ReactOS  0.4.15-dev-4603-gb922b6d
ketypes.h
Go to the documentation of this file.
1 /*++ NDK Version: 0098
2 
3 Copyright (c) Alex Ionescu. All rights reserved.
4 
5 Header Name:
6 
7  ketypes.h
8 
9 Abstract:
10 
11  Type definitions for the Kernel services.
12 
13 Author:
14 
15  Alex Ionescu (alexi@tinykrnl.org) - Updated - 27-Feb-2006
16 
17 --*/
18 
19 #ifndef _KETYPES_H
20 #define _KETYPES_H
21 
22 //
23 // Dependencies
24 //
25 #include <umtypes.h>
26 #ifndef NTOS_MODE_USER
27 #include <haltypes.h>
28 #include <potypes.h>
29 #include <ifssupp.h>
30 #endif
31 
32 //
33 // A system call ID is formatted as such:
34 // .________________________________________________________________.
35 // | 14 | 13 | 12 | 11 | 10 | 9 | 8 | 7 | 6 | 5 | 4 | 3 | 2 | 1 | 0 |
36 // |--------------|-------------------------------------------------|
37 // | TABLE NUMBER | TABLE OFFSET |
38 // \----------------------------------------------------------------/
39 //
40 // The table number is then used as an index into the service descriptor table.
41 #define TABLE_NUMBER_BITS 1
42 #define TABLE_OFFSET_BITS 12
43 
44 //
45 // There are 2 tables (kernel and shadow, used by Win32K)
46 //
47 #define NUMBER_SERVICE_TABLES 2
48 #define NTOS_SERVICE_INDEX 0
49 #define WIN32K_SERVICE_INDEX 1
50 
51 //
52 // NB. From assembly code, the table number must be computed as an offset into
53 // the service descriptor table.
54 //
55 // Each entry into the table is 16 bytes long on 32-bit architectures, and
56 // 32 bytes long on 64-bit architectures.
57 //
58 // Thus, Table Number 1 is offset 16 (0x10) on x86, and offset 32 (0x20) on
59 // x64.
60 //
61 #ifdef _WIN64
62 #define BITS_PER_ENTRY 5 // (1 << 5) = 32 bytes
63 #else
64 #define BITS_PER_ENTRY 4 // (1 << 4) = 16 bytes
65 #endif
66 
67 //
68 // We want the table number, but leave some extra bits to we can have the offset
69 // into the descriptor table.
70 //
71 #define SERVICE_TABLE_SHIFT (12 - BITS_PER_ENTRY)
72 
73 //
74 // Now the table number (as an offset) is corrupted with part of the table offset
75 // This mask will remove the extra unwanted bits, and give us the offset into the
76 // descriptor table proper.
77 //
78 #define SERVICE_TABLE_MASK (((1 << TABLE_NUMBER_BITS) - 1) << BITS_PER_ENTRY)
79 
80 //
81 // To get the table offset (ie: the service call number), just keep the 12 bits
82 //
83 #define SERVICE_NUMBER_MASK ((1 << TABLE_OFFSET_BITS) - 1)
84 
85 //
86 // We'll often need to check if this is a graphics call. This is done by comparing
87 // the table number offset with the known Win32K table number offset.
88 // This is usually index 1, so table number offset 0x10 (x86) or 0x20 (x64)
89 //
90 #define SERVICE_TABLE_TEST (WIN32K_SERVICE_INDEX << BITS_PER_ENTRY)
91 
92 //
93 // Context Record Flags
94 //
95 #define CONTEXT_DEBUGGER (CONTEXT_FULL | CONTEXT_FLOATING_POINT)
96 
97 //
98 // Maximum System Descriptor Table Entries
99 //
100 #define SSDT_MAX_ENTRIES 2
101 
102 //
103 // Processor Architectures
104 //
105 #define PROCESSOR_ARCHITECTURE_INTEL 0
106 #define PROCESSOR_ARCHITECTURE_MIPS 1
107 #define PROCESSOR_ARCHITECTURE_ALPHA 2
108 #define PROCESSOR_ARCHITECTURE_PPC 3
109 #define PROCESSOR_ARCHITECTURE_SHX 4
110 #define PROCESSOR_ARCHITECTURE_ARM 5
111 #define PROCESSOR_ARCHITECTURE_IA64 6
112 #define PROCESSOR_ARCHITECTURE_ALPHA64 7
113 #define PROCESSOR_ARCHITECTURE_MSIL 8
114 #define PROCESSOR_ARCHITECTURE_AMD64 9
115 #define PROCESSOR_ARCHITECTURE_UNKNOWN 0xFFFF
116 
117 //
118 // Object Type Mask for Kernel Dispatcher Objects
119 //
120 #define KOBJECT_TYPE_MASK 0x7F
121 #define KOBJECT_LOCK_BIT 0x80
122 
123 //
124 // Dispatcher Priority increments
125 //
126 #define THREAD_ALERT_INCREMENT 2
127 
128 //
129 // Physical memory offset of KUSER_SHARED_DATA
130 //
131 #define KI_USER_SHARED_DATA_PHYSICAL 0x41000
132 
133 //
134 // Quantum values and decrements
135 //
136 #define MAX_QUANTUM 0x7F
137 #define WAIT_QUANTUM_DECREMENT 1
138 #define CLOCK_QUANTUM_DECREMENT 3
139 
140 //
141 // Kernel Feature Bits
142 //
143 #define KF_V86_VIS 0x00000001
144 #define KF_RDTSC 0x00000002
145 #define KF_CR4 0x00000004
146 #define KF_CMOV 0x00000008
147 #define KF_GLOBAL_PAGE 0x00000010
148 #define KF_LARGE_PAGE 0x00000020
149 #define KF_MTRR 0x00000040
150 #define KF_CMPXCHG8B 0x00000080
151 #define KF_MMX 0x00000100
152 #define KF_WORKING_PTE 0x00000200
153 #define KF_PAT 0x00000400
154 #define KF_FXSR 0x00000800
155 #define KF_FAST_SYSCALL 0x00001000
156 #define KF_XMMI 0x00002000
157 #define KF_3DNOW 0x00004000
158 #define KF_AMDK6MTRR 0x00008000
159 #define KF_XMMI64 0x00010000
160 #define KF_DTS 0x00020000
161 #define KF_BRANCH 0x00020000 // from ksamd64.inc
162 #define KF_SSE3 0x00080000
163 #define KF_CMPXCHG16B 0x00100000
164 #define KF_XSTATE 0x00800000 // from ks386.inc, ksamd64.inc
165 #define KF_NX_BIT 0x20000000
166 #define KF_NX_DISABLED 0x40000000
167 #define KF_NX_ENABLED 0x80000000
168 
169 #define KF_XSAVEOPT_BIT 15
170 #define KF_XSTATE_BIT 23
171 #define KF_RDWRFSGSBASE_BIT 28
172 
173 //
174 // Internal Exception Codes
175 //
176 #define KI_EXCEPTION_INTERNAL 0x10000000
177 #define KI_EXCEPTION_ACCESS_VIOLATION (KI_EXCEPTION_INTERNAL | 0x04)
178 
179 typedef struct _FIBER /* Field offsets: */
180 { /* i386 arm x64 */
181  PVOID FiberData; /* 0x000 0x000 0x000 */
182  struct _EXCEPTION_REGISTRATION_RECORD *ExceptionList;/* 0x004 0x004 0x008 */
183  PVOID StackBase; /* 0x008 0x008 0x010 */
184  PVOID StackLimit; /* 0x00C 0x00C 0x018 */
185  PVOID DeallocationStack; /* 0x010 0x010 0x020 */
186  CONTEXT FiberContext; /* 0x014 0x018 0x030 */
187 #if (NTDDI_VERSION >= NTDDI_LONGHORN)
188  PVOID Wx86Tib; /* 0x2E0 0x1b8 0x500 */
189  struct _ACTIVATION_CONTEXT_STACK *ActivationContextStackPointer; /* 0x2E4 0x1bc 0x508 */
190  PVOID FlsData; /* 0x2E8 0x1c0 0x510 */
191  ULONG GuaranteedStackBytes; /* 0x2EC 0x1c4 0x518 */
192  ULONG TebFlags; /* 0x2F0 0x1c8 0x51C */
193 #else
194  ULONG GuaranteedStackBytes; /* 0x2E0 */
195  PVOID FlsData; /* 0x2E4 */
196  struct _ACTIVATION_CONTEXT_STACK *ActivationContextStackPointer;
197 #endif
198 } FIBER, *PFIBER;
199 
200 #ifndef NTOS_MODE_USER
201 //
202 // Number of dispatch codes supported by KINTERRUPT
203 //
204 #ifdef _M_AMD64
205 #define DISPATCH_LENGTH 4
206 #elif (NTDDI_VERSION >= NTDDI_LONGHORN)
207 #define DISPATCH_LENGTH 135
208 #else
209 #define DISPATCH_LENGTH 106
210 #endif
211 
212 #else // NTOS_MODE_USER
213 
214 //
215 // KPROCESSOR_MODE Type
216 //
217 typedef CCHAR KPROCESSOR_MODE;
218 
219 //
220 // Dereferencable pointer to KUSER_SHARED_DATA in User-Mode
221 //
222 #define SharedUserData ((KUSER_SHARED_DATA *)USER_SHARED_DATA)
223 
224 #ifdef _X86_
225 /* Macros for user-mode run-time checks of X86 system architecture */
226 
227 #ifndef IsNEC_98
228 #define IsNEC_98 (SharedUserData->AlternativeArchitecture == NEC98x86)
229 #endif
230 
231 #ifndef IsNotNEC_98
232 #define IsNotNEC_98 (SharedUserData->AlternativeArchitecture != NEC98x86)
233 #endif
234 
235 /* User-mode cannot override the architecture */
236 #ifndef SetNEC_98
237 #define SetNEC_98
238 #endif
239 
240 /* User-mode cannot override the architecture */
241 #ifndef SetNotNEC_98
242 #define SetNotNEC_98
243 #endif
244 
245 #else // !_X86_
246 /* Correctly define these run-time definitions for non X86 machines */
247 
248 #ifndef IsNEC_98
249 #define IsNEC_98 (FALSE)
250 #endif
251 
252 #ifndef IsNotNEC_98
253 #define IsNotNEC_98 (TRUE)
254 #endif
255 
256 #ifndef SetNEC_98
257 #define SetNEC_98
258 #endif
259 
260 #ifndef SetNotNEC_98
261 #define SetNotNEC_98
262 #endif
263 
264 #endif // _X86_
265 
266 //
267 // Maximum WOW64 Entries in KUSER_SHARED_DATA
268 //
269 #define MAX_WOW64_SHARED_ENTRIES 16
270 
271 //
272 // Maximum Processor Features supported in KUSER_SHARED_DATA
273 //
274 #define PROCESSOR_FEATURE_MAX 64
275 
276 //
277 // Event Types
278 //
279 typedef enum _EVENT_TYPE
280 {
281  NotificationEvent,
282  SynchronizationEvent
283 } EVENT_TYPE;
284 
285 //
286 // Timer Types
287 //
288 typedef enum _TIMER_TYPE
289 {
290  NotificationTimer,
291  SynchronizationTimer
292 } TIMER_TYPE;
293 
294 //
295 // Wait Types
296 //
297 typedef enum _WAIT_TYPE
298 {
299  WaitAll,
300  WaitAny
301 } WAIT_TYPE;
302 
303 //
304 // Processor Execution Modes
305 //
306 typedef enum _MODE
307 {
308  KernelMode,
309  UserMode,
310  MaximumMode
311 } MODE;
312 
313 //
314 // Wait Reasons
315 //
316 typedef enum _KWAIT_REASON
317 {
318  Executive,
319  FreePage,
320  PageIn,
321  PoolAllocation,
322  DelayExecution,
323  Suspended,
324  UserRequest,
325  WrExecutive,
326  WrFreePage,
327  WrPageIn,
328  WrPoolAllocation,
329  WrDelayExecution,
330  WrSuspended,
331  WrUserRequest,
332  WrEventPair,
333  WrQueue,
334  WrLpcReceive,
335  WrLpcReply,
336  WrVirtualMemory,
337  WrPageOut,
338  WrRendezvous,
339  Spare2,
340  WrGuardedMutex,
341  Spare4,
342  Spare5,
343  Spare6,
344  WrKernel,
345  WrResource,
346  WrPushLock,
347  WrMutex,
348  WrQuantumEnd,
349  WrDispatchInt,
350  WrPreempted,
351  WrYieldExecution,
352  MaximumWaitReason
353 } KWAIT_REASON;
354 
355 //
356 // Profiling Sources
357 //
358 typedef enum _KPROFILE_SOURCE
359 {
360  ProfileTime,
361  ProfileAlignmentFixup,
362  ProfileTotalIssues,
363  ProfilePipelineDry,
364  ProfileLoadInstructions,
365  ProfilePipelineFrozen,
366  ProfileBranchInstructions,
367  ProfileTotalNonissues,
368  ProfileDcacheMisses,
369  ProfileIcacheMisses,
370  ProfileCacheMisses,
371  ProfileBranchMispredictions,
372  ProfileStoreInstructions,
373  ProfileFpInstructions,
374  ProfileIntegerInstructions,
375  Profile2Issue,
376  Profile3Issue,
377  Profile4Issue,
378  ProfileSpecialInstructions,
379  ProfileTotalCycles,
380  ProfileIcacheIssues,
381  ProfileDcacheAccesses,
382  ProfileMemoryBarrierCycles,
383  ProfileLoadLinkedIssues,
384  ProfileMaximum
385 } KPROFILE_SOURCE;
386 
387 //
388 // NT Product and Architecture Types
389 //
390 typedef enum _NT_PRODUCT_TYPE
391 {
392  NtProductWinNt = 1,
393  NtProductLanManNt,
394  NtProductServer
395 } NT_PRODUCT_TYPE, *PNT_PRODUCT_TYPE;
396 
397 typedef enum _ALTERNATIVE_ARCHITECTURE_TYPE
398 {
399  StandardDesign,
400  NEC98x86,
401  EndAlternatives
402 } ALTERNATIVE_ARCHITECTURE_TYPE;
403 
404 //
405 // Flags for NXSupportPolicy
406 //
407 #if (NTDDI_VERSION >= NTDDI_WINXPSP2)
408 #define NX_SUPPORT_POLICY_ALWAYSOFF 0
409 #define NX_SUPPORT_POLICY_ALWAYSON 1
410 #define NX_SUPPORT_POLICY_OPTIN 2
411 #define NX_SUPPORT_POLICY_OPTOUT 3
412 #endif
413 
414 #endif // NTOS_MODE_USER
415 
416 //
417 // Thread States
418 //
419 typedef enum _KTHREAD_STATE
420 {
421  Initialized,
422  Ready,
423  Running,
424  Standby,
425  Terminated,
426  Waiting,
427  Transition,
428  DeferredReady,
429 #if (NTDDI_VERSION >= NTDDI_WS03)
430  GateWait
431 #endif
432 } KTHREAD_STATE, *PKTHREAD_STATE;
433 
434 //
435 // Kernel Object Types
436 //
437 typedef enum _KOBJECTS
438 {
439  EventNotificationObject = 0,
440  EventSynchronizationObject = 1,
441  MutantObject = 2,
442  ProcessObject = 3,
443  QueueObject = 4,
444  SemaphoreObject = 5,
445  ThreadObject = 6,
446  GateObject = 7,
447  TimerNotificationObject = 8,
448  TimerSynchronizationObject = 9,
449  Spare2Object = 10,
450  Spare3Object = 11,
451  Spare4Object = 12,
452  Spare5Object = 13,
453  Spare6Object = 14,
454  Spare7Object = 15,
455  Spare8Object = 16,
456  Spare9Object = 17,
457  ApcObject = 18,
458  DpcObject = 19,
459  DeviceQueueObject = 20,
460  EventPairObject = 21,
461  InterruptObject = 22,
462  ProfileObject = 23,
463  ThreadedDpcObject = 24,
464  MaximumKernelObject = 25
465 } KOBJECTS;
466 
467 //
468 // Adjust reasons
469 //
470 typedef enum _ADJUST_REASON
471 {
472  AdjustNone = 0,
473  AdjustUnwait = 1,
474  AdjustBoost = 2
475 } ADJUST_REASON;
476 
477 //
478 // Continue Status
479 //
480 typedef enum _KCONTINUE_STATUS
481 {
482  ContinueError = 0,
483  ContinueSuccess,
484  ContinueProcessorReselected,
485  ContinueNextProcessor
486 } KCONTINUE_STATUS;
487 
488 //
489 // Process States
490 //
491 typedef enum _KPROCESS_STATE
492 {
493  ProcessInMemory,
494  ProcessOutOfMemory,
495  ProcessInTransition,
496  ProcessInSwap,
497  ProcessOutSwap,
498 } KPROCESS_STATE, *PKPROCESS_STATE;
499 
500 //
501 // NtVdmControl Classes
502 //
503 typedef enum _VDMSERVICECLASS
504 {
505  VdmStartExecution = 0,
506  VdmQueueInterrupt = 1,
507  VdmDelayInterrupt = 2,
508  VdmInitialize = 3,
509  VdmFeatures = 4,
510  VdmSetInt21Handler = 5,
511  VdmQueryDir = 6,
512  VdmPrinterDirectIoOpen = 7,
513  VdmPrinterDirectIoClose = 8,
514  VdmPrinterInitialize = 9,
515  VdmSetLdtEntries = 10,
516  VdmSetProcessLdtInfo = 11,
517  VdmAdlibEmulation = 12,
518  VdmPMCliControl = 13,
519  VdmQueryVdmProcess = 14,
520 } VDMSERVICECLASS;
521 
522 #ifdef NTOS_MODE_USER
523 
524 //
525 // APC Normal Routine
526 //
527 typedef VOID
528 (NTAPI *PKNORMAL_ROUTINE)(
529  _In_ PVOID NormalContext,
530  _In_ PVOID SystemArgument1,
531  _In_ PVOID SystemArgument2
532 );
533 
534 //
535 // Timer Routine
536 //
537 typedef VOID
538 (NTAPI *PTIMER_APC_ROUTINE)(
539  _In_ PVOID TimerContext,
540  _In_ ULONG TimerLowValue,
541  _In_ LONG TimerHighValue
