WrEventPair,
333  WrQueue,
334  WrLpcReceive,
335  WrLpcReply,
336  WrVirtualMemory,
337  WrPageOut,
338  WrRendezvous,
339  Spare2,
340  WrGuardedMutex,
341  Spare4,
342  Spare5,
343  Spare6,
344  WrKernel,
345  WrResource,
346  WrPushLock,
347  WrMutex,
348  WrQuantumEnd,
349  WrDispatchInt,
350  WrPreempted,
351  WrYieldExecution,
352  MaximumWaitReason
353 } KWAIT_REASON;
354 
355 //
356 // Profiling Sources
357 //
358 typedef enum _KPROFILE_SOURCE
359 {
360  ProfileTime,
361  ProfileAlignmentFixup,
362  ProfileTotalIssues,
363  ProfilePipelineDry,
364  ProfileLoadInstructions,
365  ProfilePipelineFrozen,
366  ProfileBranchInstructions,
367  ProfileTotalNonissues,
368  ProfileDcacheMisses,
369  ProfileIcacheMisses,
370  ProfileCacheMisses,
371  ProfileBranchMispredictions,
372  ProfileStoreInstructions,
373  ProfileFpInstructions,
374  ProfileIntegerInstructions,
375  Profile2Issue,
376  Profile3Issue,
377  Profile4Issue,
378  ProfileSpecialInstructions,
379  ProfileTotalCycles,
380  ProfileIcacheIssues,
381  ProfileDcacheAccesses,
382  ProfileMemoryBarrierCycles,
383  ProfileLoadLinkedIssues,
384  ProfileMaximum
385 } KPROFILE_SOURCE;
386 
387 //
388 // NT Product and Architecture Types
389 //
390 typedef enum _NT_PRODUCT_TYPE
391 {
392  NtProductWinNt = 1,
393  NtProductLanManNt,
394  NtProductServer
395 } NT_PRODUCT_TYPE, *PNT_PRODUCT_TYPE;
396 
397 typedef enum _ALTERNATIVE_ARCHITECTURE_TYPE
398 {
399  StandardDesign,
400  NEC98x86,
401  EndAlternatives
402 } ALTERNATIVE_ARCHITECTURE_TYPE;
403 
404 #endif
405 
406 //
407 // Thread States
408 //
409 typedef enum _KTHREAD_STATE
410 {
411  Initialized,
412  Ready,
413  Running,
414  Standby,
415  Terminated,
416  Waiting,
417  Transition,
418  DeferredReady,
419 #if (NTDDI_VERSION >= NTDDI_WS03)
420  GateWait
421 #endif
422 } KTHREAD_STATE, *PKTHREAD_STATE;
423 
424 //
425 // Kernel Object Types
426 //
427 typedef enum _KOBJECTS
428 {
429  EventNotificationObject = 0,
430  EventSynchronizationObject = 1,
431  MutantObject = 2,
432  ProcessObject = 3,
433  QueueObject = 4,
434  SemaphoreObject = 5,
435  ThreadObject = 6,
436  GateObject = 7,
437  TimerNotificationObject = 8,
438  TimerSynchronizationObject = 9,
439  Spare2Object = 10,
440  Spare3Object = 11,
441  Spare4Object = 12,
442  Spare5Object = 13,
443  Spare6Object = 14,
444  Spare7Object = 15,
445  Spare8Object = 16,
446  Spare9Object = 17,
447  ApcObject = 18,
448  DpcObject = 19,
449  DeviceQueueObject = 20,
450  EventPairObject = 21,
451  InterruptObject = 22,
452  ProfileObject = 23,
453  ThreadedDpcObject = 24,
454  MaximumKernelObject = 25
455 } KOBJECTS;
456 
457 //
458 // Adjust reasons
459 //
460 typedef enum _ADJUST_REASON
461 {
462  AdjustNone = 0,
463  AdjustUnwait = 1,
464  AdjustBoost = 2
465 } ADJUST_REASON;
466 
467 //
468 // Continue Status
469 //
470 typedef enum _KCONTINUE_STATUS
471 {
472  ContinueError = 0,
473  ContinueSuccess,
474  ContinueProcessorReselected,
475  ContinueNextProcessor
476 } KCONTINUE_STATUS;
477 
478 //
479 // Process States
480 //
481 typedef enum _KPROCESS_STATE
482 {
483  ProcessInMemory,
484  ProcessOutOfMemory,
485  ProcessInTransition,
486  ProcessInSwap,
487  ProcessOutSwap,
488 } KPROCESS_STATE, *PKPROCESS_STATE;
489 
490 //
491 // NtVdmControl Classes
492 //
493 typedef enum _VDMSERVICECLASS
494 {
495  VdmStartExecution = 0,
496  VdmQueueInterrupt = 1,
497  VdmDelayInterrupt = 2,
498  VdmInitialize = 3,
499  VdmFeatures = 4,
500  VdmSetInt21Handler = 5,
501  VdmQueryDir = 6,
502  VdmPrinterDirectIoOpen = 7,
503  VdmPrinterDirectIoClose = 8,
504  VdmPrinterInitialize = 9,
505  VdmSetLdtEntries = 10,
506  VdmSetProcessLdtInfo = 11,
507  VdmAdlibEmulation = 12,
508  VdmPMCliControl = 13,
509  VdmQueryVdmProcess = 14,
510 } VDMSERVICECLASS;
511 
512 #ifdef NTOS_MODE_USER
513 
514 //
515 // APC Normal Routine
516 //
517 typedef VOID
518 (NTAPI *PKNORMAL_ROUTINE)(
519  _In_ PVOID NormalContext,
520  _In_ PVOID SystemArgument1,
521  _In_ PVOID SystemArgument2
522 );
523 
524 //
525 // Timer Routine
526 //
527 typedef VOID
528 (NTAPI *PTIMER_APC_ROUTINE)(
529  _In_ PVOID TimerContext,
530  _In_ ULONG TimerLowValue,
531  _In_ LONG TimerHighValue
532 );
533 
534 //
535 // System Time Structure
536 //
537 typedef struct _KSYSTEM_TIME
538 {
539  ULONG LowPart;
540  LONG High1Time;
541  LONG High2Time;
542 } KSYSTEM_TIME, *PKSYSTEM_TIME;
543 
544 //
545 // Shared Kernel User Data
546 //
547 typedef struct _KUSER_SHARED_DATA
548 {
549  ULONG TickCountLowDeprecated;
550  ULONG TickCountMultiplier;
551  volatile KSYSTEM_TIME InterruptTime;
552  volatile KSYSTEM_TIME SystemTime;
553  volatile KSYSTEM_TIME TimeZoneBias;
554  USHORT ImageNumberLow;
555  USHORT ImageNumberHigh;
556  WCHAR NtSystemRoot[260];
557  ULONG MaxStackTraceDepth;
558  ULONG CryptoExponent;
559  ULONG TimeZoneId;
560  ULONG LargePageMinimum;
561  ULONG Reserved2[7];
562  NT_PRODUCT_TYPE NtProductType;
563  BOOLEAN ProductTypeIsValid;
564  ULONG NtMajorVersion;
565  ULONG NtMinorVersion;
566  BOOLEAN ProcessorFeatures[PROCESSOR_FEATURE_MAX];
567  ULONG Reserved1;
568  ULONG Reserved3;
569  volatile ULONG TimeSlip;
570  ALTERNATIVE_ARCHITECTURE_TYPE AlternativeArchitecture;
571  LARGE_INTEGER SystemExpirationDate;
572  ULONG SuiteMask;
573  BOOLEAN KdDebuggerEnabled;
574 #if (NTDDI_VERSION >= NTDDI_WINXPSP2)
575  UCHAR NXSupportPolicy;
576 #endif
577  volatile ULONG ActiveConsoleId;
578  volatile ULONG DismountCount;
579  ULONG ComPlusPackage;
580  ULONG LastSystemRITEventTickCount;
581  ULONG NumberOfPhysicalPages;
582  BOOLEAN SafeBootMode;
583  ULONG TraceLogging;
584  ULONG Fill0;
585  ULONGLONG TestRetInstruction;
586  ULONG SystemCall;
587  ULONG SystemCallReturn;
588  ULONGLONG SystemCallPad[3];
589  union {
590  volatile KSYSTEM_TIME TickCount;
591  volatile ULONG64 TickCountQuad;
592  };
593  ULONG Cookie;
594 #if (NTDDI_VERSION >= NTDDI_WS03)
595  LONGLONG ConsoleSessionForegroundProcessId;
596  ULONG Wow64SharedInformation[MAX_WOW64_SHARED_ENTRIES];
597 #endif
598 #if (NTDDI_VERSION >= NTDDI_LONGHORN)
599  USHORT UserModeGlobalLogger[8];
600  ULONG HeapTracingPid[2];
601  ULONG CritSecTracingPid[2];
602  union
603  {
604  ULONG SharedDataFlags;
605  struct
606  {
607  ULONG DbgErrorPortPresent:1;
608  ULONG DbgElevationEnabled:1;
609  ULONG DbgVirtEnabled:1;
610  ULONG DbgInstallerDetectEnabled:1;
611  ULONG SpareBits:28;
612  };
613  };
614  ULONG ImageFileExecutionOptions;
615  KAFFINITY ActiveProcessorAffinity;
616 #endif
617 } KUSER_SHARED_DATA, *PKUSER_SHARED_DATA;
618 
619 //
620 // VDM Structures
621 //
622 #include "pshpack1.h"
623 typedef struct _VdmVirtualIca
624 {
625  LONG ica_count[8];
626  LONG ica_int_line;
627  LONG ica_cpu_int;
628  USHORT ica_base;
629  USHORT ica_hipiri;
630  USHORT ica_mode;
631  UCHAR ica_master;
632  UCHAR ica_irr;
633  UCHAR ica_isr;
634  UCHAR ica_imr;
635  UCHAR ica_ssr;
636 } VDMVIRTUALICA, *PVDMVIRTUALICA;
637 #include "poppack.h"
638 
639 typedef struct _VdmIcaUserData
640 {
641  PVOID pIcaLock;
642  PVDMVIRTUALICA pIcaMaster;
643  PVDMVIRTUALICA pIcaSlave;
644  PULONG pDelayIrq;
645  PULONG pUndelayIrq;
646  PULONG pDelayIret;
647  PULONG pIretHooked;
648  PULONG pAddrIretBopTable;
649  PHANDLE phWowIdleEvent;
650  PLARGE_INTEGER pIcaTimeout;
651  PHANDLE phMainThreadSuspended;
652 } VDMICAUSERDATA, *PVDMICAUSERDATA;
653 
654 typedef struct _VDM_INITIALIZE_DATA
655 {
656  PVOID TrapcHandler;
657  PVDMICAUSERDATA IcaUserData;
658 } VDM_INITIALIZE_DATA, *PVDM_INITIALIZE_DATA;
659 
660 #else
661 
662 //
663 // System Thread Start Routine
664 //
665 typedef
666 VOID
667 (NTAPI *PKSYSTEM_ROUTINE)(
668  PKSTART_ROUTINE StartRoutine,
669  PVOID StartContext
670 );
671 
672 #ifndef _NTSYSTEM_
673 typedef VOID
674 (NTAPI *PKNORMAL_ROUTINE)(
675  IN PVOID NormalContext OPTIONAL,
676  IN PVOID SystemArgument1 OPTIONAL,
677  IN PVOID SystemArgument2 OPTIONAL);
678 
679 typedef VOID
680 (NTAPI *PKRUNDOWN_ROUTINE)(
681  IN struct _KAPC *Apc);
682 
683 typedef VOID
684 (NTAPI *PKKERNEL_ROUTINE)(
685  IN struct _KAPC *Apc,
686  IN OUT PKNORMAL_ROUTINE *NormalRoutine OPTIONAL,
687  IN OUT PVOID *NormalContext OPTIONAL,
688  IN OUT PVOID *SystemArgument1 OPTIONAL,
689  IN OUT PVOID *SystemArgument2 OPTIONAL);
690 #endif
691 
692 //
693 // APC Environment Types
694 //
695 typedef enum _KAPC_ENVIRONMENT
696 {
697  OriginalApcEnvironment,
698  AttachedApcEnvironment,
699  CurrentApcEnvironment,
700  InsertApcEnvironment
701 } KAPC_ENVIRONMENT;
702 
703 typedef struct _KTIMER_TABLE_ENTRY
704 {
705 #if (NTDDI_VERSION >= NTDDI_LONGHORN) || defined(_M_ARM) || defined(_M_AMD64)
706  KSPIN_LOCK Lock;
707 #endif
708  LIST_ENTRY Entry;
709  ULARGE_INTEGER Time;
710 } KTIMER_TABLE_ENTRY, *PKTIMER_TABLE_ENTRY;
711 
712 typedef struct _KTIMER_TABLE
713 {
714  PKTIMER TimerExpiry[64];
715  KTIMER_TABLE_ENTRY TimerEntries[256];
716 } KTIMER_TABLE, *PKTIMER_TABLE;
717 
718 typedef struct _KDPC_LIST
719 {
720  SINGLE_LIST_ENTRY ListHead;
721  SINGLE_LIST_ENTRY* LastEntry;
722 } KDPC_LIST, *PKDPC_LIST;
723 
724 typedef struct _SYNCH_COUNTERS
725 {
726  ULONG SpinLockAcquireCount;
727  ULONG SpinLockContentionCount;
728  ULONG SpinLockSpinCount;
729  ULONG IpiSendRequestBroadcastCount;
730  ULONG IpiSendRequestRoutineCount;
731  ULONG IpiSendSoftwareInterruptCount;
732  ULONG ExInitializeResourceCount;
733  ULONG ExReInitializeResourceCount;
734  ULONG ExDeleteResourceCount;
735  ULONG ExecutiveResourceAcquiresCount;
736  ULONG ExecutiveResourceContentionsCount;
737  ULONG ExecutiveResourceReleaseExclusiveCount;
738  ULONG ExecutiveResourceReleaseSharedCount;
739  ULONG ExecutiveResourceConvertsCount;
740  ULONG ExAcqResExclusiveAttempts;
741  ULONG ExAcqResExclusiveAcquiresExclusive;
742  ULONG ExAcqResExclusiveAcquiresExclusiveRecursive;
743  ULONG ExAcqResExclusiveWaits;
744  ULONG ExAcqResExclusiveNotAcquires;
745  ULONG ExAcqResSharedAttempts;
746  ULONG ExAcqResSharedAcquiresExclusive;
747  ULONG ExAcqResSharedAcquiresShared;
748  ULONG ExAcqResSharedAcquiresSharedRecursive;
749  ULONG ExAcqResSharedWaits;
750  ULONG ExAcqResSharedNotAcquires;
751  ULONG ExAcqResSharedStarveExclusiveAttempts;
752  ULONG ExAcqResSharedStarveExclusiveAcquiresExclusive;
753  ULONG ExAcqResSharedStarveExclusiveAcquiresShared;
754  ULONG ExAcqResSharedStarveExclusiveAcquiresSharedRecursive;
755  ULONG ExAcqResSharedStarveExclusiveWaits;
756  ULONG ExAcqResSharedStarveExclusiveNotAcquires;
757  ULONG ExAcqResSharedWaitForExclusiveAttempts;
758  ULONG ExAcqResSharedWaitForExclusiveAcquiresExclusive;
759  ULONG ExAcqResSharedWaitForExclusiveAcquiresShared;
760  ULONG ExAcqResSharedWaitForExclusiveAcquiresSharedRecursive;
761  ULONG ExAcqResSharedWaitForExclusiveWaits;
762  ULONG ExAcqResSharedWaitForExclusiveNotAcquires;
763  ULONG ExSetResOwnerPointerExclusive;
764  ULONG ExSetResOwnerPointerSharedNew;
765  ULONG ExSetResOwnerPointerSharedOld;
766  ULONG ExTryToAcqExclusiveAttempts;
767  ULONG ExTryToAcqExclusiveAcquires;
768  ULONG ExBoostExclusiveOwner;
769  ULONG ExBoostSharedOwners;
770  ULONG ExEtwSynchTrackingNotificationsCount;
771  ULONG ExEtwSynchTrackingNotificationsAccountedCount;
772 } SYNCH_COUNTERS, *PSYNCH_COUNTERS;
773 
774 //
775 // PRCB DPC Data
776 //
777 typedef struct _KDPC_DATA
778 {
779 #if (NTDDI_VERSION >= NTDDI_LONGHORN)
780  KDPC_LIST DpcList;
781 #else
782  LIST_ENTRY DpcListHead;
783 #endif
784  ULONG_PTR DpcLock;
