ReactOS 0.4.16-dev-1097-g530d26a
ketypes.h
Go to the documentation of this file.
1/*++ NDK Version: 0098
2
3Copyright (c) Alex Ionescu. All rights reserved.
4
5Header Name:
6
7 ketypes.h
8
9Abstract:
10
11 Type definitions for the Kernel services.
12
13Author:
14
15 Alex Ionescu (alexi@tinykrnl.org) - Updated - 27-Feb-2006
16
17--*/
18
19#ifndef _KETYPES_H
20#define _KETYPES_H
21
22//
23// Dependencies
24//
25#include <umtypes.h>
26#ifndef NTOS_MODE_USER
27#include <haltypes.h>
28#include <potypes.h>
29#include <ifssupp.h>
30#endif
31
32//
33// A system call ID is formatted as such:
34// .________________________________________________________________.
35// | 14 | 13 | 12 | 11 | 10 | 9 | 8 | 7 | 6 | 5 | 4 | 3 | 2 | 1 | 0 |
36// |--------------|-------------------------------------------------|
37// | TABLE NUMBER | TABLE OFFSET |
38// \----------------------------------------------------------------/
39//
40// The table number is then used as an index into the service descriptor table.
41#define TABLE_NUMBER_BITS 1
42#define TABLE_OFFSET_BITS 12
43
44//
45// There are 2 tables (kernel and shadow, used by Win32K)
46//
47#define NUMBER_SERVICE_TABLES 2
48#define NTOS_SERVICE_INDEX 0
49#define WIN32K_SERVICE_INDEX 1
50
51//
52// NB. From assembly code, the table number must be computed as an offset into
53// the service descriptor table.
54//
55// Each entry into the table is 16 bytes long on 32-bit architectures, and
56// 32 bytes long on 64-bit architectures.
57//
58// Thus, Table Number 1 is offset 16 (0x10) on x86, and offset 32 (0x20) on
59// x64.
60//
61#ifdef _WIN64
62#define BITS_PER_ENTRY 5 // (1 << 5) = 32 bytes
63#else
64#define BITS_PER_ENTRY 4 // (1 << 4) = 16 bytes
65#endif
66
67//
68// We want the table number, but leave some extra bits to we can have the offset
69// into the descriptor table.
70//
71#define SERVICE_TABLE_SHIFT (12 - BITS_PER_ENTRY)
72
73//
74// Now the table number (as an offset) is corrupted with part of the table offset
75// This mask will remove the extra unwanted bits, and give us the offset into the
76// descriptor table proper.
77//
78#define SERVICE_TABLE_MASK (((1 << TABLE_NUMBER_BITS) - 1) << BITS_PER_ENTRY)
79
80//
81// To get the table offset (ie: the service call number), just keep the 12 bits
82//
83#define SERVICE_NUMBER_MASK ((1 << TABLE_OFFSET_BITS) - 1)
84
85//
86// We'll often need to check if this is a graphics call. This is done by comparing
87// the table number offset with the known Win32K table number offset.
88// This is usually index 1, so table number offset 0x10 (x86) or 0x20 (x64)
89//
90#define SERVICE_TABLE_TEST (WIN32K_SERVICE_INDEX << BITS_PER_ENTRY)
91
92//
93// Context Record Flags
94//
95#define CONTEXT_DEBUGGER (CONTEXT_FULL | CONTEXT_FLOATING_POINT)
96
97//
98// Maximum System Descriptor Table Entries
99//
100#define SSDT_MAX_ENTRIES 2
101
102//
103// Processor Architectures
104//
105#define PROCESSOR_ARCHITECTURE_INTEL 0
106#define PROCESSOR_ARCHITECTURE_MIPS 1
107#define PROCESSOR_ARCHITECTURE_ALPHA 2
108#define PROCESSOR_ARCHITECTURE_PPC 3
109#define PROCESSOR_ARCHITECTURE_SHX 4
110#define PROCESSOR_ARCHITECTURE_ARM 5
111#define PROCESSOR_ARCHITECTURE_IA64 6
112#define PROCESSOR_ARCHITECTURE_ALPHA64 7
113#define PROCESSOR_ARCHITECTURE_MSIL 8
114#define PROCESSOR_ARCHITECTURE_AMD64 9
115#define PROCESSOR_ARCHITECTURE_UNKNOWN 0xFFFF
116
117//
118// Object Type Mask for Kernel Dispatcher Objects
119//
120#define KOBJECT_TYPE_MASK 0x7F
121#define KOBJECT_LOCK_BIT 0x80
122
123//
124// Dispatcher Priority increments
125//
126#define THREAD_ALERT_INCREMENT 2
127
128//
129// Physical memory offset of KUSER_SHARED_DATA
130//
131#define KI_USER_SHARED_DATA_PHYSICAL 0x41000
132
133//
134// Quantum values and decrements
135//
136#define MAX_QUANTUM 0x7F
137#define WAIT_QUANTUM_DECREMENT 1
138#define CLOCK_QUANTUM_DECREMENT 3
139
140//
141// Internal Exception Codes
142//
143#define KI_EXCEPTION_INTERNAL 0x10000000
144#define KI_EXCEPTION_ACCESS_VIOLATION (KI_EXCEPTION_INTERNAL | 0x04)
145
146typedef struct _FIBER /* Field offsets: */
147{ /* i386 arm x64 */
148 PVOID FiberData; /* 0x000 0x000 0x000 */
149 struct _EXCEPTION_REGISTRATION_RECORD *ExceptionList;/* 0x004 0x004 0x008 */
150 PVOID StackBase; /* 0x008 0x008 0x010 */
151 PVOID StackLimit; /* 0x00C 0x00C 0x018 */
152 PVOID DeallocationStack; /* 0x010 0x010 0x020 */
153 CONTEXT FiberContext; /* 0x014 0x018 0x030 */
154#if (NTDDI_VERSION >= NTDDI_LONGHORN)
155 PVOID Wx86Tib; /* 0x2E0 0x1b8 0x500 */
156 struct _ACTIVATION_CONTEXT_STACK *ActivationContextStackPointer; /* 0x2E4 0x1bc 0x508 */
157 PVOID FlsData; /* 0x2E8 0x1c0 0x510 */
158 ULONG GuaranteedStackBytes; /* 0x2EC 0x1c4 0x518 */
159 ULONG TebFlags; /* 0x2F0 0x1c8 0x51C */
160#else
161 ULONG GuaranteedStackBytes; /* 0x2E0 */
162 PVOID FlsData; /* 0x2E4 */
163 struct _ACTIVATION_CONTEXT_STACK *ActivationContextStackPointer;
164#endif
165} FIBER, *PFIBER;
166
167#ifndef NTOS_MODE_USER
168//
169// Number of dispatch codes supported by KINTERRUPT
170//
171#ifdef _M_AMD64
172#define DISPATCH_LENGTH 4
173#elif (NTDDI_VERSION >= NTDDI_LONGHORN)
174#define DISPATCH_LENGTH 135
175#else
176#define DISPATCH_LENGTH 106
177#endif
178
179#else // NTOS_MODE_USER
180
181//
182// KPROCESSOR_MODE Type
183//
184typedef CCHAR KPROCESSOR_MODE;
185
186//
187// Dereferencable pointer to KUSER_SHARED_DATA in User-Mode
188//
189#define SharedUserData ((KUSER_SHARED_DATA *)USER_SHARED_DATA)
190
191#ifdef _X86_
192/* Macros for user-mode run-time checks of X86 system architecture */
193
194#ifndef IsNEC_98
195#define IsNEC_98 (SharedUserData->AlternativeArchitecture == NEC98x86)
196#endif
197
198#ifndef IsNotNEC_98
199#define IsNotNEC_98 (SharedUserData->AlternativeArchitecture != NEC98x86)
200#endif
201
202/* User-mode cannot override the architecture */
203#ifndef SetNEC_98
204#define SetNEC_98
205#endif
206
207/* User-mode cannot override the architecture */
208#ifndef SetNotNEC_98
209#define SetNotNEC_98
210#endif
211
212#else // !_X86_
213/* Correctly define these run-time definitions for non X86 machines */
214
215#ifndef IsNEC_98
216#define IsNEC_98 (FALSE)
217#endif
218
219#ifndef IsNotNEC_98
220#define IsNotNEC_98 (TRUE)
221#endif
222
223#ifndef SetNEC_98
224#define SetNEC_98
225#endif
226
227#ifndef SetNotNEC_98
228#define SetNotNEC_98
229#endif
230
231#endif // _X86_
232
233//
234// Maximum WOW64 Entries in KUSER_SHARED_DATA
235//
236#define MAX_WOW64_SHARED_ENTRIES 16
237
238//
239// Maximum Processor Features supported in KUSER_SHARED_DATA
240//
241#define PROCESSOR_FEATURE_MAX 64
242
243//
244// Event Types
245//
246typedef enum _EVENT_TYPE
247{
248 NotificationEvent,
249 SynchronizationEvent
250} EVENT_TYPE;
251
252//
253// Timer Types
254//
255typedef enum _TIMER_TYPE
256{
257 NotificationTimer,
258 SynchronizationTimer
259} TIMER_TYPE;
260
261//
262// Wait Types
263//
264typedef enum _WAIT_TYPE
265{
266 WaitAll,
267 WaitAny
268} WAIT_TYPE;
269
270//
271// Processor Execution Modes
272//
273typedef enum _MODE
274{
275 KernelMode,
276 UserMode,
277 MaximumMode
278} MODE;
279
280//
281// Wait Reasons
282//
283typedef enum _KWAIT_REASON
284{
285 Executive,
286 FreePage,
287 PageIn,
288 PoolAllocation,
289 DelayExecution,
290 Suspended,
291 UserRequest,
292 WrExecutive,
293 WrFreePage,
294 WrPageIn,
295 WrPoolAllocation,
296 WrDelayExecution,
297 WrSuspended,
298 WrUserRequest,
299 WrEventPair,
300 WrQueue,
301 WrLpcReceive,
302 WrLpcReply,
303 WrVirtualMemory,
304 WrPageOut,
305 WrRendezvous,
306 Spare2,
307 WrGuardedMutex,
308 Spare4,
309 Spare5,
310 Spare6,
311 WrKernel,
312 WrResource,
313 WrPushLock,
314 WrMutex,
315 WrQuantumEnd,
316 WrDispatchInt,
317 WrPreempted,
318 WrYieldExecution,
319 MaximumWaitReason
320} KWAIT_REASON;
321
322//
323// Profiling Sources
324//
325typedef enum _KPROFILE_SOURCE
326{
327 ProfileTime,
328 ProfileAlignmentFixup,
329 ProfileTotalIssues,
330 ProfilePipelineDry,
331 ProfileLoadInstructions,
332 ProfilePipelineFrozen,
333 ProfileBranchInstructions,
334 ProfileTotalNonissues,
335 ProfileDcacheMisses,
336 ProfileIcacheMisses,
337 ProfileCacheMisses,
338 ProfileBranchMispredictions,
339 ProfileStoreInstructions,
340 ProfileFpInstructions,
341 ProfileIntegerInstructions,
342 Profile2Issue,
343 Profile3Issue,
344 Profile4Issue,
345 ProfileSpecialInstructions,
346 ProfileTotalCycles,
347 ProfileIcacheIssues,
348 ProfileDcacheAccesses,
349 ProfileMemoryBarrierCycles,
350 ProfileLoadLinkedIssues,
351 ProfileMaximum
352} KPROFILE_SOURCE;
353
354//
355// NT Product and Architecture Types
356//
357typedef enum _NT_PRODUCT_TYPE
358{
359 NtProductWinNt = 1,
360 NtProductLanManNt,
361 NtProductServer
362} NT_PRODUCT_TYPE, *PNT_PRODUCT_TYPE;
363
364typedef enum _ALTERNATIVE_ARCHITECTURE_TYPE
365{
366 StandardDesign,
367 NEC98x86,
368 EndAlternatives
369} ALTERNATIVE_ARCHITECTURE_TYPE;
370
371//
372// Flags for NXSupportPolicy
373//
374#if (NTDDI_VERSION >= NTDDI_WINXPSP2)
375#define NX_SUPPORT_POLICY_ALWAYSOFF 0
376#define NX_SUPPORT_POLICY_ALWAYSON 1
377#define NX_SUPPORT_POLICY_OPTIN 2
378#define NX_SUPPORT_POLICY_OPTOUT 3
379#endif
380
381#endif // NTOS_MODE_USER
382
383//
384// Thread States
385//
386typedef enum _KTHREAD_STATE
387{
388 Initialized,
389 Ready,
390 Running,
391 Standby,
392 Terminated,
393 Waiting,
394 Transition,
395 DeferredReady,
396#if (NTDDI_VERSION >= NTDDI_WS03)
397 GateWait
398#endif
399} KTHREAD_STATE, *PKTHREAD_STATE;
400
401//
402// Kernel Object Types
403//
404typedef enum _KOBJECTS
405{
406 EventNotificationObject = 0,
407 EventSynchronizationObject = 1,
408 MutantObject = 2,
409 ProcessObject = 3,
410 QueueObject = 4,
411 SemaphoreObject = 5,
412 ThreadObject = 6,
413 GateObject = 7,
414 TimerNotificationObject = 8,
415 TimerSynchronizationObject = 9,
416 Spare2Object = 10,
417 Spare3Object = 11,
418 Spare4Object = 12,
419 Spare5Object = 13,
420 Spare6Object = 14,
421 Spare7Object = 15,
422 Spare8Object = 16,
423 Spare9Object = 17,
424 ApcObject = 18,
425 DpcObject = 19,
426 DeviceQueueObject = 20,
427 EventPairObject = 21,
428 InterruptObject = 22,
429 ProfileObject = 23,
430 ThreadedDpcObject = 24,
431 MaximumKernelObject = 25
432} KOBJECTS;
433
434//
435// Adjust reasons
436//
437typedef enum _ADJUST_REASON
438{
439 AdjustNone = 0,
440 AdjustUnwait = 1,
441 AdjustBoost = 2
442} ADJUST_REASON;
443
444//
445// Continue Status
446//
447typedef enum _KCONTINUE_STATUS
448{
449 ContinueError = 0,
450 ContinueSuccess,
451 ContinueProcessorReselected,
452 ContinueNextProcessor
453} KCONTINUE_STATUS;
454
455//
456// Process States
457//
458typedef enum _KPROCESS_STATE
459{
460 ProcessInMemory,
461 ProcessOutOfMemory,
462 ProcessInTransition,
463 ProcessInSwap,
464 ProcessOutSwap,
465} KPROCESS_STATE, *PKPROCESS_STATE;
466
467//
468// NtVdmControl Classes
469//
470typedef enum _VDMSERVICECLASS
471{
472 VdmStartExecution = 0,
473 VdmQueueInterrupt = 1,
474 VdmDelayInterrupt = 2,
475 VdmInitialize = 3,
476 VdmFeatures = 4,
477 VdmSetInt21Handler = 5,
478 VdmQueryDir = 6,
479 VdmPrinterDirectIoOpen = 7,
480 VdmPrinterDirectIoClose = 8,
481 VdmPrinterInitialize = 9,
482 VdmSetLdtEntries = 10,
483 VdmSetProcessLdtInfo = 11,
484 VdmAdlibEmulation = 12,
485 VdmPMCliControl = 13,
486 VdmQueryVdmProcess = 14,
487} VDMSERVICECLASS;
488
489#ifdef NTOS_MODE_USER
490
491//
492// APC Normal Routine
493//
494typedef VOID
495(NTAPI *PKNORMAL_ROUTINE)(
496 _In_ PVOID NormalContext,
497 _In_ PVOID SystemArgument1,
498 _In_ PVOID SystemArgument2
499);
500
501//
502// Timer Routine
503//
504typedef VOID
505(NTAPI *PTIMER_APC_ROUTINE)(
506 _In_ PVOID TimerContext,
507 _In_ ULONG TimerLowValue,
508 _In_ LONG TimerHighValue
509);
510
511//
512// System Time Structure
513//
514typedef struct _KSYSTEM_TIME
515{
516 ULONG LowPart;
517 LONG High1Time;
518 LONG High2Time;
519} KSYSTEM_TIME, *PKSYSTEM_TIME;
520
521#define MAXIMUM_XSTATE_FEATURES 64
522
523typedef struct _XSTATE_FEATURE
524{
525 ULONG Offset;
526 ULONG Size;
527} XSTATE_FEATURE, *PXSTATE_FEATURE;
528
529typedef struct _XSTATE_CONFIGURATION
530{
531 ULONG64 EnabledFeatures;
532#if (NTDDI_VERSION >= NTDDI_WINBLUE)
533 ULONG64 EnabledVolatileFeatures;
534#endif
535 ULONG Size;
536 union
537 {
538 ULONG ControlFlags;
539 struct
540 {
541 ULONG OptimizedSave:1;
542 ULONG CompactionEnabled:1; // WIN10+
543 };
544 };
545 XSTATE_FEATURE Features[MAXIMUM_XSTATE_FEATURES];
546#if (NTDDI_VERSION >= NTDDI_WIN10)
547 ULONG64 EnabledSupervisorFeatures;
548 ULONG64 AlignedFeatures;
549 ULONG AllFeatureSize;
550 ULONG AllFeatures[MAXIMUM_XSTATE_FEATURES];
551#endif
552#if (NTDDI_VERSION >= NTDDI_WIN10_RS5)
553 ULONG64 EnabledUserVisibleSupervisorFeatures;
554#endif
555#if (NTDDI_VERSION >= NTDDI_WIN11)
556 ULONG64 ExtendedFeatureDisableFeatures;
557 ULONG AllNonLargeFeatureSize;
558 ULONG Spare;
559#endif
560} XSTATE_CONFIGURATION, *PXSTATE_CONFIGURATION;
561
562//
563// Shared Kernel User Data
564// Keep in sync with sdk/include/xdk/ketypes.h
565//
566typedef struct _KUSER_SHARED_DATA
567{
568 ULONG TickCountLowDeprecated; // 0x0
569 ULONG TickCountMultiplier; // 0x4
570 volatile KSYSTEM_TIME InterruptTime; // 0x8
571 volatile KSYSTEM_TIME SystemTime; // 0x14
572 volatile KSYSTEM_TIME TimeZoneBias; // 0x20
573 USHORT ImageNumberLow; // 0x2c
574 USHORT ImageNumberHigh; // 0x2e
575 WCHAR NtSystemRoot[260]; // 0x30
576 ULONG MaxStackTraceDepth; // 0x238
577 ULONG CryptoExponent; // 0x23c
578 ULONG TimeZoneId; // 0x240
579 ULONG LargePageMinimum; // 0x244
580
581#if (NTDDI_VERSION >= NTDDI_WIN8)
582 ULONG AitSamplingValue; // 0x248
583 ULONG AppCompatFlag; // 0x24c
584 ULONGLONG RNGSeedVersion; // 0x250
585 ULONG GlobalValidationRunlevel; // 0x258
586 volatile LONG TimeZoneBiasStamp; // 0x25c
587#if (NTDDI_VERSION >= NTDDI_WIN10)
588 ULONG NtBuildNumber; // 0x260
589#else
590 ULONG Reserved2; // 0x260
591#endif
592#else
593 ULONG Reserved2[7]; // 0x248
594#endif // NTDDI_VERSION >= NTDDI_WIN8
595
596 NT_PRODUCT_TYPE NtProductType; // 0x264
597 BOOLEAN ProductTypeIsValid; // 0x268
598 BOOLEAN Reserved0[1]; // 0x269
599#if (NTDDI_VERSION >= NTDDI_WIN8)
600 USHORT NativeProcessorArchitecture; // 0x26a
601#endif
602 ULONG NtMajorVersion; // 0x26c
603 ULONG NtMinorVersion; // 0x270
604 BOOLEAN ProcessorFeatures[PROCESSOR_FEATURE_MAX]; // 0x274
605 ULONG Reserved1; // 0x2b4
606 ULONG Reserved3; // 0x2b8
607 volatile ULONG TimeSlip; // 0x2bc
608 ALTERNATIVE_ARCHITECTURE_TYPE AlternativeArchitecture; // 0x2c0
609#if (NTDDI_VERSION >= NTDDI_WIN10)
610 ULONG BootId; // 0x2c4
611#else
612 ULONG AltArchitecturePad[1]; // 0x2c4
613#endif
614 LARGE_INTEGER SystemExpirationDate; // 0x2c8
615 ULONG SuiteMask; // 0x2d0
616 BOOLEAN KdDebuggerEnabled; // 0x2d4
617 union
618 {
619 UCHAR MitigationPolicies; // 0x2d5
620 struct
621 {
622 UCHAR NXSupportPolicy : 2;
623 UCHAR SEHValidationPolicy : 2;
624 UCHAR CurDirDevicesSkippedForDlls : 2;
625 UCHAR Reserved : 2;
626 };
627 };
628#if (NTDDI_VERSION >= NTDDI_WIN10_19H1)
629 USHORT CyclesPerYield; // 0x2d6 // Win 10 19H1+
630#else
631 UCHAR Reserved6[2]; // 0x2d6
632#endif
633 volatile ULONG ActiveConsoleId; // 0x2d8
634 volatile ULONG DismountCount; // 0x2dc
635 ULONG ComPlusPackage; // 0x2e0
636 ULONG LastSystemRITEventTickCount; // 0x2e4
637 ULONG NumberOfPhysicalPages; // 0x2e8
638 BOOLEAN SafeBootMode; // 0x2ec
639
640#if (NTDDI_VERSION == NTDDI_WIN7)
641 union
642 {
643 UCHAR TscQpcData; // 0x2ed
644 struct
645 {
646 UCHAR TscQpcEnabled:1; // 0x2ed
647 UCHAR TscQpcSpareFlag:1; // 0x2ed
648 UCHAR TscQpcShift:6; // 0x2ed
649 } DUMMYSTRUCTNAME;
650 } DUMMYUNIONNAME;
651 UCHAR TscQpcPad[2]; // 0x2ee
652#elif (NTDDI_VERSION >= NTDDI_WIN10_RS1)
653 union
654 {
655 UCHAR VirtualizationFlags; // 0x2ed
656#if defined(_ARM64_)
657 struct
658 {
659 UCHAR ArchStartedInEl2 : 1;
660 UCHAR QcSlIsSupported : 1;
661 UCHAR : 6;
662 };
663#endif
664 };
665 UCHAR Reserved12[2]; // 0x2ee
666#else
667 UCHAR Reserved12[3]; // 0x2ed
668#endif // NTDDI_VERSION == NTDDI_WIN7
669
670#if (NTDDI_VERSION >= NTDDI_VISTA)
671 union
672 {
673 ULONG SharedDataFlags; // 0x2f0
674 struct
675 {
676 ULONG DbgErrorPortPresent : 1; // 0x2f0
677 ULONG DbgElevationEnabled : 1; // 0x2f0
678 ULONG DbgVirtEnabled : 1; // 0x2f0
679 ULONG DbgInstallerDetectEnabled : 1; // 0x2f0
680#if (NTDDI_VERSION >= NTDDI_WIN8)
681 ULONG DbgLkgEnabled : 1; // 0x2f0
682#else
683 ULONG DbgSystemDllRelocated : 1; // 0x2f0