542 );
543 
544 //
545 // System Time Structure
546 //
547 typedef struct _KSYSTEM_TIME
548 {
549  ULONG LowPart;
550  LONG High1Time;
551  LONG High2Time;
552 } KSYSTEM_TIME, *PKSYSTEM_TIME;
553 
554 //
555 // Shared Kernel User Data
556 //
557 typedef struct _KUSER_SHARED_DATA
558 {
559  ULONG TickCountLowDeprecated;
560  ULONG TickCountMultiplier;
561  volatile KSYSTEM_TIME InterruptTime;
562  volatile KSYSTEM_TIME SystemTime;
563  volatile KSYSTEM_TIME TimeZoneBias;
564  USHORT ImageNumberLow;
565  USHORT ImageNumberHigh;
566  WCHAR NtSystemRoot[260];
567  ULONG MaxStackTraceDepth;
568  ULONG CryptoExponent;
569  ULONG TimeZoneId;
570  ULONG LargePageMinimum;
571  ULONG Reserved2[7];
572  NT_PRODUCT_TYPE NtProductType;
573  BOOLEAN ProductTypeIsValid;
574  ULONG NtMajorVersion;
575  ULONG NtMinorVersion;
576  BOOLEAN ProcessorFeatures[PROCESSOR_FEATURE_MAX];
577  ULONG Reserved1;
578  ULONG Reserved3;
579  volatile ULONG TimeSlip;
580  ALTERNATIVE_ARCHITECTURE_TYPE AlternativeArchitecture;
581  LARGE_INTEGER SystemExpirationDate;
582  ULONG SuiteMask;
583  BOOLEAN KdDebuggerEnabled;
584 #if (NTDDI_VERSION >= NTDDI_WINXPSP2)
585  UCHAR NXSupportPolicy;
586 #endif
587  volatile ULONG ActiveConsoleId;
588  volatile ULONG DismountCount;
589  ULONG ComPlusPackage;
590  ULONG LastSystemRITEventTickCount;
591  ULONG NumberOfPhysicalPages;
592  BOOLEAN SafeBootMode;
593  ULONG TraceLogging;
594  ULONG Fill0;
595  ULONGLONG TestRetInstruction;
596  ULONG SystemCall;
597  ULONG SystemCallReturn;
598  ULONGLONG SystemCallPad[3];
599  union {
600  volatile KSYSTEM_TIME TickCount;
601  volatile ULONG64 TickCountQuad;
602  };
603  ULONG Cookie;
604 #if (NTDDI_VERSION >= NTDDI_WS03)
605  LONGLONG ConsoleSessionForegroundProcessId;
606  ULONG Wow64SharedInformation[MAX_WOW64_SHARED_ENTRIES];
607 #endif
608 #if (NTDDI_VERSION >= NTDDI_LONGHORN)
609  USHORT UserModeGlobalLogger[8];
610  ULONG HeapTracingPid[2];
611  ULONG CritSecTracingPid[2];
612  union
613  {
614  ULONG SharedDataFlags;
615  struct
616  {
617  ULONG DbgErrorPortPresent:1;
618  ULONG DbgElevationEnabled:1;
619  ULONG DbgVirtEnabled:1;
620  ULONG DbgInstallerDetectEnabled:1;
621  ULONG SpareBits:28;
622  };
623  };
624  ULONG ImageFileExecutionOptions;
625  KAFFINITY ActiveProcessorAffinity;
626 #endif
627 } KUSER_SHARED_DATA, *PKUSER_SHARED_DATA;
628 
629 //
630 // VDM Structures
631 //
632 #include "pshpack1.h"
633 typedef struct _VdmVirtualIca
634 {
635  LONG ica_count[8];
636  LONG ica_int_line;
637  LONG ica_cpu_int;
638  USHORT ica_base;
639  USHORT ica_hipiri;
640  USHORT ica_mode;
641  UCHAR ica_master;
642  UCHAR ica_irr;
643  UCHAR ica_isr;
644  UCHAR ica_imr;
645  UCHAR ica_ssr;
646 } VDMVIRTUALICA, *PVDMVIRTUALICA;
647 #include "poppack.h"
648 
649 typedef struct _VdmIcaUserData
650 {
651  PVOID pIcaLock;
652  PVDMVIRTUALICA pIcaMaster;
653  PVDMVIRTUALICA pIcaSlave;
654  PULONG pDelayIrq;
655  PULONG pUndelayIrq;
656  PULONG pDelayIret;
657  PULONG pIretHooked;
658  PULONG pAddrIretBopTable;
659  PHANDLE phWowIdleEvent;
660  PLARGE_INTEGER pIcaTimeout;
661  PHANDLE phMainThreadSuspended;
662 } VDMICAUSERDATA, *PVDMICAUSERDATA;
663 
664 typedef struct _VDM_INITIALIZE_DATA
665 {
666  PVOID TrapcHandler;
667  PVDMICAUSERDATA IcaUserData;
668 } VDM_INITIALIZE_DATA, *PVDM_INITIALIZE_DATA;
669 
670 #else
671 
672 //
673 // System Thread Start Routine
674 //
675 typedef
676 VOID
677 (NTAPI *PKSYSTEM_ROUTINE)(
678  PKSTART_ROUTINE StartRoutine,
679  PVOID StartContext
680 );
681 
682 #ifndef _NTSYSTEM_
683 typedef VOID
684 (NTAPI *PKNORMAL_ROUTINE)(
685  IN PVOID NormalContext OPTIONAL,
686  IN PVOID SystemArgument1 OPTIONAL,
687  IN PVOID SystemArgument2 OPTIONAL);
688 
689 typedef VOID
690 (NTAPI *PKRUNDOWN_ROUTINE)(
691  IN struct _KAPC *Apc);
692 
693 typedef VOID
694 (NTAPI *PKKERNEL_ROUTINE)(
695  IN struct _KAPC *Apc,
696  IN OUT PKNORMAL_ROUTINE *NormalRoutine OPTIONAL,
697  IN OUT PVOID *NormalContext OPTIONAL,
698  IN OUT PVOID *SystemArgument1 OPTIONAL,
699  IN OUT PVOID *SystemArgument2 OPTIONAL);
700 #endif
701 
702 //
703 // APC Environment Types
704 //
705 typedef enum _KAPC_ENVIRONMENT
706 {
707  OriginalApcEnvironment,
708  AttachedApcEnvironment,
709  CurrentApcEnvironment,
710  InsertApcEnvironment
711 } KAPC_ENVIRONMENT;
712 
713 typedef struct _KTIMER_TABLE_ENTRY
714 {
715 #if (NTDDI_VERSION >= NTDDI_LONGHORN) || defined(_M_ARM) || defined(_M_AMD64)
716  KSPIN_LOCK Lock;
717 #endif
718  LIST_ENTRY Entry;
719  ULARGE_INTEGER Time;
720 } KTIMER_TABLE_ENTRY, *PKTIMER_TABLE_ENTRY;
721 
722 typedef struct _KTIMER_TABLE
723 {
724  PKTIMER TimerExpiry[64];
725  KTIMER_TABLE_ENTRY TimerEntries[256];
726 } KTIMER_TABLE, *PKTIMER_TABLE;
727 
728 typedef struct _KDPC_LIST
729 {
730  SINGLE_LIST_ENTRY ListHead;
731  SINGLE_LIST_ENTRY* LastEntry;
732 } KDPC_LIST, *PKDPC_LIST;
733 
734 typedef struct _SYNCH_COUNTERS
735 {
736  ULONG SpinLockAcquireCount;
737  ULONG SpinLockContentionCount;
738  ULONG SpinLockSpinCount;
739  ULONG IpiSendRequestBroadcastCount;
740  ULONG IpiSendRequestRoutineCount;
741  ULONG IpiSendSoftwareInterruptCount;
742  ULONG ExInitializeResourceCount;
743  ULONG ExReInitializeResourceCount;
744  ULONG ExDeleteResourceCount;
745  ULONG ExecutiveResourceAcquiresCount;
746  ULONG ExecutiveResourceContentionsCount;
747  ULONG ExecutiveResourceReleaseExclusiveCount;
748  ULONG ExecutiveResourceReleaseSharedCount;
749  ULONG ExecutiveResourceConvertsCount;
750  ULONG ExAcqResExclusiveAttempts;
751  ULONG ExAcqResExclusiveAcquiresExclusive;
752  ULONG ExAcqResExclusiveAcquiresExclusiveRecursive;
753  ULONG ExAcqResExclusiveWaits;
754  ULONG ExAcqResExclusiveNotAcquires;
755  ULONG ExAcqResSharedAttempts;
756  ULONG ExAcqResSharedAcquiresExclusive;
757  ULONG ExAcqResSharedAcquiresShared;
758  ULONG ExAcqResSharedAcquiresSharedRecursive;
759  ULONG ExAcqResSharedWaits;
760  ULONG ExAcqResSharedNotAcquires;
761  ULONG ExAcqResSharedStarveExclusiveAttempts;
762  ULONG ExAcqResSharedStarveExclusiveAcquiresExclusive;
763  ULONG ExAcqResSharedStarveExclusiveAcquiresShared;
764  ULONG ExAcqResSharedStarveExclusiveAcquiresSharedRecursive;
765  ULONG ExAcqResSharedStarveExclusiveWaits;
766  ULONG ExAcqResSharedStarveExclusiveNotAcquires;
767  ULONG ExAcqResSharedWaitForExclusiveAttempts;
768  ULONG ExAcqResSharedWaitForExclusiveAcquiresExclusive;
769  ULONG ExAcqResSharedWaitForExclusiveAcquiresShared;
770  ULONG ExAcqResSharedWaitForExclusiveAcquiresSharedRecursive;
771  ULONG ExAcqResSharedWaitForExclusiveWaits;
772  ULONG ExAcqResSharedWaitForExclusiveNotAcquires;
773  ULONG ExSetResOwnerPointerExclusive;
774  ULONG ExSetResOwnerPointerSharedNew;
775  ULONG ExSetResOwnerPointerSharedOld;
776  ULONG ExTryToAcqExclusiveAttempts;
777  ULONG ExTryToAcqExclusiveAcquires;
778  ULONG ExBoostExclusiveOwner;
779  ULONG ExBoostSharedOwners;
780  ULONG ExEtwSynchTrackingNotificationsCount;
781  ULONG ExEtwSynchTrackingNotificationsAccountedCount;
782 } SYNCH_COUNTERS, *PSYNCH_COUNTERS;
783 
784 //
785 // PRCB DPC Data
786 //
787 typedef struct _KDPC_DATA
788 {
789 #if (NTDDI_VERSION >= NTDDI_LONGHORN)
790  KDPC_LIST DpcList;
791 #else
792  LIST_ENTRY DpcListHead;
793 #endif
794  ULONG_PTR DpcLock;
795 #if defined(_M_AMD64) || defined(_M_ARM)
796  volatile LONG DpcQueueDepth;
797 #else
798  volatile ULONG DpcQueueDepth;
799 #endif
800  ULONG DpcCount;
801 #if (NTDDI_VERSION >= NTDDI_LONGHORN) || defined(_M_ARM)
802  PKDPC ActiveDpc;
803 #endif
804 } KDPC_DATA, *PKDPC_DATA;
805 
806 //
807 // Per-Processor Lookaside List
808 //
809 typedef struct _PP_LOOKASIDE_LIST
810 {
811  struct _GENERAL_LOOKASIDE *P;
812  struct _GENERAL_LOOKASIDE *L;
813 } PP_LOOKASIDE_LIST, *PPP_LOOKASIDE_LIST;
814 
815 //
816 // Architectural Types
817 //
818 #include <arch/ketypes.h>
819 
820 //
821 // Kernel Memory Node
822 //
823 #include <pshpack1.h>
824 typedef struct _KNODE
825 {
826  SLIST_HEADER DeadStackList;
827  SLIST_HEADER PfnDereferenceSListHead;
828  KAFFINITY ProcessorMask;
829  UCHAR Color;
830  UCHAR Seed;
831  UCHAR NodeNumber;
832  struct _flags {
833  UCHAR Removable : 1;
834  UCHAR Fill : 7;
835  } Flags;
836  ULONG MmShiftedColor;
837  ULONG FreeCount[2];
838  struct _SINGLE_LIST_ENTRY *PfnDeferredList;
839 } KNODE, *PKNODE;
840 #include <poppack.h>
841 
842 //
843 // Structure for Get/SetContext APC
844 //
845 typedef struct _GETSETCONTEXT
846 {
847  KAPC Apc;
848  KEVENT Event;
849  KPROCESSOR_MODE Mode;
850  CONTEXT Context;
851 } GETSETCONTEXT, *PGETSETCONTEXT;
852 
853 //
854 // Kernel Profile Object
855 //
856 typedef struct _KPROFILE
857 {
858  CSHORT Type;
859  CSHORT Size;
860  LIST_ENTRY ProfileListEntry;
861  struct _KPROCESS *Process;
862  PVOID RangeBase;
863  PVOID RangeLimit;
864  ULONG BucketShift;
865  PVOID Buffer;
866  ULONG_PTR Segment;
867  KAFFINITY Affinity;
868  KPROFILE_SOURCE Source;
869  BOOLEAN Started;
870 } KPROFILE, *PKPROFILE;
871 
872 //
873 // Kernel Interrupt Object
874 //
875 typedef struct _KINTERRUPT
876 {
877  CSHORT Type;
878  CSHORT Size;
879  LIST_ENTRY InterruptListEntry;
880  PKSERVICE_ROUTINE ServiceRoutine;
881 #if (NTDDI_VERSION >= NTDDI_LONGHORN)
882  PKSERVICE_ROUTINE MessageServiceRoutine;
883  ULONG MessageIndex;
884 #endif
885  PVOID ServiceContext;
886  KSPIN_LOCK SpinLock;
887  ULONG TickCount;
888  PKSPIN_LOCK ActualLock;
889  PKINTERRUPT_ROUTINE DispatchAddress;
890  ULONG Vector;
891  KIRQL Irql;
892  KIRQL SynchronizeIrql;
893  BOOLEAN FloatingSave;
894  BOOLEAN Connected;
895  CCHAR Number;
896  BOOLEAN ShareVector;
897  KINTERRUPT_MODE Mode;
898 #if (NTDDI_VERSION >= NTDDI_LONGHORN)
899  KINTERRUPT_POLARITY Polarity;
900 #endif
901  ULONG ServiceCount;
902  ULONG DispatchCount;
903 #if (NTDDI_VERSION >= NTDDI_LONGHORN)
904  ULONGLONG Rsvd1;
905 #endif
906 #ifdef _M_AMD64
907  PKTRAP_FRAME TrapFrame;
908  PVOID Reserved;
909 #endif
910  ULONG DispatchCode[DISPATCH_LENGTH];
911 } KINTERRUPT;
912 
913 //
914 // Kernel Event Pair Object
915 //
916 typedef struct _KEVENT_PAIR
917 {
918  CSHORT Type;
919  CSHORT Size;
920  KEVENT LowEvent;
921  KEVENT HighEvent;
922 } KEVENT_PAIR, *PKEVENT_PAIR;
923 
924 //
925 // Kernel No Execute Options
926 //
927 typedef struct _KEXECUTE_OPTIONS
928 {
929  UCHAR ExecuteDisable:1;
930  UCHAR ExecuteEnable:1;
931  UCHAR DisableThunkEmulation:1;
932  UCHAR Permanent:1;
933  UCHAR ExecuteDispatchEnable:1;
934  UCHAR ImageDispatchEnable:1;
935  UCHAR Spare:2;
936 } KEXECUTE_OPTIONS, *PKEXECUTE_OPTIONS;
937 
938 #if (NTDDI_VERSION >= NTDDI_WIN7)
939 typedef union _KWAIT_STATUS_REGISTER
940 {
941  UCHAR Flags;
942  struct
943  {
944  UCHAR State:2;
945  UCHAR Affinity:1;
946  UCHAR Priority:1;
947  UCHAR Apc:1;
948  UCHAR UserApc:1;
949  UCHAR Alert:1;
950  UCHAR Unused:1;
951  };
952 } KWAIT_STATUS_REGISTER, *PKWAIT_STATUS_REGISTER;
953 
954 typedef struct _COUNTER_READING
955 {
956  enum _HARDWARE_COUNTER_TYPE Type;
957  ULONG Index;
958  ULONG64 Start;
959  ULONG64 Total;
960 }COUNTER_READING, *PCOUNTER_READING;
961 
962 typedef struct _KTHREAD_COUNTERS
963 {
964  ULONG64 WaitReasonBitMap;
965  struct _THREAD_PERFORMANCE_DATA* UserData;
966  ULONG Flags;
967  ULONG ContextSwitches;
968  ULONG64 CycleTimeBias;
969  ULONG64 HardwareCounters;
970  COUNTER_READING HwCounter[16];
971 }KTHREAD_COUNTERS, *PKTHREAD_COUNTERS;
972 #endif
973 
975 #if (NTDDI_VERSION >= NTDDI_WIN8)
976 typedef struct _RTL_RB_TREE
977 {
978  PRTL_BALANCED_NODE Root;
979  PRTL_BALANCED_NODE Min;
980 } RTL_RB_TREE, *PRTL_RB_TREE;
981 #endif
982 
983 #if (NTDDI_VERSION >= NTDDI_WINBLUE)
984 typedef struct _KLOCK_ENTRY_LOCK_STATE
985 {
986  union
987  {
988  struct
989  {
990 #if (NTDDI_VERSION >= NTDDI_WIN10) // since 6.4.9841.0
991  ULONG_PTR CrossThreadReleasable : 1;
992 #else
993  ULONG_PTR Waiting : 1;
994 #endif
995  ULONG_PTR Busy : 1;
996  ULONG_PTR Reserved : (8 * sizeof(PVOID)) - 3; // previously Spare
997  ULONG_PTR InTree : 1;
998  };
999  PVOID LockState;
1000  };
1001  union
1002  {
1003  PVOID SessionState;
1004  struct
1005  {
1006  ULONG SessionId;
1007 #ifdef _WIN64
1008  ULONG SessionPad;
1009 #endif
1010  };
1011  };
1012 } KLOCK_ENTRY_LOCK_STATE, *PKLOCK_ENTRY_LOCK_STATE;
1013 
1014 typedef struct _KLOCK_ENTRY
1015 {
1016  union
1017  {
1018  RTL_BALANCED_NODE TreeNode;
1019  SINGLE_LIST_ENTRY FreeListEntry;
1020  };
1021 #if (NTDDI_VERSION >= NTDDI_WIN10)
1022  union
1023  {
1024  ULONG EntryFlags;
1025  struct
1026  {
1027  UCHAR EntryOffset;
1028  union
1029  {
1030  UCHAR ThreadLocalFlags;
1031  struct
1032  {
1033  UCHAR WaitingBit : 1;
1034  UCHAR Spare0 : 7;
1035  };
1036  };
1037  union
1038  {
1039  UCHAR AcquiredByte;
1040  UCHAR AcquiredBit : 1;
1041  };
1042  union
1043  {
1044  UCHAR CrossThreadFlags;
1045  struct
1046  {
1047  UCHAR HeadNodeBit : 1;
1048  UCHAR IoPriorityBit : 1;
1049  UCHAR IoQoSWaiter : 1; // since TH2
1050  UCHAR Spare1 : 5;
1051  };
1052  };
1053  };
1054  struct
1055  {
1056  ULONG StaticState : 8;
1057  ULONG AllFlags : 24;
1058  };
1059  };
1060 #ifdef _WIN64
1061  ULONG SpareFlags;
1062 #endif
1063 #else
1064  union
1065  {
1066  PVOID ThreadUnsafe;
1067  struct
1068  {
1069  volatile UCHAR HeadNodeByte;
1070  UCHAR Reserved1[2];