785 #if defined(_M_AMD64) || defined(_M_ARM)
786  volatile LONG DpcQueueDepth;
787 #else
788  volatile ULONG DpcQueueDepth;
789 #endif
790  ULONG DpcCount;
791 #if (NTDDI_VERSION >= NTDDI_LONGHORN) || defined(_M_ARM)
792  PKDPC ActiveDpc;
793 #endif
794 } KDPC_DATA, *PKDPC_DATA;
795 
796 //
797 // Per-Processor Lookaside List
798 //
799 typedef struct _PP_LOOKASIDE_LIST
800 {
801  struct _GENERAL_LOOKASIDE *P;
802  struct _GENERAL_LOOKASIDE *L;
803 } PP_LOOKASIDE_LIST, *PPP_LOOKASIDE_LIST;
804 
805 //
806 // Architectural Types
807 //
808 #include <arch/ketypes.h>
809 
810 //
811 // Kernel Memory Node
812 //
813 #include <pshpack1.h>
814 typedef struct _KNODE
815 {
816  SLIST_HEADER DeadStackList;
817  SLIST_HEADER PfnDereferenceSListHead;
818  KAFFINITY ProcessorMask;
819  UCHAR Color;
820  UCHAR Seed;
821  UCHAR NodeNumber;
822  struct _flags {
823  UCHAR Removable : 1;
824  UCHAR Fill : 7;
825  } Flags;
826  ULONG MmShiftedColor;
827  ULONG FreeCount[2];
828  struct _SINGLE_LIST_ENTRY *PfnDeferredList;
829 } KNODE, *PKNODE;
830 #include <poppack.h>
831 
832 //
833 // Structure for Get/SetContext APC
834 //
835 typedef struct _GETSETCONTEXT
836 {
837  KAPC Apc;
838  KEVENT Event;
839  KPROCESSOR_MODE Mode;
840  CONTEXT Context;
841 } GETSETCONTEXT, *PGETSETCONTEXT;
842 
843 //
844 // Kernel Profile Object
845 //
846 typedef struct _KPROFILE
847 {
848  CSHORT Type;
849  CSHORT Size;
850  LIST_ENTRY ProfileListEntry;
851  struct _KPROCESS *Process;
852  PVOID RangeBase;
853  PVOID RangeLimit;
854  ULONG BucketShift;
855  PVOID Buffer;
856  ULONG_PTR Segment;
857  KAFFINITY Affinity;
858  KPROFILE_SOURCE Source;
859  BOOLEAN Started;
860 } KPROFILE, *PKPROFILE;
861 
862 //
863 // Kernel Interrupt Object
864 //
865 typedef struct _KINTERRUPT
866 {
867  CSHORT Type;
868  CSHORT Size;
869  LIST_ENTRY InterruptListEntry;
870  PKSERVICE_ROUTINE ServiceRoutine;
871 #if (NTDDI_VERSION >= NTDDI_LONGHORN)
872  PKSERVICE_ROUTINE MessageServiceRoutine;
873  ULONG MessageIndex;
874 #endif
875  PVOID ServiceContext;
876  KSPIN_LOCK SpinLock;
877  ULONG TickCount;
878  PKSPIN_LOCK ActualLock;
879  PKINTERRUPT_ROUTINE DispatchAddress;
880  ULONG Vector;
881  KIRQL Irql;
882  KIRQL SynchronizeIrql;
883  BOOLEAN FloatingSave;
884  BOOLEAN Connected;
885  CCHAR Number;
886  BOOLEAN ShareVector;
887  KINTERRUPT_MODE Mode;
888 #if (NTDDI_VERSION >= NTDDI_LONGHORN)
889  KINTERRUPT_POLARITY Polarity;
890 #endif
891  ULONG ServiceCount;
892  ULONG DispatchCount;
893 #if (NTDDI_VERSION >= NTDDI_LONGHORN)
894  ULONGLONG Rsvd1;
895 #endif
896 #ifdef _M_AMD64
897  PKTRAP_FRAME TrapFrame;
898  PVOID Reserved;
899 #endif
900  ULONG DispatchCode[DISPATCH_LENGTH];
901 } KINTERRUPT;
902 
903 //
904 // Kernel Event Pair Object
905 //
906 typedef struct _KEVENT_PAIR
907 {
908  CSHORT Type;
909  CSHORT Size;
910  KEVENT LowEvent;
911  KEVENT HighEvent;
912 } KEVENT_PAIR, *PKEVENT_PAIR;
913 
914 //
915 // Kernel No Execute Options
916 //
917 typedef struct _KEXECUTE_OPTIONS
918 {
919  UCHAR ExecuteDisable:1;
920  UCHAR ExecuteEnable:1;
921  UCHAR DisableThunkEmulation:1;
922  UCHAR Permanent:1;
923  UCHAR ExecuteDispatchEnable:1;
924  UCHAR ImageDispatchEnable:1;
925  UCHAR Spare:2;
926 } KEXECUTE_OPTIONS, *PKEXECUTE_OPTIONS;
927 
928 #if (NTDDI_VERSION >= NTDDI_WIN7)
929 typedef union _KWAIT_STATUS_REGISTER
930 {
931  UCHAR Flags;
932  struct
933  {
934  UCHAR State:2;
935  UCHAR Affinity:1;
936  UCHAR Priority:1;
937  UCHAR Apc:1;
938  UCHAR UserApc:1;
939  UCHAR Alert:1;
940  UCHAR Unused:1;
941  };
942 } KWAIT_STATUS_REGISTER, *PKWAIT_STATUS_REGISTER;
943 
944 typedef struct _COUNTER_READING
945 {
946  enum _HARDWARE_COUNTER_TYPE Type;
947  ULONG Index;
948  ULONG64 Start;
949  ULONG64 Total;
950 }COUNTER_READING, *PCOUNTER_READING;
951 
952 typedef struct _KTHREAD_COUNTERS
953 {
954  ULONG64 WaitReasonBitMap;
955  struct _THREAD_PERFORMANCE_DATA* UserData;
956  ULONG Flags;
957  ULONG ContextSwitches;
958  ULONG64 CycleTimeBias;
959  ULONG64 HardwareCounters;
960  COUNTER_READING HwCounter[16];
961 }KTHREAD_COUNTERS, *PKTHREAD_COUNTERS;
962 #endif
963 
965 #if (NTDDI_VERSION >= NTDDI_WIN8)
966 typedef struct _RTL_RB_TREE
967 {
968  PRTL_BALANCED_NODE Root;
969  PRTL_BALANCED_NODE Min;
970 } RTL_RB_TREE, *PRTL_RB_TREE;
971 #endif
972 
973 #if (NTDDI_VERSION >= NTDDI_WINBLUE)
974 typedef struct _KLOCK_ENTRY_LOCK_STATE
975 {
976  union
977  {
978  struct
979  {
980 #if (NTDDI_VERSION >= NTDDI_WIN10) // since 6.4.9841.0
981  ULONG_PTR CrossThreadReleasable : 1;
982 #else
983  ULONG_PTR Waiting : 1;
984 #endif
985  ULONG_PTR Busy : 1;
986  ULONG_PTR Reserved : (8 * sizeof(PVOID)) - 3; // previously Spare
987  ULONG_PTR InTree : 1;
988  };
989  PVOID LockState;
990  };
991  union
992  {
993  PVOID SessionState;
994  struct
995  {
996  ULONG SessionId;
997 #ifdef _WIN64
998  ULONG SessionPad;
999 #endif
1000  };
1001  };
1002 } KLOCK_ENTRY_LOCK_STATE, *PKLOCK_ENTRY_LOCK_STATE;
1003 
1004 typedef struct _KLOCK_ENTRY
1005 {
1006  union
1007  {
1008  RTL_BALANCED_NODE TreeNode;
1009  SINGLE_LIST_ENTRY FreeListEntry;
1010  };
1011 #if (NTDDI_VERSION >= NTDDI_WIN10)
1012  union
1013  {
1014  ULONG EntryFlags;
1015  struct
1016  {
1017  UCHAR EntryOffset;
1018  union
1019  {
1020  UCHAR ThreadLocalFlags;
1021  struct
1022  {
1023  UCHAR WaitingBit : 1;
1024  UCHAR Spare0 : 7;
1025  };
1026  };
1027  union
1028  {
1029  UCHAR AcquiredByte;
1030  UCHAR AcquiredBit : 1;
1031  };
1032  union
1033  {
1034  UCHAR CrossThreadFlags;
1035  struct
1036  {
1037  UCHAR HeadNodeBit : 1;
1038  UCHAR IoPriorityBit : 1;
1039  UCHAR IoQoSWaiter : 1; // since TH2
1040  UCHAR Spare1 : 5;
1041  };
1042  };
1043  };
1044  struct
1045  {
1046  ULONG StaticState : 8;
1047  ULONG AllFlags : 24;
1048  };
1049  };
1050 #ifdef _WIN64
1051  ULONG SpareFlags;
1052 #endif
1053 #else
1054  union
1055  {
1056  PVOID ThreadUnsafe;
1057  struct
1058  {
1059  volatile UCHAR HeadNodeByte;
1060  UCHAR Reserved1[2];
1061  volatile UCHAR AcquiredByte;
1062  };
1063  };
1064 #endif
1065 
1066  union
1067  {
1068  KLOCK_ENTRY_LOCK_STATE LockState;
1069  PVOID LockUnsafe;
1070  struct
1071  {
1072 #if (NTDDI_VERSION >= NTDDI_WIN10)
1073  volatile UCHAR CrossThreadReleasableAndBusyByte;
1074 #else
1075  volatile UCHAR WaitingAndBusyByte;
1076 #endif
1077  UCHAR Reserved[sizeof(PVOID) - 2];
1078  UCHAR InTreeByte;
1079  union
1080  {
1081  PVOID SessionState;
1082  struct
1083  {
1084  ULONG SessionId;
1085 #ifdef _WIN64
1086  ULONG SessionPad;
1087 #endif
1088  };
1089  };
1090  };
1091  };
1092  union
1093  {
1094  struct
1095  {
1096  RTL_RB_TREE OwnerTree;
1097  RTL_RB_TREE WaiterTree;
1098  };
1099  CHAR CpuPriorityKey;
1100  };
1101  ULONG_PTR EntryLock;
1102  union
1103  {
1104 #if _WIN64
1105  ULONG AllBoosts : 17;
1106 #else
1107  USHORT AllBoosts;
1108 #endif
1109  struct
1110  {
1111  struct
1112  {
1113  USHORT CpuBoostsBitmap : 15;
1114  USHORT IoBoost : 1;
1115  };
1116  struct
1117  {
1118  USHORT IoQoSBoost : 1;
1119  USHORT IoNormalPriorityWaiterCount : 8;
1120  USHORT IoQoSWaiterCount : 7;
1121  };
1122  };
1123  };
1124 #if _WIN64
1125  ULONG SparePad;
1126 #endif
1127 } KLOCK_ENTRY, *PKLOCK_ENTRY;
1128 
1129 #endif
1130 
1131 //
1132 // Kernel Thread (KTHREAD)
1133 //
1134 #if (NTDDI_VERSION < NTDDI_WIN8)
1135 
1136 typedef struct _KTHREAD
1137 {
1138  DISPATCHER_HEADER Header;
1139 #if (NTDDI_VERSION >= NTDDI_LONGHORN) // [
1140  ULONGLONG CycleTime;
1141 #ifndef _WIN64 // [
1142  ULONG HighCycleTime;
1143 #endif // ]
1144  ULONGLONG QuantumTarget;
1145 #else // ][
1146  LIST_ENTRY MutantListHead;
1147 #endif // ]
1148  PVOID InitialStack;
1149  ULONG_PTR StackLimit; // FIXME: PVOID
1150  PVOID KernelStack;
1151  KSPIN_LOCK ThreadLock;
1152 #if (NTDDI_VERSION >= NTDDI_WIN7) // [
1153  KWAIT_STATUS_REGISTER WaitRegister;
1154  BOOLEAN Running;
1155  BOOLEAN Alerted[2];
1156  union
1157  {
1158  struct
1159  {
1160  ULONG KernelStackResident:1;
1161  ULONG ReadyTransition:1;
1162  ULONG ProcessReadyQueue:1;
1163  ULONG WaitNext:1;
1164  ULONG SystemAffinityActive:1;
1165  ULONG Alertable:1;
1166  ULONG GdiFlushActive:1;
1167  ULONG UserStackWalkActive:1;
1168  ULONG ApcInterruptRequest:1;
1169  ULONG ForceDeferSchedule:1;
1170  ULONG QuantumEndMigrate:1;
1171  ULONG UmsDirectedSwitchEnable:1;
1172  ULONG TimerActive:1;
1173  ULONG Reserved:19;
1174  };
1175  LONG MiscFlags;
1176  };
1177 #endif // ]
1178  union
1179  {
1180  KAPC_STATE ApcState;
1181  struct
1182  {
1183  UCHAR ApcStateFill[FIELD_OFFSET(KAPC_STATE, UserApcPending) + 1];
1184 #if (NTDDI_VERSION >= NTDDI_LONGHORN) // [
1185  SCHAR Priority;
1186 #if (NTDDI_VERSION >= NTDDI_WIN7) // [
1187  /* On x86, the following members "fall out" of the union */
1188  volatile ULONG NextProcessor;
1189  volatile ULONG DeferredProcessor;
1190 #else // ][
1191  /* On x86, the following members "fall out" of the union */
1192  volatile USHORT NextProcessor;
1193  volatile USHORT DeferredProcessor;
1194 #endif // ]
1195 #else // ][
1196  UCHAR ApcQueueable;
1197  /* On x86, the following members "fall out" of the union */
1198  volatile UCHAR NextProcessor;
1199  volatile UCHAR DeferredProcessor;
1200  UCHAR AdjustReason;
1201  SCHAR AdjustIncrement;
1202 #endif // ]
1203  };
1204  };
1205  KSPIN_LOCK ApcQueueLock;
1206 #ifndef _M_AMD64 // [
1207  ULONG ContextSwitches;
1208  volatile UCHAR State;
1209  UCHAR NpxState;
1210  KIRQL WaitIrql;
1211  KPROCESSOR_MODE WaitMode;
1212 #endif // ]
1213  LONG_PTR WaitStatus;
1214 #if (NTDDI_VERSION >= NTDDI_WIN7) // [
1215  PKWAIT_BLOCK WaitBlockList;
1216 #else // ][
1217  union
1218  {
1219  PKWAIT_BLOCK WaitBlockList;
1220  PKGATE GateObject;
1221  };
1222 #if (NTDDI_VERSION >= NTDDI_LONGHORN) // [
1223  union
1224  {
1225  struct
1226  {
1227  ULONG KernelStackResident:1;
1228  ULONG ReadyTransition:1;
1229  ULONG ProcessReadyQueue:1;
1230  ULONG WaitNext:1;
1231  ULONG SystemAffinityActive:1;
1232  ULONG Alertable:1;
1233  ULONG GdiFlushActive:1;
1234  ULONG Reserved:25;
1235  };
1236  LONG MiscFlags;
1237  };
1238 #else // ][
1239  BOOLEAN Alertable;
1240  BOOLEAN WaitNext;
1241 #endif // ]
1242  UCHAR WaitReason;
1243 #if (NTDDI_VERSION < NTDDI_LONGHORN)
1244  SCHAR Priority;
1245  BOOLEAN EnableStackSwap;
1246 #endif // ]
1247  volatile UCHAR SwapBusy;
1248  BOOLEAN Alerted[MaximumMode];
1249 #endif // ]
1250  union
1251  {
1252  LIST_ENTRY WaitListEntry;
1253  SINGLE_LIST_ENTRY SwapListEntry;
1254  };
1255  PKQUEUE Queue;
1256 #ifndef _M_AMD64 // [
1257  ULONG WaitTime;
1258  union
1259  {
1260  struct
1261  {
1262  SHORT KernelApcDisable;
1263  SHORT SpecialApcDisable;
1264  };
1265  ULONG CombinedApcDisable;
1266  };
1267 #endif // ]
1268  struct _TEB *Teb;
1269 
1270 #if (NTDDI_VERSION >= NTDDI_WIN7) // [
1271  KTIMER Timer;
1272 #else // ][
1273  union
1274  {
1275  KTIMER Timer;
1276  struct
1277  {
1278  UCHAR TimerFill[FIELD_OFFSET(KTIMER, Period) + sizeof(LONG)];
1279 #if !defined(_WIN64) // [
1280  };
1281  };
1282 #endif // ]
1283 #endif // ]
1284  union
1285  {
1286  struct
1287  {
1288  ULONG AutoAlignment:1;
1289  ULONG DisableBoost:1;
1290 #if (NTDDI_VERSION >= NTDDI_LONGHORN) // [
1291  ULONG EtwStackTraceApc1Inserted:1;
1292  ULONG EtwStackTraceApc2Inserted:1;
1293  ULONG CycleChargePending:1;
1294  ULONG CalloutActive:1;
1295  ULONG ApcQueueable:1;
1296  ULONG EnableStackSwap:1;
1297  ULONG GuiThread:1;