684#endif
685 ULONG DbgDynProcessorEnabled : 1; // 0x2f0
686#if (NTDDI_VERSION >= NTDDI_WIN8)
687 ULONG DbgConsoleBrokerEnabled : 1; // 0x2f0
688#else
689 ULONG DbgSEHValidationEnabled : 1; // 0x2f0
690#endif
691 ULONG DbgSecureBootEnabled : 1; // 0x2f0 Win8+
692 ULONG DbgMultiSessionSku : 1; // 0x2f0 Win 10+
693 ULONG DbgMultiUsersInSessionSku : 1; // 0x2f0 Win 10 RS1+
694 ULONG DbgStateSeparationEnabled : 1; // 0x2f0 Win 10 RS3+
695 ULONG SpareBits : 21; // 0x2f0
696 } DUMMYSTRUCTNAME2;
697 } DUMMYUNIONNAME2;
698#else
699 ULONG TraceLogging;
700#endif // NTDDI_VERSION >= NTDDI_VISTA
701
702 ULONG DataFlagsPad[1]; // 0x2f4
703 ULONGLONG TestRetInstruction; // 0x2f8
704#if (NTDDI_VERSION >= NTDDI_WIN8)
705 ULONGLONG QpcFrequency; // 0x300
706#else
707 ULONG SystemCall; // 0x300
708 ULONG SystemCallReturn; // 0x304
709#endif
710#if (NTDDI_VERSION >= NTDDI_WIN10_TH2)
711 ULONG SystemCall; // 0x308
712 ULONG SystemCallPad0; // 0x30c Renamed to Reserved2 in Vibranium R3
713 ULONGLONG SystemCallPad[2]; // 0x310
714#else
715 ULONGLONG SystemCallPad[3]; // 0x308
716#endif
717 union
718 {
719 volatile KSYSTEM_TIME TickCount; // 0x320
720 volatile ULONG64 TickCountQuad; // 0x320
721 struct
722 {
723 ULONG ReservedTickCountOverlay[3]; // 0x320
724 ULONG TickCountPad[1]; // 0x32c
725 } DUMMYSTRUCTNAME;
726 } DUMMYUNIONNAME3;
727 ULONG Cookie; // 0x330
728
729#if (NTDDI_VERSION < NTDDI_VISTA)
730 ULONG Wow64SharedInformation[MAX_WOW64_SHARED_ENTRIES]; // 0x334
731#endif
732
733//
734// Windows Vista and later
735//
736#if (NTDDI_VERSION >= NTDDI_VISTA)
737
738 ULONG CookiePad[1]; // 0x334
739 LONGLONG ConsoleSessionForegroundProcessId; // 0x338
740
741#if (NTDDI_VERSION >= NTDDI_WIN8)
742#if (NTDDI_VERSION >= NTDDI_WINBLUE)
743 ULONGLONG TimeUpdateLock; // 0x340
744#else
745 ULONGLONG TimeUpdateSequence; // 0x340
746#endif
747 ULONGLONG BaselineSystemTimeQpc; // 0x348
748 ULONGLONG BaselineInterruptTimeQpc; // 0x350
749 ULONGLONG QpcSystemTimeIncrement; // 0x358
750 ULONGLONG QpcInterruptTimeIncrement; // 0x360
751#if (NTDDI_VERSION >= NTDDI_WIN10)
752 UCHAR QpcSystemTimeIncrementShift; // 0x368
753 UCHAR QpcInterruptTimeIncrementShift; // 0x369
754 USHORT UnparkedProcessorCount; // 0x36a
755 ULONG EnclaveFeatureMask[4]; // 0x36c Win 10 TH2+
756 ULONG TelemetryCoverageRound; // 0x37c Win 10 RS2+
757#else // NTDDI_VERSION < NTDDI_WIN10
758 ULONG QpcSystemTimeIncrement32; // 0x368
759 ULONG QpcInterruptTimeIncrement32; // 0x36c
760 UCHAR QpcSystemTimeIncrementShift; // 0x370
761 UCHAR QpcInterruptTimeIncrementShift; // 0x371
762#if (NTDDI_VERSION >= NTDDI_WINBLUE)
763 USHORT UnparkedProcessorCount; // 0x372
764 UCHAR Reserved8[12]; // 0x374
765#else
766 UCHAR Reserved8[14]; // 0x372
767#endif
768#endif // NTDDI_VERSION < NTDDI_WIN10
769#elif (NTDDI_VERSION >= NTDDI_VISTASP2)
770 ULONG DEPRECATED_Wow64SharedInformation[MAX_WOW64_SHARED_ENTRIES]; // 0x340
771#else
772 ULONG Wow64SharedInformation[MAX_WOW64_SHARED_ENTRIES]; // 0x340
773#endif // NTDDI_VERSION >= NTDDI_VISTA
774
775#if (NTDDI_VERSION >= NTDDI_WIN7)
776 USHORT UserModeGlobalLogger[16]; // 0x380
777#else
778 USHORT UserModeGlobalLogger[8]; // 0x380
779 ULONG HeapTracingPid[2]; // 0x390
780 ULONG CritSecTracingPid[2]; // 0x398
781#endif
782
783 ULONG ImageFileExecutionOptions; // 0x3a0
784 ULONG LangGenerationCount; // 0x3a4 Vista SP2+
785
786#if (NTDDI_VERSION >= NTDDI_WIN8)
787 ULONGLONG Reserved4; // 0x3a8
788#elif (NTDDI_VERSION >= NTDDI_WIN7)
789 ULONGLONG Reserved5; // 0x3a8
790#else
791 union
792 {
793 KAFFINITY ActiveProcessorAffinity; // 0x3a8
794 ULONGLONG AffinityPad; // 0x3a8
795 };
796#endif
797
798 volatile ULONGLONG InterruptTimeBias; // 0x3b0
799#endif // NTDDI_VERSION >= NTDDI_VISTA
800
801//
802// Windows 7 and later
803//
804#if (NTDDI_VERSION >= NTDDI_WIN7)
805 volatile ULONGLONG QpcBias; // 0x3b8 // Win7: TscQpcBias
806 /* volatile */ ULONG ActiveProcessorCount; // 0x3c0 // not volatile since Win 8.1 Update 1
807
808#if (NTDDI_VERSION >= NTDDI_WIN8)
809 volatile UCHAR ActiveGroupCount; // 0x3c4
810 UCHAR Reserved9; // 0x3c5
811 union
812 {
813 USHORT QpcData; // 0x3c6
814 struct
815 {
816 volatile UCHAR QpcBypassEnabled; // 0x3c6
817 UCHAR QpcShift; // 0x3c7
818 };
819 };
820 LARGE_INTEGER TimeZoneBiasEffectiveStart; // 0x3c8
821 LARGE_INTEGER TimeZoneBiasEffectiveEnd; // 0x3d0
822 XSTATE_CONFIGURATION XState; // 0x3d8
823#else
824 USHORT ActiveGroupCount; // 0x3c4
825 USHORT Reserved4; // 0x3c6
826 volatile ULONG AitSamplingValue; // 0x3c8
827 volatile ULONG AppCompatFlag; // 0x3cc
828 ULONGLONG SystemDllNativeRelocation; // 0x3d0 deprecated in Win7 SP2
829 ULONG SystemDllWowRelocation; // 0x3d8 deprecated in Win7 SP2
830 ULONG XStatePad[1]; // 0x3dc
831 XSTATE_CONFIGURATION XState; // 0x3e0
832#endif // NTDDI_VERSION >= NTDDI_WIN8
833#endif // NTDDI_VERSION >= NTDDI_WIN7
834
835//
836// Windows 10 Vibranium and later
837//
838#if (NTDDI_VERSION >= NTDDI_WIN10_VB)
839 KSYSTEM_TIME FeatureConfigurationChangeStamp; // 0x710 // Win 11: 0x720
840 ULONG Spare; // 0x71c // Win 11: 0x72c
841#endif // NTDDI_VERSION >= NTDDI_WIN10_VB
842
843//
844// Windows 11 Nickel and later
845//
846#if (NTDDI_VERSION >= NTDDI_WIN11_NI)
847 ULONG64 UserPointerAuthMask; // 0x730
848#endif // NTDDI_VERSION >= NTDDI_WIN11_NI
849
850} KUSER_SHARED_DATA, *PKUSER_SHARED_DATA;
851
852//
853// VDM Structures
854//
855#include "pshpack1.h"
856typedef struct _VdmVirtualIca
857{
858 LONG ica_count[8];
859 LONG ica_int_line;
860 LONG ica_cpu_int;
861 USHORT ica_base;
862 USHORT ica_hipiri;
863 USHORT ica_mode;
864 UCHAR ica_master;
865 UCHAR ica_irr;
866 UCHAR ica_isr;
867 UCHAR ica_imr;
868 UCHAR ica_ssr;
869} VDMVIRTUALICA, *PVDMVIRTUALICA;
870#include "poppack.h"
871
872typedef struct _VdmIcaUserData
873{
874 PVOID pIcaLock;
875 PVDMVIRTUALICA pIcaMaster;
876 PVDMVIRTUALICA pIcaSlave;
877 PULONG pDelayIrq;
878 PULONG pUndelayIrq;
879 PULONG pDelayIret;
880 PULONG pIretHooked;
881 PULONG pAddrIretBopTable;
882 PHANDLE phWowIdleEvent;
883 PLARGE_INTEGER pIcaTimeout;
884 PHANDLE phMainThreadSuspended;
885} VDMICAUSERDATA, *PVDMICAUSERDATA;
886
887typedef struct _VDM_INITIALIZE_DATA
888{
889 PVOID TrapcHandler;
890 PVDMICAUSERDATA IcaUserData;
891} VDM_INITIALIZE_DATA, *PVDM_INITIALIZE_DATA;
892
893#else
894
895//
896// System Thread Start Routine
897//
898typedef
899VOID
900(NTAPI *PKSYSTEM_ROUTINE)(
901 PKSTART_ROUTINE StartRoutine,
902 PVOID StartContext
903);
904
905#ifndef _NTSYSTEM_
906typedef VOID
907(NTAPI *PKNORMAL_ROUTINE)(
908 IN PVOID NormalContext OPTIONAL,
909 IN PVOID SystemArgument1 OPTIONAL,
910 IN PVOID SystemArgument2 OPTIONAL);
911
912typedef VOID
913(NTAPI *PKRUNDOWN_ROUTINE)(
914 IN struct _KAPC *Apc);
915
916typedef VOID
917(NTAPI *PKKERNEL_ROUTINE)(
918 IN struct _KAPC *Apc,
919 IN OUT PKNORMAL_ROUTINE *NormalRoutine OPTIONAL,
920 IN OUT PVOID *NormalContext OPTIONAL,
921 IN OUT PVOID *SystemArgument1 OPTIONAL,
922 IN OUT PVOID *SystemArgument2 OPTIONAL);
923#endif
924
925//
926// APC Environment Types
927//
928typedef enum _KAPC_ENVIRONMENT
929{
930 OriginalApcEnvironment,
931 AttachedApcEnvironment,
932 CurrentApcEnvironment,
933 InsertApcEnvironment
934} KAPC_ENVIRONMENT;
935
936typedef struct _KTIMER_TABLE_ENTRY
937{
938#if (NTDDI_VERSION >= NTDDI_LONGHORN) || defined(_M_ARM) || defined(_M_AMD64)
939 KSPIN_LOCK Lock;
940#endif
941 LIST_ENTRY Entry;
942 ULARGE_INTEGER Time;
943} KTIMER_TABLE_ENTRY, *PKTIMER_TABLE_ENTRY;
944
945typedef struct _KTIMER_TABLE
946{
947 PKTIMER TimerExpiry[64];
948 KTIMER_TABLE_ENTRY TimerEntries[256];
949} KTIMER_TABLE, *PKTIMER_TABLE;
950
951typedef struct _KDPC_LIST
952{
953 SINGLE_LIST_ENTRY ListHead;
954 SINGLE_LIST_ENTRY* LastEntry;
955} KDPC_LIST, *PKDPC_LIST;
956
957typedef struct _SYNCH_COUNTERS
958{
959 ULONG SpinLockAcquireCount;
960 ULONG SpinLockContentionCount;
961 ULONG SpinLockSpinCount;
962 ULONG IpiSendRequestBroadcastCount;
963 ULONG IpiSendRequestRoutineCount;
964 ULONG IpiSendSoftwareInterruptCount;
965 ULONG ExInitializeResourceCount;
966 ULONG ExReInitializeResourceCount;
967 ULONG ExDeleteResourceCount;
968 ULONG ExecutiveResourceAcquiresCount;
969 ULONG ExecutiveResourceContentionsCount;
970 ULONG ExecutiveResourceReleaseExclusiveCount;
971 ULONG ExecutiveResourceReleaseSharedCount;
972 ULONG ExecutiveResourceConvertsCount;
973 ULONG ExAcqResExclusiveAttempts;
974 ULONG ExAcqResExclusiveAcquiresExclusive;
975 ULONG ExAcqResExclusiveAcquiresExclusiveRecursive;
976 ULONG ExAcqResExclusiveWaits;
977 ULONG ExAcqResExclusiveNotAcquires;
978 ULONG ExAcqResSharedAttempts;
979 ULONG ExAcqResSharedAcquiresExclusive;
980 ULONG ExAcqResSharedAcquiresShared;
981 ULONG ExAcqResSharedAcquiresSharedRecursive;
982 ULONG ExAcqResSharedWaits;
983 ULONG ExAcqResSharedNotAcquires;
984 ULONG ExAcqResSharedStarveExclusiveAttempts;
985 ULONG ExAcqResSharedStarveExclusiveAcquiresExclusive;
986 ULONG ExAcqResSharedStarveExclusiveAcquiresShared;
987 ULONG ExAcqResSharedStarveExclusiveAcquiresSharedRecursive;
988 ULONG ExAcqResSharedStarveExclusiveWaits;
989 ULONG ExAcqResSharedStarveExclusiveNotAcquires;
990 ULONG ExAcqResSharedWaitForExclusiveAttempts;
991 ULONG ExAcqResSharedWaitForExclusiveAcquiresExclusive;
992 ULONG ExAcqResSharedWaitForExclusiveAcquiresShared;
993 ULONG ExAcqResSharedWaitForExclusiveAcquiresSharedRecursive;
994 ULONG ExAcqResSharedWaitForExclusiveWaits;
995 ULONG ExAcqResSharedWaitForExclusiveNotAcquires;
996 ULONG ExSetResOwnerPointerExclusive;
997 ULONG ExSetResOwnerPointerSharedNew;
998 ULONG ExSetResOwnerPointerSharedOld;
999 ULONG ExTryToAcqExclusiveAttempts;
1000 ULONG ExTryToAcqExclusiveAcquires;
1001 ULONG ExBoostExclusiveOwner;
1002 ULONG ExBoostSharedOwners;
1003 ULONG ExEtwSynchTrackingNotificationsCount;
1004 ULONG ExEtwSynchTrackingNotificationsAccountedCount;
1005} SYNCH_COUNTERS, *PSYNCH_COUNTERS;
1006
1007//
1008// PRCB DPC Data
1009//
1010typedef struct _KDPC_DATA
1011{
1012#if (NTDDI_VERSION >= NTDDI_LONGHORN)
1013 KDPC_LIST DpcList;
1014#else
1015 LIST_ENTRY DpcListHead;
1016#endif
1017 ULONG_PTR DpcLock;
1018#if defined(_M_AMD64) || defined(_M_ARM)
1019 volatile LONG DpcQueueDepth;
1020#else
1021 volatile ULONG DpcQueueDepth;
1022#endif
1023 ULONG DpcCount;
1024#if (NTDDI_VERSION >= NTDDI_LONGHORN) || defined(_M_ARM)
1025 PKDPC ActiveDpc;
1026#endif
1027} KDPC_DATA, *PKDPC_DATA;
1028
1029//
1030// Per-Processor Lookaside List
1031//
1032typedef struct _PP_LOOKASIDE_LIST
1033{
1034 struct _GENERAL_LOOKASIDE *P;
1035 struct _GENERAL_LOOKASIDE *L;
1036} PP_LOOKASIDE_LIST, *PPP_LOOKASIDE_LIST;
1037
1038//
1039// Architectural Types
1040//
1041#include <arch/ketypes.h>
1042
1043//
1044// Kernel Memory Node
1045//
1046typedef struct _KNODE
1047{
1048 SLIST_HEADER DeadStackList;
1049 SLIST_HEADER PfnDereferenceSListHead;
1050 KAFFINITY ProcessorMask;
1051 UCHAR Color;
1052 UCHAR Seed;
1053 UCHAR NodeNumber;
1054 struct _flags {
1055 UCHAR Removable : 1;
1056 UCHAR Fill : 7;
1057 } Flags;
1058 ULONG MmShiftedColor;
1059 ULONG_PTR FreeCount[2];
1060 struct _SINGLE_LIST_ENTRY *PfnDeferredList;
1061} KNODE, *PKNODE;
1062
1063//
1064// Structure for Get/SetContext APC
1065//
1066typedef struct _GETSETCONTEXT
1067{
1068 KAPC Apc;
1069 KEVENT Event;
1070 KPROCESSOR_MODE Mode;
1071 CONTEXT Context;
1072} GETSETCONTEXT, *PGETSETCONTEXT;
1073
1074//
1075// Kernel Profile Object
1076//
1077typedef struct _KPROFILE
1078{
1079 CSHORT Type;
1080 CSHORT Size;
1081 LIST_ENTRY ProfileListEntry;
1082 struct _KPROCESS *Process;
1083 PVOID RangeBase;
1084 PVOID RangeLimit;
1085 ULONG BucketShift;
1086 PVOID Buffer;
1087 ULONG_PTR Segment;
1088 KAFFINITY Affinity;
1089 KPROFILE_SOURCE Source;
1090 BOOLEAN Started;
1091} KPROFILE, *PKPROFILE;
1092
1093//
1094// Kernel Interrupt Object
1095//
1096typedef struct _KINTERRUPT
1097{
1098 CSHORT Type;
1099 CSHORT Size;
1100 LIST_ENTRY InterruptListEntry;
1101 PKSERVICE_ROUTINE ServiceRoutine;
1102#if (NTDDI_VERSION >= NTDDI_LONGHORN)
1103 PKSERVICE_ROUTINE MessageServiceRoutine;
1104 ULONG MessageIndex;
1105#endif
1106 PVOID ServiceContext;
1107 KSPIN_LOCK SpinLock;
1108 ULONG TickCount;
1109 PKSPIN_LOCK ActualLock;
1110 PKINTERRUPT_ROUTINE DispatchAddress;
1111 ULONG Vector;
1112 KIRQL Irql;
1113 KIRQL SynchronizeIrql;
1114 BOOLEAN FloatingSave;
1115 BOOLEAN Connected;
1116 CCHAR Number;
1117 BOOLEAN ShareVector;
1118 KINTERRUPT_MODE Mode;
1119#if (NTDDI_VERSION >= NTDDI_LONGHORN)
1120 KINTERRUPT_POLARITY Polarity;
1121#endif
1122 ULONG ServiceCount;
1123 ULONG DispatchCount;
1124#if (NTDDI_VERSION >= NTDDI_LONGHORN)
1125 ULONGLONG Rsvd1;
1126#endif
1127#ifdef _M_AMD64
1128 PKTRAP_FRAME TrapFrame;
1129 PVOID Reserved;
1130#endif
1131 ULONG DispatchCode[DISPATCH_LENGTH];
1132} KINTERRUPT;
1133
1134//
1135// Kernel Event Pair Object
1136//
1137typedef struct _KEVENT_PAIR
1138{
1139 CSHORT Type;
1140 CSHORT Size;
1141 KEVENT LowEvent;
1142 KEVENT HighEvent;
1143} KEVENT_PAIR, *PKEVENT_PAIR;
1144
1145//
1146// Kernel No Execute Options
1147//
1148typedef struct _KEXECUTE_OPTIONS
1149{
1150 UCHAR ExecuteDisable:1;
1151 UCHAR ExecuteEnable:1;
1152 UCHAR DisableThunkEmulation:1;
1153 UCHAR Permanent:1;
1154 UCHAR ExecuteDispatchEnable:1;
1155 UCHAR ImageDispatchEnable:1;
1156 UCHAR Spare:2;
1157} KEXECUTE_OPTIONS, *PKEXECUTE_OPTIONS;
1158
1159#if (NTDDI_VERSION >= NTDDI_WIN7)
1160typedef union _KWAIT_STATUS_REGISTER
1161{
1162 UCHAR Flags;
1163 struct
1164 {
1165 UCHAR State:2;
1166 UCHAR Affinity:1;
1167 UCHAR Priority:1;
1168 UCHAR Apc:1;
1169 UCHAR UserApc:1;
1170 UCHAR Alert:1;
1171 UCHAR Unused:1;
1172 };
1173} KWAIT_STATUS_REGISTER, *PKWAIT_STATUS_REGISTER;
1174
1175typedef struct _COUNTER_READING
1176{
1177 enum _HARDWARE_COUNTER_TYPE Type;
1178 ULONG Index;
1179 ULONG64 Start;
1180 ULONG64 Total;
1181}COUNTER_READING, *PCOUNTER_READING;
1182
1183typedef struct _KTHREAD_COUNTERS
1184{
1185 ULONG64 WaitReasonBitMap;
1186 struct _THREAD_PERFORMANCE_DATA* UserData;
1187 ULONG Flags;
1188 ULONG ContextSwitches;
1189 ULONG64 CycleTimeBias;
1190 ULONG64 HardwareCounters;
1191 COUNTER_READING HwCounter[16];
1192}KTHREAD_COUNTERS, *PKTHREAD_COUNTERS;
1193#endif
1194
1196#if (NTDDI_VERSION >= NTDDI_WIN8)
1197typedef struct _RTL_RB_TREE
1198{
1199 PRTL_BALANCED_NODE Root;
1200 PRTL_BALANCED_NODE Min;
1201} RTL_RB_TREE, *PRTL_RB_TREE;
1202#endif
1203
1204#if (NTDDI_VERSION >= NTDDI_WINBLUE)
1205typedef struct _KLOCK_ENTRY_LOCK_STATE
1206{
1207 union
1208 {
1209 struct
1210 {
1211#if (NTDDI_VERSION >= NTDDI_WIN10) // since 6.4.9841.0
1212 ULONG_PTR CrossThreadReleasable : 1;
1213#else
1214 ULONG_PTR Waiting : 1;
1215#endif
1216 ULONG_PTR Busy : 1;
1217 ULONG_PTR Reserved : (8 * sizeof(PVOID)) - 3; // previously Spare
1218 ULONG_PTR InTree : 1;
1219 };
1220 PVOID LockState;
1221 };
1222 union
1223 {
1224 PVOID SessionState;
1225 struct
1226 {
1227 ULONG SessionId;
1228#ifdef _WIN64
1229 ULONG SessionPad;
1230#endif
1231 };
1232 };
1233} KLOCK_ENTRY_LOCK_STATE, *PKLOCK_ENTRY_LOCK_STATE;
1234
1235typedef struct _KLOCK_ENTRY
1236{
1237 union
1238 {
1239 RTL_BALANCED_NODE TreeNode;
1240 SINGLE_LIST_ENTRY FreeListEntry;
1241 };
1242#if (NTDDI_VERSION >= NTDDI_WIN10)
1243 union
1244 {
1245 ULONG EntryFlags;
1246 struct
1247 {
1248 UCHAR EntryOffset;
1249 union
1250 {
1251 UCHAR ThreadLocalFlags;
1252 struct
1253 {
1254 UCHAR WaitingBit : 1;
1255 UCHAR Spare0 : 7;
1256 };
1257 };
1258 union
1259 {
1260 UCHAR AcquiredByte;
1261 UCHAR AcquiredBit : 1;
1262 };
1263 union
1264 {
1265 UCHAR CrossThreadFlags;
1266 struct
1267 {
1268 UCHAR HeadNodeBit : 1;
1269 UCHAR IoPriorityBit : 1;
1270 UCHAR IoQoSWaiter : 1; // since TH2
1271 UCHAR Spare1 : 5;
1272 };
1273 };
1274 };
1275 struct
1276 {
1277 ULONG StaticState : 8;
1278 ULONG AllFlags : 24;
1279 };
1280 };
1281#ifdef _WIN64
1282 ULONG SpareFlags;
1283#endif
1284#else
1285 union
1286 {
1287 PVOID ThreadUnsafe;
1288 struct
1289 {
1290 volatile UCHAR HeadNodeByte;
1291 UCHAR Reserved1[2];
1292 volatile UCHAR AcquiredByte;
1293 };
1294 };
1295#endif
1296
1297 union
1298 {
1299 KLOCK_ENTRY_LOCK_STATE LockState;
1300 PVOID LockUnsafe;
1301 struct
1302 {
1303#if (NTDDI_VERSION >= NTDDI_WIN10)
1304 volatile UCHAR CrossThreadReleasableAndBusyByte;
1305#else
1306 volatile UCHAR WaitingAndBusyByte;
1307#endif
1308 UCHAR Reserved[sizeof(PVOID) - 2];
1309 UCHAR InTreeByte;
1310 union
1311 {
1312 PVOID SessionState;
1313 struct
1314 {
1315 ULONG SessionId;