1071  volatile UCHAR AcquiredByte;
1072  };
1073  };
1074 #endif
1075 
1076  union
1077  {
1078  KLOCK_ENTRY_LOCK_STATE LockState;
1079  PVOID LockUnsafe;
1080  struct
1081  {
1082 #if (NTDDI_VERSION >= NTDDI_WIN10)
1083  volatile UCHAR CrossThreadReleasableAndBusyByte;
1084 #else
1085  volatile UCHAR WaitingAndBusyByte;
1086 #endif
1087  UCHAR Reserved[sizeof(PVOID) - 2];
1088  UCHAR InTreeByte;
1089  union
1090  {
1091  PVOID SessionState;
1092  struct
1093  {
1094  ULONG SessionId;
1095 #ifdef _WIN64
1096  ULONG SessionPad;
1097 #endif
1098  };
1099  };
1100  };
1101  };
1102  union
1103  {
1104  struct
1105  {
1106  RTL_RB_TREE OwnerTree;
1107  RTL_RB_TREE WaiterTree;
1108  };
1109  CHAR CpuPriorityKey;
1110  };
1111  ULONG_PTR EntryLock;
1112  union
1113  {
1114 #if _WIN64
1115  ULONG AllBoosts : 17;
1116 #else
1117  USHORT AllBoosts;
1118 #endif
1119  struct
1120  {
1121  struct
1122  {
1123  USHORT CpuBoostsBitmap : 15;
1124  USHORT IoBoost : 1;
1125  };
1126  struct
1127  {
1128  USHORT IoQoSBoost : 1;
1129  USHORT IoNormalPriorityWaiterCount : 8;
1130  USHORT IoQoSWaiterCount : 7;
1131  };
1132  };
1133  };
1134 #if _WIN64
1135  ULONG SparePad;
1136 #endif
1137 } KLOCK_ENTRY, *PKLOCK_ENTRY;
1138 
1139 #endif
1140 
1141 //
1142 // Kernel Thread (KTHREAD)
1143 //
1144 #if (NTDDI_VERSION < NTDDI_WIN8)
1145 
1146 typedef struct _KTHREAD
1147 {
1148  DISPATCHER_HEADER Header;
1149 #if (NTDDI_VERSION >= NTDDI_LONGHORN) // [
1150  ULONGLONG CycleTime;
1151 #ifndef _WIN64 // [
1152  ULONG HighCycleTime;
1153 #endif // ]
1154  ULONGLONG QuantumTarget;
1155 #else // ][
1156  LIST_ENTRY MutantListHead;
1157 #endif // ]
1158  PVOID InitialStack;
1159  ULONG_PTR StackLimit; // FIXME: PVOID
1160  PVOID KernelStack;
1161  KSPIN_LOCK ThreadLock;
1162 #if (NTDDI_VERSION >= NTDDI_WIN7) // [
1163  KWAIT_STATUS_REGISTER WaitRegister;
1164  BOOLEAN Running;
1165  BOOLEAN Alerted[2];
1166  union
1167  {
1168  struct
1169  {
1170  ULONG KernelStackResident:1;
1171  ULONG ReadyTransition:1;
1172  ULONG ProcessReadyQueue:1;
1173  ULONG WaitNext:1;
1174  ULONG SystemAffinityActive:1;
1175  ULONG Alertable:1;
1176  ULONG GdiFlushActive:1;
1177  ULONG UserStackWalkActive:1;
1178  ULONG ApcInterruptRequest:1;
1179  ULONG ForceDeferSchedule:1;
1180  ULONG QuantumEndMigrate:1;
1181  ULONG UmsDirectedSwitchEnable:1;
1182  ULONG TimerActive:1;
1183  ULONG Reserved:19;
1184  };
1185  LONG MiscFlags;
1186  };
1187 #endif // ]
1188  union
1189  {
1190  KAPC_STATE ApcState;
1191  struct
1192  {
1193  UCHAR ApcStateFill[FIELD_OFFSET(KAPC_STATE, UserApcPending) + 1];
1194 #if (NTDDI_VERSION >= NTDDI_LONGHORN) // [
1195  SCHAR Priority;
1196 #if (NTDDI_VERSION >= NTDDI_WIN7) // [
1197  /* On x86, the following members "fall out" of the union */
1198  volatile ULONG NextProcessor;
1199  volatile ULONG DeferredProcessor;
1200 #else // ][
1201  /* On x86, the following members "fall out" of the union */
1202  volatile USHORT NextProcessor;
1203  volatile USHORT DeferredProcessor;
1204 #endif // ]
1205 #else // ][
1206  UCHAR ApcQueueable;
1207  /* On x86, the following members "fall out" of the union */
1208  volatile UCHAR NextProcessor;
1209  volatile UCHAR DeferredProcessor;
1210  UCHAR AdjustReason;
1211  SCHAR AdjustIncrement;
1212 #endif // ]
1213  };
1214  };
1215  KSPIN_LOCK ApcQueueLock;
1216 #ifndef _M_AMD64 // [
1217  ULONG ContextSwitches;
1218  volatile UCHAR State;
1219  UCHAR NpxState;
1220  KIRQL WaitIrql;
1221  KPROCESSOR_MODE WaitMode;
1222 #endif // ]
1223  LONG_PTR WaitStatus;
1224 #if (NTDDI_VERSION >= NTDDI_WIN7) // [
1225  PKWAIT_BLOCK WaitBlockList;
1226 #else // ][
1227  union
1228  {
1229  PKWAIT_BLOCK WaitBlockList;
1230  PKGATE GateObject;
1231  };
1232 #if (NTDDI_VERSION >= NTDDI_LONGHORN) // [
1233  union
1234  {
1235  struct
1236  {
1237  ULONG KernelStackResident:1;
1238  ULONG ReadyTransition:1;
1239  ULONG ProcessReadyQueue:1;
1240  ULONG WaitNext:1;
1241  ULONG SystemAffinityActive:1;
1242  ULONG Alertable:1;
1243  ULONG GdiFlushActive:1;
1244  ULONG Reserved:25;
1245  };
1246  LONG MiscFlags;
1247  };
1248 #else // ][
1249  BOOLEAN Alertable;
1250  BOOLEAN WaitNext;
1251 #endif // ]
1252  UCHAR WaitReason;
1253 #if (NTDDI_VERSION < NTDDI_LONGHORN)
1254  SCHAR Priority;
1255  BOOLEAN EnableStackSwap;
1256 #endif // ]
1257  volatile UCHAR SwapBusy;
1258  BOOLEAN Alerted[MaximumMode];
1259 #endif // ]
1260  union
1261  {
1262  LIST_ENTRY WaitListEntry;
1263  SINGLE_LIST_ENTRY SwapListEntry;
1264  };
1265  PKQUEUE Queue;
1266 #ifndef _M_AMD64 // [
1267  ULONG WaitTime;
1268  union
1269  {
1270  struct
1271  {
1272  SHORT KernelApcDisable;
1273  SHORT SpecialApcDisable;
1274  };
1275  ULONG CombinedApcDisable;
1276  };
1277 #endif // ]
1278  struct _TEB *Teb;
1279 
1280 #if (NTDDI_VERSION >= NTDDI_WIN7) // [
1281  KTIMER Timer;
1282 #else // ][
1283  union
1284  {
1285  KTIMER Timer;
1286  struct
1287  {
1288  UCHAR TimerFill[FIELD_OFFSET(KTIMER, Period) + sizeof(LONG)];
1289 #if !defined(_WIN64) // [
1290  };
1291  };
1292 #endif // ]
1293 #endif // ]
1294  union
1295  {
1296  struct
1297  {
1298  ULONG AutoAlignment:1;
1299  ULONG DisableBoost:1;
1300 #if (NTDDI_VERSION >= NTDDI_LONGHORN) // [
1301  ULONG EtwStackTraceApc1Inserted:1;
1302  ULONG EtwStackTraceApc2Inserted:1;
1303  ULONG CycleChargePending:1;
1304  ULONG CalloutActive:1;
1305  ULONG ApcQueueable:1;
1306  ULONG EnableStackSwap:1;
1307  ULONG GuiThread:1;
1308  ULONG ReservedFlags:23;
1309 #else // ][
1310  LONG ReservedFlags:30;
1311 #endif // ]
1312  };
1313  LONG ThreadFlags;
1314  };
1315 #if defined(_WIN64) && (NTDDI_VERSION < NTDDI_WIN7) // [
1316  };
1317  };
1318 #endif // ]
1319 #if (NTDDI_VERSION >= NTDDI_WIN7) // [
1320 #if defined(_WIN64) // [
1321  ULONG Spare0;
1322 #else // ][
1323  PVOID ServiceTable;
1324 #endif // ]
1325 #endif // ]
1326  union
1327  {
1328  DECLSPEC_ALIGN(8) KWAIT_BLOCK WaitBlock[THREAD_WAIT_OBJECTS + 1];
1329 #if (NTDDI_VERSION < NTDDI_WIN7) // [
1330  struct
1331  {
1332  UCHAR WaitBlockFill0[FIELD_OFFSET(KWAIT_BLOCK, SpareByte)]; // 32bit = 23, 64bit = 43
1333 #if (NTDDI_VERSION >= NTDDI_LONGHORN) // [
1334  UCHAR IdealProcessor;
1335 #else // ][
1336  BOOLEAN SystemAffinityActive;
1337 #endif // ]
1338  };
1339  struct
1340  {
1341  UCHAR WaitBlockFill1[1 * sizeof(KWAIT_BLOCK) + FIELD_OFFSET(KWAIT_BLOCK, SpareByte)]; // 47 / 91
1342  CCHAR PreviousMode;
1343  };
1344  struct
1345  {
1346  UCHAR WaitBlockFill2[2 * sizeof(KWAIT_BLOCK) + FIELD_OFFSET(KWAIT_BLOCK, SpareByte)]; // 71 / 139
1347  UCHAR ResourceIndex;
1348  };
1349  struct
1350  {
1351  UCHAR WaitBlockFill3[3 * sizeof(KWAIT_BLOCK) + FIELD_OFFSET(KWAIT_BLOCK, SpareByte)]; // 95 / 187
1352  UCHAR LargeStack;
1353  };
1354 #endif // ]
1355 #ifdef _WIN64 // [
1356  struct
1357  {
1358  UCHAR WaitBlockFill4[FIELD_OFFSET(KWAIT_BLOCK, SpareLong)];
1359  ULONG ContextSwitches;
1360  };
1361  struct
1362  {
1363  UCHAR WaitBlockFill5[1 * sizeof(KWAIT_BLOCK) + FIELD_OFFSET(KWAIT_BLOCK, SpareLong)];
1364  UCHAR State;
1365  UCHAR NpxState;
1366  UCHAR WaitIrql;
1367  CHAR WaitMode;
1368  };
1369  struct
1370  {
1371  UCHAR WaitBlockFill6[2 * sizeof(KWAIT_BLOCK) + FIELD_OFFSET(KWAIT_BLOCK, SpareLong)];
1372  ULONG WaitTime;
1373  };
1374 #if (NTDDI_VERSION >= NTDDI_WIN7) // [
1375  struct
1376  {
1377  UCHAR WaitBlockFill7[168];
1378  PVOID TebMappedLowVa;
1379  struct _UMS_CONTROL_BLOCK* Ucb;
1380  };
1381 #endif // ]
1382  struct
1383  {
1384 #if (NTDDI_VERSION >= NTDDI_WIN7) // [
1385  UCHAR WaitBlockFill8[188];
1386 #else // ][
1387  UCHAR WaitBlockFill7[3 * sizeof(KWAIT_BLOCK) + FIELD_OFFSET(KWAIT_BLOCK, SpareLong)];
1388 #endif // ]
1389  union
1390  {
1391  struct
1392  {
1393  SHORT KernelApcDisable;
1394  SHORT SpecialApcDisable;
1395  };
1396  ULONG CombinedApcDisable;
1397  };
1398  };
1399 #endif // ]
1400  };
1401  LIST_ENTRY QueueListEntry;
1402  PKTRAP_FRAME TrapFrame;
1403 #if (NTDDI_VERSION >= NTDDI_LONGHORN) // [
1404  PVOID FirstArgument;
1405  union
1406  {
1407  PVOID CallbackStack;
1408  ULONG_PTR CallbackDepth;
1409  };
1410 #else // ][
1411  PVOID CallbackStack;
1412 #endif // ]
1413 #if (NTDDI_VERSION < NTDDI_LONGHORN) || ((NTDDI_VERSION < NTDDI_WIN7) && !defined(_WIN64)) // [
1414  PVOID ServiceTable;
1415 #endif // ]
1416 #if (NTDDI_VERSION < NTDDI_LONGHORN) && defined(_WIN64) // [
1417  ULONG KernelLimit;
1418 #endif // ]
1419  UCHAR ApcStateIndex;
1420 #if (NTDDI_VERSION < NTDDI_LONGHORN) // [
1421  UCHAR IdealProcessor;
1422  BOOLEAN Preempted;
1423  BOOLEAN ProcessReadyQueue;
1424 #ifdef _WIN64 // [
1425  PVOID Win32kTable;
1426  ULONG Win32kLimit;
1427 #endif // ]
1428  BOOLEAN KernelStackResident;
1429 #endif // ]
1430  SCHAR BasePriority;
1431  SCHAR PriorityDecrement;
1432 #if (NTDDI_VERSION >= NTDDI_LONGHORN) // [
1433  BOOLEAN Preempted;
1434  UCHAR AdjustReason;
1435  CHAR AdjustIncrement;
1436 #if (NTDDI_VERSION >= NTDDI_WIN7)
1437  UCHAR PreviousMode;
1438 #else
1439  UCHAR Spare01;
1440 #endif
1441 #endif // ]
1442  CHAR Saturation;
1443 #if (NTDDI_VERSION >= NTDDI_LONGHORN) // [
1444  ULONG SystemCallNumber;
1445 #if (NTDDI_VERSION >= NTDDI_WIN7) // [
1446  ULONG FreezeCount;
1447 #else // ][
1448  ULONG Spare02;
1449 #endif // ]
1450 #endif // ]
1451 #if (NTDDI_VERSION >= NTDDI_WIN7) // [
1452  GROUP_AFFINITY UserAffinity;
1453  struct _KPROCESS *Process;
1454  GROUP_AFFINITY Affinity;
1455  ULONG IdealProcessor;
1456  ULONG UserIdealProcessor;
1457 #else // ][
1458  KAFFINITY UserAffinity;
1459  struct _KPROCESS *Process;
1460  KAFFINITY Affinity;
1461 #endif // ]
1462  PKAPC_STATE ApcStatePointer[2];
1463  union
1464  {
1465  KAPC_STATE SavedApcState;
1466  struct
1467  {
1468  UCHAR SavedApcStateFill[FIELD_OFFSET(KAPC_STATE, UserApcPending) + 1];
1469 #if (NTDDI_VERSION >= NTDDI_WIN7) // [
1470  UCHAR WaitReason;
1471 #else // ][
1472  CCHAR FreezeCount;
1473 #endif // ]
1474 #ifndef _WIN64 // [
1475  };
1476  };
1477 #endif // ]
1478  CCHAR SuspendCount;
1479 #if (NTDDI_VERSION >= NTDDI_WIN7) // [
1480  CCHAR Spare1;
1481 #else // ][
1482  UCHAR UserIdealProcessor;
1483 #endif // ]
1484 #if (NTDDI_VERSION >= NTDDI_WIN7) // [
1485 #elif (NTDDI_VERSION >= NTDDI_LONGHORN) // ][
1486  UCHAR Spare03;
1487 #else // ][
1488  UCHAR CalloutActive;
1489 #endif // ]
1490 #ifdef _WIN64 // [
1491  UCHAR CodePatchInProgress;
1492  };
1493  };
1494 #endif // ]
1495 #if defined(_M_IX86) // [
1496 #if (NTDDI_VERSION >= NTDDI_LONGHORN) // [
1497  UCHAR OtherPlatformFill;
1498 #else // ][
1499  UCHAR Iopl;
1500 #endif // ]
1501 #endif // ]
1502  PVOID Win32Thread;
1503  PVOID StackBase;
1504  union
1505  {
1506  KAPC SuspendApc;
1507  struct
1508  {
1509  UCHAR SuspendApcFill0[1];
1510 #if (NTDDI_VERSION >= NTDDI_WIN7) // [
1511  UCHAR ResourceIndex;
1512 #elif (NTDDI_VERSION >= NTDDI_LONGHORN) // ][
1513  CHAR Spare04;
1514 #else // ][
1515  SCHAR Quantum;
1516 #endif // ]
1517  };
1518  struct
1519  {
1520  UCHAR SuspendApcFill1[3];
1521  UCHAR QuantumReset;
1522  };
1523  struct
1524  {
1525  UCHAR SuspendApcFill2[4];
1526  ULONG KernelTime;
1527  };
1528  struct
1529  {
1530  UCHAR SuspendApcFill3[FIELD_OFFSET(KAPC, SystemArgument1)];
1531 #if (NTDDI_VERSION >= NTDDI_LONGHORN)
1532  PKPRCB WaitPrcb;
1533 #else
1534  PVOID TlsArray;
1535 #endif
1536  };
1537  struct
1538  {
1539  UCHAR SuspendApcFill4[FIELD_OFFSET(KAPC, SystemArgument2)]; // 40 / 72
1540  PVOID LegoData;
1541  };
1542  struct
1543  {
1544  UCHAR SuspendApcFill5[FIELD_OFFSET(KAPC, Inserted) + 1]; // 47 / 83
1545 #if (NTDDI_VERSION >= NTDDI_WIN7) // [
1546  UCHAR LargeStack;
1547 #else // ][
1548  UCHAR PowerState;
1549 #endif // ]
1550 #ifdef _WIN64 // [
1551  ULONG UserTime;
1552 #endif // ]
1553  };
1554  };
1555 #ifndef _WIN64 // [
1556  ULONG UserTime;
1557 #endif // ]
1558  union
1559  {
1560  KSEMAPHORE SuspendSemaphore;
1561  struct
1562  {
1563  UCHAR SuspendSemaphorefill[FIELD_OFFSET(KSEMAPHORE, Limit) + 4]; // 20 / 28
1564 #ifdef _WIN64 // [
1565  ULONG SListFaultCount;
1566 #endif // ]
1567  };
1568  };
1569 #ifndef _WIN64 // [
1570  ULONG SListFaultCount;
1571 #endif // ]
1572  LIST_ENTRY ThreadListEntry;
1573 #if (NTDDI_VERSION >= NTDDI_LONGHORN) // [
1574  LIST_ENTRY MutantListHead;
1575 #endif // ]
1576  PVOID SListFaultAddress;
1577 #ifdef _M_AMD64 // [
1578  LONG64 ReadOperationCount;
1579  LONG64 WriteOperationCount;
1580  LONG64 OtherOperationCount;
1581  LONG64 ReadTransferCount;
1582  LONG64 WriteTransferCount;
1583  LONG64 OtherTransferCount;
1584 #endif // ]
1585 #if (NTDDI_VERSION >= NTDDI_WIN7) // [
1586  PKTHREAD_COUNTERS ThreadCounters;
1587  PXSTATE_SAVE XStateSave;
1588 #elif (NTDDI_VERSION >= NTDDI_LONGHORN) // ][
1589  PVOID MdlForLockedTeb;
1590 #endif // ]
1591 } KTHREAD;
1592 
1593 #else // not (NTDDI_VERSION < NTDDI_WIN8)
1594 
1595 #if defined(_WIN64) && (NTDDI_VERSION < 0x06032580) // since WIN 8.1 Update1 6.3.9600.16384
1596 #define NUMBER_OF_LOCK_ENTRIES 5
1597 #else
1598 #define NUMBER_OF_LOCK_ENTRIES 6
1599 #endif
1600 
1601 typedef struct _KTHREAD
1602 {
1603  DISPATCHER_HEADER Header;
1604  PVOID SListFaultAddress;
1605  ULONG64 QuantumTarget;
1606  PVOID InitialStack;
1607  volatile VOID *StackLimit;
1608  PVOID StackBase;
1609  KSPIN_LOCK ThreadLock;