1298  ULONG ReservedFlags:23;
1299 #else // ][
1300  LONG ReservedFlags:30;
1301 #endif // ]
1302  };
1303  LONG ThreadFlags;
1304  };
1305 #if defined(_WIN64) && (NTDDI_VERSION < NTDDI_WIN7) // [
1306  };
1307  };
1308 #endif // ]
1309 #if (NTDDI_VERSION >= NTDDI_WIN7) // [
1310 #if defined(_WIN64) // [
1311  ULONG Spare0;
1312 #else // ][
1313  PVOID ServiceTable;
1314 #endif // ]
1315 #endif // ]
1316  union
1317  {
1318  DECLSPEC_ALIGN(8) KWAIT_BLOCK WaitBlock[THREAD_WAIT_OBJECTS + 1];
1319 #if (NTDDI_VERSION < NTDDI_WIN7) // [
1320  struct
1321  {
1322  UCHAR WaitBlockFill0[FIELD_OFFSET(KWAIT_BLOCK, SpareByte)]; // 32bit = 23, 64bit = 43
1323 #if (NTDDI_VERSION >= NTDDI_LONGHORN) // [
1324  UCHAR IdealProcessor;
1325 #else // ][
1326  BOOLEAN SystemAffinityActive;
1327 #endif // ]
1328  };
1329  struct
1330  {
1331  UCHAR WaitBlockFill1[1 * sizeof(KWAIT_BLOCK) + FIELD_OFFSET(KWAIT_BLOCK, SpareByte)]; // 47 / 91
1332  CCHAR PreviousMode;
1333  };
1334  struct
1335  {
1336  UCHAR WaitBlockFill2[2 * sizeof(KWAIT_BLOCK) + FIELD_OFFSET(KWAIT_BLOCK, SpareByte)]; // 71 / 139
1337  UCHAR ResourceIndex;
1338  };
1339  struct
1340  {
1341  UCHAR WaitBlockFill3[3 * sizeof(KWAIT_BLOCK) + FIELD_OFFSET(KWAIT_BLOCK, SpareByte)]; // 95 / 187
1342  UCHAR LargeStack;
1343  };
1344 #endif // ]
1345 #ifdef _WIN64 // [
1346  struct
1347  {
1348  UCHAR WaitBlockFill4[FIELD_OFFSET(KWAIT_BLOCK, SpareLong)];
1349  ULONG ContextSwitches;
1350  };
1351  struct
1352  {
1353  UCHAR WaitBlockFill5[1 * sizeof(KWAIT_BLOCK) + FIELD_OFFSET(KWAIT_BLOCK, SpareLong)];
1354  UCHAR State;
1355  UCHAR NpxState;
1356  UCHAR WaitIrql;
1357  CHAR WaitMode;
1358  };
1359  struct
1360  {
1361  UCHAR WaitBlockFill6[2 * sizeof(KWAIT_BLOCK) + FIELD_OFFSET(KWAIT_BLOCK, SpareLong)];
1362  ULONG WaitTime;
1363  };
1364 #if (NTDDI_VERSION >= NTDDI_WIN7) // [
1365  struct
1366  {
1367  UCHAR WaitBlockFill7[168];
1368  PVOID TebMappedLowVa;
1369  struct _UMS_CONTROL_BLOCK* Ucb;
1370  };
1371 #endif // ]
1372  struct
1373  {
1374 #if (NTDDI_VERSION >= NTDDI_WIN7) // [
1375  UCHAR WaitBlockFill8[188];
1376 #else // ][
1377  UCHAR WaitBlockFill7[3 * sizeof(KWAIT_BLOCK) + FIELD_OFFSET(KWAIT_BLOCK, SpareLong)];
1378 #endif // ]
1379  union
1380  {
1381  struct
1382  {
1383  SHORT KernelApcDisable;
1384  SHORT SpecialApcDisable;
1385  };
1386  ULONG CombinedApcDisable;
1387  };
1388  };
1389 #endif // ]
1390  };
1391  LIST_ENTRY QueueListEntry;
1392  PKTRAP_FRAME TrapFrame;
1393 #if (NTDDI_VERSION >= NTDDI_LONGHORN) // [
1394  PVOID FirstArgument;
1395  union
1396  {
1397  PVOID CallbackStack;
1398  ULONG_PTR CallbackDepth;
1399  };
1400 #else // ][
1401  PVOID CallbackStack;
1402 #endif // ]
1403 #if (NTDDI_VERSION < NTDDI_LONGHORN) || ((NTDDI_VERSION < NTDDI_WIN7) && !defined(_WIN64)) // [
1404  PVOID ServiceTable;
1405 #endif // ]
1406 #if (NTDDI_VERSION < NTDDI_LONGHORN) && defined(_WIN64) // [
1407  ULONG KernelLimit;
1408 #endif // ]
1409  UCHAR ApcStateIndex;
1410 #if (NTDDI_VERSION < NTDDI_LONGHORN) // [
1411  UCHAR IdealProcessor;
1412  BOOLEAN Preempted;
1413  BOOLEAN ProcessReadyQueue;
1414 #ifdef _WIN64 // [
1415  PVOID Win32kTable;
1416  ULONG Win32kLimit;
1417 #endif // ]
1418  BOOLEAN KernelStackResident;
1419 #endif // ]
1420  SCHAR BasePriority;
1421  SCHAR PriorityDecrement;
1422 #if (NTDDI_VERSION >= NTDDI_LONGHORN) // [
1423  BOOLEAN Preempted;
1424  UCHAR AdjustReason;
1425  CHAR AdjustIncrement;
1426 #if (NTDDI_VERSION >= NTDDI_WIN7)
1427  UCHAR PreviousMode;
1428 #else
1429  UCHAR Spare01;
1430 #endif
1431 #endif // ]
1432  CHAR Saturation;
1433 #if (NTDDI_VERSION >= NTDDI_LONGHORN) // [
1434  ULONG SystemCallNumber;
1435 #if (NTDDI_VERSION >= NTDDI_WIN7) // [
1436  ULONG FreezeCount;
1437 #else // ][
1438  ULONG Spare02;
1439 #endif // ]
1440 #endif // ]
1441 #if (NTDDI_VERSION >= NTDDI_WIN7) // [
1442  GROUP_AFFINITY UserAffinity;
1443  struct _KPROCESS *Process;
1444  GROUP_AFFINITY Affinity;
1445  ULONG IdealProcessor;
1446  ULONG UserIdealProcessor;
1447 #else // ][
1448  KAFFINITY UserAffinity;
1449  struct _KPROCESS *Process;
1450  KAFFINITY Affinity;
1451 #endif // ]
1452  PKAPC_STATE ApcStatePointer[2];
1453  union
1454  {
1455  KAPC_STATE SavedApcState;
1456  struct
1457  {
1458  UCHAR SavedApcStateFill[FIELD_OFFSET(KAPC_STATE, UserApcPending) + 1];
1459 #if (NTDDI_VERSION >= NTDDI_WIN7) // [
1460  UCHAR WaitReason;
1461 #else // ][
1462  CCHAR FreezeCount;
1463 #endif // ]
1464 #ifndef _WIN64 // [
1465  };
1466  };
1467 #endif // ]
1468  CCHAR SuspendCount;
1469 #if (NTDDI_VERSION >= NTDDI_WIN7) // [
1470  CCHAR Spare1;
1471 #else // ][
1472  UCHAR UserIdealProcessor;
1473 #endif // ]
1474 #if (NTDDI_VERSION >= NTDDI_WIN7) // [
1475 #elif (NTDDI_VERSION >= NTDDI_LONGHORN) // ][
1476  UCHAR Spare03;
1477 #else // ][
1478  UCHAR CalloutActive;
1479 #endif // ]
1480 #ifdef _WIN64 // [
1481  UCHAR CodePatchInProgress;
1482  };
1483  };
1484 #endif // ]
1485 #if defined(_M_IX86) // [
1486 #if (NTDDI_VERSION >= NTDDI_LONGHORN) // [
1487  UCHAR OtherPlatformFill;
1488 #else // ][
1489  UCHAR Iopl;
1490 #endif // ]
1491 #endif // ]
1492  PVOID Win32Thread;
1493  PVOID StackBase;
1494  union
1495  {
1496  KAPC SuspendApc;
1497  struct
1498  {
1499  UCHAR SuspendApcFill0[1];
1500 #if (NTDDI_VERSION >= NTDDI_WIN7) // [
1501  UCHAR ResourceIndex;
1502 #elif (NTDDI_VERSION >= NTDDI_LONGHORN) // ][
1503  CHAR Spare04;
1504 #else // ][
1505  SCHAR Quantum;
1506 #endif // ]
1507  };
1508  struct
1509  {
1510  UCHAR SuspendApcFill1[3];
1511  UCHAR QuantumReset;
1512  };
1513  struct
1514  {
1515  UCHAR SuspendApcFill2[4];
1516  ULONG KernelTime;
1517  };
1518  struct
1519  {
1520  UCHAR SuspendApcFill3[FIELD_OFFSET(KAPC, SystemArgument1)];
1521 #if (NTDDI_VERSION >= NTDDI_LONGHORN)
1522  PKPRCB WaitPrcb;
1523 #else
1524  PVOID TlsArray;
1525 #endif
1526  };
1527  struct
1528  {
1529  UCHAR SuspendApcFill4[FIELD_OFFSET(KAPC, SystemArgument2)]; // 40 / 72
1530  PVOID LegoData;
1531  };
1532  struct
1533  {
1534  UCHAR SuspendApcFill5[FIELD_OFFSET(KAPC, Inserted) + 1]; // 47 / 83
1535 #if (NTDDI_VERSION >= NTDDI_WIN7) // [
1536  UCHAR LargeStack;
1537 #else // ][
1538  UCHAR PowerState;
1539 #endif // ]
1540 #ifdef _WIN64 // [
1541  ULONG UserTime;
1542 #endif // ]
1543  };
1544  };
1545 #ifndef _WIN64 // [
1546  ULONG UserTime;
1547 #endif // ]
1548  union
1549  {
1550  KSEMAPHORE SuspendSemaphore;
1551  struct
1552  {
1553  UCHAR SuspendSemaphorefill[FIELD_OFFSET(KSEMAPHORE, Limit) + 4]; // 20 / 28
1554 #ifdef _WIN64 // [
1555  ULONG SListFaultCount;
1556 #endif // ]
1557  };
1558  };
1559 #ifndef _WIN64 // [
1560  ULONG SListFaultCount;
1561 #endif // ]
1562  LIST_ENTRY ThreadListEntry;
1563 #if (NTDDI_VERSION >= NTDDI_LONGHORN) // [
1564  LIST_ENTRY MutantListHead;
1565 #endif // ]
1566  PVOID SListFaultAddress;
1567 #ifdef _M_AMD64 // [
1568  LONG64 ReadOperationCount;
1569  LONG64 WriteOperationCount;
1570  LONG64 OtherOperationCount;
1571  LONG64 ReadTransferCount;
1572  LONG64 WriteTransferCount;
1573  LONG64 OtherTransferCount;
1574 #endif // ]
1575 #if (NTDDI_VERSION >= NTDDI_WIN7) // [
1576  PKTHREAD_COUNTERS ThreadCounters;
1577  PXSTATE_SAVE XStateSave;
1578 #elif (NTDDI_VERSION >= NTDDI_LONGHORN) // ][
1579  PVOID MdlForLockedTeb;
1580 #endif // ]
1581 } KTHREAD;
1582 
1583 #else // not (NTDDI_VERSION < NTDDI_WIN8)
1584 
1585 #if defined(_WIN64) && (NTDDI_VERSION < 0x06032580) // since WIN 8.1 Update1 6.3.9600.16384
1586 #define NUMBER_OF_LOCK_ENTRIES 5
1587 #else
1588 #define NUMBER_OF_LOCK_ENTRIES 6
1589 #endif
1590 
1591 typedef struct _KTHREAD
1592 {
1593  DISPATCHER_HEADER Header;
1594  PVOID SListFaultAddress;
1595  ULONG64 QuantumTarget;
1596  PVOID InitialStack;
1597  volatile VOID *StackLimit;
1598  PVOID StackBase;
1599  KSPIN_LOCK ThreadLock;
1600  volatile ULONG64 CycleTime;
1601 #ifndef _WIN64
1602  volatile ULONG HighCycleTime;
1603  PVOID ServiceTable;
1604 #endif
1605  ULONG CurrentRunTime;
1606  ULONG ExpectedRunTime;
1607  PVOID KernelStack;
1608  XSAVE_FORMAT* StateSaveArea;
1609  struct _KSCHEDULING_GROUP* SchedulingGroup;
1610  KWAIT_STATUS_REGISTER WaitRegister;
1611  BOOLEAN Running;
1612  BOOLEAN Alerted[MaximumMode];
1613 
1614  union
1615  {
1616  struct
1617  {
1618 #if (NTDDI_VERSION < NTDDI_WIN10)
1619  ULONG KernelStackResident : 1;
1620 #else
1621  ULONG AutoBoostActive : 1;
1622 #endif
1623  ULONG ReadyTransition : 1;
1624 #if (NTDDI_VERSION < NTDDI_WIN10TH2)
1625  ULONG ProcessReadyQueue : 1;
1626 #endif
1627  ULONG ProcessReadyQueue : 1;
1628  ULONG WaitNext : 1;
1629  ULONG SystemAffinityActive : 1;
1630  ULONG Alertable : 1;
1631 #if (NTDDI_VERSION < NTDDI_WIN81)
1632  ULONG CodePatchInProgress : 1;
1633 #endif
1634  ULONG UserStackWalkActive : 1;
1635  ULONG ApcInterruptRequest : 1;
1636  ULONG QuantumEndMigrate : 1;
1637  ULONG UmsDirectedSwitchEnable : 1;
1638  ULONG TimerActive : 1;
1639  ULONG SystemThread : 1;
1640  ULONG ProcessDetachActive : 1;
1641  ULONG CalloutActive : 1;
1642  ULONG ScbReadyQueue : 1;
1643  ULONG ApcQueueable : 1;
1644  ULONG ReservedStackInUse : 1;
1645  ULONG UmsPerformingSyscall : 1;
1646  ULONG DisableStackCheck : 1;
1647  ULONG Reserved : 12;
1648  };
1649  LONG MiscFlags;
1650  };
1651 
1652  union
1653  {
1654  struct
1655  {
1656  ULONG AutoAlignment : 1;
1657  ULONG DisableBoost : 1;
1658  ULONG UserAffinitySet : 1;
1659  ULONG AlertedByThreadId : 1;
1660  ULONG QuantumDonation : 1;
1661  ULONG EnableStackSwap : 1;
1662  ULONG GuiThread : 1;
1663  ULONG DisableQuantum : 1;
1664  ULONG ChargeOnlyGroup : 1;
1665  ULONG DeferPreemption : 1;
1666  ULONG QueueDeferPreemption : 1;
1667  ULONG ForceDeferSchedule : 1;
1668  ULONG ExplicitIdealProcessor : 1;
1669  ULONG FreezeCount : 1;
1670 #if (NTDDI_VERSION >= 0x060324D7) // since 6.3.9431.0
1671  ULONG TerminationApcRequest : 1;
1672 #endif
1673 #if (NTDDI_VERSION >= 0x06032580) // since 6.3.9600.16384
1674  ULONG AutoBoostEntriesExhausted : 1;
1675 #endif
1676 #if (NTDDI_VERSION >= 0x06032580) // since 6.3.9600.17031
1677  ULONG KernelStackResident : 1;
1678 #endif
1679 #if (NTDDI_VERSION >= NTDDI_WIN10)
1680  ULONG CommitFailTerminateRequest : 1;
1681  ULONG ProcessStackCountDecremented : 1;
1682  ULONG ThreadFlagsSpare : 5;
1683 #endif
1684  ULONG EtwStackTraceApcInserted : 8;
1685 #if (NTDDI_VERSION < NTDDI_WIN10)
1686  ULONG ReservedFlags : 10;
1687 #endif
1688  };
1689  LONG ThreadFlags;
1690  };
1691 
1692 #if (NTDDI_VERSION >= NTDDI_WIN10)
1693  volatile UCHAR Tag;
1694  UCHAR SystemHeteroCpuPolicy;
1695  UCHAR UserHeteroCpuPolicy : 7;
1696  UCHAR ExplicitSystemHeteroCpuPolicy : 1;
1697  UCHAR Spare0;
1698 #else
1699  ULONG Spare0;
1700 #endif
1701  ULONG SystemCallNumber;
1702 #ifdef _WIN64
1703  ULONG Spare1; // Win 10: Spare10
1704 #endif
1705  PVOID FirstArgument;
1706  PKTRAP_FRAME TrapFrame;
1707 
1708  union
1709  {
1710  KAPC_STATE ApcState;
1711  struct
1712  {
1713  UCHAR ApcStateFill[RTL_SIZEOF_THROUGH_FIELD(KAPC_STATE, UserApcPending)]; // 32bit: 23/0x17, 64bit: 43/0x2B
1714  SCHAR Priority;
1715  ULONG UserIdealProcessor;
1716  };
1717  };
1718 
1719 #ifndef _WIN64
1720  ULONG ContextSwitches;
1721  volatile UCHAR State;
1722 #if (NTDDI_VERSION >= NTDDI_WIN10) // since 10.0.10074.0
1723  CHAR Spare12;
1724 #else
1725  CHAR NpxState;
1726 #endif
1727  KIRQL WaitIrql;
1728  KPROCESSOR_MODE WaitMode;
1729 #endif
1730 
1731  volatile INT_PTR WaitStatus;