1316#ifdef _WIN64
1317 ULONG SessionPad;
1318#endif
1319 };
1320 };
1321 };
1322 };
1323 union
1324 {
1325 struct
1326 {
1327 RTL_RB_TREE OwnerTree;
1328 RTL_RB_TREE WaiterTree;
1329 };
1330 CHAR CpuPriorityKey;
1331 };
1332 ULONG_PTR EntryLock;
1333 union
1334 {
1335#if _WIN64
1336 ULONG AllBoosts : 17;
1337#else
1338 USHORT AllBoosts;
1339#endif
1340 struct
1341 {
1342 struct
1343 {
1344 USHORT CpuBoostsBitmap : 15;
1345 USHORT IoBoost : 1;
1346 };
1347 struct
1348 {
1349 USHORT IoQoSBoost : 1;
1350 USHORT IoNormalPriorityWaiterCount : 8;
1351 USHORT IoQoSWaiterCount : 7;
1352 };
1353 };
1354 };
1355#if _WIN64
1356 ULONG SparePad;
1357#endif
1358} KLOCK_ENTRY, *PKLOCK_ENTRY;
1359
1360#endif
1361
1362//
1363// Kernel Thread (KTHREAD)
1364//
1365#if (NTDDI_VERSION < NTDDI_WIN8)
1366
1367typedef struct _KTHREAD
1368{
1369 DISPATCHER_HEADER Header;
1370#if (NTDDI_VERSION >= NTDDI_LONGHORN) // [
1371 ULONGLONG CycleTime;
1372#ifndef _WIN64 // [
1373 ULONG HighCycleTime;
1374#endif // ]
1375 ULONGLONG QuantumTarget;
1376#else // ][
1377 LIST_ENTRY MutantListHead;
1378#endif // ]
1379 PVOID InitialStack;
1380 ULONG_PTR StackLimit; // FIXME: PVOID
1381 PVOID KernelStack;
1382 KSPIN_LOCK ThreadLock;
1383#if (NTDDI_VERSION >= NTDDI_WIN7) // [
1384 KWAIT_STATUS_REGISTER WaitRegister;
1385 BOOLEAN Running;
1386 BOOLEAN Alerted[2];
1387 union
1388 {
1389 struct
1390 {
1391 ULONG KernelStackResident:1;
1392 ULONG ReadyTransition:1;
1393 ULONG ProcessReadyQueue:1;
1394 ULONG WaitNext:1;
1395 ULONG SystemAffinityActive:1;
1396 ULONG Alertable:1;
1397 ULONG GdiFlushActive:1;
1398 ULONG UserStackWalkActive:1;
1399 ULONG ApcInterruptRequest:1;
1400 ULONG ForceDeferSchedule:1;
1401 ULONG QuantumEndMigrate:1;
1402 ULONG UmsDirectedSwitchEnable:1;
1403 ULONG TimerActive:1;
1404 ULONG Reserved:19;
1405 };
1406 LONG MiscFlags;
1407 };
1408#endif // ]
1409 union
1410 {
1411 KAPC_STATE ApcState;
1412 struct
1413 {
1414 UCHAR ApcStateFill[FIELD_OFFSET(KAPC_STATE, UserApcPending) + 1];
1415#if (NTDDI_VERSION >= NTDDI_LONGHORN) // [
1416 SCHAR Priority;
1417#if (NTDDI_VERSION >= NTDDI_WIN7) // [
1418 /* On x86, the following members "fall out" of the union */
1419 volatile ULONG NextProcessor;
1420 volatile ULONG DeferredProcessor;
1421#else // ][
1422 /* On x86, the following members "fall out" of the union */
1423 volatile USHORT NextProcessor;
1424 volatile USHORT DeferredProcessor;
1425#endif // ]
1426#else // ][
1427 UCHAR ApcQueueable;
1428 /* On x86, the following members "fall out" of the union */
1429 volatile UCHAR NextProcessor;
1430 volatile UCHAR DeferredProcessor;
1431 UCHAR AdjustReason;
1432 SCHAR AdjustIncrement;
1433#endif // ]
1434 };
1435 };
1436 KSPIN_LOCK ApcQueueLock;
1437#if !defined(_M_AMD64) && !defined(_M_ARM64) // [
1438 ULONG ContextSwitches;
1439 volatile UCHAR State;
1440 UCHAR NpxState;
1441 KIRQL WaitIrql;
1442 KPROCESSOR_MODE WaitMode;
1443#endif // ]
1444 LONG_PTR WaitStatus;
1445#if (NTDDI_VERSION >= NTDDI_WIN7) // [
1446 PKWAIT_BLOCK WaitBlockList;
1447#else // ][
1448 union
1449 {
1450 PKWAIT_BLOCK WaitBlockList;
1451 PKGATE GateObject;
1452 };
1453#if (NTDDI_VERSION >= NTDDI_LONGHORN) // [
1454 union
1455 {
1456 struct
1457 {
1458 ULONG KernelStackResident:1;
1459 ULONG ReadyTransition:1;
1460 ULONG ProcessReadyQueue:1;
1461 ULONG WaitNext:1;
1462 ULONG SystemAffinityActive:1;
1463 ULONG Alertable:1;
1464 ULONG GdiFlushActive:1;
1465 ULONG Reserved:25;
1466 };
1467 LONG MiscFlags;
1468 };
1469#else // ][
1470 BOOLEAN Alertable;
1471 BOOLEAN WaitNext;
1472#endif // ]
1473 UCHAR WaitReason;
1474#if (NTDDI_VERSION < NTDDI_LONGHORN)
1475 SCHAR Priority;
1476 BOOLEAN EnableStackSwap;
1477#endif // ]
1478 volatile UCHAR SwapBusy;
1479 BOOLEAN Alerted[MaximumMode];
1480#endif // ]
1481 union
1482 {
1483 LIST_ENTRY WaitListEntry;
1484 SINGLE_LIST_ENTRY SwapListEntry;
1485 };
1486 PKQUEUE Queue;
1487#if !defined(_M_AMD64) && !defined(_M_ARM64) // [
1488 ULONG WaitTime;
1489 union
1490 {
1491 struct
1492 {
1493 SHORT KernelApcDisable;
1494 SHORT SpecialApcDisable;
1495 };
1496 ULONG CombinedApcDisable;
1497 };
1498#endif // ]
1499 struct _TEB *Teb;
1500
1501#if (NTDDI_VERSION >= NTDDI_WIN7) // [
1502 KTIMER Timer;
1503#else // ][
1504 union
1505 {
1506 KTIMER Timer;
1507 struct
1508 {
1509 UCHAR TimerFill[FIELD_OFFSET(KTIMER, Period) + sizeof(LONG)];
1510#if !defined(_WIN64) // [
1511 };
1512 };
1513#endif // ]
1514#endif // ]
1515 union
1516 {
1517 struct
1518 {
1519 ULONG AutoAlignment:1;
1520 ULONG DisableBoost:1;
1521#if (NTDDI_VERSION >= NTDDI_LONGHORN) // [
1522 ULONG EtwStackTraceApc1Inserted:1;
1523 ULONG EtwStackTraceApc2Inserted:1;
1524 ULONG CycleChargePending:1;
1525 ULONG CalloutActive:1;
1526 ULONG ApcQueueable:1;
1527 ULONG EnableStackSwap:1;
1528 ULONG GuiThread:1;
1529 ULONG ReservedFlags:23;
1530#else // ][
1531 LONG ReservedFlags:30;
1532#endif // ]
1533 };
1534 LONG ThreadFlags;
1535 };
1536#if defined(_WIN64) && (NTDDI_VERSION < NTDDI_WIN7) // [
1537 };
1538 };
1539#endif // ]
1540#if (NTDDI_VERSION >= NTDDI_WIN7) // [
1541#if defined(_WIN64) // [
1542 ULONG Spare0;
1543#else // ][
1544 PVOID ServiceTable;
1545#endif // ]
1546#endif // ]
1547 union
1548 {
1549 DECLSPEC_ALIGN(8) KWAIT_BLOCK WaitBlock[THREAD_WAIT_OBJECTS + 1];
1550#if (NTDDI_VERSION < NTDDI_WIN7) // [
1551 struct
1552 {
1553 UCHAR WaitBlockFill0[FIELD_OFFSET(KWAIT_BLOCK, SpareByte)]; // 32bit = 23, 64bit = 43
1554#if (NTDDI_VERSION >= NTDDI_LONGHORN) // [
1555 UCHAR IdealProcessor;
1556#else // ][
1557 BOOLEAN SystemAffinityActive;
1558#endif // ]
1559 };
1560 struct
1561 {
1562 UCHAR WaitBlockFill1[1 * sizeof(KWAIT_BLOCK) + FIELD_OFFSET(KWAIT_BLOCK, SpareByte)]; // 47 / 91
1563 CCHAR PreviousMode;
1564 };
1565 struct
1566 {
1567 UCHAR WaitBlockFill2[2 * sizeof(KWAIT_BLOCK) + FIELD_OFFSET(KWAIT_BLOCK, SpareByte)]; // 71 / 139
1568 UCHAR ResourceIndex;
1569 };
1570 struct
1571 {
1572 UCHAR WaitBlockFill3[3 * sizeof(KWAIT_BLOCK) + FIELD_OFFSET(KWAIT_BLOCK, SpareByte)]; // 95 / 187
1573 UCHAR LargeStack;
1574 };
1575#endif // ]
1576#ifdef _WIN64 // [
1577 struct
1578 {
1579 UCHAR WaitBlockFill4[FIELD_OFFSET(KWAIT_BLOCK, SpareLong)];
1580 ULONG ContextSwitches;
1581 };
1582 struct
1583 {
1584 UCHAR WaitBlockFill5[1 * sizeof(KWAIT_BLOCK) + FIELD_OFFSET(KWAIT_BLOCK, SpareLong)];
1585 UCHAR State;
1586 UCHAR NpxState;
1587 UCHAR WaitIrql;
1588 CHAR WaitMode;
1589 };
1590 struct
1591 {
1592 UCHAR WaitBlockFill6[2 * sizeof(KWAIT_BLOCK) + FIELD_OFFSET(KWAIT_BLOCK, SpareLong)];
1593 ULONG WaitTime;
1594 };
1595#if (NTDDI_VERSION >= NTDDI_WIN7) // [
1596 struct
1597 {
1598 UCHAR WaitBlockFill7[168];
1599 PVOID TebMappedLowVa;
1600 struct _UMS_CONTROL_BLOCK* Ucb;
1601 };
1602#endif // ]
1603 struct
1604 {
1605#if (NTDDI_VERSION >= NTDDI_WIN7) // [
1606 UCHAR WaitBlockFill8[188];
1607#else // ][
1608 UCHAR WaitBlockFill7[3 * sizeof(KWAIT_BLOCK) + FIELD_OFFSET(KWAIT_BLOCK, SpareLong)];
1609#endif // ]
1610 union
1611 {
1612 struct
1613 {
1614 SHORT KernelApcDisable;
1615 SHORT SpecialApcDisable;
1616 };
1617 ULONG CombinedApcDisable;
1618 };
1619 };
1620#endif // ]
1621 };
1622 LIST_ENTRY QueueListEntry;
1623 PKTRAP_FRAME TrapFrame;
1624#if (NTDDI_VERSION >= NTDDI_LONGHORN) // [
1625 PVOID FirstArgument;
1626 union
1627 {
1628 PVOID CallbackStack;
1629 ULONG_PTR CallbackDepth;
1630 };
1631#else // ][
1632 PVOID CallbackStack;
1633#endif // ]
1634#if (NTDDI_VERSION < NTDDI_LONGHORN) || ((NTDDI_VERSION < NTDDI_WIN7) && !defined(_WIN64)) // [
1635 PVOID ServiceTable;
1636#endif // ]
1637#if (NTDDI_VERSION < NTDDI_LONGHORN) && defined(_WIN64) // [
1638 ULONG KernelLimit;
1639#endif // ]
1640 UCHAR ApcStateIndex;
1641#if (NTDDI_VERSION < NTDDI_LONGHORN) // [
1642 UCHAR IdealProcessor;
1643 BOOLEAN Preempted;
1644 BOOLEAN ProcessReadyQueue;
1645#ifdef _WIN64 // [
1646 PVOID Win32kTable;
1647 ULONG Win32kLimit;
1648#endif // ]
1649 BOOLEAN KernelStackResident;
1650#endif // ]
1651 SCHAR BasePriority;
1652 SCHAR PriorityDecrement;
1653#if (NTDDI_VERSION >= NTDDI_LONGHORN) // [
1654 BOOLEAN Preempted;
1655 UCHAR AdjustReason;
1656 CHAR AdjustIncrement;
1657#if (NTDDI_VERSION >= NTDDI_WIN7)
1658 UCHAR PreviousMode;
1659#else
1660 UCHAR Spare01;
1661#endif
1662#endif // ]
1663 CHAR Saturation;
1664#if (NTDDI_VERSION >= NTDDI_LONGHORN) // [
1665 ULONG SystemCallNumber;
1666#if (NTDDI_VERSION >= NTDDI_WIN7) // [
1667 ULONG FreezeCount;
1668#else // ][
1669 ULONG Spare02;
1670#endif // ]
1671#endif // ]
1672#if (NTDDI_VERSION >= NTDDI_WIN7) // [
1673 GROUP_AFFINITY UserAffinity;
1674 struct _KPROCESS *Process;
1675 GROUP_AFFINITY Affinity;
1676 ULONG IdealProcessor;
1677 ULONG UserIdealProcessor;
1678#else // ][
1679 KAFFINITY UserAffinity;
1680 struct _KPROCESS *Process;
1681 KAFFINITY Affinity;
1682#endif // ]
1683 PKAPC_STATE ApcStatePointer[2];
1684 union
1685 {
1686 KAPC_STATE SavedApcState;
1687 struct
1688 {
1689 UCHAR SavedApcStateFill[FIELD_OFFSET(KAPC_STATE, UserApcPending) + 1];
1690#if (NTDDI_VERSION >= NTDDI_WIN7) // [
1691 UCHAR WaitReason;
1692#else // ][
1693 CCHAR FreezeCount;
1694#endif // ]
1695#ifndef _WIN64 // [
1696 };
1697 };
1698#endif // ]
1699 CCHAR SuspendCount;
1700#if (NTDDI_VERSION >= NTDDI_WIN7) // [
1701 CCHAR Spare1;
1702#else // ][
1703 UCHAR UserIdealProcessor;
1704#endif // ]
1705#if (NTDDI_VERSION >= NTDDI_WIN7) // [
1706#elif (NTDDI_VERSION >= NTDDI_LONGHORN) // ][
1707 UCHAR Spare03;
1708#else // ][
1709 UCHAR CalloutActive;
1710#endif // ]
1711#ifdef _WIN64 // [
1712 UCHAR CodePatchInProgress;
1713 };
1714 };
1715#endif // ]
1716#if defined(_M_IX86) // [
1717#if (NTDDI_VERSION >= NTDDI_LONGHORN) // [
1718 UCHAR OtherPlatformFill;
1719#else // ][
1720 UCHAR Iopl;
1721#endif // ]
1722#endif // ]
1723 PVOID Win32Thread;
1724 PVOID StackBase;
1725 union
1726 {
1727 KAPC SuspendApc;
1728 struct
1729 {
1730 UCHAR SuspendApcFill0[1];
1731#if (NTDDI_VERSION >= NTDDI_WIN7) // [
1732 UCHAR ResourceIndex;
1733#elif (NTDDI_VERSION >= NTDDI_LONGHORN) // ][
1734 CHAR Spare04;
1735#else // ][
1736 SCHAR Quantum;
1737#endif // ]
1738 };
1739 struct
1740 {
1741 UCHAR SuspendApcFill1[3];
1742 UCHAR QuantumReset;
1743 };
1744 struct
1745 {
1746 UCHAR SuspendApcFill2[4];
1747 ULONG KernelTime;
1748 };
1749 struct
1750 {
1751 UCHAR SuspendApcFill3[FIELD_OFFSET(KAPC, SystemArgument1)];
1752#if (NTDDI_VERSION >= NTDDI_LONGHORN)
1753 PKPRCB WaitPrcb;
1754#else
1755 PVOID TlsArray;
1756#endif
1757 };
1758 struct
1759 {
1760 UCHAR SuspendApcFill4[FIELD_OFFSET(KAPC, SystemArgument2)]; // 40 / 72
1761 PVOID LegoData;
1762 };
1763 struct
1764 {
1765 UCHAR SuspendApcFill5[FIELD_OFFSET(KAPC, Inserted) + 1]; // 47 / 83
1766#if (NTDDI_VERSION >= NTDDI_WIN7) // [
1767 UCHAR LargeStack;
1768#else // ][
1769 UCHAR PowerState;
1770#endif // ]
1771#ifdef _WIN64 // [
1772 ULONG UserTime;
1773#endif // ]
1774 };
1775 };
1776#ifndef _WIN64 // [
1777 ULONG UserTime;
1778#endif // ]
1779 union
1780 {
1781 KSEMAPHORE SuspendSemaphore;
1782 struct
1783 {
1784 UCHAR SuspendSemaphorefill[FIELD_OFFSET(KSEMAPHORE, Limit) + 4]; // 20 / 28
1785#ifdef _WIN64 // [
1786 ULONG SListFaultCount;
1787#endif // ]
1788 };
1789 };
1790#ifndef _WIN64 // [
1791 ULONG SListFaultCount;
1792#endif // ]
1793 LIST_ENTRY ThreadListEntry;
1794#if (NTDDI_VERSION >= NTDDI_LONGHORN) // [
1795 LIST_ENTRY MutantListHead;
1796#endif // ]
1797 PVOID SListFaultAddress;
1798#ifdef _M_AMD64 // [
1799 LONG64 ReadOperationCount;
1800 LONG64 WriteOperationCount;
1801 LONG64 OtherOperationCount;
1802 LONG64 ReadTransferCount;
1803 LONG64 WriteTransferCount;
1804 LONG64 OtherTransferCount;
1805#endif // ]
1806#if (NTDDI_VERSION >= NTDDI_WIN7) // [
1807 PKTHREAD_COUNTERS ThreadCounters;
1808 PXSTATE_SAVE XStateSave;
1809#elif (NTDDI_VERSION >= NTDDI_LONGHORN) // ][
1810 PVOID MdlForLockedTeb;
1811#endif // ]
1812} KTHREAD;
1813
1814#else // not (NTDDI_VERSION < NTDDI_WIN8)
1815
1816#if defined(_WIN64) && (NTDDI_VERSION < 0x06032580) // since WIN 8.1 Update1 6.3.9600.16384
1817#define NUMBER_OF_LOCK_ENTRIES 5
1818#else
1819#define NUMBER_OF_LOCK_ENTRIES 6
1820#endif
1821
1822typedef struct _KTHREAD
1823{
1824 DISPATCHER_HEADER Header;
1825 PVOID SListFaultAddress;
1826 ULONG64 QuantumTarget;
1827 PVOID InitialStack;
1828 volatile VOID *StackLimit;
1829 PVOID StackBase;
1830 KSPIN_LOCK ThreadLock;
1831 volatile ULONG64 CycleTime;
1832#ifndef _WIN64
1833 volatile ULONG HighCycleTime;
1834 PVOID ServiceTable;
1835#endif
1836 ULONG CurrentRunTime;
1837 ULONG ExpectedRunTime;
1838 PVOID KernelStack;
1839 XSAVE_FORMAT* StateSaveArea;
1840 struct _KSCHEDULING_GROUP* SchedulingGroup;
1841 KWAIT_STATUS_REGISTER WaitRegister;
1842 BOOLEAN Running;
1843 BOOLEAN Alerted[MaximumMode];
1844
1845 union
1846 {
1847 struct
1848 {
1849#if (NTDDI_VERSION < NTDDI_WIN10)
1850 ULONG KernelStackResident : 1;
1851#else
1852 ULONG AutoBoostActive : 1;
1853#endif
1854 ULONG ReadyTransition : 1;
1855#if (NTDDI_VERSION < NTDDI_WIN10TH2)
1856 ULONG ProcessReadyQueue : 1;
1857#endif
1858 ULONG ProcessReadyQueue : 1;
1859 ULONG WaitNext : 1;
1860 ULONG SystemAffinityActive : 1;
1861 ULONG Alertable : 1;
1862#if (NTDDI_VERSION < NTDDI_WIN81)
1863 ULONG CodePatchInProgress : 1;
1864#endif
1865 ULONG UserStackWalkActive : 1;
1866 ULONG ApcInterruptRequest : 1;
1867 ULONG QuantumEndMigrate : 1;
1868 ULONG UmsDirectedSwitchEnable : 1;
1869 ULONG TimerActive : 1;
1870 ULONG SystemThread : 1;
1871 ULONG ProcessDetachActive : 1;
1872 ULONG CalloutActive : 1;
1873 ULONG ScbReadyQueue : 1;
1874 ULONG ApcQueueable : 1;
1875 ULONG ReservedStackInUse : 1;
1876 ULONG UmsPerformingSyscall : 1;
1877 ULONG DisableStackCheck : 1;
1878 ULONG Reserved : 12;
1879 };
1880 LONG MiscFlags;
1881 };
1882
1883 union
1884 {
1885 struct
1886 {
1887 ULONG AutoAlignment : 1;
1888 ULONG DisableBoost : 1;
1889 ULONG UserAffinitySet : 1;
1890 ULONG AlertedByThreadId : 1;
1891 ULONG QuantumDonation : 1;
1892 ULONG EnableStackSwap : 1;
1893 ULONG GuiThread : 1;
1894 ULONG DisableQuantum : 1;
1895 ULONG ChargeOnlyGroup : 1;
1896 ULONG DeferPreemption : 1;
1897 ULONG QueueDeferPreemption : 1;
1898 ULONG ForceDeferSchedule : 1;
1899 ULONG ExplicitIdealProcessor : 1;
1900 ULONG FreezeCount : 1;
1901#if (NTDDI_VERSION >= 0x060324D7) // since 6.3.9431.0
1902 ULONG TerminationApcRequest : 1;
1903#endif
1904#if (NTDDI_VERSION >= 0x06032580) // since 6.3.9600.16384
1905 ULONG AutoBoostEntriesExhausted : 1;
1906#endif
1907#if (NTDDI_VERSION >= 0x06032580) // since 6.3.9600.17031
1908 ULONG KernelStackResident : 1;
1909#endif
1910#if (NTDDI_VERSION >= NTDDI_WIN10)
1911 ULONG CommitFailTerminateRequest : 1;
1912 ULONG ProcessStackCountDecremented : 1;
1913 ULONG ThreadFlagsSpare : 5;
1914#endif
1915 ULONG EtwStackTraceApcInserted : 8;
1916#if (NTDDI_VERSION < NTDDI_WIN10)
1917 ULONG ReservedFlags : 10;
1918#endif
1919 };
1920 LONG ThreadFlags;
1921 };
1922
1923#if (NTDDI_VERSION >= NTDDI_WIN10)
1924 volatile UCHAR Tag;
1925 UCHAR SystemHeteroCpuPolicy;
1926 UCHAR UserHeteroCpuPolicy : 7;
1927 UCHAR ExplicitSystemHeteroCpuPolicy : 1;
1928 UCHAR Spare0;
1929#else
1930 ULONG Spare0;
1931#endif
1932 ULONG SystemCallNumber;
1933#ifdef _WIN64
1934 ULONG Spare1; // Win 10: Spare10
1935#endif
1936 PVOID FirstArgument;
1937 PKTRAP_FRAME TrapFrame;
1938
1939 union
1940 {
1941 KAPC_STATE ApcState;
1942 struct
1943 {
1944 UCHAR ApcStateFill[RTL_SIZEOF_THROUGH_FIELD(KAPC_STATE, UserApcPending)]; // 32bit: 23/0x17, 64bit: 43/0x2B
1945 SCHAR Priority;
1946 ULONG UserIdealProcessor;
1947 };
1948 };
1949
1950#ifndef _WIN64
1951 ULONG ContextSwitches;
1952 volatile UCHAR State;
1953#if (NTDDI_VERSION >= NTDDI_WIN10) // since 10.0.10074.0
1954 CHAR Spare12;
1955#else
1956 CHAR NpxState;
1957#endif
1958 KIRQL WaitIrql;
1959 KPROCESSOR_MODE WaitMode;
1960#endif
1961
1962 volatile INT_PTR WaitStatus;
1963 PKWAIT_BLOCK WaitBlockList;
1964 union
1965 {
1966 LIST_ENTRY WaitListEntry;
1967 SINGLE_LIST_ENTRY SwapListEntry;
1968 };
1969 PKQUEUE Queue;
1970 PVOID Teb;
1971#if (NTDDI_VERSION >= NTDDI_WIN8 /* 0x060223F0 */) // since 6.2.9200.16384
1972 ULONG64 RelativeTimerBias;
1973#endif
1974 KTIMER Timer;
1975
1976 union
1977 {
1978 DECLSPEC_ALIGN(8) KWAIT_BLOCK WaitBlock[THREAD_WAIT_OBJECTS + 1];
1979#ifdef _WIN64
1980 struct
1981 {
1982 UCHAR WaitBlockFill4[FIELD_OFFSET(KWAIT_BLOCK, SpareLong)]; // 32bit: -, 64bit: 20/0x14
1983 ULONG ContextSwitches;
1984 };
1985 struct
1986 {