1610  volatile ULONG64 CycleTime;
1611 #ifndef _WIN64
1612  volatile ULONG HighCycleTime;
1613  PVOID ServiceTable;
1614 #endif
1615  ULONG CurrentRunTime;
1616  ULONG ExpectedRunTime;
1617  PVOID KernelStack;
1618  XSAVE_FORMAT* StateSaveArea;
1619  struct _KSCHEDULING_GROUP* SchedulingGroup;
1620  KWAIT_STATUS_REGISTER WaitRegister;
1621  BOOLEAN Running;
1622  BOOLEAN Alerted[MaximumMode];
1623 
1624  union
1625  {
1626  struct
1627  {
1628 #if (NTDDI_VERSION < NTDDI_WIN10)
1629  ULONG KernelStackResident : 1;
1630 #else
1631  ULONG AutoBoostActive : 1;
1632 #endif
1633  ULONG ReadyTransition : 1;
1634 #if (NTDDI_VERSION < NTDDI_WIN10TH2)
1635  ULONG ProcessReadyQueue : 1;
1636 #endif
1637  ULONG ProcessReadyQueue : 1;
1638  ULONG WaitNext : 1;
1639  ULONG SystemAffinityActive : 1;
1640  ULONG Alertable : 1;
1641 #if (NTDDI_VERSION < NTDDI_WIN81)
1642  ULONG CodePatchInProgress : 1;
1643 #endif
1644  ULONG UserStackWalkActive : 1;
1645  ULONG ApcInterruptRequest : 1;
1646  ULONG QuantumEndMigrate : 1;
1647  ULONG UmsDirectedSwitchEnable : 1;
1648  ULONG TimerActive : 1;
1649  ULONG SystemThread : 1;
1650  ULONG ProcessDetachActive : 1;
1651  ULONG CalloutActive : 1;
1652  ULONG ScbReadyQueue : 1;
1653  ULONG ApcQueueable : 1;
1654  ULONG ReservedStackInUse : 1;
1655  ULONG UmsPerformingSyscall : 1;
1656  ULONG DisableStackCheck : 1;
1657  ULONG Reserved : 12;
1658  };
1659  LONG MiscFlags;
1660  };
1661 
1662  union
1663  {
1664  struct
1665  {
1666  ULONG AutoAlignment : 1;
1667  ULONG DisableBoost : 1;
1668  ULONG UserAffinitySet : 1;
1669  ULONG AlertedByThreadId : 1;
1670  ULONG QuantumDonation : 1;
1671  ULONG EnableStackSwap : 1;
1672  ULONG GuiThread : 1;
1673  ULONG DisableQuantum : 1;
1674  ULONG ChargeOnlyGroup : 1;
1675  ULONG DeferPreemption : 1;
1676  ULONG QueueDeferPreemption : 1;
1677  ULONG ForceDeferSchedule : 1;
1678  ULONG ExplicitIdealProcessor : 1;
1679  ULONG FreezeCount : 1;
1680 #if (NTDDI_VERSION >= 0x060324D7) // since 6.3.9431.0
1681  ULONG TerminationApcRequest : 1;
1682 #endif
1683 #if (NTDDI_VERSION >= 0x06032580) // since 6.3.9600.16384
1684  ULONG AutoBoostEntriesExhausted : 1;
1685 #endif
1686 #if (NTDDI_VERSION >= 0x06032580) // since 6.3.9600.17031
1687  ULONG KernelStackResident : 1;
1688 #endif
1689 #if (NTDDI_VERSION >= NTDDI_WIN10)
1690  ULONG CommitFailTerminateRequest : 1;
1691  ULONG ProcessStackCountDecremented : 1;
1692  ULONG ThreadFlagsSpare : 5;
1693 #endif
1694  ULONG EtwStackTraceApcInserted : 8;
1695 #if (NTDDI_VERSION < NTDDI_WIN10)
1696  ULONG ReservedFlags : 10;
1697 #endif
1698  };
1699  LONG ThreadFlags;
1700  };
1701 
1702 #if (NTDDI_VERSION >= NTDDI_WIN10)
1703  volatile UCHAR Tag;
1704  UCHAR SystemHeteroCpuPolicy;
1705  UCHAR UserHeteroCpuPolicy : 7;
1706  UCHAR ExplicitSystemHeteroCpuPolicy : 1;
1707  UCHAR Spare0;
1708 #else
1709  ULONG Spare0;
1710 #endif
1711  ULONG SystemCallNumber;
1712 #ifdef _WIN64
1713  ULONG Spare1; // Win 10: Spare10
1714 #endif
1715  PVOID FirstArgument;
1716  PKTRAP_FRAME TrapFrame;
1717 
1718  union
1719  {
1720  KAPC_STATE ApcState;
1721  struct
1722  {
1723  UCHAR ApcStateFill[RTL_SIZEOF_THROUGH_FIELD(KAPC_STATE, UserApcPending)]; // 32bit: 23/0x17, 64bit: 43/0x2B
1724  SCHAR Priority;
1725  ULONG UserIdealProcessor;
1726  };
1727  };
1728 
1729 #ifndef _WIN64
1730  ULONG ContextSwitches;
1731  volatile UCHAR State;
1732 #if (NTDDI_VERSION >= NTDDI_WIN10) // since 10.0.10074.0
1733  CHAR Spare12;
1734 #else
1735  CHAR NpxState;
1736 #endif
1737  KIRQL WaitIrql;
1738  KPROCESSOR_MODE WaitMode;
1739 #endif
1740 
1741  volatile INT_PTR WaitStatus;
1742  PKWAIT_BLOCK WaitBlockList;
1743  union
1744  {
1745  LIST_ENTRY WaitListEntry;
1746  SINGLE_LIST_ENTRY SwapListEntry;
1747  };
1748  PKQUEUE Queue;
1749  PVOID Teb;
1750 #if (NTDDI_VERSION >= NTDDI_WIN8 /* 0x060223F0 */) // since 6.2.9200.16384
1751  ULONG64 RelativeTimerBias;
1752 #endif
1753  KTIMER Timer;
1754 
1755  union
1756  {
1757  DECLSPEC_ALIGN(8) KWAIT_BLOCK WaitBlock[THREAD_WAIT_OBJECTS + 1];
1758 #ifdef _WIN64
1759  struct
1760  {
1761  UCHAR WaitBlockFill4[FIELD_OFFSET(KWAIT_BLOCK, SpareLong)]; // 32bit: -, 64bit: 20/0x14
1762  ULONG ContextSwitches;
1763  };
1764  struct
1765  {
1766  UCHAR WaitBlockFill5[1 * sizeof(KWAIT_BLOCK) + FIELD_OFFSET(KWAIT_BLOCK, SpareLong)]; // 32bit: -, 64bit: 68/0x44
1767  UCHAR State;
1768 #if (NTDDI_VERSION >= NTDDI_WIN10)
1769  CHAR Spare13;
1770 #else
1771  CHAR NpxState;
1772 #endif
1773  UCHAR WaitIrql;
1774  CHAR WaitMode;
1775  };
1776  struct
1777  {
1778  UCHAR WaitBlockFill6[2 * sizeof(KWAIT_BLOCK) + FIELD_OFFSET(KWAIT_BLOCK, SpareLong)]; // 32bit: -, 64bit: 116/0x74
1779  ULONG WaitTime;
1780  };
1781  struct
1782  {
1783  UCHAR WaitBlockFill7[3 * sizeof(KWAIT_BLOCK) + FIELD_OFFSET(KWAIT_BLOCK, SpareLong)]; // 32bit: -, 64bit: 164/0xA4
1784  union
1785  {
1786  struct
1787  {
1788  SHORT KernelApcDisable;
1789  SHORT SpecialApcDisable;
1790  };
1791  ULONG CombinedApcDisable;
1792  };
1793  };
1794 #endif
1795  struct
1796  {
1797  UCHAR WaitBlockFill8[FIELD_OFFSET(KWAIT_BLOCK, SparePtr)]; // 32bit: 20/0x14, 64bit: 40/0x28
1798  struct _KTHREAD_COUNTERS *ThreadCounters;
1799  };
1800  struct
1801  {
1802  UCHAR WaitBlockFill9[1 * sizeof(KWAIT_BLOCK) + FIELD_OFFSET(KWAIT_BLOCK, SparePtr)]; // 32bit: 44/0x2C, 64bit: 88/0x58
1803  PXSTATE_SAVE XStateSave;
1804  };
1805  struct
1806  {
1807  UCHAR WaitBlockFill10[2 * sizeof(KWAIT_BLOCK) + FIELD_OFFSET(KWAIT_BLOCK, SparePtr)]; // 32bit: 68/0x44, 64bit: 136/0x88
1808  PVOID Win32Thread;
1809  };
1810  struct
1811  {
1812  UCHAR WaitBlockFill11[3 * sizeof(KWAIT_BLOCK) + FIELD_OFFSET(KWAIT_BLOCK, Object)]; // 32bit: 88/0x58, 64bit: 176/0xB0
1813 #ifdef _WIN64
1814  struct _UMS_CONTROL_BLOCK* Ucb;
1815  struct _KUMS_CONTEXT_HEADER* Uch;
1816 #else
1817  ULONG WaitTime;
1818  union
1819  {
1820  struct
1821  {
1822  SHORT KernelApcDisable;
1823  SHORT SpecialApcDisable;
1824  };
1825  ULONG CombinedApcDisable;
1826  };
1827 #endif
1828  };
1829  };
1830 
1831 #ifdef _WIN64
1832  PVOID TebMappedLowVa;
1833 #endif
1834  LIST_ENTRY QueueListEntry;
1835 #if (NTDDI_VERSION >= 0x060223F0) // since 6.2.9200.16384
1836  union
1837  {
1838  ULONG NextProcessor;
1839  struct
1840  {
1841  ULONG NextProcessorNumber : 31;
1842  ULONG SharedReadyQueue : 1;
1843  };
1844  };
1845  LONG QueuePriority;
1846 #else
1847  ULONG NextProcessor;
1848  ULONG DeferredProcessor;
1849 #endif
1850  PKPROCESS Process;
1851 
1852  union
1853  {
1854  GROUP_AFFINITY UserAffinity;
1855  struct
1856  {
1857  UCHAR UserAffinityFill[FIELD_OFFSET(GROUP_AFFINITY, Reserved)]; // 32bit: 6/0x6, 64bit: 10/0x0A
1858  CHAR PreviousMode;
1859  CHAR BasePriority;
1860  union
1861  {
1862  CHAR PriorityDecrement;
1863  struct
1864  {
1865  UCHAR ForegroundBoost : 4;
1866  UCHAR UnusualBoost : 4;
1867  };
1868  };
1869  UCHAR Preempted;
1870  UCHAR AdjustReason;
1871  CHAR AdjustIncrement;
1872  };
1873  };
1874 
1875 #if (NTDDI_VERSION >= NTDDI_WIN10) // since 10.0.10240.16384
1876  ULONG_PTR AffinityVersion;
1877 #endif
1878  union
1879  {
1880  GROUP_AFFINITY Affinity;
1881  struct
1882  {
1883  UCHAR AffinityFill[FIELD_OFFSET(GROUP_AFFINITY, Reserved)]; // 32bit: 6/0x6, 64bit: 10/0x0A
1884  UCHAR ApcStateIndex;
1885  UCHAR WaitBlockCount;
1886  ULONG IdealProcessor;
1887  };
1888  };
1889 
1890 #if (NTDDI_VERSION >= NTDDI_WIN10) // since 10.0.10240.16384
1891 #ifdef _WIN64
1892  ULONG64 NpxState;
1893 #else
1894  ULONG Spare15;
1895 #endif
1896 #else
1897  PKAPC_STATE ApcStatePointer[2];
1898 #endif
1899 
1900  union
1901  {
1902  KAPC_STATE SavedApcState;
1903  struct
1904  {
1905  UCHAR SavedApcStateFill[FIELD_OFFSET(KAPC_STATE, UserApcPending) + 1]; // 32bit: 23/0x17, 64bit: 43/0x2B
1906  UCHAR WaitReason;
1907  CHAR SuspendCount;
1908  CHAR Saturation;
1909  SHORT SListFaultCount;
1910  };
1911  };
1912 
1913  union
1914  {
1915  KAPC SchedulerApc;
1916  struct
1917  {
1918  UCHAR SchedulerApcFill0[FIELD_OFFSET(KAPC, SpareByte0)]; // 32bit: 1/0x01, 64bit: 1/0x01
1919  UCHAR ResourceIndex;
1920  };
1921  struct
1922  {
1923  UCHAR SchedulerApcFill1[FIELD_OFFSET(KAPC, SpareByte1)]; // 32bit: 3/0x03, 64bit: 3/0x03
1924  UCHAR QuantumReset;
1925  };
1926  struct
1927  {
1928  UCHAR SchedulerApcFill2[FIELD_OFFSET(KAPC, SpareLong0)]; // 32bit: 4/0x04, 64bit: 4/0x04
1929  ULONG KernelTime;
1930  };
1931  struct
1932  {
1933  UCHAR SuspendApcFill3[FIELD_OFFSET(KAPC, SystemArgument1)]; // 32 bit:, 64 bit: 64/0x40
1934  PKPRCB WaitPrcb;
1935  };
1936  struct
1937  {
1938  UCHAR SchedulerApcFill4[FIELD_OFFSET(KAPC, SystemArgument2)]; // 32 bit:, 64 bit: 72/0x48
1939  PVOID LegoData;
1940  };
1941  struct
1942  {
1943  UCHAR SchedulerApcFill5[FIELD_OFFSET(KAPC, Inserted) + 1]; // 32 bit:, 64 bit: 83/0x53
1944  UCHAR CallbackNestingLevel;
1945  ULONG UserTime;
1946  };
1947  };
1948 
1949  KEVENT SuspendEvent;
1950  LIST_ENTRY ThreadListEntry;
1951  LIST_ENTRY MutantListHead;
1952 
1953 #if (NTDDI_VERSION >= NTDDI_WIN10)
1954  UCHAR AbEntrySummary;
1955  UCHAR AbWaitEntryCount;
1956  USHORT Spare20;
1957 #if _WIN64
1958  ULONG SecureThreadCookie;
1959 #endif
1960 #elif (NTDDI_VERSION >= NTDDI_WINBLUE) // 6.3.9431.0
1961  SINGLE_LIST_ENTRY LockEntriesFreeList;
1962 #endif
1963 
1964 #if (NTDDI_VERSION >= NTDDI_WINBLUE /* 0x06032580 */) // since 6.3.9600.16384
1965  KLOCK_ENTRY LockEntries[NUMBER_OF_LOCK_ENTRIES];
1966  SINGLE_LIST_ENTRY PropagateBoostsEntry;
1967  SINGLE_LIST_ENTRY IoSelfBoostsEntry;
1968  UCHAR PriorityFloorCounts[16];
1969  ULONG PriorityFloorSummary;
1970  volatile LONG AbCompletedIoBoostCount;
1971  #if (NTDDI_VERSION >= NTDDI_WIN10_RS1)
1972  LONG AbCompletedIoQoSBoostCount;
1973  #endif
1974 
1975  #if (NTDDI_VERSION >= NTDDI_WIN10) // since 10.0.10240.16384
1976  volatile SHORT KeReferenceCount;
1977  #else
1978  volatile SHORT AbReferenceCount;
1979  #endif
1980  #if (NTDDI_VERSION >= 0x06040000) // since 6.4.9841.0
1981  UCHAR AbOrphanedEntrySummary;
1982  UCHAR AbOwnedEntryCount;
1983  #else
1984  UCHAR AbFreeEntryCount;
1985  UCHAR AbWaitEntryCount;
1986  #endif
1987  ULONG ForegroundLossTime;
1988  union
1989  {
1990  LIST_ENTRY GlobalForegroundListEntry;
1991  struct
1992  {
1993  SINGLE_LIST_ENTRY ForegroundDpcStackListEntry;
1994  ULONG_PTR InGlobalForegroundList;
1995  };
1996  };
1997 #endif
1998 
1999 #if _WIN64
2000  LONG64 ReadOperationCount;
2001  LONG64 WriteOperationCount;
2002  LONG64 OtherOperationCount;
2003  LONG64 ReadTransferCount;
2004  LONG64 WriteTransferCount;
2005  LONG64 OtherTransferCount;
2006 #endif
2007 #if (NTDDI_VERSION >= NTDDI_WIN10) // since 10.0.10041.0
2008  struct _KSCB *QueuedScb;
2009 #ifndef _WIN64
2010  ULONG64 NpxState;
2011 #endif
2012 #endif
2013 } KTHREAD;
2014 
2015 #endif
2016 
2017 
2018 #define ASSERT_THREAD(object) \
2019  ASSERT((((object)->Header.Type & KOBJECT_TYPE_MASK) == ThreadObject))
2020 
2021 //
2022 // Kernel Process (KPROCESS)
2023 //
2024 typedef struct _KPROCESS
2025 {
2026  DISPATCHER_HEADER Header;
2027  LIST_ENTRY ProfileListHead;
2028 #if (NTDDI_VERSION >= NTDDI_LONGHORN)
2029  ULONG_PTR DirectoryTableBase;
2030  ULONG_PTR Unused0;
2031 #else
2032  ULONG_PTR DirectoryTableBase[2];
2033 #endif
2034 #if defined(_M_IX86)
2035  KGDTENTRY LdtDescriptor;
2036  KIDTENTRY Int21Descriptor;
2037 #endif
2038  USHORT IopmOffset;
2039 #if defined(_M_IX86)
2040  UCHAR Iopl;
2041  UCHAR Unused;
2042 #endif
2043  volatile KAFFINITY ActiveProcessors;
2044  ULONG KernelTime;
2045  ULONG UserTime;
2046  LIST_ENTRY ReadyListHead;
2047  SINGLE_LIST_ENTRY SwapListEntry;
2048  PVOID VdmTrapcHandler;
2049  LIST_ENTRY ThreadListHead;
2050  KSPIN_LOCK ProcessLock;
2051  KAFFINITY Affinity;
2052  union
2053  {
2054  struct
2055  {
2056  LONG AutoAlignment:1;
2057  LONG DisableBoost:1;
2058  LONG DisableQuantum:1;
2059  LONG ReservedFlags:29;
2060  };
2061  LONG ProcessFlags;
2062  };
2063  SCHAR BasePriority;
2064  SCHAR QuantumReset;
2065  UCHAR State;
2066  UCHAR ThreadSeed;
2067  UCHAR PowerState;
2068  UCHAR IdealNode;
2069  UCHAR Visited;
2070  union
2071  {
2072  KEXECUTE_OPTIONS Flags;
2073  UCHAR ExecuteOptions;
2074  };
2075  ULONG StackCount;
2076  LIST_ENTRY ProcessListEntry;
2077 #if (NTDDI_VERSION >= NTDDI_LONGHORN) // [
2078  ULONGLONG CycleTime;
2079 #endif // ]
2080 } KPROCESS;
2081 
2082 #define ASSERT_PROCESS(object) \
2083  ASSERT((((object)->Header.Type & KOBJECT_TYPE_MASK) == ProcessObject))
2084 
2085 //
2086 // System Service Table Descriptor
2087 //
2088 typedef struct _KSERVICE_TABLE_DESCRIPTOR
2089 {
2090  PULONG_PTR Base;
2091  PULONG Count;
2092  ULONG Limit;
2093 #if defined(_IA64_)
2094  LONG TableBaseGpOffset;
2095 #endif
2096  PUCHAR Number;
2097 } KSERVICE_TABLE_DESCRIPTOR, *PKSERVICE_TABLE_DESCRIPTOR;
2098 
2099 #if (NTDDI_VERSION >= NTDDI_WIN8)
2100 //
2101 // Entropy Timing State
2102 //
2103 typedef struct _KENTROPY_TIMING_STATE
2104 {
2105  ULONG EntropyCount;
2106  ULONG Buffer[64];
2107  KDPC Dpc;
2108  ULONG LastDeliveredBuffer;
2109  PULONG RawDataBuffer;
2110 } KENTROPY_TIMING_STATE, *PKENTROPY_TIMING_STATE;
2111 
2112 //
2113 // Constants from ks386.inc, ksamd64.inc and ksarm.h
2114 //