1732  PKWAIT_BLOCK WaitBlockList;
1733  union
1734  {
1735  LIST_ENTRY WaitListEntry;
1736  SINGLE_LIST_ENTRY SwapListEntry;
1737  };
1738  PKQUEUE Queue;
1739  PVOID Teb;
1740 #if (NTDDI_VERSION >= NTDDI_WIN8 /* 0x060223F0 */) // since 6.2.9200.16384
1741  ULONG64 RelativeTimerBias;
1742 #endif
1743  KTIMER Timer;
1744 
1745  union
1746  {
1747  DECLSPEC_ALIGN(8) KWAIT_BLOCK WaitBlock[THREAD_WAIT_OBJECTS + 1];
1748 #ifdef _WIN64
1749  struct
1750  {
1751  UCHAR WaitBlockFill4[FIELD_OFFSET(KWAIT_BLOCK, SpareLong)]; // 32bit: -, 64bit: 20/0x14
1752  ULONG ContextSwitches;
1753  };
1754  struct
1755  {
1756  UCHAR WaitBlockFill5[1 * sizeof(KWAIT_BLOCK) + FIELD_OFFSET(KWAIT_BLOCK, SpareLong)]; // 32bit: -, 64bit: 68/0x44
1757  UCHAR State;
1758 #if (NTDDI_VERSION >= NTDDI_WIN10)
1759  CHAR Spare13;
1760 #else
1761  CHAR NpxState;
1762 #endif
1763  UCHAR WaitIrql;
1764  CHAR WaitMode;
1765  };
1766  struct
1767  {
1768  UCHAR WaitBlockFill6[2 * sizeof(KWAIT_BLOCK) + FIELD_OFFSET(KWAIT_BLOCK, SpareLong)]; // 32bit: -, 64bit: 116/0x74
1769  ULONG WaitTime;
1770  };
1771  struct
1772  {
1773  UCHAR WaitBlockFill7[3 * sizeof(KWAIT_BLOCK) + FIELD_OFFSET(KWAIT_BLOCK, SpareLong)]; // 32bit: -, 64bit: 164/0xA4
1774  union
1775  {
1776  struct
1777  {
1778  SHORT KernelApcDisable;
1779  SHORT SpecialApcDisable;
1780  };
1781  ULONG CombinedApcDisable;
1782  };
1783  };
1784 #endif
1785  struct
1786  {
1787  UCHAR WaitBlockFill8[FIELD_OFFSET(KWAIT_BLOCK, SparePtr)]; // 32bit: 20/0x14, 64bit: 40/0x28
1788  struct _KTHREAD_COUNTERS *ThreadCounters;
1789  };
1790  struct
1791  {
1792  UCHAR WaitBlockFill9[1 * sizeof(KWAIT_BLOCK) + FIELD_OFFSET(KWAIT_BLOCK, SparePtr)]; // 32bit: 44/0x2C, 64bit: 88/0x58
1793  PXSTATE_SAVE XStateSave;
1794  };
1795  struct
1796  {
1797  UCHAR WaitBlockFill10[2 * sizeof(KWAIT_BLOCK) + FIELD_OFFSET(KWAIT_BLOCK, SparePtr)]; // 32bit: 68/0x44, 64bit: 136/0x88
1798  PVOID Win32Thread;
1799  };
1800  struct
1801  {
1802  UCHAR WaitBlockFill11[3 * sizeof(KWAIT_BLOCK) + FIELD_OFFSET(KWAIT_BLOCK, Object)]; // 32bit: 88/0x58, 64bit: 176/0xB0
1803 #ifdef _WIN64
1804  struct _UMS_CONTROL_BLOCK* Ucb;
1805  struct _KUMS_CONTEXT_HEADER* Uch;
1806 #else
1807  ULONG WaitTime;
1808  union
1809  {
1810  struct
1811  {
1812  SHORT KernelApcDisable;
1813  SHORT SpecialApcDisable;
1814  };
1815  ULONG CombinedApcDisable;
1816  };
1817 #endif
1818  };
1819  };
1820 
1821 #ifdef _WIN64
1822  PVOID TebMappedLowVa;
1823 #endif
1824  LIST_ENTRY QueueListEntry;
1825 #if (NTDDI_VERSION >= 0x060223F0) // since 6.2.9200.16384
1826  union
1827  {
1828  ULONG NextProcessor;
1829  struct
1830  {
1831  ULONG NextProcessorNumber : 31;
1832  ULONG SharedReadyQueue : 1;
1833  };
1834  };
1835  LONG QueuePriority;
1836 #else
1837  ULONG NextProcessor;
1838  ULONG DeferredProcessor;
1839 #endif
1840  PKPROCESS Process;
1841 
1842  union
1843  {
1844  GROUP_AFFINITY UserAffinity;
1845  struct
1846  {
1847  UCHAR UserAffinityFill[FIELD_OFFSET(GROUP_AFFINITY, Reserved)]; // 32bit: 6/0x6, 64bit: 10/0x0A
1848  CHAR PreviousMode;
1849  CHAR BasePriority;
1850  union
1851  {
1852  CHAR PriorityDecrement;
1853  struct
1854  {
1855  UCHAR ForegroundBoost : 4;
1856  UCHAR UnusualBoost : 4;
1857  };
1858  };
1859  UCHAR Preempted;
1860  UCHAR AdjustReason;
1861  CHAR AdjustIncrement;
1862  };
1863  };
1864 
1865 #if (NTDDI_VERSION >= NTDDI_WIN10) // since 10.0.10240.16384
1866  ULONG_PTR AffinityVersion;
1867 #endif
1868  union
1869  {
1870  GROUP_AFFINITY Affinity;
1871  struct
1872  {
1873  UCHAR AffinityFill[FIELD_OFFSET(GROUP_AFFINITY, Reserved)]; // 32bit: 6/0x6, 64bit: 10/0x0A
1874  UCHAR ApcStateIndex;
1875  UCHAR WaitBlockCount;
1876  ULONG IdealProcessor;
1877  };
1878  };
1879 
1880 #if (NTDDI_VERSION >= NTDDI_WIN10) // since 10.0.10240.16384
1881 #ifdef _WIN64
1882  ULONG64 NpxState;
1883 #else
1884  ULONG Spare15;
1885 #endif
1886 #else
1887  PKAPC_STATE ApcStatePointer[2];
1888 #endif
1889 
1890  union
1891  {
1892  KAPC_STATE SavedApcState;
1893  struct
1894  {
1895  UCHAR SavedApcStateFill[FIELD_OFFSET(KAPC_STATE, UserApcPending) + 1]; // 32bit: 23/0x17, 64bit: 43/0x2B
1896  UCHAR WaitReason;
1897  CHAR SuspendCount;
1898  CHAR Saturation;
1899  SHORT SListFaultCount;
1900  };
1901  };
1902 
1903  union
1904  {
1905  KAPC SchedulerApc;
1906  struct
1907  {
1908  UCHAR SchedulerApcFill0[FIELD_OFFSET(KAPC, SpareByte0)]; // 32bit: 1/0x01, 64bit: 1/0x01
1909  UCHAR ResourceIndex;
1910  };
1911  struct
1912  {
1913  UCHAR SchedulerApcFill1[FIELD_OFFSET(KAPC, SpareByte1)]; // 32bit: 3/0x03, 64bit: 3/0x03
1914  UCHAR QuantumReset;
1915  };
1916  struct
1917  {
1918  UCHAR SchedulerApcFill2[FIELD_OFFSET(KAPC, SpareLong0)]; // 32bit: 4/0x04, 64bit: 4/0x04
1919  ULONG KernelTime;
1920  };
1921  struct
1922  {
1923  UCHAR SuspendApcFill3[FIELD_OFFSET(KAPC, SystemArgument1)]; // 32 bit:, 64 bit: 64/0x40
1924  PKPRCB WaitPrcb;
1925  };
1926  struct
1927  {
1928  UCHAR SchedulerApcFill4[FIELD_OFFSET(KAPC, SystemArgument2)]; // 32 bit:, 64 bit: 72/0x48
1929  PVOID LegoData;
1930  };
1931  struct
1932  {
1933  UCHAR SchedulerApcFill5[FIELD_OFFSET(KAPC, Inserted) + 1]; // 32 bit:, 64 bit: 83/0x53
1934  UCHAR CallbackNestingLevel;
1935  ULONG UserTime;
1936  };
1937  };
1938 
1939  KEVENT SuspendEvent;
1940  LIST_ENTRY ThreadListEntry;
1941  LIST_ENTRY MutantListHead;
1942 
1943 #if (NTDDI_VERSION >= NTDDI_WIN10)
1944  UCHAR AbEntrySummary;
1945  UCHAR AbWaitEntryCount;
1946  USHORT Spare20;
1947 #if _WIN64
1948  ULONG SecureThreadCookie;
1949 #endif
1950 #elif (NTDDI_VERSION >= NTDDI_WINBLUE) // 6.3.9431.0
1951  SINGLE_LIST_ENTRY LockEntriesFreeList;
1952 #endif
1953 
1954 #if (NTDDI_VERSION >= NTDDI_WINBLUE /* 0x06032580 */) // since 6.3.9600.16384
1955  KLOCK_ENTRY LockEntries[NUMBER_OF_LOCK_ENTRIES];
1956  SINGLE_LIST_ENTRY PropagateBoostsEntry;
1957  SINGLE_LIST_ENTRY IoSelfBoostsEntry;
1958  UCHAR PriorityFloorCounts[16];
1959  ULONG PriorityFloorSummary;
1960  volatile LONG AbCompletedIoBoostCount;
1961  #if (NTDDI_VERSION >= NTDDI_WIN10_RS1)
1962  LONG AbCompletedIoQoSBoostCount;
1963  #endif
1964 
1965  #if (NTDDI_VERSION >= NTDDI_WIN10) // since 10.0.10240.16384
1966  volatile SHORT KeReferenceCount;
1967  #else
1968  volatile SHORT AbReferenceCount;
1969  #endif
1970  #if (NTDDI_VERSION >= 0x06040000) // since 6.4.9841.0
1971  UCHAR AbOrphanedEntrySummary;
1972  UCHAR AbOwnedEntryCount;
1973  #else
1974  UCHAR AbFreeEntryCount;
1975  UCHAR AbWaitEntryCount;
1976  #endif
1977  ULONG ForegroundLossTime;
1978  union
1979  {
1980  LIST_ENTRY GlobalForegroundListEntry;
1981  struct
1982  {
1983  SINGLE_LIST_ENTRY ForegroundDpcStackListEntry;
1984  ULONG_PTR InGlobalForegroundList;
1985  };
1986  };
1987 #endif
1988 
1989 #if _WIN64
1990  LONG64 ReadOperationCount;
1991  LONG64 WriteOperationCount;
1992  LONG64 OtherOperationCount;
1993  LONG64 ReadTransferCount;
1994  LONG64 WriteTransferCount;
1995  LONG64 OtherTransferCount;
1996 #endif
1997 #if (NTDDI_VERSION >= NTDDI_WIN10) // since 10.0.10041.0
1998  struct _KSCB *QueuedScb;
1999 #ifndef _WIN64
2000  ULONG64 NpxState;
2001 #endif
2002 #endif
2003 } KTHREAD;
2004 
2005 #endif
2006 
2007 
2008 #define ASSERT_THREAD(object) \
2009  ASSERT((((object)->Header.Type & KOBJECT_TYPE_MASK) == ThreadObject))
2010 
2011 //
2012 // Kernel Process (KPROCESS)
2013 //
2014 typedef struct _KPROCESS
2015 {
2016  DISPATCHER_HEADER Header;
2017  LIST_ENTRY ProfileListHead;
2018 #if (NTDDI_VERSION >= NTDDI_LONGHORN)
2019  ULONG_PTR DirectoryTableBase;
2020  ULONG_PTR Unused0;
2021 #else
2022  ULONG_PTR DirectoryTableBase[2];
2023 #endif
2024 #if defined(_M_IX86)
2025  KGDTENTRY LdtDescriptor;
2026  KIDTENTRY Int21Descriptor;
2027 #endif
2028  USHORT IopmOffset;
2029 #if defined(_M_IX86)
2030  UCHAR Iopl;
2031  UCHAR Unused;
2032 #endif
2033  volatile KAFFINITY ActiveProcessors;
2034  ULONG KernelTime;
2035  ULONG UserTime;
2036  LIST_ENTRY ReadyListHead;
2037  SINGLE_LIST_ENTRY SwapListEntry;
2038  PVOID VdmTrapcHandler;
2039  LIST_ENTRY ThreadListHead;
2040  KSPIN_LOCK ProcessLock;
2041  KAFFINITY Affinity;
2042  union
2043  {
2044  struct
2045  {
2046  LONG AutoAlignment:1;
2047  LONG DisableBoost:1;
2048  LONG DisableQuantum:1;
2049  LONG ReservedFlags:29;
2050  };
2051  LONG ProcessFlags;
2052  };
2053  SCHAR BasePriority;
2054  SCHAR QuantumReset;
2055  UCHAR State;
2056  UCHAR ThreadSeed;
2057  UCHAR PowerState;
2058  UCHAR IdealNode;
2059  UCHAR Visited;
2060  union
2061  {
2062  KEXECUTE_OPTIONS Flags;
2063  UCHAR ExecuteOptions;
2064  };
2065  ULONG StackCount;
2066  LIST_ENTRY ProcessListEntry;
2067 #if (NTDDI_VERSION >= NTDDI_LONGHORN) // [
2068  ULONGLONG CycleTime;
2069 #endif // ]
2070 } KPROCESS;
2071 
2072 #define ASSERT_PROCESS(object) \
2073  ASSERT((((object)->Header.Type & KOBJECT_TYPE_MASK) == ProcessObject))
2074 
2075 //
2076 // System Service Table Descriptor
2077 //
2078 typedef struct _KSERVICE_TABLE_DESCRIPTOR
2079 {
2080  PULONG_PTR Base;
2081  PULONG Count;
2082  ULONG Limit;
2083 #if defined(_IA64_)
2084  LONG TableBaseGpOffset;
2085 #endif
2086  PUCHAR Number;
2087 } KSERVICE_TABLE_DESCRIPTOR, *PKSERVICE_TABLE_DESCRIPTOR;
2088 
2089 #if (NTDDI_VERSION >= NTDDI_WIN8)
2090 //
2091 // Entropy Timing State
2092 //
2093 typedef struct _KENTROPY_TIMING_STATE
2094 {
2095  ULONG EntropyCount;
2096  ULONG Buffer[64];
2097  KDPC Dpc;
2098  ULONG LastDeliveredBuffer;
2099  PULONG RawDataBuffer;
2100 } KENTROPY_TIMING_STATE, *PKENTROPY_TIMING_STATE;
2101 
2102 //
2103 // Constants from ks386.inc, ksamd64.inc and ksarm.h
2104 //
2105 #define KENTROPY_TIMING_INTERRUPTS_PER_BUFFER 0x400
2106 #define KENTROPY_TIMING_BUFFER_MASK 0x7ff
2107 #define KENTROPY_TIMING_ANALYSIS 0x0
2108 
2109 #endif /* (NTDDI_VERSION >= NTDDI_WIN8) */
2110 
2111 //
2112 // Exported Loader Parameter Block
2113 //
2114 extern struct _LOADER_PARAMETER_BLOCK NTSYSAPI *KeLoaderBlock;
2115 
2116 //
2117 // Exported Hardware Data
2118 //
2119 extern ULONG NTSYSAPI KiDmaIoCoherency;
2120 extern ULONG NTSYSAPI KeMaximumIncrement;
2121 extern ULONG NTSYSAPI KeMinimumIncrement;
2122 extern ULONG NTSYSAPI KeDcacheFlushCount;
2123 extern ULONG NTSYSAPI KeIcacheFlushCount;
2124 extern ULONG_PTR NTSYSAPI KiBugCheckData[];
2125 extern BOOLEAN NTSYSAPI KiEnableTimerWatchdog;
2126 
2127 //
2128 // Exported System Service Descriptor Tables
2129 //
2130 extern KSERVICE_TABLE_DESCRIPTOR NTSYSAPI KeServiceDescriptorTable[SSDT_MAX_ENTRIES];
2131 extern KSERVICE_TABLE_DESCRIPTOR NTSYSAPI KeServiceDescriptorTableShadow[SSDT_MAX_ENTRIES];
2132 
2133 #endif // !NTOS_MODE_USER
2134 
2135 #endif // _KETYPES_H
_EXCEPTION_REGISTRATION_RECORD
Definition: compat.h:583
_KUSER_SHARED_DATA::LargePageMinimum
ULONG LargePageMinimum
Definition: ketypes.h:1162
_KPROFILE::Started
BOOLEAN Started
Definition: ketypes.h:859
_KINTERRUPT::ServiceCount
ULONG ServiceCount
Definition: ketypes.h:891
_KWAIT_REASON
_KWAIT_REASON
Definition: ketypes.h:402
_KPROFILE::Type
CSHORT Type
Definition: ketypes.h:848
_KTHREAD::SuspendApcFill3
UCHAR SuspendApcFill3[FIELD_OFFSET(KAPC, SystemArgument1)]
Definition: ketypes.h:1923
_FIBER::StackBase
PVOID StackBase
Definition: ketypes.h:183
_KPROCESS::QuantumReset
SCHAR QuantumReset
Definition: ketypes.h:2054
_KTHREAD::ThreadFlags
LONG ThreadFlags
Definition: ketypes.h:1689
_KSYSTEM_TIME::LowPart
ULONG LowPart
Definition: ketypes.h:917
_FIBER::FiberContext