1987 UCHAR WaitBlockFill5[1 * sizeof(KWAIT_BLOCK) + FIELD_OFFSET(KWAIT_BLOCK, SpareLong)]; // 32bit: -, 64bit: 68/0x44
1988 UCHAR State;
1989#if (NTDDI_VERSION >= NTDDI_WIN10)
1990 CHAR Spare13;
1991#else
1992 CHAR NpxState;
1993#endif
1994 UCHAR WaitIrql;
1995 CHAR WaitMode;
1996 };
1997 struct
1998 {
1999 UCHAR WaitBlockFill6[2 * sizeof(KWAIT_BLOCK) + FIELD_OFFSET(KWAIT_BLOCK, SpareLong)]; // 32bit: -, 64bit: 116/0x74
2000 ULONG WaitTime;
2001 };
2002 struct
2003 {
2004 UCHAR WaitBlockFill7[3 * sizeof(KWAIT_BLOCK) + FIELD_OFFSET(KWAIT_BLOCK, SpareLong)]; // 32bit: -, 64bit: 164/0xA4
2005 union
2006 {
2007 struct
2008 {
2009 SHORT KernelApcDisable;
2010 SHORT SpecialApcDisable;
2011 };
2012 ULONG CombinedApcDisable;
2013 };
2014 };
2015#endif
2016 struct
2017 {
2018 UCHAR WaitBlockFill8[FIELD_OFFSET(KWAIT_BLOCK, SparePtr)]; // 32bit: 20/0x14, 64bit: 40/0x28
2019 struct _KTHREAD_COUNTERS *ThreadCounters;
2020 };
2021 struct
2022 {
2023 UCHAR WaitBlockFill9[1 * sizeof(KWAIT_BLOCK) + FIELD_OFFSET(KWAIT_BLOCK, SparePtr)]; // 32bit: 44/0x2C, 64bit: 88/0x58
2024 PXSTATE_SAVE XStateSave;
2025 };
2026 struct
2027 {
2028 UCHAR WaitBlockFill10[2 * sizeof(KWAIT_BLOCK) + FIELD_OFFSET(KWAIT_BLOCK, SparePtr)]; // 32bit: 68/0x44, 64bit: 136/0x88
2029 PVOID Win32Thread;
2030 };
2031 struct
2032 {
2033 UCHAR WaitBlockFill11[3 * sizeof(KWAIT_BLOCK) + FIELD_OFFSET(KWAIT_BLOCK, Object)]; // 32bit: 88/0x58, 64bit: 176/0xB0
2034#ifdef _WIN64
2035 struct _UMS_CONTROL_BLOCK* Ucb;
2036 struct _KUMS_CONTEXT_HEADER* Uch;
2037#else
2038 ULONG WaitTime;
2039 union
2040 {
2041 struct
2042 {
2043 SHORT KernelApcDisable;
2044 SHORT SpecialApcDisable;
2045 };
2046 ULONG CombinedApcDisable;
2047 };
2048#endif
2049 };
2050 };
2051
2052#ifdef _WIN64
2053 PVOID TebMappedLowVa;
2054#endif
2055 LIST_ENTRY QueueListEntry;
2056#if (NTDDI_VERSION >= 0x060223F0) // since 6.2.9200.16384
2057 union
2058 {
2059 ULONG NextProcessor;
2060 struct
2061 {
2062 ULONG NextProcessorNumber : 31;
2063 ULONG SharedReadyQueue : 1;
2064 };
2065 };
2066 LONG QueuePriority;
2067#else
2068 ULONG NextProcessor;
2069 ULONG DeferredProcessor;
2070#endif
2071 PKPROCESS Process;
2072
2073 union
2074 {
2075 GROUP_AFFINITY UserAffinity;
2076 struct
2077 {
2078 UCHAR UserAffinityFill[FIELD_OFFSET(GROUP_AFFINITY, Reserved)]; // 32bit: 6/0x6, 64bit: 10/0x0A
2079 CHAR PreviousMode;
2080 CHAR BasePriority;
2081 union
2082 {
2083 CHAR PriorityDecrement;
2084 struct
2085 {
2086 UCHAR ForegroundBoost : 4;
2087 UCHAR UnusualBoost : 4;
2088 };
2089 };
2090 UCHAR Preempted;
2091 UCHAR AdjustReason;
2092 CHAR AdjustIncrement;
2093 };
2094 };
2095
2096#if (NTDDI_VERSION >= NTDDI_WIN10) // since 10.0.10240.16384
2097 ULONG_PTR AffinityVersion;
2098#endif
2099 union
2100 {
2101 GROUP_AFFINITY Affinity;
2102 struct
2103 {
2104 UCHAR AffinityFill[FIELD_OFFSET(GROUP_AFFINITY, Reserved)]; // 32bit: 6/0x6, 64bit: 10/0x0A
2105 UCHAR ApcStateIndex;
2106 UCHAR WaitBlockCount;
2107 ULONG IdealProcessor;
2108 };
2109 };
2110
2111#if (NTDDI_VERSION >= NTDDI_WIN10) // since 10.0.10240.16384
2112#ifdef _WIN64
2113 ULONG64 NpxState;
2114#else
2115 ULONG Spare15;
2116#endif
2117#else
2118 PKAPC_STATE ApcStatePointer[2];
2119#endif
2120
2121 union
2122 {
2123 KAPC_STATE SavedApcState;
2124 struct
2125 {
2126 UCHAR SavedApcStateFill[FIELD_OFFSET(KAPC_STATE, UserApcPending) + 1]; // 32bit: 23/0x17, 64bit: 43/0x2B
2127 UCHAR WaitReason;
2128 CHAR SuspendCount;
2129 CHAR Saturation;
2130 SHORT SListFaultCount;
2131 };
2132 };
2133
2134 union
2135 {
2136 KAPC SchedulerApc;
2137 struct
2138 {
2139 UCHAR SchedulerApcFill0[FIELD_OFFSET(KAPC, SpareByte0)]; // 32bit: 1/0x01, 64bit: 1/0x01
2140 UCHAR ResourceIndex;
2141 };
2142 struct
2143 {
2144 UCHAR SchedulerApcFill1[FIELD_OFFSET(KAPC, SpareByte1)]; // 32bit: 3/0x03, 64bit: 3/0x03
2145 UCHAR QuantumReset;
2146 };
2147 struct
2148 {
2149 UCHAR SchedulerApcFill2[FIELD_OFFSET(KAPC, SpareLong0)]; // 32bit: 4/0x04, 64bit: 4/0x04
2150 ULONG KernelTime;
2151 };
2152 struct
2153 {
2154 UCHAR SuspendApcFill3[FIELD_OFFSET(KAPC, SystemArgument1)]; // 32 bit:, 64 bit: 64/0x40
2155 PKPRCB WaitPrcb;
2156 };
2157 struct
2158 {
2159 UCHAR SchedulerApcFill4[FIELD_OFFSET(KAPC, SystemArgument2)]; // 32 bit:, 64 bit: 72/0x48
2160 PVOID LegoData;
2161 };
2162 struct
2163 {
2164 UCHAR SchedulerApcFill5[FIELD_OFFSET(KAPC, Inserted) + 1]; // 32 bit:, 64 bit: 83/0x53
2165 UCHAR CallbackNestingLevel;
2166 ULONG UserTime;
2167 };
2168 };
2169
2170 KEVENT SuspendEvent;
2171 LIST_ENTRY ThreadListEntry;
2172 LIST_ENTRY MutantListHead;
2173
2174#if (NTDDI_VERSION >= NTDDI_WIN10)
2175 UCHAR AbEntrySummary;
2176 UCHAR AbWaitEntryCount;
2177 USHORT Spare20;
2178#if _WIN64
2179 ULONG SecureThreadCookie;
2180#endif
2181#elif (NTDDI_VERSION >= NTDDI_WINBLUE) // 6.3.9431.0
2182 SINGLE_LIST_ENTRY LockEntriesFreeList;
2183#endif
2184
2185#if (NTDDI_VERSION >= NTDDI_WINBLUE /* 0x06032580 */) // since 6.3.9600.16384
2186 KLOCK_ENTRY LockEntries[NUMBER_OF_LOCK_ENTRIES];
2187 SINGLE_LIST_ENTRY PropagateBoostsEntry;
2188 SINGLE_LIST_ENTRY IoSelfBoostsEntry;
2189 UCHAR PriorityFloorCounts[16];
2190 ULONG PriorityFloorSummary;
2191 volatile LONG AbCompletedIoBoostCount;
2192 #if (NTDDI_VERSION >= NTDDI_WIN10_RS1)
2193 LONG AbCompletedIoQoSBoostCount;
2194 #endif
2195
2196 #if (NTDDI_VERSION >= NTDDI_WIN10) // since 10.0.10240.16384
2197 volatile SHORT KeReferenceCount;
2198 #else
2199 volatile SHORT AbReferenceCount;
2200 #endif
2201 #if (NTDDI_VERSION >= 0x06040000) // since 6.4.9841.0
2202 UCHAR AbOrphanedEntrySummary;
2203 UCHAR AbOwnedEntryCount;
2204 #else
2205 UCHAR AbFreeEntryCount;
2206 UCHAR AbWaitEntryCount;
2207 #endif
2208 ULONG ForegroundLossTime;
2209 union
2210 {
2211 LIST_ENTRY GlobalForegroundListEntry;
2212 struct
2213 {
2214 SINGLE_LIST_ENTRY ForegroundDpcStackListEntry;
2215 ULONG_PTR InGlobalForegroundList;
2216 };
2217 };
2218#endif
2219
2220#if _WIN64
2221 LONG64 ReadOperationCount;
2222 LONG64 WriteOperationCount;
2223 LONG64 OtherOperationCount;
2224 LONG64 ReadTransferCount;
2225 LONG64 WriteTransferCount;
2226 LONG64 OtherTransferCount;
2227#endif
2228#if (NTDDI_VERSION >= NTDDI_WIN10) // since 10.0.10041.0
2229 struct _KSCB *QueuedScb;
2230#ifndef _WIN64
2231 ULONG64 NpxState;
2232#endif
2233#endif
2234} KTHREAD;
2235
2236#endif
2237
2238
2239#define ASSERT_THREAD(object) \
2240 ASSERT((((object)->Header.Type & KOBJECT_TYPE_MASK) == ThreadObject))
2241
2242//
2243// Kernel Process (KPROCESS)
2244//
2245typedef struct _KPROCESS
2246{
2247 DISPATCHER_HEADER Header;
2248 LIST_ENTRY ProfileListHead;
2249#if (NTDDI_VERSION >= NTDDI_LONGHORN)
2250 ULONG_PTR DirectoryTableBase;
2251 ULONG_PTR Unused0;
2252#else
2253 ULONG_PTR DirectoryTableBase[2];
2254#endif
2255#if defined(_M_IX86)
2256 KGDTENTRY LdtDescriptor;
2257 KIDTENTRY Int21Descriptor;
2258#endif
2259 USHORT IopmOffset;
2260#if defined(_M_IX86)
2261 UCHAR Iopl;
2262 UCHAR Unused;
2263#endif
2264 volatile KAFFINITY ActiveProcessors;
2265 ULONG KernelTime;
2266 ULONG UserTime;
2267 LIST_ENTRY ReadyListHead;
2268 SINGLE_LIST_ENTRY SwapListEntry;
2269 PVOID VdmTrapcHandler;
2270 LIST_ENTRY ThreadListHead;
2271 KSPIN_LOCK ProcessLock;
2272 KAFFINITY Affinity;
2273 union
2274 {
2275 struct
2276 {
2277 LONG AutoAlignment:1;
2278 LONG DisableBoost:1;
2279 LONG DisableQuantum:1;
2280 LONG ReservedFlags:29;
2281 };
2282 LONG ProcessFlags;
2283 };
2284 SCHAR BasePriority;
2285 SCHAR QuantumReset;
2286 UCHAR State;
2287 UCHAR ThreadSeed;
2288 UCHAR PowerState;
2289 UCHAR IdealNode;
2290 UCHAR Visited;
2291 union
2292 {
2293 KEXECUTE_OPTIONS Flags;
2294 UCHAR ExecuteOptions;
2295 };
2296 ULONG StackCount;
2297 LIST_ENTRY ProcessListEntry;
2298#if (NTDDI_VERSION >= NTDDI_LONGHORN) // [
2299 ULONGLONG CycleTime;
2300#endif // ]
2301} KPROCESS;
2302
2303#define ASSERT_PROCESS(object) \
2304 ASSERT((((object)->Header.Type & KOBJECT_TYPE_MASK) == ProcessObject))
2305
2306//
2307// System Service Table Descriptor
2308//
2309typedef struct _KSERVICE_TABLE_DESCRIPTOR
2310{
2311 PULONG_PTR Base;
2312 PULONG Count;
2313 ULONG Limit;
2314#if defined(_IA64_)
2315 LONG TableBaseGpOffset;
2316#endif
2317 PUCHAR Number;
2318} KSERVICE_TABLE_DESCRIPTOR, *PKSERVICE_TABLE_DESCRIPTOR;
2319
2320#if (NTDDI_VERSION >= NTDDI_WIN8)
2321//
2322// Entropy Timing State
2323//
2324typedef struct _KENTROPY_TIMING_STATE
2325{
2326 ULONG EntropyCount;
2327 ULONG Buffer[64];
2328 KDPC Dpc;
2329 ULONG LastDeliveredBuffer;
2330 PULONG RawDataBuffer;
2331} KENTROPY_TIMING_STATE, *PKENTROPY_TIMING_STATE;
2332
2333//
2334// Constants from ks386.inc, ksamd64.inc and ksarm.h
2335//
2336#define KENTROPY_TIMING_INTERRUPTS_PER_BUFFER 0x400
2337#define KENTROPY_TIMING_BUFFER_MASK 0x7ff
2338#define KENTROPY_TIMING_ANALYSIS 0x0
2339
2340#endif /* (NTDDI_VERSION >= NTDDI_WIN8) */
2341
2342//
2343// Exported Loader Parameter Block
2344//
2345extern struct _LOADER_PARAMETER_BLOCK NTSYSAPI *KeLoaderBlock;
2346
2347//
2348// Exported Hardware Data
2349//
2350extern ULONG NTSYSAPI KiDmaIoCoherency;
2351extern ULONG NTSYSAPI KeMaximumIncrement;
2352extern ULONG NTSYSAPI KeMinimumIncrement;
2353extern ULONG NTSYSAPI KeDcacheFlushCount;
2354extern ULONG NTSYSAPI KeIcacheFlushCount;
2355extern ULONG_PTR NTSYSAPI KiBugCheckData[];
2356extern BOOLEAN NTSYSAPI KiEnableTimerWatchdog;
2357
2358//
2359// Exported System Service Descriptor Tables
2360//
2361extern KSERVICE_TABLE_DESCRIPTOR NTSYSAPI KeServiceDescriptorTable[SSDT_MAX_ENTRIES];
2362extern KSERVICE_TABLE_DESCRIPTOR NTSYSAPI KeServiceDescriptorTableShadow[SSDT_MAX_ENTRIES];
2363
2364#endif // !NTOS_MODE_USER
2365
2366#endif // _KETYPES_H
PreviousMode
_In_ PVOID _In_ ULONG _Out_ PVOID _In_ ULONG _Inout_ PULONG _In_ KPROCESSOR_MODE PreviousMode
Definition: KdSystemDebugControl.c:35
BOOLEAN
unsigned char BOOLEAN
Definition: ProcessorBind.h:185
VOID
#define VOID
Definition: acefi.h:82
ServiceTable
static SERVICE_TABLE_ENTRYW ServiceTable[2]
Definition: eventlog.c:24
Reserved2
@ Reserved2
Definition: bcd.h:202
Reserved1
@ Reserved1
Definition: bcd.h:201
NTSYSAPI
#define NTSYSAPI
Definition: ntoskrnl.h:12
Buffer
Definition: bufpool.h:45
KAFFINITY
ULONG_PTR KAFFINITY
Definition: compat.h:85
NT_PRODUCT_TYPE
enum _NT_PRODUCT_TYPE NT_PRODUCT_TYPE
PNT_PRODUCT_TYPE
enum _NT_PRODUCT_TYPE * PNT_PRODUCT_TYPE
_NT_PRODUCT_TYPE
_NT_PRODUCT_TYPE
Definition: shellpath.c:63
NtProductWinNt
@ NtProductWinNt
Definition: shellpath.c:64
NtProductLanManNt
@ NtProductLanManNt
Definition: shellpath.c:65
NtProductServer
@ NtProductServer
Definition: shellpath.c:66
KIRQL
UCHAR KIRQL
Definition: env_spec_w32.h:591
KSPIN_LOCK
ULONG KSPIN_LOCK
Definition: env_spec_w32.h:72
PKSPIN_LOCK
KSPIN_LOCK * PKSPIN_LOCK
Definition: env_spec_w32.h:73
Process
_Must_inspect_result_ _In_ PLARGE_INTEGER _In_ PLARGE_INTEGER _In_ ULONG _In_ PFILE_OBJECT _In_ PVOID Process
Definition: fsrtlfuncs.h:223
KPROFILE_SOURCE
enum _KPROFILE_SOURCE KPROFILE_SOURCE
PTIMER_APC_ROUTINE
VOID(CALLBACK * PTIMER_APC_ROUTINE)(PVOID, ULONG, LONG)
Definition: winternl.h:2018
_KPROFILE_SOURCE
_KPROFILE_SOURCE
Definition: winternl.h:2122
ProfileFpInstructions
@ ProfileFpInstructions
Definition: winternl.h:2136
ProfileIntegerInstructions
@ ProfileIntegerInstructions
Definition: winternl.h:2137
ProfileBranchMispredictions
@ ProfileBranchMispredictions
Definition: winternl.h:2134
ProfileMaximum
@ ProfileMaximum
Definition: winternl.h:2147
ProfileStoreInstructions
@ ProfileStoreInstructions
Definition: winternl.h:2135
ProfileAlignmentFixup
@ ProfileAlignmentFixup
Definition: winternl.h:2124
ProfilePipelineDry
@ ProfilePipelineDry
Definition: winternl.h:2126
ProfileMemoryBarrierCycles
@ ProfileMemoryBarrierCycles
Definition: winternl.h:2145
Profile3Issue
@ Profile3Issue
Definition: winternl.h:2139
ProfileLoadLinkedIssues
@ ProfileLoadLinkedIssues
Definition: winternl.h:2146
ProfileDcacheMisses
@ ProfileDcacheMisses
Definition: winternl.h:2131
ProfileIcacheIssues
@ ProfileIcacheIssues
Definition: winternl.h:2143
ProfileIcacheMisses
@ ProfileIcacheMisses
Definition: winternl.h:2132
ProfileTotalNonissues
@ ProfileTotalNonissues
Definition: winternl.h:2130
ProfileTime
@ ProfileTime
Definition: winternl.h:2123
ProfileSpecialInstructions
@ ProfileSpecialInstructions
Definition: winternl.h:2141
Profile2Issue
@ Profile2Issue
Definition: winternl.h:2138
ProfileTotalCycles
@ ProfileTotalCycles
Definition: winternl.h:2142
ProfileBranchInstructions
@ ProfileBranchInstructions
Definition: winternl.h:2129
ProfilePipelineFrozen
@ ProfilePipelineFrozen
Definition: winternl.h:2128
ProfileDcacheAccesses
@ ProfileDcacheAccesses
Definition: winternl.h:2144
ProfileLoadInstructions
@ ProfileLoadInstructions
Definition: winternl.h:2127
ProfileTotalIssues
@ ProfileTotalIssues
Definition: winternl.h:2125
Profile4Issue
@ Profile4Issue
Definition: winternl.h:2140
ProfileCacheMisses
@ ProfileCacheMisses
Definition: winternl.h:2133
_HARDWARE_COUNTER_TYPE
_HARDWARE_COUNTER_TYPE
Definition: pstypes.h:123
Unused
#define Unused(x)
Definition: atlwin.h:28
ULONG64
unsigned __int64 ULONG64
Definition: imports.h:198
LONG_PTR
__int3264 LONG_PTR
Definition: mstsclib_h.h:276
KernelMode
#define KernelMode
Definition: asm.h:38
UserMode
#define UserMode
Definition: asm.h:39
NUMBER_OF_LOCK_ENTRIES
#define NUMBER_OF_LOCK_ENTRIES
Definition: ketypes.h:1819
KINTERRUPT
struct _KINTERRUPT KINTERRUPT
PKSYSTEM_ROUTINE
VOID(NTAPI * PKSYSTEM_ROUTINE)(PKSTART_ROUTINE StartRoutine, PVOID StartContext)
Definition: ketypes.h:900
KeIcacheFlushCount
ULONG NTSYSAPI KeIcacheFlushCount
Definition: cpu.c:19
PKNODE
struct _KNODE * PKNODE
_KPROCESS_STATE
_KPROCESS_STATE
Definition: ketypes.h:459
ProcessOutOfMemory
@ ProcessOutOfMemory
Definition: ketypes.h:461
ProcessInMemory
@ ProcessInMemory
Definition: ketypes.h:460
ProcessOutSwap
@ ProcessOutSwap
Definition: ketypes.h:464
ProcessInSwap
@ ProcessInSwap
Definition: ketypes.h:463
ProcessInTransition
@ ProcessInTransition
Definition: ketypes.h:462
KPROFILE
struct _KPROFILE KPROFILE
KDPC_DATA
struct _KDPC_DATA KDPC_DATA
KTHREAD_COUNTERS
struct _KTHREAD_COUNTERS KTHREAD_COUNTERS
KDPC_LIST
struct _KDPC_LIST KDPC_LIST
PCOUNTER_READING
struct _COUNTER_READING * PCOUNTER_READING
KEXECUTE_OPTIONS
struct _KEXECUTE_OPTIONS KEXECUTE_OPTIONS
FIBER
struct _FIBER FIBER
PKDPC_LIST
struct _KDPC_LIST * PKDPC_LIST
ADJUST_REASON
enum _ADJUST_REASON ADJUST_REASON
PKEVENT_PAIR
struct _KEVENT_PAIR * PKEVENT_PAIR
_KOBJECTS
_KOBJECTS
Definition: ketypes.h:405
ApcObject
@ ApcObject
Definition: ketypes.h:424
Spare3Object
@ Spare3Object
Definition: ketypes.h:417
ProfileObject
@ ProfileObject
Definition: ketypes.h:429
EventSynchronizationObject
@ EventSynchronizationObject
Definition: ketypes.h:407
TimerNotificationObject
@ TimerNotificationObject
Definition: ketypes.h:414
Spare4Object
@ Spare4Object
Definition: ketypes.h:418
DeviceQueueObject
@ DeviceQueueObject
Definition: ketypes.h:426
TimerSynchronizationObject
@ TimerSynchronizationObject
Definition: ketypes.h:415
Spare5Object
@ Spare5Object
Definition: ketypes.h:419
Spare2Object
@ Spare2Object
Definition: ketypes.h:416
MaximumKernelObject
@ MaximumKernelObject
Definition: ketypes.h:431
QueueObject
@ QueueObject
Definition: ketypes.h:410
Spare8Object
@ Spare8Object
Definition: ketypes.h:422
Spare6Object
@ Spare6Object
Definition: ketypes.h:420
ProcessObject
@ ProcessObject
Definition: ketypes.h:409
SemaphoreObject
@ SemaphoreObject
Definition: ketypes.h:411
DpcObject
@ DpcObject
Definition: ketypes.h:425
EventNotificationObject
@ EventNotificationObject
Definition: ketypes.h:406
GateObject
@ GateObject
Definition: ketypes.h:413
ThreadObject
@ ThreadObject
Definition: ketypes.h:412
ThreadedDpcObject
@ ThreadedDpcObject
Definition: ketypes.h:430
Spare7Object
@ Spare7Object
Definition: ketypes.h:421
MutantObject
@ MutantObject
Definition: ketypes.h:408
InterruptObject
@ InterruptObject
Definition: ketypes.h:428
EventPairObject
@ EventPairObject
Definition: ketypes.h:427
Spare9Object
@ Spare9Object
Definition: ketypes.h:423
PPP_LOOKASIDE_LIST
struct _PP_LOOKASIDE_LIST * PPP_LOOKASIDE_LIST
KiBugCheckData
ULONG_PTR NTSYSAPI KiBugCheckData[]
Definition: bug.c:31
KEVENT_PAIR
struct _KEVENT_PAIR KEVENT_PAIR
PKTHREAD_COUNTERS
struct _KTHREAD_COUNTERS * PKTHREAD_COUNTERS
KCONTINUE_STATUS
enum _KCONTINUE_STATUS KCONTINUE_STATUS
RTL_RB_TREE
struct _RTL_RB_TREE RTL_RB_TREE
FIXME: should move to rtltypes.h, but we can't include it here.