2115 #define KENTROPY_TIMING_INTERRUPTS_PER_BUFFER 0x400
2116 #define KENTROPY_TIMING_BUFFER_MASK 0x7ff
2117 #define KENTROPY_TIMING_ANALYSIS 0x0
2118 
2119 #endif /* (NTDDI_VERSION >= NTDDI_WIN8) */
2120 
2121 //
2122 // Exported Loader Parameter Block
2123 //
2124 extern struct _LOADER_PARAMETER_BLOCK NTSYSAPI *KeLoaderBlock;
2125 
2126 //
2127 // Exported Hardware Data
2128 //
2129 extern ULONG NTSYSAPI KiDmaIoCoherency;
2130 extern ULONG NTSYSAPI KeMaximumIncrement;
2131 extern ULONG NTSYSAPI KeMinimumIncrement;
2132 extern ULONG NTSYSAPI KeDcacheFlushCount;
2133 extern ULONG NTSYSAPI KeIcacheFlushCount;
2134 extern ULONG_PTR NTSYSAPI KiBugCheckData[];
2135 extern BOOLEAN NTSYSAPI KiEnableTimerWatchdog;
2136 
2137 //
2138 // Exported System Service Descriptor Tables
2139 //
2140 extern KSERVICE_TABLE_DESCRIPTOR NTSYSAPI KeServiceDescriptorTable[SSDT_MAX_ENTRIES];
2141 extern KSERVICE_TABLE_DESCRIPTOR NTSYSAPI KeServiceDescriptorTableShadow[SSDT_MAX_ENTRIES];
2142 
2143 #endif // !NTOS_MODE_USER
2144 
2145 #endif // _KETYPES_H
_EXCEPTION_REGISTRATION_RECORD
Definition: compat.h:583
_KUSER_SHARED_DATA::LargePageMinimum
ULONG LargePageMinimum
Definition: ketypes.h:1167
_KPROFILE::Started
BOOLEAN Started
Definition: ketypes.h:869
_KINTERRUPT::ServiceCount
ULONG ServiceCount
Definition: ketypes.h:901
_KWAIT_REASON
_KWAIT_REASON
Definition: ketypes.h:402
_KPROFILE::Type
CSHORT Type
Definition: ketypes.h:858
_KTHREAD::SuspendApcFill3
UCHAR SuspendApcFill3[FIELD_OFFSET(KAPC, SystemArgument1)]
Definition: ketypes.h:1933
_FIBER::StackBase
PVOID StackBase
Definition: ketypes.h:183
_KPROCESS::QuantumReset
SCHAR QuantumReset
Definition: ketypes.h:2064
_KTHREAD::ThreadFlags
LONG ThreadFlags
Definition: ketypes.h:1699
_KSYSTEM_TIME::LowPart
ULONG LowPart
Definition: ketypes.h:917
_FIBER::FiberContext
CONTEXT FiberContext
Definition: ketypes.h:186
KTIMER_TABLE
struct _KTIMER_TABLE KTIMER_TABLE
_KTHREAD::AbCompletedIoQoSBoostCount
LONG AbCompletedIoQoSBoostCount
Definition: ketypes.h:1972
_KUSER_SHARED_DATA::NtMinorVersion
ULONG NtMinorVersion
Definition: ketypes.h:1172
_KPROFILE::Buffer
PVOID Buffer
Definition: ketypes.h:865
Unused
_Must_inspect_result_ typedef _In_ PVOID Unused
Definition: iotypes.h:1166
_SYNCH_COUNTERS::ExAcqResSharedWaitForExclusiveAttempts
ULONG ExAcqResSharedWaitForExclusiveAttempts
Definition: ketypes.h:767
_KTHREAD::FreezeCount
ULONG FreezeCount
Definition: ketypes.h:1679
IN
#define IN
Definition: typedefs.h:39
_KPROCESS::Unused0
ULONG_PTR Unused0
Definition: ketypes.h:2030
_KUSER_SHARED_DATA::SharedDataFlags
ULONG SharedDataFlags
Definition: ketypes.h:1204
_VDMSERVICECLASS
_VDMSERVICECLASS
Definition: ketypes.h:503
_KTHREAD
Definition: ketypes.h:1601
_KUSER_SHARED_DATA
Definition: ketypes.h:1155
_KTHREAD::AutoBoostActive
ULONG AutoBoostActive
Definition: ketypes.h:1631
_KLOCK_ENTRY::Spare1
UCHAR Spare1
Definition: ketypes.h:1050
PKPROCESS_STATE
enum _KPROCESS_STATE * PKPROCESS_STATE
_RTL_BALANCED_NODE
Definition: ntdef.template.h:321
_KINTERRUPT::Connected
BOOLEAN Connected
Definition: ketypes.h:894
_KPROFILE::Affinity
KAFFINITY Affinity
Definition: ketypes.h:867
_KTIMER_TABLE_ENTRY::Lock
KSPIN_LOCK Lock
Definition: ketypes.h:716
_KUSER_SHARED_DATA::UserModeGlobalLogger
USHORT UserModeGlobalLogger[16]
Definition: ketypes.h:1240
_KTHREAD::EtwStackTraceApcInserted
ULONG EtwStackTraceApcInserted
Definition: ketypes.h:1694
_KLOCK_ENTRY::AllBoosts
USHORT AllBoosts
Definition: ketypes.h:1117
_KTHREAD::UserIdealProcessor
ULONG UserIdealProcessor
Definition: ketypes.h:1725
KAPC_STATE
KAPC_STATE
Definition: ketypes.h:1285
_KTHREAD::TimerActive
ULONG TimerActive
Definition: ketypes.h:1648
_KUSER_SHARED_DATA::Cookie
ULONG Cookie
Definition: ketypes.h:1232
KENTROPY_TIMING_STATE
struct _KENTROPY_TIMING_STATE KENTROPY_TIMING_STATE
_KPROCESS::DisableBoost
LONG DisableBoost
Definition: ketypes.h:2057
_KTHREAD::Spare20
USHORT Spare20
Definition: ketypes.h:1956
_KPROCESS_STATE
_KPROCESS_STATE
Definition: ketypes.h:491
_SYNCH_COUNTERS::ExTryToAcqExclusiveAttempts
ULONG ExTryToAcqExclusiveAttempts
Definition: ketypes.h:776
_KTHREAD::AbWaitEntryCount
UCHAR AbWaitEntryCount
Definition: ketypes.h:1955
_KPROFILE::RangeBase
PVOID RangeBase
Definition: ketypes.h:862
KDPC_DATA
struct _KDPC_DATA KDPC_DATA
_KLOCK_ENTRY::WaiterTree
RTL_RB_TREE WaiterTree
Definition: ketypes.h:1107
_KINTERRUPT::SpinLock
KSPIN_LOCK SpinLock
Definition: ketypes.h:886
_GENERAL_LOOKASIDE
Definition: extypes.h:134
_KUSER_SHARED_DATA::Reserved2
ULONG Reserved2[7]
Definition: ketypes.h:1168
_GETSETCONTEXT::Context
CONTEXT Context
Definition: ketypes.h:850
KAPC_ENVIRONMENT
enum _KAPC_ENVIRONMENT KAPC_ENVIRONMENT
_KTHREAD::EnableStackSwap
ULONG EnableStackSwap
Definition: ketypes.h:1671
_KENTROPY_TIMING_STATE::LastDeliveredBuffer
ULONG LastDeliveredBuffer
Definition: ketypes.h:2108
_ALTERNATIVE_ARCHITECTURE_TYPE
_ALTERNATIVE_ARCHITECTURE_TYPE
Definition: ketypes.h:889
_KTHREAD::AlertedByThreadId
ULONG AlertedByThreadId
Definition: ketypes.h:1669
_KTHREAD::AbCompletedIoBoostCount
volatile LONG AbCompletedIoBoostCount
Definition: ketypes.h:1970
_KTIMER_TABLE::TimerEntries
KTIMER_TABLE_ENTRY TimerEntries[256]
Definition: ketypes.h:725
_KPROCESS::DirectoryTableBase
ULONG_PTR DirectoryTableBase
Definition: ketypes.h:2029
KOBJECTS
enum _KOBJECTS KOBJECTS
_KPROCESS::State
UCHAR State
Definition: ketypes.h:2065
_KTHREAD::SpecialApcDisable
SHORT SpecialApcDisable
Definition: ketypes.h:1823
_KLOCK_ENTRY::IoNormalPriorityWaiterCount
USHORT IoNormalPriorityWaiterCount
Definition: ketypes.h:1129
_KQUEUE
Definition: ketypes.h:1291
_KLOCK_ENTRY::AcquiredBit
UCHAR AcquiredBit
Definition: ketypes.h:1040
_SINGLE_LIST_ENTRY
Definition: ntbasedef.h:628
_KTIMER
Definition: ketypes.h:839
_KTHREAD::ForegroundLossTime
ULONG ForegroundLossTime
Definition: ketypes.h:1987
_KTHREAD::CombinedApcDisable
ULONG CombinedApcDisable
Definition: ketypes.h:1825
_FIBER::ExceptionList
struct _EXCEPTION_REGISTRATION_RECORD * ExceptionList
Definition: ketypes.h:182
StartRoutine
_In_ ULONG _In_opt_ POBJECT_ATTRIBUTES _In_opt_ HANDLE _Out_opt_ PCLIENT_ID _In_ PKSTART_ROUTINE StartRoutine
Definition: psfuncs.h:87
_KLOCK_ENTRY::EntryFlags
ULONG EntryFlags
Definition: ketypes.h:1024
_KDPC_LIST::LastEntry
SINGLE_LIST_ENTRY * LastEntry
Definition: ketypes.h:731
_SYNCH_COUNTERS::ExSetResOwnerPointerExclusive
ULONG ExSetResOwnerPointerExclusive
Definition: ketypes.h:773
_KUSER_SHARED_DATA::SystemExpirationDate
LARGE_INTEGER SystemExpirationDate
Definition: ketypes.h:1179
_KTHREAD::UserStackWalkActive
ULONG UserStackWalkActive
Definition: ketypes.h:1644
_KPROCESS::BasePriority
SCHAR BasePriority
Definition: ketypes.h:2063
_KTHREAD::SavedApcState
KAPC_STATE SavedApcState
Definition: ketypes.h:1902
_KPROCESS::ProcessFlags
LONG ProcessFlags
Definition: ketypes.h:2061
_SYNCH_COUNTERS::ExSetResOwnerPointerSharedOld
ULONG ExSetResOwnerPointerSharedOld
Definition: ketypes.h:775
_SYNCH_COUNTERS::ExAcqResExclusiveAttempts
ULONG ExAcqResExclusiveAttempts
Definition: ketypes.h:750
_KTHREAD::ServiceTable
PVOID ServiceTable
Definition: ketypes.h:1613
_KTHREAD::UnusualBoost
UCHAR UnusualBoost
Definition: ketypes.h:1866
_FIBER::StackLimit
PVOID StackLimit
Definition: ketypes.h:184
_KOBJECTS
_KOBJECTS
Definition: ketypes.h:437
_KTRAP_FRAME
Definition: ketypes.h:311
_KTHREAD::SchedulerApcFill2
UCHAR SchedulerApcFill2[FIELD_OFFSET(KAPC, SpareLong0)]
Definition: ketypes.h:1928
_KSERVICE_TABLE_DESCRIPTOR::Number
PUCHAR Number
Definition: ketypes.h:2096
_KTHREAD::ThreadCounters
struct _KTHREAD_COUNTERS * ThreadCounters
Definition: ketypes.h:1798
_KTHREAD::SchedulerApcFill5
UCHAR SchedulerApcFill5[FIELD_OFFSET(KAPC, Inserted)+1]
Definition: ketypes.h:1943
PUCHAR
unsigned char * PUCHAR
Definition: retypes.h:3
CHAR
char CHAR
Definition: xmlstorage.h:175
_KEVENT_PAIR::Size
CSHORT Size
Definition: ketypes.h:919
_KTHREAD::ProcessDetachActive
ULONG ProcessDetachActive
Definition: ketypes.h:1650
_KINTERRUPT::MessageServiceRoutine
PKSERVICE_ROUTINE MessageServiceRoutine
Definition: ketypes.h:882
_KPROCESS::IopmOffset
USHORT IopmOffset
Definition: ketypes.h:2038
_KTHREAD::SListFaultAddress
PVOID SListFaultAddress
Definition: ketypes.h:1604
_KLOCK_ENTRY_LOCK_STATE
Definition: ketypes.h:984
PKTIMER_TABLE_ENTRY
struct _KTIMER_TABLE_ENTRY * PKTIMER_TABLE_ENTRY
_KUSER_SHARED_DATA::ConsoleSessionForegroundProcessId
LONGLONG ConsoleSessionForegroundProcessId
Definition: ketypes.h:1235
_KSERVICE_TABLE_DESCRIPTOR::Limit
ULONG Limit
Definition: ketypes.h:2092
_KTHREAD::Spare15
ULONG Spare15
Definition: ketypes.h:1894
_KTHREAD::CommitFailTerminateRequest
ULONG CommitFailTerminateRequest
Definition: ketypes.h:1690
_KEXECUTE_OPTIONS
Definition: ketypes.h:927
KWAIT_STATUS_REGISTER
union _KWAIT_STATUS_REGISTER KWAIT_STATUS_REGISTER
_KUSER_SHARED_DATA::TestRetInstruction
ULONGLONG TestRetInstruction
Definition: ketypes.h:1220
_KTHREAD::Priority
SCHAR Priority
Definition: ketypes.h:1724
_KUSER_SHARED_DATA::MaxStackTraceDepth
ULONG MaxStackTraceDepth
Definition: ketypes.h:1164
_KLOCK_ENTRY::AcquiredByte
UCHAR AcquiredByte
Definition: ketypes.h:1039
State
_In_ ULONG _In_ ULONG State
Definition: potypes.h:516
KCONTINUE_STATUS
enum _KCONTINUE_STATUS KCONTINUE_STATUS
_KWAIT_STATUS_REGISTER::Unused
UCHAR Unused
Definition: ketypes.h:950
PKUSER_SHARED_DATA
struct _KUSER_SHARED_DATA * PKUSER_SHARED_DATA
_KTHREAD::UmsPerformingSyscall
ULONG UmsPerformingSyscall
Definition: ketypes.h:1655
_COUNTER_READING::Total
ULONG64 Total
Definition: ketypes.h:959
_KNODE::_flags::Removable
UCHAR Removable
Definition: ketypes.h:833
KDPC_LIST
struct _KDPC_LIST KDPC_LIST
_KUSER_SHARED_DATA::CryptoExponent
ULONG CryptoExponent
Definition: ketypes.h:1165
_KTHREAD::Saturation
CHAR Saturation
Definition: ketypes.h:1908
_KTHREAD::Alerted
BOOLEAN Alerted[MaximumMode]
Definition: ketypes.h:1622
Period
_In_ LARGE_INTEGER _In_ ULONG Period
Definition: kefuncs.h:1326
_FIBER
Definition: ketypes.h:179
_KTHREAD::TrapFrame
PKTRAP_FRAME TrapFrame
Definition: ketypes.h:1716
_KTHREAD::QuantumDonation
ULONG QuantumDonation
Definition: ketypes.h:1670
_COUNTER_READING
Definition: ketypes.h:954
_KLOCK_ENTRY_LOCK_STATE::InTree
ULONG_PTR InTree
Definition: ketypes.h:997
_KTHREAD::SystemThread
ULONG SystemThread
Definition: ketypes.h:1649
KEXECUTE_OPTIONS
struct _KEXECUTE_OPTIONS KEXECUTE_OPTIONS
_SYNCH_COUNTERS::ExEtwSynchTrackingNotificationsCount
ULONG ExEtwSynchTrackingNotificationsCount
Definition: ketypes.h:780
_SYNCH_COUNTERS::IpiSendRequestBroadcastCount
ULONG IpiSendRequestBroadcastCount
Definition: ketypes.h:739
_XSTATE_SAVE
Definition: ketypes.h:977
_SYNCH_COUNTERS::ExAcqResSharedAttempts
ULONG ExAcqResSharedAttempts
Definition: ketypes.h:755
PKSPIN_LOCK
KSPIN_LOCK * PKSPIN_LOCK
Definition: env_spec_w32.h:73
_KUSER_SHARED_DATA::TimeSlip
volatile ULONG TimeSlip
Definition: ketypes.h:1176
_KTHREAD::WaitBlockList
PKWAIT_BLOCK WaitBlockList
Definition: ketypes.h:1742
_KTHREAD::Reserved
ULONG Reserved
Definition: ketypes.h:1657
_KINTERRUPT::Type
CSHORT Type
Definition: ketypes.h:877
_KLOCK_ENTRY::IoQoSBoost
USHORT IoQoSBoost
Definition: ketypes.h:1128
_KENTROPY_TIMING_STATE::RawDataBuffer
PULONG RawDataBuffer
Definition: ketypes.h:2109
_KTHREAD::UserAffinitySet
ULONG UserAffinitySet
Definition: ketypes.h:1668
_KTHREAD::DeferPreemption
ULONG DeferPreemption
Definition: ketypes.h:1675
_KLOCK_ENTRY
Definition: ketypes.h:1014
INT_PTR
int32_t INT_PTR
Definition: typedefs.h:64
_HARDWARE_COUNTER_TYPE
_HARDWARE_COUNTER_TYPE
Definition: pstypes.h:123
SSDT_MAX_ENTRIES
#define SSDT_MAX_ENTRIES
Definition: ketypes.h:100
_KTHREAD::Process
PKPROCESS Process
Definition: ketypes.h:1850
NUMBER_OF_LOCK_ENTRIES
#define NUMBER_OF_LOCK_ENTRIES
Definition: ketypes.h:1598
PKEVENT_PAIR
struct _KEVENT_PAIR * PKEVENT_PAIR
_KTHREAD::ProcessReadyQueue
ULONG ProcessReadyQueue
Definition: ketypes.h:1637
_KLOCK_ENTRY_LOCK_STATE::Busy
ULONG_PTR Busy
Definition: ketypes.h:995
KEVENT_PAIR
struct _KEVENT_PAIR KEVENT_PAIR
KiDmaIoCoherency
ULONG NTSYSAPI KiDmaIoCoherency
Definition: cpu.c:27
_KNODE::PfnDeferredList
struct _SINGLE_LIST_ENTRY * PfnDeferredList
Definition: ketypes.h:838
_KLOCK_ENTRY::LockState
KLOCK_ENTRY_LOCK_STATE LockState
Definition: ketypes.h:1078
KeIcacheFlushCount
ULONG NTSYSAPI KeIcacheFlushCount
Definition: cpu.c:19
_KUSER_SHARED_DATA::InterruptTime
volatile KSYSTEM_TIME InterruptTime
Definition: ketypes.h:1158
NTSYSAPI
#define NTSYSAPI
Definition: ntoskrnl.h:12
_SYNCH_COUNTERS::ExAcqResExclusiveAcquiresExclusiveRecursive
ULONG ExAcqResExclusiveAcquiresExclusiveRecursive
Definition: ketypes.h:752
_KGDTENTRY
Definition: ketypes.h:334
_KINTERRUPT::FloatingSave
BOOLEAN FloatingSave
Definition: ketypes.h:893
_KEXECUTE_OPTIONS::ExecuteDisable
UCHAR ExecuteDisable
Definition: ketypes.h:929
_SYNCH_COUNTERS::ExAcqResSharedStarveExclusiveAttempts
ULONG ExAcqResSharedStarveExclusiveAttempts
Definition: ketypes.h:761
_SYNCH_COUNTERS::ExAcqResSharedStarveExclusiveWaits
ULONG ExAcqResSharedStarveExclusiveWaits
Definition: ketypes.h:765
SYNCH_COUNTERS
struct _SYNCH_COUNTERS SYNCH_COUNTERS
_KUSER_SHARED_DATA::SystemCallReturn
ULONG SystemCallReturn
Definition: ketypes.h:1222
_RTL_RB_TREE
FIXME: should move to rtltypes.h, but we can't include it here.