CONTEXT FiberContext
Definition: ketypes.h:186
KTIMER_TABLE
struct _KTIMER_TABLE KTIMER_TABLE
_KTHREAD::AbCompletedIoQoSBoostCount
LONG AbCompletedIoQoSBoostCount
Definition: ketypes.h:1962
_KUSER_SHARED_DATA::NtMinorVersion
ULONG NtMinorVersion
Definition: ketypes.h:1167
_KPROFILE::Buffer
PVOID Buffer
Definition: ketypes.h:855
Unused
_Must_inspect_result_ typedef _In_ PVOID Unused
Definition: iotypes.h:1166
_SYNCH_COUNTERS::ExAcqResSharedWaitForExclusiveAttempts
ULONG ExAcqResSharedWaitForExclusiveAttempts
Definition: ketypes.h:757
_KTHREAD::FreezeCount
ULONG FreezeCount
Definition: ketypes.h:1669
IN
#define IN
Definition: typedefs.h:39
_KPROCESS::Unused0
ULONG_PTR Unused0
Definition: ketypes.h:2020
_KUSER_SHARED_DATA::SharedDataFlags
ULONG SharedDataFlags
Definition: ketypes.h:1199
_VDMSERVICECLASS
_VDMSERVICECLASS
Definition: ketypes.h:493
_KTHREAD
Definition: ketypes.h:1591
_KUSER_SHARED_DATA
Definition: ketypes.h:1150
_KTHREAD::AutoBoostActive
ULONG AutoBoostActive
Definition: ketypes.h:1621
_KLOCK_ENTRY::Spare1
UCHAR Spare1
Definition: ketypes.h:1040
PKPROCESS_STATE
enum _KPROCESS_STATE * PKPROCESS_STATE
_RTL_BALANCED_NODE
Definition: ntdef.template.h:321
_KINTERRUPT::Connected
BOOLEAN Connected
Definition: ketypes.h:884
_KPROFILE::Affinity
KAFFINITY Affinity
Definition: ketypes.h:857
_KTIMER_TABLE_ENTRY::Lock
KSPIN_LOCK Lock
Definition: ketypes.h:706
_KUSER_SHARED_DATA::UserModeGlobalLogger
USHORT UserModeGlobalLogger[16]
Definition: ketypes.h:1235
_KTHREAD::EtwStackTraceApcInserted
ULONG EtwStackTraceApcInserted
Definition: ketypes.h:1684
_KLOCK_ENTRY::AllBoosts
USHORT AllBoosts
Definition: ketypes.h:1107
_KTHREAD::UserIdealProcessor
ULONG UserIdealProcessor
Definition: ketypes.h:1715
KAPC_STATE
KAPC_STATE
Definition: ketypes.h:1280
_KTHREAD::TimerActive
ULONG TimerActive
Definition: ketypes.h:1638
_KUSER_SHARED_DATA::Cookie
ULONG Cookie
Definition: ketypes.h:1227
KENTROPY_TIMING_STATE
struct _KENTROPY_TIMING_STATE KENTROPY_TIMING_STATE
_KPROCESS::DisableBoost
LONG DisableBoost
Definition: ketypes.h:2047
_KTHREAD::Spare20
USHORT Spare20
Definition: ketypes.h:1946
_KPROCESS_STATE
_KPROCESS_STATE
Definition: ketypes.h:481
_SYNCH_COUNTERS::ExTryToAcqExclusiveAttempts
ULONG ExTryToAcqExclusiveAttempts
Definition: ketypes.h:766
_KTHREAD::AbWaitEntryCount
UCHAR AbWaitEntryCount
Definition: ketypes.h:1945
_KPROFILE::RangeBase
PVOID RangeBase
Definition: ketypes.h:852
KDPC_DATA
struct _KDPC_DATA KDPC_DATA
_KLOCK_ENTRY::WaiterTree
RTL_RB_TREE WaiterTree
Definition: ketypes.h:1097
_KINTERRUPT::SpinLock
KSPIN_LOCK SpinLock
Definition: ketypes.h:876
_GENERAL_LOOKASIDE
Definition: extypes.h:134
_KUSER_SHARED_DATA::Reserved2
ULONG Reserved2[7]
Definition: ketypes.h:1163
_GETSETCONTEXT::Context
CONTEXT Context
Definition: ketypes.h:840
KAPC_ENVIRONMENT
enum _KAPC_ENVIRONMENT KAPC_ENVIRONMENT
_KTHREAD::EnableStackSwap
ULONG EnableStackSwap
Definition: ketypes.h:1661
_KENTROPY_TIMING_STATE::LastDeliveredBuffer
ULONG LastDeliveredBuffer
Definition: ketypes.h:2098
_ALTERNATIVE_ARCHITECTURE_TYPE
_ALTERNATIVE_ARCHITECTURE_TYPE
Definition: ketypes.h:889
_KTHREAD::AlertedByThreadId
ULONG AlertedByThreadId
Definition: ketypes.h:1659
_KTHREAD::AbCompletedIoBoostCount
volatile LONG AbCompletedIoBoostCount
Definition: ketypes.h:1960
_KTIMER_TABLE::TimerEntries
KTIMER_TABLE_ENTRY TimerEntries[256]
Definition: ketypes.h:715
_KPROCESS::DirectoryTableBase
ULONG_PTR DirectoryTableBase
Definition: ketypes.h:2019
KOBJECTS
enum _KOBJECTS KOBJECTS
_KPROCESS::State
UCHAR State
Definition: ketypes.h:2055
_KTHREAD::SpecialApcDisable
SHORT SpecialApcDisable
Definition: ketypes.h:1813
_KLOCK_ENTRY::IoNormalPriorityWaiterCount
USHORT IoNormalPriorityWaiterCount
Definition: ketypes.h:1119
_KQUEUE
Definition: ketypes.h:1286
_KLOCK_ENTRY::AcquiredBit
UCHAR AcquiredBit
Definition: ketypes.h:1030
_SINGLE_LIST_ENTRY
Definition: ntbasedef.h:628
_KTIMER
Definition: ketypes.h:839
_KTHREAD::ForegroundLossTime
ULONG ForegroundLossTime
Definition: ketypes.h:1977
_KTHREAD::CombinedApcDisable
ULONG CombinedApcDisable
Definition: ketypes.h:1815
_FIBER::ExceptionList
struct _EXCEPTION_REGISTRATION_RECORD * ExceptionList
Definition: ketypes.h:182
StartRoutine
_In_ ULONG _In_opt_ POBJECT_ATTRIBUTES _In_opt_ HANDLE _Out_opt_ PCLIENT_ID _In_ PKSTART_ROUTINE StartRoutine
Definition: psfuncs.h:87
_KLOCK_ENTRY::EntryFlags
ULONG EntryFlags
Definition: ketypes.h:1014
_KDPC_LIST::LastEntry
SINGLE_LIST_ENTRY * LastEntry
Definition: ketypes.h:721
_SYNCH_COUNTERS::ExSetResOwnerPointerExclusive
ULONG ExSetResOwnerPointerExclusive
Definition: ketypes.h:763
_KUSER_SHARED_DATA::SystemExpirationDate
LARGE_INTEGER SystemExpirationDate
Definition: ketypes.h:1174
_KTHREAD::UserStackWalkActive
ULONG UserStackWalkActive
Definition: ketypes.h:1634
_KPROCESS::BasePriority
SCHAR BasePriority
Definition: ketypes.h:2053
_KTHREAD::SavedApcState
KAPC_STATE SavedApcState
Definition: ketypes.h:1892
_KPROCESS::ProcessFlags
LONG ProcessFlags
Definition: ketypes.h:2051
_SYNCH_COUNTERS::ExSetResOwnerPointerSharedOld
ULONG ExSetResOwnerPointerSharedOld
Definition: ketypes.h:765
_SYNCH_COUNTERS::ExAcqResExclusiveAttempts
ULONG ExAcqResExclusiveAttempts
Definition: ketypes.h:740
_KTHREAD::ServiceTable
PVOID ServiceTable
Definition: ketypes.h:1603
_KTHREAD::UnusualBoost
UCHAR UnusualBoost
Definition: ketypes.h:1856
_FIBER::StackLimit
PVOID StackLimit
Definition: ketypes.h:184
_KOBJECTS
_KOBJECTS
Definition: ketypes.h:427
_KTRAP_FRAME
Definition: ketypes.h:310
_KTHREAD::SchedulerApcFill2
UCHAR SchedulerApcFill2[FIELD_OFFSET(KAPC, SpareLong0)]
Definition: ketypes.h:1918
_KSERVICE_TABLE_DESCRIPTOR::Number
PUCHAR Number
Definition: ketypes.h:2086
_KTHREAD::ThreadCounters
struct _KTHREAD_COUNTERS * ThreadCounters
Definition: ketypes.h:1788
_KTHREAD::SchedulerApcFill5
UCHAR SchedulerApcFill5[FIELD_OFFSET(KAPC, Inserted)+1]
Definition: ketypes.h:1933
PUCHAR
unsigned char * PUCHAR
Definition: retypes.h:3
CHAR
char CHAR
Definition: xmlstorage.h:175
_KEVENT_PAIR::Size
CSHORT Size
Definition: ketypes.h:909
_KTHREAD::ProcessDetachActive
ULONG ProcessDetachActive
Definition: ketypes.h:1640
_KINTERRUPT::MessageServiceRoutine
PKSERVICE_ROUTINE MessageServiceRoutine
Definition: ketypes.h:872
_KPROCESS::IopmOffset
USHORT IopmOffset
Definition: ketypes.h:2028
_KTHREAD::SListFaultAddress
PVOID SListFaultAddress
Definition: ketypes.h:1594
_KLOCK_ENTRY_LOCK_STATE
Definition: ketypes.h:974
PKTIMER_TABLE_ENTRY
struct _KTIMER_TABLE_ENTRY * PKTIMER_TABLE_ENTRY
_KUSER_SHARED_DATA::ConsoleSessionForegroundProcessId
LONGLONG ConsoleSessionForegroundProcessId
Definition: ketypes.h:1230
_KSERVICE_TABLE_DESCRIPTOR::Limit
ULONG Limit
Definition: ketypes.h:2082
_KTHREAD::Spare15
ULONG Spare15
Definition: ketypes.h:1884
_KTHREAD::CommitFailTerminateRequest
ULONG CommitFailTerminateRequest
Definition: ketypes.h:1680
_KEXECUTE_OPTIONS
Definition: ketypes.h:917
KWAIT_STATUS_REGISTER
union _KWAIT_STATUS_REGISTER KWAIT_STATUS_REGISTER
_KUSER_SHARED_DATA::TestRetInstruction
ULONGLONG TestRetInstruction
Definition: ketypes.h:1215
_KTHREAD::Priority
SCHAR Priority
Definition: ketypes.h:1714
_KUSER_SHARED_DATA::MaxStackTraceDepth
ULONG MaxStackTraceDepth
Definition: ketypes.h:1159
_KLOCK_ENTRY::AcquiredByte
UCHAR AcquiredByte
Definition: ketypes.h:1029
State
_In_ ULONG _In_ ULONG State
Definition: potypes.h:516
KCONTINUE_STATUS
enum _KCONTINUE_STATUS KCONTINUE_STATUS
_KWAIT_STATUS_REGISTER::Unused
UCHAR Unused
Definition: ketypes.h:940
PKUSER_SHARED_DATA
struct _KUSER_SHARED_DATA * PKUSER_SHARED_DATA
_KTHREAD::UmsPerformingSyscall
ULONG UmsPerformingSyscall
Definition: ketypes.h:1645
_COUNTER_READING::Total
ULONG64 Total
Definition: ketypes.h:949
_KNODE::_flags::Removable
UCHAR Removable
Definition: ketypes.h:823
KDPC_LIST
struct _KDPC_LIST KDPC_LIST
_KUSER_SHARED_DATA::CryptoExponent
ULONG CryptoExponent
Definition: ketypes.h:1160
_KTHREAD::Saturation
CHAR Saturation
Definition: ketypes.h:1898
_KTHREAD::Alerted
BOOLEAN Alerted[MaximumMode]
Definition: ketypes.h:1612
Period
_In_ LARGE_INTEGER _In_ ULONG Period
Definition: kefuncs.h:1324
_FIBER
Definition: ketypes.h:179
_KTHREAD::TrapFrame
PKTRAP_FRAME TrapFrame
Definition: ketypes.h:1706
_KTHREAD::QuantumDonation
ULONG QuantumDonation
Definition: ketypes.h:1660
_COUNTER_READING
Definition: ketypes.h:944
_KLOCK_ENTRY_LOCK_STATE::InTree
ULONG_PTR InTree
Definition: ketypes.h:987
_KTHREAD::SystemThread
ULONG SystemThread
Definition: ketypes.h:1639
KEXECUTE_OPTIONS
struct _KEXECUTE_OPTIONS KEXECUTE_OPTIONS
_SYNCH_COUNTERS::ExEtwSynchTrackingNotificationsCount
ULONG ExEtwSynchTrackingNotificationsCount
Definition: ketypes.h:770
_SYNCH_COUNTERS::IpiSendRequestBroadcastCount
ULONG IpiSendRequestBroadcastCount
Definition: ketypes.h:729
_XSTATE_SAVE
Definition: ketypes.h:977
_SYNCH_COUNTERS::ExAcqResSharedAttempts
ULONG ExAcqResSharedAttempts
Definition: ketypes.h:745
PKSPIN_LOCK
KSPIN_LOCK * PKSPIN_LOCK
Definition: env_spec_w32.h:73
_KUSER_SHARED_DATA::TimeSlip
volatile ULONG TimeSlip
Definition: ketypes.h:1171
_KTHREAD::WaitBlockList
PKWAIT_BLOCK WaitBlockList
Definition: ketypes.h:1732
_KTHREAD::Reserved
ULONG Reserved
Definition: ketypes.h:1647
_KINTERRUPT::Type
CSHORT Type
Definition: ketypes.h:867
_KLOCK_ENTRY::IoQoSBoost
USHORT IoQoSBoost
Definition: ketypes.h:1118
_KENTROPY_TIMING_STATE::RawDataBuffer
PULONG RawDataBuffer
Definition: ketypes.h:2099
_KTHREAD::UserAffinitySet
ULONG UserAffinitySet
Definition: ketypes.h:1658
_KTHREAD::DeferPreemption
ULONG DeferPreemption
Definition: ketypes.h:1665
_KLOCK_ENTRY
Definition: ketypes.h:1004
INT_PTR
int32_t INT_PTR
Definition: typedefs.h:64
_HARDWARE_COUNTER_TYPE
_HARDWARE_COUNTER_TYPE
Definition: pstypes.h:123
SSDT_MAX_ENTRIES
#define SSDT_MAX_ENTRIES
Definition: ketypes.h:100
_KTHREAD::Process
PKPROCESS Process
Definition: ketypes.h:1840
NUMBER_OF_LOCK_ENTRIES
#define NUMBER_OF_LOCK_ENTRIES
Definition: ketypes.h:1588
PKEVENT_PAIR
struct _KEVENT_PAIR * PKEVENT_PAIR
_KTHREAD::ProcessReadyQueue
ULONG ProcessReadyQueue
Definition: ketypes.h:1627
_KLOCK_ENTRY_LOCK_STATE::Busy
ULONG_PTR Busy
Definition: ketypes.h:985
KEVENT_PAIR
struct _KEVENT_PAIR KEVENT_PAIR
KiDmaIoCoherency
ULONG NTSYSAPI KiDmaIoCoherency
Definition: cpu.c:27
_KNODE::PfnDeferredList
struct _SINGLE_LIST_ENTRY * PfnDeferredList
Definition: ketypes.h:828
_KLOCK_ENTRY::LockState
KLOCK_ENTRY_LOCK_STATE LockState
Definition: ketypes.h:1068
KeIcacheFlushCount
ULONG NTSYSAPI KeIcacheFlushCount
Definition: cpu.c:19
_KUSER_SHARED_DATA::InterruptTime
volatile KSYSTEM_TIME InterruptTime
Definition: ketypes.h:1153
NTSYSAPI
#define NTSYSAPI
Definition: ntoskrnl.h:14
_SYNCH_COUNTERS::ExAcqResExclusiveAcquiresExclusiveRecursive
ULONG ExAcqResExclusiveAcquiresExclusiveRecursive
Definition: ketypes.h:742
_KGDTENTRY
Definition: ketypes.h:333
_KINTERRUPT::FloatingSave
BOOLEAN FloatingSave
Definition: ketypes.h:883
_KEXECUTE_OPTIONS::ExecuteDisable
UCHAR ExecuteDisable
Definition: ketypes.h:919
_SYNCH_COUNTERS::ExAcqResSharedStarveExclusiveAttempts
ULONG ExAcqResSharedStarveExclusiveAttempts
Definition: ketypes.h:751
_SYNCH_COUNTERS::ExAcqResSharedStarveExclusiveWaits
ULONG ExAcqResSharedStarveExclusiveWaits
Definition: ketypes.h:755
SYNCH_COUNTERS
struct _SYNCH_COUNTERS SYNCH_COUNTERS
_KUSER_SHARED_DATA::SystemCallReturn
ULONG SystemCallReturn
Definition: ketypes.h:1217
_RTL_RB_TREE
FIXME: should move to rtltypes.h, but we can't include it here.