KLOCK_ENTRY
struct _KLOCK_ENTRY KLOCK_ENTRY
PKDPC_DATA
struct _KDPC_DATA * PKDPC_DATA
KTHREAD
struct _KTHREAD KTHREAD
KTIMER_TABLE
struct _KTIMER_TABLE KTIMER_TABLE
KiDmaIoCoherency
ULONG NTSYSAPI KiDmaIoCoherency
Definition: cpu.c:30
PP_LOOKASIDE_LIST
struct _PP_LOOKASIDE_LIST PP_LOOKASIDE_LIST
_VDMSERVICECLASS
_VDMSERVICECLASS
Definition: ketypes.h:471
VdmSetLdtEntries
@ VdmSetLdtEntries
Definition: ketypes.h:482
VdmSetProcessLdtInfo
@ VdmSetProcessLdtInfo
Definition: ketypes.h:483
VdmQueryDir
@ VdmQueryDir
Definition: ketypes.h:478
VdmSetInt21Handler
@ VdmSetInt21Handler
Definition: ketypes.h:477
VdmAdlibEmulation
@ VdmAdlibEmulation
Definition: ketypes.h:484
VdmQueueInterrupt
@ VdmQueueInterrupt
Definition: ketypes.h:473
VdmDelayInterrupt
@ VdmDelayInterrupt
Definition: ketypes.h:474
VdmPrinterDirectIoClose
@ VdmPrinterDirectIoClose
Definition: ketypes.h:480
VdmPrinterDirectIoOpen
@ VdmPrinterDirectIoOpen
Definition: ketypes.h:479
VdmPrinterInitialize
@ VdmPrinterInitialize
Definition: ketypes.h:481
VdmFeatures
@ VdmFeatures
Definition: ketypes.h:476
VdmPMCliControl
@ VdmPMCliControl
Definition: ketypes.h:485
VdmInitialize
@ VdmInitialize
Definition: ketypes.h:475
VdmQueryVdmProcess
@ VdmQueryVdmProcess
Definition: ketypes.h:486
VdmStartExecution
@ VdmStartExecution
Definition: ketypes.h:472
KTHREAD_STATE
enum _KTHREAD_STATE KTHREAD_STATE
COUNTER_READING
struct _COUNTER_READING COUNTER_READING
PKLOCK_ENTRY
struct _KLOCK_ENTRY * PKLOCK_ENTRY
PFIBER
struct _FIBER * PFIBER
KeMaximumIncrement
ULONG NTSYSAPI KeMaximumIncrement
Definition: clock.c:20
PKTIMER_TABLE_ENTRY
struct _KTIMER_TABLE_ENTRY * PKTIMER_TABLE_ENTRY
KPROCESS
struct _KPROCESS KPROCESS
PKRUNDOWN_ROUTINE
VOID(NTAPI * PKRUNDOWN_ROUTINE)(IN struct _KAPC *Apc)
Definition: ketypes.h:913
KLOCK_ENTRY_LOCK_STATE
struct _KLOCK_ENTRY_LOCK_STATE KLOCK_ENTRY_LOCK_STATE
KWAIT_STATUS_REGISTER
union _KWAIT_STATUS_REGISTER KWAIT_STATUS_REGISTER
_KTHREAD_STATE
_KTHREAD_STATE
Definition: ketypes.h:387
Terminated
@ Terminated
Definition: ketypes.h:392
Ready
@ Ready
Definition: ketypes.h:389
Running
@ Running
Definition: ketypes.h:390
GateWait
@ GateWait
Definition: ketypes.h:397
Standby
@ Standby
Definition: ketypes.h:391
DeferredReady
@ DeferredReady
Definition: ketypes.h:395
Waiting
@ Waiting
Definition: ketypes.h:393
Transition
@ Transition
Definition: ketypes.h:394
Initialized
@ Initialized
Definition: ketypes.h:388
_KAPC_ENVIRONMENT
_KAPC_ENVIRONMENT
Definition: ketypes.h:929
AttachedApcEnvironment
@ AttachedApcEnvironment
Definition: ketypes.h:931
OriginalApcEnvironment
@ OriginalApcEnvironment
Definition: ketypes.h:930
CurrentApcEnvironment
@ CurrentApcEnvironment
Definition: ketypes.h:932
InsertApcEnvironment
@ InsertApcEnvironment
Definition: ketypes.h:933
PKPROFILE
struct _KPROFILE * PKPROFILE
PKTIMER_TABLE
struct _KTIMER_TABLE * PKTIMER_TABLE
PKENTROPY_TIMING_STATE
struct _KENTROPY_TIMING_STATE * PKENTROPY_TIMING_STATE
KPROCESS_STATE
enum _KPROCESS_STATE KPROCESS_STATE
PKTHREAD_STATE
enum _KTHREAD_STATE * PKTHREAD_STATE
SSDT_MAX_ENTRIES
#define SSDT_MAX_ENTRIES
Definition: ketypes.h:100
KNODE
struct _KNODE KNODE
KOBJECTS
enum _KOBJECTS KOBJECTS
KSERVICE_TABLE_DESCRIPTOR
struct _KSERVICE_TABLE_DESCRIPTOR KSERVICE_TABLE_DESCRIPTOR
KiEnableTimerWatchdog
BOOLEAN NTSYSAPI KiEnableTimerWatchdog
Definition: timerobj.c:20
PKPROCESS_STATE
enum _KPROCESS_STATE * PKPROCESS_STATE
KeServiceDescriptorTable
KSERVICE_TABLE_DESCRIPTOR NTSYSAPI KeServiceDescriptorTable[SSDT_MAX_ENTRIES]
Definition: procobj.c:23
VDMSERVICECLASS
enum _VDMSERVICECLASS VDMSERVICECLASS
PGETSETCONTEXT
struct _GETSETCONTEXT * PGETSETCONTEXT
KeDcacheFlushCount
ULONG NTSYSAPI KeDcacheFlushCount
Definition: cpu.c:20
_KCONTINUE_STATUS
_KCONTINUE_STATUS
Definition: ketypes.h:448
ContinueNextProcessor
@ ContinueNextProcessor
Definition: ketypes.h:452
ContinueProcessorReselected
@ ContinueProcessorReselected
Definition: ketypes.h:451
ContinueError
@ ContinueError
Definition: ketypes.h:449
ContinueSuccess
@ ContinueSuccess
Definition: ketypes.h:450
DISPATCH_LENGTH
#define DISPATCH_LENGTH
Definition: ketypes.h:174
PKEXECUTE_OPTIONS
struct _KEXECUTE_OPTIONS * PKEXECUTE_OPTIONS
PKSERVICE_TABLE_DESCRIPTOR
struct _KSERVICE_TABLE_DESCRIPTOR * PKSERVICE_TABLE_DESCRIPTOR
_ADJUST_REASON
_ADJUST_REASON
Definition: ketypes.h:438
AdjustUnwait
@ AdjustUnwait
Definition: ketypes.h:440
AdjustNone
@ AdjustNone
Definition: ketypes.h:439
AdjustBoost
@ AdjustBoost
Definition: ketypes.h:441
KENTROPY_TIMING_STATE
struct _KENTROPY_TIMING_STATE KENTROPY_TIMING_STATE
KeLoaderBlock
struct _LOADER_PARAMETER_BLOCK NTSYSAPI * KeLoaderBlock
Definition: krnlinit.c:28
PKWAIT_STATUS_REGISTER
union _KWAIT_STATUS_REGISTER * PKWAIT_STATUS_REGISTER
GETSETCONTEXT
struct _GETSETCONTEXT GETSETCONTEXT
PKKERNEL_ROUTINE
VOID(NTAPI * PKKERNEL_ROUTINE)(IN struct _KAPC *Apc, IN OUT PKNORMAL_ROUTINE *NormalRoutine OPTIONAL, IN OUT PVOID *NormalContext OPTIONAL, IN OUT PVOID *SystemArgument1 OPTIONAL, IN OUT PVOID *SystemArgument2 OPTIONAL)
Definition: ketypes.h:917
SYNCH_COUNTERS
struct _SYNCH_COUNTERS SYNCH_COUNTERS
KeServiceDescriptorTableShadow
KSERVICE_TABLE_DESCRIPTOR NTSYSAPI KeServiceDescriptorTableShadow[SSDT_MAX_ENTRIES]
Definition: procobj.c:24
PSYNCH_COUNTERS
struct _SYNCH_COUNTERS * PSYNCH_COUNTERS
PKNORMAL_ROUTINE
VOID(NTAPI * PKNORMAL_ROUTINE)(IN PVOID NormalContext OPTIONAL, IN PVOID SystemArgument1 OPTIONAL, IN PVOID SystemArgument2 OPTIONAL)
Definition: ketypes.h:907
PRTL_RB_TREE
struct _RTL_RB_TREE * PRTL_RB_TREE
KeMinimumIncrement
ULONG NTSYSAPI KeMinimumIncrement
Definition: clock.c:21
KTIMER_TABLE_ENTRY
struct _KTIMER_TABLE_ENTRY KTIMER_TABLE_ENTRY
KAPC_ENVIRONMENT
enum _KAPC_ENVIRONMENT KAPC_ENVIRONMENT
PKLOCK_ENTRY_LOCK_STATE
struct _KLOCK_ENTRY_LOCK_STATE * PKLOCK_ENTRY_LOCK_STATE
_In_
#define _In_
Definition: no_sal2.h:158
DECLSPEC_ALIGN
#define DECLSPEC_ALIGN(x)
Definition: ntbasedef.h:259
RTL_SIZEOF_THROUGH_FIELD
#define RTL_SIZEOF_THROUGH_FIELD(type, field)
Definition: ntbasedef.h:680
TIMER_TYPE
enum _TIMER_TYPE TIMER_TYPE
_EVENT_TYPE
_EVENT_TYPE
Definition: ntdef.template.h:355
NotificationEvent
@ NotificationEvent
Definition: ntdef.template.h:356
SynchronizationEvent
@ SynchronizationEvent
Definition: ntdef.template.h:357
_WAIT_TYPE
_WAIT_TYPE
Definition: ntdef.template.h:365
WaitAll
@ WaitAll
Definition: ntdef.template.h:366
WaitAny
@ WaitAny
Definition: ntdef.template.h:367
EVENT_TYPE
enum _EVENT_TYPE EVENT_TYPE
WAIT_TYPE
enum _WAIT_TYPE WAIT_TYPE
_TIMER_TYPE
_TIMER_TYPE
Definition: ntdef.template.h:360
SynchronizationTimer
@ SynchronizationTimer
Definition: ntdef.template.h:362
NotificationTimer
@ NotificationTimer
Definition: ntdef.template.h:361
PHANDLE
PVOID *typedef PHANDLE
Definition: ntsecpkg.h:455
SHORT
short SHORT
Definition: pedump.c:59
LONG
long LONG
Definition: pedump.c:60
USHORT
unsigned short USHORT
Definition: pedump.c:61
Reserved5
@ Reserved5
Definition: sacdrv.h:1473
KINTERRUPT_MODE
enum _KINTERRUPT_MODE KINTERRUPT_MODE
SCHAR
signed char SCHAR
Definition: sqltypes.h:14
_ACTIVATION_CONTEXT_STACK
Definition: rtltypes.h:966
_CONTEXT
Definition: nt_native.h:1406
_COUNTER_READING
Definition: ketypes.h:1176
_COUNTER_READING::Index
ULONG Index
Definition: ketypes.h:1178
_COUNTER_READING::Type
enum _HARDWARE_COUNTER_TYPE Type
Definition: ketypes.h:1177
_COUNTER_READING::Start
ULONG64 Start
Definition: ketypes.h:1179
_COUNTER_READING::Total
ULONG64 Total
Definition: ketypes.h:1180
_DISPATCHER_HEADER
Definition: ketypes.h:740
_EXCEPTION_REGISTRATION_RECORD
Definition: compat.h:725
_FIBER
Definition: ketypes.h:147
_FIBER::StackLimit
PVOID StackLimit
Definition: ketypes.h:151
_FIBER::FiberContext
CONTEXT FiberContext
Definition: ketypes.h:153
_FIBER::DeallocationStack
PVOID DeallocationStack
Definition: ketypes.h:152
_FIBER::Wx86Tib
PVOID Wx86Tib
Definition: ketypes.h:155
_FIBER::GuaranteedStackBytes
ULONG GuaranteedStackBytes
Definition: ketypes.h:158
_FIBER::StackBase
PVOID StackBase
Definition: ketypes.h:150
_FIBER::TebFlags
ULONG TebFlags
Definition: ketypes.h:159
_FIBER::ActivationContextStackPointer
struct _ACTIVATION_CONTEXT_STACK * ActivationContextStackPointer
Definition: ketypes.h:156
_FIBER::ExceptionList
struct _EXCEPTION_REGISTRATION_RECORD * ExceptionList
Definition: ketypes.h:149
_FIBER::FiberData
PVOID FiberData
Definition: ketypes.h:148
_FIBER::FlsData
PVOID FlsData
Definition: ketypes.h:157
_GENERAL_LOOKASIDE
Definition: extypes.h:134
_GETSETCONTEXT
Definition: ketypes.h:1067
_GETSETCONTEXT::Context
CONTEXT Context
Definition: ketypes.h:1071
_GETSETCONTEXT::Apc
KAPC Apc
Definition: ketypes.h:1068
_GETSETCONTEXT::Mode
KPROCESSOR_MODE Mode
Definition: ketypes.h:1070
_GETSETCONTEXT::Event
KEVENT Event
Definition: ketypes.h:1069
_GROUP_AFFINITY
Definition: ntbasedef.h:667
_KAPC
Definition: ketypes.h:547
_KAPC::NormalContext
PVOID NormalContext
Definition: ketypes.h:562
_KDPC_DATA
Definition: ketypes.h:1011
_KDPC_DATA::DpcCount
ULONG DpcCount
Definition: ketypes.h:1023
_KDPC_DATA::DpcLock
ULONG_PTR DpcLock
Definition: ketypes.h:1017
_KDPC_DATA::DpcQueueDepth
volatile ULONG DpcQueueDepth
Definition: ketypes.h:1021
_KDPC_DATA::ActiveDpc
PKDPC ActiveDpc
Definition: ketypes.h:1025
_KDPC_DATA::DpcList
KDPC_LIST DpcList
Definition: ketypes.h:1013
_KDPC_LIST
Definition: ketypes.h:952
_KDPC_LIST::ListHead
SINGLE_LIST_ENTRY ListHead
Definition: ketypes.h:953
_KDPC_LIST::LastEntry
SINGLE_LIST_ENTRY * LastEntry
Definition: ketypes.h:954
_KDPC
Definition: ketypes.h:699
_KENTROPY_TIMING_STATE
Definition: ketypes.h:2325
_KENTROPY_TIMING_STATE::EntropyCount
ULONG EntropyCount
Definition: ketypes.h:2326
_KENTROPY_TIMING_STATE::LastDeliveredBuffer
ULONG LastDeliveredBuffer
Definition: ketypes.h:2329
_KENTROPY_TIMING_STATE::RawDataBuffer
PULONG RawDataBuffer
Definition: ketypes.h:2330
_KENTROPY_TIMING_STATE::Dpc
KDPC Dpc
Definition: ketypes.h:2328
_KEVENT_PAIR
Definition: ketypes.h:1138
_KEVENT_PAIR::Type
CSHORT Type
Definition: ketypes.h:1139
_KEVENT_PAIR::HighEvent
KEVENT HighEvent
Definition: ketypes.h:1142
_KEVENT_PAIR::Size
CSHORT Size
Definition: ketypes.h:1140
_KEVENT_PAIR::LowEvent
KEVENT LowEvent
Definition: ketypes.h:1141
_KEVENT
Definition: ketypes.h:811
_KEXECUTE_OPTIONS
Definition: ketypes.h:1149
_KEXECUTE_OPTIONS::DisableThunkEmulation
UCHAR DisableThunkEmulation
Definition: ketypes.h:1152
_KEXECUTE_OPTIONS::ExecuteDisable
UCHAR ExecuteDisable
Definition: ketypes.h:1150
_KEXECUTE_OPTIONS::ExecuteEnable
UCHAR ExecuteEnable
Definition: ketypes.h:1151
_KEXECUTE_OPTIONS::Permanent
UCHAR Permanent
Definition: ketypes.h:1153
_KEXECUTE_OPTIONS::ExecuteDispatchEnable
UCHAR ExecuteDispatchEnable
Definition: ketypes.h:1154
_KEXECUTE_OPTIONS::ImageDispatchEnable
UCHAR ImageDispatchEnable
Definition: ketypes.h:1155
_KEXECUTE_OPTIONS::Spare
UCHAR Spare
Definition: ketypes.h:1156
_KGATE
Definition: ketypes.h:822
_KGDTENTRY
Definition: ketypes.h:388
_KIDTENTRY
Definition: ketypes.h:439
_KINTERRUPT
Definition: ketypes.h:1097
_KINTERRUPT::SynchronizeIrql
KIRQL SynchronizeIrql
Definition: ketypes.h:1113
_KINTERRUPT::Number
CCHAR Number
Definition: ketypes.h:1116
_KINTERRUPT::ServiceCount
ULONG ServiceCount
Definition: ketypes.h:1122
_KINTERRUPT::DispatchAddress
PKINTERRUPT_ROUTINE DispatchAddress
Definition: ketypes.h:1110
_KINTERRUPT::DispatchCount
ULONG DispatchCount
Definition: ketypes.h:1123
_KINTERRUPT::Size
CSHORT Size
Definition: ketypes.h:1099
_KINTERRUPT::DispatchCode
ULONG DispatchCode[DISPATCH_LENGTH]
Definition: ketypes.h:1131
_KINTERRUPT::Connected
BOOLEAN Connected
Definition: ketypes.h:1115
_KINTERRUPT::Polarity
KINTERRUPT_POLARITY Polarity
Definition: ketypes.h:1120
_KINTERRUPT::Mode
KINTERRUPT_MODE Mode
Definition: ketypes.h:1118
_KINTERRUPT::ShareVector
BOOLEAN ShareVector
Definition: ketypes.h:1117
_KINTERRUPT::Vector
ULONG Vector
Definition: ketypes.h:1111
_KINTERRUPT::MessageServiceRoutine
PKSERVICE_ROUTINE MessageServiceRoutine
Definition: ketypes.h:1103
_KINTERRUPT::SpinLock
KSPIN_LOCK SpinLock
Definition: ketypes.h:1107
_KINTERRUPT::Irql
KIRQL Irql
Definition: ketypes.h:1112
_KINTERRUPT::FloatingSave
BOOLEAN FloatingSave
Definition: ketypes.h:1114
_KINTERRUPT::InterruptListEntry
LIST_ENTRY InterruptListEntry
Definition: ketypes.h:1100
_KINTERRUPT::MessageIndex
ULONG MessageIndex
Definition: ketypes.h:1104
_KINTERRUPT::TickCount
ULONG TickCount
Definition: ketypes.h:1108
_KINTERRUPT::ActualLock
PKSPIN_LOCK ActualLock
Definition: ketypes.h:1109
_KINTERRUPT::Type
CSHORT Type
Definition: ketypes.h:1098
_KINTERRUPT::Rsvd1
ULONGLONG Rsvd1
Definition: ketypes.h:1125
_KINTERRUPT::ServiceRoutine
PKSERVICE_ROUTINE ServiceRoutine
Definition: ketypes.h:1101
_KINTERRUPT::ServiceContext
PVOID ServiceContext
Definition: ketypes.h:1106
_KLOCK_ENTRY_LOCK_STATE
Definition: ketypes.h:1206
_KLOCK_ENTRY_LOCK_STATE::Busy
ULONG_PTR Busy
Definition: ketypes.h:1216
_KLOCK_ENTRY_LOCK_STATE::CrossThreadReleasable
ULONG_PTR CrossThreadReleasable
Definition: ketypes.h:1212
_KLOCK_ENTRY_LOCK_STATE::InTree
ULONG_PTR InTree
Definition: ketypes.h:1218
_KLOCK_ENTRY_LOCK_STATE::Reserved
ULONG_PTR Reserved
Definition: ketypes.h:1217
_KLOCK_ENTRY_LOCK_STATE::LockState
PVOID LockState
Definition: ketypes.h:1220
_KLOCK_ENTRY_LOCK_STATE::SessionId
ULONG SessionId
Definition: ketypes.h:1227
_KLOCK_ENTRY_LOCK_STATE::SessionState
PVOID SessionState
Definition: ketypes.h:1224
_KLOCK_ENTRY
Definition: ketypes.h:1236
_KLOCK_ENTRY::LockState
KLOCK_ENTRY_LOCK_STATE LockState
Definition: ketypes.h:1299
_KLOCK_ENTRY::Spare0
UCHAR Spare0
Definition: ketypes.h:1255
_KLOCK_ENTRY::AcquiredByte
UCHAR AcquiredByte
Definition: ketypes.h:1260
_KLOCK_ENTRY::SessionState
PVOID SessionState
Definition: ketypes.h:1312
_KLOCK_ENTRY::WaitingBit
UCHAR WaitingBit
Definition: ketypes.h:1254
_KLOCK_ENTRY::IoBoost
USHORT IoBoost
Definition: ketypes.h:1345
_KLOCK_ENTRY::WaiterTree
RTL_RB_TREE WaiterTree
Definition: ketypes.h:1328
_KLOCK_ENTRY::SessionId
ULONG SessionId
Definition: ketypes.h:1315
_KLOCK_ENTRY::IoQoSWaiterCount
USHORT IoQoSWaiterCount
Definition: ketypes.h:1351
_KLOCK_ENTRY::IoQoSBoost
USHORT IoQoSBoost
Definition: ketypes.h:1349
_KLOCK_ENTRY::EntryLock
ULONG_PTR EntryLock
Definition: ketypes.h:1332
_KLOCK_ENTRY::CrossThreadReleasableAndBusyByte
volatile UCHAR CrossThreadReleasableAndBusyByte
Definition: ketypes.h:1304
_KLOCK_ENTRY::OwnerTree
RTL_RB_TREE OwnerTree
Definition: ketypes.h:1327
_KLOCK_ENTRY::AllFlags
ULONG AllFlags
Definition: ketypes.h:1278
_KLOCK_ENTRY::HeadNodeBit
UCHAR HeadNodeBit
Definition: ketypes.h:1268
_KLOCK_ENTRY::FreeListEntry
SINGLE_LIST_ENTRY FreeListEntry
Definition: ketypes.h:1240
_KLOCK_ENTRY::IoQoSWaiter
UCHAR IoQoSWaiter
Definition: ketypes.h:1270
_KLOCK_ENTRY::EntryFlags
ULONG EntryFlags
Definition: ketypes.h:1245
_KLOCK_ENTRY::AcquiredBit
UCHAR AcquiredBit
Definition: ketypes.h:1261