Definition: ketypes.h:976
_KLOCK_ENTRY::FreeListEntry
SINGLE_LIST_ENTRY FreeListEntry
Definition: ketypes.h:1019
_KTHREAD_COUNTERS::HardwareCounters
ULONG64 HardwareCounters
Definition: ketypes.h:969
_KDPC_DATA::DpcLock
ULONG_PTR DpcLock
Definition: ketypes.h:794
_SYNCH_COUNTERS::ExAcqResSharedWaits
ULONG ExAcqResSharedWaits
Definition: ketypes.h:759
_KTHREAD_COUNTERS
Definition: ketypes.h:962
_KTHREAD::UmsDirectedSwitchEnable
ULONG UmsDirectedSwitchEnable
Definition: ketypes.h:1647
_KPROFILE_SOURCE
_KPROFILE_SOURCE
Definition: winternl.h:2122
_SYNCH_COUNTERS::ExAcqResSharedStarveExclusiveAcquiresExclusive
ULONG ExAcqResSharedStarveExclusiveAcquiresExclusive
Definition: ketypes.h:762
_KTIMER_TABLE::TimerExpiry
PKTIMER TimerExpiry[64]
Definition: ketypes.h:724
PKDPC_DATA
struct _KDPC_DATA * PKDPC_DATA
_KINTERRUPT::Mode
KINTERRUPT_MODE Mode
Definition: ketypes.h:897
KPROCESS_STATE
enum _KPROCESS_STATE KPROCESS_STATE
_KTHREAD::HighCycleTime
volatile ULONG HighCycleTime
Definition: ketypes.h:1612
PKSERVICE_ROUTINE
KSERVICE_ROUTINE * PKSERVICE_ROUTINE
Definition: ketypes.h:500
_KTHREAD::ExplicitIdealProcessor
ULONG ExplicitIdealProcessor
Definition: ketypes.h:1678
_KSERVICE_TABLE_DESCRIPTOR::Count
PULONG Count
Definition: ketypes.h:2091
_SYNCH_COUNTERS::ExAcqResSharedAcquiresExclusive
ULONG ExAcqResSharedAcquiresExclusive
Definition: ketypes.h:756
_KTIMER_TABLE_ENTRY
Definition: ketypes.h:713
_TIMER_TYPE
_TIMER_TYPE
Definition: ntdef.template.h:360
_KTHREAD::WaitPrcb
PKPRCB WaitPrcb
Definition: ketypes.h:1934
ULONG_PTR
uint32_t ULONG_PTR
Definition: typedefs.h:65
_KLOCK_ENTRY_LOCK_STATE::LockState
PVOID LockState
Definition: ketypes.h:999
_KTHREAD::NextProcessor
ULONG NextProcessor
Definition: ketypes.h:1847
_KUSER_SHARED_DATA::SafeBootMode
BOOLEAN SafeBootMode
Definition: ketypes.h:1190
_KPROCESS::ReservedFlags
LONG ReservedFlags
Definition: ketypes.h:2059
_KNODE::DeadStackList
SLIST_HEADER DeadStackList
Definition: ketypes.h:826
_KTHREAD::AutoAlignment
ULONG AutoAlignment
Definition: ketypes.h:1666
_FIBER::FiberData
PVOID FiberData
Definition: ketypes.h:181
KiEnableTimerWatchdog
BOOLEAN NTSYSAPI KiEnableTimerWatchdog
Definition: timerobj.c:20
_ACTIVATION_CONTEXT_STACK
Definition: rtltypes.h:971
_KLOCK_ENTRY::IoQoSWaiter
UCHAR IoQoSWaiter
Definition: ketypes.h:1049
PRTL_RB_TREE
struct _RTL_RB_TREE * PRTL_RB_TREE
PCOUNTER_READING
struct _COUNTER_READING * PCOUNTER_READING
KIRQL
UCHAR KIRQL
Definition: env_spec_w32.h:591
_KPROFILE::Process
struct _KPROCESS * Process
Definition: ketypes.h:861
_SYNCH_COUNTERS::ExecutiveResourceReleaseSharedCount
ULONG ExecutiveResourceReleaseSharedCount
Definition: ketypes.h:748
_KTHREAD::PriorityFloorCounts
UCHAR PriorityFloorCounts[16]
Definition: ketypes.h:1968
_KLOCK_ENTRY::AllFlags
ULONG AllFlags
Definition: ketypes.h:1057
PNT_PRODUCT_TYPE
enum _NT_PRODUCT_TYPE * PNT_PRODUCT_TYPE
_SYNCH_COUNTERS::ExBoostSharedOwners
ULONG ExBoostSharedOwners
Definition: ketypes.h:779
_KLOCK_ENTRY::TreeNode
RTL_BALANCED_NODE TreeNode
Definition: ketypes.h:1018
PKSYSTEM_ROUTINE
VOID(NTAPI * PKSYSTEM_ROUTINE)(PKSTART_ROUTINE StartRoutine, PVOID StartContext)
Definition: ketypes.h:677
GETSETCONTEXT
struct _GETSETCONTEXT GETSETCONTEXT
_KTHREAD::XStateSave
PXSTATE_SAVE XStateSave
Definition: ketypes.h:1803
_KTHREAD::ForegroundDpcStackListEntry
SINGLE_LIST_ENTRY ForegroundDpcStackListEntry
Definition: ketypes.h:1993
NTAPI
NTSTATUS(* NTAPI)(IN PFILE_FULL_EA_INFORMATION EaBuffer, IN ULONG EaLength, OUT PULONG ErrorOffset)
Definition: IoEaTest.cpp:117
_KTHREAD::MiscFlags
LONG MiscFlags
Definition: ketypes.h:1659
_KWAIT_STATUS_REGISTER::UserApc
UCHAR UserApc
Definition: ketypes.h:948
_KUSER_SHARED_DATA::NtMajorVersion
ULONG NtMajorVersion
Definition: ketypes.h:1171
_KTHREAD::KernelApcDisable
SHORT KernelApcDisable
Definition: ketypes.h:1822
_KPROFILE::Source
KPROFILE_SOURCE Source
Definition: ketypes.h:868
_KTHREAD::CallbackNestingLevel
UCHAR CallbackNestingLevel
Definition: ketypes.h:1944
_KUSER_SHARED_DATA::ImageFileExecutionOptions
ULONG ImageFileExecutionOptions
Definition: ketypes.h:1246
_KINTERRUPT::TickCount
ULONG TickCount
Definition: ketypes.h:887
PKSTART_ROUTINE
KSTART_ROUTINE * PKSTART_ROUTINE
Definition: ketypes.h:487
_KUSER_SHARED_DATA::SystemTime
volatile KSYSTEM_TIME SystemTime
Definition: ketypes.h:1159
_SYNCH_COUNTERS::ExAcqResSharedWaitForExclusiveAcquiresShared
ULONG ExAcqResSharedWaitForExclusiveAcquiresShared
Definition: ketypes.h:769
_RTL_RB_TREE::Min
PRTL_BALANCED_NODE Min
Definition: ketypes.h:979
_KEXECUTE_OPTIONS::Spare
UCHAR Spare
Definition: ketypes.h:935
_SYNCH_COUNTERS::ExAcqResSharedStarveExclusiveAcquiresShared
ULONG ExAcqResSharedStarveExclusiveAcquiresShared
Definition: ketypes.h:763
_SYNCH_COUNTERS::ExAcqResSharedStarveExclusiveNotAcquires
ULONG ExAcqResSharedStarveExclusiveNotAcquires
Definition: ketypes.h:766
_SYNCH_COUNTERS::ExAcqResSharedNotAcquires
ULONG ExAcqResSharedNotAcquires
Definition: ketypes.h:760
_GETSETCONTEXT::Apc
KAPC Apc
Definition: ketypes.h:847
LONG
long LONG
Definition: pedump.c:60
_SYNCH_COUNTERS::ExSetResOwnerPointerSharedNew
ULONG ExSetResOwnerPointerSharedNew
Definition: ketypes.h:774
_KPROCESS::ExecuteOptions
UCHAR ExecuteOptions
Definition: ketypes.h:2073
_KUSER_SHARED_DATA::NtProductType
NT_PRODUCT_TYPE NtProductType
Definition: ketypes.h:1169
_KDPC_DATA::DpcList
KDPC_LIST DpcList
Definition: ketypes.h:790
_KTHREAD::SystemHeteroCpuPolicy
UCHAR SystemHeteroCpuPolicy
Definition: ketypes.h:1704
_KTHREAD::ApcState
KAPC_STATE ApcState
Definition: ketypes.h:1720
SHORT
short SHORT
Definition: pedump.c:59
_KLOCK_ENTRY::EntryOffset
UCHAR EntryOffset
Definition: ketypes.h:1027
_KTHREAD::SystemAffinityActive
ULONG SystemAffinityActive
Definition: ketypes.h:1639
PKTHREAD_COUNTERS
struct _KTHREAD_COUNTERS * PKTHREAD_COUNTERS
_KTHREAD::FirstArgument
PVOID FirstArgument
Definition: ketypes.h:1715
_KLOCK_ENTRY::SessionId
ULONG SessionId
Definition: ketypes.h:1094
_KUSER_SHARED_DATA::KdDebuggerEnabled
BOOLEAN KdDebuggerEnabled
Definition: ketypes.h:1181
_KLOCK_ENTRY::EntryLock
ULONG_PTR EntryLock
Definition: ketypes.h:1111
_GETSETCONTEXT::Event
KEVENT Event
Definition: ketypes.h:848
_KDPC_LIST
Definition: ketypes.h:728
_KTHREAD::WaitNext
ULONG WaitNext
Definition: ketypes.h:1638
_SYNCH_COUNTERS::ExAcqResSharedAcquiresShared
ULONG ExAcqResSharedAcquiresShared
Definition: ketypes.h:757
_KUSER_SHARED_DATA::TickCountMultiplier
ULONG TickCountMultiplier
Definition: ketypes.h:1157
_SYNCH_COUNTERS::ExAcqResSharedWaitForExclusiveAcquiresSharedRecursive
ULONG ExAcqResSharedWaitForExclusiveAcquiresSharedRecursive
Definition: ketypes.h:770
_KTHREAD_COUNTERS::CycleTimeBias
ULONG64 CycleTimeBias
Definition: ketypes.h:968
_KEXECUTE_OPTIONS::ImageDispatchEnable
UCHAR ImageDispatchEnable
Definition: ketypes.h:934
_KLOCK_ENTRY::CrossThreadReleasableAndBusyByte
volatile UCHAR CrossThreadReleasableAndBusyByte
Definition: ketypes.h:1083
_KTHREAD::UserHeteroCpuPolicy
UCHAR UserHeteroCpuPolicy
Definition: ketypes.h:1705
_KTHREAD::ApcInterruptRequest
ULONG ApcInterruptRequest
Definition: ketypes.h:1645
BOOLEAN
unsigned char BOOLEAN
Definition: ProcessorBind.h:185
_KPROFILE::ProfileListEntry
LIST_ENTRY ProfileListEntry
Definition: ketypes.h:860
_KTHREAD_COUNTERS::WaitReasonBitMap
ULONG64 WaitReasonBitMap
Definition: ketypes.h:964
_KPROCESS::StackCount
ULONG StackCount
Definition: ketypes.h:2075
_LOADER_PARAMETER_BLOCK
Definition: arc.h:491
KPROFILE_SOURCE
enum _KPROFILE_SOURCE KPROFILE_SOURCE
_GETSETCONTEXT
Definition: ketypes.h:845
_KPROFILE::RangeLimit
PVOID RangeLimit
Definition: ketypes.h:863
_KSERVICE_TABLE_DESCRIPTOR
Definition: ketypes.h:2088
KINTERRUPT_MODE
enum _KINTERRUPT_MODE KINTERRUPT_MODE
_PP_LOOKASIDE_LIST
Definition: ketypes.h:809
_KUSER_SHARED_DATA::TickCountLowDeprecated
ULONG TickCountLowDeprecated
Definition: ketypes.h:1156
_KDPC_LIST::ListHead
SINGLE_LIST_ENTRY ListHead
Definition: ketypes.h:730
_KLOCK_ENTRY::IoQoSWaiterCount
USHORT IoQoSWaiterCount
Definition: ketypes.h:1130
VDMSERVICECLASS
enum _VDMSERVICECLASS VDMSERVICECLASS
_In_
#define _In_
Definition: ms_sal.h:308
PKLOCK_ENTRY_LOCK_STATE
struct _KLOCK_ENTRY_LOCK_STATE * PKLOCK_ENTRY_LOCK_STATE
_KLOCK_ENTRY::IoBoost
USHORT IoBoost
Definition: ketypes.h:1124
_KTHREAD::QueueListEntry
LIST_ENTRY QueueListEntry
Definition: ketypes.h:1834
_KPROCESS::ProcessListEntry
LIST_ENTRY ProcessListEntry
Definition: ketypes.h:2076
Reserved
_Reserved_ PVOID Reserved
Definition: winddi.h:3974
PKKERNEL_ROUTINE
VOID(NTAPI * PKKERNEL_ROUTINE)(IN struct _KAPC *Apc, IN OUT PKNORMAL_ROUTINE *NormalRoutine OPTIONAL, IN OUT PVOID *NormalContext OPTIONAL, IN OUT PVOID *SystemArgument1 OPTIONAL, IN OUT PVOID *SystemArgument2 OPTIONAL)
Definition: ketypes.h:694
Buffer
Definition: bufpool.h:45
_KTHREAD::WaitBlockFill10
UCHAR WaitBlockFill10[2 *sizeof(KWAIT_BLOCK)+FIELD_OFFSET(KWAIT_BLOCK, SparePtr)]
Definition: ketypes.h:1807
_KTHREAD::KernelStack
PVOID KernelStack
Definition: ketypes.h:1617
_KUSER_SHARED_DATA::ImageNumberHigh
USHORT ImageNumberHigh
Definition: ketypes.h:1162
_FIBER::DeallocationStack
PVOID DeallocationStack
Definition: ketypes.h:185
_ULARGE_INTEGER
Definition: ms-dtyp.idl:184
DECLSPEC_ALIGN
struct DECLSPEC_ALIGN(16) _M128A
Definition: ketypes.h:922
_GETSETCONTEXT::Mode
KPROCESSOR_MODE Mode
Definition: ketypes.h:849
_KTIMER_TABLE
Definition: ketypes.h:722
PVOID
void * PVOID
Definition: retypes.h:9
_FIBER::FlsData
PVOID FlsData
Definition: ketypes.h:190
_KLOCK_ENTRY::CpuPriorityKey
CHAR CpuPriorityKey
Definition: ketypes.h:1109
_KTHREAD::Timer
KTIMER Timer
Definition: ketypes.h:1753
_KINTERRUPT::DispatchCount
ULONG DispatchCount
Definition: ketypes.h:902
_KPROCESS::ThreadListHead
LIST_ENTRY ThreadListHead
Definition: ketypes.h:2049
KTHREAD_STATE
enum _KTHREAD_STATE KTHREAD_STATE
_KLOCK_ENTRY_LOCK_STATE::Reserved
ULONG_PTR Reserved
Definition: ketypes.h:996
_KTHREAD::ScbReadyQueue
ULONG ScbReadyQueue
Definition: ketypes.h:1652
_KEXECUTE_OPTIONS::DisableThunkEmulation
UCHAR DisableThunkEmulation
Definition: ketypes.h:931
_KPROCESS::DisableQuantum
LONG DisableQuantum
Definition: ketypes.h:2058
KSYSTEM_TIME
struct _KSYSTEM_TIME KSYSTEM_TIME
_KDPC_DATA::DpcCount
ULONG DpcCount
Definition: ketypes.h:800
_KINTERRUPT::Number
CCHAR Number
Definition: ketypes.h:895
KeLoaderBlock
struct _LOADER_PARAMETER_BLOCK NTSYSAPI * KeLoaderBlock
Definition: krnlinit.c:29
MAX_WOW64_SHARED_ENTRIES
#define MAX_WOW64_SHARED_ENTRIES
Definition: ketypes.h:1143
PKSYSTEM_TIME
struct _KSYSTEM_TIME * PKSYSTEM_TIME
_KTHREAD::WaitReason
UCHAR WaitReason
Definition: ketypes.h:1906
_KTHREAD::BasePriority
CHAR BasePriority
Definition: ketypes.h:1859
_KTIMER_TABLE_ENTRY::Time
ULARGE_INTEGER Time
Definition: ketypes.h:719
_KLOCK_ENTRY_LOCK_STATE::SessionId
ULONG SessionId
Definition: ketypes.h:1006
_SYNCH_COUNTERS::ExecutiveResourceAcquiresCount
ULONG ExecutiveResourceAcquiresCount
Definition: ketypes.h:745
EVENT_TYPE
enum _EVENT_TYPE EVENT_TYPE
_SYNCH_COUNTERS::ExDeleteResourceCount
ULONG ExDeleteResourceCount
Definition: ketypes.h:744
_KUSER_SHARED_DATA::ImageNumberLow
USHORT ImageNumberLow
Definition: ketypes.h:1161
PKWAIT_STATUS_REGISTER
union _KWAIT_STATUS_REGISTER * PKWAIT_STATUS_REGISTER
UserTime
_Out_ PULONG UserTime
Definition: kefuncs.h:773
_KTHREAD::ExplicitSystemHeteroCpuPolicy
UCHAR ExplicitSystemHeteroCpuPolicy
Definition: ketypes.h:1706
_KNODE::Flags
struct _KNODE::_flags Flags
KLOCK_ENTRY_LOCK_STATE
struct _KLOCK_ENTRY_LOCK_STATE KLOCK_ENTRY_LOCK_STATE
_KUSER_SHARED_DATA::TickCount
volatile KSYSTEM_TIME TickCount
Definition: ketypes.h:1225
PKINTERRUPT_ROUTINE
VOID(NTAPI * PKINTERRUPT_ROUTINE)(VOID)
Definition: ketypes.h:490
_KTHREAD::DisableBoost
ULONG DisableBoost
Definition: ketypes.h:1667
_KTHREAD::Alertable
ULONG Alertable
Definition: ketypes.h:1640
SystemArgument1
_In_opt_ PVOID _In_opt_ PVOID SystemArgument1
Definition: ketypes.h:675
_KTHREAD::NpxState
ULONG64 NpxState
Definition: ketypes.h:2010
_KTHREAD::PropagateBoostsEntry
SINGLE_LIST_ENTRY PropagateBoostsEntry
Definition: ketypes.h:1966
_KINTERRUPT::InterruptListEntry
LIST_ENTRY InterruptListEntry
Definition: ketypes.h:879
_KTHREAD::WaitStatus
volatile INT_PTR WaitStatus
Definition: ketypes.h:1741
LONGLONG
int64_t LONGLONG
Definition: typedefs.h:68
PFIBER
struct _FIBER * PFIBER
_KPROCESS::Affinity