Definition: ketypes.h:966
_KLOCK_ENTRY::FreeListEntry
SINGLE_LIST_ENTRY FreeListEntry
Definition: ketypes.h:1009
_KTHREAD_COUNTERS::HardwareCounters
ULONG64 HardwareCounters
Definition: ketypes.h:959
_KDPC_DATA::DpcLock
ULONG_PTR DpcLock
Definition: ketypes.h:784
_SYNCH_COUNTERS::ExAcqResSharedWaits
ULONG ExAcqResSharedWaits
Definition: ketypes.h:749
_KTHREAD_COUNTERS
Definition: ketypes.h:952
_KTHREAD::UmsDirectedSwitchEnable
ULONG UmsDirectedSwitchEnable
Definition: ketypes.h:1637
_KPROFILE_SOURCE
_KPROFILE_SOURCE
Definition: winternl.h:2122
_SYNCH_COUNTERS::ExAcqResSharedStarveExclusiveAcquiresExclusive
ULONG ExAcqResSharedStarveExclusiveAcquiresExclusive
Definition: ketypes.h:752
_KTIMER_TABLE::TimerExpiry
PKTIMER TimerExpiry[64]
Definition: ketypes.h:714
PKDPC_DATA
struct _KDPC_DATA * PKDPC_DATA
_KINTERRUPT::Mode
KINTERRUPT_MODE Mode
Definition: ketypes.h:887
KPROCESS_STATE
enum _KPROCESS_STATE KPROCESS_STATE
_KTHREAD::HighCycleTime
volatile ULONG HighCycleTime
Definition: ketypes.h:1602
PKSERVICE_ROUTINE
KSERVICE_ROUTINE * PKSERVICE_ROUTINE
Definition: ketypes.h:500
_KTHREAD::ExplicitIdealProcessor
ULONG ExplicitIdealProcessor
Definition: ketypes.h:1668
_KSERVICE_TABLE_DESCRIPTOR::Count
PULONG Count
Definition: ketypes.h:2081
_SYNCH_COUNTERS::ExAcqResSharedAcquiresExclusive
ULONG ExAcqResSharedAcquiresExclusive
Definition: ketypes.h:746
_KTIMER_TABLE_ENTRY
Definition: ketypes.h:703
_TIMER_TYPE
_TIMER_TYPE
Definition: ntdef.template.h:360
_KTHREAD::WaitPrcb
PKPRCB WaitPrcb
Definition: ketypes.h:1924
ULONG_PTR
uint32_t ULONG_PTR
Definition: typedefs.h:65
_KLOCK_ENTRY_LOCK_STATE::LockState
PVOID LockState
Definition: ketypes.h:989
_KTHREAD::NextProcessor
ULONG NextProcessor
Definition: ketypes.h:1837
_KUSER_SHARED_DATA::SafeBootMode
BOOLEAN SafeBootMode
Definition: ketypes.h:1185
_KPROCESS::ReservedFlags
LONG ReservedFlags
Definition: ketypes.h:2049
_KNODE::DeadStackList
SLIST_HEADER DeadStackList
Definition: ketypes.h:816
_KTHREAD::AutoAlignment
ULONG AutoAlignment
Definition: ketypes.h:1656
_FIBER::FiberData
PVOID FiberData
Definition: ketypes.h:181
KiEnableTimerWatchdog
BOOLEAN NTSYSAPI KiEnableTimerWatchdog
Definition: timerobj.c:20
_ACTIVATION_CONTEXT_STACK
Definition: rtltypes.h:969
_KLOCK_ENTRY::IoQoSWaiter
UCHAR IoQoSWaiter
Definition: ketypes.h:1039
PRTL_RB_TREE
struct _RTL_RB_TREE * PRTL_RB_TREE
PCOUNTER_READING
struct _COUNTER_READING * PCOUNTER_READING
KIRQL
UCHAR KIRQL
Definition: env_spec_w32.h:591
_KPROFILE::Process
struct _KPROCESS * Process
Definition: ketypes.h:851
_SYNCH_COUNTERS::ExecutiveResourceReleaseSharedCount
ULONG ExecutiveResourceReleaseSharedCount
Definition: ketypes.h:738
_KTHREAD::PriorityFloorCounts
UCHAR PriorityFloorCounts[16]
Definition: ketypes.h:1958
_KLOCK_ENTRY::AllFlags
ULONG AllFlags
Definition: ketypes.h:1047
PNT_PRODUCT_TYPE
enum _NT_PRODUCT_TYPE * PNT_PRODUCT_TYPE
_SYNCH_COUNTERS::ExBoostSharedOwners
ULONG ExBoostSharedOwners
Definition: ketypes.h:769
_KLOCK_ENTRY::TreeNode
RTL_BALANCED_NODE TreeNode
Definition: ketypes.h:1008
PKSYSTEM_ROUTINE
VOID(NTAPI * PKSYSTEM_ROUTINE)(PKSTART_ROUTINE StartRoutine, PVOID StartContext)
Definition: ketypes.h:667
GETSETCONTEXT
struct _GETSETCONTEXT GETSETCONTEXT
_KTHREAD::XStateSave
PXSTATE_SAVE XStateSave
Definition: ketypes.h:1793
_KTHREAD::ForegroundDpcStackListEntry
SINGLE_LIST_ENTRY ForegroundDpcStackListEntry
Definition: ketypes.h:1983
NTAPI
NTSTATUS(* NTAPI)(IN PFILE_FULL_EA_INFORMATION EaBuffer, IN ULONG EaLength, OUT PULONG ErrorOffset)
Definition: IoEaTest.cpp:117
_KTHREAD::MiscFlags
LONG MiscFlags
Definition: ketypes.h:1649
_KWAIT_STATUS_REGISTER::UserApc
UCHAR UserApc
Definition: ketypes.h:938
_KUSER_SHARED_DATA::NtMajorVersion
ULONG NtMajorVersion
Definition: ketypes.h:1166
_KTHREAD::KernelApcDisable
SHORT KernelApcDisable
Definition: ketypes.h:1812
_KPROFILE::Source
KPROFILE_SOURCE Source
Definition: ketypes.h:858
_KTHREAD::CallbackNestingLevel
UCHAR CallbackNestingLevel
Definition: ketypes.h:1934
_KUSER_SHARED_DATA::ImageFileExecutionOptions
ULONG ImageFileExecutionOptions
Definition: ketypes.h:1241
_KINTERRUPT::TickCount
ULONG TickCount
Definition: ketypes.h:877
PKSTART_ROUTINE
KSTART_ROUTINE * PKSTART_ROUTINE
Definition: ketypes.h:487
_KUSER_SHARED_DATA::SystemTime
volatile KSYSTEM_TIME SystemTime
Definition: ketypes.h:1154
_SYNCH_COUNTERS::ExAcqResSharedWaitForExclusiveAcquiresShared
ULONG ExAcqResSharedWaitForExclusiveAcquiresShared
Definition: ketypes.h:759
_RTL_RB_TREE::Min
PRTL_BALANCED_NODE Min
Definition: ketypes.h:969
_KEXECUTE_OPTIONS::Spare
UCHAR Spare
Definition: ketypes.h:925
_SYNCH_COUNTERS::ExAcqResSharedStarveExclusiveAcquiresShared
ULONG ExAcqResSharedStarveExclusiveAcquiresShared
Definition: ketypes.h:753
_SYNCH_COUNTERS::ExAcqResSharedStarveExclusiveNotAcquires
ULONG ExAcqResSharedStarveExclusiveNotAcquires
Definition: ketypes.h:756
_SYNCH_COUNTERS::ExAcqResSharedNotAcquires
ULONG ExAcqResSharedNotAcquires
Definition: ketypes.h:750
_GETSETCONTEXT::Apc
KAPC Apc
Definition: ketypes.h:837
LONG
long LONG
Definition: pedump.c:60
_SYNCH_COUNTERS::ExSetResOwnerPointerSharedNew
ULONG ExSetResOwnerPointerSharedNew
Definition: ketypes.h:764
_KPROCESS::ExecuteOptions
UCHAR ExecuteOptions
Definition: ketypes.h:2063
_KUSER_SHARED_DATA::NtProductType
NT_PRODUCT_TYPE NtProductType
Definition: ketypes.h:1164
_KDPC_DATA::DpcList
KDPC_LIST DpcList
Definition: ketypes.h:780
_KTHREAD::SystemHeteroCpuPolicy
UCHAR SystemHeteroCpuPolicy
Definition: ketypes.h:1694
_KTHREAD::ApcState
KAPC_STATE ApcState
Definition: ketypes.h:1710
SHORT
short SHORT
Definition: pedump.c:59
_KLOCK_ENTRY::EntryOffset
UCHAR EntryOffset
Definition: ketypes.h:1017
_KTHREAD::SystemAffinityActive
ULONG SystemAffinityActive
Definition: ketypes.h:1629
PKTHREAD_COUNTERS
struct _KTHREAD_COUNTERS * PKTHREAD_COUNTERS
_KTHREAD::FirstArgument
PVOID FirstArgument
Definition: ketypes.h:1705
_KLOCK_ENTRY::SessionId
ULONG SessionId
Definition: ketypes.h:1084
_KUSER_SHARED_DATA::KdDebuggerEnabled
BOOLEAN KdDebuggerEnabled
Definition: ketypes.h:1176
_KLOCK_ENTRY::EntryLock
ULONG_PTR EntryLock
Definition: ketypes.h:1101
_GETSETCONTEXT::Event
KEVENT Event
Definition: ketypes.h:838
_KDPC_LIST
Definition: ketypes.h:718
_KTHREAD::WaitNext
ULONG WaitNext
Definition: ketypes.h:1628
_SYNCH_COUNTERS::ExAcqResSharedAcquiresShared
ULONG ExAcqResSharedAcquiresShared
Definition: ketypes.h:747
_KUSER_SHARED_DATA::TickCountMultiplier
ULONG TickCountMultiplier
Definition: ketypes.h:1152
_SYNCH_COUNTERS::ExAcqResSharedWaitForExclusiveAcquiresSharedRecursive
ULONG ExAcqResSharedWaitForExclusiveAcquiresSharedRecursive
Definition: ketypes.h:760
_KTHREAD_COUNTERS::CycleTimeBias
ULONG64 CycleTimeBias
Definition: ketypes.h:958
_KEXECUTE_OPTIONS::ImageDispatchEnable
UCHAR ImageDispatchEnable
Definition: ketypes.h:924
_KLOCK_ENTRY::CrossThreadReleasableAndBusyByte
volatile UCHAR CrossThreadReleasableAndBusyByte
Definition: ketypes.h:1073
_KTHREAD::UserHeteroCpuPolicy
UCHAR UserHeteroCpuPolicy
Definition: ketypes.h:1695
_KTHREAD::ApcInterruptRequest
ULONG ApcInterruptRequest
Definition: ketypes.h:1635
BOOLEAN
unsigned char BOOLEAN
Definition: ProcessorBind.h:185
_KPROFILE::ProfileListEntry
LIST_ENTRY ProfileListEntry
Definition: ketypes.h:850
_KTHREAD_COUNTERS::WaitReasonBitMap
ULONG64 WaitReasonBitMap
Definition: ketypes.h:954
_KPROCESS::StackCount
ULONG StackCount
Definition: ketypes.h:2065
_LOADER_PARAMETER_BLOCK
Definition: arc.h:491
KPROFILE_SOURCE
enum _KPROFILE_SOURCE KPROFILE_SOURCE
_GETSETCONTEXT
Definition: ketypes.h:835
_KPROFILE::RangeLimit
PVOID RangeLimit
Definition: ketypes.h:853
_KSERVICE_TABLE_DESCRIPTOR
Definition: ketypes.h:2078
KINTERRUPT_MODE
enum _KINTERRUPT_MODE KINTERRUPT_MODE
_PP_LOOKASIDE_LIST
Definition: ketypes.h:799
_KUSER_SHARED_DATA::TickCountLowDeprecated
ULONG TickCountLowDeprecated
Definition: ketypes.h:1151
_KDPC_LIST::ListHead
SINGLE_LIST_ENTRY ListHead
Definition: ketypes.h:720
_KLOCK_ENTRY::IoQoSWaiterCount
USHORT IoQoSWaiterCount
Definition: ketypes.h:1120
VDMSERVICECLASS
enum _VDMSERVICECLASS VDMSERVICECLASS
_In_
#define _In_
Definition: ms_sal.h:308
PKLOCK_ENTRY_LOCK_STATE
struct _KLOCK_ENTRY_LOCK_STATE * PKLOCK_ENTRY_LOCK_STATE
_KLOCK_ENTRY::IoBoost
USHORT IoBoost
Definition: ketypes.h:1114
_KTHREAD::QueueListEntry
LIST_ENTRY QueueListEntry
Definition: ketypes.h:1824
_KPROCESS::ProcessListEntry
LIST_ENTRY ProcessListEntry
Definition: ketypes.h:2066
Reserved
_Reserved_ PVOID Reserved
Definition: winddi.h:3974
PKKERNEL_ROUTINE
VOID(NTAPI * PKKERNEL_ROUTINE)(IN struct _KAPC *Apc, IN OUT PKNORMAL_ROUTINE *NormalRoutine OPTIONAL, IN OUT PVOID *NormalContext OPTIONAL, IN OUT PVOID *SystemArgument1 OPTIONAL, IN OUT PVOID *SystemArgument2 OPTIONAL)
Definition: ketypes.h:684
Buffer
Definition: bufpool.h:45
_KTHREAD::WaitBlockFill10
UCHAR WaitBlockFill10[2 *sizeof(KWAIT_BLOCK)+FIELD_OFFSET(KWAIT_BLOCK, SparePtr)]
Definition: ketypes.h:1797
_KTHREAD::KernelStack
PVOID KernelStack
Definition: ketypes.h:1607
_KUSER_SHARED_DATA::ImageNumberHigh
USHORT ImageNumberHigh
Definition: ketypes.h:1157
_FIBER::DeallocationStack
PVOID DeallocationStack
Definition: ketypes.h:185
_ULARGE_INTEGER
Definition: ms-dtyp.idl:184
DECLSPEC_ALIGN
struct DECLSPEC_ALIGN(16) _M128A
Definition: ketypes.h:922
_GETSETCONTEXT::Mode
KPROCESSOR_MODE Mode
Definition: ketypes.h:839
_KTIMER_TABLE
Definition: ketypes.h:712
PVOID
void * PVOID
Definition: retypes.h:9
_FIBER::FlsData
PVOID FlsData
Definition: ketypes.h:190
_KLOCK_ENTRY::CpuPriorityKey
CHAR CpuPriorityKey
Definition: ketypes.h:1099
_KTHREAD::Timer
KTIMER Timer
Definition: ketypes.h:1743
_KINTERRUPT::DispatchCount
ULONG DispatchCount
Definition: ketypes.h:892
_KPROCESS::ThreadListHead
LIST_ENTRY ThreadListHead
Definition: ketypes.h:2039
KTHREAD_STATE
enum _KTHREAD_STATE KTHREAD_STATE
_KLOCK_ENTRY_LOCK_STATE::Reserved
ULONG_PTR Reserved
Definition: ketypes.h:986
_KTHREAD::ScbReadyQueue
ULONG ScbReadyQueue
Definition: ketypes.h:1642
_KEXECUTE_OPTIONS::DisableThunkEmulation
UCHAR DisableThunkEmulation
Definition: ketypes.h:921
_KPROCESS::DisableQuantum
LONG DisableQuantum
Definition: ketypes.h:2048
KSYSTEM_TIME
struct _KSYSTEM_TIME KSYSTEM_TIME
_KDPC_DATA::DpcCount
ULONG DpcCount
Definition: ketypes.h:790
_KINTERRUPT::Number
CCHAR Number
Definition: ketypes.h:885
KeLoaderBlock
struct _LOADER_PARAMETER_BLOCK NTSYSAPI * KeLoaderBlock
Definition: krnlinit.c:29
MAX_WOW64_SHARED_ENTRIES
#define MAX_WOW64_SHARED_ENTRIES
Definition: ketypes.h:1148
PKSYSTEM_TIME
struct _KSYSTEM_TIME * PKSYSTEM_TIME
_KTHREAD::WaitReason
UCHAR WaitReason
Definition: ketypes.h:1896
_KTHREAD::BasePriority
CHAR BasePriority
Definition: ketypes.h:1849
_KTIMER_TABLE_ENTRY::Time
ULARGE_INTEGER Time
Definition: ketypes.h:709
_KLOCK_ENTRY_LOCK_STATE::SessionId
ULONG SessionId
Definition: ketypes.h:996
_SYNCH_COUNTERS::ExecutiveResourceAcquiresCount
ULONG ExecutiveResourceAcquiresCount
Definition: ketypes.h:735
EVENT_TYPE
enum _EVENT_TYPE EVENT_TYPE
_SYNCH_COUNTERS::ExDeleteResourceCount
ULONG ExDeleteResourceCount
Definition: ketypes.h:734
_KUSER_SHARED_DATA::ImageNumberLow
USHORT ImageNumberLow
Definition: ketypes.h:1156
PKWAIT_STATUS_REGISTER
union _KWAIT_STATUS_REGISTER * PKWAIT_STATUS_REGISTER
UserTime
_Out_ PULONG UserTime
Definition: kefuncs.h:771
_KTHREAD::ExplicitSystemHeteroCpuPolicy
UCHAR ExplicitSystemHeteroCpuPolicy
Definition: ketypes.h:1696
_KNODE::Flags
struct _KNODE::_flags Flags
KLOCK_ENTRY_LOCK_STATE
struct _KLOCK_ENTRY_LOCK_STATE KLOCK_ENTRY_LOCK_STATE
_KUSER_SHARED_DATA::TickCount
volatile KSYSTEM_TIME TickCount
Definition: ketypes.h:1220
PKINTERRUPT_ROUTINE
VOID(NTAPI * PKINTERRUPT_ROUTINE)(VOID)
Definition: ketypes.h:490
_KTHREAD::DisableBoost
ULONG DisableBoost
Definition: ketypes.h:1657
_KTHREAD::Alertable
ULONG Alertable
Definition: ketypes.h:1630
SystemArgument1
_In_opt_ PVOID _In_opt_ PVOID SystemArgument1
Definition: ketypes.h:675
_KTHREAD::NpxState
ULONG64 NpxState
Definition: ketypes.h:2000
_KTHREAD::PropagateBoostsEntry
SINGLE_LIST_ENTRY PropagateBoostsEntry
Definition: ketypes.h:1956
_KINTERRUPT::InterruptListEntry
LIST_ENTRY InterruptListEntry
Definition: ketypes.h:869
_KTHREAD::WaitStatus
volatile INT_PTR WaitStatus
Definition: ketypes.h:1731
LONGLONG
int64_t LONGLONG
Definition: typedefs.h:68
PFIBER
struct _FIBER * PFIBER
_KPROCESS::Affinity
KAFFINITY Affinity
Definition: ketypes.h:2041
LONG64
int64_t LONG64
Definition: typedefs.h:68
KPROCESS
struct _KPROCESS KPROCESS
PreviousMode
_In_ KPROCESSOR_MODE PreviousMode
Definition: sefuncs.h:103
PTIMER_APC_ROUTINE
VOID(NTAPI * PTIMER_APC_ROUTINE)(_In_ PVOID TimerContext, _In_ ULONG TimerLowValue, _In_ LONG TimerHighValue)
Definition: ketypes.h:1103
KeMaximumIncrement
ULONG NTSYSAPI KeMaximumIncrement
Definition: clock.c:20
_KLOCK_ENTRY::CpuBoostsBitmap
USHORT CpuBoostsBitmap
Definition: ketypes.h:1113
KLOCK_ENTRY
struct _KLOCK_ENTRY KLOCK_ENTRY
_KWAIT_STATUS_REGISTER::Priority
UCHAR Priority
Definition: ketypes.h:936
_KTIMER_TABLE_ENTRY::Entry
LIST_ENTRY Entry
Definition: ketypes.h:708
_COUNTER_READING::Start
ULONG64 Start
Definition: ketypes.h:948
_KINTERRUPT::Irql
KIRQL Irql
Definition: ketypes.h:881
_FIBER::TebFlags
ULONG TebFlags
Definition: ketypes.h:192
_KTHREAD::KernelTime
ULONG KernelTime
Definition: ketypes.h:1919
PKRUNDOWN_ROUTINE
VOID(NTAPI * PKRUNDOWN_ROUTINE)(IN struct _KAPC *Apc)
Definition: ketypes.h:680
_KINTERRUPT::Rsvd1
ULONGLONG Rsvd1
Definition: ketypes.h:894
_KTHREAD_COUNTERS::UserData
struct _THREAD_PERFORMANCE_DATA * UserData
Definition: ketypes.h:955
_KSYSTEM_TIME::High1Time
LONG High1Time
Definition: ketypes.h:918
_KLOCK_ENTRY::HeadNodeBit
UCHAR HeadNodeBit
Definition: ketypes.h:1037
_KLOCK_ENTRY::WaitingBit
UCHAR WaitingBit
Definition: ketypes.h:1023
_KNODE::MmShiftedColor
ULONG MmShiftedColor
Definition: ketypes.h:826
MODE
enum _MODE MODE
PROCESSOR_FEATURE_MAX
#define PROCESSOR_FEATURE_MAX
WCHAR
__wchar_t WCHAR
Definition: xmlstorage.h:180
_KUSER_SHARED_DATA::AlternativeArchitecture
ALTERNATIVE_ARCHITECTURE_TYPE AlternativeArchitecture
Definition: ketypes.h:1172
_KTHREAD::SchedulerApc
KAPC SchedulerApc
Definition: ketypes.h:1905
_KPROCESS::SwapListEntry
SINGLE_LIST_ENTRY SwapListEntry
Definition: ketypes.h:2037
_KWAIT_STATUS_REGISTER::Flags
UCHAR Flags
Definition: ketypes.h:931
_KLOCK_ENTRY::CrossThreadFlags
UCHAR CrossThreadFlags
Definition: ketypes.h:1034
CCHAR
char CCHAR
Definition: typedefs.h:51
_KTHREAD::Spare0
UCHAR Spare0
Definition: ketypes.h:1697
_SYNCH_COUNTERS::ExAcqResExclusiveNotAcquires
ULONG ExAcqResExclusiveNotAcquires
Definition: ketypes.h:744
ULONGLONG
uint64_t ULONGLONG
Definition: typedefs.h:67
_KLOCK_ENTRY::IoPriorityBit
UCHAR IoPriorityBit
Definition: ketypes.h:1038
_KTHREAD::SwapListEntry
SINGLE_LIST_ENTRY SwapListEntry
Definition: ketypes.h:1736
KUSER_SHARED_DATA
struct _KUSER_SHARED_DATA KUSER_SHARED_DATA
_KPROCESS::Visited
UCHAR Visited
Definition: ketypes.h:2059
_KINTERRUPT::ShareVector
BOOLEAN ShareVector
Definition: ketypes.h:886
_KUSER_SHARED_DATA::DbgElevationEnabled
ULONG DbgElevationEnabled
Definition: ketypes.h:1202
_KTHREAD::ExpectedRunTime
ULONG ExpectedRunTime
Definition: ketypes.h:1606
_KTHREAD::StackLimit
volatile VOID * StackLimit
Definition: ketypes.h:1597
SCHAR
signed char SCHAR
Definition: sqltypes.h:14
Affinity
_In_ ULONG _In_ ULONG _In_ ULONG _Out_ PKIRQL _Out_ PKAFFINITY Affinity
Definition: halfuncs.h:170
_KINTERRUPT::MessageIndex
ULONG MessageIndex
Definition: ketypes.h:873
WAIT_TYPE
enum _WAIT_TYPE WAIT_TYPE
RTL_RB_TREE
struct _RTL_RB_TREE RTL_RB_TREE
FIXME: should move to rtltypes.h, but we can't include it here.