_KLOCK_ENTRY::InTreeByte
UCHAR InTreeByte
Definition: ketypes.h:1309
_KLOCK_ENTRY::CpuBoostsBitmap
USHORT CpuBoostsBitmap
Definition: ketypes.h:1344
_KLOCK_ENTRY::LockUnsafe
PVOID LockUnsafe
Definition: ketypes.h:1300
_KLOCK_ENTRY::ThreadLocalFlags
UCHAR ThreadLocalFlags
Definition: ketypes.h:1251
_KLOCK_ENTRY::IoPriorityBit
UCHAR IoPriorityBit
Definition: ketypes.h:1269
_KLOCK_ENTRY::CpuPriorityKey
CHAR CpuPriorityKey
Definition: ketypes.h:1330
_KLOCK_ENTRY::AllBoosts
USHORT AllBoosts
Definition: ketypes.h:1338
_KLOCK_ENTRY::Spare1
UCHAR Spare1
Definition: ketypes.h:1271
_KLOCK_ENTRY::StaticState
ULONG StaticState
Definition: ketypes.h:1277
_KLOCK_ENTRY::EntryOffset
UCHAR EntryOffset
Definition: ketypes.h:1248
_KLOCK_ENTRY::TreeNode
RTL_BALANCED_NODE TreeNode
Definition: ketypes.h:1239
_KLOCK_ENTRY::CrossThreadFlags
UCHAR CrossThreadFlags
Definition: ketypes.h:1265
_KLOCK_ENTRY::IoNormalPriorityWaiterCount
USHORT IoNormalPriorityWaiterCount
Definition: ketypes.h:1350
_KNODE::_flags
Definition: ketypes.h:1054
_KNODE::_flags::Removable
UCHAR Removable
Definition: ketypes.h:1055
_KNODE::_flags::Fill
UCHAR Fill
Definition: ketypes.h:1056
_KNODE
Definition: ketypes.h:1047
_KNODE::DeadStackList
SLIST_HEADER DeadStackList
Definition: ketypes.h:1048
_KNODE::Seed
UCHAR Seed
Definition: ketypes.h:1052
_KNODE::FreeCount
ULONG_PTR FreeCount[2]
Definition: ketypes.h:1059
_KNODE::MmShiftedColor
ULONG MmShiftedColor
Definition: ketypes.h:1058
_KNODE::PfnDeferredList
struct _SINGLE_LIST_ENTRY * PfnDeferredList
Definition: ketypes.h:1060
_KNODE::Flags
struct _KNODE::_flags Flags
_KNODE::NodeNumber
UCHAR NodeNumber
Definition: ketypes.h:1053
_KNODE::ProcessorMask
KAFFINITY ProcessorMask
Definition: ketypes.h:1050
_KNODE::PfnDereferenceSListHead
SLIST_HEADER PfnDereferenceSListHead
Definition: ketypes.h:1049
_KNODE::Color
UCHAR Color
Definition: ketypes.h:1051
_KPRCB
Definition: ketypes.h:649
_KPROCESS
Definition: ketypes.h:2246
_KPROCESS::Header
DISPATCHER_HEADER Header
Definition: ketypes.h:2247
_KPROCESS::BasePriority
SCHAR BasePriority
Definition: ketypes.h:2284
_KPROCESS::QuantumReset
SCHAR QuantumReset
Definition: ketypes.h:2285
_KPROCESS::ProcessListEntry
LIST_ENTRY ProcessListEntry
Definition: ketypes.h:2297
_KPROCESS::SwapListEntry
SINGLE_LIST_ENTRY SwapListEntry
Definition: ketypes.h:2268
_KPROCESS::StackCount
ULONG StackCount
Definition: ketypes.h:2296
_KPROCESS::ThreadSeed
UCHAR ThreadSeed
Definition: ketypes.h:2287
_KPROCESS::IdealNode
UCHAR IdealNode
Definition: ketypes.h:2289
_KPROCESS::DisableQuantum
LONG DisableQuantum
Definition: ketypes.h:2279
_KPROCESS::DisableBoost
LONG DisableBoost
Definition: ketypes.h:2278
_KPROCESS::IopmOffset
USHORT IopmOffset
Definition: ketypes.h:2259
_KPROCESS::ProcessFlags
LONG ProcessFlags
Definition: ketypes.h:2282
_KPROCESS::ExecuteOptions
UCHAR ExecuteOptions
Definition: ketypes.h:2294
_KPROCESS::Unused0
ULONG_PTR Unused0
Definition: ketypes.h:2251
_KPROCESS::VdmTrapcHandler
PVOID VdmTrapcHandler
Definition: ketypes.h:2269
_KPROCESS::ActiveProcessors
volatile KAFFINITY ActiveProcessors
Definition: ketypes.h:2264
_KPROCESS::KernelTime
ULONG KernelTime
Definition: ketypes.h:2265
_KPROCESS::AutoAlignment
LONG AutoAlignment
Definition: ketypes.h:2277
_KPROCESS::DirectoryTableBase
ULONG_PTR DirectoryTableBase
Definition: ketypes.h:2250
_KPROCESS::Visited
UCHAR Visited
Definition: ketypes.h:2290
_KPROCESS::UserTime
ULONG UserTime
Definition: ketypes.h:2266
_KPROCESS::CycleTime
ULONGLONG CycleTime
Definition: ketypes.h:2299
_KPROCESS::State
UCHAR State
Definition: ketypes.h:2286
_KPROCESS::Affinity
KAFFINITY Affinity
Definition: ketypes.h:2272
_KPROCESS::ProfileListHead
LIST_ENTRY ProfileListHead
Definition: ketypes.h:2248
_KPROCESS::ReservedFlags
LONG ReservedFlags
Definition: ketypes.h:2280
_KPROCESS::PowerState
UCHAR PowerState
Definition: ketypes.h:2288
_KPROCESS::Flags
KEXECUTE_OPTIONS Flags
Definition: ketypes.h:2293
_KPROCESS::ThreadListHead
LIST_ENTRY ThreadListHead
Definition: ketypes.h:2270
_KPROCESS::ReadyListHead
LIST_ENTRY ReadyListHead
Definition: ketypes.h:2267
_KPROCESS::ProcessLock
KSPIN_LOCK ProcessLock
Definition: ketypes.h:2271
_KPROFILE
Definition: ketypes.h:1078
_KPROFILE::Process
struct _KPROCESS * Process
Definition: ketypes.h:1082
_KPROFILE::Size
CSHORT Size
Definition: ketypes.h:1080
_KPROFILE::BucketShift
ULONG BucketShift
Definition: ketypes.h:1085
_KPROFILE::RangeLimit
PVOID RangeLimit
Definition: ketypes.h:1084
_KPROFILE::Source
KPROFILE_SOURCE Source
Definition: ketypes.h:1089
_KPROFILE::Buffer
PVOID Buffer
Definition: ketypes.h:1086
_KPROFILE::Started
BOOLEAN Started
Definition: ketypes.h:1090
_KPROFILE::Segment
ULONG_PTR Segment
Definition: ketypes.h:1087
_KPROFILE::RangeBase
PVOID RangeBase
Definition: ketypes.h:1083
_KPROFILE::Type
CSHORT Type
Definition: ketypes.h:1079
_KPROFILE::Affinity
KAFFINITY Affinity
Definition: ketypes.h:1088
_KPROFILE::ProfileListEntry
LIST_ENTRY ProfileListEntry
Definition: ketypes.h:1081
_KQUEUE
Definition: ketypes.h:1578
_KSEMAPHORE
Definition: ketypes.h:815
_KSERVICE_TABLE_DESCRIPTOR
Definition: ketypes.h:2310
_KSERVICE_TABLE_DESCRIPTOR::Count
PULONG Count
Definition: ketypes.h:2312
_KSERVICE_TABLE_DESCRIPTOR::Base
PULONG_PTR Base
Definition: ketypes.h:2311
_KSERVICE_TABLE_DESCRIPTOR::Limit
ULONG Limit
Definition: ketypes.h:2313
_KSERVICE_TABLE_DESCRIPTOR::Number
PUCHAR Number
Definition: ketypes.h:2317
_KSYSTEM_TIME
Definition: ketypes.h:928
_KSYSTEM_TIME::High1Time
LONG High1Time
Definition: ketypes.h:930
_KSYSTEM_TIME::High2Time
LONG High2Time
Definition: ketypes.h:931
_KSYSTEM_TIME::LowPart
ULONG LowPart
Definition: ketypes.h:929
_KTHREAD_COUNTERS
Definition: ketypes.h:1184
_KTHREAD_COUNTERS::CycleTimeBias
ULONG64 CycleTimeBias
Definition: ketypes.h:1189
_KTHREAD_COUNTERS::WaitReasonBitMap
ULONG64 WaitReasonBitMap
Definition: ketypes.h:1185
_KTHREAD_COUNTERS::HardwareCounters
ULONG64 HardwareCounters
Definition: ketypes.h:1190
_KTHREAD_COUNTERS::UserData
struct _THREAD_PERFORMANCE_DATA * UserData
Definition: ketypes.h:1186
_KTHREAD_COUNTERS::Flags
ULONG Flags
Definition: ketypes.h:1187
_KTHREAD_COUNTERS::HwCounter
COUNTER_READING HwCounter[16]
Definition: ketypes.h:1191
_KTHREAD_COUNTERS::ContextSwitches
ULONG ContextSwitches
Definition: ketypes.h:1188
_KTHREAD
Definition: ketypes.h:1823
_KTHREAD::ApcInterruptRequest
ULONG ApcInterruptRequest
Definition: ketypes.h:1866
_KTHREAD::TrapFrame
PKTRAP_FRAME TrapFrame
Definition: ketypes.h:1937
_KTHREAD::InitialStack
PVOID InitialStack
Definition: ketypes.h:1827
_KTHREAD::SystemCallNumber
ULONG SystemCallNumber
Definition: ketypes.h:1932
_KTHREAD::Queue
PKQUEUE Queue
Definition: ketypes.h:1969
_KTHREAD::UserIdealProcessor
ULONG UserIdealProcessor
Definition: ketypes.h:1946
_KTHREAD::AdjustReason
UCHAR AdjustReason
Definition: ketypes.h:2091
_KTHREAD::UnusualBoost
UCHAR UnusualBoost
Definition: ketypes.h:2087
_KTHREAD::CurrentRunTime
ULONG CurrentRunTime
Definition: ketypes.h:1836
_KTHREAD::SchedulerApcFill4
UCHAR SchedulerApcFill4[FIELD_OFFSET(KAPC, SystemArgument2)]
Definition: ketypes.h:2159
_KTHREAD::Affinity
GROUP_AFFINITY Affinity
Definition: ketypes.h:2101
_KTHREAD::IdealProcessor
ULONG IdealProcessor
Definition: ketypes.h:2107
_KTHREAD::ThreadFlagsSpare
ULONG ThreadFlagsSpare
Definition: ketypes.h:1913
_KTHREAD::UserStackWalkActive
ULONG UserStackWalkActive
Definition: ketypes.h:1865
_KTHREAD::DisableBoost
ULONG DisableBoost
Definition: ketypes.h:1888
_KTHREAD::WaitStatus
volatile INT_PTR WaitStatus
Definition: ketypes.h:1962
_KTHREAD::ForegroundBoost
UCHAR ForegroundBoost
Definition: ketypes.h:2086
_KTHREAD::ProcessReadyQueue
ULONG ProcessReadyQueue
Definition: ketypes.h:1858
_KTHREAD::ChargeOnlyGroup
ULONG ChargeOnlyGroup
Definition: ketypes.h:1895
_KTHREAD::QuantumDonation
ULONG QuantumDonation
Definition: ketypes.h:1891
_KTHREAD::WaitMode
KPROCESSOR_MODE WaitMode
Definition: ketypes.h:1959
_KTHREAD::CallbackNestingLevel
UCHAR CallbackNestingLevel
Definition: ketypes.h:2165
_KTHREAD::WaitListEntry
LIST_ENTRY WaitListEntry
Definition: ketypes.h:1966
_KTHREAD::FreezeCount
ULONG FreezeCount
Definition: ketypes.h:1900
_KTHREAD::SListFaultCount
SHORT SListFaultCount
Definition: ketypes.h:2130
_KTHREAD::ReservedStackInUse
ULONG ReservedStackInUse
Definition: ketypes.h:1875
_KTHREAD::AbCompletedIoQoSBoostCount
LONG AbCompletedIoQoSBoostCount
Definition: ketypes.h:2193
_KTHREAD::PriorityDecrement
CHAR PriorityDecrement
Definition: ketypes.h:2083
_KTHREAD::QuantumEndMigrate
ULONG QuantumEndMigrate
Definition: ketypes.h:1867
_KTHREAD::Running
BOOLEAN Running
Definition: ketypes.h:1842
_KTHREAD::SavedApcState
KAPC_STATE SavedApcState
Definition: ketypes.h:2123
_KTHREAD::AffinityVersion
ULONG_PTR AffinityVersion
Definition: ketypes.h:2097
_KTHREAD::WaitBlockFill10
UCHAR WaitBlockFill10[2 *sizeof(KWAIT_BLOCK)+FIELD_OFFSET(KWAIT_BLOCK, SparePtr)]
Definition: ketypes.h:2028
_KTHREAD::Reserved
ULONG Reserved
Definition: ketypes.h:1878
_KTHREAD::ExpectedRunTime
ULONG ExpectedRunTime
Definition: ketypes.h:1837
_KTHREAD::DisableQuantum
ULONG DisableQuantum
Definition: ketypes.h:1894
_KTHREAD::QuantumTarget
ULONG64 QuantumTarget
Definition: ketypes.h:1826
_KTHREAD::Win32Thread
PVOID Win32Thread
Definition: ketypes.h:2029
_KTHREAD::InGlobalForegroundList
ULONG_PTR InGlobalForegroundList
Definition: ketypes.h:2215
_KTHREAD::SystemAffinityActive
ULONG SystemAffinityActive
Definition: ketypes.h:1860
_KTHREAD::Alerted
BOOLEAN Alerted[MaximumMode]
Definition: ketypes.h:1843
_KTHREAD::CycleTime
volatile ULONG64 CycleTime
Definition: ketypes.h:1831
_KTHREAD::ForegroundLossTime
ULONG ForegroundLossTime
Definition: ketypes.h:2208
_KTHREAD::GlobalForegroundListEntry
LIST_ENTRY GlobalForegroundListEntry
Definition: ketypes.h:2211
_KTHREAD::AbFreeEntryCount
UCHAR AbFreeEntryCount
Definition: ketypes.h:2205
_KTHREAD::QueuedScb
struct _KSCB * QueuedScb
Definition: ketypes.h:2229
_KTHREAD::ThreadFlags
LONG ThreadFlags
Definition: ketypes.h:1920
_KTHREAD::CombinedApcDisable
ULONG CombinedApcDisable
Definition: ketypes.h:2046
_KTHREAD::Alertable
ULONG Alertable
Definition: ketypes.h:1861
_KTHREAD::WaitPrcb
PKPRCB WaitPrcb
Definition: ketypes.h:2155
_KTHREAD::ThreadLock
KSPIN_LOCK ThreadLock
Definition: ketypes.h:1830
_KTHREAD::AbCompletedIoBoostCount
volatile LONG AbCompletedIoBoostCount
Definition: ketypes.h:2191
_KTHREAD::ApcStateFill
UCHAR ApcStateFill[RTL_SIZEOF_THROUGH_FIELD(KAPC_STATE, UserApcPending)]
Definition: ketypes.h:1944
_KTHREAD::FirstArgument
PVOID FirstArgument
Definition: ketypes.h:1936
_KTHREAD::CalloutActive
ULONG CalloutActive
Definition: ketypes.h:1872
_KTHREAD::Priority
SCHAR Priority
Definition: ketypes.h:1945
_KTHREAD::UserAffinitySet
ULONG UserAffinitySet
Definition: ketypes.h:1889
_KTHREAD::SpecialApcDisable
SHORT SpecialApcDisable
Definition: ketypes.h:2044
_KTHREAD::CommitFailTerminateRequest
ULONG CommitFailTerminateRequest
Definition: ketypes.h:1911
_KTHREAD::SuspendApcFill3
UCHAR SuspendApcFill3[FIELD_OFFSET(KAPC, SystemArgument1)]
Definition: ketypes.h:2154
_KTHREAD::ApcStateIndex
UCHAR ApcStateIndex
Definition: ketypes.h:2105
_KTHREAD::SListFaultAddress
PVOID SListFaultAddress
Definition: ketypes.h:1825
_KTHREAD::Spare20
USHORT Spare20
Definition: ketypes.h:2177
_KTHREAD::SchedulerApcFill0
UCHAR SchedulerApcFill0[FIELD_OFFSET(KAPC, SpareByte0)]
Definition: ketypes.h:2139
_KTHREAD::Teb
PVOID Teb
Definition: ketypes.h:1970
_KTHREAD::ThreadCounters
struct _KTHREAD_COUNTERS * ThreadCounters
Definition: ketypes.h:2019
_KTHREAD::SwapListEntry
SINGLE_LIST_ENTRY SwapListEntry
Definition: ketypes.h:1967
_KTHREAD::PreviousMode
CHAR PreviousMode
Definition: ketypes.h:2079
_KTHREAD::LockEntries
KLOCK_ENTRY LockEntries[NUMBER_OF_LOCK_ENTRIES]
Definition: ketypes.h:2186
_KTHREAD::ServiceTable
PVOID ServiceTable
Definition: ketypes.h:1834
_KTHREAD::QueueDeferPreemption
ULONG QueueDeferPreemption
Definition: ketypes.h:1897
_KTHREAD::SchedulerApcFill5
UCHAR SchedulerApcFill5[FIELD_OFFSET(KAPC, Inserted)+1]
Definition: ketypes.h:2164
_KTHREAD::NpxState
ULONG64 NpxState
Definition: ketypes.h:2231
_KTHREAD::AutoAlignment
ULONG AutoAlignment
Definition: ketypes.h:1887
_KTHREAD::AutoBoostActive
ULONG AutoBoostActive
Definition: ketypes.h:1852
_KTHREAD::ReadyTransition
ULONG ReadyTransition
Definition: ketypes.h:1854
_KTHREAD::ScbReadyQueue
ULONG ScbReadyQueue
Definition: ketypes.h:1873
_KTHREAD::UserAffinity
GROUP_AFFINITY UserAffinity
Definition: ketypes.h:2075
_KTHREAD::KernelStack
PVOID KernelStack
Definition: ketypes.h:1838
_KTHREAD::GuiThread
ULONG GuiThread
Definition: ketypes.h:1893
_KTHREAD::DeferredProcessor
ULONG DeferredProcessor
Definition: ketypes.h:2069
_KTHREAD::KernelTime
ULONG KernelTime
Definition: ketypes.h:2150
_KTHREAD::Spare15
ULONG Spare15
Definition: ketypes.h:2115
_KTHREAD::ResourceIndex
UCHAR ResourceIndex
Definition: ketypes.h:2140
_KTHREAD::ThreadListEntry
LIST_ENTRY ThreadListEntry
Definition: ketypes.h:2171
_KTHREAD::SystemHeteroCpuPolicy
UCHAR SystemHeteroCpuPolicy
Definition: ketypes.h:1925
_KTHREAD::UmsPerformingSyscall
ULONG UmsPerformingSyscall
Definition: ketypes.h:1876
_KTHREAD::BasePriority
CHAR BasePriority
Definition: ketypes.h:2080
_KTHREAD::WaitTime
ULONG WaitTime
Definition: ketypes.h:2038
_KTHREAD::UserHeteroCpuPolicy
UCHAR UserHeteroCpuPolicy
Definition: ketypes.h:1926
_KTHREAD::SchedulerApcFill2
UCHAR SchedulerApcFill2[FIELD_OFFSET(KAPC, SpareLong0)]
Definition: ketypes.h:2149
_KTHREAD::AffinityFill
UCHAR AffinityFill[FIELD_OFFSET(GROUP_AFFINITY, Reserved)]
Definition: ketypes.h:2104
_KTHREAD::PriorityFloorSummary
ULONG PriorityFloorSummary
Definition: ketypes.h:2190
_KTHREAD::QuantumReset
UCHAR QuantumReset
Definition: ketypes.h:2145
_KTHREAD::LegoData
PVOID LegoData
Definition: ketypes.h:2160
_KTHREAD::WaitReason
UCHAR WaitReason
Definition: ketypes.h:2127
_KTHREAD::KeReferenceCount
volatile SHORT KeReferenceCount
Definition: ketypes.h:2197
_KTHREAD::XStateSave
PXSTATE_SAVE XStateSave
Definition: ketypes.h:2024
_KTHREAD::StackBase
PVOID StackBase
Definition: ketypes.h:1829
_KTHREAD::SystemThread
ULONG SystemThread
Definition: ketypes.h:1870
_KTHREAD::NextProcessor
ULONG NextProcessor
Definition: ketypes.h:2068
_KTHREAD::ExplicitIdealProcessor
ULONG ExplicitIdealProcessor
Definition: ketypes.h:1899
_KTHREAD::EnableStackSwap
ULONG EnableStackSwap
Definition: ketypes.h:1892
_KTHREAD::WaitBlockFill8
UCHAR WaitBlockFill8[FIELD_OFFSET(KWAIT_BLOCK, SparePtr)]
Definition: ketypes.h:2018
_KTHREAD::MiscFlags
LONG MiscFlags
Definition: ketypes.h:1880
_KTHREAD::TimerActive
ULONG TimerActive
Definition: ketypes.h:1869
_KTHREAD::AbWaitEntryCount
UCHAR AbWaitEntryCount
Definition: ketypes.h:2176
_KTHREAD::AdjustIncrement
CHAR AdjustIncrement
Definition: ketypes.h:2092
_KTHREAD::HighCycleTime
volatile ULONG HighCycleTime