KAFFINITY Affinity
Definition: ketypes.h:2051
LONG64
int64_t LONG64
Definition: typedefs.h:68
KPROCESS
struct _KPROCESS KPROCESS
PreviousMode
_In_ KPROCESSOR_MODE PreviousMode
Definition: sefuncs.h:103
PTIMER_APC_ROUTINE
VOID(NTAPI * PTIMER_APC_ROUTINE)(_In_ PVOID TimerContext, _In_ ULONG TimerLowValue, _In_ LONG TimerHighValue)
Definition: ketypes.h:1098
KeMaximumIncrement
ULONG NTSYSAPI KeMaximumIncrement
Definition: clock.c:20
_KLOCK_ENTRY::CpuBoostsBitmap
USHORT CpuBoostsBitmap
Definition: ketypes.h:1123
KLOCK_ENTRY
struct _KLOCK_ENTRY KLOCK_ENTRY
_KWAIT_STATUS_REGISTER::Priority
UCHAR Priority
Definition: ketypes.h:946
_KTIMER_TABLE_ENTRY::Entry
LIST_ENTRY Entry
Definition: ketypes.h:718
_COUNTER_READING::Start
ULONG64 Start
Definition: ketypes.h:958
_KINTERRUPT::Irql
KIRQL Irql
Definition: ketypes.h:891
_FIBER::TebFlags
ULONG TebFlags
Definition: ketypes.h:192
_KTHREAD::KernelTime
ULONG KernelTime
Definition: ketypes.h:1929
PKRUNDOWN_ROUTINE
VOID(NTAPI * PKRUNDOWN_ROUTINE)(IN struct _KAPC *Apc)
Definition: ketypes.h:690
_KINTERRUPT::Rsvd1
ULONGLONG Rsvd1
Definition: ketypes.h:904
_KTHREAD_COUNTERS::UserData
struct _THREAD_PERFORMANCE_DATA * UserData
Definition: ketypes.h:965
_KSYSTEM_TIME::High1Time
LONG High1Time
Definition: ketypes.h:918
_KLOCK_ENTRY::HeadNodeBit
UCHAR HeadNodeBit
Definition: ketypes.h:1047
_KLOCK_ENTRY::WaitingBit
UCHAR WaitingBit
Definition: ketypes.h:1033
_KNODE::MmShiftedColor
ULONG MmShiftedColor
Definition: ketypes.h:836
MODE
enum _MODE MODE
PROCESSOR_FEATURE_MAX
#define PROCESSOR_FEATURE_MAX
WCHAR
__wchar_t WCHAR
Definition: xmlstorage.h:180
_KUSER_SHARED_DATA::AlternativeArchitecture
ALTERNATIVE_ARCHITECTURE_TYPE AlternativeArchitecture
Definition: ketypes.h:1177
_KTHREAD::SchedulerApc
KAPC SchedulerApc
Definition: ketypes.h:1915
_KPROCESS::SwapListEntry
SINGLE_LIST_ENTRY SwapListEntry
Definition: ketypes.h:2047
_KWAIT_STATUS_REGISTER::Flags
UCHAR Flags
Definition: ketypes.h:941
_KLOCK_ENTRY::CrossThreadFlags
UCHAR CrossThreadFlags
Definition: ketypes.h:1044
CCHAR
char CCHAR
Definition: typedefs.h:51
_KTHREAD::Spare0
UCHAR Spare0
Definition: ketypes.h:1707
_SYNCH_COUNTERS::ExAcqResExclusiveNotAcquires
ULONG ExAcqResExclusiveNotAcquires
Definition: ketypes.h:754
ULONGLONG
uint64_t ULONGLONG
Definition: typedefs.h:67
_KLOCK_ENTRY::IoPriorityBit
UCHAR IoPriorityBit
Definition: ketypes.h:1048
_KTHREAD::SwapListEntry
SINGLE_LIST_ENTRY SwapListEntry
Definition: ketypes.h:1746
KUSER_SHARED_DATA
struct _KUSER_SHARED_DATA KUSER_SHARED_DATA
_KPROCESS::Visited
UCHAR Visited
Definition: ketypes.h:2069
_KINTERRUPT::ShareVector
BOOLEAN ShareVector
Definition: ketypes.h:896
_KUSER_SHARED_DATA::DbgElevationEnabled
ULONG DbgElevationEnabled
Definition: ketypes.h:1207
_KTHREAD::ExpectedRunTime
ULONG ExpectedRunTime
Definition: ketypes.h:1616
_KTHREAD::StackLimit
volatile VOID * StackLimit
Definition: ketypes.h:1607
SCHAR
signed char SCHAR
Definition: sqltypes.h:14
Affinity
_In_ ULONG _In_ ULONG _In_ ULONG _Out_ PKIRQL _Out_ PKAFFINITY Affinity
Definition: halfuncs.h:170
_KINTERRUPT::MessageIndex
ULONG MessageIndex
Definition: ketypes.h:883
WAIT_TYPE
enum _WAIT_TYPE WAIT_TYPE
RTL_RB_TREE
struct _RTL_RB_TREE RTL_RB_TREE
FIXME: should move to rtltypes.h, but we can't include it here.
_KTHREAD::IoSelfBoostsEntry
SINGLE_LIST_ENTRY IoSelfBoostsEntry
Definition: ketypes.h:1967
_KTHREAD::Queue
PKQUEUE Queue
Definition: ketypes.h:1748
_KINTERRUPT::Polarity
KINTERRUPT_POLARITY Polarity
Definition: ketypes.h:899
_KEVENT_PAIR
Definition: ketypes.h:916
_KTHREAD::QuantumTarget
ULONG64 QuantumTarget
Definition: ketypes.h:1605
RTL_SIZEOF_THROUGH_FIELD
#define RTL_SIZEOF_THROUGH_FIELD(type, field)
Definition: ntbasedef.h:672
_KTHREAD::WaitBlockFill8
UCHAR WaitBlockFill8[FIELD_OFFSET(KWAIT_BLOCK, SparePtr)]
Definition: ketypes.h:1797
_KUSER_SHARED_DATA::TimeZoneId
ULONG TimeZoneId
Definition: ketypes.h:1166
_KUSER_SHARED_DATA::Reserved3
ULONG Reserved3
Definition: ketypes.h:1175
_SYNCH_COUNTERS::ExReInitializeResourceCount
ULONG ExReInitializeResourceCount
Definition: ketypes.h:743
_KEXECUTE_OPTIONS::Permanent
UCHAR Permanent
Definition: ketypes.h:932
_KTHREAD::SchedulingGroup
struct _KSCHEDULING_GROUP * SchedulingGroup
Definition: ketypes.h:1619
_KLOCK_ENTRY::LockUnsafe
PVOID LockUnsafe
Definition: ketypes.h:1079
KPROCESSOR_MODE
CCHAR KPROCESSOR_MODE
Definition: ketypes.h:7
PPP_LOOKASIDE_LIST
struct _PP_LOOKASIDE_LIST * PPP_LOOKASIDE_LIST
_KTHREAD::ChargeOnlyGroup
ULONG ChargeOnlyGroup
Definition: ketypes.h:1674
_KTHREAD::ForegroundBoost
UCHAR ForegroundBoost
Definition: ketypes.h:1865
FIBER
struct _FIBER FIBER
_SYNCH_COUNTERS
Definition: ketypes.h:734
_KTHREAD::WaitListEntry
LIST_ENTRY WaitListEntry
Definition: ketypes.h:1745
_KTHREAD::AffinityFill
UCHAR AffinityFill[FIELD_OFFSET(GROUP_AFFINITY, Reserved)]
Definition: ketypes.h:1883
_KTHREAD::SuspendEvent
KEVENT SuspendEvent
Definition: ketypes.h:1949
_KTHREAD::AdjustReason
UCHAR AdjustReason
Definition: ketypes.h:1870
_PP_LOOKASIDE_LIST::L
struct _GENERAL_LOOKASIDE * L
Definition: ketypes.h:812
_FIBER::GuaranteedStackBytes
ULONG GuaranteedStackBytes
Definition: ketypes.h:191
_KUSER_SHARED_DATA::NumberOfPhysicalPages
ULONG NumberOfPhysicalPages
Definition: ketypes.h:1189
_KPROCESS::CycleTime
ULONGLONG CycleTime
Definition: ketypes.h:2078
_KTHREAD::AbEntrySummary
UCHAR AbEntrySummary
Definition: ketypes.h:1954
_KTHREAD::QuantumEndMigrate
ULONG QuantumEndMigrate
Definition: ketypes.h:1646
KINTERRUPT_POLARITY
enum _KINTERRUPT_POLARITY KINTERRUPT_POLARITY
ULONG64
unsigned __int64 ULONG64
Definition: imports.h:198
TIMER_TYPE
enum _TIMER_TYPE TIMER_TYPE
_KTHREAD::DisableStackCheck
ULONG DisableStackCheck
Definition: ketypes.h:1656
_KTHREAD_COUNTERS::ContextSwitches
ULONG ContextSwitches
Definition: ketypes.h:967
UCHAR
unsigned char UCHAR
Definition: xmlstorage.h:181
KTHREAD_COUNTERS
struct _KTHREAD_COUNTERS KTHREAD_COUNTERS
_KINTERRUPT::Vector
ULONG Vector
Definition: ketypes.h:890
_SYNCH_COUNTERS::ExBoostExclusiveOwner
ULONG ExBoostExclusiveOwner
Definition: ketypes.h:778
_KUSER_SHARED_DATA::Reserved1
ULONG Reserved1
Definition: ketypes.h:1174
_KTHREAD_COUNTERS::HwCounter
COUNTER_READING HwCounter[16]
Definition: ketypes.h:970
_KINTERRUPT::ServiceRoutine
PKSERVICE_ROUTINE ServiceRoutine
Definition: ketypes.h:880
_KTHREAD::AbFreeEntryCount
UCHAR AbFreeEntryCount
Definition: ketypes.h:1984
_KPROCESS::ThreadSeed
UCHAR ThreadSeed
Definition: ketypes.h:2066
_SYNCH_COUNTERS::ExecutiveResourceConvertsCount
ULONG ExecutiveResourceConvertsCount
Definition: ketypes.h:749
_EVENT_TYPE
_EVENT_TYPE
Definition: ntdef.template.h:355
_KPROFILE::Size
CSHORT Size
Definition: ketypes.h:859
_KAPC::NormalContext
PVOID NormalContext
Definition: ketypes.h:550
_KDPC
Definition: ketypes.h:687
_KPROCESS::IdealNode
UCHAR IdealNode
Definition: ketypes.h:2068
_KPRCB
Definition: ketypes.h:560
_KTHREAD::RelativeTimerBias
ULONG64 RelativeTimerBias
Definition: ketypes.h:1751
_CONTEXT
Definition: nt_native.h:1406
_KWAIT_STATUS_REGISTER::State
UCHAR State
Definition: ketypes.h:944
PHANDLE
PVOID *typedef PHANDLE
Definition: ntsecpkg.h:454
VOID
#define VOID
Definition: acefi.h:82
_COUNTER_READING::Index
ULONG Index
Definition: ketypes.h:957
_SYNCH_COUNTERS::ExecutiveResourceContentionsCount
ULONG ExecutiveResourceContentionsCount
Definition: ketypes.h:746
Ready
Definition: ketypes.h:422
_KEVENT_PAIR::LowEvent
KEVENT LowEvent
Definition: ketypes.h:920
_KUSER_SHARED_DATA::SuiteMask
ULONG SuiteMask
Definition: ketypes.h:1180
_KTHREAD::IdealProcessor
ULONG IdealProcessor
Definition: ketypes.h:1886
_SYNCH_COUNTERS::ExAcqResSharedWaitForExclusiveAcquiresExclusive
ULONG ExAcqResSharedWaitForExclusiveAcquiresExclusive
Definition: ketypes.h:768
_KTHREAD::InGlobalForegroundList
ULONG_PTR InGlobalForegroundList
Definition: ketypes.h:1994
_KTHREAD::SchedulerApcFill4
UCHAR SchedulerApcFill4[FIELD_OFFSET(KAPC, SystemArgument2)]
Definition: ketypes.h:1938
_KAPC
Definition: ketypes.h:535
_GROUP_AFFINITY
Definition: ntbasedef.h:659
_KPROCESS::ReadyListHead
LIST_ENTRY ReadyListHead
Definition: ketypes.h:2046
_MODE
_MODE
Definition: ketypes.h:10
_KAPC_ENVIRONMENT
_KAPC_ENVIRONMENT
Definition: ketypes.h:705
_LIST_ENTRY
Definition: typedefs.h:119
_KGATE
Definition: ketypes.h:810
_KINTERRUPT
Definition: ketypes.h:875
_SYNCH_COUNTERS::SpinLockSpinCount
ULONG SpinLockSpinCount
Definition: ketypes.h:738
_KTHREAD::ForceDeferSchedule
ULONG ForceDeferSchedule
Definition: ketypes.h:1677
PGETSETCONTEXT
struct _GETSETCONTEXT * PGETSETCONTEXT
_KTHREAD::ApcStateFill
UCHAR ApcStateFill[RTL_SIZEOF_THROUGH_FIELD(KAPC_STATE, UserApcPending)]
Definition: ketypes.h:1723
KTHREAD
struct _KTHREAD KTHREAD
_KUSER_SHARED_DATA::ActiveConsoleId
volatile ULONG ActiveConsoleId
Definition: ketypes.h:1185
_KUSER_SHARED_DATA::TimeZoneBias
volatile KSYSTEM_TIME TimeZoneBias
Definition: ketypes.h:1160
_SYNCH_COUNTERS::ExAcqResSharedAcquiresSharedRecursive
ULONG ExAcqResSharedAcquiresSharedRecursive
Definition: ketypes.h:758
_KNODE::Color
UCHAR Color
Definition: ketypes.h:829
Object
_Must_inspect_result_ _In_ WDFCOLLECTION _In_ WDFOBJECT Object
Definition: wdfcollection.h:120
_SYNCH_COUNTERS::IpiSendRequestRoutineCount
ULONG IpiSendRequestRoutineCount
Definition: ketypes.h:740
_KTHREAD::PriorityFloorSummary
ULONG PriorityFloorSummary
Definition: ketypes.h:1969
_KPROCESS::ProcessLock
KSPIN_LOCK ProcessLock
Definition: ketypes.h:2050
_KWAIT_BLOCK
Definition: ketypes.h:443
_SYNCH_COUNTERS::ExAcqResSharedStarveExclusiveAcquiresSharedRecursive
ULONG ExAcqResSharedStarveExclusiveAcquiresSharedRecursive
Definition: ketypes.h:764
_KTHREAD::CurrentRunTime
ULONG CurrentRunTime
Definition: ketypes.h:1615
PKTIMER_TABLE
struct _KTIMER_TABLE * PKTIMER_TABLE
SystemArgument2
_In_opt_ PVOID _In_opt_ PVOID _In_opt_ PVOID SystemArgument2
Definition: ketypes.h:675
_DISPATCHER_HEADER
Definition: ketypes.h:728
_KEVENT_PAIR::Type
CSHORT Type
Definition: ketypes.h:918
_KENTROPY_TIMING_STATE
Definition: ketypes.h:2103
_KTHREAD::QuantumReset
UCHAR QuantumReset
Definition: ketypes.h:1924
_SYNCH_COUNTERS::ExAcqResExclusiveAcquiresExclusive
ULONG ExAcqResExclusiveAcquiresExclusive
Definition: ketypes.h:751
_KINTERRUPT::ActualLock
PKSPIN_LOCK ActualLock
Definition: ketypes.h:888
_KTHREAD::StackBase
PVOID StackBase
Definition: ketypes.h:1608
_KINTERRUPT::DispatchCode
ULONG DispatchCode[DISPATCH_LENGTH]
Definition: ketypes.h:910
_KTHREAD::SavedApcStateFill
UCHAR SavedApcStateFill[FIELD_OFFSET(KAPC_STATE, UserApcPending)+1]
Definition: ketypes.h:1905
KeMinimumIncrement
ULONG NTSYSAPI KeMinimumIncrement
Definition: clock.c:21
_KSYSTEM_TIME::High2Time
LONG High2Time
Definition: ketypes.h:919
_KTHREAD::QueueDeferPreemption
ULONG QueueDeferPreemption
Definition: ketypes.h:1676
_TEB
Definition: compat.h:694
_KUSER_SHARED_DATA::DbgVirtEnabled
ULONG DbgVirtEnabled
Definition: ketypes.h:1208
_KDPC_DATA::DpcQueueDepth
volatile ULONG DpcQueueDepth
Definition: ketypes.h:798
_KLOCK_ENTRY_LOCK_STATE::SessionState
PVOID SessionState
Definition: ketypes.h:1003
_SYNCH_COUNTERS::ExTryToAcqExclusiveAcquires
ULONG ExTryToAcqExclusiveAcquires
Definition: ketypes.h:777
_KUSER_SHARED_DATA::DbgInstallerDetectEnabled
ULONG DbgInstallerDetectEnabled
Definition: ketypes.h:1209
_KTHREAD::LockEntries
KLOCK_ENTRY LockEntries[NUMBER_OF_LOCK_ENTRIES]
Definition: ketypes.h:1965
_SYNCH_COUNTERS::SpinLockContentionCount
ULONG SpinLockContentionCount
Definition: ketypes.h:737
_KPROCESS
Definition: ketypes.h:2024
_KNODE::_flags
Definition: ketypes.h:832
_KTHREAD::PreviousMode
CHAR PreviousMode
Definition: ketypes.h:1858
_KTHREAD::SchedulerApcFill1
UCHAR SchedulerApcFill1[FIELD_OFFSET(KAPC, SpareByte1)]
Definition: ketypes.h:1923
_KUSER_SHARED_DATA::NtSystemRoot
WCHAR NtSystemRoot[260]
Definition: ketypes.h:1163
_KPROFILE::Segment
ULONG_PTR Segment
Definition: ketypes.h:866
_NT_PRODUCT_TYPE
_NT_PRODUCT_TYPE
Definition: ntdef.template.h:349
_PP_LOOKASIDE_LIST::P
struct _GENERAL_LOOKASIDE * P
Definition: ketypes.h:811
_KLOCK_ENTRY::ThreadLocalFlags
UCHAR ThreadLocalFlags
Definition: ketypes.h:1030
_KLOCK_ENTRY::OwnerTree
RTL_RB_TREE OwnerTree
Definition: ketypes.h:1106
_KTHREAD::CalloutActive
ULONG CalloutActive
Definition: ketypes.h:1651
USHORT
unsigned short USHORT
Definition: pedump.c:61
PSYNCH_COUNTERS
struct _SYNCH_COUNTERS * PSYNCH_COUNTERS