_KTHREAD::IoSelfBoostsEntry
SINGLE_LIST_ENTRY IoSelfBoostsEntry
Definition: ketypes.h:1957
_KTHREAD::Queue
PKQUEUE Queue
Definition: ketypes.h:1738
_KINTERRUPT::Polarity
KINTERRUPT_POLARITY Polarity
Definition: ketypes.h:889
_KEVENT_PAIR
Definition: ketypes.h:906
_KTHREAD::QuantumTarget
ULONG64 QuantumTarget
Definition: ketypes.h:1595
RTL_SIZEOF_THROUGH_FIELD
#define RTL_SIZEOF_THROUGH_FIELD(type, field)
Definition: ntbasedef.h:672
_KTHREAD::WaitBlockFill8
UCHAR WaitBlockFill8[FIELD_OFFSET(KWAIT_BLOCK, SparePtr)]
Definition: ketypes.h:1787
_KUSER_SHARED_DATA::TimeZoneId
ULONG TimeZoneId
Definition: ketypes.h:1161
_KUSER_SHARED_DATA::Reserved3
ULONG Reserved3
Definition: ketypes.h:1170
_SYNCH_COUNTERS::ExReInitializeResourceCount
ULONG ExReInitializeResourceCount
Definition: ketypes.h:733
_KEXECUTE_OPTIONS::Permanent
UCHAR Permanent
Definition: ketypes.h:922
_KTHREAD::SchedulingGroup
struct _KSCHEDULING_GROUP * SchedulingGroup
Definition: ketypes.h:1609
_KLOCK_ENTRY::LockUnsafe
PVOID LockUnsafe
Definition: ketypes.h:1069
KPROCESSOR_MODE
CCHAR KPROCESSOR_MODE
Definition: ketypes.h:7
PPP_LOOKASIDE_LIST
struct _PP_LOOKASIDE_LIST * PPP_LOOKASIDE_LIST
_KTHREAD::ChargeOnlyGroup
ULONG ChargeOnlyGroup
Definition: ketypes.h:1664
_KTHREAD::ForegroundBoost
UCHAR ForegroundBoost
Definition: ketypes.h:1855
FIBER
struct _FIBER FIBER
_SYNCH_COUNTERS
Definition: ketypes.h:724
_KTHREAD::WaitListEntry
LIST_ENTRY WaitListEntry
Definition: ketypes.h:1735
_KTHREAD::AffinityFill
UCHAR AffinityFill[FIELD_OFFSET(GROUP_AFFINITY, Reserved)]
Definition: ketypes.h:1873
_KTHREAD::SuspendEvent
KEVENT SuspendEvent
Definition: ketypes.h:1939
_KTHREAD::AdjustReason
UCHAR AdjustReason
Definition: ketypes.h:1860
_PP_LOOKASIDE_LIST::L
struct _GENERAL_LOOKASIDE * L
Definition: ketypes.h:802
_FIBER::GuaranteedStackBytes
ULONG GuaranteedStackBytes
Definition: ketypes.h:191
_KUSER_SHARED_DATA::NumberOfPhysicalPages
ULONG NumberOfPhysicalPages
Definition: ketypes.h:1184
_KPROCESS::CycleTime
ULONGLONG CycleTime
Definition: ketypes.h:2068
_KTHREAD::AbEntrySummary
UCHAR AbEntrySummary
Definition: ketypes.h:1944
_KTHREAD::QuantumEndMigrate
ULONG QuantumEndMigrate
Definition: ketypes.h:1636
KINTERRUPT_POLARITY
enum _KINTERRUPT_POLARITY KINTERRUPT_POLARITY
ULONG64
unsigned __int64 ULONG64
Definition: imports.h:198
TIMER_TYPE
enum _TIMER_TYPE TIMER_TYPE
_KTHREAD::DisableStackCheck
ULONG DisableStackCheck
Definition: ketypes.h:1646
_KTHREAD_COUNTERS::ContextSwitches
ULONG ContextSwitches
Definition: ketypes.h:957
UCHAR
unsigned char UCHAR
Definition: xmlstorage.h:181
KTHREAD_COUNTERS
struct _KTHREAD_COUNTERS KTHREAD_COUNTERS
_KINTERRUPT::Vector
ULONG Vector
Definition: ketypes.h:880
_SYNCH_COUNTERS::ExBoostExclusiveOwner
ULONG ExBoostExclusiveOwner
Definition: ketypes.h:768
_KUSER_SHARED_DATA::Reserved1
ULONG Reserved1
Definition: ketypes.h:1169
_KTHREAD_COUNTERS::HwCounter
COUNTER_READING HwCounter[16]
Definition: ketypes.h:960
_KINTERRUPT::ServiceRoutine
PKSERVICE_ROUTINE ServiceRoutine
Definition: ketypes.h:870
_KTHREAD::AbFreeEntryCount
UCHAR AbFreeEntryCount
Definition: ketypes.h:1974
_KPROCESS::ThreadSeed
UCHAR ThreadSeed
Definition: ketypes.h:2056
_SYNCH_COUNTERS::ExecutiveResourceConvertsCount
ULONG ExecutiveResourceConvertsCount
Definition: ketypes.h:739
_EVENT_TYPE
_EVENT_TYPE
Definition: ntdef.template.h:355
_KPROFILE::Size
CSHORT Size
Definition: ketypes.h:849
_KAPC::NormalContext
PVOID NormalContext
Definition: ketypes.h:550
_KDPC
Definition: ketypes.h:687
_KPROCESS::IdealNode
UCHAR IdealNode
Definition: ketypes.h:2058
_KPRCB
Definition: ketypes.h:559
_KTHREAD::RelativeTimerBias
ULONG64 RelativeTimerBias
Definition: ketypes.h:1741
_CONTEXT
Definition: nt_native.h:1406
_KWAIT_STATUS_REGISTER::State
UCHAR State
Definition: ketypes.h:934
PHANDLE
PVOID *typedef PHANDLE
Definition: ntsecpkg.h:454
VOID
#define VOID
Definition: acefi.h:82
_COUNTER_READING::Index
ULONG Index
Definition: ketypes.h:947
_SYNCH_COUNTERS::ExecutiveResourceContentionsCount
ULONG ExecutiveResourceContentionsCount
Definition: ketypes.h:736
Ready
Definition: ketypes.h:412
_KEVENT_PAIR::LowEvent
KEVENT LowEvent
Definition: ketypes.h:910
_KUSER_SHARED_DATA::SuiteMask
ULONG SuiteMask
Definition: ketypes.h:1175
_KTHREAD::IdealProcessor
ULONG IdealProcessor
Definition: ketypes.h:1876
_SYNCH_COUNTERS::ExAcqResSharedWaitForExclusiveAcquiresExclusive
ULONG ExAcqResSharedWaitForExclusiveAcquiresExclusive
Definition: ketypes.h:758
_KTHREAD::InGlobalForegroundList
ULONG_PTR InGlobalForegroundList
Definition: ketypes.h:1984
_KTHREAD::SchedulerApcFill4
UCHAR SchedulerApcFill4[FIELD_OFFSET(KAPC, SystemArgument2)]
Definition: ketypes.h:1928
_KAPC
Definition: ketypes.h:535
_GROUP_AFFINITY
Definition: ntbasedef.h:659
_KPROCESS::ReadyListHead
LIST_ENTRY ReadyListHead
Definition: ketypes.h:2036
_MODE
_MODE
Definition: ketypes.h:10
_KAPC_ENVIRONMENT
_KAPC_ENVIRONMENT
Definition: ketypes.h:695
_LIST_ENTRY
Definition: typedefs.h:119
_KGATE
Definition: ketypes.h:810
_KINTERRUPT
Definition: ketypes.h:865
_SYNCH_COUNTERS::SpinLockSpinCount
ULONG SpinLockSpinCount
Definition: ketypes.h:728
_KTHREAD::ForceDeferSchedule
ULONG ForceDeferSchedule
Definition: ketypes.h:1667
PGETSETCONTEXT
struct _GETSETCONTEXT * PGETSETCONTEXT
_KTHREAD::ApcStateFill
UCHAR ApcStateFill[RTL_SIZEOF_THROUGH_FIELD(KAPC_STATE, UserApcPending)]
Definition: ketypes.h:1713
KTHREAD
struct _KTHREAD KTHREAD
_KUSER_SHARED_DATA::ActiveConsoleId
volatile ULONG ActiveConsoleId
Definition: ketypes.h:1180
_KUSER_SHARED_DATA::TimeZoneBias
volatile KSYSTEM_TIME TimeZoneBias
Definition: ketypes.h:1155
_SYNCH_COUNTERS::ExAcqResSharedAcquiresSharedRecursive
ULONG ExAcqResSharedAcquiresSharedRecursive
Definition: ketypes.h:748
_KNODE::Color
UCHAR Color
Definition: ketypes.h:819
Object
_Must_inspect_result_ _In_ WDFCOLLECTION _In_ WDFOBJECT Object
Definition: wdfcollection.h:120
_SYNCH_COUNTERS::IpiSendRequestRoutineCount
ULONG IpiSendRequestRoutineCount
Definition: ketypes.h:730
_KTHREAD::PriorityFloorSummary
ULONG PriorityFloorSummary
Definition: ketypes.h:1959
_KPROCESS::ProcessLock
KSPIN_LOCK ProcessLock
Definition: ketypes.h:2040
_KWAIT_BLOCK
Definition: ketypes.h:443
_SYNCH_COUNTERS::ExAcqResSharedStarveExclusiveAcquiresSharedRecursive
ULONG ExAcqResSharedStarveExclusiveAcquiresSharedRecursive
Definition: ketypes.h:754
_KTHREAD::CurrentRunTime
ULONG CurrentRunTime
Definition: ketypes.h:1605
PKTIMER_TABLE
struct _KTIMER_TABLE * PKTIMER_TABLE
SystemArgument2
_In_opt_ PVOID _In_opt_ PVOID _In_opt_ PVOID SystemArgument2
Definition: ketypes.h:675
_DISPATCHER_HEADER
Definition: ketypes.h:728
_KEVENT_PAIR::Type
CSHORT Type
Definition: ketypes.h:908
_KENTROPY_TIMING_STATE
Definition: ketypes.h:2093
_KTHREAD::QuantumReset
UCHAR QuantumReset
Definition: ketypes.h:1914
_SYNCH_COUNTERS::ExAcqResExclusiveAcquiresExclusive
ULONG ExAcqResExclusiveAcquiresExclusive
Definition: ketypes.h:741
_KINTERRUPT::ActualLock
PKSPIN_LOCK ActualLock
Definition: ketypes.h:878
_KTHREAD::StackBase
PVOID StackBase
Definition: ketypes.h:1598
_KINTERRUPT::DispatchCode
ULONG DispatchCode[DISPATCH_LENGTH]
Definition: ketypes.h:900
_KTHREAD::SavedApcStateFill
UCHAR SavedApcStateFill[FIELD_OFFSET(KAPC_STATE, UserApcPending)+1]
Definition: ketypes.h:1895
KeMinimumIncrement
ULONG NTSYSAPI KeMinimumIncrement
Definition: clock.c:21
_KSYSTEM_TIME::High2Time
LONG High2Time
Definition: ketypes.h:919
_KTHREAD::QueueDeferPreemption
ULONG QueueDeferPreemption
Definition: ketypes.h:1666
_TEB
Definition: compat.h:694
_KUSER_SHARED_DATA::DbgVirtEnabled
ULONG DbgVirtEnabled
Definition: ketypes.h:1203
_KDPC_DATA::DpcQueueDepth
volatile ULONG DpcQueueDepth
Definition: ketypes.h:788
_KLOCK_ENTRY_LOCK_STATE::SessionState
PVOID SessionState
Definition: ketypes.h:993
_SYNCH_COUNTERS::ExTryToAcqExclusiveAcquires
ULONG ExTryToAcqExclusiveAcquires
Definition: ketypes.h:767
_KUSER_SHARED_DATA::DbgInstallerDetectEnabled
ULONG DbgInstallerDetectEnabled
Definition: ketypes.h:1204
_KTHREAD::LockEntries
KLOCK_ENTRY LockEntries[NUMBER_OF_LOCK_ENTRIES]
Definition: ketypes.h:1955
_SYNCH_COUNTERS::SpinLockContentionCount
ULONG SpinLockContentionCount
Definition: ketypes.h:727
_KPROCESS
Definition: ketypes.h:2014
_KNODE::_flags
Definition: ketypes.h:822
_KTHREAD::PreviousMode
CHAR PreviousMode
Definition: ketypes.h:1848
_KTHREAD::SchedulerApcFill1
UCHAR SchedulerApcFill1[FIELD_OFFSET(KAPC, SpareByte1)]
Definition: ketypes.h:1913
_KUSER_SHARED_DATA::NtSystemRoot
WCHAR NtSystemRoot[260]
Definition: ketypes.h:1158
_KPROFILE::Segment
ULONG_PTR Segment
Definition: ketypes.h:856
_NT_PRODUCT_TYPE
_NT_PRODUCT_TYPE
Definition: ntdef.template.h:349
_PP_LOOKASIDE_LIST::P
struct _GENERAL_LOOKASIDE * P
Definition: ketypes.h:801
_KLOCK_ENTRY::ThreadLocalFlags
UCHAR ThreadLocalFlags
Definition: ketypes.h:1020
_KLOCK_ENTRY::OwnerTree
RTL_RB_TREE OwnerTree
Definition: ketypes.h:1096
_KTHREAD::CalloutActive
ULONG CalloutActive
Definition: ketypes.h:1641
USHORT
unsigned short USHORT
Definition: pedump.c:61
PSYNCH_COUNTERS
struct _SYNCH_COUNTERS * PSYNCH_COUNTERS
_KENTROPY_TIMING_STATE::Dpc
KDPC Dpc
Definition: ketypes.h:2097
_KUSER_SHARED_DATA::TickCountQuad
volatile ULONG64 TickCountQuad
Definition: ketypes.h:1221
_KTHREAD::PriorityDecrement
CHAR PriorityDecrement
Definition: ketypes.h:1852
_KTHREAD::SuspendCount
CHAR SuspendCount
Definition: ketypes.h:1897
KAFFINITY
ULONG_PTR KAFFINITY
Definition: compat.h:85
_KNODE::_flags::Fill
UCHAR Fill
Definition: ketypes.h:824
PowerState
_Must_inspect_result_ _In_ PWDFDEVICE_INIT _In_ WDF_DEVICE_POWER_STATE PowerState
Definition: wdfdevice.h:3032
_KDPC_DATA
Definition: ketypes.h:777
_SYNCH_COUNTERS::ExAcqResExclusiveWaits
ULONG ExAcqResExclusiveWaits
Definition: ketypes.h:743
_KSEMAPHORE
Definition: ketypes.h:803
ALTERNATIVE_ARCHITECTURE_TYPE
enum _ALTERNATIVE_ARCHITECTURE_TYPE ALTERNATIVE_ARCHITECTURE_TYPE
PKPROFILE
struct _KPROFILE * PKPROFILE
KSPIN_LOCK
ULONG KSPIN_LOCK
Definition: env_spec_w32.h:72
_KENTROPY_TIMING_STATE::EntropyCount
ULONG EntropyCount
Definition: ketypes.h:2095
_KLOCK_ENTRY::StaticState
ULONG StaticState
Definition: ketypes.h:1046
_KPROCESS::ActiveProcessors
volatile KAFFINITY ActiveProcessors
Definition: ketypes.h:2033
_KTHREAD::CycleTime
volatile ULONG64 CycleTime
Definition: ketypes.h:1600
_KLOCK_ENTRY::Spare0
UCHAR Spare0
Definition: ketypes.h:1024
FIELD_OFFSET
#define FIELD_OFFSET(t, f)
Definition: typedefs.h:255
_KPROCESS::ProfileListHead
LIST_ENTRY ProfileListHead
Definition: ketypes.h:2017
LONG_PTR
__int3264 LONG_PTR
Definition: mstsclib_h.h:276
_SYNCH_COUNTERS::SpinLockAcquireCount
ULONG SpinLockAcquireCount
Definition: ketypes.h:726
_KTHREAD::WaitBlockCount
UCHAR WaitBlockCount