Definition: ketypes.h:1833
_KTHREAD::MutantListHead
LIST_ENTRY MutantListHead
Definition: ketypes.h:2172
_KTHREAD::SchedulerApcFill1
UCHAR SchedulerApcFill1[FIELD_OFFSET(KAPC, SpareByte1)]
Definition: ketypes.h:2144
_KTHREAD::PriorityFloorCounts
UCHAR PriorityFloorCounts[16]
Definition: ketypes.h:2189
_KTHREAD::ExplicitSystemHeteroCpuPolicy
UCHAR ExplicitSystemHeteroCpuPolicy
Definition: ketypes.h:1927
_KTHREAD::Tag
volatile UCHAR Tag
Definition: ketypes.h:1924
_KTHREAD::AbEntrySummary
UCHAR AbEntrySummary
Definition: ketypes.h:2175
_KTHREAD::KernelApcDisable
SHORT KernelApcDisable
Definition: ketypes.h:2043
_KTHREAD::AlertedByThreadId
ULONG AlertedByThreadId
Definition: ketypes.h:1890
_KTHREAD::IoSelfBoostsEntry
SINGLE_LIST_ENTRY IoSelfBoostsEntry
Definition: ketypes.h:2188
_KTHREAD::SuspendEvent
KEVENT SuspendEvent
Definition: ketypes.h:2170
_KTHREAD::Spare12
CHAR Spare12
Definition: ketypes.h:1954
_KTHREAD::PropagateBoostsEntry
SINGLE_LIST_ENTRY PropagateBoostsEntry
Definition: ketypes.h:2187
_KTHREAD::Header
DISPATCHER_HEADER Header
Definition: ketypes.h:1824
_KTHREAD::WaitRegister
KWAIT_STATUS_REGISTER WaitRegister
Definition: ketypes.h:1841
_KTHREAD::WaitBlockList
PKWAIT_BLOCK WaitBlockList
Definition: ketypes.h:1963
_KTHREAD::ProcessStackCountDecremented
ULONG ProcessStackCountDecremented
Definition: ketypes.h:1912
_KTHREAD::ContextSwitches
ULONG ContextSwitches
Definition: ketypes.h:1951
_KTHREAD::RelativeTimerBias
ULONG64 RelativeTimerBias
Definition: ketypes.h:1972
_KTHREAD::DisableStackCheck
ULONG DisableStackCheck
Definition: ketypes.h:1877
_KTHREAD::EtwStackTraceApcInserted
ULONG EtwStackTraceApcInserted
Definition: ketypes.h:1915
_KTHREAD::SavedApcStateFill
UCHAR SavedApcStateFill[FIELD_OFFSET(KAPC_STATE, UserApcPending)+1]
Definition: ketypes.h:2126
_KTHREAD::WaitBlockFill9
UCHAR WaitBlockFill9[1 *sizeof(KWAIT_BLOCK)+FIELD_OFFSET(KWAIT_BLOCK, SparePtr)]
Definition: ketypes.h:2023
_KTHREAD::Saturation
CHAR Saturation
Definition: ketypes.h:2129
_KTHREAD::StateSaveArea
XSAVE_FORMAT * StateSaveArea
Definition: ketypes.h:1839
_KTHREAD::SuspendCount
CHAR SuspendCount
Definition: ketypes.h:2128
_KTHREAD::DeferPreemption
ULONG DeferPreemption
Definition: ketypes.h:1896
_KTHREAD::Spare0
UCHAR Spare0
Definition: ketypes.h:1928
_KTHREAD::Timer
KTIMER Timer
Definition: ketypes.h:1974
_KTHREAD::WaitBlockFill11
UCHAR WaitBlockFill11[3 *sizeof(KWAIT_BLOCK)+FIELD_OFFSET(KWAIT_BLOCK, Object)]
Definition: ketypes.h:2033
_KTHREAD::StackLimit
volatile VOID * StackLimit
Definition: ketypes.h:1828
_KTHREAD::QueueListEntry
LIST_ENTRY QueueListEntry
Definition: ketypes.h:2055
_KTHREAD::ProcessDetachActive
ULONG ProcessDetachActive
Definition: ketypes.h:1871
_KTHREAD::ApcState
KAPC_STATE ApcState
Definition: ketypes.h:1941
_KTHREAD::SchedulingGroup
struct _KSCHEDULING_GROUP * SchedulingGroup
Definition: ketypes.h:1840
_KTHREAD::Process
PKPROCESS Process
Definition: ketypes.h:2071
_KTHREAD::WaitIrql
KIRQL WaitIrql
Definition: ketypes.h:1958
_KTHREAD::SchedulerApc
KAPC SchedulerApc
Definition: ketypes.h:2136
_KTHREAD::Preempted
UCHAR Preempted
Definition: ketypes.h:2090
_KTHREAD::UserTime
ULONG UserTime
Definition: ketypes.h:2166
_KTHREAD::UmsDirectedSwitchEnable
ULONG UmsDirectedSwitchEnable
Definition: ketypes.h:1868
_KTHREAD::ApcQueueable
ULONG ApcQueueable
Definition: ketypes.h:1874
_KTHREAD::ForegroundDpcStackListEntry
SINGLE_LIST_ENTRY ForegroundDpcStackListEntry
Definition: ketypes.h:2214
_KTHREAD::State
volatile UCHAR State
Definition: ketypes.h:1952
_KTHREAD::WaitNext
ULONG WaitNext
Definition: ketypes.h:1859
_KTHREAD::UserAffinityFill
UCHAR UserAffinityFill[FIELD_OFFSET(GROUP_AFFINITY, Reserved)]
Definition: ketypes.h:2078
_KTHREAD::ForceDeferSchedule
ULONG ForceDeferSchedule
Definition: ketypes.h:1898
_KTHREAD::WaitBlockCount
UCHAR WaitBlockCount
Definition: ketypes.h:2106
_KTIMER_TABLE_ENTRY
Definition: ketypes.h:937
_KTIMER_TABLE_ENTRY::Lock
KSPIN_LOCK Lock
Definition: ketypes.h:939
_KTIMER_TABLE_ENTRY::Time
ULARGE_INTEGER Time
Definition: ketypes.h:942
_KTIMER_TABLE_ENTRY::Entry
LIST_ENTRY Entry
Definition: ketypes.h:941
_KTIMER_TABLE
Definition: ketypes.h:946
_KTIMER_TABLE::TimerEntries
KTIMER_TABLE_ENTRY TimerEntries[256]
Definition: ketypes.h:948
_KTIMER_TABLE::TimerExpiry
PKTIMER TimerExpiry[64]
Definition: ketypes.h:947
_KTIMER
Definition: ketypes.h:851
_KTRAP_FRAME
Definition: ketypes.h:401
_KUSER_SHARED_DATA
Definition: ketypes.h:1271
_KUSER_SHARED_DATA::LangGenerationCount
ULONG LangGenerationCount
Definition: ketypes.h:1488
_KUSER_SHARED_DATA::CookiePad
ULONG CookiePad[1]
Definition: ketypes.h:1442
_KUSER_SHARED_DATA::QpcInterruptTimeIncrementShift
UCHAR QpcInterruptTimeIncrementShift
Definition: ketypes.h:1457
_KUSER_SHARED_DATA::XState
XSTATE_CONFIGURATION XState
Definition: ketypes.h:1526
_KUSER_SHARED_DATA::TscQpcShift
UCHAR TscQpcShift
Definition: ketypes.h:1352
_KUSER_SHARED_DATA::DbgStateSeparationEnabled
ULONG DbgStateSeparationEnabled
Definition: ketypes.h:1398
_KUSER_SHARED_DATA::ProductTypeIsValid
BOOLEAN ProductTypeIsValid
Definition: ketypes.h:1301
_KUSER_SHARED_DATA::DUMMYUNIONNAME2
union _KUSER_SHARED_DATA::@4261 DUMMYUNIONNAME2
_KUSER_SHARED_DATA::DUMMYUNIONNAME
union _KUSER_SHARED_DATA::@4260 DUMMYUNIONNAME
_KUSER_SHARED_DATA::AitSamplingValue
ULONG AitSamplingValue
Definition: ketypes.h:1286
_KUSER_SHARED_DATA::DbgInstallerDetectEnabled
ULONG DbgInstallerDetectEnabled
Definition: ketypes.h:1383
_KUSER_SHARED_DATA::SystemTime
volatile KSYSTEM_TIME SystemTime
Definition: ketypes.h:1275
_KUSER_SHARED_DATA::ActiveGroupCount
volatile UCHAR ActiveGroupCount
Definition: ketypes.h:1513
_KUSER_SHARED_DATA::Reserved
UCHAR Reserved
Definition: ketypes.h:1329
_KUSER_SHARED_DATA::TimeZoneBiasEffectiveStart
LARGE_INTEGER TimeZoneBiasEffectiveStart
Definition: ketypes.h:1524
_KUSER_SHARED_DATA::QpcSystemTimeIncrement
ULONGLONG QpcSystemTimeIncrement
Definition: ketypes.h:1453
_KUSER_SHARED_DATA::TickCountLowDeprecated
ULONG TickCountLowDeprecated
Definition: ketypes.h:1272
_KUSER_SHARED_DATA::NtProductType
NT_PRODUCT_TYPE NtProductType
Definition: ketypes.h:1300
_KUSER_SHARED_DATA::QpcData
USHORT QpcData
Definition: ketypes.h:1517
_KUSER_SHARED_DATA::DUMMYSTRUCTNAME2
struct _KUSER_SHARED_DATA::@4261::@4268 DUMMYSTRUCTNAME2
_KUSER_SHARED_DATA::SystemCallPad
ULONGLONG SystemCallPad[2]
Definition: ketypes.h:1417
_KUSER_SHARED_DATA::DbgConsoleBrokerEnabled
ULONG DbgConsoleBrokerEnabled
Definition: ketypes.h:1391
_KUSER_SHARED_DATA::ActiveProcessorCount
ULONG ActiveProcessorCount
Definition: ketypes.h:1510
_KUSER_SHARED_DATA::RNGSeedVersion
ULONGLONG RNGSeedVersion
Definition: ketypes.h:1288
_KUSER_SHARED_DATA::SystemCall
ULONG SystemCall
Definition: ketypes.h:1415
_KUSER_SHARED_DATA::TestRetInstruction
ULONGLONG TestRetInstruction
Definition: ketypes.h:1407
_KUSER_SHARED_DATA::SEHValidationPolicy
UCHAR SEHValidationPolicy
Definition: ketypes.h:1327
_KUSER_SHARED_DATA::QpcInterruptTimeIncrement
ULONGLONG QpcInterruptTimeIncrement
Definition: ketypes.h:1454
_KUSER_SHARED_DATA::ActiveConsoleId
volatile ULONG ActiveConsoleId
Definition: ketypes.h:1337
_KUSER_SHARED_DATA::InterruptTimeBias
volatile ULONGLONG InterruptTimeBias
Definition: ketypes.h:1502
_KUSER_SHARED_DATA::MitigationPolicies
UCHAR MitigationPolicies
Definition: ketypes.h:1323
_KUSER_SHARED_DATA::TscQpcData
UCHAR TscQpcData
Definition: ketypes.h:1347
_KUSER_SHARED_DATA::KdDebuggerEnabled
BOOLEAN KdDebuggerEnabled
Definition: ketypes.h:1320
_KUSER_SHARED_DATA::NtMajorVersion
ULONG NtMajorVersion
Definition: ketypes.h:1306
_KUSER_SHARED_DATA::AppCompatFlag
ULONG AppCompatFlag
Definition: ketypes.h:1287
_KUSER_SHARED_DATA::Reserved9
UCHAR Reserved9
Definition: ketypes.h:1514
_KUSER_SHARED_DATA::BaselineSystemTimeQpc
ULONGLONG BaselineSystemTimeQpc
Definition: ketypes.h:1451
_KUSER_SHARED_DATA::QpcShift
UCHAR QpcShift
Definition: ketypes.h:1521
_KUSER_SHARED_DATA::TscQpcEnabled
UCHAR TscQpcEnabled
Definition: ketypes.h:1350
_KUSER_SHARED_DATA::TickCountMultiplier
ULONG TickCountMultiplier
Definition: ketypes.h:1273
_KUSER_SHARED_DATA::ConsoleSessionForegroundProcessId
LONGLONG ConsoleSessionForegroundProcessId
Definition: ketypes.h:1443
_KUSER_SHARED_DATA::NativeProcessorArchitecture
USHORT NativeProcessorArchitecture
Definition: ketypes.h:1304
_KUSER_SHARED_DATA::CurDirDevicesSkippedForDlls
UCHAR CurDirDevicesSkippedForDlls
Definition: ketypes.h:1328
_KUSER_SHARED_DATA::QpcFrequency
ULONGLONG QpcFrequency
Definition: ketypes.h:1409
_KUSER_SHARED_DATA::DbgElevationEnabled
ULONG DbgElevationEnabled
Definition: ketypes.h:1381
_KUSER_SHARED_DATA::DUMMYSTRUCTNAME
struct _KUSER_SHARED_DATA::@4260::@4267 DUMMYSTRUCTNAME
_KUSER_SHARED_DATA::SharedDataFlags
ULONG SharedDataFlags
Definition: ketypes.h:1377
_KUSER_SHARED_DATA::NXSupportPolicy
UCHAR NXSupportPolicy
Definition: ketypes.h:1326
_KUSER_SHARED_DATA::QpcBias
volatile ULONGLONG QpcBias
Definition: ketypes.h:1509
_KUSER_SHARED_DATA::FeatureConfigurationChangeStamp
KSYSTEM_TIME FeatureConfigurationChangeStamp
Definition: ketypes.h:1543
_KUSER_SHARED_DATA::TimeZoneBiasStamp
volatile LONG TimeZoneBiasStamp
Definition: ketypes.h:1290
_KUSER_SHARED_DATA::ProcessorFeatures
BOOLEAN ProcessorFeatures[PROCESSOR_FEATURE_MAX]
Definition: ketypes.h:1308
_KUSER_SHARED_DATA::LastSystemRITEventTickCount
ULONG LastSystemRITEventTickCount
Definition: ketypes.h:1340
_KUSER_SHARED_DATA::NumberOfPhysicalPages
ULONG NumberOfPhysicalPages
Definition: ketypes.h:1341
_KUSER_SHARED_DATA::DbgMultiUsersInSessionSku
ULONG DbgMultiUsersInSessionSku
Definition: ketypes.h:1397
_KUSER_SHARED_DATA::BootId
ULONG BootId
Definition: ketypes.h:1314
_KUSER_SHARED_DATA::TickCountQuad
volatile ULONG64 TickCountQuad
Definition: ketypes.h:1424
_KUSER_SHARED_DATA::TickCount
volatile KSYSTEM_TIME TickCount
Definition: ketypes.h:1423
_KUSER_SHARED_DATA::LargePageMinimum
ULONG LargePageMinimum
Definition: ketypes.h:1283
_KUSER_SHARED_DATA::InterruptTime
volatile KSYSTEM_TIME InterruptTime
Definition: ketypes.h:1274
_KUSER_SHARED_DATA::SpareBits
ULONG SpareBits
Definition: ketypes.h:1399
_KUSER_SHARED_DATA::NtBuildNumber
ULONG NtBuildNumber
Definition: ketypes.h:1292
_KUSER_SHARED_DATA::CryptoExponent
ULONG CryptoExponent
Definition: ketypes.h:1281
_KUSER_SHARED_DATA::DbgSecureBootEnabled
ULONG DbgSecureBootEnabled
Definition: ketypes.h:1395
_KUSER_SHARED_DATA::TimeZoneId
ULONG TimeZoneId
Definition: ketypes.h:1282
_KUSER_SHARED_DATA::SafeBootMode
BOOLEAN SafeBootMode
Definition: ketypes.h:1342
_KUSER_SHARED_DATA::DbgMultiSessionSku
ULONG DbgMultiSessionSku
Definition: ketypes.h:1396
_KUSER_SHARED_DATA::TimeSlip
volatile ULONG TimeSlip
Definition: ketypes.h:1311
_KUSER_SHARED_DATA::TscQpcPad
UCHAR TscQpcPad[2]
Definition: ketypes.h:1355
_KUSER_SHARED_DATA::SystemExpirationDate
LARGE_INTEGER SystemExpirationDate
Definition: ketypes.h:1318
_KUSER_SHARED_DATA::NtMinorVersion
ULONG NtMinorVersion
Definition: ketypes.h:1307
_KUSER_SHARED_DATA::Cookie
ULONG Cookie
Definition: ketypes.h:1431
_KUSER_SHARED_DATA::NtSystemRoot
WCHAR NtSystemRoot[260]
Definition: ketypes.h:1279
_KUSER_SHARED_DATA::ImageNumberHigh
USHORT ImageNumberHigh
Definition: ketypes.h:1278
_KUSER_SHARED_DATA::ReservedTickCountOverlay
ULONG ReservedTickCountOverlay[3]
Definition: ketypes.h:1427
_KUSER_SHARED_DATA::QpcSystemTimeIncrementShift
UCHAR QpcSystemTimeIncrementShift
Definition: ketypes.h:1456
_KUSER_SHARED_DATA::Reserved1
ULONG Reserved1
Definition: ketypes.h:1309
_KUSER_SHARED_DATA::UserPointerAuthMask
ULONG64 UserPointerAuthMask
Definition: ketypes.h:1551
_KUSER_SHARED_DATA::MaxStackTraceDepth
ULONG MaxStackTraceDepth
Definition: ketypes.h:1280
_KUSER_SHARED_DATA::SuiteMask
ULONG SuiteMask
Definition: ketypes.h:1319
_KUSER_SHARED_DATA::DbgErrorPortPresent
ULONG DbgErrorPortPresent
Definition: ketypes.h:1380
_KUSER_SHARED_DATA::DbgVirtEnabled
ULONG DbgVirtEnabled
Definition: ketypes.h:1382
_KUSER_SHARED_DATA::DUMMYUNIONNAME3
union _KUSER_SHARED_DATA::@4262 DUMMYUNIONNAME3
_KUSER_SHARED_DATA::ImageFileExecutionOptions
ULONG ImageFileExecutionOptions
Definition: ketypes.h:1487
_KUSER_SHARED_DATA::CyclesPerYield
USHORT CyclesPerYield
Definition: ketypes.h:1333
_KUSER_SHARED_DATA::TscQpcSpareFlag
UCHAR TscQpcSpareFlag
Definition: ketypes.h:1351
_KUSER_SHARED_DATA::UnparkedProcessorCount
USHORT UnparkedProcessorCount
Definition: ketypes.h:1458
_KUSER_SHARED_DATA::ComPlusPackage
ULONG ComPlusPackage
Definition: ketypes.h:1339
_KUSER_SHARED_DATA::Spare
ULONG Spare
Definition: ketypes.h:1544
_KUSER_SHARED_DATA::TickCountPad
ULONG TickCountPad[1]
Definition: ketypes.h:1428
_KUSER_SHARED_DATA::Reserved0
BOOLEAN Reserved0[1]
Definition: ketypes.h:1302
_KUSER_SHARED_DATA::EnclaveFeatureMask
ULONG EnclaveFeatureMask[4]
Definition: ketypes.h:1459
_KUSER_SHARED_DATA::Reserved3
ULONG Reserved3
Definition: ketypes.h:1310
_KUSER_SHARED_DATA::AlternativeArchitecture
ALTERNATIVE_ARCHITECTURE_TYPE AlternativeArchitecture
Definition: ketypes.h:1312
_KUSER_SHARED_DATA::QpcBypassEnabled
volatile UCHAR QpcBypassEnabled
Definition: ketypes.h:1520
_KUSER_SHARED_DATA::TimeUpdateLock
ULONGLONG TimeUpdateLock
Definition: ketypes.h:1447
_KUSER_SHARED_DATA::DismountCount
volatile ULONG DismountCount
Definition: ketypes.h:1338
_KUSER_SHARED_DATA::TimeZoneBias
volatile KSYSTEM_TIME TimeZoneBias
Definition: ketypes.h:1276
_KUSER_SHARED_DATA::DbgLkgEnabled
ULONG DbgLkgEnabled
Definition: ketypes.h:1385
_KUSER_SHARED_DATA::TimeZoneBiasEffectiveEnd
LARGE_INTEGER TimeZoneBiasEffectiveEnd
Definition: ketypes.h:1525
_KUSER_SHARED_DATA::SystemCallPad0
ULONG SystemCallPad0
Definition: ketypes.h:1416
_KUSER_SHARED_DATA::BaselineInterruptTimeQpc
ULONGLONG BaselineInterruptTimeQpc
Definition: ketypes.h:1452
_KUSER_SHARED_DATA::DataFlagsPad
ULONG DataFlagsPad[1]
Definition: ketypes.h:1406
_KUSER_SHARED_DATA::DbgDynProcessorEnabled
ULONG DbgDynProcessorEnabled
Definition: ketypes.h:1389
_KUSER_SHARED_DATA::GlobalValidationRunlevel
ULONG GlobalValidationRunlevel
Definition: ketypes.h:1289
_KUSER_SHARED_DATA::UserModeGlobalLogger
USHORT UserModeGlobalLogger[16]
Definition: ketypes.h:1480
_KUSER_SHARED_DATA::TelemetryCoverageRound
ULONG TelemetryCoverageRound
Definition: ketypes.h:1460
_KUSER_SHARED_DATA::Reserved4
ULONGLONG Reserved4
Definition: ketypes.h:1491
_KUSER_SHARED_DATA::ImageNumberLow
USHORT ImageNumberLow
Definition: ketypes.h:1277
_KWAIT_BLOCK
Definition: ketypes.h:455
_LIST_ENTRY
Definition: typedefs.h:120
_LOADER_PARAMETER_BLOCK
Definition: arc.h:539
_PP_LOOKASIDE_LIST
Definition: ketypes.h:1033
_PP_LOOKASIDE_LIST::P
struct _GENERAL_LOOKASIDE * P
Definition: ketypes.h:1034
_PP_LOOKASIDE_LIST::L
struct _GENERAL_LOOKASIDE * L
Definition: ketypes.h:1035
_RTL_BALANCED_NODE
Definition: ntdef.template.h:322
_RTL_RB_TREE
FIXME: should move to rtltypes.h, but we can't include it here.