_KENTROPY_TIMING_STATE::Dpc
KDPC Dpc
Definition: ketypes.h:2107
_KUSER_SHARED_DATA::TickCountQuad
volatile ULONG64 TickCountQuad
Definition: ketypes.h:1226
_KTHREAD::PriorityDecrement
CHAR PriorityDecrement
Definition: ketypes.h:1862
_KTHREAD::SuspendCount
CHAR SuspendCount
Definition: ketypes.h:1907
KAFFINITY
ULONG_PTR KAFFINITY
Definition: compat.h:85
_KNODE::_flags::Fill
UCHAR Fill
Definition: ketypes.h:834
PowerState
_Must_inspect_result_ _In_ PWDFDEVICE_INIT _In_ WDF_DEVICE_POWER_STATE PowerState
Definition: wdfdevice.h:3032
_KDPC_DATA
Definition: ketypes.h:787
_SYNCH_COUNTERS::ExAcqResExclusiveWaits
ULONG ExAcqResExclusiveWaits
Definition: ketypes.h:753
_KSEMAPHORE
Definition: ketypes.h:803
ALTERNATIVE_ARCHITECTURE_TYPE
enum _ALTERNATIVE_ARCHITECTURE_TYPE ALTERNATIVE_ARCHITECTURE_TYPE
PKPROFILE
struct _KPROFILE * PKPROFILE
KSPIN_LOCK
ULONG KSPIN_LOCK
Definition: env_spec_w32.h:72
_KENTROPY_TIMING_STATE::EntropyCount
ULONG EntropyCount
Definition: ketypes.h:2105
_KLOCK_ENTRY::StaticState
ULONG StaticState
Definition: ketypes.h:1056
_KPROCESS::ActiveProcessors
volatile KAFFINITY ActiveProcessors
Definition: ketypes.h:2043
_KTHREAD::CycleTime
volatile ULONG64 CycleTime
Definition: ketypes.h:1610
_KLOCK_ENTRY::Spare0
UCHAR Spare0
Definition: ketypes.h:1034
FIELD_OFFSET
#define FIELD_OFFSET(t, f)
Definition: typedefs.h:255
_KPROCESS::ProfileListHead
LIST_ENTRY ProfileListHead
Definition: ketypes.h:2027
LONG_PTR
__int3264 LONG_PTR
Definition: mstsclib_h.h:276
_SYNCH_COUNTERS::SpinLockAcquireCount
ULONG SpinLockAcquireCount
Definition: ketypes.h:736
_KTHREAD::WaitBlockCount
UCHAR WaitBlockCount
Definition: ketypes.h:1885
OPTIONAL
#define OPTIONAL
Definition: typedefs.h:41
PULONG
unsigned int * PULONG
Definition: retypes.h:1
_KUSER_SHARED_DATA::SystemCallPad
ULONGLONG SystemCallPad[3]
Definition: ketypes.h:1223
_KTHREAD::AdjustIncrement
CHAR AdjustIncrement
Definition: ketypes.h:1871
_KUSER_SHARED_DATA::NXSupportPolicy
UCHAR NXSupportPolicy
Definition: ketypes.h:1183
_SYNCH_COUNTERS::ExInitializeResourceCount
ULONG ExInitializeResourceCount
Definition: ketypes.h:742
_FIBER::Wx86Tib
PVOID Wx86Tib
Definition: ketypes.h:188
Reserved1
Definition: bcd.h:201
_KTHREAD::Spare12
CHAR Spare12
Definition: ketypes.h:1733
_KINTERRUPT::SynchronizeIrql
KIRQL SynchronizeIrql
Definition: ketypes.h:892
_KTHREAD::SchedulerApcFill0
UCHAR SchedulerApcFill0[FIELD_OFFSET(KAPC, SpareByte0)]
Definition: ketypes.h:1918
_KEVENT
Definition: ketypes.h:799
_KPROCESS::KernelTime
ULONG KernelTime
Definition: ketypes.h:2044
_KTHREAD::ThreadListEntry
LIST_ENTRY ThreadListEntry
Definition: ketypes.h:1950
XSAVE_FORMAT
XSAVE_FORMAT
Definition: ketypes.h:951
_KTHREAD::ReservedStackInUse
ULONG ReservedStackInUse
Definition: ketypes.h:1654
_KTHREAD::QueuedScb
struct _KSCB * QueuedScb
Definition: ketypes.h:2008
_KUSER_SHARED_DATA::LastSystemRITEventTickCount
ULONG LastSystemRITEventTickCount
Definition: ketypes.h:1188
_KTHREAD::Teb
PVOID Teb
Definition: ketypes.h:1749
_LARGE_INTEGER
Definition: typedefs.h:102
_KEXECUTE_OPTIONS::ExecuteEnable
UCHAR ExecuteEnable
Definition: ketypes.h:930
_KSERVICE_TABLE_DESCRIPTOR::Base
PULONG_PTR Base
Definition: ketypes.h:2090
_KPROFILE::BucketShift
ULONG BucketShift
Definition: ketypes.h:864
PKTHREAD_STATE
enum _KTHREAD_STATE * PKTHREAD_STATE
_KTHREAD::UserTime
ULONG UserTime
Definition: ketypes.h:1945
KSERVICE_TABLE_DESCRIPTOR
struct _KSERVICE_TABLE_DESCRIPTOR KSERVICE_TABLE_DESCRIPTOR
PKENTROPY_TIMING_STATE
struct _KENTROPY_TIMING_STATE * PKENTROPY_TIMING_STATE
_KPROCESS::Flags
KEXECUTE_OPTIONS Flags
Definition: ketypes.h:2072
COUNTER_READING
struct _COUNTER_READING COUNTER_READING
_KTHREAD::ResourceIndex
UCHAR ResourceIndex
Definition: ketypes.h:1919
_KTHREAD::Header
DISPATCHER_HEADER Header
Definition: ketypes.h:1603
DISPATCH_LENGTH
#define DISPATCH_LENGTH
Definition: ketypes.h:207
Process
_Must_inspect_result_ _In_ PLARGE_INTEGER _In_ PLARGE_INTEGER _In_ ULONG _In_ PFILE_OBJECT _In_ PVOID Process
Definition: fsrtlfuncs.h:219
_KLOCK_ENTRY_LOCK_STATE::CrossThreadReleasable
ULONG_PTR CrossThreadReleasable
Definition: ketypes.h:991
KWAIT_REASON
enum _KWAIT_REASON KWAIT_REASON
_ADJUST_REASON
_ADJUST_REASON
Definition: ketypes.h:470
_KTHREAD::GlobalForegroundListEntry
LIST_ENTRY GlobalForegroundListEntry
Definition: ketypes.h:1990
_KTHREAD::LegoData
PVOID LegoData
Definition: ketypes.h:1939
_KTHREAD::UserAffinityFill
UCHAR UserAffinityFill[FIELD_OFFSET(GROUP_AFFINITY, Reserved)]
Definition: ketypes.h:1857
_KTHREAD::Running
BOOLEAN Running
Definition: ketypes.h:1621
_KLOCK_ENTRY::SessionState
PVOID SessionState
Definition: ketypes.h:1091
_KTHREAD_COUNTERS::Flags
ULONG Flags
Definition: ketypes.h:966
_KTHREAD::StateSaveArea
XSAVE_FORMAT * StateSaveArea
Definition: ketypes.h:1618
OUT
#define OUT
Definition: typedefs.h:40
KeServiceDescriptorTable
KSERVICE_TABLE_DESCRIPTOR NTSYSAPI KeServiceDescriptorTable[SSDT_MAX_ENTRIES]
Definition: procobj.c:23
NT_PRODUCT_TYPE
enum _NT_PRODUCT_TYPE NT_PRODUCT_TYPE
_KTHREAD::State
volatile UCHAR State
Definition: ketypes.h:1731
_KTHREAD::Win32Thread
PVOID Win32Thread
Definition: ketypes.h:1808
_KLOCK_ENTRY::InTreeByte
UCHAR InTreeByte
Definition: ketypes.h:1088
_KTHREAD::Affinity
GROUP_AFFINITY Affinity
Definition: ketypes.h:1880
_KINTERRUPT::Size
CSHORT Size
Definition: ketypes.h:878
_KTHREAD_STATE
_KTHREAD_STATE
Definition: ketypes.h:419
KINTERRUPT
struct _KINTERRUPT KINTERRUPT
ULONG
unsigned int ULONG
Definition: retypes.h:1
_KWAIT_STATUS_REGISTER::Apc
UCHAR Apc
Definition: ketypes.h:947
KeDcacheFlushCount
ULONG NTSYSAPI KeDcacheFlushCount
Definition: cpu.c:20
_KTHREAD::ContextSwitches
ULONG ContextSwitches
Definition: ketypes.h:1730
_KTHREAD::SListFaultCount
SHORT SListFaultCount
Definition: ketypes.h:1909
_RTL_RB_TREE::Root
PRTL_BALANCED_NODE Root
Definition: ketypes.h:978
TimerContext
_In_ PLARGE_INTEGER _In_opt_ PTIMER_APC_ROUTINE _In_opt_ PVOID TimerContext
Definition: zwfuncs.h:428
_KTHREAD::DeferredProcessor
ULONG DeferredProcessor
Definition: ketypes.h:1848
PULONG_PTR
uint32_t * PULONG_PTR
Definition: typedefs.h:65
_KPROCESS::PowerState
UCHAR PowerState
Definition: ketypes.h:2067
_KNODE::NodeNumber
UCHAR NodeNumber
Definition: ketypes.h:831
_KUSER_SHARED_DATA::SystemCall
ULONG SystemCall
Definition: ketypes.h:1221
_KTHREAD::Preempted
UCHAR Preempted
Definition: ketypes.h:1869
PKEXECUTE_OPTIONS
struct _KEXECUTE_OPTIONS * PKEXECUTE_OPTIONS
_KTHREAD::WaitTime
ULONG WaitTime
Definition: ketypes.h:1817
_KTHREAD::Tag
volatile UCHAR Tag
Definition: ketypes.h:1703
_KTHREAD::ReadyTransition
ULONG ReadyTransition
Definition: ketypes.h:1633
_SYNCH_COUNTERS::IpiSendSoftwareInterruptCount
ULONG IpiSendSoftwareInterruptCount
Definition: ketypes.h:741
_KTHREAD::DisableQuantum
ULONG DisableQuantum
Definition: ketypes.h:1673
_KTHREAD::ApcStateIndex
UCHAR ApcStateIndex
Definition: ketypes.h:1884
_SLIST_HEADER
Definition: rtltypes.h:138
_KPROFILE
Definition: ketypes.h:856
_KNODE::PfnDereferenceSListHead
SLIST_HEADER PfnDereferenceSListHead
Definition: ketypes.h:827
PKDPC_LIST
struct _KDPC_LIST * PKDPC_LIST
KWAIT_BLOCK
struct _KWAIT_BLOCK KWAIT_BLOCK
_KNODE::ProcessorMask
KAFFINITY ProcessorMask
Definition: ketypes.h:828
_KTHREAD::ApcQueueable
ULONG ApcQueueable
Definition: ketypes.h:1653
PKNORMAL_ROUTINE
VOID(NTAPI * PKNORMAL_ROUTINE)(IN PVOID NormalContext OPTIONAL, IN PVOID SystemArgument1 OPTIONAL, IN PVOID SystemArgument2 OPTIONAL)
Definition: ketypes.h:684
_KTHREAD::WaitMode
KPROCESSOR_MODE WaitMode
Definition: ketypes.h:1738
_KDPC_DATA::ActiveDpc
PKDPC ActiveDpc
Definition: ketypes.h:802
_KNODE::Seed
UCHAR Seed
Definition: ketypes.h:830
_KEVENT_PAIR::HighEvent
KEVENT HighEvent
Definition: ketypes.h:921
_SYNCH_COUNTERS::ExAcqResSharedWaitForExclusiveWaits
ULONG ExAcqResSharedWaitForExclusiveWaits
Definition: ketypes.h:771
KPROFILE_SOURCE
enum _KPROFILE_SOURCE KPROFILE_SOURCE
_COUNTER_READING::Type
enum _HARDWARE_COUNTER_TYPE Type
Definition: ketypes.h:956
_KTHREAD::WaitBlockFill9
UCHAR WaitBlockFill9[1 *sizeof(KWAIT_BLOCK)+FIELD_OFFSET(KWAIT_BLOCK, SparePtr)]
Definition: ketypes.h:1802
_KPROCESS::UserTime
ULONG UserTime
Definition: ketypes.h:2045
_KPROCESS::AutoAlignment
LONG AutoAlignment
Definition: ketypes.h:2056
_KINTERRUPT::DispatchAddress
PKINTERRUPT_ROUTINE DispatchAddress
Definition: ketypes.h:889
_KEXECUTE_OPTIONS::ExecuteDispatchEnable
UCHAR ExecuteDispatchEnable
Definition: ketypes.h:933
CSHORT
short CSHORT
Definition: umtypes.h:127
_WAIT_TYPE
_WAIT_TYPE
Definition: ntdef.template.h:365
_KSYSTEM_TIME
Definition: ketypes.h:916
_KTHREAD::InitialStack
PVOID InitialStack
Definition: ketypes.h:1606
_KUSER_SHARED_DATA::DbgErrorPortPresent
ULONG DbgErrorPortPresent
Definition: ketypes.h:1206
ADJUST_REASON
enum _ADJUST_REASON ADJUST_REASON
KPROFILE
struct _KPROFILE KPROFILE
_KTHREAD::AffinityVersion
ULONG_PTR AffinityVersion
Definition: ketypes.h:1876
KTIMER_TABLE_ENTRY
struct _KTIMER_TABLE_ENTRY KTIMER_TABLE_ENTRY
_KINTERRUPT::ServiceContext
PVOID ServiceContext
Definition: ketypes.h:885
_KTHREAD::UserAffinity
GROUP_AFFINITY UserAffinity
Definition: ketypes.h:1854
PKLOCK_ENTRY
struct _KLOCK_ENTRY * PKLOCK_ENTRY
_KWAIT_STATUS_REGISTER::Alert
UCHAR Alert
Definition: ketypes.h:949
KiBugCheckData
ULONG_PTR NTSYSAPI KiBugCheckData[]
Definition: bug.c:27
PKNODE
struct _KNODE * PKNODE
_KTHREAD::ThreadLock
KSPIN_LOCK ThreadLock
Definition: ketypes.h:1609
Limit
_In_ LONG _In_ LONG Limit
Definition: kefuncs.h:317
_KNODE::FreeCount
ULONG FreeCount[2]
Definition: ketypes.h:837
_KTHREAD::WaitRegister
KWAIT_STATUS_REGISTER WaitRegister
Definition: ketypes.h:1620
_KTHREAD::GuiThread
ULONG GuiThread
Definition: ketypes.h:1672
_KTHREAD::ProcessStackCountDecremented
ULONG ProcessStackCountDecremented
Definition: ketypes.h:1691
ServiceTable
SERVICE_TABLE_ENTRYW ServiceTable[]
Definition: service.c:21
_KPROCESS::VdmTrapcHandler
PVOID VdmTrapcHandler
Definition: ketypes.h:2048
_KTHREAD::SystemCallNumber
ULONG SystemCallNumber
Definition: ketypes.h:1711
_SYNCH_COUNTERS::ExAcqResSharedWaitForExclusiveNotAcquires
ULONG ExAcqResSharedWaitForExclusiveNotAcquires
Definition: ketypes.h:772
_SYNCH_COUNTERS::ExecutiveResourceReleaseExclusiveCount
ULONG ExecutiveResourceReleaseExclusiveCount
Definition: ketypes.h:747
_FIBER::ActivationContextStackPointer
struct _ACTIVATION_CONTEXT_STACK * ActivationContextStackPointer
Definition: ketypes.h:189
PKAPC_STATE
* PKAPC_STATE
Definition: ketypes.h:1285
_KWAIT_STATUS_REGISTER
Definition: ketypes.h:939
_KUSER_SHARED_DATA::ComPlusPackage
ULONG ComPlusPackage
Definition: ketypes.h:1187
_KIDTENTRY
Definition: ketypes.h:385
THREAD_WAIT_OBJECTS
#define THREAD_WAIT_OBJECTS
Definition: ketypes.h:480
_KUSER_SHARED_DATA::ProcessorFeatures
BOOLEAN ProcessorFeatures[PROCESSOR_FEATURE_MAX]
Definition: ketypes.h:1173
PKSERVICE_TABLE_DESCRIPTOR
struct _KSERVICE_TABLE_DESCRIPTOR * PKSERVICE_TABLE_DESCRIPTOR
_KCONTINUE_STATUS
_KCONTINUE_STATUS
Definition: ketypes.h:480
_KPROCESS::Header
DISPATCHER_HEADER Header
Definition: ketypes.h:2026
_KTHREAD::KeReferenceCount
volatile SHORT KeReferenceCount
Definition: ketypes.h:1976
_KTHREAD::ThreadFlagsSpare
ULONG ThreadFlagsSpare
Definition: ketypes.h:1692
_KTHREAD::MutantListHead
LIST_ENTRY MutantListHead
Definition: ketypes.h:1951
_KTHREAD::WaitBlockFill11
UCHAR WaitBlockFill11[3 *sizeof(KWAIT_BLOCK)+FIELD_OFFSET(KWAIT_BLOCK, Object)]
Definition: ketypes.h:1812
_SYNCH_COUNTERS::ExEtwSynchTrackingNotificationsAccountedCount
ULONG ExEtwSynchTrackingNotificationsAccountedCount
Definition: ketypes.h:781
_KUSER_SHARED_DATA::SpareBits
ULONG SpareBits
Definition: ketypes.h:1213
_KUSER_SHARED_DATA::DismountCount
volatile ULONG DismountCount
Definition: ketypes.h:1186
_KTHREAD::WaitIrql
KIRQL WaitIrql
Definition: ketypes.h:1737
_KUSER_SHARED_DATA::ProductTypeIsValid
BOOLEAN ProductTypeIsValid
Definition: ketypes.h:1170
_KWAIT_STATUS_REGISTER::Affinity
UCHAR Affinity
Definition: ketypes.h:945
_KUSER_SHARED_DATA::Wow64SharedInformation
ULONG Wow64SharedInformation[MAX_WOW64_SHARED_ENTRIES]
Definition: ketypes.h:1236
KNODE
struct _KNODE KNODE
_KNODE
Definition: ketypes.h:824
PP_LOOKASIDE_LIST
struct _PP_LOOKASIDE_LIST PP_LOOKASIDE_LIST
KeServiceDescriptorTableShadow
KSERVICE_TABLE_DESCRIPTOR NTSYSAPI KeServiceDescriptorTableShadow[SSDT_MAX_ENTRIES]
Definition: procobj.c:24