Definition: ketypes.h:1875
OPTIONAL
#define OPTIONAL
Definition: typedefs.h:41
PULONG
unsigned int * PULONG
Definition: retypes.h:1
_KUSER_SHARED_DATA::SystemCallPad
ULONGLONG SystemCallPad[3]
Definition: ketypes.h:1218
_KTHREAD::AdjustIncrement
CHAR AdjustIncrement
Definition: ketypes.h:1861
_KUSER_SHARED_DATA::NXSupportPolicy
UCHAR NXSupportPolicy
Definition: ketypes.h:1178
_SYNCH_COUNTERS::ExInitializeResourceCount
ULONG ExInitializeResourceCount
Definition: ketypes.h:732
_FIBER::Wx86Tib
PVOID Wx86Tib
Definition: ketypes.h:188
Reserved1
Definition: bcd.h:201
_KTHREAD::Spare12
CHAR Spare12
Definition: ketypes.h:1723
_KINTERRUPT::SynchronizeIrql
KIRQL SynchronizeIrql
Definition: ketypes.h:882
_KTHREAD::SchedulerApcFill0
UCHAR SchedulerApcFill0[FIELD_OFFSET(KAPC, SpareByte0)]
Definition: ketypes.h:1908
_KEVENT
Definition: ketypes.h:799
_KPROCESS::KernelTime
ULONG KernelTime
Definition: ketypes.h:2034
_KTHREAD::ThreadListEntry
LIST_ENTRY ThreadListEntry
Definition: ketypes.h:1940
XSAVE_FORMAT
XSAVE_FORMAT
Definition: ketypes.h:951
_KTHREAD::ReservedStackInUse
ULONG ReservedStackInUse
Definition: ketypes.h:1644
_KTHREAD::QueuedScb
struct _KSCB * QueuedScb
Definition: ketypes.h:1998
_KUSER_SHARED_DATA::LastSystemRITEventTickCount
ULONG LastSystemRITEventTickCount
Definition: ketypes.h:1183
_KTHREAD::Teb
PVOID Teb
Definition: ketypes.h:1739
_LARGE_INTEGER
Definition: typedefs.h:102
_KEXECUTE_OPTIONS::ExecuteEnable
UCHAR ExecuteEnable
Definition: ketypes.h:920
_KSERVICE_TABLE_DESCRIPTOR::Base
PULONG_PTR Base
Definition: ketypes.h:2080
_KPROFILE::BucketShift
ULONG BucketShift
Definition: ketypes.h:854
PKTHREAD_STATE
enum _KTHREAD_STATE * PKTHREAD_STATE
_KTHREAD::UserTime
ULONG UserTime
Definition: ketypes.h:1935
KSERVICE_TABLE_DESCRIPTOR
struct _KSERVICE_TABLE_DESCRIPTOR KSERVICE_TABLE_DESCRIPTOR
PKENTROPY_TIMING_STATE
struct _KENTROPY_TIMING_STATE * PKENTROPY_TIMING_STATE
_KPROCESS::Flags
KEXECUTE_OPTIONS Flags
Definition: ketypes.h:2062
COUNTER_READING
struct _COUNTER_READING COUNTER_READING
_KTHREAD::ResourceIndex
UCHAR ResourceIndex
Definition: ketypes.h:1909
_KTHREAD::Header
DISPATCHER_HEADER Header
Definition: ketypes.h:1593
DISPATCH_LENGTH
#define DISPATCH_LENGTH
Definition: ketypes.h:207
Process
_Must_inspect_result_ _In_ PLARGE_INTEGER _In_ PLARGE_INTEGER _In_ ULONG _In_ PFILE_OBJECT _In_ PVOID Process
Definition: fsrtlfuncs.h:219
_KLOCK_ENTRY_LOCK_STATE::CrossThreadReleasable
ULONG_PTR CrossThreadReleasable
Definition: ketypes.h:981
KWAIT_REASON
enum _KWAIT_REASON KWAIT_REASON
_ADJUST_REASON
_ADJUST_REASON
Definition: ketypes.h:460
_KTHREAD::GlobalForegroundListEntry
LIST_ENTRY GlobalForegroundListEntry
Definition: ketypes.h:1980
_KTHREAD::LegoData
PVOID LegoData
Definition: ketypes.h:1929
_KTHREAD::UserAffinityFill
UCHAR UserAffinityFill[FIELD_OFFSET(GROUP_AFFINITY, Reserved)]
Definition: ketypes.h:1847
_KTHREAD::Running
BOOLEAN Running
Definition: ketypes.h:1611
_KLOCK_ENTRY::SessionState
PVOID SessionState
Definition: ketypes.h:1081
_KTHREAD_COUNTERS::Flags
ULONG Flags
Definition: ketypes.h:956
_KTHREAD::StateSaveArea
XSAVE_FORMAT * StateSaveArea
Definition: ketypes.h:1608
OUT
#define OUT
Definition: typedefs.h:40
KeServiceDescriptorTable
KSERVICE_TABLE_DESCRIPTOR NTSYSAPI KeServiceDescriptorTable[SSDT_MAX_ENTRIES]
Definition: procobj.c:23
NT_PRODUCT_TYPE
enum _NT_PRODUCT_TYPE NT_PRODUCT_TYPE
_KTHREAD::State
volatile UCHAR State
Definition: ketypes.h:1721
_KTHREAD::Win32Thread
PVOID Win32Thread
Definition: ketypes.h:1798
_KLOCK_ENTRY::InTreeByte
UCHAR InTreeByte
Definition: ketypes.h:1078
_KTHREAD::Affinity
GROUP_AFFINITY Affinity
Definition: ketypes.h:1870
_KINTERRUPT::Size
CSHORT Size
Definition: ketypes.h:868
_KTHREAD_STATE
_KTHREAD_STATE
Definition: ketypes.h:409
KINTERRUPT
struct _KINTERRUPT KINTERRUPT
ULONG
unsigned int ULONG
Definition: retypes.h:1
_KWAIT_STATUS_REGISTER::Apc
UCHAR Apc
Definition: ketypes.h:937
KeDcacheFlushCount
ULONG NTSYSAPI KeDcacheFlushCount
Definition: cpu.c:20
_KTHREAD::ContextSwitches
ULONG ContextSwitches
Definition: ketypes.h:1720
_KTHREAD::SListFaultCount
SHORT SListFaultCount
Definition: ketypes.h:1899
_RTL_RB_TREE::Root
PRTL_BALANCED_NODE Root
Definition: ketypes.h:968
TimerContext
_In_ PLARGE_INTEGER _In_opt_ PTIMER_APC_ROUTINE _In_opt_ PVOID TimerContext
Definition: zwfuncs.h:428
_KTHREAD::DeferredProcessor
ULONG DeferredProcessor
Definition: ketypes.h:1838
PULONG_PTR
uint32_t * PULONG_PTR
Definition: typedefs.h:65
_KPROCESS::PowerState
UCHAR PowerState
Definition: ketypes.h:2057
_KNODE::NodeNumber
UCHAR NodeNumber
Definition: ketypes.h:821
_KUSER_SHARED_DATA::SystemCall
ULONG SystemCall
Definition: ketypes.h:1216
_KTHREAD::Preempted
UCHAR Preempted
Definition: ketypes.h:1859
PKEXECUTE_OPTIONS
struct _KEXECUTE_OPTIONS * PKEXECUTE_OPTIONS
_KTHREAD::WaitTime
ULONG WaitTime
Definition: ketypes.h:1807
_KTHREAD::Tag
volatile UCHAR Tag
Definition: ketypes.h:1693
_KTHREAD::ReadyTransition
ULONG ReadyTransition
Definition: ketypes.h:1623
_SYNCH_COUNTERS::IpiSendSoftwareInterruptCount
ULONG IpiSendSoftwareInterruptCount
Definition: ketypes.h:731
_KTHREAD::DisableQuantum
ULONG DisableQuantum
Definition: ketypes.h:1663
_KTHREAD::ApcStateIndex
UCHAR ApcStateIndex
Definition: ketypes.h:1874
_SLIST_HEADER
Definition: rtltypes.h:138
_KPROFILE
Definition: ketypes.h:846
_KNODE::PfnDereferenceSListHead
SLIST_HEADER PfnDereferenceSListHead
Definition: ketypes.h:817
PKDPC_LIST
struct _KDPC_LIST * PKDPC_LIST
KWAIT_BLOCK
struct _KWAIT_BLOCK KWAIT_BLOCK
_KNODE::ProcessorMask
KAFFINITY ProcessorMask
Definition: ketypes.h:818
_KTHREAD::ApcQueueable
ULONG ApcQueueable
Definition: ketypes.h:1643
PKNORMAL_ROUTINE
VOID(NTAPI * PKNORMAL_ROUTINE)(IN PVOID NormalContext OPTIONAL, IN PVOID SystemArgument1 OPTIONAL, IN PVOID SystemArgument2 OPTIONAL)
Definition: ketypes.h:674
_KTHREAD::WaitMode
KPROCESSOR_MODE WaitMode
Definition: ketypes.h:1728
_KDPC_DATA::ActiveDpc
PKDPC ActiveDpc
Definition: ketypes.h:792
_KNODE::Seed
UCHAR Seed
Definition: ketypes.h:820
_KEVENT_PAIR::HighEvent
KEVENT HighEvent
Definition: ketypes.h:911
_SYNCH_COUNTERS::ExAcqResSharedWaitForExclusiveWaits
ULONG ExAcqResSharedWaitForExclusiveWaits
Definition: ketypes.h:761
KPROFILE_SOURCE
enum _KPROFILE_SOURCE KPROFILE_SOURCE
_COUNTER_READING::Type
enum _HARDWARE_COUNTER_TYPE Type
Definition: ketypes.h:946
_KTHREAD::WaitBlockFill9
UCHAR WaitBlockFill9[1 *sizeof(KWAIT_BLOCK)+FIELD_OFFSET(KWAIT_BLOCK, SparePtr)]
Definition: ketypes.h:1792
_KPROCESS::UserTime
ULONG UserTime
Definition: ketypes.h:2035
_KPROCESS::AutoAlignment
LONG AutoAlignment
Definition: ketypes.h:2046
_KINTERRUPT::DispatchAddress
PKINTERRUPT_ROUTINE DispatchAddress
Definition: ketypes.h:879
_KEXECUTE_OPTIONS::ExecuteDispatchEnable
UCHAR ExecuteDispatchEnable
Definition: ketypes.h:923
CSHORT
short CSHORT
Definition: umtypes.h:127
_WAIT_TYPE
_WAIT_TYPE
Definition: ntdef.template.h:365
_KSYSTEM_TIME
Definition: ketypes.h:916
_KTHREAD::InitialStack
PVOID InitialStack
Definition: ketypes.h:1596
_KUSER_SHARED_DATA::DbgErrorPortPresent
ULONG DbgErrorPortPresent
Definition: ketypes.h:1201
ADJUST_REASON
enum _ADJUST_REASON ADJUST_REASON
KPROFILE
struct _KPROFILE KPROFILE
_KTHREAD::AffinityVersion
ULONG_PTR AffinityVersion
Definition: ketypes.h:1866
KTIMER_TABLE_ENTRY
struct _KTIMER_TABLE_ENTRY KTIMER_TABLE_ENTRY
_KINTERRUPT::ServiceContext
PVOID ServiceContext
Definition: ketypes.h:875
_KTHREAD::UserAffinity
GROUP_AFFINITY UserAffinity
Definition: ketypes.h:1844
PKLOCK_ENTRY
struct _KLOCK_ENTRY * PKLOCK_ENTRY
_KWAIT_STATUS_REGISTER::Alert
UCHAR Alert
Definition: ketypes.h:939
KiBugCheckData
ULONG_PTR NTSYSAPI KiBugCheckData[]
Definition: bug.c:27
PKNODE
struct _KNODE * PKNODE
_KTHREAD::ThreadLock
KSPIN_LOCK ThreadLock
Definition: ketypes.h:1599
Limit
_In_ LONG _In_ LONG Limit
Definition: kefuncs.h:315
_KNODE::FreeCount
ULONG FreeCount[2]
Definition: ketypes.h:827
_KTHREAD::WaitRegister
KWAIT_STATUS_REGISTER WaitRegister
Definition: ketypes.h:1610
_KTHREAD::GuiThread
ULONG GuiThread
Definition: ketypes.h:1662
_KTHREAD::ProcessStackCountDecremented
ULONG ProcessStackCountDecremented
Definition: ketypes.h:1681
ServiceTable
SERVICE_TABLE_ENTRYW ServiceTable[]
Definition: service.c:21
_KPROCESS::VdmTrapcHandler
PVOID VdmTrapcHandler
Definition: ketypes.h:2038
_KTHREAD::SystemCallNumber
ULONG SystemCallNumber
Definition: ketypes.h:1701
_SYNCH_COUNTERS::ExAcqResSharedWaitForExclusiveNotAcquires
ULONG ExAcqResSharedWaitForExclusiveNotAcquires
Definition: ketypes.h:762
_SYNCH_COUNTERS::ExecutiveResourceReleaseExclusiveCount
ULONG ExecutiveResourceReleaseExclusiveCount
Definition: ketypes.h:737
_FIBER::ActivationContextStackPointer
struct _ACTIVATION_CONTEXT_STACK * ActivationContextStackPointer
Definition: ketypes.h:189
PKAPC_STATE
* PKAPC_STATE
Definition: ketypes.h:1280
_KWAIT_STATUS_REGISTER
Definition: ketypes.h:929
_KUSER_SHARED_DATA::ComPlusPackage
ULONG ComPlusPackage
Definition: ketypes.h:1182
_KIDTENTRY
Definition: ketypes.h:384
THREAD_WAIT_OBJECTS
#define THREAD_WAIT_OBJECTS
Definition: ketypes.h:480
_KUSER_SHARED_DATA::ProcessorFeatures
BOOLEAN ProcessorFeatures[PROCESSOR_FEATURE_MAX]
Definition: ketypes.h:1168
PKSERVICE_TABLE_DESCRIPTOR
struct _KSERVICE_TABLE_DESCRIPTOR * PKSERVICE_TABLE_DESCRIPTOR
_KCONTINUE_STATUS
_KCONTINUE_STATUS
Definition: ketypes.h:470
_KPROCESS::Header
DISPATCHER_HEADER Header
Definition: ketypes.h:2016
_KTHREAD::KeReferenceCount
volatile SHORT KeReferenceCount
Definition: ketypes.h:1966
_KTHREAD::ThreadFlagsSpare
ULONG ThreadFlagsSpare
Definition: ketypes.h:1682
_KTHREAD::MutantListHead
LIST_ENTRY MutantListHead
Definition: ketypes.h:1941
_KTHREAD::WaitBlockFill11
UCHAR WaitBlockFill11[3 *sizeof(KWAIT_BLOCK)+FIELD_OFFSET(KWAIT_BLOCK, Object)]
Definition: ketypes.h:1802
_SYNCH_COUNTERS::ExEtwSynchTrackingNotificationsAccountedCount
ULONG ExEtwSynchTrackingNotificationsAccountedCount
Definition: ketypes.h:771
_KUSER_SHARED_DATA::SpareBits
ULONG SpareBits
Definition: ketypes.h:1208
_KUSER_SHARED_DATA::DismountCount
volatile ULONG DismountCount
Definition: ketypes.h:1181
_KTHREAD::WaitIrql
KIRQL WaitIrql
Definition: ketypes.h:1727
_KUSER_SHARED_DATA::ProductTypeIsValid
BOOLEAN ProductTypeIsValid
Definition: ketypes.h:1165
_KWAIT_STATUS_REGISTER::Affinity
UCHAR Affinity
Definition: ketypes.h:935
_KUSER_SHARED_DATA::Wow64SharedInformation
ULONG Wow64SharedInformation[MAX_WOW64_SHARED_ENTRIES]
Definition: ketypes.h:1231
KNODE
struct _KNODE KNODE
_KNODE
Definition: ketypes.h:814
PP_LOOKASIDE_LIST
struct _PP_LOOKASIDE_LIST PP_LOOKASIDE_LIST
KeServiceDescriptorTableShadow
KSERVICE_TABLE_DESCRIPTOR NTSYSAPI KeServiceDescriptorTableShadow[SSDT_MAX_ENTRIES]
Definition: procobj.c:24