Definition: ketypes.h:1198
_RTL_RB_TREE::Root
PRTL_BALANCED_NODE Root
Definition: ketypes.h:1199
_RTL_RB_TREE::Min
PRTL_BALANCED_NODE Min
Definition: ketypes.h:1200
_SINGLE_LIST_ENTRY
Definition: ntbasedef.h:636
_SYNCH_COUNTERS
Definition: ketypes.h:958
_SYNCH_COUNTERS::ExTryToAcqExclusiveAcquires
ULONG ExTryToAcqExclusiveAcquires
Definition: ketypes.h:1000
_SYNCH_COUNTERS::ExTryToAcqExclusiveAttempts
ULONG ExTryToAcqExclusiveAttempts
Definition: ketypes.h:999
_SYNCH_COUNTERS::ExInitializeResourceCount
ULONG ExInitializeResourceCount
Definition: ketypes.h:965
_SYNCH_COUNTERS::ExecutiveResourceReleaseSharedCount
ULONG ExecutiveResourceReleaseSharedCount
Definition: ketypes.h:971
_SYNCH_COUNTERS::ExAcqResSharedAcquiresExclusive
ULONG ExAcqResSharedAcquiresExclusive
Definition: ketypes.h:979
_SYNCH_COUNTERS::ExAcqResExclusiveNotAcquires
ULONG ExAcqResExclusiveNotAcquires
Definition: ketypes.h:977
_SYNCH_COUNTERS::ExAcqResSharedStarveExclusiveNotAcquires
ULONG ExAcqResSharedStarveExclusiveNotAcquires
Definition: ketypes.h:989
_SYNCH_COUNTERS::ExSetResOwnerPointerSharedOld
ULONG ExSetResOwnerPointerSharedOld
Definition: ketypes.h:998
_SYNCH_COUNTERS::ExAcqResSharedWaitForExclusiveAcquiresSharedRecursive
ULONG ExAcqResSharedWaitForExclusiveAcquiresSharedRecursive
Definition: ketypes.h:993
_SYNCH_COUNTERS::ExAcqResExclusiveAcquiresExclusiveRecursive
ULONG ExAcqResExclusiveAcquiresExclusiveRecursive
Definition: ketypes.h:975
_SYNCH_COUNTERS::ExEtwSynchTrackingNotificationsAccountedCount
ULONG ExEtwSynchTrackingNotificationsAccountedCount
Definition: ketypes.h:1004
_SYNCH_COUNTERS::ExecutiveResourceConvertsCount
ULONG ExecutiveResourceConvertsCount
Definition: ketypes.h:972
_SYNCH_COUNTERS::ExecutiveResourceReleaseExclusiveCount
ULONG ExecutiveResourceReleaseExclusiveCount
Definition: ketypes.h:970
_SYNCH_COUNTERS::IpiSendRequestBroadcastCount
ULONG IpiSendRequestBroadcastCount
Definition: ketypes.h:962
_SYNCH_COUNTERS::ExAcqResExclusiveWaits
ULONG ExAcqResExclusiveWaits
Definition: ketypes.h:976
_SYNCH_COUNTERS::ExAcqResSharedWaitForExclusiveWaits
ULONG ExAcqResSharedWaitForExclusiveWaits
Definition: ketypes.h:994
_SYNCH_COUNTERS::ExAcqResSharedWaits
ULONG ExAcqResSharedWaits
Definition: ketypes.h:982
_SYNCH_COUNTERS::ExAcqResSharedWaitForExclusiveAcquiresExclusive
ULONG ExAcqResSharedWaitForExclusiveAcquiresExclusive
Definition: ketypes.h:991
_SYNCH_COUNTERS::SpinLockContentionCount
ULONG SpinLockContentionCount
Definition: ketypes.h:960
_SYNCH_COUNTERS::ExAcqResSharedStarveExclusiveAttempts
ULONG ExAcqResSharedStarveExclusiveAttempts
Definition: ketypes.h:984
_SYNCH_COUNTERS::ExAcqResSharedAttempts
ULONG ExAcqResSharedAttempts
Definition: ketypes.h:978
_SYNCH_COUNTERS::ExDeleteResourceCount
ULONG ExDeleteResourceCount
Definition: ketypes.h:967
_SYNCH_COUNTERS::ExecutiveResourceContentionsCount
ULONG ExecutiveResourceContentionsCount
Definition: ketypes.h:969
_SYNCH_COUNTERS::ExAcqResSharedWaitForExclusiveAttempts
ULONG ExAcqResSharedWaitForExclusiveAttempts
Definition: ketypes.h:990
_SYNCH_COUNTERS::ExAcqResSharedWaitForExclusiveNotAcquires
ULONG ExAcqResSharedWaitForExclusiveNotAcquires
Definition: ketypes.h:995
_SYNCH_COUNTERS::ExEtwSynchTrackingNotificationsCount
ULONG ExEtwSynchTrackingNotificationsCount
Definition: ketypes.h:1003
_SYNCH_COUNTERS::ExBoostSharedOwners
ULONG ExBoostSharedOwners
Definition: ketypes.h:1002
_SYNCH_COUNTERS::IpiSendRequestRoutineCount
ULONG IpiSendRequestRoutineCount
Definition: ketypes.h:963
_SYNCH_COUNTERS::ExAcqResSharedStarveExclusiveAcquiresSharedRecursive
ULONG ExAcqResSharedStarveExclusiveAcquiresSharedRecursive
Definition: ketypes.h:987
_SYNCH_COUNTERS::ExAcqResSharedStarveExclusiveAcquiresShared
ULONG ExAcqResSharedStarveExclusiveAcquiresShared
Definition: ketypes.h:986
_SYNCH_COUNTERS::ExAcqResSharedStarveExclusiveWaits
ULONG ExAcqResSharedStarveExclusiveWaits
Definition: ketypes.h:988
_SYNCH_COUNTERS::ExAcqResSharedAcquiresShared
ULONG ExAcqResSharedAcquiresShared
Definition: ketypes.h:980
_SYNCH_COUNTERS::SpinLockSpinCount
ULONG SpinLockSpinCount
Definition: ketypes.h:961
_SYNCH_COUNTERS::IpiSendSoftwareInterruptCount
ULONG IpiSendSoftwareInterruptCount
Definition: ketypes.h:964
_SYNCH_COUNTERS::ExSetResOwnerPointerExclusive
ULONG ExSetResOwnerPointerExclusive
Definition: ketypes.h:996
_SYNCH_COUNTERS::ExAcqResSharedNotAcquires
ULONG ExAcqResSharedNotAcquires
Definition: ketypes.h:983
_SYNCH_COUNTERS::ExReInitializeResourceCount
ULONG ExReInitializeResourceCount
Definition: ketypes.h:966
_SYNCH_COUNTERS::ExAcqResSharedWaitForExclusiveAcquiresShared
ULONG ExAcqResSharedWaitForExclusiveAcquiresShared
Definition: ketypes.h:992
_SYNCH_COUNTERS::ExecutiveResourceAcquiresCount
ULONG ExecutiveResourceAcquiresCount
Definition: ketypes.h:968
_SYNCH_COUNTERS::ExAcqResSharedStarveExclusiveAcquiresExclusive
ULONG ExAcqResSharedStarveExclusiveAcquiresExclusive
Definition: ketypes.h:985
_SYNCH_COUNTERS::ExAcqResExclusiveAttempts
ULONG ExAcqResExclusiveAttempts
Definition: ketypes.h:973
_SYNCH_COUNTERS::ExSetResOwnerPointerSharedNew
ULONG ExSetResOwnerPointerSharedNew
Definition: ketypes.h:997
_SYNCH_COUNTERS::ExAcqResExclusiveAcquiresExclusive
ULONG ExAcqResExclusiveAcquiresExclusive
Definition: ketypes.h:974
_SYNCH_COUNTERS::SpinLockAcquireCount
ULONG SpinLockAcquireCount
Definition: ketypes.h:959
_SYNCH_COUNTERS::ExBoostExclusiveOwner
ULONG ExBoostExclusiveOwner
Definition: ketypes.h:1001
_SYNCH_COUNTERS::ExAcqResSharedAcquiresSharedRecursive
ULONG ExAcqResSharedAcquiresSharedRecursive
Definition: ketypes.h:981
_TEB
Definition: compat.h:836
_ULARGE_INTEGER
Definition: ms-dtyp.idl:184
_XSTATE_CONFIGURATION
Definition: ketypes.h:1222
_XSTATE_CONFIGURATION::Size
ULONG Size
Definition: ketypes.h:1227
_XSTATE_CONFIGURATION::Features
XSTATE_FEATURE Features[MAXIMUM_XSTATE_FEATURES]
Definition: ketypes.h:1237
_XSTATE_CONFIGURATION::AllFeatureSize
ULONG AllFeatureSize
Definition: ketypes.h:1241
_XSTATE_CONFIGURATION::EnabledSupervisorFeatures
ULONG64 EnabledSupervisorFeatures
Definition: ketypes.h:1239
_XSTATE_CONFIGURATION::EnabledVolatileFeatures
ULONG64 EnabledVolatileFeatures
Definition: ketypes.h:1225
_XSTATE_CONFIGURATION::EnabledFeatures
ULONG64 EnabledFeatures
Definition: ketypes.h:1223
_XSTATE_CONFIGURATION::EnabledUserVisibleSupervisorFeatures
ULONG64 EnabledUserVisibleSupervisorFeatures
Definition: ketypes.h:1245
_XSTATE_CONFIGURATION::Spare
ULONG Spare
Definition: ketypes.h:1250
_XSTATE_CONFIGURATION::ControlFlags
ULONG ControlFlags
Definition: ketypes.h:1230
_XSTATE_CONFIGURATION::AllFeatures
ULONG AllFeatures[MAXIMUM_XSTATE_FEATURES]
Definition: ketypes.h:1242
_XSTATE_CONFIGURATION::AllNonLargeFeatureSize
ULONG AllNonLargeFeatureSize
Definition: ketypes.h:1249
_XSTATE_CONFIGURATION::ExtendedFeatureDisableFeatures
ULONG64 ExtendedFeatureDisableFeatures
Definition: ketypes.h:1248
_XSTATE_CONFIGURATION::CompactionEnabled
ULONG CompactionEnabled
Definition: ketypes.h:1234
_XSTATE_CONFIGURATION::AlignedFeatures
ULONG64 AlignedFeatures
Definition: ketypes.h:1240
_XSTATE_CONFIGURATION::OptimizedSave
ULONG OptimizedSave
Definition: ketypes.h:1233
_XSTATE_FEATURE
Definition: ketypes.h:1216
_XSTATE_FEATURE::Size
ULONG Size
Definition: ketypes.h:1218
_XSTATE_FEATURE::Offset
ULONG Offset
Definition: ketypes.h:1217
_XSTATE_SAVE
Definition: ketypes.h:989
MODE
#define MODE
Definition: telnetd.h:40
PULONG_PTR
uint32_t * PULONG_PTR
Definition: typedefs.h:65
INT_PTR
int32_t INT_PTR
Definition: typedefs.h:64
OPTIONAL
#define OPTIONAL
Definition: typedefs.h:41
PULONG
uint32_t * PULONG
Definition: typedefs.h:59
LONG64
int64_t LONG64
Definition: typedefs.h:68
FIELD_OFFSET
#define FIELD_OFFSET(t, f)
Definition: typedefs.h:255
LONGLONG
int64_t LONGLONG
Definition: typedefs.h:68
NTAPI
#define NTAPI
Definition: typedefs.h:36
PVOID
void * PVOID
Definition: typedefs.h:50
ULONG_PTR
uint32_t ULONG_PTR
Definition: typedefs.h:65
IN
#define IN
Definition: typedefs.h:39
PUCHAR
unsigned char * PUCHAR
Definition: typedefs.h:53
ULONG
uint32_t ULONG
Definition: typedefs.h:59
ULONGLONG
uint64_t ULONGLONG
Definition: typedefs.h:67
OUT
#define OUT
Definition: typedefs.h:40
CCHAR
char CCHAR
Definition: typedefs.h:51
CSHORT
short CSHORT
Definition: umtypes.h:127
_KWAIT_STATUS_REGISTER
Definition: ketypes.h:1161
_KWAIT_STATUS_REGISTER::Affinity
UCHAR Affinity
Definition: ketypes.h:1166
_KWAIT_STATUS_REGISTER::Priority
UCHAR Priority
Definition: ketypes.h:1167
_KWAIT_STATUS_REGISTER::Alert
UCHAR Alert
Definition: ketypes.h:1170
_KWAIT_STATUS_REGISTER::UserApc
UCHAR UserApc
Definition: ketypes.h:1169
_KWAIT_STATUS_REGISTER::Unused
UCHAR Unused
Definition: ketypes.h:1171
_KWAIT_STATUS_REGISTER::State
UCHAR State
Definition: ketypes.h:1165
_KWAIT_STATUS_REGISTER::Flags
UCHAR Flags
Definition: ketypes.h:1162
_KWAIT_STATUS_REGISTER::Apc
UCHAR Apc
Definition: ketypes.h:1168
_LARGE_INTEGER
Definition: typedefs.h:103
_SLIST_HEADER
Definition: rtltypes.h:138
Object
_Must_inspect_result_ _In_ WDFCOLLECTION _In_ WDFOBJECT Object
Definition: wdfcollection.h:123
PowerState
_Must_inspect_result_ _In_ PWDFDEVICE_INIT _In_ WDF_DEVICE_POWER_STATE PowerState
Definition: wdfdevice.h:3034
Reserved
_Reserved_ PVOID Reserved
Definition: winddi.h:3974
Affinity
_In_ ULONG _In_ ULONG _In_ ULONG _Out_ PKIRQL _Out_ PKAFFINITY Affinity
Definition: halfuncs.h:174
UserTime
_Out_ PULONG UserTime
Definition: kefuncs.h:759
Period
_In_ LARGE_INTEGER _In_ ULONG Period
Definition: kefuncs.h:1313
Limit
_In_ LONG _In_ LONG Limit
Definition: kefuncs.h:304
PXSTATE_CONFIGURATION
struct _XSTATE_CONFIGURATION * PXSTATE_CONFIGURATION
PROCESSOR_FEATURE_MAX
#define PROCESSOR_FEATURE_MAX
XSTATE_FEATURE
struct _XSTATE_FEATURE XSTATE_FEATURE
KUSER_SHARED_DATA
struct _KUSER_SHARED_DATA KUSER_SHARED_DATA
XSAVE_FORMAT
XSAVE_FORMAT
Definition: ketypes.h:963
PKSTART_ROUTINE
KSTART_ROUTINE * PKSTART_ROUTINE
Definition: ketypes.h:499
KSYSTEM_TIME
struct _KSYSTEM_TIME KSYSTEM_TIME
_KWAIT_REASON
_KWAIT_REASON
Definition: ketypes.h:414
WrLpcReply
@ WrLpcReply
Definition: ketypes.h:432
WrGuardedMutex
@ WrGuardedMutex
Definition: ketypes.h:450
WrPageIn
@ WrPageIn
Definition: ketypes.h:424
WrPoolAllocation
@ WrPoolAllocation
Definition: ketypes.h:425
Suspended
@ Suspended
Definition: ketypes.h:420
WrPageOut
@ WrPageOut
Definition: ketypes.h:434
PageIn
@ PageIn
Definition: ketypes.h:417
WrKernel
@ WrKernel
Definition: ketypes.h:441
PoolAllocation
@ PoolAllocation
Definition: ketypes.h:418
WrYieldExecution
@ WrYieldExecution
Definition: ketypes.h:448
WrUserRequest
@ WrUserRequest
Definition: ketypes.h:428
UserRequest
@ UserRequest
Definition: ketypes.h:421
WrLpcReceive
@ WrLpcReceive
Definition: ketypes.h:431
WrFreePage
@ WrFreePage
Definition: ketypes.h:423
DelayExecution
@ DelayExecution
Definition: ketypes.h:419
WrDispatchInt
@ WrDispatchInt
Definition: ketypes.h:446
WrMutex
@ WrMutex
Definition: ketypes.h:444
WrExecutive
@ WrExecutive
Definition: ketypes.h:422
WrQuantumEnd
@ WrQuantumEnd
Definition: ketypes.h:445
WrResource
@ WrResource
Definition: ketypes.h:442
WrEventPair
@ WrEventPair
Definition: ketypes.h:429
WrPushLock
@ WrPushLock
Definition: ketypes.h:443
WrPreempted
@ WrPreempted
Definition: ketypes.h:447
WrQueue
@ WrQueue
Definition: ketypes.h:430
MaximumWaitReason
@ MaximumWaitReason
Definition: ketypes.h:452
WrRendezvous
@ WrRendezvous
Definition: ketypes.h:435
FreePage
@ FreePage
Definition: ketypes.h:416
WrVirtualMemory
@ WrVirtualMemory
Definition: ketypes.h:433
WrDelayExecution
@ WrDelayExecution
Definition: ketypes.h:426
WrSuspended
@ WrSuspended
Definition: ketypes.h:427
Executive
@ Executive
Definition: ketypes.h:415
PXSTATE_FEATURE
struct _XSTATE_FEATURE * PXSTATE_FEATURE
KPROCESSOR_MODE
CCHAR KPROCESSOR_MODE
Definition: ketypes.h:7
PKSERVICE_ROUTINE
KSERVICE_ROUTINE * PKSERVICE_ROUTINE
Definition: ketypes.h:512
MAX_WOW64_SHARED_ENTRIES
#define MAX_WOW64_SHARED_ENTRIES
Definition: ketypes.h:1254
MAXIMUM_XSTATE_FEATURES
#define MAXIMUM_XSTATE_FEATURES
Definition: ketypes.h:1214
SystemArgument1
_In_opt_ PVOID _In_opt_ PVOID SystemArgument1
Definition: ketypes.h:688
KWAIT_BLOCK
struct _KWAIT_BLOCK KWAIT_BLOCK
_MODE
_MODE
Definition: ketypes.h:10
MaximumMode
@ MaximumMode
Definition: ketypes.h:13
KINTERRUPT_POLARITY
enum _KINTERRUPT_POLARITY KINTERRUPT_POLARITY
THREAD_WAIT_OBJECTS
#define THREAD_WAIT_OBJECTS
Definition: ketypes.h:492
_ALTERNATIVE_ARCHITECTURE_TYPE
_ALTERNATIVE_ARCHITECTURE_TYPE
Definition: ketypes.h:901
EndAlternatives
@ EndAlternatives
Definition: ketypes.h:904
StandardDesign
@ StandardDesign
Definition: ketypes.h:902
NEC98x86
@ NEC98x86
Definition: ketypes.h:903
PKAPC_STATE
* PKAPC_STATE
Definition: ketypes.h:1572
XSTATE_CONFIGURATION
struct _XSTATE_CONFIGURATION XSTATE_CONFIGURATION
PKUSER_SHARED_DATA
struct _KUSER_SHARED_DATA * PKUSER_SHARED_DATA
PKSYSTEM_TIME
struct _KSYSTEM_TIME * PKSYSTEM_TIME
PKINTERRUPT_ROUTINE
VOID(NTAPI * PKINTERRUPT_ROUTINE)(VOID)
Definition: ketypes.h:502
KWAIT_REASON
enum _KWAIT_REASON KWAIT_REASON
SystemArgument2
_In_opt_ PVOID _In_opt_ PVOID _In_opt_ PVOID SystemArgument2
Definition: ketypes.h:689
KAPC_STATE
KAPC_STATE
Definition: ketypes.h:1572
ALTERNATIVE_ARCHITECTURE_TYPE
enum _ALTERNATIVE_ARCHITECTURE_TYPE ALTERNATIVE_ARCHITECTURE_TYPE
StartRoutine
_In_ ULONG _In_opt_ POBJECT_ATTRIBUTES _In_opt_ HANDLE _Out_opt_ PCLIENT_ID _In_ PKSTART_ROUTINE StartRoutine
Definition: psfuncs.h:91
UCHAR
unsigned char UCHAR
Definition: xmlstorage.h:181
WCHAR
__wchar_t WCHAR
Definition: xmlstorage.h:180
CHAR
char CHAR
Definition: xmlstorage.h:175
TimerContext
_In_ PLARGE_INTEGER _In_opt_ PTIMER_APC_ROUTINE _In_opt_ PVOID TimerContext
Definition: zwfuncs.h:430